Public bug reported:
SRU Justification
Impact:
The upstream process for stable tree updates is quite similar
in scope to the Ubuntu SRU process, e.g., each patch has to
demonstrably fix a bug, and each patch is vetted by upstream
by originating either directly from a mainline/stable Linux tree or
a minimally backported form of that patch. The following upstream
stable patches should be included in the Ubuntu kernel:
v5.15.145 upstream stable release
from git://git.kernel.org/
ksmbd: use ksmbd_req_buf_next() in ksmbd_verify_smb_message()
ksmdb: use cmd helper variable in smb2_get_ksmbd_tcon()
ksmbd: Remove redundant 'flush_workqueue()' calls
ksmbd: remove md4 leftovers
ksmbd: remove smb2_buf_length in smb2_hdr
ksmbd: remove smb2_buf_length in smb2_transform_hdr
ksmbd: change LeaseKey data type to u8 array
ksmbd: use oid registry functions to decode OIDs
ksmbd: Remove unused parameter from smb2_get_name()
ksmbd: Remove unused fields from ksmbd_file struct definition
ksmbd: set both ipv4 and ipv6 in FSCTL_QUERY_NETWORK_INTERFACE_INFO
ksmbd: Fix buffer_check_err() kernel-doc comment
ksmbd: Fix smb2_set_info_file() kernel-doc comment
ksmbd: Delete an invalid argument description in smb2_populate_readdir_entry()
ksmbd: Fix smb2_get_name() kernel-doc comment
ksmbd: register ksmbd ib client with ib_register_client()
ksmbd: set 445 port to smbdirect port by default
ksmbd: smbd: call rdma_accept() under CM handler
ksmbd: smbd: create MR pool
ksmbd: smbd: change the default maximum read/write, receive size
ksmbd: smbd: fix missing client's memory region invalidation
ksmbd: smbd: validate buffer descriptor structures
ksmbd: add support for key exchange
ksmbd: use netif_is_bridge_port
ksmbd: store fids as opaque u64 integers
ksmbd: shorten experimental warning on loading the module
ksmbd: Remove a redundant zeroing of memory
ksmbd: replace usage of found with dedicated list iterator variable
smb3: fix ksmbd bigendian bug in oplock break, and move its struct to
smbfs_common
ksmbd: remove filename in ksmbd_file
ksmbd: smbd: change prototypes of RDMA read/write related functions
ksmbd: smbd: introduce read/write credits for RDMA read/write
ksmbd: smbd: simplify tracking pending packets
ksmbd: smbd: change the return value of get_sg_list
ksmbd: smbd: handle multiple Buffer descriptors
ksmbd: fix wrong smbd max read/write size check
ksmbd: Fix some kernel-doc comments
ksmbd: smbd: fix connection dropped issue
ksmbd: smbd: relax the count of sges required
ksmbd: smbd: Remove useless license text when SPDX-License-Identifier is
already used
ksmbd: remove duplicate flag set in smb2_write
ksmbd: remove unused ksmbd_share_configs_cleanup function
ksmbd: use wait_event instead of schedule_timeout()
ksmbd: request update to stale share config
ksmbd: remove unnecessary generic_fillattr in smb2_open
ksmbd: don't open-code file_path()
ksmbd: don't open-code %pD
ksmbd: constify struct path
ksmbd: remove generic_fillattr use in smb2_open()
ksmbd: casefold utf-8 share names and fix ascii lowercase conversion
ksmbd: change security id to the one samba used for posix extension
ksmbd: set file permission mode to match Samba server posix extension behavior
ksmbd: fill sids in SMB_FIND_FILE_POSIX_INFO response
ksmbd: fix encryption failure issue for session logoff response
ksmbd: set NTLMSSP_NEGOTIATE_SEAL flag to challenge blob
ksmbd: decrease the number of SMB3 smbdirect server SGEs
ksmbd: reduce server smbdirect max send/receive segment sizes
ksmbd: hide socket error message when ipv6 config is disable
ksmbd: make utf-8 file name comparison work in __caseless_lookup()
ksmbd: call ib_drain_qp when disconnected
ksmbd: validate share name from share config response
ksmbd: replace one-element arrays with flexible-array members
ksmbd: set SMB2_SESSION_FLAG_ENCRYPT_DATA when enforcing data encryption for
this share
ksmbd: use F_SETLK when unlocking a file
ksmbd: Fix resource leak in smb2_lock()
ksmbd: Convert to use sysfs_emit()/sysfs_emit_at() APIs
ksmbd: send proper error response in smb2_tree_connect()
ksmbd: Implements sess->rpc_handle_list as xarray
ksmbd: fix typo, syncronous->synchronous
ksmbd: Remove duplicated codes
ksmbd: update Kconfig to note Kerberos support and fix indentation
ksmbd: Fix spelling mistake "excceed" -> "exceeded"
ksmbd: Fix parameter name and comment mismatch
ksmbd: fix possible memory leak in smb2_lock()
ksmbd: fix wrong signingkey creation when encryption is AES256
ksmbd: remove unused is_char_allowed function
ksmbd: delete asynchronous work from list
