1 linux (4.13.0-7.8) artful; urgency=low
3 * linux 4.12.0-11.12 ADT test failure with linux 4.12.0-11.12 (LP: #1710904)
4 - SAUCE: selftests/powerpc: Use snprintf to construct DSCR sysfs interface
7 * Miscellaneous Ubuntu changes
8 - Revert "UBUNTU: SAUCE: seccomp: log actions even when audit is disabled"
10 * Miscellaneous upstream changes
11 - seccomp: Provide matching filter for introspection
12 - seccomp: Sysctl to display available actions
13 - seccomp: Operation for checking if an action is available
14 - seccomp: Sysctl to configure actions that are allowed to be logged
15 - seccomp: Selftest for detection of filter flag support
16 - seccomp: Filter flag to log all actions except SECCOMP_RET_ALLOW
17 - seccomp: Action to log before allowing
19 [ Upstream Kernel Changes ]
23 -- Seth Forshee <seth.forshee@canonical.com> Mon, 28 Aug 2017 08:12:24 -0500
25 linux (4.13.0-6.7) artful; urgency=low
27 * HID: multitouch: Support ALPS PTP Stick and Touchpad devices (LP: #1712481)
28 - SAUCE: HID: multitouch: Support ALPS PTP stick with pid 0x120A
30 * sort ABI files with C.UTF-8 locale (LP: #1712345)
31 - [Packaging] sort ABI files with C.UTF-8 locale
33 * igb: Support using Broadcom 54616 as PHY (LP: #1712024)
34 - SAUCE: igb: add support for using Broadcom 54616 as PHY
36 * RPT related fixes missing in Ubuntu 16.04.3 (LP: #1709220)
37 - powerpc/mm/radix: Improve _tlbiel_pid to be usable for PWC flushes
38 - powerpc/mm/radix: Improve TLB/PWC flushes
39 - powerpc/mm/radix: Avoid flushing the PWC on every flush_tlb_range
41 * Linux 4.12 refuses to load self-signed modules under Secure Boot with
42 properly enrolled keys (LP: #1712168)
43 - SAUCE: (efi-lockdown) MODSIGN: Fix module signature verification
45 * [17.10 FEAT] Enable NVMe driver - kernel (LP: #1708432)
46 - [Config] CONFIG_BLK_DEV_NVME=m for s390
48 * Artful: 4.12.0-11.12: Boot panic in vlv2_plat_configure_clock+0x3b/0xa0
50 - [Config] CONFIG_INTEL_ATOMISP=n
52 * Miscellaneous Ubuntu changes
53 - SAUCE: apparmor: af_unix mediation
55 * Miscellaneous upstream changes
56 - apparmor: Fix shadowed local variable in unpack_trans_table()
57 - apparmor: Fix logical error in verify_header()
58 - apparmor: Fix an error code in aafs_create()
59 - apparmor: Redundant condition: prev_ns. in [label.c:1498]
60 - apparmor: add the ability to mediate signals
61 - apparmor: add mount mediation
62 - apparmor: cleanup conditional check for label in label_print
63 - apparmor: add support for absolute root view based labels
64 - apparmor: make policy_unpack able to audit different info messages
65 - apparmor: add more debug asserts to apparmorfs
66 - apparmor: add base infastructure for socket mediation
67 - apparmor: move new_null_profile to after profile lookup fns()
68 - apparmor: fix race condition in null profile creation
69 - apparmor: ensure unconfined profiles have dfas initialized
70 - apparmor: fix incorrect type assignment when freeing proxies
72 [ Upstream Kernel Changes ]
76 -- Seth Forshee <seth.forshee@canonical.com> Wed, 23 Aug 2017 08:10:38 -0500
78 linux (4.13.0-5.6) artful; urgency=low
80 * Ubuntu17.10 - perf: Update Power9 PMU event JSON files (LP: #1708630)
81 - perf pmu-events: Support additional POWER8+ PVR in mapfile
82 - perf vendor events: Add POWER9 PMU events
83 - perf vendor events: Add POWER9 PVRs to mapfile
84 - SAUCE: perf vendor events powerpc: remove suffix in mapfile
85 - SAUCE: perf vendor events powerpc: Update POWER9 events
87 * Disable CONFIG_MEMORY_HOTPLUG_DEFAULT_ONLINE (LP: #1709171)
88 - [Config] CONFIG_MEMORY_HOTPLUG_DEFAULT_ONLINE=n for ppc64el
90 * Please only recommend or suggest initramfs-tools | linux-initramfs-tool for
91 kernels able to boot without initramfs (LP: #1700972)
92 - [Debian] Don't depend on initramfs-tools
94 * Miscellaneous Ubuntu changes
95 - SAUCE: Import aufs driver
96 - SAUCE: aufs -- Add missing argument to loop_switch() call
97 - [Config] Enable aufs
98 - SAUCE: (noup) Update spl to 0.6.5.11-ubuntu1, zfs to 0.6.5.11-1ubuntu3
100 - SAUCE: powerpc: Always initialize input array when calling epapr_hypercall()
101 - [Packaging] switch up to debhelper 9
103 [ Upstream Kernel Changes ]
105 * Rebase to v4.13-rc5
107 -- Seth Forshee <seth.forshee@canonical.com> Tue, 15 Aug 2017 09:24:16 -0500
109 linux (4.13.0-4.5) artful; urgency=low
111 * Lenovo Yoga 910 Sensors (LP: #1708120)
112 - SAUCE: (no-up) HID: Add quirk for Lenovo Yoga 910 with ITE Chips
114 * Unable to install Ubuntu on the NVMe disk under VMD PCI domain
116 - [Config] Add vmd driver to generic inclusion list
118 * Set CONFIG_SATA_HIGHBANK=y on armhf (LP: #1703430)
119 - [Config] CONFIG_SATA_HIGHBANK=y
