Bug #1698706 “Quirk for non-compliant PCI bridge on HiSilicon D0...” : Bugs : linux package : Ubuntu

Revision history for this message

Daniel Axtens (daxtens) wrote on 2017-06-19:

#1

0001-HiSilicon-Hibmc-vgaarb-fixup-arm64-fixup.patch Edit (2.1 KiB, text/x-diff)

Revision history for this message

Daniel Axtens (daxtens) wrote on 2017-06-19:

#2

Posted upstream at https://patchwork.ozlabs.org/patch/777541/

Joseph Salisbury (jsalisbury) on 2017-06-19

tags:

added: kernel-da-key

Daniel Axtens (daxtens) on 2017-06-28

Changed in linux (Ubuntu):
assignee:	nobody → Daniel Axtens (daxtens)
importance:	Undecided → Medium

Daniel Axtens (daxtens) on 2017-06-29

description:

updated

Daniel Axtens (daxtens) on 2017-06-29

description:

updated

Seth Forshee (sforshee) on 2017-07-12

Changed in linux (Ubuntu):
status:	In Progress → Fix Committed

Thadeu Lima de Souza Cascardo (cascardo) on 2017-07-14

Changed in linux (Ubuntu Zesty):
status:	New → Fix Committed

Revision history for this message

Kleber Sacilotto de Souza (kleber-souza) wrote on 2017-07-21:

#3

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-zesty' to 'verification-done-zesty'. If the problem still exists, change the tag 'verification-needed-zesty' to 'verification-failed-zesty'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: verification-needed-zesty

Revision history for this message

Zhanglei Mao (zhanglei-mao) wrote on 2017-07-21:

#4

It was reported by Huawei by mail this was tested and verified. So I change the tag to to 'verification-done-zesty'.

tags:

added: verification-done-zesty
removed: kernel-da-key verification-needed-zesty

Revision history for this message

Zhanglei Mao (zhanglei-mao) wrote on 2017-07-21: Re: [Bug 1698706] Re: Quirk for non-compliant PCI bridge on HiSilicon D05 board

#5

image.png Edit (105.1 KiB, image/png; name="image.png")

Download full text (3.2 KiB)

It was test by Huawei and verified this bug fix the problem of x-window. I
have change it, but not I am make it right for what you expected. I am not
so familiar of our Launchpad.

[image: Inline image 1]

On Fri, Jul 21, 2017 at 5:24 PM, Kleber Sacilotto de Souza <
<email address hidden>> wrote:

> This bug is awaiting verification that the kernel in -proposed solves
> the problem. Please test the kernel and update this bug with the
> results. If the problem is solved, change the tag 'verification-needed-
> zesty' to 'verification-done-zesty'. If the problem still exists, change
> the tag 'verification-needed-zesty' to 'verification-failed-zesty'.
>
> If verification is not done by 5 working days from today, this fix will
> be dropped from the source code, and this bug will be closed.
>
> See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
> to enable and use -proposed. Thank you!
>
>
> ** Tags added: verification-needed-zesty
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1698706
>
> Title:
> Quirk for non-compliant PCI bridge on HiSilicon D05 board
>
> Status in linux package in Ubuntu:
> Fix Committed
> Status in linux source package in Zesty:
> Fix Committed
>
> Bug description:
> SRU Justification
>
> [Impact]
> Xorg autodetection does not work on HiSilicon D05 boards.
>
> [Fix]
> The HiSilicon D05 board has some PCI bridges (PCI ID 19e5:1610) that are
> not spec-compliant: they do not set the VGA Enable bit when a VGA card is
> behind the bridge. This stops vgaarb setting the device as a boot vga
> device, breaking Xorg auto-detection. [0]
>
> Despite this, the hibmc VGA card (PCI ID 19e5:1711) is known to work
> when behind these bridges.
>
> Provide a quirk so that this combination of bridge and card works.
>
> [Testcase]
> On an affected board, run:
> # find /sys/devices -name boot_vga -exec cat \{\} \;
>
> This should print 0 without this patch and 1 with this patch.
>
> [Regression Potential]
> There is a risk with overriding the VGA arbiter that adding additional
> VGA cards to the board may go wrong somehow. The fixup specifically tests
> for the bridge and card on the board, so regressions should be limited to
> that combination of bridge and card.
>
> [Notes]
> HiSilicon is hoping to have 16.04.3 HWE kernel support their board,
> hence the submission of this patch before it has been accepted upstream.
> The patch has been submitted upstream and I will continue to work with
> upstream to land it.[1]
>
> [0] https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/1691991 - this
> bug tracked debugging of a segfault and then this issue. Comments 25
> (https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/1691991/comments/25
> )
> and 31 onwards detail this issue.
>
> [1] https://patchwork.ozlabs.org/patch/778054/
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/
> 1698706/+subscriptions
>

--
Zhanglei Mao
Solutions Architect, Sales and Business Development
Canonical Group Ltd.
<email address hidden>
+86-13625010929 (m)
+85...