ksmbd: fix slab-out-of-bounds in init_smb2_rsp_hdr
ksmbd: avoid out of bounds access in decode_preauth_ctxt()
ksmbd: set NegotiateContextCount once instead of every inc
ksmbd: avoid duplicate negotiate ctx offset increments
ksmbd: remove unused compression negotiate ctx packing
fs: introduce lock_rename_child() helper
ksmbd: fix racy issue from using ->d_parent and ->d_name
ksmbd: destroy expired sessions
ksmbd: block asynchronous requests when making a delay on session setup
ksmbd: fix racy issue from smb2 close and logoff with multichannel
ksmbd: fix racy issue under cocurrent smb2 tree disconnect
ksmbd: fix uninitialized pointer read in ksmbd_vfs_rename()
ksmbd: fix uninitialized pointer read in smb2_create_link()
ksmbd: fix multiple out-of-bounds read during context decoding
ksmbd: fix UAF issue from opinfo->conn
ksmbd: call putname after using the last component
ksmbd: fix out-of-bound read in deassemble_neg_contexts()
ksmbd: fix out-of-bound read in parse_lease_state()
ksmbd: fix posix_acls and acls dereferencing possible ERR_PTR()
ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
ksmbd: validate smb request protocol id
ksmbd: add mnt_want_write to ksmbd vfs functions
ksmbd: remove unused ksmbd_tree_conn_share function
ksmbd: use kzalloc() instead of __GFP_ZERO
ksmbd: return a literal instead of 'err' in ksmbd_vfs_kern_path_locked()
ksmbd: Change the return value of ksmbd_vfs_query_maximal_access to void
ksmbd: use kvzalloc instead of kvmalloc
ksmbd: Replace the ternary conditional operator with min()
ksmbd: fix out of bounds read in smb2_sess_setup
ksmbd: add missing compound request handing in some commands
ksmbd: Use struct_size() helper in ksmbd_negotiate_smb_dialect()
ksmbd: Replace one-element array with flexible-array member
ksmbd: Fix unsigned expression compared with zero
ksmbd: check if a mount point is crossed during path lookup
ksmbd: validate session id and tree id in compound request
ksmbd: fix out of bounds in init_smb2_rsp_hdr()
ksmbd: switch to use kmemdup_nul() helper
ksmbd: add support for read compound
ksmbd: fix wrong interim response on compound
ksmbd: fix `force create mode' and `force directory mode'
ksmbd: reduce descriptor size if remaining bytes is less than request size
ksmbd: Fix one kernel-doc comment
ksmbd: fix slub overflow in ksmbd_decode_ntlmssp_auth_blob()
ksmbd: add missing calling smb2_set_err_rsp() on error
ksmbd: remove experimental warning
ksmbd: remove unneeded mark_inode_dirty in set_info_sec()
ksmbd: fix passing freed memory 'aux_payload_buf'
ksmbd: return invalid parameter error response if smb2 request is invalid
ksmbd: check iov vector index in ksmbd_conn_write()
ksmbd: fix race condition between session lookup and expire
ksmbd: fix race condition with fp
ksmbd: fix race condition from parallel smb2 logoff requests
ksmbd: fix race condition from parallel smb2 lock requests
ksmbd: fix race condition between tree conn lookup and disconnect
ksmbd: fix wrong error response status by using set_smb2_rsp_status()
ksmbd: fix Null pointer dereferences in ksmbd_update_fstate()
ksmbd: fix potential double free on smb2_read_pipe() error path
ksmbd: Remove unused field in ksmbd_user struct
ksmbd: reorganize ksmbd_iov_pin_rsp()
ksmbd: fix kernel-doc comment of ksmbd_vfs_setxattr()
ksmbd: fix recursive locking in vfs helpers
ksmbd: fix missing RDMA-capable flag for IPoIB device in
ksmbd_rdma_capable_netdev()
ksmbd: add support for surrogate pair conversion
ksmbd: no need to wait for binded connection termination at logoff
ksmbd: fix kernel-doc comment of ksmbd_vfs_kern_path_locked()
ksmbd: handle malformed smb1 message
ksmbd: prevent memory leak on error return
ksmbd: fix possible deadlock in smb2_open
ksmbd: separately allocate ci per dentry
ksmbd: move oplock handling after unlock parent dir
ksmbd: release interim response after sending status pending response
ksmbd: move setting SMB2_FLAGS_ASYNC_COMMAND and AsyncId
ksmbd: don't update ->op_state as OPLOCK_STATE_NONE on error
tracing/kprobes: Return EADDRNOTAVAIL when func matches several symbols
kasan: disable kasan_non_canonical_hook() for HW tags
Linux 5.15.145
UBUNTU: Upstream stable to v5.15.145
** Affects: linux (Ubuntu)
Importance: Undecided
Status: Invalid
** Affects: linux (Ubuntu Jammy)
Importance: Medium
Assignee: Portia Stephens (portias)
Status: In Progress
** Tags: kernel-stable-tracking-bug
** Changed in: linux (Ubuntu)
Status: New => Confirmed
** Tags added: kernel-stable-tracking-bug
** Also affects: linux (Ubuntu Jammy)
Importance: Undecided