121 * Miscellaneous Ubuntu changes
122 - ubuntu: vbox -- update to 5.1.26-dfsg-1
123 - SAUCE: hio: Build fixes for 4.13
125 - SAUCE: (noup) Update spl to 0.6.5.11-1, zfs to 0.6.5.11-1ubuntu1
126 - [debian] use all rather than amd64 dkms debs for sync
128 [ Upstream Kernel Changes ]
130 * Rebase to v4.13-rc4
132 -- Seth Forshee <seth.forshee@canonical.com> Tue, 08 Aug 2017 11:31:48 -0500
134 linux (4.13.0-3.4) artful; urgency=low
136 * Adt tests of src:linux time out often on armhf lxc containers (LP: #1705495)
137 - [Packaging] tests -- reduce rebuild test to one flavour
138 - [Packaging] tests -- reduce rebuild test to one flavour -- use filter
140 * snapd 2.26.8+17.10 ADT test failure with linux 4.12.0-6.7 (LP: #1704158)
141 - SAUCE: virtio_net: Revert mergeable buffer handling rework
143 [ Upstream Kernel Changes ]
145 * Rebase to v4.13-rc3
147 -- Seth Forshee <seth.forshee@canonical.com> Mon, 31 Jul 2017 10:08:16 -0500
149 linux (4.13.0-2.3) artful; urgency=low
151 * Change CONFIG_IBMVETH to module (LP: #1704479)
152 - [Config] CONFIG_IBMVETH=m
154 [ Upstream Kernel Changes ]
156 * Rebase to v4.13-rc2
158 -- Seth Forshee <seth.forshee@canonical.com> Mon, 24 Jul 2017 13:58:08 -0500
160 linux (4.13.0-1.2) artful; urgency=low
162 * Miscellaneous Ubuntu changes
163 - [Debian] Support sphinx-based kernel documentation
165 -- Seth Forshee <seth.forshee@canonical.com> Thu, 20 Jul 2017 09:18:33 -0500
167 linux (4.13.0-0.1) artful; urgency=low
169 * Miscellaneous Ubuntu changes
172 - ubuntu: vbox -- update to 5.1.24-dfsg-1
174 [ Upstream Kernel Changes ]
176 * Rebase to v4.13-rc1
178 -- Seth Forshee <seth.forshee@canonical.com> Wed, 19 Jul 2017 15:09:31 -0500
180 linux (4.12.0-7.8) artful; urgency=low
182 * ThunderX: soft lockup on 4.8+ kernels when running qemu-efi with vhost=on
184 - arm64: Add a facility to turn an ESR syndrome into a sysreg encoding
185 - KVM: arm/arm64: vgic-v3: Add accessors for the ICH_APxRn_EL2 registers
186 - KVM: arm64: Make kvm_condition_valid32() accessible from EL2
187 - KVM: arm64: vgic-v3: Add hook to handle guest GICv3 sysreg accesses at EL2
188 - KVM: arm64: vgic-v3: Add ICV_BPR1_EL1 handler
189 - KVM: arm64: vgic-v3: Add ICV_IGRPEN1_EL1 handler
190 - KVM: arm64: vgic-v3: Add ICV_IAR1_EL1 handler
191 - KVM: arm64: vgic-v3: Add ICV_EOIR1_EL1 handler
192 - KVM: arm64: vgic-v3: Add ICV_AP1Rn_EL1 handler
193 - KVM: arm64: vgic-v3: Add ICV_HPPIR1_EL1 handler
194 - KVM: arm64: vgic-v3: Enable trapping of Group-1 system registers
195 - KVM: arm64: Enable GICv3 Group-1 sysreg trapping via command-line
196 - KVM: arm64: vgic-v3: Add ICV_BPR0_EL1 handler
197 - KVM: arm64: vgic-v3: Add ICV_IGNREN0_EL1 handler
198 - KVM: arm64: vgic-v3: Add misc Group-0 handlers
199 - KVM: arm64: vgic-v3: Enable trapping of Group-0 system registers
200 - KVM: arm64: Enable GICv3 Group-0 sysreg trapping via command-line
201 - arm64: Add MIDR values for Cavium cn83XX SoCs
202 - arm64: Add workaround for Cavium Thunder erratum 30115
203 - KVM: arm64: vgic-v3: Add ICV_DIR_EL1 handler
204 - KVM: arm64: vgic-v3: Add ICV_RPR_EL1 handler
205 - KVM: arm64: vgic-v3: Add ICV_CTLR_EL1 handler
206 - KVM: arm64: vgic-v3: Add ICV_PMR_EL1 handler
207 - KVM: arm64: Enable GICv3 common sysreg trapping via command-line
208 - KVM: arm64: vgic-v3: Log which GICv3 system registers are trapped
209 - KVM: arm64: Log an error if trapping a read-from-write-only GICv3 access
210 - KVM: arm64: Log an error if trapping a write-to-read-only GICv3 access
212 * hns: under heavy load, NIC may fail and require reboot (LP: #1704146)
213 - net: hns: Bugfix for Tx timeout handling in hns driver
215 * New ACPI identifiers for ThunderX SMMU (LP: #1703437)
216 - iommu/arm-smmu: Plumb in new ACPI identifiers
218 * Transparent hugepages should default to enabled=madvise (LP: #1703742)
219 - SAUCE: use CONFIG_TRANSPARENT_HUGEPAGE_MADVISE=y as default
221 * Artful update to v4.12.1 stable release (LP: #1703858)
222 - driver core: platform: fix race condition with driver_override
223 - RDMA/uverbs: Check port number supplied by user verbs cmds
224 - usb: dwc3: replace %p with %pK
225 - USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick
226 - usb: usbip: set buffer pointers to NULL after free
227 - Add USB quirk for HVR-950q to avoid intermittent device resets
228 - usb: Fix typo in the definition of Endpoint[out]Request
229 - USB: core: fix device node leak
230 - USB: serial: option: add two Longcheer device ids
231 - USB: serial: qcserial: new Sierra Wireless EM7305 device ID
232 - xhci: Limit USB2 port wake support for AMD Promontory hosts
233 - gfs2: Fix glock rhashtable rcu bug
234 - Add "shutdown" to "struct class".
