Format: 1.8 Date: Thu, 15 Nov 2018 19:11:04 -0500 Source: linux-kvm Binary: linux-kvm-headers-4.15.0-1027 linux-kvm-tools-4.15.0-1027 linux-kvm-cloud-tools-4.15.0-1027 linux-image-4.15.0-1027-kvm linux-modules-4.15.0-1027-kvm linux-modules-extra-4.15.0-1027-kvm linux-headers-4.15.0-1027-kvm linux-image-4.15.0-1027-kvm-dbgsym linux-tools-4.15.0-1027-kvm linux-cloud-tools-4.15.0-1027-kvm linux-udebs-kvm Architecture: amd64 all amd64_translations Version: 4.15.0-1027.27 Distribution: bionic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Khalid Elmously Description: linux-cloud-tools-4.15.0-1027-kvm - Linux kernel version specific cloud tools for version 4.15.0-1027 linux-headers-4.15.0-1027-kvm - Linux kernel headers for version 4.15.0 on 64 bit x86 SMP linux-image-4.15.0-1027-kvm - Linux kernel image for version 4.15.0 on 64 bit x86 SMP linux-image-4.15.0-1027-kvm-dbgsym - Linux kernel debug image for version 4.15.0 on 64 bit x86 SMP linux-kvm-cloud-tools-4.15.0-1027 - Linux kernel version specific cloud tools for version 4.15.0-1027 linux-kvm-headers-4.15.0-1027 - Header files related to Linux kernel version 4.15.0 linux-kvm-tools-4.15.0-1027 - Linux kernel version specific tools for version 4.15.0-1027 linux-modules-4.15.0-1027-kvm - Linux kernel extra modules for version 4.15.0 on 64 bit x86 SMP linux-modules-extra-4.15.0-1027-kvm - Linux kernel extra modules for version 4.15.0 on 64 bit x86 SMP linux-tools-4.15.0-1027-kvm - Linux kernel version specific tools for version 4.15.0-1027 linux-udebs-kvm - Metapackage depending on kernel udebs (udeb) Launchpad-Bugs-Fixed: 1784501 1786013 1786139 1786729 1787405 1789161 1792580 1793458 1797367 1797990 1798165 1798182 1798441 1798552 1799049 1799184 1799276 1799281 1799794 1800537 1800639 1800641 1800849 1801686 1801875 1801878 1801924 1802023 1802341 1802554 1802561 1803592 Changes: linux-kvm (4.15.0-1027.27) bionic; urgency=medium . * linux-kvm: 4.15.0-1027.27 -proposed tracker (LP: #1802561) . [ Ubuntu: 4.15.0-42.45 ] . * linux: 4.15.0-42.45 -proposed tracker (LP: #1803592) * [FEAT] Guest-dedicated Crypto Adapters (LP: #1787405) - KVM: s390: reset crypto attributes for all vcpus - KVM: s390: vsie: simulate VCPU SIE entry/exit - KVM: s390: introduce and use KVM_REQ_VSIE_RESTART - KVM: s390: refactor crypto initialization - s390: vfio-ap: base implementation of VFIO AP device driver - s390: vfio-ap: register matrix device with VFIO mdev framework - s390: vfio-ap: sysfs interfaces to configure adapters - s390: vfio-ap: sysfs interfaces to configure domains - s390: vfio-ap: sysfs interfaces to configure control domains - s390: vfio-ap: sysfs interface to view matrix mdev matrix - KVM: s390: interface to clear CRYCB masks - s390: vfio-ap: implement mediated device open callback - s390: vfio-ap: implement VFIO_DEVICE_GET_INFO ioctl - s390: vfio-ap: zeroize the AP queues - s390: vfio-ap: implement VFIO_DEVICE_RESET ioctl - KVM: s390: Clear Crypto Control Block when using vSIE - KVM: s390: vsie: Do the CRYCB validation first - KVM: s390: vsie: Make use of CRYCB FORMAT2 clear - KVM: s390: vsie: Allow CRYCB FORMAT-2 - KVM: s390: vsie: allow CRYCB FORMAT-1 - KVM: s390: vsie: allow CRYCB FORMAT-0 - KVM: s390: vsie: allow guest FORMAT-0 CRYCB on host FORMAT-1 - KVM: s390: vsie: allow guest FORMAT-1 CRYCB on host FORMAT-2 - KVM: s390: vsie: allow guest FORMAT-0 CRYCB on host FORMAT-2 - KVM: s390: device attrs to enable/disable AP interpretation - KVM: s390: CPU model support for AP virtualization - s390: doc: detailed specifications for AP virtualization - KVM: s390: fix locking for crypto setting error path - KVM: s390: Tracing APCB changes - s390: vfio-ap: setup APCB mask using KVM dedicated function - s390/zcrypt: Add ZAPQ inline function. - s390/zcrypt: Review inline assembler constraints. - s390/zcrypt: Integrate ap_asm.h into include/asm/ap.h. - s390/zcrypt: fix ap_instructions_available() returncodes - s390/zcrypt: remove VLA usage from the AP bus - s390/zcrypt: Remove deprecated ioctls. - s390/zcrypt: Remove deprecated zcrypt proc interface. - s390/zcrypt: Support up to 256 crypto adapters. - [Config:] Enable CONFIG_S390_AP_IOMMU and set CONFIG_VFIO_AP to module. * Bypass of mount visibility through userns + mount propagation (LP: #1789161) - mount: Retest MNT_LOCKED in do_umount - mount: Don't allow copying MNT_UNBINDABLE|MNT_LOCKED mounts * CVE-2018-18955: nested user namespaces with more than five extents incorrectly grant privileges over inode (LP: #1801924) // CVE-2018-18955 - userns: also map extents in the reverse map to kernel IDs * kdump fail due to an IRQ storm (LP: #1797990) - SAUCE: x86/PCI: Export find_cap() to be used in early PCI code - SAUCE: x86/quirks: Add parameter to clear MSIs early on boot - SAUCE: x86/quirks: Scan all busses for early PCI quirks . [ Ubuntu: 4.15.0-40.43 ] . * linux: 4.15.0-40.43 -proposed tracker (LP: #1802554) * crash in ENA driver on removing an interface (LP: #1802341) - SAUCE: net: ena: fix crash during ena_remove() * Ubuntu 18.04.1 - [s390x] Kernel panic while stressing network bonding (LP: #1797367) - s390/qeth: don't keep track of MAC address's cast type - s390/qeth: consolidate qeth MAC address helpers - s390/qeth: avoid using is_multicast_ether_addr_64bits on (u8 *)[6] - s390/qeth: remove outdated portname debug msg - s390/qeth: reduce hard-coded access to ccw channels - s390/qeth: sanitize strings in debug messages * [18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic driver binding (LP: #1799184) - s390/zcrypt: code beautify - s390/zcrypt: AP bus support for alternate driver(s) - s390/zcrypt: hex string mask improvements for apmask and aqmask. - s390/zcrypt: remove unused functions and declarations - s390/zcrypt: Show load of cards and queues in sysfs * [GLK/CLX] Enhanced IBRS (LP: #1786139) - x86/speculation: Remove SPECTRE_V2_IBRS in enum spectre_v2_mitigation - x86/speculation: Support Enhanced IBRS on future CPUs * Allow signed kernels to be kexec'ed under lockdown (LP: #1798441) - Fix kexec forbidding kernels signed with keys in the secondary keyring to boot * Overlayfs in user namespace leaks directory content of inaccessible directories (LP: #1793458) // CVE-2018-6559 - SAUCE: overlayfs: ensure mounter privileges when reading directories * Update ENA driver to version 2.0.1K (LP: #1798182) - net: ena: remove ndo_poll_controller - net: ena: fix warning in rmmod caused by double iounmap - net: ena: fix rare bug when failed restart/resume is followed by driver removal - net: ena: fix NULL dereference due to untimely napi initialization - net: ena: fix auto casting to boolean - net: ena: minor performance improvement - net: ena: complete host info to match latest ENA spec - net: ena: introduce Low Latency Queues data structures according to ENA spec - net: ena: add functions for handling Low Latency Queues in ena_com - net: ena: add functions for handling