]>
Commit | Line | Data |
---|---|---|
a36bcd96 SF |
1 | linux (4.13.0-5.6) UNRELEASED; urgency=low |
2 | ||
3 | CHANGELOG: Do not edit directly. Autogenerated at release. | |
4 | CHANGELOG: Use the printchanges target to see the curent changes. | |
5 | CHANGELOG: Use the insertchanges target to create the final log. | |
6 | ||
7 | -- Seth Forshee <seth.forshee@canonical.com> Tue, 08 Aug 2017 13:29:12 -0500 | |
8 | ||
cb044a55 | 9 | linux (4.13.0-4.5) artful; urgency=low |
5f9f1d1e | 10 | |
cb044a55 SF |
11 | * Lenovo Yoga 910 Sensors (LP: #1708120) |
12 | - SAUCE: (no-up) HID: Add quirk for Lenovo Yoga 910 with ITE Chips | |
13 | ||
14 | * Unable to install Ubuntu on the NVMe disk under VMD PCI domain | |
15 | (LP: #1703339) | |
16 | - [Config] Add vmd driver to generic inclusion list | |
17 | ||
18 | * Set CONFIG_SATA_HIGHBANK=y on armhf (LP: #1703430) | |
19 | - [Config] CONFIG_SATA_HIGHBANK=y | |
20 | ||
21 | * Miscellaneous Ubuntu changes | |
22 | - ubuntu: vbox -- update to 5.1.26-dfsg-1 | |
23 | - SAUCE: hio: Build fixes for 4.13 | |
24 | - Enable hio build | |
25 | - SAUCE: (noup) Update spl to 0.6.5.11-1, zfs to 0.6.5.11-1ubuntu1 | |
26 | - [debian] use all rather than amd64 dkms debs for sync | |
5f9f1d1e | 27 | |
a59efebc SF |
28 | [ Upstream Kernel Changes ] |
29 | ||
30 | * Rebase to v4.13-rc4 | |
31 | ||
cb044a55 | 32 | -- Seth Forshee <seth.forshee@canonical.com> Tue, 08 Aug 2017 11:31:48 -0500 |
5f9f1d1e | 33 | |
17f46b19 | 34 | linux (4.13.0-3.4) artful; urgency=low |
0d88ae24 | 35 | |
17f46b19 SF |
36 | * Adt tests of src:linux time out often on armhf lxc containers (LP: #1705495) |
37 | - [Packaging] tests -- reduce rebuild test to one flavour | |
38 | - [Packaging] tests -- reduce rebuild test to one flavour -- use filter | |
39 | ||
40 | * snapd 2.26.8+17.10 ADT test failure with linux 4.12.0-6.7 (LP: #1704158) | |
41 | - SAUCE: virtio_net: Revert mergeable buffer handling rework | |
0d88ae24 | 42 | |
29e66935 SF |
43 | [ Upstream Kernel Changes ] |
44 | ||
45 | * Rebase to v4.13-rc3 | |
46 | ||
17f46b19 | 47 | -- Seth Forshee <seth.forshee@canonical.com> Mon, 31 Jul 2017 10:08:16 -0500 |
0d88ae24 | 48 | |
1313bc19 | 49 | linux (4.13.0-2.3) artful; urgency=low |
8cc80cf4 | 50 | |
1313bc19 SF |
51 | * Change CONFIG_IBMVETH to module (LP: #1704479) |
52 | - [Config] CONFIG_IBMVETH=m | |
8cc80cf4 | 53 | |
ec21a42b SF |
54 | [ Upstream Kernel Changes ] |
55 | ||
56 | * Rebase to v4.13-rc2 | |
57 | ||
1313bc19 | 58 | -- Seth Forshee <seth.forshee@canonical.com> Mon, 24 Jul 2017 13:58:08 -0500 |
8cc80cf4 | 59 | |
de46943a | 60 | linux (4.13.0-1.2) artful; urgency=low |
d9969bce | 61 | |
de46943a SF |
62 | * Miscellaneous Ubuntu changes |
63 | - [Debian] Support sphinx-based kernel documentation | |
d9969bce | 64 | |
de46943a | 65 | -- Seth Forshee <seth.forshee@canonical.com> Thu, 20 Jul 2017 09:18:33 -0500 |
d9969bce | 66 | |
b92dc169 | 67 | linux (4.13.0-0.1) artful; urgency=low |
de1604e6 | 68 | |
b92dc169 SF |
69 | * Miscellaneous Ubuntu changes |
70 | - Disable hio | |
71 | - Disable zfs build | |
72 | - ubuntu: vbox -- update to 5.1.24-dfsg-1 | |
de1604e6 | 73 | |
f2dfe78b SF |
74 | [ Upstream Kernel Changes ] |
75 | ||
76 | * Rebase to v4.13-rc1 | |
77 | ||
b92dc169 | 78 | -- Seth Forshee <seth.forshee@canonical.com> Wed, 19 Jul 2017 15:09:31 -0500 |
de1604e6 | 79 | |
d067a903 TG |
80 | linux (4.12.0-7.8) artful; urgency=low |
81 | ||
82 | * ThunderX: soft lockup on 4.8+ kernels when running qemu-efi with vhost=on | |
83 | (LP: #1673564) | |
84 | - arm64: Add a facility to turn an ESR syndrome into a sysreg encoding | |
85 | - KVM: arm/arm64: vgic-v3: Add accessors for the ICH_APxRn_EL2 registers | |
86 | - KVM: arm64: Make kvm_condition_valid32() accessible from EL2 | |
87 | - KVM: arm64: vgic-v3: Add hook to handle guest GICv3 sysreg accesses at EL2 | |
88 | - KVM: arm64: vgic-v3: Add ICV_BPR1_EL1 handler | |
89 | - KVM: arm64: vgic-v3: Add ICV_IGRPEN1_EL1 handler | |
90 | - KVM: arm64: vgic-v3: Add ICV_IAR1_EL1 handler | |
91 | - KVM: arm64: vgic-v3: Add ICV_EOIR1_EL1 handler | |
92 | - KVM: arm64: vgic-v3: Add ICV_AP1Rn_EL1 handler | |
93 | - KVM: arm64: vgic-v3: Add ICV_HPPIR1_EL1 handler | |
94 | - KVM: arm64: vgic-v3: Enable trapping of Group-1 system registers | |
95 | - KVM: arm64: Enable GICv3 Group-1 sysreg trapping via command-line | |
96 | - KVM: arm64: vgic-v3: Add ICV_BPR0_EL1 handler | |
97 | - KVM: arm64: vgic-v3: Add ICV_IGNREN0_EL1 handler | |
98 | - KVM: arm64: vgic-v3: Add misc Group-0 handlers | |
99 | - KVM: arm64: vgic-v3: Enable trapping of Group-0 system registers | |
100 | - KVM: arm64: Enable GICv3 Group-0 sysreg trapping via command-line | |
101 | - arm64: Add MIDR values for Cavium cn83XX SoCs | |
