Change log for linux-oem package in Ubuntu

124 of 24 results
Published in xenial-security 23 hours ago
Published in xenial-updates 22 hours ago
Deleted in xenial-proposed (Reason: moved to -updates)
linux-oem (4.13.0-1028.31) xenial; urgency=medium

  [ Ubuntu: 4.13.0-43.48 ]

  * CVE-2018-3639 (powerpc)
    - SAUCE: rfi-flush: update H_CPU_* macro names to upstream
    - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to
      upstream
    - SAUCE: update pseries_setup_rfi_flush() capitalization to upstream
    - powerpc/pseries: Support firmware disable of RFI flush
    - powerpc/powernv: Support firmware disable of RFI flush
    - powerpc/64s: Allow control of RFI flush via debugfs
    - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
    - powerpc/rfi-flush: Always enable fallback flush on pseries
    - powerpc/rfi-flush: Differentiate enabled and patched flush types
    - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
    - powerpc: Add security feature flags for Spectre/Meltdown
    - powerpc/powernv: Set or clear security feature flags
    - powerpc/pseries: Set or clear security feature flags
    - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
    - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
    - powerpc/pseries: Fix clearing of security feature flags
    - powerpc: Move default security feature flags
    - powerpc/pseries: Restore default security feature flags on setup
    - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit
  * CVE-2018-3639 (x86)
    - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES
    - SAUCE: x86: Add alternative_msr_write
    - x86/nospec: Simplify alternative_msr_write()
    - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
    - x86/bugs: Concentrate bug detection into a separate function
    - x86/bugs: Concentrate bug reporting into a separate function
    - x86/msr: Add definitions for new speculation control MSRs
    - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
    - x86/bugs, KVM: Support the combination of guest and host IBRS
    - x86/bugs: Expose /sys/../spec_store_bypass
    - x86/cpufeatures: Add X86_FEATURE_RDS
    - x86/bugs: Provide boot parameters for the spec_store_bypass_disable
      mitigation
    - x86/bugs/intel: Set proper CPU features and setup RDS
    - x86/bugs: Whitelist allowed SPEC_CTRL MSR values
    - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
    - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
    - x86/speculation: Create spec-ctrl.h to avoid include hell
    - prctl: Add speculation control prctls
    - x86/process: Allow runtime control of Speculative Store Bypass
    - x86/speculation: Add prctl for Speculative Store Bypass mitigation
    - nospec: Allow getting/setting on non-current task
    - proc: Provide details on speculation flaw mitigations
    - seccomp: Enable speculation flaw mitigations
    - SAUCE: x86/bugs: Honour SPEC_CTRL default
    - x86/bugs: Make boot modes __ro_after_init
    - prctl: Add force disable speculation
    - seccomp: Use PR_SPEC_FORCE_DISABLE
    - seccomp: Add filter flag to opt-out of SSB mitigation
    - seccomp: Move speculation migitation control to arch code
    - x86/speculation: Make "seccomp" the default mode for Speculative Store
      Bypass
    - x86/bugs: Rename _RDS to _SSBD
    - proc: Use underscores for SSBD in 'status'
    - Documentation/spec_ctrl: Do some minor cleanups
    - x86/bugs: Fix __ssb_select_mitigation() return type
    - x86/bugs: Make cpu_show_common() static
  * LSM Stacking prctl values should be redefined as to not collide with
    upstream prctls (LP: #1769263) // CVE-2018-3639
    - SAUCE: LSM stacking: adjust prctl values

Published in cosmic-proposed 14 hours ago
Published in bionic-security 23 hours ago
Published in bionic-updates 22 hours ago
Deleted in bionic-proposed (Reason: moved to -updates)
linux-oem (4.15.0-1006.9) bionic; urgency=medium

  * linux-image-4.15.0-20-generic install after upgrade from xenial breaks
    (LP: #1767133)
    - Packaging: Depends on linux-base that provides the necessary tools

  [ Ubuntu: 4.15.0-22.24 ]

  * CVE-2018-3639 (powerpc)
    - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit
    - stf-barrier: set eieio instruction bit 6 for future optimisations
  * CVE-2018-3639 (x86)
    - x86/nospec: Simplify alternative_msr_write()
    - x86/bugs: Concentrate bug detection into a separate function
    - x86/bugs: Concentrate bug reporting into a separate function
    - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
    - x86/bugs, KVM: Support the combination of guest and host IBRS
    - x86/bugs: Expose /sys/../spec_store_bypass
    - x86/cpufeatures: Add X86_FEATURE_RDS
    - x86/bugs: Provide boot parameters for the spec_store_bypass_disable
      mitigation
    - x86/bugs/intel: Set proper CPU features and setup RDS
    - x86/bugs: Whitelist allowed SPEC_CTRL MSR values
    - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
    - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
    - x86/speculation: Create spec-ctrl.h to avoid include hell
    - prctl: Add speculation control prctls
    - x86/process: Allow runtime control of Speculative Store Bypass
    - x86/speculation: Add prctl for Speculative Store Bypass mitigation
    - nospec: Allow getting/setting on non-current task
    - proc: Provide details on speculation flaw mitigations
    - seccomp: Enable speculation flaw mitigations
    - x86/bugs: Make boot modes __ro_after_init
    - prctl: Add force disable speculation
    - seccomp: Use PR_SPEC_FORCE_DISABLE
    - seccomp: Add filter flag to opt-out of SSB mitigation
    - seccomp: Move speculation migitation control to arch code
    - x86/speculation: Make "seccomp" the default mode for Speculative Store
      Bypass
    - x86/bugs: Rename _RDS to _SSBD
    - proc: Use underscores for SSBD in 'status'
    - Documentation/spec_ctrl: Do some minor cleanups
    - x86/bugs: Fix __ssb_select_mitigation() return type
    - x86/bugs: Make cpu_show_common() static
  * LSM Stacking prctl values should be redefined as to not collide with
    upstream prctls (LP: #1769263) // CVE-2018-3639
    - SAUCE: LSM stacking: adjust prctl values

Deleted in cosmic-proposed (Reason: NBS)
Superseded in bionic-proposed on 2018-05-21
linux-oem (4.15.0-1005.8) bionic; urgency=medium

  * linux-oem: 4.15.0-1005.8 -proposed tracker (LP: #1767398)
    - source built with a clean tree

  * [i915 CNL-Y] system hangs soon after bootup (LP: #1769843)
    - SAUCE: drm/i915/execlists: Use rmb() to order CSB reads

  * hts221 sensor stops working after resume from S3/S4 (LP: #1769658)
    - SAUCE: iio: humidity: hts221: Fix sensor reads after resume

  * Support Intel Atom (Baytrail-I) HS-UART serdev slaves over tty
    (LP: #1769610)
    - serdev: ttyport: release tty lock sooner on open
    - serdev: ttyport: ignore carrier detect to avoid hangups
    - serdev: ttyport: do not used keyed wakeup in write_wakeup
    - serdev: Make .remove in struct serdev_device_driver optional
    - serdev: Introduce devm_serdev_device_open()
    - serdev: do not generate modaliases for controllers
    - serdev: only match serdev devices
    - serdev: add method to set parity
    - SAUCE: (no-up) Support HS-UART serdev slaves over tty
    - [Config] CONFIG_HSUART_SERIAL_DEVICE=y

  * Support latest Redpine WLAN/BT RS9113 driver (LP: #1657682)
    - SAUCE: rsi: add rx control block to handle rx packets in USB
    - SAUCE: rsi: add bluetooth rx endpoint
    - SAUCE: rsi: add header file rsi_91x
    - SAUCE: rsi: add coex support
    - SAUCE: Bluetooth: bt: rsi: add new rsi bluetooth driver
    - SAUCE: rsi: handle BT traffic in driver
    - SAUCE: rsi: add module parameter operating mode
    - SAUCE: rsi: sdio changes to support BT
    - SAUCE: rsi: improve RX handling in SDIO interface
    - SAUCE: rsi: use dynamic RX control blocks instead of MAX_RX_URB
    - SAUCE: rsi: improve RX packet handling in USB interface
    - SAUCE: rsi: add support for hardware scan offload
    - SAUCE: rsi: move xtend_desc structure from rsi_main.h to rsi_mgmt.h
    - SAUCE: rsi: move descriptor preparation to core
    - SAUCE: rsi: enable 80MHz clock by default
    - SAUCE: rsi: roaming enhancements
    - SAUCE: rsi: add module parameter rsi_reg
    - SAUCE: rsi: regulatory modifications for 'dlcar' mode
    - SAUCE: rsi: device disconnect changes
    - SAUCE: rsi: tx improvements
    - SAUCE: rsi: drop RX broadcast/multicast packets with invalid PN
    - SAUCE: rsi: fix for incorrect data pointer alignment in 64-bit
    - SAUCE: rsi: Remove stack VLA usage
    - SAUCE: rsi: fix nommu_map_sg overflow kernel panic
    - SAUCE: rsi: Fix 'invalid vdd' warning in mmc
    - SAUCE: Redpine: Fix wowlan issue with S4
    - SAUCE: Redpine: rsi: Add deep sleep enable before connection
    - SAUCE: Redpine: resolve power save issue after S4 resume
    - SAUCE: Redpine: rsi: resolve wifi scan stop issue in stress tests
    - SAUCE: rsi: Firmware assert
    - SAUCE: Added fix for connection issue observed with nmcli command.
    - SAUCE: Added fix for hang issue observed during hibernate resume.
    - SAUCE: Added fix for issue power off when connected to AP through nmcli.
    - SAUCE: rsi: improve cancel_hw_scan handling to fix kernel panic
    - [Config]: CONFIG_BT_HCIRSI=m

  * Support latest Redpine WLAN/BT RS9113 driver (LP: #1657682) // INVALID or
    PRIVATE BUG (LP: #1736097) // INVALID or PRIVATE BUG (LP: #1738169)
    - SAUCE: Redpine: fix wowlan issue
    - SAUCE: Redpine: fix reset card issue
    - SAUCE: Redpine: fix for wowlan wakeup failure

  * Support latest Redpine WLAN/BT RS9113 driver (LP: #1657682) // ubuntu/rsi
    driver downlink wifi throughput drops to 5-6 Mbps when BT keyboard is
    connected (LP: #1706991)
    - SAUCE: Redpine: uapsd configuration changes

  * Miscellaneous Ubuntu changes
    - Rebase to 4.15.0-21.22
    - [Config] update configs following rebase to 4.15.0-21.22

  [ Ubuntu: 4.15.0-21.22 ]

  * linux: 4.15.0-21.22 -proposed tracker (LP: #1767397)
  * initramfs-tools exception during pm.DoInstall with  do-release-upgrade from
    16.04 to 18.04  (LP: #1766727)
    - Add linux-image-* Breaks on s390-tools (<< 2.3.0-0ubuntu3)
  * linux-image-4.15.0-20-generic install after upgrade from xenial breaks
    (LP: #1767133)
    - Packaging: Depends on linux-base that provides the necessary tools
  * linux-image packages need to Breaks flash-kernel << 3.90ubuntu2
    (LP: #1766629)
    - linux-image-* breaks on flash-kernel (<< 3.90ubuntu2)

 -- Timo Aaltonen <email address hidden>  Thu, 10 May 2018 11:53:22 +0300
Superseded in xenial-proposed on 2018-05-21
linux-oem (4.13.0-1027.30) xenial; urgency=medium

  * linux-oem: 4.13.0-1027.30 -proposed tracker (LP: #1769996)

  * set PINCFG_HEADSET_MIC to parse_flags for Dell precision 3630 (LP: #1766398)
    - ALSA: hda/realtek - set PINCFG_HEADSET_MIC to parse_flags

  * Change the location for one of two front mics on a lenovo thinkcentre
    machine (LP: #1766477)
    - ALSA: hda/realtek - adjust the location of one mic

  * Update btusb reset-resume quirk to decrease power usage (LP: #1766197)
    - SAUCE: Revert "usb: quirks: Add reset-resume quirk for Dell DW1820 QCA Rome
      Bluetooth"
    - Bluetooth: btusb: Use DMI matching for QCA reset_resume quirking
    - Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table
    - Bluetooth: btusb: Add Dell OptiPlex 3060 to btusb_needs_reset_resume_table

  * Update Aquantia driver to fix various issues (LP: #1759303)
    - SAUCE: Revert "net: aquantia: Reset nic statistics on interface up/down"
    - SAUCE: Revert "net: aquantia: Add queue restarts stats counter"
    - SAUCE: Revert "net: aquantia: Fixed transient link up/down/up notification"
    - SAUCE: Revert "net: aquantia: Limit number of MSIX irqs to the number of
      cpus"
    - SAUCE: Revert "net: aquantia: mmio unmap was not performed on driver
      removal"
    - SAUCE: Revert "net: aquantia: Enable coalescing management via ethtool
      interface"
    - SAUCE: Revert "net: aquantia: Reset nic statistics on interface up/down"
    - SAUCE: Revert "aquantia: Fix Tx queue hangups"
    - SAUCE: Revert "net: aquantia: Bad udp rate on default interrupt coalescing"
    - aquantia: Switch to use napi_gro_receive
    - aquantia: Setup max_mtu in ndev to enable jumbo frames
    - aquantia: Fix Tx queue hangups
    - aquantia: Fix transient invalid link down/up indications
    - atlantic: fix iommu errors
    - net: aquantia: Reset nic statistics on interface up/down
    - net: aquantia: Add queue restarts stats counter
    - net: aquantia: Fixed transient link up/down/up notification
    - net: aquantia: Limit number of MSIX irqs to the number of cpus
    - net: aquantia: mmio unmap was not performed on driver removal
    - net: aquantia: Enable coalescing management via ethtool interface
    - net: aquantia: Bad udp rate on default interrupt coalescing
    - net: aquantia: Fix actual speed capabilities reporting
    - net: aquantia: Fix hardware DMA stream overload on large MRRS
    - net: aquantia: Extend stat counters to 64bit values
    - net: aquantia: Fill ndev stat couters from hardware
    - net: aquantia: Fill in multicast counter in ndev stats from hardware
    - net: aquantia: Improve link state and statistics check interval callback
    - net: aquantia: Update hw counters on hw init
    - net: aquantia: Fix typo in ethtool statistics names
    - net: aquantia: Increment driver version
    - net: aquantia: Eliminate AQ_DIMOF, replace with ARRAY_SIZE
    - net: aquantia: Cleanup status flags accesses
    - net: aquantia: Cleanup hardware access modules
    - net: aquantia: Remove duplicate hardware descriptors declarations
    - net: aquantia: Add const qualifiers for hardware ops tables
    - net: aquantia: Simplify dependencies between pci modules
    - net: aquantia: Eliminate aq_nic structure abstraction
    - net: aquantia: Fix register definitions to linux style
    - net: aquantia: Prepend hw access functions declarations with prefix
    - net: aquantia: Fix internal stats calculation on rx
    - net: aquantia: Introduce new device ids and constants
    - net: aquantia: Introduce new AQC devices and capabilities
    - net: aquantia: Convert hw and caps structures to const static pointers
    - net: aquantia: Cleanup pci functions module
    - net: aquantia: Remove create/destroy from hw ops
    - net: aquantia: Change confusing no_ff_addr to more meaningful name
    - net: aquantia: Introduce firmware ops callbacks
    - net: aquantia: Introduce support for new firmware on AQC cards
    - net: aquantia: Introduce global AQC hardware reset sequence
    - net: aquantia: Report correct mediatype via ethtool
    - net: aquantia: bump driver version to match aquantia internal numbering
    - net: aquantia: Fix hardware reset when SPI may rarely hangup
    - net: aquantia: Fix a regression with reset on old firmware
    - net: aquantia: Change inefficient wait loop on fw data reads
    - net: aquantia: Add tx clean budget and valid budget handling logic
    - net: aquantia: Allow live mac address changes
    - net: aquantia: Implement pci shutdown callback
    - net: aquantia: driver version bump

  * Fix an issue that some PCI devices get incorrectly suspended (LP: #1764684)
    - SAUCE: PCI / PM: Always check PME wakeup capability for runtime wakeup
      support

  * Miscellaneous Ubuntu changes
    - Rebase to 4.13.0-42.47

  [ Ubuntu: 4.13.0-42.47 ]

  * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993)
  * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850)
    - arm64: fix CONFIG_DEBUG_WX address reporting
  * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977)
    - net: hns: Avoid action name truncation
  * CVE-2017-18208
    - mm/madvise.c: fix madvise() infinite loop under special circumstances
  * CVE-2018-8822
    - staging: ncpfs: memory corruption in ncp_read_kernel()
  * CVE-2017-18203
    - dm: fix race between dm_get_from_kobject() and __dm_destroy()
  * CVE-2017-17449
    - netlink: Add netns check on taps
  * CVE-2017-17975
    - media: usbtv: prevent double free in error case
  * [8086:3e92] display becomes blank after S3 (LP: #1763271)
    - drm/i915/edp: Allow alternate fixed mode for eDP if available.
    - drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp
    - drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp
    - drm/i915/edp: Do not do link training fallback or prune modes on EDP
  * sky2 gigabit ethernet driver sometimes stops working after lid-open resume
    from sleep (88E8055) (LP: #1758507)
    - sky2: Increase D3 delay to sky2 stops working after suspend
  * perf vendor events arm64: Enable JSON events for ThunderX2 B0 (LP: #1760712)
    - perf vendor events arm64: Enable JSON events for ThunderX2 B0
  * No network with e1000e driver on 4.13.0-38-generic (LP: #1762693)
    - e1000e: Fix e1000_check_for_copper_link_ich8lan return value.
  * /dev/ipmi enumeration flaky on Cavium Sabre nodes (LP: #1762812)
    - i2c: xlp9xx: return ENXIO on slave address NACK
    - i2c: xlp9xx: Handle transactions with I2C_M_RECV_LEN properly
    - i2c: xlp9xx: Check for Bus state before every transfer
    - i2c: xlp9xx: Handle NACK on DATA properly
  * "ip a" command on a guest VM shows UNKNOWN status (LP: #1761534)
    - virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS
  * fix regression in mm/hotplug, allows NVIDIA driver to work (LP: #1761104)
    - SAUCE: Fix revert "mm, memory_hotplug: do not associate hotadded memory to
      zones until online"
  * ibrs/ibpb fixes result in excessive kernel logging  (LP: #1755627)
    - SAUCE: remove ibrs_dump sysctl interface

  [ Ubuntu: 4.13.0-41.46 ]

  * CVE-2018-8897
    - x86/entry/64: Don't use IST entry for #BP stack
  * CVE-2018-1087
    - kvm/x86: fix icebp instruction handling
  * CVE-2018-1000199
    - perf/hwbp: Simplify the perf-hwbp code, fix documentation

 -- Timo Aaltonen <email address hidden>  Wed, 09 May 2018 16:15:50 +0300
Superseded in xenial-security 23 hours ago
Superseded in xenial-updates 22 hours ago
Deleted in xenial-proposed (Reason: moved to -updates)
linux-oem (4.13.0-1026.29) xenial; urgency=medium

  [ Ubuntu: 4.13.0-41.46 ]

  * CVE-2018-8897
    - x86/entry/64: Don't use IST entry for #BP stack
  * CVE-2018-1087
    - kvm/x86: fix icebp instruction handling
  * CVE-2018-1000199
    - perf/hwbp: Simplify the perf-hwbp code, fix documentation

 -- Kleber Sacilotto de Souza <email address hidden>  Fri, 04 May 2018 10:59:20 +0200
Deleted in xenial-proposed on 2018-05-11 (Reason: NBS)
linux-oem (4.13.0-1025.28) xenial; urgency=medium

  * linux-oem: 4.13.0-1025.28 -proposed tracker (LP: #1766599)

  * set PINCFG_HEADSET_MIC to parse_flags for Dell precision 3630 (LP: #1766398)
    - ALSA: hda/realtek - set PINCFG_HEADSET_MIC to parse_flags

  * Chang the location for one of two front mics on a lenovo thinkcentre machine
    (LP: #1766477)
    - ALSA: hda/realtek - adjust the location of one mic

  * Update btusb reset-resume quirk to decrease power usage (LP: #1766197)
    - SAUCE: Revert "usb: quirks: Add reset-resume quirk for Dell DW1820 QCA Rome
      Bluetooth"
    - Bluetooth: btusb: Use DMI matching for QCA reset_resume quirking
    - Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table
    - Bluetooth: btusb: Add Dell OptiPlex 3060 to btusb_needs_reset_resume_table

