Change log for linux-oem package in Ubuntu

139 of 39 results
Published in bionic-proposed on 2018-08-17
linux-oem (4.15.0-1017.20) bionic; urgency=medium

  * linux-oem: 4.15.0-1017.20 -proposed tracker (LP: #1787544)

  * Bluetooth: Redpine: Bionics: L2test transfer is failed to start in Ubuntu
    18.04 (LP: #1781895)
    - SAUCE: Bluetooth: btrsi: fix l2test data transfer issue

  * [Redpine]  Upgrades to improve throughput and stability (LP: #1782070)
    - SAUCE: rsi: Fix for low throughput issue
    - SAUCE: rsi: Set wowlan flag while writing wowlan config parameters
    - SAUCE: rsi: Add debug support for wowlan wakeup confirmation
    - Bluetooth: btrsi: rework dependencies
    - rsi: fix error path handling in SDIO probe
    - rsi: Add null check for virtual interfaces in wowlan config
    - SAUCE: rsi: Fix for wowlan hibernate resume issue
    - SAUCE: rsi: Firmware assert (version 2)
    - SAUCE: rsi: Fix for WoWLAN wakeup in security mode.
    - SAUCE: rsi: Optimizing virtual interfaces
    - SAUCE: rsi: disable p2p device mode support

 -- Chia-Lin Kao (AceLan) <email address hidden>  Fri, 17 Aug 2018 15:53:57 +0800

Available diffs

Superseded in bionic-proposed on 2018-08-17
linux-oem (4.15.0-1016.19) bionic; urgency=medium

  * linux-oem: 4.15.0-1016.19 -proposed tracker (LP: #1787152)

  [ Ubuntu: 4.15.0-33.36 ]

  * linux: 4.15.0-33.36 -proposed tracker (LP: #1787149)
  * RTNL assertion failure on ipvlan (LP: #1776927)
    - ipvlan: drop ipv6 dependency
    - ipvlan: use per device spinlock to protect addrs list updates
    - SAUCE: fix warning from "ipvlan: drop ipv6 dependency"
  * ubuntu_bpf_jit test failed on Bionic s390x systems (LP: #1753941)
    - test_bpf: flag tests that cannot be jited on s390
  * HDMI/DP audio can't work on the laptop of Dell Latitude 5495 (LP: #1782689)
    - drm/nouveau: fix nouveau_dsm_get_client_id()'s return type
    - drm/radeon: fix radeon_atpx_get_client_id()'s return type
    - drm/amdgpu: fix amdgpu_atpx_get_client_id()'s return type
    - platform/x86: apple-gmux: fix gmux_get_client_id()'s return type
    - ALSA: hda: use PCI_BASE_CLASS_DISPLAY to replace PCI_CLASS_DISPLAY_VGA
    - vga_switcheroo: set audio client id according to bound GPU id
  * locking sockets broken due to missing AppArmor socket mediation patches
    (LP: #1780227)
    - UBUNTU SAUCE: apparmor: fix apparmor mediating locking non-fs, unix sockets
  * Update2 for ocxl driver (LP: #1781436)
    - ocxl: Fix page fault handler in case of fault on dying process
  * netns: unable to follow an interface that moves to another netns
    (LP: #1774225)
    - net: core: Expose number of link up/down transitions
    - dev: always advertise the new nsid when the netns iface changes
    - dev: advertise the new ifindex when the netns iface changes
  * [Bionic] Disk IO hangs when using BFQ as io scheduler (LP: #1780066)
    - block, bfq: fix occurrences of request finish method's old name
    - block, bfq: remove batches of confusing ifdefs
    - block, bfq: add requeue-request hook
  * HP ProBook 455 G5 needs mute-led-gpio fixup (LP: #1781763)
    - ALSA: hda: add mute led support for HP ProBook 455 G5
  * [Bionic] bug fixes to improve stability of the ThunderX2 i2c driver
    (LP: #1781476)
    - i2c: xlp9xx: Fix issue seen when updating receive length
    - i2c: xlp9xx: Make sure the transfer size is not more than
      I2C_SMBUS_BLOCK_SIZE
  * x86/kvm: fix LAPIC timer drift when guest uses periodic mode (LP: #1778486)
    - x86/kvm: fix LAPIC timer drift when guest uses periodic mode
  * Please include ax88179_178a and r8152 modules in d-i udeb (LP: #1771823)
    - [Config:] d-i: Add ax88179_178a and r8152 to nic-modules
  * Nvidia fails after switching its mode (LP: #1778658)
    - PCI: Restore config space on runtime resume despite being unbound
  * Kernel error "task zfs:pid blocked for more than 120 seconds" (LP: #1781364)
    - SAUCE: (noup) zfs to 0.7.5-1ubuntu16.3
  * CVE-2018-12232
    - PATCH 1/1] socket: close race condition between sock_close() and
      sockfs_setattr()
  * CVE-2018-10323
    - xfs: set format back to extents if xfs_bmap_extents_to_btree
  * change front mic location for more lenovo m7/8/9xx machines (LP: #1781316)
    - ALSA: hda/realtek - Fix the problem of two front mics on more machines
    - ALSA: hda/realtek - two more lenovo models need fixup of MIC_LOCATION
  * Cephfs + fscache: unable to handle kernel NULL pointer dereference at
    0000000000000000 IP: jbd2__journal_start+0x22/0x1f0 (LP: #1783246)
    - ceph: track read contexts in ceph_file_info
  * Touchpad of ThinkPad P52 failed to work with message "lost sync at byte"
    (LP: #1779802)
    - Input: elantech - fix V4 report decoding for module with middle key
    - Input: elantech - enable middle button of touchpads on ThinkPad P52
  * xhci_hcd 0000:00:14.0: Root hub is not suspended (LP: #1779823)
    - usb: xhci: dbc: Fix lockdep warning
    - usb: xhci: dbc: Don't decrement runtime PM counter if DBC is not started
  * CVE-2018-13406
    - video: uvesafb: Fix integer overflow in allocation
  * CVE-2018-10840
    - ext4: correctly handle a zero-length xattr with a non-zero e_value_offs
  * CVE-2018-11412
    - ext4: do not allow external inodes for inline data
  * CVE-2018-10881
    - ext4: clear i_data in ext4_inode_info when removing inline data
  * CVE-2018-12233
    - jfs: Fix inconsistency between memory allocation and ea_buf->max_size
  * CVE-2018-12904
    - kvm: nVMX: Enforce cpl=0 for VMX instructions
  * Error parsing PCC subspaces from PCCT (LP: #1528684)
    - mailbox: PCC: erroneous error message when parsing ACPI PCCT
  * CVE-2018-13094
    - xfs: don't call xfs_da_shrink_inode with NULL bp
  * other users' coredumps can be read via setgid directory and killpriv bypass
    (LP: #1779923) // CVE-2018-13405
    - Fix up non-directory creation in SGID directories
  * Invoking obsolete 'firmware_install' target breaks snap build (LP: #1782166)
    - snapcraft.yaml: stop invoking the obsolete (and non-existing)
      'firmware_install' target
  * snapcraft.yaml: missing ubuntu-retpoline-extract-one script breaks the build
    (LP: #1782116)
    - snapcraft.yaml: copy retpoline-extract-one to scripts before build
  * Allow Raven Ridge's audio controller to be runtime suspended (LP: #1782540)
    - ALSA: hda: Add AZX_DCAPS_PM_RUNTIME for AMD Raven Ridge
  * CVE-2018-11506
    - sr: pass down correctly sized SCSI sense buffer
  * Bionic update: upstream stable patchset 2018-07-24 (LP: #1783418)
    - net: Fix a bug in removing queues from XPS map
    - net/mlx4_core: Fix error handling in mlx4_init_port_info.
    - net/sched: fix refcnt leak in the error path of tcf_vlan_init()
    - net: sched: red: avoid hashing NULL child
    - net/smc: check for missing nlattrs in SMC_PNETID messages
    - net: test tailroom before appending to linear skb
    - packet: in packet_snd start writing at link layer allocation
    - sock_diag: fix use-after-free read in __sk_free
    - tcp: purge write queue in tcp_connect_init()
    - vmxnet3: set the DMA mask before the first DMA map operation
    - vmxnet3: use DMA memory barriers where required
    - hv_netvsc: empty current transmit aggregation if flow blocked
    - hv_netvsc: Use the num_online_cpus() for channel limit
    - hv_netvsc: avoid retry on send during shutdown
    - hv_netvsc: only wake transmit queue if link is up
    - hv_netvsc: fix error unwind handling if vmbus_open fails
    - hv_netvsc: cancel subchannel setup before halting device
    - hv_netvsc: fix race in napi poll when rescheduling
    - hv_netvsc: defer queue selection to VF
    - hv_netvsc: disable NAPI before channel close
    - hv_netvsc: use RCU to fix concurrent rx and queue changes
    - hv_netvsc: change GPAD teardown order on older versions
    - hv_netvsc: common detach logic
    - hv_netvsc: Use Windows version instead of NVSP version on GPAD teardown
    - hv_netvsc: Split netvsc_revoke_buf() and netvsc_teardown_gpadl()
    - hv_netvsc: Ensure correct teardown message sequence order
    - hv_netvsc: Fix a network regression after ifdown/ifup
    - sparc: vio: use put_device() instead of kfree()
    - ext2: fix a block leak
    - s390: add assembler macros for CPU alternatives
    - s390: move expoline assembler macros to a header
    - s390/crc32-vx: use expoline for indirect branches
    - s390/lib: use expoline for indirect branches
    - s390/ftrace: use expoline for indirect branches
    - s390/kernel: use expoline for indirect branches
    - s390: move spectre sysfs attribute code
    - s390: extend expoline to BC instructions
    - s390: use expoline thunks in the BPF JIT
    - scsi: sg: allocate with __GFP_ZERO in sg_build_indirect()
    - scsi: zfcp: fix infinite iteration on ERP ready list
    - loop: don't call into filesystem while holding lo_ctl_mutex
    - loop: fix LOOP_GET_STATUS lock imbalance
    - cfg80211: limit wiphy names to 128 bytes
    - hfsplus: stop workqueue when fill_super() failed
    - x86/kexec: Avoid double free_page() upon do_kexec_load() failure
    - usb: gadget: f_uac2: fix bFirstInterface in composite gadget
    - usb: dwc3: Undo PHY init if soft reset fails
    - usb: dwc3: omap: don't miss events during suspend/resume
    - usb: gadget: core: Fix use-after-free of usb_request
    - usb: gadget: fsl_udc_core: fix ep valid checks
    - usb: dwc2: Fix dwc2_hsotg_core_init_disconnected()
    - usb: cdc_acm: prevent race at write to acm while system resumes
    - net: usbnet: fix potential deadlock on 32bit hosts
    - ARM: dts: imx7d-sdb: Fix regulator-usb-otg2-vbus node name
    - usb: host: xhci-plat: revert "usb: host: xhci-plat: enable clk in resume
      timing"
    - USB: OHCI: Fix NULL dereference in HCDs using HCD_LOCAL_MEM
    - net/usb/qmi_wwan.c: Add USB id for lt4120 modem
    - net-usb: add qmi_wwan if on lte modem wistron neweb d18q1
    - Bluetooth: btusb: Add USB ID 7392:a611 for Edimax EW-7611ULB
    - ALSA: usb-audio: Add native DSD support for Luxman DA-06
    - usb: dwc3: Add SoftReset PHY synchonization delay
    - usb: dwc3: Update DWC_usb31 GTXFIFOSIZ reg fields
    - usb: dwc3: Makefile: fix link error on randconfig
    - xhci: zero usb device slot_id member when disabling and freeing a xhci slot
    - usb: dwc2: Fix interval type issue
    - usb: dwc2: hcd: Fix host channel halt flow
    - usb: dwc2: host: Fix transaction errors in host mode
    - usb: gadget: ffs: Let setup() return USB_GADGET_DELAYED_STATUS
    - usb: gadget: ffs: Execute copy_to_user() with USER_DS set
    - usbip: Correct maximum value of CONFIG_USBIP_VHCI_HC_PORTS
    - usb: gadget: udc: change comparison to bitshift when dealing with a mask
    - usb: gadget: composite: fix incorrect handling of OS desc requests
    - media: lgdt3306a: Fix module count mismatch on usb unplug
    - media: em28xx: USB bulk packet size fix
    - Bluetooth: btusb: Add device ID for RTL8822BE
    - xhci: Show what USB release number the xHC supports from protocol capablity
    - staging: bcm2835-audio: Release resources on module_exit()
    - staging: lustre: fix bug in osc_enter_cache_try
    - staging: fsl-dpaa2/eth: Fix incorrect casts
    - staging: rtl8192u: return -ENOMEM on failed allocation of priv->oldaddr
    - staging: ks7010: Use constants from ieee80211_eid instead of literal ints.
    - staging: lustre: lmv: correctly iput lmo_root
    - crypto: inside-secure - wait for the request to complete if in the backlog
    - crypto: atmel-aes - fix the keys zeroing on errors
    - crypto: ccp - don't disable interrupts while setting up debugfs
    - crypto: inside-secure - do not process request if no command was issued
    - crypto: inside-secure - fix the cache_len computation
    - crypto: inside-secure - fix the extra cache computation
    - crypto: sunxi-ss - Add MODULE_ALIAS to sun4i-ss
    - crypto: inside-secure - fix the invalidation step during cra_exit
    - scsi: mpt3sas: fix an out of bound write
    - scsi: ufs: Enable quirk to ignore sending WRITE_SAME command
    - scsi: bnx2fc: Fix check in SCSI completion handler for timed out request
    - scsi: sym53c8xx_2: iterator underflow in sym_getsync()
    - scsi: mptfusion: Add bounds check in mptctl_hp_targetinfo()
    - scsi: qla2xxx: Avoid triggering undefined behavior in
      qla2x00_mbx_completion()
    - scsi: storvsc: Increase cmd_per_lun for higher speed devices
    - scsi: qedi: Fix truncation of CHAP name and secret
    - scsi: aacraid: fix shutdown crash when init fails
    - scsi: qla4xxx: skip error recovery in case of register disconnect.
    - scsi: qedi: Fix kernel crash during port toggle
    - scsi: mpt3sas: Do not mark fw_event workqueue as WQ_MEM_RECLAIM
    - scsi: sd: Keep disk read-only when re-reading partition
    - scsi: iscsi_tcp: set BDI_CAP_STABLE_WRITES when data digest enabled
    - scsi: aacraid: Insure command thread is not recursively stopped
    - scsi: core: Make SCSI Status CONDITION MET equivalent to GOOD
    - scsi: mvsas: fix wrong endianness of sgpio api
    - ASoC: hdmi-codec: Fix module unloading caused kernel crash
    - ASoC: rockchip: rk3288-hdmi-analog: Select needed codecs
    - ASoC: samsung: odroid: Fix 32000 sample rate handling
    - ASoC: topology: create TLV data for dapm widgets
    - ASoC: samsung: i2s: Ensure the RCLK rate is properly determined
    - clk: rockchip: Fix wrong parent for SDMMC phase clock for rk3228
    - clk: Don't show the incorrect clock phase
    - clk: hisilicon: mark wdt_mux_p[] as const
    - clk: tegra: Fix pll_u rate configuration
    - clk: rockchip: Prevent calculating mmc phase if clock rate is zero
    - clk: samsung: s3c2410: Fix PLL rates
    - clk: samsung: exynos7: Fix PLL rates
    - clk: samsung: exynos5260: Fix PLL rates
    - clk: samsung: exynos5433: Fix PLL rates
    - clk: samsung: exynos5250: Fix PLL rates
    - clk: samsung: exynos3250: Fix PLL rates
    - media: dmxdev: fix error code for invalid ioctls
    - media: Don't let tvp5150_get_vbi() go out of vbi_ram_default array
    - media: ov5645: add missing of_node_put() in error path
    - media: cx23885: Override 888 ImpactVCBe crystal frequency
    - media: cx23885: Set subdev host data to clk_freq pointer
    - media: s3c-camif: fix out-of-bounds array access
    - media: lgdt3306a: Fix a double kfree on i2c device remove
    - media: em28xx: Add Hauppauge SoloHD/DualHD bulk models
    - media: v4l: vsp1: Fix display stalls when requesting too many inputs
    - media: i2c: adv748x: fix HDMI field heights
    - media: vb2: Fix videobuf2 to map correct area
    - media: vivid: fix incorrect capabilities for radio
    - media: cx25821: prevent out-of-bounds read on array card
    - serial: xuartps: Fix out-of-bounds access through DT alias
    - serial: sh-sci: Fix out-of-bounds access through DT alias
    - serial: samsung: Fix out-of-bounds access through serial port index
    - serial: mxs-auart: Fix out-of-bounds access through serial port index
    - serial: imx: Fix out-of-bounds access through serial port index
    - serial: fsl_lpuart: Fix out-of-bounds access through DT alias
    - serial: arc_uart: Fix out-of-bounds access through DT alias
    - serial: 8250: Don't service RX FIFO if interrupts are disabled
    - serial: altera: ensure port->regshift is honored consistently
    - rtc: snvs: Fix usage of snvs_rtc_enable
    - rtc: hctosys: Ensure system time doesn't overflow time_t
    - rtc: rk808: fix possible race condition
    - rtc: m41t80: fix race conditions
    - rtc: tx4939: avoid unintended sign extension on a 24 bit shift
    - rtc: rp5c01: fix possible race condition
    - rtc: goldfish: Add missing MODULE_LICENSE
    - cxgb4: Correct ntuple mask validation for hash filters
    - net: dsa: bcm_sf2: Fix RX_CLS_LOC_ANY overwrite for last rule
    - net: dsa: Do not register devlink for unused ports
    - net: dsa: bcm_sf2: Fix IPv6 rules and chain ID
    - net: dsa: bcm_sf2: Fix IPv6 rule half deletion
    - 3c59x: convert to generic DMA API
    - net: ip6_gre: Request headroom in __gre6_xmit()
    - net: ip6_gre: Split up ip6gre_tnl_link_config()
    - net: ip6_gre: Split up ip6gre_tnl_change()
    - net: ip6_gre: Split up ip6gre_newlink()
    - net: ip6_gre: Split up ip6gre_changelink()
    - qed: LL2 flush isles when connection is closed
    - qed: Fix possibility of list corruption during rmmod flows
    - qed: Fix LL2 race during connection terminate
    - powerpc: Move default security feature flags
    - Bluetooth: btusb: Add support for Intel Bluetooth device 22560 [8087:0026]
    - staging: fsl-dpaa2/eth: Fix incorrect kfree
    - crypto: inside-secure - move the digest to the request context
    - scsi: lpfc: Fix NVME Initiator FirstBurst
    - serial: mvebu-uart: fix tx lost characters
  * Bionic update: upstream stable patchset 2018-07-20 (LP: #1782846)
    - usbip: usbip_host: refine probe and disconnect debug msgs to be useful
    - usbip: usbip_host: delete device from busid_table after rebind
    - usbip: usbip_host: run rebind from exit when module is removed
    - usbip: usbip_host: fix NULL-ptr deref and use-after-free errors
    - usbip: usbip_host: fix bad unlock balance during stub_probe()
    - ALSA: usb: mixer: volume quirk for CM102-A+/102S+
    - ALSA: hda: Add Lenovo C50 All in one to the power_save blacklist
    - ALSA: control: fix a redundant-copy issue
    - spi: pxa2xx: Allow 64-bit DMA
    - spi: bcm-qspi: Avoid setting MSPI_CDRAM_PCS for spi-nor master
    - spi: bcm-qspi: Always read and set BSPI_MAST_N_BOOT_CTRL
    - KVM: arm/arm64: VGIC/ITS save/restore: protect kvm_read_guest() calls
    - KVM: arm/arm64: VGIC/ITS: protect kvm_read_guest() calls with SRCU lock
    - vfio: ccw: fix cleanup if cp_prefetch fails
    - tracing/x86/xen: Remove zero data size trace events
      trace_xen_mmu_flush_tlb{_all}
    - tee: shm: fix use-after-free via temporarily dropped reference
    - netfilter: nf_tables: free set name in error path
    - netfilter: nf_tables: can't fail after linking rule into active rule list
    - netfilter: nf_socket: Fix out of bounds access in nf_sk_lookup_slow_v{4,6}
    - i2c: designware: fix poll-after-enable regression
    - powerpc/powernv: Fix NVRAM sleep in invalid context when crashing
    - drm: Match sysfs name in link removal to link creation
    - lib/test_bitmap.c: fix bitmap optimisation tests to report errors correctly
    - radix tree: fix multi-order iteration race
    - mm: don't allow deferred pages with NEED_PER_CPU_KM
    - drm/i915/gen9: Add WaClearHIZ_WM_CHICKEN3 for bxt and glk
    - s390/qdio: fix access to uninitialized qdio_q fields
    - s390/qdio: don't release memory in qdio_setup_irq()
    - s390: remove indirect branch from do_softirq_own_stack
    - x86/pkeys: Override pkey when moving away from PROT_EXEC
    - x86/pkeys: Do not special case protection key 0
    - efi: Avoid potential crashes, fix the 'struct efi_pci_io_protocol_32'
      definition for mixed mode
    - ARM: 8771/1: kprobes: Prohibit kprobes on do_undefinstr
    - x86/mm: Drop TS_COMPAT on 64-bit exec() syscall
    - tick/broadcast: Use for_each_cpu() specially on UP kernels
    - ARM: 8769/1: kprobes: Fix to use get_kprobe_ctlblk after irq-disabed
    - ARM: 8770/1: kprobes: Prohibit probing on optimized_callback
    - ARM: 8772/1: kprobes: Prohibit kprobes on get_user functions
    - Btrfs: fix xattr loss after power failure
    - Btrfs: send, fix invalid access to commit roots due to concurrent
      snapshotting
    - btrfs: property: Set incompat flag if lzo/zstd compression is set
    - btrfs: fix crash when trying to resume balance without the resume flag
    - btrfs: Split btrfs_del_delalloc_inode into 2 functions
    - btrfs: Fix delalloc inodes invalidation during transaction abort
    - btrfs: fix reading stale metadata blocks after degraded raid1 mounts
    - xhci: Fix USB3 NULL pointer dereference at logical disconnect.
    - KVM: arm/arm64: Properly protect VGIC locks from IRQs
    - KVM: arm/arm64: VGIC/ITS: Promote irq_lock() in update_affinity
    - hwmon: (k10temp) Fix reading critical temperature register
    - hwmon: (k10temp) Use API function to access System Management Network
    - vsprintf: Replace memory barrier with static_key for random_ptr_key update
    - x86/amd_nb: Add support for Raven Ridge CPUs
    - x86/apic/x2apic: Initialize cluster ID properly
  * Bionic update: upstream stable patchset 2018-07-09 (LP: #1780858)
    - 8139too: Use disable_irq_nosync() in rtl8139_poll_controller()
    - bridge: check iface upper dev when setting master via ioctl
    - dccp: fix tasklet usage
    - ipv4: fix fnhe usage by non-cached routes
    - ipv4: fix memory leaks in udp_sendmsg, ping_v4_sendmsg
    - llc: better deal with too small mtu
    - net: ethernet: sun: niu set correct packet size in skb
    - net: ethernet: ti: cpsw: fix packet leaking in dual_mac mode
    - net/mlx4_en: Fix an error handling path in 'mlx4_en_init_netdev()'
    - net/mlx4_en: Verify coalescing parameters are in range
    - net/mlx5e: Err if asked to offload TC match on frag being first
    - net/mlx5: E-Switch, Include VF RDMA stats in vport statistics
    - net sched actions: fix refcnt leak in skbmod
    - net_sched: fq: take care of throttled flows before reuse
    - net: support compat 64-bit time in {s,g}etsockopt
    - net/tls: Don't recursively call push_record during tls_write_space callbacks
    - net/tls: Fix connection stall on partial tls record
    - openvswitch: Don't swap table in nlattr_set() after OVS_ATTR_NESTED is found
    - qmi_wwan: do not steal interfaces from class drivers
    - r8169: fix powering up RTL8168h
    - rds: do not leak kernel memory to user land
    - sctp: delay the authentication for the duplicated cookie-echo chunk
    - sctp: fix the issue that the cookie-ack with auth can't get processed
    - sctp: handle two v4 addrs comparison in sctp_inet6_cmp_addr
    - sctp: remove sctp_chunk_put from fail_mark err path in
      sctp_ulpevent_make_rcvmsg
    - sctp: use the old asoc when making the cookie-ack chunk in dupcook_d
    - tcp_bbr: fix to zero idle_restart only upon S/ACKed data
    - tcp: ignore Fast Open on repair mode
    - tg3: Fix vunmap() BUG_ON() triggered from tg3_free_consistent().
    - bonding: do not allow rlb updates to invalid mac
    - bonding: send learning packets for vlans on slave
    - net: sched: fix error path in tcf_proto_create() when modules are not
      configured
    - net/mlx5e: TX, Use correct counter in dma_map error flow
    - net/mlx5: Avoid cleaning flow steering table twice during error flow
    - hv_netvsc: set master device
    - ipv6: fix uninit-value in ip6_multipath_l3_keys()
    - net/mlx5e: Allow offloading ipv4 header re-write for icmp
    - nsh: fix infinite loop
    - udp: fix SO_BINDTODEVICE
    - l2tp: revert "l2tp: fix missing print session offset info"
    - proc: do not access cmdline nor environ from file-backed areas
    - net/smc: restrict non-blocking connect finish
    - mlxsw: spectrum_switchdev: Do not remove mrouter port from MDB's ports list
    - net/mlx5e: DCBNL fix min inline header size for dscp
    - net: systemport: Correclty disambiguate driver instances
    - sctp: clear the new asoc's stream outcnt in sctp_stream_update
    - tcp: restore autocorking
    - tipc: fix one byte leak in tipc_sk_set_orig_addr()
    - hv_netvsc: Fix net device attach on older Windows hosts
  * Bionic update: upstream stable patchset 2018-07-06 (LP: #1780499)
    - ext4: prevent right-shifting extents beyond EXT_MAX_BLOCKS
    - ipvs: fix rtnl_lock lockups caused by start_sync_thread
    - netfilter: ebtables: don't attempt to allocate 0-sized compat array
    - kcm: Call strp_stop before strp_done in kcm_attach
    - crypto: af_alg - fix possible uninit-value in alg_bind()
    - netlink: fix uninit-value in netlink_sendmsg
    - net: fix rtnh_ok()
    - net: initialize skb->peeked when cloning
    - net: fix uninit-value in __hw_addr_add_ex()
    - dccp: initialize ireq->ir_mark
    - ipv4: fix uninit-value in ip_route_output_key_hash_rcu()
    - soreuseport: initialise timewait reuseport field
    - inetpeer: fix uninit-value in inet_getpeer
    - memcg: fix per_node_info cleanup
    - perf: Remove superfluous allocation error check
    - tcp: fix TCP_REPAIR_QUEUE bound checking
    - bdi: wake up concurrent wb_shutdown() callers.
    - bdi: Fix oops in wb_workfn()
    - gpioib: do not free unrequested descriptors
    - gpio: fix aspeed_gpio unmask irq
    - gpio: fix error path in lineevent_create
    - rfkill: gpio: fix memory leak in probe error path
    - libata: Apply NOLPM quirk for SanDisk SD7UB3Q*G1001 SSDs
    - dm integrity: use kvfree for kvmalloc'd memory
    - tracing: Fix regex_match_front() to not over compare the test string
    - z3fold: fix reclaim lock-ups
    - mm: sections are not offlined during memory hotremove
    - mm, oom: fix concurrent munlock and oom reaper unmap, v3
    - ceph: fix rsize/wsize capping in ceph_direct_read_write()
    - can: kvaser_usb: Increase correct stats counter in kvaser_usb_rx_can_msg()
    - can: hi311x: Acquire SPI lock on ->do_get_berr_counter
    - can: hi311x: Work around TX complete interrupt erratum
    - drm/vc4: Fix scaling of uni-planar formats
    - drm/i915: Fix drm:intel_enable_lvds ERROR message in kernel log
    - drm/atomic: Clean old_state/new_state in drm_atomic_state_default_clear()
    - drm/atomic: Clean private obj old_state/new_state in
      drm_atomic_state_default_clear()
    - net: atm: Fix potential Spectre v1
    - atm: zatm: Fix potential Spectre v1
    - cpufreq: schedutil: Avoid using invalid next_freq
    - Revert "Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174"
    - Bluetooth: btusb: Only check needs_reset_resume DMI table for QCA rome
      chipsets
    - thermal: exynos: Reading temperature makes sense only when TMU is turned on
    - thermal: exynos: Propagate error value from tmu_read()
    - nvme: add quirk to force medium priority for SQ creation
    - smb3: directory sync should not return an error
    - sched/autogroup: Fix possible Spectre-v1 indexing for sched_prio_to_weight[]
    - tracing/uprobe_event: Fix strncpy corner case
    - perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_*
    - perf/x86/cstate: Fix possible Spectre-v1 indexing for pkg_msr
    - perf/x86/msr: Fix possible Spectre-v1 indexing in the MSR driver
    - perf/core: Fix possible Spectre-v1 indexing for ->aux_pages[]
    - perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map()
    - i2c: dev: prevent ZERO_SIZE_PTR deref in i2cdev_ioctl_rdwr()
    - bdi: Fix use after free bug in debugfs_remove()
    - drm/ttm: Use GFP_TRANSHUGE_LIGHT for allocating huge pages
    - drm/i915: Adjust eDP's logical vco in a reliable place.
    - drm/nouveau/ttm: don't dereference nvbo::cli, it can outlive client
    - sched/core: Fix possible Spectre-v1 indexing for sched_prio_to_weight[]
  * Bionic update: upstream stable patchset 2018-06-26 (LP: #1778759)
    - percpu: include linux/sched.h for cond_resched()
    - ACPI / button: make module loadable when booted in non-ACPI mode
    - USB: serial: option: Add support for Quectel EP06
    - ALSA: hda - Fix incorrect usage of IS_REACHABLE()
    - ALSA: pcm: Check PCM state at xfern compat ioctl
    - ALSA: seq: Fix races at MIDI encoding in snd_virmidi_output_trigger()
    - ALSA: dice: fix kernel NULL pointer dereference due to invalid calculation
      for array index
    - ALSA: aloop: Mark paused device as inactive
    - ALSA: aloop: Add missing cable lock to ctl API callbacks
    - tracepoint: Do not warn on ENOMEM
    - scsi: target: Fix fortify_panic kernel exception
    - Input: leds - fix out of bound access
    - Input: atmel_mxt_ts - add touchpad button mapping for Samsung Chromebook Pro
    - rtlwifi: btcoex: Add power_on_setting routine
    - rtlwifi: cleanup 8723be ant_sel definition
    - xfs: prevent creating negative-sized file via INSERT_RANGE
    - RDMA/cxgb4: release hw resources on device removal
    - RDMA/ucma: Allow resolving address w/o specifying source address
    - RDMA/mlx5: Fix multiple NULL-ptr deref errors in rereg_mr flow
    - RDMA/mlx5: Protect from shift operand overflow
    - NET: usb: qmi_wwan: add support for ublox R410M PID 0x90b2
    - IB/mlx5: Use unlimited rate when static rate is not supported
    - IB/hfi1: Fix handling of FECN marked multicast packet
    - IB/hfi1: Fix loss of BECN with AHG
    - IB/hfi1: Fix NULL pointer dereference when invalid num_vls is used
    - iw_cxgb4: Atomically flush per QP HW CQEs
    - drm/vmwgfx: Fix a buffer object leak
    - drm/bridge: vga-dac: Fix edid memory leak
    - test_firmware: fix setting old custom fw path back on exit, second try
    - errseq: Always report a writeback error once
    - USB: serial: visor: handle potential invalid device configuration
    - usb: dwc3: gadget: Fix list_del corruption in dwc3_ep_dequeue
    - USB: Accept bulk endpoints with 1024-byte maxpacket
    - USB: serial: option: reimplement interface masking
    - USB: serial: option: adding support for ublox R410M
    - usb: musb: host: fix potential NULL pointer dereference
    - usb: musb: trace: fix NULL pointer dereference in musb_g_tx()
    - platform/x86: asus-wireless: Fix NULL pointer dereference
    - irqchip/qcom: Fix check for spurious interrupts
    - tracing: Fix bad use of igrab in trace_uprobe.c
    - [Config] CONFIG_ARM64_ERRATUM_1024718=y
    - arm64: Add work around for Arm Cortex-A55 Erratum 1024718
    - Input: atmel_mxt_ts - add touchpad button mapping for Samsung Chromebook Pro
    - infiniband: mlx5: fix build errors when INFINIBAND_USER_ACCESS=m
    - btrfs: Take trans lock before access running trans in check_delayed_ref
    - drm/vc4: Make sure vc4_bo_{inc,dec}_usecnt() calls are balanced
    - xhci: Fix use-after-free in xhci_free_virt_device
    - platform/x86: Kconfig: Fix dell-laptop dependency chain.
    - KVM: x86: remove APIC Timer periodic/oneshot spikes
    - clocksource: Allow clocksource_mark_unstable() on unregistered clocksources
    - clocksource: Initialize cs->wd_list
    - clocksource: Consistent de-rate when marking unstable
  * Bionic update: upstream stable patchset 2018-06-22 (LP: #1778265)
    - ext4: set h_journal if there is a failure starting a reserved handle
    - ext4: add MODULE_SOFTDEP to ensure crc32c is included in the initramfs
    - ext4: add validity checks for bitmap block numbers
    - ext4: fix bitmap position validation
    - random: fix possible sleeping allocation from irq context
    - random: rate limit unseeded randomness warnings
    - usbip: usbip_event: fix to not print kernel pointer address
    - usbip: usbip_host: fix to hold parent lock for device_attach() calls
    - usbip: vhci_hcd: Fix usb device and sockfd leaks
    - usbip: vhci_hcd: check rhport before using in vhci_hub_control()
    - Revert "xhci: plat: Register shutdown for xhci_plat"
    - USB: serial: simple: add libtransistor console
    - USB: serial: ftdi_sio: use jtag quirk for Arrow USB Blaster
    - USB: serial: cp210x: add ID for NI USB serial console
    - usb: core: Add quirk for HP v222w 16GB Mini
    - USB: Increment wakeup count on remote wakeup.
    - ALSA: usb-audio: Skip broken EU on Dell dock USB-audio
    - virtio: add ability to iterate over vqs
    - virtio_console: don't tie bufs to a vq
    - virtio_console: free buffers after reset
    - virtio_console: drop custom control queue cleanup
    - virtio_console: move removal code
    - virtio_console: reset on out of memory
    - drm/virtio: fix vq wait_event condition
    - tty: Don't call panic() at tty_ldisc_init()
    - tty: n_gsm: Fix long delays with control frame timeouts in ADM mode
    - tty: n_gsm: Fix DLCI handling for ADM mode if debug & 2 is not set
    - tty: Avoid possible error pointer dereference at tty_ldisc_restore().
    - tty: Use __GFP_NOFAIL for tty_ldisc_get()
    - ALSA: dice: fix OUI for TC group
    - ALSA: dice: fix error path to destroy initialized stream data
    - ALSA: hda - Skip jack and others for non-existing PCM streams
    - ALSA: opl3: Hardening for potential Spectre v1
    - ALSA: asihpi: Hardening for potential Spectre v1
    - ALSA: hdspm: Hardening for potential Spectre v1
    - ALSA: rme9652: Hardening for potential Spectre v1
    - ALSA: control: Hardening for potential Spectre v1
    - ALSA: pcm: Return negative delays from SNDRV_PCM_IOCTL_DELAY.
    - ALSA: core: Report audio_tstamp in snd_pcm_sync_ptr
    - ALSA: seq: oss: Fix unbalanced use lock for synth MIDI device
    - ALSA: seq: oss: Hardening for potential Spectre v1
    - ALSA: hda: Hardening for potential Spectre v1
    - ALSA: hda/realtek - Add some fixes for ALC233
    - ALSA: hda/realtek - Update ALC255 depop optimize
    - ALSA: hda/realtek - change the location for one of two front mics
    - mtd: spi-nor: cadence-quadspi: Fix page fault kernel panic
    - mtd: cfi: cmdset_0001: Do not allow read/write to suspend erase block.
    - mtd: cfi: cmdset_0001: Workaround Micron Erase suspend bug.
    - mtd: cfi: cmdset_0002: Do not allow read/write to suspend erase block.
    - mtd: rawnand: tango: Fix struct clk memory leak
    - kobject: don't use WARN for registration failures
    - scsi: sd: Defer spinning up drive while SANITIZE is in progress
    - bfq-iosched: ensure to clear bic/bfqq pointers when preparing request
    - vfio: ccw: process ssch with interrupts disabled
    - ANDROID: binder: prevent transactions into own process.
    - PCI: aardvark: Fix logic in advk_pcie_{rd,wr}_conf()
    - PCI: aardvark: Set PIO_ADDR_LS correctly in advk_pcie_rd_conf()
    - PCI: aardvark: Use ISR1 instead of ISR0 interrupt in legacy irq mode
    - PCI: aardvark: Fix PCIe Max Read Request Size setting
    - ARM: amba: Make driver_override output consistent with other buses
    - ARM: amba: Fix race condition with driver_override
    - ARM: amba: Don't read past the end of sysfs "driver_override" buffer
    - ARM: socfpga_defconfig: Remove QSPI Sector 4K size force
    - KVM: arm/arm64: Close VMID generation race
    - crypto: drbg - set freed buffers to NULL
    - ASoC: fsl_esai: Fix divisor calculation failure at lower ratio
    - libceph: un-backoff on tick when we have a authenticated session
    - libceph: reschedule a tick in finish_hunting()
    - libceph: validate con->state at the top of try_write()
    - fpga-manager: altera-ps-spi: preserve nCONFIG state
    - earlycon: Use a pointer table to fix __earlycon_table stride
    - drm/amdgpu: set COMPUTE_PGM_RSRC1 for SGPR/VGPR clearing shaders
    - drm/i915: Enable display WA#1183 from its correct spot
    - objtool, perf: Fix GCC 8 -Wrestrict error
    - tools/lib/subcmd/pager.c: do not alias select() params
    - x86/ipc: Fix x32 version of shmid64_ds and msqid64_ds
    - x86/smpboot: Don't use mwait_play_dead() on AMD systems
    - x86/microcode/intel: Save microcode patch unconditionally
    - x86/microcode: Do not exit early from __reload_late()
    - tick/sched: Do not mess with an enqueued hrtimer
    - arm/arm64: KVM: Add PSCI version selection API
    - powerpc/eeh: Fix race with driver un/bind
    - serial: mvebu-uart: Fix local flags handling on termios update
    - block: do not use interruptible wait anywhere
    - ASoC: dmic: Fix clock parenting
    - PCI / PM: Do not clear state_saved in pci_pm_freeze() when smart suspend is
      set
    - module: Fix display of wrong module .text address
    - drm/edid: Reset more of the display info
    - drm/i915/fbdev: Enable late fbdev initial configuration
    - drm/i915/audio: set minimum CD clock to twice the BCLK
    - drm/amd/display: Fix deadlock when flushing irq
    - drm/amd/display: Disallow enabling CRTC without primary plane with FB
  * Bionic update: upstream stable patchset 2018-06-22 (LP: #1778265) //
    CVE-2018-1108.
    - random: set up the NUMA crng instances after the CRNG is fully initialized
  * Ryzen/Raven Ridge USB ports do not work (LP: #1756700)
    - xhci: Fix USB ports for Dell Inspiron 5775
  * [Ubuntu 1804][boston][ixgbe] EEH causes kernel BUG at /build/linux-
    jWa1Fv/linux-4.15.0/drivers/pci/msi.c:352 (i2S) (LP: #1776389)
    - ixgbe/ixgbevf: Free IRQ when PCI error recovery removes the device
  * Need fix to aacraid driver to prevent panic (LP: #1770095)
    - scsi: aacraid: Correct hba_send to include iu_type
  * kernel: Fix arch random implementation (LP: #1775391)
    - s390/archrandom: Rework arch random implementation.
  * kernel: Fix memory leak on CCA and EP11 CPRB processing. (LP: #1775390)
    - s390/zcrypt: Fix CCA and EP11 CPRB processing failure memory leak.
  * Various fixes for CXL kernel module (LP: #1774471)
    - cxl: Remove function write_timebase_ctrl_psl9() for PSL9
    - cxl: Set the PBCQ Tunnel BAR register when enabling capi mode
    - cxl: Report the tunneled operations status
    - cxl: Configure PSL to not use APC virtual machines
    - cxl: Disable prefault_mode in Radix mode
  * Bluetooth not working (LP: #1764645)
    - Bluetooth: btusb: Apply QCA Rome patches for some ATH3012 models
  * linux-snapdragon: wcn36xx: mac address generation on boot (LP: #1776491)
    - [Config] arm64: snapdragon: WCN36XX_SNAPDRAGON_HACKS=y
    - SAUCE: wcn36xx: read MAC from file or randomly generate one
  * fscache: Fix hanging wait on page discarded by writeback (LP: #1777029)
    - fscache: Fix hanging wait on page discarded by writeback

  [ Ubuntu: 4.15.0-32.35 ]

  * CVE-2018-3620 // CVE-2018-3646
    - cpu: Fix per-cpu regression on ARM64

 -- Kleber Sacilotto de Souza <email address hidden>  Thu, 16 Aug 2018 13:55:00 +0200
Published in cosmic-proposed on 2018-08-14
Published in bionic-security on 2018-08-14
Published in bionic-updates on 2018-08-14
Deleted in bionic-proposed (Reason: moved to -updates)
linux-oem (4.15.0-1015.18) bionic; urgency=medium

  [ Ubuntu: 4.15.0-32.34 ]