102 | - arm64: Add workaround for Cavium Thunder erratum 30115 | |
103 | - KVM: arm64: vgic-v3: Add ICV_DIR_EL1 handler | |
104 | - KVM: arm64: vgic-v3: Add ICV_RPR_EL1 handler | |
105 | - KVM: arm64: vgic-v3: Add ICV_CTLR_EL1 handler | |
106 | - KVM: arm64: vgic-v3: Add ICV_PMR_EL1 handler | |
107 | - KVM: arm64: Enable GICv3 common sysreg trapping via command-line | |
108 | - KVM: arm64: vgic-v3: Log which GICv3 system registers are trapped | |
109 | - KVM: arm64: Log an error if trapping a read-from-write-only GICv3 access | |
110 | - KVM: arm64: Log an error if trapping a write-to-read-only GICv3 access | |
111 | ||
112 | * hns: under heavy load, NIC may fail and require reboot (LP: #1704146) | |
113 | - net: hns: Bugfix for Tx timeout handling in hns driver | |
114 | ||
115 | * New ACPI identifiers for ThunderX SMMU (LP: #1703437) | |
116 | - iommu/arm-smmu: Plumb in new ACPI identifiers | |
117 | ||
118 | * Transparent hugepages should default to enabled=madvise (LP: #1703742) | |
119 | - SAUCE: use CONFIG_TRANSPARENT_HUGEPAGE_MADVISE=y as default | |
120 | ||
121 | * Artful update to v4.12.1 stable release (LP: #1703858) | |
122 | - driver core: platform: fix race condition with driver_override | |
123 | - RDMA/uverbs: Check port number supplied by user verbs cmds | |
124 | - usb: dwc3: replace %p with %pK | |
125 | - USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick | |
126 | - usb: usbip: set buffer pointers to NULL after free | |
127 | - Add USB quirk for HVR-950q to avoid intermittent device resets | |
128 | - usb: Fix typo in the definition of Endpoint[out]Request | |
129 | - USB: core: fix device node leak | |
130 | - USB: serial: option: add two Longcheer device ids | |
131 | - USB: serial: qcserial: new Sierra Wireless EM7305 device ID | |
132 | - xhci: Limit USB2 port wake support for AMD Promontory hosts | |
133 | - gfs2: Fix glock rhashtable rcu bug | |
134 | - Add "shutdown" to "struct class". | |
135 | - tpm: Issue a TPM2_Shutdown for TPM2 devices. | |
136 | - tpm: fix a kernel memory leak in tpm-sysfs.c | |
137 | - powerpc/powernv: Fix CPU_HOTPLUG=n idle.c compile error | |
138 | - x86/uaccess: Optimize copy_user_enhanced_fast_string() for short strings | |
139 | - sched/fair, cpumask: Export for_each_cpu_wrap() | |
140 | - sched/core: Implement new approach to scale select_idle_cpu() | |
141 | - sched/numa: Use down_read_trylock() for the mmap_sem | |
142 | - sched/numa: Override part of migrate_degrades_locality() when idle balancing | |
143 | - sched/fair: Simplify wake_affine() for the single socket case | |
144 | - sched/numa: Implement NUMA node level wake_affine() | |
145 | - sched/fair: Remove effective_load() | |
146 | - sched/numa: Hide numa_wake_affine() from UP build | |
147 | - xen: avoid deadlock in xenbus driver | |
148 | - crypto: drbg - Fixes panic in wait_for_completion call | |
149 | - Linux 4.12.1 | |
150 | ||
151 | * cxlflash update request in the Xenial SRU stream (LP: #1702521) | |
152 | - scsi: cxlflash: Combine the send queue locks | |
153 | - scsi: cxlflash: Update cxlflash_afu_sync() to return errno | |
154 | - scsi: cxlflash: Reset hardware queue context via specified register | |
155 | - scsi: cxlflash: Schedule asynchronous reset of the host | |
156 | - scsi: cxlflash: Handle AFU sync failures | |
157 | - scsi: cxlflash: Track pending scsi commands in each hardware queue | |
158 | - scsi: cxlflash: Flush pending commands in cleanup path | |
159 | - scsi: cxlflash: Add scsi command abort handler | |
160 | - scsi: cxlflash: Create character device to provide host management interface | |
161 | - scsi: cxlflash: Separate AFU internal command handling from AFU sync | |
162 | specifics | |
163 | - scsi: cxlflash: Introduce host ioctl support | |
164 | - scsi: cxlflash: Refactor AFU capability checking | |
165 | - scsi: cxlflash: Support LUN provisioning | |
166 | - scsi: cxlflash: Support AFU debug | |
167 | - scsi: cxlflash: Support WS16 unmap | |
168 | - scsi: cxlflash: Remove zeroing of private command data | |
169 | - scsi: cxlflash: Update TMF command processing | |
170 | - scsi: cxlflash: Avoid double free of character device | |
171 | - scsi: cxlflash: Update send_tmf() parameters | |
172 | - scsi: cxlflash: Update debug prints in reset handlers | |
173 | ||
174 | * make snap-pkg support (LP: #1700747) | |
175 | - make snap-pkg support | |
176 | ||
177 | * Quirk for non-compliant PCI bridge on HiSilicon D05 board (LP: #1698706) | |
178 | - SAUCE: PCI: Support hibmc VGA cards behind a misbehaving HiSilicon bridge | |
179 | ||
180 | * arm64: fix crash reading /proc/kcore (LP: #1702749) | |
181 | - fs/proc: kcore: use kcore_list type to check for vmalloc/module address | |
182 | - arm64: mm: select CONFIG_ARCH_PROC_KCORE_TEXT | |
183 | ||