  * Update Aquantia driver to fix various issues (LP: #1759303)
    - SAUCE: Revert "net: aquantia: Reset nic statistics on interface up/down"
    - SAUCE: Revert "net: aquantia: Add queue restarts stats counter"
    - SAUCE: Revert "net: aquantia: Fixed transient link up/down/up notification"
    - SAUCE: Revert "net: aquantia: Limit number of MSIX irqs to the number of
      cpus"
    - SAUCE: Revert "net: aquantia: mmio unmap was not performed on driver
      removal"
    - SAUCE: Revert "net: aquantia: Enable coalescing management via ethtool
      interface"
    - SAUCE: Revert "net: aquantia: Reset nic statistics on interface up/down"
    - SAUCE: Revert "aquantia: Fix Tx queue hangups"
    - SAUCE: Revert "net: aquantia: Bad udp rate on default interrupt coalescing"
    - aquantia: Switch to use napi_gro_receive
    - aquantia: Setup max_mtu in ndev to enable jumbo frames
    - aquantia: Fix Tx queue hangups
    - aquantia: Fix transient invalid link down/up indications
    - atlantic: fix iommu errors
    - net: aquantia: Reset nic statistics on interface up/down
    - net: aquantia: Add queue restarts stats counter
    - net: aquantia: Fixed transient link up/down/up notification
    - net: aquantia: Limit number of MSIX irqs to the number of cpus
    - net: aquantia: mmio unmap was not performed on driver removal
    - net: aquantia: Enable coalescing management via ethtool interface
    - net: aquantia: Bad udp rate on default interrupt coalescing
    - net: aquantia: Fix actual speed capabilities reporting
    - net: aquantia: Fix hardware DMA stream overload on large MRRS
    - net: aquantia: Extend stat counters to 64bit values
    - net: aquantia: Fill ndev stat couters from hardware
    - net: aquantia: Fill in multicast counter in ndev stats from hardware
    - net: aquantia: Improve link state and statistics check interval callback
    - net: aquantia: Update hw counters on hw init
    - net: aquantia: Fix typo in ethtool statistics names
    - net: aquantia: Increment driver version
    - net: aquantia: Eliminate AQ_DIMOF, replace with ARRAY_SIZE
    - net: aquantia: Cleanup status flags accesses
    - net: aquantia: Cleanup hardware access modules
    - net: aquantia: Remove duplicate hardware descriptors declarations
    - net: aquantia: Add const qualifiers for hardware ops tables
    - net: aquantia: Simplify dependencies between pci modules
    - net: aquantia: Eliminate aq_nic structure abstraction
    - net: aquantia: Fix register definitions to linux style
    - net: aquantia: Prepend hw access functions declarations with prefix
    - net: aquantia: Fix internal stats calculation on rx
    - net: aquantia: Introduce new device ids and constants
    - net: aquantia: Introduce new AQC devices and capabilities
    - net: aquantia: Convert hw and caps structures to const static pointers
    - net: aquantia: Cleanup pci functions module
    - net: aquantia: Remove create/destroy from hw ops
    - net: aquantia: Change confusing no_ff_addr to more meaningful name
    - net: aquantia: Introduce firmware ops callbacks
    - net: aquantia: Introduce support for new firmware on AQC cards
    - net: aquantia: Introduce global AQC hardware reset sequence
    - net: aquantia: Report correct mediatype via ethtool
    - net: aquantia: bump driver version to match aquantia internal numbering
    - net: aquantia: Fix hardware reset when SPI may rarely hangup
    - net: aquantia: Fix a regression with reset on old firmware
    - net: aquantia: Change inefficient wait loop on fw data reads
    - net: aquantia: Add tx clean budget and valid budget handling logic
    - net: aquantia: Allow live mac address changes
    - net: aquantia: Implement pci shutdown callback
    - net: aquantia: driver version bump

  * Fix an issue that some PCI devices get incorrectly suspended (LP: #1764684)
    - SAUCE: PCI / PM: Always check PME wakeup capability for runtime wakeup
      support

  * Miscellaneous Ubuntu changes
    - Rebase to 4.13.0-40.45

  [ Ubuntu: 4.13.0-40.45 ]

  * linux: 4.13.0-40.45 -proposed tracker (LP: #1766592)
  * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850)
    - arm64: fix CONFIG_DEBUG_WX address reporting
  * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977)
    - net: hns: Avoid action name truncation
  * CVE-2017-18208
    - mm/madvise.c: fix madvise() infinite loop under special circumstances
  * CVE-2018-8822
    - staging: ncpfs: memory corruption in ncp_read_kernel()
  * CVE-2017-18203
    - dm: fix race between dm_get_from_kobject() and __dm_destroy()
  * CVE-2017-17449
    - netlink: Add netns check on taps
  * CVE-2017-17975
    - media: usbtv: prevent double free in error case
  * [8086:3e92] display becomes blank after S3 (LP: #1763271)
    - drm/i915/edp: Allow alternate fixed mode for eDP if available.
    - drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp
    - drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp
    - drm/i915/edp: Do not do link training fallback or prune modes on EDP
  * sky2 gigabit ethernet driver sometimes stops working after lid-open resume
    from sleep (88E8055) (LP: #1758507)
    - sky2: Increase D3 delay to sky2 stops working after suspend
  * perf vendor events arm64: Enable JSON events for ThunderX2 B0 (LP: #1760712)
    - perf vendor events arm64: Enable JSON events for ThunderX2 B0
  * No network with e1000e driver on 4.13.0-38-generic (LP: #1762693)
    - e1000e: Fix e1000_check_for_copper_link_ich8lan return value.
  * /dev/ipmi enumeration flaky on Cavium Sabre nodes (LP: #1762812)
    - i2c: xlp9xx: return ENXIO on slave address NACK
    - i2c: xlp9xx: Handle transactions with I2C_M_RECV_LEN properly
    - i2c: xlp9xx: Check for Bus state before every transfer
    - i2c: xlp9xx: Handle NACK on DATA properly
  * "ip a" command on a guest VM shows UNKNOWN status (LP: #1761534)
    - virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS
  * fix regression in mm/hotplug, allows NVIDIA driver to work (LP: #1761104)
    - SAUCE: Fix revert "mm, memory_hotplug: do not associate hotadded memory to
      zones until online"
  * ibrs/ibpb fixes result in excessive kernel logging  (LP: #1755627)
    - SAUCE: remove ibrs_dump sysctl interface

 -- Timo Aaltonen <email address hidden>  Thu, 26 Apr 2018 11:27:11 +0300

Available diffs

Published in cosmic-release on 2018-05-01
Published in bionic-release on 2018-04-26
Deleted in bionic-proposed (Reason: moved to release)
Superseded in bionic-proposed on 2018-04-25
linux-oem (4.15.0-1004.5) bionic; urgency=medium

  * linux-oem: 4.15.0-1004.5 -proposed tracker (LP: #1766454)

  * Miscellaneous Ubuntu changes
    - [Packaging/OEM] update to Debian like control scripts.
    - [Packaging] signing -- sync changes from debian.master
    - [Config] Skip retpoline still
    - Rebase to 4.15.0-20.21
    - [Config] update configs following rebase to 4.15.0-20.21

  [ Ubuntu: 4.15.0-20.21 ]

  * linux: 4.15.0-20.21 -proposed tracker (LP: #1766452)
  * package shim-signed (not installed) failed to install/upgrade: installed
    shim-signed package post-installation script subprocess returned error exit
    status 5 (LP: #1766391)
    - [Packaging] fix invocation of header postinst hooks

  [ Ubuntu: 4.15.0-19.20 ]

  * linux: 4.15.0-19.20 -proposed tracker (LP: #1766021)
  * Kernel 4.15.0-15 breaks Dell PowerEdge 12th Gen servers (LP: #1765232)
    - Revert "blk-mq: simplify queue mapping & schedule with each possisble CPU"
    - Revert "genirq/affinity: assign vectors to all possible CPUs"

  [ Ubuntu: 4.15.0-18.19 ]

  * linux: 4.15.0-18.19 -proposed tracker (LP: #1765490)
  * [regression] Ubuntu 18.04:[4.15.0-17-generic #18] KVM Guest Kernel:
    meltdown: rfi/fallback displacement flush not enabled bydefault (kvm)
    (LP: #1765429)
    - powerpc/pseries: Fix clearing of security feature flags
  * signing: only install a signed kernel (LP: #1764794)
    - [Packaging] update to Debian like control scripts
    - [Packaging] switch to triggers for postinst.d postrm.d handling
    - [Packaging] signing -- switch to raw-signing tarballs
    - [Packaging] signing -- switch to linux-image as signed when available
    - [Config] signing -- enable Opal signing for ppc64el
    - [Packaging] printenv -- add signing options
  * [18.04 FEAT] Sign POWER host/NV kernels (LP: #1696154)
    - [Packaging] signing -- add support for signing Opal kernel binaries
  * Please cherrypick s390 unwind fix (LP: #1765083)
    - s390/compat: fix setup_frame32
  * Ubuntu 18.04 installer does not detect any IPR based HDD/RAID array [S822L]
    [ipr] (LP: #1751813)
    - d-i: move ipr to storage-core-modules on ppc64el
  * drivers/gpu/drm/bridge/adv7511/adv7511.ko missing (LP: #1764816)
    - SAUCE: (no-up) rename the adv7511 drm driver to adv7511_drm
  * Miscellaneous Ubuntu changes
    - [Packaging] Add linux-oem to rebuild test blacklist.

Superseded in xenial-security on 2018-05-08
Superseded in xenial-updates on 2018-05-08
Deleted in xenial-proposed (Reason: moved to -updates)
linux-oem (4.13.0-1024.27) xenial; urgency=medium

  * linux-oem: 4.13.0-1024.27 -proposed tracker (LP: #1763296)

  * [8086:3e92] display becomes blank after S3 (LP: #1763271)
    - drm/i915/edp: Allow alternate fixed mode for eDP if available.
    - drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp
    - drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp
    - drm/i915/edp: Do not do link training fallback or prune modes on EDP

  * No network with e1000e driver on 4.13.0-38-generic (LP: #1762693)
    - e1000e: Fix e1000_check_for_copper_link_ich8lan return value.

Superseded in bionic-release on 2018-04-26
Superseded in bionic-release on 2018-04-25
Deleted in bionic-proposed on 2018-04-27 (Reason: moved to release)
linux-oem (4.15.0-1002.3) bionic; urgency=medium

  * linux-oem: 4.15.0-1002.3 -proposed tracker (LP: #1762924)

  * Fix line-out port noise on Baytrail-I with RT5660 based sound card
    (LP: #1675327)
    - SAUCE: (no-up): ASoC: Intel: bytcr-rt5660: fix frame polarity

  * Miscellaneous Ubuntu changes
    - Rebase to 4.15.0-15.16

  [ Ubuntu: 4.15.0-15.16 ]

  * linux: 4.15.0-15.16 -proposed tracker (LP: #1761177)
  * FFe: Enable configuring resume offset via sysfs (LP: #1760106)
    - PM / hibernate: Make passing hibernate offsets more friendly
  * /dev/bcache/by-uuid links not created after reboot (LP: #1729145)
    - SAUCE: (no-up) bcache: decouple emitting a cached_dev CHANGE uevent
  * Ubuntu18.04:POWER9:DD2.2 - Unable to start a KVM guest with default machine
    type(pseries-bionic) complaining "KVM implementation does not support
    Transactional Memory, try cap-htm=off" (kvm) (LP: #1752026)
    - powerpc: Use feature bit for RTC presence rather than timebase presence
    - powerpc: Book E: Remove unused CPU_FTR_L2CSR bit
    - powerpc: Free up CPU feature bits on 64-bit machines
    - powerpc: Add CPU feature bits for TM bug workarounds on POWER9 v2.2
    - powerpc/powernv: Provide a way to force a core into SMT4 mode
    - KVM: PPC: Book3S HV: Work around transactional memory bugs in POWER9
    - KVM: PPC: Book3S HV: Work around XER[SO] bug in fake suspend mode
    - KVM: PPC: Book3S HV: Work around TEXASR bug in fake suspend state
  * Important Kernel fixes to be backported for Power9 (kvm) (LP: #1758910)
    - powerpc/mm: Fixup tlbie vs store ordering issue on POWER9
  * Ubuntu 18.04 - IO Hang on some namespaces when running HTX with 16
    namespaces  (Bolt / NVMe) (LP: #1757497)
    - powerpc/64s: Fix lost pending interrupt due to race causing lost update to
      irq_happened
  * fwts-efi-runtime-dkms 18.03.00-0ubuntu1: fwts-efi-runtime-dkms kernel module
    failed to build (LP: #1760876)
    - [Packaging] include the retpoline extractor in the headers

 -- Timo Aaltonen <email address hidden>  Wed, 11 Apr 2018 09:36:30 +0300
Deleted in xenial-proposed on 2018-04-16 (Reason: NBS)
linux-oem (4.13.0-1023.25) xenial; urgency=medium

  * linux-oem: 4.13.0-1023.25 -proposed tracker (LP: #1761464)

  * Fix Runtime PM for r8169 (LP: #1757422)
    - r8169: only enable PCI wakeups when WOL is active
    - PCI: Add pcim_set_mwi(), a device-managed pci_set_mwi()
    - r8169: switch to device-managed functions in probe
    - r8169: remove netif_napi_del in probe error path
    - r8169: remove unneeded rpm ops in rtl_shutdown
    - r8169: improve runtime pm in rtl8169_check_link_status
    - r8169: improve runtime pm in general and suspend unused ports

  * Ryzen/Raven Ridge USB ports do not work (LP: #1756700)
    - xhci: Fix front USB ports on ASUS PRIME B350M-A
    - SAUCE: xhci: Fix USB ports for Dell Inspiron 5775

  * Miscellaneous Ubuntu changes
    - Rebase to 4.13.0-39.44

  [ Ubuntu: 4.13.0-39.44 ]

  * linux: 4.13.0-39.44 -proposed tracker (LP: #1761456)
  * intel-microcode 3.20180312.0 causes lockup at login screen(w/ linux-
    image-4.13.0-37-generic) (LP: #1759920) // CVE-2017-5715 (Spectre v2
    Intel) // CVE-2017-5754
    - x86/mm: Reinitialize TLB state on hotplug and resume
  * intel-microcode 3.20180312.0 causes lockup at login screen(w/ linux-
    image-4.13.0-37-generic) (LP: #1759920) // CVE-2017-5715 (Spectre v2 Intel)
    - Revert "x86/mm: Only set IBPB when the new thread cannot ptrace current
      thread"
    - x86/speculation: Use Indirect Branch Prediction Barrier in context switch
  * DKMS driver builds fail with: Cannot use CONFIG_STACK_VALIDATION=y, please
    install libelf-dev, libelf-devel or elfutils-libelf-devel (LP: #1760876)
    - [Packaging] include the retpoline extractor in the headers
  * retpoline hints: primary infrastructure and initial hints (LP: #1758856)
    - [Packaging] retpoline-extract: flag *0xNNN(%reg) branches
    - x86/speculation, objtool: Annotate indirect calls/jumps for objtool
    - x86/speculation, objtool: Annotate indirect calls/jumps for objtool on 32bit
    - x86/paravirt, objtool: Annotate indirect calls
    - [Packaging] retpoline -- add safe usage hint support
    - [Packaging] retpoline-check -- only report additions
    - [Packaging] retpoline -- widen indirect call/jmp detection
    - [Packaging] retpoline -- elide %rip relative indirections
    - [Packaging] retpoline -- clear hint information from packages
    - KVM: x86: Make indirect calls in emulator speculation safe
    - KVM: VMX: Make indirect call speculation safe
    - x86/boot, objtool: Annotate indirect jump in secondary_startup_64()
    - SAUCE: early/late -- annotate indirect calls in early/late initialisation
      code
    - SAUCE: vga_set_mode -- avoid jump tables
    - [Config] retpoline -- switch to new format
    - [Packaging] retpoline hints -- handle missing files when RETPOLINE not
      enabled
    - [Packaging] final-checks -- remove check for empty retpoline files
  * retpoline: ignore %cs:0xNNN constant indirections (LP: #1752655)
    - [Packaging] retpoline -- elide %cs:0xNNNN constants on i386
  * zfs system process hung on container stop/delete (LP: #1754584)
    - SAUCE: Fix non-prefaulted page deadlock (LP: #1754584)
  * zfs-linux 0.6.5.11-1ubuntu5 ADT test failure with linux 4.15.0-1.2
    (LP: #1737761)
    - SAUCE: (noup) Update zfs to 0.6.5.11-1ubuntu3.2
  * AT_BASE_PLATFORM in AUXV is absent on kernels available on Ubuntu 17.10
    (LP: #1759312)
    - powerpc/64s: Fix NULL AT_BASE_PLATFORM when using DT CPU features
  * btrfs and tar sparse truncate archives (LP: #1757565)
    - Btrfs: move definition of the function btrfs_find_new_delalloc_bytes
    - Btrfs: fix reported number of inode blocks after buffered append writes
  * efifb broken on ThunderX-based Gigabyte nodes (LP: #1758375)
    - drivers/fbdev/efifb: Allow BAR to be moved instead of claiming it
  * Intel i40e PF reset due to incorrect MDD detection (continues...)
    (LP: #1723127)
    - i40e/i40evf: Account for frags split over multiple descriptors in check
      linearize
  * Fix an issue that when system in S3, USB keyboard can't wake up the system.
    (LP: #1759511)
    - ACPI / PM: Allow deeper wakeup power states with no _SxD nor _SxW
  * [8086:3e92] display becomes blank after S3 (LP: #1759188)
    - drm/i915: Apply Display WA #1183 on skl, kbl, and cfl
  * add audio kernel patches for Raven (LP: #1758364)
    - ALSA: hda: Add Raven PCI ID
    - ALSA: hda/realtek - Fix ALC700 family no sound issue
  * Cpu utilization showing system time for kvm guests (performance) (sysstat)
    (LP: #1755979)
    - KVM: PPC: Book3S HV: Fix guest time accounting with VIRT_CPU_ACCOUNTING_GEN
  * Kernel panic on a nfsroot system (LP: #1734327)
    - Revert "UBUNTU: SAUCE: LSM stacking: add stacking support to apparmor
      network hooks"
    - Revert "UBUNTU: SAUCE: LSM stacking: LSM: Infrastructure management of the
      remaining blobs"
  * can't record sound via front headset port on the Dell Precision 3630
    (LP: #1759088)
    - ALSA: hda/realtek - Fix Dell headset Mic can't record
  * speaker can't output sound anymore after system resumes from S3 on a lenovo
    machine with alc257 (LP: #1758829)
    - ALSA: hda/realtek - Fix speaker no sound after system resume
  * hda driver initialization takes too much time on the machine with coffeelake
    audio controller [8086:a348] (LP: #1758800)
    - ALSA: hda - Force polling mode on CFL for fixing codec communication
  * Let headset-mode initialization be called on Dell Precision 3930
    (LP: #1757584)
    - ALSA: hda/realtek - Add headset mode support for Dell laptop
  * ubuntu_zram_smoke test will cause soft lockup on Artful ThunderX ARM64
    (LP: #1755073)
    - SAUCE: crypto: thunderx_zip: Fix fallout from CONFIG_VMAP_STACK
  * [Hyper-V] include kvp fix for Avoid reading past allocated blocks from KVP
    file (LP: #1750349)
    - hv: kvp: Avoid reading past allocated blocks from KVP file
  * IMA policy parsing is broken in 4.13 (LP: #1755804)
    - ima/policy: fix parsing of fsuuid
  * external mic not work on Dell OptiPlex 7460 AIO (LP: #1755954)
    - ALSA: hda/realtek - Add headset mode support for Dell laptop
  * sbsa watchdog crashes thunderx2 system (LP: #1755595)
    - watchdog: sbsa: use 32-bit read for WCV
  * CVE-2018-8043
    - net: phy: mdio-bcm-unimac: fix potential NULL dereference in
      unimac_mdio_probe()

 -- Timo Aaltonen <email address hidden>  Thu, 05 Apr 2018 18:46:41 +0300

Available diffs

Superseded in xenial-security on 2018-04-23
Superseded in xenial-updates on 2018-04-23
Deleted in xenial-proposed (Reason: NBS)
linux-oem (4.13.0-1022.24) xenial; urgency=medium

  * linux-oem: 4.13.0-1022.24 -proposed tracker (LP: #1755774)

  * external mic not work on Dell OptiPlex 7460 AIO (LP: #1755954)
    - ALSA: hda/realtek - Add headset mode support for Dell laptop

  * Display screen blinks on black screen periodically on some wyse system
    (LP: #1754216)
    - drm/i915/glk, cnl: Implement WaDisableScalarClockGating

  * CFL systems are not responsive to TB16 DP/HDMI (un)plugging event.
    (LP: #1755705)
    - drm/i915/gen9+: Add 10 us delay after power well 1/AUX IO pw disabling
    - drm/i915/skl: Don't disable misc IO power well during display uninit
    - drm/i915/bxt, glk: Fix assert on conditions for DC9 enabling
    - drm/i915/gen9+: Don't remove secondary power well requests
    - drm/i915/cnl: Fix comment about AUX IO power well enable/disable

  * Remove ubuntu/usb-cv (LP: #1749412)
    - SAUCE: Remove ubuntu/usb-cv

  * mwifiex cannot connect to wifi AP when keeping wireless connection idle for
    more than 60 seconds (LP: #1725154)
    - SAUCE: Revert "cfg80211: workaround for mwifiex"

  *  Add support for Realtek WiFi device [10ec:b822] (LP: #1745081)
    - SAUCE: RTL8822BE: Import RTL8822BE driver
    - SAUCE: RTL8822BE: Fix compiling error on oem kernel
    - SAUCE: RTL8822BE: Don't block disconnect event if kernel >= 4.2
    - SAUCE: RTL8822BE: Fix FW IQK failed when mp_start
    - SAUCE: RTL8822BE: Add ubuntu/rtl8822be into build script
    - SAUCE: RTL8822BE: Adjust the building dir