  * CVE-2018-5391
    - Revert "net: increase fragment memory usage limits"
  * CVE-2018-3620 // CVE-2018-3646
    - x86/Centaur: Initialize supported CPU features properly
    - x86/Centaur: Report correct CPU/cache topology
    - x86/CPU/AMD: Have smp_num_siblings and cpu_llc_id always be present
    - perf/events/amd/uncore: Fix amd_uncore_llc ID to use pre-defined cpu_llc_id
    - x86/CPU: Rename intel_cacheinfo.c to cacheinfo.c
    - x86/CPU/AMD: Calculate last level cache ID from number of sharing threads
    - x86/CPU: Modify detect_extended_topology() to return result
    - x86/CPU/AMD: Derive CPU topology from CPUID function 0xB when available
    - x86/CPU: Move cpu local function declarations to local header
    - x86/CPU: Make intel_num_cpu_cores() generic
    - x86/CPU: Move cpu_detect_cache_sizes() into init_intel_cacheinfo()
    - x86/CPU: Move x86_cpuinfo::x86_max_cores assignment to
      detect_num_cpu_cores()
    - x86/CPU/AMD: Fix LLC ID bit-shift calculation
    - x86/mm: Factor out pageattr _PAGE_GLOBAL setting
    - x86/mm: Undo double _PAGE_PSE clearing
    - x86/mm: Introduce "default" kernel PTE mask
    - x86/espfix: Document use of _PAGE_GLOBAL
    - x86/mm: Do not auto-massage page protections
    - x86/mm: Remove extra filtering in pageattr code
    - x86/mm: Comment _PAGE_GLOBAL mystery
    - x86/mm: Do not forbid _PAGE_RW before init for __ro_after_init
    - x86/ldt: Fix support_pte_mask filtering in map_ldt_struct()
    - x86/power/64: Fix page-table setup for temporary text mapping
    - x86/pti: Filter at vma->vm_page_prot population
    - x86/boot/64/clang: Use fixup_pointer() to access '__supported_pte_mask'
    - x86/speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT
    - x86/speculation/l1tf: Change order of offset/type in swap entry
    - x86/speculation/l1tf: Protect swap entries against L1TF
    - x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation
    - x86/speculation/l1tf: Make sure the first page is always reserved
    - x86/speculation/l1tf: Add sysfs reporting for l1tf
    - x86/speculation/l1tf: Disallow non privileged high MMIO PROT_NONE mappings
    - x86/speculation/l1tf: Limit swap file size to MAX_PA/2
    - x86/bugs: Move the l1tf function and define pr_fmt properly
    - sched/smt: Update sched_smt_present at runtime
    - x86/smp: Provide topology_is_primary_thread()
    - x86/topology: Provide topology_smt_supported()
    - cpu/hotplug: Make bringup/teardown of smp threads symmetric
    - cpu/hotplug: Split do_cpu_down()
    - cpu/hotplug: Provide knobs to control SMT
    - x86/cpu: Remove the pointless CPU printout
    - x86/cpu/AMD: Remove the pointless detect_ht() call
    - x86/cpu/common: Provide detect_ht_early()
    - x86/cpu/topology: Provide detect_extended_topology_early()
    - x86/cpu/intel: Evaluate smp_num_siblings early
    - x86/CPU/AMD: Do not check CPUID max ext level before parsing SMP info
    - x86/cpu/AMD: Evaluate smp_num_siblings early
    - x86/apic: Ignore secondary threads if nosmt=force
    - x86/speculation/l1tf: Extend 64bit swap file size limit
    - x86/cpufeatures: Add detection of L1D cache flush support.
    - x86/CPU/AMD: Move TOPOEXT reenablement before reading smp_num_siblings
    - x86/speculation/l1tf: Protect PAE swap entries against L1TF
    - x86/speculation/l1tf: Fix up pte->pfn conversion for PAE
    - Revert "x86/apic: Ignore secondary threads if nosmt=force"
    - cpu/hotplug: Boot HT siblings at least once
    - x86/KVM: Warn user if KVM is loaded SMT and L1TF CPU bug being present
    - x86/KVM/VMX: Add module argument for L1TF mitigation
    - x86/KVM/VMX: Add L1D flush algorithm
    - x86/KVM/VMX: Add L1D MSR based flush
    - x86/KVM/VMX: Add L1D flush logic
    - x86/KVM/VMX: Split the VMX MSR LOAD structures to have an host/guest numbers
    - x86/KVM/VMX: Add find_msr() helper function
    - x86/KVM/VMX: Separate the VMX AUTOLOAD guest/host number accounting
    - x86/KVM/VMX: Extend add_atomic_switch_msr() to allow VMENTER only MSRs
    - x86/KVM/VMX: Use MSR save list for IA32_FLUSH_CMD if required
    - cpu/hotplug: Online siblings when SMT control is turned on
    - x86/litf: Introduce vmx status variable
    - x86/kvm: Drop L1TF MSR list approach
    - x86/l1tf: Handle EPT disabled state proper
    - x86/kvm: Move l1tf setup function
    - x86/kvm: Add static key for flush always
    - x86/kvm: Serialize L1D flush parameter setter
    - x86/kvm: Allow runtime control of L1D flush
    - cpu/hotplug: Expose SMT control init function
    - cpu/hotplug: Set CPU_SMT_NOT_SUPPORTED early
    - x86/bugs, kvm: Introduce boot-time control of L1TF mitigations
    - Documentation: Add section about CPU vulnerabilities
    - x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED architectures
    - x86/KVM/VMX: Initialize the vmx_l1d_flush_pages' content
    - Documentation/l1tf: Fix typos
    - cpu/hotplug: detect SMT disabled by BIOS
    - x86/KVM/VMX: Don't set l1tf_flush_l1d to true from vmx_l1d_flush()
    - x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with 'vmx_l1d_flush_cond'
    - x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush()
    - x86/irq: Demote irq_cpustat_t::__softirq_pending to u16
    - x86/KVM/VMX: Introduce per-host-cpu analogue of l1tf_flush_l1d
    - x86: Don't include linux/irq.h from asm/hardirq.h
    - x86/irq: Let interrupt handlers set kvm_cpu_l1tf_flush_l1d
    - x86/KVM/VMX: Don't set l1tf_flush_l1d from vmx_handle_external_intr()
    - Documentation/l1tf: Remove Yonah processors from not vulnerable list
    - x86/speculation: Simplify sysfs report of VMX L1TF vulnerability
    - x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry
    - KVM: x86: Add a framework for supporting MSR-based features
    - KVM: X86: Introduce kvm_get_msr_feature()
    - KVM: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR
    - KVM: VMX: Tell the nested hypervisor to skip L1D flush on vmentry
    - cpu/hotplug: Fix SMT supported evaluation
    - x86/speculation/l1tf: Invert all not present mappings
    - x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert
    - x86/mm/pat: Make set_memory_np() L1TF safe

 -- Stefan Bader <email address hidden>  Fri, 10 Aug 2018 10:51:05 +0200
Deleted in bionic-proposed on 2018-08-17 (Reason: NBS)
linux-oem (4.15.0-1014.17) bionic; urgency=medium

  * linux-oem: 4.15.0-1014.17 -proposed tracker (LP: #1784284)

  [ Ubuntu: 4.15.0-31.33 ]

  * linux: 4.15.0-31.33 -proposed tracker (LP: #1784281)
  * ubuntu_bpf_jit test failed on Bionic s390x systems (LP: #1753941)
    - test_bpf: flag tests that cannot be jited on s390
  * HDMI/DP audio can't work on the laptop of Dell Latitude 5495 (LP: #1782689)
    - drm/nouveau: fix nouveau_dsm_get_client_id()'s return type
    - drm/radeon: fix radeon_atpx_get_client_id()'s return type
    - drm/amdgpu: fix amdgpu_atpx_get_client_id()'s return type
    - platform/x86: apple-gmux: fix gmux_get_client_id()'s return type
    - ALSA: hda: use PCI_BASE_CLASS_DISPLAY to replace PCI_CLASS_DISPLAY_VGA
    - vga_switcheroo: set audio client id according to bound GPU id
  * locking sockets broken due to missing AppArmor socket mediation patches
    (LP: #1780227)
    - UBUNTU SAUCE: apparmor: fix apparmor mediating locking non-fs, unix sockets
  * Update2 for ocxl driver (LP: #1781436)
    - ocxl: Fix page fault handler in case of fault on dying process
  * RTNL assertion failure on ipvlan (LP: #1776927)
    - ipvlan: drop ipv6 dependency
    - ipvlan: use per device spinlock to protect addrs list updates
  * netns: unable to follow an interface that moves to another netns
    (LP: #1774225)
    - net: core: Expose number of link up/down transitions
    - dev: always advertise the new nsid when the netns iface changes
    - dev: advertise the new ifindex when the netns iface changes
  * [Bionic] Disk IO hangs when using BFQ as io scheduler (LP: #1780066)
    - block, bfq: fix occurrences of request finish method's old name
    - block, bfq: remove batches of confusing ifdefs
    - block, bfq: add requeue-request hook
  * HP ProBook 455 G5 needs mute-led-gpio fixup (LP: #1781763)
    - ALSA: hda: add mute led support for HP ProBook 455 G5
  * [Bionic] bug fixes to improve stability of the ThunderX2 i2c driver
    (LP: #1781476)
    - i2c: xlp9xx: Fix issue seen when updating receive length
    - i2c: xlp9xx: Make sure the transfer size is not more than
      I2C_SMBUS_BLOCK_SIZE
  * x86/kvm: fix LAPIC timer drift when guest uses periodic mode (LP: #1778486)
    - x86/kvm: fix LAPIC timer drift when guest uses periodic mode
  * Please include ax88179_178a and r8152 modules in d-i udeb (LP: #1771823)
    - [Config:] d-i: Add ax88179_178a and r8152 to nic-modules
  * Nvidia fails after switching its mode (LP: #1778658)
    - PCI: Restore config space on runtime resume despite being unbound
  * Kernel error "task zfs:pid blocked for more than 120 seconds" (LP: #1781364)
    - SAUCE: (noup) zfs to 0.7.5-1ubuntu16.3
  * CVE-2018-12232
    - PATCH 1/1] socket: close race condition between sock_close() and
      sockfs_setattr()
  * CVE-2018-10323
    - xfs: set format back to extents if xfs_bmap_extents_to_btree
  * change front mic location for more lenovo m7/8/9xx machines (LP: #1781316)
    - ALSA: hda/realtek - Fix the problem of two front mics on more machines
    - ALSA: hda/realtek - two more lenovo models need fixup of MIC_LOCATION
  * Cephfs + fscache: unable to handle kernel NULL pointer dereference at
    0000000000000000 IP: jbd2__journal_start+0x22/0x1f0 (LP: #1783246)
    - ceph: track read contexts in ceph_file_info
  * Touchpad of ThinkPad P52 failed to work with message "lost sync at byte"
    (LP: #1779802)
    - Input: elantech - fix V4 report decoding for module with middle key
    - Input: elantech - enable middle button of touchpads on ThinkPad P52
  * xhci_hcd 0000:00:14.0: Root hub is not suspended (LP: #1779823)
    - usb: xhci: dbc: Fix lockdep warning
    - usb: xhci: dbc: Don't decrement runtime PM counter if DBC is not started
  * CVE-2018-13406
    - video: uvesafb: Fix integer overflow in allocation
  * CVE-2018-10840
    - ext4: correctly handle a zero-length xattr with a non-zero e_value_offs
  * CVE-2018-11412
    - ext4: do not allow external inodes for inline data
  * CVE-2018-10881
    - ext4: clear i_data in ext4_inode_info when removing inline data
  * CVE-2018-12233
    - jfs: Fix inconsistency between memory allocation and ea_buf->max_size
  * CVE-2018-12904
    - kvm: nVMX: Enforce cpl=0 for VMX instructions
  * Error parsing PCC subspaces from PCCT (LP: #1528684)
    - mailbox: PCC: erroneous error message when parsing ACPI PCCT
  * CVE-2018-13094
    - xfs: don't call xfs_da_shrink_inode with NULL bp
  * other users' coredumps can be read via setgid directory and killpriv bypass
    (LP: #1779923) // CVE-2018-13405
    - Fix up non-directory creation in SGID directories
  * Invoking obsolete 'firmware_install' target breaks snap build (LP: #1782166)
    - snapcraft.yaml: stop invoking the obsolete (and non-existing)
      'firmware_install' target
  * snapcraft.yaml: missing ubuntu-retpoline-extract-one script breaks the build
    (LP: #1782116)
    - snapcraft.yaml: copy retpoline-extract-one to scripts before build
  * Allow Raven Ridge's audio controller to be runtime suspended (LP: #1782540)
    - ALSA: hda: Add AZX_DCAPS_PM_RUNTIME for AMD Raven Ridge
  * CVE-2018-11506
    - sr: pass down correctly sized SCSI sense buffer
  * Bionic update: upstream stable patchset 2018-07-24 (LP: #1783418)
    - net: Fix a bug in removing queues from XPS map
    - net/mlx4_core: Fix error handling in mlx4_init_port_info.
    - net/sched: fix refcnt leak in the error path of tcf_vlan_init()
    - net: sched: red: avoid hashing NULL child
    - net/smc: check for missing nlattrs in SMC_PNETID messages
    - net: test tailroom before appending to linear skb
    - packet: in packet_snd start writing at link layer allocation
    - sock_diag: fix use-after-free read in __sk_free
    - tcp: purge write queue in tcp_connect_init()
    - vmxnet3: set the DMA mask before the first DMA map operation
    - vmxnet3: use DMA memory barriers where required
    - hv_netvsc: empty current transmit aggregation if flow blocked
    - hv_netvsc: Use the num_online_cpus() for channel limit
    - hv_netvsc: avoid retry on send during shutdown
    - hv_netvsc: only wake transmit queue if link is up
    - hv_netvsc: fix error unwind handling if vmbus_open fails
    - hv_netvsc: cancel subchannel setup before halting device
    - hv_netvsc: fix race in napi poll when rescheduling
    - hv_netvsc: defer queue selection to VF
    - hv_netvsc: disable NAPI before channel close
    - hv_netvsc: use RCU to fix concurrent rx and queue changes
    - hv_netvsc: change GPAD teardown order on older versions
    - hv_netvsc: common detach logic
    - hv_netvsc: Use Windows version instead of NVSP version on GPAD teardown
    - hv_netvsc: Split netvsc_revoke_buf() and netvsc_teardown_gpadl()
    - hv_netvsc: Ensure correct teardown message sequence order
    - hv_netvsc: Fix a network regression after ifdown/ifup
    - sparc: vio: use put_device() instead of kfree()
    - ext2: fix a block leak
    - s390: add assembler macros for CPU alternatives
    - s390: move expoline assembler macros to a header
    - s390/crc32-vx: use expoline for indirect branches
    - s390/lib: use expoline for indirect branches
    - s390/ftrace: use expoline for indirect branches
    - s390/kernel: use expoline for indirect branches
    - s390: move spectre sysfs attribute code
    - s390: extend expoline to BC instructions
    - s390: use expoline thunks in the BPF JIT
    - scsi: sg: allocate with __GFP_ZERO in sg_build_indirect()
    - scsi: zfcp: fix infinite iteration on ERP ready list
    - loop: don't call into filesystem while holding lo_ctl_mutex
    - loop: fix LOOP_GET_STATUS lock imbalance
    - cfg80211: limit wiphy names to 128 bytes
    - hfsplus: stop workqueue when fill_super() failed
    - x86/kexec: Avoid double free_page() upon do_kexec_load() failure
    - usb: gadget: f_uac2: fix bFirstInterface in composite gadget
    - usb: dwc3: Undo PHY init if soft reset fails
    - usb: dwc3: omap: don't miss events during suspend/resume
    - usb: gadget: core: Fix use-after-free of usb_request
    - usb: gadget: fsl_udc_core: fix ep valid checks
    - usb: dwc2: Fix dwc2_hsotg_core_init_disconnected()
    - usb: cdc_acm: prevent race at write to acm while system resumes
    - net: usbnet: fix potential deadlock on 32bit hosts
    - ARM: dts: imx7d-sdb: Fix regulator-usb-otg2-vbus node name
    - usb: host: xhci-plat: revert "usb: host: xhci-plat: enable clk in resume
      timing"
    - USB: OHCI: Fix NULL dereference in HCDs using HCD_LOCAL_MEM
    - net/usb/qmi_wwan.c: Add USB id for lt4120 modem
    - net-usb: add qmi_wwan if on lte modem wistron neweb d18q1
    - Bluetooth: btusb: Add USB ID 7392:a611 for Edimax EW-7611ULB
    - ALSA: usb-audio: Add native DSD support for Luxman DA-06
    - usb: dwc3: Add SoftReset PHY synchonization delay
    - usb: dwc3: Update DWC_usb31 GTXFIFOSIZ reg fields
    - usb: dwc3: Makefile: fix link error on randconfig
    - xhci: zero usb device slot_id member when disabling and freeing a xhci slot
    - usb: dwc2: Fix interval type issue
    - usb: dwc2: hcd: Fix host channel halt flow
    - usb: dwc2: host: Fix transaction errors in host mode
    - usb: gadget: ffs: Let setup() return USB_GADGET_DELAYED_STATUS
    - usb: gadget: ffs: Execute copy_to_user() with USER_DS set
    - usbip: Correct maximum value of CONFIG_USBIP_VHCI_HC_PORTS
    - usb: gadget: udc: change comparison to bitshift when dealing with a mask
    - usb: gadget: composite: fix incorrect handling of OS desc requests
    - media: lgdt3306a: Fix module count mismatch on usb unplug
    - media: em28xx: USB bulk packet size fix
    - Bluetooth: btusb: Add device ID for RTL8822BE
    - xhci: Show what USB release number the xHC supports from protocol capablity
    - staging: bcm2835-audio: Release resources on module_exit()
    - staging: lustre: fix bug in osc_enter_cache_try
    - staging: fsl-dpaa2/eth: Fix incorrect casts
    - staging: rtl8192u: return -ENOMEM on failed allocation of priv->oldaddr
    - staging: ks7010: Use constants from ieee80211_eid instead of literal ints.
    - staging: lustre: lmv: correctly iput lmo_root
    - crypto: inside-secure - wait for the request to complete if in the backlog
    - crypto: atmel-aes - fix the keys zeroing on errors
    - crypto: ccp - don't disable interrupts while setting up debugfs
    - crypto: inside-secure - do not process request if no command was issued
    - crypto: inside-secure - fix the cache_len computation
    - crypto: inside-secure - fix the extra cache computation
    - crypto: sunxi-ss - Add MODULE_ALIAS to sun4i-ss
    - crypto: inside-secure - fix the invalidation step during cra_exit
    - scsi: mpt3sas: fix an out of bound write
    - scsi: ufs: Enable quirk to ignore sending WRITE_SAME command
    - scsi: bnx2fc: Fix check in SCSI completion handler for timed out request
    - scsi: sym53c8xx_2: iterator underflow in sym_getsync()
    - scsi: mptfusion: Add bounds check in mptctl_hp_targetinfo()
    - scsi: qla2xxx: Avoid triggering undefined behavior in
      qla2x00_mbx_completion()
    - scsi: storvsc: Increase cmd_per_lun for higher speed devices
    - scsi: qedi: Fix truncation of CHAP name and secret
    - scsi: aacraid: fix shutdown crash when init fails
    - scsi: qla4xxx: skip error recovery in case of register disconnect.
    - scsi: qedi: Fix kernel crash during port toggle
    - scsi: mpt3sas: Do not mark fw_event workqueue as WQ_MEM_RECLAIM
    - scsi: sd: Keep disk read-only when re-reading partition
    - scsi: iscsi_tcp: set BDI_CAP_STABLE_WRITES when data digest enabled
    - scsi: aacraid: Insure command thread is not recursively stopped
    - scsi: core: Make SCSI Status CONDITION MET equivalent to GOOD
    - scsi: mvsas: fix wrong endianness of sgpio api
    - ASoC: hdmi-codec: Fix module unloading caused kernel crash
    - ASoC: rockchip: rk3288-hdmi-analog: Select needed codecs
    - ASoC: samsung: odroid: Fix 32000 sample rate handling
    - ASoC: topology: create TLV data for dapm widgets
    - ASoC: samsung: i2s: Ensure the RCLK rate is properly determined
    - clk: rockchip: Fix wrong parent for SDMMC phase clock for rk3228
    - clk: Don't show the incorrect clock phase
    - clk: hisilicon: mark wdt_mux_p[] as const
    - clk: tegra: Fix pll_u rate configuration
    - clk: rockchip: Prevent calculating mmc phase if clock rate is zero
    - clk: samsung: s3c2410: Fix PLL rates
    - clk: samsung: exynos7: Fix PLL rates
    - clk: samsung: exynos5260: Fix PLL rates
    - clk: samsung: exynos5433: Fix PLL rates
    - clk: samsung: exynos5250: Fix PLL rates
    - clk: samsung: exynos3250: Fix PLL rates
    - media: dmxdev: fix error code for invalid ioctls
    - media: Don't let tvp5150_get_vbi() go out of vbi_ram_default array
    - media: ov5645: add missing of_node_put() in error path
    - media: cx23885: Override 888 ImpactVCBe crystal frequency
    - media: cx23885: Set subdev host data to clk_freq pointer
    - media: s3c-camif: fix out-of-bounds array access
    - media: lgdt3306a: Fix a double kfree on i2c device remove
    - media: em28xx: Add Hauppauge SoloHD/DualHD bulk models
    - media: v4l: vsp1: Fix display stalls when requesting too many inputs
    - media: i2c: adv748x: fix HDMI field heights
    - media: vb2: Fix videobuf2 to map correct area
    - media: vivid: fix incorrect capabilities for radio
    - media: cx25821: prevent out-of-bounds read on array card
    - serial: xuartps: Fix out-of-bounds access through DT alias
    - serial: sh-sci: Fix out-of-bounds access through DT alias
    - serial: samsung: Fix out-of-bounds access through serial port index
    - serial: mxs-auart: Fix out-of-bounds access through serial port index
    - serial: imx: Fix out-of-bounds access through serial port index
    - serial: fsl_lpuart: Fix out-of-bounds access through DT alias
    - serial: arc_uart: Fix out-of-bounds access through DT alias
    - serial: 8250: Don't service RX FIFO if interrupts are disabled
    - serial: altera: ensure port->regshift is honored consistently
    - rtc: snvs: Fix usage of snvs_rtc_enable
    - rtc: hctosys: Ensure system time doesn't overflow time_t
    - rtc: rk808: fix possible race condition
    - rtc: m41t80: fix race conditions
    - rtc: tx4939: avoid unintended sign extension on a 24 bit shift
    - rtc: rp5c01: fix possible race condition
    - rtc: goldfish: Add missing MODULE_LICENSE
    - cxgb4: Correct ntuple mask validation for hash filters
    - net: dsa: bcm_sf2: Fix RX_CLS_LOC_ANY overwrite for last rule
    - net: dsa: Do not register devlink for unused ports
    - net: dsa: bcm_sf2: Fix IPv6 rules and chain ID
    - net: dsa: bcm_sf2: Fix IPv6 rule half deletion
    - 3c59x: convert to generic DMA API
    - net: ip6_gre: Request headroom in __gre6_xmit()
    - net: ip6_gre: Split up ip6gre_tnl_link_config()
    - net: ip6_gre: Split up ip6gre_tnl_change()
    - net: ip6_gre: Split up ip6gre_newlink()
    - net: ip6_gre: Split up ip6gre_changelink()
    - qed: LL2 flush isles when connection is closed
    - qed: Fix possibility of list corruption during rmmod flows
    - qed: Fix LL2 race during connection terminate
    - powerpc: Move default security feature flags
    - Bluetooth: btusb: Add support for Intel Bluetooth device 22560 [8087:0026]
    - staging: fsl-dpaa2/eth: Fix incorrect kfree
    - crypto: inside-secure - move the digest to the request context
    - scsi: lpfc: Fix NVME Initiator FirstBurst
    - serial: mvebu-uart: fix tx lost characters
  * Bionic update: upstream stable patchset 2018-07-20 (LP: #1782846)
    - usbip: usbip_host: refine probe and disconnect debug msgs to be useful
    - usbip: usbip_host: delete device from busid_table after rebind
    - usbip: usbip_host: run rebind from exit when module is removed
    - usbip: usbip_host: fix NULL-ptr deref and use-after-free errors
    - usbip: usbip_host: fix bad unlock balance during stub_probe()
    - ALSA: usb: mixer: volume quirk for CM102-A+/102S+
    - ALSA: hda: Add Lenovo C50 All in one to the power_save blacklist
    - ALSA: control: fix a redundant-copy issue
    - spi: pxa2xx: Allow 64-bit DMA
    - spi: bcm-qspi: Avoid setting MSPI_CDRAM_PCS for spi-nor master
    - spi: bcm-qspi: Always read and set BSPI_MAST_N_BOOT_CTRL
    - KVM: arm/arm64: VGIC/ITS save/restore: protect kvm_read_guest() calls
    - KVM: arm/arm64: VGIC/ITS: protect kvm_read_guest() calls with SRCU lock
    - vfio: ccw: fix cleanup if cp_prefetch fails
    - tracing/x86/xen: Remove zero data size trace events
      trace_xen_mmu_flush_tlb{_all}
    - tee: shm: fix use-after-free via temporarily dropped reference
    - netfilter: nf_tables: free set name in error path
    - netfilter: nf_tables: can't fail after linking rule into active rule list
    - netfilter: nf_socket: Fix out of bounds access in nf_sk_lookup_slow_v{4,6}
    - i2c: designware: fix poll-after-enable regression
    - powerpc/powernv: Fix NVRAM sleep in invalid context when crashing
    - drm: Match sysfs name in link removal to link creation
    - lib/test_bitmap.c: fix bitmap optimisation tests to report errors correctly
    - radix tree: fix multi-order iteration race
    - mm: don't allow deferred pages with NEED_PER_CPU_KM
    - drm/i915/gen9: Add WaClearHIZ_WM_CHICKEN3 for bxt and glk
    - s390/qdio: fix access to uninitialized qdio_q fields
    - s390/qdio: don't release memory in qdio_setup_irq()
    - s390: remove indirect branch from do_softirq_own_stack
    - x86/pkeys: Override pkey when moving away from PROT_EXEC
    - x86/pkeys: Do not special case protection key 0
    - efi: Avoid potential crashes, fix the 'struct efi_pci_io_protocol_32'
      definition for mixed mode
    - ARM: 8771/1: kprobes: Prohibit kprobes on do_undefinstr
    - x86/mm: Drop TS_COMPAT on 64-bit exec() syscall
    - tick/broadcast: Use for_each_cpu() specially on UP kernels
    - ARM: 8769/1: kprobes: Fix to use get_kprobe_ctlblk after irq-disabed
    - ARM: 8770/1: kprobes: Prohibit probing on optimized_callback
    - ARM: 8772/1: kprobes: Prohibit kprobes on get_user functions
    - Btrfs: fix xattr loss after power failure
    - Btrfs: send, fix invalid access to commit roots due to concurrent
      snapshotting
    - btrfs: property: Set incompat flag if lzo/zstd compression is set
    - btrfs: fix crash when trying to resume balance without the resume flag
    - btrfs: Split btrfs_del_delalloc_inode into 2 functions
    - btrfs: Fix delalloc inodes invalidation during transaction abort
    - btrfs: fix reading stale metadata blocks after degraded raid1 mounts
    - xhci: Fix USB3 NULL pointer dereference at logical disconnect.
    - KVM: arm/arm64: Properly protect VGIC locks from IRQs
    - KVM: arm/arm64: VGIC/ITS: Promote irq_lock() in update_affinity
    - hwmon: (k10temp) Fix reading critical temperature register
    - hwmon: (k10temp) Use API function to access System Management Network
    - vsprintf: Replace memory barrier with static_key for random_ptr_key update
    - x86/amd_nb: Add support for Raven Ridge CPUs
    - x86/apic/x2apic: Initialize cluster ID properly
  * Bionic update: upstream stable patchset 2018-07-09 (LP: #1780858)
    - 8139too: Use disable_irq_nosync() in rtl8139_poll_controller()
    - bridge: check iface upper dev when setting master via ioctl
    - dccp: fix tasklet usage
    - ipv4: fix fnhe usage by non-cached routes
    - ipv4: fix memory leaks in udp_sendmsg, ping_v4_sendmsg
    - llc: better deal with too small mtu
    - net: ethernet: sun: niu set correct packet size in skb
    - net: ethernet: ti: cpsw: fix packet leaking in dual_mac mode
    - net/mlx4_en: Fix an error handling path in 'mlx4_en_init_netdev()'
    - net/mlx4_en: Verify coalescing parameters are in range
    - net/mlx5e: Err if asked to offload TC match on frag being first
    - net/mlx5: E-Switch, Include VF RDMA stats in vport statistics
    - net sched actions: fix refcnt leak in skbmod
    - net_sched: fq: take care of throttled flows before reuse
    - net: support compat 64-bit time in {s,g}etsockopt
    - net/tls: Don't recursively call push_record during tls_write_space callbacks
    - net/tls: Fix connection stall on partial tls record
    - openvswitch: Don't swap table in nlattr_set() after OVS_ATTR_NESTED is found
    - qmi_wwan: do not steal interfaces from class drivers
    - r8169: fix powering up RTL8168h
    - rds: do not leak kernel memory to user land
    - sctp: delay the authentication for the duplicated cookie-echo chunk
    - sctp: fix the issue that the cookie-ack with auth can't get processed
    - sctp: handle two v4 addrs comparison in sctp_inet6_cmp_addr
    - sctp: remove sctp_chunk_put from fail_mark err path in
      sctp_ulpevent_make_rcvmsg
    - sctp: use the old asoc when making the cookie-ack chunk in dupcook_d
    - tcp_bbr: fix to zero idle_restart only upon S/ACKed data
    - tcp: ignore Fast Open on repair mode
    - tg3: Fix vunmap() BUG_ON() triggered from tg3_free_consistent().
    - bonding: do not allow rlb updates to invalid mac
    - bonding: send learning packets for vlans on slave
    - net: sched: fix error path in tcf_proto_create() when modules are not
      configured
    - net/mlx5e: TX, Use correct counter in dma_map error flow
    - net/mlx5: Avoid cleaning flow steering table twice during error flow
    - hv_netvsc: set master device
    - ipv6: fix uninit-value in ip6_multipath_l3_keys()
    - net/mlx5e: Allow offloading ipv4 header re-write for icmp
    - nsh: fix infinite loop
    - udp: fix SO_BINDTODEVICE
    - l2tp: revert "l2tp: fix missing print session offset info"
    - proc: do not access cmdline nor environ from file-backed areas
    - net/smc: restrict non-blocking connect finish
    - mlxsw: spectrum_switchdev: Do not remove mrouter port from MDB's ports list
    - net/mlx5e: DCBNL fix min inline header size for dscp
    - net: systemport: Correclty disambiguate driver instances
    - sctp: clear the new asoc's stream outcnt in sctp_stream_update
    - tcp: restore autocorking
    - tipc: fix one byte leak in tipc_sk_set_orig_addr()
    - hv_netvsc: Fix net device attach on older Windows hosts
  * Bionic update: upstream stable patchset 2018-07-06 (LP: #1780499)
    - ext4: prevent right-shifting extents beyond EXT_MAX_BLOCKS
    - ipvs: fix rtnl_lock lockups caused by start_sync_thread
    - netfilter: ebtables: don't attempt to allocate 0-sized compat array
    - kcm: Call strp_stop before strp_done in kcm_attach
    - crypto: af_alg - fix possible uninit-value in alg_bind()
    - netlink: fix uninit-value in netlink_sendmsg
    - net: fix rtnh_ok()
    - net: initialize skb->peeked when cloning
    - net: fix uninit-value in __hw_addr_add_ex()
    - dccp: initialize ireq->ir_mark
    - ipv4: fix uninit-value in ip_route_output_key_hash_rcu()
    - soreuseport: initialise timewait reuseport field
    - inetpeer: fix uninit-value in inet_getpeer
    - memcg: fix per_node_info cleanup
    - perf: Remove superfluous allocation error check
    - tcp: fix TCP_REPAIR_QUEUE bound checking
    - bdi: wake up concurrent wb_shutdown() callers.
    - bdi: Fix oops in wb_workfn()
    - gpioib: do not free unrequested descriptors
    - gpio: fix aspeed_gpio unmask irq
    - gpio: fix error path in lineevent_create
    - rfkill: gpio: fix memory leak in probe error path
    - libata: Apply NOLPM quirk for SanDisk SD7UB3Q*G1001 SSDs
    - dm integrity: use kvfree for kvmalloc'd memory
    - tracing: Fix regex_match_front() to not over compare the test string
    - z3fold: fix reclaim lock-ups
    - mm: sections are not offlined during memory hotremove
    - mm, oom: fix concurrent munlock and oom reaper unmap, v3
    - ceph: fix rsize/wsize capping in ceph_direct_read_write()
    - can: kvaser_usb: Increase correct stats counter in kvaser_usb_rx_can_msg()
    - can: hi311x: Acquire SPI lock on ->do_get_berr_counter
    - can: hi311x: Work around TX complete interrupt erratum
    - drm/vc4: Fix scaling of uni-planar formats
    - drm/i915: Fix drm:intel_enable_lvds ERROR message in kernel log
    - drm/atomic: Clean old_state/new_state in drm_atomic_state_default_clear()
    - drm/atomic: Clean private obj old_state/new_state in
      drm_atomic_state_default_clear()
    - net: atm: Fix potential Spectre v1
    - atm: zatm: Fix potential Spectre v1
    - cpufreq: schedutil: Avoid using invalid next_freq
    - Revert "Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174"
    - Bluetooth: btusb: Only check needs_reset_resume DMI table for QCA rome
      chipsets
    - thermal: exynos: Reading temperature makes sense only when TMU is turned on
    - thermal: exynos: Propagate error value from tmu_read()
    - nvme: add quirk to force medium priority for SQ creation
    - smb3: directory sync should not return an error
    - sched/autogroup: Fix possible Spectre-v1 indexing for sched_prio_to_weight[]
    - tracing/uprobe_event: Fix strncpy corner case
    - perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_*
    - perf/x86/cstate: Fix possible Spectre-v1 indexing for pkg_msr
    - perf/x86/msr: Fix possible Spectre-v1 indexing in the MSR driver
    - perf/core: Fix possible Spectre-v1 indexing for ->aux_pages[]
    - perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map()
    - i2c: dev: prevent ZERO_SIZE_PTR deref in i2cdev_ioctl_rdwr()
    - bdi: Fix use after free bug in debugfs_remove()
    - drm/ttm: Use GFP_TRANSHUGE_LIGHT for allocating huge pages
    - drm/i915: Adjust eDP's logical vco in a reliable place.
    - drm/nouveau/ttm: don't dereference nvbo::cli, it can outlive client
    - sched/core: Fix possible Spectre-v1 indexing for sched_prio_to_weight[]
  * Bionic update: upstream stable patchset 2018-06-26 (LP: #1778759)
    - percpu: include linux/sched.h for cond_resched()
    - ACPI / button: make module loadable when booted in non-ACPI mode
    - USB: serial: option: Add support for Quectel EP06
    - ALSA: hda - Fix incorrect usage of IS_REACHABLE()
    - ALSA: pcm: Check PCM state at xfern compat ioctl
    - ALSA: seq: Fix races at MIDI encoding in snd_virmidi_output_trigger()
    - ALSA: dice: fix kernel NULL pointer dereference due to invalid calculation
      for array index
    - ALSA: aloop: Mark paused device as inactive
    - ALSA: aloop: Add missing cable lock to ctl API callbacks
    - tracepoint: Do not warn on ENOMEM
    - scsi: target: Fix fortify_panic kernel exception
    - Input: leds - fix out of bound access
    - Input: atmel_mxt_ts - add touchpad button mapping for Samsung Chromebook Pro
    - rtlwifi: btcoex: Add power_on_setting routine
    - rtlwifi: cleanup 8723be ant_sel definition
    - xfs: prevent creating negative-sized file via INSERT_RANGE
    - RDMA/cxgb4: release hw resources on device removal
    - RDMA/ucma: Allow resolving address w/o specifying source address
    - RDMA/mlx5: Fix multiple NULL-ptr deref errors in rereg_mr flow
    - RDMA/mlx5: Protect from shift operand overflow
    - NET: usb: qmi_wwan: add support for ublox R410M PID 0x90b2
    - IB/mlx5: Use unlimited rate when static rate is not supported
    - IB/hfi1: Fix handling of FECN marked multicast packet
    - IB/hfi1: Fix loss of BECN with AHG
    - IB/hfi1: Fix NULL pointer dereference when invalid num_vls is used
    - iw_cxgb4: Atomically flush per QP HW CQEs
    - drm/vmwgfx: Fix a buffer object leak
    - drm/bridge: vga-dac: Fix edid memory leak
    - test_firmware: fix setting old custom fw path back on exit, second try
    - errseq: Always report a writeback error once
    - USB: serial: visor: handle potential invalid device configuration
    - usb: dwc3: gadget: Fix list_del corruption in dwc3_ep_dequeue
    - USB: Accept bulk endpoints with 1024-byte maxpacket
    - USB: serial: option: reimplement interface masking
    - USB: serial: option: adding support for ublox R410M
    - usb: musb: host: fix potential NULL pointer dereference
    - usb: musb: trace: fix NULL pointer dereference in musb_g_tx()
    - platform/x86: asus-wireless: Fix NULL pointer dereference
    - irqchip/qcom: Fix check for spurious interrupts
    - tracing: Fix bad use of igrab in trace_uprobe.c
    - [Config] CONFIG_ARM64_ERRATUM_1024718=y
    - arm64: Add work around for Arm Cortex-A55 Erratum 1024718
    - Input: atmel_mxt_ts - add touchpad button mapping for Samsung Chromebook Pro
    - infiniband: mlx5: fix build errors when INFINIBAND_USER_ACCESS=m
    - btrfs: Take trans lock before access running trans in check_delayed_ref
    - drm/vc4: Make sure vc4_bo_{inc,dec}_usecnt() calls are balanced
    - xhci: Fix use-after-free in xhci_free_virt_device
    - platform/x86: Kconfig: Fix dell-laptop dependency chain.
    - KVM: x86: remove APIC Timer periodic/oneshot spikes
    - clocksource: Allow clocksource_mark_unstable() on unregistered clocksources
    - clocksource: Initialize cs->wd_list
    - clocksource: Consistent de-rate when marking unstable
  * Bionic update: upstream stable patchset 2018-06-22 (LP: #1778265)
    - ext4: set h_journal if there is a failure starting a reserved handle
    - ext4: add MODULE_SOFTDEP to ensure crc32c is included in the initramfs
    - ext4: add validity checks for bitmap block numbers
    - ext4: fix bitmap position validation
    - random: fix possible sleeping allocation from irq context
    - random: rate limit unseeded randomness warnings
    - usbip: usbip_event: fix to not print kernel pointer address
    - usbip: usbip_host: fix to hold parent lock for device_attach() calls
    - usbip: vhci_hcd: Fix usb device and sockfd leaks
    - usbip: vhci_hcd: check rhport before using in vhci_hub_control()
    - Revert "xhci: plat: Register shutdown for xhci_plat"
    - USB: serial: simple: add libtransistor console
    - USB: serial: ftdi_sio: use jtag quirk for Arrow USB Blaster
    - USB: serial: cp210x: add ID for NI USB serial console
    - usb: core: Add quirk for HP v222w 16GB Mini
    - USB: Increment wakeup count on remote wakeup.
    - ALSA: usb-audio: Skip broken EU on Dell dock USB-audio
    - virtio: add ability to iterate over vqs
    - virtio_console: don't tie bufs to a vq
    - virtio_console: free buffers after reset
    - virtio_console: drop custom control queue cleanup
    - virtio_console: move removal code
    - virtio_console: reset on out of memory
    - drm/virtio: fix vq wait_event condition
    - tty: Don't call panic() at tty_ldisc_init()
    - tty: n_gsm: Fix long delays with control frame timeouts in ADM mode
    - tty: n_gsm: Fix DLCI handling for ADM mode if debug & 2 is not set
    - tty: Avoid possible error pointer dereference at tty_ldisc_restore().
    - tty: Use __GFP_NOFAIL for tty_ldisc_get()
    - ALSA: dice: fix OUI for TC group
    - ALSA: dice: fix error path to destroy initialized stream data
    - ALSA: hda - Skip jack and others for non-existing PCM streams
    - ALSA: opl3: Hardening for potential Spectre v1
    - ALSA: asihpi: Hardening for potential Spectre v1
    - ALSA: hdspm: Hardening for potential Spectre v1
    - ALSA: rme9652: Hardening for potential Spectre v1
    - ALSA: control: Hardening for potential Spectre v1
    - ALSA: pcm: Return negative delays from SNDRV_PCM_IOCTL_DELAY.
    - ALSA: core: Report audio_tstamp in snd_pcm_sync_ptr
    - ALSA: seq: oss: Fix unbalanced use lock for synth MIDI device
    - ALSA: seq: oss: Hardening for potential Spectre v1
    - ALSA: hda: Hardening for potential Spectre v1
    - ALSA: hda/realtek - Add some fixes for ALC233
    - ALSA: hda/realtek - Update ALC255 depop optimize
    - ALSA: hda/realtek - change the location for one of two front mics
    - mtd: spi-nor: cadence-quadspi: Fix page fault kernel panic
    - mtd: cfi: cmdset_0001: Do not allow read/write to suspend erase block.
    - mtd: cfi: cmdset_0001: Workaround Micron Erase suspend bug.
    - mtd: cfi: cmdset_0002: Do not allow read/write to suspend erase block.
    - mtd: rawnand: tango: Fix struct clk memory leak
    - kobject: don't use WARN for registration failures
    - scsi: sd: Defer spinning up drive while SANITIZE is in progress
    - bfq-iosched: ensure to clear bic/bfqq pointers when preparing request
    - vfio: ccw: process ssch with interrupts disabled
    - ANDROID: binder: prevent transactions into own process.
    - PCI: aardvark: Fix logic in advk_pcie_{rd,wr}_conf()
    - PCI: aardvark: Set PIO_ADDR_LS correctly in advk_pcie_rd_conf()
    - PCI: aardvark: Use ISR1 instead of ISR0 interrupt in legacy irq mode
    - PCI: aardvark: Fix PCIe Max Read Request Size setting
    - ARM: amba: Make driver_override output consistent with other buses
    - ARM: amba: Fix race condition with driver_override
    - ARM: amba: Don't read past the end of sysfs "driver_override" buffer
    - ARM: socfpga_defconfig: Remove QSPI Sector 4K size force
    - KVM: arm/arm64: Close VMID generation race
    - crypto: drbg - set freed buffers to NULL
    - ASoC: fsl_esai: Fix divisor calculation failure at lower ratio
    - libceph: un-backoff on tick when we have a authenticated session
    - libceph: reschedule a tick in finish_hunting()
    - libceph: validate con->state at the top of try_write()
    - fpga-manager: altera-ps-spi: preserve nCONFIG state
    - earlycon: Use a pointer table to fix __earlycon_table stride
    - drm/amdgpu: set COMPUTE_PGM_RSRC1 for SGPR/VGPR clearing shaders
    - drm/i915: Enable display WA#1183 from its correct spot
    - objtool, perf: Fix GCC 8 -Wrestrict error
    - tools/lib/subcmd/pager.c: do not alias select() params
    - x86/ipc: Fix x32 version of shmid64_ds and msqid64_ds
    - x86/smpboot: Don't use mwait_play_dead() on AMD systems
    - x86/microcode/intel: Save microcode patch unconditionally
    - x86/microcode: Do not exit early from __reload_late()
    - tick/sched: Do not mess with an enqueued hrtimer
    - arm/arm64: KVM: Add PSCI version selection API
    - powerpc/eeh: Fix race with driver un/bind
    - serial: mvebu-uart: Fix local flags handling on termios update
    - block: do not use interruptible wait anywhere
    - ASoC: dmic: Fix clock parenting
    - PCI / PM: Do not clear state_saved in pci_pm_freeze() when smart suspend is
      set
    - module: Fix display of wrong module .text address
    - drm/edid: Reset more of the display info
    - drm/i915/fbdev: Enable late fbdev initial configuration
    - drm/i915/audio: set minimum CD clock to twice the BCLK
    - drm/amd/display: Fix deadlock when flushing irq
    - drm/amd/display: Disallow enabling CRTC without primary plane with FB
  * Bionic update: upstream stable patchset 2018-06-22 (LP: #1778265) //
    CVE-2018-1108.
    - random: set up the NUMA crng instances after the CRNG is fully initialized
  * Ryzen/Raven Ridge USB ports do not work (LP: #1756700)
    - xhci: Fix USB ports for Dell Inspiron 5775
  * [Ubuntu 1804][boston][ixgbe] EEH causes kernel BUG at /build/linux-
    jWa1Fv/linux-4.15.0/drivers/pci/msi.c:352 (i2S) (LP: #1776389)
    - ixgbe/ixgbevf: Free IRQ when PCI error recovery removes the device
  * Need fix to aacraid driver to prevent panic (LP: #1770095)
    - scsi: aacraid: Correct hba_send to include iu_type
  * kernel: Fix arch random implementation (LP: #1775391)
    - s390/archrandom: Rework arch random implementation.
  * kernel: Fix memory leak on CCA and EP11 CPRB processing. (LP: #1775390)
    - s390/zcrypt: Fix CCA and EP11 CPRB processing failure memory leak.
  * Various fixes for CXL kernel module (LP: #1774471)
    - cxl: Remove function write_timebase_ctrl_psl9() for PSL9
    - cxl: Set the PBCQ Tunnel BAR register when enabling capi mode
    - cxl: Report the tunneled operations status
    - cxl: Configure PSL to not use APC virtual machines
    - cxl: Disable prefault_mode in Radix mode
  * Bluetooth not working (LP: #1764645)
    - Bluetooth: btusb: Apply QCA Rome patches for some ATH3012 models
  * linux-snapdragon: wcn36xx: mac address generation on boot (LP: #1776491)
    - [Config] arm64: snapdragon: WCN36XX_SNAPDRAGON_HACKS=y
    - SAUCE: wcn36xx: read MAC from file or randomly generate one
  * fscache: Fix hanging wait on page discarded by writeback (LP: #1777029)
    - fscache: Fix hanging wait on page discarded by writeback