This bug was fixed in the package linux - 4.10.0-30.34

---------------
linux (4.10.0-30.34) zesty; urgency=low

* CVE-2017-7533
    - dentry name snapshots

linux (4.10.0-29.33) zesty; urgency=low

* linux: 4.10.0-29.33 -proposed tracker (LP: #1704961)

* Opal and POWER9 DD2 (LP: #1702159)
    - powerpc/powernv: Tell OPAL about our MMU mode on POWER9
    - powerpc/powernv: Fix boot on Power8 bare metal due to opal_configure_cores()

* CVE-2017-1000364
    - mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack
    - mm/mmap.c: expand_downwards: don't require the gap if !vm_prev

* [Xenial] nvme: Quirks for PM1725 controllers (LP: #1704435)
    - nvme: Quirks for PM1725 controllers

* hns: under heavy load, NIC may fail and require reboot (LP: #1704146)
    - net: hns: Bugfix for Tx timeout handling in hns driver

* New ACPI identifiers for ThunderX SMMU (LP: #1703437)
    - iommu/arm-smmu: Plumb in new ACPI identifiers

* CVE-2017-7482
    - rxrpc: Fix several cases where a padded len isn't checked in ticket decode

* CVE-2017-1000365
    - fs/exec.c: account for argv/envp pointers

* CVE-2017-10810
    - drm/virtio: don't leak bo on drm_gem_object_init failure

* Data corruption with hio driver  (LP: #1701316)
    - SAUCE: hio: Fix incorrect use of enum req_opf values

* arm64: fix crash reading /proc/kcore (LP: #1702749)
    - fs/proc: kcore: use kcore_list type to check for vmalloc/module address
    - arm64: mm: select CONFIG_ARCH_PROC_KCORE_TEXT

* cxlflash update request in the Xenial SRU stream (LP: #1702521)
    - scsi: cxlflash: Refactor context reset to share reset logic
    - scsi: cxlflash: Support SQ Command Mode
    - scsi: cxlflash: Cleanup prints
    - scsi: cxlflash: Cancel scheduled workers before stopping AFU
    - scsi: cxlflash: Enable PCI device ID for future IBM CXL Flash AFU
    - scsi: cxlflash: Separate RRQ processing from the RRQ interrupt handler
    - scsi: cxlflash: Serialize RRQ access and support offlevel processing
    - scsi: cxlflash: Implement IRQ polling for RRQ processing
    - scsi: cxlflash: Update sysfs helper routines to pass config structure
    - scsi: cxlflash: Support dynamic number of FC ports
    - scsi: cxlflash: Remove port configuration assumptions
    - scsi: cxlflash: Hide FC internals behind common access routine
    - scsi: cxlflash: SISlite updates to support 4 ports
    - scsi: cxlflash: Support up to 4 ports
    - scsi: cxlflash: Fence EEH during probe
    - scsi: cxlflash: Remove unnecessary DMA mapping
    - scsi: cxlflash: Fix power-of-two validations
    - scsi: cxlflash: Fix warnings/errors
    - scsi: cxlflash: Improve asynchronous interrupt processing
    - scsi: cxlflash: Support multiple hardware queues
    - scsi: cxlflash: Add hardware queues attribute
    - scsi: cxlflash: Introduce hardware queue steering
    - cxl: Enable PCI device IDs for future IBM CXL adapters
    - scsi: cxlflash: Select IRQ_POLL
    - scsi: cxlflash: Combine the send queue locks
    - scsi: cxlflash: Update cxlflash_afu_sync() to return errno
    - scsi: cxlflash: Reset hardware queue context via specified register
    - scsi: cxlflash: Schedule asynchronous reset of the host
    - scsi: cxlflash: Handle AFU sync failures
    - scsi: cxlflash: Track pending scsi commands in each hardware queue
    - scsi: cxlflash: Flush pending commands in cleanup path
    - scsi: cxlflash: Add scsi command abort handler
    - scsi: cxlflash: Create character device to provide host management interface
    - scsi: cxlflash: Separate AFU internal command handling from AFU sync
      specifics
    - scsi: cxlflash: Introduce host ioctl support
    - scsi: cxlflash: Refactor AFU capability checking
    - scsi: cxlflash: Support LUN provisioning
    - scsi: cxlflash: Support AFU debug
    - scsi: cxlflash: Support WS16 unmap
    - scsi: cxlflash: Remove zeroing of private command data
    - scsi: cxlflash: Update TMF command processing
    - scsi: cxlflash: Avoid double free of character device
    - scsi: cxlflash: Update send_tmf() parameters
    - scsi: cxlflash: Update debug prints in reset handlers

* Ath10k to read different board data file if specify in SMBIOS (LP: #1666742)
    - ath10k: search SMBIOS for OEM board file extension

* APST gets enabled against explicit kernel option (LP: #1699004)
    - nvme: Display raw APST configuration via DYNAMIC_DEBUG
    - nvme: Add nvme_core.force_apst to ignore the NO_APST quirk
    - nvme: explicitly disable APST on quirked devices

* Quirk for non-compliant PCI bridge on HiSilicon D05 board (LP: #1698706)
    - SAUCE: PCI: Support hibmc VGA cards behind a misbehaving HiSilicon bridge

* New NVLINK2 patches (LP: #1701272)
    - powerpc/powernv/npu-dma: Add explicit flush when sending an ATSD
    - powerpc/npu-dma: Remove spurious WARN_ON when a PCI device has no of_node

* ERAT invalidate on context switch removal (LP: #1700819)
    - powerpc: Only do ERAT invalidate on radix context switch on P9 DD1

* powerpc: Invalidate ERAT on powersave wakeup for POWER9 (LP: #1700521)
    - powerpc/64s: Invalidate ERAT on powersave wakeup for POWER9

* update ENA driver to 1.2.0k from net-next (LP: #1701575)
    - net/ena: use napi_complete_done() return value
    - net: ena: remove superfluous check in ena_remove()
    - net/ena: switch to pci_alloc_irq_vectors
    - net: ena: fix rare uncompleted admin command false alarm
    - net: ena: fix bug that might cause hang after consecutive open/close
      interface.
    - net: ena: add missing return when ena_com_get_io_handlers() fails
    - net: ena: fix race condition between submit and completion admin command
    - net: ena: add missing unmap bars on device removal
    - net: ena: fix theoretical Rx hang on low memory systems
    - net: ena: disable admin msix while working in polling mode
    - net: ena: bug fix in lost tx packets detection mechanism
    - net: ena: update ena driver to version 1.1.7
    - net: ena: change return value for unsupported features unsupported return
      value
    - net: ena: add hardware hints capability to the driver
    - net: ena: change sizeof() argument to be the type pointer
    - net: ena: add reset reason for each device FLR
    - net: ena: add support for out of order rx buffers refill
    - net: ena: allow the driver to work with small number of msix vectors
    - net: ena: use napi_schedule_irqoff when possible
    - net: ena: separate skb allocation to dedicated function
    - net: ena: use lower_32_bits()/upper_32_bits() to split dma address
    - net: ena: update driver's rx drop statistics
    - net: ena: update ena driver to version 1.2.0

