kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #83786
[Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
This bug was fixed in the package linux - 3.13.0-37.64
---------------
linux (3.13.0-37.64) trusty; urgency=low
[ Joseph Salisbury ]
* Release Tracking Bug
- LP: #1372576
[ dann frazier ]
* [Config] CONFIG_HW_RANDOM_XGENE=m on arm64
[ Edward Lin ]
* SAUCE: Add use_native_backlight quirk for Dell Inspiron 5721/3521
- LP: #1354253, #1354313
[ Tim Gardner ]
* SAUCE: Fix nfs oops stable regression
- LP: #1348670
* [Config] Add mpt3sas to d-i
- LP: #1368907
* [Config] CONFIG_X86_16BIT=y
- LP: #1371601
[ Timo Aaltonen ]
* SAUCE: i915_bdw: Rebase to v3.15.8
- LP: #1359213
[ Upstream Kernel Changes ]
* Revert "x86-64, modify_ldt: Make support for 16-bit segments a runtime
option"
- LP: #1371601
* mmc: rtsx: add R1-no-CRC mmc command type handle
- LP: #1365378
* rpc_pipe: remove the clntXX dir if creating the pipe fails
- LP: #1365869
* sunrpc: add an "info" file for the dummy gssd pipe
- LP: #1365869
* rpc_pipe: fix cleanup of dummy gssd directory when notification fails
- LP: #1365869
* hwrng: xgene - add support for APM X-Gene SoC RNG support
- LP: #1365593
* Documentation: rng: Add X-Gene SoC RNG driver documentation
- LP: #1365593
* arm64: dts: add random number generator dts node to APM X-Gene
platform.
- LP: #1365593
* xen/balloon: cancel ballooning if adding new memory failed
- LP: #1304001
* x86/xen: resume timer irqs early
- LP: #1368724
* xen/manage: Always freeze/thaw processes when suspend/resuming
- LP: #1368724
* scsi_transport_sas: move bsg destructor into sas_rphy_remove
- LP: #1368991
* drm/i915: Enable 5.4Ghz (HBR2) link rate for Displayport 1.2-capable
devices
- LP: #1369633
* bnx2x: Fix link for KR with swapped polarity lane
- LP: #1370716
* drm: add DRM_CAPs for cursor size
- LP: #1359213
* drm/dp: Add AUX channel infrastructure
- LP: #1359213
* drm/dp: Add drm_dp_dpcd_read_link_status()
- LP: #1359213
* drm/dp: Add DisplayPort link helpers
- LP: #1359213
* drm/dp: Allow registering AUX channels as I2C busses
- LP: #1359213
* drm/dp: let drivers specify the name of the I2C-over-AUX adapter
- LP: #1359213
* drm/dp: make aux retries less chatty
- LP: #1359213
* Bluetooth: Enable Atheros 0cf3:311e for firmware upload
- LP: #1371477
* bnx2x: fix crash during TSO tunneling
- LP: #1371601
* inetpeer: get rid of ip_id_count
- LP: #1371601
* ip: make IP identifiers less predictable
- LP: #1371601
* tcp: Fix integer-overflows in TCP veno
- LP: #1371601
* tcp: Fix integer-overflow in TCP vegas
- LP: #1371601
* macvlan: Initialize vlan_features to turn on offload support.
- LP: #1371601
* net: Correctly set segment mac_len in skb_segment().
- LP: #1371601
* iovec: make sure the caller actually wants anything in
memcpy_fromiovecend
- LP: #1371601
* batman-adv: Fix out-of-order fragmentation support
- LP: #1371601
* sctp: fix possible seqlock seadlock in sctp_packet_transmit()
- LP: #1371601
* sparc64: Fix argument sign extension for compat_sys_futex().
- LP: #1371601
* sparc64: Make itc_sync_lock raw
- LP: #1371601
* sparc64: Fix executable bit testing in set_pmd_at() paths.
- LP: #1371601
* sparc64: Fix huge PMD invalidation.
- LP: #1371601
* sparc64: Fix bugs in get_user_pages_fast() wrt. THP.
- LP: #1371601
* sparc64: Fix hex values in comment above pte_modify().
- LP: #1371601
* sparc64: Don't use _PAGE_PRESENT in pte_modify() mask.
