]> git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/blame - debian.master/changelog
projects / mirror_ubuntu-artful-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
UBUNTU: [Debian] Don't depend on initramfs-tools
[mirror_ubuntu-artful-kernel.git] / debian.master / changelog
CommitLineData
a36bcd96
SF		 1linux (4.13.0-5.6) UNRELEASED; urgency=low
2
3 CHANGELOG: Do not edit directly. Autogenerated at release.
4 CHANGELOG: Use the printchanges target to see the curent changes.
5 CHANGELOG: Use the insertchanges target to create the final log.
6
7 -- Seth Forshee <seth.forshee@canonical.com> Tue, 08 Aug 2017 13:29:12 -0500
8
cb044a55 9linux (4.13.0-4.5) artful; urgency=low
5f9f1d1e 10
cb044a55
SF		 11 * Lenovo Yoga 910 Sensors (LP: #1708120)
12 - SAUCE: (no-up) HID: Add quirk for Lenovo Yoga 910 with ITE Chips
13
14 * Unable to install Ubuntu on the NVMe disk under VMD PCI domain
15 (LP: #1703339)
16 - [Config] Add vmd driver to generic inclusion list
17
18 * Set CONFIG_SATA_HIGHBANK=y on armhf (LP: #1703430)
19 - [Config] CONFIG_SATA_HIGHBANK=y
20
21 * Miscellaneous Ubuntu changes
22 - ubuntu: vbox -- update to 5.1.26-dfsg-1
23 - SAUCE: hio: Build fixes for 4.13
24 - Enable hio build
25 - SAUCE: (noup) Update spl to 0.6.5.11-1, zfs to 0.6.5.11-1ubuntu1
26 - [debian] use all rather than amd64 dkms debs for sync
5f9f1d1e 27
a59efebc
SF		 28 [ Upstream Kernel Changes ]
29
30 * Rebase to v4.13-rc4
31
cb044a55 32 -- Seth Forshee <seth.forshee@canonical.com> Tue, 08 Aug 2017 11:31:48 -0500
5f9f1d1e 33
17f46b19 34linux (4.13.0-3.4) artful; urgency=low
0d88ae24 35
17f46b19
SF		 36 * Adt tests of src:linux time out often on armhf lxc containers (LP: #1705495)
37 - [Packaging] tests -- reduce rebuild test to one flavour
38 - [Packaging] tests -- reduce rebuild test to one flavour -- use filter
39
40 * snapd 2.26.8+17.10 ADT test failure with linux 4.12.0-6.7 (LP: #1704158)
41 - SAUCE: virtio_net: Revert mergeable buffer handling rework
0d88ae24 42
29e66935
SF		 43 [ Upstream Kernel Changes ]
44
45 * Rebase to v4.13-rc3
46
17f46b19 47 -- Seth Forshee <seth.forshee@canonical.com> Mon, 31 Jul 2017 10:08:16 -0500
0d88ae24 48
1313bc19 49linux (4.13.0-2.3) artful; urgency=low
8cc80cf4 50
1313bc19
SF		 51 * Change CONFIG_IBMVETH to module (LP: #1704479)
52 - [Config] CONFIG_IBMVETH=m
8cc80cf4 53
ec21a42b
SF		 54 [ Upstream Kernel Changes ]
55
56 * Rebase to v4.13-rc2
57
1313bc19 58 -- Seth Forshee <seth.forshee@canonical.com> Mon, 24 Jul 2017 13:58:08 -0500
8cc80cf4 59
de46943a 60linux (4.13.0-1.2) artful; urgency=low
d9969bce 61
de46943a
SF		 62 * Miscellaneous Ubuntu changes
63 - [Debian] Support sphinx-based kernel documentation
d9969bce 64
de46943a 65 -- Seth Forshee <seth.forshee@canonical.com> Thu, 20 Jul 2017 09:18:33 -0500
d9969bce 66
b92dc169 67linux (4.13.0-0.1) artful; urgency=low
de1604e6 68
b92dc169
SF		 69 * Miscellaneous Ubuntu changes
70 - Disable hio
71 - Disable zfs build
72 - ubuntu: vbox -- update to 5.1.24-dfsg-1
de1604e6 73
f2dfe78b
SF		 74 [ Upstream Kernel Changes ]
75
76 * Rebase to v4.13-rc1
77
b92dc169 78 -- Seth Forshee <seth.forshee@canonical.com> Wed, 19 Jul 2017 15:09:31 -0500
de1604e6 79
d067a903
TG		 80linux (4.12.0-7.8) artful; urgency=low
81
82 * ThunderX: soft lockup on 4.8+ kernels when running qemu-efi with vhost=on
83 (LP: #1673564)
84 - arm64: Add a facility to turn an ESR syndrome into a sysreg encoding
85 - KVM: arm/arm64: vgic-v3: Add accessors for the ICH_APxRn_EL2 registers
86 - KVM: arm64: Make kvm_condition_valid32() accessible from EL2
87 - KVM: arm64: vgic-v3: Add hook to handle guest GICv3 sysreg accesses at EL2
88 - KVM: arm64: vgic-v3: Add ICV_BPR1_EL1 handler
89 - KVM: arm64: vgic-v3: Add ICV_IGRPEN1_EL1 handler
90 - KVM: arm64: vgic-v3: Add ICV_IAR1_EL1 handler
91 - KVM: arm64: vgic-v3: Add ICV_EOIR1_EL1 handler
92 - KVM: arm64: vgic-v3: Add ICV_AP1Rn_EL1 handler
93 - KVM: arm64: vgic-v3: Add ICV_HPPIR1_EL1 handler
94 - KVM: arm64: vgic-v3: Enable trapping of Group-1 system registers
95 - KVM: arm64: Enable GICv3 Group-1 sysreg trapping via command-line
96 - KVM: arm64: vgic-v3: Add ICV_BPR0_EL1 handler
97 - KVM: arm64: vgic-v3: Add ICV_IGNREN0_EL1 handler
98 - KVM: arm64: vgic-v3: Add misc Group-0 handlers
99 - KVM: arm64: vgic-v3: Enable trapping of Group-0 system registers
