-
linux-aws (4.4.0-1044.47) trusty; urgency=medium
[ Ubuntu: 4.4.0-148.174 ]
* CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130
- Documentation/l1tf: Fix small spelling typo
- perf/x86/intel: Add model number for Skylake Server to perf
- perf/x86: Add model numbers for Kabylake CPUs
- perf/x86/intel: Use Intel family macros for core perf events
- perf/x86/msr: Use Intel family macros for MSR events code
- perf/x86/msr: Add missing Intel models
- SAUCE: perf/x86/{cstate,rapl,uncore}: Use Intel Model name macros
- perf/x86/msr: Add missing CPU IDs
- x86/speculation: Simplify the CPU bug detection logic
- x86/cpu: Sanitize FAM6_ATOM naming
- kvm: x86: Report STIBP on GET_SUPPORTED_CPUID
- bitops: avoid integer overflow in GENMASK(_ULL)
- locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to a
new <linux/bits.h> file
- tools include: Adopt linux/bits.h
- x86/msr-index: Cleanup bit defines
- x86/speculation: Consolidate CPU whitelists
- x86/speculation/mds: Add basic bug infrastructure for MDS
- x86/speculation/mds: Add BUG_MSBDS_ONLY
- x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests
- x86/speculation/mds: Add mds_clear_cpu_buffers()
- locking/static_keys: Provide DECLARE and well as DEFINE macros
- x86/speculation/mds: Clear CPU buffers on exit to user
- x86/kvm/vmx: Add MDS protection when L1D Flush is not active
- x86/speculation/mds: Conditionally clear CPU buffers on idle entry
- SAUCE: sched/smt: Introduce sched_smt_{active,present}
- SAUCE: Rename the Ubuntu-only spec_ctrl_mutex mutex
- SAUCE: x86/speculation: Introduce arch_smt_update()
- x86/speculation: Rework SMT state change
- x86/speculation: Reorder the spec_v2 code
- x86/speculation: Unify conditional spectre v2 print functions
- x86/speculation/mds: Add mitigation control for MDS
- x86/speculation/mds: Add sysfs reporting for MDS
- x86/speculation/mds: Add mitigation mode VMWERV
- Documentation: Move L1TF to separate directory
- Documentation: Add MDS vulnerability documentation
- x86/speculation/mds: Add mds=full,nosmt cmdline option
- x86/speculation: Move arch_smt_update() call to after mitigation decisions
- x86/speculation/mds: Add SMT warning message
- x86/speculation/mds: Fix comment
- x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off
- x86/speculation/mds: Add 'mitigations=' support for MDS
* CVE-2017-5715 // CVE-2017-5753
- s390/speculation: Support 'mitigations=' cmdline option
* CVE-2017-5715 // CVE-2017-5753 // CVE-2017-5754 // CVE-2018-3639
- powerpc/speculation: Support 'mitigations=' cmdline option
* CVE-2017-5715 // CVE-2017-5754 // CVE-2018-3620 // CVE-2018-3639 //
CVE-2018-3646
- cpu/speculation: Add 'mitigations=' cmdline option
- x86/speculation: Support 'mitigations=' cmdline option
* Packaging resync (LP: #1786013)
- [Packaging] resync git-ubuntu-log
linux-aws (4.4.0-1043.46) trusty; urgency=medium
* linux-aws: 4.4.0-1043.46 -proposed tracker (LP: #1826034)
* Packaging resync (LP: #1786013)
- [Packaging] resync git-ubuntu-log
[ Ubuntu: 4.4.0-147.173 ]
* linux: 4.4.0-147.173 -proposed tracker (LP: #1826036)
* Packaging resync (LP: #1786013)
- [Packaging] resync git-ubuntu-log
* Xenial: Sync to upstream v4.9 (Spectre) (LP: #1820872)
- SAUCE: cpu/hotplug: Fix Documentation/kernel-parameters.txt
- SAUCE: Fix typo in Documentation/kernel-parameters.txt
- SAUCE: x86: Move hunks and sync to upstream stable 4.9
- Revert "module: Add retpoline tag to VERMAGIC"
* CVE-2017-5753
- posix-timers: Protect posix clock array access against speculation
- arm64: fix possible spectre-v1 in ptrace_hbp_get_event()
- sched/autogroup: Fix possible Spectre-v1 indexing for sched_prio_to_weight[]
- media: dvb_ca_en50221: prevent using slot_info for Spectre attacs
- s390/keyboard: sanitize array index in do_kdsk_ioctl
- arm64: fix possible spectre-v1 write in ptrace_hbp_set_event()
- pktcdvd: Fix possible Spectre-v1 for pkt_devs
- net: socket: Fix potential spectre v1 gadget in sock_is_registered
- net: sock_diag: Fix spectre v1 gadget in __sock_diag_cmd()
- hwmon: (nct6775) Fix potential Spectre v1
- mac80211_hwsim: Fix possible Spectre-v1 for hwsim_world_regdom_custom
- nl80211: Fix possible Spectre-v1 for NL80211_TXRATE_HT
- ipmi: msghandler: Fix potential Spectre v1 vulnerabilities
- powerpc/ptrace: Mitigate potential Spectre v1
- cfg80211: prevent speculation on cfg80211_classify8021d() return
- ALSA: rawmidi: Fix potential Spectre v1 vulnerability
- ALSA: seq: oss: Fix Spectre v1 vulnerability
* CVE-2019-3874
- sctp: fix the issue that a __u16 variable may overflow in sctp_ulpq_renege
- sctp: use sk_wmem_queued to check for writable space
- sctp: implement memory accounting on tx path
- sctp: implement memory accounting on rx path
* Kprobe event argument syntax in ftrace from ubuntu_kernel_selftests failed
on B PowerPC (LP: #1812809)
- selftests/ftrace: Add ppc support for kprobe args tests
* CVE-2019-3882
- vfio/type1: Limit DMA mappings per container
* Intel I210 Ethernet card not working after hotplug [8086:1533]
(LP: #1818490)
- igb: Fix WARN_ONCE on runtime suspend
* TSC clocksource not available in nested guests (LP: #1822821)
- x86/tsc: Add X86_FEATURE_TSC_KNOWN_FREQ flag
- kvmclock: fix TSC calibration for nested guests
* Remove btrfs module after a failed fallocate attempt will cause error on 4.4
i386 (LP: #1822579)
- Btrfs: fix extent map leak during fallocate error path
* systemd cause kernel trace "BUG: unable to handle kernel paging request at
6db23a14" on Cosmic i386 (LP: #1813244) // systemd cause kernel trace "BUG:
unable to handle kernel paging request at 6db23a14" on Cosmic i386
(LP: #1813244)
- openvswitch: fix flow actions reallocation
-- Stefan Bader <email address hidden> Wed, 08 May 2019 20:17:36 +0200
-
linux-aws (4.4.0-1042.45) trusty; urgency=medium
* linux-aws: 4.4.0-1042.45 -proposed tracker (LP: #1824775)
* Packaging resync (LP: #1786013)
- [Packaging] resync git-ubuntu-log
* Please ship the ib_uverbs driver module in the main modules package
(LP: #1822692)
- [config] AWS: ib_uverbs.ko, ib_umad.ko moved to linux-modules package
linux-aws (4.4.0-1041.44) trusty; urgency=medium
* linux-aws: 4.4.0-1041.44 -proposed tracker (LP: #1822832)
* Packaging resync (LP: #1786013)
- [Packaging] resync git-ubuntu-log
[ Ubuntu: 4.4.0-146.172 ]
* linux: 4.4.0-146.172 -proposed tracker (LP: #1822834)
* Packaging resync (LP: #1786013)
- [Packaging] update helper scripts
- [Packaging] resync retpoline extraction
* 3b080b2564287be91605bfd1d5ee985696e61d3c in ubuntu_btrfs_kernel_fixes
triggers system hang on i386 (LP: #1812845)
- btrfs: raid56: properly unmap parity page in finish_parity_scrub()
* Xenial update: 4.4.177 upstream stable release (LP: #1822271)
- ceph: avoid repeatedly adding inode to mdsc->snap_flush_list
- numa: change get_mempolicy() to use nr_node_ids instead of MAX_NUMNODES
- KEYS: allow reaching the keys quotas exactly
- mfd: ti_am335x_tscadc: Use PLATFORM_DEVID_AUTO while registering mfd cells
- mfd: twl-core: Fix section annotations on {,un}protect_pm_master
- mfd: db8500-prcmu: Fix some section annotations
- mfd: ab8500-core: Return zero in get_register_interruptible()
- mfd: qcom_rpm: write fw_version to CTRL_REG
- mfd: wm5110: Add missing ASRC rate register
- mfd: mc13xxx: Fix a missing check of a register-read failure
- net: hns: Fix use after free identified by SLUB debug
- MIPS: ath79: Enable OF serial ports in the default config
- scsi: qla4xxx: check return code of qla4xxx_copy_from_fwddb_param
- scsi: isci: initialize shost fully before calling scsi_add_host()
- MIPS: jazz: fix 64bit build
- isdn: i4l: isdn_tty: Fix some concurrency double-free bugs
- atm: he: fix sign-extension overflow on large shift
- leds: lp5523: fix a missing check of return value of lp55xx_read
- isdn: avm: Fix string plus integer warning from Clang
- RDMA/srp: Rework SCSI device reset handling
- KEYS: user: Align the payload buffer
- KEYS: always initialize keyring_index_key::desc_len
- batman-adv: fix uninit-value in batadv_interface_tx()
- net/packet: fix 4gb buffer limit due to overflow check
- team: avoid complex list operations in team_nl_cmd_options_set()
- sit: check if IPv6 enabled before calling ip6_err_gen_icmpv6_unreach()
- net/mlx4_en: Force CHECKSUM_NONE for short ethernet frames
- ARCv2: Enable unaligned access in early ASM code
- Revert "bridge: do not add port to router list when receives query with
source 0.0.0.0"
- libceph: handle an empty authorize reply
- drm/msm: Unblock writer if reader closes file
- ASoC: Intel: Haswell/Broadwell: fix setting for .dynamic field
- ALSA: compress: prevent potential divide by zero bugs
- thermal: int340x_thermal: Fix a NULL vs IS_ERR() check
- usb: dwc3: gadget: Fix the uninitialized link_state when udc starts
- usb: gadget: Potential NULL dereference on allocation error
- ASoC: dapm: change snprintf to scnprintf for possible overflow
- ASoC: imx-audmux: change snprintf to scnprintf for possible overflow
- ARC: fix __ffs return value to avoid build warnings
- mac80211: fix miscounting of ttl-dropped frames
- serial: fsl_lpuart: fix maximum acceptable baud rate with over-sampling
- scsi: csiostor: fix NULL pointer dereference in csio_vport_set_state()
- net: altera_tse: fix connect_local_phy error path
- ibmveth: Do not process frames after calling napi_reschedule
- mac80211: don't initiate TDLS connection if station is not associated to AP
- cfg80211: extend range deviation for DMG
- KVM: nSVM: clear events pending from svm_complete_interrupts() when exiting
to L1
- arm/arm64: KVM: Feed initialized memory to MMIO accesses
- KVM: arm/arm64: Fix MMIO emulation data handling
- powerpc: Always initialize input array when calling epapr_hypercall()
- mmc: spi: Fix card detection during probe
- x86/uaccess: Don't leak the AC flag into __put_user() value evaluation
- USB: serial: option: add Telit ME910 ECM composition
- USB: serial: cp210x: add ID for Ingenico 3070
- USB: serial: ftdi_sio: add ID for Hjelmslund Electronics USB485
- cpufreq: Use struct kobj_attribute instead of struct global_attr
- sockfs: getxattr: Fail with -EOPNOTSUPP for invalid attribute names
- ncpfs: fix build warning of strncpy
- isdn: isdn_tty: fix build warning of strncpy
- staging: lustre: fix buffer overflow of string buffer
- net-sysfs: Fix mem leak in netdev_register_kobject
- team: Free BPF filter when unregistering netdev
- bnxt_en: Drop oversize TX packets to prevent errors.
- net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails
- xen-netback: fix occasional leak of grant ref mappings under memory pressure
- net: Add __icmp_send helper.
- net: avoid use IPCB in cipso_v4_error
- net: phy: Micrel KSZ8061: link failure after cable connect
- x86/CPU/AMD: Set the CPB bit unconditionally on F17h
- applicom: Fix potential Spectre v1 vulnerabilities
- MIPS: irq: Allocate accurate order pages for irq stack
- hugetlbfs: fix races and page leaks during migration
- netlabel: fix out-of-bounds memory accesses
- net: dsa: mv88e6xxx: Fix u64 statistics
- ip6mr: Do not call __IP6_INC_STATS() from preemptible context
- media: uvcvideo: Fix 'type' check leading to overflow
- vti4: Fix a ipip packet processing bug in 'IPCOMP' virtual tunnel
- perf tools: Handle TOPOLOGY headers with no CPU
- IB/{hfi1, qib}: Fix WC.byte_len calculation for UD_SEND_WITH_IMM
- ipvs: Fix signed integer overflow when setsockopt timeout
- iommu/amd: Fix IOMMU page flush when detach device from a domain
- xtensa: SMP: fix ccount_timer_shutdown
- xtensa: SMP: fix secondary CPU initialization
- xtensa: smp_lx200_defconfig: fix vectors clash
- xtensa: SMP: mark each possible CPU as present
- xtensa: SMP: limit number of possible CPUs by NR_CPUS
- net: altera_tse: fix msgdma_tx_completion on non-zero fill_level case
- net: hns: Fix wrong read accesses via Clause 45 MDIO protocol
- net: stmmac: dwmac-rk: fix error handling in rk_gmac_powerup()
- gpio: vf610: Mask all GPIO interrupts
- nfs: Fix NULL pointer dereference of dev_name
- scsi: libfc: free skb when receiving invalid flogi resp
- platform/x86: Fix unmet dependency warning for SAMSUNG_Q10
- cifs: fix computation for MAX_SMB2_HDR_SIZE
- x86/kexec: Don't setup EFI info if EFI runtime is not enabled
- x86_64: increase stack size for KASAN_EXTRA
- mm, memory_hotplug: is_mem_section_removable do not pass the end of a zone
- mm, memory_hotplug: test_pages_in_a_zone do not pass the end of zone
- fs/drop_caches.c: avoid softlockups in drop_pagecache_sb()
- autofs: drop dentry reference only when it is never used
- autofs: fix error return in autofs_fill_super()
- ARM: pxa: ssp: unneeded to free devm_ allocated data
- irqchip/mmp: Only touch the PJ4 IRQ & FIQ bits on enable/disable
- dmaengine: at_xdmac: Fix wrongfull report of a channel as in use
- dmaengine: dmatest: Abort test in case of mapping error
- s390/qeth: fix use-after-free in error path
- perf symbols: Filter out hidden symbols from labels
- MIPS: Remove function size check in get_frame_info()
- Input: wacom_serial4 - add support for Wacom ArtPad II tablet
- Input: elan_i2c - add id for touchpad found in Lenovo s21e-20
- iscsi_ibft: Fix missing break in switch statement
- futex,rt_mutex: Restructure rt_mutex_finish_proxy_lock()
- ARM: dts: exynos: Add minimal clkout parameters to Exynos3250 PMU
- Revert "x86/platform/UV: Use efi_runtime_lock to serialise BIOS calls"
- ARM: dts: exynos: Do not ignore real-world fuse values for thermal zone 0 on
Exynos5420
- udplite: call proper backlog handlers
- netfilter: x_tables: enforce nul-terminated table name from getsockopt
GET_ENTRIES
- netfilter: nfnetlink_log: just returns error for unknown command
- netfilter: nfnetlink_acct: validate NFACCT_FILTER parameters
- netfilter: nf_conntrack_tcp: Fix stack out of bounds when parsing TCP
options
- KEYS: restrict /proc/keys by credentials at open time
- l2tp: fix infoleak in l2tp_ip6_recvmsg()
- net: hsr: fix memory leak in hsr_dev_finalize()
- net: sit: fix UBSAN Undefined behaviour in check_6rd
- net/x25: fix use-after-free in x25_device_event()
- net/x25: reset state in x25_connect()
- pptp: dst_release sk_dst_cache in pptp_sock_destruct
- ravb: Decrease TxFIFO depth of Q3 and Q2 to one
- route: set the deleted fnhe fnhe_daddr to 0 in ip_del_fnhe to fix a race
- tcp: handle inet_csk_reqsk_queue_add() failures
- net/mlx4_core: Fix reset flow when in command polling mode
- net/mlx4_core: Fix qp mtt size calculation
- net/x25: fix a race in x25_bind()
- mdio_bus: Fix use-after-free on device_register fails
- net: Set rtm_table to RT_TABLE_COMPAT for ipv6 for tables > 255
- missing barriers in some of unix_sock ->addr and ->path accesses
- ipvlan: disallow userns cap_net_admin to change global mode/flags
- vxlan: test dev->flags & IFF_UP before calling gro_cells_receive()
- vxlan: Fix GRO cells race condition between receive and link delete
- net/hsr: fix possible crash in add_timer()
- gro_cells: make sure device is up in gro_cells_receive()
- tcp/dccp: remove reqsk_put() from inet_child_forget()
- ALSA: bebob: use more identical mod_alias for Saffire Pro 10 I/O against
Liquid Saffire 56
- fs/9p: use fscache mutex rather than spinlock
- It's wrong to add len to sector_nr in raid10 reshape twice
- media: videobuf2-v4l2: drop WARN_ON in vb2_warn_zero_bytesused()
- 9p: use inode->i_lock to protect i_size_write() under 32-bit
- 9p/net: fix memory leak in p9_client_create
- ASoC: fsl_esai: fix register setting issue in RIGHT_J mode
- stm class: Fix an endless loop in channel allocation
- crypto: caam - fixed handling of sg list
- crypto: ahash - fix another early termination in hash walk
- gpu: ipu-v3: Fix i.MX51 CSI control registers offset
- gpu: ipu-v3: Fix CSI offsets for imx53
- s390/dasd: fix using offset into zero size array error
- ARM: OMAP2+: Variable "reg" in function omap4_dsi_mux_pads() could be
uninitialized
- Input: matrix_keypad - use flush_delayed_work()
- i2c: cadence: Fix the hold bit setting
- Input: st-keyscan - fix potential zalloc NULL dereference
- ARM: 8824/1: fix a migrating irq bug when hotplug cpu
- assoc_array: Fix shortcut creation
- net: systemport: Fix reception of BPDUs
- pinctrl: meson: meson8b: fix the sdxc_a data 1..3 pins
- net: mv643xx_eth: disable clk on error path in mv643xx_eth_shared_probe()
- ASoC: topology: free created components in tplg load error
- arm64: Relax GIC version check during early boot
- tmpfs: fix link accounting when a tmpfile is linked in
- ARC: uacces: remove lp_start, lp_end from clobber list
- phonet: fix building with clang
- mac80211_hwsim: propagate genlmsg_reply return code
- net: set static variable an initial value in atl2_probe()
- tmpfs: fix uninitialized return value in shmem_link
- stm class: Prevent division by zero
- crypto: arm64/aes-ccm - fix logical bug in AAD MAC handling
- CIFS: Fix read after write for files with read caching
- tracing: Do not free iter->trace in fail path of tracing_open_pipe()
- ACPI / device_sysfs: Avoid OF modalias creation for removed device
- regulator: s2mps11: Fix steps for buck7, buck8 and LDO35
- regulator: s2mpa01: Fix step values for some LDOs
- clocksource/drivers/exynos_mct: Move one-shot check from tick clear to ISR
- clocksource/drivers/exynos_mct: Clear timer interrupt when shutdown
- s390/virtio: handle find on invalid queue gracefully
- scsi: virtio_scsi: don't send sc payload with tmfs
- scsi: target/iscsi: Avoid iscsit_release_commands_from_conn() deadlock
- m68k: Add -ffreestanding to CFLAGS
- btrfs: ensure that a DUP or RAID1 block group has exactly two stripes
- Btrfs: fix corruption reading shared and compressed extents after hole
punching
- crypto: pcbc - remove bogus memcpy()s with src == dest
- cpufreq: tegra124: add missing of_node_put()
- cpufreq: pxa2xx: remove incorrect __init annotation
- ext4: fix crash during online resizing
- ext2: Fix underflow in ext2_max_size()
- clk: ingenic: Fix round_rate misbehaving with non-integer dividers
- dmaengine: usb-dmac: Make DMAC system sleep callbacks explicit
- mm/vmalloc: fix size check for remap_vmalloc_range_partial()
- kernel/sysctl.c: add missing range check in do_proc_dointvec_minmax_conv
- intel_th: Don't reference unassigned outputs
- parport_pc: fix find_superio io compare code, should use equal test.
- i2c: tegra: fix maximum transfer size
- perf bench: Copy kernel files needed to build mem{cpy,set} x86_64 benchmarks
- serial: 8250_pci: Fix number of ports for ACCES serial cards
- serial: 8250_pci: Have ACCES cards that use the four port Pericom PI7C9X7954
chip use the pci_pericom_setup()
- jbd2: clear dirty flag when revoking a buffer from an older transaction
- jbd2: fix compile warning when using JBUFFER_TRACE
- powerpc/32: Clear on-stack exception marker upon exception return
- powerpc/wii: properly disable use of BATs when requested.
- powerpc/powernv: Make opal log only readable by root
- powerpc/83xx: Also save/restore SPRG4-7 during suspend
- ARM: s3c24xx: Fix boolean expressions in osiris_dvs_notify
- dm: fix to_sector() for 32bit
- NFS41: pop some layoutget errors to application
- perf intel-pt: Fix CYC timestamp calculation after OVF
- perf auxtrace: Define auxtrace record alignment
- perf intel-pt: Fix overlap calculation for padding
- md: Fix failed allocation of md_register_thread
- NFS: Fix an I/O request leakage in nfs_do_recoalesce
- NFS: Don't recoalesce on error in nfs_pageio_complete_mirror()
- nfsd: fix memory corruption caused by readdir
- nfsd: fix wrong check in write_v4_end_grace()
- PM / wakeup: Rework wakeup source timer cancellation
- rcu: Do RCU GP kthread self-wakeup from softirq and interrupt
- media: uvcvideo: Avoid NULL pointer dereference at the end of streaming
- drm/radeon/evergreen_cs: fix missing break in switch statement
- KVM: nVMX: Sign extend displacements of VMX instr's mem operands
- KVM: nVMX: Ignore limit checks on VMX instructions using flat segments
- KVM: X86: Fix residual mmio emulation request to userspace
- Linux 4.4.177
* sky2 ethernet card doesn't work after returning from suspend
(LP: #1807259) // sky2 ethernet card link not up after suspend
(LP: #1809843) // Xenial update: 4.4.177 upstream stable release
(LP: #1822271)
- sky2: Disable MSI on Dell Inspiron 1545 and Gateway P-79
* [CONFIG] please enable highdpi font FONT_TER16x32 (LP: #1819881)
- lib/fonts/Kconfig: keep non-Sparc fonts listed together
- Fonts: New Terminus large console font
- [Config]: enable highdpi Terminus 16x32 font support
* Hard lockup in 2 CPUs due to deadlock in cpu_stoppers (LP: #1821259)
- stop_machine, sched: Fix migrate_swap() vs. active_balance() deadlock
- stop_machine: Disable preemption when waking two stopper threads
- stop_machine: Disable preemption after queueing stopper threads
- stop_machine: Atomically queue and wake stopper threads
[ Ubuntu: 4.4.0-145.171 ]
* linux: 4.4.0-145.171 -proposed tracker (LP: #1821724)
* linux-generic should depend on linux-base >=4.1 (LP: #1820419)
- [Packaging] Fix linux-base dependency
-- Khalid Elmously <email address hidden> Wed, 17 Apr 2019 20:30:18 -0400
-
linux-aws (4.4.0-1041.44) trusty; urgency=medium
* linux-aws: 4.4.0-1041.44 -proposed tracker (LP: #1822832)
* Packaging resync (LP: #1786013)
- [Packaging] resync git-ubuntu-log
[ Ubuntu: 4.4.0-146.172 ]
* linux: 4.4.0-146.172 -proposed tracker (LP: #1822834)
* Packaging resync (LP: #1786013)
- [Packaging] update helper scripts
- [Packaging] resync retpoline extraction
* 3b080b2564287be91605bfd1d5ee985696e61d3c in ubuntu_btrfs_kernel_fixes
triggers system hang on i386 (LP: #1812845)
- btrfs: raid56: properly unmap parity page in finish_parity_scrub()
* Xenial update: 4.4.177 upstream stable release (LP: #1822271)
- ceph: avoid repeatedly adding inode to mdsc->snap_flush_list
- numa: change get_mempolicy() to use nr_node_ids instead of MAX_NUMNODES
- KEYS: allow reaching the keys quotas exactly
- mfd: ti_am335x_tscadc: Use PLATFORM_DEVID_AUTO while registering mfd cells
- mfd: twl-core: Fix section annotations on {,un}protect_pm_master
- mfd: db8500-prcmu: Fix some section annotations
- mfd: ab8500-core: Return zero in get_register_interruptible()
- mfd: qcom_rpm: write fw_version to CTRL_REG
- mfd: wm5110: Add missing ASRC rate register
- mfd: mc13xxx: Fix a missing check of a register-read failure
- net: hns: Fix use after free identified by SLUB debug
- MIPS: ath79: Enable OF serial ports in the default config
- scsi: qla4xxx: check return code of qla4xxx_copy_from_fwddb_param
- scsi: isci: initialize shost fully before calling scsi_add_host()
- MIPS: jazz: fix 64bit build
- isdn: i4l: isdn_tty: Fix some concurrency double-free bugs
- atm: he: fix sign-extension overflow on large shift
- leds: lp5523: fix a missing check of return value of lp55xx_read
- isdn: avm: Fix string plus integer warning from Clang
- RDMA/srp: Rework SCSI device reset handling
- KEYS: user: Align the payload buffer
- KEYS: always initialize keyring_index_key::desc_len
- batman-adv: fix uninit-value in batadv_interface_tx()
- net/packet: fix 4gb buffer limit due to overflow check
- team: avoid complex list operations in team_nl_cmd_options_set()
- sit: check if IPv6 enabled before calling ip6_err_gen_icmpv6_unreach()
- net/mlx4_en: Force CHECKSUM_NONE for short ethernet frames
- ARCv2: Enable unaligned access in early ASM code
- Revert "bridge: do not add port to router list when receives query with
source 0.0.0.0"
- libceph: handle an empty authorize reply
- drm/msm: Unblock writer if reader closes file
- ASoC: Intel: Haswell/Broadwell: fix setting for .dynamic field
- ALSA: compress: prevent potential divide by zero bugs
- thermal: int340x_thermal: Fix a NULL vs IS_ERR() check
- usb: dwc3: gadget: Fix the uninitialized link_state when udc starts
- usb: gadget: Potential NULL dereference on allocation error
- ASoC: dapm: change snprintf to scnprintf for possible overflow
- ASoC: imx-audmux: change snprintf to scnprintf for possible overflow
- ARC: fix __ffs return value to avoid build warnings
- mac80211: fix miscounting of ttl-dropped frames
- serial: fsl_lpuart: fix maximum acceptable baud rate with over-sampling
- scsi: csiostor: fix NULL pointer dereference in csio_vport_set_state()
- net: altera_tse: fix connect_local_phy error path
- ibmveth: Do not process frames after calling napi_reschedule
- mac80211: don't initiate TDLS connection if station is not associated to AP
- cfg80211: extend range deviation for DMG
- KVM: nSVM: clear events pending from svm_complete_interrupts() when exiting
to L1
- arm/arm64: KVM: Feed initialized memory to MMIO accesses
- KVM: arm/arm64: Fix MMIO emulation data handling
- powerpc: Always initialize input array when calling epapr_hypercall()
- mmc: spi: Fix card detection during probe
- x86/uaccess: Don't leak the AC flag into __put_user() value evaluation
- USB: serial: option: add Telit ME910 ECM composition
- USB: serial: cp210x: add ID for Ingenico 3070
- USB: serial: ftdi_sio: add ID for Hjelmslund Electronics USB485
- cpufreq: Use struct kobj_attribute instead of struct global_attr
- sockfs: getxattr: Fail with -EOPNOTSUPP for invalid attribute names
- ncpfs: fix build warning of strncpy
- isdn: isdn_tty: fix build warning of strncpy
- staging: lustre: fix buffer overflow of string buffer
- net-sysfs: Fix mem leak in netdev_register_kobject
- team: Free BPF filter when unregistering netdev
- bnxt_en: Drop oversize TX packets to prevent errors.
- net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails
- xen-netback: fix occasional leak of grant ref mappings under memory pressure
- net: Add __icmp_send helper.
- net: avoid use IPCB in cipso_v4_error
- net: phy: Micrel KSZ8061: link failure after cable connect
- x86/CPU/AMD: Set the CPB bit unconditionally on F17h
- applicom: Fix potential Spectre v1 vulnerabilities
- MIPS: irq: Allocate accurate order pages for irq stack
- hugetlbfs: fix races and page leaks during migration
- netlabel: fix out-of-bounds memory accesses
- net: dsa: mv88e6xxx: Fix u64 statistics
- ip6mr: Do not call __IP6_INC_STATS() from preemptible context
- media: uvcvideo: Fix 'type' check leading to overflow
- vti4: Fix a ipip packet processing bug in 'IPCOMP' virtual tunnel
- perf tools: Handle TOPOLOGY headers with no CPU
- IB/{hfi1, qib}: Fix WC.byte_len calculation for UD_SEND_WITH_IMM
- ipvs: Fix signed integer overflow when setsockopt timeout
- iommu/amd: Fix IOMMU page flush when detach device from a domain
- xtensa: SMP: fix ccount_timer_shutdown
- xtensa: SMP: fix secondary CPU initialization
- xtensa: smp_lx200_defconfig: fix vectors clash
- xtensa: SMP: mark each possible CPU as present
- xtensa: SMP: limit number of possible CPUs by NR_CPUS
- net: altera_tse: fix msgdma_tx_completion on non-zero fill_level case
- net: hns: Fix wrong read accesses via Clause 45 MDIO protocol
- net: stmmac: dwmac-rk: fix error handling in rk_gmac_powerup()
- gpio: vf610: Mask all GPIO interrupts
- nfs: Fix NULL pointer dereference of dev_name
- scsi: libfc: free skb when receiving invalid flogi resp
- platform/x86: Fix unmet dependency warning for SAMSUNG_Q10
- cifs: fix computation for MAX_SMB2_HDR_SIZE
- x86/kexec: Don't setup EFI info if EFI runtime is not enabled
- x86_64: increase stack size for KASAN_EXTRA
- mm, memory_hotplug: is_mem_section_removable do not pass the end of a zone
- mm, memory_hotplug: test_pages_in_a_zone do not pass the end of zone
- fs/drop_caches.c: avoid softlockups in drop_pagecache_sb()
- autofs: drop dentry reference only when it is never used
- autofs: fix error return in autofs_fill_super()
- ARM: pxa: ssp: unneeded to free devm_ allocated data
- irqchip/mmp: Only touch the PJ4 IRQ & FIQ bits on enable/disable
- dmaengine: at_xdmac: Fix wrongfull report of a channel as in use
- dmaengine: dmatest: Abort test in case of mapping error
- s390/qeth: fix use-after-free in error path
- perf symbols: Filter out hidden symbols from labels
- MIPS: Remove function size check in get_frame_info()
- Input: wacom_serial4 - add support for Wacom ArtPad II tablet
- Input: elan_i2c - add id for touchpad found in Lenovo s21e-20
- iscsi_ibft: Fix missing break in switch statement
- futex,rt_mutex: Restructure rt_mutex_finish_proxy_lock()
- ARM: dts: exynos: Add minimal clkout parameters to Exynos3250 PMU
- Revert "x86/platform/UV: Use efi_runtime_lock to serialise BIOS calls"
- ARM: dts: exynos: Do not ignore real-world fuse values for thermal zone 0 on
Exynos5420
- udplite: call proper backlog handlers
- netfilter: x_tables: enforce nul-terminated table name from getsockopt
GET_ENTRIES
- netfilter: nfnetlink_log: just returns error for unknown command
- netfilter: nfnetlink_acct: validate NFACCT_FILTER parameters
- netfilter: nf_conntrack_tcp: Fix stack out of bounds when parsing TCP
options
- KEYS: restrict /proc/keys by credentials at open time
- l2tp: fix infoleak in l2tp_ip6_recvmsg()
- net: hsr: fix memory leak in hsr_dev_finalize()
- net: sit: fix UBSAN Undefined behaviour in check_6rd
- net/x25: fix use-after-free in x25_device_event()
- net/x25: reset state in x25_connect()
- pptp: dst_release sk_dst_cache in pptp_sock_destruct
- ravb: Decrease TxFIFO depth of Q3 and Q2 to one
- route: set the deleted fnhe fnhe_daddr to 0 in ip_del_fnhe to fix a race
- tcp: handle inet_csk_reqsk_queue_add() failures
- net/mlx4_core: Fix reset flow when in command polling mode
- net/mlx4_core: Fix qp mtt size calculation
- net/x25: fix a race in x25_bind()
- mdio_bus: Fix use-after-free on device_register fails
- net: Set rtm_table to RT_TABLE_COMPAT for ipv6 for tables > 255
- missing barriers in some of unix_sock ->addr and ->path accesses
- ipvlan: disallow userns cap_net_admin to change global mode/flags
- vxlan: test dev->flags & IFF_UP before calling gro_cells_receive()
- vxlan: Fix GRO cells race condition between receive and link delete
- net/hsr: fix possible crash in add_timer()
- gro_cells: make sure device is up in gro_cells_receive()
- tcp/dccp: remove reqsk_put() from inet_child_forget()
- ALSA: bebob: use more identical mod_alias for Saffire Pro 10 I/O against
Liquid Saffire 56
- fs/9p: use fscache mutex rather than spinlock
- It's wrong to add len to sector_nr in raid10 reshape twice
- media: videobuf2-v4l2: drop WARN_ON in vb2_warn_zero_bytesused()
- 9p: use inode->i_lock to protect i_size_write() under 32-bit
- 9p/net: fix memory leak in p9_client_create
- ASoC: fsl_esai: fix register setting issue in RIGHT_J mode
- stm class: Fix an endless loop in channel allocation
- crypto: caam - fixed handling of sg list
- crypto: ahash - fix another early termination in hash walk
- gpu: ipu-v3: Fix i.MX51 CSI control registers offset
- gpu: ipu-v3: Fix CSI offsets for imx53
- s390/dasd: fix using offset into zero size array error
- ARM: OMAP2+: Variable "reg" in function omap4_dsi_mux_pads() could be
uninitialized
- Input: matrix_keypad - use flush_delayed_work()
- i2c: cadence: Fix the hold bit setting
- Input: st-keyscan - fix potential zalloc NULL dereference
- ARM: 8824/1: fix a migrating irq bug when hotplug cpu
- assoc_array: Fix shortcut creation
- net: systemport: Fix reception of BPDUs
- pinctrl: meson: meson8b: fix the sdxc_a data 1..3 pins
- net: mv643xx_eth: disable clk on error path in mv643xx_eth_shared_probe()
- ASoC: topology: free created components in tplg load error
- arm64: Relax GIC version check during early boot
- tmpfs: fix link accounting when a tmpfile is linked in
- ARC: uacces: remove lp_start, lp_end from clobber list
- phonet: fix building with clang
- mac80211_hwsim: propagate genlmsg_reply return code
- net: set static variable an initial value in atl2_probe()
- tmpfs: fix uninitialized return value in shmem_link
- stm class: Prevent division by zero
- crypto: arm64/aes-ccm - fix logical bug in AAD MAC handling
- CIFS: Fix read after write for files with read caching
- tracing: Do not free iter->trace in fail path of tracing_open_pipe()
- ACPI / device_sysfs: Avoid OF modalias creation for removed device
- regulator: s2mps11: Fix steps for buck7, buck8 and LDO35
- regulator: s2mpa01: Fix step values for some LDOs
- clocksource/drivers/exynos_mct: Move one-shot check from tick clear to ISR
- clocksource/drivers/exynos_mct: Clear timer interrupt when shutdown
- s390/virtio: handle find on invalid queue gracefully
- scsi: virtio_scsi: don't send sc payload with tmfs
- scsi: target/iscsi: Avoid iscsit_release_commands_from_conn() deadlock
- m68k: Add -ffreestanding to CFLAGS
- btrfs: ensure that a DUP or RAID1 block group has exactly two stripes
- Btrfs: fix corruption reading shared and compressed extents after hole
punching
- crypto: pcbc - remove bogus memcpy()s with src == dest
- cpufreq: tegra124: add missing of_node_put()
- cpufreq: pxa2xx: remove incorrect __init annotation
- ext4: fix crash during online resizing
- ext2: Fix underflow in ext2_max_size()
- clk: ingenic: Fix round_rate misbehaving with non-integer dividers
- dmaengine: usb-dmac: Make DMAC system sleep callbacks explicit
- mm/vmalloc: fix size check for remap_vmalloc_range_partial()
- kernel/sysctl.c: add missing range check in do_proc_dointvec_minmax_conv
- intel_th: Don't reference unassigned outputs
- parport_pc: fix find_superio io compare code, should use equal test.
- i2c: tegra: fix maximum transfer size
- perf bench: Copy kernel files needed to build mem{cpy,set} x86_64 benchmarks
- serial: 8250_pci: Fix number of ports for ACCES serial cards
- serial: 8250_pci: Have ACCES cards that use the four port Pericom PI7C9X7954
chip use the pci_pericom_setup()
- jbd2: clear dirty flag when revoking a buffer from an older transaction
- jbd2: fix compile warning when using JBUFFER_TRACE
- powerpc/32: Clear on-stack exception marker upon exception return
- powerpc/wii: properly disable use of BATs when requested.
- powerpc/powernv: Make opal log only readable by root
- powerpc/83xx: Also save/restore SPRG4-7 during suspend
- ARM: s3c24xx: Fix boolean expressions in osiris_dvs_notify
- dm: fix to_sector() for 32bit
- NFS41: pop some layoutget errors to application
- perf intel-pt: Fix CYC timestamp calculation after OVF
- perf auxtrace: Define auxtrace record alignment
- perf intel-pt: Fix overlap calculation for padding
- md: Fix failed allocation of md_register_thread
- NFS: Fix an I/O request leakage in nfs_do_recoalesce
- NFS: Don't recoalesce on error in nfs_pageio_complete_mirror()
- nfsd: fix memory corruption caused by readdir
- nfsd: fix wrong check in write_v4_end_grace()
- PM / wakeup: Rework wakeup source timer cancellation
- rcu: Do RCU GP kthread self-wakeup from softirq and interrupt
- media: uvcvideo: Avoid NULL pointer dereference at the end of streaming
- drm/radeon/evergreen_cs: fix missing break in switch statement
- KVM: nVMX: Sign extend displacements of VMX instr's mem operands
- KVM: nVMX: Ignore limit checks on VMX instructions using flat segments
- KVM: X86: Fix residual mmio emulation request to userspace
- Linux 4.4.177
* sky2 ethernet card doesn't work after returning from suspend
(LP: #1807259) // sky2 ethernet card link not up after suspend
(LP: #1809843) // Xenial update: 4.4.177 upstream stable release
(LP: #1822271)
- sky2: Disable MSI on Dell Inspiron 1545 and Gateway P-79
* [CONFIG] please enable highdpi font FONT_TER16x32 (LP: #1819881)
- lib/fonts/Kconfig: keep non-Sparc fonts listed together
- Fonts: New Terminus large console font
- [Config]: enable highdpi Terminus 16x32 font support
* Hard lockup in 2 CPUs due to deadlock in cpu_stoppers (LP: #1821259)
- stop_machine, sched: Fix migrate_swap() vs. active_balance() deadlock
- stop_machine: Disable preemption when waking two stopper threads
- stop_machine: Disable preemption after queueing stopper threads
- stop_machine: Atomically queue and wake stopper threads
[ Ubuntu: 4.4.0-145.171 ]
* linux: 4.4.0-145.171 -proposed tracker (LP: #1821724)
* linux-generic should depend on linux-base >=4.1 (LP: #1820419)
- [Packaging] Fix linux-base dependency
-- Connor Kuehl <email address hidden> Tue, 09 Apr 2019 09:57:37 -0700
-
linux-aws (4.4.0-1040.43) trusty; urgency=medium
* linux-aws: 4.4.0-1040.43 -proposed tracker (LP: #1819658)
* CONFIG_CIFS_POSIX=y needs to added to trusty/aws kernel config
(LP: #1820158)
- Revert "UBUNTU: [Config] Remove CONFIG_CIFS_POSIX=y"
[ Ubuntu: 4.4.0-144.170 ]
* linux: 4.4.0-144.170 -proposed tracker (LP: #1819660)
* Packaging resync (LP: #1786013)
- [Packaging] resync getabis
- [Packaging] update helper scripts
- [Packaging] resync retpoline extraction
* C++ demangling support missing from perf (LP: #1396654)
- [Packaging] fix a mistype
* CVE-2019-9213
- mm: enforce min addr even if capable() in expand_downwards()
* CVE-2019-3460
- Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt
* Xenial update: 4.4.176 upstream stable release (LP: #1818815)
- net: fix IPv6 prefix route residue
- vsock: cope with memory allocation failure at socket creation time
- hwmon: (lm80) Fix missing unlock on error in set_fan_div()
- net: Fix for_each_netdev_feature on Big endian
- net: Add header for usage of fls64()
- tcp: tcp_v4_err() should be more careful
- net: Do not allocate page fragments that are not skb aligned
- tcp: clear icsk_backoff in tcp_write_queue_purge()
- vxlan: test dev->flags & IFF_UP before calling netif_rx()
- net: stmmac: Fix a race in EEE enable callback
- net: ipv4: use a dedicated counter for icmp_v4 redirect packets
- x86: livepatch: Treat R_X86_64_PLT32 as R_X86_64_PC32
- mfd: as3722: Handle interrupts on suspend
- mfd: as3722: Mark PM functions as __maybe_unused
- net/x25: do not hold the cpu too long in x25_new_lci()
- mISDN: fix a race in dev_expire_timer()
- ax25: fix possible use-after-free
- Linux 4.4.176
* sky2 ethernet card don't work after returning from suspension
(LP: #1798921) // Xenial update: 4.4.176 upstream stable release
(LP: #1818815)
- sky2: Increase D3 delay again
* Xenial update: 4.4.175 upstream stable release (LP: #1818813)
- drm/bufs: Fix Spectre v1 vulnerability
- staging: iio: adc: ad7280a: handle error from __ad7280_read32()
- ASoC: Intel: mrfld: fix uninitialized variable access
- scsi: lpfc: Correct LCB RJT handling
- ARM: 8808/1: kexec:offline panic_smp_self_stop CPU
- dlm: Don't swamp the CPU with callbacks queued during recovery
- x86/PCI: Fix Broadcom CNB20LE unintended sign extension (redux)
- powerpc/pseries: add of_node_put() in dlpar_detach_node()
- serial: fsl_lpuart: clear parity enable bit when disable parity
- ptp: check gettime64 return code in PTP_SYS_OFFSET ioctl
- staging:iio:ad2s90: Make probe handle spi_setup failure
- staging: iio: ad7780: update voltage on read
- ARM: OMAP2+: hwmod: Fix some section annotations
- modpost: validate symbol names also in find_elf_symbol
- perf tools: Add Hygon Dhyana support
- soc/tegra: Don't leak device tree node reference
- f2fs: move dir data flush to write checkpoint process
- f2fs: fix wrong return value of f2fs_acl_create
- sunvdc: Do not spin in an infinite loop when vio_ldc_send() returns EAGAIN
- nfsd4: fix crash on writing v4_end_grace before nfsd startup
- arm64: ftrace: don't adjust the LR value
- ARM: dts: mmp2: fix TWSI2
- x86/fpu: Add might_fault() to user_insn()
- media: DaVinci-VPBE: fix error handling in vpbe_initialize()
- smack: fix access permissions for keyring
- usb: hub: delay hub autosuspend if USB3 port is still link training
- timekeeping: Use proper seqcount initializer
- ARM: dts: Fix OMAP4430 SDP Ethernet startup
- mips: bpf: fix encoding bug for mm_srlv32_op
- iommu/arm-smmu-v3: Use explicit mb() when moving cons pointer
- sata_rcar: fix deferred probing
- clk: imx6sl: ensure MMDC CH0 handshake is bypassed
- cpuidle: big.LITTLE: fix refcount leak
- i2c-axxia: check for error conditions first
- udf: Fix BUG on corrupted inode
- ARM: pxa: avoid section mismatch warning
- ASoC: fsl: Fix SND_SOC_EUKREA_TLV320 build error on i.MX8M
- memstick: Prevent memstick host from getting runtime suspended during card
detection
- tty: serial: samsung: Properly set flags in autoCTS mode
- arm64: KVM: Skip MMIO insn after emulation
- powerpc/uaccess: fix warning/error with access_ok()
- mac80211: fix radiotap vendor presence bitmap handling
- xfrm6_tunnel: Fix spi check in __xfrm6_tunnel_alloc_spi
- Bluetooth: Fix unnecessary error message for HCI request completion
- cw1200: Fix concurrency use-after-free bugs in cw1200_hw_scan()
- drbd: narrow rcu_read_lock in drbd_sync_handshake
- drbd: disconnect, if the wrong UUIDs are attached on a connected peer
- drbd: skip spurious timeout (ping-timeo) when failing promote
- drbd: Avoid Clang warning about pointless switch statment
- video: clps711x-fb: release disp device node in probe()
- fbdev: fbmem: behave better with small rotated displays and many CPUs
- fbdev: fbcon: Fix unregister crash when more than one framebuffer
- KVM: x86: svm: report MSR_IA32_MCG_EXT_CTL as unsupported
- NFS: nfs_compare_mount_options always compare auth flavors.
- hwmon: (lm80) fix a missing check of the status of SMBus read
- hwmon: (lm80) fix a missing check of bus read in lm80 probe
- seq_buf: Make seq_buf_puts() null-terminate the buffer
- crypto: ux500 - Use proper enum in cryp_set_dma_transfer
- crypto: ux500 - Use proper enum in hash_set_dma_transfer
- cifs: check ntwrk_buf_start for NULL before dereferencing it
- um: Avoid marking pages with "changed protection"
- niu: fix missing checks of niu_pci_eeprom_read
- scripts/decode_stacktrace: only strip base path when a prefix of the path
- ocfs2: don't clear bh uptodate for block read
- isdn: hisax: hfc_pci: Fix a possible concurrency use-after-free bug in
HFCPCI_l1hw()
- gdrom: fix a memory leak bug
- block/swim3: Fix -EBUSY error when re-opening device after unmount
- HID: lenovo: Add checks to fix of_led_classdev_register
- kernel/hung_task.c: break RCU locks based on jiffies
- fs/epoll: drop ovflist branch prediction
- exec: load_script: don't blindly truncate shebang string
- thermal: hwmon: inline helpers when CONFIG_THERMAL_HWMON is not set
- test_hexdump: use memcpy instead of strncpy
- tipc: use destination length for copy string
- string: drop __must_check from strscpy() and restore strscpy() usages in
cgroup
- dccp: fool proof ccid_hc_[rt]x_parse_options()
- enic: fix checksum validation for IPv6
- net: dp83640: expire old TX-skb
- skge: potential memory corruption in skge_get_regs()
- net: systemport: Fix WoL with password after deep sleep
- net: dsa: slave: Don't propagate flag changes on down slave interfaces
- ALSA: compress: Fix stop handling on compressed capture streams
- ALSA: hda - Serialize codec registrations
- fuse: call pipe_buf_release() under pipe lock
- fuse: decrement NR_WRITEBACK_TEMP on the right page
- fuse: handle zero sized retrieve correctly
- dmaengine: imx-dma: fix wrong callback invoke
- usb: phy: am335x: fix race condition in _probe
- usb: gadget: udc: net2272: Fix bitwise and boolean operations
- perf/x86/intel/uncore: Add Node ID mask
- x86/MCE: Initialize mce.bank in the case of a fatal error in
mce_no_way_out()
- perf/core: Don't WARN() for impossible ring-buffer sizes
- perf tests evsel-tp-sched: Fix bitwise operator
- mtd: rawnand: gpmi: fix MX28 bus master lockup problem
- signal: Always notice exiting tasks
- signal: Better detection of synchronous signals
- misc: vexpress: Off by one in vexpress_syscfg_exec()
- debugfs: fix debugfs_rename parameter checking
- mips: cm: reprime error cause
- MIPS: OCTEON: don't set octeon_dma_bar_type if PCI is disabled
- MIPS: VDSO: Include $(ccflags-vdso) in o32,n32 .lds builds
- ARM: iop32x/n2100: fix PCI IRQ mapping
- mac80211: ensure that mgmt tx skbs have tailroom for encryption
- drm/modes: Prevent division by zero htotal
- drm/vmwgfx: Fix setting of dma masks
- drm/vmwgfx: Return error code from vmw_execbuf_copy_fence_user
- HID: debug: fix the ring buffer implementation
- NFC: nxp-nci: Include unaligned.h instead of access_ok.h
- Revert "cifs: In Kconfig CONFIG_CIFS_POSIX needs depends on legacy (insecure
cifs)"
- Revert "UBUNTU: [Config] Remove CONFIG_CIFS_POSIX=y"
- libceph: avoid KEEPALIVE_PENDING races in ceph_con_keepalive()
- xfrm: refine validation of template and selector families
- batman-adv: Avoid WARN on net_device without parent in netns
- batman-adv: Force mac header to start of data on xmit
- Revert "exec: load_script: don't blindly truncate shebang string"
- uapi/if_ether.h: prevent redefinition of struct ethhdr
- ARM: dts: da850-evm: Correct the sound card name
- ARM: dts: kirkwood: Fix polarity of GPIO fan lines
- gpio: pl061: handle failed allocations
- cifs: Limit memory used by lock request calls to a page
- Documentation/network: reword kernel version reference
- Revert "Input: elan_i2c - add ACPI ID for touchpad in ASUS Aspire F5-573G"
- Input: elan_i2c - add ACPI ID for touchpad in Lenovo V330-15ISK
- perf/core: Fix impossible ring-buffer sizes warning
- ALSA: hda - Add quirk for HP EliteBook 840 G5
- ALSA: usb-audio: Fix implicit fb endpoint setup by quirk
- Input: bma150 - register input device after setting private data
- Input: elantech - enable 3rd button support on Fujitsu CELSIUS H780
- alpha: fix page fault handling for r16-r18 targets
- alpha: Fix Eiger NR_IRQS to 128
- tracing/uprobes: Fix output for multiple string arguments
- x86/platform/UV: Use efi_runtime_lock to serialise BIOS calls
- signal: Restore the stop PTRACE_EVENT_EXIT
- x86/a.out: Clear the dump structure initially
- dm thin: fix bug where bio that overwrites thin block ignores FUA
- smsc95xx: Use skb_cow_head to deal with cloned skbs
- ch9200: use skb_cow_head() to deal with cloned skbs
- kaweth: use skb_cow_head() to deal with cloned skbs
- usb: dwc2: Remove unnecessary kfree
- pinctrl: msm: fix gpio-hog related boot issues
- uapi/if_ether.h: move __UAPI_DEF_ETHHDR libc define
- Linux 4.4.175
* Xenial update: 4.4.174 upstream stable release (LP: #1818806)
- inet: frags: change inet_frags_init_net() return value
- inet: frags: add a pointer to struct netns_frags
- inet: frags: refactor ipfrag_init()
- inet: frags: refactor ipv6_frag_init()
- inet: frags: refactor lowpan_net_frag_init()
- rhashtable: add rhashtable_lookup_get_insert_key()
- rhashtable: Add rhashtable_lookup()
- rhashtable: add schedule points
- inet: frags: use rhashtables for reassembly units
- net: ieee802154: 6lowpan: fix frag reassembly
- ipfrag: really prevent allocation on netns exit
- inet: frags: remove some helpers
- inet: frags: get rif of inet_frag_evicting()
- inet: frags: remove inet_frag_maybe_warn_overflow()
- inet: frags: break the 2GB limit for frags storage
- inet: frags: do not clone skb in ip_expire()
- ipv6: frags: rewrite ip6_expire_frag_queue()
- rhashtable: reorganize struct rhashtable layout
- inet: frags: reorganize struct netns_frags
- inet: frags: get rid of ipfrag_skb_cb/FRAG_CB
- inet: frags: fix ip6frag_low_thresh boundary
- ip: discard IPv4 datagrams with overlapping segments.
- net: modify skb_rbtree_purge to return the truesize of all purged skbs.
- ipv6: defrag: drop non-last frags smaller than min mtu
- net: pskb_trim_rcsum() and CHECKSUM_COMPLETE are friends
- ip: use rb trees for IP frag queue.
- ip: add helpers to process in-order fragments faster.
- ip: process in-order fragments efficiently
- ip: frags: fix crash in ip_do_fragment()
- ipv4: frags: precedence bug in ip_expire()
- inet: frags: better deal with smp races
- net: fix pskb_trim_rcsum_slow() with odd trim offset
- net: ipv4: do not handle duplicate fragments as overlapping
- rcu: Force boolean subscript for expedited stall warnings
- Linux 4.4.174
* Xenial update: 4.4.173 upstream stable release (LP: #1818803)
- net: Fix usage of pskb_trim_rcsum
- openvswitch: Avoid OOB read when parsing flow nlattrs
- net: ipv4: Fix memory leak in network namespace dismantle
- net_sched: refetch skb protocol for each filter
- net: bridge: Fix ethernet header pointer before check skb forwardable
- USB: serial: simple: add Motorola Tetra TPG2200 device id
- USB: serial: pl2303: add new PID to support PL2303TB
- ASoC: atom: fix a missing check of snd_pcm_lib_malloc_pages
- ARC: perf: map generic branches to correct hardware condition
- s390/early: improve machine detection
- s390/smp: fix CPU hotplug deadlock with CPU rescan
- char/mwave: fix potential Spectre v1 vulnerability
- staging: rtl8188eu: Add device code for D-Link DWA-121 rev B1
- tty: Handle problem if line discipline does not have receive_buf
- tty/n_hdlc: fix __might_sleep warning
- CIFS: Fix possible hang during async MTU reads and writes
- Input: xpad - add support for SteelSeries Stratus Duo
- KVM: x86: Fix single-step debugging
- x86/kaslr: Fix incorrect i8254 outb() parameters
- can: dev: __can_get_echo_skb(): fix bogous check for non-existing skb by
removing it
- can: bcm: check timer values before ktime conversion
- vt: invoke notifier on screen size change
- perf unwind: Unwind with libdw doesn't take symfs into account
- perf unwind: Take pgoff into account when reporting elf to libdwfl
- irqchip/gic-v3-its: Align PCI Multi-MSI allocation on their size
- arm64: mm: remove page_mapping check in __sync_icache_dcache
- f2fs: read page index before freeing
- Revert "loop: Fix double mutex_unlock(&loop_ctl_mutex) in
loop_control_ioctl()"
- Revert "loop: Get rid of loop_index_mutex"
- Revert "loop: Fold __loop_release into loop_release"
- s390/smp: Fix calling smp_call_ipl_cpu() from ipl CPU
- fs: add the fsnotify call to vfs_iter_write
- ipv6: Consider sk_bound_dev_if when binding a socket to an address
- l2tp: copy 4 more bytes to linear part if necessary
- net/mlx4_core: Add masking for a few queries on HCA caps
- netrom: switch to sock timer API
- net/rose: fix NULL ax25_cb kernel panic
- ucc_geth: Reset BQL queue when stopping device
- l2tp: remove l2specific_len dependency in l2tp_core
- l2tp: fix reading optional fields of L2TPv3
- CIFS: Do not count -ENODATA as failure for query directory
- fs/dcache: Fix incorrect nr_dentry_unused accounting in shrink_dcache_sb()
- ARM: cns3xxx: Fix writing to wrong PCI config registers after alignment
- arm64: hyp-stub: Forbid kprobing of the hyp-stub
- gfs2: Revert "Fix loop in gfs2_rbm_find"
- platform/x86: asus-nb-wmi: Map 0x35 to KEY_SCREENLOCK
- platform/x86: asus-nb-wmi: Drop mapping of 0x33 and 0x34 scan codes
- mmc: sdhci-iproc: handle mmc_of_parse() errors during probe
- kernel/exit.c: release ptraced tasks before zap_pid_ns_processes
- mm, oom: fix use-after-free in oom_kill_process
- cifs: Always resolve hostname before reconnecting
- drivers: core: Remove glue dirs from sysfs earlier
- mm: migrate: don't rely on __PageMovable() of newpage after unlocking it
- fs: don't scan the inode cache before SB_BORN is set
- Linux 4.4.173
* Xenial update: 4.4.172 upstream stable release (LP: #1818797)
- tty/ldsem: Wake up readers after timed out down_write()
- can: gw: ensure DLC boundaries after CAN frame modification
- f2fs: clean up argument of recover_data
- f2fs: cover more area with nat_tree_lock
- f2fs: move sanity checking of cp into get_valid_checkpoint
- f2fs: fix to convert inline directory correctly
- f2fs: give -EINVAL for norecovery and rw mount
- f2fs: remove an obsolete variable
- f2fs: factor out fsync inode entry operations
- f2fs: fix inode cache leak
- f2fs: fix to avoid reading out encrypted data in page cache
- f2fs: not allow to write illegal blkaddr
- f2fs: avoid unneeded loop in build_sit_entries
- f2fs: use crc and cp version to determine roll-forward recovery
- f2fs: introduce get_checkpoint_version for cleanup
- f2fs: put directory inodes before checkpoint in roll-forward recovery
- f2fs: fix to determine start_cp_addr by sbi->cur_cp_pack
- f2fs: detect wrong layout
- f2fs: free meta pages if sanity check for ckpt is failed
- f2fs: fix race condition in between free nid allocator/initializer
- f2fs: return error during fill_super
- f2fs: check blkaddr more accuratly before issue a bio
- f2fs: sanity check on sit entry
- f2fs: enhance sanity_check_raw_super() to avoid potential overflow
- f2fs: clean up with is_valid_blkaddr()
- f2fs: introduce and spread verify_blkaddr
- f2fs: fix to do sanity check with secs_per_zone
- f2fs: fix to do sanity check with user_block_count
- f2fs: Add sanity_check_inode() function
- f2fs: fix to do sanity check with node footer and iblocks
- f2fs: fix to do sanity check with reserved blkaddr of inline inode
- f2fs: fix to do sanity check with block address in main area
- f2fs: fix to do sanity check with block address in main area v2
- f2fs: fix to do sanity check with cp_pack_start_sum
- f2fs: fix invalid memory access
- f2fs: fix missing up_read
- f2fs: fix validation of the block count in sanity_check_raw_super
- media: em28xx: Fix misplaced reset of dev->v4l::field_count
- arm64/kvm: consistently handle host HCR_EL2 flags
- arm64: Don't trap host pointer auth use to EL2
- ipv6: fix kernel-infoleak in ipv6_local_error()
- net: bridge: fix a bug on using a neighbour cache entry without checking its
state
- packet: Do not leak dev refcounts on error exit
- ip: on queued skb use skb_header_pointer instead of pskb_may_pull
- crypto: authencesn - Avoid twice completion call in decrypt path
- crypto: authenc - fix parsing key with misaligned rta_len
- btrfs: wait on ordered extents on abort cleanup
- Yama: Check for pid death before checking ancestry
- scsi: sd: Fix cache_type_store()
- mips: fix n32 compat_ipc_parse_version
- mfd: tps6586x: Handle interrupts on suspend
- Disable MSI also when pcie-octeon.pcie_disable on
- omap2fb: Fix stack memory disclosure
- media: vivid: fix error handling of kthread_run
- media: vivid: set min width/height to a value > 0
- LSM: Check for NULL cred-security on free
- media: vb2: vb2_mmap: move lock up
- sunrpc: handle ENOMEM in rpcb_getport_async
- selinux: fix GPF on invalid policy
- sctp: allocate sctp_sockaddr_entry with kzalloc
- tipc: fix uninit-value in tipc_nl_compat_link_reset_stats
- tipc: fix uninit-value in tipc_nl_compat_bearer_enable
- tipc: fix uninit-value in tipc_nl_compat_link_set
- tipc: fix uninit-value in tipc_nl_compat_name_table_dump
- tipc: fix uninit-value in tipc_nl_compat_doit
- block/loop: Use global lock for ioctl() operation.
- loop: Fold __loop_release into loop_release
- loop: Get rid of loop_index_mutex
- loop: Fix double mutex_unlock(&loop_ctl_mutex) in loop_control_ioctl()
- drm/fb-helper: Ignore the value of fb_var_screeninfo.pixclock
- media: vb2: be sure to unlock mutex on errors
- r8169: Add support for new Realtek Ethernet
- ipv6: Consider sk_bound_dev_if when binding a socket to a v4 mapped address
- ipv6: Take rcu_read_lock in __inet6_bind for mapped addresses
- platform/x86: asus-wmi: Tell the EC the OS will handle the display off
hotkey
- e1000e: allow non-monotonic SYSTIM readings
- writeback: don't decrement wb->refcnt if !wb->bdi
- MIPS: SiByte: Enable swiotlb for SWARM, LittleSur and BigSur
- arm64: perf: set suppress_bind_attrs flag to true
- jffs2: Fix use of uninitialized delayed_work, lockdep breakage
- pstore/ram: Do not treat empty buffers as valid
- powerpc/pseries/cpuidle: Fix preempt warning
- media: firewire: Fix app_info parameter type in avc_ca{,_app}_info
- net: call sk_dst_reset when set SO_DONTROUTE
- scsi: target: use consistent left-aligned ASCII INQUIRY data
- clk: imx6q: reset exclusive gates on init
- kconfig: fix file name and line number of warn_ignored_character()
- kconfig: fix memory leak when EOF is encountered in quotation
- mmc: atmel-mci: do not assume idle after atmci_request_end
- perf intel-pt: Fix error with config term "pt=0"
- perf svghelper: Fix unchecked usage of strncpy()
- perf parse-events: Fix unchecked usage of strncpy()
- dm kcopyd: Fix bug causing workqueue stalls
- dm snapshot: Fix excessive memory usage and workqueue stalls
- ALSA: bebob: fix model-id of unit for Apogee Ensemble
- sysfs: Disable lockdep for driver bind/unbind files
- scsi: megaraid: fix out-of-bound array accesses
- ocfs2: fix panic due to unrecovered local alloc
- mm/page-writeback.c: don't break integrity writeback on ->writepage() error
- mm, proc: be more verbose about unstable VMA flags in /proc/<pid>/smaps
- net: speed up skb_rbtree_purge()
- ipmi:ssif: Fix handling of multi-part return messages
- Linux 4.4.172
* Xenial update: 4.4.171 upstream stable release (LP: #1818237)
- ALSA: hda/realtek - Disable headset Mic VREF for headset mode of ALC225
- btrfs: cleanup, stop casting for extent_map->lookup everywhere
- btrfs: Enhance chunk validation check
- Btrfs: add validadtion checks for chunk loading
- Btrfs: check inconsistence between chunk and block group
- Btrfs: fix em leak in find_first_block_group
- Btrfs: detect corruption when non-root leaf has zero item
- Btrfs: check btree node's nritems
- Btrfs: fix BUG_ON in btrfs_mark_buffer_dirty
- Btrfs: memset to avoid stale content in btree node block
- Btrfs: improve check_node to avoid reading corrupted nodes
- Btrfs: kill BUG_ON in run_delayed_tree_ref
- Btrfs: memset to avoid stale content in btree leaf
- Btrfs: fix emptiness check for dirtied extent buffers at check_leaf()
- btrfs: struct-funcs, constify readers
- btrfs: Refactor check_leaf function for later expansion
- btrfs: Check if item pointer overlaps with the item itself
- btrfs: Add sanity check for EXTENT_DATA when reading out leaf
- btrfs: Add checker for EXTENT_CSUM
- btrfs: Move leaf and node validation checker to tree-checker.c
- btrfs: tree-checker: Enhance btrfs_check_node output
- btrfs: tree-checker: Fix false panic for sanity test
- btrfs: tree-checker: Add checker for dir item
- btrfs: tree-checker: use %zu format string for size_t
- btrfs: tree-check: reduce stack consumption in check_dir_item
- btrfs: tree-checker: Verify block_group_item
- btrfs: tree-checker: Detect invalid and empty essential trees
- btrfs: validate type when reading a chunk
- btrfs: Check that each block group has corresponding chunk at mount time
- btrfs: Verify that every chunk has corresponding block group at mount time
- btrfs: tree-checker: Check level for leaves and nodes
- btrfs: tree-checker: Fix misleading group system information
- CIFS: Do not hide EINTR after sending network packets
- cifs: Fix potential OOB access of lock element array
- usb: cdc-acm: send ZLP for Telit 3G Intel based modems
- USB: storage: don't insert sane sense for SPC3+ when bad sense specified
- USB: storage: add quirk for SMI SM3350
- USB: Add USB_QUIRK_DELAY_CTRL_MSG quirk for Corsair K70 RGB
- slab: alien caches must not be initialized if the allocation of the alien
cache failed
- PCI: altera: Fix altera_pcie_link_is_up()
- PCI: altera: Reorder read/write functions
- PCI: altera: Check link status before retrain link
- PCI: altera: Poll for link up status after retraining the link
- PCI: altera: Poll for link training status after retraining the link
- PCI: altera: Rework config accessors for use without a struct pci_bus
- PCI: altera: Move retrain from fixup to altera_pcie_host_init()
- ACPI: power: Skip duplicate power resource references in _PRx
- i2c: dev: prevent adapter retries and timeout being set as minus value
- crypto: cts - fix crash on short inputs
- ext4: fix a potential fiemap/page fault deadlock w/ inline_data
- sunrpc: use-after-free in svc_process_common()
- Linux 4.4.171
* [Packaging] Allow overlay of config annotations (LP: #1752072)
- [Packaging] config-check: Add an include directive
* CVE-2018-9517
- l2tp: pass tunnel pointer to ->session_create()
* squashfs hardening (LP: #1816756)
- squashfs metadata 2: electric boogaloo
- Squashfs: Compute expected length from inode size rather than block length
* Update ENA driver to version 2.0.3K (LP: #1816806)
- net: ena: update driver version from 2.0.2 to 2.0.3
- net: ena: fix race between link up and device initalization
- net: ena: fix crash during failed resume from hibernation
* bnxt_en_po: TX timed out triggering Netdev Watchdog Timer (LP: #1814095)
- SAUCE: bnxt_en_bpo: Fix TX timeout during netpoll
* CVE-2019-3459
- Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer
* CVE-2019-7222
- KVM: x86: work around leak of uninitialized stack contents (CVE-2019-7222)
* CVE-2019-7221
- KVM: nVMX: unconditionally cancel preemption timer in free_nested
(CVE-2019-7221)
* CVE-2019-6974
- kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)
* Regular D-state processes impacting LXD containers (LP: #1817628)
- mm: do not stall register_shrinker()
* libsas disks can have non-unique by-path names (LP: #1817784)
- scsi: libsas: Fix rphy phy_identifier for PHYs with end devices attached
* Hard lockups due to unrestricted lapic timer delay (LP: #1817918)
- KVM: x86: move nsec_to_cycles from x86.c to x86.h
- KVM: LAPIC: cap __delay at lapic_timer_advance_ns
-- Khalid Elmously <email address hidden> Thu, 21 Mar 2019 00:49:32 -0400
-
linux-aws (4.4.0-1039.42) trusty; urgency=medium
* linux-aws: 4.4.0-1039.42 -proposed tracker (LP: #1814648)
* linux-buildinfo: pull out ABI information into its own package
(LP: #1806380)
- [Packaging] drop redundant = from define statements
- [Config] resync flavour-control.stub
* Xenial update: 4.4.169 upstream stable release (LP: #1811252)
- [Config] aws: Remove CONFIG_CIFS_POSIX=y
* Packaging resync (LP: #1786013)
- [Packaging] update helper scripts
[ Ubuntu: 4.4.0-143.169 ]
* linux: 4.4.0-143.169 -proposed tracker (LP: #1814647)
* x86/kvm: Backport fixup and missing commits (LP: #1811646)
- KVM: x86: avoid vmalloc(0) in the KVM_SET_CPUID
- kvm: nVMX: VMCLEAR an active shadow VMCS after last use
- X86/nVMX: Properly set spec_ctrl and pred_cmd before merging MSRs
- KVM/VMX: Optimize vmx_vcpu_run() and svm_vcpu_run() by marking the RDMSR
path as unlikely()
- kvm: x86: IA32_ARCH_CAPABILITIES is always supported
- KVM: SVM: Add MSR-based feature support for serializing LFENCE
- KVM: X86: Allow userspace to define the microcode version
- KVM: x86: SVM: Call x86_spec_ctrl_set_guest/host() with interrupts disabled
- KVM: VMX: fixes for vmentry_l1d_flush module parameter
- kvm: svm: Ensure an IBPB on all affected CPUs when freeing a vmcb
- kvm: vmx: Scrub hardware GPRs at VM-exit
- SAUCE: [Fix] x86/KVM/VMX: Add L1D flush logic
- SAUCE: KVM: Move code fragments, cleanup and re-indent
* linux-buildinfo: pull out ABI information into its own package
(LP: #1806380)
- [Packaging] limit preparation to linux-libc-dev in headers
- [Packaging] commonise debhelper invocation
- [Packaging] ABI -- accumulate abi information at the end of the build
- [Packaging] buildinfo -- add basic build information
- [Packaging] buildinfo -- add firmware information to the flavour ABI
- [Packaging] buildinfo -- add compiler information to the flavour ABI
- [Packaging] buildinfo -- add buildinfo support to getabis
- [Config] buildinfo -- add retpoline version markers
- [Packaging] getabis -- handle all known package combinations
- [Packaging] getabis -- support parsing a simple version
* signing: only install a signed kernel (LP: #1764794)
- [Packaging] update to Debian like control scripts
- [Packaging] switch to triggers for postinst.d postrm.d handling
- [Packaging] signing -- switch to raw-signing tarballs
- [Packaging] signing -- switch to linux-image as signed when available
- [Packaging] printenv -- add signing options
- [Packaging] fix invocation of header postinst hooks
- [Packaging] signing -- add support for signing Opal kernel binaries
- [Debian] Use src_pkg_name when constructing udeb control files
- [Debian] Dynamically determine linux udebs package name
- [Packaging] handle both linux-lts* and linux-hwe* as backports
- [Config] linux-source-* is in the primary linux namespace
- [Packaging] lookup the upstream tag
- [Packaging] zfs/spl -- enhance provides information
- [Packaging] switch up to debhelper 9
- [Packaging] autopkgtest -- disable d-i when dropping flavours
- [debian] support for ship_extras_package=false
- [Debian] do_common_tools should always be on
- [debian] do not force do_tools_common
- [Packaging] Add linux-tools-host package for VM host tools
- [Packaging] signing should be conditional
- [Packaging] skip cloud tools packaging when not building package
- [Packaging] add acpidbg
- [debian] prep linux-libc-dev only if do_libc_dev_package=true
- [Packaging] Only install cloud init files when do_tools_common=true
* Redpine: Driver crash with network-manager 1.10 and above (LP: #1813869)
- SAUCE: Redpine: enhancement for MAC spoofing to avoid kernel crash
* Guests using IBRS incur a large performance penalty (LP: #1764956)
- SAUCE: Restore the IBRS host state on VMEXIT
* Xenial update: 4.4.170 upstream stable release (LP: #1811647)
- USB: hso: Fix OOB memory access in hso_probe/hso_get_config_data
- xhci: Don't prevent USB2 bus suspend in state check intended for USB3 only
- USB: serial: option: add GosunCn ZTE WeLink ME3630
- USB: serial: option: add HP lt4132
- USB: serial: option: add Simcom SIM7500/SIM7600 (MBIM mode)
- USB: serial: option: add Fibocom NL668 series
- USB: serial: option: add Telit LN940 series
- mmc: core: Reset HPI enabled state during re-init and in case of errors
- mmc: omap_hsmmc: fix DMA API warning
- gpio: max7301: fix driver for use with CONFIG_VMAP_STACK
- Drivers: hv: vmbus: Return -EINVAL for the sys files for unopened channels
- x86/mtrr: Don't copy uninitialized gentry fields back to userspace
- drm/ioctl: Fix Spectre v1 vulnerabilities
- ip6mr: Fix potential Spectre v1 vulnerability
- ipv4: Fix potential Spectre v1 vulnerability
- ax25: fix a use-after-free in ax25_fillin_cb()
- ibmveth: fix DMA unmap error in ibmveth_xmit_start error path
- ieee802154: lowpan_header_create check must check daddr
- ipv6: explicitly initialize udp6_addr in udp_sock_create6()
- isdn: fix kernel-infoleak in capi_unlocked_ioctl
- netrom: fix locking in nr_find_socket()
- packet: validate address length
- packet: validate address length if non-zero
- sctp: initialize sin6_flowinfo for ipv6 addrs in sctp_inet6addr_event
- vhost: make sure used idx is seen before log in vhost_add_used_n()
- VSOCK: Send reset control packet when socket is partially bound
- xen/netfront: tolerate frags with no data
- gro_cell: add napi_disable in gro_cells_destroy
- sock: Make sock->sk_stamp thread-safe
- ALSA: rme9652: Fix potential Spectre v1 vulnerability
- ALSA: emu10k1: Fix potential Spectre v1 vulnerabilities
- ALSA: pcm: Fix potential Spectre v1 vulnerability
- ALSA: emux: Fix potential Spectre v1 vulnerabilities
- ALSA: hda: add mute LED support for HP EliteBook 840 G4
- ALSA: hda/tegra: clear pending irq handlers
- USB: serial: pl2303: add ids for Hewlett-Packard HP POS pole displays
- USB: serial: option: add Fibocom NL678 series
- usb: r8a66597: Fix a possible concurrency use-after-free bug in
r8a66597_endpoint_disable()
- Input: elan_i2c - add ACPI ID for touchpad in ASUS Aspire F5-573G
- KVM: x86: Use jmp to invoke kvm_spurious_fault() from .fixup
- perf pmu: Suppress potential format-truncation warning
- ext4: fix possible use after free in ext4_quota_enable
- ext4: missing unlock/put_page() in ext4_try_to_write_inline_data()
- ext4: fix EXT4_IOC_GROUP_ADD ioctl
- ext4: force inode writes when nfsd calls commit_metadata()
- spi: bcm2835: Fix race on DMA termination
- spi: bcm2835: Fix book-keeping of DMA termination
- spi: bcm2835: Avoid finishing transfer prematurely in IRQ mode
- cdc-acm: fix abnormal DATA RX issue for Mediatek Preloader.
- media: vivid: free bitmap_cap when updating std/timings/etc.
- MIPS: Ensure pmd_present() returns false after pmd_mknotpresent()
- MIPS: Align kernel load address to 64KB
- CIFS: Fix error mapping for SMB2_LOCK command which caused OFD lock problem
- x86/kvm/vmx: do not use vm-exit instruction length for fast MMIO when
running nested
- spi: bcm2835: Unbreak the build of esoteric configs
- powerpc: Fix COFF zImage booting on old powermacs
- ARM: imx: update the cpu power up timing setting on i.mx6sx
- Input: restore EV_ABS ABS_RESERVED
- checkstack.pl: fix for aarch64
- xfrm: Fix bucket count reported to userspace
- scsi: bnx2fc: Fix NULL dereference in error handling
- Input: omap-keypad - fix idle configuration to not block SoC idle states
- scsi: zfcp: fix posting too many status read buffers leading to adapter
shutdown
- hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined
- mm, devm_memremap_pages: mark devm_memremap_pages() EXPORT_SYMBOL_GPL
- mm, devm_memremap_pages: kill mapping "System RAM" support
- sunrpc: fix cache_head leak due to queued request
- sunrpc: use SVC_NET() in svcauth_gss_* functions
- crypto: x86/chacha20 - avoid sleeping with preemption disabled
- ALSA: cs46xx: Potential NULL dereference in probe
- ALSA: usb-audio: Avoid access before bLength check in build_audio_procunit()
- ALSA: usb-audio: Fix an out-of-bound read in create_composite_quirks
- dlm: fixed memory leaks after failed ls_remove_names allocation
- dlm: possible memory leak on error path in create_lkb()
- dlm: lost put_lkb on error path in receive_convert() and receive_unlock()
- dlm: memory leaks on error path in dlm_user_request()
- gfs2: Fix loop in gfs2_rbm_find
- b43: Fix error in cordic routine
- 9p/net: put a lower bound on msize
- iommu/vt-d: Handle domain agaw being less than iommu agaw
- ceph: don't update importing cap's mseq when handing cap export
- genwqe: Fix size check
- intel_th: msu: Fix an off-by-one in attribute store
- power: supply: olpc_battery: correct the temperature units
- Linux 4.4.170
* Xenial update: 4.4.169 upstream stable release (LP: #1811252)
- lib/interval_tree_test.c: make test options module parameters
- lib/interval_tree_test.c: allow full tree search
- lib/rbtree_test.c: make input module parameters
- lib/rbtree-test: lower default params
- lib/interval_tree_test.c: allow users to limit scope of endpoint
- timer/debug: Change /proc/timer_list from 0444 to 0400
- powerpc/boot: Fix random libfdt related build errors
- pinctrl: sunxi: a83t: Fix IRQ offset typo for PH11
- aio: fix spectre gadget in lookup_ioctx
- MMC: OMAP: fix broken MMC on OMAP15XX/OMAP5910/OMAP310
- tracing: Fix memory leak in set_trigger_filter()
- tracing: Fix memory leak of instance function hash filters
- powerpc/msi: Fix NULL pointer access in teardown code
- Revert "drm/rockchip: Allow driver to be shutdown on reboot/kexec"
- f2fs: fix a panic caused by NULL flush_cmd_control
- mac80211: don't WARN on bad WMM parameters from buggy APs
- mac80211: Fix condition validating WMM IE
- mac80211_hwsim: fix module init error paths for netlink
- scsi: libiscsi: Fix NULL pointer dereference in iscsi_eh_session_reset
- scsi: vmw_pscsi: Rearrange code to avoid multiple calls to free_irq during
unload
- x86/earlyprintk/efi: Fix infinite loop on some screen widths
- drm/msm: Grab a vblank reference when waiting for commit_done
- ARC: io.h: Implement reads{x}()/writes{x}()
- bonding: fix 802.3ad state sent to partner when unbinding slave
- SUNRPC: Fix a potential race in xprt_connect()
- sbus: char: add of_node_put()
- drivers/sbus/char: add of_node_put()
- drivers/tty: add missing of_node_put()
- ide: pmac: add of_node_put()
- clk: mmp: Off by one in mmp_clk_add()
- Input: omap-keypad - fix keyboard debounce configuration
- libata: whitelist all SAMSUNG MZ7KM* solid-state disks
- mv88e6060: disable hardware level MAC learning
- ARM: 8814/1: mm: improve/fix ARM v7_dma_inv_range() unaligned address
handling
- cifs: In Kconfig CONFIG_CIFS_POSIX needs depends on legacy (insecure cifs)
- [Config] Remove CONFIG_CIFS_POSIX=y
- i2c: axxia: properly handle master timeout
- i2c: scmi: Fix probe error on devices with an empty SMB0001 ACPI device node
- rtc: snvs: add a missing write sync
- rtc: snvs: Add timeouts to avoid kernel lockups
- ALSA: isa/wavefront: prevent some out of bound writes
- Linux 4.4.169
* Xenial update: 4.4.168 upstream stable release (LP: #1811080)
- ipv6: Check available headroom in ip6_xmit() even without options
- net: 8139cp: fix a BUG triggered by changing mtu with network traffic
- net: phy: don't allow __set_phy_supported to add unsupported modes
- net: Prevent invalid access to skb->prev in __qdisc_drop_all
- rtnetlink: ndo_dflt_fdb_dump() only work for ARPHRD_ETHER devices
- tcp: fix NULL ref in tail loss probe
- tun: forbid iface creation with rtnl ops
- neighbour: Avoid writing before skb->head in neigh_hh_output()
- ARM: OMAP2+: prm44xx: Fix section annotation on
omap44xx_prm_enable_io_wakeup
- ARM: OMAP1: ams-delta: Fix possible use of uninitialized field
- sysv: return 'err' instead of 0 in __sysv_write_inode
- s390/cpum_cf: Reject request for sampling in event initialization
- hwmon: (ina2xx) Fix current value calculation
- ASoC: dapm: Recalculate audio map forcely when card instantiated
- hwmon: (w83795) temp4_type has writable permission
- Btrfs: send, fix infinite loop due to directory rename dependencies
- ASoC: omap-mcpdm: Add pm_qos handling to avoid under/overruns with CPU_IDLE
- ASoC: omap-dmic: Add pm_qos handling to avoid overruns with CPU_IDLE
- exportfs: do not read dentry after free
- bpf: fix check of allowed specifiers in bpf_trace_printk
- USB: omap_udc: use devm_request_irq()
- USB: omap_udc: fix crashes on probe error and module removal
- USB: omap_udc: fix omap_udc_start() on 15xx machines
- USB: omap_udc: fix USB gadget functionality on Palm Tungsten E
- KVM: x86: fix empty-body warnings
- net: thunderx: fix NULL pointer dereference in nic_remove
- ixgbe: recognize 1000BaseLX SFP modules as 1Gbps
- net: hisilicon: remove unexpected free_netdev
- drm/ast: fixed reading monitor EDID not stable issue
- xen: xlate_mmu: add missing header to fix 'W=1' warning
- fscache: fix race between enablement and dropping of object
- fscache, cachefiles: remove redundant variable 'cache'
- ocfs2: fix deadlock caused by ocfs2_defrag_extent()
- hfs: do not free node before using
- hfsplus: do not free node before using
- debugobjects: avoid recursive calls with kmemleak
- ocfs2: fix potential use after free
- pstore: Convert console write to use ->write_buf
- ALSA: pcm: remove SNDRV_PCM_IOCTL1_INFO internal command
- KVM: nVMX: fix msr bitmaps to prevent L2 from accessing L0 x2APIC
- KVM: nVMX: mark vmcs12 pages dirty on L2 exit
- KVM: nVMX: Eliminate vmcs02 pool
- KVM: VMX: introduce alloc_loaded_vmcs
- KVM: VMX: make MSR bitmaps per-VCPU
- KVM/x86: Add IBPB support
- KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL
- KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL
- KVM/x86: Remove indirect MSR op calls from SPEC_CTRL
- x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec
- KVM: SVM: Implement VIRT_SPEC_CTRL support for SSBD
- bpf: support 8-byte metafield access
- bpf/verifier: Add spi variable to check_stack_write()
- bpf/verifier: Pass instruction index to check_mem_access() and check_xadd()
- bpf: Prevent memory disambiguation attack
- wil6210: missing length check in wmi_set_ie
- mm/hugetlb.c: don't call region_abort if region_chg fails
- hugetlbfs: fix offset overflow in hugetlbfs mmap
- hugetlbfs: check for pgoff value overflow
- hugetlbfs: fix bug in pgoff overflow checking
- swiotlb: clean up reporting
- sr: pass down correctly sized SCSI sense buffer
- mm: remove write/force parameters from __get_user_pages_locked()
- mm: remove write/force parameters from __get_user_pages_unlocked()
- mm/nommu.c: Switch __get_user_pages_unlocked() to use __get_user_pages()
- mm: replace get_user_pages_unlocked() write/force parameters with gup_flags
- mm: replace get_user_pages_locked() write/force parameters with gup_flags
- mm: replace get_vaddr_frames() write/force parameters with gup_flags
- mm: replace get_user_pages() write/force parameters with gup_flags
- mm: replace __access_remote_vm() write parameter with gup_flags
- mm: replace access_remote_vm() write parameter with gup_flags
- proc: don't use FOLL_FORCE for reading cmdline and environment
- proc: do not access cmdline nor environ from file-backed areas
- media: dvb-frontends: fix i2c access helpers for KASAN
- matroxfb: fix size of memcpy
- staging: speakup: Replace strncpy with memcpy
- rocker: fix rocker_tlv_put_* functions for KASAN
- selftests: Move networking/timestamping from Documentation
- Linux 4.4.168
* kernel oops in bcache module (LP: #1793901)
- SAUCE: bcache: never writeback a discard operation
* Userspace break as a result of missing patch backport (LP: #1813873)
- tty: Don't hold ldisc lock in tty_reopen() if ldisc present
* CVE-2019-6133
- fork: record start_time late
* Crash on "ip link add foo type ipip" (LP: #1811803)
- SAUCE: fan: Fix NULL pointer dereference
-- Kleber Sacilotto de Souza <email address hidden> Fri, 15 Feb 2019 14:09:55 +0000
-
linux-aws (4.4.0-1038.41) trusty; urgency=medium
* linux-aws: 4.4.0-1038.41 -proposed tracker (LP: #1811847)
* Xenial update: 4.4.164 upstream stable release (LP: #1810947)
- [Config] Remove CONFIG{,_ARCH_USE}_QUEUED_SPINLOCKS
* Packaging resync (LP: #1786013)
- [Packaging] update update.conf
[ Ubuntu: 4.4.0-142.168 ]
* linux: 4.4.0-142.168 -proposed tracker (LP: #1811846)
* Packaging resync (LP: #1786013)
- [Packaging] update helper scripts
* iptables connlimit allows more connections than the limit when using
multiple CPUs (LP: #1811094)
- netfilter: xt_connlimit: don't store address in the conn nodes
- SAUCE: netfilter: xt_connlimit: remove the 'addr' parameter in add_hlist()
- netfilter: nf_conncount: expose connection list interface
- netfilter: nf_conncount: Fix garbage collection with zones
- netfilter: nf_conncount: fix garbage collection confirm race
- netfilter: nf_conncount: don't skip eviction when age is negative
* CVE-2017-5715
- SAUCE: x86/speculation: Cleanup IBPB runtime control handling
- SAUCE: x86/speculation: Cleanup IBRS runtime control handling
- SAUCE: x86/speculation: Use x86_spec_ctrl_base in entry/exit code
- SAUCE: x86/speculation: Move RSB_CTXSW hunk
* Xenial update: 4.4.167 upstream stable release (LP: #1811077)
- media: em28xx: Fix use-after-free when disconnecting
- Revert "wlcore: Add missing PM call for
wlcore_cmd_wait_for_event_or_timeout()"
- rapidio/rionet: do not free skb before reading its length
- s390/qeth: fix length check in SNMP processing
- usbnet: ipheth: fix potential recvmsg bug and recvmsg bug 2
- kvm: mmu: Fix race in emulated page table writes
- xtensa: enable coprocessors that are being flushed
- xtensa: fix coprocessor context offset definitions
- Btrfs: ensure path name is null terminated at btrfs_control_ioctl
- ALSA: wss: Fix invalid snd_free_pages() at error path
- ALSA: ac97: Fix incorrect bit shift at AC97-SPSA control write
- ALSA: control: Fix race between adding and removing a user element
- ALSA: sparc: Fix invalid snd_free_pages() at error path
- ext2: fix potential use after free
- dmaengine: at_hdmac: fix memory leak in at_dma_xlate()
- dmaengine: at_hdmac: fix module unloading
- btrfs: release metadata before running delayed refs
- USB: usb-storage: Add new IDs to ums-realtek
- usb: core: quirks: add RESET_RESUME quirk for Cherry G230 Stream series
- misc: mic/scif: fix copy-paste error in scif_create_remote_lookup
- Kbuild: suppress packed-not-aligned warning for default setting only
- exec: avoid gcc-8 warning for get_task_comm
- disable stringop truncation warnings for now
- kobject: Replace strncpy with memcpy
- unifdef: use memcpy instead of strncpy
- kernfs: Replace strncpy with memcpy
- ip_tunnel: Fix name string concatenate in __ip_tunnel_create()
- drm: gma500: fix logic error
- scsi: bfa: convert to strlcpy/strlcat
- staging: rts5208: fix gcc-8 logic error warning
- kdb: use memmove instead of overlapping memcpy
- iser: set sector for ambiguous mr status errors
- uprobes: Fix handle_swbp() vs. unregister() + register() race once more
- MIPS: ralink: Fix mt7620 nd_sd pinmux
- mips: fix mips_get_syscall_arg o32 check
- drm/ast: Fix incorrect free on ioregs
- scsi: scsi_devinfo: cleanly zero-pad devinfo strings
- ALSA: trident: Suppress gcc string warning
- scsi: csiostor: Avoid content leaks and casts
- kgdboc: Fix restrict error
- kgdboc: Fix warning with module build
- leds: call led_pwm_set() in leds-pwm to enforce default LED_OFF
- leds: turn off the LED and wait for completion on unregistering LED class
device
- leds: leds-gpio: Fix return value check in create_gpio_led()
- Input: xpad - quirk all PDP Xbox One gamepads
- Input: matrix_keypad - check for errors from of_get_named_gpio()
- Input: elan_i2c - add ELAN0620 to the ACPI table
- Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15ARR
- Input: elan_i2c - add support for ELAN0621 touchpad
- btrfs: Always try all copies when reading extent buffers
- Btrfs: fix use-after-free when dumping free space
- ARC: change defconfig defaults to ARCv2
- arc: [devboards] Add support of NFSv3 ACL
- mm: cleancache: fix corruption on missed inode invalidation
- usb: gadget: dummy: fix nonsensical comparisons
- iommu/vt-d: Fix NULL pointer dereference in prq_event_thread()
- iommu/ipmmu-vmsa: Fix crash on early domain free
- can: rcar_can: Fix erroneous registration
- batman-adv: Expand merged fragment buffer for full packet
- bnx2x: Assign unique DMAE channel number for FW DMAE transactions.
- qed: Fix PTT leak in qed_drain()
- qed: Fix reading wrong value in loop condition
- net/mlx4_core: Zero out lkey field in SW2HW_MPT fw command
- net/mlx4_core: Fix uninitialized variable compilation warning
- net/mlx4: Fix UBSAN warning of signed integer overflow
- net: faraday: ftmac100: remove netif_running(netdev) check before disabling
interrupts
- iommu/vt-d: Use memunmap to free memremap
- net: amd: add missing of_node_put()
- usb: quirk: add no-LPM quirk on SanDisk Ultra Flair device
- usb: appledisplay: Add 27" Apple Cinema Display
- USB: check usb_get_extra_descriptor for proper size
- ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in card.c
- ALSA: hda: Add support for AMD Stoney Ridge
- ALSA: pcm: Fix starvation on down_write_nonblock()
- ALSA: pcm: Call snd_pcm_unlink() conditionally at closing
- ALSA: pcm: Fix interval evaluation with openmin/max
- virtio/s390: avoid race on vcdev->config
- virtio/s390: fix race in ccw_io_helper()
- SUNRPC: Fix leak of krb5p encode pages
- xhci: Prevent U1/U2 link pm states if exit latency is too long
- Staging: lustre: remove two build warnings
- cifs: Fix separator when building path from dentry
- tty: serial: 8250_mtk: always resume the device in probe.
- kgdboc: fix KASAN global-out-of-bounds bug in param_set_kgdboc_var()
- mac80211_hwsim: Timer should be initialized before device registered
- mac80211: Clear beacon_int in ieee80211_do_stop
- mac80211: ignore tx status for PS stations in ieee80211_tx_status_ext
- mac80211: fix reordering of buffered broadcast packets
- mac80211: ignore NullFunc frames in the duplicate detection
- Linux 4.4.167
* CVE-2018-19407
- KVM: X86: Fix scan ioapic use-before-initialization
* cpu-hotplug test in ubuntu_kernel_selftest always return 0 on Xenial
(LP: #1809699)
- selftests/cpu-hotplug: exit with failure when test occured unexpected
behaviors
* iommu - need to effectively disable iommu if "intel_iommu=off" is passed as
a kernel parameter (LP: #1810328)
- iommu/vt-d: Make sure IOMMUs are off when intel_iommu=off
* ldisc crash on reopened tty (LP: #1791758)
- tty: fix data race between tty_init_dev and flush of buf
- tty: Drop tty->count on tty_reopen() failure
- tty: Hold tty_ldisc_lock() during tty_reopen()
- tty: Don't block on IO when ldisc change is pending
- tty: Simplify tty->count math in tty_reopen()
* Xenial update: 4.4.166 upstream stable release (LP: #1810967)
- usb: core: Fix hub port connection events lost
- usb: xhci: fix timeout for transition from RExit to U0
- MAINTAINERS: Add Sasha as a stable branch maintainer
- iwlwifi: mvm: support sta_statistics() even on older firmware
- v9fs_dir_readdir: fix double-free on p9stat_read error
- bfs: add sanity check at bfs_fill_super()
- sctp: clear the transport of some out_chunk_list chunks in
sctp_assoc_rm_peer
- gfs2: Don't leave s_fs_info pointing to freed memory in init_sbd
- llc: do not use sk_eat_skb()
- drm/ast: change resolution may cause screen blurred
- drm/ast: fixed cursor may disappear sometimes
- can: dev: can_get_echo_skb(): factor out non sending code to
__can_get_echo_skb()
- can: dev: __can_get_echo_skb(): replace struct can_frame by canfd_frame to
access frame length
- can: dev: __can_get_echo_skb(): Don't crash the kernel if can_priv::echo_skb
is accessed out of bounds
- can: dev: __can_get_echo_skb(): print error message, if trying to echo non
existing skb
- usb: xhci: Prevent bus suspend if a port connect change or polling state is
detected
- KVM: PPC: Move and undef TRACE_INCLUDE_PATH/FILE
- cpufreq: imx6q: add return value check for voltage scale
- SUNRPC: Fix a bogus get/put in generic_key_to_expire()
- kdb: Use strscpy with destination buffer size
- powerpc/numa: Suppress "VPHN is not supported" messages
- tmpfs: make lseek(SEEK_DATA/SEK_HOLE) return ENXIO with a negative offset
- of: add helper to lookup compatible child node
- NFC: nfcmrvl_uart: fix OF child-node lookup
- net: bcmgenet: fix OF child-node lookup
- x86/entry: spell EBX register correctly in documentation
- x86/entry/64: Remove %ebx handling from error_entry/exit
- arm64: remove no-op -p linker flag
- ath10k: fix kernel panic due to race in accessing arvif list
- Input: xpad - remove spurious events of wireless xpad 360 controller
- Input: xpad - handle "present" and "gone" correctly
- Input: xpad - update Xbox One Force Feedback Support
- Input: xpad - workaround dead irq_out after suspend/ resume
- Input: xpad - use LED API when identifying wireless controllers
- Input: xpad - correct xbox one pad device name
- Input: xpad - remove unused function
- Input: xpad - add Mad Catz FightStick TE 2 VID/PID
- Input: xpad - prevent spurious input from wired Xbox 360 controllers
- Input: xpad - add more third-party controllers
- Input: xpad - xbox one elite controller support
- Input: xpad - fix rumble on Xbox One controllers with 2015 firmware
- Input: xpad - power off wireless 360 controllers on suspend
- Input: xpad - add product ID for Xbox One S pad
- Input: xpad - fix Xbox One rumble stopping after 2.5 secs
- Input: xpad - correctly sort vendor id's
- Input: xpad - move reporting xbox one home button to common function
- Input: xpad - simplify error condition in init_output
- Input: xpad - don't depend on endpoint order
- Input: xpad - fix stuck mode button on Xbox One S pad
- Input: xpad - restore LED state after device resume
- Input: xpad - support some quirky Xbox One pads
- Input: xpad - sort supported devices by USB ID
- Input: xpad - sync supported devices with xboxdrv
- Input: xpad - add USB IDs for Mad Catz Brawlstick and Razer Sabertooth
- Input: xpad - sync supported devices with 360Controller
- Input: xpad - sync supported devices with XBCD
- Input: xpad - constify usb_device_id
- Input: xpad - fix PowerA init quirk for some gamepad models
- Input: xpad - validate USB endpoint type during probe
- Input: xpad - add support for PDP Xbox One controllers
- Input: xpad - add PDP device id 0x02a4
- Input: xpad - fix some coding style issues
- Input: xpad - avoid using __set_bit() for capabilities
- Input: xpad - add GPD Win 2 Controller USB IDs
- Input: xpad - fix GPD Win 2 controller name
- Input: xpad - add support for Xbox1 PDP Camo series gamepad
- cw1200: Don't leak memory if krealloc failes
- mwifiex: Fix NULL pointer dereference in skb_dequeue()
- mwifiex: fix p2p device doesn't find in scan problem
- netfilter: nf_tables: fix oops when inserting an element into a verdict map
- scsi: ufs: fix bugs related to null pointer access and array size
- scsi: ufshcd: Fix race between clk scaling and ungate work
- scsi: ufs: fix race between clock gating and devfreq scaling work
- scsi: ufshcd: release resources if probe fails
- scsi: qla2xxx: do not queue commands when unloading
- iwlwifi: mvm: fix regulatory domain update when the firmware starts
- tty: wipe buffer.
