+linux (4.15.0-54.58) bionic; urgency=medium
+
+ * linux: 4.15.0-54.58 -proposed tracker (LP: #1833987)
+
+ * Remote denial of service (resource exhaustion) caused by TCP SACK scoreboard
+ manipulation (LP: #1831638) // CVE-2019-11478
+ - tcp: refine memory limit test in tcp_fragment()
+
+ * CVE-2019-11479
+ - SAUCE: tcp: add tcp_min_snd_mss sysctl
+ - SAUCE: tcp: enforce tcp_min_snd_mss in tcp_mtu_probing()
+
+ -- Kleber Sacilotto de Souza <kleber.souza@canonical.com> Mon, 24 Jun 2019 11:39:50 +0200
+
+linux (4.15.0-52.56) bionic; urgency=medium
+
+ * Remote denial of service (resource exhaustion) caused by TCP SACK scoreboard
+ manipulation (LP: #1831638)
+ - SAUCE: tcp: tcp_fragment() should apply sane memory limits
+
+ * Remote denial of service (system crash) caused by integer overflow in TCP
+ SACK handling (LP: #1831637)
+ - SAUCE: tcp: limit payload size of sacked skbs
+
+ -- Marcelo Henrique Cerri <marcelo.cerri@canonical.com> Tue, 04 Jun 2019 17:33:24 -0300
+
+linux (4.15.0-51.55) bionic; urgency=medium
+
+ * linux: 4.15.0-51.55 -proposed tracker (LP: #1829219)
+
+ * disable a.out support (LP: #1818552)
+ - [Config] Disable a.out support
+
+ * [UBUNTU] qdio: clear intparm during shutdown (LP: #1828394)
+ - s390/qdio: clear intparm during shutdown
+
+ * ftrace in ubuntu_kernel_selftests hang with Cosmic kernel (LP: #1826385)
+ - kprobes/x86: Fix instruction patching corruption when copying more than one
+ RIP-relative instruction
+
+ * touchpad not working on lenovo yoga 530 (LP: #1787775)
+ - Revert "UBUNTU: SAUCE: i2c:amd Depends on ACPI"
+ - Revert "UBUNTU: SAUCE: i2c:amd move out pointer in union i2c_event_base"
+ - Revert "UBUNTU: SAUCE: i2c:amd I2C Driver based on PCI Interface for
+ upcoming platform"
+ - i2c: add helpers to ease DMA handling
+ - i2c: add a message flag for DMA safe buffers
+ - i2c: add extra check to safe DMA buffer helper
+ - i2c: Add drivers for the AMD PCIe MP2 I2C controller
+ - [Config] Update config for AMD MP2 I2C driver
+ - [Config] Update I2C_AMD_MP2 annotations
+
+ * tm-unavailable in powerpc/tm failed on Bionic Power9 (LP: #1813129)
+ - selftests/powerpc: Check for pthread errors in tm-unavailable
+ - selftests/powerpc: Skip tm-unavailable if TM is not enabled
+
+ * cp_abort in powerpc/context_switch from ubunut_kernel_selftests failed on
+ Bionic P9 (LP: #1813134)
+ - selftests/powerpc: Remove redundant cp_abort test
+
+ * bionic/linux: completely remove snapdragon files from sources (LP: #1827880)
+ - [Packaging] remove snapdragon dead files
+ - [Config] update configs after snapdragon removal
+
+ * The noise keeps occurring when Headset is plugged in on a Dell machine
+ (LP: #1827972)
+ - ALSA: hda/realtek - Fixed Dell AIO speaker noise
+
+ * Geneve tunnels don't work when ipv6 is disabled (LP: #1794232)
+ - geneve: correctly handle ipv6.disable module parameter
+
+ * There are 4 HDMI/Displayport audio output listed in sound setting without
+ attach any HDMI/DP monitor (LP: #1827967)
+ - ALSA: hda/hdmi - Read the pin sense from register when repolling
+ - ALSA: hda/hdmi - Consider eld_valid when reporting jack event
+
+ * Headphone jack switch sense is inverted: plugging in headphones disables
+ headphone output (LP: #1824259)
+ - ASoC: rt5645: Headphone Jack sense inverts on the LattePanda board
+
+ * CTAUTO:DevOps:860.50:devops4fp1:Error occurred during LINUX Dmesg error
+ Checking for all LINUX clients for devops4p10 (LP: #1766201)
+ - SAUCE: integrity: downgrade error to warning
+
+ * Screen freeze after resume from S3 when HDMI monitor plugged on Dell
+ Precision 7740 (LP: #1825958)
+ - PCI: Restore resized BAR state on resume
+
+ * potential memory corruption on arm64 on dev release (LP: #1827437)
+ - driver core: Postpone DMA tear-down until after devres release
+
+ * powerpc/pmu/ebb test in ubuntu_kernel_selftest failed with "error while
+ loading shared libraries" on Bionic/Cosmic PowerPC (LP: #1812805)
+ - selftests/powerpc/pmu: Link ebb tests with -no-pie
+
+ * unnecessary request_queue freeze (LP: #1815733)
+ - block: avoid setting nr_requests to current value
+ - block: avoid setting none scheduler if it's already none
+
+ * Kprobe event string type argument failed in ftrace from
+ ubuntu_kernel_selftests on B/C i386 (LP: #1825780)
+ - selftests/ftrace: Fix kprobe string testcase to not probe notrace function
+
+ * hns: fix socket accounting (LP: #1826911)
+ - net: hns: fix skb->truesize underestimation
+
+ * False positive test result in run_netsocktests from net in
+ ubuntu_kernel_selftest (LP: #1825777)
+ - selftests/net: correct the return value for run_netsocktests
+
+ -- Kleber Sacilotto de Souza <kleber.souza@canonical.com> Wed, 15 May 2019 14:48:35 +0200
+
+linux (4.15.0-50.54) bionic; urgency=medium
+
+ * CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130
+ - Documentation/l1tf: Fix small spelling typo
+ - x86/cpu: Sanitize FAM6_ATOM naming
+ - kvm: x86: Report STIBP on GET_SUPPORTED_CPUID
+ - locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to a
+ new <linux/bits.h> file
+ - tools include: Adopt linux/bits.h
+ - x86/msr-index: Cleanup bit defines
+ - x86/speculation: Consolidate CPU whitelists
+ - x86/speculation/mds: Add basic bug infrastructure for MDS
+ - x86/speculation/mds: Add BUG_MSBDS_ONLY
+ - x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests
+ - x86/speculation/mds: Add mds_clear_cpu_buffers()
+ - x86/speculation/mds: Clear CPU buffers on exit to user
+ - x86/kvm/vmx: Add MDS protection when L1D Flush is not active
+ - x86/speculation/mds: Conditionally clear CPU buffers on idle entry
+ - x86/speculation/mds: Add mitigation control for MDS
+ - x86/speculation/mds: Add sysfs reporting for MDS
+ - x86/speculation/mds: Add mitigation mode VMWERV
+ - Documentation: Move L1TF to separate directory
+ - Documentation: Add MDS vulnerability documentation
+ - x86/speculation/mds: Add mds=full,nosmt cmdline option
+ - x86/speculation: Move arch_smt_update() call to after mitigation decisions
+ - x86/speculation/mds: Add SMT warning message
+ - x86/speculation/mds: Fix comment
+ - x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off
+ - x86/speculation/mds: Add 'mitigations=' support for MDS
+
+ * CVE-2017-5715 // CVE-2017-5753
+ - s390/speculation: Support 'mitigations=' cmdline option
+
+ * CVE-2017-5715 // CVE-2017-5753 // CVE-2017-5754 // CVE-2018-3639
+ - powerpc/speculation: Support 'mitigations=' cmdline option
+
+ * CVE-2017-5715 // CVE-2017-5754 // CVE-2018-3620 // CVE-2018-3639 //
+ CVE-2018-3646
+ - cpu/speculation: Add 'mitigations=' cmdline option
+ - x86/speculation: Support 'mitigations=' cmdline option
+
+ * Packaging resync (LP: #1786013)
+ - [Packaging] resync git-ubuntu-log
+
+ -- Stefan Bader <stefan.bader@canonical.com> Mon, 06 May 2019 18:59:24 +0200
+
+linux (4.15.0-49.53) bionic; urgency=medium
+
+ * linux: 4.15.0-49.53 -proposed tracker (LP: #1826358)
+
+ * Backport support for software count cache flush Spectre v2 mitigation. (CVE)
+ (required for POWER9 DD2.3) (LP: #1822870)
+ - powerpc/64s: Add support for ori barrier_nospec patching
+ - powerpc/64s: Patch barrier_nospec in modules
+ - powerpc/64s: Enable barrier_nospec based on firmware settings
+ - powerpc: Use barrier_nospec in copy_from_user()
+ - powerpc/64: Use barrier_nospec in syscall entry
+ - powerpc/64s: Enhance the information in cpu_show_spectre_v1()
+ - powerpc/64: Disable the speculation barrier from the command line
+ - powerpc/64: Make stf barrier PPC_BOOK3S_64 specific.
