diff options
author | Ben Hutchings <ben@decadent.org.uk> | 2019-08-25 16:28:11 +0100 |
---|---|---|
committer | Ben Hutchings <ben@decadent.org.uk> | 2019-08-25 16:28:11 +0100 |
commit | 1792dbebf135d089472a23a708a8c815e90f5895 (patch) | |
tree | bb5e939cad1afc9bdd32a8d66c3f9c8beef6a0ae /debian/changelog.old | |
parent | 97567cd15a056988766b561327604ace6408a76e (diff) | |
download | kernel_replicant_linux-1792dbebf135d089472a23a708a8c815e90f5895.tar.gz kernel_replicant_linux-1792dbebf135d089472a23a708a8c815e90f5895.tar.bz2 kernel_replicant_linux-1792dbebf135d089472a23a708a8c815e90f5895.zip |
debian/changelog: Move older entries to changelog.old
Diffstat (limited to 'debian/changelog.old')
-rw-r--r-- | debian/changelog.old | 12946 |
1 files changed, 12946 insertions, 0 deletions
diff --git a/debian/changelog.old b/debian/changelog.old index 3e92709af2c3..7957b8ef1afb 100644 --- a/debian/changelog.old +++ b/debian/changelog.old @@ -1,3 +1,12949 @@ +linux (4.19.37-5) unstable; urgency=medium + + [ Romain Perier ] + * [sparc64] Fix device naming inconsistency between sunhv_console and + sunhv_reg (Closes: #926539) + + [ Ben Hutchings ] + * tcp: Avoid ABI change for DoS fixes (Closes: #930743) + * Add ABI reference for 4.19.0-5 + + -- Ben Hutchings <ben@decadent.org.uk> Wed, 19 Jun 2019 23:16:58 +0100 + +linux (4.19.37-4) unstable; urgency=high + + [ Ben Hutchings ] + * libbpf: Fix various build bugs: + - Drop unnecessary changes from "libbpf: add SONAME to shared object" + - libbpf: Use only 2 components in soversion, matching package name + (Closes: #929187) + - libbpf: Build out-of-tree + * README.source: Document the various makefiles and use of out-of-tree builds + * [x86] lockdown,sysrq: Enable ALLOW_LOCKDOWN_LIFT_BY_SYSRQ (Closes: #929583) + * mwifiex: Fix possible buffer overflows at parsing bss descriptor + (CVE-2019-3846) + * mwifiex: Abort at too short BSS descriptor element + * mwifiex: Don't abort on small, spec-compliant vendor IEs + * mm/mincore.c: make mincore() more conservative (CVE-2019-5489) + * mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies() + (CVE-2019-10126) + * tcp: limit payload size of sacked skbs (CVE-2019-11477) + * tcp: tcp_fragment() should apply sane memory limits (CVE-2019-11478) + * tcp: add tcp_min_snd_mss sysctl (CVE-2019-11479) + * tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() + + [ Romain Perier ] + * [rt] Update to 4.19.37-rt20: + - powerpc/pseries/iommu: Use a locallock instead local_irq_save() + - powerpc: reshuffle TIF bits + - tty/sysrq: Convert show_lock to raw_spinlock_t + - drm/i915: Don't disable interrupts independently of the lock + - sched/completion: Fix a lockup in wait_for_completion() + + [ Salvatore Bonaccorso ] + * brcmfmac: assure SSID length from firmware is limited (CVE-2019-9500) + * brcmfmac: add subtype check for event handling in data path + (CVE-2019-9503) + * ext4: zero out the unused memory region in the extent tree block + (CVE-2019-11833) + * Bluetooth: hidp: fix buffer overflow (CVE-2019-11884) + + [ Aurelien Jarno ] + * [mips] Correctly bounds check virt_addr_valid (Closes: #929366) + + [ John Paul Adrian Glaubitz ] + * [sparc64] udeb: Disable suffix for kernel-image + + [ Alper Nebi Yasak ] + * udeb: input-modules: Include all keyboard driver modules + * [arm64] udeb: kernel-image: Include cros_ec_spi and SPI drivers + * [arm64] udeb: kernel-image: Include phy-rockchip-pcie + * [arm64] udeb: usb-modules: Include phy-rockchip-typec, extcon-usbc-cros-ec + * [arm64] udeb: mmc-modules: Include phy-rockchip-emmc + * [arm64] udeb: fb-modules: Include rockchipdrm, panel-simple, pwm_bl and + pwm-cros-ec + + -- Ben Hutchings <ben@decadent.org.uk> Mon, 17 Jun 2019 20:00:22 +0100 + +linux (4.19.37-3) unstable; urgency=medium + + * [powerpc*] 64s: Include cpu header (fixes FTBFS) + + -- Ben Hutchings <ben@decadent.org.uk> Wed, 15 May 2019 23:07:16 +0100 + +linux (4.19.37-2) unstable; urgency=high + + * debian/bin: Fix Python static checker regressions (Closes: #928618) + * Clean up speculation mitigations: + - Documentation/l1tf: Fix small spelling typo + - x86/cpu: Sanitize FAM6_ATOM naming + - kvm: x86: Report STIBP on GET_SUPPORTED_CPUID + - x86/msr-index: Cleanup bit defines + - x86/speculation: Consolidate CPU whitelists + - Documentation: Move L1TF to separate directory + - cpu/speculation: Add 'mitigations=' cmdline option + - x86/speculation: Support 'mitigations=' cmdline option + - powerpc/speculation: Support 'mitigations=' cmdline option + - s390/speculation: Support 'mitigations=' cmdline option + - x86/speculation/mds: Add 'mitigations=' support for MDS + * [x86] Mitigate Microarchitectural Data Sampling (MDS) vulnerabilities + (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091): + - x86/speculation/mds: Add basic bug infrastructure for MDS + - x86/speculation/mds: Add BUG_MSBDS_ONLY + - x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests + - x86/speculation/mds: Add mds_clear_cpu_buffers() + - x86/speculation/mds: Clear CPU buffers on exit to user + - x86/kvm/vmx: Add MDS protection when L1D Flush is not active + - x86/speculation/mds: Conditionally clear CPU buffers on idle entry + - x86/speculation/mds: Add mitigation control for MDS + - x86/speculation/mds: Add sysfs reporting for MDS + - x86/speculation/mds: Add mitigation mode VMWERV + - Documentation: Add MDS vulnerability documentation + - x86/speculation/mds: Add mds=full,nosmt cmdline option + - x86/speculation: Move arch_smt_update() call to after mitigation decisions + - x86/speculation/mds: Add SMT warning message + - x86/speculation/mds: Fix comment + - x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off + - x86/mds: Add MDSUM variant to the MDS documentation + - Documentation: Correct the possible MDS sysfs values + - x86/speculation/mds: Fix documentation typo + * [x86] linux-cpupower: Update CPPFLAGS for change in <asm/msr-index.h> + + -- Ben Hutchings <ben@decadent.org.uk> Tue, 14 May 2019 17:34:37 +0100 + +linux (4.19.37-1) unstable; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.29 + - media: uvcvideo: Fix 'type' check leading to overflow + - vti4: Fix a ipip packet processing bug in 'IPCOMP' virtual tunnel + - perf script: Fix crash with printing mixed trace point and other events + - perf core: Fix perf_proc_update_handler() bug + - perf tools: Handle TOPOLOGY headers with no CPU + - perf script: Fix crash when processing recorded stat data + - IB/{hfi1, qib}: Fix WC.byte_len calculation for UD_SEND_WITH_IMM + - [amd64] iommu/amd: Call free_iova_fast with pfn in map_sg + - [amd64] iommu/amd: Unmap all mapped pages in error path of map_sg + - [riscv64] fixup max_low_pfn with PFN_DOWN. + - ipvs: Fix signed integer overflow when setsockopt timeout + - [amd64] iommu/amd: Fix IOMMU page flush when detach device from a domain + - [armhf] clk: ti: Fix error handling in ti_clk_parse_divider_data() + - [arm64] clk: qcom: gcc: Use active only source for CPUSS clocks + - [riscv64] Adjust mmap base address at a third of task size + - IB/ipoib: Fix for use-after-free in ipoib_cm_tx_start + - iomap: get/put the page in iomap_page_create/release() + - iomap: fix a use after free in iomap_dio_rw + - [arm64] net: hns: Fix for missing of_node_put() after of_parse_phandle() + - [arm64] net: hns: Restart autoneg need return failed when autoneg off + - [arm64] net: hns: Fix wrong read accesses via Clause 45 MDIO protocol + - [armhf,arm64] net: stmmac: dwmac-rk: fix error handling in + rk_gmac_powerup() + - netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are + present + - nfs: Fix NULL pointer dereference of dev_name + - qed: Fix bug in tx promiscuous mode settings + - qed: Fix LACP pdu drops for VFs + - qed: Fix VF probe failure while FLR + - qed: Fix system crash in ll2 xmit + - qed: Fix stack out of bounds bug + - scsi: libfc: free skb when receiving invalid flogi resp + - scsi: scsi_debug: fix write_same with virtual_gb problem + - scsi: bnx2fc: Fix error handling in probe() + - scsi: 53c700: pass correct "dev" to dma_alloc_attrs() + - net: macb: Apply RXUBR workaround only to versions with errata + - [amd64] boot/compressed/64: Set EFER.LME=1 in 32-bit trampoline before + returning to long mode + - cifs: fix computation for MAX_SMB2_HDR_SIZE + - [x86] microcode/amd: Don't falsely trick the late loading mechanism + - [arm64] kprobe: Always blacklist the KVM world-switch code + - apparmor: Fix aa_label_build() error handling for failed merges + - [x86] kexec: Don't setup EFI info if EFI runtime is not enabled + - proc: fix /proc/net/* after setns(2) + - mm, memory_hotplug: is_mem_section_removable do not pass the end of a zone + - mm, memory_hotplug: test_pages_in_a_zone do not pass the end of zone + - fs/drop_caches.c: avoid softlockups in drop_pagecache_sb() + - autofs: drop dentry reference only when it is never used + - autofs: fix error return in autofs_fill_super() + - mm, memory_hotplug: fix off-by-one in is_pageblock_removable + - [armhf] OMAP: dts: N950/N9: fix onenand timings + - [armhf] dts: omap4-droid4: Fix typo in cpcap IRQ flags + - [armhf] dts: sun8i: h3: Add ethernet0 alias to Beelink X2 + - [arm64] dts: meson: Fix IRQ trigger type for macirq + - [arm64] dts: meson8b: odroidc1: mark the SD card detection GPIO + active-low + - [arm64] dts: meson8m2: mxiii-plus: mark the SD card detection GPIO + active-low + - [arm64] dts: imx6sx: correct backward compatible of gpt + - [armhf] pinctrl: mcp23s08: spi: Fix regmap allocation for mcp23s18 + - wlcore: sdio: Fixup power on/off sequence + - bpf: sock recvbuff must be limited by rmem_max in bpf_setsockopt() + - [arm64] dts: add msm8996 compatible to gicv3 + - batman-adv: release station info tidstats + - [armhf,arm64] irqchip/gic-v4: Fix occasional VLPI drop + - [armhf,arm64] irqchip/gic-v3-its: Gracefully fail on LPI exhaustion + - drm/amdgpu: Add missing power attribute to APU check + - drm/radeon: check if device is root before getting pci speed caps + - drm/amdgpu: Transfer fences to dmabuf importer + - [armhf,arm64] net: stmmac: Fallback to Platform Data clock in Watchdog + conversion + - [armhf,arm64] net: stmmac: Disable EEE mode earlier in XMIT callback + - [armhf,arm64] irqchip/gic-v3-its: Fix ITT_entry_size accessor + - relay: check return of create_buf_file() properly + - bpf: fix potential deadlock in bpf_prog_register + - bpf: Fix syscall's stackmap lookup potential deadlock + - [armhf,arm64] drm/sun4i: tcon: Prepare and enable TCON channel 0 clock at + init + - vsock/virtio: fix kernel panic after device hot-unplug + - vsock/virtio: reset connected sockets on device removal + - netfilter: nf_nat: skip nat clash resolution for same-origin entries + - [s390x] qeth: release cmd buffer in error paths + - [s390x] qeth: fix use-after-free in error path + - [s390x] qeth: cancel close_dev work before removing a card + - perf symbols: Filter out hidden symbols from labels + - perf trace: Support multiple "vfs_getname" probes + - [mips*] Remove function size check in get_frame_info() + - Revert "scsi: libfc: Add WARN_ON() when deleting rports" + - [armhf] i2c: omap: Use noirq system sleep pm ops to idle device for + suspend + - drm/amdgpu: use spin_lock_irqsave to protect vm_manager.pasid_idr + - nvme: lock NS list changes while handling command effects + - nvme-pci: fix rapid add remove sequence + - fs: ratelimit __find_get_block_slow() failure message. + - qed: Fix EQ full firmware assert. + - qed: Consider TX tcs while deriving the max num_queues for PF. + - qede: Fix system crash on configuring channels. + - blk-iolatency: fix IO hang due to negative inflight counter + - nvme-pci: add missing unlock for reset error + - Input: wacom_serial4 - add support for Wacom ArtPad II tablet + - Input: elan_i2c - add id for touchpad found in Lenovo s21e-20 + - [x86] iscsi_ibft: Fix missing break in switch statement + - scsi: aacraid: Fix missing break in switch statement + - [x86] PCI: Fixup RTIT_BAR of Intel Denverton Trace Hub + - [arm64] dts: zcu100-revC: Give wifi some time after power-on + - [arm64] dts: hikey: Give wifi some time after power-on + - [arm64] dts: hikey: Revert "Enable HS200 mode on eMMC" + - [armhf] dts: exynos: Fix pinctrl definition for eMMC RTSN line on Odroid + X2/U3 + - [armhf] dts: exynos: Add minimal clkout parameters to Exynos3250 PMU + - [armhf] dts: exynos: Fix max voltage for buck8 regulator on Odroid + XU3/XU4 + - drm: disable uncached DMA optimization for ARM and arm64 + (Closes: #923723) + - netfilter: xt_TEE: fix wrong interface selection + - netfilter: xt_TEE: add missing code to get interface index in checkentry. + - gfs2: Fix missed wakeups in find_insert_glock + - cifs: allow calling SMB2_xxx_free(NULL) (Closes: #919290) + - ath9k: Avoid OF no-EEPROM quirks without qca,no-eeprom + - driver core: Postpone DMA tear-down until after devres release + - [x86] perf/intel: Make cpuc allocations consistent + - [x86] perf/intel: Generalize dynamic constraint creation + - [x86] Add TSX Force Abort CPUID/MSR + - [x86] perf/intel: Implement support for TSX Force Abort + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.30 + - connector: fix unsafe usage of ->real_parent + - gro_cells: make sure device is up in gro_cells_receive() + - ipv4/route: fail early when inet dev is missing + - l2tp: fix infoleak in l2tp_ip6_recvmsg() + - lan743x: Fix RX Kernel Panic + - lan743x: Fix TX Stall Issue + - net: sit: fix UBSAN Undefined behaviour in check_6rd + - net/x25: fix use-after-free in x25_device_event() + - net/x25: reset state in x25_connect() + - pptp: dst_release sk_dst_cache in pptp_sock_destruct + - route: set the deleted fnhe fnhe_daddr to 0 in ip_del_fnhe to fix a race + - rxrpc: Fix client call queueing, waiting for channel + - sctp: remove sched init from sctp_stream_init + - tcp: do not report TCP_CM_INQ of 0 for closed connections + - tcp: Don't access TCP_SKB_CB before initializing it + - tcp: handle inet_csk_reqsk_queue_add() failures + - vxlan: Fix GRO cells race condition between receive and link delete + - vxlan: test dev->flags & IFF_UP before calling gro_cells_receive() + - net/mlx4_core: Fix reset flow when in command polling mode + - net/mlx4_core: Fix locking in SRIOV mode when switching between events + and polling + - net/mlx4_core: Fix qp mtt size calculation + - net/x25: fix a race in x25_bind() + - mdio_bus: Fix use-after-free on device_register fails + - net: Set rtm_table to RT_TABLE_COMPAT for ipv6 for tables > 255 + - ipv6: route: purge exception on removal + - team: use operstate consistently for linkup + - ipvlan: disallow userns cap_net_admin to change global mode/flags + - ipv6: route: enforce RCU protection in rt6_update_exception_stamp_rt() + - ipv6: route: enforce RCU protection in ip6_route_check_nh_onlink() + - bonding: fix PACKET_ORIGDEV regression + - net/smc: fix smc_poll in SMC_INIT state + - af_unix: missing barriers in some of unix_sock ->addr and ->path accesses + - net: sched: flower: insert new filter to idr after setting its mask + - f2fs: wait on atomic writes to count F2FS_CP_WB_DATA + - ALSA: bebob: use more identical mod_alias for Saffire Pro 10 I/O against + Liquid Saffire 56 + - ALSA: firewire-motu: fix construction of PCM frame for capture direction + - [x86] ALSA: hda: Extend i915 component bind timeout + - [x86] ALSA: hda - add more quirks for HP Z2 G4 and HP Z240 + - ALSA: hda/realtek: Enable audio jacks of ASUS UX362FA with ALC294 + - ALSA: hda/realtek - Reduce click noise on Dell Precision 5820 headphone + - ALSA: hda/realtek: Enable headset MIC of Acer TravelMate X514-51T with + ALC255 + - [x86] perf/intel: Fix memory corruption + - [x86] perf/intel: Make dev_attr_allow_tsx_force_abort static + - md: It's wrong to add len to sector_nr in raid10 reshape twice + - drm: Block fb changes for async plane updates + - i40e: report correct statistics when XDP is enabled + - vhost/vsock: fix vhost vsock cid hashing inconsistent + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.31 + - media: videobuf2-v4l2: drop WARN_ON in vb2_warn_zero_bytesused() + - 9p: use inode->i_lock to protect i_size_write() under 32-bit + - 9p/net: fix memory leak in p9_client_create + - [armhf] iio: adc: exynos-adc: Fix NULL pointer exception on unbind + - [x86] mei: hbm: clean the feature flags on link reset + - [x86] mei: bus: move hw module get/put to probe/release + - crypto: cfb - add missing 'chunksize' property + - crypto: cfb - remove bogus memcpy() with src == dest + - crypto: ahash - fix another early termination in hash walk + - [armhf] drm/imx: ignore plane updates on disabled crtcs + - [armhf] drm/imx: imx-ldb: add missing of_node_puts + - [x86] ASoC: rt5682: Correct the setting while select ASRC clk for AD/DA + filter + - [armhf] clocksource: timer-ti-dm: Fix pwm dmtimer usage of fck + reparenting + - [armhf,arm64] KVM: vgic: Make vgic_dist->lpi_list_lock a raw_spinlock + - [arm64] dts: rockchip: fix graph_port warning on rk3399 bob kevin and + excavator + - [s390x] dasd: fix using offset into zero size array error + - Input: pwm-vibra - prevent unbalanced regulator + - Input: pwm-vibra - stop regulator after disabling pwm, not before + - [armhf] dts: Configure clock parent for pwm vibra + - [armhf] OMAP2+: Variable "reg" in function omap4_dsi_mux_pads() could be + uninitialized + - ASoC: dapm: fix out-of-bounds accesses to DAPM lookup tables + - [armhf,arm64] KVM: Reset the VCPU without preemption and vcpu state + loaded + - [armhf,arm64] KVM: Allow a VCPU to fully reset itself + - [armhf,arm64] KVM: Don't panic on failure to properly reset system + registers + - [armhf,arm64] KVM: vgic: Always initialize the group of private IRQs + - [arm64] KVM: Forbid kprobing of the VHE world-switch code + - [armhf] OMAP2+: fix lack of timer interrupts on CPU1 after hotplug + - mac80211: call drv_ibss_join() on restart + - mac80211: Fix Tx aggregation session tear down with ITXQs + - netfilter: compat: initialize all fields in xt_init + - blk-mq: insert rq with DONTPREP to hctx dispatch list when requeue + - ipvs: fix dependency on nf_defrag_ipv6 + - floppy: check_events callback should not return a negative number + - xprtrdma: Make sure Send CQ is allocated on an existing compvec + - NFS: Don't use page_file_mapping after removing the page + - mm/gup: fix gup_pmd_range() for dax + - Revert "mm: use early_pfn_to_nid in page_ext_init" + - scsi: qla2xxx: Fix panic from use after free in qla2x00_async_tm_cmd + - [armhf] net: dsa: bcm_sf2: potential array overflow in + bcm_sf2_sw_suspend() + - [x86] CPU: Add Icelake model number + - mm: page_alloc: fix ref bias in page_frag_alloc() for 1-byte allocs + - [arm64] net: hns: Fix object reference leaks in hns_dsaf_roce_reset() + - [arm*] i2c: bcm2835: Clear current buffer pointers and counts after a + transfer + - [armhf] clk: sunxi-ng: v3s: Fix TCON reset de-assert bit + - kallsyms: Handle too long symbols in kallsyms.c + - [armhf] clk: sunxi: A31: Fix wrong AHB gate number + - esp: Skip TX bytes accounting when sending from a request socket + - [armhf] 8824/1: fix a migrating irq bug when hotplug cpu + - bpf: only adjust gso_size on bytestream protocols + - bpf: fix lockdep false positive in stackmap + - af_key: unconditionally clone on broadcast + - [armhf] 8835/1: dma-mapping: Clear DMA ops on teardown + - assoc_array: Fix shortcut creation + - keys: Fix dependency loop between construction record and auth key + - scsi: libiscsi: Fix race between iscsi_xmit_task and iscsi_complete_task + - [armhf] net: dsa: bcm_sf2: Do not assume DSA master supports WoL + - [arm64] pinctrl: meson: meson8b: fix the sdxc_a data 1..3 pins + - qmi_wwan: apply SET_DTR quirk to Sierra WP7607 + - net: mv643xx_eth: disable clk on error path in mv643xx_eth_shared_probe() + - xfrm: Fix inbound traffic via XFRM interfaces across network namespaces + - ASoC: topology: free created components in tplg load error + - qed: Fix iWARP buffer size provided for syn packet processing. + - qed: Fix iWARP syn packet mac address validation. + - [armhf] dts: armada-xp: fix Armada XP boards NAND description + - [arm64] Relax GIC version check during early boot + - [armhf] tegra: Restore DT ABI on Tegra124 Chromebooks + - [armhf,arm64] net: marvell: mvneta: fix DMA debug warning + - mm: handle lru_add_drain_all for UP properly + - tmpfs: fix link accounting when a tmpfile is linked in + - ixgbe: fix older devices that do not support IXGBE_MRQC_L3L4TXSWEN + - phonet: fix building with clang + - mac80211_hwsim: propagate genlmsg_reply return code + - bpf, lpm: fix lookup bug in map_delete_elem + - [arm64] net: thunderx: make CFG_DONE message to run through generic + send-ack sequence + - [arm64] net: thunderx: add nicvf_send_msg_to_pf result check for + set_rx_mode_task + - nfp: bpf: fix code-gen bug on BPF_ALU | BPF_XOR | BPF_K + - nfp: bpf: fix ALU32 high bits clearance bug + - bnxt_en: Fix typo in firmware message timeout logic. + - bnxt_en: Wait longer for the firmware message response to complete. + - net: set static variable an initial value in atl2_probe() + - tmpfs: fix uninitialized return value in shmem_link + - stm class: Prevent division by zero + - nfit: acpi_nfit_ctl(): Check out_obj->type in the right place + - acpi/nfit: Fix bus command validation + - nfit/ars: Attempt a short-ARS whenever the ARS state is idle at boot + - nfit/ars: Attempt short-ARS even in the no_init_ars case + - [amd64] libnvdimm/label: Clear 'updating' flag after label-set update + - [amd64] libnvdimm, pfn: Fix over-trim in trim_pfn_device() + - [amd64] libnvdimm/pmem: Honor force_raw for legacy pmem regions + - [amd64] libnvdimm: Fix altmap reservation size calculation + - cgroupfs: fix cgroup_do_mount() handling of failure exits + - crypto: aead - set CRYPTO_TFM_NEED_KEY if ->setkey() fails + - crypto: aegis - fix handling chunked inputs + - [arm64] crypto: aes-neonbs - fix returning final keystream block + - crypto: hash - set CRYPTO_TFM_NEED_KEY if ->setkey() fails + - crypto: morus - fix handling chunked inputs + - crypto: pcbc - remove bogus memcpy()s with src == dest + - crypto: skcipher - set CRYPTO_TFM_NEED_KEY if ->setkey() fails + - crypto: testmgr - skip crc32c context test for ahash algorithms + - [x86] crypto: aegis - fix handling chunked inputs and MAY_SLEEP + - [x86] crypto: aesni-gcm - fix crash on empty plaintext + - [x86] crypto: morus - fix handling chunked inputs and MAY_SLEEP + - [arm64] crypto: aes-ccm - fix logical bug in AAD MAC handling + - [arm64] crypto: aes-ccm - fix bugs in non-NEON fallback routine + - CIFS: Do not reset lease state to NONE on lease break + - CIFS: Do not skip SMB2 message IDs on send failures + - CIFS: Fix read after write for files with read caching + - tracing: Use strncpy instead of memcpy for string keys in hist triggers + - tracing: Do not free iter->trace in fail path of tracing_open_pipe() + - tracing/perf: Use strndup_user() instead of buggy open-coded version + - xen: fix dom0 boot on huge systems + - ACPI / device_sysfs: Avoid OF modalias creation for removed device + - [armhf] mmc: sdhci-esdhc-imx: fix HS400 timing issue + - mmc:fix a bug when max_discard is 0 + - netfilter: ipt_CLUSTERIP: fix warning unused variable cn + - [armhf] spi: ti-qspi: Fix mmap read when more than one CS in use + - [amd64] spi: pxa2xx: Setup maximum supported DMA transfer length + - [armhf] regulator: s2mps11: Fix steps for buck7, buck8 and LDO35 + - [arm64] regulator: max77620: Initialize values for DT properties + - [armhf] regulator: s2mpa01: Fix step values for some LDOs + - [armhf] clocksource/drivers/exynos_mct: Move one-shot check from tick + clear to ISR + - [armhf] clocksource/drivers/exynos_mct: Clear timer interrupt when + shutdown + - [arm64] clocksource/drivers/arch_timer: Workaround for Allwinner A64 + timer instability (Closes: #928457) + - [s390x] setup: fix early warning messages + - [s390x] virtio: handle find on invalid queue gracefully + - scsi: virtio_scsi: don't send sc payload with tmfs + - scsi: aacraid: Fix performance issue on logical drives + - scsi: sd: Optimal I/O size should be a multiple of physical block size + - scsi: target/iscsi: Avoid iscsit_release_commands_from_conn() deadlock + - scsi: qla2xxx: Fix LUN discovery if loop id is not assigned yet by + firmware + - fs/devpts: always delete dcache dentry-s in dput() + - splice: don't merge into linked buffers + - ovl: During copy up, first copy up data and then xattrs + - ovl: Do not lose security.capability xattr over metadata file copy-up + - Btrfs: setup a nofs context for memory allocation at btrfs_create_tree() + - Btrfs: setup a nofs context for memory allocation at __btrfs_set_acl + - btrfs: ensure that a DUP or RAID1 block group has exactly two stripes + - Btrfs: fix corruption reading shared and compressed extents after hole + punching + - libertas_tf: don't set URB_ZERO_PACKET on IN USB transfer + - [armhf,arm64] irqchip/gic-v3-its: Avoid parsing _indirect_ twice for + Device table + - [x86] kprobes: Prohibit probing on optprobe template code + - [armhf,arm64] cpufreq: tegra124: add missing of_node_put() + - ext4: fix check of inode in swap_inode_boot_loader + - ext4: cleanup pagecache before swap i_data + - ext4: update quota information while swapping boot loader inode + - ext4: add mask of ext4 flags to swap + - ext4: fix crash during online resizing + - PCI/ASPM: Use LTR if already enabled by platform + - PCI/DPC: Fix print AER status in DPC event handling + - [armhf,arm64] PCI: dwc: skip MSI init if MSIs have been explicitly + disabled + - IB/hfi1: Close race condition on user context disable and close + - [armhf] clk: clk-twl6040: Fix imprecise external abort for pdmclk + - [armhf] clk: samsung: exynos5: Fix possible NULL pointer exception on + platform_device_alloc() failure + - [armhf] clk: samsung: exynos5: Fix kfree() of const memory on setting + driver_override + - [armhf,arm64] usb: chipidea: tegra: Fix missed ci_hdrc_remove_device() + - [x86] usb: typec: tps6598x: handle block writes separately with plain-I2C + adapters + - mm: hwpoison: fix thp split handing in soft_offline_in_use_page() + - mm/vmalloc: fix size check for remap_vmalloc_range_partial() + - mm/memory.c: do_fault: avoid usage of stale vm_area_struct + - kernel/sysctl.c: add missing range check in do_proc_dointvec_minmax_conv + - device property: Fix the length used in PROPERTY_ENTRY_STRING() + - [x86] intel_th: Don't reference unassigned outputs + - parport_pc: fix find_superio io compare code, should use equal test. + - [armhf,arm64] i2c: tegra: fix maximum transfer size + - [armhf,arm64] gpio: pca953x: Fix dereference of irq data in shutdown + - [armhf] can: flexcan: FLEXCAN_IFLAG_MB: add () around macro argument + - [x86] drm/i915: Relax mmap VMA check + - bpf: only test gso type on gso packets + - [arm64] serial: uartps: Fix stuck ISR if RX disabled with non-empty FIFO + - serial: 8250_of: assume reg-shift of 2 for mrvl,mmp-uart + - serial: 8250_pci: Fix number of ports for ACCES serial cards + - serial: 8250_pci: Have ACCES cards that use the four port Pericom + PI7C9X7954 chip use the pci_pericom_setup() + - jbd2: clear dirty flag when revoking a buffer from an older transaction + - jbd2: fix compile warning when using JBUFFER_TRACE + - selinux: add the missing walk_size + len check in + selinux_sctp_bind_connect + - security/selinux: fix SECURITY_LSM_NATIVE_LABELS on reused superblock + - [powerpc*] powerpc/32: Clear on-stack exception marker upon exception + return + - [powerpc*] powernv: Make opal log only readable by root + - [powerpc*] powernv: Don't reprogram SLW image on every KVM guest + entry/exit + - [powerpc*] Fix 32-bit KVM-PR lockup and host crash with MacOS guest + - [powerpc*] ptrace: Simplify vr_get/set() to avoid GCC warning + - [powerpc*] hugetlb: Don't do runtime allocation of 16G pages in LPAR + configuration + - [powerpc*] traps: fix recoverability of machine check handling on + book3s/32 + - [powerpc*] traps: Fix the message printed when stack overflows + - [arm64] Fix HCR.TGE status for NMI contexts + - [arm64] debug: Ensure debug handlers check triggering exception level + - [arm64] KVM: Fix architecturally invalid reset value for FPEXC32_EL2 + - ipmi_si: fix use-after-free of resource->name + - dm: fix to_sector() for 32bit + - dm integrity: limit the rate of error messages + - mfd: sm501: Fix potential NULL pointer dereference + - NFS: Fix I/O request leakages + - NFS: Fix an I/O request leakage in nfs_do_recoalesce + - NFS: Don't recoalesce on error in nfs_pageio_complete_mirror() + - nfsd: fix performance-limiting session calculation + - nfsd: fix memory corruption caused by readdir + - nfsd: fix wrong check in write_v4_end_grace() + - NFSv4.1: Reinitialise sequence results before retransmitting a request + - svcrpc: fix UDP on servers with lots of threads + - PM / wakeup: Rework wakeup source timer cancellation + - bcache: never writeback a discard operation + - vt: perform safe console erase in the right order + - [x86] unwind/orc: Fix ORC unwind table alignment + - [x86] perf intel-pt: Fix CYC timestamp calculation after OVF + - perf tools: Fix split_kallsyms_for_kcore() for trampoline symbols + - perf auxtrace: Define auxtrace record alignment + - [x86] perf intel-pt: Fix overlap calculation for padding + - [x86] perf/intel/uncore: Fix client IMC events return huge result + - [x86] perf intel-pt: Fix divide by zero when TSC is not available + - md: Fix failed allocation of md_register_thread + - [x86] tpm/tpm_crb: Avoid unaligned reads in crb_recv() + - tpm: Unify the send callback behaviour + - rcu: Do RCU GP kthread self-wakeup from softirq and interrupt + - media: lgdt330x: fix lock status reporting + - media: uvcvideo: Avoid NULL pointer dereference at the end of streaming + - drm/fb-helper: generic: Fix drm_fbdev_client_restore() + - drm/radeon/evergreen_cs: fix missing break in switch statement + - drm/amd/powerplay: correct power reading on fiji + - drm/amd/display: don't call dm_pp_ function from an fpu block + - KVM: Call kvm_arch_memslots_updated() before updating memslots + - [x86] KVM: mmu: Detect MMIO generation wrap in any address space + - [x86] KVM: mmu: Do not cache MMIO accesses while memslots are in flux + - [x86] KVM: nVMX: Sign extend displacements of VMX instr's mem operands + - [x86] KVM: nVMX: Apply addr size mask to effective address for VMX + instructions + - [x86] KVM: nVMX: Ignore limit checks on VMX instructions using flat + segments + - bcache: use (REQ_META|REQ_PRIO) to indicate bio for metadata + - [s390x] setup: fix boot crash for machine without EDAT-1 + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.32 + - [x86] ALSA: hda - add Lenovo IdeaCentre B550 to the power_save_blacklist + - ALSA: firewire-motu: use 'version' field of unit directory to identify + model + - [x86] drm/vmwgfx: Don't double-free the mode stored in par->set_mode + - [x86] drm/vmwgfx: Return 0 when gmrid::get_node runs out of ID's + - [amd64] iommu/amd: fix sg->dma_address for sg->offset bigger than + PAGE_SIZE + - libceph: wait for latest osdmap in ceph_monc_blacklist_add() + - udf: Fix crash on IO error during truncate + - [mips64*/loongson-3] lemote-2f: Add IRQF_NO_SUSPEND to "cascade" + irqaction. + - [mips*] Ensure ELF appended dtb is relocated + - [mips*r6] Fix kernel crash for R6 in jump label branch function + - [powerpc*] vdso64: Fix CLOCK_MONOTONIC inconsistencies across Y2038 + - [powerpc*] scsi: ibmvscsi: Protect ibmvscsi_head from concurrent + modificaiton + - [powerpc*] scsi: ibmvscsi: Fix empty event pool access during host + removal + - futex: Ensure that futex address is aligned in handle_futex_death() + - cifs: allow guest mounts to work for smb3.11 + - perf probe: Fix getting the kernel map + - [x86] objtool: Move objtool_file struct off the stack + - [armhf,arm64] irqchip/gic-v3-its: Fix comparison logic in lpi_range_cmp + - SMB3: Fix SMB3.1.1 guest mounts to Samba + - [x86] ALSA: Fix runtime PM for hdmi-lpe-audio + - ALSA: hda/ca0132 - make pci_iounmap() call conditional + - ALSA: ac97: Fix of-node refcount unbalance + - ext4: fix NULL pointer dereference while journal is aborted + - ext4: fix data corruption caused by unaligned direct AIO + - ext4: brelse all indirect buffer in ext4_ind_remove_space() + - media: v4l2-ctrls.c/uvc: zero v4l2_event + - Bluetooth: hci_uart: Check if socket buffer is ERR_PTR in h4_recv_buf() + - Bluetooth: Fix decrementing reference count twice in releasing socket + - Bluetooth: hci_ldisc: Initialize hci_dev before open() + - Bluetooth: hci_ldisc: Postpone HCI_UART_PROTO_READY bit set in + hci_uart_set_proto() + - drm: Reorder set_property_atomic to avoid returning with an active ww_ctx + - RDMA/cma: Rollback source IP address if failing to acquire device + - f2fs: fix to avoid deadlock of atomic file operations + - netfilter: ebtables: remove BUGPRINT messages + - loop: access lo_backing_file only when the loop device is Lo_bound + - [x86] unwind: Handle NULL pointer calls better in frame unwinder + - [x86] unwind: Add hardcoded ORC entry for NULL + - ALSA: hda - Record the current power state before suspend/resume calls + - ALSA: hda - Enforces runtime_resume after S3 and S4 for each codec + - power: supply: charger-manager: Fix incorrect return value + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.33 + - Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt + (CVE-2019-3460) + - Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer + (CVE-2019-3459) + - ipmi_si: Fix crash when using hard-coded device + - dccp: do not use ipv6 header for ipv4 flow + - genetlink: Fix a memory leak on error path + - ipv6: make ip6_create_rt_rcu return ip6_null_entry instead of NULL + - mac8390: Fix mmio access size probe + - mISDN: hfcpci: Test both vendor & device ID for Digium HFC4S + - net: aquantia: fix rx checksum offload for UDP/TCP over IPv6 + - net: datagram: fix unbounded loop in __skb_try_recv_datagram() + - net/packet: Set __GFP_NOWARN upon allocation in alloc_pg_vec + - [arm64] net: phy: meson-gxl: fix interrupt support + - net: rose: fix a possible stack overflow + - [armhf,arm64] net: stmmac: fix memory corruption with large MTUs + - net-sysfs: call dev_hold if kobject_init_and_add success + - packets: Always register packet sk in the same order + - rhashtable: Still do rehash when we get EEXIST + - sctp: get sctphdr by offset in sctp_compute_cksum + - sctp: use memdup_user instead of vmemdup_user + - tcp: do not use ipv6 header for ipv4 flow + - tipc: allow service ranges to be connect()'ed on RDM/DGRAM + - tipc: change to check tipc_own_id to return in tipc_net_stop + - tipc: fix cancellation of topology subscriptions + - tun: properly test for IFF_UP + - vrf: prevent adding upper devices + - vxlan: Don't call gro_cells_destroy() before device is unregistered + - ila: Fix rhashtable walker list corruption + - net: sched: fix cleanup NULL pointer exception in act_mirr + - [arm64] thunderx: enable page recycling for non-XDP case + - [arm64] thunderx: eliminate extra calls to put_page() for pages held for + recycling + - tun: add a missing rcu_read_unlock() in error path + - [powerpcspe] fsl: Add infrastructure to fixup branch predictor flush + - [powerpcspe] fsl: Add macro to flush the branch predictor + - [powerpcspe] fsl: Emulate SPRN_BUCSR register + - [powerpcspe] fsl: Add nospectre_v2 command line argument + - [powerpcspe] fsl: Flush the branch predictor at each kernel entry (32 bit) + - [powerpcspe] fsl: Enable runtime patching if nospectre_v2 boot arg is used + - [powerpcspe] fsl: Update Spectre v2 reporting + - [powerpcspe] fsl: Fixed warning: orphan section `__btb_flush_fixup' + - [powerpc*] security: Fix spectre_v2 reporting + - Btrfs: fix incorrect file size after shrinking truncate and fsync + - btrfs: remove WARN_ON in log_dir_items + - btrfs: don't report readahead errors and don't update statistics + - btrfs: raid56: properly unmap parity page in finish_parity_scrub() + - btrfs: Avoid possible qgroup_rsv_size overflow in + btrfs_calculate_inode_block_rsv_size + - Btrfs: fix assertion failure on fsync with NO_HOLES enabled + - [armhf] imx6q: cpuidle: fix bug that CPU might not wake up at expected + time + - [powerpc*] bpf: Fix generation of load/store DW instructions + - [s390x] vfio: ccw: only free cp on final interrupt + - NFS: fix mount/umount race in nlmclnt. + - NFSv4.1 don't free interrupted slot on open + - ALSA: rawmidi: Fix potential Spectre v1 vulnerability + - ALSA: seq: oss: Fix Spectre v1 vulnerability + - ALSA: pcm: Fix possible OOB access in PCM oss plugins + - ALSA: pcm: Don't suspend stream in unrecoverable PCM state + - [x86] ALSA: hda/realtek - Add support headset mode for DELL WYSE AIO + - [x86] ALSA: hda/realtek - Add support headset mode for New DELL WYSE NB + - [x86] ALSA: hda/realtek: Enable headset MIC of Acer AIO with ALC286 + - [x86] ALSA: hda/realtek: Enable headset MIC of Acer Aspire Z24-890 with + ALC286 + - [x86] ALSA: hda/realtek - Add support for Acer Aspire E5-523G/ES1-432 + headset mic + - [x86] ALSA: hda/realtek: Enable ASUS X441MB and X705FD headset MIC with + ALC256 + - [x86] ALSA: hda/realtek: Enable headset mic of ASUS P5440FF with ALC256 + - [x86] ALSA: hda/realtek: Enable headset MIC of ASUS X430UN and X512DK + with ALC256 + - [x86] ALSA: hda/realtek - Fix speakers on Acer Predator Helios 500 Ryzen + laptops + - kbuild: modversions: Fix relative CRC byte order interpretation + - fs/open.c: allow opening only regular files during execve() + - ocfs2: fix inode bh swapping mixup in ocfs2_reflink_inodes_lock + - scsi: sd: Fix a race between closing an sd device and sd I/O + - scsi: sd: Quiesce warning if device does not report optimal I/O size + - [s390x] scsi: zfcp: fix rport unblock if deleted SCSI devices on + Scsi_Host + - [s390x] scsi: zfcp: fix scsi_eh host reset with port_forced ERP for + non-NPIV FCP devices + - [armhf,arm64] drm/rockchip: vop: reset scale mode when win is disabled + - [x86] staging: comedi: ni_mio_common: Fix divide-by-zero for DIO cmdtest + - staging: speakup_soft: Fix alternate speech with other synths + - staging: vt6655: Remove vif check from vnt_interrupt + - staging: vt6655: Fix interrupt race condition on device start up. + - [arm64] serial: mvebu-uart: Fix to avoid a potential NULL pointer + dereference + - [sh4] serial: sh-sci: Fix setting SCSCR_TIE while transferring data + - USB: serial: cp210x: add new device id + - USB: serial: ftdi_sio: add additional NovaTech products + - USB: serial: mos7720: fix mos_parport refcount imbalance on error path + - USB: serial: option: set driver_info for SIM5218 and compatibles + - USB: serial: option: add support for Quectel EM12 + - USB: serial: option: add Olicard 600 + - fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links + - drm/vgem: fix use-after-free when drm_gem_handle_create() fails + - [x86] drm/i915/gvt: Fix MI_FLUSH_DW parsing with correct index check + - gpio: exar: add a check for the return value of ida_simple_get fails + - [armhf,arm64] phy: sun4i-usb: Support set_mode to USB_HOST for non-OTG + PHYs + - USB: gadget: f_hid: fix deadlock in f_hidg_write() + - usb: common: Consider only available nodes for dr_mode + - xhci: Fix port resume done detection for SS ports with LPM enabled + - usb: xhci: dbc: Don't free all memory with spinlock held + - xhci: Don't let USB3 ports stuck in polling state prevent suspend + - usb: cdc-acm: fix race during wakeup blocking TX traffic + - mm: add support for kmem caches in DMA32 zone + - [armhf,arm64] iommu/io-pgtable-arm-v7s: request DMA32 memory, and improve + debugging + - mm: mempolicy: make mbind() return -EIO when MPOL_MF_STRICT is specified + - mm/migrate.c: add missing flush_dcache_page for non-mapped page migrate + - perf pmu: Fix parser error for uncore event alias + - [x86] perf intel-pt: Fix TSC slip + - [x86] objtool: Query pkg-config for libelf location + - [powerpc*] pseries/energy: Use OF accessor functions to read + ibm,drc-indexes + - [powerpc*] powerpc/64: Fix memcmp reading past the end of src/dest + - watchdog: Respect watchdog cpumask on CPU hotplug + - cpu/hotplug: Prevent crash when CPU bringup fails on CONFIG_HOTPLUG_CPU=n + - KVM: Reject device ioctls from processes other than the VM's creator + - [x86] KVM: update %rip after emulating IO + - [x86] KVM: Emulate MSR_IA32_ARCH_CAPABILITIES on AMD hosts + - bpf: do not restore dst_reg when cur_state is freed + - [x86] platform: intel_cht_int33fe: Register all connections at once + - [x86] platform: intel_cht_int33fe: Add connection for the DP alt mode + - [x86] platform: intel_cht_int33fe: Add connections for the USB Type-C port + - usb: typec: class: Don't use port parent for getting mux handles + - [x86] platform: intel_cht_int33fe: Remove the old connections for the + muxes + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.34 + - [arm64] debug: Don't propagate UNKNOWN FAR into si_code for debug signals + - ext4: cleanup bh release code in ext4_ind_remove_space() + - CIFS: fix POSIX lock leak and invalid ptr deref + - f2fs: fix to adapt small inline xattr space in __find_inline_xattr() + - f2fs: fix to avoid deadlock in f2fs_read_inline_dir() + - tracing: kdb: Fix ftdump to not sleep + - net/mlx5: Avoid panic when setting vport rate + - net/mlx5: Avoid panic when setting vport mac, getting vport config + - [armhf] gpio: gpio-omap: fix level interrupt idling + - sysctl: handle overflow for file-max + - [armhf,arm64] net: stmmac: Avoid sometimes uninitialized Clang warnings + - enic: fix build warning without CONFIG_CPUMASK_OFFSTACK + - [arm64] scsi: hisi_sas: Set PHY linkrate when disconnected + - [arm64] scsi: hisi_sas: Fix a timeout race of driver internal and SMP IO + - iio: adc: fix warning in Qualcomm PM8xxx HK/XOADC driver + - [x86] hyperv: Fix kernel panic when kexec on HyperV + - perf c2c: Fix c2c report for empty numa node + - mm/sparse: fix a bad comparison + - mm/cma.c: cma_declare_contiguous: correct err handling + - mm/page_ext.c: fix an imbalance with kmemleak + - mm, swap: bounds check swap_info array accesses to avoid NULL derefs + - mm,oom: don't kill global init via memory.oom.group + - memcg: killed threads should not invoke memcg OOM killer + - mm, mempolicy: fix uninit memory access + - mm/vmalloc.c: fix kernel BUG at mm/vmalloc.c:512! + - mm/slab.c: kmemleak no scan alien caches + - ocfs2: fix a panic problem caused by o2cb_ctl + - f2fs: do not use mutex lock in atomic context + - fs/file.c: initialize init_files.resize_wait + - page_poison: play nicely with KASAN + - cifs: use correct format characters + - dm thin: add sanity checks to thin-pool and external snapshot creation + - f2fs: fix to check inline_xattr_size boundary correctly + - cifs: Accept validate negotiate if server return NT_STATUS_NOT_SUPPORTED + - cifs: Fix NULL pointer dereference of devname + - netfilter: nf_tables: check the result of dereferencing base_chain->stats + - netfilter: conntrack: tcp: only close if RST matches exact sequence + - jbd2: fix invalid descriptor block checksum + - fs: fix guard_bio_eod to check for real EOD errors + - tools lib traceevent: Fix buffer overflow in arg_eval + - PCI/PME: Fix hotplug/sysfs remove deadlock in pcie_pme_remove() + - wil6210: check null pointer in _wil_cfg80211_merge_extra_ies + - mt76: fix a leaked reference by adding a missing of_node_put + - [armhf,arm64] usb: chipidea: Grab the (legacy) USB PHY by phandle first + - [powerpc*] powernv/ioda: Fix locked_vm counting for memory used by IOMMU + tables + - scsi: core: replace GFP_ATOMIC with GFP_KERNEL in scsi_scan.c + - [powerpc*] xmon: Fix opcode being uninitialized in print_insn_powerpc + - [armhf,arm64] coresight: etm4x: Add support to enable ETMv4.2 + - [armhf] 8840/1: use a raw_spinlock_t in unwind + - [armhf,arm64] iommu/io-pgtable-arm-v7s: Only kmemleak_ignore L2 tables + - [powerpc*] hugetlb: Handle mmap_min_addr correctly in get_unmapped_area + callback + - btrfs: qgroup: Make qgroup async transaction commit more aggressive + - [armhf] mmc: omap: fix the maximum timeout setting + - [armhf.arm64] net: dsa: mv88e6xxx: Add lockdep classes to fix false + positive splat + - e1000e: Fix -Wformat-truncation warnings + - [x86] platform: ideapad-laptop: Fix no_hw_rfkill_list for Lenovo RESCUER + R720-15IKBN + - loop: set GENHD_FL_NO_PART_SCAN after blkdev_reread_part() + - IB/mlx4: Increase the timeout for CM cache + - clk: fractional-divider: check parent rate only if flag is set + - perf annotate: Fix getting source line failure + - [arm64] ASoC: qcom: Fix of-node refcount unbalance in qcom_snd_parse_of() + - cpufreq: acpi-cpufreq: Report if CPU doesn't support boost technologies + - efi: cper: Fix possible out-of-bounds access + - [s390x] ism: ignore some errors during deregistration + - scsi: megaraid_sas: return error when create DMA pool failed + - scsi: fcoe: make use of fip_mode enum complete + - drm/amd/display: Clear stream->mode_changed after commit + - [s390x] perf test: Fix failure of 'evsel-tp-sched' test on s390 + - mwifiex: don't advertise IBSS features without FW support + - perf report: Don't shadow inlined symbol with different addr range + - [armhf] SoC: imx-sgtl5000: add missing put_device() + - mt76: usb: do not run mt76u_queues_deinit twice + - xen/gntdev: Do not destroy context while dma-bufs are in use + - vfs: fix preadv64v2 and pwritev64v2 compat syscalls with offset == -1 + - [x86] HID: intel-ish-hid: avoid binding wrong ishtp_cl_device + - cgroup, rstat: Don't flush subtree root unless necessary + - jbd2: fix race when writing superblock + - [s390x] perf report: Add s390 diagnosic sampling descriptor size + - iwlwifi: pcie: fix emergency path + - ACPI / video: Refactor and fix dmi_is_desktop() + - kprobes: Prohibit probing on bsearch() + - kprobes: Prohibit probing on RCU debug routine + - netfilter: conntrack: fix cloned unconfirmed skb->_nfct race in + __nf_conntrack_confirm + - [armhf] 8833/1: Ensure that NEON code always compiles with Clang + - ALSA: PCM: check if ops are defined before suspending PCM + - ath10k: fix shadow register implementation for WCN3990 + - usb: f_fs: Avoid crash due to out-of-scope stack ptr access + - sched/topology: Fix percpu data types in struct sd_data & struct s_data + - bcache: fix input overflow to cache set sysfs file io_error_halflife + - bcache: fix input overflow to sequential_cutoff + - bcache: fix potential div-zero error of writeback_rate_i_term_inverse + - bcache: improve sysfs_strtoul_clamp() + - genirq: Avoid summation loops for /proc/stat + - [armhf,arm64] net: marvell: mvpp2: fix stuck in-band SGMII negotiation + - iw_cxgb4: fix srqidx leak during connection abort + - net: phy: consider latched link-down status in polling mode + - fbdev: fbmem: fix memory access if logo is bigger than the screen + - cdrom: Fix race condition in cdrom_sysctl_register + - drm: rcar-du: add missing of_node_put + - drm/amd/display: Don't re-program planes for DPMS changes + - drm/amd/display: Disconnect mpcc when changing tg + - perf/aux: Make perf_event accessible to setup_aux() + - e1000e: fix cyclic resets at link up with active tx + - e1000e: Exclude device from suspend direct complete optimization + - [x86] platform: intel_pmc_core: Fix PCH IP sts reading + - i2c: of: Try to find an I2C adapter matching the parent + - iwlwifi: mvm: fix RFH config command with >=10 CPUs + - sched/debug: Initialize sd_sysctl_cpus if !CONFIG_CPUMASK_OFFSTACK + - efi/memattr: Don't bail on zero VA if it equals the region's PA + - sched/core: Use READ_ONCE()/WRITE_ONCE() in move_queued_task()/ + task_rq_lock() + - drm/vkms: Bugfix extra vblank frame + - [armhf] dts: lpc32xx: Remove leading 0x and 0s from bindings notation + - [armhf,arm64] efi: Allow SetVirtualAddressMap() to be omitted + - [arm64] soc: qcom: gsbi: Fix error handling in gsbi_probe() + - mt7601u: bump supported EEPROM version + - [armhf] 8830/1: NOMMU: Toggle only bits in EXC_RETURN we are really care + of + - [armhf] avoid Cortex-A9 livelock on tight dmb loops + - block, bfq: fix in-service-queue check for queue merging + - [powerpc*] 64s: Clear on-stack exception marker upon exception return + - cgroup/pids: turn cgroup_subsys->free() into cgroup_subsys->release() to + fix the accounting + - [armhf,arm64] backlight: pwm_bl: Use gpiod_get_value_cansleep() to get + initial state + - tty: increase the default flip buffer limit to 2*640K + - [powerpc*] pseries: Perform full re-add of CPU for topology update + post-migration + - drm/amd/display: Enable vblank interrupt during CRC capture + - ALSA: dice: add support for Solid State Logic Duende Classic/Mini + - [armhf,arm64] usb: dwc3: gadget: Fix OTG events when gadget driver isn't + loaded + - [x86] platform: intel-hid: Missing power button release on some Dell + models + - perf script python: Use PyBytes for attr in trace-event-python + - perf script python: Add trace_context extension module to sys.modules + - hwrng: virtio - Avoid repeated init of completion + - [armhf,arm64] soc/tegra: fuse: Fix illegal free of IO base address + - [x86] HID: intel-ish: ipc: handle PIMR before ish_wakeup also clear PISR + busy_clear bit + - f2fs: UBSAN: set boolean value iostat_enable correctly + - hpet: Fix missing '=' character in the __setup() code of hpet_mmap_enable + - [armhf] dmaengine: imx-dma: fix warning comparison of distinct pointer + types + - [arm64] dmaengine: qcom_hidma: assign channel cookie correctly + - [arm64] dmaengine: qcom_hidma: initialize tx flags in hidma_prep_dma_* + - netfilter: physdev: relax br_netfilter dependency + - [armhf] regulator: act8865: Fix act8600_sudcdc_voltage_ranges setting + - [arm64] pinctrl: meson: meson8b: add the eth_rxd2 and eth_rxd3 pins + - drm: Auto-set allow_fb_modifiers when given modifiers at plane init + - drm/nouveau: Stop using drm_crtc_force_disable + - selinux: do not override context on context mounts + - brcmfmac: Use firmware_request_nowarn for the clm_blob + - [armhf,arm64] wlcore: Fix memory leak in case wl12xx_fetch_firmware + failure + - drm/fb-helper: fix leaks in error path of drm_fb_helper_fbdev_setup + - [arm64] clk: rockchip: fix frac settings of GPLL clock for rk3328 + - [armhf,arm64] dmaengine: tegra: avoid overflow of byte tracking + - [x86] Input: soc_button_array - fix mapping of the 5th GPIO in a PNP0C40 + device + - drm/dp/mst: Configure no_stop_bit correctly for remote i2c xfers + - ACPI / video: Extend chassis-type detection with a "Lunch Box" check + - bcache: fix potential div-zero error of writeback_rate_p_term_inverse + - [x86] kprobes: Blacklist non-attachable interrupt functions + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.35 + - [x86] kvm: nVMX: NMI-window and interrupt-window exiting should wake L2 + from HLT + - [powerpc*] tm: Limit TM code inside PPC_TRANSACTIONAL_MEM + - [x86] hv_netvsc: Fix unwanted wakeup after tx_disable + - ip6_tunnel: Match to ARPHRD_TUNNEL6 for dev type + - ipv6: Fix dangling pointer when ipv6 fragment + - ipv6: sit: reset ip header pointer in ipip6_rcv + - net: ethtool: not call vzalloc for zero sized memory request + - net-gro: Fix GRO flush when receiving a GSO packet. + - net/mlx5: Decrease default mr cache size + - netns: provide pure entropy for net_hash_mix() + - net: rds: force to destroy connection if t_sock is NULL in + rds_tcp_kill_sock(). + - net/sched: act_sample: fix divide by zero in the traffic path + - net/sched: fix ->get helper of the matchall cls + - openvswitch: fix flow actions reallocation + - qmi_wwan: add Olicard 600 + - r8169: disable ASPM again + - sctp: initialize _pad of sockaddr_in before copying to user memory + - tcp: Ensure DCTCP reacts to losses + - tcp: fix a potential NULL pointer dereference in tcp_sk_exit + - vrf: check accept_source_route on the original netdevice + - net/mlx5e: Fix error handling when refreshing TIRs + - net/mlx5e: Add a lock on tir list + - nfp: validate the return code from dev_queue_xmit() + - nfp: disable netpoll on representors + - bnxt_en: Improve RX consumer index validity check. + - bnxt_en: Reset device on RX buffer errors. + - net: ip_gre: fix possible use-after-free in erspan_rcv + - net: ip6_gre: fix possible use-after-free in ip6erspan_rcv + - net: core: netif_receive_skb_list: unlist skb before passing to pt->func + - r8169: disable default rx interrupt coalescing on RTL8168 + (Closes: #925496) + - net: mlx5: Add a missing check on idr_find, free buf + - net/mlx5e: Update xoff formula + - net/mlx5e: Update xon formula + - kbuild: deb-pkg: fix bindeb-pkg breakage when O= is used + - netfilter: nfnetlink_cttimeout: pass default timeout policy to + obj_to_nlattr + - netfilter: nfnetlink_cttimeout: fetch timeouts for udplite and gre, too + - [arm64] kaslr: Reserve size of ARM64_MEMSTART_ALIGN in linear region + - [x86] tty: mark Siemens R3964 line discipline as BROKEN (CVE-2019-11486) + - tty: ldisc: add sysctl to prevent autoloading of ldiscs + - ACPICA: Clear status of GPEs before enabling them + - ACPICA: Namespace: remove address node from global list after method + termination + - ALSA: seq: Fix OOB-reads from strlcpy + - [x86] ALSA: hda/realtek: Enable headset MIC of Acer TravelMate B114-21 + with ALC233 + - [x86] ALSA: hda/realtek - Add quirk for Tuxedo XC 1509 + - [x86] ALSA: hda - Add two more machines to the power_save_blacklist + - mm/huge_memory.c: fix modifying of page protection by insert_pfn_pmd() + - [arm64] dts: rockchip: fix rk3328 sdmmc0 write errors + - [hppa] Detect QEMU earlier in boot process + - [hppa] regs_return_value() should return gpr28 + - [hppa] also set iaoq_b in instruction_pointer_set() + - alarmtimer: Return correct remaining time + - drm/udl: add a release method and delay modeset teardown + - [x86] kvm: svm: fix potential get_num_contig_pages overflow + - include/linux/bitrev.h: fix constant bitrev + - mm: writeback: use exact memcg dirty counts + - [x86] ASoC: intel: Fix crash at suspend/resume after failed codec + registration + - Btrfs: do not allow trimming when a fs is mounted with the nologreplay + option + - btrfs: prop: fix zstd compression parameter validation + - btrfs: prop: fix vanished compression property after failed set + - [riscv64] Fix syscall_get_arguments() and syscall_set_arguments() + - block: do not leak memory in bio_copy_user_iov() + - block: fix the return errno for direct IO + - genirq: Respect IRQCHIP_SKIP_SET_WAKE in irq_chip_set_wake_parent() + - genirq: Initialize request_mutex if CONFIG_SPARSE_IRQ=n + - virtio: Honour 'may_reduce_num' in vring_create_virtqueue + - [armhf] dts: rockchip: fix rk3288 cpu opp node reference + - [armhf] dts: am335x-evmsk: Correct the regulators for the audio codec + - [armhf] dts: am335x-evm: Correct the regulators for the audio codec + - [arm64] futex: Fix FUTEX_WAKE_OP atomic ops with non-zero result value + - [arm64] dts: rockchip: fix rk3328 rgmii high tx error rate + - [arm64] backtrace: Don't bother trying to unwind the userspace stack + - xen: Prevent buffer overflow in privcmd ioctl + - sched/fair: Do not re-read ->h_load_next during hierarchical load + calculation + - [x86] asm: Use stricter assembly constraints in bitops + - [x86] perf/amd: Resolve race condition when disabling PMC + - [x86] perf/amd: Resolve NMI latency issues for active PMCs + - [x86] perf/amd: Remove need to check "running" bit in NMI handler + - PCI: Add function 1 DMA alias quirk for Marvell 9170 SATA controller + - PCI: pciehp: Ignore Link State Changes after powering off a slot + - dm integrity: change memcmp to strncmp in dm_integrity_ctr + - dm: revert 8f50e358153d ("dm: limit the max bio size as BIO_MAX_PAGES * + PAGE_SIZE") + - dm table: propagate BDI_CAP_STABLE_WRITES to fix sporadic checksum errors + - dm integrity: fix deadlock with overlapping I/O + - [arm64] dts: rockchip: fix vcc_host1_5v pin assign on rk3328-rock64 + - [arm64] dts: rockchip: Fix vcc_host1_5v GPIO polarity on rk3328-rock64 + - ACPICA: AML interpreter: add region addresses in global list during + initialization + - [x86] KVM: nVMX: close leak of L0's x2APIC MSRs (CVE-2019-3887) + - [x86] KVM: nVMX: fix x2APIC VTPR read intercept + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.36 + - inotify: Fix fsnotify_mark refcount leak in + inotify_update_existing_watch() (CVE-2019-9857) + - perf/core: Restore mmap record type correctly + - ext4: avoid panic during forced reboot + - ext4: add missing brelse() in add_new_gdb_meta_bg() + - ext4: report real fs size after failed resize + - ALSA: echoaudio: add a check for ioremap_nocache + - [i386,alpha] ALSA: sb8: add a check for request_region + - drm/udl: use drm_gem_object_put_unlocked. + - IB/mlx4: Fix race condition between catas error reset and aliasguid flows + - i40iw: Avoid panic when handling the inetdev event + - [i386,alpha] ALSA: opl3: fix mismatch between snd_opl3_drum_switch + definition and declaration + - [x86] thermal/intel_powerclamp: fix __percpu declaration of worker_data + - [arm*] thermal: bcm2835: Fix crash in bcm2835_thermal_debugfs + - [x86] thermal/int340x_thermal: Add additional UUIDs + - [x86] thermal/int340x_thermal: fix mode setting + - [x86] thermal/intel_powerclamp: fix truncated kthread name + - scsi: iscsi: flush running unbind operations when removing a session + - sched/cpufreq: Fix 32-bit math overflow + - sched/core: Fix buffer overflow in cgroup2 property cpu.max + - [x86] mm: Don't leak kernel addresses + - [x86] tools/power turbostat: return the exit status of a command + - perf list: Don't forget to drop the reference to the allocated thread_map + - perf config: Fix an error in the config template documentation + - perf config: Fix a memory leak in collect_config() + - perf build-id: Fix memory leak in print_sdt_events() + - perf top: Fix error handling in cmd_top() + - perf hist: Add missing map__put() in error case + - perf evsel: Free evsel->counts in perf_evsel__exit() + - ACPI / utils: Drop reference in test for device presence + - PM / Domains: Avoid a potential deadlock + - [armhf] drm/exynos/mixer: fix MIXER shadow registry synchronisation code + - [arm64] irqchip/mbigen: Don't clear eventid when freeing an MSI + - [x86] hpet: Prevent potential NULL pointer dereference + - [x86] hyperv: Prevent potential NULL pointer dereference + - [i386] cpu/cyrix: Use correct macros for Cyrix calls on Geode processors + - drm/nouveau/debugfs: Fix check of pm_runtime_get_sync failure + - [x86] iommu/vt-d: Check capability before disabling protected memory + - [x86] hw_breakpoints: Make default case in hw_breakpoint_arch_parse() + return an error + - fix incorrect error code mapping for OBJECTID_NOT_FOUND + - [x86] gart: Exclude GART aperture from kcore + - ext4: prohibit fstrim in norecovery mode + - drm/cirrus: Use drm_framebuffer_put to avoid kernel oops in clean-up + - rsi: improve kernel thread handling to fix kernel panic + - f2fs: fix to avoid NULL pointer dereference on se->discard_map + - 9p: do not trust pdu content for stat item size + - 9p locks: add mount option for lock retry interval + - ASoC: Fix UBSAN warning at snd_soc_get/put_volsw_sx() + - f2fs: fix to do sanity check with current segment number + - netfilter: xt_cgroup: shrink size of v2 path + - [arm64] serial: uartps: console_setup() can't be placed to init section + - [powerpc*] pseries: Remove prrn_work workqueue + - media: au0828: cannot kfree dev before usb disconnect + - Bluetooth: Fix debugfs NULL pointer dereference + - HID: i2c-hid: override HID descriptors for certain devices + - pinctrl: core: make sure strcmp() doesn't get a null parameter + - usbip: fix vhci_hcd controller counting + - [x86] ACPI / SBS: Fix GPE storm on recent MacBookPro's + - HID: usbhid: Add quirk for Redragon/Dragonrise Seymur 2 + - [x86] KVM: nVMX: restore host state in nested_vmx_vmexit for VMFail + - netfilter: nf_flow_table: remove flowtable hook flush routine in netns + exit routine + - f2fs: cleanup dirty pages if recover failed + - [armhf,arm64] net: stmmac: Set OWN bit for jumbo frames + - cifs: fallback to older infolevels on findfirst queryinfo retry + - kernel: hung_task.c: disable on suspend + - drm/ttm: Fix bo_global and mem_global kfree error + - [x86] ALSA: hda: fix front speakers on Huawei MBXP + - ACPI: EC / PM: Disable non-wakeup GPEs for suspend-to-idle + - net/rds: fix warn in rds_message_alloc_sgs + - xfrm: destroy xfrm_state synchronously on net exit path + - net: ip6_gre: fix possible NULL pointer dereference in + ip6erspan_set_version + - [x86] iommu/dmar: Fix buffer overflow during PCI bus notification + - scsi: core: Avoid that system resume triggers a kernel warning + - [armhf,arm64] soc/tegra: pmc: Drop locking from + tegra_powergate_is_powered() + - Revert "ACPI / EC: Remove old CLEAR_ON_RESUME quirk" + - [arm64] coresight: cpu-debug: Support for CA73 CPUs + - [x86] PCI: Blacklist power management of Gigabyte X299 DESIGNARE EX PCIe + ports + - drm/nouveau/volt/gf117: fix speedo readout register + - [armel,armhf] 8839/1: kprobe: make patch_lock a raw_spinlock_t + - [x86] drm/amdkfd: use init_mqd function to allocate object for hid_mqd + (CI) + - appletalk: Fix use-after-free in atalk_proc_exit + - lib/div64.c: off by one in shift + - rxrpc: Fix client call connect/disconnect race + - f2fs: fix to dirty inode for i_mode recovery + - include/linux/swap.h: use offsetof() instead of custom __swapoffset macro + - bpf: fix use after free in bpf_evict_inode + - IB/hfi1: Failed to drain send queue when QP is put into error state + - mm: hide incomplete nr_indirectly_reclaimable in /proc/zoneinfo + - mm: hide incomplete nr_indirectly_reclaimable in sysfs + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.37 + - bonding: fix event handling for stacked bonds + - failover: allow name change on IFF_UP slave interfaces + - net: atm: Fix potential Spectre v1 vulnerabilities (CVE-2017-5715) + - net: bridge: fix per-port af_packet sockets + - net: bridge: multicast: use rcu to access port list from + br_multicast_start_querier + - net: Fix missing meta data in skb with vlan packet + - net: fou: do not use guehdr after iptunnel_pull_offloads in gue_udp_recv + - tcp: tcp_grow_window() needs to respect tcp_space() + - team: set slave to promisc if team is already in promisc mode + - tipc: missing entries in name table of publications + - vhost: reject zero size iova range + - ipv4: recompile ip options in ipv4_link_failure + - ipv4: ensure rcu_read_lock() in ipv4_link_failure() + - [arm64] net: thunderx: raise XDP MTU to 1508 + - [arm64] net: thunderx: don't allow jumbo frames with XDP + - net/mlx5: FPGA, tls, hold rcu read lock a bit longer + - net/mlx5: FPGA, tls, idr remove on flow delete + - route: Avoid crash from dereferencing NULL rt->from + - sch_cake: Use tc_skb_protocol() helper for getting packet protocol + - sch_cake: Make sure we can write the IP header before changing DSCP bits + - nfp: flower: replace CFI with vlan present + - nfp: flower: remove vlan CFI bit from push vlan action + - sch_cake: Simplify logic in cake_select_tin() + - net: IP defrag: encapsulate rbtree defrag code into callable functions + - net: IP6 defrag: use rbtrees for IPv6 defrag + - net: IP6 defrag: use rbtrees in nf_conntrack_reasm.c + - CIFS: keep FileInfo handle live during oplock break + - cifs: Fix use-after-free in SMB2_write + - cifs: Fix use-after-free in SMB2_read + - cifs: fix handle leak in smb2_query_symlink() + - [x86] KVM: Don't clear EFER during SMM transitions for 32-bit vCPU + - [x86] KVM: svm: make sure NMI is injected after nmi_singlestep + - [x86] iio/gyro/bmg160: Use millidegrees for temperature scale + - iio: Fix scan mask selection + - iio: core: fix a possible circular locking dependency + - [x86] iio: accel: kxcjk-1013: restore the range after resume. + - [x86] staging: comedi: vmk80xx: Fix use of uninitialized semaphore + - [x86] staging: comedi: vmk80xx: Fix possible double-free of ->usb_rx_buf + - [x86] staging: comedi: ni_usb6501: Fix use of uninitialized mutex + - [x86] staging: comedi: ni_usb6501: Fix possible double-free of + ->usb_rx_buf + - [x86] ALSA: hda/realtek - add two more pin configuration sets to quirk + table + - ALSA: core: Fix card races between register and disconnect + - [x86] Input: elan_i2c - add hardware ID for multiple Lenovo laptops + - vt: fix cursor when clearing the screen + - scsi: core: set result when the command cannot be dispatched + - Revert "scsi: fcoe: clear FC_RP_STARTED flags when receiving a LOGO" + - [x86] Revert "svm: Fix AVIC incomplete IPI emulation" + - coredump: fix race condition between mmget_not_zero()/get_task_mm() and + core dumping (CVE-2019-11599) + - ipmi: fix sleep-in-atomic in free_user at cleanup SRCU + user->release_barrier + - [x86] crypto: poly1305 - fix overflow during partial reduction + - drm/ttm: fix out-of-bounds read in ttm_put_pages() v2 + - [arm64] futex: Restore oldval initialization to work around buggy + compilers + - [x86] kprobes: Verify stack frame on kretprobe + - kprobes: Mark ftrace mcount handler functions nokprobe + - kprobes: Fix error check when reusing optimized probes + - rt2x00: do not increment sequence number while re-transmitting + - mac80211: do not call driver wake_tx_queue op during reconfig + - drm/amdgpu/gmc9: fix VM_L2_CNTL3 programming + - [x86] perf/amd: Add event map for AMD Family 17h + - [x86] cpu/bugs: Use __initconst for 'const' init data + - [x86] perf: Fix incorrect PEBS_REGS + - [x86] speculation: Prevent deadlock on ssb_state::lock + - timers/sched_clock: Prevent generic sched_clock wrap caused by + tick_freeze() + - nfit/ars: Remove ars_start_flags + - nfit/ars: Introduce scrub_flags + - nfit/ars: Allow root to busy-poll the ARS state machine + - nfit/ars: Avoid stale ARS results + - mmc: sdhci: Fix data command CRC error handling + - mmc: sdhci: Handle auto-command errors + - modpost: file2alias: go back to simple devtable lookup + - modpost: file2alias: check prototype of handler + - [x86] tpm/tpm_i2c_atmel: Return -E2BIG when the transfer is incomplete + - tpm: Fix the type of the return value in calc_tpm2_event_size() + - sched/fair: Limit sched_cfs_period_timer() loop to avoid hard lockup + - device_cgroup: fix RCU imbalance in error case + - ALSA: info: Fix racy addition/deletion of nodes + - [armhf] ASoC: rockchip: add missing INTERLEAVED PCM attribute + - i2c-hid: properly terminate i2c_hid_dmi_desc_override_table[] array + - kernel/sysctl.c: fix out-of-bounds access when setting file-max + + [ Ben Hutchings ] + * debian/bin/abiupdate.py: Automatically select the correct archive to fetch + from + * debian/bin/abiupdate.py: Change default URLs to use https: scheme + * [powerpc*] vdso: Make vdso32 installation conditional in vdso_install + (Closes: #785065) + * Bump ABI to 5 + * [rt] Add new signing subkey for Steven Rostedt + * [rt] Update to 4.19.31-rt18 (no functional change) + * [armhf,arm64] Revert "net: stmmac: Send TSO packets always from Queue 0" + * [riscv64] linux-image-dbg: Include vdso debug symbols + * [ia64] linux-image: Recommend grub-efi-ia64 instead of (removed) elilo + * [armel/marvell] Disable HW_RANDOM as no HWRNG drivers are usable here + * udeb: Add all HWRNG drivers to kernel-image (see #923675) + * lockdown: Refer to Debian wiki until manual page exists + * [sparc64] linux-image: Recommend grub-ieee1275 instead of (removed) silo + * [sparc64] linux-image: Install uncompressed kernel image + * [powerpc,ppc64,ppc64el] linux-image: Recommend grub-ieee1275 + * [i386] Add grub-efi-ia32 as an alternate recommended bootloader + * linux-source: Recommend bison and flex, always needed to build the kernel + * [armel/marvell,sh4] linux-image: Recommend apparmor, like all other configs + * udeb: Drop unused ntfs-modules packages + * ntfs: Disable NTFS_FS due to lack of upstream security support + (CVE-2018-12929, CVE-2018-12930, CVE-2018-12931) + * [x86] platform: Enable INTEL_ATOMISP2_PM as module + * drivers/firmware/google: Adjust configuration for 4.19 + * MODSIGN: Make shash allocation failure fatal + * aio: Apply fixes from 4.19.38: + - aio: clear IOCB_HIPRI + - aio: use assigned completion handler + - aio: separate out ring reservation from req allocation + - aio: don't zero entire aio_kiocb aio_get_req() + - aio: use iocb_put() instead of open coding it + - aio: split out iocb copy from io_submit_one() + - aio: abstract out io_event filler helper + - aio: initialize kiocb private in case any filesystems expect it. + - aio: simplify - and fix - fget/fput for io_submit() (CVE-2019-10125) + - pin iocb through aio. + - aio: fold lookup_kiocb() into its sole caller + - aio: keep io_event in aio_kiocb + - aio: store event at final iocb_put() + - Fix aio_poll() races + * tracing: Fix buffer_ref pipe ops + * mm,fs: Prevent page refcount overflow (CVE-2019-11487): + - mm: make page ref count overflow check tighter and more explicit + - mm: add 'try_get_page()' helper function + - mm: prevent get_user_pages() from overflowing page refcount + - fs: prevent page refcount overflow in pipe_buf_get + + [ YunQiang Su ] + * [mips*r6] Re-enable CONFIG_JUMP_LABEL, which has been fixed in upstream. + + [ Stefan Fritsch ] + * [armhf] Enable SND_SOC_SPDIF for Cubietruck (Closes: #884562) + + [ Luca Boccassi ] + * libbpf-dev: generate pkg-config file for libbpf by backporting + libbpf-generate-pkg-config.patch from bpf-next. + * Import patches to enable loading keys from UEFI db and MOK from + http://git.kernel.org/cgit/linux/kernel/git/dhowells/linux-fs.git to + allow kernel modules built by users (eg: by dkms) to be verified, and + to load dbx and MOKX for the equivalent blacklisting functionality. + + [ Bastian Blank ] + * Don't longer recommend irqbalance. (closes: #926967) + + [ Salvatore Bonaccorso ] + * xen/pciback: Don't disable PCI_COMMAND on PCI device reset. + (CVE-2015-8553) + * [x86] Disable R3964 due to lack of security support + * [amd64,arm64] vfio/type1: Limit DMA mappings per container (CVE-2019-3882) + + [ Aurelien Jarno ] + * [mips] Fix indirect syscall tracing & seccomp filtering for big endian + MIPS64 kernels with 32-bit userland. + + [ Romain Perier ] + * [rt] Update to 4.19.37-rt19 + * Enable coreboot memconsole (Closes: #872069) + + [ Uwe Kleine-König ] + * [armhf] Disable MVNETA_BM_ENABLE again as it break networking on + DB-MV784MP-GP. Thanks to Steve McIntyre for providing access such a + machine for testing. (Closes: #927825) + + [ Alper Nebi Yasak ] + * [arm64] Enable configs for Samsung Chromebook Plus (v1) and other + rk3399-gru based devices: + - Enable PL330_DMA, CROS_EC_SPI, SPI_ROCKCHIP as modules. + - Enable EXTCON_USBC_CROS_EC, PHY_ROCKCHIP_TYPEC, PHY_ROCKCHIP_USB as + modules. + - Enable KEYBOARD_CROS_EC as module. + - Enable PWM_CROS_EC, PHY_ROCKCHIP_DP as modules and enable ROCKCHIP_CDN_DP + - Enable SND_SOC_ROCKCHIP, SND_SOC_ROCKCHIP_I2S, SND_SOC_ROCKCHIP_SPDIF, + SND_SOC_ROCKCHIP_RT5645, SND_SOC_RK3399_GRU_SOUND as modules. + - Enable INPUT_TOUCHSCREEN, enable TOUCHSCREEN_ATMEL_MXT as module, and + enable TOUCHSCREEN_ATMEL_MXT_T37. + - Enable TOUCHSCREEN_ELAN, MOUSE_ELAN_I2C as modules. + - Enable I2C_HID as module. + - Enable MWIFIEX, MWIFIEX_PCIE as modules. + - Enable TCG_TPM, TCG_TIS_I2C_INFINEON as modules. + - Enable PM_DEVFREQ_EVENT, enable DEVFREQ_EVENT_ROCKCHIP_DFI and + ARM_RK3399_DMC_DEVFREQ as modules. + - Enable REGULATOR_VCTRL as module. + - Enable MFD_CROS_EC_CHARDEV, IIO_CROS_EC_ACCEL_LEGACY, + IIO_CROS_EC_SENSORS_CORE, IIO_CROS_EC_SENSORS, IIO_CROS_EC_LIGHT_PROX, + IIO_CROS_EC_BARO, RTC_DRV_CROS_EC as modules. + - Enable BATTERY_SBS, CHARGER_CROS_USBPD as modules. + + [ Vagrant Cascadian ] + * debian/bin/gencontrol_signed.py: Sort list of modules before adding to + .json file, fixing reproducibility issues. + + -- Ben Hutchings <ben@decadent.org.uk> Sun, 05 May 2019 19:32:32 +0100 + +linux (4.19.28-2) unstable; urgency=medium + + [ Ben Hutchings ] + * [x86,alpha,m68k] binfmt: Disable BINFMT_AOUT, IA32_AOUT, OSF4_COMPAT + * [x86] Drop fix for #865303, which no longer affects Debian's OpenJDK + * udeb: Make serial_cs optional in serial-modules + * [ppc64el] Disable PCMCIA (fixes FTBFS) + + [ Vagrant Cascadian ] + * [arm64] Enable DRM_SUN4I and DRM_SUN8I_DW_HDMI as modules. + * [arm64] Enable I2C_GPIO as a module. + * [arm64] Enable MESON_EFUSE as a module. + + [ Yves-Alexis Perez ] + * certs: include both root CA and direct signing certificate. + closes: #924545 + + -- Ben Hutchings <ben@decadent.org.uk> Fri, 15 Mar 2019 02:16:04 +0000 + +linux (4.19.28-1) unstable; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.21 + - devres: Align data[] to ARCH_KMALLOC_MINALIGN + - drm/bufs: Fix Spectre v1 vulnerability + - drm/vgem: Fix vgem_init to get drm device available. + - [arm*] pinctrl: bcm2835: Use raw spinlock for RT compatibility + - [x86] ASoC: Intel: mrfld: fix uninitialized variable access + - gpiolib: Fix possible use after free on label + - [armhf] drm/sun4i: Initialize registers in tcon-top driver + - genirq/affinity: Spread IRQs to all available NUMA nodes + - [armhf] gpu: ipu-v3: image-convert: Prevent race between run and + unprepare + - wil6210: fix reset flow for Talyn-mb + - wil6210: fix memory leak in wil_find_tx_bcast_2 + - ath10k: assign 'n_cipher_suites' for WCN3990 + - ath9k: dynack: use authentication messages for 'late' ack + - scsi: lpfc: Correct LCB RJT handling + - scsi: mpt3sas: Call sas_remove_host before removing the target devices + - scsi: lpfc: Fix LOGO/PLOGI handling when triggerd by ABTS Timeout event + - [armhf] 8808/1: kexec:offline panic_smp_self_stop CPU + - [mips] clk: boston: fix possible memory leak in clk_boston_setup() + - dlm: Don't swamp the CPU with callbacks queued during recovery + - [x86] PCI: Fix Broadcom CNB20LE unintended sign extension (redux) + - [powerpc] pseries: add of_node_put() in dlpar_detach_node() + - [arm*] drm/vc4: ->x_scaling[1] should never be set to VC4_SCALING_NONE + - ptp: check gettime64 return code in PTP_SYS_OFFSET ioctl + - [mips] Boston: Disable EG20T prefetch + - iwlwifi: fw: do not set sgi bits for HE connection + - fpga: altera-cvp: Fix registration for CvP incapable devices + - [x86] fpga: altera-cvp: fix 'bad IO access' on x86_64 + - [x86] vbox: fix link error with 'gcc -Og' + - platform/chrome: don't report EC_MKBP_EVENT_SENSOR_FIFO as wakeup + - i40e: prevent overlapping tx_timeout recover + - scsi: hisi_sas: change the time of SAS SSP connection + - usbnet: smsc95xx: fix rx packet alignment + - [armhf,arm64] drm/rockchip: fix for mailbox read size + - [arm*] OMAP2+: hwmod: Fix some section annotations + - drm/amd/display: fix gamma not being applied correctly + - drm/amd/display: calculate stream->phy_pix_clk before clock mapping + - bpf: libbpf: retry map creation without the name + - net/mlx5: EQ, Use the right place to store/read IRQ affinity hint + - modpost: validate symbol names also in find_elf_symbol + - perf tools: Add Hygon Dhyana support + - [armhf] soc/tegra: Don't leak device tree node reference + - media: rc: ensure close() is called on rc_unregister_device + - media: video-i2c: avoid accessing released memory area when removing + driver + - [armhf] media: mtk-vcodec: Release device nodes in + mtk_vcodec_init_enc_pm() + - ptp: Fix pass zero to ERR_PTR() in ptp_clock_register + - dmaengine: xilinx_dma: Remove __aligned attribute on zynqmp_dma_desc_ll + - [powerpc] 32: Add .data..Lubsan_data*/.data..Lubsan_type* sections + explicitly + - media: adv*/tc358743/ths8200: fill in min width/height/pixelclock + - ACPI: SPCR: Consider baud rate 0 as preconfigured state + - f2fs: move dir data flush to write checkpoint process + - f2fs: fix race between write_checkpoint and write_begin + - f2fs: fix wrong return value of f2fs_acl_create + - [arm64] io: Ensure calls to delay routines are ordered against prior + readX() + - net: aquantia: return 'err' if set MPI_DEINIT state fails + - [sparc*] sunvdc: Do not spin in an infinite loop when vio_ldc_send() + returns EAGAIN + - nfsd4: fix crash on writing v4_end_grace before nfsd startup + - drm: Clear state->acquire_ctx before leaving + drm_atomic_helper_commit_duplicated_state() + - [arm64] io: Ensure value passed to __iormb() is held in a 64-bit register + - Thermal: do not clear passive state during system sleep + - thermal: Fix locking in cooling device sysfs update cur_state + - firmware/efi: Add NULL pointer checks in efivars API functions + - [s390] zcrypt: improve special ap message cmd handling + - [arm64] ftrace: don't adjust the LR value + - [x86] fpu: Add might_fault() to user_insn() + - usb: dwc3: Correct the logic for checking TRB full in + __dwc3_prepare_one_trb() + - usb: dwc2: Disable power down feature on Samsung SoCs + - usb: hub: delay hub autosuspend if USB3 port is still link training + - timekeeping: Use proper seqcount initializer + - usb: mtu3: fix the issue about SetFeature(U1/U2_Enable) + - [armhf] clk: sunxi-ng: a33: Set CLK_SET_RATE_PARENT for all audio module + clocks + - media: imx274: select REGMAP_I2C + - drm/amdgpu/powerplay: fix clock stretcher limits on polaris (v2) + - tipc: fix node keep alive interval calculation + - driver core: Move async_synchronize_full call + - kobject: return error code if writing /sys/.../uevent fails + - IB/hfi1: Unreserve a reserved request when it is completed + - usb: dwc3: trace: add missing break statement to make compiler happy + - [mips] gpio: mt7621: report failure of devm_kasprintf() + - [mips] gpio: mt7621: pass mediatek_gpio_bank_probe() failure up the stack + - [x86] iommu/amd: Fix amd_iommu=force_isolation + - [armhf] dts: Fix OMAP4430 SDP Ethernet startup + - [mips] bpf: fix encoding bug for mm_srlv32_op + - media: coda: fix H.264 deblocking filter controls + - [armel] dts: Fix up the D-Link DIR-685 MTD partition info + - watchdog: renesas_wdt: don't set divider while watchdog is running + - [armhf] dts: imx51-zii-rdu1: Do not specify "power-gpio" for hpa1 + - usb: dwc3: gadget: Disable CSP for stream OUT ep + - [arm64] iommu/arm-smmu-v3: Avoid memory corruption from Hisilicon MSI + payloads + - [arm64] iommu/arm-smmu: Add support for qcom,smmu-v2 variant + - [arm64] iommu/arm-smmu-v3: Use explicit mb() when moving cons pointer + - [armhf] clk: imx6sl: ensure MMDC CH0 handshake is bypassed + - OPP: Use opp_table->regulators to verify no regulator case + - [arm64] tee: optee: avoid possible double list_del() + - [arm64] drm/msm/dsi: fix dsi clock names in DSI 10nm PLL driver + - [arm64] drm/msm: dpu: Only check flush register against pending flushes + - lightnvm: pblk: fix resubmission of overwritten write err lbas + - lightnvm: pblk: add lock protection to list operations + - i2c-axxia: check for error conditions first + - [armhf] phy: sun4i-usb: add support for missing USB PHY index + - udf: Fix BUG on corrupted inode + - selftests/bpf: use __bpf_constant_htons in test_prog.c + - [armel] pxa: avoid section mismatch warning + - [armhf] ASoC: fsl: Fix SND_SOC_EUKREA_TLV320 build error on i.MX8M + - [powerpc] KVM: Book3S: Only report KVM_CAP_SPAPR_TCE_VFIO on powernv + machines + - [arm*] mmc: bcm2835: Recover from MMC_SEND_EXT_CSD + - [arm*] mmc: bcm2835: reset host on timeout + - memstick: Prevent memstick host from getting runtime suspended during + card detection + - [arm64] mmc: sdhci-xenon: Fix timeout checks + - btrfs: harden agaist duplicate fsid on scanned devices + - serial: sh-sci: Fix locking in sci_submit_rx() + - serial: sh-sci: Resume PIO in sci_rx_interrupt() on DMA failure + - tty: serial: samsung: Properly set flags in autoCTS mode + - perf test: Fix perf_event_attr test failure + - perf dso: Fix unchecked usage of strncpy() + - perf header: Fix unchecked usage of strncpy() + - btrfs: use tagged writepage to mitigate livelock of snapshot + - perf probe: Fix unchecked usage of strncpy() + - i2c: sh_mobile: Add support for r8a774c0 (RZ/G2E) + - bnxt_en: Disable MSIX before re-reserving NQs/CMPL rings. + - [x86] tools/power/x86/intel_pstate_tracer: Fix non root execution for + post processing a trace file + - livepatch: check kzalloc return values + - [arm64] KVM: Skip MMIO insn after emulation + - usb: musb: dsps: fix otg state machine + - usb: musb: dsps: fix runtime pm for peripheral mode + - perf header: Fix up argument to ctime() + - perf tools: Cast off_t to s64 to avoid warning on bionic libc + - percpu: convert spin_lock_irq to spin_lock_irqsave. + - [arm64] net: hns3: fix incomplete uninitialization of IRQ in the + hns3_nic_uninit_vector_data() + - drm/amd/display: Add retry to read ddc_clock pin + - Bluetooth: hci_bcm: Handle deferred probing for the clock supply + - drm/amd/display: fix YCbCr420 blank color + - [powerpc] uaccess: fix warning/error with access_ok() + - mac80211: fix radiotap vendor presence bitmap handling + - xfrm6_tunnel: Fix spi check in __xfrm6_tunnel_alloc_spi + - scsi: smartpqi: correct host serial num for ssa + - scsi: smartpqi: correct volume status + - scsi: smartpqi: increase fw status register read timeout + - cw1200: Fix concurrency use-after-free bugs in cw1200_hw_scan() + - [arm64] net: hns3: add max vector number check for pf + - [powerpc] perf: Fix thresholding counter data for unknown type + - iwlwifi: mvm: fix setting HE ppe FW config + - [powerpc] powernv/ioda: Allocate indirect TCE levels of cached userspace + addresses on demand + - mlx5: update timecounter at least twice per counter overflow + - drbd: narrow rcu_read_lock in drbd_sync_handshake + - drbd: disconnect, if the wrong UUIDs are attached on a connected peer + - drbd: skip spurious timeout (ping-timeo) when failing promote + - drbd: Avoid Clang warning about pointless switch statment + - drm/amd/display: validate extended dongle caps + - md: fix raid10 hang issue caused by barrier + - fbdev: fbmem: behave better with small rotated displays and many CPUs + - i40e: define proper net_device::neigh_priv_len + - ice: Do not enable NAPI on q_vectors that have no rings + - igb: Fix an issue that PME is not enabled during runtime suspend + - ACPI/APEI: Clear GHES block_status before panic() + - fbdev: fbcon: Fix unregister crash when more than one framebuffer + - [powerpc] mm: Fix reporting of kernel execute faults on the 8xx + - [x86] KVM: svm: report MSR_IA32_MCG_EXT_CTL as unsupported + - [powerpc] fadump: Do not allow hot-remove memory from fadump reserved + area. + - kvm: Change offset in kvm_write_guest_offset_cached to unsigned + - NFS: nfs_compare_mount_options always compare auth flavors. + - perf build: Don't unconditionally link the libbfd feature test to + -liberty and -lz + - hwmon: (lm80) fix a missing check of the status of SMBus read + - hwmon: (lm80) fix a missing check of bus read in lm80 probe + - seq_buf: Make seq_buf_puts() null-terminate the buffer + - cifs: check ntwrk_buf_start for NULL before dereferencing it + - f2fs: fix use-after-free issue when accessing sbi->stat_info + - niu: fix missing checks of niu_pci_eeprom_read + - f2fs: fix sbi->extent_list corruption issue + - cgroup: fix parsing empty mount option string + - perf python: Do not force closing original perf descriptor in + evlist.get_pollfd() + - scripts/decode_stacktrace: only strip base path when a prefix of the path + - arch/sh/boards/mach-kfr2r09/setup.c: fix struct mtd_oob_ops build warning + - ocfs2: don't clear bh uptodate for block read + - ocfs2: improve ocfs2 Makefile + - mm/page_alloc.c: don't call kasan_free_pages() at deferred mem init + - zram: fix lockdep warning of free block handling + - isdn: hisax: hfc_pci: Fix a possible concurrency use-after-free bug in + HFCPCI_l1hw() + - [m68k] block/swim3: Fix -EBUSY error when re-opening device after unmount + - [arm*] thermal: bcm2835: enable hwmon explicitly + - [armhf] PCI: imx: Enable MSI from downstream components + - thermal: generic-adc: Fix adc to temp interpolation + - [arm64] sve: ptrace: Fix SVE_PT_REGS_OFFSET definition + - kernel/hung_task.c: break RCU locks based on jiffies + - proc/sysctl: fix return error for proc_doulongvec_minmax() + - kernel/hung_task.c: force console verbose before panic + - fs/epoll: drop ovflist branch prediction + - exec: load_script: don't blindly truncate shebang string + - xfs: Fix xqmstats offsets in /proc/fs/xfs/xqmstat + - xfs: cancel COW blocks before swapext + - xfs: Fix error code in 'xfs_ioc_getbmap()' + - xfs: fix overflow in xfs_attr3_leaf_verify + - xfs: fix shared extent data corruption due to missing cow reservation + - xfs: fix transient reference count error in + xfs_buf_resubmit_failed_buffers + - xfs: delalloc -> unwritten COW fork allocation can go wrong + - fs/xfs: fix f_ffree value for statfs when project quota is set + - xfs: fix PAGE_MASK usage in xfs_free_file_space + - xfs: fix inverted return from xfs_btree_sblock_verify_crc + - thermal: hwmon: inline helpers when CONFIG_THERMAL_HWMON is not set + - dccp: fool proof ccid_hc_[rt]x_parse_options() + - enic: fix checksum validation for IPv6 + - lib/test_rhashtable: Make test_insert_dup() allocate its hash table + dynamically + - net: dsa: Fix lockdep false positive splat + - net: dsa: Fix NULL checking in dsa_slave_set_eee() + - [armhf,arm64] net: dsa: mv88e6xxx: Fix counting of ATU violations + - net: dsa: slave: Don't propagate flag changes on down slave interfaces + - net/mlx5e: Force CHECKSUM_UNNECESSARY for short ethernet frames + - rds: fix refcount bug in rds_sock_addref + - Revert "net: phy: marvell: avoid pause mode on SGMII-to-Copper for + 88e151x" + - rxrpc: bad unlock balance in rxrpc_recvmsg + - sctp: check and update stream->out_curr when allocating stream_out + - sctp: walk the list of asoc safely (CVE-2019-8956) + - skge: potential memory corruption in skge_get_regs() + - virtio_net: Account for tx bytes and packets on sending xdp_frames + - net/mlx5e: FPGA, fix Innova IPsec TX offload data path performance + - xfs: eof trim writeback mapping as soon as it is cached + - ALSA: compress: Fix stop handling on compressed capture streams + - ALSA: usb-audio: Add support for new T+A USB DAC + - ALSA: hda - Serialize codec registrations + - ALSA: hda/realtek - Fix lose hp_pins for disable auto mute + - ALSA: hda/realtek - Use a common helper for hp pin reference + - ALSA: hda/realtek - Headset microphone support for System76 darp5 + - fuse: call pipe_buf_release() under pipe lock + - fuse: decrement NR_WRITEBACK_TEMP on the right page + - fuse: handle zero sized retrieve correctly + - [arm*] dmaengine: bcm2835: Fix interrupt race on RT + - [arm*] dmaengine: bcm2835: Fix abort of transactions + - [armhf] dmaengine: imx-dma: fix wrong callback invoke + - futex: Handle early deadlock return correctly + - [arm64] irqchip/gic-v3-its: Plug allocation race for devices sharing a + DevID + - [armhf] usb: phy: am335x: fix race condition in _probe + - usb: dwc3: gadget: Handle 0 xfer length for OUT EP + - usb: gadget: udc: net2272: Fix bitwise and boolean operations + - usb: gadget: musb: fix short isoc packets with inventra dma + - staging: speakup: fix tty-operation NULL derefs + - scsi: cxlflash: Prevent deadlock when adapter probe fails + - scsi: aic94xx: fix module loading + - cpu/hotplug: Fix "SMT disabled by BIOS" detection for KVM + - [x86] perf/x86/intel/uncore: Add Node ID mask + - [x86] MCE: Initialize mce.bank in the case of a fatal error in + mce_no_way_out() + - perf/core: Don't WARN() for impossible ring-buffer sizes + - perf tests evsel-tp-sched: Fix bitwise operator + - serial: fix race between flush_to_ldisc and tty_open + - serial: 8250_pci: Make PCI class test non fatal + - serial: sh-sci: Do not free irqs that have already been freed + - cacheinfo: Keep the old value if of_property_read_u32 fails + - IB/hfi1: Add limit test for RC/UC send via loopback + - [x86] perf/x86/intel: Delay memory deallocation until x86_pmu_dead_cpu() + - ath9k: dynack: make ewma estimation faster + - ath9k: dynack: check da->enabled first in sampling routines + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.22 + - mtd: Make sure mtd->erasesize is valid even if the partition is of size 0 + - mtd: rawnand: gpmi: fix MX28 bus master lockup problem + - libata: Add NOLPM quirk for SAMSUNG MZ7TE512HMHP-000L1 SSD + - [armhf, arm64] iio: adc: axp288: Fix TS-pin handling + - signal: Always notice exiting tasks + - signal: Better detection of synchronous signals + - [armhf, arm64] misc: vexpress: Off by one in vexpress_syscfg_exec() + - [x86] mei: me: add ice lake point device id. + - debugfs: fix debugfs_rename parameter checking + - [arm64] pinctrl: sunxi: Correct number of IRQ banks on H6 main pin + controller + - [x86] pinctrl: cherryview: fix Strago DMI workaround + - tracing: uprobes: Fix typo in pr_fmt string + - [mips*] cm: reprime error cause + - [mips*] OCTEON: don't set octeon_dma_bar_type if PCI is disabled + - [mips*] VDSO: Use same -m%-float cflag as the kernel proper + - [mips*] loongson64: remove unreachable(), fix loongson_poweroff(). + - [mips*] VDSO: Include $(ccflags-vdso) in o32,n32 .lds builds + - [arm64] firmware: arm_scmi: provide the mandatory device release callback + - [powerpc*] radix: Fix kernel crash with mremap() + - [amd64] mic: vop: Fix use-after-free on remove + - mac80211: ensure that mgmt tx skbs have tailroom for encryption + - drm/modes: Prevent division by zero htotal + - drm/amd/powerplay: Fix missing break in switch + - [x86] drm/i915: always return something on DDI clock selection + - [x86] drm/vmwgfx: Fix setting of dma masks + - [x86] drm/vmwgfx: Return error code from vmw_execbuf_copy_fence_user + - SUNRPC: Always drop the XPRT_LOCK on XPRT_CLOSE_WAIT + - xfrm: Make set-mark default behavior backward compatible + - Revert "ext4: use ext4_write_inode() when fsyncing w/o a journal" + - libceph: avoid KEEPALIVE_PENDING races in ceph_con_keepalive() + - xfrm: refine validation of template and selector families + - batman-adv: Avoid WARN on net_device without parent in netns + - batman-adv: Force mac header to start of data on xmit + - svcrdma: Reduce max_send_sges + - svcrdma: Remove max_sge check at connect time + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.23 + - Revert "exec: load_script: don't blindly truncate shebang string" + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.24 + - dt-bindings: eeprom: at24: add "atmel,24c2048" compatible string + - eeprom: at24: add support for 24c2048 + - blk-mq: fix a hung issue when fsync (Closes: #913119, #913138) + - [armel, armhf] 8789/1: signal: copy registers using __copy_to_user() + - [armel, armhf] 8790/1: signal: always use __copy_to_user to save iwmmxt + context + - [armel, armhf] 8791/1: vfp: use __copy_to_user() when saving VFP state + - [armel, armhf] 8792/1: oabi-compat: copy oabi events using + __copy_to_user() + - [armel, armhf] 8793/1: signal: replace __put_user_error with __put_user + - [armel, armhf] 8794/1: uaccess: Prevent speculative use of the current + addr_limit + - [armel, armhf] 8795/1: spectre-v1.1: use put_user() for __put_user() + - [armel, armhf] 8796/1: spectre-v1,v1.1: provide helpers for address + sanitization + - [armel, armhf] 8797/1: spectre-v1.1: harden __copy_to_user + - [armel, armhf] 8810/1: vfp: Fix wrong assignement to ufp_exc + - [armel, armhfl armhf] make lookup_processor_type() non-__init + - [armel, armhf] split out processor lookup + - [armel, armhf] clean up per-processor check_bugs method call + - [armel, armhf] add PROC_VTABLE and PROC_TABLE macros + - [armel, armhf] spectre-v2: per-CPU vtables to work around big.Little + systems + - [armel, armhf] ensure that processor vtables is not lost after boot + - [armel, armhf] fix the cockup in the previous patch + - drm/amdgpu/sriov:Correct pfvf exchange logic + - [i386] ACPI: NUMA: Use correct type for printing addresses on i386-PAE + - perf report: Fix wrong iteration count in --branch-history + - perf test shell: Use a fallback to get the pathname in vfs_getname + - [riscv64] riscv: fix trace_sys_exit hook + - cpufreq: check if policy is inactive early in __cpufreq_get() + - nvme-pci: use the same attributes when freeing host_mem_desc_bufs. + - nvme-pci: fix out of bounds access in nvme_cqe_pending + - nvme-multipath: zero out ANA log buffer + - nvme: pad fake subsys NQN vid and ssvid with zeros + - drm/amdgpu: set WRITE_BURST_LENGTH to 64B to workaround SDMA1 hang + - [armel] dts: kirkwood: Fix polarity of GPIO fan lines + - [armel, armhf] gpio: pl061: handle failed allocations + - drm/nouveau: Don't disable polling in fallback mode + - drm/nouveau/falcon: avoid touching registers if engine is off + - cifs: Limit memory used by lock request calls to a page + - [x86] kvm: sev: Fail KVM_SEV_INIT if already initialized + - CIFS: Do not assume one credit for async responses + - [arm*] gpio: mxc: move gpio noirq suspend/resume to syscore phase + - [x86] Revert "Input: elan_i2c - add ACPI ID for touchpad in ASUS Aspire + F5-573G" + - [x86] Input: elan_i2c - add ACPI ID for touchpad in Lenovo V330-15ISK + - [armhf] OMAP5+: Fix inverted nirq pin interrupts with irq_set_type + - perf/core: Fix impossible ring-buffer sizes warning + - [x86] perf: Add check_period PMU callback + - [x86] ALSA: hda - Add quirk for HP EliteBook 840 G5 + - ALSA: usb-audio: Fix implicit fb endpoint setup by quirk + - ASoC: hdmi-codec: fix oops on re-probe + - [alpha] tools uapi: fix Alpha support + - [riscv64] Add pte bit to distinguish swap from invalid + - [x86] kvm/nVMX: read from MSR_IA32_VMX_PROCBASED_CTLS2 only when it is + available + - [x86] kvm: vmx: Fix entry number check for add_atomic_switch_msr() + - [arm*] mmc: sunxi: Filter out unsupported modes declared in the device + tree + - mmc: block: handle complete_work on separate workqueue + - [x86] Input: elantech - enable 3rd button support on Fujitsu CELSIUS H780 + - Revert "nfsd4: return default lease period" + - Revert "mm: don't reclaim inodes with many attached pages" + - Revert "mm: slowly shrink slabs with a relatively small number of + objects" + - [alpha] fix page fault handling for r16-r18 targets + - [alpha] Fix Eiger NR_IRQS to 128 + - [s390*] zcrypt: fix specification exception on z196 during ap probe + - tracing/uprobes: Fix output for multiple string arguments + - [x86] platform/UV: Use efi_runtime_lock to serialise BIOS calls + - scsi: sd: fix entropy gathering for most rotational disks + - signal: Restore the stop PTRACE_EVENT_EXIT + - md/raid1: don't clear bitmap bits on interrupted recovery. + - [x86] a.out: Clear the dump structure initially + - dm crypt: don't overallocate the integrity tag space + - dm thin: fix bug where bio that overwrites thin block ignores FUA + - drm: Use array_size() when creating lease + - [x86] drm/i915: Block fbdev HPD processing during suspend + - [x86] drm/i915: Prevent a race during I915_GEM_MMAP ioctl with WC set + - mm: proc: smaps_rollup: fix pss_locked calculation + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.25 + - af_packet: fix raw sockets over 6in4 tunnel + - [arm64, armhf] dsa: mv88e6xxx: Ensure all pending interrupts are handled + prior to exit + - net: crypto set sk to NULL when af_alg_release. (CVE-2019-8912) + - net: Fix for_each_netdev_feature on Big endian + - net: fix IPv6 prefix route residue + - net: ip6_gre: initialize erspan_ver just for erspan tunnels + - net: ipv4: use a dedicated counter for icmp_v4 redirect packets + - net: phy: xgmiitorgmii: Support generic PHY status read + - net: stmmac: Fix a race in EEE enable callback + - net: stmmac: handle endianness in dwmac4_get_timestamp + - sky2: Increase D3 delay again + - vhost: correctly check the return value of translate_desc() in log_used() + - vsock: cope with memory allocation failure at socket creation time + - vxlan: test dev->flags & IFF_UP before calling netif_rx() + - net: Add header for usage of fls64() + - tcp: clear icsk_backoff in tcp_write_queue_purge() + - tcp: tcp_v4_err() should be more careful + - net: Do not allocate page fragments that are not skb aligned + - hwmon: (lm80) Fix missing unlock on error in set_fan_div() + - scsi: target/core: Use kmem_cache_free() instead of kfree() + - PCI: Fix __initdata issue with "pci=disable_acs_redir" parameter + - sunrpc: fix 4 more call sites that were using stack memory with a + scatterlist + - netfilter: nf_nat_snmp_basic: add missing length checks in ASN.1 cbs + (CVE-2019-9162) + - net/x25: do not hold the cpu too long in x25_new_lci() + - ax25: fix possible use-after-free + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.26 + - [armel armhf] 8834/1: Fix: kprobes: optimized kprobes illegal instruction + - tracing: Fix number of entries in trace header + - [mips*] eBPF: Always return sign extended 32b values + - mac80211: Restore vif beacon interval if start ap fails + - mac80211: Use linked list instead of rhashtable walk for mesh tables + - mac80211: Free mpath object when rhashtable insertion fails + - libceph: handle an empty authorize reply + - ceph: avoid repeatedly adding inode to mdsc->snap_flush_list + - numa: change get_mempolicy() to use nr_node_ids instead of MAX_NUMNODES + - proc, oom: do not report alien mms when setting oom_score_adj + - [x86] ALSA: hda/realtek - Headset microphone and internal speaker + support for System76 oryp5 + - [x86] ALSA: hda/realtek: Disable PC beep in passthrough on alc285 + - KEYS: allow reaching the keys quotas exactly + - [armhf,arm64] backlight: pwm_bl: Fix devicetree parsing with auto- + generated brightness tables + - [armhf] mfd: ti_am335x_tscadc: Use PLATFORM_DEVID_AUTO while registering + mfd cells + - [armhf] mfd: twl-core: Fix section annotations on {,un}protect_pm_master + - [arm64] mfd: qcom_rpm: write fw_version to CTRL_REG + - mfd: axp20x: Add AC power supply cell for AXP813 + - mfd: axp20x: Re-align MFD cell entries + - mfd: axp20x: Add supported cells for AXP803 + - mfd: cros_ec_dev: Add missing mfd_remove_devices() call in remove + probe() + - [armhf] mfd: mc13xxx: Fix a missing check of a register-read failure + - qed: Fix qed_chain_set_prod() for PBL chains with non power of 2 page + count + - qed: Fix qed_ll2_post_rx_buffer_notify_fw() by adding a write memory + barrier + - [arm64] net: hns: Fix use after free identified by SLUB debug + - bpf: Fix [::] -> [::1] rewrite in sys_sendmsg + - selftests/bpf: Test [::] -> [::1] rewrite in sys_sendmsg in + test_sock_addr + - net/mlx4: Get rid of page operation after dma_alloc_coherent + - xprtrdma: Double free in rpcrdma_sendctxs_create() + - selftests: forwarding: Add a test for VLAN deletion + - netfilter: nf_tables: fix leaking object reference count + - scsi: qla4xxx: check return code of qla4xxx_copy_from_fwddb_param + - scsi: isci: initialize shost fully before calling scsi_add_host() + - include/linux/compiler*.h: fix OPTIMIZER_HIDE_VAR + - netfilter: nft_flow_offload: Fix reverse route lookup + - bpf: correctly set initial window on active Fast Open sender + - bpf: fix panic in stack_map_get_build_id() on i386 and arm32 + - netfilter: nft_flow_offload: fix interaction with vrf slave device + - RDMA/mthca: Clear QP objects during their allocation + - [powerpcspe] 8xx: fix setting of pagetable for Abatron BDI debug tool. + - acpi/nfit: Fix race accessing memdev in nfit_get_smbios_id() + - net: stmmac: Fix PCI module removal leak + - net: stmmac: dwxgmac2: Only clear interrupts that are active + - net: stmmac: Check if CBS is supported before configuring + - net: stmmac: Fix the logic of checking if RX Watchdog must be enabled + - net: stmmac: Prevent RX starvation in stmmac_napi_poll() + - scsi: tcmu: avoid cmd/qfull timers updated whenever a new cmd comes + - scsi: ufs: Fix system suspend status + - scsi: qedi: Add ep_state for login completion on un-reachable targets + - scsi: ufs: Fix geometry descriptor size + - scsi: cxgb4i: add wait_for_completion() + - netfilter: nft_flow_offload: fix checking method of conntrack helper + - always clear the X2APIC_ENABLE bit for PV guest + - [armhf, arm64] drm/meson: add missing of_node_put + - drm/amdkfd: Don't assign dGPUs to APU topology devices + - drm/amd/display: fix PME notification not working in RV desktop + - vhost: return EINVAL if iovecs size does not match the message size + - [armhf, arm64] drm/sun4i: backend: add missing of_node_puts + - bpf: don't assume build-id length is always 20 bytes + - bpf: zero out build_id for BPF_STACK_BUILD_ID_IP + - atm: he: fix sign-extension overflow on large shift + - hwmon: (tmp421) Correct the misspelling of the tmp442 compatible + attribute in OF device ID table + - [armhf] leds: lp5523: fix a missing check of return value of lp55xx_read + - bpf: bpf_setsockopt: reset sock dst on SO_MARK changes + - net: bridge: Mark FDB entries that were added by user as such + - net/mlx5e: Fix wrong (zero) TX drop counter indication for representor + - isdn: avm: Fix string plus integer warning from Clang + - batman-adv: fix uninit-value in batadv_interface_tx() + - inet_diag: fix reporting cgroup classid and fallback to priority + - ipv6: propagate genlmsg_reply return code + - net: ena: fix race between link up and device initalization + - net/mlx4_en: Force CHECKSUM_NONE for short ethernet frames + - net/mlx5e: Don't overwrite pedit action when multiple pedit used + - net/packet: fix 4gb buffer limit due to overflow check + - net: sfp: do not probe SFP module before we're attached + - sctp: call gso_reset_checksum when computing checksum in sctp_gso_segment + - sctp: set stream ext to NULL after freeing it in sctp_stream_outq_migrate + - team: avoid complex list operations in team_nl_cmd_options_set() + - Revert "socket: fix struct ifreq size in compat ioctl" + - Revert "kill dev_ifsioc()" + - net: socket: fix SIOCGIFNAME in compat + - net: socket: make bond ioctls go through compat_ifreq_ioctl() + - geneve: should not call rt6_lookup() when ipv6 was disabled + - sit: check if IPv6 enabled before calling ip6_err_gen_icmpv6_unreach() + - net_sched: fix a race condition in tcindex_destroy() (Closes: #921542) + - net_sched: fix a memory leak in cls_tcindex + - net_sched: fix two more memory leaks in cls_tcindex + - net/mlx5e: XDP, fix redirect resources availability check + - RDMA/srp: Rework SCSI device reset handling + - KEYS: user: Align the payload buffer + - KEYS: always initialize keyring_index_key::desc_len + - drm/amdgpu: Set DPM_FLAG_NEVER_SKIP when enabling PM-runtime + - gpu: drm: radeon: Set DPM_FLAG_NEVER_SKIP when enabling PM-runtime + - [x86] drm/i915/fbdev: Actually configure untiled displays + - drm/amd/display: Fix MST reboot/poweroff sequence + - mac80211: allocate tailroom for forwarded mesh packets + - [x86] kvm: Return LA57 feature based on hardware capability + - net: validate untrusted gso packets without csum offload + - net: avoid false positives in untrusted gso validation + - Revert "bridge: do not add port to router list when receives query with + source 0.0.0.0" + - netfilter: nf_tables: fix flush after rule deletion in the same batch + - netfilter: nft_compat: use-after-free when deleting targets + - netfilter: ipv6: Don't preserve original oif for loopback address + - netfilter: nfnetlink_osf: add missing fmatch check + - netfilter: ipt_CLUSTERIP: fix sleep-in-atomic bug in + clusterip_config_entry_put() + - udlfb: handle unplug properly + - [armhf arm64] pinctrl: max77620: Use define directive for + max77620_pinconf_param values + - net: phylink: avoid resolving link state too early + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.27 + - irq/matrix: Split out the CPU selection code into a helper + - irq/matrix: Spread managed interrupts on allocation + - genirq/matrix: Improve target CPU selection for managed interrupts + (Closes: #922182) + - mac80211: Change default tx_sk_pacing_shift to 7 + - scsi: libsas: Fix rphy phy_identifier for PHYs with end devices attached + - [arm64] drm/msm: Unblock writer if reader closes file + - [x86] ASoC: Intel: Haswell/Broadwell: fix setting for .dynamic field + - [armhf] clk: tegra: dfll: Fix a potential Oop in remove() + - [x86] thermal: int340x_thermal: Fix a NULL vs IS_ERR() check + - [arm64, armhf] usb: dwc3: gadget: synchronize_irq dwc irq in suspend + - [arm64, armhf] usb: dwc3: gadget: Fix the uninitialized link_state when + udc starts + - genirq: Make sure the initial affinity is not empty + - [arm64, armel, x86, armhf] ASoC: dapm: change snprintf to scnprintf for + possible overflow + - [x86] drivers: thermal: int340x_thermal: Fix sysfs race condition + - mac80211: fix miscounting of ttl-dropped frames + - sched/wait: Fix rcuwait_wake_up() ordering + - sched/wake_q: Fix wakeup ordering for wake_q + - futex: Fix (possible) missed wakeup + - drm/amd/powerplay: OD setting fix on Vega10 + - [armhf] drm/sun4i: hdmi: Fix usage of TMDS clock + - direct-io: allow direct writes to empty inodes + - writeback: synchronize sync(2) against cgroup writeback membership + switches + - scsi: lpfc: nvme: avoid hang / use-after-free when destroying localport + - scsi: lpfc: nvmet: avoid hang / use-after-free when destroying targetport + - scsi: csiostor: fix NULL pointer dereference in csio_vport_set_state() + - [x86] hv_netvsc: Fix ethtool change hash key error + - [x86] hv_netvsc: Refactor assignments of struct netvsc_device_info + - [x86] hv_netvsc: Fix hash key value reset after other ops + - nvme-rdma: fix timeout handler + - nvme-multipath: drop optimization for static ANA group IDs + - [arm64] drm/msm: Fix A6XX support for opp-level + - net: usb: asix: ax88772_bind return error when hw_reset fail + - net: dev_is_mac_header_xmit() true for ARPHRD_RAWIP + - [powerpc*] ibmveth: Do not process frames after calling napi_reschedule + - mac80211: don't initiate TDLS connection if station is not associated to + AP + - mac80211: Add attribute aligned(2) to struct 'action' + - cfg80211: extend range deviation for DMG + - [x86] svm: Fix AVIC incomplete IPI emulation + - [x86] KVM: nSVM: clear events pending from svm_complete_interrupts() when + exiting to L1 + - [arm64, armhf] mmc: spi: Fix card detection during probe + - mmc: core: Fix NULL ptr crash from mmc_should_fail_request + - [armhf] mmc: sdhci-esdhc-imx: correct the fix of ERR004536 + - mm: enforce min addr even if capable() in expand_downwards() + (CVE-2019-9213) + - hugetlbfs: fix races and page leaks during migration + - [mips*] fix truncation in __cmpxchg_small for short values + - [x86] uaccess: Don't leak the AC flag into __put_user() value evaluation + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.28 + - cpufreq: Use struct kobj_attribute instead of struct global_attr + - staging: erofs: fix mis-acted TAIL merging behavior + - USB: serial: option: add Telit ME910 ECM composition + - USB: serial: cp210x: add ID for Ingenico 3070 + - USB: serial: ftdi_sio: add ID for Hjelmslund Electronics USB485 + - [x86] staging: comedi: ni_660x: fix missing break in switch statement + - [x86, arm64, armhf] staging: android: ashmem: Don't call fallocate() with + ashmem_mutex held. + - [x86, arm64, armhf] staging: android: ashmem: Avoid range_alloc() + allocation with ashmem_mutex held. + - ip6mr: Do not call __IP6_INC_STATS() from preemptible context + - [arm64, armhf] net: dsa: mv88e6xxx: handle unknown duplex modes gracefully + in mv88e6xxx_port_set_duplex + - [arm64, armhf] net: dsa: mv88e6xxx: fix number of internal PHYs for + 88E6x90 family + - net: sched: put back q.qlen into a single location + - net-sysfs: Fix mem leak in netdev_register_kobject + - qmi_wwan: Add support for Quectel EG12/EM12 + - sctp: call iov_iter_revert() after sending ABORT + - sky2: Disable MSI on Dell Inspiron 1545 and Gateway P-79 + - team: Free BPF filter when unregistering netdev + - tipc: fix RDM/DGRAM connect() regression + - bnxt_en: Drop oversize TX packets to prevent errors. + - geneve: correctly handle ipv6.disable module parameter + - [x86] hv_netvsc: Fix IP header checksum for coalesced packets + - ipv4: Add ICMPv6 support when parse route ipproto + - lan743x: Fix TX Stall Issue + - [arm64, armhf] net: dsa: mv88e6xxx: Fix statistics on mv88e6161 + - [arm64, armhf] net: dsa: mv88e6xxx: Fix u64 statistics + - net: netem: fix skb length BUG_ON in __skb_to_sgvec + - net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails + - net: phy: Micrel KSZ8061: link failure after cable connect + - [arm64, armhf] net: phy: phylink: fix uninitialized variable in + phylink_get_mac_state + - net: sit: fix memory leak in sit_init_net() + - net: socket: set sock->sk to NULL after calling proto_ops::release() + - tipc: fix race condition causing hung sendto + - tun: fix blocking read + - [x86, arm64, armhf] xen-netback: don't populate the hash cache on XenBus + disconnect + - [x86, arm64, armhf] xen-netback: fix occasional leak of grant ref mappings + under memory pressure + - tun: remove unnecessary memory barrier + - net: Add __icmp_send helper. + - ipv4: Return error for RTA_VIA attribute + - ipv6: Return error for RTA_VIA attribute + - mpls: Return error for RTA_GATEWAY attribute + - ipv4: Pass original device to ip_rcv_finish_core + - [arm64, armhf] net: dsa: mv88e6xxx: power serdes on/off for 10G interfaces + on 6390X + - [arm64, armhf] net: dsa: mv88e6xxx: prevent interrupt storm caused by + mv88e6390x_port_set_cmode + - net/sched: act_ipt: fix refcount leak when replace fails + - net/sched: act_skbedit: fix refcount leak when replace fails + - net: sched: act_tunnel_key: fix NULL pointer dereference during init + - [x86] CPU/AMD: Set the CPB bit unconditionally on F17h + - [x86] boot/compressed/64: Do not read legacy ROM on EFI system + - tracing: Fix event filters and triggers to handle negative numbers + - usb: xhci: Fix for Enabling USB ROLE SWITCH QUIRK on + INTEL_SUNRISEPOINT_LP_XHCI + - [x86, powerpc*] applicom: Fix potential Spectre v1 vulnerabilities + - [mips*] irq: Allocate accurate order pages for irq stack + - aio: Fix locking in aio_poll() + - xtensa: fix get_wchan + - gnss: sirf: fix premature wakeup interrupt enable + - USB: serial: cp210x: fix GPIO in autosuspend + - Bluetooth: btrtl: Restore old logic to assume firmware is already loaded + - Bluetooth: Fix locking in bt_accept_enqueue() for BH context + - exec: Fix mem leak in kernel_read_file (CVE-2019-8980) + - scsi: core: reset host byte in DID_NEXUS_FAILURE case + - bpf: fix sanitation rewrite in case of non-pointers + + [ Ben Hutchings ] + * [sparc64] udeb: Use standard module list in nic-modules; add i2c-modules + and nic-shared-modules to avoid duplication + * mt76: Use the correct hweight8() function (fixes FTBFS on ia64) + * [armel] udeb: Add mmc-core-modules + * udeb: Make nic-wireless-modules depend on mmc-core-modules, not + mmc-modules; move crc7 to crc-modules to avoid duplication + * [powerpc*] udeb: Add i2c-modules, mmc-core-modules, nic-wireless-modules + * [arm64,armhf] udeb: Add mmc-core-modules to Provides of kernel-image + * udeb: Add fb-modules and include drm and drm_kms_helper on most + architectures + * udeb: Move basic PV modules from {hyperv,virtio}-modules to kernel-image + * udeb: Move drivers from {hyperv,virtio}-modules to + {fb,input,nic,scsi}-modules + * debian/bin/gencontrol.py: Add rules to build debian/build/config.* + * certs: Replace test signing certificate with production signing certificate + * debian/bin/gencontrol_signed.py: Put all files.json fields under "packages" + * Bump ABI to 4 + + [ Wookey ] + * linux-perf: Enable coresight trace (libopencsd) support in perf + (Closes: #895131) + + [ Vagrant Cascadian ] + * [armhf] Add patch from upstream fixing stability issues when cpufreq + is enabled on Orange Pi Plus. + * [armhf] Enable REGULATOR_SY8106A as module. + * [arm64] Add patch working around A64 timer issues. + + [ dann frazier ] + * arm64: lockdown: Move init_lockdown() call after uefi_init() + + [ Salvatore Bonaccorso ] + * Btrfs: fix corruption reading shared and compressed extents after hole + punching (Closes: #922306) + + [ Vagrant Cascadian ] + * [arm64] Add patch from v4.20 to enable device-tree for Pine64-LTS. + + [ Romain Perier ] + * [rt] Update to 4.19.25-rt16: + - Add zram_slot_trylock() to "drivers/block/zram: Replace bit spinlocks + with rtmutex for -rt" + - Refresh "futex: workaround migrate_disable/enable in different context" + - softirq: Avoid "local_softirq_pending" messages if ksoftirqd is blocked + - softirq: Avoid "local_softirq_pending" messages if task is in cpu_chill() + - hrtimer: Don't lose state in cpu_chill() + - hrtimer: cpu_chill(): save task state in ->saved_state() + - [x86] lazy-preempt: properly check against preempt-mask + - [i386] lazy-preempt: use proper return label on 32bit-x86 + * [armel/rpi] Add flavour for Raspberry Pi and Raspberry Pi Zero + * [armel, armhf] Enable CRASH_DUMP + * Enable STRICT_MODULE_RWX + + [ Marcin Juszkiewicz ] + * [arm64] udeb: Use generic ata-modules + * [arm64] udeb: Remove redundant lines from nic-modules + + [ YunQiang Su ] + * [mips r6] Disable JUMP_LABEL for now: it will cause Reserved Instruction. + Enable SERIAL_OF_PLATFORM, if not, userland shows nothing. + Enable CPU_HAS_MSA, HIGHMEM, CRYPTO_CRC32_MIPS, and NR_CPUS to 16. + Support some boston drivers: IMG_ASCII_LCD, I2C_EG20T, PCH_PHUB, MMC, + PCIE_XILINX, RTC_DRV_M41T80, SPI_TOPCLIFF_PCH. + * [mipsel/mips64el] Backport MIPS: Loongson: Introduce and use + loongson_llsc_mb() + + -- Ben Hutchings <ben@decadent.org.uk> Tue, 12 Mar 2019 05:06:28 +0000 + +linux (4.19.20-1) unstable; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.17 + - tty/ldsem: Wake up readers after timed out down_write() + - tty: Hold tty_ldisc_lock() during tty_reopen() + - tty: Simplify tty->count math in tty_reopen() + - tty: Don't hold ldisc lock in tty_reopen() if ldisc present + - can: gw: ensure DLC boundaries after CAN frame modification + (CVE-2019-3701) + - netfilter: nf_conncount: don't skip eviction when age is negative + - netfilter: nf_conncount: split gc in two phases + - netfilter: nf_conncount: restart search when nodes have been erased + (Closes: #921616) + - netfilter: nf_conncount: merge lookup and add functions + - netfilter: nf_conncount: move all list iterations under spinlock + - netfilter: nf_conncount: speculative garbage collection on empty lists + - netfilter: nf_conncount: fix argument order to find_next_bit + - [arm64] mmc: sdhci-msm: Disable CDR function on TX + - Revert "scsi: target: iscsi: cxgbit: fix csk leak" + - scsi: target: iscsi: cxgbit: fix csk leak + - scsi: target: iscsi: cxgbit: fix csk leak + - [arm64] kvm: consistently handle host HCR_EL2 flags + - [arm64] Don't trap host pointer auth use to EL2 + - ipv6: fix kernel-infoleak in ipv6_local_error() + - net: bridge: fix a bug on using a neighbour cache entry without checking + its state + - packet: Do not leak dev refcounts on error exit + - tcp: change txhash on SYN-data timeout + - tun: publish tfile after it's fully initialized + - r8169: don't try to read counters if chip is in a PCI power-save state + - bonding: update nest level on unlink + - ip: on queued skb use skb_header_pointer instead of pskb_may_pull + - r8169: load Realtek PHY driver module before r8169 + - crypto: authencesn - Avoid twice completion call in decrypt path + - crypto: authenc - fix parsing key with misaligned rta_len + - [x86] xen: Fix x86 sched_clock() interface for xen + - Revert "btrfs: balance dirty metadata pages in btrfs_finish_ordered_io" + - btrfs: wait on ordered extents on abort cleanup + - Yama: Check for pid death before checking ancestry + - scsi: core: Synchronize request queue PM status only on successful resume + - [x86] scsi: sd: Fix cache_type_store() + - [mips*] fix n32 compat_ipc_parse_version + - [mips*] BCM47XX: Setup struct device for the SoC + - [mips*] lantiq: Fix IPI interrupt handling + - of: properties: add missing of_node_put + - RDMA/nldev: Don't expose unsafe global rkey to regular user + - [arm64] kaslr: ensure randomized quantities are clean to the PoC + - [arm64] dts: marvell: armada-ap806: reserve PSCI area + - [mips*] Disable MSI also when pcie-octeon.pcie_disable on + - fix int_sqrt64() for very large numbers + - media: vivid: fix error handling of kthread_run + - media: vivid: set min width/height to a value > 0 + - bpf: in __bpf_redirect_no_mac pull mac only if present + - ipv6: make icmp6_send() robust against null skb->dev + - LSM: Check for NULL cred-security on free + - netfilter: ebtables: account ebt_table_info to kmemcg + - block: use rcu_work instead of call_rcu to avoid sleep in softirq + - selinux: fix GPF on invalid policy + - blockdev: Fix livelocks on loop device + - sctp: allocate sctp_sockaddr_entry with kzalloc + - tipc: fix uninit-value in in tipc_conn_rcv_sub + - tipc: fix uninit-value in tipc_nl_compat_link_reset_stats + - tipc: fix uninit-value in tipc_nl_compat_bearer_enable + - tipc: fix uninit-value in tipc_nl_compat_link_set + - tipc: fix uninit-value in tipc_nl_compat_name_table_dump + - tipc: fix uninit-value in tipc_nl_compat_doit + - block/loop: Don't grab "struct file" for vfs_getattr() operation. + - block/loop: Use global lock for ioctl() operation. + - loop: Fold __loop_release into loop_release + - loop: Get rid of loop_index_mutex + - loop: Push lo_ctl_mutex down into individual ioctls + - loop: Split setting of lo_state from loop_clr_fd + - loop: Push loop_ctl_mutex down into loop_clr_fd() + - loop: Push loop_ctl_mutex down to loop_get_status() + - loop: Push loop_ctl_mutex down to loop_set_status() + - loop: Push loop_ctl_mutex down to loop_set_fd() + - loop: Push loop_ctl_mutex down to loop_change_fd() + - loop: Move special partition reread handling in loop_clr_fd() + - loop: Move loop_reread_partitions() out of loop_ctl_mutex + - loop: Fix deadlock when calling blkdev_reread_part() + - loop: Avoid circular locking dependency between loop_ctl_mutex and + bd_mutex + - loop: Get rid of 'nested' acquisition of loop_ctl_mutex + - loop: Fix double mutex_unlock(&loop_ctl_mutex) in loop_control_ioctl() + - loop: drop caches if offset or block_size are changed + - drm/fb-helper: Ignore the value of fb_var_screeninfo.pixclock + - nbd: Use set_blocksize() to set device blocksize + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.18 + - ipv6: Consider sk_bound_dev_if when binding a socket to a v4 mapped + address + - [armhf, arm64 net: dsa: mv88x6xxx: mv88e6390 errata + - net, skbuff: do not prefer skb allocation fails early + - qmi_wwan: add MTU default to qmap network interface + - r8169: Add support for new Realtek Ethernet + - ipv6: Take rcu_read_lock in __inet6_bind for mapped addresses + - net: clear skb->tstamp in bridge forwarding path + - netfilter: ipset: Allow matching on destination MAC address for mac and + ipmac sets + - [arm64] gpio: pl061: Move irq_chip definition inside struct pl061 + - drm/amd/display: Guard against null stream_state in set_crc_source + - [x86] drm/amdkfd: fix interrupt spin lock + - ixgbe: allow IPsec Tx offload in VEPA mode + - [x86] platform: asus-wmi: Tell the EC the OS will handle the display + off hotkey + - e1000e: allow non-monotonic SYSTIM readings + - [x86] usb: typec: tcpm: Do not disconnect link for self powered devices + - of: overlay: add missing of_node_put() after add new node to changeset + - writeback: don't decrement wb->refcnt if !wb->bdi + - serial: set suppress_bind_attrs flag only if builtin + - bpf: Allow narrow loads with offset > 0 + - ALSA: oxfw: add support for APOGEE duet FireWire + - [x86] mce: Fix -Wmissing-prototypes warnings + - [mips] SiByte: Enable swiotlb for SWARM, LittleSur and BigSur + - [arm64] perf: set suppress_bind_attrs flag to true + - drm/atomic-helper: Complete fake_commit->flip_done potentially earlier + - [arm64] clk: meson: meson8b: fix incorrect divider mapping in + cpu_scale_table + - samples: bpf: fix: error handling regarding kprobe_events + - usb: gadget: udc: renesas_usb3: add a