+linux (4.13.0-44.49) UNRELEASED; urgency=medium
+
+ CHANGELOG: Do not edit directly. Autogenerated at release.
+ CHANGELOG: Use the printchanges target to see the curent changes.
+ CHANGELOG: Use the insertchanges target to create the final log.
+
+ -- Stefan Bader <stefan.bader@canonical.com> Wed, 23 May 2018 09:06:26 +0200
+
+linux (4.13.0-43.48) artful; urgency=medium
+
+ * CVE-2018-3639 (powerpc)
+ - SAUCE: rfi-flush: update H_CPU_* macro names to upstream
+ - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to
+ upstream
+ - SAUCE: update pseries_setup_rfi_flush() capitalization to upstream
+ - powerpc/pseries: Support firmware disable of RFI flush
+ - powerpc/powernv: Support firmware disable of RFI flush
+ - powerpc/64s: Allow control of RFI flush via debugfs
+ - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
+ - powerpc/rfi-flush: Always enable fallback flush on pseries
+ - powerpc/rfi-flush: Differentiate enabled and patched flush types
+ - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
+ - powerpc: Add security feature flags for Spectre/Meltdown
+ - powerpc/powernv: Set or clear security feature flags
+ - powerpc/pseries: Set or clear security feature flags
+ - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
+ - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
+ - powerpc/pseries: Fix clearing of security feature flags
+ - powerpc: Move default security feature flags
+ - powerpc/pseries: Restore default security feature flags on setup
+ - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit
+
+ * CVE-2018-3639 (x86)
+ - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES
+ - SAUCE: x86: Add alternative_msr_write
+ - x86/nospec: Simplify alternative_msr_write()
+ - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
+ - x86/bugs: Concentrate bug detection into a separate function
+ - x86/bugs: Concentrate bug reporting into a separate function
+ - x86/msr: Add definitions for new speculation control MSRs
+ - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
+ - x86/bugs, KVM: Support the combination of guest and host IBRS
+ - x86/bugs: Expose /sys/../spec_store_bypass
+ - x86/cpufeatures: Add X86_FEATURE_RDS
+ - x86/bugs: Provide boot parameters for the spec_store_bypass_disable
+ mitigation
+ - x86/bugs/intel: Set proper CPU features and setup RDS
+ - x86/bugs: Whitelist allowed SPEC_CTRL MSR values
+ - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
+ - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
+ - x86/speculation: Create spec-ctrl.h to avoid include hell
+ - prctl: Add speculation control prctls
+ - x86/process: Allow runtime control of Speculative Store Bypass
+ - x86/speculation: Add prctl for Speculative Store Bypass mitigation
+ - nospec: Allow getting/setting on non-current task
+ - proc: Provide details on speculation flaw mitigations
+ - seccomp: Enable speculation flaw mitigations
+ - SAUCE: x86/bugs: Honour SPEC_CTRL default
+ - x86/bugs: Make boot modes __ro_after_init
+ - prctl: Add force disable speculation
+ - seccomp: Use PR_SPEC_FORCE_DISABLE
+ - seccomp: Add filter flag to opt-out of SSB mitigation
+ - seccomp: Move speculation migitation control to arch code
+ - x86/speculation: Make "seccomp" the default mode for Speculative Store
+ Bypass
+ - x86/bugs: Rename _RDS to _SSBD
+ - proc: Use underscores for SSBD in 'status'
+ - Documentation/spec_ctrl: Do some minor cleanups
+ - x86/bugs: Fix __ssb_select_mitigation() return type
+ - x86/bugs: Make cpu_show_common() static
+
+ * LSM Stacking prctl values should be redefined as to not collide with
+ upstream prctls (LP: #1769263) // CVE-2018-3639
+ - SAUCE: LSM stacking: adjust prctl values
+
+ -- Stefan Bader <stefan.bader@canonical.com> Tue, 15 May 2018 07:39:26 +0200
+
+linux (4.13.0-42.47) artful; urgency=medium
+
+ * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993)
+
+ * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850)
+ - arm64: fix CONFIG_DEBUG_WX address reporting
+
+ * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977)
+ - net: hns: Avoid action name truncation
+
+ * CVE-2017-18208
+ - mm/madvise.c: fix madvise() infinite loop under special circumstances
+
+ * CVE-2018-8822
+ - staging: ncpfs: memory corruption in ncp_read_kernel()
+
+ * CVE-2017-18203
+ - dm: fix race between dm_get_from_kobject() and __dm_destroy()
+
+ * CVE-2017-17449
+ - netlink: Add netns check on taps
+
+ * CVE-2017-17975
+ - media: usbtv: prevent double free in error case
+
+ * [8086:3e92] display becomes blank after S3 (LP: #1763271)
+ - drm/i915/edp: Allow alternate fixed mode for eDP if available.
+ - drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp
+ - drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp
+ - drm/i915/edp: Do not do link training fallback or prune modes on EDP
+
+ * sky2 gigabit ethernet driver sometimes stops working after lid-open resume
+ from sleep (88E8055) (LP: #1758507)
+ - sky2: Increase D3 delay to sky2 stops working after suspend
+
+ * perf vendor events arm64: Enable JSON events for ThunderX2 B0 (LP: #1760712)
+ - perf vendor events arm64: Enable JSON events for ThunderX2 B0
+
+ * No network with e1000e driver on 4.13.0-38-generic (LP: #1762693)
+ - e1000e: Fix e1000_check_for_copper_link_ich8lan return value.
+
+ * /dev/ipmi enumeration flaky on Cavium Sabre nodes (LP: #1762812)
+ - i2c: xlp9xx: return ENXIO on slave address NACK
+ - i2c: xlp9xx: Handle transactions with I2C_M_RECV_LEN properly
+ - i2c: xlp9xx: Check for Bus state before every transfer
+ - i2c: xlp9xx: Handle NACK on DATA properly
+
+ * "ip a" command on a guest VM shows UNKNOWN status (LP: #1761534)
+ - virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS
+
+ * fix regression in mm/hotplug, allows NVIDIA driver to work (LP: #1761104)
+ - SAUCE: Fix revert "mm, memory_hotplug: do not associate hotadded memory to
+ zones until online"
+
+ * ibrs/ibpb fixes result in excessive kernel logging (LP: #1755627)
+ - SAUCE: remove ibrs_dump sysctl interface
+
+ -- Kleber Sacilotto de Souza <kleber.souza@canonical.com> Mon, 07 May 2018 15:06:58 +0200
+
+linux (4.13.0-41.46) artful; urgency=medium
+
+ * CVE-2018-8897
+ - x86/entry/64: Don't use IST entry for #BP stack
+
+ * CVE-2018-1087
+ - kvm/x86: fix icebp instruction handling
+
+ * CVE-2018-1000199
+ - perf/hwbp: Simplify the perf-hwbp code, fix documentation
+
+ -- Kleber Sacilotto de Souza <kleber.souza@canonical.com> Wed, 02 May 2018 11:58:49 +0200
+
+linux (4.13.0-39.44) artful; urgency=medium
+
+ * linux: 4.13.0-39.44 -proposed tracker (LP: #1761456)
+
+ * intel-microcode 3.20180312.0 causes lockup at login screen(w/ linux-
+ image-4.13.0-37-generic) (LP: #1759920) // CVE-2017-5715 (Spectre v2
+ Intel) // CVE-2017-5754
+ - x86/mm: Reinitialize TLB state on hotplug and resume
+
+ * intel-microcode 3.20180312.0 causes lockup at login screen(w/ linux-
+ image-4.13.0-37-generic) (LP: #1759920) // CVE-2017-5715 (Spectre v2 Intel)
+ - Revert "x86/mm: Only set IBPB when the new thread cannot ptrace current
+ thread"
+ - x86/speculation: Use Indirect Branch Prediction Barrier in context switch
+
+ * DKMS driver builds fail with: Cannot use CONFIG_STACK_VALIDATION=y, please
+ install libelf-dev, libelf-devel or elfutils-libelf-devel (LP: #1760876)
+ - [Packaging] include the retpoline extractor in the headers
+
+ * retpoline hints: primary infrastructure and initial hints (LP: #1758856)
+ - [Packaging] retpoline-extract: flag *0xNNN(%reg) branches
+ - x86/speculation, objtool: Annotate indirect calls/jumps for objtool
+ - x86/speculation, objtool: Annotate indirect calls/jumps for objtool on 32bit
+ - x86/paravirt, objtool: Annotate indirect calls
+ - [Packaging] retpoline -- add safe usage hint support
+ - [Packaging] retpoline-check -- only report additions
+ - [Packaging] retpoline -- widen indirect call/jmp detection
+ - [Packaging] retpoline -- elide %rip relative indirections
+ - [Packaging] retpoline -- clear hint information from packages
+ - KVM: x86: Make indirect calls in emulator speculation safe
+ - KVM: VMX: Make indirect call speculation safe
+ - x86/boot, objtool: Annotate indirect jump in secondary_startup_64()
+ - SAUCE: early/late -- annotate indirect calls in early/late initialisation
+ code
+ - SAUCE: vga_set_mode -- avoid jump tables
+ - [Config] retpoline -- switch to new format
+ - [Packaging] retpoline hints -- handle missing files when RETPOLINE not
+ enabled
+ - [Packaging] final-checks -- remove check for empty retpoline files
+
+ * retpoline: ignore %cs:0xNNN constant indirections (LP: #1752655)
+ - [Packaging] retpoline -- elide %cs:0xNNNN constants on i386
+
+ * zfs system process hung on container stop/delete (LP: #1754584)
+ - SAUCE: Fix non-prefaulted page deadlock (LP: #1754584)
+
+ * zfs-linux 0.6.5.11-1ubuntu5 ADT test failure with linux 4.15.0-1.2
+ (LP: #1737761)
+ - SAUCE: (noup) Update zfs to 0.6.5.11-1ubuntu3.2
+
+ * AT_BASE_PLATFORM in AUXV is absent on kernels available on Ubuntu 17.10
+ (LP: #1759312)
+ - powerpc/64s: Fix NULL AT_BASE_PLATFORM when using DT CPU features
+
+ * btrfs and tar sparse truncate archives (LP: #1757565)
+ - Btrfs: move definition of the function btrfs_find_new_delalloc_bytes
+ - Btrfs: fix reported number of inode blocks after buffered append writes
+
+ * efifb broken on ThunderX-based Gigabyte nodes (LP: #1758375)
+ - drivers/fbdev/efifb: Allow BAR to be moved instead of claiming it
+
+ * Intel i40e PF reset due to incorrect MDD detection (continues...)
+ (LP: #1723127)
+ - i40e/i40evf: Account for frags split over multiple descriptors in check
+ linearize
+
+ * Fix an issue that when system in S3, USB keyboard can't wake up the system.
+ (LP: #1759511)
+ - ACPI / PM: Allow deeper wakeup power states with no _SxD nor _SxW
+
+ * [8086:3e92] display becomes blank after S3 (LP: #1759188)
+ - drm/i915: Apply Display WA #1183 on skl, kbl, and cfl
+
+ * add audio kernel patches for Raven (LP: #1758364)
+ - ALSA: hda: Add Raven PCI ID
+ - ALSA: hda/realtek - Fix ALC700 family no sound issue
+
+ * Cpu utilization showing system time for kvm guests (performance) (sysstat)
+ (LP: #1755979)
+ - KVM: PPC: Book3S HV: Fix guest time accounting with VIRT_CPU_ACCOUNTING_GEN
+
+ * Kernel panic on a nfsroot system (LP: #1734327)
+ - Revert "UBUNTU: SAUCE: LSM stacking: add stacking support to apparmor
+ network hooks"
+ - Revert "UBUNTU: SAUCE: LSM stacking: LSM: Infrastructure management of the
+ remaining blobs"
+
+ * can't record sound via front headset port on the Dell Precision 3630
+ (LP: #1759088)
+ - ALSA: hda/realtek - Fix Dell headset Mic can't record
+
+ * speaker can't output sound anymore after system resumes from S3 on a lenovo
+ machine with alc257 (LP: #1758829)
+ - ALSA: hda/realtek - Fix speaker no sound after system resume
+
+ * hda driver initialization takes too much time on the machine with coffeelake
+ audio controller [8086:a348] (LP: #1758800)
+ - ALSA: hda - Force polling mode on CFL for fixing codec communication
+
+ * Let headset-mode initialization be called on Dell Precision 3930
+ (LP: #1757584)
+ - ALSA: hda/realtek - Add headset mode support for Dell laptop
+
+ * ubuntu_zram_smoke test will cause soft lockup on Artful ThunderX ARM64
+ (LP: #1755073)
+ - SAUCE: crypto: thunderx_zip: Fix fallout from CONFIG_VMAP_STACK
+
+ * [Hyper-V] include kvp fix for Avoid reading past allocated blocks from KVP
+ file (LP: #1750349)
+ - hv: kvp: Avoid reading past allocated blocks from KVP file
+
+ * IMA policy parsing is broken in 4.13 (LP: #1755804)
+ - ima/policy: fix parsing of fsuuid
+
+ * external mic not work on Dell OptiPlex 7460 AIO (LP: #1755954)
+ - ALSA: hda/realtek - Add headset mode support for Dell laptop
+
+ * sbsa watchdog crashes thunderx2 system (LP: #1755595)
+ - watchdog: sbsa: use 32-bit read for WCV
+
+ * CVE-2018-8043
+ - net: phy: mdio-bcm-unimac: fix potential NULL dereference in
+ unimac_mdio_probe()
+
+ -- Stefan Bader <stefan.bader@canonical.com> Thu, 05 Apr 2018 14:47:00 +0200
+
+linux (4.13.0-38.43) artful; urgency=medium
+
+ * linux: 4.13.0-38.43 -proposed tracker (LP: #1755762)
+
+ * Servers going OOM after updating kernel from 4.10 to 4.13 (LP: #1748408)
+ - i40e: Fix memory leak related filter programming status
+ - i40e: Add programming descriptors to cleaned_count
+
+ * [SRU] Lenovo E41 Mic mute hotkey is not responding (LP: #1753347)
+ - platform/x86: ideapad-laptop: Increase timeout to wait for EC answer
+
+ * fails to dump with latest kpti fixes (LP: #1750021)
+ - kdump: write correct address of mem_section into vmcoreinfo
+
+ * headset mic can't be detected on two Dell machines (LP: #1748807)
+ - ALSA: hda/realtek - Support headset mode for ALC215/ALC285/ALC289
+ - ALSA: hda - Fix headset mic detection problem for two Dell machines
+ - ALSA: hda - Fix a wrong FIXUP for alc289 on Dell machines
+
+ * CIFS SMB2/SMB3 does not work for domain based DFS (LP: #1747572)
+ - CIFS: make IPC a regular tcon
+ - CIFS: use tcon_ipc instead of use_ipc parameter of SMB2_ioctl
+ - CIFS: dump IPC tcon in debug proc file
+
+ * i2c-thunderx: erroneous error message "unhandled state: 0" (LP: #1754076)
+ - i2c: octeon: Prevent error message on bus error
+
+ * hisi_sas: Add disk LED support (LP: #1752695)
+ - scsi: hisi_sas: directly attached disk LED feature for v2 hw
+
+ * EDAC, sb_edac: Backport 1 patch to Ubuntu 17.10 (Fix missing DIMM sysfs
+ entries with KNL SNC2/SNC4 mode) (LP: #1743856)
+ - EDAC, sb_edac: Fix missing DIMM sysfs entries with KNL SNC2/SNC4 mode
+
+ * [regression] Colour banding and artefacts appear system-wide on an Asus
+ Zenbook UX303LA with Intel HD 4400 graphics (LP: #1749420)
+ - drm/edid: Add 6 bpc quirk for CPT panel in Asus UX303LA
+
+ * DVB Card with SAA7146 chipset not working (LP: #1742316)
+ - vmalloc: fix __GFP_HIGHMEM usage for vmalloc_32 on 32b systems
+
+ * [Asus UX360UA] battery status in unity-panel is not changing when battery is
+ being charged (LP: #1661876) // AC adapter status not detected on Asus
+ ZenBook UX410UAK (LP: #1745032)
+ - ACPI / battery: Add quirk for Asus UX360UA and UX410UAK
+
+ * ASUS UX305LA - Battery state not detected correctly (LP: #1482390)
+ - ACPI / battery: Add quirk for Asus GL502VSK and UX305LA
+
+ * support thunderx2 vendor pmu events (LP: #1747523)
+ - perf pmu: Extract function to get JSON alias map
+ - perf pmu: Pass pmu as a parameter to get_cpuid_str()
+ - perf tools arm64: Add support for get_cpuid_str function.