Low Latency Queues in ena_netdev - net: ena: use CSUM_CHECKED device indication to report skb's checksum status - net: ena: explicit casting and initialization, and clearer error handling - net: ena: limit refill Rx threshold to 256 to avoid latency issues - net: ena: change rx copybreak default to reduce kernel memory pressure - net: ena: remove redundant parameter in ena_com_admin_init() - net: ena: update driver version to 2.0.1 - net: ena: fix indentations in ena_defs for better readability - net: ena: Fix Kconfig dependency on X86 - net: ena: enable Low Latency Queues - net: ena: fix compilation error in xtensa architecture * Bionic update: upstream stable patchset 2018-10-29 (LP: #1800537) - bonding: re-evaluate force_primary when the primary slave name changes - cdc_ncm: avoid padding beyond end of skb - ipv6: allow PMTU exceptions to local routes - net: dsa: add error handling for pskb_trim_rcsum - net/sched: act_simple: fix parsing of TCA_DEF_DATA - tcp: verify the checksum of the first data segment in a new connection - udp: fix rx queue len reported by diag and proc interface - net: in virtio_net_hdr only add VLAN_HLEN to csum_start if payload holds vlan - tls: fix use-after-free in tls_push_record - ext4: fix hole length detection in ext4_ind_map_blocks() - ext4: update mtime in ext4_punch_hole even if no blocks are released - ext4: bubble errors from ext4_find_inline_data_nolock() up to ext4_iget() - ext4: fix fencepost error in check for inode count overflow during resize - driver core: Don't ignore class_dir_create_and_add() failure. - Btrfs: fix clone vs chattr NODATASUM race - Btrfs: fix memory and mount leak in btrfs_ioctl_rm_dev_v2() - btrfs: return error value if create_io_em failed in cow_file_range - btrfs: scrub: Don't use inode pages for device replace - ALSA: hda/conexant - Add fixup for HP Z2 G4 workstation - ALSA: hda - Handle kzalloc() failure in snd_hda_attach_pcm_stream() - ALSA: hda: add dock and led support for HP EliteBook 830 G5 - ALSA: hda: add dock and led support for HP ProBook 640 G4 - x86/MCE: Fix stack out-of-bounds write in mce-inject.c: Flags_read() - smb3: fix various xid leaks - CIFS: 511c54a2f69195b28afb9dd119f03787b1625bb4 adds a check for session expiry - cifs: For SMB2 security informaion query, check for minimum sized security descriptor instead of sizeof FileAllInformation class - nbd: fix nbd device deletion - nbd: update size when connected - nbd: use bd_set_size when updating disk size - blk-mq: reinit q->tag_set_list entry only after grace period - bdi: Move cgroup bdi_writeback to a dedicated low concurrency workqueue - cpufreq: Fix new policy initialization during limits updates via sysfs - cpufreq: governors: Fix long idle detection logic in load calculation - libata: zpodd: small read overflow in eject_tray() - libata: Drop SanDisk SD7UB3Q*G1001 NOLPM quirk - w1: mxc_w1: Enable clock before calling clk_get_rate() on it - x86/intel_rdt: Enable CMT and MBM on new Skylake stepping - iwlwifi: fw: harden page loading code - orangefs: set i_size on new symlink - orangefs: report attributes_mask and attributes for statx - HID: intel_ish-hid: ipc: register more pm callbacks to support hibernation - HID: wacom: Correct logical maximum Y for 2nd-gen Intuos Pro large - mm, page_alloc: do not break __GFP_THISNODE by zonelist reset - net: phy: dp83822: use BMCR_ANENABLE instead of BMSR_ANEGCAPABLE for DP83620 - cpufreq: ti-cpufreq: Fix