- tty: wipe buffer if not echoing data
- usb: xhci: fix uninitialized completion when USB3 port got wrong status
- btrfs: Ensure btrfs_trim_fs can trim the whole filesystem
- sched/core: Allow __sched_setscheduler() in interrupts when PI is not used
- s390/mm: Check for valid vma before zapping in gmap_discard
- drm/ast: Remove existing framebuffers before loading driver
- Linux 4.4.166
* Xenial update: 4.4.166 upstream stable release (LP: #1810967) //
CVE-2000-1134 // CVE-2007-3852 // CVE-2008-0525 // CVE-2009-0416 //
CVE-2011-4834 // CVE-2015-1838 // CVE-2015-7442 // CVE-2016-7489
- namei: allow restricted O_CREAT of FIFOs and regular files
* Xenial update: 4.4.165 upstream stable release (LP: #1810958)
- flow_dissector: do not dissect l4 ports for fragments
- ip_tunnel: don't force DF when MTU is locked
- net-gro: reset skb->pkt_type in napi_reuse_skb()
- tg3: Add PHY reset for 5717/5719/5720 in change ring and flow control paths
- ipv6: Fix PMTU updates for UDP/raw sockets in presence of VRF
- kbuild: Add better clang cross build support
- kbuild: clang: add -no-integrated-as to KBUILD_[AC]FLAGS
- kbuild: Consolidate header generation from ASM offset information
- kbuild: consolidate redundant sed script ASM offset generation
- kbuild: fix asm-offset generation to work with clang
- kbuild: drop -Wno-unknown-warning-option from clang options
- kbuild, LLVMLinux: Add -Werror to cc-option to support clang
- kbuild: use -Oz instead of -Os when using clang
- kbuild: Add support to generate LLVM assembly files
- modules: mark __inittest/__exittest as __maybe_unused
- kbuild: clang: Disable 'address-of-packed-member' warning
- crypto: arm64/sha - avoid non-standard inline asm tricks
- efi/libstub/arm64: Force 'hidden' visibility for section markers
- efi/libstub/arm64: Set -fpie when building the EFI stub
- kbuild: fix linker feature test macros when cross compiling with Clang
- kbuild: Set KBUILD_CFLAGS before incl. arch Makefile
- kbuild: move cc-option and cc-disable-warning after incl. arch Makefile
- kbuild: clang: fix build failures with sparse check
- kbuild: clang: remove crufty HOSTCFLAGS
- kbuild: clang: disable unused variable warnings only when constant
- kbuild: set no-integrated-as before incl. arch Makefile
- kbuild: allow to use GCC toolchain not in Clang search path
- arm64: Disable asm-operand-width warning for clang
- x86/kbuild: Use cc-option to enable -falign-{jumps/loops}
- crypto, x86: aesni - fix token pasting for clang
- x86/mm/kaslr: Use the _ASM_MUL macro for multiplication to work around Clang
incompatibility
- kbuild: Add __cc-option macro
- x86/build: Use __cc-option for boot code compiler options
- x86/build: Specify stack alignment for clang
- x86/boot: #undef memcpy() et al in string.c
- x86/build: Fix stack alignment for CLang
- x86/build: Use cc-option to validate stack alignment parameter
- reiserfs: propagate errors from fill_with_dentries() properly
- hfs: prevent btree data loss on root split
- hfsplus: prevent btree data loss on root split
- um: Give start_idle_thread() a return code
- fs/exofs: fix potential memory leak in mount option parsing
- clk: samsung: exynos5420: Enable PERIS clocks for suspend
- platform/x86: acerhdf: Add BIOS entry for Gateway LT31 v1.3307
- arm64: percpu: Initialize ret in the default case
- s390/vdso: add missing FORCE to build targets
- netfilter: ipset: actually allow allowable CIDR 0 in hash:net,port,net
- s390/mm: Fix ERROR: "__node_distance" undefined!
- netfilter: ipset: Correct rcu_dereference() call in ip_set_put_comment()
- netfilter: xt_IDLETIMER: add sysfs filename checking routine
- hwmon: (ibmpowernv) Remove bogus __init annotations
- lib/raid6: Fix arm64 test build
- zram: close udev startup race condition as default groups
- SUNRPC: drop pointless static qualifier in xdr_get_next_encode_buffer()
- gfs2: Put bitmap buffers in put_super
- btrfs: fix pinned underflow after transaction aborted
- Revert "media: videobuf2-core: don't call memop 'finish' when queueing"
- media: v4l: event: Add subscription to list before calling "add" operation
- uio: Fix an Oops on load
- usb: cdc-acm: add entry for Hiro (Conexant) modem
- USB: quirks: Add no-lpm quirk for Raydium touchscreens
- usb: quirks: Add delay-init quirk for Corsair K70 LUX RGB
- misc: atmel-ssc: Fix section annotation on atmel_ssc_get_driver_data
- USB: misc: appledisplay: add 20" Apple Cinema Display
- drivers/misc/sgi-gru: fix Spectre v1 vulnerability
- ACPI / platform: Add SMB0001 HID to forbidden_id_list
- new helper: uaccess_kernel()
- HID: uhid: forbid UHID_CREATE under KERNEL_DS or elevated privileges
- xhci: Fix USB3 NULL pointer dereference at logical disconnect.
- Linux 4.4.165
* Xenial update: 4.4.164 upstream stable release (LP: #1810947)
- bcache: fix miss key refill->end in writeback
- hwmon: (pmbus) Fix page count auto-detection.
- jffs2: free jffs2_sb_info through jffs2_kill_sb()
- pcmcia: Implement CLKRUN protocol disabling for Ricoh bridges
- ipmi: Fix timer race with module unload
- parisc: Fix address in HPMC IVA
- parisc: Fix map_pages() to not overwrite existing pte entries
- ALSA: hda - Add mic quirk for the Lenovo G50-30 (17aa:3905)
- ALSA: ca0106: Disable IZD on SB0570 DAC to fix audio pops
- x86/corruption-check: Fix panic in memory_corruption_check() when boot
option without value is provided
- x86/kconfig: Fall back to ticket spinlocks
- [Config] Remove CONFIG{,_ARCH_USE}_QUEUED_SPINLOCKS
- sparc: Fix single-pcr perf event counter management.
- x86/fpu: Remove second definition of fpu in __fpu__restore_sig()
- net: qla3xxx: Remove overflowing shift statement
- selftests: ftrace: Add synthetic event syntax testcase
- locking/lockdep: Fix debug_locks off performance problem
- ataflop: fix error handling during setup
- swim: fix cleanup on setup error
- tun: Consistently configure generic netdev params via rtnetlink
- perf tools: Free temporary 'sys' string in read_event_files()
- perf tools: Cleanup trace-event-info 'tdata' leak
- mmc: sdhci-pci-o2micro: Add quirk for O2 Micro dev 0x8620 rev 0x01
- Bluetooth: btbcm: Add entry for BCM4335C0 UART bluetooth
- x86: boot: Fix EFI stub alignment
- pinctrl: qcom: spmi-mpp: Fix err handling of pmic_mpp_set_mux
- kprobes: Return error if we fail to reuse kprobe instead of BUG_ON()
- ACPI / LPSS: Add alternative ACPI HIDs for Cherry Trail DMA controllers
- pinctrl: qcom: spmi-mpp: Fix drive strength setting
- pinctrl: spmi-mpp: Fix pmic_mpp_config_get() to be compliant
- pinctrl: ssbi-gpio: Fix pm8xxx_pin_config_get() to be compliant
- ath10k: schedule hardware restart if WMI command times out
- scsi: esp_scsi: Track residual for PIO transfers
- scsi: megaraid_sas: fix a missing-check bug
- tpm: suppress transmit cmd error logs when TPM 1.2 is disabled/deactivated
- ext4: fix argument checking in EXT4_IOC_MOVE_EXT
- MD: fix invalid stored role for a disk
- usb: chipidea: Prevent unbalanced IRQ disable
- driver/dma/ioat: Call del_timer_sync() without holding prep_lock
- uio: ensure class is registered before devices
- scsi: lpfc: Correct soft lockup when running mds diagnostics
- signal: Always deliver the kernel's SIGKILL and SIGSTOP to a pid namespace
init
- dmaengine: dma-jz4780: Return error if not probed from DT
- ALSA: hda: Check the non-cached stream buffers more explicitly
- xen-swiotlb: use actually allocated size on check physical continuous
- tpm: Restore functionality to xen vtpm driver.
- xen: fix race in xen_qlock_wait()
- xen: make xen_qlock_wait() nestable
- net/ipv4: defensive cipso option parsing
- libnvdimm: Hold reference on parent while scheduling async init
- jbd2: fix use after free in jbd2_log_do_checkpoint()
- gfs2_meta: ->mount() can get NULL dev_name
- ext4: initialize retries variable in ext4_da_write_inline_data_begin()
- HID: hiddev: fix potential Spectre v1
- PCI: Add Device IDs for Intel GPU "spurious interrupt" quirk
- signal/GenWQE: Fix sending of SIGKILL
- crypto: lrw - Fix out-of bounds access on counter overflow
- ima: fix showing large 'violations' or 'runtime_measurements_count'
- hugetlbfs: dirty pages as they are added to pagecache
- kbuild: fix kernel/bounds.c 'W=1' warning
- iio: adc: at91: fix acking DRDY irq on simple conversions
- iio: adc: at91: fix wrong channel number in triggered buffer mode
- w1: omap-hdq: fix missing bus unregister at removal
- smb3: allow stats which track session and share reconnects to be reset
- smb3: do not attempt cifs operation in smb3 query info error path
- smb3: on kerberos mount if server doesn't specify auth type use krb5
- printk: Fix panic caused by passing log_buf_len to command line
- genirq: Fix race on spurious interrupt detection
- NFSv4.1: Fix the r/wsize checking
- nfsd: Fix an Oops in free_session()
- lockd: fix access beyond unterminated strings in prints
- dm ioctl: harden copy_params()'s copy_from_user() from malicious users
- powerpc/msi: Fix compile error on mpc83xx
- MIPS: OCTEON: fix out of bounds array access on CN68XX
- TC: Set DMA masks for devices
- kgdboc: Passing ekgdboc to command line causes panic
- xen: fix xen_qlock_wait()
- media: em28xx: use a default format if TRY_FMT fails
- media: em28xx: fix input name for Terratec AV 350
- media: em28xx: make v4l2-compliance happier by starting sequence on zero
- ext4: avoid running out of journal credits when appending to an inline file
- Cramfs: fix abad comparison when wrap-arounds occur
- arm64: dts: stratix10: Correct System Manager register size
- soc/tegra: pmc: Fix child-node lookup
- btrfs: Handle owner mismatch gracefully when walking up tree
- btrfs: locking: Add extra check in btrfs_init_new_buffer() to avoid deadlock
- btrfs: iterate all devices during trim, instead of fs_devices::alloc_list
- btrfs: don't attempt to trim devices that don't support it
- btrfs: wait on caching when putting the bg cache
- btrfs: reset max_extent_size on clear in a bitmap
- btrfs: make sure we create all new block groups
- Btrfs: fix wrong dentries after fsync of file that got its parent replaced
- btrfs: qgroup: Dirty all qgroups before rescan
- Btrfs: fix null pointer dereference on compressed write path error
- btrfs: set max_extent_size properly
- MD: fix invalid stored role for a disk - try2
- tty: check name length in tty_find_polling_driver()
- powerpc/nohash: fix undefined behaviour when testing page size support
- drm/omap: fix memory barrier bug in DMM driver
- media: pci: cx23885: handle adding to list failure
- MIPS: kexec: Mark CPU offline before disabling local IRQ
- powerpc/boot: Ensure _zimage_start is a weak symbol
- sc16is7xx: Fix for multi-channel stall
- media: tvp5150: fix width alignment during set_selection()
- 9p locks: fix glock.client_id leak in do_lock
- 9p: clear dangling pointers in p9stat_free
- scsi: qla2xxx: Fix incorrect port speed being set for FC adapters
- fuse: Fix use-after-free in fuse_dev_do_read()
- fuse: Fix use-after-free in fuse_dev_do_write()
- fuse: fix blocked_waitq wakeup
- fuse: set FR_SENT while locked
- mm, elf: handle vm_brk error
- binfmt_elf: fix calculations for bss padding
- mm: refuse wrapped vm_brk requests
- fs, elf: make sure to page align bss in load_elf_library
- mm: do not bug_on on incorrect length in __mm_populate()
- e1000: avoid null pointer dereference on invalid stat type
- e1000: fix race condition between e1000_down() and e1000_watchdog
- bna: ethtool: Avoid reading past end of buffer
- MIPS: Loongson-3: Fix CPU UART irq delivery problem
- MIPS: Loongson-3: Fix BRIDGE irq delivery problem
- xtensa: add NOTES section to the linker script
- xtensa: make sure bFLT stack is 16 byte aligned
- xtensa: fix boot parameters address translation
- clk: s2mps11: Fix matching when built as module and DT node contains
compatible
- libceph: bump CEPH_MSG_MAX_DATA_LEN
- mach64: fix display corruption on big endian machines
- mach64: fix image corruption due to reading accelerator registers
- vhost/scsi: truncate T10 PI iov_iter to prot_bytes
- ocfs2: fix a misuse a of brelse after failing ocfs2_check_dir_entry
- mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings
- mtd: docg3: don't set conflicting BCH_CONST_PARAMS option
- termios, tty/tty_baudrate.c: fix buffer overrun
- arch/alpha, termios: implement BOTHER, IBSHIFT and termios2
- Btrfs: fix data corruption due to cloning of eof block
- clockevents/drivers/i8253: Add support for PIT shutdown quirk
- ext4: add missing brelse() update_backups()'s error path
- ext4: add missing brelse() in set_flexbg_block_bitmap()'s error path
- ext4: add missing brelse() add_new_gdb_meta_bg()'s error path
- ext4: avoid potential extra brelse in setup_new_flex_group_blocks()
- ext4: fix possible inode leak in the retry loop of ext4_resize_fs()
- ext4: avoid buffer leak in ext4_orphan_add() after prior errors
- ext4: fix missing cleanup if ext4_alloc_flex_bg_array() fails while resizing
- ext4: avoid possible double brelse() in add_new_gdb() on error path
- ext4: fix possible leak of sbi->s_group_desc_leak in error path
- ext4: release bs.bh before re-using in ext4_xattr_block_find()
- ext4: fix buffer leak in ext4_xattr_move_to_block() on error path
- ext4: fix buffer leak in __ext4_read_dirblock() on error path
- mount: Prevent MNT_DETACH from disconnecting locked mounts
- sunrpc: correct the computation for page_ptr when truncating
- rtc: hctosys: Add missing range error reporting
- fuse: fix leaked notify reply
- configfs: replace strncpy with memcpy
- hugetlbfs: fix kernel BUG at fs/hugetlbfs/inode.c:444!
- mm: migration: fix migration of huge PMD shared pages
- drm/rockchip: Allow driver to be shutdown on reboot/kexec
- drm/dp_mst: Check if primary mstb is null
- drm/i915/hdmi: Add HDMI 2.0 audio clock recovery N values
- Linux 4.4.164
* Xenial update: 4.4.163 upstream stable release (LP: #1810807)
- xfrm: Validate address prefix lengths in the xfrm selector.
- xfrm6: call kfree_skb when skb is toobig
- mac80211: Always report TX status
- cfg80211: reg: Init wiphy_idx in regulatory_hint_core()
- ARM: 8799/1: mm: fix pci_ioremap_io() offset check
- xfrm: validate template mode
- mac80211_hwsim: do not omit multicast announce of first added radio
- Bluetooth: SMP: fix crash in unpairing
- pxa168fb: prepare the clock
- asix: Check for supported Wake-on-LAN modes
- ax88179_178a: Check for supported Wake-on-LAN modes
- lan78xx: Check for supported Wake-on-LAN modes
- sr9800: Check for supported Wake-on-LAN modes
- r8152: Check for supported Wake-on-LAN Modes
- smsc75xx: Check for Wake-on-LAN modes
- smsc95xx: Check for Wake-on-LAN modes
- perf/ring_buffer: Prevent concurent ring buffer access
- net: cxgb3_main: fix a missing-check bug
- KEYS: put keyring if install_session_keyring_to_cred() fails
- ipv6: suppress sparse warnings in IP6_ECN_set_ce()
- net: drop write-only stack variable
- ser_gigaset: use container_of() instead of detour
- tracing: Skip more functions when doing stack tracing of events
- ARM: dts: apq8064: add ahci ports-implemented mask
- x86/mm/pat: Prevent hang during boot when mapping pages
- radix-tree: fix radix_tree_iter_retry() for tagged iterators.
- af_iucv: Move sockaddr length checks to before accessing sa_family in bind
and connect handlers
- net/mlx4_en: Resolve dividing by zero in 32-bit system
- ipv6: orphan skbs in reassembly unit
- um: Avoid longjmp/setjmp symbol clashes with libpthread.a
- sched/cgroup: Fix cgroup entity load tracking tear-down
- btrfs: don't create or leak aliased root while cleaning up orphans
- thermal: allow spear-thermal driver to be a module
- thermal: allow u8500-thermal driver to be a module
- x86/PCI: Mark Broadwell-EP Home Agent 1 as having non-compliant BARs
- aacraid: Start adapter after updating number of MSIX vectors
- perf/core: Don't leak event in the syscall error path
- usbvision: revert commit 588afcc1
- MIPS: Fix FCSR Cause bit handling for correct SIGFPE issue
- ASoC: ak4613: Enable cache usage to fix crashes on resume
- ASoC: wm8940: Enable cache usage to fix crashes on resume
- CIFS: handle guest access errors to Windows shares
- arm64: Fix potential race with hardware DBM in ptep_set_access_flags()
- xfrm: Clear sk_dst_cache when applying per-socket policy.
- scsi: Add STARGET_CREATED_REMOVE state to scsi_target_state
- sparc/pci: Refactor dev_archdata initialization into pci_init_dev_archdata
- sch_red: update backlog as well
- usb-storage: fix bogus hardware error messages for ATA pass-thru devices
- bpf: generally move prog destruction to RCU deferral
- drm/nouveau/fbcon: fix oops without fbdev emulation
- fuse: Dont call set_page_dirty_lock() for ITER_BVEC pages for async_dio
- net/mlx5e: Fix LRO modify
- net/mlx5e: Correctly handle RSS indirection table when changing number of
channels
- ALSA: timer: Fix zero-division by continue of uninitialized instance
- vti6: flush x-netns xfrm cache when vti interface is removed
- brcmfmac: Fix glom_skb leak in brcmf_sdiod_recv_chain
- l2tp: hold socket before dropping lock in l2tp_ip{, 6}_recv()
- tty: serial: sprd: fix error return code in sprd_probe()
- video: fbdev: pxa3xx_gcu: fix error return code in pxa3xx_gcu_probe()
- sparc64 mm: Fix more TSB sizing issues
- gpu: host1x: fix error return code in host1x_probe()
- sparc64: Fix exception handling in UltraSPARC-III memcpy.
- gpio: msic: fix error return code in platform_msic_gpio_probe()
- usb: imx21-hcd: fix error return code in imx21_probe()
- usb: ehci-omap: fix error return code in ehci_hcd_omap_probe()
- usb: dwc3: omap: fix error return code in dwc3_omap_probe()
- spi/bcm63xx-hspi: fix error return code in bcm63xx_hsspi_probe()
- MIPS: Handle non word sized instructions when examining frame
- spi/bcm63xx: fix error return code in bcm63xx_spi_probe()
- spi: xlp: fix error return code in xlp_spi_probe()
- ASoC: spear: fix error return code in spdif_in_probe()
- PM / devfreq: tegra: fix error return code in tegra_devfreq_probe()
- bonding: avoid defaulting hard_header_len to ETH_HLEN on slave removal
- scsi: aacraid: Fix typo in blink status
- MIPS: microMIPS: Fix decoding of swsp16 instruction
- igb: Remove superfluous reset to PHY and page 0 selection
- MIPS: DEC: Fix an int-handler.S CPU_DADDI_WORKAROUNDS regression
- ARM: dts: imx53-qsb: disable 1.2GHz OPP
- fs/fat/fatent.c: add cond_resched() to fat_count_free_clusters()
- mtd: spi-nor: Add support for is25wp series chips
- perf tools: Disable parallelism for 'make clean'
- bridge: do not add port to router list when receives query with source
0.0.0.0
- net: bridge: remove ipv6 zero address check in mcast queries
- ipv6: mcast: fix a use-after-free in inet6_mc_check
- ipv6/ndisc: Preserve IPv6 control buffer if protocol error handlers are
called
- net/ipv6: Fix index counter for unicast addresses in in6_dump_addrs
- net: sched: gred: pass the right attribute to gred_change_table_def()
- net: socket: fix a missing-check bug
- net: stmmac: Fix stmmac_mdio_reset() when building stmmac as modules
- r8169: fix NAPI handling under high load
- sctp: fix race on sctp_id2asoc
- net: drop skb on failure in ip_check_defrag()
- vhost: Fix Spectre V1 vulnerability
- rtnetlink: Disallow FDB configuration for non-Ethernet device
- mremap: properly flush TLB before releasing the page
- crypto: shash - Fix a sleep-in-atomic bug in shash_setkey_unaligned
- ahci: don't ignore result code of ahci_reset_controller()
- cachefiles: fix the race between cachefiles_bury_object() and rmdir(2)
- ptp: fix Spectre v1 vulnerability
- RDMA/ucma: Fix Spectre v1 vulnerability
- IB/ucm: Fix Spectre v1 vulnerability
- cdc-acm: correct counting of UART states in serial state notification
- usb: gadget: storage: Fix Spectre v1 vulnerability
- USB: fix the usbfs flag sanitization for control transfers
- Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15IGM
- sched/fair: Fix throttle_list starvation with low CFS quota
- x86/percpu: Fix this_cpu_read()
- cpuidle: Do not access cpuidle_devices when !CONFIG_CPU_IDLE
- l2tp: hold tunnel socket when handling control frames in l2tp_ip and
l2tp_ip6
- x86/time: Correct the attribute on jiffies' definition
- Linux 4.4.163
* nvme - Polling on timeout (LP: #1807393)
- nvme/pci: Poll CQ on timeout
* Xenial: data corruption when using i40e with iommu (LP: #1802421)
- i40e: Drop packet split receive routine
* Fix Intel I210 doesn't work when ethernet cable gets plugged (LP: #1806818)
- igb: Fix an issue that PME is not enabled during runtime suspend
-- Kleber Sacilotto de Souza <email address hidden> Thu, 17 Jan 2019 19:02:23 +0100
-
linux-aws (4.4.0-1037.40) trusty; urgency=medium
* linux-aws: 4.4.0-1037.40 -proposed tracker (LP: #1806570)
[ Ubuntu: 4.4.0-141.167 ]
* linux: 4.4.0-141.167 -proposed tracker (LP: #1806569)
* Redpine: firmware assert upon assoc timeout (LP: #1804360)
- SAUCE: Redpine: fix for firmware assert upon assoc timeout
* CVE-2018-12896
- posix-timers: Sanitize overrun handling
* CVE-2017-5753
- ALSA: opl3: Hardening for potential Spectre v1
- ALSA: asihpi: Hardening for potential Spectre v1
- ALSA: hdspm: Hardening for potential Spectre v1
- ALSA: rme9652: Hardening for potential Spectre v1
- ALSA: control: Hardening for potential Spectre v1
- usbip: vhci_sysfs: fix potential Spectre v1
- libahci: Fix possible Spectre-v1 pmp indexing in ahci_led_store()
* CVE-2018-18710
- cdrom: fix improper type cast, which can leat to information leak.
* CVE-2018-18690
- xfs: don't fail when converting shortform attr to long form during
ATTR_REPLACE
* CVE-2017-18174
- pinctrl: Add devm_ apis for pinctrl_{register, unregister}
- pinctrl: amd: Use devm_pinctrl_register() for pinctrl registration
-- Khalid Elmously <email address hidden> Thu, 06 Dec 2018 03:39:23 +0000
-
linux-aws (4.4.0-1036.39) trusty; urgency=medium
* linux-aws: 4.4.0-1036.39 -proposed tracker (LP: #1804491)
* Restore request-based mode to xen-blkfront for AWS kernels (LP: #1801305)
- xen-blkfront: don't use req->errors
- SAUCE: xen-blkfront: resurrect request-based mode
linux-aws (4.4.0-1035.38) trusty; urgency=medium
* linux-aws: 4.4.0-1035.38 -proposed tracker (LP: #1802778)
* Improve AWS hibernation performance (LP: #1803613)
- PM / Hibernate: Call flush_icache_range() on pages restored in-place
- SAUCE: [aws] PM / hibernate: Speed up hibernation by batching requests
[ Ubuntu: 4.4.0-140.166 ]
* linux: 4.4.0-140.166 -proposed tracker (LP: #1802776)
* Bypass of mount visibility through userns + mount propagation (LP: #1789161)
- mount: Retest MNT_LOCKED in do_umount
- mount: Don't allow copying MNT_UNBINDABLE|MNT_LOCKED mounts
* kdump fail due to an IRQ storm (LP: #1797990)
- SAUCE: x86/PCI: Export find_cap() to be used in early PCI code
- SAUCE: x86/quirks: Add parameter to clear MSIs early on boot
- SAUCE: x86/quirks: Scan all busses for early PCI quirks
* crash in ENA driver on removing an interface (LP: #1802341)
- SAUCE: net: ena: fix crash during ena_remove()
* xenial guest on arm64 drops to busybox under openstack bionic-rocky
(LP: #1797092)
- [Config] CONFIG_PCI_ECAM=y
- PCI: Provide common functions for ECAM mapping
- PCI: generic, thunder: Use generic ECAM API
- PCI, of: Move PCI I/O space management to PCI core code
- PCI: Move ecam.h to linux/include/pci-ecam.h
- PCI: Add parent device field to ECAM struct pci_config_window
- PCI: Add pci_unmap_iospace() to unmap I/O resources
- PCI/ACPI: Support I/O resources when parsing host bridge resources
- [Config] CONFIG_ACPI_MCFG=y
- PCI/ACPI: Add generic MCFG table handling
- PCI: Refactor pci_bus_assign_domain_nr() for CONFIG_PCI_DOMAINS_GENERIC
- PCI: Factor DT-specific pci_bus_find_domain_nr() code out
- ARM64: PCI: Add acpi_pci_bus_find_domain_nr()
- ARM64: PCI: ACPI support for legacy IRQs parsing and consolidation with DT
code
- ARM64: PCI: Support ACPI-based PCI host controller
* [GLK/CLX] Enhanced IBRS (LP: #1786139)
- x86/speculation: Remove SPECTRE_V2_IBRS in enum spectre_v2_mitigation
- x86/speculation: Support Enhanced IBRS on future CPUs
* Update ENA driver to version 2.0.1K (LP: #1798182)
- net: ena: remove ndo_poll_controller
- net: ena: fix warning in rmmod caused by double iounmap
- net: ena: fix rare bug when failed restart/resume is followed by driver
removal
- net: ena: fix NULL dereference due to untimely napi initialization
- net: ena: fix auto casting to boolean
- net: ena: minor performance improvement
- net: ena: complete host info to match latest ENA spec
- net: ena: introduce Low Latency Queues data structures according to ENA spec
- net: ena: add functions for handling Low Latency Queues in ena_com
- net: ena: add functions for handling Low Latency Queues in ena_netdev
- net: ena: use CSUM_CHECKED device indication to report skb's checksum status
- net: ena: explicit casting and initialization, and clearer error handling
- net: ena: limit refill Rx threshold to 256 to avoid latency issues
- net: ena: change rx copybreak default to reduce kernel memory pressure
- net: ena: remove redundant parameter in ena_com_admin_init()
- net: ena: update driver version to 2.0.1
- net: ena: fix indentations in ena_defs for better readability
- net: ena: Fix Kconfig dependency on X86
- net: ena: enable Low Latency Queues
- net: ena: fix compilation error in xtensa architecture
* Xenial update: 4.4.162 upstream stable release (LP: #1801900)
- ASoC: wm8804: Add ACPI support
- ASoC: sigmadsp: safeload should not have lower byte limit
- selftests/efivarfs: add required kernel configs
- mfd: omap-usb-host: Fix dts probe of children
- sound: enable interrupt after dma buffer initialization
- stmmac: fix valid numbers of unicast filter entries
- net: macb: disable scatter-gather for macb on sama5d3
- ARM: dts: at91: add new compatibility string for macb on sama5d3
- drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7
- ext4: add corruption check in ext4_xattr_set_entry()
- mm/vmstat.c: fix outdated vmstat_text
- mach64: detect the dot clock divider correctly on sparc
- perf script python: Fix export-to-postgresql.py occasional failure
- i2c: i2c-scmi: fix for i2c_smbus_write_block_data
- xhci: Don't print a warning when setting link state for disabled ports
- jffs2: return -ERANGE when xattr buffer is too small
- bnxt_en: Fix TX timeout during netpoll.
- bonding: avoid possible dead-lock
- ip6_tunnel: be careful when accessing the inner header
- ip_tunnel: be careful when accessing the inner header
- ipv4: fix use-after-free in ip_cmsg_recv_dstaddr()
- net: ipv4: update fnhe_pmtu when first hop's MTU changes
- net/ipv6: Display all addresses in output of /proc/net/if_inet6
- netlabel: check for IPV4MASK in addrinfo_get
- net/usb: cancel pending work when unbinding smsc75xx
- qlcnic: fix Tx descriptor corruption on 82xx devices
- team: Forbid enslaving team device to itself
- net: mvpp2: Extract the correct ethtype from the skb for tx csum offload
- net: systemport: Fix wake-up interrupt race during resume
- rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096
- KVM: x86: remove eager_fpu field of struct kvm_vcpu_arch
- x86/fpu: Remove use_eager_fpu()
- x86/fpu: Remove struct fpu::counter
- x86/fpu: Finish excising 'eagerfpu'
- media: af9035: prevent buffer overflow on write
- clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-
am43 SoCs
- Input: atakbd - fix Atari keymap
- Input: atakbd - fix Atari CapsLock behaviour
- net/mlx4: Use cpumask_available for eq->affinity_mask
- powerpc/tm: Fix userspace r13 corruption
- powerpc/tm: Avoid possible userspace r1 corruption on reclaim
- ARC: build: Get rid of toolchain check
- usb: gadget: serial: fix oops when data rx'd after close
- HV: properly delay KVP packets when negotiation is in progress
- Linux 4.4.162
* Xenial update: 4.4.161 upstream stable release (LP: #1801893)
- mm/vmstat.c: skip NR_TLB_REMOTE_FLUSH* properly
- fbdev/omapfb: fix omapfb_memory_read infoleak
- x86/vdso: Fix asm constraints on vDSO syscall fallbacks
- x86/vdso: Fix vDSO syscall fallback asm constraint regression
- PCI: Reprogram bridge prefetch registers on resume
- mac80211: fix setting IEEE80211_KEY_FLAG_RX_MGMT for AP mode keys
- PM / core: Clear the direct_complete flag on errors
- dm cache: fix resize crash if user doesn't reload cache table
- xhci: Add missing CAS workaround for Intel Sunrise Point xHCI
- USB: serial: simple: add Motorola Tetra MTP6550 id
- of: unittest: Disable interrupt node tests for old world MAC systems
- ext4: always verify the magic number in xattr blocks
- cgroup: Fix deadlock in cpu hotplug path
- ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait
- ARC: clone syscall to setp r25 as thread pointer
- ucma: fix a use-after-free in ucma_resolve_ip()
- ubifs: Check for name being NULL while mounting
- tcp: increment sk_drops for dropped rx packets
- tcp: use an RB tree for ooo receive queue
- tcp: fix a stale ooo_last_skb after a replace
- tcp: free batches of packets in tcp_prune_ofo_queue()
- tcp: call tcp_drop() from tcp_data_queue_ofo()
- tcp: add tcp_ooo_try_coalesce() helper
- ath10k: fix scan crash due to incorrect length calculation
- ebtables: arpreply: Add the standard target sanity check
- Linux 4.4.161
* mlock203 test in ubuntu_ltp_syscalls failed with Xenial kernel
(LP: #1793451)
- mm: mlock: avoid increase mm->locked_vm on mlock() when already mlock2(,
MLOCK_ONFAULT)
* execveat03 in ubuntu_ltp_syscalls failed on X/B (LP: #1786729)
- cap_inode_getsecurity: use d_find_any_alias() instead of d_find_alias()
* [Ubuntu] net/af_iucv: fix skb leaks for HiperTransport (LP: #1800639)
- net/af_iucv: drop inbound packets with invalid flags
- net/af_iucv: fix skb handling on HiperTransport xmit error
* NULL pointer dereference at 0000000000000020 when access
dst_orig->ops->family in function xfrm_lookup_with_ifid() (LP: #1801878)
- xfrm: Fix NULL pointer dereference when skb_dst_force clears the dst_entry.
* [Ubuntu] qeth: Fix potential array overrun in cmd/rc lookup (LP: #1800641)
- s390: qeth_core_mpc: Use ARRAY_SIZE instead of reimplementing its function
- s390: qeth: Fix potential array overrun in cmd/rc lookup
* Packaging resync (LP: #1786013)
- [Package] add support for specifying the primary makefile
-- Kamal Mostafa <email address hidden> Wed, 21 Nov 2018 09:55:44 -0800
-
linux-aws (4.4.0-1034.37) trusty; urgency=medium
* linux-aws: 4.4.0-1034.37 -proposed tracker (LP: #1801123)
* Update ENA driver to version 2.0.1K (LP: #1798182)
- net: ena: remove ndo_poll_controller
- net: ena: fix warning in rmmod caused by double iounmap
- net: ena: fix rare bug when failed restart/resume is followed by driver
removal
- net: ena: fix NULL dereference due to untimely napi initialization
- net: ena: fix auto casting to boolean
- net: ena: minor performance improvement
- net: ena: complete host info to match latest ENA spec
- net: ena: introduce Low Latency Queues data structures according to ENA spec
- net: ena: add functions for handling Low Latency Queues in ena_com
- net: ena: add functions for handling Low Latency Queues in ena_netdev
- net: ena: use CSUM_CHECKED device indication to report skb's checksum status
- net: ena: explicit casting and initialization, and clearer error handling
- net: ena: limit refill Rx threshold to 256 to avoid latency issues
- net: ena: change rx copybreak default to reduce kernel memory pressure
- net: ena: remove redundant parameter in ena_com_admin_init()
- net: ena: update driver version to 2.0.1
- net: ena: fix indentations in ena_defs for better readability
- net: ena: Fix Kconfig dependency on X86
- net: ena: enable Low Latency Queues
- net: ena: fix compilation error in xtensa architecture
linux-aws (4.4.0-1033.36) trusty; urgency=medium
* linux-aws: 4.4.0-1033.36 -proposed tracker (LP: #1799403)
[ Ubuntu: 4.4.0-139.165 ]
* linux: 4.4.0-139.165 -proposed tracker (LP: #1799401)
* Kernel panic after the ubuntu_nbd_smoke_test on Xenial kernel (LP: #1793464)
- nbd: Remove signal usage
- nbd: Timeouts are not user requested disconnects
- nbd: Cleanup reset of nbd and bdev after a disconnect
- nbd: don't shutdown sock with irq's disabled
- nbd: fix race in ioctl
* fscache: bad refcounting in fscache_op_complete leads to OOPS (LP: #1797314)
- SAUCE: fscache: Fix race in decrementing refcount of op->npages
* xenial: virtio-scsi: CPU soft lockup due to loop in
virtscsi_target_destroy() (LP: #1798110)
- SAUCE: (no-up) virtio-scsi: Decrement reqs counter before SCSI command
requeue
* Error reported when creating ZFS pool with "-t" option, despite successful
pool creation (LP: #1769937)
- SAUCE: (noup) Update zfs to 0.6.5.6-0ubuntu26
* Xenial update: 4.4.160 upstream stable release (LP: #1798770)
- crypto: skcipher - Fix -Wstringop-truncation warnings
- tsl2550: fix lux1_input error in low light
- vmci: type promotion bug in qp_host_get_user_memory()
- x86/numa_emulation: Fix emulated-to-physical node mapping
- staging: rts5208: fix missing error check on call to rtsx_write_register
- uwb: hwa-rc: fix memory leak at probe
- power: vexpress: fix corruption in notifier registration
- Bluetooth: Add a new Realtek 8723DE ID 0bda:b009
- USB: serial: kobil_sct: fix modem-status error handling
- 6lowpan: iphc: reset mac_header after decompress to fix panic
- md-cluster: clear another node's suspend_area after the copy is finished
- media: exynos4-is: Prevent NULL pointer dereference in __isp_video_try_fmt()
- powerpc/kdump: Handle crashkernel memory reservation failure
- media: fsl-viu: fix error handling in viu_of_probe()
- x86/tsc: Add missing header to tsc_msr.c
- x86/entry/64: Add two more instruction suffixes
- scsi: target/iscsi: Make iscsit_ta_authentication() respect the output
buffer size
- scsi: klist: Make it safe to use klists in atomic context
- scsi: ibmvscsi: Improve strings handling
- usb: wusbcore: security: cast sizeof to int for comparison
- powerpc/powernv/ioda2: Reduce upper limit for DMA window size
- alarmtimer: Prevent overflow for relative nanosleep
- s390/extmem: fix gcc 8 stringop-overflow warning
- ALSA: snd-aoa: add of_node_put() in error path
- media: s3c-camif: ignore -ENOIOCTLCMD from v4l2_subdev_call for s_power
- media: soc_camera: ov772x: correct setting of banding filter
- media: omap3isp: zero-initialize the isp cam_xclk{a,b} initial data
- staging: android: ashmem: Fix mmap size validation
- drivers/tty: add error handling for pcmcia_loop_config
- media: tm6000: add error handling for dvb_register_adapter
- ALSA: hda: Add AZX_DCAPS_PM_RUNTIME for AMD Raven Ridge
- ath10k: protect ath10k_htt_rx_ring_free with rx_ring.lock
- rndis_wlan: potential buffer overflow in rndis_wlan_auth_indication()
- wlcore: Add missing PM call for wlcore_cmd_wait_for_event_or_timeout()
- ARM: mvebu: declare asm symbols as character arrays in pmsu.c
- HID: hid-ntrig: add error handling for sysfs_create_group
- scsi: bnx2i: add error handling for ioremap_nocache
- EDAC, i7core: Fix memleaks and use-after-free on probe and remove
- ASoC: dapm: Fix potential DAI widget pointer deref when linking DAIs
- module: exclude SHN_UNDEF symbols from kallsyms api
- nfsd: fix corrupted reply to badly ordered compound
- ARM: dts: dra7: fix DCAN node addresses
- serial: cpm_uart: return immediately from console poll
- spi: tegra20-slink: explicitly enable/disable clock
- spi: sh-msiof: Fix invalid SPI use during system suspend
- spi: sh-msiof: Fix handling of write value for SISTR register
- spi: rspi: Fix invalid SPI use during system suspend
- spi: rspi: Fix interrupted DMA transfers
- USB: fix error handling in usb_driver_claim_interface()
- USB: handle NULL config in usb_find_alt_setting()
- slub: make ->cpu_partial unsigned int
- Revert "UBUNTU: SAUCE: media: uvcvideo: Support realtek's UVC 1.5 device"
- media: uvcvideo: Support realtek's UVC 1.5 device
- USB: usbdevfs: sanitize flags more
- USB: usbdevfs: restore warning for nonsensical flags
- Revert "usb: cdc-wdm: Fix a sleep-in-atomic-context bug in
service_outstanding_interrupt()"
- USB: remove LPM management from usb_driver_claim_interface()
- Input: elantech - enable middle button of touchpad on ThinkPad P72
- IB/srp: Avoid that sg_reset -d ${srp_device} triggers an infinite loop
- scsi: target: iscsi: Use bin2hex instead of a re-implementation
- serial: imx: restore handshaking irq for imx1
- arm64: KVM: Tighten guest core register access from userspace
- ext4: never move the system.data xattr out of the inode body
- thermal: of-thermal: disable passive polling when thermal zone is disabled
- net: hns: fix length and page_offset overflow when CONFIG_ARM64_64K_PAGES
- e1000: check on netif_running() before calling e1000_up()
- e1000: ensure to free old tx/rx rings in set_ringparam()
- hwmon: (ina2xx) fix sysfs shunt resistor read access
- hwmon: (adt7475) Make adt7475_read_word() return errors
- i2c: i801: Allow ACPI AML access I/O ports not reserved for SMBus
- arm64: cpufeature: Track 32bit EL0 support
- arm64: KVM: Sanitize PSTATE.M when being set from userspace
- media: v4l: event: Prevent freeing event subscriptions while accessed
- KVM: PPC: Book3S HV: Don't truncate HPTE index in xlate function
- mac80211: correct use of IEEE80211_VHT_CAP_RXSTBC_X
- mac80211_hwsim: correct use of IEEE80211_VHT_CAP_RXSTBC_X
- gpio: adp5588: Fix sleep-in-atomic-context bug
- mac80211: mesh: fix HWMP sequence numbering to follow standard
- cfg80211: nl80211_update_ft_ies() to validate NL80211_ATTR_IE
- RAID10 BUG_ON in raise_barrier when force is true and conf->barrier is 0
- i2c: uniphier: issue STOP only for last message or I2C_M_STOP
- i2c: uniphier-f: issue STOP only for last message or I2C_M_STOP
- net: cadence: Fix a sleep-in-atomic-context bug in macb_halt_tx()
- fs/cifs: don't translate SFM_SLASH (U+F026) to backslash
- cfg80211: fix a type issue in ieee80211_chandef_to_operating_class()
- mac80211: fix a race between restart and CSA flows
- mac80211: Fix station bandwidth setting after channel switch
- mac80211: shorten the IBSS debug messages
- tools/vm/slabinfo.c: fix sign-compare warning
- tools/vm/page-types.c: fix "defined but not used" warning
- mm: madvise(MADV_DODUMP): allow hugetlbfs pages
- usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i]
- perf probe powerpc: Ignore SyS symbols irrespective of endianness
- RDMA/ucma: check fd type in ucma_migrate_id()
- USB: yurex: Check for truncation in yurex_read()
- drm/nouveau/TBDdevinit: don't fail when PMU/PRE_OS is missing from VBIOS
- fs/cifs: suppress a string overflow warning
- dm thin metadata: try to avoid ever aborting transactions
- arch/hexagon: fix kernel/dma.c build warning
- hexagon: modify ffs() and fls() to return int
- arm64: jump_label.h: use asm_volatile_goto macro instead of "asm goto"
- r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED
- s390/qeth: don't dump past end of unknown HW header
- cifs: read overflow in is_valid_oplock_break()
- xen/manage: don't complain about an empty value in control/sysrq node
- xen: avoid crash in disable_hotplug_cpu
- xen: fix GCC warning and remove duplicate EVTCHN_ROW/EVTCHN_COL usage
- smb2: fix missing files in root share directory listing
- crypto: mxs-dcp - Fix wait logic on chan threads
- proc: restrict kernel stack dumps to root
- ocfs2: fix locking for res->tracking and dlm->tracking_list
- dm thin metadata: fix __udivdi3 undefined on 32-bit
- Linux 4.4.160
* Volume control not working Dell XPS 27 (7760) (LP: #1775068) // Xenial
update: 4.4.160 upstream stable release (LP: #1798770)
- ALSA: hda/realtek - Cannot adjust speaker's volume on Dell XPS 27 7760
* Xenial update: 4.4.160 upstream stable release (LP: #1798770) //
CVE-2018-7755
- floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl
* Xenial update: 4.4.159 upstream stable release (LP: #1798617)
- NFC: Fix possible memory corruption when handling SHDLC I-Frame commands
- NFC: Fix the number of pipes
- ASoC: cs4265: fix MMTLR Data switch control
- ALSA: bebob: use address returned by kmalloc() instead of kernel stack for
streaming DMA mapping
- ALSA: emu10k1: fix possible info leak to userspace on
SNDRV_EMU10K1_IOCTL_INFO
- platform/x86: alienware-wmi: Correct a memory leak
- xen/netfront: don't bug in case of too many frags
- xen/x86/vpmu: Zero struct pt_regs before calling into sample handling code
- ring-buffer: Allow for rescheduling when removing pages
- mm: shmem.c: Correctly annotate new inodes for lockdep
- gso_segment: Reset skb->mac_len after modifying network header
- ipv6: fix possible use-after-free in ip6_xmit()
- net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT
- net: hp100: fix always-true check for link up state
- neighbour: confirm neigh entries when ARP packet is received
- ocfs2: fix ocfs2 read block panic
- drm/nouveau/drm/nouveau: Use pm_runtime_get_noresume() in connector_detect()
- tty: vt_ioctl: fix potential Spectre v1
- ext4: avoid divide by zero fault when deleting corrupted inline directories
- ext4: recalucate superblock checksum after updating free blocks/inodes
- ext4: fix online resize's handling of a too-small final block group
- ext4: fix online resizing for bigalloc file systems with a 1k block size
- ext4: don't mark mmp buffer head dirty
- arm64: Add trace_hardirqs_off annotation in ret_to_user
- HID: sony: Update device ids
- HID: sony: Support DS4 dongle
- iw_cxgb4: only allow 1 flush on user qps
- Linux 4.4.159
* Xenial update: 4.4.158 upstream stable release (LP: #1798587)
- iommu/arm-smmu-v3: sync the OVACKFLG to PRIQ consumer register
- ALSA: msnd: Fix the default sample sizes
- ALSA: usb-audio: Fix multiple definitions in AU0828_DEVICE() macro
- xfrm: fix 'passing zero to ERR_PTR()' warning
- gfs2: Special-case rindex for gfs2_grow
- clk: imx6ul: fix missing of_node_put()
- kbuild: add .DELETE_ON_ERROR special target
- dmaengine: pl330: fix irq race with terminate_all
- MIPS: ath79: fix system restart
- media: videobuf2-core: check for q->error in vb2_core_qbuf()
- mtd/maps: fix solutionengine.c printk format warnings
- fbdev: omapfb: off by one in omapfb_register_client()
- video: goldfishfb: fix memory leak on driver remove
- fbdev/via: fix defined but not used warning
- perf powerpc: Fix callchain ip filtering when return address is in a
register
- fbdev: Distinguish between interlaced and progressive modes
- ARM: exynos: Clear global variable on init error path
- perf powerpc: Fix callchain ip filtering
- powerpc/powernv: opal_put_chars partial write fix
- MIPS: jz4740: Bump zload address
- mac80211: restrict delayed tailroom needed decrement
- xen-netfront: fix queue name setting
- arm64: dts: qcom: db410c: Fix Bluetooth LED trigger
- s390/qeth: fix race in used-buffer accounting
- s390/qeth: reset layer2 attribute on layer switch
- platform/x86: toshiba_acpi: Fix defined but not used build warnings
- crypto: sharah - Unregister correct algorithms for SAHARA 3
- xen-netfront: fix warn message as irq device name has '/'
- RDMA/cma: Protect cma dev list with lock
- pstore: Fix incorrect persistent ram buffer mapping
- xen/netfront: fix waiting for xenbus state change
- IB/ipoib: Avoid a race condition between start_xmit and cm_rep_handler
- Tools: hv: Fix a bug in the key delete code
- misc: hmc6352: fix potential Spectre v1
- usb: Don't die twice if PCI xhci host is not responding in resume
- USB: Add quirk to support DJI CineSSD
- usb: Avoid use-after-free by flushing endpoints early in usb_set_interface()
- usb: host: u132-hcd: Fix a sleep-in-atomic-context bug in u132_get_frame()
- USB: add quirk for WORLDE Controller KS49 or Prodipe MIDI 49C USB controller
- USB: net2280: Fix erroneous synchronization change
- USB: serial: io_ti: fix array underflow in completion handler
- usb: misc: uss720: Fix two sleep-in-atomic-context bugs
- USB: yurex: Fix buffer over-read in yurex_write()
- usb: cdc-wdm: Fix a sleep-in-atomic-context bug in
service_outstanding_interrupt()
- cifs: prevent integer overflow in nxt_dir_entry()
- CIFS: fix wrapping bugs in num_entries()
- binfmt_elf: Respect error return from `regset->active'
- audit: fix use-after-free in audit_add_watch
- mtdchar: fix overflows in adjustment of `count`
- MIPS: loongson64: cs5536: Fix PCI_OHCI_INT_REG reads
- ARM: hisi: handle of_iomap and fix missing of_node_put
- ARM: hisi: fix error handling and missing of_node_put
- ARM: hisi: check of_iomap and fix missing of_node_put
- drm/nouveau: tegra: Detach from ARM DMA/IOMMU mapping
- parport: sunbpp: fix error return code
- coresight: Handle errors in finding input/output ports
- coresight: tpiu: Fix disabling timeouts
- gpiolib: Mark gpio_suffixes array with __maybe_unused
- drm/amdkfd: Fix error codes in kfd_get_process
- rtc: bq4802: add error handling for devm_ioremap
- ALSA: pcm: Fix snd_interval_refine first/last with open min/max
- selftest: timers: Tweak raw_skew to SKIP when ADJ_OFFSET/other clock
adjustments are in progress
- drm/panel: type promotion bug in s6e8aa0_read_mtp_id()
- pinctrl: qcom: spmi-gpio: Fix pmic_gpio_config_get() to be compliant
- USB: serial: ti_usb_3410_5052: fix array underflow in completion handler
- mei: bus: type promotion bug in mei_nfc_if_version()
- drivers: net: cpsw: fix segfault in case of bad phy-handle
- MIPS: VDSO: Match data page cache colouring when D$ aliases
- Linux 4.4.158
* Xenial update: 4.4.157 upstream stable release (LP: #1798539)
- i2c: xiic: Make the start and the byte count write atomic
- i2c: i801: fix DNV's SMBCTRL register offset
- ALSA: hda - Fix cancel_work_sync() stall from jackpoll work
- cfq: Give a chance for arming slice idle timer in case of group_idle
- kthread: Fix use-after-free if kthread fork fails
- kthread: fix boot hang (regression) on MIPS/OpenRISC
- staging: rt5208: Fix a sleep-in-atomic bug in xd_copy_page
- staging/rts5208: Fix read overflow in memcpy
- block,blkcg: use __GFP_NOWARN for best-effort allocations in blkcg
- locking/rwsem-xadd: Fix missed wakeup due to reordering of load
- selinux: use GFP_NOWAIT in the AVC kmem_caches
- locking/osq_lock: Fix osq_lock queue corruption
- ARC: [plat-axs*]: Enable SWAP
- misc: mic: SCIF Fix scif_get_new_port() error handling
- ethtool: Remove trailing semicolon for static inline
- gpio: tegra: Move driver registration to subsys_init level
- scsi: target: fix __transport_register_session locking
- md/raid5: fix data corruption of replacements after originals dropped
- misc: ti-st: Fix memory leak in the error path of probe()
- uio: potential double frees if __uio_register_device() fails
- tty: rocket: Fix possible buffer overwrite on register_PCI
- f2fs: do not set free of current section
- perf tools: Allow overriding MAX_NR_CPUS at compile time
- NFSv4.0 fix client reference leak in callback
- macintosh/via-pmu: Add missing mmio accessors
- ath10k: prevent active scans on potential unusable channels
- MIPS: Fix ISA virt/bus conversion for non-zero PHYS_OFFSET
- ata: libahci: Correct setting of DEVSLP register
- scsi: 3ware: fix return 0 on the error path of probe
- ath10k: disable bundle mgmt tx completion event support
- Bluetooth: hidp: Fix handling of strncpy for hid->name information
- x86/mm: Remove in_nmi() warning from vmalloc_fault()
- gpio: ml-ioh: Fix buffer underwrite on probe error path
- net: mvneta: fix mtu change on port without link
- MIPS: Octeon: add missing of_node_put()
- net: dcb: For wild-card lookups, use priority -1, not 0
- Input: atmel_mxt_ts - only use first T9 instance
- iommu/ipmmu-vmsa: Fix allocation in atomic context
- mfd: ti_am335x_tscadc: Fix struct clk memory leak
- f2fs: fix to do sanity check with {sit,nat}_ver_bitmap_bytesize
- MIPS: WARN_ON invalid DMA cache maintenance, not BUG_ON
- RDMA/cma: Do not ignore net namespace for unbound cm_id
- xhci: Fix use-after-free in xhci_free_virt_device
- vmw_balloon: include asm/io.h
- netfilter: x_tables: avoid stack-out-of-bounds read in
xt_copy_counters_from_user
- drivers: net: cpsw: fix parsing of phy-handle DT property in dual_emac
config
- net: ethernet: ti: cpsw: fix mdio device reference leak
- ethernet: ti: davinci_emac: add missing of_node_put after calling
of_parse_phandle
- crypto: vmx - Fix sleep-in-atomic bugs
- mtd: ubi: wl: Fix error return code in ubi_wl_init()
- autofs: fix autofs_sbi() does not check super block type
- Linux 4.4.157
* Xenial update: 4.4.156 upstream stable release (LP: #1797563)
- staging: android: ion: fix ION_IOC_{MAP,SHARE} use-after-free
- net: bcmgenet: use MAC link status for fixed phy
- qlge: Fix netdev features configuration.
- tcp: do not restart timewait timer on rst reception
- vti6: remove !skb->ignore_df check from vti6_xmit()
- cifs: check if SMB2 PDU size has been padded and suppress the warning
- hfsplus: don't return 0 when fill_super() failed
- hfs: prevent crash on exit from failed search
- fork: don't copy inconsistent signal handler state to child
- reiserfs: change j_timestamp type to time64_t
- hfsplus: fix NULL dereference in hfsplus_lookup()
- fat: validate ->i_start before using
- scripts: modpost: check memory allocation results
- mm/fadvise.c: fix signed overflow UBSAN complaint
- fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot()
- ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest()
- mfd: sm501: Set coherent_dma_mask when creating subdevices
- platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360
- irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP
- net/9p: fix error path of p9_virtio_probe
- powerpc: Fix size calculation using resource_size()
- s390/dasd: fix hanging offline processing due to canceled worker
- scsi: aic94xx: fix an error code in aic94xx_init()
- PCI: mvebu: Fix I/O space end address calculation
- dm kcopyd: avoid softlockup in run_complete_job
- staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice
- selftests/powerpc: Kill child processes on SIGINT
- smb3: fix reset of bytes read and written stats
- SMB3: Number of requests sent should be displayed for SMB3 not just CIFS
- powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX.
- btrfs: replace: Reset on-disk dev stats value after replace
- btrfs: relocation: Only remove reloc rb_trees if reloc control has been
initialized
- btrfs: Don't remove block group that still has pinned down bytes
- debugobjects: Make stack check warning more informative
- x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear
- kbuild: make missing $DEPMOD a Warning instead of an Error
- Revert "ARM: imx_v6_v7_defconfig: Select ULPI support"
- enic: do not call enic_change_mtu in enic_probe
- Fixes: Commit cdbf92675fad ("mm: numa: avoid waiting on freed migrated
pages")
- genirq: Delay incrementing interrupt count if it's disabled/pending
- irqchip/gic-v3-its: Recompute the number of pages on page size change
- irqchip/gicv3-its: Fix memory leak in its_free_tables()
- irqchip/gicv3-its: Avoid cache flush beyond ITS_BASERn memory size
- irqchip/gic-v3: Add missing barrier to 32bit version of gic_read_iar()
- irqchip/gic: Make interrupt ID 1020 invalid
- ovl: rename is_merge to is_lowest
- ovl: override creds with the ones from the superblock mounter
- ovl: proper cleanup of workdir
- sch_htb: fix crash on init failure
- sch_multiq: fix double free on init failure
- sch_hhf: fix null pointer dereference on init failure
- sch_netem: avoid null pointer deref on init failure
- sch_tbf: fix two null pointer dereferences on init failure
- mei: me: allow runtime pm for platform with D0i3
- ASoC: wm8994: Fix missing break in switch
- btrfs: use correct compare function of dirty_metadata_bytes
- Linux 4.4.156
-- Khalid Elmously <email address hidden> Fri, 02 Nov 2018 20:05:38 +0000
-
linux-aws (4.4.0-1033.36) trusty; urgency=medium
* linux-aws: 4.4.0-1033.36 -proposed tracker (LP: #1799403)
[ Ubuntu: 4.4.0-139.165 ]
* linux: 4.4.0-139.165 -proposed tracker (LP: #1799401)
* Kernel panic after the ubuntu_nbd_smoke_test on Xenial kernel (LP: #1793464)
- nbd: Remove signal usage
- nbd: Timeouts are not user requested disconnects
- nbd: Cleanup reset of nbd and bdev after a disconnect
- nbd: don't shutdown sock with irq's disabled
- nbd: fix race in ioctl
* fscache: bad refcounting in fscache_op_complete leads to OOPS (LP: #1797314)
- SAUCE: fscache: Fix race in decrementing refcount of op->npages
* xenial: virtio-scsi: CPU soft lockup due to loop in
virtscsi_target_destroy() (LP: #1798110)
- SAUCE: (no-up) virtio-scsi: Decrement reqs counter before SCSI command
requeue
* Error reported when creating ZFS pool with "-t" option, despite successful
pool creation (LP: #1769937)
- SAUCE: (noup) Update zfs to 0.6.5.6-0ubuntu26
* Xenial update: 4.4.160 upstream stable release (LP: #1798770)
- crypto: skcipher - Fix -Wstringop-truncation warnings
- tsl2550: fix lux1_input error in low light
- vmci: type promotion bug in qp_host_get_user_memory()
- x86/numa_emulation: Fix emulated-to-physical node mapping
- staging: rts5208: fix missing error check on call to rtsx_write_register
- uwb: hwa-rc: fix memory leak at probe
- power: vexpress: fix corruption in notifier registration
- Bluetooth: Add a new Realtek 8723DE ID 0bda:b009
- USB: serial: kobil_sct: fix modem-status error handling
- 6lowpan: iphc: reset mac_header after decompress to fix panic
- md-cluster: clear another node's suspend_area after the copy is finished
- media: exynos4-is: Prevent NULL pointer dereference in __isp_video_try_fmt()
- powerpc/kdump: Handle crashkernel memory reservation failure
- media: fsl-viu: fix error handling in viu_of_probe()
- x86/tsc: Add missing header to tsc_msr.c
- x86/entry/64: Add two more instruction suffixes
- scsi: target/iscsi: Make iscsit_ta_authentication() respect the output
buffer size
- scsi: klist: Make it safe to use klists in atomic context
- scsi: ibmvscsi: Improve strings handling
- usb: wusbcore: security: cast sizeof to int for comparison
- powerpc/powernv/ioda2: Reduce upper limit for DMA window size
- alarmtimer: Prevent overflow for relative nanosleep
- s390/extmem: fix gcc 8 stringop-overflow warning
- ALSA: snd-aoa: add of_node_put() in error path
- media: s3c-camif: ignore -ENOIOCTLCMD from v4l2_subdev_call for s_power
- media: soc_camera: ov772x: correct setting of banding filter
- media: omap3isp: zero-initialize the isp cam_xclk{a,b} initial data
- staging: android: ashmem: Fix mmap size validation
- drivers/tty: add error handling for pcmcia_loop_config
- media: tm6000: add error handling for dvb_register_adapter
- ALSA: hda: Add AZX_DCAPS_PM_RUNTIME for AMD Raven Ridge
- ath10k: protect ath10k_htt_rx_ring_free with rx_ring.lock
- rndis_wlan: potential buffer overflow in rndis_wlan_auth_indication()
- wlcore: Add missing PM call for wlcore_cmd_wait_for_event_or_timeout()
- ARM: mvebu: declare asm symbols as character arrays in pmsu.c
- HID: hid-ntrig: add error handling for sysfs_create_group
- scsi: bnx2i: add error handling for ioremap_nocache
- EDAC, i7core: Fix memleaks and use-after-free on probe and remove
- ASoC: dapm: Fix potential DAI widget pointer deref when linking DAIs
- module: exclude SHN_UNDEF symbols from kallsyms api
- nfsd: fix corrupted reply to badly ordered compound
- ARM: dts: dra7: fix DCAN node addresses
- serial: cpm_uart: return immediately from console poll
- spi: tegra20-slink: explicitly enable/disable clock
- spi: sh-msiof: Fix invalid SPI use during system suspend
- spi: sh-msiof: Fix handling of write value for SISTR register
- spi: rspi: Fix invalid SPI use during system suspend
- spi: rspi: Fix interrupted DMA transfers
- USB: fix error handling in usb_driver_claim_interface()
- USB: handle NULL config in usb_find_alt_setting()
- slub: make ->cpu_partial unsigned int
- Revert "UBUNTU: SAUCE: media: uvcvideo: Support realtek's UVC 1.5 device"
- media: uvcvideo: Support realtek's UVC 1.5 device
- USB: usbdevfs: sanitize flags more
- USB: usbdevfs: restore warning for nonsensical flags
- Revert "usb: cdc-wdm: Fix a sleep-in-atomic-context bug in
service_outstanding_interrupt()"
- USB: remove LPM management from usb_driver_claim_interface()
- Input: elantech - enable middle button of touchpad on ThinkPad P72
- IB/srp: Avoid that sg_reset -d ${srp_device} triggers an infinite loop
- scsi: target: iscsi: Use bin2hex instead of a re-implementation
- serial: imx: restore handshaking irq for imx1
- arm64: KVM: Tighten guest core register access from userspace
- ext4: never move the system.data xattr out of the inode body
- thermal: of-thermal: disable passive polling when thermal zone is disabled
- net: hns: fix length and page_offset overflow when CONFIG_ARM64_64K_PAGES
- e1000: check on netif_running() before calling e1000_up()
- e1000: ensure to free old tx/rx rings in set_ringparam()
- hwmon: (ina2xx) fix sysfs shunt resistor read access
- hwmon: (adt7475) Make adt7475_read_word() return errors
- i2c: i801: Allow ACPI AML access I/O ports not reserved for SMBus
- arm64: cpufeature: Track 32bit EL0 support
- arm64: KVM: Sanitize PSTATE.M when being set from userspace
- media: v4l: event: Prevent freeing event subscriptions while accessed
- KVM: PPC: Book3S HV: Don't truncate HPTE index in xlate function
- mac80211: correct use of IEEE80211_VHT_CAP_RXSTBC_X
- mac80211_hwsim: correct use of IEEE80211_VHT_CAP_RXSTBC_X
- gpio: adp5588: Fix sleep-in-atomic-context bug
- mac80211: mesh: fix HWMP sequence numbering to follow standard
- cfg80211: nl80211_update_ft_ies() to validate NL80211_ATTR_IE
- RAID10 BUG_ON in raise_barrier when force is true and conf->barrier is 0
- i2c: uniphier: issue STOP only for last message or I2C_M_STOP
- i2c: uniphier-f: issue STOP only for last message or I2C_M_STOP
- net: cadence: Fix a sleep-in-atomic-context bug in macb_halt_tx()
- fs/cifs: don't translate SFM_SLASH (U+F026) to backslash
- cfg80211: fix a type issue in ieee80211_chandef_to_operating_class()
- mac80211: fix a race between restart and CSA flows
- mac80211: Fix station bandwidth setting after channel switch
- mac80211: shorten the IBSS debug messages
- tools/vm/slabinfo.c: fix sign-compare warning
- tools/vm/page-types.c: fix "defined but not used" warning
- mm: madvise(MADV_DODUMP): allow hugetlbfs pages
- usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i]
- perf probe powerpc: Ignore SyS symbols irrespective of endianness
- RDMA/ucma: check fd type in ucma_migrate_id()
- USB: yurex: Check for truncation in yurex_read()
- drm/nouveau/TBDdevinit: don't fail when PMU/PRE_OS is missing from VBIOS
- fs/cifs: suppress a string overflow warning
- dm thin metadata: try to avoid ever aborting transactions
- arch/hexagon: fix kernel/dma.c build warning
- hexagon: modify ffs() and fls() to return int
- arm64: jump_label.h: use asm_volatile_goto macro instead of "asm goto"
- r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED
- s390/qeth: don't dump past end of unknown HW header
- cifs: read overflow in is_valid_oplock_break()
- xen/manage: don't complain about an empty value in control/sysrq node
- xen: avoid crash in disable_hotplug_cpu
- xen: fix GCC warning and remove duplicate EVTCHN_ROW/EVTCHN_COL usage
- smb2: fix missing files in root share directory listing
- crypto: mxs-dcp - Fix wait logic on chan threads
- proc: restrict kernel stack dumps to root
- ocfs2: fix locking for res->tracking and dlm->tracking_list
- dm thin metadata: fix __udivdi3 undefined on 32-bit
- Linux 4.4.160
* Volume control not working Dell XPS 27 (7760) (LP: #1775068) // Xenial
update: 4.4.160 upstream stable release (LP: #1798770)
- ALSA: hda/realtek - Cannot adjust speaker's volume on Dell XPS 27 7760
* Xenial update: 4.4.160 upstream stable release (LP: #1798770) //
CVE-2018-7755
- floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl
* Xenial update: 4.4.159 upstream stable release (LP: #1798617)
- NFC: Fix possible memory corruption when handling SHDLC I-Frame commands
- NFC: Fix the number of pipes
- ASoC: cs4265: fix MMTLR Data switch control
- ALSA: bebob: use address returned by kmalloc() instead of kernel stack for
streaming DMA mapping
- ALSA: emu10k1: fix possible info leak to userspace on
SNDRV_EMU10K1_IOCTL_INFO
- platform/x86: alienware-wmi: Correct a memory leak
- xen/netfront: don't bug in case of too many frags
- xen/x86/vpmu: Zero struct pt_regs before calling into sample handling code
- ring-buffer: Allow for rescheduling when removing pages
- mm: shmem.c: Correctly annotate new inodes for lockdep
- gso_segment: Reset skb->mac_len after modifying network header
- ipv6: fix possible use-after-free in ip6_xmit()
- net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT
- net: hp100: fix always-true check for link up state
- neighbour: confirm neigh entries when ARP packet is received
- ocfs2: fix ocfs2 read block panic
- drm/nouveau/drm/nouveau: Use pm_runtime_get_noresume() in connector_detect()
- tty: vt_ioctl: fix potential Spectre v1
- ext4: avoid divide by zero fault when deleting corrupted inline directories
- ext4: recalucate superblock checksum after updating free blocks/inodes
- ext4: fix online resize's handling of a too-small final block group
- ext4: fix online resizing for bigalloc file systems with a 1k block size
- ext4: don't mark mmp buffer head dirty
- arm64: Add trace_hardirqs_off annotation in ret_to_user
- HID: sony: Update device ids
- HID: sony: Support DS4 dongle
- iw_cxgb4: only allow 1 flush on user qps
- Linux 4.4.159
* Xenial update: 4.4.158 upstream stable release (LP: #1798587)
- iommu/arm-smmu-v3: sync the OVACKFLG to PRIQ consumer register
- ALSA: msnd: Fix the default sample sizes
- ALSA: usb-audio: Fix multiple definitions in AU0828_DEVICE() macro
- xfrm: fix 'passing zero to ERR_PTR()' warning
- gfs2: Special-case rindex for gfs2_grow
- clk: imx6ul: fix missing of_node_put()
- kbuild: add .DELETE_ON_ERROR special target
- dmaengine: pl330: fix irq race with terminate_all
- MIPS: ath79: fix system restart
- media: videobuf2-core: check for q->error in vb2_core_qbuf()
- mtd/maps: fix solutionengine.c printk format warnings
- fbdev: omapfb: off by one in omapfb_register_client()
- video: goldfishfb: fix memory leak on driver remove
- fbdev/via: fix defined but not used warning
- perf powerpc: Fix callchain ip filtering when return address is in a
register
- fbdev: Distinguish between interlaced and progressive modes
- ARM: exynos: Clear global variable on init error path
- perf powerpc: Fix callchain ip filtering
- powerpc/powernv: opal_put_chars partial write fix
- MIPS: jz4740: Bump zload address
- mac80211: restrict delayed tailroom needed decrement
- xen-netfront: fix queue name setting
- arm64: dts: qcom: db410c: Fix Bluetooth LED trigger
- s390/qeth: fix race in used-buffer accounting
- s390/qeth: reset layer2 attribute on layer switch
- platform/x86: toshiba_acpi: Fix defined but not used build warnings
- crypto: sharah - Unregister correct algorithms for SAHARA 3
- xen-netfront: fix warn message as irq device name has '/'
- RDMA/cma: Protect cma dev list with lock
- pstore: Fix incorrect persistent ram buffer mapping
- xen/netfront: fix waiting for xenbus state change
- IB/ipoib: Avoid a race condition between start_xmit and cm_rep_handler
- Tools: hv: Fix a bug in the key delete code
- misc: hmc6352: fix potential Spectre v1
- usb: Don't die twice if PCI xhci host is not responding in resume
- USB: Add quirk to support DJI CineSSD
- usb: Avoid use-after-free by flushing endpoints early in usb_set_interface()
- usb: host: u132-hcd: Fix a sleep-in-atomic-context bug in u132_get_frame()
- USB: add quirk for WORLDE Controller KS49 or Prodipe MIDI 49C USB controller
- USB: net2280: Fix erroneous synchronization change
- USB: serial: io_ti: fix array underflow in completion handler
- usb: misc: uss720: Fix two sleep-in-atomic-context bugs
- USB: yurex: Fix buffer over-read in yurex_write()
- usb: cdc-wdm: Fix a sleep-in-atomic-context bug in
service_outstanding_interrupt()
- cifs: prevent integer overflow in nxt_dir_entry()
- CIFS: fix wrapping bugs in num_entries()
- binfmt_elf: Respect error return from `regset->active'
- audit: fix use-after-free in audit_add_watch
- mtdchar: fix overflows in adjustment of `count`
- MIPS: loongson64: cs5536: Fix PCI_OHCI_INT_REG reads
- ARM: hisi: handle of_iomap and fix missing of_node_put
- ARM: hisi: fix error handling and missing of_node_put
- ARM: hisi: check of_iomap and fix missing of_node_put
- drm/nouveau: tegra: Detach from ARM DMA/IOMMU mapping
- parport: sunbpp: fix error return code
- coresight: Handle errors in finding input/output ports
- coresight: tpiu: Fix disabling timeouts
- gpiolib: Mark gpio_suffixes array with __maybe_unused
- drm/amdkfd: Fix error codes in kfd_get_process
- rtc: bq4802: add error handling for devm_ioremap
- ALSA: pcm: Fix snd_interval_refine first/last with open min/max
- selftest: timers: Tweak raw_skew to SKIP when ADJ_OFFSET/other clock
adjustments are in progress
- drm/panel: type promotion bug in s6e8aa0_read_mtp_id()
- pinctrl: qcom: spmi-gpio: Fix pmic_gpio_config_get() to be compliant
- USB: serial: ti_usb_3410_5052: fix array underflow in completion handler
- mei: bus: type promotion bug in mei_nfc_if_version()
- drivers: net: cpsw: fix segfault in case of bad phy-handle
- MIPS: VDSO: Match data page cache colouring when D$ aliases
- Linux 4.4.158
* Xenial update: 4.4.157 upstream stable release (LP: #1798539)
- i2c: xiic: Make the start and the byte count write atomic
- i2c: i801: fix DNV's SMBCTRL register offset
- ALSA: hda - Fix cancel_work_sync() stall from jackpoll work
- cfq: Give a chance for arming slice idle timer in case of group_idle
- kthread: Fix use-after-free if kthread fork fails
- kthread: fix boot hang (regression) on MIPS/OpenRISC
- staging: rt5208: Fix a sleep-in-atomic bug in xd_copy_page
- staging/rts5208: Fix read overflow in memcpy
- block,blkcg: use __GFP_NOWARN for best-effort allocations in blkcg
- locking/rwsem-xadd: Fix missed wakeup due to reordering of load
- selinux: use GFP_NOWAIT in the AVC kmem_caches
- locking/osq_lock: Fix osq_lock queue corruption
- ARC: [plat-axs*]: Enable SWAP
- misc: mic: SCIF Fix scif_get_new_port() error handling
- ethtool: Remove trailing semicolon for static inline
- gpio: tegra: Move driver registration to subsys_init level
- scsi: target: fix __transport_register_session locking
- md/raid5: fix data corruption of replacements after originals dropped
- misc: ti-st: Fix memory leak in the error path of probe()
- uio: potential double frees if __uio_register_device() fails
- tty: rocket: Fix possible buffer overwrite on register_PCI
- f2fs: do not set free of current section
- perf tools: Allow overriding MAX_NR_CPUS at compile time
- NFSv4.0 fix client reference leak in callback
- macintosh/via-pmu: Add missing mmio accessors
- ath10k: prevent active scans on potential unusable channels
- MIPS: Fix ISA virt/bus conversion for non-zero PHYS_OFFSET
- ata: libahci: Correct setting of DEVSLP register
- scsi: 3ware: fix return 0 on the error path of probe
- ath10k: disable bundle mgmt tx completion event support
- Bluetooth: hidp: Fix handling of strncpy for hid->name information
- x86/mm: Remove in_nmi() warning from vmalloc_fault()
- gpio: ml-ioh: Fix buffer underwrite on probe error path
- net: mvneta: fix mtu change on port without link
- MIPS: Octeon: add missing of_node_put()
- net: dcb: For wild-card lookups, use priority -1, not 0
- Input: atmel_mxt_ts - only use first T9 instance
- iommu/ipmmu-vmsa: Fix allocation in atomic context
- mfd: ti_am335x_tscadc: Fix struct clk memory leak
- f2fs: fix to do sanity check with {sit,nat}_ver_bitmap_bytesize
- MIPS: WARN_ON invalid DMA cache maintenance, not BUG_ON
- RDMA/cma: Do not ignore net namespace for unbound cm_id
- xhci: Fix use-after-free in xhci_free_virt_device
- vmw_balloon: include asm/io.h
- netfilter: x_tables: avoid stack-out-of-bounds read in
xt_copy_counters_from_user
- drivers: net: cpsw: fix parsing of phy-handle DT property in dual_emac
config
- net: ethernet: ti: cpsw: fix mdio device reference leak
- ethernet: ti: davinci_emac: add missing of_node_put after calling
of_parse_phandle
- crypto: vmx - Fix sleep-in-atomic bugs
- mtd: ubi: wl: Fix error return code in ubi_wl_init()
- autofs: fix autofs_sbi() does not check super block type
- Linux 4.4.157
* Xenial update: 4.4.156 upstream stable release (LP: #1797563)
- staging: android: ion: fix ION_IOC_{MAP,SHARE} use-after-free
- net: bcmgenet: use MAC link status for fixed phy
- qlge: Fix netdev features configuration.
- tcp: do not restart timewait timer on rst reception
- vti6: remove !skb->ignore_df check from vti6_xmit()
- cifs: check if SMB2 PDU size has been padded and suppress the warning
- hfsplus: don't return 0 when fill_super() failed
- hfs: prevent crash on exit from failed search
- fork: don't copy inconsistent signal handler state to child
- reiserfs: change j_timestamp type to time64_t
- hfsplus: fix NULL dereference in hfsplus_lookup()
- fat: validate ->i_start before using
- scripts: modpost: check memory allocation results
- mm/fadvise.c: fix signed overflow UBSAN complaint
- fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot()
- ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest()
- mfd: sm501: Set coherent_dma_mask when creating subdevices
- platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360
- irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP
- net/9p: fix error path of p9_virtio_probe
- powerpc: Fix size calculation using resource_size()
- s390/dasd: fix hanging offline processing due to canceled worker
- scsi: aic94xx: fix an error code in aic94xx_init()
- PCI: mvebu: Fix I/O space end address calculation
- dm kcopyd: avoid softlockup in run_complete_job
- staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice
- selftests/powerpc: Kill child processes on SIGINT
- smb3: fix reset of bytes read and written stats
- SMB3: Number of requests sent should be displayed for SMB3 not just CIFS
- powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX.
- btrfs: replace: Reset on-disk dev stats value after replace
- btrfs: relocation: Only remove reloc rb_trees if reloc control has been
initialized
- btrfs: Don't remove block group that still has pinned down bytes
- debugobjects: Make stack check warning more informative
- x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear
- kbuild: make missing $DEPMOD a Warning instead of an Error
- Revert "ARM: imx_v6_v7_defconfig: Select ULPI support"
- enic: do not call enic_change_mtu in enic_probe
- Fixes: Commit cdbf92675fad ("mm: numa: avoid waiting on freed migrated
pages")
- genirq: Delay incrementing interrupt count if it's disabled/pending
- irqchip/gic-v3-its: Recompute the number of pages on page size change
- irqchip/gicv3-its: Fix memory leak in its_free_tables()
- irqchip/gicv3-its: Avoid cache flush beyond ITS_BASERn memory size
- irqchip/gic-v3: Add missing barrier to 32bit version of gic_read_iar()
- irqchip/gic: Make interrupt ID 1020 invalid
- ovl: rename is_merge to is_lowest
- ovl: override creds with the ones from the superblock mounter
- ovl: proper cleanup of workdir
- sch_htb: fix crash on init failure
- sch_multiq: fix double free on init failure
- sch_hhf: fix null pointer dereference on init failure
- sch_netem: avoid null pointer deref on init failure
- sch_tbf: fix two null pointer dereferences on init failure
- mei: me: allow runtime pm for platform with D0i3
- ASoC: wm8994: Fix missing break in switch
- btrfs: use correct compare function of dirty_metadata_bytes
- Linux 4.4.156
-- Khalid Elmously <email address hidden> Tue, 30 Oct 2018 05:34:49 +0000
-
linux-aws (4.4.0-1032.35) trusty; urgency=medium
* linux-aws: 4.4.0-1032.35 -proposed tracker (LP: #1795583)
[ Ubuntu: 4.4.0-138.164 ]
* linux: 4.4.0-138.164 -proposed tracker (LP: #1795582)
* Linux 4.4.155 stable release build is broken on ppc64 (LP: #1795662)
- powerpc/fadump: Return error when fadump registration fails
* Kernel hang on drive pull caused by regression introduced by commit
287922eb0b18 (LP: #1791790)
- block: Fix a race between blk_cleanup_queue() and timeout handling
* qeth: use vzalloc for QUERY OAT buffer (LP: #1793086)
- s390/qeth: use vzalloc for QUERY OAT buffer
* Page leaking in cachefiles_read_backing_file while vmscan is active
(LP: #1793430)
- SAUCE: cachefiles: Page leaking in cachefiles_read_backing_file while vmscan
is active
* Bugfix for handling of shadow doorbell buffer (LP: #1788222)
- nvme-pci: add a memory barrier to nvme_dbbuf_update_and_check_event
* Xenial update to 4.4.155 stable release (LP: #1792419)
- net: 6lowpan: fix reserved space for single frames
- net: mac802154: tx: expand tailroom if necessary
- 9p/net: Fix zero-copy path in the 9p virtio transport
- net: lan78xx: Fix misplaced tasklet_schedule() call
- spi: davinci: fix a NULL pointer dereference
- drm/i915/userptr: reject zero user_size
- powerpc/fadump: handle crash memory ranges array index overflow
- powerpc/pseries: Fix endianness while restoring of r3 in MCE handler.
- fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed
- 9p/virtio: fix off-by-one error in sg list bounds check
- net/9p/client.c: version pointer uninitialized
- net/9p/trans_fd.c: fix race-condition by flushing workqueue before the
kfree()
- dm cache metadata: save in-core policy_hint_size to on-disk superblock
- iio: ad9523: Fix displayed phase
- iio: ad9523: Fix return value for ad952x_store()
- vmw_balloon: fix inflation of 64-bit GFNs
- vmw_balloon: do not use 2MB without batching
- vmw_balloon: VMCI_DOORBELL_SET does not check status
- vmw_balloon: fix VMCI use when balloon built into kernel
- tracing: Do not call start/stop() functions when tracing_on does not change
- tracing/blktrace: Fix to allow setting same value
- kthread, tracing: Don't expose half-written comm when creating kthreads
- uprobes: Use synchronize_rcu() not synchronize_sched()
- 9p: fix multiple NULL-pointer-dereferences
- PM / sleep: wakeup: Fix build error caused by missing SRCU support
- pnfs/blocklayout: off by one in bl_map_stripe()
- ARM: tegra: Fix Tegra30 Cardhu PCA954x reset
- mm/tlb: Remove tlb_remove_table() non-concurrent condition
- iommu/vt-d: Add definitions for PFSID
- iommu/vt-d: Fix dev iotlb pfsid use
- osf_getdomainname(): use copy_to_user()
- sys: don't hold uts_sem while accessing userspace memory
- userns: move user access out of the mutex
- ubifs: Fix memory leak in lprobs self-check
- Revert "UBIFS: Fix potential integer overflow in allocation"
- ubifs: Check data node size before truncate
- ubifs: Fix synced_i_size calculation for xattr inodes
- pwm: tiehrpwm: Fix disabling of output of PWMs
- fb: fix lost console when the user unplugs a USB adapter
- udlfb: set optimal write delay
- getxattr: use correct xattr length
- bcache: release dc->writeback_lock properly in bch_writeback_thread()
- perf auxtrace: Fix queue resize
- fs/quota: Fix spectre gadget in do_quotactl
- x86/io: add interface to reserve io memtype for a resource range. (v1.1)
- drm/drivers: add support for using the arch wc mapping API.
- Linux 4.4.155
* Xenial update to 4.4.154 stable release (LP: #1792392)
- sched/sysctl: Check user input value of sysctl_sched_time_avg
- Cipso: cipso_v4_optptr enter infinite loop
- vti6: fix PMTU caching and reporting on xmit
- xfrm: fix missing dst_release() after policy blocking lbcast and multicast
- xfrm: free skb if nlsk pointer is NULL
- mac80211: add stations tied to AP_VLANs during hw reconfig
- nl80211: Add a missing break in parse_station_flags
- drm/bridge: adv7511: Reset registers on hotplug
- scsi: libiscsi: fix possible NULL pointer dereference in case of TMF
- drm/imx: imx-ldb: disable LDB on driver bind
- drm/imx: imx-ldb: check if channel is enabled before printing warning
- usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in
init_controller()
- usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in
r8a66597_queue()
- usb/phy: fix PPC64 build errors in phy-fsl-usb.c
- tools: usb: ffs-test: Fix build on big endian systems
- usb: gadget: f_uac2: fix endianness of 'struct cntrl_*_lay3'
- tools/power turbostat: fix -S on UP systems
- net: caif: Add a missing rcu_read_unlock() in caif_flow_cb
- qed: Fix possible race for the link state value.
- atl1c: reserve min skb headroom
- net: prevent ISA drivers from building on PPC32
- can: mpc5xxx_can: check of_iomap return before use
- i2c: davinci: Avoid zero value of CLKH
- media: staging: omap4iss: Include asm/cacheflush.h after generic includes
- bnx2x: Fix invalid memory access in rss hash config path.
- net: axienet: Fix double deregister of mdio
- selftests/ftrace: Add snapshot and tracing_on test case
- zswap: re-check zswap_is_full() after do zswap_shrink()
- tools/power turbostat: Read extended processor family from CPUID
- Revert "MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum"
- enic: handle mtu change for vf properly
- arc: fix build errors in arc/include/asm/delay.h
- arc: fix type warnings in arc/mm/cache.c
- drivers: net: lmc: fix case value for target abort error
- scsi: fcoe: drop frames in ELS LOGO error path
- scsi: vmw_pvscsi: Return DID_RESET for status SAM_STAT_COMMAND_TERMINATED
- mm/memory.c: check return value of ioremap_prot
- cifs: add missing debug entries for kconfig options
- cifs: check kmalloc before use
- smb3: Do not send SMB3 SET_INFO if nothing changed
- smb3: don't request leases in symlink creation and query
- btrfs: don't leak ret from do_chunk_alloc
- s390/kvm: fix deadlock when killed by oom
- ext4: check for NUL characters in extended attribute's name
- ext4: sysfs: print ext4_super_block fields as little-endian
- ext4: reset error code in ext4_find_entry in fallback
- arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid()
- KVM: arm/arm64: Skip updating PTE entry if no change
- KVM: arm/arm64: Skip updating PMD entry if no change
- x86/speculation/l1tf: Suggest what to do on systems with too much RAM
- x86/process: Re-export start_thread()
- fuse: Don't access pipe->buffers without pipe_lock()
- fuse: fix double request_end()
- fuse: fix unlocked access to processing queue
- fuse: umount should wait for all requests
- fuse: Fix oops at process_init_reply()
- fuse: Add missed unlock_page() to fuse_readpages_fill()
- udl-kms: change down_interruptible to down
- udl-kms: handle allocation failure
- udl-kms: fix crash due to uninitialized memory
- ASoC: dpcm: don't merge format from invalid codec dai
- ASoC: sirf: Fix potential NULL pointer dereference
- pinctrl: freescale: off by one in imx1_pinconf_group_dbg_show()
- x86/irqflags: Mark native_restore_fl extern inline
- s390: fix br_r1_trampoline for machines without exrl
- s390/qdio: reset old sbal_state flags
- kprobes: Make list and blacklist root user read only
- MIPS: Correct the 64-bit DSP accumulator register size
- MIPS: lib: Provide MIPS64r6 __multi3() for GCC < 7
- scsi: sysfs: Introduce sysfs_{un,}break_active_protection()
- scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock
- iscsi target: fix session creation failure handling
- cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status
- Linux 4.4.154
* Xenial update to 4.4.153 stable release (LP: #1792383)
- x86/mm: Fix use-after-free of ldt_struct
- ovl: Ensure upper filesystem supports d_type
- ovl: Do d_type check only if work dir creation was successful
- ovl: warn instead of error if d_type is not supported
- Linux 4.4.153
* Xenial update to 4.4.152 stable release (LP: #1792377)
- ARC: Explicitly add -mmedium-calls to CFLAGS
- netfilter: ipv6: nf_defrag: reduce struct net memory waste
- selftests: pstore: return Kselftest Skip code for skipped tests
- selftests: static_keys: return Kselftest Skip code for skipped tests
- selftests: user: return Kselftest Skip code for skipped tests
- selftests: zram: return Kselftest Skip code for skipped tests
- selftests: sync: add config fragment for testing sync framework
- ARM: dts: Cygnus: Fix I2C controller interrupt type
- usb: dwc2: fix isoc split in transfer with no data
- usb: gadget: composite: fix delayed_status race condition when set_interface
- usb: gadget: dwc2: fix memory leak in gadget_init()
- scsi: xen-scsifront: add error handling for xenbus_printf
- arm64: make secondary_start_kernel() notrace
- qed: Add sanity check for SIMD fastpath handler.
- enic: initialize enic->rfs_h.lock in enic_probe
- net: hamradio: use eth_broadcast_addr
- net: propagate dev_get_valid_name return code
- ARC: Enable machine_desc->init_per_cpu for !CONFIG_SMP
- net: davinci_emac: match the mdio device against its compatible if possible
- locking/lockdep: Do not record IRQ state within lockdep code
- ipv6: mcast: fix unsolicited report interval after receiving querys
- Smack: Mark inode instant in smack_task_to_inode
- cxgb4: when disabling dcb set txq dcb priority to 0
- brcmfmac: stop watchdog before detach and free everything
- ARM: dts: am437x: make edt-ft5x06 a wakeup source
- usb: xhci: increase CRS timeout value
- perf test session topology: Fix test on s390
- perf report powerpc: Fix crash if callchain is empty
- selftests/x86/sigreturn/64: Fix spurious failures on AMD CPUs
- ARM: dts: da850: Fix interrups property for gpio
- dmaengine: k3dma: Off by one in k3_of_dma_simple_xlate()
- md/raid10: fix that replacement cannot complete recovery after reassemble
- drm/exynos: gsc: Fix support for NV16/61, YUV420/YVU420 and YUV422 modes
- drm/exynos: decon5433: Fix per-plane global alpha for XRGB modes
- drm/exynos: decon5433: Fix WINCONx reset value
- bnx2x: Fix receiving tx-timeout in error or recovery state.
- m68k: fix "bad page state" oops on ColdFire boot
- HID: wacom: Correct touch maximum XY of 2nd-gen Intuos
- ARM: imx_v6_v7_defconfig: Select ULPI support
- ARM: imx_v4_v5_defconfig: Select ULPI support
- tracing: Use __printf markup to silence compiler
- kasan: fix shadow_size calculation error in kasan_module_alloc
- smsc75xx: Add workaround for gigabit link up hardware errata.
