Change log for linux-oem package in Ubuntu

150 of 50 results
Published in disco-proposed on 2018-11-17
Published in cosmic-proposed on 2018-11-17
Published in bionic-proposed on 2018-11-16
linux-oem (4.15.0-1028.33) bionic; urgency=medium

  * linux-oem: 4.15.0-1028.33 -proposed tracker (LP: #1803678)

  * Miscellaneous Ubuntu changes
    - Rebase to 4.15.0-42.45

  [ Ubuntu: 4.15.0-42.45 ]

  * linux: 4.15.0-42.45 -proposed tracker (LP: #1803592)
  * [FEAT] Guest-dedicated Crypto Adapters (LP: #1787405)
    - KVM: s390: reset crypto attributes for all vcpus
    - KVM: s390: vsie: simulate VCPU SIE entry/exit
    - KVM: s390: introduce and use KVM_REQ_VSIE_RESTART
    - KVM: s390: refactor crypto initialization
    - s390: vfio-ap: base implementation of VFIO AP device driver
    - s390: vfio-ap: register matrix device with VFIO mdev framework
    - s390: vfio-ap: sysfs interfaces to configure adapters
    - s390: vfio-ap: sysfs interfaces to configure domains
    - s390: vfio-ap: sysfs interfaces to configure control domains
    - s390: vfio-ap: sysfs interface to view matrix mdev matrix
    - KVM: s390: interface to clear CRYCB masks
    - s390: vfio-ap: implement mediated device open callback
    - s390: vfio-ap: implement VFIO_DEVICE_GET_INFO ioctl
    - s390: vfio-ap: zeroize the AP queues
    - s390: vfio-ap: implement VFIO_DEVICE_RESET ioctl
    - KVM: s390: Clear Crypto Control Block when using vSIE
    - KVM: s390: vsie: Do the CRYCB validation first
    - KVM: s390: vsie: Make use of CRYCB FORMAT2 clear
    - KVM: s390: vsie: Allow CRYCB FORMAT-2
    - KVM: s390: vsie: allow CRYCB FORMAT-1
    - KVM: s390: vsie: allow CRYCB FORMAT-0
    - KVM: s390: vsie: allow guest FORMAT-0 CRYCB on host FORMAT-1
    - KVM: s390: vsie: allow guest FORMAT-1 CRYCB on host FORMAT-2
    - KVM: s390: vsie: allow guest FORMAT-0 CRYCB on host FORMAT-2
    - KVM: s390: device attrs to enable/disable AP interpretation
    - KVM: s390: CPU model support for AP virtualization
    - s390: doc: detailed specifications for AP virtualization
    - KVM: s390: fix locking for crypto setting error path
    - KVM: s390: Tracing APCB changes
    - s390: vfio-ap: setup APCB mask using KVM dedicated function
    - s390/zcrypt: Add ZAPQ inline function.
    - s390/zcrypt: Review inline assembler constraints.
    - s390/zcrypt: Integrate ap_asm.h into include/asm/ap.h.
    - s390/zcrypt: fix ap_instructions_available() returncodes
    - s390/zcrypt: remove VLA usage from the AP bus
    - s390/zcrypt: Remove deprecated ioctls.
    - s390/zcrypt: Remove deprecated zcrypt proc interface.
    - s390/zcrypt: Support up to 256 crypto adapters.
    - [Config:] Enable CONFIG_S390_AP_IOMMU and set CONFIG_VFIO_AP to module.
  * Bypass of mount visibility through userns + mount propagation (LP: #1789161)
    - mount: Retest MNT_LOCKED in do_umount
    - mount: Don't allow copying MNT_UNBINDABLE|MNT_LOCKED mounts
  *  CVE-2018-18955: nested user namespaces with more than five extents
    incorrectly grant privileges over inode (LP: #1801924) // CVE-2018-18955
    - userns: also map extents in the reverse map to kernel IDs
  * kdump fail due to an IRQ storm (LP: #1797990)
    - SAUCE: x86/PCI: Export find_cap() to be used in early PCI code
    - SAUCE: x86/quirks: Add parameter to clear MSIs early on boot
    - SAUCE: x86/quirks: Scan all busses for early PCI quirks

 -- Timo Aaltonen <email address hidden>  Fri, 16 Nov 2018 10:27:58 +0200
Deleted in bionic-proposed on 2018-11-18 (Reason: NBS)
linux-oem (4.15.0-1027.32) bionic; urgency=medium

  * linux-oem: 4.15.0-1027.32 -proposed tracker (LP: #1802556)

  [ Ubuntu: 4.15.0-40.43 ]

  * linux: 4.15.0-40.43 -proposed tracker (LP: #1802554)
  * crash in ENA driver on removing an interface (LP: #1802341)
    - SAUCE: net: ena: fix crash during ena_remove()
  * Ubuntu 18.04.1 - [s390x] Kernel panic while stressing network bonding
    (LP: #1797367)
    - s390/qeth: don't keep track of MAC address's cast type
    - s390/qeth: consolidate qeth MAC address helpers
    - s390/qeth: avoid using is_multicast_ether_addr_64bits on (u8 *)[6]
    - s390/qeth: remove outdated portname debug msg
    - s390/qeth: reduce hard-coded access to ccw channels
    - s390/qeth: sanitize strings in debug messages
  * [18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic driver
    binding (LP: #1799184)
    - s390/zcrypt: code beautify
    - s390/zcrypt: AP bus support for alternate driver(s)
    - s390/zcrypt: hex string mask improvements for apmask and aqmask.
    - s390/zcrypt: remove unused functions and declarations
    - s390/zcrypt: Show load of cards and queues in sysfs
  * [GLK/CLX] Enhanced IBRS (LP: #1786139)
    - x86/speculation: Remove SPECTRE_V2_IBRS in enum spectre_v2_mitigation
    - x86/speculation: Support Enhanced IBRS on future CPUs
  * Allow signed kernels to be kexec'ed under lockdown (LP: #1798441)
    - Fix kexec forbidding kernels signed with keys in the secondary keyring to
      boot
  * Overlayfs in user namespace leaks directory content of inaccessible
    directories (LP: #1793458) // CVE-2018-6559
    - SAUCE: overlayfs: ensure mounter privileges when reading directories
  * Update ENA driver to version 2.0.1K (LP: #1798182)
    - net: ena: remove ndo_poll_controller
    - net: ena: fix warning in rmmod caused by double iounmap
    - net: ena: fix rare bug when failed restart/resume is followed by driver
      removal
    - net: ena: fix NULL dereference due to untimely napi initialization
    - net: ena: fix auto casting to boolean
    - net: ena: minor performance improvement
    - net: ena: complete host info to match latest ENA spec
    - net: ena: introduce Low Latency Queues data structures according to ENA spec
    - net: ena: add functions for handling Low Latency Queues in ena_com
    - net: ena: add functions for handling Low Latency Queues in ena_netdev
    - net: ena: use CSUM_CHECKED device indication to report skb's checksum status
    - net: ena: explicit casting and initialization, and clearer error handling
    - net: ena: limit refill Rx threshold to 256 to avoid latency issues
    - net: ena: change rx copybreak default to reduce kernel memory pressure
    - net: ena: remove redundant parameter in ena_com_admin_init()
    - net: ena: update driver version to 2.0.1
    - net: ena: fix indentations in ena_defs for better readability
    - net: ena: Fix Kconfig dependency on X86
    - net: ena: enable Low Latency Queues
    - net: ena: fix compilation error in xtensa architecture
  * Bionic update: upstream stable patchset 2018-10-29 (LP: #1800537)
    - bonding: re-evaluate force_primary when the primary slave name changes
    - cdc_ncm: avoid padding beyond end of skb
    - ipv6: allow PMTU exceptions to local routes
    - net: dsa: add error handling for pskb_trim_rcsum
    - net/sched: act_simple: fix parsing of TCA_DEF_DATA
    - tcp: verify the checksum of the first data segment in a new connection
    - udp: fix rx queue len reported by diag and proc interface
    - net: in virtio_net_hdr only add VLAN_HLEN to csum_start if payload holds
      vlan
    - tls: fix use-after-free in tls_push_record
    - ext4: fix hole length detection in ext4_ind_map_blocks()
    - ext4: update mtime in ext4_punch_hole even if no blocks are released
    - ext4: bubble errors from ext4_find_inline_data_nolock() up to ext4_iget()
    - ext4: fix fencepost error in check for inode count overflow during resize
    - driver core: Don't ignore class_dir_create_and_add() failure.
    - Btrfs: fix clone vs chattr NODATASUM race
    - Btrfs: fix memory and mount leak in btrfs_ioctl_rm_dev_v2()
    - btrfs: return error value if create_io_em failed in cow_file_range
    - btrfs: scrub: Don't use inode pages for device replace
    - ALSA: hda/conexant - Add fixup for HP Z2 G4 workstation
    - ALSA: hda - Handle kzalloc() failure in snd_hda_attach_pcm_stream()
    - ALSA: hda: add dock and led support for HP EliteBook 830 G5
    - ALSA: hda: add dock and led support for HP ProBook 640 G4
    - x86/MCE: Fix stack out-of-bounds write in mce-inject.c: Flags_read()
    - smb3: fix various xid leaks
    - CIFS: 511c54a2f69195b28afb9dd119f03787b1625bb4 adds a check for session
      expiry
    - cifs: For SMB2 security informaion query, check for minimum sized security
      descriptor instead of sizeof FileAllInformation class
    - nbd: fix nbd device deletion
    - nbd: update size when connected
    - nbd: use bd_set_size when updating disk size
    - blk-mq: reinit q->tag_set_list entry only after grace period
    - bdi: Move cgroup bdi_writeback to a dedicated low concurrency workqueue
    - cpufreq: Fix new policy initialization during limits updates via sysfs
    - cpufreq: governors: Fix long idle detection logic in load calculation
    - libata: zpodd: small read overflow in eject_tray()
    - libata: Drop SanDisk SD7UB3Q*G1001 NOLPM quirk
    - w1: mxc_w1: Enable clock before calling clk_get_rate() on it
    - x86/intel_rdt: Enable CMT and MBM on new Skylake stepping
    - iwlwifi: fw: harden page loading code
    - orangefs: set i_size on new symlink
    - orangefs: report attributes_mask and attributes for statx
    - HID: intel_ish-hid: ipc: register more pm callbacks to support hibernation
    - HID: wacom: Correct logical maximum Y for 2nd-gen Intuos Pro large
    - mm, page_alloc: do not break __GFP_THISNODE by zonelist reset
    - net: phy: dp83822: use BMCR_ANENABLE instead of BMSR_ANEGCAPABLE for DP83620
    - cpufreq: ti-cpufreq: Fix an incorrect error return value
    - x86/vector: Fix the args of vector_alloc tracepoint
    - x86/apic/vector: Prevent hlist corruption and leaks
    - x86/apic: Provide apic_ack_irq()
    - x86/ioapic: Use apic_ack_irq()
    - x86/platform/uv: Use apic_ack_irq()
    - irq_remapping: Use apic_ack_irq()
    - genirq/generic_pending: Do not lose pending affinity update
    - genirq/affinity: Defer affinity setting if irq chip is busy
    - genirq/migration: Avoid out of line call if pending is not set
  * [bionic]mlx5: reading SW stats through ifstat cause kernel crash
    (LP: #1799049)
    - net/mlx5e: Don't attempt to dereference the ppriv struct if not being
      eswitch manager
  * [Bionic][Cosmic]  ipmi: Fix timer race with module unload (LP: #1799281)
    - ipmi: Fix timer race with module unload
  * [Bionic] ipmi: Remove ACPI SPMI probing from the SSIF (I2C) driver
    (LP: #1799276)
    - ipmi: Remove ACPI SPMI probing from the SSIF (I2C) driver
  * execveat03 in ubuntu_ltp_syscalls failed on X/B (LP: #1786729)
    - cap_inode_getsecurity: use d_find_any_alias() instead of d_find_alias()
  * [Bionic][Cosmic] Fix to ipmi to support vendor specific messages greater
    than 255 bytes (LP: #1799794)
    - ipmi:ssif: Add support for multi-part transmit messages > 2 parts
  * libvirtd is unable to configure bridge devices inside of LXD containers
    (LP: #1784501)
    - kernfs: allow creating kernfs objects with arbitrary uid/gid
    - sysfs, kobject: allow creating kobject belonging to arbitrary users
    - kobject: kset_create_and_add() - fetch ownership info from parent
    - driver core: set up ownership of class devices in sysfs
    - net-sysfs: require net admin in the init ns for setting tx_maxrate
    - net-sysfs: make sure objects belong to container's owner
    - net: create reusable function for getting ownership info of sysfs inodes
    - bridge: make sure objects belong to container's owner
    - sysfs: Fix regression when adding a file to an existing group
  * [Ubuntu] kvm: fix deadlock when killed by oom (LP: #1800849)
    - s390/kvm: fix deadlock when killed by oom
  * [Ubuntu] net/af_iucv: fix skb leaks for HiperTransport (LP: #1800639)
    - net/af_iucv: drop inbound packets with invalid flags
    - net/af_iucv: fix skb handling on HiperTransport xmit error
  * Power consumption during s2idle is higher than long idle(sk hynix)
    (LP: #1801875)
    - SAUCE: pci: prevent sk hynix nvme from entering D3
    - SAUCE: nvme: add quirk to not call disable function when suspending
  * Enable keyboard wakeup for S2Idle laptops (LP: #1798552)
    - Input: i8042 - enable keyboard wakeups by default when s2idle is used
  * NULL pointer dereference at 0000000000000020 when access
    dst_orig->ops->family in function  xfrm_lookup_with_ifid() (LP: #1801878)
    - xfrm: Fix NULL pointer dereference when skb_dst_force clears the dst_entry.
  * [Ubuntu] qdio: reset old sbal_state flags (LP: #1801686)
    - s390/qdio: reset old sbal_state flags
  * hns3: map tx ring to tc (LP: #1802023)
    - net: hns3: Set tx ring' tc info when netdev is up
  * [Ubuntu] qeth: Fix potential array overrun in cmd/rc lookup (LP: #1800641)
    - s390: qeth_core_mpc: Use ARRAY_SIZE instead of reimplementing its function
    - s390: qeth: Fix potential array overrun in cmd/rc lookup
  * Vulkan applications cause permanent memory leak with Intel GPU
    (LP: #1798165)
    - drm/syncobj: Don't leak fences when WAIT_FOR_SUBMIT is set
  * Mounting SOFS SMB shares fails (LP: #1792580)
    - cifs: connect to servername instead of IP for IPC$ share
  * Packaging resync (LP: #1786013)
    - [Package] add support for specifying the primary makefile

 -- Chia-Lin Kao (AceLan) <email address hidden>  Sat, 10 Nov 2018 10:41:42 +0800
Published in disco-release on 2018-11-15
Published in cosmic-security on 2018-11-15
Published in cosmic-updates on 2018-11-15
Published in bionic-security on 2018-11-14
Published in bionic-updates on 2018-11-14
Deleted in disco-proposed (Reason: moved to release)
Deleted in cosmic-proposed (Reason: moved to -updates)
Deleted in bionic-proposed (Reason: NBS)
linux-oem (4.15.0-1026.31) bionic; urgency=medium

  * linux-oem: 4.15.0-1026.31 -proposed tracker (LP: #1800788)

  * Thunderbolt runtime D3 and PCIe D3 Cold support (LP: #1800770)
    - ACPI / hotplug / PCI: Don't scan bridges managed by native hotplug
    - ACPI / hotplug / PCI: Mark stale PCI devices disconnected
    - ACPI / hotplug / PCI: Drop unnecessary parentheses
    - PCI: Account for all bridges on bus when distributing bus numbers
    - PCI: Move resource distribution for single bridge outside loop
    - PCI: Improve pci_scan_bridge() and pci_scan_bridge_extend() doc
    - ACPICA: Recognize the Windows 10 version 1607 and 1703 OSI strings
    - ACPICA: Recognize the _OSI string "Windows 2017.2"
    - PCI: Do not skip power-managed bridges in pci_enable_wake()
    - PCI / ACPI: Enable wake automatically for power managed bridges
    - PCI: pciehp: Fix use-after-free on unplug
    - PCI: hotplug: Drop checking of PCI_BRIDGE_CONTROL in *_unconfigure_device()
    - PCI: Add SPDX GPL-2.0+ to replace GPL v2 or later boilerplate
    - PCI: pciehp: Declare pciehp_unconfigure_device() void
    - PCI: pciehp: Clear Presence Detect and Data Link Layer Status Changed on
      resume
    - PCI: pciehp: Document struct slot and struct controller
    - PCI: hotplug: Don't leak pci_slot on registration failure
    - PCI: pciehp: Fix unprotected list iteration in IRQ handler
    - PCI: pciehp: Drop unnecessary NULL pointer check
    - PCI: pciehp: Convert to threaded IRQ
    - PCI: pciehp: Convert to threaded polling
    - PCI: pciehp: Stop blinking on slot enable failure
    - PCI: pciehp: Handle events synchronously
    - PCI: pciehp: Drop slot workqueue
    - PCI/hotplug: ppc: correct a php_slot usage after free
    - PCI: hotplug: Demidlayer registration with the core
    - PCI: pciehp: Publish to user space last on probe
    - PCI: pciehp: Track enable/disable status
    - PCI: pciehp: Enable/disable exclusively from IRQ thread
    - PCI: pciehp: Drop enable/disable lock
    - PCI: pciehp: Declare pciehp_enable/disable_slot() static
    - PCI: pciehp: Tolerate initially unstable link
    - PCI: pciehp: Become resilient to missed events
    - PCI: pciehp: Always enable occupied slot on probe
    - PCI: pciehp: Avoid slot access during reset
    - PCI: portdrv: Deduplicate PM callback iterator
    - PCI/portdrv: Move pcieport_if.h to drivers/pci/pcie/
    - PCI/portdrv: Merge pcieport_if.h into portdrv.h
    - PCI/PM: Move pcie_clear_root_pme_status() to core
    - PCI/portdrv: Remove pcie_port_bus_type link order dependency
    - PCI/portdrv: Disable port driver in compat mode
    - PCI/portdrv: Remove unused PCIE_PORT_SERVICE_VC
    - PCI/portdrv: Remove "pcie_hp=nomsi" kernel parameter
    - PCI/portdrv: Remove unnecessary "pcie_ports=auto" parameter
    - PCI/portdrv: Encapsulate pcie_ports_auto inside the port driver
    - PCI: pciehp: Clear spurious events earlier on resume
    - PCI: pciehp: Obey compulsory command delay after resume
    - PCI: pciehp: Support interrupts sent from D3hot
    - PCI: pciehp: Resume to D0 on enable/disable
    - PCI: pciehp: Resume parent to D0 on config space access
    - PCI: sysfs: Resume to D0 on function reset
    - PCI: Whitelist native hotplug ports for runtime D3
    - PCI: Whitelist Thunderbolt ports for runtime D3
    - PCI: pciehp: Deduplicate presence check on probe & resume
    - PCI: pciehp: Disable hotplug interrupt during suspend
    - PCI: pciehp: Do not handle events if interrupts are masked
    - PCI: pciehp: Make pciehp_is_native() stricter
    - PCI: Clean up whitespace in linux/pci.h, pci/pci.h
    - PCI/portdrv: Simplify PCIe feature permission checking
    - PCI/AER: Handle ERR_FATAL with removal and re-enumeration of devices
    - PCI/AER: Rename error recovery interfaces to generic PCI naming
    - PCI/AER: Move pci_uevent_ers() out of pci.h
    - PCI/AER: Factor out error reporting to drivers/pci/pcie/err.c
    - PCI/portdrv: Rename and reverse sense of pcie_ports_auto
    - PCI: pciehp: Rename host->native_hotplug to host->native_pcie_hotplug
    - PCI: hotplug: Add hotplug_is_native()
    - PCI: shpchp: Remove acpi_get_hp_hw_control_from_firmware() flags
    - PCI: shpchp: Remove get_hp_hw_control_from_firmware() wrapper
    - PCI: shpchp: Rely on previous _OSC results
    - PCI: shpchp: Add shpchp_is_native()
    - PCI: Add wrappers for dev_printk()
    - PCI: pciehp: Request control of native hotplug only if supported
    - PCI: shpchp: Request SHPC control via _OSC when adding host bridge
    - PCI/DPC: Rename from pcie-dpc.c to dpc.c
    - PCI: Add generic pcie_wait_for_link() interface
    - PCI / PM: Use SMART_SUSPEND and LEAVE_SUSPENDED flags for PCIe ports
    - PCI/portdrv: Resume upon exit from system suspend if left runtime suspended
    - PCI/portdrv: Add runtime PM hooks for port service drivers
    - PCI: pciehp: Implement runtime PM callbacks
    - PCI/PME: Implement runtime PM callbacks
    - ACPI / property: Allow multiple property compatible _DSD entries
    - PCI / ACPI: Whitelist D3 for more PCIe hotplug ports
    - PCI: pciehp: Tolerate Presence Detect hardwired to zero
    - PCI: Simplify disconnected marking
    - PCI: pciehp: Differentiate between surprise and safe removal
    - PCI: pciehp: Drop unnecessary includes
    - PCI: pciehp: Drop hotplug_slot_ops wrappers
    - PCI: pciehp: Avoid implicit fallthroughs in switch statements
    - PCI: pciehp: Fix hot-add vs powerfault detection order
    - PCI: Remove unnecessary messages for memory allocation failures
    - PCI: pciehp: Unify controller and slot structs
    - powerpc/pseries: Add Initialization of VF Bars
    - PCI: Fix is_added/is_busmaster race condition
    - xhci: Add Intel extended cap / otg phy mux handling
    - xhci: Allow more than 32 quirks
    - xhci: Add quirk to zero 64bit registers on Renesas PCIe controllers
    - xhci-pci: allow host runtime PM as default for Intel Alpine and Titan Ridge
    - thunderbolt: Initialize after IOMMUs
    - ACPI / hotplug / PCI: Don't scan for non-hotplug bridges if slot is not
      bridge
    - usb: Don't die twice if PCI xhci host is not responding in resume
    - thunderbolt: Do not handle ICM events after domain is stopped
    - xhci: refactor xhci_urb_enqueue a bit with minor changes
    - xhci: Clear the host side toggle manually when endpoint is soft reset
    - xhci: add helper to allocate command with input context
    - xhci: remove unnecessary boolean parameter from xhci_alloc_command
    - PCI: pciehp: Add quirk for Command Completed errata
    - PCI: Add vendor ID for Cadence
    - PCI: Add Qualcomm vendor ID
    - PCI: Add "pci=disable_acs_redir=" parameter for peer-to-peer support
    - PCI: Handle FLR failure and allow other reset types
    - PCI: Remove redundant probes for device reset support
    - PCI: Protect restore with device lock to be consistent
    - PCI: Make specifying PCI devices in kernel parameters reusable
    - PCI: Allow specifying devices using a base bus and path of devfns
    - PCI: Rename pci_flr_wait() to pci_dev_wait() and make it generic
    - PCI / PM: Do not clear state_saved for devices that remain suspended
    - PM: i2c-designware-platdrv: Use DPM_FLAG_SMART_PREPARE
    - PM: i2c-designware-platdrv: Optimize power management
    - PM / mfd: intel-lpss: Use DPM_FLAG_SMART_SUSPEND
    - PCI: Make pci_wakeup_bus() & pci_bus_set_current_state() public
    - PCI / ACPI / PM: Resume bridges w/o drivers on suspend-to-RAM
    - PCI / ACPI / PM: Resume all bridges on suspend-to-RAM
    - PCI: Remove messages about reassigning resources
    - ixgbe: Report PCIe link properties with pcie_print_link_status()
    - PCI: Add a return type for pci_reset_bridge_secondary_bus()
    - PCI: Add pcie_get_speed_cap() to find max supported link speed
    - PCI: Add pcie_get_width_cap() to find max supported link width
    - PCI: Add pcie_bandwidth_capable() to compute max supported link bandwidth
    - PCI/PM: Clear PCIe PME Status bit in core, not PCIe port driver
    - PCI/PM: Clear PCIe PME Status bit for Root Complex Event Collectors
    - PCI/portdrv: Remove unnecessary include of <linux/pci-aspm.h>
    - PCI/AER: Use cached AER Capability offset
    - PCI: shpchp: Convert SHPC to be builtin only
    - PCI: shpchp: Use dev_printk() for OSHP-related messages
    - PCI: Add pcie_bandwidth_available() to compute bandwidth available to device
    - PCI: Add pcie_print_link_status() to log link speed and whether it's limited
    - PCI: Add "PCIe" to pcie_print_link_status() messages
    - PCI: Add "pci=noats" boot parameter
    - PCI: Make pci_get_new_domain_nr() static
    - PCI / PM: Clean up outdated comments in pci_target_state()
    - bnx2x: Report PCIe link properties with pcie_print_link_status()
    - net/mlx4_core: Report PCIe link properties with pcie_print_link_status()
    - bnxt_en: Report PCIe link properties with pcie_print_link_status()
    - cxgb4: Report PCIe link properties with pcie_print_link_status()
    - fm10k: Report PCIe link properties with pcie_print_link_status()
    - net/mlx5e: Use pcie_bandwidth_available() to compute bandwidth
    - PCI: Remove unused pcie_get_minimum_link()
    - PCI: Wait for device to become ready after a power management reset
    - PCI: Wait for device to become ready after secondary bus reset
    - PCI: shpchp: Manage SHPC unconditionally on non-ACPI systems
    - PCI: shpchp: Separate existence of SHPC and permission to use it
    - driver core: Don't ignore class_dir_create_and_add() failure.
    - Merge branch 'tbt_rtd3' into oem-next
    - [Config] update configs and oem.modules changed from tbt_rtd3

 -- Chia-Lin Kao (AceLan) <email address hidden>  Wed, 31 Oct 2018 17:32:19 +0800
Deleted in bionic-proposed on 2018-10-31 (Reason: NBS)
linux-oem (4.15.0-1025.30) bionic; urgency=medium

  * linux-oem: 4.15.0-1025.30 -proposed tracker (LP: #1799413)

  * Miscellaneous Ubuntu changes
    - Rebase to 4.15.0-39.42
    - [Config] update configs following rebase to 4.15.0-39.42

  [ Ubuntu: 4.15.0-39.42 ]

  * linux: 4.15.0-39.42 -proposed tracker (LP: #1799411)
  * Linux: insufficient shootdown for paging-structure caches (LP: #1798897)
    - mm: move tlb_table_flush to tlb_flush_mmu_free
    - mm/tlb: Remove tlb_remove_table() non-concurrent condition
    - mm/tlb, x86/mm: Support invalidating TLB caches for RCU_TABLE_FREE
    - [Config] CONFIG_HAVE_RCU_TABLE_INVALIDATE=y
  * Ubuntu18.04: GPU total memory is reduced (LP: #1792102)
    - Revert "powerpc/powernv: Increase memory block size to 1GB on radix"
  * arm64: snapdragon: reduce boot noise (LP: #1797154)
    - [Config] arm64: snapdragon: DRM_MSM=m
    - [Config] arm64: snapdragon: SND*=m
    - [Config] arm64: snapdragon: disable ARM_SDE_INTERFACE
    - [Config] arm64: snapdragon: disable DRM_I2C_ADV7511_CEC
    - [Config] arm64: snapdragon: disable VIDEO_ADV7511, VIDEO_COBALT
  * [Bionic] CPPC bug fixes (LP: #1796949)
    - ACPI / CPPC: Update all pr_(debug/err) messages to log the susbspace id
    - cpufreq: CPPC: Don't set transition_latency
    - ACPI / CPPC: Fix invalid PCC channel status errors
  * regression in 'ip --family bridge neigh' since linux v4.12 (LP: #1796748)
    - rtnetlink: fix rtnl_fdb_dump() for ndmsg header
  * screen displays abnormally on the lenovo M715 with the AMD GPU (Radeon Vega
    8 Mobile, rev ca, 1002:15dd) (LP: #1796786)
    - drm/amd/display: Fix takover from VGA mode
    - drm/amd/display: early return if not in vga mode in disable_vga
    - drm/amd/display: Refine disable VGA
  * arm64: snapdragon: WARNING: CPU: 0 PID: 1 arch/arm64/kernel/setup.c:271
    reserve_memblock_reserved_regions (LP: #1797139)
    - SAUCE: arm64: Fix /proc/iomem for reserved but not memory regions
  * The front MIC can't work on the Lenovo M715 (LP: #1797292)
    - ALSA: hda/realtek - Fix the problem of the front MIC on the Lenovo M715
  * Keyboard backlight sysfs sometimes is missing on Dell laptops (LP: #1797304)
    - platform/x86: dell-smbios: Correct some style warnings
    - platform/x86: dell-smbios: Rename dell-smbios source to dell-smbios-base
    - platform/x86: dell-smbios: Link all dell-smbios-* modules together
    - [Config] CONFIG_DELL_SMBIOS_SMM=y, CONFIG_DELL_SMBIOS_WMI=y
  * rpi3b+: ethernet not working (LP: #1797406)
    - lan78xx: Don't reset the interface on open
  * 87cdf3148b11 was never backported to 4.15  (LP: #1795653)
    - xfrm: Verify MAC header exists before overwriting eth_hdr(skb)->h_proto
  * [Ubuntu18.04][Power9][DD2.2]package installation segfaults inside debian
    chroot env in P9 KVM guest with HTM enabled (kvm) (LP: #1792501)
    - KVM: PPC: Book3S HV: Fix guest r11 corruption with POWER9 TM workarounds
  * Provide mode where all vCPUs on a core must be the same VM (LP: #1792957)
    - KVM: PPC: Book3S HV: Provide mode where all vCPUs on a core must be the same
      VM
  * fscache: bad refcounting in fscache_op_complete leads to OOPS (LP: #1797314)
    - SAUCE: fscache: Fix race in decrementing refcount of op->npages
  * CVE-2018-9363
    - Bluetooth: hidp: buffer overflow in hidp_process_report
  * CVE-2017-13168
    - scsi: sg: mitigate read/write abuse
  * [Bionic] ACPI / PPTT: use ACPI ID whenever ACPI_PPTT_ACPI_PROCESSOR_ID_VALID
    is set (LP: #1797200)
    - ACPI / PPTT: use ACPI ID whenever ACPI_PPTT_ACPI_PROCESSOR_ID_VALID is set
  * [Bionic] arm64: topology: Avoid checking numa mask for scheduler MC
    selection (LP: #1797202)
    - arm64: topology: Avoid checking numa mask for scheduler MC selection
  * crypto/vmx - Backport of Fix sleep-in-atomic bugs patch for 18.04
    (LP: #1790832)
    - crypto: vmx - Fix sleep-in-atomic bugs
  * hns3: autoneg settings get lost on down/up (LP: #1797654)
    - net: hns3: Fix for information of phydev lost problem when down/up
  * not able to unwind the stack from within __kernel_clock_gettime in the Linux
    vDSO (LP: #1797963)
    - powerpc/vdso: Correct call frame information
  * Signal 7 error when running GPFS tracing in cluster (LP: #1792195)
    - powerpc/mm/books3s: Add new pte bit to mark pte temporarily invalid.
    - powerpc/mm/radix: Only need the Nest MMU workaround for R -> RW transition
  * Support Edge Gateway's WIFI LED (LP: #1798330)
    - SAUCE: mwifiex: Switch WiFi LED state according to the device status
  * Support Edge Gateway's Bluetooth LED (LP: #1798332)
    - SAUCE: Bluetooth: Support for LED on Edge Gateways
  * USB cardreader (0bda:0328) make the system can't enter s3 or hang
    (LP: #1798328)
    - usb: Don't disable Latency tolerance Messaging (LTM) before port reset
  * CVE-2018-15471
    - xen-netback: fix input validation in xenvif_set_hash_mapping()
  * CVE-2018-16658
    - cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status
  * [Bionic] Update ThunderX2 implementation defined pmu core events
    (LP: #1796904)
    - perf vendor events arm64: Update ThunderX2 implementation defined pmu core
      events
  * the machine of lenovo M715 with the AMD GPU (Radeon Vega 8 Mobile, rev ca,
    1002:15dd) often hangs randomly (LP: #1796789)
    - drm/amd: Add missing fields in atom_integrated_system_info_v1_11
  * [18.04] GLK hang after a while (LP: #1760545)
    - drm/i915/glk: Add MODULE_FIRMWARE for Geminilake
  * Fix usbcore.quirks when used at boot (LP: #1795784)
    - usb: core: safely deal with the dynamic quirk lists

 -- Timo Aaltonen <email address hidden>  Wed, 24 Oct 2018 15:31:37 +0300
Superseded in disco-release on 2018-11-15
Superseded in cosmic-updates on 2018-11-15
Deleted in disco-proposed (Reason: moved to release)
Deleted in cosmic-proposed (Reason: NBS)
Superseded in bionic-updates on 2018-11-14
Deleted in bionic-proposed (Reason: NBS)
linux-oem (4.15.0-1024.29) bionic; urgency=medium

  * linux-oem: 4.15.0-1024.29 -proposed tracker (LP: #1797069)

  * Keyboard backlight sysfs sometimes is missing on Dell laptops (LP: #1797304)
    - platform/x86: dell-smbios: Correct some style warnings
    - platform/x86: dell-smbios: Rename dell-smbios source to dell-smbios-base
    - platform/x86: dell-smbios: Link all dell-smbios-* modules together
    - [Config] CONFIG_DELL_SMBIOS_SMM=y, CONFIG_DELL_SMBIOS_WMI=y
    - [Config] CONFIG_DELL_SMBIOS_SMM=y, CONFIG_DELL_SMBIOS_WMI=y

  [ Ubuntu: 4.15.0-38.41 ]

  * linux: 4.15.0-38.41 -proposed tracker (LP: #1797061)
  * Silent data corruption in Linux kernel 4.15 (LP: #1796542)
    - block: add a lower-level bio_add_page interface
    - block: bio_iov_iter_get_pages: fix size of last iovec
    - blkdev: __blkdev_direct_IO_simple: fix leak in error case
    - block: bio_iov_iter_get_pages: pin more pages for multi-segment IOs

 -- Chia-Lin Kao (AceLan) <email address hidden>  Tue, 16 Oct 2018 10:32:03 +0800
Deleted in cosmic-proposed on 2018-10-31 (Reason: NBS)
Deleted in bionic-proposed on 2018-10-31 (Reason: NBS)
linux-oem (4.15.0-1023.26) bionic; urgency=medium

  * linux-oem: 4.15.0-1023.26 -proposed tracker (LP: #1796641)

  * [18.04] GLK hang after a while (LP: #1760545)
    - drm/i915/glk: Add MODULE_FIRMWARE for Geminilake

  * Fix usbcore.quirks when used at boot (LP: #1795784)
    - usb: core: safely deal with the dynamic quirk lists

 -- Chia-Lin Kao (AceLan) <email address hidden>  Mon, 08 Oct 2018 18:39:24 +0800
Deleted in bionic-proposed on 2018-10-12 (Reason: NBS)
linux-oem (4.15.0-1022.25) bionic; urgency=medium

  * linux-oem: 4.15.0-1022.25 -proposed tracker (LP: #1795566)

  * Dell new AIO requires a new uart backlight driver (LP: #1727235)
    - [Config] CONFIG_DELL_UART_BACKLIGHT=m

  [ Ubuntu: 4.15.0-37.40 ]

  * linux: 4.15.0-37.40 -proposed tracker (LP: #1795564)
  * hns3: enable ethtool rx-vlan-filter on supported hw (LP: #1793394)
    - net: hns3: Add vlan filter setting by ethtool command -K
  * hns3: Modifying channel parameters will reset ring parameters back to
    defaults (LP: #1793404)
    - net: hns3: Fix desc num set to default when setting channel
  * hisi_sas: Add SATA FIX check for v3 hw (LP: #1794151)
    - scsi: hisi_sas: Add SATA FIS check for v3 hw
  * Fix potential corruption using SAS controller on HiSilicon arm64 boards
    (LP: #1794156)
    - scsi: hisi_sas: add memory barrier in task delivery function
  * hisi_sas: Reduce unnecessary spin lock contention (LP: #1794165)
    - scsi: hisi_sas: Tidy hisi_sas_task_prep()
  * Add functional level reset support for the SAS controller on HiSilicon D06
    systems (LP: #1794166)
    - scsi: hisi_sas: tidy host controller reset function a bit
    - scsi: hisi_sas: relocate some common code for v3 hw
    - scsi: hisi_sas: Implement handlers of PCIe FLR for v3 hw
  * HiSilicon SAS controller doesn't recover from PHY STP link timeout
    (LP: #1794172)
    - scsi: hisi_sas: tidy channel interrupt handler for v3 hw
    - scsi: hisi_sas: Fix the failure of recovering PHY from STP link timeout
  * getxattr: always handle namespaced attributes (LP: #1789746)
    - getxattr: use correct xattr length
  * Fix unusable NVIDIA GPU after S3 (LP: #1793338)
    - PCI: Reprogram bridge prefetch registers on resume
  * Fails to boot under Xen PV: BUG: unable to handle kernel paging request at
    edc21fd9 (LP: #1789118)
    - x86/EISA: Don't probe EISA bus for Xen PV guests
  * qeth: use vzalloc for QUERY OAT buffer (LP: #1793086)
    - s390/qeth: use vzalloc for QUERY OAT buffer
  * SRU: Enable middle button of touchpad on ThinkPad P72 (LP: #1793463)
    - Input: elantech - enable middle button of touchpad on ThinkPad P72
  * Dell new AIO requires a new uart backlight driver (LP: #1727235)
    - SAUCE: platform/x86: dell-uart-backlight: new backlight driver for DELL AIO
    - updateconfigs for Dell UART backlight driver
  * [Ubuntu] s390/crypto: Fix return code checking in cbc_paes_crypt.
    (LP: #1794294)
    - s390/crypto: Fix return code checking in cbc_paes_crypt()
  * hns3: Retrieve RoCE MSI-X config from firmware (LP: #1793221)
    - net: hns3: Fix MSIX allocation issue for VF
    - net: hns3: Refine the MSIX allocation for PF
  * net: hns: Avoid hang when link is changed while handling packets
    (LP: #1792209)
    - net: hns: add the code for cleaning pkt in chip
    - net: hns: add netif_carrier_off before change speed and duplex
  * Page leaking in cachefiles_read_backing_file while vmscan is active
    (LP: #1793430)
    - SAUCE: cachefiles: Page leaking in cachefiles_read_backing_file while vmscan
      is active
  * some nvidia p1000 graphic cards hang during the boot (LP: #1791569)
    - drm/nouveau/gr/gf100-: virtualise tpc_mask + apply fixes from traces
  * Error reported when creating ZFS pool with "-t" option, despite successful
    pool creation (LP: #1769937)
    - SAUCE: (noup) Update zfs to 0.7.5-1ubuntu16.4
  * Fix I2C touchpanels' interrupt storms after system suspend (LP: #1792309)
    - HID: i2c-hid: Fix flooded incomplete report after S3 on Rayd touchscreen
    - HID: i2c-hid: Don't reset device upon system resume
  * ipmmu is always registered (LP: #1783746)
    - iommu/ipmmu-vmsa: Don't register as BUS IOMMU if machine doesn't have IPMMU-
      VMSA
  * Bionic update: upstream stable patchset 2018-09-27 (LP: #1794889)
    - clocksource/drivers/imx-tpm: Correct some registers operation flow
    - Input: synaptics-rmi4 - fix an unchecked out of memory error path
    - KVM: X86: fix incorrect reference of trace_kvm_pi_irte_update
    - x86: Add check for APIC access address for vmentry of L2 guests
    - MIPS: io: Prevent compiler reordering writeX()
    - nfp: ignore signals when communicating with management FW
    - perf report: Fix switching to another perf.data file
    - fsnotify: fix ignore mask logic in send_to_group()
    - MIPS: io: Add barrier after register read in readX()
    - s390/smsgiucv: disable SMSG on module unload
    - isofs: fix potential memory leak in mount option parsing
    - MIPS: dts: Boston: Fix PCI bus dtc warnings:
    - spi: sh-msiof: Fix bit field overflow writes to TSCR/RSCR
    - doc: Add vendor prefix for Kieback & Peter GmbH
    - dt-bindings: pinctrl: sunxi: Fix reference to driver
    - dt-bindings: serial: sh-sci: Add support for r8a77965 (H)SCIF
    - dt-bindings: dmaengine: rcar-dmac: document R8A77965 support
    - clk: honor CLK_MUX_ROUND_CLOSEST in generic clk mux
    - ASoC: rt5514: Add the missing register in the readable table
    - eCryptfs: don't pass up plaintext names when using filename encryption
    - soc: bcm: raspberrypi-power: Fix use of __packed
    - soc: bcm2835: Make !RASPBERRYPI_FIRMWARE dummies return failure
    - PCI: kirin: Fix reset gpio name
    - ASoC: topology: Fix bugs of freeing soc topology
    - xen: xenbus_dev_frontend: Really return response string
    - ASoC: topology: Check widget kcontrols before deref.
    - spi: cadence: Add usleep_range() for cdns_spi_fill_tx_fifo()
    - blkcg: don't hold blkcg lock when deactivating policy
    - tipc: fix infinite loop when dumping link monitor summary
    - scsi: iscsi: respond to netlink with unicast when appropriate
    - scsi: megaraid_sas: Do not log an error if FW successfully initializes.
    - scsi: target: fix crash with iscsi target and dvd
    - netfilter: nf_tables: NAT chain and extensions require NF_TABLES
    - netfilter: nf_tables: fix out-of-bounds in nft_chain_commit_update
    - ASoC: msm8916-wcd-analog: use threaded context for mbhc events
    - drm/msm: Fix possible null dereference on failure of get_pages()
    - drm/msm/dsi: use correct enum in dsi_get_cmd_fmt
    - drm/msm: don't deref error pointer in the msm_fbdev_create error path
    - blkcg: init root blkcg_gq under lock
    - vfs: Undo an overly zealous MS_RDONLY -> SB_RDONLY conversion
    - parisc: time: Convert read_persistent_clock() to read_persistent_clock64()
    - scsi: storvsc: Set up correct queue depth values for IDE devices
    - scsi: isci: Fix infinite loop in while loop
    - mm, pagemap: fix swap offset value for PMD migration entry
    - proc: revalidate kernel thread inodes to root:root
    - kexec_file: do not add extra alignment to efi memmap
    - mm: memcg: add __GFP_NOWARN in __memcg_schedule_kmem_cache_create()
    - usb: typec: ucsi: fix tracepoint related build error
    - ACPI / PM: Blacklist Low Power S0 Idle _DSM for ThinkPad X1 Tablet(2016)
    - dt-bindings: meson-uart: DT fix s/clocks-names/clock-names/
    - net: phy: marvell: clear wol event before setting it
    - ARM: dts: da850: fix W=1 warnings with pinmux node
    - ACPI / watchdog: Prefer iTCO_wdt on Lenovo Z50-70
    - drm/amdkfd: fix clock counter retrieval for node without GPU
    - thermal: int3403_thermal: Fix NULL pointer deref on module load / probe
    - net: ethtool: Add missing kernel doc for FEC parameters
    - arm64: ptrace: remove addr_limit manipulation
    - HID: lenovo: Add support for IBM/Lenovo Scrollpoint mice
    - HID: wacom: Release device resource data obtained by devres_alloc()
    - selftests: ftrace: Add a testcase for multiple actions on trigger
    - rds: ib: Fix missing call to rds_ib_dev_put in rds_ib_setup_qp
    - perf/x86/intel: Don't enable freeze-on-smi for PerfMon V1
    - remoteproc: qcom: Fix potential device node leaks
    - rpmsg: added MODULE_ALIAS for rpmsg_char
    - HID: intel-ish-hid: use put_device() instead of kfree()
    - blk-mq: fix sysfs inflight counter
    - arm64: fix possible spectre-v1 in ptrace_hbp_get_event()
    - KVM: arm/arm64: vgic: fix possible spectre-v1 in vgic_mmio_read_apr()
    - libahci: Allow drivers to override stop_engine
    - ata: ahci: mvebu: override ahci_stop_engine for mvebu AHCI
    - x86/cpu/intel: Add missing TLB cpuid values
    - bpf: fix uninitialized variable in bpf tools
    - i2c: sprd: Prevent i2c accesses after suspend is called
    - i2c: sprd: Fix the i2c count issue
    - tipc: fix bug in function tipc_nl_node_dump_monitor
    - nvme: depend on INFINIBAND_ADDR_TRANS
    - nvmet-rdma: depend on INFINIBAND_ADDR_TRANS
    - ib_srpt: depend on INFINIBAND_ADDR_TRANS
    - ib_srp: depend on INFINIBAND_ADDR_TRANS
    - IB: make INFINIBAND_ADDR_TRANS configurable
    - IB/uverbs: Fix validating mandatory attributes
    - RDMA/cma: Fix use after destroy access to net namespace for IPoIB
    - RDMA/iwpm: fix memory leak on map_info
    - IB/rxe: add RXE_START_MASK for rxe_opcode IB_OPCODE_RC_SEND_ONLY_INV
    - IB/rxe: avoid double kfree_skb
    - <linux/stringhash.h>: fix end_name_hash() for 64bit long
    - IB/core: Make ib_mad_client_id atomic
    - ARM: davinci: board-da830-evm: fix GPIO lookup for MMC/SD
    - ARM: davinci: board-da850-evm: fix GPIO lookup for MMC/SD
    - ARM: davinci: board-omapl138-hawk: fix GPIO numbers for MMC/SD lookup
    - ARM: davinci: board-dm355-evm: fix broken networking
    - dt-bindings: panel: lvds: Fix path to display timing bindings
    - ARM: OMAP2+: powerdomain: use raw_smp_processor_id() for trace
    - ARM: dts: logicpd-som-lv: Fix WL127x Startup Issues
    - ARM: dts: logicpd-som-lv: Fix Audio Mute
    - Input: atmel_mxt_ts - fix the firmware update
    - hexagon: add memset_io() helper
    - hexagon: export csum_partial_copy_nocheck
    - scsi: vmw-pvscsi: return DID_BUS_BUSY for adapter-initated aborts
    - bpf, x64: fix memleak when not converging after image
    - parisc: drivers.c: Fix section mismatches
    - stop_machine, sched: Fix migrate_swap() vs. active_balance() deadlock
    - kthread, sched/wait: Fix kthread_parkme() wait-loop
    - arm64: tegra: Make BCM89610 PHY interrupt as active low
    - iommu/vt-d: fix shift-out-of-bounds in bug checking
    - nvme: fix potential memory leak in option parsing
    - nvme: Set integrity flag for user passthrough commands
    - ARM: OMAP1: ams-delta: fix deferred_fiq handler
    - smc: fix sendpage() call
    - IB/hfi1 Use correct type for num_user_context
    - IB/hfi1: Fix memory leak in exception path in get_irq_affinity()
    - RDMA/cma: Do not query GID during QP state transition to RTR
    - spi: bcm2835aux: ensure interrupts are enabled for shared handler
    - sched/core: Introduce set_special_state()
    - sh: fix build failure for J2 cpu with SMP disabled
    - tee: check shm references are consistent in offset/size
    - mac80211: Adjust SAE authentication timeout
    - drm/omap: silence unititialized variable warning
    - drm/omap: fix uninitialized ret variable
    - drm/omap: fix possible NULL ref issue in tiler_reserve_2d
    - drm/omap: check return value from soc_device_match
    - drm/omap: handle alloc failures in omap_connector
    - driver core: add __printf verification to __ata_ehi_pushv_desc
    - ARM: dts: cygnus: fix irq type for arm global timer
    - mac80211: use timeout from the AddBA response instead of the request
    - net: aquantia: driver should correctly declare vlan_features bits
    - can: dev: increase bus-off message severity
    - arm64: Add MIDR encoding for NVIDIA CPUs
    - cifs: smb2ops: Fix listxattr() when there are no EAs
    - agp: uninorth: make two functions static
    - tipc: eliminate KMSAN uninit-value in strcmp complaint
    - qed: Fix l2 initializations over iWARP personality
    - qede: Fix gfp flags sent to rdma event node allocation
    - rxrpc: Fix error reception on AF_INET6 sockets
    - rxrpc: Fix the min security level for kernel calls
    - KVM: Extend MAX_IRQ_ROUTES to 4096 for all archs
    - x86: Delay skip of emulated hypercall instruction
    - ixgbe: return error on unsupported SFP module when resetting
    - net sched actions: fix invalid pointer dereferencing if skbedit flags
      missing
    - proc/kcore: don't bounds check against address 0
    - ocfs2: take inode cluster lock before moving reflinked inode from orphan dir
    - kprobes/x86: Prohibit probing on exception masking instructions
    - uprobes/x86: Prohibit probing on MOV SS instruction
    - objtool, kprobes/x86: Sync the latest <asm/insn.h> header with
      tools/objtool/arch/x86/include/asm/insn.h
    - x86/pkeys/selftests: Adjust the self-test to fresh distros that export the
      pkeys ABI
    - x86/mpx/selftests: Adjust the self-test to fresh distros that export the MPX
      ABI
    - x86/selftests: Add mov_to_ss test
    - x86/pkeys/selftests: Give better unexpected fault error messages
    - x86/pkeys/selftests: Stop using assert()
    - x86/pkeys/selftests: Remove dead debugging code, fix dprint_in_signal
    - x86/pkeys/selftests: Allow faults on unknown keys
    - x86/pkeys/selftests: Factor out "instruction page"
    - x86/pkeys/selftests: Add PROT_EXEC test
    - x86/pkeys/selftests: Fix pkey exhaustion test off-by-one
    - x86/pkeys/selftests: Fix pointer math
    - x86/pkeys/selftests: Save off 'prot' for allocations
    - x86/pkeys/selftests: Add a test for pkey 0
    - mtd: Fix comparison in map_word_andequal()
    - afs: Fix the non-encryption of calls
    - usb: musb: fix remote wakeup racing with suspend
    - ARM: keystone: fix platform_domain_notifier array overrun
    - i2c: pmcmsp: return message count on master_xfer success
    - i2c: pmcmsp: fix error return from master_xfer
    - i2c: viperboard: return message count on master_xfer success
    - ARM: davinci: dm646x: fix timer interrupt generation
    - ARM: davinci: board-dm646x-evm: pass correct I2C adapter id for VPIF
    - ARM: davinci: board-dm646x-evm: set VPIF capture card name
    - clk: imx6ull: use OSC clock during AXI rate change
    - locking/rwsem: Add a new RWSEM_ANONYMOUSLY_OWNED flag
    - locking/percpu-rwsem: Annotate rwsem ownership transfer by setting
      RWSEM_OWNER_UNKNOWN
    - drm/dumb-buffers: Integer overflow in drm_mode_create_ioctl()
    - sched/debug: Move the print_rt_rq() and print_dl_rq() declarations to
      kernel/sched/sched.h
    - sched/deadline: Make the grub_reclaim() function static
    - parisc: Move setup_profiling_timer() out of init section
    - efi/libstub/arm64: Handle randomized TEXT_OFFSET
    - ARM: 8753/1: decompressor: add a missing parameter to the addruart macro
    - ARM: 8758/1: decompressor: restore r1 and r2 just before jumping to the
      kernel
    - ARM: kexec: fix kdump register saving on panic()
    - Revert "Btrfs: fix scrub to repair raid6 corruption"
    - Btrfs: fix scrub to repair raid6 corruption
    - Btrfs: make raid6 rebuild retry more
    - tcp: do not overshoot window_clamp in tcp_rcv_space_adjust()
    - ibmvnic: Do not notify peers on parameter change resets
    - dt-bindings: net: ravb: Add support for r8a77965 SoC
    - X86/KVM: Properly update 'tsc_offset' to represent the running guest
    - kvm: x86: move MSR_IA32_TSC handling to x86.c
    - ARM: dts: Fix cm2 and prm sizes for omap4
    - powerpc/64s: Default l1d_size to 64K in RFI fallback flush
    - KVM: arm/arm64: vgic: Kick new VCPU on interrupt migration
    - arm64: kasan: avoid pfn_to_nid() before page array is initialized
    - ARM64: dts: meson-gxl: add USB host support
    - ARM64: dts: meson-gxm: add GXM specific USB host configuration
    - ARM64: dts: meson-gxl-s905x-p212: enable the USB controller
    - ARM64: dts: meson-gx-p23x-q20x: enable the USB controller
    - ARM64: dts: meson-gxl-s905x-libretech-cc: enable the USB controller
    - ARM64: dts: meson-gxl-nexbox-a95x: enable the USB controller
    - ARM64: dts: meson-gxm-khadas-vim2: enable the USB controller
    - arm64: dts: correct SATA addresses for Stingray
    - afs: Fix server record deletion
    - proc: fix /proc/loadavg regression
    - s390/qeth: fix request-side race during cmd IO timeout
    - ACPI / scan: Initialize watchdog before PNP
    - CIFS: set *resp_buf_type to NO_BUFFER on error
    - arm64: dts: uniphier: fix input delay value for legacy mode of eMMC
    - igb: Fix the transmission mode of queue 0 for Qav mode
    - RISC-V: build vdso-dummy.o with -no-pie
    - arm64: only advance singlestep for user instruction traps
    - perf pmu: Fix core PMU alias list for X86 platform
    - bpf, x64: fix JIT emission for dead code
    - powerpc/kvm/booke: Fix altivec related build break
    - reset: uniphier: fix USB clock line for LD20
    - nfp: don't depend on eth_tbl being available
    - net: mvpp2: Fix clk error path in mvpp2_probe
    - kvm: apic: Flush TLB after APIC mode/address change if VPIDs are in use
    - IB/uverbs: Fix validating mandatory attributes
    - RDMA/hns: Intercept illegal RDMA operation when use inline data
    - pinctrl: cherryview: Associate IRQ descriptors to irqdomain
    - kthread, sched/wait: Fix kthread_parkme() completion issue
    - iommu/vt-d: Fix usage of force parameter in intel_ir_reconfigure_irte()
    - nvme/multipath: Disable runtime writable enabling parameter
    - ARM: dts: correct missing "compatible" entry for ti81xx SoCs
    - usb: typec: tps6598x: handle block reads separately with plain-I2C adapters
    - IB/mlx4: Fix integer overflow when calculating optimal MTT size
    - bpf: add map_alloc_check callback
    - bpf: fix possible spectre-v1 in find_and_alloc_map()
    - drm/exynos/mixer: fix synchronization check in interlaced mode
    - drm/exynos: mixer: avoid Oops in vp_video_buffer()
    - bpf: use array_index_nospec in find_prog_type
    - gcc-plugins: fix build condition of SANCOV plugin
    - drm/vc4: Fix oops dereferencing DPI's connector since panel_bridge.
    - nvme: fix use-after-free in nvme_free_ns_head
    - powerpc/pseries: Fix CONFIG_NUMA=n build
    - HID: i2c-hid: Add RESEND_REPORT_DESCR quirk for Toshiba Click Mini L9W-B
    - cifs: Allocate validate negotiation request through kmalloc
    - drm/amdgpu: Switch to interruptable wait to recover from ring hang.
    - rxrpc: Fix missing start of call timeout
    - ARM: dts: imx51-zii-rdu1: fix touchscreen bindings
    - sh: switch to NO_BOOTMEM
    - lib/find_bit_benchmark.c: avoid soft lockup in test_find_first_bit()
    - x86/pkeys/selftests: Avoid printf-in-signal deadlocks
    - afs: Fix address list parsing
    - afs: Fix refcounting in callback registration
    - afs: Fix server rotation's handling of fileserver probe failure
    - afs: Fix VNOVOL handling in address rotation
    - afs: Fix the handling of CB.InitCallBackState3 to find the server by UUID
    - afs: Fix afs_find_server search loop
    - KVM: X86: Lower the default timer frequency limit to 200us
    - platform/x86: DELL_WMI use depends on instead of select for DELL_SMBIOS
    - ARM: replace unnecessary perl with sed and the shell $(( )) operator
  * Improvements to the kernel source package preparation (LP: #1793461)
    - [Packaging] startnewrelease: add support for backport kernels
  * Kernel 4.15.0-35.38 fails to build with CONFIG_XFS_ONLINE_SCRUB enabled
    (LP: #1792393)
    - SAUCE: xfs: fix build error with CONFIG_XFS_ONLINE_SCRUB enabled
  * update ENA driver to latest mainline version (LP: #1792044)
    - net: ena: add detection and recovery mechanism for handling missed/misrouted
      MSI-X
    - net: ena: increase ena driver version to 1.5.0
    - net: ena: Eliminate duplicate barriers on weakly-ordered archs
    - SAUCE: ena: devm_kzalloc() -> devm_kcalloc()
    - net: ena: Fix use of uninitialized DMA address bits field
    - net: ena: fix surprise unplug NULL dereference kernel crash
    - net: ena: fix driver when PAGE_SIZE == 64kB
    - net: ena: fix device destruction to gracefully free resources
    - net: ena: fix potential double ena_destroy_device()
    - net: ena: fix missing lock during device destruction
    - net: ena: fix missing calls to READ_ONCE
    - net: ena: fix incorrect usage of memory barriers

 -- Stefan Bader <email address hidden>  Tue, 02 Oct 2018 20:07:06 +0200
Superseded in disco-release on 2018-11-12
Published in cosmic-release on 2018-10-08
Superseded in bionic-security on 2018-11-14
Superseded in bionic-updates on 2018-10-24
Deleted in cosmic-proposed (Reason: moved to release)
Deleted in bionic-proposed (Reason: NBS)
linux-oem (4.15.0-1021.24) bionic; urgency=medium

  [ Ubuntu: 4.15.0-36.39 ]

  * CVE-2018-14633
    - iscsi target: Use hex2bin instead of a re-implementation
  * CVE-2018-17182
    - mm: get rid of vmacache_flush_all() entirely

Deleted in cosmic-proposed on 2018-09-27 (Reason: NBS)
Deleted in bionic-proposed on 2018-09-27 (Reason: NBS)
linux-oem (4.15.0-1020.23) bionic; urgency=medium

  * linux-oem: 4.15.0-1020.23 -proposed tracker (LP: #1793656)

  * Fix unusable NVIDIA GPU after S3 (LP: #1793338)
    - PCI: Reprogram bridge prefetch registers on resume

 -- Timo Aaltonen <email address hidden>  Fri, 21 Sep 2018 10:20:26 +0300
Deleted in bionic-proposed on 2018-09-25 (Reason: NBS)
linux-oem (4.15.0-1019.22) bionic; urgency=medium

  * linux-oem: 4.15.0-1019.22 -proposed tracker (LP: #1791724)

  * Fix I2C touchpanels' interrupt storms after system suspend (LP: #1792309)
    - HID: i2c-hid: Fix flooded incomplete report after S3 on Rayd touchscreen
    - HID: i2c-hid: Don't reset device upon system resume