235 - tpm: Issue a TPM2_Shutdown for TPM2 devices.
236 - tpm: fix a kernel memory leak in tpm-sysfs.c
237 - powerpc/powernv: Fix CPU_HOTPLUG=n idle.c compile error
238 - x86/uaccess: Optimize copy_user_enhanced_fast_string() for short strings
239 - sched/fair, cpumask: Export for_each_cpu_wrap()
240 - sched/core: Implement new approach to scale select_idle_cpu()
241 - sched/numa: Use down_read_trylock() for the mmap_sem
242 - sched/numa: Override part of migrate_degrades_locality() when idle balancing
243 - sched/fair: Simplify wake_affine() for the single socket case
244 - sched/numa: Implement NUMA node level wake_affine()
245 - sched/fair: Remove effective_load()
246 - sched/numa: Hide numa_wake_affine() from UP build
247 - xen: avoid deadlock in xenbus driver
248 - crypto: drbg - Fixes panic in wait_for_completion call
251 * cxlflash update request in the Xenial SRU stream (LP: #1702521)
252 - scsi: cxlflash: Combine the send queue locks
253 - scsi: cxlflash: Update cxlflash_afu_sync() to return errno
254 - scsi: cxlflash: Reset hardware queue context via specified register
255 - scsi: cxlflash: Schedule asynchronous reset of the host
256 - scsi: cxlflash: Handle AFU sync failures
257 - scsi: cxlflash: Track pending scsi commands in each hardware queue
258 - scsi: cxlflash: Flush pending commands in cleanup path
259 - scsi: cxlflash: Add scsi command abort handler
260 - scsi: cxlflash: Create character device to provide host management interface
261 - scsi: cxlflash: Separate AFU internal command handling from AFU sync
263 - scsi: cxlflash: Introduce host ioctl support
264 - scsi: cxlflash: Refactor AFU capability checking
265 - scsi: cxlflash: Support LUN provisioning
266 - scsi: cxlflash: Support AFU debug
267 - scsi: cxlflash: Support WS16 unmap
268 - scsi: cxlflash: Remove zeroing of private command data
269 - scsi: cxlflash: Update TMF command processing
270 - scsi: cxlflash: Avoid double free of character device
271 - scsi: cxlflash: Update send_tmf() parameters
272 - scsi: cxlflash: Update debug prints in reset handlers
274 * make snap-pkg support (LP: #1700747)
275 - make snap-pkg support
277 * Quirk for non-compliant PCI bridge on HiSilicon D05 board (LP: #1698706)
278 - SAUCE: PCI: Support hibmc VGA cards behind a misbehaving HiSilicon bridge
280 * arm64: fix crash reading /proc/kcore (LP: #1702749)
281 - fs/proc: kcore: use kcore_list type to check for vmalloc/module address
282 - arm64: mm: select CONFIG_ARCH_PROC_KCORE_TEXT
284 * Opal and POWER9 DD2 (LP: #1702159)
285 - SAUCE: powerpc/powernv: Tell OPAL about our MMU mode on POWER9
287 * Data corruption with hio driver (LP: #1701316)
288 - SAUCE: hio: Fix incorrect use of enum req_opf values
290 * Miscellaneous Ubuntu changes
291 - SAUCE: (noup) Update spl to 0.6.5.10-1, zfs to 0.6.5.10-1ubuntu2
292 - snapcraft.yaml: Sync with xenial
293 - [Config] CONFIG_CAVIUM_ERRATUM_30115=y
295 * Miscellaneous upstream changes
296 - Revert "UBUNTU: SAUCE: (efi-lockdown) efi: Add sysctls for secureboot and
299 -- Seth Forshee <seth.forshee@canonical.com> Fri, 14 Jul 2017 15:25:41 -0500
301 linux (4.12.0-6.7) artful; urgency=low
303 * update ENA driver to 1.2.0k from net-next (LP: #1701575)
304 - net: ena: change return value for unsupported features unsupported return
306 - net: ena: add hardware hints capability to the driver
307 - net: ena: change sizeof() argument to be the type pointer
308 - net: ena: add reset reason for each device FLR
309 - net: ena: add support for out of order rx buffers refill
310 - net: ena: allow the driver to work with small number of msix vectors
311 - net: ena: use napi_schedule_irqoff when possible
312 - net: ena: separate skb allocation to dedicated function
313 - net: ena: use lower_32_bits()/upper_32_bits() to split dma address
314 - net: ena: update driver's rx drop statistics
315 - net: ena: update ena driver to version 1.2.0
317 * APST gets enabled against explicit kernel option (LP: #1699004)