Status: New
** Changed in: linux (Ubuntu)
Status: Confirmed => Invalid
** Changed in: linux (Ubuntu Jammy)
Importance: Undecided => Medium
** Changed in: linux (Ubuntu Jammy)
Status: New => In Progress
** Changed in: linux (Ubuntu Jammy)
Assignee: (unassigned) => Portia Stephens (portias)
** Description changed:
SRU Justification
Impact:
The upstream process for stable tree updates is quite similar
in scope to the Ubuntu SRU process, e.g., each patch has to
demonstrably fix a bug, and each patch is vetted by upstream
by originating either directly from a mainline/stable Linux tree or
a minimally backported form of that patch. The following upstream
stable patches should be included in the Ubuntu kernel:
v5.15.145 upstream stable release
from git://git.kernel.org/
-
+ ksmbd: use ksmbd_req_buf_next() in ksmbd_verify_smb_message()
+ ksmdb: use cmd helper variable in smb2_get_ksmbd_tcon()
+ ksmbd: Remove redundant 'flush_workqueue()' calls
+ ksmbd: remove md4 leftovers
+ ksmbd: remove smb2_buf_length in smb2_hdr
+ ksmbd: remove smb2_buf_length in smb2_transform_hdr
+ ksmbd: change LeaseKey data type to u8 array
+ ksmbd: use oid registry functions to decode OIDs
+ ksmbd: Remove unused parameter from smb2_get_name()
+ ksmbd: Remove unused fields from ksmbd_file struct definition
+ ksmbd: set both ipv4 and ipv6 in FSCTL_QUERY_NETWORK_INTERFACE_INFO
+ ksmbd: Fix buffer_check_err() kernel-doc comment
+ ksmbd: Fix smb2_set_info_file() kernel-doc comment
+ ksmbd: Delete an invalid argument description in smb2_populate_readdir_entry()
+ ksmbd: Fix smb2_get_name() kernel-doc comment
+ ksmbd: register ksmbd ib client with ib_register_client()
+ ksmbd: set 445 port to smbdirect port by default
+ ksmbd: smbd: call rdma_accept() under CM handler
+ ksmbd: smbd: create MR pool
+ ksmbd: smbd: change the default maximum read/write, receive size
+ ksmbd: smbd: fix missing client's memory region invalidation
+ ksmbd: smbd: validate buffer descriptor structures
+ ksmbd: add support for key exchange
+ ksmbd: use netif_is_bridge_port
+ ksmbd: store fids as opaque u64 integers
+ ksmbd: shorten experimental warning on loading the module
+ ksmbd: Remove a redundant zeroing of memory
+ ksmbd: replace usage of found with dedicated list iterator variable
+ smb3: fix ksmbd bigendian bug in oplock break, and move its struct to
smbfs_common
+ ksmbd: remove filename in ksmbd_file
+ ksmbd: smbd: change prototypes of RDMA read/write related functions
+ ksmbd: smbd: introduce read/write credits for RDMA read/write
+ ksmbd: smbd: simplify tracking pending packets
+ ksmbd: smbd: change the return value of get_sg_list
+ ksmbd: smbd: handle multiple Buffer descriptors
+ ksmbd: fix wrong smbd max read/write size check
+ ksmbd: Fix some kernel-doc comments
+ ksmbd: smbd: fix connection dropped issue
+ ksmbd: smbd: relax the count of sges required
+ ksmbd: smbd: Remove useless license text when SPDX-License-Identifier is
already used
+ ksmbd: remove duplicate flag set in smb2_write
+ ksmbd: remove unused ksmbd_share_configs_cleanup function
+ ksmbd: use wait_event instead of schedule_timeout()
+ ksmbd: request update to stale share config
+ ksmbd: remove unnecessary generic_fillattr in smb2_open
+ ksmbd: don't open-code file_path()
+ ksmbd: don't open-code %pD
+ ksmbd: constify struct path
+ ksmbd: remove generic_fillattr use in smb2_open()
+ ksmbd: casefold utf-8 share names and fix ascii lowercase conversion
+ ksmbd: change security id to the one samba used for posix extension
+ ksmbd: set file permission mode to match Samba server posix extension behavior
+ ksmbd: fill sids in SMB_FIND_FILE_POSIX_INFO response
+ ksmbd: fix encryption failure issue for session logoff response
+ ksmbd: set NTLMSSP_NEGOTIATE_SEAL flag to challenge blob
+ ksmbd: decrease the number of SMB3 smbdirect server SGEs
+ ksmbd: reduce server smbdirect max send/receive segment sizes
+ ksmbd: hide socket error message when ipv6 config is disable
+ ksmbd: make utf-8 file name comparison work in __caseless_lookup()
+ ksmbd: call ib_drain_qp when disconnected
+ ksmbd: validate share name from share config response
+ ksmbd: replace one-element arrays with flexible-array members
+ ksmbd: set SMB2_SESSION_FLAG_ENCRYPT_DATA when enforcing data encryption for
this share
+ ksmbd: use F_SETLK when unlocking a file
+ ksmbd: Fix resource leak in smb2_lock()
+ ksmbd: Convert to use sysfs_emit()/sysfs_emit_at() APIs
+ ksmbd: send proper error response in smb2_tree_connect()
+ ksmbd: Implements sess->rpc_handle_list as xarray