-- Thadeu Lima de Souza Cascardo <cascardo@canonical.com>  Mon, 31 Jul 2017 14:27:53 -0300

Changed in linux (Ubuntu Zesty):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2017-08-10:

#7

Download full text (24.9 KiB)

This bug was fixed in the package linux - 4.11.0-13.19

---------------
linux (4.11.0-13.19) artful; urgency=low

* CVE-2017-7533
- dentry name snapshots

linux (4.11.0-12.18) artful; urgency=low

* linux: 4.11.0-12.18 -proposed tracker (LP: #1707635)
- no change rebuild to pick up the new binutils.

  * Adt tests of src:linux time out often on armhf lxc containers (LP: #1705495)
    - [Packaging] tests -- reduce rebuild test to one flavour
    - [Packaging] tests -- reduce rebuild test to one flavour -- use filter

* [ARM64] config EDAC_GHES=y depends on EDAC_MM_EDAC=y (LP: #1706141)
- [Config] set EDAC_MM_EDAC=y for ARM64

  * [Hyper-V] hv_netvsc: Exclude non-TCP port numbers from vRSS hashing
    (LP: #1690174)
    - hv_netvsc: Exclude non-TCP port numbers from vRSS hashing

* ath10k doesn't report full RSSI information (LP: #1706531)
- ath10k: add per chain RSSI reporting

* ideapad_laptop don't support v310-14isk (LP: #1705378)
- platform/x86: ideapad-laptop: Add several models to no_hw_rfkill

  * Ubuntu 16.04.3: Qemu fails on P9 (LP: #1686019)
    - KVM: PPC: Pass kvm* to kvmppc_find_table()
    - KVM: PPC: Use preregistered memory API to access TCE list
    - KVM: PPC: VFIO: Add in-kernel acceleration for VFIO
    - powerpc/powernv/iommu: Add real mode version of iommu_table_ops::exchange()
    - powerpc/iommu/vfio_spapr_tce: Cleanup iommu_table disposal
    - powerpc/vfio_spapr_tce: Add reference counting to iommu_table
    - powerpc/mmu: Add real mode support for IOMMU preregistered memory
    - KVM: PPC: Reserve KVM_CAP_SPAPR_TCE_VFIO capability number
    - KVM: PPC: Book3S HV: Add radix checks in real-mode hypercall handlers

* hns: ethtool selftest crashes system (LP: #1705712)
- net/hns:bugfix of ethtool -t phy self_test

  * ThunderX: soft lockup on 4.8+ kernels when running qemu-efi with vhost=on
    (LP: #1673564)
    - KVM: arm/arm64: vgic-v3: Use PREbits to infer the number of ICH_APxRn_EL2
      registers
    - KVM: arm/arm64: vgic-v3: Fix nr_pre_bits bitfield extraction
    - arm64: Add a facility to turn an ESR syndrome into a sysreg encoding
    - KVM: arm/arm64: vgic-v3: Add accessors for the ICH_APxRn_EL2 registers
    - KVM: arm64: Make kvm_condition_valid32() accessible from EL2
    - KVM: arm64: vgic-v3: Add hook to handle guest GICv3 sysreg accesses at EL2
    - KVM: arm64: vgic-v3: Add ICV_BPR1_EL1 handler
    - KVM: arm64: vgic-v3: Add ICV_IGRPEN1_EL1 handler
    - KVM: arm64: vgic-v3: Add ICV_IAR1_EL1 handler
    - KVM: arm64: vgic-v3: Add ICV_EOIR1_EL1 handler
    - KVM: arm64: vgic-v3: Add ICV_AP1Rn_EL1 handler
    - KVM: arm64: vgic-v3: Add ICV_HPPIR1_EL1 handler
    - KVM: arm64: vgic-v3: Enable trapping of Group-1 system registers
    - KVM: arm64: Enable GICv3 Group-1 sysreg trapping via command-line
    - KVM: arm64: vgic-v3: Add ICV_BPR0_EL1 handler
    - KVM: arm64: vgic-v3: Add ICV_IGNREN0_EL1 handler
    - KVM: arm64: vgic-v3: Add misc Group-0 handlers
    - KVM: arm64: vgic-v3: Enable trapping of Group-0 system registers
    - KVM: arm64: Enable GICv3 Group-0 sysreg trapping via command-line
    - arm64: Add MIDR values for Cavium cn83XX SoCs
    - arm64: Add wor...

This bug was fixed in the package linux - 4.11.0-13.19

---------------
linux (4.11.0-13.19) artful; urgency=low

* CVE-2017-7533
    - dentry name snapshots

linux (4.11.0-12.18) artful; urgency=low

* linux: 4.11.0-12.18 -proposed tracker (LP: #1707635)
    - no change rebuild to pick up the new binutils.