+ - perf pmu: Add helper function is_pmu_core to detect PMU CORE devices
+ - perf vendor events arm64: Add ThunderX2 implementation defined pmu core
+ events
+ - perf pmu: Add check for valid cpuid in perf_pmu__find_map()
+
+ * lpfc.ko module doesn't work (LP: #1746970)
+ - scsi: lpfc: Fix loop mode target discovery
+
+ * Ubuntu 17.10 crashes on vmalloc.c (LP: #1739498)
+ - powerpc/mm/book3s64: Make KERN_IO_START a variable
+ - powerpc/mm/slb: Move comment next to the code it's referring to
+ - powerpc/mm/hash64: Make vmalloc 56T on hash
+
+ * ethtool -p fails to light NIC LED on HiSilicon D05 systems (LP: #1748567)
+ - net: hns: add ACPI mode support for ethtool -p
+
+ * CVE-2017-17807
+ - KEYS: add missing permission check for request_key() destination
+
+ * [Artful SRU] Fix capsule update regression (LP: #1746019)
+ - efi/capsule-loader: Reinstate virtual capsule mapping
+
+ * [Artful/Bionic] [Config] enable EDAC_GHES for ARM64 (LP: #1747746)
+ - Ubuntu: [Config] enable EDAC_GHES for ARM64
+
+ * linux-tools: perf incorrectly linking libbfd (LP: #1748922)
+ - SAUCE: tools -- add ability to disable libbfd
+ - [Packaging] correct disablement of libbfd
+
+ * Cherry pick c96f5471ce7d for delayacct fix (LP: #1747769)
+ - delayacct: Account blkio completion on the correct task
+
+ * Error in CPU frequency reporting when nominal and min pstates are same
+ (cpufreq) (LP: #1746174)
+ - cpufreq: powernv: Dont assume distinct pstate values for nominal and pmin
+
+ * retpoline abi files are empty on i386 (LP: #1751021)
+ - [Packaging] retpoline-extract -- instantiate retpoline files for i386
+ - [Packaging] final-checks -- sanity checking ABI contents
+ - [Packaging] final-checks -- check for empty retpoline files
+
+ * [P9,Power NV][WSP][Ubuntu 1804] : "Kernel access of bad area " when grouping
+ different pmu events using perf fuzzer . (perf:) (LP: #1746225)
+ - powerpc/perf: Fix oops when grouping different pmu events
+
+ * bnx2x_attn_int_deasserted3:4323 MC assert! (LP: #1715519) //
+ CVE-2018-1000026
+ - net: create skb_gso_validate_mac_len()
+ - bnx2x: disable GSO where gso_size is too big for hardware
+
+ * Ubuntu16.04.03: ISAv3 initialize MMU registers before setting partition
+ table (LP: #1736145)
+ - powerpc/64s: Initialize ISAv3 MMU registers before setting partition table
+
+ * powerpc/powernv: Flush console before platform error reboot (LP: #1735159)
+ - powerpc/powernv: Flush console before platform error reboot
+
+ * Touchpad stops working after a few seconds in Lenovo ideapad 320
+ (LP: #1732056)
+ - pinctrl/amd: fix masking of GPIO interrupts
+
+ * [Artful][Wyse 3040] System hang when trying to enable an offlined CPU core
+ (LP: #1736393)
+ - SAUCE: drm/i915:Don't set chip specific data
+ - SAUCE: drm/i915: make previous commit affects Wyse 3040 only
+
+ * ppc64el: Do not call ibm,os-term on panic (LP: #1736954)
+ - powerpc: Do not call ppc_md.panic in fadump panic notifier
+
+ * Artful update to 4.13.16 stable release (LP: #1744213)
+ - tcp_nv: fix division by zero in tcpnv_acked()
+ - net: vrf: correct FRA_L3MDEV encode type
+ - tcp: do not mangle skb->cb[] in tcp_make_synack()
+ - net: systemport: Correct IPG length settings
+ - netfilter/ipvs: clear ipvs_property flag when SKB net namespace changed
+ - l2tp: don't use l2tp_tunnel_find() in l2tp_ip and l2tp_ip6
+ - bonding: discard lowest hash bit for 802.3ad layer3+4
+ - net: cdc_ether: fix divide by 0 on bad descriptors
+ - net: qmi_wwan: fix divide by 0 on bad descriptors
+ - qmi_wwan: Add missing skb_reset_mac_header-call
+ - net: usb: asix: fill null-ptr-deref in asix_suspend
+ - tcp: gso: avoid refcount_t warning from tcp_gso_segment()
+ - tcp: fix tcp_fastretrans_alert warning
+ - vlan: fix a use-after-free in vlan_device_event()
+ - net/mlx5: Cancel health poll before sending panic teardown command
+ - net/mlx5e: Set page to null in case dma mapping fails
+ - af_netlink: ensure that NLMSG_DONE never fails in dumps
+ - vxlan: fix the issue that neigh proxy blocks all icmpv6 packets
+ - net: cdc_ncm: GetNtbFormat endian fix
+ - fealnx: Fix building error on MIPS
+ - net/sctp: Always set scope_id in sctp_inet6_skb_msgname
+ - ima: do not update security.ima if appraisal status is not INTEGRITY_PASS
+ - serial: omap: Fix EFR write on RTS deassertion
+ - serial: 8250_fintek: Fix finding base_port with activated SuperIO
+ - tpm-dev-common: Reject too short writes
+ - rcu: Fix up pending cbs check in rcu_prepare_for_idle
+ - ocfs2: fix cluster hang after a node dies
+ - ocfs2: should wait dio before inode lock in ocfs2_setattr()
+ - ipmi: fix unsigned long underflow
+ - mm/page_alloc.c: broken deferred calculation
+ - mm/page_ext.c: check if page_ext is not prepared
+ - x86/cpu/amd: Derive L3 shared_cpu_map from cpu_llc_shared_mask
+ - coda: fix 'kernel memory exposure attempt' in fsync
+ - Linux 4.13.16
+
+ * Artful update to 4.13.15 stable release (LP: #1744212)
+ - media: imon: Fix null-ptr-deref in imon_probe
+ - media: dib0700: fix invalid dvb_detach argument
+ - crypto: dh - Fix double free of ctx->p
+ - crypto: dh - Don't permit 'p' to be 0
+ - crypto: dh - Don't permit 'key' or 'g' size longer than 'p'
+ - USB: early: Use new USB product ID and strings for DbC device
+ - USB: usbfs: compute urb->actual_length for isochronous
+ - USB: Add delay-init quirk for Corsair K70 LUX keyboards
+ - usb: gadget: f_fs: Fix use-after-free in ffs_free_inst
+ - USB: serial: metro-usb: stop I/O after failed open
+ - USB: serial: Change DbC debug device binding ID
+ - USB: serial: qcserial: add pid/vid for Sierra Wireless EM7355 fw update
+ - USB: serial: garmin_gps: fix I/O after failed probe and remove
+ - USB: serial: garmin_gps: fix memory leak on probe errors
+ - x86/MCE/AMD: Always give panic severity for UC errors in kernel context
+ - platform/x86: peaq-wmi: Add DMI check before binding to the WMI interface
+ - platform/x86: peaq_wmi: Fix missing terminating entry for peaq_dmi_table
+ - HID: cp2112: add HIDRAW dependency
+ - HID: wacom: generic: Recognize WACOM_HID_WD_PEN as a type of pen collection
+ - staging: wilc1000: Fix bssid buffer offset in Txq
+ - staging: ccree: fix 64 bit scatter/gather DMA ops
+ - staging: greybus: spilib: fix use-after-free after deregistration
+ - staging: vboxvideo: Fix reporting invalid suggested-offset-properties
+ - staging: rtl8188eu: Revert 4 commits breaking ARP
+ - Linux 4.13.15
+
+ * time drifting on linux-hwe kernels (LP: #1744988)
+ - x86/tsc: Future-proof native_calibrate_tsc()
+ - x86/tsc: Fix erroneous TSC rate on Skylake Xeon
+ - x86/tsc: Print tsc_khz, when it differs from cpu_khz
+
+ * Please backport vmd suspend/resume patches to 16.04 hwe (LP: #1745508)
+ - PCI: vmd: Free up IRQs on suspend path
+
+ * CVE-2017-17448
+ - netfilter: nfnetlink_cthelper: Add missing permission checks
+
+ * Dell XPS 13 9360 bluetooth (Atheros) won't connect after resume
+ (LP: #1744712)
+ - Bluetooth: btusb: Restore QCA Rome suspend/resume fix with a "rewritten"
+ version
+
+ * [SRU] TrackPoint: middle button doesn't work on TrackPoint-compatible
+ device. (LP: #1746002)
+ - Input: trackpoint - force 3 buttons if 0 button is reported
+
+ * TB16 dock ethernet corrupts data with hw checksum silently failing
+ (LP: #1729674)
+ - r8152: disable RX aggregation on Dell TB16 dock
+
+ * [Artful] Realtek ALC225: 2 secs noise when a headset plugged in
+ (LP: #1744058)
+ - Revert "UBUNTU: SAUCE: ALSA: hda/realtek - Add support headset mode for DELL
+ WYSE"
+ - SAUCE: ALSA: hda/realtek - Add support headset mode for DELL WYSE
+ - ALSA: hda/realtek - update ALC225 depop optimize
+
+ * [A] skb leak in vhost_net / tun / tap (LP: #1738975)
+ - vhost: fix skb leak in handle_rx()
+ - tap: free skb if flags error
+ - tun: free skb in early errors
+
+ * Commit d9018976cdb6 missing in Kernels <4.14.x preventing lasting fix of
+ Intel SPI bug on certain serial flash (LP: #1742696)
+ - mfd: lpc_ich: Do not touch SPI-NOR write protection bit on Haswell/Broadwell
+ - spi-nor: intel-spi: Fix broken software sequencing codes
+
+ * CVE-2018-5332
+ - RDS: Heap OOB write in rds_message_alloc_sgs()
+
+ * [A] KVM Windows BSOD on 4.13.x (LP: #1738972)
+ - KVM: x86: fix APIC page invalidation
+
+ * elantech touchpad of Lenovo L480/580 failed to detect hw_version
+ (LP: #1733605)
+ - Input: elantech - add new icbody type 15
+
+ * [SRU] External HDMI monitor failed to show screen on Lenovo X1 series
+ (LP: #1738523)
+ - SAUCE: drm/i915: Disable writing of TMDS_OE on Lenovo ThinkPad X1 series
+
+ * ubuntu/xr-usb-serial didn't get built in zesty and artful (LP: #1733281)
+ - SAUCE: make sure ubuntu/xr-usb-serial builds for x86
+
+ * Disabling zfs does not always disable module checks for the zfs modules
+ (LP: #1737176)
+ - [Packaging] disable zfs module checks when zfs is disabled
+
+ * CVE-2017-17806
+ - crypto: hmac - require that the underlying hash algorithm is unkeyed
+
+ * CVE-2017-17805
+ - crypto: salsa20 - fix blkcipher_walk API usage
+
+ * CVE-2017-16994
+ - mm/pagewalk.c: report holes in hugetlb ranges
+
+ * CVE-2017-17450
+ - netfilter: xt_osf: Add missing permission checks
+
+ * apparmor profile load in stacked policy container fails (LP: #1746463)
+ - SAUCE: apparmor: fix display of .ns_name for containers
+
+ * CVE-2017-15129
+ - net: Fix double free and memory corruption in get_net_ns_by_id()
+
+ * CVE-2018-5344
+ - loop: fix concurrent lo_open/lo_release
+
+ * CVE-2017-1000407
+ - KVM: VMX: remove I/O port 0x80 bypass on Intel hosts
+
+ * CVE-2017-0861
+ - ALSA: pcm: prevent UAF in snd_pcm_info
+
+ * perf stat segfaults on uncore events w/o -a (LP: #1745246)
+ - perf xyarray: Save max_x, max_y
+ - perf evsel: Fix buffer overflow while freeing events
+
+ * Support cppc-cpufreq driver on ThunderX2 systems (LP: #1745007)
+ - mailbox: PCC: Move the MAX_PCC_SUBSPACES definition to header file
+ - ACPI / CPPC: Make CPPC ACPI driver aware of PCC subspace IDs
+ - ACPI / CPPC: Fix KASAN global out of bounds warning
+ - ACPI: CPPC: remove initial assignment of pcc_ss_data
+
+ * P-state not working in kernel 4.13 (LP: #1743269)
+ - x86 / CPU: Avoid unnecessary IPIs in arch_freq_get_on_cpu()
+ - x86 / CPU: Always show current CPU frequency in /proc/cpuinfo
+
+ * Regression: KVM no longer supports Intel CPUs without Virtual NMI
+ (LP: #1741655)
+ - kvm: vmx: Reinstate support for CPUs without virtual NMI
+
+ * System hang with Linux kernel due to mainline commit 24247aeeabe
+ (LP: #1733662)
+ - x86/intel_rdt/cqm: Prevent use after free
+
+ * $(LOCAL_ENV_CC) and $(LOCAL_ENV_DISTCC_HOSTS) should be properly quoted
+ (LP: #1744077)
+ - [Debian] pass LOCAL_ENV_CC and LOCAL_ENV_DISTCC_HOSTS properly
+
+ * the wifi driver is always hard blocked on a lenovo laptop (LP: #1743672)
+ - ACPI: EC: Fix possible issues related to EC initialization order
+
+ * text VTs are unavailable on desktop after upgrade to Ubuntu 17.10
+ (LP: #1724911)
+ - drm/i915/fbdev: Always forward hotplug events
+
+ * Samsung SSD 960 EVO 500GB refused to change power state (LP: #1705748)
+ - nvme-pci: disable APST on Samsung SSD 960 EVO + ASUS PRIME B350M-A
+
+ * [0cf3:e010] QCA6174A XR failed to pair with bt 4.0 device (LP: #1741166)
+ - Bluetooth: btusb: Add support for 0cf3:e010
+
+ * CVE-2017-17741
+ - KVM: Fix stack-out-of-bounds read in write_mmio
+
+ * CVE-2018-5333
+ - RDS: null pointer dereference in rds_atomic_free_op
+
+ * [800 G3 SFF] [800 G3 DM]External microphone of headset(3-ring) is working,
+ 2-ring mic not working, both not shown in sound settings (LP: #1740974)
+ - ALSA: hda - Add MIC_NO_PRESENCE fixup for 2 HP machines
+
+ * Two front mics can't work on a lenovo machine (LP: #1740973)
+ - ALSA: hda - change the location for one mic on a Lenovo machine
+
+ * No external microphone be detected via headset jack on a dell machine
+ (LP: #1740972)
+ - ALSA: hda - fix headset mic detection issue on a Dell machine
+
+ * Can't detect external headset via line-out jack on some Dell machines
+ (LP: #1740971)
+ - ALSA: hda/realtek - Fix Dell AIO LineOut issue
+
+ * Support realtek new codec alc257 in the alsa hda driver (LP: #1738911)
+ - ALSA: hda/realtek - New codec support for ALC257
+
+ * Add support for 16g huge pages on Ubuntu 16.04.2 PowerNV (LP: #1706247)
+ - powerpc/mm/hugetlb: Allow runtime allocation of 16G.
+ - powerpc/mm/hugetlb: Add support for reserving gigantic huge pages via kernel
+ command line
+ - mm/hugetlb: Allow arch to override and call the weak function
+
+ * the kernel is blackholing IPv6 packets to linkdown nexthops (LP: #1738219)
+ - ipv6: Do not consider linkdown nexthops during multipath
+
+ * e1000e in 4.4.0-97-generic breaks 82574L under heavy load. (LP: #1730550)
+ - e1000e: Avoid receiver overrun interrupt bursts
+ - e1000e: Separate signaling for link check/link up
+
+ * Ubuntu 17.10: Include patch "crypto: vmx - Use skcipher for ctr fallback"
+ (LP: #1732978)
+ - crypto: vmx - Use skcipher for ctr fallback
+
+ * QCA Rome bluetooth can not wakeup after USB runtime suspended.
+ (LP: #1737890)
+ - Bluetooth: btusb: driver to enable the usb-wakeup feature
+
+ * /dev/bcache/by-uuid links not created after reboot (LP: #1729145)
+ - SAUCE: (no-up) bcache: decouple emitting a cached_dev CHANGE uevent
+
+ * Some VMs fail to reboot with "watchdog: BUG: soft lockup - CPU#0 stuck for
+ 22s! [systemd:1]" (LP: #1730717)
+ - SAUCE: exec: fix lockup because retry loop may never exit
+
+ * Request to backport cxlflash patches to 16.04 HWE Kernel (LP: #1730515)
+ - scsi: cxlflash: Use derived maximum write same length
+ - scsi: cxlflash: Allow cards without WWPN VPD to configure
+ - scsi: cxlflash: Derive pid through accessors
+
+ * vagrant artful64 box filesystem too small (LP: #1726818)
+ - block: factor out __blkdev_issue_zero_pages()
+ - block: cope with WRITE ZEROES failing in blkdev_issue_zeroout()
+
+ * Artful update to 4.13.14 stable release (LP: #1744121)
+ - ppp: fix race in ppp device destruction
+ - gso: fix payload length when gso_size is zero
+ - ipv4: Fix traffic triggered IPsec connections.
+ - ipv6: Fix traffic triggered IPsec connections.
+ - netlink: do not set cb_running if dump's start() errs
+ - net: call cgroup_sk_alloc() earlier in sk_clone_lock()
+ - macsec: fix memory leaks when skb_to_sgvec fails
+ - l2tp: check ps->sock before running pppol2tp_session_ioctl()
+ - netlink: fix netlink_ack() extack race
+ - sctp: add the missing sock_owned_by_user check in sctp_icmp_redirect
+ - tcp/dccp: fix ireq->opt races
+ - packet: avoid panic in packet_getsockopt()
+ - geneve: Fix function matching VNI and tunnel ID on big-endian
+ - net: bridge: fix returning of vlan range op errors
+ - soreuseport: fix initialization race
+ - ipv6: flowlabel: do not leave opt->tot_len with garbage
+ - sctp: full support for ipv6 ip_nonlocal_bind & IP_FREEBIND
+ - tcp/dccp: fix lockdep splat in inet_csk_route_req()
+ - tcp/dccp: fix other lockdep splats accessing ireq_opt
+ - net: dsa: check master device before put
+ - net/unix: don't show information about sockets from other namespaces
+ - tap: double-free in error path in tap_open()
+ - net/mlx5: Fix health work queue spin lock to IRQ safe
+ - net/mlx5e: Properly deal with encap flows add/del under neigh update
+ - ipip: only increase err_count for some certain type icmp in ipip_err
+ - ip6_gre: only increase err_count for some certain type icmpv6 in ip6gre_err
+ - ip6_gre: update dst pmtu if dev mtu has been updated by toobig in
+ __gre6_xmit
+ - tcp: refresh tp timestamp before tcp_mtu_probe()
+ - tap: reference to KVA of an unloaded module causes kernel panic
+ - sctp: reset owner sk for data chunks on out queues when migrating a sock
+ - net_sched: avoid matching qdisc with zero handle
+ - l2tp: hold tunnel in pppol2tp_connect()
+ - ipv6: addrconf: increment ifp refcount before ipv6_del_addr()
+ - tcp: fix tcp_mtu_probe() vs highest_sack
+ - mac80211: accept key reinstall without changing anything
+ - mac80211: use constant time comparison with keys
+ - mac80211: don't compare TKIP TX MIC key in reinstall prevention
+ - usb: usbtest: fix NULL pointer dereference
+ - Input: ims-psu - check if CDC union descriptor is sane
+ - EDAC, sb_edac: Don't create a second memory controller if HA1 is not present
+ - dmaengine: dmatest: warn user when dma test times out
+ - Linux 4.13.14
+
+ -- Stefan Bader <stefan.bader@canonical.com> Wed, 14 Mar 2018 11:38:23 +0100
+
+linux (4.13.0-37.42) artful; urgency=medium
+
+ * linux: 4.13.0-37.42 -proposed tracker (LP: #1751798)
+
+ * CVE-2017-5715 // CVE-2017-5753 // CVE-2017-5754
+ - arm64: Add ASM_BUG()
+ - arm64: consistently use bl for C exception entry
+ - arm64: move non-entry code out of .entry.text
+ - arm64: unwind: avoid percpu indirection for irq stack
+ - arm64: unwind: disregard frame.sp when validating frame pointer
+ - arm64: mm: Fix set_memory_valid() declaration
+ - arm64: Convert __inval_cache_range() to area-based
+ - arm64: Expose DC CVAP to userspace
+ - arm64: Handle trapped DC CVAP
+ - arm64: Implement pmem API support
+ - arm64: uaccess: Implement *_flushcache variants
+ - arm64/vdso: Support mremap() for vDSO
+ - arm64: unwind: reference pt_regs via embedded stack frame
+ - arm64: unwind: remove sp from struct stackframe
+ - arm64: uaccess: Add the uaccess_flushcache.c file
+ - arm64: fix pmem interface definition
+ - arm64: compat: Remove leftover variable declaration
+ - fork: allow arch-override of VMAP stack alignment
+ - arm64: kernel: remove {THREAD,IRQ_STACK}_START_SP
+ - arm64: factor out PAGE_* and CONT_* definitions
+ - arm64: clean up THREAD_* definitions
+ - arm64: clean up irq stack definitions
+ - arm64: move SEGMENT_ALIGN to <asm/memory.h>
+ - efi/arm64: add EFI_KIMG_ALIGN
+ - arm64: factor out entry stack manipulation
+ - arm64: assembler: allow adr_this_cpu to use the stack pointer
+ - arm64: use an irq stack pointer
+ - arm64: add basic VMAP_STACK support
+ - arm64: add on_accessible_stack()
+ - arm64: add VMAP_STACK overflow detection
+ - arm64: Convert pte handling from inline asm to using (cmp)xchg
+ - kvm: arm64: Convert kvm_set_s2pte_readonly() from inline asm to cmpxchg()
+ - arm64: Move PTE_RDONLY bit handling out of set_pte_at()
+ - arm64: Ignore hardware dirty bit updates in ptep_set_wrprotect()
+ - arm64: Remove the !CONFIG_ARM64_HW_AFDBM alternative code paths
+ - arm64: introduce separated bits for mm_context_t flags
+ - arm64: cleanup {COMPAT_,}SET_PERSONALITY() macro
+ - KVM: arm/arm64: Fix guest external abort matching
+ - KVM: arm/arm64: vgic: constify seq_operations and file_operations
+ - KVM: arm/arm64: vITS: Drop its_ite->lpi field
+ - KVM: arm/arm64: Extract GICv3 max APRn index calculation
+ - KVM: arm/arm64: Support uaccess of GICC_APRn
+ - arm64: Use larger stacks when KASAN is selected
+ - arm64: Define cputype macros for Falkor CPU
+ - arm64: SW PAN: Point saved ttbr0 at the zero page when switching to init_mm
+ - arm64: SW PAN: Update saved ttbr0 value on enter_lazy_tlb
+ - x86/syscalls: Check address limit on user-mode return
+ - arm/syscalls: Check address limit on user-mode return
+ - arm64/syscalls: Check address limit on user-mode return
+ - Revert "arm/syscalls: Check address limit on user-mode return"
+ - syscalls: Use CHECK_DATA_CORRUPTION for addr_limit_user_check
+ - arm/syscalls: Optimize address limit check
+ - arm64/syscalls: Move address limit check in loop
+ - futex: Remove duplicated code and fix undefined behaviour
+ - arm64: KVM: Fix SMCCC handling of unimplemented SMC/HVC calls