  * Miscellaneous Ubuntu changes
    - Rebase to 4.13.0-38.43
    - [Config] Ignore usb-cv module
    - [Config] Ignore retpoline

  [ Ubuntu: 4.13.0-38.43 ]

  * linux: 4.13.0-38.43 -proposed tracker (LP: #1755762)
  * Servers going OOM after updating kernel from 4.10 to 4.13 (LP: #1748408)
    - i40e: Fix memory leak related filter programming status
    - i40e: Add programming descriptors to cleaned_count
  * [SRU] Lenovo E41 Mic mute hotkey is not responding (LP: #1753347)
    - platform/x86: ideapad-laptop: Increase timeout to wait for EC answer
  * fails to dump with latest kpti fixes (LP: #1750021)
    - kdump: write correct address of mem_section into vmcoreinfo
  * headset mic can't be detected on two Dell machines (LP: #1748807)
    - ALSA: hda/realtek - Support headset mode for ALC215/ALC285/ALC289
    - ALSA: hda - Fix headset mic detection problem for two Dell machines
    - ALSA: hda - Fix a wrong FIXUP for alc289 on Dell machines
  * CIFS SMB2/SMB3 does not work for domain based DFS (LP: #1747572)
    - CIFS: make IPC a regular tcon
    - CIFS: use tcon_ipc instead of use_ipc parameter of SMB2_ioctl
    - CIFS: dump IPC tcon in debug proc file
  * i2c-thunderx: erroneous error message "unhandled state: 0" (LP: #1754076)
    - i2c: octeon: Prevent error message on bus error
  * hisi_sas: Add disk LED support (LP: #1752695)
    - scsi: hisi_sas: directly attached disk LED feature for v2 hw
  * EDAC, sb_edac: Backport 1 patch to Ubuntu 17.10 (Fix missing DIMM sysfs
    entries with KNL SNC2/SNC4 mode) (LP: #1743856)
    - EDAC, sb_edac: Fix missing DIMM sysfs entries with KNL SNC2/SNC4 mode
  * [regression] Colour banding and artefacts appear system-wide on an Asus
    Zenbook UX303LA with Intel HD 4400 graphics (LP: #1749420)
    - drm/edid: Add 6 bpc quirk for CPT panel in Asus UX303LA
  * DVB Card with SAA7146 chipset not working (LP: #1742316)
    - vmalloc: fix __GFP_HIGHMEM usage for vmalloc_32 on 32b systems
  * [Asus UX360UA] battery status in unity-panel is not changing when battery is
    being charged (LP: #1661876) // AC adapter status not detected on Asus
    ZenBook UX410UAK (LP: #1745032)
    - ACPI / battery: Add quirk for Asus UX360UA and UX410UAK
  * ASUS UX305LA - Battery state not detected correctly (LP: #1482390)
    - ACPI / battery: Add quirk for Asus GL502VSK and UX305LA
  * support thunderx2 vendor pmu events (LP: #1747523)
    - perf pmu: Extract function to get JSON alias map
    - perf pmu: Pass pmu as a parameter to get_cpuid_str()
    - perf tools arm64: Add support for get_cpuid_str function.
    - perf pmu: Add helper function is_pmu_core to detect PMU CORE devices
    - perf vendor events arm64: Add ThunderX2 implementation defined pmu core
      events
    - perf pmu: Add check for valid cpuid in perf_pmu__find_map()
  * lpfc.ko module doesn't work (LP: #1746970)
    - scsi: lpfc: Fix loop mode target discovery
  * Ubuntu 17.10 crashes on vmalloc.c (LP: #1739498)
    - powerpc/mm/book3s64: Make KERN_IO_START a variable
    - powerpc/mm/slb: Move comment next to the code it's referring to
    - powerpc/mm/hash64: Make vmalloc 56T on hash
  * ethtool -p fails to light NIC LED on HiSilicon D05 systems (LP: #1748567)
    - net: hns: add ACPI mode support for ethtool -p
  * CVE-2017-17807
    - KEYS: add missing permission check for request_key() destination
  * [Artful SRU] Fix capsule update regression (LP: #1746019)
    - efi/capsule-loader: Reinstate virtual capsule mapping
  * [Artful/Bionic] [Config] enable EDAC_GHES for ARM64 (LP: #1747746)
    - Ubuntu: [Config] enable EDAC_GHES for ARM64
  * linux-tools: perf incorrectly linking libbfd (LP: #1748922)
    - SAUCE: tools -- add ability to disable libbfd
    - [Packaging] correct disablement of libbfd
  * Cherry pick c96f5471ce7d for delayacct fix (LP: #1747769)
    - delayacct: Account blkio completion on the correct task
  * Error in CPU frequency reporting when nominal and min pstates are same
    (cpufreq) (LP: #1746174)
    - cpufreq: powernv: Dont assume distinct pstate values for nominal and pmin
  * retpoline abi files are empty on i386 (LP: #1751021)
    - [Packaging] retpoline-extract -- instantiate retpoline files for i386
    - [Packaging] final-checks -- sanity checking ABI contents
    - [Packaging] final-checks -- check for empty retpoline files
  * [P9,Power NV][WSP][Ubuntu 1804] : "Kernel access of bad area " when grouping
    different pmu events using perf fuzzer . (perf:) (LP: #1746225)
    - powerpc/perf: Fix oops when grouping different pmu events
  * bnx2x_attn_int_deasserted3:4323 MC assert! (LP: #1715519) //
    CVE-2018-1000026
    - net: create skb_gso_validate_mac_len()
    - bnx2x: disable GSO where gso_size is too big for hardware
  * Ubuntu16.04.03: ISAv3 initialize MMU registers before setting partition
    table (LP: #1736145)
    - powerpc/64s: Initialize ISAv3 MMU registers before setting partition table
  * powerpc/powernv: Flush console before platform error reboot (LP: #1735159)
    - powerpc/powernv: Flush console before platform error reboot
  * Touchpad stops working after a few seconds in Lenovo ideapad 320
    (LP: #1732056)
    - pinctrl/amd: fix masking of GPIO interrupts
  * [Artful][Wyse 3040] System hang when trying to enable an offlined CPU core
    (LP: #1736393)
    - SAUCE: drm/i915:Don't set chip specific data
    - SAUCE: drm/i915: make previous commit affects Wyse 3040 only
  * ppc64el: Do not call ibm,os-term on panic (LP: #1736954)
    - powerpc: Do not call ppc_md.panic in fadump panic notifier
  * Artful update to 4.13.16 stable release (LP: #1744213)
    - tcp_nv: fix division by zero in tcpnv_acked()
    - net: vrf: correct FRA_L3MDEV encode type
    - tcp: do not mangle skb->cb[] in tcp_make_synack()
    - net: systemport: Correct IPG length settings
    - netfilter/ipvs: clear ipvs_property flag when SKB net namespace changed
    - l2tp: don't use l2tp_tunnel_find() in l2tp_ip and l2tp_ip6
    - bonding: discard lowest hash bit for 802.3ad layer3+4
    - net: cdc_ether: fix divide by 0 on bad descriptors
    - net: qmi_wwan: fix divide by 0 on bad descriptors
    - qmi_wwan: Add missing skb_reset_mac_header-call
    - net: usb: asix: fill null-ptr-deref in asix_suspend
    - tcp: gso: avoid refcount_t warning from tcp_gso_segment()
    - tcp: fix tcp_fastretrans_alert warning
    - vlan: fix a use-after-free in vlan_device_event()
    - net/mlx5: Cancel health poll before sending panic teardown command
    - net/mlx5e: Set page to null in case dma mapping fails
    - af_netlink: ensure that NLMSG_DONE never fails in dumps
    - vxlan: fix the issue that neigh proxy blocks all icmpv6 packets
    - net: cdc_ncm: GetNtbFormat endian fix
    - fealnx: Fix building error on MIPS
    - net/sctp: Always set scope_id in sctp_inet6_skb_msgname
    - ima: do not update security.ima if appraisal status is not INTEGRITY_PASS
    - serial: omap: Fix EFR write on RTS deassertion
    - serial: 8250_fintek: Fix finding base_port with activated SuperIO
    - tpm-dev-common: Reject too short writes
    - rcu: Fix up pending cbs check in rcu_prepare_for_idle
    - ocfs2: fix cluster hang after a node dies
    - ocfs2: should wait dio before inode lock in ocfs2_setattr()
    - ipmi: fix unsigned long underflow
    - mm/page_alloc.c: broken deferred calculation
    - mm/page_ext.c: check if page_ext is not prepared
    - x86/cpu/amd: Derive L3 shared_cpu_map from cpu_llc_shared_mask
    - coda: fix 'kernel memory exposure attempt' in fsync
    - Linux 4.13.16
  * Artful update to 4.13.15 stable release (LP: #1744212)
    - media: imon: Fix null-ptr-deref in imon_probe
    - media: dib0700: fix invalid dvb_detach argument
    - crypto: dh - Fix double free of ctx->p
    - crypto: dh - Don't permit 'p' to be 0
    - crypto: dh - Don't permit 'key' or 'g' size longer than 'p'
    - USB: early: Use new USB product ID and strings for DbC device
    - USB: usbfs: compute urb->actual_length for isochronous
    - USB: Add delay-init quirk for Corsair K70 LUX keyboards
    - usb: gadget: f_fs: Fix use-after-free in ffs_free_inst
    - USB: serial: metro-usb: stop I/O after failed open
    - USB: serial: Change DbC debug device binding ID
    - USB: serial: qcserial: add pid/vid for Sierra Wireless EM7355 fw update
    - USB: serial: garmin_gps: fix I/O after failed probe and remove
    - USB: serial: garmin_gps: fix memory leak on probe errors
    - x86/MCE/AMD: Always give panic severity for UC errors in kernel context
    - platform/x86: peaq-wmi: Add DMI check before binding to the WMI interface
    - platform/x86: peaq_wmi: Fix missing terminating entry for peaq_dmi_table
    - HID: cp2112: add HIDRAW dependency
    - HID: wacom: generic: Recognize WACOM_HID_WD_PEN as a type of pen collection
    - staging: wilc1000: Fix bssid buffer offset in Txq
    - staging: ccree: fix 64 bit scatter/gather DMA ops
    - staging: greybus: spilib: fix use-after-free after deregistration
    - staging: vboxvideo: Fix reporting invalid suggested-offset-properties
    - staging: rtl8188eu: Revert 4 commits breaking ARP
    - Linux 4.13.15
  * time drifting on linux-hwe kernels (LP: #1744988)
    - x86/tsc: Future-proof native_calibrate_tsc()
    - x86/tsc: Fix erroneous TSC rate on Skylake Xeon
    - x86/tsc: Print tsc_khz, when it differs from cpu_khz
  * Please backport vmd suspend/resume patches to 16.04 hwe (LP: #1745508)
    - PCI: vmd: Free up IRQs on suspend path
  * CVE-2017-17448
    - netfilter: nfnetlink_cthelper: Add missing permission checks
  * Dell XPS 13 9360 bluetooth (Atheros) won't connect after resume
    (LP: #1744712)
    - Bluetooth: btusb: Restore QCA Rome suspend/resume fix with a "rewritten"
      version
  * [SRU] TrackPoint: middle button doesn't work on TrackPoint-compatible
    device. (LP: #1746002)
    - Input: trackpoint - force 3 buttons if 0 button is reported
  * TB16 dock ethernet corrupts data with hw checksum silently failing
    (LP: #1729674)
    - r8152: disable RX aggregation on Dell TB16 dock
  * [Artful] Realtek ALC225: 2 secs noise when a headset plugged in
    (LP: #1744058)
    - Revert "UBUNTU: SAUCE: ALSA: hda/realtek - Add support headset mode for DELL
      WYSE"
    - SAUCE: ALSA: hda/realtek - Add support headset mode for DELL WYSE
    - ALSA: hda/realtek - update ALC225 depop optimize
  * [A] skb leak in vhost_net / tun / tap (LP: #1738975)
    - vhost: fix skb leak in handle_rx()
    - tap: free skb if flags error
    - tun: free skb in early errors
  * Commit d9018976cdb6 missing in Kernels <4.14.x preventing lasting fix of
    Intel SPI bug on certain serial flash (LP: #1742696)
    - mfd: lpc_ich: Do not touch SPI-NOR write protection bit on Haswell/Broadwell
    - spi-nor: intel-spi: Fix broken software sequencing codes
  * CVE-2018-5332
    - RDS: Heap OOB write in rds_message_alloc_sgs()
  * [A] KVM Windows BSOD on 4.13.x (LP: #1738972)
    - KVM: x86: fix APIC page invalidation
  * elantech touchpad of Lenovo L480/580 failed to detect hw_version
    (LP: #1733605)
    - Input: elantech - add new icbody type 15
  * [SRU] External HDMI monitor failed to show screen on Lenovo X1 series
    (LP: #1738523)
    - SAUCE: drm/i915: Disable writing of TMDS_OE on Lenovo ThinkPad X1 series
  * ubuntu/xr-usb-serial didn't get built in zesty and artful (LP: #1733281)
    - SAUCE: make sure ubuntu/xr-usb-serial builds for x86
  * Disabling zfs does not always disable module checks for the zfs modules
    (LP: #1737176)
    - [Packaging] disable zfs module checks when zfs is disabled
  * CVE-2017-17806
    - crypto: hmac - require that the underlying hash algorithm is unkeyed
  * CVE-2017-17805
    - crypto: salsa20 - fix blkcipher_walk API usage
  * CVE-2017-16994
    - mm/pagewalk.c: report holes in hugetlb ranges
  * CVE-2017-17450
    - netfilter: xt_osf: Add missing permission checks
  * apparmor profile load in stacked policy container fails (LP: #1746463)
    - SAUCE: apparmor: fix display of .ns_name for containers
  * CVE-2017-15129
    - net: Fix double free and memory corruption in get_net_ns_by_id()
  * CVE-2018-5344
    - loop: fix concurrent lo_open/lo_release
  * CVE-2017-1000407
    - KVM: VMX: remove I/O port 0x80 bypass on Intel hosts
  * CVE-2017-0861
    - ALSA: pcm: prevent UAF in snd_pcm_info
  * perf stat segfaults on uncore events w/o -a (LP: #1745246)
    - perf xyarray: Save max_x, max_y
    - perf evsel: Fix buffer overflow while freeing events
  * Support cppc-cpufreq driver on ThunderX2 systems (LP: #1745007)
    - mailbox: PCC: Move the MAX_PCC_SUBSPACES definition to header file
    - ACPI / CPPC: Make CPPC ACPI driver aware of PCC subspace IDs
    - ACPI / CPPC: Fix KASAN global out of bounds warning
    - ACPI: CPPC: remove initial assignment of pcc_ss_data
  * P-state not working in kernel 4.13 (LP: #1743269)
    - x86 / CPU: Avoid unnecessary IPIs in arch_freq_get_on_cpu()
    - x86 / CPU: Always show current CPU frequency in /proc/cpuinfo
  * Regression: KVM no longer supports Intel CPUs without Virtual NMI
    (LP: #1741655)
    - kvm: vmx: Reinstate support for CPUs without virtual NMI
  * System hang with Linux kernel due to mainline commit 24247aeeabe
    (LP: #1733662)
    - x86/intel_rdt/cqm: Prevent use after free
  * $(LOCAL_ENV_CC) and $(LOCAL_ENV_DISTCC_HOSTS) should be properly quoted
    (LP: #1744077)
    - [Debian] pass LOCAL_ENV_CC and LOCAL_ENV_DISTCC_HOSTS properly
  * the wifi driver is always hard blocked on a lenovo laptop (LP: #1743672)
    - ACPI: EC: Fix possible issues related to EC initialization order
  * text VTs are unavailable on desktop after upgrade to Ubuntu 17.10
    (LP: #1724911)
    - drm/i915/fbdev: Always forward hotplug events
  * Samsung SSD 960 EVO 500GB refused to change power state (LP: #1705748)
    - nvme-pci: disable APST on Samsung SSD 960 EVO + ASUS PRIME B350M-A
  * [0cf3:e010] QCA6174A XR failed to pair with bt 4.0 device  (LP: #1741166)
    - Bluetooth: btusb: Add support for 0cf3:e010
  * CVE-2017-17741
    - KVM: Fix stack-out-of-bounds read in write_mmio
  * CVE-2018-5333
    - RDS: null pointer dereference in rds_atomic_free_op
  * [800 G3 SFF] [800 G3 DM]External microphone of headset(3-ring) is working,
    2-ring mic not working, both not shown in sound settings  (LP: #1740974)
    - ALSA: hda - Add MIC_NO_PRESENCE fixup for 2 HP machines
  * Two front mics can't work on a lenovo machine (LP: #1740973)
    - ALSA: hda - change the location for one mic on a Lenovo machine
  * No external microphone be detected via headset jack on a dell machine
    (LP: #1740972)
    - ALSA: hda - fix headset mic detection issue on a Dell machine
  *  Can't detect external headset via line-out jack on some Dell machines
    (LP: #1740971)
    - ALSA: hda/realtek - Fix Dell AIO LineOut issue
  * Support realtek new codec alc257 in the alsa hda driver  (LP: #1738911)
    - ALSA: hda/realtek - New codec support for ALC257
  * Add support for 16g huge pages on Ubuntu 16.04.2 PowerNV (LP: #1706247)
    - powerpc/mm/hugetlb: Allow runtime allocation of 16G.
    - powerpc/mm/hugetlb: Add support for reserving gigantic huge pages via kernel
      command line
    - mm/hugetlb: Allow arch to override and call the weak function
  * the kernel is blackholing IPv6 packets to linkdown nexthops (LP: #1738219)
    - ipv6: Do not consider linkdown nexthops during multipath
  * e1000e in 4.4.0-97-generic breaks 82574L under heavy load. (LP: #1730550)
    - e1000e: Avoid receiver overrun interrupt bursts
    - e1000e: Separate signaling for link check/link up
  * Ubuntu 17.10: Include patch "crypto: vmx - Use skcipher for ctr fallback"
    (LP: #1732978)
    - crypto: vmx - Use skcipher for ctr fallback
  * QCA Rome bluetooth can not wakeup after USB runtime suspended.
    (LP: #1737890)
    - Bluetooth: btusb: driver to enable the usb-wakeup feature
  * /dev/bcache/by-uuid links not created after reboot (LP: #1729145)
    - SAUCE: (no-up) bcache: decouple emitting a cached_dev CHANGE uevent
  * Some VMs fail to reboot with "watchdog: BUG: soft lockup - CPU#0 stuck for
    22s! [systemd:1]" (LP: #1730717)
    - SAUCE: exec: fix lockup because retry loop may never exit
  * Request to backport cxlflash patches to 16.04 HWE Kernel (LP: #1730515)
    - scsi: cxlflash: Use derived maximum write same length
    - scsi: cxlflash: Allow cards without WWPN VPD to configure
    - scsi: cxlflash: Derive pid through accessors
  * vagrant artful64 box filesystem too small (LP: #1726818)
    - block: factor out __blkdev_issue_zero_pages()
    - block: cope with WRITE ZEROES failing in blkdev_issue_zeroout()
  * Artful update to 4.13.14 stable release (LP: #1744121)
    - ppp: fix race in ppp device destruction
    - gso: fix payload length when gso_size is zero
    - ipv4: Fix traffic triggered IPsec connections.
    - ipv6: Fix traffic triggered IPsec connections.
    - netlink: do not set cb_running if dump's start() errs
    - net: call cgroup_sk_alloc() earlier in sk_clone_lock()
    - macsec: fix memory leaks when skb_to_sgvec fails
    - l2tp: check ps->sock before running pppol2tp_session_ioctl()
    - netlink: fix netlink_ack() extack race
    - sctp: add the missing sock_owned_by_user check in sctp_icmp_redirect
    - tcp/dccp: fix ireq->opt races
    - packet: avoid panic in packet_getsockopt()
    - geneve: Fix function matching VNI and tunnel ID on big-endian
    - net: bridge: fix returning of vlan range op errors
    - soreuseport: fix initialization race
    - ipv6: flowlabel: do not leave opt->tot_len with garbage
    - sctp: full support for ipv6 ip_nonlocal_bind & IP_FREEBIND
    - tcp/dccp: fix lockdep splat in inet_csk_route_req()
    - tcp/dccp: fix other lockdep splats accessing ireq_opt
    - net: dsa: check master device before put
    - net/unix: don't show information about sockets from other namespaces
    - tap: double-free in error path in tap_open()
    - net/mlx5: Fix health work queue spin lock to IRQ safe
    - net/mlx5e: Properly deal with encap flows add/del under neigh update
    - ipip: only increase err_count for some certain type icmp in ipip_err
    - ip6_gre: only increase err_count for some certain type icmpv6 in ip6gre_err
    - ip6_gre: update dst pmtu if dev mtu has been updated by toobig in
      __gre6_xmit
    - tcp: refresh tp timestamp before tcp_mtu_probe()
    - tap: reference to KVA of an unloaded module causes kernel panic
    - sctp: reset owner sk for data chunks on out queues when migrating a sock
    - net_sched: avoid matching qdisc with zero handle
    - l2tp: hold tunnel in pppol2tp_connect()
    - ipv6: addrconf: increment ifp refcount before ipv6_del_addr()
    - tcp: fix tcp_mtu_probe() vs highest_sack
    - mac80211: accept key reinstall without changing anything
    - mac80211: use constant time comparison with keys
    - mac80211: don't compare TKIP TX MIC key in reinstall prevention
    - usb: usbtest: fix NULL pointer dereference
    - Input: ims-psu - check if CDC union descriptor is sane
    - EDAC, sb_edac: Don't create a second memory controller if HA1 is not present
    - dmaengine: dmatest: warn user when dma test times out
    - Linux 4.13.14