  * Miscellaneous Ubuntu changes
    - Rebase to 4.15.0-35.38
    - [Config] update configs following rebase to 4.15.0-35.38

  * drm/i915: Drop backported support for Cannonlake. (LP: #1792589)

  [ Ubuntu: 4.15.0-35.38 ]

  * linux: 4.15.0-35.38 -proposed tracker (LP: #1791719)
  * device hotplug of vfio devices can lead to deadlock in vfio_pci_release
    (LP: #1792099)
    - SAUCE: vfio -- release device lock before userspace requests
  * L1TF mitigation not effective in some CPU and RAM combinations
    (LP: #1788563)
    - x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit
    - x86/speculation/l1tf: Fix off-by-one error when warning that system has too
      much RAM
    - x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+
  * CVE-2018-15594
    - x86/paravirt: Fix spectre-v2 mitigations for paravirt guests
  * CVE-2017-5715 (Spectre v2 s390x)
    - KVM: s390: implement CPU model only facilities
    - s390: detect etoken facility
    - KVM: s390: add etoken support for guests
    - s390/lib: use expoline for all bcr instructions
    - s390: fix br_r1_trampoline for machines without exrl
    - SAUCE: s390: use expoline thunks for all branches generated by the BPF JIT
  * Ubuntu18.04.1: cpuidle: powernv: Fix promotion from snooze if next state
    disabled (performance) (LP: #1790602)
    - cpuidle: powernv: Fix promotion from snooze if next state disabled
  * Watchdog CPU:19 Hard LOCKUP when kernel crash was triggered (LP: #1790636)
    - powerpc: hard disable irqs in smp_send_stop loop
    - powerpc: Fix deadlock with multiple calls to smp_send_stop
    - powerpc: smp_send_stop do not offline stopped CPUs
    - powerpc/powernv: Fix opal_event_shutdown() called with interrupts disabled
  * Security fix: check if IOMMU page is contained in the pinned physical page
    (LP: #1785675)
    - vfio/spapr: Use IOMMU pageshift rather than pagesize
    - KVM: PPC: Check if IOMMU page is contained in the pinned physical page
  * Missing Intel GPU pci-id's (LP: #1789924)
    - drm/i915/kbl: Add KBL GT2 sku
    - drm/i915/whl: Introducing Whiskey Lake platform
    - drm/i915/aml: Introducing Amber Lake platform
    - drm/i915/cfl: Add a new CFL PCI ID.
  * CVE-2018-15572
    - x86/speculation: Protect against userspace-userspace spectreRSB
  * Support Power Management for Thunderbolt Controller  (LP: #1789358)
    - thunderbolt: Handle NULL boot ACL entries properly
    - thunderbolt: Notify userspace when boot_acl is changed
    - thunderbolt: Use 64-bit DMA mask if supported by the platform
    - thunderbolt: Do not unnecessarily call ICM get route
    - thunderbolt: No need to take tb->lock in domain suspend/complete
    - thunderbolt: Use correct ICM commands in system suspend
    - thunderbolt: Add support for runtime PM
  * random oopses on s390 systems using NVMe devices (LP: #1790480)
    - s390/pci: fix out of bounds access during irq setup
  * [Bionic] Spectre v4 mitigation (Speculative Store Bypass Disable) support
    for arm64 using SMC firmware call to set a hardware chicken bit
    (LP: #1787993) // CVE-2018-3639 (arm64)
    - arm64: alternatives: Add dynamic patching feature
    - KVM: arm/arm64: Do not use kern_hyp_va() with kvm_vgic_global_state
    - KVM: arm64: Avoid storing the vcpu pointer on the stack
    - arm/arm64: smccc: Add SMCCC-specific return codes
    - arm64: Call ARCH_WORKAROUND_2 on transitions between EL0 and EL1
    - arm64: Add per-cpu infrastructure to call ARCH_WORKAROUND_2
    - arm64: Add ARCH_WORKAROUND_2 probing
    - arm64: Add 'ssbd' command-line option
    - arm64: ssbd: Add global mitigation state accessor
    - arm64: ssbd: Skip apply_ssbd if not using dynamic mitigation
    - arm64: ssbd: Restore mitigation status on CPU resume
    - arm64: ssbd: Introduce thread flag to control userspace mitigation
    - arm64: ssbd: Add prctl interface for per-thread mitigation
    - arm64: KVM: Add HYP per-cpu accessors
    - arm64: KVM: Add ARCH_WORKAROUND_2 support for guests
    - arm64: KVM: Handle guest's ARCH_WORKAROUND_2 requests
    - arm64: KVM: Add ARCH_WORKAROUND_2 discovery through ARCH_FEATURES_FUNC_ID
    - [Config] ARM64_SSBD=y
  * Reconcile hns3 SAUCE patches with upstream (LP: #1787477)
    - Revert "UBUNTU: SAUCE: net: hns3: Optimize PF CMDQ interrupt switching
      process"
    - Revert "UBUNTU: SAUCE: net: hns3: Fix for VF mailbox receiving unknown
      message"
    - Revert "UBUNTU: SAUCE: net: hns3: Fix for VF mailbox cannot receiving PF
      response"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix comments for
      hclge_get_ring_chain_from_mbx"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix for using wrong mask and
      shift in hclge_get_ring_chain_from_mbx"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix for reset_level default
      assignment probelm"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove unnecessary ring
      configuration operation while resetting"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix return value error in
      hns3_reset_notify_down_enet"
    - Revert "UBUNTU: SAUCE: net: hns3: Fix for phy link issue when using marvell
      phy driver"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: separate roce from nic when
      resetting"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: correct reset event status
      register"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: prevent to request reset
      frequently"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: reset net device with rtnl_lock"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: modify the order of initializeing
      command queue register"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: prevent sending command during
      global or core reset"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove the warning when clear
      reset cause"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix get_vector ops in
      hclgevf_main module"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix warning bug when doing lp
      selftest"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: Add configure for mac minimal
      frame size"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix for mailbox message truncated
      problem"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix for l4 checksum offload bug"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix for waterline not setting
      correctly"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix for mac pause not disable in
      pfc mode"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix tc setup when netdev is first
      up"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: Add SPDX tags to hns3 driver"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove unused struct member and
      definition"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix mislead parameter name"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: modify inconsistent bit mask
      macros"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: use decimal for bit offset
      macros"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix unreasonable code comments"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove extra space and brackets"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: standardize the handle of return
      value"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove some redundant
      assignments"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix unused function warning in VF
      driver"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: modify hnae_ to hnae3_"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: use dma_zalloc_coherent instead
      of kzalloc/dma_map_single"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: give default option while
      dependency HNS3 set"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove some unused members of
      some structures"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove a redundant
      hclge_cmd_csq_done"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: using modulo for cyclic counters
      in hclge_cmd_send"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: simplify hclge_cmd_csq_clean"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove some redundant
      assignments"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove useless code in
      hclge_cmd_send"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove unused
      hclge_ring_to_dma_dir"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: use lower_32_bits and
      upper_32_bits"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove back in struct hclge_hw"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: add unlikely for error check"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove the Redundant put_vector
      in hns3_client_uninit"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: print the ret value in error
      information"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: extraction an interface for state
      state init|uninit"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove unused head file in
      hnae3.c"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: add l4_type check for both ipv4
      and ipv6"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: add vector status check before
      free vector"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: rename the interface for
      init_client_instance and uninit_client_instance"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove hclge_get_vector_index
      from hclge_bind_ring_with_vector"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: RX BD information valid only in
      last BD except VLD bit and buffer size"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: add support for serdes loopback
      selftest"
    - net: hns3: Updates RX packet info fetch in case of multi BD
    - net: hns3: remove unused hclgevf_cfg_func_mta_filter
    - net: hns3: Fix for VF mailbox cannot receiving PF response
    - net: hns3: Fix for VF mailbox receiving unknown message
    - net: hns3: Optimize PF CMDQ interrupt switching process
    - net: hns3: remove hclge_get_vector_index from hclge_bind_ring_with_vector
    - net: hns3: rename the interface for init_client_instance and
      uninit_client_instance
    - net: hns3: add vector status check before free vector
    - net: hns3: add l4_type check for both ipv4 and ipv6
    - net: hns3: add unlikely for error check
    - net: hns3: remove unused head file in hnae3.c
    - net: hns3: extraction an interface for state init|uninit
    - net: hns3: print the ret value in error information
    - net: hns3: remove the Redundant put_vector in hns3_client_uninit
    - net: hns3: remove back in struct hclge_hw
    - net: hns3: use lower_32_bits and upper_32_bits
    - net: hns3: remove unused hclge_ring_to_dma_dir
    - net: hns3: remove useless code in hclge_cmd_send
    - net: hns3: remove some redundant assignments
    - net: hns3: simplify hclge_cmd_csq_clean
    - net: hns3: remove a redundant hclge_cmd_csq_done
    - net: hns3: remove some unused members of some structures
    - net: hns3: give default option while dependency HNS3 set
    - net: hns3: use dma_zalloc_coherent instead of kzalloc/dma_map_single
    - net: hns3: modify hnae_ to hnae3_
    - net: hns3: Fix tc setup when netdev is first up
    - net: hns3: Fix for mac pause not disable in pfc mode
    - net: hns3: Fix for waterline not setting correctly
    - net: hns3: Fix for l4 checksum offload bug
    - net: hns3: Fix for mailbox message truncated problem
    - net: hns3: Add configure for mac minimal frame size
    - net: hns3: Fix warning bug when doing lp selftest
    - net: hns3: Fix get_vector ops in hclgevf_main module
    - net: hns3: Remove the warning when clear reset cause
    - net: hns3: Prevent sending command during global or core reset
    - net: hns3: Modify the order of initializing command queue register
    - net: hns3: Reset net device with rtnl_lock
    - net: hns3: Prevent to request reset frequently
    - net: hns3: Correct reset event status register
    - net: hns3: Fix return value error in hns3_reset_notify_down_enet
    - net: hns3: remove unnecessary ring configuration operation while resetting
    - net: hns3: Fix for reset_level default assignment probelm
    - net: hns3: Fix for using wrong mask and shift in
      hclge_get_ring_chain_from_mbx
    - net: hns3: Fix comments for hclge_get_ring_chain_from_mbx
    - net: hns3: Remove some redundant assignments
    - net: hns3: Standardize the handle of return value
    - net: hns3: Remove extra space and brackets
    - net: hns3: Correct unreasonable code comments
    - net: hns3: Use decimal for bit offset macros
    - net: hns3: Modify inconsistent bit mask macros
    - net: hns3: Fix misleading parameter name
    - net: hns3: Remove unused struct member and definition
    - net: hns3: Add SPDX tags to HNS3 PF driver
    - net: hns3: Add support for serdes loopback selftest
    - net: hns3: Fix for phy link issue when using marvell phy driver
    - SAUCE: {topost} net: hns3: separate roce from nic when resetting
  * CVE-2018-6555
    - SAUCE: irda: Only insert new objects into the global database via setsockopt
  * CVE-2018-6554
    - SAUCE: irda: Fix memory leak caused by repeated binds of irda socket
  * Bionic update: upstream stable patchset 2018-08-31 (LP: #1790188)
    - netfilter: nf_tables: fix NULL pointer dereference on
      nft_ct_helper_obj_dump()
    - blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers
    - af_key: Always verify length of provided sadb_key
    - gpio: No NULL owner
    - KVM: X86: Fix reserved bits check for MOV to CR3
    - KVM: x86: introduce linear_{read,write}_system
    - KVM: x86: pass kvm_vcpu to kvm_read_guest_virt and
      kvm_write_guest_virt_system
    - staging: android: ion: Switch to pr_warn_once in ion_buffer_destroy
    - NFC: pn533: don't send USB data off of the stack
    - usbip: vhci_sysfs: fix potential Spectre v1
    - usb-storage: Add support for FL_ALWAYS_SYNC flag in the UAS driver
    - usb-storage: Add compatibility quirk flags for G-Technologies G-Drive
    - Input: xpad - add GPD Win 2 Controller USB IDs
    - phy: qcom-qusb2: Fix crash if nvmem cell not specified
    - usb: gadget: function: printer: avoid wrong list handling in printer_write()
    - usb: gadget: udc: renesas_usb3: disable the controller's irqs for
      reconnecting
    - serial: sh-sci: Stop using printk format %pCr
    - tty/serial: atmel: use port->name as name in request_irq()
    - serial: samsung: fix maxburst parameter for DMA transactions
    - serial: 8250: omap: Fix idling of clocks for unused uarts
    - vmw_balloon: fixing double free when batching mode is off
    - tty: pl011: Avoid spuriously stuck-off interrupts
    - kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access
    - Input: goodix - add new ACPI id for GPD Win 2 touch screen
    - crypto: caam - strip input zeros from RSA input buffer
    - crypto: caam - fix DMA mapping dir for generated IV
    - crypto: caam - fix IV DMA mapping and updating
    - crypto: caam/qi - fix IV DMA mapping and updating
    - crypto: caam - fix size of RSA prime factor q
    - crypto: vmx - Remove overly verbose printk from AES init routines
    - crypto: vmx - Remove overly verbose printk from AES XTS init
    - crypto: omap-sham - fix memleak
    - usb: typec: wcove: Remove dependency on HW FSM
    - usb: gadget: udc: renesas_usb3: fix double phy_put()
    - usb: gadget: udc: renesas_usb3: should remove debugfs
    - usb: gadget: udc: renesas_usb3: should call pm_runtime_enable() before add
      udc
    - usb: gadget: udc: renesas_usb3: should call devm_phy_get() before add udc
    - usb: gadget: udc: renesas_usb3: should fail if devm_phy_get() returns error
  * Bionic update: upstream stable patchset 2018-08-29 (LP: #1789666)
    - scsi: sd_zbc: Avoid that resetting a zone fails sporadically
    - mmap: introduce sane default mmap limits
    - mmap: relax file size limit for regular files
    - btrfs: define SUPER_FLAG_METADUMP_V2
    - kconfig: Avoid format overflow warning from GCC 8.1
    - be2net: Fix error detection logic for BE3
    - bnx2x: use the right constant
    - dccp: don't free ccid2_hc_tx_sock struct in dccp_disconnect()
    - enic: set DMA mask to 47 bit
    - ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds
    - ip6_tunnel: remove magic mtu value 0xFFF8
    - ipmr: properly check rhltable_init() return value
    - ipv4: remove warning in ip_recv_error
    - ipv6: omit traffic class when calculating flow hash
    - isdn: eicon: fix a missing-check bug
    - kcm: Fix use-after-free caused by clonned sockets
    - netdev-FAQ: clarify DaveM's position for stable backports
    - net: ipv4: add missing RTA_TABLE to rtm_ipv4_policy
    - net: metrics: add proper netlink validation
    - net/packet: refine check for priv area size
    - net: phy: broadcom: Fix bcm_write_exp()
    - net: usb: cdc_mbim: add flag FLAG_SEND_ZLP
    - packet: fix reserve calculation
    - qed: Fix mask for physical address in ILT entry
    - sctp: not allow transport timeout value less than HZ/5 for hb_timer
    - team: use netdev_features_t instead of u32
    - vhost: synchronize IOTLB message with dev cleanup
    - vrf: check the original netdevice for generating redirect
    - ipv6: sr: fix memory OOB access in seg6_do_srh_encap/inline
    - net: phy: broadcom: Fix auxiliary control register reads
    - net-sysfs: Fix memory leak in XPS configuration
    - virtio-net: correctly transmit XDP buff after linearizing
    - net/mlx4: Fix irq-unsafe spinlock usage
    - tun: Fix NULL pointer dereference in XDP redirect
    - virtio-net: correctly check num_buf during err path
    - net/mlx5e: When RXFCS is set, add FCS data into checksum calculation
    - virtio-net: fix leaking page for gso packet during mergeable XDP
    - rtnetlink: validate attributes in do_setlink()
    - cls_flower: Fix incorrect idr release when failing to modify rule
    - PCI: hv: Do not wait forever on a device that has disappeared
    - drm: set FMODE_UNSIGNED_OFFSET for drm files
    - l2tp: fix refcount leakage on PPPoL2TP sockets
    - mlxsw: spectrum: Forbid creation of VLAN 1 over port/LAG
    - net: ethernet: ti: cpdma: correct error handling for chan create
    - net: ethernet: davinci_emac: fix error handling in probe()
    - net: dsa: b53: Fix for brcm tag issue in Cygnus SoC
    - net : sched: cls_api: deal with egdev path only if needed
  * Bionic update: upstream stable patchset 2018-08-24 (LP: #1788897)
    - fix io_destroy()/aio_complete() race
    - mm: fix the NULL mapping case in __isolate_lru_page()
    - objtool: Support GCC 8's cold subfunctions
    - objtool: Support GCC 8 switch tables
    - objtool: Detect RIP-relative switch table references
    - objtool: Detect RIP-relative switch table references, part 2
    - objtool: Fix "noreturn" detection for recursive sibling calls
    - xfs: convert XFS_AGFL_SIZE to a helper function
    - xfs: detect agfl count corruption and reset agfl
    - Input: synaptics - Lenovo Carbon X1 Gen5 (2017) devices should use RMI
    - Input: synaptics - add Lenovo 80 series ids to SMBus
    - Input: elan_i2c_smbus - fix corrupted stack
    - tracing: Fix crash when freeing instances with event triggers
    - tracing: Make the snapshot trigger work with instances
    - selinux: KASAN: slab-out-of-bounds in xattr_getsecurity
    - cfg80211: further limit wiphy names to 64 bytes
    - drm/amd/powerplay: Fix enum mismatch
    - rtlwifi: rtl8192cu: Remove variable self-assignment in rf.c
    - platform/chrome: cros_ec_lpc: remove redundant pointer request
    - kbuild: clang: disable unused variable warnings only when constant
    - tcp: avoid integer overflows in tcp_rcv_space_adjust()
    - iio: ad7793: implement IIO_CHAN_INFO_SAMP_FREQ
    - iio:buffer: make length types match kfifo types
    - iio:kfifo_buf: check for uint overflow
    - iio: adc: select buffer for at91-sama5d2_adc
    - MIPS: lantiq: gphy: Drop reboot/remove reset asserts
    - MIPS: ptrace: Fix PTRACE_PEEKUSR requests for 64-bit FGRs
    - MIPS: prctl: Disallow FRE without FR with PR_SET_FP_MODE requests
    - scsi: scsi_transport_srp: Fix shost to rport translation
    - stm class: Use vmalloc for the master map
    - hwtracing: stm: fix build error on some arches
    - IB/core: Fix error code for invalid GID entry
    - mm/huge_memory.c: __split_huge_page() use atomic ClearPageDirty()
    - Revert "rt2800: use TXOP_BACKOFF for probe frames"
    - intel_th: Use correct device when freeing buffers
    - drm/psr: Fix missed entry in PSR setup time table.
    - drm/i915/lvds: Move acpi lid notification registration to registration phase
    - drm/i915: Disable LVDS on Radiant P845
    - drm/vmwgfx: Use kasprintf
    - drm/vmwgfx: Fix host logging / guestinfo reading error paths
    - nvme: fix extended data LBA supported setting
    - iio: hid-sensor-trigger: Fix sometimes not powering up the sensor after
      resume
    - x86/MCE/AMD: Define a function to get SMCA bank type
    - x86/mce/AMD: Pass the bank number to smca_get_bank_type()
    - x86/mce/AMD, EDAC/mce_amd: Enumerate Reserved SMCA bank type
    - x86/mce/AMD: Carve out SMCA get_block_address() code
    - x86/MCE/AMD: Cache SMCA MISC block addresses
  * errors when scanning partition table of corrupted AIX disk (LP: #1787281)
    - partitions/aix: fix usage of uninitialized lv_info and lvname structures
    - partitions/aix: append null character to print data from disk
  * tlbie master timeout checkstop (using NVidia/GPU) (LP: #1789772)
    - powerpc/mm/hugetlb: Update huge_ptep_set_access_flags to call
      __ptep_set_access_flags directly
    - powerpc/mm/radix: Move function from radix.h to pgtable-radix.c
    - powerpc/mm: Change function prototype
    - powerpc/mm/radix: Change pte relax sequence to handle nest MMU hang
  * performance drop with ATS enabled (LP: #1788097)
    - powerpc/powernv: Fix concurrency issue with npu->mmio_atsd_usage
  * [Regression] kernel crashdump fails on arm64 (LP: #1786878)
    - arm64: export memblock_reserve()d regions via /proc/iomem
    - drivers: acpi: add dependency of EFI for arm64
    - efi/arm: preserve early mapping of UEFI memory map longer for BGRT
    - efi/arm: map UEFI memory map even w/o runtime services enabled
    - arm64: acpi: fix alignment fault in accessing ACPI
    - [Config] CONFIG_ARCH_SUPPORTS_ACPI=y
    - arm64: fix ACPI dependencies
    - ACPI: fix menuconfig presentation of ACPI submenu
  * TB 16 issue on Dell Lattitude 7490 with large amount of data (LP: #1785780)
    - r8152: disable RX aggregation on new Dell TB16 dock
  * dell_wmi: Unknown key codes (LP: #1762385)
    - platform/x86: dell-wmi: Ignore new rfkill and fn-lock events
  * Enable AMD PCIe MP2 for AMDI0011 (LP: #1773940)
    - SAUCE: i2c:amd I2C Driver based on PCI Interface for upcoming platform
    - SAUCE: i2c:amd move out pointer in union i2c_event_base
    - SAUCE: i2c:amd Depends on ACPI
    - [Config] i2c: CONFIG_I2C_AMD_MP2=y on x86
  * r8169 no internet after suspending (LP: #1779817)
    - r8169: restore previous behavior to accept BIOS WoL settings
    - r8169: don't use MSI-X on RTL8168g
    - r8169: don't use MSI-X on RTL8106e
  * Fix Intel Cannon Lake LPSS I2C input clock (LP: #1789790)
    - mfd: intel-lpss: Fix Intel Cannon Lake LPSS I2C input clock
  * Microphone cannot be detected with front panel audio combo jack on HP Z8-G4
    machine (LP: #1789145)
    - ALSA: hda/realtek - Fix HP Headset Mic can't record
  * Tango platform uses __initcall without further checks (LP: #1787945)
    - [Config] disable ARCH_TANGO
  * [18.10 FEAT] Add kernel config option "CONFIG_SCLP_OFB" (LP: #1787898)
    - [Config] CONFIG_SCLP_OFB=y for s390x

 -- Timo Aaltonen <email address hidden>  Fri, 14 Sep 2018 17:45:03 +0300

Available diffs

Superseded in cosmic-release on 2018-10-08
Superseded in bionic-security on 2018-10-01
Superseded in bionic-updates on 2018-10-01
Deleted in cosmic-proposed (Reason: moved to release)
Deleted in bionic-proposed (Reason: moved to -updates)
linux-oem (4.15.0-1018.21) bionic; urgency=medium

  * linux-oem: 4.15.0-1018.21 -proposed tracker (LP: #1788748)

  [ Ubuntu: 4.15.0-34.37 ]

  * linux: 4.15.0-34.37 -proposed tracker (LP: #1788744)
  * Bionic update: upstream stable patchset 2018-08-09 (LP: #1786352)
    - MIPS: c-r4k: Fix data corruption related to cache coherence
    - MIPS: ptrace: Expose FIR register through FP regset
    - MIPS: Fix ptrace(2) PTRACE_PEEKUSR and PTRACE_POKEUSR accesses to o32 FGRs
    - KVM: Fix spelling mistake: "cop_unsuable" -> "cop_unusable"
    - affs_lookup(): close a race with affs_remove_link()
    - fs: don't scan the inode cache before SB_BORN is set
    - aio: fix io_destroy(2) vs. lookup_ioctx() race
    - ALSA: timer: Fix pause event notification
    - do d_instantiate/unlock_new_inode combinations safely
    - mmc: sdhci-iproc: remove hard coded mmc cap 1.8v
    - mmc: sdhci-iproc: fix 32bit writes for TRANSFER_MODE register
    - mmc: sdhci-iproc: add SDHCI_QUIRK2_HOST_OFF_CARD_ON for cygnus
    - libata: Blacklist some Sandisk SSDs for NCQ
    - libata: blacklist Micron 500IT SSD with MU01 firmware
    - xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent
    - drm/vmwgfx: Fix 32-bit VMW_PORT_HB_[IN|OUT] macros
    - arm64: lse: Add early clobbers to some input/output asm operands
    - powerpc/64s: Clear PCR on boot
    - IB/hfi1: Use after free race condition in send context error path
    - IB/umem: Use the correct mm during ib_umem_release
    - idr: fix invalid ptr dereference on item delete
    - Revert "ipc/shm: Fix shmat mmap nil-page protection"
    - ipc/shm: fix shmat() nil address after round-down when remapping
    - mm/kasan: don't vfree() nonexistent vm_area
    - kasan: free allocated shadow memory on MEM_CANCEL_ONLINE
    - kasan: fix memory hotplug during boot
    - kernel/sys.c: fix potential Spectre v1 issue
    - KVM: s390: vsie: fix < 8k check for the itdba
    - KVM: x86: Update cpuid properly when CR4.OSXAVE or CR4.PKE is changed
    - kvm: x86: IA32_ARCH_CAPABILITIES is always supported
    - powerpc/64s: Improve RFI L1-D cache flush fallback
    - powerpc/pseries: Restore default security feature flags on setup
    - powerpc/64s: Fix section mismatch warnings from setup_rfi_flush()
    - MIPS: generic: Fix machine compatible matching
    - mac80211: mesh: fix wrong mesh TTL offset calculation
    - ARC: Fix malformed ARC_EMUL_UNALIGNED default
    - ptr_ring: prevent integer overflow when calculating size
    - arm64: dts: rockchip: fix rock64 gmac2io stability issues
    - arm64: dts: rockchip: correct ep-gpios for rk3399-sapphire
    - libata: Fix compile warning with ATA_DEBUG enabled
    - selftests: sync: missing CFLAGS while compiling
    - selftest/vDSO: fix O=
    - selftests: pstore: Adding config fragment CONFIG_PSTORE_RAM=m
    - selftests: memfd: add config fragment for fuse
    - ARM: OMAP2+: timer: fix a kmemleak caused in omap_get_timer_dt
    - ARM: OMAP3: Fix prm wake interrupt for resume
    - ARM: OMAP2+: Fix sar_base inititalization for HS omaps
    - ARM: OMAP1: clock: Fix debugfs_create_*() usage
    - tls: retrun the correct IV in getsockopt
    - xhci: workaround for AMD Promontory disabled ports wakeup
    - IB/uverbs: Fix method merging in uverbs_ioctl_merge
    - IB/uverbs: Fix possible oops with duplicate ioctl attributes
    - IB/uverbs: Fix unbalanced unlock on error path for rdma_explicit_destroy
    - arm64: dts: rockchip: Fix DWMMC clocks
    - ARM: dts: rockchip: Fix DWMMC clocks
    - iwlwifi: mvm: fix security bug in PN checking
    - iwlwifi: mvm: fix IBSS for devices that support station type API
    - iwlwifi: mvm: always init rs with 20mhz bandwidth rates
    - NFC: llcp: Limit size of SDP URI
    - rxrpc: Work around usercopy check
    - MD: Free bioset when md_run fails
    - md: fix md_write_start() deadlock w/o metadata devices
    - s390/dasd: fix handling of internal requests
    - xfrm: do not call rcu_read_unlock when afinfo is NULL in xfrm_get_tos
    - mac80211: round IEEE80211_TX_STATUS_HEADROOM up to multiple of 4
    - mac80211: fix a possible leak of station stats
    - mac80211: fix calling sleeping function in atomic context
    - cfg80211: clear wep keys after disconnection
    - mac80211: Do not disconnect on invalid operating class
    - mac80211: Fix sending ADDBA response for an ongoing session
    - gpu: ipu-v3: pre: fix device node leak in ipu_pre_lookup_by_phandle
    - gpu: ipu-v3: prg: fix device node leak in ipu_prg_lookup_by_phandle
    - md raid10: fix NULL deference in handle_write_completed()
    - drm/exynos: g2d: use monotonic timestamps
    - drm/exynos: fix comparison to bitshift when dealing with a mask
    - drm/meson: fix vsync buffer update
    - arm64: perf: correct PMUVer probing
    - RDMA/bnxt_re: Unpin SQ and RQ memory if QP create fails
    - RDMA/bnxt_re: Fix system crash during load/unload
    - net/mlx5e: Return error if prio is specified when offloading eswitch vlan
      push
    - locking/xchg/alpha: Add unconditional memory barrier to cmpxchg()
    - md: raid5: avoid string overflow warning
    - virtio_net: fix XDP code path in receive_small()
    - kernel/relay.c: limit kmalloc size to KMALLOC_MAX_SIZE
    - bug.h: work around GCC PR82365 in BUG()
    - selftests/memfd: add run_fuse_test.sh to TEST_FILES
    - seccomp: add a selftest for get_metadata
    - soc: imx: gpc: de-register power domains only if initialized
    - powerpc/bpf/jit: Fix 32-bit JIT for seccomp_data access
    - s390/cio: fix ccw_device_start_timeout API
    - s390/cio: fix return code after missing interrupt
    - s390/cio: clear timer when terminating driver I/O
    - selftests/bpf/test_maps: exit child process without error in ENOMEM case
    - PKCS#7: fix direct verification of SignerInfo signature
    - arm64: dts: cavium: fix PCI bus dtc warnings
    - nfs: system crashes after NFS4ERR_MOVED recovery
    - ARM: OMAP: Fix dmtimer init for omap1
    - smsc75xx: fix smsc75xx_set_features()
    - regulatory: add NUL to request alpha2
    - integrity/security: fix digsig.c build error with header file
    - x86/intel_rdt: Fix incorrect returned value when creating rdgroup sub-
      directory in resctrl file system
    - locking/xchg/alpha: Fix xchg() and cmpxchg() memory ordering bugs
    - x86/topology: Update the 'cpu cores' field in /proc/cpuinfo correctly across
      CPU hotplug operations
    - mac80211: drop frames with unexpected DS bits from fast-rx to slow path
    - arm64: fix unwind_frame() for filtered out fn for function graph tracing
    - macvlan: fix use-after-free in macvlan_common_newlink()
    - KVM: nVMX: Don't halt vcpu when L1 is injecting events to L2
    - kvm: fix warning for CONFIG_HAVE_KVM_EVENTFD builds
    - ARM: dts: imx6dl: Include correct dtsi file for Engicam i.CoreM6
      DualLite/Solo RQS
    - fs: dcache: Avoid livelock between d_alloc_parallel and __d_add
    - fs: dcache: Use READ_ONCE when accessing i_dir_seq
    - md: fix a potential deadlock of raid5/raid10 reshape
    - md/raid1: fix NULL pointer dereference
    - batman-adv: fix packet checksum in receive path
    - batman-adv: invalidate checksum on fragment reassembly
    - netfilter: ipt_CLUSTERIP: put config struct if we can't increment ct
      refcount
    - netfilter: ipt_CLUSTERIP: put config instead of freeing it
    - netfilter: ebtables: convert BUG_ONs to WARN_ONs
    - batman-adv: Ignore invalid batadv_iv_gw during netlink send
    - batman-adv: Ignore invalid batadv_v_gw during netlink send
    - batman-adv: Fix netlink dumping of BLA claims
    - batman-adv: Fix netlink dumping of BLA backbones
    - nvme-pci: Fix nvme queue cleanup if IRQ setup fails
    - clocksource/drivers/fsl_ftm_timer: Fix error return checking
    - libceph, ceph: avoid memory leak when specifying same option several times
    - ceph: fix dentry leak when failing to init debugfs
    - xen/pvcalls: fix null pointer dereference on map->sock
    - ARM: orion5x: Revert commit 4904dbda41c8.
    - qrtr: add MODULE_ALIAS macro to smd
    - selftests/futex: Fix line continuation in Makefile
    - r8152: fix tx packets accounting
    - virtio-gpu: fix ioctl and expose the fixed status to userspace.
    - dmaengine: rcar-dmac: fix max_chunk_size for R-Car Gen3
    - bcache: fix kcrashes with fio in RAID5 backend dev
    - ip_gre: fix IFLA_MTU ignored on NEWLINK
    - ip6_tunnel: fix IFLA_MTU ignored on NEWLINK
    - sit: fix IFLA_MTU ignored on NEWLINK
    - nbd: fix return value in error handling path
    - ARM: dts: NSP: Fix amount of RAM on BCM958625HR
    - ARM: dts: bcm283x: Fix unit address of local_intc
    - powerpc/boot: Fix random libfdt related build errors
    - clocksource/drivers/mips-gic-timer: Use correct shift count to extract data
    - gianfar: Fix Rx byte accounting for ndev stats
    - net/tcp/illinois: replace broken algorithm reference link
    - nvmet: fix PSDT field check in command format
    - net/smc: use link_id of server in confirm link reply
    - mlxsw: core: Fix flex keys scratchpad offset conflict
    - mlxsw: spectrum: Treat IPv6 unregistered multicast as broadcast
    - spectrum: Reference count VLAN entries
    - ARC: mcip: halt GFRC counter when ARC cores halt
    - ARC: mcip: update MCIP debug mask when the new cpu came online
    - ARC: setup cpu possible mask according to possible-cpus dts property
    - ipvs: remove IPS_NAT_MASK check to fix passive FTP
    - IB/mlx: Set slid to zero in Ethernet completion struct
    - RDMA/bnxt_re: Unconditionly fence non wire memory operations
    - RDMA/bnxt_re: Fix incorrect DB offset calculation
    - RDMA/bnxt_re: Fix the ib_reg failure cleanup
    - xen/pirq: fix error path cleanup when binding MSIs
    - drm/amd/amdgpu: Correct VRAM width for APUs with GMC9
    - xfrm: Fix ESN sequence number handling for IPsec GSO packets.
    - arm64: dts: rockchip: Fix rk3399-gru-* s2r (pinctrl hogs, wifi reset)
    - drm/sun4i: Fix dclk_set_phase
    - btrfs: use kvzalloc to allocate btrfs_fs_info
    - Btrfs: send, fix issuing write op when processing hole in no data mode
    - Btrfs: fix log replay failure after linking special file and fsync
    - ceph: fix potential memory leak in init_caches()
    - block: display the correct diskname for bio
    - selftests/powerpc: Skip the subpage_prot tests if the syscall is unavailable
    - net: ethtool: don't ignore return from driver get_fecparam method
    - iwlwifi: mvm: fix TX of CCMP 256
    - iwlwifi: mvm: Fix channel switch for count 0 and 1
    - iwlwifi: mvm: fix assert 0x2B00 on older FWs
    - iwlwifi: avoid collecting firmware dump if not loaded
    - iwlwifi: mvm: Direct multicast frames to the correct station
    - iwlwifi: mvm: Correctly set the tid for mcast queue
    - rds: Incorrect reference counting in TCP socket creation
    - watchdog: f71808e_wdt: Fix magic close handling
    - batman-adv: Fix multicast packet loss with a single WANT_ALL_IPV4/6 flag
    - hv_netvsc: use napi_schedule_irqoff
    - hv_netvsc: filter multicast/broadcast
    - hv_netvsc: propagate rx filters to VF
    - ARM: dts: rockchip: Add missing #sound-dai-cells on rk3288
    - e1000e: Fix check_for_link return value with autoneg off
    - e1000e: allocate ring descriptors with dma_zalloc_coherent
    - ia64/err-inject: Use get_user_pages_fast()
    - RDMA/qedr: Fix kernel panic when running fio over NFSoRDMA
    - RDMA/qedr: Fix iWARP write and send with immediate
    - IB/mlx4: Fix corruption of RoCEv2 IPv4 GIDs
    - IB/mlx4: Include GID type when deleting GIDs from HW table under RoCE
    - IB/mlx5: Fix an error code in __mlx5_ib_modify_qp()
    - fbdev: Fixing arbitrary kernel leak in case FBIOGETCMAP_SPARC in
      sbusfb_ioctl_helper().
    - fsl/fman: avoid sleeping in atomic context while adding an address
    - qed: Free RoCE ILT Memory on rmmod qedr
    - net: qcom/emac: Use proper free methods during TX
    - net: smsc911x: Fix unload crash when link is up
    - IB/core: Fix possible crash to access NULL netdev
    - cxgb4: do not set needs_free_netdev for mgmt dev's
    - xen-blkfront: move negotiate_mq to cover all cases of new VBDs
    - xen: xenbus: use put_device() instead of kfree()
    - hv_netvsc: fix filter flags
    - hv_netvsc: fix locking for rx_mode
    - hv_netvsc: fix locking during VF setup
    - ARM: davinci: fix the GPIO lookup for omapl138-hawk
    - arm64: Relax ARM_SMCCC_ARCH_WORKAROUND_1 discovery
    - selftests/vm/run_vmtests: adjust hugetlb size according to nr_cpus
    - lib/test_kmod.c: fix limit check on number of test devices created
    - dmaengine: mv_xor_v2: Fix clock resource by adding a register clock
    - netfilter: ebtables: fix erroneous reject of last rule
    - can: m_can: change comparison to bitshift when dealing with a mask
    - can: m_can: select pinctrl state in each suspend/resume function
    - bnxt_en: Check valid VNIC ID in bnxt_hwrm_vnic_set_tpa().
    - workqueue: use put_device() instead of kfree()
    - ipv4: lock mtu in fnhe when received PMTU < net.ipv4.route.min_pmtu
    - sunvnet: does not support GSO for sctp
    - KVM: arm/arm64: vgic: Add missing irq_lock to vgic_mmio_read_pending
    - gpu: ipu-v3: prg: avoid possible array underflow
    - drm/imx: move arming of the vblank event to atomic_flush
    - drm/nouveau/bl: fix backlight regression
    - xfrm: fix rcu_read_unlock usage in xfrm_local_error
    - iwlwifi: mvm: set the correct tid when we flush the MCAST sta
    - iwlwifi: mvm: Correctly set IGTK for AP
    - iwlwifi: mvm: fix error checking for multi/broadcast sta
    - net: Fix vlan untag for bridge and vlan_dev with reorder_hdr off
    - vlan: Fix out of order vlan headers with reorder header off
    - batman-adv: fix header size check in batadv_dbg_arp()
    - batman-adv: Fix skbuff rcsum on packet reroute
    - vti4: Don't count header length twice on tunnel setup
    - ip_tunnel: Clamp MTU to bounds on new link
    - vti6: Fix dev->max_mtu setting
    - iwlwifi: mvm: Increase session protection time after CS
    - iwlwifi: mvm: clear tx queue id when unreserving aggregation queue
    - iwlwifi: mvm: make sure internal station has a valid id
    - iwlwifi: mvm: fix array out of bounds reference
    - drm/tegra: Shutdown on driver unbind
    - perf/cgroup: Fix child event counting bug
    - brcmfmac: Fix check for ISO3166 code
    - kbuild: make scripts/adjust_autoksyms.sh robust against timestamp races
    - RDMA/ucma: Correct option size check using optlen
    - RDMA/qedr: fix QP's ack timeout configuration
    - RDMA/qedr: Fix rc initialization on CNQ allocation failure
    - RDMA/qedr: Fix QP state initialization race
    - net/sched: fix idr leak on the error path of tcf_bpf_init()
    - net/sched: fix idr leak in the error path of tcf_simp_init()
    - net/sched: fix idr leak in the error path of tcf_act_police_init()
    - net/sched: fix idr leak in the error path of tcp_pedit_init()
    - net/sched: fix idr leak in the error path of __tcf_ipt_init()
    - net/sched: fix idr leak in the error path of tcf_skbmod_init()
    - net: dsa: Fix functional dsa-loop dependency on FIXED_PHY
    - drm/ast: Fixed 1280x800 Display Issue
    - mm/mempolicy.c: avoid use uninitialized preferred_node
    - mm, thp: do not cause memcg oom for thp
    - xfrm: Fix transport mode skb control buffer usage.
    - selftests: ftrace: Add probe event argument syntax testcase
    - selftests: ftrace: Add a testcase for string type with kprobe_event
    - selftests: ftrace: Add a testcase for probepoint
    - drm/amdkfd: Fix scratch memory with HWS enabled
    - batman-adv: fix multicast-via-unicast transmission with AP isolation
    - batman-adv: fix packet loss for broadcasted DHCP packets to a server
    - ARM: 8748/1: mm: Define vdso_start, vdso_end as array
    - lan78xx: Set ASD in MAC_CR when EEE is enabled.
    - net: qmi_wwan: add BroadMobi BM806U 2020:2033
    - bonding: fix the err path for dev hwaddr sync in bond_enslave
    - net: dsa: mt7530: fix module autoloading for OF platform drivers
    - net/mlx5: Make eswitch support to depend on switchdev
    - perf/x86/intel: Fix linear IP of PEBS real_ip on Haswell and later CPUs
    - x86/alternatives: Fixup alternative_call_2
    - llc: properly handle dev_queue_xmit() return value
    - builddeb: Fix header package regarding dtc source links
    - qede: Fix barrier usage after tx doorbell write.
    - mm, slab: memcg_link the SLAB's kmem_cache
    - mm/page_owner: fix recursion bug after changing skip entries
    - mm/kmemleak.c: wait for scan completion before disabling free
    - hv_netvsc: enable multicast if necessary
    - qede: Do not drop rx-checksum invalidated packets.
    - net: Fix untag for vlan packets without ethernet header
    - vlan: Fix vlan insertion for packets without ethernet header
    - net: mvneta: fix enable of all initialized RXQs
    - sh: fix debug trap failure to process signals before return to user
    - firmware: dmi_scan: Fix UUID length safety check
    - nvme: don't send keep-alives to the discovery controller
    - Btrfs: clean up resources during umount after trans is aborted
    - Btrfs: fix loss of prealloc extents past i_size after fsync log replay
    - x86/pgtable: Don't set huge PUD/PMD on non-leaf entries
    - fs/proc/proc_sysctl.c: fix potential page fault while unregistering sysctl
      table
    - swap: divide-by-zero when zero length swap file on ssd
    - z3fold: fix memory leak
    - sr: get/drop reference to device in revalidate and check_events
    - Force log to disk before reading the AGF during a fstrim
    - cpufreq: CPPC: Initialize shared perf capabilities of CPUs
    - powerpc/fscr: Enable interrupts earlier before calling get_user()
    - perf tools: Fix perf builds with clang support
    - perf clang: Add support for recent clang versions
    - dp83640: Ensure against premature access to PHY registers after reset
    - ibmvnic: Zero used TX descriptor counter on reset
    - mm/ksm: fix interaction with THP
    - mm: fix races between address_space dereference and free in page_evicatable
    - mm: thp: fix potential clearing to referenced flag in
      page_idle_clear_pte_refs_one()
    - Btrfs: bail out on error during replay_dir_deletes
    - Btrfs: fix NULL pointer dereference in log_dir_items
    - btrfs: Fix possible softlock on single core machines
    - IB/rxe: Fix for oops in rxe_register_device on ppc64le arch
    - ocfs2/dlm: don't handle migrate lockres if already in shutdown
    - powerpc/64s/idle: Fix restore of AMOR on POWER9 after deep sleep
    - sched/rt: Fix rq->clock_update_flags < RQCF_ACT_SKIP warning
    - x86/mm: Fix bogus warning during EFI bootup, use boot_cpu_has() instead of
      this_cpu_has() in build_cr3_noflush()
    - KVM: VMX: raise internal error for exception during invalid protected mode
      state
    - lan78xx: Connect phy early
    - sparc64: Make atomic_xchg() an inline function rather than a macro.
    - net: bgmac: Fix endian access in bgmac_dma_tx_ring_free()
    - net: bgmac: Correctly annotate register space
    - btrfs: tests/qgroup: Fix wrong tree backref level
    - Btrfs: fix copy_items() return value when logging an inode
    - btrfs: fix lockdep splat in btrfs_alloc_subvolume_writers
    - btrfs: qgroup: Fix root item corruption when multiple same source snapshots
      are created with quota enabled
    - rxrpc: Fix Tx ring annotation after initial Tx failure
    - rxrpc: Don't treat call aborts as conn aborts
    - xen/acpi: off by one in read_acpi_id()
    - drivers: macintosh: rack-meter: really fix bogus memsets
    - ACPI: acpi_pad: Fix memory leak in power saving threads
    - powerpc/mpic: Check if cpu_possible() in mpic_physmask()
    - ieee802154: ca8210: fix uninitialised data read
    - ath10k: advertize beacon_int_min_gcd
    - iommu/amd: Take into account that alloc_dev_data() may return NULL
    - intel_th: Use correct method of finding hub
    - m68k: set dma and coherent masks for platform FEC ethernets
    - iwlwifi: mvm: check if mac80211_queue is valid in iwl_mvm_disable_txq
    - parisc/pci: Switch LBA PCI bus from Hard Fail to Soft Fail mode
    - hwmon: (nct6775) Fix writing pwmX_mode
    - powerpc/perf: Prevent kernel address leak to userspace via BHRB buffer
    - powerpc/perf: Fix kernel address leak via sampling registers
    - rsi: fix kernel panic observed on 64bit machine
    - tools/thermal: tmon: fix for segfault
    - selftests: Print the test we're running to /dev/kmsg
    - net/mlx5: Protect from command bit overflow
    - watchdog: davinci_wdt: fix error handling in davinci_wdt_probe()
    - ath10k: Fix kernel panic while using worker (ath10k_sta_rc_update_wk)
    - nvme-pci: disable APST for Samsung NVMe SSD 960 EVO + ASUS PRIME Z370-A
    - ath9k: fix crash in spectral scan
    - cxgb4: Setup FW queues before registering netdev
    - ima: Fix Kconfig to select TPM 2.0 CRB interface
    - ima: Fallback to the builtin hash algorithm
    - watchdog: aspeed: Allow configuring for alternate boot
    - arm: dts: socfpga: fix GIC PPI warning
    - ext4: don't complain about incorrect features when probing
    - drm/vmwgfx: Unpin the screen object backup buffer when not used
    - iommu/mediatek: Fix protect memory setting
    - cpufreq: cppc_cpufreq: Fix cppc_cpufreq_init() failure path
    - IB/mlx5: Set the default active rate and width to QDR and 4X
    - zorro: Set up z->dev.dma_mask for the DMA API
    - bcache: quit dc->writeback_thread when BCACHE_DEV_DETACHING is set
    - remoteproc: imx_rproc: Fix an error handling path in 'imx_rproc_probe()'
    - dt-bindings: add device tree binding for Allwinner H6 main CCU
    - ACPICA: Events: add a return on failure from acpi_hw_register_read
    - ACPICA: Fix memory leak on unusual memory leak
    - ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c
    - cxgb4: Fix queue free path of ULD drivers
    - i2c: mv64xxx: Apply errata delay only in standard mode
    - KVM: lapic: stop advertising DIRECTED_EOI when in-kernel IOAPIC is in use
    - perf top: Fix top.call-graph config option reading
    - perf stat: Fix core dump when flag T is used
    - IB/core: Honor port_num while resolving GID for IB link layer
    - drm/amdkfd: add missing include of mm.h
    - coresight: Use %px to print pcsr instead of %p
    - regulator: gpio: Fix some error handling paths in 'gpio_regulator_probe()'
    - spi: bcm-qspi: fIX some error handling paths
    - net/smc: pay attention to MAX_ORDER for CQ entries
    - MIPS: ath79: Fix AR724X_PLL_REG_PCIE_CONFIG offset
    - watchdog: dw: RMW the control register
    - watchdog: aspeed: Fix translation of reset mode to ctrl register
    - drm/meson: Fix some error handling paths in 'meson_drv_bind_master()'
    - drm/meson: Fix an un-handled error path in 'meson_drv_bind_master()'
    - powerpc: Add missing prototype for arch_irq_work_raise()
    - f2fs: fix to set KEEP_SIZE bit in f2fs_zero_range
    - f2fs: fix to clear CP_TRIMMED_FLAG
    - f2fs: fix to check extent cache in f2fs_drop_extent_tree
    - perf/core: Fix installing cgroup events on CPU
    - max17042: propagate of_node to power supply device
    - perf/core: Fix perf_output_read_group()
    - drm/panel: simple: Fix the bus format for the Ontat panel
    - hwmon: (pmbus/max8688) Accept negative page register values
    - hwmon: (pmbus/adm1275) Accept negative page register values
    - perf/x86/intel: Properly save/restore the PMU state in the NMI handler
    - cdrom: do not call check_disk_change() inside cdrom_open()
    - efi/arm*: Only register page tables when they exist
    - perf/x86/intel: Fix large period handling on Broadwell CPUs
    - perf/x86/intel: Fix event update for auto-reload
    - arm64: dts: qcom: Fix SPI5 config on MSM8996
    - soc: qcom: wcnss_ctrl: Fix increment in NV upload
    - gfs2: Fix fallocate chunk size
    - x86/devicetree: Initialize device tree before using it
    - x86/devicetree: Fix device IRQ settings in DT
    - phy: rockchip-emmc: retry calpad busy trimming
    - ALSA: vmaster: Propagate slave error
    - phy: qcom-qmp: Fix phy pipe clock gating
    - drm/bridge: sii902x: Retry status read after DDI I2C
    - tools: hv: fix compiler warnings about major/target_fname
    - block: null_blk: fix 'Invalid parameters' when loading module
    - dmaengine: pl330: fix a race condition in case of threaded irqs
    - dmaengine: rcar-dmac: Check the done lists in rcar_dmac_chan_get_residue()
    - enic: enable rq before updating rq descriptors
    - watchdog: asm9260_wdt: fix error handling in asm9260_wdt_probe()
    - hwrng: stm32 - add reset during probe
    - pinctrl: devicetree: Fix dt_to_map_one_config handling of hogs
    - pinctrl: artpec6: dt: add missing pin group uart5nocts
    - vfio-ccw: fence off transport mode
    - dmaengine: qcom: bam_dma: get num-channels and num-ees from dt
    - drm: omapdrm: dss: Move initialization code from component bind to probe
    - ARM: dts: dra71-evm: Correct evm_sd regulator max voltage
    - drm/amdgpu: disable GFX ring and disable PQ wptr in hw_fini
    - drm/amdgpu: adjust timeout for ib_ring_tests(v2)
    - net: stmmac: ensure that the device has released ownership before reading
      data
    - net: stmmac: ensure that the MSS desc is the last desc to set the own bit
    - cpufreq: Reorder cpufreq_online() error code path
    - dpaa_eth: fix SG mapping
    - PCI: Add function 1 DMA alias quirk for Marvell 88SE9220
    - udf: Provide saner default for invalid uid / gid
    - ixgbe: prevent ptp_rx_hang from running when in FILTER_ALL mode
    - sh_eth: fix TSU init on SH7734/R8A7740
    - power: supply: ltc2941-battery-gauge: Fix temperature units
    - ARM: dts: bcm283x: Fix probing of bcm2835-i2s
    - ARM: dts: bcm283x: Fix pin function of JTAG pins
    - PCMCIA / PM: Avoid noirq suspend aborts during suspend-to-idle
    - audit: return on memory error to avoid null pointer dereference
    - net: stmmac: call correct function in stmmac_mac_config_rx_queues_routing()
    - rcu: Call touch_nmi_watchdog() while printing stall warnings
    - pinctrl: sh-pfc: r8a7796: Fix MOD_SEL register pin assignment for SSI pins
      group
    - dpaa_eth: fix pause capability advertisement logic
    - MIPS: Octeon: Fix logging messages with spurious periods after newlines
    - drm/rockchip: Respect page offset for PRIME mmap calls
    - x86/apic: Set up through-local-APIC mode on the boot CPU if 'noapic'
      specified
    - perf test: Fix test case inet_pton to accept inlines.
    - perf report: Fix wrong jump arrow
    - perf tests: Use arch__compare_symbol_names to compare symbols
    - perf report: Fix memory corruption in --branch-history mode --branch-history
    - perf tests: Fix dwarf unwind for stripped binaries
    - selftests/net: fixes psock_fanout eBPF test case
    - netlabel: If PF_INET6, check sk_buff ip header version
    - drm: rcar-du: lvds: Fix LVDS startup on R-Car Gen3
    - drm: rcar-du: lvds: Fix LVDS startup on R-Car Gen2
    - ARM: dts: at91: tse850: use the correct compatible for the eeprom
    - regmap: Correct comparison in regmap_cached
    - i40e: Add delay after EMP reset for firmware to recover
    - ARM: dts: imx7d: cl-som-imx7: fix pinctrl_enet
    - ARM: dts: porter: Fix HDMI output routing
    - regulator: of: Add a missing 'of_node_put()' in an error handling path of
      'of_regulator_match()'
    - pinctrl: mcp23s08: spi: Fix regmap debugfs entries
    - kdb: make "mdr" command repeat
    - drm/vmwgfx: Set dmabuf_size when vmw_dmabuf_init is successful
    - perf tools: Add trace/beauty/generated/ into .gitignore
    - tools: sync up .h files with the repective arch and uapi .h files
    - MIPS: xilfpga: Stop generating useless dtb.o
    - MIPS: xilfpga: Actually include FDT in fitImage
    - MIPS: Fix build with DEBUG_ZBOOT and MACH_JZ4770
    - fix breakage caused by d_find_alias() semantics change
    - Btrfs: fix error handling in btrfs_truncate()
    - mmc: block: propagate correct returned value in mmc_rpmb_ioctl
    - arm64: export tishift functions to modules
    - bcma: fix buffer size caused crash in bcma_core_mips_print_irq()
    - PM / core: Fix direct_complete handling for devices with no callbacks
    - ARM: dts: sun4i: Fix incorrect clocks for displays
    - bnxt_en: Ignore src port field in decap filter nodes
    - kasan, slub: fix handling of kasan_slab_free hook
    - riscv/spinlock: Strengthen implementations with fences
    - platform/x86: dell-smbios: Fix memory leaks in build_tokens_sysfs()
    - rxrpc: Fix resend event time calculation
    - i40e: hold the RTNL lock while changing interrupt schemes
    - hv_netvsc: Fix the return status in RX path
    - firmware: fix checking for return values for fw_add_devm_name()
    - bcache: set writeback_rate_update_seconds in range [1, 60] seconds
    - bcache: fix cached_dev->count usage for bch_cache_set_error()
    - bcache: stop dc->writeback_rate_update properly
    - ibmvnic: Fix reset return from closed state
    - powerpc/vas: Fix cleanup when VAS is not configured
    - f2fs: flush cp pack except cp pack 2 page at first
    - drm/amdgpu: Clean sdma wptr register when only enable wptr polling
    - powerpc/mm/slice: Remove intermediate bitmap copy
    - powerpc/mm/slice: create header files dedicated to slices
    - powerpc/mm/slice: Enhance for supporting PPC32
    - powerpc/mm/slice: Fix hugepage allocation at hint address on 8xx
    - ibmvnic: Allocate statistics buffers during probe
    - dt-bindings: display: msm/dsi: Fix the PHY regulator supply props
    - drm/amd/display: Set vsc pack revision when DPCD revision is >= 1.2
    - soc: renesas: r8a77970-sysc: fix power area parents
    - drm/vblank: Data type fixes for 64-bit vblank sequences.
    - selftests: Add FIB onlink tests
    - soc: amlogic: meson-gx-pwrc-vpu: fix error on shutdown when domain is
      powered off
  * arm-smmu-v3 arm-smmu-v3.1.auto: failed to allocate MSIs (LP: #1785282)
    - ACPICA: iasl: Add SMMUv3 device ID mapping index support
    - ACPI/IORT: Remove temporary iort_get_id_mapping_index() ACPICA guard
  * Driver iwlwifi for Intel Wireless-AC 9560 is slow and unreliable in kernel
    4.15.0-20-generic (LP: #1772467)
    - scsi: hpsa: disable device during shutdown
  * [Bionic] i2c: xlp9xx: Add SMBAlert support  (LP: #1786981)
    - i2c: xlp9xx: Add support for SMBAlert
  * qeth: don't clobber buffer on async TX completion (LP: #1786057)
    - s390/qeth: don't clobber buffer on async TX completion
  * Linux 4.15.0-23 crashes during the boot process with a "Unable to handle
    kernel NULL pointer dereference" message (LP: #1777338)
    - x86/xen: Add call of speculative_store_bypass_ht_init() to PV paths
  * ThinkPad systems have no HDMI sound when using the nvidia GPU (LP: #1787058)
    - ACPI / OSI: Add OEM _OSI string to enable NVidia HDMI audio
  * [Bionic] i2c: xlp9xx: Fix case where SSIF read transaction completes early
    (LP: #1787240)
    - i2c: xlp9xx: Fix case where SSIF read transaction completes early
  * [Bionic] integrate upstream fix for Cavium zram driver (LP: #1787469)
    - Revert "UBUNTU: SAUCE: crypto: thunderx_zip: Fix fallout from
      CONFIG_VMAP_STACK"
    - crypto: cavium - Fix fallout from CONFIG_VMAP_STACK
    - crypto: cavium - Limit result reading attempts
    - crypto: cavium - Prevent division by zero
    - crypto: cavium - Fix statistics pending request value
    - crypto: cavium - Fix smp_processor_id() warnings
  * Bugfix for handling of shadow doorbell buffer (LP: #1788222)
    - nvme-pci: add a memory barrier to nvme_dbbuf_update_and_check_event
  * nvme devices namespace assigned to the wrong controller (LP: #1789227)
    - nvme/multipath: Fix multipath disabled naming collisions
  * linux-cloud-tools-common: Ensure hv-kvp-daemon.service starts before
    walinuxagent.service (LP: #1739107)
    - [Debian] hyper-v -- Ensure that hv-kvp-daemon.service starts before
      walinuxagent.service
  * hinic interfaces aren't getting predictable names (LP: #1783138)
    - hinic: Link the logical network device to the pci device in sysfs
  * Suspend fails in Ubuntu and Kubuntu 18.04 but works fine in Ubuntu and
    Kubuntu 17.10 (and on Kubuntu 18.04 using kernel 4.14.47) (LP: #1774950)
    - ACPI / LPSS: Avoid PM quirks on suspend and resume from S3
    - ACPI / LPSS: Avoid PM quirks on suspend and resume from hibernation
  * [Bionic] Bluetooth: Support RTL8723D and RTL8821C Devices (LP: #1784835)
    - Bluetooth: btrtl: Add RTL8723D and RTL8821C devices
  * CacheFiles: Error: Overlong wait for old active object to go away.
    (LP: #1776254)
    - cachefiles: Fix missing clear of the CACHEFILES_OBJECT_ACTIVE flag
    - cachefiles: Wait rather than BUG'ing on "Unexpected object collision"
  * fscache cookie refcount updated incorrectly during fscache object allocation
    (LP: #1776277) // fscache cookie refcount updated incorrectly during fscache
    object allocation (LP: #1776277)
    - fscache: Fix reference overput in fscache_attach_object() error handling
  * FS-Cache: Assertion failed: FS-Cache: 6 == 5 is false (LP: #1774336)
    - Revert "UBUNTU: SAUCE: CacheFiles: fix a read_waiter/read_copier race"
    - fscache: Allow cancelled operations to be enqueued
    - cachefiles: Fix refcounting bug in backing-file read monitoring
  * SMB3: Fix regression in server reconnect detection (LP: #1786110)
    - smb3: on reconnect set PreviousSessionId field
  * CVE-2018-1118
    - vhost: fix info leak due to uninitialized memory

