From: Stefan Bader <stefan.bader@canonical.com>
Date: Thu, 25 Apr 2019 08:40:22 +0000 (+0200)
Subject: UBUNTU: Ubuntu-4.15.0-49.52
X-Git-Tag: Ubuntu-4.15.0-49.53~2
X-Git-Url: https://git.proxmox.com/?p=mirror_ubuntu-bionic-kernel.git;a=commitdiff_plain;h=d66c65e8817208d8d1d64b520b950698bb246773

UBUNTU: Ubuntu-4.15.0-49.52

Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
---

diff --git a/debian.master/changelog b/debian.master/changelog
index 8136c151165b..9538cc7d9c34 100644
--- a/debian.master/changelog
+++ b/debian.master/changelog
@@ -1,10 +1,221 @@
-linux (4.15.0-49.52) UNRELEASED; urgency=medium
+linux (4.15.0-49.52) bionic; urgency=medium
+
+  * linux: 4.15.0-49.52 -proposed tracker (LP: #1826358)
+
+  * Backport support for software count cache flush Spectre v2 mitigation. (CVE)
+    (required for POWER9 DD2.3) (LP: #1822870)
+    - powerpc/64s: Add support for ori barrier_nospec patching
+    - powerpc/64s: Patch barrier_nospec in modules
+    - powerpc/64s: Enable barrier_nospec based on firmware settings
+    - powerpc: Use barrier_nospec in copy_from_user()
+    - powerpc/64: Use barrier_nospec in syscall entry
+    - powerpc/64s: Enhance the information in cpu_show_spectre_v1()
+    - powerpc/64: Disable the speculation barrier from the command line
+    - powerpc/64: Make stf barrier PPC_BOOK3S_64 specific.
+    - powerpc/64: Add CONFIG_PPC_BARRIER_NOSPEC
+    - powerpc/64: Call setup_barrier_nospec() from setup_arch()
+    - powerpc/64: Make meltdown reporting Book3S 64 specific
+    - powerpc/lib/code-patching: refactor patch_instruction()
+    - powerpc/lib/feature-fixups: use raw_patch_instruction()
+    - powerpc/asm: Add a patch_site macro & helpers for patching instructions
+    - powerpc/64s: Add new security feature flags for count cache flush
+    - powerpc/64s: Add support for software count cache flush
+    - powerpc/pseries: Query hypervisor for count cache flush settings
+    - powerpc/powernv: Query firmware for count cache flush settings
+    - powerpc/fsl: Add nospectre_v2 command line argument
+    - KVM: PPC: Book3S: Add count cache flush parameters to kvmppc_get_cpu_char()
+    - [Config] Add CONFIG_PPC_BARRIER_NOSPEC
 
-  CHANGELOG: Do not edit directly. Autogenerated at release.
-  CHANGELOG: Use the printchanges target to see the curent changes.
-  CHANGELOG: Use the insertchanges target to create the final log.
+  * Packaging resync (LP: #1786013)
+    - [Packaging] resync git-ubuntu-log
+
+  * autopkgtests run too often, too much and don't skip enough (LP: #1823056)
+    - [Debian] Set +x on rebuild testcase.
+    - [Debian] Skip rebuild test, for regression-suite deps.
+    - [Debian] Make ubuntu-regression-suite skippable on unbootable kernels.
+    - [Debian] make rebuild use skippable error codes when skipping.
+    - [Debian] Only run regression-suite, if requested to.
+
+  * bionic: fork out linux-snapdragon into its own topic kernel (LP: #1820868)
+    - [Packaging] remove arm64 snapdragon from getabis
+    - [Config] config changes for snapdragon split
+    - packaging: arm64: disable building the snapdragon flavour
 