  [ Ubuntu: 4.13.0-37.42 ]

  * linux: 4.13.0-37.42 -proposed tracker (LP: #1751798)
  * CVE-2017-5715 // CVE-2017-5753 // CVE-2017-5754
    - arm64: Add ASM_BUG()
    - arm64: consistently use bl for C exception entry
    - arm64: move non-entry code out of .entry.text
    - arm64: unwind: avoid percpu indirection for irq stack
    - arm64: unwind: disregard frame.sp when validating frame pointer
    - arm64: mm: Fix set_memory_valid() declaration
    - arm64: Convert __inval_cache_range() to area-based
    - arm64: Expose DC CVAP to userspace
    - arm64: Handle trapped DC CVAP
    - arm64: Implement pmem API support
    - arm64: uaccess: Implement *_flushcache variants
    - arm64/vdso: Support mremap() for vDSO
    - arm64: unwind: reference pt_regs via embedded stack frame
    - arm64: unwind: remove sp from struct stackframe
    - arm64: uaccess: Add the uaccess_flushcache.c file
    - arm64: fix pmem interface definition
    - arm64: compat: Remove leftover variable declaration
    - fork: allow arch-override of VMAP stack alignment
    - arm64: kernel: remove {THREAD,IRQ_STACK}_START_SP
    - arm64: factor out PAGE_* and CONT_* definitions
    - arm64: clean up THREAD_* definitions
    - arm64: clean up irq stack definitions
    - arm64: move SEGMENT_ALIGN to <asm/memory.h>
    - efi/arm64: add EFI_KIMG_ALIGN
    - arm64: factor out entry stack manipulation
    - arm64: assembler: allow adr_this_cpu to use the stack pointer
    - arm64: use an irq stack pointer
    - arm64: add basic VMAP_STACK support
    - arm64: add on_accessible_stack()
    - arm64: add VMAP_STACK overflow detection
    - arm64: Convert pte handling from inline asm to using (cmp)xchg
    - kvm: arm64: Convert kvm_set_s2pte_readonly() from inline asm to cmpxchg()
    - arm64: Move PTE_RDONLY bit handling out of set_pte_at()
    - arm64: Ignore hardware dirty bit updates in ptep_set_wrprotect()
    - arm64: Remove the !CONFIG_ARM64_HW_AFDBM alternative code paths
    - arm64: introduce separated bits for mm_context_t flags
    - arm64: cleanup {COMPAT_,}SET_PERSONALITY() macro
    - KVM: arm/arm64: Fix guest external abort matching
    - KVM: arm/arm64: vgic: constify seq_operations and file_operations
    - KVM: arm/arm64: vITS: Drop its_ite->lpi field
    - KVM: arm/arm64: Extract GICv3 max APRn index calculation
    - KVM: arm/arm64: Support uaccess of GICC_APRn
    - arm64: Use larger stacks when KASAN is selected
    - arm64: Define cputype macros for Falkor CPU
    - arm64: SW PAN: Point saved ttbr0 at the zero page when switching to init_mm
    - arm64: SW PAN: Update saved ttbr0 value on enter_lazy_tlb
    - x86/syscalls: Check address limit on user-mode return
    - arm/syscalls: Check address limit on user-mode return
    - arm64/syscalls: Check address limit on user-mode return
    - Revert "arm/syscalls: Check address limit on user-mode return"
    - syscalls: Use CHECK_DATA_CORRUPTION for addr_limit_user_check
    - arm/syscalls: Optimize address limit check
    - arm64/syscalls: Move address limit check in loop
    - futex: Remove duplicated code and fix undefined behaviour
    - arm64: KVM: Fix SMCCC handling of unimplemented SMC/HVC calls
    - arm64: syscallno is secretly an int, make it official
    - arm64: move TASK_* definitions to <asm/processor.h>
    - arm64: mm: Use non-global mappings for kernel space
    - arm64: mm: Temporarily disable ARM64_SW_TTBR0_PAN
    - arm64: mm: Move ASID from TTBR0 to TTBR1
    - arm64: mm: Remove pre_ttbr0_update_workaround for Falkor erratum #E1003
    - arm64: mm: Rename post_ttbr0_update_workaround
    - arm64: mm: Fix and re-enable ARM64_SW_TTBR0_PAN
    - arm64: mm: Allocate ASIDs in pairs
    - arm64: mm: Add arm64_kernel_unmapped_at_el0 helper
    - arm64: mm: Invalidate both kernel and user ASIDs when performing TLBI
    - arm64: entry: Add exception trampoline page for exceptions from EL0
    - arm64: mm: Map entry trampoline into trampoline and kernel page tables
    - arm64: entry: Explicitly pass exception level to kernel_ventry macro
    - arm64: entry: Hook up entry trampoline to exception vectors
    - arm64: erratum: Work around Falkor erratum #E1003 in trampoline code
    - arm64: cpu_errata: Add Kryo to Falkor 1003 errata
    - arm64: tls: Avoid unconditional zeroing of tpidrro_el0 for native tasks
    - arm64: entry: Add fake CPU feature for unmapping the kernel at EL0
    - arm64: kaslr: Put kernel vectors address in separate data page
    - arm64: use RET instruction for exiting the trampoline
    - arm64: Kconfig: Add CONFIG_UNMAP_KERNEL_AT_EL0
    - arm64: Kconfig: Reword UNMAP_KERNEL_AT_EL0 kconfig entry
    - arm64: Take into account ID_AA64PFR0_EL1.CSV3
    - arm64: capabilities: Handle duplicate entries for a capability
    - arm64: mm: Introduce TTBR_ASID_MASK for getting at the ASID in the TTBR
    - arm64: kpti: Fix the interaction between ASID switching and software PAN
    - arm64: cputype: Add MIDR values for Cavium ThunderX2 CPUs
    - arm64: Turn on KPTI only on CPUs that need it
    - arm64: kpti: Make use of nG dependent on arm64_kernel_unmapped_at_el0()
    - arm64: mm: Permit transitioning from Global to Non-Global without BBM
    - arm64: kpti: Add ->enable callback to remap swapper using nG mappings
    - arm64: Force KPTI to be disabled on Cavium ThunderX
    - arm64: entry: Reword comment about post_ttbr_update_workaround
    - arm64: idmap: Use "awx" flags for .idmap.text .pushsection directives
    - arm64: barrier: Add CSDB macros to control data-value prediction
    - arm64: Implement array_index_mask_nospec()
    - arm64: Make USER_DS an inclusive limit
    - arm64: Use pointer masking to limit uaccess speculation
    - arm64: entry: Ensure branch through syscall table is bounded under
      speculation
    - arm64: uaccess: Prevent speculative use of the current addr_limit
    - arm64: uaccess: Don't bother eliding access_ok checks in __{get, put}_user
    - arm64: uaccess: Mask __user pointers for __arch_{clear, copy_*}_user
    - arm64: futex: Mask __user pointers prior to dereference
    - arm64: cpufeature: __this_cpu_has_cap() shouldn't stop early
    - arm64: Run enable method for errata work arounds on late CPUs
    - arm64: cpufeature: Pass capability structure to ->enable callback
    - drivers/firmware: Expose psci_get_version through psci_ops structure
    - arm64: Move post_ttbr_update_workaround to C code
    - arm64: Add skeleton to harden the branch predictor against aliasing attacks
    - arm64: Move BP hardening to check_and_switch_context
    - arm64: KVM: Use per-CPU vector when BP hardening is enabled
    - arm64: entry: Apply BP hardening for high-priority synchronous exceptions
    - arm64: entry: Apply BP hardening for suspicious interrupts from EL0
    - arm64: cputype: Add missing MIDR values for Cortex-A72 and Cortex-A75
    - arm64: Implement branch predictor hardening for affected Cortex-A CPUs
    - arm64: Implement branch predictor hardening for Falkor
    - arm64: Branch predictor hardening for Cavium ThunderX2
    - arm64: KVM: Increment PC after handling an SMC trap
    - arm/arm64: KVM: Consolidate the PSCI include files
    - arm/arm64: KVM: Add PSCI_VERSION helper
    - arm/arm64: KVM: Add smccc accessors to PSCI code
    - arm/arm64: KVM: Implement PSCI 1.0 support
    - arm/arm64: KVM: Advertise SMCCC v1.1
    - arm64: KVM: Make PSCI_VERSION a fast path
    - arm/arm64: KVM: Turn kvm_psci_version into a static inline
    - arm64: KVM: Report SMCCC_ARCH_WORKAROUND_1 BP hardening support
    - arm64: KVM: Add SMCCC_ARCH_WORKAROUND_1 fast handling
    - firmware/psci: Expose PSCI conduit
    - firmware/psci: Expose SMCCC version through psci_ops
    - arm/arm64: smccc: Make function identifiers an unsigned quantity
    - arm/arm64: smccc: Implement SMCCC v1.1 inline primitive
    - arm64: Add ARM_SMCCC_ARCH_WORKAROUND_1 BP hardening support
    - arm64: Kill PSCI_GET_VERSION as a variant-2 workaround
    - [Config] UNMAP_KERNEL_AT_EL0=y && HARDEN_BRANCH_PREDICTOR=y
    - SAUCE: arm64: __idmap_cpu_set_reserved_ttbr1: fix !ARM64_PA_BITS_52 logic
    - arm64: Add missing Falkor part number for branch predictor hardening
    - arm64: mm: fix thinko in non-global page table attribute check
  * linux-image-4.13.0-26-generic / linux-image-extra-4.13.0-26-generic fail to
    boot (LP: #1742721)
    - staging: sm750fb: Fix parameter mistake in poke32

  [ Ubuntu: 4.13.0-36.40 ]

  * linux: 4.13.0-36.40 -proposed tracker (LP: #1750010)
  * Rebuild without "CVE-2017-5754 ARM64 KPTI fixes" patch set

 -- Timo Aaltonen <email address hidden>  Thu, 15 Mar 2018 12:45:48 +0200

Available diffs

Superseded in xenial-security on 2018-04-03
Superseded in xenial-updates on 2018-04-03
Deleted in xenial-proposed (Reason: moved to -updates)
linux-oem (4.13.0-1021.23) xenial; urgency=low

  * linux-oem: 4.13.0-1021.23 -proposed tracker (LP: #1748481)

  * Intel 9462 A370:42A4 doesn't work (LP: #1748853)
    - SAUCE: iwlwifi: Adding missing id A370:42A4

  * headset mic can't be detected on two Dell machines (LP: #1748807)
    - ALSA: hda/realtek - Support headset mode for ALC215/ALC285/ALC289
    - ALSA: hda - Fix headset mic detection problem for two Dell machines

  * [linux-oem] Use I2C transport for touchpad on Precision M5530 (LP: #1746661)
    - SAUCE: ACPI: Parse entire table as a term_list for Dell XPS 9570 and
      Precision M5530

  * QCA9377 requires more IRAM banks for its new firmware (LP: #1748345)
    - SAUCE: ath10k: change QCA9377 IRAM back to 9

  * TrackPoint: middle button doesn't work on TrackPoint-compatible device.
    (LP: #1746002)
    - Input: trackpoint - force 3 buttons if 0 button is reported

  * [linux-oem] Fix out of bound VBT pin on CNP (LP: #1746411)
    - drm/i914/bios: amend child device config parameters
    - drm/i915/bios: document BDB versions of child device config fields
    - drm/i915/bios: remove the raw version of child device config
    - drm/i915/bios: add legacy contents to common child device config
    - drm/i915/bios: throw away high level child device union
    - drm/i915/bios: throw away struct old_child_dev_config
    - drm/i915/bios: document child device config dvo_port values a bit better
    - drm/i915/bios: group device type definitions together
    - drm/i915/bios: throw away unused DVO_* macros
    - drm/i915/bios: drop the rest of the p_ prefixes from pointers
    - drm/i915/cnl: Don't trust VBT's alternate pin for port D for now.
    - drm/i915/cnl: Map VBT DDC Pin to BSpec DDC Pin.
    - drm/i915/bios: split up iboost to hdmi and dp bitfields
    - drm/i915/bios: add DP max link rate to VBT child device struct
    - drm/i915/cnp: Ignore VBT request for know invalid DDC pin.
    - drm/i915/cnp: Properly handle VBT ddc pin out of bounds.

  * Miscellaneous upstream changes
    - Rebase to 4.13.0-35.39
    - [Config] update configs following rebase to 4.13.0-35.39
    - [oem config] Keep ignoring retpoline

  [ Ubuntu: 4.13.0-35.39 ]

  * linux: 4.13.0-35.39 -proposed tracker (LP: #1748743)
  * CVE-2017-5715 (Spectre v2 Intel)
    - Revert "UBUNTU: SAUCE: turn off IBPB when full retpoline is present"
    - SAUCE: turn off IBRS when full retpoline is present
    - [Packaging] retpoline files must be sorted
    - [Packaging] pull in retpoline files

  [ Ubuntu: 4.13.0-34.37 ]

  * linux: 4.13.0-34.37 -proposed tracker (LP: #1748475)
  * libata: apply MAX_SEC_1024 to all LITEON EP1 series devices (LP: #1743053)
    - libata: apply MAX_SEC_1024 to all LITEON EP1 series devices
  * KVM patches for s390x to provide facility bits 81 (ppa15) and 82 (bpb)
    (LP: #1747090)
    - KVM: s390: wire up bpb feature
  * artful 4.13 i386 kernels crash after memory hotplug remove (LP: #1747069)
    - Revert "mm, memory_hotplug: do not associate hotadded memory to zones until
      online"
  * CVE-2017-5715 (Spectre v2 Intel)
    - x86/feature: Enable the x86 feature to control Speculation
    - x86/feature: Report presence of IBPB and IBRS control
    - x86/enter: MACROS to set/clear IBRS and set IBPB
    - x86/enter: Use IBRS on syscall and interrupts
    - x86/idle: Disable IBRS entering idle and enable it on wakeup
    - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup
    - x86/mm: Set IBPB upon context switch
    - x86/mm: Only set IBPB when the new thread cannot ptrace current thread
    - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform
    - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm
    - x86/kvm: Set IBPB when switching VM
    - x86/kvm: Toggle IBRS on VM entry and exit
    - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature
    - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control
    - x86/cpu/AMD: Add speculative control support for AMD
    - x86/microcode: Extend post microcode reload to support IBPB feature
    - KVM: SVM: Do not intercept new speculative control MSRs
    - x86/svm: Set IBRS value on VM entry and exit
    - x86/svm: Set IBPB when running a different VCPU
    - KVM: x86: Add speculative control CPUID support for guests
    - SAUCE: turn off IBPB when full retpoline is present
  * Artful 4.13 fixes for tun (LP: #1748846)
    - tun: call dev_get_valid_name() before register_netdevice()
    - tun: allow positive return values on dev_get_valid_name() call
    - tun/tap: sanitize TUNSETSNDBUF input
  * boot failure on AMD Raven + WestonXT (LP: #1742759)
    - SAUCE: drm/amdgpu: add atpx quirk handling (v2)

  [ Ubuntu: 4.13.0-33.36 ]