318 - nvme: explicitly disable APST on quirked devices
320 * Miscellaneous Ubuntu changes
321 - SAUCE: hio: Update to Huawei ES3000_V2 (2.1.0.40)
322 - SAUCE: hio updates for 4.12
323 - SAUCE: Enable hio build
325 -- Seth Forshee <seth.forshee@canonical.com> Wed, 05 Jul 2017 14:23:20 -0500
327 linux (4.12.0-5.6) artful; urgency=low
329 * ERAT invalidate on context switch removal (LP: #1700819)
330 - powerpc: Only do ERAT invalidate on radix context switch on P9 DD1
332 * powerpc: Invalidate ERAT on powersave wakeup for POWER9 (LP: #1700521)
333 - SAUCE: powerpc: Invalidate ERAT on powersave wakeup for POWER9
335 * Miscellaneous Ubuntu changes
336 - d-i: Move qcom-emac from arm64 to shared nic-modules
338 [ Upstream Kernel Changes ]
342 -- Seth Forshee <seth.forshee@canonical.com> Mon, 03 Jul 2017 07:52:02 -0500
344 linux (4.12.0-4.5) artful; urgency=low
346 * aacraid driver may return uninitialized stack data to userspace
348 - SAUCE: scsi: aacraid: Don't copy uninitialized stack memory to userspace
350 * KILLER1435-S[0489:e0a2] BT cannot search BT 4.0 device (LP: #1699651)
351 - Bluetooth: btusb: Add support for 0489:e0a2 QCA_ROME device
353 * AACRAID for power9 platform (LP: #1689980)
354 - scsi: aacraid: Remove __GFP_DMA for raw srb memory
355 - scsi: aacraid: Fix DMAR issues with iommu=pt
356 - scsi: aacraid: Added 32 and 64 queue depth for arc natives
357 - scsi: aacraid: Set correct Queue Depth for HBA1000 RAW disks
358 - scsi: aacraid: Remove reset support from check_health
359 - scsi: aacraid: Change wait time for fib completion
360 - scsi: aacraid: Log count info of scsi cmds before reset
361 - scsi: aacraid: Print ctrl status before eh reset
362 - scsi: aacraid: Using single reset mask for IOP reset
363 - scsi: aacraid: Rework IOP reset
364 - scsi: aacraid: Add periodic checks to see IOP reset status
365 - scsi: aacraid: Rework SOFT reset code
366 - scsi: aacraid: Rework aac_src_restart
367 - scsi: aacraid: Use correct function to get ctrl health
368 - scsi: aacraid: Make sure ioctl returns on controller reset
369 - scsi: aacraid: Enable ctrl reset for both hba and arc
370 - scsi: aacraid: Add reset debugging statements
371 - scsi: aacraid: Remove reference to Series-9
372 - scsi: aacraid: Update driver version to 50834
374 * hibmc driver does not include "pci:" prefix in bus ID (LP: #1698700)
375 - SAUCE: drm: hibmc: Use set_busid function from drm core
377 * HiSilicon D05: installer doesn't appear on VGA (LP: #1698954)
378 - d-i: Add hibmc-drm to kernel-image udeb
380 * Fix /proc/cpuinfo revision for POWER9 DD2 (LP: #1698844)
381 - SAUCE: powerpc: Fix /proc/cpuinfo revision for POWER9 DD2
383 * Miscellaneous Ubuntu changes
384 - [Config] CONFIG_SATA_MV=n and CONFIG_GENERIC_PHY=n for s390x
385 - [Config] CONFIG_ATA=n for s390x
386 - [Config] Update annotations for 4.12
388 [ Upstream Kernel Changes ]
390 * Rebase to v4.12-rc7
392 -- Seth Forshee <seth.forshee@canonical.com> Mon, 26 Jun 2017 11:27:29 -0500
394 linux (4.12.0-3.4) artful; urgency=low
396 * Miscellaneous upstream changes
397 - ufs: fix the logics for tail relocation
399 [ Upstream Kernel Changes ]
401 * Rebase to v4.12-rc6
403 -- Seth Forshee <seth.forshee@canonical.com> Mon, 19 Jun 2017 14:50:39 -0500
405 linux (4.12.0-2.3) artful; urgency=low
408 - SAUCE: (no-up) net: Zeroing the structure ethtool_wolinfo in
411 * System doesn't boot properly on Gigabyte AM4 motherboards (AMD Ryzen)
413 - pinctrl/amd: Use regular interrupt instead of chained
415 * extend-diff-ignore should use exact matches (LP: #1693504)
416 - [Packaging] exact extend-diff-ignore matches
418 * Miscellaneous Ubuntu changes
419 - SAUCE: efi: Don't print secure boot state from the efi stub
420 - ubuntu: vbox -- Update to 5.1.22-dfsg-1
421 - SAUCE: vbox fixes for 4.12
422 - Re-enable virtualbox build
423 - [Config] CONFIG_ORANGEFS_FS=m
424 - SAUCE: (noup) Update spl to 0.6.5.9-1ubuntu2, zfs to 0.6.5.9-5ubuntu7
427 [ Upstream Kernel Changes ]