safety connection way for + forced_b_device + - fpga: altera-cvp: fix probing for multiple FPGAs on the bus + - selinux: always allow mounting submounts + - ASoC: pcm3168a: Don't disable pcm3168a when CONFIG_PM defined + - scsi: qedi: Check for session online before getting iSCSI TLV data. + - drm/amdgpu: Reorder uvd ring init before uvd resume + - rxe: IB_WR_REG_MR does not capture MR's iova field + - efi/libstub: Disable some warnings for x86{,_64} + - jffs2: Fix use of uninitialized delayed_work, lockdep breakage + - clk: imx: make mux parent strings const + - pstore/ram: Do not treat empty buffers as valid + - media: uvcvideo: Refactor teardown of uvc on USB disconnect + - powerpc/xmon: Fix invocation inside lock region + - powerpc/pseries/cpuidle: Fix preempt warning + - media: firewire: Fix app_info parameter type in avc_ca{,_app}_info + - ASoC: use dma_ops of parent device for acp_audio_dma + - media: venus: core: Set dma maximum segment size + - staging: erofs: fix use-after-free of on-stack `z_erofs_vle_unzip_io' + - net: call sk_dst_reset when set SO_DONTROUTE + - scsi: target: use consistent left-aligned ASCII INQUIRY data + - scsi: target/core: Make sure that target_wait_for_sess_cmds() waits long + enough + - [arm64] kasan: Increase stack size for KASAN_EXTRA + - clk: imx6q: reset exclusive gates on init + - [arm64] Fix minor issues with the dcache_by_line_op macro + - bpf: relax verifier restriction on BPF_MOV | BPF_ALU + - mmc: atmel-mci: do not assume idle after atmci_request_end + - btrfs: volumes: Make sure there is no overlap of dev extents at mount + time + - btrfs: alloc_chunk: fix more DUP stripe size handling + - btrfs: fix use-after-free due to race between replace start and cancel + - btrfs: improve error handling of btrfs_add_link + - tty/serial: do not free trasnmit buffer page under port lock + - perf intel-pt: Fix error with config term "pt=0" + - perf tests ARM: Disable breakpoint tests 32-bit + - perf svghelper: Fix unchecked usage of strncpy() + - perf parse-events: Fix unchecked usage of strncpy() + - perf vendor events intel: Fix Load_Miss_Real_Latency on SKL/SKX + - netfilter: ipt_CLUSTERIP: check MAC address when duplicate config is set + - netfilter: ipt_CLUSTERIP: remove wrong WARN_ON_ONCE in netns exit routine + - netfilter: ipt_CLUSTERIP: fix deadlock in netns exit routine + - [x86] topology: Use total_cpus for max logical packages calculation + - dm crypt: use u64 instead of sector_t to store iv_offset + - dm kcopyd: Fix bug causing workqueue stalls + - perf stat: Avoid segfaults caused by negated options + - tools lib subcmd: Don't add the kernel sources to the include path + - dm snapshot: Fix excessive memory usage and workqueue stalls + - perf cs-etm: Correct packets swapping in cs_etm__flush() + - perf tools: Add missing sigqueue() prototype for systems lacking it + - perf tools: Add missing open_memstream() prototype for systems lacking it + - quota: Lock s_umount in exclusive mode for Q_XQUOTA{ON,OFF} quotactls. + - clocksource/drivers/integrator-ap: Add missing of_node_put() + - dm: Check for device sector overflow if CONFIG_LBDAF is not set + - Bluetooth: btusb: Add support for Intel bluetooth device 8087:0029 + - ALSA: bebob: fix model-id of unit for Apogee Ensemble + - sysfs: Disable lockdep for driver bind/unbind files + - IB/usnic: Fix potential deadlock + - scsi: mpt3sas: fix memory ordering on 64bit writes + - scsi: smartpqi: correct lun reset issues + - ath10k: fix peer stats null pointer dereference + - scsi: smartpqi: call pqi_free_interrupts() in pqi_shutdown() + - scsi: megaraid: fix out-of-bound array accesses + - iomap: don't search past page end in iomap_is_partially_uptodate + - ocfs2: fix panic due to unrecovered local alloc + - mm/page-writeback.c: don't break integrity writeback on ->writepage() + error + - mm/swap: use nr_node_ids for avail_lists in swap_info_struct + - userfaultfd: clear flag if remap event not enabled + - mm, proc: be more verbose about unstable VMA flags in /proc/<pid>/smaps + - iwlwifi: mvm: Send LQ command as async when necessary + - Bluetooth: Fix unnecessary error message for HCI request completion + - ipmi: fix use-after-free of user->release_barrier.rda + - ipmi: msghandler: Fix potential Spectre v1 vulnerabilities + - ipmi: Prevent use-after-free in deliver_response + - ipmi:ssif: Fix handling of multi-part return messages + - ipmi: Don't initialize anything in the core until something uses it + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.19 + - amd-xgbe: Fix mdio access for non-zero ports and clause 45 PHYs + - net: bridge: Fix ethernet header pointer before check skb forwardable + - net: Fix usage of pskb_trim_rcsum + - net: phy: marvell: Errata for mv88e6390 internal PHYs + - net: phy: mdio_bus: add missing device_del() in mdiobus_register() error + handling + - net/sched: act_tunnel_key: fix memory leak in case of action replace + - net_sched: refetch skb protocol for each filter + - openvswitch: Avoid OOB read when parsing flow nlattrs + - vhost: log dirty page correctly + - net: ipv4: Fix memory leak in network namespace dismantle + - net/sched: cls_flower: allocate mask dynamically in fl_change() + - udp: with udp_segment release on error path + - ip6_gre: fix tunnel list corruption for x-netns + - erspan: build the header with the right proto according to erspan_ver + - net: phy: marvell: Fix deadlock from wrong locking + - ip6_gre: update version related info when changing link + - tcp: allow MSG_ZEROCOPY transmission also in CLOSE_WAIT state + - mei: me: mark LBG devices as having dma support + - mei: me: add denverton innovation engine device IDs + - USB: leds: fix regression in usbport led trigger + - USB: serial: simple: add Motorola Tetra TPG2200 device id + - USB: serial: pl2303: add new PID to support PL2303TB + - ceph: clear inode pointer when snap realm gets dropped by its inode + - ASoC: atom: fix a missing check of snd_pcm_lib_malloc_pages + - ASoC: rt5514-spi: Fix potential NULL pointer dereference + - ASoC: tlv320aic32x4: Kernel OOPS while entering DAPM standby mode + - clk: socfpga: stratix10: fix rate calculation for pll clocks + - clk: socfpga: stratix10: fix naming convention for the fixed-clocks + - inotify: Fix fd refcount leak in inotify_add_watch(). + - ALSA: hda/realtek - Fix typo for ALC225 model + - ALSA: hda - Add mute LED support for HP ProBook 470 G5 + - ARCv2: lib: memeset: fix doing prefetchw outside of buffer + - ARC: adjust memblock_reserve of kernel memory + - ARC: perf: map generic branches to correct hardware condition + - s390/mm: always force a load of the primary ASCE on context switch + - s390/early: improve machine detection + - s390/smp: fix CPU hotplug deadlock with CPU rescan + - misc: ibmvsm: Fix potential NULL pointer dereference + - char/mwave: fix potential Spectre v1 vulnerability + - [arm64] mmc: dw_mmc-bluefield: : Fix the license information + - [arm64] mmc: meson-gx: Free irq in release() callback + - staging: rtl8188eu: Add device code for D-Link DWA-121 rev B1 + - tty: Handle problem if line discipline does not have receive_buf + - uart: Fix crash in uart_write and uart_put_char + - tty/n_hdlc: fix __might_sleep warning + - hv_balloon: avoid touching uninitialized struct page during tail onlining + - Drivers: hv: vmbus: Check for ring when getting debug info + - vgacon: unconfuse vc_origin when using soft scrollback + - CIFS: Fix possible hang during async MTU reads and writes + - CIFS: Fix credits calculations for reads with errors + - CIFS: Fix credit calculation for encrypted reads with errors + - CIFS: Do not reconnect TCP session in add_credits() + - smb3: add credits we receive from oplock/break PDUs + - Input: xpad - add support for SteelSeries Stratus Duo + - Input: input_event - provide override for sparc64 + - Input: uinput - fix undefined behavior in uinput_validate_absinfo() + - acpi/nfit: Block function zero DSMs + - acpi/nfit: Fix command-supported detection + - scsi: ufs: Use explicit access size in ufshcd_dump_regs + - dm thin: fix passdown_double_checking_shared_status() + - dm crypt: fix parsing of extended IV arguments + - [x86] drm/amdgpu: Add APTX quirk for Lenovo laptop + - [x86] KVM: Fix single-step debugging + - [x86] KVM: Fix PV IPIs for 32-bit KVM host + - [x86] KVM: WARN_ONCE if sending a PV IPI returns a fatal error + - [x86] kvm: vmx: Use kzalloc for cached_vmcs12 + - [x86] KVM/nVMX: Do not validate that posted_intr_desc_addr is page + aligned + - [x86] pkeys: Properly copy pkey state at fork() + - [x86] selftests/pkeys: Fork() to check for state being preserved + - [x86] kaslr: Fix incorrect i8254 outb() parameters + - [x86] entry/64/compat: Fix stack switching for XEN PV + - [arm64] irqchip/gic-v3-its: Align PCI Multi-MSI allocation on their size + - can: dev: __can_get_echo_skb(): fix bogous check for non-existing skb by + removing it + - can: bcm: check timer values before ktime conversion + - can: flexcan: fix NULL pointer exception during bringup + - vt: make vt_console_print() compatible with the unicode screen buffer + - vt: always call notifier with the console lock held + - vt: invoke notifier on screen size change + - [arm64] drm/meson: Fix atomic mode switching regression + - bpf: improve verifier branch analysis + - bpf: add per-insn complexity limit + - bpf: move {prev_,}insn_idx into verifier env + - bpf: move tmp variable into ax register in interpreter + - bpf: enable access to ax register also from verifier rewrite + - bpf: restrict map value pointer arithmetic for unprivileged + - bpf: restrict stack pointer arithmetic for unprivileged + - bpf: restrict unknown scalars of mixed signed bounds for unprivileged + - bpf: fix check_map_access smin_value test when pointer contains offset + - bpf: prevent out of bounds speculation on pointer arithmetic + (CVE-2019-7308) + - bpf: fix sanitation of alu op with pointer / scalar type from different + paths (CVE-2019-7308) + - bpf: fix inner map masking to prevent oob under speculation + - [s390*] smp: Fix calling smp_call_ipl_cpu() from ipl CPU + - nvmet-rdma: Add unlikely for response allocated check + - nvmet-rdma: fix null dereference under heavy load + - Revert "mm, memory_hotplug: initialize struct pages for the full memory + section" + - usb: dwc3: gadget: Clear req->needs_extra_trb flag on cleanup + - ide: fix a typo in the settings proc file name + - Input: input_event - fix the CONFIG_SPARC64 mixup + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.20 + - Fix "net: ipv4: do not handle duplicate fragments as overlapping" + - ipv6: sr: clear IP6CB(skb) on SRH ip4ip6 encapsulation + - ipvlan, l3mdev: fix broken l3s mode wrt local routes + - l2tp: copy 4 more bytes to linear part if necessary + - l2tp: fix reading optional fields of L2TPv3 + - net: ip_gre: always reports o_key to userspace + - net: ip_gre: use erspan key field for tunnel lookup + - net/mlx4_core: Add masking for a few queries on HCA caps + - netrom: switch to sock timer API + - net/rose: fix NULL ax25_cb kernel panic + - net: set default network namespace in init_dummy_netdev() + - sctp: improve the events for sctp stream reset + - tun: move the call to tun_set_real_num_queues + - vhost: fix OOB in get_rx_bufs() + (CVE-2018-16880) + - net: ip6_gre: always reports o_key to userspace + - sctp: improve the events for sctp stream adding + - net/mlx5e: Allow MAC invalidation while spoofchk is ON + - ip6mr: Fix notifiers call on mroute_clean_tables() + - sctp: set chunk transport correctly when it's a new asoc + - sctp: set flow sport from saddr only when it's 0 + - virtio_net: Don't enable NAPI when interface is down + - virtio_net: Don't call free_old_xmit_skbs for xdp_frames + - virtio_net: Fix not restoring real_num_rx_queues + - virtio_net: Fix out of bounds access of sq + - virtio_net: Don't process redirected XDP frames when XDP is disabled + - virtio_net: Use xdp_return_frame to free xdp_frames on destroying vqs + - virtio_net: Differentiate sk_buff and xdp_frame on freeing + - CIFS: Do not count -ENODATA as failure for query directory + - CIFS: Fix trace command logging for SMB2 reads and writes + - CIFS: Do not consider -ENODATA as stat failure for reads + - fs/dcache: Fix incorrect nr_dentry_unused accounting in + shrink_dcache_sb() + - iommu/vt-d: Fix memory leak in intel_iommu_put_resv_regions() + - NFS: Fix up return value on fatal errors in nfs_page_async_flush() + - [arm64] kaslr: ensure randomized quantities are clean also when kaslr is + off + - [arm64] Do not issue IPIs for user executable ptes + - [arm64] hyp-stub: Forbid kprobing of the hyp-stub + - [arm64] hibernate: Clean the __hyp_text to PoC after resume + - gpiolib: fix line event timestamps for nested irqs + - gpio: pcf857x: Fix interrupts on multiple instances + - gfs2: Revert "Fix loop in gfs2_rbm_find" + - [arm*] mmc: bcm2835: Fix DMA channel leak on probe error + - mmc: mediatek: fix incorrect register setting of hs400_cmd_int_delay + - ALSA: usb-audio: Add Opus #3 to quirks for native DSD support + - ALSA: hda/realtek - Fixed hp_pin no value + - IB/hfi1: Remove overly conservative VM_EXEC flag check + - [x86] platform: asus-nb-wmi: Map 0x35 to KEY_SCREENLOCK + - [x86] platform: asus-nb-wmi: Drop mapping of 0x33 and 0x34 scan codes + - mmc: sdhci-iproc: handle mmc_of_parse() errors during probe + - Btrfs: fix deadlock when allocating tree block during leaf/node split + - btrfs: On error always free subvol_name in btrfs_mount + - kernel/exit.c: release ptraced tasks before zap_pid_ns_processes + - mm/hugetlb.c: teach follow_hugetlb_page() to handle FOLL_NOWAIT + - oom, oom_reaper: do not enqueue same task twice + - mm,memory_hotplug: fix scan_movable_pages() for gigantic hugepages + - mm, oom: fix use-after-free in oom_kill_process + - mm: hwpoison: use do_send_sig_info() instead of force_sig() + - mm: migrate: don't rely on __PageMovable() of newpage after unlocking it + - of: Convert to using %pOFn instead of device_node.name + - of: overlay: add tests to validate kfrees from overlay removal + - of: overlay: add missing of_node_get() in __of_attach_node_sysfs + - of: overlay: use prop add changeset entry for property in new nodes + - of: overlay: do not duplicate properties from overlay for new nodes + - md/raid5: fix 'out of memory' during raid cache recovery + - cifs: Always resolve hostname before reconnecting + + [ Luca Boccassi ] + * Do not generate linux-source-$ver stanza in debian/control if + source is set to disabled in debian/config/defines. + * linux-perf: explicitly disable the jvmti feature and shared library. + * Document pkg.linux.nosource in debian/README.source. + * [amd64] enable UIO_HV_GENERIC for Azure's VMBus access. + * [cloud-amd64] enable UIO for Azure's VMBus access, and VFIO for guests + running on an hypervisor that exposes a vIOMMU. + + [ Ben Hutchings ] + * debian/rules.d, debian/rules.real: Restore build of userland headers for + tools + * debian/rules.d: Delete now-unused recursive makefiles + * debian/rules.d/tools/perf/Makefile: Delete redundant arch/profile checks + * debian/control: Add !pkg.linux.nokernel to qualification for compiler + build-deps + * [i386] debian/control: Fix cross-compiler build-dependency + * debian/README.source: Document how to run kconfigeditor2 + * [armhf,arm64] serial: 8250: Disable SERIAL_8250_DEPRECATED_OPTIONS + * percpu: convert spin_lock_irq to spin_lock_irqsave (fixes boot failure with + alpha-generic flavour) + * debian/tests/python: Fix spurious failure due to misuse of stderr + * Update "Revert "objtool: Fix CONFIG_STACK_VALIDATION=y warning for ..." + to not duplicate the conditional warning/error + * Bump ABI to 3 + * drivers/firmware: Enable FW_CFG_SYSFS as module (Closes: #882208) + * [arm64,armhf,ia64,riscv64,sparc64] udeb: Add usb-serial-modules + (Closes: #903824) + * [powerpc*,sparc64] udeb: Add nic-usb-modules + * [armhf,riscv64,s390x] udeb: Add cdrom-core-modules + * 9p: Enable NET_9P_XEN as module + * ACPI: Enable ACPI_TAD as module + * amd-xgbe: Enable AMD_XGBE_DCB + * ath9k: Enable ATH9K_CHANNEL_CONTEXT + * block: Enable BLK_DEV_ZONED (except armel/marvell) + * bluetooth: Enable BT_HCIUART_RTL; BT_HCIUART_NOKIA, BT_MTKUART as modules + * bnxt: Enable BNXT_DCB + * ethernet: Enable HINIC, ICE, LAN743X, LIQUIDIO_VF as modules + * can: Enable CAN_VXCAN, CAN_MCBA_USB, CAN_UCAN as modules + * dm: Enable DM_UNSTRIPED, DM_WRITECACHE, DM_ZONED as modules + * [arm64,armhf] drm: Enable DRM_PANEL_RASPBERRYPI_TOUCHSCREEN as module + * dvb-usb-v2: Enable DVB_USB_ZD1301 as module + * gnss: Enable GNSS, GNSS_SIRF_SERIAL, GNSS_UBX_SERIAL as modules + * gpio: Enable GPIO_EXAR, GPIO_PCI_IDIO_16, GPIO_PCIE_IDIO_24 as modules + * HID: Enable HID_ACCUTOUCH, HID_COUGAR, HID_ELAN, HID_ITE, HID_JABRA, + HID_MAYFLASH, HID_REDRAGON, HID_RETRODE, HID_STEAM, HID_UDRAW_PS3 as + modules + * [x86] i2c: Enable I2C_DESIGNWARE_BAYTRAIL + * IB: Enable CGROUP_RDMA (except armel/marvell) + * ieee802154: Enable IEEE802154_HWSIM as module + * inet: Enable INET_RAW_DIAG as module + * input: Enable INPUT_AXP20X_PEK as module + * IPMI: Enable IPMI_SSIF as module + * joystick: Enable JOYSTICK_PXRC as module + * media/rc: Enable IR_IMON_DECODER, IR_IMON_RAW as modules + * [x86] mfd: Enable INTEL_SOC_PMIC_BXTWC, INTEL_SOC_PMIC_CHTDC_TI as modules + * mlx5: Enable MLX5_FPGA, MLX5_CORE_IPOIB; MLXFW as module + * net: Enable BPF_STREAM_PARSER, XDP_SOCKETS (except armel/marvell) + (Closes: #908860); NET_FAILOVER, SMC, SMC_DIAG, VSOCKMON as modules + * net/phy: Enable LED_TRIGGER_PHY; CORTINA_PHY, DP83822_PHY, DP83TC811_PHY, + MARVELL_10G_PHY, MICROCHIP_T1_PHY, RENESAS_PHY, ROCKCHIP_PHY as modules + * net/sched: Enable NET_SCH_CBS, NET_SCH_ETF, NET_SCH_SKBPRIO, NET_EMATCH_IPT + as modules + * PCMCIA: Enable SCR24X as module + * [x86] pinctrl: Enable PINCTRL_CANNONLAKE, PINCTRL_CEDARFORK, + PINCTRL_DENVERTON, PINCTRL_GEMINILAKE, PINCTRL_ICELAKE, PINCTRL_LEWISBURG + * [x86] rmi4: Re-enable RMI4_CORE, RMI4_SMB as modules (Closes: #875621); + RMI4_F03, RMI4_F11, RMI4_F12, RMI4_F30, RMI4_F34, RMI4_F55 + * xfrm: Enable XFRM_INTERFACE as module + * PCI: Enable PCI_PF_STUB as module + * ptp: Change PTP_1588_CLOCK_KVM from built-in to module + * random: Enable RANDOM_TRUST_CPU. This can be reverted using the kernel + parameter: random.trust_cpu=off + * SCSI: Enable QEDF, QEDI as modules + * serial: Enable SERIAL_8250_EXAR, USB_SERIAL_F8153X, USB_SERIAL_UPD78F0730 + as modules + * sound: Enable SND_FIREWIRE_MOTU, SND_FIREFACE, SND_XEN_FRONTEND as modules + * [x86] sound: Enable SND_SOC_AMD_CZ_DA7219MX98357_MACH, + SND_SOC_AMD_CZ_RT5645_MACH, SND_SOC_INTEL_CHT_BSW_NAU8824_MACH, + SND_SOC_INTEL_BYT_CHT_DA7213_MACH, SND_SOC_INTEL_KBL_RT5663_MAX98927_MACH, + SND_SOC_INTEL_KBL_RT5663_RT5514_MAX98927_MACH, + SND_SOC_INTEL_KBL_DA7219_MAX98357A_MACH, + SND_SOC_INTEL_GLK_RT5682_MAX98357A_MACH as modules + * thermal: Enable DEVFREQ_THERMAL, THERMAL_STATISTICS + * tpm: Enable TCG_TIS_SPI, TCG_VTPM_PROXY as modules + * usbtouchscreen: Enable TOUCHSCREEN_USB_EASYTOUCH + * watchdog: Enable WATCHDOG_PRETIMEOUT_GOV, WATCHDOG_PRETIMEOUT_GOV_NOOP, + WATCHDOG_PRETIMEOUT_DEFAULT_GOV_NOOP; WATCHDOG_PRETIMEOUT_GOV_PANIC, + WDAT_WDT as modules + * [x86] watchdog: Enable INTEL_MEI_WDT, NI903X_WDT, NIC7018_WDT as modules + * wireless: Enable MT76x0U, MT76x2E, MT76x2U, QTNFMAC_PEARL_PCIE as modules + (Closes: #918331) + * zram: Enable ZRAM_WRITEBACK, ZRAM_MEMORY_TRACKING + * udeb: Add scsi-nic-modules containing Chelsio and Qlogic iSCSI/FC drivers + + [ Marcin Juszkiewicz ] + * [arm64] enable ARM_CCI_PMU so ARM_CCI400_PMU and ARM_CCI5xx_PMU options + get really enabled. + * [arm64] enable PCI_PRI, PCI_PASID as PCI can be behind IOMMU in servers. + * udeb: Add virtio-gpu into d-i to get graphical output in VM instances. + * [arm64] Enable ARM64_ERRATUM_843419 (Closes: #920866) + + [ Salvatore Bonaccorso ] + * [x86] kvmclock: set offset for kvm unstable clock (Closes: #918036) + * kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974) + * [x86] KVM: work around leak of uninitialized stack contents + (CVE-2019-7222) + * [x86] KVM: nVMX: unconditionally cancel preemption timer in free_nested + (CVE-2019-7221) + * HID: debug: fix the ring buffer implementation (CVE-2019-3819) + + [ Hideki Yamane ] + * [x86] Enable Touchpad support on Gemini Lake via CONFIG_PINCTRL_GEMINILAKE + (Closes: #917388) + * [x86] Enable SND_SOC_ES8316 and Baytrail & Cherrytrail with ES8316 codec, + too (Closes: #918589) + * hwmon: Enable CONFIG_SENSORS_NCT7802,NCT7904,NPCM7XX,ASPEED and W83773G + to use HWMON hardware (Closes: #912597) + * net: can: Enable CONFIG_CAN_PEAK_PCIEFD for a PCI express CAN Bus adapter + (Closes: #920809) + * [armhf] Enable CONFIG_SENSORS_LM75 for armhf (Closes: #918114) + * [armhf] Enable CONFIG_IMX_THERMAL for armhf (Closes: #883023) + * [arm64] Enable CONFIG_ARM_ARMADA_37XX_CPUFREQ for arm64 (Closes: #917939) + + [ Vagrant Cascadian ] + * [armhf] Enable CONFIG_MMC_SDHCI_OMAP=m, used on DRA7 and related SoCs. + + [ Uwe Kleine-König ] + * [armel] add spi-orion to mtd.udeb to be able to access spi flash on e.g. + qnap ts-21x. (Closes: #920607) + + -- Ben Hutchings <ben@decadent.org.uk> Mon, 11 Feb 2019 16:55:59 +0000 + +linux (4.19.16-1) unstable; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.14 + - ax25: fix a use-after-free in ax25_fillin_cb() + - gro_cell: add napi_disable in gro_cells_destroy + - ip6mr: Fix potential Spectre v1 vulnerability + - ipv4: Fix potential Spectre v1 vulnerability + - ipv6: explicitly initialize udp6_addr in udp_sock_create6() + - ipv6: tunnels: fix two use-after-free + - ip: validate header length on virtual device xmit + - isdn: fix kernel-infoleak in capi_unlocked_ioctl + - net/wan: fix a double free in x25_asy_open_tty() + - packet: validate address length + - packet: validate address length if non-zero + - ptr_ring: wrap back ->producer in __ptr_ring_swap_queue() + - sctp: initialize sin6_flowinfo for ipv6 addrs in sctp_inet6addr_event + - tipc: compare remote and local protocols in tipc_udp_enable() + - tipc: fix a double free in tipc_enable_bearer() + - tipc: fix a double kfree_skb() + - ipv6: frags: Fix bogus skb->sk in reassembled packets + - ipv6: route: Fix return value of ip6_neigh_lookup() on neigh_create() + error + - ALSA: rme9652: Fix potential Spectre v1 vulnerability + - ALSA: emu10k1: Fix potential Spectre v1 vulnerabilities + - ALSA: pcm: Fix potential Spectre v1 vulnerability + - ALSA: emux: Fix potential Spectre v1 vulnerabilities + - powerpc/fsl: Fix spectre_v2 mitigations reporting + - usb: r8a66597: Fix a possible concurrency use-after-free bug in + r8a66597_endpoint_disable() + - [s390x] s390/pci: fix sleeping in atomic during hotplug + - [x86] x86/speculation/l1tf: Drop the swap storage limit restriction when + l1tf=off + - [x86] x86/mm: Drop usage of __flush_tlb_all() in + kernel_physical_mapping_init() + - [x86] KVM: x86: Use jmp to invoke kvm_spurious_fault() from .fixup + - [arm64] arm64: KVM: Make VHE Stage-2 TLB invalidation operations + non-interruptible + - perf pmu: Suppress potential format-truncation warning + - perf env: Also consider env->arch == NULL as local operation + - ext4: fix possible use after free in ext4_quota_enable + - ext4: missing unlock/put_page() in ext4_try_to_write_inline_data() + - ext4: include terminating u32 in size of xattr entries when expanding + inodes + - ext4: force inode writes when nfsd calls commit_metadata() + - ext4: check for shutdown and r/o file system in ext4_write_inode() + - [armhf,arm64] spi: bcm2835: Fix race on DMA termination + - [armhf,arm64] spi: bcm2835: Fix book-keeping of DMA termination + - [armhf,arm64] spi: bcm2835: Avoid finishing transfer prematurely in IRQ + mode + - btrfs: dev-replace: go back to suspended state if target device is missing + - btrfs: dev-replace: go back to suspend state if another EXCL_OP is running + - btrfs: skip file_extent generation check for free_space_inode in + run_delalloc_nocow + - Btrfs: fix fsync of files with multiple hard links in new directories + - btrfs: run delayed items before dropping the snapshot + - Btrfs: send, fix race with transaction commits that create snapshots + - brcmfmac: Fix out of bounds memory access during fw load + - dax: Don't access a freed inode + - f2fs: read page index before freeing + - f2fs: sanity check of xattr entry size + - media: imx274: fix stack corruption in imx274_read_reg + - media: v4l2-tpg: array index could become negative + - tools lib traceevent: Fix processing of dereferenced args in bprintk + events + - [mips*] MIPS: math-emu: Write-protect delay slot emulation pages + - [mips*] MIPS: Ensure pmd_present() returns false after pmd_mknotpresent() + - [mips*] MIPS: Align kernel load address to 64KB + - [mips*] MIPS: Expand MIPS32 ASIDs to 64 bits + - CIFS: Fix error mapping for SMB2_LOCK command which caused OFD lock + problem + - smb3: fix large reads on encrypted connections + - [arm*] KVM: arm/arm64: vgic: Cap SPIs to the VM-defined maximum + - [arm*] KVM: arm/arm64: vgic-v2: Set active_source to 0 when restoring + state + - [arm*] KVM: arm/arm64: vgic: Fix off-by-one bug in vgic_get_irq() + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.15 + - IB/core: Fix oops in netdev_next_upper_dev_rcu() + - xfrm: Fix NULL pointer dereference in xfrm_input when skb_dst_force + clears the dst_entry. + - ieee802154: hwsim: fix off-by-one in parse nested + - netfilter: seqadj: re-load tcp header pointer after possible head + reallocation + - scsi: bnx2fc: Fix NULL dereference in error handling + - [ppc64el] ibmvnic: Convert reset work item mutex to spin lock + - [ppc64el] ibmvnic: Fix non-atomic memory allocation in IRQ context + - [x86] x86/mm: Fix guard hole handling + - i40e: fix mac filter delete when setting mac address + - ixgbe: Fix race when the VF driver does a reset + - netfilter: nat: can't use dst_hold on noref dst + - bnx2x: Clear fip MAC when fcoe offload support is disabled + - bnx2x: Remove configured vlans as part of unload sequence. + - bnx2x: Send update-svid ramrod with retry/poll flags enabled + - mt76: fix potential NULL pointer dereference in mt76_stop_tx_queues + - [x86] x86, hyperv: remove PCI dependency + - [arm64] net: hns: All ports can not work when insmod hns ko after rmmod. + - [arm64] net: hns: Fixed bug that netdev was opened twice + - [arm64] net: hns: Clean rx fbd when ae stopped. + - [arm64] net: hns: Avoid net reset caused by pause frames storm + - [arm64] net: hns: Add mac pcs config when enable|disable mac + - [arm64] net: hns: Fix ping failed when use net bridge and send multicast + - mac80211: fix a kernel panic when TXing after TXQ teardown + - [arm64,riscv64] net: macb: fix random memory corruption on RX with + 64-bit DMA + - [arm64.risvv64] net: macb: fix dropped RX frames due to a race + - lan78xx: Resolve issue with changing MAC address + - [s390x] scsi: zfcp: fix posting too many status read buffers leading to + adapter shutdown + - fork: record start_time late + - zram: fix double free backing device + - hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined + - mm, devm_memremap_pages: kill mapping "System RAM" support + - memcg, oom: notify on oom killer invocation from the charge path + - mt76x0: init hw capabilities + - [amd64] media: cx23885: only reset DMA on problematic CPUs + - ALSA: cs46xx: Potential NULL dereference in probe + - ALSA: usb-audio: Avoid access before bLength check in + build_audio_procunit() + - ALSA: usb-audio: Check mixer unit descriptors more strictly + - ALSA: usb-audio: Fix an out-of-bound read in create_composite_quirks + - ALSA: usb-audio: Always check descriptor sizes in parser code + - Fix failure path in alloc_pid() + - block: deactivate blk_stat timer in wbt_disable_default() + - gfs2: Get rid of potential double-freeing in gfs2_create_inode + - gfs2: Fix loop in gfs2_rbm_find + - b43: Fix error in cordic routine + - nfsd4: zero-length WRITE should succeed + - [ppc*] powerpc/tm: Set MSR[TS] just prior to recheckpoint + - RDMA/srpt: Fix a use-after-free in the channel release code + - sched/fair: Fix infinite loop in update_blocked_averages() by reverting + a9e7f6544b9c + - [s390x] genwqe: Fix size check + - [x86] intel_th: msu: Fix an off-by-one in attribute store + - [armhf,arm64] drm/rockchip: psr: do not dereference encoder before it is + null checked. + - bnx2x: Fix NULL pointer dereference in bnx2x_del_all_vlans() on some hw + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.16 + - Btrfs: fix deadlock when using free space tree due to block group + creation + - staging: rtl8188eu: Fix module loading from tasklet for CCMP encryption + - staging: rtl8188eu: Fix module loading from tasklet for WEP encryption + - cpufreq: scmi: Fix frequency invariance in slow path + - [x86] modpost: Replace last remnants of RETPOLINE with CONFIG_RETPOLINE + - ALSA: hda/realtek - Support Dell headset mode for New AIO platform + - ALSA: hda/realtek - Add unplug function into unplug state of Headset Mode + for ALC225 + - ALSA: hda/realtek - Disable headset Mic VREF for headset mode of ALC225 + - CIFS: Fix adjustment of credits for MTU requests + - CIFS: Do not set credits to 1 if the server didn't grant anything + - CIFS: Do not hide EINTR after sending network packets + - CIFS: Fix credit computation for compounded requests + - cifs: Fix potential OOB access of lock element array + - usb: cdc-acm: send ZLP for Telit 3G Intel based modems + - USB: storage: don't insert sane sense for SPC3+ when bad sense specified + - USB: storage: add quirk for SMI SM3350 + - USB: Add USB_QUIRK_DELAY_CTRL_MSG quirk for Corsair K70 RGB + - slab: alien caches must not be initialized if the allocation of the alien + cache failed + - mm/usercopy.c: no check page span for stack objects + - mm, memcg: fix reclaim deadlock with writeback + - ACPI: power: Skip duplicate power resource references in _PRx + - ACPI / PMIC: xpower: Fix TS-pin current-source handling + - ACPI/IORT: Fix rc_dma_get_range() + - i2c: dev: prevent adapter retries and timeout being set as minus value + - vfio/type1: Fix unmap overflow off-by-one + - drm/amdgpu: Add new VegaM pci id + - PCI: dwc: Use interrupt masking instead of disabling + - PCI: dwc: Take lock when ACKing an interrupt + - PCI: dwc: Move interrupt acking into the proper callback + - drm/amd/display: Fix MST dp_blank REG_WAIT timeout + - drm/fb_helper: Allow leaking fbdev smem_start + - drm/fb-helper: Partially bring back workaround for bugs of SDL 1.2 + - [x86] drm/i915: Unwind failure on pinning the gen7 ppgtt + - drm/amdgpu: Don't ignore rc from drm_dp_mst_topology_mgr_resume() + - drm/amdgpu: Don't fail resume process if resuming atomic state fails + - rbd: don't return 0 on unmap if RBD_DEV_FLAG_REMOVING is set + - ext4: make sure enough credits are reserved for dioread_nolock writes + - ext4: fix a potential fiemap/page fault deadlock w/ inline_data + - ext4: avoid kernel warning when writing the superblock to a dead device + - ext4: use ext4_write_inode() when fsyncing w/o a journal + - ext4: track writeback errors using the generic tracking infrastructure + - ext4: fix special inode number checks in __ext4_iget() + - mm: page_mapped: don't assume compound page is huge or THP + - sunrpc: use-after-free in svc_process_common() + - [armhf,arm64] KVM: Fix VMID alloc race by reverting to lock-less + - [arm64] compat: Don't pull syscall number from regs in arm_compat_syscall + - Btrfs: fix access to available allocation bits when starting balance + - Btrfs: fix deadlock when enabling quotas due to concurrent snapshot + creation + - Btrfs: use nofs context when initializing security xattrs to avoid + deadlock + + [ John Paul Adrian Glaubitz ] + * [m68k] Add patch to build with -ffreestanding to fix FTBFS + + [ Ben Hutchings ] + * [ia64,m68k] libbpf: Really don't build on architectures without perf events + * Use dh_listpackages to determine which packages to build + * Add pkg.linux.nokernel build profile that excludes kernel image and header + packages + + [ Yves-Alexis Perez ] + * Bump ABI to 2 because of changes in struct sock_common from 60f05dddf1eb + * [rt] Update to 4.19.15-rt12 + - rtmutex/rwlock: preserve state like a sleeping lock + + [ Salvatore Bonaccorso ] + * ipv6: Consider sk_bound_dev_if when binding a socket to an address + (Closes: #918103) + * posix-cpu-timers: Unbreak timer rearming (Closes: #919019, #919049) + + [ Michal Simek ] + * [arm64] Enable Xilinx ZynqMP SoC and drivers + + [ YunQiang Su ] + * [mipsel, mips64el] Enable DRM_AST and FB_SM750 for loongson-3 + install ast and sm750fb to loongson-3's fb-modules + + [ Romain Perier ] + * [rt] Update to 4.19.13-rt10 + + [ Luigi Baldoni ] + * [x86] Enable LEDS_APU to support leds on PC Engines + APU SBC series + + -- Ben Hutchings <ben@decadent.org.uk> Thu, 17 Jan 2019 18:56:17 +0000 + +linux (4.19.13-1) unstable; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.13 + - Revert "vfs: Allow userns root to call mknod on owned filesystems." + - USB: hso: Fix OOB memory access in hso_probe/hso_get_config_data + (CVE-2018-19985) + - xhci: Don't prevent USB2 bus suspend in state check intended for USB3 + only + - USB: xhci: fix 'broken_suspend' placement in struct xchi_hcd + - USB: serial: option: add GosunCn ZTE WeLink ME3630 + - USB: serial: option: add HP lt4132 + - USB: serial: option: add Simcom SIM7500/SIM7600 (MBIM mode) + - USB: serial: option: add Fibocom NL668 series + - USB: serial: option: add Telit LN940 series + - ubifs: Handle re-linking of inodes correctly while recovery + - scsi: t10-pi: Return correct ref tag when queue has no integrity profile + - scsi: sd: use mempool for discard special page + - mmc: core: Reset HPI enabled state during re-init and in case of errors + - mmc: core: Allow BKOPS and CACHE ctrl even if no HPI support + - mmc: core: Use a minimum 1600ms timeout when enabling CACHE ctrl + - [armhf] mmc: omap_hsmmc: fix DMA API warning + - gpiolib-acpi: Only defer request_irq for GpioInt ACPI event handlers + - posix-timers: Fix division by zero bug + - [x86] KVM: Fix NULL deref in vcpu_scan_ioapic + - [x86] kvm: Add AMD's EX_CFG to the list of ignored MSRs + - [x86] KVM: Fix UAF in nested posted interrupt processing + - [x86] Drivers: hv: vmbus: Return -EINVAL for the sys files for unopened + channels + - futex: Cure exit race + - [x86] mtrr: Don't copy uninitialized gentry fields back to userspace + - [x86] mm: Fix decoy address handling vs 32-bit builds (Closes: #917569) + - [x86] vdso: Pass --eh-frame-hdr to the linker + - panic: avoid deadlocks in re-entrant console drivers + - mm: add mm_pxd_folded checks to pgtable_bytes accounting functions + - mm: make the __PAGETABLE_PxD_FOLDED defines non-empty + - mm: introduce mm_[p4d|pud|pmd]_folded + - xfrm_user: fix freeing of xfrm states on acquire + - rtlwifi: Fix leak of skb when processing C2H_BT_INFO + - iwlwifi: mvm: don't send GEO_TX_POWER_LIMIT to old firmwares + - Revert "mwifiex: restructure rx_reorder_tbl_lock usage" + - iwlwifi: add new cards for 9560, 9462, 9461 and killer series + - mm, memory_hotplug: initialize struct pages for the full memory section + - mm: thp: fix flags for pmd migration when split + - mm, page_alloc: fix has_unmovable_pages for HugePages + - mm: don't miss the last page because of round-off error + - Input: elantech - disable elan-i2c for P52 and P72 + - proc/sysctl: don't return ENOMEM on lookup when a table is unregistering + - drm/ioctl: Fix Spectre v1 vulnerabilities + + [ Uwe Kleine-König ] + * [armhf] enable some kconfig items for Allwinner SoCs (SUNXI_CCU=y, + SUN8I_DE2_CCU=y, DRM_SUN8I_DW_HDMI=m, SND_SUN8I_CODEC=m, + SND_SUN8I_CODEC_ANALOG=m). (Closes: #915899) + + [ Ben Hutchings ] + * linux-image-*-unsigned: Remove Provides field (Closes: #916927) + * [ia64,m68k] libbpf: Don't build on architectures without performance events + * [riscv64] tools uapi: fix RISC-V 64-bit support + * [powerpc,powerpcspe,ppc64] linux-config: Eliminate config.