ELSA-2020-5996

Описание

[5.4.17-2036.101.2uek]

• vt: Disable KD_FONT_OP_COPY (Daniel Vetter) [Orabug: 32187738] {CVE-2020-28974}
• page_frag: Recover from memory pressure (Dongli Zhang) [Orabug: 32177966]
• Fonts: Support FONT_EXTRA_WORDS macros for built-in fonts (Peilin Ye) [Orabug: 32176254] {CVE-2020-28915}
• fbdev, newport_con: Move FONT_EXTRA_WORDS macros into linux/font.h (Peilin Ye) [Orabug: 32176254] {CVE-2020-28915}
• ocfs2: initialize ip_next_orphan (Wengang Wang) [Orabug: 32159053]
• net/rds: rds_ib_remove_one() accesses freed memory (Ka-Cheong Poon) [Orabug: 32213896]
• hv_netvsc: make recording RSS hash depend on feature flag (Stephen Hemminger) [Orabug: 32159973]
• hv_netvsc: record hardware hash in skb (Stephen Hemminger) [Orabug: 32159973]
• RDMA/umem: Move to allocate SG table from pages (Maor Gottlieb) [Orabug: 32005752]
• lib/scatterlist: Add support in dynamic allocation of SG table from pages (Maor Gottlieb) [Orabug: 32005752]
• arm64:uek/config: Enable ZONE_DMA config (Vijay Kumar) [Orabug: 31970521]
• Revert 'arm64/dts: Serial console fix for RPi4' (Vijay Kumar) [Orabug: 31970521]
• uek-rpm: aarch64: enable CONFIG_ACPI_APEI_EINJ (Dave Kleikamp) [Orabug: 32182237]
• NFSD: fix missing refcount in nfsd4_copy by nfsd4_do_async_copy (Dai Ngo) [Orabug: 32177992]
• NFSD: Fix use-after-free warning when doing inter-server copy (Dai Ngo) [Orabug: 32177992]
• xen/events: block rogue events for some time (Juergen Gross) [Orabug: 32177535] {CVE-2020-27673}
• xen/events: defer eoi in case of excessive number of events (Juergen Gross) [Orabug: 32177535] {CVE-2020-27673}
• xen/events: use a common cpu hotplug hook for event channels (Juergen Gross) [Orabug: 32177535] {CVE-2020-27673}
• xen/events: switch user event channels to lateeoi model (Juergen Gross) [Orabug: 32177535] {CVE-2020-27673}
• xen/pciback: use lateeoi irq binding (Juergen Gross) [Orabug: 32177535] {CVE-2020-27673}
• xen/pvcallsback: use lateeoi irq binding (Juergen Gross) [Orabug: 32177535] {CVE-2020-27673}
• xen/scsiback: use lateeoi irq binding (Juergen Gross) [Orabug: 32177535] {CVE-2020-27673}
• xen/netback: use lateeoi irq binding (Juergen Gross) [Orabug: 32177535] {CVE-2020-27673}
• xen/blkback: use lateeoi irq binding (Juergen Gross) [Orabug: 32177535] {CVE-2020-27673}
• xen/events: add a new 'late EOI' evtchn framework (Juergen Gross) [Orabug: 32177535] {CVE-2020-27673}
• xen/events: fix race in evtchn_fifo_unmask() (Juergen Gross) [Orabug: 32177535] {CVE-2020-27673}
• xen/events: add a proper barrier to 2-level uevent unmasking (Juergen Gross) [Orabug: 32177535] {CVE-2020-27673}
• xen/events: avoid removing an event channel while handling it (Juergen Gross) [Orabug: 32177543]

[5.4.17-2036.101.1uek]

• uek-rpm: Enable Intel Speed Select Technology interface support (Somasundaram Krishnasamy) [Orabug: 32161425]
• platform/x86: ISST: Increase timeout (Srinivas Pandruvada) [Orabug: 32161425]
• platform/x86: ISST: Fix wrong unregister type (Srinivas Pandruvada) [Orabug: 32161425]
• platform/x86: ISST: Allow additional core-power mailbox commands (Srinivas Pandruvada) [Orabug: 32161425]
• IB/mlx4: Convert rej_tmout radix-tree to XArray (Hakon Bugge) [Orabug: 32136895]
• IB/mlx4: Adjust delayed work when a dup is observed (Hakon Bugge) [Orabug: 32136895]
• IB/mlx4: Add support for REJ due to timeout (Hakon Bugge) [Orabug: 32136895]
• IB/mlx4: Fix starvation in paravirt mux/demux (Hakon Bugge) [Orabug: 32136895]
• IB/mlx4: Separate tunnel and wire bufs parameters (Hakon Bugge) [Orabug: 32136895]
• IB/mlx4: Add support for MRA (Hakon Bugge) [Orabug: 32136895]
• IB/mlx4: Add and improve logging (Hakon Bugge) [Orabug: 32136895]
• perf/core: Fix a memory leak in perf_event_parse_addr_filter() (kiyin) [Orabug: 32131172] {CVE-2020-25704}
• vt: keyboard, extend func_buf_lock to readers (Jiri Slaby) [Orabug: 32122948] {CVE-2020-25656} {CVE-2020-25656}
• vt: keyboard, simplify vt_kdgkbsent (Jiri Slaby) [Orabug: 32122948] {CVE-2020-25656}
• tty: make FONTX ioctl use the tty pointer they were actually passed (Linus Torvalds) [Orabug: 32122725] {CVE-2020-25668}
• NFSv4.2: Fix NFS4ERR_STALE error when doing inter server copy (Dai Ngo) [Orabug: 31879682]

[5.4.17-2036.101.0uek]

