Change logs for linux-ibm source package in Mantic

linux-ibm (6.5.0-1009.9) mantic; urgency=medium

  * mantic/linux-ibm: 6.5.0-1009.9 -proposed tracker (LP: #2038693)

  [ Ubuntu: 6.5.0-9.9 ]

  * mantic/linux: 6.5.0-9.9 -proposed tracker (LP: #2038687)
  * update apparmor and LSM stacking patch set (LP: #2028253)
    - re-apply apparmor 4.0.0
  * Disable restricting unprivileged change_profile by default, due to LXD
    latest/stable not yet compatible with this new apparmor feature
    (LP: #2038567)
    - SAUCE: apparmor: Make apparmor_restrict_unprivileged_unconfined opt-in

  [ Ubuntu: 6.5.0-8.8 ]

  * mantic/linux: 6.5.0-8.8 -proposed tracker (LP: #2038577)
  * update apparmor and LSM stacking patch set (LP: #2028253)
    - SAUCE: apparmor3.2.0 [02/60]: rename SK_CTX() to aa_sock and make it an
      inline fn
    - SAUCE: apparmor3.2.0 [05/60]: Add sysctls for additional controls of unpriv
      userns restrictions
    - SAUCE: apparmor3.2.0 [08/60]: Stacking v38: LSM: Identify modules by more
      than name
    - SAUCE: apparmor3.2.0 [09/60]: Stacking v38: LSM: Add an LSM identifier for
      external use
    - SAUCE: apparmor3.2.0 [10/60]: Stacking v38: LSM: Identify the process
      attributes for each module
    - SAUCE: apparmor3.2.0 [11/60]: Stacking v38: LSM: Maintain a table of LSM
      attribute data
    - SAUCE: apparmor3.2.0 [12/60]: Stacking v38: proc: Use lsmids instead of lsm
      names for attrs
    - SAUCE: apparmor3.2.0 [13/60]: Stacking v38: integrity: disassociate
      ima_filter_rule from security_audit_rule
    - SAUCE: apparmor3.2.0 [14/60]: Stacking v38: LSM: Infrastructure management
      of the sock security
    - SAUCE: apparmor3.2.0 [15/60]: Stacking v38: LSM: Add the lsmblob data
      structure.
    - SAUCE: apparmor3.2.0 [16/60]: Stacking v38: LSM: provide lsm name and id
      slot mappings
    - SAUCE: apparmor3.2.0 [17/60]: Stacking v38: IMA: avoid label collisions with
      stacked LSMs
    - SAUCE: apparmor3.2.0 [18/60]: Stacking v38: LSM: Use lsmblob in
      security_audit_rule_match
    - SAUCE: apparmor3.2.0 [19/60]: Stacking v38: LSM: Use lsmblob in
      security_kernel_act_as
    - SAUCE: apparmor3.2.0 [20/60]: Stacking v38: LSM: Use lsmblob in
      security_secctx_to_secid
    - SAUCE: apparmor3.2.0 [21/60]: Stacking v38: LSM: Use lsmblob in
      security_secid_to_secctx
    - SAUCE: apparmor3.2.0 [22/60]: Stacking v38: LSM: Use lsmblob in
      security_ipc_getsecid
    - SAUCE: apparmor3.2.0 [23/60]: Stacking v38: LSM: Use lsmblob in
      security_current_getsecid
    - SAUCE: apparmor3.2.0 [24/60]: Stacking v38: LSM: Use lsmblob in
      security_inode_getsecid
    - SAUCE: apparmor3.2.0 [25/60]: Stacking v38: LSM: Use lsmblob in
      security_cred_getsecid
    - SAUCE: apparmor3.2.0 [26/60]: Stacking v38: LSM: Specify which LSM to
      display
    - SAUCE: apparmor3.2.0 [28/60]: Stacking v38: LSM: Ensure the correct LSM
      context releaser
    - SAUCE: apparmor3.2.0 [29/60]: Stacking v38: LSM: Use lsmcontext in
      security_secid_to_secctx
    - SAUCE: apparmor3.2.0 [30/60]: Stacking v38: LSM: Use lsmcontext in
      security_inode_getsecctx
    - SAUCE: apparmor3.2.0 [31/60]: Stacking v38: Use lsmcontext in
      security_dentry_init_security