- LP: #1371601
* sparc64: Handle 32-bit tasks properly in compute_effective_address().
- LP: #1371601
* sparc64: Fix top-level fault handling bugs.
- LP: #1371601
* sparc64: Fix range check in kern_addr_valid().
- LP: #1371601
* sparc64: Use 'ILOG2_4MB' instead of constant '22'.
- LP: #1371601
* sparc64: Add basic validations to {pud,pmd}_bad().
- LP: #1371601
* sparc64: Give more detailed information in {pgd,pmd}_ERROR() and kill
pte_ERROR().
- LP: #1371601
* sparc64: Don't bark so loudly about 32-bit tasks generating 64-bit
fault addresses.
- LP: #1371601
* sparc64: Fix huge TSB mapping on pre-UltraSPARC-III cpus.
- LP: #1371601
* sparc64: Add membar to Niagara2 memcpy code.
- LP: #1371601
* sparc64: Do not insert non-valid PTEs into the TSB hash table.
- LP: #1371601
* sparc64: Guard against flushing openfirmware mappings.
- LP: #1371601
* bbc-i2c: Fix BBC I2C envctrl on SunBlade 2000
- LP: #1371601
* sunsab: Fix detection of BREAK on sunsab serial console
- LP: #1371601
* sparc64: ldc_connect() should not return EINVAL when handshake is in
progress.
- LP: #1371601
* arch/sparc/math-emu/math_32.c: drop stray break operator
- LP: #1371601
* x86-64, espfix: Don't leak bits 31:16 of %esp returning to 16-bit stack
- LP: #1371601
* x86, espfix: Move espfix definitions into a separate header file
- LP: #1371601
* x86, espfix: Fix broken header guard
- LP: #1371601
* x86, espfix: Make espfix64 a Kconfig option, fix UML
- LP: #1371601
* x86, espfix: Make it possible to disable 16-bit support
- LP: #1371601
* x86_64/entry/xen: Do not invoke espfix64 on Xen
- LP: #1371601
* ALSA: usb-audio: fix BOSS ME-25 MIDI regression
- LP: #1371601
* ASoC: wm8994: Prevent double lock of accdet_lock mutex on wm1811
- LP: #1371601
* v4l: vsp1: Remove the unneeded vsp1_video_buffer video field
- LP: #1371601
* ASoC: max98090: Fix missing free_irq
- LP: #1371601
* KVM: x86: Inter-privilege level ret emulation is not implemeneted
- LP: #1371601
* au0828: Only alt setting logic when needed
- LP: #1371601
* ASoC: pcm: fix dpcm_path_put in dpcm runtime update
- LP: #1371601
* crypto: ux500 - make interrupt mode plausible
- LP: #1371601
* Bluetooth: btmrvl: wait for HOST_SLEEP_ENABLE event in suspend
- LP: #1371601
* ASoC: adau1701: fix adau1701_reg_read()
- LP: #1371601
* ASoC: wm_adsp: Add missing MODULE_LICENSE
- LP: #1371601
* regulator: arizona-ldo1: remove bypass functionality
- LP: #1371601
* ASoC: samsung: Correct I2S DAI suspend/resume ops
- LP: #1371601
* drm/tilcdc: panel: fix dangling sysfs connector node
- LP: #1371601
* drm/tilcdc: slave: fix dangling sysfs connector node
- LP: #1371601
* drm/tilcdc: tfp410: fix dangling sysfs connector node
- LP: #1371601
* drm/tilcdc: panel: fix leak when unloading the module
- LP: #1371601
* drm/tilcdc: fix release order on exit
- LP: #1371601
* drm/tilcdc: fix double kfree
- LP: #1371601
* ACPICA: Utilities: Fix memory leak in acpi_ut_copy_iobject_to_iobject
- LP: #1371601
* stable_kernel_rules: Add pointer to netdev-FAQ for network patches
- LP: #1371601
* USB: ehci-pci: USB host controller support for Intel Quark X1000
- LP: #1371601
* debugfs: Fix corrupted loop in debugfs_remove_recursive
- LP: #1371601
* serial: core: Preserve termios c_cflag for console resume
- LP: #1371601
* mtd/ftl: fix the double free of the buffers allocated in build_maps()
- LP: #1371601
* ext4: Fix block zeroing when punching holes in indirect block files
- LP: #1371601
* ext4: fix punch hole on files with indirect mapping
- LP: #1371601
* x86: don't exclude low BIOS area when allocating address space for
