Your message dated Sat, 28 Dec 2019 16:00:14 +0000 with message-id <E1ilEVi-0002xh-FO@fasolo.debian.org> and subject line Bug#946237: fixed in linux 5.4.6-1 has caused the Debian Bug report #946237, regarding linux-image-4.19.0-6-cloud-amd64: Cloud Kernel built with CONFIG_TCG_TPM=n to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 946237: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946237 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: linux-image-4.19.0-6-cloud-amd64: Cloud Kernel built with CONFIG_TCG_TPM=n
- From: Joe Richey <joerichey@google.com>
- Date: Thu, 5 Dec 2019 15:37:47 -0800
- Message-id: <[🔎] CAKpBdu1i671cuB7qB32qDBFEwLJLq10D6kCKv4fkmT7OH+w+1Q@mail.gmail.com>
Package: src:linux Version: 4.19.67-2+deb10u2 Severity: normal Dear Maintainer, * What led up to the situation? We (Google Cloud) offer Debian VM Images as part of GCE. Recently, we've been adding images which support UEFI/Secure Boot/vTPM as part of our "Shielded VM" product (https://cloud.google.com/shielded-vm/). We are setting up a Debian 10 image that supports these features, as Debian 10 added Secure Boot support. However, the current cloud image does not support a TPM as it is compiled with CONFIG_TCG_TPM=n (the default). This was not an issue with Debian 9 or the normal Debian 10 kernel, as both of these kernels are built with CONFIG_TCG_TPM=m. * What exactly did you do (or not do) that was effective (or ineffective)? Swapping out the cloud kernel for the normal kernel (while keeping the cloud image userland) allowed the TPM to function normally. * What was the outcome of this action? While changing the Debian 10 image to use the normal kernel allows the vTPM to work with Debian, we would prefer to use the cloud image (including the cloud kernel) for our default Debian 10 images. * What outcome did you expect instead? We would expect the cloud image to work with a TPM. The best way to do this would be to add the following to the cloud-specific kernel config: CONFIG_TCG_TPM=m CONFIG_TCG_TIS_CORE=m CONFIG_TCG_TIS=m CONFIG_TCG_CRB=m These are the minimal options needed to use a standards complying TPM with Linux. The normal Debain 10 kernel also sets: CONFIG_HW_RANDOM_TPM=y CONFIG_TCG_XEN=m CONFIG_TCG_VTPM_PROXY=m Setting these might be useful, if only to reduce the difference in configuration between the cloud kernel and the normal kernel. The other TPM/TCG related kernel configs are for specific hardware devices, so it doesn't make sense to include them in the cloud image. -- Package-specific info: ** Version: Linux version 4.19.0-6-cloud-amd64 (debian-kernel@lists.debian.org) (gcc version 8.3.0 (Debian 8.3.0-6)) #1 SMP Debian 4.19.67-2+deb10u2 (2019-11-11) ** Command line: BOOT_IMAGE=/boot/vmlinuz-4.19.0-6-cloud-amd64 root=UUID=bf88aa2a-6281-4f23-90e1-6d597f6288c7 ro console=tty0 console=ttyS0,115200 earlyprintk=ttyS0,115200 elevator=noop scsi_mod.use_blk_mq=Y ** Not tainted ** Kernel log: [ 0.591931] NET: Registered protocol family 44 [ 0.592623] pci 0000:00:00.0: Limiting direct PCI/PCI transfers [ 0.593701] PCI: CLS 0 bytes, default 64 [ 0.593773] Unpacking initramfs... [ 0.798575] Freeing initrd memory: 12196K [ 0.801776] PCI-DMA: Using software bounce buffering for IO (SWIOTLB) [ 0.803293] software IO TLB: mapped [mem 0xb77fb000-0xbb7fb000] (64MB) [ 0.804913] clocksource: tsc: mask: 0xffffffffffffffff max_cycles: 0x1cd4a18fe72, max_idle_ns: 440795261703 ns [ 0.807510] Initialise system trusted keyrings [ 0.808380] Key type blacklist registered [ 0.809331] workingset: timestamp_bits=40 max_order=20 bucket_order=0 [ 0.811513] zbud: loaded [ 0.937162] Key type asymmetric registered [ 0.937965] Asymmetric key parser 'x509' registered [ 0.938693] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 251) [ 0.939962] io scheduler noop registered (default) [ 0.941030] io scheduler deadline registered [ 0.941863] Serial: 8250/16550 driver, 4 ports, IRQ sharing enabled [ 0.964891] 00:03: ttyS0 at I/O 0x3f8 (irq = 4, base_baud = 115200) is a 16550A [ 0.990404] 00:04: ttyS1 at I/O 0x2f8 (irq = 3, base_baud = 115200) is a 16550A [ 1.014448] 00:05: ttyS2 at I/O 0x3e8 (irq = 6, base_baud = 115200) is a 16550A [ 1.038234] 00:06: ttyS3 at I/O 0x2e8 (irq = 7, base_baud = 115200) is a 16550A [ 1.040312] i8042: PNP: PS/2 Controller [PNP0303:KBD,PNP0f13:MOU] at 0x60,0x64 irq 1,12 [ 1.042747] i8042: Warning: Keylock active [ 1.044843] serio: i8042 KBD port at 0x60,0x64 irq 1 [ 1.046169] serio: i8042 AUX port at 0x60,0x64 irq 12 [ 1.047435] mousedev: PS/2 mouse device common for all mice [ 1.049190] NET: Registered protocol family 10 [ 1.056699] Segment Routing with IPv6 [ 1.057830] mip6: Mobile IPv6 [ 1.058779] NET: Registered protocol family 17 [ 1.059981] mpls_gso: MPLS GSO support [ 1.060997] sched_clock: Marking stable (1059180096, 1771706)->(1167732719, -106780917) [ 1.063046] registered taskstats version 1 [ 1.064137] Loading compiled-in X.509 certificates [ 1.096876] Loaded X.509 cert 'Debian Secure Boot CA: 6ccece7e4c6c0d1f6149f3dd27dfcc5cbb419ea1' [ 1.099603] Loaded X.509 cert 'Debian Secure Boot Signer: 00a7468def' [ 1.101519] AppArmor: AppArmor sha1 policy hashing enabled [ 1.104745] Freeing unused kernel image memory: 1468K [ 1.112173] Write protecting the kernel read-only data: 16384k [ 1.113986] Freeing unused kernel image memory: 2028K [ 1.115323] Freeing unused kernel image memory: 1364K [ 1.116872] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 1.118627] x86/mm: Checking user space page tables [ 1.119696] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 1.121167] Run /init as init process [ 1.186390] cryptd: max_cpu_qlen set to 1000 [ 1.190706] PCI Interrupt Link [LNKC] enabled at IRQ 11 [ 1.192004] virtio-pci 0000:00:03.0: virtio_pci: leaving for legacy driver [ 1.208017] AVX2 version of gcm_enc/dec engaged. [ 1.209032] AES CTR mode by8 optimization enabled [ 1.222603] PCI Interrupt Link [LNKD] enabled at IRQ 10 [ 1.224103] virtio-pci 0000:00:04.0: virtio_pci: leaving for legacy driver [ 1.230984] PCI Interrupt Link [LNKA] enabled at IRQ 10 [ 1.232015] virtio-pci 0000:00:05.0: virtio_pci: leaving for legacy driver [ 1.254299] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input0 [ 1.263076] SCSI subsystem initialized [ 1.307326] scsi host0: Virtio SCSI HBA [ 1.321719] virtio_net virtio1 ens4: renamed from eth0 [ 1.342941] scsi 0:0:1:0: Direct-Access Google PersistentDisk 1 PQ: 0 ANSI: 6 [ 1.364067] sd 0:0:1:0: [sda] 20971520 512-byte logical blocks: (10.7 GB/10.0 GiB) [ 1.365394] sd 0:0:1:0: [sda] 4096-byte physical blocks [ 1.366681] sd 0:0:1:0: [sda] Write Protect is off [ 1.367516] sd 0:0:1:0: [sda] Mode Sense: 1f 00 00 08 [ 1.368190] sd 0:0:1:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA [ 1.376629] sda: sda1 sda14 sda15 [ 1.378554] sd 0:0:1:0: [sda] Attached SCSI disk [ 1.549482] EXT4-fs (sda1): mounted filesystem with ordered data mode. Opts: (null) [ 1.859392] systemd[1]: Inserted module 'autofs4' [ 1.995171] systemd[1]: systemd 241 running in system mode. (+PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD -IDN2 +IDN -PCRE2 default-hierarchy=hybrid) [ 1.999547] systemd[1]: Detected virtualization kvm. [ 2.000501] systemd[1]: Detected architecture x86-64. [ 2.001459] systemd[1]: Running with unpopulated /etc. [ 2.017409] systemd[1]: Set hostname to <debian>. [ 2.018308] systemd[1]: System cannot boot: Missing /etc/machine-id and /etc is mounted read-only. [ 2.020203] systemd[1]: Booting up is supported only when: [ 2.021145] systemd[1]: 1) /etc/machine-id exists and is populated. [ 2.022074] systemd[1]: 2) /etc/machine-id exists and is empty. [ 2.023035] systemd[1]: 3) /etc/machine-id is missing and /etc is writable. [ 2.573976] EXT4-fs (sda1): re-mounted. Opts: discard,errors=remount-ro [ 2.954736] systemd-journald[218]: Received request to flush runtime journal from PID 1 [ 3.196430] EFI Variables Facility v0.08 2004-May-17 [ 3.204535] pstore: Using compression: deflate [ 3.205269] pstore: Registered efi as persistent store backend [ 3.228039] input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input2 [ 3.233576] ACPI: Power Button [PWRF] [ 3.234288] input: Sleep Button as /devices/LNXSYSTM:00/LNXSLPBN:00/input/input3 [ 3.240738] RAPL PMU: API unit is 2^-32 Joules, 3 fixed counters, 10737418240 ms ovfl timer [ 3.242440] RAPL PMU: hw unit of domain pp0-core 2^-0 Joules [ 3.243842] RAPL PMU: hw unit of domain package 2^-0 Joules [ 3.245163] RAPL PMU: hw unit of domain dram 2^-16 Joules [ 3.250749] sd 0:0:1:0: Attached scsi generic sg0 type 0 [ 3.252936] ACPI: Sleep Button [SLPF] [ 3.745268] audit: type=1400 audit(1575576042.491:2): apparmor="STATUS" operation="profile_load" profile="unconfined" name="/usr/sbin/haveged" pid=283 comm="apparmor_parser" [ 3.759253] audit: type=1400 audit(1575576042.503:3): apparmor="STATUS" operation="profile_load" profile="unconfined" name="/usr/sbin/chronyd" pid=284 comm="apparmor_parser" [ 3.765021] audit: type=1400 audit(1575576042.511:4): apparmor="STATUS" operation="profile_load" profile="unconfined" name="nvidia_modprobe" pid=285 comm="apparmor_parser" [ 3.767905] audit: type=1400 audit(1575576042.511:5): apparmor="STATUS" operation="profile_load" profile="unconfined" name="nvidia_modprobe//kmod" pid=285 comm="apparmor_parser" [ 3.777383] audit: type=1400 