- netfilter: x_tables: set module owner for icmp(6) matches
- ARM: pxa: irq: fix handling of ICMR registers in suspend/resume
- ieee802154: at86rf230: switch from BUG_ON() to WARN_ON() on problem
- ieee802154: at86rf230: use __func__ macro for debug messages
- ieee802154: fakelb: switch from BUG_ON() to WARN_ON() on problem
- drm/armada: fix colorkey mode property
- bnxt_en: Fix for system hang if request_irq fails
- perf llvm-utils: Remove bashism from kernel include fetch script
- ARM: 8780/1: ftrace: Only set kernel memory back to read-only after boot
- ARM: dts: am3517.dtsi: Disable reference to OMAP3 OTG controller
- ixgbe: Be more careful when modifying MAC filters
- packet: reset network header if packet shorter than ll reserved space
- qlogic: check kstrtoul() for errors
- tcp: remove DELAYED ACK events in DCTCP
- drm/nouveau/gem: off by one bugs in nouveau_gem_pushbuf_reloc_apply()
- net/ethernet/freescale/fman: fix cross-build error
- net: usb: rtl8150: demote allmulti message to dev_dbg()
- net: qca_spi: Avoid packet drop during initial sync
- net: qca_spi: Make sure the QCA7000 reset is triggered
- net: qca_spi: Fix log level if probe fails
- tcp: identify cryptic messages as TCP seq # bugs
- staging: android: ion: check for kref overflow
- KVM: irqfd: fix race between EPOLLHUP and irq_bypass_register_consumer
- ext4: fix spectre gadget in ext4_mb_regular_allocator()
- parisc: Remove ordered stores from syscall.S
- xfrm_user: prevent leaking 2 bytes of kernel memory
- netfilter: conntrack: dccp: treat SYNC/SYNCACK as invalid if no prior state
- packet: refine ring v3 block size test to hold one frame
- bridge: Propagate vlan add failure to user
- parisc: Remove unnecessary barriers from spinlock.h
- PCI: hotplug: Don't leak pci_slot on registration failure
- PCI: Skip MPS logic for Virtual Functions (VFs)
- PCI: pciehp: Fix use-after-free on unplug
- i2c: imx: Fix race condition in dma read
- reiserfs: fix broken xattr handling (heap corruption, bad retval)
- Linux 4.4.152
* Xenial update to 4.4.151 stable release (LP: #1792340)
- dccp: fix undefined behavior with 'cwnd' shift in ccid2_cwnd_restart()
- l2tp: use sk_dst_check() to avoid race on sk->sk_dst_cache
- llc: use refcount_inc_not_zero() for llc_sap_find()
- net_sched: Fix missing res info when create new tc_index filter
- vsock: split dwork to avoid reinitializations
- net_sched: fix NULL pointer dereference when delete tcindex filter
- ALSA: hda - Sleep for 10ms after entering D3 on Conexant codecs
- ALSA: hda - Turn CX8200 into D3 as well upon reboot
- ALSA: vx222: Fix invalid endian conversions
- ALSA: virmidi: Fix too long output trigger loop
- ALSA: cs5535audio: Fix invalid endian conversion
- ALSA: hda: Correct Asrock B85M-ITX power_save blacklist entry
- ALSA: memalloc: Don't exceed over the requested size
- ALSA: vxpocket: Fix invalid endian conversions
- USB: serial: sierra: fix potential deadlock at close
- USB: option: add support for DW5821e
- ACPI: save NVS memory for Lenovo G50-45
- ACPI / PM: save NVS memory for ASUS 1025C laptop
- serial: 8250_dw: always set baud rate in dw8250_set_termios
- Bluetooth: avoid killing an already killed socket
- isdn: Disable IIOCDBGVAR
- Linux 4.4.151
* Xenial update to 4.4.150 stable release (LP: #1792336)
- x86/speculation/l1tf: Exempt zeroed PTEs from inversion
- Linux 4.4.150
* Xenial update to 4.4.149 stable release (LP: #1792310)
- x86/mm: Disable ioremap free page handling on x86-PAE
- tcp: Fix missing range_truesize enlargement in the backport
- kasan: don't emit builtin calls when sanitization is off
- i2c: ismt: fix wrong device address when unmap the data buffer
- kbuild: verify that $DEPMOD is installed
- crypto: vmac - require a block cipher with 128-bit block size
- crypto: vmac - separate tfm and request context
- crypto: blkcipher - fix crash flushing dcache in error path
- crypto: ablkcipher - fix crash flushing dcache in error path
- ASoC: Intel: cht_bsw_max98090_ti: Fix jack initialization
- ioremap: Update pgtable free interfaces with addr
- x86/mm: Add TLB purge to free pmd/pte page interfaces
- Linux 4.4.149
* Xenial update to 4.4.149 stable release (LP: #1792310) // CVE-2018-9363
- Bluetooth: hidp: buffer overflow in hidp_process_report
* Xenial update to 4.4.148 stable release (LP: #1792174)
- ext4: fix check to prevent initializing reserved inodes
- tpm: fix race condition in tpm_common_write()
- ipv4+ipv6: Make INET*_ESP select CRYPTO_ECHAINIV
- fork: unconditionally clear stack on fork
- parisc: Enable CONFIG_MLONGCALLS by default
- parisc: Define mb() and add memory barriers to assembler unlock sequences
- xen/netfront: don't cache skb_shinfo()
- ACPI / LPSS: Add missing prv_offset setting for byt/cht PWM devices
- scsi: sr: Avoid that opening a CD-ROM hangs with runtime power management
enabled
- root dentries need RCU-delayed freeing
- fix mntput/mntput race
- fix __legitimize_mnt()/mntput() race
- IB/core: Make testing MR flags for writability a static inline function
- IB/mlx4: Mark user MR as writable if actual virtual memory is writable
- IB/ocrdma: fix out of bounds access to local buffer
- ARM: dts: imx6sx: fix irq for pcie bridge
- kprobes/x86: Fix %p uses in error messages
- x86/irqflags: Provide a declaration for native_save_fl
- SAUCE: Sync pgtable_64.h with upstream stable
- mm: x86: move _PAGE_SWP_SOFT_DIRTY from bit 7 to bit 1
- SAUCE: Sync pgtable-3level.h with upstream stable
- SAUCE: Sync pgtable.h with upstream stable
- mm: Add vm_insert_pfn_prot()
- mm: fix cache mode tracking in vm_insert_mixed()
- x86/mm/kmmio: Make the tracer robust against L1TF
- x86/init: fix build with CONFIG_SWAP=n
- Linux 4.4.148
* Xenial update to 4.4.147 stable release (LP: #1792109)
- scsi: qla2xxx: Fix ISP recovery on unload
- scsi: qla2xxx: Return error when TMF returns
- genirq: Make force irq threading setup more robust
- nohz: Fix local_timer_softirq_pending()
- netlink: Do not subscribe to non-existent groups
- netlink: Don't shift with UB on nlk->ngroups
- netlink: Don't shift on 64 for ngroups
- ACPI / PCI: Bail early in acpi_pci_add_bus() if there is no ACPI handle
- ring_buffer: tracing: Inherit the tracing setting to next ring buffer
- i2c: imx: Fix reinit_completion() use
- Linux 4.4.147
* Xenial update to 4.4.146 stable release (LP: #1791953)
- MIPS: Fix off-by-one in pci_resource_to_user()
- Input: elan_i2c - add ACPI ID for lenovo ideapad 330
- Input: i8042 - add Lenovo LaVie Z to the i8042 reset list
- Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST
- tracing: Fix double free of event_trigger_data
- tracing: Fix possible double free in event_enable_trigger_func()
- tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure
- tracing: Quiet gcc warning about maybe unused link variable
- xen/netfront: raise max number of slots in xennet_get_responses()
- ALSA: emu10k1: add error handling for snd_ctl_add
- ALSA: fm801: add error handling for snd_ctl_add
- nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo
- mm: vmalloc: avoid racy handling of debugobjects in vunmap
- mm/slub.c: add __printf verification to slab_err()
- rtc: ensure rtc_set_alarm fails when alarms are not supported
- netfilter: ipset: List timing out entries with "timeout 1" instead of zero
- infiniband: fix a possible use-after-free bug
- hvc_opal: don't set tb_ticks_per_usec in udbg_init_opal_common()
- powerpc/64s: Fix compiler store ordering to SLB shadow area
- RDMA/mad: Convert BUG_ONs to error flows
- disable loading f2fs module on PAGE_SIZE > 4KB
- f2fs: fix to don't trigger writeback during recovery
- usbip: usbip_detach: Fix memory, udev context and udev leak
- perf/x86/intel/uncore: Correct fixed counter index check in generic code
- perf/x86/intel/uncore: Correct fixed counter index check for NHM
- iwlwifi: pcie: fix race in Rx buffer allocator
- Bluetooth: hci_qca: Fix "Sleep inside atomic section" warning
- Bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011
- ASoC: dpcm: fix BE dai not hw_free and shutdown
- mfd: cros_ec: Fail early if we cannot identify the EC
- mwifiex: handle race during mwifiex_usb_disconnect
- wlcore: sdio: check for valid platform device data before suspend
- media: videobuf2-core: don't call memop 'finish' when queueing
- btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups
- btrfs: qgroup: Finish rescan when hit the last leaf of extent tree
- PCI: Prevent sysfs disable of device while driver is attached
- ath: Add regulatory mapping for FCC3_ETSIC
- ath: Add regulatory mapping for ETSI8_WORLD
- ath: Add regulatory mapping for APL13_WORLD
- ath: Add regulatory mapping for APL2_FCCA
- ath: Add regulatory mapping for Uganda
- ath: Add regulatory mapping for Tanzania
- ath: Add regulatory mapping for Serbia
- ath: Add regulatory mapping for Bermuda
- ath: Add regulatory mapping for Bahamas
- powerpc/32: Add a missing include header
- powerpc/chrp/time: Make some functions static, add missing header include
- powerpc/powermac: Add missing prototype for note_bootable_part()
- powerpc/powermac: Mark variable x as unused
- powerpc/8xx: fix invalid register expression in head_8xx.S
- pinctrl: at91-pio4: add missing of_node_put
- PCI: pciehp: Request control of native hotplug only if supported
- mwifiex: correct histogram data with appropriate index
- scsi: ufs: fix exception event handling
- ALSA: emu10k1: Rate-limit error messages about page errors
- regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops
- md: fix NULL dereference of mddev->pers in remove_and_add_spares()
- media: smiapp: fix timeout checking in smiapp_read_nvm
- ALSA: usb-audio: Apply rate limit to warning messages in URB complete
callback
- HID: hid-plantronics: Re-resend Update to map button for PTT products
- drm/radeon: fix mode_valid's return type
- powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by
Starlet
- HID: i2c-hid: check if device is there before really probing
- tty: Fix data race in tty_insert_flip_string_fixed_flag
- dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA
- media: rcar_jpu: Add missing clk_disable_unprepare() on error in jpu_open()
- libata: Fix command retry decision
- media: saa7164: Fix driver name in debug output
- mtd: rawnand: fsl_ifc: fix FSL NAND driver to read all ONFI parameter pages
- brcmfmac: Add support for bcm43364 wireless chipset
- s390/cpum_sf: Add data entry sizes to sampling trailer entry
- perf: fix invalid bit in diagnostic entry
- scsi: 3w-9xxx: fix a missing-check bug
- scsi: 3w-xxxx: fix a missing-check bug
- scsi: megaraid: silence a static checker bug
- thermal: exynos: fix setting rising_threshold for Exynos5433
- bpf: fix references to free_bpf_prog_info() in comments
- media: siano: get rid of __le32/__le16 cast warnings
- drm/atomic: Handling the case when setting old crtc for plane
- ALSA: hda/ca0132: fix build failure when a local macro is defined
- memory: tegra: Do not handle spurious interrupts
- memory: tegra: Apply interrupts mask per SoC
- drm/gma500: fix psb_intel_lvds_mode_valid()'s return type
- ipconfig: Correctly initialise ic_nameservers
- rsi: Fix 'invalid vdd' warning in mmc
- audit: allow not equal op for audit by executable
- microblaze: Fix simpleImage format generation
- usb: hub: Don't wait for connect state at resume for powered-off ports
- crypto: authencesn - don't leak pointers to authenc keys
- crypto: authenc - don't leak pointers to authenc keys
- media: omap3isp: fix unbalanced dma_iommu_mapping
- scsi: scsi_dh: replace too broad "TP9" string with the exact models
- scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs
- media: si470x: fix __be16 annotations
- drm: Add DP PSR2 sink enable bit
- random: mix rdrand with entropy sent in from userspace
- squashfs: be more careful about metadata corruption
- ext4: fix inline data updates with checksums enabled
- ext4: check for allocation block validity with block group locked
- dmaengine: pxa_dma: remove duplicate const qualifier
- ASoC: pxa: Fix module autoload for platform drivers
- ipv4: remove BUG_ON() from fib_compute_spec_dst
- net: fix amd-xgbe flow-control issue
- net: lan78xx: fix rx handling before first packet is send
- xen-netfront: wait xenbus state change when load module manually
- NET: stmmac: align DMA stuff to largest cache line length
- tcp: do not force quickack when receiving out-of-order packets
- tcp: add max_quickacks param to tcp_incr_quickack and
tcp_enter_quickack_mode
- tcp: do not aggressively quick ack after ECN events
- tcp: refactor tcp_ecn_check_ce to remove sk type cast
- tcp: add one more quick ack after after ECN events
- inet: frag: enforce memory limits earlier
- net: dsa: Do not suspend/resume closed slave_dev
- netlink: Fix spectre v1 gadget in netlink_create()
- squashfs: more metadata hardening
- squashfs: more metadata hardenings
- can: ems_usb: Fix memory leak on ems_usb_disconnect()
- net: socket: fix potential spectre v1 gadget in socketcall
- virtio_balloon: fix another race between migration and ballooning
- kvm: x86: vmx: fix vpid leak
- crypto: padlock-aes - Fix Nano workaround data corruption
- scsi: sg: fix minor memory leak in error path
- Linux 4.4.146
* Xenial update to 4.4.145 stable release (LP: #1791942)
- MIPS: ath79: fix register address in ath79_ddr_wb_flush()
- ip: hash fragments consistently
- net/mlx4_core: Save the qpn from the input modifier in RST2INIT wrapper
- rtnetlink: add rtnl_link_state check in rtnl_configure_link
- tcp: fix dctcp delayed ACK schedule
- tcp: helpers to send special DCTCP ack
- tcp: do not cancel delay-AcK on DCTCP special ACK
- tcp: do not delay ACK in DCTCP upon CE status change
- ip: in cmsg IP(V6)_ORIGDSTADDR call pskb_may_pull
- usb: cdc_acm: Add quirk for Castles VEGA3000
- usb: core: handle hub C_PORT_OVER_CURRENT condition
- usb: gadget: f_fs: Only return delayed status when len is 0
- driver core: Partially revert "driver core: correct device's shutdown order"
- can: xilinx_can: fix RX loop if RXNEMP is asserted without RXOK
- can: xilinx_can: fix recovery from error states not being propagated
- can: xilinx_can: fix device dropping off bus on RX overrun
- can: xilinx_can: keep only 1-2 frames in TX FIFO to fix TX accounting
- can: xilinx_can: fix incorrect clear of non-processed interrupts
- can: xilinx_can: fix RX overflow interrupt not being enabled
- turn off -Wattribute-alias
- ARM: fix put_user() for gcc-8
- Linux 4.4.145
* kernel panic - null pointer dereference on ipset operations (LP: #1793753)
- netfilter: ipset: fix race condition in ipset save, swap and delete
- netfilter: ipset: Fix race between dump and swap
* Improvements to the kernel source package preparation (LP: #1793461)
- [Packaging] startnewrelease: add support for backport kernels
* update ENA driver to latest mainline version (LP: #1792044)
- net: ena: Remove redundant unlikely()
- net: ena: reduce the severity of some printouts
- net: ena: fix rare kernel crash when bar memory remap fails
- net: ena: fix wrong max Tx/Rx queues on ethtool
- net: ena: improve ENA driver boot time.
- net: ena: remove legacy suspend suspend/resume support
- net: ena: add power management ops to the ENA driver
- net: ena: add statistics for missed tx packets
- net: ena: add new admin define for future support of IPv6 RSS
- net: ena: increase ena driver version to 1.3.0
- net: ena: fix race condition between device reset and link up setup
- net: ena: add detection and recovery mechanism for handling missed/misrouted
MSI-X
- net: ena: increase ena driver version to 1.5.0
- net: ena: fix error handling in ena_down() sequence
- net: ena: Eliminate duplicate barriers on weakly-ordered archs
- SAUCE: ena: devm_kzalloc() -> devm_kcalloc()
- net: ena: Fix use of uninitialized DMA address bits field
- net: ena: fix surprise unplug NULL dereference kernel crash
- net: ena: fix driver when PAGE_SIZE == 64kB
- net: ena: fix device destruction to gracefully free resources
- net: ena: fix potential double ena_destroy_device()
- net: ena: fix missing lock during device destruction
- net: ena: fix missing calls to READ_ONCE
- net: ena: fix incorrect usage of memory barriers
-- Kleber Sacilotto de Souza <email address hidden> Fri, 05 Oct 2018 09:54:28 +0000
-
linux-aws (4.4.0-1031.34) trusty; urgency=medium
[ Ubuntu: 4.4.0-137.163 ]
* CVE-2018-14633
- iscsi target: Use hex2bin instead of a re-implementation
* CVE-2018-17182
- mm: get rid of vmacache_flush_all() entirely
linux-aws (4.4.0-1030.33) trusty; urgency=medium
* linux-aws: 4.4.0-1030.33 -proposed tracker (LP: #1791746)
* Xenial update to 4.4.141 stable release (LP: #1790620)
- [Config] Refresh configs for 4.4.141
[ Ubuntu: 4.4.0-136.162 ]
* linux: 4.4.0-136.162 -proposed tracker (LP: #1791745)
* CVE-2017-5753
- bpf: properly enforce index mask to prevent out-of-bounds speculation
- Revert "UBUNTU: SAUCE: bpf: Use barrier_nospec() instead of osb()"
- Revert "bpf: prevent speculative execution in eBPF interpreter"
* L1TF mitigation not effective in some CPU and RAM combinations
(LP: #1788563) // CVE-2018-3620 // CVE-2018-3646
- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit
- x86/speculation/l1tf: Fix off-by-one error when warning that system has too
much RAM
- x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+
* CVE-2018-15594
- x86/paravirt: Fix spectre-v2 mitigations for paravirt guests
* Xenial update to 4.4.144 stable release (LP: #1791080)
- KVM/Eventfd: Avoid crash when assign and deassign specific eventfd in
parallel.
- x86/MCE: Remove min interval polling limitation
- fat: fix memory allocation failure handling of match_strdup()
- ALSA: rawmidi: Change resized buffers atomically
- ARC: Fix CONFIG_SWAP
- ARC: mm: allow mprotect to make stack mappings executable
- mm: memcg: fix use after free in mem_cgroup_iter()
- ipv4: Return EINVAL when ping_group_range sysctl doesn't map to user ns
- ipv6: fix useless rol32 call on hash
- lib/rhashtable: consider param->min_size when setting initial table size
- net/ipv4: Set oif in fib_compute_spec_dst
- net: phy: fix flag masking in __set_phy_supported
- ptp: fix missing break in switch
- tg3: Add higher cpu clock for 5762.
- net: Don't copy pfmemalloc flag in __copy_skb_header()
- skbuff: Unconditionally copy pfmemalloc in __skb_clone()
- xhci: Fix perceived dead host due to runtime suspend race with event handler
- x86/paravirt: Make native_save_fl() extern inline
- SAUCE: Add missing CPUID_7_EDX defines
- SAUCE: x86/speculation: Expose indirect_branch_prediction_barrier()
- x86/pti: Mark constant arrays as __initconst
- x86/asm/entry/32: Simplify pushes of zeroed pt_regs->REGs
- x86/entry/64/compat: Clear registers for compat syscalls, to reduce
speculation attack surface
- x86/speculation: Clean up various Spectre related details
- x86/speculation: Fix up array_index_nospec_mask() asm constraint
- x86/xen: Zero MSR_IA32_SPEC_CTRL before suspend
- x86/mm: Factor out LDT init from context init
- x86/mm: Give each mm TLB flush generation a unique ID
- SAUCE: x86/speculation: Use Indirect Branch Prediction Barrier in context
switch
- x86/speculation: Use IBRS if available before calling into firmware
- x86/speculation: Move firmware_restrict_branch_speculation_*() from C to CPP
- selftest/seccomp: Fix the seccomp(2) signature
- xen: set cpu capabilities from xen_start_kernel()
- x86/amd: don't set X86_BUG_SYSRET_SS_ATTRS when running under Xen
- SAUCE: Preserve SPEC_CTRL MSR in new inlines
- SAUCE: Add Knights Mill to NO SSB list
- x86/process: Correct and optimize TIF_BLOCKSTEP switch
- x86/process: Optimize TIF_NOTSC switch
- Revert "x86/cpufeatures: Add FEATURE_ZEN"
- Revert "x86/cpu/AMD: Fix erratum 1076 (CPB bit)"
- x86/cpu/AMD: Fix erratum 1076 (CPB bit)
- x86/cpufeatures: Add FEATURE_ZEN
- x86/xen: Add call of speculative_store_bypass_ht_init() to PV paths
- x86/cpu: Re-apply forced caps every time CPU caps are re-read
- block: do not use interruptible wait anywhere
- clk: tegra: Fix PLL_U post divider and initial rate on Tegra30
- ubi: Introduce vol_ignored()
- ubi: Rework Fastmap attach base code
- ubi: Be more paranoid while seaching for the most recent Fastmap
- ubi: Fix races around ubi_refill_pools()
- ubi: Fix Fastmap's update_vol()
- ubi: fastmap: Erase outdated anchor PEBs during attach
- Linux 4.4.144
* CVE-2017-5715 (Spectre v2 s390x)
- s390: detect etoken facility
- s390/lib: use expoline for all bcr instructions
- SAUCE: s390: use expoline thunks for all branches generated by the BPF JIT
* Xenial update to 4.4.143 stable release (LP: #1790884)
- compiler, clang: suppress warning for unused static inline functions
- compiler, clang: properly override 'inline' for clang
- compiler, clang: always inline when CONFIG_OPTIMIZE_INLINING is disabled
- compiler-gcc.h: Add __attribute__((gnu_inline)) to all inline declarations
- x86/asm: Add _ASM_ARG* constants for argument registers to <asm/asm.h>
- ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent
- bcm63xx_enet: correct clock usage
- bcm63xx_enet: do not write to random DMA channel on BCM6345
- crypto: crypto4xx - remove bad list_del
- crypto: crypto4xx - fix crypto4xx_build_pdr, crypto4xx_build_sdr leak
- atm: zatm: Fix potential Spectre v1
- net: dccp: avoid crash in ccid3_hc_rx_send_feedback()
- net: dccp: switch rx_tstamp_last_feedback to monotonic clock
- net/mlx5: Fix incorrect raw command length parsing
- net: sungem: fix rx checksum support
- qed: Limit msix vectors in kdump kernel to the minimum required count.
- r8152: napi hangup fix after disconnect
- tcp: fix Fast Open key endianness
- tcp: prevent bogus FRTO undos with non-SACK flows
- vhost_net: validate sock before trying to put its fd
- net_sched: blackhole: tell upper qdisc about dropped packets
- net/mlx5: Fix command interface race in polling mode
- net: cxgb3_main: fix potential Spectre v1
- rtlwifi: rtl8821ae: fix firmware is not ready to run
- MIPS: Call dump_stack() from show_regs()
- MIPS: Use async IPIs for arch_trigger_cpumask_backtrace()
- netfilter: ebtables: reject non-bridge targets
- KEYS: DNS: fix parsing multiple options
- rds: avoid unenecessary cong_update in loop transport
- net/nfc: Avoid stalls when nfc_alloc_send_skb() returned NULL.
- Linux 4.4.143
* Xenial update to 4.4.142 stable release (LP: #1790883)
- Kbuild: fix # escaping in .cmd files for future Make
- perf tools: Move syscall number fallbacks from perf-sys.h to
tools/arch/x86/include/asm/
- Linux 4.4.142
* Xenial update to 4.4.141 stable release (LP: #1790620)
- MIPS: Fix ioremap() RAM check
- ibmasm: don't write out of bounds in read handler
- vmw_balloon: fix inflation with batching
- ahci: Disable LPM on Lenovo 50 series laptops with a too old BIOS
- USB: serial: ch341: fix type promotion bug in ch341_control_in()
- USB: serial: cp210x: add another USB ID for Qivicon ZigBee stick
- USB: serial: keyspan_pda: fix modem-status error handling
- USB: yurex: fix out-of-bounds uaccess in read handler
- USB: serial: mos7840: fix status-register error handling
- usb: quirks: add delay quirks for Corsair Strafe
- xhci: xhci-mem: off by one in xhci_stream_id_to_ring()
- HID: usbhid: add quirk for innomedia INNEX GENESIS/ATARI adapter
- tools build: fix # escaping in .cmd files for future Make
- iw_cxgb4: correctly enforce the max reg_mr depth
- x86/cpufeature: Move some of the scattered feature bits to x86_capability
- x86/cpu: Provide a config option to disable static_cpu_has
- x86/fpu: Add an XSTATE_OP() macro
- x86/fpu: Get rid of xstate_fault()
- x86/headers: Don't include asm/processor.h in asm/atomic.h
- x86/cpufeature: Replace the old static_cpu_has() with safe variant
- x86/cpufeature: Get rid of the non-asm goto variant
- x86/alternatives: Add an auxilary section
- x86/alternatives: Discard dynamic check after init
- x86/vdso: Use static_cpu_has()
- x86/boot: Simplify kernel load address alignment check
- x86/cpufeature: Speed up cpu_feature_enabled()
- x86/cpufeature, x86/mm/pkeys: Add protection keys related CPUID definitions
- x86/mm/pkeys: Fix mismerge of protection keys CPUID bits
- x86/cpu: Add detection of AMD RAS Capabilities
- x86/cpufeature, x86/mm/pkeys: Fix broken compile-time disabling of pkeys
- x86/cpufeature: Make sure DISABLED/REQUIRED macros are updated
- x86/cpufeature: Add helper macro for mask check macros
- uprobes/x86: Remove incorrect WARN_ON() in uprobe_init_insn()
- netfilter: nf_queue: augment nfqa_cfg_policy
- netfilter: x_tables: initialise match/target check parameter struct
- loop: add recursion validation to LOOP_CHANGE_FD
- PM / hibernate: Fix oops at snapshot_write()
- SAUCE: RDMA/ucm: Blacklist UCM module
- loop: remember whether sysfs_create_group() was done
- Linux 4.4.141
- [Config] Refresh configs for 4.4.141
* regression with EXT4 file systems and meta_bg flag (LP: #1789653)
- ext4: fix false negatives *and* false positives in ext4_check_descriptors()
* CVE-2018-15572
- x86/speculation: Protect against userspace-userspace spectreRSB
* random oopses on s390 systems using NVMe devices (LP: #1790480)
- s390/pci: fix out of bounds access during irq setup
* CVE-2018-6555
- SAUCE: irda: Only insert new objects into the global database via setsockopt
* CVE-2018-6554
- SAUCE: irda: Fix memory leak caused by repeated binds of irda socket
* errors when scanning partition table of corrupted AIX disk (LP: #1787281)
- partitions/aix: fix usage of uninitialized lv_info and lvname structures
- partitions/aix: append null character to print data from disk
-- Stefan Bader <email address hidden> Tue, 25 Sep 2018 10:36:45 +0200
-
linux-aws (4.4.0-1030.33) trusty; urgency=medium
* linux-aws: 4.4.0-1030.33 -proposed tracker (LP: #1791746)
* Xenial update to 4.4.141 stable release (LP: #1790620)
- [Config] Refresh configs for 4.4.141
[ Ubuntu: 4.4.0-136.162 ]
* linux: 4.4.0-136.162 -proposed tracker (LP: #1791745)
* CVE-2017-5753
- bpf: properly enforce index mask to prevent out-of-bounds speculation
- Revert "UBUNTU: SAUCE: bpf: Use barrier_nospec() instead of osb()"
- Revert "bpf: prevent speculative execution in eBPF interpreter"
* L1TF mitigation not effective in some CPU and RAM combinations
(LP: #1788563) // CVE-2018-3620 // CVE-2018-3646
- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit
- x86/speculation/l1tf: Fix off-by-one error when warning that system has too
much RAM
- x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+
* CVE-2018-15594
- x86/paravirt: Fix spectre-v2 mitigations for paravirt guests
* Xenial update to 4.4.144 stable release (LP: #1791080)
- KVM/Eventfd: Avoid crash when assign and deassign specific eventfd in
parallel.
- x86/MCE: Remove min interval polling limitation
- fat: fix memory allocation failure handling of match_strdup()
- ALSA: rawmidi: Change resized buffers atomically
- ARC: Fix CONFIG_SWAP
- ARC: mm: allow mprotect to make stack mappings executable
- mm: memcg: fix use after free in mem_cgroup_iter()
- ipv4: Return EINVAL when ping_group_range sysctl doesn't map to user ns
- ipv6: fix useless rol32 call on hash
- lib/rhashtable: consider param->min_size when setting initial table size
- net/ipv4: Set oif in fib_compute_spec_dst
- net: phy: fix flag masking in __set_phy_supported
- ptp: fix missing break in switch
- tg3: Add higher cpu clock for 5762.
- net: Don't copy pfmemalloc flag in __copy_skb_header()
- skbuff: Unconditionally copy pfmemalloc in __skb_clone()
- xhci: Fix perceived dead host due to runtime suspend race with event handler
- x86/paravirt: Make native_save_fl() extern inline
- SAUCE: Add missing CPUID_7_EDX defines
- SAUCE: x86/speculation: Expose indirect_branch_prediction_barrier()
- x86/pti: Mark constant arrays as __initconst
- x86/asm/entry/32: Simplify pushes of zeroed pt_regs->REGs
- x86/entry/64/compat: Clear registers for compat syscalls, to reduce
speculation attack surface
- x86/speculation: Clean up various Spectre related details
- x86/speculation: Fix up array_index_nospec_mask() asm constraint
- x86/xen: Zero MSR_IA32_SPEC_CTRL before suspend
- x86/mm: Factor out LDT init from context init
- x86/mm: Give each mm TLB flush generation a unique ID
- SAUCE: x86/speculation: Use Indirect Branch Prediction Barrier in context
switch
- x86/speculation: Use IBRS if available before calling into firmware
- x86/speculation: Move firmware_restrict_branch_speculation_*() from C to CPP
- selftest/seccomp: Fix the seccomp(2) signature
- xen: set cpu capabilities from xen_start_kernel()
- x86/amd: don't set X86_BUG_SYSRET_SS_ATTRS when running under Xen
- SAUCE: Preserve SPEC_CTRL MSR in new inlines
- SAUCE: Add Knights Mill to NO SSB list
- x86/process: Correct and optimize TIF_BLOCKSTEP switch
- x86/process: Optimize TIF_NOTSC switch
- Revert "x86/cpufeatures: Add FEATURE_ZEN"
- Revert "x86/cpu/AMD: Fix erratum 1076 (CPB bit)"
- x86/cpu/AMD: Fix erratum 1076 (CPB bit)
- x86/cpufeatures: Add FEATURE_ZEN
- x86/xen: Add call of speculative_store_bypass_ht_init() to PV paths
- x86/cpu: Re-apply forced caps every time CPU caps are re-read
- block: do not use interruptible wait anywhere
- clk: tegra: Fix PLL_U post divider and initial rate on Tegra30
- ubi: Introduce vol_ignored()
- ubi: Rework Fastmap attach base code
- ubi: Be more paranoid while seaching for the most recent Fastmap
- ubi: Fix races around ubi_refill_pools()
- ubi: Fix Fastmap's update_vol()
- ubi: fastmap: Erase outdated anchor PEBs during attach
- Linux 4.4.144
* CVE-2017-5715 (Spectre v2 s390x)
- s390: detect etoken facility
- s390/lib: use expoline for all bcr instructions
- SAUCE: s390: use expoline thunks for all branches generated by the BPF JIT
* Xenial update to 4.4.143 stable release (LP: #1790884)
- compiler, clang: suppress warning for unused static inline functions
- compiler, clang: properly override 'inline' for clang
- compiler, clang: always inline when CONFIG_OPTIMIZE_INLINING is disabled
- compiler-gcc.h: Add __attribute__((gnu_inline)) to all inline declarations
- x86/asm: Add _ASM_ARG* constants for argument registers to <asm/asm.h>
- ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent
- bcm63xx_enet: correct clock usage
- bcm63xx_enet: do not write to random DMA channel on BCM6345
- crypto: crypto4xx - remove bad list_del
- crypto: crypto4xx - fix crypto4xx_build_pdr, crypto4xx_build_sdr leak
- atm: zatm: Fix potential Spectre v1
- net: dccp: avoid crash in ccid3_hc_rx_send_feedback()
- net: dccp: switch rx_tstamp_last_feedback to monotonic clock
- net/mlx5: Fix incorrect raw command length parsing
- net: sungem: fix rx checksum support
- qed: Limit msix vectors in kdump kernel to the minimum required count.
- r8152: napi hangup fix after disconnect
- tcp: fix Fast Open key endianness
- tcp: prevent bogus FRTO undos with non-SACK flows
- vhost_net: validate sock before trying to put its fd
- net_sched: blackhole: tell upper qdisc about dropped packets
- net/mlx5: Fix command interface race in polling mode
- net: cxgb3_main: fix potential Spectre v1
- rtlwifi: rtl8821ae: fix firmware is not ready to run
- MIPS: Call dump_stack() from show_regs()
- MIPS: Use async IPIs for arch_trigger_cpumask_backtrace()
- netfilter: ebtables: reject non-bridge targets
- KEYS: DNS: fix parsing multiple options
- rds: avoid unenecessary cong_update in loop transport
- net/nfc: Avoid stalls when nfc_alloc_send_skb() returned NULL.
- Linux 4.4.143
* Xenial update to 4.4.142 stable release (LP: #1790883)
- Kbuild: fix # escaping in .cmd files for future Make
- perf tools: Move syscall number fallbacks from perf-sys.h to
tools/arch/x86/include/asm/
- Linux 4.4.142
* Xenial update to 4.4.141 stable release (LP: #1790620)
- MIPS: Fix ioremap() RAM check
- ibmasm: don't write out of bounds in read handler
- vmw_balloon: fix inflation with batching
- ahci: Disable LPM on Lenovo 50 series laptops with a too old BIOS
- USB: serial: ch341: fix type promotion bug in ch341_control_in()
- USB: serial: cp210x: add another USB ID for Qivicon ZigBee stick
- USB: serial: keyspan_pda: fix modem-status error handling
- USB: yurex: fix out-of-bounds uaccess in read handler
- USB: serial: mos7840: fix status-register error handling
- usb: quirks: add delay quirks for Corsair Strafe
- xhci: xhci-mem: off by one in xhci_stream_id_to_ring()
- HID: usbhid: add quirk for innomedia INNEX GENESIS/ATARI adapter
- tools build: fix # escaping in .cmd files for future Make
- iw_cxgb4: correctly enforce the max reg_mr depth
- x86/cpufeature: Move some of the scattered feature bits to x86_capability
- x86/cpu: Provide a config option to disable static_cpu_has
- x86/fpu: Add an XSTATE_OP() macro
- x86/fpu: Get rid of xstate_fault()
- x86/headers: Don't include asm/processor.h in asm/atomic.h
- x86/cpufeature: Replace the old static_cpu_has() with safe variant
- x86/cpufeature: Get rid of the non-asm goto variant
- x86/alternatives: Add an auxilary section
- x86/alternatives: Discard dynamic check after init
- x86/vdso: Use static_cpu_has()
- x86/boot: Simplify kernel load address alignment check
- x86/cpufeature: Speed up cpu_feature_enabled()
- x86/cpufeature, x86/mm/pkeys: Add protection keys related CPUID definitions
- x86/mm/pkeys: Fix mismerge of protection keys CPUID bits
- x86/cpu: Add detection of AMD RAS Capabilities
- x86/cpufeature, x86/mm/pkeys: Fix broken compile-time disabling of pkeys
- x86/cpufeature: Make sure DISABLED/REQUIRED macros are updated
- x86/cpufeature: Add helper macro for mask check macros
- uprobes/x86: Remove incorrect WARN_ON() in uprobe_init_insn()
- netfilter: nf_queue: augment nfqa_cfg_policy
- netfilter: x_tables: initialise match/target check parameter struct
- loop: add recursion validation to LOOP_CHANGE_FD
- PM / hibernate: Fix oops at snapshot_write()
- SAUCE: RDMA/ucm: Blacklist UCM module
- loop: remember whether sysfs_create_group() was done
- Linux 4.4.141
- [Config] Refresh configs for 4.4.141
* regression with EXT4 file systems and meta_bg flag (LP: #1789653)
- ext4: fix false negatives *and* false positives in ext4_check_descriptors()
* CVE-2018-15572
- x86/speculation: Protect against userspace-userspace spectreRSB
* random oopses on s390 systems using NVMe devices (LP: #1790480)
- s390/pci: fix out of bounds access during irq setup
* CVE-2018-6555
- SAUCE: irda: Only insert new objects into the global database via setsockopt
* CVE-2018-6554
- SAUCE: irda: Fix memory leak caused by repeated binds of irda socket
* errors when scanning partition table of corrupted AIX disk (LP: #1787281)
- partitions/aix: fix usage of uninitialized lv_info and lvname structures
- partitions/aix: append null character to print data from disk
-- Khalid Elmously <email address hidden> Wed, 12 Sep 2018 01:14:34 -0400
-
linux-aws (4.4.0-1029.32) trusty; urgency=medium
* linux-aws: 4.4.0-1029.32 -proposed tracker (LP: #1788767)
[ Ubuntu: 4.4.0-135.161 ]
* linux: 4.4.0-135.161 -proposed tracker (LP: #1788766)
* [Regression] APM Merlin boards fail to recover link after interface down/up
(LP: #1785739)
- net: phylib: fix interrupts re-enablement in phy_start
- net: phy: fix phy_start to consider PHY_IGNORE_INTERRUPT
* qeth: don't clobber buffer on async TX completion (LP: #1786057)
- s390/qeth: don't clobber buffer on async TX completion
* nvme: avoid cqe corruption (LP: #1788035)
- nvme: avoid cqe corruption when update at the same time as read
* CacheFiles: Error: Overlong wait for old active object to go away.
(LP: #1776254)
- cachefiles: Fix missing clear of the CACHEFILES_OBJECT_ACTIVE flag
- cachefiles: Wait rather than BUG'ing on "Unexpected object collision"
* fscache cookie refcount updated incorrectly during fscache object allocation
(LP: #1776277) // fscache cookie refcount updated incorrectly during fscache
object allocation (LP: #1776277)
- fscache: Fix reference overput in fscache_attach_object() error handling
* FS-Cache: Assertion failed: FS-Cache: 6 == 5 is false (LP: #1774336)
- Revert "UBUNTU: SAUCE: CacheFiles: fix a read_waiter/read_copier race"
- fscache: Allow cancelled operations to be enqueued
- cachefiles: Fix refcounting bug in backing-file read monitoring
* linux-cloud-tools-common: Ensure hv-kvp-daemon.service starts before
walinuxagent.service (LP: #1739107)
- [Debian] hyper-v -- Ensure that hv-kvp-daemon.service starts before
walinuxagent.service
-- Khalid Elmously <email address hidden> Mon, 27 Aug 2018 00:40:46 -0400
-
linux-aws (4.4.0-1028.31) trusty; urgency=medium
* linux-aws: 4.4.0-1028.31 -proposed tracker (LP: #1787178)
* Xenial update to 4.4.136 stable release (LP: #1776177)
- [Config] Add CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE=y
[ Ubuntu: 4.4.0-134.160 ]
* linux: 4.4.0-134.160 -proposed tracker (LP: #1787177)
* locking sockets broken due to missing AppArmor socket mediation patches
(LP: #1780227)
- UBUNTU SAUCE: apparmor: fix apparmor mediating locking non-fs, unix sockets
* Backport namespaced fscaps to xenial 4.4 (LP: #1778286)
- Introduce v3 namespaced file capabilities
- commoncap: move assignment of fs_ns to avoid null pointer dereference
- capabilities: fix buffer overread on very short xattr
- commoncap: Handle memory allocation failure.
* Xenial update to 4.4.140 stable release (LP: #1784409)
- usb: cdc_acm: Add quirk for Uniden UBC125 scanner
- USB: serial: cp210x: add CESINEL device ids
- USB: serial: cp210x: add Silicon Labs IDs for Windows Update
- n_tty: Fix stall at n_tty_receive_char_special().
- staging: android: ion: Return an ERR_PTR in ion_map_kernel
- n_tty: Access echo_* variables carefully.
- x86/boot: Fix early command-line parsing when matching at end
- ath10k: fix rfc1042 header retrieval in QCA4019 with eth decap mode
- i2c: rcar: fix resume by always initializing registers before transfer
- ipv4: Fix error return value in fib_convert_metrics()
- kprobes/x86: Do not modify singlestep buffer while resuming
- nvme-pci: initialize queue memory before interrupts
- netfilter: nf_tables: use WARN_ON_ONCE instead of BUG_ON in nft_do_chain()
- ARM: dts: imx6q: Use correct SDMA script for SPI5 core
- ubi: fastmap: Correctly handle interrupted erasures in EBA
- mm: hugetlb: yield when prepping struct pages
- tracing: Fix missing return symbol in function_graph output
- scsi: sg: mitigate read/write abuse
- s390: Correct register corruption in critical section cleanup
- drbd: fix access after free
- cifs: Fix infinite loop when using hard mount option
- jbd2: don't mark block as modified if the handle is out of credits
- ext4: make sure bitmaps and the inode table don't overlap with bg
descriptors
- ext4: always check block group bounds in ext4_init_block_bitmap()
- ext4: only look at the bg_flags field if it is valid
- ext4: verify the depth of extent tree in ext4_find_extent()
- ext4: include the illegal physical block in the bad map ext4_error msg
- ext4: clear i_data in ext4_inode_info when removing inline data
- ext4: add more inode number paranoia checks
- ext4: add more mount time checks of the superblock
- ext4: check superblock mapped prior to committing
- HID: i2c-hid: Fix "incomplete report" noise
- HID: hiddev: fix potential Spectre v1
- HID: debug: check length before copy_to_user()
- x86/mce: Detect local MCEs properly
- x86/mce: Fix incorrect "Machine check from unknown source" message
- media: cx25840: Use subdev host data for PLL override
- mm, page_alloc: do not break __GFP_THISNODE by zonelist reset
- dm bufio: avoid sleeping while holding the dm_bufio lock
- dm bufio: drop the lock when doing GFP_NOIO allocation
- mtd: rawnand: mxc: set spare area size register explicitly
- dm bufio: don't take the lock in dm_bufio_shrink_count
- mtd: cfi_cmdset_0002: Change definition naming to retry write operation
- mtd: cfi_cmdset_0002: Change erase functions to retry for error
- mtd: cfi_cmdset_0002: Change erase functions to check chip good only
- netfilter: nf_log: don't hold nf_log_mutex during user access
- staging: comedi: quatech_daqp_cs: fix no-op loop daqp_ao_insn_write()
- Linux 4.4.140
* Xenial update to 4.4.139 stable release (LP: #1784382)
- xfrm6: avoid potential infinite loop in _decode_session6()
- netfilter: ebtables: handle string from userspace with care
- ipvs: fix buffer overflow with sync daemon and service
- atm: zatm: fix memcmp casting
- net: qmi_wwan: Add Netgear Aircard 779S
- net/sonic: Use dma_mapping_error()
- Revert "Btrfs: fix scrub to repair raid6 corruption"
- tcp: do not overshoot window_clamp in tcp_rcv_space_adjust()
- Btrfs: make raid6 rebuild retry more
- usb: musb: fix remote wakeup racing with suspend
- bonding: re-evaluate force_primary when the primary slave name changes
- tcp: verify the checksum of the first data segment in a new connection
- ext4: update mtime in ext4_punch_hole even if no blocks are released
- ext4: fix fencepost error in check for inode count overflow during resize
- driver core: Don't ignore class_dir_create_and_add() failure.
- btrfs: scrub: Don't use inode pages for device replace
- ALSA: hda - Handle kzalloc() failure in snd_hda_attach_pcm_stream()
- ALSA: hda: add dock and led support for HP EliteBook 830 G5
- ALSA: hda: add dock and led support for HP ProBook 640 G4
- cpufreq: Fix new policy initialization during limits updates via sysfs
- libata: zpodd: make arrays cdb static, reduces object code size
- libata: zpodd: small read overflow in eject_tray()
- libata: Drop SanDisk SD7UB3Q*G1001 NOLPM quirk
- w1: mxc_w1: Enable clock before calling clk_get_rate() on it
- x86/spectre_v1: Disable compiler optimizations over
array_index_mask_nospec()
- m68k/mm: Adjust VM area to be unmapped by gap size for __iounmap()
- serial: sh-sci: Use spin_{try}lock_irqsave instead of open coding version
- signal/xtensa: Consistenly use SIGBUS in do_unaligned_user
- usb: do not reset if a low-speed or full-speed device timed out
- 1wire: family module autoload fails because of upper/lower case mismatch.
- ASoC: dapm: delete dapm_kcontrol_data paths list before freeing it
- ASoC: cirrus: i2s: Fix LRCLK configuration
- ASoC: cirrus: i2s: Fix {TX|RX}LinCtrlData setup
- lib/vsprintf: Remove atomic-unsafe support for %pCr
- mips: ftrace: fix static function graph tracing
- branch-check: fix long->int truncation when profiling branches
- ipmi:bt: Set the timeout before doing a capabilities check
- Bluetooth: hci_qca: Avoid missing rampatch failure with userspace fw loader
- fuse: atomic_o_trunc should truncate pagecache
- fuse: don't keep dead fuse_conn at fuse_fill_super().
- fuse: fix control dir setup and teardown
- powerpc/mm/hash: Add missing isync prior to kernel stack SLB switch
- powerpc/ptrace: Fix setting 512B aligned breakpoints with
PTRACE_SET_DEBUGREG
- powerpc/ptrace: Fix enforcement of DAWR constraints
- cpuidle: powernv: Fix promotion from snooze if next state disabled
- powerpc/fadump: Unregister fadump on kexec down path.
- ARM: 8764/1: kgdb: fix NUMREGBYTES so that gdb_regs[] is the correct size
- of: unittest: for strings, account for trailing \0 in property length field
- IB/qib: Fix DMA api warning with debug kernel
- RDMA/mlx4: Discard unknown SQP work requests
- mtd: cfi_cmdset_0002: Change write buffer to check correct value
- mtd: cfi_cmdset_0002: Use right chip in do_ppb_xxlock()
- mtd: cfi_cmdset_0002: fix SEGV unlocking multiple chips
- mtd: cfi_cmdset_0002: Fix unlocking requests crossing a chip boudary
- mtd: cfi_cmdset_0002: Avoid walking all chips when unlocking.
- MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum
- PCI: pciehp: Clear Presence Detect and Data Link Layer Status Changed on
resume
- MIPS: io: Add barrier after register read in inX()
- time: Make sure jiffies_to_msecs() preserves non-zero time periods
- Btrfs: fix clone vs chattr NODATASUM race
- iio:buffer: make length types match kfifo types
- scsi: qla2xxx: Fix setting lower transfer speed if GPSC fails
- scsi: zfcp: fix missing SCSI trace for result of eh_host_reset_handler
- scsi: zfcp: fix missing SCSI trace for retry of abort / scsi_eh TMF
- scsi: zfcp: fix misleading REC trigger trace where erp_action setup failed
- scsi: zfcp: fix missing REC trigger trace on terminate_rport_io early return
- scsi: zfcp: fix missing REC trigger trace on terminate_rport_io for
ERP_FAILED
- scsi: zfcp: fix missing REC trigger trace for all objects in ERP_FAILED
- scsi: zfcp: fix missing REC trigger trace on enqueue without ERP thread
- linvdimm, pmem: Preserve read-only setting for pmem devices
- md: fix two problems with setting the "re-add" device state.
- ubi: fastmap: Cancel work upon detach
- UBIFS: Fix potential integer overflow in allocation
- xfrm: skip policies marked as dead while rehashing
- backlight: as3711_bl: Fix Device Tree node lookup
- backlight: max8925_bl: Fix Device Tree node lookup
- backlight: tps65217_bl: Fix Device Tree node lookup
- mfd: intel-lpss: Program REMAP register in PIO mode
- perf tools: Fix symbol and object code resolution for vdso32 and vdsox32
- perf intel-pt: Fix sync_switch INTEL_PT_SS_NOT_TRACING
- perf intel-pt: Fix decoding to accept CBR between FUP and corresponding TIP
- perf intel-pt: Fix MTC timing after overflow
- perf intel-pt: Fix "Unexpected indirect branch" error
- perf intel-pt: Fix packet decoding of CYC packets
- media: v4l2-compat-ioctl32: prevent go past max size
- media: dvb_frontend: fix locking issues at dvb_frontend_get_event()
- nfsd: restrict rd_maxcount to svc_max_payload in nfsd_encode_readdir
- NFSv4: Fix possible 1-byte stack overflow in
nfs_idmap_read_and_verify_message
- video: uvesafb: Fix integer overflow in allocation
- Input: elan_i2c - add ELAN0618 (Lenovo v330 15IKB) ACPI ID
- xen: Remove unnecessary BUG_ON from __unbind_from_irq()
- udf: Detect incorrect directory size
- Input: elan_i2c_smbus - fix more potential stack buffer overflows
- Input: elantech - enable middle button of touchpads on ThinkPad P52
- Input: elantech - fix V4 report decoding for module with middle key
- ALSA: hda/realtek - Add a quirk for FSC ESPRIMO U9210
- Btrfs: fix unexpected cow in run_delalloc_nocow
- spi: Fix scatterlist elements size in spi_map_buf
- block: Fix transfer when chunk sectors exceeds max
- dm thin: handle running out of data space vs concurrent discard
- cdc_ncm: avoid padding beyond end of skb
- Bluetooth: Fix connection if directed advertising and privacy is used
- Linux 4.4.139
* Support AverMedia DVD EZMaker 7 USB video capture dongle (LP: #1620762) //
Xenial update to 4.4.139 stable release (LP: #1784382)
- media: cx231xx: Add support for AverMedia DVD EZMaker 7
* vfio/pci: cannot assign a i40e pf device to a vm using vfio-pci
(LP: #1779830)
- vfio/pci: Hide broken INTx support from user
* Kernel error "task zfs:pid blocked for more than 120 seconds" (LP: #1781364)
- SAUCE: (noup) zfs to 0.6.5.6-0ubuntu25
* Allow multiple mounts of zfs datasets (LP: #1759848)
- SAUCE: Allow mounting datasets more than once (LP: #1759848)
* CVE-2018-12233
- jfs: Fix inconsistency between memory allocation and ea_buf->max_size
* Redpine: Observed kernel panic while running wireless tests in regression
mode (LP: #1773410) // Redpine: Observed kernel panic while running soft-ap
tests (LP: #1777850)
- SAUCE: Redpine: improve cancel_hw_scan handling to fix kernel panic
* [HMS] Upgrades to Support SocketCAN over USB on Dell IoT 300x Gateways
(LP: #1783241)
- SAUCE: (no-up) upgrade IXXAT USB SocketCAN driver
* CVE-2018-13094
- xfs: don't call xfs_da_shrink_inode with NULL bp
* other users' coredumps can be read via setgid directory and killpriv bypass
(LP: #1779923) // CVE-2018-13405
- Fix up non-directory creation in SGID directories
* snapcraft.yaml: missing ubuntu-retpoline-extract-one script breaks the build
(LP: #1782116)
- snapcraft.yaml: copy retpoline-extract-one to scripts before build
* Enable basic support for Solarflare 8000 series NIC (LP: #1783152)
- sfc: make TSO version a per-queue parameter
- sfc: Add PCI ID for Solarflare 8000 series 10/40G NIC
* Redpine: Observed kernel panic while running wireless regressions tests
(LP: #1777858)
- SAUCE: Redpine: improve kernel thread handling to fix kernel panic
* Xenial update to 4.4.138 stable release (LP: #1777389)
- x86: Remove unused function cpu_has_ht_siblings()
- x86/cpufeature: Remove unused and seldomly used cpu_has_xx macros
- x86/fpu: Disable AVX when eagerfpu is off
- x86/fpu: Revert ("x86/fpu: Disable AVX when eagerfpu is off")
- x86/fpu: Hard-disable lazy FPU mode
- af_key: Always verify length of provided sadb_key
- x86/crypto, x86/fpu: Remove X86_FEATURE_EAGER_FPU #ifdef from the crc32c
code
- gpio: No NULL owner
- Clarify (and fix) MAX_LFS_FILESIZE macros
- serial: samsung: fix maxburst parameter for DMA transactions
- vmw_balloon: fixing double free when batching mode is off
- Input: goodix - add new ACPI id for GPD Win 2 touch screen
- crypto: vmx - Remove overly verbose printk from AES init routines
- Linux 4.4.138
* Redpine: wifi-ap stopped working after restart (LP: #1773400)
- SAUCE: Redpine: fix soft-ap invisible issue
* Xenial update to 4.4.137 stable release (LP: #1777063)
- tpm: do not suspend/resume if power stays on
- tpm: self test failure should not cause suspend to fail
- mmap: introduce sane default mmap limits
- mmap: relax file size limit for regular files
- kconfig: Avoid format overflow warning from GCC 8.1
- xfs: fix incorrect log_flushed on fsync
- drm: set FMODE_UNSIGNED_OFFSET for drm files
- brcmfmac: Fix check for ISO3166 code
- bnx2x: use the right constant
- dccp: don't free ccid2_hc_tx_sock struct in dccp_disconnect()
- enic: set DMA mask to 47 bit
- ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds
- ipv4: remove warning in ip_recv_error
- isdn: eicon: fix a missing-check bug
- netdev-FAQ: clarify DaveM's position for stable backports
- net/packet: refine check for priv area size
- net: usb: cdc_mbim: add flag FLAG_SEND_ZLP
- packet: fix reserve calculation
- qed: Fix mask for physical address in ILT entry
- net/mlx4: Fix irq-unsafe spinlock usage
- team: use netdev_features_t instead of u32
- rtnetlink: validate attributes in do_setlink()
- net: phy: broadcom: Fix bcm_write_exp()
- net: metrics: add proper netlink validation
- Linux 4.4.137
* Xenial update to 4.4.136 stable release (LP: #1776177)
- arm64: lse: Add early clobbers to some input/output asm operands
- powerpc/64s: Clear PCR on boot
- USB: serial: cp210x: use tcflag_t to fix incompatible pointer type
- sh: New gcc support
- xfs: detect agfl count corruption and reset agfl
- Input: elan_i2c_smbus - fix corrupted stack
- tracing: Fix crash when freeing instances with event triggers
- selinux: KASAN: slab-out-of-bounds in xattr_getsecurity
- cfg80211: further limit wiphy names to 64 bytes
- rtlwifi: rtl8192cu: Remove variable self-assignment in rf.c
- ASoC: Intel: sst: remove redundant variable dma_dev_name
- irda: fix overly long udelay()
- tcp: avoid integer overflows in tcp_rcv_space_adjust()
- i2c: rcar: make sure clocks are on when doing clock calculation
- i2c: rcar: rework hw init
- i2c: rcar: remove unused IOERROR state
- i2c: rcar: remove spinlock
- i2c: rcar: refactor setup of a msg
- i2c: rcar: init new messages in irq
- i2c: rcar: don't issue stop when HW does it automatically
- i2c: rcar: check master irqs before slave irqs
- i2c: rcar: revoke START request early
- dmaengine: usb-dmac: fix endless loop in usb_dmac_chan_terminate_all()
- iio:kfifo_buf: check for uint overflow
- MIPS: ptrace: Fix PTRACE_PEEKUSR requests for 64-bit FGRs
- MIPS: prctl: Disallow FRE without FR with PR_SET_FP_MODE requests
- scsi: scsi_transport_srp: Fix shost to rport translation
- stm class: Use vmalloc for the master map
- hwtracing: stm: fix build error on some arches
- drm/i915: Disable LVDS on Radiant P845
- Kbuild: change CC_OPTIMIZE_FOR_SIZE definition
- [Config] Add CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE=y
- fix io_destroy()/aio_complete() race
- mm: fix the NULL mapping case in __isolate_lru_page()
- sparc64: Fix build warnings with gcc 7.
- Linux 4.4.136
* Xenial update to 4.4.135 stable release (LP: #1776158)
- Revert "vti4: Don't override MTU passed on link creation via IFLA_MTU"
- Linux 4.4.135
-- Khalid Elmously <email address hidden> Thu, 16 Aug 2018 07:43:45 +0000
-
linux-aws (4.4.0-1027.30) trusty; urgency=medium
[ Ubuntu: 4.4.0-133.159 ]
* CVE-2018-5390
- tcp: avoid collapses in tcp_prune_queue() if possible
- tcp: detect malicious patterns in tcp_collapse_ofo_queue()
* CVE-2018-5391
- Revert "net: increase fragment memory usage limits"
* CVE-2018-3620 // CVE-2018-3646
- KVM: x86: introduce linear_{read,write}_system
- KVM: x86: pass kvm_vcpu to kvm_read_guest_virt and
kvm_write_guest_virt_system
- kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access
- x86/speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT
- x86/speculation/l1tf: Change order of offset/type in swap entry
- x86/speculation/l1tf: Protect swap entries against L1TF
- x86/mm: Simplify p[g4um]d_page() macros
- x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation
- x86/speculation/l1tf: Make sure the first page is always reserved
- SAUCE: x86/cpu: Add Knights Mill/Gemini Lake
- x86/speculation/l1tf: Add sysfs reporting for l1tf
- x86/speculation/l1tf: Disallow non privileged high MMIO PROT_NONE mappings
- x86/speculation/l1tf: Limit swap file size to MAX_PA/2
- x86/smp: Provide topology_is_primary_thread()
- x86/topology: Provide topology_smt_supported()
- cpu/hotplug: Split do_cpu_down()
- x86/topology: Add topology_max_smt_threads()
- cpu/hotplug: Provide knobs to control SMT
- x86/CPU: Modify detect_extended_topology() to return result
- x86/cpu: Remove the pointless CPU printout
- x86/cpu/AMD: Remove the pointless detect_ht() call
- x86/cpu/common: Provide detect_ht_early()
- x86/cpu/topology: Provide detect_extended_topology_early()
- x86/cpu/intel: Evaluate smp_num_siblings early
- x86/cpu/AMD: Evaluate smp_num_siblings early
- x86/apic: Ignore secondary threads if nosmt=force
- x86/speculation/l1tf: Extend 64bit swap file size limit
- x86/CPU/AMD: Move TOPOEXT reenablement before reading smp_num_siblings
- x86/cpufeatures: Add detection of L1D cache flush support.
- x86/speculation/l1tf: Protect PAE swap entries against L1TF
- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE
- Revert "x86/apic: Ignore secondary threads if nosmt=force"
- SAUCE: x86/mce: register mce notifier earlier
- cpu/hotplug: Boot HT siblings at least once
- KVM: x86: Introducing kvm_x86_ops VM init/destroy hooks
- x86/KVM: Warn user if KVM is loaded SMT and L1TF CPU bug being present.
- x86/KVM/VMX: Add module argument for L1TF mitigation
- x86/KVM/VMX: Add L1D flush algorithm
- x86/KVM/VMX: Add L1D MSR based flush
- x86/KVM/VMX: Add L1D flush logic
- x86/KVM/VMX: Split the VMX MSR LOAD structures to have an host/guest numbers
- x86/KVM/VMX: Add find_msr() helper function
- x86/KVM/VMX: Seperate the VMX AUTOLOAD guest/host number accounting.
- x86/KVM/VMX: Extend add_atomic_switch_msr() to allow VMENTER only MSRs
- x86/KVM/VMX: Use MSR save list for IA32_FLUSH_CMD if required
- cpu/hotplug: Online siblings when SMT control is turned on
- x86/litf: Introduce vmx status variable
- x86/kvm: Drop L1TF MSR list approach
- x86/l1tf: Handle EPT disabled state proper
- x86/kvm: Move l1tf setup function
- x86/kvm: Add static key for flush always
- x86/kvm: Serialize L1D flush parameter setter
- x86/kvm: Allow runtime control of L1D flush
- cpu/hotplug: Expose SMT control init function
- cpu/hotplug: Set CPU_SMT_NOT_SUPPORTED early
- x86/bugs, kvm: Introduce boot-time control of L1TF mitigations
- Documentation: Add section about CPU vulnerabilities
- x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED architectures
- x86/KVM/VMX: Initialize the vmx_l1d_flush_pages' content
- Documentation/l1tf: Fix typos
- cpu/hotplug: detect SMT disabled by BIOS
- x86/KVM/VMX: Don't set l1tf_flush_l1d to true from vmx_l1d_flush()
- x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with 'vmx_l1d_flush_cond'
- x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush()
- x86/irq: Demote irq_cpustat_t::__softirq_pending to u16
- x86/KVM/VMX: Introduce per-host-cpu analogue of l1tf_flush_l1d
- x86: Don't include linux/irq.h from asm/hardirq.h
- x86/apic: Order irq_enter/exit() calls correctly vs. ack_APIC_irq()
- x86/irq: Let interrupt handlers set kvm_cpu_l1tf_flush_l1d
- x86/KVM/VMX: Don't set l1tf_flush_l1d from vmx_handle_external_intr()
- Documentation/l1tf: Remove Yonah processors from not vulnerable list
- x86/speculation: Simplify sysfs report of VMX L1TF vulnerability
- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry
- KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES
- KVM: x86: Add a framework for supporting MSR-based features
- KVM: X86: Introduce kvm_get_msr_feature()
- KVM: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR
- KVM: VMX: Tell the nested hypervisor to skip L1D flush on vmentry
- cpu/hotplug: Fix SMT supported evaluation
- x86/speculation/l1tf: Invert all not present mappings
- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert
- x86/mm/pat: Ensure cpa->pfn only contains page frame numbers
- SAUCE: Add pfn_pud() and pud_mkhuge()
- x86/mm/pat: Make set_memory_np() L1TF safe
-- Stefan Bader <email address hidden> Fri, 10 Aug 2018 15:21:28 +0200
-
linux-aws (4.4.0-1026.29) trusty; urgency=medium
* linux-aws: 4.4.0-1026.29 -proposed tracker (LP: #1784303)
* Xenial update to 4.4.136 stable release (LP: #1776177)
- [Config] Add CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE=y
[ Ubuntu: 4.4.0-132.158 ]
* linux: 4.4.0-132.158 -proposed tracker (LP: #1784302)
* locking sockets broken due to missing AppArmor socket mediation patches
(LP: #1780227)
- UBUNTU SAUCE: apparmor: fix apparmor mediating locking non-fs, unix sockets
* Backport namespaced fscaps to xenial 4.4 (LP: #1778286)
- Introduce v3 namespaced file capabilities
- commoncap: move assignment of fs_ns to avoid null pointer dereference
- capabilities: fix buffer overread on very short xattr
- commoncap: Handle memory allocation failure.
* Xenial update to 4.4.140 stable release (LP: #1784409)
- usb: cdc_acm: Add quirk for Uniden UBC125 scanner
- USB: serial: cp210x: add CESINEL device ids
- USB: serial: cp210x: add Silicon Labs IDs for Windows Update
- n_tty: Fix stall at n_tty_receive_char_special().
- staging: android: ion: Return an ERR_PTR in ion_map_kernel
- n_tty: Access echo_* variables carefully.
- x86/boot: Fix early command-line parsing when matching at end
- ath10k: fix rfc1042 header retrieval in QCA4019 with eth decap mode
- i2c: rcar: fix resume by always initializing registers before transfer
- ipv4: Fix error return value in fib_convert_metrics()
- kprobes/x86: Do not modify singlestep buffer while resuming
- nvme-pci: initialize queue memory before interrupts
- netfilter: nf_tables: use WARN_ON_ONCE instead of BUG_ON in nft_do_chain()
- ARM: dts: imx6q: Use correct SDMA script for SPI5 core
- ubi: fastmap: Correctly handle interrupted erasures in EBA
- mm: hugetlb: yield when prepping struct pages
- tracing: Fix missing return symbol in function_graph output
- scsi: sg: mitigate read/write abuse
- s390: Correct register corruption in critical section cleanup
- drbd: fix access after free
- cifs: Fix infinite loop when using hard mount option
- jbd2: don't mark block as modified if the handle is out of credits
- ext4: make sure bitmaps and the inode table don't overlap with bg
descriptors
- ext4: always check block group bounds in ext4_init_block_bitmap()
- ext4: only look at the bg_flags field if it is valid
- ext4: verify the depth of extent tree in ext4_find_extent()
- ext4: include the illegal physical block in the bad map ext4_error msg
- ext4: clear i_data in ext4_inode_info when removing inline data
- ext4: add more inode number paranoia checks
- ext4: add more mount time checks of the superblock
- ext4: check superblock mapped prior to committing
- HID: i2c-hid: Fix "incomplete report" noise
- HID: hiddev: fix potential Spectre v1
- HID: debug: check length before copy_to_user()
- x86/mce: Detect local MCEs properly
- x86/mce: Fix incorrect "Machine check from unknown source" message
- media: cx25840: Use subdev host data for PLL override
- mm, page_alloc: do not break __GFP_THISNODE by zonelist reset
- dm bufio: avoid sleeping while holding the dm_bufio lock
- dm bufio: drop the lock when doing GFP_NOIO allocation
- mtd: rawnand: mxc: set spare area size register explicitly
- dm bufio: don't take the lock in dm_bufio_shrink_count
- mtd: cfi_cmdset_0002: Change definition naming to retry write operation
- mtd: cfi_cmdset_0002: Change erase functions to retry for error
- mtd: cfi_cmdset_0002: Change erase functions to check chip good only
- netfilter: nf_log: don't hold nf_log_mutex during user access
- staging: comedi: quatech_daqp_cs: fix no-op loop daqp_ao_insn_write()
- Linux 4.4.140
* Xenial update to 4.4.139 stable release (LP: #1784382)
- xfrm6: avoid potential infinite loop in _decode_session6()
- netfilter: ebtables: handle string from userspace with care
- ipvs: fix buffer overflow with sync daemon and service
- atm: zatm: fix memcmp casting
- net: qmi_wwan: Add Netgear Aircard 779S
- net/sonic: Use dma_mapping_error()
- Revert "Btrfs: fix scrub to repair raid6 corruption"
- tcp: do not overshoot window_clamp in tcp_rcv_space_adjust()
- Btrfs: make raid6 rebuild retry more
- usb: musb: fix remote wakeup racing with suspend
- bonding: re-evaluate force_primary when the primary slave name changes
- tcp: verify the checksum of the first data segment in a new connection
- ext4: update mtime in ext4_punch_hole even if no blocks are released
- ext4: fix fencepost error in check for inode count overflow during resize
- driver core: Don't ignore class_dir_create_and_add() failure.
- btrfs: scrub: Don't use inode pages for device replace
- ALSA: hda - Handle kzalloc() failure in snd_hda_attach_pcm_stream()
- ALSA: hda: add dock and led support for HP EliteBook 830 G5
- ALSA: hda: add dock and led support for HP ProBook 640 G4
- cpufreq: Fix new policy initialization during limits updates via sysfs
- libata: zpodd: make arrays cdb static, reduces object code size
- libata: zpodd: small read overflow in eject_tray()
- libata: Drop SanDisk SD7UB3Q*G1001 NOLPM quirk
- w1: mxc_w1: Enable clock before calling clk_get_rate() on it
- x86/spectre_v1: Disable compiler optimizations over
array_index_mask_nospec()
- m68k/mm: Adjust VM area to be unmapped by gap size for __iounmap()
- serial: sh-sci: Use spin_{try}lock_irqsave instead of open coding version
- signal/xtensa: Consistenly use SIGBUS in do_unaligned_user
- usb: do not reset if a low-speed or full-speed device timed out
- 1wire: family module autoload fails because of upper/lower case mismatch.
- ASoC: dapm: delete dapm_kcontrol_data paths list before freeing it
- ASoC: cirrus: i2s: Fix LRCLK configuration
- ASoC: cirrus: i2s: Fix {TX|RX}LinCtrlData setup
- lib/vsprintf: Remove atomic-unsafe support for %pCr
- mips: ftrace: fix static function graph tracing
- branch-check: fix long->int truncation when profiling branches
- ipmi:bt: Set the timeout before doing a capabilities check
- Bluetooth: hci_qca: Avoid missing rampatch failure with userspace fw loader
- fuse: atomic_o_trunc should truncate pagecache
- fuse: don't keep dead fuse_conn at fuse_fill_super().
- fuse: fix control dir setup and teardown
- powerpc/mm/hash: Add missing isync prior to kernel stack SLB switch
- powerpc/ptrace: Fix setting 512B aligned breakpoints with
PTRACE_SET_DEBUGREG
- powerpc/ptrace: Fix enforcement of DAWR constraints
- cpuidle: powernv: Fix promotion from snooze if next state disabled
- powerpc/fadump: Unregister fadump on kexec down path.
- ARM: 8764/1: kgdb: fix NUMREGBYTES so that gdb_regs[] is the correct size
- of: unittest: for strings, account for trailing \0 in property length field
- IB/qib: Fix DMA api warning with debug kernel
- RDMA/mlx4: Discard unknown SQP work requests
- mtd: cfi_cmdset_0002: Change write buffer to check correct value
- mtd: cfi_cmdset_0002: Use right chip in do_ppb_xxlock()
- mtd: cfi_cmdset_0002: fix SEGV unlocking multiple chips
- mtd: cfi_cmdset_0002: Fix unlocking requests crossing a chip boudary
- mtd: cfi_cmdset_0002: Avoid walking all chips when unlocking.
- MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum
- PCI: pciehp: Clear Presence Detect and Data Link Layer Status Changed on
resume
- MIPS: io: Add barrier after register read in inX()
- time: Make sure jiffies_to_msecs() preserves non-zero time periods
- Btrfs: fix clone vs chattr NODATASUM race
- iio:buffer: make length types match kfifo types
- scsi: qla2xxx: Fix setting lower transfer speed if GPSC fails
- scsi: zfcp: fix missing SCSI trace for result of eh_host_reset_handler
- scsi: zfcp: fix missing SCSI trace for retry of abort / scsi_eh TMF
- scsi: zfcp: fix misleading REC trigger trace where erp_action setup failed
- scsi: zfcp: fix missing REC trigger trace on terminate_rport_io early return
- scsi: zfcp: fix missing REC trigger trace on terminate_rport_io for
ERP_FAILED
- scsi: zfcp: fix missing REC trigger trace for all objects in ERP_FAILED
- scsi: zfcp: fix missing REC trigger trace on enqueue without ERP thread
- linvdimm, pmem: Preserve read-only setting for pmem devices
- md: fix two problems with setting the "re-add" device state.
- ubi: fastmap: Cancel work upon detach
- UBIFS: Fix potential integer overflow in allocation
- xfrm: skip policies marked as dead while rehashing
- backlight: as3711_bl: Fix Device Tree node lookup
- backlight: max8925_bl: Fix Device Tree node lookup
- backlight: tps65217_bl: Fix Device Tree node lookup
- mfd: intel-lpss: Program REMAP register in PIO mode
- perf tools: Fix symbol and object code resolution for vdso32 and vdsox32
- perf intel-pt: Fix sync_switch INTEL_PT_SS_NOT_TRACING
- perf intel-pt: Fix decoding to accept CBR between FUP and corresponding TIP
- perf intel-pt: Fix MTC timing after overflow
- perf intel-pt: Fix "Unexpected indirect branch" error
- perf intel-pt: Fix packet decoding of CYC packets
- media: v4l2-compat-ioctl32: prevent go past max size
- media: dvb_frontend: fix locking issues at dvb_frontend_get_event()
- nfsd: restrict rd_maxcount to svc_max_payload in nfsd_encode_readdir
- NFSv4: Fix possible 1-byte stack overflow in
nfs_idmap_read_and_verify_message
- video: uvesafb: Fix integer overflow in allocation
- Input: elan_i2c - add ELAN0618 (Lenovo v330 15IKB) ACPI ID
- xen: Remove unnecessary BUG_ON from __unbind_from_irq()
- udf: Detect incorrect directory size
- Input: elan_i2c_smbus - fix more potential stack buffer overflows
- Input: elantech - enable middle button of touchpads on ThinkPad P52
- Input: elantech - fix V4 report decoding for module with middle key
- ALSA: hda/realtek - Add a quirk for FSC ESPRIMO U9210
- Btrfs: fix unexpected cow in run_delalloc_nocow
- spi: Fix scatterlist elements size in spi_map_buf
- block: Fix transfer when chunk sectors exceeds max
- dm thin: handle running out of data space vs concurrent discard
- cdc_ncm: avoid padding beyond end of skb
- Bluetooth: Fix connection if directed advertising and privacy is used
- Linux 4.4.139
* Support AverMedia DVD EZMaker 7 USB video capture dongle (LP: #1620762) //
Xenial update to 4.4.139 stable release (LP: #1784382)
- media: cx231xx: Add support for AverMedia DVD EZMaker 7
* vfio/pci: cannot assign a i40e pf device to a vm using vfio-pci
(LP: #1779830)
- vfio/pci: Hide broken INTx support from user
* Kernel error "task zfs:pid blocked for more than 120 seconds" (LP: #1781364)
- SAUCE: (noup) zfs to 0.6.5.6-0ubuntu25
* Allow multiple mounts of zfs datasets (LP: #1759848)
- SAUCE: Allow mounting datasets more than once (LP: #1759848)
* CVE-2018-12233
- jfs: Fix inconsistency between memory allocation and ea_buf->max_size
* Redpine: Observed kernel panic while running wireless tests in regression
mode (LP: #1773410) // Redpine: Observed kernel panic while running soft-ap
tests (LP: #1777850)
- SAUCE: Redpine: improve cancel_hw_scan handling to fix kernel panic
* [HMS] Upgrades to Support SocketCAN over USB on Dell IoT 300x Gateways
(LP: #1783241)
- SAUCE: (no-up) upgrade IXXAT USB SocketCAN driver
* CVE-2018-13094
- xfs: don't call xfs_da_shrink_inode with NULL bp
* other users' coredumps can be read via setgid directory and killpriv bypass
(LP: #1779923) // CVE-2018-13405
- Fix up non-directory creation in SGID directories
* snapcraft.yaml: missing ubuntu-retpoline-extract-one script breaks the build
(LP: #1782116)
- snapcraft.yaml: copy retpoline-extract-one to scripts before build
* Enable basic support for Solarflare 8000 series NIC (LP: #1783152)
- sfc: make TSO version a per-queue parameter
- sfc: Add PCI ID for Solarflare 8000 series 10/40G NIC
* Redpine: Observed kernel panic while running wireless regressions tests
(LP: #1777858)
- SAUCE: Redpine: improve kernel thread handling to fix kernel panic
* Xenial update to 4.4.138 stable release (LP: #1777389)
- x86: Remove unused function cpu_has_ht_siblings()
- x86/cpufeature: Remove unused and seldomly used cpu_has_xx macros
- x86/fpu: Disable AVX when eagerfpu is off
- x86/fpu: Revert ("x86/fpu: Disable AVX when eagerfpu is off")
- x86/fpu: Hard-disable lazy FPU mode
- af_key: Always verify length of provided sadb_key
- x86/crypto, x86/fpu: Remove X86_FEATURE_EAGER_FPU #ifdef from the crc32c
code
- gpio: No NULL owner
- Clarify (and fix) MAX_LFS_FILESIZE macros
- KVM: x86: introduce linear_{read,write}_system
- KVM: x86: pass kvm_vcpu to kvm_read_guest_virt and
kvm_write_guest_virt_system
- serial: samsung: fix maxburst parameter for DMA transactions
- vmw_balloon: fixing double free when batching mode is off
- kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access
- Input: goodix - add new ACPI id for GPD Win 2 touch screen
- crypto: vmx - Remove overly verbose printk from AES init routines
- Linux 4.4.138
* Redpine: wifi-ap stopped working after restart (LP: #1773400)
- SAUCE: Redpine: fix soft-ap invisible issue
* Xenial update to 4.4.137 stable release (LP: #1777063)
- tpm: do not suspend/resume if power stays on
- tpm: self test failure should not cause suspend to fail
- mmap: introduce sane default mmap limits
- mmap: relax file size limit for regular files
- kconfig: Avoid format overflow warning from GCC 8.1
- xfs: fix incorrect log_flushed on fsync
- drm: set FMODE_UNSIGNED_OFFSET for drm files
- brcmfmac: Fix check for ISO3166 code
- bnx2x: use the right constant
- dccp: don't free ccid2_hc_tx_sock struct in dccp_disconnect()
- enic: set DMA mask to 47 bit
- ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds
- ipv4: remove warning in ip_recv_error
- isdn: eicon: fix a missing-check bug
- netdev-FAQ: clarify DaveM's position for stable backports
- net/packet: refine check for priv area size
- net: usb: cdc_mbim: add flag FLAG_SEND_ZLP
- packet: fix reserve calculation
- qed: Fix mask for physical address in ILT entry
- net/mlx4: Fix irq-unsafe spinlock usage
- team: use netdev_features_t instead of u32
- rtnetlink: validate attributes in do_setlink()
- net: phy: broadcom: Fix bcm_write_exp()
- net: metrics: add proper netlink validation
- Linux 4.4.137
* Xenial update to 4.4.136 stable release (LP: #1776177)
- arm64: lse: Add early clobbers to some input/output asm operands
- powerpc/64s: Clear PCR on boot
- USB: serial: cp210x: use tcflag_t to fix incompatible pointer type
- sh: New gcc support
- xfs: detect agfl count corruption and reset agfl
- Input: elan_i2c_smbus - fix corrupted stack
- tracing: Fix crash when freeing instances with event triggers
- selinux: KASAN: slab-out-of-bounds in xattr_getsecurity
- cfg80211: further limit wiphy names to 64 bytes
- rtlwifi: rtl8192cu: Remove variable self-assignment in rf.c
- ASoC: Intel: sst: remove redundant variable dma_dev_name
- irda: fix overly long udelay()
- tcp: avoid integer overflows in tcp_rcv_space_adjust()
- i2c: rcar: make sure clocks are on when doing clock calculation
- i2c: rcar: rework hw init
- i2c: rcar: remove unused IOERROR state
- i2c: rcar: remove spinlock
- i2c: rcar: refactor setup of a msg
- i2c: rcar: init new messages in irq
- i2c: rcar: don't issue stop when HW does it automatically
- i2c: rcar: check master irqs before slave irqs
- i2c: rcar: revoke START request early
- dmaengine: usb-dmac: fix endless loop in usb_dmac_chan_terminate_all()
- iio:kfifo_buf: check for uint overflow
- MIPS: ptrace: Fix PTRACE_PEEKUSR requests for 64-bit FGRs
- MIPS: prctl: Disallow FRE without FR with PR_SET_FP_MODE requests
- scsi: scsi_transport_srp: Fix shost to rport translation
- stm class: Use vmalloc for the master map
- hwtracing: stm: fix build error on some arches
- drm/i915: Disable LVDS on Radiant P845
- Kbuild: change CC_OPTIMIZE_FOR_SIZE definition
- [Config] Add CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE=y
- fix io_destroy()/aio_complete() race
- mm: fix the NULL mapping case in __isolate_lru_page()
- sparc64: Fix build warnings with gcc 7.
- Linux 4.4.136
* Xenial update to 4.4.135 stable release (LP: #1776158)
- Revert "vti4: Don't override MTU passed on link creation via IFLA_MTU"
- Linux 4.4.135
-- Khalid Elmously <email address hidden> Mon, 06 Aug 2018 02:33:46 +0000
-
linux-aws (4.4.0-1025.26) trusty; urgency=medium
* linux-aws: 4.4.0-1025.26 -proposed tracker (LP: #1779377)
[ Ubuntu: 4.4.0-131.157 ]
* linux: 4.4.0-131.157 -proposed tracker (LP: #1779376)
* Cannot set MTU higher than 1500 in Xen instance (LP: #1781413)
- xen-netfront: Fix mismatched rtnl_unlock
- xen-netfront: Update features after registering netdev
-- Khalid Elmously <email address hidden> Fri, 13 Jul 2018 00:57:37 -0400
-
linux-aws (4.4.0-1024.25) trusty; urgency=medium
* linux-aws: 4.4.0-1024.25 -proposed tracker (LP: #1776824)
* The trusty/aws kernel package ships too many modules (LP: #1777080)
- [config] AWS: ship_extras_package=false
* Xenial update to 4.4.134 stable release (LP: #1775771)
- [Config] CONFIG_TCG_CRB=y
* Adapt configuration to match the master kernel config. This change
has no effect for the AWS kernel as the resulting module is not
shipped (LP: #1774563)
- [Config] CONFIG_CAN_HMS_USB=m
[ Ubuntu: 4.4.0-130.156 ]
* linux: 4.4.0-130.156 -proposed tracker (LP: #1776822)
* CVE-2018-3665 (x86)
- x86/fpu: Fix early FPU command-line parsing
- x86/fpu: Fix 'no387' regression
- x86/fpu: Disable MPX when eagerfpu is off
- x86/fpu: Default eagerfpu=on on all CPUs
- x86/fpu: Fix FNSAVE usage in eagerfpu mode
- x86/fpu: Fix math emulation in eager fpu mode
- x86/fpu: Fix eager-FPU handling on legacy FPU machines
[ Ubuntu: 4.4.0-129.155 ]
* linux: 4.4.0-129.155 -proposed tracker (LP: #1776352)
* Xenial update to 4.4.134 stable release (LP: #1775771)
- MIPS: ptrace: Expose FIR register through FP regset
- MIPS: Fix ptrace(2) PTRACE_PEEKUSR and PTRACE_POKEUSR accesses to o32 FGRs
- KVM: Fix spelling mistake: "cop_unsuable" -> "cop_unusable"
- affs_lookup(): close a race with affs_remove_link()
- aio: fix io_destroy(2) vs. lookup_ioctx() race
- ALSA: timer: Fix pause event notification
- mmc: sdhci-iproc: fix 32bit writes for TRANSFER_MODE register
- libata: Blacklist some Sandisk SSDs for NCQ
- libata: blacklist Micron 500IT SSD with MU01 firmware
- xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent
- Revert "ipc/shm: Fix shmat mmap nil-page protection"
- ipc/shm: fix shmat() nil address after round-down when remapping
- kasan: fix memory hotplug during boot
- kernel/sys.c: fix potential Spectre v1 issue
- kernel/signal.c: avoid undefined behaviour in kill_something_info
- xfs: remove racy hasattr check from attr ops
- do d_instantiate/unlock_new_inode combinations safely
- firewire-ohci: work around oversized DMA reads on JMicron controllers
- NFSv4: always set NFS_LOCK_LOST when a lock is lost.
- ALSA: hda - Use IS_REACHABLE() for dependency on input
- ASoC: au1x: Fix timeout tests in au1xac97c_ac97_read()
- kvm: x86: fix KVM_XEN_HVM_CONFIG ioctl
- tracing/hrtimer: Fix tracing bugs by taking all clock bases and modes into
account
- PCI: Add function 1 DMA alias quirk for Marvell 9128
- tools lib traceevent: Simplify pointer print logic and fix %pF
- perf callchain: Fix attr.sample_max_stack setting
- tools lib traceevent: Fix get_field_str() for dynamic strings
- dm thin: fix documentation relative to low water mark threshold
- nfs: Do not convert nfs_idmap_cache_timeout to jiffies
- watchdog: sp5100_tco: Fix watchdog disable bit
- kconfig: Don't leak main menus during parsing
- kconfig: Fix automatic menu creation mem leak
- kconfig: Fix expr_free() E_NOT leak
- ipmi/powernv: Fix error return code in ipmi_powernv_probe()
- Btrfs: set plug for fsync
- btrfs: Fix out of bounds access in btrfs_search_slot
- Btrfs: fix scrub to repair raid6 corruption
- scsi: fas216: fix sense buffer initialization
- HID: roccat: prevent an out of bounds read in kovaplus_profile_activated()
- jffs2: Fix use-after-free bug in jffs2_iget()'s error handling path
- powerpc/numa: Use ibm,max-associativity-domains to discover possible nodes
- powerpc/numa: Ensure nodes initialized for hotplug
- RDMA/mlx5: Avoid memory leak in case of XRCD dealloc failure
- ntb_transport: Fix bug with max_mw_size parameter
- ocfs2: return -EROFS to mount.ocfs2 if inode block is invalid
- ocfs2/acl: use 'ip_xattr_sem' to protect getting extended attribute
- ocfs2: return error when we attempt to access a dirty bh in jbd2
- mm/mempolicy: fix the check of nodemask from user
- mm/mempolicy: add nodes_empty check in SYSC_migrate_pages
- asm-generic: provide generic_pmdp_establish()
- mm: pin address_space before dereferencing it while isolating an LRU page
- IB/ipoib: Fix for potential no-carrier state
- x86/power: Fix swsusp_arch_resume prototype
- firmware: dmi_scan: Fix handling of empty DMI strings
- ACPI: processor_perflib: Do not send _PPC change notification if not ready
- MIPS: TXx9: use IS_BUILTIN() for CONFIG_LEDS_CLASS
- xen-netfront: Fix race between device setup and open
- xen/grant-table: Use put_page instead of free_page
- RDS: IB: Fix null pointer issue
- arm64: spinlock: Fix theoretical trylock() A-B-A with LSE atomics
- proc: fix /proc/*/map_files lookup
- cifs: silence compiler warnings showing up with gcc-8.0.0
- bcache: properly set task state in bch_writeback_thread()
- bcache: fix for allocator and register thread race
- bcache: fix for data collapse after re-attaching an attached device
- bcache: return attach error when no cache set exist
- tools/libbpf: handle issues with bpf ELF objects containing .eh_frames
- locking/qspinlock: Ensure node->count is updated before initialising node
- irqchip/gic-v3: Change pr_debug message to pr_devel
- scsi: ufs: Enable quirk to ignore sending WRITE_SAME command
- scsi: bnx2fc: Fix check in SCSI completion handler for timed out request
- scsi: sym53c8xx_2: iterator underflow in sym_getsync()
- scsi: mptfusion: Add bounds check in mptctl_hp_targetinfo()
- scsi: qla2xxx: Avoid triggering undefined behavior in
qla2x00_mbx_completion()
- ARC: Fix malformed ARC_EMUL_UNALIGNED default
- usb: gadget: f_uac2: fix bFirstInterface in composite gadget
- usb: gadget: fsl_udc_core: fix ep valid checks
- usb: dwc2: Fix dwc2_hsotg_core_init_disconnected()
- selftests: memfd: add config fragment for fuse
- scsi: storvsc: Increase cmd_per_lun for higher speed devices
- scsi: aacraid: fix shutdown crash when init fails
- scsi: qla4xxx: skip error recovery in case of register disconnect.
- ARM: OMAP2+: timer: fix a kmemleak caused in omap_get_timer_dt
- ARM: OMAP3: Fix prm wake interrupt for resume
- ARM: OMAP1: clock: Fix debugfs_create_*() usage
- NFC: llcp: Limit size of SDP URI
- mac80211: round IEEE80211_TX_STATUS_HEADROOM up to multiple of 4
- md raid10: fix NULL deference in handle_write_completed()
- drm/exynos: fix comparison to bitshift when dealing with a mask
- usb: musb: fix enumeration after resume
- locking/xchg/alpha: Add unconditional memory barrier to cmpxchg()
- md: raid5: avoid string overflow warning
- kernel/relay.c: limit kmalloc size to KMALLOC_MAX_SIZE
- powerpc/bpf/jit: Fix 32-bit JIT for seccomp_data access
- s390/cio: fix return code after missing interrupt
- s390/cio: clear timer when terminating driver I/O
- ARM: OMAP: Fix dmtimer init for omap1
- smsc75xx: fix smsc75xx_set_features()
- regulatory: add NUL to request alpha2
- locking/xchg/alpha: Fix xchg() and cmpxchg() memory ordering bugs
- x86/topology: Update the 'cpu cores' field in /proc/cpuinfo correctly across
CPU hotplug operations
- media: dmxdev: fix error code for invalid ioctls
- md/raid1: fix NULL pointer dereference
- batman-adv: fix packet checksum in receive path
- batman-adv: invalidate checksum on fragment reassembly
- netfilter: ebtables: convert BUG_ONs to WARN_ONs
- nvme-pci: Fix nvme queue cleanup if IRQ setup fails
- clocksource/drivers/fsl_ftm_timer: Fix error return checking
- r8152: fix tx packets accounting
- virtio-gpu: fix ioctl and expose the fixed status to userspace.
- dmaengine: rcar-dmac: fix max_chunk_size for R-Car Gen3
- bcache: fix kcrashes with fio in RAID5 backend dev
- sit: fix IFLA_MTU ignored on NEWLINK
- gianfar: Fix Rx byte accounting for ndev stats
- net/tcp/illinois: replace broken algorithm reference link
- xen/pirq: fix error path cleanup when binding MSIs
- Btrfs: send, fix issuing write op when processing hole in no data mode
- selftests/powerpc: Skip the subpage_prot tests if the syscall is unavailable
- KVM: PPC: Book3S HV: Fix VRMA initialization with 2MB or 1GB memory backing
- watchdog: f71808e_wdt: Fix magic close handling
- e1000e: Fix check_for_link return value with autoneg off
- e1000e: allocate ring descriptors with dma_zalloc_coherent
- usb: musb: call pm_runtime_{get,put}_sync before reading vbus registers
- scsi: mpt3sas: Do not mark fw_event workqueue as WQ_MEM_RECLAIM
- scsi: sd: Keep disk read-only when re-reading partition
- fbdev: Fixing arbitrary kernel leak in case FBIOGETCMAP_SPARC in
sbusfb_ioctl_helper().
- xen: xenbus: use put_device() instead of kfree()
- USB: OHCI: Fix NULL dereference in HCDs using HCD_LOCAL_MEM
- netfilter: ebtables: fix erroneous reject of last rule
- bnxt_en: Check valid VNIC ID in bnxt_hwrm_vnic_set_tpa().
- workqueue: use put_device() instead of kfree()
- ipv4: lock mtu in fnhe when received PMTU < net.ipv4.route.min_pmtu
- sunvnet: does not support GSO for sctp
- net: Fix vlan untag for bridge and vlan_dev with reorder_hdr off
- batman-adv: fix header size check in batadv_dbg_arp()
- vti4: Don't count header length twice on tunnel setup
- vti4: Don't override MTU passed on link creation via IFLA_MTU
- perf/cgroup: Fix child event counting bug
- RDMA/ucma: Correct option size check using optlen
- mm/mempolicy.c: avoid use uninitialized preferred_node
- selftests: ftrace: Add probe event argument syntax testcase
- selftests: ftrace: Add a testcase for string type with kprobe_event
- selftests: ftrace: Add a testcase for probepoint
- batman-adv: fix multicast-via-unicast transmission with AP isolation
- batman-adv: fix packet loss for broadcasted DHCP packets to a server
- ARM: 8748/1: mm: Define vdso_start, vdso_end as array
- net: qmi_wwan: add BroadMobi BM806U 2020:2033
- net/usb/qmi_wwan.c: Add USB id for lt4120 modem
- net-usb: add qmi_wwan if on lte modem wistron neweb d18q1
- llc: properly handle dev_queue_xmit() return value
- mm/kmemleak.c: wait for scan completion before disabling free
- net: Fix untag for vlan packets without ethernet header
- net: mvneta: fix enable of all initialized RXQs
- sh: fix debug trap failure to process signals before return to user
- x86/pgtable: Don't set huge PUD/PMD on non-leaf entries
- fs/proc/proc_sysctl.c: fix potential page fault while unregistering sysctl
table
- swap: divide-by-zero when zero length swap file on ssd
- sr: get/drop reference to device in revalidate and check_events
- Force log to disk before reading the AGF during a fstrim
- cpufreq: CPPC: Initialize shared perf capabilities of CPUs
- scsi: aacraid: Insure command thread is not recursively stopped
- dp83640: Ensure against premature access to PHY registers after reset
- mm/ksm: fix interaction with THP
- mm: fix races between address_space dereference and free in page_evicatable
- Btrfs: bail out on error during replay_dir_deletes
- Btrfs: fix NULL pointer dereference in log_dir_items
- btrfs: Fix possible softlock on single core machines
- ocfs2/dlm: don't handle migrate lockres if already in shutdown
- sched/rt: Fix rq->clock_update_flags < RQCF_ACT_SKIP warning
- KVM: VMX: raise internal error for exception during invalid protected mode
state
- fscache: Fix hanging wait on page discarded by writeback
- sparc64: Make atomic_xchg() an inline function rather than a macro.
- rtc: snvs: Fix usage of snvs_rtc_enable
- net: bgmac: Fix endian access in bgmac_dma_tx_ring_free()
- Bluetooth: btusb: Add USB ID 7392:a611 for Edimax EW-7611ULB
- btrfs: tests/qgroup: Fix wrong tree backref level
- Btrfs: fix copy_items() return value when logging an inode
- btrfs: fix lockdep splat in btrfs_alloc_subvolume_writers
- xen/acpi: off by one in read_acpi_id()
- ACPI: acpi_pad: Fix memory leak in power saving threads
- powerpc/mpic: Check if cpu_possible() in mpic_physmask()
- m68k: set dma and coherent masks for platform FEC ethernets
- parisc/pci: Switch LBA PCI bus from Hard Fail to Soft Fail mode
- hwmon: (nct6775) Fix writing pwmX_mode
- rtc: hctosys: Ensure system time doesn't overflow time_t
- powerpc/perf: Prevent kernel address leak to userspace via BHRB buffer
- powerpc/perf: Fix kernel address leak via sampling registers
- tools/thermal: tmon: fix for segfault
- selftests: Print the test we're running to /dev/kmsg
- net/mlx5: Protect from command bit overflow
- ath10k: Fix kernel panic while using worker (ath10k_sta_rc_update_wk)
- ima: Fix Kconfig to select TPM 2.0 CRB interface
- [Config] CONFIG_TCG_CRB=y
- ima: Fallback to the builtin hash algorithm
- arm: dts: socfpga: fix GIC PPI warning
- usb: dwc3: Update DWC_usb31 GTXFIFOSIZ reg fields
- cpufreq: cppc_cpufreq: Fix cppc_cpufreq_init() failure path
- clk: Don't show the incorrect clock phase
- zorro: Set up z->dev.dma_mask for the DMA API
- bcache: quit dc->writeback_thread when BCACHE_DEV_DETACHING is set
- ACPICA: Events: add a return on failure from acpi_hw_register_read
- ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c
- i2c: mv64xxx: Apply errata delay only in standard mode
- KVM: lapic: stop advertising DIRECTED_EOI when in-kernel IOAPIC is in use
- xhci: zero usb device slot_id member when disabling and freeing a xhci slot
- MIPS: ath79: Fix AR724X_PLL_REG_PCIE_CONFIG offset
- PCI: Restore config space on runtime resume despite being unbound
- ipmi_ssif: Fix kernel panic at msg_done_handler
- usb: dwc2: Fix interval type issue
- usb: gadget: ffs: Let setup() return USB_GADGET_DELAYED_STATUS
- usb: gadget: ffs: Execute copy_to_user() with USER_DS set
- powerpc: Add missing prototype for arch_irq_work_raise()
- ASoC: topology: create TLV data for dapm widgets
- perf/core: Fix perf_output_read_group()
- hwmon: (pmbus/max8688) Accept negative page register values
- hwmon: (pmbus/adm1275) Accept negative page register values
- cdrom: do not call check_disk_change() inside cdrom_open()
- gfs2: Fix fallocate chunk size
- usb: gadget: udc: change comparison to bitshift when dealing with a mask
- usb: gadget: composite: fix incorrect handling of OS desc requests
- x86/devicetree: Initialize device tree before using it
- x86/devicetree: Fix device IRQ settings in DT
- ALSA: vmaster: Propagate slave error
- media: cx23885: Override 888 ImpactVCBe crystal frequency
- media: cx23885: Set subdev host data to clk_freq pointer
- media: s3c-camif: fix out-of-bounds array access
- dmaengine: pl330: fix a race condition in case of threaded irqs
- media: em28xx: USB bulk packet size fix
- clk: rockchip: Prevent calculating mmc phase if clock rate is zero
- enic: enable rq before updating rq descriptors
- hwrng: stm32 - add reset during probe
- staging: rtl8192u: return -ENOMEM on failed allocation of priv->oldaddr
- rtc: tx4939: avoid unintended sign extension on a 24 bit shift
- serial: xuartps: Fix out-of-bounds access through DT alias
- serial: samsung: Fix out-of-bounds access through serial port index
- serial: mxs-auart: Fix out-of-bounds access through serial port index
- serial: imx: Fix out-of-bounds access through serial port index
- serial: fsl_lpuart: Fix out-of-bounds access through DT alias
- serial: arc_uart: Fix out-of-bounds access through DT alias
- PCI: Add function 1 DMA alias quirk for Marvell 88SE9220
- udf: Provide saner default for invalid uid / gid
- media: cx25821: prevent out-of-bounds read on array card
- clk: samsung: s3c2410: Fix PLL rates
- clk: samsung: exynos5260: Fix PLL rates
- clk: samsung: exynos5433: Fix PLL rates
- clk: samsung: exynos5250: Fix PLL rates
- clk: samsung: exynos3250: Fix PLL rates
- crypto: sunxi-ss - Add MODULE_ALIAS to sun4i-ss
- audit: return on memory error to avoid null pointer dereference
- MIPS: Octeon: Fix logging messages with spurious periods after newlines
- drm/rockchip: Respect page offset for PRIME mmap calls
- x86/apic: Set up through-local-APIC mode on the boot CPU if 'noapic'
specified
- perf tests: Use arch__compare_symbol_names to compare symbols
- perf report: Fix memory corruption in --branch-history mode --branch-history
- selftests/net: fixes psock_fanout eBPF test case
- netlabel: If PF_INET6, check sk_buff ip header version
- scsi: lpfc: Fix issue_lip if link is disabled
- scsi: lpfc: Fix soft lockup in lpfc worker thread during LIP testing
- scsi: lpfc: Fix frequency of Release WQE CQEs
- regulator: of: Add a missing 'of_node_put()' in an error handling path of
'of_regulator_match()'
- ASoC: samsung: i2s: Ensure the RCLK rate is properly determined
- Bluetooth: btusb: Add device ID for RTL8822BE
- kdb: make "mdr" command repeat
- s390/ftrace: use expoline for indirect branches
- Linux 4.4.134
* Support SocketCAN over USB on Dell IoT 300x Gateways (LP: #1774563)
- [Config] CONFIG_CAN_HMS_USB=m
- SAUCE: (no-up) Support IXXAT USB SocketCAN device
- i386/amd64 -- Add new module ixx_usb
* Ubuntu 16.04 (4.4.0-127) hangs on boot with virtio-scsi MQ enabled
(LP: #1775235)
- SAUCE: (no-up) virtio-scsi: Increment reqs counter.