+ - arm64: syscallno is secretly an int, make it official
+ - arm64: move TASK_* definitions to <asm/processor.h>
+ - arm64: mm: Use non-global mappings for kernel space
+ - arm64: mm: Temporarily disable ARM64_SW_TTBR0_PAN
+ - arm64: mm: Move ASID from TTBR0 to TTBR1
+ - arm64: mm: Remove pre_ttbr0_update_workaround for Falkor erratum #E1003
+ - arm64: mm: Rename post_ttbr0_update_workaround
+ - arm64: mm: Fix and re-enable ARM64_SW_TTBR0_PAN
+ - arm64: mm: Allocate ASIDs in pairs
+ - arm64: mm: Add arm64_kernel_unmapped_at_el0 helper
+ - arm64: mm: Invalidate both kernel and user ASIDs when performing TLBI
+ - arm64: entry: Add exception trampoline page for exceptions from EL0
+ - arm64: mm: Map entry trampoline into trampoline and kernel page tables
+ - arm64: entry: Explicitly pass exception level to kernel_ventry macro
+ - arm64: entry: Hook up entry trampoline to exception vectors
+ - arm64: erratum: Work around Falkor erratum #E1003 in trampoline code
+ - arm64: cpu_errata: Add Kryo to Falkor 1003 errata
+ - arm64: tls: Avoid unconditional zeroing of tpidrro_el0 for native tasks
+ - arm64: entry: Add fake CPU feature for unmapping the kernel at EL0
+ - arm64: kaslr: Put kernel vectors address in separate data page
+ - arm64: use RET instruction for exiting the trampoline
+ - arm64: Kconfig: Add CONFIG_UNMAP_KERNEL_AT_EL0
+ - arm64: Kconfig: Reword UNMAP_KERNEL_AT_EL0 kconfig entry
+ - arm64: Take into account ID_AA64PFR0_EL1.CSV3
+ - arm64: capabilities: Handle duplicate entries for a capability
+ - arm64: mm: Introduce TTBR_ASID_MASK for getting at the ASID in the TTBR
+ - arm64: kpti: Fix the interaction between ASID switching and software PAN
+ - arm64: cputype: Add MIDR values for Cavium ThunderX2 CPUs
+ - arm64: Turn on KPTI only on CPUs that need it
+ - arm64: kpti: Make use of nG dependent on arm64_kernel_unmapped_at_el0()
+ - arm64: mm: Permit transitioning from Global to Non-Global without BBM
+ - arm64: kpti: Add ->enable callback to remap swapper using nG mappings
+ - arm64: Force KPTI to be disabled on Cavium ThunderX
+ - arm64: entry: Reword comment about post_ttbr_update_workaround
+ - arm64: idmap: Use "awx" flags for .idmap.text .pushsection directives
+ - arm64: barrier: Add CSDB macros to control data-value prediction
+ - arm64: Implement array_index_mask_nospec()
+ - arm64: Make USER_DS an inclusive limit
+ - arm64: Use pointer masking to limit uaccess speculation
+ - arm64: entry: Ensure branch through syscall table is bounded under
+ speculation
+ - arm64: uaccess: Prevent speculative use of the current addr_limit
+ - arm64: uaccess: Don't bother eliding access_ok checks in __{get, put}_user
+ - arm64: uaccess: Mask __user pointers for __arch_{clear, copy_*}_user
+ - arm64: futex: Mask __user pointers prior to dereference
+ - arm64: cpufeature: __this_cpu_has_cap() shouldn't stop early
+ - arm64: Run enable method for errata work arounds on late CPUs
+ - arm64: cpufeature: Pass capability structure to ->enable callback
+ - drivers/firmware: Expose psci_get_version through psci_ops structure
+ - arm64: Move post_ttbr_update_workaround to C code
+ - arm64: Add skeleton to harden the branch predictor against aliasing attacks
+ - arm64: Move BP hardening to check_and_switch_context
+ - arm64: KVM: Use per-CPU vector when BP hardening is enabled
+ - arm64: entry: Apply BP hardening for high-priority synchronous exceptions
+ - arm64: entry: Apply BP hardening for suspicious interrupts from EL0
+ - arm64: cputype: Add missing MIDR values for Cortex-A72 and Cortex-A75
+ - arm64: Implement branch predictor hardening for affected Cortex-A CPUs
+ - arm64: Implement branch predictor hardening for Falkor
+ - arm64: Branch predictor hardening for Cavium ThunderX2
+ - arm64: KVM: Increment PC after handling an SMC trap
+ - arm/arm64: KVM: Consolidate the PSCI include files
+ - arm/arm64: KVM: Add PSCI_VERSION helper
+ - arm/arm64: KVM: Add smccc accessors to PSCI code
+ - arm/arm64: KVM: Implement PSCI 1.0 support
+ - arm/arm64: KVM: Advertise SMCCC v1.1
+ - arm64: KVM: Make PSCI_VERSION a fast path
+ - arm/arm64: KVM: Turn kvm_psci_version into a static inline
+ - arm64: KVM: Report SMCCC_ARCH_WORKAROUND_1 BP hardening support
+ - arm64: KVM: Add SMCCC_ARCH_WORKAROUND_1 fast handling
+ - firmware/psci: Expose PSCI conduit
+ - firmware/psci: Expose SMCCC version through psci_ops
+ - arm/arm64: smccc: Make function identifiers an unsigned quantity
+ - arm/arm64: smccc: Implement SMCCC v1.1 inline primitive
+ - arm64: Add ARM_SMCCC_ARCH_WORKAROUND_1 BP hardening support
+ - arm64: Kill PSCI_GET_VERSION as a variant-2 workaround
+ - [Config] UNMAP_KERNEL_AT_EL0=y && HARDEN_BRANCH_PREDICTOR=y
+ - SAUCE: arm64: __idmap_cpu_set_reserved_ttbr1: fix !ARM64_PA_BITS_52 logic
+ - arm64: Add missing Falkor part number for branch predictor hardening
+ - arm64: mm: fix thinko in non-global page table attribute check
+
+ * linux-image-4.13.0-26-generic / linux-image-extra-4.13.0-26-generic fail to
+ boot (LP: #1742721)
+ - staging: sm750fb: Fix parameter mistake in poke32
+
+ -- Kleber Sacilotto de Souza <kleber.souza@canonical.com> Wed, 07 Mar 2018 12:20:00 +0100
+
+linux (4.13.0-36.40) artful; urgency=medium
+
+ * linux: 4.13.0-36.40 -proposed tracker (LP: #1750010)
+
+ * Rebuild without "CVE-2017-5754 ARM64 KPTI fixes" patch set
+
+ -- Khalid Elmously <khalid.elmously@canonical.com> Fri, 16 Feb 2018 12:49:24 -0500
+
+linux (4.13.0-35.39) artful; urgency=medium
+
+ * linux: 4.13.0-35.39 -proposed tracker (LP: #1748743)
+
+ * CVE-2017-5715 (Spectre v2 Intel)
+ - Revert "UBUNTU: SAUCE: turn off IBPB when full retpoline is present"
+ - SAUCE: turn off IBRS when full retpoline is present
+ - [Packaging] retpoline files must be sorted
+ - [Packaging] pull in retpoline files
+
+ -- Kleber Sacilotto de Souza <kleber.souza@canonical.com> Mon, 12 Feb 2018 11:28:27 +0100
+
+linux (4.13.0-34.37) artful; urgency=medium
+
+ * linux: 4.13.0-34.37 -proposed tracker (LP: #1748475)
+
+ * libata: apply MAX_SEC_1024 to all LITEON EP1 series devices (LP: #1743053)
+ - libata: apply MAX_SEC_1024 to all LITEON EP1 series devices
+
+ * KVM patches for s390x to provide facility bits 81 (ppa15) and 82 (bpb)
+ (LP: #1747090)
+ - KVM: s390: wire up bpb feature
+
+ * artful 4.13 i386 kernels crash after memory hotplug remove (LP: #1747069)
+ - Revert "mm, memory_hotplug: do not associate hotadded memory to zones until
+ online"
+
+ * CVE-2017-5715 (Spectre v2 Intel)
+ - x86/feature: Enable the x86 feature to control Speculation
+ - x86/feature: Report presence of IBPB and IBRS control
+ - x86/enter: MACROS to set/clear IBRS and set IBPB
+ - x86/enter: Use IBRS on syscall and interrupts
+ - x86/idle: Disable IBRS entering idle and enable it on wakeup
+ - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup
+ - x86/mm: Set IBPB upon context switch
+ - x86/mm: Only set IBPB when the new thread cannot ptrace current thread
+ - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform
+ - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm
+ - x86/kvm: Set IBPB when switching VM
+ - x86/kvm: Toggle IBRS on VM entry and exit
+ - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature
+ - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control
+ - x86/cpu/AMD: Add speculative control support for AMD
+ - x86/microcode: Extend post microcode reload to support IBPB feature
+ - KVM: SVM: Do not intercept new speculative control MSRs
+ - x86/svm: Set IBRS value on VM entry and exit
+ - x86/svm: Set IBPB when running a different VCPU
+ - KVM: x86: Add speculative control CPUID support for guests
+ - SAUCE: turn off IBPB when full retpoline is present
+
+ * Artful 4.13 fixes for tun (LP: #1748846)
+ - tun: call dev_get_valid_name() before register_netdevice()
+ - tun: allow positive return values on dev_get_valid_name() call
+ - tun/tap: sanitize TUNSETSNDBUF input
+
+ * boot failure on AMD Raven + WestonXT (LP: #1742759)
+ - SAUCE: drm/amdgpu: add atpx quirk handling (v2)
+
+ -- Khalid Elmously <khalid.elmously@canonical.com> Fri, 09 Feb 2018 14:42:56 -0500
+
+linux (4.13.0-33.36) artful; urgency=low
+
+ * linux: 4.13.0-33.36 -proposed tracker (LP: #1746903)
+
+ [ Stefan Bader ]
+ * starting VMs causing retpoline4 to reboot (LP: #1747507) // CVE-2017-5715
+ (Spectre v2 retpoline)
+ - x86/retpoline: Fill RSB on context switch for affected CPUs
+ - x86/retpoline: Add LFENCE to the retpoline/RSB filling RSB macros
+ - x86/retpoline: Optimize inline assembler for vmexit_fill_RSB
+ - x86/retpoline: Remove the esp/rsp thunk
+ - x86/retpoline: Simplify vmexit_fill_RSB()
+
+ * Missing install-time driver for QLogic QED 25/40/100Gb Ethernet NIC
+ (LP: #1743638)
+ - [d-i] Add qede to nic-modules udeb
+
+ * hisi_sas: driver robustness fixes (LP: #1739807)
+ - scsi: hisi_sas: fix reset and port ID refresh issues
+ - scsi: hisi_sas: avoid potential v2 hw interrupt issue
+ - scsi: hisi_sas: fix v2 hw underflow residual value
+ - scsi: hisi_sas: add v2 hw DFX feature
+ - scsi: hisi_sas: add irq and tasklet cleanup in v2 hw
+ - scsi: hisi_sas: service interrupt ITCT_CLR interrupt in v2 hw
+ - scsi: hisi_sas: fix internal abort slot timeout bug
+ - scsi: hisi_sas: us start_phy in PHY_FUNC_LINK_RESET
+ - scsi: hisi_sas: fix NULL check in SMP abort task path
+ - scsi: hisi_sas: fix the risk of freeing slot twice
+ - scsi: hisi_sas: kill tasklet when destroying irq in v3 hw
+ - scsi: hisi_sas: complete all tasklets prior to host reset
+
+ * [Artful/Zesty] ACPI APEI error handling bug fixes (LP: #1732990)
+ - ACPI: APEI: fix the wrong iteration of generic error status block
+ - ACPI / APEI: clear error status before acknowledging the error
+
+ * [Zesty/Artful] On ARM64 PCIE physical function passthrough guest fails to
+ boot (LP: #1732804)
+ - vfio/pci: Virtualize Maximum Payload Size
+ - vfio/pci: Virtualize Maximum Read Request Size
+
+ * hisi_sas: Add ATA command support for SMR disks (LP: #1739891)
+ - scsi: hisi_sas: support zone management commands
+
+ * thunderx2: i2c driver PEC and ACPI clock fixes (LP: #1738073)
+ - ACPI / APD: Add clock frequency for ThunderX2 I2C controller
+ - i2c: xlp9xx: Get clock frequency with clk API
+ - i2c: xlp9xx: Handle I2C_M_RECV_LEN in msg->flags
+
+ * Falkor erratum 1041 needs workaround (LP: #1738497)
+ - [Config] CONFIG_QCOM_FALKOR_ERRATUM_E1041=y
+ - arm64: Add software workaround for Falkor erratum 1041
+
+ * ThunderX: TX failure unless checksum offload disabled (LP: #1736593)
+ - net: thunderx: Fix TCP/UDP checksum offload for IPv6 pkts
+ - net: thunderx: Fix TCP/UDP checksum offload for IPv4 pkts
+
+ * arm64/thunderx: Unhandled context faults in ACPI mode (LP: #1736774)
+ - PCI: Set Cavium ACS capability quirk flags to assert RR/CR/SV/UF
+ - PCI: Apply Cavium ThunderX ACS quirk to more Root Ports
+
+ * arm64: Unfair rwlock can stall the system (LP: #1732238)
+ - locking/qrwlock: Use 'struct qrwlock' instead of 'struct __qrwlock'
+ - locking/atomic: Add atomic_cond_read_acquire()
+ - locking/qrwlock: Use atomic_cond_read_acquire() when spinning in qrwlock
+ - locking/qrwlock, arm64: Move rwlock implementation over to qrwlocks
+ - locking/qrwlock: Prevent slowpath writers getting held up by fastpath
+
+ * Shutdown hang on 16.04 with iscsi targets (LP: #1569925)
+ - scsi: libiscsi: Allow sd_shutdown on bad transport
+
+ * bt_iter() crash due to NULL pointer (LP: #1744300)
+ - blk-mq-tag: check for NULL rq when iterating tags
+
+ * hisilicon hibmc regression due to ea642c3216cb ("drm/ttm: add io_mem_pfn
+ callback") (LP: #1738334)
+ - SAUCE: drm: hibmc: Initialize the hibmc_bo_driver.io_mem_pfn
+
+ * CVE-2017-5754 ARM64 KPTI fixes
+ - arm64: Add ASM_BUG()
+ - arm64: consistently use bl for C exception entry
+ - arm64: syscallno is secretly an int, make it official
+ - arm64: Abstract syscallno manipulation
+ - arm64: move non-entry code out of .entry.text
+ - arm64: unwind: avoid percpu indirection for irq stack
+ - arm64: unwind: disregard frame.sp when validating frame pointer
+ - arm64: mm: Fix set_memory_valid() declaration
+ - arm64: Convert __inval_cache_range() to area-based
+ - arm64: Expose DC CVAP to userspace
+ - arm64: Handle trapped DC CVAP
+ - arm64: Implement pmem API support
+ - arm64: uaccess: Implement *_flushcache variants
+ - arm64/vdso: Support mremap() for vDSO
+ - arm64: unwind: reference pt_regs via embedded stack frame
+ - arm64: unwind: remove sp from struct stackframe
+ - arm64: uaccess: Add the uaccess_flushcache.c file
+ - arm64: fix pmem interface definition
+ - arm64: compat: Remove leftover variable declaration
+ - fork: allow arch-override of VMAP stack alignment
+ - arm64: kernel: remove {THREAD,IRQ_STACK}_START_SP
+ - arm64: factor out PAGE_* and CONT_* definitions
+ - arm64: clean up THREAD_* definitions
+ - arm64: clean up irq stack definitions
+ - arm64: move SEGMENT_ALIGN to <asm/memory.h>
+ - efi/arm64: add EFI_KIMG_ALIGN
+ - arm64: factor out entry stack manipulation
+ - arm64: assembler: allow adr_this_cpu to use the stack pointer
+ - arm64: use an irq stack pointer
+ - arm64: add basic VMAP_STACK support
+ - arm64: add on_accessible_stack()
+ - arm64: add VMAP_STACK overflow detection
+ - arm64: Convert pte handling from inline asm to using (cmp)xchg
+ - kvm: arm64: Convert kvm_set_s2pte_readonly() from inline asm to cmpxchg()
+ - arm64: Move PTE_RDONLY bit handling out of set_pte_at()
+ - arm64: Ignore hardware dirty bit updates in ptep_set_wrprotect()
+ - arm64: Remove the !CONFIG_ARM64_HW_AFDBM alternative code paths
+ - arm64: introduce separated bits for mm_context_t flags
+ - arm64: cleanup {COMPAT_,}SET_PERSONALITY() macro
+ - KVM: arm/arm64: Fix guest external abort matching
+ - KVM: arm/arm64: vgic: constify seq_operations and file_operations
+ - KVM: arm/arm64: vITS: Drop its_ite->lpi field
+ - KVM: arm/arm64: Extract GICv3 max APRn index calculation
+ - KVM: arm/arm64: Support uaccess of GICC_APRn
+ - arm64: move TASK_* definitions to <asm/processor.h>
+ - arm64: Use larger stacks when KASAN is selected
+ - arm64: sysreg: Move SPE registers and PSB into common header files
+ - arm64: head: Init PMSCR_EL2.{PA,PCT} when entered at EL2 without VHE
+ - arm64: Update fault_info table with new exception types
+ - arm64: Use existing defines for mdscr
+ - arm64: Fix single stepping in kernel traps
+ - arm64: asm-bug: Renumber macro local labels to avoid clashes
+ - arm64: Implement arch-specific pte_access_permitted()
+ - arm64: explicitly mask all exceptions
+ - arm64: introduce an order for exceptions
+ - arm64: Move the async/fiq helpers to explicitly set process context flags
+ - arm64: Mask all exceptions during kernel_exit
+ - arm64: entry.S: Remove disable_dbg
+ - arm64: entry.S: convert el1_sync
+ - arm64: entry.S convert el0_sync
+ - arm64: entry.S: convert elX_irq
+ - arm64: entry.S: move SError handling into a C function for future expansion
+ - arm64: pgd: Mark pgd_cache as __ro_after_init
+ - arm64: cpu_ops: Add missing 'const' qualifiers
+ - arm64: context: Fix comments and remove pointless smp_wmb()
+ - arm64: SW PAN: Point saved ttbr0 at the zero page when switching to init_mm
+ - arm64: SW PAN: Update saved ttbr0 value on enter_lazy_tlb
+ - arm64: Expose support for optional ARMv8-A features
+ - arm64: KVM: Hide unsupported AArch64 CPU features from guests
+ - arm64: mm: Use non-global mappings for kernel space
+ - arm64: mm: Temporarily disable ARM64_SW_TTBR0_PAN
+ - arm64: mm: Move ASID from TTBR0 to TTBR1
+ - arm64: mm: Remove pre_ttbr0_update_workaround for Falkor erratum #E1003
+ - arm64: mm: Rename post_ttbr0_update_workaround
+ - arm64: mm: Fix and re-enable ARM64_SW_TTBR0_PAN
+ - arm64: mm: Allocate ASIDs in pairs
+ - arm64: mm: Add arm64_kernel_unmapped_at_el0 helper
+ - arm64: mm: Invalidate both kernel and user ASIDs when performing TLBI
+ - arm64: entry: Add exception trampoline page for exceptions from EL0
+ - arm64: mm: Map entry trampoline into trampoline and kernel page tables
+ - arm64: entry: Explicitly pass exception level to kernel_ventry macro
+ - arm64: entry: Hook up entry trampoline to exception vectors
+ - arm64: erratum: Work around Falkor erratum #E1003 in trampoline code
+ - arm64: tls: Avoid unconditional zeroing of tpidrro_el0 for native tasks
+ - arm64: entry: Add fake CPU feature for unmapping the kernel at EL0
+ - arm64: Kconfig: Add CONFIG_UNMAP_KERNEL_AT_EL0
+ - arm64: mm: Introduce TTBR_ASID_MASK for getting at the ASID in the TTBR
+ - arm64: kaslr: Put kernel vectors address in separate data page
+ - arm64: use RET instruction for exiting the trampoline
+ - arm64: Kconfig: Reword UNMAP_KERNEL_AT_EL0 kconfig entry
+ - arm64: Fix the feature type for ID register fields
+ - arm64: Take into account ID_AA64PFR0_EL1.CSV3
+ - arm64: cpufeature: Pass capability structure to ->enable callback
+ - drivers/firmware: Expose psci_get_version through psci_ops structure
+ - arm64: Move post_ttbr_update_workaround to C code
+ - arm64: Add skeleton to harden the branch predictor against aliasing attacks
+ - arm64: KVM: Use per-CPU vector when BP hardening is enabled
+ - arm64: KVM: Make PSCI_VERSION a fast path
+ - arm64: cputype: Add missing MIDR values for Cortex-A72 and Cortex-A75
+ - arm64: Implement branch predictor hardening for affected Cortex-A CPUs
+ - arm64: Define cputype macros for Falkor CPU
+ - arm64: Implement branch predictor hardening for Falkor
+ - arm64: cputype: Add MIDR values for Cavium ThunderX2 CPUs
+ - bpf: inline map in map lookup functions for array and htab
+ - bpf: perf event change needed for subsequent bpf helpers
+ - bpf: do not test for PCPU_MIN_UNIT_SIZE before percpu allocations
+ - arm64: Branch predictor hardening for Cavium ThunderX2
+ - arm64: capabilities: Handle duplicate entries for a capability
+ - arm64: kpti: Fix the interaction between ASID switching and software PAN
+ - SAUCE: arm: Add BTB invalidation on switch_mm for Cortex-A9, A12 and A17
+ - SAUCE: arm: Invalidate BTB on prefetch abort outside of user mapping on
+ Cortex A8, A9, A12 and A17
+ - SAUCE: arm: KVM: Invalidate BTB on guest exit
+ - SAUCE: arm: Add icache invalidation on switch_mm for Cortex-A15
+ - SAUCE: arm: Invalidate icache on prefetch abort outside of user mapping on
+ Cortex-A15
+ - SAUCE: arm: KVM: Invalidate icache on guest exit for Cortex-A15
+ - SAUCE: asm-generic/barrier: add generic nospec helpers
+ - SAUCE: Documentation: document nospec helpers
+ - SAUCE: arm64: implement nospec_{load,ptr}()
+ - SAUCE: arm: implement nospec_ptr()
+ - SAUCE: bpf: inhibit speculated out-of-bounds pointers
+ - SAUCE: arm64: Implement branch predictor hardening for Falkor
+ - SAUCE: arm64: Branch predictor hardening for Cavium ThunderX2
+ - [Config] UNMAP_KERNEL_AT_EL0=y && HARDEN_BRANCH_PREDICTOR=y
+
+ * [artful] panic in update_stack_state when reading /proc/<pid>/stack on i386
+ (LP: #1747263)
+ - x86/unwind: Fix dereference of untrusted pointer
+
+ * CVE-2017-5753 (Spectre v1 Intel)
+ - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature
+ - SAUCE: reinstate MFENCE_RDTSC feature definition
+ - locking/barriers: introduce new observable speculation barrier
+ - bpf: prevent speculative execution in eBPF interpreter
+ - x86, bpf, jit: prevent speculative execution when JIT is enabled
+ - SAUCE: FIX: x86, bpf, jit: prevent speculative execution when JIT is enabled
+ - uvcvideo: prevent speculative execution
+ - carl9170: prevent speculative execution
+ - p54: prevent speculative execution