184 | * Opal and POWER9 DD2 (LP: #1702159) | |
185 | - SAUCE: powerpc/powernv: Tell OPAL about our MMU mode on POWER9 | |
186 | ||
187 | * Data corruption with hio driver (LP: #1701316) | |
188 | - SAUCE: hio: Fix incorrect use of enum req_opf values | |
189 | ||
190 | * Miscellaneous Ubuntu changes | |
191 | - SAUCE: (noup) Update spl to 0.6.5.10-1, zfs to 0.6.5.10-1ubuntu2 | |
192 | - snapcraft.yaml: Sync with xenial | |
193 | - [Config] CONFIG_CAVIUM_ERRATUM_30115=y | |
194 | ||
195 | * Miscellaneous upstream changes | |
196 | - Revert "UBUNTU: SAUCE: (efi-lockdown) efi: Add sysctls for secureboot and | |
197 | MokSBState" | |
198 | ||
199 | -- Seth Forshee <seth.forshee@canonical.com> Fri, 14 Jul 2017 15:25:41 -0500 | |
200 | ||
201 | linux (4.12.0-6.7) artful; urgency=low | |
202 | ||
203 | * update ENA driver to 1.2.0k from net-next (LP: #1701575) | |
204 | - net: ena: change return value for unsupported features unsupported return | |
205 | value | |
206 | - net: ena: add hardware hints capability to the driver | |
207 | - net: ena: change sizeof() argument to be the type pointer | |
208 | - net: ena: add reset reason for each device FLR | |
209 | - net: ena: add support for out of order rx buffers refill | |
210 | - net: ena: allow the driver to work with small number of msix vectors | |
211 | - net: ena: use napi_schedule_irqoff when possible | |
212 | - net: ena: separate skb allocation to dedicated function | |
213 | - net: ena: use lower_32_bits()/upper_32_bits() to split dma address | |
214 | - net: ena: update driver's rx drop statistics | |
215 | - net: ena: update ena driver to version 1.2.0 | |
216 | ||
217 | * APST gets enabled against explicit kernel option (LP: #1699004) | |
218 | - nvme: explicitly disable APST on quirked devices | |
219 | ||
220 | * Miscellaneous Ubuntu changes | |
221 | - SAUCE: hio: Update to Huawei ES3000_V2 (2.1.0.40) | |
222 | - SAUCE: hio updates for 4.12 | |
223 | - SAUCE: Enable hio build | |
224 | ||
225 | -- Seth Forshee <seth.forshee@canonical.com> Wed, 05 Jul 2017 14:23:20 -0500 | |
226 | ||
227 | linux (4.12.0-5.6) artful; urgency=low | |
228 | ||
229 | * ERAT invalidate on context switch removal (LP: #1700819) | |
230 | - powerpc: Only do ERAT invalidate on radix context switch on P9 DD1 | |
231 | ||
232 | * powerpc: Invalidate ERAT on powersave wakeup for POWER9 (LP: #1700521) | |
233 | - SAUCE: powerpc: Invalidate ERAT on powersave wakeup for POWER9 | |
234 | ||
235 | * Miscellaneous Ubuntu changes | |
236 | - d-i: Move qcom-emac from arm64 to shared nic-modules | |
237 | ||
238 | [ Upstream Kernel Changes ] | |
239 | ||
240 | * Rebase to v4.12 | |
241 | ||
242 | -- Seth Forshee <seth.forshee@canonical.com> Mon, 03 Jul 2017 07:52:02 -0500 | |
243 | ||
244 | linux (4.12.0-4.5) artful; urgency=low | |
245 | ||
246 | * aacraid driver may return uninitialized stack data to userspace | |
247 | (LP: #1700077) | |
248 | - SAUCE: scsi: aacraid: Don't copy uninitialized stack memory to userspace | |
249 | ||
250 | * KILLER1435-S[0489:e0a2] BT cannot search BT 4.0 device (LP: #1699651) | |
251 | - Bluetooth: btusb: Add support for 0489:e0a2 QCA_ROME device | |
252 | ||
253 | * AACRAID for power9 platform (LP: #1689980) | |
254 | - scsi: aacraid: Remove __GFP_DMA for raw srb memory | |
255 | - scsi: aacraid: Fix DMAR issues with iommu=pt | |
256 | - scsi: aacraid: Added 32 and 64 queue depth for arc natives | |
257 | - scsi: aacraid: Set correct Queue Depth for HBA1000 RAW disks | |
258 | - scsi: aacraid: Remove reset support from check_health | |
259 | - scsi: aacraid: Change wait time for fib completion | |
260 | - scsi: aacraid: Log count info of scsi cmds before reset | |
261 | - scsi: aacraid: Print ctrl status before eh reset | |
262 | - scsi: aacraid: Using single reset mask for IOP reset | |
263 | - scsi: aacraid: Rework IOP reset | |
264 | - scsi: aacraid: Add periodic checks to see IOP reset status | |
265 | - scsi: aacraid: Rework SOFT reset code | |
266 | - scsi: aacraid: Rework aac_src_restart | |
267 | - scsi: aacraid: Use correct function to get ctrl health | |
268 | - scsi: aacraid: Make sure ioctl returns on controller reset | |
269 | - scsi: aacraid: Enable ctrl reset for both hba and arc | |
270 | - scsi: aacraid: Add reset debugging statements | |
271 | - scsi: aacraid: Remove reference to Series-9 | |
272 | - scsi: aacraid: Update driver version to 50834 | |
273 | ||
274 | * hibmc driver does not include "pci:" prefix in bus ID (LP: #1698700) | |
275 | - SAUCE: drm: hibmc: Use set_busid function from drm core | |
276 | ||
277 | * HiSilicon D05: installer doesn't appear on VGA (LP: #1698954) | |
278 | - d-i: Add hibmc-drm to kernel-image udeb | |
279 | ||
280 | * Fix /proc/cpuinfo revision for POWER9 DD2 (LP: #1698844) | |