non-PCI cards
- LP: #1371601
* PCI: Configure ASPM when enabling device
- LP: #1371601
* Bluetooth: never linger on process exit
- LP: #1371601
* ASoC: blackfin: use samples to set silence
- LP: #1371601
* USB: OHCI: fix bugs in debug routines
- LP: #1371601
* USB: OHCI: don't lose track of EDs when a controller dies
- LP: #1371601
* mei: start disconnect request timer consistently
- LP: #1371601
* mei: fix return value on disconnect timeout
- LP: #1371601
* USB: Fix persist resume of some SS USB devices
- LP: #1371601
* media-device: Remove duplicated memset() in media_enum_entities()
- LP: #1371601
* Bluetooth: Avoid use of session socket after the session gets freed
- LP: #1371601
* xc5000: Fix get_frequency()
- LP: #1371601
* xc4000: Fix get_frequency()
- LP: #1371601
* CAPABILITIES: remove undefined caps from all processes
- LP: #1371601
* scsi: add a blacklist flag which enables VPD page inquiries
- LP: #1371601
* bfa: Fix undefined bit shift on big-endian architectures with 32-bit
DMA address
- LP: #1371601
* hpsa: fix bad -ENOMEM return value in hpsa_big_passthru_ioctl
- LP: #1371601
* Drivers: scsi: storvsc: Change the limits to reflect the values on the
host
- LP: #1371601
* Drivers: scsi: storvsc: Set cmd_per_lun to reflect value supported by
the Host
- LP: #1371601
* Drivers: scsi: storvsc: Filter commands based on the storage protocol
version
- LP: #1371601
* Drivers: scsi: storvsc: Fix a bug in handling VMBUS protocol version
- LP: #1371601
* Drivers: scsi: storvsc: Implement a eh_timed_out handler
- LP: #1371601
* drivers: scsi: storvsc: Set srb_flags in all cases
- LP: #1371601
* drivers: scsi: storvsc: Correctly handle TEST_UNIT_READY failure
- LP: #1371601
* x86_64/vsyscall: Fix warn_bad_vsyscall log output
- LP: #1371601
* KVM: PPC: Book3S PR: Take SRCU read lock around RTAS kvm_read_guest()
call
- LP: #1371601
* spi: orion: fix incorrect handling of cell-index DT property
- LP: #1371601
* mfd: omap-usb-host: Fix improper mask use.
- LP: #1371601
* tpm: Add missing tpm_do_selftest to ST33 I2C driver
- LP: #1371601
* tpm: missing tpm_chip_put in tpm_get_random()
- LP: #1371601
* scsi: do not issue SCSI RSOC command to Promise Vtrak E610f
- LP: #1371601
* hwmon: (ads1015) Fix off-by-one for valid channel index checking
- LP: #1371601
* ALSA: hda - fix an external mic jack problem on a HP machine
- LP: #1350148, #1371601
* MIPS: tlbex: Fix a missing statement for HUGETLB
- LP: #1371601
* MIPS: Prevent user from setting FCSR cause bits
- LP: #1371601
* KVM: x86: always exit on EOIs for interrupts listed in the IOAPIC redir
table
- LP: #1371601
* MIPS: Remove BUG_ON(!is_fpu_owner()) in do_ade()
- LP: #1371601
* MIPS: ptrace: Test correct task's flags in task_user_regset_view()
- LP: #1371601
* MIPS: asm/reg.h: Make 32- and 64-bit definitions available at the same
time
- LP: #1371601
* MIPS: ptrace: Change GP regset to use correct core dump register layout
- LP: #1371601
* md/raid1,raid10: always abort recover on write error.
- LP: #1371601
* ext4: fix ext4_discard_allocated_blocks() if we can't allocate the pa
struct
- LP: #1371601
* hwmon: (lm85) Fix various errors on attribute writes
- LP: #1371601
* hwmon: (lm78) Fix overflow problems seen when writing large temperature
limits
- LP: #1371601
* hwmon: (amc6821) Fix possible race condition bug
- LP: #1371601
* MIPS: GIC: Prevent array overrun
- LP: #1371601
* mnt: Add tests for unprivileged remount cases that have found to be
faulty
- LP: #1371601
* ARM: OMAP3: Fix choice of omap3_restore_es function in OMAP34XX
rev3.1.2 case.