+ ksmbd: fix typo, syncronous->synchronous
+ ksmbd: Remove duplicated codes
+ ksmbd: update Kconfig to note Kerberos support and fix indentation
+ ksmbd: Fix spelling mistake "excceed" -> "exceeded"
+ ksmbd: Fix parameter name and comment mismatch
+ ksmbd: fix possible memory leak in smb2_lock()
+ ksmbd: fix wrong signingkey creation when encryption is AES256
+ ksmbd: remove unused is_char_allowed function
+ ksmbd: delete asynchronous work from list
+ ksmbd: fix slab-out-of-bounds in init_smb2_rsp_hdr
+ ksmbd: avoid out of bounds access in decode_preauth_ctxt()
+ ksmbd: set NegotiateContextCount once instead of every inc
+ ksmbd: avoid duplicate negotiate ctx offset increments
+ ksmbd: remove unused compression negotiate ctx packing
+ fs: introduce lock_rename_child() helper
+ ksmbd: fix racy issue from using ->d_parent and ->d_name
+ ksmbd: destroy expired sessions
+ ksmbd: block asynchronous requests when making a delay on session setup
+ ksmbd: fix racy issue from smb2 close and logoff with multichannel
+ ksmbd: fix racy issue under cocurrent smb2 tree disconnect
+ ksmbd: fix uninitialized pointer read in ksmbd_vfs_rename()
+ ksmbd: fix uninitialized pointer read in smb2_create_link()
+ ksmbd: fix multiple out-of-bounds read during context decoding
+ ksmbd: fix UAF issue from opinfo->conn
+ ksmbd: call putname after using the last component
+ ksmbd: fix out-of-bound read in deassemble_neg_contexts()
+ ksmbd: fix out-of-bound read in parse_lease_state()
+ ksmbd: fix posix_acls and acls dereferencing possible ERR_PTR()
+ ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
+ ksmbd: validate smb request protocol id
+ ksmbd: add mnt_want_write to ksmbd vfs functions
+ ksmbd: remove unused ksmbd_tree_conn_share function
+ ksmbd: use kzalloc() instead of __GFP_ZERO
+ ksmbd: return a literal instead of 'err' in ksmbd_vfs_kern_path_locked()
+ ksmbd: Change the return value of ksmbd_vfs_query_maximal_access to void
+ ksmbd: use kvzalloc instead of kvmalloc
+ ksmbd: Replace the ternary conditional operator with min()
+ ksmbd: fix out of bounds read in smb2_sess_setup
+ ksmbd: add missing compound request handing in some commands
+ ksmbd: Use struct_size() helper in ksmbd_negotiate_smb_dialect()
+ ksmbd: Replace one-element array with flexible-array member
+ ksmbd: Fix unsigned expression compared with zero
+ ksmbd: check if a mount point is crossed during path lookup
+ ksmbd: validate session id and tree id in compound request
+ ksmbd: fix out of bounds in init_smb2_rsp_hdr()
+ ksmbd: switch to use kmemdup_nul() helper
+ ksmbd: add support for read compound
+ ksmbd: fix wrong interim response on compound
+ ksmbd: fix `force create mode' and `force directory mode'
+ ksmbd: reduce descriptor size if remaining bytes is less than request size
+ ksmbd: Fix one kernel-doc comment
+ ksmbd: fix slub overflow in ksmbd_decode_ntlmssp_auth_blob()
+ ksmbd: add missing calling smb2_set_err_rsp() on error
+ ksmbd: remove experimental warning
+ ksmbd: remove unneeded mark_inode_dirty in set_info_sec()
+ ksmbd: fix passing freed memory 'aux_payload_buf'
+ ksmbd: return invalid parameter error response if smb2 request is invalid
+ ksmbd: check iov vector index in ksmbd_conn_write()
+ ksmbd: fix race condition between session lookup and expire
+ ksmbd: fix race condition with fp
+ ksmbd: fix race condition from parallel smb2 logoff requests
+ ksmbd: fix race condition from parallel smb2 lock requests
+ ksmbd: fix race condition between tree conn lookup and disconnect
+ ksmbd: fix wrong error response status by using set_smb2_rsp_status()
+ ksmbd: fix Null pointer dereferences in ksmbd_update_fstate()
+ ksmbd: fix potential double free on smb2_read_pipe() error path
+ ksmbd: Remove unused field in ksmbd_user struct
+ ksmbd: reorganize ksmbd_iov_pin_rsp()
+ ksmbd: fix kernel-doc comment of ksmbd_vfs_setxattr()
+ ksmbd: fix recursive locking in vfs helpers
+ ksmbd: fix missing RDMA-capable flag for IPoIB device in
ksmbd_rdma_capable_netdev()
+ ksmbd: add support for surrogate pair conversion
+ ksmbd: no need to wait for binded connection termination at logoff
+ ksmbd: fix kernel-doc comment of ksmbd_vfs_kern_path_locked()
+ ksmbd: handle malformed smb1 message
+ ksmbd: prevent memory leak on error return
+ ksmbd: fix possible deadlock in smb2_open
+ ksmbd: separately allocate ci per dentry
+ ksmbd: move oplock handling after unlock parent dir
+ ksmbd: release interim response after sending status pending response
+ ksmbd: move setting SMB2_FLAGS_ASYNC_COMMAND and AsyncId