+ - powerpc/64: Add CONFIG_PPC_BARRIER_NOSPEC
+ - powerpc/64: Call setup_barrier_nospec() from setup_arch()
+ - powerpc/64: Make meltdown reporting Book3S 64 specific
+ - powerpc/lib/code-patching: refactor patch_instruction()
+ - powerpc/lib/feature-fixups: use raw_patch_instruction()
+ - powerpc/asm: Add a patch_site macro & helpers for patching instructions
+ - powerpc/64s: Add new security feature flags for count cache flush
+ - powerpc/64s: Add support for software count cache flush
+ - powerpc/pseries: Query hypervisor for count cache flush settings
+ - powerpc/powernv: Query firmware for count cache flush settings
+ - powerpc/fsl: Add nospectre_v2 command line argument
+ - KVM: PPC: Book3S: Add count cache flush parameters to kvmppc_get_cpu_char()
+ - [Config] Add CONFIG_PPC_BARRIER_NOSPEC
+
+ * Packaging resync (LP: #1786013)
+ - [Packaging] resync git-ubuntu-log
+
+ * autopkgtests run too often, too much and don't skip enough (LP: #1823056)
+ - [Debian] Set +x on rebuild testcase.
+ - [Debian] Skip rebuild test, for regression-suite deps.
+ - [Debian] Make ubuntu-regression-suite skippable on unbootable kernels.
+ - [Debian] make rebuild use skippable error codes when skipping.
+ - [Debian] Only run regression-suite, if requested to.
+
+ * bionic: fork out linux-snapdragon into its own topic kernel (LP: #1820868)
+ - [Packaging] remove arm64 snapdragon from getabis
+ - [Config] config changes for snapdragon split
+ - packaging: arm64: disable building the snapdragon flavour
+ - [Packaging] arm64: Drop snapdragon from kernel-versions
+
+ * CVE-2017-5753
+ - KVM: arm/arm64: vgic: fix possible spectre-v1 in vgic_get_irq()
+ - media: dvb_ca_en50221: prevent using slot_info for Spectre attacs
+ - sysvipc/sem: mitigate semnum index against spectre v1
+ - libahci: Fix possible Spectre-v1 pmp indexing in ahci_led_store()
+ - s390/keyboard: sanitize array index in do_kdsk_ioctl
+ - arm64: fix possible spectre-v1 write in ptrace_hbp_set_event()
+ - KVM: arm/arm64: vgic: Fix possible spectre-v1 write in vgic_mmio_write_apr()
+ - pktcdvd: Fix possible Spectre-v1 for pkt_devs
+ - net: socket: fix potential spectre v1 gadget in socketcall
+ - net: socket: Fix potential spectre v1 gadget in sock_is_registered
+ - drm/amdgpu/pm: Fix potential Spectre v1
+ - netlink: Fix spectre v1 gadget in netlink_create()
+ - ext4: fix spectre gadget in ext4_mb_regular_allocator()
+ - drm/i915/kvmgt: Fix potential Spectre v1
+ - net: sock_diag: Fix spectre v1 gadget in __sock_diag_cmd()
+ - fs/quota: Fix spectre gadget in do_quotactl
+ - hwmon: (nct6775) Fix potential Spectre v1
+ - mac80211_hwsim: Fix possible Spectre-v1 for hwsim_world_regdom_custom
+ - switchtec: Fix Spectre v1 vulnerability
+ - misc: hmc6352: fix potential Spectre v1
+ - tty: vt_ioctl: fix potential Spectre v1
+ - nl80211: Fix possible Spectre-v1 for NL80211_TXRATE_HT
+ - nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds
+ - IB/ucm: Fix Spectre v1 vulnerability
+ - RDMA/ucma: Fix Spectre v1 vulnerability
+ - drm/bufs: Fix Spectre v1 vulnerability
+ - usb: gadget: storage: Fix Spectre v1 vulnerability
+ - ptp: fix Spectre v1 vulnerability
+ - HID: hiddev: fix potential Spectre v1
+ - vhost: Fix Spectre V1 vulnerability
+ - drivers/misc/sgi-gru: fix Spectre v1 vulnerability
+ - ipv4: Fix potential Spectre v1 vulnerability
+ - aio: fix spectre gadget in lookup_ioctx
+ - ALSA: emux: Fix potential Spectre v1 vulnerabilities
+ - ALSA: pcm: Fix potential Spectre v1 vulnerability
+ - ip6mr: Fix potential Spectre v1 vulnerability
+ - ALSA: rme9652: Fix potential Spectre v1 vulnerability
+ - ALSA: emu10k1: Fix potential Spectre v1 vulnerabilities
+ - KVM: arm/arm64: vgic: Fix off-by-one bug in vgic_get_irq()
+ - drm/ioctl: Fix Spectre v1 vulnerabilities
+ - char/mwave: fix potential Spectre v1 vulnerability
+ - applicom: Fix potential Spectre v1 vulnerabilities
+ - ipmi: msghandler: Fix potential Spectre v1 vulnerabilities
+ - powerpc/ptrace: Mitigate potential Spectre v1
+ - cfg80211: prevent speculation on cfg80211_classify8021d() return
+ - ALSA: rawmidi: Fix potential Spectre v1 vulnerability
+ - ALSA: seq: oss: Fix Spectre v1 vulnerability
+
+ * Bionic: Sync to Xenial (Spectre) (LP: #1822760)
+ - x86/speculation/l1tf: Suggest what to do on systems with too much RAM
+ - KVM: SVM: Add MSR-based feature support for serializing LFENCE
+ - KVM: VMX: fixes for vmentry_l1d_flush module parameter
+ - KVM: X86: Allow userspace to define the microcode version
+ - SAUCE: [Fix] x86/KVM/VMX: Add L1D flush logic
+ - SAUCE: [Fix] x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on
+ vmentry
+
+ * [SRU] [B/OEM] Fix ACPI bug that causes boot failure (LP: #1819921)
+ - SAUCE: ACPI / bus: Add some Lenovo laptops in list of acpi table term list
+
+ * Bionic update: upstream stable patchset for fuse 2019-04-12 (LP: #1824553)
+ - fuse: fix double request_end()
+ - fuse: fix unlocked access to processing queue
+ - fuse: umount should wait for all requests
+ - fuse: Fix oops at process_init_reply()
+ - fuse: Don't access pipe->buffers without pipe_lock()
+ - fuse: Fix use-after-free in fuse_dev_do_read()
+ - fuse: Fix use-after-free in fuse_dev_do_write()
+ - fuse: set FR_SENT while locked
+ - fuse: fix blocked_waitq wakeup
+ - fuse: fix leaked notify reply
+ - fuse: fix possibly missed wake-up after abort
+ - fuse: fix use-after-free in fuse_direct_IO()
+ - fuse: continue to send FUSE_RELEASEDIR when FUSE_OPEN returns ENOSYS
+ - fuse: handle zero sized retrieve correctly
+ - fuse: call pipe_buf_release() under pipe lock
+ - fuse: decrement NR_WRITEBACK_TEMP on the right page
+
+ * Backport support for software count cache flush Spectre v2 mitigation. (CVE)
+ (required for POWER9 DD2.3) (LP: #1822870) // Backport support for software
+ count cache flush Spectre v2 mitigation. (CVE) (required for POWER9 DD2.3)
+ (LP: #1822870)
+ - powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2
+ - powerpc/fsl: Fix spectre_v2 mitigations reporting
+ - powerpc: Avoid code patching freed init sections
+
+ * Backport support for software count cache flush Spectre v2 mitigation. (CVE)
+ (required for POWER9 DD2.3) (LP: #1822870) // Backport support for software
+ count cache flush Spectre v2 mitigation. (CVE) (required for POWER9 DD2.3)
+ (LP: #1822870) // Backport support for software count cache flush Spectre v2