* register on binfmt_misc may overflow and crash the system (LP: #1775856)
- fs/binfmt_misc.c: do not allow offset overflow
* The kernel NULL pointer dereference happens when accessing the task_struct
by task_cpu() in function cpuacct_charge() (LP: #1775326)
- sched/cpuacct: Simplify the cpuacct code
* Xenial update to 4.4.133 stable release (LP: #1775477)
- 8139too: Use disable_irq_nosync() in rtl8139_poll_controller()
- bridge: check iface upper dev when setting master via ioctl
- dccp: fix tasklet usage
- ipv4: fix memory leaks in udp_sendmsg, ping_v4_sendmsg
- llc: better deal with too small mtu
- net: ethernet: sun: niu set correct packet size in skb
- net/mlx4_en: Verify coalescing parameters are in range
- net_sched: fq: take care of throttled flows before reuse
- net: support compat 64-bit time in {s,g}etsockopt
- openvswitch: Don't swap table in nlattr_set() after OVS_ATTR_NESTED is found
- qmi_wwan: do not steal interfaces from class drivers
- r8169: fix powering up RTL8168h
- sctp: handle two v4 addrs comparison in sctp_inet6_cmp_addr
- sctp: use the old asoc when making the cookie-ack chunk in dupcook_d
- tg3: Fix vunmap() BUG_ON() triggered from tg3_free_consistent().
- bonding: do not allow rlb updates to invalid mac
- tcp: ignore Fast Open on repair mode
- sctp: fix the issue that the cookie-ack with auth can't get processed
- sctp: delay the authentication for the duplicated cookie-echo chunk
- ALSA: timer: Call notifier in the same spinlock
- audit: move calcs after alloc and check when logging set loginuid
- arm64: introduce mov_q macro to move a constant into a 64-bit register
- [Config] Add CONFIG_ARM64_ERRATUM_1024718=y
- arm64: Add work around for Arm Cortex-A55 Erratum 1024718
- futex: Remove unnecessary warning from get_futex_key
- futex: Remove duplicated code and fix undefined behaviour
- xfrm: fix xfrm_do_migrate() with AEAD e.g(AES-GCM)
- lockd: lost rollback of set_grace_period() in lockd_down_net()
- Revert "ARM: dts: imx6qdl-wandboard: Fix audio channel swap"
- l2tp: revert "l2tp: fix missing print session offset info"
- pipe: cap initial pipe capacity according to pipe-max-size limit
- futex: futex_wake_op, fix sign_extend32 sign bits
- kernel/exit.c: avoid undefined behaviour when calling wait4()
- usbip: usbip_host: refine probe and disconnect debug msgs to be useful
- usbip: usbip_host: delete device from busid_table after rebind
- usbip: usbip_host: run rebind from exit when module is removed
- usbip: usbip_host: fix NULL-ptr deref and use-after-free errors
- usbip: usbip_host: fix bad unlock balance during stub_probe()
- ALSA: usb: mixer: volume quirk for CM102-A+/102S+
- ALSA: hda: Add Lenovo C50 All in one to the power_save blacklist
- ALSA: control: fix a redundant-copy issue
- spi: pxa2xx: Allow 64-bit DMA
- powerpc/powernv: panic() on OPAL < V3
- powerpc/powernv: Remove OPALv2 firmware define and references
- powerpc/powernv: remove FW_FEATURE_OPALv3 and just use FW_FEATURE_OPAL
- cpuidle: coupled: remove unused define cpuidle_coupled_lock
- powerpc: Don't preempt_disable() in show_cpuinfo()
- vmscan: do not force-scan file lru if its absolute size is small
- mm: filemap: remove redundant code in do_read_cache_page
- mm: filemap: avoid unnecessary calls to lock_page when waiting for IO to
complete during a read
- signals: avoid unnecessary taking of sighand->siglock
- tracing/x86/xen: Remove zero data size trace events
trace_xen_mmu_flush_tlb{_all}
- proc read mm's {arg,env}_{start,end} with mmap semaphore taken.
- powerpc/powernv: Fix NVRAM sleep in invalid context when crashing
- mm: don't allow deferred pages with NEED_PER_CPU_KM
- s390/qdio: fix access to uninitialized qdio_q fields
- s390/qdio: don't release memory in qdio_setup_irq()
- s390: remove indirect branch from do_softirq_own_stack
- efi: Avoid potential crashes, fix the 'struct efi_pci_io_protocol_32'
definition for mixed mode
- ARM: 8771/1: kprobes: Prohibit kprobes on do_undefinstr
- tick/broadcast: Use for_each_cpu() specially on UP kernels
- ARM: 8769/1: kprobes: Fix to use get_kprobe_ctlblk after irq-disabed
- ARM: 8770/1: kprobes: Prohibit probing on optimized_callback
- ARM: 8772/1: kprobes: Prohibit kprobes on get_user functions
- Btrfs: fix xattr loss after power failure
- btrfs: fix crash when trying to resume balance without the resume flag
- btrfs: fix reading stale metadata blocks after degraded raid1 mounts
- net: test tailroom before appending to linear skb
- packet: in packet_snd start writing at link layer allocation
- sock_diag: fix use-after-free read in __sk_free
- tcp: purge write queue in tcp_connect_init()
- ext2: fix a block leak
- s390: add assembler macros for CPU alternatives
- s390: move expoline assembler macros to a header
- s390/lib: use expoline for indirect branches
- s390/kernel: use expoline for indirect branches
- s390: move spectre sysfs attribute code
- s390: extend expoline to BC instructions
- s390: use expoline thunks in the BPF JIT
- scsi: libsas: defer ata device eh commands to libata
- scsi: sg: allocate with __GFP_ZERO in sg_build_indirect()
- scsi: zfcp: fix infinite iteration on ERP ready list
- dmaengine: ensure dmaengine helpers check valid callback
- time: Fix CLOCK_MONOTONIC_RAW sub-nanosecond accounting
- gpio: rcar: Add Runtime PM handling for interrupts
- cfg80211: limit wiphy names to 128 bytes
- hfsplus: stop workqueue when fill_super() failed
- x86/kexec: Avoid double free_page() upon do_kexec_load() failure
- Linux 4.4.133
* vmxnet3: update to latest ToT (LP: #1768143)
- vmxnet3: avoid xmit reset due to a race in vmxnet3
- vmxnet3: use correct flag to indicate LRO feature
- vmxnet3: fix incorrect dereference when rxvlan is disabled
* Prevent speculation on user controlled pointer (LP: #1775137)
- x86: reorganize SMAP handling in user space accesses
- x86: fix SMAP in 32-bit environments
- x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec
- x86/usercopy: Replace open coded stac/clac with __uaccess_{begin, end}
- x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec
* Xenial update to 4.4.132 stable release (LP: #1774173)
- perf/core: Fix the perf_cpu_time_max_percent check
- bpf: map_get_next_key to return first key on NULL
- percpu: include linux/sched.h for cond_resched()
- mac80211: allow not sending MIC up from driver for HW crypto
- mac80211: allow same PN for AMSDU sub-frames
- mac80211: Add RX flag to indicate ICV stripped
- ath10k: fix rfc1042 header retrieval in QCA4019 with eth decap mode
- ath10k: rebuild crypto header in rx data frames
- gpmi-nand: Handle ECC Errors in erased pages
- USB: serial: option: Add support for Quectel EP06
- ALSA: pcm: Check PCM state at xfern compat ioctl
- ALSA: seq: Fix races at MIDI encoding in snd_virmidi_output_trigger()
- ALSA: aloop: Mark paused device as inactive
- ALSA: aloop: Add missing cable lock to ctl API callbacks
- tracepoint: Do not warn on ENOMEM
- Input: leds - fix out of bound access
- Input: atmel_mxt_ts - add touchpad button mapping for Samsung Chromebook Pro
- xfs: prevent creating negative-sized file via INSERT_RANGE
- RDMA/ucma: Allow resolving address w/o specifying source address
- RDMA/mlx5: Protect from shift operand overflow
- NET: usb: qmi_wwan: add support for ublox R410M PID 0x90b2
- IB/mlx5: Use unlimited rate when static rate is not supported
- drm/vmwgfx: Fix a buffer object leak
- test_firmware: fix setting old custom fw path back on exit, second try
- USB: serial: visor: handle potential invalid device configuration
- USB: Accept bulk endpoints with 1024-byte maxpacket
- USB: serial: option: reimplement interface masking
- USB: serial: option: adding support for ublox R410M
- usb: musb: host: fix potential NULL pointer dereference
- ipvs: fix rtnl_lock lockups caused by start_sync_thread
- crypto: af_alg - fix possible uninit-value in alg_bind()
- netlink: fix uninit-value in netlink_sendmsg
- net: fix rtnh_ok()
- net: initialize skb->peeked when cloning
- net: fix uninit-value in __hw_addr_add_ex()
- dccp: initialize ireq->ir_mark
- soreuseport: initialise timewait reuseport field
- perf: Remove superfluous allocation error check
- tcp: fix TCP_REPAIR_QUEUE bound checking
- bdi: Fix oops in wb_workfn()
- f2fs: fix a dead loop in f2fs_fiemap()
- xfrm_user: fix return value from xfrm_user_rcv_msg
- rfkill: gpio: fix memory leak in probe error path
- libata: Apply NOLPM quirk for SanDisk SD7UB3Q*G1001 SSDs
- tracing: Fix regex_match_front() to not over compare the test string
- can: kvaser_usb: Increase correct stats counter in kvaser_usb_rx_can_msg()
- net: atm: Fix potential Spectre v1
- atm: zatm: Fix potential Spectre v1
- Revert "Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174"
- tracing/uprobe_event: Fix strncpy corner case
- perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_*
- perf/x86/cstate: Fix possible Spectre-v1 indexing for pkg_msr
- perf/x86/msr: Fix possible Spectre-v1 indexing in the MSR driver
- perf/core: Fix possible Spectre-v1 indexing for ->aux_pages[]
- perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map()
- Linux 4.4.132
* Update to upstream's implementation of Spectre v1 mitigation (LP: #1774181)
- Documentation: Document array_index_nospec
- array_index_nospec: Sanitize speculative array de-references
- x86: Implement array_index_mask_nospec
- x86: Introduce barrier_nospec
- x86/get_user: Use pointer masking to limit speculation
- x86/syscall: Sanitize syscall table de-references under speculation
- vfs, fdtable: Prevent bounds-check bypass via speculative execution
- nl80211: Sanitize array index in parse_txq_params
- x86/spectre: Report get_user mitigation for spectre_v1
- x86/kvm: Update spectre-v1 mitigation
- nospec: Allow index argument to have const-qualified type
- x86/syscall: Sanitize syscall table de-references under speculation fix
- mpls, nospec: Sanitize array index in mpls_label_ok()
- nospec: Include <asm/barrier.h> dependency
- nospec: Move array_index_nospec() parameter checking into separate macro
- nospec: Kill array_index_nospec_mask_check()
- ALSA: seq: oss: Hardening for potential Spectre v1
- ALSA: hda: Hardening for potential Spectre v1
- SAUCE: Replace osb() calls with array_index_nospec()
- SAUCE: Rename osb() to barrier_nospec()
- SAUCE: bpf: Use barrier_nospec() instead of osb()
* CVE-2018-3639 (x86)
- KVM: x86: remove magic number with enum cpuid_leafs
- SAUCE: x86/cpufeatures: Move CPUID_7_EDX CPUID bits to word 18
- SAUCE: x86: Remove double include
- SAUCE: x86/pti: Evaluate X86_BUG_CPU_MELTDOWN when pti=auto
- SAUCE: x86/speculation: Query individual feature flags when reloading
microcode
* cpum_sf: ensure sample freq is non-zero (LP: #1772593)
- s390/cpum_sf: ensure sample frequency of perf event attributes is non-zero
* ELANPAD ELAN0612 does not work, patch available (LP: #1773509)
- SAUCE: Input: elan_i2c - add ELAN0612 to the ACPI table
* FS-Cache: Assertion failed: FS-Cache: 6 == 5 is false (LP: #1774336)
- SAUCE: CacheFiles: fix a read_waiter/read_copier race
* Kernel 4.4 NBD size overflow with image size exceeding 1TB (LP: #1772575)
- nbd: use loff_t for blocksize and nbd_set_size args
- nbd: fix 64-bit division
* 4.4.0-127.153 generates many "sit: non-ECT" messages (LP: #1772775)
- Revert "sit: reload iphdr in ipip6_rcv"
* Creation of IMA file hashes fails when appraisal is enabled (LP: #1771826)
- Revert "ima: limit file hash setting by user to fix and log modes"
* Setting ipv6.disable=1 prevents both IPv4 and IPv6 socket opening for VXLAN
tunnels (LP: #1771301)
- vxlan: correctly handle ipv6.disable module parameter
* CVE-2018-7755
- SAUCE: floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl
* Support UVC1.5 Camera for Xenial (LP: #1773905)
- uvcvideo: Enable UVC 1.5 device detection
* Kernel produces empty lines in /proc/PID/status (LP: #1772671)
- SAUCE: seccomp: Remove double newline sequence in /proc/PID/status
* rfi-flush: Switch to new linear fallback flush (LP: #1744173)
- powerpc/64s: Improve RFI L1-D cache flush fallback
- SAUCE: rfi-flush: Make it possible to call setup_rfi_flush() again
-- Khalid Elmously <email address hidden> Fri, 15 Jun 2018 11:47:48 -0400
-
linux-aws (4.4.0-1023.23) trusty; urgency=medium
* linux-aws: 4.4.0-1023.23 -proposed tracker (LP: #1772963)
* Xenial update to 4.4.129 stable release (LP: #1768429)
- [Config] Remove ARCH_HWEIGHT_CFLAGS
[ Ubuntu: 4.4.0-128.154 ]
* linux: 4.4.0-128.154 -proposed tracker (LP: #1772960)
* CVE-2018-3639 (x86)
- x86/cpu: Make alternative_msr_write work for 32-bit code
- x86/bugs: Fix the parameters alignment and missing void
- KVM: SVM: Move spec control call after restore of GS
- x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP
- x86/cpufeatures: Disentangle MSR_SPEC_CTRL enumeration from IBRS
- x86/cpufeatures: Disentangle SSBD enumeration
- x86/cpu/AMD: Fix erratum 1076 (CPB bit)
- x86/cpufeatures: Add FEATURE_ZEN
- x86/speculation: Handle HT correctly on AMD
- x86/bugs, KVM: Extend speculation control for VIRT_SPEC_CTRL
- x86/speculation: Add virtualized speculative store bypass disable support
- x86/speculation: Rework speculative_store_bypass_update()
- x86/bugs: Unify x86_spec_ctrl_{set_guest,restore_host}
- x86/bugs: Expose x86_spec_ctrl_base directly
- x86/bugs: Remove x86_spec_ctrl_set()
- x86/bugs: Rework spec_ctrl base and mask logic
- x86/speculation, KVM: Implement support for VIRT_SPEC_CTRL/LS_CFG
- KVM: SVM: Implement VIRT_SPEC_CTRL support for SSBD
- x86/bugs: Rename SSBD_NO to SSB_NO
- KVM: VMX: Expose SSBD properly to guests.
* [i915_bpo] Fix flickering issue after panel change (LP: #1770565)
- drm/i915: Fix iboost setting for DDI with 4 lanes on SKL
- drm/i915: Name the "iboost bit"
- drm/i915: Program iboost settings for HDMI/DVI on SKL
- drm/i915: Move bxt_ddi_vswing_sequence() call into intel_ddi_pre_enable()
for HDMI
- drm/i915: Explicitly use ddi buf trans entry 9 for hdmi
- drm/i915: Split DP/eDP/FDI and HDMI/DVI DDI buffer programming apart
- drm/i915: Get the iboost setting based on the port type
- drm/i915: Simplify intel_ddi_get_encoder_port()
- drm/i915: Fix iboost setting for SKL Y/U DP DDI buffer translation entry 2
- drm/i915: KBL - Recommended buffer translation programming for DisplayPort
- drm/i915: Ignore OpRegion panel type except on select machines
* [SRU][Bionic/Artful] fix false positives in W+X checking (LP: #1769696)
- init: fix false positives in W+X checking
* [Ubuntu 16.04] kernel: fix rwlock implementation (LP: #1761674)
- SAUCE: (no-up) s390: fix rwlock implementation
* linux < 4.11: unable to use netfilter logging from non-init namespaces
(LP: #1766573)
- netfilter: allow logging from non-init namespaces
* [LTC Test] Ubuntu 18.04: tm_sigreturn failed on P8 compat mode 16.04.04
guest (LP: #1771439)
- powerpc: signals: Discard transaction state from signal frames
* QCA9377 requires more IRAM banks for its new firmware (LP: #1748345)
- ath10k: update the IRAM bank number for QCA9377
* i915/kbl_dmc_ver1.bin failed with error -2 package 1.157.17 kernel
4.4.0-116-generic (LP: #1752536)
- ubuntu: i915_bpo - Add MODULE_FIRMWARE for Geminilake's DMC
* Xenial update to 4.4.131 stable release (LP: #1768825)
- ext4: prevent right-shifting extents beyond EXT_MAX_BLOCKS
- ext4: set h_journal if there is a failure starting a reserved handle
- ext4: add validity checks for bitmap block numbers
- ext4: fix bitmap position validation
- usbip: usbip_host: fix to hold parent lock for device_attach() calls
- usbip: vhci_hcd: Fix usb device and sockfd leaks
- USB: serial: simple: add libtransistor console
- USB: serial: ftdi_sio: use jtag quirk for Arrow USB Blaster
- USB: serial: cp210x: add ID for NI USB serial console
- usb: core: Add quirk for HP v222w 16GB Mini
- USB: Increment wakeup count on remote wakeup.
- ALSA: usb-audio: Skip broken EU on Dell dock USB-audio
- virtio: add ability to iterate over vqs
- virtio_console: free buffers after reset
- drm/virtio: fix vq wait_event condition
- tty: Don't call panic() at tty_ldisc_init()
- tty: n_gsm: Fix long delays with control frame timeouts in ADM mode
- tty: n_gsm: Fix DLCI handling for ADM mode if debug & 2 is not set
- tty: Use __GFP_NOFAIL for tty_ldisc_get()
- ALSA: core: Report audio_tstamp in snd_pcm_sync_ptr
- ALSA: seq: oss: Fix unbalanced use lock for synth MIDI device
- ALSA: hda/realtek - Add some fixes for ALC233
- mtd: cfi: cmdset_0001: Do not allow read/write to suspend erase block.
- mtd: cfi: cmdset_0001: Workaround Micron Erase suspend bug.
- mtd: cfi: cmdset_0002: Do not allow read/write to suspend erase block.
- kobject: don't use WARN for registration failures
- scsi: sd: Defer spinning up drive while SANITIZE is in progress
- ARM: amba: Make driver_override output consistent with other buses
- ARM: amba: Fix race condition with driver_override
- ARM: amba: Don't read past the end of sysfs "driver_override" buffer
- ASoC: fsl_esai: Fix divisor calculation failure at lower ratio
- libceph: validate con->state at the top of try_write()
- x86/ipc: Fix x32 version of shmid64_ds and msqid64_ds
- x86/smpboot: Don't use mwait_play_dead() on AMD systems
- serial: mctrl_gpio: export mctrl_gpio_disable_ms and mctrl_gpio_init
- serial: mctrl_gpio: Add missing module license
- Linux 4.4.131
* Xenial update to 4.4.130 stable release (LP: #1768474) // CVE-2017-5715 //
CVE-2017-5753
- SAUCE: s390: print messages for gmb and nobp
* Xenial update to 4.4.130 stable release (LP: #1768474)
- cifs: do not allow creating sockets except with SMB1 posix exensions
- x86/tsc: Prevent 32bit truncation in calc_hpet_ref()
- perf: Return proper values for user stack errors
- staging: ion : Donnot wakeup kswapd in ion system alloc
- r8152: add Linksys USB3GIGV1 id
- Input: drv260x - fix initializing overdrive voltage
- ath9k_hw: check if the chip failed to wake up
- jbd2: fix use after free in kjournald2()
- Revert "ath10k: send (re)assoc peer command when NSS changed"
- Revert "UBUNTU: SAUCE: s390: print messages for gmb and nobp"
- Revert "UBUNTU: SAUCE: s390: improve cpu alternative handling for gmb and
nobp"
- Revert "s390: add ppa to kernel entry / exit"
- Revert "s390: introduce CPU alternatives"
- s390: introduce CPU alternatives
- s390: enable CPU alternatives unconditionally
- s390/alternative: use a copy of the facility bit mask
- s390: add options to change branch prediction behaviour for the kernel
- s390: scrub registers on kernel entry and KVM exit
- s390: add optimized array_index_mask_nospec
- s390: run user space and KVM guests with modified branch prediction
- s390: introduce execute-trampolines for branches
- s390: Replace IS_ENABLED(EXPOLINE_*) with IS_ENABLED(CONFIG_EXPOLINE_*)
- s390: do not bypass BPENTER for interrupt system calls
- s390/entry.S: fix spurious zeroing of r0
- s390: move nobp parameter functions to nospec-branch.c
- s390: add automatic detection of the spectre defense
- [Config] Add CONFIG_EXPOLINE=y and CONFIG_EXPOLINE_AUTO=y
- s390: report spectre mitigation via syslog
- s390: add sysfs attributes for spectre
- s390: correct nospec auto detection init order
- s390: correct module section names for expoline code revert
- bonding: do not set slave_dev npinfo before slave_enable_netpoll in
bond_enslave
- KEYS: DNS: limit the length of option strings
- l2tp: check sockaddr length in pppol2tp_connect()
- net: validate attribute sizes in neigh_dump_table()
- llc: delete timers synchronously in llc_sk_free()
- tcp: don't read out-of-bounds opsize
- team: avoid adding twice the same option to the event list
- team: fix netconsole setup over team
- packet: fix bitfield update race
- pppoe: check sockaddr length in pppoe_connect()
- vlan: Fix reading memory beyond skb->tail in skb_vlan_tagged_multi
- sctp: do not check port in sctp_inet6_cmp_addr
- llc: hold llc_sap before release_sock()
- llc: fix NULL pointer deref for SOCK_ZAPPED
- tipc: add policy for TIPC_NLA_NET_ADDR
- net: fix deadlock while clearing neighbor proxy table
- tcp: md5: reject TCP_MD5SIG or TCP_MD5SIG_EXT on established sockets
- net: af_packet: fix race in PACKET_{R|T}X_RING
- ipv6: add RTA_TABLE and RTA_PREFSRC to rtm_ipv6_policy
- scsi: mptsas: Disable WRITE SAME
- cdrom: information leak in cdrom_ioctl_media_changed()
- s390/cio: update chpid descriptor after resource accessibility event
- s390/uprobes: implement arch_uretprobe_is_alive()
- Linux 4.4.130
- SAUCE: s390: Add 'nogmb' kernel parameter
* Xenial update to 4.4.129 stable release (LP: #1768429)
- media: v4l2-compat-ioctl32: don't oops on overlay
- parisc: Fix out of array access in match_pci_device()
- perf intel-pt: Fix overlap detection to identify consecutive buffers
correctly
- perf intel-pt: Fix sync_switch
- perf intel-pt: Fix error recovery from missing TIP packet
- perf intel-pt: Fix timestamp following overflow
- radeon: hide pointless #warning when compile testing
- block/loop: fix deadlock after loop_set_status
- s390/qdio: don't retry EQBS after CCQ 96
- s390/qdio: don't merge ERROR output buffers
- s390/ipl: ensure loadparm valid flag is set
- getname_kernel() needs to make sure that ->name != ->iname in long case
- rtl8187: Fix NULL pointer dereference in priv->conf_mutex
- hwmon: (ina2xx) Fix access to uninitialized mutex
- cdc_ether: flag the Cinterion AHS8 modem by gemalto as WWAN
- slip: Check if rstate is initialized before uncompressing
- lan78xx: Correctly indicate invalid OTP
- x86/hweight: Get rid of the special calling convention
- [Config] Remove ARCH_HWEIGHT_CFLAGS
- x86/hweight: Don't clobber %rdi
- tty: make n_tty_read() always abort if hangup is in progress
- ubifs: Check ubifs_wbuf_sync() return code
- ubi: fastmap: Don't flush fastmap work on detach
- ubi: Fix error for write access
- ubi: Reject MLC NAND
- fs/reiserfs/journal.c: add missing resierfs_warning() arg
- resource: fix integer overflow at reallocation
- ipc/shm: fix use-after-free of shm file via remap_file_pages()
- mm, slab: reschedule cache_reap() on the same CPU
- usb: musb: gadget: misplaced out of bounds check
- ARM: dts: at91: at91sam9g25: fix mux-mask pinctrl property
- ARM: dts: at91: sama5d4: fix pinctrl compatible string
- xen-netfront: Fix hang on device removal
- regmap: Fix reversed bounds check in regmap_raw_write()
- ACPI / video: Add quirk to force acpi-video backlight on Samsung 670Z5E
- ACPI / hotplug / PCI: Check presence of slot itself in get_slot_status()
- USB:fix USB3 devices behind USB3 hubs not resuming at hibernate thaw
- usb: dwc3: pci: Properly cleanup resource
- HID: i2c-hid: fix size check and type usage
- powerpc/powernv: Handle unknown OPAL errors in opal_nvram_write()
- powerpc/64: Fix smp_wmb barrier definition use use lwsync consistently
- powerpc/powernv: define a standard delay for OPAL_BUSY type retry loops
- powerpc/powernv: Fix OPAL NVRAM driver OPAL_BUSY loops
- HID: Fix hid_report_len usage
- HID: core: Fix size as type u32
- ASoC: ssm2602: Replace reg_default_raw with reg_default
- thunderbolt: Resume control channel after hibernation image is created
- random: use a tighter cap in credit_entropy_bits_safe()
- jbd2: if the journal is aborted then don't allow update of the log tail
- ext4: don't update checksum of new initialized bitmaps
- ext4: fail ext4_iget for root directory if unallocated
- RDMA/ucma: Don't allow setting RDMA_OPTION_IB_PATH without an RDMA device
- ALSA: pcm: Fix UAF at PCM release via PCM timer access
- IB/srp: Fix srp_abort()
- IB/srp: Fix completion vector assignment algorithm
- dmaengine: at_xdmac: fix rare residue corruption
- um: Use POSIX ucontext_t instead of struct ucontext
- iommu/vt-d: Fix a potential memory leak
- mmc: jz4740: Fix race condition in IRQ mask update
- clk: mvebu: armada-38x: add support for 1866MHz variants
- clk: mvebu: armada-38x: add support for missing clocks
- clk: bcm2835: De-assert/assert PLL reset signal when appropriate
- thermal: imx: Fix race condition in imx_thermal_probe()
- watchdog: f71808e_wdt: Fix WD_EN register read
- ALSA: oss: consolidate kmalloc/memset 0 call to kzalloc
- ALSA: pcm: Use ERESTARTSYS instead of EINTR in OSS emulation
- ALSA: pcm: Avoid potential races between OSS ioctls and read/write
- ALSA: pcm: Return -EBUSY for OSS ioctls changing busy streams
- ALSA: pcm: Fix mutex unbalance in OSS emulation ioctls
- ALSA: pcm: Fix endless loop for XRUN recovery in OSS emulation
- vfio-pci: Virtualize PCIe & AF FLR
- vfio/pci: Virtualize Maximum Payload Size
- vfio/pci: Virtualize Maximum Read Request Size
- ext4: don't allow r/w mounts if metadata blocks overlap the superblock
- drm/radeon: Fix PCIe lane width calculation
- ext4: fix crashes in dioread_nolock mode
- ext4: fix deadlock between inline_data and ext4_expand_extra_isize_ea()
- ALSA: line6: Use correct endpoint type for midi output
- ALSA: rawmidi: Fix missing input substream checks in compat ioctls
- ALSA: hda - New VIA controller suppor no-snoop path
- HID: hidraw: Fix crash on HIDIOCGFEATURE with a destroyed device
- MIPS: uaccess: Add micromips clobbers to bzero invocation
- MIPS: memset.S: EVA & fault support for small_memset
- MIPS: memset.S: Fix return of __clear_user from Lpartial_fixup
- MIPS: memset.S: Fix clobber of v1 in last_fixup
- powerpc/eeh: Fix enabling bridge MMIO windows
- powerpc/lib: Fix off-by-one in alternate feature patching
- jffs2_kill_sb(): deal with failed allocations
- hypfs_kill_super(): deal with failed allocations
- rpc_pipefs: fix double-dput()
- Don't leak MNT_INTERNAL away from internal mounts
- autofs: mount point create should honour passed in mode
- mm: allow GFP_{FS,IO} for page_cache_read page cache allocation
- mm/filemap.c: fix NULL pointer in page_cache_tree_insert()
- ext4: bugfix for mmaped pages in mpage_release_unused_pages()
- fanotify: fix logic of events on child
- writeback: safer lock nesting
- Linux 4.4.129
* CVE-2018-8087
- mac80211_hwsim: fix possible memory leak in hwsim_new_radio_nl()
* Integrated Webcam Realtek Integrated_Webcam_HD (0bda:58f4) not working in
DELL XPS 13 9370 with firmware 1.50 (LP: #1763748)
- SAUCE: media: uvcvideo: Support realtek's UVC 1.5 device
* [Xenial] Kernels OOPS when mwifiex is in AP mode (LP: #1769671)
- Revert "UBUNTU: SAUCE: mwifiex: do not dereference invalid pointer"
- Revert "UBUNTU: SAUCE: net/wireless: do not dereference invalid pointer"
- mwifiex: cfg80211: do not change virtual interface during scan processing
* user space process hung in 'D' state waiting for disk io to complete
(LP: #1750038)
- NFS: Use GFP_NOIO for two allocations in writeback
* Acer Swift sf314-52 power button not managed (LP: #1766054)
- SAUCE: platform/x86: acer-wmi: add another KEY_POWER keycode
-- Khalid Elmously <email address hidden> Fri, 25 May 2018 17:19:56 -0400
-
linux-aws (4.4.0-1022.22) trusty; urgency=medium
[ Ubuntu: 4.4.0-127.153 ]
* CVE-2018-3639 (powerpc)
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Set or clear security feature flags
- powerpc/64s: Move cpu_show_meltdown()
- powerpc/64s: Enhance the information in cpu_show_meltdown()
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/64s: Wire up cpu_show_spectre_v1()
- powerpc/64s: Wire up cpu_show_spectre_v2()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel
entry/exit
* CVE-2018-3639 (x86)
- SAUCE: Clean up IBPB and IBRS control functions and macros
- SAUCE: Fix up IBPB and IBRS kernel parameters documentation
- SAUCE: Remove #define X86_FEATURE_PTI
- x86/cpufeature: Move some of the scattered feature bits to x86_capability
- x86/cpufeature: Cleanup get_cpu_cap()
- x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6
- x86/cpufeatures: Add CPUID_7_EDX CPUID leaf
- x86/cpufeatures: Add Intel feature bits for Speculation Control
- SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf
- x86/cpufeatures: Add AMD feature bits for Speculation Control
- x86/msr: Add definitions for new speculation control MSRs
- SAUCE: x86/msr: Rename MSR spec control feature bits
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes
- x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support
- x86/speculation: Add <asm/msr-index.h> dependency
- x86/cpufeatures: Clean up Spectre v2 related CPUID flags
- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel
- SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code
- SAUCE: x86: Add alternative_msr_write
- SAUCE: x86/nospec: Simplify alternative_msr_write()
- SAUCE: x86/bugs: Concentrate bug detection into a separate function
- SAUCE: x86/bugs: Concentrate bug reporting into a separate function
- arch: Introduce post-init read-only memory
- SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS
- SAUCE: x86/bugs: Expose /sys/../spec_store_bypass
- SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS
- SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable
mitigation
- SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS
- SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if
requested
- SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell
- SAUCE: prctl: Add speculation control prctls
- x86/process: Optimize TIF checks in __switch_to_xtra()
- SAUCE: x86/process: Allow runtime control of Speculative Store Bypass
- SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation
- SAUCE: nospec: Allow getting/setting on non-current task
- SAUCE: proc: Provide details on speculation flaw mitigations
- SAUCE: seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- SAUCE: x86/bugs: Make boot modes __ro_after_init
- SAUCE: prctl: Add force disable speculation
- SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE
- selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC
- SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation
- SAUCE: seccomp: Move speculation migitation control to arch code
- SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative
Store Bypass
- SAUCE: x86/bugs: Rename _RDS to _SSBD
- SAUCE: proc: Use underscores for SSBD in 'status'
- SAUCE: Documentation/spec_ctrl: Do some minor cleanups
- SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type
- SAUCE: x86/bugs: Make cpu_show_common() static
- x86/entry: define _TIF_ALLWORK_MASK flags explicitly
- Revert "x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2
microcodes"
- SAUCE: kvm/cpuid: Fix CPUID_7_0.EDX handling
linux-aws (4.4.0-1020.20) trusty; urgency=medium
* linux-aws: 4.4.0-1020.20 -proposed tracker (LP: #1770013)
* Xenial update to 4.4.118 stable release (LP: #1756866)
- [Config] Add CONFIG_DST_CACHE=y
- [Config] Add CONFIG_USB_NET_CDC_SUBSET_ENABLE=m
[ Ubuntu: 4.4.0-125.150 ]
* linux: 4.4.0-125.150 -proposed tracker (LP: #1770011)
* Unable to insert test_bpf module on Xenial (LP: #1765698)
- bpf: fix selftests/bpf test_kmod.sh failure when CONFIG_BPF_JIT_ALWAYS_ON=y
- test_bpf: Fix testing with CONFIG_BPF_JIT_ALWAYS_ON=y on other arches
* virtio_scsi race can corrupt memory, panic kernel (LP: #1765241)
- SAUCE: (no-up) virtio-scsi: Fix race in target free
* bpf_map_lookup_elem: BUG: unable to handle kernel paging request
(LP: #1763454) // CVE-2017-17862
- SAUCE: Add missing hunks from "bpf: fix branch pruning logic"
* Xenial: rfkill: fix missing return on rfkill_init (LP: #1764810)
- rfkill: fix missing return on rfkill_init
* "ip a" command on a guest VM shows UNKNOWN status (LP: #1761534)
- virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS
* Xenial update to 4.4.128 stable release (LP: #1765010)
- cfg80211: make RATE_INFO_BW_20 the default
- md/raid5: make use of spin_lock_irq over local_irq_disable + spin_lock
- rtc: snvs: fix an incorrect check of return value
- x86/asm: Don't use RBP as a temporary register in
csum_partial_copy_generic()
- NFSv4.1: RECLAIM_COMPLETE must handle NFS4ERR_CONN_NOT_BOUND_TO_SESSION
- IB/srpt: Fix abort handling
- af_key: Fix slab-out-of-bounds in pfkey_compile_policy.
- mac80211: bail out from prep_connection() if a reconfig is ongoing
- bna: Avoid reading past end of buffer
- qlge: Avoid reading past end of buffer
- ipmi_ssif: unlock on allocation failure
- net: cdc_ncm: Fix TX zero padding
- net: ethernet: ti: cpsw: adjust cpsw fifos depth for fullduplex flow control
- lockd: fix lockd shutdown race
- drivers/misc/vmw_vmci/vmci_queue_pair.c: fix a couple integer overflow tests
- pidns: disable pid allocation if pid_ns_prepare_proc() is failed in
alloc_pid()
- s390: move _text symbol to address higher than zero
- net/mlx4_en: Avoid adding steering rules with invalid ring
- NFSv4.1: Work around a Linux server bug...
- CIFS: silence lockdep splat in cifs_relock_file()
- net: qca_spi: Fix alignment issues in rx path
- netxen_nic: set rcode to the return status from the call to netxen_issue_cmd
- Input: elan_i2c - check if device is there before really probing
- Input: elantech - force relative mode on a certain module
- KVM: PPC: Book3S PR: Check copy_to/from_user return values
- vmxnet3: ensure that adapter is in proper state during force_close
- SMB2: Fix share type handling
- bus: brcmstb_gisb: Use register offsets with writes too
- bus: brcmstb_gisb: correct support for 64-bit address output
- PowerCap: Fix an error code in powercap_register_zone()
- ARM: dts: imx53-qsrb: Pulldown PMIC IRQ pin
- staging: wlan-ng: prism2mgmt.c: fixed a double endian conversion before
calling hfa384x_drvr_setconfig16, also fixes relative sparse warning
- x86/tsc: Provide 'tsc=unstable' boot parameter
- ARM: dts: imx6qdl-wandboard: Fix audio channel swap
- ipv6: avoid dad-failures for addresses with NODAD
- async_tx: Fix DMA_PREP_FENCE usage in do_async_gen_syndrome()
- usb: dwc3: keystone: check return value
- btrfs: fix incorrect error return ret being passed to mapping_set_error
- ata: libahci: properly propagate return value of platform_get_irq()
- neighbour: update neigh timestamps iff update is effective
- arp: honour gratuitous ARP _replies_
- usb: chipidea: properly handle host or gadget initialization failure
- USB: ene_usb6250: fix first command execution
- net: x25: fix one potential use-after-free issue
- USB: ene_usb6250: fix SCSI residue overwriting
- serial: 8250: omap: Disable DMA for console UART
- serial: sh-sci: Fix race condition causing garbage during shutdown
- sh_eth: Use platform device for printing before register_netdev()
- scsi: csiostor: fix use after free in csio_hw_use_fwconfig()
- powerpc/mm: Fix virt_addr_valid() etc. on 64-bit hash
- ath5k: fix memory leak on buf on failed eeprom read
- selftests/powerpc: Fix TM resched DSCR test with some compilers
- xfrm: fix state migration copy replay sequence numbers
- iio: hi8435: avoid garbage event at first enable
- iio: hi8435: cleanup reset gpio
- ext4: handle the rest of ext4_mb_load_buddy() ENOMEM errors
- md-cluster: fix potential lock issue in add_new_disk
- ARM: davinci: da8xx: Create DSP device only when assigned memory
- ray_cs: Avoid reading past end of buffer
- leds: pca955x: Correct I2C Functionality
- sched/numa: Use down_read_trylock() for the mmap_sem
- net/mlx5: Tolerate irq_set_affinity_hint() failures
- selinux: do not check open permission on sockets
- block: fix an error code in add_partition()
- mlx5: fix bug reading rss_hash_type from CQE
- net: ieee802154: fix net_device reference release too early
- libceph: NULL deref on crush_decode() error path
- netfilter: ctnetlink: fix incorrect nf_ct_put during hash resize
- pNFS/flexfiles: missing error code in ff_layout_alloc_lseg()
- ASoC: rsnd: SSI PIO adjust to 24bit mode
- scsi: bnx2fc: fix race condition in bnx2fc_get_host_stats()
- fix race in drivers/char/random.c:get_reg()
- ext4: fix off-by-one on max nr_pages in ext4_find_unwritten_pgoff()
- tcp: better validation of received ack sequences
- net: move somaxconn init from sysctl code
- Input: elan_i2c - clear INT before resetting controller
- bonding: Don't update slave->link until ready to commit
- KVM: nVMX: Fix handling of lmsw instruction
- net: llc: add lock_sock in llc_ui_bind to avoid a race condition
- ARM: dts: ls1021a: add "fsl,ls1021a-esdhc" compatible string to esdhc node
- thermal: power_allocator: fix one race condition issue for thermal_instances
list
- perf probe: Add warning message if there is unexpected event name
- l2tp: fix missing print session offset info
- rds; Reset rs->rs_bound_addr in rds_add_bound() failure path
- hwmon: (ina2xx) Make calibration register value fixed
- media: videobuf2-core: don't go out of the buffer range
- ASoC: Intel: cht_bsw_rt5645: Analog Mic support
- scsi: mpt3sas: Proper handling of set/clear of "ATA command pending" flag.
- vfb: fix video mode and line_length being set when loaded
- gpio: label descriptors using the device name
- ASoC: Intel: sst: Fix the return value of 'sst_send_byte_stream_mrfld()'
- wl1251: check return from call to wl1251_acx_arp_ip_filter
- hdlcdrv: Fix divide by zero in hdlcdrv_ioctl
- ovl: filter trusted xattr for non-admin
- powerpc/[booke|4xx]: Don't clobber TCR[WP] when setting TCR[DIE]
- dmaengine: imx-sdma: Handle return value of clk_prepare_enable
- arm64: futex: Fix undefined behaviour with FUTEX_OP_OPARG_SHIFT usage
- net/mlx5: avoid build warning for uniprocessor
- cxgb4: FW upgrade fixes
- rtc: opal: Handle disabled TPO in opal_get_tpo_time()
- rtc: interface: Validate alarm-time before handling rollover
- SUNRPC: ensure correct error is reported by xs_tcp_setup_socket()
- net: freescale: fix potential null pointer dereference
- KVM: SVM: do not zero out segment attributes if segment is unusable or not
present
- clk: scpi: fix return type of __scpi_dvfs_round_rate
- clk: Fix __set_clk_rates error print-string
- powerpc/spufs: Fix coredump of SPU contexts
- perf trace: Add mmap alias for s390
- qlcnic: Fix a sleep-in-atomic bug in qlcnic_82xx_hw_write_wx_2M and
qlcnic_82xx_hw_read_wx_2M
- mISDN: Fix a sleep-in-atomic bug
- drm/omap: fix tiled buffer stride calculations
- cxgb4: fix incorrect cim_la output for T6
- Fix serial console on SNI RM400 machines
- bio-integrity: Do not allocate integrity context for bio w/o data
- skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow
- sit: reload iphdr in ipip6_rcv
- net/mlx4: Fix the check in attaching steering rules
- net/mlx4: Check if Granular QoS per VF has been enabled before updating QP
qos_vport
- perf header: Set proper module name when build-id event found
- perf report: Ensure the perf DSO mapping matches what libdw sees
- tags: honor COMPILED_SOURCE with apart output directory
- e1000e: fix race condition around skb_tstamp_tx()
- cx25840: fix unchecked return values
- mceusb: sporadic RX truncation corruption fix
- net: phy: avoid genphy_aneg_done() for PHYs without clause 22 support
- ARM: imx: Add MXC_CPU_IMX6ULL and cpu_is_imx6ull
- e1000e: Undo e1000e_pm_freeze if __e1000_shutdown fails
- perf/core: Correct event creation with PERF_FORMAT_GROUP
- MIPS: mm: fixed mappings: correct initialisation
- MIPS: mm: adjust PKMAP location
- MIPS: kprobes: flush_insn_slot should flush only if probe initialised
- Fix loop device flush before configure v3
- net: emac: fix reset timeout with AR8035 phy
- skbuff: only inherit relevant tx_flags
- xen: avoid type warning in xchg_xen_ulong
- bnx2x: Allow vfs to disable txvlan offload
- sctp: fix recursive locking warning in sctp_do_peeloff
- sparc64: ldc abort during vds iso boot
- iio: magnetometer: st_magn_spi: fix spi_device_id table
- Bluetooth: Send HCI Set Event Mask Page 2 command only when needed
- cpuidle: dt: Add missing 'of_node_put()'
- ACPICA: Events: Add runtime stub support for event APIs
- ACPICA: Disassembler: Abort on an invalid/unknown AML opcode
- s390/dasd: fix hanging safe offline
- vxlan: dont migrate permanent fdb entries during learn
- bcache: stop writeback thread after detaching
- bcache: segregate flash only volume write streams
- scsi: libsas: fix memory leak in sas_smp_get_phy_events()
- scsi: libsas: fix error when getting phy events
- scsi: libsas: initialize sas_phy status according to response of DISCOVER
- blk-mq: fix kernel oops in blk_mq_tag_idle()
- tty: n_gsm: Allow ADM response in addition to UA for control dlci
- EDAC, mv64x60: Fix an error handling path
- cxgb4vf: Fix SGE FL buffer initialization logic for 64K pages
- perf tools: Fix copyfile_offset update of output offset
- ipsec: check return value of skb_to_sgvec always
- rxrpc: check return value of skb_to_sgvec always
- virtio_net: check return value of skb_to_sgvec always
- virtio_net: check return value of skb_to_sgvec in one more location
- random: use lockless method of accessing and updating f->reg_idx
- futex: Remove requirement for lock_page() in get_futex_key()
- Kbuild: provide a __UNIQUE_ID for clang
- arp: fix arp_filter on l3slave devices
- net: fix possible out-of-bound read in skb_network_protocol()
- net/ipv6: Fix route leaking between VRFs
- netlink: make sure nladdr has correct size in netlink_connect()
- net/sched: fix NULL dereference in the error path of tcf_bpf_init()
- pptp: remove a buggy dst release in pptp_connect()
- sctp: do not leak kernel memory to user space
- sctp: sctp_sockaddr_af must check minimal addr length for AF_INET6
- vhost: correctly remove wait queue during poll failure
- vlan: also check phy_driver ts_info for vlan's real device
- bonding: fix the err path for dev hwaddr sync in bond_enslave
- bonding: move dev_mc_sync after master_upper_dev_link in bond_enslave
- bonding: process the err returned by dev_set_allmulti properly in
bond_enslave
- net: fool proof dev_valid_name()
- ip_tunnel: better validate user provided tunnel names
- ipv6: sit: better validate user provided tunnel names
- ip6_gre: better validate user provided tunnel names
- ip6_tunnel: better validate user provided tunnel names
- vti6: better validate user provided tunnel names
- r8169: fix setting driver_data after register_netdev
- net sched actions: fix dumping which requires several messages to user space
- net/ipv6: Increment OUTxxx counters after netfilter hook
- ipv6: the entire IPv6 header chain must fit the first fragment
- vrf: Fix use after free and double free in vrf_finish_output
- Revert "xhci: plat: Register shutdown for xhci_plat"
- Linux 4.4.128
* sky2 gigabit ethernet driver sometimes stops working after lid-open resume
from sleep (88E8055) (LP: #1758507) // Xenial update to 4.4.128 stable
release (LP: #1765010)
- sky2: Increase D3 delay to sky2 stops working after suspend
* Xenial update to 4.4.127 stable release (LP: #1765007)
- mtd: jedec_probe: Fix crash in jedec_read_mfr()
- ALSA: pcm: Use dma_bytes as size parameter in dma_mmap_coherent()
- ALSA: pcm: potential uninitialized return values
- partitions/msdos: Unable to mount UFS 44bsd partitions
- usb: gadget: define free_ep_req as universal function
- usb: gadget: change len to size_t on alloc_ep_req()
- usb: gadget: fix usb_ep_align_maybe endianness and new usb_ep_align
- usb: gadget: align buffer size when allocating for OUT endpoint
- usb: gadget: f_hid: fix: Prevent accessing released memory
- kprobes/x86: Fix to set RWX bits correctly before releasing trampoline
- ACPI, PCI, irq: remove redundant check for null string pointer
- writeback: fix the wrong congested state variable definition
- PCI: Make PCI_ROM_ADDRESS_MASK a 32-bit constant
- dm ioctl: remove double parentheses
- Input: mousedev - fix implicit conversion warning
- netfilter: nf_nat_h323: fix logical-not-parentheses warning
- genirq: Use cpumask_available() for check of cpumask variable
- cpumask: Add helper cpumask_available()
- selinux: Remove unnecessary check of array base in selinux_set_mapping()
- fs: compat: Remove warning from COMPATIBLE_IOCTL
- jiffies.h: declare jiffies and jiffies_64 with ____cacheline_aligned_in_smp
- frv: declare jiffies to be located in the .data section
- audit: add tty field to LOGIN event
- tty: provide tty_name() even without CONFIG_TTY
- netfilter: ctnetlink: Make some parameters integer to avoid enum mismatch
- selinux: Remove redundant check for unknown labeling behavior
- arm64: avoid overflow in VA_START and PAGE_OFFSET
- xfrm_user: uncoditionally validate esn replay attribute struct
- RDMA/ucma: Check AF family prior resolving address
- RDMA/ucma: Fix use-after-free access in ucma_close
- RDMA/ucma: Ensure that CM_ID exists prior to access it
- RDMA/ucma: Check that device is connected prior to access it
- RDMA/ucma: Check that device exists prior to accessing it
- RDMA/ucma: Don't allow join attempts for unsupported AF family
- RDMA/ucma: Introduce safer rdma_addr_size() variants
- net: xfrm: use preempt-safe this_cpu_read() in ipcomp_alloc_tfms()
- xfrm: Refuse to insert 32 bit userspace socket policies on 64 bit systems
- netfilter: bridge: ebt_among: add more missing match size checks
- netfilter: x_tables: add and use xt_check_proc_name
- Bluetooth: Fix missing encryption refresh on Security Request
- llist: clang: introduce member_address_is_nonnull()
- scsi: virtio_scsi: always read VPD pages for multiqueue too
- usb: dwc2: Improve gadget state disconnection handling
- USB: serial: ftdi_sio: add RT Systems VX-8 cable
- USB: serial: ftdi_sio: add support for Harman FirmwareHubEmulator
- USB: serial: cp210x: add ELDAT Easywave RX09 id
- mei: remove dev_err message on an unsupported ioctl
- media: usbtv: prevent double free in error case
- parport_pc: Add support for WCH CH382L PCI-E single parallel port card.
- crypto: ahash - Fix early termination in hash walk
- crypto: x86/cast5-avx - fix ECB encryption when long sg follows short one
- fs/proc: Stop trying to report thread stacks
- staging: comedi: ni_mio_common: ack ai fifo error interrupts.
- Input: i8042 - add Lenovo ThinkPad L460 to i8042 reset list
- Input: i8042 - enable MUX on Sony VAIO VGN-CS series to fix touchpad
- vt: change SGR 21 to follow the standards
- Documentation: pinctrl: palmas: Add ti,palmas-powerhold-override property
definition
- ARM: dts: dra7: Add power hold and power controller properties to palmas
- ARM: dts: am57xx-beagle-x15-common: Add overide powerhold property
- md/raid10: reset the 'first' at the end of loop
- net: hns: Fix ethtool private flags
- Revert "PCI/MSI: Stop disabling MSI/MSI-X in pci_device_shutdown()"
- Revert "ARM: dts: am335x-pepper: Fix the audio CODEC's reset pin"
- Revert "ARM: dts: omap3-n900: Fix the audio CODEC's reset pin"
- Revert "cpufreq: Fix governor module removal race"
- Revert "mtip32xx: use runtime tag to initialize command header"
- spi: davinci: fix up dma_mapping_error() incorrect patch
- net: cavium: liquidio: fix up "Avoid dma_unmap_single on uninitialized
ndata"
- Revert "ip6_vti: adjust vti mtu according to mtu of lower device"
- Linux 4.4.127
* Xenial update to 4.4.126 stable release (LP: #1764999)
- scsi: sg: don't return bogus Sg_requests
- Revert "genirq: Use irqd_get_trigger_type to compare the trigger type for
shared IRQs"
- net: Fix hlist corruptions in inet_evict_bucket()
- dccp: check sk for closed state in dccp_sendmsg()
- ipv6: fix access to non-linear packet in ndisc_fill_redirect_hdr_option()
- l2tp: do not accept arbitrary sockets
- net: ethernet: arc: Fix a potential memory leak if an optional regulator is
deferred
- net: ethernet: ti: cpsw: add check for in-band mode setting with RGMII PHY
interface
- net/iucv: Free memory obtained by kzalloc
- netlink: avoid a double skb free in genlmsg_mcast()
- net: Only honor ifindex in IP_PKTINFO if non-0
- skbuff: Fix not waking applications when errors are enqueued
- team: Fix double free in error path
- s390/qeth: free netdevice when removing a card
- s390/qeth: when thread completes, wake up all waiters
- s390/qeth: lock read device while queueing next buffer
- s390/qeth: on channel error, reject further cmd requests
- ieee802154: 6lowpan: fix possible NULL deref in lowpan_device_event()
- net: fec: Fix unbalanced PM runtime calls
- net: systemport: Rewrite __bcm_sysport_tx_reclaim()
- Linux 4.4.126
* Xenial update to 4.4.125 stable release (LP: #1764973)
- MIPS: ralink: Remove ralink_halt()
- iio: st_pressure: st_accel: pass correct platform data to init
- ALSA: usb-audio: Fix parsing descriptor of UAC2 processing unit
- ALSA: aloop: Sync stale timer before release
- ALSA: aloop: Fix access to not-yet-ready substream via cable
- ALSA: hda/realtek - Always immediately update mute LED with pin VREF
- mmc: dw_mmc: fix falling from idmac to PIO mode when dw_mci_reset occurs
- PCI: Add function 1 DMA alias quirk for Highpoint RocketRAID 644L
- ahci: Add PCI-id for the Highpoint Rocketraid 644L card
- clk: bcm2835: Protect sections updating shared registers
- Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174
- libata: fix length validation of ATAPI-relayed SCSI commands
- libata: remove WARN() for DMA or PIO command without data
- libata: Apply NOLPM quirk to Crucial MX100 512GB SSDs
- libata: Enable queued TRIM for Samsung SSD 860
- libata: Apply NOLPM quirk to Crucial M500 480 and 960GB SSDs
- libata: Make Crucial BX100 500GB LPM quirk apply to all firmware versions
- libata: Modify quirks for MX100 to limit NCQ_TRIM quirk to MU01 version
- mm/vmalloc: add interfaces to free unmapped page table
- x86/mm: implement free pmd/pte page interfaces
- drm/vmwgfx: Fix a destoy-while-held mutex problem.
- drm/radeon: Don't turn off DP sink when disconnected
- drm: udl: Properly check framebuffer mmap offsets
- acpi, numa: fix pxm to online numa node associations
- brcmfmac: fix P2P_DEVICE ethernet address generation
- rtlwifi: rtl8723be: Fix loss of signal
- tracing: probeevent: Fix to support minus offset from symbol
- mtd: nand: fsl_ifc: Fix nand waitfunc return value
- staging: ncpfs: memory corruption in ncp_read_kernel()
- can: cc770: Fix stalls on rt-linux, remove redundant IRQ ack
- can: cc770: Fix queue stall & dropped RTR reply
- can: cc770: Fix use after free in cc770_tx_interrupt()
- tty: vt: fix up tabstops properly
- x86/build/64: Force the linker to use 2MB page size
- x86/boot/64: Verify alignment of the LOAD segment
- perf/x86/intel: Don't accidentally clear high bits in bdw_limit_period()
- staging: lustre: ptlrpc: kfree used instead of kvfree
- kbuild: disable clang's default use of -fmerge-all-constants
- bpf: skip unnecessary capability check
- bpf, x64: increase number of passes
- Linux 4.4.125
* System fails to start (boot) on battery due to read-only root file-system
(LP: #1726930) // Xenial update to 4.4.125 stable release (LP: #1764973)
- libata: disable LPM for Crucial BX100 SSD 500GB drive
* Xenial update to 4.4.124 stable release (LP: #1764762)
- tpm: fix potential buffer overruns caused by bit glitches on the bus
- tpm_tis: fix potential buffer overruns caused by bit glitches on the bus
- staging: android: ashmem: Fix possible deadlock in ashmem_ioctl
- platform/x86: asus-nb-wmi: Add wapf4 quirk for the X302UA
- regulator: anatop: set default voltage selector for pcie
- x86: i8259: export legacy_pic symbol
- rtc: cmos: Do not assume irq 8 for rtc when there are no legacy irqs
- Input: ar1021_i2c - fix too long name in driver's device table
- time: Change posix clocks ops interfaces to use timespec64
- ACPI/processor: Fix error handling in __acpi_processor_start()
- ACPI/processor: Replace racy task affinity logic
- cpufreq/sh: Replace racy task affinity logic
- genirq: Use irqd_get_trigger_type to compare the trigger type for shared
IRQs
- i2c: i2c-scmi: add a MS HID
- net: ipv6: send unsolicited NA on admin up
- media/dvb-core: Race condition when writing to CAM
- spi: dw: Disable clock after unregistering the host
- ath: Fix updating radar flags for coutry code India
- clk: ns2: Correct SDIO bits
- scsi: virtio_scsi: Always try to read VPD pages
- KVM: PPC: Book3S PR: Exit KVM on failed mapping
- ARM: 8668/1: ftrace: Fix dynamic ftrace with DEBUG_RODATA and !FRAME_POINTER
- iommu/omap: Register driver before setting IOMMU ops
- md/raid10: wait up frozen array in handle_write_completed
- NFS: Fix missing pg_cleanup after nfs_pageio_cond_complete()
- tcp: remove poll() flakes with FastOpen
- e1000e: fix timing for 82579 Gigabit Ethernet controller
- ALSA: hda - Fix headset microphone detection for ASUS N551 and N751
- IB/ipoib: Fix deadlock between ipoib_stop and mcast join flow
- IB/ipoib: Update broadcast object if PKey value was changed in index 0
- HSI: ssi_protocol: double free in ssip_pn_xmit()
- IB/mlx4: Take write semaphore when changing the vma struct
- IB/mlx4: Change vma from shared to private
- ASoC: Intel: Skylake: Uninitialized variable in probe_codec()
- Fix driver usage of 128B WQEs when WQ_CREATE is V1.
- netfilter: xt_CT: fix refcnt leak on error path
- openvswitch: Delete conntrack entry clashing with an expectation.
- mmc: host: omap_hsmmc: checking for NULL instead of IS_ERR()
- wan: pc300too: abort path on failure
- qlcnic: fix unchecked return value
- scsi: mac_esp: Replace bogus memory barrier with spinlock
- infiniband/uverbs: Fix integer overflows
- NFS: don't try to cross a mountpount when there isn't one there.
- Revert "UBUNTU: SAUCE: (no-up) iio: st_pressure: st_accel: Initialise sensor
platform data properly"
- iio: st_pressure: st_accel: Initialise sensor platform data properly
- mt7601u: check return value of alloc_skb
- rndis_wlan: add return value validation
- Btrfs: send, fix file hole not being preserved due to inline extent
- mac80211: don't parse encrypted management frames in ieee80211_frame_acked
- mfd: palmas: Reset the POWERHOLD mux during power off
- mtip32xx: use runtime tag to initialize command header
- staging: unisys: visorhba: fix s-Par to boot with option CONFIG_VMAP_STACK
set to y
- staging: wilc1000: fix unchecked return value
- mmc: sdhci-of-esdhc: limit SD clock for ls1012a/ls1046a
- ARM: DRA7: clockdomain: Change the CLKTRCTRL of CM_PCIE_CLKSTCTRL to SW_WKUP
- ipmi/watchdog: fix wdog hang on panic waiting for ipmi response
- ACPI / PMIC: xpower: Fix power_table addresses
- drm/nouveau/kms: Increase max retries in scanout position queries.
- bnx2x: Align RX buffers
- power: supply: pda_power: move from timer to delayed_work
- Input: twl4030-pwrbutton - use correct device for irq request
- md/raid10: skip spare disk as 'first' disk
- ia64: fix module loading for gcc-5.4
- tcm_fileio: Prevent information leak for short reads
- video: fbdev: udlfb: Fix buffer on stack
- sm501fb: don't return zero on failure path in sm501fb_start()
- net: hns: fix ethtool_get_strings overflow in hns driver
- cifs: small underflow in cnvrtDosUnixTm()
- rtc: ds1374: wdt: Fix issue with timeout scaling from secs to wdt ticks
- rtc: ds1374: wdt: Fix stop/start ioctl always returning -EINVAL
- perf tests kmod-path: Don't fail if compressed modules aren't supported
- Bluetooth: hci_qca: Avoid setup failure on missing rampatch
- media: c8sectpfe: fix potential NULL pointer dereference in
c8sectpfe_timer_interrupt
- drm/msm: fix leak in failed get_pages
- RDMA/iwpm: Fix uninitialized error code in iwpm_send_mapinfo()
- rtlwifi: rtl_pci: Fix the bug when inactiveps is enabled.
- media: bt8xx: Fix err 'bt878_probe()'
- media: [RESEND] media: dvb-frontends: Add delay to Si2168 restart
- cros_ec: fix nul-termination for firmware build info
- platform/chrome: Use proper protocol transfer function
- mmc: avoid removing non-removable hosts during suspend
- IB/ipoib: Avoid memory leak if the SA returns a different DGID
- RDMA/cma: Use correct size when writing netlink stats
- IB/umem: Fix use of npages/nmap fields
- vgacon: Set VGA struct resource types
- drm/omap: DMM: Check for DMM readiness after successful transaction commit
- pty: cancel pty slave port buf's work in tty_release
- coresight: Fix disabling of CoreSight TPIU
- pinctrl: Really force states during suspend/resume
- iommu/vt-d: clean up pr_irq if request_threaded_irq fails
- ip6_vti: adjust vti mtu according to mtu of lower device
- RDMA/ocrdma: Fix permissions for OCRDMA_RESET_STATS
- nfsd4: permit layoutget of executable-only files
- clk: si5351: Rename internal plls to avoid name collisions
- dmaengine: ti-dma-crossbar: Fix event mapping for TPCC_EVT_MUX_60_63
- RDMA/ucma: Fix access to non-initialized CM_ID object
- Linux 4.4.124
* Xenial update to 4.4.123 stable release (LP: #1764666)
- blkcg: fix double free of new_blkg in blkcg_init_queue
- Input: tsc2007 - check for presence and power down tsc2007 during probe
- staging: speakup: Replace BUG_ON() with WARN_ON().
- staging: wilc1000: add check for kmalloc allocation failure.
- HID: reject input outside logical range only if null state is set
- drm: qxl: Don't alloc fbdev if emulation is not supported
- ath10k: fix a warning during channel switch with multiple vaps
- PCI/MSI: Stop disabling MSI/MSI-X in pci_device_shutdown()
- selinux: check for address length in selinux_socket_bind()
- perf sort: Fix segfault with basic block 'cycles' sort dimension
- i40e: Acquire NVM lock before reads on all devices
- i40e: fix ethtool to get EEPROM data from X722 interface
- perf tools: Make perf_event__synthesize_mmap_events() scale
- drivers: net: xgene: Fix hardware checksum setting
- drm: Defer disabling the vblank IRQ until the next interrupt (for instant-
off)
- ath10k: disallow DFS simulation if DFS channel is not enabled
- perf probe: Return errno when not hitting any event
- HID: clamp input to logical range if no null state
- net/8021q: create device with all possible features in wanted_features
- ARM: dts: Adjust moxart IRQ controller and flags
- batman-adv: handle race condition for claims between gateways
- of: fix of_device_get_modalias returned length when truncating buffers
- solo6x10: release vb2 buffers in solo_stop_streaming()
- scsi: ipr: Fix missed EH wakeup
- media: i2c/soc_camera: fix ov6650 sensor getting wrong clock
- timers, sched_clock: Update timeout for clock wrap
- sysrq: Reset the watchdog timers while displaying high-resolution timers
- Input: qt1070 - add OF device ID table
- sched: act_csum: don't mangle TCP and UDP GSO packets
- ASoC: rcar: ssi: don't set SSICR.CKDV = 000 with SSIWSR.CONT
- spi: omap2-mcspi: poll OMAP2_MCSPI_CHSTAT_RXS for PIO transfer
- tcp: sysctl: Fix a race to avoid unexpected 0 window from space
- dmaengine: imx-sdma: add 1ms delay to ensure SDMA channel is stopped
- driver: (adm1275) set the m,b and R coefficients correctly for power
- mm: Fix false-positive VM_BUG_ON() in page_cache_{get,add}_speculative()
- blk-throttle: make sure expire time isn't too big
- f2fs: relax node version check for victim data in gc
- bonding: refine bond_fold_stats() wrap detection
- braille-console: Fix value returned by _braille_console_setup
- drm/vmwgfx: Fixes to vmwgfx_fb
- vxlan: vxlan dev should inherit lowerdev's gso_max_size
- NFC: nfcmrvl: Include unaligned.h instead of access_ok.h
- NFC: nfcmrvl: double free on error path
- ARM: dts: r8a7790: Correct parent of SSI[0-9] clocks
- ARM: dts: r8a7791: Correct parent of SSI[0-9] clocks
- powerpc: Avoid taking a data miss on every userspace instruction miss
- net/faraday: Add missing include of of.h
- ARM: dts: koelsch: Correct clock frequency of X2 DU clock input
- reiserfs: Make cancel_old_flush() reliable
- ALSA: firewire-digi00x: handle all MIDI messages on streaming packets
- fm10k: correctly check if interface is removed
- apparmor: Make path_max parameter readonly
- iommu/iova: Fix underflow bug in __alloc_and_insert_iova_range
- video: ARM CLCD: fix dma allocation size
- drm/radeon: Fail fb creation from imported dma-bufs.
- drm/amdgpu: Fail fb creation from imported dma-bufs. (v2)
- coresight: Fixes coresight DT parse to get correct output port ID.
- MIPS: BPF: Quit clobbering callee saved registers in JIT code.
- MIPS: BPF: Fix multiple problems in JIT skb access helpers.
- MIPS: r2-on-r6-emu: Fix BLEZL and BGTZL identification
- MIPS: r2-on-r6-emu: Clear BLTZALL and BGEZALL debugfs counters
- regulator: isl9305: fix array size
- md/raid6: Fix anomily when recovering a single device in RAID6.
- usb: dwc2: Make sure we disconnect the gadget state
- usb: gadget: dummy_hcd: Fix wrong power status bit clear/reset in
dummy_hub_control()
- drivers/perf: arm_pmu: handle no platform_device
- perf inject: Copy events when reordering events in pipe mode
- perf session: Don't rely on evlist in pipe mode
- scsi: sg: check for valid direction before starting the request
- scsi: sg: close race condition in sg_remove_sfp_usercontext()
- kprobes/x86: Fix kprobe-booster not to boost far call instructions
- kprobes/x86: Set kprobes pages read-only
- pwm: tegra: Increase precision in PWM rate calculation
- wil6210: fix memory access violation in wil_memcpy_from/toio_32
- drm/edid: set ELD connector type in drm_edid_to_eld()
- video/hdmi: Allow "empty" HDMI infoframes
- HID: elo: clear BTN_LEFT mapping
- ARM: dts: exynos: Correct Trats2 panel reset line
- sched: Stop switched_to_rt() from sending IPIs to offline CPUs
- sched: Stop resched_cpu() from sending IPIs to offline CPUs
- test_firmware: fix setting old custom fw path back on exit
- net: xfrm: allow clearing socket xfrm policies.
- mtd: nand: fix interpretation of NAND_CMD_NONE in nand_command[_lp]()
- ARM: dts: am335x-pepper: Fix the audio CODEC's reset pin
- ARM: dts: omap3-n900: Fix the audio CODEC's reset pin
- ath10k: update tdls teardown state to target
- cpufreq: Fix governor module removal race
- clk: qcom: msm8916: fix mnd_width for codec_digcodec
- ath10k: fix invalid STS_CAP_OFFSET_MASK
- tools/usbip: fixes build with musl libc toolchain
- spi: sun6i: disable/unprepare clocks on remove
- scsi: core: scsi_get_device_flags_keyed(): Always return device flags
- scsi: devinfo: apply to HP XP the same flags as Hitachi VSP
- scsi: dh: add new rdac devices
- media: cpia2: Fix a couple off by one bugs
- veth: set peer GSO values
- drm/amdkfd: Fix memory leaks in kfd topology
- agp/intel: Flush all chipset writes after updating the GGTT
- mac80211_hwsim: enforce PS_MANUAL_POLL to be set after PS_ENABLED
- mac80211: remove BUG() when interface type is invalid
- ASoC: nuc900: Fix a loop timeout test
- ipvlan: add L2 check for packets arriving via virtual devices
- rcutorture/configinit: Fix build directory error message
- ima: relax requiring a file signature for new files with zero length
- selftests/x86/entry_from_vm86: Exit with 1 if we fail
- selftests/x86: Add tests for User-Mode Instruction Prevention
- selftests/x86: Add tests for the STR and SLDT instructions
- selftests/x86/entry_from_vm86: Add test cases for POPF
- x86/vm86/32: Fix POPF emulation
- x86/mm: Fix vmalloc_fault to use pXd_large
- ALSA: pcm: Fix UAF in snd_pcm_oss_get_formats()
- ALSA: hda - Revert power_save option default value
- ALSA: seq: Fix possible UAF in snd_seq_check_queue()
- ALSA: seq: Clear client entry before deleting else at closing
- drm/amdgpu/dce: Don't turn off DP sink when disconnected
- fs: Teach path_connected to handle nfs filesystems with multiple roots.
- lock_parent() needs to recheck if dentry got __dentry_kill'ed under it
- fs/aio: Add explicit RCU grace period when freeing kioctx
- fs/aio: Use RCU accessors for kioctx_table->table[]
- irqchip/gic-v3-its: Ensure nr_ites >= nr_lpis
- scsi: sg: fix SG_DXFER_FROM_DEV transfers
- scsi: sg: fix static checker warning in sg_is_valid_dxfer
- scsi: sg: only check for dxfer_len greater than 256M
- ARM: dts: LogicPD Torpedo: Fix I2C1 pinmux
- btrfs: alloc_chunk: fix DUP stripe size handling
- btrfs: Fix use-after-free when cleaning up fs_devs with a single stale
device
- USB: gadget: udc: Add missing platform_device_put() on error in
bdc_pci_probe()
- usb: gadget: bdc: 64-bit pointer capability check
- Linux 4.4.123
* Xenial update to 4.4.123 stable release (LP: #1764666) // CVE-2017-16995
- Revert "bpf: fix incorrect sign extension in check_alu_op()"
- bpf: fix incorrect sign extension in check_alu_op()
* Xenial update to 4.4.122 stable release (LP: #1764627)
- RDMA/ucma: Limit possible option size
- RDMA/ucma: Check that user doesn't overflow QP state
- RDMA/mlx5: Fix integer overflow while resizing CQ
- scsi: qla2xxx: Fix NULL pointer crash due to active timer for ABTS
- workqueue: Allow retrieval of current task's work struct
- drm: Allow determining if current task is output poll worker
- drm/nouveau: Fix deadlock on runtime suspend
- drm/radeon: Fix deadlock on runtime suspend
- drm/amdgpu: Fix deadlock on runtime suspend
- drm/amdgpu: Notify sbios device ready before send request
- drm/radeon: fix KV harvesting
- drm/amdgpu: fix KV harvesting
- MIPS: BMIPS: Do not mask IPIs during suspend
- MIPS: ath25: Check for kzalloc allocation failure
- MIPS: OCTEON: irq: Check for null return on kzalloc allocation
- Input: matrix_keypad - fix race when disabling interrupts
- loop: Fix lost writes caused by missing flag
- kbuild: Handle builtin dtb file names containing hyphens
- bcache: don't attach backing with duplicate UUID
- x86/MCE: Serialize sysfs changes
- ALSA: hda/realtek - Fix dock line-out volume on Dell Precision 7520
- ALSA: seq: More protection for concurrent write and ioctl races
- ALSA: hda: add dock and led support for HP EliteBook 820 G3
- ALSA: hda: add dock and led support for HP ProBook 640 G2
- watchdog: hpwdt: SMBIOS check
- watchdog: hpwdt: Check source of NMI
- watchdog: hpwdt: fix unused variable warning
- netfilter: nfnetlink_queue: fix timestamp attribute
- Input: tca8418_keypad - remove double read of key event register
- tc358743: fix register i2c_rd/wr function fix
- netfilter: add back stackpointer size checks
- netfilter: x_tables: fix missing timer initialization in xt_LED
- netfilter: nat: cope with negative port range
- netfilter: IDLETIMER: be syzkaller friendly
- netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets
- netfilter: bridge: ebt_among: add missing match size checks
- netfilter: ipv6: fix use-after-free Write in nf_nat_ipv6_manip_pkt
- netfilter: use skb_to_full_sk in ip_route_me_harder
- ext4: inplace xattr block update fails to deduplicate blocks
- ubi: Fix race condition between ubi volume creation and udev
- scsi: qla2xxx: Replace fcport alloc with qla2x00_alloc_fcport
- NFS: Fix an incorrect type in struct nfs_direct_req
- Revert "ARM: dts: LogicPD Torpedo: Fix I2C1 pinmux"
- x86/module: Detect and skip invalid relocations
- x86: Treat R_X86_64_PLT32 as R_X86_64_PC32
- serial: sh-sci: prevent lockup on full TTY buffers
- tty/serial: atmel: add new version check for usart
- uas: fix comparison for error code
- staging: comedi: fix comedi_nsamples_left.
- staging: android: ashmem: Fix lockdep issue during llseek
- USB: storage: Add JMicron bridge 152d:2567 to unusual_devs.h
- usb: quirks: add control message delay for 1b1c:1b20
- USB: usbmon: remove assignment from IS_ERR argument
- usb: usbmon: Read text within supplied buffer size
- usb: gadget: f_fs: Fix use-after-free in ffs_fs_kill_sb()
- serial: 8250_pci: Add Brainboxes UC-260 4 port serial device
- fixup: sctp: verify size of a new chunk in _sctp_make_chunk()
- Linux 4.4.122
* Xenial update to 4.4.122 stable release (LP: #1764627) // CVE-2018-1000004.
- ALSA: seq: Don't allow resizing pool in use
* Xenial update to 4.4.121 stable release (LP: #1764367)
- tpm: st33zp24: fix potential buffer overruns caused by bit glitches on the
bus
- tpm_i2c_infineon: fix potential buffer overruns caused by bit glitches on
the bus
- tpm_i2c_nuvoton: fix potential buffer overruns caused by bit glitches on the
bus
- ALSA: usb-audio: Add a quirck for B&W PX headphones
- ALSA: hda: Add a power_save blacklist
- cpufreq: s3c24xx: Fix broken s3c_cpufreq_init()
- media: m88ds3103: don't call a non-initalized function
- ARM: mvebu: Fix broken PL310_ERRATA_753970 selects
- KVM: mmu: Fix overlap between public and private memslots
- btrfs: Don't clear SGID when inheriting ACLs
- ARM: dts: LogicPD Torpedo: Fix I2C1 pinmux
- x86/apic/vector: Handle legacy irq data correctly
- leds: do not overflow sysfs buffer in led_trigger_show
- x86/spectre: Fix an error message
- bridge: check brport attr show in brport_show
- fib_semantics: Don't match route with mismatching tclassid
- hdlc_ppp: carrier detect ok, don't turn off negotiation
- ipv6 sit: work around bogus gcc-8 -Wrestrict warning
- net: fix race on decreasing number of TX queues
- net: ipv4: don't allow setting net.ipv4.route.min_pmtu below 68
- netlink: ensure to loop over all netns in genlmsg_multicast_allns()
- ppp: prevent unregistered channels from connecting to PPP units
- udplite: fix partial checksum initialization
- sctp: fix dst refcnt leak in sctp_v4_get_dst
- sctp: fix dst refcnt leak in sctp_v6_get_dst()
- s390/qeth: fix SETIP command handling
- s390/qeth: fix IPA command submission race
- sctp: verify size of a new chunk in _sctp_make_chunk()
- net: mpls: Pull common label check into helper
- dm io: fix duplicate bio completion due to missing ref count
- bpf, x64: implement retpoline for tail call
- btrfs: preserve i_mode if __btrfs_set_acl() fails
- Linux 4.4.121
* Xenial update to 4.4.120 stable release (LP: #1764316)
- hrtimer: Ensure POSIX compliance (relative CLOCK_REALTIME hrtimers)
- f2fs: fix a bug caused by NULL extent tree
- mtd: nand: gpmi: Fix failure when a erased page has a bitflip at BBM
- ipv6: icmp6: Allow icmp messages to be looped back
- ARM: 8731/1: Fix csum_partial_copy_from_user() stack mismatch
- sget(): handle failures of register_shrinker()
- drm/nouveau/pci: do a msi rearm on init
- spi: atmel: fixed spin_lock usage inside atmel_spi_remove
- net: arc_emac: fix arc_emac_rx() error paths
- scsi: storvsc: Fix scsi_cmd error assignments in storvsc_handle_error
- ARM: dts: ls1021a: fix incorrect clock references
- lib/mpi: Fix umul_ppmm() for MIPS64r6
- tg3: Add workaround to restrict 5762 MRRS to 2048
- tg3: Enable PHY reset in MTU change path for 5720
- bnx2x: Improve reliability in case of nested PCI errors
- s390/dasd: fix wrongly assigned configuration data
- IB/mlx4: Fix mlx4_ib_alloc_mr error flow
- IB/ipoib: Fix race condition in neigh creation
- xfs: quota: fix missed destroy of qi_tree_lock
- xfs: quota: check result of register_shrinker()
- e1000: fix disabling already-disabled warning
- drm/ttm: check the return value of kzalloc
- mac80211: mesh: drop frames appearing to be from us
- can: flex_can: Correct the checking for frame length in flexcan_start_xmit()
- bnxt_en: Fix the 'Invalid VF' id check in bnxt_vf_ndo_prep routine.
- xen-netfront: enable device after manual module load
- mdio-sun4i: Fix a memory leak
- SolutionEngine771x: fix Ether platform data
- xen/gntdev: Fix off-by-one error when unmapping with holes
- xen/gntdev: Fix partial gntdev_mmap() cleanup
- sctp: make use of pre-calculated len
- net: gianfar_ptp: move set_fipers() to spinlock protecting area
- MIPS: Implement __multi3 for GCC7 MIPS64r6 builds
- Linux 4.4.120
* Xenial update to 4.4.119 stable release (LP: #1762453)
- netfilter: drop outermost socket lock in getsockopt()
- powerpc/64s: Fix RFI flush dependency on HARDLOCKUP_DETECTOR
- PCI: keystone: Fix interrupt-controller-node lookup
- ip_tunnel: replace dst_cache with generic implementation
- ip_tunnel: fix preempt warning in ip tunnel creation/updating
- scsi: ibmvfc: fix misdefined reserved field in ibmvfc_fcp_rsp_info
- cfg80211: fix cfg80211_beacon_dup
- iio: buffer: check if a buffer has been set up when poll is called
- iio: adis_lib: Initialize trigger before requesting interrupt
- x86/oprofile: Fix bogus GCC-8 warning in nmi_setup()
- irqchip/gic-v3: Use wmb() instead of smb_wmb() in gic_raise_softirq()
- usb: ohci: Proper handling of ed_rm_list to handle race condition between
usb_kill_urb() and finish_unlinks()
- arm64: Disable unhandled signal log messages by default
- Add delay-init quirk for Corsair K70 RGB keyboards
- usb: dwc3: gadget: Set maxpacket size for ep0 IN
- usb: ldusb: add PIDs for new CASSY devices supported by this driver
- usb: gadget: f_fs: Process all descriptors during bind
- usb: renesas_usbhs: missed the "running" flag in usb_dmac with rx path
- drm/amdgpu: Avoid leaking PM domain on driver unbind (v2)
- binder: add missing binder_unlock()
- Linux 4.4.119
* [regression] Colour banding and artefacts appear system-wide on an Asus
Zenbook UX303LA with Intel HD 4400 graphics (LP: #1749420) // Xenial update
to 4.4.119 stable release (LP: #1762453)
- drm/edid: Add 6 bpc quirk for CPT panel in Asus UX303LA
* Xenial update to 4.4.118 stable release (LP: #1756866)
- net: add dst_cache support
- [Config] Add CONFIG_DST_CACHE=y
- net: replace dst_cache ip6_tunnel implementation with the generic one
- cfg80211: check dev_set_name() return value
- mm,vmscan: Make unregister_shrinker() no-op if register_shrinker() failed.
- xfrm: Fix stack-out-of-bounds read on socket policy lookup.
- xfrm: check id proto in validate_tmpl()
- blktrace: fix unlocked registration of tracepoints
- drm: Require __GFP_NOFAIL for the legacy drm_modeset_lock_all
- Provide a function to create a NUL-terminated string from unterminated data
- selinux: ensure the context is NUL terminated in
security_context_to_sid_core()
- selinux: skip bounded transition processing if the policy isn't loaded
- crypto: x86/twofish-3way - Fix %rbp usage
- KVM: x86: fix escape of guest dr6 to the host
- netfilter: x_tables: fix int overflow in xt_alloc_table_info()
- netfilter: x_tables: avoid out-of-bounds reads in
xt_request_find_{match|target}
- netfilter: ipt_CLUSTERIP: fix out-of-bounds accesses in clusterip_tg_check()
- netfilter: on sockopt() acquire sock lock only in the required scope
- netfilter: xt_RATEEST: acquire xt_rateest_mutex for hash insert
- net: avoid skb_warn_bad_offload on IS_ERR
- ASoC: ux500: add MODULE_LICENSE tag
- video: fbdev/mmp: add MODULE_LICENSE
- arm64: dts: add #cooling-cells to CPU nodes
- Make DST_CACHE a silent config option
- dn_getsockoptdecnet: move nf_{get/set}sockopt outside sock lock
- staging: android: ashmem: Fix a race condition in pin ioctls
- binder: check for binder_thread allocation failure in binder_poll()
- staging: iio: adc: ad7192: fix external frequency setting
- usbip: keep usbip_device sockfd state in sync with tcp_socket
- usb: build drivers/usb/common/ when USB_SUPPORT is set
- ARM: OMAP2+: Fix SRAM virt to phys translation for save_secure_ram_context
- ARM: AM33xx: PRM: Remove am33xx_pwrdm_read_prev_pwrst function
- ARM: dts: Fix omap4 hang with GPS connected to USB by using wakeupgen
- ARM: dts: am4372: Correct the interrupts_properties of McASP
- perf top: Fix window dimensions change handling
- perf bench numa: Fixup discontiguous/sparse numa nodes
- media: s5k6aa: describe some function parameters
- pinctrl: sunxi: Fix A80 interrupt pin bank
- RDMA/cma: Make sure that PSN is not over max allowed
- scripts/kernel-doc: Don't fail with status != 0 if error encountered with
-none
- ipvlan: Add the skb->mark as flow4's member to lookup route
- powerpc/perf: Fix oops when grouping different pmu events
- s390/dasd: prevent prefix I/O error
- gianfar: fix a flooded alignment reports because of padding issue.
- net_sched: red: Avoid devision by zero
- net_sched: red: Avoid illegal values
- btrfs: Fix possible off-by-one in btrfs_search_path_in_tree
- 509: fix printing uninitialized stack memory when OID is empty
- dmaengine: ioat: Fix error handling path
- dmaengine: at_hdmac: fix potential NULL pointer dereference in
atc_prep_dma_interleaved
- clk: fix a panic error caused by accessing NULL pointer
- ASoC: rockchip: disable clock on error
- spi: sun4i: disable clocks in the remove function
- xfrm: Fix stack-out-of-bounds with misconfigured transport mode policies.
- drm/armada: fix leak of crtc structure
- dmaengine: jz4740: disable/unprepare clk if probe fails
- mm/early_ioremap: Fix boot hang with earlyprintk=efi,keep
- x86/mm/kmmio: Fix mmiotrace for page unaligned addresses
- xen: XEN_ACPI_PROCESSOR is Dom0-only
- hippi: Fix a Fix a possible sleep-in-atomic bug in rr_close
- virtio_balloon: prevent uninitialized variable use
- isdn: icn: remove a #warning
- vmxnet3: prevent building with 64K pages
- [Config] ppc64el: Drop vmxnet3 module
- gpio: intel-mid: Fix build warning when !CONFIG_PM
- platform/x86: intel_mid_thermal: Fix suspend handlers unused warning
- video: fbdev: via: remove possibly unused variables
- scsi: advansys: fix build warning for PCI=n
- x86/ras/inject: Make it depend on X86_LOCAL_APIC=y
- arm64: define BUG() instruction without CONFIG_BUG
- x86/fpu/math-emu: Fix possible uninitialized variable use
- tools build: Add tools tree support for 'make -s'
- x86/build: Silence the build with "make -s"
- thermal: fix INTEL_SOC_DTS_IOSF_CORE dependencies
- x86: add MULTIUSER dependency for KVM
- x86/platform: Add PCI dependency for PUNIT_ATOM_DEBUG
- scsi: advansys: fix uninitialized data access
- arm64: Kconfig: select COMPAT_BINFMT_ELF only when BINFMT_ELF is set
- ALSA: hda/ca0132 - fix possible NULL pointer use
- reiserfs: avoid a -Wmaybe-uninitialized warning
- ssb: mark ssb_bus_register as __maybe_unused
- thermal: spear: use __maybe_unused for PM functions
- x86/boot: Avoid warning for zero-filling .bss
- scsi: sim710: fix build warning
- drivers/net: fix eisa_driver probe section mismatch
- dpt_i2o: fix build warning
- profile: hide unused functions when !CONFIG_PROC_FS
- md: avoid warning for 32-bit sector_t
- mtd: ichxrom: maybe-uninitialized with gcc-4.9
- mtd: maps: add __init attribute
- mptfusion: hide unused seq_mpt_print_ioc_summary function
- scsi: fdomain: drop fdomain_pci_tbl when built-in
- video: fbdev: sis: remove unused variable
- staging: ste_rmi4: avoid unused function warnings
- fbdev: sis: enforce selection of at least one backend
- video: Use bool instead int pointer for get_opt_bool() argument
- scsi: mvumi: use __maybe_unused to hide pm functions
- SCSI: initio: remove duplicate module device table
- pwc: hide unused label
- usb: musb/ux500: remove duplicate check for dma_is_compatible
- tty: hvc_xen: hide xen_console_remove when unused
- target/user: Fix cast from pointer to phys_addr_t
- driver-core: use 'dev' argument in dev_dbg_ratelimited stub
- fbdev: auo_k190x: avoid unused function warnings
- amd-xgbe: Fix unused suspend handlers build warning
- mtd: sh_flctl: pass FIFO as physical address
- mtd: cfi: enforce valid geometry configuration
- fbdev: s6e8ax0: avoid unused function warnings
- modsign: hide openssl output in silent builds
- fbdev: sm712fb: avoid unused function warnings
- hwrng: exynos - use __maybe_unused to hide pm functions
- USB: cdc_subset: only build when one driver is enabled
- [Config] Add CONFIG_USB_NET_CDC_SUBSET_ENABLE=m
- rtlwifi: fix gcc-6 indentation warning
- staging: wilc1000: fix kbuild test robot error
- x86/platform/olpc: Fix resume handler build warning
- netfilter: ipvs: avoid unused variable warnings
- ipv4: ipconfig: avoid unused ic_proto_used symbol
- tc1100-wmi: fix build warning when CONFIG_PM not enabled
- tlan: avoid unused label with PCI=n
- drm/vmwgfx: use *_32_bits() macros
- tty: cyclades: cyz_interrupt is only used for PCI
- genirq/msi: Add stubs for get_cached_msi_msg/pci_write_msi_msg
- ASoC: mediatek: add i2c dependency
- iio: adc: axp288: remove redundant duplicate const on axp288_adc_channels
- infiniband: cxgb4: use %pR format string for printing resources
- b2c2: flexcop: avoid unused function warnings
- i2c: remove __init from i2c_register_board_info()
- staging: unisys: visorinput depends on INPUT
- tc358743: fix register i2c_rd/wr functions
- drm/nouveau: hide gcc-4.9 -Wmaybe-uninitialized
- Input: tca8418_keypad - hide gcc-4.9 -Wmaybe-uninitialized warning
- KVM: add X86_LOCAL_APIC dependency
- go7007: add MEDIA_CAMERA_SUPPORT dependency
- em28xx: only use mt9v011 if camera support is enabled
- ISDN: eicon: reduce stack size of sig_ind function
- ASoC: rockchip: use __maybe_unused to hide st_irq_syscfg_resume
- serial: 8250_mid: fix broken DMA dependency
- drm/gma500: Sanity-check pipe index
- hdpvr: hide unused variable
- v4l: remove MEDIA_TUNER dependency for VIDEO_TUNER
- cw1200: fix bogus maybe-uninitialized warning
- wireless: cw1200: use __maybe_unused to hide pm functions_
- perf/x86: Shut up false-positive -Wmaybe-uninitialized warning
- dmaengine: zx: fix build warning
- net: hp100: remove unnecessary #ifdefs
- gpio: xgene: mark PM functions as __maybe_unused
- ncpfs: fix unused variable warning
- Revert "power: bq27xxx_battery: Remove unneeded dependency in Kconfig"
- power: bq27xxx_battery: mark some symbols __maybe_unused
- isdn: sc: work around type mismatch warning
- binfmt_elf: compat: avoid unused function warning
- idle: i7300: add PCI dependency
- usb: phy: msm add regulator dependency
- ncr5380: shut up gcc indentation warning
- ARM: tegra: select USB_ULPI from EHCI rather than platform
- ASoC: Intel: Kconfig: fix build when ACPI is not enabled
- netlink: fix nla_put_{u8,u16,u32} for KASAN
- dell-wmi, dell-laptop: depends DMI
- genksyms: Fix segfault with invalid declarations
- x86/microcode/AMD: Change load_microcode_amd()'s param to bool to fix
preemptibility bug
- drm/gma500: remove helper function
- kasan: rework Kconfig settings
- KVM: async_pf: Fix #DF due to inject "Page not Present" and "Page Ready"
exceptions simultaneously
- x86/retpoline: Remove the esp/rsp thunk
- module/retpoline: Warn about missing retpoline in module
- x86/nospec: Fix header guards names
- x86/bugs: Drop one "mitigation" from dmesg
- x86/cpu/bugs: Make retpoline module warning conditional
- x86/spectre: Check CONFIG_RETPOLINE in command line parser
- x86/spectre: Fix spelling mistake: "vunerable"-> "vulnerable"
- x86/paravirt: Remove 'noreplace-paravirt' cmdline option
- x86/retpoline: Avoid retpolines for built-in __init functions
- x86/spectre: Simplify spectre_v2 command line parsing
- x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL
- KVM: nVMX: kmap() can't fail
- KVM: nVMX: vmx_complete_nested_posted_interrupt() can't fail
- kvm: nVMX: Fix kernel panics induced by illegal INVEPT/INVVPID types
- KVM: VMX: clean up declaration of VPID/EPT invalidation types
- KVM: nVMX: invvpid handling improvements
- crypto: s5p-sss - Fix kernel Oops in AES-ECB mode
- net: dst_cache_per_cpu_dst_set() can be static
- ARM: omap2: hide omap3_save_secure_ram on non-OMAP3 builds
- Linux 4.4.118
* ibrs/ibpb fixes result in excessive kernel logging (LP: #1755627)
- SAUCE: remove ibrs_dump sysctl interface
-- Juerg Haefliger <email address hidden> Sun, 20 May 2018 14:29:23 +0200
-
linux-aws (4.4.0-1020.20) trusty; urgency=medium
* linux-aws: 4.4.0-1020.20 -proposed tracker (LP: #1770013)
* Xenial update to 4.4.118 stable release (LP: #1756866)
- [Config] Add CONFIG_DST_CACHE=y
- [Config] Add CONFIG_USB_NET_CDC_SUBSET_ENABLE=m
[ Ubuntu: 4.4.0-125.150 ]
* linux: 4.4.0-125.150 -proposed tracker (LP: #1770011)
* Unable to insert test_bpf module on Xenial (LP: #1765698)
- bpf: fix selftests/bpf test_kmod.sh failure when CONFIG_BPF_JIT_ALWAYS_ON=y
- test_bpf: Fix testing with CONFIG_BPF_JIT_ALWAYS_ON=y on other arches
* virtio_scsi race can corrupt memory, panic kernel (LP: #1765241)
- SAUCE: (no-up) virtio-scsi: Fix race in target free
* bpf_map_lookup_elem: BUG: unable to handle kernel paging request
(LP: #1763454) // CVE-2017-17862
- SAUCE: Add missing hunks from "bpf: fix branch pruning logic"
* Xenial: rfkill: fix missing return on rfkill_init (LP: #1764810)
- rfkill: fix missing return on rfkill_init
* "ip a" command on a guest VM shows UNKNOWN status (LP: #1761534)
- virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS
* Xenial update to 4.4.128 stable release (LP: #1765010)
- cfg80211: make RATE_INFO_BW_20 the default
- md/raid5: make use of spin_lock_irq over local_irq_disable + spin_lock
- rtc: snvs: fix an incorrect check of return value
- x86/asm: Don't use RBP as a temporary register in
csum_partial_copy_generic()
- NFSv4.1: RECLAIM_COMPLETE must handle NFS4ERR_CONN_NOT_BOUND_TO_SESSION
- IB/srpt: Fix abort handling
- af_key: Fix slab-out-of-bounds in pfkey_compile_policy.