+ ksmbd: don't update ->op_state as OPLOCK_STATE_NONE on error
+ tracing/kprobes: Return EADDRNOTAVAIL when func matches several symbols
+ kasan: disable kasan_non_canonical_hook() for HW tags
Linux 5.15.145
- kasan: disable kasan_non_canonical_hook() for HW tags
- tracing/kprobes: Return EADDRNOTAVAIL when func matches several symbols
- Revert "drm/bridge: lt9611uxc: Switch to devm MIPI-DSI helpers"
- Revert "drm/bridge: lt9611uxc: Register and attach our DSI device at probe"
- Revert "drm/bridge: lt9611uxc: fix the race in the error path"
- ksmbd: don't update ->op_state as OPLOCK_STATE_NONE on error
- ksmbd: move setting SMB2_FLAGS_ASYNC_COMMAND and AsyncId
- ksmbd: release interim response after sending status pending response
- ksmbd: move oplock handling after unlock parent dir
- ksmbd: separately allocate ci per dentry
- ksmbd: fix possible deadlock in smb2_open
- ksmbd: prevent memory leak on error return
- ksmbd: handle malformed smb1 message
- ksmbd: fix kernel-doc comment of ksmbd_vfs_kern_path_locked()
- ksmbd: no need to wait for binded connection termination at logoff
- ksmbd: add support for surrogate pair conversion
- ksmbd: fix missing RDMA-capable flag for IPoIB device in
ksmbd_rdma_capable_netdev()
- ksmbd: fix recursive locking in vfs helpers
- ksmbd: fix kernel-doc comment of ksmbd_vfs_setxattr()
- ksmbd: reorganize ksmbd_iov_pin_rsp()
- ksmbd: Remove unused field in ksmbd_user struct
- ksmbd: fix potential double free on smb2_read_pipe() error path
- ksmbd: fix Null pointer dereferences in ksmbd_update_fstate()
- ksmbd: fix wrong error response status by using set_smb2_rsp_status()
- ksmbd: fix race condition between tree conn lookup and disconnect
- ksmbd: fix race condition from parallel smb2 lock requests
- ksmbd: fix race condition from parallel smb2 logoff requests
- ksmbd: fix race condition with fp
- ksmbd: fix race condition between session lookup and expire
- ksmbd: check iov vector index in ksmbd_conn_write()
- ksmbd: return invalid parameter error response if smb2 request is invalid
- ksmbd: fix passing freed memory 'aux_payload_buf'
- ksmbd: remove unneeded mark_inode_dirty in set_info_sec()
- ksmbd: remove experimental warning
- ksmbd: add missing calling smb2_set_err_rsp() on error
- ksmbd: fix slub overflow in ksmbd_decode_ntlmssp_auth_blob()
- ksmbd: Fix one kernel-doc comment
- ksmbd: reduce descriptor size if remaining bytes is less than request size
- ksmbd: fix `force create mode' and `force directory mode'
- ksmbd: fix wrong interim response on compound
- ksmbd: add support for read compound
- ksmbd: switch to use kmemdup_nul() helper
- ksmbd: fix out of bounds in init_smb2_rsp_hdr()
- ksmbd: validate session id and tree id in compound request
- ksmbd: check if a mount point is crossed during path lookup
- ksmbd: Fix unsigned expression compared with zero
- ksmbd: Replace one-element array with flexible-array member
- ksmbd: Use struct_size() helper in ksmbd_negotiate_smb_dialect()
- ksmbd: add missing compound request handing in some commands
- ksmbd: fix out of bounds read in smb2_sess_setup
- ksmbd: Replace the ternary conditional operator with min()
- ksmbd: use kvzalloc instead of kvmalloc
- ksmbd: Change the return value of ksmbd_vfs_query_maximal_access to void
- ksmbd: return a literal instead of 'err' in ksmbd_vfs_kern_path_locked()
- ksmbd: use kzalloc() instead of __GFP_ZERO
- ksmbd: remove unused ksmbd_tree_conn_share function
- ksmbd: add mnt_want_write to ksmbd vfs functions
- ksmbd: validate smb request protocol id
- ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
- ksmbd: fix posix_acls and acls dereferencing possible ERR_PTR()
- ksmbd: fix out-of-bound read in parse_lease_state()
- ksmbd: fix out-of-bound read in deassemble_neg_contexts()
- ksmbd: call putname after using the last component
- ksmbd: fix UAF issue from opinfo->conn
- ksmbd: fix multiple out-of-bounds read during context decoding
- ksmbd: fix uninitialized pointer read in smb2_create_link()
- ksmbd: fix uninitialized pointer read in ksmbd_vfs_rename()
- ksmbd: fix racy issue under cocurrent smb2 tree disconnect
- ksmbd: fix racy issue from smb2 close and logoff with multichannel
- ksmbd: block asynchronous requests when making a delay on session setup
- ksmbd: destroy expired sessions
- ksmbd: fix racy issue from session setup and logoff
- ksmbd: fix racy issue from using ->d_parent and ->d_name
- fs: introduce lock_rename_child() helper
- ksmbd: remove unused compression negotiate ctx packing
- ksmbd: avoid duplicate negotiate ctx offset increments