281 | - SAUCE: powerpc: Fix /proc/cpuinfo revision for POWER9 DD2 | |
282 | ||
283 | * Miscellaneous Ubuntu changes | |
284 | - [Config] CONFIG_SATA_MV=n and CONFIG_GENERIC_PHY=n for s390x | |
285 | - [Config] CONFIG_ATA=n for s390x | |
286 | - [Config] Update annotations for 4.12 | |
287 | ||
288 | [ Upstream Kernel Changes ] | |
289 | ||
290 | * Rebase to v4.12-rc7 | |
291 | ||
292 | -- Seth Forshee <seth.forshee@canonical.com> Mon, 26 Jun 2017 11:27:29 -0500 | |
293 | ||
294 | linux (4.12.0-3.4) artful; urgency=low | |
295 | ||
296 | * Miscellaneous upstream changes | |
297 | - ufs: fix the logics for tail relocation | |
298 | ||
299 | [ Upstream Kernel Changes ] | |
300 | ||
301 | * Rebase to v4.12-rc6 | |
302 | ||
303 | -- Seth Forshee <seth.forshee@canonical.com> Mon, 19 Jun 2017 14:50:39 -0500 | |
304 | ||
305 | linux (4.12.0-2.3) artful; urgency=low | |
306 | ||
307 | * CVE-2014-9900 | |
308 | - SAUCE: (no-up) net: Zeroing the structure ethtool_wolinfo in | |
309 | ethtool_get_wol() | |
310 | ||
311 | * System doesn't boot properly on Gigabyte AM4 motherboards (AMD Ryzen) | |
312 | (LP: #1671360) | |
313 | - pinctrl/amd: Use regular interrupt instead of chained | |
314 | ||
315 | * extend-diff-ignore should use exact matches (LP: #1693504) | |
316 | - [Packaging] exact extend-diff-ignore matches | |
317 | ||
318 | * Miscellaneous Ubuntu changes | |
319 | - SAUCE: efi: Don't print secure boot state from the efi stub | |
320 | - ubuntu: vbox -- Update to 5.1.22-dfsg-1 | |
321 | - SAUCE: vbox fixes for 4.12 | |
322 | - Re-enable virtualbox build | |
323 | - [Config] CONFIG_ORANGEFS_FS=m | |
324 | - SAUCE: (noup) Update spl to 0.6.5.9-1ubuntu2, zfs to 0.6.5.9-5ubuntu7 | |
325 | - Enable zfs build | |
326 | ||
327 | [ Upstream Kernel Changes ] | |
328 | ||
329 | * Rebase to v4.12-rc4 | |
330 | * Rebase to v4.12-rc5 | |
331 | ||
332 | -- Seth Forshee <seth.forshee@canonical.com> Sun, 11 Jun 2017 22:25:13 -0500 | |
333 | ||
334 | linux (4.12.0-1.2) artful; urgency=low | |
335 | ||
336 | * Enable Matrox driver for Ubuntu 16.04.3 (LP: #1693337) | |
337 | - [Config] Enable CONFIG_DRM_MGAG200 as module | |
338 | ||
339 | * Support low-pin-count devices on Hisilicon SoCs (LP: #1677319) | |
340 | - [Config] CONFIG_LIBIO=y on arm64 only | |
341 | - SAUCE: LIBIO: Introduce a generic PIO mapping method | |
342 | - SAUCE: OF: Add missing I/O range exception for indirect-IO devices | |
343 | - [Config] CONFIG_HISILICON_LPC=y | |
344 | - SAUCE: LPC: Support the device-tree LPC host on Hip06/Hip07 | |
345 | - SAUCE: LIBIO: Support the dynamically logical PIO registration of ACPI host | |
346 | I/O | |
347 | - SAUCE: LPC: Add the ACPI LPC support | |
348 | - SAUCE: PCI: Apply the new generic I/O management on PCI IO hosts | |
349 | - SAUCE: PCI: Restore codepath for !CONFIG_LIBIO | |
350 | ||
351 | * POWER9: Additional patches for TTY and CPU_IDLE (LP: #1674325) | |
352 | - SAUCE: tty: Fix ldisc crash on reopened tty | |
353 | ||
354 | * Miscellaneous Ubuntu changes | |
355 | - [Debian] Add build-dep on libnuma-dev to enable 'perf bench numa' | |
356 | - Rebase to v4.12-rc3 | |
357 | ||
358 | [ Upstream Kernel Changes ] | |
359 | ||
360 | * Rebase to v4.12-rc3 | |
361 | ||
362 | -- Seth Forshee <seth.forshee@canonical.com> Mon, 29 May 2017 20:56:29 -0500 | |
363 | ||
364 | linux (4.12.0-0.1) artful; urgency=low | |
365 | ||
366 | * please enable CONFIG_ARM64_LSE_ATOMICS (LP: #1691614) | |
367 | - [Config] CONFIG_ARM64_LSE_ATOMICS=y | |
368 | ||
369 | * [Regression] NUMA_BALANCING disabled on arm64 (LP: #1690914) | |
370 | - [Config] CONFIG_NUMA_BALANCING{,_DEFAULT_ENABLED}=y on arm64 | |
371 | ||
372 | * exec'ing a setuid binary from a threaded program sometimes fails to setuid | |
373 | (LP: #1672819) | |
374 | - SAUCE: exec: ensure file system accounting in check_unsafe_exec is correct | |
375 | ||
376 | * Miscellaneous Ubuntu changes | |
377 | - Update find-missing-sauce.sh to compare to artful | |
378 | - Update dropped.txt | |
379 | - SAUCE: (efi-lockdown) efi: Add EFI_SECURE_BOOT bit | |
380 | - SAUCE: (efi-lockdown) Add the ability to lock down access to the running | |
381 | kernel image | |
382 | - SAUCE: (efi-lockdown) efi: Lock down the kernel if booted in secure boot | |
383 | mode | |
384 | - SAUCE: (efi-lockdown) Enforce module signatures if the kernel is locked down | |
385 | - SAUCE: (efi-lockdown) Restrict /dev/mem and /dev/kmem when the kernel is | |
386 | locked down | |
387 | - SAUCE: (efi-lockdown) Add a sysrq option to exit secure boot mode | |
388 | - SAUCE: (efi-lockdown) kexec: Disable at runtime if the kernel is locked down | |
389 | - SAUCE: (efi-lockdown) Copy secure_boot flag in boot params across kexec | |
390 | reboot | |