100 - KVM: arm64: Enable GICv3 Group-0 sysreg trapping via command-line
101 - arm64: Add MIDR values for Cavium cn83XX SoCs
102 - arm64: Add workaround for Cavium Thunder erratum 30115
103 - KVM: arm64: vgic-v3: Add ICV_DIR_EL1 handler
104 - KVM: arm64: vgic-v3: Add ICV_RPR_EL1 handler
105 - KVM: arm64: vgic-v3: Add ICV_CTLR_EL1 handler
106 - KVM: arm64: vgic-v3: Add ICV_PMR_EL1 handler
107 - KVM: arm64: Enable GICv3 common sysreg trapping via command-line
108 - KVM: arm64: vgic-v3: Log which GICv3 system registers are trapped
109 - KVM: arm64: Log an error if trapping a read-from-write-only GICv3 access
110 - KVM: arm64: Log an error if trapping a write-to-read-only GICv3 access
111
112 * hns: under heavy load, NIC may fail and require reboot (LP: #1704146)
113 - net: hns: Bugfix for Tx timeout handling in hns driver
114
115 * New ACPI identifiers for ThunderX SMMU (LP: #1703437)
116 - iommu/arm-smmu: Plumb in new ACPI identifiers
117
118 * Transparent hugepages should default to enabled=madvise (LP: #1703742)
119 - SAUCE: use CONFIG_TRANSPARENT_HUGEPAGE_MADVISE=y as default
120
121 * Artful update to v4.12.1 stable release (LP: #1703858)
122 - driver core: platform: fix race condition with driver_override
123 - RDMA/uverbs: Check port number supplied by user verbs cmds
124 - usb: dwc3: replace %p with %pK
125 - USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick
126 - usb: usbip: set buffer pointers to NULL after free
127 - Add USB quirk for HVR-950q to avoid intermittent device resets
128 - usb: Fix typo in the definition of Endpoint[out]Request
129 - USB: core: fix device node leak
130 - USB: serial: option: add two Longcheer device ids
131 - USB: serial: qcserial: new Sierra Wireless EM7305 device ID
132 - xhci: Limit USB2 port wake support for AMD Promontory hosts
133 - gfs2: Fix glock rhashtable rcu bug
134 - Add "shutdown" to "struct class".
135 - tpm: Issue a TPM2_Shutdown for TPM2 devices.
136 - tpm: fix a kernel memory leak in tpm-sysfs.c
137 - powerpc/powernv: Fix CPU_HOTPLUG=n idle.c compile error
138 - x86/uaccess: Optimize copy_user_enhanced_fast_string() for short strings
139 - sched/fair, cpumask: Export for_each_cpu_wrap()
140 - sched/core: Implement new approach to scale select_idle_cpu()
141 - sched/numa: Use down_read_trylock() for the mmap_sem
142 - sched/numa: Override part of migrate_degrades_locality() when idle balancing
143 - sched/fair: Simplify wake_affine() for the single socket case
144 - sched/numa: Implement NUMA node level wake_affine()
145 - sched/fair: Remove effective_load()
146 - sched/numa: Hide numa_wake_affine() from UP build
147 - xen: avoid deadlock in xenbus driver
148 - crypto: drbg - Fixes panic in wait_for_completion call
149 - Linux 4.12.1
150
151 * cxlflash update request in the Xenial SRU stream (LP: #1702521)
152 - scsi: cxlflash: Combine the send queue locks
153 - scsi: cxlflash: Update cxlflash_afu_sync() to return errno
154 - scsi: cxlflash: Reset hardware queue context via specified register
155 - scsi: cxlflash: Schedule asynchronous reset of the host
156 - scsi: cxlflash: Handle AFU sync failures
157 - scsi: cxlflash: Track pending scsi commands in each hardware queue
158 - scsi: cxlflash: Flush pending commands in cleanup path
159 - scsi: cxlflash: Add scsi command abort handler
160 - scsi: cxlflash: Create character device to provide host management interface
161 - scsi: cxlflash: Separate AFU internal command handling from AFU sync
162 specifics
163 - scsi: cxlflash: Introduce host ioctl support
164 - scsi: cxlflash: Refactor AFU capability checking
165 - scsi: cxlflash: Support LUN provisioning
166 - scsi: cxlflash: Support AFU debug
167 - scsi: cxlflash: Support WS16 unmap
168 - scsi: cxlflash: Remove zeroing of private command data
169 - scsi: cxlflash: Update TMF command processing
170 - scsi: cxlflash: Avoid double free of character device
171 - scsi: cxlflash: Update send_tmf() parameters
172 - scsi: cxlflash: Update debug prints in reset handlers
173
174 * make snap-pkg support (LP: #1700747)
175 - make snap-pkg support
176
177 * Quirk for non-compliant PCI bridge on HiSilicon D05 board (LP: #1698706)
178 - SAUCE: PCI: Support hibmc VGA cards behind a misbehaving HiSilicon bridge
179
180 * arm64: fix crash reading /proc/kcore (LP: #1702749)
181 - fs/proc: kcore: use kcore_list type to check for vmalloc/module address
