X-Git-Url: https://git.proxmox.com/?a=blobdiff_plain;f=debian.master%2Fchangelog;h=5696940d45aa5de50173498155c5d0d65dc5862d;hb=de5594ae40a34151754190e229f43535518564e7;hp=523dede35dca92567f905cc59f4ecb75c66f37b0;hpb=e9e0e10b51df7303e662333c81603ca94f0ed9fd;p=mirror_ubuntu-artful-kernel.git diff --git a/debian.master/changelog b/debian.master/changelog index 523dede35dca..5696940d45aa 100644 --- a/debian.master/changelog +++ b/debian.master/changelog @@ -1,3 +1,1517 @@ +linux (4.13.0-44.49) UNRELEASED; urgency=medium + + CHANGELOG: Do not edit directly. Autogenerated at release. + CHANGELOG: Use the printchanges target to see the curent changes. + CHANGELOG: Use the insertchanges target to create the final log. + + -- Stefan Bader Wed, 23 May 2018 09:06:26 +0200 + +linux (4.13.0-43.48) artful; urgency=medium + + * CVE-2018-3639 (powerpc) + - SAUCE: rfi-flush: update H_CPU_* macro names to upstream + - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to + upstream + - SAUCE: update pseries_setup_rfi_flush() capitalization to upstream + - powerpc/pseries: Support firmware disable of RFI flush + - powerpc/powernv: Support firmware disable of RFI flush + - powerpc/64s: Allow control of RFI flush via debugfs + - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code + - powerpc/rfi-flush: Always enable fallback flush on pseries + - powerpc/rfi-flush: Differentiate enabled and patched flush types + - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags + - powerpc: Add security feature flags for Spectre/Meltdown + - powerpc/powernv: Set or clear security feature flags + - powerpc/pseries: Set or clear security feature flags + - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() + - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() + - powerpc/pseries: Fix clearing of security feature flags + - powerpc: Move default security feature flags + - powerpc/pseries: Restore default security feature flags on setup + - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit + + * CVE-2018-3639 (x86) + - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES + - SAUCE: x86: Add alternative_msr_write + - x86/nospec: Simplify alternative_msr_write() + - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown + - x86/bugs: Concentrate bug detection into a separate function + - x86/bugs: Concentrate bug reporting into a separate function + - x86/msr: Add definitions for new speculation control MSRs + - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits + - x86/bugs, KVM: Support the combination of guest and host IBRS + - x86/bugs: Expose /sys/../spec_store_bypass + - x86/cpufeatures: Add X86_FEATURE_RDS + - x86/bugs: Provide boot parameters for the spec_store_bypass_disable + mitigation + - x86/bugs/intel: Set proper CPU features and setup RDS + - x86/bugs: Whitelist allowed SPEC_CTRL MSR values + - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested + - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest + - x86/speculation: Create spec-ctrl.h to avoid include hell + - prctl: Add speculation control prctls + - x86/process: Allow runtime control of Speculative Store Bypass + - x86/speculation: Add prctl for Speculative Store Bypass mitigation + - nospec: Allow getting/setting on non-current task + - proc: Provide details on speculation flaw mitigations + - seccomp: Enable speculation flaw mitigations + - SAUCE: x86/bugs: Honour SPEC_CTRL default + - x86/bugs: Make boot modes __ro_after_init + - prctl: Add force disable speculation + - seccomp: Use PR_SPEC_FORCE_DISABLE + - seccomp: Add filter flag to opt-out of SSB mitigation + - seccomp: Move speculation migitation control to arch code + - x86/speculation: Make "seccomp" the default mode for Speculative Store + Bypass + - x86/bugs: Rename _RDS to _SSBD + - proc: Use underscores for SSBD in 'status' + - Documentation/spec_ctrl: Do some minor cleanups + - x86/bugs: Fix __ssb_select_mitigation() return type + - x86/bugs: Make cpu_show_common() static + + * LSM Stacking prctl values should be redefined as to not collide with + upstream prctls (LP: #1769263) // CVE-2018-3639 + - SAUCE: LSM stacking: adjust prctl values + + -- Stefan Bader Tue, 15 May 2018 07:39:26 +0200 + +linux (4.13.0-42.47) artful; urgency=medium + + * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993) + + * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850) + - arm64: fix CONFIG_DEBUG_WX address reporting + + * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977) + - net: hns: Avoid action name truncation + + * CVE-2017-18208 + - mm/madvise.c: fix madvise() infinite loop under special circumstances + + * CVE-2018-8822 + - staging: ncpfs: memory corruption in ncp_read_kernel() + + * CVE-2017-18203 + - dm: fix race between dm_get_from_kobject() and __dm_destroy() + + * CVE-2017-17449 + - netlink: Add netns check on taps + + * CVE-2017-17975 + - media: usbtv: prevent double free in error case + + * [8086:3e92] display becomes blank after S3 (LP: #1763271) + - drm/i915/edp: Allow alternate fixed mode for eDP if available. + - drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp + - drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp + - drm/i915/edp: Do not do link training fallback or prune modes on EDP + + * sky2 gigabit ethernet driver sometimes stops working after lid-open resume + from sleep (88E8055) (LP: #1758507) + - sky2: Increase D3 delay to sky2 stops working after suspend + + * perf vendor events arm64: Enable JSON events for ThunderX2 B0 (LP: #1760712) + - perf vendor events arm64: Enable JSON events for ThunderX2 B0 + + * No network with e1000e driver on 4.13.0-38-generic (LP: #1762693) + - e1000e: Fix e1000_check_for_copper_link_ich8lan return value. + + * /dev/ipmi enumeration flaky on Cavium Sabre nodes (LP: #1762812) + - i2c: xlp9xx: return ENXIO on slave address NACK + - i2c: xlp9xx: Handle transactions with I2C_M_RECV_LEN properly + - i2c: xlp9xx: Check for Bus state before every transfer + - i2c: xlp9xx: Handle NACK on DATA properly + + * "ip a" command on a guest VM shows UNKNOWN status (LP: #1761534) + - virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS + + * fix regression in mm/hotplug, allows NVIDIA driver to work (LP: #1761104) + - SAUCE: Fix revert "mm, memory_hotplug: do not associate hotadded memory to + zones until online" + + * ibrs/ibpb fixes result in excessive kernel logging (LP: #1755627) + - SAUCE: remove ibrs_dump sysctl interface + + -- Kleber Sacilotto de Souza Mon, 07 May 2018 15:06:58 +0200 + +linux (4.13.0-41.46) artful; urgency=medium + + * CVE-2018-8897 + - x86/entry/64: Don't use IST entry for #BP stack + + * CVE-2018-1087 + - kvm/x86: fix icebp instruction handling + + * CVE-2018-1000199 + - perf/hwbp: Simplify the perf-hwbp code, fix documentation + + -- Kleber Sacilotto de Souza Wed, 02 May 2018 11:58:49 +0200 + +linux (4.13.0-39.44) artful; urgency=medium + + * linux: 4.13.0-39.44 -proposed tracker (LP: #1761456) + + * intel-microcode 3.20180312.0 causes lockup at login screen(w/ linux- + image-4.13.0-37-generic) (LP: #1759920) // CVE-2017-5715 (Spectre v2 + Intel) // CVE-2017-5754 + - x86/mm: Reinitialize TLB state on hotplug and resume + + * intel-microcode 3.20180312.0 causes lockup at login screen(w/ linux- + image-4.13.0-37-generic) (LP: #1759920) // CVE-2017-5715 (Spectre v2 Intel) + - Revert "x86/mm: Only set IBPB when the new thread cannot ptrace current + thread" + - x86/speculation: Use Indirect Branch Prediction Barrier in context switch + + * DKMS driver builds fail with: Cannot use CONFIG_STACK_VALIDATION=y, please + install libelf-dev, libelf-devel or elfutils-libelf-devel (LP: #1760876) + - [Packaging] include the retpoline extractor in the headers + + * retpoline hints: primary infrastructure and initial hints (LP: #1758856) + - [Packaging] retpoline-extract: flag *0xNNN(%reg) branches + - x86/speculation, objtool: Annotate indirect calls/jumps for objtool + - x86/speculation, objtool: Annotate indirect calls/jumps for objtool on 32bit + - x86/paravirt, objtool: Annotate indirect calls + - [Packaging] retpoline -- add safe usage hint support + - [Packaging] retpoline-check -- only report additions + - [Packaging] retpoline -- widen indirect call/jmp detection + - [Packaging] retpoline -- elide %rip relative indirections + - [Packaging] retpoline -- clear hint information from packages + - KVM: x86: Make indirect calls in emulator speculation safe + - KVM: VMX: Make indirect call speculation safe + - x86/boot, objtool: Annotate indirect jump in secondary_startup_64() + - SAUCE: early/late -- annotate indirect calls in early/late initialisation + code + - SAUCE: vga_set_mode -- avoid jump tables + - [Config] retpoline -- switch to new format + - [Packaging] retpoline hints -- handle missing files when RETPOLINE not + enabled + - [Packaging] final-checks -- remove check for empty retpoline files + + * retpoline: ignore %cs:0xNNN constant indirections (LP: #1752655) + - [Packaging] retpoline -- elide %cs:0xNNNN constants on i386 + + * zfs system process hung on container stop/delete (LP: #1754584) + - SAUCE: Fix non-prefaulted page deadlock (LP: #1754584) + + * zfs-linux 0.6.5.11-1ubuntu5 ADT test failure with linux 4.15.0-1.2 + (LP: #1737761) + - SAUCE: (noup) Update zfs to 0.6.5.11-1ubuntu3.2 + + * AT_BASE_PLATFORM in AUXV is absent on kernels available on Ubuntu 17.10 + (LP: #1759312) + - powerpc/64s: Fix NULL AT_BASE_PLATFORM when using DT CPU features + + * btrfs and tar sparse truncate archives (LP: #1757565) + - Btrfs: move definition of the function btrfs_find_new_delalloc_bytes + - Btrfs: fix reported number of inode blocks after buffered append writes + + * efifb broken on ThunderX-based Gigabyte nodes (LP: #1758375) + - drivers/fbdev/efifb: Allow BAR to be moved instead of claiming it + + * Intel i40e PF reset due to incorrect MDD detection (continues...) + (LP: #1723127) + - i40e/i40evf: Account for frags split over multiple descriptors in check + linearize + + * Fix an issue that when system in S3, USB keyboard can't wake up the system. + (LP: #1759511) + - ACPI / PM: Allow deeper wakeup power states with no _SxD nor _SxW + + * [8086:3e92] display becomes blank after S3 (LP: #1759188) + - drm/i915: Apply Display WA #1183 on skl, kbl, and cfl + + * add audio kernel patches for Raven (LP: #1758364) + - ALSA: hda: Add Raven PCI ID + - ALSA: hda/realtek - Fix ALC700 family no sound issue + + * Cpu utilization showing system time for kvm guests (performance) (sysstat) + (LP: #1755979) + - KVM: PPC: Book3S HV: Fix guest time accounting with VIRT_CPU_ACCOUNTING_GEN + + * Kernel panic on a nfsroot system (LP: #1734327) + - Revert "UBUNTU: SAUCE: LSM stacking: add stacking support to apparmor + network hooks" + - Revert "UBUNTU: SAUCE: LSM stacking: LSM: Infrastructure management of the + remaining blobs" + + * can't record sound via front headset port on the Dell Precision 3630 + (LP: #1759088) + - ALSA: hda/realtek - Fix Dell headset Mic can't record + + * speaker can't output sound anymore after system resumes from S3 on a lenovo + machine with alc257 (LP: #1758829) + - ALSA: hda/realtek - Fix speaker no sound after system resume + + * hda driver initialization takes too much time on the machine with coffeelake + audio controller [8086:a348] (LP: #1758800) + - ALSA: hda - Force polling mode on CFL for fixing codec communication + + * Let headset-mode initialization be called on Dell Precision 3930 + (LP: #1757584) + - ALSA: hda/realtek - Add headset mode support for Dell laptop + + * ubuntu_zram_smoke test will cause soft lockup on Artful ThunderX ARM64 + (LP: #1755073) + - SAUCE: crypto: thunderx_zip: Fix fallout from CONFIG_VMAP_STACK + + * [Hyper-V] include kvp fix for Avoid reading past allocated blocks from KVP + file (LP: #1750349) + - hv: kvp: Avoid reading past allocated blocks from KVP file + + * IMA policy parsing is broken in 4.13 (LP: #1755804) + - ima/policy: fix parsing of fsuuid + + * external mic not work on Dell OptiPlex 7460 AIO (LP: #1755954) + - ALSA: hda/realtek - Add headset mode support for Dell laptop + + * sbsa watchdog crashes thunderx2 system (LP: #1755595) + - watchdog: sbsa: use 32-bit read for WCV + + * CVE-2018-8043 + - net: phy: mdio-bcm-unimac: fix potential NULL dereference in + unimac_mdio_probe() + + -- Stefan Bader Thu, 05 Apr 2018 14:47:00 +0200 + +linux (4.13.0-38.43) artful; urgency=medium + + * linux: 4.13.0-38.43 -proposed tracker (LP: #1755762) + + * Servers going OOM after updating kernel from 4.10 to 4.13 (LP: #1748408) + - i40e: Fix memory leak related filter programming status + - i40e: Add programming descriptors to cleaned_count + + * [SRU] Lenovo E41 Mic mute hotkey is not responding (LP: #1753347) + - platform/x86: ideapad-laptop: Increase timeout to wait for EC answer + + * fails to dump with latest kpti fixes (LP: #1750021) + - kdump: write correct address of mem_section into vmcoreinfo + + * headset mic can't be detected on two Dell machines (LP: #1748807) + - ALSA: hda/realtek - Support headset mode for ALC215/ALC285/ALC289 + - ALSA: hda - Fix headset mic detection problem for two Dell machines + - ALSA: hda - Fix a wrong FIXUP for alc289 on Dell machines + + * CIFS SMB2/SMB3 does not work for domain based DFS (LP: #1747572) + - CIFS: make IPC a regular tcon + - CIFS: use tcon_ipc instead of use_ipc parameter of SMB2_ioctl + - CIFS: dump IPC tcon in debug proc file + + * i2c-thunderx: erroneous error message "unhandled state: 0" (LP: #1754076) + - i2c: octeon: Prevent error message on bus error + + * hisi_sas: Add disk LED support (LP: #1752695) + - scsi: hisi_sas: directly attached disk LED feature for v2 hw + + * EDAC, sb_edac: Backport 1 patch to Ubuntu 17.10 (Fix missing DIMM sysfs + entries with KNL SNC2/SNC4 mode) (LP: #1743856) + - EDAC, sb_edac: Fix missing DIMM sysfs entries with KNL SNC2/SNC4 mode + + * [regression] Colour banding and artefacts appear system-wide on an Asus + Zenbook UX303LA with Intel HD 4400 graphics (LP: #1749420) + - drm/edid: Add 6 bpc quirk for CPT panel in Asus UX303LA + + * DVB Card with SAA7146 chipset not working (LP: #1742316) + - vmalloc: fix __GFP_HIGHMEM usage for vmalloc_32 on 32b systems + + * [Asus UX360UA] battery status in unity-panel is not changing when battery is + being charged (LP: #1661876) // AC adapter status not detected on Asus + ZenBook UX410UAK (LP: #1745032) + - ACPI / battery: Add quirk for Asus UX360UA and UX410UAK + + * ASUS UX305LA - Battery state not detected correctly (LP: #1482390) + - ACPI / battery: Add quirk for Asus GL502VSK and UX305LA + + * support thunderx2 vendor pmu events (LP: #1747523) + - perf pmu: Extract function to get JSON alias map + - perf pmu: Pass pmu as a parameter to get_cpuid_str() + - perf tools arm64: Add support for get_cpuid_str function. + - perf pmu: Add helper function is_pmu_core to detect PMU CORE devices + - perf vendor events arm64: Add ThunderX2 implementation defined pmu core + events + - perf pmu: Add check for valid cpuid in perf_pmu__find_map() + + * lpfc.ko module doesn't work (LP: #1746970) + - scsi: lpfc: Fix loop mode target discovery + + * Ubuntu 17.10 crashes on vmalloc.c (LP: #1739498) + - powerpc/mm/book3s64: Make KERN_IO_START a variable + - powerpc/mm/slb: Move comment next to the code it's referring to + - powerpc/mm/hash64: Make vmalloc 56T on hash + + * ethtool -p fails to light NIC LED on HiSilicon D05 systems (LP: #1748567) + - net: hns: add ACPI mode support for ethtool -p + + * CVE-2017-17807 + - KEYS: add missing permission check for request_key() destination + + * [Artful SRU] Fix capsule update regression (LP: #1746019) + - efi/capsule-loader: Reinstate virtual capsule mapping + + * [Artful/Bionic] [Config] enable EDAC_GHES for ARM64 (LP: #1747746) + - Ubuntu: [Config] enable EDAC_GHES for ARM64 + + * linux-tools: perf incorrectly linking libbfd (LP: #1748922) + - SAUCE: tools -- add ability to disable libbfd + - [Packaging] correct disablement of libbfd + + * Cherry pick c96f5471ce7d for delayacct fix (LP: #1747769) + - delayacct: Account blkio completion on the correct task + + * Error in CPU frequency reporting when nominal and min pstates are same + (cpufreq) (LP: #1746174) + - cpufreq: powernv: Dont assume distinct pstate values for nominal and pmin + + * retpoline abi files are empty on i386 (LP: #1751021) + - [Packaging] retpoline-extract -- instantiate retpoline files for i386 + - [Packaging] final-checks -- sanity checking ABI contents + - [Packaging] final-checks -- check for empty retpoline files + + * [P9,Power NV][WSP][Ubuntu 1804] : "Kernel access of bad area " when grouping + different pmu events using perf fuzzer . (perf:) (LP: #1746225) + - powerpc/perf: Fix oops when grouping different pmu events + + * bnx2x_attn_int_deasserted3:4323 MC assert! (LP: #1715519) // + CVE-2018-1000026 + - net: create skb_gso_validate_mac_len() + - bnx2x: disable GSO where gso_size is too big for hardware + + * Ubuntu16.04.03: ISAv3 initialize MMU registers before setting partition + table (LP: #1736145) + - powerpc/64s: Initialize ISAv3 MMU registers before setting partition table + + * powerpc/powernv: Flush console before platform error reboot (LP: #1735159) + - powerpc/powernv: Flush console before platform error reboot + + * Touchpad stops working after a few seconds in Lenovo ideapad 320 + (LP: #1732056) + - pinctrl/amd: fix masking of GPIO interrupts + + * [Artful][Wyse 3040] System hang when trying to enable an offlined CPU core + (LP: #1736393) + - SAUCE: drm/i915:Don't set chip specific data + - SAUCE: drm/i915: make previous commit affects Wyse 3040 only + + * ppc64el: Do not call ibm,os-term on panic (LP: #1736954) + - powerpc: Do not call ppc_md.panic in fadump panic notifier + + * Artful update to 4.13.16 stable release (LP: #1744213) + - tcp_nv: fix division by zero in tcpnv_acked() + - net: vrf: correct FRA_L3MDEV encode type + - tcp: do not mangle skb->cb[] in