+ - qla2xxx: prevent speculative execution
+ - cw1200: prevent speculative execution
+ - Thermal/int340x: prevent speculative execution
+ - ipv4: prevent speculative execution
+ - ipv6: prevent speculative execution
+ - fs: prevent speculative execution
+ - net: mpls: prevent speculative execution
+ - udf: prevent speculative execution
+ - userns: prevent speculative execution
+ - SAUCE: powerpc: add osb barrier
+ - SAUCE: s390/spinlock: add osb memory barrier
+ - SAUCE: claim mitigation via observable speculation barrier
+
+ * CVE-2017-5715 (Spectre v2 retpoline)
+ - x86/asm: Fix inline asm call constraints for Clang
+ - kvm: vmx: Scrub hardware GPRs at VM-exit
+ - sysfs/cpu: Add vulnerability folder
+ - x86/cpu: Implement CPU vulnerabilites sysfs functions
+ - x86/tboot: Unbreak tboot with PTI enabled
+ - objtool: Detect jumps to retpoline thunks
+ - objtool: Allow alternatives to be ignored
+ - x86/retpoline: Add initial retpoline support
+ - x86/spectre: Add boot time option to select Spectre v2 mitigation
+ - x86/retpoline/crypto: Convert crypto assembler indirect jumps
+ - x86/retpoline/entry: Convert entry assembler indirect jumps
+ - x86/retpoline/ftrace: Convert ftrace assembler indirect jumps
+ - x86/retpoline/hyperv: Convert assembler indirect jumps
+ - x86/retpoline/xen: Convert Xen hypercall indirect jumps
+ - x86/retpoline/checksum32: Convert assembler indirect jumps
+ - x86/retpoline/irq32: Convert assembler indirect jumps
+ - x86/retpoline: Fill return stack buffer on vmexit
+ - selftests/x86: Add test_vsyscall
+ - x86/pti: Fix !PCID and sanitize defines
+ - security/Kconfig: Correct the Documentation reference for PTI
+ - x86,perf: Disable intel_bts when PTI
+ - x86/retpoline: Remove compile time warning
+ - [Config] enable CONFIG_GENERIC_CPU_VULNERABILITIES
+ - [Config] enable CONFIG_RETPOLINE
+ - [Packaging] retpoline -- add call site validation
+ - [Config] disable retpoline checks for first upload
+
+ * CVE-2017-5715 (revert embargoed) // CVE-2017-5753 (revert embargoed)
+ - Revert "UBUNTU: SAUCE: x86/entry: Fix up retpoline assembler labels"
+ - Revert "kvm: vmx: Scrub hardware GPRs at VM-exit"
+ - Revert "Revert "x86/svm: Add code to clear registers on VM exit""
+ - Revert "UBUNTU: SAUCE: x86/microcode: Extend post microcode reload to
+ support IBPB feature -- repair missmerge"
+ - Revert "UBUNTU: SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit"
+ - Revert "s390/spinlock: add gmb memory barrier"
+ - Revert "powerpc: add gmb barrier"
+ - Revert "x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature"
+ - Revert "x86/svm: Add code to clear registers on VM exit"
+ - Revert "x86/svm: Add code to clobber the RSB on VM exit"
+ - Revert "KVM: x86: Add speculative control CPUID support for guests"
+ - Revert "x86/svm: Set IBPB when running a different VCPU"
+ - Revert "x86/svm: Set IBRS value on VM entry and exit"
+ - Revert "KVM: SVM: Do not intercept new speculative control MSRs"
+ - Revert "x86/microcode: Extend post microcode reload to support IBPB feature"
+ - Revert "x86/cpu/AMD: Add speculative control support for AMD"
+ - Revert "x86/entry: Use retpoline for syscall's indirect calls"
+ - Revert "x86/syscall: Clear unused extra registers on 32-bit compatible
+ syscall entrance"
+ - Revert "x86/syscall: Clear unused extra registers on syscall entrance"
+ - Revert "x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb
+ control"
+ - Revert "x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature"
+ - Revert "x86/kvm: Pad RSB on VM transition"
+ - Revert "x86/kvm: Toggle IBRS on VM entry and exit"
+ - Revert "x86/kvm: Set IBPB when switching VM"
+ - Revert "x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm"
+ - Revert "x86/entry: Stuff RSB for entry to kernel for non-SMEP platform"
+ - Revert "x86/mm: Only set IBPB when the new thread cannot ptrace current
+ thread"
+ - Revert "x86/mm: Set IBPB upon context switch"
+ - Revert "x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup"
+ - Revert "x86/idle: Disable IBRS entering idle and enable it on wakeup"
+ - Revert "x86/enter: Use IBRS on syscall and interrupts"
+ - Revert "x86/enter: MACROS to set/clear IBRS and set IBPB"
+ - Revert "x86/feature: Report presence of IBPB and IBRS control"
+ - Revert "x86/feature: Enable the x86 feature to control Speculation"
+ - Revert "udf: prevent speculative execution"
+ - Revert "net: mpls: prevent speculative execution"
+ - Revert "fs: prevent speculative execution"
+ - Revert "ipv6: prevent speculative execution"
+ - Revert "userns: prevent speculative execution"
+ - Revert "Thermal/int340x: prevent speculative execution"
+ - Revert "cw1200: prevent speculative execution"
+ - Revert "qla2xxx: prevent speculative execution"
+ - Revert "p54: prevent speculative execution"
+ - Revert "carl9170: prevent speculative execution"
+ - Revert "uvcvideo: prevent speculative execution"
+ - Revert "x86, bpf, jit: prevent speculative execution when JIT is enabled"
+ - Revert "bpf: prevent speculative execution in eBPF interpreter"
+ - Revert "locking/barriers: introduce new memory barrier gmb()"
+
+ * Unable to boot with i386 4.13.0-25 / 4.13.0-26 / 4.13.0-31 kernel on Xenial
+ / Artful (LP: #1745118)
+ - x86/mm: Fix overlap of i386 CPU_ENTRY_AREA with FIX_BTMAP
+
+ * 4.13: unable to increase MTU configuration for GRE devices (LP: #1743746)
+ - ip_gre: remove the incorrect mtu limit for ipgre tap
+
+ * CVE-2017-17712
+ - net: ipv4: fix for a race condition in raw_sendmsg
+
+ * upload urgency should be medium by default (LP: #1745338)
+ - [Packaging] update urgency to medium by default
+
+ * CVE-2017-15115
+ - sctp: do not peel off an assoc from one netns to another one
+
+ * CVE-2017-8824
+ - dccp: CVE-2017-8824: use-after-free in DCCP code
+
+ -- Khalid Elmously <khalid.elmously@canonical.com> Tue, 06 Feb 2018 13:19:16 -0500
+
+linux (4.13.0-32.35) artful; urgency=low
+
+ * CVE-2017-5715 // CVE-2017-5753
+ - SAUCE: x86/entry: Fix up retpoline assembler labels
+
+ -- Stefan Bader <stefan.bader@canonical.com> Tue, 23 Jan 2018 09:13:39 +0100
+
+linux (4.13.0-31.34) artful; urgency=low
+
+ * linux: 4.13.0-31.34 -proposed tracker (LP: #1744294)
+
+ [ Stefan Bader ]
+ * CVE-2017-5715 // CVE-2017-5753
+ - SAUCE: s390: improve cpu alternative handling for gmb and nobp
+ - SAUCE: s390: print messages for gmb and nobp
+ - [Config] KERNEL_NOBP=y
+
+ -- Marcelo Henrique Cerri <marcelo.cerri@canonical.com> Fri, 19 Jan 2018 09:56:09 -0200
+
+linux (4.13.0-30.33) artful; urgency=low
+
+ * linux: 4.13.0-30.33 -proposed tracker (LP: #1743412)
+
+ * Do not duplicate changelog entries assigned to more than one bug or CVE
+ (LP: #1743383)
+ - [Packaging] git-ubuntu-log -- handle multiple bugs/cves better
+
+ * Unable to handle kernel NULL pointer dereference at isci_task_abort_task
+ (LP: #1726519)
+ - Revert "scsi: libsas: allow async aborts"
+
+ * CVE-2017-5715 // CVE-2017-5753
+ - SAUCE: x86/microcode: Extend post microcode reload to support IBPB feature
+ -- repair missmerge
+ - Revert "x86/svm: Add code to clear registers on VM exit"
+ - kvm: vmx: Scrub hardware GPRs at VM-exit
+
+ -- Marcelo Henrique Cerri <marcelo.cerri@canonical.com> Mon, 15 Jan 2018 16:46:07 -0200
+
+linux (4.13.0-29.32) artful; urgency=low
+
+ * linux: 4.13.0-29.32 -proposed tracker (LP: #1742722)
+
+ * CVE-2017-5754
+ - Revert "x86/cpu: Implement CPU vulnerabilites sysfs functions"
+ - Revert "sysfs/cpu: Fix typos in vulnerability documentation"
+ - Revert "sysfs/cpu: Add vulnerability folder"
+ - Revert "UBUNTU: [Config] updateconfigs to enable
+ GENERIC_CPU_VULNERABILITIES"
+
+ -- Kleber Sacilotto de Souza <kleber.souza@canonical.com> Fri, 12 Jan 2018 12:10:51 +0100
+
+linux (4.13.0-28.31) artful; urgency=low
+
+ * CVE-2017-5753
+ - SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit
+
+ * CVE-2017-5715
+ - SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit
+
+ -- Seth Forshee <seth.forshee@canonical.com> Thu, 11 Jan 2018 17:52:21 -0600
+
+linux (4.13.0-27.30) artful; urgency=low
+
+ [ Andy Whitcroft ]
+ * CVE-2017-5753
+ - locking/barriers: introduce new memory barrier gmb()
+ - bpf: prevent speculative execution in eBPF interpreter
+ - x86, bpf, jit: prevent speculative execution when JIT is enabled
+ - uvcvideo: prevent speculative execution
+ - carl9170: prevent speculative execution
+ - p54: prevent speculative execution
+ - qla2xxx: prevent speculative execution
+ - cw1200: prevent speculative execution
+ - Thermal/int340x: prevent speculative execution
+ - userns: prevent speculative execution
+ - ipv6: prevent speculative execution
+ - fs: prevent speculative execution
+ - net: mpls: prevent speculative execution
+ - udf: prevent speculative execution
+ - x86/feature: Enable the x86 feature to control Speculation
+ - x86/feature: Report presence of IBPB and IBRS control
+ - x86/enter: MACROS to set/clear IBRS and set IBPB
+ - x86/enter: Use IBRS on syscall and interrupts
+ - x86/idle: Disable IBRS entering idle and enable it on wakeup
+ - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup
+ - x86/mm: Set IBPB upon context switch
+ - x86/mm: Only set IBPB when the new thread cannot ptrace current thread
+ - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform
+ - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm
+ - x86/kvm: Set IBPB when switching VM
+ - x86/kvm: Toggle IBRS on VM entry and exit
+ - x86/kvm: Pad RSB on VM transition
+ - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature
+ - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control
+ - x86/syscall: Clear unused extra registers on syscall entrance
+ - x86/syscall: Clear unused extra registers on 32-bit compatible syscall
+ entrance
+ - x86/entry: Use retpoline for syscall's indirect calls
+ - x86/cpu/AMD: Add speculative control support for AMD
+ - x86/microcode: Extend post microcode reload to support IBPB feature
+ - KVM: SVM: Do not intercept new speculative control MSRs
+ - x86/svm: Set IBRS value on VM entry and exit
+ - x86/svm: Set IBPB when running a different VCPU
+ - KVM: x86: Add speculative control CPUID support for guests
+ - x86/svm: Add code to clobber the RSB on VM exit
+ - x86/svm: Add code to clear registers on VM exit
+ - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature
+ - powerpc: add gmb barrier
+ - s390/spinlock: add gmb memory barrier
+ - x86/microcode/AMD: Add support for fam17h microcode loading
+
+ * CVE-2017-5715
+ - locking/barriers: introduce new memory barrier gmb()
+ - bpf: prevent speculative execution in eBPF interpreter
+ - x86, bpf, jit: prevent speculative execution when JIT is enabled
+ - uvcvideo: prevent speculative execution
+ - carl9170: prevent speculative execution
+ - p54: prevent speculative execution
+ - qla2xxx: prevent speculative execution
+ - cw1200: prevent speculative execution
+ - Thermal/int340x: prevent speculative execution
+ - userns: prevent speculative execution
+ - ipv6: prevent speculative execution
+ - fs: prevent speculative execution
+ - net: mpls: prevent speculative execution
+ - udf: prevent speculative execution
+ - x86/feature: Enable the x86 feature to control Speculation
+ - x86/feature: Report presence of IBPB and IBRS control
+ - x86/enter: MACROS to set/clear IBRS and set IBPB
+ - x86/enter: Use IBRS on syscall and interrupts
+ - x86/idle: Disable IBRS entering idle and enable it on wakeup
+ - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup
+ - x86/mm: Set IBPB upon context switch
+ - x86/mm: Only set IBPB when the new thread cannot ptrace current thread
+ - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform
+ - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm
+ - x86/kvm: Set IBPB when switching VM
+ - x86/kvm: Toggle IBRS on VM entry and exit
+ - x86/kvm: Pad RSB on VM transition
+ - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature
+ - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control
+ - x86/syscall: Clear unused extra registers on syscall entrance
+ - x86/syscall: Clear unused extra registers on 32-bit compatible syscall
+ entrance
+ - x86/entry: Use retpoline for syscall's indirect calls
+ - x86/cpu/AMD: Add speculative control support for AMD
+ - x86/microcode: Extend post microcode reload to support IBPB feature
+ - KVM: SVM: Do not intercept new speculative control MSRs
+ - x86/svm: Set IBRS value on VM entry and exit
+ - x86/svm: Set IBPB when running a different VCPU
+ - KVM: x86: Add speculative control CPUID support for guests
+ - x86/svm: Add code to clobber the RSB on VM exit
+ - x86/svm: Add code to clear registers on VM exit
+ - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature
+ - powerpc: add gmb barrier
+ - s390/spinlock: add gmb memory barrier
+ - x86/microcode/AMD: Add support for fam17h microcode loading
+
+ * CVE-2017-5754
+ - x86/pti: Enable PTI by default
+ - x86/pti: Make sure the user/kernel PTEs match
+ - x86/dumpstack: Fix partial register dumps
+ - x86/dumpstack: Print registers for first stack frame
+ - x86/process: Define cpu_tss_rw in same section as declaration
+ - x86/mm: Set MODULES_END to 0xffffffffff000000
+ - x86/mm: Map cpu_entry_area at the same place on 4/5 level
+ - x86/kaslr: Fix the vaddr_end mess
+ - x86/events/intel/ds: Use the proper cache flush method for mapping ds
+ buffers
+ - x86/tlb: Drop the _GPL from the cpu_tlbstate export
+ - x86/alternatives: Add missing '\n' at end of ALTERNATIVE inline asm
+ - x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN
+ - x86/pti: Unbreak EFI old_memmap
+ - x86/Documentation: Add PTI description
+ - x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]
+ - sysfs/cpu: Add vulnerability folder
+ - x86/cpu: Implement CPU vulnerabilites sysfs functions
+ - x86/tboot: Unbreak tboot with PTI enabled
+ - x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*()
+ - x86/cpu/AMD: Make LFENCE a serializing instruction
+ - x86/cpu/AMD: Use LFENCE_RDTSC in preference to MFENCE_RDTSC
+ - sysfs/cpu: Fix typos in vulnerability documentation
+ - x86/alternatives: Fix optimize_nops() checking
+ - x86/pti: Make unpoison of pgd for trusted boot work for real
+ - s390: introduce CPU alternatives
+ - s390: add ppa to kernel entry / exit
+ - SAUCE: powerpc: Secure memory rfi flush
+ - SAUCE: rfi-flush: Make DEBUG_RFI a CONFIG option
+ - SAUCE: rfi-flush: Add HRFI_TO_UNKNOWN and use it in denorm
+ - SAUCE: rfi-flush: kvmppc_skip_(H)interrupt returns to host kernel
+ - SAUCE: KVM: Revert the implementation of H_GET_CPU_CHARACTERISTICS
+ - SAUCE: rfi-flush: Implement congruence-first fallback flush
+ - SAUCE: rfi-flush: Make l1d_flush_type bit flags
+ - SAUCE: rfi-flush: Push the instruction selection down to the patching
+ routine
+ - SAUCE: rfi-flush: Expand the RFI section to two nop slots
+ - SAUCE: rfi-flush: Support more than one flush type at once
+ - SAUCE: rfi-flush: Allow HV to advertise multiple flush types
+ - SAUCE: rfi-flush: Add speculation barrier before ori 30,30,0 flush
+ - SAUCE: rfi-flush: Add barriers to the fallback L1D flushing
+ - SAUCE: rfi-flush: Rework powernv logic to be more cautious
+ - SAUCE: rfi-flush: Rework pseries logic to be more cautious
+ - SAUCE: rfi-flush: Put the fallback flushes in the real trampoline section
+ - SAUCE: rfi-flush: Fix the fallback flush to actually activate
+ - SAUCE: rfi-flush: Fix HRFI_TO_UNKNOWN
+ - SAUCE: rfi-flush: Refactor the macros so the nops are defined once
+ - SAUCE: rfi-flush: Add no_rfi_flush and nopti comandline options
+ - SAUCE: rfi-flush: Use rfi-flush in printks
+ - SAUCE: rfi-flush: Fallback flush add load dependency
+ - SAUCE: rfi-flush: Fix the 32-bit KVM build
+ - SAUCE: rfi-flush: Fix some RFI conversions in the KVM code
+ - SAUCE: rfi-flush: Make the fallback robust against memory corruption
+ - [Config] Disable CONFIG_PPC_DEBUG_RFI
+ - [Config] updateconfigs to enable GENERIC_CPU_VULNERABILITIES
+
+ * powerpc: flush L1D on return to use (LP: #1742772)
+ - SAUCE: powerpc: Secure memory rfi flush
+ - SAUCE: rfi-flush: Make DEBUG_RFI a CONFIG option
+ - SAUCE: rfi-flush: Add HRFI_TO_UNKNOWN and use it in denorm
+ - SAUCE: rfi-flush: kvmppc_skip_(H)interrupt returns to host kernel
+ - SAUCE: KVM: Revert the implementation of H_GET_CPU_CHARACTERISTICS
+ - SAUCE: rfi-flush: Implement congruence-first fallback flush
+ - SAUCE: rfi-flush: Make l1d_flush_type bit flags
+ - SAUCE: rfi-flush: Push the instruction selection down to the patching
+ routine
+ - SAUCE: rfi-flush: Expand the RFI section to two nop slots
+ - SAUCE: rfi-flush: Support more than one flush type at once
+ - SAUCE: rfi-flush: Allow HV to advertise multiple flush types
+ - SAUCE: rfi-flush: Add speculation barrier before ori 30,30,0 flush
+ - SAUCE: rfi-flush: Add barriers to the fallback L1D flushing
+ - SAUCE: rfi-flush: Rework powernv logic to be more cautious
+ - SAUCE: rfi-flush: Rework pseries logic to be more cautious
+ - SAUCE: rfi-flush: Put the fallback flushes in the real trampoline section
+ - SAUCE: rfi-flush: Fix the fallback flush to actually activate
+ - SAUCE: rfi-flush: Fix HRFI_TO_UNKNOWN
+ - SAUCE: rfi-flush: Refactor the macros so the nops are defined once
+ - SAUCE: rfi-flush: Add no_rfi_flush and nopti comandline options
+ - SAUCE: rfi-flush: Use rfi-flush in printks
+ - SAUCE: rfi-flush: Fallback flush add load dependency
+ - SAUCE: rfi-flush: Fix the 32-bit KVM build
+ - SAUCE: rfi-flush: Fix some RFI conversions in the KVM code
+ - SAUCE: rfi-flush: Make the fallback robust against memory corruption
+ - [Config] Disable CONFIG_PPC_DEBUG_RFI
+
+ * s390: add ppa to kernel entry/exit (LP: #1742771)
+ - s390: introduce CPU alternatives
+ - s390: add ppa to kernel entry / exit
+
+ -- Marcelo Henrique Cerri <marcelo.cerri@canonical.com> Thu, 11 Jan 2018 18:41:44 -0200
+
+linux (4.13.0-25.29) artful; urgency=low
+
+ * linux: 4.13.0-25.29 -proposed tracker (LP: #1741955)
+
+ * CVE-2017-5754
+ - Revert "UBUNTU: [Config] updateconfigs to enable PTI"
+ - [Config] Enable PTI with UNWINDER_FRAME_POINTER
+
+ -- Marcelo Henrique Cerri <marcelo.cerri@canonical.com> Mon, 08 Jan 2018 17:13:57 -0200
+
+linux (4.13.0-24.28) artful; urgency=low
+
+ * linux: 4.13.0-24.28 -proposed tracker (LP: #1741745)
+
+ * CVE-2017-5754
+ - x86/cpu, x86/pti: Do not enable PTI on AMD processors
+
+ -- Marcelo Henrique Cerri <marcelo.cerri@canonical.com> Sun, 07 Jan 2018 11:49:34 -0200
+
+linux (4.13.0-23.27) artful; urgency=low
+
+ * linux: 4.13.0-23.27 -proposed tracker (LP: #1741556)
+
+ [ Kleber Sacilotto de Souza ]
+ * CVE-2017-5754
+ - x86/mm: Add the 'nopcid' boot option to turn off PCID
+ - x86/mm: Enable CR4.PCIDE on supported systems
+ - x86/mm: Document how CR4.PCIDE restore works
+ - x86/entry/64: Refactor IRQ stacks and make them NMI-safe
+ - x86/entry/64: Initialize the top of the IRQ stack before switching stacks
+ - x86/entry/64: Add unwind hint annotations
+ - xen/x86: Remove SME feature in PV guests
+ - x86/xen/64: Rearrange the SYSCALL entries
+ - irq: Make the irqentry text section unconditional
+ - x86/xen/64: Fix the reported SS and CS in SYSCALL
+ - x86/paravirt/xen: Remove xen_patch()
+ - x86/traps: Simplify pagefault tracing logic
+ - x86/idt: Unify gate_struct handling for 32/64-bit kernels
+ - x86/asm: Replace access to desc_struct:a/b fields
+ - x86/xen: Get rid of paravirt op adjust_exception_frame
+ - x86/paravirt: Remove no longer used paravirt functions
+ - x86/entry: Fix idtentry unwind hint
+ - x86/mm/64: Initialize CR4.PCIDE early