182 - arm64: mm: select CONFIG_ARCH_PROC_KCORE_TEXT
183
184 * Opal and POWER9 DD2 (LP: #1702159)
185 - SAUCE: powerpc/powernv: Tell OPAL about our MMU mode on POWER9
186
187 * Data corruption with hio driver (LP: #1701316)
188 - SAUCE: hio: Fix incorrect use of enum req_opf values
189
190 * Miscellaneous Ubuntu changes
191 - SAUCE: (noup) Update spl to 0.6.5.10-1, zfs to 0.6.5.10-1ubuntu2
192 - snapcraft.yaml: Sync with xenial
193 - [Config] CONFIG_CAVIUM_ERRATUM_30115=y
194
195 * Miscellaneous upstream changes
196 - Revert "UBUNTU: SAUCE: (efi-lockdown) efi: Add sysctls for secureboot and
197 MokSBState"
198
199 -- Seth Forshee <seth.forshee@canonical.com> Fri, 14 Jul 2017 15:25:41 -0500
200
201linux (4.12.0-6.7) artful; urgency=low
202
203 * update ENA driver to 1.2.0k from net-next (LP: #1701575)
204 - net: ena: change return value for unsupported features unsupported return
205 value
206 - net: ena: add hardware hints capability to the driver
207 - net: ena: change sizeof() argument to be the type pointer
208 - net: ena: add reset reason for each device FLR
209 - net: ena: add support for out of order rx buffers refill
210 - net: ena: allow the driver to work with small number of msix vectors
211 - net: ena: use napi_schedule_irqoff when possible
212 - net: ena: separate skb allocation to dedicated function
213 - net: ena: use lower_32_bits()/upper_32_bits() to split dma address
214 - net: ena: update driver's rx drop statistics
215 - net: ena: update ena driver to version 1.2.0
216
217 * APST gets enabled against explicit kernel option (LP: #1699004)
218 - nvme: explicitly disable APST on quirked devices
219
220 * Miscellaneous Ubuntu changes
221 - SAUCE: hio: Update to Huawei ES3000_V2 (2.1.0.40)
222 - SAUCE: hio updates for 4.12
223 - SAUCE: Enable hio build
224
225 -- Seth Forshee <seth.forshee@canonical.com> Wed, 05 Jul 2017 14:23:20 -0500
226
227linux (4.12.0-5.6) artful; urgency=low
228
229 * ERAT invalidate on context switch removal (LP: #1700819)
230 - powerpc: Only do ERAT invalidate on radix context switch on P9 DD1
231
232 * powerpc: Invalidate ERAT on powersave wakeup for POWER9 (LP: #1700521)
233 - SAUCE: powerpc: Invalidate ERAT on powersave wakeup for POWER9
234
235 * Miscellaneous Ubuntu changes
236 - d-i: Move qcom-emac from arm64 to shared nic-modules
237
238 [ Upstream Kernel Changes ]
239
240 * Rebase to v4.12
241
242 -- Seth Forshee <seth.forshee@canonical.com> Mon, 03 Jul 2017 07:52:02 -0500
243
244linux (4.12.0-4.5) artful; urgency=low
245
246 * aacraid driver may return uninitialized stack data to userspace
247 (LP: #1700077)
248 - SAUCE: scsi: aacraid: Don't copy uninitialized stack memory to userspace
249
250 * KILLER1435-S[0489:e0a2] BT cannot search BT 4.0 device (LP: #1699651)
251 - Bluetooth: btusb: Add support for 0489:e0a2 QCA_ROME device
252
253 * AACRAID for power9 platform (LP: #1689980)
254 - scsi: aacraid: Remove __GFP_DMA for raw srb memory
255 - scsi: aacraid: Fix DMAR issues with iommu=pt
256 - scsi: aacraid: Added 32 and 64 queue depth for arc natives
257 - scsi: aacraid: Set correct Queue Depth for HBA1000 RAW disks
258 - scsi: aacraid: Remove reset support from check_health
259 - scsi: aacraid: Change wait time for fib completion
260 - scsi: aacraid: Log count info of scsi cmds before reset
261 - scsi: aacraid: Print ctrl status before eh reset
262 - scsi: aacraid: Using single reset mask for IOP reset
263 - scsi: aacraid: Rework IOP reset
264 - scsi: aacraid: Add periodic checks to see IOP reset status
265 - scsi: aacraid: Rework SOFT reset code
266 - scsi: aacraid: Rework aac_src_restart
267 - scsi: aacraid: Use correct function to get ctrl health
268 - scsi: aacraid: Make sure ioctl returns on controller reset
269 - scsi: aacraid: Enable ctrl reset for both hba and arc
270 - scsi: aacraid: Add reset debugging statements
271 - scsi: aacraid: Remove reference to Series-9
272 - scsi: aacraid: Update driver version to 50834
273
274 * hibmc driver does not include "pci:" prefix in bus ID (LP: #1698700)
275 - SAUCE: drm: hibmc: Use set_busid function from drm core
276
277 * HiSilicon D05: installer doesn't appear on VGA (LP: #1698954)
278 - d-i: Add hibmc-drm to kernel-image udeb
279
280 * Fix /proc/cpuinfo revision for POWER9 DD2 (LP: #1698844)
281 - SAUCE: powerpc: Fix /proc/cpuinfo revision for POWER9 DD2