391 | - SAUCE: (efi-lockdown) kexec_file: Disable at runtime if securelevel has been | |
392 | set | |
393 | - SAUCE: (efi-lockdown) hibernate: Disable when the kernel is locked down | |
394 | - SAUCE: (efi-lockdown) uswsusp: Disable when the kernel is locked down | |
395 | - SAUCE: (efi-lockdown) PCI: Lock down BAR access when the kernel is locked | |
396 | down | |
397 | - SAUCE: (efi-lockdown) x86: Lock down IO port access when the kernel is | |
398 | locked down | |
399 | - SAUCE: (efi-lockdown) x86: Restrict MSR access when the kernel is locked | |
400 | down | |
401 | - SAUCE: (efi-lockdown) asus-wmi: Restrict debugfs interface when the kernel | |
402 | is locked down | |
403 | - SAUCE: (efi-lockdown) ACPI: Limit access to custom_method when the kernel is | |
404 | locked down | |
405 | - SAUCE: (efi-lockdown) acpi: Ignore acpi_rsdp kernel param when the kernel | |
406 | has been locked down | |
407 | - SAUCE: (efi-lockdown) acpi: Disable ACPI table override if the kernel is | |
408 | locked down | |
409 | - SAUCE: (efi-lockdown) acpi: Disable APEI error injection if the kernel is | |
410 | locked down | |
411 | - SAUCE: (efi-lockdown) Enable cold boot attack mitigation | |
412 | - SAUCE: (efi-lockdown) bpf: Restrict kernel image access functions when the | |
413 | kernel is locked down | |
414 | - SAUCE: (efi-lockdown) scsi: Lock down the eata driver | |
415 | - SAUCE: (efi-lockdown) Prohibit PCMCIA CIS storage when the kernel is locked | |
416 | down | |
417 | - SAUCE: (efi-lockdown) Lock down TIOCSSERIAL | |
418 | - SAUCE: (efi-lockdown) KEYS: Allow unrestricted boot-time addition of keys to | |
419 | secondary keyring | |
420 | - SAUCE: (efi-lockdown) efi: Add EFI signature data types | |
421 | - SAUCE: (efi-lockdown) efi: Add an EFI signature blob parser | |
422 | - SAUCE: (efi-lockdown) MODSIGN: Import certificates from UEFI Secure Boot | |
423 | - SAUCE: (efi-lockdown) MODSIGN: Allow the "db" UEFI variable to be suppressed | |
424 | - SAUCE: (efi-lockdown) efi: Sanitize boot_params in efi stub | |
425 | - SAUCE: (efi-lockdown) efi: Add secure_boot state and status bit for | |
426 | MokSBState | |
427 | - SAUCE: (efi-lockdown) efi: Add sysctls for secureboot and MokSBState | |
428 | - [Config] Set values for UEFI secure boot lockdown options | |
429 | - Disable virtualbox build | |
430 | - Disable hio build | |
431 | - SAUCE: securityfs: Replace CURRENT_TIME with current_time() | |
432 | - Disable zfs build | |
433 | - [Debian] Work out upstream tag for use with gen-auto-reconstruct | |
434 | - SAUCE: Import aufs driver | |
435 | - SAUCE: aufs -- Include linux/mm.h in fs/aufs/file.h | |
436 | - [Config] Enable aufs | |
437 | - SAUCE: perf callchain: Include errno.h on x86 unconditinally | |
438 | ||
439 | [ Upstream Kernel Changes ] | |
440 | ||
441 | * Rebase to v4.12-rc2 | |
442 | ||
443 | -- Seth Forshee <seth.forshee@canonical.com> Sun, 21 May 2017 23:44:44 -0500 | |
444 | ||
445 | linux (4.11.0-3.8) artful; urgency=low | |
446 | ||
447 | [ Seth Forshee ] | |
448 | ||
449 | * Release Tracking Bug | |
450 | - LP: #1690999 | |
451 | ||
452 | * apparmor_parser hangs indefinitely when called by multiple threads | |
453 | (LP: #1645037) | |
454 | - SAUCE: apparmor: fix lock ordering for mkdir | |
455 | ||
456 | * apparmor leaking securityfs pin count (LP: #1660846) | |
457 | - SAUCE: apparmor: fix leak on securityfs pin count | |
458 | ||
459 | * apparmor reference count leak when securityfs_setup_d_inode\ () fails | |
460 | (LP: #1660845) | |
461 | - SAUCE: apparmor: fix reference count leak when securityfs_setup_d_inode() | |
462 | fails | |
463 | ||
464 | * apparmor not checking error if security_pin_fs() fails (LP: #1660842) | |
465 | - SAUCE: apparmor: fix not handling error case when securityfs_pin_fs() fails | |
466 | ||
467 | * libvirt profile is blocking global setrlimit despite having no rlimit rule | |
468 | (LP: #1679704) | |
469 | - SAUCE: apparmor: fix complain mode failure for rlimit mediation | |
470 | - apparmor: update auditing of rlimit check to provide capability information | |
471 | ||
472 | * apparmor: does not provide a way to detect policy updataes (LP: #1678032) | |
473 | - SAUCE: apparmor: add policy revision file interface | |
474 | ||
475 | * apparmor does not make support of query data visible (LP: #1678023) | |
476 | - SAUCE: apparmor: add label data availability to the feature set | |
477 | ||
478 | * apparmor query interface does not make supported query info available | |
479 | (LP: #1678030) | |
480 | - SAUCE: apparmor: add information about the query inteface to the feature set | |
481 | ||
482 | * change_profile incorrect when using namespaces with a compound stack | |
483 | (LP: #1677959) | |
484 | - SAUCE: apparmor: fix label parse for stacked labels | |