  * linux: 4.13.0-33.36 -proposed tracker (LP: #1746903)
  * starting VMs causing retpoline4 to reboot (LP: #1747507) // CVE-2017-5715
    (Spectre v2 retpoline)
    - x86/retpoline: Fill RSB on context switch for affected CPUs
    - x86/retpoline: Add LFENCE to the retpoline/RSB filling RSB macros
    - x86/retpoline: Optimize inline assembler for vmexit_fill_RSB
    - x86/retpoline: Remove the esp/rsp thunk
    - x86/retpoline: Simplify vmexit_fill_RSB()
  * Missing install-time driver for QLogic QED 25/40/100Gb Ethernet NIC
    (LP: #1743638)
    - [d-i] Add qede to nic-modules udeb
  * hisi_sas: driver robustness fixes (LP: #1739807)
    - scsi: hisi_sas: fix reset and port ID refresh issues
    - scsi: hisi_sas: avoid potential v2 hw interrupt issue
    - scsi: hisi_sas: fix v2 hw underflow residual value
    - scsi: hisi_sas: add v2 hw DFX feature
    - scsi: hisi_sas: add irq and tasklet cleanup in v2 hw
    - scsi: hisi_sas: service interrupt ITCT_CLR interrupt in v2 hw
    - scsi: hisi_sas: fix internal abort slot timeout bug
    - scsi: hisi_sas: us start_phy in PHY_FUNC_LINK_RESET
    - scsi: hisi_sas: fix NULL check in SMP abort task path
    - scsi: hisi_sas: fix the risk of freeing slot twice
    - scsi: hisi_sas: kill tasklet when destroying irq in v3 hw
    - scsi: hisi_sas: complete all tasklets prior to host reset
  * [Artful/Zesty] ACPI APEI error handling bug fixes (LP: #1732990)
    - ACPI: APEI: fix the wrong iteration of generic error status block
    - ACPI / APEI: clear error status before acknowledging the error
  * [Zesty/Artful] On ARM64 PCIE physical function passthrough guest fails to
    boot (LP: #1732804)
    - vfio/pci: Virtualize Maximum Payload Size
    - vfio/pci: Virtualize Maximum Read Request Size
  * hisi_sas: Add ATA command support for SMR disks (LP: #1739891)
    - scsi: hisi_sas: support zone management commands
  * thunderx2: i2c driver PEC and ACPI clock fixes (LP: #1738073)
    - ACPI / APD: Add clock frequency for ThunderX2 I2C controller
    - i2c: xlp9xx: Get clock frequency with clk API
    - i2c: xlp9xx: Handle I2C_M_RECV_LEN in msg->flags
  * Falkor erratum 1041 needs workaround (LP: #1738497)
    - [Config] CONFIG_QCOM_FALKOR_ERRATUM_E1041=y
    - arm64: Add software workaround for Falkor erratum 1041
  * ThunderX: TX failure unless checksum offload disabled (LP: #1736593)
    - net: thunderx: Fix TCP/UDP checksum offload for IPv6 pkts
    - net: thunderx: Fix TCP/UDP checksum offload for IPv4 pkts
  * arm64/thunderx: Unhandled context faults in ACPI mode (LP: #1736774)
    - PCI: Set Cavium ACS capability quirk flags to assert RR/CR/SV/UF
    - PCI: Apply Cavium ThunderX ACS quirk to more Root Ports
  * arm64: Unfair rwlock can stall the system (LP: #1732238)
    - locking/qrwlock: Use 'struct qrwlock' instead of 'struct __qrwlock'
    - locking/atomic: Add atomic_cond_read_acquire()
    - locking/qrwlock: Use atomic_cond_read_acquire() when spinning in qrwlock
    - locking/qrwlock, arm64: Move rwlock implementation over to qrwlocks
    - locking/qrwlock: Prevent slowpath writers getting held up by fastpath
  * Shutdown hang on 16.04 with iscsi targets (LP: #1569925)
    - scsi: libiscsi: Allow sd_shutdown on bad transport
  * bt_iter() crash due to NULL pointer (LP: #1744300)
    - blk-mq-tag: check for NULL rq when iterating tags
  * hisilicon hibmc regression due to ea642c3216cb ("drm/ttm: add io_mem_pfn
    callback") (LP: #1738334)
    - SAUCE: drm: hibmc: Initialize the hibmc_bo_driver.io_mem_pfn
  * CVE-2017-5754 ARM64 KPTI fixes
    - arm64: Add ASM_BUG()
    - arm64: consistently use bl for C exception entry
    - arm64: syscallno is secretly an int, make it official
    - arm64: Abstract syscallno manipulation
    - arm64: move non-entry code out of .entry.text
    - arm64: unwind: avoid percpu indirection for irq stack
    - arm64: unwind: disregard frame.sp when validating frame pointer
    - arm64: mm: Fix set_memory_valid() declaration
    - arm64: Convert __inval_cache_range() to area-based
    - arm64: Expose DC CVAP to userspace
    - arm64: Handle trapped DC CVAP
    - arm64: Implement pmem API support
    - arm64: uaccess: Implement *_flushcache variants
    - arm64/vdso: Support mremap() for vDSO
    - arm64: unwind: reference pt_regs via embedded stack frame
    - arm64: unwind: remove sp from struct stackframe
    - arm64: uaccess: Add the uaccess_flushcache.c file
    - arm64: fix pmem interface definition
    - arm64: compat: Remove leftover variable declaration
    - fork: allow arch-override of VMAP stack alignment
    - arm64: kernel: remove {THREAD,IRQ_STACK}_START_SP
    - arm64: factor out PAGE_* and CONT_* definitions
    - arm64: clean up THREAD_* definitions
    - arm64: clean up irq stack definitions
    - arm64: move SEGMENT_ALIGN to <asm/memory.h>
    - efi/arm64: add EFI_KIMG_ALIGN
    - arm64: factor out entry stack manipulation
    - arm64: assembler: allow adr_this_cpu to use the stack pointer
    - arm64: use an irq stack pointer
    - arm64: add basic VMAP_STACK support
    - arm64: add on_accessible_stack()
    - arm64: add VMAP_STACK overflow detection
    - arm64: Convert pte handling from inline asm to using (cmp)xchg
    - kvm: arm64: Convert kvm_set_s2pte_readonly() from inline asm to cmpxchg()
    - arm64: Move PTE_RDONLY bit handling out of set_pte_at()
    - arm64: Ignore hardware dirty bit updates in ptep_set_wrprotect()
    - arm64: Remove the !CONFIG_ARM64_HW_AFDBM alternative code paths
    - arm64: introduce separated bits for mm_context_t flags
    - arm64: cleanup {COMPAT_,}SET_PERSONALITY() macro
    - KVM: arm/arm64: Fix guest external abort matching
    - KVM: arm/arm64: vgic: constify seq_operations and file_operations
    - KVM: arm/arm64: vITS: Drop its_ite->lpi field
    - KVM: arm/arm64: Extract GICv3 max APRn index calculation
    - KVM: arm/arm64: Support uaccess of GICC_APRn
    - arm64: move TASK_* definitions to <asm/processor.h>
    - arm64: Use larger stacks when KASAN is selected
    - arm64: sysreg: Move SPE registers and PSB into common header files
    - arm64: head: Init PMSCR_EL2.{PA,PCT} when entered at EL2 without VHE
    - arm64: Update fault_info table with new exception types
    - arm64: Use existing defines for mdscr
    - arm64: Fix single stepping in kernel traps
    - arm64: asm-bug: Renumber macro local labels to avoid clashes
    - arm64: Implement arch-specific pte_access_permitted()
    - arm64: explicitly mask all exceptions
    - arm64: introduce an order for exceptions
    - arm64: Move the async/fiq helpers to explicitly set process context flags
    - arm64: Mask all exceptions during kernel_exit
    - arm64: entry.S: Remove disable_dbg
    - arm64: entry.S: convert el1_sync
    - arm64: entry.S convert el0_sync
    - arm64: entry.S: convert elX_irq
    - arm64: entry.S: move SError handling into a C function for future expansion
    - arm64: pgd: Mark pgd_cache as __ro_after_init
    - arm64: cpu_ops: Add missing 'const' qualifiers
    - arm64: context: Fix comments and remove pointless smp_wmb()
    - arm64: SW PAN: Point saved ttbr0 at the zero page when switching to init_mm
    - arm64: SW PAN: Update saved ttbr0 value on enter_lazy_tlb
    - arm64: Expose support for optional ARMv8-A features
    - arm64: KVM: Hide unsupported AArch64 CPU features from guests
    - arm64: mm: Use non-global mappings for kernel space
    - arm64: mm: Temporarily disable ARM64_SW_TTBR0_PAN
    - arm64: mm: Move ASID from TTBR0 to TTBR1
    - arm64: mm: Remove pre_ttbr0_update_workaround for Falkor erratum #E1003
    - arm64: mm: Rename post_ttbr0_update_workaround
    - arm64: mm: Fix and re-enable ARM64_SW_TTBR0_PAN
    - arm64: mm: Allocate ASIDs in pairs
    - arm64: mm: Add arm64_kernel_unmapped_at_el0 helper
    - arm64: mm: Invalidate both kernel and user ASIDs when performing TLBI
    - arm64: entry: Add exception trampoline page for exceptions from EL0
    - arm64: mm: Map entry trampoline into trampoline and kernel page tables
    - arm64: entry: Explicitly pass exception level to kernel_ventry macro
    - arm64: entry: Hook up entry trampoline to exception vectors
    - arm64: erratum: Work around Falkor erratum #E1003 in trampoline code
    - arm64: tls: Avoid unconditional zeroing of tpidrro_el0 for native tasks
    - arm64: entry: Add fake CPU feature for unmapping the kernel at EL0
    - arm64: Kconfig: Add CONFIG_UNMAP_KERNEL_AT_EL0
    - arm64: mm: Introduce TTBR_ASID_MASK for getting at the ASID in the TTBR
    - arm64: kaslr: Put kernel vectors address in separate data page
    - arm64: use RET instruction for exiting the trampoline
    - arm64: Kconfig: Reword UNMAP_KERNEL_AT_EL0 kconfig entry
    - arm64: Fix the feature type for ID register fields
    - arm64: Take into account ID_AA64PFR0_EL1.CSV3
    - arm64: cpufeature: Pass capability structure to ->enable callback
    - drivers/firmware: Expose psci_get_version through psci_ops structure
    - arm64: Move post_ttbr_update_workaround to C code
    - arm64: Add skeleton to harden the branch predictor against aliasing attacks
    - arm64: KVM: Use per-CPU vector when BP hardening is enabled
    - arm64: KVM: Make PSCI_VERSION a fast path
    - arm64: cputype: Add missing MIDR values for Cortex-A72 and Cortex-A75
    - arm64: Implement branch predictor hardening for affected Cortex-A CPUs
    - arm64: Define cputype macros for Falkor CPU
    - arm64: Implement branch predictor hardening for Falkor
    - arm64: cputype: Add MIDR values for Cavium ThunderX2 CPUs
    - bpf: inline map in map lookup functions for array and htab
    - bpf: perf event change needed for subsequent bpf helpers
    - bpf: do not test for PCPU_MIN_UNIT_SIZE before percpu allocations
    - arm64: Branch predictor hardening for Cavium ThunderX2
    - arm64: capabilities: Handle duplicate entries for a capability
    - arm64: kpti: Fix the interaction between ASID switching and software PAN
    - SAUCE: arm: Add BTB invalidation on switch_mm for Cortex-A9, A12 and A17
    - SAUCE: arm: Invalidate BTB on prefetch abort outside of user mapping on
      Cortex A8, A9, A12 and A17
    - SAUCE: arm: KVM: Invalidate BTB on guest exit
    - SAUCE: arm: Add icache invalidation on switch_mm for Cortex-A15
    - SAUCE: arm: Invalidate icache on prefetch abort outside of user mapping on
      Cortex-A15
    - SAUCE: arm: KVM: Invalidate icache on guest exit for Cortex-A15
    - SAUCE: asm-generic/barrier: add generic nospec helpers
    - SAUCE: Documentation: document nospec helpers
    - SAUCE: arm64: implement nospec_{load,ptr}()
    - SAUCE: arm: implement nospec_ptr()
    - SAUCE: bpf: inhibit speculated out-of-bounds pointers
    - SAUCE: arm64: Implement branch predictor hardening for Falkor
    - SAUCE: arm64: Branch predictor hardening for Cavium ThunderX2
    - [Config] UNMAP_KERNEL_AT_EL0=y && HARDEN_BRANCH_PREDICTOR=y
  * [artful] panic in update_stack_state when reading /proc/<pid>/stack on i386
    (LP: #1747263)
    - x86/unwind: Fix dereference of untrusted pointer
  * CVE-2017-5753 (Spectre v1 Intel)
    - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature
    - SAUCE: reinstate MFENCE_RDTSC feature definition
    - locking/barriers: introduce new observable speculation barrier
    - bpf: prevent speculative execution in eBPF interpreter
    - x86, bpf, jit: prevent speculative execution when JIT is enabled
    - SAUCE: FIX: x86, bpf, jit: prevent speculative execution when JIT is enabled
    - uvcvideo: prevent speculative execution
    - carl9170: prevent speculative execution
    - p54: prevent speculative execution
    - qla2xxx: prevent speculative execution
    - cw1200: prevent speculative execution
    - Thermal/int340x: prevent speculative execution
    - ipv4: prevent speculative execution
    - ipv6: prevent speculative execution
    - fs: prevent speculative execution
    - net: mpls: prevent speculative execution
    - udf: prevent speculative execution
    - userns: prevent speculative execution
    - SAUCE: powerpc: add osb barrier
    - SAUCE: s390/spinlock: add osb memory barrier
    - SAUCE: claim mitigation via observable speculation barrier
  * CVE-2017-5715 (Spectre v2 retpoline)
    - x86/asm: Fix inline asm call constraints for Clang
    - kvm: vmx: Scrub hardware GPRs at VM-exit
    - sysfs/cpu: Add vulnerability folder
    - x86/cpu: Implement CPU vulnerabilites sysfs functions
    - x86/tboot: Unbreak tboot with PTI enabled
    - objtool: Detect jumps to retpoline thunks
    - objtool: Allow alternatives to be ignored
    - x86/retpoline: Add initial retpoline support
    - x86/spectre: Add boot time option to select Spectre v2 mitigation
    - x86/retpoline/crypto: Convert crypto assembler indirect jumps
    - x86/retpoline/entry: Convert entry assembler indirect jumps
    - x86/retpoline/ftrace: Convert ftrace assembler indirect jumps
    - x86/retpoline/hyperv: Convert assembler indirect jumps
    - x86/retpoline/xen: Convert Xen hypercall indirect jumps
    - x86/retpoline/checksum32: Convert assembler indirect jumps
    - x86/retpoline/irq32: Convert assembler indirect jumps
    - x86/retpoline: Fill return stack buffer on vmexit
    - selftests/x86: Add test_vsyscall
    - x86/pti: Fix !PCID and sanitize defines
    - security/Kconfig: Correct the Documentation reference for PTI
    - x86,perf: Disable intel_bts when PTI
    - x86/retpoline: Remove compile time warning
    - [Config] enable CONFIG_GENERIC_CPU_VULNERABILITIES
    - [Config] enable CONFIG_RETPOLINE
    - [Packaging] retpoline -- add call site validation
    - [Config] disable retpoline checks for first upload
  * CVE-2017-5715 (revert embargoed) // CVE-2017-5753 (revert embargoed)
    - Revert "UBUNTU: SAUCE: x86/entry: Fix up retpoline assembler labels"
    - Revert "kvm: vmx: Scrub hardware GPRs at VM-exit"
    - Revert "Revert "x86/svm: Add code to clear registers on VM exit""
    - Revert "UBUNTU: SAUCE: x86/microcode: Extend post microcode reload to
      support IBPB feature -- repair missmerge"
    - Revert "UBUNTU: SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit"
    - Revert "s390/spinlock: add gmb memory barrier"
    - Revert "powerpc: add gmb barrier"
    - Revert "x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature"
    - Revert "x86/svm: Add code to clear registers on VM exit"
    - Revert "x86/svm: Add code to clobber the RSB on VM exit"
    - Revert "KVM: x86: Add speculative control CPUID support for guests"
    - Revert "x86/svm: Set IBPB when running a different VCPU"
    - Revert "x86/svm: Set IBRS value on VM entry and exit"
    - Revert "KVM: SVM: Do not intercept new speculative control MSRs"
    - Revert "x86/microcode: Extend post microcode reload to support IBPB feature"
    - Revert "x86/cpu/AMD: Add speculative control support for AMD"
    - Revert "x86/entry: Use retpoline for syscall's indirect calls"
    - Revert "x86/syscall: Clear unused extra registers on 32-bit compatible
      syscall entrance"
    - Revert "x86/syscall: Clear unused extra registers on syscall entrance"
    - Revert "x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb
      control"
    - Revert "x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature"
    - Revert "x86/kvm: Pad RSB on VM transition"
    - Revert "x86/kvm: Toggle IBRS on VM entry and exit"
    - Revert "x86/kvm: Set IBPB when switching VM"
    - Revert "x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm"
    - Revert "x86/entry: Stuff RSB for entry to kernel for non-SMEP platform"
    - Revert "x86/mm: Only set IBPB when the new thread cannot ptrace current
      thread"
    - Revert "x86/mm: Set IBPB upon context switch"
    - Revert "x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup"
    - Revert "x86/idle: Disable IBRS entering idle and enable it on wakeup"
    - Revert "x86/enter: Use IBRS on syscall and interrupts"
    - Revert "x86/enter: MACROS to set/clear IBRS and set IBPB"
    - Revert "x86/feature: Report presence of IBPB and IBRS control"
    - Revert "x86/feature: Enable the x86 feature to control Speculation"
    - Revert "udf: prevent speculative execution"
    - Revert "net: mpls: prevent speculative execution"
    - Revert "fs: prevent speculative execution"
    - Revert "ipv6: prevent speculative execution"
    - Revert "userns: prevent speculative execution"
    - Revert "Thermal/int340x: prevent speculative execution"
    - Revert "cw1200: prevent speculative execution"
    - Revert "qla2xxx: prevent speculative execution"
    - Revert "p54: prevent speculative execution"
    - Revert "carl9170: prevent speculative execution"
    - Revert "uvcvideo: prevent speculative execution"
    - Revert "x86, bpf, jit: prevent speculative execution when JIT is enabled"
    - Revert "bpf: prevent speculative execution in eBPF interpreter"
    - Revert "locking/barriers: introduce new memory barrier gmb()"
  * Unable to boot with i386 4.13.0-25 / 4.13.0-26 / 4.13.0-31 kernel on Xenial
    / Artful (LP: #1745118)
    - x86/mm: Fix overlap of i386 CPU_ENTRY_AREA with FIX_BTMAP
  * 4.13: unable to increase MTU configuration for GRE devices (LP: #1743746)
    - ip_gre: remove the incorrect mtu limit for ipgre tap
  * CVE-2017-17712
    - net: ipv4: fix for a race condition in raw_sendmsg
  * upload urgency should be medium by default (LP: #1745338)
    - [Packaging] update urgency to medium by default
  * CVE-2017-15115
    - sctp: do not peel off an assoc from one netns to another one
  * CVE-2017-8824
    - dccp: CVE-2017-8824: use-after-free in DCCP code

 -- Timo Aaltonen <email address hidden>  Tue, 13 Feb 2018 10:05:50 +0200
Superseded in xenial-security on 2018-02-21
Superseded in xenial-updates on 2018-02-21
Deleted in xenial-proposed (Reason: moved to -updates)
linux-oem (4.13.0-1020.21) xenial; urgency=low

  * linux-oem: 4.13.0-1020.21 -proposed tracker (LP: #1746017)

  [ Stefan Bader ]
  * Firmware upgrade interface for CAC Reader BCM58102 (LP: #1744041)
    - SAUCE: Support fw upgrade for CAC Reader BCM58102

  * the wifi driver is always hard blocked on a lenovo laptop (LP: #1743672)
    - ACPI: EC: Fix possible issues related to EC initialization order

  * ath9k can't connect to wifi AP (LP: #1727228)
    - ath9k: add MSI support
    - ath9k: add a quirk to set use_msi automatically

  * boot failure on AMD Raven + WesternXT (LP: #1742759)
    - SAUCE: drm/amdgpu: add atpx quirk handling (v2)

  * x86: CFL missing from early quirks (LP: #1742755)
    - drm/i915: add GT number to intel_device_info
    - drm/i915/kbl: Change a KBL pci id to GT2 from GT1.5
    - SAUCE: x86/gpu: add CFL to early quirks

  * [0cf3:e010] QCA6174A XR failed to pair with bt 4.0 device  (LP: #1741166)
    - Bluetooth: btusb: Add support for 0cf3:e010

  * QCA Rome bluetooth failed to work after applying reset-resume quirk
    (LP: #1741206)
    - Revert "Bluetooth: btusb: fix QCA Rome suspend/resume"
    - usb: quirks: Add reset-resume quirk for Dell DW1820 QCA Rome Bluetooth

  * [800 G3 SFF] [800 G3 DM]External microphone of headset(3-ring) is working,
    2-ring mic not working, both not shown in sound settings  (LP: #1740974)
    - ALSA: hda - Add MIC_NO_PRESENCE fixup for 2 HP machines

  * Two front mics can't work on a lenovo machine (LP: #1740973)
    - ALSA: hda - change the location for one mic on a Lenovo machine

  * No external microphone be detected via headset jack on a dell machine
    (LP: #1740972)
    - ALSA: hda - fix headset mic detection issue on a Dell machine

  *  Can't detect external headset via line-out jack on some Dell machines
    (LP: #1740971)
    - ALSA: hda/realtek - Fix Dell AIO LineOut issue

 -- Timo Aaltonen <email address hidden>  Mon, 29 Jan 2018 16:51:18 +0200
Superseded in xenial-security on 2018-02-12
Superseded in xenial-updates on 2018-02-12
Deleted in xenial-proposed (Reason: NBS)
linux-oem (4.13.0-1019.20) xenial; urgency=low

  [ Ubuntu: 4.13.0-32.35 ]

  * CVE-2017-5715 // CVE-2017-5753
    - SAUCE: x86/entry: Fix up retpoline assembler labels

  [ Ubuntu: 4.13.0-31.34 ]

  * linux: 4.13.0-31.34 -proposed tracker (LP: #1744294)
  * CVE-2017-5715 // CVE-2017-5753
    - SAUCE: s390: improve cpu alternative handling for gmb and nobp
    - SAUCE: s390: print messages for gmb and nobp
    - [Config] KERNEL_NOBP=y

 -- Stefan Bader <email address hidden>  Thu, 25 Jan 2018 12:06:47 +0100
Deleted in xenial-proposed on 2018-02-01 (Reason: NBS)
linux-oem (4.13.0-1018.19) xenial; urgency=low

  * Firmware upgrade interface for CAC Reader BCM58102 (LP: #1744041)
    - SAUCE: Support fw upgrade for CAC Reader BCM58102

  * the wifi driver is always hard blocked on a lenovo laptop (LP: #1743672)
    - ACPI: EC: Fix possible issues related to EC initialization order

  * ath9k can't connect to wifi AP (LP: #1727228)
    - ath9k: add MSI support
    - ath9k: add a quirk to set use_msi automatically

  * boot failure on AMD Raven + WesternXT (LP: #1742759)
    - SAUCE: drm/amdgpu: add atpx quirk handling (v2)

  * x86: CFL missing from early quirks (LP: #1742755)
    - drm/i915: add GT number to intel_device_info
    - drm/i915/kbl: Change a KBL pci id to GT2 from GT1.5
    - SAUCE: x86/gpu: add CFL to early quirks

  * [0cf3:e010] QCA6174A XR failed to pair with bt 4.0 device  (LP: #1741166)
    - Bluetooth: btusb: Add support for 0cf3:e010

  * QCA Rome bluetooth failed to work after applying reset-resume quirk
    (LP: #1741206)
    - Revert "Bluetooth: btusb: fix QCA Rome suspend/resume"
    - usb: quirks: Add reset-resume quirk for Dell DW1820 QCA Rome Bluetooth

  * [800 G3 SFF] [800 G3 DM]External microphone of headset(3-ring) is working,
    2-ring mic not working, both not shown in sound settings  (LP: #1740974)
    - ALSA: hda - Add MIC_NO_PRESENCE fixup for 2 HP machines

  * Two front mics can't work on a lenovo machine (LP: #1740973)
    - ALSA: hda - change the location for one mic on a Lenovo machine

  * No external microphone be detected via headset jack on a dell machine
    (LP: #1740972)
    - ALSA: hda - fix headset mic detection issue on a Dell machine

  *  Can't detect external headset via line-out jack on some Dell machines
    (LP: #1740971)
    - ALSA: hda/realtek - Fix Dell AIO LineOut issue

 -- Timo Aaltonen <email address hidden>  Tue, 23 Jan 2018 15:19:28 +0200
Superseded in xenial-security on 2018-01-26
Superseded in xenial-updates on 2018-01-26
Deleted in xenial-proposed (Reason: NBS)
linux-oem (4.13.0-1017.18) xenial; urgency=low

  * linux-oem: 4.13.0-1017.18 -proposed tracker (LP: #1743418)

  * Realtek card reader - RTS5243 [VEN_10EC&DEV_5260] (LP: #1737673)
    - mmc: rtsx: fix tuning fail on gen3 PCI-Express
    - mfd: rts5249: Add support for RTS5250S power saving
    - misc: rtsx: Move Realtek Card Reader Driver to misc
    - misc: rtsx: Add support for RTS5260
    - misc: rtsx: Fix symbol clashes
    - [Config] update configs for RTSX

  * Realtek card reader power consumption issue (LP: #1743516)
    - mfd: Fix RTS5227 (and others) powermanagement

  [ Ubuntu: 4.13.0-30.33 ]

  * linux: 4.13.0-30.33 -proposed tracker (LP: #1743412)
  * Do not duplicate changelog entries assigned to more than one bug or CVE
    (LP: #1743383)
    - [Packaging] git-ubuntu-log -- handle multiple bugs/cves better
  * Unable to handle kernel NULL pointer dereference at isci_task_abort_task
    (LP: #1726519)
    - Revert "scsi: libsas: allow async aborts"
  * CVE-2017-5715 // CVE-2017-5753
    - SAUCE: x86/microcode: Extend post microcode reload to support IBPB feature
      -- repair missmerge
    - Revert "x86/svm: Add code to clear registers on VM exit"
    - kvm: vmx: Scrub hardware GPRs at VM-exit