- LP: #1371601
* netlabel: fix a problem when setting bits below the previously lowest
bit
- LP: #1371601
* netlabel: fix the horribly broken catmap functions
- LP: #1371601
* netlabel: fix the catmap walking functions
- LP: #1371601
* drivers/i2c/busses: use correct type for dma_map/unmap
- LP: #1371601
* NFSD: Decrease nfsd_users in nfsd_startup_generic fail
- LP: #1371601
* MIPS: O32/32-bit: Fix bug which can cause incorrect system call
restarts
- LP: #1371601
* IB/srp: Fix deadlock between host removal and multipathd
- LP: #1371601
* USB: serial: ftdi_sio: Annotate the current Xsens PID assignments
- LP: #1371601
* USB: serial: ftdi_sio: Add support for new Xsens devices
- LP: #1371601
* USB: devio: fix issue with log flooding
- LP: #1371601
* CIFS: Fix async reading on reconnects
- LP: #1371601
* CIFS: Fix STATUS_CANNOT_DELETE error mapping for SMB2
- LP: #1371601
* xfs: ensure verifiers are attached to recovered buffers
- LP: #1371601
* drm/tegra: add MODULE_DEVICE_TABLEs
- LP: #1371601
* ALSA: virtuoso: add Xonar Essence STX II support
- LP: #1371601
* hwmon: (gpio-fan) Prevent overflow problem when writing large limits
- LP: #1371601
* hwmon: (sis5595) Prevent overflow problem when writing large limits
- LP: #1371601
* NFS: Fix /proc/fs/nfsfs/servers and /proc/fs/nfsfs/volumes
- LP: #1371601
* drm/ttm: Fix possible division by 0 in ttm_dma_pool_shrink_scan().
- LP: #1371601
* drm/ttm: Choose a pool to shrink correctly in
ttm_dma_pool_shrink_scan().
- LP: #1371601
* drm/ttm: Use mutex_trylock() to avoid deadlock inside shrinker
functions.
- LP: #1371601
* drm/ttm: Fix possible stack overflow by recursive shrinker calls.
- LP: #1371601
* drm/ttm: Pass GFP flags in order to avoid deadlock.
- LP: #1371601
* powerpc/mm/numa: Fix break placement
- LP: #1371601
* powerpc/pci: Reorder pci bus/bridge unregistration during PHB removal
- LP: #1371601
* drm/radeon: load the lm63 driver for an lm64 thermal chip.
- LP: #1371601
* drm/radeon: set VM base addr using the PFP v2
- LP: #1371601
* drm/radeon/atom: add new voltage fetch function for hawaii
- LP: #1371601
* drm/radeon/dpm: handle voltage info fetching on hawaii
- LP: #1371601
* drm/radeon: re-enable dpm by default on cayman
- LP: #1371601
* drm/radeon: re-enable dpm by default on BTC
- LP: #1371601
* drm/radeon: use packet2 for nop on hawaii with old firmware
- LP: #1371601
* drm/radeon: tweak ACCEL_WORKING2 query for hawaii
- LP: #1371601
* KVM: nVMX: fix "acknowledge interrupt on exit" when APICv is in use
- LP: #1371601
* RDMA/iwcm: Use a default listen backlog if needed
- LP: #1371601
* x86/efi: Enforce CONFIG_RELOCATABLE for EFI boot stub
- LP: #1371601
* net: sun4i-emac: fix memory leak on bad packet
- LP: #1371601
* hwmon: (ads1015) Fix out-of-bounds array access
- LP: #1371601
* hwmon: (dme1737) Prevent overflow problem when writing large limits
- LP: #1371601
* s390/locking: Reenable optimistic spinning
- LP: #1371601
* ring-buffer: Up rb_iter_peek() loop count to 3
- LP: #1371601
* ring-buffer: Always reset iterator to reader page
- LP: #1371601
* kernel/smp.c:on_each_cpu_cond(): fix warning in fallback path
- LP: #1371601
* drm/i915: read HEAD register back in init_ring_common() to enforce
ordering
- LP: #1371601
* vm_is_stack: use for_each_thread() rather then buggy
while_each_thread()
- LP: #1371601