+ mitigation. (CVE) (required for POWER9 DD2.3) (LP: #1822870)
+ - powerpc/security: Fix spectre_v2 reporting
+
+ * CVE-2019-3874
+ - sctp: use sk_wmem_queued to check for writable space
+ - sctp: implement memory accounting on tx path
+ - sctp: implement memory accounting on rx path
+
+ * NULL pointer dereference when using z3fold and zswap (LP: #1814874)
+ - z3fold: fix possible reclaim races
+
+ * Kprobe event argument syntax in ftrace from ubuntu_kernel_selftests failed
+ on B PowerPC (LP: #1812809)
+ - selftests/ftrace: Add ppc support for kprobe args tests
+
+ * The Realtek card reader does not enter PCIe 1.1/1.2 (LP: #1825487)
+ - misc: rtsx: make various functions static
+ - misc: rtsx: Enable OCP for rts522a rts524a rts525a rts5260
+ - SAUCE: misc: rtsx: Fixed rts5260 power saving parameter and sd glitch
+
+ * headset-mic doesn't work on two Dell laptops. (LP: #1825272)
+ - ALSA: hda/realtek - add two more pin configuration sets to quirk table
+
+ * CVE-2018-16884
+ - sunrpc: use SVC_NET() in svcauth_gss_* functions
+ - sunrpc: use-after-free in svc_process_common()
+
+ * sky2 ethernet card don't work after returning from suspension (LP: #1798921)
+ - sky2: Increase D3 delay again
+
+ * CVE-2019-9500
+ - brcmfmac: assure SSID length from firmware is limited
+
+ * CVE-2019-9503
+ - brcmfmac: add subtype check for event handling in data path
+
+ * CVE-2019-3882
+ - vfio/type1: Limit DMA mappings per container
+
+ * Intel I210 Ethernet card not working after hotplug [8086:1533]
+ (LP: #1818490)
+ - igb: Fix WARN_ONCE on runtime suspend
+
+ * bionic, xenial/hwe: misses "fuse: fix initial parallel dirops" patch
+ (LP: #1823972)
+ - fuse: fix initial parallel dirops
+
+ * amdgpu resume failure: failed to allocate wb slot (LP: #1825074)
+ - drm/amdgpu: fix&cleanups for wb_clear
+
+ * Pop noise when headset is plugged in or removed from GHS/Line-out jack
+ (LP: #1821290)
+ - ALSA: hda/realtek - Add unplug function into unplug state of Headset Mode
+ for ALC225
+ - ALSA: hda/realtek - Disable headset Mic VREF for headset mode of ALC225
+ - ALSA: hda/realtek - Add support headset mode for DELL WYSE AIO
+ - ALSA: hda/realtek - Add support headset mode for New DELL WYSE NB
+
+ * mac80211_hwsim unable to handle kernel NULL pointer dereference
+ at0000000000000000 (LP: #1825058)
+ - mac80211_hwsim: Timer should be initialized before device registered
+
+ * [regression][snd_hda_codec_realtek] repeating crackling noise after 19.04
+ upgrade (LP: #1821663)
+ - ALSA: hda: Add Intel NUC7i3BNB to the power_save blacklist
+ - ALSA: hda - add Lenovo IdeaCentre B550 to the power_save_blacklist
+ - ALSA: hda - Add two more machines to the power_save_blacklist
+
+ * ubuntu_nbd_smoke_test failed on P9 with Bionic kernel (LP: #1822247)
+ - nbd: fix how we set bd_invalidated
+
+ * TSC clocksource not available in nested guests (LP: #1822821)
+ - kvmclock: fix TSC calibration for nested guests
+
+ * 4.15 kernel ip_vs --ops causes performance and hang problem (LP: #1819786)
+ - ipvs: fix refcount usage for conns in ops mode
+
+ * systemd cause kernel trace "BUG: unable to handle kernel paging request at
+ 6db23a14" on Cosmic i386 (LP: #1813244) // systemd cause kernel trace "BUG:
+ unable to handle kernel paging request at 6db23a14" on Cosmic i386
+ (LP: #1813244)
+ - openvswitch: fix flow actions reallocation
+
+ -- Stefan Bader <stefan.bader@canonical.com> Thu, 25 Apr 2019 10:40:22 +0200
+
+linux (4.15.0-48.51) bionic; urgency=medium
+
+ * linux: 4.15.0-48.51 -proposed tracker (LP: #1822820)
+
+ * Packaging resync (LP: #1786013)
+ - [Packaging] update helper scripts
+ - [Packaging] resync retpoline extraction
+
+ * 3b080b2564287be91605bfd1d5ee985696e61d3c in ubuntu_btrfs_kernel_fixes
+ triggers system hang on i386 (LP: #1812845)
+ - btrfs: raid56: properly unmap parity page in finish_parity_scrub()
+
+ * [P9][LTCTest][Opal][FW910] cpupower monitor shows multiple stop Idle_Stats
+ (LP: #1719545)
+ - cpupower : Fix header name to read idle state name
+
+ * [amdgpu] screen corruption when using touchpad (LP: #1818617)
+ - drm/amdgpu/gmc: steal the appropriate amount of vram for fw hand-over (v3)
+ - drm/amdgpu: Free VGA stolen memory as soon as possible.
+
+ * [SRU][B/C/OEM]IOMMU: add kernel dma protection (LP: #1820153)
+ - ACPICA: AML parser: attempt to continue loading table after error
+ - ACPI / property: Allow multiple property compatible _DSD entries
+ - PCI / ACPI: Identify untrusted PCI devices
+ - iommu/vt-d: Force IOMMU on for platform opt in hint
+ - iommu/vt-d: Do not enable ATS for untrusted devices
+ - thunderbolt: Export IOMMU based DMA protection support to userspace
+ - iommu/vt-d: Disable ATS support on untrusted devices
+
+ * Add basic support to NVLink2 passthrough (LP: #1819989)
+ - powerpc/powernv/npu: Do not try invalidating 32bit table when 64bit table is
+ enabled
+ - powerpc/powernv: call OPAL_QUIESCE before OPAL_SIGNAL_SYSTEM_RESET
+ - powerpc/powernv: Export opal_check_token symbol
+ - powerpc/powernv: Make possible for user to force a full ipl cec reboot
+ - powerpc/powernv/idoa: Remove unnecessary pcidev from pci_dn
+ - powerpc/powernv: Move npu struct from pnv_phb to pci_controller
+ - powerpc/powernv/npu: Move OPAL calls away from context manipulation
+ - powerpc/pseries/iommu: Use memory@ nodes in max RAM address calculation
+ - powerpc/pseries/npu: Enable platform support
+ - powerpc/pseries: Remove IOMMU API support for non-LPAR systems
+ - powerpc/powernv/npu: Check mmio_atsd array bounds when populating
+ - powerpc/powernv/npu: Fault user page into the hypervisor's pagetable
+
+ * Huawei Hi1822 NIC has poor performance (LP: #1820187)
+ - net-next: hinic: fix a problem in free_tx_poll()
+ - hinic: remove ndo_poll_controller
+ - net-next/hinic: add checksum offload and TSO support
+ - hinic: Fix l4_type parameter in hinic_task_set_tunnel_l4
+ - net-next/hinic:replace multiply and division operators
+ - net-next/hinic:add rx checksum offload for HiNIC
+ - net-next/hinic:fix a bug in set mac address
+ - net-next/hinic: fix a bug in rx data flow
+ - net: hinic: fix null pointer dereference on pointer hwdev
+ - hinic: optmize rx refill buffer mechanism
+ - net-next/hinic:add shutdown callback
+ - net-next/hinic: replace disable_irq_nosync/enable_irq
+