*_bootwrapper.gz + files + * [powerpcspe] Fix -mcpu= options for SPE-only compiler + * debian/lib/python/debian_linux/debian.py: Fix deprecated import of + MutableSet + * Fix pycodestyle "line break after binary operator" warnings + * Fix pycodestyle "inalid escape sequence" warnings + + [ Romain Perier ] + * [rt] Update to 4.19.10-rt8 + + -- Salvatore Bonaccorso <carnil@debian.org> Sun, 30 Dec 2018 10:04:03 +0100 + +linux (4.19.12-1) unstable; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.10 + - ipv4: ipv6: netfilter: Adjust the frag mem limit when truesize changes + - ipv6: Check available headroom in ip6_xmit() even without options + - ipv6: sr: properly initialize flowi6 prior passing to ip6_route_output + - [arm64, hppa, powerpc, x86, alpha, armhf, mips*] net: 8139cp: fix a BUG + triggered by changing mtu with network traffic + - net: phy: don't allow __set_phy_supported to add unsupported modes + - net: Prevent invalid access to skb->prev in __qdisc_drop_all + - net: use skb_list_del_init() to remove from RX sublists + - Revert "net/ibm/emac: wrong bit is used for STA control" + - rtnetlink: ndo_dflt_fdb_dump() only work for ARPHRD_ETHER devices + - sctp: kfree_rcu asoc + - tcp: Do not underestimate rwnd_limited + - tcp: fix NULL ref in tail loss probe + - tun: forbid iface creation with rtnl ops + - virtio-net: keep vnet header zeroed after processing XDP + - net: phy: sfp: correct store of detected link modes + - sctp: update frag_point when stream_interleave is set + - net: restore call to netdev_queue_numa_node_write when resetting XPS + - net: fix XPS static_key accounting + - [armhf] OMAP2+: prm44xx: Fix section annotation on + omap44xx_prm_enable_io_wakeup + - [arm64, x86] staging: rtl8723bs: Fix the return value in case of error in + 'rtw_wx_read32()' + - [armhf] dts: am3517: Fix pinmuxing for CD on MMC1 + - [armhf] dts: LogicPD Torpedo: Fix mmc3_dat1 interrupt + - [armhf] dts: logicpd-somlv: Fix interrupt on mmc3_dat1 + - [armhf] dts: am3517-som: Fix WL127x Wifi interrupt + - tools: bpftool: prevent infinite loop in get_fdinfo() + - [arm64] dts: sdm845-mtp: Reserve reserved gpios + - sysv: return 'err' instead of 0 in __sysv_write_inode + - netfilter: nf_tables: don't skip inactive chains during update + - perf tools: Fix crash on synthesizing the unit + - netfilter: xt_RATEEST: remove netns exit routine + - netfilter: nf_tables: fix use-after-free when deleting compat expressions + - [armhf] ASoC: rockchip: add missing slave_config setting for I2S + - s390/cpum_cf: Reject request for sampling in event initialization + - [arm64, armel, x86, armhf] ASoC: dapm: Recalculate audio map forcely when + card instantiated + - [armhf] spi: omap2-mcspi: Add missing suspend and resume calls + - bpf: allocate local storage buffers using GFP_ATOMIC + - aio: fix failure to put the file pointer + - netfilter: xt_hashlimit: fix a possible memory leak in htable_create() + - hwmon: (w83795) temp4_type has writable permission + - perf tools: Restore proper cwd on return from mnt namespace + - [armhf] PCI: imx6: Fix link training status detection in link up check + - objtool: Fix double-free in .cold detection error path + - objtool: Fix segfault in .cold detection with -ffunction-sections + - [arm64] phy: qcom-qusb2: Use HSTX_TRIM fused value as is + - [arm64] phy: qcom-qusb2: Fix HSTX_TRIM tuning with fused value for SDM845 + - Btrfs: send, fix infinite loop due to directory rename dependencies + - RDMA/mlx5: Fix fence type for IB_WR_LOCAL_INV WR + - RDMA/core: Add GIDs while changing MAC addr only for registered ndev + - RDMA/rdmavt: Fix rvt_create_ah function signature + - tools: bpftool: fix potential NULL pointer dereference in do_load + - ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf + - [x86] thunderbolt: Prevent root port runtime suspend during NVM upgrade + - [arm64] drm/meson: add support for 1080p25 mode + - netfilter: ipv6: Preserve link scope traffic original oif + - IB/mlx5: Fix page fault handling for MW + - netfilter: add missing error handling code for register functions + - [x86] KVM: VMX: Update shared MSRs to be saved/restored on MSR_EFER.LMA + changes + - [x86] kvm/vmx: fix old-style function declaration + - [arm64] net: thunderx: fix NULL pointer dereference in nic_remove + - netfilter: nf_tables: deactivate expressions in rule replecement routine + - ALSA: usb-audio: Add vendor and product name for Dell WD19 Dock + - cachefiles: Fix an assertion failure when trying to update a failed object + - fscache: Fix race in fscache_op_complete() due to split atomic_sub & read + - cachefiles: Fix page leak in cachefiles_read_backing_file while vmscan is + active + - igb: fix uninitialized variables + - ixgbe: recognize 1000BaseLX SFP modules as 1Gbps + - [arm64] net: hisilicon: remove unexpected free_netdev + - drm/amdgpu: Add delay after enable RLC ucode + - [arm64, powerpc, x86] drm/ast: fixed reading monitor EDID not stable issue + - Revert "xen/balloon: Mark unallocated host memory as UNUSABLE" + - afs: Fix validation/callback interaction + - fscache: fix race between enablement and dropping of object + - cachefiles: Explicitly cast enumerated type in put_object + - fscache, cachefiles: remove redundant variable 'cache' + - nvme: warn when finding multi-port subsystems without multipathing enabled + - ocfs2: fix deadlock caused by ocfs2_defrag_extent() + - mm/page_alloc.c: fix calculation of pgdat->nr_zones + - hfs: do not free node before using + - hfsplus: do not free node before using + - initramfs: clean old path before creating a hardlink + - ocfs2: fix potential use after free + - dax: Check page->mapping isn't NULL + - ALSA: hda/realtek - Fixed headphone issue for ALC700 + - ALSA: hda/realtek: ALC294 mic and headset-mode fixups for ASUS X542UN + - ALSA: hda/realtek: Enable audio jacks of ASUS UX533FD with ALC294 + - ALSA: hda/realtek: Enable audio jacks of ASUS UX433FN/UX333FA with ALC294 + - ALSA: hda/realtek - Fix the mute LED regresion on Lenovo X1 Carbon + - IB/hfi1: Fix an out-of-bounds access in get_hw_stats + - bpf: fix off-by-one error in adjust_subprog_starts + - tcp: lack of available data can also cause TSO defer + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.11 + - sched/pelt: Fix warning and clean up IRQ PELT config + - scsi: raid_attrs: fix unused variable warning + - [i386] staging: olpc_dcon: add a missing dependency + - [arm64] dts: qcom-apq8064-arrow-sd-600eval fix graph_endpoint warning + - [arm64] drm/msm: fix address space warning + - aio: fix spectre gadget in lookup_ioctx + - fs/iomap.c: get/put the page in iomap_page_create/release() + - userfaultfd: check VM_MAYWRITE was set after verifying the uffd is + registered + - [arm64] dma-mapping: Fix FORCE_CONTIGUOUS buffer clearing + - block/bio: Do not zero user pages + - ovl: fix decode of dir file handle with multi lower layers + - ovl: fix missing override creds in link of a metacopy upper + - [armhf] MMC: OMAP: fix broken MMC on OMAP15XX/OMAP5910/OMAP310 + - mmc: core: use mrq->sbc when sending CMD23 for RPMB + - mmc: sdhci: fix the timeout check window for clock and reset + - fuse: continue to send FUSE_RELEASEDIR when FUSE_OPEN returns ENOSYS + - [arm] mmp/mmp2: fix cpu_is_mmp2() on mmp2-dt + - [arm] dts: bcm2837: Fix polarity of wifi reset GPIOs (Closes: #911443) + - dm thin: send event about thin-pool state change _after_ making it + - dm cache metadata: verify cache has blocks in + blocks_are_clean_separate_dirty() + - dm: call blk_queue_split() to impose device limits on bios + - tracing: Fix memory leak of instance function hash filters + - [powerpc*] msi: Fix NULL pointer access in teardown code + - drm/nouveau/kms: Fix memory leak in nv50_mstm_del() + - drm/nouveau/kms/nv50-: also flush fb writes when rewinding push buffer + - Revert "drm/rockchip: Allow driver to be shutdown on reboot/kexec" + - [x86] drm/i915/execlists: Apply a full mb before execution for Braswell + - [amd64] drm/amdkfd: add new vega10 pci ids + - drm/amdgpu: add some additional vega10 pci ids + - drm/amdgpu: update smu firmware images for VI variants (v2) + - drm/amdgpu: update SMC firmware image for polaris10 variants + - [x86] build: Fix compiler support check for CONFIG_RETPOLINE + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.12 + - locking/qspinlock: Re-order code + - [x86] locking/qspinlock, x86: Provide liveness guarantee + - [amd64] IB/hfi1: Remove race conditions in user_sdma send path + - mac80211_hwsim: fix module init error paths for netlink + - [x86] Input: hyper-v - fix wakeup from suspend-to-idle + - scsi: libiscsi: Fix NULL pointer dereference in iscsi_eh_session_reset + - [x86] scsi: vmw_pscsi: Rearrange code to avoid multiple calls to + free_irq during unload + - [x86] earlyprintk/efi: Fix infinite loop on some screen widths + - [arm64] drm/msm: Fix task dump in gpu recovery + - [arm64] drm/msm/gpu: Fix a couple memory leaks in debugfs + - [arm64] drm/msm: fix handling of cmdstream offset + - [arm64] drm/msm/dsi: configure VCO rate for 10nm PLL driver + - [arm64] drm/msm: Grab a vblank reference when waiting for commit_done + - drm/ttm: fix LRU handling in ttm_buffer_object_transfer + - drm/amdgpu: wait for IB test on first device open + - [arm64,armhf] net: stmmac: Move debugfs init/exit to + ->probe()/->remove() + - [amd64] net: aquantia: fix rx checksum offload bits + - bonding: fix 802.3ad state sent to partner when unbinding slave + - liquidio: read sc->iq_no before release sc + - nfs: don't dirty kernel pages read by direct-io + - SUNRPC: Fix a potential race in xprt_connect() + - [sparc64] sbus: char: add of_node_put() + - [sparc64] drivers/sbus/char: add of_node_put() + - [sparc64] drivers/tty: add missing of_node_put() + - [arm64] drm/msm/hdmi: Enable HPD after HDMI IRQ is set up + - [amr64] drm/msm: dpu: Don't set legacy plane->crtc pointer + - [arm64] drm/msm: dpu: Fix "WARNING: invalid free of devm_ allocated + data" + - [arm64] drm/msm: Fix error return checking + - [arm64] clk: mvebu: Off by one bugs in cp110_of_clk_get() + - Input: synaptics - enable SMBus for HP 15-ay000 + - [armhf] Input: omap-keypad - fix keyboard debounce configuration + - libata: whitelist all SAMSUNG MZ7KM* solid-state disks + - macvlan: return correct error value + - [arm64,armhf] mv88e6060: disable hardware level MAC learning + - net/mlx4_en: Fix build break when CONFIG_INET is off + - bpf: check pending signals while verifying programs + - [arm*] 8814/1: mm: improve/fix ARM v7_dma_inv_range() unaligned address + handling + - [arm*] 8815/1: V7M: align v7m_dma_inv_range() with v7 counterpart + - [arm*] 8816/1: dma-mapping: fix potential uninitialized return + - [arm64,armhf] thermal: armada: fix legacy validity test sense + - [arm64,armhf] net: mvpp2: fix detection of 10G SFP modules + - [arm64,armhf] net: mvpp2: fix phylink handling of invalid PHY modes + - drm/amdgpu/vcn: Update vcn.cur_state during suspend + - [amd64,arm64] acpi/nfit: Fix user-initiated ARS to be "ARS-long" rather + than "ARS-short" + - drm/ast: Fix connector leak during driver unload + - cifs: In Kconfig CONFIG_CIFS_POSIX needs depends on legacy (insecure + cifs) + - vhost/vsock: fix reset orphans race with close timeout + - [x86] i2c: scmi: Fix probe error on devices with an empty SMB0001 ACPI + device node + - nvme: validate controller state before rescheduling keep alive + - nvmet-rdma: fix response use after free + - Btrfs: fix missing delayed iputs on unmount + + [ Uwe Kleine-König ] + * [arm] Fix probing of 3rd gpio device on Armada 370. + + [ Ben Hutchings ] + * linux-perf: Fix build-time check for unversioned files + * linux-perf: Fix installation directories for BPF headers and examples + (Closes: #916774) + + [ Noah Meyerhans ] + * drivers/net/ethernet/amazon: Backport v2.0.2 from Linux 4.20 + + [ Bastian Blank ] + * Ignore various ABI changes. + + [ Salvatore Bonaccorso ] + * iomap: Revert "fs/iomap.c: get/put the page in + iomap_page_create/release()" + + -- Salvatore Bonaccorso <carnil@debian.org> Sat, 22 Dec 2018 09:06:45 +0100 + +linux (4.19.9-1) unstable; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.6 + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.7 + - [x86] KVM: LAPIC: Fix pv ipis use-before-initialization (CVE-2018-19406) + - mm: cleancache: fix corruption on missed inode invalidation + (CVE-2018-16862) + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.8 + - blk-mq: fix corruption with direct issue (Closes: #915666) + - userfaultfd: use ENOENT instead of EFAULT if the atomic copy user fails + (CVE-2018-18397) + - userfaultfd: shmem: allocate anonymous memory for MAP_PRIVATE shmem + (CVE-2018-18397) + - userfaultfd: shmem: add i_size checks (CVE-2018-18397) + - userfaultfd: shmem: UFFDIO_COPY: set the page dirty if VM_WRITE is not + set (CVE-2018-18397) + - blk-mq: punt failed direct issue to dispatch list + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.9 + - ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in + card.c (CVE-2018-19824) + - vhost/vsock: fix use-after-free in network stack callers + (CVE-2018-14625) + + [ Marcin Juszkiewicz ] + * [arm64] Enable ACPI IMPI + * [arm64] Enable IPMI watchdog and power off support + * [arm64] Enable PCI Express hotplug + * [arm64] Enable PMU for several server cpus + * [arm64] Enable HiSilicon LPC for serial/ipmi access + + [ Romain Perier ] + * [x86] Enable support for error detection and correction on the Intel + Pondicherry2 Integrated Memory Controller (Closes: #914946) + * [rt] Update to 4.19.8-rt6 + + [ Uwe Kleine-König ] + * Enable usb support for ATH10K (Closes: #915083) + + [ Luca Boccassi ] + * debian/rules.real: Split the rules so that the [un]versioned_tools + knobs can be used to avoid building them. Fixes FTBFS with unversioned + tools disabled. + * perf: do not ship python2-only call-graph-from-sql script. + * Override Lintian warning dbg-package-missing-depends in source too. + + [ Ben Hutchings ] + * debian/rules.real: Mark most targets as phony + * debian/rules: Mark more targets as phony + * libcpupower: Hide private function and drop it from .symbols file + * integrity: Disable INTEGRITY_TRUSTED_KEYRING (Closes: #865277) + + [ Vagrant Cascadian ] + * debian/config/config: Enable Z3FOLD as a module. + + [ Salvatore Bonaccorso ] + * Set ABI to 1 + + [ Nicolas Schier ] + * ovl: permit overlayfs mounts in user namespaces (Closes: #913880) + + [ Hilko Bengen ] + * Add patches to build libbpf.so with SONAME, link against libelf + * Add versioned libbpf, libbpf-dev package (Closes: #914428) + + [ Hans van Kranenburg ] + * [x86] Add patch to repair booting as Xen dom0 (Closes: #914951) + * [x86] Add patches to support booting a Xen PVH guest via Grub2 + + [ Christoph Anton Mitterer ] + * crypto: Enable MORUS and AEGIS AEAD ciphers (Closes: #914136) + * [amd64]: Enable AES-NI/SSE2/AVX2 optimised implementations of the MORUS + and AEGIS AEAD ciphers + + [ Bastian Blank ] + * Enable NFT_CONNLIMIT, NFT_TUNNEL, NFT_SOCKET, NFT_OSF, NFT_TPROXY, + IP_VS_MH. + * Enable netfilter flow table support. + * [x86] Enable DRM_XEN_FRONTEND. + * Enable EFI_BOOTLOADER_CONTROL, EFI_CAPSULE_LOADER. + + -- Bastian Blank <waldi@debian.org> Sun, 16 Dec 2018 19:45:54 +0100 + +linux (4.19.5-1~exp1) experimental; urgency=medium + + * New upstream release: https://kernelnewbies.org/Linux_4.19 + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.1 + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.2 + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.3 + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.4 + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.5 + + [ Ben Hutchings ] + * linux-perf: Enable verbose output for build-time feature detection + * udeb: Define mtd-core-modules package to contain MTD core if not built-in + * udeb: Move MTD core from nic-modules to mtd-core-modules + * debian/changelog: Move older entries to changelog.old + * debian/rules: Checksum only the source name and version from + debian/changelog + * Move generation of CONFIG_BUILD_SALT to gencontrol.py + * [x86] hyperv-daemons: Make all services conditional on device existence + * debian/rules.real: Fix build failure with pkg.linux.nosource profile + * debian/source/options: Delete redundant compression setting; satisfy + lintian + * Documentation/media: uapi: Explicitly say there are no Invariant Sections + (Closes: #698668) + + [ Karsten Merker ] + * [riscv64] Build a kernel image and udebs for riscv64 (Closes: #908161) + + [ Uwe Kleine-König ] + * [armhf,arm64] enable SND_BCM2835 as a module (Closes: #911121) + * Enable Orange filesystem (Closes: #911743) + * [arm64] Enable hns3 network driver as a module. (Closes: #914422) + + [ Noah Meyerhans ] + * [cloud-amd64] Enable Amazon ENA ethernet driver (Closes: #910049) + + [ Romain Perier ] + * [rt] Update to 4.19.1-rt3 + * [rt] Update patch arm-disable-NEON-in-kernel-mode.patch, so it can be + applied onto 4.19.2 + * [rt] Update patch + irq-allow-disabling-of-softirq-processing-in-irq-thread-context.patch, so + it can be applied onto 4.19.2 + * [amd64] Enable AMD pinctrl driver (Closes: #908954) + * Enable Diffie-Hellman operations on retained keys (Closes: #911998) + * Update patch features/all/lockdown/enable-cold-boot-attack-mitigation.patch, + so it can be applied onto 4.19.2 + * [x86] Enable DisplayPort CEC-Tunneling-over-AUX HDMI support + (Closes: #913199) + + -- Bastian Blank <waldi@debian.org> Tue, 27 Nov 2018 20:06:42 +0100 + +linux (4.19~rc7-1~exp1) experimental; urgency=medium + + * New upstream release candidate + + [ Uwe Kleine-König ] + * [armhf] enable MVNETA_BM_ENABLE and CAN_FLEXCAN as a module + * enable NET_SCH_CAKE as a module (Closes: #908709) + * enable HID_NTI as a module (Closes: #910260) + + [ Ben Hutchings ] + * linux-kbuild: Include scripts/subarch.include (Closes: #910348) + + -- Ben Hutchings <ben@decadent.org.uk> Sun, 07 Oct 2018 23:48:27 +0100 + +linux (4.19~rc6-1~exp1) experimental; urgency=medium + + * New upstream release candidate + + [ Ben Hutchings ] + * [ppc64el] udeb: Fix relative #include filenames in kernel-image module + list (really fixes FTBFS?) + * debian/bin, debian/lib/python: Fix most errors reported by pycodestyle + * debian/bin, debian/rules.real: Add symlink to Python package directory + instead of editing path + * debian/bin, debian/lib/python: Clean up imports based on pyflakes report + * debian/bin, debian/lib/python: Delete write-only vars reported by pyflakes + * debian/lib/python/debian_linux/gencontrol.py: Delete broken methods + * debian/lib/python/debian_linux/config.py: Fix undefined exception type + * Add Python static checks and unit tests to autopkgtest tests + + -- Ben Hutchings <ben@decadent.org.uk> Wed, 03 Oct 2018 18:57:08 +0100 + +linux (4.19~rc4-1~exp1) experimental; urgency=medium + + * New upstream release candidate + + [ Ben Hutchings ] + * debian/control: Add arch-qualification to build-dependencies for linux-perf + (Closes: #908519) + * debian/control: Build-depend on libunwind-dev instead of libunwind8-dev + * [hppa,mips*,powerpc*,sh4] debian/control: Build-depend on libunwind-dev for + linux-perf + * debian/control: Build-depend on libnuma-dev for linux-perf on all arches + * debian/control: Remove "cross" from profiles for build-dep on libssl-dev + * [mips64*] debian/control: Build-depend on gcc-multilib for linux-perf + * debian/lib/python: Use raw strings for all regexes + * debian/control: Fix restrictions for build-deps on asciidoctor and + patchutils + * Add support for specifying build-dependencies in binary package templates + * debian/templates: Move various build-dependencies to binary package + templates + * linux-perf: Fix generation of Perl and Python interpreter dependencies + (Closes: #908547) + * lockdep, lib{cpupower,lockdep}-dev: Remove bogus deps on ${shlibs:Depends} + * debian/rules.d/tools/power/linux-cpupower: Add "+" to recursive make + commands + * tools: x86_energy_perf_policy: Fix "uninitialized variable" warnings at -O2 + * tools: turbostat: Add checks for failure of fgets() and fscanf() + * debian/control: Build-depend on texlive-latex-{base,extra}, dvipng for + linux-doc + * debian/rules{,.real}: Use /usr/share/dpkg/architecture.mk + * debian/signing_templates/rules: Use /usr/share/dpkg/architecture.mk + * linux-image-*-signed-template: Add ${misc:Depends} to Depends + * linux-image-*-signed-template: Include changelog and copyright files + * linux-image-*-signed-template: Depend on dpkg-dev + * linux-image-*-signed-template: Override lintian warnings about non- + executable scripts + * [ia64] udeb: Fix priority of sn-modules + * Revert "Revert "net: increase fragment memory usage limits"", as 4.19 + includes a better fix for CVE-2018-5391 + * debian/patches: Add Forwarded fields to several patches + * [ppc64el] udeb: Fix relative #include filenames in module lists (fixes + FTBFS) + * [ppc64] udeb: Revert accidental change to nic-pcmcia-modules dependencies + (fixes FTBFS) + + -- Ben Hutchings <ben@decadent.org.uk> Tue, 18 Sep 2018 15:52:02 +0100 + +linux (4.19~rc3-1~exp1) experimental; urgency=medium + + * New upstream release candidate + + [ Ben Hutchings ] + * [s390x] linux-image: Install compressed kernel image (fixes FTBFS) + * [powerpc*] boot: Fix missing crc32poly.h when building with KERNEL_XZ + (fixes FTBFS) + * [x86] boot: Fix EFI stub alignment + * wireless: Update "wireless: Disable regulatory.db direct loading" for + 4.19-rc3 + * aufs: Update support patchset to aufs4.x-rcN 20180910 + + -- Ben Hutchings <ben@decadent.org.uk> Mon, 10 Sep 2018 20:13:55 +0100 + +linux (4.19~rc2-1~exp1) experimental; urgency=medium + + * New upstream release candidate + + [ Ben Hutchings ] + * aufs: Disable until it is updated for Linux 4.19 + * debian/rules.d: Update for move of bin2c back up to scripts + * locking/lockdep: Delete unnecesary #include (fixes liblockdep build) + * [hppa] debian/control: Simplify build-dependencies for 64-bit toolchain + * Compile with gcc-8 on all architectures + * udeb: Merge configuration directories and files across architectures + * [alpha,hppa] udeb: Remove incorrect dependency overrides + + -- Ben Hutchings <ben@decadent.org.uk> Mon, 03 Sep 2018 21:34:41 +0100 + +linux (4.18.20-2) unstable; urgency=medium + + * linux-kbuild: Include scripts/subarch.include (Closes: #910348) + + -- Ben Hutchings <ben@decadent.org.uk> Fri, 23 Nov 2018 19:15:55 +0000 + +linux (4.18.20-1) unstable; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.11 + - gso_segment: Reset skb->mac_len after modifying network header + - ipv6: fix possible use-after-free in ip6_xmit() + - net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT + - [alpha, hppa, x86] net: hp100: fix always-true check for link up state + - pppoe: fix reception of frames with no mac header + - qmi_wwan: set DTR for modems in forced USB2 mode + - udp4: fix IP_CMSG_CHECKSUM for connected sockets + - neighbour: confirm neigh entries when ARP packet is received + - udp6: add missing checks on edumux packet processing + - net/sched: act_sample: fix NULL dereference in the data path + - hv_netvsc: fix schedule in RCU context + - [arm64, armhf] net: dsa: mv88e6xxx: Fix ATU Miss Violation + - socket: fix struct ifreq size in compat ioctl + - bnxt_en: Fix VF mac address regression. + - ipv6: use rt6_info members when dst is set in rt6_fill_node + - net/ipv6: do not copy dst flags on rt init + - [arm64, armhf] net: mvpp2: let phylink manage the carrier state + - net: rtnl_configure_link: fix dev flags changes arg to __dev_notify_flags + - NFC: Fix possible memory corruption when handling SHDLC I-Frame commands + - NFC: Fix the number of pipes + - ASoC: uapi: fix sound/skl-tplg-interface.h userspace compilation errors + - ALSA: bebob: fix memory leak for M-Audio FW1814 and ProjectMix I/O at + error path + - ALSA: bebob: use address returned by kmalloc() instead of kernel stack for + streaming DMA mapping + - [powerpc*, mips*, x86, alpha, sparc*] ALSA: emu10k1: fix possible info + leak to userspace on SNDRV_EMU10K1_IOCTL_INFO + - ALSA: firewire-digi00x: fix memory leak of private data + - ALSA: firewire-tascam: fix memory leak of private data + - ALSA: fireworks: fix memory leak of response buffer at error path + - ALSA: oxfw: fix memory leak for model-dependent data at error path + - ALSA: oxfw: fix memory leak of discovered stream formats at error path + - ALSA: oxfw: fix memory leak of private data + - mtd: devices: m25p80: Make sure the buffer passed in op is DMA-able + - [x86] platform: dell-smbios-wmi: Correct a memory leak + - [x86] platform: alienware-wmi: Correct a memory leak + - xen/netfront: don't bug in case of too many frags + - Revert "PCI: Add ACS quirk for Intel 300 series" + - crypto: x86/aegis,morus - Do not require OSXSAVE for SSE2 + - fork: report pid exhaustion correctly + - mm: disable deferred struct page for 32-bit arches + - mm: shmem.c: Correctly annotate new inodes for lockdep + - bpf/verifier: disallow pointer subtraction + - Revert "ubifs: xattr: Don't operate on deleted inodes" + - libata: mask swap internal and hardware tag + - ocfs2: fix ocfs2 read block panic + - drm/i915/bdw: Increase IPS disable timeout to 100ms + - drm/nouveau: Reset MST branching unit before enabling + - drm/nouveau: Only write DP_MSTM_CTRL when needed + - drm/nouveau: Remove duplicate poll_enable() in pmops_runtime_suspend() + - drm/nouveau: Fix deadlocks in nouveau_connector_detect() + - drm/nouveau/drm/nouveau: Don't forget to cancel hpd_work on suspend/unload + - drm/nouveau/drm/nouveau: Fix bogus drm_kms_helper_poll_enable() placement + - drm/nouveau/drm/nouveau: Fix deadlock with fb_helper with async RPM + requests + - drm/nouveau/drm/nouveau: Use pm_runtime_get_noresume() in + connector_detect() + - drm/nouveau/drm/nouveau: Prevent handling ACPI HPD events too early + - drm/vc4: Fix the "no scaling" case on multi-planar YUV formats + - drm: udl: Destroy framebuffer only if it was initialized + - drm/amdgpu: add new polaris pci id + - tty: vt_ioctl: fix potential Spectre v1 + - ext4: check to make sure the rename(2)'s destination is not freed + - ext4: avoid divide by zero fault when deleting corrupted inline + directories + - ext4: avoid arithemetic overflow that can trigger a BUG + - ext4: recalucate superblock checksum after updating free blocks/inodes + - ext4: fix online resize's handling of a too-small final block group + - ext4: fix online resizing for bigalloc file systems with a 1k block size + - ext4: don't mark mmp buffer head dirty + - ext4: show test_dummy_encryption mount option in /proc/mounts + - ext4, dax: add ext4_bmap to ext4_dax_aops + - ext4, dax: set ext4_dax_aops for dax files + - sched/fair: Fix vruntime_normalized() for remote non-migration wakeup + - [x86] vmw_balloon: include asm/io.h + - iw_cxgb4: only allow 1 flush on user qps + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.12 + - tsl2550: fix lux1_input error in low light + - vmci: type promotion bug in qp_host_get_user_memory() + - [x86] numa_emulation: Fix emulated-to-physical node mapping + - staging: rts5208: fix missing error check on call to rtsx_write_register + - [armhf] power: supply: axp288_charger: Fix initial + constant_charge_current value + - [sh4] serial: sh-sci: Stop RX FIFO timer during port shutdown + - [arm64] power: vexpress: fix corruption in notifier registration + - [x86] iommu/amd: make sure TLB to be flushed before IOVA freed + - Bluetooth: Add a new Realtek 8723DE ID 0bda:b009 + - USB: serial: kobil_sct: fix modem-status error handling + - 6lowpan: iphc: reset mac_header after decompress to fix panic + - [s390x] mm: correct allocate_pgste proc_handler callback + - power: remove possible deadlock when unregistering power_supply + - cxgb4: Fix the condition to check if the card is T5 + - RDMA/bnxt_re: Fix a couple off by one bugs + - RDMA/i40w: Hold read semaphore while looking after VMA + - RDMA/bnxt_re: Fix a bunch of off by one bugs in qplib_fp.c + - IB/core: type promotion bug in rdma_rw_init_one_mr() + - IB/mlx4: Test port number before querying type. + - vhost_net: Avoid tx vring kicks during busyloop + - IB/mlx5: Fix GRE flow specification + - include/rdma/opa_addr.h: Fix an endianness issue + - x86/tsc: Add missing header to tsc_msr.c + - ARM: hwmod: RTC: Don't assume lock/unlock will be called with irq enabled + - [x86] entry/64: Add two more instruction suffixes + - scsi: target/iscsi: Make iscsit_ta_authentication() respect the output + buffer size + - scsi: klist: Make it safe to use klists in atomic context + - [powerpc*] scsi: ibmvscsi: Improve strings handling + - scsi: target: Avoid that EXTENDED COPY commands trigger lock inversion + - usb: wusbcore: security: cast sizeof to int for comparison + - ath10k: sdio: use same endpoint id for all packets in a bundle + - ath10k: sdio: set skb len for all rx packets + - [powerpc*] powerpc/powernv/ioda2: Reduce upper limit for DMA window size + - [x86] platform/x86: asus-wireless: Fix uninitialized symbol usage + - [x86] ACPI / button: increment wakeup count only when notified + - alarmtimer: Prevent overflow for relative nanosleep (CVE-2018-13053) + - [s390x] s390/dasd: correct numa_node in dasd_alloc_queue + - [s390x] s390/scm_blk: correct numa_node in scm_blk_dev_setup + - posix-timers: Make forward callback return s64 + - posix-timers: Sanitize overrun handling (CVE-2018-12896) + - [powerpc*] ALSA: snd-aoa: add of_node_put() in error path + - ath10k: use locked skb_dequeue for rx completions + - [armhf] media: omap3isp: zero-initialize the isp cam_xclk{a,b} initial + data + - staging: android: ashmem: Fix mmap size validation + - staging: mt7621-eth: Fix memory leak in mtk_add_mac() error path + - [powerpc*, x86, alpha, m68k, hppa] drivers/tty: add error handling for + pcmcia_loop_config + - [arm64] dts: renesas: salvator-common: Fix adv7482 decimal unit addresses + - [x86] media: tm6000: add error handling for dvb_register_adapter + - [powerpc*, mips*, arm64, x86, alpha] ALSA: hda: Add AZX_DCAPS_PM_RUNTIME + for AMD Raven Ridge + - ath10k: protect ath10k_htt_rx_ring_free with rx_ring.lock + - [armhf] drm/sun4i: Enable DW HDMI PHY clock + - [armhf] drm/sun4i: Fix releasing node when enumerating enpoints + - ath10k: transmit queued frames after processing rx packets + - mt76x2: fix mrr idx/count estimation in mt76x2_mac_fill_tx_status() + - rndis_wlan: potential buffer overflow in rndis_wlan_auth_indication() + - brcmsmac: fix wrap around in conversion from constant to s16 + - bitfield: fix *_encode_bits() + - [arm64]wlcore: Add missing PM call for + wlcore_cmd_wait_for_event_or_timeout() + - [armhf] drm/omap: gem: Fix mm_list locking + - [armhf] mvebu: declare asm symbols as character arrays in pmsu.c + - RDMA/uverbs: Don't overwrite NULL pointer with ZERO_SIZE_PTR + - HID: hid-ntrig: add error handling for sysfs_create_group + - [x86] HID: i2c-hid: Use devm to allocate i2c_hid struct + - [arm64] dts: renesas: Fix VSPD registers range + - drm/v3d: Take a lock across GPU scheduler job creation and queuing. + - scsi: bnx2i: add error handling for ioremap_nocache + - [arm64] scsi: hisi_sas: Fix the conflict between dev gone and host reset + - [armhf] spi: orion: fix CS GPIO handling again + - scsi: megaraid_sas: Update controller info during resume + - [x86] ASoC: Intel: bytcr_rt5640: Fix Acer Iconia 8 over-current detect + threshold + - [x86] EDAC, i7core: Fix memleaks and use-after-free on probe and remove + - [x86, arm64, armhf] ASoC: dapm: Fix potential DAI widget pointer deref + when linking DAIs + - module: exclude SHN_UNDEF symbols from kallsyms api + - nfsd: fix corrupted reply to badly ordered compound + - [mips*, arm64, x86] EDAC: Fix memleak in module init error path + - ath10k: fix incorrect size of dma_free_coherent in + ath10k_ce_alloc_src_ring_64 + - ath10k: snoc: use correct bus-specific pointer in RX retry + - fs/lock: skip lock owner pid translation in case we are in init_pid_ns + - ath10k: fix memory leak of tpc_stats + - Input: xen-kbdfront - fix multi-touch XenStore node's locations + - drm/vc4: Add missing formats to vc4_format_mod_supported(). + - [armhf] ARM: dts: dra7: fix DCAN node addresses + - drm/vc4: plane: Expand the lower bits by repeating the higher bits + - block: fix deadline elevator drain for zoned block devices + - [x86] mm: Expand static page table for fixmap space + - [armhf] serial: imx: restore handshaking irq for imx1 + - [arm64] serial: mvebu-uart: Fix reporting of effective CSIZE to userspace + - [x86] intel_th: Fix device removal logic + - [x86] intel_th: Fix resource handling for ACPI glue layer + - spi: tegra20-slink: explicitly enable/disable clock + - [mips*, 'arm64', x86, armhf] regulator: fix crash caused by null driver + data + - [mips*, 'arm64', x86, armhf] regulator: Fix 'do-nothing' value for + regulators without suspend state + - USB: fix error handling in usb_driver_claim_interface() + - USB: handle NULL config in usb_find_alt_setting() + - usb: core: safely deal with the dynamic quirk lists + - [armhf] usb: musb: dsps: do not disable CPPI41 irq in driver teardown + - USB: usbdevfs: sanitize flags more + - USB: usbdevfs: restore warning for nonsensical flags + - Revert "usb: cdc-wdm: Fix a sleep-in-atomic-context bug in + service_outstanding_interrupt()" + - USB: remove LPM management from usb_driver_claim_interface() + - uaccess: Fix is_source param for check_copy_size() in + copy_to_iter_mcsafe() + - filesystem-dax: Fix use of zero page + - Input: elantech - enable middle button of touchpad on ThinkPad P72 + - IB/srp: Avoid that sg_reset -d ${srp_device} triggers an infinite loop + - IB/hfi1: Fix SL array bounds check + - IB/hfi1: Invalid user input can result in crash + - IB/hfi1: Fix context recovery when PBC has an UnsupportedVL + - IB/hfi1: Fix destroy_qp hang after a link down + - [x86] ACPI / hotplug / PCI: Don't scan for non-hotplug bridges if slot + is not bridge + - RDMA/uverbs: Atomically flush and mark closed the comp event queue + - ARM: OMAP2+: Fix null hwmod for ti-sysc debug + - ARM: OMAP2+: Fix module address for modules using mpu_rt_idx + - bus: ti-sysc: Fix module register ioremap for larger offsets + - qed: Wait for ready indication before rereading the shmem + - qed: Wait for MCP halt and resume commands to take place + - qed: Prevent a possible deadlock during driver load and unload + - qed: Avoid sending mailbox commands when MFW is not responsive + - thermal: of-thermal: disable passive polling when thermal zone is disabled + - isofs: reject hardware sector size > 2048 bytes + - mmc: atmel-mci: fix bad logic of sg_copy_{from,to}_buffer conversion + - mmc: android-goldfish: fix bad logic of sg_copy_{from,to}_buffer + conversion + - bus: ti-sysc: Fix no_console_suspend handling + - [armhf] dts: omap4-droid4: fix vibrations on Droid 4 + - bpf, sockmap: fix sock_hash_alloc and reject zero-sized keys + - bpf, sockmap: fix sock hash count in alloc_sock_hash_elem + - tls: possible hang when do_tcp_sendpages hits sndbuf is full case + - bpf: sockmap: write_space events need to be passed to TCP handler + - drm/amdgpu: fix VM clearing for the root PD + - drm/amdgpu: fix preamble handling + - amdgpu: fix multi-process hang issue + - net/ncsi: Fixup .dumpit message flags and ID check in Netlink handler + - tcp_bbr: add bbr_check_probe_rtt_done() helper + - tcp_bbr: in restart from idle, see if we should exit PROBE_RTT + - net: hns: fix length and page_offset overflow when CONFIG_ARM64_64K_PAGES + - net: hns: fix skb->truesize underestimation + - tools: bpftool: return from do_event_pipe() on bad arguments + - e1000: check on netif_running() before calling e1000_up() + - e1000: ensure to free old tx/rx rings in set_ringparam() + - ixgbe: fix driver behaviour after issuing VFLR + - i40e: Fix for Tx timeouts when interface is brought up if DCB is enabled + - i40e: fix condition of WARN_ONCE for stat strings + - [arm64] crypto: cavium/nitrox - fix for command corruption in queue full + case with backlog submissions. + - hwmon: (ina2xx) fix sysfs shunt resistor read access + - hwmon: (adt7475) Make adt7475_read_word() return errors + - Revert "ARM: dts: imx7d: Invert legacy PCI irq mapping" + - drm/amdgpu: Enable/disable gfx PG feature in rlc safe mode + - drm/amdgpu: Update power state at the end of smu hw_init. + - ata: ftide010: Add a quirk for SQ201 + - nvme-fcloop: Fix dropped LS's to removed target port + - [armhf] dts: omap4-droid4: Fix emmc errors seen on some devices + - drm/amdgpu: Need to set moved to true when evict bo + - [arm64, armhf] smccc-1.1: Make return values unsigned long + - [arm64, armhf] smccc-1.1: Handle function result as parameters + - i2c: i801: Allow ACPI AML access I/O ports not reserved for SMBus + - clk: x86: Set default parent to 48Mhz + - [x86] pti: Fix section mismatch warning/error + - [powerpc*] KVM: PPC: Book3S HV: Fix guest r11 corruption with POWER9 TM + workarounds + - [powerpc*] fix csum_ipv6_magic() on little endian platforms + - [powerpc*] pkeys: Fix reading of ibm, processor-storage-keys property + - [powerpc*] pseries: Fix unitialized timer reset on migration + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.13 + - mac80211: Run TXQ teardown code before de-registering interfaces + - mac80211_hwsim: require at least one channel + - Btrfs: fix unexpected failure of nocow buffered writes after snapshotting + when low on space + - [powerpc*] KVM: PPC: Book3S HV: Don't truncate HPTE index in xlate + function + - cfg80211: remove division by size of sizeof(struct ieee80211_wmm_rule) + - btrfs: btrfs_shrink_device should call commit transaction at the end + - scsi: csiostor: add a check for NULL pointer after kmalloc() + - scsi: csiostor: fix incorrect port capabilities + - scsi: libata: Add missing newline at end of file + - scsi: aacraid: fix a signedness bug + - bpf, sockmap: fix potential use after free in bpf_tcp_close + - bpf, sockmap: fix psock refcount leak in bpf_tcp_recvmsg + - bpf: sockmap, decrement copied count correctly in redirect error case + - mac80211: correct use of IEEE80211_VHT_CAP_RXSTBC_X + - mac80211_hwsim: correct use of IEEE80211_VHT_CAP_RXSTBC_X + - cfg80211: make wmm_rule part of the reg_rule structure + - mac80211_hwsim: Fix possible Spectre-v1 for hwsim_world_regdom_custom + - nl80211: Fix nla_put_u8 to u16 for NL80211_WMMR_TXOP + - nl80211: Pass center frequency in kHz instead of MHz + - bpf: fix several offset tests in bpf_msg_pull_data + - mac80211: mesh: fix HWMP sequence numbering to follow standard + - mac80211: avoid kernel panic when building AMSDU from non-linear SKB + - bpf: fix msg->data/data_end after sg shift repair in bpf_msg_pull_data + - bpf: fix shift upon scatterlist ring wrap-around in bpf_msg_pull_data + - bpf: fix sg shift repair start offset in bpf_msg_pull_data + - [arm64] net: hns: add the code for cleaning pkt in chip + - [arm64] net: hns: add netif_carrier_off before change speed and duplex + - [arm64, armhf] net: mvpp2: initialize port of_node pointer + - cfg80211: nl80211_update_ft_ies() to validate NL80211_ATTR_IE + - mac80211: do not convert to A-MSDU if frag/subframe limited + - mac80211: always account for A-MSDU header changes + - Revert "blk-throttle: fix race between blkcg_bio_issue_check() and + cgroup_rmdir()" + - md/raid5-cache: disable reshape completely + - RAID10 BUG_ON in raise_barrier when force is true and conf->barrier is 0 + - bpf: Fix bpf_msg_pull_data() + - bpf: avoid misuse of psock when TCP_ULP_BPF collides with another ULP + - fs/cifs: don't translate SFM_SLASH (U+F026) to backslash + - mac80211: fix an off-by-one issue in A-MSDU max_subframe computation + - cfg80211: fix a type issue in ieee80211_chandef_to_operating_class() + - mac80211: fix WMM TXOP calculation + - mac80211: fix a race between restart and CSA flows + - mac80211: Fix station bandwidth setting after channel switch + - mac80211: don't Tx a deauth frame if the AP forbade Tx + - mac80211: shorten the IBSS debug messages + - [powerpc*] net/ibm/emac: wrong emac_calc_base call was used by typo + - ceph: avoid a use-after-free in ceph_destroy_options() + - firmware: arm_scmi: fix divide by zero when sustained_perf_level is zero + - afs: Fix cell specification to permit an empty address list + - mm: madvise(MADV_DODUMP): allow hugetlbfs pages + - bpf: 32-bit RSH verification must truncate input before the ALU op + (CVE-2018-18445) + - netfilter: xt_cluster: add dependency on conntrack module + - [x86] HID: intel-ish-hid: Enable Sunrise Point-H ish driver + - HID: add support for Apple Magic Keyboards + - HID: hid-saitek: Add device ID for RAT 7 Contagion + - scsi: iscsi: target: Set conn->sess to NULL when + iscsi_login_set_conn_values fails + - scsi: iscsi: target: Fix conn_ops double free + - perf annotate: Properly interpret indirect call + - perf evsel: Fix potential null pointer dereference in + perf_evsel__new_idx() + - perf util: Fix bad memory access in trace info. + - [powerpc*] perf probe: Ignore SyS symbols irrespective of endianness + - [arm64] perf annotate: Fix parsing aarch64 branch instructions after + objdump update + - netfilter: nf_tables: release chain in flushing set + - HID: sensor-hub: Restore fixup for Lenovo ThinkPad Helix 2 sensor hub + report + - USB: yurex: Check for truncation in yurex_read() + - nvmet-rdma: fix possible bogus dereference under heavy load + - net/mlx5: Consider PCI domain in search for next dev + - [x86] HID: i2c-hid: Don't reset device upon system resume + - dm raid: fix reshape race on small devices + - drm/nouveau: fix oops in client init failure path + - drm/nouveau/mmu: don't attempt to dereference vmm without valid instance + pointer + - drm/nouveau/TBDdevinit: don't fail when PMU/PRE_OS is missing from VBIOS + - drm/nouveau/disp: fix DP disable race + - drm/nouveau/disp/gm200-: enforce identity-mapped SOR assignment for + LVDS/eDP panels + - dm raid: fix stripe adding reshape deadlock + - dm raid: fix rebuild of specific devices by updating superblock + - dm raid: fix RAID leg rebuild errors + - r8169: set TxConfig register after TX / RX is enabled, just like RxConfig + - fs/cifs: suppress a string overflow warning + - net: ena: fix surprise unplug NULL dereference kernel crash + - net: ena: fix driver when PAGE_SIZE == 64kB + - net: ena: fix device destruction to gracefully free resources + - net: ena: fix potential double ena_destroy_device() + - net: ena: fix missing lock during device destruction + - net: ena: fix missing calls to READ_ONCE + - sched/topology: Set correct NUMA topology type + - dm thin metadata: try to avoid ever aborting transactions + - netfilter: nfnetlink_queue: Solve the NFQUEUE/conntrack clash for + NF_REPEAT + - netfilter: xt_hashlimit: use s->file instead of s->private + - drm/amdgpu: Fix SDMA hang in prt mode v2 + - drm/amdgpu: fix error handling in amdgpu_cs_user_fence_chunk + - r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED + - [s390x] qeth: use vzalloc for QUERY OAT buffer + - [s390x] qeth: don't dump past end of unknown HW header + - cifs: read overflow in is_valid_oplock_break() + - asm-generic: io: Fix ioport_map() for !CONFIG_GENERIC_IOMAP && + CONFIG_INDIRECT_PIO + - xen/manage: don't complain about an empty value in control/sysrq node + - [mips*, x86, s390x] xen: avoid crash in disable_hotplug_cpu + - new primitive: discard_new_inode() + - vfs: don't evict uninitialized inode + - ovl: set I_CREATING on inode being created + - ovl: fix access beyond unterminated strings + - ovl: fix memory leak on unlink of indexed file + - ovl: fix format of setxattr debug + - sysfs: Do not return POSIX ACL xattrs via listxattr + - b43: fix DMA error related regression with proprietary firmware + - firmware: Fix security issue with request_firmware_into_buf() + - firmware: Always initialize the