* libceph: set last_piece in ceph_msg_data_pages_cursor_init() correctly
- LP: #1371601
* drm/nouveau: Bump version from 1.1.1 to 1.1.2
- LP: #1371601
* ALSA: usb-audio: fix BOSS ME-25 MIDI regression
- LP: #1371601
* ALSA: hda/ca0132 - Don't try loading firmware at resume when already
failed
- LP: #1371601
* carl9170: fix sending URBs with wrong type when using full-speed
- LP: #1371601
* powerpc/pseries: Failure on removing device node
- LP: #1371601
* Btrfs: Fix memory corruption by ulist_add_merge() on 32bit arch
- LP: #1371601
* Btrfs: fix csum tree corruption, duplicate and outdated checksums
- LP: #1371601
* ext4: fix BUG_ON in mb_free_blocks()
- LP: #1371601
* x86/espfix/xen: Fix allocation of pages for paravirt page tables
- LP: #1371601
* Linux 3.13.11.7
- LP: #1371601
* HID: magicmouse: sanity check report size in raw_event() callback
- LP: #1370025
- CVE-2014-3181
* HID: fix a couple of off-by-ones
- LP: #1370035
- CVE-2014-3184
* USB: whiteheat: Added bounds checking for bulk command response
- LP: #1370036
- CVE-2014-3185
* HID: picolcd: sanity check report size in raw_event() callback
- LP: #1370038
- CVE-2014-3186
* KEYS: Fix termination condition in assoc array garbage collection
- LP: #1370041
- CVE-2014-3631
* udf: Fold udf_fill_inode() into __udf_read_inode()
- LP: #1370042
- CVE-2014-6410
* udf: Avoid infinite loop when processing indirect ICBs
- LP: #1370042
- CVE-2014-6410
* libceph: add process_one_ticket() helper
- LP: #1370044, #1370046, #1370047
- CVE-2014-6418
* libceph: do not hard code max auth ticket len
- LP: #1370044, #1370046, #1370047
- CVE-2014-6418
linux (3.13.0-36.63) trusty; urgency=low
[ Joseph Salisbury ]
* Release Tracking Bug
- LP: #1365052
[ Feng Kan ]
* SAUCE: (no-up) irqchip:gic: change access of gicc_ctrl register to read
modify write.
- LP: #1357527
* SAUCE: (no-up) arm64: optimized copy_to_user and copy_from_user
assembly code
- LP: #1358949
[ Ming Lei ]
* SAUCE: (no-up) Drop APM X-Gene SoC Ethernet driver
- LP: #1360140
* [Config] Drop XGENE entries
- LP: #1360140
* [Config] CONFIG_NET_XGENE=m for arm64
- LP: #1360140
[ Stefan Bader ]
* SAUCE: Add compat macro for skb_get_hash
- LP: #1358162
* SAUCE: bcache: prevent crash on changing writeback_running
- LP: #1357295
[ Suman Tripathi ]
* SAUCE: (no-up) arm64: Fix the csr-mask for APM X-Gene SoC AHCI SATA PHY
clock DTS node.
- LP: #1359489
* SAUCE: (no-up) ahci_xgene: Skip the PHY and clock initialization if
already configured by the firmware.
- LP: #1359501
* SAUCE: (no-up) ahci_xgene: Fix the link down in first attempt for the
APM X-Gene SoC AHCI SATA host controller driver.
- LP: #1359507
[ Tuan Phan ]
* SAUCE: (no-up) pci-xgene-msi: fixed deadlock in irq_set_affinity
- LP: #1359514
[ Upstream Kernel Changes ]
* iwlwifi: mvm: Add a missed beacons threshold
- LP: #1349572
* mac80211: reset probe_send_count also in HW_CONNECTION_MONITOR case
- LP: #1349572
* genirq: Add an accessor for IRQ_PER_CPU flag
- LP: #1357527
* arm64: perf: add support for percpu pmu interrupt
- LP: #1357527
* cifs: sanity check length of data to send before sending
- LP: #1283101
* KVM: nVMX: Pass vmexit parameters to nested_vmx_vmexit
- LP: #1329434
* KVM: nVMX: Rework interception of IRQs and NMIs
- LP: #1329434
* KVM: vmx: disable APIC virtualization in nested guests
- LP: #1329434
* HID: Add transport-driver functions to the USB HID interface.
