This bug was fixed in the package linux - 4.13.0-45.50
---------------
linux (4.13.0-45.50) artful; urgency=medium
* linux: 4.13.0-45.50 -proposed tracker (LP: #1774124)
* CVE-2018-3639 (x86)
- SAUCE: Set generic SSBD feature for Intel cpus
linux (4.13.0-44.49) artful; urgency=medium
* linux: 4.13.0-44.49 -proposed tracker (LP: #1772951)
* CVE-2018-3639 (x86)
- x86/cpu: Make alternative_msr_write work for 32-bit code
- x86/cpu/AMD: Fix erratum 1076 (CPB bit)
- x86/bugs: Fix the parameters alignment and missing void
- KVM: SVM: Move spec control call after restore of GS
- x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP
- x86/cpufeatures: Disentangle MSR_SPEC_CTRL enumeration from IBRS
- x86/cpufeatures: Disentangle SSBD enumeration
- x86/cpufeatures: Add FEATURE_ZEN
- x86/speculation: Handle HT correctly on AMD
- x86/bugs, KVM: Extend speculation control for VIRT_SPEC_CTRL
- x86/speculation: Add virtualized speculative store bypass disable support
- x86/speculation: Rework speculative_store_bypass_update()
- x86/bugs: Unify x86_spec_ctrl_{set_guest,restore_host}
- x86/bugs: Expose x86_spec_ctrl_base directly
- x86/bugs: Remove x86_spec_ctrl_set()
- x86/bugs: Rework spec_ctrl base and mask logic
- x86/speculation, KVM: Implement support for VIRT_SPEC_CTRL/LS_CFG
- KVM: SVM: Implement VIRT_SPEC_CTRL support for SSBD
- x86/bugs: Rename SSBD_NO to SSB_NO
- KVM: VMX: Expose SSBD properly to guests.
* [Ubuntu 16.04] kernel: fix rwlock implementation (LP: #1761674)
- SAUCE: (no-up) s390: fix rwlock implementation
* CVE-2018-7492
- rds: Fix NULL pointer dereference in __rds_rdma_map
* CVE-2018-8781
- drm: udl: Properly check framebuffer mmap offsets
* fsnotify: Fix fsnotify_mark_connector race (LP: #1765564)
- fsnotify: Fix fsnotify_mark_connector race
* Kernel panic on boot (m1.small in cn-north-1) (LP: #1771679)
- x86/xen: Reset VCPU0 info pointer after shared_info remap
* Suspend to idle: Open lid didn't resume (LP: #1771542)
- ACPI / PM: Do not reconfigure GPEs for suspend-to-idle
* CVE-2018-1092
- ext4: fail ext4_iget for root directory if unallocated
* [SRU][Artful] using vfio-pci on a combination of cn8xxx and some PCI devices
results in a kernel panic. (LP: #1770254)
- PCI: Avoid bus reset if bridge itself is broken
- PCI: Mark Cavium CN8xxx to avoid bus reset
- PCI: Avoid slot reset if bridge itself is broken
* Battery drains when laptop is off (shutdown) (LP: #1745646)
- PCI / PM: Check device_may_wakeup() in pci_enable_wake()
* perf record crash: refcount_inc assertion failed (LP: #1769027)
- perf cgroup: Fix refcount usage
- perf xyarray: Fix wrong processing when closing evsel fd
* Dell Latitude 5490/5590 BIOS update 1.1.9 causes black screen at boot
(LP: #1764194)
- drm/i915/bios: filter out invalid DDC pins from VBT child devices
* Fix an issue that some PCI devices get incorrectly suspended (LP: #1764684)
- PCI / PM: Always check PME wakeup capability for runtime wakeup support
* [SRU][Bionic/Artful] fix false positives in W+X checking (LP: #1769696)
- init: fix false positives in W+X checking
* CVE-2018-1068
- netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets
* CVE-2018-8087
- mac80211_hwsim: fix possible memory leak in hwsim_new_radio_nl()
* Integrated Webcam Realtek Integrated_Webcam_HD (0bda:58f4) not working in
DELL XPS 13 9370 with firmware 1.50 (LP: #1763748)
- SAUCE: media: uvcvideo: Support realtek's UVC 1.5 device
* unregister_netdevice: waiting for eth0 to become free. Usage count = 5
(LP: #1746474)
- ipv4: convert dst_metrics.refcnt from atomic_t to refcount_t
- xfrm: reuse uncached_list to track xdsts
* Acer Swift sf314-52 power button not managed (LP: #1766054)
- SAUCE: platform/x86: acer-wmi: add another KEY_POWER keycode
* set PINCFG_HEADSET_MIC to parse_flags for Dell precision 3630 (LP: #1766398)
- ALSA: hda/realtek - set PINCFG_HEADSET_MIC to parse_flags
* Change the location for one of two front mics on a lenovo thinkcentre
machine (LP: #1766477)
- ALSA: hda/realtek - adjust the location of one mic
-- Stefan Bader <stefan.ba...@canonical.com> Mon, 28 May 2018 16:10:36
+0200
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1761674
Title:
[Ubuntu 16.04] kernel: fix rwlock implementation
Status in Ubuntu on IBM z Systems:
Fix Committed
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Xenial:
Fix Released
Status in linux source package in Artful:
Fix Released
Status in linux source package in Bionic:
Fix Released
Bug description:
== SRU Justification ==
IBM reported this bug due to a regression introduced by mainline commit
94232a4332de. IBM has requested this SAUCE backport to resolve this
regression in Artful and Xenial.
With Bionic and v4.15, the rwlock code has been rewritten. See upstream
gitcommit:
eb3b7b848fb3 ("s390/rwlock: introduce rwlock wait queueing").
Since the upstream code has been rewritten there also won't be an upstream
git commit id available which contains the attached fix.
== Fix ==
UBUNTU: SAUCE: (no-up) s390: fix rwlock implementation
== Regression Potential ==
Low. The backport was written and tested by IBM. It is specific to s390.
== Test Case ==
A test kernel was built with this patch and tested by the original bug
reporter.
The bug reporter states the test kernel resolved the bug.
Description: kernel: fix rwlock implementation
Symptom: Kernel hangs, due to deadlock on an rwlock.
Problem: With upstream commit 94232a4332de ("s390/rwlock: improve writer
fairness") rwlock writer fairness was supposed to be
implemented. If a writer tries to take an rwlock it sets
unconditionally the writer bit within the lock word and waits
until all readers have released the lock. This however can lead
to a deadlock since rwlocks can be taken recursively by readers.
If e.g. CPU 0 holds the lock as a reader, and CPU 1 wants to
write-lock the lock, then CPU 1 sets the writer bit and
afterwards busy waits for CPU 0 to release the lock. If now CPU 0
tries to read-lock the lock again (recursively) it will also
busy
wait until CPU 1 removes the writer bit, which will never
happen,
since it waits for the first reader on CPU 0 to release the
lock.
Solution: Revert the rwlock writer fairness semantics again.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/1761674/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