fw_priv list object + - smb2: fix missing files in root share directory listing + - [x86] iommu/amd: Clear memory encryption mask from physical address + - ALSA: hda/realtek - Cannot adjust speaker's volume on Dell XPS 27 7760 + - [x86] crypto: qat - Fix KASAN stack-out-of-bounds bug in adf_probe() + - crypto: chelsio - Fix memory corruption in DMA Mapped buffers. + - [arm64, armhf, x86, powerpc*] gpiolib: Free the last requested descriptor + - [x86] Drivers: hv: vmbus: Use get/put_cpu() in vmbus_connect() + - proc: restrict kernel stack dumps to root (CVE-2018-17972) + - ocfs2: fix locking for res->tracking and dlm->tracking_list + - [x86] HID: i2c-hid: disable runtime PM operations on hantick touchpad + - ixgbe: check return value of napi_complete_done() + - dm thin metadata: fix __udivdi3 undefined on 32-bit + - Revert "drm/amd/pp: Send khz clock values to DC for smu7/8" + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.14 + - perf/core: Add sanity check to deal with pinned event failure + - mm: migration: fix migration of huge PMD shared pages + - mm, thp: fix mlocking THP page with migration enabled + - mm/vmstat.c: skip NR_TLB_REMOTE_FLUSH* properly + - [x86] KVM: fix L1TF's MMIO GFN calculation + - [x86] KVM: VMX: check for existence of secondary exec controls before + accessing + - blk-mq: I/O and timer unplugs are inverted in blktrace + - [powerpc*, mips*, arm64, x86, alpha, armhf] mmc: core: Fix debounce time + to use microseconds + - [powerpc*, mips*, arm64, x86, alpha, armhf] mmc: slot-gpio: Fix debounce + time to use miliseconds again + - mac80211: allocate TXQs for active monitor interfaces + - drm/amdgpu: Fix vce work queue was not cancelled when suspend + - [x86] vdso: Fix asm constraints on vDSO syscall fallbacks + - [x86] vdso: Only enable vDSO retpolines when enabled and supported + - [x86] vdso: Fix vDSO syscall fallback asm constraint regression + - [powerpc*, mips*, arm64, x86, s390x, armhf, sparc, hppa] PCI: Reprogram + bridge prefetch registers on resume + - mac80211: fix setting IEEE80211_KEY_FLAG_RX_MGMT for AP mode keys + - dm mpath: fix attached_handler_name leak and dangling hw_handler_name + pointer + - dm cache metadata: ignore hints array being too small during resize + - dm cache: fix resize crash if user doesn't reload cache table + - USB: serial: simple: add Motorola Tetra MTP6550 id + - USB: serial: option: improve Quectel EP06 detection + - USB: serial: option: add two-endpoints device-id flag + - usb: cdc_acm: Do not leak URB buffers + - tty: Drop tty->count on tty_reopen() failure + - [powerpc*] Avoid code patching freed init sections + - [powerpc*] lib: fix book3s/32 boot failure due to code patching + - f2fs: fix invalid memory access + - tipc: call start and done ops directly in __tipc_nl_compat_dumpit() + - ubifs: Check for name being NULL while mounting + - rds: rds_ib_recv_alloc_cache() should call alloc_percpu_gfp() instead + - ath10k: fix scan crash due to incorrect length calculation + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.15 + - bnxt_en: Fix TX timeout during netpoll. + - bnxt_en: free hwrm resources, if driver probe fails. + - bonding: avoid possible dead-lock + - ip6_tunnel: be careful when accessing the inner header + - ip_tunnel: be careful when accessing the inner header + - ipv4: fix use-after-free in ip_cmsg_recv_dstaddr() + - ipv6: take rcu lock in rawv6_send_hdrinc() + - [armhf] net: dsa: bcm_sf2: Call setup during switch resume + - [arm64] net: hns: fix for unmapping problem when SMMU is on + - net: ipv4: update fnhe_pmtu when first hop's MTU changes + - net/ipv6: Display all addresses in output of /proc/net/if_inet6 + - netlabel: check for IPV4MASK in addrinfo_get + - [armhf,arm64] net: mvpp2: Extract the correct ethtype from the skb for + tx csum offload + - [armhf,arm64] net: mvpp2: fix a txq_done race condition + - net: sched: Add policy validation for tc attributes + - net: sched: cls_u32: fix hnode refcounting + - net/usb: cancel pending work when unbinding smsc75xx + - qlcnic: fix Tx descriptor corruption on 82xx devices + - qmi_wwan: Added support for Gemalto's Cinterion ALASxx WWAN interface + - rtnetlink: fix rtnl_fdb_dump() for ndmsg header + - rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096 + - sctp: update dst pmtu with the correct daddr + - team: Forbid enslaving team device to itself + - tipc: fix flow control accounting for implicit connect + - udp: Unbreak modules that rely on external __skb_recv_udp() availability + - tun: remove unused parameters + - tun: initialize napi_mutex unconditionally + - tun: napi flags belong to tfile + - [armhf,arm64] net: stmmac: Fixup the tail addr setting in xmit path + - net/packet: fix packet drop as of virtio gso + - [armhf] net: dsa: bcm_sf2: Fix unbind ordering + - net/mlx5e: Set vlan masks for all offloaded TC rules + - net: aquantia: memory corruption on jumbo frames + - net/mlx5: E-Switch, Fix out of bound access when setting vport rate + - bonding: pass link-local packets to bonding master also. + - bonding: fix warning message + - [armhf,arm64] net: stmmac: Rework coalesce timer and fix multi-queue + races + - nfp: avoid soft lockups under control message storm + - bnxt_en: don't try to offload VLAN 'modify' action + - net-ethtool: ETHTOOL_GUFO did not and should not require CAP_NET_ADMIN + - net: phy: phylink: fix SFP interface autodetection + - sfp: fix oops with ethtool -m + - tcp/dccp: fix lockdep issue when SYN is backlogged + - inet: make sure to grab rcu_read_lock before using ireq->ireq_opt + - [armhf] net: dsa: b53: Keep CPU port as tagged in all VLANs + - rtnetlink: Fail dump if target netnsid is invalid + - bnxt_en: Fix VNIC reservations on the PF. + - net: ipv4: don't let PMTU updates increase route MTU + - net/mlx5: Check for SQ and not RQ state when modifying hairpin SQ + - bnxt_en: Fix enables field in HWRM_QUEUE_COS2BW_CFG request + - bnxt_en: get the reduced max_irqs by the ones used by RDMA + - net/ipv6: Remove extra call to ip6_convert_metrics for multipath case + - net/ipv6: stop leaking percpu memory in fib6 info + - qed: Fix shmem structure inconsistency between driver and the mfw. + - r8169: fix network stalls due to missing bit TXCFG_AUTO_FIFO + - r8169: set RX_MULTI_EN bit in RxConfig for 8168F-family chips + - vxlan: fill ttl inherit info + - ASoC: dapm: Fix NULL pointer deference on CODEC to CODEC DAIs + - hwmon: (nct6775) Fix access to fan pulse registers + - [x86] ASoC: AMD: Ensure reset bit is cleared before configuring + - Bluetooth: SMP: Fix trying to use non-existent local OOB data + - Bluetooth: Use correct tfm to generate OOB data + - Bluetooth: hci_ldisc: Free rw_semaphore on close + - [armhf] mfd: omap-usb-host: Fix dts probe of children + - [powerpc*] KVM: Book3S HV: Don't use compound_order to determine host + mapping size + - scsi: iscsi: target: Don't use stack buffer for scatterlist + - scsi: qla2xxx: Fix an endian bug in fcpcmd_is_corrupted() + - sound: enable interrupt after dma buffer initialization + - sound: don't call skl_init_chip() to reset intel skl soc + - bpf: btf: Fix end boundary calculation for type section + - bpf: use __GFP_COMP while allocating page + - hwmon: (nct6775) Fix virtual temperature sources for NCT6796D + - hwmon: (nct6775) Fix RPM output for fan7 on NCT6796D + - [armhf,arm64] stmmac: fix valid numbers of unicast filter entries + - hwmon: (nct6775) Use different register to get fan RPM for fan7 + - [x86] PCI: hv: support reporting serial number as slot information + - [x86] clk: add "ether_clk" alias for Bay Trail / Cherry Trail + - [x86] clk: Stop marking clocks as CLK_IS_CRITICAL + - [x86] pinctrl: cannonlake: Fix gpio base for GPP-E + - [x86] kvm/lapic: always disable MMIO interface in x2APIC mode + - drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 + - drm/amdkfd: Change the control stack MTYPE from UC to NC on GFX9 + - drm/amdkfd: Fix ATS capablity was not reported correctly on some APUs + - mm/vmstat.c: fix outdated vmstat_text + - afs: Fix afs_server struct leak + - afs: Fix clearance of reply + - [mips*] Fix CONFIG_CMDLINE handling + - [mips*] VDSO: Always map near top of user memory + - [sparc64] mach64: detect the dot clock divider correctly on sparc + - vsprintf: Fix off-by-one bug in bstr_printf() processing dereferenced + pointers + - percpu: stop leaking bitmap metadata blocks + - perf script python: Fix export-to-postgresql.py occasional failure + - perf script python: Fix export-to-sqlite.py sample columns + - [s390x] cio: Fix how vfio-ccw checks pinned pages + - dm cache: destroy migration_cache if cache target registration failed + - dm: fix report zone remapping to account for partition offset + - dm linear: eliminate linear_end_io call if CONFIG_DM_ZONED disabled + - dm linear: fix linear_end_io conditional definition + - cgroup: Fix dom_cgrp propagation when enabling threaded mode + - drm/nouveau/drm/nouveau: Grab runtime PM ref in nv50_mstc_detect() + - mmc: block: avoid multiblock reads for the last sector in SPI mode + - [armhf] pinctrl: mcp23s08: fix irq and irqchip setup order + - [arm64] perf: Reject stand-alone CHAIN events for PMUv3 + - mm/mmap.c: don't clobber partially overlapping VMA with + MAP_FIXED_NOREPLACE + - mm/thp: fix call to mmu_notifier in set_pmd_migration_entry() v2 + - filesystem-dax: Fix dax_layout_busy_page() livelock + - mm: Preserve _PAGE_DEVMAP across mprotect() calls + - [x86] i2c: i2c-scmi: fix for i2c_smbus_write_block_data + - [powerpc*] KVM: Book3S HV: Avoid crash from THP collapse during radix + page fault + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.16 + - media: af9035: prevent buffer overflow on write + - spi: gpio: Fix copy-and-paste error + - batman-adv: Avoid probe ELP information leak + - batman-adv: Fix segfault when writing to throughput_override + - batman-adv: Fix segfault when writing to sysfs elp_interval + - batman-adv: Prevent duplicated gateway_node entry + - batman-adv: Prevent duplicated nc_node entry + - batman-adv: Prevent duplicated softif_vlan entry + - batman-adv: Prevent duplicated global TT entry + - batman-adv: Prevent duplicated tvlv handler + - batman-adv: fix backbone_gw refcount on queue_work() failure + - batman-adv: fix hardif_neigh refcount on queue_work() failure + - cxgb4: fix abort_req_rss6 struct + - [armhf] clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag + for non-am43 SoCs + - [powerpc*] scsi: ibmvscsis: Fix a stringop-overflow warning + - [powerpc*] scsi: ibmvscsis: Ensure partition name is properly NUL + terminated + - [x86] intel_th: pci: Add Ice Lake PCH support + - [m68k] Input: atakbd - fix Atari keymap + - [m68k] Input: atakbd - fix Atari CapsLock behaviour + - [powerpc*] net: emac: fix fixed-link setup for the RTL8363SB switch + - qed: Fix populating the invalid stag value in multi function mode. + - qed: Do not add VLAN 0 tag to untagged frames in multi-function mode. + - [armhf,arm64] PCI: dwc: Fix scheduling while atomic issues + - RDMA/uverbs: Fix validity check for modify QP + - scsi: lpfc: Synchronize access to remoteport via rport + - [arm64] drm: mali-dp: Call drm_crtc_vblank_reset on device init + - scsi: ipr: System hung while dlpar adding primary ipr adapter back + - scsi: sd: don't crash the host on invalid commands + - bpf: sockmap only allow ESTABLISHED sock state + - bpf: sockmap, fix transition through disconnect without close + - bpf: test_maps, only support ESTABLISHED socks + - net/mlx4: Use cpumask_available for eq->affinity_mask + - clocksource/drivers/fttmr010: Fix set_next_event handler + - RDMA/bnxt_re: Fix system crash during RDMA resource initialization + - [armhf,arm64] iommu/rockchip: Free irqs in shutdown handler + - [x86] pinctrl/amd: poll InterruptEnable bits in amd_gpio_irq_set_type + - [powerpc*] tm: Fix userspace r13 corruption + - [powerpc*] tm: Avoid possible userspace r1 corruption on reclaim + - [powerpc*] numa: Use associativity if VPHN hcall is successful + - [x86] iommu/amd: Return devid as alias for ACPI HID devices + - [x86] boot: Fix kexec booting failure in the SEV bit detection code + - Revert "vfs: fix freeze protection in mnt_want_write_file() for + overlayfs" + - mremap: properly flush TLB before releasing the page + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.17 + - xfrm: Validate address prefix lengths in the xfrm selector. + - xfrm6: call kfree_skb when skb is toobig + - xfrm: reset transport header back to network header after all input + transforms ahave been applied + - xfrm: reset crypto_done when iterating over multiple input xfrms + - mac80211: Always report TX status + - cfg80211: reg: Init wiphy_idx in regulatory_hint_core() + - mac80211: fix pending queue hang due to TX_DROP + - cfg80211: Address some corner cases in scan result channel updating + - mac80211: TDLS: fix skb queue/priority assignment + - mac80211: fix TX status reporting for ieee80211s + - xfrm: Fix NULL pointer dereference when skb_dst_force clears the + dst_entry. + - [armel,armhf] 8799/1: mm: fix pci_ioremap_io() offset check + - xfrm: validate template mode + - netfilter: bridge: Don't sabotage nf_hook calls from an l3mdev + - netfilter: conntrack: get rid of double sizeof + - [arm64] hugetlb: Fix handling of young ptes + - nl80211: Fix possible Spectre-v1 for NL80211_TXRATE_HT + - mac80211_hwsim: fix locking when iterating radios during ns exit + - mac80211_hwsim: fix race in radio destruction from netlink notifier + - mac80211_hwsim: do not omit multicast announce of first added radio + - Bluetooth: SMP: fix crash in unpairing + - qed: Avoid implicit enum conversion in qed_set_tunn_cls_info + - qed: Fix mask parameter in qed_vf_prep_tunn_req_tlv + - qed: Avoid implicit enum conversion in qed_roce_mode_to_flavor + - qed: Avoid constant logical operation warning in qed_vf_pf_acquire + - qed: Avoid implicit enum conversion in qed_iwarp_parse_rx_pkt + - nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds + - scsi: qedi: Initialize the stats mutex lock + - rxrpc: Fix checks as to whether we should set up a new call + - rxrpc: Fix RTT gathering + - rxrpc: Fix transport sockopts to get IPv4 errors on an IPv6 socket + - rxrpc: Fix error distribution + - netfilter: nft_set_rbtree: add missing rb_erase() in GC routine + - netfilter: avoid erronous array bounds warning + - asix: Check for supported Wake-on-LAN modes + - ax88179_178a: Check for supported Wake-on-LAN modes + - lan78xx: Check for supported Wake-on-LAN modes + - sr9800: Check for supported Wake-on-LAN modes + - r8152: Check for supported Wake-on-LAN Modes + - smsc75xx: Check for Wake-on-LAN modes + - smsc95xx: Check for Wake-on-LAN modes + - cfg80211: fix use-after-free in reg_process_hint() + - [x86] KVM: nVMX: Do not expose MPX VMX controls when guest MPX disabled + - [x86] KVM: Do not use kvm_x86_ops->mpx_supported() directly + - [x86] KVM: nVMX: Fix emulation of VM_ENTRY_LOAD_BNDCFGS + - perf/core: Fix perf_pmu_unregister() locking + - [x86] perf/intel/uncore: Use boot_cpu_data.phys_proc_id instead of + hardcorded physical package ID 0 + - perf/ring_buffer: Prevent concurent ring buffer access + - [x86] perf/intel/uncore: Fix PCI BDF address of M3UPI on SKX + - [x86] perf/amd/uncore: Set ThreadMask and SliceMask for L3 Cache perf + events + - thunderbolt: Do not handle ICM events after domain is stopped + - thunderbolt: Initialize after IOMMUs + - Revert "serial: 8250_dw: Fix runtime PM handling" + - locking/ww_mutex: Fix runtime warning in the WW mutex selftest + - drm/amd/display: Signal hw_done() after waiting for flip_done() + - be2net: don't flip hw_features when VXLANs are added/deleted + - [powerpc*] numa: Skip onlining a offline node in kdump path + - net: cxgb3_main: fix a missing-check bug + - yam: fix a missing-check bug + - ocfs2: fix crash in ocfs2_duplicate_clusters_by_page() + - mm/gup_benchmark: fix unsigned comparison to zero in __gup_benchmark_ioctl + - mm/migrate.c: split only transparent huge pages when allocation fails + - [x86] paravirt: Fix some warning messages + - [arm64] clk: mvebu: armada-37xx-periph: Remove unused var num_parents + - libertas: call into generic suspend code before turning off power + - perf report: Don't try to map ip to invalid map + - HID: i2c-hid: Remove RESEND_REPORT_DESCR quirk and its handling + - [armhf] dts: imx53-qsb: disable 1.2GHz OPP + - perf record: Use unmapped IP for inline callchain cursors + - rxrpc: Don't check RXRPC_CALL_TX_LAST after calling + rxrpc_rotate_tx_window() + - rxrpc: Carry call state out of locked section in rxrpc_rotate_tx_window() + - rxrpc: Only take the rwind and mtu values from latest ACK + - rxrpc: Fix connection-level abort handling + - [x86] net: ena: fix warning in rmmod caused by double iounmap + - [x86] net: ena: fix rare bug when failed restart/resume is followed by + driver removal + - [x86] net: ena: fix NULL dereference due to untimely napi initialization + - gpio: Assign gpio_irq_chip::parents to non-stack pointer + - IB/mlx5: Unmap DMA addr from HCA before IOMMU + - rds: RDS (tcp) hangs on sendto() to unresponding address + - afs: Fix cell proc list + - fs/fat/fatent.c: add cond_resched() to fat_count_free_clusters() + - Revert "netfilter: ipv6: nf_defrag: drop skb dst before queueing" + - bridge: do not add port to router list when receives query with source + 0.0.0.0 + - ipv6: mcast: fix a use-after-free in inet6_mc_check + - ipv6/ndisc: Preserve IPv6 control buffer if protocol error handlers are + called + - ipv6: rate-limit probes for neighbourless routes + - llc: set SOCK_RCU_FREE in llc_sap_add_socket() + - net: fec: don't dump RX FIFO register when not available + - net/ipv6: Fix index counter for unicast addresses in in6_dump_addrs + - net/mlx5e: fix csum adjustments caused by RXFCS + - net: sched: gred: pass the right attribute to gred_change_table_def() + - net: socket: fix a missing-check bug + - [armhf,arm64] net: stmmac: Fix stmmac_mdio_reset() when building stmmac + as modules + - net: udp: fix handling of CHECKSUM_COMPLETE packets + - r8169: fix NAPI handling under high load + - rtnetlink: Disallow FDB configuration for non-Ethernet device + - sctp: fix race on sctp_id2asoc + - tipc: fix unsafe rcu locking when accessing publication list + - udp6: fix encap return code for resubmitting + - vhost: Fix Spectre V1 vulnerability + - virtio_net: avoid using netif_tx_disable() for serializing tx routine + - ethtool: fix a privilege escalation bug + - bonding: fix length of actor system + - ip6_tunnel: Fix encapsulation layout + - openvswitch: Fix push/pop ethernet validation + - net: ipmr: fix unresolved entry dumps + - net/mlx5: Take only bit 24-26 of wqe.pftype_wq for page fault type + - net: sched: Fix for duplicate class dump + - net/sched: cls_api: add missing validation of netlink attributes + - net/ipv6: Allow onlink routes to have a device mismatch if it is the + default route + - sctp: fix the data size calculation in sctp_data_size + - sctp: not free the new asoc when sctp_wait_for_connect returns err + - net/mlx5: Fix memory leak when setting fpga ipsec caps + - net: bpfilter: use get_pid_task instead of pid_task + - net: drop skb on failure in ip_check_defrag() + - net: fix pskb_trim_rcsum_slow() with odd trim offset + - net/mlx5: WQ, fixes for fragmented WQ buffers API + - [sparc64] Make corrupted user stacks more debuggable. + - [sparc64] Set %l4 properly on trap return after handling signals. + - [sparc64] Wire up compat getpeername and getsockname. + - [sparc64] Fix single-pcr perf event counter management. + - [sparc64] Fix syscall fallback bugs in VDSO. + - [sparc64] Throttle perf events properly. + - net: bridge: remove ipv6 zero address check in mcast queries + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.18 + - vfs: swap names of {do,vfs}_clone_file_range() + - bpf: fix partial copy of map_ptr when dst is scalar + - [armhf,arm64] clk: sunxi-ng: sun4i: Set VCO and PLL bias current to + lowest setting + - fscache: Fix incomplete initialisation of inline key space + - cachefiles: fix the race between cachefiles_bury_object() and rmdir(2) + - fscache: Fix out of bound read in long cookie keys + - ptp: fix Spectre v1 vulnerability + - drm/edid: VSDB yCBCr420 Deep Color mode bit definitions + - drm: fb-helper: Reject all pixel format changing requests + - RDMA/ucma: Fix Spectre v1 vulnerability (CVE-2017-5753) + - IB/ucm: Fix Spectre v1 vulnerability (CVE-2017-5753) + - cdc-acm: do not reset notification buffer index upon urb unlinking + - cdc-acm: correct counting of UART states in serial state notification + - cdc-acm: fix race between reset and control messaging + - usb: usbip: Fix BUG: KASAN: slab-out-of-bounds in vhci_hub_control() + - usb: gadget: storage: Fix Spectre v1 vulnerability + - usb: roles: intel_xhci: Fix Unbalanced pm_runtime_enable + - usb: xhci: pci: Enable Intel USB role mux on Apollo Lake platforms + - USB: fix the usbfs flag sanitization for control transfers + - tracing: Fix synthetic event to accept unsigned modifier + - tracing: Fix synthetic event to allow semicolon at end + - [armhf] drm/sun4i: Fix an ulong overflow in the dotclock driver + - sched/fair: Fix throttle_list starvation with low CFS quota + - [x86] tsc: Force inlining of cyc2ns bits + - [x86] hibernate: Fix nosave_regions setup for hibernation + - [x86] percpu: Fix this_cpu_read() + - [x86] time: Correct the attribute on jiffies' definition + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.19 + - [armhf] mtd: rawnand: marvell: fix the IRQ handler complete() condition + - spi: spi-mem: Adjust op len based on message/transfer size limitations + - bcache: trace missed reading by cache_missed + - bcache: correct dirty data statistics + - bcache: fix miss key refill->end in writeback + - hwmon: (pmbus) Fix page count auto-detection. + - jffs2: free jffs2_sb_info through jffs2_kill_sb() + - block: setup bounce bio_sets properly + - block: don't deal with discard limit in blkdev_issue_discard() + - block: make sure discard bio is aligned with logical block size + - block: make sure writesame bio is aligned with logical block size + - cpufreq: conservative: Take limits changes into account properly + - dma-mapping: fix panic caused by passing empty cma command line argument + - pcmcia: Implement CLKRUN protocol disabling for Ricoh bridges + - ACPI / OSL: Use 'jiffies' as the time bassis for acpi_os_get_timer() + - ACPICA: AML Parser: fix parse loop to correctly skip erroneous extended + opcodes + - [x86] kprobes: Use preempt_enable() in optimized_callback() + - ipmi: Fix timer race with module unload + - acpi, nfit: Fix Address Range Scrub completion tracking + - [hppa] Fix address in HPMC IVA + - [hppa] Fix map_pages() to not overwrite existing pte entries + - [hppa] Fix exported address of os_hpmc handler + - [x86] ALSA: hda - Add quirk for ASUS G751 laptop + - [x86] ALSA: hda - Fix headphone pin config for ASUS G751 + - [x86] ALSA: hda/realtek - Fix the problem of the front MIC on the Lenovo + M715 + - [x86] ALSA: hda - Add mic quirk for the Lenovo G50-30 (17aa:3905) + - ALSA: hda: Add 2 more models to the power_save blacklist + - ALSA: ca0106: Disable IZD on SB0570 DAC to fix audio pops + - [x86] speculation: Enable cross-hyperthread spectre v2 STIBP mitigation + (CVE-2017-5715) + - [x86] xen: Fix boot loader version reported for PVH guests + - [x86] corruption-check: Fix panic in memory_corruption_check() when boot + option without value is provided + - [x86] mm/pat: Disable preemption around __flush_tlb_all() + - [x86] speculation: Support Enhanced IBRS on future CPUs (CVE-2017-5715) + - [armhf] dts: exynos: Disable pull control for MAX8997 interrupts on + Origen + - drm: fix use of freed memory in drm_mode_setcrtc + - bpf: do not blindly change rlimit in reuseport net selftest + - nvme: remove ns sibling before clearing path + - Revert "perf tools: Fix PMU term format max value calculation" + - xsk: do not call synchronize_net() under RCU read lock + - xfrm: policy: use hlist rcu variants on insert + - [x86] perf vendor events intel: Fix wrong filter_band* values for uncore + events + - r8169: Enable MSI-X on RTL8106e + - nfp: flower: fix pedit set actions for multiple partial masks + - nfp: flower: use offsets provided by pedit instead of index for ipv6 + - sched/fair: Fix the min_vruntime update logic in dequeue_entity() + - perf evsel: Store ids for events with their own cpus + perf_event__synthesize_event_update_cpus + - perf tools: Fix use of alternatives to find JDIR + - perf cpu_map: Align cpu map synthesized events properly. + - perf report: Don't crash on invalid inline debug information + - [x86] fpu: Remove second definition of fpu in __fpu__restore_sig() + - net: qla3xxx: Remove overflowing shift statement + - r8169: re-enable MSI-X on RTL8168g + - drm: Get ref on CRTC commit object when waiting for flip_done + - [arm64] net: socionext: Reset tx queue in ndo_stop + - netfilter: xt_nat: fix DNAT target for shifted portmap ranges + - [m68k] ataflop: fix error handling during setup + - [m68k] swim: fix cleanup on setup error + - [arm64] cpufeature: ctr: Fix cpu capability check for late CPUs + - nfp: devlink port split support for 1x100G CXP NIC + - tun: Consistently configure generic netdev params via rtnetlink + - [s390x] sthyi: Fix machine name validity indication + - hwmon: (pwm-fan) Set fan speed to 0 on suspend + - lightnvm: pblk: fix race on sysfs line state + - lightnvm: pblk: fix two sleep-in-atomic-context bugs + - lightnvm: pblk: fix race condition on metadata I/O + - perf tools: Free temporary 'sys' string in read_event_files() + - perf tools: Cleanup trace-event-info 'tdata' leak + - perf strbuf: Match va_{add,copy} with va_end + - [x86] cpupower: Fix coredump on VMWare + - bcache: Populate writeback_rate_minimum attribute + - mmc: sdhci-pci-o2micro: Add quirk for O2 Micro dev 0x8620 rev 0x01 + - sdhci: acpi: add free_slot callback + - iwlwifi: pcie: avoid empty free RB queue + - iwlwifi: mvm: clear HW_RESTART_REQUESTED when stopping the interface + - iwlwifi: mvm: check for n_profiles validity in EWRD ACPI + - [i386] olpc: Indicate that legacy PC XO-1 platform should not register + RTC + - ACPI/PPTT: Handle architecturally unknown cache types + - ACPI / PM: LPIT: Register sysfs attributes based on FADT + - ACPI / processor: Fix the return value of acpi_processor_ids_walk() + - cpufreq: dt: Try freeing static OPPs only if we have added them + - [x86] intel_rdt: Show missing resctrl mount options + - [arm64] signal: Introduce COMPAT_SIGMINSTKSZ for use in + compat_sys_sigaltstack + - [arm64] net: hns3: Fix for packet buffer setting bug + - [x86] boot: Fix EFI stub alignment + - [arm64] net: hns3: Add nic state check before calling netif_tx_wake_queue + - [arm64] net: hns3: Fix ets validate issue + - [armhf,arm64] pinctrl: sunxi: fix 'pctrl->functions' allocation in + sunxi_pinctrl_build_state + - [arm64] pinctrl: qcom: spmi-mpp: Fix err handling of pmic_mpp_set_mux + - brcmfmac: fix for proper support of 160MHz bandwidth + - [arm64] net: hns3: Check hdev state when getting link status + - [arm64] net: hns3: Set STATE_DOWN bit of hdev state when stopping net + - net: phy: phylink: ensure the carrier is off when starting phylink + - block, bfq: correctly charge and reset entity service in all cases + - [arm64] entry: Allow handling of undefined instructions from EL1 + - kprobes: Return error if we fail to reuse kprobe instead of BUG_ON() + - spi: gpio: No MISO does not imply no RX + - ACPI / LPSS: Add alternative ACPI HIDs for Cherry Trail DMA controllers + - [arm64] pinctrl: qcom: spmi-mpp: Fix drive strength setting + - bpf/verifier: fix verifier instability + - failover: Add missing check to validate 'slave_dev' in + net_failover_slave_unregister + - perf tests: Fix record+probe_libc_inet_pton.sh without ping's debuginfo + - [arm64] pinctrl: spmi-mpp: Fix pmic_mpp_config_get() to be compliant + - [arm64] pinctrl: ssbi-gpio: Fix pm8xxx_pin_config_get() to be compliant + - [arm64] net: hns3: Preserve vlan 0 in hardware table + - [arm64] net: hns3: Fix ping exited problem when doing lp selftest + - [arm64] net: hns3: Fix for vf vlan delete failed problem + - [armhf,arm64] net: dsa: mv88e6xxx: Fix writing to a PHY page. + - rsi: fix memory alignment issue in ARM32 platforms + - iwlwifi: mvm: fix BAR seq ctrl reporting + - ixgbe: disallow IPsec Tx offload when in SR-IOV mode + - ixgbevf: VF2VF TCP RSS + - ath10k: schedule hardware restart if WMI command times out + - libata: Apply NOLPM quirk for SAMSUNG MZ7TD256HAFV-000L9 + - cgroup, netclassid: add a preemption point to write_classid + - [armhf,arm64] net: stmmac: dwmac-sun8i: fix OF child-node lookup + - f2fs: fix to account IO correctly for cgroup writeback + - MD: Memory leak when flush bio size is zero + - md: fix memleak for mempool + - scsi: esp_scsi: Track residual for PIO transfers + - scsi: ufs: Schedule clk gating work on correct queue + - UAPI: ndctl: Fix g++-unsupported initialisation in headers + - [x86] KVM: nVMX: Clear reserved bits of #DB exit qualification + - scsi: megaraid_sas: fix a missing-check bug + - RDMA/core: Do not expose unsupported counters + - IB/ipoib: Clear IPCB before icmp_send + - usb: host: ohci-at91: fix request of irq for optional gpio + - usb: typec: tcpm: Report back negotiated PPS voltage and current + - tpm: suppress transmit cmd error logs when TPM 1.2 is disabled/ + deactivated + - f2fs: clear PageError on the read path + - [x86] Drivers: hv: vmbus: Use cpumask_var_t for on-stack cpu mask + - [x86] VMCI: Resource wildcard match fixed + - PCI / ACPI: Enable wake automatically for power managed bridges + - xprtrdma: Reset credit grant properly after a disconnect + - irqchip/pdc: Setup all edge interrupts as rising edge at GIC + - [armhf,arm64] usb: dwc2: fix a race with external vbus supply + - ext4: fix argument checking in EXT4_IOC_MOVE_EXT + - MD: fix invalid stored role for a disk + - nvmem: check the return value of nvmem_add_cells() + - xhci: Avoid USB autosuspend when resuming USB2 ports. + - f2fs: fix to recover inode's crtime during POR + - f2fs: fix to recover inode's i_flags during POR + - PCI/MSI: Warn and return error if driver enables MSI/MSI-X twice + - [armhf.arm64] usb: chipidea: Prevent unbalanced IRQ disable + - [x86] driver/dma/ioat: Call del_timer_sync() without holding prep_lock + - IB/mlx5: Allow transition of DCI QP to reset + - uio: ensure class is registered before devices + - scsi: lpfc: Correct soft lockup when running mds diagnostics + - scsi: lpfc: Correct race with abort on completion path + - f2fs: avoid sleeping under spin_lock + - f2fs: report error if quota off error during umount + - signal: Always deliver the kernel's SIGKILL and SIGSTOP to a pid + namespace init + - IB/rxe: fix for duplicate request processing and ack psns + - ALSA: hda: Check the non-cached stream buffers more explicitly + - [x86] cpupower: Fix AMD Family 0x17 msr_pstate size + - Revert "f2fs: fix to clear PG_checked flag in set_page_dirty()" + - f2fs: fix to recover cold bit of inode block during POR + - f2fs: fix to account IO correctly + - OPP: Free OPP table properly on performance state irregularities + - [armhf] dts: exynos: Add missing cooling device properties for CPUs + - [armhf] dts: exynos: Convert exynos5250.dtsi to opp-v2 bindings + - [armhf] dts: exynos: Mark 1 GHz CPU OPP as suspend OPP on Exynos5250 + - xen-swiotlb: use actually allocated size on check physical continuous + - tpm: Restore functionality to xen vtpm driver. + - xen/blkfront: avoid NULL blkfront_info dereference on device removal + - xen/balloon: Support xend-based toolstack + - xen: fix race in xen_qlock_wait() + - xen: make xen_qlock_wait() nestable + - xen/pvh: increase early stack size + - xen/pvh: don't try to unplug emulated devices + - libertas: don't set URB_ZERO_PACKET on IN USB transfer + - usbip:vudc: BUG kmalloc-2048 (Not tainted): Poison overwritten + - usb: typec: tcpm: Fix APDO PPS order checking to be based on voltage + - mt76: mt76x2: fix multi-interface beacon configuration + - iwlwifi: mvm: check return value of rs_rate_from_ucode_rate() + - net/ipv4: defensive cipso option parsing + - libnvdimm: Hold reference on parent while scheduling async init + - libnvdimm, region: Fail badblocks listing for inactive regions + - libnvdimm, pmem: Fix badblocks population for 'raw' namespaces + - [x86] ASoC: intel: skylake: Add missing break in skl_tplg_get_token() + - IB/mlx5: Fix MR cache initialization + - IB/rxe: Revise the ib_wr_opcode enum + - jbd2: fix use after free in jbd2_log_do_checkpoint() + - gfs2_meta: ->mount() can get NULL dev_name + - ext4: fix EXT4_IOC_SWAP_BOOT + - ext4: initialize retries variable in ext4_da_write_inline_data_begin() + - ext4: fix setattr project check in fssetxattr ioctl + - ext4: propagate error from dquot_initialize() in EXT4_IOC_FSSETXATTR + - ext4: fix use-after-free race in ext4_remount()'s error path + - selinux: fix mounting of cgroup2 under older policies + - HID: wacom: Work around HID descriptor bug in DTK-2451 and DTH-2452 + - HID: hiddev: fix potential Spectre v1 + - [x86] EDAC, amd64: Add Family 17h, models 10h-2fh support + - [x86] EDAC, {i7core,sb,skx}_edac: Fix uncorrected error counting + - [x86] EDAC, skx_edac: Fix logical channel intermediate decoding + - PCI/ASPM: Fix link_state teardown on device removal + - [x86] PCI: vmd: White list for fast interrupt handlers + - [powerpc*] signal/GenWQE: Fix sending of SIGKILL + - signal: Guard against negative signal numbers in copy_siginfo_from_user32 + - crypto: lrw - Fix out-of bounds access on counter overflow + - crypto: tcrypt - fix ghash-generic speed test + - [x86] crypto: aesni - don't use GFP_ATOMIC allocation if the request + doesn't cross a page in gcm + - mm: /proc/pid/smaps_rollup: fix NULL pointer deref in smaps_pte_range() + - ima: fix showing large 'violations' or 'runtime_measurements_count' + - hugetlbfs: dirty pages as they are added to pagecache + - mm/rmap: map_pte() was not handling private ZONE_DEVICE page properly + - mm/hmm: fix race between hmm_mirror_unregister() and mmu_notifier callback + - [armhf,arm64] KVM: Ensure only THP is candidate for adjustment + - [arm64] KVM: Fix caching of host MDCR_EL2 value + - [armhf] w1: omap-hdq: fix missing bus unregister at removal + - smb3: allow stats which track session and share reconnects to be reset + - smb3: do not attempt cifs operation in smb3 query info error path + - smb3: on kerberos mount if server doesn't specify auth type use krb5 + - printk: Fix panic caused by passing log_buf_len to command line + - genirq: Fix race on spurious interrupt detection + - NFSv4.1: Fix the r/wsize checking + - nfs: Fix a missed page unlock after pg_doio() + - nfsd: correctly decrement odstate refcount in error path + - nfsd: Fix an Oops in free_session() + - lockd: fix access beyond unterminated strings in prints + - dm ioctl: harden copy_params()'s copy_from_user() from malicious users + - dm zoned: fix metadata block ref counting + - dm zoned: fix various dmz_get_mblock() issues + - media: ov7670: make "xclk" clock optional + - fsnotify: Fix busy inodes during unmount + - [powerpc*] msi: Fix compile error on mpc83xx + - [powerpc*] tm: Fix HFSCR bit for no suspend case + - [powerpc*] 4s/hash: Do not use PPC_INVALIDATE_ERAT on CPUs before POWER9 + - [mips*] memset: Fix CPU_DADDI_WORKAROUNDS `small_fixup' regression + - [mips*/octeon] fix out of bounds array access on CN68XX + - rtc: ds1307: fix ds1339 wakealarm support + - rtc: cmos: Fix non-ACPI undefined reference to `hpet_rtc_interrupt' + - rtc: cmos: Remove the `use_acpi_alarm' module parameter for !ACPI + - [armhf] power: supply: twl4030-charger: fix OF sibling-node lookup + - [armhf,arm64] iommu/arm-smmu: Ensure that page-table updates are visible + before TLBI + - media: v4l2-tpg: fix kernel oops when enabling HFLIP and OSD + - Revert "media: dvbsky: use just one mutex for serializing device R/W ops" + - media: cec: make cec_get_edid_spa_location() an inline function + - media: cec: integrate cec_validate_phys_addr() in cec-api.c + - xen: fix xen_qlock_wait() + - xen: remove size limit of privcmd-buf mapping interface + - xen-blkfront: fix kernel panic with negotiate_mq error path + - media: cec: add new tx/rx status bits to detect aborts/timeouts + - media: cec: fix the Signal Free Time calculation + - media: cec: forgot to cancel delayed work + - media: em28xx: use a default format if TRY_FMT fails + - media: tvp5150: avoid going past array on v4l2_querymenu() + - media: em28xx: fix input name for Terratec AV 350 + - media: em28xx: make v4l2-compliance happier by starting sequence on zero + - media: em28xx: fix handler for vidioc_s_input() + - media: media colorspaces*.rst: rename AdobeRGB to opRGB + - media: replace ADOBERGB by OPRGB + - media: hdmi.h: rename ADOBE_RGB to OPRGB and ADOBE_YCC to OPYCC + - [arm64] lse: remove -fcall-used-x0 flag + - [arm64] rpmsg: smd: fix memory leak on channel create + - Cramfs: fix abad comparison when wrap-arounds occur + - [armhf,arm64] soc/tegra: pmc: Fix child-node lookup + - tracing: Return -ENOENT if there is no target synthetic event + - btrfs: qgroup: Avoid calling qgroup functions if qgroup is not enabled + - btrfs: Handle owner mismatch gracefully when walking up tree + - btrfs: locking: Add extra check in btrfs_init_new_buffer() to avoid + deadlock + - btrfs: fix error handling in free_log_tree + - btrfs: fix error handling in btrfs_dev_replace_start + - btrfs: Enhance btrfs_trim_fs function to handle error better + - btrfs: Ensure btrfs_trim_fs can trim the whole filesystem + - btrfs: iterate all devices during trim, instead of fs_devices::alloc_list + - btrfs: don't attempt to trim devices that don't support it + - btrfs: keep trim from interfering with transaction commits + - btrfs: wait on caching when putting the bg cache + - Btrfs: don't clean dirty pages during buffered writes + - btrfs: release metadata before running delayed refs + - btrfs: protect space cache inode alloc with GFP_NOFS + - btrfs: reset max_extent_size on clear in a bitmap + - btrfs: make sure we create all new block groups + - Btrfs: fix warning when replaying log after fsync of a tmpfile + - Btrfs: fix wrong dentries after fsync of file that got its parent + replaced + - btrfs: qgroup: Dirty all qgroups before rescan + - Btrfs: fix null pointer dereference on compressed write path error + - Btrfs: fix assertion on fsync of regular file when using no-holes feature + - Btrfs: fix deadlock when writing out free space caches + - btrfs: reset max_extent_size properly + - btrfs: set max_extent_size properly + - btrfs: don't use ctl->free_space for max_extent_size + - btrfs: only free reserved extent if we didn't insert it + - btrfs: fix insert_reserved error handling + - btrfs: don't run delayed_iputs in commit + - btrfs: move the dio_sem higher up the callchain + - Btrfs: fix use-after-free during inode eviction + - Btrfs: fix use-after-free when dumping free space + - net: sched: Remove TCA_OPTIONS from policy + - userns: also map extents in the reverse map to kernel IDs + - bpf: wait for running BPF programs when updating map-in-map + - MD: fix invalid stored role for a disk - try2 + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.20 + - [powerpc*] traps: restore recoverability of machine_check interrupts + - [powerpc*] 64/module: REL32 relocation range check + - [powerpc*] mm: Fix page table dump to work on Radix + - [powerpc*] mm: fix always true/false warning in slice.c + - drm/amd/display: fix bug of accessing invalid memory + - Input: wm97xx-ts - fix exit path + - [powerpc*] eeh: Fix possible null deref in eeh_dump_dev_log() + - tty: check name length in tty_find_polling_driver() + - tracing/kprobes: Check the probe on unloaded module correctly + - drm/amdgpu/powerplay: fix missing break in switch statements + - [powerpc*] nohash: fix undefined