tcp_make_synack() + - net: systemport: Correct IPG length settings + - netfilter/ipvs: clear ipvs_property flag when SKB net namespace changed + - l2tp: don't use l2tp_tunnel_find() in l2tp_ip and l2tp_ip6 + - bonding: discard lowest hash bit for 802.3ad layer3+4 + - net: cdc_ether: fix divide by 0 on bad descriptors + - net: qmi_wwan: fix divide by 0 on bad descriptors + - qmi_wwan: Add missing skb_reset_mac_header-call + - net: usb: asix: fill null-ptr-deref in asix_suspend + - tcp: gso: avoid refcount_t warning from tcp_gso_segment() + - tcp: fix tcp_fastretrans_alert warning + - vlan: fix a use-after-free in vlan_device_event() + - net/mlx5: Cancel health poll before sending panic teardown command + - net/mlx5e: Set page to null in case dma mapping fails + - af_netlink: ensure that NLMSG_DONE never fails in dumps + - vxlan: fix the issue that neigh proxy blocks all icmpv6 packets + - net: cdc_ncm: GetNtbFormat endian fix + - fealnx: Fix building error on MIPS + - net/sctp: Always set scope_id in sctp_inet6_skb_msgname + - ima: do not update security.ima if appraisal status is not INTEGRITY_PASS + - serial: omap: Fix EFR write on RTS deassertion + - serial: 8250_fintek: Fix finding base_port with activated SuperIO + - tpm-dev-common: Reject too short writes + - rcu: Fix up pending cbs check in rcu_prepare_for_idle + - ocfs2: fix cluster hang after a node dies + - ocfs2: should wait dio before inode lock in ocfs2_setattr() + - ipmi: fix unsigned long underflow + - mm/page_alloc.c: broken deferred calculation + - mm/page_ext.c: check if page_ext is not prepared + - x86/cpu/amd: Derive L3 shared_cpu_map from cpu_llc_shared_mask + - coda: fix 'kernel memory exposure attempt' in fsync + - Linux 4.13.16 + + * Artful update to 4.13.15 stable release (LP: #1744212) + - media: imon: Fix null-ptr-deref in imon_probe + - media: dib0700: fix invalid dvb_detach argument + - crypto: dh - Fix double free of ctx->p + - crypto: dh - Don't permit 'p' to be 0 + - crypto: dh - Don't permit 'key' or 'g' size longer than 'p' + - USB: early: Use new USB product ID and strings for DbC device + - USB: usbfs: compute urb->actual_length for isochronous + - USB: Add delay-init quirk for Corsair K70 LUX keyboards + - usb: gadget: f_fs: Fix use-after-free in ffs_free_inst + - USB: serial: metro-usb: stop I/O after failed open + - USB: serial: Change DbC debug device binding ID + - USB: serial: qcserial: add pid/vid for Sierra Wireless EM7355 fw update + - USB: serial: garmin_gps: fix I/O after failed probe and remove + - USB: serial: garmin_gps: fix memory leak on probe errors + - x86/MCE/AMD: Always give panic severity for UC errors in kernel context + - platform/x86: peaq-wmi: Add DMI check before binding to the WMI interface + - platform/x86: peaq_wmi: Fix missing terminating entry for peaq_dmi_table + - HID: cp2112: add HIDRAW dependency + - HID: wacom: generic: Recognize WACOM_HID_WD_PEN as a type of pen collection + - staging: wilc1000: Fix bssid buffer offset in Txq + - staging: ccree: fix 64 bit scatter/gather DMA ops + - staging: greybus: spilib: fix use-after-free after deregistration + - staging: vboxvideo: Fix reporting invalid suggested-offset-properties + - staging: rtl8188eu: Revert 4 commits breaking ARP + - Linux 4.13.15 + + * time drifting on linux-hwe kernels (LP: #1744988) + - x86/tsc: Future-proof native_calibrate_tsc() + - x86/tsc: Fix erroneous TSC rate on Skylake Xeon + - x86/tsc: Print tsc_khz, when it differs from cpu_khz + + * Please backport vmd suspend/resume patches to 16.04 hwe (LP: #1745508) + - PCI: vmd: Free up IRQs on suspend path + + * CVE-2017-17448 + - netfilter: nfnetlink_cthelper: Add missing permission checks + + * Dell XPS 13 9360 bluetooth (Atheros) won't connect after resume + (LP: #1744712) + - Bluetooth: btusb: Restore QCA Rome suspend/resume fix with a "rewritten" + version + + * [SRU] TrackPoint: middle button doesn't work on TrackPoint-compatible + device. (LP: #1746002) + - Input: trackpoint - force 3 buttons if 0 button is reported + + * TB16 dock ethernet corrupts data with hw checksum silently failing + (LP: #1729674) + - r8152: disable RX aggregation on Dell TB16 dock + + * [Artful] Realtek ALC225: 2 secs noise when a headset plugged in + (LP: #1744058) + - Revert "UBUNTU: SAUCE: ALSA: hda/realtek - Add support headset mode for DELL + WYSE" + - SAUCE: ALSA: hda/realtek - Add support headset mode for DELL WYSE + - ALSA: hda/realtek - update ALC225 depop optimize + + * [A] skb leak in vhost_net / tun / tap (LP: #1738975) + - vhost: fix skb leak in handle_rx() + - tap: free skb if flags error + - tun: free skb in early errors + + * Commit d9018976cdb6 missing in Kernels <4.14.x preventing lasting fix of + Intel SPI bug on certain serial flash (LP: #1742696) + - mfd: lpc_ich: Do not touch SPI-NOR write protection bit on Haswell/Broadwell + - spi-nor: intel-spi: Fix broken software sequencing codes + + * CVE-2018-5332 + - RDS: Heap OOB write in rds_message_alloc_sgs() + + * [A] KVM Windows BSOD on 4.13.x (LP: #1738972) + - KVM: x86: fix APIC page invalidation + + * elantech touchpad of Lenovo L480/580 failed to detect hw_version + (LP: #1733605) + - Input: elantech - add new icbody type 15 + + * [SRU] External HDMI monitor failed to show screen on Lenovo X1 series + (LP: #1738523) + - SAUCE: drm/i915: Disable writing of TMDS_OE on Lenovo ThinkPad X1 series + + * ubuntu/xr-usb-serial didn't get built in zesty and artful (LP: #1733281) + - SAUCE: make sure ubuntu/xr-usb-serial builds for x86 + + * Disabling zfs does not always disable module checks for the zfs modules + (LP: #1737176) + - [Packaging] disable zfs module checks when zfs is disabled + + * CVE-2017-17806 + - crypto: hmac - require that the underlying hash algorithm is unkeyed + + * CVE-2017-17805 + - crypto: salsa20 - fix blkcipher_walk API usage + + * CVE-2017-16994 + - mm/pagewalk.c: report holes in hugetlb ranges + + * CVE-2017-17450 + - netfilter: xt_osf: Add missing permission checks + + * apparmor profile load in stacked policy container fails (LP: #1746463) + - SAUCE: apparmor: fix display of .ns_name for containers + + * CVE-2017-15129 + - net: Fix double free and memory corruption in get_net_ns_by_id() + + * CVE-2018-5344 + - loop: fix concurrent lo_open/lo_release + + * CVE-2017-1000407 + - KVM: VMX: remove I/O port 0x80 bypass on Intel hosts + + * CVE-2017-0861 + - ALSA: pcm: prevent UAF in snd_pcm_info + + * perf stat segfaults on uncore events w/o -a (LP: #1745246) + - perf xyarray: Save max_x, max_y + - perf evsel: Fix buffer overflow while freeing events + + * Support cppc-cpufreq driver on ThunderX2 systems (LP: #1745007) + - mailbox: PCC: Move the MAX_PCC_SUBSPACES definition to header file + - ACPI / CPPC: Make CPPC ACPI driver aware of PCC subspace IDs + - ACPI / CPPC: Fix KASAN global out of bounds warning + - ACPI: CPPC: remove initial assignment of pcc_ss_data + + * P-state not working in kernel 4.13 (LP: #1743269) + - x86 / CPU: Avoid unnecessary IPIs in arch_freq_get_on_cpu() + - x86 / CPU: Always show current CPU frequency in /proc/cpuinfo + + * Regression: KVM no longer supports Intel CPUs without Virtual NMI + (LP: #1741655) + - kvm: vmx: Reinstate support for CPUs without virtual NMI + + * System hang with Linux kernel due to mainline commit 24247aeeabe + (LP: #1733662) + - x86/intel_rdt/cqm: Prevent use after free + + * $(LOCAL_ENV_CC) and $(LOCAL_ENV_DISTCC_HOSTS) should be properly quoted + (LP: #1744077) + - [Debian] pass LOCAL_ENV_CC and LOCAL_ENV_DISTCC_HOSTS properly + + * the wifi driver is always hard blocked on a lenovo laptop (LP: #1743672) + - ACPI: EC: Fix possible issues related to EC initialization order + + * text VTs are unavailable on desktop after upgrade to Ubuntu 17.10 + (LP: #1724911) + - drm/i915/fbdev: Always forward hotplug events + + * Samsung SSD 960 EVO 500GB refused to change power state (LP: #1705748) + - nvme-pci: disable APST on Samsung SSD 960 EVO + ASUS PRIME B350M-A + + * [0cf3:e010] QCA6174A XR failed to pair with bt 4.0 device (LP: #1741166) + - Bluetooth: btusb: Add support for 0cf3:e010 + + * CVE-2017-17741 + - KVM: Fix stack-out-of-bounds read in write_mmio + + * CVE-2018-5333 + - RDS: null pointer dereference in rds_atomic_free_op + + * [800 G3 SFF] [800 G3 DM]External microphone of headset(3-ring) is working, + 2-ring mic not working, both not shown in sound settings (LP: #1740974) + - ALSA: hda - Add MIC_NO_PRESENCE fixup for 2 HP machines + + * Two front mics can't work on a lenovo machine (LP: #1740973) + - ALSA: hda - change the location for one mic on a Lenovo machine + + * No external microphone be detected via headset jack on a dell machine + (LP: #1740972) + - ALSA: hda - fix headset mic detection issue on a Dell machine + + * Can't detect external headset via line-out jack on some Dell machines + (LP: #1740971) + - ALSA: hda/realtek - Fix Dell AIO LineOut issue + + * Support realtek new codec alc257 in the alsa hda driver (LP: #1738911) + - ALSA: hda/realtek - New codec support for ALC257 + + * Add support for 16g huge pages on Ubuntu 16.04.2 PowerNV (LP: #1706247) + - powerpc/mm/hugetlb: Allow runtime allocation of 16G. + - powerpc/mm/hugetlb: Add support for reserving gigantic huge pages via kernel + command line + - mm/hugetlb: Allow arch to override and call the weak function + + * the kernel is blackholing IPv6 packets to linkdown nexthops (LP: #1738219) + - ipv6: Do not consider linkdown nexthops during multipath + + * e1000e in 4.4.0-97-generic breaks 82574L under heavy load. (LP: #1730550) + - e1000e: Avoid receiver overrun interrupt bursts + - e1000e: Separate signaling for link check/link up + + * Ubuntu 17.10: Include patch "crypto: vmx - Use skcipher for ctr fallback" + (LP: #1732978) + - crypto: vmx - Use skcipher for ctr fallback + + * QCA Rome bluetooth can not wakeup after USB runtime suspended. + (LP: #1737890) + - Bluetooth: btusb: driver to enable the usb-wakeup feature + + * /dev/bcache/by-uuid links not created after reboot (LP: #1729145) + - SAUCE: (no-up) bcache: decouple emitting a cached_dev CHANGE uevent + + * Some VMs fail to reboot with "watchdog: BUG: soft lockup - CPU#0 stuck for + 22s! [systemd:1]" (LP: #1730717) + - SAUCE: exec: fix lockup because retry loop may never exit + + * Request to backport cxlflash patches to 16.04 HWE Kernel (LP: #1730515) + - scsi: cxlflash: Use derived maximum write same length + - scsi: cxlflash: Allow cards without WWPN VPD to configure + - scsi: cxlflash: Derive pid through accessors + + * vagrant artful64 box filesystem too small (LP: #1726818) + - block: factor out __blkdev_issue_zero_pages() + - block: cope with WRITE ZEROES failing in blkdev_issue_zeroout() + + * Artful update to 4.13.14 stable release (LP: #1744121) + - ppp: fix race in ppp device destruction + - gso: fix payload length when gso_size is zero + - ipv4: Fix traffic triggered IPsec connections. + - ipv6: Fix traffic triggered IPsec connections. + - netlink: do not set cb_running if dump's start() errs + - net: call cgroup_sk_alloc() earlier in sk_clone_lock() + - macsec: fix memory leaks when skb_to_sgvec fails + - l2tp: check ps->sock before running pppol2tp_session_ioctl() + - netlink: fix netlink_ack() extack race + - sctp: add the missing sock_owned_by_user check in sctp_icmp_redirect + - tcp/dccp: fix ireq->opt races + - packet: avoid panic in packet_getsockopt() + - geneve: Fix function matching VNI and tunnel ID on big-endian + - net: bridge: fix returning of vlan range op errors + - soreuseport: fix initialization race + - ipv6: flowlabel: do not leave opt->tot_len with garbage + - sctp: full support for ipv6 ip_nonlocal_bind & IP_FREEBIND + - tcp/dccp: fix lockdep splat in inet_csk_route_req() + - tcp/dccp: fix other lockdep splats accessing ireq_opt + - net: dsa: check master device before put + - net/unix: don't show information about sockets from other namespaces + - tap: double-free in error path in tap_open() + - net/mlx5: Fix health work queue spin lock to IRQ safe + - net/mlx5e: Properly deal with encap flows add/del under neigh update + - ipip: only increase err_count for some certain type icmp in ipip_err + - ip6_gre: only increase err_count for some certain type icmpv6 in ip6gre_err + - ip6_gre: update dst pmtu if dev mtu has been updated by toobig in + __gre6_xmit + - tcp: refresh tp timestamp before tcp_mtu_probe() + - tap: reference to KVA of an unloaded module causes kernel panic + - sctp: reset owner sk for data chunks on out queues when migrating a sock + - net_sched: avoid matching qdisc with zero handle + - l2tp: hold tunnel in pppol2tp_connect() + - ipv6: addrconf: increment ifp refcount before ipv6_del_addr() + - tcp: fix tcp_mtu_probe() vs highest_sack + - mac80211: accept key reinstall without changing anything + - mac80211: use constant time comparison with keys + - mac80211: don't compare TKIP TX MIC key in reinstall prevention + - usb: usbtest: fix NULL pointer dereference + - Input: ims-psu - check if CDC union descriptor is sane + - EDAC, sb_edac: Don't create a second memory controller if HA1 is not present + - dmaengine: dmatest: warn user when dma test times out + - Linux 4.13.14 + + -- Stefan Bader Wed, 14 Mar 2018 11:38:23 +0100 + +linux (4.13.0-37.42) artful; urgency=medium + + * linux: 4.13.0-37.42 -proposed tracker (LP: #1751798) + + * CVE-2017-5715 // CVE-2017-5753 // CVE-2017-5754 + - arm64: Add ASM_BUG() + - arm64: consistently use bl for C exception entry + - arm64: move non-entry code out of .entry.text + - arm64: unwind: avoid percpu indirection for irq stack + - arm64: unwind: disregard frame.sp when validating frame pointer + - arm64: mm: Fix set_memory_valid() declaration + - arm64: Convert __inval_cache_range() to area-based + - arm64: Expose DC CVAP to userspace + - arm64: Handle trapped DC CVAP + - arm64: Implement pmem API support + - arm64: uaccess: Implement *_flushcache variants + - arm64/vdso: Support mremap() for vDSO + - arm64: unwind: reference pt_regs via embedded stack frame + - arm64: unwind: remove sp from struct stackframe + - arm64: uaccess: Add the uaccess_flushcache.c file + - arm64: fix pmem interface definition + - arm64: compat: Remove leftover variable declaration + - fork: allow arch-override of VMAP stack alignment + - arm64: kernel: remove {THREAD,IRQ_STACK}_START_SP + - arm64: factor out PAGE_* and CONT_* definitions + - arm64: clean up THREAD_* definitions + - arm64: clean up irq stack definitions + - arm64: move SEGMENT_ALIGN to + - efi/arm64: add EFI_KIMG_ALIGN + - arm64: factor out entry stack manipulation + - arm64: assembler: allow adr_this_cpu to use the stack pointer + - arm64: use an irq stack pointer + - arm64: add basic VMAP_STACK support + - arm64: add on_accessible_stack() + - arm64: add VMAP_STACK overflow detection + - arm64: Convert pte handling from inline asm to using (cmp)xchg + - kvm: arm64: Convert kvm_set_s2pte_readonly() from inline asm to cmpxchg() + - arm64: Move PTE_RDONLY bit handling out of set_pte_at() + - arm64: Ignore hardware dirty bit updates in ptep_set_wrprotect() + - arm64: Remove the !CONFIG_ARM64_HW_AFDBM alternative code paths + - arm64: introduce separated bits for mm_context_t flags + - arm64: cleanup {COMPAT_,}SET_PERSONALITY() macro + - KVM: arm/arm64: Fix guest external abort matching + - KVM: arm/arm64: vgic: constify seq_operations and file_operations + - KVM: arm/arm64: vITS: Drop its_ite->lpi field + - KVM: arm/arm64: Extract GICv3 max APRn index calculation + - KVM: arm/arm64: Support uaccess of GICC_APRn + - arm64: Use larger stacks when KASAN is selected + - arm64: Define cputype macros for Falkor CPU + - arm64: SW PAN: Point saved ttbr0 at the zero page when switching to init_mm + - arm64: SW PAN: Update saved ttbr0 value on enter_lazy_tlb + - x86/syscalls: Check address limit on user-mode return + - arm/syscalls: Check address limit on user-mode return + - arm64/syscalls: Check address limit on user-mode return + - Revert "arm/syscalls: Check address limit on user-mode return" + - syscalls: Use CHECK_DATA_CORRUPTION for addr_limit_user_check + - arm/syscalls: Optimize address limit check + - arm64/syscalls: Move address limit check in loop + - futex: Remove duplicated code and fix undefined behaviour + - arm64: KVM: Fix SMCCC handling of unimplemented SMC/HVC calls + - arm64: syscallno is secretly an int, make it official + - arm64: move TASK_* definitions to + - arm64: mm: Use non-global mappings for kernel space + - arm64: mm: Temporarily disable ARM64_SW_TTBR0_PAN + - arm64: mm: Move ASID from TTBR0 to TTBR1 + - arm64: mm: Remove pre_ttbr0_update_workaround for Falkor erratum #E1003 + - arm64: mm: Rename post_ttbr0_update_workaround + - arm64: mm: Fix and re-enable ARM64_SW_TTBR0_PAN + - arm64: mm: Allocate ASIDs in pairs + - arm64: mm: Add arm64_kernel_unmapped_at_el0 helper + - arm64: mm: Invalidate both kernel and user ASIDs when performing TLBI + - arm64: entry: Add exception trampoline page for exceptions from EL0 + - arm64: mm: Map entry trampoline into trampoline and kernel page tables + - arm64: entry: Explicitly pass exception level to kernel_ventry macro + - arm64: entry: Hook up entry trampoline to exception vectors + - arm64: erratum: Work around Falkor erratum #E1003 in trampoline code + - arm64: cpu_errata: Add Kryo to Falkor 1003 errata + - arm64: tls: Avoid unconditional zeroing of tpidrro_el0 for native tasks + - arm64: entry: Add fake CPU feature for unmapping the kernel at EL0 + - arm64: kaslr: Put kernel vectors address in separate data page + - arm64: use RET instruction for exiting the trampoline + - arm64: Kconfig: Add CONFIG_UNMAP_KERNEL_AT_EL0 + - arm64: Kconfig: Reword UNMAP_KERNEL_AT_EL0 kconfig entry + - arm64: Take into account ID_AA64PFR0_EL1.CSV3 + - arm64: capabilities: Handle duplicate entries for a capability + - arm64: mm: Introduce TTBR_ASID_MASK for getting at the ASID in the TTBR + - arm64: kpti: Fix the