* Adt tests of src:linux time out often on armhf lxc containers (LP: #1705495)
    - [Packaging] tests -- reduce rebuild test to one flavour
    - [Packaging] tests -- reduce rebuild test to one flavour -- use filter

* [ARM64] config EDAC_GHES=y depends on EDAC_MM_EDAC=y (LP: #1706141)
    - [Config] set EDAC_MM_EDAC=y for ARM64

* [Hyper-V] hv_netvsc: Exclude non-TCP port numbers from vRSS hashing
    (LP: #1690174)
    - hv_netvsc: Exclude non-TCP port numbers from vRSS hashing

* ath10k doesn't report full RSSI information (LP: #1706531)
    - ath10k: add per chain RSSI reporting

* ideapad_laptop don't support v310-14isk (LP: #1705378)
    - platform/x86: ideapad-laptop: Add several models to no_hw_rfkill

* Ubuntu 16.04.3: Qemu fails on P9 (LP: #1686019)
    - KVM: PPC: Pass kvm* to kvmppc_find_table()
    - KVM: PPC: Use preregistered memory API to access TCE list
    - KVM: PPC: VFIO: Add in-kernel acceleration for VFIO
    - powerpc/powernv/iommu: Add real mode version of iommu_table_ops::exchange()
    - powerpc/iommu/vfio_spapr_tce: Cleanup iommu_table disposal
    - powerpc/vfio_spapr_tce: Add reference counting to iommu_table
    - powerpc/mmu: Add real mode support for IOMMU preregistered memory
    - KVM: PPC: Reserve KVM_CAP_SPAPR_TCE_VFIO capability number
    - KVM: PPC: Book3S HV: Add radix checks in real-mode hypercall handlers

* hns: ethtool selftest crashes system (LP: #1705712)
    - net/hns:bugfix of ethtool -t phy self_test

* ThunderX: soft lockup on 4.8+ kernels when running qemu-efi with vhost=on
    (LP: #1673564)
    - KVM: arm/arm64: vgic-v3: Use PREbits to infer the number of ICH_APxRn_EL2
      registers
    - KVM: arm/arm64: vgic-v3: Fix nr_pre_bits bitfield extraction
    - arm64: Add a facility to turn an ESR syndrome into a sysreg encoding
    - KVM: arm/arm64: vgic-v3: Add accessors for the ICH_APxRn_EL2 registers
    - KVM: arm64: Make kvm_condition_valid32() accessible from EL2
    - KVM: arm64: vgic-v3: Add hook to handle guest GICv3 sysreg accesses at EL2
    - KVM: arm64: vgic-v3: Add ICV_BPR1_EL1 handler
    - KVM: arm64: vgic-v3: Add ICV_IGRPEN1_EL1 handler
    - KVM: arm64: vgic-v3: Add ICV_IAR1_EL1 handler
    - KVM: arm64: vgic-v3: Add ICV_EOIR1_EL1 handler
    - KVM: arm64: vgic-v3: Add ICV_AP1Rn_EL1 handler
    - KVM: arm64: vgic-v3: Add ICV_HPPIR1_EL1 handler
    - KVM: arm64: vgic-v3: Enable trapping of Group-1 system registers
    - KVM: arm64: Enable GICv3 Group-1 sysreg trapping via command-line
    - KVM: arm64: vgic-v3: Add ICV_BPR0_EL1 handler
    - KVM: arm64: vgic-v3: Add ICV_IGNREN0_EL1 handler
    - KVM: arm64: vgic-v3: Add misc Group-0 handlers
    - KVM: arm64: vgic-v3: Enable trapping of Group-0 system registers
    - KVM: arm64: Enable GICv3 Group-0 sysreg trapping via command-line
    - arm64: Add MIDR values for Cavium cn83XX SoCs
    - arm64: Add workaround for Cavium Thunder erratum 30115
    - KVM: arm64: vgic-v3: Add ICV_DIR_EL1 handler
    - KVM: arm64: vgic-v3: Add ICV_RPR_EL1 handler
    - KVM: arm64: vgic-v3: Add ICV_CTLR_EL1 handler
    - KVM: arm64: vgic-v3: Add ICV_PMR_EL1 handler
    - KVM: arm64: Enable GICv3 common sysreg trapping via command-line
    - KVM: arm64: vgic-v3: Log which GICv3 system registers are trapped
    - arm64: KVM: Make unexpected reads from WO registers inject an undef
    - KVM: arm64: Log an error if trapping a read-from-write-only GICv3 access
    - KVM: arm64: Log an error if trapping a write-to-read-only GICv3 access

* ath9k freezes suspend resume Ubuntu 17.04 (LP: #1697027)
    - ath9k: fix an invalid pointer dereference in ath9k_rng_stop()

* xhci_hcd: ERROR Transfer event TRB DMA ptr not part of current TD ep_index 2
    comp_code 13 (LP: #1667750)
    - xhci: Bad Ethernet performance plugged in ASM1042A host

* Migrating KSM page causes the VM lock up as the KSM page merging list is too
    large (LP: #1680513)
    - ksm: introduce ksm_max_page_sharing per page deduplication limit
    - ksm: fix use after free with merge_across_nodes = 0
    - ksm: cleanup stable_node chain collapse case
    - ksm: swap the two output parameters of chain/chain_prune
    - ksm: optimize refile of stable_node_dup at the head of the chain