behaviour when testing page size support + - [powerpc*] mm: Don't report hugepage tables as memory leaks when using + kmemleak + - [armhf] drm/omap: fix memory barrier bug in DMM driver + - drm/amd/display: fix gamma not being applied + - [arm64] drm/hisilicon: hibmc: Do not carry error code in HiBMC + framebuffer pointer + - media: pci: cx23885: handle adding to list failure + - [mips*] kexec: Mark CPU offline before disabling local IRQ + - [powerpc*] memtrace: Remove memory in chunks + - [mips*] PCI: Call pcie_bus_configure_settings() to set MPS/MRRS + - media: tvp5150: fix width alignment during set_selection() + - drm/amdgpu: Fix SDMA TO after GPU reset v3 + - 9p locks: fix glock.client_id leak in do_lock + - udf: Prevent write-unsupported filesystem to be remounted read-write + - 9p: clear dangling pointers in p9stat_free + - cdrom: fix improper type cast, which can leat to information leak. + - ovl: fix error handling in ovl_verify_set_fh() + - ovl: check whiteout in ovl_create_over_whiteout() + - [sh4] serial: sh-sci: Fix could not remove dev_attr_rx_fifo_timeout + - scsi: qla2xxx: Fix incorrect port speed being set for FC adapters + - scsi: qla2xxx: Fix process response queue for ISP26XX and above + - scsi: qla2xxx: Remove stale debug trace message from tcm_qla2xxx + - scsi: qla2xxx: shutdown chip if reset fail + - scsi: qla2xxx: Fix duplicate switch database entries + - scsi: qla2xxx: Fix driver hang when FC-NVMe LUNs are configured + - fuse: Fix use-after-free in fuse_dev_do_read() + - fuse: Fix use-after-free in fuse_dev_do_write() + - fuse: fix blocked_waitq wakeup + - fuse: set FR_SENT while locked + - ovl: fix recursive oi->lock in ovl_link() + - scsi: qla2xxx: Fix re-using LoopID when handle is in use + - scsi: qla2xxx: Fix NVMe session hang on unload + - [arm64] clk: meson-gxbb: set fclk_div3 as CLK_IS_CRITICAL + - [arm64] clk: meson: axg: mark fdiv2 and fdiv3 as critical + - zram: close udev startup race condition as default groups + - [mips*el/loonsgon-3] Fix CPU UART irq delivery problem + - [mips*el/loongson-3] Fix BRIDGE irq delivery problem + - [armhf] clk: s2mps11: Fix matching when built as module and DT node + contains compatible + - [armhf,arm64] clk: sunxi-ng: h6: fix bus clocks' divider position + - [arm64] clk: rockchip: fix wrong mmc sample phase shift for rk3328 + - [armhf,arm64] clk: rockchip: Fix static checker warning in + rockchip_ddrclk_get_parent call + - libceph: bump CEPH_MSG_MAX_DATA_LEN + - Revert "ceph: fix dentry leak in splice_dentry()" + - thermal: core: Fix use-after-free in thermal_cooling_device_destroy_sysfs + - mach64: fix display corruption on big endian machines + - mach64: fix image corruption due to reading accelerator registers + - acpi/nfit, x86/mce: Handle only uncorrectable machine checks + - acpi/nfit, x86/mce: Validate a MCE's address before using it + - acpi, nfit: Fix ARS overflow continuation + - [arm64] reset: hisilicon: fix potential NULL pointer dereference + - vhost/scsi: truncate T10 PI iov_iter to prot_bytes + - scsi: qla2xxx: Initialize port speed to avoid setting lower speed + - SCSI: fix queue cleanup race before queue initialization is done + - [powerpc*] Revert "powerpc/8xx: Use L1 entry APG to handle _PAGE_ACCESSED + for CONFIG_SWAP" + - ocfs2: fix a misuse a of brelse after failing ocfs2_check_dir_entry + - ocfs2: free up write context when direct IO failed + - mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings + - memory_hotplug: cond_resched in __remove_pages + - netfilter: conntrack: fix calculation of next bucket number in early_drop + - [armhf] 8809/1: proc-v7: fix Thumb annotation of cpu_v7_hvc_switch_mm + - bonding/802.3ad: fix link_failure_count tracking + - mtd: nand: Fix nanddev_neraseblocks() + - mtd: docg3: don't set conflicting BCH_CONST_PARAMS option + - hwmon: (core) Fix double-free in __hwmon_device_register() + - perf stat: Handle different PMU names with common prefix + - of, numa: Validate some distance map rules + - [x86] hyper-v: Enable PIT shutdown quirk + - termios, tty/tty_baudrate.c: fix buffer overrun + - watchdog/core: Add missing prototypes for weak functions + - btrfs: fix pinned underflow after transaction aborted + - Btrfs: fix cur_offset in the error case for nocow + - Btrfs: fix infinite loop on inode eviction after deduplication of eof + block + - Btrfs: fix data corruption due to cloning of eof block + - clockevents/drivers/i8253: Add support for PIT shutdown quirk + - ext4: add missing brelse() update_backups()'s error path + - ext4: add missing brelse() in set_flexbg_block_bitmap()'s error path + - ext4: add missing brelse() add_new_gdb_meta_bg()'s error path + - ext4: avoid potential extra brelse in setup_new_flex_group_blocks() + - ext4: missing !bh check in ext4_xattr_inode_write() + - ext4: fix possible inode leak in the retry loop of ext4_resize_fs() + - ext4: avoid buffer leak on shutdown in ext4_mark_iloc_dirty() + - ext4: avoid buffer leak in ext4_orphan_add() after prior errors + - ext4: fix missing cleanup if ext4_alloc_flex_bg_array() fails while + resizing + - ext4: avoid possible double brelse() in add_new_gdb() on error path + - ext4: fix possible leak of sbi->s_group_desc_leak in error path + - ext4: fix possible leak of s_journal_flag_rwsem in error path + - ext4: fix buffer leak in ext4_xattr_get_block() on error path + - ext4: release bs.bh before re-using in ext4_xattr_block_find() + - ext4: fix buffer leak in ext4_xattr_move_to_block() on error path + - ext4: fix buffer leak in ext4_expand_extra_isize_ea() on error path + - ext4: fix buffer leak in __ext4_read_dirblock() on error path + - mount: Retest MNT_LOCKED in do_umount + - mount: Don't allow copying MNT_UNBINDABLE|MNT_LOCKED mounts + - mount: Prevent MNT_DETACH from disconnecting locked mounts + - mnt: fix __detach_mounts infinite loop + - sunrpc: correct the computation for page_ptr when truncating + - NFSv4: Don't exit the state manager without clearing + NFS4CLNT_MANAGER_RUNNING + - nfsd: COPY and CLONE operations require the saved filehandle to be set + - rtc: hctosys: Add missing range error reporting + - fuse: fix use-after-free in fuse_direct_IO() + - fuse: fix leaked notify reply + - selinux: check length properly in SCTP bind hook + - configfs: replace strncpy with memcpy + - gfs2: Put bitmap buffers in put_super + - gfs2: Fix metadata read-ahead during truncate (2) + - libata: blacklist SAMSUNG MZ7TD256HAFV-000L9 SSD + - crypto: user - fix leaking uninitialized memory to userspace + - hugetlbfs: fix kernel BUG at fs/hugetlbfs/inode.c:444! + - mm/swapfile.c: use kvzalloc for swap_info_struct allocation + - [armhf,arm64] efi/libstub: Pack FDT after populating it + - [armhf,arm64] drm/rockchip: Allow driver to be shutdown on reboot/kexec + - [arm64] drm/msm: fix OF child-node lookup + - drm/amdgpu: Fix typo in amdgpu_vmid_mgr_init + - drm/amdgpu: add missing CHIP_HAINAN in amdgpu_ucode_get_load_type + - drm/nouveau: Check backlight IDs are >= 0, not > 0 + - drm/nouveau: Fix nv50_mstc->best_encoder() + - drm/amd/powerplay: Enable/Disable NBPSTATE on On/OFF of UVD + - [armhf] drm/etnaviv: fix bogus fence complete check in timeout handler + - drm/dp_mst: Check if primary mstb is null + - drm: panel-orientation-quirks: Add quirk for Acer One 10 (S1003) + - [x86] drm/i915/dp: Link train Fallback on eDP only if fallback link BW + can fit panel's native mode + - [x86] drm/i915: Restore vblank interrupts earlier + - [x86] drm/i915: Don't unset intel_connector->mst_port + - [x86] drm/i915: Skip vcpi allocation for MSTB ports that are gone + - [x86] drm/i915: Large page offsets for pread/pwrite + - [x86] drm/i915/dp: Fix link retraining comment in intel_dp_long_pulse() + - [x86] drm/i915/dp: Restrict link retrain workaround to external monitors + - [x86] drm/i915/hdmi: Add HDMI 2.0 audio clock recovery N values + - [x86] drm/i915: Fix error handling for the NV12 fb dimensions check + - [x86] drm/i915: Fix ilk+ watermarks when disabling pipes + - [x86] drm/i915: Compare user's 64b GTT offset even on 32b + - [x86] drm/i915: Don't oops during modeset shutdown after lpe audio deinit + - [x86] drm/i915: Mark pin flags as u64 + - [x86] drm/i915/ringbuffer: Delay after EMIT_INVALIDATE for gen4/gen5 + - [x86] drm/i915/execlists: Force write serialisation into context image vs + execution + - [x86] drm/i915: Fix possible race in intel_dp_add_mst_connector() + - [armhf,arm64] CONFIG_XEN_PV breaks xen_create_contiguous_region on ARM + + [ Ben Hutchings ] + * linux-perf: Fix BPF feature detection + * [rt] Update to 4.18.16-rt9: + - Revert "rcu: Use cpus_read_lock() while looking at cpu_online_mask" + - EXP rcu: Revert expedited GP parallelization cleverness + + [ Romain Perier ] + * [rt] Update to 4.18.12-rt7 + * Fixed FTBFS caused by wireless-disable-regulatory.db-direct-loading.patch, + due to conflicting types for 'reg_query_regdb_wmm' + + [ Vagrant Cascadian ] + * [arm64] Update pinebook/teres-i device-tree patches to 4.19.x: + - Enables the lid to wakeup from suspend. + + [ Salvatore Bonaccorso ] + * [x86] swiotlb: Enable swiotlb for > 4GiG RAM on 32-bit kernels + (Closes: #908924) + * mremap: properly flush TLB before releasing the page (CVE-2018-18281) + * cdrom: fix improper type cast, which can leat to information leak + (CVE-2018-18710) + + -- Ben Hutchings <ben@decadent.org.uk> Wed, 21 Nov 2018 20:55:46 +0000 + +linux (4.18.10-2) unstable; urgency=medium + + [ Ben Hutchings ] + * [rt][arm64,armhf] Fix build failure after rebasing onto 4.18.10 + * xen-netback: fix input validation in xenvif_set_hash_mapping() + (CVE-2018-15471) + * Revert "uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct + member name" (Closes: #909813) + + [ Salvatore Bonaccorso ] + * [arm64] KVM: Tighten guest core register access from userspace + (CVE-2018-18021) + * [arm64] KVM: Sanitize PSTATE.M when being set from userspace + (CVE-2018-18021) + + -- Ben Hutchings <ben@decadent.org.uk> Sun, 07 Oct 2018 21:57:06 +0100 + +linux (4.18.10-1) unstable; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.9 + - i2c: xiic: Make the start and the byte count write atomic + - i2c: i801: fix DNV's SMBCTRL register offset + - HID: multitouch: fix Elan panels with 2 input modes declaration + - HID: core: fix grouping by application + - HID: i2c-hid: Fix flooded incomplete report after S3 on Rayd touchscreen + - HID: input: fix leaking custom input node name + - mm/hugetlb: filter out hugetlb pages if HUGEPAGE migration is not + supported. + - mac80211: don't update the PM state of a peer upon a multicast frame + - scsi: lpfc: Correct MDS diag and nvmet configuration + - nbd: don't allow invalid blocksize settings + - block: don't warn when doing fsync on read-only devices + - block: bfq: swap puts in bfqg_and_blkg_put + - android: binder: fix the race mmap and alloc_new_buf_locked + - [mips*] VDSO: Match data page cache colouring when D$ aliases + - smb3: Backup intent flag missing for directory opens with backupuid mounts + - smb3: check for and properly advertise directory lease support + - cifs: connect to servername instead of IP for IPC$ share + - btrfs: fix qgroup_free wrong num_bytes in btrfs_subvolume_reserve_metadata + - btrfs: fix data corruption when deduplicating between different files + - [arm64] KVM: Only force FPEXC32_EL2.EN if trapping FPSIMD + - [armhf, arm64] KVM: Clean dcache to PoC when changing PTE due to CoW + - [[powerpc*] KVM: Book3S HV: Use correct pagesize in kvm_unmap_radix() + - [s390x] KVM: vsie: copy wrapping keys to right place + - [x86] KVM: SVM: Set EMULTYPE_NO_REEXECUTE for RSM emulation + - [x86] KVM: VMX: Do not allow reexecute_instruction() when skipping MMIO + instr + - [x86] KVM: Invert emulation re-execute behavior to make it opt-in + - [x86] KVM: Merge EMULTYPE_RETRY and EMULTYPE_ALLOW_REEXECUTE + - [x86] KVM: Default to not allowing emulation retry in kvm_mmu_page_fault + - [x86] KVM: Do not re-{try,execute} after failed emulation in L2 + - ACPI / LPSS: Force LPSS quirks on boot + - memory: ti-aemif: fix a potential NULL-pointer dereference + - ALSA: hda - Fix cancel_work_sync() stall from jackpoll work + - cpu/hotplug: Adjust misplaced smb() in cpuhp_thread_fun() + - cpu/hotplug: Prevent state corruption on error rollback + - [x86] microcode: Make sure boot_cpu_data.microcode is up-to-date + - [x86] microcode: Update the new microcode revision unconditionally + - [x86] process: Don't mix user/kernel regs in 64bit __show_regs() + - [x86] apic/vector: Make error return value negative + - switchtec: Fix Spectre v1 vulnerability + - misc: mic: SCIF Fix scif_get_new_port() error handling + - ALSA: hda/realtek - Add mute LED quirk for HP Spectre x360 + - ethtool: Remove trailing semicolon for static inline + - i2c: aspeed: Add an explicit type casting for *get_clk_reg_val + - Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV + - gpio: tegra: Move driver registration to subsys_init level + - [powerpc*] powernv: Fix concurrency issue with npu->mmio_atsd_usage + - [powerpc*] 4xx: Fix error return path in ppc4xx_msi_probe() + - media: davinci: vpif_display: Mix memory leak on probe error path + - media: dw2102: Fix memleak on sequence of probes + - net: phy: Fix the register offsets in Broadcom iProc mdio mux driver + - scsi: qla2xxx: Fix unintended Logout + - scsi: qla2xxx: Fix session state stuck in Get Port DB + - scsi: qla2xxx: Silent erroneous message + - clk: scmi: Fix the rounding of clock rate + - blk-mq: fix updating tags depth + - scsi: lpfc: Fix driver crash when re-registering NVME rports. + - scsi: target: fix __transport_register_session locking + - md/raid5: fix data corruption of replacements after originals dropped + - timers: Clear timer_base::must_forward_clk with timer_base::lock held + - gpu: ipu-v3: default to id 0 on missing OF alias + - misc: ti-st: Fix memory leak in the error path of probe() + - uio: potential double frees if __uio_register_device() fails + - firmware: vpd: Fix section enabled flag on vpd_section_destroy + - [x86] Drivers: hv: vmbus: Cleanup synic memory free path + - tty: rocket: Fix possible buffer overwrite on register_PCI + - uio: fix possible circular locking dependency + - iwlwifi: pcie: don't access periphery registers when not available + - IB/IPoIB: Set ah valid flag in multicast send flow + - f2fs: fix to active page in lru list for read path + - f2fs: do not set free of current section + - f2fs: Keep alloc_valid_block_count in sync + - f2fs: issue discard align to section in LFS mode + - f2fs: fix defined but not used build warnings + - f2fs: fix to detect looped node chain correctly + - ASoC: soc-pcm: Use delay set in component pointer function + - perf tools: Allow overriding MAX_NR_CPUS at compile time + - device-dax: avoid hang on error before devm_memremap_pages() + - NFSv4.0 fix client reference leak in callback + - perf c2c report: Fix crash for empty browser + - perf evlist: Fix error out while applying initial delay and LBR + - [powerpc*] pseries: fix EEH recovery of some IOV devices + - [powerpc*] macintosh/via-pmu: Add missing mmio accessors + - ath9k: report tx status on EOSP + - ath9k_hw: fix channel maximum power level test + - ath10k: prevent active scans on potential unusable channels + - wlcore: Set rx_status boottime_ns field on rx + - rpmsg: core: add support to power domains for devices + - mtd: rawnand: make subop helpers return unsigned values + - scsi: tcmu: do not set max_blocks if data_bitmap has been setup + - [mips*] Fix ISA virt/bus conversion for non-zero PHYS_OFFSET + - ata: libahci: Allow reconfigure of DEVSLP register + - ata: libahci: Correct setting of DEVSLP register + - nfs: Referrals not inheriting proto setting from parent + - scsi: 3ware: fix return 0 on the error path of probe + - tools/testing/nvdimm: kaddr and pfn can be NULL to ->direct_access() + - ath10k: disable bundle mgmt tx completion event support + - media: em28xx: explicitly disable TS packet filter + - PCI: mobiveil: Fix struct mobiveil_pcie.pcie_reg_base address type + - [powerpc*] mm: Don't report PUDs as memory leaks when using kmemleak + - Bluetooth: hidp: Fix handling of strncpy for hid->name information + - [x86] mm: Remove in_nmi() warning from vmalloc_fault() + - [armhf] pinctrl: imx: off by one in imx_pinconf_group_dbg_show() + - gpio: pxa: disable pinctrl calls for PXA3xx + - gpio: ml-ioh: Fix buffer underwrite on probe error path + - [x86, arm64] pinctrl/amd: only handle irq if it is pending and unmasked + - [armhf, arm64] net: mvneta: fix mtu change on port without link + - f2fs: try grabbing node page lock aggressively in sync scenario + - pktcdvd: Fix possible Spectre-v1 for pkt_devs + - f2fs: fix to skip GC if type in SSA and SIT is inconsistent + - [x86] tpm/tpm_i2c_infineon: switch to i2c_lock_bus(..., I2C_LOCK_SEGMENT) + - f2fs: fix to do sanity check with reserved blkaddr of inline inode + (CVE-2018-13099) + - [mips*] Octeon: add missing of_node_put() + - [mips*] generic: fix missing of_node_put() + - thermal: rcar_thermal: avoid NULL dereference in absence of IRQ resources + - thermal_hwmon: Sanitize attribute name passed to hwmon + - net: dcb: For wild-card lookups, use priority -1, not 0 + - dm cache: only allow a single io_mode cache feature to be requested + - Input: atmel_mxt_ts - only use first T9 instance + - [powerpc*] partitions/aix: append null character to print data from disk + - [powerpc*] partitions/aix: fix usage of uninitialized lv_info and lvname + structures + - drm/amd/display: Prevent PSR from being enabled if initialization fails + - media: em28xx: Fix dual transport stream operation + - [arm64] iommu/arm-smmu-v3: Abort all transactions if SMMU is enabled in + kdump kernel + - f2fs: fix to wait on page writeback before updating page + - f2fs: Fix uninitialized return in f2fs_ioc_shutdown() + - media: em28xx: Fix DualHD disconnect oops + - f2fs: avoid potential deadlock in f2fs_sbi_store + - f2fs: fix to do sanity check with secs_per_zone (CVE-2018-13100) + - [armhf] mfd: ti_am335x_tscadc: Fix struct clk memory leak + - f2fs: fix to do sanity check with {sit,nat}_ver_bitmap_bytesize + - f2fs: fix to propagate return value of scan_nat_page() + - f2fs: fix to do sanity check with extra_attr feature (CVE-2018-13098) + - RDMA/hns: Add illegal hop_num judgement + - NFSv4.1: Fix a potential layoutget/layoutrecall deadlock + - RDMA/hns: Update the data type of immediate data + - [mips*] WARN_ON invalid DMA cache maintenance, not BUG_ON + - [mips*] mscc: ocelot: fix length of memory address space for MIIM + - RDMA/cma: Do not ignore net namespace for unbound cm_id + - clocksource: Revert "Remove kthread" + - autofs: fix autofs_sbi() does not check super block type + - mm: get rid of vmacache_flush_all() entirely (CVE-2018-17182) + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.10 + - be2net: Fix memory leak in be_cmd_get_profile_config() + - net/mlx5: Fix use-after-free in self-healing flow + - rds: fix two RCU related problems + - tipc: orphan sock in tipc_release() + - net/mlx5: E-Switch, Fix memory leak when creating switchdev mode FDB + tables + - net/tls: Set count of SG entries if sk_alloc_sg returns -ENOSPC + - net/mlx5: Check for error in mlx5_attach_interface + - net/mlx5: Fix debugfs cleanup in the device init/remove flow + - erspan: fix error handling for erspan tunnel + - erspan: return PACKET_REJECT when the appropriate tunnel is not found + - tcp: really ignore MSG_ZEROCOPY if no SO_ZEROCOPY + - net/mlx5: Fix not releasing read lock when adding flow rules + - net/mlx5: Fix possible deadlock from lockdep when adding fte to fg + - net/mlx5: Use u16 for Work Queue buffer fragment size + - [armhf, arm64] usb: dwc3: change stream event enable bit back to 13 + - [arm64] iommu/arm-smmu-v3: sync the OVACKFLG to PRIQ consumer register + - [armhf] iommu/io-pgtable-arm-v7s: Abort allocation when table address + overflows the PTE + - [armhf] iommu/io-pgtable-arm: Fix pgtable allocation in selftest + - ALSA: msnd: Fix the default sample sizes + - ALSA: usb-audio: Add support for Encore mDSD USB DAC + - ALSA: usb-audio: Fix multiple definitions in AU0828_DEVICE() macro + - xfrm: fix 'passing zero to ERR_PTR()' warning + - [amd64, arm64] amd-xgbe: use dma_mapping_error to check map errors + - nfp: don't fail probe on pci_sriov_set_totalvfs() errors + - iwlwifi: cancel the injective function between hw pointers to tfd entry + index + - gfs2: Special-case rindex for gfs2_grow + - [armhf] clk: imx6ul: fix missing of_node_put() + - [armhf] clk: imx6sll: fix missing of_node_put() + - [arm64] clk: mvebu: armada-37xx-periph: Fix wrong return value in + get_parent + - Input: pxrc - fix freeing URB on device teardown + - clk: core: Potentially free connection id + - clk: clk-fixed-factor: Clear OF_POPULATED flag in case of failure + - media: tw686x: Fix oops on buffer alloc failure + - [armhf] dmaengine: pl330: fix irq race with terminate_all + - [mips*] ath79: fix system restart + - media: videobuf2-core: check for q->error in vb2_core_qbuf() + - IB/rxe: Drop QP0 silently + - block: allow max_discard_segments to be stacked + - IB/ipoib: Fix error return code in ipoib_dev_init() + - mtd/maps: fix solutionengine.c printk format warnings + - gfs2: Don't reject a supposedly full bitmap if we have blocks reserved + - perf tools: Synthesize GROUP_DESC feature in pipe mode + - perf tools: Fix struct comm_str removal crash + - [powerpc*] perf: Fix callchain ip filtering when return address is in a + register + - fbdev: Distinguish between interlaced and progressive modes + - [armhf] exynos: Clear global variable on init error path + - [powerpc*] perf: Fix callchain ip filtering + - nvmet: fix file discard return status + - nvme-rdma: unquiesce queues when deleting the controller + - [armhf, arm64] KVM: vgic: Fix possible spectre-v1 write in + vgic_mmio_write_apr() + - [powerpc*] powerpc/powernv: opal_put_chars partial write fix + - perf script: Show correct offsets for DWARF-based unwinding + - ASoC: rt5514: Fix the issue of the delay volume applied + - [mips*] jz4740: Bump zload address + - mac80211: restrict delayed tailroom needed decrement + - Smack: Fix handling of IPv4 traffic received by PF_INET6 sockets + - wan/fsl_ucc_hdlc: use IS_ERR_VALUE() to check return value of + qe_muram_alloc + - [arm64] fix possible spectre-v1 write in ptrace_hbp_set_event() + - reset: imx7: Fix always writing bits as 0 + - efi/arm: preserve early mapping of UEFI memory map longer for BGRT + - ALSA: usb-audio: Generic DSD detection for Thesycon-based implementations + - nfp: avoid buffer leak when FW communication fails + - xen-netfront: fix queue name setting + - [arm64] dts: qcom: db410c: Fix Bluetooth LED trigger + - ARM: dts: qcom: msm8974-hammerhead: increase load on l20 for sdhci + - soc: qcom: smem: Correct check for global partition + - [s390x] qeth: fix race in used-buffer accounting + - [s390x] qeth: reset layer2 attribute on layer switch + - platform/x86: toshiba_acpi: Fix defined but not used build warnings + - KVM: arm/arm64: Fix vgic init race + - drivers/base: stop new probing during shutdown + - i2c: aspeed: Fix initial values of master and slave state + - drm/amd/pp: Set Max clock level to display by default + - regulator: qcom_spmi: Use correct regmap when checking for error + - regulator: qcom_spmi: Fix warning Bad of_node_put() + - iommu/ipmmu-vmsa: IMUCTRn.TTSEL needs a special usage on R-Car Gen3 + - dmaengine: mv_xor_v2: kill the tasklets upon exit + - crypto: sharah - Unregister correct algorithms for SAHARA 3 + - [x86] pti: Check the return value of pti_user_pagetable_walk_p4d() + - [x86] pti: Check the return value of pti_user_pagetable_walk_pmd() + - [x86} mm/pti: Add an overflow check to pti_clone_pmds() + - PCI/AER: Honor "pcie_ports=native" even if HEST sets FIRMWARE_FIRST + - xen-netfront: fix warn message as irq device name has '/' + - RDMA/cma: Protect cma dev list with lock + - pstore: Fix incorrect persistent ram buffer mapping + - xen/netfront: fix waiting for xenbus state change + - IB/ipoib: Avoid a race condition between start_xmit and cm_rep_handler + - [s390x] crypto: Fix return code checking in cbc_paes_crypt() + - [armhf] mmc: omap_hsmmc: fix wakeirq handling on removal + - ipmi: Rework SMI registration failure + - ipmi: Move BT capabilities detection to the detect call + - ipmi: Fix I2C client removal in the SSIF driver + - ovl: fix oopses in ovl_fill_super() failure paths + - vmbus: don't return values for uninitalized channels + - tools: hv: Fix a bug in the key delete code + - misc: ibmvsm: Fix wrong assignment of return code + - misc: hmc6352: fix potential Spectre v1 + - xhci: Fix use after free for URB cancellation on a reallocated endpoint + - usb: Don't die twice if PCI xhci host is not responding in resume + - usb: xhci: fix interrupt transfer error happened on MTK platforms + - usb: mtu3: fix error of xhci port id when enable U3 dual role + - mei: ignore not found client in the enumeration + - mei: bus: fix hw module get/put balance + - mei: bus: need to unlink client before freeing + - dm verity: fix crash on bufio buffer that was allocated with vmalloc + - usb: Add quirk to support DJI CineSSD + - usb: uas: add support for more quirk flags + - usb: Avoid use-after-free by flushing endpoints early in + usb_set_interface() + - usb: host: u132-hcd: Fix a sleep-in-atomic-context bug in u132_get_frame() + - usb: add quirk for WORLDE Controller KS49 or Prodipe MIDI 49C USB + controller + - usb: gadget: udc: renesas_usb3: fix maxpacket size of ep0 + - usb: net2280: Fix erroneous synchronization change + - usb: serial: io_ti: fix array underflow in completion handler + - usb: misc: uss720: Fix two sleep-in-atomic-context bugs + - usb: serial: ti_usb_3410_5052: fix array underflow in completion handler + - usb: yurex: Fix buffer over-read in yurex_write() + - usb: cdc-wdm: Fix a sleep-in-atomic-context bug in + service_outstanding_interrupt() + - Revert "cdc-acm: implement put_char() and flush_chars()" + - cifs: prevent integer overflow in nxt_dir_entry() + - CIFS: fix wrapping bugs in num_entries() + - cifs: integer overflow in in SMB2_ioctl() + - xtensa: ISS: don't allocate memory in platform_setup + - perf/core: Force USER_DS when recording user stack data + - perf tools: Fix maps__find_symbol_by_name() + - of: fix phandle cache creation for DTs with no phandles + - x86/EISA: Don't probe EISA bus for Xen PV guests + - NFSv4: Fix a tracepoint Oops in initiate_file_draining() + - NFSv4.1 fix infinite loop on I/O. + - of: add helper to lookup compatible child node + - mmc: meson-mx-sdio: fix OF child-node lookup + - binfmt_elf: Respect error return from `regset->active' + - net/mlx5: Add missing SET_DRIVER_VERSION command translation + - audit: fix use-after-free in audit_add_watch + - mtdchar: fix overflows in adjustment of `count` + - vfs: fix freeze protection in mnt_want_write_file() for overlayfs + - bpf: fix rcu annotations in compute_effective_progs() + - spi: dw: fix possible race condition + - Bluetooth: Use lock_sock_nested in bt_accept_enqueue + - evm: Don't deadlock if a crypto algorithm is unavailable + - [powerpc*] KVM: Book3S HV: Add of_node_put() in success path + - security: check for kstrdup() failure in lsm_append() + - PM / devfreq: use put_device() instead of kfree() + - [powerpc*] KVM: Book3S: Fix matching of hardware and emulated TCE tables + - configfs: fix registered group removal + - sched/core: Use smp_mb() in wake_woken_function() + - efi/esrt: Only call efi_mem_reserve() for boot services memory + - [arm64] net: hns3: Reset net device with rtnl_lock + - [arm64] net: hns3: Fix for reset_level default assignment probelm + - [arm64] hisi: handle of_iomap and fix missing of_node_put + - [arm64] hisi: fix error handling and missing of_node_put + - [arm64] net: hns3: Fix return value error in hns3_reset_notify_down_enet + - [arm64] hisi: check of_iomap and fix missing of_node_put + - liquidio: fix hang when re-binding VF host drv after running DPDK VF + driver + - [armhf] gpu: ipu-v3: csi: pass back mbus_code_to_bus_cfg error codes + - ASoC: hdmi-codec: fix routing + - serial: 8250: of: Correct of_platform_serial_setup() error handling + - tty: fix termios input-speed encoding when using BOTHER + - tty: fix termios input-speed encoding + - [armhf, arm64] mmc: tegra: prevent HS200 on Tegra 3 + - mmc: sdhci: do not try to use 3.3V signaling if not supported + - drm/nouveau: Fix runtime PM leak in drm_open() + - drm/nouveau/debugfs: Wake up GPU before doing any reclocking + - [armhf, arm64] drm/nouveau: tegra: Detach from ARM DMA/IOMMU mapping + - tls: Fix zerocopy_from_iter iov handling + - parport: sunbpp: fix error return code + - sched/fair: Fix util_avg of new tasks for asymmetric systems + - f2fs: do checkpoint in kill_sb + - drm/amd/display: support access ddc for mst branch + - gpiolib: Mark gpio_suffixes array with __maybe_unused + - [armhf, arm64] net: mvpp2: make sure we use single queue mode on PPv2.1 + - mfd: 88pm860x-i2c: switch to i2c_lock_bus(..., I2C_LOCK_SEGMENT) + - input: rohm_bu21023: switch to i2c_lock_bus(..., I2C_LOCK_SEGMENT) + - [x86] drm/amdkfd: Fix kernel queue 64 bit doorbell offset calculation + - [x86] drm/amdkfd: Fix error codes in kfd_get_process + - ALSA: pcm: Fix snd_interval_refine first/last with open min/max + - scsi: libfc: fixup 'sleeping function called from invalid context' + - scsi: lpfc: Fix NVME Target crash in defer rcv logic + - scsi: lpfc: Fix panic if driver unloaded when port is offline + - [arm64] perf: Disable PMU while processing counter overflows + - drm/amd/pp: Send khz clock values to DC for smu7/8 + - IB/mlx5: fix uaccess beyond "count" in debugfs read/write handlers + - blk-mq: only attempt to merge bio if there is rq in sw queue + - blk-mq: avoid to synchronize rcu inside blk_cleanup_queue() + - [arm64] pinctrl: msm: Fix msm_config_group_get() to be compliant + - [arm64] pinctrl: qcom: spmi-gpio: Fix pmic_gpio_config_get() to be + compliant + - [armhf, arm64] clk: tegra: bpmp: Don't crash when a clock fails to + register + - [x86] mei: bus: type promotion bug in mei_nfc_if_version() + - [x86] crypto: ccp - add timeout support in the SEV command + + [ Vagrant Cascadian ] + * debian/rules.real: Generate linux-source tarball with root user and + group specified, to fix reproducibility issues. + + [ Ben Hutchings ] + * drivers/net/ethernet: Ignore ABI changes + * [arm64] ACPI: Change ACPI_NFIT from built-in to module + * [i386/686] Enable MGEODE_LX instead of M686 (regression in 4.16) + - x86-32: Disable 3D-Now in generic config + * Bump ABI to 2 + + [ Yves-Alexis Perez ] + * [x86] enable PINCTRL_AMD for touchpad support on Lenovo IdeaPad. + (closes: #876141) + + [ Geoff Levand ] + * [arm64] Add support for new server hardware (Closes: #900581): + - Enable SCHED_SMT for hardware multithreading processors + - Enable ARM64_LSE_ATOMICS for v8.1 processors + - ACPI: Enable ACPI_PCI_SLOT, ACPI_HED, ACPI_BGRT, ACPI_APEI, + ACPI_APEI_GHES, ACPI_APEI_PCIEAER, ACPI_APEI_SEA, + ACPI_APEI_MEMORY_FAILURE as built-in; + ACPI_APEI_EINJ, WDAT_WDT as modules + * [arm64] acpi: Add fixup for HPE m400 quirks + + [ Salvatore Bonaccorso ] + * floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl + (CVE-2018-7755) + * scsi: target: iscsi: Use hex2bin instead of a re-implementation + (CVE-2018-14633) + * scsi: target: iscsi: Use bin2hex instead of a re-implementation + + -- Ben Hutchings <ben@decadent.org.uk> Sun, 30 Sep 2018 18:02:51 +0100 + +linux (4.18.8-1) unstable; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.7 + - rcu: Make expedited GPs handle CPU 0 being offline + - net: 6lowpan: fix reserved space for single frames + - net: mac802154: tx: expand tailroom if necessary + - 9p/net: Fix zero-copy path in the 9p virtio transport + - spi: pxa2xx: Add support for Intel Ice Lake + - mmc: block: Fix unsupported parallel dispatch of requests + - readahead: stricter check for bdi io_pages + - block: fix infinite loop if the device loses discard capability + - block: blk_init_allocated_queue() set q->fq as NULL in the fail case + - block: really disable runtime-pm for blk-mq + - blkcg: Introduce blkg_root_lookup() + - block: Introduce blk_exit_queue() + - block: Ensure that a request queue is dissociated from the cgroup + controller + - apparmor: fix bad debug check in apparmor_secid_to_secctx() + - dma-buf: Move BUG_ON from _add_shared_fence to _add_shared_inplace + - libertas: fix suspend and resume for SDIO connected cards + - media: Revert "[media] tvp5150: fix pad format frame height" + - [arm64] mailbox: xgene-slimpro: Fix potential NULL pointer dereference + - Replace magic for trusting the secondary keyring with #define + - Fix kexec forbidding kernels signed with keys in the secondary keyring to + boot + - [powerpc*] fadump: handle crash memory ranges array index overflow + - [powerpc*] 64s: Fix page table fragment refcount race vs speculative + references + - [powerpc*] pseries: Fix endianness while restoring of r3 in MCE handler. + - [powerpc*] pkeys: Give all threads control of their key permissions + - [powerpc*] pkeys: Deny read/write/execute by default + - [powerpc*] pkeys: key allocation/deallocation must not change pkey + registers + - [powerpc*] pkeys: Save the pkey registers before fork + - [powerpc*] pkeys: Fix calculation of total pkeys. + - [powerpc*] pkeys: Preallocate execute-only key + - [powerpc*] nohash: fix pte_access_permitted() + - [powerpc64] ftrace: Include ftrace.h needed for enable/disable calls + - [powerpc*] powernv/pci: Work around races in PCI bridge enabling + - cxl: Fix wrong comparison in cxl_adapter_context_get() + - ocxl: Fix page fault handler in case of fault on dying process + - IB/mlx5: Honor cnt_set_id_valid flag instead of set_id + - IB/mlx5: Fix leaking stack memory to userspace + - IB/srpt: Fix srpt_cm_req_recv() error path (1/2) + - IB/srpt: Fix srpt_cm_req_recv() error path (2/2) + - IB/srpt: Support HCAs with more than two ports + - RDMA/mlx5: Fix shift overflow in mlx5_ib_create_wq + - ib_srpt: Fix a use-after-free in srpt_close_ch() + - ib_srpt: Fix a use-after-free in __srpt_close_all_ch() + - RDMA/rxe: Set wqe->status correctly if an unexpected response is received + - 9p: fix multiple NULL-pointer-dereferences + - fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr + failed + - 9p/virtio: fix off-by-one error in sg list bounds check + - net/9p/client.c: version pointer uninitialized + - net/9p/trans_fd.c: fix race-condition by flushing workqueue before the + kfree() + - dm integrity: change 'suspending' variable from bool to int + - dm thin: stop no_space_timeout worker when switching to write-mode + - dm cache metadata: save in-core policy_hint_size to on-disk superblock + - dm cache metadata: set dirty on all cache blocks after a crash + - dm crypt: don't decrease device limits + - dm writecache: fix a crash due to reading past end of dirty_bitmap + - uart: fix race between uart_put_char() and uart_shutdown() + - [x86] Drivers: hv: vmbus: Fix the offer_in_progress in + vmbus_process_offer() + - [x86] Drivers: hv: vmbus: Reset the channel callback in + vmbus_onoffer_rescind() + - extcon: Release locking when sending the notification of connector state + - [x86] vmw_balloon: fix inflation of 64-bit GFNs + - [x86] vmw_balloon: do not use 2MB without batching + - [x86] vmw_balloon: VMCI_DOORBELL_SET does not check status + - [x86] vmw_balloon: fix VMCI use when balloon built into kernel + - [armhf] rtc: omap: fix resource leak in registration error path + - [armhf] rtc: omap: fix potential crash on power off + - tracing: Do not call start/stop() functions when tracing_on does not + change + - tracing/blktrace: Fix to allow setting same value + - printk/tracing: Do not trace printk_nmi_enter() + - uprobes: Use synchronize_rcu() not synchronize_sched() + - mfd: hi655x: Fix regmap area declared size for hi655x + - ovl: fix wrong use of impure dir cache in ovl_iterate() + - ACPICA: AML Parser: skip opcodes that open a scope upon parse failure + - ACPICA: Clear status of all events when entering sleep states + - drivers/block/zram/zram_drv.c: fix bug storing backing_dev + - sched: idle: Avoid retaining the tick when it has been stopped + - cpuidle: menu: Handle stopped tick more aggressively + - cpufreq: governor: Avoid accessing invalid governor_data + - PM / sleep: wakeup: Fix build error caused by missing SRCU support + - ALSA: ac97: fix device initialization in the compat layer + - ALSA: ac97: fix check of pm_runtime_get_sync failure + - ALSA: ac97: fix unbalanced pm_runtime_enable + - [x86, arm64] i2c: designware: Re-init controllers with pm_disabled set on + resume + - [x86] KVM: VMX: fixes for vmentry_l1d_flush module parameter + - [powerpc*] KVM: Book3S: Fix guest DMA when guest partially backed by + THP pages + - block, bfq: return nbytes and not zero from struct cftype .write() method + - pnfs/blocklayout: off by one in bl_map_stripe() + - nfsd: fix leaked file lock with nfs exported overlayfs + - NFSv4 client live hangs after live data migration recovery + - NFSv4: Fix locking in pnfs_generic_recover_commit_reqs + - NFSv4: Fix a sleep in atomic context in nfs4_callback_sequence() + - [armhf] ARM: dts: am57xx-idk: Enable dual role for USB2 port + - [armhf] pwm: omap-dmtimer: Return -EPROBE_DEFER if no dmtimer platform + data + - mm/tlb: Remove tlb_remove_table() non-concurrent condition + - [x86] iommu/vt-d: Add definitions for PFSID + - [x86] iommu/vt-d: Fix dev iotlb pfsid use + - sys: don't hold uts_sem while accessing userspace memory + - ubifs: Fix memory leak in lprobs self-check + - Revert "UBIFS: Fix potential integer overflow in allocation" + - ubifs: Check data node size before truncate + - ubifs: xattr: Don't operate on deleted inodes + - ubifs: Fix directory size calculation for symlinks + - ubifs: Fix synced_i_size calculation for xattr inodes + - [armhf] pwm: tiehrpwm: Don't use emulation mode bits to control PWM output + - [armhf] pwm: tiehrpwm: Fix disabling of output of PWMs + - fb: fix lost console when the user unplugs a USB adapter + - udlfb: fix semaphore value leak + - udlfb: fix display corruption of the last line + - udlfb: don't switch if we are switching to the same videomode + - udlfb: set optimal write delay + - udlfb: make a local copy of fb_ops + - udlfb: handle allocation failure + - udlfb: set line_length in dlfb_ops_set_par + - getxattr: use correct xattr length + - libnvdimm: Use max contiguous area for namespace size + - libnvdimm: fix ars_status output length calculation + - bcache: release dc->writeback_lock properly in bch_writeback_thread() + - cap_inode_getsecurity: use d_find_any_alias() instead of d_find_alias() + - mm, dev_pagemap: Do not clear ->mapping on final put + - perf auxtrace: Fix queue resize + - [x86] crypto: vmx - Fix sleep-in-atomic bugs + - [x86] crypto: aesni - Use unaligned loads from gcm_context_data + - [arm64] crypto: arm64/sm4-ce - check for the right CPU feature bit + - fs/quota: Fix spectre gadget in do_quotactl + - udf: Fix mounting of Win7 created UDF filesystems + - cpuidle: menu: Retain tick when shallow state is selected + - [arm64] mm: always enable CONFIG_HOLES_IN_ZONE + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.8 + - act_ife: fix a potential use-after-free + - ipv4: tcp: send zero IPID for RST and ACK sent in SYN-RECV and TIME-WAIT + state + - net: sched: Fix memory exposure from short TCA_U32_SEL + - qlge: Fix netdev features configuration. + - r8152: disable RX aggregation on new Dell TB16 dock + - tcp: do not restart timewait timer on rst reception + - vti6: remove !skb->ignore_df check from vti6_xmit() + - act_ife: move tcfa_lock down to where necessary + - act_ife: fix a potential deadlock + - net: sched: action_ife: take reference to meta module + - bnxt_en: Clean up unused functions. + - bnxt_en: Do not adjust max_cp_rings