+ * [CONFIG] please enable highdpi font FONT_TER16x32 (LP: #1819881)
+ - Fonts: New Terminus large console font
+ - [Config]: enable highdpi Terminus 16x32 font support
+
+ * [19.04 FEAT] qeth: Enhanced link speed - kernel part (LP: #1814892)
+ - s390/qeth: report 25Gbit link speed
+
+ * CVE-2017-5754
+ - x86/nmi: Fix NMI uaccess race against CR3 switching
+ - x86/mm: Fix documentation of module mapping range with 4-level paging
+ - x86/pti: Enable global pages for shared areas
+ - x86/pti: Never implicitly clear _PAGE_GLOBAL for kernel image
+ - x86/pti: Leave kernel text global for !PCID
+ - x86/pti: Fix boot problems from Global-bit setting
+ - x86/pti: Fix boot warning from Global-bit setting
+ - x86/pti: Reduce amount of kernel text allowed to be Global
+ - x86/pti: Disallow global kernel text with RANDSTRUCT
+ - x86/entry/32: Add explicit 'l' instruction suffix
+ - x86/asm-offsets: Move TSS_sp0 and TSS_sp1 to asm-offsets.c
+ - x86/entry/32: Rename TSS_sysenter_sp0 to TSS_entry2task_stack
+ - x86/entry/32: Load task stack from x86_tss.sp1 in SYSENTER handler
+ - x86/entry/32: Put ESPFIX code into a macro
+ - x86/entry/32: Unshare NMI return path
+ - x86/entry/32: Split off return-to-kernel path
+ - x86/entry/32: Enter the kernel via trampoline stack
+ - x86/entry/32: Leave the kernel via trampoline stack
+ - x86/entry/32: Introduce SAVE_ALL_NMI and RESTORE_ALL_NMI
+ - x86/entry/32: Handle Entry from Kernel-Mode on Entry-Stack
+ - x86/entry/32: Simplify debug entry point
+ - x86/entry/32: Add PTI cr3 switch to non-NMI entry/exit points
+ - x86/entry/32: Add PTI CR3 switches to NMI handler code
+ - x86/entry: Rename update_sp0 to update_task_stack
+ - x86/pgtable: Rename pti_set_user_pgd() to pti_set_user_pgtbl()
+ - x86/pgtable/pae: Unshare kernel PMDs when PTI is enabled
+ - x86/pgtable/32: Allocate 8k page-tables when PTI is enabled
+ - x86/pgtable: Move pgdp kernel/user conversion functions to pgtable.h
+ - x86/pgtable: Move pti_set_user_pgtbl() to pgtable.h
+ - x86/pgtable: Move two more functions from pgtable_64.h to pgtable.h
+ - x86/mm/pae: Populate valid user PGD entries
+ - x86/mm/pae: Populate the user page-table with user pgd's
+ - x86/mm/pti: Add an overflow check to pti_clone_pmds()
+ - x86/mm/pti: Define X86_CR3_PTI_PCID_USER_BIT on x86_32
+ - x86/mm/pti: Clone CPU_ENTRY_AREA on PMD level on x86_32
+ - x86/mm/pti: Make pti_clone_kernel_text() compile on 32 bit
+ - x86/mm/pti: Keep permissions when cloning kernel text in
+ pti_clone_kernel_text()
+ - x86/mm/pti: Introduce pti_finalize()
+ - x86/mm/pti: Clone entry-text again in pti_finalize()
+ - x86/mm/dump_pagetables: Define INIT_PGD
+ - x86/pgtable/pae: Use separate kernel PMDs for user page-table
+ - x86/ldt: Reserve address-space range on 32 bit for the LDT
+ - x86/ldt: Define LDT_END_ADDR
+ - x86/ldt: Split out sanity check in map_ldt_struct()
+ - x86/ldt: Enable LDT user-mapping for PAE
+ - x86/pti: Allow CONFIG_PAGE_TABLE_ISOLATION for x86_32
+ - [Config] Update PAGE_TABLE_ISOLATION annotations
+ - x86/mm/pti: Add Warning when booting on a PCID capable CPU
+ - x86/entry/32: Add debug code to check entry/exit CR3
+ - x86/pti: Check the return value of pti_user_pagetable_walk_p4d()
+ - x86/pti: Check the return value of pti_user_pagetable_walk_pmd()
+ - perf/core: Make sure the ring-buffer is mapped in all page-tables
+ - x86/entry/32: Check for VM86 mode in slow-path check
+ - x86/mm: Remove in_nmi() warning from vmalloc_fault()
+ - x86/kexec: Allocate 8k PGDs for PTI
+ - x86/mm/pti: Clear Global bit more aggressively
+ - mm: Allow non-direct-map arguments to free_reserved_area()
+ - x86/mm/init: Pass unconverted symbol addresses to free_init_pages()
+ - x86/mm/init: Add helper for freeing kernel image pages
+ - x86/mm/init: Remove freed kernel image areas from alias mapping
+ - x86/mm/pti: Fix 32 bit PCID check
+ - x86/mm/pti: Don't clear permissions in pti_clone_pmd()
+ - x86/mm/pti: Clone kernel-image on PTE level for 32 bit
+ - x86/relocs: Add __end_rodata_aligned to S_REL
+ - x86/mm/pti: Move user W+X check into pti_finalize()
+ - x86/efi: Load fixmap GDT in efi_call_phys_epilog()
+ - x86/efi: Load fixmap GDT in efi_call_phys_epilog() before setting %cr3
+ - x86/mm/doc: Clean up the x86-64 virtual memory layout descriptions
+ - x86/mm/doc: Enhance the x86-64 virtual memory layout descriptions
+ - x86/entry/32: Clear the CS high bits
+ - x86/mm: Move LDT remap out of KASLR region on 5-level paging
+ - x86/ldt: Unmap PTEs for the slot before freeing LDT pages
+ - x86/ldt: Remove unused variable in map_ldt_struct()
+ - x86/mm: Fix guard hole handling
+ - x86/dump_pagetables: Fix LDT remap address marker
+
+ * Avoid potential memory corruption on HiSilicon SoCs (LP: #1819546)
+ - iommu/arm-smmu-v3: Avoid memory corruption from Hisilicon MSI payloads
+
+ * Ubuntu18.04.01: [Power9] power8 Compat guest(RHEL7.6) crashes during guest
+ boot with > 256G of memory (kernel/kvm) (LP: #1818645)
+ - ]PATCH] KVM: PPC: Book3S HV: Don't truncate HPTE index in xlate function
+
+ * Fix for dual Intel NVMes (LP: #1821961)
+ - SAUCE: nvme: Merge two quirk entries into one for Intel 760p/Pro 7600p
+
+ * CVE-2017-5715
+ - tools headers: Synchronize prctl.h ABI header
+ - x86/spectre: Add missing family 6 check to microcode check
+ - x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation
+ - x86/speculation: Apply IBPB more strictly to avoid cross-process data leak
+ - x86/speculation: Propagate information about RSB filling mitigation to sysfs
+ - x86/speculation: Add RETPOLINE_AMD support to the inline asm CALL_NOSPEC
+ variant
+ - x86/retpoline: Make CONFIG_RETPOLINE depend on compiler support
+ - x86/retpoline: Remove minimal retpoline support
+ - x86/speculation: Update the TIF_SSBD comment
+ - x86/speculation: Clean up spectre_v2_parse_cmdline()
+ - x86/speculation: Remove unnecessary ret variable in cpu_show_common()
+ - x86/speculation: Move STIPB/IBPB string conditionals out of
+ cpu_show_common()
+ - x86/speculation: Disable STIBP when enhanced IBRS is in use
+ - x86/speculation: Rename SSBD update functions
+ - x86/speculation: Reorganize speculation control MSRs update
+ - sched/smt: Make sched_smt_present track topology
+ - x86/Kconfig: Select SCHED_SMT if SMP enabled
+ - sched/smt: Expose sched_smt_present static key
+ - x86/speculation: Rework SMT state change