* Artful update to v4.11.12 stable release (LP: #1706067)
    - net/phy: micrel: configure intterupts after autoneg workaround
    - ipv6: avoid unregistering inet6_dev for loopback
    - netvsc: don't access netdev->num_rx_queues directly
    - sfc: Fix MCDI command size for filter operations
    - net: account for current skb length when deciding about UFO
    - net: dp83640: Avoid NULL pointer dereference.
    - tcp: reset sk_rx_dst in tcp_disconnect()
    - net: prevent sign extension in dev_get_stats()
    - virtio-net: serialize tx routine during reset
    - net: sched: Fix one possible panic when no destroy callback
    - mlxsw: spectrum_router: Fix NULL pointer dereference
    - rocker: move dereference before free
    - bpf: prevent leaking pointer via xadd on unpriviledged
    - net: handle NAPI_GRO_FREE_STOLEN_HEAD case also in napi_frags_finish()
    - net/mlx5: Cancel delayed recovery work when unloading the driver
    - net/mlx5e: Fix TX carrier errors report in get stats ndo
    - ipv6: dad: don't remove dynamic addresses if link is down
    - vxlan: fix hlist corruption
    - geneve: fix hlist corruption
    - net: core: Fix slab-out-of-bounds in netdev_stats_to_stats64
    - liquidio: fix bug in soft reset failure detection
    - net: ipv6: Compare lwstate in detecting duplicate nexthops
    - vrf: fix bug_on triggered by rx when destroying a vrf
    - rds: tcp: use sock_create_lite() to create the accept socket
    - net/mlx5e: Initialize CEE's getpermhwaddr address buffer to 0xff
    - cxgb4: fix BUG() on interrupt deallocating path of ULD
    - tap: convert a mutex to a spinlock
    - bridge: mdb: fix leak on complete_info ptr on fail path
    - brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx()
    - sfc: don't read beyond unicast address list
    - Adding asm-prototypes.h for genksyms to generate crc
    - sed regex in Makefile.build requires line break between exported symbols
    - Adding the type of exported symbols
    - sparc64: Fix gup_huge_pmd
    - block: Fix a blk_exit_rl() regression
    - brcmfmac: Fix a memory leak in error handling path in
      'brcmf_cfg80211_attach'
    - brcmfmac: Fix glom_skb leak in brcmf_sdiod_recv_chain
    - efi: Process the MEMATTR table only if EFI_MEMMAP is enabled
    - cfg80211: Define nla_policy for NL80211_ATTR_LOCAL_MESH_POWER_MODE
    - cfg80211: Validate frequencies nested in NL80211_ATTR_SCAN_FREQUENCIES
    - cfg80211: Check if PMKID attribute is of expected size
    - cfg80211: Check if NAN service ID is of expected size
    - drm/amdgpu/gfx6: properly cache mc_arb_ramcfg
    - irqchip/gic-v3: Fix out-of-bound access in gic_set_affinity
    - parisc: Report SIGSEGV instead of SIGBUS when running out of stack
    - parisc: use compat_sys_keyctl()
    - parisc: DMA API: return error instead of BUG_ON for dma ops on non dma devs
    - parisc/mm: Ensure IRQs are off in switch_mm()
    - tools/lib/lockdep: Reduce MAX_LOCK_DEPTH to avoid overflowing lock_chain/:
      Depth
    - thp, mm: fix crash due race in MADV_FREE handling
    - kernel/extable.c: mark core_kernel_text notrace
    - mm/list_lru.c: fix list_lru_count_node() to be race free
    - fs/dcache.c: fix spin lockup issue on nlru->lock
    - checkpatch: silence perl 5.26.0 unescaped left brace warnings
    - binfmt_elf: use ELF_ET_DYN_BASE only for PIE
    - arm: move ELF_ET_DYN_BASE to 4MB
    - arm64: move ELF_ET_DYN_BASE to 4GB / 4MB
    - powerpc: move ELF_ET_DYN_BASE to 4GB / 4MB
    - s390: reduce ELF_ET_DYN_BASE
    - exec: Limit arg stack to at most 75% of _STK_LIM
    - powerpc/kexec: Fix radix to hash kexec due to IAMR/AMOR
    - ARM64: dts: marvell: armada37xx: Fix timer interrupt specifiers
    - arm64: Preventing READ_IMPLIES_EXEC propagation
    - vt: fix unchecked __put_user() in tioclinux ioctls
    - rcu: Add memory barriers for NOCB leader wakeup
    - nvmem: core: fix leaks on registration errors
    - Drivers: hv: vmbus: Close timing hole that can corrupt per-cpu page
    - mnt: In umount propagation reparent in a separate pass
    - mnt: In propgate_umount handle visiting mounts in any order
    - mnt: Make propagate_umount less slow for overlapping mount propagation trees
    - selftests/capabilities: Fix the test_execve test
    - mm: fix overflow check in expand_upwards()
    - crypto: talitos - Extend max key length for SHA384/512-HMAC and AEAD
    - crypto: atmel - only treat EBUSY as transient if backlog
    - crypto: sha1-ssse3 - Disable avx2
    - crypto: caam - properly set IV after {en,de}crypt
    - crypto: caam - fix signals handling
    - sched/fair, cpumask: Export for_each_cpu_wrap()
    - sched/topology: Fix building of overlapping sched-groups
    - sched/topology: Optimize build_group_mask()
    - sched/topology: Fix overlapping sched_group_mask
    - PM / wakeirq: Convert to SRCU
    - ALSA: x86: Clear the pdata.notify_lpe_audio pointer before teardown
    - PM / QoS: return -EINVAL for bogus strings
    - kvm: vmx: Do not disable intercepts for BNDCFGS
    - kvm: x86: Guest BNDCFGS requires guest MPX support
    - kvm: vmx: Check value written to IA32_BNDCFGS
    - kvm: vmx: allow host to access guest MSR_IA32_BNDCFGS
    - Linux 4.11.12

* Artful update to v4.11.11 stable release (LP: #1706066)
    - mqueue: fix a use-after-free in sys_mq_notify()
    - proc: Fix proc_sys_prune_dcache to hold a sb reference
    - locking/rwsem-spinlock: Fix EINTR branch in __down_write_common()
    - staging: vt6556: vnt_start Fix missing call to vnt_key_init_table.
    - staging: comedi: fix clean-up of comedi_class in comedi_init()
    - crypto: caam - fix gfp allocation flags (part I)
    - crypto: rsa-pkcs1pad - use constant time memory comparison for MACs
    - ext4: check return value of kstrtoull correctly in reserved_clusters_store
    - x86/mm/pat: Don't report PAT on CPUs that don't support it
    - Linux 4.11.11