- LP: #1353021
* ahci_xgene: Removing NCQ support from the APM X-Gene SoC AHCI SATA Host
Controller driver.
- LP: #1358498
* fold d_kill() and d_free()
- LP: #1354234
* fold try_prune_one_dentry()
- LP: #1354234
* new helper: dentry_free()
- LP: #1354234
* expand the call of dentry_lru_del() in dentry_kill()
- LP: #1354234
* dentry_kill(): don't try to remove from shrink list
- LP: #1354234
* don't remove from shrink list in select_collect()
- LP: #1354234
* more graceful recovery in umount_collect()
- LP: #1354234
* dcache: don't need rcu in shrink_dentry_list()
- LP: #1354234
* lift the "already marked killed" case into shrink_dentry_list()
* split dentry_kill()
- LP: #1354234
* expand dentry_kill(dentry, 0) in shrink_dentry_list()
- LP: #1354234
* shrink_dentry_list(): take parent's ->d_lock earlier
- LP: #1354234
* dealing with the rest of shrink_dentry_list() livelock
- LP: #1354234
* dentry_kill() doesn't need the second argument now
- LP: #1354234
* dcache: add missing lockdep annotation
- LP: #1354234
* fs: convert use of typedef ctl_table to struct ctl_table
- LP: #1354234
* lock_parent: don't step on stale ->d_parent of all-but-freed one
- LP: #1354234
* tools/testing/selftests/ptrace/peeksiginfo.c: add PAGE_SIZE definition
- LP: #1358855
* x86, irq, pic: Probe for legacy PIC and set legacy_pic appropriately
- LP: #1317697
* bnx2x: Fix kernel crash and data miscompare after EEH recovery
- LP: #1353105
* bnx2x: Adapter not recovery from EEH error injection
- LP: #1353105
* Fix: module signature vs tracepoints: add new TAINT_UNSIGNED_MODULE
- LP: #1359670
* bcache: fix crash on shutdown in passthrough mode
- LP: #1357295
* bcache: fix uninterruptible sleep in writeback thread
- LP: #1357295
* namespaces: Use task_lock and not rcu to protect nsproxy
- LP: #1328088
* MAINTAINERS: Add entry for APM X-Gene SoC ethernet driver
- LP: #1360140
* Documentation: dts: Add bindings for APM X-Gene SoC ethernet driver
- LP: #1360140
* dts: Add bindings for APM X-Gene SoC ethernet driver
- LP: #1360140
* drivers: net: Add APM X-Gene SoC ethernet driver support.
- LP: #1360140
* powerpc/mm: Add new "set" flag argument to pte/pmd update function
- LP: #1357014
* powerpc/thp: Add write barrier after updating the valid bit
- LP: #1357014
* powerpc/thp: Don't recompute vsid and ssize in loop on invalidate
- LP: #1357014
* powerpc/thp: Invalidate old 64K based hash page mapping before insert
of 4k pte
- LP: #1357014
* powerpc/thp: Handle combo pages in invalidate
- LP: #1357014
* powerpc/thp: Invalidate with vpn in loop
- LP: #1357014
* powerpc/thp: Use ACCESS_ONCE when loading pmdp
- LP: #1357014
* powerpc/mm: Use read barrier when creating real_pte
- LP: #1357014
* powerpc/thp: Add tracepoints to track hugepage invalidate
- LP: #1357014
* powerpc: subpage_protect: Increase the array size to take care of 64TB
- LP: #1357014
* mfd: rtsx: Add set pull control macro and simplify rtl8411
- LP: #1361086
* mfd: rtsx: Add support for card reader rtl8402
- LP: #1361086
* kvm: iommu: fix the third parameter of kvm_iommu_put_pages
(CVE-2014-3601)
- LP: #1362443
- CVE-2014-3601
* isofs: Fix unbounded recursion when processing relocated directories
- LP: #1362447, #1362448
- CVE-2014-5472
* net: sctp: inherit auth_capable on INIT collisions
- LP: #1349804
- CVE-2014-5077
* blk-mq: fix initializing request's start time
- LP: #1297522
[ Vinayak Kale ]
* SAUCE: (no-up) dt-bindings: Add Potenza PMU binding
- LP: #1357527
* SAUCE: (no-up) arm64: dts: Add PMU node for APM X-Gene Storm SOC
- LP: #1357527
-- Joseph Salisbury <joseph.salisbury@xxxxxxxxxxxxx> Mon, 22 Sep 2014 15:51:07 -0400
** Changed in: linux (Ubuntu Trusty)
Status: Fix Committed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3181
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3184
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3185
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3186
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3601
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3631
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-5077
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-5472
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-6410
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-6418
** Changed in: linux (Ubuntu Precise)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1348670
Title:
BUG: unable to handle kernel NULL pointer dereference at
0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
Status in “linux” package in Ubuntu:
Invalid
Status in “linux” source package in Lucid:
Invalid
Status in “linux” source package in Precise:
Fix Released
Status in “linux” source package in Trusty:
Fix Released
Status in “linux” source package in Utopic:
Invalid
Status in “linux” package in Debian:
Fix Released
Bug description:
I've seen this happen twice in the last 8 days on an NFS server
running Ubuntu precise and kernels 3.2.0-65.98-generic (on the first
occasion) and 3.2.0-67.101-generic (the second time), amd64. This
never happened before in several months of operation; until 2014-07-01
this server was running an older 3.2.0 kernel.