Deleted in xenial-proposed on 2018-01-17 (Reason: NBS)
linux-oem (4.13.0-1016.17) xenial; urgency=low

  * linux-oem: 4.13.0-1016.17 -proposed tracker (LP: #1742728)

  * Add support for Realtek Bluetooth device [0bda:b00a] (LP: #1742613)
    - SAUCE: Import Bluetooth driver for Realtek 8821CE
    - SAUCE: Make rtl8821ce-bt work with 0bda:b00a only
    - SAUCE: rtl8821ce-bt: append device ID to config filename
    - SAUCE: bluetooth: Blacklist 0bda:b00a
    - SAUCE: build ubuntu/rtl8821ce-bt for x86 only

  * Add support for Realtek WiFi device [10ec:c821] (LP: #1740231)
    - SAUCE: Import RTL8821CE driver
    - SAUCE: Add ubuntu/rtl8821ce into build script
    - SAUCE: Sync ubuntu/rtl8821ce with a new release from Realtek

  * External HDMI monitor failed to show screen on Lenovo X1 series
    (LP: #1738523)
    - SAUCE: drm/i915: Disable writing of TMDS_OE on Lenovo ThinkPad X1 series

  * Support realtek new codec alc257 in the alsa hda driver  (LP: #1738911)
    - ALSA: hda/realtek - New codec support for ALC257

  * QCA Rome bluetooth can not wakeup after USB runtime suspended.
    (LP: #1737890)
    - Bluetooth: btusb: driver to enable the usb-wakeup feature

  * Intel 9260/9462/9560 can't connect to 5GHz AP (LP: #1736639)
    - iwlwifi: mvm: enable RX offloading with TKIP and WEP
    - iwlwifi: mvm: mark MIC stripped MPDUs

  * [Artful][Wyse 3040] System hang when trying to enable an offlined CPU core
    (LP: #1736393)
    - SAUCE: drm/i915:Don't set chip specific data
    - SAUCE: drm/i915: make previous commit affects Wyse 3040 only

  * Touchpad stops working after a few seconds in Lenovo ideapad 320
    (LP: #1732056)
    - pinctrl/amd: fix masking of GPIO interrupts

  [ Ubuntu: 4.13.0-29.32 ]

  * linux: 4.13.0-29.32 -proposed tracker (LP: #1742722)
  * CVE-2017-5754
    - Revert "x86/cpu: Implement CPU vulnerabilites sysfs functions"
    - Revert "sysfs/cpu: Fix typos in vulnerability documentation"
    - Revert "sysfs/cpu: Add vulnerability folder"
    - Revert "UBUNTU: [Config] updateconfigs to enable
      GENERIC_CPU_VULNERABILITIES"

  [ Ubuntu: 4.13.0-28.31 ]

  * CVE-2017-5753
    - SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit
  * CVE-2017-5715
    - SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit

  [ Ubuntu: 4.13.0-27.30 ]

  * CVE-2017-5753
    - locking/barriers: introduce new memory barrier gmb()
    - bpf: prevent speculative execution in eBPF interpreter
    - x86, bpf, jit: prevent speculative execution when JIT is enabled
    - uvcvideo: prevent speculative execution
    - carl9170: prevent speculative execution
    - p54: prevent speculative execution
    - qla2xxx: prevent speculative execution
    - cw1200: prevent speculative execution
    - Thermal/int340x: prevent speculative execution
    - userns: prevent speculative execution
    - ipv6: prevent speculative execution
    - fs: prevent speculative execution
    - net: mpls: prevent speculative execution
    - udf: prevent speculative execution
    - x86/feature: Enable the x86 feature to control Speculation
    - x86/feature: Report presence of IBPB and IBRS control
    - x86/enter: MACROS to set/clear IBRS and set IBPB
    - x86/enter: Use IBRS on syscall and interrupts
    - x86/idle: Disable IBRS entering idle and enable it on wakeup
    - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup
    - x86/mm: Set IBPB upon context switch
    - x86/mm: Only set IBPB when the new thread cannot ptrace current thread
    - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform
    - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm
    - x86/kvm: Set IBPB when switching VM
    - x86/kvm: Toggle IBRS on VM entry and exit
    - x86/kvm: Pad RSB on VM transition
    - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature
    - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control
    - x86/syscall: Clear unused extra registers on syscall entrance
    - x86/syscall: Clear unused extra registers on 32-bit compatible syscall
      entrance
    - x86/entry: Use retpoline for syscall's indirect calls
    - x86/cpu/AMD: Add speculative control support for AMD
    - x86/microcode: Extend post microcode reload to support IBPB feature
    - KVM: SVM: Do not intercept new speculative control MSRs
    - x86/svm: Set IBRS value on VM entry and exit
    - x86/svm: Set IBPB when running a different VCPU
    - KVM: x86: Add speculative control CPUID support for guests
    - x86/svm: Add code to clobber the RSB on VM exit
    - x86/svm: Add code to clear registers on VM exit
    - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature
    - powerpc: add gmb barrier
    - s390/spinlock: add gmb memory barrier
    - x86/microcode/AMD: Add support for fam17h microcode loading
  * CVE-2017-5715
    - locking/barriers: introduce new memory barrier gmb()
    - bpf: prevent speculative execution in eBPF interpreter
    - x86, bpf, jit: prevent speculative execution when JIT is enabled
    - uvcvideo: prevent speculative execution
    - carl9170: prevent speculative execution
    - p54: prevent speculative execution
    - qla2xxx: prevent speculative execution
    - cw1200: prevent speculative execution
    - Thermal/int340x: prevent speculative execution
    - userns: prevent speculative execution
    - ipv6: prevent speculative execution
    - fs: prevent speculative execution
    - net: mpls: prevent speculative execution
    - udf: prevent speculative execution
    - x86/feature: Enable the x86 feature to control Speculation
    - x86/feature: Report presence of IBPB and IBRS control
    - x86/enter: MACROS to set/clear IBRS and set IBPB
    - x86/enter: Use IBRS on syscall and interrupts
    - x86/idle: Disable IBRS entering idle and enable it on wakeup
    - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup
    - x86/mm: Set IBPB upon context switch
    - x86/mm: Only set IBPB when the new thread cannot ptrace current thread
    - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform
    - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm
    - x86/kvm: Set IBPB when switching VM
    - x86/kvm: Toggle IBRS on VM entry and exit
    - x86/kvm: Pad RSB on VM transition
    - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature
    - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control
    - x86/syscall: Clear unused extra registers on syscall entrance
    - x86/syscall: Clear unused extra registers on 32-bit compatible syscall
      entrance
    - x86/entry: Use retpoline for syscall's indirect calls
    - x86/cpu/AMD: Add speculative control support for AMD
    - x86/microcode: Extend post microcode reload to support IBPB feature
    - KVM: SVM: Do not intercept new speculative control MSRs
    - x86/svm: Set IBRS value on VM entry and exit
    - x86/svm: Set IBPB when running a different VCPU
    - KVM: x86: Add speculative control CPUID support for guests
    - x86/svm: Add code to clobber the RSB on VM exit
    - x86/svm: Add code to clear registers on VM exit
    - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature
    - powerpc: add gmb barrier
    - s390/spinlock: add gmb memory barrier
    - x86/microcode/AMD: Add support for fam17h microcode loading
  * CVE-2017-5754
    - x86/pti: Enable PTI by default
    - x86/pti: Make sure the user/kernel PTEs match
    - x86/dumpstack: Fix partial register dumps
    - x86/dumpstack: Print registers for first stack frame
    - x86/process: Define cpu_tss_rw in same section as declaration
    - x86/mm: Set MODULES_END to 0xffffffffff000000
    - x86/mm: Map cpu_entry_area at the same place on 4/5 level
    - x86/kaslr: Fix the vaddr_end mess
    - x86/events/intel/ds: Use the proper cache flush method for mapping ds
      buffers
    - x86/tlb: Drop the _GPL from the cpu_tlbstate export
    - x86/alternatives: Add missing '\n' at end of ALTERNATIVE inline asm
    - x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN
    - x86/pti: Unbreak EFI old_memmap
    - x86/Documentation: Add PTI description
    - x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]
    - sysfs/cpu: Add vulnerability folder
    - x86/cpu: Implement CPU vulnerabilites sysfs functions
    - x86/tboot: Unbreak tboot with PTI enabled
    - x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*()
    - x86/cpu/AMD: Make LFENCE a serializing instruction
    - x86/cpu/AMD: Use LFENCE_RDTSC in preference to MFENCE_RDTSC
    - sysfs/cpu: Fix typos in vulnerability documentation
    - x86/alternatives: Fix optimize_nops() checking
    - x86/pti: Make unpoison of pgd for trusted boot work for real
    - s390: introduce CPU alternatives
    - s390: add ppa to kernel entry / exit
    - SAUCE: powerpc: Secure memory rfi flush
    - SAUCE: rfi-flush: Make DEBUG_RFI a CONFIG option
    - SAUCE: rfi-flush: Add HRFI_TO_UNKNOWN and use it in denorm
    - SAUCE: rfi-flush: kvmppc_skip_(H)interrupt returns to host kernel
    - SAUCE: KVM: Revert the implementation of H_GET_CPU_CHARACTERISTICS
    - SAUCE: rfi-flush: Implement congruence-first fallback flush
    - SAUCE: rfi-flush: Make l1d_flush_type bit flags
    - SAUCE: rfi-flush: Push the instruction selection down to the patching
      routine
    - SAUCE: rfi-flush: Expand the RFI section to two nop slots
    - SAUCE: rfi-flush: Support more than one flush type at once
    - SAUCE: rfi-flush: Allow HV to advertise multiple flush types
    - SAUCE: rfi-flush: Add speculation barrier before ori 30,30,0 flush
    - SAUCE: rfi-flush: Add barriers to the fallback L1D flushing
    - SAUCE: rfi-flush: Rework powernv logic to be more cautious
    - SAUCE: rfi-flush: Rework pseries logic to be more cautious
    - SAUCE: rfi-flush: Put the fallback flushes in the real trampoline section
    - SAUCE: rfi-flush: Fix the fallback flush to actually activate
    - SAUCE: rfi-flush: Fix HRFI_TO_UNKNOWN
    - SAUCE: rfi-flush: Refactor the macros so the nops are defined once
    - SAUCE: rfi-flush: Add no_rfi_flush and nopti comandline options
    - SAUCE: rfi-flush: Use rfi-flush in printks
    - SAUCE: rfi-flush: Fallback flush add load dependency
    - SAUCE: rfi-flush: Fix the 32-bit KVM build
    - SAUCE: rfi-flush: Fix some RFI conversions in the KVM code
    - SAUCE: rfi-flush: Make the fallback robust against memory corruption
    - [Config] Disable CONFIG_PPC_DEBUG_RFI
    - [Config] updateconfigs to enable GENERIC_CPU_VULNERABILITIES
  * powerpc: flush L1D on return to use (LP: #1742772)
    - SAUCE: powerpc: Secure memory rfi flush
    - SAUCE: rfi-flush: Make DEBUG_RFI a CONFIG option
    - SAUCE: rfi-flush: Add HRFI_TO_UNKNOWN and use it in denorm
    - SAUCE: rfi-flush: kvmppc_skip_(H)interrupt returns to host kernel
    - SAUCE: KVM: Revert the implementation of H_GET_CPU_CHARACTERISTICS
    - SAUCE: rfi-flush: Implement congruence-first fallback flush
    - SAUCE: rfi-flush: Make l1d_flush_type bit flags
    - SAUCE: rfi-flush: Push the instruction selection down to the patching
      routine
    - SAUCE: rfi-flush: Expand the RFI section to two nop slots
    - SAUCE: rfi-flush: Support more than one flush type at once
    - SAUCE: rfi-flush: Allow HV to advertise multiple flush types
    - SAUCE: rfi-flush: Add speculation barrier before ori 30,30,0 flush
    - SAUCE: rfi-flush: Add barriers to the fallback L1D flushing
    - SAUCE: rfi-flush: Rework powernv logic to be more cautious
    - SAUCE: rfi-flush: Rework pseries logic to be more cautious
    - SAUCE: rfi-flush: Put the fallback flushes in the real trampoline section
    - SAUCE: rfi-flush: Fix the fallback flush to actually activate
    - SAUCE: rfi-flush: Fix HRFI_TO_UNKNOWN
    - SAUCE: rfi-flush: Refactor the macros so the nops are defined once
    - SAUCE: rfi-flush: Add no_rfi_flush and nopti comandline options
    - SAUCE: rfi-flush: Use rfi-flush in printks
    - SAUCE: rfi-flush: Fallback flush add load dependency
    - SAUCE: rfi-flush: Fix the 32-bit KVM build
    - SAUCE: rfi-flush: Fix some RFI conversions in the KVM code
    - SAUCE: rfi-flush: Make the fallback robust against memory corruption
    - [Config] Disable CONFIG_PPC_DEBUG_RFI
  * s390: add ppa to kernel entry/exit (LP: #1742771)
    - s390: introduce CPU alternatives
    - s390: add ppa to kernel entry / exit

 -- Kleber Sacilotto de Souza <email address hidden>  Fri, 12 Jan 2018 15:41:21 +0100
Superseded in xenial-security on 2018-01-22
Superseded in xenial-updates on 2018-01-22
Deleted in xenial-proposed (Reason: moved to -updates)
linux-oem (4.13.0-1015.16) xenial; urgency=low

  * linux-oem: 4.13.0-1015.16 -proposed tracker (LP: #1741958)

  [ Ubuntu: 4.13.0-25.29 ]

  * linux: 4.13.0-25.29 -proposed tracker (LP: #1741955)
  * CVE-2017-5754
    - Revert "UBUNTU: [Config] updateconfigs to enable PTI"
    - [Config] Enable PTI with UNWINDER_FRAME_POINTER

Deleted in xenial-proposed on 2018-01-09 (Reason: NBS)
linux-oem (4.13.0-1013.14) xenial; urgency=low

  * linux-oem: 4.13.0-1013.14 -proposed tracker (LP: #1738797)

  * Support realtek new codec alc257 in the alsa hda driver  (LP: #1738911)
    - ALSA: hda/realtek - New codec support for ALC257

  * QCA Rome bluetooth can not wakeup after USB runtime suspended.
    (LP: #1737890)
    - Bluetooth: btusb: driver to enable the usb-wakeup feature

  * Intel 9260/9462/9560 can't connect to 5GHz AP (LP: #1736639)
    - iwlwifi: mvm: enable RX offloading with TKIP and WEP
    - iwlwifi: mvm: mark MIC stripped MPDUs

  * [Artful][Wyse 3040] System hang when trying to enable an offlined CPU core
    (LP: #1736393)
    - SAUCE: drm/i915:Don't set chip specific data
    - SAUCE: drm/i915: make previous commit affects Wyse 3040 only

  * Touchpad stops working after a few seconds in Lenovo ideapad 320
    (LP: #1732056)
    - pinctrl/amd: fix masking of GPIO interrupts

  * Miscellaneous upstream changes
    - Ubuntu: Rebase to 4.13.0-22.25

  [ Ubuntu: 4.13.0-22.25 ]

  * linux: 4.13.0-22.25 -proposed tracker (LP: #1738791)
  * CVE-2017-15115
    - sctp: do not peel off an assoc from one netns to another one
  * CVE-2017-8824
    - dccp: CVE-2017-8824: use-after-free in DCCP code

 -- Timo Aaltonen <email address hidden>  Tue, 19 Dec 2017 17:39:44 +0200

Available diffs

Superseded in xenial-security on 2018-01-09
Superseded in xenial-updates on 2018-01-09
Deleted in xenial-proposed (Reason: NBS)
linux-oem (4.13.0-1012.13) xenial; urgency=low

  * linux-oem: 4.13.0-1012.13 -proposed tracker (LP: #1738862)

  * Ubuntu 17.10 corrupting BIOS - many LENOVO laptops models (LP: #1734147)
    - [Config] CONFIG_SPI_INTEL_SPI_PLATFORM=n

  [ Ubuntu: 4.13.0-21.24 ]

  * linux: 4.13.0-21.24 -proposed tracker (LP: #1738823)
  * Ubuntu 17.10 corrupting BIOS - many LENOVO laptops models (LP: #1734147)
    - [Config] CONFIG_SPI_INTEL_SPI_PLATFORM=n

 -- Thadeu Lima de Souza Cascardo <email address hidden>  Mon, 18 Dec 2017 17:34:18 -0200
Superseded in xenial-security on 2017-12-21
Superseded in xenial-updates on 2017-12-21
Deleted in xenial-proposed (Reason: moved to -updates)
linux-oem (4.13.0-1010.11) xenial; urgency=low

  * linux-oem: 4.13.0-1010.11 -proposed tracker (LP: #1736124)

  [ Ubuntu: 4.13.0-19.22 ]

  * linux: 4.13.0-19.22 -proposed tracker (LP: #1736118)
  * CVE-2017-1000405
    - mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d()

Deleted in xenial-proposed on 2017-12-06 (Reason: NBS)
linux-oem (4.13.0-1009.10) xenial; urgency=low

  * linux-oem: 4.13.0-1009.10 -proposed tracker (LP: #1733532)

  * Intel 9260/9462/9560 driver support (LP: #1734242)
    - iwlwifi: refactor out paging code
    - iwlwifi: refactor shared mem parsing
    - iwlwifi: reorganize firmware API
    - iwlwifi: mvm: support version 7 of the SCAN_REQ_UMAC FW command
    - iwlwifi: fix PCI IDs and configuration mapping for 9000 series
    - iwlwifi: fix firmware names for 9000 and A000 series hw

  * QCA Rome bluetooth connection cannot be established after S3  (LP: #1734020)
    - Bluetooth: btusb: fix QCA Rome suspend/resume

  * elantech touchpad of Lenovo L480/580 failed to detect hw_version
    (LP: #1733605)
    - Input: elantech - add new icbody type 15

  * AQUANTIA AQC107 10G[1D6A:0001] & 2.5/5Gb [1D6A:D108] NIC (LP: #1730544)
    - net: aquantia: Bad udp rate on default interrupt coalescing
    - aquantia: Fix Tx queue hangups
    - net: aquantia: Reset nic statistics on interface up/down
    - net: aquantia: Enable coalescing management via ethtool interface
    - net: aquantia: mmio unmap was not performed on driver removal
    - net: aquantia: Limit number of MSIX irqs to the number of cpus
    - net: aquantia: Fixed transient link up/down/up notification
    - net: aquantia: Add queue restarts stats counter
    - net: aquantia: Reset nic statistics on interface up/down

  * Miscellaneous Ubuntu changes
    - Rebase to 4.13.0-18.21

  * Miscellaneous upstream changes
    - Ubuntu: [Config] update configs following rebase to Ubuntu-4.13.0-18.21

  [ Ubuntu: 4.13.0-18.21 ]