- mac80211: bail out from prep_connection() if a reconfig is ongoing
- bna: Avoid reading past end of buffer
- qlge: Avoid reading past end of buffer
- ipmi_ssif: unlock on allocation failure
- net: cdc_ncm: Fix TX zero padding
- net: ethernet: ti: cpsw: adjust cpsw fifos depth for fullduplex flow control
- lockd: fix lockd shutdown race
- drivers/misc/vmw_vmci/vmci_queue_pair.c: fix a couple integer overflow tests
- pidns: disable pid allocation if pid_ns_prepare_proc() is failed in
alloc_pid()
- s390: move _text symbol to address higher than zero
- net/mlx4_en: Avoid adding steering rules with invalid ring
- NFSv4.1: Work around a Linux server bug...
- CIFS: silence lockdep splat in cifs_relock_file()
- net: qca_spi: Fix alignment issues in rx path
- netxen_nic: set rcode to the return status from the call to netxen_issue_cmd
- Input: elan_i2c - check if device is there before really probing
- Input: elantech - force relative mode on a certain module
- KVM: PPC: Book3S PR: Check copy_to/from_user return values
- vmxnet3: ensure that adapter is in proper state during force_close
- SMB2: Fix share type handling
- bus: brcmstb_gisb: Use register offsets with writes too
- bus: brcmstb_gisb: correct support for 64-bit address output
- PowerCap: Fix an error code in powercap_register_zone()
- ARM: dts: imx53-qsrb: Pulldown PMIC IRQ pin
- staging: wlan-ng: prism2mgmt.c: fixed a double endian conversion before
calling hfa384x_drvr_setconfig16, also fixes relative sparse warning
- x86/tsc: Provide 'tsc=unstable' boot parameter
- ARM: dts: imx6qdl-wandboard: Fix audio channel swap
- ipv6: avoid dad-failures for addresses with NODAD
- async_tx: Fix DMA_PREP_FENCE usage in do_async_gen_syndrome()
- usb: dwc3: keystone: check return value
- btrfs: fix incorrect error return ret being passed to mapping_set_error
- ata: libahci: properly propagate return value of platform_get_irq()
- neighbour: update neigh timestamps iff update is effective
- arp: honour gratuitous ARP _replies_
- usb: chipidea: properly handle host or gadget initialization failure
- USB: ene_usb6250: fix first command execution
- net: x25: fix one potential use-after-free issue
- USB: ene_usb6250: fix SCSI residue overwriting
- serial: 8250: omap: Disable DMA for console UART
- serial: sh-sci: Fix race condition causing garbage during shutdown
- sh_eth: Use platform device for printing before register_netdev()
- scsi: csiostor: fix use after free in csio_hw_use_fwconfig()
- powerpc/mm: Fix virt_addr_valid() etc. on 64-bit hash
- ath5k: fix memory leak on buf on failed eeprom read
- selftests/powerpc: Fix TM resched DSCR test with some compilers
- xfrm: fix state migration copy replay sequence numbers
- iio: hi8435: avoid garbage event at first enable
- iio: hi8435: cleanup reset gpio
- ext4: handle the rest of ext4_mb_load_buddy() ENOMEM errors
- md-cluster: fix potential lock issue in add_new_disk
- ARM: davinci: da8xx: Create DSP device only when assigned memory
- ray_cs: Avoid reading past end of buffer
- leds: pca955x: Correct I2C Functionality
- sched/numa: Use down_read_trylock() for the mmap_sem
- net/mlx5: Tolerate irq_set_affinity_hint() failures
- selinux: do not check open permission on sockets
- block: fix an error code in add_partition()
- mlx5: fix bug reading rss_hash_type from CQE
- net: ieee802154: fix net_device reference release too early
- libceph: NULL deref on crush_decode() error path
- netfilter: ctnetlink: fix incorrect nf_ct_put during hash resize
- pNFS/flexfiles: missing error code in ff_layout_alloc_lseg()
- ASoC: rsnd: SSI PIO adjust to 24bit mode
- scsi: bnx2fc: fix race condition in bnx2fc_get_host_stats()
- fix race in drivers/char/random.c:get_reg()
- ext4: fix off-by-one on max nr_pages in ext4_find_unwritten_pgoff()
- tcp: better validation of received ack sequences
- net: move somaxconn init from sysctl code
- Input: elan_i2c - clear INT before resetting controller
- bonding: Don't update slave->link until ready to commit
- KVM: nVMX: Fix handling of lmsw instruction
- net: llc: add lock_sock in llc_ui_bind to avoid a race condition
- ARM: dts: ls1021a: add "fsl,ls1021a-esdhc" compatible string to esdhc node
- thermal: power_allocator: fix one race condition issue for thermal_instances
list
- perf probe: Add warning message if there is unexpected event name
- l2tp: fix missing print session offset info
- rds; Reset rs->rs_bound_addr in rds_add_bound() failure path
- hwmon: (ina2xx) Make calibration register value fixed
- media: videobuf2-core: don't go out of the buffer range
- ASoC: Intel: cht_bsw_rt5645: Analog Mic support
- scsi: mpt3sas: Proper handling of set/clear of "ATA command pending" flag.
- vfb: fix video mode and line_length being set when loaded
- gpio: label descriptors using the device name
- ASoC: Intel: sst: Fix the return value of 'sst_send_byte_stream_mrfld()'
- wl1251: check return from call to wl1251_acx_arp_ip_filter
- hdlcdrv: Fix divide by zero in hdlcdrv_ioctl
- ovl: filter trusted xattr for non-admin
- powerpc/[booke|4xx]: Don't clobber TCR[WP] when setting TCR[DIE]
- dmaengine: imx-sdma: Handle return value of clk_prepare_enable
- arm64: futex: Fix undefined behaviour with FUTEX_OP_OPARG_SHIFT usage
- net/mlx5: avoid build warning for uniprocessor
- cxgb4: FW upgrade fixes
- rtc: opal: Handle disabled TPO in opal_get_tpo_time()
- rtc: interface: Validate alarm-time before handling rollover
- SUNRPC: ensure correct error is reported by xs_tcp_setup_socket()
- net: freescale: fix potential null pointer dereference
- KVM: SVM: do not zero out segment attributes if segment is unusable or not
present
- clk: scpi: fix return type of __scpi_dvfs_round_rate
- clk: Fix __set_clk_rates error print-string
- powerpc/spufs: Fix coredump of SPU contexts
- perf trace: Add mmap alias for s390
- qlcnic: Fix a sleep-in-atomic bug in qlcnic_82xx_hw_write_wx_2M and
qlcnic_82xx_hw_read_wx_2M
- mISDN: Fix a sleep-in-atomic bug
- drm/omap: fix tiled buffer stride calculations
- cxgb4: fix incorrect cim_la output for T6
- Fix serial console on SNI RM400 machines
- bio-integrity: Do not allocate integrity context for bio w/o data
- skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow
- sit: reload iphdr in ipip6_rcv
- net/mlx4: Fix the check in attaching steering rules
- net/mlx4: Check if Granular QoS per VF has been enabled before updating QP
qos_vport
- perf header: Set proper module name when build-id event found
- perf report: Ensure the perf DSO mapping matches what libdw sees
- tags: honor COMPILED_SOURCE with apart output directory
- e1000e: fix race condition around skb_tstamp_tx()
- cx25840: fix unchecked return values
- mceusb: sporadic RX truncation corruption fix
- net: phy: avoid genphy_aneg_done() for PHYs without clause 22 support
- ARM: imx: Add MXC_CPU_IMX6ULL and cpu_is_imx6ull
- e1000e: Undo e1000e_pm_freeze if __e1000_shutdown fails
- perf/core: Correct event creation with PERF_FORMAT_GROUP
- MIPS: mm: fixed mappings: correct initialisation
- MIPS: mm: adjust PKMAP location
- MIPS: kprobes: flush_insn_slot should flush only if probe initialised
- Fix loop device flush before configure v3
- net: emac: fix reset timeout with AR8035 phy
- skbuff: only inherit relevant tx_flags
- xen: avoid type warning in xchg_xen_ulong
- bnx2x: Allow vfs to disable txvlan offload
- sctp: fix recursive locking warning in sctp_do_peeloff
- sparc64: ldc abort during vds iso boot
- iio: magnetometer: st_magn_spi: fix spi_device_id table
- Bluetooth: Send HCI Set Event Mask Page 2 command only when needed
- cpuidle: dt: Add missing 'of_node_put()'
- ACPICA: Events: Add runtime stub support for event APIs
- ACPICA: Disassembler: Abort on an invalid/unknown AML opcode
- s390/dasd: fix hanging safe offline
- vxlan: dont migrate permanent fdb entries during learn
- bcache: stop writeback thread after detaching
- bcache: segregate flash only volume write streams
- scsi: libsas: fix memory leak in sas_smp_get_phy_events()
- scsi: libsas: fix error when getting phy events
- scsi: libsas: initialize sas_phy status according to response of DISCOVER
- blk-mq: fix kernel oops in blk_mq_tag_idle()
- tty: n_gsm: Allow ADM response in addition to UA for control dlci
- EDAC, mv64x60: Fix an error handling path
- cxgb4vf: Fix SGE FL buffer initialization logic for 64K pages
- perf tools: Fix copyfile_offset update of output offset
- ipsec: check return value of skb_to_sgvec always
- rxrpc: check return value of skb_to_sgvec always
- virtio_net: check return value of skb_to_sgvec always
- virtio_net: check return value of skb_to_sgvec in one more location
- random: use lockless method of accessing and updating f->reg_idx
- futex: Remove requirement for lock_page() in get_futex_key()
- Kbuild: provide a __UNIQUE_ID for clang
- arp: fix arp_filter on l3slave devices
- net: fix possible out-of-bound read in skb_network_protocol()
- net/ipv6: Fix route leaking between VRFs
- netlink: make sure nladdr has correct size in netlink_connect()
- net/sched: fix NULL dereference in the error path of tcf_bpf_init()
- pptp: remove a buggy dst release in pptp_connect()
- sctp: do not leak kernel memory to user space
- sctp: sctp_sockaddr_af must check minimal addr length for AF_INET6
- vhost: correctly remove wait queue during poll failure
- vlan: also check phy_driver ts_info for vlan's real device
- bonding: fix the err path for dev hwaddr sync in bond_enslave
- bonding: move dev_mc_sync after master_upper_dev_link in bond_enslave
- bonding: process the err returned by dev_set_allmulti properly in
bond_enslave
- net: fool proof dev_valid_name()
- ip_tunnel: better validate user provided tunnel names
- ipv6: sit: better validate user provided tunnel names
- ip6_gre: better validate user provided tunnel names
- ip6_tunnel: better validate user provided tunnel names
- vti6: better validate user provided tunnel names
- r8169: fix setting driver_data after register_netdev
- net sched actions: fix dumping which requires several messages to user space
- net/ipv6: Increment OUTxxx counters after netfilter hook
- ipv6: the entire IPv6 header chain must fit the first fragment
- vrf: Fix use after free and double free in vrf_finish_output
- Revert "xhci: plat: Register shutdown for xhci_plat"
- Linux 4.4.128
* sky2 gigabit ethernet driver sometimes stops working after lid-open resume
from sleep (88E8055) (LP: #1758507) // Xenial update to 4.4.128 stable
release (LP: #1765010)
- sky2: Increase D3 delay to sky2 stops working after suspend
* Xenial update to 4.4.127 stable release (LP: #1765007)
- mtd: jedec_probe: Fix crash in jedec_read_mfr()
- ALSA: pcm: Use dma_bytes as size parameter in dma_mmap_coherent()
- ALSA: pcm: potential uninitialized return values
- partitions/msdos: Unable to mount UFS 44bsd partitions
- usb: gadget: define free_ep_req as universal function
- usb: gadget: change len to size_t on alloc_ep_req()
- usb: gadget: fix usb_ep_align_maybe endianness and new usb_ep_align
- usb: gadget: align buffer size when allocating for OUT endpoint
- usb: gadget: f_hid: fix: Prevent accessing released memory
- kprobes/x86: Fix to set RWX bits correctly before releasing trampoline
- ACPI, PCI, irq: remove redundant check for null string pointer
- writeback: fix the wrong congested state variable definition
- PCI: Make PCI_ROM_ADDRESS_MASK a 32-bit constant
- dm ioctl: remove double parentheses
- Input: mousedev - fix implicit conversion warning
- netfilter: nf_nat_h323: fix logical-not-parentheses warning
- genirq: Use cpumask_available() for check of cpumask variable
- cpumask: Add helper cpumask_available()
- selinux: Remove unnecessary check of array base in selinux_set_mapping()
- fs: compat: Remove warning from COMPATIBLE_IOCTL
- jiffies.h: declare jiffies and jiffies_64 with ____cacheline_aligned_in_smp
- frv: declare jiffies to be located in the .data section
- audit: add tty field to LOGIN event
- tty: provide tty_name() even without CONFIG_TTY
- netfilter: ctnetlink: Make some parameters integer to avoid enum mismatch
- selinux: Remove redundant check for unknown labeling behavior
- arm64: avoid overflow in VA_START and PAGE_OFFSET
- xfrm_user: uncoditionally validate esn replay attribute struct
- RDMA/ucma: Check AF family prior resolving address
- RDMA/ucma: Fix use-after-free access in ucma_close
- RDMA/ucma: Ensure that CM_ID exists prior to access it
- RDMA/ucma: Check that device is connected prior to access it
- RDMA/ucma: Check that device exists prior to accessing it
- RDMA/ucma: Don't allow join attempts for unsupported AF family
- RDMA/ucma: Introduce safer rdma_addr_size() variants
- net: xfrm: use preempt-safe this_cpu_read() in ipcomp_alloc_tfms()
- xfrm: Refuse to insert 32 bit userspace socket policies on 64 bit systems
- netfilter: bridge: ebt_among: add more missing match size checks
- netfilter: x_tables: add and use xt_check_proc_name
- Bluetooth: Fix missing encryption refresh on Security Request
- llist: clang: introduce member_address_is_nonnull()
- scsi: virtio_scsi: always read VPD pages for multiqueue too
- usb: dwc2: Improve gadget state disconnection handling
- USB: serial: ftdi_sio: add RT Systems VX-8 cable
- USB: serial: ftdi_sio: add support for Harman FirmwareHubEmulator
- USB: serial: cp210x: add ELDAT Easywave RX09 id
- mei: remove dev_err message on an unsupported ioctl
- media: usbtv: prevent double free in error case
- parport_pc: Add support for WCH CH382L PCI-E single parallel port card.
- crypto: ahash - Fix early termination in hash walk
- crypto: x86/cast5-avx - fix ECB encryption when long sg follows short one
- fs/proc: Stop trying to report thread stacks
- staging: comedi: ni_mio_common: ack ai fifo error interrupts.
- Input: i8042 - add Lenovo ThinkPad L460 to i8042 reset list
- Input: i8042 - enable MUX on Sony VAIO VGN-CS series to fix touchpad
- vt: change SGR 21 to follow the standards
- Documentation: pinctrl: palmas: Add ti,palmas-powerhold-override property
definition
- ARM: dts: dra7: Add power hold and power controller properties to palmas
- ARM: dts: am57xx-beagle-x15-common: Add overide powerhold property
- md/raid10: reset the 'first' at the end of loop
- net: hns: Fix ethtool private flags
- Revert "PCI/MSI: Stop disabling MSI/MSI-X in pci_device_shutdown()"
- Revert "ARM: dts: am335x-pepper: Fix the audio CODEC's reset pin"
- Revert "ARM: dts: omap3-n900: Fix the audio CODEC's reset pin"
- Revert "cpufreq: Fix governor module removal race"
- Revert "mtip32xx: use runtime tag to initialize command header"
- spi: davinci: fix up dma_mapping_error() incorrect patch
- net: cavium: liquidio: fix up "Avoid dma_unmap_single on uninitialized
ndata"
- Revert "ip6_vti: adjust vti mtu according to mtu of lower device"
- Linux 4.4.127
* Xenial update to 4.4.126 stable release (LP: #1764999)
- scsi: sg: don't return bogus Sg_requests
- Revert "genirq: Use irqd_get_trigger_type to compare the trigger type for
shared IRQs"
- net: Fix hlist corruptions in inet_evict_bucket()
- dccp: check sk for closed state in dccp_sendmsg()
- ipv6: fix access to non-linear packet in ndisc_fill_redirect_hdr_option()
- l2tp: do not accept arbitrary sockets
- net: ethernet: arc: Fix a potential memory leak if an optional regulator is
deferred
- net: ethernet: ti: cpsw: add check for in-band mode setting with RGMII PHY
interface
- net/iucv: Free memory obtained by kzalloc
- netlink: avoid a double skb free in genlmsg_mcast()
- net: Only honor ifindex in IP_PKTINFO if non-0
- skbuff: Fix not waking applications when errors are enqueued
- team: Fix double free in error path
- s390/qeth: free netdevice when removing a card
- s390/qeth: when thread completes, wake up all waiters
- s390/qeth: lock read device while queueing next buffer
- s390/qeth: on channel error, reject further cmd requests
- ieee802154: 6lowpan: fix possible NULL deref in lowpan_device_event()
- net: fec: Fix unbalanced PM runtime calls
- net: systemport: Rewrite __bcm_sysport_tx_reclaim()
- Linux 4.4.126
* Xenial update to 4.4.125 stable release (LP: #1764973)
- MIPS: ralink: Remove ralink_halt()
- iio: st_pressure: st_accel: pass correct platform data to init
- ALSA: usb-audio: Fix parsing descriptor of UAC2 processing unit
- ALSA: aloop: Sync stale timer before release
- ALSA: aloop: Fix access to not-yet-ready substream via cable
- ALSA: hda/realtek - Always immediately update mute LED with pin VREF
- mmc: dw_mmc: fix falling from idmac to PIO mode when dw_mci_reset occurs
- PCI: Add function 1 DMA alias quirk for Highpoint RocketRAID 644L
- ahci: Add PCI-id for the Highpoint Rocketraid 644L card
- clk: bcm2835: Protect sections updating shared registers
- Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174
- libata: fix length validation of ATAPI-relayed SCSI commands
- libata: remove WARN() for DMA or PIO command without data
- libata: Apply NOLPM quirk to Crucial MX100 512GB SSDs
- libata: Enable queued TRIM for Samsung SSD 860
- libata: Apply NOLPM quirk to Crucial M500 480 and 960GB SSDs
- libata: Make Crucial BX100 500GB LPM quirk apply to all firmware versions
- libata: Modify quirks for MX100 to limit NCQ_TRIM quirk to MU01 version
- mm/vmalloc: add interfaces to free unmapped page table
- x86/mm: implement free pmd/pte page interfaces
- drm/vmwgfx: Fix a destoy-while-held mutex problem.
- drm/radeon: Don't turn off DP sink when disconnected
- drm: udl: Properly check framebuffer mmap offsets
- acpi, numa: fix pxm to online numa node associations
- brcmfmac: fix P2P_DEVICE ethernet address generation
- rtlwifi: rtl8723be: Fix loss of signal
- tracing: probeevent: Fix to support minus offset from symbol
- mtd: nand: fsl_ifc: Fix nand waitfunc return value
- staging: ncpfs: memory corruption in ncp_read_kernel()
- can: cc770: Fix stalls on rt-linux, remove redundant IRQ ack
- can: cc770: Fix queue stall & dropped RTR reply
- can: cc770: Fix use after free in cc770_tx_interrupt()
- tty: vt: fix up tabstops properly
- x86/build/64: Force the linker to use 2MB page size
- x86/boot/64: Verify alignment of the LOAD segment
- perf/x86/intel: Don't accidentally clear high bits in bdw_limit_period()
- staging: lustre: ptlrpc: kfree used instead of kvfree
- kbuild: disable clang's default use of -fmerge-all-constants
- bpf: skip unnecessary capability check
- bpf, x64: increase number of passes
- Linux 4.4.125
* System fails to start (boot) on battery due to read-only root file-system
(LP: #1726930) // Xenial update to 4.4.125 stable release (LP: #1764973)
- libata: disable LPM for Crucial BX100 SSD 500GB drive
* Xenial update to 4.4.124 stable release (LP: #1764762)
- tpm: fix potential buffer overruns caused by bit glitches on the bus
- tpm_tis: fix potential buffer overruns caused by bit glitches on the bus
- staging: android: ashmem: Fix possible deadlock in ashmem_ioctl
- platform/x86: asus-nb-wmi: Add wapf4 quirk for the X302UA
- regulator: anatop: set default voltage selector for pcie
- x86: i8259: export legacy_pic symbol
- rtc: cmos: Do not assume irq 8 for rtc when there are no legacy irqs
- Input: ar1021_i2c - fix too long name in driver's device table
- time: Change posix clocks ops interfaces to use timespec64
- ACPI/processor: Fix error handling in __acpi_processor_start()
- ACPI/processor: Replace racy task affinity logic
- cpufreq/sh: Replace racy task affinity logic
- genirq: Use irqd_get_trigger_type to compare the trigger type for shared
IRQs
- i2c: i2c-scmi: add a MS HID
- net: ipv6: send unsolicited NA on admin up
- media/dvb-core: Race condition when writing to CAM
- spi: dw: Disable clock after unregistering the host
- ath: Fix updating radar flags for coutry code India
- clk: ns2: Correct SDIO bits
- scsi: virtio_scsi: Always try to read VPD pages
- KVM: PPC: Book3S PR: Exit KVM on failed mapping
- ARM: 8668/1: ftrace: Fix dynamic ftrace with DEBUG_RODATA and !FRAME_POINTER
- iommu/omap: Register driver before setting IOMMU ops
- md/raid10: wait up frozen array in handle_write_completed
- NFS: Fix missing pg_cleanup after nfs_pageio_cond_complete()
- tcp: remove poll() flakes with FastOpen
- e1000e: fix timing for 82579 Gigabit Ethernet controller
- ALSA: hda - Fix headset microphone detection for ASUS N551 and N751
- IB/ipoib: Fix deadlock between ipoib_stop and mcast join flow
- IB/ipoib: Update broadcast object if PKey value was changed in index 0
- HSI: ssi_protocol: double free in ssip_pn_xmit()
- IB/mlx4: Take write semaphore when changing the vma struct
- IB/mlx4: Change vma from shared to private
- ASoC: Intel: Skylake: Uninitialized variable in probe_codec()
- Fix driver usage of 128B WQEs when WQ_CREATE is V1.
- netfilter: xt_CT: fix refcnt leak on error path
- openvswitch: Delete conntrack entry clashing with an expectation.
- mmc: host: omap_hsmmc: checking for NULL instead of IS_ERR()
- wan: pc300too: abort path on failure
- qlcnic: fix unchecked return value
- scsi: mac_esp: Replace bogus memory barrier with spinlock
- infiniband/uverbs: Fix integer overflows
- NFS: don't try to cross a mountpount when there isn't one there.
- Revert "UBUNTU: SAUCE: (no-up) iio: st_pressure: st_accel: Initialise sensor
platform data properly"
- iio: st_pressure: st_accel: Initialise sensor platform data properly
- mt7601u: check return value of alloc_skb
- rndis_wlan: add return value validation
- Btrfs: send, fix file hole not being preserved due to inline extent
- mac80211: don't parse encrypted management frames in ieee80211_frame_acked
- mfd: palmas: Reset the POWERHOLD mux during power off
- mtip32xx: use runtime tag to initialize command header
- staging: unisys: visorhba: fix s-Par to boot with option CONFIG_VMAP_STACK
set to y
- staging: wilc1000: fix unchecked return value
- mmc: sdhci-of-esdhc: limit SD clock for ls1012a/ls1046a
- ARM: DRA7: clockdomain: Change the CLKTRCTRL of CM_PCIE_CLKSTCTRL to SW_WKUP
- ipmi/watchdog: fix wdog hang on panic waiting for ipmi response
- ACPI / PMIC: xpower: Fix power_table addresses
- drm/nouveau/kms: Increase max retries in scanout position queries.
- bnx2x: Align RX buffers
- power: supply: pda_power: move from timer to delayed_work
- Input: twl4030-pwrbutton - use correct device for irq request
- md/raid10: skip spare disk as 'first' disk
- ia64: fix module loading for gcc-5.4
- tcm_fileio: Prevent information leak for short reads
- video: fbdev: udlfb: Fix buffer on stack
- sm501fb: don't return zero on failure path in sm501fb_start()
- net: hns: fix ethtool_get_strings overflow in hns driver
- cifs: small underflow in cnvrtDosUnixTm()
- rtc: ds1374: wdt: Fix issue with timeout scaling from secs to wdt ticks
- rtc: ds1374: wdt: Fix stop/start ioctl always returning -EINVAL
- perf tests kmod-path: Don't fail if compressed modules aren't supported
- Bluetooth: hci_qca: Avoid setup failure on missing rampatch
- media: c8sectpfe: fix potential NULL pointer dereference in
c8sectpfe_timer_interrupt
- drm/msm: fix leak in failed get_pages
- RDMA/iwpm: Fix uninitialized error code in iwpm_send_mapinfo()
- rtlwifi: rtl_pci: Fix the bug when inactiveps is enabled.
- media: bt8xx: Fix err 'bt878_probe()'
- media: [RESEND] media: dvb-frontends: Add delay to Si2168 restart
- cros_ec: fix nul-termination for firmware build info
- platform/chrome: Use proper protocol transfer function
- mmc: avoid removing non-removable hosts during suspend
- IB/ipoib: Avoid memory leak if the SA returns a different DGID
- RDMA/cma: Use correct size when writing netlink stats
- IB/umem: Fix use of npages/nmap fields
- vgacon: Set VGA struct resource types
- drm/omap: DMM: Check for DMM readiness after successful transaction commit
- pty: cancel pty slave port buf's work in tty_release
- coresight: Fix disabling of CoreSight TPIU
- pinctrl: Really force states during suspend/resume
- iommu/vt-d: clean up pr_irq if request_threaded_irq fails
- ip6_vti: adjust vti mtu according to mtu of lower device
- RDMA/ocrdma: Fix permissions for OCRDMA_RESET_STATS
- nfsd4: permit layoutget of executable-only files
- clk: si5351: Rename internal plls to avoid name collisions
- dmaengine: ti-dma-crossbar: Fix event mapping for TPCC_EVT_MUX_60_63
- RDMA/ucma: Fix access to non-initialized CM_ID object
- Linux 4.4.124
* Xenial update to 4.4.123 stable release (LP: #1764666)
- blkcg: fix double free of new_blkg in blkcg_init_queue
- Input: tsc2007 - check for presence and power down tsc2007 during probe
- staging: speakup: Replace BUG_ON() with WARN_ON().
- staging: wilc1000: add check for kmalloc allocation failure.
- HID: reject input outside logical range only if null state is set
- drm: qxl: Don't alloc fbdev if emulation is not supported
- ath10k: fix a warning during channel switch with multiple vaps
- PCI/MSI: Stop disabling MSI/MSI-X in pci_device_shutdown()
- selinux: check for address length in selinux_socket_bind()
- perf sort: Fix segfault with basic block 'cycles' sort dimension
- i40e: Acquire NVM lock before reads on all devices
- i40e: fix ethtool to get EEPROM data from X722 interface
- perf tools: Make perf_event__synthesize_mmap_events() scale
- drivers: net: xgene: Fix hardware checksum setting
- drm: Defer disabling the vblank IRQ until the next interrupt (for instant-
off)
- ath10k: disallow DFS simulation if DFS channel is not enabled
- perf probe: Return errno when not hitting any event
- HID: clamp input to logical range if no null state
- net/8021q: create device with all possible features in wanted_features
- ARM: dts: Adjust moxart IRQ controller and flags
- batman-adv: handle race condition for claims between gateways
- of: fix of_device_get_modalias returned length when truncating buffers
- solo6x10: release vb2 buffers in solo_stop_streaming()
- scsi: ipr: Fix missed EH wakeup
- media: i2c/soc_camera: fix ov6650 sensor getting wrong clock
- timers, sched_clock: Update timeout for clock wrap
- sysrq: Reset the watchdog timers while displaying high-resolution timers
- Input: qt1070 - add OF device ID table
- sched: act_csum: don't mangle TCP and UDP GSO packets
- ASoC: rcar: ssi: don't set SSICR.CKDV = 000 with SSIWSR.CONT
- spi: omap2-mcspi: poll OMAP2_MCSPI_CHSTAT_RXS for PIO transfer
- tcp: sysctl: Fix a race to avoid unexpected 0 window from space
- dmaengine: imx-sdma: add 1ms delay to ensure SDMA channel is stopped
- driver: (adm1275) set the m,b and R coefficients correctly for power
- mm: Fix false-positive VM_BUG_ON() in page_cache_{get,add}_speculative()
- blk-throttle: make sure expire time isn't too big
- f2fs: relax node version check for victim data in gc
- bonding: refine bond_fold_stats() wrap detection
- braille-console: Fix value returned by _braille_console_setup
- drm/vmwgfx: Fixes to vmwgfx_fb
- vxlan: vxlan dev should inherit lowerdev's gso_max_size
- NFC: nfcmrvl: Include unaligned.h instead of access_ok.h
- NFC: nfcmrvl: double free on error path
- ARM: dts: r8a7790: Correct parent of SSI[0-9] clocks
- ARM: dts: r8a7791: Correct parent of SSI[0-9] clocks
- powerpc: Avoid taking a data miss on every userspace instruction miss
- net/faraday: Add missing include of of.h
- ARM: dts: koelsch: Correct clock frequency of X2 DU clock input
- reiserfs: Make cancel_old_flush() reliable
- ALSA: firewire-digi00x: handle all MIDI messages on streaming packets
- fm10k: correctly check if interface is removed
- apparmor: Make path_max parameter readonly
- iommu/iova: Fix underflow bug in __alloc_and_insert_iova_range
- video: ARM CLCD: fix dma allocation size
- drm/radeon: Fail fb creation from imported dma-bufs.
- drm/amdgpu: Fail fb creation from imported dma-bufs. (v2)
- coresight: Fixes coresight DT parse to get correct output port ID.
- MIPS: BPF: Quit clobbering callee saved registers in JIT code.
- MIPS: BPF: Fix multiple problems in JIT skb access helpers.
- MIPS: r2-on-r6-emu: Fix BLEZL and BGTZL identification
- MIPS: r2-on-r6-emu: Clear BLTZALL and BGEZALL debugfs counters
- regulator: isl9305: fix array size
- md/raid6: Fix anomily when recovering a single device in RAID6.
- usb: dwc2: Make sure we disconnect the gadget state
- usb: gadget: dummy_hcd: Fix wrong power status bit clear/reset in
dummy_hub_control()
- drivers/perf: arm_pmu: handle no platform_device
- perf inject: Copy events when reordering events in pipe mode
- perf session: Don't rely on evlist in pipe mode
- scsi: sg: check for valid direction before starting the request
- scsi: sg: close race condition in sg_remove_sfp_usercontext()
- kprobes/x86: Fix kprobe-booster not to boost far call instructions
- kprobes/x86: Set kprobes pages read-only
- pwm: tegra: Increase precision in PWM rate calculation
- wil6210: fix memory access violation in wil_memcpy_from/toio_32
- drm/edid: set ELD connector type in drm_edid_to_eld()
- video/hdmi: Allow "empty" HDMI infoframes
- HID: elo: clear BTN_LEFT mapping
- ARM: dts: exynos: Correct Trats2 panel reset line
- sched: Stop switched_to_rt() from sending IPIs to offline CPUs
- sched: Stop resched_cpu() from sending IPIs to offline CPUs
- test_firmware: fix setting old custom fw path back on exit
- net: xfrm: allow clearing socket xfrm policies.
- mtd: nand: fix interpretation of NAND_CMD_NONE in nand_command[_lp]()
- ARM: dts: am335x-pepper: Fix the audio CODEC's reset pin
- ARM: dts: omap3-n900: Fix the audio CODEC's reset pin
- ath10k: update tdls teardown state to target
- cpufreq: Fix governor module removal race
- clk: qcom: msm8916: fix mnd_width for codec_digcodec
- ath10k: fix invalid STS_CAP_OFFSET_MASK
- tools/usbip: fixes build with musl libc toolchain
- spi: sun6i: disable/unprepare clocks on remove
- scsi: core: scsi_get_device_flags_keyed(): Always return device flags
- scsi: devinfo: apply to HP XP the same flags as Hitachi VSP
- scsi: dh: add new rdac devices
- media: cpia2: Fix a couple off by one bugs
- veth: set peer GSO values
- drm/amdkfd: Fix memory leaks in kfd topology
- agp/intel: Flush all chipset writes after updating the GGTT
- mac80211_hwsim: enforce PS_MANUAL_POLL to be set after PS_ENABLED
- mac80211: remove BUG() when interface type is invalid
- ASoC: nuc900: Fix a loop timeout test
- ipvlan: add L2 check for packets arriving via virtual devices
- rcutorture/configinit: Fix build directory error message
- ima: relax requiring a file signature for new files with zero length
- selftests/x86/entry_from_vm86: Exit with 1 if we fail
- selftests/x86: Add tests for User-Mode Instruction Prevention
- selftests/x86: Add tests for the STR and SLDT instructions
- selftests/x86/entry_from_vm86: Add test cases for POPF
- x86/vm86/32: Fix POPF emulation
- x86/mm: Fix vmalloc_fault to use pXd_large
- ALSA: pcm: Fix UAF in snd_pcm_oss_get_formats()
- ALSA: hda - Revert power_save option default value
- ALSA: seq: Fix possible UAF in snd_seq_check_queue()
- ALSA: seq: Clear client entry before deleting else at closing
- drm/amdgpu/dce: Don't turn off DP sink when disconnected
- fs: Teach path_connected to handle nfs filesystems with multiple roots.
- lock_parent() needs to recheck if dentry got __dentry_kill'ed under it
- fs/aio: Add explicit RCU grace period when freeing kioctx
- fs/aio: Use RCU accessors for kioctx_table->table[]
- irqchip/gic-v3-its: Ensure nr_ites >= nr_lpis
- scsi: sg: fix SG_DXFER_FROM_DEV transfers
- scsi: sg: fix static checker warning in sg_is_valid_dxfer
- scsi: sg: only check for dxfer_len greater than 256M
- ARM: dts: LogicPD Torpedo: Fix I2C1 pinmux
- btrfs: alloc_chunk: fix DUP stripe size handling
- btrfs: Fix use-after-free when cleaning up fs_devs with a single stale
device
- USB: gadget: udc: Add missing platform_device_put() on error in
bdc_pci_probe()
- usb: gadget: bdc: 64-bit pointer capability check
- Linux 4.4.123
* Xenial update to 4.4.123 stable release (LP: #1764666) // CVE-2017-16995
- Revert "bpf: fix incorrect sign extension in check_alu_op()"
- bpf: fix incorrect sign extension in check_alu_op()
* Xenial update to 4.4.122 stable release (LP: #1764627)
- RDMA/ucma: Limit possible option size
- RDMA/ucma: Check that user doesn't overflow QP state
- RDMA/mlx5: Fix integer overflow while resizing CQ
- scsi: qla2xxx: Fix NULL pointer crash due to active timer for ABTS
- workqueue: Allow retrieval of current task's work struct
- drm: Allow determining if current task is output poll worker
- drm/nouveau: Fix deadlock on runtime suspend
- drm/radeon: Fix deadlock on runtime suspend
- drm/amdgpu: Fix deadlock on runtime suspend
- drm/amdgpu: Notify sbios device ready before send request
- drm/radeon: fix KV harvesting
- drm/amdgpu: fix KV harvesting
- MIPS: BMIPS: Do not mask IPIs during suspend
- MIPS: ath25: Check for kzalloc allocation failure
- MIPS: OCTEON: irq: Check for null return on kzalloc allocation
- Input: matrix_keypad - fix race when disabling interrupts
- loop: Fix lost writes caused by missing flag
- kbuild: Handle builtin dtb file names containing hyphens
- bcache: don't attach backing with duplicate UUID
- x86/MCE: Serialize sysfs changes
- ALSA: hda/realtek - Fix dock line-out volume on Dell Precision 7520
- ALSA: seq: More protection for concurrent write and ioctl races
- ALSA: hda: add dock and led support for HP EliteBook 820 G3
- ALSA: hda: add dock and led support for HP ProBook 640 G2
- watchdog: hpwdt: SMBIOS check
- watchdog: hpwdt: Check source of NMI
- watchdog: hpwdt: fix unused variable warning
- netfilter: nfnetlink_queue: fix timestamp attribute
- Input: tca8418_keypad - remove double read of key event register
- tc358743: fix register i2c_rd/wr function fix
- netfilter: add back stackpointer size checks
- netfilter: x_tables: fix missing timer initialization in xt_LED
- netfilter: nat: cope with negative port range
- netfilter: IDLETIMER: be syzkaller friendly
- netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets
- netfilter: bridge: ebt_among: add missing match size checks
- netfilter: ipv6: fix use-after-free Write in nf_nat_ipv6_manip_pkt
- netfilter: use skb_to_full_sk in ip_route_me_harder
- ext4: inplace xattr block update fails to deduplicate blocks
- ubi: Fix race condition between ubi volume creation and udev
- scsi: qla2xxx: Replace fcport alloc with qla2x00_alloc_fcport
- NFS: Fix an incorrect type in struct nfs_direct_req
- Revert "ARM: dts: LogicPD Torpedo: Fix I2C1 pinmux"
- x86/module: Detect and skip invalid relocations
- x86: Treat R_X86_64_PLT32 as R_X86_64_PC32
- serial: sh-sci: prevent lockup on full TTY buffers
- tty/serial: atmel: add new version check for usart
- uas: fix comparison for error code
- staging: comedi: fix comedi_nsamples_left.
- staging: android: ashmem: Fix lockdep issue during llseek
- USB: storage: Add JMicron bridge 152d:2567 to unusual_devs.h
- usb: quirks: add control message delay for 1b1c:1b20
- USB: usbmon: remove assignment from IS_ERR argument
- usb: usbmon: Read text within supplied buffer size
- usb: gadget: f_fs: Fix use-after-free in ffs_fs_kill_sb()
- serial: 8250_pci: Add Brainboxes UC-260 4 port serial device
- fixup: sctp: verify size of a new chunk in _sctp_make_chunk()
- Linux 4.4.122
* Xenial update to 4.4.122 stable release (LP: #1764627) // CVE-2018-1000004.
- ALSA: seq: Don't allow resizing pool in use
* Xenial update to 4.4.121 stable release (LP: #1764367)
- tpm: st33zp24: fix potential buffer overruns caused by bit glitches on the
bus
- tpm_i2c_infineon: fix potential buffer overruns caused by bit glitches on
the bus
- tpm_i2c_nuvoton: fix potential buffer overruns caused by bit glitches on the
bus
- ALSA: usb-audio: Add a quirck for B&W PX headphones
- ALSA: hda: Add a power_save blacklist
- cpufreq: s3c24xx: Fix broken s3c_cpufreq_init()
- media: m88ds3103: don't call a non-initalized function
- ARM: mvebu: Fix broken PL310_ERRATA_753970 selects
- KVM: mmu: Fix overlap between public and private memslots
- btrfs: Don't clear SGID when inheriting ACLs
- ARM: dts: LogicPD Torpedo: Fix I2C1 pinmux
- x86/apic/vector: Handle legacy irq data correctly
- leds: do not overflow sysfs buffer in led_trigger_show
- x86/spectre: Fix an error message
- bridge: check brport attr show in brport_show
- fib_semantics: Don't match route with mismatching tclassid
- hdlc_ppp: carrier detect ok, don't turn off negotiation
- ipv6 sit: work around bogus gcc-8 -Wrestrict warning
- net: fix race on decreasing number of TX queues
- net: ipv4: don't allow setting net.ipv4.route.min_pmtu below 68
- netlink: ensure to loop over all netns in genlmsg_multicast_allns()
- ppp: prevent unregistered channels from connecting to PPP units
- udplite: fix partial checksum initialization
- sctp: fix dst refcnt leak in sctp_v4_get_dst
- sctp: fix dst refcnt leak in sctp_v6_get_dst()
- s390/qeth: fix SETIP command handling
- s390/qeth: fix IPA command submission race
- sctp: verify size of a new chunk in _sctp_make_chunk()
- net: mpls: Pull common label check into helper
- dm io: fix duplicate bio completion due to missing ref count
- bpf, x64: implement retpoline for tail call
- btrfs: preserve i_mode if __btrfs_set_acl() fails
- Linux 4.4.121
* Xenial update to 4.4.120 stable release (LP: #1764316)
- hrtimer: Ensure POSIX compliance (relative CLOCK_REALTIME hrtimers)
- f2fs: fix a bug caused by NULL extent tree
- mtd: nand: gpmi: Fix failure when a erased page has a bitflip at BBM
- ipv6: icmp6: Allow icmp messages to be looped back
- ARM: 8731/1: Fix csum_partial_copy_from_user() stack mismatch
- sget(): handle failures of register_shrinker()
- drm/nouveau/pci: do a msi rearm on init
- spi: atmel: fixed spin_lock usage inside atmel_spi_remove
- net: arc_emac: fix arc_emac_rx() error paths
- scsi: storvsc: Fix scsi_cmd error assignments in storvsc_handle_error
- ARM: dts: ls1021a: fix incorrect clock references
- lib/mpi: Fix umul_ppmm() for MIPS64r6
- tg3: Add workaround to restrict 5762 MRRS to 2048
- tg3: Enable PHY reset in MTU change path for 5720
- bnx2x: Improve reliability in case of nested PCI errors
- s390/dasd: fix wrongly assigned configuration data
- IB/mlx4: Fix mlx4_ib_alloc_mr error flow
- IB/ipoib: Fix race condition in neigh creation
- xfs: quota: fix missed destroy of qi_tree_lock
- xfs: quota: check result of register_shrinker()
- e1000: fix disabling already-disabled warning
- drm/ttm: check the return value of kzalloc
- mac80211: mesh: drop frames appearing to be from us
- can: flex_can: Correct the checking for frame length in flexcan_start_xmit()
- bnxt_en: Fix the 'Invalid VF' id check in bnxt_vf_ndo_prep routine.
- xen-netfront: enable device after manual module load
- mdio-sun4i: Fix a memory leak
- SolutionEngine771x: fix Ether platform data
- xen/gntdev: Fix off-by-one error when unmapping with holes
- xen/gntdev: Fix partial gntdev_mmap() cleanup
- sctp: make use of pre-calculated len
- net: gianfar_ptp: move set_fipers() to spinlock protecting area
- MIPS: Implement __multi3 for GCC7 MIPS64r6 builds
- Linux 4.4.120
* Xenial update to 4.4.119 stable release (LP: #1762453)
- netfilter: drop outermost socket lock in getsockopt()
- powerpc/64s: Fix RFI flush dependency on HARDLOCKUP_DETECTOR
- PCI: keystone: Fix interrupt-controller-node lookup
- ip_tunnel: replace dst_cache with generic implementation
- ip_tunnel: fix preempt warning in ip tunnel creation/updating
- scsi: ibmvfc: fix misdefined reserved field in ibmvfc_fcp_rsp_info
- cfg80211: fix cfg80211_beacon_dup
- iio: buffer: check if a buffer has been set up when poll is called
- iio: adis_lib: Initialize trigger before requesting interrupt
- x86/oprofile: Fix bogus GCC-8 warning in nmi_setup()
- irqchip/gic-v3: Use wmb() instead of smb_wmb() in gic_raise_softirq()
- usb: ohci: Proper handling of ed_rm_list to handle race condition between
usb_kill_urb() and finish_unlinks()
- arm64: Disable unhandled signal log messages by default
- Add delay-init quirk for Corsair K70 RGB keyboards
- usb: dwc3: gadget: Set maxpacket size for ep0 IN
- usb: ldusb: add PIDs for new CASSY devices supported by this driver
- usb: gadget: f_fs: Process all descriptors during bind
- usb: renesas_usbhs: missed the "running" flag in usb_dmac with rx path
- drm/amdgpu: Avoid leaking PM domain on driver unbind (v2)
- binder: add missing binder_unlock()
- Linux 4.4.119
* [regression] Colour banding and artefacts appear system-wide on an Asus
Zenbook UX303LA with Intel HD 4400 graphics (LP: #1749420) // Xenial update
to 4.4.119 stable release (LP: #1762453)
- drm/edid: Add 6 bpc quirk for CPT panel in Asus UX303LA
* Xenial update to 4.4.118 stable release (LP: #1756866)
- net: add dst_cache support
- [Config] Add CONFIG_DST_CACHE=y
- net: replace dst_cache ip6_tunnel implementation with the generic one
- cfg80211: check dev_set_name() return value
- mm,vmscan: Make unregister_shrinker() no-op if register_shrinker() failed.
- xfrm: Fix stack-out-of-bounds read on socket policy lookup.
- xfrm: check id proto in validate_tmpl()
- blktrace: fix unlocked registration of tracepoints
- drm: Require __GFP_NOFAIL for the legacy drm_modeset_lock_all
- Provide a function to create a NUL-terminated string from unterminated data
- selinux: ensure the context is NUL terminated in
security_context_to_sid_core()
- selinux: skip bounded transition processing if the policy isn't loaded
- crypto: x86/twofish-3way - Fix %rbp usage
- KVM: x86: fix escape of guest dr6 to the host
- netfilter: x_tables: fix int overflow in xt_alloc_table_info()
- netfilter: x_tables: avoid out-of-bounds reads in
xt_request_find_{match|target}
- netfilter: ipt_CLUSTERIP: fix out-of-bounds accesses in clusterip_tg_check()
- netfilter: on sockopt() acquire sock lock only in the required scope
- netfilter: xt_RATEEST: acquire xt_rateest_mutex for hash insert
- net: avoid skb_warn_bad_offload on IS_ERR
- ASoC: ux500: add MODULE_LICENSE tag
- video: fbdev/mmp: add MODULE_LICENSE
- arm64: dts: add #cooling-cells to CPU nodes
- Make DST_CACHE a silent config option
- dn_getsockoptdecnet: move nf_{get/set}sockopt outside sock lock
- staging: android: ashmem: Fix a race condition in pin ioctls
- binder: check for binder_thread allocation failure in binder_poll()
- staging: iio: adc: ad7192: fix external frequency setting
- usbip: keep usbip_device sockfd state in sync with tcp_socket
- usb: build drivers/usb/common/ when USB_SUPPORT is set
- ARM: OMAP2+: Fix SRAM virt to phys translation for save_secure_ram_context
- ARM: AM33xx: PRM: Remove am33xx_pwrdm_read_prev_pwrst function
- ARM: dts: Fix omap4 hang with GPS connected to USB by using wakeupgen
- ARM: dts: am4372: Correct the interrupts_properties of McASP
- perf top: Fix window dimensions change handling
- perf bench numa: Fixup discontiguous/sparse numa nodes
- media: s5k6aa: describe some function parameters
- pinctrl: sunxi: Fix A80 interrupt pin bank
- RDMA/cma: Make sure that PSN is not over max allowed
- scripts/kernel-doc: Don't fail with status != 0 if error encountered with
-none
- ipvlan: Add the skb->mark as flow4's member to lookup route
- powerpc/perf: Fix oops when grouping different pmu events
- s390/dasd: prevent prefix I/O error
- gianfar: fix a flooded alignment reports because of padding issue.
- net_sched: red: Avoid devision by zero
- net_sched: red: Avoid illegal values
- btrfs: Fix possible off-by-one in btrfs_search_path_in_tree
- 509: fix printing uninitialized stack memory when OID is empty
- dmaengine: ioat: Fix error handling path
- dmaengine: at_hdmac: fix potential NULL pointer dereference in
atc_prep_dma_interleaved
- clk: fix a panic error caused by accessing NULL pointer
- ASoC: rockchip: disable clock on error
- spi: sun4i: disable clocks in the remove function
- xfrm: Fix stack-out-of-bounds with misconfigured transport mode policies.
- drm/armada: fix leak of crtc structure
- dmaengine: jz4740: disable/unprepare clk if probe fails
- mm/early_ioremap: Fix boot hang with earlyprintk=efi,keep
- x86/mm/kmmio: Fix mmiotrace for page unaligned addresses
- xen: XEN_ACPI_PROCESSOR is Dom0-only
- hippi: Fix a Fix a possible sleep-in-atomic bug in rr_close
- virtio_balloon: prevent uninitialized variable use
- isdn: icn: remove a #warning
- vmxnet3: prevent building with 64K pages
- [Config] ppc64el: Drop vmxnet3 module
- gpio: intel-mid: Fix build warning when !CONFIG_PM
- platform/x86: intel_mid_thermal: Fix suspend handlers unused warning
- video: fbdev: via: remove possibly unused variables
- scsi: advansys: fix build warning for PCI=n
- x86/ras/inject: Make it depend on X86_LOCAL_APIC=y
- arm64: define BUG() instruction without CONFIG_BUG
- x86/fpu/math-emu: Fix possible uninitialized variable use
- tools build: Add tools tree support for 'make -s'
- x86/build: Silence the build with "make -s"
- thermal: fix INTEL_SOC_DTS_IOSF_CORE dependencies
- x86: add MULTIUSER dependency for KVM
- x86/platform: Add PCI dependency for PUNIT_ATOM_DEBUG
- scsi: advansys: fix uninitialized data access
- arm64: Kconfig: select COMPAT_BINFMT_ELF only when BINFMT_ELF is set
- ALSA: hda/ca0132 - fix possible NULL pointer use
- reiserfs: avoid a -Wmaybe-uninitialized warning
- ssb: mark ssb_bus_register as __maybe_unused
- thermal: spear: use __maybe_unused for PM functions
- x86/boot: Avoid warning for zero-filling .bss
- scsi: sim710: fix build warning
- drivers/net: fix eisa_driver probe section mismatch
- dpt_i2o: fix build warning
- profile: hide unused functions when !CONFIG_PROC_FS
- md: avoid warning for 32-bit sector_t
- mtd: ichxrom: maybe-uninitialized with gcc-4.9
- mtd: maps: add __init attribute
- mptfusion: hide unused seq_mpt_print_ioc_summary function
- scsi: fdomain: drop fdomain_pci_tbl when built-in
- video: fbdev: sis: remove unused variable
- staging: ste_rmi4: avoid unused function warnings
- fbdev: sis: enforce selection of at least one backend
- video: Use bool instead int pointer for get_opt_bool() argument
- scsi: mvumi: use __maybe_unused to hide pm functions
- SCSI: initio: remove duplicate module device table
- pwc: hide unused label
- usb: musb/ux500: remove duplicate check for dma_is_compatible
- tty: hvc_xen: hide xen_console_remove when unused
- target/user: Fix cast from pointer to phys_addr_t
- driver-core: use 'dev' argument in dev_dbg_ratelimited stub
- fbdev: auo_k190x: avoid unused function warnings
- amd-xgbe: Fix unused suspend handlers build warning
- mtd: sh_flctl: pass FIFO as physical address
- mtd: cfi: enforce valid geometry configuration
- fbdev: s6e8ax0: avoid unused function warnings
- modsign: hide openssl output in silent builds
- fbdev: sm712fb: avoid unused function warnings
- hwrng: exynos - use __maybe_unused to hide pm functions
- USB: cdc_subset: only build when one driver is enabled
- [Config] Add CONFIG_USB_NET_CDC_SUBSET_ENABLE=m
- rtlwifi: fix gcc-6 indentation warning
- staging: wilc1000: fix kbuild test robot error
- x86/platform/olpc: Fix resume handler build warning
- netfilter: ipvs: avoid unused variable warnings
- ipv4: ipconfig: avoid unused ic_proto_used symbol
- tc1100-wmi: fix build warning when CONFIG_PM not enabled
- tlan: avoid unused label with PCI=n
- drm/vmwgfx: use *_32_bits() macros
- tty: cyclades: cyz_interrupt is only used for PCI
- genirq/msi: Add stubs for get_cached_msi_msg/pci_write_msi_msg
- ASoC: mediatek: add i2c dependency
- iio: adc: axp288: remove redundant duplicate const on axp288_adc_channels
- infiniband: cxgb4: use %pR format string for printing resources
- b2c2: flexcop: avoid unused function warnings
- i2c: remove __init from i2c_register_board_info()
- staging: unisys: visorinput depends on INPUT
- tc358743: fix register i2c_rd/wr functions
- drm/nouveau: hide gcc-4.9 -Wmaybe-uninitialized
- Input: tca8418_keypad - hide gcc-4.9 -Wmaybe-uninitialized warning
- KVM: add X86_LOCAL_APIC dependency
- go7007: add MEDIA_CAMERA_SUPPORT dependency
- em28xx: only use mt9v011 if camera support is enabled
- ISDN: eicon: reduce stack size of sig_ind function
- ASoC: rockchip: use __maybe_unused to hide st_irq_syscfg_resume
- serial: 8250_mid: fix broken DMA dependency
- drm/gma500: Sanity-check pipe index
- hdpvr: hide unused variable
- v4l: remove MEDIA_TUNER dependency for VIDEO_TUNER
- cw1200: fix bogus maybe-uninitialized warning
- wireless: cw1200: use __maybe_unused to hide pm functions_
- perf/x86: Shut up false-positive -Wmaybe-uninitialized warning
- dmaengine: zx: fix build warning
- net: hp100: remove unnecessary #ifdefs
- gpio: xgene: mark PM functions as __maybe_unused
- ncpfs: fix unused variable warning
- Revert "power: bq27xxx_battery: Remove unneeded dependency in Kconfig"
- power: bq27xxx_battery: mark some symbols __maybe_unused
- isdn: sc: work around type mismatch warning
- binfmt_elf: compat: avoid unused function warning
- idle: i7300: add PCI dependency
- usb: phy: msm add regulator dependency
- ncr5380: shut up gcc indentation warning
- ARM: tegra: select USB_ULPI from EHCI rather than platform
- ASoC: Intel: Kconfig: fix build when ACPI is not enabled
- netlink: fix nla_put_{u8,u16,u32} for KASAN
- dell-wmi, dell-laptop: depends DMI
- genksyms: Fix segfault with invalid declarations
- x86/microcode/AMD: Change load_microcode_amd()'s param to bool to fix
preemptibility bug
- drm/gma500: remove helper function
- kasan: rework Kconfig settings
- KVM: async_pf: Fix #DF due to inject "Page not Present" and "Page Ready"
exceptions simultaneously
- x86/retpoline: Remove the esp/rsp thunk
- module/retpoline: Warn about missing retpoline in module
- x86/nospec: Fix header guards names
- x86/bugs: Drop one "mitigation" from dmesg
- x86/cpu/bugs: Make retpoline module warning conditional
- x86/spectre: Check CONFIG_RETPOLINE in command line parser
- x86/spectre: Fix spelling mistake: "vunerable"-> "vulnerable"
- x86/paravirt: Remove 'noreplace-paravirt' cmdline option
- x86/retpoline: Avoid retpolines for built-in __init functions
- x86/spectre: Simplify spectre_v2 command line parsing
- x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL
- KVM: nVMX: kmap() can't fail
- KVM: nVMX: vmx_complete_nested_posted_interrupt() can't fail
- kvm: nVMX: Fix kernel panics induced by illegal INVEPT/INVVPID types
- KVM: VMX: clean up declaration of VPID/EPT invalidation types
- KVM: nVMX: invvpid handling improvements
- crypto: s5p-sss - Fix kernel Oops in AES-ECB mode
- net: dst_cache_per_cpu_dst_set() can be static
- ARM: omap2: hide omap3_save_secure_ram on non-OMAP3 builds
- Linux 4.4.118
* ibrs/ibpb fixes result in excessive kernel logging (LP: #1755627)
- SAUCE: remove ibrs_dump sysctl interface
-- Khalid Elmously <email address hidden> Thu, 10 May 2018 04:27:35 +0000
-
linux-aws (4.4.0-1019.19) trusty; urgency=medium
[ Ubuntu: 4.4.0-124.148 ]
* CVE-2018-8897
- x86/entry/64: Don't use IST entry for #BP stack
* CVE-2018-1087
- kvm/x86: fix icebp instruction handling
* CVE-2018-1000199
- perf/hwbp: Simplify the perf-hwbp code, fix documentation
[ Ubuntu: 4.4.0-122.146 ]
* linux: 4.4.0-122.146 -proposed tracker (LP: #1766264)
* Redpine: WiFi scan stopping issue observed with BLE (LP: #1757435)
- SAUCE: Redpine: resolve wifi scan stop issue in stress tests
[ Ubuntu: 4.4.0-121.145 ]
* linux: 4.4.0-121.145 -proposed tracker (LP: #1763687)
* Ubuntu-4.4.0-120.144 fails to boot on arm64* hardware (LP: #1763644)
- [Config] arm64: disable BPF_JIT_ALWAYS_ON
-- Stefan Bader <email address hidden> Thu, 03 May 2018 16:13:29 +0200
-
linux-aws (4.4.0-1018.18) trusty; urgency=medium
* linux-aws: 4.4.0-1018.18 -proposed tracker (LP: #1766605)
* Xenial update to 4.4.118 stable release (LP: #1756866)
- [Config] Update config with stable changes
* Xenial update to 4.4.115 stable release (LP: #1755509)
- aws: [Config] CONFIG_BPF_JIT_ALWAYS_ON=y
[ Ubuntu: 4.4.0-123.147 ]
* linux: 4.4.0-123.147 -proposed tracker (LP: #1766604)
* Unable to insert test_bpf module on Xenial (LP: #1765698)
- bpf: fix selftests/bpf test_kmod.sh failure when CONFIG_BPF_JIT_ALWAYS_ON=y
- test_bpf: Fix testing with CONFIG_BPF_JIT_ALWAYS_ON=y on other arches
* virtio_scsi race can corrupt memory, panic kernel (LP: #1765241)
- SAUCE: (no-up) virtio-scsi: Fix race in target free
* bpf_map_lookup_elem: BUG: unable to handle kernel paging request
(LP: #1763454) // CVE-2017-17862
- SAUCE: Add missing hunks from "bpf: fix branch pruning logic"
* Xenial: rfkill: fix missing return on rfkill_init (LP: #1764810)
- rfkill: fix missing return on rfkill_init
* "ip a" command on a guest VM shows UNKNOWN status (LP: #1761534)
- virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS
* Xenial update to 4.4.128 stable release (LP: #1765010)
- cfg80211: make RATE_INFO_BW_20 the default
- md/raid5: make use of spin_lock_irq over local_irq_disable + spin_lock
- rtc: snvs: fix an incorrect check of return value
- x86/asm: Don't use RBP as a temporary register in
csum_partial_copy_generic()
- NFSv4.1: RECLAIM_COMPLETE must handle NFS4ERR_CONN_NOT_BOUND_TO_SESSION
- IB/srpt: Fix abort handling
- af_key: Fix slab-out-of-bounds in pfkey_compile_policy.
- mac80211: bail out from prep_connection() if a reconfig is ongoing
- bna: Avoid reading past end of buffer
- qlge: Avoid reading past end of buffer
- ipmi_ssif: unlock on allocation failure
- net: cdc_ncm: Fix TX zero padding
- net: ethernet: ti: cpsw: adjust cpsw fifos depth for fullduplex flow control
- lockd: fix lockd shutdown race
- drivers/misc/vmw_vmci/vmci_queue_pair.c: fix a couple integer overflow tests
- pidns: disable pid allocation if pid_ns_prepare_proc() is failed in
alloc_pid()
- s390: move _text symbol to address higher than zero
- net/mlx4_en: Avoid adding steering rules with invalid ring
- NFSv4.1: Work around a Linux server bug...
- CIFS: silence lockdep splat in cifs_relock_file()
- net: qca_spi: Fix alignment issues in rx path
- netxen_nic: set rcode to the return status from the call to netxen_issue_cmd
- Input: elan_i2c - check if device is there before really probing
- Input: elantech - force relative mode on a certain module
- KVM: PPC: Book3S PR: Check copy_to/from_user return values
- vmxnet3: ensure that adapter is in proper state during force_close
- SMB2: Fix share type handling
- bus: brcmstb_gisb: Use register offsets with writes too
- bus: brcmstb_gisb: correct support for 64-bit address output
- PowerCap: Fix an error code in powercap_register_zone()
- ARM: dts: imx53-qsrb: Pulldown PMIC IRQ pin
- staging: wlan-ng: prism2mgmt.c: fixed a double endian conversion before
calling hfa384x_drvr_setconfig16, also fixes relative sparse warning
- x86/tsc: Provide 'tsc=unstable' boot parameter
- ARM: dts: imx6qdl-wandboard: Fix audio channel swap
- ipv6: avoid dad-failures for addresses with NODAD
- async_tx: Fix DMA_PREP_FENCE usage in do_async_gen_syndrome()
- usb: dwc3: keystone: check return value
- btrfs: fix incorrect error return ret being passed to mapping_set_error
- ata: libahci: properly propagate return value of platform_get_irq()
- neighbour: update neigh timestamps iff update is effective
- arp: honour gratuitous ARP _replies_
- usb: chipidea: properly handle host or gadget initialization failure
- USB: ene_usb6250: fix first command execution
- net: x25: fix one potential use-after-free issue
- USB: ene_usb6250: fix SCSI residue overwriting
- serial: 8250: omap: Disable DMA for console UART
- serial: sh-sci: Fix race condition causing garbage during shutdown
- sh_eth: Use platform device for printing before register_netdev()
- scsi: csiostor: fix use after free in csio_hw_use_fwconfig()
- powerpc/mm: Fix virt_addr_valid() etc. on 64-bit hash
- ath5k: fix memory leak on buf on failed eeprom read
- selftests/powerpc: Fix TM resched DSCR test with some compilers
- xfrm: fix state migration copy replay sequence numbers
- iio: hi8435: avoid garbage event at first enable
- iio: hi8435: cleanup reset gpio
- ext4: handle the rest of ext4_mb_load_buddy() ENOMEM errors
- md-cluster: fix potential lock issue in add_new_disk
- ARM: davinci: da8xx: Create DSP device only when assigned memory
- ray_cs: Avoid reading past end of buffer
- leds: pca955x: Correct I2C Functionality
- sched/numa: Use down_read_trylock() for the mmap_sem
- net/mlx5: Tolerate irq_set_affinity_hint() failures
- selinux: do not check open permission on sockets
- block: fix an error code in add_partition()
- mlx5: fix bug reading rss_hash_type from CQE
- net: ieee802154: fix net_device reference release too early
- libceph: NULL deref on crush_decode() error path
- netfilter: ctnetlink: fix incorrect nf_ct_put during hash resize
- pNFS/flexfiles: missing error code in ff_layout_alloc_lseg()
- ASoC: rsnd: SSI PIO adjust to 24bit mode
- scsi: bnx2fc: fix race condition in bnx2fc_get_host_stats()
- fix race in drivers/char/random.c:get_reg()
- ext4: fix off-by-one on max nr_pages in ext4_find_unwritten_pgoff()
- tcp: better validation of received ack sequences
- net: move somaxconn init from sysctl code
- Input: elan_i2c - clear INT before resetting controller
- bonding: Don't update slave->link until ready to commit
- KVM: nVMX: Fix handling of lmsw instruction
- net: llc: add lock_sock in llc_ui_bind to avoid a race condition
- ARM: dts: ls1021a: add "fsl,ls1021a-esdhc" compatible string to esdhc node
- thermal: power_allocator: fix one race condition issue for thermal_instances
list
- perf probe: Add warning message if there is unexpected event name
- l2tp: fix missing print session offset info
- rds; Reset rs->rs_bound_addr in rds_add_bound() failure path
- hwmon: (ina2xx) Make calibration register value fixed
- media: videobuf2-core: don't go out of the buffer range
- ASoC: Intel: cht_bsw_rt5645: Analog Mic support
- scsi: mpt3sas: Proper handling of set/clear of "ATA command pending" flag.
- vfb: fix video mode and line_length being set when loaded
- gpio: label descriptors using the device name
- ASoC: Intel: sst: Fix the return value of 'sst_send_byte_stream_mrfld()'
- wl1251: check return from call to wl1251_acx_arp_ip_filter
- hdlcdrv: Fix divide by zero in hdlcdrv_ioctl
- ovl: filter trusted xattr for non-admin
- powerpc/[booke|4xx]: Don't clobber TCR[WP] when setting TCR[DIE]
- dmaengine: imx-sdma: Handle return value of clk_prepare_enable
- arm64: futex: Fix undefined behaviour with FUTEX_OP_OPARG_SHIFT usage
- net/mlx5: avoid build warning for uniprocessor
- cxgb4: FW upgrade fixes
- rtc: opal: Handle disabled TPO in opal_get_tpo_time()
- rtc: interface: Validate alarm-time before handling rollover
- SUNRPC: ensure correct error is reported by xs_tcp_setup_socket()
- net: freescale: fix potential null pointer dereference
- KVM: SVM: do not zero out segment attributes if segment is unusable or not
present
- clk: scpi: fix return type of __scpi_dvfs_round_rate
- clk: Fix __set_clk_rates error print-string
- powerpc/spufs: Fix coredump of SPU contexts
- perf trace: Add mmap alias for s390
- qlcnic: Fix a sleep-in-atomic bug in qlcnic_82xx_hw_write_wx_2M and
qlcnic_82xx_hw_read_wx_2M
- mISDN: Fix a sleep-in-atomic bug
- drm/omap: fix tiled buffer stride calculations
- cxgb4: fix incorrect cim_la output for T6
- Fix serial console on SNI RM400 machines
- bio-integrity: Do not allocate integrity context for bio w/o data
- skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow
- sit: reload iphdr in ipip6_rcv
- net/mlx4: Fix the check in attaching steering rules
- net/mlx4: Check if Granular QoS per VF has been enabled before updating QP
qos_vport
- perf header: Set proper module name when build-id event found
- perf report: Ensure the perf DSO mapping matches what libdw sees
- tags: honor COMPILED_SOURCE with apart output directory
- e1000e: fix race condition around skb_tstamp_tx()
- cx25840: fix unchecked return values
- mceusb: sporadic RX truncation corruption fix
- net: phy: avoid genphy_aneg_done() for PHYs without clause 22 support
- ARM: imx: Add MXC_CPU_IMX6ULL and cpu_is_imx6ull
- e1000e: Undo e1000e_pm_freeze if __e1000_shutdown fails
- perf/core: Correct event creation with PERF_FORMAT_GROUP
- MIPS: mm: fixed mappings: correct initialisation
- MIPS: mm: adjust PKMAP location
- MIPS: kprobes: flush_insn_slot should flush only if probe initialised
- Fix loop device flush before configure v3
- net: emac: fix reset timeout with AR8035 phy
- skbuff: only inherit relevant tx_flags
- xen: avoid type warning in xchg_xen_ulong
- bnx2x: Allow vfs to disable txvlan offload
- sctp: fix recursive locking warning in sctp_do_peeloff
- sparc64: ldc abort during vds iso boot
- iio: magnetometer: st_magn_spi: fix spi_device_id table
- Bluetooth: Send HCI Set Event Mask Page 2 command only when needed
- cpuidle: dt: Add missing 'of_node_put()'
- ACPICA: Events: Add runtime stub support for event APIs
- ACPICA: Disassembler: Abort on an invalid/unknown AML opcode
- s390/dasd: fix hanging safe offline
- vxlan: dont migrate permanent fdb entries during learn
- bcache: stop writeback thread after detaching
- bcache: segregate flash only volume write streams
- scsi: libsas: fix memory leak in sas_smp_get_phy_events()
- scsi: libsas: fix error when getting phy events
- scsi: libsas: initialize sas_phy status according to response of DISCOVER
- blk-mq: fix kernel oops in blk_mq_tag_idle()
- tty: n_gsm: Allow ADM response in addition to UA for control dlci
- EDAC, mv64x60: Fix an error handling path
- cxgb4vf: Fix SGE FL buffer initialization logic for 64K pages
- perf tools: Fix copyfile_offset update of output offset
- ipsec: check return value of skb_to_sgvec always
- rxrpc: check return value of skb_to_sgvec always
- virtio_net: check return value of skb_to_sgvec always
- virtio_net: check return value of skb_to_sgvec in one more location
- random: use lockless method of accessing and updating f->reg_idx
- futex: Remove requirement for lock_page() in get_futex_key()
- Kbuild: provide a __UNIQUE_ID for clang
- arp: fix arp_filter on l3slave devices
- net: fix possible out-of-bound read in skb_network_protocol()
- net/ipv6: Fix route leaking between VRFs
- netlink: make sure nladdr has correct size in netlink_connect()
- net/sched: fix NULL dereference in the error path of tcf_bpf_init()
- pptp: remove a buggy dst release in pptp_connect()
- sctp: do not leak kernel memory to user space
- sctp: sctp_sockaddr_af must check minimal addr length for AF_INET6
- vhost: correctly remove wait queue during poll failure
- vlan: also check phy_driver ts_info for vlan's real device
- bonding: fix the err path for dev hwaddr sync in bond_enslave
- bonding: move dev_mc_sync after master_upper_dev_link in bond_enslave
- bonding: process the err returned by dev_set_allmulti properly in
bond_enslave
- net: fool proof dev_valid_name()
- ip_tunnel: better validate user provided tunnel names
- ipv6: sit: better validate user provided tunnel names
- ip6_gre: better validate user provided tunnel names
- ip6_tunnel: better validate user provided tunnel names
- vti6: better validate user provided tunnel names
- r8169: fix setting driver_data after register_netdev
- net sched actions: fix dumping which requires several messages to user space
- net/ipv6: Increment OUTxxx counters after netfilter hook
- ipv6: the entire IPv6 header chain must fit the first fragment
- vrf: Fix use after free and double free in vrf_finish_output
- Revert "xhci: plat: Register shutdown for xhci_plat"
- Linux 4.4.128
* sky2 gigabit ethernet driver sometimes stops working after lid-open resume
from sleep (88E8055) (LP: #1758507) // Xenial update to 4.4.128 stable
release (LP: #1765010)
- sky2: Increase D3 delay to sky2 stops working after suspend
* Xenial update to 4.4.127 stable release (LP: #1765007)
- mtd: jedec_probe: Fix crash in jedec_read_mfr()
- ALSA: pcm: Use dma_bytes as size parameter in dma_mmap_coherent()
- ALSA: pcm: potential uninitialized return values
- perf/hwbp: Simplify the perf-hwbp code, fix documentation
- partitions/msdos: Unable to mount UFS 44bsd partitions
- usb: gadget: define free_ep_req as universal function
- usb: gadget: change len to size_t on alloc_ep_req()
- usb: gadget: fix usb_ep_align_maybe endianness and new usb_ep_align
- usb: gadget: align buffer size when allocating for OUT endpoint
- usb: gadget: f_hid: fix: Prevent accessing released memory
- kprobes/x86: Fix to set RWX bits correctly before releasing trampoline
- ACPI, PCI, irq: remove redundant check for null string pointer
- writeback: fix the wrong congested state variable definition
- PCI: Make PCI_ROM_ADDRESS_MASK a 32-bit constant
- dm ioctl: remove double parentheses
- Input: mousedev - fix implicit conversion warning
- netfilter: nf_nat_h323: fix logical-not-parentheses warning
- genirq: Use cpumask_available() for check of cpumask variable
- cpumask: Add helper cpumask_available()
- selinux: Remove unnecessary check of array base in selinux_set_mapping()
- fs: compat: Remove warning from COMPATIBLE_IOCTL
- jiffies.h: declare jiffies and jiffies_64 with ____cacheline_aligned_in_smp
- frv: declare jiffies to be located in the .data section
- audit: add tty field to LOGIN event
- tty: provide tty_name() even without CONFIG_TTY
- netfilter: ctnetlink: Make some parameters integer to avoid enum mismatch
- selinux: Remove redundant check for unknown labeling behavior
- arm64: avoid overflow in VA_START and PAGE_OFFSET
- xfrm_user: uncoditionally validate esn replay attribute struct
- RDMA/ucma: Check AF family prior resolving address
- RDMA/ucma: Fix use-after-free access in ucma_close
- RDMA/ucma: Ensure that CM_ID exists prior to access it
- RDMA/ucma: Check that device is connected prior to access it
- RDMA/ucma: Check that device exists prior to accessing it
- RDMA/ucma: Don't allow join attempts for unsupported AF family
- RDMA/ucma: Introduce safer rdma_addr_size() variants
- net: xfrm: use preempt-safe this_cpu_read() in ipcomp_alloc_tfms()
- xfrm: Refuse to insert 32 bit userspace socket policies on 64 bit systems
- netfilter: bridge: ebt_among: add more missing match size checks
- netfilter: x_tables: add and use xt_check_proc_name
- Bluetooth: Fix missing encryption refresh on Security Request
- llist: clang: introduce member_address_is_nonnull()
- scsi: virtio_scsi: always read VPD pages for multiqueue too
- usb: dwc2: Improve gadget state disconnection handling
- USB: serial: ftdi_sio: add RT Systems VX-8 cable
- USB: serial: ftdi_sio: add support for Harman FirmwareHubEmulator
- USB: serial: cp210x: add ELDAT Easywave RX09 id
- mei: remove dev_err message on an unsupported ioctl
- media: usbtv: prevent double free in error case
- parport_pc: Add support for WCH CH382L PCI-E single parallel port card.
- crypto: ahash - Fix early termination in hash walk
- crypto: x86/cast5-avx - fix ECB encryption when long sg follows short one
- fs/proc: Stop trying to report thread stacks
- staging: comedi: ni_mio_common: ack ai fifo error interrupts.
- Input: i8042 - add Lenovo ThinkPad L460 to i8042 reset list
- Input: i8042 - enable MUX on Sony VAIO VGN-CS series to fix touchpad
- vt: change SGR 21 to follow the standards
- Documentation: pinctrl: palmas: Add ti,palmas-powerhold-override property
definition
- ARM: dts: dra7: Add power hold and power controller properties to palmas
- ARM: dts: am57xx-beagle-x15-common: Add overide powerhold property
- md/raid10: reset the 'first' at the end of loop
- net: hns: Fix ethtool private flags
- Revert "PCI/MSI: Stop disabling MSI/MSI-X in pci_device_shutdown()"
- Revert "ARM: dts: am335x-pepper: Fix the audio CODEC's reset pin"
- Revert "ARM: dts: omap3-n900: Fix the audio CODEC's reset pin"
- Revert "cpufreq: Fix governor module removal race"
- Revert "mtip32xx: use runtime tag to initialize command header"
- spi: davinci: fix up dma_mapping_error() incorrect patch
- net: cavium: liquidio: fix up "Avoid dma_unmap_single on uninitialized
ndata"
- Revert "ip6_vti: adjust vti mtu according to mtu of lower device"
- Linux 4.4.127
* Xenial update to 4.4.126 stable release (LP: #1764999)
- scsi: sg: don't return bogus Sg_requests
- Revert "genirq: Use irqd_get_trigger_type to compare the trigger type for
shared IRQs"
- net: Fix hlist corruptions in inet_evict_bucket()
- dccp: check sk for closed state in dccp_sendmsg()
- ipv6: fix access to non-linear packet in ndisc_fill_redirect_hdr_option()
- l2tp: do not accept arbitrary sockets
- net: ethernet: arc: Fix a potential memory leak if an optional regulator is
deferred
- net: ethernet: ti: cpsw: add check for in-band mode setting with RGMII PHY
interface
- net/iucv: Free memory obtained by kzalloc
- netlink: avoid a double skb free in genlmsg_mcast()
- net: Only honor ifindex in IP_PKTINFO if non-0
- skbuff: Fix not waking applications when errors are enqueued
- team: Fix double free in error path
- s390/qeth: free netdevice when removing a card
- s390/qeth: when thread completes, wake up all waiters
- s390/qeth: lock read device while queueing next buffer
- s390/qeth: on channel error, reject further cmd requests
- ieee802154: 6lowpan: fix possible NULL deref in lowpan_device_event()
- net: fec: Fix unbalanced PM runtime calls
- net: systemport: Rewrite __bcm_sysport_tx_reclaim()
- Linux 4.4.126
* Xenial update to 4.4.125 stable release (LP: #1764973)
- MIPS: ralink: Remove ralink_halt()
- iio: st_pressure: st_accel: pass correct platform data to init
- ALSA: usb-audio: Fix parsing descriptor of UAC2 processing unit
- ALSA: aloop: Sync stale timer before release
- ALSA: aloop: Fix access to not-yet-ready substream via cable
- ALSA: hda/realtek - Always immediately update mute LED with pin VREF
- mmc: dw_mmc: fix falling from idmac to PIO mode when dw_mci_reset occurs
- PCI: Add function 1 DMA alias quirk for Highpoint RocketRAID 644L
- ahci: Add PCI-id for the Highpoint Rocketraid 644L card
- clk: bcm2835: Protect sections updating shared registers
- Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174
- libata: fix length validation of ATAPI-relayed SCSI commands
- libata: remove WARN() for DMA or PIO command without data
- libata: Apply NOLPM quirk to Crucial MX100 512GB SSDs
- libata: Enable queued TRIM for Samsung SSD 860
- libata: Apply NOLPM quirk to Crucial M500 480 and 960GB SSDs
- libata: Make Crucial BX100 500GB LPM quirk apply to all firmware versions
- libata: Modify quirks for MX100 to limit NCQ_TRIM quirk to MU01 version
- mm/vmalloc: add interfaces to free unmapped page table
- x86/mm: implement free pmd/pte page interfaces
- drm/vmwgfx: Fix a destoy-while-held mutex problem.
- drm/radeon: Don't turn off DP sink when disconnected
- drm: udl: Properly check framebuffer mmap offsets
- acpi, numa: fix pxm to online numa node associations
- brcmfmac: fix P2P_DEVICE ethernet address generation
- rtlwifi: rtl8723be: Fix loss of signal
- tracing: probeevent: Fix to support minus offset from symbol
- mtd: nand: fsl_ifc: Fix nand waitfunc return value
- staging: ncpfs: memory corruption in ncp_read_kernel()
- can: cc770: Fix stalls on rt-linux, remove redundant IRQ ack
- can: cc770: Fix queue stall & dropped RTR reply
- can: cc770: Fix use after free in cc770_tx_interrupt()
- tty: vt: fix up tabstops properly
- kvm/x86: fix icebp instruction handling
- x86/build/64: Force the linker to use 2MB page size
- x86/boot/64: Verify alignment of the LOAD segment
- x86/entry/64: Don't use IST entry for #BP stack
- perf/x86/intel: Don't accidentally clear high bits in bdw_limit_period()
- staging: lustre: ptlrpc: kfree used instead of kvfree
- kbuild: disable clang's default use of -fmerge-all-constants
- bpf: skip unnecessary capability check
- bpf, x64: increase number of passes
- Linux 4.4.125
* System fails to start (boot) on battery due to read-only root file-system
(LP: #1726930) // Xenial update to 4.4.125 stable release (LP: #1764973)
- libata: disable LPM for Crucial BX100 SSD 500GB drive
* Xenial update to 4.4.124 stable release (LP: #1764762)
- tpm: fix potential buffer overruns caused by bit glitches on the bus
- tpm_tis: fix potential buffer overruns caused by bit glitches on the bus
- staging: android: ashmem: Fix possible deadlock in ashmem_ioctl
- platform/x86: asus-nb-wmi: Add wapf4 quirk for the X302UA
- regulator: anatop: set default voltage selector for pcie
- x86: i8259: export legacy_pic symbol
- rtc: cmos: Do not assume irq 8 for rtc when there are no legacy irqs
- Input: ar1021_i2c - fix too long name in driver's device table
- time: Change posix clocks ops interfaces to use timespec64
- ACPI/processor: Fix error handling in __acpi_processor_start()
- ACPI/processor: Replace racy task affinity logic
- cpufreq/sh: Replace racy task affinity logic
- genirq: Use irqd_get_trigger_type to compare the trigger type for shared
IRQs
- i2c: i2c-scmi: add a MS HID
- net: ipv6: send unsolicited NA on admin up
- media/dvb-core: Race condition when writing to CAM
- spi: dw: Disable clock after unregistering the host
- ath: Fix updating radar flags for coutry code India
- clk: ns2: Correct SDIO bits
- scsi: virtio_scsi: Always try to read VPD pages
- KVM: PPC: Book3S PR: Exit KVM on failed mapping
- ARM: 8668/1: ftrace: Fix dynamic ftrace with DEBUG_RODATA and !FRAME_POINTER
- iommu/omap: Register driver before setting IOMMU ops
- md/raid10: wait up frozen array in handle_write_completed
- NFS: Fix missing pg_cleanup after nfs_pageio_cond_complete()
- tcp: remove poll() flakes with FastOpen
- e1000e: fix timing for 82579 Gigabit Ethernet controller
- ALSA: hda - Fix headset microphone detection for ASUS N551 and N751
- IB/ipoib: Fix deadlock between ipoib_stop and mcast join flow
- IB/ipoib: Update broadcast object if PKey value was changed in index 0
- HSI: ssi_protocol: double free in ssip_pn_xmit()
- IB/mlx4: Take write semaphore when changing the vma struct
- IB/mlx4: Change vma from shared to private
- ASoC: Intel: Skylake: Uninitialized variable in probe_codec()
- Fix driver usage of 128B WQEs when WQ_CREATE is V1.
- netfilter: xt_CT: fix refcnt leak on error path
- openvswitch: Delete conntrack entry clashing with an expectation.
- mmc: host: omap_hsmmc: checking for NULL instead of IS_ERR()
- wan: pc300too: abort path on failure
- qlcnic: fix unchecked return value
- scsi: mac_esp: Replace bogus memory barrier with spinlock
- infiniband/uverbs: Fix integer overflows
- NFS: don't try to cross a mountpount when there isn't one there.
- Revert "UBUNTU: SAUCE: (no-up) iio: st_pressure: st_accel: Initialise sensor
platform data properly"
- iio: st_pressure: st_accel: Initialise sensor platform data properly
- mt7601u: check return value of alloc_skb
- rndis_wlan: add return value validation
- Btrfs: send, fix file hole not being preserved due to inline extent
- mac80211: don't parse encrypted management frames in ieee80211_frame_acked
- mfd: palmas: Reset the POWERHOLD mux during power off
- mtip32xx: use runtime tag to initialize command header
- staging: unisys: visorhba: fix s-Par to boot with option CONFIG_VMAP_STACK
set to y
- staging: wilc1000: fix unchecked return value
- mmc: sdhci-of-esdhc: limit SD clock for ls1012a/ls1046a
- ARM: DRA7: clockdomain: Change the CLKTRCTRL of CM_PCIE_CLKSTCTRL to SW_WKUP
- ipmi/watchdog: fix wdog hang on panic waiting for ipmi response
- ACPI / PMIC: xpower: Fix power_table addresses
- drm/nouveau/kms: Increase max retries in scanout position queries.
- bnx2x: Align RX buffers
- power: supply: pda_power: move from timer to delayed_work
- Input: twl4030-pwrbutton - use correct device for irq request
- md/raid10: skip spare disk as 'first' disk
- ia64: fix module loading for gcc-5.4
- tcm_fileio: Prevent information leak for short reads
- video: fbdev: udlfb: Fix buffer on stack
- sm501fb: don't return zero on failure path in sm501fb_start()
- net: hns: fix ethtool_get_strings overflow in hns driver
- cifs: small underflow in cnvrtDosUnixTm()
- rtc: ds1374: wdt: Fix issue with timeout scaling from secs to wdt ticks
- rtc: ds1374: wdt: Fix stop/start ioctl always returning -EINVAL
- perf tests kmod-path: Don't fail if compressed modules aren't supported
- Bluetooth: hci_qca: Avoid setup failure on missing rampatch
- media: c8sectpfe: fix potential NULL pointer dereference in
c8sectpfe_timer_interrupt
- drm/msm: fix leak in failed get_pages
- RDMA/iwpm: Fix uninitialized error code in iwpm_send_mapinfo()
- rtlwifi: rtl_pci: Fix the bug when inactiveps is enabled.
- media: bt8xx: Fix err 'bt878_probe()'
- media: [RESEND] media: dvb-frontends: Add delay to Si2168 restart
- cros_ec: fix nul-termination for firmware build info
- platform/chrome: Use proper protocol transfer function
- mmc: avoid removing non-removable hosts during suspend
- IB/ipoib: Avoid memory leak if the SA returns a different DGID
- RDMA/cma: Use correct size when writing netlink stats
- IB/umem: Fix use of npages/nmap fields
- vgacon: Set VGA struct resource types
- drm/omap: DMM: Check for DMM readiness after successful transaction commit
- pty: cancel pty slave port buf's work in tty_release
- coresight: Fix disabling of CoreSight TPIU
- pinctrl: Really force states during suspend/resume
- iommu/vt-d: clean up pr_irq if request_threaded_irq fails
- ip6_vti: adjust vti mtu according to mtu of lower device
- RDMA/ocrdma: Fix permissions for OCRDMA_RESET_STATS
- nfsd4: permit layoutget of executable-only files
- clk: si5351: Rename internal plls to avoid name collisions
- dmaengine: ti-dma-crossbar: Fix event mapping for TPCC_EVT_MUX_60_63
- RDMA/ucma: Fix access to non-initialized CM_ID object
- Linux 4.4.124
* Xenial update to 4.4.123 stable release (LP: #1764666)
- blkcg: fix double free of new_blkg in blkcg_init_queue
- Input: tsc2007 - check for presence and power down tsc2007 during probe
- staging: speakup: Replace BUG_ON() with WARN_ON().
- staging: wilc1000: add check for kmalloc allocation failure.
- HID: reject input outside logical range only if null state is set
- drm: qxl: Don't alloc fbdev if emulation is not supported
- ath10k: fix a warning during channel switch with multiple vaps
- PCI/MSI: Stop disabling MSI/MSI-X in pci_device_shutdown()
- selinux: check for address length in selinux_socket_bind()
- perf sort: Fix segfault with basic block 'cycles' sort dimension
- i40e: Acquire NVM lock before reads on all devices
- i40e: fix ethtool to get EEPROM data from X722 interface
- perf tools: Make perf_event__synthesize_mmap_events() scale
- drivers: net: xgene: Fix hardware checksum setting
- drm: Defer disabling the vblank IRQ until the next interrupt (for instant-
off)
- ath10k: disallow DFS simulation if DFS channel is not enabled
- perf probe: Return errno when not hitting any event
- HID: clamp input to logical range if no null state
- net/8021q: create device with all possible features in wanted_features
- ARM: dts: Adjust moxart IRQ controller and flags
- batman-adv: handle race condition for claims between gateways
- of: fix of_device_get_modalias returned length when truncating buffers
- solo6x10: release vb2 buffers in solo_stop_streaming()
- scsi: ipr: Fix missed EH wakeup
- media: i2c/soc_camera: fix ov6650 sensor getting wrong clock
- timers, sched_clock: Update timeout for clock wrap
- sysrq: Reset the watchdog timers while displaying high-resolution timers
- Input: qt1070 - add OF device ID table
- sched: act_csum: don't mangle TCP and UDP GSO packets
- ASoC: rcar: ssi: don't set SSICR.CKDV = 000 with SSIWSR.CONT
- spi: omap2-mcspi: poll OMAP2_MCSPI_CHSTAT_RXS for PIO transfer
- tcp: sysctl: Fix a race to avoid unexpected 0 window from space
- dmaengine: imx-sdma: add 1ms delay to ensure SDMA channel is stopped
- driver: (adm1275) set the m,b and R coefficients correctly for power
- mm: Fix false-positive VM_BUG_ON() in page_cache_{get,add}_speculative()
- blk-throttle: make sure expire time isn't too big
- f2fs: relax node version check for victim data in gc
- bonding: refine bond_fold_stats() wrap detection
- braille-console: Fix value returned by _braille_console_setup
- drm/vmwgfx: Fixes to vmwgfx_fb
- vxlan: vxlan dev should inherit lowerdev's gso_max_size
- NFC: nfcmrvl: Include unaligned.h instead of access_ok.h
- NFC: nfcmrvl: double free on error path
- ARM: dts: r8a7790: Correct parent of SSI[0-9] clocks
- ARM: dts: r8a7791: Correct parent of SSI[0-9] clocks
- powerpc: Avoid taking a data miss on every userspace instruction miss
- net/faraday: Add missing include of of.h
- ARM: dts: koelsch: Correct clock frequency of X2 DU clock input
- reiserfs: Make cancel_old_flush() reliable
- ALSA: firewire-digi00x: handle all MIDI messages on streaming packets
- fm10k: correctly check if interface is removed
- apparmor: Make path_max parameter readonly
- iommu/iova: Fix underflow bug in __alloc_and_insert_iova_range
- video: ARM CLCD: fix dma allocation size
- drm/radeon: Fail fb creation from imported dma-bufs.
- drm/amdgpu: Fail fb creation from imported dma-bufs. (v2)
- coresight: Fixes coresight DT parse to get correct output port ID.
- MIPS: BPF: Quit clobbering callee saved registers in JIT code.
- MIPS: BPF: Fix multiple problems in JIT skb access helpers.
- MIPS: r2-on-r6-emu: Fix BLEZL and BGTZL identification
- MIPS: r2-on-r6-emu: Clear BLTZALL and BGEZALL debugfs counters
- regulator: isl9305: fix array size
- md/raid6: Fix anomily when recovering a single device in RAID6.
- usb: dwc2: Make sure we disconnect the gadget state
- usb: gadget: dummy_hcd: Fix wrong power status bit clear/reset in
dummy_hub_control()
- drivers/perf: arm_pmu: handle no platform_device
- perf inject: Copy events when reordering events in pipe mode
- perf session: Don't rely on evlist in pipe mode
- scsi: sg: check for valid direction before starting the request
- scsi: sg: close race condition in sg_remove_sfp_usercontext()
- kprobes/x86: Fix kprobe-booster not to boost far call instructions
- kprobes/x86: Set kprobes pages read-only
- pwm: tegra: Increase precision in PWM rate calculation
- wil6210: fix memory access violation in wil_memcpy_from/toio_32
- drm/edid: set ELD connector type in drm_edid_to_eld()
- video/hdmi: Allow "empty" HDMI infoframes
- HID: elo: clear BTN_LEFT mapping
- ARM: dts: exynos: Correct Trats2 panel reset line
- sched: Stop switched_to_rt() from sending IPIs to offline CPUs
- sched: Stop resched_cpu() from sending IPIs to offline CPUs
- test_firmware: fix setting old custom fw path back on exit
- net: xfrm: allow clearing socket xfrm policies.
- mtd: nand: fix interpretation of NAND_CMD_NONE in nand_command[_lp]()
- ARM: dts: am335x-pepper: Fix the audio CODEC's reset pin
- ARM: dts: omap3-n900: Fix the audio CODEC's reset pin
- ath10k: update tdls teardown state to target
- cpufreq: Fix governor module removal race
- clk: qcom: msm8916: fix mnd_width for codec_digcodec
- ath10k: fix invalid STS_CAP_OFFSET_MASK
- tools/usbip: fixes build with musl libc toolchain
- spi: sun6i: disable/unprepare clocks on remove
- scsi: core: scsi_get_device_flags_keyed(): Always return device flags
- scsi: devinfo: apply to HP XP the same flags as Hitachi VSP
- scsi: dh: add new rdac devices
- media: cpia2: Fix a couple off by one bugs
- veth: set peer GSO values
- drm/amdkfd: Fix memory leaks in kfd topology
- agp/intel: Flush all chipset writes after updating the GGTT
- mac80211_hwsim: enforce PS_MANUAL_POLL to be set after PS_ENABLED
- mac80211: remove BUG() when interface type is invalid
- ASoC: nuc900: Fix a loop timeout test
- ipvlan: add L2 check for packets arriving via virtual devices
- rcutorture/configinit: Fix build directory error message
- ima: relax requiring a file signature for new files with zero length
- selftests/x86/entry_from_vm86: Exit with 1 if we fail
- selftests/x86: Add tests for User-Mode Instruction Prevention
- selftests/x86: Add tests for the STR and SLDT instructions
- selftests/x86/entry_from_vm86: Add test cases for POPF
- x86/vm86/32: Fix POPF emulation
- x86/mm: Fix vmalloc_fault to use pXd_large
- ALSA: pcm: Fix UAF in snd_pcm_oss_get_formats()
- ALSA: hda - Revert power_save option default value
- ALSA: seq: Fix possible UAF in snd_seq_check_queue()
- ALSA: seq: Clear client entry before deleting else at closing
- drm/amdgpu/dce: Don't turn off DP sink when disconnected
- fs: Teach path_connected to handle nfs filesystems with multiple roots.