audit(1575576042.523:6): apparmor="STATUS" operation="profile_load" profile="unconfined" name="/usr/bin/man" pid=286 comm="apparmor_parser" [ 3.779521] audit: type=1400 audit(1575576042.523:7): apparmor="STATUS" operation="profile_load" profile="unconfined" name="man_filter" pid=286 comm="apparmor_parser" [ 3.784463] audit: type=1400 audit(1575576042.523:8): apparmor="STATUS" operation="profile_load" profile="unconfined" name="man_groff" pid=286 comm="apparmor_parser" ** Model information sys_vendor: Google product_name: Google Compute Engine product_version: chassis_vendor: Google chassis_version: bios_vendor: Google bios_version: Google board_vendor: Google board_name: Google Compute Engine board_version: ** Loaded modules: nls_ascii nls_cp437 vfat fat crct10dif_pclmul crc32_pclmul ghash_clmulni_intel sg intel_rapl_perf button evdev efi_pstore serio_raw efivars efivarfs ip_tables x_tables autofs4 ext4 crc16 mbcache jbd2 crc32c_generic fscrypto ecb crc32c_intel sd_mod virtio_scsi scsi_mod virtio_net net_failover failover aesni_intel aes_x86_64 crypto_simd cryptd glue_helper virtio_pci virtio_ring virtio ** Network interface configuration: # Include files from /etc/network/interfaces.d: source-directory /etc/network/interfaces.d # Cloud images dynamically generate config fragments for newly # attached interfaces. See /etc/udev/rules.d/75-cloud-ifupdown.rules # and /etc/network/cloud-ifupdown-helper. Dynamically generated # configuration fragments are stored in /run: source-directory /run/network/interfaces.d ** Network status: *** IP interfaces and addresses: 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1460 qdisc pfifo_fast state UP group default qlen 1000 link/ether 42:01:0a:a8:00:04 brd ff:ff:ff:ff:ff:ff inet 10.168.0.4/32 brd 10.168.0.4 scope global dynamic ens4 valid_lft 75718sec preferred_lft 75718sec inet6 fe80::4001:aff:fea8:4/64 scope link valid_lft forever preferred_lft forever *** Device statistics: Inter-| Receive | Transmit face |bytes packets errs drop fifo frame compressed multicast|bytes packets errs drop fifo colls carrier compressed lo: 1932 12 0 0 0 0 0 0 1932 12 0 0 0 0 0 0 ens4: 1489255 6206 0 0 0 0 0 0 551580 5276 0 0 0 0 0 0 *** Protocol statistics: Ip: Forwarding: 2 6014 total packets received 2 with invalid addresses 0 forwarded 0 incoming packets discarded 6012 incoming packets delivered 5066 requests sent out 2 dropped because of missing route Icmp: 3 ICMP messages received 0 input ICMP message failed ICMP input histogram: destination unreachable: 3 3 ICMP messages sent 0 ICMP messages failed ICMP output histogram: destination unreachable: 3 IcmpMsg: InType3: 3 OutType3: 3 Tcp: 558 active connection openings 2 passive connection openings 0 failed connection attempts 0 connection resets received 6 connections established 5864 segments received 4919 segments sent out 0 segments retransmitted 0 bad segments received 10 resets sent Udp: 142 packets received 3 packets to unknown port received 0 packet receive errors 145 packets sent 0 receive buffer errors 0 send buffer errors UdpLite: TcpExt: 6 TCP sockets finished time wait in fast timer 195 delayed acks sent Quick ack mode was activated 9 times 416 packet headers predicted 2318 acknowledgments not containing data payload received 910 predicted acknowledgments Detected reordering 5 times using SACK TCPDSACKOldSent: 8 5 connections reset due to unexpected data TCPSackShiftFallback: 4 TCPRcvCoalesce: 595 TCPOrigDataSent: 2228 TCPKeepAlive: 667 TCPDelivered: 2696 IpExt: InOctets: 1397703 OutOctets: 471432 InNoECTPkts: 6014 ** PCI devices: not available ** USB devices: not available -- System Information: Debian Release: 10.2 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-6-cloud-amd64 (SMP w/1 CPU core) Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages linux-image-4.19.0-6-cloud-amd64 depends on: ii initramfs-tools [linux-initramfs-tool] 0.133+deb10u1 ii kmod 26-1 ii linux-base 4.6 Versions of packages linux-image-4.19.0-6-cloud-amd64 recommends: ii apparmor 2.13.2-10 ii firmware-linux-free 3.4 Versions of packages linux-image-4.19.0-6-cloud-amd64 suggests: pn debian-kernel-handbook <none> pn grub-pc | grub-efi-amd64 | extlinux <none> pn linux-doc-4.19 <none> Versions of packages linux-image-4.19.0-6-cloud-amd64 is related to: pn firmware-amd-graphics <none> pn firmware-atheros <none> pn firmware-bnx2 <none> pn firmware-bnx2x <none> pn firmware-brcm80211 <none> pn firmware-cavium <none> pn firmware-intel-sound <none> pn firmware-intelwimax <none> pn firmware-ipw2x00 <none> pn firmware-ivtv <none> pn firmware-iwlwifi <none> pn firmware-libertas <none> pn firmware-linux-nonfree <none> pn firmware-misc-nonfree <none> pn firmware-myricom <none> pn firmware-netxen <none> pn firmware-qlogic <none> pn firmware-realtek <none> pn firmware-samsung <none> pn firmware-siano <none> pn firmware-ti-connectivity <none> pn xen-hypervisor <none> -- no debconf informationAttachment: smime.p7s