 -- Kleber Sacilotto de Souza <email address hidden>  Tue, 28 Aug 2018 15:03:33 +0200
Superseded in cosmic-release on 2018-09-24
Deleted in cosmic-proposed (Reason: moved to release)
Superseded in bionic-security on 2018-09-11
Superseded in bionic-updates on 2018-09-11
Deleted in bionic-proposed (Reason: moved to -updates)
linux-oem (4.15.0-1017.20) bionic; urgency=medium

  * linux-oem: 4.15.0-1017.20 -proposed tracker (LP: #1787544)

  * Bluetooth: Redpine: Bionics: L2test transfer is failed to start in Ubuntu
    18.04 (LP: #1781895)
    - SAUCE: Bluetooth: btrsi: fix l2test data transfer issue

  * [Redpine]  Upgrades to improve throughput and stability (LP: #1782070)
    - SAUCE: rsi: Fix for low throughput issue
    - SAUCE: rsi: Set wowlan flag while writing wowlan config parameters
    - SAUCE: rsi: Add debug support for wowlan wakeup confirmation
    - Bluetooth: btrsi: rework dependencies
    - rsi: fix error path handling in SDIO probe
    - rsi: Add null check for virtual interfaces in wowlan config
    - SAUCE: rsi: Fix for wowlan hibernate resume issue
    - SAUCE: rsi: Firmware assert (version 2)
    - SAUCE: rsi: Fix for WoWLAN wakeup in security mode.
    - SAUCE: rsi: Optimizing virtual interfaces
    - SAUCE: rsi: disable p2p device mode support

 -- Chia-Lin Kao (AceLan) <email address hidden>  Fri, 17 Aug 2018 15:53:57 +0800
Deleted in bionic-proposed on 2018-08-23 (Reason: NBS)
linux-oem (4.15.0-1016.19) bionic; urgency=medium

  * linux-oem: 4.15.0-1016.19 -proposed tracker (LP: #1787152)

  [ Ubuntu: 4.15.0-33.36 ]

  * linux: 4.15.0-33.36 -proposed tracker (LP: #1787149)
  * RTNL assertion failure on ipvlan (LP: #1776927)
    - ipvlan: drop ipv6 dependency
    - ipvlan: use per device spinlock to protect addrs list updates
    - SAUCE: fix warning from "ipvlan: drop ipv6 dependency"
  * ubuntu_bpf_jit test failed on Bionic s390x systems (LP: #1753941)
    - test_bpf: flag tests that cannot be jited on s390
  * HDMI/DP audio can't work on the laptop of Dell Latitude 5495 (LP: #1782689)
    - drm/nouveau: fix nouveau_dsm_get_client_id()'s return type
    - drm/radeon: fix radeon_atpx_get_client_id()'s return type
    - drm/amdgpu: fix amdgpu_atpx_get_client_id()'s return type
    - platform/x86: apple-gmux: fix gmux_get_client_id()'s return type
    - ALSA: hda: use PCI_BASE_CLASS_DISPLAY to replace PCI_CLASS_DISPLAY_VGA
    - vga_switcheroo: set audio client id according to bound GPU id
  * locking sockets broken due to missing AppArmor socket mediation patches
    (LP: #1780227)
    - UBUNTU SAUCE: apparmor: fix apparmor mediating locking non-fs, unix sockets
  * Update2 for ocxl driver (LP: #1781436)
    - ocxl: Fix page fault handler in case of fault on dying process
  * netns: unable to follow an interface that moves to another netns
    (LP: #1774225)
    - net: core: Expose number of link up/down transitions
    - dev: always advertise the new nsid when the netns iface changes
    - dev: advertise the new ifindex when the netns iface changes
  * [Bionic] Disk IO hangs when using BFQ as io scheduler (LP: #1780066)
    - block, bfq: fix occurrences of request finish method's old name
    - block, bfq: remove batches of confusing ifdefs
    - block, bfq: add requeue-request hook
  * HP ProBook 455 G5 needs mute-led-gpio fixup (LP: #1781763)
    - ALSA: hda: add mute led support for HP ProBook 455 G5
  * [Bionic] bug fixes to improve stability of the ThunderX2 i2c driver
    (LP: #1781476)
    - i2c: xlp9xx: Fix issue seen when updating receive length
    - i2c: xlp9xx: Make sure the transfer size is not more than
      I2C_SMBUS_BLOCK_SIZE
  * x86/kvm: fix LAPIC timer drift when guest uses periodic mode (LP: #1778486)
    - x86/kvm: fix LAPIC timer drift when guest uses periodic mode
  * Please include ax88179_178a and r8152 modules in d-i udeb (LP: #1771823)
    - [Config:] d-i: Add ax88179_178a and r8152 to nic-modules
  * Nvidia fails after switching its mode (LP: #1778658)
    - PCI: Restore config space on runtime resume despite being unbound
  * Kernel error "task zfs:pid blocked for more than 120 seconds" (LP: #1781364)
    - SAUCE: (noup) zfs to 0.7.5-1ubuntu16.3
  * CVE-2018-12232
    - PATCH 1/1] socket: close race condition between sock_close() and
      sockfs_setattr()
  * CVE-2018-10323
    - xfs: set format back to extents if xfs_bmap_extents_to_btree
  * change front mic location for more lenovo m7/8/9xx machines (LP: #1781316)
    - ALSA: hda/realtek - Fix the problem of two front mics on more machines
    - ALSA: hda/realtek - two more lenovo models need fixup of MIC_LOCATION
  * Cephfs + fscache: unable to handle kernel NULL pointer dereference at
    0000000000000000 IP: jbd2__journal_start+0x22/0x1f0 (LP: #1783246)
    - ceph: track read contexts in ceph_file_info
  * Touchpad of ThinkPad P52 failed to work with message "lost sync at byte"
    (LP: #1779802)
    - Input: elantech - fix V4 report decoding for module with middle key
    - Input: elantech - enable middle button of touchpads on ThinkPad P52
  * xhci_hcd 0000:00:14.0: Root hub is not suspended (LP: #1779823)
    - usb: xhci: dbc: Fix lockdep warning
    - usb: xhci: dbc: Don't decrement runtime PM counter if DBC is not started
  * CVE-2018-13406
    - video: uvesafb: Fix integer overflow in allocation
  * CVE-2018-10840
    - ext4: correctly handle a zero-length xattr with a non-zero e_value_offs
  * CVE-2018-11412
    - ext4: do not allow external inodes for inline data
  * CVE-2018-10881
    - ext4: clear i_data in ext4_inode_info when removing inline data
  * CVE-2018-12233
    - jfs: Fix inconsistency between memory allocation and ea_buf->max_size
  * CVE-2018-12904
    - kvm: nVMX: Enforce cpl=0 for VMX instructions
  * Error parsing PCC subspaces from PCCT (LP: #1528684)
    - mailbox: PCC: erroneous error message when parsing ACPI PCCT
  * CVE-2018-13094
    - xfs: don't call xfs_da_shrink_inode with NULL bp
  * other users' coredumps can be read via setgid directory and killpriv bypass
    (LP: #1779923) // CVE-2018-13405
    - Fix up non-directory creation in SGID directories
  * Invoking obsolete 'firmware_install' target breaks snap build (LP: #1782166)
    - snapcraft.yaml: stop invoking the obsolete (and non-existing)
      'firmware_install' target
  * snapcraft.yaml: missing ubuntu-retpoline-extract-one script breaks the build
    (LP: #1782116)
    - snapcraft.yaml: copy retpoline-extract-one to scripts before build
  * Allow Raven Ridge's audio controller to be runtime suspended (LP: #1782540)
    - ALSA: hda: Add AZX_DCAPS_PM_RUNTIME for AMD Raven Ridge
  * CVE-2018-11506
    - sr: pass down correctly sized SCSI sense buffer
  * Bionic update: upstream stable patchset 2018-07-24 (LP: #1783418)
    - net: Fix a bug in removing queues from XPS map
    - net/mlx4_core: Fix error handling in mlx4_init_port_info.
    - net/sched: fix refcnt leak in the error path of tcf_vlan_init()
    - net: sched: red: avoid hashing NULL child
    - net/smc: check for missing nlattrs in SMC_PNETID messages
    - net: test tailroom before appending to linear skb
    - packet: in packet_snd start writing at link layer allocation
    - sock_diag: fix use-after-free read in __sk_free
    - tcp: purge write queue in tcp_connect_init()
    - vmxnet3: set the DMA mask before the first DMA map operation
    - vmxnet3: use DMA memory barriers where required
    - hv_netvsc: empty current transmit aggregation if flow blocked
    - hv_netvsc: Use the num_online_cpus() for channel limit
    - hv_netvsc: avoid retry on send during shutdown
    - hv_netvsc: only wake transmit queue if link is up
    - hv_netvsc: fix error unwind handling if vmbus_open fails
    - hv_netvsc: cancel subchannel setup before halting device
    - hv_netvsc: fix race in napi poll when rescheduling
    - hv_netvsc: defer queue selection to VF
    - hv_netvsc: disable NAPI before channel close
    - hv_netvsc: use RCU to fix concurrent rx and queue changes
    - hv_netvsc: change GPAD teardown order on older versions
    - hv_netvsc: common detach logic
    - hv_netvsc: Use Windows version instead of NVSP version on GPAD teardown
    - hv_netvsc: Split netvsc_revoke_buf() and netvsc_teardown_gpadl()
    - hv_netvsc: Ensure correct teardown message sequence order
    - hv_netvsc: Fix a network regression after ifdown/ifup
    - sparc: vio: use put_device() instead of kfree()
    - ext2: fix a block leak
    - s390: add assembler macros for CPU alternatives
    - s390: move expoline assembler macros to a header
    - s390/crc32-vx: use expoline for indirect branches
    - s390/lib: use expoline for indirect branches
    - s390/ftrace: use expoline for indirect branches
    - s390/kernel: use expoline for indirect branches
    - s390: move spectre sysfs attribute code
    - s390: extend expoline to BC instructions
    - s390: use expoline thunks in the BPF JIT
    - scsi: sg: allocate with __GFP_ZERO in sg_build_indirect()
    - scsi: zfcp: fix infinite iteration on ERP ready list
    - loop: don't call into filesystem while holding lo_ctl_mutex
    - loop: fix LOOP_GET_STATUS lock imbalance
    - cfg80211: limit wiphy names to 128 bytes
    - hfsplus: stop workqueue when fill_super() failed
    - x86/kexec: Avoid double free_page() upon do_kexec_load() failure
    - usb: gadget: f_uac2: fix bFirstInterface in composite gadget
    - usb: dwc3: Undo PHY init if soft reset fails
    - usb: dwc3: omap: don't miss events during suspend/resume
    - usb: gadget: core: Fix use-after-free of usb_request
    - usb: gadget: fsl_udc_core: fix ep valid checks
    - usb: dwc2: Fix dwc2_hsotg_core_init_disconnected()
    - usb: cdc_acm: prevent race at write to acm while system resumes
    - net: usbnet: fix potential deadlock on 32bit hosts
    - ARM: dts: imx7d-sdb: Fix regulator-usb-otg2-vbus node name
    - usb: host: xhci-plat: revert "usb: host: xhci-plat: enable clk in resume
      timing"
    - USB: OHCI: Fix NULL dereference in HCDs using HCD_LOCAL_MEM
    - net/usb/qmi_wwan.c: Add USB id for lt4120 modem
    - net-usb: add qmi_wwan if on lte modem wistron neweb d18q1
    - Bluetooth: btusb: Add USB ID 7392:a611 for Edimax EW-7611ULB
    - ALSA: usb-audio: Add native DSD support for Luxman DA-06
    - usb: dwc3: Add SoftReset PHY synchonization delay
    - usb: dwc3: Update DWC_usb31 GTXFIFOSIZ reg fields
    - usb: dwc3: Makefile: fix link error on randconfig
    - xhci: zero usb device slot_id member when disabling and freeing a xhci slot
    - usb: dwc2: Fix interval type issue
    - usb: dwc2: hcd: Fix host channel halt flow
    - usb: dwc2: host: Fix transaction errors in host mode
    - usb: gadget: ffs: Let setup() return USB_GADGET_DELAYED_STATUS
    - usb: gadget: ffs: Execute copy_to_user() with USER_DS set
    - usbip: Correct maximum value of CONFIG_USBIP_VHCI_HC_PORTS
    - usb: gadget: udc: change comparison to bitshift when dealing with a mask
    - usb: gadget: composite: fix incorrect handling of OS desc requests
    - media: lgdt3306a: Fix module count mismatch on usb unplug
    - media: em28xx: USB bulk packet size fix
    - Bluetooth: btusb: Add device ID for RTL8822BE
    - xhci: Show what USB release number the xHC supports from protocol capablity
    - staging: bcm2835-audio: Release resources on module_exit()
    - staging: lustre: fix bug in osc_enter_cache_try
    - staging: fsl-dpaa2/eth: Fix incorrect casts
    - staging: rtl8192u: return -ENOMEM on failed allocation of priv->oldaddr
    - staging: ks7010: Use constants from ieee80211_eid instead of literal ints.
    - staging: lustre: lmv: correctly iput lmo_root
    - crypto: inside-secure - wait for the request to complete if in the backlog
    - crypto: atmel-aes - fix the keys zeroing on errors
    - crypto: ccp - don't disable interrupts while setting up debugfs
    - crypto: inside-secure - do not process request if no command was issued
    - crypto: inside-secure - fix the cache_len computation
    - crypto: inside-secure - fix the extra cache computation
    - crypto: sunxi-ss - Add MODULE_ALIAS to sun4i-ss
    - crypto: inside-secure - fix the invalidation step during cra_exit
    - scsi: mpt3sas: fix an out of bound write
    - scsi: ufs: Enable quirk to ignore sending WRITE_SAME command
    - scsi: bnx2fc: Fix check in SCSI completion handler for timed out request
    - scsi: sym53c8xx_2: iterator underflow in sym_getsync()
    - scsi: mptfusion: Add bounds check in mptctl_hp_targetinfo()
    - scsi: qla2xxx: Avoid triggering undefined behavior in
      qla2x00_mbx_completion()
    - scsi: storvsc: Increase cmd_per_lun for higher speed devices
    - scsi: qedi: Fix truncation of CHAP name and secret
    - scsi: aacraid: fix shutdown crash when init fails
    - scsi: qla4xxx: skip error recovery in case of register disconnect.
    - scsi: qedi: Fix kernel crash during port toggle
    - scsi: mpt3sas: Do not mark fw_event workqueue as WQ_MEM_RECLAIM
    - scsi: sd: Keep disk read-only when re-reading partition
    - scsi: iscsi_tcp: set BDI_CAP_STABLE_WRITES when data digest enabled
    - scsi: aacraid: Insure command thread is not recursively stopped
    - scsi: core: Make SCSI Status CONDITION MET equivalent to GOOD
    - scsi: mvsas: fix wrong endianness of sgpio api
    - ASoC: hdmi-codec: Fix module unloading caused kernel crash
    - ASoC: rockchip: rk3288-hdmi-analog: Select needed codecs
    - ASoC: samsung: odroid: Fix 32000 sample rate handling
    - ASoC: topology: create TLV data for dapm widgets
    - ASoC: samsung: i2s: Ensure the RCLK rate is properly determined
    - clk: rockchip: Fix wrong parent for SDMMC phase clock for rk3228
    - clk: Don't show the incorrect clock phase
    - clk: hisilicon: mark wdt_mux_p[] as const
    - clk: tegra: Fix pll_u rate configuration
    - clk: rockchip: Prevent calculating mmc phase if clock rate is zero
    - clk: samsung: s3c2410: Fix PLL rates
    - clk: samsung: exynos7: Fix PLL rates
    - clk: samsung: exynos5260: Fix PLL rates
    - clk: samsung: exynos5433: Fix PLL rates
    - clk: samsung: exynos5250: Fix PLL rates
    - clk: samsung: exynos3250: Fix PLL rates
    - media: dmxdev: fix error code for invalid ioctls
    - media: Don't let tvp5150_get_vbi() go out of vbi_ram_default array
    - media: ov5645: add missing of_node_put() in error path
    - media: cx23885: Override 888 ImpactVCBe crystal frequency
    - media: cx23885: Set subdev host data to clk_freq pointer
    - media: s3c-camif: fix out-of-bounds array access
    - media: lgdt3306a: Fix a double kfree on i2c device remove
    - media: em28xx: Add Hauppauge SoloHD/DualHD bulk models
    - media: v4l: vsp1: Fix display stalls when requesting too many inputs
    - media: i2c: adv748x: fix HDMI field heights
    - media: vb2: Fix videobuf2 to map correct area
    - media: vivid: fix incorrect capabilities for radio
    - media: cx25821: prevent out-of-bounds read on array card
    - serial: xuartps: Fix out-of-bounds access through DT alias
    - serial: sh-sci: Fix out-of-bounds access through DT alias
    - serial: samsung: Fix out-of-bounds access through serial port index
    - serial: mxs-auart: Fix out-of-bounds access through serial port index
    - serial: imx: Fix out-of-bounds access through serial port index
    - serial: fsl_lpuart: Fix out-of-bounds access through DT alias
    - serial: arc_uart: Fix out-of-bounds access through DT alias
    - serial: 8250: Don't service RX FIFO if interrupts are disabled
    - serial: altera: ensure port->regshift is honored consistently
    - rtc: snvs: Fix usage of snvs_rtc_enable
    - rtc: hctosys: Ensure system time doesn't overflow time_t
    - rtc: rk808: fix possible race condition
    - rtc: m41t80: fix race conditions
    - rtc: tx4939: avoid unintended sign extension on a 24 bit shift
    - rtc: rp5c01: fix possible race condition
    - rtc: goldfish: Add missing MODULE_LICENSE
    - cxgb4: Correct ntuple mask validation for hash filters
    - net: dsa: bcm_sf2: Fix RX_CLS_LOC_ANY overwrite for last rule
    - net: dsa: Do not register devlink for unused ports
    - net: dsa: bcm_sf2: Fix IPv6 rules and chain ID
    - net: dsa: bcm_sf2: Fix IPv6 rule half deletion
    - 3c59x: convert to generic DMA API
    - net: ip6_gre: Request headroom in __gre6_xmit()
    - net: ip6_gre: Split up ip6gre_tnl_link_config()
    - net: ip6_gre: Split up ip6gre_tnl_change()
    - net: ip6_gre: Split up ip6gre_newlink()
    - net: ip6_gre: Split up ip6gre_changelink()
    - qed: LL2 flush isles when connection is closed
    - qed: Fix possibility of list corruption during rmmod flows
    - qed: Fix LL2 race during connection terminate
    - powerpc: Move default security feature flags
    - Bluetooth: btusb: Add support for Intel Bluetooth device 22560 [8087:0026]
    - staging: fsl-dpaa2/eth: Fix incorrect kfree
    - crypto: inside-secure - move the digest to the request context
    - scsi: lpfc: Fix NVME Initiator FirstBurst
    - serial: mvebu-uart: fix tx lost characters
  * Bionic update: upstream stable patchset 2018-07-20 (LP: #1782846)
    - usbip: usbip_host: refine probe and disconnect debug msgs to be useful
    - usbip: usbip_host: delete device from busid_table after rebind
    - usbip: usbip_host: run rebind from exit when module is removed
    - usbip: usbip_host: fix NULL-ptr deref and use-after-free errors
    - usbip: usbip_host: fix bad unlock balance during stub_probe()
    - ALSA: usb: mixer: volume quirk for CM102-A+/102S+
    - ALSA: hda: Add Lenovo C50 All in one to the power_save blacklist
    - ALSA: control: fix a redundant-copy issue
    - spi: pxa2xx: Allow 64-bit DMA
    - spi: bcm-qspi: Avoid setting MSPI_CDRAM_PCS for spi-nor master
    - spi: bcm-qspi: Always read and set BSPI_MAST_N_BOOT_CTRL
    - KVM: arm/arm64: VGIC/ITS save/restore: protect kvm_read_guest() calls
    - KVM: arm/arm64: VGIC/ITS: protect kvm_read_guest() calls with SRCU lock
    - vfio: ccw: fix cleanup if cp_prefetch fails
    - tracing/x86/xen: Remove zero data size trace events
      trace_xen_mmu_flush_tlb{_all}
    - tee: shm: fix use-after-free via temporarily dropped reference
    - netfilter: nf_tables: free set name in error path
    - netfilter: nf_tables: can't fail after linking rule into active rule list
    - netfilter: nf_socket: Fix out of bounds access in nf_sk_lookup_slow_v{4,6}
    - i2c: designware: fix poll-after-enable regression
    - powerpc/powernv: Fix NVRAM sleep in invalid context when crashing
    - drm: Match sysfs name in link removal to link creation
    - lib/test_bitmap.c: fix bitmap optimisation tests to report errors correctly
    - radix tree: fix multi-order iteration race
    - mm: don't allow deferred pages with NEED_PER_CPU_KM
    - drm/i915/gen9: Add WaClearHIZ_WM_CHICKEN3 for bxt and glk
    - s390/qdio: fix access to uninitialized qdio_q fields
    - s390/qdio: don't release memory in qdio_setup_irq()
    - s390: remove indirect branch from do_softirq_own_stack
    - x86/pkeys: Override pkey when moving away from PROT_EXEC
    - x86/pkeys: Do not special case protection key 0
    - efi: Avoid potential crashes, fix the 'struct efi_pci_io_protocol_32'
      definition for mixed mode
    - ARM: 8771/1: kprobes: Prohibit kprobes on do_undefinstr
    - x86/mm: Drop TS_COMPAT on 64-bit exec() syscall
    - tick/broadcast: Use for_each_cpu() specially on UP kernels
    - ARM: 8769/1: kprobes: Fix to use get_kprobe_ctlblk after irq-disabed
    - ARM: 8770/1: kprobes: Prohibit probing on optimized_callback
    - ARM: 8772/1: kprobes: Prohibit kprobes on get_user functions
    - Btrfs: fix xattr loss after power failure
    - Btrfs: send, fix invalid access to commit roots due to concurrent
      snapshotting
    - btrfs: property: Set incompat flag if lzo/zstd compression is set
    - btrfs: fix crash when trying to resume balance without the resume flag
    - btrfs: Split btrfs_del_delalloc_inode into 2 functions
    - btrfs: Fix delalloc inodes invalidation during transaction abort
    - btrfs: fix reading stale metadata blocks after degraded raid1 mounts
    - xhci: Fix USB3 NULL pointer dereference at logical disconnect.
    - KVM: arm/arm64: Properly protect VGIC locks from IRQs
    - KVM: arm/arm64: VGIC/ITS: Promote irq_lock() in update_affinity
    - hwmon: (k10temp) Fix reading critical temperature register
    - hwmon: (k10temp) Use API function to access System Management Network
    - vsprintf: Replace memory barrier with static_key for random_ptr_key update
    - x86/amd_nb: Add support for Raven Ridge CPUs
    - x86/apic/x2apic: Initialize cluster ID properly
  * Bionic update: upstream stable patchset 2018-07-09 (LP: #1780858)
    - 8139too: Use disable_irq_nosync() in rtl8139_poll_controller()
    - bridge: check iface upper dev when setting master via ioctl
    - dccp: fix tasklet usage
    - ipv4: fix fnhe usage by non-cached routes
    - ipv4: fix memory leaks in udp_sendmsg, ping_v4_sendmsg
    - llc: better deal with too small mtu
    - net: ethernet: sun: niu set correct packet size in skb
    - net: ethernet: ti: cpsw: fix packet leaking in dual_mac mode
    - net/mlx4_en: Fix an error handling path in 'mlx4_en_init_netdev()'
    - net/mlx4_en: Verify coalescing parameters are in range
    - net/mlx5e: Err if asked to offload TC match on frag being first
    - net/mlx5: E-Switch, Include VF RDMA stats in vport statistics
    - net sched actions: fix refcnt leak in skbmod
    - net_sched: fq: take care of throttled flows before reuse
    - net: support compat 64-bit time in {s,g}etsockopt
    - net/tls: Don't recursively call push_record during tls_write_space callbacks
    - net/tls: Fix connection stall on partial tls record
    - openvswitch: Don't swap table in nlattr_set() after OVS_ATTR_NESTED is found
    - qmi_wwan: do not steal interfaces from class drivers
    - r8169: fix powering up RTL8168h
    - rds: do not leak kernel memory to user land
    - sctp: delay the authentication for the duplicated cookie-echo chunk
    - sctp: fix the issue that the cookie-ack with auth can't get processed
    - sctp: handle two v4 addrs comparison in sctp_inet6_cmp_addr
    - sctp: remove sctp_chunk_put from fail_mark err path in
      sctp_ulpevent_make_rcvmsg
    - sctp: use the old asoc when making the cookie-ack chunk in dupcook_d
    - tcp_bbr: fix to zero idle_restart only upon S/ACKed data
    - tcp: ignore Fast Open on repair mode
    - tg3: Fix vunmap() BUG_ON() triggered from tg3_free_consistent().
    - bonding: do not allow rlb updates to invalid mac
    - bonding: send learning packets for vlans on slave
    - net: sched: fix error path in tcf_proto_create() when modules are not
      configured
    - net/mlx5e: TX, Use correct counter in dma_map error flow
    - net/mlx5: Avoid cleaning flow steering table twice during error flow
    - hv_netvsc: set master device
    - ipv6: fix uninit-value in ip6_multipath_l3_keys()
    - net/mlx5e: Allow offloading ipv4 header re-write for icmp
    - nsh: fix infinite loop
    - udp: fix SO_BINDTODEVICE
    - l2tp: revert "l2tp: fix missing print session offset info"
    - proc: do not access cmdline nor environ from file-backed areas
    - net/smc: restrict non-blocking connect finish
    - mlxsw: spectrum_switchdev: Do not remove mrouter port from MDB's ports list
    - net/mlx5e: DCBNL fix min inline header size for dscp
    - net: systemport: Correclty disambiguate driver instances
    - sctp: clear the new asoc's stream outcnt in sctp_stream_update
    - tcp: restore autocorking
    - tipc: fix one byte leak in tipc_sk_set_orig_addr()
    - hv_netvsc: Fix net device attach on older Windows hosts
  * Bionic update: upstream stable patchset 2018-07-06 (LP: #1780499)
    - ext4: prevent right-shifting extents beyond EXT_MAX_BLOCKS
    - ipvs: fix rtnl_lock lockups caused by start_sync_thread
    - netfilter: ebtables: don't attempt to allocate 0-sized compat array
    - kcm: Call strp_stop before strp_done in kcm_attach
    - crypto: af_alg - fix possible uninit-value in alg_bind()
    - netlink: fix uninit-value in netlink_sendmsg
    - net: fix rtnh_ok()
    - net: initialize skb->peeked when cloning
    - net: fix uninit-value in __hw_addr_add_ex()
    - dccp: initialize ireq->ir_mark
    - ipv4: fix uninit-value in ip_route_output_key_hash_rcu()
    - soreuseport: initialise timewait reuseport field
    - inetpeer: fix uninit-value in inet_getpeer
    - memcg: fix per_node_info cleanup
    - perf: Remove superfluous allocation error check
    - tcp: fix TCP_REPAIR_QUEUE bound checking
    - bdi: wake up concurrent wb_shutdown() callers.
    - bdi: Fix oops in wb_workfn()
    - gpioib: do not free unrequested descriptors
    - gpio: fix aspeed_gpio unmask irq
    - gpio: fix error path in lineevent_create
    - rfkill: gpio: fix memory leak in probe error path
    - libata: Apply NOLPM quirk for SanDisk SD7UB3Q*G1001 SSDs
    - dm integrity: use kvfree for kvmalloc'd memory
    - tracing: Fix regex_match_front() to not over compare the test string
    - z3fold: fix reclaim lock-ups
    - mm: sections are not offlined during memory hotremove
    - mm, oom: fix concurrent munlock and oom reaper unmap, v3
    - ceph: fix rsize/wsize capping in ceph_direct_read_write()
    - can: kvaser_usb: Increase correct stats counter in kvaser_usb_rx_can_msg()
    - can: hi311x: Acquire SPI lock on ->do_get_berr_counter
    - can: hi311x: Work around TX complete interrupt erratum
    - drm/vc4: Fix scaling of uni-planar formats
    - drm/i915: Fix drm:intel_enable_lvds ERROR message in kernel log
    - drm/atomic: Clean old_state/new_state in drm_atomic_state_default_clear()
    - drm/atomic: Clean private obj old_state/new_state in
      drm_atomic_state_default_clear()
    - net: atm: Fix potential Spectre v1
    - atm: zatm: Fix potential Spectre v1
    - cpufreq: schedutil: Avoid using invalid next_freq
    - Revert "Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174"
    - Bluetooth: btusb: Only check needs_reset_resume DMI table for QCA rome
      chipsets
    - thermal: exynos: Reading temperature makes sense only when TMU is turned on
    - thermal: exynos: Propagate error value from tmu_read()
    - nvme: add quirk to force medium priority for SQ creation
    - smb3: directory sync should not return an error
    - sched/autogroup: Fix possible Spectre-v1 indexing for sched_prio_to_weight[]
    - tracing/uprobe_event: Fix strncpy corner case
    - perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_*
    - perf/x86/cstate: Fix possible Spectre-v1 indexing for pkg_msr
    - perf/x86/msr: Fix possible Spectre-v1 indexing in the MSR driver
    - perf/core: Fix possible Spectre-v1 indexing for ->aux_pages[]
    - perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map()
    - i2c: dev: prevent ZERO_SIZE_PTR deref in i2cdev_ioctl_rdwr()
    - bdi: Fix use after free bug in debugfs_remove()
    - drm/ttm: Use GFP_TRANSHUGE_LIGHT for allocating huge pages
    - drm/i915: Adjust eDP's logical vco in a reliable place.
    - drm/nouveau/ttm: don't dereference nvbo::cli, it can outlive client
    - sched/core: Fix possible Spectre-v1 indexing for sched_prio_to_weight[]
  * Bionic update: upstream stable patchset 2018-06-26 (LP: #1778759)
    - percpu: include linux/sched.h for cond_resched()
    - ACPI / button: make module loadable when booted in non-ACPI mode
    - USB: serial: option: Add support for Quectel EP06
    - ALSA: hda - Fix incorrect usage of IS_REACHABLE()
    - ALSA: pcm: Check PCM state at xfern compat ioctl
    - ALSA: seq: Fix races at MIDI encoding in snd_virmidi_output_trigger()
    - ALSA: dice: fix kernel NULL pointer dereference due to invalid calculation
      for array index
    - ALSA: aloop: Mark paused device as inactive
    - ALSA: aloop: Add missing cable lock to ctl API callbacks
    - tracepoint: Do not warn on ENOMEM
    - scsi: target: Fix fortify_panic kernel exception
    - Input: leds - fix out of bound access
    - Input: atmel_mxt_ts - add touchpad button mapping for Samsung Chromebook Pro
    - rtlwifi: btcoex: Add power_on_setting routine
    - rtlwifi: cleanup 8723be ant_sel definition
    - xfs: prevent creating negative-sized file via INSERT_RANGE
    - RDMA/cxgb4: release hw resources on device removal
    - RDMA/ucma: Allow resolving address w/o specifying source address
    - RDMA/mlx5: Fix multiple NULL-ptr deref errors in rereg_mr flow
    - RDMA/mlx5: Protect from shift operand overflow
    - NET: usb: qmi_wwan: add support for ublox R410M PID 0x90b2
    - IB/mlx5: Use unlimited rate when static rate is not supported
    - IB/hfi1: Fix handling of FECN marked multicast packet
    - IB/hfi1: Fix loss of BECN with AHG
    - IB/hfi1: Fix NULL pointer dereference when invalid num_vls is used
    - iw_cxgb4: Atomically flush per QP HW CQEs
    - drm/vmwgfx: Fix a buffer object leak
    - drm/bridge: vga-dac: Fix edid memory leak
    - test_firmware: fix setting old custom fw path back on exit, second try
    - errseq: Always report a writeback error once
    - USB: serial: visor: handle potential invalid device configuration
    - usb: dwc3: gadget: Fix list_del corruption in dwc3_ep_dequeue
    - USB: Accept bulk endpoints with 1024-byte maxpacket
    - USB: serial: option: reimplement interface masking
    - USB: serial: option: adding support for ublox R410M
    - usb: musb: host: fix potential NULL pointer dereference
    - usb: musb: trace: fix NULL pointer dereference in musb_g_tx()
    - platform/x86: asus-wireless: Fix NULL pointer dereference
    - irqchip/qcom: Fix check for spurious interrupts
    - tracing: Fix bad use of igrab in trace_uprobe.c
    - [Config] CONFIG_ARM64_ERRATUM_1024718=y
    - arm64: Add work around for Arm Cortex-A55 Erratum 1024718
    - Input: atmel_mxt_ts - add touchpad button mapping for Samsung Chromebook Pro
    - infiniband: mlx5: fix build errors when INFINIBAND_USER_ACCESS=m
    - btrfs: Take trans lock before access running trans in check_delayed_ref
    - drm/vc4: Make sure vc4_bo_{inc,dec}_usecnt() calls are balanced
    - xhci: Fix use-after-free in xhci_free_virt_device
    - platform/x86: Kconfig: Fix dell-laptop dependency chain.
    - KVM: x86: remove APIC Timer periodic/oneshot spikes
    - clocksource: Allow clocksource_mark_unstable() on unregistered clocksources
    - clocksource: Initialize cs->wd_list
    - clocksource: Consistent de-rate when marking unstable
  * Bionic update: upstream stable patchset 2018-06-22 (LP: #1778265)
    - ext4: set h_journal if there is a failure starting a reserved handle
    - ext4: add MODULE_SOFTDEP to ensure crc32c is included in the initramfs
    - ext4: add validity checks for bitmap block numbers
    - ext4: fix bitmap position validation
    - random: fix possible sleeping allocation from irq context
    - random: rate limit unseeded randomness warnings
    - usbip: usbip_event: fix to not print kernel pointer address
    - usbip: usbip_host: fix to hold parent lock for device_attach() calls
    - usbip: vhci_hcd: Fix usb device and sockfd leaks
    - usbip: vhci_hcd: check rhport before using in vhci_hub_control()
    - Revert "xhci: plat: Register shutdown for xhci_plat"
    - USB: serial: simple: add libtransistor console
    - USB: serial: ftdi_sio: use jtag quirk for Arrow USB Blaster
    - USB: serial: cp210x: add ID for NI USB serial console
    - usb: core: Add quirk for HP v222w 16GB Mini
    - USB: Increment wakeup count on remote wakeup.
    - ALSA: usb-audio: Skip broken EU on Dell dock USB-audio
    - virtio: add ability to iterate over vqs
    - virtio_console: don't tie bufs to a vq
    - virtio_console: free buffers after reset
    - virtio_console: drop custom control queue cleanup
    - virtio_console: move removal code
    - virtio_console: reset on out of memory
    - drm/virtio: fix vq wait_event condition
    - tty: Don't call panic() at tty_ldisc_init()
    - tty: n_gsm: Fix long delays with control frame timeouts in ADM mode
    - tty: n_gsm: Fix DLCI handling for ADM mode if debug & 2 is not set
    - tty: Avoid possible error pointer dereference at tty_ldisc_restore().
    - tty: Use __GFP_NOFAIL for tty_ldisc_get()
    - ALSA: dice: fix OUI for TC group
    - ALSA: dice: fix error path to destroy initialized stream data
    - ALSA: hda - Skip jack and others for non-existing PCM streams
    - ALSA: opl3: Hardening for potential Spectre v1
    - ALSA: asihpi: Hardening for potential Spectre v1
    - ALSA: hdspm: Hardening for potential Spectre v1
    - ALSA: rme9652: Hardening for potential Spectre v1
    - ALSA: control: Hardening for potential Spectre v1
    - ALSA: pcm: Return negative delays from SNDRV_PCM_IOCTL_DELAY.
    - ALSA: core: Report audio_tstamp in snd_pcm_sync_ptr
    - ALSA: seq: oss: Fix unbalanced use lock for synth MIDI device
    - ALSA: seq: oss: Hardening for potential Spectre v1
    - ALSA: hda: Hardening for potential Spectre v1
    - ALSA: hda/realtek - Add some fixes for ALC233
    - ALSA: hda/realtek - Update ALC255 depop optimize
    - ALSA: hda/realtek - change the location for one of two front mics
    - mtd: spi-nor: cadence-quadspi: Fix page fault kernel panic
    - mtd: cfi: cmdset_0001: Do not allow read/write to suspend erase block.
    - mtd: cfi: cmdset_0001: Workaround Micron Erase suspend bug.
    - mtd: cfi: cmdset_0002: Do not allow read/write to suspend erase block.
    - mtd: rawnand: tango: Fix struct clk memory leak
    - kobject: don't use WARN for registration failures
    - scsi: sd: Defer spinning up drive while SANITIZE is in progress
    - bfq-iosched: ensure to clear bic/bfqq pointers when preparing request
    - vfio: ccw: process ssch with interrupts disabled
    - ANDROID: binder: prevent transactions into own process.
    - PCI: aardvark: Fix logic in advk_pcie_{rd,wr}_conf()
    - PCI: aardvark: Set PIO_ADDR_LS correctly in advk_pcie_rd_conf()
    - PCI: aardvark: Use ISR1 instead of ISR0 interrupt in legacy irq mode
    - PCI: aardvark: Fix PCIe Max Read Request Size setting
    - ARM: amba: Make driver_override output consistent with other buses
    - ARM: amba: Fix race condition with driver_override
    - ARM: amba: Don't read past the end of sysfs "driver_override" buffer
    - ARM: socfpga_defconfig: Remove QSPI Sector 4K size force
    - KVM: arm/arm64: Close VMID generation race
    - crypto: drbg - set freed buffers to NULL
    - ASoC: fsl_esai: Fix divisor calculation failure at lower ratio
    - libceph: un-backoff on tick when we have a authenticated session
    - libceph: reschedule a tick in finish_hunting()
    - libceph: validate con->state at the top of try_write()
    - fpga-manager: altera-ps-spi: preserve nCONFIG state
    - earlycon: Use a pointer table to fix __earlycon_table stride
    - drm/amdgpu: set COMPUTE_PGM_RSRC1 for SGPR/VGPR clearing shaders
    - drm/i915: Enable display WA#1183 from its correct spot
    - objtool, perf: Fix GCC 8 -Wrestrict error
    - tools/lib/subcmd/pager.c: do not alias select() params
    - x86/ipc: Fix x32 version of shmid64_ds and msqid64_ds
    - x86/smpboot: Don't use mwait_play_dead() on AMD systems
    - x86/microcode/intel: Save microcode patch unconditionally
    - x86/microcode: Do not exit early from __reload_late()
    - tick/sched: Do not mess with an enqueued hrtimer
    - arm/arm64: KVM: Add PSCI version selection API
    - powerpc/eeh: Fix race with driver un/bind
    - serial: mvebu-uart: Fix local flags handling on termios update
    - block: do not use interruptible wait anywhere
    - ASoC: dmic: Fix clock parenting
    - PCI / PM: Do not clear state_saved in pci_pm_freeze() when smart suspend is
      set
    - module: Fix display of wrong module .text address
    - drm/edid: Reset more of the display info
    - drm/i915/fbdev: Enable late fbdev initial configuration
    - drm/i915/audio: set minimum CD clock to twice the BCLK
    - drm/amd/display: Fix deadlock when flushing irq
    - drm/amd/display: Disallow enabling CRTC without primary plane with FB
  * Bionic update: upstream stable patchset 2018-06-22 (LP: #1778265) //
    CVE-2018-1108.
    - random: set up the NUMA crng instances after the CRNG is fully initialized
  * Ryzen/Raven Ridge USB ports do not work (LP: #1756700)
    - xhci: Fix USB ports for Dell Inspiron 5775
  * [Ubuntu 1804][boston][ixgbe] EEH causes kernel BUG at /build/linux-
    jWa1Fv/linux-4.15.0/drivers/pci/msi.c:352 (i2S) (LP: #1776389)
    - ixgbe/ixgbevf: Free IRQ when PCI error recovery removes the device
  * Need fix to aacraid driver to prevent panic (LP: #1770095)
    - scsi: aacraid: Correct hba_send to include iu_type
  * kernel: Fix arch random implementation (LP: #1775391)
    - s390/archrandom: Rework arch random implementation.
  * kernel: Fix memory leak on CCA and EP11 CPRB processing. (LP: #1775390)
    - s390/zcrypt: Fix CCA and EP11 CPRB processing failure memory leak.
  * Various fixes for CXL kernel module (LP: #1774471)
    - cxl: Remove function write_timebase_ctrl_psl9() for PSL9
    - cxl: Set the PBCQ Tunnel BAR register when enabling capi mode
    - cxl: Report the tunneled operations status
    - cxl: Configure PSL to not use APC virtual machines
    - cxl: Disable prefault_mode in Radix mode
  * Bluetooth not working (LP: #1764645)
    - Bluetooth: btusb: Apply QCA Rome patches for some ATH3012 models
  * linux-snapdragon: wcn36xx: mac address generation on boot (LP: #1776491)
    - [Config] arm64: snapdragon: WCN36XX_SNAPDRAGON_HACKS=y
    - SAUCE: wcn36xx: read MAC from file or randomly generate one
  * fscache: Fix hanging wait on page discarded by writeback (LP: #1777029)
    - fscache: Fix hanging wait on page discarded by writeback

  [ Ubuntu: 4.15.0-32.35 ]

  * CVE-2018-3620 // CVE-2018-3646
    - cpu: Fix per-cpu regression on ARM64

 -- Kleber Sacilotto de Souza <email address hidden>  Thu, 16 Aug 2018 13:55:00 +0200
Deleted in cosmic-proposed (Reason: NBS)
Superseded in bionic-security on 2018-08-27
Superseded in bionic-updates on 2018-08-27
Deleted in bionic-proposed (Reason: moved to -updates)
linux-oem (4.15.0-1015.18) bionic; urgency=medium

  [ Ubuntu: 4.15.0-32.34 ]

  * CVE-2018-5391
    - Revert "net: increase fragment memory usage limits"
  * CVE-2018-3620 // CVE-2018-3646
    - x86/Centaur: Initialize supported CPU features properly
    - x86/Centaur: Report correct CPU/cache topology
    - x86/CPU/AMD: Have smp_num_siblings and cpu_llc_id always be present
    - perf/events/amd/uncore: Fix amd_uncore_llc ID to use pre-defined cpu_llc_id
    - x86/CPU: Rename intel_cacheinfo.c to cacheinfo.c
    - x86/CPU/AMD: Calculate last level cache ID from number of sharing threads
    - x86/CPU: Modify detect_extended_topology() to return result
    - x86/CPU/AMD: Derive CPU topology from CPUID function 0xB when available
    - x86/CPU: Move cpu local function declarations to local header
    - x86/CPU: Make intel_num_cpu_cores() generic
    - x86/CPU: Move cpu_detect_cache_sizes() into init_intel_cacheinfo()
    - x86/CPU: Move x86_cpuinfo::x86_max_cores assignment to
      detect_num_cpu_cores()
    - x86/CPU/AMD: Fix LLC ID bit-shift calculation
    - x86/mm: Factor out pageattr _PAGE_GLOBAL setting
    - x86/mm: Undo double _PAGE_PSE clearing
    - x86/mm: Introduce "default" kernel PTE mask
    - x86/espfix: Document use of _PAGE_GLOBAL
    - x86/mm: Do not auto-massage page protections
    - x86/mm: Remove extra filtering in pageattr code
    - x86/mm: Comment _PAGE_GLOBAL mystery
    - x86/mm: Do not forbid _PAGE_RW before init for __ro_after_init
    - x86/ldt: Fix support_pte_mask filtering in map_ldt_struct()
    - x86/power/64: Fix page-table setup for temporary text mapping
    - x86/pti: Filter at vma->vm_page_prot population
    - x86/boot/64/clang: Use fixup_pointer() to access '__supported_pte_mask'
    - x86/speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT
    - x86/speculation/l1tf: Change order of offset/type in swap entry
    - x86/speculation/l1tf: Protect swap entries against L1TF
    - x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation
    - x86/speculation/l1tf: Make sure the first page is always reserved
    - x86/speculation/l1tf: Add sysfs reporting for l1tf
    - x86/speculation/l1tf: Disallow non privileged high MMIO PROT_NONE mappings
    - x86/speculation/l1tf: Limit swap file size to MAX_PA/2
    - x86/bugs: Move the l1tf function and define pr_fmt properly
    - sched/smt: Update sched_smt_present at runtime
    - x86/smp: Provide topology_is_primary_thread()
    - x86/topology: Provide topology_smt_supported()
    - cpu/hotplug: Make bringup/teardown of smp threads symmetric
    - cpu/hotplug: Split do_cpu_down()
    - cpu/hotplug: Provide knobs to control SMT
    - x86/cpu: Remove the pointless CPU printout
    - x86/cpu/AMD: Remove the pointless detect_ht() call
    - x86/cpu/common: Provide detect_ht_early()
    - x86/cpu/topology: Provide detect_extended_topology_early()
    - x86/cpu/intel: Evaluate smp_num_siblings early
    - x86/CPU/AMD: Do not check CPUID max ext level before parsing SMP info
    - x86/cpu/AMD: Evaluate smp_num_siblings early
    - x86/apic: Ignore secondary threads if nosmt=force
    - x86/speculation/l1tf: Extend 64bit swap file size limit
    - x86/cpufeatures: Add detection of L1D cache flush support.
    - x86/CPU/AMD: Move TOPOEXT reenablement before reading smp_num_siblings
    - x86/speculation/l1tf: Protect PAE swap entries against L1TF
    - x86/speculation/l1tf: Fix up pte->pfn conversion for PAE
    - Revert "x86/apic: Ignore secondary threads if nosmt=force"
    - cpu/hotplug: Boot HT siblings at least once
    - x86/KVM: Warn user if KVM is loaded SMT and L1TF CPU bug being present
    - x86/KVM/VMX: Add module argument for L1TF mitigation
    - x86/KVM/VMX: Add L1D flush algorithm
    - x86/KVM/VMX: Add L1D MSR based flush
    - x86/KVM/VMX: Add L1D flush logic
    - x86/KVM/VMX: Split the VMX MSR LOAD structures to have an host/guest numbers
    - x86/KVM/VMX: Add find_msr() helper function
    - x86/KVM/VMX: Separate the VMX AUTOLOAD guest/host number accounting
    - x86/KVM/VMX: Extend add_atomic_switch_msr() to allow VMENTER only MSRs
    - x86/KVM/VMX: Use MSR save list for IA32_FLUSH_CMD if required
    - cpu/hotplug: Online siblings when SMT control is turned on
    - x86/litf: Introduce vmx status variable
    - x86/kvm: Drop L1TF MSR list approach
    - x86/l1tf: Handle EPT disabled state proper
    - x86/kvm: Move l1tf setup function
    - x86/kvm: Add static key for flush always
    - x86/kvm: Serialize L1D flush parameter setter
    - x86/kvm: Allow runtime control of L1D flush
    - cpu/hotplug: Expose SMT control init function
    - cpu/hotplug: Set CPU_SMT_NOT_SUPPORTED early
    - x86/bugs, kvm: Introduce boot-time control of L1TF mitigations
    - Documentation: Add section about CPU vulnerabilities
    - x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED architectures
    - x86/KVM/VMX: Initialize the vmx_l1d_flush_pages' content
    - Documentation/l1tf: Fix typos
    - cpu/hotplug: detect SMT disabled by BIOS
    - x86/KVM/VMX: Don't set l1tf_flush_l1d to true from vmx_l1d_flush()
    - x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with 'vmx_l1d_flush_cond'
    - x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush()
    - x86/irq: Demote irq_cpustat_t::__softirq_pending to u16
    - x86/KVM/VMX: Introduce per-host-cpu analogue of l1tf_flush_l1d
    - x86: Don't include linux/irq.h from asm/hardirq.h
    - x86/irq: Let interrupt handlers set kvm_cpu_l1tf_flush_l1d
    - x86/KVM/VMX: Don't set l1tf_flush_l1d from vmx_handle_external_intr()
    - Documentation/l1tf: Remove Yonah processors from not vulnerable list
    - x86/speculation: Simplify sysfs report of VMX L1TF vulnerability
    - x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry
    - KVM: x86: Add a framework for supporting MSR-based features
    - KVM: X86: Introduce kvm_get_msr_feature()
    - KVM: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR
    - KVM: VMX: Tell the nested hypervisor to skip L1D flush on vmentry
    - cpu/hotplug: Fix SMT supported evaluation
    - x86/speculation/l1tf: Invert all not present mappings
    - x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert
    - x86/mm/pat: Make set_memory_np() L1TF safe

 -- Stefan Bader <email address hidden>  Fri, 10 Aug 2018 10:51:05 +0200
Deleted in bionic-proposed on 2018-08-17 (Reason: NBS)
linux-oem (4.15.0-1014.17) bionic; urgency=medium

  * linux-oem: 4.15.0-1014.17 -proposed tracker (LP: #1784284)

  [ Ubuntu: 4.15.0-31.33 ]