- ksmbd: set NegotiateContextCount once instead of every inc
- ksmbd: avoid out of bounds access in decode_preauth_ctxt()
- ksmbd: fix slab-out-of-bounds in init_smb2_rsp_hdr
- ksmbd: delete asynchronous work from list
- ksmbd: remove unused is_char_allowed function
- ksmbd: fix wrong signingkey creation when encryption is AES256
- ksmbd: fix possible memory leak in smb2_lock()
- ksmbd: Fix parameter name and comment mismatch
- ksmbd: Fix spelling mistake "excceed" -> "exceeded"
- ksmbd: update Kconfig to note Kerberos support and fix indentation
- ksmbd: Remove duplicated codes
- ksmbd: fix typo, syncronous->synchronous
- ksmbd: Implements sess->rpc_handle_list as xarray
- ksmbd: Implements sess->ksmbd_chann_list as xarray
- ksmbd: send proper error response in smb2_tree_connect()
- ksmbd: Convert to use sysfs_emit()/sysfs_emit_at() APIs
- ksmbd: Fix resource leak in smb2_lock()
- ksmbd: use F_SETLK when unlocking a file
- ksmbd: set SMB2_SESSION_FLAG_ENCRYPT_DATA when enforcing data encryption for
this share
- ksmbd: replace one-element arrays with flexible-array members
- ksmbd: validate share name from share config response
- ksmbd: call ib_drain_qp when disconnected
- ksmbd: make utf-8 file name comparison work in __caseless_lookup()
- ksmbd: hide socket error message when ipv6 config is disable
- ksmbd: reduce server smbdirect max send/receive segment sizes
- ksmbd: decrease the number of SMB3 smbdirect server SGEs
- ksmbd: set NTLMSSP_NEGOTIATE_SEAL flag to challenge blob
- ksmbd: fix encryption failure issue for session logoff response
- ksmbd: fill sids in SMB_FIND_FILE_POSIX_INFO response
- ksmbd: set file permission mode to match Samba server posix extension behavior
- ksmbd: change security id to the one samba used for posix extension
- ksmbd: casefold utf-8 share names and fix ascii lowercase conversion
- ksmbd: remove generic_fillattr use in smb2_open()
- ksmbd: constify struct path
- ksmbd: don't open-code %pD
- ksmbd: don't open-code file_path()
- ksmbd: remove unnecessary generic_fillattr in smb2_open
- ksmbd: request update to stale share config
- ksmbd: use wait_event instead of schedule_timeout()
- ksmbd: remove unused ksmbd_share_configs_cleanup function
- ksmbd: remove duplicate flag set in smb2_write
- ksmbd: smbd: Remove useless license text when SPDX-License-Identifier is
already used
- ksmbd: smbd: relax the count of sges required
- ksmbd: smbd: fix connection dropped issue
- ksmbd: Fix some kernel-doc comments
- ksmbd: fix wrong smbd max read/write size check
- ksmbd: smbd: handle multiple Buffer descriptors
- ksmbd: smbd: change the return value of get_sg_list
- ksmbd: smbd: simplify tracking pending packets
- ksmbd: smbd: introduce read/write credits for RDMA read/write
- ksmbd: smbd: change prototypes of RDMA read/write related functions
- ksmbd: validate length in smb2_write()
- ksmbd: remove filename in ksmbd_file
- smb3: fix ksmbd bigendian bug in oplock break, and move its struct to
smbfs_common
- ksmbd: replace usage of found with dedicated list iterator variable
- ksmbd: Remove a redundant zeroing of memory
- ksmbd: shorten experimental warning on loading the module
- ksmbd: store fids as opaque u64 integers
- ksmbd: use netif_is_bridge_port
- ksmbd: add support for key exchange
- ksmbd: smbd: validate buffer descriptor structures
- ksmbd: smbd: fix missing client's memory region invalidation
- ksmbd: add smb-direct shutdown
- ksmbd: smbd: change the default maximum read/write, receive size
- ksmbd: smbd: create MR pool
- ksmbd: smbd: call rdma_accept() under CM handler
- ksmbd: set 445 port to smbdirect port by default
- ksmbd: register ksmbd ib client with ib_register_client()
- ksmbd: Fix smb2_get_name() kernel-doc comment
- ksmbd: Delete an invalid argument description in smb2_populate_readdir_entry()
- ksmbd: Fix smb2_set_info_file() kernel-doc comment
- ksmbd: Fix buffer_check_err() kernel-doc comment
- ksmbd: set both ipv4 and ipv6 in FSCTL_QUERY_NETWORK_INTERFACE_INFO
- ksmbd: Remove unused fields from ksmbd_file struct definition
- ksmbd: Remove unused parameter from smb2_get_name()
- ksmbd: use oid registry functions to decode OIDs
- ksmbd: change LeaseKey data type to u8 array
- ksmbd: remove smb2_buf_length in smb2_transform_hdr
- ksmbd: remove smb2_buf_length in smb2_hdr
- ksmbd: remove md4 leftovers
- ksmbd: Remove redundant 'flush_workqueue()' calls
- ksmdb: use cmd helper variable in smb2_get_ksmbd_tcon()
- ksmbd: use ksmbd_req_buf_next() in ksmbd_verify_smb_message()