 -- Stefan Bader <email address hidden>  Fri, 03 Aug 2018 10:47:02 +0200
Deleted in cosmic-proposed (Reason: NBS)
Superseded in bionic-security on 2018-08-14
Superseded in bionic-updates on 2018-08-14
Deleted in bionic-proposed (Reason: NBS)
linux-oem (4.15.0-1013.16) bionic; urgency=medium

  [ Ubuntu: 4.15.0-30.32 ]

  * CVE-2018-5390
    - tcp: free batches of packets in tcp_prune_ofo_queue()
    - tcp: avoid collapses in tcp_prune_queue() if possible
    - tcp: detect malicious patterns in tcp_collapse_ofo_queue()
    - tcp: call tcp_drop() from tcp_data_queue_ofo()
    - tcp: add tcp_ooo_try_coalesce() helper

 -- Stefan Bader <email address hidden>  Thu, 26 Jul 2018 21:14:43 +0200
Published in cosmic-release on 2018-07-25
Deleted in cosmic-proposed (Reason: moved to release)
Superseded in bionic-security on 2018-08-06
Superseded in bionic-updates on 2018-08-06
Deleted in bionic-proposed (Reason: moved to -updates)
linux-oem (4.15.0-1012.15) bionic; urgency=medium

  * linux-oem: 4.15.0-1012.15 -proposed tracker (LP: #1782181)

  * Miscellaneous Ubuntu changes
    - Rebase to 4.15.0-29.31

  [ Ubuntu: 4.15.0-29.31 ]

  * linux: 4.15.0-29.31 -proposed tracker (LP: #1782173)
  * [SRU Bionic][Cosmic] kernel panic in ipmi_ssif at msg_done_handler
    (LP: #1777716)
    - ipmi_ssif: Fix kernel panic at msg_done_handler
  * Update to ocxl driver for 18.04.1 (LP: #1775786)
    - misc: ocxl: use put_device() instead of device_unregister()
    - powerpc: Add TIDR CPU feature for POWER9
    - powerpc: Use TIDR CPU feature to control TIDR allocation
    - powerpc: use task_pid_nr() for TID allocation
    - ocxl: Rename pnv_ocxl_spa_remove_pe to clarify it's action
    - ocxl: Expose the thread_id needed for wait on POWER9
    - ocxl: Add an IOCTL so userspace knows what OCXL features are available
    - ocxl: Document new OCXL IOCTLs
    - ocxl: Fix missing unlock on error in afu_ioctl_enable_p9_wait()
  * Critical upstream bugfix missing in Ubuntu 18.04 - frequent Xorg crash after
    suspend (LP: #1776887)
    - ocxl: Document the OCXL_IOCTL_GET_METADATA IOCTL
  * Hard LOCKUP observed on stressing Ubuntu 18 04 (LP: #1777194)
    - powerpc: use NMI IPI for smp_send_stop
    - powerpc: Fix smp_send_stop NMI IPI handling
  * IPL: ppc64_cpu --frequency hang with INFO: rcu_sched detected stalls on
    CPUs/tasks on w34 and wsbmc016 with 920.1714.20170330n (LP: #1773964)
    - rtc: opal: Fix OPAL RTC driver OPAL_BUSY loops
  * [Regression] EXT4-fs error (device sda2): ext4_validate_block_bitmap:383:
    comm stress-ng: bg 4705: bad block bitmap checksum (LP: #1781709)
    - SAUCE: Revert "UBUNTU: SAUCE: ext4: fix ext4_validate_inode_bitmap: comm
      stress-ng: Corrupt inode bitmap"
    - SAUCE: ext4: check for allocation block validity with block group locked

 -- Timo Aaltonen <email address hidden>  Wed, 18 Jul 2018 15:56:13 +0300
Deleted in cosmic-proposed on 2018-07-26 (Reason: NBS)
Deleted in bionic-proposed on 2018-07-26 (Reason: NBS)
linux-oem (4.15.0-1011.14) bionic; urgency=medium

  * linux-oem: 4.15.0-1011.14 -proposed tracker (LP: #1781064)

  * Miscellaneous Ubuntu changes
    - Rebase to 4.15.0-28.30

  [ Ubuntu: 4.15.0-28.30 ]

  * linux: 4.15.0-28.30 -proposed tracker (LP: #1781433)
  * Cannot set MTU higher than 1500 in Xen instance (LP: #1781413)
    - xen-netfront: Fix mismatched rtnl_unlock
    - xen-netfront: Update features after registering netdev

  [ Ubuntu: 4.15.0-27.29 ]

  * linux: 4.15.0-27.29 -proposed tracker (LP: #1781062)
  * [Regression] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:99:
    comm stress-ng: Corrupt inode bitmap (LP: #1780137)
    - SAUCE: ext4: fix ext4_validate_inode_bitmap: comm stress-ng: Corrupt inode
      bitmap

 -- Timo Aaltonen <email address hidden>  Mon, 16 Jul 2018 12:13:37 +0300

Available diffs

Published in xenial-security on 2018-07-23
Published in xenial-updates on 2018-07-23
Deleted in xenial-proposed (Reason: moved to -updates)
linux-oem (4.13.0-1032.36) xenial; urgency=medium

  * linux-oem: 4.13.0-1032.36 -proposed tracker (LP: #1779353)

  * Touchpad of ThinkPad P52 failed to work with message "lost sync at byte"
    (LP: #1779802)
    - Input: elantech - fix V4 report decoding for module with middle key
    - Input: elantech - enable middle button of touchpads on ThinkPad P52

 -- Timo Aaltonen <email address hidden>  Thu, 05 Jul 2018 15:31:38 +0300

Available diffs

Deleted in cosmic-proposed on 2018-07-19 (Reason: NBS)
Deleted in bionic-proposed on 2018-07-19 (Reason: NBS)
linux-oem (4.15.0-1010.13) bionic; urgency=medium

  * linux-oem: 4.15.0-1010.13 -proposed tracker (LP: #1779357)

  * xhci_hcd 0000:00:14.0: Root hub is not suspended (LP: #1779823)
    - usb: xhci: dbc: Fix lockdep warning
    - usb: xhci: dbc: Don't decrement runtime PM counter if DBC is not started

  * xhci hangs; reset results in NULL pointer dereference (LP: #1763594)
    - xhci: Create new structures to store xhci port information
    - xhci: set hcd pointers for xhci usb2 and usb3 roothub structures
    - xhci: Add helper to get xhci roothub from hcd
    - xhci: xhci-hub: use new port structures to get port address instead of port
      array
    - xhci: xhci-hub: use new port structures for cas and wake mask functions.
    - xhci: xhci-ring: use port structures for port event handler
    - xhci: rename faked_port_index to hcd_portnum
    - xhci: change xhci_set_link_state() to work with port structures
    - xhci: change xhci_test_and_clear_bit() to use new port structure
    - xhci: use port structures instead of port arrays in xhci.c functions
    - xhci: xhci-hub: use port structure members instead of xhci_get_ports()
    - xhci-mtk: use xhci hub structures to get number of ports in roothubs
    - xhci: xhci-mem: remove port_arrays and the code initializing them
    - xhci: debugfs: add usb ports to xhci debugfs
    - xhci: debugfs: add debugfs interface to enable compliance mode for a port
    - xhci: Fix perceived dead host due to runtime suspend race with event handler

  * Use "Medium power with Device Initiated PM" as default LPM policy for mobile
    SATA devices (LP: #1778029)
    - ahci: Allow setting a default LPM policy for mobile chipsets
    - Config: set CONFIG_SATA_MOBILE_LPM_POLICY to med_power_with_dipm

  * Miscellaneous Ubuntu changes
    - Rebase to 4.15.0-26.28

  [ Ubuntu: 4.15.0-26.28 ]

  * linux: 4.15.0-26.28 -proposed tracker (LP: #1780112)
  * failure to boot with linux-image-4.15.0-24-generic (LP: #1779827) // Cloud-
    init causes potentially huge boot delays with 4.15 kernels (LP: #1780062)
    - random: Make getrandom() ready earlier

  [ Ubuntu: 4.15.0-25.27 ]

  * linux: 4.15.0-25.27 -proposed tracker (LP: #1779354)
  * hisi_sas_v3_hw: internal task abort: timeout and not done. (LP: #1777736)
    - scsi: hisi_sas: Update a couple of register settings for v3 hw
  * hisi_sas: Add missing PHY spinlock init (LP: #1777734)
    - scsi: hisi_sas: Add missing PHY spinlock init
  * hisi_sas: improve read performance by pre-allocating slot DMA buffers
    (LP: #1777727)
    - scsi: hisi_sas: use dma_zalloc_coherent()
    - scsi: hisi_sas: Use dmam_alloc_coherent()
    - scsi: hisi_sas: Pre-allocate slot DMA buffers
  * hisi_sas: Failures during host reset (LP: #1777696)
    - scsi: hisi_sas: Only process broadcast change in phy_bcast_v3_hw()
    - scsi: hisi_sas: Fix the conflict between dev gone and host reset
    - scsi: hisi_sas: Adjust task reject period during host reset
    - scsi: hisi_sas: Add a flag to filter PHY events during reset
    - scsi: hisi_sas: Release all remaining resources in clear nexus ha
  * Fake SAS addresses for SATA disks on HiSilicon D05 are non-unique
    (LP: #1776750)
    - scsi: hisi_sas: make SAS address of SATA disks unique
  * Vcs-Git header on bionic linux source package points to zesty git tree
    (LP: #1766055)
    - [Packaging]: Update Vcs-Git
  * large KVM instances run out of IRQ routes (LP: #1778261)
    - SAUCE: kvm -- increase KVM_MAX_IRQ_ROUTES to 2048 on x86

 -- Timo Aaltonen <email address hidden>  Thu, 05 Jul 2018 15:15:07 +0300

Available diffs

Superseded in cosmic-release on 2018-07-25
Superseded in bionic-updates on 2018-07-20
Superseded in bionic-security on 2018-07-20
Deleted in cosmic-proposed (Reason: moved to release)
Deleted in bionic-proposed (Reason: moved to -updates)
linux-oem (4.15.0-1009.12) bionic; urgency=medium

  * linux-oem: 4.15.0-1009.12 -proposed tracker (LP: #1776340)


  [ Ubuntu: 4.15.0-24.26 ]

  * linux: 4.15.0-24.26 -proposed tracker (LP: #1776338)
  * Bionic update: upstream stable patchset 2018-06-06 (LP: #1775483)
    - drm: bridge: dw-hdmi: Fix overflow workaround for Amlogic Meson GX SoCs
    - i40e: Fix attach VF to VM issue
    - tpm: cmd_ready command can be issued only after granting locality
    - tpm: tpm-interface: fix tpm_transmit/_cmd kdoc
    - tpm: add retry logic
    - Revert "ath10k: send (re)assoc peer command when NSS changed"
    - bonding: do not set slave_dev npinfo before slave_enable_netpoll in
      bond_enslave
    - ipv6: add RTA_TABLE and RTA_PREFSRC to rtm_ipv6_policy
    - ipv6: sr: fix NULL pointer dereference in seg6_do_srh_encap()- v4 pkts
    - KEYS: DNS: limit the length of option strings
    - l2tp: check sockaddr length in pppol2tp_connect()
    - net: validate attribute sizes in neigh_dump_table()
    - llc: delete timers synchronously in llc_sk_free()
    - tcp: don't read out-of-bounds opsize
    - net: af_packet: fix race in PACKET_{R|T}X_RING
    - tcp: md5: reject TCP_MD5SIG or TCP_MD5SIG_EXT on established sockets
    - net: fix deadlock while clearing neighbor proxy table
    - team: avoid adding twice the same option to the event list
    - net/smc: fix shutdown in state SMC_LISTEN
    - team: fix netconsole setup over team
    - packet: fix bitfield update race
    - tipc: add policy for TIPC_NLA_NET_ADDR
    - pppoe: check sockaddr length in pppoe_connect()
    - vlan: Fix reading memory beyond skb->tail in skb_vlan_tagged_multi
    - amd-xgbe: Add pre/post auto-negotiation phy hooks
    - sctp: do not check port in sctp_inet6_cmp_addr
    - amd-xgbe: Improve KR auto-negotiation and training
    - strparser: Do not call mod_delayed_work with a timeout of LONG_MAX
    - amd-xgbe: Only use the SFP supported transceiver signals
    - strparser: Fix incorrect strp->need_bytes value.
    - net: sched: ife: signal not finding metaid
    - tcp: clear tp->packets_out when purging write queue
    - net: sched: ife: handle malformed tlv length
    - net: sched: ife: check on metadata length
    - llc: hold llc_sap before release_sock()
    - llc: fix NULL pointer deref for SOCK_ZAPPED
    - net: ethernet: ti: cpsw: fix tx vlan priority mapping
    - virtio_net: split out ctrl buffer
    - virtio_net: fix adding vids on big-endian
    - KVM: s390: force bp isolation for VSIE
    - s390: correct module section names for expoline code revert
    - microblaze: Setup dependencies for ASM optimized lib functions
    - commoncap: Handle memory allocation failure.
    - scsi: mptsas: Disable WRITE SAME
    - cdrom: information leak in cdrom_ioctl_media_changed()
    - m68k/mac: Don't remap SWIM MMIO region
    - block/swim: Check drive type
    - block/swim: Don't log an error message for an invalid ioctl
    - block/swim: Remove extra put_disk() call from error path
    - block/swim: Rename macros to avoid inconsistent inverted logic
    - block/swim: Select appropriate drive on device open
    - block/swim: Fix array bounds check
    - block/swim: Fix IO error at end of medium
    - tracing: Fix missing tab for hwlat_detector print format
    - s390/cio: update chpid descriptor after resource accessibility event
    - s390/dasd: fix IO error for newly defined devices
    - s390/uprobes: implement arch_uretprobe_is_alive()
    - ACPI / video: Only default only_lcd to true on Win8-ready _desktops_
    - docs: ip-sysctl.txt: fix name of some ipv6 variables
    - net: mvpp2: Fix DMA address mask size
    - net: stmmac: Disable ACS Feature for GMAC >= 4
    - l2tp: hold reference on tunnels in netlink dumps
    - l2tp: hold reference on tunnels printed in pppol2tp proc file
    - l2tp: hold reference on tunnels printed in l2tp/tunnels debugfs file
    - l2tp: fix {pppol2tp, l2tp_dfs}_seq_stop() in case of seq_file overflow
    - s390/qeth: fix error handling in adapter command callbacks
    - s390/qeth: avoid control IO completion stalls
    - s390/qeth: handle failure on workqueue creation
    - bnxt_en: Fix memory fault in bnxt_ethtool_init()
    - virtio-net: add missing virtqueue kick when flushing packets
    - VSOCK: make af_vsock.ko removable again
    - hwmon: (k10temp) Add temperature offset for Ryzen 2700X
    - hwmon: (k10temp) Add support for AMD Ryzen w/ Vega graphics
    - s390/cpum_cf: rename IBM z13/z14 counter names
    - kprobes: Fix random address output of blacklist file
    - Revert "pinctrl: intel: Initialize GPIO properly when used through irqchip"
  * Lenovo V330 needs patch in ideapad_laptop module for rfkill (LP: #1774636)
    - SAUCE: Add Lenovo V330 to the ideapad_laptop rfkill blacklist
  * bluetooth controller fail after suspend with USB autosuspend on XPS 13 9360
    (LP: #1775217)
    - Bluetooth: btusb: Add Dell XPS 13 9360 to btusb_needs_reset_resume_table
  * [Hyper-V] PCI: hv: Fix 2 hang issues in hv_compose_msi_msg (LP: #1758378)
    - PCI: hv: Only queue new work items in hv_pci_devices_present() if necessary
    - PCI: hv: Remove the bogus test in hv_eject_device_work()
    - PCI: hv: Fix a comment typo in _hv_pcifront_read_config()
  * register on binfmt_misc may overflow and crash the system (LP: #1775856)
    - fs/binfmt_misc.c: do not allow offset overflow
  * CVE-2018-11508
    - compat: fix 4-byte infoleak via uninitialized struct field
  * Network installs fail on SocioNext board (LP: #1775884)
    - net: netsec: reduce DMA mask to 40 bits
    - net: socionext: reset hardware in ndo_stop
    - net: netsec: enable tx-irq during open callback
  * r8169 ethernet card don't work after returning from suspension
    (LP: #1752772)
    - PCI: Add pcim_set_mwi(), a device-managed pci_set_mwi()
    - r8169: switch to device-managed functions in probe
    - r8169: remove netif_napi_del in probe error path
    - r8169: remove some WOL-related dead code
    - r8169: disable WOL per default
    - r8169: improve interrupt handling
    - r8169: fix interrupt number after adding support for MSI-X interrupts
  * ISST-LTE:KVM:Ubuntu18.04:BostonLC:boslcp3:boslcp3g3:Guest conosle hangs
    after hotplug CPU add operation. (LP: #1759723)
    - genirq/affinity: assign vectors to all possible CPUs
    - genirq/affinity: Don't return with empty affinity masks on error
    - genirq/affinity: Rename *node_to_possible_cpumask as *node_to_cpumask
    - genirq/affinity: Move actual irq vector spreading into a helper function
    - genirq/affinity: Allow irq spreading from a given starting point
    - genirq/affinity: Spread irq vectors among present CPUs as far as possible
    - blk-mq: simplify queue mapping & schedule with each possisble CPU
    - blk-mq: make sure hctx->next_cpu is set correctly
    - blk-mq: Avoid that blk_mq_delay_run_hw_queue() introduces unintended delays
    - blk-mq: make sure that correct hctx->next_cpu is set
    - blk-mq: avoid to write intermediate result to hctx->next_cpu
    - blk-mq: introduce blk_mq_hw_queue_first_cpu() to figure out first cpu
    - blk-mq: don't check queue mapped in __blk_mq_delay_run_hw_queue()
    - nvme: pci: pass max vectors as num_possible_cpus() to pci_alloc_irq_vectors
    - scsi: hpsa: fix selection of reply queue
    - scsi: megaraid_sas: fix selection of reply queue
    - scsi: core: introduce force_blk_mq
    - scsi: virtio_scsi: fix IO hang caused by automatic irq vector affinity
    - scsi: virtio_scsi: unify scsi_host_template
  * Fix several bugs in RDMA/hns driver (LP: #1770974)
    - RDMA/hns: Use structs to describe the uABI instead of opencoding
    - RDMA/hns: Remove unnecessary platform_get_resource() error check
    - RDMA/hns: Remove unnecessary operator
    - RDMA/hns: Add names to function arguments in function pointers
    - RDMA/hns: Fix misplaced call to hns_roce_cleanup_hem_table
    - RDMA/hns: Fix a bug with modifying mac address
    - RDMA/hns: Use free_pages function instead of free_page
    - RDMA/hns: Replace __raw_write*(cpu_to_le*()) with LE write*()
    - RDMA/hns: Bugfix for init hem table
    - RDMA/hns: Intercept illegal RDMA operation when use inline data
    - RDMA/hns: Fix the qp context state diagram
    - RDMA/hns: Only assign mtu if IB_QP_PATH_MTU bit is set
    - RDMA/hns: Remove some unnecessary attr_mask judgement
    - RDMA/hns: Only assign dqpn if IB_QP_PATH_DEST_QPN bit is set
    - RDMA/hns: Adjust the order of cleanup hem table
    - RDMA/hns: Update assignment method for owner field of send wqe
    - RDMA/hns: Submit bad wr
    - RDMA/hns: Fix a couple misspellings
    - RDMA/hns: Add rq inline flags judgement
    - RDMA/hns: Bugfix for rq record db for kernel
    - RDMA/hns: Load the RoCE dirver automatically
    - RDMA/hns: Update convert function of endian format
    - RDMA/hns: Add return operation when configured global param fail
    - RDMA/hns: Not support qp transition from reset to reset for hip06
    - RDMA/hns: Fix the bug with rq sge
    - RDMA/hns: Set desc_dma_addr for zero when free cmq desc
    - RDMA/hns: Enable inner_pa_vld filed of mpt
    - RDMA/hns: Set NULL for __internal_mr
    - RDMA/hns: Fix the bug with NULL pointer
    - RDMA/hns: Bugfix for cq record db for kernel
    - RDMA/hns: Move the location for initializing tmp_len
    - RDMA/hns: Drop local zgid in favor of core defined variable
    - RDMA/hns: Add 64KB page size support for hip08
    - RDMA/hns: Rename the idx field of db
    - RDMA/hns: Modify uar allocation algorithm to avoid bitmap exhaust
    - RDMA/hns: Increase checking CMQ status timeout value
    - RDMA/hns: Add reset process for RoCE in hip08
    - RDMA/hns: Fix the illegal memory operation when cross page
    - RDMA/hns: Implement the disassociate_ucontext API
  * powerpc/livepatch: Implement reliable stack tracing for the consistency
    model (LP: #1771844)
    - powerpc/livepatch: Implement reliable stack tracing for the consistency
      model
  * vmxnet3: update to latest ToT (LP: #1768143)
    - vmxnet3: avoid xmit reset due to a race in vmxnet3
    - vmxnet3: use correct flag to indicate LRO feature
    - vmxnet3: fix incorrect dereference when rxvlan is disabled
  * 4.15.0-22-generic fails to boot on IBM S822LC (POWER8 (raw), altivec
    supported) (LP: #1773162)
    - Revert "powerpc/64s: Add support for a store forwarding barrier at kernel
      entry/exit"
    - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit
  * Decode ARM CPER records in kernel (LP: #1770244)
    - [Config] CONFIG_UEFI_CPER_ARM=y
    - efi: Move ARM CPER code to new file
    - efi: Parse ARM error information value
  * Adding back alx WoL feature (LP: #1772610)
    - SAUCE: Revert "alx: remove WoL support"
    - SAUCE: alx: add enable_wol paramenter
  * Lancer A0 Asic HBA's won't boot with 18.04 (LP: #1768103)
    - scsi: lpfc: Fix WQ/CQ creation for older asic's.
    - scsi: lpfc: Fix 16gb hbas failing cq create.
  * [LTCTest][OPAL][OP920] cpupower idle-info is not listing stop4 and stop5
    idle states when all CORES are guarded (LP: #1771780)
    - SAUCE: cpuidle/powernv : init all present cpus for deep states
  * Huawei 25G/100G Network Adapters Unsupported (LP: #1770970)
    - net-next/hinic: add pci device ids for 25ge and 100ge card
  * [Ubuntu 18.04.1] POWER9 - Nvidia Volta - Kernel changes to enable Nvidia
    driver on bare metal (LP: #1772991)
    - powerpc/powernv/npu: Fix deadlock in mmio_invalidate()
    - powerpc/powernv/mce: Don't silently restart the machine
    - powerpc/npu-dma.c: Fix crash after __mmu_notifier_register failure
    - powerpc/mm: Flush cache on memory hot(un)plug
    - powerpc/powernv/memtrace: Let the arch hotunplug code flush cache
    - powerpc/powernv/npu: Add lock to prevent race in concurrent context
      init/destroy
    - powerpc/powernv/npu: Prevent overwriting of pnv_npu2_init_contex() callback
      parameters
    - powerpc/powernv/npu: Do a PID GPU TLB flush when invalidating a large
      address range
    - powerpc/mce: Fix a bug where mce loops on memory UE.
  * cpum_sf: ensure sample freq is non-zero (LP: #1772593)
    - s390/cpum_sf: ensure sample frequency of perf event attributes is non-zero
  * PCIe link speeds of 16 GT/s are shown as "Unknown speed" (LP: #1773243)
    - PCI: Add decoding for 16 GT/s link speed
  * False positive ACPI _PRS error messages (LP: #1773295)
    - ACPI / PCI: pci_link: Allow the absence of _PRS and change log level
  * Dell systems crash when disabling Nvidia dGPU (LP: #1773299)
    - ACPI / OSI: Add OEM _OSI strings to disable NVidia RTD3
  * wlp3s0: failed to remove key (1, ff:ff:ff:ff:ff:ff) from hardware (-22)
    (LP: #1720930)
    - iwlwifi: mvm: fix "failed to remove key" message
  * Expose arm64 CPU topology to userspace (LP: #1770231)
    - ACPICA: ACPI 6.2: Additional PPTT flags
    - drivers: base: cacheinfo: move cache_setup_of_node()
    - drivers: base: cacheinfo: setup DT cache properties early
    - cacheinfo: rename of_node to fw_token
    - arm64/acpi: Create arch specific cpu to acpi id helper
    - ACPI/PPTT: Add Processor Properties Topology Table parsing
    - [Config] CONFIG_ACPI_PPTT=y
    - ACPI: Enable PPTT support on ARM64
    - drivers: base cacheinfo: Add support for ACPI based firmware tables
    - arm64: Add support for ACPI based firmware tables
    - arm64: topology: rename cluster_id
    - arm64: topology: enable ACPI/PPTT based CPU topology
    - ACPI: Add PPTT to injectable table list
    - arm64: topology: divorce MC scheduling domain from core_siblings
  * hisi_sas robustness fixes (LP: #1774466)
    - scsi: hisi_sas: delete timer when removing hisi_sas driver
    - scsi: hisi_sas: print device id for errors
    - scsi: hisi_sas: Add some checks to avoid free'ing a sas_task twice
    - scsi: hisi_sas: check host frozen before calling "done" function
    - scsi: hisi_sas: check sas_dev gone earlier in hisi_sas_abort_task()
    - scsi: hisi_sas: stop controller timer for reset
    - scsi: hisi_sas: update PHY linkrate after a controller reset
    - scsi: hisi_sas: change slot index allocation mode
    - scsi: hisi_sas: Change common allocation mode of device id
    - scsi: hisi_sas: Reset disks when discovered
    - scsi: hisi_sas: Create a scsi_host_template per HW module
    - scsi: hisi_sas: Init disks after controller reset
    - scsi: hisi_sas: Try wait commands before before controller reset
    - scsi: hisi_sas: Include TMF elements in struct hisi_sas_slot
    - scsi: hisi_sas: Add v2 hw force PHY function for internal ATA command
    - scsi: hisi_sas: Terminate STP reject quickly for v2 hw
    - scsi: hisi_sas: Fix return value when get_free_slot() failed
    - scsi: hisi_sas: Mark PHY as in reset for nexus reset
  * hisi_sas: Support newer v3 hardware (LP: #1774467)
    - scsi: hisi_sas: update RAS feature for later revision of v3 HW
    - scsi: hisi_sas: check IPTT is valid before using it for v3 hw
    - scsi: hisi_sas: fix PI memory size
    - scsi: hisi_sas: config ATA de-reset as an constrained command for v3 hw
    - scsi: hisi_sas: remove redundant handling to event95 for v3
    - scsi: hisi_sas: add readl poll timeout helper wrappers
    - scsi: hisi_sas: workaround a v3 hw hilink bug
    - scsi: hisi_sas: Add LED feature for v3 hw
  * hisi_sas: improve performance by optimizing DQ locking (LP: #1774472)
    - scsi: hisi_sas: initialize dq spinlock before use
    - scsi: hisi_sas: optimise the usage of DQ locking
    - scsi: hisi_sas: relocate smp sg map
    - scsi: hisi_sas: make return type of prep functions void
    - scsi: hisi_sas: allocate slot buffer earlier
    - scsi: hisi_sas: Don't lock DQ for complete task sending
    - scsi: hisi_sas: Use device lock to protect slot alloc/free
    - scsi: hisi_sas: add check of device in hisi_sas_task_exec()
    - scsi: hisi_sas: fix a typo in hisi_sas_task_prep()
  * Request to revert SAUCE patches in the 18.04 SRU and update with upstream
    version (LP: #1768431)
    - scsi: cxlflash: Handle spurious interrupts
    - scsi: cxlflash: Remove commmands from pending list on timeout
    - scsi: cxlflash: Synchronize reset and remove ops
    - SAUCE: (no-up) cxlflash: OCXL diff between v2 and v3
  * After update to 4.13-43 Intel Graphics are Laggy (LP: #1773520)
    - SAUCE: Revert "drm/i915/edp: Allow alternate fixed mode for eDP if
      available."
  * ELANPAD ELAN0612 does not work, patch available (LP: #1773509)
    - SAUCE: Input: elan_i2c - add ELAN0612 to the ACPI table
  * FS-Cache: Assertion failed: FS-Cache: 6 == 5 is false (LP: #1774336)
    - SAUCE: CacheFiles: fix a read_waiter/read_copier race
  * hns3 driver updates (LP: #1768670)
    - net: hns3: VF should get the real rss_size instead of rss_size_max
    - net: hns3: set the cmdq out_vld bit to 0 after used
    - net: hns3: fix endian issue when PF get mbx message flag
    - net: hns3: fix the queue id for tqp enable&&reset
    - net: hns3: set the max ring num when alloc netdev
    - net: hns3: add support for VF driver inner interface
      hclgevf_ops.get_tqps_and_rss_info
    - net: hns3: refactor the hclge_get/set_rss function
    - net: hns3: refactor the hclge_get/set_rss_tuple function
    - net: hns3: fix for RSS configuration loss problem during reset
    - net: hns3: fix for pause configuration lost during reset
    - net: hns3: fix for use-after-free when setting ring parameter
    - net: hns3: refactor the get/put_vector function
    - net: hns3: fix for coalesce configuration lost during reset
    - net: hns3: refactor the coalesce related struct
    - net: hns3: fix for coal configuation lost when setting the channel
    - net: hns3: add existence check when remove old uc mac address
    - net: hns3: fix for netdev not running problem after calling net_stop and
      net_open
    - net: hns3: fix for ipv6 address loss problem after setting channels
    - net: hns3: unify the pause params setup function
    - net: hns3: fix rx path skb->truesize reporting bug
    - net: hns3: add support for querying pfc puase packets statistic
    - net: hns3: fix for loopback failure when vlan filter is enable
    - net: hns3: fix for buffer overflow smatch warning
    - net: hns3: fix error type definition of return value
    - net: hns3: fix return value error of hclge_get_mac_vlan_cmd_status()
    - net: hns3: add existence checking before adding unicast mac address
    - net: hns3: add result checking for VF when modify unicast mac address
    - net: hns3: reallocate tx/rx buffer after changing mtu
    - net: hns3: fix the VF queue reset flow error
    - net: hns3: fix for vlan table lost problem when resetting
    - net: hns3: increase the max time for IMP handle command
    - net: hns3: change GL update rate
    - net: hns3: change the time interval of int_gl calculating
    - net: hns3: fix for getting wrong link mode problem
    - net: hns3: add get_link support to VF
    - net: hns3: add querying speed and duplex support to VF
    - net: hns3: fix for not returning problem in get_link_ksettings when phy
      exists
    - net: hns3: Changes to make enet watchdog timeout func common for PF/VF
    - net: hns3: Add VF Reset Service Task to support event handling
    - net: hns3: Add VF Reset device state and its handling
    - net: hns3: Add support to request VF Reset to PF
    - net: hns3: Add support to reset the enet/ring mgmt layer
    - net: hns3: Add support to re-initialize the hclge device
    - net: hns3: Changes to support ARQ(Asynchronous Receive Queue)
    - net: hns3: Add *Asserting Reset* mailbox message & handling in VF
    - net: hns3: Changes required in PF mailbox to support VF reset
    - net: hns3: hclge_inform_reset_assert_to_vf() can be static
    - net: hns3: fix for returning wrong value problem in hns3_get_rss_key_size
    - net: hns3: fix for returning wrong value problem in hns3_get_rss_indir_size
    - net: hns3: fix for the wrong shift problem in hns3_set_txbd_baseinfo
    - net: hns3: fix for not initializing VF rss_hash_key problem
    - net: hns3: never send command queue message to IMP when reset
    - net: hns3: remove unnecessary pci_set_drvdata() and devm_kfree()
    - net: hns3: fix length overflow when CONFIG_ARM64_64K_PAGES
    - net: hns3: Remove error log when getting pfc stats fails
    - net: hns3: fix to correctly fetch l4 protocol outer header
    - net: hns3: Fixes the out of bounds access in hclge_map_tqp
    - net: hns3: Fixes the error legs in hclge_init_ae_dev function
    - net: hns3: fix for phy_addr error in hclge_mac_mdio_config
    - net: hns3: Fix to support autoneg only for port attached with phy
    - net: hns3: fix a dead loop in hclge_cmd_csq_clean
    - net: hns3: Fix for packet loss due wrong filter config in VLAN tbls
    - net: hns3: Remove packet statistics in the range of 8192~12287
    - net: hns3: Add support of hardware rx-vlan-offload to HNS3 VF driver
    - net: hns3: Fix for setting mac address when resetting
    - net: hns3: remove add/del_tunnel_udp in hns3_enet module
    - net: hns3: fix for cleaning ring problem
    - net: hns3: refactor the loopback related function
    - net: hns3: Fix for deadlock problem occurring when unregistering ae_algo
    - net: hns3: Fix for the null pointer problem occurring when initializing
      ae_dev failed
    - net: hns3: Add a check for client instance init state
    - net: hns3: Change return type of hnae3_register_ae_dev
    - net: hns3: Change return type of hnae3_register_ae_algo
    - net: hns3: Change return value in hnae3_register_client
    - net: hns3: Fixes the back pressure setting when sriov is enabled
    - net: hns3: Fix for fiber link up problem
    - net: hns3: Add support of .sriov_configure in HNS3 driver
    - net: hns3: Fixes the missing PCI iounmap for various legs
    - net: hns3: Fixes error reported by Kbuild and internal review
    - net: hns3: Fixes API to fetch ethernet header length with kernel default
    - net: hns3: cleanup of return values in hclge_init_client_instance()
    - net: hns3: Fix the missing client list node initialization
    - net: hns3: Fix for hns3 module is loaded multiple times problem
    - net: hns3: Use enums instead of magic number in hclge_is_special_opcode
    - net: hns3: Fix for netdev not running problem after calling net_stop and
      net_open
    - net: hns3: Fixes kernel panic issue during rmmod hns3 driver
    - net: hns3: Fix for CMDQ and Misc. interrupt init order problem
    - net: hns3: Updates RX packet info fetch in case of multi BD
    - net: hns3: Add support for tx_accept_tag2 and tx_accept_untag2 config
    - net: hns3: Add STRP_TAGP field support for hardware revision 0x21
    - net: hns3: Add support to enable TX/RX promisc mode for H/W rev(0x21)
    - net: hns3: Fix for PF mailbox receving unknown message
    - net: hns3: Fixes the state to indicate client-type initialization
    - net: hns3: Fixes the init of the VALID BD info in the descriptor
    - net: hns3: Removes unnecessary check when clearing TX/RX rings
    - net: hns3: Clear TX/RX rings when stopping port & un-initializing client
    - net: hns3: Remove unused led control code
    - net: hns3: Adds support for led locate command for copper port
    - net: hns3: Fixes initalization of RoCE handle and makes it conditional
    - net: hns3: Disable vf vlan filter when vf vlan table is full
    - net: hns3: Add support for IFF_ALLMULTI flag
    - net: hns3: Add repeat address checking for setting mac address
    - net: hns3: Fix setting mac address error
    - net: hns3: Fix for service_task not running problem after resetting
    - net: hns3: Fix for hclge_reset running repeatly problem
    - net: hns3: Fix for phy not link up problem after resetting
    - net: hns3: Add missing break in misc_irq_handle
    - net: hns3: Fix for vxlan tx checksum bug
    - net: hns3: Optimize the PF's process of updating multicast MAC
    - net: hns3: Optimize the VF's process of updating multicast MAC
    - SAUCE: {topost} net: hns3: add support for serdes loopback selftest
    - SAUCE: {topost} net: hns3: RX BD information valid only in last BD except
      VLD bit and buffer size
    - SAUCE: {topost} net: hns3: remove hclge_get_vector_index from
      hclge_bind_ring_with_vector
    - SAUCE: {topost} net: hns3: rename the interface for init_client_instance and
      uninit_client_instance
    - SAUCE: {topost} net: hns3: add vector status check before free vector
    - SAUCE: {topost} net: hns3: add l4_type check for both ipv4 and ipv6
    - SAUCE: {topost} net: hns3: remove unused head file in hnae3.c
    - SAUCE: {topost} net: hns3: extraction an interface for state state
      init|uninit
    - SAUCE: {topost} net: hns3: print the ret value in error information
    - SAUCE: {topost} net: hns3: remove the Redundant put_vector in
      hns3_client_uninit
    - SAUCE: {topost} net: hns3: add unlikely for error check
    - SAUCE: {topost} net: hns3: remove back in struct hclge_hw
    - SAUCE: {topost} net: hns3: use lower_32_bits and upper_32_bits
    - SAUCE: {topost} net: hns3: remove unused hclge_ring_to_dma_dir
    - SAUCE: {topost} net: hns3: remove useless code in hclge_cmd_send
    - SAUCE: {topost} net: hns3: remove some redundant assignments
    - SAUCE: {topost} net: hns3: simplify hclge_cmd_csq_clean
    - SAUCE: {topost} net: hns3: using modulo for cyclic counters in
      hclge_cmd_send
    - SAUCE: {topost} net: hns3: remove a redundant hclge_cmd_csq_done
    - SAUCE: {topost} net: hns3: remove some unused members of some structures
    - SAUCE: {topost} net: hns3: give default option while dependency HNS3 set
    - SAUCE: {topost} net: hns3: use dma_zalloc_coherent instead of
      kzalloc/dma_map_single
    - SAUCE: {topost} net: hns3: modify hnae_ to hnae3_
    - SAUCE: {topost} net: hns3: fix unused function warning in VF driver
    - SAUCE: {topost} net: hns3: remove some redundant assignments
    - SAUCE: {topost} net: hns3: standardize the handle of return value
    - SAUCE: {topost} net: hns3: remove extra space and brackets
    - SAUCE: {topost} net: hns3: fix unreasonable code comments
    - SAUCE: {topost} net: hns3: use decimal for bit offset macros
    - SAUCE: {topost} net: hns3: modify inconsistent bit mask macros
    - SAUCE: {topost} net: hns3: fix mislead parameter name
    - SAUCE: {topost} net: hns3: remove unused struct member and definition
    - SAUCE: {topost} net: hns3: Add SPDX tags to hns3 driver
    - SAUCE: {topost} net: hns3: Add pf reset for hip08 RoCE
    - SAUCE: {topost} net: hns3: optimize the process of notifying roce client
    - SAUCE: {topost} net: hns3: Add calling roce callback function when link
      status change
    - SAUCE: {topost} net: hns3: fix tc setup when netdev is first up
    - SAUCE: {topost} net: hns3: fix for mac pause not disable in pfc mode
    - SAUCE: {topost} net: hns3: fix for waterline not setting correctly
    - SAUCE: {topost} net: hns3: fix for l4 checksum offload bug
    - SAUCE: {topost} net: hns3: fix for mailbox message truncated problem
    - SAUCE: {topost} net: hns3: Add configure for mac minimal frame size
    - SAUCE: {topost} net: hns3: fix warning bug when doing lp selftest
    - SAUCE: {topost} net: hns3: fix get_vector ops in hclgevf_main module
    - SAUCE: {topost} net: hns3: remove the warning when clear reset cause
    - SAUCE: {topost} net: hns3: Use roce handle when calling roce callback
      function
    - SAUCE: {topost} net: hns3: prevent sending command during global or core
      reset
    - SAUCE: {topost} net: hns3: modify the order of initializeing command queue
      register
    - SAUCE: {topost} net: hns3: reset net device with rtnl_lock
    - SAUCE: {topost} net: hns3: prevent to request reset frequently
    - SAUCE: {topost} net: hns3: correct reset event status register
    - SAUCE: {topost} net: hns3: separate roce from nic when resetting
    - SAUCE: net: hns3: Fix for phy link issue when using marvell phy driver
    - SAUCE: {topost} net: hns3: fix return value error in
      hns3_reset_notify_down_enet
    - SAUCE: {topost} net: hns3: remove unnecessary ring configuration operation
      while resetting
    - SAUCE: {topost} net: hns3: fix for reset_level default assignment probelm
    - SAUCE: {topost} net: hns3: fix for using wrong mask and shift in
      hclge_get_ring_chain_from_mbx
    - SAUCE: {topost} net: hns3: fix comments for hclge_get_ring_chain_from_mbx
    - SAUCE: net: hns3: Fix for VF mailbox cannot receiving PF response
    - SAUCE: net: hns3: Fix for VF mailbox receiving unknown message
    - SAUCE: net: hns3: Optimize PF CMDQ interrupt switching process
  * enable mic-mute hotkey and led on Lenovo M820z and M920z (LP: #1774306)
    - ALSA: hda/realtek - Enable mic-mute hotkey for several Lenovo AIOs
  * Bionic update: upstream stable patchset 2018-05-29 (LP: #1774063)
    - cifs: do not allow creating sockets except with SMB1 posix exensions
    - btrfs: fix unaligned access in readdir
    - x86/acpi: Prevent X2APIC id 0xffffffff from being accounted
    - clocksource/imx-tpm: Correct -ETIME return condition check
    - x86/tsc: Prevent 32bit truncation in calc_hpet_ref()
    - drm/vc4: Fix memory leak during BO teardown
    - drm/i915/gvt: throw error on unhandled vfio ioctls
    - drm/i915/audio: Fix audio detection issue on GLK
    - drm/i915: Do no use kfree() to free a kmem_cache_alloc() return value
    - drm/i915: Fix LSPCON TMDS output buffer enabling from low-power state
    - drm/i915/bxt, glk: Increase PCODE timeouts during CDCLK freq changing
    - usb: musb: fix enumeration after resume
    - usb: musb: call pm_runtime_{get,put}_sync before reading vbus registers
    - usb: musb: Fix external abort in musb_remove on omap2430
    - firewire-ohci: work around oversized DMA reads on JMicron controllers
    - x86/tsc: Allow TSC calibration without PIT
    - NFSv4: always set NFS_LOCK_LOST when a lock is lost.
    - ACPI / LPSS: Do not instiate platform_dev for devs without MMIO resources
    - ALSA: hda - Use IS_REACHABLE() for dependency on input
    - ASoC: au1x: Fix timeout tests in au1xac97c_ac97_read()
    - kvm: x86: fix KVM_XEN_HVM_CONFIG ioctl
    - RDMA/core: Clarify rdma_ah_find_type
    - KVM: PPC: Book3S HV: Enable migration of decrementer register
    - netfilter: ipv6: nf_defrag: Pass on packets to stack per RFC2460
    - tracing/hrtimer: Fix tracing bugs by taking all clock bases and modes into
      account
    - KVM: s390: use created_vcpus in more places
    - platform/x86: dell-laptop: Filter out spurious keyboard backlight change
      events
    - xprtrdma: Fix backchannel allocation of extra rpcrdma_reps
    - selftest: ftrace: Fix to pick text symbols for kprobes
    - PCI: Add function 1 DMA alias quirk for Marvell 9128
    - Input: psmouse - fix Synaptics detection when protocol is disabled
    - libbpf: Makefile set specified permission mode
    - Input: synaptics - reset the ABS_X/Y fuzz after initializing MT axes
    - i40iw: Free IEQ resources
    - i40iw: Zero-out consumer key on allocate stag for FMR
    - perf unwind: Do not look just at the global callchain_param.record_mode
    - tools lib traceevent: Simplify pointer print logic and fix %pF
    - perf callchain: Fix attr.sample_max_stack setting
    - tools lib traceevent: Fix get_field_str() for dynamic strings
    - perf record: Fix failed memory allocation for get_cpuid_str
    - iommu/exynos: Don't unconditionally steal bus ops
    - powerpc: System reset avoid interleaving oops using die synchronisation
    - iommu/vt-d: Use domain instead of cache fetching
    - dm thin: fix documentation relative to low water mark threshold
    - dm mpath: return DM_MAPIO_REQUEUE on blk-mq rq allocation failure
    - ubifs: Fix uninitialized variable in search_dh_cookie()
    - net: stmmac: dwmac-meson8b: fix setting the RGMII TX clock on Meson8b
    - net: stmmac: dwmac-meson8b: propagate rate changes to the parent clock
    - spi: a3700: Clear DATA_OUT when performing a read
    - IB/cq: Don't force IB_POLL_DIRECT poll context for ib_process_cq_direct
    - nfs: Do not convert nfs_idmap_cache_timeout to jiffies
    - MIPS: Fix clean of vmlinuz.{32,ecoff,bin,srec}
    - PCI: Add dummy pci_irqd_intx_xlate() for CONFIG_PCI=n build
    - watchdog: sp5100_tco: Fix watchdog disable bit
    - kconfig: Don't leak main menus during parsing
    - kconfig: Fix automatic menu creation mem leak
    - kconfig: Fix expr_free() E_NOT leak
    - ipmi/powernv: Fix error return code in ipmi_powernv_probe()
    - Btrfs: set plug for fsync
    - btrfs: Fix out of bounds access in btrfs_search_slot
    - Btrfs: fix scrub to repair raid6 corruption
    - btrfs: fail mount when sb flag is not in BTRFS_SUPER_FLAG_SUPP
    - Btrfs: fix unexpected EEXIST from btrfs_get_extent
    - Btrfs: raid56: fix race between merge_bio and rbio_orig_end_io
    - RDMA/cma: Check existence of netdevice during port validation
    - f2fs: avoid hungtask when GC encrypted block if io_bits is set
    - scsi: devinfo: fix format of the device list
    - scsi: fas216: fix sense buffer initialization
    - Input: stmfts - set IRQ_NOAUTOEN to the irq flag
    - HID: roccat: prevent an out of bounds read in kovaplus_profile_activated()
    - nfp: fix error return code in nfp_pci_probe()
    - block: Set BIO_TRACE_COMPLETION on new bio during split
    - bpf: test_maps: cleanup sockmaps when test ends
    - i40evf: Don't schedule reset_task when device is being removed
    - i40evf: ignore link up if not running
    - platform/x86: thinkpad_acpi: suppress warning about palm detection
    - KVM: s390: vsie: use READ_ONCE to access some SCB fields
    - blk-mq-debugfs: don't allow write on attributes with seq_operations set
    - ASoC: rockchip: Use dummy_dai for rt5514 dsp dailink
    - igb: Allow to remove administratively set MAC on VFs
    - igb: Clear TXSTMP when ptp_tx_work() is timeout
    - fm10k: fix "failed to kill vid" message for VF
    - x86/hyperv: Stop suppressing X86_FEATURE_PCID
    - tty: serial: exar: Relocate sleep wake-up handling
    - device property: Define type of PROPERTY_ENRTY_*() macros
    - crypto: artpec6 - remove select on non-existing CRYPTO_SHA384
    - RDMA/uverbs: Use an unambiguous errno for method not supported
    - jffs2: Fix use-after-free bug in jffs2_iget()'s error handling path
    - ixgbe: don't set RXDCTL.RLPML for 82599
    - i40e: program fragmented IPv4 filter input set
    - i40e: fix reported mask for ntuple filters
    - samples/bpf: Partially fixes the bpf.o build
    - powerpc/numa: Use ibm,max-associativity-domains to discover possible nodes
    - powerpc/numa: Ensure nodes initialized for hotplug
    - RDMA/mlx5: Avoid memory leak in case of XRCD dealloc failure
    - ntb_transport: Fix bug with max_mw_size parameter
    - gianfar: prevent integer wrapping in the rx handler
    - x86/hyperv: Check for required priviliges in hyperv_init()
    - netfilter: x_tables: fix pointer leaks to userspace
    - tcp_nv: fix potential integer overflow in tcpnv_acked
    - kvm: Map PFN-type memory regions as writable (if possible)
    - x86/kvm/vmx: do not use vm-exit instruction length for fast MMIO when
      running nested
    - fs/dax.c: release PMD lock even when there is no PMD support in DAX
    - ocfs2: return -EROFS to mount.ocfs2 if inode block is invalid
    - ocfs2/acl: use 'ip_xattr_sem' to protect getting extended attribute
    - ocfs2: return error when we attempt to access a dirty bh in jbd2
    - mm/mempolicy: fix the check of nodemask from user
    - mm/mempolicy: add nodes_empty check in SYSC_migrate_pages
    - asm-generic: provide generic_pmdp_establish()
    - sparc64: update pmdp_invalidate() to return old pmd value
    - mm: thp: use down_read_trylock() in khugepaged to avoid long block
    - mm: pin address_space before dereferencing it while isolating an LRU page
    - mm/fadvise: discard partial page if endbyte is also EOF
    - openvswitch: Remove padding from packet before L3+ conntrack processing
    - blk-mq: fix discard merge with scheduler attached
    - IB/hfi1: Re-order IRQ cleanup to address driver cleanup race
    - IB/hfi1: Fix for potential refcount leak in hfi1_open_file()
    - IB/ipoib: Fix for potential no-carrier state
    - IB/core: Map iWarp AH type to undefined in rdma_ah_find_type
    - drm/nouveau/pmu/fuc: don't use movw directly anymore
    - s390/eadm: fix CONFIG_BLOCK include dependency
    - netfilter: ipv6: nf_defrag: Kill frag queue on RFC2460 failure
    - x86/power: Fix swsusp_arch_resume prototype
    - x86/dumpstack: Avoid uninitlized variable
    - firmware: dmi_scan: Fix handling of empty DMI strings
    - ACPI: processor_perflib: Do not send _PPC change notification if not ready
    - ACPI / bus: Do not call _STA on battery devices with unmet dependencies
    - ACPI / scan: Use acpi_bus_get_status() to initialize ACPI_TYPE_DEVICE devs
    - MIPS: TXx9: use IS_BUILTIN() for CONFIG_LEDS_CLASS
    - perf record: Fix period option handling
    - MIPS: Generic: Support GIC in EIC mode
    - perf evsel: Fix period/freq terms setup
    - xen-netfront: Fix race between device setup and open
    - xen/grant-table: Use put_page instead of free_page
    - bpf: sockmap, fix leaking maps with attached but not detached progs
    - RDS: IB: Fix null pointer issue
    - arm64: spinlock: Fix theoretical trylock() A-B-A with LSE atomics
    - proc: fix /proc/*/map_files lookup
    - PM / domains: Fix up domain-idle-states OF parsing
    - cifs: silence compiler warnings showing up with gcc-8.0.0
    - bcache: properly set task state in bch_writeback_thread()
    - bcache: fix for allocator and register thread race
    - bcache: fix for data collapse after re-attaching an attached device
    - bcache: return attach error when no cache set exist
    - cpufreq: intel_pstate: Enable HWP during system resume on CPU0
    - selftests/ftrace: Add some missing glob checks
    - rxrpc: Don't put crypto buffers on the stack
    - svcrdma: Fix Read chunk round-up
    - net: Extra '_get' in declaration of arch_get_platform_mac_address
    - tools/libbpf: handle issues with bpf ELF objects containing .eh_frames
    - SUNRPC: Don't call __UDPX_INC_STATS() from a preemptible context
    - net: stmmac: discard disabled flags in interrupt status register
    - bpf: fix rlimit in reuseport net selftest
    - ACPI / EC: Restore polling during noirq suspend/resume phases
    - PM / wakeirq: Fix unbalanced IRQ enable for wakeirq
    - vfs/proc/kcore, x86/mm/kcore: Fix SMAP fault when dumping vsyscall user page
    - powerpc/mm/hash64: Zero PGD pages on allocation
    - x86/platform/UV: Fix GAM Range Table entries less than 1GB
    - locking/qspinlock: Ensure node->count is updated before initialising node
    - powerpc/powernv: IMC fix out of bounds memory access at shutdown
    - perf test: Fix test trace+probe_libc_inet_pton.sh for s390x
    - irqchip/gic-v3: Ignore disabled ITS nodes
    - cpumask: Make for_each_cpu_wrap() available on UP as well
    - irqchip/gic-v3: Change pr_debug message to pr_devel
    - RDMA/core: Reduce poll batch for direct cq polling
    - alarmtimer: Init nanosleep alarm timer on stack
    - netfilter: x_tables: cap allocations at 512 mbyte
    - netfilter: x_tables: add counters allocation wrapper
    - netfilter: compat: prepare xt_compat_init_offsets to return errors
    - netfilter: compat: reject huge allocation requests
    - netfilter: x_tables: limit allocation requests for blob rule heads
    - perf: Fix sample_max_stack maximum check
    - perf: Return proper values for user stack errors
    - RDMA/mlx5: Fix NULL dereference while accessing XRC_TGT QPs
    - Revert "KVM: X86: Fix SMRAM accessing even if VM is shutdown"
    - mac80211_hwsim: fix use-after-free bug in hwsim_exit_net
    - btrfs: Fix race condition between delayed refs and blockgroup removal
    - mm,vmscan: Allow preallocating memory for register_shrinker().
  * Bionic update: upstream stable patchset 2018-05-24 (LP: #1773233)
    - tty: make n_tty_read() always abort if hangup is in progress
    - cpufreq: CPPC: Use transition_delay_us depending transition_latency
    - ubifs: Check ubifs_wbuf_sync() return code
    - ubi: fastmap: Don't flush fastmap work on detach
    - ubi: Fix error for write access
    - ubi: Reject MLC NAND
    - mm/ksm.c: fix inconsistent accounting of zero pages
    - mm/hmm: hmm_pfns_bad() was accessing wrong struct
    - task_struct: only use anon struct under randstruct plugin
    - fs/reiserfs/journal.c: add missing resierfs_warning() arg
    - resource: fix integer overflow at reallocation
    - ipc/shm: fix use-after-free of shm file via remap_file_pages()
    - mm, slab: reschedule cache_reap() on the same CPU
    - usb: musb: gadget: misplaced out of bounds check
    - phy: allwinner: sun4i-usb: poll vbus changes on A23/A33 when driving VBUS
    - usb: gadget: udc: core: update usb_ep_queue() documentation
    - ARM64: dts: meson: reduce odroid-c2 eMMC maximum rate
    - KVM: arm/arm64: vgic-its: Fix potential overrun in vgic_copy_lpi_list
    - ARM: EXYNOS: Fix coupled CPU idle freeze on Exynos4210
    - arm: dts: mt7623: fix USB initialization fails on bananapi-r2
    - ARM: dts: at91: at91sam9g25: fix mux-mask pinctrl property
    - ARM: dts: exynos: Fix IOMMU support for GScaler devices on Exynos5250
    - ARM: dts: at91: sama5d4: fix pinctrl compatible string
    - spi: atmel: init FIFOs before spi enable
    - spi: Fix scatterlist elements size in spi_map_buf
    - spi: Fix unregistration of controller with fixed SPI bus number
    - media: atomisp_fops.c: disable atomisp_compat_ioctl32
    - media: vivid: check if the cec_adapter is valid
    - media: vsp1: Fix BRx conditional path in WPF
    - x86/xen: Delay get_cpu_cap until stack canary is established
    - regmap: Fix reversed bounds check in regmap_raw_write()
    - ACPI / video: Add quirk to force acpi-video backlight on Samsung 670Z5E
    - ACPI / hotplug / PCI: Check presence of slot itself in get_slot_status()
    - USB: gadget: f_midi: fixing a possible double-free in f_midi
    - USB:fix USB3 devices behind USB3 hubs not resuming at hibernate thaw
    - usb: dwc3: prevent setting PRTCAP to OTG from debugfs
    - usb: dwc3: pci: Properly cleanup resource
    - usb: dwc3: gadget: never call ->complete() from ->ep_queue()
    - cifs: fix memory leak in SMB2_open()
    - fix smb3-encryption breakage when CONFIG_DEBUG_SG=y
    - smb3: Fix root directory when server returns inode number of zero
    - HID: i2c-hid: fix size check and type usage
    - i2c: i801: Save register SMBSLVCMD value only once
    - i2c: i801: Restore configuration at shutdown
    - CIFS: refactor crypto shash/sdesc allocation&free
    - CIFS: add sha512 secmech
    - CIFS: fix sha512 check in cifs_crypto_secmech_release
    - powerpc/64s: Fix dt_cpu_ftrs to have restore_cpu clear unwanted LPCR bits
    - powerpc/64: Call H_REGISTER_PROC_TBL when running as a HPT guest on POWER9
    - powerpc/64: Fix smp_wmb barrier definition use use lwsync consistently
    - powerpc/kprobes: Fix call trace due to incorrect preempt count
    - powerpc/kexec_file: Fix error code when trying to load kdump kernel
    - powerpc/powernv: define a standard delay for OPAL_BUSY type retry loops
    - powerpc/powernv: Fix OPAL NVRAM driver OPAL_BUSY loops
    - HID: Fix hid_report_len usage
    - HID: core: Fix size as type u32
    - soc: mediatek: fix the mistaken pointer accessed when subdomains are added
    - ASoC: ssm2602: Replace reg_default_raw with reg_default
    - ASoC: topology: Fix kcontrol name string handling
    - irqchip/gic: Take lock when updating irq type
    - random: use a tighter cap in credit_entropy_bits_safe()
    - extcon: intel-cht-wc: Set direction and drv flags for V5 boost GPIO
    - block: use 32-bit blk_status_t on Alpha
    - jbd2: if the journal is aborted then don't allow update of the log tail
    - ext4: shutdown should not prevent get_write_access
    - ext4: eliminate sleep from shutdown ioctl
    - ext4: pass -ESHUTDOWN code to jbd2 layer
    - ext4: don't update checksum of new initialized bitmaps
    - ext4: protect i_disksize update by i_data_sem in direct write path
    - ext4: limit xattr size to INT_MAX
    - ext4: always initialize the crc32c checksum driver
    - ext4: don't allow r/w mounts if metadata blocks overlap the superblock
    - ext4: move call to ext4_error() into ext4_xattr_check_block()
    - ext4: add bounds checking to ext4_xattr_find_entry()
    - ext4: add extra checks to ext4_xattr_block_get()
    - dm crypt: limit the number of allocated pages
    - RDMA/ucma: Don't allow setting RDMA_OPTION_IB_PATH without an RDMA device
    - RDMA/mlx5: Protect from NULL pointer derefence
    - RDMA/rxe: Fix an out-of-bounds read
    - ALSA: pcm: Fix UAF at PCM release via PCM timer access
    - IB/srp: Fix srp_abort()
    - IB/srp: Fix completion vector assignment algorithm
    - dmaengine: at_xdmac: fix rare residue corruption
    - cxl: Fix possible deadlock when processing page faults from cxllib
    - tpm: self test failure should not cause suspend to fail
    - libnvdimm, dimm: fix dpa reservation vs uninitialized label area
    - libnvdimm, namespace: use a safe lookup for dimm device name
    - nfit, address-range-scrub: fix scrub in-progress reporting
    - nfit: skip region registration for incomplete control regions
    - ring-buffer: Check if memory is available before allocation
    - um: Compile with modern headers
    - um: Use POSIX ucontext_t instead of struct ucontext
    - iommu/vt-d: Fix a potential memory leak
    - mmc: jz4740: Fix race condition in IRQ mask update
    - mmc: tmio: Fix error handling when issuing CMD23
    - PCI: Mark Broadcom HT1100 and HT2000 Root Port Extended Tags as broken
    - clk: mvebu: armada-38x: add support for missing clocks
    - clk: fix false-positive Wmaybe-uninitialized warning
    - clk: mediatek: fix PWM clock source by adding a fixed-factor clock
    - clk: bcm2835: De-assert/assert PLL reset signal when appropriate
    - pwm: rcar: Fix a condition to prevent mismatch value setting to duty
    - thermal: imx: Fix race condition in imx_thermal_probe()
    - dt-bindings: clock: mediatek: add binding for fixed-factor clock axisel_d4
    - watchdog: f71808e_wdt: Fix WD_EN register read
    - ALSA: pcm: Use ERESTARTSYS instead of EINTR in OSS emulation
    - ALSA: pcm: Avoid potential races between OSS ioctls and read/write
    - ALSA: pcm: Return -EBUSY for OSS ioctls changing busy streams
    - ALSA: pcm: Fix mutex unbalance in OSS emulation ioctls
    - ALSA: pcm: Fix endless loop for XRUN recovery in OSS emulation
    - drm/amdgpu: Add an ATPX quirk for hybrid laptop
    - drm/amdgpu: Fix always_valid bos multiple LRU insertions.
    - drm/amdgpu/sdma: fix mask in emit_pipeline_sync
    - drm/amdgpu: Fix PCIe lane width calculation
    - drm/amdgpu/si: implement get/set pcie_lanes asic callback
    - drm/rockchip: Clear all interrupts before requesting the IRQ
    - drm/radeon: add PX quirk for Asus K73TK
    - drm/radeon: Fix PCIe lane width calculation
    - ALSA: line6: Use correct endpoint type for midi output
    - ALSA: rawmidi: Fix missing input substream checks in compat ioctls
    - ALSA: hda - New VIA controller suppor no-snoop path
    - random: fix crng_ready() test
    - random: use a different mixing algorithm for add_device_randomness()
    - random: crng_reseed() should lock the crng instance that it is modifying
    - random: add new ioctl RNDRESEEDCRNG
    - HID: input: fix battery level reporting on BT mice
    - HID: hidraw: Fix crash on HIDIOCGFEATURE with a destroyed device
    - HID: wacom: bluetooth: send exit report for recent Bluetooth devices
    - MIPS: uaccess: Add micromips clobbers to bzero invocation
    - MIPS: memset.S: EVA & fault support for small_memset
    - MIPS: memset.S: Fix return of __clear_user from Lpartial_fixup
    - MIPS: memset.S: Fix clobber of v1 in last_fixup
    - powerpc/eeh: Fix enabling bridge MMIO windows
    - powerpc/lib: Fix off-by-one in alternate feature patching
    - udf: Fix leak of UTF-16 surrogates into encoded strings
    - fanotify: fix logic of events on child
    - mmc: sdhci-pci: Only do AMD tuning for HS200
    - drm/i915: Correctly handle limited range YCbCr data on VLV/CHV
    - jffs2_kill_sb(): deal with failed allocations
    - hypfs_kill_super(): deal with failed allocations
    - orangefs_kill_sb(): deal with allocation failures
    - rpc_pipefs: fix double-dput()
    - Don't leak MNT_INTERNAL away from internal mounts
    - autofs: mount point create should honour passed in mode
    - mm/filemap.c: fix NULL pointer in page_cache_tree_insert()
    - Revert "media: lirc_zilog: driver only sends LIRCCODE"
    - media: staging: lirc_zilog: incorrect reference counting
    - writeback: safer lock nesting
    - Bluetooth: hci_bcm: Add irq_polarity module option
    - mm: hwpoison: disable memory error handling on 1GB hugepage
    - media: rc: oops in ir_timer_keyup after device unplug
    - acpi, nfit: rework NVDIMM leaf method detection
    - ceph: always update atime/mtime/ctime for new inode
    - ext4: fix offset overflow on 32-bit archs in ext4_iomap_begin()
    - ext4: force revalidation of directory pointer after seekdir(2)
    - RDMA/core: Avoid that ib_drain_qp() triggers an out-of-bounds stack access
    - xprtrdma: Fix latency regression on NUMA NFS/RDMA clients
    - xprtrdma: Fix corner cases when handling device removal
    - IB/srpt: Fix an out-of-bounds stack access in srpt_zerolength_write()
    - drivers/infiniband/core/verbs.c: fix build with gcc-4.4.4
    - drivers/infiniband/ulp/srpt/ib_srpt.c: fix build with gcc-4.4.4
    - mmc: core: Prevent bus reference leak in mmc_blk_init()
    - drm/amd/display: HDMI has no sound after Panel power off/on
    - trace_uprobe: Use %lx to display offset
    - clk: tegra: Mark HCLK, SCLK and EMC as critical
    - pwm: mediatek: Fix up PWM4 and PWM5 malfunction on MT7623
    - pwm: mediatek: Improve precision in rate calculation
    - HID: i2c-hid: Fix resume issue on Raydium touchscreen device
    - s390: add support for IBM z14 Model ZR1
    - drm/i915: Fix hibernation with ACPI S0 target state
    - libnvdimm, dimm: handle EACCES failures from label reads
    - device-dax: allow MAP_SYNC to succeed
    - HID: i2c-hid: fix inverted return value from i2c_hid_command()
  * CVE-2018-7755
    - SAUCE: floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl

 -- Chia-Lin Kao (AceLan) <email address hidden>  Thu, 21 Jun 2018 10:04:50 +0800

Available diffs

Superseded in xenial-updates on 2018-07-23
Superseded in xenial-security on 2018-07-23
Deleted in xenial-proposed (Reason: moved to -updates)
linux-oem (4.13.0-1031.35) xenial; urgency=medium

  * linux-oem: 4.13.0-1031.35 -proposed tracker (LP: #1776337)

  * Miscellaneous Ubuntu changes
    - Rebase to 4.13.0-46.51
    - SAUCE: i2c:amd move out pointer in union i2c_event_base

  [ Ubuntu: 4.13.0-46.51 ]

  * linux: 4.13.0-46.51 -proposed tracker (LP: #1776333)
  * register on binfmt_misc may overflow and crash the system (LP: #1775856)
    - fs/binfmt_misc.c: do not allow offset overflow
  * CVE-2018-11508
    - compat: fix 4-byte infoleak via uninitialized struct field
  * rfi-flush: Switch to new linear fallback flush (LP: #1744173)
    - SAUCE: rfi-flush: Factor out init_fallback_flush()
    - SAUCE: rfi-flush: Move rfi_flush_fallback_area to end of paca
    - powerpc/64s: Improve RFI L1-D cache flush fallback
    - powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
    - powerpc/rfi-flush: Differentiate enabled and patched flush types
    - powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration
  * Fix enabling bridge MMIO windows (LP: #1771344)
    - powerpc/eeh: Fix enabling bridge MMIO windows
  * CVE-2018-1130
    - dccp: check sk for closed state in dccp_sendmsg()
  * CVE-2018-7757
    - scsi: libsas: fix memory leak in sas_smp_get_phy_events()
  * cpum_sf: ensure sample freq is non-zero (LP: #1772593)
    - s390/cpum_sf: ensure sample frequency of perf event attributes is non-zero
  * wlp3s0: failed to remove key (1, ff:ff:ff:ff:ff:ff) from hardware (-22)
    (LP: #1720930)
    - iwlwifi: mvm: fix "failed to remove key" message
  * CVE-2018-6927
    - futex: Prevent overflow by strengthen input validation
  * After update to 4.13-43 Intel Graphics are Laggy (LP: #1773520)
    - SAUCE: Revert "drm/i915/edp: Allow alternate fixed mode for eDP if
      available."
  * ELANPAD ELAN0612 does not work, patch available (LP: #1773509)
    - SAUCE: Input: elan_i2c - add ELAN0612 to the ACPI table
  * kernel backtrace when receiving large UDP packages (LP: #1772031)
    - iov_iter: fix page_copy_sane for compound pages
  * FS-Cache: Assertion failed: FS-Cache: 6 == 5 is false (LP: #1774336)
    - SAUCE: CacheFiles: fix a read_waiter/read_copier race
  * CVE-2018-5803
    - sctp: verify size of a new chunk in _sctp_make_chunk()
  * enable mic-mute hotkey and led on Lenovo M820z and M920z (LP: #1774306)
    - ALSA: hda/realtek - Enable mic-mute hotkey for several Lenovo AIOs
  * CVE-2018-7755
    - SAUCE: floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl
  * CVE-2018-5750
    - ACPI: sbshc: remove raw pointer from printk() message

 -- Chia-Lin Kao (AceLan) <email address hidden>  Wed, 20 Jun 2018 14:04:03 +0800
Superseded in cosmic-release on 2018-07-03
Superseded in bionic-security on 2018-07-02
Superseded in bionic-updates on 2018-07-02
Deleted in cosmic-proposed (Reason: moved to release)
Deleted in bionic-proposed (Reason: moved to -updates)
linux-oem (4.15.0-1008.11) bionic; urgency=medium

  * linux-oem: 4.15.0-1008.11 -proposed tracker (LP: #1774764)

  * [Redpine] Wifi AP does not work  (LP: #1774606)
    - Revert "UBUNTU: SAUCE: rsi: drop RX broadcast/multicast packets with invalid
      PN"
    - SAUCE: rsi: fix for 40MHZ connection issue.
    - SAUCE: rsi: add firmware support for AP+BT dual mode

Superseded in xenial-security on 2018-07-02
Superseded in xenial-updates on 2018-07-02
Deleted in xenial-proposed (Reason: moved to -updates)
linux-oem (4.13.0-1030.33) xenial; urgency=medium

  * linux-oem: 4.13.0-1030.33 -proposed tracker (LP: #1774126)

  * Miscellaneous Ubuntu changes
    - Rebase to 4.13.0-45.50

  [ Ubuntu: 4.13.0-45.50 ]

  * linux: 4.13.0-45.50 -proposed tracker (LP: #1774124)
  * CVE-2018-3639 (x86)
    - SAUCE: Set generic SSBD feature for Intel cpus

Deleted in cosmic-proposed on 2018-06-04 (Reason: NBS)
Deleted in bionic-proposed on 2018-06-04 (Reason: NBS)
linux-oem (4.15.0-1007.10) bionic; urgency=medium

  * linux-oem: 4.15.0-1007.10 -proposed tracker (LP: #1772933)

  * Intel WiFi Linux driver update for ETSI 5GHz Adaptivity Requirement
    (LP: #1769980)
    - iwlwifi: mvm: add WFA vendor specific TPC report IE to probe request
    - iwlwifi: mvm: remove set but unused variable in iwl_mvm_roc_done_wk
    - iwlwifi: mvm: rs: introduce new API for rate scaling
    - iwlwifi: mvm: rs: add ops for the new rate scaling in the FW
    - iwlwifi: mvm: rs: add basic implementation of the new RS API handlers
    - iwlwifi: mvm: rs: new rate scale API - add FW notifications
    - iwlwifi: mvm: rs: new rate scale API - add debugfs hooks
    - iwlwifi: mvm: rs: add size checks when printing to a buffer
    - iwlwifi: mvm: rs: add sanity check when sending LQ command
    - iwlwifi: mvm: support RX flags API change
    - iwlwifi: fw: fix the enums in the rate scaling API
    - iwlwifi: mvm: adjust to quota offload
    - iwlwifi: mvm: send the low latency command
    - iwlwifi: define and use if iwl_mvm_has_tlc_offload
    - cfg80211: read wmm rules from regulatory database
    - mac80211: limit wmm params to comply with ETSI requirements
    - cfg80211: Add API to allow querying regdb for wmm_rule
    - iwlwifi: mvm: query regdb for wmm rule if needed
    - iwlwifi: rename the temporary name of A000 to the official 22000
    - iwlwifi: bump FW API to 36 for 8000 and up
    - iwlwifi: bump the max API version for 9000 and 22000 devices
    - iwlwifi: api: Add geographic profile information to MCC_UPDATE_CMD

  * [Redpine] HCI command timeout after resume from S4 (LP: #1772626)
    - SAUCE: Bluetooth: btrsi: add hci detach for hibernation and poweroff
    - SAUCE: Bluetooth:btrsi: add null check in hci send and recv functions
    - SAUCE: Bluetooth:btrsi: fix bt cmd timeout issue

  * Switch Build-Depends: transfig to fig2dev (LP: #1770770)
    - [Config] update Build-Depends: transfig to fig2dev

  * Miscellaneous Ubuntu changes
    - Rebase to 4.15.0-23.25

  [ Ubuntu: 4.15.0-23.25 ]

  * linux: 4.15.0-23.25 -proposed tracker (LP: #1772927)
  * arm64 SDEI support needs trampoline code for KPTI (LP: #1768630)
    - arm64: mmu: add the entry trampolines start/end section markers into
      sections.h
    - arm64: sdei: Add trampoline code for remapping the kernel
  * Some PCIe errors not surfaced through rasdaemon (LP: #1769730)
    - ACPI: APEI: handle PCIe AER errors in separate function
    - ACPI: APEI: call into AER handling regardless of severity
  * qla2xxx: Fix page fault at kmem_cache_alloc_node() (LP: #1770003)
    - scsi: qla2xxx: Fix session cleanup for N2N
    - scsi: qla2xxx: Remove unused argument from qlt_schedule_sess_for_deletion()
    - scsi: qla2xxx: Serialize session deletion by using work_lock
    - scsi: qla2xxx: Serialize session free in qlt_free_session_done
    - scsi: qla2xxx: Don't call dma_free_coherent with IRQ disabled.
    - scsi: qla2xxx: Fix warning in qla2x00_async_iocb_timeout()
    - scsi: qla2xxx: Prevent relogin trigger from sending too many commands
    - scsi: qla2xxx: Fix double free bug after firmware timeout
    - scsi: qla2xxx: Fixup locking for session deletion
  * Several hisi_sas bug fixes (LP: #1768974)
    - scsi: hisi_sas: dt-bindings: add an property of signal attenuation
    - scsi: hisi_sas: support the property of signal attenuation for v2 hw
    - scsi: hisi_sas: fix the issue of link rate inconsistency
    - scsi: hisi_sas: fix the issue of setting linkrate register
    - scsi: hisi_sas: increase timer expire of internal abort task
    - scsi: hisi_sas: remove unused variable hisi_sas_devices.running_req
    - scsi: hisi_sas: fix return value of hisi_sas_task_prep()
    - scsi: hisi_sas: Code cleanup and minor bug fixes
  * [bionic] machine stuck and bonding not working well when nvmet_rdma module
    is loaded (LP: #1764982)
    - nvmet-rdma: Don't flush system_wq by default during remove_one
    - nvme-rdma: Don't flush delete_wq by default during remove_one
  * Warnings/hang during error handling of SATA disks on SAS controller
    (LP: #1768971)
    - scsi: libsas: defer ata device eh commands to libata
  * Hotplugging a SATA disk into a SAS controller may cause crash (LP: #1768948)
    - ata: do not schedule hot plug if it is a sas host
  * ISST-LTE:pKVM:Ubuntu1804: rcu_sched self-detected stall on CPU follow by CPU
    ATTEMPT TO RE-ENTER FIRMWARE! (LP: #1767927)
    - powerpc/powernv: Handle unknown OPAL errors in opal_nvram_write()
    - powerpc/64s: return more carefully from sreset NMI
    - powerpc/64s: sreset panic if there is no debugger or crash dump handlers
  * fsnotify: Fix fsnotify_mark_connector race (LP: #1765564)
    - fsnotify: Fix fsnotify_mark_connector race
  * Hang on network interface removal in Xen virtual machine (LP: #1771620)
    - xen-netfront: Fix hang on device removal
  * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977)
    - net: hns: Avoid action name truncation
  * Ubuntu 18.04 kernel crashed while in degraded mode (LP: #1770849)
    - SAUCE: powerpc/perf: Fix memory allocation for core-imc based on
      num_possible_cpus()
  * Switch Build-Depends: transfig to fig2dev (LP: #1770770)
    - [Config] update Build-Depends: transfig to fig2dev
  * smp_call_function_single/many core hangs with stop4 alone (LP: #1768898)
    - cpufreq: powernv: Fix hardlockup due to synchronous smp_call in timer
      interrupt
  * Add d-i support for Huawei NICs (LP: #1767490)
    - d-i: add hinic to nic-modules udeb
  * unregister_netdevice: waiting for eth0 to become free. Usage count = 5
    (LP: #1746474)
    - xfrm: reuse uncached_list to track xdsts
  * Include nfp driver in linux-modules (LP: #1768526)
    - [Config] Add nfp.ko to generic inclusion list
  * Kernel panic on boot (m1.small in cn-north-1) (LP: #1771679)
    - x86/xen: Reset VCPU0 info pointer after shared_info remap
  * CVE-2018-3639 (x86)
    - x86/bugs: Fix the parameters alignment and missing void
    - KVM: SVM: Move spec control call after restore of GS
    - x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP
    - x86/cpufeatures: Disentangle MSR_SPEC_CTRL enumeration from IBRS
    - x86/cpufeatures: Disentangle SSBD enumeration
    - x86/cpufeatures: Add FEATURE_ZEN
    - x86/speculation: Handle HT correctly on AMD
    - x86/bugs, KVM: Extend speculation control for VIRT_SPEC_CTRL
    - x86/speculation: Add virtualized speculative store bypass disable support
    - x86/speculation: Rework speculative_store_bypass_update()
    - x86/bugs: Unify x86_spec_ctrl_{set_guest,restore_host}
    - x86/bugs: Expose x86_spec_ctrl_base directly
    - x86/bugs: Remove x86_spec_ctrl_set()
    - x86/bugs: Rework spec_ctrl base and mask logic
    - x86/speculation, KVM: Implement support for VIRT_SPEC_CTRL/LS_CFG
    - KVM: SVM: Implement VIRT_SPEC_CTRL support for SSBD
    - x86/bugs: Rename SSBD_NO to SSB_NO
    - bpf: Prevent memory disambiguation attack
    - KVM: VMX: Expose SSBD properly to guests.
  * Suspend to idle: Open lid didn't resume (LP: #1771542)
    - ACPI / PM: Do not reconfigure GPEs for suspend-to-idle
  * Fix initialization failure detection in SDEI for device-tree based systems
    (LP: #1768663)
    - firmware: arm_sdei: Fix return value check in sdei_present_dt()
  * No driver for Huawei network adapters on arm64 (LP: #1769899)
    - net-next/hinic: add arm64 support
  * CVE-2018-1092
    - ext4: fail ext4_iget for root directory if unallocated
  * kernel 4.15 breaks nouveau on Lenovo P50 (LP: #1763189)
    - drm/nouveau: Fix deadlock in nv50_mstm_register_connector()
  * update-initramfs not adding i915 GuC firmware for Kaby Lake, firmware fails
    to load (LP: #1728238)
    - Revert "UBUNTU: SAUCE: (no-up) i915: Remove MODULE_FIRMWARE statements for
      unreleased firmware"
  * Battery drains when laptop is off  (shutdown) (LP: #1745646)
    - PCI / PM: Check device_may_wakeup() in pci_enable_wake()
  * Dell Latitude 5490/5590 BIOS update 1.1.9 causes black screen at boot
    (LP: #1764194)
    - drm/i915/bios: filter out invalid DDC pins from VBT child devices
  * Intel 9462 A370:42A4 doesn't work (LP: #1748853)
    - iwlwifi: add shared clock PHY config flag for some devices
    - iwlwifi: add a bunch of new 9000 PCI IDs
  * Fix an issue that some PCI devices get incorrectly suspended (LP: #1764684)
    - PCI / PM: Always check PME wakeup capability for runtime wakeup support
  * [SRU][Bionic/Artful] fix false positives in W+X checking (LP: #1769696)
    - init: fix false positives in W+X checking
  * Bionic update to v4.15.18 stable release (LP: #1769723)
    - netfilter: ipset: Missing nfnl_lock()/nfnl_unlock() is added to
      ip_set_net_exit()
    - cdc_ether: flag the Cinterion AHS8 modem by gemalto as WWAN
    - rds: MP-RDS may use an invalid c_path
    - slip: Check if rstate is initialized before uncompressing
    - vhost: fix vhost_vq_access_ok() log check
    - l2tp: fix races in tunnel creation
    - l2tp: fix race in duplicate tunnel detection
    - ip_gre: clear feature flags when incompatible o_flags are set
    - vhost: Fix vhost_copy_to_user()
    - lan78xx: Correctly indicate invalid OTP
    - media: v4l2-compat-ioctl32: don't oops on overlay
    - media: v4l: vsp1: Fix header display list status check in continuous mode
    - ipmi: Fix some error cleanup issues
    - parisc: Fix out of array access in match_pci_device()
    - parisc: Fix HPMC handler by increasing size to multiple of 16 bytes
    - Drivers: hv: vmbus: do not mark HV_PCIE as perf_device
    - PCI: hv: Serialize the present and eject work items
    - PCI: hv: Fix 2 hang issues in hv_compose_msi_msg()
    - KVM: PPC: Book3S HV: trace_tlbie must not be called in realmode
    - perf/core: Fix use-after-free in uprobe_perf_close()
    - x86/mce/AMD: Get address from already initialized block
    - hwmon: (ina2xx) Fix access to uninitialized mutex
    - ath9k: Protect queue draining by rcu_read_lock()
    - x86/apic: Fix signedness bug in APIC ID validity checks
    - f2fs: fix heap mode to reset it back
    - block: Change a rcu_read_{lock,unlock}_sched() pair into
      rcu_read_{lock,unlock}()
    - nvme: Skip checking heads without namespaces
    - lib: fix stall in __bitmap_parselist()
    - blk-mq: order getting budget and driver tag
    - blk-mq: don't keep offline CPUs mapped to hctx 0
    - ovl: fix lookup with middle layer opaque dir and absolute path redirects
    - xen: xenbus_dev_frontend: Fix XS_TRANSACTION_END handling
    - hugetlbfs: fix bug in pgoff overflow checking
    - nfsd: fix incorrect umasks
    - scsi: qla2xxx: Fix small memory leak in qla2x00_probe_one on probe failure
    - block/loop: fix deadlock after loop_set_status
    - nfit: fix region registration vs block-data-window ranges
    - s390/qdio: don't retry EQBS after CCQ 96
    - s390/qdio: don't merge ERROR output buffers
    - s390/ipl: ensure loadparm valid flag is set
    - get_user_pages_fast(): return -EFAULT on access_ok failure
    - mm/gup_benchmark: handle gup failures
    - getname_kernel() needs to make sure that ->name != ->iname in long case
    - Bluetooth: Fix connection if directed advertising and privacy is used
    - Bluetooth: hci_bcm: Treat Interrupt ACPI resources as always being active-
      low
    - rtl8187: Fix NULL pointer dereference in priv->conf_mutex
    - ovl: set lower layer st_dev only if setting lower st_ino
    - Linux 4.15.18
  * Kernel bug when unplugging Thunderbolt 3 cable, leaves xHCI host controller
    dead (LP: #1768852)
    - xhci: Fix Kernel oops in xhci dbgtty
  * Incorrect blacklist of bcm2835_wdt (LP: #1766052)
    - [Packaging] Fix missing watchdog for Raspberry Pi
  * CVE-2018-8087
    - mac80211_hwsim: fix possible memory leak in hwsim_new_radio_nl()
  * Integrated Webcam Realtek Integrated_Webcam_HD (0bda:58f4) not working in
    DELL XPS 13 9370 with firmware 1.50 (LP: #1763748)
    - SAUCE: media: uvcvideo: Support realtek's UVC 1.5 device
  * [ALSA] [PATCH] Clevo P950ER ALC1220 Fixup (LP: #1769721)
    - SAUCE: ALSA: hda/realtek - Clevo P950ER ALC1220 Fixup
  * Bionic: Intermittently sent to Emergency Mode on boot with unhandled kernel
    NULL pointer dereference at  0000000000000980 (LP: #1768292)
    - thunderbolt: Prevent crash when ICM firmware is not running
  * linux-snapdragon: reduce EPROBEDEFER noise during boot (LP: #1768761)
    - [Config] snapdragon: DRM_I2C_ADV7511=y
  * regression Aquantia Corp. AQC107 4.15.0-13-generic -> 4.15.0-20-generic ?
    (LP: #1767088)
    - net: aquantia: Regression on reset with 1.x firmware
    - net: aquantia: oops when shutdown on already stopped device
  * e1000e msix interrupts broken in linux-image-4.15.0-15-generic
    (LP: #1764892)
    - e1000e: Remove Other from EIAC
  * Acer Swift sf314-52 power button not managed  (LP: #1766054)
    - SAUCE: platform/x86: acer-wmi: add another KEY_POWER keycode
  * set PINCFG_HEADSET_MIC to parse_flags for Dell precision 3630 (LP: #1766398)
    - ALSA: hda/realtek - set PINCFG_HEADSET_MIC to parse_flags
  * Change the location for one of two front mics on a lenovo thinkcentre
    machine (LP: #1766477)
    - ALSA: hda/realtek - adjust the location of one mic
  * SRU: bionic: apply 50 ZFS upstream bugfixes (LP: #1764690)
    - SAUCE: (noup) Update zfs to 0.7.5-1ubuntu15 (LP: #1764690)
  * [8086:3e92] display becomes blank after S3 (LP: #1763271)
    - drm/i915/edp: Do not do link training fallback or prune modes on EDP

 -- Timo Aaltonen <email address hidden>  Wed, 30 May 2018 09:57:46 +0300
Deleted in xenial-proposed on 2018-06-01 (Reason: NBS)
linux-oem (4.13.0-1029.32) xenial; urgency=medium

  * linux-oem: 4.13.0-1029.32 -proposed tracker (LP: #1772956)

  * Enable AMD PCIe MP2 for AMDI0011 (LP: #1773940)
    - SAUCE: i2c:amd I2C Driver based on PCI Interface for upcoming platform

  * Intel WiFi Linux driver update for ETSI 5GHz Adaptivity Requirement
    (LP: #1769980)
    - iwlwifi: track current firmware image in common code
    - iwlwifi: refactor firmware debug code
    - iwlwifi: mvm: support fw reading empty OTP
    - iwlwifi: implement fseq version mismatch warning
    - iwlwifi: mvm: fix the FIFO numbers in A000 devices
    - iwlwifi: mvm: remove non-DQA mode
    - iwlwifi: mvm: check family instead of new TX API for workarounds
    - iwlwifi: mvm: add and use iwl_mvm_has_unified_ucode()
    - iwlwifi: mvm: move a000 device NVM retrieval to a common place
    - Revert "UBUNTU: SAUCE: iwlwifi: Adding missing id A370:42A4"
    - Revert "iwlwifi: fix PCI IDs and configuration mapping for 9000 series"
    - Revert "iwlwifi: fix firmware names for 9000 and A000 series hw"
    - iwlwifi: add support of FPGA fw
    - iwlwifi: fix nmi triggering from host
    - iwlwifi: pcie: free the TSO page when a Tx queue is unmapped on A000 devices
    - iwlwifi: mvm: fix the coex firmware API
    - iwlwifi: mvm: support new Coex firmware API
    - iwlwifi: pcie: support short Tx queues for A000 device family
    - iwlwifi: mvm: group all dummy SAR function declarations together
    - iwlwifi: mvm: use mvmsta consistently in rs.c
    - iwlwifi: distinguish different RF modules in A000 devices
    - iwlwifi: update channel flags parser
    - iwlwifi: mvm: change open and close criteria of a BA session
    - iwlwifi: fw: fix lar_enabled endian problem in iwl_fw_get_nvm
    - iwlwifi: mvm: remove useless argument in iwl_nvm_init()
    - cfg80211: honor NL80211_RRF_NO_HT40{MINUS,PLUS}
    - cfg80211/nl80211: add a port authorized event
    - ieee80211: Add WFA TPC report element OUI type
    - iwlwifi: mvm: bump API to 34 for 8000 and up
    - iwlwifi: fix long debug print
    - iwlwifi: nvm-parse: unify channel flags printing
    - iwlwifi: nvm: set the correct offsets to 3168 series
    - iwlwifi: mvm: Add new quota command API
    - iwlwifi: mvm: remove support for Link Quality Measurements
    - iwlwifi: pcie: dynamic Tx command queue size
    - iwlwifi: acpi: add common code to read from ACPI
    - iwlwifi: acpi: move ACPI method definitions to acpi.h
    - iwlwifi: acpi: move ACPI-related definitions to acpi.h
    - iwlwifi: acpi: generalize iwl_mvm_sar_find_wifi_pkg()
    - iwlwifi: acpi: use iwl_acpi_get_wifi_pkg when reading reading SPLC
    - iwlwifi: acpi: make iwl_get_bios_mcc() use the common acpi functions
    - iwlwifi: acpi: move function to get mcc into acpi code
    - cfg80211: support loading regulatory database as firmware file
    - cfg80211: support reloading regulatory database
    - cfg80211: reg: remove support for built-in regdb
    - cfg80211: implement regdb signature checking
    - cfg80211: fix CFG80211_EXTRA_REGDB_KEYDIR typo
    - iwlwifi: pcie: sort IDs for the 9000 series for easier comparisons
    - iwlwifi: mvm: allow reading UMAC error data from SMEM in A000 devices
    - iwlwifi: mvm: move umac_error_event_table validity check to where it's set
    - iwlwifi: define minimum valid address for umac_error_event_table in cfg
    - iwlwifi: fix multi queue notification for a000 devices
    - iwlwifi: add new cards for 8260 series
    - iwlwifi: add new cards for 8265 series
    - iwlwifi: add new cards for a000 series
    - cfg80211: don't print log output for building shipped-certs
    - iwlwifi: fix PCI IDs and configuration mapping for 9000 series
    - iwlwifi: fix firmware names for 9000 and A000 series hw
    - cfg80211: initialize regulatory keys/database later
    - iwlwifi: rename the temporary name of A000 to the official 22000
    - iwlwifi: mvm: add WFA vendor specific TPC report IE to probe request
    - iwlwifi: mvm: remove set but unused variable in iwl_mvm_roc_done_wk
    - iwlwifi: mvm: rs: introduce new API for rate scaling
    - iwlwifi: mvm: rs: add ops for the new rate scaling in the FW
    - iwlwifi: mvm: rs: add basic implementation of the new RS API handlers
    - iwlwifi: mvm: rs: new rate scale API - add FW notifications
    - iwlwifi: mvm: rs: new rate scale API - add debugfs hooks
    - iwlwifi: mvm: rs: add size checks when printing to a buffer
    - iwlwifi: mvm: rs: add sanity check when sending LQ command
    - iwlwifi: bump FW API to 36 for 8000 and up
    - wireless: replace usage of hexdump with od/sed
    - wireless: don't write C files on failures
    - cfg80211: always rewrite generated files from scratch
    - cfg80211: ship certificates as hex files
    - iwlwifi: mvm: support RX flags API change
    - iwlwifi: fw: fix the enums in the rate scaling API
    - iwlwifi: mvm: adjust to quota offload
    - iwlwifi: mvm: send the low latency command
    - iwlwifi: define and use if iwl_mvm_has_tlc_offload
    - iwlwifi: runtime: sync FW and host clocks for logs
    - iwlwifi: align timestamp cancel with timestamp start
    - iwlwifi: Cancel and set MARKER_CMD timer during suspend-resume
    - iwlwifi: add shared clock PHY config flag for some devices
    - iwlwifi: add a bunch of new 9000 PCI IDs
    - iwlwifi: bump the max API version for 9000 and 22000 devices
    - iwlwifi: api: Add geographic profile information to MCC_UPDATE_CMD
    - iwlwifi: set default timstamp marker cmd
    - cfg80211: read wmm rules from regulatory database
    - mac80211: limit wmm params to comply with ETSI requirements
    - cfg80211: Add API to allow querying regdb for wmm_rule
    - iwlwifi: mvm: query regdb for wmm rule if needed