  * linux: 4.15.0-31.33 -proposed tracker (LP: #1784281)
  * ubuntu_bpf_jit test failed on Bionic s390x systems (LP: #1753941)
    - test_bpf: flag tests that cannot be jited on s390
  * HDMI/DP audio can't work on the laptop of Dell Latitude 5495 (LP: #1782689)
    - drm/nouveau: fix nouveau_dsm_get_client_id()'s return type
    - drm/radeon: fix radeon_atpx_get_client_id()'s return type
    - drm/amdgpu: fix amdgpu_atpx_get_client_id()'s return type
    - platform/x86: apple-gmux: fix gmux_get_client_id()'s return type
    - ALSA: hda: use PCI_BASE_CLASS_DISPLAY to replace PCI_CLASS_DISPLAY_VGA
    - vga_switcheroo: set audio client id according to bound GPU id
  * locking sockets broken due to missing AppArmor socket mediation patches
    (LP: #1780227)
    - UBUNTU SAUCE: apparmor: fix apparmor mediating locking non-fs, unix sockets
  * Update2 for ocxl driver (LP: #1781436)
    - ocxl: Fix page fault handler in case of fault on dying process
  * RTNL assertion failure on ipvlan (LP: #1776927)
    - ipvlan: drop ipv6 dependency
    - ipvlan: use per device spinlock to protect addrs list updates
  * netns: unable to follow an interface that moves to another netns
    (LP: #1774225)
    - net: core: Expose number of link up/down transitions
    - dev: always advertise the new nsid when the netns iface changes
    - dev: advertise the new ifindex when the netns iface changes
  * [Bionic] Disk IO hangs when using BFQ as io scheduler (LP: #1780066)
    - block, bfq: fix occurrences of request finish method's old name
    - block, bfq: remove batches of confusing ifdefs
    - block, bfq: add requeue-request hook
  * HP ProBook 455 G5 needs mute-led-gpio fixup (LP: #1781763)
    - ALSA: hda: add mute led support for HP ProBook 455 G5
  * [Bionic] bug fixes to improve stability of the ThunderX2 i2c driver
    (LP: #1781476)
    - i2c: xlp9xx: Fix issue seen when updating receive length
    - i2c: xlp9xx: Make sure the transfer size is not more than
      I2C_SMBUS_BLOCK_SIZE
  * x86/kvm: fix LAPIC timer drift when guest uses periodic mode (LP: #1778486)
    - x86/kvm: fix LAPIC timer drift when guest uses periodic mode
  * Please include ax88179_178a and r8152 modules in d-i udeb (LP: #1771823)
    - [Config:] d-i: Add ax88179_178a and r8152 to nic-modules
  * Nvidia fails after switching its mode (LP: #1778658)
    - PCI: Restore config space on runtime resume despite being unbound
  * Kernel error "task zfs:pid blocked for more than 120 seconds" (LP: #1781364)
    - SAUCE: (noup) zfs to 0.7.5-1ubuntu16.3
  * CVE-2018-12232
    - PATCH 1/1] socket: close race condition between sock_close() and
      sockfs_setattr()
  * CVE-2018-10323
    - xfs: set format back to extents if xfs_bmap_extents_to_btree
  * change front mic location for more lenovo m7/8/9xx machines (LP: #1781316)
    - ALSA: hda/realtek - Fix the problem of two front mics on more machines
    - ALSA: hda/realtek - two more lenovo models need fixup of MIC_LOCATION
  * Cephfs + fscache: unable to handle kernel NULL pointer dereference at
    0000000000000000 IP: jbd2__journal_start+0x22/0x1f0 (LP: #1783246)
    - ceph: track read contexts in ceph_file_info
  * Touchpad of ThinkPad P52 failed to work with message "lost sync at byte"
    (LP: #1779802)
    - Input: elantech - fix V4 report decoding for module with middle key
    - Input: elantech - enable middle button of touchpads on ThinkPad P52
  * xhci_hcd 0000:00:14.0: Root hub is not suspended (LP: #1779823)
    - usb: xhci: dbc: Fix lockdep warning
    - usb: xhci: dbc: Don't decrement runtime PM counter if DBC is not started
  * CVE-2018-13406
    - video: uvesafb: Fix integer overflow in allocation
  * CVE-2018-10840
    - ext4: correctly handle a zero-length xattr with a non-zero e_value_offs
  * CVE-2018-11412
    - ext4: do not allow external inodes for inline data
  * CVE-2018-10881
    - ext4: clear i_data in ext4_inode_info when removing inline data
  * CVE-2018-12233
    - jfs: Fix inconsistency between memory allocation and ea_buf->max_size
  * CVE-2018-12904
    - kvm: nVMX: Enforce cpl=0 for VMX instructions
  * Error parsing PCC subspaces from PCCT (LP: #1528684)
    - mailbox: PCC: erroneous error message when parsing ACPI PCCT
  * CVE-2018-13094
    - xfs: don't call xfs_da_shrink_inode with NULL bp
  * other users' coredumps can be read via setgid directory and killpriv bypass
    (LP: #1779923) // CVE-2018-13405
    - Fix up non-directory creation in SGID directories
  * Invoking obsolete 'firmware_install' target breaks snap build (LP: #1782166)
    - snapcraft.yaml: stop invoking the obsolete (and non-existing)
      'firmware_install' target
  * snapcraft.yaml: missing ubuntu-retpoline-extract-one script breaks the build
    (LP: #1782116)
    - snapcraft.yaml: copy retpoline-extract-one to scripts before build
  * Allow Raven Ridge's audio controller to be runtime suspended (LP: #1782540)
    - ALSA: hda: Add AZX_DCAPS_PM_RUNTIME for AMD Raven Ridge
  * CVE-2018-11506
    - sr: pass down correctly sized SCSI sense buffer
  * Bionic update: upstream stable patchset 2018-07-24 (LP: #1783418)
    - net: Fix a bug in removing queues from XPS map
    - net/mlx4_core: Fix error handling in mlx4_init_port_info.
    - net/sched: fix refcnt leak in the error path of tcf_vlan_init()
    - net: sched: red: avoid hashing NULL child
    - net/smc: check for missing nlattrs in SMC_PNETID messages
    - net: test tailroom before appending to linear skb
    - packet: in packet_snd start writing at link layer allocation
    - sock_diag: fix use-after-free read in __sk_free
    - tcp: purge write queue in tcp_connect_init()
    - vmxnet3: set the DMA mask before the first DMA map operation
    - vmxnet3: use DMA memory barriers where required
    - hv_netvsc: empty current transmit aggregation if flow blocked
    - hv_netvsc: Use the num_online_cpus() for channel limit
    - hv_netvsc: avoid retry on send during shutdown
    - hv_netvsc: only wake transmit queue if link is up
    - hv_netvsc: fix error unwind handling if vmbus_open fails
    - hv_netvsc: cancel subchannel setup before halting device
    - hv_netvsc: fix race in napi poll when rescheduling
    - hv_netvsc: defer queue selection to VF
    - hv_netvsc: disable NAPI before channel close
    - hv_netvsc: use RCU to fix concurrent rx and queue changes
    - hv_netvsc: change GPAD teardown order on older versions
    - hv_netvsc: common detach logic
    - hv_netvsc: Use Windows version instead of NVSP version on GPAD teardown
    - hv_netvsc: Split netvsc_revoke_buf() and netvsc_teardown_gpadl()
    - hv_netvsc: Ensure correct teardown message sequence order
    - hv_netvsc: Fix a network regression after ifdown/ifup
    - sparc: vio: use put_device() instead of kfree()
    - ext2: fix a block leak
    - s390: add assembler macros for CPU alternatives
    - s390: move expoline assembler macros to a header
    - s390/crc32-vx: use expoline for indirect branches
    - s390/lib: use expoline for indirect branches
    - s390/ftrace: use expoline for indirect branches
    - s390/kernel: use expoline for indirect branches
    - s390: move spectre sysfs attribute code
    - s390: extend expoline to BC instructions
    - s390: use expoline thunks in the BPF JIT
    - scsi: sg: allocate with __GFP_ZERO in sg_build_indirect()
    - scsi: zfcp: fix infinite iteration on ERP ready list
    - loop: don't call into filesystem while holding lo_ctl_mutex
    - loop: fix LOOP_GET_STATUS lock imbalance
    - cfg80211: limit wiphy names to 128 bytes
    - hfsplus: stop workqueue when fill_super() failed
    - x86/kexec: Avoid double free_page() upon do_kexec_load() failure
    - usb: gadget: f_uac2: fix bFirstInterface in composite gadget
    - usb: dwc3: Undo PHY init if soft reset fails
    - usb: dwc3: omap: don't miss events during suspend/resume
    - usb: gadget: core: Fix use-after-free of usb_request
    - usb: gadget: fsl_udc_core: fix ep valid checks
    - usb: dwc2: Fix dwc2_hsotg_core_init_disconnected()
    - usb: cdc_acm: prevent race at write to acm while system resumes
    - net: usbnet: fix potential deadlock on 32bit hosts
    - ARM: dts: imx7d-sdb: Fix regulator-usb-otg2-vbus node name
    - usb: host: xhci-plat: revert "usb: host: xhci-plat: enable clk in resume
      timing"
    - USB: OHCI: Fix NULL dereference in HCDs using HCD_LOCAL_MEM
    - net/usb/qmi_wwan.c: Add USB id for lt4120 modem
    - net-usb: add qmi_wwan if on lte modem wistron neweb d18q1
    - Bluetooth: btusb: Add USB ID 7392:a611 for Edimax EW-7611ULB
    - ALSA: usb-audio: Add native DSD support for Luxman DA-06
    - usb: dwc3: Add SoftReset PHY synchonization delay
    - usb: dwc3: Update DWC_usb31 GTXFIFOSIZ reg fields
    - usb: dwc3: Makefile: fix link error on randconfig
    - xhci: zero usb device slot_id member when disabling and freeing a xhci slot
    - usb: dwc2: Fix interval type issue
    - usb: dwc2: hcd: Fix host channel halt flow
    - usb: dwc2: host: Fix transaction errors in host mode
    - usb: gadget: ffs: Let setup() return USB_GADGET_DELAYED_STATUS
    - usb: gadget: ffs: Execute copy_to_user() with USER_DS set
    - usbip: Correct maximum value of CONFIG_USBIP_VHCI_HC_PORTS
    - usb: gadget: udc: change comparison to bitshift when dealing with a mask
    - usb: gadget: composite: fix incorrect handling of OS desc requests
    - media: lgdt3306a: Fix module count mismatch on usb unplug
    - media: em28xx: USB bulk packet size fix
    - Bluetooth: btusb: Add device ID for RTL8822BE
    - xhci: Show what USB release number the xHC supports from protocol capablity
    - staging: bcm2835-audio: Release resources on module_exit()
    - staging: lustre: fix bug in osc_enter_cache_try
    - staging: fsl-dpaa2/eth: Fix incorrect casts
    - staging: rtl8192u: return -ENOMEM on failed allocation of priv->oldaddr
    - staging: ks7010: Use constants from ieee80211_eid instead of literal ints.
    - staging: lustre: lmv: correctly iput lmo_root
    - crypto: inside-secure - wait for the request to complete if in the backlog
    - crypto: atmel-aes - fix the keys zeroing on errors
    - crypto: ccp - don't disable interrupts while setting up debugfs
    - crypto: inside-secure - do not process request if no command was issued
    - crypto: inside-secure - fix the cache_len computation
    - crypto: inside-secure - fix the extra cache computation
    - crypto: sunxi-ss - Add MODULE_ALIAS to sun4i-ss
    - crypto: inside-secure - fix the invalidation step during cra_exit
    - scsi: mpt3sas: fix an out of bound write
    - scsi: ufs: Enable quirk to ignore sending WRITE_SAME command
    - scsi: bnx2fc: Fix check in SCSI completion handler for timed out request
    - scsi: sym53c8xx_2: iterator underflow in sym_getsync()
    - scsi: mptfusion: Add bounds check in mptctl_hp_targetinfo()
    - scsi: qla2xxx: Avoid triggering undefined behavior in
      qla2x00_mbx_completion()
    - scsi: storvsc: Increase cmd_per_lun for higher speed devices
    - scsi: qedi: Fix truncation of CHAP name and secret
    - scsi: aacraid: fix shutdown crash when init fails
    - scsi: qla4xxx: skip error recovery in case of register disconnect.
    - scsi: qedi: Fix kernel crash during port toggle
    - scsi: mpt3sas: Do not mark fw_event workqueue as WQ_MEM_RECLAIM
    - scsi: sd: Keep disk read-only when re-reading partition
    - scsi: iscsi_tcp: set BDI_CAP_STABLE_WRITES when data digest enabled
    - scsi: aacraid: Insure command thread is not recursively stopped
    - scsi: core: Make SCSI Status CONDITION MET equivalent to GOOD
    - scsi: mvsas: fix wrong endianness of sgpio api
    - ASoC: hdmi-codec: Fix module unloading caused kernel crash
    - ASoC: rockchip: rk3288-hdmi-analog: Select needed codecs
    - ASoC: samsung: odroid: Fix 32000 sample rate handling
    - ASoC: topology: create TLV data for dapm widgets
    - ASoC: samsung: i2s: Ensure the RCLK rate is properly determined
    - clk: rockchip: Fix wrong parent for SDMMC phase clock for rk3228
    - clk: Don't show the incorrect clock phase
    - clk: hisilicon: mark wdt_mux_p[] as const
    - clk: tegra: Fix pll_u rate configuration
    - clk: rockchip: Prevent calculating mmc phase if clock rate is zero
    - clk: samsung: s3c2410: Fix PLL rates
    - clk: samsung: exynos7: Fix PLL rates
    - clk: samsung: exynos5260: Fix PLL rates
    - clk: samsung: exynos5433: Fix PLL rates
    - clk: samsung: exynos5250: Fix PLL rates
    - clk: samsung: exynos3250: Fix PLL rates
    - media: dmxdev: fix error code for invalid ioctls
    - media: Don't let tvp5150_get_vbi() go out of vbi_ram_default array
    - media: ov5645: add missing of_node_put() in error path
    - media: cx23885: Override 888 ImpactVCBe crystal frequency
    - media: cx23885: Set subdev host data to clk_freq pointer
    - media: s3c-camif: fix out-of-bounds array access
    - media: lgdt3306a: Fix a double kfree on i2c device remove
    - media: em28xx: Add Hauppauge SoloHD/DualHD bulk models
    - media: v4l: vsp1: Fix display stalls when requesting too many inputs
    - media: i2c: adv748x: fix HDMI field heights
    - media: vb2: Fix videobuf2 to map correct area
    - media: vivid: fix incorrect capabilities for radio
    - media: cx25821: prevent out-of-bounds read on array card
    - serial: xuartps: Fix out-of-bounds access through DT alias
    - serial: sh-sci: Fix out-of-bounds access through DT alias
    - serial: samsung: Fix out-of-bounds access through serial port index
    - serial: mxs-auart: Fix out-of-bounds access through serial port index
    - serial: imx: Fix out-of-bounds access through serial port index
    - serial: fsl_lpuart: Fix out-of-bounds access through DT alias
    - serial: arc_uart: Fix out-of-bounds access through DT alias
    - serial: 8250: Don't service RX FIFO if interrupts are disabled
    - serial: altera: ensure port->regshift is honored consistently
    - rtc: snvs: Fix usage of snvs_rtc_enable
    - rtc: hctosys: Ensure system time doesn't overflow time_t
    - rtc: rk808: fix possible race condition
    - rtc: m41t80: fix race conditions
    - rtc: tx4939: avoid unintended sign extension on a 24 bit shift
    - rtc: rp5c01: fix possible race condition
    - rtc: goldfish: Add missing MODULE_LICENSE
    - cxgb4: Correct ntuple mask validation for hash filters
    - net: dsa: bcm_sf2: Fix RX_CLS_LOC_ANY overwrite for last rule
    - net: dsa: Do not register devlink for unused ports
    - net: dsa: bcm_sf2: Fix IPv6 rules and chain ID
    - net: dsa: bcm_sf2: Fix IPv6 rule half deletion
    - 3c59x: convert to generic DMA API
    - net: ip6_gre: Request headroom in __gre6_xmit()
    - net: ip6_gre: Split up ip6gre_tnl_link_config()
    - net: ip6_gre: Split up ip6gre_tnl_change()
    - net: ip6_gre: Split up ip6gre_newlink()
    - net: ip6_gre: Split up ip6gre_changelink()
    - qed: LL2 flush isles when connection is closed
    - qed: Fix possibility of list corruption during rmmod flows
    - qed: Fix LL2 race during connection terminate
    - powerpc: Move default security feature flags
    - Bluetooth: btusb: Add support for Intel Bluetooth device 22560 [8087:0026]
    - staging: fsl-dpaa2/eth: Fix incorrect kfree
    - crypto: inside-secure - move the digest to the request context
    - scsi: lpfc: Fix NVME Initiator FirstBurst
    - serial: mvebu-uart: fix tx lost characters
  * Bionic update: upstream stable patchset 2018-07-20 (LP: #1782846)
    - usbip: usbip_host: refine probe and disconnect debug msgs to be useful
    - usbip: usbip_host: delete device from busid_table after rebind
    - usbip: usbip_host: run rebind from exit when module is removed
    - usbip: usbip_host: fix NULL-ptr deref and use-after-free errors
    - usbip: usbip_host: fix bad unlock balance during stub_probe()
    - ALSA: usb: mixer: volume quirk for CM102-A+/102S+
    - ALSA: hda: Add Lenovo C50 All in one to the power_save blacklist
    - ALSA: control: fix a redundant-copy issue
    - spi: pxa2xx: Allow 64-bit DMA
    - spi: bcm-qspi: Avoid setting MSPI_CDRAM_PCS for spi-nor master
    - spi: bcm-qspi: Always read and set BSPI_MAST_N_BOOT_CTRL
    - KVM: arm/arm64: VGIC/ITS save/restore: protect kvm_read_guest() calls
    - KVM: arm/arm64: VGIC/ITS: protect kvm_read_guest() calls with SRCU lock
    - vfio: ccw: fix cleanup if cp_prefetch fails
    - tracing/x86/xen: Remove zero data size trace events
      trace_xen_mmu_flush_tlb{_all}
    - tee: shm: fix use-after-free via temporarily dropped reference
    - netfilter: nf_tables: free set name in error path
    - netfilter: nf_tables: can't fail after linking rule into active rule list
    - netfilter: nf_socket: Fix out of bounds access in nf_sk_lookup_slow_v{4,6}
    - i2c: designware: fix poll-after-enable regression
    - powerpc/powernv: Fix NVRAM sleep in invalid context when crashing
    - drm: Match sysfs name in link removal to link creation
    - lib/test_bitmap.c: fix bitmap optimisation tests to report errors correctly
    - radix tree: fix multi-order iteration race
    - mm: don't allow deferred pages with NEED_PER_CPU_KM
    - drm/i915/gen9: Add WaClearHIZ_WM_CHICKEN3 for bxt and glk
    - s390/qdio: fix access to uninitialized qdio_q fields
    - s390/qdio: don't release memory in qdio_setup_irq()
    - s390: remove indirect branch from do_softirq_own_stack
    - x86/pkeys: Override pkey when moving away from PROT_EXEC
    - x86/pkeys: Do not special case protection key 0
    - efi: Avoid potential crashes, fix the 'struct efi_pci_io_protocol_32'
      definition for mixed mode
    - ARM: 8771/1: kprobes: Prohibit kprobes on do_undefinstr
    - x86/mm: Drop TS_COMPAT on 64-bit exec() syscall
    - tick/broadcast: Use for_each_cpu() specially on UP kernels
    - ARM: 8769/1: kprobes: Fix to use get_kprobe_ctlblk after irq-disabed
    - ARM: 8770/1: kprobes: Prohibit probing on optimized_callback
    - ARM: 8772/1: kprobes: Prohibit kprobes on get_user functions
    - Btrfs: fix xattr loss after power failure
    - Btrfs: send, fix invalid access to commit roots due to concurrent
      snapshotting
    - btrfs: property: Set incompat flag if lzo/zstd compression is set
    - btrfs: fix crash when trying to resume balance without the resume flag
    - btrfs: Split btrfs_del_delalloc_inode into 2 functions
    - btrfs: Fix delalloc inodes invalidation during transaction abort
    - btrfs: fix reading stale metadata blocks after degraded raid1 mounts
    - xhci: Fix USB3 NULL pointer dereference at logical disconnect.
    - KVM: arm/arm64: Properly protect VGIC locks from IRQs
    - KVM: arm/arm64: VGIC/ITS: Promote irq_lock() in update_affinity
    - hwmon: (k10temp) Fix reading critical temperature register
    - hwmon: (k10temp) Use API function to access System Management Network
    - vsprintf: Replace memory barrier with static_key for random_ptr_key update
    - x86/amd_nb: Add support for Raven Ridge CPUs
    - x86/apic/x2apic: Initialize cluster ID properly
  * Bionic update: upstream stable patchset 2018-07-09 (LP: #1780858)
    - 8139too: Use disable_irq_nosync() in rtl8139_poll_controller()
    - bridge: check iface upper dev when setting master via ioctl
    - dccp: fix tasklet usage
    - ipv4: fix fnhe usage by non-cached routes
    - ipv4: fix memory leaks in udp_sendmsg, ping_v4_sendmsg
    - llc: better deal with too small mtu
    - net: ethernet: sun: niu set correct packet size in skb
    - net: ethernet: ti: cpsw: fix packet leaking in dual_mac mode
    - net/mlx4_en: Fix an error handling path in 'mlx4_en_init_netdev()'
    - net/mlx4_en: Verify coalescing parameters are in range
    - net/mlx5e: Err if asked to offload TC match on frag being first
    - net/mlx5: E-Switch, Include VF RDMA stats in vport statistics
    - net sched actions: fix refcnt leak in skbmod
    - net_sched: fq: take care of throttled flows before reuse
    - net: support compat 64-bit time in {s,g}etsockopt
    - net/tls: Don't recursively call push_record during tls_write_space callbacks
    - net/tls: Fix connection stall on partial tls record
    - openvswitch: Don't swap table in nlattr_set() after OVS_ATTR_NESTED is found
    - qmi_wwan: do not steal interfaces from class drivers
    - r8169: fix powering up RTL8168h
    - rds: do not leak kernel memory to user land
    - sctp: delay the authentication for the duplicated cookie-echo chunk
    - sctp: fix the issue that the cookie-ack with auth can't get processed
    - sctp: handle two v4 addrs comparison in sctp_inet6_cmp_addr
    - sctp: remove sctp_chunk_put from fail_mark err path in
      sctp_ulpevent_make_rcvmsg
    - sctp: use the old asoc when making the cookie-ack chunk in dupcook_d
    - tcp_bbr: fix to zero idle_restart only upon S/ACKed data
    - tcp: ignore Fast Open on repair mode
    - tg3: Fix vunmap() BUG_ON() triggered from tg3_free_consistent().
    - bonding: do not allow rlb updates to invalid mac
    - bonding: send learning packets for vlans on slave
    - net: sched: fix error path in tcf_proto_create() when modules are not
      configured
    - net/mlx5e: TX, Use correct counter in dma_map error flow
    - net/mlx5: Avoid cleaning flow steering table twice during error flow
    - hv_netvsc: set master device
    - ipv6: fix uninit-value in ip6_multipath_l3_keys()
    - net/mlx5e: Allow offloading ipv4 header re-write for icmp
    - nsh: fix infinite loop
    - udp: fix SO_BINDTODEVICE
    - l2tp: revert "l2tp: fix missing print session offset info"
    - proc: do not access cmdline nor environ from file-backed areas
    - net/smc: restrict non-blocking connect finish
    - mlxsw: spectrum_switchdev: Do not remove mrouter port from MDB's ports list
    - net/mlx5e: DCBNL fix min inline header size for dscp
    - net: systemport: Correclty disambiguate driver instances
    - sctp: clear the new asoc's stream outcnt in sctp_stream_update
    - tcp: restore autocorking
    - tipc: fix one byte leak in tipc_sk_set_orig_addr()
    - hv_netvsc: Fix net device attach on older Windows hosts
  * Bionic update: upstream stable patchset 2018-07-06 (LP: #1780499)
    - ext4: prevent right-shifting extents beyond EXT_MAX_BLOCKS
    - ipvs: fix rtnl_lock lockups caused by start_sync_thread
    - netfilter: ebtables: don't attempt to allocate 0-sized compat array
    - kcm: Call strp_stop before strp_done in kcm_attach
    - crypto: af_alg - fix possible uninit-value in alg_bind()
    - netlink: fix uninit-value in netlink_sendmsg
    - net: fix rtnh_ok()
    - net: initialize skb->peeked when cloning
    - net: fix uninit-value in __hw_addr_add_ex()
    - dccp: initialize ireq->ir_mark
    - ipv4: fix uninit-value in ip_route_output_key_hash_rcu()
    - soreuseport: initialise timewait reuseport field
    - inetpeer: fix uninit-value in inet_getpeer
    - memcg: fix per_node_info cleanup
    - perf: Remove superfluous allocation error check
    - tcp: fix TCP_REPAIR_QUEUE bound checking
    - bdi: wake up concurrent wb_shutdown() callers.
    - bdi: Fix oops in wb_workfn()
    - gpioib: do not free unrequested descriptors
    - gpio: fix aspeed_gpio unmask irq
    - gpio: fix error path in lineevent_create
    - rfkill: gpio: fix memory leak in probe error path
    - libata: Apply NOLPM quirk for SanDisk SD7UB3Q*G1001 SSDs
    - dm integrity: use kvfree for kvmalloc'd memory
    - tracing: Fix regex_match_front() to not over compare the test string
    - z3fold: fix reclaim lock-ups
    - mm: sections are not offlined during memory hotremove
    - mm, oom: fix concurrent munlock and oom reaper unmap, v3
    - ceph: fix rsize/wsize capping in ceph_direct_read_write()
    - can: kvaser_usb: Increase correct stats counter in kvaser_usb_rx_can_msg()
    - can: hi311x: Acquire SPI lock on ->do_get_berr_counter
    - can: hi311x: Work around TX complete interrupt erratum
    - drm/vc4: Fix scaling of uni-planar formats
    - drm/i915: Fix drm:intel_enable_lvds ERROR message in kernel log
    - drm/atomic: Clean old_state/new_state in drm_atomic_state_default_clear()
    - drm/atomic: Clean private obj old_state/new_state in
      drm_atomic_state_default_clear()
    - net: atm: Fix potential Spectre v1
    - atm: zatm: Fix potential Spectre v1
    - cpufreq: schedutil: Avoid using invalid next_freq
    - Revert "Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174"
    - Bluetooth: btusb: Only check needs_reset_resume DMI table for QCA rome
      chipsets
    - thermal: exynos: Reading temperature makes sense only when TMU is turned on
    - thermal: exynos: Propagate error value from tmu_read()
    - nvme: add quirk to force medium priority for SQ creation
    - smb3: directory sync should not return an error
    - sched/autogroup: Fix possible Spectre-v1 indexing for sched_prio_to_weight[]
    - tracing/uprobe_event: Fix strncpy corner case
    - perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_*
    - perf/x86/cstate: Fix possible Spectre-v1 indexing for pkg_msr
    - perf/x86/msr: Fix possible Spectre-v1 indexing in the MSR driver
    - perf/core: Fix possible Spectre-v1 indexing for ->aux_pages[]
    - perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map()
    - i2c: dev: prevent ZERO_SIZE_PTR deref in i2cdev_ioctl_rdwr()
    - bdi: Fix use after free bug in debugfs_remove()
    - drm/ttm: Use GFP_TRANSHUGE_LIGHT for allocating huge pages
    - drm/i915: Adjust eDP's logical vco in a reliable place.
    - drm/nouveau/ttm: don't dereference nvbo::cli, it can outlive client
    - sched/core: Fix possible Spectre-v1 indexing for sched_prio_to_weight[]
  * Bionic update: upstream stable patchset 2018-06-26 (LP: #1778759)
    - percpu: include linux/sched.h for cond_resched()
    - ACPI / button: make module loadable when booted in non-ACPI mode
    - USB: serial: option: Add support for Quectel EP06
    - ALSA: hda - Fix incorrect usage of IS_REACHABLE()
    - ALSA: pcm: Check PCM state at xfern compat ioctl
    - ALSA: seq: Fix races at MIDI encoding in snd_virmidi_output_trigger()
    - ALSA: dice: fix kernel NULL pointer dereference due to invalid calculation
      for array index
    - ALSA: aloop: Mark paused device as inactive
    - ALSA: aloop: Add missing cable lock to ctl API callbacks
    - tracepoint: Do not warn on ENOMEM
    - scsi: target: Fix fortify_panic kernel exception
    - Input: leds - fix out of bound access
    - Input: atmel_mxt_ts - add touchpad button mapping for Samsung Chromebook Pro
    - rtlwifi: btcoex: Add power_on_setting routine
    - rtlwifi: cleanup 8723be ant_sel definition
    - xfs: prevent creating negative-sized file via INSERT_RANGE
    - RDMA/cxgb4: release hw resources on device removal
    - RDMA/ucma: Allow resolving address w/o specifying source address
    - RDMA/mlx5: Fix multiple NULL-ptr deref errors in rereg_mr flow
    - RDMA/mlx5: Protect from shift operand overflow
    - NET: usb: qmi_wwan: add support for ublox R410M PID 0x90b2
    - IB/mlx5: Use unlimited rate when static rate is not supported
    - IB/hfi1: Fix handling of FECN marked multicast packet
    - IB/hfi1: Fix loss of BECN with AHG
    - IB/hfi1: Fix NULL pointer dereference when invalid num_vls is used
    - iw_cxgb4: Atomically flush per QP HW CQEs
    - drm/vmwgfx: Fix a buffer object leak
    - drm/bridge: vga-dac: Fix edid memory leak
    - test_firmware: fix setting old custom fw path back on exit, second try
    - errseq: Always report a writeback error once
    - USB: serial: visor: handle potential invalid device configuration
    - usb: dwc3: gadget: Fix list_del corruption in dwc3_ep_dequeue
    - USB: Accept bulk endpoints with 1024-byte maxpacket
    - USB: serial: option: reimplement interface masking
    - USB: serial: option: adding support for ublox R410M
    - usb: musb: host: fix potential NULL pointer dereference
    - usb: musb: trace: fix NULL pointer dereference in musb_g_tx()
    - platform/x86: asus-wireless: Fix NULL pointer dereference
    - irqchip/qcom: Fix check for spurious interrupts
    - tracing: Fix bad use of igrab in trace_uprobe.c
    - [Config] CONFIG_ARM64_ERRATUM_1024718=y
    - arm64: Add work around for Arm Cortex-A55 Erratum 1024718
    - Input: atmel_mxt_ts - add touchpad button mapping for Samsung Chromebook Pro
    - infiniband: mlx5: fix build errors when INFINIBAND_USER_ACCESS=m
    - btrfs: Take trans lock before access running trans in check_delayed_ref
    - drm/vc4: Make sure vc4_bo_{inc,dec}_usecnt() calls are balanced
    - xhci: Fix use-after-free in xhci_free_virt_device
    - platform/x86: Kconfig: Fix dell-laptop dependency chain.
    - KVM: x86: remove APIC Timer periodic/oneshot spikes
    - clocksource: Allow clocksource_mark_unstable() on unregistered clocksources
    - clocksource: Initialize cs->wd_list
    - clocksource: Consistent de-rate when marking unstable
  * Bionic update: upstream stable patchset 2018-06-22 (LP: #1778265)
    - ext4: set h_journal if there is a failure starting a reserved handle
    - ext4: add MODULE_SOFTDEP to ensure crc32c is included in the initramfs
    - ext4: add validity checks for bitmap block numbers
    - ext4: fix bitmap position validation
    - random: fix possible sleeping allocation from irq context
    - random: rate limit unseeded randomness warnings
    - usbip: usbip_event: fix to not print kernel pointer address
    - usbip: usbip_host: fix to hold parent lock for device_attach() calls
    - usbip: vhci_hcd: Fix usb device and sockfd leaks
    - usbip: vhci_hcd: check rhport before using in vhci_hub_control()
    - Revert "xhci: plat: Register shutdown for xhci_plat"
    - USB: serial: simple: add libtransistor console
    - USB: serial: ftdi_sio: use jtag quirk for Arrow USB Blaster
    - USB: serial: cp210x: add ID for NI USB serial console
    - usb: core: Add quirk for HP v222w 16GB Mini
    - USB: Increment wakeup count on remote wakeup.
    - ALSA: usb-audio: Skip broken EU on Dell dock USB-audio
    - virtio: add ability to iterate over vqs
    - virtio_console: don't tie bufs to a vq
    - virtio_console: free buffers after reset
    - virtio_console: drop custom control queue cleanup
    - virtio_console: move removal code
    - virtio_console: reset on out of memory
    - drm/virtio: fix vq wait_event condition
    - tty: Don't call panic() at tty_ldisc_init()
    - tty: n_gsm: Fix long delays with control frame timeouts in ADM mode
    - tty: n_gsm: Fix DLCI handling for ADM mode if debug & 2 is not set
    - tty: Avoid possible error pointer dereference at tty_ldisc_restore().
    - tty: Use __GFP_NOFAIL for tty_ldisc_get()
    - ALSA: dice: fix OUI for TC group
    - ALSA: dice: fix error path to destroy initialized stream data
    - ALSA: hda - Skip jack and others for non-existing PCM streams
    - ALSA: opl3: Hardening for potential Spectre v1
    - ALSA: asihpi: Hardening for potential Spectre v1
    - ALSA: hdspm: Hardening for potential Spectre v1
    - ALSA: rme9652: Hardening for potential Spectre v1
    - ALSA: control: Hardening for potential Spectre v1
    - ALSA: pcm: Return negative delays from SNDRV_PCM_IOCTL_DELAY.
    - ALSA: core: Report audio_tstamp in snd_pcm_sync_ptr
    - ALSA: seq: oss: Fix unbalanced use lock for synth MIDI device
    - ALSA: seq: oss: Hardening for potential Spectre v1
    - ALSA: hda: Hardening for potential Spectre v1
    - ALSA: hda/realtek - Add some fixes for ALC233
    - ALSA: hda/realtek - Update ALC255 depop optimize
    - ALSA: hda/realtek - change the location for one of two front mics
    - mtd: spi-nor: cadence-quadspi: Fix page fault kernel panic
    - mtd: cfi: cmdset_0001: Do not allow read/write to suspend erase block.
    - mtd: cfi: cmdset_0001: Workaround Micron Erase suspend bug.
    - mtd: cfi: cmdset_0002: Do not allow read/write to suspend erase block.
    - mtd: rawnand: tango: Fix struct clk memory leak
    - kobject: don't use WARN for registration failures
    - scsi: sd: Defer spinning up drive while SANITIZE is in progress
    - bfq-iosched: ensure to clear bic/bfqq pointers when preparing request
    - vfio: ccw: process ssch with interrupts disabled
    - ANDROID: binder: prevent transactions into own process.
    - PCI: aardvark: Fix logic in advk_pcie_{rd,wr}_conf()
    - PCI: aardvark: Set PIO_ADDR_LS correctly in advk_pcie_rd_conf()
    - PCI: aardvark: Use ISR1 instead of ISR0 interrupt in legacy irq mode
    - PCI: aardvark: Fix PCIe Max Read Request Size setting
    - ARM: amba: Make driver_override output consistent with other buses
    - ARM: amba: Fix race condition with driver_override
    - ARM: amba: Don't read past the end of sysfs "driver_override" buffer
    - ARM: socfpga_defconfig: Remove QSPI Sector 4K size force
    - KVM: arm/arm64: Close VMID generation race
    - crypto: drbg - set freed buffers to NULL
    - ASoC: fsl_esai: Fix divisor calculation failure at lower ratio
    - libceph: un-backoff on tick when we have a authenticated session
    - libceph: reschedule a tick in finish_hunting()
    - libceph: validate con->state at the top of try_write()
    - fpga-manager: altera-ps-spi: preserve nCONFIG state
    - earlycon: Use a pointer table to fix __earlycon_table stride
    - drm/amdgpu: set COMPUTE_PGM_RSRC1 for SGPR/VGPR clearing shaders
    - drm/i915: Enable display WA#1183 from its correct spot
    - objtool, perf: Fix GCC 8 -Wrestrict error
    - tools/lib/subcmd/pager.c: do not alias select() params
    - x86/ipc: Fix x32 version of shmid64_ds and msqid64_ds
    - x86/smpboot: Don't use mwait_play_dead() on AMD systems
    - x86/microcode/intel: Save microcode patch unconditionally
    - x86/microcode: Do not exit early from __reload_late()
    - tick/sched: Do not mess with an enqueued hrtimer
    - arm/arm64: KVM: Add PSCI version selection API
    - powerpc/eeh: Fix race with driver un/bind
    - serial: mvebu-uart: Fix local flags handling on termios update
    - block: do not use interruptible wait anywhere
    - ASoC: dmic: Fix clock parenting
    - PCI / PM: Do not clear state_saved in pci_pm_freeze() when smart suspend is
      set
    - module: Fix display of wrong module .text address
    - drm/edid: Reset more of the display info
    - drm/i915/fbdev: Enable late fbdev initial configuration
    - drm/i915/audio: set minimum CD clock to twice the BCLK
    - drm/amd/display: Fix deadlock when flushing irq
    - drm/amd/display: Disallow enabling CRTC without primary plane with FB
  * Bionic update: upstream stable patchset 2018-06-22 (LP: #1778265) //
    CVE-2018-1108.
    - random: set up the NUMA crng instances after the CRNG is fully initialized
  * Ryzen/Raven Ridge USB ports do not work (LP: #1756700)
    - xhci: Fix USB ports for Dell Inspiron 5775
  * [Ubuntu 1804][boston][ixgbe] EEH causes kernel BUG at /build/linux-
    jWa1Fv/linux-4.15.0/drivers/pci/msi.c:352 (i2S) (LP: #1776389)
    - ixgbe/ixgbevf: Free IRQ when PCI error recovery removes the device
  * Need fix to aacraid driver to prevent panic (LP: #1770095)
    - scsi: aacraid: Correct hba_send to include iu_type
  * kernel: Fix arch random implementation (LP: #1775391)
    - s390/archrandom: Rework arch random implementation.
  * kernel: Fix memory leak on CCA and EP11 CPRB processing. (LP: #1775390)
    - s390/zcrypt: Fix CCA and EP11 CPRB processing failure memory leak.
  * Various fixes for CXL kernel module (LP: #1774471)
    - cxl: Remove function write_timebase_ctrl_psl9() for PSL9
    - cxl: Set the PBCQ Tunnel BAR register when enabling capi mode
    - cxl: Report the tunneled operations status
    - cxl: Configure PSL to not use APC virtual machines
    - cxl: Disable prefault_mode in Radix mode
  * Bluetooth not working (LP: #1764645)
    - Bluetooth: btusb: Apply QCA Rome patches for some ATH3012 models
  * linux-snapdragon: wcn36xx: mac address generation on boot (LP: #1776491)
    - [Config] arm64: snapdragon: WCN36XX_SNAPDRAGON_HACKS=y
    - SAUCE: wcn36xx: read MAC from file or randomly generate one
  * fscache: Fix hanging wait on page discarded by writeback (LP: #1777029)
    - fscache: Fix hanging wait on page discarded by writeback

 -- Stefan Bader <email address hidden>  Fri, 03 Aug 2018 10:47:02 +0200
Deleted in cosmic-proposed (Reason: NBS)
Superseded in bionic-security on 2018-08-14
Superseded in bionic-updates on 2018-08-14
Deleted in bionic-proposed (Reason: NBS)
linux-oem (4.15.0-1013.16) bionic; urgency=medium

  [ Ubuntu: 4.15.0-30.32 ]

  * CVE-2018-5390
    - tcp: free batches of packets in tcp_prune_ofo_queue()
    - tcp: avoid collapses in tcp_prune_queue() if possible
    - tcp: detect malicious patterns in tcp_collapse_ofo_queue()
    - tcp: call tcp_drop() from tcp_data_queue_ofo()
    - tcp: add tcp_ooo_try_coalesce() helper

 -- Stefan Bader <email address hidden>  Thu, 26 Jul 2018 21:14:43 +0200
Superseded in cosmic-release on 2018-09-10
Deleted in cosmic-proposed (Reason: moved to release)
Superseded in bionic-security on 2018-08-06
Superseded in bionic-updates on 2018-08-06
Deleted in bionic-proposed (Reason: moved to -updates)
linux-oem (4.15.0-1012.15) bionic; urgency=medium

  * linux-oem: 4.15.0-1012.15 -proposed tracker (LP: #1782181)

  * Miscellaneous Ubuntu changes
    - Rebase to 4.15.0-29.31

  [ Ubuntu: 4.15.0-29.31 ]

  * linux: 4.15.0-29.31 -proposed tracker (LP: #1782173)
  * [SRU Bionic][Cosmic] kernel panic in ipmi_ssif at msg_done_handler
    (LP: #1777716)
    - ipmi_ssif: Fix kernel panic at msg_done_handler
  * Update to ocxl driver for 18.04.1 (LP: #1775786)
    - misc: ocxl: use put_device() instead of device_unregister()
    - powerpc: Add TIDR CPU feature for POWER9
    - powerpc: Use TIDR CPU feature to control TIDR allocation
    - powerpc: use task_pid_nr() for TID allocation
    - ocxl: Rename pnv_ocxl_spa_remove_pe to clarify it's action
    - ocxl: Expose the thread_id needed for wait on POWER9
    - ocxl: Add an IOCTL so userspace knows what OCXL features are available
    - ocxl: Document new OCXL IOCTLs
    - ocxl: Fix missing unlock on error in afu_ioctl_enable_p9_wait()
  * Critical upstream bugfix missing in Ubuntu 18.04 - frequent Xorg crash after
    suspend (LP: #1776887)
    - ocxl: Document the OCXL_IOCTL_GET_METADATA IOCTL
  * Hard LOCKUP observed on stressing Ubuntu 18 04 (LP: #1777194)
    - powerpc: use NMI IPI for smp_send_stop
    - powerpc: Fix smp_send_stop NMI IPI handling
  * IPL: ppc64_cpu --frequency hang with INFO: rcu_sched detected stalls on
    CPUs/tasks on w34 and wsbmc016 with 920.1714.20170330n (LP: #1773964)
    - rtc: opal: Fix OPAL RTC driver OPAL_BUSY loops
  * [Regression] EXT4-fs error (device sda2): ext4_validate_block_bitmap:383:
    comm stress-ng: bg 4705: bad block bitmap checksum (LP: #1781709)
    - SAUCE: Revert "UBUNTU: SAUCE: ext4: fix ext4_validate_inode_bitmap: comm
      stress-ng: Corrupt inode bitmap"
    - SAUCE: ext4: check for allocation block validity with block group locked

 -- Timo Aaltonen <email address hidden>  Wed, 18 Jul 2018 15:56:13 +0300
Deleted in cosmic-proposed on 2018-07-26 (Reason: NBS)
Deleted in bionic-proposed on 2018-07-26 (Reason: NBS)
linux-oem (4.15.0-1011.14) bionic; urgency=medium

  * linux-oem: 4.15.0-1011.14 -proposed tracker (LP: #1781064)

  * Miscellaneous Ubuntu changes
    - Rebase to 4.15.0-28.30

  [ Ubuntu: 4.15.0-28.30 ]

  * linux: 4.15.0-28.30 -proposed tracker (LP: #1781433)
  * Cannot set MTU higher than 1500 in Xen instance (LP: #1781413)
    - xen-netfront: Fix mismatched rtnl_unlock
    - xen-netfront: Update features after registering netdev

  [ Ubuntu: 4.15.0-27.29 ]

  * linux: 4.15.0-27.29 -proposed tracker (LP: #1781062)
  * [Regression] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:99:
    comm stress-ng: Corrupt inode bitmap (LP: #1780137)
    - SAUCE: ext4: fix ext4_validate_inode_bitmap: comm stress-ng: Corrupt inode
      bitmap

 -- Timo Aaltonen <email address hidden>  Mon, 16 Jul 2018 12:13:37 +0300

Available diffs

Published in xenial-security on 2018-07-23
Published in xenial-updates on 2018-07-23
Deleted in xenial-proposed (Reason: moved to -updates)
linux-oem (4.13.0-1032.36) xenial; urgency=medium

  * linux-oem: 4.13.0-1032.36 -proposed tracker (LP: #1779353)

  * Touchpad of ThinkPad P52 failed to work with message "lost sync at byte"
    (LP: #1779802)
    - Input: elantech - fix V4 report decoding for module with middle key
    - Input: elantech - enable middle button of touchpads on ThinkPad P52

 -- Timo Aaltonen <email address hidden>  Thu, 05 Jul 2018 15:31:38 +0300

Available diffs

Deleted in cosmic-proposed on 2018-07-19 (Reason: NBS)
Deleted in bionic-proposed on 2018-07-19 (Reason: NBS)
linux-oem (4.15.0-1010.13) bionic; urgency=medium

  * linux-oem: 4.15.0-1010.13 -proposed tracker (LP: #1779357)

  * xhci_hcd 0000:00:14.0: Root hub is not suspended (LP: #1779823)
    - usb: xhci: dbc: Fix lockdep warning
    - usb: xhci: dbc: Don't decrement runtime PM counter if DBC is not started

  * xhci hangs; reset results in NULL pointer dereference (LP: #1763594)
    - xhci: Create new structures to store xhci port information
    - xhci: set hcd pointers for xhci usb2 and usb3 roothub structures
    - xhci: Add helper to get xhci roothub from hcd
    - xhci: xhci-hub: use new port structures to get port address instead of port
      array
    - xhci: xhci-hub: use new port structures for cas and wake mask functions.
    - xhci: xhci-ring: use port structures for port event handler
    - xhci: rename faked_port_index to hcd_portnum
    - xhci: change xhci_set_link_state() to work with port structures
    - xhci: change xhci_test_and_clear_bit() to use new port structure
    - xhci: use port structures instead of port arrays in xhci.c functions
    - xhci: xhci-hub: use port structure members instead of xhci_get_ports()
    - xhci-mtk: use xhci hub structures to get number of ports in roothubs
    - xhci: xhci-mem: remove port_arrays and the code initializing them
    - xhci: debugfs: add usb ports to xhci debugfs
    - xhci: debugfs: add debugfs interface to enable compliance mode for a port
    - xhci: Fix perceived dead host due to runtime suspend race with event handler

  * Use "Medium power with Device Initiated PM" as default LPM policy for mobile
    SATA devices (LP: #1778029)
    - ahci: Allow setting a default LPM policy for mobile chipsets
    - Config: set CONFIG_SATA_MOBILE_LPM_POLICY to med_power_with_dipm

  * Miscellaneous Ubuntu changes
    - Rebase to 4.15.0-26.28

  [ Ubuntu: 4.15.0-26.28 ]

  * linux: 4.15.0-26.28 -proposed tracker (LP: #1780112)
  * failure to boot with linux-image-4.15.0-24-generic (LP: #1779827) // Cloud-
    init causes potentially huge boot delays with 4.15 kernels (LP: #1780062)
    - random: Make getrandom() ready earlier

  [ Ubuntu: 4.15.0-25.27 ]

  * linux: 4.15.0-25.27 -proposed tracker (LP: #1779354)
  * hisi_sas_v3_hw: internal task abort: timeout and not done. (LP: #1777736)
    - scsi: hisi_sas: Update a couple of register settings for v3 hw
  * hisi_sas: Add missing PHY spinlock init (LP: #1777734)
    - scsi: hisi_sas: Add missing PHY spinlock init
  * hisi_sas: improve read performance by pre-allocating slot DMA buffers
    (LP: #1777727)
    - scsi: hisi_sas: use dma_zalloc_coherent()
    - scsi: hisi_sas: Use dmam_alloc_coherent()
    - scsi: hisi_sas: Pre-allocate slot DMA buffers
  * hisi_sas: Failures during host reset (LP: #1777696)
    - scsi: hisi_sas: Only process broadcast change in phy_bcast_v3_hw()
    - scsi: hisi_sas: Fix the conflict between dev gone and host reset
    - scsi: hisi_sas: Adjust task reject period during host reset
    - scsi: hisi_sas: Add a flag to filter PHY events during reset
    - scsi: hisi_sas: Release all remaining resources in clear nexus ha
  * Fake SAS addresses for SATA disks on HiSilicon D05 are non-unique
    (LP: #1776750)
    - scsi: hisi_sas: make SAS address of SATA disks unique
  * Vcs-Git header on bionic linux source package points to zesty git tree
    (LP: #1766055)
    - [Packaging]: Update Vcs-Git
  * large KVM instances run out of IRQ routes (LP: #1778261)
    - SAUCE: kvm -- increase KVM_MAX_IRQ_ROUTES to 2048 on x86

 -- Timo Aaltonen <email address hidden>  Thu, 05 Jul 2018 15:15:07 +0300

Available diffs

Superseded in cosmic-release on 2018-07-25
Superseded in bionic-updates on 2018-07-20
Superseded in bionic-security on 2018-07-20
Deleted in cosmic-proposed (Reason: moved to release)
Deleted in bionic-proposed (Reason: moved to -updates)
linux-oem (4.15.0-1009.12) bionic; urgency=medium

  * linux-oem: 4.15.0-1009.12 -proposed tracker (LP: #1776340)


  [ Ubuntu: 4.15.0-24.26 ]