+ UBUNTU: Upstream stable to v5.15.145
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/2052406
Title:
Jammy update: v5.15.145 upstream stable release
Status in linux package in Ubuntu:
Invalid
Status in linux source package in Jammy:
In Progress
Bug description:
SRU Justification
Impact:
The upstream process for stable tree updates is quite similar
in scope to the Ubuntu SRU process, e.g., each patch has to
demonstrably fix a bug, and each patch is vetted by upstream
by originating either directly from a mainline/stable Linux tree or
a minimally backported form of that patch. The following upstream
stable patches should be included in the Ubuntu kernel:
v5.15.145 upstream stable release
from git://git.kernel.org/
ksmbd: use ksmbd_req_buf_next() in ksmbd_verify_smb_message()
ksmdb: use cmd helper variable in smb2_get_ksmbd_tcon()
ksmbd: Remove redundant 'flush_workqueue()' calls
ksmbd: remove md4 leftovers
ksmbd: remove smb2_buf_length in smb2_hdr
ksmbd: remove smb2_buf_length in smb2_transform_hdr
ksmbd: change LeaseKey data type to u8 array
ksmbd: use oid registry functions to decode OIDs
ksmbd: Remove unused parameter from smb2_get_name()
ksmbd: Remove unused fields from ksmbd_file struct definition
ksmbd: set both ipv4 and ipv6 in FSCTL_QUERY_NETWORK_INTERFACE_INFO
ksmbd: Fix buffer_check_err() kernel-doc comment
ksmbd: Fix smb2_set_info_file() kernel-doc comment
ksmbd: Delete an invalid argument description in smb2_populate_readdir_entry()
ksmbd: Fix smb2_get_name() kernel-doc comment
ksmbd: register ksmbd ib client with ib_register_client()
ksmbd: set 445 port to smbdirect port by default
ksmbd: smbd: call rdma_accept() under CM handler
ksmbd: smbd: create MR pool
ksmbd: smbd: change the default maximum read/write, receive size
ksmbd: smbd: fix missing client's memory region invalidation
ksmbd: smbd: validate buffer descriptor structures
ksmbd: add support for key exchange
ksmbd: use netif_is_bridge_port
ksmbd: store fids as opaque u64 integers
ksmbd: shorten experimental warning on loading the module
ksmbd: Remove a redundant zeroing of memory
ksmbd: replace usage of found with dedicated list iterator variable
smb3: fix ksmbd bigendian bug in oplock break, and move its struct to
smbfs_common
ksmbd: remove filename in ksmbd_file
ksmbd: smbd: change prototypes of RDMA read/write related functions
ksmbd: smbd: introduce read/write credits for RDMA read/write
ksmbd: smbd: simplify tracking pending packets
ksmbd: smbd: change the return value of get_sg_list
ksmbd: smbd: handle multiple Buffer descriptors
ksmbd: fix wrong smbd max read/write size check
ksmbd: Fix some kernel-doc comments
ksmbd: smbd: fix connection dropped issue
ksmbd: smbd: relax the count of sges required
ksmbd: smbd: Remove useless license text when SPDX-License-Identifier is
already used
ksmbd: remove duplicate flag set in smb2_write
ksmbd: remove unused ksmbd_share_configs_cleanup function
ksmbd: use wait_event instead of schedule_timeout()
ksmbd: request update to stale share config
ksmbd: remove unnecessary generic_fillattr in smb2_open
ksmbd: don't open-code file_path()
ksmbd: don't open-code %pD
ksmbd: constify struct path
ksmbd: remove generic_fillattr use in smb2_open()
ksmbd: casefold utf-8 share names and fix ascii lowercase conversion
ksmbd: change security id to the one samba used for posix extension
ksmbd: set file permission mode to match Samba server posix extension behavior
ksmbd: fill sids in SMB_FIND_FILE_POSIX_INFO response
ksmbd: fix encryption failure issue for session logoff response
ksmbd: set NTLMSSP_NEGOTIATE_SEAL flag to challenge blob
ksmbd: decrease the number of SMB3 smbdirect server SGEs
ksmbd: reduce server smbdirect max send/receive segment sizes
ksmbd: hide socket error message when ipv6 config is disable
ksmbd: make utf-8 file name comparison work in __caseless_lookup()
ksmbd: call ib_drain_qp when disconnected
ksmbd: validate share name from share config response
ksmbd: replace one-element arrays with flexible-array members
ksmbd: set SMB2_SESSION_FLAG_ENCRYPT_DATA when enforcing data encryption for
this share
ksmbd: use F_SETLK when unlocking a file
ksmbd: Fix resource leak in smb2_lock()
ksmbd: Convert to use sysfs_emit()/sysfs_emit_at() APIs
ksmbd: send proper error response in smb2_tree_connect()
ksmbd: Implements sess->rpc_handle_list as xarray
ksmbd: fix typo, syncronous->synchronous
ksmbd: Remove duplicated codes
ksmbd: update Kconfig to note Kerberos support and fix indentation
ksmbd: Fix spelling mistake "excceed" -> "exceeded"