+ - x86/l1tf: Show actual SMT state
+ - x86/speculation: Reorder the spec_v2 code
+ - x86/speculation: Mark string arrays const correctly
+ - x86/speculataion: Mark command line parser data __initdata
+ - x86/speculation: Unify conditional spectre v2 print functions
+ - x86/speculation: Add command line control for indirect branch speculation
+ - x86/speculation: Prepare for per task indirect branch speculation control
+ - x86/process: Consolidate and simplify switch_to_xtra() code
+ - x86/speculation: Avoid __switch_to_xtra() calls
+ - x86/speculation: Prepare for conditional IBPB in switch_mm()
+ - ptrace: Remove unused ptrace_may_access_sched() and MODE_IBRS
+ - x86/speculation: Split out TIF update
+ - x86/speculation: Prevent stale SPEC_CTRL msr content
+ - x86/speculation: Prepare arch_smt_update() for PRCTL mode
+ - x86/speculation: Add prctl() control for indirect branch speculation
+ - x86/speculation: Enable prctl mode for spectre_v2_user
+ - x86/speculation: Add seccomp Spectre v2 user space protection mode
+ - x86/speculation: Provide IBPB always command line options
+ - kvm: svm: Ensure an IBPB on all affected CPUs when freeing a vmcb
+ - x86/speculation: Change misspelled STIPB to STIBP
+ - x86/speculation: Add support for STIBP always-on preferred mode
+ - x86, modpost: Replace last remnants of RETPOLINE with CONFIG_RETPOLINE
+ - s390: remove closung punctuation from spectre messages
+ - x86/speculation: Simplify the CPU bug detection logic
+
+ * CVE-2018-3639
+ - x86/bugs: Add AMD's variant of SSB_NO
+ - x86/bugs: Add AMD's SPEC_CTRL MSR usage
+ - x86/bugs: Switch the selection of mitigation from CPU vendor to CPU features
+ - x86/bugs: Update when to check for the LS_CFG SSBD mitigation
+ - x86/bugs: Fix the AMD SSBD usage of the SPEC_CTRL MSR
+ - KVM: x86: SVM: Call x86_spec_ctrl_set_guest/host() with interrupts disabled
+
+ * [Ubuntu] vfio-ap: add subsystem to matrix device to avoid libudev failures
+ (LP: #1818854)
+ - s390: vfio_ap: link the vfio_ap devices to the vfio_ap bus subsystem
+
+ * Kernel regularly logs: Bluetooth: hci0: last event is not cmd complete
+ (0x0f) (LP: #1748565)
+ - Bluetooth: Fix unnecessary error message for HCI request completion
+
+ * HiSilicon HNS ethernet broken in 4.15.0-45 (LP: #1818294)
+ - net: hns: Fix WARNING when hns modules installed
+
+ * rtl8723be wifi does not work under linux-modules-extra-4.15.0-33-generic
+ (LP: #1788997)
+ - SAUCE: Revert "rtlwifi: cleanup 8723be ant_sel definition"
+
+ * Crash from :i915 module with 4.15.0-46-generic using multi-display
+ (LP: #1819486)
+ - SAUCE: Revert "drm/i915: Fix hotplug irq ack on i965/g4x"
+
+ * kernel linux-image-4.15.0-44 not booting on Hyperv Server 2008R2
+ (LP: #1814069)
+ - hv/netvsc: fix handling of fallback to single queue mode
+ - hv/netvsc: Fix NULL dereference at single queue mode fallback
+
+ * Lenovo ideapad 330-15ICH Wifi rfkill hard blocked (LP: #1811815)
+ - platform/x86: ideapad: Add ideapad 330-15ICH to no_hw_rfkill
+
+ * Qualcomm Atheros QCA9377 wireless does not work (LP: #1818204)
+ - platform/x86: ideapad-laptop: Add Ideapad 530S-14ARR to no_hw_rfkill list
+
+ * fscache: jobs might hang when fscache disk is full (LP: #1821395)
+ - fscache: fix race between enablement and dropping of object
+
+ * hns3: fix oops in hns3_clean_rx_ring() (LP: #1821064)
+ - net: hns3: add dma_rmb() for rx description
+
+ * Hard lockup in 2 CPUs due to deadlock in cpu_stoppers (LP: #1821259)
+ - stop_machine: Disable preemption after queueing stopper threads
+ - stop_machine: Atomically queue and wake stopper threads
+
+ * tcm_loop.ko: move from modules-extra into main modules package
+ (LP: #1817786)
+ - [Packaging] move tcm_loop.lo to main linux-modules package
+
+ * tcmu user space crash results in kernel module hang. (LP: #1819504)
+ - scsi: tcmu: delete unused __wait
+ - scsi: tcmu: track nl commands
+ - scsi: tcmu: simplify nl interface
+ - scsi: tcmu: add module wide block/reset_netlink support
+
+ * Intel XL710 - i40e driver does not work with kernel 4.15 (Ubuntu 18.04)
+ (LP: #1779756)
+ - i40e: Fix for Tx timeouts when interface is brought up if DCB is enabled
+ - i40e: prevent overlapping tx_timeout recover
+
+ * some codecs stop working after S3 (LP: #1820930)
+ - ALSA: hda - Enforces runtime_resume after S3 and S4 for each codec
+
+ * i40e xps management broken when > 64 queues/cpus (LP: #1820948)
+ - i40e: Do not allow use more TC queue pairs than MSI-X vectors exist
+ - i40e: Fix the number of queues available to be mapped for use
+
+ * 4.15 s390x kernel BUG at /build/linux-
+ Gycr4Z/linux-4.15.0/drivers/block/virtio_blk.c:565! (LP: #1788432)
+ - virtio/s390: avoid race on vcdev->config
+ - virtio/s390: fix race in ccw_io_helper()
+
+ * [SRU][B/B-OEM/C/D] Fix AMD IOMMU NULL dereference (LP: #1820990)
+ - iommu/amd: Fix NULL dereference bug in match_hid_uid
+
+ * New Intel Wireless-AC 9260 [8086:2526] card not correctly probed in Ubuntu
+ system (LP: #1821271)
+ - iwlwifi: add new card for 9260 series
+
+ * Add support for MAC address pass through on RTL8153-BD (LP: #1821276)
+ - r8152: Add support for MAC address pass through on RTL8153-BD
+ - r8152: Fix an error on RTL8153-BD MAC Address Passthrough support
+
+ -- Andrea Righi <andrea.righi@canonical.com> Tue, 02 Apr 2019 18:31:55 +0200
+
+linux (4.15.0-47.50) bionic; urgency=medium
+
+ * linux: 4.15.0-47.50 -proposed tracker (LP: #1819716)
+
+ * Packaging resync (LP: #1786013)
+ - [Packaging] resync getabis
+ - [Packaging] update helper scripts
+ - [Packaging] resync retpoline extraction
+
+ * C++ demangling support missing from perf (LP: #1396654)
+ - [Packaging] fix a mistype
+
+ * arm-smmu-v3 arm-smmu-v3.3.auto: CMD_SYNC timeout (LP: #1818162)
+ - iommu/arm-smmu-v3: Fix unexpected CMD_SYNC timeout
+
+ * Crash in nvme_irq_check() when using threaded interrupts (LP: #1818747)
+ - nvme-pci: fix out of bounds access in nvme_cqe_pending
+
+ * CVE-2019-9213
+ - mm: enforce min addr even if capable() in expand_downwards()
+
+ * CVE-2019-3460
+ - Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt
+
+ * amdgpu with mst WARNING on blanking (LP: #1814308)
+ - drm/amd/display: Don't use dc_link in link_encoder
+ - drm/amd/display: Move wait for hpd ready out from edp power control.
+ - drm/amd/display: eDP sequence BL off first then DP blank.