  * linux: 4.15.0-24.26 -proposed tracker (LP: #1776338)
  * Bionic update: upstream stable patchset 2018-06-06 (LP: #1775483)
    - drm: bridge: dw-hdmi: Fix overflow workaround for Amlogic Meson GX SoCs
    - i40e: Fix attach VF to VM issue
    - tpm: cmd_ready command can be issued only after granting locality
    - tpm: tpm-interface: fix tpm_transmit/_cmd kdoc
    - tpm: add retry logic
    - Revert "ath10k: send (re)assoc peer command when NSS changed"
    - bonding: do not set slave_dev npinfo before slave_enable_netpoll in
      bond_enslave
    - ipv6: add RTA_TABLE and RTA_PREFSRC to rtm_ipv6_policy
    - ipv6: sr: fix NULL pointer dereference in seg6_do_srh_encap()- v4 pkts
    - KEYS: DNS: limit the length of option strings
    - l2tp: check sockaddr length in pppol2tp_connect()
    - net: validate attribute sizes in neigh_dump_table()
    - llc: delete timers synchronously in llc_sk_free()
    - tcp: don't read out-of-bounds opsize
    - net: af_packet: fix race in PACKET_{R|T}X_RING
    - tcp: md5: reject TCP_MD5SIG or TCP_MD5SIG_EXT on established sockets
    - net: fix deadlock while clearing neighbor proxy table
    - team: avoid adding twice the same option to the event list
    - net/smc: fix shutdown in state SMC_LISTEN
    - team: fix netconsole setup over team
    - packet: fix bitfield update race
    - tipc: add policy for TIPC_NLA_NET_ADDR
    - pppoe: check sockaddr length in pppoe_connect()
    - vlan: Fix reading memory beyond skb->tail in skb_vlan_tagged_multi
    - amd-xgbe: Add pre/post auto-negotiation phy hooks
    - sctp: do not check port in sctp_inet6_cmp_addr
    - amd-xgbe: Improve KR auto-negotiation and training
    - strparser: Do not call mod_delayed_work with a timeout of LONG_MAX
    - amd-xgbe: Only use the SFP supported transceiver signals
    - strparser: Fix incorrect strp->need_bytes value.
    - net: sched: ife: signal not finding metaid
    - tcp: clear tp->packets_out when purging write queue
    - net: sched: ife: handle malformed tlv length
    - net: sched: ife: check on metadata length
    - llc: hold llc_sap before release_sock()
    - llc: fix NULL pointer deref for SOCK_ZAPPED
    - net: ethernet: ti: cpsw: fix tx vlan priority mapping
    - virtio_net: split out ctrl buffer
    - virtio_net: fix adding vids on big-endian
    - KVM: s390: force bp isolation for VSIE
    - s390: correct module section names for expoline code revert
    - microblaze: Setup dependencies for ASM optimized lib functions
    - commoncap: Handle memory allocation failure.
    - scsi: mptsas: Disable WRITE SAME
    - cdrom: information leak in cdrom_ioctl_media_changed()
    - m68k/mac: Don't remap SWIM MMIO region
    - block/swim: Check drive type
    - block/swim: Don't log an error message for an invalid ioctl
    - block/swim: Remove extra put_disk() call from error path
    - block/swim: Rename macros to avoid inconsistent inverted logic
    - block/swim: Select appropriate drive on device open
    - block/swim: Fix array bounds check
    - block/swim: Fix IO error at end of medium
    - tracing: Fix missing tab for hwlat_detector print format
    - s390/cio: update chpid descriptor after resource accessibility event
    - s390/dasd: fix IO error for newly defined devices
    - s390/uprobes: implement arch_uretprobe_is_alive()
    - ACPI / video: Only default only_lcd to true on Win8-ready _desktops_
    - docs: ip-sysctl.txt: fix name of some ipv6 variables
    - net: mvpp2: Fix DMA address mask size
    - net: stmmac: Disable ACS Feature for GMAC >= 4
    - l2tp: hold reference on tunnels in netlink dumps
    - l2tp: hold reference on tunnels printed in pppol2tp proc file
    - l2tp: hold reference on tunnels printed in l2tp/tunnels debugfs file
    - l2tp: fix {pppol2tp, l2tp_dfs}_seq_stop() in case of seq_file overflow
    - s390/qeth: fix error handling in adapter command callbacks
    - s390/qeth: avoid control IO completion stalls
    - s390/qeth: handle failure on workqueue creation
    - bnxt_en: Fix memory fault in bnxt_ethtool_init()
    - virtio-net: add missing virtqueue kick when flushing packets
    - VSOCK: make af_vsock.ko removable again
    - hwmon: (k10temp) Add temperature offset for Ryzen 2700X
    - hwmon: (k10temp) Add support for AMD Ryzen w/ Vega graphics
    - s390/cpum_cf: rename IBM z13/z14 counter names
    - kprobes: Fix random address output of blacklist file
    - Revert "pinctrl: intel: Initialize GPIO properly when used through irqchip"
  * Lenovo V330 needs patch in ideapad_laptop module for rfkill (LP: #1774636)
    - SAUCE: Add Lenovo V330 to the ideapad_laptop rfkill blacklist
  * bluetooth controller fail after suspend with USB autosuspend on XPS 13 9360
    (LP: #1775217)
    - Bluetooth: btusb: Add Dell XPS 13 9360 to btusb_needs_reset_resume_table
  * [Hyper-V] PCI: hv: Fix 2 hang issues in hv_compose_msi_msg (LP: #1758378)
    - PCI: hv: Only queue new work items in hv_pci_devices_present() if necessary
    - PCI: hv: Remove the bogus test in hv_eject_device_work()
    - PCI: hv: Fix a comment typo in _hv_pcifront_read_config()
  * register on binfmt_misc may overflow and crash the system (LP: #1775856)
    - fs/binfmt_misc.c: do not allow offset overflow
  * CVE-2018-11508
    - compat: fix 4-byte infoleak via uninitialized struct field
  * Network installs fail on SocioNext board (LP: #1775884)
    - net: netsec: reduce DMA mask to 40 bits
    - net: socionext: reset hardware in ndo_stop
    - net: netsec: enable tx-irq during open callback
  * r8169 ethernet card don't work after returning from suspension
    (LP: #1752772)
    - PCI: Add pcim_set_mwi(), a device-managed pci_set_mwi()
    - r8169: switch to device-managed functions in probe
    - r8169: remove netif_napi_del in probe error path
    - r8169: remove some WOL-related dead code
    - r8169: disable WOL per default
    - r8169: improve interrupt handling
    - r8169: fix interrupt number after adding support for MSI-X interrupts
  * ISST-LTE:KVM:Ubuntu18.04:BostonLC:boslcp3:boslcp3g3:Guest conosle hangs
    after hotplug CPU add operation. (LP: #1759723)
    - genirq/affinity: assign vectors to all possible CPUs
    - genirq/affinity: Don't return with empty affinity masks on error
    - genirq/affinity: Rename *node_to_possible_cpumask as *node_to_cpumask
    - genirq/affinity: Move actual irq vector spreading into a helper function
    - genirq/affinity: Allow irq spreading from a given starting point
    - genirq/affinity: Spread irq vectors among present CPUs as far as possible
    - blk-mq: simplify queue mapping & schedule with each possisble CPU
    - blk-mq: make sure hctx->next_cpu is set correctly
    - blk-mq: Avoid that blk_mq_delay_run_hw_queue() introduces unintended delays
    - blk-mq: make sure that correct hctx->next_cpu is set
    - blk-mq: avoid to write intermediate result to hctx->next_cpu
    - blk-mq: introduce blk_mq_hw_queue_first_cpu() to figure out first cpu
    - blk-mq: don't check queue mapped in __blk_mq_delay_run_hw_queue()
    - nvme: pci: pass max vectors as num_possible_cpus() to pci_alloc_irq_vectors
    - scsi: hpsa: fix selection of reply queue
    - scsi: megaraid_sas: fix selection of reply queue
    - scsi: core: introduce force_blk_mq
    - scsi: virtio_scsi: fix IO hang caused by automatic irq vector affinity
    - scsi: virtio_scsi: unify scsi_host_template
  * Fix several bugs in RDMA/hns driver (LP: #1770974)
    - RDMA/hns: Use structs to describe the uABI instead of opencoding
    - RDMA/hns: Remove unnecessary platform_get_resource() error check
    - RDMA/hns: Remove unnecessary operator
    - RDMA/hns: Add names to function arguments in function pointers
    - RDMA/hns: Fix misplaced call to hns_roce_cleanup_hem_table
    - RDMA/hns: Fix a bug with modifying mac address
    - RDMA/hns: Use free_pages function instead of free_page
    - RDMA/hns: Replace __raw_write*(cpu_to_le*()) with LE write*()
    - RDMA/hns: Bugfix for init hem table
    - RDMA/hns: Intercept illegal RDMA operation when use inline data
    - RDMA/hns: Fix the qp context state diagram
    - RDMA/hns: Only assign mtu if IB_QP_PATH_MTU bit is set
    - RDMA/hns: Remove some unnecessary attr_mask judgement
    - RDMA/hns: Only assign dqpn if IB_QP_PATH_DEST_QPN bit is set
    - RDMA/hns: Adjust the order of cleanup hem table
    - RDMA/hns: Update assignment method for owner field of send wqe
    - RDMA/hns: Submit bad wr
    - RDMA/hns: Fix a couple misspellings
    - RDMA/hns: Add rq inline flags judgement
    - RDMA/hns: Bugfix for rq record db for kernel
    - RDMA/hns: Load the RoCE dirver automatically
    - RDMA/hns: Update convert function of endian format
    - RDMA/hns: Add return operation when configured global param fail
    - RDMA/hns: Not support qp transition from reset to reset for hip06
    - RDMA/hns: Fix the bug with rq sge
    - RDMA/hns: Set desc_dma_addr for zero when free cmq desc
    - RDMA/hns: Enable inner_pa_vld filed of mpt
    - RDMA/hns: Set NULL for __internal_mr
    - RDMA/hns: Fix the bug with NULL pointer
    - RDMA/hns: Bugfix for cq record db for kernel
    - RDMA/hns: Move the location for initializing tmp_len
    - RDMA/hns: Drop local zgid in favor of core defined variable
    - RDMA/hns: Add 64KB page size support for hip08
    - RDMA/hns: Rename the idx field of db
    - RDMA/hns: Modify uar allocation algorithm to avoid bitmap exhaust
    - RDMA/hns: Increase checking CMQ status timeout value
    - RDMA/hns: Add reset process for RoCE in hip08
    - RDMA/hns: Fix the illegal memory operation when cross page
    - RDMA/hns: Implement the disassociate_ucontext API
  * powerpc/livepatch: Implement reliable stack tracing for the consistency
    model (LP: #1771844)
    - powerpc/livepatch: Implement reliable stack tracing for the consistency
      model
  * vmxnet3: update to latest ToT (LP: #1768143)
    - vmxnet3: avoid xmit reset due to a race in vmxnet3
    - vmxnet3: use correct flag to indicate LRO feature
    - vmxnet3: fix incorrect dereference when rxvlan is disabled
  * 4.15.0-22-generic fails to boot on IBM S822LC (POWER8 (raw), altivec
    supported) (LP: #1773162)
    - Revert "powerpc/64s: Add support for a store forwarding barrier at kernel
      entry/exit"
    - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit
  * Decode ARM CPER records in kernel (LP: #1770244)
    - [Config] CONFIG_UEFI_CPER_ARM=y
    - efi: Move ARM CPER code to new file
    - efi: Parse ARM error information value
  * Adding back alx WoL feature (LP: #1772610)
    - SAUCE: Revert "alx: remove WoL support"
    - SAUCE: alx: add enable_wol paramenter
  * Lancer A0 Asic HBA's won't boot with 18.04 (LP: #1768103)
    - scsi: lpfc: Fix WQ/CQ creation for older asic's.
    - scsi: lpfc: Fix 16gb hbas failing cq create.
  * [LTCTest][OPAL][OP920] cpupower idle-info is not listing stop4 and stop5
    idle states when all CORES are guarded (LP: #1771780)
    - SAUCE: cpuidle/powernv : init all present cpus for deep states
  * Huawei 25G/100G Network Adapters Unsupported (LP: #1770970)
    - net-next/hinic: add pci device ids for 25ge and 100ge card
  * [Ubuntu 18.04.1] POWER9 - Nvidia Volta - Kernel changes to enable Nvidia
    driver on bare metal (LP: #1772991)
    - powerpc/powernv/npu: Fix deadlock in mmio_invalidate()
    - powerpc/powernv/mce: Don't silently restart the machine
    - powerpc/npu-dma.c: Fix crash after __mmu_notifier_register failure
    - powerpc/mm: Flush cache on memory hot(un)plug
    - powerpc/powernv/memtrace: Let the arch hotunplug code flush cache
    - powerpc/powernv/npu: Add lock to prevent race in concurrent context
      init/destroy
    - powerpc/powernv/npu: Prevent overwriting of pnv_npu2_init_contex() callback
      parameters
    - powerpc/powernv/npu: Do a PID GPU TLB flush when invalidating a large
      address range
    - powerpc/mce: Fix a bug where mce loops on memory UE.
  * cpum_sf: ensure sample freq is non-zero (LP: #1772593)
    - s390/cpum_sf: ensure sample frequency of perf event attributes is non-zero
  * PCIe link speeds of 16 GT/s are shown as "Unknown speed" (LP: #1773243)
    - PCI: Add decoding for 16 GT/s link speed
  * False positive ACPI _PRS error messages (LP: #1773295)
    - ACPI / PCI: pci_link: Allow the absence of _PRS and change log level
  * Dell systems crash when disabling Nvidia dGPU (LP: #1773299)
    - ACPI / OSI: Add OEM _OSI strings to disable NVidia RTD3
  * wlp3s0: failed to remove key (1, ff:ff:ff:ff:ff:ff) from hardware (-22)
    (LP: #1720930)
    - iwlwifi: mvm: fix "failed to remove key" message
  * Expose arm64 CPU topology to userspace (LP: #1770231)
    - ACPICA: ACPI 6.2: Additional PPTT flags
    - drivers: base: cacheinfo: move cache_setup_of_node()
    - drivers: base: cacheinfo: setup DT cache properties early
    - cacheinfo: rename of_node to fw_token
    - arm64/acpi: Create arch specific cpu to acpi id helper
    - ACPI/PPTT: Add Processor Properties Topology Table parsing
    - [Config] CONFIG_ACPI_PPTT=y
    - ACPI: Enable PPTT support on ARM64
    - drivers: base cacheinfo: Add support for ACPI based firmware tables
    - arm64: Add support for ACPI based firmware tables
    - arm64: topology: rename cluster_id
    - arm64: topology: enable ACPI/PPTT based CPU topology
    - ACPI: Add PPTT to injectable table list
    - arm64: topology: divorce MC scheduling domain from core_siblings
  * hisi_sas robustness fixes (LP: #1774466)
    - scsi: hisi_sas: delete timer when removing hisi_sas driver
    - scsi: hisi_sas: print device id for errors
    - scsi: hisi_sas: Add some checks to avoid free'ing a sas_task twice
    - scsi: hisi_sas: check host frozen before calling "done" function
    - scsi: hisi_sas: check sas_dev gone earlier in hisi_sas_abort_task()
    - scsi: hisi_sas: stop controller timer for reset
    - scsi: hisi_sas: update PHY linkrate after a controller reset
    - scsi: hisi_sas: change slot index allocation mode
    - scsi: hisi_sas: Change common allocation mode of device id
    - scsi: hisi_sas: Reset disks when discovered
    - scsi: hisi_sas: Create a scsi_host_template per HW module
    - scsi: hisi_sas: Init disks after controller reset
    - scsi: hisi_sas: Try wait commands before before controller reset
    - scsi: hisi_sas: Include TMF elements in struct hisi_sas_slot
    - scsi: hisi_sas: Add v2 hw force PHY function for internal ATA command
    - scsi: hisi_sas: Terminate STP reject quickly for v2 hw
    - scsi: hisi_sas: Fix return value when get_free_slot() failed
    - scsi: hisi_sas: Mark PHY as in reset for nexus reset
  * hisi_sas: Support newer v3 hardware (LP: #1774467)
    - scsi: hisi_sas: update RAS feature for later revision of v3 HW
    - scsi: hisi_sas: check IPTT is valid before using it for v3 hw
    - scsi: hisi_sas: fix PI memory size
    - scsi: hisi_sas: config ATA de-reset as an constrained command for v3 hw
    - scsi: hisi_sas: remove redundant handling to event95 for v3
    - scsi: hisi_sas: add readl poll timeout helper wrappers
    - scsi: hisi_sas: workaround a v3 hw hilink bug
    - scsi: hisi_sas: Add LED feature for v3 hw
  * hisi_sas: improve performance by optimizing DQ locking (LP: #1774472)
    - scsi: hisi_sas: initialize dq spinlock before use
    - scsi: hisi_sas: optimise the usage of DQ locking
    - scsi: hisi_sas: relocate smp sg map
    - scsi: hisi_sas: make return type of prep functions void
    - scsi: hisi_sas: allocate slot buffer earlier
    - scsi: hisi_sas: Don't lock DQ for complete task sending
    - scsi: hisi_sas: Use device lock to protect slot alloc/free
    - scsi: hisi_sas: add check of device in hisi_sas_task_exec()
    - scsi: hisi_sas: fix a typo in hisi_sas_task_prep()
  * Request to revert SAUCE patches in the 18.04 SRU and update with upstream
    version (LP: #1768431)
    - scsi: cxlflash: Handle spurious interrupts
    - scsi: cxlflash: Remove commmands from pending list on timeout
    - scsi: cxlflash: Synchronize reset and remove ops
    - SAUCE: (no-up) cxlflash: OCXL diff between v2 and v3
  * After update to 4.13-43 Intel Graphics are Laggy (LP: #1773520)
    - SAUCE: Revert "drm/i915/edp: Allow alternate fixed mode for eDP if
      available."
  * ELANPAD ELAN0612 does not work, patch available (LP: #1773509)
    - SAUCE: Input: elan_i2c - add ELAN0612 to the ACPI table
  * FS-Cache: Assertion failed: FS-Cache: 6 == 5 is false (LP: #1774336)
    - SAUCE: CacheFiles: fix a read_waiter/read_copier race
  * hns3 driver updates (LP: #1768670)
    - net: hns3: VF should get the real rss_size instead of rss_size_max
    - net: hns3: set the cmdq out_vld bit to 0 after used
    - net: hns3: fix endian issue when PF get mbx message flag
    - net: hns3: fix the queue id for tqp enable&&reset
    - net: hns3: set the max ring num when alloc netdev
    - net: hns3: add support for VF driver inner interface
      hclgevf_ops.get_tqps_and_rss_info
    - net: hns3: refactor the hclge_get/set_rss function
    - net: hns3: refactor the hclge_get/set_rss_tuple function
    - net: hns3: fix for RSS configuration loss problem during reset
    - net: hns3: fix for pause configuration lost during reset
    - net: hns3: fix for use-after-free when setting ring parameter
    - net: hns3: refactor the get/put_vector function
    - net: hns3: fix for coalesce configuration lost during reset
    - net: hns3: refactor the coalesce related struct
    - net: hns3: fix for coal configuation lost when setting the channel
    - net: hns3: add existence check when remove old uc mac address
    - net: hns3: fix for netdev not running problem after calling net_stop and
      net_open
    - net: hns3: fix for ipv6 address loss problem after setting channels
    - net: hns3: unify the pause params setup function
    - net: hns3: fix rx path skb->truesize reporting bug
    - net: hns3: add support for querying pfc puase packets statistic
    - net: hns3: fix for loopback failure when vlan filter is enable
    - net: hns3: fix for buffer overflow smatch warning
    - net: hns3: fix error type definition of return value
    - net: hns3: fix return value error of hclge_get_mac_vlan_cmd_status()
    - net: hns3: add existence checking before adding unicast mac address
    - net: hns3: add result checking for VF when modify unicast mac address
    - net: hns3: reallocate tx/rx buffer after changing mtu
    - net: hns3: fix the VF queue reset flow error
    - net: hns3: fix for vlan table lost problem when resetting
    - net: hns3: increase the max time for IMP handle command
    - net: hns3: change GL update rate
    - net: hns3: change the time interval of int_gl calculating
    - net: hns3: fix for getting wrong link mode problem
    - net: hns3: add get_link support to VF
    - net: hns3: add querying speed and duplex support to VF
    - net: hns3: fix for not returning problem in get_link_ksettings when phy
      exists
    - net: hns3: Changes to make enet watchdog timeout func common for PF/VF
    - net: hns3: Add VF Reset Service Task to support event handling
    - net: hns3: Add VF Reset device state and its handling
    - net: hns3: Add support to request VF Reset to PF
    - net: hns3: Add support to reset the enet/ring mgmt layer
    - net: hns3: Add support to re-initialize the hclge device
    - net: hns3: Changes to support ARQ(Asynchronous Receive Queue)
    - net: hns3: Add *Asserting Reset* mailbox message & handling in VF
    - net: hns3: Changes required in PF mailbox to support VF reset
    - net: hns3: hclge_inform_reset_assert_to_vf() can be static
    - net: hns3: fix for returning wrong value problem in hns3_get_rss_key_size
    - net: hns3: fix for returning wrong value problem in hns3_get_rss_indir_size
    - net: hns3: fix for the wrong shift problem in hns3_set_txbd_baseinfo
    - net: hns3: fix for not initializing VF rss_hash_key problem
    - net: hns3: never send command queue message to IMP when reset
    - net: hns3: remove unnecessary pci_set_drvdata() and devm_kfree()
    - net: hns3: fix length overflow when CONFIG_ARM64_64K_PAGES
    - net: hns3: Remove error log when getting pfc stats fails
    - net: hns3: fix to correctly fetch l4 protocol outer header
    - net: hns3: Fixes the out of bounds access in hclge_map_tqp
    - net: hns3: Fixes the error legs in hclge_init_ae_dev function
    - net: hns3: fix for phy_addr error in hclge_mac_mdio_config
    - net: hns3: Fix to support autoneg only for port attached with phy
    - net: hns3: fix a dead loop in hclge_cmd_csq_clean
    - net: hns3: Fix for packet loss due wrong filter config in VLAN tbls
    - net: hns3: Remove packet statistics in the range of 8192~12287
    - net: hns3: Add support of hardware rx-vlan-offload to HNS3 VF driver
    - net: hns3: Fix for setting mac address when resetting
    - net: hns3: remove add/del_tunnel_udp in hns3_enet module
    - net: hns3: fix for cleaning ring problem
    - net: hns3: refactor the loopback related function
    - net: hns3: Fix for deadlock problem occurring when unregistering ae_algo
    - net: hns3: Fix for the null pointer problem occurring when initializing
      ae_dev failed
    - net: hns3: Add a check for client instance init state
    - net: hns3: Change return type of hnae3_register_ae_dev
    - net: hns3: Change return type of hnae3_register_ae_algo
    - net: hns3: Change return value in hnae3_register_client
    - net: hns3: Fixes the back pressure setting when sriov is enabled
    - net: hns3: Fix for fiber link up problem
    - net: hns3: Add support of .sriov_configure in HNS3 driver
    - net: hns3: Fixes the missing PCI iounmap for various legs
    - net: hns3: Fixes error reported by Kbuild and internal review
    - net: hns3: Fixes API to fetch ethernet header length with kernel default
    - net: hns3: cleanup of return values in hclge_init_client_instance()
    - net: hns3: Fix the missing client list node initialization
    - net: hns3: Fix for hns3 module is loaded multiple times problem
    - net: hns3: Use enums instead of magic number in hclge_is_special_opcode
    - net: hns3: Fix for netdev not running problem after calling net_stop and
      net_open
    - net: hns3: Fixes kernel panic issue during rmmod hns3 driver
    - net: hns3: Fix for CMDQ and Misc. interrupt init order problem
    - net: hns3: Updates RX packet info fetch in case of multi BD
    - net: hns3: Add support for tx_accept_tag2 and tx_accept_untag2 config
    - net: hns3: Add STRP_TAGP field support for hardware revision 0x21
    - net: hns3: Add support to enable TX/RX promisc mode for H/W rev(0x21)
    - net: hns3: Fix for PF mailbox receving unknown message
    - net: hns3: Fixes the state to indicate client-type initialization
    - net: hns3: Fixes the init of the VALID BD info in the descriptor
    - net: hns3: Removes unnecessary check when clearing TX/RX rings
    - net: hns3: Clear TX/RX rings when stopping port & un-initializing client
    - net: hns3: Remove unused led control code
    - net: hns3: Adds support for led locate command for copper port
    - net: hns3: Fixes initalization of RoCE handle and makes it conditional
    - net: hns3: Disable vf vlan filter when vf vlan table is full
    - net: hns3: Add support for IFF_ALLMULTI flag
    - net: hns3: Add repeat address checking for setting mac address
    - net: hns3: Fix setting mac address error
    - net: hns3: Fix for service_task not running problem after resetting
    - net: hns3: Fix for hclge_reset running repeatly problem
    - net: hns3: Fix for phy not link up problem after resetting
    - net: hns3: Add missing break in misc_irq_handle
    - net: hns3: Fix for vxlan tx checksum bug
    - net: hns3: Optimize the PF's process of updating multicast MAC
    - net: hns3: Optimize the VF's process of updating multicast MAC
    - SAUCE: {topost} net: hns3: add support for serdes loopback selftest
    - SAUCE: {topost} net: hns3: RX BD information valid only in last BD except
      VLD bit and buffer size
    - SAUCE: {topost} net: hns3: remove hclge_get_vector_index from
      hclge_bind_ring_with_vector
    - SAUCE: {topost} net: hns3: rename the interface for init_client_instance and
      uninit_client_instance
    - SAUCE: {topost} net: hns3: add vector status check before free vector
    - SAUCE: {topost} net: hns3: add l4_type check for both ipv4 and ipv6
    - SAUCE: {topost} net: hns3: remove unused head file in hnae3.c
    - SAUCE: {topost} net: hns3: extraction an interface for state state
      init|uninit
    - SAUCE: {topost} net: hns3: print the ret value in error information
    - SAUCE: {topost} net: hns3: remove the Redundant put_vector in
      hns3_client_uninit
    - SAUCE: {topost} net: hns3: add unlikely for error check
    - SAUCE: {topost} net: hns3: remove back in struct hclge_hw
    - SAUCE: {topost} net: hns3: use lower_32_bits and upper_32_bits
    - SAUCE: {topost} net: hns3: remove unused hclge_ring_to_dma_dir
    - SAUCE: {topost} net: hns3: remove useless code in hclge_cmd_send
    - SAUCE: {topost} net: hns3: remove some redundant assignments
    - SAUCE: {topost} net: hns3: simplify hclge_cmd_csq_clean
    - SAUCE: {topost} net: hns3: using modulo for cyclic counters in
      hclge_cmd_send
    - SAUCE: {topost} net: hns3: remove a redundant hclge_cmd_csq_done
    - SAUCE: {topost} net: hns3: remove some unused members of some structures
    - SAUCE: {topost} net: hns3: give default option while dependency HNS3 set
    - SAUCE: {topost} net: hns3: use dma_zalloc_coherent instead of
      kzalloc/dma_map_single
    - SAUCE: {topost} net: hns3: modify hnae_ to hnae3_
    - SAUCE: {topost} net: hns3: fix unused function warning in VF driver
    - SAUCE: {topost} net: hns3: remove some redundant assignments
    - SAUCE: {topost} net: hns3: standardize the handle of return value
    - SAUCE: {topost} net: hns3: remove extra space and brackets
    - SAUCE: {topost} net: hns3: fix unreasonable code comments
    - SAUCE: {topost} net: hns3: use decimal for bit offset macros
    - SAUCE: {topost} net: hns3: modify inconsistent bit mask macros
    - SAUCE: {topost} net: hns3: fix mislead parameter name
    - SAUCE: {topost} net: hns3: remove unused struct member and definition
    - SAUCE: {topost} net: hns3: Add SPDX tags to hns3 driver
    - SAUCE: {topost} net: hns3: Add pf reset for hip08 RoCE
    - SAUCE: {topost} net: hns3: optimize the process of notifying roce client
    - SAUCE: {topost} net: hns3: Add calling roce callback function when link
      status change
    - SAUCE: {topost} net: hns3: fix tc setup when netdev is first up
    - SAUCE: {topost} net: hns3: fix for mac pause not disable in pfc mode
    - SAUCE: {topost} net: hns3: fix for waterline not setting correctly
    - SAUCE: {topost} net: hns3: fix for l4 checksum offload bug
    - SAUCE: {topost} net: hns3: fix for mailbox message truncated problem
    - SAUCE: {topost} net: hns3: Add configure for mac minimal frame size
    - SAUCE: {topost} net: hns3: fix warning bug when doing lp selftest
    - SAUCE: {topost} net: hns3: fix get_vector ops in hclgevf_main module
    - SAUCE: {topost} net: hns3: remove the warning when clear reset cause
    - SAUCE: {topost} net: hns3: Use roce handle when calling roce callback
      function
    - SAUCE: {topost} net: hns3: prevent sending command during global or core
      reset
    - SAUCE: {topost} net: hns3: modify the order of initializeing command queue
      register
    - SAUCE: {topost} net: hns3: reset net device with rtnl_lock
    - SAUCE: {topost} net: hns3: prevent to request reset frequently
    - SAUCE: {topost} net: hns3: correct reset event status register
    - SAUCE: {topost} net: hns3: separate roce from nic when resetting
    - SAUCE: net: hns3: Fix for phy link issue when using marvell phy driver
    - SAUCE: {topost} net: hns3: fix return value error in
      hns3_reset_notify_down_enet
    - SAUCE: {topost} net: hns3: remove unnecessary ring configuration operation
      while resetting
    - SAUCE: {topost} net: hns3: fix for reset_level default assignment probelm
    - SAUCE: {topost} net: hns3: fix for using wrong mask and shift in
      hclge_get_ring_chain_from_mbx
    - SAUCE: {topost} net: hns3: fix comments for hclge_get_ring_chain_from_mbx
    - SAUCE: net: hns3: Fix for VF mailbox cannot receiving PF response
    - SAUCE: net: hns3: Fix for VF mailbox receiving unknown message
    - SAUCE: net: hns3: Optimize PF CMDQ interrupt switching process
  * enable mic-mute hotkey and led on Lenovo M820z and M920z (LP: #1774306)
    - ALSA: hda/realtek - Enable mic-mute hotkey for several Lenovo AIOs
  * Bionic update: upstream stable patchset 2018-05-29 (LP: #1774063)
    - cifs: do not allow creating sockets except with SMB1 posix exensions
    - btrfs: fix unaligned access in readdir
    - x86/acpi: Prevent X2APIC id 0xffffffff from being accounted
    - clocksource/imx-tpm: Correct -ETIME return condition check
    - x86/tsc: Prevent 32bit truncation in calc_hpet_ref()
    - drm/vc4: Fix memory leak during BO teardown
    - drm/i915/gvt: throw error on unhandled vfio ioctls
    - drm/i915/audio: Fix audio detection issue on GLK
    - drm/i915: Do no use kfree() to free a kmem_cache_alloc() return value
    - drm/i915: Fix LSPCON TMDS output buffer enabling from low-power state
    - drm/i915/bxt, glk: Increase PCODE timeouts during CDCLK freq changing
    - usb: musb: fix enumeration after resume
    - usb: musb: call pm_runtime_{get,put}_sync before reading vbus registers
    - usb: musb: Fix external abort in musb_remove on omap2430
    - firewire-ohci: work around oversized DMA reads on JMicron controllers
    - x86/tsc: Allow TSC calibration without PIT
    - NFSv4: always set NFS_LOCK_LOST when a lock is lost.
    - ACPI / LPSS: Do not instiate platform_dev for devs without MMIO resources
    - ALSA: hda - Use IS_REACHABLE() for dependency on input
    - ASoC: au1x: Fix timeout tests in au1xac97c_ac97_read()
    - kvm: x86: fix KVM_XEN_HVM_CONFIG ioctl
    - RDMA/core: Clarify rdma_ah_find_type
    - KVM: PPC: Book3S HV: Enable migration of decrementer register
    - netfilter: ipv6: nf_defrag: Pass on packets to stack per RFC2460
    - tracing/hrtimer: Fix tracing bugs by taking all clock bases and modes into
      account
    - KVM: s390: use created_vcpus in more places
    - platform/x86: dell-laptop: Filter out spurious keyboard backlight change
      events
    - xprtrdma: Fix backchannel allocation of extra rpcrdma_reps
    - selftest: ftrace: Fix to pick text symbols for kprobes
    - PCI: Add function 1 DMA alias quirk for Marvell 9128
    - Input: psmouse - fix Synaptics detection when protocol is disabled
    - libbpf: Makefile set specified permission mode
    - Input: synaptics - reset the ABS_X/Y fuzz after initializing MT axes
    - i40iw: Free IEQ resources
    - i40iw: Zero-out consumer key on allocate stag for FMR
    - perf unwind: Do not look just at the global callchain_param.record_mode
    - tools lib traceevent: Simplify pointer print logic and fix %pF
    - perf callchain: Fix attr.sample_max_stack setting
    - tools lib traceevent: Fix get_field_str() for dynamic strings
    - perf record: Fix failed memory allocation for get_cpuid_str
    - iommu/exynos: Don't unconditionally steal bus ops
    - powerpc: System reset avoid interleaving oops using die synchronisation
    - iommu/vt-d: Use domain instead of cache fetching
    - dm thin: fix documentation relative to low water mark threshold
    - dm mpath: return DM_MAPIO_REQUEUE on blk-mq rq allocation failure
    - ubifs: Fix uninitialized variable in search_dh_cookie()
    - net: stmmac: dwmac-meson8b: fix setting the RGMII TX clock on Meson8b
    - net: stmmac: dwmac-meson8b: propagate rate changes to the parent clock
    - spi: a3700: Clear DATA_OUT when performing a read
    - IB/cq: Don't force IB_POLL_DIRECT poll context for ib_process_cq_direct
    - nfs: Do not convert nfs_idmap_cache_timeout to jiffies
    - MIPS: Fix clean of vmlinuz.{32,ecoff,bin,srec}
    - PCI: Add dummy pci_irqd_intx_xlate() for CONFIG_PCI=n build
    - watchdog: sp5100_tco: Fix watchdog disable bit
    - kconfig: Don't leak main menus during parsing
    - kconfig: Fix automatic menu creation mem leak
    - kconfig: Fix expr_free() E_NOT leak
    - ipmi/powernv: Fix error return code in ipmi_powernv_probe()
    - Btrfs: set plug for fsync
    - btrfs: Fix out of bounds access in btrfs_search_slot
    - Btrfs: fix scrub to repair raid6 corruption
    - btrfs: fail mount when sb flag is not in BTRFS_SUPER_FLAG_SUPP
    - Btrfs: fix unexpected EEXIST from btrfs_get_extent
    - Btrfs: raid56: fix race between merge_bio and rbio_orig_end_io
    - RDMA/cma: Check existence of netdevice during port validation
    - f2fs: avoid hungtask when GC encrypted block if io_bits is set
    - scsi: devinfo: fix format of the device list
    - scsi: fas216: fix sense buffer initialization
    - Input: stmfts - set IRQ_NOAUTOEN to the irq flag
    - HID: roccat: prevent an out of bounds read in kovaplus_profile_activated()
    - nfp: fix error return code in nfp_pci_probe()
    - block: Set BIO_TRACE_COMPLETION on new bio during split
    - bpf: test_maps: cleanup sockmaps when test ends
    - i40evf: Don't schedule reset_task when device is being removed
    - i40evf: ignore link up if not running
    - platform/x86: thinkpad_acpi: suppress warning about palm detection
    - KVM: s390: vsie: use READ_ONCE to access some SCB fields
    - blk-mq-debugfs: don't allow write on attributes with seq_operations set
    - ASoC: rockchip: Use dummy_dai for rt5514 dsp dailink
    - igb: Allow to remove administratively set MAC on VFs
    - igb: Clear TXSTMP when ptp_tx_work() is timeout
    - fm10k: fix "failed to kill vid" message for VF
    - x86/hyperv: Stop suppressing X86_FEATURE_PCID
    - tty: serial: exar: Relocate sleep wake-up handling
    - device property: Define type of PROPERTY_ENRTY_*() macros
    - crypto: artpec6 - remove select on non-existing CRYPTO_SHA384
    - RDMA/uverbs: Use an unambiguous errno for method not supported
    - jffs2: Fix use-after-free bug in jffs2_iget()'s error handling path
    - ixgbe: don't set RXDCTL.RLPML for 82599
    - i40e: program fragmented IPv4 filter input set
    - i40e: fix reported mask for ntuple filters
    - samples/bpf: Partially fixes the bpf.o build
    - powerpc/numa: Use ibm,max-associativity-domains to discover possible nodes
    - powerpc/numa: Ensure nodes initialized for hotplug
    - RDMA/mlx5: Avoid memory leak in case of XRCD dealloc failure
    - ntb_transport: Fix bug with max_mw_size parameter
    - gianfar: prevent integer wrapping in the rx handler
    - x86/hyperv: Check for required priviliges in hyperv_init()
    - netfilter: x_tables: fix pointer leaks to userspace
    - tcp_nv: fix potential integer overflow in tcpnv_acked
    - kvm: Map PFN-type memory regions as writable (if possible)
    - x86/kvm/vmx: do not use vm-exit instruction length for fast MMIO when
      running nested
    - fs/dax.c: release PMD lock even when there is no PMD support in DAX
    - ocfs2: return -EROFS to mount.ocfs2 if inode block is invalid
    - ocfs2/acl: use 'ip_xattr_sem' to protect getting extended attribute
    - ocfs2: return error when we attempt to access a dirty bh in jbd2
    - mm/mempolicy: fix the check of nodemask from user
    - mm/mempolicy: add nodes_empty check in SYSC_migrate_pages
    - asm-generic: provide generic_pmdp_establish()
    - sparc64: update pmdp_invalidate() to return old pmd value
    - mm: thp: use down_read_trylock() in khugepaged to avoid long block
    - mm: pin address_space before dereferencing it while isolating an LRU page
    - mm/fadvise: discard partial page if endbyte is also EOF
    - openvswitch: Remove padding from packet before L3+ conntrack processing
    - blk-mq: fix discard merge with scheduler attached
    - IB/hfi1: Re-order IRQ cleanup to address driver cleanup race
    - IB/hfi1: Fix for potential refcount leak in hfi1_open_file()
    - IB/ipoib: Fix for potential no-carrier state
    - IB/core: Map iWarp AH type to undefined in rdma_ah_find_type
    - drm/nouveau/pmu/fuc: don't use movw directly anymore
    - s390/eadm: fix CONFIG_BLOCK include dependency
    - netfilter: ipv6: nf_defrag: Kill frag queue on RFC2460 failure
    - x86/power: Fix swsusp_arch_resume prototype
    - x86/dumpstack: Avoid uninitlized variable
    - firmware: dmi_scan: Fix handling of empty DMI strings
    - ACPI: processor_perflib: Do not send _PPC change notification if not ready
    - ACPI / bus: Do not call _STA on battery devices with unmet dependencies
    - ACPI / scan: Use acpi_bus_get_status() to initialize ACPI_TYPE_DEVICE devs
    - MIPS: TXx9: use IS_BUILTIN() for CONFIG_LEDS_CLASS
    - perf record: Fix period option handling
    - MIPS: Generic: Support GIC in EIC mode
    - perf evsel: Fix period/freq terms setup
    - xen-netfront: Fix race between device setup and open
    - xen/grant-table: Use put_page instead of free_page
    - bpf: sockmap, fix leaking maps with attached but not detached progs
    - RDS: IB: Fix null pointer issue
    - arm64: spinlock: Fix theoretical trylock() A-B-A with LSE atomics
    - proc: fix /proc/*/map_files lookup
    - PM / domains: Fix up domain-idle-states OF parsing
    - cifs: silence compiler warnings showing up with gcc-8.0.0
    - bcache: properly set task state in bch_writeback_thread()
    - bcache: fix for allocator and register thread race
    - bcache: fix for data collapse after re-attaching an attached device
    - bcache: return attach error when no cache set exist
    - cpufreq: intel_pstate: Enable HWP during system resume on CPU0
    - selftests/ftrace: Add some missing glob checks
    - rxrpc: Don't put crypto buffers on the stack
    - svcrdma: Fix Read chunk round-up
    - net: Extra '_get' in declaration of arch_get_platform_mac_address
    - tools/libbpf: handle issues with bpf ELF objects containing .eh_frames
    - SUNRPC: Don't call __UDPX_INC_STATS() from a preemptible context
    - net: stmmac: discard disabled flags in interrupt status register
    - bpf: fix rlimit in reuseport net selftest
    - ACPI / EC: Restore polling during noirq suspend/resume phases
    - PM / wakeirq: Fix unbalanced IRQ enable for wakeirq
    - vfs/proc/kcore, x86/mm/kcore: Fix SMAP fault when dumping vsyscall user page
    - powerpc/mm/hash64: Zero PGD pages on allocation
    - x86/platform/UV: Fix GAM Range Table entries less than 1GB
    - locking/qspinlock: Ensure node->count is updated before initialising node
    - powerpc/powernv: IMC fix out of bounds memory access at shutdown
    - perf test: Fix test trace+probe_libc_inet_pton.sh for s390x
    - irqchip/gic-v3: Ignore disabled ITS nodes
    - cpumask: Make for_each_cpu_wrap() available on UP as well
    - irqchip/gic-v3: Change pr_debug message to pr_devel
    - RDMA/core: Reduce poll batch for direct cq polling
    - alarmtimer: Init nanosleep alarm timer on stack
    - netfilter: x_tables: cap allocations at 512 mbyte
    - netfilter: x_tables: add counters allocation wrapper
    - netfilter: compat: prepare xt_compat_init_offsets to return errors
    - netfilter: compat: reject huge allocation requests
    - netfilter: x_tables: limit allocation requests for blob rule heads
    - perf: Fix sample_max_stack maximum check
    - perf: Return proper values for user stack errors
    - RDMA/mlx5: Fix NULL dereference while accessing XRC_TGT QPs
    - Revert "KVM: X86: Fix SMRAM accessing even if VM is shutdown"
    - mac80211_hwsim: fix use-after-free bug in hwsim_exit_net
    - btrfs: Fix race condition between delayed refs and blockgroup removal
    - mm,vmscan: Allow preallocating memory for register_shrinker().
  * Bionic update: upstream stable patchset 2018-05-24 (LP: #1773233)
    - tty: make n_tty_read() always abort if hangup is in progress
    - cpufreq: CPPC: Use transition_delay_us depending transition_latency
    - ubifs: Check ubifs_wbuf_sync() return code
    - ubi: fastmap: Don't flush fastmap work on detach
    - ubi: Fix error for write access
    - ubi: Reject MLC NAND
    - mm/ksm.c: fix inconsistent accounting of zero pages
    - mm/hmm: hmm_pfns_bad() was accessing wrong struct
    - task_struct: only use anon struct under randstruct plugin
    - fs/reiserfs/journal.c: add missing resierfs_warning() arg
    - resource: fix integer overflow at reallocation
    - ipc/shm: fix use-after-free of shm file via remap_file_pages()
    - mm, slab: reschedule cache_reap() on the same CPU
    - usb: musb: gadget: misplaced out of bounds check
    - phy: allwinner: sun4i-usb: poll vbus changes on A23/A33 when driving VBUS
    - usb: gadget: udc: core: update usb_ep_queue() documentation
    - ARM64: dts: meson: reduce odroid-c2 eMMC maximum rate
    - KVM: arm/arm64: vgic-its: Fix potential overrun in vgic_copy_lpi_list
    - ARM: EXYNOS: Fix coupled CPU idle freeze on Exynos4210
    - arm: dts: mt7623: fix USB initialization fails on bananapi-r2
    - ARM: dts: at91: at91sam9g25: fix mux-mask pinctrl property
    - ARM: dts: exynos: Fix IOMMU support for GScaler devices on Exynos5250
    - ARM: dts: at91: sama5d4: fix pinctrl compatible string
    - spi: atmel: init FIFOs before spi enable
    - spi: Fix scatterlist elements size in spi_map_buf
    - spi: Fix unregistration of controller with fixed SPI bus number
    - media: atomisp_fops.c: disable atomisp_compat_ioctl32
    - media: vivid: check if the cec_adapter is valid
    - media: vsp1: Fix BRx conditional path in WPF
    - x86/xen: Delay get_cpu_cap until stack canary is established
    - regmap: Fix reversed bounds check in regmap_raw_write()
    - ACPI / video: Add quirk to force acpi-video backlight on Samsung 670Z5E
    - ACPI / hotplug / PCI: Check presence of slot itself in get_slot_status()
    - USB: gadget: f_midi: fixing a possible double-free in f_midi
    - USB:fix USB3 devices behind USB3 hubs not resuming at hibernate thaw
    - usb: dwc3: prevent setting PRTCAP to OTG from debugfs
    - usb: dwc3: pci: Properly cleanup resource
    - usb: dwc3: gadget: never call ->complete() from ->ep_queue()
    - cifs: fix memory leak in SMB2_open()
    - fix smb3-encryption breakage when CONFIG_DEBUG_SG=y
    - smb3: Fix root directory when server returns inode number of zero
    - HID: i2c-hid: fix size check and type usage
    - i2c: i801: Save register SMBSLVCMD value only once
    - i2c: i801: Restore configuration at shutdown
    - CIFS: refactor crypto shash/sdesc allocation&free
    - CIFS: add sha512 secmech
    - CIFS: fix sha512 check in cifs_crypto_secmech_release
    - powerpc/64s: Fix dt_cpu_ftrs to have restore_cpu clear unwanted LPCR bits
    - powerpc/64: Call H_REGISTER_PROC_TBL when running as a HPT guest on POWER9
    - powerpc/64: Fix smp_wmb barrier definition use use lwsync consistently
    - powerpc/kprobes: Fix call trace due to incorrect preempt count
    - powerpc/kexec_file: Fix error code when trying to load kdump kernel
    - powerpc/powernv: define a standard delay for OPAL_BUSY type retry loops
    - powerpc/powernv: Fix OPAL NVRAM driver OPAL_BUSY loops
    - HID: Fix hid_report_len usage
    - HID: core: Fix size as type u32
    - soc: mediatek: fix the mistaken pointer accessed when subdomains are added
    - ASoC: ssm2602: Replace reg_default_raw with reg_default
    - ASoC: topology: Fix kcontrol name string handling
    - irqchip/gic: Take lock when updating irq type
    - random: use a tighter cap in credit_entropy_bits_safe()
    - extcon: intel-cht-wc: Set direction and drv flags for V5 boost GPIO
    - block: use 32-bit blk_status_t on Alpha
    - jbd2: if the journal is aborted then don't allow update of the log tail
    - ext4: shutdown should not prevent get_write_access
    - ext4: eliminate sleep from shutdown ioctl
    - ext4: pass -ESHUTDOWN code to jbd2 layer
    - ext4: don't update checksum of new initialized bitmaps
    - ext4: protect i_disksize update by i_data_sem in direct write path
    - ext4: limit xattr size to INT_MAX
    - ext4: always initialize the crc32c checksum driver
    - ext4: don't allow r/w mounts if metadata blocks overlap the superblock
    - ext4: move call to ext4_error() into ext4_xattr_check_block()
    - ext4: add bounds checking to ext4_xattr_find_entry()
    - ext4: add extra checks to ext4_xattr_block_get()
    - dm crypt: limit the number of allocated pages
    - RDMA/ucma: Don't allow setting RDMA_OPTION_IB_PATH without an RDMA device
    - RDMA/mlx5: Protect from NULL pointer derefence
    - RDMA/rxe: Fix an out-of-bounds read
    - ALSA: pcm: Fix UAF at PCM release via PCM timer access
    - IB/srp: Fix srp_abort()
    - IB/srp: Fix completion vector assignment algorithm
    - dmaengine: at_xdmac: fix rare residue corruption
    - cxl: Fix possible deadlock when processing page faults from cxllib
    - tpm: self test failure should not cause suspend to fail
    - libnvdimm, dimm: fix dpa reservation vs uninitialized label area
    - libnvdimm, namespace: use a safe lookup for dimm device name
    - nfit, address-range-scrub: fix scrub in-progress reporting
    - nfit: skip region registration for incomplete control regions
    - ring-buffer: Check if memory is available before allocation
    - um: Compile with modern headers
    - um: Use POSIX ucontext_t instead of struct ucontext
    - iommu/vt-d: Fix a potential memory leak
    - mmc: jz4740: Fix race condition in IRQ mask update
    - mmc: tmio: Fix error handling when issuing CMD23
    - PCI: Mark Broadcom HT1100 and HT2000 Root Port Extended Tags as broken
    - clk: mvebu: armada-38x: add support for missing clocks
    - clk: fix false-positive Wmaybe-uninitialized warning
    - clk: mediatek: fix PWM clock source by adding a fixed-factor clock
    - clk: bcm2835: De-assert/assert PLL reset signal when appropriate
    - pwm: rcar: Fix a condition to prevent mismatch value setting to duty
    - thermal: imx: Fix race condition in imx_thermal_probe()
    - dt-bindings: clock: mediatek: add binding for fixed-factor clock axisel_d4
    - watchdog: f71808e_wdt: Fix WD_EN register read
    - ALSA: pcm: Use ERESTARTSYS instead of EINTR in OSS emulation
    - ALSA: pcm: Avoid potential races between OSS ioctls and read/write
    - ALSA: pcm: Return -EBUSY for OSS ioctls changing busy streams
    - ALSA: pcm: Fix mutex unbalance in OSS emulation ioctls
    - ALSA: pcm: Fix endless loop for XRUN recovery in OSS emulation
    - drm/amdgpu: Add an ATPX quirk for hybrid laptop
    - drm/amdgpu: Fix always_valid bos multiple LRU insertions.
    - drm/amdgpu/sdma: fix mask in emit_pipeline_sync
    - drm/amdgpu: Fix PCIe lane width calculation
    - drm/amdgpu/si: implement get/set pcie_lanes asic callback
    - drm/rockchip: Clear all interrupts before requesting the IRQ
    - drm/radeon: add PX quirk for Asus K73TK
    - drm/radeon: Fix PCIe lane width calculation
    - ALSA: line6: Use correct endpoint type for midi output
    - ALSA: rawmidi: Fix missing input substream checks in compat ioctls
    - ALSA: hda - New VIA controller suppor no-snoop path
    - random: fix crng_ready() test
    - random: use a different mixing algorithm for add_device_randomness()
    - random: crng_reseed() should lock the crng instance that it is modifying
    - random: add new ioctl RNDRESEEDCRNG
    - HID: input: fix battery level reporting on BT mice
    - HID: hidraw: Fix crash on HIDIOCGFEATURE with a destroyed device
    - HID: wacom: bluetooth: send exit report for recent Bluetooth devices
    - MIPS: uaccess: Add micromips clobbers to bzero invocation
    - MIPS: memset.S: EVA & fault support for small_memset
    - MIPS: memset.S: Fix return of __clear_user from Lpartial_fixup
    - MIPS: memset.S: Fix clobber of v1 in last_fixup
    - powerpc/eeh: Fix enabling bridge MMIO windows
    - powerpc/lib: Fix off-by-one in alternate feature patching
    - udf: Fix leak of UTF-16 surrogates into encoded strings
    - fanotify: fix logic of events on child
    - mmc: sdhci-pci: Only do AMD tuning for HS200
    - drm/i915: Correctly handle limited range YCbCr data on VLV/CHV
    - jffs2_kill_sb(): deal with failed allocations
    - hypfs_kill_super(): deal with failed allocations
    - orangefs_kill_sb(): deal with allocation failures
    - rpc_pipefs: fix double-dput()
    - Don't leak MNT_INTERNAL away from internal mounts
    - autofs: mount point create should honour passed in mode
    - mm/filemap.c: fix NULL pointer in page_cache_tree_insert()
    - Revert "media: lirc_zilog: driver only sends LIRCCODE"
    - media: staging: lirc_zilog: incorrect reference counting
    - writeback: safer lock nesting
    - Bluetooth: hci_bcm: Add irq_polarity module option
    - mm: hwpoison: disable memory error handling on 1GB hugepage
    - media: rc: oops in ir_timer_keyup after device unplug
    - acpi, nfit: rework NVDIMM leaf method detection
    - ceph: always update atime/mtime/ctime for new inode
    - ext4: fix offset overflow on 32-bit archs in ext4_iomap_begin()
    - ext4: force revalidation of directory pointer after seekdir(2)
    - RDMA/core: Avoid that ib_drain_qp() triggers an out-of-bounds stack access
    - xprtrdma: Fix latency regression on NUMA NFS/RDMA clients
    - xprtrdma: Fix corner cases when handling device removal
    - IB/srpt: Fix an out-of-bounds stack access in srpt_zerolength_write()
    - drivers/infiniband/core/verbs.c: fix build with gcc-4.4.4
    - drivers/infiniband/ulp/srpt/ib_srpt.c: fix build with gcc-4.4.4
    - mmc: core: Prevent bus reference leak in mmc_blk_init()
    - drm/amd/display: HDMI has no sound after Panel power off/on
    - trace_uprobe: Use %lx to display offset
    - clk: tegra: Mark HCLK, SCLK and EMC as critical
    - pwm: mediatek: Fix up PWM4 and PWM5 malfunction on MT7623
    - pwm: mediatek: Improve precision in rate calculation
    - HID: i2c-hid: Fix resume issue on Raydium touchscreen device
    - s390: add support for IBM z14 Model ZR1
    - drm/i915: Fix hibernation with ACPI S0 target state
    - libnvdimm, dimm: handle EACCES failures from label reads
    - device-dax: allow MAP_SYNC to succeed
    - HID: i2c-hid: fix inverted return value from i2c_hid_command()
  * CVE-2018-7755
    - SAUCE: floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl

 -- Chia-Lin Kao (AceLan) <email address hidden>  Thu, 21 Jun 2018 10:04:50 +0800

Available diffs

Superseded in xenial-updates on 2018-07-23
Superseded in xenial-security on 2018-07-23
Deleted in xenial-proposed (Reason: moved to -updates)
linux-oem (4.13.0-1031.35) xenial; urgency=medium

  * linux-oem: 4.13.0-1031.35 -proposed tracker (LP: #1776337)

  * Miscellaneous Ubuntu changes
    - Rebase to 4.13.0-46.51
    - SAUCE: i2c:amd move out pointer in union i2c_event_base

  [ Ubuntu: 4.13.0-46.51 ]

  * linux: 4.13.0-46.51 -proposed tracker (LP: #1776333)
  * register on binfmt_misc may overflow and crash the system (LP: #1775856)
    - fs/binfmt_misc.c: do not allow offset overflow
  * CVE-2018-11508
    - compat: fix 4-byte infoleak via uninitialized struct field
  * rfi-flush: Switch to new linear fallback flush (LP: #1744173)
    - SAUCE: rfi-flush: Factor out init_fallback_flush()
    - SAUCE: rfi-flush: Move rfi_flush_fallback_area to end of paca
    - powerpc/64s: Improve RFI L1-D cache flush fallback
    - powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
    - powerpc/rfi-flush: Differentiate enabled and patched flush types
    - powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration
  * Fix enabling bridge MMIO windows (LP: #1771344)
    - powerpc/eeh: Fix enabling bridge MMIO windows
  * CVE-2018-1130
    - dccp: check sk for closed state in dccp_sendmsg()
  * CVE-2018-7757
    - scsi: libsas: fix memory leak in sas_smp_get_phy_events()
  * cpum_sf: ensure sample freq is non-zero (LP: #1772593)
    - s390/cpum_sf: ensure sample frequency of perf event attributes is non-zero
  * wlp3s0: failed to remove key (1, ff:ff:ff:ff:ff:ff) from hardware (-22)
    (LP: #1720930)
    - iwlwifi: mvm: fix "failed to remove key" message
  * CVE-2018-6927
    - futex: Prevent overflow by strengthen input validation
  * After update to 4.13-43 Intel Graphics are Laggy (LP: #1773520)
    - SAUCE: Revert "drm/i915/edp: Allow alternate fixed mode for eDP if
      available."
  * ELANPAD ELAN0612 does not work, patch available (LP: #1773509)
    - SAUCE: Input: elan_i2c - add ELAN0612 to the ACPI table
  * kernel backtrace when receiving large UDP packages (LP: #1772031)
    - iov_iter: fix page_copy_sane for compound pages
  * FS-Cache: Assertion failed: FS-Cache: 6 == 5 is false (LP: #1774336)
    - SAUCE: CacheFiles: fix a read_waiter/read_copier race
  * CVE-2018-5803
    - sctp: verify size of a new chunk in _sctp_make_chunk()
  * enable mic-mute hotkey and led on Lenovo M820z and M920z (LP: #1774306)
    - ALSA: hda/realtek - Enable mic-mute hotkey for several Lenovo AIOs
  * CVE-2018-7755
    - SAUCE: floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl
  * CVE-2018-5750
    - ACPI: sbshc: remove raw pointer from printk() message

 -- Chia-Lin Kao (AceLan) <email address hidden>  Wed, 20 Jun 2018 14:04:03 +0800
Superseded in cosmic-release on 2018-07-03
Superseded in bionic-security on 2018-07-02
Superseded in bionic-updates on 2018-07-02
Deleted in cosmic-proposed (Reason: moved to release)
Deleted in bionic-proposed (Reason: moved to -updates)
linux-oem (4.15.0-1008.11) bionic; urgency=medium

  * linux-oem: 4.15.0-1008.11 -proposed tracker (LP: #1774764)

  * [Redpine] Wifi AP does not work  (LP: #1774606)
    - Revert "UBUNTU: SAUCE: rsi: drop RX broadcast/multicast packets with invalid
      PN"
    - SAUCE: rsi: fix for 40MHZ connection issue.
    - SAUCE: rsi: add firmware support for AP+BT dual mode

Superseded in xenial-security on 2018-07-02
Superseded in xenial-updates on 2018-07-02
Deleted in xenial-proposed (Reason: moved to -updates)
linux-oem (4.13.0-1030.33) xenial; urgency=medium

  * linux-oem: 4.13.0-1030.33 -proposed tracker (LP: #1774126)

  * Miscellaneous Ubuntu changes
    - Rebase to 4.13.0-45.50

  [ Ubuntu: 4.13.0-45.50 ]

  * linux: 4.13.0-45.50 -proposed tracker (LP: #1774124)
  * CVE-2018-3639 (x86)
    - SAUCE: Set generic SSBD feature for Intel cpus

Deleted in cosmic-proposed on 2018-06-04 (Reason: NBS)
Deleted in bionic-proposed on 2018-06-04 (Reason: NBS)
linux-oem (4.15.0-1007.10) bionic; urgency=medium

  * linux-oem: 4.15.0-1007.10 -proposed tracker (LP: #1772933)

  * Intel WiFi Linux driver update for ETSI 5GHz Adaptivity Requirement
    (LP: #1769980)
    - iwlwifi: mvm: add WFA vendor specific TPC report IE to probe request
    - iwlwifi: mvm: remove set but unused variable in iwl_mvm_roc_done_wk
    - iwlwifi: mvm: rs: introduce new API for rate scaling
    - iwlwifi: mvm: rs: add ops for the new rate scaling in the FW
    - iwlwifi: mvm: rs: add basic implementation of the new RS API handlers
    - iwlwifi: mvm: rs: new rate scale API - add FW notifications
    - iwlwifi: mvm: rs: new rate scale API - add debugfs hooks
    - iwlwifi: mvm: rs: add size checks when printing to a buffer
    - iwlwifi: mvm: rs: add sanity check when sending LQ command
    - iwlwifi: mvm: support RX flags API change
    - iwlwifi: fw: fix the enums in the rate scaling API
    - iwlwifi: mvm: adjust to quota offload
    - iwlwifi: mvm: send the low latency command
    - iwlwifi: define and use if iwl_mvm_has_tlc_offload
    - cfg80211: read wmm rules from regulatory database
    - mac80211: limit wmm params to comply with ETSI requirements
    - cfg80211: Add API to allow querying regdb for wmm_rule
    - iwlwifi: mvm: query regdb for wmm rule if needed
    - iwlwifi: rename the temporary name of A000 to the official 22000
    - iwlwifi: bump FW API to 36 for 8000 and up
    - iwlwifi: bump the max API version for 9000 and 22000 devices
    - iwlwifi: api: Add geographic profile information to MCC_UPDATE_CMD

  * [Redpine] HCI command timeout after resume from S4 (LP: #1772626)
    - SAUCE: Bluetooth: btrsi: add hci detach for hibernation and poweroff
    - SAUCE: Bluetooth:btrsi: add null check in hci send and recv functions
    - SAUCE: Bluetooth:btrsi: fix bt cmd timeout issue

  * Switch Build-Depends: transfig to fig2dev (LP: #1770770)
    - [Config] update Build-Depends: transfig to fig2dev

  * Miscellaneous Ubuntu changes
    - Rebase to 4.15.0-23.25

  [ Ubuntu: 4.15.0-23.25 ]

  * linux: 4.15.0-23.25 -proposed tracker (LP: #1772927)
  * arm64 SDEI support needs trampoline code for KPTI (LP: #1768630)
    - arm64: mmu: add the entry trampolines start/end section markers into
      sections.h
    - arm64: sdei: Add trampoline code for remapping the kernel
  * Some PCIe errors not surfaced through rasdaemon (LP: #1769730)
    - ACPI: APEI: handle PCIe AER errors in separate function
    - ACPI: APEI: call into AER handling regardless of severity
  * qla2xxx: Fix page fault at kmem_cache_alloc_node() (LP: #1770003)
    - scsi: qla2xxx: Fix session cleanup for N2N
    - scsi: qla2xxx: Remove unused argument from qlt_schedule_sess_for_deletion()
    - scsi: qla2xxx: Serialize session deletion by using work_lock
    - scsi: qla2xxx: Serialize session free in qlt_free_session_done
    - scsi: qla2xxx: Don't call dma_free_coherent with IRQ disabled.
    - scsi: qla2xxx: Fix warning in qla2x00_async_iocb_timeout()
    - scsi: qla2xxx: Prevent relogin trigger from sending too many commands
    - scsi: qla2xxx: Fix double free bug after firmware timeout
    - scsi: qla2xxx: Fixup locking for session deletion
  * Several hisi_sas bug fixes (LP: #1768974)
    - scsi: hisi_sas: dt-bindings: add an property of signal attenuation
    - scsi: hisi_sas: support the property of signal attenuation for v2 hw
    - scsi: hisi_sas: fix the issue of link rate inconsistency
    - scsi: hisi_sas: fix the issue of setting linkrate register
    - scsi: hisi_sas: increase timer expire of internal abort task
    - scsi: hisi_sas: remove unused variable hisi_sas_devices.running_req
    - scsi: hisi_sas: fix return value of hisi_sas_task_prep()
    - scsi: hisi_sas: Code cleanup and minor bug fixes
  * [bionic] machine stuck and bonding not working well when nvmet_rdma module
    is loaded (LP: #1764982)
    - nvmet-rdma: Don't flush system_wq by default during remove_one
    - nvme-rdma: Don't flush delete_wq by default during remove_one
  * Warnings/hang during error handling of SATA disks on SAS controller
    (LP: #1768971)
    - scsi: libsas: defer ata device eh commands to libata
  * Hotplugging a SATA disk into a SAS controller may cause crash (LP: #1768948)
    - ata: do not schedule hot plug if it is a sas host
  * ISST-LTE:pKVM:Ubuntu1804: rcu_sched self-detected stall on CPU follow by CPU
    ATTEMPT TO RE-ENTER FIRMWARE! (LP: #1767927)
    - powerpc/powernv: Handle unknown OPAL errors in opal_nvram_write()
    - powerpc/64s: return more carefully from sreset NMI
    - powerpc/64s: sreset panic if there is no debugger or crash dump handlers
  * fsnotify: Fix fsnotify_mark_connector race (LP: #1765564)
    - fsnotify: Fix fsnotify_mark_connector race
  * Hang on network interface removal in Xen virtual machine (LP: #1771620)
    - xen-netfront: Fix hang on device removal
  * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977)
    - net: hns: Avoid action name truncation
  * Ubuntu 18.04 kernel crashed while in degraded mode (LP: #1770849)
    - SAUCE: powerpc/perf: Fix memory allocation for core-imc based on
      num_possible_cpus()
  * Switch Build-Depends: transfig to fig2dev (LP: #1770770)
    - [Config] update Build-Depends: transfig to fig2dev
  * smp_call_function_single/many core hangs with stop4 alone (LP: #1768898)
    - cpufreq: powernv: Fix hardlockup due to synchronous smp_call in timer
      interrupt
  * Add d-i support for Huawei NICs (LP: #1767490)
    - d-i: add hinic to nic-modules udeb
  * unregister_netdevice: waiting for eth0 to become free. Usage count = 5
    (LP: #1746474)
    - xfrm: reuse uncached_list to track xdsts
  * Include nfp driver in linux-modules (LP: #1768526)
    - [Config] Add nfp.ko to generic inclusion list
  * Kernel panic on boot (m1.small in cn-north-1) (LP: #1771679)
    - x86/xen: Reset VCPU0 info pointer after shared_info remap
  * CVE-2018-3639 (x86)
    - x86/bugs: Fix the parameters alignment and missing void
    - KVM: SVM: Move spec control call after restore of GS
    - x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP
    - x86/cpufeatures: Disentangle MSR_SPEC_CTRL enumeration from IBRS
    - x86/cpufeatures: Disentangle SSBD enumeration
    - x86/cpufeatures: Add FEATURE_ZEN
    - x86/speculation: Handle HT correctly on AMD
    - x86/bugs, KVM: Extend speculation control for VIRT_SPEC_CTRL
    - x86/speculation: Add virtualized speculative store bypass disable support
    - x86/speculation: Rework speculative_store_bypass_update()
    - x86/bugs: Unify x86_spec_ctrl_{set_guest,restore_host}
    - x86/bugs: Expose x86_spec_ctrl_base directly
    - x86/bugs: Remove x86_spec_ctrl_set()
    - x86/bugs: Rework spec_ctrl base and mask logic
    - x86/speculation, KVM: Implement support for VIRT_SPEC_CTRL/LS_CFG
    - KVM: SVM: Implement VIRT_SPEC_CTRL support for SSBD
    - x86/bugs: Rename SSBD_NO to SSB_NO
    - bpf: Prevent memory disambiguation attack
    - KVM: VMX: Expose SSBD properly to guests.
  * Suspend to idle: Open lid didn't resume (LP: #1771542)
    - ACPI / PM: Do not reconfigure GPEs for suspend-to-idle
  * Fix initialization failure detection in SDEI for device-tree based systems
    (LP: #1768663)
    - firmware: arm_sdei: Fix return value check in sdei_present_dt()
  * No driver for Huawei network adapters on arm64 (LP: #1769899)
    - net-next/hinic: add arm64 support
  * CVE-2018-1092
    - ext4: fail ext4_iget for root directory if unallocated
  * kernel 4.15 breaks nouveau on Lenovo P50 (LP: #1763189)
    - drm/nouveau: Fix deadlock in nv50_mstm_register_connector()
  * update-initramfs not adding i915 GuC firmware for Kaby Lake, firmware fails
    to load (LP: #1728238)
    - Revert "UBUNTU: SAUCE: (no-up) i915: Remove MODULE_FIRMWARE statements for
      unreleased firmware"
  * Battery drains when laptop is off  (shutdown) (LP: #1745646)
    - PCI / PM: Check device_may_wakeup() in pci_enable_wake()
  * Dell Latitude 5490/5590 BIOS update 1.1.9 causes black screen at boot
    (LP: #1764194)
    - drm/i915/bios: filter out invalid DDC pins from VBT child devices
  * Intel 9462 A370:42A4 doesn't work (LP: #1748853)
    - iwlwifi: add shared clock PHY config flag for some devices
    - iwlwifi: add a bunch of new 9000 PCI IDs
  * Fix an issue that some PCI devices get incorrectly suspended (LP: #1764684)
    - PCI / PM: Always check PME wakeup capability for runtime wakeup support
  * [SRU][Bionic/Artful] fix false positives in W+X checking (LP: #1769696)
    - init: fix false positives in W+X checking
  * Bionic update to v4.15.18 stable release (LP: #1769723)
    - netfilter: ipset: Missing nfnl_lock()/nfnl_unlock() is added to
      ip_set_net_exit()
    - cdc_ether: flag the Cinterion AHS8 modem by gemalto as WWAN
    - rds: MP-RDS may use an invalid c_path
    - slip: Check if rstate is initialized before uncompressing
    - vhost: fix vhost_vq_access_ok() log check
    - l2tp: fix races in tunnel creation
    - l2tp: fix race in duplicate tunnel detection
    - ip_gre: clear feature flags when incompatible o_flags are set
    - vhost: Fix vhost_copy_to_user()
    - lan78xx: Correctly indicate invalid OTP
    - media: v4l2-compat-ioctl32: don't oops on overlay
    - media: v4l: vsp1: Fix header display list status check in continuous mode
    - ipmi: Fix some error cleanup issues
    - parisc: Fix out of array access in match_pci_device()
    - parisc: Fix HPMC handler by increasing size to multiple of 16 bytes
    - Drivers: hv: vmbus: do not mark HV_PCIE as perf_device
    - PCI: hv: Serialize the present and eject work items
    - PCI: hv: Fix 2 hang issues in hv_compose_msi_msg()
    - KVM: PPC: Book3S HV: trace_tlbie must not be called in realmode
    - perf/core: Fix use-after-free in uprobe_perf_close()
    - x86/mce/AMD: Get address from already initialized block
    - hwmon: (ina2xx) Fix access to uninitialized mutex
    - ath9k: Protect queue draining by rcu_read_lock()
    - x86/apic: Fix signedness bug in APIC ID validity checks
    - f2fs: fix heap mode to reset it back
    - block: Change a rcu_read_{lock,unlock}_sched() pair into
      rcu_read_{lock,unlock}()
    - nvme: Skip checking heads without namespaces
    - lib: fix stall in __bitmap_parselist()
    - blk-mq: order getting budget and driver tag
    - blk-mq: don't keep offline CPUs mapped to hctx 0
    - ovl: fix lookup with middle layer opaque dir and absolute path redirects
    - xen: xenbus_dev_frontend: Fix XS_TRANSACTION_END handling
    - hugetlbfs: fix bug in pgoff overflow checking
    - nfsd: fix incorrect umasks
    - scsi: qla2xxx: Fix small memory leak in qla2x00_probe_one on probe failure
    - block/loop: fix deadlock after loop_set_status
    - nfit: fix region registration vs block-data-window ranges
    - s390/qdio: don't retry EQBS after CCQ 96
    - s390/qdio: don't merge ERROR output buffers
    - s390/ipl: ensure loadparm valid flag is set
    - get_user_pages_fast(): return -EFAULT on access_ok failure
    - mm/gup_benchmark: handle gup failures
    - getname_kernel() needs to make sure that ->name != ->iname in long case
    - Bluetooth: Fix connection if directed advertising and privacy is used
    - Bluetooth: hci_bcm: Treat Interrupt ACPI resources as always being active-
      low
    - rtl8187: Fix NULL pointer dereference in priv->conf_mutex
    - ovl: set lower layer st_dev only if setting lower st_ino
    - Linux 4.15.18
  * Kernel bug when unplugging Thunderbolt 3 cable, leaves xHCI host controller
    dead (LP: #1768852)
    - xhci: Fix Kernel oops in xhci dbgtty
  * Incorrect blacklist of bcm2835_wdt (LP: #1766052)
    - [Packaging] Fix missing watchdog for Raspberry Pi
  * CVE-2018-8087
    - mac80211_hwsim: fix possible memory leak in hwsim_new_radio_nl()
  * Integrated Webcam Realtek Integrated_Webcam_HD (0bda:58f4) not working in
    DELL XPS 13 9370 with firmware 1.50 (LP: #1763748)
    - SAUCE: media: uvcvideo: Support realtek's UVC 1.5 device
  * [ALSA] [PATCH] Clevo P950ER ALC1220 Fixup (LP: #1769721)
    - SAUCE: ALSA: hda/realtek - Clevo P950ER ALC1220 Fixup
  * Bionic: Intermittently sent to Emergency Mode on boot with unhandled kernel
    NULL pointer dereference at  0000000000000980 (LP: #1768292)
    - thunderbolt: Prevent crash when ICM firmware is not running
  * linux-snapdragon: reduce EPROBEDEFER noise during boot (LP: #1768761)
    - [Config] snapdragon: DRM_I2C_ADV7511=y
  * regression Aquantia Corp. AQC107 4.15.0-13-generic -> 4.15.0-20-generic ?
    (LP: #1767088)
    - net: aquantia: Regression on reset with 1.x firmware
    - net: aquantia: oops when shutdown on already stopped device
  * e1000e msix interrupts broken in linux-image-4.15.0-15-generic
    (LP: #1764892)
    - e1000e: Remove Other from EIAC
  * Acer Swift sf314-52 power button not managed  (LP: #1766054)
    - SAUCE: platform/x86: acer-wmi: add another KEY_POWER keycode
  * set PINCFG_HEADSET_MIC to parse_flags for Dell precision 3630 (LP: #1766398)
    - ALSA: hda/realtek - set PINCFG_HEADSET_MIC to parse_flags
  * Change the location for one of two front mics on a lenovo thinkcentre
    machine (LP: #1766477)
    - ALSA: hda/realtek - adjust the location of one mic
  * SRU: bionic: apply 50 ZFS upstream bugfixes (LP: #1764690)
    - SAUCE: (noup) Update zfs to 0.7.5-1ubuntu15 (LP: #1764690)
  * [8086:3e92] display becomes blank after S3 (LP: #1763271)
    - drm/i915/edp: Do not do link training fallback or prune modes on EDP

 -- Timo Aaltonen <email address hidden>  Wed, 30 May 2018 09:57:46 +0300
Deleted in xenial-proposed on 2018-06-01 (Reason: NBS)
linux-oem (4.13.0-1029.32) xenial; urgency=medium

  * linux-oem: 4.13.0-1029.32 -proposed tracker (LP: #1772956)

  * Enable AMD PCIe MP2 for AMDI0011 (LP: #1773940)
    - SAUCE: i2c:amd I2C Driver based on PCI Interface for upcoming platform

  * Intel WiFi Linux driver update for ETSI 5GHz Adaptivity Requirement
    (LP: #1769980)
    - iwlwifi: track current firmware image in common code
    - iwlwifi: refactor firmware debug code
    - iwlwifi: mvm: support fw reading empty OTP
    - iwlwifi: implement fseq version mismatch warning
    - iwlwifi: mvm: fix the FIFO numbers in A000 devices
    - iwlwifi: mvm: remove non-DQA mode
    - iwlwifi: mvm: check family instead of new TX API for workarounds
    - iwlwifi: mvm: add and use iwl_mvm_has_unified_ucode()
    - iwlwifi: mvm: move a000 device NVM retrieval to a common place
    - Revert "UBUNTU: SAUCE: iwlwifi: Adding missing id A370:42A4"
    - Revert "iwlwifi: fix PCI IDs and configuration mapping for 9000 series"
    - Revert "iwlwifi: fix firmware names for 9000 and A000 series hw"
    - iwlwifi: add support of FPGA fw
    - iwlwifi: fix nmi triggering from host
    - iwlwifi: pcie: free the TSO page when a Tx queue is unmapped on A000 devices
    - iwlwifi: mvm: fix the coex firmware API
    - iwlwifi: mvm: support new Coex firmware API
    - iwlwifi: pcie: support short Tx queues for A000 device family
    - iwlwifi: mvm: group all dummy SAR function declarations together
    - iwlwifi: mvm: use mvmsta consistently in rs.c
    - iwlwifi: distinguish different RF modules in A000 devices
    - iwlwifi: update channel flags parser
    - iwlwifi: mvm: change open and close criteria of a BA session
    - iwlwifi: fw: fix lar_enabled endian problem in iwl_fw_get_nvm
    - iwlwifi: mvm: remove useless argument in iwl_nvm_init()
    - cfg80211: honor NL80211_RRF_NO_HT40{MINUS,PLUS}
    - cfg80211/nl80211: add a port authorized event
    - ieee80211: Add WFA TPC report element OUI type
    - iwlwifi: mvm: bump API to 34 for 8000 and up
    - iwlwifi: fix long debug print
    - iwlwifi: nvm-parse: unify channel flags printing
    - iwlwifi: nvm: set the correct offsets to 3168 series
    - iwlwifi: mvm: Add new quota command API
    - iwlwifi: mvm: remove support for Link Quality Measurements
    - iwlwifi: pcie: dynamic Tx command queue size
    - iwlwifi: acpi: add common code to read from ACPI
    - iwlwifi: acpi: move ACPI method definitions to acpi.h
    - iwlwifi: acpi: move ACPI-related definitions to acpi.h
    - iwlwifi: acpi: generalize iwl_mvm_sar_find_wifi_pkg()
    - iwlwifi: acpi: use iwl_acpi_get_wifi_pkg when reading reading SPLC
    - iwlwifi: acpi: make iwl_get_bios_mcc() use the common acpi functions
    - iwlwifi: acpi: move function to get mcc into acpi code
    - cfg80211: support loading regulatory database as firmware file
    - cfg80211: support reloading regulatory database
    - cfg80211: reg: remove support for built-in regdb
    - cfg80211: implement regdb signature checking
    - cfg80211: fix CFG80211_EXTRA_REGDB_KEYDIR typo
    - iwlwifi: pcie: sort IDs for the 9000 series for easier comparisons
    - iwlwifi: mvm: allow reading UMAC error data from SMEM in A000 devices
    - iwlwifi: mvm: move umac_error_event_table validity check to where it's set
    - iwlwifi: define minimum valid address for umac_error_event_table in cfg
    - iwlwifi: fix multi queue notification for a000 devices
    - iwlwifi: add new cards for 8260 series
    - iwlwifi: add new cards for 8265 series
    - iwlwifi: add new cards for a000 series
    - cfg80211: don't print log output for building shipped-certs
    - iwlwifi: fix PCI IDs and configuration mapping for 9000 series
    - iwlwifi: fix firmware names for 9000 and A000 series hw
    - cfg80211: initialize regulatory keys/database later
    - iwlwifi: rename the temporary name of A000 to the official 22000
    - iwlwifi: mvm: add WFA vendor specific TPC report IE to probe request
    - iwlwifi: mvm: remove set but unused variable in iwl_mvm_roc_done_wk
    - iwlwifi: mvm: rs: introduce new API for rate scaling
    - iwlwifi: mvm: rs: add ops for the new rate scaling in the FW
    - iwlwifi: mvm: rs: add basic implementation of the new RS API handlers
    - iwlwifi: mvm: rs: new rate scale API - add FW notifications
    - iwlwifi: mvm: rs: new rate scale API - add debugfs hooks
    - iwlwifi: mvm: rs: add size checks when printing to a buffer
    - iwlwifi: mvm: rs: add sanity check when sending LQ command
    - iwlwifi: bump FW API to 36 for 8000 and up
    - wireless: replace usage of hexdump with od/sed
    - wireless: don't write C files on failures
    - cfg80211: always rewrite generated files from scratch
    - cfg80211: ship certificates as hex files
    - iwlwifi: mvm: support RX flags API change
    - iwlwifi: fw: fix the enums in the rate scaling API
    - iwlwifi: mvm: adjust to quota offload
    - iwlwifi: mvm: send the low latency command
    - iwlwifi: define and use if iwl_mvm_has_tlc_offload
    - iwlwifi: runtime: sync FW and host clocks for logs
    - iwlwifi: align timestamp cancel with timestamp start
    - iwlwifi: Cancel and set MARKER_CMD timer during suspend-resume
    - iwlwifi: add shared clock PHY config flag for some devices
    - iwlwifi: add a bunch of new 9000 PCI IDs
    - iwlwifi: bump the max API version for 9000 and 22000 devices
    - iwlwifi: api: Add geographic profile information to MCC_UPDATE_CMD
    - iwlwifi: set default timstamp marker cmd
    - cfg80211: read wmm rules from regulatory database
    - mac80211: limit wmm params to comply with ETSI requirements
    - cfg80211: Add API to allow querying regdb for wmm_rule
    - iwlwifi: mvm: query regdb for wmm rule if needed