485 | ||
486 | * Regression in 4.4.0-65-generic causes very frequent system crashes | |
487 | (LP: #1669611) | |
488 | - apparmor: sync of apparmor 3.6+ (17.04) | |
489 | ||
490 | * Artful update to 4.11.1 stable release (LP: #1690814) | |
491 | - dm ioctl: prevent stack leak in dm ioctl call | |
492 | - drm/sti: fix GDP size to support up to UHD resolution | |
493 | - power: supply: lp8788: prevent out of bounds array access | |
494 | - brcmfmac: Ensure pointer correctly set if skb data location changes | |
495 | - brcmfmac: Make skb header writable before use | |
496 | - sparc64: fix fault handling in NGbzero.S and GENbzero.S | |
497 | - refcount: change EXPORT_SYMBOL markings | |
498 | - net: macb: fix phy interrupt parsing | |
499 | - tcp: fix access to sk->sk_state in tcp_poll() | |
500 | - geneve: fix incorrect setting of UDP checksum flag | |
501 | - bpf: enhance verifier to understand stack pointer arithmetic | |
502 | - bpf, arm64: fix jit branch offset related to ldimm64 | |
503 | - tcp: fix wraparound issue in tcp_lp | |
504 | - net: ipv6: Do not duplicate DAD on link up | |
505 | - net: usb: qmi_wwan: add Telit ME910 support | |
506 | - tcp: do not inherit fastopen_req from parent | |
507 | - ipv4, ipv6: ensure raw socket message is big enough to hold an IP header | |
508 | - rtnetlink: NUL-terminate IFLA_PHYS_PORT_NAME string | |
509 | - ipv6: initialize route null entry in addrconf_init() | |
510 | - ipv6: reorder ip6_route_dev_notifier after ipv6_dev_notf | |
511 | - tcp: randomize timestamps on syncookies | |
512 | - bnxt_en: allocate enough space for ->ntp_fltr_bmap | |
513 | - bpf: don't let ldimm64 leak map addresses on unprivileged | |
514 | - net: mdio-mux: bcm-iproc: call mdiobus_free() in error path | |
515 | - f2fs: sanity check segment count | |
516 | - xen/arm,arm64: fix xen_dma_ops after 815dd18 "Consolidate get_dma_ops..." | |
517 | - xen: Revert commits da72ff5bfcb0 and 72a9b186292d | |
518 | - block: get rid of blk_integrity_revalidate() | |
519 | - Linux 4.11.1 | |
520 | ||
521 | * Module signing exclusion for staging drivers does not work properly | |
522 | (LP: #1690908) | |
523 | - SAUCE: Fix module signing exclusion in package builds | |
524 | ||
525 | * perf: qcom: Add L3 cache PMU driver (LP: #1689856) | |
526 | - [Config] CONFIG_QCOM_L3_PMU=y | |
527 | - perf: qcom: Add L3 cache PMU driver | |
528 | ||
529 | * No PMU support for ACPI-based arm64 systems (LP: #1689661) | |
530 | - drivers/perf: arm_pmu: rework per-cpu allocation | |
531 | - drivers/perf: arm_pmu: manage interrupts per-cpu | |
532 | - drivers/perf: arm_pmu: split irq request from enable | |
533 | - drivers/perf: arm_pmu: remove pointless PMU disabling | |
534 | - drivers/perf: arm_pmu: define armpmu_init_fn | |
535 | - drivers/perf: arm_pmu: fold init into alloc | |
536 | - drivers/perf: arm_pmu: factor out pmu registration | |
537 | - drivers/perf: arm_pmu: simplify cpu_pmu_request_irqs() | |
538 | - drivers/perf: arm_pmu: handle no platform_device | |
539 | - drivers/perf: arm_pmu: rename irq request/free functions | |
540 | - drivers/perf: arm_pmu: split cpu-local irq request/free | |
541 | - drivers/perf: arm_pmu: move irq request/free into probe | |
542 | - drivers/perf: arm_pmu: split out platform device probe logic | |
543 | - arm64: add function to get a cpu's MADT GICC table | |
544 | - [Config] CONFIG_ARM_PMU_ACPI=y | |
545 | - drivers/perf: arm_pmu: add ACPI framework | |
546 | - arm64: pmuv3: handle !PMUv3 when probing | |
547 | - arm64: pmuv3: use arm_pmu ACPI framework | |
548 | ||
549 | * Fix NVLINK2 TCE route (LP: #1690155) | |
550 | - powerpc/powernv: Fix TCE kill on NVLink2 | |
551 | ||
552 | * CVE-2017-0605 | |
553 | - tracing: Use strlcpy() instead of strcpy() in __trace_find_cmdline() | |
554 | ||
555 | * Miscellaneous Ubuntu changes | |
556 | - [Config] Restore powerpc arch to annotations file | |
557 | - [Config] Disable runtime testing modules | |
558 | - [Config] Disable drivers not needed on s390x | |
559 | - [Config] Update annotations for 4.11 | |
560 | - [Config] updateconfigs after apparmor updates | |
561 | ||
562 | * Miscellaneous upstream changes | |
563 | - apparmor: use SHASH_DESC_ON_STACK | |
564 | - apparmor: fix invalid reference to index variable of iterator line 836 | |
565 | - apparmor: fix parameters so that the permission test is bypassed at boot | |
566 | - apparmor: Make path_max parameter readonly | |
567 | - apparmorfs: Combine two function calls into one in aa_fs_seq_raw_abi_show() | |
568 | - apparmorfs: Use seq_putc() in two functions | |
569 | - apparmor: provide information about path buffer size at boot | |
570 | - apparmor: add/use fns to print hash string hex value | |
571 | ||
572 | -- Seth Forshee <seth.forshee@canonical.com> Tue, 16 May 2017 00:39:13 -0500 | |
