Package "linux-aws-5.4"

  linux-aws-5.4 (5.4.0-1048.50~18.04.1) bionic; urgency=medium

  * bionic/linux-aws-5.4: 5.4.0-1048.50~18.04.1 -proposed tracker (LP: #1926966)

  * Focal update: v5.4.106 upstream stable release (LP: #1920246)
    - [Config] aws-5.4: update abi for rc-cec

  [ Ubuntu: 5.4.0-1048.50 ]

  * focal/linux-aws: 5.4.0-1048.50 -proposed tracker (LP: #1926967)
  * Focal update: v5.4.106 upstream stable release (LP: #1920246)
    - [Config] aws: update abi for rc-cec
  * focal/linux: 5.4.0-73.82 -proposed tracker (LP: #1923781)
  * Packaging resync (LP: #1786013)
    - update dkms package versions
  * CIFS DFS entries not accessible with 5.4.0-71.74-generic (LP: #1923670)
    - Revert "cifs: Set CIFS_MOUNT_USE_PREFIX_PATH flag on setting
      cifs_sb->prepath."
  * CVE-2021-29650
    - Revert "netfilter: x_tables: Update remaining dereference to RCU"
    - Revert "netfilter: x_tables: Switch synchronization to RCU"
    - netfilter: x_tables: Use correct memory barriers.
  * LRMv4: switch to signing nvidia modules via the Ubuntu Modules signing key
    (LP: #1918134)
    - [Packaging] dkms-build{,--nvidia-N} sync back from LRMv4
  * 5.4 kernel: when iommu is on crashdump fails (LP: #1922738)
    - iommu/vt-d: Refactor find_domain() helper
    - iommu/vt-d: Add attach_deferred() helper
    - iommu/vt-d: Move deferred device attachment into helper function
    - iommu/vt-d: Do deferred attachment in iommu_need_mapping()
    - iommu/vt-d: Remove deferred_attach_domain()
    - iommu/vt-d: Simplify check in identity_mapping()
  * Backport mlx5e fix for tunnel offload (LP: #1921769)
    - net/mlx5e: Check tunnel offload is required before setting SWP
  * Bcache bypasse writeback on caching device with fragmentation (LP: #1900438)
    - bcache: consider the fragmentation when update the writeback rate
  * Fix implicit declaration warnings for kselftests/memfd test on newer
    releases (LP: #1910323)
    - selftests/memfd: Fix implicit declaration warnings
  * net/mlx5e: Add missing capability check for uplink follow (LP: #1921104)
    - net/mlx5e: Add missing capability check for uplink follow
  * [UBUNUT 21.04] s390/vtime: fix increased steal time accounting
    (LP: #1921498)
    - s390/vtime: fix increased steal time accounting
  * Mute/Mic-mute LEDs are not work on HP 850/840/440 G8 Laptops (LP: #1920030)
    - ALSA: hda/realtek: fix mute/micmute LEDs for HP 840 G8
    - ALSA: hda/realtek: fix mute/micmute LEDs for HP 440 G8
    - ALSA: hda/realtek: fix mute/micmute LEDs for HP 850 G8
  * Focal update: v5.4.106 upstream stable release (LP: #1920246)
    - uapi: nfnetlink_cthelper.h: fix userspace compilation error
    - powerpc/pseries: Don't enforce MSI affinity with kdump
    - ath9k: fix transmitting to stations in dynamic SMPS mode
    - net: Fix gro aggregation for udp encaps with zero csum
    - net: check if protocol extracted by virtio_net_hdr_set_proto is correct
    - net: avoid infinite loop in mpls_gso_segment when mpls_hlen == 0
    - sh_eth: fix TRSCER mask for SH771x
    - can: skb: can_skb_set_owner(): fix ref counting if socket was closed before
      setting skb ownership
    - can: flexcan: assert FRZ bit in flexcan_chip_freeze()
    - can: flexcan: enable RX FIFO after FRZ/HALT valid
    - can: flexcan: invoke flexcan_chip_freeze() to enter freeze mode
    - can: tcan4x5x: tcan4x5x_init(): fix initialization - clear MRAM before
      entering Normal Mode
    - tcp: add sanity tests to TCP_QUEUE_SEQ
    - netfilter: nf_nat: undo erroneous tcp edemux lookup
    - netfilter: x_tables: gpf inside xt_find_revision()
    - selftests/bpf: No need to drop the packet when there is no geneve opt
    - selftests/bpf: Mask bpf_csum_diff() return value to 16 bits in test_verifier
    - samples, bpf: Add missing munmap in xdpsock
    - ibmvnic: always store valid MAC address
    - mt76: dma: do not report truncated frames to mac80211
    - powerpc/603: Fix protection of user pages mapped with PROT_NONE
    - mount: fix mounting of detached mounts onto targets that reside on shared
      mounts
    - cifs: return proper error code in statfs(2)
    - Revert "mm, slub: consider rest of partial list if acquire_slab() fails"
    - net: enetc: don't overwrite the RSS indirection table when initializing
    - net/mlx4_en: update moderation when config reset
    - net: stmmac: fix incorrect DMA channel intr enable setting of EQoS v4.10
    - nexthop: Do not flush blackhole nexthops when loopback goes down
    - net: sched: avoid duplicates in classes dump
    - net: usb: qmi_wwan: allow qmimux add/del with master up
    - netdevsim: init u64 stats for 32bit hardware
    - cipso,calipso: resolve a number of problems with the DOI refcounts
    - net: lapbether: Remove netif_start_queue / netif_stop_queue
    - net: davicom: Fix regulator not turned off on failed probe
    - net: davicom: Fix regulator not turned off on driver removal
    - net: qrtr: fix error return code of qrtr_sendmsg()
    - ixgbe: fail to create xfrm offload of IPsec tunnel mode SA
    - net: stmmac: stop each tx channel independently
    - net: stmmac: fix watchdog timeout during suspend/resume stress test
    - selftests: forwarding: Fix race condition in mirror installation
    - perf traceevent: Ensure read cmdlines are null terminated.
    - net: hns3: fix query vlan mask value error for flow director
    - net: hns3: fix bug when calculating the TCAM table info
    - s390/cio: return -EFAULT if copy_to_user() fails again
    - bnxt_en: reliably allocate IRQ table on reset to avoid crash
    - drm/compat: Clear bounce structures
    - drm/shmem-helper: Check for purged buffers in fault handler
    - drm/shmem-helper: Don't remove the offset in vm_area_struct pgoff
    - drm: meson_drv add shutdown function
    - s390/cio: return -EFAULT if copy_to_user() fails
    - s390/crypto: return -EFAULT if copy_to_user() fails
    - qxl: Fix uninitialised struct field head.surface_id
    - sh_eth: fix TRSCER mask for R7S9210
    -