  * regression Aquantia Corp. AQC107 4.15.0-13-generic -> 4.15.0-20-generic ?
    (LP: #1767088)
    - net: aquantia: Regression on reset with 1.x firmware
    - net: aquantia: oops when shutdown on already stopped device

  * Support Realtek Bluetooth [0bda:c024] (LP: #1771919)
    - SAUCE: support realtek bluetooth 0bda:c024

  * Miscellaneous Ubuntu changes
    - Rebase to 4.13.0-44.49
    - [Packaging] skip cloud tools packaging when not building package

  * Miscellaneous upstream changes
    - Ubuntu: [Config] Enable config for CFG80211 REGDB and I2C_AMD_MP2

  [ Ubuntu: 4.13.0-44.49 ]

  * linux: 4.13.0-44.49 -proposed tracker (LP: #1772951)
  * CVE-2018-3639 (x86)
    - x86/cpu: Make alternative_msr_write work for 32-bit code
    - x86/cpu/AMD: Fix erratum 1076 (CPB bit)
    - x86/bugs: Fix the parameters alignment and missing void
    - KVM: SVM: Move spec control call after restore of GS
    - x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP
    - x86/cpufeatures: Disentangle MSR_SPEC_CTRL enumeration from IBRS
    - x86/cpufeatures: Disentangle SSBD enumeration
    - x86/cpufeatures: Add FEATURE_ZEN
    - x86/speculation: Handle HT correctly on AMD
    - x86/bugs, KVM: Extend speculation control for VIRT_SPEC_CTRL
    - x86/speculation: Add virtualized speculative store bypass disable support
    - x86/speculation: Rework speculative_store_bypass_update()
    - x86/bugs: Unify x86_spec_ctrl_{set_guest,restore_host}
    - x86/bugs: Expose x86_spec_ctrl_base directly
    - x86/bugs: Remove x86_spec_ctrl_set()
    - x86/bugs: Rework spec_ctrl base and mask logic
    - x86/speculation, KVM: Implement support for VIRT_SPEC_CTRL/LS_CFG
    - KVM: SVM: Implement VIRT_SPEC_CTRL support for SSBD
    - x86/bugs: Rename SSBD_NO to SSB_NO
    - bpf: Prevent memory disambiguation attack
    - KVM: VMX: Expose SSBD properly to guests.
  * [Ubuntu 16.04] kernel: fix rwlock implementation (LP: #1761674)
    - SAUCE: (no-up) s390: fix rwlock implementation
  * CVE-2018-7492
    - rds: Fix NULL pointer dereference in __rds_rdma_map
  * CVE-2018-8781
    - drm: udl: Properly check framebuffer mmap offsets
  * fsnotify: Fix fsnotify_mark_connector race (LP: #1765564)
    - fsnotify: Fix fsnotify_mark_connector race
  * Kernel panic on boot (m1.small in cn-north-1) (LP: #1771679)
    - x86/xen: Reset VCPU0 info pointer after shared_info remap
  * Suspend to idle: Open lid didn't resume (LP: #1771542)
    - ACPI / PM: Do not reconfigure GPEs for suspend-to-idle
  * CVE-2018-1092
    - ext4: fail ext4_iget for root directory if unallocated
  * [SRU][Artful] using vfio-pci on a combination of cn8xxx and some PCI devices
    results in a kernel panic. (LP: #1770254)
    - PCI: Avoid bus reset if bridge itself is broken
    - PCI: Mark Cavium CN8xxx to avoid bus reset
    - PCI: Avoid slot reset if bridge itself is broken
  * Battery drains when laptop is off  (shutdown) (LP: #1745646)
    - PCI / PM: Check device_may_wakeup() in pci_enable_wake()
  * perf record crash: refcount_inc assertion  failed (LP: #1769027)
    - perf cgroup: Fix refcount usage
    - perf xyarray: Fix wrong processing when closing evsel fd
  * Dell Latitude 5490/5590 BIOS update 1.1.9 causes black screen at boot
    (LP: #1764194)
    - drm/i915/bios: filter out invalid DDC pins from VBT child devices
  * Fix an issue that some PCI devices get incorrectly suspended (LP: #1764684)
    - PCI / PM: Always check PME wakeup capability for runtime wakeup support
  * [SRU][Bionic/Artful] fix false positives in W+X checking (LP: #1769696)
    - init: fix false positives in W+X checking
  * CVE-2018-1068
    - netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets
  * CVE-2018-8087
    - mac80211_hwsim: fix possible memory leak in hwsim_new_radio_nl()
  * Integrated Webcam Realtek Integrated_Webcam_HD (0bda:58f4) not working in
    DELL XPS 13 9370 with firmware 1.50 (LP: #1763748)
    - SAUCE: media: uvcvideo: Support realtek's UVC 1.5 device
  * unregister_netdevice: waiting for eth0 to become free. Usage count = 5
    (LP: #1746474)
    - ipv4: convert dst_metrics.refcnt from atomic_t to refcount_t
    - xfrm: reuse uncached_list to track xdsts
  * Acer Swift sf314-52 power button not managed  (LP: #1766054)
    - SAUCE: platform/x86: acer-wmi: add another KEY_POWER keycode
  * set PINCFG_HEADSET_MIC to parse_flags for Dell precision 3630 (LP: #1766398)
    - ALSA: hda/realtek - set PINCFG_HEADSET_MIC to parse_flags
  * Change the location for one of two front mics on a lenovo thinkcentre
    machine (LP: #1766477)
    - ALSA: hda/realtek - adjust the location of one mic

 -- Timo Aaltonen <email address hidden>  Tue, 29 May 2018 14:24:44 +0300
Superseded in xenial-security on 2018-06-11
Superseded in xenial-updates on 2018-06-11
Deleted in xenial-proposed (Reason: moved to -updates)
linux-oem (4.13.0-1028.31) xenial; urgency=medium

  [ Ubuntu: 4.13.0-43.48 ]

  * CVE-2018-3639 (powerpc)
    - SAUCE: rfi-flush: update H_CPU_* macro names to upstream
    - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to
      upstream
    - SAUCE: update pseries_setup_rfi_flush() capitalization to upstream
    - powerpc/pseries: Support firmware disable of RFI flush
    - powerpc/powernv: Support firmware disable of RFI flush
    - powerpc/64s: Allow control of RFI flush via debugfs
    - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
    - powerpc/rfi-flush: Always enable fallback flush on pseries
    - powerpc/rfi-flush: Differentiate enabled and patched flush types
    - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
    - powerpc: Add security feature flags for Spectre/Meltdown
    - powerpc/powernv: Set or clear security feature flags
    - powerpc/pseries: Set or clear security feature flags
    - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
    - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
    - powerpc/pseries: Fix clearing of security feature flags
    - powerpc: Move default security feature flags
    - powerpc/pseries: Restore default security feature flags on setup
    - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit
  * CVE-2018-3639 (x86)
    - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES
    - SAUCE: x86: Add alternative_msr_write
    - x86/nospec: Simplify alternative_msr_write()
    - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
    - x86/bugs: Concentrate bug detection into a separate function
    - x86/bugs: Concentrate bug reporting into a separate function
    - x86/msr: Add definitions for new speculation control MSRs
    - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
    - x86/bugs, KVM: Support the combination of guest and host IBRS
    - x86/bugs: Expose /sys/../spec_store_bypass
    - x86/cpufeatures: Add X86_FEATURE_RDS
    - x86/bugs: Provide boot parameters for the spec_store_bypass_disable
      mitigation
    - x86/bugs/intel: Set proper CPU features and setup RDS
    - x86/bugs: Whitelist allowed SPEC_CTRL MSR values
    - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
    - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
    - x86/speculation: Create spec-ctrl.h to avoid include hell
    - prctl: Add speculation control prctls
    - x86/process: Allow runtime control of Speculative Store Bypass
    - x86/speculation: Add prctl for Speculative Store Bypass mitigation
    - nospec: Allow getting/setting on non-current task
    - proc: Provide details on speculation flaw mitigations
    - seccomp: Enable speculation flaw mitigations
    - SAUCE: x86/bugs: Honour SPEC_CTRL default
    - x86/bugs: Make boot modes __ro_after_init
    - prctl: Add force disable speculation
    - seccomp: Use PR_SPEC_FORCE_DISABLE
    - seccomp: Add filter flag to opt-out of SSB mitigation
    - seccomp: Move speculation migitation control to arch code
    - x86/speculation: Make "seccomp" the default mode for Speculative Store
      Bypass
    - x86/bugs: Rename _RDS to _SSBD
    - proc: Use underscores for SSBD in 'status'
    - Documentation/spec_ctrl: Do some minor cleanups
    - x86/bugs: Fix __ssb_select_mitigation() return type
    - x86/bugs: Make cpu_show_common() static
  * LSM Stacking prctl values should be redefined as to not collide with
    upstream prctls (LP: #1769263) // CVE-2018-3639
    - SAUCE: LSM stacking: adjust prctl values

Superseded in cosmic-release on 2018-06-15
Deleted in cosmic-proposed (Reason: moved to release)
Superseded in bionic-security on 2018-06-13
Superseded in bionic-updates on 2018-06-13
Deleted in bionic-proposed (Reason: moved to -updates)
linux-oem (4.15.0-1006.9) bionic; urgency=medium

  * linux-image-4.15.0-20-generic install after upgrade from xenial breaks
    (LP: #1767133)
    - Packaging: Depends on linux-base that provides the necessary tools

  [ Ubuntu: 4.15.0-22.24 ]

  * CVE-2018-3639 (powerpc)
    - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit
    - stf-barrier: set eieio instruction bit 6 for future optimisations
  * CVE-2018-3639 (x86)
    - x86/nospec: Simplify alternative_msr_write()
    - x86/bugs: Concentrate bug detection into a separate function
    - x86/bugs: Concentrate bug reporting into a separate function
    - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
    - x86/bugs, KVM: Support the combination of guest and host IBRS
    - x86/bugs: Expose /sys/../spec_store_bypass
    - x86/cpufeatures: Add X86_FEATURE_RDS
    - x86/bugs: Provide boot parameters for the spec_store_bypass_disable
      mitigation
    - x86/bugs/intel: Set proper CPU features and setup RDS
    - x86/bugs: Whitelist allowed SPEC_CTRL MSR values
    - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
    - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
    - x86/speculation: Create spec-ctrl.h to avoid include hell
    - prctl: Add speculation control prctls
    - x86/process: Allow runtime control of Speculative Store Bypass
    - x86/speculation: Add prctl for Speculative Store Bypass mitigation
    - nospec: Allow getting/setting on non-current task
    - proc: Provide details on speculation flaw mitigations
    - seccomp: Enable speculation flaw mitigations
    - x86/bugs: Make boot modes __ro_after_init
    - prctl: Add force disable speculation
    - seccomp: Use PR_SPEC_FORCE_DISABLE
    - seccomp: Add filter flag to opt-out of SSB mitigation
    - seccomp: Move speculation migitation control to arch code
    - x86/speculation: Make "seccomp" the default mode for Speculative Store
      Bypass
    - x86/bugs: Rename _RDS to _SSBD
    - proc: Use underscores for SSBD in 'status'
    - Documentation/spec_ctrl: Do some minor cleanups
    - x86/bugs: Fix __ssb_select_mitigation() return type
    - x86/bugs: Make cpu_show_common() static
  * LSM Stacking prctl values should be redefined as to not collide with
    upstream prctls (LP: #1769263) // CVE-2018-3639
    - SAUCE: LSM stacking: adjust prctl values

Deleted in cosmic-proposed on 2018-05-31 (Reason: NBS)
Deleted in bionic-proposed on 2018-05-31 (Reason: NBS)
linux-oem (4.15.0-1005.8) bionic; urgency=medium

  * linux-oem: 4.15.0-1005.8 -proposed tracker (LP: #1767398)
    - source built with a clean tree

  * [i915 CNL-Y] system hangs soon after bootup (LP: #1769843)
    - SAUCE: drm/i915/execlists: Use rmb() to order CSB reads

  * hts221 sensor stops working after resume from S3/S4 (LP: #1769658)
    - SAUCE: iio: humidity: hts221: Fix sensor reads after resume

  * Support Intel Atom (Baytrail-I) HS-UART serdev slaves over tty
    (LP: #1769610)
    - serdev: ttyport: release tty lock sooner on open
    - serdev: ttyport: ignore carrier detect to avoid hangups
    - serdev: ttyport: do not used keyed wakeup in write_wakeup
    - serdev: Make .remove in struct serdev_device_driver optional
    - serdev: Introduce devm_serdev_device_open()
    - serdev: do not generate modaliases for controllers
    - serdev: only match serdev devices
    - serdev: add method to set parity
    - SAUCE: (no-up) Support HS-UART serdev slaves over tty
    - [Config] CONFIG_HSUART_SERIAL_DEVICE=y

  * Support latest Redpine WLAN/BT RS9113 driver (LP: #1657682)
    - SAUCE: rsi: add rx control block to handle rx packets in USB
    - SAUCE: rsi: add bluetooth rx endpoint
    - SAUCE: rsi: add header file rsi_91x
    - SAUCE: rsi: add coex support
    - SAUCE: Bluetooth: bt: rsi: add new rsi bluetooth driver
    - SAUCE: rsi: handle BT traffic in driver
    - SAUCE: rsi: add module parameter operating mode
    - SAUCE: rsi: sdio changes to support BT
    - SAUCE: rsi: improve RX handling in SDIO interface
    - SAUCE: rsi: use dynamic RX control blocks instead of MAX_RX_URB
    - SAUCE: rsi: improve RX packet handling in USB interface
    - SAUCE: rsi: add support for hardware scan offload
    - SAUCE: rsi: move xtend_desc structure from rsi_main.h to rsi_mgmt.h
    - SAUCE: rsi: move descriptor preparation to core
    - SAUCE: rsi: enable 80MHz clock by default
    - SAUCE: rsi: roaming enhancements
    - SAUCE: rsi: add module parameter rsi_reg
    - SAUCE: rsi: regulatory modifications for 'dlcar' mode
    - SAUCE: rsi: device disconnect changes
    - SAUCE: rsi: tx improvements
    - SAUCE: rsi: drop RX broadcast/multicast packets with invalid PN
    - SAUCE: rsi: fix for incorrect data pointer alignment in 64-bit
    - SAUCE: rsi: Remove stack VLA usage
    - SAUCE: rsi: fix nommu_map_sg overflow kernel panic
    - SAUCE: rsi: Fix 'invalid vdd' warning in mmc
    - SAUCE: Redpine: Fix wowlan issue with S4
    - SAUCE: Redpine: rsi: Add deep sleep enable before connection
    - SAUCE: Redpine: resolve power save issue after S4 resume
    - SAUCE: Redpine: rsi: resolve wifi scan stop issue in stress tests
    - SAUCE: rsi: Firmware assert
    - SAUCE: Added fix for connection issue observed with nmcli command.
    - SAUCE: Added fix for hang issue observed during hibernate resume.
    - SAUCE: Added fix for issue power off when connected to AP through nmcli.
    - SAUCE: rsi: improve cancel_hw_scan handling to fix kernel panic
    - [Config]: CONFIG_BT_HCIRSI=m

  * Support latest Redpine WLAN/BT RS9113 driver (LP: #1657682) // INVALID or
    PRIVATE BUG (LP: #1736097) // INVALID or PRIVATE BUG (LP: #1738169)
    - SAUCE: Redpine: fix wowlan issue
    - SAUCE: Redpine: fix reset card issue
    - SAUCE: Redpine: fix for wowlan wakeup failure

  * Support latest Redpine WLAN/BT RS9113 driver (LP: #1657682) // ubuntu/rsi
    driver downlink wifi throughput drops to 5-6 Mbps when BT keyboard is
    connected (LP: #1706991)
    - SAUCE: Redpine: uapsd configuration changes

  * Miscellaneous Ubuntu changes
    - Rebase to 4.15.0-21.22
    - [Config] update configs following rebase to 4.15.0-21.22

  [ Ubuntu: 4.15.0-21.22 ]

  * linux: 4.15.0-21.22 -proposed tracker (LP: #1767397)
  * initramfs-tools exception during pm.DoInstall with  do-release-upgrade from
    16.04 to 18.04  (LP: #1766727)
    - Add linux-image-* Breaks on s390-tools (<< 2.3.0-0ubuntu3)
  * linux-image-4.15.0-20-generic install after upgrade from xenial breaks
    (LP: #1767133)
    - Packaging: Depends on linux-base that provides the necessary tools
  * linux-image packages need to Breaks flash-kernel << 3.90ubuntu2
    (LP: #1766629)
    - linux-image-* breaks on flash-kernel (<< 3.90ubuntu2)

 -- Timo Aaltonen <email address hidden>  Thu, 10 May 2018 11:53:22 +0300
Deleted in xenial-proposed on 2018-05-30 (Reason: NBS)
linux-oem (4.13.0-1027.30) xenial; urgency=medium

  * linux-oem: 4.13.0-1027.30 -proposed tracker (LP: #1769996)

  * set PINCFG_HEADSET_MIC to parse_flags for Dell precision 3630 (LP: #1766398)
    - ALSA: hda/realtek - set PINCFG_HEADSET_MIC to parse_flags

  * Change the location for one of two front mics on a lenovo thinkcentre
    machine (LP: #1766477)
    - ALSA: hda/realtek - adjust the location of one mic

  * Update btusb reset-resume quirk to decrease power usage (LP: #1766197)
    - SAUCE: Revert "usb: quirks: Add reset-resume quirk for Dell DW1820 QCA Rome
      Bluetooth"
    - Bluetooth: btusb: Use DMI matching for QCA reset_resume quirking
    - Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table
    - Bluetooth: btusb: Add Dell OptiPlex 3060 to btusb_needs_reset_resume_table

  * Update Aquantia driver to fix various issues (LP: #1759303)
    - SAUCE: Revert "net: aquantia: Reset nic statistics on interface up/down"
    - SAUCE: Revert "net: aquantia: Add queue restarts stats counter"
    - SAUCE: Revert "net: aquantia: Fixed transient link up/down/up notification"
    - SAUCE: Revert "net: aquantia: Limit number of MSIX irqs to the number of
      cpus"
    - SAUCE: Revert "net: aquantia: mmio unmap was not performed on driver
      removal"
    - SAUCE: Revert "net: aquantia: Enable coalescing management via ethtool
      interface"
    - SAUCE: Revert "net: aquantia: Reset nic statistics on interface up/down"
    - SAUCE: Revert "aquantia: Fix Tx queue hangups"
    - SAUCE: Revert "net: aquantia: Bad udp rate on default interrupt coalescing"
    - aquantia: Switch to use napi_gro_receive
    - aquantia: Setup max_mtu in ndev to enable jumbo frames
    - aquantia: Fix Tx queue hangups
    - aquantia: Fix transient invalid link down/up indications
    - atlantic: fix iommu errors
    - net: aquantia: Reset nic statistics on interface up/down
    - net: aquantia: Add queue restarts stats counter
    - net: aquantia: Fixed transient link up/down/up notification
    - net: aquantia: Limit number of MSIX irqs to the number of cpus
    - net: aquantia: mmio unmap was not performed on driver removal
    - net: aquantia: Enable coalescing management via ethtool interface
    - net: aquantia: Bad udp rate on default interrupt coalescing
    - net: aquantia: Fix actual speed capabilities reporting
    - net: aquantia: Fix hardware DMA stream overload on large MRRS
    - net: aquantia: Extend stat counters to 64bit values
    - net: aquantia: Fill ndev stat couters from hardware
    - net: aquantia: Fill in multicast counter in ndev stats from hardware
    - net: aquantia: Improve link state and statistics check interval callback
    - net: aquantia: Update hw counters on hw init
    - net: aquantia: Fix typo in ethtool statistics names
    - net: aquantia: Increment driver version
    - net: aquantia: Eliminate AQ_DIMOF, replace with ARRAY_SIZE
    - net: aquantia: Cleanup status flags accesses
    - net: aquantia: Cleanup hardware access modules
    - net: aquantia: Remove duplicate hardware descriptors declarations
    - net: aquantia: Add const qualifiers for hardware ops tables
    - net: aquantia: Simplify dependencies between pci modules
    - net: aquantia: Eliminate aq_nic structure abstraction
    - net: aquantia: Fix register definitions to linux style
    - net: aquantia: Prepend hw access functions declarations with prefix
    - net: aquantia: Fix internal stats calculation on rx
    - net: aquantia: Introduce new device ids and constants
    - net: aquantia: Introduce new AQC devices and capabilities
    - net: aquantia: Convert hw and caps structures to const static pointers
    - net: aquantia: Cleanup pci functions module
    - net: aquantia: Remove create/destroy from hw ops
    - net: aquantia: Change confusing no_ff_addr to more meaningful name
    - net: aquantia: Introduce firmware ops callbacks
    - net: aquantia: Introduce support for new firmware on AQC cards
    - net: aquantia: Introduce global AQC hardware reset sequence
    - net: aquantia: Report correct mediatype via ethtool
    - net: aquantia: bump driver version to match aquantia internal numbering
    - net: aquantia: Fix hardware reset when SPI may rarely hangup
    - net: aquantia: Fix a regression with reset on old firmware
    - net: aquantia: Change inefficient wait loop on fw data reads
    - net: aquantia: Add tx clean budget and valid budget handling logic
    - net: aquantia: Allow live mac address changes
    - net: aquantia: Implement pci shutdown callback
    - net: aquantia: driver version bump

  * Fix an issue that some PCI devices get incorrectly suspended (LP: #1764684)
    - SAUCE: PCI / PM: Always check PME wakeup capability for runtime wakeup
      support

  * Miscellaneous Ubuntu changes
    - Rebase to 4.13.0-42.47

  [ Ubuntu: 4.13.0-42.47 ]

  * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993)
  * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850)
    - arm64: fix CONFIG_DEBUG_WX address reporting
  * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977)
    - net: hns: Avoid action name truncation
  * CVE-2017-18208
    - mm/madvise.c: fix madvise() infinite loop under special circumstances
  * CVE-2018-8822
    - staging: ncpfs: memory corruption in ncp_read_kernel()
  * CVE-2017-18203
    - dm: fix race between dm_get_from_kobject() and __dm_destroy()
  * CVE-2017-17449
    - netlink: Add netns check on taps
  * CVE-2017-17975
    - media: usbtv: prevent double free in error case
  * [8086:3e92] display becomes blank after S3 (LP: #1763271)
    - drm/i915/edp: Allow alternate fixed mode for eDP if available.
    - drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp
    - drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp
    - drm/i915/edp: Do not do link training fallback or prune modes on EDP
  * sky2 gigabit ethernet driver sometimes stops working after lid-open resume
    from sleep (88E8055) (LP: #1758507)
    - sky2: Increase D3 delay to sky2 stops working after suspend
  * perf vendor events arm64: Enable JSON events for ThunderX2 B0 (LP: #1760712)
    - perf vendor events arm64: Enable JSON events for ThunderX2 B0
  * No network with e1000e driver on 4.13.0-38-generic (LP: #1762693)
    - e1000e: Fix e1000_check_for_copper_link_ich8lan return value.
  * /dev/ipmi enumeration flaky on Cavium Sabre nodes (LP: #1762812)
    - i2c: xlp9xx: return ENXIO on slave address NACK
    - i2c: xlp9xx: Handle transactions with I2C_M_RECV_LEN properly
    - i2c: xlp9xx: Check for Bus state before every transfer
    - i2c: xlp9xx: Handle NACK on DATA properly
  * "ip a" command on a guest VM shows UNKNOWN status (LP: #1761534)
    - virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS
  * fix regression in mm/hotplug, allows NVIDIA driver to work (LP: #1761104)
    - SAUCE: Fix revert "mm, memory_hotplug: do not associate hotadded memory to
      zones until online"
  * ibrs/ibpb fixes result in excessive kernel logging  (LP: #1755627)
    - SAUCE: remove ibrs_dump sysctl interface

  [ Ubuntu: 4.13.0-41.46 ]

  * CVE-2018-8897
    - x86/entry/64: Don't use IST entry for #BP stack
  * CVE-2018-1087
    - kvm/x86: fix icebp instruction handling
  * CVE-2018-1000199
    - perf/hwbp: Simplify the perf-hwbp code, fix documentation

 -- Timo Aaltonen <email address hidden>  Wed, 09 May 2018 16:15:50 +0300
Superseded in xenial-security on 2018-05-22
Superseded in xenial-updates on 2018-05-22
Deleted in xenial-proposed (Reason: moved to -updates)
linux-oem (4.13.0-1026.29) xenial; urgency=medium

  [ Ubuntu: 4.13.0-41.46 ]

  * CVE-2018-8897
    - x86/entry/64: Don't use IST entry for #BP stack
  * CVE-2018-1087
    - kvm/x86: fix icebp instruction handling
  * CVE-2018-1000199
    - perf/hwbp: Simplify the perf-hwbp code, fix documentation

 -- Kleber Sacilotto de Souza <email address hidden>  Fri, 04 May 2018 10:59:20 +0200
Deleted in xenial-proposed on 2018-05-11 (Reason: NBS)
linux-oem (4.13.0-1025.28) xenial; urgency=medium

  * linux-oem: 4.13.0-1025.28 -proposed tracker (LP: #1766599)

  * set PINCFG_HEADSET_MIC to parse_flags for Dell precision 3630 (LP: #1766398)
    - ALSA: hda/realtek - set PINCFG_HEADSET_MIC to parse_flags

  * Chang the location for one of two front mics on a lenovo thinkcentre machine
    (LP: #1766477)
    - ALSA: hda/realtek - adjust the location of one mic

  * Update btusb reset-resume quirk to decrease power usage (LP: #1766197)
    - SAUCE: Revert "usb: quirks: Add reset-resume quirk for Dell DW1820 QCA Rome
      Bluetooth"
    - Bluetooth: btusb: Use DMI matching for QCA reset_resume quirking
    - Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table
    - Bluetooth: btusb: Add Dell OptiPlex 3060 to btusb_needs_reset_resume_table

  * Update Aquantia driver to fix various issues (LP: #1759303)
    - SAUCE: Revert "net: aquantia: Reset nic statistics on interface up/down"
    - SAUCE: Revert "net: aquantia: Add queue restarts stats counter"
    - SAUCE: Revert "net: aquantia: Fixed transient link up/down/up notification"
    - SAUCE: Revert "net: aquantia: Limit number of MSIX irqs to the number of
      cpus"
    - SAUCE: Revert "net: aquantia: mmio unmap was not performed on driver
      removal"
    - SAUCE: Revert "net: aquantia: Enable coalescing management via ethtool
      interface"
    - SAUCE: Revert "net: aquantia: Reset nic statistics on interface up/down"
    - SAUCE: Revert "aquantia: Fix Tx queue hangups"
    - SAUCE: Revert "net: aquantia: Bad udp rate on default interrupt coalescing"
    - aquantia: Switch to use napi_gro_receive
    - aquantia: Setup max_mtu in ndev to enable jumbo frames
    - aquantia: Fix Tx queue hangups
    - aquantia: Fix transient invalid link down/up indications
    - atlantic: fix iommu errors
    - net: aquantia: Reset nic statistics on interface up/down
    - net: aquantia: Add queue restarts stats counter
    - net: aquantia: Fixed transient link up/down/up notification
    - net: aquantia: Limit number of MSIX irqs to the number of cpus
    - net: aquantia: mmio unmap was not performed on driver removal
    - net: aquantia: Enable coalescing management via ethtool interface
    - net: aquantia: Bad udp rate on default interrupt coalescing
    - net: aquantia: Fix actual speed capabilities reporting
    - net: aquantia: Fix hardware DMA stream overload on large MRRS
    - net: aquantia: Extend stat counters to 64bit values
    - net: aquantia: Fill ndev stat couters from hardware
    - net: aquantia: Fill in multicast counter in ndev stats from hardware
    - net: aquantia: Improve link state and statistics check interval callback
    - net: aquantia: Update hw counters on hw init
    - net: aquantia: Fix typo in ethtool statistics names
    - net: aquantia: Increment driver version
    - net: aquantia: Eliminate AQ_DIMOF, replace with ARRAY_SIZE
    - net: aquantia: Cleanup status flags accesses
    - net: aquantia: Cleanup hardware access modules
    - net: aquantia: Remove duplicate hardware descriptors declarations
    - net: aquantia: Add const qualifiers for hardware ops tables
    - net: aquantia: Simplify dependencies between pci modules
    - net: aquantia: Eliminate aq_nic structure abstraction
    - net: aquantia: Fix register definitions to linux style
    - net: aquantia: Prepend hw access functions declarations with prefix
    - net: aquantia: Fix internal stats calculation on rx
    - net: aquantia: Introduce new device ids and constants
    - net: aquantia: Introduce new AQC devices and capabilities
    - net: aquantia: Convert hw and caps structures to const static pointers
    - net: aquantia: Cleanup pci functions module
    - net: aquantia: Remove create/destroy from hw ops
    - net: aquantia: Change confusing no_ff_addr to more meaningful name
    - net: aquantia: Introduce firmware ops callbacks
    - net: aquantia: Introduce support for new firmware on AQC cards
    - net: aquantia: Introduce global AQC hardware reset sequence
    - net: aquantia: Report correct mediatype via ethtool
    - net: aquantia: bump driver version to match aquantia internal numbering
    - net: aquantia: Fix hardware reset when SPI may rarely hangup
    - net: aquantia: Fix a regression with reset on old firmware
    - net: aquantia: Change inefficient wait loop on fw data reads
    - net: aquantia: Add tx clean budget and valid budget handling logic
    - net: aquantia: Allow live mac address changes
    - net: aquantia: Implement pci shutdown callback
    - net: aquantia: driver version bump

  * Fix an issue that some PCI devices get incorrectly suspended (LP: #1764684)
    - SAUCE: PCI / PM: Always check PME wakeup capability for runtime wakeup
      support

  * Miscellaneous Ubuntu changes
    - Rebase to 4.13.0-40.45

  [ Ubuntu: 4.13.0-40.45 ]

  * linux: 4.13.0-40.45 -proposed tracker (LP: #1766592)
  * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850)
    - arm64: fix CONFIG_DEBUG_WX address reporting
  * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977)
    - net: hns: Avoid action name truncation
  * CVE-2017-18208
    - mm/madvise.c: fix madvise() infinite loop under special circumstances
  * CVE-2018-8822
    - staging: ncpfs: memory corruption in ncp_read_kernel()
  * CVE-2017-18203
    - dm: fix race between dm_get_from_kobject() and __dm_destroy()
  * CVE-2017-17449
    - netlink: Add netns check on taps
  * CVE-2017-17975
    - media: usbtv: prevent double free in error case
  * [8086:3e92] display becomes blank after S3 (LP: #1763271)
    - drm/i915/edp: Allow alternate fixed mode for eDP if available.
    - drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp
    - drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp
    - drm/i915/edp: Do not do link training fallback or prune modes on EDP
  * sky2 gigabit ethernet driver sometimes stops working after lid-open resume
    from sleep (88E8055) (LP: #1758507)
    - sky2: Increase D3 delay to sky2 stops working after suspend
  * perf vendor events arm64: Enable JSON events for ThunderX2 B0 (LP: #1760712)
    - perf vendor events arm64: Enable JSON events for ThunderX2 B0
  * No network with e1000e driver on 4.13.0-38-generic (LP: #1762693)
    - e1000e: Fix e1000_check_for_copper_link_ich8lan return value.
  * /dev/ipmi enumeration flaky on Cavium Sabre nodes (LP: #1762812)
    - i2c: xlp9xx: return ENXIO on slave address NACK
    - i2c: xlp9xx: Handle transactions with I2C_M_RECV_LEN properly
    - i2c: xlp9xx: Check for Bus state before every transfer
    - i2c: xlp9xx: Handle NACK on DATA properly
  * "ip a" command on a guest VM shows UNKNOWN status (LP: #1761534)
    - virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS
  * fix regression in mm/hotplug, allows NVIDIA driver to work (LP: #1761104)
    - SAUCE: Fix revert "mm, memory_hotplug: do not associate hotadded memory to
      zones until online"
  * ibrs/ibpb fixes result in excessive kernel logging  (LP: #1755627)
    - SAUCE: remove ibrs_dump sysctl interface

 -- Timo Aaltonen <email address hidden>  Thu, 26 Apr 2018 11:27:11 +0300

Available diffs

Superseded in cosmic-release on 2018-05-24
Published in bionic-release on 2018-04-26
Deleted in bionic-proposed (Reason: moved to release)
Superseded in bionic-proposed on 2018-04-25
linux-oem (4.15.0-1004.5) bionic; urgency=medium

  * linux-oem: 4.15.0-1004.5 -proposed tracker (LP: #1766454)

  * Miscellaneous Ubuntu changes
    - [Packaging/OEM] update to Debian like control scripts.
    - [Packaging] signing -- sync changes from debian.master
    - [Config] Skip retpoline still
    - Rebase to 4.15.0-20.21
    - [Config] update configs following rebase to 4.15.0-20.21

  [ Ubuntu: 4.15.0-20.21 ]

  * linux: 4.15.0-20.21 -proposed tracker (LP: #1766452)
  * package shim-signed (not installed) failed to install/upgrade: installed
    shim-signed package post-installation script subprocess returned error exit
    status 5 (LP: #1766391)
    - [Packaging] fix invocation of header postinst hooks

  [ Ubuntu: 4.15.0-19.20 ]

  * linux: 4.15.0-19.20 -proposed tracker (LP: #1766021)
  * Kernel 4.15.0-15 breaks Dell PowerEdge 12th Gen servers (LP: #1765232)
    - Revert "blk-mq: simplify queue mapping & schedule with each possisble CPU"
    - Revert "genirq/affinity: assign vectors to all possible CPUs"

  [ Ubuntu: 4.15.0-18.19 ]

  * linux: 4.15.0-18.19 -proposed tracker (LP: #1765490)
  * [regression] Ubuntu 18.04:[4.15.0-17-generic #18] KVM Guest Kernel:
    meltdown: rfi/fallback displacement flush not enabled bydefault (kvm)
    (LP: #1765429)
    - powerpc/pseries: Fix clearing of security feature flags
  * signing: only install a signed kernel (LP: #1764794)
    - [Packaging] update to Debian like control scripts
    - [Packaging] switch to triggers for postinst.d postrm.d handling
    - [Packaging] signing -- switch to raw-signing tarballs
    - [Packaging] signing -- switch to linux-image as signed when available
    - [Config] signing -- enable Opal signing for ppc64el
    - [Packaging] printenv -- add signing options
  * [18.04 FEAT] Sign POWER host/NV kernels (LP: #1696154)
    - [Packaging] signing -- add support for signing Opal kernel binaries
  * Please cherrypick s390 unwind fix (LP: #1765083)
    - s390/compat: fix setup_frame32
  * Ubuntu 18.04 installer does not detect any IPR based HDD/RAID array [S822L]
    [ipr] (LP: #1751813)
    - d-i: move ipr to storage-core-modules on ppc64el
  * drivers/gpu/drm/bridge/adv7511/adv7511.ko missing (LP: #1764816)
    - SAUCE: (no-up) rename the adv7511 drm driver to adv7511_drm
  * Miscellaneous Ubuntu changes
    - [Packaging] Add linux-oem to rebuild test blacklist.

Superseded in xenial-security on 2018-05-08
Superseded in xenial-updates on 2018-05-08
Deleted in xenial-proposed (Reason: moved to -updates)
linux-oem (4.13.0-1024.27) xenial; urgency=medium

  * linux-oem: 4.13.0-1024.27 -proposed tracker (LP: #1763296)

  * [8086:3e92] display becomes blank after S3 (LP: #1763271)
    - drm/i915/edp: Allow alternate fixed mode for eDP if available.
    - drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp
    - drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp
    - drm/i915/edp: Do not do link training fallback or prune modes on EDP

  * No network with e1000e driver on 4.13.0-38-generic (LP: #1762693)
    - e1000e: Fix e1000_check_for_copper_link_ich8lan return value.

Superseded in bionic-release on 2018-04-26
Superseded in bionic-release on 2018-04-25
Deleted in bionic-proposed on 2018-04-27 (Reason: moved to release)
linux-oem (4.15.0-1002.3) bionic; urgency=medium

  * linux-oem: 4.15.0-1002.3 -proposed tracker (LP: #1762924)

  * Fix line-out port noise on Baytrail-I with RT5660 based sound card
    (LP: #1675327)
    - SAUCE: (no-up): ASoC: Intel: bytcr-rt5660: fix frame polarity

  * Miscellaneous Ubuntu changes
    - Rebase to 4.15.0-15.16

  [ Ubuntu: 4.15.0-15.16 ]

  * linux: 4.15.0-15.16 -proposed tracker (LP: #1761177)
  * FFe: Enable configuring resume offset via sysfs (LP: #1760106)
    - PM / hibernate: Make passing hibernate offsets more friendly
  * /dev/bcache/by-uuid links not created after reboot (LP: #1729145)
    - SAUCE: (no-up) bcache: decouple emitting a cached_dev CHANGE uevent
  * Ubuntu18.04:POWER9:DD2.2 - Unable to start a KVM guest with default machine
    type(pseries-bionic) complaining "KVM implementation does not support
    Transactional Memory, try cap-htm=off" (kvm) (LP: #1752026)
    - powerpc: Use feature bit for RTC presence rather than timebase presence
    - powerpc: Book E: Remove unused CPU_FTR_L2CSR bit
    - powerpc: Free up CPU feature bits on 64-bit machines
    - powerpc: Add CPU feature bits for TM bug workarounds on POWER9 v2.2
    - powerpc/powernv: Provide a way to force a core into SMT4 mode
    - KVM: PPC: Book3S HV: Work around transactional memory bugs in POWER9
    - KVM: PPC: Book3S HV: Work around XER[SO] bug in fake suspend mode
    - KVM: PPC: Book3S HV: Work around TEXASR bug in fake suspend state
  * Important Kernel fixes to be backported for Power9 (kvm) (LP: #1758910)
    - powerpc/mm: Fixup tlbie vs store ordering issue on POWER9
  * Ubuntu 18.04 - IO Hang on some namespaces when running HTX with 16
    namespaces  (Bolt / NVMe) (LP: #1757497)
    - powerpc/64s: Fix lost pending interrupt due to race causing lost update to
      irq_happened
  * fwts-efi-runtime-dkms 18.03.00-0ubuntu1: fwts-efi-runtime-dkms kernel module
    failed to build (LP: #1760876)
    - [Packaging] include the retpoline extractor in the headers

 -- Timo Aaltonen <email address hidden>  Wed, 11 Apr 2018 09:36:30 +0300
Deleted in xenial-proposed on 2018-04-16 (Reason: NBS)
linux-oem (4.13.0-1023.25) xenial; urgency=medium

  * linux-oem: 4.13.0-1023.25 -proposed tracker (LP: #1761464)

  * Fix Runtime PM for r8169 (LP: #1757422)
    - r8169: only enable PCI wakeups when WOL is active
    - PCI: Add pcim_set_mwi(), a device-managed pci_set_mwi()
    - r8169: switch to device-managed functions in probe
    - r8169: remove netif_napi_del in probe error path
    - r8169: remove unneeded rpm ops in rtl_shutdown
    - r8169: improve runtime pm in rtl8169_check_link_status
    - r8169: improve runtime pm in general and suspend unused ports

  * Ryzen/Raven Ridge USB ports do not work (LP: #1756700)
    - xhci: Fix front USB ports on ASUS PRIME B350M-A
    - SAUCE: xhci: Fix USB ports for Dell Inspiron 5775

  * Miscellaneous Ubuntu changes
    - Rebase to 4.13.0-39.44

  [ Ubuntu: 4.13.0-39.44 ]

  * linux: 4.13.0-39.44 -proposed tracker (LP: #1761456)
  * intel-microcode 3.20180312.0 causes lockup at login screen(w/ linux-
    image-4.13.0-37-generic) (LP: #1759920) // CVE-2017-5715 (Spectre v2
    Intel) // CVE-2017-5754
    - x86/mm: Reinitialize TLB state on hotplug and resume
  * intel-microcode 3.20180312.0 causes lockup at login screen(w/ linux-
    image-4.13.0-37-generic) (LP: #1759920) // CVE-2017-5715 (Spectre v2 Intel)
    - Revert "x86/mm: Only set IBPB when the new thread cannot ptrace current
      thread"
    - x86/speculation: Use Indirect Branch Prediction Barrier in context switch
  * DKMS driver builds fail with: Cannot use CONFIG_STACK_VALIDATION=y, please
    install libelf-dev, libelf-devel or elfutils-libelf-devel (LP: #1760876)
    - [Packaging] include the retpoline extractor in the headers
  * retpoline hints: primary infrastructure and initial hints (LP: #1758856)
    - [Packaging] retpoline-extract: flag *0xNNN(%reg) branches
    - x86/speculation, objtool: Annotate indirect calls/jumps for objtool
    - x86/speculation, objtool: Annotate indirect calls/jumps for objtool on 32bit
    - x86/paravirt, objtool: Annotate indirect calls
    - [Packaging] retpoline -- add safe usage hint support
    - [Packaging] retpoline-check -- only report additions
    - [Packaging] retpoline -- widen indirect call/jmp detection
    - [Packaging] retpoline -- elide %rip relative indirections
    - [Packaging] retpoline -- clear hint information from packages
    - KVM: x86: Make indirect calls in emulator speculation safe
    - KVM: VMX: Make indirect call speculation safe
    - x86/boot, objtool: Annotate indirect jump in secondary_startup_64()
    - SAUCE: early/late -- annotate indirect calls in early/late initialisation
      code
    - SAUCE: vga_set_mode -- avoid jump tables
    - [Config] retpoline -- switch to new format
    - [Packaging] retpoline hints -- handle missing files when RETPOLINE not
      enabled
    - [Packaging] final-checks -- remove check for empty retpoline files
  * retpoline: ignore %cs:0xNNN constant indirections (LP: #1752655)
    - [Packaging] retpoline -- elide %cs:0xNNNN constants on i386
  * zfs system process hung on container stop/delete (LP: #1754584)
    - SAUCE: Fix non-prefaulted page deadlock (LP: #1754584)
  * zfs-linux 0.6.5.11-1ubuntu5 ADT test failure with linux 4.15.0-1.2
    (LP: #1737761)
    - SAUCE: (noup) Update zfs to 0.6.5.11-1ubuntu3.2
  * AT_BASE_PLATFORM in AUXV is absent on kernels available on Ubuntu 17.10
    (LP: #1759312)
    - powerpc/64s: Fix NULL AT_BASE_PLATFORM when using DT CPU features
  * btrfs and tar sparse truncate archives (LP: #1757565)
    - Btrfs: move definition of the function btrfs_find_new_delalloc_bytes
    - Btrfs: fix reported number of inode blocks after buffered append writes
  * efifb broken on ThunderX-based Gigabyte nodes (LP: #1758375)
    - drivers/fbdev/efifb: Allow BAR to be moved instead of claiming it
  * Intel i40e PF reset due to incorrect MDD detection (continues...)
    (LP: #1723127)
    - i40e/i40evf: Account for frags split over multiple descriptors in check
      linearize
  * Fix an issue that when system in S3, USB keyboard can't wake up the system.
    (LP: #1759511)
    - ACPI / PM: Allow deeper wakeup power states with no _SxD nor _SxW
  * [8086:3e92] display becomes blank after S3 (LP: #1759188)
    - drm/i915: Apply Display WA #1183 on skl, kbl, and cfl
  * add audio kernel patches for Raven (LP: #1758364)
    - ALSA: hda: Add Raven PCI ID
    - ALSA: hda/realtek - Fix ALC700 family no sound issue
  * Cpu utilization showing system time for kvm guests (performance) (sysstat)
    (LP: #1755979)
    - KVM: PPC: Book3S HV: Fix guest time accounting with VIRT_CPU_ACCOUNTING_GEN
  * Kernel panic on a nfsroot system (LP: #1734327)
    - Revert "UBUNTU: SAUCE: LSM stacking: add stacking support to apparmor
      network hooks"
    - Revert "UBUNTU: SAUCE: LSM stacking: LSM: Infrastructure management of the
      remaining blobs"
  * can't record sound via front headset port on the Dell Precision 3630
    (LP: #1759088)
    - ALSA: hda/realtek - Fix Dell headset Mic can't record
  * speaker can't output sound anymore after system resumes from S3 on a lenovo
    machine with alc257 (LP: #1758829)
    - ALSA: hda/realtek - Fix speaker no sound after system resume
  * hda driver initialization takes too much time on the machine with coffeelake
    audio controller [8086:a348] (LP: #1758800)
    - ALSA: hda - Force polling mode on CFL for fixing codec communication
  * Let headset-mode initialization be called on Dell Precision 3930
    (LP: #1757584)
    - ALSA: hda/realtek - Add headset mode support for Dell laptop
  * ubuntu_zram_smoke test will cause soft lockup on Artful ThunderX ARM64
    (LP: #1755073)
    - SAUCE: crypto: thunderx_zip: Fix fallout from CONFIG_VMAP_STACK
  * [Hyper-V] include kvp fix for Avoid reading past allocated blocks from KVP
    file (LP: #1750349)
    - hv: kvp: Avoid reading past allocated blocks from KVP file
  * IMA policy parsing is broken in 4.13 (LP: #1755804)
    - ima/policy: fix parsing of fsuuid
  * external mic not work on Dell OptiPlex 7460 AIO (LP: #1755954)
    - ALSA: hda/realtek - Add headset mode support for Dell laptop
  * sbsa watchdog crashes thunderx2 system (LP: #1755595)
    - watchdog: sbsa: use 32-bit read for WCV
  * CVE-2018-8043
    - net: phy: mdio-bcm-unimac: fix potential NULL dereference in
      unimac_mdio_probe()

 -- Timo Aaltonen <email address hidden>  Thu, 05 Apr 2018 18:46:41 +0300

Available diffs

Superseded in xenial-security on 2018-04-23
Superseded in xenial-updates on 2018-04-23
Deleted in xenial-proposed (Reason: NBS)
linux-oem (4.13.0-1022.24) xenial; urgency=medium

  * linux-oem: 4.13.0-1022.24 -proposed tracker (LP: #1755774)

  * external mic not work on Dell OptiPlex 7460 AIO (LP: #1755954)
    - ALSA: hda/realtek - Add headset mode support for Dell laptop

  * Display screen blinks on black screen periodically on some wyse system
    (LP: #1754216)
    - drm/i915/glk, cnl: Implement WaDisableScalarClockGating

  * CFL systems are not responsive to TB16 DP/HDMI (un)plugging event.
    (LP: #1755705)
    - drm/i915/gen9+: Add 10 us delay after power well 1/AUX IO pw disabling
    - drm/i915/skl: Don't disable misc IO power well during display uninit
    - drm/i915/bxt, glk: Fix assert on conditions for DC9 enabling
    - drm/i915/gen9+: Don't remove secondary power well requests
    - drm/i915/cnl: Fix comment about AUX IO power well enable/disable

  * Remove ubuntu/usb-cv (LP: #1749412)
    - SAUCE: Remove ubuntu/usb-cv

  * mwifiex cannot connect to wifi AP when keeping wireless connection idle for
    more than 60 seconds (LP: #1725154)
    - SAUCE: Revert "cfg80211: workaround for mwifiex"

  *  Add support for Realtek WiFi device [10ec:b822] (LP: #1745081)
    - SAUCE: RTL8822BE: Import RTL8822BE driver
    - SAUCE: RTL8822BE: Fix compiling error on oem kernel
    - SAUCE: RTL8822BE: Don't block disconnect event if kernel >= 4.2
    - SAUCE: RTL8822BE: Fix FW IQK failed when mp_start
    - SAUCE: RTL8822BE: Add ubuntu/rtl8822be into build script
    - SAUCE: RTL8822BE: Adjust the building dir

  * Miscellaneous Ubuntu changes
    - Rebase to 4.13.0-38.43
    - [Config] Ignore usb-cv module
    - [Config] Ignore retpoline

  [ Ubuntu: 4.13.0-38.43 ]