• hv_utils: drain the timesync packets on onchannelcallback (Vineeth Pillai) [Orabug: 32152142]
• hv_utils: return error if host timesysnc update is stale (Vineeth Pillai) [Orabug: 32152142]
• x86/cpu/intel: enable X86_FEATURE_NT_GOOD on Intel Icelakex (Ankur Arora) [Orabug: 32143850]
• x86/cpu/amd: enable X86_FEATURE_NT_GOOD on AMD Zen (Ankur Arora) [Orabug: 32143850]
• x86/cpu/intel: enable X86_FEATURE_NT_GOOD on Intel Broadwellx (Ankur Arora) [Orabug: 32143850]
• mm, clear_huge_page: use clear_page_uncached() for gigantic pages (Ankur Arora) [Orabug: 32143850]
• x86/clear_page: add clear_page_uncached() (Ankur Arora) [Orabug: 32143850]
• x86/asm: add clear_page_nt() (Ankur Arora) [Orabug: 32143850]
• perf bench: add memset_movnti() (Ankur Arora) [Orabug: 32143850]
• x86/asm: add memset_movnti() (Ankur Arora) [Orabug: 32143850]
• x86/cpuid: add X86_FEATURE_NT_GOOD (Ankur Arora) [Orabug: 32143850]
• kernel: add panic_on_taint (Rafael Aquini) [Orabug: 32137996]
• cifs: handle empty list of targets in cifs_reconnect() (Paulo Alcantara) [Orabug: 32124750]
• cifs: get rid of unused parameter in reconn_setup_dfs_targets() (Paulo Alcantara) [Orabug: 32124750]
• rds/ib: Fix: (rds: Deregister all FRWR mr with free_mr) (Manjunath Patil) [Orabug: 32113472]
• net/rds: Force ARP flush upon RDMA_CM_EVENT_ADDR_CHANGE (Gerd Rausch) [Orabug: 32095959]
• uek-rpm: aarch64: increase CONFIG_NODES_SHIFT from 3 to 6 (Dave Kleikamp) [Orabug: 32075923]
• rds: Restore MR use-once semantics (Hakon Bugge) [Orabug: 31990092] [Orabug: 32072247]
• rds: Fix incorrect cmsg status and use-after-free (Hakon Bugge) [Orabug: 32003078] [Orabug: 32072245]
• rds: Force ordering of {set,clear}_bit operating on m_flags (Hakon Bugge) [Orabug: 31505749] [Orabug: 32072228]
• rds: Do not send canceled operations to the transport layer (Hakon Bugge) [Orabug: 31505749] [Orabug: 32072228]
• rds: Introduce rds_conn_to_path helper (Hakon Bugge) [Orabug: 31505749] [Orabug: 32072228]
• Revert 'RDS: Drop the connection as part of cancel to avoid hangs' (Hakon Bugge) [Orabug: 31505749] [Orabug: 32072228]
• Revert 'rds: fix warning in rds_send_drop_to()' (Hakon Bugge) [Orabug: 31505749] [Orabug: 32072228]
• Revert 'rds: Use correct conn when dropping connections due to cancel' (Hakon Bugge) [Orabug: 31505749] [Orabug: 32072228]
• Revert 'rds: prevent use-after-free of rds conn in rds_send_drop_to()' (Hakon Bugge) [Orabug: 31505749] [Orabug: 32072228]
• Revert 'rds: Use bitmap to designate dropped connections' (Hakon Bugge) [Orabug: 31505749] [Orabug: 32072228]
• Revert 'UEK6 compiler warning for /net/rds/send.c' (Hakon Bugge) [Orabug: 31505749] [Orabug: 32072228]
• x86/mce/therm_throt: Undo thermal polling properly on CPU offline (Thomas Gleixner) [Orabug: 32048971]
• x86/mce/therm_throt: Do not access uninitialized therm_work (Chuansheng Liu) [Orabug: 32048971]
• x86/mce/therm_throt: Mark throttle_active_work() as __maybe_unused (Arnd Bergmann) [Orabug: 32048971]
• x86/mce/therm_throt: Mask out read-only and reserved MSR bits (Srinivas Pandruvada) [Orabug: 32048971]
• x86/mce/therm_throt: Optimize notifications of thermal throttle (Srinivas Pandruvada) [Orabug: 32048971]
• ocfs2: fix remounting needed after setfacl command (Gang He) [Orabug: 32042684]
• IB/mlx4: disable CQ time stamping (aru kolappan) [Orabug: 32042517]
• net/rds: Refactor sendmsg ancillary data processing (Ka-Cheong Poon) [Orabug: 32027845]
• Bluetooth: A2MP: Fix not initializing all members (Luiz Augusto von Dentz) [Orabug: 32021285] {CVE-2020-12352}
• ima: Use ima_hash_algo for collision detection in the measurement list (Roberto Sassu) [Orabug: 31973040]
• ima: Calculate and extend PCR with digests in ima_template_entry (Roberto Sassu) [Orabug: 31973040]
• ima: Allocate and initialize tfm for each PCR bank (Roberto Sassu) [Orabug: 31973040]
• ima: Switch to dynamically allocated buffer for template digests (Roberto Sassu) [Orabug: 31973040]
• ima: Store template digest directly in ima_template_entry (Roberto Sassu) [Orabug: 31973040]
• scsi: lpfc: Fix initial FLOGI failure due to BBSCN not supported (James Smart) [Orabug: 31598148]
• net/rds: Check for NULL rds_ibdev in rds_ib_rx() only if rds_ib_srq_enabled (Sharath Srinivasan) [Orabug: 32113840]
• A/A Bonding: Increase number and interval of GARPs sent by rdmaip (Sharath Srinivasan) [Orabug: 32095766]
• powercap: restrict energy meter to root access (Kanth Ghatraju) [Orabug: 32040802] {CVE-2020-8694} {CVE-2020-8695}