* Change CONFIG_IBMVETH to module (LP: #1704479)
    - [Config] CONFIG_IBMVETH=m

* hns: use after free in hns_nic_net_xmit_hw (LP: #1704885)
    - net: hns: Fix a skb used after free bug

* Opal and POWER9 DD2 (LP: #1702159)
    - powerpc/powernv: Fix boot on Power8 bare metal due to opal_configure_cores()

* CVE-2017-1000364
    - mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack
    - mm/mmap.c: expand_downwards: don't require the gap if !vm_prev

* [Xenial] nvme: Quirks for PM1725 controllers (LP: #1704435)
    - nvme: Quirks for PM1725 controllers

* bonding: stack dump when unregistering a netdev (LP: #1704102)
    - bonding: avoid NETDEV_CHANGEMTU event when unregistering slave

* Ubuntu 16.04 IOB Error when the Mustang board rebooted (LP: #1693673)
    - drivers: net: xgene: Fix redundant prefetch buffer cleanup

* Ubuntu16.04: NVMe 4K+T10 DIF/DIX format returns I/O error on dd with split
    op (LP: #1689946)
    - blk-mq: NVMe 512B/4K+T10 DIF/DIX format returns I/O error on dd with split
      op

* linux >= 4.2: bonding 802.3ad does not work with 5G, 25G and 50G link speeds
    (LP: #1697892)
    - bonding: add 802.3ad support for 25G speeds
    - bonding: fix 802.3ad support for 5G and 50G speeds

* hns: under heavy load, NIC may fail and require reboot (LP: #1704146)
    - net: hns: Bugfix for Tx timeout handling in hns driver

* New ACPI identifiers for ThunderX SMMU (LP: #1703437)
    - iommu/arm-smmu: Plumb in new ACPI identifiers

* Transparent hugepages should default to enabled=madvise (LP: #1703742)
    - [Config] use CONFIG_TRANSPARENT_HUGEPAGE_MADVISE=y as default

* Miscellaneous Ubuntu changes
    - [Config] CONFIG_CAVIUM_ERRATUM_30115=y

* Miscellaneous upstream changes
    - platform/x86: thinkpad_acpi: guard generic hotkey case
    - platform/x86: thinkpad_acpi: add mapping for new hotkeys
    - selftest/memfd/Makefile: Fix build error

linux (4.11.0-11.16) artful; urgency=low

* linux: 4.11.0-11.16 -proposed tracker (LP: #1703901)

* Artful update to v4.11.10 stable release (LP: #1703854)
    - fs: add a VALID_OPEN_FLAGS
    - fs: completely ignore unknown open flags
    - driver core: platform: fix race condition with driver_override
    - RDMA/uverbs: Check port number supplied by user verbs cmds
    - ceph: choose readdir frag based on previous readdir reply
    - tracing/kprobes: Allow to create probe with a module name starting with a
      digit
    - usb: dwc3: replace %p with %pK
    - USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick
    - Add USB quirk for HVR-950q to avoid intermittent device resets
    - usb: usbip: set buffer pointers to NULL after free
    - usb: Fix typo in the definition of Endpoint[out]Request
    - USB: core: fix device node leak
    - arm: remove wrong CONFIG_PROC_SYSCTL ifdef
    - pinctrl: sh-pfc: r8a7794: Swap ATA signals
    - pinctrl: sh-pfc: r8a7791: Fix SCIF2 pinmux data
    - pinctrl: sh-pfc: r8a7791: Add missing DVC_MUTE signal
    - pinctrl: sh-pfc: r8a7795: Fix hscif2_clk_b and hscif4_ctrl
    - pinctrl: meson: meson8b: fix the NAND DQS pins
    - pinctrl: stm32: Fix bad function call
    - pinctrl: sunxi: Fix SPDIF function name for A83T
    - pinctrl: core: Fix warning by removing bogus code
    - pinctrl: mxs: atomically switch mux and drive strength config
    - pinctrl: sh-pfc: r8a7791: Add missing HSCIF1 pinmux data
    - pinctrl: sh-pfc: Update info pointer after SoC-specific init
    - USB: serial: option: add two Longcheer device ids
    - USB: serial: qcserial: new Sierra Wireless EM7305 device ID
    - xhci: Limit USB2 port wake support for AMD Promontory hosts
    - gfs2: Fix glock rhashtable rcu bug
    - Add "shutdown" to "struct class".
    - tpm: Issue a TPM2_Shutdown for TPM2 devices.
    - tpm: fix a kernel memory leak in tpm-sysfs.c
    - x86/uaccess: Optimize copy_user_enhanced_fast_string() for short strings
    - xen: avoid deadlock in xenbus driver
    - crypto: drbg - Fixes panic in wait_for_completion call
    - rt286: add Thinkpad Helix 2 to force_combo_jack_table
    - Linux 4.11.10