interaction between ASID switching and software PAN + - arm64: cputype: Add MIDR values for Cavium ThunderX2 CPUs + - arm64: Turn on KPTI only on CPUs that need it + - arm64: kpti: Make use of nG dependent on arm64_kernel_unmapped_at_el0() + - arm64: mm: Permit transitioning from Global to Non-Global without BBM + - arm64: kpti: Add ->enable callback to remap swapper using nG mappings + - arm64: Force KPTI to be disabled on Cavium ThunderX + - arm64: entry: Reword comment about post_ttbr_update_workaround + - arm64: idmap: Use "awx" flags for .idmap.text .pushsection directives + - arm64: barrier: Add CSDB macros to control data-value prediction + - arm64: Implement array_index_mask_nospec() + - arm64: Make USER_DS an inclusive limit + - arm64: Use pointer masking to limit uaccess speculation + - arm64: entry: Ensure branch through syscall table is bounded under + speculation + - arm64: uaccess: Prevent speculative use of the current addr_limit + - arm64: uaccess: Don't bother eliding access_ok checks in __{get, put}_user + - arm64: uaccess: Mask __user pointers for __arch_{clear, copy_*}_user + - arm64: futex: Mask __user pointers prior to dereference + - arm64: cpufeature: __this_cpu_has_cap() shouldn't stop early + - arm64: Run enable method for errata work arounds on late CPUs + - arm64: cpufeature: Pass capability structure to ->enable callback + - drivers/firmware: Expose psci_get_version through psci_ops structure + - arm64: Move post_ttbr_update_workaround to C code + - arm64: Add skeleton to harden the branch predictor against aliasing attacks + - arm64: Move BP hardening to check_and_switch_context + - arm64: KVM: Use per-CPU vector when BP hardening is enabled + - arm64: entry: Apply BP hardening for high-priority synchronous exceptions + - arm64: entry: Apply BP hardening for suspicious interrupts from EL0 + - arm64: cputype: Add missing MIDR values for Cortex-A72 and Cortex-A75 + - arm64: Implement branch predictor hardening for affected Cortex-A CPUs + - arm64: Implement branch predictor hardening for Falkor + - arm64: Branch predictor hardening for Cavium ThunderX2 + - arm64: KVM: Increment PC after handling an SMC trap + - arm/arm64: KVM: Consolidate the PSCI include files + - arm/arm64: KVM: Add PSCI_VERSION helper + - arm/arm64: KVM: Add smccc accessors to PSCI code + - arm/arm64: KVM: Implement PSCI 1.0 support + - arm/arm64: KVM: Advertise SMCCC v1.1 + - arm64: KVM: Make PSCI_VERSION a fast path + - arm/arm64: KVM: Turn kvm_psci_version into a static inline + - arm64: KVM: Report SMCCC_ARCH_WORKAROUND_1 BP hardening support + - arm64: KVM: Add SMCCC_ARCH_WORKAROUND_1 fast handling + - firmware/psci: Expose PSCI conduit + - firmware/psci: Expose SMCCC version through psci_ops + - arm/arm64: smccc: Make function identifiers an unsigned quantity + - arm/arm64: smccc: Implement SMCCC v1.1 inline primitive + - arm64: Add ARM_SMCCC_ARCH_WORKAROUND_1 BP hardening support + - arm64: Kill PSCI_GET_VERSION as a variant-2 workaround + - [Config] UNMAP_KERNEL_AT_EL0=y && HARDEN_BRANCH_PREDICTOR=y + - SAUCE: arm64: __idmap_cpu_set_reserved_ttbr1: fix !ARM64_PA_BITS_52 logic + - arm64: Add missing Falkor part number for branch predictor hardening + - arm64: mm: fix thinko in non-global page table attribute check + + * linux-image-4.13.0-26-generic / linux-image-extra-4.13.0-26-generic fail to + boot (LP: #1742721) + - staging: sm750fb: Fix parameter mistake in poke32 + + -- Kleber Sacilotto de Souza Wed, 07 Mar 2018 12:20:00 +0100 + +linux (4.13.0-36.40) artful; urgency=medium + + * linux: 4.13.0-36.40 -proposed tracker (LP: #1750010) + + * Rebuild without "CVE-2017-5754 ARM64 KPTI fixes" patch set + + -- Khalid Elmously Fri, 16 Feb 2018 12:49:24 -0500 + +linux (4.13.0-35.39) artful; urgency=medium + + * linux: 4.13.0-35.39 -proposed tracker (LP: #1748743) + + * CVE-2017-5715 (Spectre v2 Intel) + - Revert "UBUNTU: SAUCE: turn off IBPB when full retpoline is present" + - SAUCE: turn off IBRS when full retpoline is present + - [Packaging] retpoline files must be sorted + - [Packaging] pull in retpoline files + + -- Kleber Sacilotto de Souza Mon, 12 Feb 2018 11:28:27 +0100 + +linux (4.13.0-34.37) artful; urgency=medium + + * linux: 4.13.0-34.37 -proposed tracker (LP: #1748475) + + * libata: apply MAX_SEC_1024 to all LITEON EP1 series devices (LP: #1743053) + - libata: apply MAX_SEC_1024 to all LITEON EP1 series devices + + * KVM patches for s390x to provide facility bits 81 (ppa15) and 82 (bpb) + (LP: #1747090) + - KVM: s390: wire up bpb feature + + * artful 4.13 i386 kernels crash after memory hotplug remove (LP: #1747069) + - Revert "mm, memory_hotplug: do not associate hotadded memory to zones until + online" + + * CVE-2017-5715 (Spectre v2 Intel) + - x86/feature: Enable the x86 feature to control Speculation + - x86/feature: Report presence of IBPB and IBRS control + - x86/enter: MACROS to set/clear IBRS and set IBPB + - x86/enter: Use IBRS on syscall and interrupts + - x86/idle: Disable IBRS entering idle and enable it on wakeup + - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup + - x86/mm: Set IBPB upon context switch + - x86/mm: Only set IBPB when the new thread cannot ptrace current thread + - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform + - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm + - x86/kvm: Set IBPB when switching VM + - x86/kvm: Toggle IBRS on VM entry and exit + - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature + - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control + - x86/cpu/AMD: Add speculative control support for AMD + - x86/microcode: Extend post microcode reload to support IBPB feature + - KVM: SVM: Do not intercept new speculative control MSRs + - x86/svm: Set IBRS value on VM entry and exit + - x86/svm: Set IBPB when running a different VCPU + - KVM: x86: Add speculative control CPUID support for guests + - SAUCE: turn off IBPB when full retpoline is present + + * Artful 4.13 fixes for tun (LP: #1748846) + - tun: call dev_get_valid_name() before register_netdevice() + - tun: allow positive return values on dev_get_valid_name() call + - tun/tap: sanitize TUNSETSNDBUF input + + * boot failure on AMD Raven + WestonXT (LP: #1742759) + - SAUCE: drm/amdgpu: add atpx quirk handling (v2) + + -- Khalid Elmously Fri, 09 Feb 2018 14:42:56 -0500 + +linux (4.13.0-33.36) artful; urgency=low + + * linux: 4.13.0-33.36 -proposed tracker (LP: #1746903) + + [ Stefan Bader ] + * starting VMs causing retpoline4 to reboot (LP: #1747507) // CVE-2017-5715 + (Spectre v2 retpoline) + - x86/retpoline: Fill RSB on context switch for affected CPUs + - x86/retpoline: Add LFENCE to the retpoline/RSB filling RSB macros + - x86/retpoline: Optimize inline assembler for vmexit_fill_RSB + - x86/retpoline: Remove the esp/rsp thunk + - x86/retpoline: Simplify vmexit_fill_RSB() + + * Missing install-time driver for QLogic QED 25/40/100Gb Ethernet NIC + (LP: #1743638) + - [d-i] Add qede to nic-modules udeb + + * hisi_sas: driver robustness fixes (LP: #1739807) + - scsi: hisi_sas: fix reset and port ID refresh issues + - scsi: hisi_sas: avoid potential v2 hw interrupt issue + - scsi: hisi_sas: fix v2 hw underflow residual value + - scsi: hisi_sas: add v2 hw DFX feature + - scsi: hisi_sas: add irq and tasklet cleanup in v2 hw + - scsi: hisi_sas: service interrupt ITCT_CLR interrupt in v2 hw + - scsi: hisi_sas: fix internal abort slot timeout bug + - scsi: hisi_sas: us start_phy in PHY_FUNC_LINK_RESET + - scsi: hisi_sas: fix NULL check in SMP abort task path + - scsi: hisi_sas: fix the risk of freeing slot twice + - scsi: hisi_sas: kill tasklet when destroying irq in v3 hw + - scsi: hisi_sas: complete all tasklets prior to host reset + + * [Artful/Zesty] ACPI APEI error handling bug fixes (LP: #1732990) + - ACPI: APEI: fix the wrong iteration of generic error status block + - ACPI / APEI: clear error status before acknowledging the error + + * [Zesty/Artful] On ARM64 PCIE physical function passthrough guest fails to + boot (LP: #1732804) + - vfio/pci: Virtualize Maximum Payload Size + - vfio/pci: Virtualize Maximum Read Request Size + + * hisi_sas: Add ATA command support for SMR disks (LP: #1739891) + - scsi: hisi_sas: support zone management commands + + * thunderx2: i2c driver PEC and ACPI clock fixes (LP: #1738073) + - ACPI / APD: Add clock frequency for ThunderX2 I2C controller + - i2c: xlp9xx: Get clock frequency with clk API + - i2c: xlp9xx: Handle I2C_M_RECV_LEN in msg->flags + + * Falkor erratum 1041 needs workaround (LP: #1738497) + - [Config] CONFIG_QCOM_FALKOR_ERRATUM_E1041=y + - arm64: Add software workaround for Falkor erratum 1041 + + * ThunderX: TX failure unless checksum offload disabled (LP: #1736593) + - net: thunderx: Fix TCP/UDP checksum offload for IPv6 pkts + - net: thunderx: Fix TCP/UDP checksum offload for IPv4 pkts + + * arm64/thunderx: Unhandled context faults in ACPI mode (LP: #1736774) + - PCI: Set Cavium ACS capability quirk flags