From ada12cc14bc1fad5989accbf9279f8549ed2de86 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Fri, 21 Feb 2020 17:48:34 +0100 Subject: [PATCH] Update to 4.19.103 Add CVE id reference for CVE-2019-3016 Cleanup debian/changelog file --- debian/changelog | 189 ++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 188 insertions(+), 1 deletion(-) diff --git a/debian/changelog b/debian/changelog index f76eed694..1620f547b 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,4 +1,4 @@ -linux (4.19.102-1) UNRELEASED; urgency=medium +linux (4.19.103-1) UNRELEASED; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.99 @@ -620,6 +620,193 @@ linux (4.19.102-1) UNRELEASED; urgency=medium - btrfs: do not zero f_bavail if we have available space - perf report: Fix no libunwind compiled warning break s390 issue - mm/migrate.c: also overwrite error when it is bigger than zero + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.103 + - [armhf] Revert "drm/sun4i: dsi: Change the start delay calculation" + - ovl: fix lseek overflow on 32bit + - kernel/module: Fix memleak in module_add_modinfo_attrs() + - media: iguanair: fix endpoint sanity check + - ocfs2: fix oops when writing cloned file + - [x86] cpu: Update cached HLE state on write to TSX_CTRL_CPUID_CLEAR + - udf: Allow writing to 'Rewritable' partitions + - printk: fix exclusive_console replaying + - iwlwifi: mvm: fix NVM check for 3168 devices + - gtp: use __GFP_NOWARN to avoid memalloc warning + - l2tp: Allow duplicate session creation with UDP + - net_sched: fix an OOB access in cls_tcindex + - [arm64,armhf] net: stmmac: Delete txtimer in suspend() + - bnxt_en: Fix TC queue mapping. + - tcp: clear tp->total_retrans in tcp_disconnect() + - tcp: clear tp->delivered in tcp_disconnect() + - tcp: clear tp->data_segs{in|out} in tcp_disconnect() + - tcp: clear tp->segs_{in|out} in tcp_disconnect() + - rxrpc: Fix use-after-free in rxrpc_put_local() + - rxrpc: Fix insufficient receive notification generation + - rxrpc: Fix missing active use pinning of rxrpc_local object + - rxrpc: Fix NULL pointer deref due to call->conn being cleared on + disconnect + - media: uvcvideo: Avoid cyclic entity chains due to malformed USB + descriptors + - ipc/msg.c: consolidate all xxxctl_down() functions + - tracing: Fix sched switch start/stop refcount racy updates + - rcu: Avoid data-race in rcu_gp_fqs_check_wake() + - brcmfmac: Fix memory leak in brcmf_usbdev_qinit + - usb: gadget: f_ncm: Use atomic_t to track in-flight request + - usb: gadget: f_ecm: Use atomic_t to track in-flight request + - ALSA: usb-audio: Fix endianess in descriptor validation + - ALSA: dummy: Fix PCM format loop in proc output + - mm/memory_hotplug: fix remove_memory() lockdep splat + - mm: move_pages: report the number of non-attempted pages + - media/v4l2-core: set pages dirty upon releasing DMA buffers + - media: v4l2-core: compat: ignore native command codes + - media: v4l2-rect.h: fix v4l2_rect_map_inside() top/left adjustments + - irqdomain: Fix a memory leak in irq_domain_push_irq() + - [x86] platform/x86: intel_scu_ipc: Fix interrupt support + - ALSA: hda: Add Clevo W65_67SB the power_save blacklist + - [arm64] KVM: Correct PSTATE on exception entry + - [arm64,armhf] KVM: Correct CPSR on exception entry + - [arm64,armhf] KVM: Correct AArch32 SPSR on exception entry + - [arm64] KVM: Only sign-extend MMIO up to register width + - [s390x] mm: fix dynamic pagetable upgrade for hugetlbfs + - [powerpc*] pseries: Advance pfn if section is not present in + lmb_is_removable() + - smb3: fix signing verification of large reads + - [arm64,armhf] PCI: tegra: Fix return value check of + pm_runtime_get_sync() + - [arm64,armhf] mmc: spi: Toggle SPI polarity, do not hardcode it + - ACPI: video: Do not export a non working