an incorrect error return value - x86/vector: Fix the args of vector_alloc tracepoint - x86/apic/vector: Prevent hlist corruption and leaks - x86/apic: Provide apic_ack_irq() - x86/ioapic: Use apic_ack_irq() - x86/platform/uv: Use apic_ack_irq() - irq_remapping: Use apic_ack_irq() - genirq/generic_pending: Do not lose pending affinity update - genirq/affinity: Defer affinity setting if irq chip is busy - genirq/migration: Avoid out of line call if pending is not set * [bionic]mlx5: reading SW stats through ifstat cause kernel crash (LP: #1799049) - net/mlx5e: Don't attempt to dereference the ppriv struct if not being eswitch manager * [Bionic][Cosmic] ipmi: Fix timer race with module unload (LP: #1799281) - ipmi: Fix timer race with module unload * [Bionic] ipmi: Remove ACPI SPMI probing from the SSIF (I2C) driver (LP: #1799276) - ipmi: Remove ACPI SPMI probing from the SSIF (I2C) driver * execveat03 in ubuntu_ltp_syscalls failed on X/B (LP: #1786729) - cap_inode_getsecurity: use d_find_any_alias() instead of d_find_alias() * [Bionic][Cosmic] Fix to ipmi to support vendor specific messages greater than 255 bytes (LP: #1799794) - ipmi:ssif: Add support for multi-part transmit messages > 2 parts * libvirtd is unable to configure bridge devices inside of LXD containers (LP: #1784501) - kernfs: allow creating kernfs objects with arbitrary uid/gid - sysfs, kobject: allow creating kobject belonging to arbitrary users - kobject: kset_create_and_add() - fetch ownership info from parent - driver core: set up ownership of class devices in sysfs - net-sysfs: require net admin in the init ns for setting tx_maxrate - net-sysfs: make sure objects belong to container's owner - net: create reusable function for getting ownership info of sysfs inodes - bridge: make sure objects belong to container's owner - sysfs: Fix regression when adding a file to an existing group * [Ubuntu] kvm: fix deadlock when killed by oom (LP: #1800849) - s390/kvm: fix deadlock when killed by oom * [Ubuntu] net/af_iucv: fix skb leaks for HiperTransport (LP: #1800639) - net/af_iucv: drop inbound packets with invalid flags - net/af_iucv: fix skb handling on HiperTransport xmit error * Power consumption during s2idle is higher than long idle(sk hynix) (LP: #1801875) - SAUCE: pci: prevent sk hynix nvme from entering D3 - SAUCE: nvme: add quirk to not call disable function when suspending * Enable keyboard wakeup for S2Idle laptops (LP: #1798552) - Input: i8042 - enable keyboard wakeups by default when s2idle is used * NULL pointer dereference at 0000000000000020 when access dst_orig->ops->family in function xfrm_lookup_with_ifid() (LP: #1801878) - xfrm: Fix NULL pointer dereference when skb_dst_force clears the dst_entry. * [Ubuntu] qdio: reset old sbal_state flags (LP: #1801686) - s390/qdio: reset old sbal_state flags * hns3: map tx ring to tc (LP: #1802023) - net: hns3: Set tx ring' tc info when netdev is up * [Ubuntu] qeth: Fix potential array overrun in cmd/rc lookup (LP: #1800641) - s390: qeth_core_mpc: Use ARRAY_SIZE instead of reimplementing its function - s390: qeth: Fix potential array overrun in cmd/rc lookup * Vulkan applications cause permanent memory leak with Intel GPU (LP: #1798165) - drm/syncobj: Don't leak fences when WAIT_FOR_SUBMIT is set * Mounting SOFS SMB shares fails (LP: #1792580) - cifs: connect to servername instead of IP for IPC$ share * Packaging resync (LP: #1786013) - [Package] add support for