to assert RR/CR/SV/UF + - PCI: Apply Cavium ThunderX ACS quirk to more Root Ports + + * arm64: Unfair rwlock can stall the system (LP: #1732238) + - locking/qrwlock: Use 'struct qrwlock' instead of 'struct __qrwlock' + - locking/atomic: Add atomic_cond_read_acquire() + - locking/qrwlock: Use atomic_cond_read_acquire() when spinning in qrwlock + - locking/qrwlock, arm64: Move rwlock implementation over to qrwlocks + - locking/qrwlock: Prevent slowpath writers getting held up by fastpath + + * Shutdown hang on 16.04 with iscsi targets (LP: #1569925) + - scsi: libiscsi: Allow sd_shutdown on bad transport + + * bt_iter() crash due to NULL pointer (LP: #1744300) + - blk-mq-tag: check for NULL rq when iterating tags + + * hisilicon hibmc regression due to ea642c3216cb ("drm/ttm: add io_mem_pfn + callback") (LP: #1738334) + - SAUCE: drm: hibmc: Initialize the hibmc_bo_driver.io_mem_pfn + + * CVE-2017-5754 ARM64 KPTI fixes + - arm64: Add ASM_BUG() + - arm64: consistently use bl for C exception entry + - arm64: syscallno is secretly an int, make it official + - arm64: Abstract syscallno manipulation + - arm64: move non-entry code out of .entry.text + - arm64: unwind: avoid percpu indirection for irq stack + - arm64: unwind: disregard frame.sp when validating frame pointer + - arm64: mm: Fix set_memory_valid() declaration + - arm64: Convert __inval_cache_range() to area-based + - arm64: Expose DC CVAP to userspace + - arm64: Handle trapped DC CVAP + - arm64: Implement pmem API support + - arm64: uaccess: Implement *_flushcache variants + - arm64/vdso: Support mremap() for vDSO + - arm64: unwind: reference pt_regs via embedded stack frame + - arm64: unwind: remove sp from struct stackframe + - arm64: uaccess: Add the uaccess_flushcache.c file + - arm64: fix pmem interface definition + - arm64: compat: Remove leftover variable declaration + - fork: allow arch-override of VMAP stack alignment + - arm64: kernel: remove {THREAD,IRQ_STACK}_START_SP + - arm64: factor out PAGE_* and CONT_* definitions + - arm64: clean up THREAD_* definitions + - arm64: clean up irq stack definitions + - arm64: move SEGMENT_ALIGN to + - efi/arm64: add EFI_KIMG_ALIGN + - arm64: factor out entry stack manipulation + - arm64: assembler: allow adr_this_cpu to use the stack pointer + - arm64: use an irq stack pointer + - arm64: add basic VMAP_STACK support + - arm64: add on_accessible_stack() + - arm64: add VMAP_STACK overflow detection + - arm64: Convert pte handling from inline asm to using (cmp)xchg + - kvm: arm64: Convert kvm_set_s2pte_readonly() from inline asm to cmpxchg() + - arm64: Move PTE_RDONLY bit handling out of set_pte_at() + - arm64: Ignore hardware dirty bit updates in ptep_set_wrprotect() + - arm64: Remove the !CONFIG_ARM64_HW_AFDBM alternative code paths + - arm64: introduce separated bits for mm_context_t flags + - arm64: cleanup {COMPAT_,}SET_PERSONALITY() macro + - KVM: arm/arm64: Fix guest external abort matching + - KVM: arm/arm64: vgic: constify seq_operations and file_operations + - KVM: arm/arm64: vITS: Drop its_ite->lpi field + - KVM: arm/arm64: Extract GICv3 max APRn index calculation + - KVM: arm/arm64: Support uaccess of GICC_APRn + - arm64: move TASK_* definitions to + - arm64: Use larger stacks when KASAN is selected + - arm64: sysreg: Move SPE registers and PSB into common header files + - arm64: head: Init PMSCR_EL2.{PA,PCT} when entered at EL2 without VHE + - arm64: Update fault_info table with new exception types + - arm64: Use existing defines for mdscr + - arm64: Fix single stepping in kernel traps + - arm64: asm-bug: Renumber macro local labels to avoid clashes + - arm64: Implement arch-specific pte_access_permitted() + - arm64: explicitly mask all exceptions + - arm64: introduce an order for exceptions + - arm64: Move the async/fiq helpers to explicitly set process context flags + - arm64: Mask all exceptions during kernel_exit + - arm64: entry.S: Remove disable_dbg + - arm64: entry.S: convert el1_sync + - arm64: entry.S convert el0_sync + - arm64: entry.S: convert elX_irq + - arm64: entry.S: move SError handling into a C function for future expansion + - arm64: pgd: Mark pgd_cache as __ro_after_init + - arm64: cpu_ops: Add missing 'const' qualifiers + - arm64: context: Fix comments and remove pointless smp_wmb() + - arm64: SW PAN: Point saved ttbr0 at the zero page when switching to init_mm + - arm64: SW PAN: Update saved ttbr0 value on enter_lazy_tlb + - arm64: Expose support for optional ARMv8-A features + - arm64: KVM: Hide unsupported AArch64 CPU features from guests + - arm64: mm: Use non-global mappings for kernel space + - arm64: mm: Temporarily disable ARM64_SW_TTBR0_PAN + - arm64: mm: Move ASID from TTBR0 to TTBR1 + - arm64: mm: Remove pre_ttbr0_update_workaround for Falkor erratum #E1003 + - arm64: mm: Rename post_ttbr0_update_workaround + - arm64: mm: Fix and re-enable ARM64_SW_TTBR0_PAN + - arm64: mm: Allocate ASIDs in pairs + - arm64: mm: Add arm64_kernel_unmapped_at_el0 helper + - arm64: mm: Invalidate both kernel and user ASIDs when performing TLBI + - arm64: entry: Add exception trampoline page for exceptions from EL0 + - arm64: mm: Map entry trampoline into trampoline and kernel page tables + - arm64: entry: Explicitly pass exception level to kernel_ventry macro + - arm64: entry: Hook up entry trampoline to exception vectors + - arm64: erratum: Work around Falkor erratum #E1003 in trampoline code + - arm64: tls: Avoid unconditional zeroing of tpidrro_el0 for native tasks + - arm64: entry: Add fake CPU feature for unmapping the kernel at EL0 + - arm64: Kconfig: Add CONFIG_UNMAP_KERNEL_AT_EL0 + - arm64: mm: Introduce TTBR_ASID_MASK for getting at the ASID in the TTBR + - arm64: kaslr: Put kernel vectors address in separate data page + - arm64: use RET instruction for exiting the trampoline + - arm64: Kconfig: Reword UNMAP_KERNEL_AT_EL0 kconfig entry + - arm64: Fix the feature type for ID register fields + - arm64: Take into account ID_AA64PFR0_EL1.CSV3 + - arm64: cpufeature: Pass capability structure to ->enable callback + - drivers/firmware: Expose psci_get_version through psci_ops structure + - arm64: Move post_ttbr_update_workaround to C code + - arm64: Add skeleton to harden the branch predictor against aliasing attacks + - arm64: KVM: Use per-CPU vector when BP hardening is enabled + - arm64: KVM: Make PSCI_VERSION a fast path + - arm64: cputype: Add missing MIDR values for Cortex-A72 and Cortex-A75 + - arm64: Implement branch predictor hardening for affected Cortex-A CPUs + - arm64: Define cputype macros for Falkor CPU + - arm64: Implement branch predictor hardening for Falkor + - arm64: cputype: Add MIDR values for Cavium ThunderX2 CPUs + - bpf: inline map in map lookup functions for array and htab + - bpf: perf event change needed for subsequent bpf helpers + - bpf: do not test for PCPU_MIN_UNIT_SIZE before percpu allocations + - arm64: Branch predictor hardening for Cavium ThunderX2 + - arm64: capabilities: Handle duplicate entries for a capability + - arm64: kpti: Fix the interaction between ASID switching and software PAN + - SAUCE: arm: Add BTB invalidation on switch_mm for Cortex-A9, A12 and A17 + - SAUCE: arm: Invalidate BTB on prefetch abort outside of user mapping on + Cortex A8, A9, A12 and A17 + - SAUCE: arm: KVM: Invalidate BTB on guest exit + - SAUCE: arm: Add icache invalidation on switch_mm for Cortex-A15 + - SAUCE: arm: Invalidate icache on prefetch abort outside of user mapping on + Cortex-A15 + - SAUCE: arm: KVM: Invalidate icache on guest exit for Cortex-A15 + - SAUCE: asm-generic/barrier: add generic nospec helpers + - SAUCE: Documentation: document nospec helpers + - SAUCE: arm64: implement nospec_{load,ptr}() + - SAUCE: arm: implement nospec_ptr() + - SAUCE: bpf: inhibit speculated out-of-bounds pointers + - SAUCE: arm64: Implement branch predictor hardening for Falkor + - SAUCE: arm64: Branch predictor hardening for Cavium ThunderX2 + - [Config] UNMAP_KERNEL_AT_EL0=y && HARDEN_BRANCH_PREDICTOR=y + + * [artful] panic in update_stack_state when reading /proc//stack on i386 + (LP: #1747263) + - x86/unwind: Fix dereference of untrusted pointer + + * CVE-2017-5753 (Spectre v1 Intel) + - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature + - SAUCE: reinstate MFENCE_RDTSC feature definition + - locking/barriers: introduce new observable speculation barrier + - bpf: prevent speculative execution in eBPF interpreter + - x86, bpf, jit: prevent speculative execution when JIT is enabled + - SAUCE: FIX: x86, bpf, jit: prevent speculative execution when JIT is enabled + - uvcvideo: prevent speculative execution + - carl9170: prevent speculative execution + - p54: prevent speculative execution + - qla2xxx: prevent speculative execution + - cw1200: prevent speculative execution + - Thermal/int340x: prevent speculative execution + - ipv4: prevent speculative execution + - ipv6: prevent speculative execution + - fs: prevent speculative execution + - net: mpls: prevent speculative execution + - udf: prevent speculative execution + - userns: prevent speculative execution + - SAUCE: powerpc: add osb barrier + - SAUCE: s390/spinlock: add osb memory barrier + - SAUCE: claim mitigation via observable speculation barrier + + * CVE-2017-5715 (Spectre v2 retpoline) + - x86/asm: Fix inline asm call constraints for Clang + - kvm: vmx: Scrub hardware GPRs at VM-exit + - sysfs/cpu: Add vulnerability folder + - x86/cpu: Implement CPU vulnerabilites sysfs functions + - x86/tboot: Unbreak tboot with PTI enabled + - objtool: Detect jumps to retpoline thunks + - objtool: Allow alternatives to be ignored + - x86/retpoline: Add initial retpoline support + - x86/spectre: Add boot time option to select Spectre v2 mitigation + - x86/retpoline/crypto: Convert crypto assembler indirect jumps + - x86/retpoline/entry: Convert entry assembler indirect jumps + - x86/retpoline/ftrace: Convert ftrace assembler indirect jumps + - x86/retpoline/hyperv: Convert assembler indirect jumps + - x86/retpoline/xen: Convert Xen hypercall indirect jumps + - x86/retpoline/checksum32: Convert assembler indirect jumps + - x86/retpoline/irq32: Convert assembler indirect jumps + - x86/retpoline: Fill return stack buffer on vmexit + - selftests/x86: Add test_vsyscall + - x86/pti: Fix !PCID and sanitize defines + - security/Kconfig: Correct the Documentation reference for PTI + - x86,perf: Disable intel_bts when PTI + - x86/retpoline: Remove compile time warning + - [Config] enable CONFIG_GENERIC_CPU_VULNERABILITIES + - [Config] enable CONFIG_RETPOLINE + - [Packaging] retpoline -- add call site validation + - [Config] disable retpoline checks for first upload + + * CVE-2017-5715 (revert embargoed) // CVE-2017-5753 (revert embargoed) + - Revert "UBUNTU: SAUCE: x86/entry: Fix up retpoline assembler labels" + - Revert "kvm: vmx: Scrub hardware GPRs at VM-exit" + - Revert "Revert "x86/svm: Add code to clear registers on VM exit"" + - Revert "UBUNTU: SAUCE: x86/microcode: Extend post microcode reload to + support IBPB feature -- repair missmerge" + - Revert "UBUNTU: SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit" + - Revert "s390/spinlock: add gmb memory barrier" + - Revert "powerpc: add gmb barrier" + - Revert "x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature" + - Revert "x86/svm: Add code to clear registers on VM exit" + - Revert "x86/svm: Add code to clobber the RSB on VM exit" + - Revert "KVM: x86: Add speculative control CPUID support for guests" + - Revert "x86/svm: Set IBPB when running a different VCPU" + - Revert "x86/svm: Set IBRS value on VM entry and exit" + - Revert "KVM: SVM: Do not intercept new speculative control MSRs" + - Revert "x86/microcode: Extend post microcode reload to support IBPB feature" + - Revert "x86/cpu/AMD: Add speculative control support for AMD" + - Revert "x86/entry: Use retpoline for syscall's indirect calls" + - Revert "x86/syscall: Clear unused extra registers on 32-bit compatible + syscall entrance" + - Revert "x86/syscall: Clear unused extra registers on syscall entrance" + - Revert "x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb + control" + - Revert "x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature" + - Revert "x86/kvm: Pad RSB on VM transition" + - Revert "x86/kvm: Toggle IBRS on VM entry and exit" + - Revert "x86/kvm: Set IBPB when switching VM" + - Revert "x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm" + - Revert "x86/entry: Stuff RSB for entry to kernel for non-SMEP platform" + - Revert "x86/mm: Only set IBPB when the new thread cannot ptrace current + thread" + - Revert "x86/mm: Set IBPB upon context switch" + - Revert "x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup" + - Revert "x86/idle: Disable IBRS entering idle and enable it on wakeup" + - Revert "x86/enter: Use IBRS on syscall and interrupts" + - Revert "x86/enter: MACROS to set/clear IBRS and set IBPB" + - Revert "x86/feature: Report presence of IBPB and IBRS control" + - Revert "x86/feature: Enable the x86 feature to control Speculation" + - Revert "udf: prevent speculative execution" + - Revert "net: mpls: prevent speculative execution" + - Revert "fs: prevent speculative execution" + - Revert "ipv6: prevent speculative execution" + - Revert "userns: prevent speculative execution" + - Revert "Thermal/int340x: prevent speculative execution" + - Revert "cw1200: prevent speculative execution" + - Revert "qla2xxx: prevent speculative execution" + - Revert "p54: prevent speculative execution" + - Revert "carl9170: prevent speculative execution" + - Revert "uvcvideo: prevent speculative execution" + - Revert "x86, bpf, jit: prevent speculative execution when JIT is enabled" + - Revert "bpf: prevent speculative execution in eBPF interpreter" + - Revert "locking/barriers: introduce new memory barrier gmb()" + + * Unable to boot with i386 4.13.0-25 / 4.13.0-26 / 4.13.0-31 kernel on Xenial + / Artful (LP: #1745118) + - x86/mm: Fix overlap of i386 CPU_ENTRY_AREA with FIX_BTMAP + + * 4.13: unable to increase MTU configuration for GRE devices (LP: #1743746) + - ip_gre: remove the incorrect mtu limit for ipgre tap + + * CVE-2017-17712 + - net: ipv4: fix for a race condition in raw_sendmsg + + * upload urgency should be medium by default (LP: #1745338) + - [Packaging] update urgency to medium by default + + * CVE-2017-15115 + - sctp: do not peel off an assoc from one netns to another one + + * CVE-2017-8824 + - dccp: CVE-2017-8824: use-after-free in DCCP code + + -- Khalid Elmously Tue, 06 Feb 2018 13:19:16 -0500 + +linux (4.13.0-32.35) artful; urgency=low + + * CVE-2017-5715 // CVE-2017-5753 + - SAUCE: x86/entry: Fix up retpoline assembler labels + + -- Stefan Bader Tue, 23 Jan 2018 09:13:39 +0100 + +linux (4.13.0-31.34) artful; urgency=low + + * linux: 4.13.0-31.34 -proposed tracker (LP: #1744294) + + [ Stefan Bader ] + * CVE-2017-5715 // CVE-2017-5753 + - SAUCE: s390: improve cpu alternative handling for gmb and nobp + - SAUCE: s390: print messages for gmb and nobp + - [Config] KERNEL_NOBP=y + + -- Marcelo Henrique Cerri Fri, 19 Jan 2018 09:56:09 -0200 + +linux (4.13.0-30.33) artful; urgency=low + + * linux: 4.13.0-30.33 -proposed tracker (LP: #1743412) + + * Do not duplicate changelog entries assigned to more than one bug or CVE + (LP: #1743383) + - [Packaging] git-ubuntu-log -- handle multiple bugs/cves better + + * Unable to handle kernel NULL pointer dereference at isci_task_abort_task + (LP: #1726519) + - Revert "scsi: libsas: allow async aborts" + + * CVE-2017-5715 // CVE-2017-5753 + - SAUCE: x86/microcode: Extend post microcode reload to support IBPB feature + -- repair missmerge + - Revert "x86/svm: Add code to clear registers on VM exit" + - kvm: vmx: Scrub hardware GPRs at VM-exit + + -- Marcelo Henrique Cerri Mon, 15 Jan 2018 16:46:07 -0200 + +linux (4.13.0-29.32) artful; urgency=low + + * linux: 4.13.0-29.32 -proposed tracker (LP: #1742722) + + * CVE-2017-5754 + - Revert "x86/cpu: Implement CPU vulnerabilites sysfs functions" + - Revert "sysfs/cpu: Fix typos in vulnerability documentation" + - Revert "sysfs/cpu: Add vulnerability folder" + - Revert "UBUNTU: [Config] updateconfigs to enable + GENERIC_CPU_VULNERABILITIES" + + -- Kleber Sacilotto de Souza Fri, 12 Jan 2018 12:10:51 +0100 + +linux (4.13.0-28.31) artful; urgency=low + + * CVE-2017-5753 + - SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit + + * CVE-2017-5715 + - SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit + + -- Seth Forshee Thu, 11 Jan 2018 17:52:21 -0600 + +linux (4.13.0-27.30) artful; urgency=low + + [ Andy Whitcroft ] + * CVE-2017-5753 + - locking/barriers: introduce new memory barrier gmb() + - bpf: prevent speculative execution in eBPF interpreter + - x86, bpf, jit: prevent speculative execution when JIT is enabled + - uvcvideo: prevent speculative execution + - carl9170: prevent speculative execution + - p54: prevent speculative execution + - qla2xxx: prevent speculative execution + - cw1200: prevent speculative execution + - Thermal/int340x: prevent speculative execution + - userns: prevent speculative execution + - ipv6: prevent speculative execution + - fs: prevent speculative execution + - net: mpls: prevent speculative execution + - udf: prevent speculative execution + - x86/feature: Enable the x86 feature to control Speculation + - x86/feature: Report presence of IBPB and IBRS control + - x86/enter: MACROS to set/clear IBRS and set IBPB + - x86/enter: Use IBRS on syscall and interrupts + - x86/idle: Disable IBRS entering idle and enable it on wakeup + - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup + - x86/mm: Set IBPB upon context switch + - x86/mm: Only set IBPB when the new thread cannot ptrace current thread + - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform + - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm + - x86/kvm: Set IBPB when switching VM + - x86/kvm: Toggle IBRS on VM entry and exit + - x86/kvm: Pad RSB on VM transition + - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature + - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control + - x86/syscall: Clear unused extra registers on syscall entrance + - x86/syscall: Clear unused extra registers on 32-bit compatible syscall + entrance + - x86/entry: Use retpoline for syscall's indirect calls + - x86/cpu/AMD: Add speculative control support for AMD + - x86/microcode: Extend post microcode reload to support IBPB feature + - KVM: SVM: Do not intercept new speculative control MSRs + - x86/svm: Set IBRS value on VM entry and exit + - x86/svm: Set IBPB when running a different VCPU + - KVM: x86: Add speculative control CPUID support for guests + - x86/svm: Add code to clobber the RSB on VM exit + - x86/svm: Add code to clear registers on VM exit + - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature + - powerpc: add gmb barrier + - s390/spinlock: add gmb memory barrier + - x86/microcode/AMD: Add support for fam17h microcode loading + + * CVE-2017-5715 + - locking/barriers: introduce new memory barrier gmb() + - bpf: prevent speculative execution in eBPF interpreter + - x86, bpf, jit: prevent speculative execution when JIT is enabled + - uvcvideo: prevent speculative execution + - carl9170: prevent speculative execution + - p54: prevent speculative execution + - qla2xxx: prevent speculative execution + - cw1200: prevent speculative execution + - Thermal/int340x: prevent speculative execution + - userns: prevent speculative execution + - ipv6: prevent speculative execution + - fs: prevent speculative execution + - net: mpls: prevent speculative execution + - udf: prevent speculative execution + - x86/feature: Enable the x86 feature to control Speculation + - x86/feature: Report presence of IBPB and IBRS control + - x86/enter: MACROS to set/clear IBRS and set IBPB + - x86/enter: Use IBRS on syscall and interrupts + - x86/idle: Disable IBRS entering idle and enable it on wakeup + - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup + - x86/mm: Set IBPB upon context switch + - x86/mm: Only set IBPB when the new thread cannot ptrace current thread + - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform + - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm + - x86/kvm: Set IBPB when switching VM + - x86/kvm: Toggle IBRS on VM entry and exit + - x86/kvm: Pad RSB on VM transition + - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature + - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control + - x86/syscall: Clear unused extra registers on syscall entrance + - x86/syscall: Clear unused extra registers on 32-bit compatible syscall + entrance + - x86/entry: Use retpoline for syscall's indirect calls + - x86/cpu/AMD: Add speculative control support for AMD + - x86/microcode: Extend post microcode reload to support IBPB feature + - KVM: SVM: Do not intercept new speculative control MSRs + - x86/svm: Set IBRS value on VM entry and exit + - x86/svm: Set IBPB when running a different VCPU + - KVM: x86: Add speculative control CPUID support for guests + - x86/svm: Add code to clobber the RSB on VM exit + - x86/svm: Add code to clear registers on VM exit + - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature + - powerpc: add gmb barrier + - s390/spinlock: add gmb memory barrier + - x86/microcode/AMD: Add support for fam17h microcode loading + + * CVE-2017-5754 + - x86/pti: Enable PTI by default + - x86/pti: Make sure the user/kernel PTEs match + - x86/dumpstack: Fix partial register dumps + - x86/dumpstack: Print registers for first stack frame + - x86/process: Define cpu_tss_rw in same section as declaration + - x86/mm: Set MODULES_END to 0xffffffffff000000 + - x86/mm: Map cpu_entry_area at the same place on 4/5 level + - x86/kaslr: Fix the vaddr_end mess + - x86/events/intel/ds: Use the proper cache flush method for mapping ds + buffers + - x86/tlb: Drop the _GPL from the cpu_tlbstate export + - x86/alternatives: Add missing '\n' at end of ALTERNATIVE inline asm + - x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN + - x86/pti: Unbreak EFI old_memmap + - x86/Documentation: Add PTI description + - x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] + - sysfs/cpu: Add vulnerability folder + - x86/cpu: Implement CPU vulnerabilites sysfs functions + - x86/tboot: Unbreak tboot with PTI enabled + - x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*() + - x86/cpu/AMD: Make LFENCE a serializing instruction + - x86/cpu/AMD: Use LFENCE_RDTSC in preference to MFENCE_RDTSC + - sysfs/cpu: Fix typos in vulnerability documentation + - x86/alternatives: Fix optimize_nops() checking + - x86/pti: Make unpoison of pgd for trusted boot work for real + - s390: introduce CPU alternatives + - s390: add ppa to kernel entry / exit + - SAUCE: powerpc: Secure memory rfi flush + - SAUCE: rfi-flush: Make DEBUG_RFI a CONFIG option + - SAUCE: rfi-flush: Add HRFI_TO_UNKNOWN and use it in denorm + - SAUCE: rfi-flush: kvmppc_skip_(H)interrupt returns to host kernel + - SAUCE: KVM: Revert the implementation of H_GET_CPU_CHARACTERISTICS + - SAUCE: rfi-flush: Implement congruence-first fallback flush + - SAUCE: rfi-flush: Make l1d_flush_type bit flags + - SAUCE: rfi-flush: Push the instruction selection down to the patching + routine + - SAUCE: rfi-flush: Expand the RFI section to two nop slots + - SAUCE: rfi-flush: Support more than one flush type at once + - SAUCE: rfi-flush: Allow HV to advertise multiple flush types + - SAUCE: rfi-flush: Add speculation barrier before ori 30,30,0 flush + - SAUCE: rfi-flush: Add barriers to the fallback L1D flushing + - SAUCE: rfi-flush: Rework powernv logic to be more cautious + - SAUCE: rfi-flush: Rework pseries logic to be more cautious + - SAUCE: rfi-flush: Put the fallback flushes in the real trampoline section + - SAUCE: rfi-flush: Fix the fallback flush to actually activate + - SAUCE: rfi-flush: Fix HRFI_TO_UNKNOWN + - SAUCE: rfi-flush: Refactor the macros so the nops are defined once + - SAUCE: rfi-flush: Add no_rfi_flush and nopti comandline options + - SAUCE: rfi-flush: Use rfi-flush in printks + - SAUCE: rfi-flush: Fallback flush add load dependency + - SAUCE: rfi-flush: Fix the 32-bit KVM build + - SAUCE: rfi-flush: Fix some RFI conversions in the KVM code + - SAUCE: rfi-flush: Make the fallback robust against memory corruption + - [Config] Disable CONFIG_PPC_DEBUG_RFI + - [Config] updateconfigs to enable GENERIC_CPU_VULNERABILITIES + + * powerpc: flush L1D on return to use (LP: #1742772) + - SAUCE: powerpc: Secure memory rfi flush + - SAUCE: rfi-flush: Make DEBUG_RFI a CONFIG option + - SAUCE: rfi-flush: Add HRFI_TO_UNKNOWN and use it in denorm + - SAUCE: rfi-flush: kvmppc_skip_(H)interrupt returns to host kernel + - SAUCE: KVM: Revert the implementation of H_GET_CPU_CHARACTERISTICS + - SAUCE: rfi-flush: Implement congruence-first fallback flush + - SAUCE: rfi-flush: Make l1d_flush_type bit flags + - SAUCE: rfi-flush: Push the instruction selection down to the patching + routine + - SAUCE: rfi-flush: Expand the RFI section to two nop slots + - SAUCE: rfi-flush: Support more than one flush type at once + - SAUCE: rfi-flush: Allow HV to advertise multiple flush types + - SAUCE: rfi-flush: Add speculation barrier before ori 30,30,0 flush + - SAUCE: rfi-flush: Add barriers to the fallback L1D flushing + - SAUCE: rfi-flush: Rework powernv logic to be more cautious + - SAUCE: rfi-flush: Rework pseries logic to be more cautious + - SAUCE: rfi-flush: Put the fallback flushes in the real trampoline section + - SAUCE: rfi-flush: Fix the fallback flush to actually activate + - SAUCE: rfi-flush: Fix HRFI_TO_UNKNOWN + - SAUCE: rfi-flush: Refactor the macros so the nops are defined once + - SAUCE: rfi-flush: Add no_rfi_flush and nopti comandline options + - SAUCE: rfi-flush: Use rfi-flush in printks + - SAUCE: rfi-flush: Fallback flush add load dependency + - SAUCE: rfi-flush: Fix the 32-bit KVM build + - SAUCE: rfi-flush: Fix some RFI conversions in the KVM code + - SAUCE: rfi-flush: Make the fallback robust against memory corruption + - [Config] Disable CONFIG_PPC_DEBUG_RFI + + * s390: add ppa to kernel entry/exit (LP: #1742771) + - s390: introduce CPU alternatives + - s390: add ppa to kernel entry / exit + + -- Marcelo Henrique Cerri Thu, 11 Jan 2018 18:41:44 -0200 + +linux (4.13.0-25.29) artful; urgency=low + + * linux: 4.13.0-25.29 -proposed tracker (LP: #1741955) + + * CVE-2017-5754 + - Revert "UBUNTU: [Config] updateconfigs to enable PTI" + - [Config] Enable PTI with UNWINDER_FRAME_POINTER + + -- Marcelo Henrique Cerri Mon, 08 Jan 2018 17:13:57 -0200 + +linux (4.13.0-24.28) artful; urgency=low + + * linux: 4.13.0-24.28 -proposed tracker (LP: #1741745) + + * CVE-2017-5754 + - x86/cpu, x86/pti: Do not enable PTI on AMD processors + + -- Marcelo Henrique Cerri Sun, 07 Jan 2018 11:49:34 -0200 + linux (4.13.0-23.27) artful; urgency=low * linux: 4.13.0-23.27 -proposed tracker (LP: #1741556)