282
283 * Miscellaneous Ubuntu changes
284 - [Config] CONFIG_SATA_MV=n and CONFIG_GENERIC_PHY=n for s390x
285 - [Config] CONFIG_ATA=n for s390x
286 - [Config] Update annotations for 4.12
287
288 [ Upstream Kernel Changes ]
289
290 * Rebase to v4.12-rc7
291
292 -- Seth Forshee <seth.forshee@canonical.com> Mon, 26 Jun 2017 11:27:29 -0500
293
294linux (4.12.0-3.4) artful; urgency=low
295
296 * Miscellaneous upstream changes
297 - ufs: fix the logics for tail relocation
298
299 [ Upstream Kernel Changes ]
300
301 * Rebase to v4.12-rc6
302
303 -- Seth Forshee <seth.forshee@canonical.com> Mon, 19 Jun 2017 14:50:39 -0500
304
305linux (4.12.0-2.3) artful; urgency=low
306
307 * CVE-2014-9900
308 - SAUCE: (no-up) net: Zeroing the structure ethtool_wolinfo in
309 ethtool_get_wol()
310
311 * System doesn't boot properly on Gigabyte AM4 motherboards (AMD Ryzen)
312 (LP: #1671360)
313 - pinctrl/amd: Use regular interrupt instead of chained
314
315 * extend-diff-ignore should use exact matches (LP: #1693504)
316 - [Packaging] exact extend-diff-ignore matches
317
318 * Miscellaneous Ubuntu changes
319 - SAUCE: efi: Don't print secure boot state from the efi stub
320 - ubuntu: vbox -- Update to 5.1.22-dfsg-1
321 - SAUCE: vbox fixes for 4.12
322 - Re-enable virtualbox build
323 - [Config] CONFIG_ORANGEFS_FS=m
324 - SAUCE: (noup) Update spl to 0.6.5.9-1ubuntu2, zfs to 0.6.5.9-5ubuntu7
325 - Enable zfs build
326
327 [ Upstream Kernel Changes ]
328
329 * Rebase to v4.12-rc4
330 * Rebase to v4.12-rc5
331
332 -- Seth Forshee <seth.forshee@canonical.com> Sun, 11 Jun 2017 22:25:13 -0500
333
334linux (4.12.0-1.2) artful; urgency=low
335
336 * Enable Matrox driver for Ubuntu 16.04.3 (LP: #1693337)
337 - [Config] Enable CONFIG_DRM_MGAG200 as module
338
339 * Support low-pin-count devices on Hisilicon SoCs (LP: #1677319)
340 - [Config] CONFIG_LIBIO=y on arm64 only
341 - SAUCE: LIBIO: Introduce a generic PIO mapping method
342 - SAUCE: OF: Add missing I/O range exception for indirect-IO devices
343 - [Config] CONFIG_HISILICON_LPC=y
344 - SAUCE: LPC: Support the device-tree LPC host on Hip06/Hip07
345 - SAUCE: LIBIO: Support the dynamically logical PIO registration of ACPI host
346 I/O
347 - SAUCE: LPC: Add the ACPI LPC support
348 - SAUCE: PCI: Apply the new generic I/O management on PCI IO hosts
349 - SAUCE: PCI: Restore codepath for !CONFIG_LIBIO
350
351 * POWER9: Additional patches for TTY and CPU_IDLE (LP: #1674325)
352 - SAUCE: tty: Fix ldisc crash on reopened tty
353
354 * Miscellaneous Ubuntu changes
355 - [Debian] Add build-dep on libnuma-dev to enable 'perf bench numa'
356 - Rebase to v4.12-rc3
357
358 [ Upstream Kernel Changes ]
359
360 * Rebase to v4.12-rc3
361
362 -- Seth Forshee <seth.forshee@canonical.com> Mon, 29 May 2017 20:56:29 -0500
363
364linux (4.12.0-0.1) artful; urgency=low
365
366 * please enable CONFIG_ARM64_LSE_ATOMICS (LP: #1691614)
367 - [Config] CONFIG_ARM64_LSE_ATOMICS=y
368
369 * [Regression] NUMA_BALANCING disabled on arm64 (LP: #1690914)
370 - [Config] CONFIG_NUMA_BALANCING{,_DEFAULT_ENABLED}=y on arm64
371
372 * exec'ing a setuid binary from a threaded program sometimes fails to setuid
373 (LP: #1672819)
374 - SAUCE: exec: ensure file system accounting in check_unsafe_exec is correct
375
376 * Miscellaneous Ubuntu changes
377 - Update find-missing-sauce.sh to compare to artful
378 - Update dropped.txt
379 - SAUCE: (efi-lockdown) efi: Add EFI_SECURE_BOOT bit
380 - SAUCE: (efi-lockdown) Add the ability to lock down access to the running
381 kernel image
382 - SAUCE: (efi-lockdown) efi: Lock down the kernel if booted in secure boot
383 mode
384 - SAUCE: (efi-lockdown) Enforce module signatures if the kernel is locked down
385 - SAUCE: (efi-lockdown) Restrict /dev/mem and /dev/kmem when the kernel is
386 locked down
387 - SAUCE: (efi-lockdown) Add a sysrq option to exit secure boot mode
388 - SAUCE: (efi-lockdown) kexec: Disable at runtime if the kernel is locked down
389 - SAUCE: (efi-lockdown) Copy secure_boot flag in boot params across kexec
390 reboot
391 - SAUCE: (efi-lockdown) kexec_file: Disable at runtime if securelevel has been
392 set
393 - SAUCE: (efi-lockdown) hibernate: Disable when the kernel is locked down
394 - SAUCE: (efi-lockdown) uswsusp: Disable when the kernel is locked down