429 * Rebase to v4.12-rc4
430 * Rebase to v4.12-rc5
432 -- Seth Forshee <seth.forshee@canonical.com> Sun, 11 Jun 2017 22:25:13 -0500
434 linux (4.12.0-1.2) artful; urgency=low
436 * Enable Matrox driver for Ubuntu 16.04.3 (LP: #1693337)
437 - [Config] Enable CONFIG_DRM_MGAG200 as module
439 * Support low-pin-count devices on Hisilicon SoCs (LP: #1677319)
440 - [Config] CONFIG_LIBIO=y on arm64 only
441 - SAUCE: LIBIO: Introduce a generic PIO mapping method
442 - SAUCE: OF: Add missing I/O range exception for indirect-IO devices
443 - [Config] CONFIG_HISILICON_LPC=y
444 - SAUCE: LPC: Support the device-tree LPC host on Hip06/Hip07
445 - SAUCE: LIBIO: Support the dynamically logical PIO registration of ACPI host
447 - SAUCE: LPC: Add the ACPI LPC support
448 - SAUCE: PCI: Apply the new generic I/O management on PCI IO hosts
449 - SAUCE: PCI: Restore codepath for !CONFIG_LIBIO
451 * POWER9: Additional patches for TTY and CPU_IDLE (LP: #1674325)
452 - SAUCE: tty: Fix ldisc crash on reopened tty
454 * Miscellaneous Ubuntu changes
455 - [Debian] Add build-dep on libnuma-dev to enable 'perf bench numa'
456 - Rebase to v4.12-rc3
458 [ Upstream Kernel Changes ]
460 * Rebase to v4.12-rc3
462 -- Seth Forshee <seth.forshee@canonical.com> Mon, 29 May 2017 20:56:29 -0500
464 linux (4.12.0-0.1) artful; urgency=low
466 * please enable CONFIG_ARM64_LSE_ATOMICS (LP: #1691614)
467 - [Config] CONFIG_ARM64_LSE_ATOMICS=y
469 * [Regression] NUMA_BALANCING disabled on arm64 (LP: #1690914)
470 - [Config] CONFIG_NUMA_BALANCING{,_DEFAULT_ENABLED}=y on arm64
472 * exec'ing a setuid binary from a threaded program sometimes fails to setuid
474 - SAUCE: exec: ensure file system accounting in check_unsafe_exec is correct
476 * Miscellaneous Ubuntu changes
477 - Update find-missing-sauce.sh to compare to artful
479 - SAUCE: (efi-lockdown) efi: Add EFI_SECURE_BOOT bit
480 - SAUCE: (efi-lockdown) Add the ability to lock down access to the running
482 - SAUCE: (efi-lockdown) efi: Lock down the kernel if booted in secure boot
484 - SAUCE: (efi-lockdown) Enforce module signatures if the kernel is locked down
485 - SAUCE: (efi-lockdown) Restrict /dev/mem and /dev/kmem when the kernel is
487 - SAUCE: (efi-lockdown) Add a sysrq option to exit secure boot mode
488 - SAUCE: (efi-lockdown) kexec: Disable at runtime if the kernel is locked down
489 - SAUCE: (efi-lockdown) Copy secure_boot flag in boot params across kexec
491 - SAUCE: (efi-lockdown) kexec_file: Disable at runtime if securelevel has been
493 - SAUCE: (efi-lockdown) hibernate: Disable when the kernel is locked down
494 - SAUCE: (efi-lockdown) uswsusp: Disable when the kernel is locked down
495 - SAUCE: (efi-lockdown) PCI: Lock down BAR access when the kernel is locked
497 - SAUCE: (efi-lockdown) x86: Lock down IO port access when the kernel is
499 - SAUCE: (efi-lockdown) x86: Restrict MSR access when the kernel is locked
501 - SAUCE: (efi-lockdown) asus-wmi: Restrict debugfs interface when the kernel
503 - SAUCE: (efi-lockdown) ACPI: Limit access to custom_method when the kernel is
505 - SAUCE: (efi-lockdown) acpi: Ignore acpi_rsdp kernel param when the kernel
507 - SAUCE: (efi-lockdown) acpi: Disable ACPI table override if the kernel is
509 - SAUCE: (efi-lockdown) acpi: Disable APEI error injection if the kernel is
511 - SAUCE: (efi-lockdown) Enable cold boot attack mitigation
512 - SAUCE: (efi-lockdown) bpf: Restrict kernel image access functions when the
513 kernel is locked down
514 - SAUCE: (efi-lockdown) scsi: Lock down the eata driver
515 - SAUCE: (efi-lockdown) Prohibit PCMCIA CIS storage when the kernel is locked
517 - SAUCE: (efi-lockdown) Lock down TIOCSSERIAL
518 - SAUCE: (efi-lockdown) KEYS: Allow unrestricted boot-time addition of keys to
520 - SAUCE: (efi-lockdown) efi: Add EFI signature data types
521 - SAUCE: (efi-lockdown) efi: Add an EFI signature blob parser
522 - SAUCE: (efi-lockdown) MODSIGN: Import certificates from UEFI Secure Boot