  * regression Aquantia Corp. AQC107 4.15.0-13-generic -> 4.15.0-20-generic ?
    (LP: #1767088)
    - net: aquantia: Regression on reset with 1.x firmware
    - net: aquantia: oops when shutdown on already stopped device

  * Support Realtek Bluetooth [0bda:c024] (LP: #1771919)
    - SAUCE: support realtek bluetooth 0bda:c024

  * Miscellaneous Ubuntu changes
    - Rebase to 4.13.0-44.49
    - [Packaging] skip cloud tools packaging when not building package

  * Miscellaneous upstream changes
    - Ubuntu: [Config] Enable config for CFG80211 REGDB and I2C_AMD_MP2

  [ Ubuntu: 4.13.0-44.49 ]

  * linux: 4.13.0-44.49 -proposed tracker (LP: #1772951)
  * CVE-2018-3639 (x86)
    - x86/cpu: Make alternative_msr_write work for 32-bit code
    - x86/cpu/AMD: Fix erratum 1076 (CPB bit)
    - x86/bugs: Fix the parameters alignment and missing void
    - KVM: SVM: Move spec control call after restore of GS
    - x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP
    - x86/cpufeatures: Disentangle MSR_SPEC_CTRL enumeration from IBRS
    - x86/cpufeatures: Disentangle SSBD enumeration
    - x86/cpufeatures: Add FEATURE_ZEN
    - x86/speculation: Handle HT correctly on AMD
    - x86/bugs, KVM: Extend speculation control for VIRT_SPEC_CTRL
    - x86/speculation: Add virtualized speculative store bypass disable support
    - x86/speculation: Rework speculative_store_bypass_update()
    - x86/bugs: Unify x86_spec_ctrl_{set_guest,restore_host}
    - x86/bugs: Expose x86_spec_ctrl_base directly
    - x86/bugs: Remove x86_spec_ctrl_set()
    - x86/bugs: Rework spec_ctrl base and mask logic
    - x86/speculation, KVM: Implement support for VIRT_SPEC_CTRL/LS_CFG
    - KVM: SVM: Implement VIRT_SPEC_CTRL support for SSBD
    - x86/bugs: Rename SSBD_NO to SSB_NO
    - bpf: Prevent memory disambiguation attack
    - KVM: VMX: Expose SSBD properly to guests.
  * [Ubuntu 16.04] kernel: fix rwlock implementation (LP: #1761674)
    - SAUCE: (no-up) s390: fix rwlock implementation
  * CVE-2018-7492
    - rds: Fix NULL pointer dereference in __rds_rdma_map
  * CVE-2018-8781
    - drm: udl: Properly check framebuffer mmap offsets
  * fsnotify: Fix fsnotify_mark_connector race (LP: #1765564)
    - fsnotify: Fix fsnotify_mark_connector race
  * Kernel panic on boot (m1.small in cn-north-1) (LP: #1771679)
    - x86/xen: Reset VCPU0 info pointer after shared_info remap
  * Suspend to idle: Open lid didn't resume (LP: #1771542)
    - ACPI / PM: Do not reconfigure GPEs for suspend-to-idle
  * CVE-2018-1092
    - ext4: fail ext4_iget for root directory if unallocated
  * [SRU][Artful] using vfio-pci on a combination of cn8xxx and some PCI devices
    results in a kernel panic. (LP: #1770254)
    - PCI: Avoid bus reset if bridge itself is broken
    - PCI: Mark Cavium CN8xxx to avoid bus reset
    - PCI: Avoid slot reset if bridge itself is broken
  * Battery drains when laptop is off  (shutdown) (LP: #1745646)
    - PCI / PM: Check device_may_wakeup() in pci_enable_wake()
  * perf record crash: refcount_inc assertion  failed (LP: #1769027)
    - perf cgroup: Fix refcount usage
    - perf xyarray: Fix wrong processing when closing evsel fd
  * Dell Latitude 5490/5590 BIOS update 1.1.9 causes black screen at boot
    (LP: #1764194)
    - drm/i915/bios: filter out invalid DDC pins from VBT child devices
  * Fix an issue that some PCI devices get incorrectly suspended (LP: #1764684)
    - PCI / PM: Always check PME wakeup capability for runtime wakeup support
  * [SRU][Bionic/Artful] fix false positives in W+X checking (LP: #1769696)
    - init: fix false positives in W+X checking
  * CVE-2018-1068
    - netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets
  * CVE-2018-8087
    - mac80211_hwsim: fix possible memory leak in hwsim_new_radio_nl()
  * Integrated Webcam Realtek Integrated_Webcam_HD (0bda:58f4) not working in
    DELL XPS 13 9370 with firmware 1.50 (LP: #1763748)
    - SAUCE: media: uvcvideo: Support realtek's UVC 1.5 device
  * unregister_netdevice: waiting for eth0 to become free. Usage count = 5
    (LP: #1746474)
    - ipv4: convert dst_metrics.refcnt from atomic_t to refcount_t
    - xfrm: reuse uncached_list to track xdsts
  * Acer Swift sf314-52 power button not managed  (LP: #1766054)
    - SAUCE: platform/x86: acer-wmi: add another KEY_POWER keycode
  * set PINCFG_HEADSET_MIC to parse_flags for Dell precision 3630 (LP: #1766398)
    - ALSA: hda/realtek - set PINCFG_HEADSET_MIC to parse_flags
  * Change the location for one of two front mics on a lenovo thinkcentre
    machine (LP: #1766477)
    - ALSA: hda/realtek - adjust the location of one mic

 -- Timo Aaltonen <email address hidden>  Tue, 29 May 2018 14:24:44 +0300
Superseded in xenial-security on 2018-06-11
Superseded in xenial-updates on 2018-06-11
Deleted in xenial-proposed (Reason: moved to -updates)
linux-oem (4.13.0-1028.31) xenial; urgency=medium

  [ Ubuntu: 4.13.0-43.48 ]

  * CVE-2018-3639 (powerpc)
    - SAUCE: rfi-flush: update H_CPU_* macro names to upstream
    - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to
      upstream
    - SAUCE: update pseries_setup_rfi_flush() capitalization to upstream
    - powerpc/pseries: Support firmware disable of RFI flush
    - powerpc/powernv: Support firmware disable of RFI flush
    - powerpc/64s: Allow control of RFI flush via debugfs
    - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
    - powerpc/rfi-flush: Always enable fallback flush on pseries
    - powerpc/rfi-flush: Differentiate enabled and patched flush types
    - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
    - powerpc: Add security feature flags for Spectre/Meltdown
    - powerpc/powernv: Set or clear security feature flags
    - powerpc/pseries: Set or clear security feature flags
    - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
    - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
    - powerpc/pseries: Fix clearing of security feature flags
    - powerpc: Move default security feature flags
    - powerpc/pseries: Restore default security feature flags on setup
    - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit
  * CVE-2018-3639 (x86)
    - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES
    - SAUCE: x86: Add alternative_msr_write
    - x86/nospec: Simplify alternative_msr_write()
    - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
    - x86/bugs: Concentrate bug detection into a separate function
    - x86/bugs: Concentrate bug reporting into a separate function
    - x86/msr: Add definitions for new speculation control MSRs
    - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
    - x86/bugs, KVM: Support the combination of guest and host IBRS
    - x86/bugs: Expose /sys/../spec_store_bypass
    - x86/cpufeatures: Add X86_FEATURE_RDS
    - x86/bugs: Provide boot parameters for the spec_store_bypass_disable
      mitigation
    - x86/bugs/intel: Set proper CPU features and setup RDS
    - x86/bugs: Whitelist allowed SPEC_CTRL MSR values
    - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
    - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
    - x86/speculation: Create spec-ctrl.h to avoid include hell
    - prctl: Add speculation control prctls
    - x86/process: Allow runtime control of Speculative Store Bypass
    - x86/speculation: Add prctl for Speculative Store Bypass mitigation
    - nospec: Allow getting/setting on non-current task
    - proc: Provide details on speculation flaw mitigations
    - seccomp: Enable speculation flaw mitigations
    - SAUCE: x86/bugs: Honour SPEC_CTRL default
    - x86/bugs: Make boot modes __ro_after_init
    - prctl: Add force disable speculation
    - seccomp: Use PR_SPEC_FORCE_DISABLE
    - seccomp: Add filter flag to opt-out of SSB mitigation
    - seccomp: Move speculation migitation control to arch code
    - x86/speculation: Make "seccomp" the default mode for Speculative Store
      Bypass
    - x86/bugs: Rename _RDS to _SSBD
    - proc: Use underscores for SSBD in 'status'
    - Documentation/spec_ctrl: Do some minor cleanups
    - x86/bugs: Fix __ssb_select_mitigation() return type
    - x86/bugs: Make cpu_show_common() static
  * LSM Stacking prctl values should be redefined as to not collide with
    upstream prctls (LP: #1769263) // CVE-2018-3639
    - SAUCE: LSM stacking: adjust prctl values

Superseded in cosmic-release on 2018-06-15
Deleted in cosmic-proposed (Reason: moved to release)
Superseded in bionic-security on 2018-06-13
Superseded in bionic-updates on 2018-06-13
Deleted in bionic-proposed (Reason: moved to -updates)
linux-oem (4.15.0-1006.9) bionic; urgency=medium

  * linux-image-4.15.0-20-generic install after upgrade from xenial breaks
    (LP: #1767133)
    - Packaging: Depends on linux-base that provides the necessary tools

  [ Ubuntu: 4.15.0-22.24 ]

  * CVE-2018-3639 (powerpc)
    - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit
    - stf-barrier: set eieio instruction bit 6 for future optimisations
  * CVE-2018-3639 (x86)
    - x86/nospec: Simplify alternative_msr_write()
    - x86/bugs: Concentrate bug detection into a separate function
    - x86/bugs: Concentrate bug reporting into a separate function
    - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
    - x86/bugs, KVM: Support the combination of guest and host IBRS
    - x86/bugs: Expose /sys/../spec_store_bypass
    - x86/cpufeatures: Add X86_FEATURE_RDS
    - x86/bugs: Provide boot parameters for the spec_store_bypass_disable
      mitigation
    - x86/bugs/intel: Set proper CPU features and setup RDS
    - x86/bugs: Whitelist allowed SPEC_CTRL MSR values
    - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
    - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
    - x86/speculation: Create spec-ctrl.h to avoid include hell
    - prctl: Add speculation control prctls
    - x86/process: Allow runtime control of Speculative Store Bypass
    - x86/speculation: Add prctl for Speculative Store Bypass mitigation
    - nospec: Allow getting/setting on non-current task
    - proc: Provide details on speculation flaw mitigations
    - seccomp: Enable speculation flaw mitigations
    - x86/bugs: Make boot modes __ro_after_init
    - prctl: Add force disable speculation
    - seccomp: Use PR_SPEC_FORCE_DISABLE
    - seccomp: Add filter flag to opt-out of SSB mitigation
    - seccomp: Move speculation migitation control to arch code
    - x86/speculation: Make "seccomp" the default mode for Speculative Store
      Bypass
    - x86/bugs: Rename _RDS to _SSBD
    - proc: Use underscores for SSBD in 'status'
    - Documentation/spec_ctrl: Do some minor cleanups
    - x86/bugs: Fix __ssb_select_mitigation() return type
    - x86/bugs: Make cpu_show_common() static
  * LSM Stacking prctl values should be redefined as to not collide with
    upstream prctls (LP: #1769263) // CVE-2018-3639
    - SAUCE: LSM stacking: adjust prctl values

Deleted in cosmic-proposed on 2018-05-31 (Reason: NBS)
Deleted in bionic-proposed on 2018-05-31 (Reason: NBS)
linux-oem (4.15.0-1005.8) bionic; urgency=medium

  * linux-oem: 4.15.0-1005.8 -proposed tracker (LP: #1767398)
    - source built with a clean tree

  * [i915 CNL-Y] system hangs soon after bootup (LP: #1769843)
    - SAUCE: drm/i915/execlists: Use rmb() to order CSB reads

  * hts221 sensor stops working after resume from S3/S4 (LP: #1769658)
    - SAUCE: iio: humidity: hts221: Fix sensor reads after resume

  * Support Intel Atom (Baytrail-I) HS-UART serdev slaves over tty
    (LP: #1769610)
    - serdev: ttyport: release tty lock sooner on open
    - serdev: ttyport: ignore carrier detect to avoid hangups
    - serdev: ttyport: do not used keyed wakeup in write_wakeup
    - serdev: Make .remove in struct serdev_device_driver optional
    - serdev: Introduce devm_serdev_device_open()
    - serdev: do not generate modaliases for controllers
    - serdev: only match serdev devices
    - serdev: add method to set parity
    - SAUCE: (no-up) Support HS-UART serdev slaves over tty
    - [Config] CONFIG_HSUART_SERIAL_DEVICE=y

  * Support latest Redpine WLAN/BT RS9113 driver (LP: #1657682)
    - SAUCE: rsi: add rx control block to handle rx packets in USB
    - SAUCE: rsi: add bluetooth rx endpoint
    - SAUCE: rsi: add header file rsi_91x
    - SAUCE: rsi: add coex support
    - SAUCE: Bluetooth: bt: rsi: add new rsi bluetooth driver
    - SAUCE: rsi: handle BT traffic in driver
    - SAUCE: rsi: add module parameter operating mode
    - SAUCE: rsi: sdio changes to support BT
    - SAUCE: rsi: improve RX handling in SDIO interface
    - SAUCE: rsi: use dynamic RX control blocks instead of MAX_RX_URB
    - SAUCE: rsi: improve RX packet handling in USB interface
    - SAUCE: rsi: add support for hardware scan offload
    - SAUCE: rsi: move xtend_desc structure from rsi_main.h to rsi_mgmt.h
    - SAUCE: rsi: move descriptor preparation to core
    - SAUCE: rsi: enable 80MHz clock by default
    - SAUCE: rsi: roaming enhancements
    - SAUCE: rsi: add module parameter rsi_reg
    - SAUCE: rsi: regulatory modifications for 'dlcar' mode
    - SAUCE: rsi: device disconnect changes
    - SAUCE: rsi: tx improvements
    - SAUCE: rsi: drop RX broadcast/multicast packets with invalid PN
    - SAUCE: rsi: fix for incorrect data pointer alignment in 64-bit
    - SAUCE: rsi: Remove stack VLA usage
    - SAUCE: rsi: fix nommu_map_sg overflow kernel panic
    - SAUCE: rsi: Fix 'invalid vdd' warning in mmc
    - SAUCE: Redpine: Fix wowlan issue with S4
    - SAUCE: Redpine: rsi: Add deep sleep enable before connection
    - SAUCE: Redpine: resolve power save issue after S4 resume
    - SAUCE: Redpine: rsi: resolve wifi scan stop issue in stress tests
    - SAUCE: rsi: Firmware assert
    - SAUCE: Added fix for connection issue observed with nmcli command.
    - SAUCE: Added fix for hang issue observed during hibernate resume.
    - SAUCE: Added fix for issue power off when connected to AP through nmcli.
    - SAUCE: rsi: improve cancel_hw_scan handling to fix kernel panic
    - [Config]: CONFIG_BT_HCIRSI=m

  * Support latest Redpine WLAN/BT RS9113 driver (LP: #1657682) // INVALID or
    PRIVATE BUG (LP: #1736097) // INVALID or PRIVATE BUG (LP: #1738169)
    - SAUCE: Redpine: fix wowlan issue
    - SAUCE: Redpine: fix reset card issue
    - SAUCE: Redpine: fix for wowlan wakeup failure

  * Support latest Redpine WLAN/BT RS9113 driver (LP: #1657682) // ubuntu/rsi
    driver downlink wifi throughput drops to 5-6 Mbps when BT keyboard is
    connected (LP: #1706991)
    - SAUCE: Redpine: uapsd configuration changes

  * Miscellaneous Ubuntu changes
    - Rebase to 4.15.0-21.22
    - [Config] update configs following rebase to 4.15.0-21.22

  [ Ubuntu: 4.15.0-21.22 ]

  * linux: 4.15.0-21.22 -proposed tracker (LP: #1767397)
  * initramfs-tools exception during pm.DoInstall with  do-release-upgrade from
    16.04 to 18.04  (LP: #1766727)
    - Add linux-image-* Breaks on s390-tools (<< 2.3.0-0ubuntu3)
  * linux-image-4.15.0-20-generic install after upgrade from xenial breaks
    (LP: #1767133)
    - Packaging: Depends on linux-base that provides the necessary tools
  * linux-image packages need to Breaks flash-kernel << 3.90ubuntu2
    (LP: #1766629)
    - linux-image-* breaks on flash-kernel (<< 3.90ubuntu2)

 -- Timo Aaltonen <email address hidden>  Thu, 10 May 2018 11:53:22 +0300
Deleted in xenial-proposed on 2018-05-30 (Reason: NBS)
linux-oem (4.13.0-1027.30) xenial; urgency=medium

  * linux-oem: 4.13.0-1027.30 -proposed tracker (LP: #1769996)

  * set PINCFG_HEADSET_MIC to parse_flags for Dell precision 3630 (LP: #1766398)
    - ALSA: hda/realtek - set PINCFG_HEADSET_MIC to parse_flags

  * Change the location for one of two front mics on a lenovo thinkcentre
    machine (LP: #1766477)
    - ALSA: hda/realtek - adjust the location of one mic

  * Update btusb reset-resume quirk to decrease power usage (LP: #1766197)
    - SAUCE: Revert "usb: quirks: Add reset-resume quirk for Dell DW1820 QCA Rome
      Bluetooth"
    - Bluetooth: btusb: Use DMI matching for QCA reset_resume quirking
    - Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table
    - Bluetooth: btusb: Add Dell OptiPlex 3060 to btusb_needs_reset_resume_table

  * Update Aquantia driver to fix various issues (LP: #1759303)
    - SAUCE: Revert "net: aquantia: Reset nic statistics on interface up/down"
    - SAUCE: Revert "net: aquantia: Add queue restarts stats counter"
    - SAUCE: Revert "net: aquantia: Fixed transient link up/down/up notification"
    - SAUCE: Revert "net: aquantia: Limit number of MSIX irqs to the number of
      cpus"
    - SAUCE: Revert "net: aquantia: mmio unmap was not performed on driver
      removal"
    - SAUCE: Revert "net: aquantia: Enable coalescing management via ethtool
      interface"
    - SAUCE: Revert "net: aquantia: Reset nic statistics on interface up/down"
    - SAUCE: Revert "aquantia: Fix Tx queue hangups"
    - SAUCE: Revert "net: aquantia: Bad udp rate on default interrupt coalescing"
    - aquantia: Switch to use napi_gro_receive
    - aquantia: Setup max_mtu in ndev to enable jumbo frames
    - aquantia: Fix Tx queue hangups
    - aquantia: Fix transient invalid link down/up indications
    - atlantic: fix iommu errors
    - net: aquantia: Reset nic statistics on interface up/down
    - net: aquantia: Add queue restarts stats counter
    - net: aquantia: Fixed transient link up/down/up notification
    - net: aquantia: Limit number of MSIX irqs to the number of cpus
    - net: aquantia: mmio unmap was not performed on driver removal
    - net: aquantia: Enable coalescing management via ethtool interface
    - net: aquantia: Bad udp rate on default interrupt coalescing
    - net: aquantia: Fix actual speed capabilities reporting
    - net: aquantia: Fix hardware DMA stream overload on large MRRS
    - net: aquantia: Extend stat counters to 64bit values
    - net: aquantia: Fill ndev stat couters from hardware
    - net: aquantia: Fill in multicast counter in ndev stats from hardware
    - net: aquantia: Improve link state and statistics check interval callback
    - net: aquantia: Update hw counters on hw init
    - net: aquantia: Fix typo in ethtool statistics names
    - net: aquantia: Increment driver version
    - net: aquantia: Eliminate AQ_DIMOF, replace with ARRAY_SIZE
    - net: aquantia: Cleanup status flags accesses
    - net: aquantia: Cleanup hardware access modules
    - net: aquantia: Remove duplicate hardware descriptors declarations
    - net: aquantia: Add const qualifiers for hardware ops tables
    - net: aquantia: Simplify dependencies between pci modules
    - net: aquantia: Eliminate aq_nic structure abstraction
    - net: aquantia: Fix register definitions to linux style
    - net: aquantia: Prepend hw access functions declarations with prefix
    - net: aquantia: Fix internal stats calculation on rx
    - net: aquantia: Introduce new device ids and constants
    - net: aquantia: Introduce new AQC devices and capabilities
    - net: aquantia: Convert hw and caps structures to const static pointers
    - net: aquantia: Cleanup pci functions module
    - net: aquantia: Remove create/destroy from hw ops
    - net: aquantia: Change confusing no_ff_addr to more meaningful name
    - net: aquantia: Introduce firmware ops callbacks
    - net: aquantia: Introduce support for new firmware on AQC cards
    - net: aquantia: Introduce global AQC hardware reset sequence
    - net: aquantia: Report correct mediatype via ethtool
    - net: aquantia: bump driver version to match aquantia internal numbering
    - net: aquantia: Fix hardware reset when SPI may rarely hangup
    - net: aquantia: Fix a regression with reset on old firmware
    - net: aquantia: Change inefficient wait loop on fw data reads
    - net: aquantia: Add tx clean budget and valid budget handling logic
    - net: aquantia: Allow live mac address changes
    - net: aquantia: Implement pci shutdown callback
    - net: aquantia: driver version bump

  * Fix an issue that some PCI devices get incorrectly suspended (LP: #1764684)
    - SAUCE: PCI / PM: Always check PME wakeup capability for runtime wakeup
      support

  * Miscellaneous Ubuntu changes
    - Rebase to 4.13.0-42.47

  [ Ubuntu: 4.13.0-42.47 ]

  * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993)
  * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850)
    - arm64: fix CONFIG_DEBUG_WX address reporting
  * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977)
    - net: hns: Avoid action name truncation
  * CVE-2017-18208
    - mm/madvise.c: fix madvise() infinite loop under special circumstances
  * CVE-2018-8822
    - staging: ncpfs: memory corruption in ncp_read_kernel()
  * CVE-2017-18203
    - dm: fix race between dm_get_from_kobject() and __dm_destroy()
  * CVE-2017-17449
    - netlink: Add netns check on taps
  * CVE-2017-17975
    - media: usbtv: prevent double free in error case
  * [8086:3e92] display becomes blank after S3 (LP: #1763271)
    - drm/i915/edp: Allow alternate fixed mode for eDP if available.
    - drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp
    - drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp
    - drm/i915/edp: Do not do link training fallback or prune modes on EDP
  * sky2 gigabit ethernet driver sometimes stops working after lid-open resume
    from sleep (88E8055) (LP: #1758507)
    - sky2: Increase D3 delay to sky2 stops working after suspend
  * perf vendor events arm64: Enable JSON events for ThunderX2 B0 (LP: #1760712)
    - perf vendor events arm64: Enable JSON events for ThunderX2 B0
  * No network with e1000e driver on 4.13.0-38-generic (LP: #1762693)
    - e1000e: Fix e1000_check_for_copper_link_ich8lan return value.
  * /dev/ipmi enumeration flaky on Cavium Sabre nodes (LP: #1762812)
    - i2c: xlp9xx: return ENXIO on slave address NACK
    - i2c: xlp9xx: Handle transactions with I2C_M_RECV_LEN properly
    - i2c: xlp9xx: Check for Bus state before every transfer
    - i2c: xlp9xx: Handle NACK on DATA properly
  * "ip a" command on a guest VM shows UNKNOWN status (LP: #1761534)
    - virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS
  * fix regression in mm/hotplug, allows NVIDIA driver to work (LP: #1761104)
    - SAUCE: Fix revert "mm, memory_hotplug: do not associate hotadded memory to
      zones until online"
  * ibrs/ibpb fixes result in excessive kernel logging  (LP: #1755627)
    - SAUCE: remove ibrs_dump sysctl interface

  [ Ubuntu: 4.13.0-41.46 ]

  * CVE-2018-8897
    - x86/entry/64: Don't use IST entry for #BP stack
  * CVE-2018-1087
    - kvm/x86: fix icebp instruction handling
  * CVE-2018-1000199
    - perf/hwbp: Simplify the perf-hwbp code, fix documentation

 -- Timo Aaltonen <email address hidden>  Wed, 09 May 2018 16:15:50 +0300
Superseded in xenial-security on 2018-05-22
Superseded in xenial-updates on 2018-05-22
Deleted in xenial-proposed (Reason: moved to -updates)
linux-oem (4.13.0-1026.29) xenial; urgency=medium

  [ Ubuntu: 4.13.0-41.46 ]

  * CVE-2018-8897
    - x86/entry/64: Don't use IST entry for #BP stack
  * CVE-2018-1087
    - kvm/x86: fix icebp instruction handling
  * CVE-2018-1000199
    - perf/hwbp: Simplify the perf-hwbp code, fix documentation

 -- Kleber Sacilotto de Souza <email address hidden>  Fri, 04 May 2018 10:59:20 +0200
Deleted in xenial-proposed on 2018-05-11 (Reason: NBS)
linux-oem (4.13.0-1025.28) xenial; urgency=medium

  * linux-oem: 4.13.0-1025.28 -proposed tracker (LP: #1766599)

  * set PINCFG_HEADSET_MIC to parse_flags for Dell precision 3630 (LP: #1766398)
    - ALSA: hda/realtek - set PINCFG_HEADSET_MIC to parse_flags

  * Chang the location for one of two front mics on a lenovo thinkcentre machine
    (LP: #1766477)
    - ALSA: hda/realtek - adjust the location of one mic

  * Update btusb reset-resume quirk to decrease power usage (LP: #1766197)
    - SAUCE: Revert "usb: quirks: Add reset-resume quirk for Dell DW1820 QCA Rome
      Bluetooth"
    - Bluetooth: btusb: Use DMI matching for QCA reset_resume quirking
    - Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table
    - Bluetooth: btusb: Add Dell OptiPlex 3060 to btusb_needs_reset_resume_table

  * Update Aquantia driver to fix various issues (LP: #1759303)
    - SAUCE: Revert "net: aquantia: Reset nic statistics on interface up/down"
    - SAUCE: Revert "net: aquantia: Add queue restarts stats counter"
    - SAUCE: Revert "net: aquantia: Fixed transient link up/down/up notification"
    - SAUCE: Revert "net: aquantia: Limit number of MSIX irqs to the number of
      cpus"
    - SAUCE: Revert "net: aquantia: mmio unmap was not performed on driver
      removal"
    - SAUCE: Revert "net: aquantia: Enable coalescing management via ethtool
      interface"
    - SAUCE: Revert "net: aquantia: Reset nic statistics on interface up/down"
    - SAUCE: Revert "aquantia: Fix Tx queue hangups"
    - SAUCE: Revert "net: aquantia: Bad udp rate on default interrupt coalescing"
    - aquantia: Switch to use napi_gro_receive
    - aquantia: Setup max_mtu in ndev to enable jumbo frames
    - aquantia: Fix Tx queue hangups
    - aquantia: Fix transient invalid link down/up indications
    - atlantic: fix iommu errors
    - net: aquantia: Reset nic statistics on interface up/down
    - net: aquantia: Add queue restarts stats counter
    - net: aquantia: Fixed transient link up/down/up notification
    - net: aquantia: Limit number of MSIX irqs to the number of cpus
    - net: aquantia: mmio unmap was not performed on driver removal
    - net: aquantia: Enable coalescing management via ethtool interface
    - net: aquantia: Bad udp rate on default interrupt coalescing
    - net: aquantia: Fix actual speed capabilities reporting
    - net: aquantia: Fix hardware DMA stream overload on large MRRS
    - net: aquantia: Extend stat counters to 64bit values
    - net: aquantia: Fill ndev stat couters from hardware
    - net: aquantia: Fill in multicast counter in ndev stats from hardware
    - net: aquantia: Improve link state and statistics check interval callback
    - net: aquantia: Update hw counters on hw init
    - net: aquantia: Fix typo in ethtool statistics names
    - net: aquantia: Increment driver version
    - net: aquantia: Eliminate AQ_DIMOF, replace with ARRAY_SIZE
    - net: aquantia: Cleanup status flags accesses
    - net: aquantia: Cleanup hardware access modules
    - net: aquantia: Remove duplicate hardware descriptors declarations
    - net: aquantia: Add const qualifiers for hardware ops tables
    - net: aquantia: Simplify dependencies between pci modules
    - net: aquantia: Eliminate aq_nic structure abstraction
    - net: aquantia: Fix register definitions to linux style
    - net: aquantia: Prepend hw access functions declarations with prefix
    - net: aquantia: Fix internal stats calculation on rx
    - net: aquantia: Introduce new device ids and constants
    - net: aquantia: Introduce new AQC devices and capabilities
    - net: aquantia: Convert hw and caps structures to const static pointers
    - net: aquantia: Cleanup pci functions module
    - net: aquantia: Remove create/destroy from hw ops
    - net: aquantia: Change confusing no_ff_addr to more meaningful name
    - net: aquantia: Introduce firmware ops callbacks
    - net: aquantia: Introduce support for new firmware on AQC cards
    - net: aquantia: Introduce global AQC hardware reset sequence
    - net: aquantia: Report correct mediatype via ethtool
    - net: aquantia: bump driver version to match aquantia internal numbering
    - net: aquantia: Fix hardware reset when SPI may rarely hangup
    - net: aquantia: Fix a regression with reset on old firmware
    - net: aquantia: Change inefficient wait loop on fw data reads
    - net: aquantia: Add tx clean budget and valid budget handling logic
    - net: aquantia: Allow live mac address changes
    - net: aquantia: Implement pci shutdown callback
    - net: aquantia: driver version bump

  * Fix an issue that some PCI devices get incorrectly suspended (LP: #1764684)
    - SAUCE: PCI / PM: Always check PME wakeup capability for runtime wakeup
      support

  * Miscellaneous Ubuntu changes
    - Rebase to 4.13.0-40.45

  [ Ubuntu: 4.13.0-40.45 ]

  * linux: 4.13.0-40.45 -proposed tracker (LP: #1766592)
  * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850)
    - arm64: fix CONFIG_DEBUG_WX address reporting
  * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977)
    - net: hns: Avoid action name truncation
  * CVE-2017-18208
    - mm/madvise.c: fix madvise() infinite loop under special circumstances
  * CVE-2018-8822
    - staging: ncpfs: memory corruption in ncp_read_kernel()
  * CVE-2017-18203
    - dm: fix race between dm_get_from_kobject() and __dm_destroy()
  * CVE-2017-17449
    - netlink: Add netns check on taps
  * CVE-2017-17975
    - media: usbtv: prevent double free in error case
  * [8086:3e92] display becomes blank after S3 (LP: #1763271)
    - drm/i915/edp: Allow alternate fixed mode for eDP if available.
    - drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp
    - drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp
    - drm/i915/edp: Do not do link training fallback or prune modes on EDP
  * sky2 gigabit ethernet driver sometimes stops working after lid-open resume
    from sleep (88E8055) (LP: #1758507)
    - sky2: Increase D3 delay to sky2 stops working after suspend
  * perf vendor events arm64: Enable JSON events for ThunderX2 B0 (LP: #1760712)
    - perf vendor events arm64: Enable JSON events for ThunderX2 B0
  * No network with e1000e driver on 4.13.0-38-generic (LP: #1762693)
    - e1000e: Fix e1000_check_for_copper_link_ich8lan return value.
  * /dev/ipmi enumeration flaky on Cavium Sabre nodes (LP: #1762812)
    - i2c: xlp9xx: return ENXIO on slave address NACK
    - i2c: xlp9xx: Handle transactions with I2C_M_RECV_LEN properly
    - i2c: xlp9xx: Check for Bus state before every transfer
    - i2c: xlp9xx: Handle NACK on DATA properly
  * "ip a" command on a guest VM shows UNKNOWN status (LP: #1761534)
    - virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS
  * fix regression in mm/hotplug, allows NVIDIA driver to work (LP: #1761104)
    - SAUCE: Fix revert "mm, memory_hotplug: do not associate hotadded memory to
      zones until online"
  * ibrs/ibpb fixes result in excessive kernel logging  (LP: #1755627)
    - SAUCE: remove ibrs_dump sysctl interface

 -- Timo Aaltonen <email address hidden>  Thu, 26 Apr 2018 11:27:11 +0300

Available diffs

Superseded in cosmic-release on 2018-05-24
Published in bionic-release on 2018-04-26
Deleted in bionic-proposed (Reason: moved to release)
Superseded in bionic-proposed on 2018-04-25
linux-oem (4.15.0-1004.5) bionic; urgency=medium

  * linux-oem: 4.15.0-1004.5 -proposed tracker (LP: #1766454)

  * Miscellaneous Ubuntu changes
    - [Packaging/OEM] update to Debian like control scripts.
    - [Packaging] signing -- sync changes from debian.master
    - [Config] Skip retpoline still
    - Rebase to 4.15.0-20.21
    - [Config] update configs following rebase to 4.15.0-20.21

  [ Ubuntu: 4.15.0-20.21 ]

  * linux: 4.15.0-20.21 -proposed tracker (LP: #1766452)
  * package shim-signed (not installed) failed to install/upgrade: installed
    shim-signed package post-installation script subprocess returned error exit
    status 5 (LP: #1766391)
    - [Packaging] fix invocation of header postinst hooks

  [ Ubuntu: 4.15.0-19.20 ]

  * linux: 4.15.0-19.20 -proposed tracker (LP: #1766021)
  * Kernel 4.15.0-15 breaks Dell PowerEdge 12th Gen servers (LP: #1765232)
    - Revert "blk-mq: simplify queue mapping & schedule with each possisble CPU"
    - Revert "genirq/affinity: assign vectors to all possible CPUs"

  [ Ubuntu: 4.15.0-18.19 ]

  * linux: 4.15.0-18.19 -proposed tracker (LP: #1765490)
  * [regression] Ubuntu 18.04:[4.15.0-17-generic #18] KVM Guest Kernel:
    meltdown: rfi/fallback displacement flush not enabled bydefault (kvm)
    (LP: #1765429)
    - powerpc/pseries: Fix clearing of security feature flags
  * signing: only install a signed kernel (LP: #1764794)
    - [Packaging] update to Debian like control scripts
    - [Packaging] switch to triggers for postinst.d postrm.d handling
    - [Packaging] signing -- switch to raw-signing tarballs
    - [Packaging] signing -- switch to linux-image as signed when available
    - [Config] signing -- enable Opal signing for ppc64el
    - [Packaging] printenv -- add signing options
  * [18.04 FEAT] Sign POWER host/NV kernels (LP: #1696154)
    - [Packaging] signing -- add support for signing Opal kernel binaries
  * Please cherrypick s390 unwind fix (LP: #1765083)
    - s390/compat: fix setup_frame32
  * Ubuntu 18.04 installer does not detect any IPR based HDD/RAID array [S822L]
    [ipr] (LP: #1751813)
    - d-i: move ipr to storage-core-modules on ppc64el
  * drivers/gpu/drm/bridge/adv7511/adv7511.ko missing (LP: #1764816)
    - SAUCE: (no-up) rename the adv7511 drm driver to adv7511_drm
  * Miscellaneous Ubuntu changes
    - [Packaging] Add linux-oem to rebuild test blacklist.

Superseded in xenial-security on 2018-05-08
Superseded in xenial-updates on 2018-05-08
Deleted in xenial-proposed (Reason: moved to -updates)
linux-oem (4.13.0-1024.27) xenial; urgency=medium

  * linux-oem: 4.13.0-1024.27 -proposed tracker (LP: #1763296)

  * [8086:3e92] display becomes blank after S3 (LP: #1763271)
    - drm/i915/edp: Allow alternate fixed mode for eDP if available.
    - drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp
    - drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp
    - drm/i915/edp: Do not do link training fallback or prune modes on EDP

  * No network with e1000e driver on 4.13.0-38-generic (LP: #1762693)
    - e1000e: Fix e1000_check_for_copper_link_ich8lan return value.