+ - objtool: Add ORC unwind table generation
+ - objtool, x86: Add facility for asm code to provide unwind hints
+ - x86/unwind: Add the ORC unwinder
+ - x86/kconfig: Consolidate unwinders into multiple choice selection
+ - objtool: Upgrade libelf-devel warning to error for CONFIG_ORC_UNWINDER
+ - x86/ldt/64: Refresh DS and ES when modify_ldt changes an entry
+ - x86/mm: Give each mm TLB flush generation a unique ID
+ - x86/mm: Track the TLB's tlb_gen and update the flushing algorithm
+ - x86/mm: Rework lazy TLB mode and TLB freshness tracking
+ - x86/mm: Implement PCID based optimization: try to preserve old TLB entries
+ using PCID
+ - x86/mm: Factor out CR3-building code
+ - x86/mm/64: Stop using CR3.PCID == 0 in ASID-aware code
+ - x86/mm: Flush more aggressively in lazy TLB mode
+ - Revert "x86/mm: Stop calling leave_mm() in idle code"
+ - kprobes/x86: Set up frame pointer in kprobe trampoline
+ - x86/tracing: Introduce a static key for exception tracing
+ - x86/boot: Add early cmdline parsing for options with arguments
+ - mm, x86/mm: Fix performance regression in get_user_pages_fast()
+ - x86/asm: Remove unnecessary \n\t in front of CC_SET() from asm templates
+ - objtool: Don't report end of section error after an empty unwind hint
+ - x86/head: Remove confusing comment
+ - x86/head: Remove unused 'bad_address' code
+ - x86/head: Fix head ELF function annotations
+ - x86/boot: Annotate verify_cpu() as a callable function
+ - x86/xen: Fix xen head ELF annotations
+ - x86/xen: Add unwind hint annotations
+ - x86/head: Add unwind hint annotations
+ - ACPI / APEI: adjust a local variable type in ghes_ioremap_pfn_irq()
+ - x86/unwinder: Make CONFIG_UNWINDER_ORC=y the default in the 64-bit defconfig
+ - x86/fpu/debug: Remove unused 'x86_fpu_state' and 'x86_fpu_deactivate_state'
+ tracepoints
+ - x86/unwind: Rename unwinder config options to 'CONFIG_UNWINDER_*'
+ - x86/unwind: Make CONFIG_UNWINDER_ORC=y the default in kconfig for 64-bit
+ - bitops: Add clear/set_bit32() to linux/bitops.h
+ - x86/cpuid: Add generic table for CPUID dependencies
+ - x86/fpu: Parse clearcpuid= as early XSAVE argument
+ - x86/fpu: Make XSAVE check the base CPUID features before enabling
+ - x86/fpu: Remove the explicit clearing of XSAVE dependent features
+ - x86/platform/UV: Convert timers to use timer_setup()
+ - objtool: Print top level commands on incorrect usage
+ - x86/cpuid: Prevent out of bound access in do_clear_cpu_cap()
+ - x86/entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt()
+ - mm/sparsemem: Allocate mem_section at runtime for CONFIG_SPARSEMEM_EXTREME=y
+ - x86/kasan: Use the same shadow offset for 4- and 5-level paging
+ - x86/xen: Provide pre-built page tables only for CONFIG_XEN_PV=y and
+ CONFIG_XEN_PVH=y
+ - x86/xen: Drop 5-level paging support code from the XEN_PV code
+ - ACPI / APEI: remove the unused dead-code for SEA/NMI notification type
+ - x86/asm: Don't use the confusing '.ifeq' directive
+ - x86/build: Beautify build log of syscall headers
+ - x86/mm/64: Rename the register_page_bootmem_memmap() 'size' parameter to
+ 'nr_pages'
+ - x86/cpufeatures: Enable new SSE/AVX/AVX512 CPU features
+ - x86/mm: Relocate page fault error codes to traps.h
+ - x86/boot: Relocate definition of the initial state of CR0
+ - ptrace,x86: Make user_64bit_mode() available to 32-bit builds
+ - x86/entry/64: Remove the restore_c_regs_and_iret label
+ - x86/entry/64: Split the IRET-to-user and IRET-to-kernel paths
+ - x86/entry/64: Move SWAPGS into the common IRET-to-usermode path
+ - x86/entry/64: Simplify reg restore code in the standard IRET paths
+ - x86/entry/64: Shrink paranoid_exit_restore and make labels local
+ - x86/entry/64: Use pop instead of movq in syscall_return_via_sysret
+ - x86/entry/64: Merge the fast and slow SYSRET paths
+ - x86/entry/64: Use POP instead of MOV to restore regs on NMI return
+ - x86/entry/64: Remove the RESTORE_..._REGS infrastructure
+ - xen, x86/entry/64: Add xen NMI trap entry
+ - x86/entry/64: De-Xen-ify our NMI code
+ - x86/entry/32: Pull the MSR_IA32_SYSENTER_CS update code out of
+ native_load_sp0()
+ - x86/entry/64: Pass SP0 directly to load_sp0()
+ - x86/entry: Add task_top_of_stack() to find the top of a task's stack
+ - x86/xen/64, x86/entry/64: Clean up SP code in cpu_initialize_context()
+ - x86/entry/64: Stop initializing TSS.sp0 at boot
+ - x86/entry/64: Remove all remaining direct thread_struct::sp0 reads
+ - x86/entry/32: Fix cpu_current_top_of_stack initialization at boot
+ - x86/entry/64: Remove thread_struct::sp0
+ - x86/traps: Use a new on_thread_stack() helper to clean up an assertion
+ - x86/entry/64: Shorten TEST instructions
+ - x86/cpuid: Replace set/clear_bit32()
+ - bitops: Revert cbe96375025e ("bitops: Add clear/set_bit32() to
+ linux/bitops.h")
+ - x86/mm: Define _PAGE_TABLE using _KERNPG_TABLE
+ - x86/cpufeatures: Re-tabulate the X86_FEATURE definitions
+ - x86/cpufeatures: Fix various details in the feature definitions
+ - selftests/x86/protection_keys: Fix syscall NR redefinition warnings
+ - selftests/x86/ldt_gdt: Robustify against set_thread_area() and LAR oddities
+ - selftests/x86/ldt_gdt: Add infrastructure to test set_thread_area()
+ - selftests/x86/ldt_gdt: Run most existing LDT test cases against the GDT as
+ well
+ - selftests/x86/ldt_get: Add a few additional tests for limits
+ - ACPI / APEI: Replace ioremap_page_range() with fixmap
+ - x86/virt, x86/platform: Merge 'struct x86_hyper' into 'struct x86_platform'
+ and 'struct x86_init'
+ - x86/virt: Add enum for hypervisors to replace x86_hyper
+ - drivers/misc/intel/pti: Rename the header file to free up the namespace
+ - x86/cpufeature: Add User-Mode Instruction Prevention definitions
+ - x86: Make X86_BUG_FXSAVE_LEAK detectable in CPUID on AMD
+ - perf/x86: Enable free running PEBS for REGS_USER/INTR
+ - bpf: fix build issues on um due to mising bpf_perf_event.h
+ - locking/barriers: Add implicit smp_read_barrier_depends() to READ_ONCE()
+ - locking/barriers: Convert users of lockless_dereference() to READ_ONCE()
+ - x86/mm/kasan: Don't use vmemmap_populate() to initialize shadow
+ - mm/sparsemem: Fix ARM64 boot crash when CONFIG_SPARSEMEM_EXTREME=y
+ - objtool: Move synced files to their original relative locations
+ - objtool: Move kernel headers/code sync check to a script
+ - objtool: Fix cross-build
+ - tools/headers: Sync objtool UAPI header
+ - objtool: Fix 64-bit build on 32-bit host
+ - x86/decoder: Fix and update the opcodes map
+ - x86/decoder: Add new TEST instruction pattern
+ - x86/insn-eval: Add utility functions to get segment selector
+ - x86/entry/64/paravirt: Use paravirt-safe macro to access eflags
+ - x86/unwinder/orc: Dont bail on stack overflow
+ - x86/unwinder: Handle stack overflows more gracefully
+ - x86/irq: Remove an old outdated comment about context tracking races
+ - x86/irq/64: Print the offending IP in the stack overflow warning
+ - x86/entry/64: Allocate and enable the SYSENTER stack
+ - x86/dumpstack: Add get_stack_info() support for the SYSENTER stack
+ - x86/entry/gdt: Put per-CPU GDT remaps in ascending order
+ - x86/mm/fixmap: Generalize the GDT fixmap mechanism, introduce struct
+ cpu_entry_area
+ - x86/kasan/64: Teach KASAN about the cpu_entry_area
+ - x86/entry: Fix assumptions that the HW TSS is at the beginning of cpu_tss
+ - x86/dumpstack: Handle stack overflow on all stacks
+ - x86/entry: Move SYSENTER_stack to the beginning of struct tss_struct
+ - x86/entry: Remap the TSS into the CPU entry area
+ - x86/entry/64: Separate cpu_current_top_of_stack from TSS.sp0
+ - x86/espfix/64: Stop assuming that pt_regs is on the entry stack
+ - x86/entry/64: Use a per-CPU trampoline stack for IDT entries
+ - x86/entry/64: Return to userspace from the trampoline stack
+ - x86/entry/64: Create a per-CPU SYSCALL entry trampoline
+ - x86/entry/64: Move the IST stacks into struct cpu_entry_area
+ - x86/entry/64: Remove the SYSENTER stack canary
+ - x86/entry: Clean up the SYSENTER_stack code
+ - x86/entry/64: Make cpu_entry_area.tss read-only
+ - x86/paravirt: Dont patch flush_tlb_single
+ - x86/paravirt: Provide a way to check for hypervisors
+ - x86/cpufeatures: Make CPU bugs sticky
+ - x86/Kconfig: Limit NR_CPUS on 32-bit to a sane amount
+ - x86/mm/dump_pagetables: Check PAGE_PRESENT for real
+ - x86/mm/dump_pagetables: Make the address hints correct and readable
+ - x86/vsyscall/64: Explicitly set _PAGE_USER in the pagetable hierarchy
+ - x86/vsyscall/64: Warn and fail vsyscall emulation in NATIVE mode
+ - arch, mm: Allow arch_dup_mmap() to fail
+ - x86/ldt: Rework locking
+ - x86/ldt: Prevent LDT inheritance on exec
+ - x86/mm/64: Improve the memory map documentation
+ - x86/doc: Remove obvious weirdnesses from the x86 MM layout documentation
+ - x86/entry: Rename SYSENTER_stack to CPU_ENTRY_AREA_entry_stack
+ - x86/uv: Use the right TLB-flush API
+ - x86/microcode: Dont abuse the TLB-flush interface
+ - x86/mm: Use __flush_tlb_one() for kernel memory
+ - x86/mm: Remove superfluous barriers
+ - x86/mm: Add comments to clarify which TLB-flush functions are supposed to
+ flush what
+ - x86/mm: Move the CR3 construction functions to tlbflush.h
+ - x86/mm: Remove hard-coded ASID limit checks
+ - x86/mm: Put MMU to hardware ASID translation in one place
+ - x86/mm: Create asm/invpcid.h
+ - x86/cpu_entry_area: Move it to a separate unit
+ - x86/cpu_entry_area: Move it out of the fixmap
+ - init: Invoke init_espfix_bsp() from mm_init()
+ - x86/cpu_entry_area: Prevent wraparound in setup_cpu_entry_area_ptes() on
+ 32bit
+ - x86/cpufeatures: Add X86_BUG_CPU_INSECURE
+ - x86/mm/pti: Disable global pages if PAGE_TABLE_ISOLATION=y
+ - x86/mm/pti: Prepare the x86/entry assembly code for entry/exit CR3 switching
+ - x86/mm/pti: Add infrastructure for page table isolation
+ - x86/pti: Add the pti= cmdline option and documentation
+ - x86/mm/pti: Add mapping helper functions
+ - x86/mm/pti: Allow NX poison to be set in p4d/pgd
+ - x86/mm/pti: Allocate a separate user PGD
+ - x86/mm/pti: Populate user PGD
+ - x86/mm/pti: Add functions to clone kernel PMDs
+ - x86/mm/pti: Force entry through trampoline when PTI active
+ - x86/mm/pti: Share cpu_entry_area with user space page tables
+ - x86/entry: Align entry text section to PMD boundary
+ - x86/mm/pti: Share entry text PMD
+ - x86/mm/pti: Map ESPFIX into user space
+ - x86/cpu_entry_area: Add debugstore entries to cpu_entry_area
+ - x86/events/intel/ds: Map debug buffers in cpu_entry_area
+ - x86/mm/64: Make a full PGD-entry size hole in the memory map
+ - x86/pti: Put the LDT in its own PGD if PTI is on
+ - x86/pti: Map the vsyscall page if needed
+ - x86/mm: Allow flushing for future ASID switches
+ - x86/mm: Abstract switching CR3
+ - x86/mm: Use/Fix PCID to optimize user/kernel switches
+ - x86/mm: Optimize RESTORE_CR3
+ - x86/mm: Use INVPCID for __native_flush_tlb_single()
+ - x86/mm: Clarify the whole ASID/kernel PCID/user PCID naming
+ - x86/dumpstack: Indicate in Oops whether PTI is configured and enabled
+ - x86/mm/pti: Add Kconfig
+ - x86/mm/dump_pagetables: Add page table directory to the debugfs VFS
+ hierarchy
+ - x86/mm/dump_pagetables: Check user space page table for WX pages
+ - x86/mm/dump_pagetables: Allow dumping current pagetables
+ - x86/ldt: Make the LDT mapping RO
+ - x86/smpboot: Remove stale TLB flush invocations
+ - x86/mm: Remove preempt_disable/enable() from __native_flush_tlb()
+ - x86/ldt: Plug memory leak in error path
+ - x86/ldt: Make LDT pgtable free conditional
+ - [Config] updateconfigs to enable PTI
+ - kvm: x86: fix RSM when PCID is non-zero
+ - x86/pti: Switch to kernel CR3 at early in entry_SYSCALL_compat()
+ - SAUCE: only attempt to use PCID in 64 bit builds
+ - SAUCE: BODGE: temporarily disable some kprobe trace points which are
+ cratering
+ - s390/mm: use generic mm_hooks
+ - objtool: use sh to invoke sync-check.sh in the Makefile
+
+ * CVE-2017-17862
+ - bpf: fix branch pruning logic
+
+ * CVE-2017-17864
+ - SAUCE: bpf/verifier: Fix states_equal() comparison of pointer and UNKNOWN
+
+ * CVE-2017-16995
+ - bpf: fix incorrect sign extension in check_alu_op()
+
+ * CVE-2017-17863
+ - SAUCE: bpf: reject out-of-bounds stack pointer calculation
+
+ -- Marcelo Henrique Cerri <marcelo.cerri@canonical.com> Sat, 06 Jan 2018 20:01:35 +0000
+
+linux (4.13.0-21.24) artful; urgency=low
+
+ * linux: 4.13.0-21.24 -proposed tracker (LP: #1738823)
+
+ * Ubuntu 17.10 corrupting BIOS - many LENOVO laptops models (LP: #1734147)
+ - [Config] CONFIG_SPI_INTEL_SPI_PLATFORM=n
+
+ -- Thadeu Lima de Souza Cascardo <cascardo@canonical.com> Mon, 18 Dec 2017 14:13:33 -0200
+
+linux (4.13.0-19.22) artful; urgency=low
+
+ * linux: 4.13.0-19.22 -proposed tracker (LP: #1736118)
+
+ * CVE-2017-1000405
+ - mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d()
+
+ -- Stefan Bader <stefan.bader@canonical.com> Mon, 04 Dec 2017 12:27:13 +0100
+
+linux (4.13.0-18.21) artful; urgency=low
+
+ * linux: 4.13.0-18.21 -proposed tracker (LP: #1733530)
+
+ * NVMe timeout is too short (LP: #1729119)
+ - nvme: update timeout module parameter type
+
+ * CPU call trace on AMD Raven Ridge after S3 (LP: #1732894)
+ - x86/mce/AMD: Allow any CPU to initialize the smca_banks array
+
+ * Set PANIC_TIMEOUT=10 on Power Systems (LP: #1730660)
+ - [Config]: Set PANIC_TIMEOUT=10 on ppc64el
+
+ * Cannot pair BLE remote devices when using combo BT SoC (LP: #1731467)
+ - Bluetooth: increase timeout for le auto connections
+
+ * enable CONFIG_SND_SOC_INTEL_BYT_CHT_NOCODEC_MACH easily confuse users
+ (LP: #1732627)
+ - [Config] CONFIG_SND_SOC_INTEL_BYT_CHT_NOCODEC_MACH=n
+
+ * Plantronics P610 does not support sample rate reading (LP: #1719853)
+ - ALSA: usb-audio: Add sample rate quirk for Plantronics P610
+
+ * Allow drivers to use Relaxed Ordering on capable root ports (LP: #1721365)
+ - Revert commit 1a8b6d76dc5b ("net:add one common config...")
+ - net: ixgbe: Use new PCI_DEV_FLAGS_NO_RELAXED_ORDERING flag
+
+ * support GICv3 ITS save/restore & migration (LP: #1710019)
+ - KVM: arm/arm64: vgic-its: Fix return value for device table restore
+
+ * Device hotplugging with MPT SAS cannot work for VMWare ESXi (LP: #1730852)
+ - scsi: mptsas: Fixup device hotplug for VMWare ESXi
+
+ * Artful update to 4.13.13 stable release (LP: #1732726)
+ - netfilter: nat: Revert "netfilter: nat: convert nat bysrc hash to
+ rhashtable"
+ - netfilter: nft_set_hash: disable fast_ops for 2-len keys
+ - workqueue: Fix NULL pointer dereference
+ - crypto: ccm - preserve the IV buffer
+ - crypto: x86/sha1-mb - fix panic due to unaligned access
+ - crypto: x86/sha256-mb - fix panic due to unaligned access
+ - KEYS: fix NULL pointer dereference during ASN.1 parsing [ver #2]
+ - ACPI / PM: Blacklist Low Power S0 Idle _DSM for Dell XPS13 9360
+ - ARM: 8720/1: ensure dump_instr() checks addr_limit
+ - ALSA: timer: Limit max instances per timer
+ - ALSA: usb-audio: support new Amanero Combo384 firmware version
+ - ALSA: hda - fix headset mic problem for Dell machines with alc274
+ - ALSA: seq: Fix OSS sysex delivery in OSS emulation
+ - ALSA: seq: Avoid invalid lockdep class warning
+ - MIPS: Fix CM region target definitions
+ - MIPS: BMIPS: Fix missing cbr address
+ - MIPS: AR7: Defer registration of GPIO
+ - MIPS: AR7: Ensure that serial ports are properly set up
+ - KVM: PPC: Book3S HV: Fix exclusion between HPT resizing and other HPT
+ updates
+ - Input: elan_i2c - add ELAN060C to the ACPI table
+ - rbd: use GFP_NOIO for parent stat and data requests
+ - drm/vmwgfx: Fix Ubuntu 17.10 Wayland black screen issue
+ - Revert "x86: CPU: Fix up "cpu MHz" in /proc/cpuinfo"
+ - can: sun4i: handle overrun in RX FIFO
+ - can: peak: Add support for new PCIe/M2 CAN FD interfaces
+ - can: ifi: Fix transmitter delay calculation
+ - can: c_can: don't indicate triple sampling support for D_CAN
+ - x86/debug: Handle warnings before the notifier chain, to fix KGDB crash
+ - x86/smpboot: Make optimization of delay calibration work correctly
+ - x86/oprofile/ppro: Do not use __this_cpu*() in preemptible context
+ - Linux 4.13.13
+
+ * ELANTECH Touchpad is not detected in 'Lenovo Ideapad 320 14AST' after fresh
+ install (LP: #1727544)
+ - Input: elan_i2c - add ELAN060C to the ACPI table
+
+ * Power8 Nest PMU Instrumentation support (LP: #1481347)
+ - powerpc/powernv: Add IMC OPAL APIs
+ - powerpc/powernv: Detect and create IMC device
+ - powerpc/perf: Add nest IMC PMU support
+ - powerpc/perf: Add core IMC PMU support
+ - powerpc/perf: Add thread IMC PMU support
+ - powerpc/perf: Fix double unlock in imc_common_cpuhp_mem_free()
+ - powerpc/perf/imc: Fix nest events on muti socket system
+ - powerpc/powernv: Fix build error in opal-imc.c when NUMA=n
+ - powerpc/perf: Fix usage of nest_imc_refc
+ - powerpc/perf: Fix for core/nest imc call trace on cpuhotplug
+ - powerpc/perf: Add ___GFP_NOWARN flag to alloc_pages_node()
+ - powerpc/perf: Fix IMC initialization crash
+
+ * Artful update to 4.13.12 stable release (LP: #1731971)
+ - ALSA: timer: Add missing mutex lock for compat ioctls
+ - ALSA: seq: Fix nested rwsem annotation for lockdep splat
+ - cifs: check MaxPathNameComponentLength != 0 before using it
+ - KEYS: return full count in keyring_read() if buffer is too small
+ - KEYS: trusted: fix writing past end of buffer in trusted_read()
+ - KEYS: fix out-of-bounds read during ASN.1 parsing
+ - ASoC: adau17x1: Workaround for noise bug in ADC
+ - virtio_blk: Fix an SG_IO regression
+ - arm64: ensure __dump_instr() checks addr_limit
+ - KVM: arm64: its: Fix missing dynamic allocation check in scan_its_table
+ - arm/arm64: KVM: set right LR register value for 32 bit guest when inject
+ abort
+ - arm/arm64: kvm: Disable branch profiling in HYP code
+ - ARM: dts: mvebu: pl310-cache disable double-linefill
+ - ARM: 8715/1: add a private asm/unaligned.h
+ - drm/amdgpu: return -ENOENT from uvd 6.0 early init for harvesting
+ - drm/amdgpu: allow harvesting check for Polaris VCE
+ - userfaultfd: hugetlbfs: prevent UFFDIO_COPY to fill beyond the end of i_size
+ - ocfs2: fstrim: Fix start offset of first cluster group during fstrim
+ - fs/hugetlbfs/inode.c: fix hwpoison reserve accounting
+ - mm, swap: fix race between swap count continuation operations
+ - drm/i915: Do not rely on wm preservation for ILK watermarks
+ - drm/i915/edp: read edp display control registers unconditionally
+ - Revert "powerpc64/elfv1: Only dereference function descriptor for non-text
+ symbols"
+ - MIPS: bpf: Fix a typo in build_one_insn()
+ - MIPS: smp-cmp: Use right include for task_struct
+ - MIPS: microMIPS: Fix incorrect mask in insn_table_MM
+ - MIPS: SMP: Fix deadlock & online race
+ - Revert "x86: do not use cpufreq_quick_get() for /proc/cpuinfo "cpu MHz""
+ - x86: CPU: Fix up "cpu MHz" in /proc/cpuinfo
+ - powerpc/kprobes: Dereference function pointers only if the address does not
+ belong to kernel text
+ - futex: Fix more put_pi_state() vs. exit_pi_state_list() races
+ - perf/cgroup: Fix perf cgroup hierarchy support
+ - x86/mcelog: Get rid of RCU remnants
+ - irqchip/irq-mvebu-gicp: Add missing spin_lock init
+ - Linux 4.13.12
+
+ * Artful update to 4.13.11 stable release (LP: #1731961)
+ - workqueue: replace pool->manager_arb mutex with a flag
+ - nvme-fc: fix iowait hang
+ - ALSA: hda/realtek - Add support for ALC236/ALC3204
+ - ALSA: hda - fix headset mic problem for Dell machines with alc236
+ - ceph: unlock dangling spinlock in try_flush_caps()
+ - Fix tracing sample code warning.