* CVE-2017-10810
    - drm/virtio: don't leak bo on drm_gem_object_init failure

* cxlflash update request in the Xenial SRU stream (LP: #1702521)
    - scsi: cxlflash: Separate RRQ processing from the RRQ interrupt handler
    - scsi: cxlflash: Serialize RRQ access and support offlevel processing
    - scsi: cxlflash: Implement IRQ polling for RRQ processing
    - scsi: cxlflash: Update sysfs helper routines to pass config structure
    - scsi: cxlflash: Support dynamic number of FC ports
    - scsi: cxlflash: Remove port configuration assumptions
    - scsi: cxlflash: Hide FC internals behind common access routine
    - scsi: cxlflash: SISlite updates to support 4 ports
    - scsi: cxlflash: Support up to 4 ports
    - scsi: cxlflash: Fence EEH during probe
    - scsi: cxlflash: Remove unnecessary DMA mapping
    - scsi: cxlflash: Fix power-of-two validations
    - scsi: cxlflash: Fix warnings/errors
    - scsi: cxlflash: Improve asynchronous interrupt processing
    - scsi: cxlflash: Support multiple hardware queues
    - scsi: cxlflash: Add hardware queues attribute
    - scsi: cxlflash: Introduce hardware queue steering
    - cxl: Enable PCI device IDs for future IBM CXL adapters
    - scsi: cxlflash: Select IRQ_POLL
    - scsi: cxlflash: Combine the send queue locks
    - scsi: cxlflash: Update cxlflash_afu_sync() to return errno
    - scsi: cxlflash: Reset hardware queue context via specified register
    - scsi: cxlflash: Schedule asynchronous reset of the host
    - scsi: cxlflash: Handle AFU sync failures
    - scsi: cxlflash: Track pending scsi commands in each hardware queue
    - scsi: cxlflash: Flush pending commands in cleanup path
    - scsi: cxlflash: Add scsi command abort handler
    - scsi: cxlflash: Create character device to provide host management interface
    - scsi: cxlflash: Separate AFU internal command handling from AFU sync
      specifics
    - scsi: cxlflash: Introduce host ioctl support
    - scsi: cxlflash: Refactor AFU capability checking
    - scsi: cxlflash: Support LUN provisioning
    - scsi: cxlflash: Support AFU debug
    - scsi: cxlflash: Support WS16 unmap
    - scsi: cxlflash: Remove zeroing of private command data
    - scsi: cxlflash: Update TMF command processing
    - scsi: cxlflash: Avoid double free of character device
    - scsi: cxlflash: Update send_tmf() parameters
    - scsi: cxlflash: Update debug prints in reset handlers

* make snap-pkg support (LP: #1700747)
    - make snap-pkg support

* Quirk for non-compliant PCI bridge on HiSilicon D05 board (LP: #1698706)
    - SAUCE: PCI: Support hibmc VGA cards behind a misbehaving HiSilicon bridge

* arm64: fix crash reading /proc/kcore (LP: #1702749)
    - fs/proc: kcore: use kcore_list type to check for vmalloc/module address
    - arm64: mm: select CONFIG_ARCH_PROC_KCORE_TEXT

* Opal and POWER9 DD2 (LP: #1702159)
    - SAUCE: powerpc/powernv: Tell OPAL about our MMU mode on POWER9

* Data corruption with hio driver  (LP: #1701316)
    - SAUCE: hio: Fix incorrect use of enum req_opf values

* Artful update to v4.11.9 stable release (LP: #1702515)
    - net: don't call strlen on non-terminated string in dev_set_alias()
    - net: Fix inconsistent teardown and release of private netdev state.
    - net: s390: fix up for "Fix inconsistent teardown and release of private
      netdev state"
    - mac80211: free netdev on dev_alloc_name() error
    - decnet: dn_rtmsg: Improve input length sanitization in
      dnrmg_receive_user_skb
    - net: Zero ifla_vf_info in rtnl_fill_vfinfo()
    - net: ipv6: Release route when device is unregistering
    - net: vrf: Make add_fib_rules per network namespace flag
    - af_unix: Add sockaddr length checks before accessing sa_family in bind and
      connect handlers
    - Fix an intermittent pr_emerg warning about lo becoming free.
    - sctp: disable BH in sctp_for_each_endpoint
    - net: caif: Fix a sleep-in-atomic bug in cfpkt_create_pfx
    - net: tipc: Fix a sleep-in-atomic bug in tipc_msg_reverse
    - net/mlx5: Remove several module events out of ethtool stats
    - net/mlx5e: Added BW check for DIM decision mechanism
    - net/mlx5e: Fix wrong indications in DIM due to counter wraparound
    - net/mlx5: Enable 4K UAR only when page size is bigger than 4K
    - proc: snmp6: Use correct type in memset
    - igmp: acquire pmc lock for ip_mc_clear_src()
    - igmp: add a missing spin_lock_init()
    - qmi_wwan: new Telewell and Sierra device IDs
    - net: don't global ICMP rate limit packets originating from loopback
    - ipv6: fix calling in6_ifa_hold incorrectly for dad work
    - sctp: return next obj by passing pos + 1 into sctp_transport_get_idx
    - net/mlx5e: Fix min inline value for VF rep SQs
    - net/mlx5e: Avoid doing a cleanup call if the profile doesn't have it
    - net/mlx5: Wait for FW readiness before initializing command interface
    - net/mlx5e: Fix timestamping capabilities reporting
    - decnet: always not take dst->__refcnt when inserting dst into hash table
    - net: 8021q: Fix one possible panic caused by BUG_ON in free_netdev
    - ipv6: Do not leak throw route references
    - rtnetlink: add IFLA_GROUP to ifla_policy
    - netfilter: synproxy: fix conntrackd interaction
    - NFSv4.x/callback: Create the callback service through svc_create_pooled
    - xen/blkback: don't use xen_blkif_get() in xen-blkback kthread
    - MIPS: head: Reorder instructions missing a delay slot
    - MIPS: Avoid accidental raw backtrace
    - MIPS: pm-cps: Drop manual cache-line alignment of ready_count
    - MIPS: Fix IRQ tracing & lockdep when rescheduling
    - ALSA: hda - Fix endless loop of codec configure
    - ALSA: hda - set input_path bitmap to zero after moving it to new place
    - NFSv4.2: Don't send mode again in post-EXCLUSIVE4_1 SETATTR with umask
    - NFSv4.1: Fix a race in nfs4_proc_layoutget
    - Revert "NFS: nfs_rename() handle -ERESTARTSYS dentry left behind"
    - ovl: copy-up: don't unlock between lookup and link
    - gpiolib: fix filtering out unwanted events
    - x86/intel_rdt: Fix memory leak on mount failure
    - perf/x86/intel/uncore: Fix wrong box pointer check
    - drm/vmwgfx: Free hash table allocated by cmdbuf managed res mgr
    - dm thin: do not queue freed thin mapping for next stage processing
    - x86/mm: Fix boot crash caused by incorrect loop count calculation in
      sync_global_pgds()
    - mm/vmalloc.c: huge-vmap: fail gracefully on unexpected huge vmap mappings
    - xen/blkback: don't free be structure too early
    - xfrm6: Fix IPv6 payload_len in xfrm6_transport_finish
    - xfrm: move xfrm_garbage_collect out of xfrm_policy_flush
    - xfrm: fix stack access out of bounds with CONFIG_XFRM_SUB_POLICY
    - xfrm: NULL dereference on allocation failure
    - xfrm: Oops on error in pfkey_msg2xfrm_state()
    - watchdog: bcm281xx: Fix use of uninitialized spinlock.
    - ARM64: PCI: Fix struct acpi_pci_root_ops allocation failure path
    - ARM64/ACPI: Fix BAD_MADT_GICC_ENTRY() macro implementation
    - ARM: 8685/1: ensure memblock-limit is pmd-aligned
    - ARM: davinci: PM: Free resources in error handling path in 'davinci_pm_init'
    - ARM: davinci: PM: Do not free useful resources in normal path in
      'davinci_pm_init'
    - tools arch: Sync arch/x86/lib/memcpy_64.S with the kernel
    - Revert "x86/entry: Fix the end of the stack for newly forked tasks"
    - x86/mshyperv: Remove excess #includes from mshyperv.h
    - x86/boot/KASLR: Fix kexec crash due to 'virt_addr' calculation bug
    - perf/x86: Fix spurious NMI with PEBS Load Latency event
    - x86/mpx: Correctly report do_mpx_bt_fault() failures to user-space
    - x86/mm: Fix flush_tlb_page() on Xen
    - ocfs2: o2hb: revert hb threshold to keep compatible
    - ocfs2: fix deadlock caused by recursive locking in xattr
    - iommu/dma: Don't reserve PCI I/O windows
    - iommu/amd: Fix incorrect error handling in amd_iommu_bind_pasid()
    - iommu/amd: Fix interrupt remapping when disable guest_mode
    - infiniband: hns: avoid gcc-7.0.1 warning for uninitialized data
    - mtd: nand: brcmnand: Check flash #WP pin status before nand erase/program
    - mtd: nand: fsmc: fix NAND width handling
    - KVM: x86: fix emulation of RSM and IRET instructions
    - KVM: x86/vPMU: fix undefined shift in intel_pmu_refresh()
    - KVM: x86: zero base3 of unusable segments
    - KVM: nVMX: Fix exception injection
    - esp4: Fix udpencap for local TCP packets.
    - hsi: Fix build regression due to netdev destructor fix.
    - Linux 4.11.9