- lock_parent() needs to recheck if dentry got __dentry_kill'ed under it
- fs/aio: Add explicit RCU grace period when freeing kioctx
- fs/aio: Use RCU accessors for kioctx_table->table[]
- irqchip/gic-v3-its: Ensure nr_ites >= nr_lpis
- scsi: sg: fix SG_DXFER_FROM_DEV transfers
- scsi: sg: fix static checker warning in sg_is_valid_dxfer
- scsi: sg: only check for dxfer_len greater than 256M
- ARM: dts: LogicPD Torpedo: Fix I2C1 pinmux
- btrfs: alloc_chunk: fix DUP stripe size handling
- btrfs: Fix use-after-free when cleaning up fs_devs with a single stale
device
- USB: gadget: udc: Add missing platform_device_put() on error in
bdc_pci_probe()
- usb: gadget: bdc: 64-bit pointer capability check
- Linux 4.4.123
* Xenial update to 4.4.123 stable release (LP: #1764666) // CVE-2017-16995
- Revert "bpf: fix incorrect sign extension in check_alu_op()"
- bpf: fix incorrect sign extension in check_alu_op()
* Xenial update to 4.4.122 stable release (LP: #1764627)
- RDMA/ucma: Limit possible option size
- RDMA/ucma: Check that user doesn't overflow QP state
- RDMA/mlx5: Fix integer overflow while resizing CQ
- scsi: qla2xxx: Fix NULL pointer crash due to active timer for ABTS
- workqueue: Allow retrieval of current task's work struct
- drm: Allow determining if current task is output poll worker
- drm/nouveau: Fix deadlock on runtime suspend
- drm/radeon: Fix deadlock on runtime suspend
- drm/amdgpu: Fix deadlock on runtime suspend
- drm/amdgpu: Notify sbios device ready before send request
- drm/radeon: fix KV harvesting
- drm/amdgpu: fix KV harvesting
- MIPS: BMIPS: Do not mask IPIs during suspend
- MIPS: ath25: Check for kzalloc allocation failure
- MIPS: OCTEON: irq: Check for null return on kzalloc allocation
- Input: matrix_keypad - fix race when disabling interrupts
- loop: Fix lost writes caused by missing flag
- kbuild: Handle builtin dtb file names containing hyphens
- bcache: don't attach backing with duplicate UUID
- x86/MCE: Serialize sysfs changes
- ALSA: hda/realtek - Fix dock line-out volume on Dell Precision 7520
- ALSA: seq: More protection for concurrent write and ioctl races
- ALSA: hda: add dock and led support for HP EliteBook 820 G3
- ALSA: hda: add dock and led support for HP ProBook 640 G2
- watchdog: hpwdt: SMBIOS check
- watchdog: hpwdt: Check source of NMI
- watchdog: hpwdt: fix unused variable warning
- netfilter: nfnetlink_queue: fix timestamp attribute
- Input: tca8418_keypad - remove double read of key event register
- tc358743: fix register i2c_rd/wr function fix
- netfilter: add back stackpointer size checks
- netfilter: x_tables: fix missing timer initialization in xt_LED
- netfilter: nat: cope with negative port range
- netfilter: IDLETIMER: be syzkaller friendly
- netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets
- netfilter: bridge: ebt_among: add missing match size checks
- netfilter: ipv6: fix use-after-free Write in nf_nat_ipv6_manip_pkt
- netfilter: use skb_to_full_sk in ip_route_me_harder
- ext4: inplace xattr block update fails to deduplicate blocks
- ubi: Fix race condition between ubi volume creation and udev
- scsi: qla2xxx: Replace fcport alloc with qla2x00_alloc_fcport
- NFS: Fix an incorrect type in struct nfs_direct_req
- Revert "ARM: dts: LogicPD Torpedo: Fix I2C1 pinmux"
- x86/module: Detect and skip invalid relocations
- x86: Treat R_X86_64_PLT32 as R_X86_64_PC32
- serial: sh-sci: prevent lockup on full TTY buffers
- tty/serial: atmel: add new version check for usart
- uas: fix comparison for error code
- staging: comedi: fix comedi_nsamples_left.
- staging: android: ashmem: Fix lockdep issue during llseek
- USB: storage: Add JMicron bridge 152d:2567 to unusual_devs.h
- usb: quirks: add control message delay for 1b1c:1b20
- USB: usbmon: remove assignment from IS_ERR argument
- usb: usbmon: Read text within supplied buffer size
- usb: gadget: f_fs: Fix use-after-free in ffs_fs_kill_sb()
- serial: 8250_pci: Add Brainboxes UC-260 4 port serial device
- fixup: sctp: verify size of a new chunk in _sctp_make_chunk()
- Linux 4.4.122
* Xenial update to 4.4.122 stable release (LP: #1764627) // CVE-2018-1000004.
- ALSA: seq: Don't allow resizing pool in use
* Xenial update to 4.4.121 stable release (LP: #1764367)
- tpm: st33zp24: fix potential buffer overruns caused by bit glitches on the
bus
- tpm_i2c_infineon: fix potential buffer overruns caused by bit glitches on
the bus
- tpm_i2c_nuvoton: fix potential buffer overruns caused by bit glitches on the
bus
- ALSA: usb-audio: Add a quirck for B&W PX headphones
- ALSA: hda: Add a power_save blacklist
- cpufreq: s3c24xx: Fix broken s3c_cpufreq_init()
- media: m88ds3103: don't call a non-initalized function
- ARM: mvebu: Fix broken PL310_ERRATA_753970 selects
- KVM: mmu: Fix overlap between public and private memslots
- btrfs: Don't clear SGID when inheriting ACLs
- ARM: dts: LogicPD Torpedo: Fix I2C1 pinmux
- x86/apic/vector: Handle legacy irq data correctly
- leds: do not overflow sysfs buffer in led_trigger_show
- x86/spectre: Fix an error message
- bridge: check brport attr show in brport_show
- fib_semantics: Don't match route with mismatching tclassid
- hdlc_ppp: carrier detect ok, don't turn off negotiation
- ipv6 sit: work around bogus gcc-8 -Wrestrict warning
- net: fix race on decreasing number of TX queues
- net: ipv4: don't allow setting net.ipv4.route.min_pmtu below 68
- netlink: ensure to loop over all netns in genlmsg_multicast_allns()
- ppp: prevent unregistered channels from connecting to PPP units
- udplite: fix partial checksum initialization
- sctp: fix dst refcnt leak in sctp_v4_get_dst
- sctp: fix dst refcnt leak in sctp_v6_get_dst()
- s390/qeth: fix SETIP command handling
- s390/qeth: fix IPA command submission race
- sctp: verify size of a new chunk in _sctp_make_chunk()
- net: mpls: Pull common label check into helper
- dm io: fix duplicate bio completion due to missing ref count
- bpf, x64: implement retpoline for tail call
- btrfs: preserve i_mode if __btrfs_set_acl() fails
- Linux 4.4.121
* Xenial update to 4.4.120 stable release (LP: #1764316)
- hrtimer: Ensure POSIX compliance (relative CLOCK_REALTIME hrtimers)
- f2fs: fix a bug caused by NULL extent tree
- mtd: nand: gpmi: Fix failure when a erased page has a bitflip at BBM
- ipv6: icmp6: Allow icmp messages to be looped back
- ARM: 8731/1: Fix csum_partial_copy_from_user() stack mismatch
- sget(): handle failures of register_shrinker()
- drm/nouveau/pci: do a msi rearm on init
- spi: atmel: fixed spin_lock usage inside atmel_spi_remove
- net: arc_emac: fix arc_emac_rx() error paths
- scsi: storvsc: Fix scsi_cmd error assignments in storvsc_handle_error
- ARM: dts: ls1021a: fix incorrect clock references
- lib/mpi: Fix umul_ppmm() for MIPS64r6
- tg3: Add workaround to restrict 5762 MRRS to 2048
- tg3: Enable PHY reset in MTU change path for 5720
- bnx2x: Improve reliability in case of nested PCI errors
- s390/dasd: fix wrongly assigned configuration data
- IB/mlx4: Fix mlx4_ib_alloc_mr error flow
- IB/ipoib: Fix race condition in neigh creation
- xfs: quota: fix missed destroy of qi_tree_lock
- xfs: quota: check result of register_shrinker()
- e1000: fix disabling already-disabled warning
- drm/ttm: check the return value of kzalloc
- mac80211: mesh: drop frames appearing to be from us
- can: flex_can: Correct the checking for frame length in flexcan_start_xmit()
- bnxt_en: Fix the 'Invalid VF' id check in bnxt_vf_ndo_prep routine.
- xen-netfront: enable device after manual module load
- mdio-sun4i: Fix a memory leak
- SolutionEngine771x: fix Ether platform data
- xen/gntdev: Fix off-by-one error when unmapping with holes
- xen/gntdev: Fix partial gntdev_mmap() cleanup
- sctp: make use of pre-calculated len
- net: gianfar_ptp: move set_fipers() to spinlock protecting area
- MIPS: Implement __multi3 for GCC7 MIPS64r6 builds
- Linux 4.4.120
* Xenial update to 4.4.119 stable release (LP: #1762453)
- netfilter: drop outermost socket lock in getsockopt()
- powerpc/64s: Fix RFI flush dependency on HARDLOCKUP_DETECTOR
- PCI: keystone: Fix interrupt-controller-node lookup
- ip_tunnel: replace dst_cache with generic implementation
- ip_tunnel: fix preempt warning in ip tunnel creation/updating
- scsi: ibmvfc: fix misdefined reserved field in ibmvfc_fcp_rsp_info
- cfg80211: fix cfg80211_beacon_dup
- iio: buffer: check if a buffer has been set up when poll is called
- iio: adis_lib: Initialize trigger before requesting interrupt
- x86/oprofile: Fix bogus GCC-8 warning in nmi_setup()
- irqchip/gic-v3: Use wmb() instead of smb_wmb() in gic_raise_softirq()
- usb: ohci: Proper handling of ed_rm_list to handle race condition between
usb_kill_urb() and finish_unlinks()
- arm64: Disable unhandled signal log messages by default
- Add delay-init quirk for Corsair K70 RGB keyboards
- usb: dwc3: gadget: Set maxpacket size for ep0 IN
- usb: ldusb: add PIDs for new CASSY devices supported by this driver
- usb: gadget: f_fs: Process all descriptors during bind
- usb: renesas_usbhs: missed the "running" flag in usb_dmac with rx path
- drm/amdgpu: Avoid leaking PM domain on driver unbind (v2)
- binder: add missing binder_unlock()
- Linux 4.4.119
* [regression] Colour banding and artefacts appear system-wide on an Asus
Zenbook UX303LA with Intel HD 4400 graphics (LP: #1749420) // Xenial update
to 4.4.119 stable release (LP: #1762453)
- drm/edid: Add 6 bpc quirk for CPT panel in Asus UX303LA
* Xenial update to 4.4.118 stable release (LP: #1756866)
- net: add dst_cache support
- [Config] Add CONFIG_DST_CACHE=y
- net: replace dst_cache ip6_tunnel implementation with the generic one
- cfg80211: check dev_set_name() return value
- mm,vmscan: Make unregister_shrinker() no-op if register_shrinker() failed.
- xfrm: Fix stack-out-of-bounds read on socket policy lookup.
- xfrm: check id proto in validate_tmpl()
- blktrace: fix unlocked registration of tracepoints
- drm: Require __GFP_NOFAIL for the legacy drm_modeset_lock_all
- Provide a function to create a NUL-terminated string from unterminated data
- selinux: ensure the context is NUL terminated in
security_context_to_sid_core()
- selinux: skip bounded transition processing if the policy isn't loaded
- crypto: x86/twofish-3way - Fix %rbp usage
- KVM: x86: fix escape of guest dr6 to the host
- netfilter: x_tables: fix int overflow in xt_alloc_table_info()
- netfilter: x_tables: avoid out-of-bounds reads in
xt_request_find_{match|target}
- netfilter: ipt_CLUSTERIP: fix out-of-bounds accesses in clusterip_tg_check()
- netfilter: on sockopt() acquire sock lock only in the required scope
- netfilter: xt_RATEEST: acquire xt_rateest_mutex for hash insert
- net: avoid skb_warn_bad_offload on IS_ERR
- ASoC: ux500: add MODULE_LICENSE tag
- video: fbdev/mmp: add MODULE_LICENSE
- arm64: dts: add #cooling-cells to CPU nodes
- Make DST_CACHE a silent config option
- dn_getsockoptdecnet: move nf_{get/set}sockopt outside sock lock
- staging: android: ashmem: Fix a race condition in pin ioctls
- binder: check for binder_thread allocation failure in binder_poll()
- staging: iio: adc: ad7192: fix external frequency setting
- usbip: keep usbip_device sockfd state in sync with tcp_socket
- usb: build drivers/usb/common/ when USB_SUPPORT is set
- ARM: OMAP2+: Fix SRAM virt to phys translation for save_secure_ram_context
- ARM: AM33xx: PRM: Remove am33xx_pwrdm_read_prev_pwrst function
- ARM: dts: Fix omap4 hang with GPS connected to USB by using wakeupgen
- ARM: dts: am4372: Correct the interrupts_properties of McASP
- perf top: Fix window dimensions change handling
- perf bench numa: Fixup discontiguous/sparse numa nodes
- media: s5k6aa: describe some function parameters
- pinctrl: sunxi: Fix A80 interrupt pin bank
- RDMA/cma: Make sure that PSN is not over max allowed
- scripts/kernel-doc: Don't fail with status != 0 if error encountered with
-none
- ipvlan: Add the skb->mark as flow4's member to lookup route
- powerpc/perf: Fix oops when grouping different pmu events
- s390/dasd: prevent prefix I/O error
- gianfar: fix a flooded alignment reports because of padding issue.
- net_sched: red: Avoid devision by zero
- net_sched: red: Avoid illegal values
- btrfs: Fix possible off-by-one in btrfs_search_path_in_tree
- 509: fix printing uninitialized stack memory when OID is empty
- dmaengine: ioat: Fix error handling path
- dmaengine: at_hdmac: fix potential NULL pointer dereference in
atc_prep_dma_interleaved
- clk: fix a panic error caused by accessing NULL pointer
- ASoC: rockchip: disable clock on error
- spi: sun4i: disable clocks in the remove function
- xfrm: Fix stack-out-of-bounds with misconfigured transport mode policies.
- drm/armada: fix leak of crtc structure
- dmaengine: jz4740: disable/unprepare clk if probe fails
- mm/early_ioremap: Fix boot hang with earlyprintk=efi,keep
- x86/mm/kmmio: Fix mmiotrace for page unaligned addresses
- xen: XEN_ACPI_PROCESSOR is Dom0-only
- hippi: Fix a Fix a possible sleep-in-atomic bug in rr_close
- virtio_balloon: prevent uninitialized variable use
- isdn: icn: remove a #warning
- vmxnet3: prevent building with 64K pages
- [Config] ppc64el: Drop vmxnet3 module
- gpio: intel-mid: Fix build warning when !CONFIG_PM
- platform/x86: intel_mid_thermal: Fix suspend handlers unused warning
- video: fbdev: via: remove possibly unused variables
- scsi: advansys: fix build warning for PCI=n
- x86/ras/inject: Make it depend on X86_LOCAL_APIC=y
- arm64: define BUG() instruction without CONFIG_BUG
- x86/fpu/math-emu: Fix possible uninitialized variable use
- tools build: Add tools tree support for 'make -s'
- x86/build: Silence the build with "make -s"
- thermal: fix INTEL_SOC_DTS_IOSF_CORE dependencies
- x86: add MULTIUSER dependency for KVM
- x86/platform: Add PCI dependency for PUNIT_ATOM_DEBUG
- scsi: advansys: fix uninitialized data access
- arm64: Kconfig: select COMPAT_BINFMT_ELF only when BINFMT_ELF is set
- ALSA: hda/ca0132 - fix possible NULL pointer use
- reiserfs: avoid a -Wmaybe-uninitialized warning
- ssb: mark ssb_bus_register as __maybe_unused
- thermal: spear: use __maybe_unused for PM functions
- x86/boot: Avoid warning for zero-filling .bss
- scsi: sim710: fix build warning
- drivers/net: fix eisa_driver probe section mismatch
- dpt_i2o: fix build warning
- profile: hide unused functions when !CONFIG_PROC_FS
- md: avoid warning for 32-bit sector_t
- mtd: ichxrom: maybe-uninitialized with gcc-4.9
- mtd: maps: add __init attribute
- mptfusion: hide unused seq_mpt_print_ioc_summary function
- scsi: fdomain: drop fdomain_pci_tbl when built-in
- video: fbdev: sis: remove unused variable
- staging: ste_rmi4: avoid unused function warnings
- fbdev: sis: enforce selection of at least one backend
- video: Use bool instead int pointer for get_opt_bool() argument
- scsi: mvumi: use __maybe_unused to hide pm functions
- SCSI: initio: remove duplicate module device table
- pwc: hide unused label
- usb: musb/ux500: remove duplicate check for dma_is_compatible
- tty: hvc_xen: hide xen_console_remove when unused
- target/user: Fix cast from pointer to phys_addr_t
- driver-core: use 'dev' argument in dev_dbg_ratelimited stub
- fbdev: auo_k190x: avoid unused function warnings
- amd-xgbe: Fix unused suspend handlers build warning
- mtd: sh_flctl: pass FIFO as physical address
- mtd: cfi: enforce valid geometry configuration
- fbdev: s6e8ax0: avoid unused function warnings
- modsign: hide openssl output in silent builds
- fbdev: sm712fb: avoid unused function warnings
- hwrng: exynos - use __maybe_unused to hide pm functions
- USB: cdc_subset: only build when one driver is enabled
- [Config] Add CONFIG_USB_NET_CDC_SUBSET_ENABLE=m
- rtlwifi: fix gcc-6 indentation warning
- staging: wilc1000: fix kbuild test robot error
- x86/platform/olpc: Fix resume handler build warning
- netfilter: ipvs: avoid unused variable warnings
- ipv4: ipconfig: avoid unused ic_proto_used symbol
- tc1100-wmi: fix build warning when CONFIG_PM not enabled
- tlan: avoid unused label with PCI=n
- drm/vmwgfx: use *_32_bits() macros
- tty: cyclades: cyz_interrupt is only used for PCI
- genirq/msi: Add stubs for get_cached_msi_msg/pci_write_msi_msg
- ASoC: mediatek: add i2c dependency
- iio: adc: axp288: remove redundant duplicate const on axp288_adc_channels
- infiniband: cxgb4: use %pR format string for printing resources
- b2c2: flexcop: avoid unused function warnings
- i2c: remove __init from i2c_register_board_info()
- staging: unisys: visorinput depends on INPUT
- tc358743: fix register i2c_rd/wr functions
- drm/nouveau: hide gcc-4.9 -Wmaybe-uninitialized
- Input: tca8418_keypad - hide gcc-4.9 -Wmaybe-uninitialized warning
- KVM: add X86_LOCAL_APIC dependency
- go7007: add MEDIA_CAMERA_SUPPORT dependency
- em28xx: only use mt9v011 if camera support is enabled
- ISDN: eicon: reduce stack size of sig_ind function
- ASoC: rockchip: use __maybe_unused to hide st_irq_syscfg_resume
- serial: 8250_mid: fix broken DMA dependency
- drm/gma500: Sanity-check pipe index
- hdpvr: hide unused variable
- v4l: remove MEDIA_TUNER dependency for VIDEO_TUNER
- cw1200: fix bogus maybe-uninitialized warning
- wireless: cw1200: use __maybe_unused to hide pm functions_
- perf/x86: Shut up false-positive -Wmaybe-uninitialized warning
- dmaengine: zx: fix build warning
- net: hp100: remove unnecessary #ifdefs
- gpio: xgene: mark PM functions as __maybe_unused
- ncpfs: fix unused variable warning
- Revert "power: bq27xxx_battery: Remove unneeded dependency in Kconfig"
- power: bq27xxx_battery: mark some symbols __maybe_unused
- isdn: sc: work around type mismatch warning
- binfmt_elf: compat: avoid unused function warning
- idle: i7300: add PCI dependency
- usb: phy: msm add regulator dependency
- ncr5380: shut up gcc indentation warning
- ARM: tegra: select USB_ULPI from EHCI rather than platform
- ASoC: Intel: Kconfig: fix build when ACPI is not enabled
- netlink: fix nla_put_{u8,u16,u32} for KASAN
- dell-wmi, dell-laptop: depends DMI
- genksyms: Fix segfault with invalid declarations
- x86/microcode/AMD: Change load_microcode_amd()'s param to bool to fix
preemptibility bug
- drm/gma500: remove helper function
- kasan: rework Kconfig settings
- KVM: async_pf: Fix #DF due to inject "Page not Present" and "Page Ready"
exceptions simultaneously
- x86/retpoline: Remove the esp/rsp thunk
- module/retpoline: Warn about missing retpoline in module
- x86/nospec: Fix header guards names
- x86/bugs: Drop one "mitigation" from dmesg
- x86/cpu/bugs: Make retpoline module warning conditional
- x86/spectre: Check CONFIG_RETPOLINE in command line parser
- x86/spectre: Fix spelling mistake: "vunerable"-> "vulnerable"
- x86/paravirt: Remove 'noreplace-paravirt' cmdline option
- x86/retpoline: Avoid retpolines for built-in __init functions
- x86/spectre: Simplify spectre_v2 command line parsing
- x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL
- KVM: nVMX: kmap() can't fail
- KVM: nVMX: vmx_complete_nested_posted_interrupt() can't fail
- kvm: nVMX: Fix kernel panics induced by illegal INVEPT/INVVPID types
- KVM: VMX: clean up declaration of VPID/EPT invalidation types
- KVM: nVMX: invvpid handling improvements
- crypto: s5p-sss - Fix kernel Oops in AES-ECB mode
- net: dst_cache_per_cpu_dst_set() can be static
- ARM: omap2: hide omap3_save_secure_ram on non-OMAP3 builds
- Linux 4.4.118
* ibrs/ibpb fixes result in excessive kernel logging (LP: #1755627)
- SAUCE: remove ibrs_dump sysctl interface
[ Ubuntu: 4.4.0-122.146 ]
* linux: 4.4.0-122.146 -proposed tracker (LP: #1766264)
* Redpine: WiFi scan stopping issue observed with BLE (LP: #1757435)
- SAUCE: Redpine: resolve wifi scan stop issue in stress tests
[ Ubuntu: 4.4.0-121.145 ]
* linux: 4.4.0-121.145 -proposed tracker (LP: #1763687)
* Ubuntu-4.4.0-120.144 fails to boot on arm64* hardware (LP: #1763644)
- [Config] arm64: disable BPF_JIT_ALWAYS_ON
-- Khalid Elmously <email address hidden> Fri, 27 Apr 2018 02:39:04 -0400
-
linux-aws (4.4.0-1017.17) trusty; urgency=medium
* linux-aws: 4.4.0-1017.17 -proposed tracker (LP: #1761439)
[ Ubuntu: 4.4.0-120.144 ]
* linux: 4.4.0-120.144 -proposed tracker (LP: #1761438)
* intel-microcode 3.20180312.0 causes lockup at login screen(w/ linux-
image-4.13.0-37-generic) (LP: #1759920) // CVE-2017-5715 (Spectre v2 Intel)
- Revert "x86/mm: Only set IBPB when the new thread cannot ptrace current
thread"
- x86/speculation: Use Indirect Branch Prediction Barrier in context switch
* DKMS driver builds fail with: Cannot use CONFIG_STACK_VALIDATION=y, please
install libelf-dev, libelf-devel or elfutils-libelf-devel (LP: #1760876)
- [Packaging] include the retpoline extractor in the headers
* retpoline hints: primary infrastructure and initial hints (LP: #1758856)
- [Packaging] retpoline-extract: flag *0xNNN(%reg) branches
- x86/speculation, objtool: Annotate indirect calls/jumps for objtool
- x86/speculation, objtool: Annotate indirect calls/jumps for objtool on 32bit
- x86/paravirt, objtool: Annotate indirect calls
- x86/asm: Stop depending on ptrace.h in alternative.h
- [Packaging] retpoline -- add safe usage hint support
- [Packaging] retpoline-check -- only report additions
- [Packaging] retpoline -- widen indirect call/jmp detection
- [Packaging] retpoline -- elide %rip relative indirections
- [Packaging] retpoline -- clear hint information from packages
- SAUCE: modpost: add discard to non-allocatable whitelist
- KVM: x86: Make indirect calls in emulator speculation safe
- KVM: VMX: Make indirect call speculation safe
- x86/boot, objtool: Annotate indirect jump in secondary_startup_64()
- SAUCE: early/late -- annotate indirect calls in early/late initialisation
code
- SAUCE: vga_set_mode -- avoid jump tables
- [Config] retpoline -- switch to new format
- [Packaging] final-checks -- remove check for empty retpoline files
* Xenial update to 4.4.117 stable release (LP: #1756860)
- IB/mlx4: Fix incorrectly releasing steerable UD QPs when have only ETH ports
- PM / devfreq: Propagate error from devfreq_add_device()
- s390: fix handling of -1 in set{,fs}[gu]id16 syscalls
- ARM: dts: STi: Add gpio polarity for "hdmi,hpd-gpio" property
- arm: spear600: Add missing interrupt-parent of rtc
- arm: spear13xx: Fix dmas cells
- arm: spear13xx: Fix spics gpio controller's warning
- ALSA: seq: Fix regression by incorrect ioctl_mutex usages
- KVM/x86: Reduce retpoline performance impact in slot_handle_level_range(),
by always inlining iterator helper methods
- x86/cpu: Change type of x86_cache_size variable to unsigned int
- drm/radeon: adjust tested variable
- rtc-opal: Fix handling of firmware error codes, prevent busy loops
- ext4: save error to disk in __ext4_grp_locked_error()
- ext4: correct documentation for grpid mount option
- mm: hide a #warning for COMPILE_TEST
- video: fbdev: atmel_lcdfb: fix display-timings lookup
- console/dummy: leave .con_font_get set to NULL
- rtlwifi: rtl8821ae: Fix connection lost problem correctly
- Btrfs: fix deadlock in run_delalloc_nocow
- Btrfs: fix crash due to not cleaning up tree log block's dirty bits
- Btrfs: fix unexpected -EEXIST when creating new inode
- ALSA: hda - Fix headset mic detection problem for two Dell machines
- ALSA: usb-audio: Fix UAC2 get_ctl request with a RANGE attribute
- ALSA: hda/realtek: PCI quirk for Fujitsu U7x7
- ALSA: usb-audio: add implicit fb quirk for Behringer UFX1204
- ALSA: seq: Fix racy pool initializations
- mvpp2: fix multicast address filter
- dm: correctly handle chained bios in dec_pending()
- x86: fix build warnign with 32-bit PAE
- vfs: don't do RCU lookup of empty pathnames
- ARM: pxa/tosa-bt: add MODULE_LICENSE tag
- ARM: dts: s5pv210: add interrupt-parent for ohci
- media: r820t: fix r820t_write_reg for KASAN
- Linux 4.4.117
* zfs system process hung on container stop/delete (LP: #1754584)
- SAUCE: (noup) zfs to 0.6.5.6-0ubuntu19
- SAUCE: Fix non-prefaulted page deadlock (LP: #1754584)
* apparmor: fix bad __initdata tagging on, apparmor_initialized (LP: #1758471)
- SAUCE: apparmor: fix bad __initdata tagging on, apparmor_initialized
* Xenial update to 4.4.116 stable release (LP: #1756121)
- powerpc/bpf/jit: Disable classic BPF JIT on ppc64le
- powerpc/64: Fix flush_(d|i)cache_range() called from modules
- powerpc: Fix VSX enabling/flushing to also test MSR_FP and MSR_VEC
- powerpc: Simplify module TOC handling
- ASoC: pcm512x: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
- usbip: vhci_hcd: clear just the USB_PORT_STAT_POWER bit
- usbip: fix 3eee23c3ec14 tcp_socket address still in the status file
- net: cdc_ncm: initialize drvflags before usage
- ASoC: simple-card: Fix misleading error message
- ASoC: rsnd: don't call free_irq() on Parent SSI
- ASoC: rsnd: avoid duplicate free_irq()
- drm: rcar-du: Use the VBK interrupt for vblank events
- drm: rcar-du: Fix race condition when disabling planes at CRTC stop
- x86/asm: Fix inline asm call constraints for GCC 4.4
- ip6mr: fix stale iterator
- net: igmp: add a missing rcu locking section
- qlcnic: fix deadlock bug
- r8169: fix RTL8168EP take too long to complete driver initialization.
- tcp: release sk_frag.page in tcp_disconnect
- vhost_net: stop device during reset owner
- media: soc_camera: soc_scale_crop: add missing
MODULE_DESCRIPTION/AUTHOR/LICENSE
- KEYS: encrypted: fix buffer overread in valid_master_desc()
- don't put symlink bodies in pagecache into highmem
- crypto: tcrypt - fix S/G table for test_aead_speed()
- x86/microcode: Do the family check first
- powerpc/pseries: include linux/types.h in asm/hvcall.h
- cifs: Fix missing put_xid in cifs_file_strict_mmap
- cifs: Fix autonegotiate security settings mismatch
- CIFS: zero sensitive data when freeing
- dmaengine: dmatest: fix container_of member in dmatest_callback
- x86/kaiser: fix build error with KASAN && !FUNCTION_GRAPH_TRACER
- kaiser: fix compile error without vsyscall
- netfilter: nf_queue: Make the queue_handler pernet
- posix-timer: Properly check sigevent->sigev_notify
- usb: gadget: uvc: Missing files for configfs interface
- sched/rt: Use container_of() to get root domain in rto_push_irq_work_func()
- sched/rt: Up the root domain ref count when passing it around via IPIs
- media: dvb-usb-v2: lmedm04: Improve logic checking of warm start
- media: dvb-usb-v2: lmedm04: move ts2020 attach to dm04_lme2510_tuner
- mtd: cfi: convert inline functions to macros
- mtd: nand: brcmnand: Disable prefetch by default
- mtd: nand: Fix nand_do_read_oob() return value
- mtd: nand: sunxi: Fix ECC strength choice
- ubi: block: Fix locking for idr_alloc/idr_remove
- nfs/pnfs: fix nfs_direct_req ref leak when i/o falls back to the mds
- NFS: Add a cond_resched() to nfs_commit_release_pages()
- NFS: commit direct writes even if they fail partially
- NFS: reject request for id_legacy key without auxdata
- kernfs: fix regression in kernfs_fop_write caused by wrong type
- ahci: Annotate PCI ids for mobile Intel chipsets as such
- ahci: Add PCI ids for Intel Bay Trail, Cherry Trail and Apollo Lake AHCI
- ahci: Add Intel Cannon Lake PCH-H PCI ID
- crypto: hash - introduce crypto_hash_alg_has_setkey()
- crypto: cryptd - pass through absence of ->setkey()
- crypto: poly1305 - remove ->setkey() method
- nsfs: mark dentry with DCACHE_RCUACCESS
- media: v4l2-ioctl.c: don't copy back the result for -ENOTTY
- vb2: V4L2_BUF_FLAG_DONE is set after DQBUF
- media: v4l2-compat-ioctl32.c: add missing VIDIOC_PREPARE_BUF
- media: v4l2-compat-ioctl32.c: fix the indentation
- media: v4l2-compat-ioctl32.c: move 'helper' functions to
__get/put_v4l2_format32
- media: v4l2-compat-ioctl32.c: avoid sizeof(type)
- media: v4l2-compat-ioctl32.c: copy m.userptr in put_v4l2_plane32
- media: v4l2-compat-ioctl32.c: fix ctrl_is_pointer
- media: v4l2-compat-ioctl32.c: make ctrl_is_pointer work for subdevs
- media: v4l2-compat-ioctl32: Copy v4l2_window->global_alpha
- media: v4l2-compat-ioctl32.c: copy clip list in put_v4l2_window32
- media: v4l2-compat-ioctl32.c: drop pr_info for unknown buffer type
- media: v4l2-compat-ioctl32.c: don't copy back the result for certain errors
- media: v4l2-compat-ioctl32.c: refactor compat ioctl32 logic
- crypto: caam - fix endless loop when DECO acquire fails
- arm: KVM: Fix SMCCC handling of unimplemented SMC/HVC calls
- KVM: nVMX: Fix races when sending nested PI while dest enters/leaves L2
- watchdog: imx2_wdt: restore previous timeout after suspend+resume
- media: ts2020: avoid integer overflows on 32 bit machines
- media: cxusb, dib0700: ignore XC2028_I2C_FLUSH
- kernel/async.c: revert "async: simplify lowest_in_progress()"
- HID: quirks: Fix keyboard + touchpad on Toshiba Click Mini not working
- Bluetooth: btsdio: Do not bind to non-removable BCM43341
- Bluetooth: btusb: Restore QCA Rome suspend/resume fix with a "rewritten"
version
- signal/openrisc: Fix do_unaligned_access to send the proper signal
- signal/sh: Ensure si_signo is initialized in do_divide_error
- alpha: fix crash if pthread_create races with signal delivery
- alpha: fix reboot on Avanti platform
- xtensa: fix futex_atomic_cmpxchg_inatomic
- EDAC, octeon: Fix an uninitialized variable warning
- pktcdvd: Fix pkt_setup_dev() error path
- btrfs: Handle btrfs_set_extent_delalloc failure in fixup worker
- ACPI: sbshc: remove raw pointer from printk() message
- ovl: fix failure to fsync lower dir
- mn10300/misalignment: Use SIGSEGV SEGV_MAPERR to report a failed user copy
- ftrace: Remove incorrect setting of glob search field
- Linux 4.4.116
* Xenial update to 4.4.116 stable release (LP: #1756121) // CVE-2017-5754
- Revert "UBUNTU: SAUCE: UBUNTU: [Config] Disable CONFIG_PPC_DEBUG_RFI"
- Revert "UBUNTU: SAUCE: rfi-flush: Fix some RFI conversions in the KVM code"
- Revert "UBUNTU: SAUCE: rfi-flush: Fix the 32-bit KVM build"
- Revert "UBUNTU: SAUCE: rfi-flush: Fallback flush add load dependency"
- Revert "UBUNTU: SAUCE: rfi-flush: Use rfi-flush in printks"
- Revert "UBUNTU: SAUCE: rfi-flush: Add no_rfi_flush and nopti comandline
options"
- Revert "UBUNTU: SAUCE: rfi-flush: Refactor the macros so the nops are
defined once"
- Revert "UBUNTU: SAUCE: rfi-flush: Fix HRFI_TO_UNKNOWN"
- Revert "UBUNTU: SAUCE: rfi-flush: Fix the fallback flush to actually
activate"
- Revert "UBUNTU: SAUCE: rfi-flush: Rework pseries logic to be more cautious"
- Revert "UBUNTU: SAUCE: rfi-flush: Rework powernv logic to be more cautious"
- Revert "UBUNTU: SAUCE: rfi-flush: Add barriers to the fallback L1D flushing"
- Revert "UBUNTU: SAUCE: Fix compilation errors for arch/powerpc/lib/feature-
fixups.c"
- Revert "UBUNTU: SAUCE: Remove setup.h include file otherwise compilation
complains about missing header file."
- Revert "UBUNTU: SAUCE: powerpc/asm: Allow including ppc_asm.h in asm files"
- Revert "UBUNTU: SAUCE: rfi-flush: Add speculation barrier before ori 30,30,0
flush"
- Revert "UBUNTU: SAUCE: rfi-flush: Allow HV to advertise multiple flush
types"
- Revert "UBUNTU: SAUCE: rfi-flush: Support more than one flush type at once"
- Revert "UBUNTU: SAUCE: rfi-flush: Expand the RFI section to two nop slots"
- Revert "UBUNTU: SAUCE: rfi-flush: Push the instruction selection down to the
patching routine"
- Revert "UBUNTU: SAUCE: rfi-flush: Make l1d_flush_type bit flags"
- Revert "UBUNTU: SAUCE: rfi-flush: Implement congruence-first fallback flush"
- Revert "UBUNTU: SAUCE: KVM: Revert the implementation of
H_GET_CPU_CHARACTERISTICS"
- Revert "UBUNTU: SAUCE: rfi-flush: kvmppc_skip_(H)interrupt returns to host"
- Revert "UBUNTU: SAUCE: Fixup rfid in kvmppc_skip_Hinterrupt should be hrfid"
- Revert "UBUNTU: SAUCE: rfi-flush: Add HRFI_TO_UNKNOWN and use it in denorm"
- Revert "UBUNTU: SAUCE: rfi-flush: Make DEBUG_RFI a CONFIG option"
- Revert "UBUNTU: SAUCE: powerpc: Secure memory rfi flush"
- powerpc/pseries: Add H_GET_CPU_CHARACTERISTICS flags & wrapper
- powerpc/64: Add macros for annotating the destination of rfid/hrfid
- powerpc/64s: Simple RFI macro conversions
- powerpc/64: Convert fast_exception_return to use RFI_TO_USER/KERNEL
- powerpc/64: Convert the syscall exit path to use RFI_TO_USER/KERNEL
- powerpc/64s: Convert slb_miss_common to use RFI_TO_USER/KERNEL
- powerpc/64s: Add support for RFI flush of L1-D cache
- powerpc/64s: Support disabling RFI flush with no_rfi_flush and nopti
- powerpc/pseries: Query hypervisor for RFI flush settings
- powerpc/powernv: Check device-tree for RFI flush settings
- powerpc/64s: Wire up cpu_show_meltdown()
- powerpc/64s: Allow control of RFI flush via debugfs
* Intel i40e PF reset due to incorrect MDD detection (continues...)
(LP: #1723127)
- i40e/i40evf: Account for frags split over multiple descriptors in check
linearize
- i40e/i40evf: Allow up to 12K bytes of data per Tx descriptor instead of 8K
* Xenial update to 4.4.115 stable release (LP: #1755509)
- x86: bpf_jit: small optimization in emit_bpf_tail_call()
- bpf: fix bpf_tail_call() x64 JIT
- [Config] CONFIG_BPF_JIT_ALWAYS_ON=y
- bpf: introduce BPF_JIT_ALWAYS_ON config
- bpf: arsh is not supported in 32 bit alu thus reject it
- bpf: avoid false sharing of map refcount with max_entries
- bpf: fix divides by zero
- bpf: fix 32-bit divide by zero
- bpf: reject stores into ctx via st and xadd
- x86/pti: Make unpoison of pgd for trusted boot work for real
- kaiser: fix intel_bts perf crashes
- ALSA: seq: Make ioctls race-free
- crypto: aesni - handle zero length dst buffer
- crypto: af_alg - whitelist mask and type
- power: reset: zx-reboot: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
- gpio: iop: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
- gpio: ath79: add missing MODULE_DESCRIPTION/LICENSE
- mtd: nand: denali_pci: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
- igb: Free IRQs when device is hotplugged
- KVM: x86: emulator: Return to user-mode on L1 CPL=0 emulation failure
- KVM: x86: Don't re-execute instruction when not passing CR2 value
- KVM: X86: Fix operand/address-size during instruction decoding
- KVM: x86: ioapic: Fix level-triggered EOI and IOAPIC reconfigure race
- KVM: x86: ioapic: Clear Remote IRR when entry is switched to edge-triggered
- KVM: x86: ioapic: Preserve read-only values in the redirection table
- ACPI / bus: Leave modalias empty for devices which are not present
- cpufreq: Add Loongson machine dependencies
- bcache: check return value of register_shrinker
- drm/amdgpu: Fix SDMA load/unload sequence on HWS disabled mode
- drm/amdkfd: Fix SDMA ring buffer size calculation
- drm/amdkfd: Fix SDMA oversubsription handling
- openvswitch: fix the incorrect flow action alloc size
- mac80211: fix the update of path metric for RANN frame
- btrfs: fix deadlock when writing out space cache
- KVM: VMX: Fix rflags cache during vCPU reset
- xen-netfront: remove warning when unloading module
- nfsd: CLOSE SHOULD return the invalid special stateid for NFSv4.x (x>0)
- nfsd: Ensure we check stateid validity in the seqid operation checks
- grace: replace BUG_ON by WARN_ONCE in exit_net hook
- nfsd: check for use of the closed special stateid
- lockd: fix "list_add double add" caused by legacy signal interface
- hwmon: (pmbus) Use 64bit math for DIRECT format values
- powerpc/ppc64el -- Remove ll_temac module from 64-bit builds
- net: ethernet: xilinx: Mark XILINX_LL_TEMAC broken on 64-bit
- quota: Check for register_shrinker() failure.
- SUNRPC: Allow connect to return EHOSTUNREACH
- kmemleak: add scheduling point to kmemleak_scan()
- drm/omap: Fix error handling path in 'omap_dmm_probe()'
- xfs: ubsan fixes
- scsi: aacraid: Prevent crash in case of free interrupt during scsi EH path
- scsi: ufs: ufshcd: fix potential NULL pointer dereference in
ufshcd_config_vreg
- media: usbtv: add a new usbid
- usb: gadget: don't dereference g until after it has been null checked
- staging: rtl8188eu: Fix incorrect response to SIOCGIWESSID
- usb: option: Add support for FS040U modem
- USB: serial: pl2303: new device id for Chilitag
- USB: cdc-acm: Do not log urb submission errors on disconnect
- CDC-ACM: apply quirk for card reader
- USB: serial: io_edgeport: fix possible sleep-in-atomic
- usbip: prevent bind loops on devices attached to vhci_hcd
- usbip: list: don't list devices attached to vhci_hcd
- USB: serial: simple: add Motorola Tetra driver
- usb: f_fs: Prevent gadget unbind if it is already unbound
- usb: uas: unconditionally bring back host after reset
- selinux: general protection fault in sock_has_perm
- serial: imx: Only wakeup via RTSDEN bit if the system has RTS/CTS
- spi: imx: do not access registers while clocks disabled
- Linux 4.4.115
* retpoline: ignore %cs:0xNNN constant indirections (LP: #1752655)
- [Packaging] retpoline -- elide %cs:0xNNNN constants on i386
[ Ubuntu: 4.4.0-119.143 ]
* linux: 4.4.0-119.143 -proposed tracker (LP: #1760327)
* Dell XPS 13 9360 bluetooth scan can not detect any device (LP: #1759821)
- Revert "Bluetooth: btusb: fix QCA Rome suspend/resume"
-- Kamal Mostafa <email address hidden> Fri, 06 Apr 2018 10:48:33 -0700
-
linux-aws (4.4.0-1016.16) trusty; urgency=medium
* linux-aws: 4.4.0-1016.16 -proposed tracker (LP: #1759610)
[ Ubuntu: 4.4.0-118.142 ]
* linux: 4.4.0-118.142 -proposed tracker (LP: #1759607)
* Kernel panic with AWS 4.4.0-1053 / 4.4.0-1015 (Trusty) (LP: #1758869)
- x86/microcode/AMD: Do not load when running on a hypervisor
* CVE-2018-8043
- net: phy: mdio-bcm-unimac: fix potential NULL dereference in
unimac_mdio_probe()
linux-aws (4.4.0-1015.15) trusty; urgency=medium
* linux-aws: 4.4.0-1015.15 -proposed tracker (LP: #1755210)
[ Ubuntu: 4.4.0-117.141 ]
* linux: 4.4.0-117.141 -proposed tracker (LP: #1755208)
* Xenial update to 4.4.114 stable release (LP: #1754592)
- x86/asm/32: Make sync_core() handle missing CPUID on all 32-bit kernels
- usbip: prevent vhci_hcd driver from leaking a socket pointer address
- usbip: Fix implicit fallthrough warning
- usbip: Fix potential format overflow in userspace tools
- x86/microcode/intel: Fix BDW late-loading revision check
- x86/retpoline: Fill RSB on context switch for affected CPUs
- sched/deadline: Use the revised wakeup rule for suspending constrained dl
tasks
- can: af_can: can_rcv(): replace WARN_ONCE by pr_warn_once
- can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once
- PM / sleep: declare __tracedata symbols as char[] rather than char
- time: Avoid undefined behaviour in ktime_add_safe()
- timers: Plug locking race vs. timer migration
- Prevent timer value 0 for MWAITX
- drivers: base: cacheinfo: fix x86 with CONFIG_OF enabled
- drivers: base: cacheinfo: fix boot error message when acpi is enabled
- PCI: layerscape: Add "fsl,ls2085a-pcie" compatible ID
- PCI: layerscape: Fix MSG TLP drop setting
- mmc: sdhci-of-esdhc: add/remove some quirks according to vendor version
- fs/select: add vmalloc fallback for select(2)
- hwpoison, memcg: forcibly uncharge LRU pages
- cma: fix calculation of aligned offset
- mm, page_alloc: fix potential false positive in __zone_watermark_ok
- ipc: msg, make msgrcv work with LONG_MIN
- x86/ioapic: Fix incorrect pointers in ioapic_setup_resources()
- ACPI / processor: Avoid reserving IO regions too early
- ACPI / scan: Prefer devices without _HID/_CID for _ADR matching
- ACPICA: Namespace: fix operand cache leak
- netfilter: x_tables: speed up jump target validation
- netfilter: arp_tables: fix invoking 32bit "iptable -P INPUT ACCEPT" failed
in 64bit kernel
- netfilter: nf_dup_ipv6: set again FLOWI_FLAG_KNOWN_NH at flowi6_flags
- netfilter: nf_ct_expect: remove the redundant slash when policy name is
empty
- netfilter: nfnetlink_queue: reject verdict request from different portid
- netfilter: restart search if moved to other chain
- netfilter: nf_conntrack_sip: extend request line validation
- netfilter: use fwmark_reflect in nf_send_reset
- ext2: Don't clear SGID when inheriting ACLs
- reiserfs: fix race in prealloc discard
- reiserfs: don't preallocate blocks for extended attributes
- reiserfs: Don't clear SGID when inheriting ACLs
- fs/fcntl: f_setown, avoid undefined behaviour
- scsi: libiscsi: fix shifting of DID_REQUEUE host byte
- Input: trackpoint - force 3 buttons if 0 button is reported
- usb: usbip: Fix possible deadlocks reported by lockdep
- usbip: fix stub_rx: get_pipe() to validate endpoint number
- usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input
- usbip: prevent leaking socket pointer address in messages
- um: link vmlinux with -no-pie
- vsyscall: Fix permissions for emulate mode with KAISER/PTI
- eventpoll.h: add missing epoll event masks
- x86/microcode/intel: Extend BDW late-loading further with LLC size check
- hrtimer: Reset hrtimer cpu base proper on CPU hotplug
- dccp: don't restart ccid2_hc_tx_rto_expire() if sk in closed state
- ipv6: Fix getsockopt() for sockets with default IPV6_AUTOFLOWLABEL
- ipv6: fix udpv6 sendmsg crash caused by too small MTU
- ipv6: ip6_make_skb() needs to clear cork.base.dst
- lan78xx: Fix failure in USB Full Speed
- net: igmp: fix source address check for IGMPv3 reports
- tcp: __tcp_hdrlen() helper
- net: qdisc_pkt_len_init() should be more robust
- pppoe: take ->needed_headroom of lower device into account on xmit
- r8169: fix memory corruption on retrieval of hardware statistics.
- sctp: do not allow the v4 socket to bind a v4mapped v6 address
- sctp: return error if the asoc has been peeled off in sctp_wait_for_sndbuf
- vmxnet3: repair memory leak
- net: Allow neigh contructor functions ability to modify the primary_key
- ipv4: Make neigh lookup keys for loopback/point-to-point devices be
INADDR_ANY
- flow_dissector: properly cap thoff field
- net: tcp: close sock if net namespace is exiting
- nfsd: auth: Fix gid sorting when rootsquash enabled
- Linux 4.4.114
* Xenial update to 4.4.113 stable release (LP: #1754375)
- gcov: disable for COMPILE_TEST
- scsi: sg: disable SET_FORCE_LOW_DMA
- futex: Prevent overflow by strengthen input validation
- ALSA: pcm: Remove yet superfluous WARN_ON()
- ALSA: hda - Apply headphone noise quirk for another Dell XPS 13 variant
- ALSA: hda - Apply the existing quirk to iMac 14,1
- af_key: fix buffer overread in verify_address_len()
- af_key: fix buffer overread in parse_exthdrs()
- scsi: hpsa: fix volume offline state
- sched/deadline: Zero out positive runtime after throttling constrained tasks
- pipe: avoid round_pipe_size() nr_pages overflow on 32-bit
- x86/apic/vector: Fix off by one in error path
- Input: 88pm860x-ts - fix child-node lookup
- Input: twl6040-vibra - fix DT node memory management
- Input: twl6040-vibra - fix child-node lookup
- Input: twl4030-vibra - fix sibling-node lookup
- tracing: Fix converting enum's from the map in trace_event_eval_update()
- phy: work around 'phys' references to usb-nop-xceiv devices
- ARM: dts: kirkwood: fix pin-muxing of MPP7 on OpenBlocks A7
- can: peak: fix potential bug in packet fragmentation
- dm btree: fix serious bug in btree_split_beneath()
- dm thin metadata: THIN_MAX_CONCURRENT_LOCKS should be 6
- arm64: KVM: Fix SMCCC handling of unimplemented SMC/HVC calls
- kbuild: modversions for EXPORT_SYMBOL() for asm
- x86/pti: Document fix wrong index
- MIPS: AR7: ensure the port type's FCR value is used
- Linux 4.4.113
* Xenial update to 4.4.113 stable release (LP: #1754375) // CVE-2017-5753
(Spectre v1 Intel -> upstream)
- Revert "x86/cpu/AMD: Make the LFENCE instruction serialized"
- x86/cpu/AMD: Make LFENCE a serializing instruction
- x86/cpu/AMD: Use LFENCE_RDTSC in preference to MFENCE_RDTSC
* i2c-thunderx: erroneous error message "unhandled state: 0" (LP: #1754076)
- i2c: octeon: Prevent error message on bus error
* qeth: fix calculation of required buffer elements for skb (LP: #1750810)
- s390/qeth: fix underestimated count of buffer elements
* Support rfkill-any led trigger for Fujitsu u727 (LP: #1745130)
- rfkill: Add rfkill-any LED trigger
* Redpine: Sometimes Wi-Fi connection shows "unavailable" after resume from
WoWLAN S4. WLAN can be recover after reboot or reloading WIFI driver.
(LP: #1753438) // Redpine: BLE scanning for nearby beacons per second is too
low and result high loss rate. (LP: #1753439)
- SAUCE: Redpine: resolve race while resuming from S4
- SAUCE: Redpine: Fix card write failure issue at S4 restore
- SAUCE: Redpine: Add deep sleep enable before connection
- SAUCE: Redpine: resolve power save issue after S4 resume
* qeth: check not more than 16 SBALEs on the completion queue (LP: #1750568)
- qeth: check not more than 16 SBALEs on the completion queue
* qeth: fix L3 next-hop im xmit qeth hdr (LP: #1750813)
- s390/qeth: fix L3 next-hop in xmit qeth hdr
* qemu-efi-aarch64 in >= artful can't boot xenial cloud images (LP: #1744754)
- irqchip/gic-v3: Refactor gic_of_init() for GICv3 driver
- irqchip/gic-v3: Add ACPI support for GICv3/4 initialization
- irqchip/gic-v3: ACPI: Add redistributor support via GICC structures
- irqchip/gic-v3: Remove gic_root_node variable from the ITS code
- irqchip/gic-v3-its: Mark its_init() and its children as __init
- ACPICA: Headers: Add new constants for the DBG2 ACPI table
- of/serial: move earlycon early_param handling to serial
- ACPI: parse SPCR and enable matching console
- [Config] CONFIG_ACPI_SPCR_TABLE=y
- ARM64: ACPI: enable ACPI_SPCR_TABLE
- serial: pl011: add console matching function
* OOM and High CPU utilization in update_blocked_averages because of too many
cfs_rqs in rq->leaf_cfs_rq_list (LP: #1747896)
- sched/fair: Fix O(nr_cgroups) in load balance path
* linux-tools: perf incorrectly linking libbfd (LP: #1748922)
- SAUCE: tools -- add ability to disable libbfd
- [Packaging] correct disablement of libbfd
* retpoline abi files are empty on i386 (LP: #1751021)
- [Packaging] retpoline-extract -- instantiate retpoline files for i386
- [Packaging] final-checks -- sanity checking ABI contents
- [Packaging] final-checks -- check for empty retpoline files
* bnx2x_attn_int_deasserted3:4323 MC assert! (LP: #1715519) //
CVE-2018-1000026
- net: create skb_gso_validate_mac_len()
- bnx2x: disable GSO where gso_size is too big for hardware
* CVE-2017-17448
- netfilter: nfnetlink_cthelper: Add missing permission checks
* TB16 dock ethernet corrupts data with hw checksum silently failing
(LP: #1729674)
- r8152: disable RX aggregation on Dell TB16 dock
* linux < 4.8: x-netns vti is broken (LP: #1744078)
- net: l3mdev: Add master device lookup by index
- xfrm: Only add l3mdev oif to dst lookups
* Xenial update to 4.4.112 stable release (LP: #1745266)
- dm bufio: fix shrinker scans when (nr_to_scan < retain_target)
- can: gs_usb: fix return value of the "set_bittiming" callback
- IB/srpt: Disable RDMA access by the initiator
- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the ABI of the task
- MIPS: Factor out NT_PRFPREG regset access helpers
- MIPS: Guard against any partial write attempt with PTRACE_SETREGSET
- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET
- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA
- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET
- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset accesses
- net/mac80211/debugfs.c: prevent build failure with CONFIG_UBSAN=y
- x86/vsdo: Fix build on PARAVIRT_CLOCK=y, KVM_GUEST=n
- x86/acpi: Handle SCI interrupts above legacy space gracefully
- iommu/arm-smmu-v3: Don't free page table ops twice
- ALSA: pcm: Remove incorrect snd_BUG_ON() usages
- ALSA: pcm: Add missing error checks in OSS emulation plugin builder
- ALSA: pcm: Abort properly at pending signal in OSS read/write loops
- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops
- ALSA: aloop: Release cable upon open error path
- ALSA: aloop: Fix inconsistent format due to incomplete rule
- ALSA: aloop: Fix racy hw constraints adjustment
- x86/acpi: Reduce code duplication in mp_override_legacy_irq()
- mm/compaction: fix invalid free_pfn and compact_cached_free_pfn
- mm/compaction: pass only pageblock aligned range to pageblock_pfn_to_page
- mm/page-writeback: fix dirty_ratelimit calculation
- mm/zswap: use workqueue to destroy pool
- zswap: don't param_set_charp while holding spinlock
- locks: don't check for race with close when setting OFD lock
- futex: Replace barrier() in unqueue_me() with READ_ONCE()
- locking/mutex: Allow next waiter lockless wakeup
- usbvision fix overflow of interfaces array
- usb: musb: ux500: Fix NULL pointer dereference at system PM
- r8152: fix the wake event
- r8152: use test_and_clear_bit
- r8152: adjust ALDPS function
- lan78xx: use skb_cow_head() to deal with cloned skbs
- sr9700: use skb_cow_head() to deal with cloned skbs
- smsc75xx: use skb_cow_head() to deal with cloned skbs
- cx82310_eth: use skb_cow_head() to deal with cloned skbs
- x86/mm/pat, /dev/mem: Remove superfluous error message
- hwrng: core - sleep interruptible in read
- sysrq: Fix warning in sysrq generated crash.
- xhci: Fix ring leak in failure path of xhci_alloc_virt_device()
- Revert "userfaultfd: selftest: vm: allow to build in vm/ directory"
- x86/pti/efi: broken conversion from efi to kernel page table
- 8021q: fix a memory leak for VLAN 0 device
- ip6_tunnel: disable dst caching if tunnel is dual-stack
- net: core: fix module type in sock_diag_bind
- RDS: Heap OOB write in rds_message_alloc_sgs()
- sh_eth: fix TSU resource handling
- sh_eth: fix SH7757 GEther initialization
- net: stmmac: enable EEE in MII, GMII or RGMII only
- ipv6: fix possible mem leaks in ipv6_make_skb()
- crypto: algapi - fix NULL dereference in crypto_remove_spawns()
- rbd: set max_segments to USHRT_MAX
- x86/microcode/intel: Extend BDW late-loading with a revision check
- KVM: x86: Add memory barrier on vmcs field lookup
- drm/vmwgfx: Potential off by one in vmw_view_add()
- kaiser: Set _PAGE_NX only if supported
- bpf: don't (ab)use instructions to store state
- bpf: move fixup_bpf_calls() function
- bpf: refactor fixup_bpf_calls()
- bpf: adjust insn_aux_data when patching insns
- bpf: prevent out-of-bounds speculation
- bpf, array: fix overflow in max_entries and undefined behavior in index_mask
- iscsi-target: Make TASK_REASSIGN use proper se_cmd->cmd_kref
- target: Avoid early CMD_T_PRE_EXECUTE failures during ABORT_TASK
- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ
- USB: serial: cp210x: add new device ID ELV ALC 8xxx
- usb: misc: usb3503: make sure reset is low for at least 100us
- USB: fix usbmon BUG trigger
- usbip: remove kernel addresses from usb device and urb debug msgs
- staging: android: ashmem: fix a race condition in ASHMEM_SET_SIZE ioctl
- Bluetooth: Prevent stack info leak from the EFS element.
- uas: ignore UAS for Norelsys NS1068(X) chips
- e1000e: Fix e1000_check_for_copper_link_ich8lan return value.
- x86/Documentation: Add PTI description
- sysfs/cpu: Fix typos in vulnerability documentation
- x86/alternatives: Fix optimize_nops() checking
- selftests/x86: Add test_vsyscall
- Linux 4.4.112
* Xenial update to 4.4.111 stable release (LP: #1745263)
- x86/kasan: Write protect kasan zero shadow
- kernel/acct.c: fix the acct->needcheck check in check_free_space()
- crypto: n2 - cure use after free
- crypto: chacha20poly1305 - validate the digest size
- crypto: pcrypt - fix freeing pcrypt instances
- sunxi-rsb: Include OF based modalias in device uevent
- fscache: Fix the default for fscache_maybe_release_page()
- kernel: make groups_sort calling a responsibility group_info allocators
- kernel/signal.c: protect the traced SIGNAL_UNKILLABLE tasks from SIGKILL
- kernel/signal.c: protect the SIGNAL_UNKILLABLE tasks from !sig_kernel_only()
signals
- kernel/signal.c: remove the no longer needed SIGNAL_UNKILLABLE check in
complete_signal()
- ARC: uaccess: dont use "l" gcc inline asm constraint modifier
- parisc: Fix alignment of pa_tlb_lock in assembly on 32-bit SMP kernel
- genksyms: Handle string literals with spaces in reference files
- module: Issue warnings when tainting kernel
- proc: much faster /proc/vmstat
- Fix build error in vma.c
- Linux 4.4.111
* x86/net/bpf: return statement missing value (LP: #1745364)
- SAUCE: (no-up) arch/x86/bpf: Fix missed return statement
* Ubuntu 16.04 - s390/cpuinfo: show facilities as reported by stfle
(LP: #1744736)
- s390/bitops: add for_each_set_bit_inv helper
- s390/cpuinfo: show facilities as reported by stfle
* Xenial update to 4.4.110 stable release (LP: #1745071)
- KPTI: Rename to PAGE_TABLE_ISOLATION
- SAUCE: Replace CONFIG_KAISER with CONFIG_PAGE_TABLE_ISOLATION
- Linux 4.4.110
* Xenial update to 4.4.109 stable release (LP: #1745069)
- ACPI: APEI / ERST: Fix missing error handling in erst_reader()
- crypto: mcryptd - protect the per-CPU queue with a lock
- mfd: cros ec: spi: Don't send first message too soon
- mfd: twl4030-audio: Fix sibling-node lookup
- mfd: twl6040: Fix child-node lookup
- ALSA: rawmidi: Avoid racy info ioctl via ctl device
- ALSA: usb-audio: Fix the missing ctl name suffix at parsing SU
- PCI / PM: Force devices to D0 in pci_pm_thaw_noirq()
- parisc: Hide Diva-built-in serial aux and graphics card
- spi: xilinx: Detect stall with Unknown commands
- KVM: X86: Fix load RFLAGS w/o the fixed bit
- powerpc/perf: Dereference BHRB entries safely
- net: mvneta: clear interface link status on port disable
- tracing: Remove extra zeroing out of the ring buffer page
- tracing: Fix possible double free on failure of allocating trace buffer
- tracing: Fix crash when it fails to alloc ring buffer
- ring-buffer: Mask out the info bits when returning buffer page length
- iw_cxgb4: Only validate the MSN for successful completions
- ASoC: fsl_ssi: AC'97 ops need regmap, clock and cleaning up on failure
- ASoC: twl4030: fix child-node lookup
- ALSA: hda: Drop useless WARN_ON()
- ALSA: hda - fix headset mic detection issue on a Dell machine
- x86/vm86/32: Switch to flush_tlb_mm_range() in mark_screen_rdonly()
- x86/mm: Remove flush_tlb() and flush_tlb_current_task()
- x86/mm: Make flush_tlb_mm_range() more predictable
- x86/mm: Reimplement flush_tlb_page() using flush_tlb_mm_range()
- x86/mm: Remove the UP asm/tlbflush.h code, always use the (formerly) SMP
code
- x86/mm: Add the 'nopcid' boot option to turn off PCID
- x86/mm/64: Fix reboot interaction with CR4.PCIDE
- kbuild: add '-fno-stack-check' to kernel build options
- ipv4: igmp: guard against silly MTU values
- ipv6: mcast: better catch silly mtu values
- net: igmp: Use correct source address on IGMPv3 reports
- netlink: Add netns check on taps
- net: qmi_wwan: add Sierra EM7565 1199:9091
- net: reevalulate autoflowlabel setting after sysctl setting
- tcp md5sig: Use skb's saddr when replying to an incoming segment
- tg3: Fix rx hang on MTU change with 5717/5719
- net: mvmdio: disable/unprepare clocks in EPROBE_DEFER case
- sctp: Replace use of sockets_allocated with specified macro.
- ipv4: Fix use-after-free when flushing FIB tables
- net: bridge: fix early call to br_stp_change_bridge_id and plug newlink
leaks
- net: phy: micrel: ksz9031: reconfigure autoneg after phy autoneg workaround
- sock: free skb in skb_complete_tx_timestamp on error
- usbip: fix usbip bind writing random string after command in match_busid
- usbip: stub: stop printing kernel pointer addresses in messages
- usbip: vhci: stop printing kernel pointer addresses in messages
- USB: serial: ftdi_sio: add id for Airbus DS P8GR
- USB: serial: qcserial: add Sierra Wireless EM7565
- USB: serial: option: add support for Telit ME910 PID 0x1101
- USB: serial: option: adding support for YUGA CLM920-NC5
- usb: Add device quirk for Logitech HD Pro Webcam C925e
- usb: add RESET_RESUME for ELSA MicroLink 56K
- USB: Fix off by one in type-specific length check of BOS SSP capability
- usb: xhci: Add XHCI_TRUST_TX_LENGTH for Renesas uPD720201
- nohz: Prevent a timer interrupt storm in tick_nohz_stop_sched_tick()
- x86/smpboot: Remove stale TLB flush invocations
- n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD)
- mm/vmstat: Make NR_TLB_REMOTE_FLUSH_RECEIVED available even on UP
- Linux 4.4.109
* Xenial update to 4.4.108 stable release (LP: #1745054)
- arm64: Initialise high_memory global variable earlier
- cxl: Check if vphb exists before iterating over AFU devices
- x86/mm: Fix INVPCID asm constraint
- x86/mm: Add a 'noinvpcid' boot option to turn off INVPCID
- mm/rmap: batched invalidations should use existing api
- mm/mmu_context, sched/core: Fix mmu_context.h assumption
- sched/core: Add switch_mm_irqs_off() and use it in the scheduler
- x86/mm, sched/core: Turn off IRQs in switch_mm()
- ARM: Hide finish_arch_post_lock_switch() from modules
- sched/core: Idle_task_exit() shouldn't use switch_mm_irqs_off()
- x86/irq: Do not substract irq_tlb_count from irq_call_count
- ALSA: hda - add support for docking station for HP 820 G2
- ALSA: hda - add support for docking station for HP 840 G3
- arm: kprobes: Fix the return address of multiple kretprobes
- arm: kprobes: Align stack to 8-bytes in test code
- cpuidle: Validate cpu_dev in cpuidle_add_sysfs()
- crypto: deadlock between crypto_alg_sem/rtnl_mutex/genl_mutex
- sch_dsmark: fix invalid skb_cow() usage
- bna: integer overflow bug in debugfs
- net: qmi_wwan: Add USB IDs for MDM6600 modem on Motorola Droid 4
- usb: gadget: f_uvc: Sanity check wMaxPacketSize for SuperSpeed
- usb: gadget: udc: remove pointer dereference after free
- netfilter: nfnl_cthelper: fix runtime expectation policy updates
- netfilter: nfnl_cthelper: Fix memory leak
- inet: frag: release spinlock before calling icmp_send()
- pinctrl: st: add irq_request/release_resources callbacks
- scsi: lpfc: Fix PT2PT PRLI reject
- KVM: x86: correct async page present tracepoint
- KVM: VMX: Fix enable VPID conditions
- ARM: dts: ti: fix PCI bus dtc warnings
- hwmon: (asus_atk0110) fix uninitialized data access
- HID: xinmo: fix for out of range for THT 2P arcade controller.
- r8152: prevent the driver from transmitting packets with carrier off
- s390/qeth: no ETH header for outbound AF_IUCV
- bna: avoid writing uninitialized data into hw registers
- net: Do not allow negative values for busy_read and busy_poll sysctl
interfaces
- i40e: Do not enable NAPI on q_vectors that have no rings
- RDMA/iser: Fix possible mr leak on device removal event
- irda: vlsi_ir: fix check for DMA mapping errors
- netfilter: nfnl_cthelper: fix a race when walk the nf_ct_helper_hash table
- netfilter: nf_nat_snmp: Fix panic when snmp_trap_helper fails to register
- ARM: dts: am335x-evmsk: adjust mmc2 param to allow suspend
- KVM: pci-assign: do not map smm memory slot pages in vt-d page tables
- isdn: kcapi: avoid uninitialized data
- xhci: plat: Register shutdown for xhci_plat
- netfilter: nfnetlink_queue: fix secctx memory leak
- ARM: dma-mapping: disallow dma_get_sgtable() for non-kernel managed memory
- cpuidle: powernv: Pass correct drv->cpumask for registration
- bnxt_en: Fix NULL pointer dereference in reopen failure path
- backlight: pwm_bl: Fix overflow condition
- crypto: crypto4xx - increase context and scatter ring buffer elements
- rtc: pl031: make interrupt optional
- net: phy: at803x: Change error to EINVAL for invalid MAC
- PCI: Avoid bus reset if bridge itself is broken
- scsi: cxgb4i: fix Tx skb leak
- scsi: mpt3sas: Fix IO error occurs on pulling out a drive from RAID1 volume
created on two SATA drive
- PCI: Create SR-IOV virtfn/physfn links before attaching driver
- igb: check memory allocation failure
- ixgbe: fix use of uninitialized padding
- PCI/AER: Report non-fatal errors only to the affected endpoint
- scsi: lpfc: Fix secure firmware updates
- scsi: lpfc: PLOGI failures during NPIV testing
- fm10k: ensure we process SM mbx when processing VF mbx
- tcp: fix under-evaluated ssthresh in TCP Vegas
- rtc: set the alarm to the next expiring timer
- cpuidle: fix broadcast control when broadcast can not be entered
- thermal: hisilicon: Handle return value of clk_prepare_enable
- MIPS: math-emu: Fix final emulation phase for certain instructions
- Revert "Bluetooth: btusb: driver to enable the usb-wakeup feature"
- ALSA: hda - Clear the leftover component assignment at snd_hdac_i915_exit()
- ALSA: hda - Degrade i915 binding failure message
- ALSA: hda - Fix yet another i915 pointer leftover in error path
- alpha: fix build failures
- Linux 4.4.108
* Xenial update to 4.4.107 stable release (LP: #1745052)
- crypto: hmac - require that the underlying hash algorithm is unkeyed
- crypto: salsa20 - fix blkcipher_walk API usage
- autofs: fix careless error in recent commit
- tracing: Allocate mask_str buffer dynamically
- USB: uas and storage: Add US_FL_BROKEN_FUA for another JMicron JMS567 ID
- USB: core: prevent malicious bNumInterfaces overflow
- usbip: fix stub_send_ret_submit() vulnerability to null transfer_buffer
- ceph: drop negative child dentries before try pruning inode's alias
- Bluetooth: btusb: driver to enable the usb-wakeup feature
- xhci: Don't add a virt_dev to the devs array before it's fully allocated
- sched/rt: Do not pull from current CPU if only one CPU to pull
- dmaengine: dmatest: move callback wait queue to thread context
- ext4: fix fdatasync(2) after fallocate(2) operation
- ext4: fix crash when a directory's i_size is too small
- KEYS: add missing permission check for request_key() destination
- mac80211: Fix addition of mesh configuration element
- usb: phy: isp1301: Add OF device ID table
- md-cluster: free md_cluster_info if node leave cluster
- userfaultfd: shmem: __do_fault requires VM_FAULT_NOPAGE
- userfaultfd: selftest: vm: allow to build in vm/ directory
- net: initialize msg.msg_flags in recvfrom
- net: bcmgenet: correct the RBUF_OVFL_CNT and RBUF_ERR_CNT MIB values
- net: bcmgenet: correct MIB access of UniMAC RUNT counters
- net: bcmgenet: reserved phy revisions must be checked first
- net: bcmgenet: power down internal phy if open or resume fails
- net: bcmgenet: Power up the internal PHY before probing the MII
- NFSD: fix nfsd_minorversion(.., NFSD_AVAIL)
- NFSD: fix nfsd_reset_versions for NFSv4.
- Input: i8042 - add TUXEDO BU1406 (N24_25BU) to the nomux list
- drm/omap: fix dmabuf mmap for dma_alloc'ed buffers
- netfilter: bridge: honor frag_max_size when refragmenting
- writeback: fix memory leak in wb_queue_work()
- net: wimax/i2400m: fix NULL-deref at probe
- dmaengine: Fix array index out of bounds warning in __get_unmap_pool()
- net: Resend IGMP memberships upon peer notification.
- mlxsw: reg: Fix SPVM max record count
- mlxsw: reg: Fix SPVMLR max record count
- intel_th: pci: Add Gemini Lake support
- openrisc: fix issue handling 8 byte get_user calls
- scsi: hpsa: update check for logical volume status
- scsi: hpsa: limit outstanding rescans
- fjes: Fix wrong netdevice feature flags
- drm/radeon/si: add dpm quirk for Oland
- sched/deadline: Make sure the replenishment timer fires in the next period
- sched/deadline: Throttle a constrained deadline task activated after the
deadline
- sched/deadline: Use deadline instead of period when calculating overflow
- mmc: mediatek: Fixed bug where clock frequency could be set wrong
- drm/radeon: reinstate oland workaround for sclk
- afs: Fix missing put_page()
- afs: Populate group ID from vnode status
- afs: Adjust mode bits processing
- afs: Flush outstanding writes when an fd is closed
- afs: Migrate vlocation fields to 64-bit
- afs: Prevent callback expiry timer overflow
- afs: Fix the maths in afs_fs_store_data()
- afs: Populate and use client modification time
- afs: Fix page leak in afs_write_begin()
- afs: Fix afs_kill_pages()
- perf symbols: Fix symbols__fixup_end heuristic for corner cases
- efi/esrt: Cleanup bad memory map log messages
- NFSv4.1 respect server's max size in CREATE_SESSION
- btrfs: add missing memset while reading compressed inline extents
- target: Use system workqueue for ALUA transitions
- target: fix ALUA transition timeout handling
- target: fix race during implicit transition work flushes
- sfc: don't warn on successful change of MAC
- fbdev: controlfb: Add missing modes to fix out of bounds access
- video: udlfb: Fix read EDID timeout
- video: fbdev: au1200fb: Release some resources if a memory allocation fails
- video: fbdev: au1200fb: Return an error code if a memory allocation fails
- rtc: pcf8563: fix output clock rate
- dmaengine: ti-dma-crossbar: Correct am335x/am43xx mux value type
- PCI/PME: Handle invalid data when reading Root Status
- powerpc/powernv/cpufreq: Fix the frequency read by /proc/cpuinfo
- netfilter: ipvs: Fix inappropriate output of procfs
- powerpc/opal: Fix EBUSY bug in acquiring tokens
- powerpc/ipic: Fix status get and status clear
- target/iscsi: Fix a race condition in iscsit_add_reject_from_cmd()
- iscsi-target: fix memory leak in lio_target_tiqn_addtpg()
- target:fix condition return in core_pr_dump_initiator_port()
- target/file: Do not return error for UNMAP if length is zero
- arm-ccn: perf: Prevent module unload while PMU is in use
- crypto: tcrypt - fix buffer lengths in test_aead_speed()
- mm: Handle 0 flags in _calc_vm_trans() macro
- clk: mediatek: add the option for determining PLL source clock
- clk: imx6: refine hdmi_isfr's parent to make HDMI work on i.MX6 SoCs w/o VPU
- clk: tegra: Fix cclk_lp divisor register
- ppp: Destroy the mutex when cleanup
- thermal/drivers/step_wise: Fix temperature regulation misbehavior
- GFS2: Take inode off order_write list when setting jdata flag
- bcache: explicitly destroy mutex while exiting
- bcache: fix wrong cache_misses statistics
- l2tp: cleanup l2tp_tunnel_delete calls
- xfs: fix log block underflow during recovery cycle verification
- xfs: fix incorrect extent state in xfs_bmap_add_extent_unwritten_real
- PCI: Detach driver before procfs & sysfs teardown on device remove
- scsi: hpsa: cleanup sas_phy structures in sysfs when unloading
- scsi: hpsa: destroy sas transport properties before scsi_host
- powerpc/perf/hv-24x7: Fix incorrect comparison in memord
- tty fix oops when rmmod 8250
- usb: musb: da8xx: fix babble condition handling
- pinctrl: adi2: Fix Kconfig build problem
- raid5: Set R5_Expanded on parity devices as well as data.
- scsi: scsi_devinfo: Add REPORTLUN2 to EMC SYMMETRIX blacklist entry
- vt6655: Fix a possible sleep-in-atomic bug in vt6655_suspend
- scsi: sd: change manage_start_stop to bool in sysfs interface
- scsi: sd: change allow_restart to bool in sysfs interface
- scsi: bfa: integer overflow in debugfs
- udf: Avoid overflow when session starts at large offset
- macvlan: Only deliver one copy of the frame to the macvlan interface
- RDMA/cma: Avoid triggering undefined behavior
- IB/ipoib: Grab rtnl lock on heavy flush when calling ndo_open/stop
- ath9k: fix tx99 potential info leak
- Linux 4.4.107
* Xenial update to 4.4.106 stable release (LP: #1745047)
- can: ti_hecc: Fix napi poll return value for repoll
- can: kvaser_usb: free buf in error paths
- can: kvaser_usb: Fix comparison bug in kvaser_usb_read_bulk_callback()
- can: kvaser_usb: ratelimit errors if incomplete messages are received
- can: kvaser_usb: cancel urb on -EPIPE and -EPROTO
- can: ems_usb: cancel urb on -EPIPE and -EPROTO
- can: esd_usb2: cancel urb on -EPIPE and -EPROTO
- can: usb_8dev: cancel urb on -EPIPE and -EPROTO
- virtio: release virtio index when fail to device_register
- hv: kvp: Avoid reading past allocated blocks from KVP file
- isa: Prevent NULL dereference in isa_bus driver callbacks
- scsi: libsas: align sata_device's rps_resp on a cacheline
- efi: Move some sysfs files to be read-only by root
- ASN.1: fix out-of-bounds read when parsing indefinite length item
- ASN.1: check for error from ASN1_OP_END__ACT actions
- X.509: reject invalid BIT STRING for subjectPublicKey
- x86/PCI: Make broadcom_postcore_init() check acpi_disabled
- ALSA: pcm: prevent UAF in snd_pcm_info
- ALSA: seq: Remove spurious WARN_ON() at timer check
- ALSA: usb-audio: Fix out-of-bound error
- ALSA: usb-audio: Add check return value for usb_string()
- iommu/vt-d: Fix scatterlist offset handling
- s390: fix compat system call table
- kdb: Fix handling of kallsyms_symbol_next() return value
- drm: extra printk() wrapper macros
- drm/exynos: gem: Drop NONCONTIG flag for buffers allocated without IOMMU
- media: dvb: i2c transfers over usb cannot be done from stack
- arm64: KVM: fix VTTBR_BADDR_MASK BUG_ON off-by-one
- KVM: VMX: remove I/O port 0x80 bypass on Intel hosts
- arm64: fpsimd: Prevent registers leaking from dead tasks
- ARM: BUG if jumping to usermode address in kernel mode
- ARM: avoid faulting on qemu
- thp: reduce indentation level in change_huge_pmd()
- thp: fix MADV_DONTNEED vs. numa balancing race
- mm: drop unused pmdp_huge_get_and_clear_notify()
- Revert "drm/armada: Fix compile fail"
- Revert "spi: SPI_FSL_DSPI should depend on HAS_DMA"
- Revert "s390/kbuild: enable modversions for symbols exported from asm"
- vti6: Don't report path MTU below IPV6_MIN_MTU.
- ARM: OMAP2+: gpmc-onenand: propagate error on initialization failure
- x86/hpet: Prevent might sleep splat on resume
- selftest/powerpc: Fix false failures for skipped tests
- module: set __jump_table alignment to 8
- ARM: OMAP2+: Fix device node reference counts
- ARM: OMAP2+: Release device node after it is no longer needed.
- gpio: altera: Use handle_level_irq when configured as a level_high
- HID: chicony: Add support for another ASUS Zen AiO keyboard
- usb: gadget: configs: plug memory leak
- USB: gadgetfs: Fix a potential memory leak in 'dev_config()'
- kvm: nVMX: VMCLEAR should not cause the vCPU to shut down
- libata: drop WARN from protocol error in ata_sff_qc_issue()
- workqueue: trigger WARN if queue_delayed_work() is called with NULL @wq
- scsi: lpfc: Fix crash during Hardware error recovery on SLI3 adapters
- irqchip/crossbar: Fix incorrect type of register size
- KVM: nVMX: reset nested_run_pending if the vCPU is going to be reset
- arm: KVM: Survive unknown traps from guests
- arm64: KVM: Survive unknown traps from guests
- spi_ks8995: fix "BUG: key accdaa28 not in .data!"
- bnx2x: prevent crash when accessing PTP with interface down
- bnx2x: fix possible overrun of VFPF multicast addresses array
- bnx2x: do not rollback VF MAC/VLAN filters we did not configure
- ipv6: reorder icmpv6_init() and ip6_mr_init()
- crypto: s5p-sss - Fix completing crypto request in IRQ handler
- i2c: riic: fix restart condition
- zram: set physical queue limits to avoid array out of bounds accesses
- netfilter: don't track fragmented packets
- axonram: Fix gendisk handling
- drm/amd/amdgpu: fix console deadlock if late init failed
- powerpc/powernv/ioda2: Gracefully fail if too many TCE levels requested
- EDAC, i5000, i5400: Fix use of MTR_DRAM_WIDTH macro
- EDAC, i5000, i5400: Fix definition of NRECMEMB register
- kbuild: pkg: use --transform option to prefix paths in tar
- mac80211_hwsim: Fix memory leak in hwsim_new_radio_nl()
- route: also update fnhe_genid when updating a route cache
- route: update fnhe_expires for redirect when the fnhe exists
- lib/genalloc.c: make the avail variable an atomic_long_t
- dynamic-debug-howto: fix optional/omitted ending line number to be LARGE
instead of 0
- NFS: Fix a typo in nfs_rename()
- sunrpc: Fix rpc_task_begin trace point
- block: wake up all tasks blocked in get_request()
- sparc64/mm: set fields in deferred pages
- sctp: do not free asoc when it is already dead in sctp_sendmsg
- sctp: use the right sk after waking up from wait_buf sleep
- atm: horizon: Fix irq release error
- jump_label: Invoke jump_label_test() via early_initcall()
- xfrm: Copy policy family in clone_policy
- IB/mlx4: Increase maximal message size under UD QP
- IB/mlx5: Assign send CQ and recv CQ of UMR QP
- afs: Connect up the CB.ProbeUuid
- ipvlan: fix ipv6 outbound device
- audit: ensure that 'audit=1' actually enables audit for PID 1
- ipmi: Stop timers before cleaning up the module
- s390: always save and restore all registers on context switch
- tipc: fix memory leak in tipc_accept_from_sock()
- rds: Fix NULL pointer dereference in __rds_rdma_map
- sit: update frag_off info
- packet: fix crash in fanout_demux_rollover()
- net/packet: fix a race in packet_bind() and packet_notifier()
- Revert "x86/efi: Build our own page table structures"
- Revert "x86/efi: Hoist page table switching code into efi_call_virt()"
- Revert "x86/mm/pat: Ensure cpa->pfn only contains page frame numbers"
- arm: KVM: Fix VTTBR_BADDR_MASK BUG_ON off-by-one
- usb: gadget: ffs: Forbid usb_ep_alloc_request from sleeping
- Linux 4.4.106
* Xenial update to 4.4.105 stable release (LP: #1745046)
- bcache: only permit to recovery read error when cache device is clean
- bcache: recover data from backing when data is clean
- uas: Always apply US_FL_NO_ATA_1X quirk to Seagate devices
- usb: quirks: Add no-lpm quirk for KY-688 USB 3.1 Type-C Hub
- serial: 8250_pci: Add Amazon PCI serial device ID
- s390/runtime instrumentation: simplify task exit handling
- USB: serial: option: add Quectel BG96 id
- ima: fix hash algorithm initialization
- s390/pci: do not require AIS facility
- selftests/x86/ldt_get: Add a few additional tests for limits
- serial: 8250_fintek: Fix rs485 disablement on invalid ioctl()
- spi: sh-msiof: Fix DMA transfer size check
- usb: phy: tahvo: fix error handling in tahvo_usb_probe()
- serial: 8250: Preserve DLD[7:4] for PORT_XR17V35X
- x86/entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt()
- EDAC, sb_edac: Fix missing break in switch
- sysrq : fix Show Regs call trace on ARM
- perf test attr: Fix ignored test case result
- kprobes/x86: Disable preemption in ftrace-based jprobes
- net: systemport: Utilize skb_put_padto()
- net: systemport: Pad packet before inserting TSB
- ARM: OMAP1: DMA: Correct the number of logical channels
- vti6: fix device register to report IFLA_INFO_KIND
- net/appletalk: Fix kernel memory disclosure
- ravb: Remove Rx overflow log messages
- nfs: Don't take a reference on fl->fl_file for LOCK operation
- KVM: arm/arm64: Fix occasional warning from the timer work function
- NFSv4: Fix client recovery when server reboots multiple times
- drm/exynos/decon5433: set STANDALONE_UPDATE_F on output enablement
- net: sctp: fix array overrun read on sctp_timer_tbl
- tipc: fix cleanup at module unload
- dmaengine: pl330: fix double lock
- tcp: correct memory barrier usage in tcp_check_space()
- mm: avoid returning VM_FAULT_RETRY from ->page_mkwrite handlers
- xen-netfront: Improve error handling during initialization
- net: fec: fix multicast filtering hardware setup
- Revert "ocfs2: should wait dio before inode lock in ocfs2_setattr()"
- usb: hub: Cycle HUB power when initialization fails
- usb: xhci: fix panic in xhci_free_virt_devices_depth_first
- usb: ch9: Add size macro for SSP dev cap descriptor
- USB: core: Add type-specific length check of BOS descriptors
- USB: Increase usbfs transfer limit
- USB: devio: Prevent integer overflow in proc_do_submiturb()
- USB: usbfs: Filter flags passed in from user space
- usb: host: fix incorrect updating of offset
- xen-netfront: avoid crashing on resume after a failure in talk_to_netback()
- Linux 4.4.105
* Xenial update to 4.4.104 stable release (LP: #1745043)
- x86/mm/pat: Ensure cpa->pfn only contains page frame numbers
- x86/efi: Hoist page table switching code into efi_call_virt()
- x86/efi: Build our own page table structures
- ARM: dts: omap3: logicpd-torpedo-37xx-devkit: Fix MMC1 cd-gpio
- x86/efi-bgrt: Fix kernel panic when mapping BGRT data
- x86/efi-bgrt: Replace early_memremap() with memremap()
- mm/madvise.c: fix madvise() infinite loop under special circumstances
- btrfs: clear space cache inode generation always
- KVM: x86: pvclock: Handle first-time write to pvclock-page contains random
junk
- KVM: x86: Exit to user-mode on #UD intercept when emulator requires
- KVM: x86: inject exceptions produced by x86_decode_insn
- mmc: core: Do not leave the block driver in a suspended state
- eeprom: at24: check at24_read/write arguments
- bcache: Fix building error on MIPS
- Revert "drm/radeon: dont switch vt on suspend"
- drm/radeon: fix atombios on big endian
- drm/panel: simple: Add missing panel_simple_unprepare() calls
- mtd: nand: Fix writing mtdoops to nand flash.
- NFS: revalidate "." etc correctly on "open".
- drm/i915: Don't try indexed reads to alternate slave addresses
- drm/i915: Prevent zero length "index" write
- nfsd: Make init_open_stateid() a bit more whole
- nfsd: Fix stateid races between OPEN and CLOSE
- nfsd: Fix another OPEN stateid race
- Linux 4.4.104
* Xenial update to 4.4.103 stable release (LP: #1744873)
- s390: fix transactional execution control register handling
- s390/runtime instrumention: fix possible memory corruption
- s390/disassembler: add missing end marker for e7 table
- s390/disassembler: increase show_code buffer size
- AF_VSOCK: Shrink the area influenced by prepare_to_wait
- vsock: use new wait API for vsock_stream_sendmsg()
- sched: Make resched_cpu() unconditional
- lib/mpi: call cond_resched() from mpi_powm() loop
- x86/decoder: Add new TEST instruction pattern
- ARM: 8722/1: mm: make STRICT_KERNEL_RWX effective for LPAE
- ARM: 8721/1: mm: dump: check hardware RO bit for LPAE
- MIPS: ralink: Fix MT7628 pinmux
- MIPS: ralink: Fix typo in mt7628 pinmux function
- ALSA: hda: Add Raven PCI ID
- dm bufio: fix integer overflow when limiting maximum cache size
- dm: fix race between dm_get_from_kobject() and __dm_destroy()
- MIPS: Fix an n32 core file generation regset support regression
- MIPS: BCM47XX: Fix LED inversion for WRT54GSv1
- autofs: don't fail mount for transient error
- nilfs2: fix race condition that causes file system corruption
- eCryptfs: use after free in ecryptfs_release_messaging()
- bcache: check ca->alloc_thread initialized before wake up it
- isofs: fix timestamps beyond 2027
- NFS: Fix typo in nomigration mount option
- nfs: Fix ugly referral attributes
- nfsd: deal with revoked delegations appropriately
- rtlwifi: rtl8192ee: Fix memory leak when loading firmware
- rtlwifi: fix uninitialized rtlhal->last_suspend_sec time
- ata: fixes kernel crash while tracing ata_eh_link_autopsy event
- ext4: fix interaction between i_size, fallocate, and delalloc after a crash
- ALSA: pcm: update tstamp only if audio_tstamp changed
- ALSA: usb-audio: Add sanity checks to FE parser
- ALSA: usb-audio: Fix potential out-of-bound access at parsing SU
- ALSA: usb-audio: Add sanity checks in v2 clock parsers
- ALSA: timer: Remove kernel warning at compat ioctl error paths
- ALSA: hda/realtek - Fix ALC700 family no sound issue
- fix a page leak in vhost_scsi_iov_to_sgl() error recovery
- fs/9p: Compare qid.path in v9fs_test_inode
- iscsi-target: Fix non-immediate TMR reference leak
- target: Fix QUEUE_FULL + SCSI task attribute handling
- KVM: nVMX: set IDTR and GDTR limits when loading L1 host state
- KVM: SVM: obey guest PAT
- SUNRPC: Fix tracepoint storage issues with svc_recv and svc_rqst_status
- clk: ti: dra7-atl-clock: Fix of_node reference counting
- clk: ti: dra7-atl-clock: fix child-node lookups
- libnvdimm, namespace: fix label initialization to use valid seq numbers
- libnvdimm, namespace: make 'resource' attribute only readable by root
- IB/srpt: Do not accept invalid initiator port names
- IB/srp: Avoid that a cable pull can trigger a kernel crash
- NFC: fix device-allocation error return
- i40e: Use smp_rmb rather than read_barrier_depends
- igb: Use smp_rmb rather than read_barrier_depends
- igbvf: Use smp_rmb rather than read_barrier_depends
- ixgbevf: Use smp_rmb rather than read_barrier_depends
- i40evf: Use smp_rmb rather than read_barrier_depends
- fm10k: Use smp_rmb rather than read_barrier_depends
- ixgbe: Fix skb list corruption on Power systems
- parisc: Fix validity check of pointer size argument in new CAS
implementation
- powerpc/signal: Properly handle return value from uprobe_deny_signal()
- media: Don't do DMA on stack for firmware upload in the AS102 driver
- media: rc: check for integer overflow
- cx231xx-cards: fix NULL-deref on missing association descriptor
- media: v4l2-ctrl: Fix flags field on Control events
- sched/rt: Simplify the IPI based RT balancing logic
- fscrypt: lock mutex before checking for bounce page pool
- net/9p: Switch to wait_event_killable()
- PM / OPP: Add missing of_node_put(np)
- e1000e: Fix error path in link detection
- e1000e: Fix return value test
- RDS: RDMA: return appropriate error on rdma map failures
- PCI: Apply _HPX settings only to relevant devices
- dmaengine: zx: set DMA_CYCLIC cap_mask bit
- net: Allow IP_MULTICAST_IF to set index to L3 slave
- net: 3com: typhoon: typhoon_init_one: make return values more specific
- net: 3com: typhoon: typhoon_init_one: fix incorrect return values
- drm/armada: Fix compile fail
- ath10k: fix incorrect txpower set by P2P_DEVICE interface
- ath10k: ignore configuring the incorrect board_id
- ath10k: fix potential memory leak in ath10k_wmi_tlv_op_pull_fw_stats()
- ath10k: set CTS protection VDEV param only if VDEV is up
- ALSA: hda - Apply ALC269_FIXUP_NO_SHUTUP on HDA_FIXUP_ACT_PROBE
- drm: Apply range restriction after color adjustment when allocation
- mac80211: Remove invalid flag operations in mesh TSF synchronization
- mac80211: Suppress NEW_PEER_CANDIDATE event if no room
- iio: light: fix improper return value
- staging: iio: cdc: fix improper return value
- spi: SPI_FSL_DSPI should depend on HAS_DMA
- netfilter: nft_queue: use raw_smp_processor_id()
- netfilter: nf_tables: fix oob access
- ASoC: rsnd: don't double free kctrl
- btrfs: return the actual error value from from btrfs_uuid_tree_iterate
- ASoC: wm_adsp: Don't overrun firmware file buffer when reading region data
- s390/kbuild: enable modversions for symbols exported from asm
- xen: xenbus driver must not accept invalid transaction ids
- Revert "sctp: do not peel off an assoc from one netns to another one"
- Linux 4.4.103
* ppc64el: Do not call ibm,os-term on panic (LP: #1736954)
- powerpc: Do not call ppc_md.panic in fadump panic notifier
* Xenial update to 4.4.102 stable release (LP: #1744870)
- mm, hwpoison: fixup "mm: check the return value of lookup_page_ext for all
call sites"
- Linux 4.4.102
* Xenial update to 4.4.101 stable release (LP: #1744794)
- tcp: do not mangle skb->cb[] in tcp_make_synack()
- netfilter/ipvs: clear ipvs_property flag when SKB net namespace changed
- bonding: discard lowest hash bit for 802.3ad layer3+4
- vlan: fix a use-after-free in vlan_device_event()
- af_netlink: ensure that NLMSG_DONE never fails in dumps
- sctp: do not peel off an assoc from one netns to another one
- fealnx: Fix building error on MIPS
- net/sctp: Always set scope_id in sctp_inet6_skb_msgname
- ima: do not update security.ima if appraisal status is not INTEGRITY_PASS
- serial: omap: Fix EFR write on RTS deassertion
- arm64: fix dump_instr when PAN and UAO are in use
- ocfs2: should wait dio before inode lock in ocfs2_setattr()
- ipmi: fix unsigned long underflow
- mm/page_alloc.c: broken deferred calculation
- coda: fix 'kernel memory exposure attempt' in fsync
- mm: check the return value of lookup_page_ext for all call sites
- mm/page_ext.c: check if page_ext is not prepared
- mm/pagewalk.c: report holes in hugetlb ranges
- Linux 4.4.101
* Xenial update to 4.4.100 stable release (LP: #1744639)
- media: imon: Fix null-ptr-deref in imon_probe
- media: dib0700: fix invalid dvb_detach argument
- KVM: x86: fix singlestepping over syscall
- net: cdc_ether: fix divide by 0 on bad descriptors
- net: qmi_wwan: fix divide by 0 on bad descriptors
- arm: crypto: reduce priority of bit-sliced AES cipher
- Bluetooth: btusb: fix QCA Rome suspend/resume
- dmaengine: dmatest: warn user when dma test times out
- extcon: palmas: Check the parent instance to prevent the NULL
- fm10k: request reset when mbx->state changes
- ARM: dts: Fix compatible for ti81xx uarts for 8250
- ARM: dts: Fix am335x and dm814x scm syscon to probe children
- ARM: OMAP2+: Fix init for multiple quirks for the same SoC
- ARM: dts: Fix omap3 off mode pull defines
- ata: ATA_BMDMA should depend on HAS_DMA
- ata: SATA_HIGHBANK should depend on HAS_DMA
- ata: SATA_MV should depend on HAS_DMA
- drm/sti: sti_vtg: Handle return NULL error from devm_ioremap_nocache
- igb: reset the PHY before reading the PHY ID
- igb: close/suspend race in netif_device_detach
- igb: Fix hw_dbg logging in igb_update_flash_i210
- scsi: ufs-qcom: Fix module autoload
- scsi: ufs: add capability to keep auto bkops always enabled
- staging: rtl8188eu: fix incorrect ERROR tags from logs
- scsi: lpfc: FCoE VPort enable-disable does not bring up the VPort
- scsi: lpfc: Correct host name in symbolic_name field
- scsi: lpfc: Correct issue leading to oops during link reset
- scsi: lpfc: Clear the VendorVersion in the PLOGI/PLOGI ACC payload
- ALSA: vx: Don't try to update capture stream before running
- ALSA: vx: Fix possible transfer overflow
- backlight: lcd: Fix race condition during register
- backlight: adp5520: Fix error handling in adp5520_bl_probe()
- gpu: drm: mgag200: mgag200_main:- Handle error from pci_iomap
- ALSA: hda/realtek - Add new codec ID ALC299
- arm64: dts: NS2: reserve memory for Nitro firmware
- ixgbe: fix AER error handling
- ixgbe: handle close/suspend race with netif_device_detach/present
- ixgbe: Reduce I2C retry count on X550 devices
- ixgbe: add mask for 64 RSS queues
- ixgbe: do not disable FEC from the driver
- staging: rtl8712: fixed little endian problem
- MIPS: End asm function prologue macros with .insn
- mm: add PHYS_PFN, use it in __phys_to_pfn()
- MIPS: init: Ensure bootmem does not corrupt reserved memory
- MIPS: init: Ensure reserved memory regions are not added to bootmem
- MIPS: Netlogic: Exclude netlogic,xlp-pic code from XLR builds
- Revert "crypto: xts - Add ECB dependency"
- Revert "uapi: fix linux/rds.h userspace compilation errors"
- uapi: fix linux/rds.h userspace compilation error
- uapi: fix linux/rds.h userspace compilation errors
- USB: usbfs: compute urb->actual_length for isochronous
- USB: Add delay-init quirk for Corsair K70 LUX keyboards
- USB: serial: qcserial: add pid/vid for Sierra Wireless EM7355 fw update
- USB: serial: garmin_gps: fix I/O after failed probe and remove
- USB: serial: garmin_gps: fix memory leak on probe errors
- Linux 4.4.100
* Xenial update to 4.4.99 stable release (LP: #1744636)
- mac80211: accept key reinstall without changing anything
- mac80211: use constant time comparison with keys
- mac80211: don't compare TKIP TX MIC key in reinstall prevention
- usb: usbtest: fix NULL pointer dereference
- Input: ims-psu - check if CDC union descriptor is sane
- ALSA: seq: Cancel pending autoload work at unbinding device
- tun/tap: sanitize TUNSETSNDBUF input
- tcp: fix tcp_mtu_probe() vs highest_sack
- l2tp: check ps->sock before running pppol2tp_session_ioctl()
- tun: call dev_get_valid_name() before register_netdevice()
- sctp: add the missing sock_owned_by_user check in sctp_icmp_redirect
- packet: avoid panic in packet_getsockopt()
- ipv6: flowlabel: do not leave opt->tot_len with garbage
- net/unix: don't show information about sockets from other namespaces
- ip6_gre: only increase err_count for some certain type icmpv6 in ip6gre_err
- tun: allow positive return values on dev_get_valid_name() call
- sctp: reset owner sk for data chunks on out queues when migrating a sock
- ppp: fix race in ppp device destruction
- ipip: only increase err_count for some certain type icmp in ipip_err
- tcp/dccp: fix ireq->opt races
- tcp/dccp: fix lockdep splat in inet_csk_route_req()
- tcp/dccp: fix other lockdep splats accessing ireq_opt
- security/keys: add CONFIG_KEYS_COMPAT to Kconfig
- tipc: fix link attribute propagation bug
- brcmfmac: remove setting IBSS mode when stopping AP
- target/iscsi: Fix iSCSI task reassignment handling
- target: Fix node_acl demo-mode + uncached dynamic shutdown regression
- misc: panel: properly restore atomic counter on error path
- Linux 4.4.99
* elantech touchpad of Lenovo L480/580 failed to detect hw_version
(LP: #1733605)
- Input: elantech - add new icbody type 15
* Disabling zfs does not always disable module checks for the zfs modules
(LP: #1737176)
- [Packaging] disable zfs module checks when zfs is disabled
* Using asymmetric key for IMA appraisal crashes the system in Ubuntu 16.04
(LP: #1735977)
- integrity: convert digsig to akcipher api
* CVE-2017-17450
- netfilter: xt_osf: Add missing permission checks
* CVE-2017-15129
- net: Fix double free and memory corruption in get_net_ns_by_id()
* CVE-2018-5344
- loop: fix concurrent lo_open/lo_release
* [KVM] Lower the default for halt_poll_ns to 200000 ns (LP: #1724614)
- KVM: x86: lower default for halt_poll_ns
* $(LOCAL_ENV_CC) and $(LOCAL_ENV_DISTCC_HOSTS) should be properly quoted
(LP: #1744077)
- [Debian] pass LOCAL_ENV_CC and LOCAL_ENV_DISTCC_HOSTS properly
* Redpine: Wifi/BT not functioning after s3 resume (LP: #1742090) //
[16.04][classic] Redpine: wowlan feature doesn't work (LP: #1742094)
- SAUCE: Redpine: fix for wowlan wakeup failure
- SAUCE: Redpine: fix data issue with non-uapsd APs
- SAUCE: Redpine: fix reset card issue
- SAUCE: Redpine: fix wowlan issue
* Using an NVMe drive causes huge power drain (LP: #1664602) // Samsung SSD
960 EVO 500GB refused to change power state (LP: #1705748)
- nvme-pci: disable APST on Samsung SSD 960 EVO + ASUS PRIME B350M-A
* Using an NVMe drive causes huge power drain (LP: #1664602)
- nvme/scsi: Remove power management support
- nvme: return the whole CQE through the request passthrough interface
- nvme: factor out a add nvme_is_write helper
- nvme: Modify and export sync command submission for fabrics
- nvme: Fix nvme_get/set_features() with a NULL result pointer
- nvme: Pass pointers, not dma addresses, to nvme_get/set_features()
- nvme: Add a quirk mechanism that uses identify_ctrl
- nvme: Enable autonomous power state transitions
- nvme: Adjust the Samsung APST quirk
- nvme: Quirk APST off on "THNSF5256GPUK TOSHIBA"
- nvme: only consider exit latency when choosing useful non-op power states
- nvme: relax APST default max latency to 100ms
- nvme: Quirk APST on Intel 600P/P3100 devices
* CVE-2017-17862
- bpf: fix branch pruning logic
* CVE-2017-16995
- bpf: fix incorrect sign extension in check_alu_op()
* CVE-2017-17741
- KVM: Fix stack-out-of-bounds read in write_mmio
* CVE-2018-5333
- RDS: null pointer dereference in rds_atomic_free_op
* the kernel is blackholing IPv6 packets to linkdown nexthops (LP: #1738219)
- ipv6: Do not consider linkdown nexthops during multipath
* /dev/bcache/by-uuid links not created after reboot (LP: #1729145)
- SAUCE: (no-up) bcache: decouple emitting a cached_dev CHANGE uevent
* e1000e in 4.4.0-97-generic breaks 82574L under heavy load. (LP: #1730550)
- e1000e: Avoid receiver overrun interrupt bursts
- e1000e: Separate signaling for link check/link up
* ath10k: enhance rf signal strength (LP: #1736317)
- ath10k: add max_tx_power for QCA6174 WLAN.RM.2.0 firmware
* User reports excessive ALUA retry messages (LP: #1720228)
- scsi_dh_alua: uninitialized variable in alua_rtpg()
* Add installer support for new Broadcom network drivers. (LP: #1734757)
- d-i: Add bnxt_en_bpo to nic-modules.