specifying the primary makefile Checksums-Sha1: 4a30ee8661ddff61d5b4ecf862c7cda2ce712c67 772812 linux-headers-4.15.0-1027-kvm_4.15.0-1027.27_amd64.deb 822ef8f6bfb80aa9f58eec3779e8f5232565bd11 9149924 linux-image-4.15.0-1027-kvm-dbgsym_4.15.0-1027.27_amd64.ddeb 5c3883e1737e06766951c84b136bc080ae74515c 4279916 linux-image-4.15.0-1027-kvm_4.15.0-1027.27_amd64.deb 1edb768fdbfee70698fbdd4d2c7a79b237b56db8 11003576 linux-kvm-headers-4.15.0-1027_4.15.0-1027.27_all.deb e3427b10c7b675e86d9000f87676785564609652 4815760 linux-kvm-tools-4.15.0-1027-dbgsym_4.15.0-1027.27_amd64.ddeb 63322b19f23ed74b899583138758020fb5943f88 1204376 linux-kvm-tools-4.15.0-1027_4.15.0-1027.27_amd64.deb 9faa005fa9324b881bda5060663da5d7729d1e2b 14556 linux-kvm_4.15.0-1027.27_amd64.buildinfo 5e16ba2d9989832412c6511e4b71f3dbf89142ae 24108 linux-kvm_4.15.0-1027.27_amd64_translations.tar.gz df5ca8b4cbb5c2b4e650314f1b6efd53c36e7ea2 5611396 linux-modules-4.15.0-1027-kvm_4.15.0-1027.27_amd64.deb ec834cc11ec07a0b1a79282a65e39abd4dc1f323 2668 linux-tools-4.15.0-1027-kvm_4.15.0-1027.27_amd64.deb Checksums-Sha256: 05862d72cffc86cc20a13bc3513ee3a73189934c03912acb03e55a6448980409 772812 linux-headers-4.15.0-1027-kvm_4.15.0-1027.27_amd64.deb 2d9bdb4b9516a93e4c13dc08147f6cbe0af7d774ace8973b5b20c8f82d91cb28 9149924 linux-image-4.15.0-1027-kvm-dbgsym_4.15.0-1027.27_amd64.ddeb f8136d12669055de6674ea67cc003af1d50969d4c52ff2251a102c2f43512ef7 4279916 linux-image-4.15.0-1027-kvm_4.15.0-1027.27_amd64.deb 69fe2eda7579bf3678a94a0e4b9aa40ca0336f6f0ccc0f07123b0fd9b0a66d90 11003576 linux-kvm-headers-4.15.0-1027_4.15.0-1027.27_all.deb 280292436bf5a5da677b54eb88d69f4be9d4301ef1ad7800aa072128d5ebb01c 4815760 linux-kvm-tools-4.15.0-1027-dbgsym_4.15.0-1027.27_amd64.ddeb 019eb7332f01f2e3b177a5b10a41eb4ef3ed910630921f5cb8b84a8ed630e3c2 1204376 linux-kvm-tools-4.15.0-1027_4.15.0-1027.27_amd64.deb d55254a39e6a1c332429ae15d2ba5c2a7036b9db0c625086b2856e174381dcb3 14556 linux-kvm_4.15.0-1027.27_amd64.buildinfo 7fb8224cfb9114c3b9d9bfdaf9327355831d4d1465ae2baef775f876ea6038bc 24108 linux-kvm_4.15.0-1027.27_amd64_translations.tar.gz fbdfb11ce587e699ddcd616b5da3656cba4f65d0e50ccc739e27fd28b9a4a461 5611396 linux-modules-4.15.0-1027-kvm_4.15.0-1027.27_amd64.deb 21db1cde5aa5f4ff8f53258d309428434946af6e931da9f2b1369c5e3fce2052 2668 linux-tools-4.15.0-1027-kvm_4.15.0-1027.27_amd64.deb Files: dca9c0f1c7f70195c02857a031b3ae3b 772812 devel optional linux-headers-4.15.0-1027-kvm_4.15.0-1027.27_amd64.deb 36b1f7a1371dd588066ecff013c59d69 9149924 devel optional linux-image-4.15.0-1027-kvm-dbgsym_4.15.0-1027.27_amd64.ddeb b77841eda5c57bba79e22a394954fb15 4279916 kernel optional linux-image-4.15.0-1027-kvm_4.15.0-1027.27_amd64.deb 9673be0366a076e172e4655288782a03 11003576 devel optional linux-kvm-headers-4.15.0-1027_4.15.0-1027.27_all.deb 5ad0046580668928935915ea8969bef6 4815760 debug optional linux-kvm-tools-4.15.0-1027-dbgsym_4.15.0-1027.27_amd64.ddeb f396a8b2a025c6f6de2a101915b006ff 1204376 devel optional linux-kvm-tools-4.15.0-1027_4.15.0-1027.27_amd64.deb 09f3a6997fb6f5b0a164f863a82ac6cc 14556 devel optional linux-kvm_4.15.0-1027.27_amd64.buildinfo df86aaec892c87629417e1b7cc820bf4 24108 raw-translations - linux-kvm_4.15.0-1027.27_amd64_translations.tar.gz 60e3d0e5efafcacf4f17b8644641b78d 5611396 kernel optional linux-modules-4.15.0-1027-kvm_4.15.0-1027.27_amd64.deb 18732f75b4bf1f2b5520ccc30de9c69b 2668 devel optional linux-tools-4.15.0-1027-kvm_4.15.0-1027.27_amd64.deb