  * linux: 4.13.0-18.21 -proposed tracker (LP: #1733530)
  * NVMe timeout is too short (LP: #1729119)
    - nvme: update timeout module parameter type
  * CPU call trace on AMD Raven Ridge after S3 (LP: #1732894)
    - x86/mce/AMD: Allow any CPU to initialize the smca_banks array
  * Set PANIC_TIMEOUT=10 on Power Systems (LP: #1730660)
    - [Config]: Set PANIC_TIMEOUT=10 on ppc64el
  * Cannot pair BLE remote devices when using combo BT SoC (LP: #1731467)
    - Bluetooth: increase timeout for le auto connections
  * enable CONFIG_SND_SOC_INTEL_BYT_CHT_NOCODEC_MACH easily confuse users
    (LP: #1732627)
    - [Config] CONFIG_SND_SOC_INTEL_BYT_CHT_NOCODEC_MACH=n
  * Plantronics P610 does not support sample rate reading (LP: #1719853)
    - ALSA: usb-audio: Add sample rate quirk for Plantronics P610
  * Allow drivers to use Relaxed Ordering on capable root ports (LP: #1721365)
    - Revert commit 1a8b6d76dc5b ("net:add one common config...")
    - net: ixgbe: Use new PCI_DEV_FLAGS_NO_RELAXED_ORDERING flag
  * support GICv3 ITS save/restore & migration (LP: #1710019)
    - KVM: arm/arm64: vgic-its: Fix return value for device table restore
  * Device hotplugging with MPT SAS cannot work for VMWare ESXi (LP: #1730852)
    - scsi: mptsas: Fixup device hotplug for VMWare ESXi
  * Artful update to 4.13.13 stable release (LP: #1732726)
    - netfilter: nat: Revert "netfilter: nat: convert nat bysrc hash to
      rhashtable"
    - netfilter: nft_set_hash: disable fast_ops for 2-len keys
    - workqueue: Fix NULL pointer dereference
    - crypto: ccm - preserve the IV buffer
    - crypto: x86/sha1-mb - fix panic due to unaligned access
    - crypto: x86/sha256-mb - fix panic due to unaligned access
    - KEYS: fix NULL pointer dereference during ASN.1 parsing [ver #2]
    - ACPI / PM: Blacklist Low Power S0 Idle _DSM for Dell XPS13 9360
    - ARM: 8720/1: ensure dump_instr() checks addr_limit
    - ALSA: timer: Limit max instances per timer
    - ALSA: usb-audio: support new Amanero Combo384 firmware version
    - ALSA: hda - fix headset mic problem for Dell machines with alc274
    - ALSA: seq: Fix OSS sysex delivery in OSS emulation
    - ALSA: seq: Avoid invalid lockdep class warning
    - MIPS: Fix CM region target definitions
    - MIPS: BMIPS: Fix missing cbr address
    - MIPS: AR7: Defer registration of GPIO
    - MIPS: AR7: Ensure that serial ports are properly set up
    - KVM: PPC: Book3S HV: Fix exclusion between HPT resizing and other HPT
      updates
    - Input: elan_i2c - add ELAN060C to the ACPI table
    - rbd: use GFP_NOIO for parent stat and data requests
    - drm/vmwgfx: Fix Ubuntu 17.10 Wayland black screen issue
    - Revert "x86: CPU: Fix up "cpu MHz" in /proc/cpuinfo"
    - can: sun4i: handle overrun in RX FIFO
    - can: peak: Add support for new PCIe/M2 CAN FD interfaces
    - can: ifi: Fix transmitter delay calculation
    - can: c_can: don't indicate triple sampling support for D_CAN
    - x86/debug: Handle warnings before the notifier chain, to fix KGDB crash
    - x86/smpboot: Make optimization of delay calibration work correctly
    - x86/oprofile/ppro: Do not use __this_cpu*() in preemptible context
    - Linux 4.13.13
  * ELANTECH Touchpad is not detected in 'Lenovo Ideapad 320 14AST' after fresh
    install (LP: #1727544)
    - Input: elan_i2c - add ELAN060C to the ACPI table
  * Power8 Nest PMU Instrumentation support (LP: #1481347)
    - powerpc/powernv: Add IMC OPAL APIs
    - powerpc/powernv: Detect and create IMC device
    - powerpc/perf: Add nest IMC PMU support
    - powerpc/perf: Add core IMC PMU support
    - powerpc/perf: Add thread IMC PMU support
    - powerpc/perf: Fix double unlock in imc_common_cpuhp_mem_free()
    - powerpc/perf/imc: Fix nest events on muti socket system
    - powerpc/powernv: Fix build error in opal-imc.c when NUMA=n
    - powerpc/perf: Fix usage of nest_imc_refc
    - powerpc/perf: Fix for core/nest imc call trace on cpuhotplug
    - powerpc/perf: Add ___GFP_NOWARN flag to alloc_pages_node()
    - powerpc/perf: Fix IMC initialization crash
  * Artful update to 4.13.12 stable release (LP: #1731971)
    - ALSA: timer: Add missing mutex lock for compat ioctls
    - ALSA: seq: Fix nested rwsem annotation for lockdep splat
    - cifs: check MaxPathNameComponentLength != 0 before using it
    - KEYS: return full count in keyring_read() if buffer is too small
    - KEYS: trusted: fix writing past end of buffer in trusted_read()
    - KEYS: fix out-of-bounds read during ASN.1 parsing
    - ASoC: adau17x1: Workaround for noise bug in ADC
    - virtio_blk: Fix an SG_IO regression
    - arm64: ensure __dump_instr() checks addr_limit
    - KVM: arm64: its: Fix missing dynamic allocation check in scan_its_table
    - arm/arm64: KVM: set right LR register value for 32 bit guest when inject
      abort
    - arm/arm64: kvm: Disable branch profiling in HYP code
    - ARM: dts: mvebu: pl310-cache disable double-linefill
    - ARM: 8715/1: add a private asm/unaligned.h
    - drm/amdgpu: return -ENOENT from uvd 6.0 early init for harvesting
    - drm/amdgpu: allow harvesting check for Polaris VCE
    - userfaultfd: hugetlbfs: prevent UFFDIO_COPY to fill beyond the end of i_size
    - ocfs2: fstrim: Fix start offset of first cluster group during fstrim
    - fs/hugetlbfs/inode.c: fix hwpoison reserve accounting
    - mm, swap: fix race between swap count continuation operations
    - drm/i915: Do not rely on wm preservation for ILK watermarks
    - drm/i915/edp: read edp display control registers unconditionally
    - Revert "powerpc64/elfv1: Only dereference function descriptor for non-text
      symbols"
    - MIPS: bpf: Fix a typo in build_one_insn()
    - MIPS: smp-cmp: Use right include for task_struct
    - MIPS: microMIPS: Fix incorrect mask in insn_table_MM
    - MIPS: SMP: Fix deadlock & online race
    - Revert "x86: do not use cpufreq_quick_get() for /proc/cpuinfo "cpu MHz""
    - x86: CPU: Fix up "cpu MHz" in /proc/cpuinfo
    - powerpc/kprobes: Dereference function pointers only if the address does not
      belong to kernel text
    - futex: Fix more put_pi_state() vs. exit_pi_state_list() races
    - perf/cgroup: Fix perf cgroup hierarchy support
    - x86/mcelog: Get rid of RCU remnants
    - irqchip/irq-mvebu-gicp: Add missing spin_lock init
    - Linux 4.13.12
  * Artful update to 4.13.11 stable release (LP: #1731961)
    - workqueue: replace pool->manager_arb mutex with a flag
    - nvme-fc: fix iowait hang
    - ALSA: hda/realtek - Add support for ALC236/ALC3204
    - ALSA: hda - fix headset mic problem for Dell machines with alc236
    - ceph: unlock dangling spinlock in try_flush_caps()
    - Fix tracing sample code warning.
    - KVM: PPC: Fix oops when checking KVM_CAP_PPC_HTM
    - KVM: PPC: Book3S HV: POWER9 more doorbell fixes
    - KVM: PPC: Book3S: Protect kvmppc_gpa_to_ua() with SRCU
    - s390/kvm: fix detection of guest machine checks
    - nbd: handle interrupted sendmsg with a sndtimeo set
    - spi: uapi: spidev: add missing ioctl header
    - spi: a3700: Return correct value on timeout detection
    - spi: bcm-qspi: Fix use after free in bcm_qspi_probe() in error path
    - spi: armada-3700: Fix failing commands with quad-SPI
    - ovl: add NULL check in ovl_alloc_inode
    - ovl: fix EIO from lookup of non-indexed upper
    - ovl: handle ENOENT on index lookup
    - ovl: do not cleanup unsupported index entries
    - fuse: fix READDIRPLUS skipping an entry
    - xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap()
    - xen: fix booting ballooned down hvm guest
    - cifs: Select all required crypto modules
    - CIFS: Fix NULL pointer deref on SMB2_tcon() failure
    - Input: elan_i2c - add ELAN0611 to the ACPI table
    - Input: gtco - fix potential out-of-bound access
    - Fix encryption labels and lengths for SMB3.1.1
    - SMB3: Validate negotiate request must always be signed
    - assoc_array: Fix a buggy node-splitting case
    - scsi: zfcp: fix erp_action use-before-initialize in REC action trace
    - scsi: aacraid: Fix controller initialization failure
    - scsi: qla2xxx: Initialize Work element before requesting IRQs
    - scsi: sg: Re-fix off by one in sg_fill_request_table()
    - x86/cpu/AMD: Apply the Erratum 688 fix when the BIOS doesn't
    - drm/amd/powerplay: fix uninitialized variable
    - drm/i915/perf: fix perf enable/disable ioctls with 32bits userspace
    - can: sun4i: fix loopback mode
    - can: kvaser_usb: Correct return value in printout
    - can: kvaser_usb: Ignore CMD_FLUSH_QUEUE_REPLY messages
    - cfg80211: fix connect/disconnect edge cases
    - ipsec: Fix aborted xfrm policy dump crash
    - regulator: fan53555: fix I2C device ids
    - powerpc/xive: Fix the size of the cpumask used in xive_find_target_in_mask()
    - Linux 4.13.11
  * Touchpad not detected - Lenovo ideapad 320-15IKB (LP: #1723736)
    - Input: elan_i2c - add ELAN0611 to the ACPI table
  * Artful update to 4.13.10 stable release (LP: #1731951)
    - staging: bcm2835-audio: Fix memory corruption
    - USB: devio: Revert "USB: devio: Don't corrupt user memory"
    - USB: core: fix out-of-bounds access bug in usb_get_bos_descriptor()
    - USB: serial: metro-usb: add MS7820 device id
    - usb: cdc_acm: Add quirk for Elatec TWN3
    - usb: quirks: add quirk for WORLDE MINI MIDI keyboard
    - usb: hub: Allow reset retry for USB2 devices on connect bounce
    - ALSA: usb-audio: Add native DSD support for Pro-Ject Pre Box S2 Digital
    - can: gs_usb: fix busy loop if no more TX context is available
    - scsi: qla2xxx: Fix uninitialized work element
    - nbd: don't set the device size until we're connected
    - s390/cputime: fix guest/irq/softirq times after CPU hotplug
    - parisc: Fix double-word compare and exchange in LWS code on 32-bit kernels
    - parisc: Fix detection of nonsynchronous cr16 cycle counters
    - iio: dummy: events: Add missing break
    - usb: musb: sunxi: Explicitly release USB PHY on exit
    - USB: musb: fix session-bit runtime-PM quirk
    - USB: musb: fix late external abort on suspend
    - usb: musb: musb_cppi41: Fix the address of teardown and autoreq registers
    - usb: musb: musb_cppi41: Fix cppi41_set_dma_mode() for DA8xx
    - usb: musb: musb_cppi41: Configure the number of channels for DA8xx
    - usb: musb: Check for host-mode using is_host_active() on reset interrupt
    - xhci: Identify USB 3.1 capable hosts by their port protocol capability
    - xhci: Cleanup current_cmd in xhci_cleanup_command_queue()
    - usb: xhci: Reset halted endpoint if trb is noop
    - usb: xhci: Handle error condition in xhci_stop_device()
    - can: esd_usb2: Fix can_dlc value for received RTR, frames
    - can: af_can: can_pernet_init(): add missing error handling for kzalloc
      returning NULL
    - can: flexcan: fix state transition regression
    - can: flexcan: rename legacy error state quirk
    - can: flexcan: implement error passive state quirk
    - can: flexcan: fix i.MX6 state transition issue
    - can: flexcan: fix i.MX28 state transition issue
    - can: flexcan: fix p1010 state transition issue
    - KEYS: encrypted: fix dereference of NULL user_key_payload
    - mmc: sdhci-pci: Fix default d3_retune for Intel host controllers
    - drm/i915: Use bdw_ddi_translations_fdi for Broadwell
    - drm/nouveau/kms/nv50: fix oops during DP IRQ handling on non-MST boards
    - drm/nouveau/bsp/g92: disable by default
    - drm/nouveau/mmu: flush tlbs before deleting page tables
    - media: s5p-cec: add NACK detection support
    - media: cec: Respond to unregistered initiators, when applicable
    - media: dvb: i2c transfers over usb cannot be done from stack
    - tracing/samples: Fix creation and deletion of simple_thread_fn creation
    - ALSA: seq: Enable 'use' locking in all configurations
    - ALSA: hda: Remove superfluous '-' added by printk conversion
    - ALSA: hda: Abort capability probe at invalid register read
    - i2c: ismt: Separate I2C block read from SMBus block read
    - i2c: piix4: Fix SMBus port selection for AMD Family 17h chips
    - Revert "tools/power turbostat: stop migrating, unless '-m'"
    - Input: stmfts - fix setting ABS_MT_POSITION_* maximum size
    - brcmfmac: Add check for short event packets
    - brcmsmac: make some local variables 'static const' to reduce stack size
    - ARM: dts: sun6i: Fix endpoint IDs in second display pipeline
    - bus: mbus: fix window size calculation for 4GB windows
    - clockevents/drivers/cs5535: Improve resilience to spurious interrupts
    - rtlwifi: rtl8821ae: Fix connection lost problem
    - x86/microcode/intel: Disable late loading on model 79
    - lib/digsig: fix dereference of NULL user_key_payload
    - fscrypt: fix dereference of NULL user_key_payload
    - ecryptfs: fix dereference of NULL user_key_payload
    - KEYS: Fix race between updating and finding a negative key
    - FS-Cache: fix dereference of NULL user_key_payload
    - KEYS: don't let add_key() update an uninstantiated key
    - pkcs7: Prevent NULL pointer dereference, since sinfo is not always set.
    - arm64: dts: rockchip: correct vqmmc voltage for rk3399 platforms
    - ALSA: hda - Fix incorrect TLV callback check introduced during set_fs()
      removal
    - iomap_dio_rw: Allocate AIO completion queue before submitting dio
    - xfs: don't unconditionally clear the reflink flag on zero-block files
    - xfs: evict CoW fork extents when performing finsert/fcollapse
    - fs/xfs: Use %pS printk format for direct addresses
    - xfs: report zeroed or not correctly in xfs_zero_range()
    - xfs: update i_size after unwritten conversion in dio completion
    - xfs: perag initialization should only touch m_ag_max_usable for AG 0
    - xfs: Capture state of the right inode in xfs_iflush_done
    - xfs: always swap the cow forks when swapping extents
    - xfs: handle racy AIO in xfs_reflink_end_cow
    - xfs: Don't log uninitialised fields in inode structures
    - xfs: move more RT specific code under CONFIG_XFS_RT
    - xfs: don't change inode mode if ACL update fails
    - xfs: reinit btree pointer on attr tree inactivation walk
    - xfs: handle error if xfs_btree_get_bufs fails
    - xfs: cancel dirty pages on invalidation
    - xfs: trim writepage mapping to within eof
    - xfs: move two more RT specific functions into CONFIG_XFS_RT
    - Linux 4.13.10
  * Artful update to 4.13.9 stable release (LP: #1731926)
    - perf pmu: Unbreak perf record for arm/arm64 with events with explicit PMU
    - mm: page_vma_mapped: ensure pmd is loaded with READ_ONCE outside of lock
    - HID: hid-elecom: extend to fix descriptor for HUGE trackball
    - Drivers: hv: vmbus: Fix rescind handling issues
    - Drivers: hv: vmbus: Fix bugs in rescind handling
    - vmbus: simplify hv_ringbuffer_read
    - vmbus: refactor hv_signal_on_read
    - vmbus: eliminate duplicate cached index
    - vmbus: more host signalling avoidance
    - Linux 4.13.9

 -- Timo Aaltonen <email address hidden>  Sun, 26 Nov 2017 18:24:42 +0200

Available diffs

Superseded in xenial-updates on 2017-12-07
Deleted in xenial-proposed (Reason: NBS)
linux-oem (4.13.0-1008.9) xenial; urgency=low

  * Reading HDA audio capability register crashes the kernel (LP: #1730261)
    - ALSA: hda: Abort capability probe at invalid register read

  * The HDMI audio can't work on all Geminilake machines we have (Dell laptops
    or desktops)  (LP: #1731091)
    - SAUCE: drm/i915: Track minimum acceptable cdclk instead of "minimum
      dotclock"
    - SAUCE: drm/i915: Consolidate max_cdclk_freq check in
      intel_crtc_compute_min_cdclk()
    - SAUCE: drm/i915: set minimum CD clock to twice the BCLK.

  * Backport support for Intel Coffee Lake (LP: #1729842)
    - drm/i915: Fix PCH names for KBP and CNP.
    - drm/i915: Stop using long platform names on clock gating functions.
    - drm/i915/cnp: Wa 1181: Fix Backlight issue
    - drm/i915/cnp: Don't touch other PCH clock gating bits.
    - drm/i915/cnp: Display Wa #1179: WaHardHangonHotPlug
    - drm/i915/cfl: Coffee Lake works on Kaby Lake PCH.
    - drm/i915/cfl: Remove alpha support protection.

  * headset mic can't work on laptops with the codec alc236 (LP: #1729500)
    - ALSA: hda/realtek - Add support for ALC236/ALC3204
    - ALSA: hda - fix headset mic problem for Dell machines with alc236

  * Miscellaneous Ubuntu changes
    - [Config] Sync with master
    - [Packaging] Bump debhelper to 9
    - [Config] Sync annotations with master
    - [Packaging] d-i: Drop kernel-versions diff
    - [Packaging] Add aufs-dkms Provides
    - Rebase to 4.13.0-17.20
    - [Config] update configs following rebase to 4.13.0-17.20
    - [Config] Ignore modules turned built-in

  [ Ubuntu: 4.13.0-17.20 ]