395 - SAUCE: (efi-lockdown) PCI: Lock down BAR access when the kernel is locked
396 down
397 - SAUCE: (efi-lockdown) x86: Lock down IO port access when the kernel is
398 locked down
399 - SAUCE: (efi-lockdown) x86: Restrict MSR access when the kernel is locked
400 down
401 - SAUCE: (efi-lockdown) asus-wmi: Restrict debugfs interface when the kernel
402 is locked down
403 - SAUCE: (efi-lockdown) ACPI: Limit access to custom_method when the kernel is
404 locked down
405 - SAUCE: (efi-lockdown) acpi: Ignore acpi_rsdp kernel param when the kernel
406 has been locked down
407 - SAUCE: (efi-lockdown) acpi: Disable ACPI table override if the kernel is
408 locked down
409 - SAUCE: (efi-lockdown) acpi: Disable APEI error injection if the kernel is
410 locked down
411 - SAUCE: (efi-lockdown) Enable cold boot attack mitigation
412 - SAUCE: (efi-lockdown) bpf: Restrict kernel image access functions when the
413 kernel is locked down
414 - SAUCE: (efi-lockdown) scsi: Lock down the eata driver
415 - SAUCE: (efi-lockdown) Prohibit PCMCIA CIS storage when the kernel is locked
416 down
417 - SAUCE: (efi-lockdown) Lock down TIOCSSERIAL
418 - SAUCE: (efi-lockdown) KEYS: Allow unrestricted boot-time addition of keys to
419 secondary keyring
420 - SAUCE: (efi-lockdown) efi: Add EFI signature data types
421 - SAUCE: (efi-lockdown) efi: Add an EFI signature blob parser
422 - SAUCE: (efi-lockdown) MODSIGN: Import certificates from UEFI Secure Boot
423 - SAUCE: (efi-lockdown) MODSIGN: Allow the "db" UEFI variable to be suppressed
424 - SAUCE: (efi-lockdown) efi: Sanitize boot_params in efi stub
425 - SAUCE: (efi-lockdown) efi: Add secure_boot state and status bit for
426 MokSBState
427 - SAUCE: (efi-lockdown) efi: Add sysctls for secureboot and MokSBState
428 - [Config] Set values for UEFI secure boot lockdown options
429 - Disable virtualbox build
430 - Disable hio build
431 - SAUCE: securityfs: Replace CURRENT_TIME with current_time()
432 - Disable zfs build
433 - [Debian] Work out upstream tag for use with gen-auto-reconstruct
434 - SAUCE: Import aufs driver
435 - SAUCE: aufs -- Include linux/mm.h in fs/aufs/file.h
436 - [Config] Enable aufs
437 - SAUCE: perf callchain: Include errno.h on x86 unconditinally
438
439 [ Upstream Kernel Changes ]
440
441 * Rebase to v4.12-rc2
442
443 -- Seth Forshee <seth.forshee@canonical.com> Sun, 21 May 2017 23:44:44 -0500
444
445linux (4.11.0-3.8) artful; urgency=low
446
447 [ Seth Forshee ]
448
449 * Release Tracking Bug
450 - LP: #1690999
451
452 * apparmor_parser hangs indefinitely when called by multiple threads
453 (LP: #1645037)
454 - SAUCE: apparmor: fix lock ordering for mkdir
455
456 * apparmor leaking securityfs pin count (LP: #1660846)
457 - SAUCE: apparmor: fix leak on securityfs pin count
458
459 * apparmor reference count leak when securityfs_setup_d_inode\ () fails
460 (LP: #1660845)
461 - SAUCE: apparmor: fix reference count leak when securityfs_setup_d_inode()
462 fails
463
464 * apparmor not checking error if security_pin_fs() fails (LP: #1660842)
465 - SAUCE: apparmor: fix not handling error case when securityfs_pin_fs() fails
466
467 * libvirt profile is blocking global setrlimit despite having no rlimit rule
468 (LP: #1679704)
469 - SAUCE: apparmor: fix complain mode failure for rlimit mediation
470 - apparmor: update auditing of rlimit check to provide capability information
471
472 * apparmor: does not provide a way to detect policy updataes (LP: #1678032)
473 - SAUCE: apparmor: add policy revision file interface
474
475 * apparmor does not make support of query data visible (LP: #1678023)
476 - SAUCE: apparmor: add label data availability to the feature set
477
478 * apparmor query interface does not make supported query info available
479 (LP: #1678030)
480 - SAUCE: apparmor: add information about the query inteface to the feature set
481
482 * change_profile incorrect when using namespaces with a compound stack
483 (LP: #1677959)
484 - SAUCE: apparmor: fix label parse for stacked labels
485
486 * Regression in 4.4.0-65-generic causes very frequent system crashes
487 (LP: #1669611)
488 - apparmor: sync of apparmor 3.6+ (17.04)
489
490 * Artful update to 4.11.1 stable release (LP: #1690814)
491 - dm ioctl: prevent stack leak in dm ioctl call
492 - drm/sti: fix GDP size to support up to UHD resolution
493 - power: supply: lp8788: prevent out of bounds array access