+ - KVM: PPC: Fix oops when checking KVM_CAP_PPC_HTM
+ - KVM: PPC: Book3S HV: POWER9 more doorbell fixes
+ - KVM: PPC: Book3S: Protect kvmppc_gpa_to_ua() with SRCU
+ - s390/kvm: fix detection of guest machine checks
+ - nbd: handle interrupted sendmsg with a sndtimeo set
+ - spi: uapi: spidev: add missing ioctl header
+ - spi: a3700: Return correct value on timeout detection
+ - spi: bcm-qspi: Fix use after free in bcm_qspi_probe() in error path
+ - spi: armada-3700: Fix failing commands with quad-SPI
+ - ovl: add NULL check in ovl_alloc_inode
+ - ovl: fix EIO from lookup of non-indexed upper
+ - ovl: handle ENOENT on index lookup
+ - ovl: do not cleanup unsupported index entries
+ - fuse: fix READDIRPLUS skipping an entry
+ - xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap()
+ - xen: fix booting ballooned down hvm guest
+ - cifs: Select all required crypto modules
+ - CIFS: Fix NULL pointer deref on SMB2_tcon() failure
+ - Input: elan_i2c - add ELAN0611 to the ACPI table
+ - Input: gtco - fix potential out-of-bound access
+ - Fix encryption labels and lengths for SMB3.1.1
+ - SMB3: Validate negotiate request must always be signed
+ - assoc_array: Fix a buggy node-splitting case
+ - scsi: zfcp: fix erp_action use-before-initialize in REC action trace
+ - scsi: aacraid: Fix controller initialization failure
+ - scsi: qla2xxx: Initialize Work element before requesting IRQs
+ - scsi: sg: Re-fix off by one in sg_fill_request_table()
+ - x86/cpu/AMD: Apply the Erratum 688 fix when the BIOS doesn't
+ - drm/amd/powerplay: fix uninitialized variable
+ - drm/i915/perf: fix perf enable/disable ioctls with 32bits userspace
+ - can: sun4i: fix loopback mode
+ - can: kvaser_usb: Correct return value in printout
+ - can: kvaser_usb: Ignore CMD_FLUSH_QUEUE_REPLY messages
+ - cfg80211: fix connect/disconnect edge cases
+ - ipsec: Fix aborted xfrm policy dump crash
+ - regulator: fan53555: fix I2C device ids
+ - powerpc/xive: Fix the size of the cpumask used in xive_find_target_in_mask()
+ - Linux 4.13.11
+
+ * Touchpad not detected - Lenovo ideapad 320-15IKB (LP: #1723736)
+ - Input: elan_i2c - add ELAN0611 to the ACPI table
+
+ * Artful update to 4.13.10 stable release (LP: #1731951)
+ - staging: bcm2835-audio: Fix memory corruption
+ - USB: devio: Revert "USB: devio: Don't corrupt user memory"
+ - USB: core: fix out-of-bounds access bug in usb_get_bos_descriptor()
+ - USB: serial: metro-usb: add MS7820 device id
+ - usb: cdc_acm: Add quirk for Elatec TWN3
+ - usb: quirks: add quirk for WORLDE MINI MIDI keyboard
+ - usb: hub: Allow reset retry for USB2 devices on connect bounce
+ - ALSA: usb-audio: Add native DSD support for Pro-Ject Pre Box S2 Digital
+ - can: gs_usb: fix busy loop if no more TX context is available
+ - scsi: qla2xxx: Fix uninitialized work element
+ - nbd: don't set the device size until we're connected
+ - s390/cputime: fix guest/irq/softirq times after CPU hotplug
+ - parisc: Fix double-word compare and exchange in LWS code on 32-bit kernels
+ - parisc: Fix detection of nonsynchronous cr16 cycle counters
+ - iio: dummy: events: Add missing break
+ - usb: musb: sunxi: Explicitly release USB PHY on exit
+ - USB: musb: fix session-bit runtime-PM quirk
+ - USB: musb: fix late external abort on suspend
+ - usb: musb: musb_cppi41: Fix the address of teardown and autoreq registers
+ - usb: musb: musb_cppi41: Fix cppi41_set_dma_mode() for DA8xx
+ - usb: musb: musb_cppi41: Configure the number of channels for DA8xx
+ - usb: musb: Check for host-mode using is_host_active() on reset interrupt
+ - xhci: Identify USB 3.1 capable hosts by their port protocol capability
+ - xhci: Cleanup current_cmd in xhci_cleanup_command_queue()
+ - usb: xhci: Reset halted endpoint if trb is noop
+ - usb: xhci: Handle error condition in xhci_stop_device()
+ - can: esd_usb2: Fix can_dlc value for received RTR, frames
+ - can: af_can: can_pernet_init(): add missing error handling for kzalloc
+ returning NULL
+ - can: flexcan: fix state transition regression
+ - can: flexcan: rename legacy error state quirk
+ - can: flexcan: implement error passive state quirk
+ - can: flexcan: fix i.MX6 state transition issue
+ - can: flexcan: fix i.MX28 state transition issue
+ - can: flexcan: fix p1010 state transition issue
+ - KEYS: encrypted: fix dereference of NULL user_key_payload
+ - mmc: sdhci-pci: Fix default d3_retune for Intel host controllers
+ - drm/i915: Use bdw_ddi_translations_fdi for Broadwell
+ - drm/nouveau/kms/nv50: fix oops during DP IRQ handling on non-MST boards
+ - drm/nouveau/bsp/g92: disable by default
+ - drm/nouveau/mmu: flush tlbs before deleting page tables
+ - media: s5p-cec: add NACK detection support
+ - media: cec: Respond to unregistered initiators, when applicable
+ - media: dvb: i2c transfers over usb cannot be done from stack
+ - tracing/samples: Fix creation and deletion of simple_thread_fn creation
+ - ALSA: seq: Enable 'use' locking in all configurations
+ - ALSA: hda: Remove superfluous '-' added by printk conversion
+ - ALSA: hda: Abort capability probe at invalid register read
+ - i2c: ismt: Separate I2C block read from SMBus block read
+ - i2c: piix4: Fix SMBus port selection for AMD Family 17h chips
+ - Revert "tools/power turbostat: stop migrating, unless '-m'"
+ - Input: stmfts - fix setting ABS_MT_POSITION_* maximum size
+ - brcmfmac: Add check for short event packets
+ - brcmsmac: make some local variables 'static const' to reduce stack size
+ - ARM: dts: sun6i: Fix endpoint IDs in second display pipeline
+ - bus: mbus: fix window size calculation for 4GB windows
+ - clockevents/drivers/cs5535: Improve resilience to spurious interrupts
+ - rtlwifi: rtl8821ae: Fix connection lost problem
+ - x86/microcode/intel: Disable late loading on model 79
+ - lib/digsig: fix dereference of NULL user_key_payload
+ - fscrypt: fix dereference of NULL user_key_payload
+ - ecryptfs: fix dereference of NULL user_key_payload
+ - KEYS: Fix race between updating and finding a negative key
+ - FS-Cache: fix dereference of NULL user_key_payload
+ - KEYS: don't let add_key() update an uninstantiated key
+ - pkcs7: Prevent NULL pointer dereference, since sinfo is not always set.
+ - arm64: dts: rockchip: correct vqmmc voltage for rk3399 platforms
+ - ALSA: hda - Fix incorrect TLV callback check introduced during set_fs()
+ removal
+ - iomap_dio_rw: Allocate AIO completion queue before submitting dio
+ - xfs: don't unconditionally clear the reflink flag on zero-block files
+ - xfs: evict CoW fork extents when performing finsert/fcollapse
+ - fs/xfs: Use %pS printk format for direct addresses
+ - xfs: report zeroed or not correctly in xfs_zero_range()
+ - xfs: update i_size after unwritten conversion in dio completion
+ - xfs: perag initialization should only touch m_ag_max_usable for AG 0
+ - xfs: Capture state of the right inode in xfs_iflush_done
+ - xfs: always swap the cow forks when swapping extents
+ - xfs: handle racy AIO in xfs_reflink_end_cow
+ - xfs: Don't log uninitialised fields in inode structures
+ - xfs: move more RT specific code under CONFIG_XFS_RT
+ - xfs: don't change inode mode if ACL update fails
+ - xfs: reinit btree pointer on attr tree inactivation walk
+ - xfs: handle error if xfs_btree_get_bufs fails
+ - xfs: cancel dirty pages on invalidation
+ - xfs: trim writepage mapping to within eof
+ - xfs: move two more RT specific functions into CONFIG_XFS_RT
+ - Linux 4.13.10
+
+ * Artful update to 4.13.9 stable release (LP: #1731926)
+ - perf pmu: Unbreak perf record for arm/arm64 with events with explicit PMU
+ - mm: page_vma_mapped: ensure pmd is loaded with READ_ONCE outside of lock
+ - HID: hid-elecom: extend to fix descriptor for HUGE trackball
+ - Drivers: hv: vmbus: Fix rescind handling issues
+ - Drivers: hv: vmbus: Fix bugs in rescind handling
+ - vmbus: simplify hv_ringbuffer_read
+ - vmbus: refactor hv_signal_on_read
+ - vmbus: eliminate duplicate cached index
+ - vmbus: more host signalling avoidance
+ - Linux 4.13.9
+
+ -- Stefan Bader <stefan.bader@canonical.com> Tue, 21 Nov 2017 17:52:51 +0100
+
+linux (4.13.0-17.20) artful; urgency=low
+
+ * linux: 4.13.0-17.20 -proposed tracker (LP: #1728927)
+
+ [ Seth Forshee ]
+ * thunderx2 ahci errata workaround needs additional delays (LP: #1724117)
+ - SAUCE: ahci: thunderx2: stop engine fix update
+
+ * usb 3-1: 2:1: cannot get freq at ep 0x1 (LP: #1708499)
+ - ALSA: usb-audio: Add sample rate quirk for Plantronics C310/C520-M
+
+ * Plantronics Blackwire C520-M - Cannot get freq at ep 0x1, 0x81
+ (LP: #1709282)
+ - ALSA: usb-audio: Add sample rate quirk for Plantronics C310/C520-M
+
+ * TSC_DEADLINE incorrectly disabled inside virtual guests (LP: #1724912)
+ - x86/apic: Silence "FW_BUG TSC_DEADLINE disabled due to Errata" on CPUs
+ without the feature
+ - x86/apic: Silence "FW_BUG TSC_DEADLINE disabled due to Errata" on
+ hypervisors
+
+ * x86/apic: Update TSC_DEADLINE quirk with additional SKX stepping
+ (LP: #1724612)
+ - x86/apic: Update TSC_DEADLINE quirk with additional SKX stepping
+
+ * [Artful] Add support for Dell/Wyse 3040 audio codec (LP: #1723916)
+ - SAUCE: ASoC: rt5670: Add support for Wyse 3040
+
+ * [Artful] Some Dell Monitors Doesn't Work Well with Dell/Wyse 3040
+ (LP: #1723915)
+ - SAUCE: drm/i915: Workaround for DP DPMS D3 on Dell monitor
+
+ * [Artful] Support headset mode for DELL WYSE (LP: #1723913)
+ - SAUCE: ALSA: hda/realtek - Add support headset mode for DELL WYSE
+
+ * Touchpad and TrackPoint Dose Not Work on Lenovo X1C6 and X280 (LP: #1723986)
+ - SAUCE: Input: synaptics-rmi4 - RMI4 can also use SMBUS version 3
+ - SAUCE: Input: synaptics - Lenovo X1 Carbon 5 should use SMBUS/RMI
+ - SAUCE: Input: synaptics - add Intertouch support on X1 Carbon 6th and X280
+
+ * Artful update to v4.13.8 stable release (LP: #1724669)
+ - USB: dummy-hcd: Fix deadlock caused by disconnect detection
+ - MIPS: math-emu: Remove pr_err() calls from fpu_emu()
+ - MIPS: bpf: Fix uninitialised target compiler error
+ - mei: always use domain runtime pm callbacks.
+ - dmaengine: edma: Align the memcpy acnt array size with the transfer
+ - dmaengine: ti-dma-crossbar: Fix possible race condition with dma_inuse
+ - NFS: Fix uninitialized rpc_wait_queue
+ - nfs/filelayout: fix oops when freeing filelayout segment
+ - HID: usbhid: fix out-of-bounds bug
+ - crypto: skcipher - Fix crash on zero-length input
+ - crypto: shash - Fix zero-length shash ahash digest crash
+ - KVM: MMU: always terminate page walks at level 1
+ - KVM: nVMX: fix guest CR4 loading when emulating L2 to L1 exit
+ - usb: renesas_usbhs: Fix DMAC sequence for receiving zero-length packet
+ - pinctrl/amd: Fix build dependency on pinmux code
+ - iommu/amd: Finish TLB flush in amd_iommu_unmap()
+ - device property: Track owner device of device property
+ - Revert "vmalloc: back off when the current task is killed"
+ - fs/mpage.c: fix mpage_writepage() for pages with buffers
+ - ALSA: usb-audio: Kill stray URB at exiting
+ - ALSA: seq: Fix use-after-free at creating a port
+ - ALSA: seq: Fix copy_from_user() call inside lock
+ - ALSA: caiaq: Fix stray URB at probe error path
+ - ALSA: line6: Fix NULL dereference at podhd_disconnect()
+ - ALSA: line6: Fix missing initialization before error path
+ - ALSA: line6: Fix leftover URB at error-path during probe
+ - drm/atomic: Unref duplicated drm_atomic_state in drm_atomic_helper_resume()
+ - drm/i915/edp: Get the Panel Power Off timestamp after panel is off
+ - drm/i915: Read timings from the correct transcoder in intel_crtc_mode_get()
+ - drm/i915/bios: parse DDI ports also for CHV for HDMI DDC pin and DP AUX
+ channel
+ - drm/i915: Use crtc_state_is_legacy_gamma in intel_color_check
+ - usb: gadget: configfs: Fix memory leak of interface directory data
+ - usb: gadget: composite: Fix use-after-free in
+ usb_composite_overwrite_options
+ - PCI: aardvark: Move to struct pci_host_bridge IRQ mapping functions
+ - Revert "PCI: tegra: Do not allocate MSI target memory"
+ - direct-io: Prevent NULL pointer access in submit_page_section
+ - fix unbalanced page refcounting in bio_map_user_iov
+ - more bio_map_user_iov() leak fixes
+ - bio_copy_user_iov(): don't ignore ->iov_offset
+ - perf script: Add missing separator for "-F ip,brstack" (and brstackoff)
+ - genirq/cpuhotplug: Enforce affinity setting on startup of managed irqs
+ - genirq/cpuhotplug: Add sanity check for effective affinity mask
+ - USB: serial: ftdi_sio: add id for Cypress WICED dev board
+ - USB: serial: cp210x: fix partnum regression
+ - USB: serial: cp210x: add support for ELV TFD500
+ - USB: serial: option: add support for TP-Link LTE module
+ - USB: serial: qcserial: add Dell DW5818, DW5819
+ - USB: serial: console: fix use-after-free on disconnect
+ - USB: serial: console: fix use-after-free after failed setup
+ - RAS/CEC: Use the right length for "cec_disable"
+ - x86/microcode: Do the family check first
+ - x86/alternatives: Fix alt_max_short macro to really be a max()
+ - KVM: nVMX: update last_nonleaf_level when initializing nested EPT
+ - Linux 4.13.8
+
+ * Artful update to v4.13.7 stable release (LP: #1724668)
+ - watchdog: Revert "iTCO_wdt: all versions count down twice"
+ - Linux 4.13.7
+
+ * libvirt - vnc port selection regression with newer kernels (LP: #1722702)
+ - net: set tb->fast_sk_family
+ - net: use inet6_rcv_saddr to compare sockets
+ - inet: fix improper empty comparison
+
+ * powerpc/64s: Add workaround for P9 vector CI load issue (LP: #1721070)
+ - powerpc/mce: Move 64-bit machine check code into mce.c
+ - powerpc/64s: Add workaround for P9 vector CI load issue
+
+ * Artful update to v4.13.6 stable release (LP: #1723145)
+ - imx-media-of: avoid uninitialized variable warning
+ - usb: dwc3: ep0: fix DMA starvation by assigning req->trb on ep0
+ - mlxsw: spectrum: Fix EEPROM access in case of SFP/SFP+
+ - net: bonding: Fix transmit load balancing in balance-alb mode if specified
+ by sysfs
+ - openvswitch: Fix an error handling path in 'ovs_nla_init_match_and_action()'
+ - mlxsw: spectrum: Prevent mirred-related crash on removal
+ - net: bonding: fix tlb_dynamic_lb default value
+ - net_sched: gen_estimator: fix scaling error in bytes/packets samples
+ - net: sched: fix use-after-free in tcf_action_destroy and tcf_del_walker
+ - sctp: potential read out of bounds in sctp_ulpevent_type_enabled()
+ - tcp: update skb->skb_mstamp more carefully
+ - bpf/verifier: reject BPF_ALU64|BPF_END
+ - tcp: fix data delivery rate
+ - udpv6: Fix the checksum computation when HW checksum does not apply
+ - ip6_gre: skb_push ipv6hdr before packing the header in ip6gre_header
+ - net: phy: Fix mask value write on gmii2rgmii converter speed register
+ - ip6_tunnel: do not allow loading ip6_tunnel if ipv6 is disabled in cmdline
+ - net/sched: cls_matchall: fix crash when used with classful qdisc
+ - 8139too: revisit napi_complete_done() usage
+ - bpf: do not disable/enable BH in bpf_map_free_id()
+ - tcp: fastopen: fix on syn-data transmit failure
+ - net: emac: Fix napi poll list corruption
+ - net: ipv6: fix regression of no RTM_DELADDR sent after DAD failure
+ - packet: hold bind lock when rebinding to fanout hook
+ - bpf: one perf event close won't free bpf program attached by another perf
+ event
+ - net: change skb->mac_header when Generic XDP calls adjust_head
+ - isdn/i4l: fetch the ppp_write buffer in one shot
+ - net_sched: always reset qdisc backlog in qdisc_reset()
+ - net: stmmac: Cocci spatch "of_table"
+ - net: qcom/emac: specify the correct size when mapping a DMA buffer
+ - vti: fix use after free in vti_tunnel_xmit/vti6_tnl_xmit
+ - l2tp: fix race condition in l2tp_tunnel_delete
+ - tun: bail out from tun_get_user() if the skb is empty
+ - net: dsa: mv88e6xxx: Allow dsa and cpu ports in multiple vlans
+ - net: dsa: Fix network device registration order
+ - packet: in packet_do_bind, test fanout with bind_lock held
+ - packet: only test po->has_vnet_hdr once in packet_snd
+ - net: dsa: mv88e6xxx: lock mutex when freeing IRQs
+ - net: Set sk_prot_creator when cloning sockets to the right proto
+ - net/mlx5e: IPoIB, Fix access to invalid memory address
+ - netlink: do not proceed if dump's start() errs
+ - ip6_gre: ip6gre_tap device should keep dst
+ - ip6_tunnel: update mtu properly for ARPHRD_ETHER tunnel device in tx path
+ - IPv4: early demux can return an error code
+ - tipc: use only positive error codes in messages
+ - l2tp: fix l2tp_eth module loading
+ - socket, bpf: fix possible use after free
+ - net: rtnetlink: fix info leak in RTM_GETSTATS call
+ - bpf: fix bpf_tail_call() x64 JIT
+ - usb: gadget: core: fix ->udc_set_speed() logic
+ - USB: gadgetfs: Fix crash caused by inadequate synchronization
+ - USB: gadgetfs: fix copy_to_user while holding spinlock
+ - usb: gadget: udc: atmel: set vbus irqflags explicitly
+ - usb: gadget: udc: renesas_usb3: fix for no-data control transfer
+ - usb: gadget: udc: renesas_usb3: fix Pn_RAMMAP.Pn_MPKT value
+ - usb: gadget: udc: renesas_usb3: Fix return value of usb3_write_pipe()
+ - usb-storage: unusual_devs entry to fix write-access regression for Seagate
+ external drives
+ - usb-storage: fix bogus hardware error messages for ATA pass-thru devices
+ - usb: renesas_usbhs: fix the BCLR setting condition for non-DCP pipe
+ - usb: renesas_usbhs: fix usbhsf_fifo_clear() for RX direction
+ - ALSA: usb-audio: Check out-of-bounds access by corrupted buffer descriptor
+ - usb: pci-quirks.c: Corrected timeout values used in handshake
+ - USB: cdc-wdm: ignore -EPIPE from GetEncapsulatedResponse
+ - USB: dummy-hcd: fix connection failures (wrong speed)
+ - USB: dummy-hcd: fix infinite-loop resubmission bug
+ - USB: dummy-hcd: Fix erroneous synchronization change
+ - USB: devio: Prevent integer overflow in proc_do_submiturb()
+ - USB: devio: Don't corrupt user memory
+ - USB: g_mass_storage: Fix deadlock when driver is unbound
+ - USB: uas: fix bug in handling of alternate settings
+ - USB: core: harden cdc_parse_cdc_header
+ - usb: Increase quirk delay for USB devices
+ - USB: fix out-of-bounds in usb_set_configuration
+ - usb: xhci: Free the right ring in xhci_add_endpoint()
+ - xhci: fix finding correct bus_state structure for USB 3.1 hosts
+ - xhci: fix wrong endpoint ESIT value shown in tracing
+ - usb: host: xhci-plat: allow sysdev to inherit from ACPI
+ - xhci: Fix sleeping with spin_lock_irq() held in ASmedia 1042A workaround
+ - Revert "xhci: Limit USB2 port wake support for AMD Promontory hosts"
+ - iio: adc: twl4030: Fix an error handling path in 'twl4030_madc_probe()'
+ - iio: adc: twl4030: Disable the vusb3v1 rugulator in the error handling path
+ of 'twl4030_madc_probe()'
+ - iio: ad_sigma_delta: Implement a dedicated reset function
+ - staging: iio: ad7192: Fix - use the dedicated reset function avoiding dma
+ from stack.