When this error appears in the logs, the system stops answering NFS
RPCs (e.g., "rpcinfo -u localhost nfs 3" hangs) and a reboot is
necessary to restore NFS service. A more detailed stack trace follows.
Looking at the source code (fs/nfsd/vfs.c:set_nfsv4_acl_one()) I see
that the call posix_acl_xattr_size(pacl->a_count) is not preceded by a
check that pacl != NULL. Could this be related to the following entry
in the changelog for 3.2.0-65.98?
* NFSD: Call ->set_acl with a NULL ACL structure if no entries
- LP: #1328154
Jul 24 10:12:53 server kernel: [575939.742131] IP: [<ffffffffa055c451>] set_nfsv4_acl_one+0x21/0xb0 [nfsd]
Jul 24 10:12:53 server kernel: [575939.742131] PGD c243bb067 PUD c2400a067 PMD 0
Jul 24 10:12:53 server kernel: [575939.742131] Oops: 0000 [#1] SMP
Jul 24 10:12:53 server kernel: [575939.742131] CPU 3
Jul 24 10:12:53 server kernel: [575939.742131] Modules linked in: usblp btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs reiserfs ext2 cts openafs(P) xt_tcpudp ipmi_si ipmi_devintf ipmi_msghandler iptable_filter ip_tables x_tables autofs4 bnep parport_pc rfcomm bluetooth ppdev binfmt_misc rpcsec_gss_krb5 nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc xfs dm_crypt bridge stp psmouse hpilo sp5100_tco i2c_piix4 amd64_edac_mod hpwdt edac_core k10temp edac_mce_amd joydev serio_raw acpi_power_meter mac_hid lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear radeon ttm drm_kms_helper drm osst usbhid hid st ch i2c_algo_bit pata_atiixp hpsa bnx2
Jul 24 10:12:53 server kernel: [575939.742131]
Jul 24 10:12:53 server kernel: [575939.742131] Pid: 2523, comm: nfsd Tainted: P O 3.2.0-67-generic #101-Ubuntu HP ProLiant DL385 G7
Jul 24 10:12:53 server kernel: [575939.742131] RIP: 0010:[<ffffffffa055c451>] [<ffffffffa055c451>] set_nfsv4_acl_one+0x21/0xb0 [nfsd]
Jul 24 10:12:53 server kernel: [575939.742131] RSP: 0018:ffff880422085ce0 EFLAGS: 00010282
Jul 24 10:12:53 server kernel: [575939.742131] RAX: 0000000000004000 RBX: ffff880e29b16cc0 RCX: 00000000013cc2cc
Jul 24 10:12:53 server kernel: [575939.742131] RDX: ffffffffa0583374 RSI: 0000000000000000 RDI: ffff880e29b16cc0
Jul 24 10:12:53 server kernel: [575939.742131] RBP: ffff880422085d10 R08: ffffea002cdf3b80 R09: ffffffffa055c4af
Jul 24 10:12:53 server kernel: [575939.742131] R10: ffff880b37ceed00 R11: 0000000040000004 R12: 0000000000000000
Jul 24 10:12:53 server kernel: [575939.742131] R13: ffff8807f56418c0 R14: 0000000000000000 R15: ffff880c2268d180
Jul 24 10:12:53 server kernel: [575939.742131] FS: 00007fbbbbafd700(0000) GS:ffff88103fc80000(0000) knlGS:0000000000000000
Jul 24 10:12:53 server kernel: [575939.742131] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0000000000000010 CR3: 0000000c22d6c000 CR4: 00000000000006e0