* update ENA driver to 1.2.0k from net-next (LP: #1701575)
    - net/ena: switch to pci_alloc_irq_vectors
    - net: ena: fix rare uncompleted admin command false alarm
    - net: ena: fix bug that might cause hang after consecutive open/close
      interface.
    - net: ena: add missing return when ena_com_get_io_handlers() fails
    - net: ena: fix race condition between submit and completion admin command
    - net: ena: add missing unmap bars on device removal
    - net: ena: fix theoretical Rx hang on low memory systems
    - net: ena: disable admin msix while working in polling mode
    - net: ena: bug fix in lost tx packets detection mechanism
    - net: ena: update ena driver to version 1.1.7
    - net: ena: change return value for unsupported features unsupported return
      value
    - net: ena: add hardware hints capability to the driver
    - net: ena: change sizeof() argument to be the type pointer
    - net: ena: add reset reason for each device FLR
    - net: ena: add support for out of order rx buffers refill
    - net: ena: allow the driver to work with small number of msix vectors
    - net: ena: use napi_schedule_irqoff when possible
    - net: ena: separate skb allocation to dedicated function
    - net: ena: use lower_32_bits()/upper_32_bits() to split dma address
    - net: ena: update driver's rx drop statistics
    - net: ena: update ena driver to version 1.2.0

* APST gets enabled against explicit kernel option (LP: #1699004)
    - nvme: Display raw APST configuration via DYNAMIC_DEBUG
    - nvme: Add nvme_core.force_apst to ignore the NO_APST quirk
    - nvme: explicitly disable APST on quirked devices

* New NVLINK2 patches (LP: #1701272)
    - powerpc/powernv/npu-dma: Add explicit flush when sending an ATSD
    - powerpc/npu-dma: Remove spurious WARN_ON when a PCI device has no of_node

* ERAT invalidate on context switch removal (LP: #1700819)
    - powerpc: Only do ERAT invalidate on radix context switch on P9 DD1

* Miscellaneous Ubuntu changes
    - SAUCE: (noup) Update spl to 0.6.5.10-1, zfs to 0.6.5.10-1ubuntu2
    - snapcraft.yaml: Sync with xenial

* Miscellaneous upstream changes
    - Revert "UBUNTU: SAUCE: (efi-lockdown) efi: Add sysctls for secureboot and
      MokSBState"

-- Thadeu Lima de Souza Cascardo <cascardo@canonical.com>  Tue, 01 Aug 2017 19:35:17 -0300

Changed in linux (Ubuntu):
status:	Fix Committed → Fix Released

Ubuntu
linux package

Quirk for non-compliant PCI bridge on HiSilicon D05 board

Bug Description

CVE References

Other bug subscribers

Bug attachments

Remote bug watches

Affects		Status	Importance	Assigned to	Milestone
	linux (Ubuntu)	Fix Released	Medium	Daniel Axtens
	Zesty	Fix Released	Undecided	Unassigned

Ubuntulinux package

Quirk for non-compliant PCI bridge on HiSilicon D05 board

Bug Description

CVE References

Other bug subscribers

Bug attachments

Remote bug watches

Ubuntu
linux package