    - SAUCE: apparmor3.2.0 [32/60]: Stacking v38: LSM: security_secid_to_secctx in
      netlink netfilter
    - SAUCE: apparmor3.2.0 [33/60]: Stacking v38: NET: Store LSM netlabel data in
      a lsmblob
    - SAUCE: apparmor3.2.0 [34/60]: Stacking v38: binder: Pass LSM identifier for
      confirmation
    - SAUCE: apparmor3.2.0 [35/60]: Stacking v38: LSM: security_secid_to_secctx
      module selection
    - SAUCE: apparmor3.2.0 [36/60]: Stacking v38: Audit: Keep multiple LSM data in
      audit_names
    - SAUCE: apparmor3.2.0 [37/60]: Stacking v38: Audit: Create audit_stamp
      structure
    - SAUCE: apparmor3.2.0 [38/60]: Stacking v38: LSM: Add a function to report
      multiple LSMs
    - SAUCE: apparmor3.2.0 [39/60]: Stacking v38: Audit: Allow multiple records in
      an audit_buffer
    - SAUCE: apparmor3.2.0 [40/60]: Stacking v38: Audit: Add record for multiple
      task security contexts
    - SAUCE: apparmor3.2.0 [41/60]: Stacking v38: audit: multiple subject lsm
      values for netlabel
    - SAUCE: apparmor3.2.0 [42/60]: Stacking v38: Audit: Add record for multiple
      object contexts
    - SAUCE: apparmor3.2.0 [43/60]: Stacking v38: netlabel: Use a struct lsmblob
      in audit data
    - SAUCE: apparmor3.2.0 [44/60]: Stacking v38: LSM: Removed scaffolding
      function lsmcontext_init
    - SAUCE: apparmor3.2.0 [45/60]: Stacking v38: AppArmor: Remove the exclusive
      flag
    - SAUCE: apparmor3.2.0 [46/60]: combine common_audit_data and
      apparmor_audit_data
    - SAUCE: apparmor3.2.0 [47/60]: setup slab cache for audit data
    - SAUCE: apparmor3.2.0 [48/60]: rename audit_data->label to
      audit_data->subj_label
    - SAUCE: apparmor3.2.0 [49/60]: pass cred through to audit info.
    - SAUCE: apparmor3.2.0 [50/60]: Improve debug print infrastructure
    - SAUCE: apparmor3.2.0 [51/60]: add the ability for profiles to have a
      learning cache
    - SAUCE: apparmor3.2.0 [52/60]: enable userspace upcall for mediation
    - SAUCE: apparmor3.2.0 [53/60]: cache buffers on percpu list if there is lock
      contention
    - SAUCE: apparmor3.2.0 [55/60]: advertise availability of exended perms
    - SAUCE: apparmor3.2.0 [60/60]: [Config] enable
      CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS
  * LSM stacking and AppArmor for 6.2: additional fixes (LP: #2017903) // update
    apparmor and LSM stacking patch set (LP: #2028253)
    - SAUCE: apparmor3.2.0 [57/60]: fix profile verification and enable it
  * udev fails to make prctl() syscall with apparmor=0 (as used by maas by
    default) (LP: #2016908) // update apparmor and LSM stacking patch set
    (LP: #2028253)
    - SAUCE: apparmor3.2.0 [27/60]: Stacking v38: Fix prctl() syscall with
      apparmor=0
  * kinetic: apply new apparmor and LSM stacking patch set (LP: #1989983) //
    update apparmor and LSM stacking patch set (LP: #2028253)
    - SAUCE: apparmor3.2.0 [01/60]: add/use fns to print hash string hex value
    - SAUCE: apparmor3.2.0 [03/60]: patch to provide compatibility with v2.x net
      rules
    - SAUCE: apparmor3.2.0 [04/60]: add user namespace creation mediation
    - SAUCE: apparmor3.2.0 [06/60]: af_unix mediation
    - SAUCE: apparmor3.2.0 [07/60]: Add fine grained mediation of posix mqueues