573 | ||
574 | linux (4.11.0-2.7) artful; urgency=low | |
575 | ||
576 | * kernel-wedge fails in artful due to leftover squashfs-modules d-i files | |
577 | (LP: #1688259) | |
578 | - Remove squashfs-modules files from d-i | |
579 | - [Config] as squashfs-modules is builtin kernel-image must Provides: it | |
580 | ||
581 | * [Zesty] d-i: replace msm_emac with qcom_emac (LP: #1677297) | |
582 | - Revert "UBUNTU: d-i: initrd needs msm_emac on amberwing platform." | |
583 | - d-i: initrd needs qcom_emac on amberwing platform. | |
584 | ||
585 | * update for V3 kernel bits and improved multiple fan slice support | |
586 | (LP: #1470091) | |
587 | - SAUCE: fan: tunnel multiple mapping mode (v3) | |
588 | ||
589 | * Miscellaneous Ubuntu changes | |
590 | - SAUCE: (noup) Update spl to 0.6.5.9-1ubuntu1, zfs to 0.6.5.9-5ubuntu5 | |
591 | - Enable zfs | |
592 | - SAUCE: fan: add VXLAN implementation | |
593 | - SAUCE: (efi-lockdown) efi: Add EFI_SECURE_BOOT bit | |
594 | - SAUCE: (efi-lockdown) Add the ability to lock down access to the running | |
595 | kernel image | |
596 | - SAUCE: (efi-lockdown) efi: Lock down the kernel if booted in secure boot | |
597 | mode | |
598 | - SAUCE: (efi-lockdown) Enforce module signatures if the kernel is locked down | |
599 | - SAUCE: (efi-lockdown) Restrict /dev/mem and /dev/kmem when the kernel is | |
600 | locked down | |
601 | - SAUCE: (efi-lockdown) Add a sysrq option to exit secure boot mode | |
602 | - SAUCE: (efi-lockdown) kexec: Disable at runtime if the kernel is locked down | |
603 | - SAUCE: (efi-lockdown) Copy secure_boot flag in boot params across kexec | |
604 | reboot | |
605 | - SAUCE: (efi-lockdown) kexec_file: Disable at runtime if securelevel has been | |
606 | set | |
607 | - SAUCE: (efi-lockdown) hibernate: Disable when the kernel is locked down | |
608 | - SAUCE: (efi-lockdown) uswsusp: Disable when the kernel is locked down | |
609 | - SAUCE: (efi-lockdown) PCI: Lock down BAR access when the kernel is locked | |
610 | down | |
611 | - SAUCE: (efi-lockdown) x86: Lock down IO port access when the kernel is | |
612 | locked down | |
613 | - SAUCE: (efi-lockdown) x86: Restrict MSR access when the kernel is locked | |
614 | down | |
615 | - SAUCE: (efi-lockdown) asus-wmi: Restrict debugfs interface when the kernel | |
616 | is locked down | |
617 | - SAUCE: (efi-lockdown) ACPI: Limit access to custom_method when the kernel is | |
618 | locked down | |
619 | - SAUCE: (efi-lockdown) acpi: Ignore acpi_rsdp kernel param when the kernel | |
620 | has been locked down | |
621 | - SAUCE: (efi-lockdown) acpi: Disable ACPI table override if the kernel is | |
622 | locked down | |
623 | - SAUCE: (efi-lockdown) acpi: Disable APEI error injection if the kernel is | |
624 | locked down | |
625 | - SAUCE: (efi-lockdown) Enable cold boot attack mitigation | |
626 | - SAUCE: (efi-lockdown) bpf: Restrict kernel image access functions when the | |
627 | kernel is locked down | |
628 | - SAUCE: (efi-lockdown) scsi: Lock down the eata driver | |
629 | - SAUCE: (efi-lockdown) Prohibit PCMCIA CIS storage when the kernel is locked | |
630 | down | |
631 | - SAUCE: (efi-lockdown) Lock down TIOCSSERIAL | |
632 | - SAUCE: (efi-lockdown) Add EFI signature data types | |
633 | - SAUCE: (efi-lockdown) Add an EFI signature blob parser and key loader. | |
634 | - SAUCE: (efi-lockdown) KEYS: Add a system blacklist keyring | |
635 | - SAUCE: (efi-lockdown) MODSIGN: Import certificates from UEFI Secure Boot | |
636 | - SAUCE: (efi-lockdown) MODSIGN: Support not importing certs from db | |
637 | - SAUCE: (efi-lockdown) MODSIGN: Don't try secure boot if EFI runtime is | |
638 | disabled | |
639 | - SAUCE: (efi-lockdown) efi: Sanitize boot_params in efi stub | |
640 | - SAUCE: (efi-lockdown) efi: Add secure_boot state and status bit for | |
641 | MokSBState | |
642 | - SAUCE: (efi-lockdown) efi: Add sysctls for secureboot and MokSBState | |
643 | - [Config] Set values for UEFI secure boot lockdown options | |
644 | - Update dropped.txt | |
645 | ||
646 | [ Upstream Kernel Changes ] | |
647 | ||
648 | * rebase to v4.11 | |
649 | ||
650 | -- Seth Forshee <seth.forshee@canonical.com> Fri, 05 May 2017 07:43:14 -0500 | |
651 | ||
652 | linux (4.11.0-1.6) artful; urgency=low | |
653 | ||
654 | * Miscellaneous Ubuntu changes | |
655 | - [Debian] Use default compression for all packages | |
656 | - SAUCE: (namespace) block_dev: Support checking inode permissions in | |
657 | lookup_bdev() | |
658 | - SAUCE: (namespace) block_dev: Check permissions towards block device inode | |
659 | when mounting | |
660 | - SAUCE: (namespace) mtd: Check permissions towards mtd block device inode | |
661 | when mounting | |