  * linux: 4.13.0-38.43 -proposed tracker (LP: #1755762)
  * Servers going OOM after updating kernel from 4.10 to 4.13 (LP: #1748408)
    - i40e: Fix memory leak related filter programming status
    - i40e: Add programming descriptors to cleaned_count
  * [SRU] Lenovo E41 Mic mute hotkey is not responding (LP: #1753347)
    - platform/x86: ideapad-laptop: Increase timeout to wait for EC answer
  * fails to dump with latest kpti fixes (LP: #1750021)
    - kdump: write correct address of mem_section into vmcoreinfo
  * headset mic can't be detected on two Dell machines (LP: #1748807)
    - ALSA: hda/realtek - Support headset mode for ALC215/ALC285/ALC289
    - ALSA: hda - Fix headset mic detection problem for two Dell machines
    - ALSA: hda - Fix a wrong FIXUP for alc289 on Dell machines
  * CIFS SMB2/SMB3 does not work for domain based DFS (LP: #1747572)
    - CIFS: make IPC a regular tcon
    - CIFS: use tcon_ipc instead of use_ipc parameter of SMB2_ioctl
    - CIFS: dump IPC tcon in debug proc file
  * i2c-thunderx: erroneous error message "unhandled state: 0" (LP: #1754076)
    - i2c: octeon: Prevent error message on bus error
  * hisi_sas: Add disk LED support (LP: #1752695)
    - scsi: hisi_sas: directly attached disk LED feature for v2 hw
  * EDAC, sb_edac: Backport 1 patch to Ubuntu 17.10 (Fix missing DIMM sysfs
    entries with KNL SNC2/SNC4 mode) (LP: #1743856)
    - EDAC, sb_edac: Fix missing DIMM sysfs entries with KNL SNC2/SNC4 mode
  * [regression] Colour banding and artefacts appear system-wide on an Asus
    Zenbook UX303LA with Intel HD 4400 graphics (LP: #1749420)
    - drm/edid: Add 6 bpc quirk for CPT panel in Asus UX303LA
  * DVB Card with SAA7146 chipset not working (LP: #1742316)
    - vmalloc: fix __GFP_HIGHMEM usage for vmalloc_32 on 32b systems
  * [Asus UX360UA] battery status in unity-panel is not changing when battery is
    being charged (LP: #1661876) // AC adapter status not detected on Asus
    ZenBook UX410UAK (LP: #1745032)
    - ACPI / battery: Add quirk for Asus UX360UA and UX410UAK
  * ASUS UX305LA - Battery state not detected correctly (LP: #1482390)
    - ACPI / battery: Add quirk for Asus GL502VSK and UX305LA
  * support thunderx2 vendor pmu events (LP: #1747523)
    - perf pmu: Extract function to get JSON alias map
    - perf pmu: Pass pmu as a parameter to get_cpuid_str()
    - perf tools arm64: Add support for get_cpuid_str function.
    - perf pmu: Add helper function is_pmu_core to detect PMU CORE devices
    - perf vendor events arm64: Add ThunderX2 implementation defined pmu core
      events
    - perf pmu: Add check for valid cpuid in perf_pmu__find_map()
  * lpfc.ko module doesn't work (LP: #1746970)
    - scsi: lpfc: Fix loop mode target discovery
  * Ubuntu 17.10 crashes on vmalloc.c (LP: #1739498)
    - powerpc/mm/book3s64: Make KERN_IO_START a variable
    - powerpc/mm/slb: Move comment next to the code it's referring to
    - powerpc/mm/hash64: Make vmalloc 56T on hash
  * ethtool -p fails to light NIC LED on HiSilicon D05 systems (LP: #1748567)
    - net: hns: add ACPI mode support for ethtool -p
  * CVE-2017-17807
    - KEYS: add missing permission check for request_key() destination
  * [Artful SRU] Fix capsule update regression (LP: #1746019)
    - efi/capsule-loader: Reinstate virtual capsule mapping
  * [Artful/Bionic] [Config] enable EDAC_GHES for ARM64 (LP: #1747746)
    - Ubuntu: [Config] enable EDAC_GHES for ARM64
  * linux-tools: perf incorrectly linking libbfd (LP: #1748922)
    - SAUCE: tools -- add ability to disable libbfd
    - [Packaging] correct disablement of libbfd
  * Cherry pick c96f5471ce7d for delayacct fix (LP: #1747769)
    - delayacct: Account blkio completion on the correct task
  * Error in CPU frequency reporting when nominal and min pstates are same
    (cpufreq) (LP: #1746174)
    - cpufreq: powernv: Dont assume distinct pstate values for nominal and pmin
  * retpoline abi files are empty on i386 (LP: #1751021)
    - [Packaging] retpoline-extract -- instantiate retpoline files for i386
    - [Packaging] final-checks -- sanity checking ABI contents
    - [Packaging] final-checks -- check for empty retpoline files
  * [P9,Power NV][WSP][Ubuntu 1804] : "Kernel access of bad area " when grouping
    different pmu events using perf fuzzer . (perf:) (LP: #1746225)
    - powerpc/perf: Fix oops when grouping different pmu events
  * bnx2x_attn_int_deasserted3:4323 MC assert! (LP: #1715519) //
    CVE-2018-1000026
    - net: create skb_gso_validate_mac_len()
    - bnx2x: disable GSO where gso_size is too big for hardware
  * Ubuntu16.04.03: ISAv3 initialize MMU registers before setting partition
    table (LP: #1736145)
    - powerpc/64s: Initialize ISAv3 MMU registers before setting partition table
  * powerpc/powernv: Flush console before platform error reboot (LP: #1735159)
    - powerpc/powernv: Flush console before platform error reboot
  * Touchpad stops working after a few seconds in Lenovo ideapad 320
    (LP: #1732056)
    - pinctrl/amd: fix masking of GPIO interrupts
  * [Artful][Wyse 3040] System hang when trying to enable an offlined CPU core
    (LP: #1736393)
    - SAUCE: drm/i915:Don't set chip specific data
    - SAUCE: drm/i915: make previous commit affects Wyse 3040 only
  * ppc64el: Do not call ibm,os-term on panic (LP: #1736954)
    - powerpc: Do not call ppc_md.panic in fadump panic notifier
  * Artful update to 4.13.16 stable release (LP: #1744213)
    - tcp_nv: fix division by zero in tcpnv_acked()
    - net: vrf: correct FRA_L3MDEV encode type
    - tcp: do not mangle skb->cb[] in tcp_make_synack()
    - net: systemport: Correct IPG length settings
    - netfilter/ipvs: clear ipvs_property flag when SKB net namespace changed
    - l2tp: don't use l2tp_tunnel_find() in l2tp_ip and l2tp_ip6
    - bonding: discard lowest hash bit for 802.3ad layer3+4
    - net: cdc_ether: fix divide by 0 on bad descriptors
    - net: qmi_wwan: fix divide by 0 on bad descriptors
    - qmi_wwan: Add missing skb_reset_mac_header-call
    - net: usb: asix: fill null-ptr-deref in asix_suspend
    - tcp: gso: avoid refcount_t warning from tcp_gso_segment()
    - tcp: fix tcp_fastretrans_alert warning
    - vlan: fix a use-after-free in vlan_device_event()
    - net/mlx5: Cancel health poll before sending panic teardown command
    - net/mlx5e: Set page to null in case dma mapping fails
    - af_netlink: ensure that NLMSG_DONE never fails in dumps
    - vxlan: fix the issue that neigh proxy blocks all icmpv6 packets
    - net: cdc_ncm: GetNtbFormat endian fix
    - fealnx: Fix building error on MIPS
    - net/sctp: Always set scope_id in sctp_inet6_skb_msgname
    - ima: do not update security.ima if appraisal status is not INTEGRITY_PASS
    - serial: omap: Fix EFR write on RTS deassertion
    - serial: 8250_fintek: Fix finding base_port with activated SuperIO
    - tpm-dev-common: Reject too short writes
    - rcu: Fix up pending cbs check in rcu_prepare_for_idle
    - ocfs2: fix cluster hang after a node dies
    - ocfs2: should wait dio before inode lock in ocfs2_setattr()
    - ipmi: fix unsigned long underflow
    - mm/page_alloc.c: broken deferred calculation
    - mm/page_ext.c: check if page_ext is not prepared
    - x86/cpu/amd: Derive L3 shared_cpu_map from cpu_llc_shared_mask
    - coda: fix 'kernel memory exposure attempt' in fsync
    - Linux 4.13.16
  * Artful update to 4.13.15 stable release (LP: #1744212)
    - media: imon: Fix null-ptr-deref in imon_probe
    - media: dib0700: fix invalid dvb_detach argument
    - crypto: dh - Fix double free of ctx->p
    - crypto: dh - Don't permit 'p' to be 0
    - crypto: dh - Don't permit 'key' or 'g' size longer than 'p'
    - USB: early: Use new USB product ID and strings for DbC device
    - USB: usbfs: compute urb->actual_length for isochronous
    - USB: Add delay-init quirk for Corsair K70 LUX keyboards
    - usb: gadget: f_fs: Fix use-after-free in ffs_free_inst
    - USB: serial: metro-usb: stop I/O after failed open
    - USB: serial: Change DbC debug device binding ID
    - USB: serial: qcserial: add pid/vid for Sierra Wireless EM7355 fw update
    - USB: serial: garmin_gps: fix I/O after failed probe and remove
    - USB: serial: garmin_gps: fix memory leak on probe errors
    - x86/MCE/AMD: Always give panic severity for UC errors in kernel context
    - platform/x86: peaq-wmi: Add DMI check before binding to the WMI interface
    - platform/x86: peaq_wmi: Fix missing terminating entry for peaq_dmi_table
    - HID: cp2112: add HIDRAW dependency
    - HID: wacom: generic: Recognize WACOM_HID_WD_PEN as a type of pen collection
    - staging: wilc1000: Fix bssid buffer offset in Txq
    - staging: ccree: fix 64 bit scatter/gather DMA ops
    - staging: greybus: spilib: fix use-after-free after deregistration
    - staging: vboxvideo: Fix reporting invalid suggested-offset-properties
    - staging: rtl8188eu: Revert 4 commits breaking ARP
    - Linux 4.13.15
  * time drifting on linux-hwe kernels (LP: #1744988)
    - x86/tsc: Future-proof native_calibrate_tsc()
    - x86/tsc: Fix erroneous TSC rate on Skylake Xeon
    - x86/tsc: Print tsc_khz, when it differs from cpu_khz
  * Please backport vmd suspend/resume patches to 16.04 hwe (LP: #1745508)
    - PCI: vmd: Free up IRQs on suspend path
  * CVE-2017-17448
    - netfilter: nfnetlink_cthelper: Add missing permission checks
  * Dell XPS 13 9360 bluetooth (Atheros) won't connect after resume
    (LP: #1744712)
    - Bluetooth: btusb: Restore QCA Rome suspend/resume fix with a "rewritten"
      version
  * [SRU] TrackPoint: middle button doesn't work on TrackPoint-compatible
    device. (LP: #1746002)
    - Input: trackpoint - force 3 buttons if 0 button is reported
  * TB16 dock ethernet corrupts data with hw checksum silently failing
    (LP: #1729674)
    - r8152: disable RX aggregation on Dell TB16 dock
  * [Artful] Realtek ALC225: 2 secs noise when a headset plugged in
    (LP: #1744058)
    - Revert "UBUNTU: SAUCE: ALSA: hda/realtek - Add support headset mode for DELL
      WYSE"
    - SAUCE: ALSA: hda/realtek - Add support headset mode for DELL WYSE
    - ALSA: hda/realtek - update ALC225 depop optimize
  * [A] skb leak in vhost_net / tun / tap (LP: #1738975)
    - vhost: fix skb leak in handle_rx()
    - tap: free skb if flags error
    - tun: free skb in early errors
  * Commit d9018976cdb6 missing in Kernels <4.14.x preventing lasting fix of
    Intel SPI bug on certain serial flash (LP: #1742696)
    - mfd: lpc_ich: Do not touch SPI-NOR write protection bit on Haswell/Broadwell
    - spi-nor: intel-spi: Fix broken software sequencing codes
  * CVE-2018-5332
    - RDS: Heap OOB write in rds_message_alloc_sgs()
  * [A] KVM Windows BSOD on 4.13.x (LP: #1738972)
    - KVM: x86: fix APIC page invalidation
  * elantech touchpad of Lenovo L480/580 failed to detect hw_version
    (LP: #1733605)
    - Input: elantech - add new icbody type 15
  * [SRU] External HDMI monitor failed to show screen on Lenovo X1 series
    (LP: #1738523)
    - SAUCE: drm/i915: Disable writing of TMDS_OE on Lenovo ThinkPad X1 series
  * ubuntu/xr-usb-serial didn't get built in zesty and artful (LP: #1733281)
    - SAUCE: make sure ubuntu/xr-usb-serial builds for x86
  * Disabling zfs does not always disable module checks for the zfs modules
    (LP: #1737176)
    - [Packaging] disable zfs module checks when zfs is disabled
  * CVE-2017-17806
    - crypto: hmac - require that the underlying hash algorithm is unkeyed
  * CVE-2017-17805
    - crypto: salsa20 - fix blkcipher_walk API usage
  * CVE-2017-16994
    - mm/pagewalk.c: report holes in hugetlb ranges
  * CVE-2017-17450
    - netfilter: xt_osf: Add missing permission checks
  * apparmor profile load in stacked policy container fails (LP: #1746463)
    - SAUCE: apparmor: fix display of .ns_name for containers
  * CVE-2017-15129
    - net: Fix double free and memory corruption in get_net_ns_by_id()
  * CVE-2018-5344
    - loop: fix concurrent lo_open/lo_release
  * CVE-2017-1000407
    - KVM: VMX: remove I/O port 0x80 bypass on Intel hosts
  * CVE-2017-0861
    - ALSA: pcm: prevent UAF in snd_pcm_info
  * perf stat segfaults on uncore events w/o -a (LP: #1745246)
    - perf xyarray: Save max_x, max_y
    - perf evsel: Fix buffer overflow while freeing events
  * Support cppc-cpufreq driver on ThunderX2 systems (LP: #1745007)
    - mailbox: PCC: Move the MAX_PCC_SUBSPACES definition to header file
    - ACPI / CPPC: Make CPPC ACPI driver aware of PCC subspace IDs
    - ACPI / CPPC: Fix KASAN global out of bounds warning
    - ACPI: CPPC: remove initial assignment of pcc_ss_data
  * P-state not working in kernel 4.13 (LP: #1743269)
    - x86 / CPU: Avoid unnecessary IPIs in arch_freq_get_on_cpu()
    - x86 / CPU: Always show current CPU frequency in /proc/cpuinfo
  * Regression: KVM no longer supports Intel CPUs without Virtual NMI
    (LP: #1741655)
    - kvm: vmx: Reinstate support for CPUs without virtual NMI
  * System hang with Linux kernel due to mainline commit 24247aeeabe
    (LP: #1733662)
    - x86/intel_rdt/cqm: Prevent use after free
  * $(LOCAL_ENV_CC) and $(LOCAL_ENV_DISTCC_HOSTS) should be properly quoted
    (LP: #1744077)
    - [Debian] pass LOCAL_ENV_CC and LOCAL_ENV_DISTCC_HOSTS properly
  * the wifi driver is always hard blocked on a lenovo laptop (LP: #1743672)
    - ACPI: EC: Fix possible issues related to EC initialization order
  * text VTs are unavailable on desktop after upgrade to Ubuntu 17.10
    (LP: #1724911)
    - drm/i915/fbdev: Always forward hotplug events
  * Samsung SSD 960 EVO 500GB refused to change power state (LP: #1705748)
    - nvme-pci: disable APST on Samsung SSD 960 EVO + ASUS PRIME B350M-A
  * [0cf3:e010] QCA6174A XR failed to pair with bt 4.0 device  (LP: #1741166)
    - Bluetooth: btusb: Add support for 0cf3:e010
  * CVE-2017-17741
    - KVM: Fix stack-out-of-bounds read in write_mmio
  * CVE-2018-5333
    - RDS: null pointer dereference in rds_atomic_free_op
  * [800 G3 SFF] [800 G3 DM]External microphone of headset(3-ring) is working,
    2-ring mic not working, both not shown in sound settings  (LP: #1740974)
    - ALSA: hda - Add MIC_NO_PRESENCE fixup for 2 HP machines
  * Two front mics can't work on a lenovo machine (LP: #1740973)
    - ALSA: hda - change the location for one mic on a Lenovo machine
  * No external microphone be detected via headset jack on a dell machine
    (LP: #1740972)
    - ALSA: hda - fix headset mic detection issue on a Dell machine
  *  Can't detect external headset via line-out jack on some Dell machines
    (LP: #1740971)
    - ALSA: hda/realtek - Fix Dell AIO LineOut issue
  * Support realtek new codec alc257 in the alsa hda driver  (LP: #1738911)
    - ALSA: hda/realtek - New codec support for ALC257
  * Add support for 16g huge pages on Ubuntu 16.04.2 PowerNV (LP: #1706247)
    - powerpc/mm/hugetlb: Allow runtime allocation of 16G.
    - powerpc/mm/hugetlb: Add support for reserving gigantic huge pages via kernel
      command line
    - mm/hugetlb: Allow arch to override and call the weak function
  * the kernel is blackholing IPv6 packets to linkdown nexthops (LP: #1738219)
    - ipv6: Do not consider linkdown nexthops during multipath
  * e1000e in 4.4.0-97-generic breaks 82574L under heavy load. (LP: #1730550)
    - e1000e: Avoid receiver overrun interrupt bursts
    - e1000e: Separate signaling for link check/link up
  * Ubuntu 17.10: Include patch "crypto: vmx - Use skcipher for ctr fallback"
    (LP: #1732978)
    - crypto: vmx - Use skcipher for ctr fallback
  * QCA Rome bluetooth can not wakeup after USB runtime suspended.
    (LP: #1737890)
    - Bluetooth: btusb: driver to enable the usb-wakeup feature
  * /dev/bcache/by-uuid links not created after reboot (LP: #1729145)
    - SAUCE: (no-up) bcache: decouple emitting a cached_dev CHANGE uevent
  * Some VMs fail to reboot with "watchdog: BUG: soft lockup - CPU#0 stuck for
    22s! [systemd:1]" (LP: #1730717)
    - SAUCE: exec: fix lockup because retry loop may never exit
  * Request to backport cxlflash patches to 16.04 HWE Kernel (LP: #1730515)
    - scsi: cxlflash: Use derived maximum write same length
    - scsi: cxlflash: Allow cards without WWPN VPD to configure
    - scsi: cxlflash: Derive pid through accessors
  * vagrant artful64 box filesystem too small (LP: #1726818)
    - block: factor out __blkdev_issue_zero_pages()
    - block: cope with WRITE ZEROES failing in blkdev_issue_zeroout()
  * Artful update to 4.13.14 stable release (LP: #1744121)
    - ppp: fix race in ppp device destruction
    - gso: fix payload length when gso_size is zero
    - ipv4: Fix traffic triggered IPsec connections.
    - ipv6: Fix traffic triggered IPsec connections.
    - netlink: do not set cb_running if dump's start() errs
    - net: call cgroup_sk_alloc() earlier in sk_clone_lock()
    - macsec: fix memory leaks when skb_to_sgvec fails
    - l2tp: check ps->sock before running pppol2tp_session_ioctl()
    - netlink: fix netlink_ack() extack race
    - sctp: add the missing sock_owned_by_user check in sctp_icmp_redirect
    - tcp/dccp: fix ireq->opt races
    - packet: avoid panic in packet_getsockopt()
    - geneve: Fix function matching VNI and tunnel ID on big-endian
    - net: bridge: fix returning of vlan range op errors
    - soreuseport: fix initialization race
    - ipv6: flowlabel: do not leave opt->tot_len with garbage
    - sctp: full support for ipv6 ip_nonlocal_bind & IP_FREEBIND
    - tcp/dccp: fix lockdep splat in inet_csk_route_req()
    - tcp/dccp: fix other lockdep splats accessing ireq_opt
    - net: dsa: check master device before put
    - net/unix: don't show information about sockets from other namespaces
    - tap: double-free in error path in tap_open()
    - net/mlx5: Fix health work queue spin lock to IRQ safe
    - net/mlx5e: Properly deal with encap flows add/del under neigh update
    - ipip: only increase err_count for some certain type icmp in ipip_err
    - ip6_gre: only increase err_count for some certain type icmpv6 in ip6gre_err
    - ip6_gre: update dst pmtu if dev mtu has been updated by toobig in
      __gre6_xmit
    - tcp: refresh tp timestamp before tcp_mtu_probe()
    - tap: reference to KVA of an unloaded module causes kernel panic
    - sctp: reset owner sk for data chunks on out queues when migrating a sock
    - net_sched: avoid matching qdisc with zero handle
    - l2tp: hold tunnel in pppol2tp_connect()
    - ipv6: addrconf: increment ifp refcount before ipv6_del_addr()
    - tcp: fix tcp_mtu_probe() vs highest_sack
    - mac80211: accept key reinstall without changing anything
    - mac80211: use constant time comparison with keys
    - mac80211: don't compare TKIP TX MIC key in reinstall prevention
    - usb: usbtest: fix NULL pointer dereference
    - Input: ims-psu - check if CDC union descriptor is sane
    - EDAC, sb_edac: Don't create a second memory controller if HA1 is not present
    - dmaengine: dmatest: warn user when dma test times out
    - Linux 4.13.14

  [ Ubuntu: 4.13.0-37.42 ]

  * linux: 4.13.0-37.42 -proposed tracker (LP: #1751798)
  * CVE-2017-5715 // CVE-2017-5753 // CVE-2017-5754
    - arm64: Add ASM_BUG()
    - arm64: consistently use bl for C exception entry
    - arm64: move non-entry code out of .entry.text
    - arm64: unwind: avoid percpu indirection for irq stack
    - arm64: unwind: disregard frame.sp when validating frame pointer
    - arm64: mm: Fix set_memory_valid() declaration
    - arm64: Convert __inval_cache_range() to area-based
    - arm64: Expose DC CVAP to userspace
    - arm64: Handle trapped DC CVAP
    - arm64: Implement pmem API support
    - arm64: uaccess: Implement *_flushcache variants
    - arm64/vdso: Support mremap() for vDSO
    - arm64: unwind: reference pt_regs via embedded stack frame
    - arm64: unwind: remove sp from struct stackframe
    - arm64: uaccess: Add the uaccess_flushcache.c file
    - arm64: fix pmem interface definition
    - arm64: compat: Remove leftover variable declaration
    - fork: allow arch-override of VMAP stack alignment
    - arm64: kernel: remove {THREAD,IRQ_STACK}_START_SP
    - arm64: factor out PAGE_* and CONT_* definitions
    - arm64: clean up THREAD_* definitions
    - arm64: clean up irq stack definitions
    - arm64: move SEGMENT_ALIGN to <asm/memory.h>
    - efi/arm64: add EFI_KIMG_ALIGN
    - arm64: factor out entry stack manipulation
    - arm64: assembler: allow adr_this_cpu to use the stack pointer
    - arm64: use an irq stack pointer
    - arm64: add basic VMAP_STACK support
    - arm64: add on_accessible_stack()
    - arm64: add VMAP_STACK overflow detection
    - arm64: Convert pte handling from inline asm to using (cmp)xchg
    - kvm: arm64: Convert kvm_set_s2pte_readonly() from inline asm to cmpxchg()
    - arm64: Move PTE_RDONLY bit handling out of set_pte_at()
    - arm64: Ignore hardware dirty bit updates in ptep_set_wrprotect()
    - arm64: Remove the !CONFIG_ARM64_HW_AFDBM alternative code paths
    - arm64: introduce separated bits for mm_context_t flags
    - arm64: cleanup {COMPAT_,}SET_PERSONALITY() macro
    - KVM: arm/arm64: Fix guest external abort matching
    - KVM: arm/arm64: vgic: constify seq_operations and file_operations
    - KVM: arm/arm64: vITS: Drop its_ite->lpi field
    - KVM: arm/arm64: Extract GICv3 max APRn index calculation
    - KVM: arm/arm64: Support uaccess of GICC_APRn
    - arm64: Use larger stacks when KASAN is selected
    - arm64: Define cputype macros for Falkor CPU
    - arm64: SW PAN: Point saved ttbr0 at the zero page when switching to init_mm
    - arm64: SW PAN: Update saved ttbr0 value on enter_lazy_tlb
    - x86/syscalls: Check address limit on user-mode return
    - arm/syscalls: Check address limit on user-mode return
    - arm64/syscalls: Check address limit on user-mode return
    - Revert "arm/syscalls: Check address limit on user-mode return"
    - syscalls: Use CHECK_DATA_CORRUPTION for addr_limit_user_check
    - arm/syscalls: Optimize address limit check
    - arm64/syscalls: Move address limit check in loop
    - futex: Remove duplicated code and fix undefined behaviour
    - arm64: KVM: Fix SMCCC handling of unimplemented SMC/HVC calls
    - arm64: syscallno is secretly an int, make it official
    - arm64: move TASK_* definitions to <asm/processor.h>
    - arm64: mm: Use non-global mappings for kernel space
    - arm64: mm: Temporarily disable ARM64_SW_TTBR0_PAN
    - arm64: mm: Move ASID from TTBR0 to TTBR1
    - arm64: mm: Remove pre_ttbr0_update_workaround for Falkor erratum #E1003
    - arm64: mm: Rename post_ttbr0_update_workaround
    - arm64: mm: Fix and re-enable ARM64_SW_TTBR0_PAN
    - arm64: mm: Allocate ASIDs in pairs
    - arm64: mm: Add arm64_kernel_unmapped_at_el0 helper
    - arm64: mm: Invalidate both kernel and user ASIDs when performing TLBI
    - arm64: entry: Add exception trampoline page for exceptions from EL0
    - arm64: mm: Map entry trampoline into trampoline and kernel page tables
    - arm64: entry: Explicitly pass exception level to kernel_ventry macro
    - arm64: entry: Hook up entry trampoline to exception vectors
    - arm64: erratum: Work around Falkor erratum #E1003 in trampoline code
    - arm64: cpu_errata: Add Kryo to Falkor 1003 errata
    - arm64: tls: Avoid unconditional zeroing of tpidrro_el0 for native tasks
    - arm64: entry: Add fake CPU feature for unmapping the kernel at EL0
    - arm64: kaslr: Put kernel vectors address in separate data page
    - arm64: use RET instruction for exiting the trampoline
    - arm64: Kconfig: Add CONFIG_UNMAP_KERNEL_AT_EL0
    - arm64: Kconfig: Reword UNMAP_KERNEL_AT_EL0 kconfig entry
    - arm64: Take into account ID_AA64PFR0_EL1.CSV3
    - arm64: capabilities: Handle duplicate entries for a capability
    - arm64: mm: Introduce TTBR_ASID_MASK for getting at the ASID in the TTBR
    - arm64: kpti: Fix the interaction between ASID switching and software PAN
    - arm64: cputype: Add MIDR values for Cavium ThunderX2 CPUs
    - arm64: Turn on KPTI only on CPUs that need it
    - arm64: kpti: Make use of nG dependent on arm64_kernel_unmapped_at_el0()
    - arm64: mm: Permit transitioning from Global to Non-Global without BBM
    - arm64: kpti: Add ->enable callback to remap swapper using nG mappings
    - arm64: Force KPTI to be disabled on Cavium ThunderX
    - arm64: entry: Reword comment about post_ttbr_update_workaround
    - arm64: idmap: Use "awx" flags for .idmap.text .pushsection directives
    - arm64: barrier: Add CSDB macros to control data-value prediction
    - arm64: Implement array_index_mask_nospec()
    - arm64: Make USER_DS an inclusive limit
    - arm64: Use pointer masking to limit uaccess speculation
    - arm64: entry: Ensure branch through syscall table is bounded under
      speculation
    - arm64: uaccess: Prevent speculative use of the current addr_limit
    - arm64: uaccess: Don't bother eliding access_ok checks in __{get, put}_user
    - arm64: uaccess: Mask __user pointers for __arch_{clear, copy_*}_user
    - arm64: futex: Mask __user pointers prior to dereference
    - arm64: cpufeature: __this_cpu_has_cap() shouldn't stop early
    - arm64: Run enable method for errata work arounds on late CPUs
    - arm64: cpufeature: Pass capability structure to ->enable callback
    - drivers/firmware: Expose psci_get_version through psci_ops structure
    - arm64: Move post_ttbr_update_workaround to C code
    - arm64: Add skeleton to harden the branch predictor against aliasing attacks
    - arm64: Move BP hardening to check_and_switch_context
    - arm64: KVM: Use per-CPU vector when BP hardening is enabled
    - arm64: entry: Apply BP hardening for high-priority synchronous exceptions
    - arm64: entry: Apply BP hardening for suspicious interrupts from EL0
    - arm64: cputype: Add missing MIDR values for Cortex-A72 and Cortex-A75
    - arm64: Implement branch predictor hardening for affected Cortex-A CPUs
    - arm64: Implement branch predictor hardening for Falkor
    - arm64: Branch predictor hardening for Cavium ThunderX2
    - arm64: KVM: Increment PC after handling an SMC trap
    - arm/arm64: KVM: Consolidate the PSCI include files
    - arm/arm64: KVM: Add PSCI_VERSION helper
    - arm/arm64: KVM: Add smccc accessors to PSCI code
    - arm/arm64: KVM: Implement PSCI 1.0 support
    - arm/arm64: KVM: Advertise SMCCC v1.1
    - arm64: KVM: Make PSCI_VERSION a fast path
    - arm/arm64: KVM: Turn kvm_psci_version into a static inline
    - arm64: KVM: Report SMCCC_ARCH_WORKAROUND_1 BP hardening support
    - arm64: KVM: Add SMCCC_ARCH_WORKAROUND_1 fast handling
    - firmware/psci: Expose PSCI conduit
    - firmware/psci: Expose SMCCC version through psci_ops
    - arm/arm64: smccc: Make function identifiers an unsigned quantity
    - arm/arm64: smccc: Implement SMCCC v1.1 inline primitive
    - arm64: Add ARM_SMCCC_ARCH_WORKAROUND_1 BP hardening support
    - arm64: Kill PSCI_GET_VERSION as a variant-2 workaround
    - [Config] UNMAP_KERNEL_AT_EL0=y && HARDEN_BRANCH_PREDICTOR=y
    - SAUCE: arm64: __idmap_cpu_set_reserved_ttbr1: fix !ARM64_PA_BITS_52 logic
    - arm64: Add missing Falkor part number for branch predictor hardening
    - arm64: mm: fix thinko in non-global page table attribute check
  * linux-image-4.13.0-26-generic / linux-image-extra-4.13.0-26-generic fail to
    boot (LP: #1742721)
    - staging: sm750fb: Fix parameter mistake in poke32

  [ Ubuntu: 4.13.0-36.40 ]

  * linux: 4.13.0-36.40 -proposed tracker (LP: #1750010)
  * Rebuild without "CVE-2017-5754 ARM64 KPTI fixes" patch set

 -- Timo Aaltonen <email address hidden>  Thu, 15 Mar 2018 12:45:48 +0200

Available diffs

Superseded in xenial-security on 2018-04-03
Superseded in xenial-updates on 2018-04-03
Deleted in xenial-proposed (Reason: moved to -updates)
linux-oem (4.13.0-1021.23) xenial; urgency=low

  * linux-oem: 4.13.0-1021.23 -proposed tracker (LP: #1748481)

  * Intel 9462 A370:42A4 doesn't work (LP: #1748853)
    - SAUCE: iwlwifi: Adding missing id A370:42A4

  * headset mic can't be detected on two Dell machines (LP: #1748807)
    - ALSA: hda/realtek - Support headset mode for ALC215/ALC285/ALC289
    - ALSA: hda - Fix headset mic detection problem for two Dell machines

  * [linux-oem] Use I2C transport for touchpad on Precision M5530 (LP: #1746661)
    - SAUCE: ACPI: Parse entire table as a term_list for Dell XPS 9570 and
      Precision M5530

  * QCA9377 requires more IRAM banks for its new firmware (LP: #1748345)
    - SAUCE: ath10k: change QCA9377 IRAM back to 9

  * TrackPoint: middle button doesn't work on TrackPoint-compatible device.
    (LP: #1746002)
    - Input: trackpoint - force 3 buttons if 0 button is reported

  * [linux-oem] Fix out of bound VBT pin on CNP (LP: #1746411)
    - drm/i914/bios: amend child device config parameters
    - drm/i915/bios: document BDB versions of child device config fields
    - drm/i915/bios: remove the raw version of child device config
    - drm/i915/bios: add legacy contents to common child device config
    - drm/i915/bios: throw away high level child device union
    - drm/i915/bios: throw away struct old_child_dev_config
    - drm/i915/bios: document child device config dvo_port values a bit better
    - drm/i915/bios: group device type definitions together
    - drm/i915/bios: throw away unused DVO_* macros
    - drm/i915/bios: drop the rest of the p_ prefixes from pointers
    - drm/i915/cnl: Don't trust VBT's alternate pin for port D for now.
    - drm/i915/cnl: Map VBT DDC Pin to BSpec DDC Pin.
    - drm/i915/bios: split up iboost to hdmi and dp bitfields
    - drm/i915/bios: add DP max link rate to VBT child device struct
    - drm/i915/cnp: Ignore VBT request for know invalid DDC pin.
    - drm/i915/cnp: Properly handle VBT ddc pin out of bounds.

  * Miscellaneous upstream changes
    - Rebase to 4.13.0-35.39
    - [Config] update configs following rebase to 4.13.0-35.39
    - [oem config] Keep ignoring retpoline

  [ Ubuntu: 4.13.0-35.39 ]

  * linux: 4.13.0-35.39 -proposed tracker (LP: #1748743)
  * CVE-2017-5715 (Spectre v2 Intel)
    - Revert "UBUNTU: SAUCE: turn off IBPB when full retpoline is present"
    - SAUCE: turn off IBRS when full retpoline is present
    - [Packaging] retpoline files must be sorted
    - [Packaging] pull in retpoline files

  [ Ubuntu: 4.13.0-34.37 ]

  * linux: 4.13.0-34.37 -proposed tracker (LP: #1748475)
  * libata: apply MAX_SEC_1024 to all LITEON EP1 series devices (LP: #1743053)
    - libata: apply MAX_SEC_1024 to all LITEON EP1 series devices
  * KVM patches for s390x to provide facility bits 81 (ppa15) and 82 (bpb)
    (LP: #1747090)
    - KVM: s390: wire up bpb feature
  * artful 4.13 i386 kernels crash after memory hotplug remove (LP: #1747069)
    - Revert "mm, memory_hotplug: do not associate hotadded memory to zones until
      online"
  * CVE-2017-5715 (Spectre v2 Intel)
    - x86/feature: Enable the x86 feature to control Speculation
    - x86/feature: Report presence of IBPB and IBRS control
    - x86/enter: MACROS to set/clear IBRS and set IBPB
    - x86/enter: Use IBRS on syscall and interrupts
    - x86/idle: Disable IBRS entering idle and enable it on wakeup
    - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup
    - x86/mm: Set IBPB upon context switch
    - x86/mm: Only set IBPB when the new thread cannot ptrace current thread
    - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform
    - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm
    - x86/kvm: Set IBPB when switching VM
    - x86/kvm: Toggle IBRS on VM entry and exit
    - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature
    - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control
    - x86/cpu/AMD: Add speculative control support for AMD
    - x86/microcode: Extend post microcode reload to support IBPB feature
    - KVM: SVM: Do not intercept new speculative control MSRs
    - x86/svm: Set IBRS value on VM entry and exit
    - x86/svm: Set IBPB when running a different VCPU
    - KVM: x86: Add speculative control CPUID support for guests
    - SAUCE: turn off IBPB when full retpoline is present
  * Artful 4.13 fixes for tun (LP: #1748846)
    - tun: call dev_get_valid_name() before register_netdevice()
    - tun: allow positive return values on dev_get_valid_name() call
    - tun/tap: sanitize TUNSETSNDBUF input
  * boot failure on AMD Raven + WestonXT (LP: #1742759)
    - SAUCE: drm/amdgpu: add atpx quirk handling (v2)

  [ Ubuntu: 4.13.0-33.36 ]

  * linux: 4.13.0-33.36 -proposed tracker (LP: #1746903)
  * starting VMs causing retpoline4 to reboot (LP: #1747507) // CVE-2017-5715
    (Spectre v2 retpoline)
    - x86/retpoline: Fill RSB on context switch for affected CPUs
    - x86/retpoline: Add LFENCE to the retpoline/RSB filling RSB macros
    - x86/retpoline: Optimize inline assembler for vmexit_fill_RSB
    - x86/retpoline: Remove the esp/rsp thunk
    - x86/retpoline: Simplify vmexit_fill_RSB()
  * Missing install-time driver for QLogic QED 25/40/100Gb Ethernet NIC
    (LP: #1743638)
    - [d-i] Add qede to nic-modules udeb
  * hisi_sas: driver robustness fixes (LP: #1739807)
    - scsi: hisi_sas: fix reset and port ID refresh issues
    - scsi: hisi_sas: avoid potential v2 hw interrupt issue
    - scsi: hisi_sas: fix v2 hw underflow residual value
    - scsi: hisi_sas: add v2 hw DFX feature
    - scsi: hisi_sas: add irq and tasklet cleanup in v2 hw
    - scsi: hisi_sas: service interrupt ITCT_CLR interrupt in v2 hw
    - scsi: hisi_sas: fix internal abort slot timeout bug
    - scsi: hisi_sas: us start_phy in PHY_FUNC_LINK_RESET
    - scsi: hisi_sas: fix NULL check in SMP abort task path
    - scsi: hisi_sas: fix the risk of freeing slot twice
    - scsi: hisi_sas: kill tasklet when destroying irq in v3 hw
    - scsi: hisi_sas: complete all tasklets prior to host reset
  * [Artful/Zesty] ACPI APEI error handling bug fixes (LP: #1732990)
    - ACPI: APEI: fix the wrong iteration of generic error status block
    - ACPI / APEI: clear error status before acknowledging the error
  * [Zesty/Artful] On ARM64 PCIE physical function passthrough guest fails to
    boot (LP: #1732804)
    - vfio/pci: Virtualize Maximum Payload Size
    - vfio/pci: Virtualize Maximum Read Request Size
  * hisi_sas: Add ATA command support for SMR disks (LP: #1739891)
    - scsi: hisi_sas: support zone management commands
  * thunderx2: i2c driver PEC and ACPI clock fixes (LP: #1738073)
    - ACPI / APD: Add clock frequency for ThunderX2 I2C controller
    - i2c: xlp9xx: Get clock frequency with clk API
    - i2c: xlp9xx: Handle I2C_M_RECV_LEN in msg->flags
  * Falkor erratum 1041 needs workaround (LP: #1738497)
    - [Config] CONFIG_QCOM_FALKOR_ERRATUM_E1041=y
    - arm64: Add software workaround for Falkor erratum 1041
  * ThunderX: TX failure unless checksum offload disabled (LP: #1736593)
    - net: thunderx: Fix TCP/UDP checksum offload for IPv6 pkts
    - net: thunderx: Fix TCP/UDP checksum offload for IPv4 pkts
  * arm64/thunderx: Unhandled context faults in ACPI mode (LP: #1736774)
    - PCI: Set Cavium ACS capability quirk flags to assert RR/CR/SV/UF
    - PCI: Apply Cavium ThunderX ACS quirk to more Root Ports
  * arm64: Unfair rwlock can stall the system (LP: #1732238)
    - locking/qrwlock: Use 'struct qrwlock' instead of 'struct __qrwlock'
    - locking/atomic: Add atomic_cond_read_acquire()
    - locking/qrwlock: Use atomic_cond_read_acquire() when spinning in qrwlock
    - locking/qrwlock, arm64: Move rwlock implementation over to qrwlocks
    - locking/qrwlock: Prevent slowpath writers getting held up by fastpath
  * Shutdown hang on 16.04 with iscsi targets (LP: #1569925)
    - scsi: libiscsi: Allow sd_shutdown on bad transport
  * bt_iter() crash due to NULL pointer (LP: #1744300)
    - blk-mq-tag: check for NULL rq when iterating tags
  * hisilicon hibmc regression due to ea642c3216cb ("drm/ttm: add io_mem_pfn
    callback") (LP: #1738334)
    - SAUCE: drm: hibmc: Initialize the hibmc_bo_driver.io_mem_pfn
  * CVE-2017-5754 ARM64 KPTI fixes
    - arm64: Add ASM_BUG()
    - arm64: consistently use bl for C exception entry
    - arm64: syscallno is secretly an int, make it official
    - arm64: Abstract syscallno manipulation
    - arm64: move non-entry code out of .entry.text
    - arm64: unwind: avoid percpu indirection for irq stack
    - arm64: unwind: disregard frame.sp when validating frame pointer
    - arm64: mm: Fix set_memory_valid() declaration
    - arm64: Convert __inval_cache_range() to area-based
    - arm64: Expose DC CVAP to userspace
    - arm64: Handle trapped DC CVAP
    - arm64: Implement pmem API support
    - arm64: uaccess: Implement *_flushcache variants
    - arm64/vdso: Support mremap() for vDSO
    - arm64: unwind: reference pt_regs via embedded stack frame
    - arm64: unwind: remove sp from struct stackframe
    - arm64: uaccess: Add the uaccess_flushcache.c file
    - arm64: fix pmem interface definition
    - arm64: compat: Remove leftover variable declaration
    - fork: allow arch-override of VMAP stack alignment
    - arm64: kernel: remove {THREAD,IRQ_STACK}_START_SP
    - arm64: factor out PAGE_* and CONT_* definitions
    - arm64: clean up THREAD_* definitions
    - arm64: clean up irq stack definitions
    - arm64: move SEGMENT_ALIGN to <asm/memory.h>
    - efi/arm64: add EFI_KIMG_ALIGN
    - arm64: factor out entry stack manipulation
    - arm64: assembler: allow adr_this_cpu to use the stack pointer
    - arm64: use an irq stack pointer
    - arm64: add basic VMAP_STACK support
    - arm64: add on_accessible_stack()
    - arm64: add VMAP_STACK overflow detection
    - arm64: Convert pte handling from inline asm to using (cmp)xchg
    - kvm: arm64: Convert kvm_set_s2pte_readonly() from inline asm to cmpxchg()
    - arm64: Move PTE_RDONLY bit handling out of set_pte_at()
    - arm64: Ignore hardware dirty bit updates in ptep_set_wrprotect()
    - arm64: Remove the !CONFIG_ARM64_HW_AFDBM alternative code paths
    - arm64: introduce separated bits for mm_context_t flags
    - arm64: cleanup {COMPAT_,}SET_PERSONALITY() macro
    - KVM: arm/arm64: Fix guest external abort matching
    - KVM: arm/arm64: vgic: constify seq_operations and file_operations
    - KVM: arm/arm64: vITS: Drop its_ite->lpi field
    - KVM: arm/arm64: Extract GICv3 max APRn index calculation
    - KVM: arm/arm64: Support uaccess of GICC_APRn
    - arm64: move TASK_* definitions to <asm/processor.h>
    - arm64: Use larger stacks when KASAN is selected
    - arm64: sysreg: Move SPE registers and PSB into common header files
    - arm64: head: Init PMSCR_EL2.{PA,PCT} when entered at EL2 without VHE
    - arm64: Update fault_info table with new exception types
    - arm64: Use existing defines for mdscr
    - arm64: Fix single stepping in kernel traps
    - arm64: asm-bug: Renumber macro local labels to avoid clashes
    - arm64: Implement arch-specific pte_access_permitted()
    - arm64: explicitly mask all exceptions
    - arm64: introduce an order for exceptions
    - arm64: Move the async/fiq helpers to explicitly set process context flags
    - arm64: Mask all exceptions during kernel_exit
    - arm64: entry.S: Remove disable_dbg
    - arm64: entry.S: convert el1_sync
    - arm64: entry.S convert el0_sync
    - arm64: entry.S: convert elX_irq
    - arm64: entry.S: move SError handling into a C function for future expansion
    - arm64: pgd: Mark pgd_cache as __ro_after_init
    - arm64: cpu_ops: Add missing 'const' qualifiers
    - arm64: context: Fix comments and remove pointless smp_wmb()
    - arm64: SW PAN: Point saved ttbr0 at the zero page when switching to init_mm
    - arm64: SW PAN: Update saved ttbr0 value on enter_lazy_tlb
    - arm64: Expose support for optional ARMv8-A features
    - arm64: KVM: Hide unsupported AArch64 CPU features from guests
    - arm64: mm: Use non-global mappings for kernel space
    - arm64: mm: Temporarily disable ARM64_SW_TTBR0_PAN
    - arm64: mm: Move ASID from TTBR0 to TTBR1
    - arm64: mm: Remove pre_ttbr0_update_workaround for Falkor erratum #E1003
    - arm64: mm: Rename post_ttbr0_update_workaround
    - arm64: mm: Fix and re-enable ARM64_SW_TTBR0_PAN
    - arm64: mm: Allocate ASIDs in pairs
    - arm64: mm: Add arm64_kernel_unmapped_at_el0 helper
    - arm64: mm: Invalidate both kernel and user ASIDs when performing TLBI
    - arm64: entry: Add exception trampoline page for exceptions from EL0
    - arm64: mm: Map entry trampoline into trampoline and kernel page tables
    - arm64: entry: Explicitly pass exception level to kernel_ventry macro
    - arm64: entry: Hook up entry trampoline to exception vectors
    - arm64: erratum: Work around Falkor erratum #E1003 in trampoline code
    - arm64: tls: Avoid unconditional zeroing of tpidrro_el0 for native tasks
    - arm64: entry: Add fake CPU feature for unmapping the kernel at EL0
    - arm64: Kconfig: Add CONFIG_UNMAP_KERNEL_AT_EL0
    - arm64: mm: Introduce TTBR_ASID_MASK for getting at the ASID in the TTBR
    - arm64: kaslr: Put kernel vectors address in separate data page
    - arm64: use RET instruction for exiting the trampoline
    - arm64: Kconfig: Reword UNMAP_KERNEL_AT_EL0 kconfig entry
    - arm64: Fix the feature type for ID register fields
    - arm64: Take into account ID_AA64PFR0_EL1.CSV3
    - arm64: cpufeature: Pass capability structure to ->enable callback
    - drivers/firmware: Expose psci_get_version through psci_ops structure
    - arm64: Move post_ttbr_update_workaround to C code
    - arm64: Add skeleton to harden the branch predictor against aliasing attacks
    - arm64: KVM: Use per-CPU vector when BP hardening is enabled
    - arm64: KVM: Make PSCI_VERSION a fast path
    - arm64: cputype: Add missing MIDR values for Cortex-A72 and Cortex-A75
    - arm64: Implement branch predictor hardening for affected Cortex-A CPUs
    - arm64: Define cputype macros for Falkor CPU
    - arm64: Implement branch predictor hardening for Falkor
    - arm64: cputype: Add MIDR values for Cavium ThunderX2 CPUs
    - bpf: inline map in map lookup functions for array and htab
    - bpf: perf event change needed for subsequent bpf helpers
    - bpf: do not test for PCPU_MIN_UNIT_SIZE before percpu allocations
    - arm64: Branch predictor hardening for Cavium ThunderX2
    - arm64: capabilities: Handle duplicate entries for a capability
    - arm64: kpti: Fix the interaction between ASID switching and software PAN
    - SAUCE: arm: Add BTB invalidation on switch_mm for Cortex-A9, A12 and A17
    - SAUCE: arm: Invalidate BTB on prefetch abort outside of user mapping on
      Cortex A8, A9, A12 and A17
    - SAUCE: arm: KVM: Invalidate BTB on guest exit
    - SAUCE: arm: Add icache invalidation on switch_mm for Cortex-A15
    - SAUCE: arm: Invalidate icache on prefetch abort outside of user mapping on
      Cortex-A15
    - SAUCE: arm: KVM: Invalidate icache on guest exit for Cortex-A15
    - SAUCE: asm-generic/barrier: add generic nospec helpers
    - SAUCE: Documentation: document nospec helpers
    - SAUCE: arm64: implement nospec_{load,ptr}()
    - SAUCE: arm: implement nospec_ptr()
    - SAUCE: bpf: inhibit speculated out-of-bounds pointers
    - SAUCE: arm64: Implement branch predictor hardening for Falkor
    - SAUCE: arm64: Branch predictor hardening for Cavium ThunderX2
    - [Config] UNMAP_KERNEL_AT_EL0=y && HARDEN_BRANCH_PREDICTOR=y
  * [artful] panic in update_stack_state when reading /proc/<pid>/stack on i386
    (LP: #1747263)
    - x86/unwind: Fix dereference of untrusted pointer
  * CVE-2017-5753 (Spectre v1 Intel)
    - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature
    - SAUCE: reinstate MFENCE_RDTSC feature definition
    - locking/barriers: introduce new observable speculation barrier
    - bpf: prevent speculative execution in eBPF interpreter
    - x86, bpf, jit: prevent speculative execution when JIT is enabled
    - SAUCE: FIX: x86, bpf, jit: prevent speculative execution when JIT is enabled
    - uvcvideo: prevent speculative execution
    - carl9170: prevent speculative execution
    - p54: prevent speculative execution
    - qla2xxx: prevent speculative execution
    - cw1200: prevent speculative execution
    - Thermal/int340x: prevent speculative execution
    - ipv4: prevent speculative execution
    - ipv6: prevent speculative execution
    - fs: prevent speculative execution
    - net: mpls: prevent speculative execution
    - udf: prevent speculative execution
    - userns: prevent speculative execution
    - SAUCE: powerpc: add osb barrier
    - SAUCE: s390/spinlock: add osb memory barrier
    - SAUCE: claim mitigation via observable speculation barrier
  * CVE-2017-5715 (Spectre v2 retpoline)
    - x86/asm: Fix inline asm call constraints for Clang
    - kvm: vmx: Scrub hardware GPRs at VM-exit
    - sysfs/cpu: Add vulnerability folder
    - x86/cpu: Implement CPU vulnerabilites sysfs functions
    - x86/tboot: Unbreak tboot with PTI enabled
    - objtool: Detect jumps to retpoline thunks
    - objtool: Allow alternatives to be ignored
    - x86/retpoline: Add initial retpoline support
    - x86/spectre: Add boot time option to select Spectre v2 mitigation
    - x86/retpoline/crypto: Convert crypto assembler indirect jumps
    - x86/retpoline/entry: Convert entry assembler indirect jumps
    - x86/retpoline/ftrace: Convert ftrace assembler indirect jumps
    - x86/retpoline/hyperv: Convert assembler indirect jumps
    - x86/retpoline/xen: Convert Xen hypercall indirect jumps
    - x86/retpoline/checksum32: Convert assembler indirect jumps
    - x86/retpoline/irq32: Convert assembler indirect jumps
    - x86/retpoline: Fill return stack buffer on vmexit
    - selftests/x86: Add test_vsyscall
    - x86/pti: Fix !PCID and sanitize defines
    - security/Kconfig: Correct the Documentation reference for PTI
    - x86,perf: Disable intel_bts when PTI
    - x86/retpoline: Remove compile time warning
    - [Config] enable CONFIG_GENERIC_CPU_VULNERABILITIES
    - [Config] enable CONFIG_RETPOLINE
    - [Packaging] retpoline -- add call site validation
    - [Config] disable retpoline checks for first upload
  * CVE-2017-5715 (revert embargoed) // CVE-2017-5753 (revert embargoed)
    - Revert "UBUNTU: SAUCE: x86/entry: Fix up retpoline assembler labels"
    - Revert "kvm: vmx: Scrub hardware GPRs at VM-exit"
    - Revert "Revert "x86/svm: Add code to clear registers on VM exit""
    - Revert "UBUNTU: SAUCE: x86/microcode: Extend post microcode reload to
      support IBPB feature -- repair missmerge"
    - Revert "UBUNTU: SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit"
    - Revert "s390/spinlock: add gmb memory barrier"
    - Revert "powerpc: add gmb barrier"
    - Revert "x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature"
    - Revert "x86/svm: Add code to clear registers on VM exit"
    - Revert "x86/svm: Add code to clobber the RSB on VM exit"
    - Revert "KVM: x86: Add speculative control CPUID support for guests"
    - Revert "x86/svm: Set IBPB when running a different VCPU"
    - Revert "x86/svm: Set IBRS value on VM entry and exit"
    - Revert "KVM: SVM: Do not intercept new speculative control MSRs"
    - Revert "x86/microcode: Extend post microcode reload to support IBPB feature"
    - Revert "x86/cpu/AMD: Add speculative control support for AMD"
    - Revert "x86/entry: Use retpoline for syscall's indirect calls"
    - Revert "x86/syscall: Clear unused extra registers on 32-bit compatible
      syscall entrance"
    - Revert "x86/syscall: Clear unused extra registers on syscall entrance"
    - Revert "x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb
      control"
    - Revert "x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature"
    - Revert "x86/kvm: Pad RSB on VM transition"
    - Revert "x86/kvm: Toggle IBRS on VM entry and exit"
    - Revert "x86/kvm: Set IBPB when switching VM"
    - Revert "x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm"
    - Revert "x86/entry: Stuff RSB for entry to kernel for non-SMEP platform"
    - Revert "x86/mm: Only set IBPB when the new thread cannot ptrace current
      thread"
    - Revert "x86/mm: Set IBPB upon context switch"
    - Revert "x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup"
    - Revert "x86/idle: Disable IBRS entering idle and enable it on wakeup"
    - Revert "x86/enter: Use IBRS on syscall and interrupts"
    - Revert "x86/enter: MACROS to set/clear IBRS and set IBPB"
    - Revert "x86/feature: Report presence of IBPB and IBRS control"
    - Revert "x86/feature: Enable the x86 feature to control Speculation"
    - Revert "udf: prevent speculative execution"
    - Revert "net: mpls: prevent speculative execution"
    - Revert "fs: prevent speculative execution"
    - Revert "ipv6: prevent speculative execution"
    - Revert "userns: prevent speculative execution"
    - Revert "Thermal/int340x: prevent speculative execution"
    - Revert "cw1200: prevent speculative execution"
    - Revert "qla2xxx: prevent speculative execution"
    - Revert "p54: prevent speculative execution"
    - Revert "carl9170: prevent speculative execution"
    - Revert "uvcvideo: prevent speculative execution"
    - Revert "x86, bpf, jit: prevent speculative execution when JIT is enabled"
    - Revert "bpf: prevent speculative execution in eBPF interpreter"
    - Revert "locking/barriers: introduce new memory barrier gmb()"
  * Unable to boot with i386 4.13.0-25 / 4.13.0-26 / 4.13.0-31 kernel on Xenial
    / Artful (LP: #1745118)
    - x86/mm: Fix overlap of i386 CPU_ENTRY_AREA with FIX_BTMAP
  * 4.13: unable to increase MTU configuration for GRE devices (LP: #1743746)
    - ip_gre: remove the incorrect mtu limit for ipgre tap
  * CVE-2017-17712
    - net: ipv4: fix for a race condition in raw_sendmsg
  * upload urgency should be medium by default (LP: #1745338)
    - [Packaging] update urgency to medium by default
  * CVE-2017-15115
    - sctp: do not peel off an assoc from one netns to another one
  * CVE-2017-8824
    - dccp: CVE-2017-8824: use-after-free in DCCP code

 -- Timo Aaltonen <email address hidden>  Tue, 13 Feb 2018 10:05:50 +0200
Superseded in xenial-security on 2018-02-21
Superseded in xenial-updates on 2018-02-21
Deleted in xenial-proposed (Reason: moved to -updates)
linux-oem (4.13.0-1020.21) xenial; urgency=low

  * linux-oem: 4.13.0-1020.21 -proposed tracker (LP: #1746017)

  [ Stefan Bader ]
  * Firmware upgrade interface for CAC Reader BCM58102 (LP: #1744041)
    - SAUCE: Support fw upgrade for CAC Reader BCM58102

  * the wifi driver is always hard blocked on a lenovo laptop (LP: #1743672)
    - ACPI: EC: Fix possible issues related to EC initialization order

  * ath9k can't connect to wifi AP (LP: #1727228)
    - ath9k: add MSI support
    - ath9k: add a quirk to set use_msi automatically

  * boot failure on AMD Raven + WesternXT (LP: #1742759)
    - SAUCE: drm/amdgpu: add atpx quirk handling (v2)

  * x86: CFL missing from early quirks (LP: #1742755)
    - drm/i915: add GT number to intel_device_info
    - drm/i915/kbl: Change a KBL pci id to GT2 from GT1.5
    - SAUCE: x86/gpu: add CFL to early quirks

  * [0cf3:e010] QCA6174A XR failed to pair with bt 4.0 device  (LP: #1741166)
    - Bluetooth: btusb: Add support for 0cf3:e010

  * QCA Rome bluetooth failed to work after applying reset-resume quirk
    (LP: #1741206)
    - Revert "Bluetooth: btusb: fix QCA Rome suspend/resume"
    - usb: quirks: Add reset-resume quirk for Dell DW1820 QCA Rome Bluetooth

  * [800 G3 SFF] [800 G3 DM]External microphone of headset(3-ring) is working,
    2-ring mic not working, both not shown in sound settings  (LP: #1740974)
    - ALSA: hda - Add MIC_NO_PRESENCE fixup for 2 HP machines

  * Two front mics can't work on a lenovo machine (LP: #1740973)
    - ALSA: hda - change the location for one mic on a Lenovo machine

  * No external microphone be detected via headset jack on a dell machine
    (LP: #1740972)
    - ALSA: hda - fix headset mic detection issue on a Dell machine

  *  Can't detect external headset via line-out jack on some Dell machines
    (LP: #1740971)
    - ALSA: hda/realtek - Fix Dell AIO LineOut issue

 -- Timo Aaltonen <email address hidden>  Mon, 29 Jan 2018 16:51:18 +0200
Superseded in xenial-security on 2018-02-12
Superseded in xenial-updates on 2018-02-12
Deleted in xenial-proposed (Reason: NBS)
linux-oem (4.13.0-1019.20) xenial; urgency=low

  [ Ubuntu: 4.13.0-32.35 ]

  * CVE-2017-5715 // CVE-2017-5753
    - SAUCE: x86/entry: Fix up retpoline assembler labels

  [ Ubuntu: 4.13.0-31.34 ]

  * linux: 4.13.0-31.34 -proposed tracker (LP: #1744294)
  * CVE-2017-5715 // CVE-2017-5753
    - SAUCE: s390: improve cpu alternative handling for gmb and nobp
    - SAUCE: s390: print messages for gmb and nobp
    - [Config] KERNEL_NOBP=y

 -- Stefan Bader <email address hidden>  Thu, 25 Jan 2018 12:06:47 +0100
Deleted in xenial-proposed on 2018-02-01 (Reason: NBS)
linux-oem (4.13.0-1018.19) xenial; urgency=low

  * Firmware upgrade interface for CAC Reader BCM58102 (LP: #1744041)
    - SAUCE: Support fw upgrade for CAC Reader BCM58102

  * the wifi driver is always hard blocked on a lenovo laptop (LP: #1743672)
    - ACPI: EC: Fix possible issues related to EC initialization order

  * ath9k can't connect to wifi AP (LP: #1727228)
    - ath9k: add MSI support
    - ath9k: add a quirk to set use_msi automatically

  * boot failure on AMD Raven + WesternXT (LP: #1742759)
    - SAUCE: drm/amdgpu: add atpx quirk handling (v2)

  * x86: CFL missing from early quirks (LP: #1742755)
    - drm/i915: add GT number to intel_device_info
    - drm/i915/kbl: Change a KBL pci id to GT2 from GT1.5
    - SAUCE: x86/gpu: add CFL to early quirks

  * [0cf3:e010] QCA6174A XR failed to pair with bt 4.0 device  (LP: #1741166)
    - Bluetooth: btusb: Add support for 0cf3:e010

  * QCA Rome bluetooth failed to work after applying reset-resume quirk
    (LP: #1741206)
    - Revert "Bluetooth: btusb: fix QCA Rome suspend/resume"
    - usb: quirks: Add reset-resume quirk for Dell DW1820 QCA Rome Bluetooth

  * [800 G3 SFF] [800 G3 DM]External microphone of headset(3-ring) is working,
    2-ring mic not working, both not shown in sound settings  (LP: #1740974)
    - ALSA: hda - Add MIC_NO_PRESENCE fixup for 2 HP machines

  * Two front mics can't work on a lenovo machine (LP: #1740973)
    - ALSA: hda - change the location for one mic on a Lenovo machine

  * No external microphone be detected via headset jack on a dell machine
    (LP: #1740972)
    - ALSA: hda - fix headset mic detection issue on a Dell machine

  *  Can't detect external headset via line-out jack on some Dell machines
    (LP: #1740971)
    - ALSA: hda/realtek - Fix Dell AIO LineOut issue

 -- Timo Aaltonen <email address hidden>  Tue, 23 Jan 2018 15:19:28 +0200
Superseded in xenial-security on 2018-01-26
Superseded in xenial-updates on 2018-01-26
Deleted in xenial-proposed (Reason: NBS)
linux-oem (4.13.0-1017.18) xenial; urgency=low

  * linux-oem: 4.13.0-1017.18 -proposed tracker (LP: #1743418)

  * Realtek card reader - RTS5243 [VEN_10EC&DEV_5260] (LP: #1737673)
    - mmc: rtsx: fix tuning fail on gen3 PCI-Express
    - mfd: rts5249: Add support for RTS5250S power saving
    - misc: rtsx: Move Realtek Card Reader Driver to misc
    - misc: rtsx: Add support for RTS5260
    - misc: rtsx: Fix symbol clashes
    - [Config] update configs for RTSX

  * Realtek card reader power consumption issue (LP: #1743516)
    - mfd: Fix RTS5227 (and others) powermanagement

  [ Ubuntu: 4.13.0-30.33 ]

  * linux: 4.13.0-30.33 -proposed tracker (LP: #1743412)
  * Do not duplicate changelog entries assigned to more than one bug or CVE
    (LP: #1743383)
    - [Packaging] git-ubuntu-log -- handle multiple bugs/cves better
  * Unable to handle kernel NULL pointer dereference at isci_task_abort_task
    (LP: #1726519)
    - Revert "scsi: libsas: allow async aborts"
  * CVE-2017-5715 // CVE-2017-5753
    - SAUCE: x86/microcode: Extend post microcode reload to support IBPB feature
      -- repair missmerge
    - Revert "x86/svm: Add code to clear registers on VM exit"
    - kvm: vmx: Scrub hardware GPRs at VM-exit

Deleted in xenial-proposed on 2018-01-17 (Reason: NBS)
linux-oem (4.13.0-1016.17) xenial; urgency=low

  * linux-oem: 4.13.0-1016.17 -proposed tracker (LP: #1742728)

  * Add support for Realtek Bluetooth device [0bda:b00a] (LP: #1742613)
    - SAUCE: Import Bluetooth driver for Realtek 8821CE
    - SAUCE: Make rtl8821ce-bt work with 0bda:b00a only
    - SAUCE: rtl8821ce-bt: append device ID to config filename
    - SAUCE: bluetooth: Blacklist 0bda:b00a
    - SAUCE: build ubuntu/rtl8821ce-bt for x86 only

  * Add support for Realtek WiFi device [10ec:c821] (LP: #1740231)
    - SAUCE: Import RTL8821CE driver
    - SAUCE: Add ubuntu/rtl8821ce into build script
    - SAUCE: Sync ubuntu/rtl8821ce with a new release from Realtek

  * External HDMI monitor failed to show screen on Lenovo X1 series
    (LP: #1738523)
    - SAUCE: drm/i915: Disable writing of TMDS_OE on Lenovo ThinkPad X1 series

  * Support realtek new codec alc257 in the alsa hda driver  (LP: #1738911)
    - ALSA: hda/realtek - New codec support for ALC257

  * QCA Rome bluetooth can not wakeup after USB runtime suspended.
    (LP: #1737890)
    - Bluetooth: btusb: driver to enable the usb-wakeup feature

  * Intel 9260/9462/9560 can't connect to 5GHz AP (LP: #1736639)
    - iwlwifi: mvm: enable RX offloading with TKIP and WEP
    - iwlwifi: mvm: mark MIC stripped MPDUs

  * [Artful][Wyse 3040] System hang when trying to enable an offlined CPU core
    (LP: #1736393)
    - SAUCE: drm/i915:Don't set chip specific data
    - SAUCE: drm/i915: make previous commit affects Wyse 3040 only

  * Touchpad stops working after a few seconds in Lenovo ideapad 320
    (LP: #1732056)
    - pinctrl/amd: fix masking of GPIO interrupts

  [ Ubuntu: 4.13.0-29.32 ]

  * linux: 4.13.0-29.32 -proposed tracker (LP: #1742722)
  * CVE-2017-5754
    - Revert "x86/cpu: Implement CPU vulnerabilites sysfs functions"
    - Revert "sysfs/cpu: Fix typos in vulnerability documentation"
    - Revert "sysfs/cpu: Add vulnerability folder"
    - Revert "UBUNTU: [Config] updateconfigs to enable
      GENERIC_CPU_VULNERABILITIES"

  [ Ubuntu: 4.13.0-28.31 ]

  * CVE-2017-5753
    - SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit
  * CVE-2017-5715
    - SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit

  [ Ubuntu: 4.13.0-27.30 ]