Description: S/MIME Cryptographic Signature
--- End Message ---
--- Begin Message ---
- To: 946237-close@bugs.debian.org
- Subject: Bug#946237: fixed in linux 5.4.6-1
- From: Ben Hutchings <ben@decadent.org.uk>
- Date: Sat, 28 Dec 2019 16:00:14 +0000
- Message-id: <E1ilEVi-0002xh-FO@fasolo.debian.org>
Source: linux Source-Version: 5.4.6-1 We believe that the bug you reported is fixed in the latest version of linux, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 946237@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Ben Hutchings <ben@decadent.org.uk> (supplier of updated linux package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmaster@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 27 Dec 2019 22:17:44 +0000 Source: linux Architecture: source Version: 5.4.6-1 Distribution: unstable Urgency: medium Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org> Changed-By: Ben Hutchings <ben@decadent.org.uk> Closes: 944138 946237 946510 Changes: linux (5.4.6-1) unstable; urgency=medium . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.3 - rsi: release skb if rsi_prepare_beacon fails (CVE-2019-19071) - lp: fix sparc64 LPSETTIMEOUT ioctl - time: Zero the upper 32-bits in __kernel_timespec on 32-bit - usb: gadget: u_serial: add missing port entry locking - [arm64] tty: serial: msm_serial: Fix flow control - [arm64,armel,armhf] serial: pl011: Fix DMA ->flush_buffer() - serial: serial_core: Perform NULL checks for break_ctl ops - [armhf] serial: stm32: fix clearing interrupt error flags - serial: 8250_dw: Avoid double error messaging when IRQ absent - mwifiex: Re-work support for SDIO HW reset - io_uring: fix dead-hung for non-iter fixed rw - io_uring: transform send/recvmsg() -ERESTARTSYS to -EINTR - fuse: fix leak of fuse_io_priv - fuse: verify nlink - fuse: verify write return - fuse: verify attributes - io_uring: fix missing kmap() declaration on powerpc - io_uring: ensure req->submit is copied when req is deferred - SUNRPC: Avoid RPC delays when exiting suspend - ALSA: hda/realtek - Enable internal speaker of ASUS UX431FLC - ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop - ALSA: hda/realtek - Dell headphone has noise on unmute for ALC236 - ALSA: hda/realtek - Fix inverted bass GPIO pin on Acer 8951G - ALSA: pcm: oss: Avoid potential buffer overflows - ALSA: hda - Add mute led support for HP ProBook 645 G4 - ALSA: hda: Modify stream stripe mask only when needed - Input: synaptics - switch another X1 Carbon 6 to RMI/SMbus - Input: synaptics-rmi4 - re-enable IRQs in f34v7_do_reflash - [x86] Input: synaptics-rmi4 - don't increment rmiaddr for SMBus transfers - Input: goodix - add upside-down quirk for Teclast X89 tablet - media: rc: mark input device as pointing stick - [i386] x86/mm/32: Sync only to VMALLOC_END in vmalloc_sync_all() - [x86] PCI: Avoid AMD FCH XHCI USB PME# from D0 defect - CIFS: Fix NULL-pointer dereference in smb2_push_mandatory_locks - CIFS: Fix SMB2 oplock break processing - tty: vt: keyboard: reject invalid keycodes - can: slcan: Fix use-after-free Read in slcan_open - nfsd: Ensure CLONE persists data and metadata changes to the target file - nfsd: restore NFSv3 ACL support - kernfs: fix ino wrap-around detection - jbd2: Fix possible overflow in jbd2_log_space_left() - [arm64] drm/msm: fix memleak on release - drm: damage_helper: Fix race checking plane->state->fb - [i386] drm/i810: Prevent underflow in ioctl - [arm64] Validate tagged addresses in access_ok() called from kernel threads - [powerpc*] KVM: PPC: Book3S HV: XIVE: Free previous EQ page when setting up a new one - [powerpc*] KVM: PPC: Book3S HV: XIVE: Fix potential page leak on error path - [powerpc*] KVM: PPC: Book3S HV: XIVE: Set kvm->arch.xive when VPs are allocated - [x86] KVM: nVMX: Always write vmcs02.GUEST_CR3 during nested VM-Enter - [arm64,armhf] KVM: vgic: Don't rely on the wrong pending table - [x86] KVM: do not modify masked bits of shared MSRs - [x86] KVM: fix presentation of TSX feature in ARCH_CAPABILITIES - [x86] KVM: Remove a spurious export of a static function - [x86] KVM: Grab KVM's srcu lock when setting nested state - crypto: af_alg - cast ki_complete ternary op to int - [i386] crypto: geode-aes - switch to skcipher for cbc(aes) fallback - [x86] crypto: ccp - fix uninitialized list head - crypto: ecdh - fix big endian bug in ECC library - crypto: user - fix