* Transparent hugepages should default to enabled=madvise (LP: #1703742)
- SAUCE: use CONFIG_TRANSPARENT_HUGEPAGE_MADVISE=y as default
-- Kamal Mostafa <email address hidden> Wed, 28 Mar 2018 11:52:32 -0700
-
linux-aws (4.4.0-1015.15) trusty; urgency=medium
* linux-aws: 4.4.0-1015.15 -proposed tracker (LP: #1755210)
[ Ubuntu: 4.4.0-117.141 ]
* linux: 4.4.0-117.141 -proposed tracker (LP: #1755208)
* Xenial update to 4.4.114 stable release (LP: #1754592)
- x86/asm/32: Make sync_core() handle missing CPUID on all 32-bit kernels
- usbip: prevent vhci_hcd driver from leaking a socket pointer address
- usbip: Fix implicit fallthrough warning
- usbip: Fix potential format overflow in userspace tools
- x86/microcode/intel: Fix BDW late-loading revision check
- x86/retpoline: Fill RSB on context switch for affected CPUs
- sched/deadline: Use the revised wakeup rule for suspending constrained dl
tasks
- can: af_can: can_rcv(): replace WARN_ONCE by pr_warn_once
- can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once
- PM / sleep: declare __tracedata symbols as char[] rather than char
- time: Avoid undefined behaviour in ktime_add_safe()
- timers: Plug locking race vs. timer migration
- Prevent timer value 0 for MWAITX
- drivers: base: cacheinfo: fix x86 with CONFIG_OF enabled
- drivers: base: cacheinfo: fix boot error message when acpi is enabled
- PCI: layerscape: Add "fsl,ls2085a-pcie" compatible ID
- PCI: layerscape: Fix MSG TLP drop setting
- mmc: sdhci-of-esdhc: add/remove some quirks according to vendor version
- fs/select: add vmalloc fallback for select(2)
- hwpoison, memcg: forcibly uncharge LRU pages
- cma: fix calculation of aligned offset
- mm, page_alloc: fix potential false positive in __zone_watermark_ok
- ipc: msg, make msgrcv work with LONG_MIN
- x86/ioapic: Fix incorrect pointers in ioapic_setup_resources()
- ACPI / processor: Avoid reserving IO regions too early
- ACPI / scan: Prefer devices without _HID/_CID for _ADR matching
- ACPICA: Namespace: fix operand cache leak
- netfilter: x_tables: speed up jump target validation
- netfilter: arp_tables: fix invoking 32bit "iptable -P INPUT ACCEPT" failed
in 64bit kernel
- netfilter: nf_dup_ipv6: set again FLOWI_FLAG_KNOWN_NH at flowi6_flags
- netfilter: nf_ct_expect: remove the redundant slash when policy name is
empty
- netfilter: nfnetlink_queue: reject verdict request from different portid
- netfilter: restart search if moved to other chain
- netfilter: nf_conntrack_sip: extend request line validation
- netfilter: use fwmark_reflect in nf_send_reset
- ext2: Don't clear SGID when inheriting ACLs
- reiserfs: fix race in prealloc discard
- reiserfs: don't preallocate blocks for extended attributes
- reiserfs: Don't clear SGID when inheriting ACLs
- fs/fcntl: f_setown, avoid undefined behaviour
- scsi: libiscsi: fix shifting of DID_REQUEUE host byte
- Input: trackpoint - force 3 buttons if 0 button is reported
- usb: usbip: Fix possible deadlocks reported by lockdep
- usbip: fix stub_rx: get_pipe() to validate endpoint number
- usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input
- usbip: prevent leaking socket pointer address in messages
- um: link vmlinux with -no-pie
- vsyscall: Fix permissions for emulate mode with KAISER/PTI
- eventpoll.h: add missing epoll event masks
- x86/microcode/intel: Extend BDW late-loading further with LLC size check
- hrtimer: Reset hrtimer cpu base proper on CPU hotplug
- dccp: don't restart ccid2_hc_tx_rto_expire() if sk in closed state
- ipv6: Fix getsockopt() for sockets with default IPV6_AUTOFLOWLABEL
- ipv6: fix udpv6 sendmsg crash caused by too small MTU
- ipv6: ip6_make_skb() needs to clear cork.base.dst
- lan78xx: Fix failure in USB Full Speed
- net: igmp: fix source address check for IGMPv3 reports
- tcp: __tcp_hdrlen() helper
- net: qdisc_pkt_len_init() should be more robust
- pppoe: take ->needed_headroom of lower device into account on xmit
- r8169: fix memory corruption on retrieval of hardware statistics.
- sctp: do not allow the v4 socket to bind a v4mapped v6 address
- sctp: return error if the asoc has been peeled off in sctp_wait_for_sndbuf
- vmxnet3: repair memory leak
- net: Allow neigh contructor functions ability to modify the primary_key
- ipv4: Make neigh lookup keys for loopback/point-to-point devices be
INADDR_ANY
- flow_dissector: properly cap thoff field
- net: tcp: close sock if net namespace is exiting
- nfsd: auth: Fix gid sorting when rootsquash enabled
- Linux 4.4.114
* Xenial update to 4.4.113 stable release (LP: #1754375)
- gcov: disable for COMPILE_TEST
- scsi: sg: disable SET_FORCE_LOW_DMA
- futex: Prevent overflow by strengthen input validation
- ALSA: pcm: Remove yet superfluous WARN_ON()
- ALSA: hda - Apply headphone noise quirk for another Dell XPS 13 variant
- ALSA: hda - Apply the existing quirk to iMac 14,1
- af_key: fix buffer overread in verify_address_len()
- af_key: fix buffer overread in parse_exthdrs()
- scsi: hpsa: fix volume offline state
- sched/deadline: Zero out positive runtime after throttling constrained tasks
- pipe: avoid round_pipe_size() nr_pages overflow on 32-bit
- x86/apic/vector: Fix off by one in error path
- Input: 88pm860x-ts - fix child-node lookup
- Input: twl6040-vibra - fix DT node memory management
- Input: twl6040-vibra - fix child-node lookup
- Input: twl4030-vibra - fix sibling-node lookup
- tracing: Fix converting enum's from the map in trace_event_eval_update()
- phy: work around 'phys' references to usb-nop-xceiv devices
- ARM: dts: kirkwood: fix pin-muxing of MPP7 on OpenBlocks A7
- can: peak: fix potential bug in packet fragmentation
- dm btree: fix serious bug in btree_split_beneath()
- dm thin metadata: THIN_MAX_CONCURRENT_LOCKS should be 6
- arm64: KVM: Fix SMCCC handling of unimplemented SMC/HVC calls
- kbuild: modversions for EXPORT_SYMBOL() for asm
- x86/pti: Document fix wrong index
- MIPS: AR7: ensure the port type's FCR value is used
- Linux 4.4.113
* Xenial update to 4.4.113 stable release (LP: #1754375) // CVE-2017-5753
(Spectre v1 Intel -> upstream)
- Revert "x86/cpu/AMD: Make the LFENCE instruction serialized"
- x86/cpu/AMD: Make LFENCE a serializing instruction
- x86/cpu/AMD: Use LFENCE_RDTSC in preference to MFENCE_RDTSC
* i2c-thunderx: erroneous error message "unhandled state: 0" (LP: #1754076)
- i2c: octeon: Prevent error message on bus error
* qeth: fix calculation of required buffer elements for skb (LP: #1750810)
- s390/qeth: fix underestimated count of buffer elements
* Support rfkill-any led trigger for Fujitsu u727 (LP: #1745130)
- rfkill: Add rfkill-any LED trigger
* Redpine: Sometimes Wi-Fi connection shows "unavailable" after resume from
WoWLAN S4. WLAN can be recover after reboot or reloading WIFI driver.
(LP: #1753438) // Redpine: BLE scanning for nearby beacons per second is too
low and result high loss rate. (LP: #1753439)
- SAUCE: Redpine: resolve race while resuming from S4
- SAUCE: Redpine: Fix card write failure issue at S4 restore
- SAUCE: Redpine: Add deep sleep enable before connection
- SAUCE: Redpine: resolve power save issue after S4 resume
* qeth: check not more than 16 SBALEs on the completion queue (LP: #1750568)
- qeth: check not more than 16 SBALEs on the completion queue
* qeth: fix L3 next-hop im xmit qeth hdr (LP: #1750813)
- s390/qeth: fix L3 next-hop in xmit qeth hdr
* qemu-efi-aarch64 in >= artful can't boot xenial cloud images (LP: #1744754)
- irqchip/gic-v3: Refactor gic_of_init() for GICv3 driver
- irqchip/gic-v3: Add ACPI support for GICv3/4 initialization
- irqchip/gic-v3: ACPI: Add redistributor support via GICC structures
- irqchip/gic-v3: Remove gic_root_node variable from the ITS code
- irqchip/gic-v3-its: Mark its_init() and its children as __init
- ACPICA: Headers: Add new constants for the DBG2 ACPI table
- of/serial: move earlycon early_param handling to serial
- ACPI: parse SPCR and enable matching console
- [Config] CONFIG_ACPI_SPCR_TABLE=y
- ARM64: ACPI: enable ACPI_SPCR_TABLE
- serial: pl011: add console matching function
* OOM and High CPU utilization in update_blocked_averages because of too many
cfs_rqs in rq->leaf_cfs_rq_list (LP: #1747896)
- sched/fair: Fix O(nr_cgroups) in load balance path
* linux-tools: perf incorrectly linking libbfd (LP: #1748922)
- SAUCE: tools -- add ability to disable libbfd
- [Packaging] correct disablement of libbfd
* retpoline abi files are empty on i386 (LP: #1751021)
- [Packaging] retpoline-extract -- instantiate retpoline files for i386
- [Packaging] final-checks -- sanity checking ABI contents
- [Packaging] final-checks -- check for empty retpoline files
* bnx2x_attn_int_deasserted3:4323 MC assert! (LP: #1715519) //
CVE-2018-1000026
- net: create skb_gso_validate_mac_len()
- bnx2x: disable GSO where gso_size is too big for hardware
* CVE-2017-17448
- netfilter: nfnetlink_cthelper: Add missing permission checks
* TB16 dock ethernet corrupts data with hw checksum silently failing
(LP: #1729674)
- r8152: disable RX aggregation on Dell TB16 dock
* linux < 4.8: x-netns vti is broken (LP: #1744078)
- net: l3mdev: Add master device lookup by index
- xfrm: Only add l3mdev oif to dst lookups
* Xenial update to 4.4.112 stable release (LP: #1745266)
- dm bufio: fix shrinker scans when (nr_to_scan < retain_target)
- can: gs_usb: fix return value of the "set_bittiming" callback
- IB/srpt: Disable RDMA access by the initiator
- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the ABI of the task
- MIPS: Factor out NT_PRFPREG regset access helpers
- MIPS: Guard against any partial write attempt with PTRACE_SETREGSET
- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET
- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA
- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET
- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset accesses
- net/mac80211/debugfs.c: prevent build failure with CONFIG_UBSAN=y
- x86/vsdo: Fix build on PARAVIRT_CLOCK=y, KVM_GUEST=n
- x86/acpi: Handle SCI interrupts above legacy space gracefully
- iommu/arm-smmu-v3: Don't free page table ops twice
- ALSA: pcm: Remove incorrect snd_BUG_ON() usages
- ALSA: pcm: Add missing error checks in OSS emulation plugin builder
- ALSA: pcm: Abort properly at pending signal in OSS read/write loops
- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops
- ALSA: aloop: Release cable upon open error path
- ALSA: aloop: Fix inconsistent format due to incomplete rule
- ALSA: aloop: Fix racy hw constraints adjustment
- x86/acpi: Reduce code duplication in mp_override_legacy_irq()
- mm/compaction: fix invalid free_pfn and compact_cached_free_pfn
- mm/compaction: pass only pageblock aligned range to pageblock_pfn_to_page
- mm/page-writeback: fix dirty_ratelimit calculation
- mm/zswap: use workqueue to destroy pool
- zswap: don't param_set_charp while holding spinlock
- locks: don't check for race with close when setting OFD lock
- futex: Replace barrier() in unqueue_me() with READ_ONCE()
- locking/mutex: Allow next waiter lockless wakeup
- usbvision fix overflow of interfaces array
- usb: musb: ux500: Fix NULL pointer dereference at system PM
- r8152: fix the wake event
- r8152: use test_and_clear_bit
- r8152: adjust ALDPS function
- lan78xx: use skb_cow_head() to deal with cloned skbs
- sr9700: use skb_cow_head() to deal with cloned skbs
- smsc75xx: use skb_cow_head() to deal with cloned skbs
- cx82310_eth: use skb_cow_head() to deal with cloned skbs
- x86/mm/pat, /dev/mem: Remove superfluous error message
- hwrng: core - sleep interruptible in read
- sysrq: Fix warning in sysrq generated crash.
- xhci: Fix ring leak in failure path of xhci_alloc_virt_device()
- Revert "userfaultfd: selftest: vm: allow to build in vm/ directory"
- x86/pti/efi: broken conversion from efi to kernel page table
- 8021q: fix a memory leak for VLAN 0 device
- ip6_tunnel: disable dst caching if tunnel is dual-stack
- net: core: fix module type in sock_diag_bind
- RDS: Heap OOB write in rds_message_alloc_sgs()
- sh_eth: fix TSU resource handling
- sh_eth: fix SH7757 GEther initialization
- net: stmmac: enable EEE in MII, GMII or RGMII only
- ipv6: fix possible mem leaks in ipv6_make_skb()
- crypto: algapi - fix NULL dereference in crypto_remove_spawns()
- rbd: set max_segments to USHRT_MAX
- x86/microcode/intel: Extend BDW late-loading with a revision check
- KVM: x86: Add memory barrier on vmcs field lookup
- drm/vmwgfx: Potential off by one in vmw_view_add()
- kaiser: Set _PAGE_NX only if supported
- bpf: don't (ab)use instructions to store state
- bpf: move fixup_bpf_calls() function
- bpf: refactor fixup_bpf_calls()
- bpf: adjust insn_aux_data when patching insns
- bpf: prevent out-of-bounds speculation
- bpf, array: fix overflow in max_entries and undefined behavior in index_mask
- iscsi-target: Make TASK_REASSIGN use proper se_cmd->cmd_kref
- target: Avoid early CMD_T_PRE_EXECUTE failures during ABORT_TASK
- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ
- USB: serial: cp210x: add new device ID ELV ALC 8xxx
- usb: misc: usb3503: make sure reset is low for at least 100us
- USB: fix usbmon BUG trigger
- usbip: remove kernel addresses from usb device and urb debug msgs
- staging: android: ashmem: fix a race condition in ASHMEM_SET_SIZE ioctl
- Bluetooth: Prevent stack info leak from the EFS element.
- uas: ignore UAS for Norelsys NS1068(X) chips
- e1000e: Fix e1000_check_for_copper_link_ich8lan return value.
- x86/Documentation: Add PTI description
- sysfs/cpu: Fix typos in vulnerability documentation
- x86/alternatives: Fix optimize_nops() checking
- selftests/x86: Add test_vsyscall
- Linux 4.4.112
* Xenial update to 4.4.111 stable release (LP: #1745263)
- x86/kasan: Write protect kasan zero shadow
- kernel/acct.c: fix the acct->needcheck check in check_free_space()
- crypto: n2 - cure use after free
- crypto: chacha20poly1305 - validate the digest size
- crypto: pcrypt - fix freeing pcrypt instances
- sunxi-rsb: Include OF based modalias in device uevent
- fscache: Fix the default for fscache_maybe_release_page()
- kernel: make groups_sort calling a responsibility group_info allocators
- kernel/signal.c: protect the traced SIGNAL_UNKILLABLE tasks from SIGKILL
- kernel/signal.c: protect the SIGNAL_UNKILLABLE tasks from !sig_kernel_only()
signals
- kernel/signal.c: remove the no longer needed SIGNAL_UNKILLABLE check in
complete_signal()
- ARC: uaccess: dont use "l" gcc inline asm constraint modifier
- parisc: Fix alignment of pa_tlb_lock in assembly on 32-bit SMP kernel
- genksyms: Handle string literals with spaces in reference files
- module: Issue warnings when tainting kernel
- proc: much faster /proc/vmstat
- Fix build error in vma.c
- Linux 4.4.111
* x86/net/bpf: return statement missing value (LP: #1745364)
- SAUCE: (no-up) arch/x86/bpf: Fix missed return statement
* Ubuntu 16.04 - s390/cpuinfo: show facilities as reported by stfle
(LP: #1744736)
- s390/bitops: add for_each_set_bit_inv helper
- s390/cpuinfo: show facilities as reported by stfle
* Xenial update to 4.4.110 stable release (LP: #1745071)
- KPTI: Rename to PAGE_TABLE_ISOLATION
- SAUCE: Replace CONFIG_KAISER with CONFIG_PAGE_TABLE_ISOLATION
- Linux 4.4.110
* Xenial update to 4.4.109 stable release (LP: #1745069)
- ACPI: APEI / ERST: Fix missing error handling in erst_reader()
- crypto: mcryptd - protect the per-CPU queue with a lock
- mfd: cros ec: spi: Don't send first message too soon
- mfd: twl4030-audio: Fix sibling-node lookup
- mfd: twl6040: Fix child-node lookup
- ALSA: rawmidi: Avoid racy info ioctl via ctl device
- ALSA: usb-audio: Fix the missing ctl name suffix at parsing SU
- PCI / PM: Force devices to D0 in pci_pm_thaw_noirq()
- parisc: Hide Diva-built-in serial aux and graphics card
- spi: xilinx: Detect stall with Unknown commands
- KVM: X86: Fix load RFLAGS w/o the fixed bit
- powerpc/perf: Dereference BHRB entries safely
- net: mvneta: clear interface link status on port disable
- tracing: Remove extra zeroing out of the ring buffer page
- tracing: Fix possible double free on failure of allocating trace buffer
- tracing: Fix crash when it fails to alloc ring buffer
- ring-buffer: Mask out the info bits when returning buffer page length
- iw_cxgb4: Only validate the MSN for successful completions
- ASoC: fsl_ssi: AC'97 ops need regmap, clock and cleaning up on failure
- ASoC: twl4030: fix child-node lookup
- ALSA: hda: Drop useless WARN_ON()
- ALSA: hda - fix headset mic detection issue on a Dell machine
- x86/vm86/32: Switch to flush_tlb_mm_range() in mark_screen_rdonly()
- x86/mm: Remove flush_tlb() and flush_tlb_current_task()
- x86/mm: Make flush_tlb_mm_range() more predictable
- x86/mm: Reimplement flush_tlb_page() using flush_tlb_mm_range()
- x86/mm: Remove the UP asm/tlbflush.h code, always use the (formerly) SMP
code
- x86/mm: Add the 'nopcid' boot option to turn off PCID
- x86/mm/64: Fix reboot interaction with CR4.PCIDE
- kbuild: add '-fno-stack-check' to kernel build options
- ipv4: igmp: guard against silly MTU values
- ipv6: mcast: better catch silly mtu values
- net: igmp: Use correct source address on IGMPv3 reports
- netlink: Add netns check on taps
- net: qmi_wwan: add Sierra EM7565 1199:9091
- net: reevalulate autoflowlabel setting after sysctl setting
- tcp md5sig: Use skb's saddr when replying to an incoming segment
- tg3: Fix rx hang on MTU change with 5717/5719
- net: mvmdio: disable/unprepare clocks in EPROBE_DEFER case
- sctp: Replace use of sockets_allocated with specified macro.
- ipv4: Fix use-after-free when flushing FIB tables
- net: bridge: fix early call to br_stp_change_bridge_id and plug newlink
leaks
- net: phy: micrel: ksz9031: reconfigure autoneg after phy autoneg workaround
- sock: free skb in skb_complete_tx_timestamp on error
- usbip: fix usbip bind writing random string after command in match_busid
- usbip: stub: stop printing kernel pointer addresses in messages
- usbip: vhci: stop printing kernel pointer addresses in messages
- USB: serial: ftdi_sio: add id for Airbus DS P8GR
- USB: serial: qcserial: add Sierra Wireless EM7565
- USB: serial: option: add support for Telit ME910 PID 0x1101
- USB: serial: option: adding support for YUGA CLM920-NC5
- usb: Add device quirk for Logitech HD Pro Webcam C925e
- usb: add RESET_RESUME for ELSA MicroLink 56K
- USB: Fix off by one in type-specific length check of BOS SSP capability
- usb: xhci: Add XHCI_TRUST_TX_LENGTH for Renesas uPD720201
- nohz: Prevent a timer interrupt storm in tick_nohz_stop_sched_tick()
- x86/smpboot: Remove stale TLB flush invocations
- n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD)
- mm/vmstat: Make NR_TLB_REMOTE_FLUSH_RECEIVED available even on UP
- Linux 4.4.109
* Xenial update to 4.4.108 stable release (LP: #1745054)
- arm64: Initialise high_memory global variable earlier
- cxl: Check if vphb exists before iterating over AFU devices
- x86/mm: Fix INVPCID asm constraint
- x86/mm: Add a 'noinvpcid' boot option to turn off INVPCID
- mm/rmap: batched invalidations should use existing api
- mm/mmu_context, sched/core: Fix mmu_context.h assumption
- sched/core: Add switch_mm_irqs_off() and use it in the scheduler
- x86/mm, sched/core: Turn off IRQs in switch_mm()
- ARM: Hide finish_arch_post_lock_switch() from modules
- sched/core: Idle_task_exit() shouldn't use switch_mm_irqs_off()
- x86/irq: Do not substract irq_tlb_count from irq_call_count
- ALSA: hda - add support for docking station for HP 820 G2
- ALSA: hda - add support for docking station for HP 840 G3
- arm: kprobes: Fix the return address of multiple kretprobes
- arm: kprobes: Align stack to 8-bytes in test code
- cpuidle: Validate cpu_dev in cpuidle_add_sysfs()
- crypto: deadlock between crypto_alg_sem/rtnl_mutex/genl_mutex
- sch_dsmark: fix invalid skb_cow() usage
- bna: integer overflow bug in debugfs
- net: qmi_wwan: Add USB IDs for MDM6600 modem on Motorola Droid 4
- usb: gadget: f_uvc: Sanity check wMaxPacketSize for SuperSpeed
- usb: gadget: udc: remove pointer dereference after free
- netfilter: nfnl_cthelper: fix runtime expectation policy updates
- netfilter: nfnl_cthelper: Fix memory leak
- inet: frag: release spinlock before calling icmp_send()
- pinctrl: st: add irq_request/release_resources callbacks
- scsi: lpfc: Fix PT2PT PRLI reject
- KVM: x86: correct async page present tracepoint
- KVM: VMX: Fix enable VPID conditions
- ARM: dts: ti: fix PCI bus dtc warnings
- hwmon: (asus_atk0110) fix uninitialized data access
- HID: xinmo: fix for out of range for THT 2P arcade controller.
- r8152: prevent the driver from transmitting packets with carrier off
- s390/qeth: no ETH header for outbound AF_IUCV
- bna: avoid writing uninitialized data into hw registers
- net: Do not allow negative values for busy_read and busy_poll sysctl
interfaces
- i40e: Do not enable NAPI on q_vectors that have no rings
- RDMA/iser: Fix possible mr leak on device removal event
- irda: vlsi_ir: fix check for DMA mapping errors
- netfilter: nfnl_cthelper: fix a race when walk the nf_ct_helper_hash table
- netfilter: nf_nat_snmp: Fix panic when snmp_trap_helper fails to register
- ARM: dts: am335x-evmsk: adjust mmc2 param to allow suspend
- KVM: pci-assign: do not map smm memory slot pages in vt-d page tables
- isdn: kcapi: avoid uninitialized data
- xhci: plat: Register shutdown for xhci_plat
- netfilter: nfnetlink_queue: fix secctx memory leak
- ARM: dma-mapping: disallow dma_get_sgtable() for non-kernel managed memory
- cpuidle: powernv: Pass correct drv->cpumask for registration
- bnxt_en: Fix NULL pointer dereference in reopen failure path
- backlight: pwm_bl: Fix overflow condition
- crypto: crypto4xx - increase context and scatter ring buffer elements
- rtc: pl031: make interrupt optional
- net: phy: at803x: Change error to EINVAL for invalid MAC
- PCI: Avoid bus reset if bridge itself is broken
- scsi: cxgb4i: fix Tx skb leak
- scsi: mpt3sas: Fix IO error occurs on pulling out a drive from RAID1 volume
created on two SATA drive
- PCI: Create SR-IOV virtfn/physfn links before attaching driver
- igb: check memory allocation failure
- ixgbe: fix use of uninitialized padding
- PCI/AER: Report non-fatal errors only to the affected endpoint
- scsi: lpfc: Fix secure firmware updates
- scsi: lpfc: PLOGI failures during NPIV testing
- fm10k: ensure we process SM mbx when processing VF mbx
- tcp: fix under-evaluated ssthresh in TCP Vegas
- rtc: set the alarm to the next expiring timer
- cpuidle: fix broadcast control when broadcast can not be entered
- thermal: hisilicon: Handle return value of clk_prepare_enable
- MIPS: math-emu: Fix final emulation phase for certain instructions
- Revert "Bluetooth: btusb: driver to enable the usb-wakeup feature"
- ALSA: hda - Clear the leftover component assignment at snd_hdac_i915_exit()
- ALSA: hda - Degrade i915 binding failure message
- ALSA: hda - Fix yet another i915 pointer leftover in error path
- alpha: fix build failures
- Linux 4.4.108
* Xenial update to 4.4.107 stable release (LP: #1745052)
- crypto: hmac - require that the underlying hash algorithm is unkeyed
- crypto: salsa20 - fix blkcipher_walk API usage
- autofs: fix careless error in recent commit
- tracing: Allocate mask_str buffer dynamically
- USB: uas and storage: Add US_FL_BROKEN_FUA for another JMicron JMS567 ID
- USB: core: prevent malicious bNumInterfaces overflow
- usbip: fix stub_send_ret_submit() vulnerability to null transfer_buffer
- ceph: drop negative child dentries before try pruning inode's alias
- Bluetooth: btusb: driver to enable the usb-wakeup feature
- xhci: Don't add a virt_dev to the devs array before it's fully allocated
- sched/rt: Do not pull from current CPU if only one CPU to pull
- dmaengine: dmatest: move callback wait queue to thread context
- ext4: fix fdatasync(2) after fallocate(2) operation
- ext4: fix crash when a directory's i_size is too small
- KEYS: add missing permission check for request_key() destination
- mac80211: Fix addition of mesh configuration element
- usb: phy: isp1301: Add OF device ID table
- md-cluster: free md_cluster_info if node leave cluster
- userfaultfd: shmem: __do_fault requires VM_FAULT_NOPAGE
- userfaultfd: selftest: vm: allow to build in vm/ directory
- net: initialize msg.msg_flags in recvfrom
- net: bcmgenet: correct the RBUF_OVFL_CNT and RBUF_ERR_CNT MIB values
- net: bcmgenet: correct MIB access of UniMAC RUNT counters
- net: bcmgenet: reserved phy revisions must be checked first
- net: bcmgenet: power down internal phy if open or resume fails
- net: bcmgenet: Power up the internal PHY before probing the MII
- NFSD: fix nfsd_minorversion(.., NFSD_AVAIL)
- NFSD: fix nfsd_reset_versions for NFSv4.
- Input: i8042 - add TUXEDO BU1406 (N24_25BU) to the nomux list
- drm/omap: fix dmabuf mmap for dma_alloc'ed buffers
- netfilter: bridge: honor frag_max_size when refragmenting
- writeback: fix memory leak in wb_queue_work()
- net: wimax/i2400m: fix NULL-deref at probe
- dmaengine: Fix array index out of bounds warning in __get_unmap_pool()
- net: Resend IGMP memberships upon peer notification.
- mlxsw: reg: Fix SPVM max record count
- mlxsw: reg: Fix SPVMLR max record count
- intel_th: pci: Add Gemini Lake support
- openrisc: fix issue handling 8 byte get_user calls
- scsi: hpsa: update check for logical volume status
- scsi: hpsa: limit outstanding rescans
- fjes: Fix wrong netdevice feature flags
- drm/radeon/si: add dpm quirk for Oland
- sched/deadline: Make sure the replenishment timer fires in the next period
- sched/deadline: Throttle a constrained deadline task activated after the
deadline
- sched/deadline: Use deadline instead of period when calculating overflow
- mmc: mediatek: Fixed bug where clock frequency could be set wrong
- drm/radeon: reinstate oland workaround for sclk
- afs: Fix missing put_page()
- afs: Populate group ID from vnode status
- afs: Adjust mode bits processing
- afs: Flush outstanding writes when an fd is closed
- afs: Migrate vlocation fields to 64-bit
- afs: Prevent callback expiry timer overflow
- afs: Fix the maths in afs_fs_store_data()
- afs: Populate and use client modification time
- afs: Fix page leak in afs_write_begin()
- afs: Fix afs_kill_pages()
- perf symbols: Fix symbols__fixup_end heuristic for corner cases
- efi/esrt: Cleanup bad memory map log messages
- NFSv4.1 respect server's max size in CREATE_SESSION
- btrfs: add missing memset while reading compressed inline extents
- target: Use system workqueue for ALUA transitions
- target: fix ALUA transition timeout handling
- target: fix race during implicit transition work flushes
- sfc: don't warn on successful change of MAC
- fbdev: controlfb: Add missing modes to fix out of bounds access
- video: udlfb: Fix read EDID timeout
- video: fbdev: au1200fb: Release some resources if a memory allocation fails
- video: fbdev: au1200fb: Return an error code if a memory allocation fails
- rtc: pcf8563: fix output clock rate
- dmaengine: ti-dma-crossbar: Correct am335x/am43xx mux value type
- PCI/PME: Handle invalid data when reading Root Status
- powerpc/powernv/cpufreq: Fix the frequency read by /proc/cpuinfo
- netfilter: ipvs: Fix inappropriate output of procfs
- powerpc/opal: Fix EBUSY bug in acquiring tokens
- powerpc/ipic: Fix status get and status clear
- target/iscsi: Fix a race condition in iscsit_add_reject_from_cmd()
- iscsi-target: fix memory leak in lio_target_tiqn_addtpg()
- target:fix condition return in core_pr_dump_initiator_port()
- target/file: Do not return error for UNMAP if length is zero
- arm-ccn: perf: Prevent module unload while PMU is in use
- crypto: tcrypt - fix buffer lengths in test_aead_speed()
- mm: Handle 0 flags in _calc_vm_trans() macro
- clk: mediatek: add the option for determining PLL source clock
- clk: imx6: refine hdmi_isfr's parent to make HDMI work on i.MX6 SoCs w/o VPU
- clk: tegra: Fix cclk_lp divisor register
- ppp: Destroy the mutex when cleanup
- thermal/drivers/step_wise: Fix temperature regulation misbehavior
- GFS2: Take inode off order_write list when setting jdata flag
- bcache: explicitly destroy mutex while exiting
- bcache: fix wrong cache_misses statistics
- l2tp: cleanup l2tp_tunnel_delete calls
- xfs: fix log block underflow during recovery cycle verification
- xfs: fix incorrect extent state in xfs_bmap_add_extent_unwritten_real
- PCI: Detach driver before procfs & sysfs teardown on device remove
- scsi: hpsa: cleanup sas_phy structures in sysfs when unloading
- scsi: hpsa: destroy sas transport properties before scsi_host
- powerpc/perf/hv-24x7: Fix incorrect comparison in memord
- tty fix oops when rmmod 8250
- usb: musb: da8xx: fix babble condition handling
- pinctrl: adi2: Fix Kconfig build problem
- raid5: Set R5_Expanded on parity devices as well as data.
- scsi: scsi_devinfo: Add REPORTLUN2 to EMC SYMMETRIX blacklist entry
- vt6655: Fix a possible sleep-in-atomic bug in vt6655_suspend
- scsi: sd: change manage_start_stop to bool in sysfs interface
- scsi: sd: change allow_restart to bool in sysfs interface
- scsi: bfa: integer overflow in debugfs
- udf: Avoid overflow when session starts at large offset
- macvlan: Only deliver one copy of the frame to the macvlan interface
- RDMA/cma: Avoid triggering undefined behavior
- IB/ipoib: Grab rtnl lock on heavy flush when calling ndo_open/stop
- ath9k: fix tx99 potential info leak
- Linux 4.4.107
* Xenial update to 4.4.106 stable release (LP: #1745047)
- can: ti_hecc: Fix napi poll return value for repoll
- can: kvaser_usb: free buf in error paths
- can: kvaser_usb: Fix comparison bug in kvaser_usb_read_bulk_callback()
- can: kvaser_usb: ratelimit errors if incomplete messages are received
- can: kvaser_usb: cancel urb on -EPIPE and -EPROTO
- can: ems_usb: cancel urb on -EPIPE and -EPROTO
- can: esd_usb2: cancel urb on -EPIPE and -EPROTO
- can: usb_8dev: cancel urb on -EPIPE and -EPROTO
- virtio: release virtio index when fail to device_register
- hv: kvp: Avoid reading past allocated blocks from KVP file
- isa: Prevent NULL dereference in isa_bus driver callbacks
- scsi: libsas: align sata_device's rps_resp on a cacheline
- efi: Move some sysfs files to be read-only by root
- ASN.1: fix out-of-bounds read when parsing indefinite length item
- ASN.1: check for error from ASN1_OP_END__ACT actions
- X.509: reject invalid BIT STRING for subjectPublicKey
- x86/PCI: Make broadcom_postcore_init() check acpi_disabled
- ALSA: pcm: prevent UAF in snd_pcm_info
- ALSA: seq: Remove spurious WARN_ON() at timer check
- ALSA: usb-audio: Fix out-of-bound error
- ALSA: usb-audio: Add check return value for usb_string()
- iommu/vt-d: Fix scatterlist offset handling
- s390: fix compat system call table
- kdb: Fix handling of kallsyms_symbol_next() return value
- drm: extra printk() wrapper macros
- drm/exynos: gem: Drop NONCONTIG flag for buffers allocated without IOMMU
- media: dvb: i2c transfers over usb cannot be done from stack
- arm64: KVM: fix VTTBR_BADDR_MASK BUG_ON off-by-one
- KVM: VMX: remove I/O port 0x80 bypass on Intel hosts
- arm64: fpsimd: Prevent registers leaking from dead tasks
- ARM: BUG if jumping to usermode address in kernel mode
- ARM: avoid faulting on qemu
- thp: reduce indentation level in change_huge_pmd()
- thp: fix MADV_DONTNEED vs. numa balancing race
- mm: drop unused pmdp_huge_get_and_clear_notify()
- Revert "drm/armada: Fix compile fail"
- Revert "spi: SPI_FSL_DSPI should depend on HAS_DMA"
- Revert "s390/kbuild: enable modversions for symbols exported from asm"
- vti6: Don't report path MTU below IPV6_MIN_MTU.
- ARM: OMAP2+: gpmc-onenand: propagate error on initialization failure
- x86/hpet: Prevent might sleep splat on resume
- selftest/powerpc: Fix false failures for skipped tests
- module: set __jump_table alignment to 8
- ARM: OMAP2+: Fix device node reference counts
- ARM: OMAP2+: Release device node after it is no longer needed.
- gpio: altera: Use handle_level_irq when configured as a level_high
- HID: chicony: Add support for another ASUS Zen AiO keyboard
- usb: gadget: configs: plug memory leak
- USB: gadgetfs: Fix a potential memory leak in 'dev_config()'
- kvm: nVMX: VMCLEAR should not cause the vCPU to shut down
- libata: drop WARN from protocol error in ata_sff_qc_issue()
- workqueue: trigger WARN if queue_delayed_work() is called with NULL @wq
- scsi: lpfc: Fix crash during Hardware error recovery on SLI3 adapters
- irqchip/crossbar: Fix incorrect type of register size
- KVM: nVMX: reset nested_run_pending if the vCPU is going to be reset
- arm: KVM: Survive unknown traps from guests
- arm64: KVM: Survive unknown traps from guests
- spi_ks8995: fix "BUG: key accdaa28 not in .data!"
- bnx2x: prevent crash when accessing PTP with interface down
- bnx2x: fix possible overrun of VFPF multicast addresses array
- bnx2x: do not rollback VF MAC/VLAN filters we did not configure
- ipv6: reorder icmpv6_init() and ip6_mr_init()
- crypto: s5p-sss - Fix completing crypto request in IRQ handler
- i2c: riic: fix restart condition
- zram: set physical queue limits to avoid array out of bounds accesses
- netfilter: don't track fragmented packets
- axonram: Fix gendisk handling
- drm/amd/amdgpu: fix console deadlock if late init failed
- powerpc/powernv/ioda2: Gracefully fail if too many TCE levels requested
- EDAC, i5000, i5400: Fix use of MTR_DRAM_WIDTH macro
- EDAC, i5000, i5400: Fix definition of NRECMEMB register
- kbuild: pkg: use --transform option to prefix paths in tar
- mac80211_hwsim: Fix memory leak in hwsim_new_radio_nl()
- route: also update fnhe_genid when updating a route cache
- route: update fnhe_expires for redirect when the fnhe exists
- lib/genalloc.c: make the avail variable an atomic_long_t
- dynamic-debug-howto: fix optional/omitted ending line number to be LARGE
instead of 0
- NFS: Fix a typo in nfs_rename()
- sunrpc: Fix rpc_task_begin trace point
- block: wake up all tasks blocked in get_request()
- sparc64/mm: set fields in deferred pages
- sctp: do not free asoc when it is already dead in sctp_sendmsg
- sctp: use the right sk after waking up from wait_buf sleep
- atm: horizon: Fix irq release error
- jump_label: Invoke jump_label_test() via early_initcall()
- xfrm: Copy policy family in clone_policy
- IB/mlx4: Increase maximal message size under UD QP
- IB/mlx5: Assign send CQ and recv CQ of UMR QP
- afs: Connect up the CB.ProbeUuid
- ipvlan: fix ipv6 outbound device
- audit: ensure that 'audit=1' actually enables audit for PID 1
- ipmi: Stop timers before cleaning up the module
- s390: always save and restore all registers on context switch
- tipc: fix memory leak in tipc_accept_from_sock()
- rds: Fix NULL pointer dereference in __rds_rdma_map
- sit: update frag_off info
- packet: fix crash in fanout_demux_rollover()
- net/packet: fix a race in packet_bind() and packet_notifier()
- Revert "x86/efi: Build our own page table structures"
- Revert "x86/efi: Hoist page table switching code into efi_call_virt()"
- Revert "x86/mm/pat: Ensure cpa->pfn only contains page frame numbers"
- arm: KVM: Fix VTTBR_BADDR_MASK BUG_ON off-by-one
- usb: gadget: ffs: Forbid usb_ep_alloc_request from sleeping
- Linux 4.4.106
* Xenial update to 4.4.105 stable release (LP: #1745046)
- bcache: only permit to recovery read error when cache device is clean
- bcache: recover data from backing when data is clean
- uas: Always apply US_FL_NO_ATA_1X quirk to Seagate devices
- usb: quirks: Add no-lpm quirk for KY-688 USB 3.1 Type-C Hub
- serial: 8250_pci: Add Amazon PCI serial device ID
- s390/runtime instrumentation: simplify task exit handling
- USB: serial: option: add Quectel BG96 id
- ima: fix hash algorithm initialization
- s390/pci: do not require AIS facility
- selftests/x86/ldt_get: Add a few additional tests for limits
- serial: 8250_fintek: Fix rs485 disablement on invalid ioctl()
- spi: sh-msiof: Fix DMA transfer size check
- usb: phy: tahvo: fix error handling in tahvo_usb_probe()
- serial: 8250: Preserve DLD[7:4] for PORT_XR17V35X
- x86/entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt()
- EDAC, sb_edac: Fix missing break in switch
- sysrq : fix Show Regs call trace on ARM
- perf test attr: Fix ignored test case result
- kprobes/x86: Disable preemption in ftrace-based jprobes
- net: systemport: Utilize skb_put_padto()
- net: systemport: Pad packet before inserting TSB
- ARM: OMAP1: DMA: Correct the number of logical channels
- vti6: fix device register to report IFLA_INFO_KIND
- net/appletalk: Fix kernel memory disclosure
- ravb: Remove Rx overflow log messages
- nfs: Don't take a reference on fl->fl_file for LOCK operation
- KVM: arm/arm64: Fix occasional warning from the timer work function
- NFSv4: Fix client recovery when server reboots multiple times
- drm/exynos/decon5433: set STANDALONE_UPDATE_F on output enablement
- net: sctp: fix array overrun read on sctp_timer_tbl
- tipc: fix cleanup at module unload
- dmaengine: pl330: fix double lock
- tcp: correct memory barrier usage in tcp_check_space()
- mm: avoid returning VM_FAULT_RETRY from ->page_mkwrite handlers
- xen-netfront: Improve error handling during initialization
- net: fec: fix multicast filtering hardware setup
- Revert "ocfs2: should wait dio before inode lock in ocfs2_setattr()"
- usb: hub: Cycle HUB power when initialization fails
- usb: xhci: fix panic in xhci_free_virt_devices_depth_first
- usb: ch9: Add size macro for SSP dev cap descriptor
- USB: core: Add type-specific length check of BOS descriptors
- USB: Increase usbfs transfer limit
- USB: devio: Prevent integer overflow in proc_do_submiturb()
- USB: usbfs: Filter flags passed in from user space
- usb: host: fix incorrect updating of offset
- xen-netfront: avoid crashing on resume after a failure in talk_to_netback()
- Linux 4.4.105
* Xenial update to 4.4.104 stable release (LP: #1745043)
- x86/mm/pat: Ensure cpa->pfn only contains page frame numbers
- x86/efi: Hoist page table switching code into efi_call_virt()
- x86/efi: Build our own page table structures
- ARM: dts: omap3: logicpd-torpedo-37xx-devkit: Fix MMC1 cd-gpio
- x86/efi-bgrt: Fix kernel panic when mapping BGRT data
- x86/efi-bgrt: Replace early_memremap() with memremap()
- mm/madvise.c: fix madvise() infinite loop under special circumstances
- btrfs: clear space cache inode generation always
- KVM: x86: pvclock: Handle first-time write to pvclock-page contains random
junk
- KVM: x86: Exit to user-mode on #UD intercept when emulator requires
- KVM: x86: inject exceptions produced by x86_decode_insn
- mmc: core: Do not leave the block driver in a suspended state
- eeprom: at24: check at24_read/write arguments
- bcache: Fix building error on MIPS
- Revert "drm/radeon: dont switch vt on suspend"
- drm/radeon: fix atombios on big endian
- drm/panel: simple: Add missing panel_simple_unprepare() calls
- mtd: nand: Fix writing mtdoops to nand flash.
- NFS: revalidate "." etc correctly on "open".
- drm/i915: Don't try indexed reads to alternate slave addresses
- drm/i915: Prevent zero length "index" write
- nfsd: Make init_open_stateid() a bit more whole
- nfsd: Fix stateid races between OPEN and CLOSE
- nfsd: Fix another OPEN stateid race
- Linux 4.4.104
* Xenial update to 4.4.103 stable release (LP: #1744873)
- s390: fix transactional execution control register handling
- s390/runtime instrumention: fix possible memory corruption
- s390/disassembler: add missing end marker for e7 table
- s390/disassembler: increase show_code buffer size
- AF_VSOCK: Shrink the area influenced by prepare_to_wait
- vsock: use new wait API for vsock_stream_sendmsg()
- sched: Make resched_cpu() unconditional
- lib/mpi: call cond_resched() from mpi_powm() loop
- x86/decoder: Add new TEST instruction pattern
- ARM: 8722/1: mm: make STRICT_KERNEL_RWX effective for LPAE
- ARM: 8721/1: mm: dump: check hardware RO bit for LPAE
- MIPS: ralink: Fix MT7628 pinmux
- MIPS: ralink: Fix typo in mt7628 pinmux function
- ALSA: hda: Add Raven PCI ID
- dm bufio: fix integer overflow when limiting maximum cache size
- dm: fix race between dm_get_from_kobject() and __dm_destroy()
- MIPS: Fix an n32 core file generation regset support regression
- MIPS: BCM47XX: Fix LED inversion for WRT54GSv1
- autofs: don't fail mount for transient error
- nilfs2: fix race condition that causes file system corruption
- eCryptfs: use after free in ecryptfs_release_messaging()
- bcache: check ca->alloc_thread initialized before wake up it
- isofs: fix timestamps beyond 2027
- NFS: Fix typo in nomigration mount option
- nfs: Fix ugly referral attributes
- nfsd: deal with revoked delegations appropriately
- rtlwifi: rtl8192ee: Fix memory leak when loading firmware
- rtlwifi: fix uninitialized rtlhal->last_suspend_sec time
- ata: fixes kernel crash while tracing ata_eh_link_autopsy event
- ext4: fix interaction between i_size, fallocate, and delalloc after a crash
- ALSA: pcm: update tstamp only if audio_tstamp changed
- ALSA: usb-audio: Add sanity checks to FE parser
- ALSA: usb-audio: Fix potential out-of-bound access at parsing SU
- ALSA: usb-audio: Add sanity checks in v2 clock parsers
- ALSA: timer: Remove kernel warning at compat ioctl error paths
- ALSA: hda/realtek - Fix ALC700 family no sound issue
- fix a page leak in vhost_scsi_iov_to_sgl() error recovery
- fs/9p: Compare qid.path in v9fs_test_inode
- iscsi-target: Fix non-immediate TMR reference leak
- target: Fix QUEUE_FULL + SCSI task attribute handling
- KVM: nVMX: set IDTR and GDTR limits when loading L1 host state
- KVM: SVM: obey guest PAT
- SUNRPC: Fix tracepoint storage issues with svc_recv and svc_rqst_status
- clk: ti: dra7-atl-clock: Fix of_node reference counting
- clk: ti: dra7-atl-clock: fix child-node lookups
- libnvdimm, namespace: fix label initialization to use valid seq numbers
- libnvdimm, namespace: make 'resource' attribute only readable by root
- IB/srpt: Do not accept invalid initiator port names
- IB/srp: Avoid that a cable pull can trigger a kernel crash
- NFC: fix device-allocation error return
- i40e: Use smp_rmb rather than read_barrier_depends
- igb: Use smp_rmb rather than read_barrier_depends
- igbvf: Use smp_rmb rather than read_barrier_depends
- ixgbevf: Use smp_rmb rather than read_barrier_depends
- i40evf: Use smp_rmb rather than read_barrier_depends
- fm10k: Use smp_rmb rather than read_barrier_depends
- ixgbe: Fix skb list corruption on Power systems
- parisc: Fix validity check of pointer size argument in new CAS
implementation
- powerpc/signal: Properly handle return value from uprobe_deny_signal()
- media: Don't do DMA on stack for firmware upload in the AS102 driver
- media: rc: check for integer overflow
- cx231xx-cards: fix NULL-deref on missing association descriptor
- media: v4l2-ctrl: Fix flags field on Control events
- sched/rt: Simplify the IPI based RT balancing logic
- fscrypt: lock mutex before checking for bounce page pool
- net/9p: Switch to wait_event_killable()
- PM / OPP: Add missing of_node_put(np)
- e1000e: Fix error path in link detection
- e1000e: Fix return value test
- RDS: RDMA: return appropriate error on rdma map failures
- PCI: Apply _HPX settings only to relevant devices
- dmaengine: zx: set DMA_CYCLIC cap_mask bit
- net: Allow IP_MULTICAST_IF to set index to L3 slave
- net: 3com: typhoon: typhoon_init_one: make return values more specific
- net: 3com: typhoon: typhoon_init_one: fix incorrect return values
- drm/armada: Fix compile fail
- ath10k: fix incorrect txpower set by P2P_DEVICE interface
- ath10k: ignore configuring the incorrect board_id
- ath10k: fix potential memory leak in ath10k_wmi_tlv_op_pull_fw_stats()
- ath10k: set CTS protection VDEV param only if VDEV is up
- ALSA: hda - Apply ALC269_FIXUP_NO_SHUTUP on HDA_FIXUP_ACT_PROBE
- drm: Apply range restriction after color adjustment when allocation
- mac80211: Remove invalid flag operations in mesh TSF synchronization
- mac80211: Suppress NEW_PEER_CANDIDATE event if no room
- iio: light: fix improper return value
- staging: iio: cdc: fix improper return value
- spi: SPI_FSL_DSPI should depend on HAS_DMA
- netfilter: nft_queue: use raw_smp_processor_id()
- netfilter: nf_tables: fix oob access
- ASoC: rsnd: don't double free kctrl
- btrfs: return the actual error value from from btrfs_uuid_tree_iterate
- ASoC: wm_adsp: Don't overrun firmware file buffer when reading region data
- s390/kbuild: enable modversions for symbols exported from asm
- xen: xenbus driver must not accept invalid transaction ids
- Revert "sctp: do not peel off an assoc from one netns to another one"
- Linux 4.4.103
* ppc64el: Do not call ibm,os-term on panic (LP: #1736954)
- powerpc: Do not call ppc_md.panic in fadump panic notifier
* Xenial update to 4.4.102 stable release (LP: #1744870)
- mm, hwpoison: fixup "mm: check the return value of lookup_page_ext for all
call sites"
- Linux 4.4.102
* Xenial update to 4.4.101 stable release (LP: #1744794)
- tcp: do not mangle skb->cb[] in tcp_make_synack()
- netfilter/ipvs: clear ipvs_property flag when SKB net namespace changed
- bonding: discard lowest hash bit for 802.3ad layer3+4
- vlan: fix a use-after-free in vlan_device_event()
- af_netlink: ensure that NLMSG_DONE never fails in dumps
- sctp: do not peel off an assoc from one netns to another one
- fealnx: Fix building error on MIPS
- net/sctp: Always set scope_id in sctp_inet6_skb_msgname
- ima: do not update security.ima if appraisal status is not INTEGRITY_PASS
- serial: omap: Fix EFR write on RTS deassertion
- arm64: fix dump_instr when PAN and UAO are in use
- ocfs2: should wait dio before inode lock in ocfs2_setattr()
- ipmi: fix unsigned long underflow
- mm/page_alloc.c: broken deferred calculation
- coda: fix 'kernel memory exposure attempt' in fsync
- mm: check the return value of lookup_page_ext for all call sites
- mm/page_ext.c: check if page_ext is not prepared
- mm/pagewalk.c: report holes in hugetlb ranges
- Linux 4.4.101
* Xenial update to 4.4.100 stable release (LP: #1744639)
- media: imon: Fix null-ptr-deref in imon_probe
- media: dib0700: fix invalid dvb_detach argument
- KVM: x86: fix singlestepping over syscall
- net: cdc_ether: fix divide by 0 on bad descriptors
- net: qmi_wwan: fix divide by 0 on bad descriptors
- arm: crypto: reduce priority of bit-sliced AES cipher
- Bluetooth: btusb: fix QCA Rome suspend/resume
- dmaengine: dmatest: warn user when dma test times out
- extcon: palmas: Check the parent instance to prevent the NULL
- fm10k: request reset when mbx->state changes
- ARM: dts: Fix compatible for ti81xx uarts for 8250
- ARM: dts: Fix am335x and dm814x scm syscon to probe children
- ARM: OMAP2+: Fix init for multiple quirks for the same SoC
- ARM: dts: Fix omap3 off mode pull defines
- ata: ATA_BMDMA should depend on HAS_DMA
- ata: SATA_HIGHBANK should depend on HAS_DMA
- ata: SATA_MV should depend on HAS_DMA
- drm/sti: sti_vtg: Handle return NULL error from devm_ioremap_nocache
- igb: reset the PHY before reading the PHY ID
- igb: close/suspend race in netif_device_detach
- igb: Fix hw_dbg logging in igb_update_flash_i210
- scsi: ufs-qcom: Fix module autoload
- scsi: ufs: add capability to keep auto bkops always enabled
- staging: rtl8188eu: fix incorrect ERROR tags from logs
- scsi: lpfc: FCoE VPort enable-disable does not bring up the VPort
- scsi: lpfc: Correct host name in symbolic_name field
- scsi: lpfc: Correct issue leading to oops during link reset
- scsi: lpfc: Clear the VendorVersion in the PLOGI/PLOGI ACC payload
- ALSA: vx: Don't try to update capture stream before running
- ALSA: vx: Fix possible transfer overflow
- backlight: lcd: Fix race condition during register
- backlight: adp5520: Fix error handling in adp5520_bl_probe()
- gpu: drm: mgag200: mgag200_main:- Handle error from pci_iomap
- ALSA: hda/realtek - Add new codec ID ALC299
- arm64: dts: NS2: reserve memory for Nitro firmware
- ixgbe: fix AER error handling
- ixgbe: handle close/suspend race with netif_device_detach/present
- ixgbe: Reduce I2C retry count on X550 devices
- ixgbe: add mask for 64 RSS queues
- ixgbe: do not disable FEC from the driver
- staging: rtl8712: fixed little endian problem
- MIPS: End asm function prologue macros with .insn
- mm: add PHYS_PFN, use it in __phys_to_pfn()
- MIPS: init: Ensure bootmem does not corrupt reserved memory
- MIPS: init: Ensure reserved memory regions are not added to bootmem
- MIPS: Netlogic: Exclude netlogic,xlp-pic code from XLR builds
- Revert "crypto: xts - Add ECB dependency"
- Revert "uapi: fix linux/rds.h userspace compilation errors"
- uapi: fix linux/rds.h userspace compilation error
- uapi: fix linux/rds.h userspace compilation errors
- USB: usbfs: compute urb->actual_length for isochronous
- USB: Add delay-init quirk for Corsair K70 LUX keyboards
- USB: serial: qcserial: add pid/vid for Sierra Wireless EM7355 fw update
- USB: serial: garmin_gps: fix I/O after failed probe and remove
- USB: serial: garmin_gps: fix memory leak on probe errors
- Linux 4.4.100
* Xenial update to 4.4.99 stable release (LP: #1744636)
- mac80211: accept key reinstall without changing anything
- mac80211: use constant time comparison with keys
- mac80211: don't compare TKIP TX MIC key in reinstall prevention
- usb: usbtest: fix NULL pointer dereference
- Input: ims-psu - check if CDC union descriptor is sane
- ALSA: seq: Cancel pending autoload work at unbinding device
- tun/tap: sanitize TUNSETSNDBUF input
- tcp: fix tcp_mtu_probe() vs highest_sack
- l2tp: check ps->sock before running pppol2tp_session_ioctl()
- tun: call dev_get_valid_name() before register_netdevice()
- sctp: add the missing sock_owned_by_user check in sctp_icmp_redirect
- packet: avoid panic in packet_getsockopt()
- ipv6: flowlabel: do not leave opt->tot_len with garbage
- net/unix: don't show information about sockets from other namespaces
- ip6_gre: only increase err_count for some certain type icmpv6 in ip6gre_err
- tun: allow positive return values on dev_get_valid_name() call
- sctp: reset owner sk for data chunks on out queues when migrating a sock
- ppp: fix race in ppp device destruction
- ipip: only increase err_count for some certain type icmp in ipip_err
- tcp/dccp: fix ireq->opt races
- tcp/dccp: fix lockdep splat in inet_csk_route_req()
- tcp/dccp: fix other lockdep splats accessing ireq_opt
- security/keys: add CONFIG_KEYS_COMPAT to Kconfig
- tipc: fix link attribute propagation bug
- brcmfmac: remove setting IBSS mode when stopping AP
- target/iscsi: Fix iSCSI task reassignment handling
- target: Fix node_acl demo-mode + uncached dynamic shutdown regression
- misc: panel: properly restore atomic counter on error path
- Linux 4.4.99
* elantech touchpad of Lenovo L480/580 failed to detect hw_version
(LP: #1733605)
- Input: elantech - add new icbody type 15
* Disabling zfs does not always disable module checks for the zfs modules
(LP: #1737176)
- [Packaging] disable zfs module checks when zfs is disabled
* Using asymmetric key for IMA appraisal crashes the system in Ubuntu 16.04
(LP: #1735977)
- integrity: convert digsig to akcipher api
* CVE-2017-17450
- netfilter: xt_osf: Add missing permission checks
* CVE-2017-15129
- net: Fix double free and memory corruption in get_net_ns_by_id()
* CVE-2018-5344
- loop: fix concurrent lo_open/lo_release
* [KVM] Lower the default for halt_poll_ns to 200000 ns (LP: #1724614)
- KVM: x86: lower default for halt_poll_ns
* $(LOCAL_ENV_CC) and $(LOCAL_ENV_DISTCC_HOSTS) should be properly quoted
(LP: #1744077)
- [Debian] pass LOCAL_ENV_CC and LOCAL_ENV_DISTCC_HOSTS properly
* Redpine: Wifi/BT not functioning after s3 resume (LP: #1742090) //
[16.04][classic] Redpine: wowlan feature doesn't work (LP: #1742094)
- SAUCE: Redpine: fix for wowlan wakeup failure
- SAUCE: Redpine: fix data issue with non-uapsd APs
- SAUCE: Redpine: fix reset card issue
- SAUCE: Redpine: fix wowlan issue
* Using an NVMe drive causes huge power drain (LP: #1664602) // Samsung SSD
960 EVO 500GB refused to change power state (LP: #1705748)
- nvme-pci: disable APST on Samsung SSD 960 EVO + ASUS PRIME B350M-A
* Using an NVMe drive causes huge power drain (LP: #1664602)
- nvme/scsi: Remove power management support
- nvme: return the whole CQE through the request passthrough interface
- nvme: factor out a add nvme_is_write helper
- nvme: Modify and export sync command submission for fabrics
- nvme: Fix nvme_get/set_features() with a NULL result pointer
- nvme: Pass pointers, not dma addresses, to nvme_get/set_features()
- nvme: Add a quirk mechanism that uses identify_ctrl
- nvme: Enable autonomous power state transitions
- nvme: Adjust the Samsung APST quirk
- nvme: Quirk APST off on "THNSF5256GPUK TOSHIBA"
- nvme: only consider exit latency when choosing useful non-op power states
- nvme: relax APST default max latency to 100ms
- nvme: Quirk APST on Intel 600P/P3100 devices
* CVE-2017-17862
- bpf: fix branch pruning logic
* CVE-2017-16995
- bpf: fix incorrect sign extension in check_alu_op()
* CVE-2017-17741
- KVM: Fix stack-out-of-bounds read in write_mmio
* CVE-2018-5333
- RDS: null pointer dereference in rds_atomic_free_op
* the kernel is blackholing IPv6 packets to linkdown nexthops (LP: #1738219)
- ipv6: Do not consider linkdown nexthops during multipath
* /dev/bcache/by-uuid links not created after reboot (LP: #1729145)
- SAUCE: (no-up) bcache: decouple emitting a cached_dev CHANGE uevent
* e1000e in 4.4.0-97-generic breaks 82574L under heavy load. (LP: #1730550)
- e1000e: Avoid receiver overrun interrupt bursts
- e1000e: Separate signaling for link check/link up
* ath10k: enhance rf signal strength (LP: #1736317)
- ath10k: add max_tx_power for QCA6174 WLAN.RM.2.0 firmware
* User reports excessive ALUA retry messages (LP: #1720228)
- scsi_dh_alua: uninitialized variable in alua_rtpg()
* Add installer support for new Broadcom network drivers. (LP: #1734757)
- d-i: Add bnxt_en_bpo to nic-modules.
* Transparent hugepages should default to enabled=madvise (LP: #1703742)
- SAUCE: use CONFIG_TRANSPARENT_HUGEPAGE_MADVISE=y as default
-- Khalid Elmously <email address hidden> Fri, 16 Mar 2018 18:53:11 +0000
-
linux-aws (4.4.0-1014.14) trusty; urgency=medium
* linux-aws: 4.4.0-1014.14 -proposed tracker (LP: #1748486)
[ Ubuntu: 4.4.0-116.140 ]
* linux: 4.4.0-116.140 -proposed tracker (LP: #1748990)
* BUG: unable to handle kernel NULL pointer dereference at 0000000000000009
(LP: #1748671)
- SAUCE: net: ipv4: fix for a race condition in raw_sendmsg -- fix backport
[ Ubuntu: 4.4.0-115.139 ]
* linux: 4.4.0-115.138 -proposed tracker (LP: #1748745)
* CVE-2017-5715 (Spectre v2 Intel)
- Revert "UBUNTU: SAUCE: turn off IBPB when full retpoline is present"
- SAUCE: turn off IBRS when full retpoline is present
- [Packaging] retpoline files must be sorted
- [Packaging] pull in retpoline files
[ Ubuntu: 4.4.0-114.137 ]
* linux: 4.4.0-114.137 -proposed tracker (LP: #1748484)
* ALSA backport missing NVIDIA GPU codec IDs to patch table to
Ubuntu 16.04 LTS Kernel (LP: #1744117)
- ALSA: hda - Add missing NVIDIA GPU codec IDs to patch table
* Shutdown hang on 16.04 with iscsi targets (LP: #1569925)
- scsi: libiscsi: Allow sd_shutdown on bad transport
* libata: apply MAX_SEC_1024 to all LITEON EP1 series devices (LP: #1743053)
- libata: apply MAX_SEC_1024 to all LITEON EP1 series devices
* KVM patches for s390x to provide facility bits 81 (ppa15) and 82 (bpb)
(LP: #1747090)
- KVM: s390: wire up bpb feature
- KVM: s390: Enable all facility bits that are known good for passthrough
* CVE-2017-5715 (Spectre v2 Intel)
- SAUCE: drop lingering gmb() macro
- x86/feature: Enable the x86 feature to control Speculation
- x86/feature: Report presence of IBPB and IBRS control
- x86/enter: MACROS to set/clear IBRS and set IBPB
- x86/enter: Use IBRS on syscall and interrupts
- x86/idle: Disable IBRS entering idle and enable it on wakeup
- x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup
- x86/mm: Set IBPB upon context switch
- x86/mm: Only set IBPB when the new thread cannot ptrace current thread
- x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm
- x86/kvm: Set IBPB when switching VM
- x86/kvm: Toggle IBRS on VM entry and exit
- x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature
- x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control
- x86/cpu/amd, kvm: Satisfy guest kernel reads of IC_CFG MSR
- x86/cpu/AMD: Add speculative control support for AMD
- x86/microcode: Extend post microcode reload to support IBPB feature
- KVM: SVM: Do not intercept new speculative control MSRs
- x86/svm: Set IBRS value on VM entry and exit
- x86/svm: Set IBPB when running a different VCPU
- KVM: x86: Add speculative control CPUID support for guests
- SAUCE: Fix spec_ctrl support in KVM
- SAUCE: turn off IBPB when full retpoline is present
linux-aws (4.4.0-1013.13) trusty; urgency=low
* linux-aws: 4.4.0-1013.13 -proposed tracker (LP: #1746937)
[ Ubuntu: 4.4.0-113.136 ]
* linux: 4.4.0-113.136 -proposed tracker (LP: #1746936)
* Missing install-time driver for QLogic QED 25/40/100Gb Ethernet NIC
(LP: #1743638)
- [d-i] Add qede to nic-modules udeb
* CVE-2017-5753 (Spectre v1 Intel)
- x86/cpu/AMD: Make the LFENCE instruction serialized
- x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature
- SAUCE: reinstate MFENCE_RDTSC feature definition
- locking/barriers: introduce new observable speculation barrier
- bpf: prevent speculative execution in eBPF interpreter
- x86, bpf, jit: prevent speculative execution when JIT is enabled
- SAUCE: FIX: x86, bpf, jit: prevent speculative execution when JIT is enabled
- carl9170: prevent speculative execution
- qla2xxx: prevent speculative execution
- Thermal/int340x: prevent speculative execution
- ipv4: prevent speculative execution
- ipv6: prevent speculative execution
- fs: prevent speculative execution
- net: mpls: prevent speculative execution
- udf: prevent speculative execution
- userns: prevent speculative execution
- SAUCE: claim mitigation via observable speculation barrier
- SAUCE: powerpc: add osb barrier
- SAUCE: s390/spinlock: add osb memory barrier
- SAUCE: arm64: no osb() implementation yet
- SAUCE: arm: no osb() implementation yet
* CVE-2017-5715 (Spectre v2 retpoline)
- x86/cpuid: Provide get_scattered_cpuid_leaf()
- x86/cpu: Factor out application of forced CPU caps
- x86/cpufeatures: Make CPU bugs sticky
- x86/cpufeatures: Add X86_BUG_CPU_INSECURE
- x86/cpu, x86/pti: Do not enable PTI on AMD processors
- x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN
- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]
- x86/cpu: Merge bugs.c and bugs_64.c
- sysfs/cpu: Add vulnerability folder
- x86/cpu: Implement CPU vulnerabilites sysfs functions
- x86/alternatives: Add missing '\n' at end of ALTERNATIVE inline asm
- x86/mm/32: Move setup_clear_cpu_cap(X86_FEATURE_PCID) earlier
- x86/asm: Use register variable to get stack pointer value
- x86/kbuild: enable modversions for symbols exported from asm
- x86/asm: Make asm/alternative.h safe from assembly
- EXPORT_SYMBOL() for asm
- kconfig.h: use __is_defined() to check if MODULE is defined
- x86/retpoline: Add initial retpoline support
- x86/spectre: Add boot time option to select Spectre v2 mitigation
- x86/retpoline/crypto: Convert crypto assembler indirect jumps
- x86/retpoline/entry: Convert entry assembler indirect jumps
- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps
- x86/retpoline/hyperv: Convert assembler indirect jumps
- x86/retpoline/xen: Convert Xen hypercall indirect jumps
- x86/retpoline/checksum32: Convert assembler indirect jumps
- x86/retpoline/irq32: Convert assembler indirect jumps
- x86/retpoline: Fill return stack buffer on vmexit
- x86/retpoline: Remove compile time warning
- x86/retpoline: Add LFENCE to the retpoline/RSB filling RSB macros
- module: Add retpoline tag to VERMAGIC
- x86/mce: Make machine check speculation protected
- retpoline: Introduce start/end markers of indirect thunk
- kprobes/x86: Blacklist indirect thunk functions for kprobes
- kprobes/x86: Disable optimizing on the function jumps to indirect thunk
- x86/retpoline: Optimize inline assembler for vmexit_fill_RSB
- [Config] CONFIG_RETPOLINE=y
- [Packaging] retpoline -- add call site validation
- [Config] disable retpoline checks for first upload
* CVE-2017-5715 (revert embargoed) // CVE-2017-5753 (revert embargoed)
- Revert "UBUNTU: SAUCE: Fix spec_ctrl support in KVM"
- Revert "x86/cpuid: Provide get_scattered_cpuid_leaf()"
- Revert "kvm: vmx: Scrub hardware GPRs at VM-exit"
- Revert "Revert "x86/svm: Add code to clear registers on VM exit""
- Revert "UBUNTU: SAUCE: x86/microcode: Extend post microcode reload to
support IBPB feature -- repair missmerge"
- Revert "arm: no gmb() implementation yet"
- Revert "arm64: no gmb() implementation yet"
- Revert "UBUNTU: SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit"
- Revert "s390/spinlock: add gmb memory barrier"
- Revert "powerpc: add gmb barrier"
- Revert "x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature"
- Revert "x86/cpu/AMD: Make the LFENCE instruction serialized"
- Revert "x86/svm: Add code to clear registers on VM exit"
- Revert "x86/svm: Add code to clobber the RSB on VM exit"
- Revert "KVM: x86: Add speculative control CPUID support for guests"
- Revert "x86/svm: Set IBPB when running a different VCPU"
- Revert "x86/svm: Set IBRS value on VM entry and exit"
- Revert "KVM: SVM: Do not intercept new speculative control MSRs"
- Revert "x86/microcode: Extend post microcode reload to support IBPB feature"
- Revert "x86/cpu/AMD: Add speculative control support for AMD"
- Revert "x86/cpu/amd, kvm: Satisfy guest kernel reads of IC_CFG MSR"
- Revert "x86/entry: Use retpoline for syscall's indirect calls"
- Revert "x86/syscall: Clear unused extra registers on 32-bit compatible
syscall entrance"
- Revert "x86/syscall: Clear unused extra registers on syscall entrance"
- Revert "x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb
control"
- Revert "x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature"
- Revert "x86/kvm: Pad RSB on VM transition"
- Revert "x86/kvm: Toggle IBRS on VM entry and exit"
- Revert "x86/kvm: Set IBPB when switching VM"
- Revert "x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm"
- Revert "x86/entry: Stuff RSB for entry to kernel for non-SMEP platform"
- Revert "x86/mm: Only set IBPB when the new thread cannot ptrace current
thread"
- Revert "x86/mm: Set IBPB upon context switch"
- Revert "x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup"
- Revert "x86/idle: Disable IBRS entering idle and enable it on wakeup"
- Revert "x86/enter: Use IBRS on syscall and interrupts"
- Revert "x86/enter: MACROS to set/clear IBRS and set IBPB"
- Revert "x86/feature: Report presence of IBPB and IBRS control"
- Revert "x86/feature: Enable the x86 feature to control Speculation"
- Revert "udf: prevent speculative execution"
- Revert "net: mpls: prevent speculative execution"
- Revert "fs: prevent speculative execution"
- Revert "ipv6: prevent speculative execution"
- Revert "userns: prevent speculative execution"
- Revert "Thermal/int340x: prevent speculative execution"
- Revert "qla2xxx: prevent speculative execution"
- Revert "carl9170: prevent speculative execution"
- Revert "uvcvideo: prevent speculative execution"
- Revert "x86, bpf, jit: prevent speculative execution when JIT is enabled"
- Revert "bpf: prevent speculative execution in eBPF interpreter"
* CVE-2017-17712
- net: ipv4: fix for a race condition in raw_sendmsg
* upload urgency should be medium by default (LP: #1745338)
- [Packaging] update urgency to medium by default
* CVE-CVE-2017-12190
- more bio_map_user_iov() leak fixes
* CVE-2015-8952
- mbcache2: reimplement mbcache
- ext2: convert to mbcache2
- ext4: convert to mbcache2
- mbcache2: limit cache size
- mbcache2: Use referenced bit instead of LRU
- ext4: kill ext4_mballoc_ready
- ext4: shortcut setting of xattr to the same value
- mbcache: remove mbcache
- mbcache2: rename to mbcache
- mbcache: get rid of _e_hash_list_head
- mbcache: add reusable flag to cache entries
* CVE-2017-15115
- sctp: do not peel off an assoc from one netns to another one
* CVE-2017-8824
- dccp: CVE-2017-8824: use-after-free in DCCP code
[ Ubuntu: 4.4.0-112.135 ]
* linux: 4.4.0-112.135 -proposed tracker (LP: #1744244)
* CVE-2017-5715 // CVE-2017-5753
- x86/cpuid: Provide get_scattered_cpuid_leaf()
- SAUCE: Fix spec_ctrl support in KVM
- SAUCE: s390: improve cpu alternative handling for gmb and nobp
- SAUCE: s390: print messages for gmb and nobp
- [Config] KERNEL_NOBP=y
[ Ubuntu: 4.4.0-111.134 ]
* linux: 4.4.0-111.134 -proposed tracker (LP: #1743362)
* Do not duplicate changelog entries assigned to more than one bug or CVE
(LP: #1743383)
- [Packaging] git-ubuntu-log -- handle multiple bugs/cves better
* CVE-2017-5715 // CVE-2017-5753
- SAUCE: x86/microcode: Extend post microcode reload to support IBPB feature
-- repair missmerge
- Revert "x86/svm: Add code to clear registers on VM exit"
- kvm: vmx: Scrub hardware GPRs at VM-exit
* CVE-2017-5754
- SAUCE: powerpc: use sync instead of hwsync mnemonic
-- Kamal Mostafa <email address hidden> Mon, 12 Feb 2018 15:09:13 -0800
-
linux-aws (4.4.0-1013.13) trusty; urgency=low
* linux-aws: 4.4.0-1013.13 -proposed tracker (LP: #1746937)
[ Ubuntu: 4.4.0-113.136 ]
* linux: 4.4.0-113.136 -proposed tracker (LP: #1746936)
* Missing install-time driver for QLogic QED 25/40/100Gb Ethernet NIC
(LP: #1743638)
- [d-i] Add qede to nic-modules udeb
* CVE-2017-5753 (Spectre v1 Intel)
- x86/cpu/AMD: Make the LFENCE instruction serialized
- x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature
- SAUCE: reinstate MFENCE_RDTSC feature definition
- locking/barriers: introduce new observable speculation barrier
- bpf: prevent speculative execution in eBPF interpreter
- x86, bpf, jit: prevent speculative execution when JIT is enabled
- SAUCE: FIX: x86, bpf, jit: prevent speculative execution when JIT is enabled
- carl9170: prevent speculative execution
- qla2xxx: prevent speculative execution
- Thermal/int340x: prevent speculative execution
- ipv4: prevent speculative execution
- ipv6: prevent speculative execution
- fs: prevent speculative execution
- net: mpls: prevent speculative execution
- udf: prevent speculative execution
- userns: prevent speculative execution
- SAUCE: claim mitigation via observable speculation barrier
- SAUCE: powerpc: add osb barrier
- SAUCE: s390/spinlock: add osb memory barrier
- SAUCE: arm64: no osb() implementation yet
- SAUCE: arm: no osb() implementation yet
* CVE-2017-5715 (Spectre v2 retpoline)
- x86/cpuid: Provide get_scattered_cpuid_leaf()
- x86/cpu: Factor out application of forced CPU caps
- x86/cpufeatures: Make CPU bugs sticky
- x86/cpufeatures: Add X86_BUG_CPU_INSECURE
- x86/cpu, x86/pti: Do not enable PTI on AMD processors
- x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN
- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]
- x86/cpu: Merge bugs.c and bugs_64.c
- sysfs/cpu: Add vulnerability folder
- x86/cpu: Implement CPU vulnerabilites sysfs functions
- x86/alternatives: Add missing '\n' at end of ALTERNATIVE inline asm
- x86/mm/32: Move setup_clear_cpu_cap(X86_FEATURE_PCID) earlier
- x86/asm: Use register variable to get stack pointer value
- x86/kbuild: enable modversions for symbols exported from asm
- x86/asm: Make asm/alternative.h safe from assembly
- EXPORT_SYMBOL() for asm
- kconfig.h: use __is_defined() to check if MODULE is defined
- x86/retpoline: Add initial retpoline support
- x86/spectre: Add boot time option to select Spectre v2 mitigation
- x86/retpoline/crypto: Convert crypto assembler indirect jumps
- x86/retpoline/entry: Convert entry assembler indirect jumps
- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps
- x86/retpoline/hyperv: Convert assembler indirect jumps
- x86/retpoline/xen: Convert Xen hypercall indirect jumps
- x86/retpoline/checksum32: Convert assembler indirect jumps
- x86/retpoline/irq32: Convert assembler indirect jumps
- x86/retpoline: Fill return stack buffer on vmexit
- x86/retpoline: Remove compile time warning
- x86/retpoline: Add LFENCE to the retpoline/RSB filling RSB macros
- module: Add retpoline tag to VERMAGIC
- x86/mce: Make machine check speculation protected
- retpoline: Introduce start/end markers of indirect thunk
- kprobes/x86: Blacklist indirect thunk functions for kprobes
- kprobes/x86: Disable optimizing on the function jumps to indirect thunk
- x86/retpoline: Optimize inline assembler for vmexit_fill_RSB
- [Config] CONFIG_RETPOLINE=y
- [Packaging] retpoline -- add call site validation
- [Config] disable retpoline checks for first upload
* CVE-2017-5715 (revert embargoed) // CVE-2017-5753 (revert embargoed)
- Revert "UBUNTU: SAUCE: Fix spec_ctrl support in KVM"
- Revert "x86/cpuid: Provide get_scattered_cpuid_leaf()"
- Revert "kvm: vmx: Scrub hardware GPRs at VM-exit"
- Revert "Revert "x86/svm: Add code to clear registers on VM exit""
- Revert "UBUNTU: SAUCE: x86/microcode: Extend post microcode reload to
support IBPB feature -- repair missmerge"
- Revert "arm: no gmb() implementation yet"
- Revert "arm64: no gmb() implementation yet"
- Revert "UBUNTU: SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit"
- Revert "s390/spinlock: add gmb memory barrier"
- Revert "powerpc: add gmb barrier"
- Revert "x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature"
- Revert "x86/cpu/AMD: Make the LFENCE instruction serialized"
- Revert "x86/svm: Add code to clear registers on VM exit"
- Revert "x86/svm: Add code to clobber the RSB on VM exit"
- Revert "KVM: x86: Add speculative control CPUID support for guests"
- Revert "x86/svm: Set IBPB when running a different VCPU"
- Revert "x86/svm: Set IBRS value on VM entry and exit"
- Revert "KVM: SVM: Do not intercept new speculative control MSRs"
- Revert "x86/microcode: Extend post microcode reload to support IBPB feature"
- Revert "x86/cpu/AMD: Add speculative control support for AMD"
- Revert "x86/cpu/amd, kvm: Satisfy guest kernel reads of IC_CFG MSR"
- Revert "x86/entry: Use retpoline for syscall's indirect calls"
- Revert "x86/syscall: Clear unused extra registers on 32-bit compatible
syscall entrance"
- Revert "x86/syscall: Clear unused extra registers on syscall entrance"
- Revert "x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb
control"
- Revert "x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature"
- Revert "x86/kvm: Pad RSB on VM transition"
- Revert "x86/kvm: Toggle IBRS on VM entry and exit"
- Revert "x86/kvm: Set IBPB when switching VM"
- Revert "x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm"
- Revert "x86/entry: Stuff RSB for entry to kernel for non-SMEP platform"
- Revert "x86/mm: Only set IBPB when the new thread cannot ptrace current
thread"
- Revert "x86/mm: Set IBPB upon context switch"
- Revert "x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup"
- Revert "x86/idle: Disable IBRS entering idle and enable it on wakeup"
- Revert "x86/enter: Use IBRS on syscall and interrupts"
- Revert "x86/enter: MACROS to set/clear IBRS and set IBPB"
- Revert "x86/feature: Report presence of IBPB and IBRS control"
- Revert "x86/feature: Enable the x86 feature to control Speculation"
- Revert "udf: prevent speculative execution"
- Revert "net: mpls: prevent speculative execution"
- Revert "fs: prevent speculative execution"
- Revert "ipv6: prevent speculative execution"
- Revert "userns: prevent speculative execution"
- Revert "Thermal/int340x: prevent speculative execution"
- Revert "qla2xxx: prevent speculative execution"
- Revert "carl9170: prevent speculative execution"
- Revert "uvcvideo: prevent speculative execution"
- Revert "x86, bpf, jit: prevent speculative execution when JIT is enabled"
- Revert "bpf: prevent speculative execution in eBPF interpreter"
* CVE-2017-17712
- net: ipv4: fix for a race condition in raw_sendmsg
* upload urgency should be medium by default (LP: #1745338)
- [Packaging] update urgency to medium by default
* CVE-CVE-2017-12190
- more bio_map_user_iov() leak fixes
* CVE-2015-8952
- mbcache2: reimplement mbcache
- ext2: convert to mbcache2
- ext4: convert to mbcache2
- mbcache2: limit cache size
- mbcache2: Use referenced bit instead of LRU
- ext4: kill ext4_mballoc_ready
- ext4: shortcut setting of xattr to the same value
- mbcache: remove mbcache
- mbcache2: rename to mbcache
- mbcache: get rid of _e_hash_list_head
- mbcache: add reusable flag to cache entries
* CVE-2017-15115
- sctp: do not peel off an assoc from one netns to another one
* CVE-2017-8824
- dccp: CVE-2017-8824: use-after-free in DCCP code
[ Ubuntu: 4.4.0-112.135 ]
* linux: 4.4.0-112.135 -proposed tracker (LP: #1744244)
* CVE-2017-5715 // CVE-2017-5753
- x86/cpuid: Provide get_scattered_cpuid_leaf()
- SAUCE: Fix spec_ctrl support in KVM
- SAUCE: s390: improve cpu alternative handling for gmb and nobp
- SAUCE: s390: print messages for gmb and nobp
- [Config] KERNEL_NOBP=y
[ Ubuntu: 4.4.0-111.134 ]
* linux: 4.4.0-111.134 -proposed tracker (LP: #1743362)
* Do not duplicate changelog entries assigned to more than one bug or CVE
(LP: #1743383)
- [Packaging] git-ubuntu-log -- handle multiple bugs/cves better
* CVE-2017-5715 // CVE-2017-5753
- SAUCE: x86/microcode: Extend post microcode reload to support IBPB feature
-- repair missmerge
- Revert "x86/svm: Add code to clear registers on VM exit"
- kvm: vmx: Scrub hardware GPRs at VM-exit
* CVE-2017-5754
- SAUCE: powerpc: use sync instead of hwsync mnemonic
-- Kamal Mostafa <email address hidden> Wed, 07 Feb 2018 11:44:44 -0800
-
linux-aws (4.4.0-1012.12) trusty; urgency=low
* linux-aws: 4.4.0-1012.12 -proposed tracker (LP: #1746324)
* linux-aws serial console not recognized (LP: #1746318)
- SAUCE: [aws] serial: 8250_pci: Add Amazon PCI serial device ID
- [aws] config: SERIAL_8250_NR_UARTS=4
-- Kamal Mostafa <email address hidden> Tue, 30 Jan 2018 11:31:59 -0800
-
linux-aws (4.4.0-1011.11) trusty; urgency=low
* linux-aws: 4.4.0-1011.11 -proposed tracker (LP: #1742998)
[ Ubuntu: 4.4.0-110.133 ]
* linux: 4.4.0-110.133 -proposed tracker (LP: #1742995)
* CVE-2017-5753
- x86/microcode/AMD: Add support for fam17h microcode loading
- bpf: add bpf_patch_insn_single helper
- bpf: prepare bpf_int_jit_compile/bpf_prog_select_runtime apis
- bpf: add generic constant blinding for use in jits
- locking/barriers: introduce new memory barrier gmb()
- bpf: prevent speculative execution in eBPF interpreter
- x86, bpf, jit: prevent speculative execution when JIT is enabled
- uvcvideo: prevent speculative execution
- carl9170: prevent speculative execution
- qla2xxx: prevent speculative execution
- Thermal/int340x: prevent speculative execution
- userns: prevent speculative execution
- ipv6: prevent speculative execution
- fs: prevent speculative execution
- net: mpls: prevent speculative execution
- udf: prevent speculative execution
- x86/feature: Enable the x86 feature to control Speculation
- x86/feature: Report presence of IBPB and IBRS control
- x86/enter: MACROS to set/clear IBRS and set IBPB
- x86/enter: Use IBRS on syscall and interrupts
- x86/idle: Disable IBRS entering idle and enable it on wakeup
- x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup
- x86/mm: Set IBPB upon context switch
- x86/mm: Only set IBPB when the new thread cannot ptrace current thread
- x86/entry: Stuff RSB for entry to kernel for non-SMEP platform
- x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm
- x86/kvm: Set IBPB when switching VM
- x86/kvm: Toggle IBRS on VM entry and exit
- x86/kvm: Pad RSB on VM transition
- x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature
- x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control
- x86/syscall: Clear unused extra registers on syscall entrance
- x86/syscall: Clear unused extra registers on 32-bit compatible syscall
entrance
- x86/entry: Use retpoline for syscall's indirect calls
- x86/cpu/amd, kvm: Satisfy guest kernel reads of IC_CFG MSR
- x86/cpu/AMD: Add speculative control support for AMD
- x86/microcode: Extend post microcode reload to support IBPB feature
- KVM: SVM: Do not intercept new speculative control MSRs
- x86/svm: Set IBRS value on VM entry and exit
- x86/svm: Set IBPB when running a different VCPU
- KVM: x86: Add speculative control CPUID support for guests
- x86/svm: Add code to clobber the RSB on VM exit
- x86/svm: Add code to clear registers on VM exit
- x86/cpu/AMD: Make the LFENCE instruction serialized
- x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature
- powerpc: add gmb barrier
- s390/spinlock: add gmb memory barrier
- SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit
- arm64: no gmb() implementation yet
- arm: no gmb() implementation yet
* CVE-2017-5715
- x86/microcode/AMD: Add support for fam17h microcode loading
- bpf: add bpf_patch_insn_single helper
- bpf: prepare bpf_int_jit_compile/bpf_prog_select_runtime apis
- bpf: add generic constant blinding for use in jits
- locking/barriers: introduce new memory barrier gmb()
- bpf: prevent speculative execution in eBPF interpreter
- x86, bpf, jit: prevent speculative execution when JIT is enabled
- uvcvideo: prevent speculative execution
- carl9170: prevent speculative execution
- qla2xxx: prevent speculative execution
- Thermal/int340x: prevent speculative execution
- userns: prevent speculative execution
- ipv6: prevent speculative execution
- fs: prevent speculative execution
- net: mpls: prevent speculative execution
- udf: prevent speculative execution
- x86/feature: Enable the x86 feature to control Speculation
- x86/feature: Report presence of IBPB and IBRS control
- x86/enter: MACROS to set/clear IBRS and set IBPB
- x86/enter: Use IBRS on syscall and interrupts
- x86/idle: Disable IBRS entering idle and enable it on wakeup
- x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup
- x86/mm: Set IBPB upon context switch
- x86/mm: Only set IBPB when the new thread cannot ptrace current thread
- x86/entry: Stuff RSB for entry to kernel for non-SMEP platform
- x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm
- x86/kvm: Set IBPB when switching VM
- x86/kvm: Toggle IBRS on VM entry and exit
- x86/kvm: Pad RSB on VM transition
- x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature
- x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control
- x86/syscall: Clear unused extra registers on syscall entrance
- x86/syscall: Clear unused extra registers on 32-bit compatible syscall
entrance
- x86/entry: Use retpoline for syscall's indirect calls
- x86/cpu/amd, kvm: Satisfy guest kernel reads of IC_CFG MSR
- x86/cpu/AMD: Add speculative control support for AMD
- x86/microcode: Extend post microcode reload to support IBPB feature
- KVM: SVM: Do not intercept new speculative control MSRs
- x86/svm: Set IBRS value on VM entry and exit
- x86/svm: Set IBPB when running a different VCPU
- KVM: x86: Add speculative control CPUID support for guests
- x86/svm: Add code to clobber the RSB on VM exit
- x86/svm: Add code to clear registers on VM exit
- x86/cpu/AMD: Make the LFENCE instruction serialized
- x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature
- powerpc: add gmb barrier
- s390/spinlock: add gmb memory barrier
- SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit
- arm64: no gmb() implementation yet
- arm: no gmb() implementation yet
* powerpc: flush L1D on return to use (LP: #1742772)
- SAUCE: powerpc: Secure memory rfi flush
- SAUCE: rfi-flush: Make DEBUG_RFI a CONFIG option
- SAUCE: rfi-flush: Add HRFI_TO_UNKNOWN and use it in denorm
- SAUCE: Fixup rfid in kvmppc_skip_Hinterrupt should be hrfid
- SAUCE: rfi-flush: kvmppc_skip_(H)interrupt returns to host
- SAUCE: KVM: Revert the implementation of H_GET_CPU_CHARACTERISTICS
- SAUCE: rfi-flush: Implement congruence-first fallback flush
- SAUCE: rfi-flush: Make l1d_flush_type bit flags
- SAUCE: rfi-flush: Push the instruction selection down to the patching
routine
- SAUCE: rfi-flush: Expand the RFI section to two nop slots
- SAUCE: rfi-flush: Support more than one flush type at once
- SAUCE: rfi-flush: Allow HV to advertise multiple flush types
- SAUCE: rfi-flush: Add speculation barrier before ori 30,30,0 flush
- SAUCE: powerpc/asm: Allow including ppc_asm.h in asm files
- SAUCE: Remove setup.h include file otherwise compilation complains about
missing header file.