- -- Stefan Bader <stefan.bader@canonical.com>  Thu, 25 Apr 2019 10:19:01 +0200
+  * CVE-2017-5753
+    - KVM: arm/arm64: vgic: fix possible spectre-v1 in vgic_get_irq()
+    - media: dvb_ca_en50221: prevent using slot_info for Spectre attacs
+    - sysvipc/sem: mitigate semnum index against spectre v1
+    - libahci: Fix possible Spectre-v1 pmp indexing in ahci_led_store()
+    - s390/keyboard: sanitize array index in do_kdsk_ioctl
+    - arm64: fix possible spectre-v1 write in ptrace_hbp_set_event()
+    - KVM: arm/arm64: vgic: Fix possible spectre-v1 write in vgic_mmio_write_apr()
+    - pktcdvd: Fix possible Spectre-v1 for pkt_devs
+    - net: socket: fix potential spectre v1 gadget in socketcall
+    - net: socket: Fix potential spectre v1 gadget in sock_is_registered
+    - drm/amdgpu/pm: Fix potential Spectre v1
+    - netlink: Fix spectre v1 gadget in netlink_create()
+    - ext4: fix spectre gadget in ext4_mb_regular_allocator()
+    - drm/i915/kvmgt: Fix potential Spectre v1
+    - net: sock_diag: Fix spectre v1 gadget in __sock_diag_cmd()
+    - fs/quota: Fix spectre gadget in do_quotactl
+    - hwmon: (nct6775) Fix potential Spectre v1
+    - mac80211_hwsim: Fix possible Spectre-v1 for hwsim_world_regdom_custom
+    - switchtec: Fix Spectre v1 vulnerability
+    - misc: hmc6352: fix potential Spectre v1
+    - tty: vt_ioctl: fix potential Spectre v1
+    - nl80211: Fix possible Spectre-v1 for NL80211_TXRATE_HT
+    - nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds
+    - IB/ucm: Fix Spectre v1 vulnerability
+    - RDMA/ucma: Fix Spectre v1 vulnerability
+    - drm/bufs: Fix Spectre v1 vulnerability
+    - usb: gadget: storage: Fix Spectre v1 vulnerability
+    - ptp: fix Spectre v1 vulnerability
+    - HID: hiddev: fix potential Spectre v1
+    - vhost: Fix Spectre V1 vulnerability
+    - drivers/misc/sgi-gru: fix Spectre v1 vulnerability
+    - ipv4: Fix potential Spectre v1 vulnerability
+    - aio: fix spectre gadget in lookup_ioctx
+    - ALSA: emux: Fix potential Spectre v1 vulnerabilities
+    - ALSA: pcm: Fix potential Spectre v1 vulnerability
+    - ip6mr: Fix potential Spectre v1 vulnerability
+    - ALSA: rme9652: Fix potential Spectre v1 vulnerability
+    - ALSA: emu10k1: Fix potential Spectre v1 vulnerabilities
+    - KVM: arm/arm64: vgic: Fix off-by-one bug in vgic_get_irq()
+    - drm/ioctl: Fix Spectre v1 vulnerabilities
+    - char/mwave: fix potential Spectre v1 vulnerability
+    - applicom: Fix potential Spectre v1 vulnerabilities
+    - ipmi: msghandler: Fix potential Spectre v1 vulnerabilities
+    - powerpc/ptrace: Mitigate potential Spectre v1
+    - cfg80211: prevent speculation on cfg80211_classify8021d() return
+    - ALSA: rawmidi: Fix potential Spectre v1 vulnerability
+    - ALSA: seq: oss: Fix Spectre v1 vulnerability
+
+  * Bionic: Sync to Xenial (Spectre) (LP: #1822760)
+    - x86/speculation/l1tf: Suggest what to do on systems with too much RAM
+    - KVM: SVM: Add MSR-based feature support for serializing LFENCE
+    - KVM: VMX: fixes for vmentry_l1d_flush module parameter
+    - KVM: X86: Allow userspace to define the microcode version
+    - SAUCE: [Fix] x86/KVM/VMX: Add L1D flush logic
+    - SAUCE: [Fix] x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on
+      vmentry
+
+  * [SRU] [B/OEM] Fix ACPI bug that causes boot failure (LP: #1819921)
+    - SAUCE: ACPI / bus: Add some Lenovo laptops in list of acpi table term list
+
+  * Bionic update: upstream stable patchset for fuse 2019-04-12 (LP: #1824553)
+    - fuse: fix double request_end()
+    - fuse: fix unlocked access to processing queue
+    - fuse: umount should wait for all requests
+    - fuse: Fix oops at process_init_reply()
+    - fuse: Don't access pipe->buffers without pipe_lock()
+    - fuse: Fix use-after-free in fuse_dev_do_read()
+    - fuse: Fix use-after-free in fuse_dev_do_write()
+    - fuse: set FR_SENT while locked
+    - fuse: fix blocked_waitq wakeup
+    - fuse: fix leaked notify reply
+    - fuse: fix possibly missed wake-up after abort
+    - fuse: fix use-after-free in fuse_direct_IO()
+    - fuse: continue to send FUSE_RELEASEDIR when FUSE_OPEN returns ENOSYS
+    - fuse: handle zero sized retrieve correctly
+    - fuse: call pipe_buf_release() under pipe lock
+    - fuse: decrement NR_WRITEBACK_TEMP on the right page
+