494 - brcmfmac: Ensure pointer correctly set if skb data location changes
495 - brcmfmac: Make skb header writable before use
496 - sparc64: fix fault handling in NGbzero.S and GENbzero.S
497 - refcount: change EXPORT_SYMBOL markings
498 - net: macb: fix phy interrupt parsing
499 - tcp: fix access to sk->sk_state in tcp_poll()
500 - geneve: fix incorrect setting of UDP checksum flag
501 - bpf: enhance verifier to understand stack pointer arithmetic
502 - bpf, arm64: fix jit branch offset related to ldimm64
503 - tcp: fix wraparound issue in tcp_lp
504 - net: ipv6: Do not duplicate DAD on link up
505 - net: usb: qmi_wwan: add Telit ME910 support
506 - tcp: do not inherit fastopen_req from parent
507 - ipv4, ipv6: ensure raw socket message is big enough to hold an IP header
508 - rtnetlink: NUL-terminate IFLA_PHYS_PORT_NAME string
509 - ipv6: initialize route null entry in addrconf_init()
510 - ipv6: reorder ip6_route_dev_notifier after ipv6_dev_notf
511 - tcp: randomize timestamps on syncookies
512 - bnxt_en: allocate enough space for ->ntp_fltr_bmap
513 - bpf: don't let ldimm64 leak map addresses on unprivileged
514 - net: mdio-mux: bcm-iproc: call mdiobus_free() in error path
515 - f2fs: sanity check segment count
516 - xen/arm,arm64: fix xen_dma_ops after 815dd18 "Consolidate get_dma_ops..."
517 - xen: Revert commits da72ff5bfcb0 and 72a9b186292d
518 - block: get rid of blk_integrity_revalidate()
519 - Linux 4.11.1
520
521 * Module signing exclusion for staging drivers does not work properly
522 (LP: #1690908)
523 - SAUCE: Fix module signing exclusion in package builds
524
525 * perf: qcom: Add L3 cache PMU driver (LP: #1689856)
526 - [Config] CONFIG_QCOM_L3_PMU=y
527 - perf: qcom: Add L3 cache PMU driver
528
529 * No PMU support for ACPI-based arm64 systems (LP: #1689661)
530 - drivers/perf: arm_pmu: rework per-cpu allocation
531 - drivers/perf: arm_pmu: manage interrupts per-cpu
532 - drivers/perf: arm_pmu: split irq request from enable
533 - drivers/perf: arm_pmu: remove pointless PMU disabling
534 - drivers/perf: arm_pmu: define armpmu_init_fn
535 - drivers/perf: arm_pmu: fold init into alloc
536 - drivers/perf: arm_pmu: factor out pmu registration
537 - drivers/perf: arm_pmu: simplify cpu_pmu_request_irqs()
538 - drivers/perf: arm_pmu: handle no platform_device
539 - drivers/perf: arm_pmu: rename irq request/free functions
540 - drivers/perf: arm_pmu: split cpu-local irq request/free
541 - drivers/perf: arm_pmu: move irq request/free into probe
542 - drivers/perf: arm_pmu: split out platform device probe logic
543 - arm64: add function to get a cpu's MADT GICC table
544 - [Config] CONFIG_ARM_PMU_ACPI=y
545 - drivers/perf: arm_pmu: add ACPI framework
546 - arm64: pmuv3: handle !PMUv3 when probing
547 - arm64: pmuv3: use arm_pmu ACPI framework
548
549 * Fix NVLINK2 TCE route (LP: #1690155)
550 - powerpc/powernv: Fix TCE kill on NVLink2
551
552 * CVE-2017-0605
553 - tracing: Use strlcpy() instead of strcpy() in __trace_find_cmdline()
554
555 * Miscellaneous Ubuntu changes
556 - [Config] Restore powerpc arch to annotations file
557 - [Config] Disable runtime testing modules
558 - [Config] Disable drivers not needed on s390x
559 - [Config] Update annotations for 4.11
560 - [Config] updateconfigs after apparmor updates
561
562 * Miscellaneous upstream changes
563 - apparmor: use SHASH_DESC_ON_STACK
564 - apparmor: fix invalid reference to index variable of iterator line 836
565 - apparmor: fix parameters so that the permission test is bypassed at boot
566 - apparmor: Make path_max parameter readonly
567 - apparmorfs: Combine two function calls into one in aa_fs_seq_raw_abi_show()
568 - apparmorfs: Use seq_putc() in two functions
569 - apparmor: provide information about path buffer size at boot
570 - apparmor: add/use fns to print hash string hex value
571
572 -- Seth Forshee <seth.forshee@canonical.com> Tue, 16 May 2017 00:39:13 -0500
573
574linux (4.11.0-2.7) artful; urgency=low
575
576 * kernel-wedge fails in artful due to leftover squashfs-modules d-i files
577 (LP: #1688259)
578 - Remove squashfs-modules files from d-i
579 - [Config] as squashfs-modules is builtin kernel-image must Provides: it
580
581 * [Zesty] d-i: replace msm_emac with qcom_emac (LP: #1677297)
582 - Revert "UBUNTU: d-i: initrd needs msm_emac on amberwing platform."