523 - SAUCE: (efi-lockdown) MODSIGN: Allow the "db" UEFI variable to be suppressed
524 - SAUCE: (efi-lockdown) efi: Sanitize boot_params in efi stub
525 - SAUCE: (efi-lockdown) efi: Add secure_boot state and status bit for
527 - SAUCE: (efi-lockdown) efi: Add sysctls for secureboot and MokSBState
528 - [Config] Set values for UEFI secure boot lockdown options
529 - Disable virtualbox build
531 - SAUCE: securityfs: Replace CURRENT_TIME with current_time()
533 - [Debian] Work out upstream tag for use with gen-auto-reconstruct
534 - SAUCE: Import aufs driver
535 - SAUCE: aufs -- Include linux/mm.h in fs/aufs/file.h
536 - [Config] Enable aufs
537 - SAUCE: perf callchain: Include errno.h on x86 unconditinally
539 [ Upstream Kernel Changes ]
541 * Rebase to v4.12-rc2
543 -- Seth Forshee <seth.forshee@canonical.com> Sun, 21 May 2017 23:44:44 -0500
545 linux (4.11.0-3.8) artful; urgency=low
549 * Release Tracking Bug
552 * apparmor_parser hangs indefinitely when called by multiple threads
554 - SAUCE: apparmor: fix lock ordering for mkdir
556 * apparmor leaking securityfs pin count (LP: #1660846)
557 - SAUCE: apparmor: fix leak on securityfs pin count
559 * apparmor reference count leak when securityfs_setup_d_inode\ () fails
561 - SAUCE: apparmor: fix reference count leak when securityfs_setup_d_inode()
564 * apparmor not checking error if security_pin_fs() fails (LP: #1660842)
565 - SAUCE: apparmor: fix not handling error case when securityfs_pin_fs() fails
567 * libvirt profile is blocking global setrlimit despite having no rlimit rule
569 - SAUCE: apparmor: fix complain mode failure for rlimit mediation
570 - apparmor: update auditing of rlimit check to provide capability information
572 * apparmor: does not provide a way to detect policy updataes (LP: #1678032)
573 - SAUCE: apparmor: add policy revision file interface
575 * apparmor does not make support of query data visible (LP: #1678023)
576 - SAUCE: apparmor: add label data availability to the feature set
578 * apparmor query interface does not make supported query info available
580 - SAUCE: apparmor: add information about the query inteface to the feature set
582 * change_profile incorrect when using namespaces with a compound stack
584 - SAUCE: apparmor: fix label parse for stacked labels
586 * Regression in 4.4.0-65-generic causes very frequent system crashes
588 - apparmor: sync of apparmor 3.6+ (17.04)
590 * Artful update to 4.11.1 stable release (LP: #1690814)
591 - dm ioctl: prevent stack leak in dm ioctl call
592 - drm/sti: fix GDP size to support up to UHD resolution
593 - power: supply: lp8788: prevent out of bounds array access
594 - brcmfmac: Ensure pointer correctly set if skb data location changes
595 - brcmfmac: Make skb header writable before use
596 - sparc64: fix fault handling in NGbzero.S and GENbzero.S
597 - refcount: change EXPORT_SYMBOL markings
598 - net: macb: fix phy interrupt parsing
599 - tcp: fix access to sk->sk_state in tcp_poll()
600 - geneve: fix incorrect setting of UDP checksum flag
601 - bpf: enhance verifier to understand stack pointer arithmetic
602 - bpf, arm64: fix jit branch offset related to ldimm64
603 - tcp: fix wraparound issue in tcp_lp
604 - net: ipv6: Do not duplicate DAD on link up
605 - net: usb: qmi_wwan: add Telit ME910 support
606 - tcp: do not inherit fastopen_req from parent
607 - ipv4, ipv6: ensure raw socket message is big enough to hold an IP header
608 - rtnetlink: NUL-terminate IFLA_PHYS_PORT_NAME string
609 - ipv6: initialize route null entry in addrconf_init()
610 - ipv6: reorder ip6_route_dev_notifier after ipv6_dev_notf
611 - tcp: randomize timestamps on syncookies
612 - bnxt_en: allocate enough space for ->ntp_fltr_bmap
613 - bpf: don't let ldimm64 leak map addresses on unprivileged
614 - net: mdio-mux: bcm-iproc: call mdiobus_free() in error path
615 - f2fs: sanity check segment count
616 - xen/arm,arm64: fix xen_dma_ops after 815dd18 "Consolidate get_dma_ops..."