  * linux: 4.13.0-17.20 -proposed tracker (LP: #1728927)
  * thunderx2 ahci errata workaround needs additional delays (LP: #1724117)
    - SAUCE: ahci: thunderx2: stop engine fix update
  * usb 3-1: 2:1: cannot get freq at ep 0x1 (LP: #1708499)
    - ALSA: usb-audio: Add sample rate quirk for Plantronics C310/C520-M
  * Plantronics Blackwire C520-M - Cannot get freq at ep 0x1, 0x81
    (LP: #1709282)
    - ALSA: usb-audio: Add sample rate quirk for Plantronics C310/C520-M
  * TSC_DEADLINE incorrectly disabled inside virtual guests (LP: #1724912)
    - x86/apic: Silence "FW_BUG TSC_DEADLINE disabled due to Errata" on CPUs
      without the feature
    - x86/apic: Silence "FW_BUG TSC_DEADLINE disabled due to Errata" on
      hypervisors
  * x86/apic: Update TSC_DEADLINE quirk with additional SKX stepping
    (LP: #1724612)
    - x86/apic: Update TSC_DEADLINE quirk with additional SKX stepping
  * [Artful] Add support for Dell/Wyse 3040 audio codec (LP: #1723916)
    - SAUCE: ASoC: rt5670: Add support for Wyse 3040
  * [Artful] Some Dell Monitors Doesn't Work Well with Dell/Wyse 3040
    (LP: #1723915)
    - SAUCE: drm/i915: Workaround for DP DPMS D3 on Dell monitor
  * [Artful] Support headset mode for DELL WYSE (LP: #1723913)
    - SAUCE: ALSA: hda/realtek - Add support headset mode for DELL WYSE
  * Touchpad and TrackPoint Dose Not Work on Lenovo X1C6 and X280 (LP: #1723986)
    - SAUCE: Input: synaptics-rmi4 - RMI4 can also use SMBUS version 3
    - SAUCE: Input: synaptics - Lenovo X1 Carbon 5 should use SMBUS/RMI
    - SAUCE: Input: synaptics - add Intertouch support on X1 Carbon 6th and X280
  * Artful update to v4.13.8 stable release (LP: #1724669)
    - USB: dummy-hcd: Fix deadlock caused by disconnect detection
    - MIPS: math-emu: Remove pr_err() calls from fpu_emu()
    - MIPS: bpf: Fix uninitialised target compiler error
    - mei: always use domain runtime pm callbacks.
    - dmaengine: edma: Align the memcpy acnt array size with the transfer
    - dmaengine: ti-dma-crossbar: Fix possible race condition with dma_inuse
    - NFS: Fix uninitialized rpc_wait_queue
    - nfs/filelayout: fix oops when freeing filelayout segment
    - HID: usbhid: fix out-of-bounds bug
    - crypto: skcipher - Fix crash on zero-length input
    - crypto: shash - Fix zero-length shash ahash digest crash
    - KVM: MMU: always terminate page walks at level 1
    - KVM: nVMX: fix guest CR4 loading when emulating L2 to L1 exit
    - usb: renesas_usbhs: Fix DMAC sequence for receiving zero-length packet
    - pinctrl/amd: Fix build dependency on pinmux code
    - iommu/amd: Finish TLB flush in amd_iommu_unmap()
    - device property: Track owner device of device property
    - Revert "vmalloc: back off when the current task is killed"
    - fs/mpage.c: fix mpage_writepage() for pages with buffers
    - ALSA: usb-audio: Kill stray URB at exiting
    - ALSA: seq: Fix use-after-free at creating a port
    - ALSA: seq: Fix copy_from_user() call inside lock
    - ALSA: caiaq: Fix stray URB at probe error path
    - ALSA: line6: Fix NULL dereference at podhd_disconnect()
    - ALSA: line6: Fix missing initialization before error path
    - ALSA: line6: Fix leftover URB at error-path during probe
    - drm/atomic: Unref duplicated drm_atomic_state in drm_atomic_helper_resume()
    - drm/i915/edp: Get the Panel Power Off timestamp after panel is off
    - drm/i915: Read timings from the correct transcoder in intel_crtc_mode_get()
    - drm/i915/bios: parse DDI ports also for CHV for HDMI DDC pin and DP AUX
      channel
    - drm/i915: Use crtc_state_is_legacy_gamma in intel_color_check
    - usb: gadget: configfs: Fix memory leak of interface directory data
    - usb: gadget: composite: Fix use-after-free in
      usb_composite_overwrite_options
    - PCI: aardvark: Move to struct pci_host_bridge IRQ mapping functions
    - Revert "PCI: tegra: Do not allocate MSI target memory"
    - direct-io: Prevent NULL pointer access in submit_page_section
    - fix unbalanced page refcounting in bio_map_user_iov
    - more bio_map_user_iov() leak fixes
    - bio_copy_user_iov(): don't ignore ->iov_offset
    - perf script: Add missing separator for "-F ip,brstack" (and brstackoff)
    - genirq/cpuhotplug: Enforce affinity setting on startup of managed irqs
    - genirq/cpuhotplug: Add sanity check for effective affinity mask
    - USB: serial: ftdi_sio: add id for Cypress WICED dev board
    - USB: serial: cp210x: fix partnum regression
    - USB: serial: cp210x: add support for ELV TFD500
    - USB: serial: option: add support for TP-Link LTE module
    - USB: serial: qcserial: add Dell DW5818, DW5819
    - USB: serial: console: fix use-after-free on disconnect
    - USB: serial: console: fix use-after-free after failed setup
    - RAS/CEC: Use the right length for "cec_disable"
    - x86/microcode: Do the family check first
    - x86/alternatives: Fix alt_max_short macro to really be a max()
    - KVM: nVMX: update last_nonleaf_level when initializing nested EPT
    - Linux 4.13.8
  * Artful update to v4.13.7 stable release (LP: #1724668)
    - watchdog: Revert "iTCO_wdt: all versions count down twice"
    - Linux 4.13.7
  * libvirt - vnc port selection regression with newer kernels (LP: #1722702)
    - net: set tb->fast_sk_family
    - net: use inet6_rcv_saddr to compare sockets
    - inet: fix improper empty comparison
  * powerpc/64s: Add workaround for P9 vector CI load issue (LP: #1721070)
    - powerpc/mce: Move 64-bit machine check code into mce.c
    - powerpc/64s: Add workaround for P9 vector CI load issue
  * Artful update to v4.13.6 stable release (LP: #1723145)
    - imx-media-of: avoid uninitialized variable warning
    - usb: dwc3: ep0: fix DMA starvation by assigning req->trb on ep0
    - mlxsw: spectrum: Fix EEPROM access in case of SFP/SFP+
    - net: bonding: Fix transmit load balancing in balance-alb mode if specified
      by sysfs
    - openvswitch: Fix an error handling path in 'ovs_nla_init_match_and_action()'
    - mlxsw: spectrum: Prevent mirred-related crash on removal
    - net: bonding: fix tlb_dynamic_lb default value
    - net_sched: gen_estimator: fix scaling error in bytes/packets samples
    - net: sched: fix use-after-free in tcf_action_destroy and tcf_del_walker
    - sctp: potential read out of bounds in sctp_ulpevent_type_enabled()
    - tcp: update skb->skb_mstamp more carefully
    - bpf/verifier: reject BPF_ALU64|BPF_END
    - tcp: fix data delivery rate
    - udpv6: Fix the checksum computation when HW checksum does not apply
    - ip6_gre: skb_push ipv6hdr before packing the header in ip6gre_header
    - net: phy: Fix mask value write on gmii2rgmii converter speed register
    - ip6_tunnel: do not allow loading ip6_tunnel if ipv6 is disabled in cmdline
    - net/sched: cls_matchall: fix crash when used with classful qdisc
    - 8139too: revisit napi_complete_done() usage
    - bpf: do not disable/enable BH in bpf_map_free_id()
    - tcp: fastopen: fix on syn-data transmit failure
    - net: emac: Fix napi poll list corruption
    - net: ipv6: fix regression of no RTM_DELADDR sent after DAD failure
    - packet: hold bind lock when rebinding to fanout hook
    - bpf: one perf event close won't free bpf program attached by another perf
      event
    - net: change skb->mac_header when Generic XDP calls adjust_head
    - isdn/i4l: fetch the ppp_write buffer in one shot
    - net_sched: always reset qdisc backlog in qdisc_reset()
    - net: stmmac: Cocci spatch "of_table"
    - net: qcom/emac: specify the correct size when mapping a DMA buffer
    - vti: fix use after free in vti_tunnel_xmit/vti6_tnl_xmit
    - l2tp: fix race condition in l2tp_tunnel_delete
    - tun: bail out from tun_get_user() if the skb is empty
    - net: dsa: mv88e6xxx: Allow dsa and cpu ports in multiple vlans
    - net: dsa: Fix network device registration order
    - packet: in packet_do_bind, test fanout with bind_lock held
    - packet: only test po->has_vnet_hdr once in packet_snd
    - net: dsa: mv88e6xxx: lock mutex when freeing IRQs
    - net: Set sk_prot_creator when cloning sockets to the right proto
    - net/mlx5e: IPoIB, Fix access to invalid memory address
    - netlink: do not proceed if dump's start() errs
    - ip6_gre: ip6gre_tap device should keep dst
    - ip6_tunnel: update mtu properly for ARPHRD_ETHER tunnel device in tx path
    - IPv4: early demux can return an error code
    - tipc: use only positive error codes in messages
    - l2tp: fix l2tp_eth module loading
    - socket, bpf: fix possible use after free
    - net: rtnetlink: fix info leak in RTM_GETSTATS call
    - bpf: fix bpf_tail_call() x64 JIT
    - usb: gadget: core: fix ->udc_set_speed() logic
    - USB: gadgetfs: Fix crash caused by inadequate synchronization
    - USB: gadgetfs: fix copy_to_user while holding spinlock
    - usb: gadget: udc: atmel: set vbus irqflags explicitly
    - usb: gadget: udc: renesas_usb3: fix for no-data control transfer
    - usb: gadget: udc: renesas_usb3: fix Pn_RAMMAP.Pn_MPKT value
    - usb: gadget: udc: renesas_usb3: Fix return value of usb3_write_pipe()
    - usb-storage: unusual_devs entry to fix write-access regression for Seagate
      external drives
    - usb-storage: fix bogus hardware error messages for ATA pass-thru devices
    - usb: renesas_usbhs: fix the BCLR setting condition for non-DCP pipe
    - usb: renesas_usbhs: fix usbhsf_fifo_clear() for RX direction
    - ALSA: usb-audio: Check out-of-bounds access by corrupted buffer descriptor
    - usb: pci-quirks.c: Corrected timeout values used in handshake
    - USB: cdc-wdm: ignore -EPIPE from GetEncapsulatedResponse
    - USB: dummy-hcd: fix connection failures (wrong speed)
    - USB: dummy-hcd: fix infinite-loop resubmission bug
    - USB: dummy-hcd: Fix erroneous synchronization change
    - USB: devio: Prevent integer overflow in proc_do_submiturb()
    - USB: devio: Don't corrupt user memory
    - USB: g_mass_storage: Fix deadlock when driver is unbound
    - USB: uas: fix bug in handling of alternate settings
    - USB: core: harden cdc_parse_cdc_header
    - usb: Increase quirk delay for USB devices
    - USB: fix out-of-bounds in usb_set_configuration
    - usb: xhci: Free the right ring in xhci_add_endpoint()
    - xhci: fix finding correct bus_state structure for USB 3.1 hosts
    - xhci: fix wrong endpoint ESIT value shown in tracing
    - usb: host: xhci-plat: allow sysdev to inherit from ACPI
    - xhci: Fix sleeping with spin_lock_irq() held in ASmedia 1042A workaround
    - Revert "xhci: Limit USB2 port wake support for AMD Promontory hosts"
    - iio: adc: twl4030: Fix an error handling path in 'twl4030_madc_probe()'
    - iio: adc: twl4030: Disable the vusb3v1 rugulator in the error handling path
      of 'twl4030_madc_probe()'
    - iio: ad_sigma_delta: Implement a dedicated reset function
    - staging: iio: ad7192: Fix - use the dedicated reset function avoiding dma
      from stack.
    - iio: core: Return error for failed read_reg
    - IIO: BME280: Updates to Humidity readings need ctrl_reg write!
    - iio: trigger: stm32-timer: preset shouldn't be buffered
    - iio: trigger: stm32-timer: fix a corner case to write preset
    - iio: ad7793: Fix the serial interface reset
    - iio: adc: stm32: fix bad error check on max_channels
    - iio: adc: mcp320x: Fix readout of negative voltages
    - iio: adc: mcp320x: Fix oops on module unload
    - uwb: properly check kthread_run return value
    - uwb: ensure that endpoint is interrupt
    - staging: vchiq_2835_arm: Fix NULL ptr dereference in free_pagelist
    - ksm: fix unlocked iteration over vmas in cmp_and_merge_page()
    - mm, hugetlb, soft_offline: save compound page order before page migration
    - mm, oom_reaper: skip mm structs with mmu notifiers
    - mm: fix RODATA_TEST failure "rodata_test: test data was not read only"
    - mm: avoid marking swap cached page as lazyfree
    - mm: fix data corruption caused by lazyfree page
    - userfaultfd: non-cooperative: fix fork use after free
    - lib/ratelimit.c: use deferred printk() version
    - lsm: fix smack_inode_removexattr and xattr_getsecurity memleak
    - ALSA: compress: Remove unused variable
    - Revert "ALSA: echoaudio: purge contradictions between dimension matrix
      members and total number of members"
    - ALSA: usx2y: Suppress kernel warning at page allocation failures
    - powerpc/powernv: Increase memory block size to 1GB on radix
    - powerpc: Fix action argument for cpufeatures-based TLB flush
    - powerpc/64s: Use emergency stack for kernel TM Bad Thing program checks
    - powerpc/tm: Fix illegal TM state in signal handler
    - percpu: make this_cpu_generic_read() atomic w.r.t. interrupts
    - intel_th: pci: Add Lewisburg PCH support
    - driver core: platform: Don't read past the end of "driver_override" buffer
    - cgroup: Reinit cgroup_taskset structure before cgroup_migrate_execute()
      returns
    - Drivers: hv: fcopy: restore correct transfer length
    - vmbus: don't acquire the mutex in vmbus_hvsock_device_unregister()
    - stm class: Fix a use-after-free
    - auxdisplay: charlcd: properly restore atomic counter on error path
    - ftrace: Fix kmemleak in unregister_ftrace_graph
    - ovl: fix error value printed in ovl_lookup_index()
    - ovl: fix dput() of ERR_PTR in ovl_cleanup_index()
    - ovl: fix dentry leak in ovl_indexdir_cleanup()
    - ovl: fix missing unlock_rename() in ovl_do_copy_up()
    - ovl: fix regression caused by exclusive upper/work dir protection
    - arm64: dt marvell: Fix AP806 system controller size
    - arm64: Ensure the instruction emulation is ready for userspace
    - HID: rmi: Make sure the HID device is opened on resume
    - HID: i2c-hid: allocate hid buffers for real worst case
    - HID: wacom: leds: Don't try to control the EKR's read-only LEDs
    - HID: wacom: Properly report negative values from Intuos Pro 2 Bluetooth
    - HID: wacom: Correct coordinate system of touchring and pen twist
    - HID: wacom: generic: Send MSC_SERIAL and ABS_MISC when leaving prox
    - HID: wacom: generic: Clear ABS_MISC when tool leaves proximity
    - HID: wacom: Always increment hdev refcount within wacom_get_hdev_data
    - HID: wacom: bits shifted too much for 9th and 10th buttons
    - btrfs: avoid overflow when sector_t is 32 bit
    - Btrfs: fix overlap of fs_info::flags values
    - rocker: fix rocker_tlv_put_* functions for KASAN
    - netlink: fix nla_put_{u8,u16,u32} for KASAN
    - dm crypt: reject sector_size feature if device length is not aligned to it
    - dm ioctl: fix alignment of event number in the device list
    - dm crypt: fix memory leak in crypt_ctr_cipher_old()
    - KVM: PPC: Book3S: Fix server always zero from kvmppc_xive_get_xive()
    - kvm/x86: Avoid async PF preempting the kernel incorrectly
    - iwlwifi: mvm: use IWL_HCMD_NOCOPY for MCAST_FILTER_CMD
    - scsi: sd: Implement blacklist option for WRITE SAME w/ UNMAP
    - scsi: sd: Do not override max_sectors_kb sysfs setting
    - brcmfmac: add length check in brcmf_cfg80211_escan_handler()
    - brcmfmac: setup passive scan if requested by user-space
    - drm/i915: always update ELD connector type after get modes
    - drm/i915/bios: ignore HDMI on port A
    - bsg-lib: fix use-after-free under memory-pressure
    - nvme-pci: Use PCI bus address for data/queues in CMB
    - mmc: core: add driver strength selection when selecting hs400es
    - nl80211: Define policy for packet pattern attributes
    - clk: samsung: exynos4: Enable VPLL and EPLL clocks for suspend/resume cycle
    - udp: perform source validation for mcast early demux
    - udp: fix bcast packet reception
    - base: arch_topology: fix section mismatch build warnings
    - Linux 4.13.6
  * Artful update to v4.13.5 stable release (LP: #1721777)
    - cifs: check rsp for NULL before dereferencing in SMB2_open
    - cifs: release cifs root_cred after exit_cifs
    - cifs: release auth_key.response for reconnect.
    - nvme-pci: fix host memory buffer allocation fallback
    - nvme-pci: use appropriate initial chunk size for HMB allocation
    - nvme-pci: propagate (some) errors from host memory buffer setup
    - dax: remove the pmem_dax_ops->flush abstraction
    - dm integrity: do not check integrity for failed read operations
    - mmc: block: Fix incorrectly initialized requests
    - fs/proc: Report eip/esp in /prod/PID/stat for coredumping
    - scsi: scsi_transport_fc: fix NULL pointer dereference in fc_bsg_job_timeout
    - SMB3: Add support for multidialect negotiate (SMB2.1 and later)
    - mac80211: fix VLAN handling with TXQs
    - mac80211_hwsim: Use proper TX power
    - mac80211: flush hw_roc_start work before cancelling the ROC
    - mac80211: fix deadlock in driver-managed RX BA session start
    - genirq: Make sparse_irq_lock protect what it should protect
    - genirq/msi: Fix populating multiple interrupts
    - genirq: Fix cpumask check in __irq_startup_managed()
    - KVM: PPC: Book3S HV: Hold kvm->lock around call to kvmppc_update_lpcr
    - KVM: PPC: Book3S HV: Fix bug causing host SLB to be restored incorrectly
    - KVM: PPC: Book3S HV: Don't access XIVE PIPR register using byte accesses
    - tracing: Fix trace_pipe behavior for instance traces
    - tracing: Erase irqsoff trace with empty write
    - tracing: Remove RCU work arounds from stack tracer
    - md/raid5: fix a race condition in stripe batch
    - md/raid5: preserve STRIPE_ON_UNPLUG_LIST in break_stripe_batch_list
    - scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't parse
      nlmsg properly
    - scsi: aacraid: Fix 2T+ drives on SmartIOC-2000
    - scsi: aacraid: Add a small delay after IOP reset
    - drm/exynos: Fix locking in the suspend/resume paths
    - drm/i915/gvt: Fix incorrect PCI BARs reporting
    - Revert "drm/i915/bxt: Disable device ready before shutdown command"
    - drm/amdgpu: revert tile table update for oland
    - drm/radeon: disable hard reset in hibernate for APUs
    - crypto: drbg - fix freeing of resources
    - crypto: talitos - Don't provide setkey for non hmac hashing algs.
    - crypto: talitos - fix sha224
    - crypto: talitos - fix hashing
    - security/keys: properly zero out sensitive key material in big_key
    - security/keys: rewrite all of big_key crypto
    - KEYS: fix writing past end of user-supplied buffer in keyring_read()
    - KEYS: prevent creating a different user's keyrings
    - KEYS: prevent KEYCTL_READ on negative key
    - libnvdimm, namespace: fix btt claim class crash
    - powerpc/eeh: Create PHB PEs after EEH is initialized
    - powerpc/pseries: Fix parent_dn reference leak in add_dt_node()
    - powerpc/tm: Flush TM only if CPU has TM feature
    - MIPS: Fix perf event init
    - s390/perf: fix bug when creating per-thread event
    - s390/mm: make pmdp_invalidate() do invalidation only
    - s390/mm: fix write access check in gup_huge_pmd()
    - PM: core: Fix device_pm_check_callbacks()
    - Revert "IB/ipoib: Update broadcast object if PKey value was changed in index
      0"
    - Fix SMB3.1.1 guest authentication to Samba
    - SMB3: Fix endian warning
    - SMB3: Warn user if trying to sign connection that authenticated as guest
    - SMB: Validate negotiate (to protect against downgrade) even if signing off
    - SMB3: handle new statx fields
    - SMB3: Don't ignore O_SYNC/O_DSYNC and O_DIRECT flags
    - vfs: Return -ENXIO for negative SEEK_HOLE / SEEK_DATA offsets
    - libceph: don't allow bidirectional swap of pg-upmap-items
    - nl80211: check for the required netlink attributes presence
    - brd: fix overflow in __brd_direct_access
    - gfs2: Fix debugfs glocks dump
    - bsg-lib: don't free job in bsg_prepare_job
    - iw_cxgb4: drop listen destroy replies if no ep found
    - iw_cxgb4: remove the stid on listen create failure
    - iw_cxgb4: put ep reference in pass_accept_req()
    - rcu: Allow for page faults in NMI handlers
    - mmc: sdhci-pci: Fix voltage switch for some Intel host controllers
    - extable: Consolidate *kernel_text_address() functions
    - extable: Enable RCU if it is not watching in kernel_text_address()
    - seccomp: fix the usage of get/put_seccomp_filter() in seccomp_get_filter()
    - arm64: Make sure SPsel is always set
    - arm64: fault: Route pte translation faults via do_translation_fault
    - KVM: VMX: extract __pi_post_block
    - KVM: VMX: avoid double list add with VT-d posted interrupts
    - KVM: VMX: simplify and fix vmx_vcpu_pi_load
    - KVM: nVMX: fix HOST_CR3/HOST_CR4 cache
    - kvm/x86: Handle async PF in RCU read-side critical sections
    - kvm: nVMX: Don't allow L2 to access the hardware CR8
    - xfs: validate bdev support for DAX inode flag
    - fix infoleak in waitid(2)
    - sched/sysctl: Check user input value of sysctl_sched_time_avg
    - irq/generic-chip: Don't replace domain's name
    - mtd: Fix partition alignment check on multi-erasesize devices
    - mtd: nand: atmel: fix buffer overflow in atmel_pmecc_user
    - etnaviv: fix submit error path
    - etnaviv: fix gem object list corruption
    - futex: Fix pi_state->owner serialization
    - md: fix a race condition for flush request handling
    - md: separate request handling
    - PCI: Fix race condition with driver_override
    - btrfs: fix NULL pointer dereference from free_reloc_roots()
    - btrfs: clear ordered flag on cleaning up ordered extents
    - btrfs: finish ordered extent cleaning if no progress is found
    - btrfs: propagate error to btrfs_cmp_data_prepare caller
    - btrfs: prevent to set invalid default subvolid
    - platform/x86: fujitsu-laptop: Don't oops when FUJ02E3 is not presnt
    - PM / OPP: Call notifier without holding opp_table->lock
    - x86/mm: Fix fault error path using unsafe vma pointer
    - x86/fpu: Don't let userspace set bogus xcomp_bv
    - KVM: VMX: do not change SN bit in vmx_update_pi_irte()
    - KVM: VMX: remove WARN_ON_ONCE in kvm_vcpu_trigger_posted_interrupt
    - KVM: VMX: use cmpxchg64
    - video: fbdev: aty: do not leak uninitialized padding in clk to userspace
    - Linux 4.13.5
    - [Config] Update configs for v4.13.5

 -- Timo Aaltonen <email address hidden>  Mon, 13 Nov 2017 19:43:44 +0200

Available diffs

Deleted in xenial-proposed on 2017-11-17 (Reason: NBS)
linux-oem (4.13.0-1007.8) xenial; urgency=low

  * mwifiex cannot connect to wifi AP when keeping wireless connection idle for
    more than 60 seconds (LP: #1725154)
    - SAUCE: cfg80211: workaround for mwifiex

  * Touchpad and TrackPoint Dose Not Work on Lenovo X1C6 and X280 (LP: #1723986)
    - SAUCE: Input: synaptics-rmi4 - RMI4 can also use SMBUS version 3
    - SAUCE: Input: synaptics - Lenovo X1 Carbon 5 should use SMBUS/RMI
    - SAUCE: Input: synaptics - add Intertouch support on X1 Carbon 6th and X280

  * [Artful] Add support for Dell/Wyse 3040 audio codec (LP: #1723916)
    - SAUCE: ASoC: rt5670: Add support for Wyse 3040

  * [Artful] Some Dell Monitors Doesn't Work Well with Dell/Wyse 3040
    (LP: #1723915)
    - SAUCE: drm/i915: Workaround for DP DPMS D3 on Dell monitor

  * [Artful] Support headset mode for DELL WYSE (LP: #1723913)
    - SAUCE: ALSA: hda/realtek - Add support headset mode for DELL WYSE

  * Miscellaneous Ubuntu changes
    - Rebase to 4.13.0-16.19

  [ Ubuntu: 4.13.0-16.19 ]

  * 20170817 - ISO hangs on boot on qemu with splash screen enabled and qxl
    graphics driver (LP: #1711358)
    - qxl: fix framebuffer unpinning
  * [Bug] USB controller failed to respond on Denverton after loading
    intel_th_pci module (LP: #1715833)
    - SAUCE: PCI: Disable broken RTIT_BAR of Intel TH
  * CVE-2017-5123
    - waitid(): Add missing access_ok() checks

 -- Timo Aaltonen <email address hidden>  Fri, 20 Oct 2017 10:41:16 +0300
124 of 24 results