- SAUCE: Fix compilation errors for arch/powerpc/lib/feature-fixups.c
- SAUCE: rfi-flush: Add barriers to the fallback L1D flushing
- SAUCE: rfi-flush: Rework powernv logic to be more cautious
- SAUCE: rfi-flush: Rework pseries logic to be more cautious
- SAUCE: rfi-flush: Fix the fallback flush to actually activate
- SAUCE: rfi-flush: Fix HRFI_TO_UNKNOWN
- SAUCE: rfi-flush: Refactor the macros so the nops are defined once
- SAUCE: rfi-flush: Add no_rfi_flush and nopti comandline options
- SAUCE: rfi-flush: Use rfi-flush in printks
- SAUCE: rfi-flush: Fallback flush add load dependency
- SAUCE: rfi-flush: Fix the 32-bit KVM build
- SAUCE: rfi-flush: Fix some RFI conversions in the KVM code
- SAUCE: UBUNTU: [Config] Disable CONFIG_PPC_DEBUG_RFI
* s390: add ppa to kernel entry/exit (LP: #1742771)
- s390: introduce CPU alternatives
- s390: add ppa to kernel entry / exit
* CVE-2017-5754
- x86/tlb: Drop the _GPL from the cpu_tlbstate export
- Map the vsyscall page with _PAGE_USER
- s390: introduce CPU alternatives
- s390: add ppa to kernel entry / exit
- SAUCE: powerpc: Secure memory rfi flush
- SAUCE: rfi-flush: Make DEBUG_RFI a CONFIG option
- SAUCE: rfi-flush: Add HRFI_TO_UNKNOWN and use it in denorm
- SAUCE: Fixup rfid in kvmppc_skip_Hinterrupt should be hrfid
- SAUCE: rfi-flush: kvmppc_skip_(H)interrupt returns to host
- SAUCE: KVM: Revert the implementation of H_GET_CPU_CHARACTERISTICS
- SAUCE: rfi-flush: Implement congruence-first fallback flush
- SAUCE: rfi-flush: Make l1d_flush_type bit flags
- SAUCE: rfi-flush: Push the instruction selection down to the patching
routine
- SAUCE: rfi-flush: Expand the RFI section to two nop slots
- SAUCE: rfi-flush: Support more than one flush type at once
- SAUCE: rfi-flush: Allow HV to advertise multiple flush types
- SAUCE: rfi-flush: Add speculation barrier before ori 30,30,0 flush
- SAUCE: powerpc/asm: Allow including ppc_asm.h in asm files
- SAUCE: Remove setup.h include file otherwise compilation complains about
missing header file.
- SAUCE: Fix compilation errors for arch/powerpc/lib/feature-fixups.c
- SAUCE: rfi-flush: Add barriers to the fallback L1D flushing
- SAUCE: rfi-flush: Rework powernv logic to be more cautious
- SAUCE: rfi-flush: Rework pseries logic to be more cautious
- SAUCE: rfi-flush: Fix the fallback flush to actually activate
- SAUCE: rfi-flush: Fix HRFI_TO_UNKNOWN
- SAUCE: rfi-flush: Refactor the macros so the nops are defined once
- SAUCE: rfi-flush: Add no_rfi_flush and nopti comandline options
- SAUCE: rfi-flush: Use rfi-flush in printks
- SAUCE: rfi-flush: Fallback flush add load dependency
- SAUCE: rfi-flush: Fix the 32-bit KVM build
- SAUCE: rfi-flush: Fix some RFI conversions in the KVM code
- SAUCE: UBUNTU: [Config] Disable CONFIG_PPC_DEBUG_RFI
-- Kamal Mostafa <email address hidden> Fri, 12 Jan 2018 14:48:15 -0800
-
linux-aws (4.4.0-1010.10) trusty; urgency=low
* linux-aws: 4.4.0-1010.10 -proposed tracker (LP: #1742253)
[ Ubuntu: 4.4.0-109.132 ]
* linux: 4.4.0-109.132 -proposed tracker (LP: #1742252)
* Kernel trace with xenial 4.4 (4.4.0-108.131, Candidate kernels for PTI fix)
(LP: #1741934)
- SAUCE: kaiser: fix perf crashes - fix to original commit
[ Ubuntu: 4.4.0-108.131 ]
* linux: 4.4.0-108.131 -proposed tracker (LP: #1741727)
* CVE-2017-5754
- x86/mm: Disable PCID on 32-bit kernels
-- Marcelo Henrique Cerri <email address hidden> Tue, 09 Jan 2018 20:42:44 -0200
-
linux-aws (4.4.0-1009.9) trusty; urgency=low
* linux-aws: 4.4.0-1009.9 -proposed tracker (LP: #1741644)
[ Ubuntu: 4.4.0-107.130 ]
* linux: 4.4.0-107.130 -proposed tracker (LP: #1741643)
* CVE-2017-5754
- Revert "UBUNTU: SAUCE: arch/x86/entry/vdso: temporarily disable vdso"
- KPTI: Report when enabled
- x86, vdso, pvclock: Simplify and speed up the vdso pvclock reader
- x86/vdso: Get pvclock data from the vvar VMA instead of the fixmap
- x86/kasan: Clear kasan_zero_page after TLB flush
- kaiser: Set _PAGE_NX only if supported
[ Ubuntu: 4.4.0-106.129 ]
* linux: 4.4.0-106.129 -proposed tracker (LP: #1741528)
* CVE-2017-5754
- KAISER: Kernel Address Isolation
- kaiser: merged update
- kaiser: do not set _PAGE_NX on pgd_none
- kaiser: stack map PAGE_SIZE at THREAD_SIZE-PAGE_SIZE
- kaiser: fix build and FIXME in alloc_ldt_struct()
- kaiser: KAISER depends on SMP
- kaiser: fix regs to do_nmi() ifndef CONFIG_KAISER
- kaiser: fix perf crashes
- kaiser: ENOMEM if kaiser_pagetable_walk() NULL
- kaiser: tidied up asm/kaiser.h somewhat
- kaiser: tidied up kaiser_add/remove_mapping slightly
- kaiser: kaiser_remove_mapping() move along the pgd
- kaiser: cleanups while trying for gold link
- kaiser: name that 0x1000 KAISER_SHADOW_PGD_OFFSET
- kaiser: delete KAISER_REAL_SWITCH option
- kaiser: vmstat show NR_KAISERTABLE as nr_overhead
- x86/mm: Enable CR4.PCIDE on supported systems
- x86/mm: Build arch/x86/mm/tlb.c even on !SMP
- x86/mm, sched/core: Uninline switch_mm()
- x86/mm: Add INVPCID helpers
- x86/mm: If INVPCID is available, use it to flush global mappings
- kaiser: enhanced by kernel and user PCIDs
- kaiser: load_new_mm_cr3() let SWITCH_USER_CR3 flush user
- kaiser: PCID 0 for kernel and 128 for user
- kaiser: x86_cr3_pcid_noflush and x86_cr3_pcid_user
- kaiser: paranoid_entry pass cr3 need to paranoid_exit
- kaiser: _pgd_alloc() without __GFP_REPEAT to avoid stalls
- kaiser: fix unlikely error in alloc_ldt_struct()
- kaiser: add "nokaiser" boot option, using ALTERNATIVE
- x86/kaiser: Rename and simplify X86_FEATURE_KAISER handling
- x86/boot: Add early cmdline parsing for options with arguments
- x86/kaiser: Check boottime cmdline params
- kaiser: use ALTERNATIVE instead of x86_cr3_pcid_noflush
- kaiser: drop is_atomic arg to kaiser_pagetable_walk()
- kaiser: asm/tlbflush.h handle noPGE at lower level
- kaiser: kaiser_flush_tlb_on_return_to_user() check PCID
- x86/paravirt: Dont patch flush_tlb_single
- x86/kaiser: Reenable PARAVIRT
- kaiser: disabled on Xen PV
- x86/kaiser: Move feature detection up
- kvm: x86: fix RSM when PCID is non-zero
- SAUCE: arch/x86/entry/vdso: temporarily disable vdso
- [Config]: CONFIG_KAISER=y
-- Kamal Mostafa <email address hidden> Sat, 06 Jan 2018 10:25:44 -0800
-
linux-aws (4.4.0-1007.7) trusty; urgency=low
* linux-aws: 4.4.0-1007.7 -proposed tracker (LP: #1737918)
[ Ubuntu: 4.4.0-105.128 ]
* linux: 4.4.0-105.128 -proposed tracker (LP: #1737916)
* CVE-CVE-2017-12190
- more bio_map_user_iov() leak fixes
* CVE-2015-8952
- mbcache2: reimplement mbcache
- ext2: convert to mbcache2
- ext4: convert to mbcache2
- mbcache2: limit cache size
- mbcache2: Use referenced bit instead of LRU
- ext4: kill ext4_mballoc_ready
- ext4: shortcut setting of xattr to the same value
- mbcache: remove mbcache
- mbcache2: rename to mbcache
- mbcache: get rid of _e_hash_list_head
- mbcache: add reusable flag to cache entries
* CVE-2017-15115
- sctp: do not peel off an assoc from one netns to another one
* CVE-2017-8824
- dccp: CVE-2017-8824: use-after-free in DCCP code
-- Thadeu Lima de Souza Cascardo <email address hidden> Fri, 15 Dec 2017 09:00:29 -0200
-
linux-aws (4.4.0-1006.6) trusty; urgency=low
* linux-aws: 4.4.0-1006.6 -proposed tracker (LP: #1737512)
[ Ubuntu: 4.4.0-104.127 ]
* linux: 4.4.0-104.127 -proposed tracker (LP: #1737511)
* upgrading linux-image package to 4.4.0-103.126 breaks Ceph network file
system connection (LP: #1737033)
- Revert "libceph: MOSDOpReply v7 encoding"
- Revert "libceph: advertise support for TUNABLES5"
- Revert "crush: decode and initialize chooseleaf_stable"
- Revert "crush: add chooseleaf_stable tunable"
- Revert "crush: ensure take bucket value is valid"
- Revert "crush: ensure bucket id is valid before indexing buckets array"
-- Thadeu Lima de Souza Cascardo <email address hidden> Mon, 11 Dec 2017 12:19:28 -0200
-
linux-aws (4.4.0-1005.5) trusty; urgency=low
* linux-aws: 4.4.0-1005.5 -proposed tracker (LP: #1736182)
* Update config with NET_DSA=n as required by changes in
upstream stable update to 4.4.98 (LP: #1732698)
[ Ubuntu: 4.4.0-103.126 ]
* linux: 4.4.0-103.126 -proposed tracker (LP: #1736181)
* CVE-2017-1000405
- mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d()
* CVE-2017-16939
- netlink: add a start callback for starting a netlink dump
- ipsec: Fix aborted xfrm policy dump crash
[ Ubuntu: 4.4.0-102.125 ]
* linux: 4.4.0-102.125 -proposed tracker (LP: #1733541)
* tar -x sometimes fails on overlayfs (LP: #1728489)
- ovl: check if all layers are on the same fs
- ovl: persistent inode number for directories
* NVMe timeout is too short (LP: #1729119)
- nvme: update timeout module parameter type
* Set PANIC_TIMEOUT=10 on Power Systems (LP: #1730660)
- [Config]: Set PANIC_TIMEOUT=10 on ppc64el
* Cannot pair BLE remote devices when using combo BT SoC (LP: #1731467)
- Bluetooth: increase timeout for le auto connections
* CIFS errors on 4.4.0-98, but not on 4.4.0-97 with same config (LP: #1729337)
- SMB3: Validate negotiate request must always be signed
* Plantronics P610 does not support sample rate reading (LP: #1719853)
- ALSA: usb-audio: Add sample rate quirk for Plantronics P610
* Invalid btree pointer causes the kernel NULL pointer dereference
(LP: #1729256)
- xfs: reinit btree pointer on attr tree inactivation walk
* Samba mount/umount in docker container triggers kernel Oops (LP: #1729637)
- ipv6: only call ip6_route_dev_notify() once for NETDEV_UNREGISTER
- ipv6: fix NULL dereference in ip6_route_dev_notify()
* [kernel] tty/hvc: Use opal irqchip interface if available (LP: #1728098)
- tty/hvc: Use opal irqchip interface if available
* Device hotplugging with MPT SAS cannot work for VMWare ESXi (LP: #1730852)
- scsi: mptsas: Fixup device hotplug for VMWare ESXi
* NMI watchdog: BUG: soft lockup on Guest upon boot (KVM) (LP: #1727331)
- KVM: PPC: Book3S: Treat VTB as a per-subcore register, not per-thread
* Attempt to map rbd image from ceph jewel/luminous hangs (LP: #1728739)
- crush: ensure bucket id is valid before indexing buckets array
- crush: ensure take bucket value is valid
- crush: add chooseleaf_stable tunable
- crush: decode and initialize chooseleaf_stable
- libceph: advertise support for TUNABLES5
- libceph: MOSDOpReply v7 encoding
* Xenial update to 4.4.98 stable release (LP: #1732698)
- adv7604: Initialize drive strength to default when using DT
- video: fbdev: pmag-ba-fb: Remove bad `__init' annotation
- PCI: mvebu: Handle changes to the bridge windows while enabled
- xen/netback: set default upper limit of tx/rx queues to 8
- drm: drm_minor_register(): Clean up debugfs on failure
- KVM: PPC: Book 3S: XICS: correct the real mode ICP rejecting counter
- iommu/arm-smmu-v3: Clear prior settings when updating STEs
- powerpc/corenet: explicitly disable the SDHC controller on kmcoge4
- ARM: omap2plus_defconfig: Fix probe errors on UARTs 5 and 6
- crypto: vmx - disable preemption to enable vsx in aes_ctr.c
- iio: trigger: free trigger resource correctly
- phy: increase size of MII_BUS_ID_SIZE and bus_id
- serial: sh-sci: Fix register offsets for the IRDA serial port
- usb: hcd: initialize hcd->flags to 0 when rm hcd
- netfilter: nft_meta: deal with PACKET_LOOPBACK in netdev family
- IPsec: do not ignore crypto err in ah4 input
- Input: mpr121 - handle multiple bits change of status register
- Input: mpr121 - set missing event capability
- IB/ipoib: Change list_del to list_del_init in the tx object
- s390/qeth: issue STARTLAN as first IPA command
- (config) Add NET_DSA=n
- net: dsa: select NET_SWITCHDEV
- platform/x86: hp-wmi: Fix detection for dock and tablet mode
- cdc_ncm: Set NTB format again after altsetting switch for Huawei devices
- KEYS: trusted: sanitize all key material
- KEYS: trusted: fix writing past end of buffer in trusted_read()
- platform/x86: hp-wmi: Fix error value for hp_wmi_tablet_state
- platform/x86: hp-wmi: Do not shadow error values
- x86/uaccess, sched/preempt: Verify access_ok() context
- workqueue: Fix NULL pointer dereference
- crypto: x86/sha1-mb - fix panic due to unaligned access
- KEYS: fix NULL pointer dereference during ASN.1 parsing [ver #2]
- ARM: 8720/1: ensure dump_instr() checks addr_limit
- ALSA: seq: Fix OSS sysex delivery in OSS emulation
- ALSA: seq: Avoid invalid lockdep class warning
- MIPS: microMIPS: Fix incorrect mask in insn_table_MM
- MIPS: Fix CM region target definitions
- MIPS: SMP: Use a completion event to signal CPU up
- MIPS: Fix race on setting and getting cpu_online_mask
- MIPS: SMP: Fix deadlock & online race
- test: firmware_class: report errors properly on failure
- selftests: firmware: add empty string and async tests
- selftests: firmware: send expected errors to /dev/null
- tools: firmware: check for distro fallback udev cancel rule
- MIPS: AR7: Defer registration of GPIO
- MIPS: AR7: Ensure that serial ports are properly set up
- Input: elan_i2c - add ELAN060C to the ACPI table
- drm/vmwgfx: Fix Ubuntu 17.10 Wayland black screen issue
- rbd: use GFP_NOIO for parent stat and data requests
- can: sun4i: handle overrun in RX FIFO
- can: c_can: don't indicate triple sampling support for D_CAN
- x86/oprofile/ppro: Do not use __this_cpu*() in preemptible context
- PKCS#7: fix unitialized boolean 'want'
- Linux 4.4.98
* ELANTECH Touchpad is not detected in 'Lenovo Ideapad 320 14AST' after fresh
install (LP: #1727544)
- Input: elan_i2c - add ELAN060C to the ACPI table
* Xenial update to 4.4.97 stable release (LP: #1731915)
- ALSA: timer: Add missing mutex lock for compat ioctls
- ALSA: seq: Fix nested rwsem annotation for lockdep splat
- cifs: check MaxPathNameComponentLength != 0 before using it
- KEYS: return full count in keyring_read() if buffer is too small
- KEYS: fix out-of-bounds read during ASN.1 parsing
- ASoC: adau17x1: Workaround for noise bug in ADC
- arm64: ensure __dump_instr() checks addr_limit
- ARM: dts: mvebu: pl310-cache disable double-linefill
- ARM: 8715/1: add a private asm/unaligned.h
- ocfs2: fstrim: Fix start offset of first cluster group during fstrim
- perf tools: Fix build failure on perl script context
- drm/msm: Fix potential buffer overflow issue
- drm/msm: fix an integer overflow test
- tracing/samples: Fix creation and deletion of simple_thread_fn creation
- Fix tracing sample code warning.
- PM / wakeirq: report a wakeup_event on dedicated wekup irq
- mmc: s3cmci: include linux/interrupt.h for tasklet_struct
- ARM: pxa: Don't rely on public mmc header to include leds.h
- mfd: ab8500-sysctrl: Handle probe deferral
- mfd: axp20x: Fix axp288 PEK_DBR and PEK_DBF irqs being swapped
- staging: rtl8712u: Fix endian settings for structs describing network
packets
- ext4: fix stripe-unaligned allocations
- ext4: do not use stripe_width if it is not set
- i2c: riic: correctly finish transfers
- drm/amdgpu: when dpm disabled, also need to stop/start vce.
- perf tools: Only increase index if perf_evsel__new_idx() succeeds
- cx231xx: Fix I2C on Internal Master 3 Bus
- xen/manage: correct return value check on xenbus_scanf()
- scsi: aacraid: Process Error for response I/O
- platform/x86: intel_mid_thermal: Fix module autoload
- staging: lustre: llite: don't invoke direct_IO for the EOF case
- staging: lustre: hsm: stack overrun in hai_dump_data_field
- staging: lustre: ptlrpc: skip lock if export failed
- exynos4-is: fimc-is: Unmap region obtained by of_iomap()
- mei: return error on notification request to a disconnected client
- s390/dasd: check for device error pointer within state change interrupts
- bt8xx: fix memory leak
- xen: don't print error message in case of missing Xenstore entry
- staging: r8712u: Fix Sparse warning in rtl871x_xmit.c
- Linux 4.4.97
* Xenial update to 4.4.96 stable release (LP: #1731882)
- workqueue: replace pool->manager_arb mutex with a flag
- ALSA: hda/realtek - Add support for ALC236/ALC3204
- ALSA: hda - fix headset mic problem for Dell machines with alc236
- ceph: unlock dangling spinlock in try_flush_caps()
- usb: xhci: Handle error condition in xhci_stop_device()
- spi: uapi: spidev: add missing ioctl header
- fuse: fix READDIRPLUS skipping an entry
- xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap()
- Input: elan_i2c - add ELAN0611 to the ACPI table
- Input: gtco - fix potential out-of-bound access
- assoc_array: Fix a buggy node-splitting case
- scsi: zfcp: fix erp_action use-before-initialize in REC action trace
- scsi: sg: Re-fix off by one in sg_fill_request_table()
- can: sun4i: fix loopback mode
- can: kvaser_usb: Correct return value in printout
- can: kvaser_usb: Ignore CMD_FLUSH_QUEUE_REPLY messages
- regulator: fan53555: fix I2C device ids
- x86/microcode/intel: Disable late loading on model 79
- ecryptfs: fix dereference of NULL user_key_payload
- Revert "drm: bridge: add DT bindings for TI ths8135"
- Linux 4.4.96
* Touchpad not detected - Lenovo ideapad 320-15IKB (LP: #1723736)
- Input: elan_i2c - add ELAN0611 to the ACPI table
[ Ubuntu: 4.4.0-101.124 ]
* linux: 4.4.0-101.124 -proposed tracker (LP: #1731264)
* s390/mm: fix write access check in gup_huge_pmd() (LP: #1730596)
- s390/mm: fix write access check in gup_huge_pmd()
linux-aws (4.4.0-1004.4) trusty; urgency=low
* linux-aws: 4.4.0-1004.4 -proposed tracker (LP: #1732774)
* xen hibernation support for linux-aws (LP: #1732512)
- aws: [Config] disable SUSPEND
- aws: [Config] disable XEN_FBDEV_FRONTEND, INPUT_XEN_KBDDEV_FRONTEND
- xen: move xen_setup_runstate_info and get_runstate_snapshot to
drivers/xen/time.c
- xen/time: use READ_ONCE
- xen: add steal_clock support on x86
- xen: support runqueue steal time on xen
- xen: introduce xen_vcpu_id mapping
- x86/xen: use xen_vcpu_id mapping for HYPERVISOR_vcpu_op
- xen: add static initialization of steal_clock op to xen_time_ops
- x86/xen: update cpuid.h from Xen-4.7
- x86/acpi: store ACPI ids from MADT for future usage
- xen: update xen headers
- xen: change the type of xen_vcpu_id to uint32_t
- xen/blkfront: separate per ring information out of device info
- xen/blkfront: pseudo support for multi hardware queues/rings
- xen/blkfront: split per device io_lock
- xen/blkfront: negotiate number of queues/rings to be used with backend
- xen/blkfront: Cleanup of comments, fix unaligned variables, and syntax
errors.
- xen/blkfront: Remove duplicate setting of ->xbdev.
- xen/blkfront: make persistent grants pool per-queue
- xen/blkfront: correct setting for xen_blkif_max_ring_order
- xen/blkfront: realloc ring info in blkif_resume
- blk-mq: dynamic h/w context count
- xen-blkfront: save uncompleted reqs in blkfront_resume()
- xen-blkfront: fix places not updated after introducing 64KB page granularity
- blk-mq: mark request queue as mq asap
- blk-mq: Fix NULL pointer updating nr_requests
- xen-blkfront: fix resume issues after a migration
- xen-blkfront: introduce blkif_set_queue_limits()
- xen/pvhvm: run xen_vcpu_setup() for the boot CPU
- SAUCE: [aws] xen/manage: keep track of the on-going suspend mode
- SAUCE: [aws] xen/manage: introduce helper function to know the on-going
suspend mode
- SAUCE: [aws] xenbus: add freeze/thaw/restore callbacks support
- SAUCE: [aws] x86/xen: decouple shared_info mapping from
xen_hvm_init_shared_info()
- SAUCE: [aws] x86/xen: add system core suspend and resume callbacks
- SAUCE: [aws] xen/time: introduce xen_{save,restore}_steal_clock
- SAUCE: [aws] x86/xen: save and restore steal clock
- SAUCE: [aws] xen/events: add xen_shutdown_pirqs helper function
- SAUCE: [aws] x86/xen: close event channels for PIRQs in system core suspend
callback
- SAUCE: [aws] xen-netfront: add callbacks for PM suspend and hibernation
support
- SAUCE: [aws] xen-blkfront: add callbacks for PM suspend and hibernation
support
- SAUCE: [aws] x86/xen: handle CPU_UP_PREPARE_FROZEN for PM
suspend/hibernation
- SAUCE: [aws] xen-netfront: add longer default freeze timeout as a module
parameter
- SAUCE: [aws] PM / hibernate: update the resume offset on
SNAPSHOT_SET_SWAP_AREA
* Switch Vcs-Git: url to fully expanded form (LP: #1730648)
- [Config] Change Vcs-Git: URL to point to correct package
-- Kamal Mostafa <email address hidden> Mon, 04 Dec 2017 10:13:10 -0800
-
linux-aws (4.4.0-1003.3) trusty; urgency=low
* linux-aws: 4.4.0-1003.3 -proposed tracker (LP: #1729277)
* Remove vmbus-rdma driver from Xenial kernel (LP: #1721538)
- [config] update config for master changes
* NVMe timeout is too short (LP: #1729119)
- SAUCE: nvme: update timeout module parameter type
* update ENA driver to 1.3.0K from net-next (LP: #1727856)
- MAINTAINERS: change ENA driver maintainers email domain
- net: ena: Remove redundant unlikely()
- net: ena: reduce the severity of some printouts
- net: ena: fix rare kernel crash when bar memory remap fails
- net: ena: fix wrong max Tx/Rx queues on ethtool
- net: ena: improve ENA driver boot time.
- net: ena: remove legacy suspend suspend/resume support
- net: ena: add power management ops to the ENA driver
- net: ena: add statistics for missed tx packets
- net: ena: add new admin define for future support of IPv6 RSS
- net: ena: increase ena driver version to 1.3.0
* linux-aws needs module: nls_utf8 (LP: #1726493)
- [config] AWS: nls_utf8.ko moved to linux-image package
[ Ubuntu: 4.4.0-100.123 ]
* linux: 4.4.0-100.123 -proposed tracker (LP: #1729273)
* Xenial update to 4.4.95 stable release (LP: #1729107)
- USB: devio: Revert "USB: devio: Don't corrupt user memory"
- USB: core: fix out-of-bounds access bug in usb_get_bos_descriptor()
- USB: serial: metro-usb: add MS7820 device id
- usb: cdc_acm: Add quirk for Elatec TWN3
- usb: quirks: add quirk for WORLDE MINI MIDI keyboard
- usb: hub: Allow reset retry for USB2 devices on connect bounce
- ALSA: usb-audio: Add native DSD support for Pro-Ject Pre Box S2 Digital
- can: gs_usb: fix busy loop if no more TX context is available
- usb: musb: sunxi: Explicitly release USB PHY on exit
- usb: musb: Check for host-mode using is_host_active() on reset interrupt
- can: esd_usb2: Fix can_dlc value for received RTR, frames
- drm/nouveau/bsp/g92: disable by default
- drm/nouveau/mmu: flush tlbs before deleting page tables
- ALSA: seq: Enable 'use' locking in all configurations
- ALSA: hda: Remove superfluous '-' added by printk conversion
- i2c: ismt: Separate I2C block read from SMBus block read
- brcmsmac: make some local variables 'static const' to reduce stack size
- bus: mbus: fix window size calculation for 4GB windows
- clockevents/drivers/cs5535: Improve resilience to spurious interrupts
- rtlwifi: rtl8821ae: Fix connection lost problem
- KEYS: encrypted: fix dereference of NULL user_key_payload
- lib/digsig: fix dereference of NULL user_key_payload
- KEYS: don't let add_key() update an uninstantiated key
- pkcs7: Prevent NULL pointer dereference, since sinfo is not always set.
- parisc: Avoid trashing sr2 and sr3 in LWS code
- parisc: Fix double-word compare and exchange in LWS code on 32-bit kernels
- sched/autogroup: Fix autogroup_move_group() to never skip sched_move_task()
- f2fs crypto: replace some BUG_ON()'s with error checks
- f2fs crypto: add missing locking for keyring_key access
- fscrypt: fix dereference of NULL user_key_payload
- KEYS: Fix race between updating and finding a negative key
- fscrypto: require write access to mount to set encryption policy
- FS-Cache: fix dereference of NULL user_key_payload
- Linux 4.4.95
* Xenial update to 4.4.94 stable release (LP: #1729105)
- percpu: make this_cpu_generic_read() atomic w.r.t. interrupts
- drm/dp/mst: save vcpi with payloads
- MIPS: Fix minimum alignment requirement of IRQ stack
- sctp: potential read out of bounds in sctp_ulpevent_type_enabled()
- bpf/verifier: reject BPF_ALU64|BPF_END
- udpv6: Fix the checksum computation when HW checksum does not apply
- ip6_gre: skb_push ipv6hdr before packing the header in ip6gre_header
- net: emac: Fix napi poll list corruption
- packet: hold bind lock when rebinding to fanout hook
- bpf: one perf event close won't free bpf program attached by another perf
event
- isdn/i4l: fetch the ppp_write buffer in one shot
- vti: fix use after free in vti_tunnel_xmit/vti6_tnl_xmit
- l2tp: Avoid schedule while atomic in exit_net
- l2tp: fix race condition in l2tp_tunnel_delete
- tun: bail out from tun_get_user() if the skb is empty
- packet: in packet_do_bind, test fanout with bind_lock held
- packet: only test po->has_vnet_hdr once in packet_snd
- net: Set sk_prot_creator when cloning sockets to the right proto
- tipc: use only positive error codes in messages
- Revert "bsg-lib: don't free job in bsg_prepare_job"
- locking/lockdep: Add nest_lock integrity test
- watchdog: kempld: fix gcc-4.3 build
- irqchip/crossbar: Fix incorrect type of local variables
- mac80211_hwsim: check HWSIM_ATTR_RADIO_NAME length
- mac80211: fix power saving clients handling in iwlwifi
- net/mlx4_en: fix overflow in mlx4_en_init_timestamp()
- netfilter: nf_ct_expect: Change __nf_ct_expect_check() return value.
- iio: adc: xilinx: Fix error handling
- Btrfs: send, fix failure to rename top level inode due to name collision
- f2fs: do not wait for writeback in write_begin
- md/linear: shutup lockdep warnning
- sparc64: Migrate hvcons irq to panicked cpu
- net/mlx4_core: Fix VF overwrite of module param which disables DMFS on new
probed PFs
- crypto: xts - Add ECB dependency
- ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock
- slub: do not merge cache if slub_debug contains a never-merge flag
- scsi: scsi_dh_emc: return success in clariion_std_inquiry()
- net: mvpp2: release reference to txq_cpu[] entry after unmapping
- i2c: at91: ensure state is restored after suspending
- ceph: clean up unsafe d_parent accesses in build_dentry_path
- uapi: fix linux/rds.h userspace compilation errors
- uapi: fix linux/mroute6.h userspace compilation errors
- target/iscsi: Fix unsolicited data seq_end_offset calculation
- nfsd/callback: Cleanup callback cred on shutdown
- cpufreq: CPPC: add ACPI_PROCESSOR dependency
- Revert "tty: goldfish: Fix a parameter of a call to free_irq"
- Linux 4.4.94
[ Ubuntu: 4.4.0-99.122 ]
* linux: 4.4.0-99.122 -proposed tracker (LP: #1728945)
* Remove vmbus-rdma driver from Xenial kernel (LP: #1721538)
- SAUCE: remove hv_network_direct driver
- [Config]: Remove hv_network_direct driver
* usb 3-1: 2:1: cannot get freq at ep 0x1 (LP: #1708499)
- ALSA: usb-audio: Add sample rate quirk for Plantronics C310/C520-M
* Plantronics Blackwire C520-M - Cannot get freq at ep 0x1, 0x81
(LP: #1709282)
- ALSA: usb-audio: Add sample rate quirk for Plantronics C310/C520-M
* wait-for-root fails to detect nbd root (LP: #696435)
- nbd: Create size change events for userspace
* Fix OpenNSL GPL bugs found by CoverityScan static analysis (LP: #1718388)
- SAUCE: opennsl: bcm-knet: check for null sinfo to avoid a null pointer
dereference
- SAUCE: opennsl: bcm-knet: remove redundant null checks on dev->name
- SAUCE: opennsl: bde: check for out-of-bounds index io.dev
* HID: multitouch: Correct ALPS PTP Stick and Touchpad devices ID
(LP: #1722719)
- Revert "HID: multitouch: Support ALPS PTP stick with pid 0x120A"
* Xenial update to 4.4.93 stable release (LP: #1724836)
- brcmfmac: add length check in brcmf_cfg80211_escan_handler()
- ext4: in ext4_seek_{hole,data}, return -ENXIO for negative offsets
- CIFS: Reconnect expired SMB sessions
- nl80211: Define policy for packet pattern attributes
- iwlwifi: mvm: use IWL_HCMD_NOCOPY for MCAST_FILTER_CMD
- rcu: Allow for page faults in NMI handlers
- USB: dummy-hcd: Fix deadlock caused by disconnect detection
- MIPS: math-emu: Remove pr_err() calls from fpu_emu()
- dmaengine: edma: Align the memcpy acnt array size with the transfer
- HID: usbhid: fix out-of-bounds bug
- crypto: shash - Fix zero-length shash ahash digest crash
- KVM: nVMX: fix guest CR4 loading when emulating L2 to L1 exit
- usb: renesas_usbhs: Fix DMAC sequence for receiving zero-length packet
- iommu/amd: Finish TLB flush in amd_iommu_unmap()
- ALSA: usb-audio: Kill stray URB at exiting
- ALSA: seq: Fix use-after-free at creating a port
- ALSA: seq: Fix copy_from_user() call inside lock
- ALSA: caiaq: Fix stray URB at probe error path
- ALSA: line6: Fix leftover URB at error-path during probe
- usb: gadget: composite: Fix use-after-free in
usb_composite_overwrite_options
- direct-io: Prevent NULL pointer access in submit_page_section
- fix unbalanced page refcounting in bio_map_user_iov
- USB: serial: ftdi_sio: add id for Cypress WICED dev board
- USB: serial: cp210x: add support for ELV TFD500
- USB: serial: option: add support for TP-Link LTE module
- Revert "UBUNTU: SAUCE: USB: serial: qcserial: add Dell DW5818, DW5819"
- USB: serial: qcserial: add Dell DW5818, DW5819
- USB: serial: console: fix use-after-free after failed setup
- x86/alternatives: Fix alt_max_short macro to really be a max()
- Linux 4.4.93
* NULL pointer dereference in tty_write() in kernel 4.4.0-93.116+
(LP: #1721065)
- tty: Prepare for destroying line discipline on hangup
* Xenial update to 4.4.92 stable release (LP: #1724783)
- usb: gadget: inode.c: fix unbalanced spin_lock in ep0_write
- USB: gadgetfs: Fix crash caused by inadequate synchronization
- USB: gadgetfs: fix copy_to_user while holding spinlock
- usb: gadget: udc: atmel: set vbus irqflags explicitly
- usb-storage: unusual_devs entry to fix write-access regression for Seagate
external drives
- usb: renesas_usbhs: fix the BCLR setting condition for non-DCP pipe
- usb: renesas_usbhs: fix usbhsf_fifo_clear() for RX direction
- ALSA: usb-audio: Check out-of-bounds access by corrupted buffer descriptor
- usb: pci-quirks.c: Corrected timeout values used in handshake
- USB: dummy-hcd: fix connection failures (wrong speed)
- USB: dummy-hcd: fix infinite-loop resubmission bug
- USB: dummy-hcd: Fix erroneous synchronization change
- USB: devio: Don't corrupt user memory
- usb: gadget: mass_storage: set msg_registered after msg registered
- USB: g_mass_storage: Fix deadlock when driver is unbound
- lsm: fix smack_inode_removexattr and xattr_getsecurity memleak
- ALSA: compress: Remove unused variable
- ALSA: usx2y: Suppress kernel warning at page allocation failures
- driver core: platform: Don't read past the end of "driver_override" buffer
- Drivers: hv: fcopy: restore correct transfer length
- stm class: Fix a use-after-free
- ftrace: Fix kmemleak in unregister_ftrace_graph
- HID: i2c-hid: allocate hid buffers for real worst case
- iwlwifi: add workaround to disable wide channels in 5GHz
- scsi: sd: Do not override max_sectors_kb sysfs setting
- USB: uas: fix bug in handling of alternate settings
- USB: core: harden cdc_parse_cdc_header
- usb: Increase quirk delay for USB devices
- USB: fix out-of-bounds in usb_set_configuration
- xhci: fix finding correct bus_state structure for USB 3.1 hosts
- iio: adc: twl4030: Fix an error handling path in 'twl4030_madc_probe()'
- iio: adc: twl4030: Disable the vusb3v1 rugulator in the error handling path
of 'twl4030_madc_probe()'
- iio: ad_sigma_delta: Implement a dedicated reset function
- staging: iio: ad7192: Fix - use the dedicated reset function avoiding dma
from stack.
- iio: core: Return error for failed read_reg
- iio: ad7793: Fix the serial interface reset
- iio: adc: mcp320x: Fix readout of negative voltages
- iio: adc: mcp320x: Fix oops on module unload
- uwb: properly check kthread_run return value
- uwb: ensure that endpoint is interrupt
- brcmfmac: setup passive scan if requested by user-space
- drm/i915/bios: ignore HDMI on port A
- sched/cpuset/pm: Fix cpuset vs. suspend-resume bugs
- ext4: fix data corruption for mmap writes
- ext4: Don't clear SGID when inheriting ACLs
- ext4: don't allow encrypted operations without keys
- Linux 4.4.92
* Xenial update to 4.4.91 stable release (LP: #1724772)
- drm_fourcc: Fix DRM_FORMAT_MOD_LINEAR #define
- drm: bridge: add DT bindings for TI ths8135
- GFS2: Fix reference to ERR_PTR in gfs2_glock_iter_next
- RDS: RDMA: Fix the composite message user notification
- ARM: dts: r8a7790: Use R-Car Gen 2 fallback binding for msiof nodes
- MIPS: Ensure bss section ends on a long-aligned address
- MIPS: ralink: Fix incorrect assignment on ralink_soc
- igb: re-assign hw address pointer on reset after PCI error
- extcon: axp288: Use vbus-valid instead of -present to determine cable
presence
- sh_eth: use correct name for ECMR_MPDE bit
- hwmon: (gl520sm) Fix overflows and crash seen when writing into limit
attributes
- iio: adc: axp288: Drop bogus AXP288_ADC_TS_PIN_CTRL register modifications
- iio: adc: hx711: Add DT binding for avia,hx711
- ARM: 8635/1: nommu: allow enabling REMAP_VECTORS_TO_RAM
- tty: goldfish: Fix a parameter of a call to free_irq
- IB/ipoib: Fix deadlock over vlan_mutex
- IB/ipoib: rtnl_unlock can not come after free_netdev
- IB/ipoib: Replace list_del of the neigh->list with list_del_init
- drm/amdkfd: fix improper return value on error
- USB: serial: mos7720: fix control-message error handling
- USB: serial: mos7840: fix control-message error handling
- partitions/efi: Fix integer overflow in GPT size calculation
- ASoC: dapm: handle probe deferrals
- audit: log 32-bit socketcalls
- usb: chipidea: vbus event may exist before starting gadget
- ASoC: dapm: fix some pointer error handling
- MIPS: Lantiq: Fix another request_mem_region() return code check
- net: core: Prevent from dereferencing null pointer when releasing SKB
- net/packet: check length in getsockopt() called with PACKET_HDRLEN
- team: fix memory leaks
- usb: plusb: Add support for PL-27A1
- mmc: sdio: fix alignment issue in struct sdio_func
- bridge: netlink: register netdevice before executing changelink
- netfilter: invoke synchronize_rcu after set the _hook_ to NULL
- MIPS: IRQ Stack: Unwind IRQ stack onto task stack
- exynos-gsc: Do not swap cb/cr for semi planar formats
- netfilter: nfnl_cthelper: fix incorrect helper->expect_class_max
- parisc: perf: Fix potential NULL pointer dereference
- iommu/io-pgtable-arm: Check for leaf entry before dereferencing it
- rds: ib: add error handle
- md/raid10: submit bio directly to replacement disk
- i2c: meson: fix wrong variable usage in meson_i2c_put_data
- xfs: remove kmem_zalloc_greedy
- libata: transport: Remove circular dependency at free time
- drivers: firmware: psci: drop duplicate const from psci_of_match
- IB/qib: fix false-postive maybe-uninitialized warning
- ARM: remove duplicate 'const' annotations'
- ALSA: au88x0: avoid theoretical uninitialized access
- ttpci: address stringop overflow warning
- Linux 4.4.91
-- Kleber Sacilotto de Souza <email address hidden> Fri, 03 Nov 2017 17:52:28 +0100
-
linux-aws (4.4.0-1002.2) trusty; urgency=low
* linux-aws: 4.4.0-1002.2 -proposed tracker (LP: #1722302)
* Include Broadcom GPL modules in Xenial Kernel (LP: #1665783)
- [config] AWS: updateconfigs following rebase to master
* Backport more recent Broadcom bnxt_en driver (LP: #1711056)
- [config] AWS: updateconfigs following rebase to master
[ Kamal Mostafa ]
* linux-aws needs drbd.ko (LP: #1715725)
- [config] AWS: drbd.ko moved to linux-image package
[ Ubuntu: 4.4.0-98.121 ]
* linux: 4.4.0-98.121 -proposed tracker (LP: #1722299)
* Controller lockup detected on ProLiant DL380 Gen9 with P440 Controller
(LP: #1720359)
- scsi: hpsa: limit transfer length to 1MB
* [Dell Docking IE][0bda:8153] Realtek USB Ethernet leads to system hang
(LP: #1720977)
- r8152: fix the list rx_done may be used without initialization
* Add installer support for Broadcom BCM573xx network drivers. (LP: #1720466)
- d-i: Add bnxt_en to nic-modules.
* snapcraft.yaml: add dpkg-dev to the build deps (LP: #1718886)
- snapcraft.yaml: add dpkg-dev to the build deps
* Support setting I2C_TIMEOUT via ioctl for i2c-designware (LP: #1718578)
- i2c: designware: Use transfer timeout from ioctl I2C_TIMEOUT
* 5U84 - ses driver isn't binding right - cannot blink lights on 1 of the 2
5u84 (LP: #1693369)
- scsi_transport_sas: add function to get SAS endpoint address
- ses: fix discovery of SATA devices in SAS enclosures
- scsi: sas: provide stub implementation for scsi_is_sas_rphy
- scsi: ses: Fix SAS device detection in enclosure
* multipath -ll is not showing the disks which are actually multipath
(LP: #1718397)
- fs: aio: fix the increment of aio-nr and counting against aio-max-nr
* Support Dell Wireless DW5819/5818 WWAN devices (LP: #1721455)
- SAUCE: USB: serial: qcserial: add Dell DW5818, DW5819
* CVE-2017-10911
- xen-blkback: don't leak stack data via response ring
* implement 'complain mode' in seccomp for developer mode with snaps
(LP: #1567597)
- seccomp: Provide matching filter for introspection
- seccomp: Sysctl to display available actions
- seccomp: Operation for checking if an action is available
- seccomp: Sysctl to configure actions that are allowed to be logged
- seccomp: Selftest for detection of filter flag support
- seccomp: Action to log before allowing
* implement errno action logging in seccomp for strict mode with snaps
(LP: #1721676)
- seccomp: Provide matching filter for introspection
- seccomp: Sysctl to display available actions
- seccomp: Operation for checking if an action is available
- seccomp: Sysctl to configure actions that are allowed to be logged
- seccomp: Selftest for detection of filter flag support
- seccomp: Filter flag to log all actions except SECCOMP_RET_ALLOW
* [Xenial] update OpenNSL kernel modules to 6.5.10 (LP: #1721511)
- SAUCE: update OpenNSL kernel modules to 6.5.10
* Xenial update to 4.4.90 stable release (LP: #1721550)
- cifs: release auth_key.response for reconnect.
- mac80211: flush hw_roc_start work before cancelling the ROC
- KVM: PPC: Book3S: Fix race and leak in kvm_vm_ioctl_create_spapr_tce()
- tracing: Fix trace_pipe behavior for instance traces
- tracing: Erase irqsoff trace with empty write
- md/raid5: fix a race condition in stripe batch
- md/raid5: preserve STRIPE_ON_UNPLUG_LIST in break_stripe_batch_list
- scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't parse
nlmsg properly
- crypto: talitos - Don't provide setkey for non hmac hashing algs.
- crypto: talitos - fix sha224
- KEYS: fix writing past end of user-supplied buffer in keyring_read()
- KEYS: prevent creating a different user's keyrings
- KEYS: prevent KEYCTL_READ on negative key
- powerpc/pseries: Fix parent_dn reference leak in add_dt_node()
- Fix SMB3.1.1 guest authentication to Samba
- SMB: Validate negotiate (to protect against downgrade) even if signing off
- SMB3: Don't ignore O_SYNC/O_DSYNC and O_DIRECT flags
- vfs: Return -ENXIO for negative SEEK_HOLE / SEEK_DATA offsets
- nl80211: check for the required netlink attributes presence
- bsg-lib: don't free job in bsg_prepare_job
- seccomp: fix the usage of get/put_seccomp_filter() in seccomp_get_filter()
- arm64: Make sure SPsel is always set
- arm64: fault: Route pte translation faults via do_translation_fault
- KVM: VMX: Do not BUG() on out-of-bounds guest IRQ
- kvm: nVMX: Don't allow L2 to access the hardware CR8
- PCI: Fix race condition with driver_override
- btrfs: fix NULL pointer dereference from free_reloc_roots()
- btrfs: propagate error to btrfs_cmp_data_prepare caller
- btrfs: prevent to set invalid default subvolid
- x86/fpu: Don't let userspace set bogus xcomp_bv
- gfs2: Fix debugfs glocks dump
- timer/sysclt: Restrict timer migration sysctl values to 0 and 1
- KVM: VMX: do not change SN bit in vmx_update_pi_irte()
- KVM: VMX: remove WARN_ON_ONCE in kvm_vcpu_trigger_posted_interrupt
- cxl: Fix driver use count
- dmaengine: mmp-pdma: add number of requestors
- ARM: pxa: add the number of DMA requestor lines
- ARM: pxa: fix the number of DMA requestor lines
- KVM: VMX: use cmpxchg64
- video: fbdev: aty: do not leak uninitialized padding in clk to userspace
- swiotlb-xen: implement xen_swiotlb_dma_mmap callback
- fix xen_swiotlb_dma_mmap prototype
- Linux 4.4.90
* Xenial update to 4.4.89 stable release (LP: #1721477)
- ipv6: accept 64k - 1 packet length in ip6_find_1stfragopt()
- ipv6: add rcu grace period before freeing fib6_node
- ipv6: fix sparse warning on rt6i_node
- qlge: avoid memcpy buffer overflow
- Revert "net: phy: Correctly process PHY_HALTED in phy_stop_machine()"
- Revert "net: use lib/percpu_counter API for fragmentation mem accounting"
- Revert "net: fix percpu memory leaks"
- gianfar: Fix Tx flow control deactivation
- ipv6: fix memory leak with multiple tables during netns destruction
- ipv6: fix typo in fib6_net_exit()
- f2fs: check hot_data for roll-forward recovery
- x86/fsgsbase/64: Report FSBASE and GSBASE correctly in core dumps
- md/raid5: release/flush io in raid5_do_work()
- nfsd: Fix general protection fault in release_lock_stateid()
- mm: prevent double decrease of nr_reserved_highatomic
- tty: improve tty_insert_flip_char() fast path
- tty: improve tty_insert_flip_char() slow path
- tty: fix __tty_insert_flip_char regression
- Input: i8042 - add Gigabyte P57 to the keyboard reset table
- MIPS: math-emu: <MAX|MAXA|MIN|MINA>.<D|S>: Fix quiet NaN propagation
- MIPS: math-emu: <MAX|MAXA|MIN|MINA>.<D|S>: Fix cases of both inputs zero
- MIPS: math-emu: <MAX|MIN>.<D|S>: Fix cases of both inputs negative
- MIPS: math-emu: <MAXA|MINA>.<D|S>: Fix cases of input values with opposite
signs
- MIPS: math-emu: <MAXA|MINA>.<D|S>: Fix cases of both infinite inputs
- MIPS: math-emu: MINA.<D|S>: Fix some cases of infinity and zero inputs
- crypto: AF_ALG - remove SGL terminator indicator when chaining
- ext4: fix incorrect quotaoff if the quota feature is enabled
- ext4: fix quota inconsistency during orphan cleanup for read-only mounts
- powerpc: Fix DAR reporting when alignment handler faults
- block: Relax a check in blk_start_queue()
- md/bitmap: disable bitmap_resize for file-backed bitmaps.
- skd: Avoid that module unloading triggers a use-after-free
- skd: Submit requests to firmware before triggering the doorbell
- scsi: zfcp: fix queuecommand for scsi_eh commands when DIX enabled
- scsi: zfcp: add handling for FCP_RESID_OVER to the fcp ingress path
- scsi: zfcp: fix capping of unsuccessful GPN_FT SAN response trace records
- scsi: zfcp: fix passing fsf_req to SCSI trace on TMF to correlate with HBA
- scsi: zfcp: fix missing trace records for early returns in TMF eh handlers
- scsi: zfcp: fix payload with full FCP_RSP IU in SCSI trace records
- scsi: zfcp: trace HBA FSF response by default on dismiss or timedout late
response
- scsi: zfcp: trace high part of "new" 64 bit SCSI LUN
- scsi: megaraid_sas: Check valid aen class range to avoid kernel panic
- scsi: megaraid_sas: Return pended IOCTLs with cmd_status
MFI_STAT_WRONG_STATE in case adapter is dead
- scsi: storvsc: fix memory leak on ring buffer busy
- scsi: sg: remove 'save_scat_len'
- scsi: sg: use standard lists for sg_requests
- scsi: sg: off by one in sg_ioctl()
- scsi: sg: factor out sg_fill_request_table()
- scsi: sg: fixup infoleak when using SG_GET_REQUEST_TABLE
- scsi: qla2xxx: Fix an integer overflow in sysfs code
- ftrace: Fix selftest goto location on error
- tracing: Apply trace_clock changes to instance max buffer
- ARC: Re-enable MMU upon Machine Check exception
- PCI: shpchp: Enable bridge bus mastering if MSI is enabled
- media: v4l2-compat-ioctl32: Fix timespec conversion
- media: uvcvideo: Prevent heap overflow when accessing mapped controls
- bcache: initialize dirty stripes in flash_dev_run()
- bcache: Fix leak of bdev reference
- bcache: do not subtract sectors_to_gc for bypassed IO
- bcache: correct cache_dirty_target in __update_writeback_rate()
- bcache: Correct return value for sysfs attach errors
- bcache: fix for gc and write-back race
- bcache: fix bch_hprint crash and improve output
- ftrace: Fix memleak when unregistering dynamic ops when tracing disabled
- Linux 4.4.89
* ETPS/2 Elantech Touchpad inconsistently detected (Gigabyte P57W laptop)
(LP: #1594214)
- Input: i8042 - add Gigabyte P57 to the keyboard reset table
* Xenial update to 4.4.88 stable release (LP: #1718195)
- usb: quirks: add delay init quirk for Corsair Strafe RGB keyboard
- USB: serial: option: add support for D-Link DWM-157 C1
- usb: Add device quirk for Logitech HD Pro Webcam C920-C
- usb:xhci:Fix regression when ATI chipsets detected
- USB: core: Avoid race of async_completed() w/ usbdev_release()
- staging/rts5208: fix incorrect shift to extract upper nybble
- driver core: bus: Fix a potential double free
- intel_th: pci: Add Cannon Lake PCH-H support
- intel_th: pci: Add Cannon Lake PCH-LP support
- ath10k: fix memory leak in rx ring buffer allocation
- rtlwifi: rtl_pci_probe: Fix fail path of _rtl_pci_find_adapter
- Bluetooth: Add support of 13d3:3494 RTL8723BE device
- dlm: avoid double-free on error path in dlm_device_{register,unregister}
- mwifiex: correct channel stat buffer overflows
- drm/nouveau/pci/msi: disable MSI on big-endian platforms by default
- workqueue: Fix flag collision
- cs5536: add support for IDE controller variant
- scsi: sg: protect against races between mmap() and SG_SET_RESERVED_SIZE
- scsi: sg: recheck MMAP_IO request length with lock held
- drm: adv7511: really enable interrupts for EDID detection
- drm/bridge: adv7511: Fix mutex deadlock when interrupts are disabled
- drm/bridge: adv7511: Use work_struct to defer hotplug handing to out of irq
context
- drm/bridge: adv7511: Switch to using drm_kms_helper_hotplug_event()
- drm/bridge: adv7511: Re-write the i2c address before EDID probing
- btrfs: resume qgroup rescan on rw remount
- locktorture: Fix potential memory leak with rw lock test
- ALSA: msnd: Optimize / harden DSP and MIDI loops
- ARM: 8692/1: mm: abort uaccess retries upon fatal signal
- NFS: Fix 2 use after free issues in the I/O code
- xfs: XFS_IS_REALTIME_INODE() should be false if no rt device present
- Linux 4.4.88
* Kernel has troule recognizing Corsair Strafe RGB keyboard (LP: #1678477)
- usb: quirks: add delay init quirk for Corsair Strafe RGB keyboard
[ Ubuntu: 4.4.0-97.120 ]
* linux: 4.4.0-97.120 -proposed tracker (LP: #1718149)
* blk-mq: possible deadlock on CPU hot(un)plug (LP: #1670634)
- [Config] s390x -- disable CONFIG_{DM, SCSI}_MQ_DEFAULT
* Xenial update to 4.4.87 stable release (LP: #1715678)
- irqchip: mips-gic: SYNC after enabling GIC region
- i2c: ismt: Don't duplicate the receive length for block reads
- i2c: ismt: Return EMSGSIZE for block reads with bogus length
- ceph: fix readpage from fscache
- cpumask: fix spurious cpumask_of_node() on non-NUMA multi-node configs
- cpuset: Fix incorrect memory_pressure control file mapping
- alpha: uapi: Add support for __SANE_USERSPACE_TYPES__
- CIFS: remove endian related sparse warning
- wl1251: add a missing spin_lock_init()
- xfrm: policy: check policy direction value
- drm/ttm: Fix accounting error when fail to get pages for pool
- kvm: arm/arm64: Fix race in resetting stage2 PGD
- kvm: arm/arm64: Force reading uncached stage2 PGD
- epoll: fix race between ep_poll_callback(POLLFREE) and ep_free()/ep_remove()
- crypto: algif_skcipher - only call put_page on referenced and used pages
- Linux 4.4.87
* Xenial update to 4.4.86 stable release (LP: #1715430)
- scsi: isci: avoid array subscript warning
- ALSA: au88x0: Fix zero clear of stream->resources
- btrfs: remove duplicate const specifier
- i2c: jz4780: drop superfluous init
- gcov: add support for gcc version >= 6
- gcov: support GCC 7.1
- lightnvm: initialize ppa_addr in dev_to_generic_addr()
- p54: memset(0) whole array
- lpfc: Fix Device discovery failures during switch reboot test.
- arm64: mm: abort uaccess retries upon fatal signal
- x86/io: Add "memory" clobber to insb/insw/insl/outsb/outsw/outsl
- arm64: fpsimd: Prevent registers leaking across exec
- scsi: sg: protect accesses to 'reserved' page array
- scsi: sg: reset 'res_in_use' after unlinking reserved array
- drm/i915: fix compiler warning in drivers/gpu/drm/i915/intel_uncore.c
- Linux 4.4.86
* Xenial update to 4.4.85 stable release (LP: #1714298)
- af_key: do not use GFP_KERNEL in atomic contexts
- dccp: purge write queue in dccp_destroy_sock()
- dccp: defer ccid_hc_tx_delete() at dismantle time
- ipv4: fix NULL dereference in free_fib_info_rcu()
- net_sched/sfq: update hierarchical backlog when drop packet
- ipv4: better IP_MAX_MTU enforcement
- sctp: fully initialize the IPv6 address in sctp_v6_to_addr()
- tipc: fix use-after-free
- ipv6: reset fn->rr_ptr when replacing route
- ipv6: repair fib6 tree in failure case
- tcp: when rearming RTO, if RTO time is in past then fire RTO ASAP
- irda: do not leak initialized list.dev to userspace
- net: sched: fix NULL pointer dereference when action calls some targets
- net_sched: fix order of queue length updates in qdisc_replace()
- mei: me: add broxton pci device ids
- mei: me: add lewisburg device ids
- Input: trackpoint - add new trackpoint firmware ID
- Input: elan_i2c - add ELAN0602 ACPI ID to support Lenovo Yoga310
- ALSA: core: Fix unexpected error at replacing user TLV
- ALSA: hda - Add stereo mic quirk for Lenovo G50-70 (17aa:3978)
- ARCv2: PAE40: Explicitly set MSB counterpart of SLC region ops addresses
- i2c: designware: Fix system suspend
- drm: Release driver tracking before making the object available again
- drm/atomic: If the atomic check fails, return its value first
- drm: rcar-du: lvds: Fix PLL frequency-related configuration
- drm: rcar-du: lvds: Rename PLLEN bit to PLLON
- drm: rcar-du: Fix crash in encoder failure error path
- drm: rcar-du: Fix display timing controller parameter
- drm: rcar-du: Fix H/V sync signal polarity configuration
- tracing: Fix freeing of filter in create_filter() when set_str is false
- cifs: Fix df output for users with quota limits
- cifs: return ENAMETOOLONG for overlong names in cifs_open()/cifs_lookup()
- nfsd: Limit end of page list when decoding NFSv4 WRITE
- perf/core: Fix group {cpu,task} validation
- Bluetooth: hidp: fix possible might sleep error in hidp_session_thread
- Bluetooth: cmtp: fix possible might sleep error in cmtp_session
- Bluetooth: bnep: fix possible might sleep error in bnep_session
- binder: use group leader instead of open thread
- binder: Use wake up hint for synchronous transactions.
- ANDROID: binder: fix proc->tsk check.
- iio: imu: adis16480: Fix acceleration scale factor for adis16480
- iio: hid-sensor-trigger: Fix the race with user space powering up sensors
- staging: rtl8188eu: add RNX-N150NUB support
- ASoC: simple-card: don't fail if sysclk setting is not supported
- ASoC: rsnd: disable SRC.out only when stop timing
- ASoC: rsnd: avoid pointless loop in rsnd_mod_interrupt()
- ASoC: rsnd: Add missing initialization of ADG req_rate
- ASoC: rsnd: ssi: 24bit data needs right-aligned settings
- ASoC: rsnd: don't call update callback if it was NULL
- ntb_transport: fix qp count bug
- ntb_transport: fix bug calculating num_qps_mw
- ACPI: ioapic: Clear on-stack resource before using it
- ACPI / APEI: Add missing synchronize_rcu() on NOTIFY_SCI removal
- Linux 4.4.85
* Xenial update to 4.4.84 stable release (LP: #1713729)
- audit: Fix use after free in audit_remove_watch_rule()
- parisc: pci memory bar assignment fails with 64bit kernels on dino/cujo
- crypto: x86/sha1 - Fix reads beyond the number of blocks passed
- Input: elan_i2c - Add antoher Lenovo ACPI ID for upcoming Lenovo NB
- ALSA: seq: 2nd attempt at fixing race creating a queue
- Revert "UBUNTU: SAUCE: (no-up) ALSA: usb-audio: Add quirk for sennheiser
officerunner"
- ALSA: usb-audio: Apply sample rate quirk to Sennheiser headset
- ALSA: usb-audio: Add mute TLV for playback volumes on C-Media devices
- mm/mempolicy: fix use after free when calling get_mempolicy
- xen: fix bio vec merging
- x86/asm/64: Clear AC on NMI entries
- irqchip/atmel-aic: Fix unbalanced of_node_put() in aic_common_irq_fixup()
- irqchip/atmel-aic: Fix unbalanced refcount in aic_common_rtc_irq_fixup()
- Sanitize 'move_pages()' permission checks
- pids: make task_tgid_nr_ns() safe
- perf/x86: Fix LBR related crashes on Intel Atom
- usb: optimize acpi companion search for usb port devices
- usb: qmi_wwan: add D-Link DWM-222 device ID
- Linux 4.4.84
* Intel i40e PF reset due to incorrect MDD detection (LP: #1713553)
- i40e: Limit TX descriptor count in cases where frag size is greater than 16K
* Neighbour confirmation broken, breaks ARP cache aging (LP: #1715812)
- sock: add sk_dst_pending_confirm flag
- net: add dst_pending_confirm flag to skbuff
- sctp: add dst_pending_confirm flag
- tcp: replace dst_confirm with sk_dst_confirm
- net: add confirm_neigh method to dst_ops
- net: use dst_confirm_neigh for UDP, RAW, ICMP, L2TP
- net: pending_confirm is not used anymore
* CVE-2017-14106
- tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0
* [CIFS] Fix maximum SMB2 header size (LP: #1713884)
- CIFS: Fix maximum SMB2 header size
* Middle button of trackpoint doesn't work (LP: #1715271)
- Input: trackpoint - assume 3 buttons when buttons detection fails
* kernel BUG at /build/linux-lts-xenial-_hWfOZ/linux-lts-
xenial-4.4.0/security/apparmor/include/context.h:69! (LP: #1626984)
- SAUCE: fix oops when disabled and module parameters, are accessed
* Touchpad not detected (LP: #1708852)
- Input: elan_i2c - add ELAN0608 to the ACPI table
[ Ubuntu: 4.4.0-96.119 ]
* linux: 4.4.0-96.119 -proposed tracker (LP: #1716613)
* kernel panic -not syncing: Fatal exception: panic_on_oops (LP: #1708399)
- s390/mm: no local TLB flush for clearing-by-ASCE IDTE
- SAUCE: s390/mm: fix local TLB flushing vs. detach of an mm address space
- SAUCE: s390/mm: fix race on mm->context.flush_mm
* CVE-2017-1000251
- Bluetooth: Properly check L2CAP config option output buffer length
[ Ubuntu: 4.4.0-95.118 ]
* linux: 4.4.0-95.118 -proposed tracker (LP: #1715651)
* Xenial update to 4.4.78 stable release broke Address Sanitizer
(LP: #1715636)
- mm: revert x86_64 and arm64 ELF_ET_DYN_BASE base changes
[ Ubuntu: 4.4.0-94.117 ]
* linux: 4.4.0-94.117 -proposed tracker (LP: #1713462)
* mwifiex causes kernel oops when AP mode is enabled (LP: #1712746)
- SAUCE: net/wireless: do not dereference invalid pointer
- SAUCE: mwifiex: do not dereference invalid pointer
* Backport more recent Broadcom bnxt_en driver (LP: #1711056)
- SAUCE: bnxt_en_bpo: Import bnxt_en driver version 1.8.1
- SAUCE: bnxt_en_bpo: Drop distro out-of-tree detection logic
- SAUCE: bnxt_en_bpo: Remove unnecessary compile flags
- SAUCE: bnxt_en_bpo: Move config settings to Kconfig
- SAUCE: bnxt_en_bpo: Remove PCI_IDs handled by the regular driver
- SAUCE: bnxt_en_bpo: Rename the backport driver to bnxt_en_bpo
- bnxt_en_bpo: [Config] Enable CONFIG_BNXT_BPO=m
* HID: multitouch: Support ALPS PTP Stick and Touchpad devices (LP: #1712481)
- HID: multitouch: Support PTP Stick and Touchpad device
- SAUCE: HID: multitouch: Support ALPS PTP stick with pid 0x120A
* igb: Support using Broadcom 54616 as PHY (LP: #1712024)
- SAUCE: igb: add support for using Broadcom 54616 as PHY
* IPR driver causes multipath to fail paths/stuck IO on Medium Errors
(LP: #1682644)
- scsi: ipr: do not set DID_PASSTHROUGH on CHECK CONDITION
* accessing /dev/hvc1 with stress-ng on Ubuntu xenial causes crash
(LP: #1711401)
- tty/hvc: Use IRQF_SHARED for OPAL hvc consoles
* memory-hotplug test needs to be fixed (LP: #1710868)
- selftests: typo correction for memory-hotplug test
- selftests: check hot-pluggagble memory for memory-hotplug test
- selftests: check percentage range for memory-hotplug test
- selftests: add missing test name in memory-hotplug test
- selftests: fix memory-hotplug test
* HP lt4132 LTE/HSPA+ 4G Module (03f0:a31d) does not work (LP: #1707643)
- net: cdc_mbim: apply "NDP to end" quirk to HP lt4132
* Migrating KSM page causes the VM lock up as the KSM page merging list is too
large (LP: #1680513)
- ksm: introduce ksm_max_page_sharing per page deduplication limit
- ksm: fix use after free with merge_across_nodes = 0
- ksm: cleanup stable_node chain collapse case
- ksm: swap the two output parameters of chain/chain_prune
- ksm: optimize refile of stable_node_dup at the head of the chain
* sort ABI files with C.UTF-8 locale (LP: #1712345)
- [Packaging] sort ABI files with C.UTF-8 locale
* Include Broadcom GPL modules in Xenial Kernel (LP: #1665783)
- [Config] OpenNSL Kconfig/Makefile
- Import OpenNSL v3.1.0.17
- [Config] CONFIG_OPENNSL=y for amd64
- OpenNSL: Enable Kconfig and build
- SAUCE: opennsl: add proper CFLAGS
* Xenial update to 4.4.83 stable release (LP: #1711557)
- cpuset: fix a deadlock due to incomplete patching of cpusets_enabled()
- mm: ratelimit PFNs busy info message
- iscsi-target: fix memory leak in iscsit_setup_text_cmd()
- iscsi-target: Fix iscsi_np reset hung task during parallel delete
- fuse: initialize the flock flag in fuse_file on allocation
- nfs/flexfiles: fix leak of nfs4_ff_ds_version arrays
- USB: serial: option: add D-Link DWM-222 device ID
- USB: serial: cp210x: add support for Qivicon USB ZigBee dongle
- USB: serial: pl2303: add new ATEN device id
- usb: musb: fix tx fifo flush handling again
- USB: hcd: Mark secondary HCD as dead if the primary one died
- staging:iio:resolver:ad2s1210 fix negative IIO_ANGL_VEL read
- iio: accel: bmc150: Always restore device to normal mode after suspend-
resume
- iio: light: tsl2563: use correct event code
- uas: Add US_FL_IGNORE_RESIDUE for Initio Corporation INIC-3069
- USB: Check for dropped connection before switching to full speed
- usb: core: unlink urbs from the tail of the endpoint's urb_list
- usb: quirks: Add no-lpm quirk for Moshi USB to Ethernet Adapter
- usb:xhci:Add quirk for Certain failing HP keyboard on reset after resume
- iio: adc: vf610_adc: Fix VALT selection value for REFSEL bits
- pnfs/blocklayout: require 64-bit sector_t
- pinctrl: sunxi: add a missing function of A10/A20 pinctrl driver
- pinctrl: samsung: Remove bogus irq_[un]mask from resource management
- Linux 4.4.83
* Xenial update to 4.4.82 stable release (LP: #1711535)
- tcp: avoid setting cwnd to invalid ssthresh after cwnd reduction states
- net: fix keepalive code vs TCP_FASTOPEN_CONNECT
- bpf, s390: fix jit branch offset related to ldimm64
- net: sched: set xt_tgchk_param par.nft_compat as 0 in ipt_init_target
- tcp: fastopen: tcp_connect() must refresh the route
- net: avoid skb_warn_bad_offload false positives on UFO
- sparc64: Prevent perf from running during super critical sections
- KVM: arm/arm64: Handle hva aging while destroying the vm
- mm/mempool: avoid KASAN marking mempool poison checks as use-after-free
- Linux 4.4.82
* Xenial update to 4.4.81 stable release (LP: #1711526)
- libata: array underflow in ata_find_dev()
- workqueue: restore WQ_UNBOUND/max_active==1 to be ordered
- ALSA: hda - Fix speaker output from VAIO VPCL14M1R
- ASoC: do not close shared backend dailink
- KVM: async_pf: make rcu irq exit if not triggered from idle task
- mm/page_alloc: Remove kernel address exposure in free_reserved_area()
- ext4: fix SEEK_HOLE/SEEK_DATA for blocksize < pagesize
- ext4: fix overflow caused by missing cast in ext4_resize_fs()
- ARM: dts: armada-38x: Fix irq type for pca955
- media: platform: davinci: return -EINVAL for VPFE_CMD_S_CCDC_RAW_PARAMS
ioctl
- target: Avoid mappedlun symlink creation during lun shutdown
- iscsi-target: Always wait for kthread_should_stop() before kthread exit
- iscsi-target: Fix early sk_data_ready LOGIN_FLAGS_READY race
- iscsi-target: Fix initial login PDU asynchronous socket close OOPs
- iscsi-target: Fix delayed logout processing greater than
SECONDS_FOR_LOGOUT_COMP
- iser-target: Avoid isert_conn->cm_id dereference in isert_login_recv_done
- mm, mprotect: flush TLB if potentially racing with a parallel reclaim
leaving stale TLB entries
- media: lirc: LIRC_GET_REC_RESOLUTION should return microseconds
- f2fs: sanity check checkpoint segno and blkoff
- drm: rcar-du: fix backport bug
- saa7164: fix double fetch PCIe access condition
- ipv4: ipv6: initialize treq->txhash in cookie_v[46]_check()
- net: Zero terminate ifr_name in dev_ifname().
- ipv6: avoid overflow of offset in ip6_find_1stfragopt
- ipv4: initialize fib_trie prior to register_netdev_notifier call.
- rtnetlink: allocate more memory for dev_set_mac_address()
- mcs7780: Fix initialization when CONFIG_VMAP_STACK is enabled
- openvswitch: fix potential out of bound access in parse_ct
- packet: fix use-after-free in prb_retire_rx_blk_timer_expired()
- ipv6: Don't increase IPSTATS_MIB_FRAGFAILS twice in ip6_fragment()
- net: ethernet: nb8800: Handle all 4 RGMII modes identically
- dccp: fix a memleak that dccp_ipv6 doesn't put reqsk properly
- dccp: fix a memleak that dccp_ipv4 doesn't put reqsk properly
- dccp: fix a memleak for dccp_feat_init err process
- sctp: don't dereference ptr before leaving _sctp_walk_{params, errors}()
- sctp: fix the check for _sctp_walk_params and _sctp_walk_errors
- net/mlx5: Fix command bad flow on command entry allocation failure
- net: phy: Correctly process PHY_HALTED in phy_stop_machine()
- net: phy: Fix PHY unbind crash
- xen-netback: correctly schedule rate-limited queues
- sparc64: Measure receiver forward progress to avoid send mondo timeout
- wext: handle NULL extra data in iwe_stream_add_point better
- sh_eth: R8A7740 supports packet shecksumming
- net: phy: dp83867: fix irq generation
- tg3: Fix race condition in tg3_get_stats64().
- x86/boot: Add missing declaration of string functions
- phy state machine: failsafe leave invalid RUNNING state
- scsi: qla2xxx: Get mutex lock before checking optrom_state
- drm/virtio: fix framebuffer sparse warning
- virtio_blk: fix panic in initialization error path
- ARM: 8632/1: ftrace: fix syscall name matching
- mm, slab: make sure that KMALLOC_MAX_SIZE will fit into MAX_ORDER
- lib/Kconfig.debug: fix frv build failure
- signal: protect SIGNAL_UNKILLABLE from unintentional clearing.
- mm: don't dereference struct page fields of invalid pages
- workqueue: implicit ordered attribute should be overridable
- Linux 4.4.81
* Xenial update to 4.4.80 stable release (LP: #1710646)
- af_key: Add lock to key dump
- pstore: Make spinlock per zone instead of global
- powerpc/pseries: Fix of_node_put() underflow during reconfig remove
- crypto: authencesn - Fix digest_null crash
- md/raid5: add thread_group worker async_tx_issue_pending_all
- drm/vmwgfx: Fix gcc-7.1.1 warning
- drm/nouveau/bar/gf100: fix access to upper half of BAR2
- KVM: PPC: Book3S HV: Context-switch EBB registers properly
- KVM: PPC: Book3S HV: Restore critical SPRs to host values on guest exit
- KVM: PPC: Book3S HV: Reload HTM registers explicitly
- KVM: PPC: Book3S HV: Save/restore host values of debug registers
- Revert "powerpc/numa: Fix percpu allocations to be NUMA aware"
- Staging: comedi: comedi_fops: Avoid orphaned proc entry
- drm/rcar: Nuke preclose hook
- drm: rcar-du: Perform initialization/cleanup at probe/remove time
- drm: rcar-du: Simplify and fix probe error handling
- perf intel-pt: Fix ip compression
- perf intel-pt: Fix last_ip usage
- perf intel-pt: Use FUP always when scanning for an IP
- perf intel-pt: Ensure never to set 'last_ip' when packet 'count' is zero
- xfs: don't BUG() on mixed direct and mapped I/O
- nfc: fdp: fix NULL pointer dereference
- net: phy: Do not perform software reset for Generic PHY
- isdn: Fix a sleep-in-atomic bug
- isdn/i4l: fix buffer overflow
- ath10k: fix null deref on wmi-tlv when trying spectral scan
- wil6210: fix deadlock when using fw_no_recovery option
- mailbox: always wait in mbox_send_message for blocking Tx mode
- mailbox: skip complete wait event if timer expired
- mailbox: handle empty message in tx_tick
- mpt3sas: Don't overreach ioc->reply_post[] during initialization
- kaweth: fix firmware download
- kaweth: fix oops upon failed memory allocation
- sched/cgroup: Move sched_online_group() back into css_online() to fix crash
- PM / Domains: defer dev_pm_domain_set() until genpd->attach_dev succeeds if
present
- RDMA/uverbs: Fix the check for port number
- libnvdimm, btt: fix btt_rw_page not returning errors
- ipmi/watchdog: fix watchdog timeout set on reboot
- v4l: s5c73m3: fix negation operator
- pstore: Allow prz to control need for locking
- pstore: Correctly initialize spinlock and flags
- pstore: Use dynamic spinlock initializer
- net: skb_needs_check() accepts CHECKSUM_NONE for tx
- sched/cputime: Fix prev steal time accouting during CPU hotplug
- xen/blkback: don't free be structure too early
- xen/blkback: don't use xen_blkif_get() in xen-blkback kthread
- tpm: fix a kernel memory leak in tpm-sysfs.c
- tpm: Replace device number bitmap with IDR
- x86/mce/AMD: Make the init code more robust
- r8169: add support for RTL8168 series add-on card.
- ARM: dts: n900: Mark eMMC slot with no-sdio and no-sd flags
- net/mlx4: Remove BUG_ON from ICM allocation routine
- drm/msm: Ensure that the hardware write pointer is valid
- drm/msm: Verify that MSM_SUBMIT_BO_FLAGS are set
- vfio-pci: use 32-bit comparisons for register address for gcc-4.5
- irqchip/keystone: Fix "scheduling while atomic" on rt
- ASoC: tlv320aic3x: Mark the RESET register as volatile
- spi: dw: Make debugfs name unique between instances
- ASoC: nau8825: fix invalid configuration in Pre-Scalar of FLL
- irqchip/mxs: Enable SKIP_SET_WAKE and MASK_ON_SUSPEND
- openrisc: Add _text symbol to fix ksym build error
- dmaengine: ioatdma: Add Skylake PCI Dev ID
- dmaengine: ioatdma: workaround SKX ioatdma version
- dmaengine: ti-dma-crossbar: Add some 'of_node_put()' in error path.
- ARM64: zynqmp: Fix W=1 dtc 1.4 warnings
- ARM64: zynqmp: Fix i2c node's compatible string
- ARM: s3c2410_defconfig: Fix invalid values for NF_CT_PROTO_*
- ACPI / scan: Prefer devices without _HID/_CID for _ADR matching
- usb: gadget: Fix copy/pasted error message
- Btrfs: adjust outstanding_extents counter properly when dio write is split
- tools lib traceevent: Fix prev/next_prio for deadline tasks
- xfrm: Don't use sk_family for socket policy lookups
- perf tools: Install tools/lib/traceevent plugins with install-bin
- perf symbols: Robustify reading of build-id from sysfs
- video: fbdev: cobalt_lcdfb: Handle return NULL error from devm_ioremap
- vfio-pci: Handle error from pci_iomap
- arm64: mm: fix show_pte KERN_CONT fallout
- nvmem: imx-ocotp: Fix wrong register size
- sh_eth: enable RX descriptor word 0 shift on SH7734
- ALSA: usb-audio: test EP_FLAG_RUNNING at urb completion
- HID: ignore Petzl USB headlamp
- scsi: fnic: Avoid sending reset to firmware when another reset is in
progress
- scsi: snic: Return error code on memory allocation failure
- ASoC: dpcm: Avoid putting stream state to STOP when FE stream is paused
- Linux 4.4.80
* Please only recommend or suggest initramfs-tools | linux-initramfs-tool for
kernels able to boot without initramfs (LP: #1700972)
- [Debian] Don't depend on initramfs-tools
[ Ubuntu: 4.4.0-93.116 ]
* linux: 4.4.0-93.116 -proposed tracker (LP: #1709296)
* Creating conntrack entry failure with kernel 4.4.0-89 (LP: #1709032)
- Revert "Revert "netfilter: synproxy: fix conntrackd interaction""
- netfilter: nf_ct_ext: fix possible panic after nf_ct_extend_unregister
* CVE-2017-1000112
- Revert "udp: consistently apply ufo or fragmentation"
- udp: consistently apply ufo or fragmentation
* CVE-2017-1000111
- Revert "net-packet: fix race in packet_set_ring on PACKET_RESERVE"
- packet: fix tp_reserve race in packet_set_ring
* kernel BUG at [tty_ldisc_reinit] mm/slub.c! (LP: #1709126)
- tty: Simplify tty_set_ldisc() exit handling
- tty: Reset c_line from driver's init_termios
- tty: Handle NULL tty->ldisc
- tty: Move tty_ldisc_kill()
- tty: Use 'disc' for line discipline index name
- tty: Refactor tty_ldisc_reinit() for reuse
- tty: Destroy ldisc instance on hangup
* atheros bt failed after S3 (LP: #1706833)
- SAUCE: Bluetooth: Make request workqueue freezable
* The Precision Touchpad(PTP) button sends incorrect event code (LP: #1708372)
- HID: multitouch: handle external buttons for Precision Touchpads
* Set CONFIG_SATA_HIGHBANK=y on armhf (LP: #1703430)
- [Config] CONFIG_SATA_HIGHBANK=y
* xfs slab objects (memory) leak when xfs shutdown is called (LP: #1706132)
- xfs: fix xfs_log_ticket leak in xfs_end_io() after fs shutdown
* Adt tests of src:linux time out often on armhf lxc containers (LP: #1705495)
- [Packaging] tests -- reduce rebuild test to one flavour
* CVE-2017-7495
- ext4: fix data exposure after a crash
* ubuntu/rsi driver downlink wifi throughput drops to 5-6 Mbps when BT
keyboard is connected (LP: #1706991)
- SAUCE: Redpine: enable power save by default for coex mode
- SAUCE: Redpine: uapsd configuration changes
* [Hyper-V] hv_netvsc: Exclude non-TCP port numbers from vRSS hashing
(LP: #1690174)
- hv_netvsc: Exclude non-TCP port numbers from vRSS hashing
* ath10k doesn't report full RSSI information (LP: #1706531)
- ath10k: add per chain RSSI reporting
* ideapad_laptop don't support v310-14isk (LP: #1705378)
- platform/x86: ideapad-laptop: Add several models to no_hw_rfkill
* [8087:0a2b] Failed to load bluetooth firmware(might affect some other Intel
bt devices) (LP: #1705633)
- Bluetooth: btintel: Create common Intel Version Read function
- Bluetooth: Use switch statement for Intel hardware variants
- Bluetooth: Replace constant hw_variant from Intel Bluetooth firmware
filename
- Bluetooth: hci_intel: Fix firmware file name to use hw_variant
- Bluetooth: btintel: Add MODULE_FIRMWARE entries for iBT 3.5 controllers
* xhci_hcd: ERROR Transfer event TRB DMA ptr not part of current TD ep_index 2
comp_code 13 (LP: #1667750)
- xhci: Bad Ethernet performance plugged in ASM1042A host
* OpenPower: Some multipaths temporarily have only a single path
(LP: #1696445)
- scsi: ses: don't get power status of SES device slot on probe
* Hotkeys on new Thinkpad systems aren't working (LP: #1705169)
- platform/x86: thinkpad_acpi: Adding new hotkey ID for Lenovo thinkpad
- platform/x86: thinkpad_acpi: guard generic hotkey case
- platform/x86: thinkpad_acpi: add mapping for new hotkeys
* CVE-2015-7837
- SAUCE: (no-up) kexec/uefi: copy secure_boot flag in boot params across kexec
reboot
* misleading kernel warning skb_warn_bad_offload during checksum calculation
(LP: #1705447)
- net: reduce skb_warn_bad_offload() noise
* bonding: stack dump when unregistering a netdev (LP: #1704102)
- bonding: avoid NETDEV_CHANGEMTU event when unregistering slave
* Ubuntu 16.04 IOB Error when the Mustang board rebooted (LP: #1693673)
- drivers: net: xgene: Fix redundant prefetch buffer cleanup
* Ubuntu16.04: NVMe 4K+T10 DIF/DIX format returns I/O error on dd with split
op (LP: #1689946)
- blk-mq: NVMe 512B/4K+T10 DIF/DIX format returns I/O error on dd with split
op
* linux >= 4.2: bonding 802.3ad does not work with 5G, 25G and 50G link speeds
(LP: #1697892)
- bonding: add 802.3ad support for 100G speeds
- bonding: fix 802.3ad aggregator reselection
- bonding: add 802.3ad support for 25G speeds
- bonding: fix 802.3ad support for 5G and 50G speeds
* Xenial update to 4.4.79 stable release (LP: #1707233)
- disable new gcc-7.1.1 warnings for now
- ir-core: fix gcc-7 warning on bool arithmetic
- s5p-jpeg: don't return a random width/height
- thermal: cpu_cooling: Avoid accessing potentially freed structures
- ath9k: fix tx99 use after free
- ath9k: fix tx99 bus error
- NFC: fix broken device allocation
- NFC: nfcmrvl_uart: add missing tty-device sanity check
- NFC: nfcmrvl: do not use device-managed resources
- NFC: nfcmrvl: use nfc-device for firmware download
- NFC: nfcmrvl: fix firmware-management initialisation
- nfc: Ensure presence of required attributes in the activate_target handler
- nfc: Fix the sockaddr length sanitization in llcp_sock_connect
- NFC: Add sockaddr length checks before accessing sa_family in bind handlers
- perf intel-pt: Move decoder error setting into one condition
- perf intel-pt: Improve sample timestamp
- perf intel-pt: Fix missing stack clear
- perf intel-pt: Ensure IP is zero when state is INTEL_PT_STATE_NO_IP
- perf intel-pt: Clear FUP flag on error
- Bluetooth: use constant time memory comparison for secret values
- wlcore: fix 64K page support
- ASoC: compress: Derive substream from stream based on direction
- PM / Domains: Fix unsafe iteration over modified list of device links
- PM / Domains: Fix unsafe iteration over modified list of domain providers
- scsi: ses: do not add a device to an enclosure if enclosure_add_links()
fails.
- iscsi-target: Add login_keys_workaround attribute for non RFC initiators
- powerpc/64: Fix atomic64_inc_not_zero() to return an int
- powerpc: Fix emulation of mcrf in emulate_step()
- powerpc: Fix emulation of mfocrf in emulate_step()
- powerpc/asm: Mark cr0 as clobbered in mftb()
- af_key: Fix sadb_x_ipsecrequest parsing
- PCI/PM: Restore the status of PCI devices across hibernation
- ipvs: SNAT packet replies only for NATed connections
- xhci: fix 20000ms port resume timeout
- xhci: Fix NULL pointer dereference when cleaning up streams for removed host
- usb: storage: return on error to avoid a null pointer dereference
- USB: cdc-acm: add device-id for quirky printer
- usb: renesas_usbhs: fix usbhsc_resume() for !USBHSF_RUNTIME_PWCTRL
- usb: renesas_usbhs: gadget: disable all eps when the driver stops
- md: don't use flush_signals in userspace processes
- x86/xen: allow userspace access during hypercalls
- cx88: Fix regression in initial video standard setting
- Raid5 should update rdev->sectors after reshape
- s390/syscalls: Fix out of bounds arguments access
- drm/amd/amdgpu: Return error if initiating read out of range on vram
- drm/radeon/ci: disable mclk switching for high refresh rates (v2)
- drm/radeon: Fix eDP for single-display iMac10,1 (v2)
- ipmi: use rcu lock around call to intf->handlers->sender()
- ipmi:ssif: Add missing unlock in error branch
- f2fs: Don't clear SGID when inheriting ACLs
- vfio: Fix group release deadlock
- vfio: New external user group/file match
- ftrace: Fix uninitialized variable in match_records()
- MIPS: Fix mips_atomic_set() retry condition
- MIPS: Fix mips_atomic_set() with EVA
- MIPS: Negate error syscall return in trace
- x86/acpi: Prevent out of bound access caused by broken ACPI tables
- x86/ioapic: Pass the correct data to unmask_ioapic_irq()
- MIPS: Fix MIPS I ISA /proc/cpuinfo reporting
- MIPS: Save static registers before sysmips
- MIPS: Actually decode JALX in `__compute_return_epc_for_insn'
- MIPS: Fix unaligned PC interpretation in `compute_return_epc'
- MIPS: math-emu: Prevent wrong ISA mode instruction emulation
- MIPS: Send SIGILL for BPOSGE32 in `__compute_return_epc_for_insn'
- MIPS: Rename `sigill_r6' to `sigill_r2r6' in `__compute_return_epc_for_insn'
- MIPS: Send SIGILL for linked branches in `__compute_return_epc_for_insn'
- MIPS: Fix a typo: s/preset/present/ in r2-to-r6 emulation error message
- Input: i8042 - fix crash at boot time
- NFS: only invalidate dentrys that are clearly invalid.
- udf: Fix deadlock between writeback and udf_setsize()
- target: Fix COMPARE_AND_WRITE caw_sem leak during se_cmd quiesce
- perf annotate: Fix broken arrow at row 0 connecting jmp instruction to its
target
- Revert "perf/core: Drop kernel samples even though :u is specified"
- staging: rtl8188eu: add TL-WN722N v2 support
- ceph: fix race in concurrent readdir
- RDMA/core: Initialize port_num in qp_attr
- drm/mst: Fix error handling during MST sideband message reception
- drm/mst: Avoid dereferencing a NULL mstb in drm_dp_mst_handle_up_req()
- drm/mst: Avoid processing partially received up/down message transactions
- of: device: Export of_device_{get_modalias, uvent_modalias} to modules
- spmi: Include OF based modalias in device uevent
- tracing: Fix kmemleak in instance_rmdir
- alarmtimer: don't rate limit one-shot timers
- Linux 4.4.79
* Xenial update to 4.4.78 stable release (LP: #1705707)
- net_sched: fix error recovery at qdisc creation
- net: sched: Fix one possible panic when no destroy callback
- net/phy: micrel: configure intterupts after autoneg workaround
- ipv6: avoid unregistering inet6_dev for loopback
- net: dp83640: Avoid NULL pointer dereference.
- tcp: reset sk_rx_dst in tcp_disconnect()
- net: prevent sign extension in dev_get_stats()
- bpf: prevent leaking pointer via xadd on unpriviledged
- net: handle NAPI_GRO_FREE_STOLEN_HEAD case also in napi_frags_finish()
- ipv6: dad: don't remove dynamic addresses if link is down
- net: ipv6: Compare lwstate in detecting duplicate nexthops
- vrf: fix bug_on triggered by rx when destroying a vrf
- rds: tcp: use sock_create_lite() to create the accept socket
- brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx()
- cfg80211: Define nla_policy for NL80211_ATTR_LOCAL_MESH_POWER_MODE
- cfg80211: Validate frequencies nested in NL80211_ATTR_SCAN_FREQUENCIES
- cfg80211: Check if PMKID attribute is of expected size
- irqchip/gic-v3: Fix out-of-bound access in gic_set_affinity
- parisc: Report SIGSEGV instead of SIGBUS when running out of stack
- parisc: use compat_sys_keyctl()
- parisc: DMA API: return error instead of BUG_ON for dma ops on non dma devs
- parisc/mm: Ensure IRQs are off in switch_mm()
- tools/lib/lockdep: Reduce MAX_LOCK_DEPTH to avoid overflowing lock_chain/:
Depth
- kernel/extable.c: mark core_kernel_text notrace
- mm/list_lru.c: fix list_lru_count_node() to be race free
- fs/dcache.c: fix spin lockup issue on nlru->lock
- checkpatch: silence perl 5.26.0 unescaped left brace warnings
- binfmt_elf: use ELF_ET_DYN_BASE only for PIE
- arm: move ELF_ET_DYN_BASE to 4MB
- arm64: move ELF_ET_DYN_BASE to 4GB / 4MB
- powerpc: move ELF_ET_DYN_BASE to 4GB / 4MB
- s390: reduce ELF_ET_DYN_BASE
- exec: Limit arg stack to at most 75% of _STK_LIM
- vt: fix unchecked __put_user() in tioclinux ioctls
- mnt: In umount propagation reparent in a separate pass
- mnt: In propgate_umount handle visiting mounts in any order
- mnt: Make propagate_umount less slow for overlapping mount propagation trees
- selftests/capabilities: Fix the test_execve test
- tpm: Get rid of chip->pdev
- tpm: Provide strong locking for device removal
- Add "shutdown" to "struct class".
- tpm: Issue a TPM2_Shutdown for TPM2 devices.
- mm: fix overflow check in expand_upwards()
- crypto: talitos - Extend max key length for SHA384/512-HMAC and AEAD
- crypto: atmel - only treat EBUSY as transient if backlog
- crypto: sha1-ssse3 - Disable avx2
- crypto: caam - fix signals handling
- sched/topology: Fix overlapping sched_group_mask
- sched/topology: Optimize build_group_mask()
- PM / wakeirq: Convert to SRCU
- PM / QoS: return -EINVAL for bogus strings
- tracing: Use SOFTIRQ_OFFSET for softirq dectection for more accurate results
- KVM: x86: disable MPX if host did not enable MPX XSAVE features
- kvm: vmx: Do not disable intercepts for BNDCFGS
- kvm: x86: Guest BNDCFGS requires guest MPX support
- kvm: vmx: Check value written to IA32_BNDCFGS
- kvm: vmx: allow host to access guest MSR_IA32_BNDCFGS
- Linux 4.4.78
* Xenial update to 4.4.77 stable release (LP: #1705238)
- fs: add a VALID_OPEN_FLAGS
- fs: completely ignore unknown open flags
- driver core: platform: fix race condition with driver_override
- bgmac: reset & enable Ethernet core before using it
- mm: fix classzone_idx underflow in shrink_zones()
- tracing/kprobes: Allow to create probe with a module name starting with a
digit
- usb: dwc3: replace %p with %pK
- USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick
- Add USB quirk for HVR-950q to avoid intermittent device resets
- usb: usbip: set buffer pointers to NULL after free
- usb: Fix typo in the definition of Endpoint[out]Request
- mac80211_hwsim: Replace bogus hrtimer clockid
- sysctl: don't print negative flag for proc_douintvec
- sysctl: report EINVAL if value is larger than UINT_MAX for proc_douintvec
- pinctrl: sh-pfc: r8a7791: Fix SCIF2 pinmux data
- pinctrl: meson: meson8b: fix the NAND DQS pins
- pinctrl: sunxi: Fix SPDIF function name for A83T
- pinctrl: mxs: atomically switch mux and drive strength config
- pinctrl: sh-pfc: Update info pointer after SoC-specific init
- USB: serial: option: add two Longcheer device ids
- USB: serial: qcserial: new Sierra Wireless EM7305 device ID
- gfs2: Fix glock rhashtable rcu bug
- x86/tools: Fix gcc-7 warning in relocs.c
- x86/uaccess: Optimize copy_user_enhanced_fast_string() for short strings
- ath10k: override CE5 config for QCA9377
- KEYS: Fix an error code in request_master_key()
- RDMA/uverbs: Check port number supplied by user verbs cmds
- mqueue: fix a use-after-free in sys_mq_notify()
- tools include: Add a __fallthrough statement
- tools string: Use __fallthrough in perf_atoll()
- tools strfilter: Use __fallthrough
- perf top: Use __fallthrough
- perf intel-pt: Use __fallthrough
- perf thread_map: Correctly size buffer used with dirent->dt_name
- perf scripting perl: Fix compile error with some perl5 versions
- perf tests: Avoid possible truncation with dirent->d_name + snprintf
- perf bench numa: Avoid possible truncation when using snprintf()
- perf tools: Use readdir() instead of deprecated readdir_r()
- perf thread_map: Use readdir() instead of deprecated readdir_r()
- perf script: Use readdir() instead of deprecated readdir_r()
- perf tools: Remove duplicate const qualifier
- perf annotate browser: Fix behaviour of Shift-Tab with nothing focussed
- perf pmu: Fix misleadingly indented assignment (whitespace)
- perf dwarf: Guard !x86_64 definitions under #ifdef else clause
- perf trace: Do not process PERF_RECORD_LOST twice
- perf tests: Remove wrong semicolon in while loop in CQM test
- perf tools: Use readdir() instead of deprecated readdir_r() again
- md: fix incorrect use of lexx_to_cpu in does_sb_need_changing
- md: fix super_offset endianness in super_1_rdev_size_change
- tcp: fix tcp_mark_head_lost to check skb len before fragmenting
- staging: vt6556: vnt_start Fix missing call to vnt_key_init_table.
- staging: comedi: fix clean-up of comedi_class in comedi_init()
- ext4: check return value of kstrtoull correctly in reserved_clusters_store
- x86/mm/pat: Don't report PAT on CPUs that don't support it
- saa7134: fix warm Medion 7134 EEPROM read
- Linux 4.4.77
[ Ubuntu: 4.4.0-92.115 ]
* linux: 4.4.0-92.115 -proposed tracker (LP: #1709812)
* Creating conntrack entry failure with kernel 4.4.0-89 (LP: #1709032)
- Revert "netfilter: synproxy: fix conntrackd interaction"
[ Ubuntu: 4.4.0-91.114 ]
* CVE-2017-1000112
- ipv4: Should use consistent conditional judgement for ip fragment in
__ip_append_data and ip_finish_output
- ipv6: Don't use ufo handling on later transformed packets
- udp: avoid ufo handling on IP payload compression packets
- ipv6: Should use consistent conditional judgement for ip6 fragment between
__ip6_append_data and ip6_finish_output
- net: account for current skb length when deciding about UFO
- udp: consistently apply ufo or fragmentation
* CVE-2017-1000111
- net-packet: fix race in packet_set_ring on PACKET_RESERVE
[ Ubuntu: 4.4.0-89.112 ]
* CVE-2017-7533
- dentry name snapshots
-- Juerg Haefliger <email address hidden> Thu, 12 Oct 2017 13:37:16 +0200
-
linux-aws (4.4.0-1001.1) trusty; urgency=low
[ Kamal Mostafa ]
* Initial linux-aws packaging based on Ubuntu Xenial (4.4.0-88.111)
-- Kamal Mostafa <email address hidden> Fri, 18 Aug 2017 12:28:26 -0700