617 - xen: Revert commits da72ff5bfcb0 and 72a9b186292d
618 - block: get rid of blk_integrity_revalidate()
621 * Module signing exclusion for staging drivers does not work properly
623 - SAUCE: Fix module signing exclusion in package builds
625 * perf: qcom: Add L3 cache PMU driver (LP: #1689856)
626 - [Config] CONFIG_QCOM_L3_PMU=y
627 - perf: qcom: Add L3 cache PMU driver
629 * No PMU support for ACPI-based arm64 systems (LP: #1689661)
630 - drivers/perf: arm_pmu: rework per-cpu allocation
631 - drivers/perf: arm_pmu: manage interrupts per-cpu
632 - drivers/perf: arm_pmu: split irq request from enable
633 - drivers/perf: arm_pmu: remove pointless PMU disabling
634 - drivers/perf: arm_pmu: define armpmu_init_fn
635 - drivers/perf: arm_pmu: fold init into alloc
636 - drivers/perf: arm_pmu: factor out pmu registration
637 - drivers/perf: arm_pmu: simplify cpu_pmu_request_irqs()
638 - drivers/perf: arm_pmu: handle no platform_device
639 - drivers/perf: arm_pmu: rename irq request/free functions
640 - drivers/perf: arm_pmu: split cpu-local irq request/free
641 - drivers/perf: arm_pmu: move irq request/free into probe
642 - drivers/perf: arm_pmu: split out platform device probe logic
643 - arm64: add function to get a cpu's MADT GICC table
644 - [Config] CONFIG_ARM_PMU_ACPI=y
645 - drivers/perf: arm_pmu: add ACPI framework
646 - arm64: pmuv3: handle !PMUv3 when probing
647 - arm64: pmuv3: use arm_pmu ACPI framework
649 * Fix NVLINK2 TCE route (LP: #1690155)
650 - powerpc/powernv: Fix TCE kill on NVLink2
653 - tracing: Use strlcpy() instead of strcpy() in __trace_find_cmdline()
655 * Miscellaneous Ubuntu changes
656 - [Config] Restore powerpc arch to annotations file
657 - [Config] Disable runtime testing modules
658 - [Config] Disable drivers not needed on s390x
659 - [Config] Update annotations for 4.11
660 - [Config] updateconfigs after apparmor updates
662 * Miscellaneous upstream changes
663 - apparmor: use SHASH_DESC_ON_STACK
664 - apparmor: fix invalid reference to index variable of iterator line 836
665 - apparmor: fix parameters so that the permission test is bypassed at boot
666 - apparmor: Make path_max parameter readonly
667 - apparmorfs: Combine two function calls into one in aa_fs_seq_raw_abi_show()
668 - apparmorfs: Use seq_putc() in two functions
669 - apparmor: provide information about path buffer size at boot
670 - apparmor: add/use fns to print hash string hex value
672 -- Seth Forshee <seth.forshee@canonical.com> Tue, 16 May 2017 00:39:13 -0500
674 linux (4.11.0-2.7) artful; urgency=low
676 * kernel-wedge fails in artful due to leftover squashfs-modules d-i files
678 - Remove squashfs-modules files from d-i
679 - [Config] as squashfs-modules is builtin kernel-image must Provides: it
681 * [Zesty] d-i: replace msm_emac with qcom_emac (LP: #1677297)
682 - Revert "UBUNTU: d-i: initrd needs msm_emac on amberwing platform."
683 - d-i: initrd needs qcom_emac on amberwing platform.
685 * update for V3 kernel bits and improved multiple fan slice support
687 - SAUCE: fan: tunnel multiple mapping mode (v3)
689 * Miscellaneous Ubuntu changes
690 - SAUCE: (noup) Update spl to 0.6.5.9-1ubuntu1, zfs to 0.6.5.9-5ubuntu5
692 - SAUCE: fan: add VXLAN implementation
693 - SAUCE: (efi-lockdown) efi: Add EFI_SECURE_BOOT bit
694 - SAUCE: (efi-lockdown) Add the ability to lock down access to the running
696 - SAUCE: (efi-lockdown) efi: Lock down the kernel if booted in secure boot
698 - SAUCE: (efi-lockdown) Enforce module signatures if the kernel is locked down
699 - SAUCE: (efi-lockdown) Restrict /dev/mem and /dev/kmem when the kernel is
701 - SAUCE: (efi-lockdown) Add a sysrq option to exit secure boot mode
702 - SAUCE: (efi-lockdown) kexec: Disable at runtime if the kernel is locked down
703 - SAUCE: (efi-lockdown) Copy secure_boot flag in boot params across kexec
705 - SAUCE: (efi-lockdown) kexec_file: Disable at runtime if securelevel has been
707 - SAUCE: (efi-lockdown) hibernate: Disable when the kernel is locked down
708 - SAUCE: (efi-lockdown) uswsusp: Disable when the kernel is locked down
709 - SAUCE: (efi-lockdown) PCI: Lock down BAR access when the kernel is locked
711 - SAUCE: (efi-lockdown) x86: Lock down IO port access when the kernel is
713 - SAUCE: (efi-lockdown) x86: Restrict MSR access when the kernel is locked
715 - SAUCE: (efi-lockdown) asus-wmi: Restrict debugfs interface when the kernel
717 - SAUCE: (efi-lockdown) ACPI: Limit access to custom_method when the kernel is
719 - SAUCE: (efi-lockdown) acpi: Ignore acpi_rsdp kernel param when the kernel
721 - SAUCE: (efi-lockdown) acpi: Disable ACPI table override if the kernel is
723 - SAUCE: (efi-lockdown) acpi: Disable APEI error injection if the kernel is
725 - SAUCE: (efi-lockdown) Enable cold boot attack mitigation
726 - SAUCE: (efi-lockdown) bpf: Restrict kernel image access functions when the
727 kernel is locked down
728 - SAUCE: (efi-lockdown) scsi: Lock down the eata driver
729 - SAUCE: (efi-lockdown) Prohibit PCMCIA CIS storage when the kernel is locked
731 - SAUCE: (efi-lockdown) Lock down TIOCSSERIAL
732 - SAUCE: (efi-lockdown) Add EFI signature data types
733 - SAUCE: (efi-lockdown) Add an EFI signature blob parser and key loader.
