kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #170500
[Bug 1496073] Re: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO
This bug was fixed in the package linux-lts-utopic -
3.16.0-69.89~14.04.1
---------------
linux-lts-utopic (3.16.0-69.89~14.04.1) trusty; urgency=low
[ Brad Figg ]
* Release Tracking Bug
- LP: #1558760
[ Upstream Kernel Changes ]
* Revert "Revert "af_unix: Revert 'lock_interruptible' in stream receive
code""
linux-lts-utopic (3.16.0-68.88~14.04.1) trusty; urgency=low
[ Brad Figg ]
* Release Tracking Bug
- LP: #1558092
[ Upstream Kernel Changes ]
* Revert "ALSA: hda - Fix noise on Gigabyte Z170X mobo"
- LP: #1552180
* Revert "af_unix: Revert 'lock_interruptible' in stream receive code"
- LP: #1540731
* [media] usbvision fix overflow of interfaces array
- LP: #1552180
* [media] usbvision: fix leak of usb_dev on failure paths in
usbvision_probe()
- LP: #1552180
* [media] usbvision: fix crash on detecting device with invalid
configuration
- LP: #1552180
* tty: Fix unsafe ldisc reference via ioctl(TIOCGETD)
- LP: #1552180
* USB: serial: visor: fix crash on detecting device without write_urbs
- LP: #1552180
* ASN.1: Fix non-match detection failure on data overrun
- LP: #1552180
* iw_cxgb3: Fix incorrectly returning error on success
- LP: #1552180
* EVM: Use crypto_memneq() for digest comparisons
- LP: #1552180
* iio: adis_buffer: Fix out-of-bounds memory access
- LP: #1552180
* KVM: PPC: Fix emulation of H_SET_DABR/X on POWER8
- LP: #1552180
* x86/irq: Call chip->irq_set_affinity in proper context
- LP: #1552180
* ACPI / PCI / hotplug: unlock in error path in acpiphp_enable_slot()
- LP: #1552180
* usb: cdc-acm: handle unlinked urb in acm read callback
- LP: #1552180
* usb: cdc-acm: send zero packet for intel 7260 modem
- LP: #1552180
* cdc-acm:exclude Samsung phone 04e8:685d
- LP: #1552180
* usb: hub: do not clear BOS field during reset device
- LP: #1552180
* USB: cp210x: add ID for IAI USB to RS485 adaptor
- LP: #1552180
* USB: visor: fix null-deref at probe
- LP: #1552180
* USB: serial: option: Adding support for Telit LE922
- LP: #1552180
* ALSA: seq: Fix incorrect sanity check at snd_seq_oss_synth_cleanup()
- LP: #1552180
* ALSA: seq: Degrade the error message for too many opens
- LP: #1552180
* USB: serial: ftdi_sio: add support for Yaesu SCU-18 cable
- LP: #1552180
* USB: option: fix Cinterion AHxx enumeration
- LP: #1552180
* ALSA: compress: Disable GET_CODEC_CAPS ioctl for some architectures
- LP: #1552180
* ALSA: usb-audio: Fix TEAC UD-501/UD-503/NT-503 usb delay
- LP: #1552180
* virtio_pci: fix use after free on release
- LP: #1552180
* ALSA: bebob: Use a signed return type for get_formation_index
- LP: #1552180
* arm64: errata: Add -mpc-relative-literal-loads to build flags
- LP: #1533009, #1552180
* powerpc/eeh: Fix PE location code
- LP: #1552180
* SCSI: fix crashes in sd and sr runtime PM
- LP: #1552180
* n_tty: Fix unsafe reference to "other" ldisc
- LP: #1552180
* staging/speakup: Use tty_ldisc_ref() for paste kworker
- LP: #1552180
* ALSA: dummy: Disable switching timer backend via sysfs
- LP: #1552180
* drm/vmwgfx: respect 'nomodeset'
- LP: #1552180
* x86/mm/pat: Avoid truncation when converting cpa->numpages to address
- LP: #1552180
* perf annotate browser: Fix behaviour of Shift-Tab with nothing focussed
- LP: #1552180
* perf hists: Fix HISTC_MEM_DCACHELINE width setting
- LP: #1552180
* powerpc/perf: Remove PPMU_HAS_SSLOT flag for Power8
- LP: #1552180
* umount: Do not allow unmounting rootfs.