memory leak in crypto_report (CVE-2019-19062) - [armhf] spi: stm32-qspi: Fix kernel oops when unbinding driver - spi: Fix SPI_CS_HIGH setting when using native and GPIO CS - spi: Fix NULL pointer when setting SPI_CS_HIGH for GPIO CS - can: ucan: fix non-atomic allocation in completion handler - [amd64] RDMA/qib: Validate ->show()/store() callbacks before calling them - rfkill: allocate static minor - bdev: Factor out bdev revalidation into a common helper - bdev: Refresh bdev size for disks without partitioning - iomap: Fix pipe page leakage during splicing - thermal: Fix deadlock in thermal thermal_zone_device_check - vcs: prevent write access to vcsu devices - Revert "serial/8250: Add support for NI-Serial PXI/PXIe+485 devices" - binder: Fix race between mmap() and binder_alloc_print_pages() - binder: Prevent repeated use of ->mmap() via NULL mapping - binder: Handle start==NULL in binder_update_page_range() - [x86] KVM: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332) - ALSA: hda - Fix pending unsol events at shutdown - md/raid0: Fix an error message in raid0_make_request() - drm/mcde: Fix an error handling path in 'mcde_probe()' - perf script: Fix invalid LBR/binary mismatch error https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.4 - usb: gadget: configfs: Fix missing spin_lock_init() - [x86] usb: gadget: pch_udc: fix use after free - nvme: Namepace identification descriptor list is optional - Revert "nvme: Add quirk for Kingston NVME SSD running FW E8FK11.T" - scsi: lpfc: Fix bad ndlp ptr in xri aborted handling - [s390x] scsi: zfcp: trace channel log even for FCP command responses - scsi: qla2xxx: Do command completion on abort timeout - scsi: qla2xxx: Fix driver unload hang - scsi: qla2xxx: Fix double scsi_done for abort path - scsi: qla2xxx: Fix memory leak when sending I/O fails - compat_ioctl: add compat_ptr_ioctl() - ceph: fix compat_ioctl for ceph_dir_operations - [arm64] media: venus: remove invalid compat_ioctl32 handler - USB: uas: honor flag to avoid CAPACITY16 - USB: uas: heed CAPACITY_HEURISTICS - USB: documentation: flags on usb-storage versus UAS - usb: Allow USB device to be warm reset in suspended state - [arm64,armhf] usb: host: xhci-tegra: Correct phy enable sequence - binder: fix incorrect calculation for num_valid - staging: rtl8188eu: fix interface sanity check - staging: rtl8712: fix interface sanity check - [arm*] staging: vchiq: call unregister_chrdev_region() when driver registration fails - staging: gigaset: fix general protection fault on probe - staging: gigaset: fix illegal free on probe errors - staging: gigaset: add endpoint-type sanity check - usb: xhci: only set D3hot for pci device - xhci: Fix memory leak in xhci_add_in_port() - xhci: fix USB3 device initiated resume race with roothub autosuspend - xhci: Increase STS_HALT timeout in xhci_suspend() - xhci: handle some XHCI_TRUST_TX_LENGTH quirks cases as default behaviour. - xhci: make sure interrupts are restored to correct state - [x86] iio: imu: inv_mpu6050: fix temperature reporting using bad unit - USB: atm: ueagle-atm: add missing endpoint check - USB: idmouse: fix interface sanity checks - USB: serial: io_edgeport: fix epic endpoint lookup - usb: roles: fix a potential use after free - USB: adutux: fix interface sanity check - usb: core: urb: fix URB structure initialization function - usb: mon: Fix a deadlock in usbmon between mmap and read - [arm64,amd64,i386] tpm: add check after commands attribs tab allocation - [arm64,amd64,i386] tpm: Switch to platform_get_irq_optional() - brcmfmac: disable PCIe interrupts before bus reset - mtd: rawnand: Change calculating of position page containing BBM - virtio-balloon: fix managed page counts when migrating pages between zones - usb: dwc3: pci: add ID for the Intel Comet Lake -H variant - [arm64,armhf] usb: dwc3: gadget: Fix logical condition - [arm64,armhf] usb: dwc3: gadget: Clear started flag for non-IOC - [arm64,armhf] usb: dwc3: ep0: Clear started flag on completion - [x86] usb: typec: fix use after free in typec_register_port() - iwlwifi: pcie: fix support for transmitting SKBs with fraglist - btrfs: check page->mapping when loading free space cache - btrfs: use btrfs_block_group_cache_done in update_block_group - btrfs: use refcount_inc_not_zero in kill_all_nodes - Btrfs: fix metadata space leak on fixup worker failure to set range as delalloc - Btrfs: fix negative subv_writers counter and data space leak after buffered write - btrfs: Avoid getting stuck during cyclic writebacks - btrfs: Remove btrfs_bio::flags member - Btrfs: send, skip backreference walking for extents with many references - btrfs: record all