ksmbd: Fix parameter name and comment mismatch
ksmbd: fix possible memory leak in smb2_lock()
ksmbd: fix wrong signingkey creation when encryption is AES256
ksmbd: remove unused is_char_allowed function
ksmbd: delete asynchronous work from list
ksmbd: fix slab-out-of-bounds in init_smb2_rsp_hdr
ksmbd: avoid out of bounds access in decode_preauth_ctxt()
ksmbd: set NegotiateContextCount once instead of every inc
ksmbd: avoid duplicate negotiate ctx offset increments
ksmbd: remove unused compression negotiate ctx packing
fs: introduce lock_rename_child() helper
ksmbd: fix racy issue from using ->d_parent and ->d_name
ksmbd: destroy expired sessions
ksmbd: block asynchronous requests when making a delay on session setup
ksmbd: fix racy issue from smb2 close and logoff with multichannel
ksmbd: fix racy issue under cocurrent smb2 tree disconnect
ksmbd: fix uninitialized pointer read in ksmbd_vfs_rename()
ksmbd: fix uninitialized pointer read in smb2_create_link()
ksmbd: fix multiple out-of-bounds read during context decoding
ksmbd: fix UAF issue from opinfo->conn
ksmbd: call putname after using the last component
ksmbd: fix out-of-bound read in deassemble_neg_contexts()
ksmbd: fix out-of-bound read in parse_lease_state()
ksmbd: fix posix_acls and acls dereferencing possible ERR_PTR()
ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
ksmbd: validate smb request protocol id
ksmbd: add mnt_want_write to ksmbd vfs functions
ksmbd: remove unused ksmbd_tree_conn_share function
ksmbd: use kzalloc() instead of __GFP_ZERO
ksmbd: return a literal instead of 'err' in ksmbd_vfs_kern_path_locked()
ksmbd: Change the return value of ksmbd_vfs_query_maximal_access to void
ksmbd: use kvzalloc instead of kvmalloc
ksmbd: Replace the ternary conditional operator with min()
ksmbd: fix out of bounds read in smb2_sess_setup
ksmbd: add missing compound request handing in some commands
ksmbd: Use struct_size() helper in ksmbd_negotiate_smb_dialect()
ksmbd: Replace one-element array with flexible-array member
ksmbd: Fix unsigned expression compared with zero
ksmbd: check if a mount point is crossed during path lookup
ksmbd: validate session id and tree id in compound request
ksmbd: fix out of bounds in init_smb2_rsp_hdr()
ksmbd: switch to use kmemdup_nul() helper
ksmbd: add support for read compound
ksmbd: fix wrong interim response on compound
ksmbd: fix `force create mode' and `force directory mode'
ksmbd: reduce descriptor size if remaining bytes is less than request size
ksmbd: Fix one kernel-doc comment
ksmbd: fix slub overflow in ksmbd_decode_ntlmssp_auth_blob()
ksmbd: add missing calling smb2_set_err_rsp() on error
ksmbd: remove experimental warning
ksmbd: remove unneeded mark_inode_dirty in set_info_sec()
ksmbd: fix passing freed memory 'aux_payload_buf'
ksmbd: return invalid parameter error response if smb2 request is invalid
ksmbd: check iov vector index in ksmbd_conn_write()
ksmbd: fix race condition between session lookup and expire
ksmbd: fix race condition with fp
ksmbd: fix race condition from parallel smb2 logoff requests
ksmbd: fix race condition from parallel smb2 lock requests
ksmbd: fix race condition between tree conn lookup and disconnect
ksmbd: fix wrong error response status by using set_smb2_rsp_status()
ksmbd: fix Null pointer dereferences in ksmbd_update_fstate()
ksmbd: fix potential double free on smb2_read_pipe() error path
ksmbd: Remove unused field in ksmbd_user struct
ksmbd: reorganize ksmbd_iov_pin_rsp()
ksmbd: fix kernel-doc comment of ksmbd_vfs_setxattr()
ksmbd: fix recursive locking in vfs helpers
ksmbd: fix missing RDMA-capable flag for IPoIB device in
ksmbd_rdma_capable_netdev()
ksmbd: add support for surrogate pair conversion
ksmbd: no need to wait for binded connection termination at logoff
ksmbd: fix kernel-doc comment of ksmbd_vfs_kern_path_locked()
ksmbd: handle malformed smb1 message
ksmbd: prevent memory leak on error return
ksmbd: fix possible deadlock in smb2_open
ksmbd: separately allocate ci per dentry
ksmbd: move oplock handling after unlock parent dir
ksmbd: release interim response after sending status pending response
ksmbd: move setting SMB2_FLAGS_ASYNC_COMMAND and AsyncId
ksmbd: don't update ->op_state as OPLOCK_STATE_NONE on error
tracing/kprobes: Return EADDRNOTAVAIL when func matches several symbols
kasan: disable kasan_non_canonical_hook() for HW tags
Linux 5.15.145
UBUNTU: Upstream stable to v5.15.145
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2052406/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