+ - iio: core: Return error for failed read_reg
+ - IIO: BME280: Updates to Humidity readings need ctrl_reg write!
+ - iio: trigger: stm32-timer: preset shouldn't be buffered
+ - iio: trigger: stm32-timer: fix a corner case to write preset
+ - iio: ad7793: Fix the serial interface reset
+ - iio: adc: stm32: fix bad error check on max_channels
+ - iio: adc: mcp320x: Fix readout of negative voltages
+ - iio: adc: mcp320x: Fix oops on module unload
+ - uwb: properly check kthread_run return value
+ - uwb: ensure that endpoint is interrupt
+ - staging: vchiq_2835_arm: Fix NULL ptr dereference in free_pagelist
+ - ksm: fix unlocked iteration over vmas in cmp_and_merge_page()
+ - mm, hugetlb, soft_offline: save compound page order before page migration
+ - mm, oom_reaper: skip mm structs with mmu notifiers
+ - mm: fix RODATA_TEST failure "rodata_test: test data was not read only"
+ - mm: avoid marking swap cached page as lazyfree
+ - mm: fix data corruption caused by lazyfree page
+ - userfaultfd: non-cooperative: fix fork use after free
+ - lib/ratelimit.c: use deferred printk() version
+ - lsm: fix smack_inode_removexattr and xattr_getsecurity memleak
+ - ALSA: compress: Remove unused variable
+ - Revert "ALSA: echoaudio: purge contradictions between dimension matrix
+ members and total number of members"
+ - ALSA: usx2y: Suppress kernel warning at page allocation failures
+ - powerpc/powernv: Increase memory block size to 1GB on radix
+ - powerpc: Fix action argument for cpufeatures-based TLB flush
+ - powerpc/64s: Use emergency stack for kernel TM Bad Thing program checks
+ - powerpc/tm: Fix illegal TM state in signal handler
+ - percpu: make this_cpu_generic_read() atomic w.r.t. interrupts
+ - intel_th: pci: Add Lewisburg PCH support
+ - driver core: platform: Don't read past the end of "driver_override" buffer
+ - cgroup: Reinit cgroup_taskset structure before cgroup_migrate_execute()
+ returns
+ - Drivers: hv: fcopy: restore correct transfer length
+ - vmbus: don't acquire the mutex in vmbus_hvsock_device_unregister()
+ - stm class: Fix a use-after-free
+ - auxdisplay: charlcd: properly restore atomic counter on error path
+ - ftrace: Fix kmemleak in unregister_ftrace_graph
+ - ovl: fix error value printed in ovl_lookup_index()
+ - ovl: fix dput() of ERR_PTR in ovl_cleanup_index()
+ - ovl: fix dentry leak in ovl_indexdir_cleanup()
+ - ovl: fix missing unlock_rename() in ovl_do_copy_up()
+ - ovl: fix regression caused by exclusive upper/work dir protection
+ - arm64: dt marvell: Fix AP806 system controller size
+ - arm64: Ensure the instruction emulation is ready for userspace
+ - HID: rmi: Make sure the HID device is opened on resume
+ - HID: i2c-hid: allocate hid buffers for real worst case
+ - HID: wacom: leds: Don't try to control the EKR's read-only LEDs
+ - HID: wacom: Properly report negative values from Intuos Pro 2 Bluetooth
+ - HID: wacom: Correct coordinate system of touchring and pen twist
+ - HID: wacom: generic: Send MSC_SERIAL and ABS_MISC when leaving prox
+ - HID: wacom: generic: Clear ABS_MISC when tool leaves proximity
+ - HID: wacom: Always increment hdev refcount within wacom_get_hdev_data
+ - HID: wacom: bits shifted too much for 9th and 10th buttons
+ - btrfs: avoid overflow when sector_t is 32 bit
+ - Btrfs: fix overlap of fs_info::flags values
+ - rocker: fix rocker_tlv_put_* functions for KASAN
+ - netlink: fix nla_put_{u8,u16,u32} for KASAN
+ - dm crypt: reject sector_size feature if device length is not aligned to it
+ - dm ioctl: fix alignment of event number in the device list
+ - dm crypt: fix memory leak in crypt_ctr_cipher_old()
+ - KVM: PPC: Book3S: Fix server always zero from kvmppc_xive_get_xive()
+ - kvm/x86: Avoid async PF preempting the kernel incorrectly
+ - iwlwifi: mvm: use IWL_HCMD_NOCOPY for MCAST_FILTER_CMD
+ - scsi: sd: Implement blacklist option for WRITE SAME w/ UNMAP
+ - scsi: sd: Do not override max_sectors_kb sysfs setting
+ - brcmfmac: add length check in brcmf_cfg80211_escan_handler()
+ - brcmfmac: setup passive scan if requested by user-space
+ - drm/i915: always update ELD connector type after get modes
+ - drm/i915/bios: ignore HDMI on port A
+ - bsg-lib: fix use-after-free under memory-pressure
+ - nvme-pci: Use PCI bus address for data/queues in CMB
+ - mmc: core: add driver strength selection when selecting hs400es
+ - nl80211: Define policy for packet pattern attributes
+ - clk: samsung: exynos4: Enable VPLL and EPLL clocks for suspend/resume cycle
+ - udp: perform source validation for mcast early demux
+ - udp: fix bcast packet reception
+ - base: arch_topology: fix section mismatch build warnings
+ - Linux 4.13.6
+
+ * Artful update to v4.13.5 stable release (LP: #1721777)
+ - cifs: check rsp for NULL before dereferencing in SMB2_open
+ - cifs: release cifs root_cred after exit_cifs
+ - cifs: release auth_key.response for reconnect.
+ - nvme-pci: fix host memory buffer allocation fallback
+ - nvme-pci: use appropriate initial chunk size for HMB allocation
+ - nvme-pci: propagate (some) errors from host memory buffer setup
+ - dax: remove the pmem_dax_ops->flush abstraction
+ - dm integrity: do not check integrity for failed read operations
+ - mmc: block: Fix incorrectly initialized requests
+ - fs/proc: Report eip/esp in /prod/PID/stat for coredumping
+ - scsi: scsi_transport_fc: fix NULL pointer dereference in fc_bsg_job_timeout
+ - SMB3: Add support for multidialect negotiate (SMB2.1 and later)
+ - mac80211: fix VLAN handling with TXQs
+ - mac80211_hwsim: Use proper TX power
+ - mac80211: flush hw_roc_start work before cancelling the ROC
+ - mac80211: fix deadlock in driver-managed RX BA session start
+ - genirq: Make sparse_irq_lock protect what it should protect
+ - genirq/msi: Fix populating multiple interrupts
+ - genirq: Fix cpumask check in __irq_startup_managed()
+ - KVM: PPC: Book3S HV: Hold kvm->lock around call to kvmppc_update_lpcr
+ - KVM: PPC: Book3S HV: Fix bug causing host SLB to be restored incorrectly
+ - KVM: PPC: Book3S HV: Don't access XIVE PIPR register using byte accesses
+ - tracing: Fix trace_pipe behavior for instance traces
+ - tracing: Erase irqsoff trace with empty write
+ - tracing: Remove RCU work arounds from stack tracer
+ - md/raid5: fix a race condition in stripe batch
+ - md/raid5: preserve STRIPE_ON_UNPLUG_LIST in break_stripe_batch_list
+ - scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't parse
+ nlmsg properly
+ - scsi: aacraid: Fix 2T+ drives on SmartIOC-2000
+ - scsi: aacraid: Add a small delay after IOP reset
+ - drm/exynos: Fix locking in the suspend/resume paths
+ - drm/i915/gvt: Fix incorrect PCI BARs reporting
+ - Revert "drm/i915/bxt: Disable device ready before shutdown command"
+ - drm/amdgpu: revert tile table update for oland
+ - drm/radeon: disable hard reset in hibernate for APUs
+ - crypto: drbg - fix freeing of resources
+ - crypto: talitos - Don't provide setkey for non hmac hashing algs.
+ - crypto: talitos - fix sha224
+ - crypto: talitos - fix hashing
+ - security/keys: properly zero out sensitive key material in big_key
+ - security/keys: rewrite all of big_key crypto
+ - KEYS: fix writing past end of user-supplied buffer in keyring_read()
+ - KEYS: prevent creating a different user's keyrings
+ - KEYS: prevent KEYCTL_READ on negative key
+ - libnvdimm, namespace: fix btt claim class crash
+ - powerpc/eeh: Create PHB PEs after EEH is initialized
+ - powerpc/pseries: Fix parent_dn reference leak in add_dt_node()
+ - powerpc/tm: Flush TM only if CPU has TM feature
+ - MIPS: Fix perf event init
+ - s390/perf: fix bug when creating per-thread event
+ - s390/mm: make pmdp_invalidate() do invalidation only
+ - s390/mm: fix write access check in gup_huge_pmd()
+ - PM: core: Fix device_pm_check_callbacks()
+ - Revert "IB/ipoib: Update broadcast object if PKey value was changed in index
+ 0"
+ - Fix SMB3.1.1 guest authentication to Samba
+ - SMB3: Fix endian warning
+ - SMB3: Warn user if trying to sign connection that authenticated as guest
+ - SMB: Validate negotiate (to protect against downgrade) even if signing off
+ - SMB3: handle new statx fields
+ - SMB3: Don't ignore O_SYNC/O_DSYNC and O_DIRECT flags
+ - vfs: Return -ENXIO for negative SEEK_HOLE / SEEK_DATA offsets
+ - libceph: don't allow bidirectional swap of pg-upmap-items
+ - nl80211: check for the required netlink attributes presence
+ - brd: fix overflow in __brd_direct_access
+ - gfs2: Fix debugfs glocks dump
+ - bsg-lib: don't free job in bsg_prepare_job
+ - iw_cxgb4: drop listen destroy replies if no ep found
+ - iw_cxgb4: remove the stid on listen create failure
+ - iw_cxgb4: put ep reference in pass_accept_req()
+ - rcu: Allow for page faults in NMI handlers
+ - mmc: sdhci-pci: Fix voltage switch for some Intel host controllers
+ - extable: Consolidate *kernel_text_address() functions
+ - extable: Enable RCU if it is not watching in kernel_text_address()
+ - seccomp: fix the usage of get/put_seccomp_filter() in seccomp_get_filter()
+ - arm64: Make sure SPsel is always set
+ - arm64: fault: Route pte translation faults via do_translation_fault
+ - KVM: VMX: extract __pi_post_block
+ - KVM: VMX: avoid double list add with VT-d posted interrupts
+ - KVM: VMX: simplify and fix vmx_vcpu_pi_load
+ - KVM: nVMX: fix HOST_CR3/HOST_CR4 cache
+ - kvm/x86: Handle async PF in RCU read-side critical sections
+ - kvm: nVMX: Don't allow L2 to access the hardware CR8
+ - xfs: validate bdev support for DAX inode flag
+ - fix infoleak in waitid(2)
+ - sched/sysctl: Check user input value of sysctl_sched_time_avg
+ - irq/generic-chip: Don't replace domain's name
+ - mtd: Fix partition alignment check on multi-erasesize devices
+ - mtd: nand: atmel: fix buffer overflow in atmel_pmecc_user
+ - etnaviv: fix submit error path
+ - etnaviv: fix gem object list corruption
+ - futex: Fix pi_state->owner serialization
+ - md: fix a race condition for flush request handling
+ - md: separate request handling
+ - PCI: Fix race condition with driver_override
+ - btrfs: fix NULL pointer dereference from free_reloc_roots()
+ - btrfs: clear ordered flag on cleaning up ordered extents
+ - btrfs: finish ordered extent cleaning if no progress is found
+ - btrfs: propagate error to btrfs_cmp_data_prepare caller
+ - btrfs: prevent to set invalid default subvolid
+ - platform/x86: fujitsu-laptop: Don't oops when FUJ02E3 is not presnt
+ - PM / OPP: Call notifier without holding opp_table->lock
+ - x86/mm: Fix fault error path using unsafe vma pointer
+ - x86/fpu: Don't let userspace set bogus xcomp_bv
+ - KVM: VMX: do not change SN bit in vmx_update_pi_irte()
+ - KVM: VMX: remove WARN_ON_ONCE in kvm_vcpu_trigger_posted_interrupt
+ - KVM: VMX: use cmpxchg64
+ - video: fbdev: aty: do not leak uninitialized padding in clk to userspace
+ - Linux 4.13.5
+ - [Config] Update configs for v4.13.5
+
+ -- Khalid Elmously <khalid.elmously@canonical.com> Wed, 01 Nov 2017 11:17:43 -0400
+
+linux (4.13.0-16.19) artful; urgency=low
+
+ * 20170817 - ISO hangs on boot on qemu with splash screen enabled and qxl
+ graphics driver (LP: #1711358)
+ - qxl: fix framebuffer unpinning
+
+ * [Bug] USB controller failed to respond on Denverton after loading
+ intel_th_pci module (LP: #1715833)
+ - SAUCE: PCI: Disable broken RTIT_BAR of Intel TH
+
+ * CVE-2017-5123
+ - waitid(): Add missing access_ok() checks
+
+ -- Seth Forshee <seth.forshee@canonical.com> Wed, 11 Oct 2017 12:33:10 -0500
+
+linux (4.13.0-15.16) artful; urgency=low
+
+ * linux: 4.13.0-15.16 -proposed tracker (LP: #1721373)
+
+ * Boot regression on POWER9 (LP: #1721391)
+ - Revert "crypto/nx: Add P9 NX support for 842 compression engine"
+ - Revert "crypto/nx: Add P9 NX specific error codes for 842 engine"
+ - Revert "crypto/nx: Use kzalloc for workmem allocation"
+ - Revert "crypto/nx: Add nx842_add_coprocs_list function"
+ - Revert "crypto/nx: Create nx842_delete_coprocs function"
+ - Revert "crypto/nx: Create nx842_configure_crb function"
+ - Revert "crypto/nx: Rename nx842_powernv_function as icswx function"
+ - Revert "UBUNTU: [Config] CONFIG_PPC_VAS=y"
+ - Revert "powerpc/powernv/vas: Define copy/paste interfaces"
+ - Revert "powerpc/powernv/vas: Define vas_tx_win_open()"
+ - Revert "powerpc/powernv/vas: Define vas_win_close() interface"
+ - Revert "powerpc/powernv/vas: Define vas_rx_win_open() interface"
+ - Revert "powerpc/powernv/vas: Define helpers to alloc/free windows"
+ - Revert "powerpc/powernv/vas: Define helpers to init window context"
+ - Revert "powerpc/powernv/vas: Define helpers to access MMIO regions"
+ - Revert "powerpc/powernv/vas: Define vas_init() and vas_exit()"
+ - Revert "powerpc/powernv: Move GET_FIELD/SET_FIELD to vas.h"
+ - Revert "powerpc/powernv/vas: Define macros, register fields and structures"
+ - Revert "powerpc/powernv: Enable PCI peer-to-peer"
+ - Revert "powerpc/powernv: Add support to set power-shifting-ratio"
+ - Revert "powerpc/powernv: Add support for powercap framework"
+ - Revert "powerpc/perf: Add nest IMC PMU support"
+ - Revert "powerpc/powernv: Detect and create IMC device"
+ - Revert "powerpc/powernv: Add IMC OPAL APIs"
+
+ * smartpqi patches for Artful (LP: #1721381)
+ - scsi: smartpqi: add pqi reset quiesce support
+ - scsi: smartpqi: enhance BMIC cache flush
+ - scsi: smartpqi: update pqi passthru ioctl
+ - scsi: smartpqi: cleanup doorbell register usage.
+ - scsi: smartpqi: update kexec and power down support
+ - scsi: smartpqi: add in new controller ids
+ - scsi: smartpqi: change driver version to 1.1.2-125
+
+ * CONFIG_DEBUG_FS is not enabled by "make zfcpdump_defconfig" with Ubuntu
+ 17.10 (kernel 4.13) (LP: #1719290)
+ - SAUCE: s390: update zfcpdump_defconfig
+
+ * [Feature] PXE boot with Intel Omni-Path (LP: #1712031)
+ - d-i: Add hfi1 to nic-modules
+
+ * [Feature]CNL:New device IDs for CNL (LP: #1685729)
+ - pinctrl: intel: Add Intel Cannon Lake PCH-H pin controller support
+
+ -- Seth Forshee <seth.forshee@canonical.com> Wed, 04 Oct 2017 16:21:48 -0500
+
+linux (4.13.0-14.15) artful; urgency=low
+
+ * linux: 4.13.0-14.15 -proposed tracker (LP: #1721122)
+
+ * [Artful] ltp rwtest - Unable to handle kernel paging request at virtual
+ address (LP: #1721067)
+ - arm64: mm: Use READ_ONCE when dereferencing pointer to pte table
+
+ * linux 4.13.0-13.14 ADT test failure with linux 4.13.0-13.14 (LP: #1720779)
+ - SAUCE: LSM stacking: check for invalid zero sized writes
+
+ * Add installer support for Broadcom BCM573xx network drivers. (LP: #1720466)
+ - d-i: Add bnxt_en to nic-modules.