+ - drm/amd/display: Fix unused variable compilation error
+ - drm/amd/display: Fix warning about misaligned code
+ - drm/amd/display: Fix MST dp_blank REG_WAIT timeout
+
+ * tun/tap: unable to manage carrier state from userland (LP: #1806392)
+ - tun: implement carrier change
+
+ * CVE-2019-8980
+ - exec: Fix mem leak in kernel_read_file
+
+ * raw_skew in timer from the ubuntu_kernel_selftests failed on Bionic
+ (LP: #1811194)
+ - selftest: timers: Tweak raw_skew to SKIP when ADJ_OFFSET/other clock
+ adjustments are in progress
+
+ * [Packaging] Allow overlay of config annotations (LP: #1752072)
+ - [Packaging] config-check: Add an include directive
+
+ * CVE-2019-7308
+ - bpf: move {prev_,}insn_idx into verifier env
+ - bpf: move tmp variable into ax register in interpreter
+ - bpf: enable access to ax register also from verifier rewrite
+ - bpf: restrict map value pointer arithmetic for unprivileged
+ - bpf: restrict stack pointer arithmetic for unprivileged
+ - bpf: restrict unknown scalars of mixed signed bounds for unprivileged
+ - bpf: fix check_map_access smin_value test when pointer contains offset
+ - bpf: prevent out of bounds speculation on pointer arithmetic
+ - bpf: fix sanitation of alu op with pointer / scalar type from different
+ paths
+ - bpf: add various test cases to selftests
+
+ * CVE-2017-5753
+ - bpf: properly enforce index mask to prevent out-of-bounds speculation
+ - bpf: fix inner map masking to prevent oob under speculation
+
+ * BPF: kernel pointer leak to unprivileged userspace (LP: #1815259)
+ - bpf/verifier: disallow pointer subtraction
+
+ * squashfs hardening (LP: #1816756)
+ - squashfs: more metadata hardening
+ - squashfs metadata 2: electric boogaloo
+ - squashfs: more metadata hardening
+ - Squashfs: Compute expected length from inode size rather than block length
+
+ * efi/arm/arm64: Allow SetVirtualAddressMap() to be omitted (LP: #1814982)
+ - efi/arm/arm64: Allow SetVirtualAddressMap() to be omitted
+
+ * Update ENA driver to version 2.0.3K (LP: #1816806)
+ - net: ena: update driver version from 2.0.2 to 2.0.3
+ - net: ena: fix race between link up and device initalization
+ - net: ena: fix crash during failed resume from hibernation
+
+ * ipset kernel error: 4.15.0-43-generic (LP: #1811394)
+ - netfilter: ipset: Fix wraparound in hash:*net* types
+
+ * Silent "Unknown key" message when pressing keyboard backlight hotkey
+ (LP: #1817063)
+ - platform/x86: dell-wmi: Ignore new keyboard backlight change event
+
+ * CVE-2018-18021
+ - arm64: KVM: Tighten guest core register access from userspace
+ - KVM: arm/arm64: Introduce vcpu_el1_is_32bit
+ - arm64: KVM: Sanitize PSTATE.M when being set from userspace
+
+ * CVE-2018-14678
+ - x86/entry/64: Remove %ebx handling from error_entry/exit
+
+ * CVE-2018-19824
+ - ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in card.c
+
+ * CVE-2019-3459
+ - Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer
+
+ * Bionic update: upstream stable patchset 2019-02-08 (LP: #1815234)
+ - fork: unconditionally clear stack on fork
+ - spi: spi-s3c64xx: Fix system resume support
+ - Input: elan_i2c - add ACPI ID for lenovo ideapad 330
+ - Input: i8042 - add Lenovo LaVie Z to the i8042 reset list
+ - Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST
+ - kvm, mm: account shadow page tables to kmemcg
+ - delayacct: fix crash in delayacct_blkio_end() after delayacct init failure
+ - tracing: Fix double free of event_trigger_data
+ - tracing: Fix possible double free in event_enable_trigger_func()
+ - kthread, tracing: Don't expose half-written comm when creating kthreads
+ - tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure
+ - tracing: Quiet gcc warning about maybe unused link variable
+ - arm64: fix vmemmap BUILD_BUG_ON() triggering on !vmemmap setups
+ - mlxsw: spectrum_switchdev: Fix port_vlan refcounting
+ - kcov: ensure irq code sees a valid area
+ - xen/netfront: raise max number of slots in xennet_get_responses()
+ - skip LAYOUTRETURN if layout is invalid
+ - ALSA: emu10k1: add error handling for snd_ctl_add
+ - ALSA: fm801: add error handling for snd_ctl_add
+ - NFSv4.1: Fix the client behaviour on NFS4ERR_SEQ_FALSE_RETRY
+ - nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo
+ - vfio: platform: Fix reset module leak in error path
+ - vfio/mdev: Check globally for duplicate devices
+ - vfio/type1: Fix task tracking for QEMU vCPU hotplug
+ - kernel/hung_task.c: show all hung tasks before panic
+ - mm: /proc/pid/pagemap: hide swap entries from unprivileged users
+ - mm: vmalloc: avoid racy handling of debugobjects in vunmap
+ - mm/slub.c: add __printf verification to slab_err()
+ - rtc: ensure rtc_set_alarm fails when alarms are not supported
+ - perf tools: Fix pmu events parsing rule
+ - netfilter: ipset: forbid family for hash:mac sets
+ - netfilter: ipset: List timing out entries with "timeout 1" instead of zero
+ - irqchip/ls-scfg-msi: Map MSIs in the iommu
+ - watchdog: da9063: Fix updating timeout value
+ - printk: drop in_nmi check from printk_safe_flush_on_panic()
+ - bpf, arm32: fix inconsistent naming about emit_a32_lsr_{r64,i64}
+ - ceph: fix alignment of rasize
+ - e1000e: Ignore TSYNCRXCTL when getting I219 clock attributes
+ - powerpc/lib: Adjust .balign inside string functions for PPC32
+ - powerpc/64s: Add barrier_nospec
+ - powerpc/eeh: Fix use-after-release of EEH driver
+ - hvc_opal: don't set tb_ticks_per_usec in udbg_init_opal_common()
+ - powerpc/64s: Fix compiler store ordering to SLB shadow area
+ - RDMA/mad: Convert BUG_ONs to error flows
+ - lightnvm: pblk: warn in case of corrupted write buffer
+ - netfilter: nf_tables: check msg_type before nft_trans_set(trans)
+ - pnfs: Don't release the sequence slot until we've processed layoutget on
+ open
+ - disable loading f2fs module on PAGE_SIZE > 4KB
+ - f2fs: fix error path of move_data_page
+ - f2fs: fix to don't trigger writeback during recovery
+ - f2fs: fix to wait page writeback during revoking atomic write
+ - f2fs: Fix deadlock in shutdown ioctl
+ - f2fs: fix to detect failure of dquot_initialize
+ - f2fs: fix race in between GC and atomic open
+ - block, bfq: remove wrong lock in bfq_requests_merged
+ - usbip: usbip_detach: Fix memory, udev context and udev leak
+ - usbip: dynamically allocate idev by nports found in sysfs
+ - perf/x86/intel/uncore: Correct fixed counter index check in generic code
+ - perf/x86/intel/uncore: Correct fixed counter index check for NHM
+ - selftests/intel_pstate: Improve test, minor fixes
+ - selftests: memfd: return Kselftest Skip code for skipped tests
+ - selftests: intel_pstate: return Kselftest Skip code for skipped tests
+ - PCI: Fix devm_pci_alloc_host_bridge() memory leak
+ - iwlwifi: pcie: fix race in Rx buffer allocator
+ - Bluetooth: hci_qca: Fix "Sleep inside atomic section" warning
+ - Bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011
+ - ASoC: dpcm: fix BE dai not hw_free and shutdown
+ - mfd: cros_ec: Fail early if we cannot identify the EC
+ - mwifiex: handle race during mwifiex_usb_disconnect
+ - wlcore: sdio: check for valid platform device data before suspend
+ - media: tw686x: Fix incorrect vb2_mem_ops GFP flags
+ - media: videobuf2-core: don't call memop 'finish' when queueing
+ - Btrfs: don't return ino to ino cache if inode item removal fails
+ - Btrfs: don't BUG_ON() in btrfs_truncate_inode_items()
+ - btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups
+ - btrfs: qgroup: Finish rescan when hit the last leaf of extent tree
+ - x86/microcode: Make the late update update_lock a raw lock for RT
+ - PM / wakeup: Make s2idle_lock a RAW_SPINLOCK
+ - PCI: Prevent sysfs disable of device while driver is attached
+ - nvme-rdma: stop admin queue before freeing it
+ - nvme-pci: Fix AER reset handling
+ - ath: Add regulatory mapping for FCC3_ETSIC
+ - ath: Add regulatory mapping for ETSI8_WORLD
+ - ath: Add regulatory mapping for APL13_WORLD
+ - ath: Add regulatory mapping for APL2_FCCA
+ - ath: Add regulatory mapping for Uganda
+ - ath: Add regulatory mapping for Tanzania
+ - ath: Add regulatory mapping for Serbia
+ - ath: Add regulatory mapping for Bermuda
+ - ath: Add regulatory mapping for Bahamas
+ - powerpc/32: Add a missing include header
+ - powerpc/chrp/time: Make some functions static, add missing header include
+ - powerpc/powermac: Add missing prototype for note_bootable_part()
+ - powerpc/powermac: Mark variable x as unused
+ - powerpc: Add __printf verification to prom_printf
+ - spi: sh-msiof: Fix setting SIRMDR1.SYNCAC to match SITMDR1.SYNCAC
+ - powerpc/8xx: fix invalid register expression in head_8xx.S
+ - pinctrl: at91-pio4: add missing of_node_put
+ - bpf: powerpc64: pad function address loads with NOPs
+ - PCI: pciehp: Request control of native hotplug only if supported
+ - net: dsa: qca8k: Add support for QCA8334 switch
+ - mwifiex: correct histogram data with appropriate index
+ - ima: based on policy verify firmware signatures (pre-allocated buffer)
+ - drivers/perf: arm-ccn: don't log to dmesg in event_init
+ - spi: Add missing pm_runtime_put_noidle() after failed get
+ - fscrypt: use unbound workqueue for decryption
+ - scsi: ufs: ufshcd: fix possible unclocked register access
+ - scsi: ufs: fix exception event handling
+ - scsi: zfcp: assert that the ERP lock is held when tracing a recovery trigger
+ - drm/nouveau/fifo/gk104-: poll for runlist update completion
+ - Bluetooth: btusb: add ID for LiteOn 04ca:301a
+ - rtc: tps6586x: fix possible race condition
+ - rtc: vr41xx: fix possible race condition
+ - rtc: tps65910: fix possible race condition
+ - ALSA: emu10k1: Rate-limit error messages about page errors
+ - regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops
+ - md/raid1: add error handling of read error from FailFast device
+ - md: fix NULL dereference of mddev->pers in remove_and_add_spares()
+ - ixgbevf: fix MAC address changes through ixgbevf_set_mac()
+ - media: smiapp: fix timeout checking in smiapp_read_nvm
+ - net: ethernet: ti: cpsw-phy-sel: check bus_find_device() ret value
+ - ALSA: usb-audio: Apply rate limit to warning messages in URB complete
+ callback
+ - media: atomisp: ov2680: don't declare unused vars
+ - arm64: cmpwait: Clear event register before arming exclusive monitor
+ - HID: hid-plantronics: Re-resend Update to map button for PTT products
+ - arm64: dts: renesas: salvator-common: use audio-graph-card for Sound
+ - drm/radeon: fix mode_valid's return type
+ - drm/amdgpu: Remove VRAM from shared bo domains.
+ - powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by
+ Starlet
+ - HID: i2c-hid: check if device is there before really probing
+ - EDAC, altera: Fix ARM64 build warning
+ - ARM: dts: stih407-pinctrl: Fix complain about IRQ_TYPE_NONE usage
+ - ARM: dts: emev2: Add missing interrupt-affinity to PMU node
+ - ARM: dts: sh73a0: Add missing interrupt-affinity to PMU node
+ - nvmem: properly handle returned value nvmem_reg_read
+ - i40e: free the skb after clearing the bitlock
+ - tty: Fix data race in tty_insert_flip_string_fixed_flag
+ - dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA
+ - net: phy: phylink: Release link GPIO
+ - media: rcar_jpu: Add missing clk_disable_unprepare() on error in jpu_open()
+ - libata: Fix command retry decision
+ - ACPI / LPSS: Only call pwm_add_table() for Bay Trail PWM if PMIC HRV is 2
+ - media: media-device: fix ioctl function types
+ - media: saa7164: Fix driver name in debug output
+ - mtd: rawnand: fsl_ifc: fix FSL NAND driver to read all ONFI parameter pages
+ - brcmfmac: Add support for bcm43364 wireless chipset
+ - s390/cpum_sf: Add data entry sizes to sampling trailer entry
+ - perf: fix invalid bit in diagnostic entry
+ - bnxt_en: Check unsupported speeds in bnxt_update_link() on PF only.
+ - scsi: 3w-9xxx: fix a missing-check bug
+ - scsi: 3w-xxxx: fix a missing-check bug
+ - scsi: megaraid: silence a static checker bug
+ - scsi: qedf: Set the UNLOADING flag when removing a vport
+ - staging: lustre: o2iblnd: fix race at kiblnd_connect_peer
+ - staging: lustre: o2iblnd: Fix FastReg map/unmap for MLX5
+ - thermal: exynos: fix setting rising_threshold for Exynos5433
+ - bpf: fix references to free_bpf_prog_info() in comments
+ - f2fs: avoid fsync() failure caused by EAGAIN in writepage()
+ - media: siano: get rid of __le32/__le16 cast warnings
+ - drm/atomic: Handling the case when setting old crtc for plane
+ - ALSA: hda/ca0132: fix build failure when a local macro is defined
+ - mmc: dw_mmc: update actual clock for mmc debugfs
+ - mmc: pwrseq: Use kmalloc_array instead of stack VLA
+ - dt-bindings: pinctrl: meson: add support for the Meson8m2 SoC
+ - spi: meson-spicc: Fix error handling in meson_spicc_probe()
+ - dt-bindings: net: meson-dwmac: new compatible name for AXG SoC
+ - backlight: pwm_bl: Don't use GPIOF_* with gpiod_get_direction
+ - stop_machine: Use raw spinlocks
+ - delayacct: Use raw_spinlocks
+ - memory: tegra: Do not handle spurious interrupts
+ - memory: tegra: Apply interrupts mask per SoC
+ - nvme: lightnvm: add granby support
+ - arm64: defconfig: Enable Rockchip io-domain driver
+ - igb: Fix queue selection on MAC filters on i210
+ - drm/gma500: fix psb_intel_lvds_mode_valid()'s return type
+ - ipconfig: Correctly initialise ic_nameservers
+ - rsi: Fix 'invalid vdd' warning in mmc
+ - rsi: fix nommu_map_sg overflow kernel panic
+ - audit: allow not equal op for audit by executable
+ - staging: vchiq_core: Fix missing semaphore release in error case
+ - staging: lustre: llite: correct removexattr detection
+ - staging: lustre: ldlm: free resource when ldlm_lock_create() fails.
+ - serial: core: Make sure compiler barfs for 16-byte earlycon names
+ - soc: imx: gpcv2: Do not pass static memory as platform data
+ - microblaze: Fix simpleImage format generation
+ - usb: hub: Don't wait for connect state at resume for powered-off ports
+ - crypto: authencesn - don't leak pointers to authenc keys
+ - crypto: authenc - don't leak pointers to authenc keys
+ - media: omap3isp: fix unbalanced dma_iommu_mapping
+ - regulator: Don't return or expect -errno from of_map_mode()
+ - scsi: scsi_dh: replace too broad "TP9" string with the exact models
+ - scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs
+ - media: atomisp: compat32: fix __user annotations
+ - media: si470x: fix __be16 annotations
+ - ASoC: topology: Fix bclk and fsync inversion in set_link_hw_format()
+ - ASoC: topology: Add missing clock gating parameter when parsing hw_configs
+ - drm: Add DP PSR2 sink enable bit
+ - drm/atomic-helper: Drop plane->fb references only for
+ drm_atomic_helper_shutdown()
+ - drm/dp/mst: Fix off-by-one typo when dump payload table
+ - block: reset bi_iter.bi_done after splitting bio
+ - random: mix rdrand with entropy sent in from userspace
+ - squashfs: be more careful about metadata corruption
+ - ext4: fix inline data updates with checksums enabled
+ - ext4: fix check to prevent initializing reserved inodes
+ - PCI: xgene: Remove leftover pci_scan_child_bus() call
+ - RDMA/uverbs: Protect from attempts to create flows on unsupported QP
+ - net: dsa: qca8k: Force CPU port to its highest bandwidth
+ - net: dsa: qca8k: Enable RXMAC when bringing up a port
+ - net: dsa: qca8k: Add QCA8334 binding documentation
+ - net: dsa: qca8k: Allow overwriting CPU port setting
+ - ipv4: remove BUG_ON() from fib_compute_spec_dst
+ - net: fix amd-xgbe flow-control issue
+ - net: lan78xx: fix rx handling before first packet is send
+ - net: mdio-mux: bcm-iproc: fix wrong getter and setter pair
+ - NET: stmmac: align DMA stuff to largest cache line length
+ - tcp_bbr: fix bw probing to raise in-flight data for very small BDPs
+ - xen-netfront: wait xenbus state change when load module manually
+ - netlink: Do not subscribe to non-existent groups
+ - netlink: Don't shift with UB on nlk->ngroups
+ - tcp: do not force quickack when receiving out-of-order packets
+ - tcp: add max_quickacks param to tcp_incr_quickack and
+ tcp_enter_quickack_mode
+ - tcp: do not aggressively quick ack after ECN events
+ - tcp: refactor tcp_ecn_check_ce to remove sk type cast
+ - tcp: add one more quick ack after after ECN events
+ - mm: disallow mappings that conflict for devm_memremap_pages()
+ - drm/i915/glk: Add Quirk for GLK NUC HDMI port issues.