Jul 24 10:12:53 server kernel: [575939.742131] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
Jul 24 10:12:53 server kernel: [575939.742131] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Jul 24 10:12:53 server kernel: [575939.742131] Process nfsd (pid: 2523, threadinfo ffff880422084000, task ffff880425964500)
Jul 24 10:12:53 server kernel: [575939.742131] Stack:
Jul 24 10:12:53 server kernel: [575939.742131] ffff880c2268d040 ffff880e29b16cc0 0000000000000000 ffff8807f56418c0
Jul 24 10:12:53 server kernel: [575939.742131] 0000000000000000 ffff880c2268d180 ffff880422085d50 ffffffffa055d5e3
Jul 24 10:12:53 server kernel: [575939.742131] ffff880b37cee840 0000000000000000 ffff880c22684000 ffff880c2268d040
Jul 24 10:12:53 server kernel: [575939.742131] Call Trace:
Jul 24 10:12:53 server kernel: [575939.742131] [<ffffffffa055d5e3>] nfsd4_set_nfs4_acl+0x143/0x150 [nfsd]
Jul 24 10:12:53 server kernel: [575939.742131] [<ffffffffa056ab74>] nfsd4_setattr+0xd4/0x130 [nfsd]
Jul 24 10:12:53 server kernel: [575939.742131] [<ffffffffa0569be8>] nfsd4_proc_compound+0x518/0x6e0 [nfsd]
Jul 24 10:12:53 server kernel: [575939.742131] [<ffffffffa0558a4b>] nfsd_dispatch+0xeb/0x230 [nfsd]
Jul 24 10:12:53 server kernel: [575939.742131] [<ffffffffa03ae475>] svc_process_common+0x345/0x690 [sunrpc]
Jul 24 10:12:53 server kernel: [575939.742131] [<ffffffff81060ad0>] ? try_to_wake_up+0x200/0x200
Jul 24 10:12:53 server kernel: [575939.742131] [<ffffffffa03aeb12>] svc_process+0x102/0x150 [sunrpc]
Jul 24 10:12:53 server kernel: [575939.742131] [<ffffffffa05581ad>] nfsd+0xbd/0x160 [nfsd]
Jul 24 10:12:53 server kernel: [575939.742131] [<ffffffffa05580f0>] ? nfsd_startup+0xf0/0xf0 [nfsd]
Jul 24 10:12:53 server kernel: [575939.742131] [<ffffffff8108b8cc>] kthread+0x8c/0xa0
Jul 24 10:12:53 server kernel: [575939.742131] [<ffffffff8166deb4>] kernel_thread_helper+0x4/0x10
Jul 24 10:12:53 server kernel: [575939.742131] [<ffffffff8108b840>] ? flush_kthread_worker+0xa0/0xa0
Jul 24 10:12:53 server kernel: [575939.742131] [<ffffffff8166deb0>] ? gs_change+0x13/0x13
Jul 24 10:12:53 server kernel: [575939.742131] Code: 19 c0 f7 d0 83 e0 02 c3 90 90 55 48 89 e5 48 83 ec 30 48 89 5d d8 4c 89 65 e0 4c 89 6d e8 4c 89 75 f0 4c 89 7d f8 66 66 66 66 90 <48> 63 46 10 49 89 fd 49 89 f6 be d0 00 00 00 49 89 d4 4c 8d 3c
Jul 24 10:12:53 server kernel: [575939.742131] RIP [<ffffffffa055c451>] set_nfsv4_acl_one+0x21/0xb0 [nfsd]
Jul 24 10:12:53 server kernel: [575939.742131] RSP <ffff880422085ce0>
Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0000000000000010
Jul 24 10:12:53 server kernel: [575942.132715] ---[ end trace ba2b82e486b77140 ]---
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1348670/+subscriptions
References