Superseded in bionic-release on 2018-04-26
Superseded in bionic-release on 2018-04-25
Deleted in bionic-proposed on 2018-04-27 (Reason: moved to release)
linux-oem (4.15.0-1002.3) bionic; urgency=medium

  * linux-oem: 4.15.0-1002.3 -proposed tracker (LP: #1762924)

  * Fix line-out port noise on Baytrail-I with RT5660 based sound card
    (LP: #1675327)
    - SAUCE: (no-up): ASoC: Intel: bytcr-rt5660: fix frame polarity

  * Miscellaneous Ubuntu changes
    - Rebase to 4.15.0-15.16

  [ Ubuntu: 4.15.0-15.16 ]

  * linux: 4.15.0-15.16 -proposed tracker (LP: #1761177)
  * FFe: Enable configuring resume offset via sysfs (LP: #1760106)
    - PM / hibernate: Make passing hibernate offsets more friendly
  * /dev/bcache/by-uuid links not created after reboot (LP: #1729145)
    - SAUCE: (no-up) bcache: decouple emitting a cached_dev CHANGE uevent
  * Ubuntu18.04:POWER9:DD2.2 - Unable to start a KVM guest with default machine
    type(pseries-bionic) complaining "KVM implementation does not support
    Transactional Memory, try cap-htm=off" (kvm) (LP: #1752026)
    - powerpc: Use feature bit for RTC presence rather than timebase presence
    - powerpc: Book E: Remove unused CPU_FTR_L2CSR bit
    - powerpc: Free up CPU feature bits on 64-bit machines
    - powerpc: Add CPU feature bits for TM bug workarounds on POWER9 v2.2
    - powerpc/powernv: Provide a way to force a core into SMT4 mode
    - KVM: PPC: Book3S HV: Work around transactional memory bugs in POWER9
    - KVM: PPC: Book3S HV: Work around XER[SO] bug in fake suspend mode
    - KVM: PPC: Book3S HV: Work around TEXASR bug in fake suspend state
  * Important Kernel fixes to be backported for Power9 (kvm) (LP: #1758910)
    - powerpc/mm: Fixup tlbie vs store ordering issue on POWER9
  * Ubuntu 18.04 - IO Hang on some namespaces when running HTX with 16
    namespaces  (Bolt / NVMe) (LP: #1757497)
    - powerpc/64s: Fix lost pending interrupt due to race causing lost update to
      irq_happened
  * fwts-efi-runtime-dkms 18.03.00-0ubuntu1: fwts-efi-runtime-dkms kernel module
    failed to build (LP: #1760876)
    - [Packaging] include the retpoline extractor in the headers

 -- Timo Aaltonen <email address hidden>  Wed, 11 Apr 2018 09:36:30 +0300
Deleted in xenial-proposed on 2018-04-16 (Reason: NBS)
linux-oem (4.13.0-1023.25) xenial; urgency=medium

  * linux-oem: 4.13.0-1023.25 -proposed tracker (LP: #1761464)

  * Fix Runtime PM for r8169 (LP: #1757422)
    - r8169: only enable PCI wakeups when WOL is active
    - PCI: Add pcim_set_mwi(), a device-managed pci_set_mwi()
    - r8169: switch to device-managed functions in probe
    - r8169: remove netif_napi_del in probe error path
    - r8169: remove unneeded rpm ops in rtl_shutdown
    - r8169: improve runtime pm in rtl8169_check_link_status
    - r8169: improve runtime pm in general and suspend unused ports

  * Ryzen/Raven Ridge USB ports do not work (LP: #1756700)
    - xhci: Fix front USB ports on ASUS PRIME B350M-A
    - SAUCE: xhci: Fix USB ports for Dell Inspiron 5775

  * Miscellaneous Ubuntu changes
    - Rebase to 4.13.0-39.44

  [ Ubuntu: 4.13.0-39.44 ]

  * linux: 4.13.0-39.44 -proposed tracker (LP: #1761456)
  * intel-microcode 3.20180312.0 causes lockup at login screen(w/ linux-
    image-4.13.0-37-generic) (LP: #1759920) // CVE-2017-5715 (Spectre v2
    Intel) // CVE-2017-5754
    - x86/mm: Reinitialize TLB state on hotplug and resume
  * intel-microcode 3.20180312.0 causes lockup at login screen(w/ linux-
    image-4.13.0-37-generic) (LP: #1759920) // CVE-2017-5715 (Spectre v2 Intel)
    - Revert "x86/mm: Only set IBPB when the new thread cannot ptrace current
      thread"
    - x86/speculation: Use Indirect Branch Prediction Barrier in context switch
  * DKMS driver builds fail with: Cannot use CONFIG_STACK_VALIDATION=y, please
    install libelf-dev, libelf-devel or elfutils-libelf-devel (LP: #1760876)
    - [Packaging] include the retpoline extractor in the headers
  * retpoline hints: primary infrastructure and initial hints (LP: #1758856)
    - [Packaging] retpoline-extract: flag *0xNNN(%reg) branches
    - x86/speculation, objtool: Annotate indirect calls/jumps for objtool
    - x86/speculation, objtool: Annotate indirect calls/jumps for objtool on 32bit
    - x86/paravirt, objtool: Annotate indirect calls
    - [Packaging] retpoline -- add safe usage hint support
    - [Packaging] retpoline-check -- only report additions
    - [Packaging] retpoline -- widen indirect call/jmp detection
    - [Packaging] retpoline -- elide %rip relative indirections
    - [Packaging] retpoline -- clear hint information from packages
    - KVM: x86: Make indirect calls in emulator speculation safe
    - KVM: VMX: Make indirect call speculation safe
    - x86/boot, objtool: Annotate indirect jump in secondary_startup_64()
    - SAUCE: early/late -- annotate indirect calls in early/late initialisation
      code
    - SAUCE: vga_set_mode -- avoid jump tables
    - [Config] retpoline -- switch to new format
    - [Packaging] retpoline hints -- handle missing files when RETPOLINE not
      enabled
    - [Packaging] final-checks -- remove check for empty retpoline files
  * retpoline: ignore %cs:0xNNN constant indirections (LP: #1752655)
    - [Packaging] retpoline -- elide %cs:0xNNNN constants on i386
  * zfs system process hung on container stop/delete (LP: #1754584)
    - SAUCE: Fix non-prefaulted page deadlock (LP: #1754584)
  * zfs-linux 0.6.5.11-1ubuntu5 ADT test failure with linux 4.15.0-1.2
    (LP: #1737761)
    - SAUCE: (noup) Update zfs to 0.6.5.11-1ubuntu3.2
  * AT_BASE_PLATFORM in AUXV is absent on kernels available on Ubuntu 17.10
    (LP: #1759312)
    - powerpc/64s: Fix NULL AT_BASE_PLATFORM when using DT CPU features
  * btrfs and tar sparse truncate archives (LP: #1757565)
    - Btrfs: move definition of the function btrfs_find_new_delalloc_bytes
    - Btrfs: fix reported number of inode blocks after buffered append writes
  * efifb broken on ThunderX-based Gigabyte nodes (LP: #1758375)
    - drivers/fbdev/efifb: Allow BAR to be moved instead of claiming it
  * Intel i40e PF reset due to incorrect MDD detection (continues...)
    (LP: #1723127)
    - i40e/i40evf: Account for frags split over multiple descriptors in check
      linearize
  * Fix an issue that when system in S3, USB keyboard can't wake up the system.
    (LP: #1759511)
    - ACPI / PM: Allow deeper wakeup power states with no _SxD nor _SxW
  * [8086:3e92] display becomes blank after S3 (LP: #1759188)
    - drm/i915: Apply Display WA #1183 on skl, kbl, and cfl
  * add audio kernel patches for Raven (LP: #1758364)
    - ALSA: hda: Add Raven PCI ID
    - ALSA: hda/realtek - Fix ALC700 family no sound issue
  * Cpu utilization showing system time for kvm guests (performance) (sysstat)
    (LP: #1755979)
    - KVM: PPC: Book3S HV: Fix guest time accounting with VIRT_CPU_ACCOUNTING_GEN
  * Kernel panic on a nfsroot system (LP: #1734327)
    - Revert "UBUNTU: SAUCE: LSM stacking: add stacking support to apparmor
      network hooks"
    - Revert "UBUNTU: SAUCE: LSM stacking: LSM: Infrastructure management of the
      remaining blobs"
  * can't record sound via front headset port on the Dell Precision 3630
    (LP: #1759088)
    - ALSA: hda/realtek - Fix Dell headset Mic can't record
  * speaker can't output sound anymore after system resumes from S3 on a lenovo
    machine with alc257 (LP: #1758829)
    - ALSA: hda/realtek - Fix speaker no sound after system resume
  * hda driver initialization takes too much time on the machine with coffeelake
    audio controller [8086:a348] (LP: #1758800)
    - ALSA: hda - Force polling mode on CFL for fixing codec communication
  * Let headset-mode initialization be called on Dell Precision 3930
    (LP: #1757584)
    - ALSA: hda/realtek - Add headset mode support for Dell laptop
  * ubuntu_zram_smoke test will cause soft lockup on Artful ThunderX ARM64
    (LP: #1755073)
    - SAUCE: crypto: thunderx_zip: Fix fallout from CONFIG_VMAP_STACK
  * [Hyper-V] include kvp fix for Avoid reading past allocated blocks from KVP
    file (LP: #1750349)
    - hv: kvp: Avoid reading past allocated blocks from KVP file
  * IMA policy parsing is broken in 4.13 (LP: #1755804)
    - ima/policy: fix parsing of fsuuid
  * external mic not work on Dell OptiPlex 7460 AIO (LP: #1755954)
    - ALSA: hda/realtek - Add headset mode support for Dell laptop
  * sbsa watchdog crashes thunderx2 system (LP: #1755595)
    - watchdog: sbsa: use 32-bit read for WCV
  * CVE-2018-8043
    - net: phy: mdio-bcm-unimac: fix potential NULL dereference in
      unimac_mdio_probe()

 -- Timo Aaltonen <email address hidden>  Thu, 05 Apr 2018 18:46:41 +0300

Available diffs

Superseded in xenial-security on 2018-04-23
Superseded in xenial-updates on 2018-04-23
Deleted in xenial-proposed (Reason: NBS)
linux-oem (4.13.0-1022.24) xenial; urgency=medium

  * linux-oem: 4.13.0-1022.24 -proposed tracker (LP: #1755774)

  * external mic not work on Dell OptiPlex 7460 AIO (LP: #1755954)
    - ALSA: hda/realtek - Add headset mode support for Dell laptop

  * Display screen blinks on black screen periodically on some wyse system
    (LP: #1754216)
    - drm/i915/glk, cnl: Implement WaDisableScalarClockGating

  * CFL systems are not responsive to TB16 DP/HDMI (un)plugging event.
    (LP: #1755705)
    - drm/i915/gen9+: Add 10 us delay after power well 1/AUX IO pw disabling
    - drm/i915/skl: Don't disable misc IO power well during display uninit
    - drm/i915/bxt, glk: Fix assert on conditions for DC9 enabling
    - drm/i915/gen9+: Don't remove secondary power well requests
    - drm/i915/cnl: Fix comment about AUX IO power well enable/disable

  * Remove ubuntu/usb-cv (LP: #1749412)
    - SAUCE: Remove ubuntu/usb-cv

  * mwifiex cannot connect to wifi AP when keeping wireless connection idle for
    more than 60 seconds (LP: #1725154)
    - SAUCE: Revert "cfg80211: workaround for mwifiex"

  *  Add support for Realtek WiFi device [10ec:b822] (LP: #1745081)
    - SAUCE: RTL8822BE: Import RTL8822BE driver
    - SAUCE: RTL8822BE: Fix compiling error on oem kernel
    - SAUCE: RTL8822BE: Don't block disconnect event if kernel >= 4.2
    - SAUCE: RTL8822BE: Fix FW IQK failed when mp_start
    - SAUCE: RTL8822BE: Add ubuntu/rtl8822be into build script
    - SAUCE: RTL8822BE: Adjust the building dir

  * Miscellaneous Ubuntu changes
    - Rebase to 4.13.0-38.43
    - [Config] Ignore usb-cv module
    - [Config] Ignore retpoline

  [ Ubuntu: 4.13.0-38.43 ]

  * linux: 4.13.0-38.43 -proposed tracker (LP: #1755762)
  * Servers going OOM after updating kernel from 4.10 to 4.13 (LP: #1748408)
    - i40e: Fix memory leak related filter programming status
    - i40e: Add programming descriptors to cleaned_count
  * [SRU] Lenovo E41 Mic mute hotkey is not responding (LP: #1753347)
    - platform/x86: ideapad-laptop: Increase timeout to wait for EC answer
  * fails to dump with latest kpti fixes (LP: #1750021)
    - kdump: write correct address of mem_section into vmcoreinfo
  * headset mic can't be detected on two Dell machines (LP: #1748807)
    - ALSA: hda/realtek - Support headset mode for ALC215/ALC285/ALC289
    - ALSA: hda - Fix headset mic detection problem for two Dell machines
    - ALSA: hda - Fix a wrong FIXUP for alc289 on Dell machines
  * CIFS SMB2/SMB3 does not work for domain based DFS (LP: #1747572)
    - CIFS: make IPC a regular tcon
    - CIFS: use tcon_ipc instead of use_ipc parameter of SMB2_ioctl
    - CIFS: dump IPC tcon in debug proc file
  * i2c-thunderx: erroneous error message "unhandled state: 0" (LP: #1754076)
    - i2c: octeon: Prevent error message on bus error
  * hisi_sas: Add disk LED support (LP: #1752695)
    - scsi: hisi_sas: directly attached disk LED feature for v2 hw
  * EDAC, sb_edac: Backport 1 patch to Ubuntu 17.10 (Fix missing DIMM sysfs
    entries with KNL SNC2/SNC4 mode) (LP: #1743856)
    - EDAC, sb_edac: Fix missing DIMM sysfs entries with KNL SNC2/SNC4 mode
  * [regression] Colour banding and artefacts appear system-wide on an Asus
    Zenbook UX303LA with Intel HD 4400 graphics (LP: #1749420)
    - drm/edid: Add 6 bpc quirk for CPT panel in Asus UX303LA
  * DVB Card with SAA7146 chipset not working (LP: #1742316)
    - vmalloc: fix __GFP_HIGHMEM usage for vmalloc_32 on 32b systems
  * [Asus UX360UA] battery status in unity-panel is not changing when battery is
    being charged (LP: #1661876) // AC adapter status not detected on Asus
    ZenBook UX410UAK (LP: #1745032)
    - ACPI / battery: Add quirk for Asus UX360UA and UX410UAK
  * ASUS UX305LA - Battery state not detected correctly (LP: #1482390)
    - ACPI / battery: Add quirk for Asus GL502VSK and UX305LA
  * support thunderx2 vendor pmu events (LP: #1747523)
    - perf pmu: Extract function to get JSON alias map
    - perf pmu: Pass pmu as a parameter to get_cpuid_str()
    - perf tools arm64: Add support for get_cpuid_str function.
    - perf pmu: Add helper function is_pmu_core to detect PMU CORE devices
    - perf vendor events arm64: Add ThunderX2 implementation defined pmu core
      events
    - perf pmu: Add check for valid cpuid in perf_pmu__find_map()
  * lpfc.ko module doesn't work (LP: #1746970)
    - scsi: lpfc: Fix loop mode target discovery
  * Ubuntu 17.10 crashes on vmalloc.c (LP: #1739498)
    - powerpc/mm/book3s64: Make KERN_IO_START a variable
    - powerpc/mm/slb: Move comment next to the code it's referring to
    - powerpc/mm/hash64: Make vmalloc 56T on hash
  * ethtool -p fails to light NIC LED on HiSilicon D05 systems (LP: #1748567)
    - net: hns: add ACPI mode support for ethtool -p
  * CVE-2017-17807
    - KEYS: add missing permission check for request_key() destination
  * [Artful SRU] Fix capsule update regression (LP: #1746019)
    - efi/capsule-loader: Reinstate virtual capsule mapping
  * [Artful/Bionic] [Config] enable EDAC_GHES for ARM64 (LP: #1747746)
    - Ubuntu: [Config] enable EDAC_GHES for ARM64
  * linux-tools: perf incorrectly linking libbfd (LP: #1748922)
    - SAUCE: tools -- add ability to disable libbfd
    - [Packaging] correct disablement of libbfd
  * Cherry pick c96f5471ce7d for delayacct fix (LP: #1747769)
    - delayacct: Account blkio completion on the correct task
  * Error in CPU frequency reporting when nominal and min pstates are same
    (cpufreq) (LP: #1746174)
    - cpufreq: powernv: Dont assume distinct pstate values for nominal and pmin
  * retpoline abi files are empty on i386 (LP: #1751021)
    - [Packaging] retpoline-extract -- instantiate retpoline files for i386
    - [Packaging] final-checks -- sanity checking ABI contents
    - [Packaging] final-checks -- check for empty retpoline files
  * [P9,Power NV][WSP][Ubuntu 1804] : "Kernel access of bad area " when grouping
    different pmu events using perf fuzzer . (perf:) (LP: #1746225)
    - powerpc/perf: Fix oops when grouping different pmu events
  * bnx2x_attn_int_deasserted3:4323 MC assert! (LP: #1715519) //
    CVE-2018-1000026
    - net: create skb_gso_validate_mac_len()
    - bnx2x: disable GSO where gso_size is too big for hardware
  * Ubuntu16.04.03: ISAv3 initialize MMU registers before setting partition
    table (LP: #1736145)
    - powerpc/64s: Initialize ISAv3 MMU registers before setting partition table
  * powerpc/powernv: Flush console before platform error reboot (LP: #1735159)
    - powerpc/powernv: Flush console before platform error reboot
  * Touchpad stops working after a few seconds in Lenovo ideapad 320
    (LP: #1732056)
    - pinctrl/amd: fix masking of GPIO interrupts
  * [Artful][Wyse 3040] System hang when trying to enable an offlined CPU core
    (LP: #1736393)
    - SAUCE: drm/i915:Don't set chip specific data
    - SAUCE: drm/i915: make previous commit affects Wyse 3040 only
  * ppc64el: Do not call ibm,os-term on panic (LP: #1736954)
    - powerpc: Do not call ppc_md.panic in fadump panic notifier
  * Artful update to 4.13.16 stable release (LP: #1744213)
    - tcp_nv: fix division by zero in tcpnv_acked()
    - net: vrf: correct FRA_L3MDEV encode type
    - tcp: do not mangle skb->cb[] in tcp_make_synack()
    - net: systemport: Correct IPG length settings
    - netfilter/ipvs: clear ipvs_property flag when SKB net namespace changed
    - l2tp: don't use l2tp_tunnel_find() in l2tp_ip and l2tp_ip6
    - bonding: discard lowest hash bit for 802.3ad layer3+4
    - net: cdc_ether: fix divide by 0 on bad descriptors
    - net: qmi_wwan: fix divide by 0 on bad descriptors
    - qmi_wwan: Add missing skb_reset_mac_header-call
    - net: usb: asix: fill null-ptr-deref in asix_suspend
    - tcp: gso: avoid refcount_t warning from tcp_gso_segment()
    - tcp: fix tcp_fastretrans_alert warning
    - vlan: fix a use-after-free in vlan_device_event()
    - net/mlx5: Cancel health poll before sending panic teardown command
    - net/mlx5e: Set page to null in case dma mapping fails
    - af_netlink: ensure that NLMSG_DONE never fails in dumps
    - vxlan: fix the issue that neigh proxy blocks all icmpv6 packets
    - net: cdc_ncm: GetNtbFormat endian fix
    - fealnx: Fix building error on MIPS
    - net/sctp: Always set scope_id in sctp_inet6_skb_msgname
    - ima: do not update security.ima if appraisal status is not INTEGRITY_PASS
    - serial: omap: Fix EFR write on RTS deassertion
    - serial: 8250_fintek: Fix finding base_port with activated SuperIO
    - tpm-dev-common: Reject too short writes
    - rcu: Fix up pending cbs check in rcu_prepare_for_idle
    - ocfs2: fix cluster hang after a node dies
    - ocfs2: should wait dio before inode lock in ocfs2_setattr()
    - ipmi: fix unsigned long underflow
    - mm/page_alloc.c: broken deferred calculation
    - mm/page_ext.c: check if page_ext is not prepared
    - x86/cpu/amd: Derive L3 shared_cpu_map from cpu_llc_shared_mask
    - coda: fix 'kernel memory exposure attempt' in fsync
    - Linux 4.13.16
  * Artful update to 4.13.15 stable release (LP: #1744212)
    - media: imon: Fix null-ptr-deref in imon_probe
    - media: dib0700: fix invalid dvb_detach argument
    - crypto: dh - Fix double free of ctx->p
    - crypto: dh - Don't permit 'p' to be 0
    - crypto: dh - Don't permit 'key' or 'g' size longer than 'p'
    - USB: early: Use new USB product ID and strings for DbC device
    - USB: usbfs: compute urb->actual_length for isochronous
    - USB: Add delay-init quirk for Corsair K70 LUX keyboards
    - usb: gadget: f_fs: Fix use-after-free in ffs_free_inst
    - USB: serial: metro-usb: stop I/O after failed open
    - USB: serial: Change DbC debug device binding ID
    - USB: serial: qcserial: add pid/vid for Sierra Wireless EM7355 fw update
    - USB: serial: garmin_gps: fix I/O after failed probe and remove
    - USB: serial: garmin_gps: fix memory leak on probe errors
    - x86/MCE/AMD: Always give panic severity for UC errors in kernel context
    - platform/x86: peaq-wmi: Add DMI check before binding to the WMI interface
    - platform/x86: peaq_wmi: Fix missing terminating entry for peaq_dmi_table
    - HID: cp2112: add HIDRAW dependency
    - HID: wacom: generic: Recognize WACOM_HID_WD_PEN as a type of pen collection
    - staging: wilc1000: Fix bssid buffer offset in Txq
    - staging: ccree: fix 64 bit scatter/gather DMA ops
    - staging: greybus: spilib: fix use-after-free after deregistration
    - staging: vboxvideo: Fix reporting invalid suggested-offset-properties
    - staging: rtl8188eu: Revert 4 commits breaking ARP
    - Linux 4.13.15
  * time drifting on linux-hwe kernels (LP: #1744988)
    - x86/tsc: Future-proof native_calibrate_tsc()
    - x86/tsc: Fix erroneous TSC rate on Skylake Xeon
    - x86/tsc: Print tsc_khz, when it differs from cpu_khz
  * Please backport vmd suspend/resume patches to 16.04 hwe (LP: #1745508)
    - PCI: vmd: Free up IRQs on suspend path
  * CVE-2017-17448
    - netfilter: nfnetlink_cthelper: Add missing permission checks
  * Dell XPS 13 9360 bluetooth (Atheros) won't connect after resume
    (LP: #1744712)
    - Bluetooth: btusb: Restore QCA Rome suspend/resume fix with a "rewritten"
      version
  * [SRU] TrackPoint: middle button doesn't work on TrackPoint-compatible
    device. (LP: #1746002)
    - Input: trackpoint - force 3 buttons if 0 button is reported
  * TB16 dock ethernet corrupts data with hw checksum silently failing
    (LP: #1729674)
    - r8152: disable RX aggregation on Dell TB16 dock
  * [Artful] Realtek ALC225: 2 secs noise when a headset plugged in
    (LP: #1744058)
    - Revert "UBUNTU: SAUCE: ALSA: hda/realtek - Add support headset mode for DELL
      WYSE"
    - SAUCE: ALSA: hda/realtek - Add support headset mode for DELL WYSE
    - ALSA: hda/realtek - update ALC225 depop optimize
  * [A] skb leak in vhost_net / tun / tap (LP: #1738975)
    - vhost: fix skb leak in handle_rx()
    - tap: free skb if flags error
    - tun: free skb in early errors
  * Commit d9018976cdb6 missing in Kernels <4.14.x preventing lasting fix of
    Intel SPI bug on certain serial flash (LP: #1742696)
    - mfd: lpc_ich: Do not touch SPI-NOR write protection bit on Haswell/Broadwell
    - spi-nor: intel-spi: Fix broken software sequencing codes
  * CVE-2018-5332
    - RDS: Heap OOB write in rds_message_alloc_sgs()
  * [A] KVM Windows BSOD on 4.13.x (LP: #1738972)
    - KVM: x86: fix APIC page invalidation
  * elantech touchpad of Lenovo L480/580 failed to detect hw_version
    (LP: #1733605)
    - Input: elantech - add new icbody type 15
  * [SRU] External HDMI monitor failed to show screen on Lenovo X1 series
    (LP: #1738523)
    - SAUCE: drm/i915: Disable writing of TMDS_OE on Lenovo ThinkPad X1 series
  * ubuntu/xr-usb-serial didn't get built in zesty and artful (LP: #1733281)
    - SAUCE: make sure ubuntu/xr-usb-serial builds for x86
  * Disabling zfs does not always disable module checks for the zfs modules
    (LP: #1737176)
    - [Packaging] disable zfs module checks when zfs is disabled
  * CVE-2017-17806
    - crypto: hmac - require that the underlying hash algorithm is unkeyed
  * CVE-2017-17805
    - crypto: salsa20 - fix blkcipher_walk API usage
  * CVE-2017-16994
    - mm/pagewalk.c: report holes in hugetlb ranges
  * CVE-2017-17450
    - netfilter: xt_osf: Add missing permission checks
  * apparmor profile load in stacked policy container fails (LP: #1746463)
    - SAUCE: apparmor: fix display of .ns_name for containers
  * CVE-2017-15129
    - net: Fix double free and memory corruption in get_net_ns_by_id()
  * CVE-2018-5344
    - loop: fix concurrent lo_open/lo_release
  * CVE-2017-1000407
    - KVM: VMX: remove I/O port 0x80 bypass on Intel hosts
  * CVE-2017-0861
    - ALSA: pcm: prevent UAF in snd_pcm_info
  * perf stat segfaults on uncore events w/o -a (LP: #1745246)
    - perf xyarray: Save max_x, max_y
    - perf evsel: Fix buffer overflow while freeing events
  * Support cppc-cpufreq driver on ThunderX2 systems (LP: #1745007)
    - mailbox: PCC: Move the MAX_PCC_SUBSPACES definition to header file
    - ACPI / CPPC: Make CPPC ACPI driver aware of PCC subspace IDs
    - ACPI / CPPC: Fix KASAN global out of bounds warning
    - ACPI: CPPC: remove initial assignment of pcc_ss_data
  * P-state not working in kernel 4.13 (LP: #1743269)
    - x86 / CPU: Avoid unnecessary IPIs in arch_freq_get_on_cpu()
    - x86 / CPU: Always show current CPU frequency in /proc/cpuinfo
  * Regression: KVM no longer supports Intel CPUs without Virtual NMI
    (LP: #1741655)
    - kvm: vmx: Reinstate support for CPUs without virtual NMI
  * System hang with Linux kernel due to mainline commit 24247aeeabe
    (LP: #1733662)
    - x86/intel_rdt/cqm: Prevent use after free
  * $(LOCAL_ENV_CC) and $(LOCAL_ENV_DISTCC_HOSTS) should be properly quoted
    (LP: #1744077)
    - [Debian] pass LOCAL_ENV_CC and LOCAL_ENV_DISTCC_HOSTS properly
  * the wifi driver is always hard blocked on a lenovo laptop (LP: #1743672)
    - ACPI: EC: Fix possible issues related to EC initialization order
  * text VTs are unavailable on desktop after upgrade to Ubuntu 17.10
    (LP: #1724911)
    - drm/i915/fbdev: Always forward hotplug events
  * Samsung SSD 960 EVO 500GB refused to change power state (LP: #1705748)
    - nvme-pci: disable APST on Samsung SSD 960 EVO + ASUS PRIME B350M-A
  * [0cf3:e010] QCA6174A XR failed to pair with bt 4.0 device  (LP: #1741166)
    - Bluetooth: btusb: Add support for 0cf3:e010
  * CVE-2017-17741
    - KVM: Fix stack-out-of-bounds read in write_mmio
  * CVE-2018-5333
    - RDS: null pointer dereference in rds_atomic_free_op
  * [800 G3 SFF] [800 G3 DM]External microphone of headset(3-ring) is working,
    2-ring mic not working, both not shown in sound settings  (LP: #1740974)
    - ALSA: hda - Add MIC_NO_PRESENCE fixup for 2 HP machines
  * Two front mics can't work on a lenovo machine (LP: #1740973)
    - ALSA: hda - change the location for one mic on a Lenovo machine
  * No external microphone be detected via headset jack on a dell machine
    (LP: #1740972)
    - ALSA: hda - fix headset mic detection issue on a Dell machine
  *  Can't detect external headset via line-out jack on some Dell machines
    (LP: #1740971)
    - ALSA: hda/realtek - Fix Dell AIO LineOut issue
  * Support realtek new codec alc257 in the alsa hda driver  (LP: #1738911)
    - ALSA: hda/realtek - New codec support for ALC257
  * Add support for 16g huge pages on Ubuntu 16.04.2 PowerNV (LP: #1706247)
    - powerpc/mm/hugetlb: Allow runtime allocation of 16G.
    - powerpc/mm/hugetlb: Add support for reserving gigantic huge pages via kernel
      command line
    - mm/hugetlb: Allow arch to override and call the weak function
  * the kernel is blackholing IPv6 packets to linkdown nexthops (LP: #1738219)
    - ipv6: Do not consider linkdown nexthops during multipath
  * e1000e in 4.4.0-97-generic breaks 82574L under heavy load. (LP: #1730550)
    - e1000e: Avoid receiver overrun interrupt bursts
    - e1000e: Separate signaling for link check/link up
  * Ubuntu 17.10: Include patch "crypto: vmx - Use skcipher for ctr fallback"
    (LP: #1732978)
    - crypto: vmx - Use skcipher for ctr fallback
  * QCA Rome bluetooth can not wakeup after USB runtime suspended.
    (LP: #1737890)
    - Bluetooth: btusb: driver to enable the usb-wakeup feature
  * /dev/bcache/by-uuid links not created after reboot (LP: #1729145)
    - SAUCE: (no-up) bcache: decouple emitting a cached_dev CHANGE uevent
  * Some VMs fail to reboot with "watchdog: BUG: soft lockup - CPU#0 stuck for
    22s! [systemd:1]" (LP: #1730717)
    - SAUCE: exec: fix lockup because retry loop may never exit
  * Request to backport cxlflash patches to 16.04 HWE Kernel (LP: #1730515)
    - scsi: cxlflash: Use derived maximum write same length
    - scsi: cxlflash: Allow cards without WWPN VPD to configure
    - scsi: cxlflash: Derive pid through accessors
  * vagrant artful64 box filesystem too small (LP: #1726818)
    - block: factor out __blkdev_issue_zero_pages()
    - block: cope with WRITE ZEROES failing in blkdev_issue_zeroout()
  * Artful update to 4.13.14 stable release (LP: #1744121)
    - ppp: fix race in ppp device destruction
    - gso: fix payload length when gso_size is zero
    - ipv4: Fix traffic triggered IPsec connections.
    - ipv6: Fix traffic triggered IPsec connections.
    - netlink: do not set cb_running if dump's start() errs
    - net: call cgroup_sk_alloc() earlier in sk_clone_lock()
    - macsec: fix memory leaks when skb_to_sgvec fails
    - l2tp: check ps->sock before running pppol2tp_session_ioctl()
    - netlink: fix netlink_ack() extack race
    - sctp: add the missing sock_owned_by_user check in sctp_icmp_redirect
    - tcp/dccp: fix ireq->opt races
    - packet: avoid panic in packet_getsockopt()
    - geneve: Fix function matching VNI and tunnel ID on big-endian
    - net: bridge: fix returning of vlan range op errors
    - soreuseport: fix initialization race
    - ipv6: flowlabel: do not leave opt->tot_len with garbage
    - sctp: full support for ipv6 ip_nonlocal_bind & IP_FREEBIND
    - tcp/dccp: fix lockdep splat in inet_csk_route_req()
    - tcp/dccp: fix other lockdep splats accessing ireq_opt
    - net: dsa: check master device before put
    - net/unix: don't show information about sockets from other namespaces
    - tap: double-free in error path in tap_open()
    - net/mlx5: Fix health work queue spin lock to IRQ safe
    - net/mlx5e: Properly deal with encap flows add/del under neigh update
    - ipip: only increase err_count for some certain type icmp in ipip_err
    - ip6_gre: only increase err_count for some certain type icmpv6 in ip6gre_err
    - ip6_gre: update dst pmtu if dev mtu has been updated by toobig in
      __gre6_xmit
    - tcp: refresh tp timestamp before tcp_mtu_probe()
    - tap: reference to KVA of an unloaded module causes kernel panic
    - sctp: reset owner sk for data chunks on out queues when migrating a sock
    - net_sched: avoid matching qdisc with zero handle
    - l2tp: hold tunnel in pppol2tp_connect()
    - ipv6: addrconf: increment ifp refcount before ipv6_del_addr()
    - tcp: fix tcp_mtu_probe() vs highest_sack
    - mac80211: accept key reinstall without changing anything
    - mac80211: use constant time comparison with keys
    - mac80211: don't compare TKIP TX MIC key in reinstall prevention
    - usb: usbtest: fix NULL pointer dereference
    - Input: ims-psu - check if CDC union descriptor is sane
    - EDAC, sb_edac: Don't create a second memory controller if HA1 is not present
    - dmaengine: dmatest: warn user when dma test times out
    - Linux 4.13.14

  [ Ubuntu: 4.13.0-37.42 ]

  * linux: 4.13.0-37.42 -proposed tracker (LP: #1751798)
  * CVE-2017-5715 // CVE-2017-5753 // CVE-2017-5754
    - arm64: Add ASM_BUG()
    - arm64: consistently use bl for C exception entry
    - arm64: move non-entry code out of .entry.text
    - arm64: unwind: avoid percpu indirection for irq stack
    - arm64: unwind: disregard frame.sp when validating frame pointer
    - arm64: mm: Fix set_memory_valid() declaration
    - arm64: Convert __inval_cache_range() to area-based
    - arm64: Expose DC CVAP to userspace
    - arm64: Handle trapped DC CVAP
    - arm64: Implement pmem API support
    - arm64: uaccess: Implement *_flushcache variants
    - arm64/vdso: Support mremap() for vDSO
    - arm64: unwind: reference pt_regs via embedded stack frame
    - arm64: unwind: remove sp from struct stackframe
    - arm64: uaccess: Add the uaccess_flushcache.c file
    - arm64: fix pmem interface definition
    - arm64: compat: Remove leftover variable declaration
    - fork: allow arch-override of VMAP stack alignment
    - arm64: kernel: remove {THREAD,IRQ_STACK}_START_SP
    - arm64: factor out PAGE_* and CONT_* definitions
    - arm64: clean up THREAD_* definitions
    - arm64: clean up irq stack definitions
    - arm64: move SEGMENT_ALIGN to <asm/memory.h>
    - efi/arm64: add EFI_KIMG_ALIGN
    - arm64: factor out entry stack manipulation
    - arm64: assembler: allow adr_this_cpu to use the stack pointer
    - arm64: use an irq stack pointer
    - arm64: add basic VMAP_STACK support
    - arm64: add on_accessible_stack()
    - arm64: add VMAP_STACK overflow detection
    - arm64: Convert pte handling from inline asm to using (cmp)xchg
    - kvm: arm64: Convert kvm_set_s2pte_readonly() from inline asm to cmpxchg()
    - arm64: Move PTE_RDONLY bit handling out of set_pte_at()
    - arm64: Ignore hardware dirty bit updates in ptep_set_wrprotect()
    - arm64: Remove the !CONFIG_ARM64_HW_AFDBM alternative code paths
    - arm64: introduce separated bits for mm_context_t flags
    - arm64: cleanup {COMPAT_,}SET_PERSONALITY() macro
    - KVM: arm/arm64: Fix guest external abort matching
    - KVM: arm/arm64: vgic: constify seq_operations and file_operations
    - KVM: arm/arm64: vITS: Drop its_ite->lpi field
    - KVM: arm/arm64: Extract GICv3 max APRn index calculation
    - KVM: arm/arm64: Support uaccess of GICC_APRn
    - arm64: Use larger stacks when KASAN is selected
    - arm64: Define cputype macros for Falkor CPU
    - arm64: SW PAN: Point saved ttbr0 at the zero page when switching to init_mm
    - arm64: SW PAN: Update saved ttbr0 value on enter_lazy_tlb
    - x86/syscalls: Check address limit on user-mode return
    - arm/syscalls: Check address limit on user-mode return
    - arm64/syscalls: Check address limit on user-mode return
    - Revert "arm/syscalls: Check address limit on user-mode return"
    - syscalls: Use CHECK_DATA_CORRUPTION for addr_limit_user_check
    - arm/syscalls: Optimize address limit check
    - arm64/syscalls: Move address limit check in loop
    - futex: Remove duplicated code and fix undefined behaviour
    - arm64: KVM: Fix SMCCC handling of unimplemented SMC/HVC calls
    - arm64: syscallno is secretly an int, make it official
    - arm64: move TASK_* definitions to <asm/processor.h>
    - arm64: mm: Use non-global mappings for kernel space
    - arm64: mm: Temporarily disable ARM64_SW_TTBR0_PAN
    - arm64: mm: Move ASID from TTBR0 to TTBR1
    - arm64: mm: Remove pre_ttbr0_update_workaround for Falkor erratum #E1003
    - arm64: mm: Rename post_ttbr0_update_workaround
    - arm64: mm: Fix and re-enable ARM64_SW_TTBR0_PAN
    - arm64: mm: Allocate ASIDs in pairs
    - arm64: mm: Add arm64_kernel_unmapped_at_el0 helper
    - arm64: mm: Invalidate both kernel and user ASIDs when performing TLBI
    - arm64: entry: Add exception trampoline page for exceptions from EL0
    - arm64: mm: Map entry trampoline into trampoline and kernel page tables
    - arm64: entry: Explicitly pass exception level to kernel_ventry macro
    - arm64: entry: Hook up entry trampoline to exception vectors
    - arm64: erratum: Work around Falkor erratum #E1003 in trampoline code
    - arm64: cpu_errata: Add Kryo to Falkor 1003 errata
    - arm64: tls: Avoid unconditional zeroing of tpidrro_el0 for native tasks
    - arm64: entry: Add fake CPU feature for unmapping the kernel at EL0
    - arm64: kaslr: Put kernel vectors address in separate data page
    - arm64: use RET instruction for exiting the trampoline
    - arm64: Kconfig: Add CONFIG_UNMAP_KERNEL_AT_EL0
    - arm64: Kconfig: Reword UNMAP_KERNEL_AT_EL0 kconfig entry
    - arm64: Take into account ID_AA64PFR0_EL1.CSV3
    - arm64: capabilities: Handle duplicate entries for a capability
    - arm64: mm: Introduce TTBR_ASID_MASK for getting at the ASID in the TTBR
    - arm64: kpti: Fix the interaction between ASID switching and software PAN
    - arm64: cputype: Add MIDR values for Cavium ThunderX2 CPUs
    - arm64: Turn on KPTI only on CPUs that need it
    - arm64: kpti: Make use of nG dependent on arm64_kernel_unmapped_at_el0()
    - arm64: mm: Permit transitioning from Global to Non-Global without BBM
    - arm64: kpti: Add ->enable callback to remap swapper using nG mappings
    - arm64: Force KPTI to be disabled on Cavium ThunderX
    - arm64: entry: Reword comment about post_ttbr_update_workaround
    - arm64: idmap: Use "awx" flags for .idmap.text .pushsection directives
    - arm64: barrier: Add CSDB macros to control data-value prediction
    - arm64: Implement array_index_mask_nospec()
    - arm64: Make USER_DS an inclusive limit
    - arm64: Use pointer masking to limit uaccess speculation
    - arm64: entry: Ensure branch through syscall table is bounded under
      speculation
    - arm64: uaccess: Prevent speculative use of the current addr_limit
    - arm64: uaccess: Don't bother eliding access_ok checks in __{get, put}_user
    - arm64: uaccess: Mask __user pointers for __arch_{clear, copy_*}_user
    - arm64: futex: Mask __user pointers prior to dereference
    - arm64: cpufeature: __this_cpu_has_cap() shouldn't stop early
    - arm64: Run enable method for errata work arounds on late CPUs
    - arm64: cpufeature: Pass capability structure to ->enable callback
    - drivers/firmware: Expose psci_get_version through psci_ops structure
    - arm64: Move post_ttbr_update_workaround to C code
    - arm64: Add skeleton to harden the branch predictor against aliasing attacks
    - arm64: Move BP hardening to check_and_switch_context
    - arm64: KVM: Use per-CPU vector when BP hardening is enabled
    - arm64: entry: Apply BP hardening for high-priority synchronous exceptions
    - arm64: entry: Apply BP hardening for suspicious interrupts from EL0
    - arm64: cputype: Add missing MIDR values for Cortex-A72 and Cortex-A75
    - arm64: Implement branch predictor hardening for affected Cortex-A CPUs
    - arm64: Implement branch predictor hardening for Falkor
    - arm64: Branch predictor hardening for Cavium ThunderX2
    - arm64: KVM: Increment PC after handling an SMC trap
    - arm/arm64: KVM: Consolidate the PSCI include files
    - arm/arm64: KVM: Add PSCI_VERSION helper
    - arm/arm64: KVM: Add smccc accessors to PSCI code
    - arm/arm64: KVM: Implement PSCI 1.0 support
    - arm/arm64: KVM: Advertise SMCCC v1.1
    - arm64: KVM: Make PSCI_VERSION a fast path
    - arm/arm64: KVM: Turn kvm_psci_version into a static inline
    - arm64: KVM: Report SMCCC_ARCH_WORKAROUND_1 BP hardening support
    - arm64: KVM: Add SMCCC_ARCH_WORKAROUND_1 fast handling
    - firmware/psci: Expose PSCI conduit
    - firmware/psci: Expose SMCCC version through psci_ops
    - arm/arm64: smccc: Make function identifiers an unsigned quantity
    - arm/arm64: smccc: Implement SMCCC v1.1 inline primitive
    - arm64: Add ARM_SMCCC_ARCH_WORKAROUND_1 BP hardening support
    - arm64: Kill PSCI_GET_VERSION as a variant-2 workaround
    - [Config] UNMAP_KERNEL_AT_EL0=y && HARDEN_BRANCH_PREDICTOR=y
    - SAUCE: arm64: __idmap_cpu_set_reserved_ttbr1: fix !ARM64_PA_BITS_52 logic
    - arm64: Add missing Falkor part number for branch predictor hardening
    - arm64: mm: fix thinko in non-global page table attribute check
  * linux-image-4.13.0-26-generic / linux-image-extra-4.13.0-26-generic fail to
    boot (LP: #1742721)
    - staging: sm750fb: Fix parameter mistake in poke32

  [ Ubuntu: 4.13.0-36.40 ]

  * linux: 4.13.0-36.40 -proposed tracker (LP: #1750010)
  * Rebuild without "CVE-2017-5754 ARM64 KPTI fixes" patch set

 -- Timo Aaltonen <email address hidden>  Thu, 15 Mar 2018 12:45:48 +0200

Available diffs

Superseded in xenial-security on 2018-04-03
Superseded in xenial-updates on 2018-04-03
Deleted in xenial-proposed (Reason: moved to -updates)
linux-oem (4.13.0-1021.23) xenial; urgency=low

  * linux-oem: 4.13.0-1021.23 -proposed tracker (LP: #1748481)

  * Intel 9462 A370:42A4 doesn't work (LP: #1748853)
    - SAUCE: iwlwifi: Adding missing id A370:42A4

  * headset mic can't be detected on two Dell machines (LP: #1748807)
    - ALSA: hda/realtek - Support headset mode for ALC215/ALC285/ALC289
    - ALSA: hda - Fix headset mic detection problem for two Dell machines

  * [linux-oem] Use I2C transport for touchpad on Precision M5530 (LP: #1746661)
    - SAUCE: ACPI: Parse entire table as a term_list for Dell XPS 9570 and
      Precision M5530

  * QCA9377 requires more IRAM banks for its new firmware (LP: #1748345)
    - SAUCE: ath10k: change QCA9377 IRAM back to 9

  * TrackPoint: middle button doesn't work on TrackPoint-compatible device.
    (LP: #1746002)
    - Input: trackpoint - force 3 buttons if 0 button is reported

  * [linux-oem] Fix out of bound VBT pin on CNP (LP: #1746411)
    - drm/i914/bios: amend child device config parameters
    - drm/i915/bios: document BDB versions of child device config fields
    - drm/i915/bios: remove the raw version of child device config
    - drm/i915/bios: add legacy contents to common child device config
    - drm/i915/bios: throw away high level child device union
    - drm/i915/bios: throw away struct old_child_dev_config
    - drm/i915/bios: document child device config dvo_port values a bit better
    - drm/i915/bios: group device type definitions together
    - drm/i915/bios: throw away unused DVO_* macros
    - drm/i915/bios: drop the rest of the p_ prefixes from pointers
    - drm/i915/cnl: Don't trust VBT's alternate pin for port D for now.
    - drm/i915/cnl: Map VBT DDC Pin to BSpec DDC Pin.
    - drm/i915/bios: split up iboost to hdmi and dp bitfields
    - drm/i915/bios: add DP max link rate to VBT child device struct
    - drm/i915/cnp: Ignore VBT request for know invalid DDC pin.
    - drm/i915/cnp: Properly handle VBT ddc pin out of bounds.