+
+ * Miscellaneous Ubuntu changes
+ - [Packaging] Include arch/arm64/kernel/ftrace-mod.o in headers package
+
+ -- Seth Forshee <seth.forshee@canonical.com> Tue, 03 Oct 2017 14:51:52 -0500
+
+linux (4.13.0-13.14) artful; urgency=low
+
+ * linux: 4.13.0-13.14 -proposed tracker (LP: #1720239)
+
+ * [Bug] USB 3.1 Gen2 works as 5Gbps (LP: #1720045)
+ - xhci: set missing SuperSpeedPlus Link Protocol bit in roothub descriptor
+
+ * [Feature]Memory Bandwidth Monitoring(MBM) port to new Cache Quality
+ Monitoring (CQM) (LP: #1591609)
+ - x86/perf/cqm: Wipe out perf based cqm
+ - x86/intel_rdt/cqm: Documentation for resctrl based RDT Monitoring
+ - x86/intel_rdt: Introduce a common compile option for RDT
+ - x86/intel_rdt: Change file names to accommodate RDT monitor code
+ - x86/intel_rdt: Mark rdt_root and closid_alloc as static
+ - x86/intel_rdt: Cleanup namespace to support RDT monitoring
+ - x86/intel_rdt: Make rdt_resources_all more readable
+ - x86/intel_rdt/cqm: Add RDT monitoring initialization
+ - x86/intel_rdt/cqm: Add RMID (Resource monitoring ID) management
+ - x86/intel_rdt: Simplify info and base file lists
+ - x86/intel_rdt/cqm: Add info files for RDT monitoring
+ - x86/intel_rdt: Prepare for RDT monitoring mkdir support
+ - x86/intel_rdt/cqm: Add mkdir support for RDT monitoring
+ - x86/intel_rdt: Change closid type from int to u32
+ - x86/intel_rdt/cqm: Add tasks file support
+ - x86/intel_rdt: Prepare to add RDT monitor cpus file support
+ - x86/intel_rdt/cqm: Add cpus file support
+ - x86/intel_rdt: Prepare for RDT monitor data support
+ - x86/intel_rdt/cqm: Add mon_data
+ - x86/intel_rdt: Separate the ctrl bits from rmdir
+ - x86/intel_rdt/cqm: Add rmdir support
+ - x86/intel_rdt/cqm: Add mount,umount support
+ - x86/intel_rdt: Introduce rdt_enable_key for scheduling
+ - x86/intel_rdt/cqm: Add sched_in support
+ - x86/intel_rdt/cqm: Add CPU hotplug support
+ - x86/intel_rdt/mbm: Basic counting of MBM events (total and local)
+ - x86/intel_rdt/mbm: Add mbm counter initialization
+ - x86/intel_rdt/mbm: Handle counter overflow
+ - x86/intel_rdt: Show bitmask of shareable resource with other executing units
+ - x86/intel_rdt/cqm: Clear the default RMID during hotcpu
+ - x86/intel_rdt: Modify the intel_pqr_state for better performance
+ - x86/intel_rdt/mbm: Fix MBM overflow handler during CPU hotplug
+ - x86/intel_rdt/cqm: Improve limbo list processing
+ - x86/intel_rdt: Remove redundant ternary operator on return
+ - [Config] CONFIG_INTEL_RDT=y
+
+ * [Feature] RDT: Disable most RDT features on Skylake server (LP: #1713619)
+ - x86/intel_rdt: Move special case code for Haswell to a quirk function
+ - x86/intel_rdt: Add command line options for resource director technology
+ - x86/intel_rdt: Turn off most RDT features on Skylake
+
+ * CVE-2017-1000252
+ - KVM: VMX: Do not BUG() on out-of-bounds guest IRQ
+
+ * POWER9: NX842 module changes (LP: #1718292)
+ - crypto/nx: Rename nx842_powernv_function as icswx function
+ - crypto/nx: Create nx842_configure_crb function
+ - crypto/nx: Create nx842_delete_coprocs function
+ - crypto/nx: Add nx842_add_coprocs_list function
+ - crypto/nx: Use kzalloc for workmem allocation
+ - crypto/nx: Add P9 NX specific error codes for 842 engine
+ - crypto/nx: Add P9 NX support for 842 compression engine
+
+ * [Ubuntu 17.10] POWER9 - Base - Integrate P9 VAS (Virtual Accelerator
+ Switchboard) support in kernel (LP: #1718293)
+ - powerpc/powernv: Add IMC OPAL APIs
+ - powerpc/powernv: Detect and create IMC device
+ - powerpc/perf: Add nest IMC PMU support
+ - powerpc/powernv: Add support for powercap framework
+ - powerpc/powernv: Add support to set power-shifting-ratio
+ - powerpc/powernv: Enable PCI peer-to-peer
+ - powerpc/powernv/vas: Define macros, register fields and structures
+ - powerpc/powernv: Move GET_FIELD/SET_FIELD to vas.h
+ - powerpc/powernv/vas: Define vas_init() and vas_exit()
+ - powerpc/powernv/vas: Define helpers to access MMIO regions
+ - powerpc/powernv/vas: Define helpers to init window context
+ - powerpc/powernv/vas: Define helpers to alloc/free windows
+ - powerpc/powernv/vas: Define vas_rx_win_open() interface
+ - powerpc/powernv/vas: Define vas_win_close() interface
+ - powerpc/powernv/vas: Define vas_tx_win_open()
+ - powerpc/powernv/vas: Define copy/paste interfaces
+ - [Config] CONFIG_PPC_VAS=y
+
+ * Artful update to v4.13.4 stable release (LP: #1720154)
+ - orangefs: Don't clear SGID when inheriting ACLs
+ - <linux/uaccess.h>: Fix copy_in_user() declaration
+ - IB/hfi1: Revert egress pkey check enforcement
+ - IB/{qib, hfi1}: Avoid flow control testing for RDMA write operation
+ - IB/mlx5: Fix cached MR allocation flow
+ - srcu: Provide ordering for CPU not involved in grace period
+ - smp/hotplug: Handle removal correctly in cpuhp_store_callbacks()
+ - Input: xpad - validate USB endpoint type during probe
+ - drm/amdgpu: read reg in each iterator of psp_wait_for loop
+ - tty: improve tty_insert_flip_char() fast path
+ - tty: improve tty_insert_flip_char() slow path
+ - tty: fix __tty_insert_flip_char regression
+ - pinctrl: samsung: Fix invalid register offset used for Exynos5433 external
+ interrupts
+ - pinctrl: samsung: Fix NULL pointer exception on external interrupts on
+ S3C24xx
+ - pinctrl/amd: save pin registers over suspend/resume
+ - MIPS: math-emu: <MAX|MAXA|MIN|MINA>.<D|S>: Fix quiet NaN propagation
+ - MIPS: math-emu: <MAX|MAXA|MIN|MINA>.<D|S>: Fix cases of both inputs zero
+ - MIPS: math-emu: <MAX|MIN>.<D|S>: Fix cases of both inputs negative
+ - MIPS: math-emu: <MAXA|MINA>.<D|S>: Fix cases of input values with opposite
+ signs
+ - MIPS: math-emu: <MAXA|MINA>.<D|S>: Fix cases of both infinite inputs
+ - MIPS: math-emu: MINA.<D|S>: Fix some cases of infinity and zero inputs
+ - MIPS: math-emu: <MADDF|MSUBF>.<D|S>: Fix NaN propagation
+ - MIPS: math-emu: <MADDF|MSUBF>.<D|S>: Fix some cases of infinite inputs
+ - MIPS: math-emu: <MADDF|MSUBF>.<D|S>: Fix some cases of zero inputs
+ - MIPS: math-emu: <MADDF|MSUBF>.<D|S>: Clean up "maddf_flags" enumeration
+ - MIPS: math-emu: <MADDF|MSUBF>.S: Fix accuracy (32-bit case)
+ - MIPS: math-emu: <MADDF|MSUBF>.D: Fix accuracy (64-bit case)
+ - docs: disable KASLR when debugging kernel
+ - crypto: ccp - Fix XTS-AES-128 support on v5 CCPs
+ - crypto: scompress - don't sleep with preemption disabled
+ - crypto: caam/qi - fix typo in authenc alg driver name
+ - crypto: caam/qi - properly set IV after {en,de}crypt
+ - crypto: AF_ALG - remove SGL terminator indicator when chaining
+ - regulator: cpcap: Fix standby mode
+ - wcn36xx: Introduce mutual exclusion of fw configuration
+ - ext4: in ext4_seek_{hole,data}, return -ENXIO for negative offsets
+ - ext4: fix incorrect quotaoff if the quota feature is enabled
+ - ext4: fix quota inconsistency during orphan cleanup for read-only mounts
+ - cxl: Fix driver use count
+ - powerpc/powernv/npu: Move tlb flush before launching ATSD
+ - powerpc/pseries: Don't attempt to acquire drc during memory hot add for
+ assigned lmbs
+ - powerpc: Fix DAR reporting when alignment handler faults
+ - block: Relax a check in blk_start_queue()
+ - block: directly insert blk-mq request from blk_insert_cloned_request()
+ - md/bitmap: copy correct data for bitmap super
+ - md/bitmap: disable bitmap_resize for file-backed bitmaps.
+ - skd: Avoid that module unloading triggers a use-after-free
+ - skd: Submit requests to firmware before triggering the doorbell
+ - scsi: zfcp: fix queuecommand for scsi_eh commands when DIX enabled
+ - scsi: zfcp: add handling for FCP_RESID_OVER to the fcp ingress path
+ - scsi: zfcp: fix capping of unsuccessful GPN_FT SAN response trace records
+ - scsi: zfcp: fix passing fsf_req to SCSI trace on TMF to correlate with HBA
+ - scsi: zfcp: fix missing trace records for early returns in TMF eh handlers
+ - scsi: zfcp: fix payload with full FCP_RSP IU in SCSI trace records
+ - scsi: zfcp: trace HBA FSF response by default on dismiss or timedout late
+ response
+ - scsi: zfcp: trace high part of "new" 64 bit SCSI LUN
+ - scsi: qedi: off by one in qedi_get_cmd_from_tid()
+ - scsi: aacraid: Fix command send race condition
+ - scsi: megaraid_sas: mismatch of allocated MFI frame size and length exposed
+ in MFI MPT pass through command
+ - scsi: megaraid_sas: set minimum value of resetwaittime to be 1 secs
+ - scsi: megaraid_sas: Check valid aen class range to avoid kernel panic
+ - scsi: megaraid_sas: Return pended IOCTLs with cmd_status
+ MFI_STAT_WRONG_STATE in case adapter is dead
+ - scsi: storvsc: fix memory leak on ring buffer busy
+ - scsi: sg: factor out sg_fill_request_table()
+ - scsi: sg: fixup infoleak when using SG_GET_REQUEST_TABLE
+ - scsi: qla2xxx: Update fw_started flags at qpair creation.
+ - scsi: qla2xxx: Correction to vha->vref_count timeout
+ - scsi: qla2xxx: Fix target multiqueue configuration
+ - scsi: qla2xxx: Use BIT_6 to acquire FAWWPN from switch
+ - scsi: qla2xxx: Use fabric name for Get Port Speed command
+ - scsi: qla2xxx: Fix an integer overflow in sysfs code
+ - mailbox: bcm-flexrm-mailbox: Fix mask used in CMPL_START_ADDR_VALUE()
+ - ftrace: Fix debug preempt config name in stack_tracer_{en,dis}able
+ - ftrace: Fix selftest goto location on error
+ - ftrace: Fix memleak when unregistering dynamic ops when tracing disabled
+ - tracing: Add barrier to trace_printk() buffer nesting modification
+ - tracing: Fix clear of RECORDED_TGID flag when disabling trace event
+ - tracing: Apply trace_clock changes to instance max buffer
+ - ARC: Re-enable MMU upon Machine Check exception
+ - PCI: shpchp: Enable bridge bus mastering if MSI is enabled
+ - PCI: pciehp: Report power fault only once until we clear it
+ - net/netfilter/nf_conntrack_core: Fix net_conntrack_lock()
+ - media: v4l2-compat-ioctl32: Fix timespec conversion
+ - media: Revert "[media] lirc_dev: remove superfluous get/put_device() calls"
+ - media: venus: fix copy/paste error in return_buf_error
+ - media: uvcvideo: Prevent heap overflow when accessing mapped controls
+ - media: adv7180: add missing adv7180cp, adv7180st i2c device IDs
+ - PM / devfreq: Fix memory leak when fail to register device
+ - ALSA: seq: Cancel pending autoload work at unbinding device
+ - bcache: initialize dirty stripes in flash_dev_run()
+ - bcache: Fix leak of bdev reference
+ - bcache: do not subtract sectors_to_gc for bypassed IO
+ - bcache: correct cache_dirty_target in __update_writeback_rate()
+ - bcache: Correct return value for sysfs attach errors
+ - bcache: fix sequential large write IO bypass
+ - bcache: fix for gc and write-back race
+ - bcache: fix bch_hprint crash and improve output
+ - sched/cpuset/pm: Fix cpuset vs. suspend-resume bugs
+ - iwlwifi: add workaround to disable wide channels in 5GHz
+ - Linux 4.13.4
+
+ * [17.10 FEAT] KVM: CPU Model z14 (LP: #1719297)
+ - KVM: s390: Support Configuration z/Architecture Mode
+
+ * sata reset hangs w/ early cn99xx silicon (LP: #1719031)
+ - SAUCE: ahci: thunderx2: Fix for errata that affects stop engine
+ - SAUCE: ahci: thunderx2: stop engine fix update
+
+ * PCI quirk required for SATA on early cn99xx silicon (LP: #1718760)
+ - SAUCE: PCI: Vulcan: AHCI PCI bar fix for Broadcom Vulcan early silicon
+
+ * Please make linux-libc-dev Provide: aufs-dev (LP: #1716091)
+ - [Packaging] Add aufs-dev to the Provides: for linux-libc-dev
+
+ * Miscellaneous Ubuntu changes
+ - [Packaging] Use SRCPKGNAME rather than hard-coding the source package name
+ - SAUCE: LSM stacking: procfs: add smack subdir to attrs
+ - SAUCE: LSM stacking: LSM: manage credential security blobs
+ - SAUCE: LSM stacking: LSM: Manage file security blobs
+ - SAUCE: LSM stacking: LSM: manage task security blobs
+ - SAUCE: LSM stacking: LSM: Infrastructure management of the remaining blobs
+ - SAUCE: LSM stacking: LSM: general but not extreme module stacking
+ - SAUCE: LSM stacking: LSM: Complete task_alloc hook
+ - SAUCE: LSM stacking: fixup procsfs: add smack subdir to attrs
+ - SAUCE: LSM stacking: fixup initialize task->security
+ - SAUCE: LSM stacking: fixup: alloc_task_ctx is dead code
+ - SAUCE: LSM stacking: add support for stacking getpeersec_stream
+ - SAUCE: LSM stacking: add stacking support to apparmor network hooks
+ - SAUCE: LSM stacking: fixup apparmor stacking enablement
+ - SAUCE: LSM stacking: fixup stacking kconfig
+ - SAUCE: LSM stacking: allow selecting multiple LSMs using kernel boot params
+ - SAUCE: LSM stacking: provide prctl interface for setting context
+ - SAUCE: LSM stacking: inherit current display LSM
+ - SAUCE: LSM stacking: keep an index for each registered LSM
+ - SAUCE: LSM stacking: verify display LSM
+ - SAUCE: LSM stacking: provide a way to specify the default display lsm
+ - SAUCE: LSM stacking: make sure LSM blob align on 64 bit boundaries
+ - SAUCE: LSM stacking: add /proc/<pid>/attr/display_lsm
+ - SAUCE: LSM stacking: add Kconfig to set default display LSM
+ - SAUCE: LSM stacking: add configs for LSM stacking
+ - [Config] Run updateconfigs after merging LSM stacking
+
+ -- Seth Forshee <seth.forshee@canonical.com> Thu, 28 Sep 2017 17:36:53 -0400
+
+linux (4.13.0-12.13) artful; urgency=low
+
+ * linux: 4.13.0-12.13 -proposed tracker (LP: #1718980)
+
+ * [Feature] SKX: Support crystall ridge / far / near memory indication in PEBS
+ (LP: #1591813)
+ - perf/x86: Move Nehalem PEBS code to flag
+ - perf/x86: Fix data source decoding for Skylake
+
+ * Upgrade to 4.13.0-11.12 in artful amd64 VM breaks display on wayland
+ (LP: #1718679)
+ - [Config] CONFIG_DRM_VBOXVIDEO=n
+
+ * ipmmu-vmsa driver breaks arm64 boots (LP: #1718734)
+ - [Config] Disable CONFIG_IPMMU_VMSA on arm64
+
+ * Vlun resize request could fail with cxlflash driver (LP: #1713575)
+ - scsi: cxlflash: Fix vlun resize failure in the shrink path
+
+ * multipath -ll is not showing the disks which are actually multipath
+ (LP: #1718397)
+ - fs: aio: fix the increment of aio-nr and counting against aio-max-nr
+
+ * [Feature] Crystal Ridge - BTT - Rework error clearing (LP: #1704350)
+ - libnvdimm, btt: fix a missed NVDIMM_IO_ATOMIC case in the write path
+ - libnvdimm, btt: refactor map entry operations with macros
+ - libnvdimm, btt: ensure that flags were also unchanged during a map_read
+ - libnvdimm, btt: cache sector_size in arena_info
+ - libnvdimm: fix potential deadlock while clearing errors
+ - libnvdimm, btt: rework error clearing
+
+ * [Feature] Crystal Ridge - have 4k DAX faults use a common zero page
+ (LP: #1704439)
+ - mm: add vm_insert_mixed_mkwrite()
+ - dax: relocate some dax functions
+ - dax: use common 4k zero page for dax mmap reads
+ - dax: remove DAX code from page_cache_tree_insert()
+ - dax: move all DAX radix tree defs to fs/dax.c
+
+ * [bug] 17.10: CDP test fail on platform of Purley-2S/4S/Neoncity,BDW-
+ de/ep/ex, (LP: #1716843)
+ - SAUCE: (no-up) x86/intel_rdt: Fix cdp info directory files issue
+
+ * [featue] GPIO support for Denverton (LP: #1591829)
+ - pinctrl: intel: Add Intel Denverton pin controller support
+
+ * ETPS/2 Elantech Touchpad inconsistently detected (Gigabyte P57W laptop)
+ (LP: #1594214)
+ - Input: i8042 - add Gigabyte P57 to the keyboard reset table
+
+ * autopkgtest profile fails to build on armhf (LP: #1717920)
+ - [Packaging] autopkgtest -- disable d-i when dropping flavours
+
+ * Artful update to v4.13.3 stable release (LP: #1718412)
+ - Revert "net: use lib/percpu_counter API for fragmentation mem accounting"
+ - Revert "net: fix percpu memory leaks"
+ - gianfar: Fix Tx flow control deactivation
+ - vhost_net: correctly check tx avail during rx busy polling
+ - ip6_gre: update mtu properly in ip6gre_err
+ - udp: drop head states only when all skb references are gone
+ - ipv6: fix memory leak with multiple tables during netns destruction
+ - ipv6: fix typo in fib6_net_exit()
+ - sctp: fix missing wake ups in some situations
+ - tcp: fix a request socket leak
+ - ip_tunnel: fix setting ttl and tos value in collect_md mode
+ - f2fs: let fill_super handle roll-forward errors
+ - f2fs: check hot_data for roll-forward recovery
+ - x86/fsgsbase/64: Fully initialize FS and GS state in start_thread_common
+ - x86/fsgsbase/64: Report FSBASE and GSBASE correctly in core dumps
+ - x86/switch_to/64: Rewrite FS/GS switching yet again to fix AMD CPUs
+ - x86/mm, mm/hwpoison: Clear PRESENT bit for kernel 1:1 mappings of poison
+ pages
+ - ovl: fix false positive ESTALE on lookup
+ - fuse: allow server to run in different pid_ns
+ - idr: remove WARN_ON_ONCE() when trying to replace negative ID
+ - libnvdimm, btt: check memory allocation failure
+ - libnvdimm: fix integer overflow static analysis warning
+ - xfs: write unmount record for ro mounts
+ - xfs: toggle readonly state around xfs_log_mount_finish
+ - xfs: Add infrastructure needed for error propagation during buffer IO
+ failure
+ - xfs: Properly retry failed inode items in case of error during buffer
+ writeback
+ - xfs: fix recovery failure when log record header wraps log end
+ - xfs: always verify the log tail during recovery
+ - xfs: fix log recovery corruption error due to tail overwrite
+ - xfs: handle -EFSCORRUPTED during head/tail verification
+ - xfs: stop searching for free slots in an inode chunk when there are none
+ - xfs: evict all inodes involved with log redo item
+ - xfs: check for race with xfs_reclaim_inode() in xfs_ifree_cluster()
+ - xfs: open-code xfs_buf_item_dirty()
+ - xfs: remove unnecessary dirty bli format check for ordered bufs
+ - xfs: ordered buffer log items are never formatted
+ - xfs: refactor buffer logging into buffer dirtying helper
+ - xfs: don't log dirty ranges for ordered buffers
+ - xfs: skip bmbt block ino validation during owner change
+ - xfs: move bmbt owner change to last step of extent swap
+ - xfs: disallow marking previously dirty buffers as ordered
+ - xfs: relog dirty buffers during swapext bmbt owner change
+ - xfs: disable per-inode DAX flag
+ - xfs: fix incorrect log_flushed on fsync
+ - xfs: don't set v3 xflags for v2 inodes
+ - xfs: open code end_buffer_async_write in xfs_finish_page_writeback
+ - xfs: use kmem_free to free return value of kmem_zalloc
+ - md/raid1/10: reset bio allocated from mempool
+ - md/raid5: release/flush io in raid5_do_work()
+ - xfs: fix compiler warnings
+ - Linux 4.13.3
+
+ * Artful update to v4.13.2 stable release (LP: #1717549)
+ - mtd: nand: make Samsung SLC NAND usable again
+ - mtd: nand: hynix: add support for 20nm NAND chips
+ - mtd: nand: mxc: Fix mxc_v1 ooblayout
+ - mtd: nand: qcom: fix read failure without complete bootchain
+ - mtd: nand: qcom: fix config error for BCH
+ - nvme-fabrics: generate spec-compliant UUID NQNs
+ - btrfs: resume qgroup rescan on rw remount
+ - rtlwifi: btcoexist: Fix breakage of ant_sel for rtl8723be
+ - rtlwifi: btcoexist: Fix antenna selection code
+ - radix-tree: must check __radix_tree_preload() return value
+ - brcmfmac: feature check for multi-scheduled scan fails on bcm4345 devices
+ - kselftests: timers: leap-a-day: Change default arguments to help test runs
+ - selftests: timers: Fix run_destructive_tests target to handle skipped tests
+ - selftests/x86/fsgsbase: Test selectors 1, 2, and 3
+ - mm: kvfree the swap cluster info if the swap file is unsatisfactory
+ - mm/swapfile.c: fix swapon frontswap_map memory leak on error
+ - mm/sparse.c: fix typo in online_mem_sections
+ - mm/memory.c: fix mem_cgroup_oom_disable() call missing
+ - KVM: SVM: Limit PFERR_NESTED_GUEST_PAGE error_code check to L1 guest
+ - Revert "firmware: add sanity check on shutdown/suspend"
+ - rt2800: fix TX_PIN_CFG setting for non MT7620 chips
+ - ARM64: dts: marvell: armada-37xx: Fix GIC maintenance interrupt
+ - ARM: 8692/1: mm: abort uaccess retries upon fatal signal
+ - NFS: Fix 2 use after free issues in the I/O code
+ - NFS: Sync the correct byte range during synchronous writes
+ - NFSv4: Fix up mirror allocation
+ - xfs: XFS_IS_REALTIME_INODE() should be false if no rt device present
+ - Linux 4.13.2
+
+ * [Bug] Thunderbolt-patches: Related to the way the key for secure connection
+ is handled (LP: #1717430)
+ - thunderbolt: Remove superfluous check
+ - thunderbolt: Make key root-only accessible
+ - thunderbolt: Allow clearing the key
+
+ * [Bug] Thunderbolt-patches: Fixes the issue regarding the order of ACPI calls
+ w.r.t. PCI enumeration (LP: #1717431)
+ - ACPICA: Dispatch active GPEs at init time
+ - ACPICA: Make it possible to enable runtime GPEs earlier
+ - ACPI / scan: Enable GPEs before scanning the namespace
+
+ * Miscellaneous Ubuntu changes
+ - ubuntu: vbox -- update to 5.1.28-dfsg-1
+ - [Config] CONFIG_PINCTRL_DENVERTON=m
+ - [Config] CONFIG_I2C_XLP9XX=m
+
+ * Miscellaneous upstream changes
+ - Introduce v3 namespaced file capabilities
+
+ -- Seth Forshee <seth.forshee@canonical.com> Fri, 22 Sep 2017 12:10:03 -0500
+
+linux (4.13.0-11.12) artful; urgency=low
+
+ * linux: 4.13.0-11.12 -proposed tracker (LP: #1716699)
+
+ * kernel panic -not syncing: Fatal exception: panic_on_oops (LP: #1708399)
+ - s390/mm: fix local TLB flushing vs. detach of an mm address space
+ - s390/mm: fix race on mm->context.flush_mm
+
+ * CVE-2017-1000251
+ - Bluetooth: Properly check L2CAP config option output buffer length
+
+ -- Seth Forshee <seth.forshee@canonical.com> Tue, 12 Sep 2017 10:18:38 -0500
+