backlight interface on MSI + MS-7721 boards + - [x86] ACPI / battery: Deal with design or full capacity being reported + as -1 + - [x86] ACPI / battery: Use design-cap for capacity calculations if + full-cap is not available + - [x86] ACPI / battery: Deal better with neither design nor full capacity + not being reported + - alarmtimer: Unregister wakeup source when module get fails + - ubifs: Reject unsupported ioctl flags explicitly + - ubifs: don't trigger assertion on invalid no-key filename + - ubifs: Fix FS_IOC_SETFLAGS unexpectedly clearing encrypt flag + - ubifs: Fix deadlock in concurrent bulk-read and writepage + - [i386] crypto: geode-aes - convert to skcipher API and make thread-safe + - [x86] hv_balloon: Balloon up according to request page number + - mfd: axp20x: Mark AXP20X_VBUS_IPSOUT_MGMT as volatile + - crypto: api - Check spawn->alg under lock in crypto_drop_spawn + - scsi: qla2xxx: Fix mtcp dump collection failure + - ovl: fix wrong WARN_ON() in ovl_cache_update_ino() + - f2fs: choose hardlimit when softlimit is larger than hardlimit in + f2fs_statfs_project() + - f2fs: fix miscounted block limit in f2fs_statfs_project() + - f2fs: code cleanup for f2fs_statfs_project() + - PM: core: Fix handling of devices deleted during system-wide resume + - dm zoned: support zone sizes smaller than 128MiB + - dm space map common: fix to ensure new block isn't already in use + - dm crypt: fix benbi IV constructor crash if used in authenticated mode + - dm: fix potential for q->make_request_fn NULL pointer + - dm writecache: fix incorrect flush sequence when doing SSD mode commit + - padata: Remove broken queue flushing + - tracing: Annotate ftrace_graph_hash pointer with __rcu + - tracing: Annotate ftrace_graph_notrace_hash pointer with __rcu + - ftrace: Add comment to why rcu_dereference_sched() is open coded + - ftrace: Protect ftrace_graph_hash with ftrace_sync + - [x86] crypto: ccp - set max RSA modulus size for v3 platform devices as + well + - crypto: pcrypt - Do not clear MAY_SLEEP flag in original request + - crypto: api - Fix race condition in crypto_spawn_alg + - scsi: qla2xxx: Fix unbound NVME response length + - NFS: Fix memory leaks and corruption in readdir + - NFS: Directory page cache pages need to be locked when read + - jbd2_seq_info_next should increase position index + - Btrfs: fix missing hole after hole punching and fsync when using + NO_HOLES + - btrfs: set trans->drity in btrfs_commit_transaction + - Btrfs: fix race between adding and putting tree mod seq elements and + nodes + - [armhf] tegra: Enable PLLP bypass during Tegra124 LP1 + - iwlwifi: don't throw error when trying to remove IGTK + - mwifiex: fix unbalanced locking in mwifiex_process_country_ie() + - sunrpc: expiry_time should be seconds not timeval + - gfs2: move setting current->backing_dev_info + - gfs2: fix O_SYNC write handling + - drm/rect: Avoid division by zero + - media: rc: ensure lirc is initialized before registering input device + - xen/balloon: Support xend-based toolstack take two + - watchdog: fix UAF in reboot notifier handling in watchdog core code + - bcache: add readahead cache policy options via sysfs interface + - eventfd: track eventfd_signal() recursion depth + - aio: prevent potential eventfd recursion on poll + - [x86] KVM: Refactor picdev_write() to prevent Spectre-v1/L1TF attacks + - [x86] KVM: Refactor prefix decoding to prevent Spectre-v1/L1TF attacks + - [x86] KVM: Protect pmu_intel.c from Spectre-v1/L1TF attacks + - [x86] KVM: Protect DR-based index computations from Spectre-v1/L1TF + attacks + - [x86] KVM: Protect kvm_lapic_reg_write() from Spectre-v1/L1TF attacks + - [x86] KVM: Protect kvm_hv_msr_[get|set]_crash_data() from Spectre-v1/L1TF + attacks + - [x86] KVM: Protect ioapic_write_indirect() from