583 - d-i: initrd needs qcom_emac on amberwing platform.
584
585 * update for V3 kernel bits and improved multiple fan slice support
586 (LP: #1470091)
587 - SAUCE: fan: tunnel multiple mapping mode (v3)
588
589 * Miscellaneous Ubuntu changes
590 - SAUCE: (noup) Update spl to 0.6.5.9-1ubuntu1, zfs to 0.6.5.9-5ubuntu5
591 - Enable zfs
592 - SAUCE: fan: add VXLAN implementation
593 - SAUCE: (efi-lockdown) efi: Add EFI_SECURE_BOOT bit
594 - SAUCE: (efi-lockdown) Add the ability to lock down access to the running
595 kernel image
596 - SAUCE: (efi-lockdown) efi: Lock down the kernel if booted in secure boot
597 mode
598 - SAUCE: (efi-lockdown) Enforce module signatures if the kernel is locked down
599 - SAUCE: (efi-lockdown) Restrict /dev/mem and /dev/kmem when the kernel is
600 locked down
601 - SAUCE: (efi-lockdown) Add a sysrq option to exit secure boot mode
602 - SAUCE: (efi-lockdown) kexec: Disable at runtime if the kernel is locked down
603 - SAUCE: (efi-lockdown) Copy secure_boot flag in boot params across kexec
604 reboot
605 - SAUCE: (efi-lockdown) kexec_file: Disable at runtime if securelevel has been
606 set
607 - SAUCE: (efi-lockdown) hibernate: Disable when the kernel is locked down
608 - SAUCE: (efi-lockdown) uswsusp: Disable when the kernel is locked down
609 - SAUCE: (efi-lockdown) PCI: Lock down BAR access when the kernel is locked
610 down
611 - SAUCE: (efi-lockdown) x86: Lock down IO port access when the kernel is
612 locked down
613 - SAUCE: (efi-lockdown) x86: Restrict MSR access when the kernel is locked
614 down
615 - SAUCE: (efi-lockdown) asus-wmi: Restrict debugfs interface when the kernel
616 is locked down
617 - SAUCE: (efi-lockdown) ACPI: Limit access to custom_method when the kernel is
618 locked down
619 - SAUCE: (efi-lockdown) acpi: Ignore acpi_rsdp kernel param when the kernel
620 has been locked down
621 - SAUCE: (efi-lockdown) acpi: Disable ACPI table override if the kernel is
622 locked down
623 - SAUCE: (efi-lockdown) acpi: Disable APEI error injection if the kernel is
624 locked down
625 - SAUCE: (efi-lockdown) Enable cold boot attack mitigation
626 - SAUCE: (efi-lockdown) bpf: Restrict kernel image access functions when the
627 kernel is locked down
628 - SAUCE: (efi-lockdown) scsi: Lock down the eata driver
629 - SAUCE: (efi-lockdown) Prohibit PCMCIA CIS storage when the kernel is locked
630 down
631 - SAUCE: (efi-lockdown) Lock down TIOCSSERIAL
632 - SAUCE: (efi-lockdown) Add EFI signature data types
633 - SAUCE: (efi-lockdown) Add an EFI signature blob parser and key loader.
634 - SAUCE: (efi-lockdown) KEYS: Add a system blacklist keyring
635 - SAUCE: (efi-lockdown) MODSIGN: Import certificates from UEFI Secure Boot
636 - SAUCE: (efi-lockdown) MODSIGN: Support not importing certs from db
637 - SAUCE: (efi-lockdown) MODSIGN: Don't try secure boot if EFI runtime is
638 disabled
639 - SAUCE: (efi-lockdown) efi: Sanitize boot_params in efi stub
640 - SAUCE: (efi-lockdown) efi: Add secure_boot state and status bit for
641 MokSBState
642 - SAUCE: (efi-lockdown) efi: Add sysctls for secureboot and MokSBState
643 - [Config] Set values for UEFI secure boot lockdown options
644 - Update dropped.txt
645
646 [ Upstream Kernel Changes ]
647
648 * rebase to v4.11
649
650 -- Seth Forshee <seth.forshee@canonical.com> Fri, 05 May 2017 07:43:14 -0500
651
652linux (4.11.0-1.6) artful; urgency=low
653
654 * Miscellaneous Ubuntu changes
655 - [Debian] Use default compression for all packages
656 - SAUCE: (namespace) block_dev: Support checking inode permissions in
657 lookup_bdev()
658 - SAUCE: (namespace) block_dev: Check permissions towards block device inode
659 when mounting
660 - SAUCE: (namespace) mtd: Check permissions towards mtd block device inode
661 when mounting
662 - SAUCE: (namespace) fs: Allow superblock owner to change ownership of inodes
663 - SAUCE: (namespace) fs: Don't remove suid for CAP_FSETID for userns root