  * CVE-2017-5753
    - locking/barriers: introduce new memory barrier gmb()
    - bpf: prevent speculative execution in eBPF interpreter
    - x86, bpf, jit: prevent speculative execution when JIT is enabled
    - uvcvideo: prevent speculative execution
    - carl9170: prevent speculative execution
    - p54: prevent speculative execution
    - qla2xxx: prevent speculative execution
    - cw1200: prevent speculative execution
    - Thermal/int340x: prevent speculative execution
    - userns: prevent speculative execution
    - ipv6: prevent speculative execution
    - fs: prevent speculative execution
    - net: mpls: prevent speculative execution
    - udf: prevent speculative execution
    - x86/feature: Enable the x86 feature to control Speculation
    - x86/feature: Report presence of IBPB and IBRS control
    - x86/enter: MACROS to set/clear IBRS and set IBPB
    - x86/enter: Use IBRS on syscall and interrupts
    - x86/idle: Disable IBRS entering idle and enable it on wakeup
    - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup
    - x86/mm: Set IBPB upon context switch
    - x86/mm: Only set IBPB when the new thread cannot ptrace current thread
    - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform
    - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm
    - x86/kvm: Set IBPB when switching VM
    - x86/kvm: Toggle IBRS on VM entry and exit
    - x86/kvm: Pad RSB on VM transition
    - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature
    - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control
    - x86/syscall: Clear unused extra registers on syscall entrance
    - x86/syscall: Clear unused extra registers on 32-bit compatible syscall
      entrance
    - x86/entry: Use retpoline for syscall's indirect calls
    - x86/cpu/AMD: Add speculative control support for AMD
    - x86/microcode: Extend post microcode reload to support IBPB feature
    - KVM: SVM: Do not intercept new speculative control MSRs
    - x86/svm: Set IBRS value on VM entry and exit
    - x86/svm: Set IBPB when running a different VCPU
    - KVM: x86: Add speculative control CPUID support for guests
    - x86/svm: Add code to clobber the RSB on VM exit
    - x86/svm: Add code to clear registers on VM exit
    - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature
    - powerpc: add gmb barrier
    - s390/spinlock: add gmb memory barrier
    - x86/microcode/AMD: Add support for fam17h microcode loading
  * CVE-2017-5715
    - locking/barriers: introduce new memory barrier gmb()
    - bpf: prevent speculative execution in eBPF interpreter
    - x86, bpf, jit: prevent speculative execution when JIT is enabled
    - uvcvideo: prevent speculative execution
    - carl9170: prevent speculative execution
    - p54: prevent speculative execution
    - qla2xxx: prevent speculative execution
    - cw1200: prevent speculative execution
    - Thermal/int340x: prevent speculative execution
    - userns: prevent speculative execution
    - ipv6: prevent speculative execution
    - fs: prevent speculative execution
    - net: mpls: prevent speculative execution
    - udf: prevent speculative execution
    - x86/feature: Enable the x86 feature to control Speculation
    - x86/feature: Report presence of IBPB and IBRS control
    - x86/enter: MACROS to set/clear IBRS and set IBPB
    - x86/enter: Use IBRS on syscall and interrupts
    - x86/idle: Disable IBRS entering idle and enable it on wakeup
    - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup
    - x86/mm: Set IBPB upon context switch
    - x86/mm: Only set IBPB when the new thread cannot ptrace current thread
    - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform
    - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm
    - x86/kvm: Set IBPB when switching VM
    - x86/kvm: Toggle IBRS on VM entry and exit
    - x86/kvm: Pad RSB on VM transition
    - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature
    - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control
    - x86/syscall: Clear unused extra registers on syscall entrance
    - x86/syscall: Clear unused extra registers on 32-bit compatible syscall
      entrance
    - x86/entry: Use retpoline for syscall's indirect calls
    - x86/cpu/AMD: Add speculative control support for AMD
    - x86/microcode: Extend post microcode reload to support IBPB feature
    - KVM: SVM: Do not intercept new speculative control MSRs
    - x86/svm: Set IBRS value on VM entry and exit
    - x86/svm: Set IBPB when running a different VCPU
    - KVM: x86: Add speculative control CPUID support for guests
    - x86/svm: Add code to clobber the RSB on VM exit
    - x86/svm: Add code to clear registers on VM exit
    - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature
    - powerpc: add gmb barrier
    - s390/spinlock: add gmb memory barrier
    - x86/microcode/AMD: Add support for fam17h microcode loading
  * CVE-2017-5754
    - x86/pti: Enable PTI by default
    - x86/pti: Make sure the user/kernel PTEs match
    - x86/dumpstack: Fix partial register dumps
    - x86/dumpstack: Print registers for first stack frame
    - x86/process: Define cpu_tss_rw in same section as declaration
    - x86/mm: Set MODULES_END to 0xffffffffff000000
    - x86/mm: Map cpu_entry_area at the same place on 4/5 level
    - x86/kaslr: Fix the vaddr_end mess
    - x86/events/intel/ds: Use the proper cache flush method for mapping ds
      buffers
    - x86/tlb: Drop the _GPL from the cpu_tlbstate export
    - x86/alternatives: Add missing '\n' at end of ALTERNATIVE inline asm
    - x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN
    - x86/pti: Unbreak EFI old_memmap
    - x86/Documentation: Add PTI description
    - x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]
    - sysfs/cpu: Add vulnerability folder
    - x86/cpu: Implement CPU vulnerabilites sysfs functions
    - x86/tboot: Unbreak tboot with PTI enabled
    - x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*()
    - x86/cpu/AMD: Make LFENCE a serializing instruction
    - x86/cpu/AMD: Use LFENCE_RDTSC in preference to MFENCE_RDTSC
    - sysfs/cpu: Fix typos in vulnerability documentation
    - x86/alternatives: Fix optimize_nops() checking
    - x86/pti: Make unpoison of pgd for trusted boot work for real
    - s390: introduce CPU alternatives
    - s390: add ppa to kernel entry / exit
    - SAUCE: powerpc: Secure memory rfi flush
    - SAUCE: rfi-flush: Make DEBUG_RFI a CONFIG option
    - SAUCE: rfi-flush: Add HRFI_TO_UNKNOWN and use it in denorm
    - SAUCE: rfi-flush: kvmppc_skip_(H)interrupt returns to host kernel
    - SAUCE: KVM: Revert the implementation of H_GET_CPU_CHARACTERISTICS
    - SAUCE: rfi-flush: Implement congruence-first fallback flush
    - SAUCE: rfi-flush: Make l1d_flush_type bit flags
    - SAUCE: rfi-flush: Push the instruction selection down to the patching
      routine
    - SAUCE: rfi-flush: Expand the RFI section to two nop slots
    - SAUCE: rfi-flush: Support more than one flush type at once
    - SAUCE: rfi-flush: Allow HV to advertise multiple flush types
    - SAUCE: rfi-flush: Add speculation barrier before ori 30,30,0 flush
    - SAUCE: rfi-flush: Add barriers to the fallback L1D flushing
    - SAUCE: rfi-flush: Rework powernv logic to be more cautious
    - SAUCE: rfi-flush: Rework pseries logic to be more cautious
    - SAUCE: rfi-flush: Put the fallback flushes in the real trampoline section
    - SAUCE: rfi-flush: Fix the fallback flush to actually activate
    - SAUCE: rfi-flush: Fix HRFI_TO_UNKNOWN
    - SAUCE: rfi-flush: Refactor the macros so the nops are defined once
    - SAUCE: rfi-flush: Add no_rfi_flush and nopti comandline options
    - SAUCE: rfi-flush: Use rfi-flush in printks
    - SAUCE: rfi-flush: Fallback flush add load dependency
    - SAUCE: rfi-flush: Fix the 32-bit KVM build
    - SAUCE: rfi-flush: Fix some RFI conversions in the KVM code
    - SAUCE: rfi-flush: Make the fallback robust against memory corruption
    - [Config] Disable CONFIG_PPC_DEBUG_RFI
    - [Config] updateconfigs to enable GENERIC_CPU_VULNERABILITIES
  * powerpc: flush L1D on return to use (LP: #1742772)
    - SAUCE: powerpc: Secure memory rfi flush
    - SAUCE: rfi-flush: Make DEBUG_RFI a CONFIG option
    - SAUCE: rfi-flush: Add HRFI_TO_UNKNOWN and use it in denorm
    - SAUCE: rfi-flush: kvmppc_skip_(H)interrupt returns to host kernel
    - SAUCE: KVM: Revert the implementation of H_GET_CPU_CHARACTERISTICS
    - SAUCE: rfi-flush: Implement congruence-first fallback flush
    - SAUCE: rfi-flush: Make l1d_flush_type bit flags
    - SAUCE: rfi-flush: Push the instruction selection down to the patching
      routine
    - SAUCE: rfi-flush: Expand the RFI section to two nop slots
    - SAUCE: rfi-flush: Support more than one flush type at once
    - SAUCE: rfi-flush: Allow HV to advertise multiple flush types
    - SAUCE: rfi-flush: Add speculation barrier before ori 30,30,0 flush
    - SAUCE: rfi-flush: Add barriers to the fallback L1D flushing
    - SAUCE: rfi-flush: Rework powernv logic to be more cautious
    - SAUCE: rfi-flush: Rework pseries logic to be more cautious
    - SAUCE: rfi-flush: Put the fallback flushes in the real trampoline section
    - SAUCE: rfi-flush: Fix the fallback flush to actually activate
    - SAUCE: rfi-flush: Fix HRFI_TO_UNKNOWN
    - SAUCE: rfi-flush: Refactor the macros so the nops are defined once
    - SAUCE: rfi-flush: Add no_rfi_flush and nopti comandline options
    - SAUCE: rfi-flush: Use rfi-flush in printks
    - SAUCE: rfi-flush: Fallback flush add load dependency
    - SAUCE: rfi-flush: Fix the 32-bit KVM build
    - SAUCE: rfi-flush: Fix some RFI conversions in the KVM code
    - SAUCE: rfi-flush: Make the fallback robust against memory corruption
    - [Config] Disable CONFIG_PPC_DEBUG_RFI
  * s390: add ppa to kernel entry/exit (LP: #1742771)
    - s390: introduce CPU alternatives
    - s390: add ppa to kernel entry / exit

 -- Kleber Sacilotto de Souza <email address hidden>  Fri, 12 Jan 2018 15:41:21 +0100
Superseded in xenial-security on 2018-01-22
Superseded in xenial-updates on 2018-01-22
Deleted in xenial-proposed (Reason: moved to -updates)
linux-oem (4.13.0-1015.16) xenial; urgency=low

  * linux-oem: 4.13.0-1015.16 -proposed tracker (LP: #1741958)

  [ Ubuntu: 4.13.0-25.29 ]

  * linux: 4.13.0-25.29 -proposed tracker (LP: #1741955)
  * CVE-2017-5754
    - Revert "UBUNTU: [Config] updateconfigs to enable PTI"
    - [Config] Enable PTI with UNWINDER_FRAME_POINTER

Deleted in xenial-proposed on 2018-01-09 (Reason: NBS)
linux-oem (4.13.0-1013.14) xenial; urgency=low

  * linux-oem: 4.13.0-1013.14 -proposed tracker (LP: #1738797)

  * Support realtek new codec alc257 in the alsa hda driver  (LP: #1738911)
    - ALSA: hda/realtek - New codec support for ALC257

  * QCA Rome bluetooth can not wakeup after USB runtime suspended.
    (LP: #1737890)
    - Bluetooth: btusb: driver to enable the usb-wakeup feature

  * Intel 9260/9462/9560 can't connect to 5GHz AP (LP: #1736639)
    - iwlwifi: mvm: enable RX offloading with TKIP and WEP
    - iwlwifi: mvm: mark MIC stripped MPDUs

  * [Artful][Wyse 3040] System hang when trying to enable an offlined CPU core
    (LP: #1736393)
    - SAUCE: drm/i915:Don't set chip specific data
    - SAUCE: drm/i915: make previous commit affects Wyse 3040 only

  * Touchpad stops working after a few seconds in Lenovo ideapad 320
    (LP: #1732056)
    - pinctrl/amd: fix masking of GPIO interrupts

  * Miscellaneous upstream changes
    - Ubuntu: Rebase to 4.13.0-22.25

  [ Ubuntu: 4.13.0-22.25 ]

  * linux: 4.13.0-22.25 -proposed tracker (LP: #1738791)
  * CVE-2017-15115
    - sctp: do not peel off an assoc from one netns to another one
  * CVE-2017-8824
    - dccp: CVE-2017-8824: use-after-free in DCCP code

 -- Timo Aaltonen <email address hidden>  Tue, 19 Dec 2017 17:39:44 +0200

Available diffs

Superseded in xenial-security on 2018-01-09
Superseded in xenial-updates on 2018-01-09
Deleted in xenial-proposed (Reason: NBS)
linux-oem (4.13.0-1012.13) xenial; urgency=low

  * linux-oem: 4.13.0-1012.13 -proposed tracker (LP: #1738862)

  * Ubuntu 17.10 corrupting BIOS - many LENOVO laptops models (LP: #1734147)
    - [Config] CONFIG_SPI_INTEL_SPI_PLATFORM=n

  [ Ubuntu: 4.13.0-21.24 ]

  * linux: 4.13.0-21.24 -proposed tracker (LP: #1738823)
  * Ubuntu 17.10 corrupting BIOS - many LENOVO laptops models (LP: #1734147)
    - [Config] CONFIG_SPI_INTEL_SPI_PLATFORM=n

 -- Thadeu Lima de Souza Cascardo <email address hidden>  Mon, 18 Dec 2017 17:34:18 -0200
Superseded in xenial-security on 2017-12-21
Superseded in xenial-updates on 2017-12-21
Deleted in xenial-proposed (Reason: moved to -updates)
linux-oem (4.13.0-1010.11) xenial; urgency=low

  * linux-oem: 4.13.0-1010.11 -proposed tracker (LP: #1736124)

  [ Ubuntu: 4.13.0-19.22 ]

  * linux: 4.13.0-19.22 -proposed tracker (LP: #1736118)
  * CVE-2017-1000405
    - mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d()

Deleted in xenial-proposed on 2017-12-06 (Reason: NBS)
linux-oem (4.13.0-1009.10) xenial; urgency=low

  * linux-oem: 4.13.0-1009.10 -proposed tracker (LP: #1733532)

  * Intel 9260/9462/9560 driver support (LP: #1734242)
    - iwlwifi: refactor out paging code
    - iwlwifi: refactor shared mem parsing
    - iwlwifi: reorganize firmware API
    - iwlwifi: mvm: support version 7 of the SCAN_REQ_UMAC FW command
    - iwlwifi: fix PCI IDs and configuration mapping for 9000 series
    - iwlwifi: fix firmware names for 9000 and A000 series hw

  * QCA Rome bluetooth connection cannot be established after S3  (LP: #1734020)
    - Bluetooth: btusb: fix QCA Rome suspend/resume

  * elantech touchpad of Lenovo L480/580 failed to detect hw_version
    (LP: #1733605)
    - Input: elantech - add new icbody type 15

  * AQUANTIA AQC107 10G[1D6A:0001] & 2.5/5Gb [1D6A:D108] NIC (LP: #1730544)
    - net: aquantia: Bad udp rate on default interrupt coalescing
    - aquantia: Fix Tx queue hangups
    - net: aquantia: Reset nic statistics on interface up/down
    - net: aquantia: Enable coalescing management via ethtool interface
    - net: aquantia: mmio unmap was not performed on driver removal
    - net: aquantia: Limit number of MSIX irqs to the number of cpus
    - net: aquantia: Fixed transient link up/down/up notification
    - net: aquantia: Add queue restarts stats counter
    - net: aquantia: Reset nic statistics on interface up/down

  * Miscellaneous Ubuntu changes
    - Rebase to 4.13.0-18.21

  * Miscellaneous upstream changes
    - Ubuntu: [Config] update configs following rebase to Ubuntu-4.13.0-18.21

  [ Ubuntu: 4.13.0-18.21 ]

  * linux: 4.13.0-18.21 -proposed tracker (LP: #1733530)
  * NVMe timeout is too short (LP: #1729119)
    - nvme: update timeout module parameter type
  * CPU call trace on AMD Raven Ridge after S3 (LP: #1732894)
    - x86/mce/AMD: Allow any CPU to initialize the smca_banks array
  * Set PANIC_TIMEOUT=10 on Power Systems (LP: #1730660)
    - [Config]: Set PANIC_TIMEOUT=10 on ppc64el
  * Cannot pair BLE remote devices when using combo BT SoC (LP: #1731467)
    - Bluetooth: increase timeout for le auto connections
  * enable CONFIG_SND_SOC_INTEL_BYT_CHT_NOCODEC_MACH easily confuse users
    (LP: #1732627)
    - [Config] CONFIG_SND_SOC_INTEL_BYT_CHT_NOCODEC_MACH=n
  * Plantronics P610 does not support sample rate reading (LP: #1719853)
    - ALSA: usb-audio: Add sample rate quirk for Plantronics P610
  * Allow drivers to use Relaxed Ordering on capable root ports (LP: #1721365)
    - Revert commit 1a8b6d76dc5b ("net:add one common config...")
    - net: ixgbe: Use new PCI_DEV_FLAGS_NO_RELAXED_ORDERING flag
  * support GICv3 ITS save/restore & migration (LP: #1710019)
    - KVM: arm/arm64: vgic-its: Fix return value for device table restore
  * Device hotplugging with MPT SAS cannot work for VMWare ESXi (LP: #1730852)
    - scsi: mptsas: Fixup device hotplug for VMWare ESXi
  * Artful update to 4.13.13 stable release (LP: #1732726)
    - netfilter: nat: Revert "netfilter: nat: convert nat bysrc hash to
      rhashtable"
    - netfilter: nft_set_hash: disable fast_ops for 2-len keys
    - workqueue: Fix NULL pointer dereference
    - crypto: ccm - preserve the IV buffer
    - crypto: x86/sha1-mb - fix panic due to unaligned access
    - crypto: x86/sha256-mb - fix panic due to unaligned access
    - KEYS: fix NULL pointer dereference during ASN.1 parsing [ver #2]
    - ACPI / PM: Blacklist Low Power S0 Idle _DSM for Dell XPS13 9360
    - ARM: 8720/1: ensure dump_instr() checks addr_limit
    - ALSA: timer: Limit max instances per timer
    - ALSA: usb-audio: support new Amanero Combo384 firmware version
    - ALSA: hda - fix headset mic problem for Dell machines with alc274
    - ALSA: seq: Fix OSS sysex delivery in OSS emulation
    - ALSA: seq: Avoid invalid lockdep class warning
    - MIPS: Fix CM region target definitions
    - MIPS: BMIPS: Fix missing cbr address
    - MIPS: AR7: Defer registration of GPIO
    - MIPS: AR7: Ensure that serial ports are properly set up
    - KVM: PPC: Book3S HV: Fix exclusion between HPT resizing and other HPT
      updates
    - Input: elan_i2c - add ELAN060C to the ACPI table
    - rbd: use GFP_NOIO for parent stat and data requests
    - drm/vmwgfx: Fix Ubuntu 17.10 Wayland black screen issue
    - Revert "x86: CPU: Fix up "cpu MHz" in /proc/cpuinfo"
    - can: sun4i: handle overrun in RX FIFO
    - can: peak: Add support for new PCIe/M2 CAN FD interfaces
    - can: ifi: Fix transmitter delay calculation
    - can: c_can: don't indicate triple sampling support for D_CAN
    - x86/debug: Handle warnings before the notifier chain, to fix KGDB crash
    - x86/smpboot: Make optimization of delay calibration work correctly
    - x86/oprofile/ppro: Do not use __this_cpu*() in preemptible context
    - Linux 4.13.13
  * ELANTECH Touchpad is not detected in 'Lenovo Ideapad 320 14AST' after fresh
    install (LP: #1727544)
    - Input: elan_i2c - add ELAN060C to the ACPI table
  * Power8 Nest PMU Instrumentation support (LP: #1481347)
    - powerpc/powernv: Add IMC OPAL APIs
    - powerpc/powernv: Detect and create IMC device
    - powerpc/perf: Add nest IMC PMU support
    - powerpc/perf: Add core IMC PMU support
    - powerpc/perf: Add thread IMC PMU support
    - powerpc/perf: Fix double unlock in imc_common_cpuhp_mem_free()
    - powerpc/perf/imc: Fix nest events on muti socket system
    - powerpc/powernv: Fix build error in opal-imc.c when NUMA=n
    - powerpc/perf: Fix usage of nest_imc_refc
    - powerpc/perf: Fix for core/nest imc call trace on cpuhotplug
    - powerpc/perf: Add ___GFP_NOWARN flag to alloc_pages_node()
    - powerpc/perf: Fix IMC initialization crash
  * Artful update to 4.13.12 stable release (LP: #1731971)
    - ALSA: timer: Add missing mutex lock for compat ioctls
    - ALSA: seq: Fix nested rwsem annotation for lockdep splat
    - cifs: check MaxPathNameComponentLength != 0 before using it
    - KEYS: return full count in keyring_read() if buffer is too small
    - KEYS: trusted: fix writing past end of buffer in trusted_read()
    - KEYS: fix out-of-bounds read during ASN.1 parsing
    - ASoC: adau17x1: Workaround for noise bug in ADC
    - virtio_blk: Fix an SG_IO regression
    - arm64: ensure __dump_instr() checks addr_limit
    - KVM: arm64: its: Fix missing dynamic allocation check in scan_its_table
    - arm/arm64: KVM: set right LR register value for 32 bit guest when inject
      abort
    - arm/arm64: kvm: Disable branch profiling in HYP code
    - ARM: dts: mvebu: pl310-cache disable double-linefill
    - ARM: 8715/1: add a private asm/unaligned.h
    - drm/amdgpu: return -ENOENT from uvd 6.0 early init for harvesting
    - drm/amdgpu: allow harvesting check for Polaris VCE
    - userfaultfd: hugetlbfs: prevent UFFDIO_COPY to fill beyond the end of i_size
    - ocfs2: fstrim: Fix start offset of first cluster group during fstrim
    - fs/hugetlbfs/inode.c: fix hwpoison reserve accounting
    - mm, swap: fix race between swap count continuation operations
    - drm/i915: Do not rely on wm preservation for ILK watermarks
    - drm/i915/edp: read edp display control registers unconditionally
    - Revert "powerpc64/elfv1: Only dereference function descriptor for non-text
      symbols"
    - MIPS: bpf: Fix a typo in build_one_insn()
    - MIPS: smp-cmp: Use right include for task_struct
    - MIPS: microMIPS: Fix incorrect mask in insn_table_MM
    - MIPS: SMP: Fix deadlock & online race
    - Revert "x86: do not use cpufreq_quick_get() for /proc/cpuinfo "cpu MHz""
    - x86: CPU: Fix up "cpu MHz" in /proc/cpuinfo
    - powerpc/kprobes: Dereference function pointers only if the address does not
      belong to kernel text
    - futex: Fix more put_pi_state() vs. exit_pi_state_list() races
    - perf/cgroup: Fix perf cgroup hierarchy support
    - x86/mcelog: Get rid of RCU remnants
    - irqchip/irq-mvebu-gicp: Add missing spin_lock init
    - Linux 4.13.12
  * Artful update to 4.13.11 stable release (LP: #1731961)
    - workqueue: replace pool->manager_arb mutex with a flag
    - nvme-fc: fix iowait hang
    - ALSA: hda/realtek - Add support for ALC236/ALC3204
    - ALSA: hda - fix headset mic problem for Dell machines with alc236
    - ceph: unlock dangling spinlock in try_flush_caps()
    - Fix tracing sample code warning.
    - KVM: PPC: Fix oops when checking KVM_CAP_PPC_HTM
    - KVM: PPC: Book3S HV: POWER9 more doorbell fixes
    - KVM: PPC: Book3S: Protect kvmppc_gpa_to_ua() with SRCU
    - s390/kvm: fix detection of guest machine checks
    - nbd: handle interrupted sendmsg with a sndtimeo set
    - spi: uapi: spidev: add missing ioctl header
    - spi: a3700: Return correct value on timeout detection
    - spi: bcm-qspi: Fix use after free in bcm_qspi_probe() in error path
    - spi: armada-3700: Fix failing commands with quad-SPI
    - ovl: add NULL check in ovl_alloc_inode
    - ovl: fix EIO from lookup of non-indexed upper
    - ovl: handle ENOENT on index lookup
    - ovl: do not cleanup unsupported index entries
    - fuse: fix READDIRPLUS skipping an entry
    - xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap()
    - xen: fix booting ballooned down hvm guest
    - cifs: Select all required crypto modules
    - CIFS: Fix NULL pointer deref on SMB2_tcon() failure
    - Input: elan_i2c - add ELAN0611 to the ACPI table
    - Input: gtco - fix potential out-of-bound access
    - Fix encryption labels and lengths for SMB3.1.1
    - SMB3: Validate negotiate request must always be signed
    - assoc_array: Fix a buggy node-splitting case
    - scsi: zfcp: fix erp_action use-before-initialize in REC action trace
    - scsi: aacraid: Fix controller initialization failure
    - scsi: qla2xxx: Initialize Work element before requesting IRQs
    - scsi: sg: Re-fix off by one in sg_fill_request_table()
    - x86/cpu/AMD: Apply the Erratum 688 fix when the BIOS doesn't
    - drm/amd/powerplay: fix uninitialized variable
    - drm/i915/perf: fix perf enable/disable ioctls with 32bits userspace
    - can: sun4i: fix loopback mode
    - can: kvaser_usb: Correct return value in printout
    - can: kvaser_usb: Ignore CMD_FLUSH_QUEUE_REPLY messages
    - cfg80211: fix connect/disconnect edge cases
    - ipsec: Fix aborted xfrm policy dump crash
    - regulator: fan53555: fix I2C device ids
    - powerpc/xive: Fix the size of the cpumask used in xive_find_target_in_mask()
    - Linux 4.13.11
  * Touchpad not detected - Lenovo ideapad 320-15IKB (LP: #1723736)
    - Input: elan_i2c - add ELAN0611 to the ACPI table
  * Artful update to 4.13.10 stable release (LP: #1731951)
    - staging: bcm2835-audio: Fix memory corruption
    - USB: devio: Revert "USB: devio: Don't corrupt user memory"
    - USB: core: fix out-of-bounds access bug in usb_get_bos_descriptor()
    - USB: serial: metro-usb: add MS7820 device id
    - usb: cdc_acm: Add quirk for Elatec TWN3
    - usb: quirks: add quirk for WORLDE MINI MIDI keyboard
    - usb: hub: Allow reset retry for USB2 devices on connect bounce
    - ALSA: usb-audio: Add native DSD support for Pro-Ject Pre Box S2 Digital
    - can: gs_usb: fix busy loop if no more TX context is available
    - scsi: qla2xxx: Fix uninitialized work element
    - nbd: don't set the device size until we're connected
    - s390/cputime: fix guest/irq/softirq times after CPU hotplug
    - parisc: Fix double-word compare and exchange in LWS code on 32-bit kernels
    - parisc: Fix detection of nonsynchronous cr16 cycle counters
    - iio: dummy: events: Add missing break
    - usb: musb: sunxi: Explicitly release USB PHY on exit
    - USB: musb: fix session-bit runtime-PM quirk
    - USB: musb: fix late external abort on suspend
    - usb: musb: musb_cppi41: Fix the address of teardown and autoreq registers
    - usb: musb: musb_cppi41: Fix cppi41_set_dma_mode() for DA8xx
    - usb: musb: musb_cppi41: Configure the number of channels for DA8xx
    - usb: musb: Check for host-mode using is_host_active() on reset interrupt
    - xhci: Identify USB 3.1 capable hosts by their port protocol capability
    - xhci: Cleanup current_cmd in xhci_cleanup_command_queue()
    - usb: xhci: Reset halted endpoint if trb is noop
    - usb: xhci: Handle error condition in xhci_stop_device()
    - can: esd_usb2: Fix can_dlc value for received RTR, frames
    - can: af_can: can_pernet_init(): add missing error handling for kzalloc
      returning NULL
    - can: flexcan: fix state transition regression
    - can: flexcan: rename legacy error state quirk
    - can: flexcan: implement error passive state quirk
    - can: flexcan: fix i.MX6 state transition issue
    - can: flexcan: fix i.MX28 state transition issue
    - can: flexcan: fix p1010 state transition issue
    - KEYS: encrypted: fix dereference of NULL user_key_payload
    - mmc: sdhci-pci: Fix default d3_retune for Intel host controllers
    - drm/i915: Use bdw_ddi_translations_fdi for Broadwell
    - drm/nouveau/kms/nv50: fix oops during DP IRQ handling on non-MST boards
    - drm/nouveau/bsp/g92: disable by default
    - drm/nouveau/mmu: flush tlbs before deleting page tables
    - media: s5p-cec: add NACK detection support
    - media: cec: Respond to unregistered initiators, when applicable
    - media: dvb: i2c transfers over usb cannot be done from stack
    - tracing/samples: Fix creation and deletion of simple_thread_fn creation
    - ALSA: seq: Enable 'use' locking in all configurations
    - ALSA: hda: Remove superfluous '-' added by printk conversion
    - ALSA: hda: Abort capability probe at invalid register read
    - i2c: ismt: Separate I2C block read from SMBus block read
    - i2c: piix4: Fix SMBus port selection for AMD Family 17h chips
    - Revert "tools/power turbostat: stop migrating, unless '-m'"
    - Input: stmfts - fix setting ABS_MT_POSITION_* maximum size
    - brcmfmac: Add check for short event packets
    - brcmsmac: make some local variables 'static const' to reduce stack size
    - ARM: dts: sun6i: Fix endpoint IDs in second display pipeline
    - bus: mbus: fix window size calculation for 4GB windows
    - clockevents/drivers/cs5535: Improve resilience to spurious interrupts
    - rtlwifi: rtl8821ae: Fix connection lost problem
    - x86/microcode/intel: Disable late loading on model 79
    - lib/digsig: fix dereference of NULL user_key_payload
    - fscrypt: fix dereference of NULL user_key_payload
    - ecryptfs: fix dereference of NULL user_key_payload
    - KEYS: Fix race between updating and finding a negative key
    - FS-Cache: fix dereference of NULL user_key_payload
    - KEYS: don't let add_key() update an uninstantiated key
    - pkcs7: Prevent NULL pointer dereference, since sinfo is not always set.
    - arm64: dts: rockchip: correct vqmmc voltage for rk3399 platforms
    - ALSA: hda - Fix incorrect TLV callback check introduced during set_fs()
      removal
    - iomap_dio_rw: Allocate AIO completion queue before submitting dio
    - xfs: don't unconditionally clear the reflink flag on zero-block files
    - xfs: evict CoW fork extents when performing finsert/fcollapse
    - fs/xfs: Use %pS printk format for direct addresses
    - xfs: report zeroed or not correctly in xfs_zero_range()
    - xfs: update i_size after unwritten conversion in dio completion
    - xfs: perag initialization should only touch m_ag_max_usable for AG 0
    - xfs: Capture state of the right inode in xfs_iflush_done
    - xfs: always swap the cow forks when swapping extents
    - xfs: handle racy AIO in xfs_reflink_end_cow
    - xfs: Don't log uninitialised fields in inode structures
    - xfs: move more RT specific code under CONFIG_XFS_RT
    - xfs: don't change inode mode if ACL update fails
    - xfs: reinit btree pointer on attr tree inactivation walk
    - xfs: handle error if xfs_btree_get_bufs fails
    - xfs: cancel dirty pages on invalidation
    - xfs: trim writepage mapping to within eof
    - xfs: move two more RT specific functions into CONFIG_XFS_RT
    - Linux 4.13.10
  * Artful update to 4.13.9 stable release (LP: #1731926)
    - perf pmu: Unbreak perf record for arm/arm64 with events with explicit PMU
    - mm: page_vma_mapped: ensure pmd is loaded with READ_ONCE outside of lock
    - HID: hid-elecom: extend to fix descriptor for HUGE trackball
    - Drivers: hv: vmbus: Fix rescind handling issues
    - Drivers: hv: vmbus: Fix bugs in rescind handling
    - vmbus: simplify hv_ringbuffer_read
    - vmbus: refactor hv_signal_on_read
    - vmbus: eliminate duplicate cached index
    - vmbus: more host signalling avoidance
    - Linux 4.13.9

 -- Timo Aaltonen <email address hidden>  Sun, 26 Nov 2017 18:24:42 +0200

Available diffs

Superseded in xenial-updates on 2017-12-07
Deleted in xenial-proposed (Reason: NBS)
linux-oem (4.13.0-1008.9) xenial; urgency=low

  * Reading HDA audio capability register crashes the kernel (LP: #1730261)
    - ALSA: hda: Abort capability probe at invalid register read

  * The HDMI audio can't work on all Geminilake machines we have (Dell laptops
    or desktops)  (LP: #1731091)
    - SAUCE: drm/i915: Track minimum acceptable cdclk instead of "minimum
      dotclock"
    - SAUCE: drm/i915: Consolidate max_cdclk_freq check in
      intel_crtc_compute_min_cdclk()
    - SAUCE: drm/i915: set minimum CD clock to twice the BCLK.

  * Backport support for Intel Coffee Lake (LP: #1729842)
    - drm/i915: Fix PCH names for KBP and CNP.
    - drm/i915: Stop using long platform names on clock gating functions.
    - drm/i915/cnp: Wa 1181: Fix Backlight issue
    - drm/i915/cnp: Don't touch other PCH clock gating bits.
    - drm/i915/cnp: Display Wa #1179: WaHardHangonHotPlug
    - drm/i915/cfl: Coffee Lake works on Kaby Lake PCH.
    - drm/i915/cfl: Remove alpha support protection.

  * headset mic can't work on laptops with the codec alc236 (LP: #1729500)
    - ALSA: hda/realtek - Add support for ALC236/ALC3204
    - ALSA: hda - fix headset mic problem for Dell machines with alc236

  * Miscellaneous Ubuntu changes
    - [Config] Sync with master
    - [Packaging] Bump debhelper to 9
    - [Config] Sync annotations with master
    - [Packaging] d-i: Drop kernel-versions diff
    - [Packaging] Add aufs-dkms Provides
    - Rebase to 4.13.0-17.20
    - [Config] update configs following rebase to 4.13.0-17.20
    - [Config] Ignore modules turned built-in

  [ Ubuntu: 4.13.0-17.20 ]

  * linux: 4.13.0-17.20 -proposed tracker (LP: #1728927)
  * thunderx2 ahci errata workaround needs additional delays (LP: #1724117)
    - SAUCE: ahci: thunderx2: stop engine fix update
  * usb 3-1: 2:1: cannot get freq at ep 0x1 (LP: #1708499)
    - ALSA: usb-audio: Add sample rate quirk for Plantronics C310/C520-M
  * Plantronics Blackwire C520-M - Cannot get freq at ep 0x1, 0x81
    (LP: #1709282)
    - ALSA: usb-audio: Add sample rate quirk for Plantronics C310/C520-M
  * TSC_DEADLINE incorrectly disabled inside virtual guests (LP: #1724912)
    - x86/apic: Silence "FW_BUG TSC_DEADLINE disabled due to Errata" on CPUs
      without the feature
    - x86/apic: Silence "FW_BUG TSC_DEADLINE disabled due to Errata" on
      hypervisors
  * x86/apic: Update TSC_DEADLINE quirk with additional SKX stepping
    (LP: #1724612)
    - x86/apic: Update TSC_DEADLINE quirk with additional SKX stepping
  * [Artful] Add support for Dell/Wyse 3040 audio codec (LP: #1723916)
    - SAUCE: ASoC: rt5670: Add support for Wyse 3040
  * [Artful] Some Dell Monitors Doesn't Work Well with Dell/Wyse 3040
    (LP: #1723915)
    - SAUCE: drm/i915: Workaround for DP DPMS D3 on Dell monitor
  * [Artful] Support headset mode for DELL WYSE (LP: #1723913)
    - SAUCE: ALSA: hda/realtek - Add support headset mode for DELL WYSE
  * Touchpad and TrackPoint Dose Not Work on Lenovo X1C6 and X280 (LP: #1723986)
    - SAUCE: Input: synaptics-rmi4 - RMI4 can also use SMBUS version 3
    - SAUCE: Input: synaptics - Lenovo X1 Carbon 5 should use SMBUS/RMI
    - SAUCE: Input: synaptics - add Intertouch support on X1 Carbon 6th and X280
  * Artful update to v4.13.8 stable release (LP: #1724669)
    - USB: dummy-hcd: Fix deadlock caused by disconnect detection
    - MIPS: math-emu: Remove pr_err() calls from fpu_emu()
    - MIPS: bpf: Fix uninitialised target compiler error
    - mei: always use domain runtime pm callbacks.
    - dmaengine: edma: Align the memcpy acnt array size with the transfer
    - dmaengine: ti-dma-crossbar: Fix possible race condition with dma_inuse
    - NFS: Fix uninitialized rpc_wait_queue
    - nfs/filelayout: fix oops when freeing filelayout segment
    - HID: usbhid: fix out-of-bounds bug
    - crypto: skcipher - Fix crash on zero-length input
    - crypto: shash - Fix zero-length shash ahash digest crash
    - KVM: MMU: always terminate page walks at level 1
    - KVM: nVMX: fix guest CR4 loading when emulating L2 to L1 exit
    - usb: renesas_usbhs: Fix DMAC sequence for receiving zero-length packet
    - pinctrl/amd: Fix build dependency on pinmux code
    - iommu/amd: Finish TLB flush in amd_iommu_unmap()
    - device property: Track owner device of device property
    - Revert "vmalloc: back off when the current task is killed"
    - fs/mpage.c: fix mpage_writepage() for pages with buffers
    - ALSA: usb-audio: Kill stray URB at exiting
    - ALSA: seq: Fix use-after-free at creating a port
    - ALSA: seq: Fix copy_from_user() call inside lock
    - ALSA: caiaq: Fix stray URB at probe error path
    - ALSA: line6: Fix NULL dereference at podhd_disconnect()
    - ALSA: line6: Fix missing initialization before error path
    - ALSA: line6: Fix leftover URB at error-path during probe
    - drm/atomic: Unref duplicated drm_atomic_state in drm_atomic_helper_resume()
    - drm/i915/edp: Get the Panel Power Off timestamp after panel is off
    - drm/i915: Read timings from the correct transcoder in intel_crtc_mode_get()
    - drm/i915/bios: parse DDI ports also for CHV for HDMI DDC pin and DP AUX
      channel
    - drm/i915: Use crtc_state_is_legacy_gamma in intel_color_check
    - usb: gadget: configfs: Fix memory leak of interface directory data
    - usb: gadget: composite: Fix use-after-free in
      usb_composite_overwrite_options
    - PCI: aardvark: Move to struct pci_host_bridge IRQ mapping functions
    - Revert "PCI: tegra: Do not allocate MSI target memory"
    - direct-io: Prevent NULL pointer access in submit_page_section
    - fix unbalanced page refcounting in bio_map_user_iov
    - more bio_map_user_iov() leak fixes
    - bio_copy_user_iov(): don't ignore ->iov_offset
    - perf script: Add missing separator for "-F ip,brstack" (and brstackoff)
    - genirq/cpuhotplug: Enforce affinity setting on startup of managed irqs
    - genirq/cpuhotplug: Add sanity check for effective affinity mask
    - USB: serial: ftdi_sio: add id for Cypress WICED dev board
    - USB: serial: cp210x: fix partnum regression
    - USB: serial: cp210x: add support for ELV TFD500
    - USB: serial: option: add support for TP-Link LTE module
    - USB: serial: qcserial: add Dell DW5818, DW5819
    - USB: serial: console: fix use-after-free on disconnect
    - USB: serial: console: fix use-after-free after failed setup
    - RAS/CEC: Use the right length for "cec_disable"
    - x86/microcode: Do the family check first
    - x86/alternatives: Fix alt_max_short macro to really be a max()
    - KVM: nVMX: update last_nonleaf_level when initializing nested EPT
    - Linux 4.13.8
  * Artful update to v4.13.7 stable release (LP: #1724668)
    - watchdog: Revert "iTCO_wdt: all versions count down twice"
    - Linux 4.13.7
  * libvirt - vnc port selection regression with newer kernels (LP: #1722702)
    - net: set tb->fast_sk_family
    - net: use inet6_rcv_saddr to compare sockets
    - inet: fix improper empty comparison
  * powerpc/64s: Add workaround for P9 vector CI load issue (LP: #1721070)
    - powerpc/mce: Move 64-bit machine check code into mce.c
    - powerpc/64s: Add workaround for P9 vector CI load issue
  * Artful update to v4.13.6 stable release (LP: #1723145)
    - imx-media-of: avoid uninitialized variable warning
    - usb: dwc3: ep0: fix DMA starvation by assigning req->trb on ep0
    - mlxsw: spectrum: Fix EEPROM access in case of SFP/SFP+
    - net: bonding: Fix transmit load balancing in balance-alb mode if specified
      by sysfs
    - openvswitch: Fix an error handling path in 'ovs_nla_init_match_and_action()'
    - mlxsw: spectrum: Prevent mirred-related crash on removal
    - net: bonding: fix tlb_dynamic_lb default value
    - net_sched: gen_estimator: fix scaling error in bytes/packets samples
    - net: sched: fix use-after-free in tcf_action_destroy and tcf_del_walker
    - sctp: potential read out of bounds in sctp_ulpevent_type_enabled()
    - tcp: update skb->skb_mstamp more carefully
    - bpf/verifier: reject BPF_ALU64|BPF_END
    - tcp: fix data delivery rate
    - udpv6: Fix the checksum computation when HW checksum does not apply
    - ip6_gre: skb_push ipv6hdr before packing the header in ip6gre_header
    - net: phy: Fix mask value write on gmii2rgmii converter speed register
    - ip6_tunnel: do not allow loading ip6_tunnel if ipv6 is disabled in cmdline
    - net/sched: cls_matchall: fix crash when used with classful qdisc
    - 8139too: revisit napi_complete_done() usage
    - bpf: do not disable/enable BH in bpf_map_free_id()
    - tcp: fastopen: fix on syn-data transmit failure
    - net: emac: Fix napi poll list corruption
    - net: ipv6: fix regression of no RTM_DELADDR sent after DAD failure
    - packet: hold bind lock when rebinding to fanout hook
    - bpf: one perf event close won't free bpf program attached by another perf
      event
    - net: change skb->mac_header when Generic XDP calls adjust_head
    - isdn/i4l: fetch the ppp_write buffer in one shot
    - net_sched: always reset qdisc backlog in qdisc_reset()
    - net: stmmac: Cocci spatch "of_table"
    - net: qcom/emac: specify the correct size when mapping a DMA buffer
    - vti: fix use after free in vti_tunnel_xmit/vti6_tnl_xmit
    - l2tp: fix race condition in l2tp_tunnel_delete
    - tun: bail out from tun_get_user() if the skb is empty
    - net: dsa: mv88e6xxx: Allow dsa and cpu ports in multiple vlans
    - net: dsa: Fix network device registration order
    - packet: in packet_do_bind, test fanout with bind_lock held
    - packet: only test po->has_vnet_hdr once in packet_snd
    - net: dsa: mv88e6xxx: lock mutex when freeing IRQs
    - net: Set sk_prot_creator when cloning sockets to the right proto
    - net/mlx5e: IPoIB, Fix access to invalid memory address
    - netlink: do not proceed if dump's start() errs
    - ip6_gre: ip6gre_tap device should keep dst
    - ip6_tunnel: update mtu properly for ARPHRD_ETHER tunnel device in tx path
    - IPv4: early demux can return an error code
    - tipc: use only positive error codes in messages
    - l2tp: fix l2tp_eth module loading
    - socket, bpf: fix possible use after free
    - net: rtnetlink: fix info leak in RTM_GETSTATS call
    - bpf: fix bpf_tail_call() x64 JIT
    - usb: gadget: core: fix ->udc_set_speed() logic
    - USB: gadgetfs: Fix crash caused by inadequate synchronization
    - USB: gadgetfs: fix copy_to_user while holding spinlock
    - usb: gadget: udc: atmel: set vbus irqflags explicitly
    - usb: gadget: udc: renesas_usb3: fix for no-data control transfer
    - usb: gadget: udc: renesas_usb3: fix Pn_RAMMAP.Pn_MPKT value
    - usb: gadget: udc: renesas_usb3: Fix return value of usb3_write_pipe()
    - usb-storage: unusual_devs entry to fix write-access regression for Seagate
      external drives
    - usb-storage: fix bogus hardware error messages for ATA pass-thru devices
    - usb: renesas_usbhs: fix the BCLR setting condition for non-DCP pipe
    - usb: renesas_usbhs: fix usbhsf_fifo_clear() for RX direction
    - ALSA: usb-audio: Check out-of-bounds access by corrupted buffer descriptor
    - usb: pci-quirks.c: Corrected timeout values used in handshake
    - USB: cdc-wdm: ignore -EPIPE from GetEncapsulatedResponse
    - USB: dummy-hcd: fix connection failures (wrong speed)
    - USB: dummy-hcd: fix infinite-loop resubmission bug
    - USB: dummy-hcd: Fix erroneous synchronization change
    - USB: devio: Prevent integer overflow in proc_do_submiturb()
    - USB: devio: Don't corrupt user memory
    - USB: g_mass_storage: Fix deadlock when driver is unbound
    - USB: uas: fix bug in handling of alternate settings
    - USB: core: harden cdc_parse_cdc_header
    - usb: Increase quirk delay for USB devices
    - USB: fix out-of-bounds in usb_set_configuration
    - usb: xhci: Free the right ring in xhci_add_endpoint()
    - xhci: fix finding correct bus_state structure for USB 3.1 hosts
    - xhci: fix wrong endpoint ESIT value shown in tracing
    - usb: host: xhci-plat: allow sysdev to inherit from ACPI
    - xhci: Fix sleeping with spin_lock_irq() held in ASmedia 1042A workaround
    - Revert "xhci: Limit USB2 port wake support for AMD Promontory hosts"
    - iio: adc: twl4030: Fix an error handling path in 'twl4030_madc_probe()'
    - iio: adc: twl4030: Disable the vusb3v1 rugulator in the error handling path
      of 'twl4030_madc_probe()'
    - iio: ad_sigma_delta: Implement a dedicated reset function
    - staging: iio: ad7192: Fix - use the dedicated reset function avoiding dma
      from stack.
    - iio: core: Return error for failed read_reg
    - IIO: BME280: Updates to Humidity readings need ctrl_reg write!
    - iio: trigger: stm32-timer: preset shouldn't be buffered
    - iio: trigger: stm32-timer: fix a corner case to write preset
    - iio: ad7793: Fix the serial interface reset
    - iio: adc: stm32: fix bad error check on max_channels
    - iio: adc: mcp320x: Fix readout of negative voltages
    - iio: adc: mcp320x: Fix oops on module unload
    - uwb: properly check kthread_run return value
    - uwb: ensure that endpoint is interrupt
    - staging: vchiq_2835_arm: Fix NULL ptr dereference in free_pagelist
    - ksm: fix unlocked iteration over vmas in cmp_and_merge_page()
    - mm, hugetlb, soft_offline: save compound page order before page migration
    - mm, oom_reaper: skip mm structs with mmu notifiers
    - mm: fix RODATA_TEST failure "rodata_test: test data was not read only"
    - mm: avoid marking swap cached page as lazyfree
    - mm: fix data corruption caused by lazyfree page
    - userfaultfd: non-cooperative: fix fork use after free
    - lib/ratelimit.c: use deferred printk() version
    - lsm: fix smack_inode_removexattr and xattr_getsecurity memleak
    - ALSA: compress: Remove unused variable
    - Revert "ALSA: echoaudio: purge contradictions between dimension matrix
      members and total number of members"
    - ALSA: usx2y: Suppress kernel warning at page allocation failures
    - powerpc/powernv: Increase memory block size to 1GB on radix
    - powerpc: Fix action argument for cpufeatures-based TLB flush
    - powerpc/64s: Use emergency stack for kernel TM Bad Thing program checks
    - powerpc/tm: Fix illegal TM state in signal handler
    - percpu: make this_cpu_generic_read() atomic w.r.t. interrupts
    - intel_th: pci: Add Lewisburg PCH support
    - driver core: platform: Don't read past the end of "driver_override" buffer
    - cgroup: Reinit cgroup_taskset structure before cgroup_migrate_execute()
      returns
    - Drivers: hv: fcopy: restore correct transfer length
    - vmbus: don't acquire the mutex in vmbus_hvsock_device_unregister()
    - stm class: Fix a use-after-free
    - auxdisplay: charlcd: properly restore atomic counter on error path
    - ftrace: Fix kmemleak in unregister_ftrace_graph
    - ovl: fix error value printed in ovl_lookup_index()
    - ovl: fix dput() of ERR_PTR in ovl_cleanup_index()
    - ovl: fix dentry leak in ovl_indexdir_cleanup()
    - ovl: fix missing unlock_rename() in ovl_do_copy_up()
    - ovl: fix regression caused by exclusive upper/work dir protection
    - arm64: dt marvell: Fix AP806 system controller size
    - arm64: Ensure the instruction emulation is ready for userspace
    - HID: rmi: Make sure the HID device is opened on resume
    - HID: i2c-hid: allocate hid buffers for real worst case
    - HID: wacom: leds: Don't try to control the EKR's read-only LEDs
    - HID: wacom: Properly report negative values from Intuos Pro 2 Bluetooth
    - HID: wacom: Correct coordinate system of touchring and pen twist
    - HID: wacom: generic: Send MSC_SERIAL and ABS_MISC when leaving prox
    - HID: wacom: generic: Clear ABS_MISC when tool leaves proximity
    - HID: wacom: Always increment hdev refcount within wacom_get_hdev_data
    - HID: wacom: bits shifted too much for 9th and 10th buttons
    - btrfs: avoid overflow when sector_t is 32 bit
    - Btrfs: fix overlap of fs_info::flags values
    - rocker: fix rocker_tlv_put_* functions for KASAN
    - netlink: fix nla_put_{u8,u16,u32} for KASAN
    - dm crypt: reject sector_size feature if device length is not aligned to it
    - dm ioctl: fix alignment of event number in the device list
    - dm crypt: fix memory leak in crypt_ctr_cipher_old()
    - KVM: PPC: Book3S: Fix server always zero from kvmppc_xive_get_xive()
    - kvm/x86: Avoid async PF preempting the kernel incorrectly
    - iwlwifi: mvm: use IWL_HCMD_NOCOPY for MCAST_FILTER_CMD
    - scsi: sd: Implement blacklist option for WRITE SAME w/ UNMAP
    - scsi: sd: Do not override max_sectors_kb sysfs setting
    - brcmfmac: add length check in brcmf_cfg80211_escan_handler()
    - brcmfmac: setup passive scan if requested by user-space
    - drm/i915: always update ELD connector type after get modes
    - drm/i915/bios: ignore HDMI on port A
    - bsg-lib: fix use-after-free under memory-pressure
    - nvme-pci: Use PCI bus address for data/queues in CMB
    - mmc: core: add driver strength selection when selecting hs400es
    - nl80211: Define policy for packet pattern attributes
    - clk: samsung: exynos4: Enable VPLL and EPLL clocks for suspend/resume cycle
    - udp: perform source validation for mcast early demux
    - udp: fix bcast packet reception
    - base: arch_topology: fix section mismatch build warnings
    - Linux 4.13.6
  * Artful update to v4.13.5 stable release (LP: #1721777)
    - cifs: check rsp for NULL before dereferencing in SMB2_open
    - cifs: release cifs root_cred after exit_cifs
    - cifs: release auth_key.response for reconnect.
    - nvme-pci: fix host memory buffer allocation fallback
    - nvme-pci: use appropriate initial chunk size for HMB allocation
    - nvme-pci: propagate (some) errors from host memory buffer setup
    - dax: remove the pmem_dax_ops->flush abstraction
    - dm integrity: do not check integrity for failed read operations
    - mmc: block: Fix incorrectly initialized requests
    - fs/proc: Report eip/esp in /prod/PID/stat for coredumping
    - scsi: scsi_transport_fc: fix NULL pointer dereference in fc_bsg_job_timeout
    - SMB3: Add support for multidialect negotiate (SMB2.1 and later)
    - mac80211: fix VLAN handling with TXQs
    - mac80211_hwsim: Use proper TX power
    - mac80211: flush hw_roc_start work before cancelling the ROC
    - mac80211: fix deadlock in driver-managed RX BA session start
    - genirq: Make sparse_irq_lock protect what it should protect
    - genirq/msi: Fix populating multiple interrupts
    - genirq: Fix cpumask check in __irq_startup_managed()
    - KVM: PPC: Book3S HV: Hold kvm->lock around call to kvmppc_update_lpcr
    - KVM: PPC: Book3S HV: Fix bug causing host SLB to be restored incorrectly
    - KVM: PPC: Book3S HV: Don't access XIVE PIPR register using byte accesses
    - tracing: Fix trace_pipe behavior for instance traces
    - tracing: Erase irqsoff trace with empty write
    - tracing: Remove RCU work arounds from stack tracer
    - md/raid5: fix a race condition in stripe batch
    - md/raid5: preserve STRIPE_ON_UNPLUG_LIST in break_stripe_batch_list
    - scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't parse
      nlmsg properly
    - scsi: aacraid: Fix 2T+ drives on SmartIOC-2000
    - scsi: aacraid: Add a small delay after IOP reset
    - drm/exynos: Fix locking in the suspend/resume paths
    - drm/i915/gvt: Fix incorrect PCI BARs reporting
    - Revert "drm/i915/bxt: Disable device ready before shutdown command"
    - drm/amdgpu: revert tile table update for oland
    - drm/radeon: disable hard reset in hibernate for APUs
    - crypto: drbg - fix freeing of resources
    - crypto: talitos - Don't provide setkey for non hmac hashing algs.
    - crypto: talitos - fix sha224
    - crypto: talitos - fix hashing
    - security/keys: properly zero out sensitive key material in big_key
    - security/keys: rewrite all of big_key crypto
    - KEYS: fix writing past end of user-supplied buffer in keyring_read()
    - KEYS: prevent creating a different user's keyrings
    - KEYS: prevent KEYCTL_READ on negative key
    - libnvdimm, namespace: fix btt claim class crash
    - powerpc/eeh: Create PHB PEs after EEH is initialized
    - powerpc/pseries: Fix parent_dn reference leak in add_dt_node()
    - powerpc/tm: Flush TM only if CPU has TM feature
    - MIPS: Fix perf event init
    - s390/perf: fix bug when creating per-thread event
    - s390/mm: make pmdp_invalidate() do invalidation only
    - s390/mm: fix write access check in gup_huge_pmd()
    - PM: core: Fix device_pm_check_callbacks()
    - Revert "IB/ipoib: Update broadcast object if PKey value was changed in index
      0"
    - Fix SMB3.1.1 guest authentication to Samba
    - SMB3: Fix endian warning
    - SMB3: Warn user if trying to sign connection that authenticated as guest
    - SMB: Validate negotiate (to protect against downgrade) even if signing off
    - SMB3: handle new statx fields
    - SMB3: Don't ignore O_SYNC/O_DSYNC and O_DIRECT flags
    - vfs: Return -ENXIO for negative SEEK_HOLE / SEEK_DATA offsets
    - libceph: don't allow bidirectional swap of pg-upmap-items
    - nl80211: check for the required netlink attributes presence
    - brd: fix overflow in __brd_direct_access
    - gfs2: Fix debugfs glocks dump
    - bsg-lib: don't free job in bsg_prepare_job
    - iw_cxgb4: drop listen destroy replies if no ep found
    - iw_cxgb4: remove the stid on listen create failure
    - iw_cxgb4: put ep reference in pass_accept_req()
    - rcu: Allow for page faults in NMI handlers
    - mmc: sdhci-pci: Fix voltage switch for some Intel host controllers
    - extable: Consolidate *kernel_text_address() functions
    - extable: Enable RCU if it is not watching in kernel_text_address()
    - seccomp: fix the usage of get/put_seccomp_filter() in seccomp_get_filter()
    - arm64: Make sure SPsel is always set
    - arm64: fault: Route pte translation faults via do_translation_fault
    - KVM: VMX: extract __pi_post_block
    - KVM: VMX: avoid double list add with VT-d posted interrupts
    - KVM: VMX: simplify and fix vmx_vcpu_pi_load
    - KVM: nVMX: fix HOST_CR3/HOST_CR4 cache
    - kvm/x86: Handle async PF in RCU read-side critical sections
    - kvm: nVMX: Don't allow L2 to access the hardware CR8
    - xfs: validate bdev support for DAX inode flag
    - fix infoleak in waitid(2)
    - sched/sysctl: Check user input value of sysctl_sched_time_avg
    - irq/generic-chip: Don't replace domain's name
    - mtd: Fix partition alignment check on multi-erasesize devices
    - mtd: nand: atmel: fix buffer overflow in atmel_pmecc_user
    - etnaviv: fix submit error path
    - etnaviv: fix gem object list corruption
    - futex: Fix pi_state->owner serialization
    - md: fix a race condition for flush request handling
    - md: separate request handling
    - PCI: Fix race condition with driver_override
    - btrfs: fix NULL pointer dereference from free_reloc_roots()
    - btrfs: clear ordered flag on cleaning up ordered extents
    - btrfs: finish ordered extent cleaning if no progress is found
    - btrfs: propagate error to btrfs_cmp_data_prepare caller
    - btrfs: prevent to set invalid default subvolid
    - platform/x86: fujitsu-laptop: Don't oops when FUJ02E3 is not presnt
    - PM / OPP: Call notifier without holding opp_table->lock
    - x86/mm: Fix fault error path using unsafe vma pointer
    - x86/fpu: Don't let userspace set bogus xcomp_bv
    - KVM: VMX: do not change SN bit in vmx_update_pi_irte()
    - KVM: VMX: remove WARN_ON_ONCE in kvm_vcpu_trigger_posted_interrupt
    - KVM: VMX: use cmpxchg64
    - video: fbdev: aty: do not leak uninitialized padding in clk to userspace
    - Linux 4.13.5
    - [Config] Update configs for v4.13.5

 -- Timo Aaltonen <email address hidden>  Mon, 13 Nov 2017 19:43:44 +0200

Available diffs

Deleted in xenial-proposed on 2017-11-17 (Reason: NBS)
linux-oem (4.13.0-1007.8) xenial; urgency=low

  * mwifiex cannot connect to wifi AP when keeping wireless connection idle for
    more than 60 seconds (LP: #1725154)
    - SAUCE: cfg80211: workaround for mwifiex

  * Touchpad and TrackPoint Dose Not Work on Lenovo X1C6 and X280 (LP: #1723986)
    - SAUCE: Input: synaptics-rmi4 - RMI4 can also use SMBUS version 3
    - SAUCE: Input: synaptics - Lenovo X1 Carbon 5 should use SMBUS/RMI
    - SAUCE: Input: synaptics - add Intertouch support on X1 Carbon 6th and X280

  * [Artful] Add support for Dell/Wyse 3040 audio codec (LP: #1723916)
    - SAUCE: ASoC: rt5670: Add support for Wyse 3040

  * [Artful] Some Dell Monitors Doesn't Work Well with Dell/Wyse 3040
    (LP: #1723915)
    - SAUCE: drm/i915: Workaround for DP DPMS D3 on Dell monitor

  * [Artful] Support headset mode for DELL WYSE (LP: #1723913)
    - SAUCE: ALSA: hda/realtek - Add support headset mode for DELL WYSE

  * Miscellaneous Ubuntu changes
    - Rebase to 4.13.0-16.19

  [ Ubuntu: 4.13.0-16.19 ]

  * 20170817 - ISO hangs on boot on qemu with splash screen enabled and qxl
    graphics driver (LP: #1711358)
    - qxl: fix framebuffer unpinning
  * [Bug] USB controller failed to respond on Denverton after loading
    intel_th_pci module (LP: #1715833)
    - SAUCE: PCI: Disable broken RTIT_BAR of Intel TH
  * CVE-2017-5123
    - waitid(): Add missing access_ok() checks

 -- Timo Aaltonen <email address hidden>  Fri, 20 Oct 2017 10:41:16 +0300
150 of 50 results