+ - mm: check for SIGKILL inside dup_mmap() loop
+ - rxrpc: Fix terminal retransmission connection ID to include the channel
+ - ceph: fix use-after-free in ceph_statfs()
+ - lightnvm: proper error handling for pblk_bio_add_pages
+ - f2fs: don't drop dentry pages after fs shutdown
+ - selftests: filesystems: return Kselftest Skip code for skipped tests
+ - selftests/filesystems: devpts_pts included wrong header
+ - iwlwifi: mvm: open BA session only when sta is authorized
+ - drm/amd/display: Do not program interrupt status on disabled crtc
+ - soc: qcom: smem: fix qcom_smem_set_global_partition()
+ - soc: qcom: smem: byte swap values properly
+ - pinctrl: msm: fix gpio-hog related boot issues
+ - net: mvpp2: Add missing VLAN tag detection
+ - drm/nouveau: remove fence wait code from deferred client work handler
+ - drm/nouveau/gem: lookup VMAs for buffers referenced by pushbuf ioctl
+ - clocksource: Move inline keyword to the beginning of function declarations
+ - media: staging: atomisp: Comment out several unused sensor resolutions
+ - IB: Fix RDMA_RXE and INFINIBAND_RDMAVT dependencies for DMA_VIRT_OPS
+ - rsi: Add null check for virtual interfaces in wowlan config
+ - ARM: dts: stih410: Fix complain about IRQ_TYPE_NONE usage
+ - ARM: dts: imx53: Fix LDB OF graph warning
+ - soc/tegra: pmc: Don't allocate struct tegra_powergate on stack
+ - mlxsw: spectrum_router: Return an error for non-default FIB rules
+ - i40e: Add advertising 10G LR mode
+ - i40e: avoid overflow in i40e_ptp_adjfreq()
+ - ath10k: fix kernel panic while reading tpc_stats
+ - ASoC: fsl_ssi: Use u32 variable type when using regmap_read()
+ - platform/x86: dell-smbios: Match on www.dell.com in OEM strings too
+ - staging: ks7010: fix error handling in ks7010_upload_firmware
+ - media: rc: mce_kbd decoder: low timeout values cause double keydowns
+ - ath10k: search all IEs for variant before falling back
+ - PCI/ASPM: Disable ASPM L1.2 Substate if we don't have LTR
+ - ARM: dts: imx6qdl-wandboard: Let the codec control MCLK pinctrl
+ - drm/amdgpu: Avoid reclaim while holding locks taken in MMU notifier
+ - nvmet-fc: fix target sgl list on large transfers
+ - i2c: rcar: handle RXDMA HW behaviour on Gen3
+ - gpio: uniphier: set legitimate irq trigger type in .to_irq hook
+ - tcp: ack immediately when a cwr packet arrives
+ - ACPICA: AML Parser: ignore control method status in module-level code
+
+ * Bionic update: upstream stable patchset 2019-02-05 (LP: #1814813)
+ - MIPS: ath79: fix register address in ath79_ddr_wb_flush()
+ - MIPS: Fix off-by-one in pci_resource_to_user()
+ - xen/PVH: Set up GS segment for stack canary
+ - drm/nouveau/drm/nouveau: Fix runtime PM leak in nv50_disp_atomic_commit()
+ - drm/nouveau: Set DRIVER_ATOMIC cap earlier to fix debugfs
+ - bonding: set default miimon value for non-arp modes if not set
+ - ip: hash fragments consistently
+ - ip: in cmsg IP(V6)_ORIGDSTADDR call pskb_may_pull
+ - net/mlx4_core: Save the qpn from the input modifier in RST2INIT wrapper
+ - net: skb_segment() should not return NULL
+ - net/mlx5: Adjust clock overflow work period
+ - net/mlx5e: Don't allow aRFS for encapsulated packets
+ - net/mlx5e: Fix quota counting in aRFS expire flow
+ - net/ipv6: Fix linklocal to global address with VRF
+ - multicast: do not restore deleted record source filter mode to new one
+ - net: phy: consider PHY_IGNORE_INTERRUPT in phy_start_aneg_priv
+ - sock: fix sg page frag coalescing in sk_alloc_sg
+ - rtnetlink: add rtnl_link_state check in rtnl_configure_link
+ - vxlan: add new fdb alloc and create helpers
+ - vxlan: make netlink notify in vxlan_fdb_destroy optional
+ - vxlan: fix default fdb entry netlink notify ordering during netdev create
+ - tcp: fix dctcp delayed ACK schedule
+ - tcp: helpers to send special DCTCP ack
+ - tcp: do not cancel delay-AcK on DCTCP special ACK
+ - tcp: do not delay ACK in DCTCP upon CE status change
+ - staging: speakup: fix wraparound in uaccess length check
+ - usb: cdc_acm: Add quirk for Castles VEGA3000
+ - usb: core: handle hub C_PORT_OVER_CURRENT condition
+ - usb: dwc2: Fix DMA alignment to start at allocated boundary
+ - usb: gadget: f_fs: Only return delayed status when len is 0
+ - driver core: Partially revert "driver core: correct device's shutdown order"
+ - can: xilinx_can: fix RX loop if RXNEMP is asserted without RXOK
+ - can: xilinx_can: fix power management handling
+ - can: xilinx_can: fix recovery from error states not being propagated
+ - can: xilinx_can: fix device dropping off bus on RX overrun
+ - can: xilinx_can: keep only 1-2 frames in TX FIFO to fix TX accounting
+ - can: xilinx_can: fix incorrect clear of non-processed interrupts
+ - can: xilinx_can: fix RX overflow interrupt not being enabled
+ - can: peak_canfd: fix firmware < v3.3.0: limit allocation to 32-bit DMA addr
+ only
+ - can: m_can.c: fix setup of CCCR register: clear CCCR NISO bit before
+ checking can.ctrlmode
+ - turn off -Wattribute-alias
+ - net-next/hinic: fix a problem in hinic_xmit_frame()
+ - net/mlx5e: Refine ets validation function
+ - nfp: flower: ensure dead neighbour entries are not offloaded
+ - usb: gadget: Fix OS descriptors support
+ - ACPICA: AML Parser: ignore dispatcher error status during table load
+
+ * installer does not support iSCSI iBFT (LP: #1817321)
+ - d-i: add iscsi_ibft to scsi-modules
+
+ * CVE-2019-7222
+ - KVM: x86: work around leak of uninitialized stack contents (CVE-2019-7222)
+
+ * CVE-2019-7221
+ - KVM: nVMX: unconditionally cancel preemption timer in free_nested
+ (CVE-2019-7221)
+
+ * CVE-2019-6974
+ - kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)
+
+ * Regular D-state processes impacting LXD containers (LP: #1817628)
+ - mm: do not stall register_shrinker()
+
+ * hns3 nic speed may not match optical port speed (LP: #1817969)
+ - net: hns3: Config NIC port speed same as that of optical module
+
+ * [Hyper-V] srcu: Lock srcu_data structure in srcu_gp_start() (LP: #1802021)
+ - srcu: Prohibit call_srcu() use under raw spinlocks
+ - srcu: Lock srcu_data structure in srcu_gp_start()
+
+ * libsas disks can have non-unique by-path names (LP: #1817784)
+ - scsi: libsas: Fix rphy phy_identifier for PHYs with end devices attached
+
+ * Bluetooth not working (Intel CyclonePeak) (LP: #1817518)
+ - Bluetooth: btusb: Add support for Intel bluetooth device 8087:0029
+
+ * CVE-2019-8912
+ - net: crypto set sk to NULL when af_alg_release.
+ - net: socket: set sock->sk to NULL after calling proto_ops::release()
+
+ * Trackpad is not recognized. (LP: #1817200)
+ - pinctrl: cannonlake: Fix gpio base for GPP-E
+
+ * [ALSA] [PATCH] System76 darp5 and oryp5 fixups (LP: #1815831)
+ - ALSA: hda/realtek - Headset microphone support for System76 darp5
+ - ALSA: hda/realtek - Headset microphone and internal speaker support for
+ System76 oryp5
+
+ * Constant noise in the headphone on Lenovo X1 machines (LP: #1817263)
+ - ALSA: hda/realtek: Disable PC beep in passthrough on alc285
+
+ * AC adapter status not detected on Asus ZenBook UX410UAK (LP: #1745032)
+ - Revert "ACPI / battery: Add quirk for Asus GL502VSK and UX305LA"
+ - ACPI / AC: Remove initializer for unused ident dmi_system_id
+ - ACPI / battery: Remove initializer for unused ident dmi_system_id
+ - ACPI / battery: Add handling for devices which wrongly report discharging
+ state
+ - ACPI / battery: Ignore AC state in handle_discharging on systems where it is
+ broken
+
+ * TPM intermittently fails after cold-boot (LP: #1762672)
+ - tpm: fix intermittent failure with self tests
+
+ * qlcnic: Firmware aborts/hangs in QLogic NIC (LP: #1815033)
+ - qlcnic: fix Tx descriptor corruption on 82xx devices
+
+ -- Khalid Elmously <khalid.elmously@canonical.com> Wed, 13 Mar 2019 04:37:49 +0000
+
linux (4.15.0-46.49) bionic; urgency=medium
* linux: 4.15.0-46.49 -proposed tracker (LP: #1814726)