- LP: #1552180
* crypto: algif_skcipher - Require setkey before accept(2)
- LP: #1552180
* crypto: algif_skcipher - Add nokey compatibility path
- LP: #1552180
* crypto: algif_hash - Require setkey before accept(2)
- LP: #1552180
* crypto: skcipher - Add crypto_skcipher_has_setkey
- LP: #1552180
* crypto: algif_skcipher - Add key check exception for cipher_null
- LP: #1552180
* crypto: algif_hash - Remove custom release parent function
- LP: #1552180
* crypto: algif_skcipher - Remove custom release parent function
- LP: #1552180
* crypto: algif_hash - Fix race condition in hash_check_key
- LP: #1552180
* crypto: algif_skcipher - Fix race condition in skcipher_check_key
- LP: #1552180
* iio: add HAS_IOMEM dependency to VF610_ADC
- LP: #1552180
* iio: dac: mcp4725: set iio name property in sysfs
- LP: #1552180
* ASoC: rt5645: fix the shift bit of IN1 boost
- LP: #1552180
* cgroup: make sure a parent css isn't offlined before its children
- LP: #1552180
* PCI/AER: Flush workqueue on device remove to avoid use-after-free
- LP: #1552180
* libata: disable forced PORTS_IMPL for >= AHCI 1.3
- LP: #1552180
* mac80211: Requeue work after scan complete for all VIF types.
- LP: #1552180
* rfkill: fix rfkill_fop_read wait_event usage
- LP: #1552180
* crypto: shash - Fix has_key setting
- LP: #1552180
* drm/i915/dp: fall back to 18 bpp when sink capability is unknown
- LP: #1552180
* target: Fix WRITE_SAME/DISCARD conversion to linux 512b sectors
- LP: #1552180
* crypto: algif_hash - wait for crypto_ahash_init() to complete
- LP: #1552180
* iio: inkern: fix a NULL dereference on error
- LP: #1552180
* iio: pressure: mpl115: fix temperature offset sign
- LP: #1552180
* intel_scu_ipcutil: underflow in scu_reg_access()
- LP: #1552180
* ALSA: seq: Fix race at closing in virmidi driver
- LP: #1552180
* ALSA: rawmidi: Remove kernel WARNING for NULL user-space buffer check
- LP: #1552180
* ALSA: pcm: Fix potential deadlock in OSS emulation
- LP: #1552180
* ALSA: seq: Fix yet another races among ALSA timer accesses
- LP: #1552180
* ALSA: timer: Code cleanup
- LP: #1552180
* ALSA: timer: Fix link corruption due to double start or stop
- LP: #1552180
* libata: fix sff host state machine locking while polling
- LP: #1552180
* MIPS: Fix buffer overflow in syscall_get_arguments()
- LP: #1552180
* cputime: Prevent 32bit overflow in time[val|spec]_to_cputime()
- LP: #1552180
* ASoC: dpcm: fix the BE state on hw_free
- LP: #1552180
* module: wrapper for symbol name.
- LP: #1552180
* ALSA: hda - Add fixup for Mac Mini 7,1 model
- LP: #1552180
* ALSA: rawmidi: Make snd_rawmidi_transmit() race-free
- LP: #1552180
* ALSA: rawmidi: Fix race at copying & updating the position
- LP: #1552180
* ALSA: seq: Fix lockdep warnings due to double mutex locks
- LP: #1552180
* drivers/scsi/sg.c: mark VMA as VM_IO to prevent migration
- LP: #1552180
* radix-tree: fix race in gang lookup
- LP: #1552180
* usb: xhci: apply XHCI_PME_STUCK_QUIRK to Intel Broxton-M platforms
- LP: #1552180
* xhci: Fix list corruption in urb dequeue at host removal
- LP: #1552180
* [media] tda1004x: only update the frontend properties if locked
- LP: #1552180
* ALSA: timer: Fix leftover link at closing
- LP: #1552180
* [media] saa7134-alsa: Only frees registered sound cards
- LP: #1552180
* Btrfs: fix hang on extent buffer lock caused by the inode_paths ioctl
- LP: #1552180
* scsi_dh_rdac: always retry MODE SELECT on command lock violation
- LP: #1552180
* SCSI: Add Marvell Console to VPD blacklist
- LP: #1552180
* drm: Add drm_fixp_from_fraction and drm_fixp2int_ceil
- LP: #1552180
* ALSA: hda - Fix static checker warning in patch_hdmi.c
- LP: #1552180
* dump_stack: avoid potential deadlocks
- LP: #1552180
* mm, vmstat: fix wrong WQ sleep when memory reclaim doesn't make any
progress
- LP: #1552180
* ocfs2/dlm: clear refmap bit of recovery lock while doing local recovery
cleanup
- LP: #1552180
* mm: replace vma_lock_anon_vma with anon_vma_lock_read/write