664 - SAUCE: (namespace) fs: Allow superblock owner to access do_remount_sb()
665 - SAUCE: (namespace) capabilities: Allow privileged user in s_user_ns to set
666 security.* xattrs
667 - SAUCE: (namespace) fs: Allow CAP_SYS_ADMIN in s_user_ns to freeze and thaw
668 filesystems
669 - SAUCE: (namespace) fuse: Add support for pid namespaces
670 - SAUCE: (namespace) fuse: Support fuse filesystems outside of init_user_ns
671 - SAUCE: (namespace) fuse: Restrict allow_other to the superblock's namespace
672 or a descendant
673 - SAUCE: (namespace) fuse: Allow user namespace mounts
674 - SAUCE: (namespace) ext4: Add support for unprivileged mounts from user
675 namespaces
676 - SAUCE: (namespace) evm: Don't update hmacs in user ns mounts
677 - SAUCE: (namespace) ext4: Add module parameter to enable user namespace
678 mounts
679 - SAUCE: (namespace) block_dev: Forbid unprivileged mounting when device is
680 opened for writing
681
682 -- Seth Forshee <seth.forshee@canonical.com> Wed, 26 Apr 2017 10:08:29 -0500
683
684linux (4.11.0-0.5) artful; urgency=low
685
686 * [Hyper-V][SAUCE] pci-hyperv: Use only 16 bit integer for PCI domain
687 (LP: #1684971)
688 - SAUCE: pci-hyperv: Use only 16 bit integer for PCI domain
689
690 * [Hyper-V] Ubuntu 14.04.2 LTS Generation 2 SCSI Errors on VSS Based Backups
691 (LP: #1470250)
692 - SAUCE: Tools: hv: vss: Thaw the filesystem and continue after freeze fails
693
694 * Enable virtual scsi server driver for Power (LP: #1615665)
695 - SAUCE: Return TCMU-generated sense data to fabric module
696
697 * include/linux/security.h header syntax error with !CONFIG_SECURITYFS
698 (LP: #1630990)
699 - SAUCE: (no-up) include/linux/security.h -- fix syntax error with
700 CONFIG_SECURITYFS=n
701
702 * Miscellaneous Ubuntu changes
703 - SAUCE: Import aufs driver
704 - [Config] Enable aufs
705 - [Debian] Add script to update virtualbox
706 - ubuntu: vbox -- Update to 5.1.20-dfsg-2
707 - Enable vbox
708 - SAUCE: aufs -- Include linux/mm.h in fs/aufs/file.h
709
710 [ Upstream Kernel Changes ]
711
712 * rebase to v4.11-rc8
713
714 -- Seth Forshee <seth.forshee@canonical.com> Tue, 25 Apr 2017 13:42:54 -0500
715
716linux (4.11.0-0.4) zesty; urgency=low
717
718 * POWER9: Improve performance on memory management (LP: #1681429)
719 - SAUCE: powerpc/mm/radix: Don't do page walk cache flush when doing full mm
720 flush
721 - SAUCE: powerpc/mm/radix: Remove unnecessary ptesync
722
723 * Miscellaneous Ubuntu changes
724 - find-missing-sauce.sh
725
726 [ Upstream Kernel Changes ]
727
728 * rebase to v4.11-rc7
729
730 -- Seth Forshee <seth.forshee@canonical.com> Tue, 18 Apr 2017 08:19:43 -0500
731
732linux (4.11.0-0.3) zesty; urgency=low
733
734 * Disable CONFIG_HVC_UDBG on ppc64el (LP: #1680888)
735 - [Config] Disable CONFIG_HVC_UDBG on ppc64el
736
737 * smartpqi driver needed in initram disk and installer (LP: #1680156)
738 - [Config] Add smartpqi to d-i
739
740 * Disable CONFIG_SECURITY_SELINUX_DISABLE (LP: #1680315)
741 - [Config] CONFIG_SECURITY_SELINUX_DISABLE=n
742
743 * Miscellaneous Ubuntu changes
744 - [Config] flash-kernel should be a Breaks
745 - [Config] drop the info directory
746 - [Config] drop NOTES as obsolete
747 - [Config] drop changelog.historical as obsolete
748 - rebase to v4.11-rc6
749
750 [ Upstream Kernel Changes ]
751
752 * rebase to v4.11-rc6
753
754 -- Tim Gardner <tim.gardner@canonical.com> Tue, 11 Apr 2017 07:16:52 -0600
755
756linux (4.11.0-0.2) zesty; urgency=low
757
758 [ Upstream Kernel Changes ]
759
760 * rebase to v4.11-rc5
761
762 -- Tim Gardner <tim.gardner@canonical.com> Mon, 03 Apr 2017 08:26:07 +0100
763
764linux (4.11.0-0.1) zesty; urgency=low
765
766 [ Upstream Kernel Changes ]
767
768 * rebase to v4.11-rc4
769 - LP: #1591053
770
771 -- Tim Gardner <tim.gardner@canonical.com> Mon, 20 Mar 2017 05:15:32 -0600
772
773linux (4.11.0-0.0) zesty; urgency=low
774
775 * dummy entry
776
777 -- Tim Gardner <tim.gardner@canonical.com> Mon, 20 Mar 2017 05:15:32 -0600
Ubuntu Artful kernel mirror