+  * Backport support for software count cache flush Spectre v2 mitigation. (CVE)
+    (required for POWER9 DD2.3) (LP: #1822870) // Backport support for software
+    count cache flush Spectre v2 mitigation. (CVE) (required for POWER9 DD2.3)
+    (LP: #1822870)
+    - powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2
+    - powerpc/fsl: Fix spectre_v2 mitigations reporting
+    - powerpc: Avoid code patching freed init sections
+
+  * Backport support for software count cache flush Spectre v2 mitigation. (CVE)
+    (required for POWER9 DD2.3) (LP: #1822870) // Backport support for software
+    count cache flush Spectre v2 mitigation. (CVE) (required for POWER9 DD2.3)
+    (LP: #1822870) // Backport support for software count cache flush Spectre v2
+    mitigation. (CVE) (required for POWER9 DD2.3) (LP: #1822870)
+    - powerpc/security: Fix spectre_v2 reporting
+
+  * CVE-2019-3874
+    - sctp: use sk_wmem_queued to check for writable space
+    - sctp: implement memory accounting on tx path
+    - sctp: implement memory accounting on rx path
+
+  * NULL pointer dereference when using z3fold and zswap (LP: #1814874)
+    - z3fold: fix possible reclaim races
+
+  * Kprobe event argument syntax in ftrace from ubuntu_kernel_selftests failed
+    on B PowerPC (LP: #1812809)
+    - selftests/ftrace: Add ppc support for kprobe args tests
+
+  * The Realtek card reader does not enter PCIe 1.1/1.2 (LP: #1825487)
+    - misc: rtsx: make various functions static
+    - misc: rtsx: Enable OCP for rts522a rts524a rts525a rts5260
+    - SAUCE: misc: rtsx: Fixed rts5260 power saving parameter and sd glitch
+
+  * headset-mic doesn't work on two Dell laptops. (LP: #1825272)
+    - ALSA: hda/realtek - add two more pin configuration sets to quirk table
+
+  * CVE-2018-16884
+    - sunrpc: use SVC_NET() in svcauth_gss_* functions
+    - sunrpc: use-after-free in svc_process_common()
+
+  * sky2 ethernet card don't work after returning from suspension (LP: #1798921)
+    - sky2: Increase D3 delay again
+
+  * CVE-2019-9500
+    - brcmfmac: assure SSID length from firmware is limited
+
+  * CVE-2019-9503
+    - brcmfmac: add subtype check for event handling in data path
+
+  * CVE-2019-3882
+    - vfio/type1: Limit DMA mappings per container
+
+  * Intel I210 Ethernet card not working after hotplug [8086:1533]
+    (LP: #1818490)
+    - igb: Fix WARN_ONCE on runtime suspend
+
+  * bionic, xenial/hwe: misses "fuse: fix initial parallel dirops" patch
+    (LP: #1823972)
+    - fuse: fix initial parallel dirops
+
+  * amdgpu resume failure: failed to allocate wb slot (LP: #1825074)
+    - drm/amdgpu: fix&cleanups for wb_clear
+
+  * Pop noise when headset is plugged in or removed from GHS/Line-out jack
+    (LP: #1821290)
+    - ALSA: hda/realtek - Add unplug function into unplug state of Headset Mode
+      for ALC225
+    - ALSA: hda/realtek - Disable headset Mic VREF for headset mode of ALC225
+    - ALSA: hda/realtek - Add support headset mode for DELL WYSE AIO
+    - ALSA: hda/realtek - Add support headset mode for New DELL WYSE NB
+
+  * mac80211_hwsim unable to handle kernel NULL pointer dereference
+    at0000000000000000  (LP: #1825058)
+    - mac80211_hwsim: Timer should be initialized before device registered
+
+  * [regression][snd_hda_codec_realtek] repeating crackling noise after 19.04
+    upgrade (LP: #1821663)
+    - ALSA: hda: Add Intel NUC7i3BNB to the power_save blacklist
+    - ALSA: hda - add Lenovo IdeaCentre B550 to the power_save_blacklist
+    - ALSA: hda - Add two more machines to the power_save_blacklist
+
+  * ubuntu_nbd_smoke_test failed on P9 with Bionic kernel (LP: #1822247)
+    - nbd: fix how we set bd_invalidated
+
+  * TSC clocksource not available in nested guests (LP: #1822821)
+    - kvmclock: fix TSC calibration for nested guests
+
+  * 4.15 kernel ip_vs --ops causes performance and hang problem (LP: #1819786)
+    - ipvs: fix refcount usage for conns in ops mode
+
+  * systemd cause kernel trace "BUG: unable to handle kernel paging request at
+    6db23a14" on Cosmic i386 (LP: #1813244) // systemd cause kernel trace "BUG:
+    unable to handle kernel paging request at 6db23a14" on Cosmic i386
+    (LP: #1813244)
+    - openvswitch: fix flow actions reallocation
+
+ -- Stefan Bader <stefan.bader@canonical.com>  Thu, 25 Apr 2019 10:40:22 +0200
 
 linux (4.15.0-48.51) bionic; urgency=medium