734 - SAUCE: (efi-lockdown) KEYS: Add a system blacklist keyring
735 - SAUCE: (efi-lockdown) MODSIGN: Import certificates from UEFI Secure Boot
736 - SAUCE: (efi-lockdown) MODSIGN: Support not importing certs from db
737 - SAUCE: (efi-lockdown) MODSIGN: Don't try secure boot if EFI runtime is
739 - SAUCE: (efi-lockdown) efi: Sanitize boot_params in efi stub
740 - SAUCE: (efi-lockdown) efi: Add secure_boot state and status bit for
742 - SAUCE: (efi-lockdown) efi: Add sysctls for secureboot and MokSBState
743 - [Config] Set values for UEFI secure boot lockdown options
746 [ Upstream Kernel Changes ]
750 -- Seth Forshee <seth.forshee@canonical.com> Fri, 05 May 2017 07:43:14 -0500
752 linux (4.11.0-1.6) artful; urgency=low
754 * Miscellaneous Ubuntu changes
755 - [Debian] Use default compression for all packages
756 - SAUCE: (namespace) block_dev: Support checking inode permissions in
758 - SAUCE: (namespace) block_dev: Check permissions towards block device inode
760 - SAUCE: (namespace) mtd: Check permissions towards mtd block device inode
762 - SAUCE: (namespace) fs: Allow superblock owner to change ownership of inodes
763 - SAUCE: (namespace) fs: Don't remove suid for CAP_FSETID for userns root
764 - SAUCE: (namespace) fs: Allow superblock owner to access do_remount_sb()
765 - SAUCE: (namespace) capabilities: Allow privileged user in s_user_ns to set
767 - SAUCE: (namespace) fs: Allow CAP_SYS_ADMIN in s_user_ns to freeze and thaw
769 - SAUCE: (namespace) fuse: Add support for pid namespaces
770 - SAUCE: (namespace) fuse: Support fuse filesystems outside of init_user_ns
771 - SAUCE: (namespace) fuse: Restrict allow_other to the superblock's namespace
773 - SAUCE: (namespace) fuse: Allow user namespace mounts
774 - SAUCE: (namespace) ext4: Add support for unprivileged mounts from user
776 - SAUCE: (namespace) evm: Don't update hmacs in user ns mounts
777 - SAUCE: (namespace) ext4: Add module parameter to enable user namespace
779 - SAUCE: (namespace) block_dev: Forbid unprivileged mounting when device is
782 -- Seth Forshee <seth.forshee@canonical.com> Wed, 26 Apr 2017 10:08:29 -0500
784 linux (4.11.0-0.5) artful; urgency=low
786 * [Hyper-V][SAUCE] pci-hyperv: Use only 16 bit integer for PCI domain
788 - SAUCE: pci-hyperv: Use only 16 bit integer for PCI domain
790 * [Hyper-V] Ubuntu 14.04.2 LTS Generation 2 SCSI Errors on VSS Based Backups
792 - SAUCE: Tools: hv: vss: Thaw the filesystem and continue after freeze fails
794 * Enable virtual scsi server driver for Power (LP: #1615665)
795 - SAUCE: Return TCMU-generated sense data to fabric module
797 * include/linux/security.h header syntax error with !CONFIG_SECURITYFS
799 - SAUCE: (no-up) include/linux/security.h -- fix syntax error with
802 * Miscellaneous Ubuntu changes
803 - SAUCE: Import aufs driver
804 - [Config] Enable aufs
805 - [Debian] Add script to update virtualbox
806 - ubuntu: vbox -- Update to 5.1.20-dfsg-2
808 - SAUCE: aufs -- Include linux/mm.h in fs/aufs/file.h
810 [ Upstream Kernel Changes ]
812 * rebase to v4.11-rc8
814 -- Seth Forshee <seth.forshee@canonical.com> Tue, 25 Apr 2017 13:42:54 -0500
816 linux (4.11.0-0.4) zesty; urgency=low
818 * POWER9: Improve performance on memory management (LP: #1681429)
819 - SAUCE: powerpc/mm/radix: Don't do page walk cache flush when doing full mm
821 - SAUCE: powerpc/mm/radix: Remove unnecessary ptesync
823 * Miscellaneous Ubuntu changes
824 - find-missing-sauce.sh
826 [ Upstream Kernel Changes ]
828 * rebase to v4.11-rc7
830 -- Seth Forshee <seth.forshee@canonical.com> Tue, 18 Apr 2017 08:19:43 -0500
832 linux (4.11.0-0.3) zesty; urgency=low
834 * Disable CONFIG_HVC_UDBG on ppc64el (LP: #1680888)
835 - [Config] Disable CONFIG_HVC_UDBG on ppc64el
837 * smartpqi driver needed in initram disk and installer (LP: #1680156)
838 - [Config] Add smartpqi to d-i
840 * Disable CONFIG_SECURITY_SELINUX_DISABLE (LP: #1680315)
841 - [Config] CONFIG_SECURITY_SELINUX_DISABLE=n
843 * Miscellaneous Ubuntu changes
844 - [Config] flash-kernel should be a Breaks
845 - [Config] drop the info directory
846 - [Config] drop NOTES as obsolete
847 - [Config] drop changelog.historical as obsolete
848 - rebase to v4.11-rc6
850 [ Upstream Kernel Changes ]
852 * rebase to v4.11-rc6
854 -- Tim Gardner <tim.gardner@canonical.com> Tue, 11 Apr 2017 07:16:52 -0600
856 linux (4.11.0-0.2) zesty; urgency=low
858 [ Upstream Kernel Changes ]
860 * rebase to v4.11-rc5
862 -- Tim Gardner <tim.gardner@canonical.com> Mon, 03 Apr 2017 08:26:07 +0100
864 linux (4.11.0-0.1) zesty; urgency=low
866 [ Upstream Kernel Changes ]
868 * rebase to v4.11-rc4
871 -- Tim Gardner <tim.gardner@canonical.com> Mon, 20 Mar 2017 05:15:32 -0600
873 linux (4.11.0-0.0) zesty; urgency=low
877 -- Tim Gardner <tim.gardner@canonical.com> Mon, 20 Mar 2017 05:15:32 -0600