  linux-aws-5.4 (5.4.0-1047.49~18.04.1) bionic; urgency=medium

  * bionic/linux-aws-5.4: 5.4.0-1047.49~18.04.1 -proposed tracker (LP: #1926526)

  [ Ubuntu: 5.4.0-1047.49 ]

  * focal/linux-aws: 5.4.0-1047.49 -proposed tracker (LP: #1926522)
  * locking/qrwlock: Fix ordering in queued_write_lock_slowpath() (LP: #1926184)
    - locking/qrwlock: Fix ordering in queued_write_lock_slowpath()

 -- Kelsey Skunberg <email address hidden> Wed, 28 Apr 2021 16:45:11 -0600

  linux-aws-5.4 (5.4.0-1045.47~18.04.1) bionic; urgency=medium

  [ Ubuntu: 5.4.0-1045.47 ]

  * overlayfs calls vfs_setxattr without cap_convert_nscap
    - vfs: move cap_convert_nscap() call into vfs_setxattr()
  * CVE-2021-3492
    - SAUCE: shiftfs: free allocated memory in shiftfs_btrfs_ioctl_fd_replace()
      error paths
    - SAUCE: shiftfs: handle copy_to_user() return values correctly
  * CVE-2021-29154
    - SAUCE: bpf, x86: Validate computation of branch displacements for x86-64
    - SAUCE: bpf, x86: Validate computation of branch displacements for x86-32

 -- Kleber Sacilotto de Souza <email address hidden> Tue, 13 Apr 2021 17:03:54 +0200

  linux-aws-5.4 (5.4.0-1043.45~18.04.1) bionic; urgency=medium

  * bionic/linux-aws-5.4: 5.4.0-1043.45~18.04.1 -proposed tracker (LP: #1923250)

  [ Ubuntu: 5.4.0-1043.45 ]

  * focal/linux-aws: 5.4.0-1043.45 -proposed tracker (LP: #1923247)
  * linux-aws 5.4.0-1042.44 has incorrect DKMS versions (LP: #1923245)
    - [Packaging] Fix incorrect DKMS versions

  linux-aws-5.4 (5.4.0-1041.43~18.04.1) bionic; urgency=medium

  [ Ubuntu: 5.4.0-1041.43 ]

  * CVE-2020-27170
    - bpf: Fix off-by-one for area size in creating mask to left
  * CVE-2020-27171
    - bpf: Prohibit alu ops for pointer types not defining ptr_limit
  * binary assembly failures with CONFIG_MODVERSIONS present (LP: #1919315)
    - [Packaging] quiet (nomially) benign errors in BUILD script

  [ Ubuntu: 5.4.0-1040.42 ]

  * binary assembly failures with CONFIG_MODVERSIONS present (LP: #1919315)
    - [Packaging] quiet (nomially) benign errors in BUILD script
  * CVE-2021-3444
    - bpf: Fix 32 bit src register truncation on div/mod
    - bpf: Fix truncation handling for mod32 dst reg wrt zero
  * CVE-2021-27365
    - scsi: iscsi: Verify lengths on passthrough PDUs
    - sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output
    - scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE
  * CVE-2021-27363 // CVE-2021-27364
    - scsi: iscsi: Restrict sessions and handles to admin capabilities

 -- Thadeu Lima de Souza Cascardo <email address hidden> Sat, 20 Mar 2021 11:54:04 -0300