- LP: #1552180
* radix-tree: fix oops after radix_tree_iter_retry
- LP: #1552180
* crypto: user - lock crypto_alg_list on alg dump
- LP: #1552180
* serial: omap: Prevent DoS using unprivileged ioctl(TIOCSRS485)
- LP: #1552180
* pty: fix possible use after free of tty->driver_data
- LP: #1552180
* pty: make sure super_block is still valid in final /dev/tty close
- LP: #1552180
* ALSA: hda - Fix speaker output from VAIO AiO machines
- LP: #1552180
* klist: fix starting point removed bug in klist iterators
- LP: #1552180
* ALSA: dummy: Implement timer backend switching more safely
- LP: #1552180
* ALSA: timer: Fix wrong instance passed to slave callbacks
- LP: #1552180
* ARM: 8517/1: ICST: avoid arithmetic overflow in icst_hz()
- LP: #1552180
* ALSA: timer: Fix race between stop and interrupt
- LP: #1552180
* ALSA: timer: Fix race at concurrent reads
- LP: #1552180
* phy: twl4030-usb: Relase usb phy on unload
- LP: #1552180
* ahci: Intel DNV device IDs SATA
- LP: #1552180
* workqueue: handle NUMA_NO_NODE for unbound pool_workqueue lookup
- LP: #1552180
* drm/radeon: hold reference to fences in radeon_sa_bo_new
- LP: #1552180
* ARM: 8519/1: ICST: try other dividends than 1
- LP: #1552180
* btrfs: properly set the termination value of ctx->pos in readdir
- LP: #1552180
* net: phy: Fix phy_mac_interrupt()
- LP: #1552180
* af_unix: fix struct pid memory leak
- LP: #1552180
* pptp: fix illegal memory access caused by multiple bind()s
- LP: #1552180
* sctp: allow setting SCTP_SACK_IMMEDIATELY by the application
- LP: #1552180
* netlink: not trim skb for mmaped socket when dump
- LP: #1552180
* unix: correctly track in-flight fds in sending process user_struct
- LP: #1552180
* ipv6: fix a lockdep splat
- LP: #1552180
* sctp: translate network order to host order when users get a hmacid
- LP: #1552180
* IB/mlx5: Fix RC transport send queue overhead computation
- LP: #1552180
* pipe: limit the per-user amount of pages allocated in pipes
- LP: #1552180
* net: phy: fix PHY_RUNNING in phy_state_machine
- LP: #1552180
* net: phy: Avoid polling PHY with PHY_IGNORE_INTERRUPTS
- LP: #1552180
* Linux 3.16.7-ckt25
- LP: #1552180
* net: generic dev_disable_lro() stacked device handling
- LP: #1547680
* seccomp: cap SECCOMP_RET_ERRNO data to MAX_ERRNO
- LP: #1496073
* sched/numa: Fix unsafe get_task_struct() in task_numa_assign()
- LP: #1527643
* sched/numa: Fix use-after-free bug in the task_numa_compare
- LP: #1527643
-- Brad Figg <brad.figg@xxxxxxxxxxxxx> Thu, 17 Mar 2016 12:44:45 -0700
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1496073
Title:
Request cherry-pick of upstream kernel patch which caps
SECCOMP_RET_ERRNO to MAX_ERRNO
Status in linux package in Ubuntu:
Invalid
Status in linux-lts-utopic package in Ubuntu:
New
Status in linux source package in Trusty:
Fix Released
Status in linux-lts-utopic source package in Trusty:
Fix Released
Status in linux source package in Vivid:
Fix Released
Bug description:
The seccomp regression tests are failing due to SRU kernels not having
the relevant commit:
Author: Kees Cook <keescook@xxxxxxxxxxxx>
Date: Tue Feb 17 13:48:00 2015 -0800
seccomp: cap SECCOMP_RET_ERRNO data to MAX_ERRNO
The value resulting from the SECCOMP_RET_DATA mask could exceed MAX_ERRNO
when setting errno during a SECCOMP_RET_ERRNO filter action. This makes
sure we have a reliable value being set, so that an invalid errno will not
be ignored by userspace.
Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
Reported-by: Dmitry V. Levin <ldv@xxxxxxxxxxxx>
Cc: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
Cc: Will Drewry <wad@xxxxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
Signed-off-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
SRU Justification
Impact:
Upstream regression tests are reporting errors.
Test Case:
Run the upstream regression tests and verify they are passing
cleanly.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1496073/+subscriptions
References