  * Miscellaneous upstream changes
    - Rebase to 4.13.0-35.39
    - [Config] update configs following rebase to 4.13.0-35.39
    - [oem config] Keep ignoring retpoline

  [ Ubuntu: 4.13.0-35.39 ]

  * linux: 4.13.0-35.39 -proposed tracker (LP: #1748743)
  * CVE-2017-5715 (Spectre v2 Intel)
    - Revert "UBUNTU: SAUCE: turn off IBPB when full retpoline is present"
    - SAUCE: turn off IBRS when full retpoline is present
    - [Packaging] retpoline files must be sorted
    - [Packaging] pull in retpoline files

  [ Ubuntu: 4.13.0-34.37 ]

  * linux: 4.13.0-34.37 -proposed tracker (LP: #1748475)
  * libata: apply MAX_SEC_1024 to all LITEON EP1 series devices (LP: #1743053)
    - libata: apply MAX_SEC_1024 to all LITEON EP1 series devices
  * KVM patches for s390x to provide facility bits 81 (ppa15) and 82 (bpb)
    (LP: #1747090)
    - KVM: s390: wire up bpb feature
  * artful 4.13 i386 kernels crash after memory hotplug remove (LP: #1747069)
    - Revert "mm, memory_hotplug: do not associate hotadded memory to zones until
      online"
  * CVE-2017-5715 (Spectre v2 Intel)
    - x86/feature: Enable the x86 feature to control Speculation
    - x86/feature: Report presence of IBPB and IBRS control
    - x86/enter: MACROS to set/clear IBRS and set IBPB
    - x86/enter: Use IBRS on syscall and interrupts
    - x86/idle: Disable IBRS entering idle and enable it on wakeup
    - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup
    - x86/mm: Set IBPB upon context switch
    - x86/mm: Only set IBPB when the new thread cannot ptrace current thread
    - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform
    - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm
    - x86/kvm: Set IBPB when switching VM
    - x86/kvm: Toggle IBRS on VM entry and exit
    - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature
    - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control
    - x86/cpu/AMD: Add speculative control support for AMD
    - x86/microcode: Extend post microcode reload to support IBPB feature
    - KVM: SVM: Do not intercept new speculative control MSRs
    - x86/svm: Set IBRS value on VM entry and exit
    - x86/svm: Set IBPB when running a different VCPU
    - KVM: x86: Add speculative control CPUID support for guests
    - SAUCE: turn off IBPB when full retpoline is present
  * Artful 4.13 fixes for tun (LP: #1748846)
    - tun: call dev_get_valid_name() before register_netdevice()
    - tun: allow positive return values on dev_get_valid_name() call
    - tun/tap: sanitize TUNSETSNDBUF input
  * boot failure on AMD Raven + WestonXT (LP: #1742759)
    - SAUCE: drm/amdgpu: add atpx quirk handling (v2)

  [ Ubuntu: 4.13.0-33.36 ]

  * linux: 4.13.0-33.36 -proposed tracker (LP: #1746903)
  * starting VMs causing retpoline4 to reboot (LP: #1747507) // CVE-2017-5715
    (Spectre v2 retpoline)
    - x86/retpoline: Fill RSB on context switch for affected CPUs
    - x86/retpoline: Add LFENCE to the retpoline/RSB filling RSB macros
    - x86/retpoline: Optimize inline assembler for vmexit_fill_RSB
    - x86/retpoline: Remove the esp/rsp thunk
    - x86/retpoline: Simplify vmexit_fill_RSB()
  * Missing install-time driver for QLogic QED 25/40/100Gb Ethernet NIC
    (LP: #1743638)
    - [d-i] Add qede to nic-modules udeb
  * hisi_sas: driver robustness fixes (LP: #1739807)
    - scsi: hisi_sas: fix reset and port ID refresh issues
    - scsi: hisi_sas: avoid potential v2 hw interrupt issue
    - scsi: hisi_sas: fix v2 hw underflow residual value
    - scsi: hisi_sas: add v2 hw DFX feature
    - scsi: hisi_sas: add irq and tasklet cleanup in v2 hw
    - scsi: hisi_sas: service interrupt ITCT_CLR interrupt in v2 hw
    - scsi: hisi_sas: fix internal abort slot timeout bug
    - scsi: hisi_sas: us start_phy in PHY_FUNC_LINK_RESET
    - scsi: hisi_sas: fix NULL check in SMP abort task path
    - scsi: hisi_sas: fix the risk of freeing slot twice
    - scsi: hisi_sas: kill tasklet when destroying irq in v3 hw
    - scsi: hisi_sas: complete all tasklets prior to host reset
  * [Artful/Zesty] ACPI APEI error handling bug fixes (LP: #1732990)
    - ACPI: APEI: fix the wrong iteration of generic error status block
    - ACPI / APEI: clear error status before acknowledging the error
  * [Zesty/Artful] On ARM64 PCIE physical function passthrough guest fails to
    boot (LP: #1732804)
    - vfio/pci: Virtualize Maximum Payload Size
    - vfio/pci: Virtualize Maximum Read Request Size
  * hisi_sas: Add ATA command support for SMR disks (LP: #1739891)
    - scsi: hisi_sas: support zone management commands
  * thunderx2: i2c driver PEC and ACPI clock fixes (LP: #1738073)
    - ACPI / APD: Add clock frequency for ThunderX2 I2C controller
    - i2c: xlp9xx: Get clock frequency with clk API
    - i2c: xlp9xx: Handle I2C_M_RECV_LEN in msg->flags
  * Falkor erratum 1041 needs workaround (LP: #1738497)
    - [Config] CONFIG_QCOM_FALKOR_ERRATUM_E1041=y
    - arm64: Add software workaround for Falkor erratum 1041
  * ThunderX: TX failure unless checksum offload disabled (LP: #1736593)
    - net: thunderx: Fix TCP/UDP checksum offload for IPv6 pkts
    - net: thunderx: Fix TCP/UDP checksum offload for IPv4 pkts
  * arm64/thunderx: Unhandled context faults in ACPI mode (LP: #1736774)
    - PCI: Set Cavium ACS capability quirk flags to assert RR/CR/SV/UF
    - PCI: Apply Cavium ThunderX ACS quirk to more Root Ports
  * arm64: Unfair rwlock can stall the system (LP: #1732238)
    - locking/qrwlock: Use 'struct qrwlock' instead of 'struct __qrwlock'
    - locking/atomic: Add atomic_cond_read_acquire()
    - locking/qrwlock: Use atomic_cond_read_acquire() when spinning in qrwlock
    - locking/qrwlock, arm64: Move rwlock implementation over to qrwlocks
    - locking/qrwlock: Prevent slowpath writers getting held up by fastpath
  * Shutdown hang on 16.04 with iscsi targets (LP: #1569925)
    - scsi: libiscsi: Allow sd_shutdown on bad transport
  * bt_iter() crash due to NULL pointer (LP: #1744300)
    - blk-mq-tag: check for NULL rq when iterating tags
  * hisilicon hibmc regression due to ea642c3216cb ("drm/ttm: add io_mem_pfn
    callback") (LP: #1738334)
    - SAUCE: drm: hibmc: Initialize the hibmc_bo_driver.io_mem_pfn
  * CVE-2017-5754 ARM64 KPTI fixes
    - arm64: Add ASM_BUG()
    - arm64: consistently use bl for C exception entry
    - arm64: syscallno is secretly an int, make it official
    - arm64: Abstract syscallno manipulation
    - arm64: move non-entry code out of .entry.text
    - arm64: unwind: avoid percpu indirection for irq stack
    - arm64: unwind: disregard frame.sp when validating frame pointer
    - arm64: mm: Fix set_memory_valid() declaration
    - arm64: Convert __inval_cache_range() to area-based
    - arm64: Expose DC CVAP to userspace
    - arm64: Handle trapped DC CVAP
    - arm64: Implement pmem API support
    - arm64: uaccess: Implement *_flushcache variants
    - arm64/vdso: Support mremap() for vDSO
    - arm64: unwind: reference pt_regs via embedded stack frame
    - arm64: unwind: remove sp from struct stackframe
    - arm64: uaccess: Add the uaccess_flushcache.c file
    - arm64: fix pmem interface definition
    - arm64: compat: Remove leftover variable declaration
    - fork: allow arch-override of VMAP stack alignment
    - arm64: kernel: remove {THREAD,IRQ_STACK}_START_SP
    - arm64: factor out PAGE_* and CONT_* definitions
    - arm64: clean up THREAD_* definitions
    - arm64: clean up irq stack definitions
    - arm64: move SEGMENT_ALIGN to <asm/memory.h>
    - efi/arm64: add EFI_KIMG_ALIGN
    - arm64: factor out entry stack manipulation
    - arm64: assembler: allow adr_this_cpu to use the stack pointer
    - arm64: use an irq stack pointer
    - arm64: add basic VMAP_STACK support
    - arm64: add on_accessible_stack()
    - arm64: add VMAP_STACK overflow detection
    - arm64: Convert pte handling from inline asm to using (cmp)xchg
    - kvm: arm64: Convert kvm_set_s2pte_readonly() from inline asm to cmpxchg()
    - arm64: Move PTE_RDONLY bit handling out of set_pte_at()
    - arm64: Ignore hardware dirty bit updates in ptep_set_wrprotect()
    - arm64: Remove the !CONFIG_ARM64_HW_AFDBM alternative code paths
    - arm64: introduce separated bits for mm_context_t flags
    - arm64: cleanup {COMPAT_,}SET_PERSONALITY() macro
    - KVM: arm/arm64: Fix guest external abort matching
    - KVM: arm/arm64: vgic: constify seq_operations and file_operations
    - KVM: arm/arm64: vITS: Drop its_ite->lpi field
    - KVM: arm/arm64: Extract GICv3 max APRn index calculation
    - KVM: arm/arm64: Support uaccess of GICC_APRn
    - arm64: move TASK_* definitions to <asm/processor.h>
    - arm64: Use larger stacks when KASAN is selected
    - arm64: sysreg: Move SPE registers and PSB into common header files
    - arm64: head: Init PMSCR_EL2.{PA,PCT} when entered at EL2 without VHE
    - arm64: Update fault_info table with new exception types
    - arm64: Use existing defines for mdscr
    - arm64: Fix single stepping in kernel traps
    - arm64: asm-bug: Renumber macro local labels to avoid clashes
    - arm64: Implement arch-specific pte_access_permitted()
    - arm64: explicitly mask all exceptions
    - arm64: introduce an order for exceptions
    - arm64: Move the async/fiq helpers to explicitly set process context flags
    - arm64: Mask all exceptions during kernel_exit
    - arm64: entry.S: Remove disable_dbg
    - arm64: entry.S: convert el1_sync
    - arm64: entry.S convert el0_sync
    - arm64: entry.S: convert elX_irq
    - arm64: entry.S: move SError handling into a C function for future expansion
    - arm64: pgd: Mark pgd_cache as __ro_after_init
    - arm64: cpu_ops: Add missing 'const' qualifiers
    - arm64: context: Fix comments and remove pointless smp_wmb()
    - arm64: SW PAN: Point saved ttbr0 at the zero page when switching to init_mm
    - arm64: SW PAN: Update saved ttbr0 value on enter_lazy_tlb
    - arm64: Expose support for optional ARMv8-A features
    - arm64: KVM: Hide unsupported AArch64 CPU features from guests
    - arm64: mm: Use non-global mappings for kernel space
    - arm64: mm: Temporarily disable ARM64_SW_TTBR0_PAN
    - arm64: mm: Move ASID from TTBR0 to TTBR1
    - arm64: mm: Remove pre_ttbr0_update_workaround for Falkor erratum #E1003
    - arm64: mm: Rename post_ttbr0_update_workaround
    - arm64: mm: Fix and re-enable ARM64_SW_TTBR0_PAN
    - arm64: mm: Allocate ASIDs in pairs
    - arm64: mm: Add arm64_kernel_unmapped_at_el0 helper
    - arm64: mm: Invalidate both kernel and user ASIDs when performing TLBI
    - arm64: entry: Add exception trampoline page for exceptions from EL0
    - arm64: mm: Map entry trampoline into trampoline and kernel page tables
    - arm64: entry: Explicitly pass exception level to kernel_ventry macro
    - arm64: entry: Hook up entry trampoline to exception vectors
    - arm64: erratum: Work around Falkor erratum #E1003 in trampoline code
    - arm64: tls: Avoid unconditional zeroing of tpidrro_el0 for native tasks
    - arm64: entry: Add fake CPU feature for unmapping the kernel at EL0
    - arm64: Kconfig: Add CONFIG_UNMAP_KERNEL_AT_EL0
    - arm64: mm: Introduce TTBR_ASID_MASK for getting at the ASID in the TTBR
    - arm64: kaslr: Put kernel vectors address in separate data page
    - arm64: use RET instruction for exiting the trampoline
    - arm64: Kconfig: Reword UNMAP_KERNEL_AT_EL0 kconfig entry
    - arm64: Fix the feature type for ID register fields
    - arm64: Take into account ID_AA64PFR0_EL1.CSV3
    - arm64: cpufeature: Pass capability structure to ->enable callback
    - drivers/firmware: Expose psci_get_version through psci_ops structure
    - arm64: Move post_ttbr_update_workaround to C code
    - arm64: Add skeleton to harden the branch predictor against aliasing attacks
    - arm64: KVM: Use per-CPU vector when BP hardening is enabled
    - arm64: KVM: Make PSCI_VERSION a fast path
    - arm64: cputype: Add missing MIDR values for Cortex-A72 and Cortex-A75
    - arm64: Implement branch predictor hardening for affected Cortex-A CPUs
    - arm64: Define cputype macros for Falkor CPU
    - arm64: Implement branch predictor hardening for Falkor
    - arm64: cputype: Add MIDR values for Cavium ThunderX2 CPUs
    - bpf: inline map in map lookup functions for array and htab
    - bpf: perf event change needed for subsequent bpf helpers
    - bpf: do not test for PCPU_MIN_UNIT_SIZE before percpu allocations
    - arm64: Branch predictor hardening for Cavium ThunderX2
    - arm64: capabilities: Handle duplicate entries for a capability
    - arm64: kpti: Fix the interaction between ASID switching and software PAN
    - SAUCE: arm: Add BTB invalidation on switch_mm for Cortex-A9, A12 and A17
    - SAUCE: arm: Invalidate BTB on prefetch abort outside of user mapping on
      Cortex A8, A9, A12 and A17
    - SAUCE: arm: KVM: Invalidate BTB on guest exit
    - SAUCE: arm: Add icache invalidation on switch_mm for Cortex-A15
    - SAUCE: arm: Invalidate icache on prefetch abort outside of user mapping on
      Cortex-A15
    - SAUCE: arm: KVM: Invalidate icache on guest exit for Cortex-A15
    - SAUCE: asm-generic/barrier: add generic nospec helpers
    - SAUCE: Documentation: document nospec helpers
    - SAUCE: arm64: implement nospec_{load,ptr}()
    - SAUCE: arm: implement nospec_ptr()
    - SAUCE: bpf: inhibit speculated out-of-bounds pointers
    - SAUCE: arm64: Implement branch predictor hardening for Falkor
    - SAUCE: arm64: Branch predictor hardening for Cavium ThunderX2
    - [Config] UNMAP_KERNEL_AT_EL0=y && HARDEN_BRANCH_PREDICTOR=y
  * [artful] panic in update_stack_state when reading /proc/<pid>/stack on i386
    (LP: #1747263)
    - x86/unwind: Fix dereference of untrusted pointer
  * CVE-2017-5753 (Spectre v1 Intel)
    - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature
    - SAUCE: reinstate MFENCE_RDTSC feature definition
    - locking/barriers: introduce new observable speculation barrier
    - bpf: prevent speculative execution in eBPF interpreter
    - x86, bpf, jit: prevent speculative execution when JIT is enabled
    - SAUCE: FIX: x86, bpf, jit: prevent speculative execution when JIT is enabled
    - uvcvideo: prevent speculative execution
    - carl9170: prevent speculative execution
    - p54: prevent speculative execution
    - qla2xxx: prevent speculative execution
    - cw1200: prevent speculative execution
    - Thermal/int340x: prevent speculative execution
    - ipv4: prevent speculative execution
    - ipv6: prevent speculative execution
    - fs: prevent speculative execution
    - net: mpls: prevent speculative execution
    - udf: prevent speculative execution
    - userns: prevent speculative execution
    - SAUCE: powerpc: add osb barrier
    - SAUCE: s390/spinlock: add osb memory barrier
    - SAUCE: claim mitigation via observable speculation barrier
  * CVE-2017-5715 (Spectre v2 retpoline)
    - x86/asm: Fix inline asm call constraints for Clang
    - kvm: vmx: Scrub hardware GPRs at VM-exit
    - sysfs/cpu: Add vulnerability folder
    - x86/cpu: Implement CPU vulnerabilites sysfs functions
    - x86/tboot: Unbreak tboot with PTI enabled
    - objtool: Detect jumps to retpoline thunks
    - objtool: Allow alternatives to be ignored
    - x86/retpoline: Add initial retpoline support
    - x86/spectre: Add boot time option to select Spectre v2 mitigation
    - x86/retpoline/crypto: Convert crypto assembler indirect jumps
    - x86/retpoline/entry: Convert entry assembler indirect jumps
    - x86/retpoline/ftrace: Convert ftrace assembler indirect jumps
    - x86/retpoline/hyperv: Convert assembler indirect jumps
    - x86/retpoline/xen: Convert Xen hypercall indirect jumps
    - x86/retpoline/checksum32: Convert assembler indirect jumps
    - x86/retpoline/irq32: Convert assembler indirect jumps
    - x86/retpoline: Fill return stack buffer on vmexit
    - selftests/x86: Add test_vsyscall
    - x86/pti: Fix !PCID and sanitize defines
    - security/Kconfig: Correct the Documentation reference for PTI
    - x86,perf: Disable intel_bts when PTI
    - x86/retpoline: Remove compile time warning
    - [Config] enable CONFIG_GENERIC_CPU_VULNERABILITIES
    - [Config] enable CONFIG_RETPOLINE
    - [Packaging] retpoline -- add call site validation
    - [Config] disable retpoline checks for first upload
  * CVE-2017-5715 (revert embargoed) // CVE-2017-5753 (revert embargoed)
    - Revert "UBUNTU: SAUCE: x86/entry: Fix up retpoline assembler labels"
    - Revert "kvm: vmx: Scrub hardware GPRs at VM-exit"
    - Revert "Revert "x86/svm: Add code to clear registers on VM exit""
    - Revert "UBUNTU: SAUCE: x86/microcode: Extend post microcode reload to
      support IBPB feature -- repair missmerge"
    - Revert "UBUNTU: SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit"
    - Revert "s390/spinlock: add gmb memory barrier"
    - Revert "powerpc: add gmb barrier"
    - Revert "x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature"
    - Revert "x86/svm: Add code to clear registers on VM exit"
    - Revert "x86/svm: Add code to clobber the RSB on VM exit"
    - Revert "KVM: x86: Add speculative control CPUID support for guests"
    - Revert "x86/svm: Set IBPB when running a different VCPU"
    - Revert "x86/svm: Set IBRS value on VM entry and exit"
    - Revert "KVM: SVM: Do not intercept new speculative control MSRs"
    - Revert "x86/microcode: Extend post microcode reload to support IBPB feature"
    - Revert "x86/cpu/AMD: Add speculative control support for AMD"
    - Revert "x86/entry: Use retpoline for syscall's indirect calls"
    - Revert "x86/syscall: Clear unused extra registers on 32-bit compatible
      syscall entrance"
    - Revert "x86/syscall: Clear unused extra registers on syscall entrance"
    - Revert "x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb
      control"
    - Revert "x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature"
    - Revert "x86/kvm: Pad RSB on VM transition"
    - Revert "x86/kvm: Toggle IBRS on VM entry and exit"
    - Revert "x86/kvm: Set IBPB when switching VM"
    - Revert "x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm"
    - Revert "x86/entry: Stuff RSB for entry to kernel for non-SMEP platform"
    - Revert "x86/mm: Only set IBPB when the new thread cannot ptrace current
      thread"
    - Revert "x86/mm: Set IBPB upon context switch"
    - Revert "x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup"
    - Revert "x86/idle: Disable IBRS entering idle and enable it on wakeup"
    - Revert "x86/enter: Use IBRS on syscall and interrupts"
    - Revert "x86/enter: MACROS to set/clear IBRS and set IBPB"
    - Revert "x86/feature: Report presence of IBPB and IBRS control"
    - Revert "x86/feature: Enable the x86 feature to control Speculation"
    - Revert "udf: prevent speculative execution"
    - Revert "net: mpls: prevent speculative execution"
    - Revert "fs: prevent speculative execution"
    - Revert "ipv6: prevent speculative execution"
    - Revert "userns: prevent speculative execution"
    - Revert "Thermal/int340x: prevent speculative execution"
    - Revert "cw1200: prevent speculative execution"
    - Revert "qla2xxx: prevent speculative execution"
    - Revert "p54: prevent speculative execution"
    - Revert "carl9170: prevent speculative execution"
    - Revert "uvcvideo: prevent speculative execution"
    - Revert "x86, bpf, jit: prevent speculative execution when JIT is enabled"
    - Revert "bpf: prevent speculative execution in eBPF interpreter"
    - Revert "locking/barriers: introduce new memory barrier gmb()"
  * Unable to boot with i386 4.13.0-25 / 4.13.0-26 / 4.13.0-31 kernel on Xenial
    / Artful (LP: #1745118)
    - x86/mm: Fix overlap of i386 CPU_ENTRY_AREA with FIX_BTMAP
  * 4.13: unable to increase MTU configuration for GRE devices (LP: #1743746)
    - ip_gre: remove the incorrect mtu limit for ipgre tap
  * CVE-2017-17712
    - net: ipv4: fix for a race condition in raw_sendmsg
  * upload urgency should be medium by default (LP: #1745338)
    - [Packaging] update urgency to medium by default
  * CVE-2017-15115
    - sctp: do not peel off an assoc from one netns to another one
  * CVE-2017-8824
    - dccp: CVE-2017-8824: use-after-free in DCCP code

 -- Timo Aaltonen <email address hidden>  Tue, 13 Feb 2018 10:05:50 +0200
Superseded in xenial-security on 2018-02-21
Superseded in xenial-updates on 2018-02-21
Deleted in xenial-proposed (Reason: moved to -updates)
linux-oem (4.13.0-1020.21) xenial; urgency=low

  * linux-oem: 4.13.0-1020.21 -proposed tracker (LP: #1746017)

  [ Stefan Bader ]
  * Firmware upgrade interface for CAC Reader BCM58102 (LP: #1744041)
    - SAUCE: Support fw upgrade for CAC Reader BCM58102

  * the wifi driver is always hard blocked on a lenovo laptop (LP: #1743672)
    - ACPI: EC: Fix possible issues related to EC initialization order

  * ath9k can't connect to wifi AP (LP: #1727228)
    - ath9k: add MSI support
    - ath9k: add a quirk to set use_msi automatically

  * boot failure on AMD Raven + WesternXT (LP: #1742759)
    - SAUCE: drm/amdgpu: add atpx quirk handling (v2)

  * x86: CFL missing from early quirks (LP: #1742755)
    - drm/i915: add GT number to intel_device_info
    - drm/i915/kbl: Change a KBL pci id to GT2 from GT1.5
    - SAUCE: x86/gpu: add CFL to early quirks

  * [0cf3:e010] QCA6174A XR failed to pair with bt 4.0 device  (LP: #1741166)
    - Bluetooth: btusb: Add support for 0cf3:e010

  * QCA Rome bluetooth failed to work after applying reset-resume quirk
    (LP: #1741206)
    - Revert "Bluetooth: btusb: fix QCA Rome suspend/resume"
    - usb: quirks: Add reset-resume quirk for Dell DW1820 QCA Rome Bluetooth

  * [800 G3 SFF] [800 G3 DM]External microphone of headset(3-ring) is working,
    2-ring mic not working, both not shown in sound settings  (LP: #1740974)
    - ALSA: hda - Add MIC_NO_PRESENCE fixup for 2 HP machines

  * Two front mics can't work on a lenovo machine (LP: #1740973)
    - ALSA: hda - change the location for one mic on a Lenovo machine

  * No external microphone be detected via headset jack on a dell machine
    (LP: #1740972)
    - ALSA: hda - fix headset mic detection issue on a Dell machine

  *  Can't detect external headset via line-out jack on some Dell machines
    (LP: #1740971)
    - ALSA: hda/realtek - Fix Dell AIO LineOut issue

 -- Timo Aaltonen <email address hidden>  Mon, 29 Jan 2018 16:51:18 +0200
Superseded in xenial-security on 2018-02-12
Superseded in xenial-updates on 2018-02-12
Deleted in xenial-proposed (Reason: NBS)
linux-oem (4.13.0-1019.20) xenial; urgency=low

  [ Ubuntu: 4.13.0-32.35 ]

  * CVE-2017-5715 // CVE-2017-5753
    - SAUCE: x86/entry: Fix up retpoline assembler labels

  [ Ubuntu: 4.13.0-31.34 ]

  * linux: 4.13.0-31.34 -proposed tracker (LP: #1744294)
  * CVE-2017-5715 // CVE-2017-5753
    - SAUCE: s390: improve cpu alternative handling for gmb and nobp
    - SAUCE: s390: print messages for gmb and nobp
    - [Config] KERNEL_NOBP=y

 -- Stefan Bader <email address hidden>  Thu, 25 Jan 2018 12:06:47 +0100
Deleted in xenial-proposed on 2018-02-01 (Reason: NBS)
linux-oem (4.13.0-1018.19) xenial; urgency=low

  * Firmware upgrade interface for CAC Reader BCM58102 (LP: #1744041)
    - SAUCE: Support fw upgrade for CAC Reader BCM58102

  * the wifi driver is always hard blocked on a lenovo laptop (LP: #1743672)
    - ACPI: EC: Fix possible issues related to EC initialization order

  * ath9k can't connect to wifi AP (LP: #1727228)
    - ath9k: add MSI support
    - ath9k: add a quirk to set use_msi automatically

  * boot failure on AMD Raven + WesternXT (LP: #1742759)
    - SAUCE: drm/amdgpu: add atpx quirk handling (v2)

  * x86: CFL missing from early quirks (LP: #1742755)
    - drm/i915: add GT number to intel_device_info
    - drm/i915/kbl: Change a KBL pci id to GT2 from GT1.5
    - SAUCE: x86/gpu: add CFL to early quirks

  * [0cf3:e010] QCA6174A XR failed to pair with bt 4.0 device  (LP: #1741166)
    - Bluetooth: btusb: Add support for 0cf3:e010

  * QCA Rome bluetooth failed to work after applying reset-resume quirk
    (LP: #1741206)
    - Revert "Bluetooth: btusb: fix QCA Rome suspend/resume"
    - usb: quirks: Add reset-resume quirk for Dell DW1820 QCA Rome Bluetooth

  * [800 G3 SFF] [800 G3 DM]External microphone of headset(3-ring) is working,
    2-ring mic not working, both not shown in sound settings  (LP: #1740974)
    - ALSA: hda - Add MIC_NO_PRESENCE fixup for 2 HP machines

  * Two front mics can't work on a lenovo machine (LP: #1740973)
    - ALSA: hda - change the location for one mic on a Lenovo machine

  * No external microphone be detected via headset jack on a dell machine
    (LP: #1740972)
    - ALSA: hda - fix headset mic detection issue on a Dell machine

  *  Can't detect external headset via line-out jack on some Dell machines
    (LP: #1740971)
    - ALSA: hda/realtek - Fix Dell AIO LineOut issue

 -- Timo Aaltonen <email address hidden>  Tue, 23 Jan 2018 15:19:28 +0200
Superseded in xenial-security on 2018-01-26
Superseded in xenial-updates on 2018-01-26
Deleted in xenial-proposed (Reason: NBS)
linux-oem (4.13.0-1017.18) xenial; urgency=low

  * linux-oem: 4.13.0-1017.18 -proposed tracker (LP: #1743418)

  * Realtek card reader - RTS5243 [VEN_10EC&DEV_5260] (LP: #1737673)
    - mmc: rtsx: fix tuning fail on gen3 PCI-Express
    - mfd: rts5249: Add support for RTS5250S power saving
    - misc: rtsx: Move Realtek Card Reader Driver to misc
    - misc: rtsx: Add support for RTS5260
    - misc: rtsx: Fix symbol clashes
    - [Config] update configs for RTSX

  * Realtek card reader power consumption issue (LP: #1743516)
    - mfd: Fix RTS5227 (and others) powermanagement

  [ Ubuntu: 4.13.0-30.33 ]

  * linux: 4.13.0-30.33 -proposed tracker (LP: #1743412)
  * Do not duplicate changelog entries assigned to more than one bug or CVE
    (LP: #1743383)
    - [Packaging] git-ubuntu-log -- handle multiple bugs/cves better
  * Unable to handle kernel NULL pointer dereference at isci_task_abort_task
    (LP: #1726519)
    - Revert "scsi: libsas: allow async aborts"
  * CVE-2017-5715 // CVE-2017-5753
    - SAUCE: x86/microcode: Extend post microcode reload to support IBPB feature
      -- repair missmerge
    - Revert "x86/svm: Add code to clear registers on VM exit"
    - kvm: vmx: Scrub hardware GPRs at VM-exit

Deleted in xenial-proposed on 2018-01-17 (Reason: NBS)
linux-oem (4.13.0-1016.17) xenial; urgency=low

  * linux-oem: 4.13.0-1016.17 -proposed tracker (LP: #1742728)

  * Add support for Realtek Bluetooth device [0bda:b00a] (LP: #1742613)
    - SAUCE: Import Bluetooth driver for Realtek 8821CE
    - SAUCE: Make rtl8821ce-bt work with 0bda:b00a only
    - SAUCE: rtl8821ce-bt: append device ID to config filename
    - SAUCE: bluetooth: Blacklist 0bda:b00a
    - SAUCE: build ubuntu/rtl8821ce-bt for x86 only

  * Add support for Realtek WiFi device [10ec:c821] (LP: #1740231)
    - SAUCE: Import RTL8821CE driver
    - SAUCE: Add ubuntu/rtl8821ce into build script
    - SAUCE: Sync ubuntu/rtl8821ce with a new release from Realtek

  * External HDMI monitor failed to show screen on Lenovo X1 series
    (LP: #1738523)
    - SAUCE: drm/i915: Disable writing of TMDS_OE on Lenovo ThinkPad X1 series

  * Support realtek new codec alc257 in the alsa hda driver  (LP: #1738911)
    - ALSA: hda/realtek - New codec support for ALC257

  * QCA Rome bluetooth can not wakeup after USB runtime suspended.
    (LP: #1737890)
    - Bluetooth: btusb: driver to enable the usb-wakeup feature

  * Intel 9260/9462/9560 can't connect to 5GHz AP (LP: #1736639)
    - iwlwifi: mvm: enable RX offloading with TKIP and WEP
    - iwlwifi: mvm: mark MIC stripped MPDUs

  * [Artful][Wyse 3040] System hang when trying to enable an offlined CPU core
    (LP: #1736393)
    - SAUCE: drm/i915:Don't set chip specific data
    - SAUCE: drm/i915: make previous commit affects Wyse 3040 only

  * Touchpad stops working after a few seconds in Lenovo ideapad 320
    (LP: #1732056)
    - pinctrl/amd: fix masking of GPIO interrupts

  [ Ubuntu: 4.13.0-29.32 ]

  * linux: 4.13.0-29.32 -proposed tracker (LP: #1742722)
  * CVE-2017-5754
    - Revert "x86/cpu: Implement CPU vulnerabilites sysfs functions"
    - Revert "sysfs/cpu: Fix typos in vulnerability documentation"
    - Revert "sysfs/cpu: Add vulnerability folder"
    - Revert "UBUNTU: [Config] updateconfigs to enable
      GENERIC_CPU_VULNERABILITIES"

  [ Ubuntu: 4.13.0-28.31 ]

  * CVE-2017-5753
    - SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit
  * CVE-2017-5715
    - SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit

  [ Ubuntu: 4.13.0-27.30 ]

  * CVE-2017-5753
    - locking/barriers: introduce new memory barrier gmb()
    - bpf: prevent speculative execution in eBPF interpreter
    - x86, bpf, jit: prevent speculative execution when JIT is enabled
    - uvcvideo: prevent speculative execution
    - carl9170: prevent speculative execution
    - p54: prevent speculative execution
    - qla2xxx: prevent speculative execution
    - cw1200: prevent speculative execution
    - Thermal/int340x: prevent speculative execution
    - userns: prevent speculative execution
    - ipv6: prevent speculative execution
    - fs: prevent speculative execution
    - net: mpls: prevent speculative execution
    - udf: prevent speculative execution
    - x86/feature: Enable the x86 feature to control Speculation
    - x86/feature: Report presence of IBPB and IBRS control
    - x86/enter: MACROS to set/clear IBRS and set IBPB
    - x86/enter: Use IBRS on syscall and interrupts
    - x86/idle: Disable IBRS entering idle and enable it on wakeup
    - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup
    - x86/mm: Set IBPB upon context switch
    - x86/mm: Only set IBPB when the new thread cannot ptrace current thread
    - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform
    - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm
    - x86/kvm: Set IBPB when switching VM
    - x86/kvm: Toggle IBRS on VM entry and exit
    - x86/kvm: Pad RSB on VM transition
    - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature
    - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control
    - x86/syscall: Clear unused extra registers on syscall entrance
    - x86/syscall: Clear unused extra registers on 32-bit compatible syscall
      entrance
    - x86/entry: Use retpoline for syscall's indirect calls
    - x86/cpu/AMD: Add speculative control support for AMD
    - x86/microcode: Extend post microcode reload to support IBPB feature
    - KVM: SVM: Do not intercept new speculative control MSRs
    - x86/svm: Set IBRS value on VM entry and exit
    - x86/svm: Set IBPB when running a different VCPU
    - KVM: x86: Add speculative control CPUID support for guests
    - x86/svm: Add code to clobber the RSB on VM exit
    - x86/svm: Add code to clear registers on VM exit
    - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature
    - powerpc: add gmb barrier
    - s390/spinlock: add gmb memory barrier
    - x86/microcode/AMD: Add support for fam17h microcode loading
  * CVE-2017-5715
    - locking/barriers: introduce new memory barrier gmb()
    - bpf: prevent speculative execution in eBPF interpreter
    - x86, bpf, jit: prevent speculative execution when JIT is enabled
    - uvcvideo: prevent speculative execution
    - carl9170: prevent speculative execution
    - p54: prevent speculative execution
    - qla2xxx: prevent speculative execution
    - cw1200: prevent speculative execution
    - Thermal/int340x: prevent speculative execution
    - userns: prevent speculative execution
    - ipv6: prevent speculative execution
    - fs: prevent speculative execution
    - net: mpls: prevent speculative execution
    - udf: prevent speculative execution
    - x86/feature: Enable the x86 feature to control Speculation
    - x86/feature: Report presence of IBPB and IBRS control
    - x86/enter: MACROS to set/clear IBRS and set IBPB
    - x86/enter: Use IBRS on syscall and interrupts
    - x86/idle: Disable IBRS entering idle and enable it on wakeup
    - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup
    - x86/mm: Set IBPB upon context switch
    - x86/mm: Only set IBPB when the new thread cannot ptrace current thread
    - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform
    - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm
    - x86/kvm: Set IBPB when switching VM
    - x86/kvm: Toggle IBRS on VM entry and exit
    - x86/kvm: Pad RSB on VM transition
    - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature
    - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control
    - x86/syscall: Clear unused extra registers on syscall entrance
    - x86/syscall: Clear unused extra registers on 32-bit compatible syscall
      entrance
    - x86/entry: Use retpoline for syscall's indirect calls
    - x86/cpu/AMD: Add speculative control support for AMD
    - x86/microcode: Extend post microcode reload to support IBPB feature
    - KVM: SVM: Do not intercept new speculative control MSRs
    - x86/svm: Set IBRS value on VM entry and exit
    - x86/svm: Set IBPB when running a different VCPU
    - KVM: x86: Add speculative control CPUID support for guests
    - x86/svm: Add code to clobber the RSB on VM exit
    - x86/svm: Add code to clear registers on VM exit
    - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature
    - powerpc: add gmb barrier
    - s390/spinlock: add gmb memory barrier
    - x86/microcode/AMD: Add support for fam17h microcode loading
  * CVE-2017-5754
    - x86/pti: Enable PTI by default
    - x86/pti: Make sure the user/kernel PTEs match
    - x86/dumpstack: Fix partial register dumps
    - x86/dumpstack: Print registers for first stack frame
    - x86/process: Define cpu_tss_rw in same section as declaration
    - x86/mm: Set MODULES_END to 0xffffffffff000000
    - x86/mm: Map cpu_entry_area at the same place on 4/5 level
    - x86/kaslr: Fix the vaddr_end mess
    - x86/events/intel/ds: Use the proper cache flush method for mapping ds
      buffers
    - x86/tlb: Drop the _GPL from the cpu_tlbstate export
    - x86/alternatives: Add missing '\n' at end of ALTERNATIVE inline asm
    - x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN
    - x86/pti: Unbreak EFI old_memmap
    - x86/Documentation: Add PTI description
    - x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]
    - sysfs/cpu: Add vulnerability folder
    - x86/cpu: Implement CPU vulnerabilites sysfs functions
    - x86/tboot: Unbreak tboot with PTI enabled
    - x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*()
    - x86/cpu/AMD: Make LFENCE a serializing instruction
    - x86/cpu/AMD: Use LFENCE_RDTSC in preference to MFENCE_RDTSC
    - sysfs/cpu: Fix typos in vulnerability documentation
    - x86/alternatives: Fix optimize_nops() checking
    - x86/pti: Make unpoison of pgd for trusted boot work for real
    - s390: introduce CPU alternatives
    - s390: add ppa to kernel entry / exit
    - SAUCE: powerpc: Secure memory rfi flush
    - SAUCE: rfi-flush: Make DEBUG_RFI a CONFIG option
    - SAUCE: rfi-flush: Add HRFI_TO_UNKNOWN and use it in denorm
    - SAUCE: rfi-flush: kvmppc_skip_(H)interrupt returns to host kernel
    - SAUCE: KVM: Revert the implementation of H_GET_CPU_CHARACTERISTICS
    - SAUCE: rfi-flush: Implement congruence-first fallback flush
    - SAUCE: rfi-flush: Make l1d_flush_type bit flags
    - SAUCE: rfi-flush: Push the instruction selection down to the patching
      routine
    - SAUCE: rfi-flush: Expand the RFI section to two nop slots
    - SAUCE: rfi-flush: Support more than one flush type at once
    - SAUCE: rfi-flush: Allow HV to advertise multiple flush types
    - SAUCE: rfi-flush: Add speculation barrier before ori 30,30,0 flush
    - SAUCE: rfi-flush: Add barriers to the fallback L1D flushing
    - SAUCE: rfi-flush: Rework powernv logic to be more cautious
    - SAUCE: rfi-flush: Rework pseries logic to be more cautious
    - SAUCE: rfi-flush: Put the fallback flushes in the real trampoline section
    - SAUCE: rfi-flush: Fix the fallback flush to actually activate
    - SAUCE: rfi-flush: Fix HRFI_TO_UNKNOWN
    - SAUCE: rfi-flush: Refactor the macros so the nops are defined once
    - SAUCE: rfi-flush: Add no_rfi_flush and nopti comandline options
    - SAUCE: rfi-flush: Use rfi-flush in printks
    - SAUCE: rfi-flush: Fallback flush add load dependency
    - SAUCE: rfi-flush: Fix the 32-bit KVM build
    - SAUCE: rfi-flush: Fix some RFI conversions in the KVM code
    - SAUCE: rfi-flush: Make the fallback robust against memory corruption
    - [Config] Disable CONFIG_PPC_DEBUG_RFI
    - [Config] updateconfigs to enable GENERIC_CPU_VULNERABILITIES
  * powerpc: flush L1D on return to use (LP: #1742772)
    - SAUCE: powerpc: Secure memory rfi flush
    - SAUCE: rfi-flush: Make DEBUG_RFI a CONFIG option
    - SAUCE: rfi-flush: Add HRFI_TO_UNKNOWN and use it in denorm
    - SAUCE: rfi-flush: kvmppc_skip_(H)interrupt returns to host kernel
    - SAUCE: KVM: Revert the implementation of H_GET_CPU_CHARACTERISTICS
    - SAUCE: rfi-flush: Implement congruence-first fallback flush
    - SAUCE: rfi-flush: Make l1d_flush_type bit flags
    - SAUCE: rfi-flush: Push the instruction selection down to the patching
      routine
    - SAUCE: rfi-flush: Expand the RFI section to two nop slots
    - SAUCE: rfi-flush: Support more than one flush type at once
    - SAUCE: rfi-flush: Allow HV to advertise multiple flush types
    - SAUCE: rfi-flush: Add speculation barrier before ori 30,30,0 flush
    - SAUCE: rfi-flush: Add barriers to the fallback L1D flushing
    - SAUCE: rfi-flush: Rework powernv logic to be more cautious
    - SAUCE: rfi-flush: Rework pseries logic to be more cautious
    - SAUCE: rfi-flush: Put the fallback flushes in the real trampoline section
    - SAUCE: rfi-flush: Fix the fallback flush to actually activate
    - SAUCE: rfi-flush: Fix HRFI_TO_UNKNOWN
    - SAUCE: rfi-flush: Refactor the macros so the nops are defined once
    - SAUCE: rfi-flush: Add no_rfi_flush and nopti comandline options
    - SAUCE: rfi-flush: Use rfi-flush in printks
    - SAUCE: rfi-flush: Fallback flush add load dependency
    - SAUCE: rfi-flush: Fix the 32-bit KVM build
    - SAUCE: rfi-flush: Fix some RFI conversions in the KVM code
    - SAUCE: rfi-flush: Make the fallback robust against memory corruption
    - [Config] Disable CONFIG_PPC_DEBUG_RFI
  * s390: add ppa to kernel entry/exit (LP: #1742771)
    - s390: introduce CPU alternatives
    - s390: add ppa to kernel entry / exit

 -- Kleber Sacilotto de Souza <email address hidden>  Fri, 12 Jan 2018 15:41:21 +0100
Superseded in xenial-security on 2018-01-22
Superseded in xenial-updates on 2018-01-22
Deleted in xenial-proposed (Reason: moved to -updates)
linux-oem (4.13.0-1015.16) xenial; urgency=low

  * linux-oem: 4.13.0-1015.16 -proposed tracker (LP: #1741958)

  [ Ubuntu: 4.13.0-25.29 ]

  * linux: 4.13.0-25.29 -proposed tracker (LP: #1741955)
  * CVE-2017-5754
    - Revert "UBUNTU: [Config] updateconfigs to enable PTI"
    - [Config] Enable PTI with UNWINDER_FRAME_POINTER

Deleted in xenial-proposed on 2018-01-09 (Reason: NBS)
linux-oem (4.13.0-1013.14) xenial; urgency=low

  * linux-oem: 4.13.0-1013.14 -proposed tracker (LP: #1738797)

  * Support realtek new codec alc257 in the alsa hda driver  (LP: #1738911)
    - ALSA: hda/realtek - New codec support for ALC257

  * QCA Rome bluetooth can not wakeup after USB runtime suspended.
    (LP: #1737890)
    - Bluetooth: btusb: driver to enable the usb-wakeup feature

  * Intel 9260/9462/9560 can't connect to 5GHz AP (LP: #1736639)
    - iwlwifi: mvm: enable RX offloading with TKIP and WEP
    - iwlwifi: mvm: mark MIC stripped MPDUs

  * [Artful][Wyse 3040] System hang when trying to enable an offlined CPU core
    (LP: #1736393)
    - SAUCE: drm/i915:Don't set chip specific data
    - SAUCE: drm/i915: make previous commit affects Wyse 3040 only

  * Touchpad stops working after a few seconds in Lenovo ideapad 320
    (LP: #1732056)
    - pinctrl/amd: fix masking of GPIO interrupts

  * Miscellaneous upstream changes
    - Ubuntu: Rebase to 4.13.0-22.25

  [ Ubuntu: 4.13.0-22.25 ]

  * linux: 4.13.0-22.25 -proposed tracker (LP: #1738791)
  * CVE-2017-15115
    - sctp: do not peel off an assoc from one netns to another one
  * CVE-2017-8824
    - dccp: CVE-2017-8824: use-after-free in DCCP code

 -- Timo Aaltonen <email address hidden>  Tue, 19 Dec 2017 17:39:44 +0200

Available diffs

Superseded in xenial-security on 2018-01-09
Superseded in xenial-updates on 2018-01-09
Deleted in xenial-proposed (Reason: NBS)
linux-oem (4.13.0-1012.13) xenial; urgency=low

  * linux-oem: 4.13.0-1012.13 -proposed tracker (LP: #1738862)

  * Ubuntu 17.10 corrupting BIOS - many LENOVO laptops models (LP: #1734147)
    - [Config] CONFIG_SPI_INTEL_SPI_PLATFORM=n

  [ Ubuntu: 4.13.0-21.24 ]

  * linux: 4.13.0-21.24 -proposed tracker (LP: #1738823)
  * Ubuntu 17.10 corrupting BIOS - many LENOVO laptops models (LP: #1734147)
    - [Config] CONFIG_SPI_INTEL_SPI_PLATFORM=n

 -- Thadeu Lima de Souza Cascardo <email address hidden>  Mon, 18 Dec 2017 17:34:18 -0200
Superseded in xenial-security on 2017-12-21
Superseded in xenial-updates on 2017-12-21
Deleted in xenial-proposed (Reason: moved to -updates)
linux-oem (4.13.0-1010.11) xenial; urgency=low

  * linux-oem: 4.13.0-1010.11 -proposed tracker (LP: #1736124)

  [ Ubuntu: 4.13.0-19.22 ]

  * linux: 4.13.0-19.22 -proposed tracker (LP: #1736118)
  * CVE-2017-1000405
    - mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d()

Deleted in xenial-proposed on 2017-12-06 (Reason: NBS)
linux-oem (4.13.0-1009.10) xenial; urgency=low

  * linux-oem: 4.13.0-1009.10 -proposed tracker (LP: #1733532)

  * Intel 9260/9462/9560 driver support (LP: #1734242)
    - iwlwifi: refactor out paging code
    - iwlwifi: refactor shared mem parsing
    - iwlwifi: reorganize firmware API
    - iwlwifi: mvm: support version 7 of the SCAN_REQ_UMAC FW command
    - iwlwifi: fix PCI IDs and configuration mapping for 9000 series
    - iwlwifi: fix firmware names for 9000 and A000 series hw

  * QCA Rome bluetooth connection cannot be established after S3  (LP: #1734020)
    - Bluetooth: btusb: fix QCA Rome suspend/resume

  * elantech touchpad of Lenovo L480/580 failed to detect hw_version
    (LP: #1733605)
    - Input: elantech - add new icbody type 15

  * AQUANTIA AQC107 10G[1D6A:0001] & 2.5/5Gb [1D6A:D108] NIC (LP: #1730544)
    - net: aquantia: Bad udp rate on default interrupt coalescing
    - aquantia: Fix Tx queue hangups
    - net: aquantia: Reset nic statistics on interface up/down
    - net: aquantia: Enable coalescing management via ethtool interface
    - net: aquantia: mmio unmap was not performed on driver removal
    - net: aquantia: Limit number of MSIX irqs to the number of cpus
    - net: aquantia: Fixed transient link up/down/up notification
    - net: aquantia: Add queue restarts stats counter
    - net: aquantia: Reset nic statistics on interface up/down

  * Miscellaneous Ubuntu changes
    - Rebase to 4.13.0-18.21

  * Miscellaneous upstream changes
    - Ubuntu: [Config] update configs following rebase to Ubuntu-4.13.0-18.21

  [ Ubuntu: 4.13.0-18.21 ]