 -- Paolo Pisati <email address hidden>  Fri, 06 Oct 2023 22:05:09 +0200

linux-ibm (6.5.0-1008.8) mantic; urgency=medium

  * mantic/linux-ibm: 6.5.0-1008.8 -proposed tracker (LP: #2037877)

  [ Ubuntu: 6.5.0-7.7 ]

  * mantic/linux: 6.5.0-7.7 -proposed tracker (LP: #2037611)
  * kexec enable to load/kdump zstd compressed zimg (LP: #2037398)
    - [Packaging] Revert arm64 image format to Image.gz
  * Mantic minimized/minimal cloud images do not receive IP address during
    provisioning (LP: #2036968)
    - [Config] Enable virtio-net as built-in to avoid race
  * Miscellaneous Ubuntu changes
    - SAUCE: Add mdev_set_iommu_device() kABI
    - [Config] update gcc version in annotations

 -- Paolo Pisati <email address hidden>  Mon, 02 Oct 2023 10:23:08 +0200

linux-ibm (6.5.0-1006.6) mantic; urgency=medium

  * mantic/linux-ibm: 6.5.0-1006.6 -proposed tracker (LP: #2035601)

  * Miscellaneous Ubuntu changes
    - [Config] updateconfigs after Ubuntu-6.5.0-6.6 rebase
    - [packaging] update rust, clang and bindgen build-deps

 -- Paolo Pisati <email address hidden>  Mon, 25 Sep 2023 13:39:35 +0200

linux-ibm (6.5.0-1005.5) mantic; urgency=medium

  * mantic/linux-ibm: 6.5.0-1005.5 -proposed tracker (LP: #2034550)

  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/d2023.08.23)

 -- Paolo Pisati <email address hidden>  Wed, 06 Sep 2023 16:25:29 +0200

linux-ibm (6.5.0-1004.4) mantic; urgency=medium

  * mantic/linux-ibm: 6.5.0-1004.4 -proposed tracker (LP: #2034046)

  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/d2023.08.23)

 -- Paolo Pisati <email address hidden>  Mon, 04 Sep 2023 17:25:35 +0200

linux-ibm (6.5.0-1003.3) mantic; urgency=medium

  * mantic/linux-ibm: 6.5.0-1003.3 -proposed tracker (LP: #2033241)

  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/d2023.08.23)

  * Miscellaneous Ubuntu changes
    - [Packaging] derive it from mantic:linux
    - [Config] updateconfigs after rebase on Ubuntu-6.5.0-2.2

 -- Paolo Pisati <email address hidden>  Wed, 30 Aug 2023 09:04:47 +0200

linux-ibm (6.2.0-1002.2) lunar; urgency=medium

  * lunar/linux-ibm: 6.2.0-1002.2 -proposed tracker (LP: #2016274)

  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/master)

  * Kernel 6.1 bumped the disk consumption on default images by 15%
    (LP: #2015867)
    - [Config] disable Rust support

  * Miscellaneous Ubuntu changes
    - rebase on Ubuntu-6.2.0-21.21

  * Rebase on Ubuntu-6.2.0-21.21

 -- Paolo Pisati <email address hidden>  Fri, 14 Apr 2023 16:16:11 +0200

linux-ibm (6.2.0-1001.1) lunar; urgency=medium

  * lunar/linux-ibm: 6.2.0-1001.1 -proposed tracker (LP: #2013193)

  * enable Rust support in the kernel (LP: #2007654)
    - [Packaging] add rust dependencies

  * remove circular dep between linux-image and modules (LP: #1989334)
    - [Packaging] remove circular dep between modules and image

  * Packaging resync (LP: #1786013)
    - [Packaging] update update.conf

  * Some derivative kernel tools packages don't depend on linux-tools-common
    (LP: #1914774)
    - [Packaging] ibm: linux-tools-common and linux-cloud-tools-common are one per
      series

  * Miscellaneous Ubuntu changes
    - [Packaging] add python3 as a build dependency
    - [packaging] manually remove ipu6 and ivsc DKMS entries
    - [Config] updateconfigs following 6.2 rebase

 -- Paolo Pisati <email address hidden>  Wed, 29 Mar 2023 12:35:51 +0200