Spectre-v1/L1TF attacks + - [x86] KVM: Protect MSR-based index computations in pmu.h from + Spectre-v1/L1TF attacks + - [x86] KVM: Protect ioapic_read_indirect() from Spectre-v1/L1TF attacks + - [x86] KVM: Protect MSR-based index computations from Spectre-v1/L1TF + attacks in x86.c + - [x86] KVM: Protect x86_decode_insn from Spectre-v1/L1TF attacks + - [x86] KVM: Protect MSR-based index computations in + fixed_msr_to_seg_unit() from Spectre-v1/L1TF attacks + - [x86] KVM: Fix potential put_fpu() w/o load_fpu() on MPX platform + - [ppc64el] KVM: Book3S HV: Uninit vCPU if vcore creation fails + - [ppc64el] KVM: Book3S PR: Free shared page if mmu initialization fails + - [x86] kvm: Be careful not to clear KVM_VCPU_FLUSH_TLB bit + (CVE-2019-3016) + - [x86] KVM: Don't let userspace set host-reserved cr4 bits + - [x86] KVM: Free wbinvd_dirty_mask if vCPU creation fails + - [s390x] KVM: do not clobber registers during guest reset/store status + - [arm64,armhf] clk: tegra: Mark fuse clock as critical + - percpu: Separate decrypted varaibles anytime encryption can be enabled + - scsi: qla2xxx: Fix the endianness of the qla82xx_get_fw_size() return + type + - scsi: csiostor: Adjust indentation in csio_device_reset + - scsi: qla4xxx: Adjust indentation in qla4xxx_mem_free + - scsi: ufs: Recheck bkops level if bkops is disabled + - [arm64] phy: qualcomm: Adjust indentation in read_poll_timeout + - ext2: Adjust indentation in ext2_fill_super + - [arm64] drm: msm: mdp4: Adjust indentation in mdp4_dsi_encoder_enable + - IB/mlx5: Fix outstanding_pi index for GSI qps + - IB/core: Fix ODP get user pages flow + - nfsd: fix delay timer on 32-bit architectures + - nfsd: fix jiffies/time_t mixup in LRU list + - nfsd: Return the correct number of bytes written to the file + - ubi: fastmap: Fix inverted logic in seen selfcheck + - ubi: Fix an error pointer dereference in error handling code + - bonding/alb: properly access headers in bond_alb_xmit() + - [armhf] net: dsa: bcm_sf2: Only 7278 supports 2Gb/sec IMP port + - [arm64,armhf] net: mvneta: move rx_dropped and rx_errors in per-cpu + stats + - net_sched: fix a resource leak in tcindex_set_parms() + - net/mlx5: IPsec, Fix esp modify function attribute + - net/mlx5: IPsec, fix memory leak at mlx5_fpga_ipsec_delete_sa_ctx + - [arm64] net: macb: Remove unnecessary alignment check for TSO + - [arm64] net: macb: Limit maximum GEM TX length in TSO + - [armhf] net: dsa: b53: Always use dev->vlan_enabled in + b53_configure_vlan() + - ext4: fix deadlock allocating crypto bounce page from mempool + - btrfs: use bool argument in free_root_pointers() + - btrfs: free block groups after free'ing fs trees + - drm/dp_mst: Remove VCPI while disabling topology mgr + - btrfs: flush write bio if we loop in extent_write_cache_pages + - [x86] KVM: mmu: Apply max PA check for MMIO sptes to 32-bit KVM + - [x86] KVM: Use gpa_t for cr2/gpa to fix TDP support on 32-bit KVM + - [x86] KVM: VMX: Add non-canonical check on writes to RTIT address MSRs + - [x86] KVM: nVMX: vmread should not set rflags to specify success in case + of #PF + - KVM: Use vcpu-specific gva->hva translation when querying host page size + - KVM: Play nice with read-only memslots when querying host page size + - mm: zero remaining unavailable struct pages + - mm: return zero_resv_unavail optimization + - mm/page_alloc.c: fix uninitialized memmaps on a partially populated last + section + - cifs: fail i/o on soft mounts if sessionsetup errors out + - [x86] apic/msi: Plug non-maskable MSI affinity race + - clocksource: Prevent double add_timer_on() for watchdog_timer + - perf/core: Fix mlock accounting in perf_mmap() + - rxrpc: Fix service call disconnection [ Salvatore Bonaccorso ] * Refresh "Revert "objtool: Fix CONFIG_STACK_VALIDATION=y warning for