roots for rename exchange on a subvol - rtlwifi: rtl8192de: Fix missing code to retrieve RX buffer address - rtlwifi: rtl8192de: Fix missing callback that tests for hw release of buffer - rtlwifi: rtl8192de: Fix missing enable interrupt flag - ovl: fix lookup failure on multi lower squashfs - ovl: fix corner case of non-unique st_dev;st_ino - ovl: relax WARN_ON() on rename to self - [arm*] hwrng: omap - Fix RNG wait loop timeout - dm writecache: handle REQ_FUA - dm zoned: reduce overhead of backing device checks - workqueue: Fix spurious sanity check failures in destroy_workqueue() - workqueue: Fix pwq ref leak in rescuer_thread() - ASoC: rt5645: Fixed buddy jack support. - ASoC: rt5645: Fixed typo for buddy jack support. - ASoC: Jack: Fix NULL pointer dereference in snd_soc_jack_report - md: improve handling of bio with REQ_PREFLUSH in md_flush_request() - blk-mq: avoid sysfs buffer overflow with too many CPU cores - cgroup: pids: use atomic64_t for pids->limit - wil6210: check len before memcpy() calls - ar5523: check NULL before memcpy() in ar5523_cmd() - [s390x] mm: properly clear _PAGE_NOEXEC bit when it is not supported - cpuidle: Do not unset the driver if it is there already - cpuidle: use first valid target residency as poll time - [arm64,armhf] drm/panfrost: Open/close the perfcnt BO - [powerpc*] perf: Disable trace_imc pmu - [x86] intel_th: Fix a double put_device() in error path - [x86] intel_th: pci: Add Ice Lake CPU support - [x86] intel_th: pci: Add Tiger Lake CPU support - PM / devfreq: Lock devfreq in trans_stat_show - [powerpc*] cpufreq: powernv: fix stack bloat and hard limit on number of CPUs - ALSA: fireface: fix return value in error path of isochronous resources reservation - ALSA: oxfw: fix return value in error path of isochronous resources reservation - ALSA: hda/realtek - Line-out jack doesn't work on a Dell AIO - ACPI / utils: Move acpi_dev_get_first_match_dev() under CONFIG_ACPI - ACPI: LPSS: Add LNXVIDEO -> BYT I2C7 to lpss_device_links - ACPI: LPSS: Add LNXVIDEO -> BYT I2C1 to lpss_device_links - ACPI: LPSS: Add dmi quirk for skipping _DEP check for some device-links - ACPI / hotplug / PCI: Allocate resources directly under the non-hotplug bridge - ACPI: OSL: only free map once in osl.c - ACPI: bus: Fix NULL pointer check in acpi_bus_get_private_data() - ACPI: EC: Rework flushing of pending work - ACPI: PM: Avoid attaching ACPI PM domain to certain devices - [arm64] pinctrl: armada-37xx: Fix irq mask access in armada_37xx_irq_set_type() - [armhf] pinctrl: samsung: Add of_node_put() before return in error path - [armhf] pinctrl: samsung: Fix device node refcount leaks in Exynos wakeup controller init - [armhf] pinctrl: samsung: Fix device node refcount leaks in init code - [armhf] mmc: host: omap_hsmmc: add code for special init of wl1251 to get rid of pandora_wl1251_init_card - RDMA/core: Fix ib_dma_max_seg_size() - ppdev: fix PPGETTIME/PPSETTIME ioctls - [powerpc*] Allow 64bit VDSO __kernel_sync_dicache to work across ranges >4GB - [powerpc*] xive: Prevent page fault issues in the machine crash handler - [powerpc*] Allow flush_icache_range to work across ranges >4GB - [powerpc*] xive: Skip ioremap() of ESB pages for LSI interrupts - video/hdmi: Fix AVI bar unpack - quota: Check that quota is not dirty before release - ext2: check err when partial != NULL - seccomp: avoid overflow in implicit constant conversion - quota: fix livelock in dquot_writeback_dquots - ext4: Fix credit estimate for final inode freeing - reiserfs: fix extended attributes on the root directory - scsi: qla2xxx: Fix SRB leak on switch command timeout - scsi: qla2xxx: Fix a dma_pool_free() call - Revert "scsi: qla2xxx: Fix memory leak when sending I/O fails" - [armhf] omap: pdata-quirks: revert pandora specific gpiod additions - [armhf] omap: pdata-quirks: remove openpandora quirks for mmc3 and wl1251 - [powerpc*] Avoid clang warnings around setjmp and longjmp - [powerpc*] Fix vDSO clock_getres() - mm, memfd: fix COW issue on MAP_PRIVATE and F_SEAL_FUTURE_WRITE mappings - mm: memcg/slab: wait for !root kmem_cache refcnt killing on root kmem_cache destruction - ext4: work around deleting a file with i_nlink == 0 safely - [arm64] firmware: qcom: scm: Ensure 'a0' status code is treated as signed - [s390x] smp,vdso: fix ASCE handling - [s390x] kaslr: store KASLR offset for early dumps - mm/shmem.c: cast the type of unmap_start to u64 - [powerpc*] Define arch_is_kernel_initmem_freed() for lockdep - rtc: disable uie before setting time and enable after - splice: only read in as much information as there is pipe buffer space - ext4: fix a bug in ext4_wait_for_tail_page_commit - ext4: fix leak of quota reservations - blk-mq: make sure that line break can be printed - workqueue: Fix missing kfree(rescuer) in destroy_workqueue() - r8169: fix rtl_hw_jumbo_disable for RTL8168evl https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.5 - inet: protect against too small mtu values. - mqprio: Fix out-of-bounds access in mqprio_dump - net: bridge: deny dev_set_mac_address() when unregistering - net: dsa: fix flow dissection on Tx path - [armhf] net: ethernet: ti: cpsw: fix extra rx interrupt - net: sched: fix dump qlen for sch_mq/sch_mqprio with NOLOCK subqueues - net_sched: validate TCA_KIND attribute in tc_chain_tmplt_add() - [arm64] net: thunderx: start phy before starting autonegotiation - openvswitch: support asymmetric conntrack - tcp: md5: fix potential overestimation of TCP option space - tipc: fix ordering of tipc module init and exit routine - net/mlx5e: Query global pause state before setting prio2buffer - net: ipv6: add net argument to ip6_dst_lookup_flow - net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup - tcp: fix rejected syncookies due to stale timestamps - tcp: tighten acceptance of ACKs not matching a child socket - tcp: Protect accesses to .ts_recent_stamp with {READ,WRITE}_ONCE() - net: core: rename indirect block ingress cb function - net: sched: allow indirect blocks to bind to clsact in TC - cls_flower: Fix the behavior using port ranges with hw-offload - gre: refetch erspan header from skb->data after pskb_may_pull() - Fixed updating of ethertype in function skb_mpls_pop - net: Fixed updating of ethertype in skb_mpls_push() - net/mlx5e: Fix TXQ indices to be sequential - net/mlx5e: Fix SFF 8472 eeprom length - net/mlx5e: Fix freeing flow with kfree() and not kvfree() - net/mlx5e: Fix translation of link mode into speed - net/mlx5e: ethtool, Fix analysis of speed setting - page_pool: do not release pool until inflight == 0. - xdp: obtain the mem_id mutex before trying to remove an entry. - r8169: add missing RX enabling for WoL on RTL8125 https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.6 - USB: Fix incorrect DMA allocations for local memory pool drivers - mmc: block: Make card_busy_detect() a bit more generic - mmc: block: Add CMD13 polling for MMC IOCTLS with R1B response - mmc: core: Drop check for mmc_card_is_removable() in mmc_rescan() - mmc: core: Re-work HW reset for SDIO cards - PCI/PM: Always return devices to D0 when thawing - PCI: pciehp: Avoid returning prematurely from sysfs requests - PCI: Fix Intel ACS quirk UPDCR register address - PCI/MSI: Fix incorrect MSI-X masking on resume - PCI: Do not use bus number zero from EA capability - PCI: Apply Cavium ACS quirk to ThunderX2 and ThunderX3 - PM / QoS: Redefine FREQ_QOS_MAX_DEFAULT_VALUE to S32_MAX - block: fix "check bi_size overflow before merge" - gfs2: Multi-block allocations in gfs2_page_mkwrite - gfs2: fix glock reference problem in gfs2_trans_remove_revoke - [arm64] rpmsg: glink: Fix reuse intents memory leak issue - [arm64] rpmsg: glink: Fix use after free in open_ack TIMEOUT case - [arm64] rpmsg: glink: Put an extra reference during cleanup - [arm64] rpmsg: glink: Fix rpmsg_register_device err handling - [arm64] rpmsg: glink: Don't send pending rx_done during remove - [arm64] rpmsg: glink: Free pending deferred work on remove - cifs: smbd: Return -EAGAIN when transport is reconnecting - cifs: smbd: Only queue work for error recovery on memory registration - cifs: smbd: Add messages on RDMA session destroy and reconnection - cifs: smbd: Return -EINVAL when the number of iovs exceeds SMBDIRECT_MAX_SGE - cifs: smbd: Return -ECONNABORTED when trasnport is not in connected state - cifs: Don't display RDMA transport on reconnect - CIFS: Respect O_SYNC and O_DIRECT flags during reconnect - CIFS: Close open handle after interrupted close - CIFS: Do not miss cancelled OPEN responses - CIFS: Fix NULL pointer dereference in mid callback - cifs: Fix retrieval of DFS referrals in cifs_mount() - [armhf] ARM: tegra: Fix FLOW_CTLR_HALT register clobbering by tegra_resume() - vfio/pci: call irq_bypass_unregister_producer() before freeing irq - dma-buf: Fix memory leak in sync_file_merge() - [arm64,armhf] drm/panfrost: Fix a race in panfrost_ioctl_madvise() - [arm64,armhf] drm/panfrost: Fix a BO leak in panfrost_ioctl_mmap_bo() - [arm64,armhf] drm/panfrost: Fix a race in panfrost_gem_free_object() - [x86] drm/mgag200: Extract device type from flags - [x86] drm/mgag200: Store flags from PCI driver data in device structure - [x86] drm/mgag200: Add workaround for HW that does not support 'startadd' - [x86] drm/mgag200: Flag all G200 SE A machines as broken wrt <startadd> - [arm64] drm: meson: venc: cvbs: fix CVBS mode matching - dm mpath: remove harmful bio-based optimization - dm btree: increase rebalance threshold in __rebalance2() - dm clone metadata: Track exact changes per transaction - dm clone metadata: Use a two phase commit - dm clone: Flush destination device before committing metadata - dm thin metadata: Add support for a pre-commit callback - dm thin: Flush data device before committing metadata - scsi: ufs: Disable autohibern8 feature in Cadence UFS - scsi: iscsi: Fix a potential deadlock in the timeout handler - scsi: qla2xxx: Ignore NULL pointer in tcm_qla2xxx_free_mcmd - scsi: qla2xxx: Initialize free_work before flushing it - scsi: qla2xxx: Added support for MPI and PEP regions for ISP28XX - scsi: qla2xxx: Change discovery state before PLOGI - scsi: qla2xxx: Correctly retrieve and interpret active flash region - scsi: qla2xxx: Fix incorrect SFUB length used for Secure Flash Update MB Cmd - drm/nouveau/kms/nv50-: Call outp_atomic_check_view() before handling PBN - drm/nouveau/kms/nv50-: Store the bpc we're using in nv50_head_atom - drm/nouveau/kms/nv50-: Limit MST BPC to 8 - [x86] drm/i915/fbc: Disable fbc by default on all glk+ - drm/radeon: fix r1xx/r2xx register checker for POT textures - drm/dp_mst: Correct the bug in drm_dp_update_payload_part1() - drm/amdgpu: initialize vm_inv_eng0_sem for gfxhub and mmhub - drm/amdgpu: invalidate mmhub semaphore workaround in gmc9/gmc10 - drm/amdgpu/gfx10: explicitly wait for cp idle after halt/unhalt - drm/amdgpu/gfx10: re-init clear state buffer after gpu reset - drm/amdgpu: avoid using invalidate semaphore for picasso - drm/amdgpu: add invalidate semaphore limit for SRIOV and picasso in gmc9 - ALSA: hda: Fix regression by strip mask fix . [ Joe Richey ] * [amd64/cloud-amd64] tpm: Enable TPM drivers for Cloud (Closes: #946237) . [ Ben Hutchings ] * [armel/rpi,armhf,arm64] Enable DEBUG_WX * linux-cpupower: Fix grammar error in package description * debian/control: Make library package descriptions more consistent * Set ABI to 1 * tracing: Do not create directories if lockdown is in affect . [ Aurelien Jarno ] * [armhf,arm64] Fix critical trip point on RPI 3. . [ Salvatore Bonaccorso ] * [rt] Update to 5.4.3-rt1 and re-enable * [rt] Enable PREEMPT_RT (instead of PREEMPT_RT_FULL) which is part of 5.4 * [rt] Update to 5.4.5-rt3 . [ YunQiang Su ] * [mipsel,mips64el/loongson-3] Enable AMDGPU. * [mips*] switch to vmlinuz from vmlinux except octeon. * [mips*] enable CONFIG_MIPS_O32_FP64_SUPPORT. * [mips*] enable CONFIG_CPU_HAS_MSA except octeon. . [ Vagrant Cascadian ] * [arm64] drivers/gpu/drm/sun4i: Enable DRM_SUN8I_MIXER as a module. (Closes: #946510). Thanks to Andrei POPESCU. . [ Sudip Mukherjee ] * Add libtraceevent packages (Closes: #944138) Checksums-Sha1: 6c2a010535232d23d4032b03f64a8de65e86f4ae 200691 linux_5.4.6-1.dsc 2e9372b397d8bbc4e112b6a299e2e744ab2013a3 113641180 linux_5.4.6.orig.tar.xz b98a19c2c0bd7211baa9077e2c0a49d706f001f2 1177376 linux_5.4.6-1.debian.tar.xz b54a1e6d7818f48acb38993186c8e9f0496a2e15 48791 linux_5.4.6-1_source.buildinfo Checksums-Sha256: 4d1173134151ae3019c782437068a6376e6862b9c247e163caaea04d5d5c76a3 200691 linux_5.4.6-1.dsc a5946726371560a022250d5a6a52ef6f7bbbc365bf79a67d64c8c62bc32710e4 113641180 linux_5.4.6.orig.tar.xz 5fc5166a32e0a21cc831d3e1f8d84495ac0d78c5cb79ff014141b9e82861c916 1177376 linux_5.4.6-1.debian.tar.xz b0473d3ddede113756202500a44760eca1e7520c81c7aa89f59de88cbb46bfcb 48791 linux_5.4.6-1_source.buildinfo Files: 55a20c3edc7bad6d890726dbeec1af66 200691 kernel optional linux_5.4.6-1.dsc d73e3cc69556e0d9ffdbf8fa8952e351 113641180 kernel optional linux_5.4.6.orig.tar.xz 51cb9f371c443b5922ec20764092990e 1177376 kernel optional linux_5.4.6-1.debian.tar.xz fbd566bf864cd7b4c558f249b7b71bfc 48791 kernel optional linux_5.4.6-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAl4HZ6sACgkQ57/I7JWG EQm5VA//WJEINLhd1WV/4iAFuUTsc5qJpYT5zyJe1QBUqtq8X3jw+sjF6HB5rkwj /9K3bBcGlNQT5+Hs9hGkYI2PcjlXzci40nwYL/tBfgxSNDWeVgmTe0lCyjjOR0a9 oogm4rRMXCtt1GF+VLG2XQ3tJHjmQcuER08vQrlan58CXPUgL07UkiKeZjvIanMA Vy7a4cPufmYg2CPG6A2+pIDx8qALJAb7jPCBd7CYmIJwmVOoIQaJqv7TV1Xurkl5 0p9mTJBvvnhIYICuRED4mf82M3Ppm8bZKH/Bpnu//9lNi9tuFjPj1KdD/nKuhhHw UzkPH2M55YytuYe1Ph2Q4RafzHQFNKyeO8V01cIbC8fVDfFZdgvCBKV4+WljQxeK ldGHC/q+8KBbJljS/5G0546BBWlF6sySOzqtDz0I1o5rTHSd9KESGppJZRnBpT3o yF+Tv97lF2LBMpCOD/WJpk2Dl9hl0bph38dFZJTRrC4Uqgz/vskaMScvubjkdH1z JccBryzziBf1nbt/Kc+ztXMsMNX8uccYpDw3nbp03S1X132eXwT8bN6TpKYLHX/9 ehHmhyVblxDfdecz19UwKcNQCnJ41Dx61kvsPSi1B+VAzfC/jikrR3uu6tM984/q lYQyIL4JpJ7aNtW2kOHsOJjrDvdx+5C12z3XjO3d8tz/FhuJ9B0= =lO5R -----END PGP SIGNATURE-----
--- End Message ---