  * linux: 4.13.0-18.21 -proposed tracker (LP: #1733530)
  * NVMe timeout is too short (LP: #1729119)
    - nvme: update timeout module parameter type
  * CPU call trace on AMD Raven Ridge after S3 (LP: #1732894)
    - x86/mce/AMD: Allow any CPU to initialize the smca_banks array
  * Set PANIC_TIMEOUT=10 on Power Systems (LP: #1730660)
    - [Config]: Set PANIC_TIMEOUT=10 on ppc64el
  * Cannot pair BLE remote devices when using combo BT SoC (LP: #1731467)
    - Bluetooth: increase timeout for le auto connections
  * enable CONFIG_SND_SOC_INTEL_BYT_CHT_NOCODEC_MACH easily confuse users
    (LP: #1732627)
    - [Config] CONFIG_SND_SOC_INTEL_BYT_CHT_NOCODEC_MACH=n
  * Plantronics P610 does not support sample rate reading (LP: #1719853)
    - ALSA: usb-audio: Add sample rate quirk for Plantronics P610
  * Allow drivers to use Relaxed Ordering on capable root ports (LP: #1721365)
    - Revert commit 1a8b6d76dc5b ("net:add one common config...")
    - net: ixgbe: Use new PCI_DEV_FLAGS_NO_RELAXED_ORDERING flag
  * support GICv3 ITS save/restore & migration (LP: #1710019)
    - KVM: arm/arm64: vgic-its: Fix return value for device table restore
  * Device hotplugging with MPT SAS cannot work for VMWare ESXi (LP: #1730852)
    - scsi: mptsas: Fixup device hotplug for VMWare ESXi
  * Artful update to 4.13.13 stable release (LP: #1732726)
    - netfilter: nat: Revert "netfilter: nat: convert nat bysrc hash to
      rhashtable"
    - netfilter: nft_set_hash: disable fast_ops for 2-len keys
    - workqueue: Fix NULL pointer dereference
    - crypto: ccm - preserve the IV buffer
    - crypto: x86/sha1-mb - fix panic due to unaligned access
    - crypto: x86/sha256-mb - fix panic due to unaligned access
    - KEYS: fix NULL pointer dereference during ASN.1 parsing [ver #2]
    - ACPI / PM: Blacklist Low Power S0 Idle _DSM for Dell XPS13 9360
    - ARM: 8720/1: ensure dump_instr() checks addr_limit
    - ALSA: timer: Limit max instances per timer
    - ALSA: usb-audio: support new Amanero Combo384 firmware version
    - ALSA: hda - fix headset mic problem for Dell machines with alc274
    - ALSA: seq: Fix OSS sysex delivery in OSS emulation
    - ALSA: seq: Avoid invalid lockdep class warning
    - MIPS: Fix CM region target definitions
    - MIPS: BMIPS: Fix missing cbr address
    - MIPS: AR7: Defer registration of GPIO
    - MIPS: AR7: Ensure that serial ports are properly set up
    - KVM: PPC: Book3S HV: Fix exclusion between HPT resizing and other HPT
      updates
    - Input: elan_i2c - add ELAN060C to the ACPI table
    - rbd: use GFP_NOIO for parent stat and data requests
    - drm/vmwgfx: Fix Ubuntu 17.10 Wayland black screen issue
    - Revert "x86: CPU: Fix up "cpu MHz" in /proc/cpuinfo"
    - can: sun4i: handle overrun in RX FIFO
    - can: peak: Add support for new PCIe/M2 CAN FD interfaces
    - can: ifi: Fix transmitter delay calculation
    - can: c_can: don't indicate triple sampling support for D_CAN
    - x86/debug: Handle warnings before the notifier chain, to fix KGDB crash
    - x86/smpboot: Make optimization of delay calibration work correctly
    - x86/oprofile/ppro: Do not use __this_cpu*() in preemptible context
    - Linux 4.13.13
  * ELANTECH Touchpad is not detected in 'Lenovo Ideapad 320 14AST' after fresh
    install (LP: #1727544)
    - Input: elan_i2c - add ELAN060C to the ACPI table
  * Power8 Nest PMU Instrumentation support (LP: #1481347)
    - powerpc/powernv: Add IMC OPAL APIs
    - powerpc/powernv: Detect and create IMC device
    - powerpc/perf: Add nest IMC PMU support
    - powerpc/perf: Add core IMC PMU support
    - powerpc/perf: Add thread IMC PMU support
    - powerpc/perf: Fix double unlock in imc_common_cpuhp_mem_free()
    - powerpc/perf/imc: Fix nest events on muti socket system
    - powerpc/powernv: Fix build error in opal-imc.c when NUMA=n
    - powerpc/perf: Fix usage of nest_imc_refc
    - powerpc/perf: Fix for core/nest imc call trace on cpuhotplug
    - powerpc/perf: Add ___GFP_NOWARN flag to alloc_pages_node()
    - powerpc/perf: Fix IMC initialization crash
  * Artful update to 4.13.12 stable release (LP: #1731971)
    - ALSA: timer: Add missing mutex lock for compat ioctls
    - ALSA: seq: Fix nested rwsem annotation for lockdep splat
    - cifs: check MaxPathNameComponentLength != 0 before using it
    - KEYS: return full count in keyring_read() if buffer is too small
    - KEYS: trusted: fix writing past end of buffer in trusted_read()
    - KEYS: fix out-of-bounds read during ASN.1 parsing
    - ASoC: adau17x1: Workaround for noise bug in ADC
    - virtio_blk: Fix an SG_IO regression
    - arm64: ensure __dump_instr() checks addr_limit
    - KVM: arm64: its: Fix missing dynamic allocation check in scan_its_table
    - arm/arm64: KVM: set right LR register value for 32 bit guest when inject
      abort
    - arm/arm64: kvm: Disable branch profiling in HYP code
    - ARM: dts: mvebu: pl310-cache disable double-linefill
    - ARM: 8715/1: add a private asm/unaligned.h
    - drm/amdgpu: return -ENOENT from uvd 6.0 early init for harvesting
    - drm/amdgpu: allow harvesting check for Polaris VCE
    - userfaultfd: hugetlbfs: prevent UFFDIO_COPY to fill beyond the end of i_size
    - ocfs2: fstrim: Fix start offset of first cluster group during fstrim
    - fs/hugetlbfs/inode.c: fix hwpoison reserve accounting
    - mm, swap: fix race between swap count continuation operations
    - drm/i915: Do not rely on wm preservation for ILK watermarks
    - drm/i915/edp: read edp display control registers unconditionally
    - Revert "powerpc64/elfv1: Only dereference function descriptor for non-text
      symbols"
    - MIPS: bpf: Fix a typo in build_one_insn()
    - MIPS: smp-cmp: Use right include for task_struct
    - MIPS: microMIPS: Fix incorrect mask in insn_table_MM
    - MIPS: SMP: Fix deadlock & online race
    - Revert "x86: do not use cpufreq_quick_get() for /proc/cpuinfo "cpu MHz""
    - x86: CPU: Fix up "cpu MHz" in /proc/cpuinfo
    - powerpc/kprobes: Dereference function pointers only if the address does not
      belong to kernel text
    - futex: Fix more put_pi_state() vs. exit_pi_state_list() races
    - perf/cgroup: Fix perf cgroup hierarchy support
    - x86/mcelog: Get rid of RCU remnants
    - irqchip/irq-mvebu-gicp: Add missing spin_lock init
    - Linux 4.13.12
  * Artful update to 4.13.11 stable release (LP: #1731961)
    - workqueue: replace pool->manager_arb mutex with a flag
    - nvme-fc: fix iowait hang
    - ALSA: hda/realtek - Add support for ALC236/ALC3204
    - ALSA: hda - fix headset mic problem for Dell machines with alc236
    - ceph: unlock dangling spinlock in try_flush_caps()
    - Fix tracing sample code warning.
    - KVM: PPC: Fix oops when checking KVM_CAP_PPC_HTM
    - KVM: PPC: Book3S HV: POWER9 more doorbell fixes
    - KVM: PPC: Book3S: Protect kvmppc_gpa_to_ua() with SRCU
    - s390/kvm: fix detection of guest machine checks
    - nbd: handle interrupted sendmsg with a sndtimeo set
    - spi: uapi: spidev: add missing ioctl header
    - spi: a3700: Return correct value on timeout detection
    - spi: bcm-qspi: Fix use after free in bcm_qspi_probe() in error path
    - spi: armada-3700: Fix failing commands with quad-SPI
    - ovl: add NULL check in ovl_alloc_inode
    - ovl: fix EIO from lookup of non-indexed upper
    - ovl: handle ENOENT on index lookup
    - ovl: do not cleanup unsupported index entries
    - fuse: fix READDIRPLUS skipping an entry
    - xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap()
    - xen: fix booting ballooned down hvm guest
    - cifs: Select all required crypto modules
    - CIFS: Fix NULL pointer deref on SMB2_tcon() failure
    - Input: elan_i2c - add ELAN0611 to the ACPI table
    - Input: gtco - fix potential out-of-bound access
    - Fix encryption labels and lengths for SMB3.1.1
    - SMB3: Validate negotiate request must always be signed
    - assoc_array: Fix a buggy node-splitting case
    - scsi: zfcp: fix erp_action use-before-initialize in REC action trace
    - scsi: aacraid: Fix controller initialization failure
    - scsi: qla2xxx: Initialize Work element before requesting IRQs
    - scsi: sg: Re-fix off by one in sg_fill_request_table()
    - x86/cpu/AMD: Apply the Erratum 688 fix when the BIOS doesn't
    - drm/amd/powerplay: fix uninitialized variable
    - drm/i915/perf: fix perf enable/disable ioctls with 32bits userspace
    - can: sun4i: fix loopback mode
    - can: kvaser_usb: Correct return value in printout
    - can: kvaser_usb: Ignore CMD_FLUSH_QUEUE_REPLY messages
    - cfg80211: fix connect/disconnect edge cases
    - ipsec: Fix aborted xfrm policy dump crash
    - regulator: fan53555: fix I2C device ids
    - powerpc/xive: Fix the size of the cpumask used in xive_find_target_in_mask()
    - Linux 4.13.11
  * Touchpad not detected - Lenovo ideapad 320-15IKB (LP: #1723736)
    - Input: elan_i2c - add ELAN0611 to the ACPI table
  * Artful update to 4.13.10 stable release (LP: #1731951)
    - staging: bcm2835-audio: Fix memory corruption
    - USB: devio: Revert "USB: devio: Don't corrupt user memory"
    - USB: core: fix out-of-bounds access bug in usb_get_bos_descriptor()
    - USB: serial: metro-usb: add MS7820 device id
    - usb: cdc_acm: Add quirk for Elatec TWN3
    - usb: quirks: add quirk for WORLDE MINI MIDI keyboard
    - usb: hub: Allow reset retry for USB2 devices on connect bounce
    - ALSA: usb-audio: Add native DSD support for Pro-Ject Pre Box S2 Digital
    - can: gs_usb: fix busy loop if no more TX context is available
    - scsi: qla2xxx: Fix uninitialized work element
    - nbd: don't set the device size until we're connected
    - s390/cputime: fix guest/irq/softirq times after CPU hotplug
    - parisc: Fix double-word compare and exchange in LWS code on 32-bit kernels
    - parisc: Fix detection of nonsynchronous cr16 cycle counters
    - iio: dummy: events: Add missing break
    - usb: musb: sunxi: Explicitly release USB PHY on exit
    - USB: musb: fix session-bit runtime-PM quirk
    - USB: musb: fix late external abort on suspend
    - usb: musb: musb_cppi41: Fix the address of teardown and autoreq registers
    - usb: musb: musb_cppi41: Fix cppi41_set_dma_mode() for DA8xx
    - usb: musb: musb_cppi41: Configure the number of channels for DA8xx
    - usb: musb: Check for host-mode using is_host_active() on reset interrupt
    - xhci: Identify USB 3.1 capable hosts by their port protocol capability
    - xhci: Cleanup current_cmd in xhci_cleanup_command_queue()
    - usb: xhci: Reset halted endpoint if trb is noop
    - usb: xhci: Handle error condition in xhci_stop_device()
    - can: esd_usb2: Fix can_dlc value for received RTR, frames
    - can: af_can: can_pernet_init(): add missing error handling for kzalloc
      returning NULL
    - can: flexcan: fix state transition regression
    - can: flexcan: rename legacy error state quirk
    - can: flexcan: implement error passive state quirk
    - can: flexcan: fix i.MX6 state transition issue
    - can: flexcan: fix i.MX28 state transition issue
    - can: flexcan: fix p1010 state transition issue
    - KEYS: encrypted: fix dereference of NULL user_key_payload
    - mmc: sdhci-pci: Fix default d3_retune for Intel host controllers
    - drm/i915: Use bdw_ddi_translations_fdi for Broadwell
    - drm/nouveau/kms/nv50: fix oops during DP IRQ handling on non-MST boards
    - drm/nouveau/bsp/g92: disable by default
    - drm/nouveau/mmu: flush tlbs before deleting page tables
    - media: s5p-cec: add NACK detection support
    - media: cec: Respond to unregistered initiators, when applicable
    - media: dvb: i2c transfers over usb cannot be done from stack
    - tracing/samples: Fix creation and deletion of simple_thread_fn creation
    - ALSA: seq: Enable 'use' locking in all configurations
    - ALSA: hda: Remove superfluous '-' added by printk conversion
    - ALSA: hda: Abort capability probe at invalid register read
    - i2c: ismt: Separate I2C block read from SMBus block read
    - i2c: piix4: Fix SMBus port selection for AMD Family 17h chips
    - Revert "tools/power turbostat: stop migrating, unless '-m'"
    - Input: stmfts - fix setting ABS_MT_POSITION_* maximum size
    - brcmfmac: Add check for short event packets
    - brcmsmac: make some local variables 'static const' to reduce stack size
    - ARM: dts: sun6i: Fix endpoint IDs in second display pipeline
    - bus: mbus: fix window size calculation for 4GB windows
    - clockevents/drivers/cs5535: Improve resilience to spurious interrupts
    - rtlwifi: rtl8821ae: Fix connection lost problem
    - x86/microcode/intel: Disable late loading on model 79
    - lib/digsig: fix dereference of NULL user_key_payload
    - fscrypt: fix dereference of NULL user_key_payload
    - ecryptfs: fix dereference of NULL user_key_payload
    - KEYS: Fix race between updating and finding a negative key
    - FS-Cache: fix dereference of NULL user_key_payload
    - KEYS: don't let add_key() update an uninstantiated key
    - pkcs7: Prevent NULL pointer dereference, since sinfo is not always set.
    - arm64: dts: rockchip: correct vqmmc voltage for rk3399 platforms
    - ALSA: hda - Fix incorrect TLV callback check introduced during set_fs()
      removal
    - iomap_dio_rw: Allocate AIO completion queue before submitting dio
    - xfs: don't unconditionally clear the reflink flag on zero-block files
    - xfs: evict CoW fork extents when performing finsert/fcollapse
    - fs/xfs: Use %pS printk format for direct addresses
    - xfs: report zeroed or not correctly in xfs_zero_range()
    - xfs: update i_size after unwritten conversion in dio completion
    - xfs: perag initialization should only touch m_ag_max_usable for AG 0
    - xfs: Capture state of the right inode in xfs_iflush_done
    - xfs: always swap the cow forks when swapping extents
    - xfs: handle racy AIO in xfs_reflink_end_cow
    - xfs: Don't log uninitialised fields in inode structures
    - xfs: move more RT specific code under CONFIG_XFS_RT
    - xfs: don't change inode mode if ACL update fails
    - xfs: reinit btree pointer on attr tree inactivation walk
    - xfs: handle error if xfs_btree_get_bufs fails
    - xfs: cancel dirty pages on invalidation
    - xfs: trim writepage mapping to within eof
    - xfs: move two more RT specific functions into CONFIG_XFS_RT
    - Linux 4.13.10
  * Artful update to 4.13.9 stable release (LP: #1731926)
    - perf pmu: Unbreak perf record for arm/arm64 with events with explicit PMU
    - mm: page_vma_mapped: ensure pmd is loaded with READ_ONCE outside of lock
    - HID: hid-elecom: extend to fix descriptor for HUGE trackball
    - Drivers: hv: vmbus: Fix rescind handling issues
    - Drivers: hv: vmbus: Fix bugs in rescind handling
    - vmbus: simplify hv_ringbuffer_read
    - vmbus: refactor hv_signal_on_read
    - vmbus: eliminate duplicate cached index
    - vmbus: more host signalling avoidance
    - Linux 4.13.9

 -- Timo Aaltonen <email address hidden>  Sun, 26 Nov 2017 18:24:42 +0200

Available diffs

Superseded in xenial-updates on 2017-12-07
Deleted in xenial-proposed (Reason: NBS)
linux-oem (4.13.0-1008.9) xenial; urgency=low

  * Reading HDA audio capability register crashes the kernel (LP: #1730261)
    - ALSA: hda: Abort capability probe at invalid register read

  * The HDMI audio can't work on all Geminilake machines we have (Dell laptops
    or desktops)  (LP: #1731091)
    - SAUCE: drm/i915: Track minimum acceptable cdclk instead of "minimum
      dotclock"
    - SAUCE: drm/i915: Consolidate max_cdclk_freq check in
      intel_crtc_compute_min_cdclk()
    - SAUCE: drm/i915: set minimum CD clock to twice the BCLK.

  * Backport support for Intel Coffee Lake (LP: #1729842)
    - drm/i915: Fix PCH names for KBP and CNP.
    - drm/i915: Stop using long platform names on clock gating functions.
    - drm/i915/cnp: Wa 1181: Fix Backlight issue
    - drm/i915/cnp: Don't touch other PCH clock gating bits.
    - drm/i915/cnp: Display Wa #1179: WaHardHangonHotPlug
    - drm/i915/cfl: Coffee Lake works on Kaby Lake PCH.
    - drm/i915/cfl: Remove alpha support protection.

  * headset mic can't work on laptops with the codec alc236 (LP: #1729500)
    - ALSA: hda/realtek - Add support for ALC236/ALC3204
    - ALSA: hda - fix headset mic problem for Dell machines with alc236

  * Miscellaneous Ubuntu changes
    - [Config] Sync with master
    - [Packaging] Bump debhelper to 9
    - [Config] Sync annotations with master
    - [Packaging] d-i: Drop kernel-versions diff
    - [Packaging] Add aufs-dkms Provides
    - Rebase to 4.13.0-17.20
    - [Config] update configs following rebase to 4.13.0-17.20
    - [Config] Ignore modules turned built-in

  [ Ubuntu: 4.13.0-17.20 ]

  * linux: 4.13.0-17.20 -proposed tracker (LP: #1728927)
  * thunderx2 ahci errata workaround needs additional delays (LP: #1724117)
    - SAUCE: ahci: thunderx2: stop engine fix update
  * usb 3-1: 2:1: cannot get freq at ep 0x1 (LP: #1708499)
    - ALSA: usb-audio: Add sample rate quirk for Plantronics C310/C520-M
  * Plantronics Blackwire C520-M - Cannot get freq at ep 0x1, 0x81
    (LP: #1709282)
    - ALSA: usb-audio: Add sample rate quirk for Plantronics C310/C520-M
  * TSC_DEADLINE incorrectly disabled inside virtual guests (LP: #1724912)
    - x86/apic: Silence "FW_BUG TSC_DEADLINE disabled due to Errata" on CPUs
      without the feature
    - x86/apic: Silence "FW_BUG TSC_DEADLINE disabled due to Errata" on
      hypervisors
  * x86/apic: Update TSC_DEADLINE quirk with additional SKX stepping
    (LP: #1724612)
    - x86/apic: Update TSC_DEADLINE quirk with additional SKX stepping
  * [Artful] Add support for Dell/Wyse 3040 audio codec (LP: #1723916)
    - SAUCE: ASoC: rt5670: Add support for Wyse 3040
  * [Artful] Some Dell Monitors Doesn't Work Well with Dell/Wyse 3040
    (LP: #1723915)
    - SAUCE: drm/i915: Workaround for DP DPMS D3 on Dell monitor
  * [Artful] Support headset mode for DELL WYSE (LP: #1723913)
    - SAUCE: ALSA: hda/realtek - Add support headset mode for DELL WYSE
  * Touchpad and TrackPoint Dose Not Work on Lenovo X1C6 and X280 (LP: #1723986)
    - SAUCE: Input: synaptics-rmi4 - RMI4 can also use SMBUS version 3
    - SAUCE: Input: synaptics - Lenovo X1 Carbon 5 should use SMBUS/RMI
    - SAUCE: Input: synaptics - add Intertouch support on X1 Carbon 6th and X280
  * Artful update to v4.13.8 stable release (LP: #1724669)
    - USB: dummy-hcd: Fix deadlock caused by disconnect detection
    - MIPS: math-emu: Remove pr_err() calls from fpu_emu()
    - MIPS: bpf: Fix uninitialised target compiler error
    - mei: always use domain runtime pm callbacks.
    - dmaengine: edma: Align the memcpy acnt array size with the transfer
    - dmaengine: ti-dma-crossbar: Fix possible race condition with dma_inuse
    - NFS: Fix uninitialized rpc_wait_queue
    - nfs/filelayout: fix oops when freeing filelayout segment
    - HID: usbhid: fix out-of-bounds bug
    - crypto: skcipher - Fix crash on zero-length input
    - crypto: shash - Fix zero-length shash ahash digest crash
    - KVM: MMU: always terminate page walks at level 1
    - KVM: nVMX: fix guest CR4 loading when emulating L2 to L1 exit
    - usb: renesas_usbhs: Fix DMAC sequence for receiving zero-length packet
    - pinctrl/amd: Fix build dependency on pinmux code
    - iommu/amd: Finish TLB flush in amd_iommu_unmap()
    - device property: Track owner device of device property
    - Revert "vmalloc: back off when the current task is killed"
    - fs/mpage.c: fix mpage_writepage() for pages with buffers
    - ALSA: usb-audio: Kill stray URB at exiting
    - ALSA: seq: Fix use-after-free at creating a port
    - ALSA: seq: Fix copy_from_user() call inside lock
    - ALSA: caiaq: Fix stray URB at probe error path
    - ALSA: line6: Fix NULL dereference at podhd_disconnect()
    - ALSA: line6: Fix missing initialization before error path
    - ALSA: line6: Fix leftover URB at error-path during probe
    - drm/atomic: Unref duplicated drm_atomic_state in drm_atomic_helper_resume()
    - drm/i915/edp: Get the Panel Power Off timestamp after panel is off
    - drm/i915: Read timings from the correct transcoder in intel_crtc_mode_get()
    - drm/i915/bios: parse DDI ports also for CHV for HDMI DDC pin and DP AUX
      channel
    - drm/i915: Use crtc_state_is_legacy_gamma in intel_color_check
    - usb: gadget: configfs: Fix memory leak of interface directory data
    - usb: gadget: composite: Fix use-after-free in
      usb_composite_overwrite_options
    - PCI: aardvark: Move to struct pci_host_bridge IRQ mapping functions
    - Revert "PCI: tegra: Do not allocate MSI target memory"
    - direct-io: Prevent NULL pointer access in submit_page_section
    - fix unbalanced page refcounting in bio_map_user_iov
    - more bio_map_user_iov() leak fixes
    - bio_copy_user_iov(): don't ignore ->iov_offset
    - perf script: Add missing separator for "-F ip,brstack" (and brstackoff)
    - genirq/cpuhotplug: Enforce affinity setting on startup of managed irqs
    - genirq/cpuhotplug: Add sanity check for effective affinity mask
    - USB: serial: ftdi_sio: add id for Cypress WICED dev board
    - USB: serial: cp210x: fix partnum regression
    - USB: serial: cp210x: add support for ELV TFD500
    - USB: serial: option: add support for TP-Link LTE module
    - USB: serial: qcserial: add Dell DW5818, DW5819
    - USB: serial: console: fix use-after-free on disconnect
    - USB: serial: console: fix use-after-free after failed setup
    - RAS/CEC: Use the right length for "cec_disable"
    - x86/microcode: Do the family check first
    - x86/alternatives: Fix alt_max_short macro to really be a max()
    - KVM: nVMX: update last_nonleaf_level when initializing nested EPT
    - Linux 4.13.8
  * Artful update to v4.13.7 stable release (LP: #1724668)
    - watchdog: Revert "iTCO_wdt: all versions count down twice"
    - Linux 4.13.7
  * libvirt - vnc port selection regression with newer kernels (LP: #1722702)
    - net: set tb->fast_sk_family
    - net: use inet6_rcv_saddr to compare sockets
    - inet: fix improper empty comparison
  * powerpc/64s: Add workaround for P9 vector CI load issue (LP: #1721070)
    - powerpc/mce: Move 64-bit machine check code into mce.c
    - powerpc/64s: Add workaround for P9 vector CI load issue
  * Artful update to v4.13.6 stable release (LP: #1723145)
    - imx-media-of: avoid uninitialized variable warning
    - usb: dwc3: ep0: fix DMA starvation by assigning req->trb on ep0
    - mlxsw: spectrum: Fix EEPROM access in case of SFP/SFP+
    - net: bonding: Fix transmit load balancing in balance-alb mode if specified
      by sysfs
    - openvswitch: Fix an error handling path in 'ovs_nla_init_match_and_action()'
    - mlxsw: spectrum: Prevent mirred-related crash on removal
    - net: bonding: fix tlb_dynamic_lb default value
    - net_sched: gen_estimator: fix scaling error in bytes/packets samples
    - net: sched: fix use-after-free in tcf_action_destroy and tcf_del_walker
    - sctp: potential read out of bounds in sctp_ulpevent_type_enabled()
    - tcp: update skb->skb_mstamp more carefully
    - bpf/verifier: reject BPF_ALU64|BPF_END
    - tcp: fix data delivery rate
    - udpv6: Fix the checksum computation when HW checksum does not apply
    - ip6_gre: skb_push ipv6hdr before packing the header in ip6gre_header
    - net: phy: Fix mask value write on gmii2rgmii converter speed register
    - ip6_tunnel: do not allow loading ip6_tunnel if ipv6 is disabled in cmdline
    - net/sched: cls_matchall: fix crash when used with classful qdisc
    - 8139too: revisit napi_complete_done() usage
    - bpf: do not disable/enable BH in bpf_map_free_id()
    - tcp: fastopen: fix on syn-data transmit failure
    - net: emac: Fix napi poll list corruption
    - net: ipv6: fix regression of no RTM_DELADDR sent after DAD failure
    - packet: hold bind lock when rebinding to fanout hook
    - bpf: one perf event close won't free bpf program attached by another perf
      event
    - net: change skb->mac_header when Generic XDP calls adjust_head
    - isdn/i4l: fetch the ppp_write buffer in one shot
    - net_sched: always reset qdisc backlog in qdisc_reset()
    - net: stmmac: Cocci spatch "of_table"
    - net: qcom/emac: specify the correct size when mapping a DMA buffer
    - vti: fix use after free in vti_tunnel_xmit/vti6_tnl_xmit
    - l2tp: fix race condition in l2tp_tunnel_delete
    - tun: bail out from tun_get_user() if the skb is empty
    - net: dsa: mv88e6xxx: Allow dsa and cpu ports in multiple vlans
    - net: dsa: Fix network device registration order
    - packet: in packet_do_bind, test fanout with bind_lock held
    - packet: only test po->has_vnet_hdr once in packet_snd
    - net: dsa: mv88e6xxx: lock mutex when freeing IRQs
    - net: Set sk_prot_creator when cloning sockets to the right proto
    - net/mlx5e: IPoIB, Fix access to invalid memory address
    - netlink: do not proceed if dump's start() errs
    - ip6_gre: ip6gre_tap device should keep dst
    - ip6_tunnel: update mtu properly for ARPHRD_ETHER tunnel device in tx path
    - IPv4: early demux can return an error code
    - tipc: use only positive error codes in messages
    - l2tp: fix l2tp_eth module loading
    - socket, bpf: fix possible use after free
    - net: rtnetlink: fix info leak in RTM_GETSTATS call
    - bpf: fix bpf_tail_call() x64 JIT
    - usb: gadget: core: fix ->udc_set_speed() logic
    - USB: gadgetfs: Fix crash caused by inadequate synchronization
    - USB: gadgetfs: fix copy_to_user while holding spinlock
    - usb: gadget: udc: atmel: set vbus irqflags explicitly
    - usb: gadget: udc: renesas_usb3: fix for no-data control transfer
    - usb: gadget: udc: renesas_usb3: fix Pn_RAMMAP.Pn_MPKT value
    - usb: gadget: udc: renesas_usb3: Fix return value of usb3_write_pipe()
    - usb-storage: unusual_devs entry to fix write-access regression for Seagate
      external drives
    - usb-storage: fix bogus hardware error messages for ATA pass-thru devices
    - usb: renesas_usbhs: fix the BCLR setting condition for non-DCP pipe
    - usb: renesas_usbhs: fix usbhsf_fifo_clear() for RX direction
    - ALSA: usb-audio: Check out-of-bounds access by corrupted buffer descriptor
    - usb: pci-quirks.c: Corrected timeout values used in handshake
    - USB: cdc-wdm: ignore -EPIPE from GetEncapsulatedResponse
    - USB: dummy-hcd: fix connection failures (wrong speed)
    - USB: dummy-hcd: fix infinite-loop resubmission bug
    - USB: dummy-hcd: Fix erroneous synchronization change
    - USB: devio: Prevent integer overflow in proc_do_submiturb()
    - USB: devio: Don't corrupt user memory
    - USB: g_mass_storage: Fix deadlock when driver is unbound
    - USB: uas: fix bug in handling of alternate settings
    - USB: core: harden cdc_parse_cdc_header
    - usb: Increase quirk delay for USB devices
    - USB: fix out-of-bounds in usb_set_configuration
    - usb: xhci: Free the right ring in xhci_add_endpoint()
    - xhci: fix finding correct bus_state structure for USB 3.1 hosts
    - xhci: fix wrong endpoint ESIT value shown in tracing
    - usb: host: xhci-plat: allow sysdev to inherit from ACPI
    - xhci: Fix sleeping with spin_lock_irq() held in ASmedia 1042A workaround
    - Revert "xhci: Limit USB2 port wake support for AMD Promontory hosts"
    - iio: adc: twl4030: Fix an error handling path in 'twl4030_madc_probe()'
    - iio: adc: twl4030: Disable the vusb3v1 rugulator in the error handling path
      of 'twl4030_madc_probe()'
    - iio: ad_sigma_delta: Implement a dedicated reset function
    - staging: iio: ad7192: Fix - use the dedicated reset function avoiding dma
      from stack.
    - iio: core: Return error for failed read_reg
    - IIO: BME280: Updates to Humidity readings need ctrl_reg write!
    - iio: trigger: stm32-timer: preset shouldn't be buffered
    - iio: trigger: stm32-timer: fix a corner case to write preset
    - iio: ad7793: Fix the serial interface reset
    - iio: adc: stm32: fix bad error check on max_channels
    - iio: adc: mcp320x: Fix readout of negative voltages
    - iio: adc: mcp320x: Fix oops on module unload
    - uwb: properly check kthread_run return value
    - uwb: ensure that endpoint is interrupt
    - staging: vchiq_2835_arm: Fix NULL ptr dereference in free_pagelist
    - ksm: fix unlocked iteration over vmas in cmp_and_merge_page()
    - mm, hugetlb, soft_offline: save compound page order before page migration
    - mm, oom_reaper: skip mm structs with mmu notifiers
    - mm: fix RODATA_TEST failure "rodata_test: test data was not read only"
    - mm: avoid marking swap cached page as lazyfree
    - mm: fix data corruption caused by lazyfree page
    - userfaultfd: non-cooperative: fix fork use after free
    - lib/ratelimit.c: use deferred printk() version
    - lsm: fix smack_inode_removexattr and xattr_getsecurity memleak
    - ALSA: compress: Remove unused variable
    - Revert "ALSA: echoaudio: purge contradictions between dimension matrix
      members and total number of members"
    - ALSA: usx2y: Suppress kernel warning at page allocation failures
    - powerpc/powernv: Increase memory block size to 1GB on radix
    - powerpc: Fix action argument for cpufeatures-based TLB flush
    - powerpc/64s: Use emergency stack for kernel TM Bad Thing program checks
    - powerpc/tm: Fix illegal TM state in signal handler
    - percpu: make this_cpu_generic_read() atomic w.r.t. interrupts
    - intel_th: pci: Add Lewisburg PCH support
    - driver core: platform: Don't read past the end of "driver_override" buffer
    - cgroup: Reinit cgroup_taskset structure before cgroup_migrate_execute()
      returns
    - Drivers: hv: fcopy: restore correct transfer length
    - vmbus: don't acquire the mutex in vmbus_hvsock_device_unregister()
    - stm class: Fix a use-after-free
    - auxdisplay: charlcd: properly restore atomic counter on error path
    - ftrace: Fix kmemleak in unregister_ftrace_graph
    - ovl: fix error value printed in ovl_lookup_index()
    - ovl: fix dput() of ERR_PTR in ovl_cleanup_index()
    - ovl: fix dentry leak in ovl_indexdir_cleanup()
    - ovl: fix missing unlock_rename() in ovl_do_copy_up()
    - ovl: fix regression caused by exclusive upper/work dir protection
    - arm64: dt marvell: Fix AP806 system controller size
    - arm64: Ensure the instruction emulation is ready for userspace
    - HID: rmi: Make sure the HID device is opened on resume
    - HID: i2c-hid: allocate hid buffers for real worst case
    - HID: wacom: leds: Don't try to control the EKR's read-only LEDs
    - HID: wacom: Properly report negative values from Intuos Pro 2 Bluetooth
    - HID: wacom: Correct coordinate system of touchring and pen twist
    - HID: wacom: generic: Send MSC_SERIAL and ABS_MISC when leaving prox
    - HID: wacom: generic: Clear ABS_MISC when tool leaves proximity
    - HID: wacom: Always increment hdev refcount within wacom_get_hdev_data
    - HID: wacom: bits shifted too much for 9th and 10th buttons
    - btrfs: avoid overflow when sector_t is 32 bit
    - Btrfs: fix overlap of fs_info::flags values
    - rocker: fix rocker_tlv_put_* functions for KASAN
    - netlink: fix nla_put_{u8,u16,u32} for KASAN
    - dm crypt: reject sector_size feature if device length is not aligned to it
    - dm ioctl: fix alignment of event number in the device list
    - dm crypt: fix memory leak in crypt_ctr_cipher_old()
    - KVM: PPC: Book3S: Fix server always zero from kvmppc_xive_get_xive()
    - kvm/x86: Avoid async PF preempting the kernel incorrectly
    - iwlwifi: mvm: use IWL_HCMD_NOCOPY for MCAST_FILTER_CMD
    - scsi: sd: Implement blacklist option for WRITE SAME w/ UNMAP
    - scsi: sd: Do not override max_sectors_kb sysfs setting
    - brcmfmac: add length check in brcmf_cfg80211_escan_handler()
    - brcmfmac: setup passive scan if requested by user-space
    - drm/i915: always update ELD connector type after get modes
    - drm/i915/bios: ignore HDMI on port A
    - bsg-lib: fix use-after-free under memory-pressure
    - nvme-pci: Use PCI bus address for data/queues in CMB
    - mmc: core: add driver strength selection when selecting hs400es
    - nl80211: Define policy for packet pattern attributes
    - clk: samsung: exynos4: Enable VPLL and EPLL clocks for suspend/resume cycle
    - udp: perform source validation for mcast early demux
    - udp: fix bcast packet reception
    - base: arch_topology: fix section mismatch build warnings
    - Linux 4.13.6
  * Artful update to v4.13.5 stable release (LP: #1721777)
    - cifs: check rsp for NULL before dereferencing in SMB2_open
    - cifs: release cifs root_cred after exit_cifs
    - cifs: release auth_key.response for reconnect.
    - nvme-pci: fix host memory buffer allocation fallback
    - nvme-pci: use appropriate initial chunk size for HMB allocation
    - nvme-pci: propagate (some) errors from host memory buffer setup
    - dax: remove the pmem_dax_ops->flush abstraction
    - dm integrity: do not check integrity for failed read operations
    - mmc: block: Fix incorrectly initialized requests
    - fs/proc: Report eip/esp in /prod/PID/stat for coredumping
    - scsi: scsi_transport_fc: fix NULL pointer dereference in fc_bsg_job_timeout
    - SMB3: Add support for multidialect negotiate (SMB2.1 and later)
    - mac80211: fix VLAN handling with TXQs
    - mac80211_hwsim: Use proper TX power
    - mac80211: flush hw_roc_start work before cancelling the ROC
    - mac80211: fix deadlock in driver-managed RX BA session start
    - genirq: Make sparse_irq_lock protect what it should protect
    - genirq/msi: Fix populating multiple interrupts
    - genirq: Fix cpumask check in __irq_startup_managed()
    - KVM: PPC: Book3S HV: Hold kvm->lock around call to kvmppc_update_lpcr
    - KVM: PPC: Book3S HV: Fix bug causing host SLB to be restored incorrectly
    - KVM: PPC: Book3S HV: Don't access XIVE PIPR register using byte accesses
    - tracing: Fix trace_pipe behavior for instance traces
    - tracing: Erase irqsoff trace with empty write
    - tracing: Remove RCU work arounds from stack tracer
    - md/raid5: fix a race condition in stripe batch
    - md/raid5: preserve STRIPE_ON_UNPLUG_LIST in break_stripe_batch_list
    - scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't parse
      nlmsg properly
    - scsi: aacraid: Fix 2T+ drives on SmartIOC-2000
    - scsi: aacraid: Add a small delay after IOP reset
    - drm/exynos: Fix locking in the suspend/resume paths
    - drm/i915/gvt: Fix incorrect PCI BARs reporting
    - Revert "drm/i915/bxt: Disable device ready before shutdown command"
    - drm/amdgpu: revert tile table update for oland
    - drm/radeon: disable hard reset in hibernate for APUs
    - crypto: drbg - fix freeing of resources
    - crypto: talitos - Don't provide setkey for non hmac hashing algs.
    - crypto: talitos - fix sha224
    - crypto: talitos - fix hashing
    - security/keys: properly zero out sensitive key material in big_key
    - security/keys: rewrite all of big_key crypto
    - KEYS: fix writing past end of user-supplied buffer in keyring_read()
    - KEYS: prevent creating a different user's keyrings
    - KEYS: prevent KEYCTL_READ on negative key
    - libnvdimm, namespace: fix btt claim class crash
    - powerpc/eeh: Create PHB PEs after EEH is initialized
    - powerpc/pseries: Fix parent_dn reference leak in add_dt_node()
    - powerpc/tm: Flush TM only if CPU has TM feature
    - MIPS: Fix perf event init
    - s390/perf: fix bug when creating per-thread event
    - s390/mm: make pmdp_invalidate() do invalidation only
    - s390/mm: fix write access check in gup_huge_pmd()
    - PM: core: Fix device_pm_check_callbacks()
    - Revert "IB/ipoib: Update broadcast object if PKey value was changed in index
      0"
    - Fix SMB3.1.1 guest authentication to Samba
    - SMB3: Fix endian warning
    - SMB3: Warn user if trying to sign connection that authenticated as guest
    - SMB: Validate negotiate (to protect against downgrade) even if signing off
    - SMB3: handle new statx fields
    - SMB3: Don't ignore O_SYNC/O_DSYNC and O_DIRECT flags
    - vfs: Return -ENXIO for negative SEEK_HOLE / SEEK_DATA offsets
    - libceph: don't allow bidirectional swap of pg-upmap-items
    - nl80211: check for the required netlink attributes presence
    - brd: fix overflow in __brd_direct_access
    - gfs2: Fix debugfs glocks dump
    - bsg-lib: don't free job in bsg_prepare_job
    - iw_cxgb4: drop listen destroy replies if no ep found
    - iw_cxgb4: remove the stid on listen create failure
    - iw_cxgb4: put ep reference in pass_accept_req()
    - rcu: Allow for page faults in NMI handlers
    - mmc: sdhci-pci: Fix voltage switch for some Intel host controllers
    - extable: Consolidate *kernel_text_address() functions
    - extable: Enable RCU if it is not watching in kernel_text_address()
    - seccomp: fix the usage of get/put_seccomp_filter() in seccomp_get_filter()
    - arm64: Make sure SPsel is always set
    - arm64: fault: Route pte translation faults via do_translation_fault
    - KVM: VMX: extract __pi_post_block
    - KVM: VMX: avoid double list add with VT-d posted interrupts
    - KVM: VMX: simplify and fix vmx_vcpu_pi_load
    - KVM: nVMX: fix HOST_CR3/HOST_CR4 cache
    - kvm/x86: Handle async PF in RCU read-side critical sections
    - kvm: nVMX: Don't allow L2 to access the hardware CR8
    - xfs: validate bdev support for DAX inode flag
    - fix infoleak in waitid(2)
    - sched/sysctl: Check user input value of sysctl_sched_time_avg
    - irq/generic-chip: Don't replace domain's name
    - mtd: Fix partition alignment check on multi-erasesize devices
    - mtd: nand: atmel: fix buffer overflow in atmel_pmecc_user
    - etnaviv: fix submit error path
    - etnaviv: fix gem object list corruption
    - futex: Fix pi_state->owner serialization
    - md: fix a race condition for flush request handling
    - md: separate request handling
    - PCI: Fix race condition with driver_override
    - btrfs: fix NULL pointer dereference from free_reloc_roots()
    - btrfs: clear ordered flag on cleaning up ordered extents
    - btrfs: finish ordered extent cleaning if no progress is found
    - btrfs: propagate error to btrfs_cmp_data_prepare caller
    - btrfs: prevent to set invalid default subvolid
    - platform/x86: fujitsu-laptop: Don't oops when FUJ02E3 is not presnt
    - PM / OPP: Call notifier without holding opp_table->lock
    - x86/mm: Fix fault error path using unsafe vma pointer
    - x86/fpu: Don't let userspace set bogus xcomp_bv
    - KVM: VMX: do not change SN bit in vmx_update_pi_irte()
    - KVM: VMX: remove WARN_ON_ONCE in kvm_vcpu_trigger_posted_interrupt
    - KVM: VMX: use cmpxchg64
    - video: fbdev: aty: do not leak uninitialized padding in clk to userspace
    - Linux 4.13.5
    - [Config] Update configs for v4.13.5

 -- Timo Aaltonen <email address hidden>  Mon, 13 Nov 2017 19:43:44 +0200

Available diffs

Deleted in xenial-proposed on 2017-11-17 (Reason: NBS)
linux-oem (4.13.0-1007.8) xenial; urgency=low

  * mwifiex cannot connect to wifi AP when keeping wireless connection idle for
    more than 60 seconds (LP: #1725154)
    - SAUCE: cfg80211: workaround for mwifiex

  * Touchpad and TrackPoint Dose Not Work on Lenovo X1C6 and X280 (LP: #1723986)
    - SAUCE: Input: synaptics-rmi4 - RMI4 can also use SMBUS version 3
    - SAUCE: Input: synaptics - Lenovo X1 Carbon 5 should use SMBUS/RMI
    - SAUCE: Input: synaptics - add Intertouch support on X1 Carbon 6th and X280

  * [Artful] Add support for Dell/Wyse 3040 audio codec (LP: #1723916)
    - SAUCE: ASoC: rt5670: Add support for Wyse 3040

  * [Artful] Some Dell Monitors Doesn't Work Well with Dell/Wyse 3040
    (LP: #1723915)
    - SAUCE: drm/i915: Workaround for DP DPMS D3 on Dell monitor

  * [Artful] Support headset mode for DELL WYSE (LP: #1723913)
    - SAUCE: ALSA: hda/realtek - Add support headset mode for DELL WYSE

  * Miscellaneous Ubuntu changes
    - Rebase to 4.13.0-16.19

  [ Ubuntu: 4.13.0-16.19 ]

  * 20170817 - ISO hangs on boot on qemu with splash screen enabled and qxl
    graphics driver (LP: #1711358)
    - qxl: fix framebuffer unpinning
  * [Bug] USB controller failed to respond on Denverton after loading
    intel_th_pci module (LP: #1715833)
    - SAUCE: PCI: Disable broken RTIT_BAR of Intel TH
  * CVE-2017-5123
    - waitid(): Add missing access_ok() checks

 -- Timo Aaltonen <email address hidden>  Fri, 20 Oct 2017 10:41:16 +0300
139 of 39 results