662 | - SAUCE: (namespace) fs: Allow superblock owner to change ownership of inodes | |
663 | - SAUCE: (namespace) fs: Don't remove suid for CAP_FSETID for userns root | |
664 | - SAUCE: (namespace) fs: Allow superblock owner to access do_remount_sb() | |
665 | - SAUCE: (namespace) capabilities: Allow privileged user in s_user_ns to set | |
666 | security.* xattrs | |
667 | - SAUCE: (namespace) fs: Allow CAP_SYS_ADMIN in s_user_ns to freeze and thaw | |
668 | filesystems | |
669 | - SAUCE: (namespace) fuse: Add support for pid namespaces | |
670 | - SAUCE: (namespace) fuse: Support fuse filesystems outside of init_user_ns | |
671 | - SAUCE: (namespace) fuse: Restrict allow_other to the superblock's namespace | |
672 | or a descendant | |
673 | - SAUCE: (namespace) fuse: Allow user namespace mounts | |
674 | - SAUCE: (namespace) ext4: Add support for unprivileged mounts from user | |
675 | namespaces | |
676 | - SAUCE: (namespace) evm: Don't update hmacs in user ns mounts | |
677 | - SAUCE: (namespace) ext4: Add module parameter to enable user namespace | |
678 | mounts | |
679 | - SAUCE: (namespace) block_dev: Forbid unprivileged mounting when device is | |
680 | opened for writing | |
681 | ||
682 | -- Seth Forshee <seth.forshee@canonical.com> Wed, 26 Apr 2017 10:08:29 -0500 | |
683 | ||
684 | linux (4.11.0-0.5) artful; urgency=low | |
685 | ||
686 | * [Hyper-V][SAUCE] pci-hyperv: Use only 16 bit integer for PCI domain | |
687 | (LP: #1684971) | |
688 | - SAUCE: pci-hyperv: Use only 16 bit integer for PCI domain | |
689 | ||
690 | * [Hyper-V] Ubuntu 14.04.2 LTS Generation 2 SCSI Errors on VSS Based Backups | |
691 | (LP: #1470250) | |
692 | - SAUCE: Tools: hv: vss: Thaw the filesystem and continue after freeze fails | |
693 | ||
694 | * Enable virtual scsi server driver for Power (LP: #1615665) | |
695 | - SAUCE: Return TCMU-generated sense data to fabric module | |
696 | ||
697 | * include/linux/security.h header syntax error with !CONFIG_SECURITYFS | |
698 | (LP: #1630990) | |
699 | - SAUCE: (no-up) include/linux/security.h -- fix syntax error with | |
700 | CONFIG_SECURITYFS=n | |
701 | ||
702 | * Miscellaneous Ubuntu changes | |
703 | - SAUCE: Import aufs driver | |
704 | - [Config] Enable aufs | |
705 | - [Debian] Add script to update virtualbox | |
706 | - ubuntu: vbox -- Update to 5.1.20-dfsg-2 | |
707 | - Enable vbox | |
708 | - SAUCE: aufs -- Include linux/mm.h in fs/aufs/file.h | |
709 | ||
710 | [ Upstream Kernel Changes ] | |
711 | ||
712 | * rebase to v4.11-rc8 | |
713 | ||
714 | -- Seth Forshee <seth.forshee@canonical.com> Tue, 25 Apr 2017 13:42:54 -0500 | |
715 | ||
716 | linux (4.11.0-0.4) zesty; urgency=low | |
717 | ||
718 | * POWER9: Improve performance on memory management (LP: #1681429) | |
719 | - SAUCE: powerpc/mm/radix: Don't do page walk cache flush when doing full mm | |
720 | flush | |
721 | - SAUCE: powerpc/mm/radix: Remove unnecessary ptesync | |
722 | ||
723 | * Miscellaneous Ubuntu changes | |
724 | - find-missing-sauce.sh | |
725 | ||
726 | [ Upstream Kernel Changes ] | |
727 | ||
728 | * rebase to v4.11-rc7 | |
729 | ||
730 | -- Seth Forshee <seth.forshee@canonical.com> Tue, 18 Apr 2017 08:19:43 -0500 | |
731 | ||
732 | linux (4.11.0-0.3) zesty; urgency=low | |
733 | ||
734 | * Disable CONFIG_HVC_UDBG on ppc64el (LP: #1680888) | |
735 | - [Config] Disable CONFIG_HVC_UDBG on ppc64el | |
736 | ||
737 | * smartpqi driver needed in initram disk and installer (LP: #1680156) | |
738 | - [Config] Add smartpqi to d-i | |
739 | ||
740 | * Disable CONFIG_SECURITY_SELINUX_DISABLE (LP: #1680315) | |
741 | - [Config] CONFIG_SECURITY_SELINUX_DISABLE=n | |
742 | ||
743 | * Miscellaneous Ubuntu changes | |
744 | - [Config] flash-kernel should be a Breaks | |
745 | - [Config] drop the info directory | |
746 | - [Config] drop NOTES as obsolete | |
747 | - [Config] drop changelog.historical as obsolete | |
748 | - rebase to v4.11-rc6 | |
749 | ||
750 | [ Upstream Kernel Changes ] | |
751 | ||
752 | * rebase to v4.11-rc6 | |
753 | ||
754 | -- Tim Gardner <tim.gardner@canonical.com> Tue, 11 Apr 2017 07:16:52 -0600 | |
755 | ||
756 | linux (4.11.0-0.2) zesty; urgency=low | |
757 | ||
758 | [ Upstream Kernel Changes ] | |
759 | ||
760 | * rebase to v4.11-rc5 | |
761 | ||
762 | -- Tim Gardner <tim.gardner@canonical.com> Mon, 03 Apr 2017 08:26:07 +0100 | |
763 | ||
764 | linux (4.11.0-0.1) zesty; urgency=low | |
765 | ||
766 | [ Upstream Kernel Changes ] | |
767 | ||
768 | * rebase to v4.11-rc4 | |
769 | - LP: #1591053 | |
770 | ||
771 | -- Tim Gardner <tim.gardner@canonical.com> Mon, 20 Mar 2017 05:15:32 -0600 | |
772 | ||
773 | linux (4.11.0-0.0) zesty; urgency=low | |
774 | ||
775 | * dummy entry | |
776 | ||
777 | -- Tim Gardner <tim.gardner@canonical.com> Mon, 20 Mar 2017 05:15:32 -0600 |