by the ones used by RDMA. + - net/sched: act_pedit: fix dump of extended layered op + - tipc: fix a missing rhashtable_walk_exit() + - [x86] hv_netvsc: Fix a deadlock by getting rtnl lock earlier in + netvsc_probe() + - tipc: fix the big/little endian issue in tipc_dest + - sctp: remove useless start_fail from sctp_ht_iter in proc + - erspan: set erspan_ver to 1 by default when adding an erspan dev + - ipv6: don't get lwtstate twice in ip6_rt_copy_init() + - net/ipv6: init ip6 anycast rt->dst.input as ip6_input + - net/ipv6: Only update MTU metric if it set + - net/ipv6: Put lwtstate when destroying fib6_info + - net/mlx5: Fix SQ offset in QPs with small RQ + - r8169: set RxConfig after tx/rx is enabled for RTL8169sb/8110sb devices + - [armhf,arm64] Revert "net: stmmac: Do not keep rearming the coalesce + timer in stmmac_xmit" + - ip6_vti: fix creating fallback tunnel device for vti6 + - ip6_vti: fix a null pointer deference when destroy vti6 tunnel + - nfp: wait for posted reconfigs when disabling the device + - sctp: hold transport before accessing its asoc in sctp_transport_get_next + - vhost: correctly check the iova range when waking virtqueue + - [x86] hv_netvsc: ignore devices that are not PCI + - cifs: check if SMB2 PDU size has been padded and suppress the warning + - hfsplus: don't return 0 when fill_super() failed + - hfs: prevent crash on exit from failed search + - sunrpc: Don't use stack buffer with scatterlist + - fork: don't copy inconsistent signal handler state to child + - fs/proc/vmcore.c: hide vmcoredd_mmap_dumps() for nommu builds + - reiserfs: change j_timestamp type to time64_t + - [armhf,arm64] iommu/rockchip: Handle errors returned from PM framework + - hfsplus: fix NULL dereference in hfsplus_lookup() (CVE-2018-14617) + - [armhf,arm64] iommu/rockchip: Move irq request past pm_runtime_enable + - fs/proc/kcore.c: use __pa_symbol() for KCORE_TEXT list entries + - fat: validate ->i_start before using + - workqueue: skip lockdep wq dependency in cancel_work_sync() + - workqueue: re-add lockdep dependencies for flushing + - scripts: modpost: check memory allocation results + - apparmor: fix an error code in __aa_create_ns() + - virtio: pci-legacy: Validate queue pfn + - [x86] mce: Add notifier_block forward declaration + - i2c: core: ACPI: Make acpi_gsb_i2c_read_bytes() check i2c_transfer return + value + - IB/hfi1: Invalid NUMA node information can cause a divide by zero + - [armhf,arm64] pwm: meson: Fix mux clock names + - [powerpc*] topology: Get topology for shared processors at boot + - mm/fadvise.c: fix signed overflow UBSAN complaint + - mm: make DEFERRED_STRUCT_PAGE_INIT explicitly depend on SPARSEMEM + - fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() + - [x86] platform: intel_punit_ipc: fix build errors + - bpf, sockmap: fix map elem deletion race with smap_stop_sock + - tcp, ulp: fix leftover icsk_ulp_ops preventing sock from reattach + - bpf, sockmap: fix sock_map_ctx_update_elem race with exist/noexist + - net/xdp: Fix suspicious RCU usage warning + - bpf, sockmap: fix leakage of smap_psock_map_entry + - netfilter: ip6t_rpfilter: set F_IFACE for linklocal addresses + - [s390x] kdump: Fix memleak in nt_vmcoreinfo + - ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() + - mfd: sm501: Set coherent_dma_mask when creating subdevices + - netfilter: x_tables: do not fail xt_alloc_table_info too easilly + - [x86] platform: asus-nb-wmi: Add keymap entry for lid flip action on + UX360 + - netfilter: fix memory leaks on netlink_dump_start error + - tcp, ulp: add alias for all ulp modules + - ubi: Initialize Fastmap checkmapping correctly + - ACPICA: ACPICA: add status check for acpi_hw_read before assigning return + value + - [arm*] perf arm spe: Fix uninitialized record error variable + - [arm64] net: hns3: Fix for command format parsing error in + hclge_is_all_function_id_zero + - block: don't warn for flush on read-only device + - [arm64] net: hns3: Fix for phy link issue when using marvell phy driver + - PCI: Match Root Port's MPS to endpoint's MPSS as necessary + - drm/amd/display: Guard against null crtc in CRC IRQ + - perf tools: Check for null when copying nsinfo. + - f2fs: avoid race between zero_range and background GC + - f2fs: fix avoid race between truncate and background GC + - net/9p/trans_fd.c: fix race by holding the lock + - net/9p: fix error path of p9_virtio_probe + - f2fs: fix to clear PG_checked flag in set_page_dirty() + - [armhf,arm64] pinctrl: axp209: Fix NULL pointer dereference after + allocation + - bpf: fix bpffs non-array map seq_show issue + - [powerpc*] uaccess: Enable get_user(u64, *p) on 32-bit + - [powerpc*] Fix size calculation using resource_size() + - [powerpc*] perf probe powerpc: Fix trace event post-processing + - block: bvec_nr_vecs() returns value for wrong slab + - brcmfmac: fix brcmf_wiphy_wowl_params() NULL pointer dereference + - [s390x] dasd: fix hanging offline processing due to canceled worker + - [s390x] dasd: fix panic for failed online processing + - ACPI / scan: Initialize status to ACPI_STA_DEFAULT + - blk-mq: count the hctx as active before allocating tag + - scsi: aic94xx: fix an error code in aic94xx_init() + - NFSv4: Fix error handling in nfs4_sp4_select_mode() + - Input: do not use WARN() in input_alloc_absinfo() + - xen/balloon: fix balloon initialization for PVH Dom0 + - [armhf] PCI: mvebu: Fix I/O space end address calculation + - dm kcopyd: avoid softlockup in run_complete_job + - [x86] staging: comedi: ni_mio_common: fix subdevice flags for PFI + subdevice + - ASoC: rt5677: Fix initialization of rt5677_of_match.data + - [armhf] iommu/omap: Fix cache flushes on L2 table entries + - selinux: cleanup dentry and inodes on error in selinuxfs + - RDS: IB: fix 'passing zero to ERR_PTR()' warning + - cfq: Suppress compiler warnings about comparisons + - smb3: fix reset of bytes read and written stats + - CIFS: fix memory leak and remove dead code + - SMB3: Number of requests sent should be displayed for SMB3 not just CIFS + - smb3: if server does not support posix do not allow posix mount option + - [powerpcspe] platforms/85xx: fix t1042rdb_diu.c build errors & warning + - [powerpc*] 64s: Make rfi_flush_fallback a little more robust + - [powerpc*] pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX. + - [armhf,arm64] clk: rockchip: Add pclk_rkpwm_pmu to PMU critical clocks in + rk3399 + - drm/amd/display: Read back max backlight value at boot + - [x86] KVM: vmx: track host_state.loaded using a loaded_vmcs pointer + - [x86] kvm: nVMX: Fix fault vector for VMX operation at CPL > 0 + - [armhf] drm/etnaviv: fix crash in GPU suspend when init failed due to + buffer placement + - btrfs: Exit gracefully when chunk map cannot be inserted to the tree + - btrfs: replace: Reset on-disk dev stats value after replace + - btrfs: fix in-memory value of total_devices after seed device deletion + - btrfs: relocation: Only remove reloc rb_trees if reloc control has been + initialized (CVE-2018-14609) + - btrfs: tree-checker: Detect invalid and empty essential trees + (CVE-2018-14612) + - btrfs: check-integrity: Fix NULL pointer dereference for degraded mount + - btrfs: lift uuid_mutex to callers of btrfs_open_devices + - btrfs: Don't remove block group that still has pinned down bytes + - btrfs: Fix a C compliance issue + - [armhf,arm64] rockchip: Force CONFIG_PM on Rockchip systems + - btrfs: do btrfs_free_stale_devices outside of device_list_add + - btrfs: extend locked section when adding a new device in device_list_add + - btrfs: rename local devices for fs_devices in btrfs_free_stale_devices( + - btrfs: use device_list_mutex when removing stale devices + - btrfs: lift uuid_mutex to callers of btrfs_scan_one_device + - btrfs: lift uuid_mutex to callers of btrfs_parse_early_options + - btrfs: reorder initialization before the mount locks uuid_mutex + - btrfs: fix mount and ioctl device scan ioctl race + - [x86] drm/i915/lpe: Mark LPE audio runtime pm as "no callbacks" + - [x86] drm/i915: Nuke the LVDS lid notifier + - [x86] drm/i915: Increase LSPCON timeout + - [x86] drm/i915: Free write_buf that we allocated with kzalloc. + - drm/amdgpu: update uvd_v6_0_ring_vm_funcs to use new nop packet + - drm/amdgpu: fix a reversed condition + - drm/amdgpu: Fix RLC safe mode test in gfx_v9_0_enter_rlc_safe_mode + - drm/amd/pp: Convert voltage unit in mV*4 to mV on CZ/ST + - drm/amd/powerplay: fixed uninitialized value + - drm/amd/pp/Polaris12: Fix a chunk of registers missed to program + - drm/edid: Quirk Vive Pro VR headset non-desktop. + - drm/edid: Add 6 bpc quirk for SDC panel in Lenovo B50-80 + - drm/amd/display: fix type of variable + - drm/amd/display: Don't share clk source between DP and HDMI + - drm/amd/display: update clk for various HDMI color depths + - drm/amd/display: Use requested HDMI aspect ratio + - drm/amd/display: Report non-DP display as disconnected without EDID + - [armhf,arm64] drm/rockchip: lvds: add missing of_node_put + - [armhf,arm64] drm/rockchip: vop: split out core clock enablement into + separate functions + - [armhf,arm64] drm/rockchip: vop: fix irq disabled after vop driver probed + - drm/amd/display: Pass connector id when executing VBIOS CT + - drm/amd/display: Check if clock source in use before disabling + - drm/amdgpu: update tmr mc address + - drm/amdgpu:add tmr mc address into amdgpu_firmware_info + - drm/amdgpu:add new firmware id for VCN + - drm/amdgpu:add VCN support in PSP driver + - drm/amdgpu:add VCN booting with firmware loaded by PSP + - drm/amdgpu: fix incorrect use of fcheck + - drm/amdgpu: fix incorrect use of drm_file->pid + - [x86] drm/i915: Re-apply "Perform link quality check, unconditionally + during long pulse" + - uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member + name + - mm: respect arch_dup_mmap() return value + - [x86] drm/i915: set DP Main Stream Attribute for color range on DDI + platforms + - [i386] tsc: Prevent result truncation on 32bit + - drm/amdgpu: Keep track of amount of pinned CPU visible VRAM + - drm/amdgpu: Make pin_size values atomic + - drm/amdgpu: Warn and update pin_size values when destroying a pinned BO + - drm/amdgpu: Don't warn on destroying a pinned BO + - debugobjects: Make stack check warning more informative + - [i386] pae: use 64 bit atomic xchg function in native_ptep_get_and_clear + - [x86] xen: don't write ptes directly in 32-bit PV guests + - [x86] kvm: Set highest physical address bits in non-present/reserved SPTEs + - [x86] kvm: avoid unused variable warning + - HID: redragon: fix num lock and caps lock LEDs + + [ Ben Hutchings ] + * [x86] wireless: Enable R8822BE as module (Closes: #908330) + * Move all patch generation scripts to debian/bin + * [rt] genpatch-rt: Store patches and series file in debian/patches-rt + * linux-headers: Stop linking the doc directory, which is not binNMU-safe + * debian/copyright: Simplify exclusions to work with mk-origtargz + * debian/{watch,bin/uscan-hook}: Drop uscan hook in favour of uupdate + * debian/watch: Add options for signature validation + * README.Debian: Update URLs that were pointing to Alioth + * README.Debian: Describe where to find patches for a specific version + * Revert "i40e: Add kconfig dependency to ensure cmpxchg64() is available" + + [ Salvatore Bonaccorso ] + * mac80211: don't update the PM state of a peer upon a multicast frame + (Closes: #887045, #886292) + + [ Romain Perier ] + * [x86] Enable TI TPS6598x USB Power Delivery controller family + * [x86] crypto: ccp: add timeout support in the SEV command (Closes: #908248) + * [rt] Update to 4.18.7-rt5 + + -- Ben Hutchings <ben@decadent.org.uk> Tue, 18 Sep 2018 03:05:01 +0100 + +linux (4.18.6-1) unstable; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.6 + - scsi: libsas: dynamically allocate and free ata host + - xprtrdma: Fix disconnect regression + - mei: don't update offset in write + - cifs: add missing support for ACLs in SMB 3.11 + - cifs: fix uninitialized ptr deref in smb2 signing + - cifs: add missing debug entries for kconfig options + - cifs: use a refcount to protect open/closing the cached file handle + - cifs: check kmalloc before use + - smb3: enumerating snapshots was leaving part of the data off end + - smb3: Do not send SMB3 SET_INFO if nothing changed + - smb3: don't request leases in symlink creation and query + - smb3: fill in statfs fsid and correct namelen + - btrfs: use correct compare function of dirty_metadata_bytes + - btrfs: don't leak ret from do_chunk_alloc + - Btrfs: fix mount failure after fsync due to hard link recreation + - Btrfs: fix btrfs_write_inode vs delayed iput deadlock + - Btrfs: fix send failure when root has deleted files still open + - Btrfs: send, fix incorrect file layout after hole punching beyond eof + - hwmon: (k10temp) 27C Offset needed for Threadripper2 + - [armhf] bpf: fix stack var offset in jit + - [armhf, arm64] iommu/arm-smmu: Error out only if not enough context + interrupts + - printk: Split the code for storing a message into the log buffer + - printk: Create helper function to queue deferred console handling + - printk/nmi: Prevent deadlock when accessing the main log buffer in NMI + - [arm64] kprobes: Fix %p uses in error messages + - [arm64] Fix mismatched cache line size detection + - [arm64] Handle mismatched cache type + - [arm64] mm: check for upper PAGE_SHIFT bits in pfn_valid() + - [arm64] dts: rockchip: corrected uart1 clock-names for rk3328 + - [armhf, arm64] KVM: Fix potential loss of ptimer interrupts + - [armhf, arm64] KVM: Fix lost IRQs from emulated physcial timer when + blocked + - [armhf, arm64] KVM: Skip updating PMD entry if no change + - [armhf, arm64] KVM: Skip updating PTE entry if no change + - [s390x] kvm: fix deadlock when killed by oom + - [s390x] perf kvm: Fix subcommands on s390 + - stop_machine: Reflow cpu_stop_queue_two_works() + - stop_machine: Atomically queue and wake stopper threads + - ext4: check for NUL characters in extended attribute's name + - ext4: use ext4_warning() for sb_getblk failure + - ext4: sysfs: print ext4_super_block fields as little-endian + - ext4: reset error code in ext4_find_entry in fallback + - ext4: fix race when setting the bitmap corrupted flag + - nvme-pci: add a memory barrier to nvme_dbbuf_update_and_check_event + - [x86] gpu: reserve ICL's graphics stolen memory + - [x86] platform: wmi: Do not mix pages and kmalloc + - [x86] platform: ideapad-laptop: Apply no_hw_rfkill to Y20-15IKBM, too + - mm: move tlb_table_flush to tlb_flush_mmu_free + - [x86] mm/tlb, mm: Support invalidating TLB caches for RCU_TABLE_FREE + - [x86] speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit + - [x86] speculation/l1tf: Fix off-by-one error when warning that system has + too much RAM (Closes: #907581) + - [x86] speculation/l1tf: Suggest what to do on systems with too much RAM + - [x86] vdso: Fix vDSO build if a retpoline is emitted + - [x86] process: Re-export start_thread() + - [x86] KVM: ensure all MSRs can always be KVM_GET/SET_MSR'd + - [x86] KVM: SVM: Call x86_spec_ctrl_set_guest/host() with interrupts + disabled + - fuse: Don't access pipe->buffers without pipe_lock() + - fuse: fix initial parallel dirops + - fuse: fix double request_end() + - fuse: fix unlocked access to processing queue + - fuse: umount should wait for all requests + - fuse: Fix oops at process_init_reply() + - fuse: Add missed unlock_page() to fuse_readpages_fill() + - lib/vsprintf: Do not handle %pO[^F] as %px + - udl-kms: change down_interruptible to down + - udl-kms: handle allocation failure + - udl-kms: fix crash due to uninitialized memory + - udl-kms: avoid division + - b43legacy/leds: Ensure NUL-termination of LED name string + - b43/leds: Ensure NUL-termination of LED name string + - ASoC: dpcm: don't merge format from invalid codec dai + - ASoC: zte: Fix incorrect PCM format bit usages + - ASoC: sirf: Fix potential NULL pointer dereference + - ASoC: wm_adsp: Correct DSP pointer for preloader control + - [armhf] pinctrl: freescale: off by one in imx1_pinconf_group_dbg_show() + - scsi: qla2xxx: Fix stalled relogin + - [x86] vdso: Fix lsl operand order + - [x86 ]nmi: Fix NMI uaccess race against CR3 switching + - [x86] irqflags: Mark native_restore_fl extern inline + - [x86] spectre: Add missing family 6 check to microcode check + - [x86] speculation/l1tf: Increase l1tf memory limit for Nehalem+ + (Closes: #907581) + - hwmon: (nct6775) Fix potential Spectre v1 + - [x86] entry/64: Wipe KASAN stack shadow before rewind_stack_do_exit() + - [x86] Allow generating user-space headers without a compiler + - [s390x] mm: fix addressing exception after suspend/resume + - [s390x] lib: use expoline for all bcr instructions + - [s390x] fix br_r1_trampoline for machines without exrl + - [s390x] qdio: reset old sbal_state flags + - [s390x] numa: move initial setup of node_to_cpumask_map + - [s390x] pci: fix out of bounds access during irq setup + - [s390x] purgatory: Fix crash with expoline enabled + - [s390x] purgatory: Add missing FORCE to Makefile targets + - kprobes: Show blacklist addresses as same as kallsyms does + - kprobes: Replace %p with other pointer types + - kprobes/arm: Fix %p uses in error messages + - kprobes: Make list and blacklist root user read only + - [mips*] Correct the 64-bit DSP accumulator register size + - [mips*] memset.S: Fix byte_fixup for MIPSr6 + - [mips*] Always use -march=<arch>, not -<arch> shortcuts + - [mips*] Change definition of cpu_relax() for Loongson-3 + - [mips*] lib: Provide MIPS64r6 __multi3() for GCC < 7 + - tpm: Return the actual size when receiving an unsupported command + - tpm: separate cmd_ready/go_idle from runtime_pm + - scsi: mpt3sas: Fix calltrace observed while running IO & reset + - scsi: mpt3sas: Fix _transport_smp_handler() error path + - scsi: sysfs: Introduce sysfs_{un,}break_active_protection() + - scsi: core: Avoid that SCSI device removal through sysfs triggers a + deadlock + - iscsi target: fix session creation failure handling + - mtd: rawnand: hynix: Use ->exec_op() in hynix_nand_reg_write_op() + - mtd: rawnand: fsmc: Stop using chip->read_buf() + - mtd: rawnand: marvell: add suspend and resume hooks + - mtd: rawnand: qcom: wait for desc completion in all BAM channels + - [arm64] clk: rockchip: fix clk_i2sout parent selection bits on rk3399 + - PM / clk: signedness bug in of_pm_clk_add_clks() + - power: generic-adc-battery: fix out-of-bounds write when copying channel + properties + - power: generic-adc-battery: check for duplicate properties copied from + iio channels + - watchdog: Mark watchdog touch functions as notrace + - cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status + - [x86] dumpstack: Don't dump kernel memory based on usermode RIP + + [ Ben Hutchings ] + * Set ABI to 1 + * [x86,arm64] Disable code signing for upload to unstable + * [rt] Re-enable PREEMPT_RT + * aufs: Update support patchset to aufs4.18-20180827 (no functional change) + * netfilter: Enable NF_TABLES_SET as module, replacing the multiple set + type modules that were enabled before 4.18 + * [powerpc,powerpcspe,ppc64] Build-Depend on updated kernel-wedge to fix + broken symlinks in kernel-image udeb + + [ Romain Perier ] + * [rt] Update to 4.18.5-rt3 + + -- Ben Hutchings <ben@decadent.org.uk> Thu, 06 Sep 2018 15:32:14 +0100 + +linux (4.18.5-1~exp1) experimental; urgency=medium + + * New upstream release: https://kernelnewbies.org/Linux_4.18 + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.1 + - [x86] paravirt: Fix spectre-v2 mitigations for paravirt guests + - [x86] speculation: Protect against userspace-userspace spectreRSB + - [x86] kprobes: Fix %p uses in error messages + - [x86] irqflags: Provide a declaration for native_save_fl + - [x86] speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT + - [x86] speculation/l1tf: Change order of offset/type in swap entry + - [x86] speculation/l1tf: Protect swap entries against L1TF + - [x86] speculation/l1tf: Protect PROT_NONE PTEs against speculation + - [x86] speculation/l1tf: Make sure the first page is always reserved + - [x86] speculation/l1tf: Add sysfs reporting for l1tf + - [x86] speculation/l1tf: Disallow non privileged high MMIO PROT_NONE + mappings + - [x86] speculation/l1tf: Limit swap file size to MAX_PA/2 + - [x86] Move the l1tf function and define pr_fmt properly + - sched/smt: Update sched_smt_present at runtime + - [x86] smp: Provide topology_is_primary_thread() + - [x86] topology: Provide topology_smt_supported() + - cpu/hotplug: Make bringup/teardown of smp threads symmetric + - cpu/hotplug: Split do_cpu_down() + - cpu/hotplug: Provide knobs to control SMT + - [x86] cpu: Remove the pointless CPU printout + - [x86] cpu/AMD: Remove the pointless detect_ht() call + - [x86] cpu/common: Provide detect_ht_early() + - [x86] cpu/topology: Provide detect_extended_topology_early() + - [x86] cpu/intel: Evaluate smp_num_siblings early + - [x86] cpu/AMD: Do not check CPUID max ext level before parsing SMP info + - [x86] cpu/AMD: Evaluate smp_num_siblings early + - [x86] apic: Ignore secondary threads if nosmt=force + - [x86] speculation/l1tf: Extend 64bit swap file size limit + - [x86] cpufeatures: Add detection of L1D cache flush support. + - [x86] cpu/AMD: Move TOPOEXT reenablement before reading smp_num_siblings + - [x86] speculation/l1tf: Protect PAE swap entries against L1TF + - [x86] speculation/l1tf: Fix up pte->pfn conversion for PAE + - Revert "x86/apic: Ignore secondary threads if nosmt=force" + - cpu/hotplug: Boot HT siblings at least once + - [x86] KVM: Warn user if KVM is loaded SMT and L1TF CPU bug being present + - [x86] KVM/VMX: Add module argument for L1TF mitigation + - [x86] KVM/VMX: Add L1D flush algorithm + - [x86] KVM/VMX: Add L1D MSR based flush + - [x86] KVM/VMX: Add L1D flush logic + - [x86] KVM/VMX: Split the VMX MSR LOAD structures to have an host/guest + numbers + - [x86] KVM/VMX: Add find_msr() helper function + - [x86] KVM/VMX: Separate the VMX AUTOLOAD guest/host number accounting + - [x86] KVM/VMX: Extend add_atomic_switch_msr() to allow VMENTER only MSRs + - [x86] KVM/VMX: Use MSR save list for IA32_FLUSH_CMD if required + - cpu/hotplug: Online siblings when SMT control is turned on + - [x86] litf: Introduce vmx status variable + - [x86] kvm: Drop L1TF MSR list approach + - [x86] l1tf: Handle EPT disabled state proper + - [x86] kvm: Move l1tf setup function + - [x86] kvm: Add static key for flush always + - [x86] kvm: Serialize L1D flush parameter setter + - [x86] kvm: Allow runtime control of L1D flush + - cpu/hotplug: Expose SMT control init function + - cpu/hotplug: Set CPU_SMT_NOT_SUPPORTED early + - [x86] bugs, kvm: Introduce boot-time control of L1TF mitigations + - [x86] speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED + architectures + - [x86] KVM/VMX: Initialize the vmx_l1d_flush_pages' content + - cpu/hotplug: detect SMT disabled by BIOS + - [x86] KVM/VMX: Don't set l1tf_flush_l1d to true from vmx_l1d_flush() + - [x86] KVM/VMX: Replace 'vmx_l1d_flush_always' with 'vmx_l1d_flush_cond' + - [x86] KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush() + - [x86] irq: Demote irq_cpustat_t::__softirq_pending to u16 + - [x86] KVM/VMX: Introduce per-host-cpu analogue of l1tf_flush_l1d + - [x86] Don't include linux/irq.h from asm/hardirq.h + - [x86] irq: Let interrupt handlers set kvm_cpu_l1tf_flush_l1d + - [x86] KVM/VMX: Don't set l1tf_flush_l1d from vmx_handle_external_intr() + - [x86] speculation: Simplify sysfs report of VMX L1TF vulnerability + - [x86] speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry + - [x86] KVM/VMX: Tell the nested hypervisor to skip L1D flush on vmentry + - cpu/hotplug: Fix SMT supported evaluation + - [x86] speculation/l1tf: Invert all not present mappings + - [x86] speculation/l1tf: Make pmd/pud_mknotpresent() invert + - [x86] mm/pat: Make set_memory_np() L1TF safe + - [x86] mm/kmmio: Make the tracer robust against L1TF + - tools headers: Synchronise x86 cpufeatures.h for L1TF additions + - [x86] microcode: Allow late microcode loading with SMT disabled + - cpu/hotplug: Non-SMP machines do not make use of booted_once + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.2 + - [x86] l1tf: Fix build error seen if CONFIG_KVM_INTEL is disabled + - [x86] hyper-v: Check for VP_INVAL in hyperv_flush_tlb_others() + - [x86] platform/UV: Mark memblock related init code and data correctly + - [x86] mm/pti: Clear Global bit more aggressively + - [x86] xen/pv: Call get_cpu_address_sizes to set x86_virt/phys_bits + - [x86] mm: Disable ioremap free page handling on x86-PAE + - crypto: ccp - Check for NULL PSP pointer at module unload + - crypto: ccp - Fix command completion detection race + - [x86] crypto: x86/sha256-mb - fix digest copy in + sha256_mb_mgr_get_comp_job_avx2() + - crypto: vmac - require a block cipher with 128-bit block size + - crypto: vmac - separate tfm and request context + - Bluetooth: hidp: buffer overflow in hidp_process_report (CVE-2018-9363) + - ioremap: Update pgtable free interfaces with addr + - [x86] mm: Add TLB purge to free pmd/pte page interfaces + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.3 + - [x86] speculation/l1tf: Exempt zeroed PTEs from inversion + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.4 + - l2tp: use sk_dst_check() to avoid race on sk->sk_dst_cache + - net_sched: fix NULL pointer dereference when delete tcindex filter + - net_sched: Fix missing res info when create new tc_index filter + - r8169: don't use MSI-X on RTL8168g + - ALSA: hda - Sleep for 10ms after entering D3 on Conexant codecs + - ALSA: hda - Turn CX8200 into D3 as well upon reboot + - ALSA: vx222: Fix invalid endian conversions + - ALSA: cs5535audio: Fix invalid endian conversion + - ALSA: dice: fix wrong copy to rx parameters for Alesis iO26 + - ALSA: hda: Correct Asrock B85M-ITX power_save blacklist entry + - ALSA: memalloc: Don't exceed over the requested size + - ALSA: vxpocket: Fix invalid endian conversions + - ALSA: seq: Fix poll() error return + - media: gl861: fix probe of dvb_usb_gl861 + - USB: serial: sierra: fix potential deadlock at close + - USB: serial: pl2303: add a new device id for ATEN + - USB: option: add support for DW5821e + - [x86] ACPI / PM: save NVS memory for ASUS 1025C laptop + - tty: serial: 8250: Revert NXP SC16C2552 workaround + - serial: 8250_exar: Read INT0 from slave device, too + - [x86, armhf, arm64] serial: 8250_dw: always set baud rate in + dw8250_set_termios + - [armhf, arm64] serial: 8250_dw: Add ACPI support for uart on Broadcom SoC + - uio: fix wrong return value from uio_mmap() + - Revert "uio: use request_threaded_irq instead" + - Bluetooth: avoid killing an already killed socket + - net: sock_diag: Fix spectre v1 gadget in __sock_diag_cmd() + - [x86] hv/netvsc: Fix NULL dereference at single queue mode fallback + - r8169: don't use MSI-X on RTL8106e + - ip_vti: fix a null pointer deferrence when create vti fallback tunnel + - [arm64] net: ethernet: mvneta: Fix napi structure mixup on armada 3700 + - [arm64] net: mvneta: fix mvneta_config_rss on armada 3700 + - cls_matchall: fix tcf_unbind_filter missing + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.5 + - [mips*, x86] EDAC: Add missing MEM_LRDDR4 entry in edac_mem_types[] + - pty: fix O_CLOEXEC for TIOCGPTPEER + - mm: Allow non-direct-map arguments to free_reserved_area() + - [x86] mm/init: Pass unconverted symbol addresses to free_init_pages() + - [x86] mm/init: Add helper for freeing kernel image pages + - [x86] mm/init: Remove freed kernel image areas from alias mapping + - [powerpc64] Show ori31 availability in spectre_v1 sysfs file not v2 + - ext4: fix spectre gadget in ext4_mb_regular_allocator() + - [x86] drm/i915/kvmgt: Fix potential Spectre v1 + - drm/amdgpu/pm: Fix potential Spectre v1 + - [hppa/parisc] Remove unnecessary barriers from spinlock.h + - [hppa/parisc] Remove ordered stores from syscall.S + - PCI: Restore resized BAR state on resume + - PCI/ACPI/PM: Resume all bridges on suspend-to-RAM + - PCI: hotplug: Don't leak pci_slot on registration failure + - [arm64] PCI: aardvark: Size bridges before resources allocation + - PCI: Skip MPS logic for Virtual Functions (VFs) + - PCI: pciehp: Fix use-after-free on unplug + - PCI: pciehp: Fix unprotected list iteration in IRQ handler + - i2c: core: ACPI: Properly set status byte to 0 for multi-byte writes + - [armhf] i2c: imx: Fix race condition in dma read + - reiserfs: fix broken xattr handling (heap corruption, bad retval) + + [ Uwe Kleine-König ] + * [arm64] enable RTC_DRV_PCF8563 for Odroid-C2 + + [ Romain Perier ] + * [armhf, arm64] add the rt featureset, which adds support for + PREEMPT_RT (Closes #719547) + * spi: Enable CONFIG_SPI_SPIDEV (Closes: #904043) + + [ Ben Hutchings ] + * certs: Remove certificate for my personal signing key + * Update policy version to 4.2.0: + - linux-kbuild: Change "#!/usr/bin/env perl" to "#!/usr/bin/perl" + - Build with KBUILD_VERBOSE=1 by default + - objtool, usbip: Build with V=1 by default + * cpupower: Fix handling of noopt and nostrip build options + * debian/bin/gencontrol_signed.py: Add certificate fingerprints to template + metadata + * scripts/kernel-doc: Escape all literal braces in regexes (Closes: #905116) + * debian/bin/genorig.py: Add support for debian/copyright Files-Excluded + field + * Move file exclusion from d/p/debian/dfsg/files-1 to d/copyright + * Move disabling of broken features from d/p/series-orig to d/p/series + * Remove our private patch system, which is no longer needed + * debian/bin: Change "#!/usr/bin/env python3" to "#!/usr/bin/python3" + + -- Ben Hutchings <ben@decadent.org.uk> Sun, 26 Aug 2018 20:52:17 +0100 + +linux (4.18~rc5-1~exp1) experimental; urgency=medium + + * New upstream release candidate + + [ John Paul Adrian Glaubitz ] + * [m68k] net: Enable CONFIG_XSURF100 as module. + * [m68k] udeb: Remove individual modules from nic-modules. + * [m68k] scsi: Enable CONFIG_SCSI_ZORRO_ESP as module. + * [m68k] udeb: Add zorro_esp module to scsi-modules. + + [ Ben Hutchings ] + * [powerpcspe] powerpc/Makefile: Assemble with -me500 when building for E500 + (fixes FTBFS) (thanks to James Clarke) + + -- Ben Hutchings <ben@decadent.org.uk> Thu, 19 Jul 2018 16:16:23 +0100 + +linux (4.18~rc4-1~exp1) experimental; urgency=medium + + * New upstream release candidate + + [ Ben Hutchings ] + * Remove remaining Python 2 (build-)dependencies: + - Build docs using Python 3 version of Sphinx + - linux-perf: Build docs using asciidoctor + - linux-perf: Use Python 3 for scripts + * autofs: rename 'autofs' module back to 'autofs4' (Closes: #902946) + * udeb: Move of_mdio to nic-shared-modules (Closes: #903587) + * [armhf] mm: Export __sync_icache_dcache() for xen-privcmd (fixes FTBFS) + + -- Ben Hutchings <ben@decadent.org.uk> Thu, 12 Jul 2018 05:12:50 +0100 + +linux (4.18~rc3-1~exp1) experimental; urgency=medium + + * New upstream release candidate + + [ Ben Hutchings ] + * aufs: Update to aufs4.x-rcN 20180702 + * netfilter: ipvs: Fix invalid bytes in IP_VS_MH_TAB_INDEX help text + * Update config for 4.18 using kconfigeditor2 + - [x86,arm64] PCI: HOTPLUG_PCI_SHPC is now built-in + * Move config files from linux-source-<version> to an arch-dependent + linux-config-<version> package + * lockdep: Stub task_struct::state + * [sh4] udeb: Add nic-shared-modules package + * udeb: Moved fixed_phy to nic-shared-modules + + [ YunQiang Su ] + * [mips*r6*] Enable dtb building for boston. + * [mips*r6*/mipsn32*] build linux-perf in rules.real. + + -- Ben Hutchings <ben@decadent.org.uk> Tue, 03 Jul 2018 17:26:05 +0100 + +linux (4.17.17-1) unstable; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.17.16 + - [x86] platform/UV: Mark memblock related init code and data correctly + - [x86] mm/pti: Clear Global bit more aggressively + - [x86] xen/pv: Call get_cpu_address_sizes to set x86_virt/phys_bits + - [x86] mm: Disable ioremap free page handling on x86-PAE + - kbuild: verify that $DEPMOD is installed + - [x86] crypto: ccp - Check for NULL PSP pointer at module unload + - [x86] crypto: ccp - Fix command completion detection race + - crypto: vmac - require a block cipher with 128-bit block size + - crypto: vmac - separate tfm and request context + - crypto: blkcipher - fix crash flushing dcache in error path + - crypto: ablkcipher - fix crash flushing dcache in error path + - crypto: skcipher - fix aligning block size in skcipher_copy_iv() + - crypto: skcipher - fix crash flushing dcache in error path + - ioremap: Update pgtable free interfaces with addr + - [x86] mm: Add TLB purge to free pmd/pte page interfaces + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.17.17 + - [x86] speculation/l1tf: Exempt zeroed PTEs from inversion + + -- Salvatore Bonaccorso <carnil@debian.org> Sat, 18 Aug 2018 14:02:58 +0200 + +linux (4.17.15-1) unstable; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.17.15 + - [hppa/parisc] Enable CONFIG_MLONGCALLS by default + - [hppa/parisc] Define mb() and add memory barriers to assembler unlock + sequences + - Mark HI and TASKLET softirq synchronous + - stop_machine: Disable preemption after queueing stopper threads + - sched/deadline: Update rq_clock of later_rq when pushing a task + - zram: remove BD_CAP_SYNCHRONOUS_IO with writeback feature + - xen/netfront: don't cache skb_shinfo() + - bpf, sockmap: fix leak in bpf_tcp_sendmsg wait for mem path + - bpf, sockmap: fix bpf_tcp_sendmsg sock error handling + - scsi: sr: Avoid that opening a CD-ROM hangs with runtime power + management enabled + - scsi: qla2xxx: Fix memory leak for allocating abort IOCB + - init: rename and re-order boot_cpu_state_init() + - root dentries need RCU-delayed freeing + - make sure that __dentry_kill() always invalidates d_seq, unhashed or not + - fix mntput/mntput race + - fix __legitimize_mnt()/mntput() race + - [armhf] dts: imx6sx: fix irq for pcie bridge + - [x86] paravirt: Fix spectre-v2 mitigations for paravirt guests + - [x86] speculation: Protect against userspace-userspace spectreRSB + - [x86] kprobes/x86: Fix %p uses in error messages + - [x86] irqflags: Provide a declaration for native_save_fl + - [x86] speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT + - [x86] speculation/l1tf: Change order of offset/type in swap entry + - [x86] speculation/l1tf: Protect swap entries against L1TF + - [x86] speculation/l1tf: Protect PROT_NONE PTEs against speculation + - [x86] speculation/l1tf: Make sure the first page is always reserved + - [x86] speculation/l1tf: Add sysfs reporting for l1tf + - [x86] speculation/l1tf: Disallow non privileged high MMIO PROT_NONE + mappings + - [x86] speculation/l1tf: Limit swap file size to MAX_PA/2 + - [x86] bugs: Move the l1tf function and define pr_fmt properly + - sched/smt: Update sched_smt_present at runtime + - [x86] smp: Provide topology_is_primary_thread() + - [x86] topology: Provide topology_smt_supported() + - cpu/hotplug: Make bringup/teardown of smp threads symmetric + - cpu/hotplug: Split do_cpu_down() + - cpu/hotplug: Provide knobs to control SMT + - [x86] cpu: Remove the pointless CPU printout + - [x86] cpu/AMD: Remove the pointless detect_ht() call + - [x86] cpu/common: Provide detect_ht_early() + - [x86] cpu/topology: Provide detect_extended_topology_early() + - [x86] cpu/intel: Evaluate smp_num_siblings early + - [x86] CPU/AMD: Do not check CPUID max ext level before parsing SMP info + - [x86] cpu/AMD: Evaluate smp_num_siblings early + - [x86] apic: Ignore secondary threads if nosmt=force + - [x86] speculation/l1tf: Extend 64bit swap file size limit + - [x86] cpufeatures: Add detection of L1D cache flush support. + - [x86] CPU/AMD: Move TOPOEXT reenablement before reading smp_num_siblings + - [x86] speculation/l1tf: Protect PAE swap entries against L1TF + - [x86] speculation/l1tf: Fix up pte->pfn conversion for PAE + - Revert "[x86] apic: Ignore secondary threads if nosmt=force" + - cpu/hotplug: Boot HT siblings at least once + - [x86] KVM: Warn user if KVM is loaded SMT and L1TF CPU bug being present + - [x86] KVM/VMX: Add module argument for L1TF mitigation + - [x86] KVM/VMX: Add L1D flush algorithm + - [x86] KVM/VMX: Add L1D MSR based flush + - [x86] KVM/VMX: Add L1D flush logic + - [x86] KVM/VMX: Split the VMX MSR LOAD structures to have an host/guest + numbers + - [x86] KVM/VMX: Add find_msr() helper function + - [x86] KVM/VMX: Separate the VMX AUTOLOAD guest/host number accounting + - [x86] KVM/VMX: Extend add_atomic_switch_msr() to allow VMENTER only MSRs + - [x86] KVM/VMX: Use MSR save list for IA32_FLUSH_CMD if required + - cpu/hotplug: Online siblings when SMT control is turned on + - [x86] litf: Introduce vmx status variable + - [x86] kvm: Drop L1TF MSR list approach + - [x86] l1tf: Handle EPT disabled state proper + - [x86] kvm: Move l1tf setup function + - [x86] kvm: Add static key for flush always + - [x86] kvm: Serialize L1D flush parameter setter + - [x86] kvm: Allow runtime control of L1D flush + - cpu/hotplug: Expose SMT control init function + - cpu/hotplug: Set CPU_SMT_NOT_SUPPORTED early + - [x86] bugs, kvm: Introduce boot-time control of L1TF mitigations + - Documentation: Add section about CPU vulnerabilities + - [x86] speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED + architectures + - [x86] KVM/VMX: Initialize the vmx_l1d_flush_pages' content + - Documentation/l1tf: Fix typos + - cpu/hotplug: detect SMT disabled by BIOS + - [x86] KVM/VMX: Don't set l1tf_flush_l1d to true from vmx_l1d_flush() + - [x86] KVM/VMX: Replace 'vmx_l1d_flush_always' with 'vmx_l1d_flush_cond' + - [x86] KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush() + - [x86] irq: Demote irq_cpustat_t::__softirq_pending to u16 + - [x86] KVM/VMX: Introduce per-host-cpu analogue of l1tf_flush_l1d + - [x86] Don't include linux/irq.h from asm/hardirq.h + - [x86] irq: Let interrupt handlers set kvm_cpu_l1tf_flush_l1d + - [x86] KVM/VMX: Don't set l1tf_flush_l1d from vmx_handle_external_intr() + - Documentation/l1tf: Remove Yonah processors from not vulnerable list + - [x86] speculation: Simplify sysfs report of VMX L1TF vulnerability + - [x86] speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry + - KVM: VMX: Tell the nested hypervisor to skip L1D flush on vmentry + - cpu/hotplug: Fix SMT supported evaluation + - [x86] speculation/l1tf: Invert all not present mappings + - [x86] speculation/l1tf: Make pmd/pud_mknotpresent() invert + - [x86] mm/pat: Make set_memory_np() L1TF safe + - [x86] mm/kmmio: Make the tracer robust against L1TF + - tools headers: Synchronize prctl.h ABI header + - tools headers: Synchronise x86 cpufeatures.h for L1TF additions + - [x86] microcode: Allow late microcode loading with SMT disabled + - [x86] smp: fix non-SMP broken build due to redefinition of + apic_id_is_primary_thread + - cpu/hotplug: Non-SMP machines do not make use of booted_once + - [x86] init: fix build with CONFIG_SWAP=n + - [x86] CPU/AMD: Have smp_num_siblings and cpu_llc_id always be present + + [ Ben Hutchings ] + * serdev: Enable SERIAL_DEV_BUS, SERIAL_DEV_CTRL_TTYPORT as built-in + (except on armel) + - bluetooth: Re-enable BT_HCIUART_{BCM,LL} (Closes: #906048) + * drivers/net/phy: Enable SFP as module (Closes: #906054) + * Revert "net: increase fragment memory usage limits" (CVE-2018-5391) + + [ Salvatore Bonaccorso ] + * [x86] l1tf: Fix build error seen if CONFIG_KVM_INTEL is disabled + * [x86] i8259: Add missing include file + * Bluetooth: hidp: buffer overflow in hidp_process_report (CVE-2018-9363) + * Bump ABI to 3 + + -- Salvatore Bonaccorso <carnil@debian.org> Fri, 17 Aug 2018 05:11:43 +0200 + +linux (4.17.14-1) unstable; urgency=high + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.17.9 + - compiler-gcc.h: Add __attribute__((gnu_inline)) to all inline declarations + - [x86] asm: Add _ASM_ARG* constants for argument registers to <asm/asm.h> + - [x86] paravirt: Make native_save_fl() extern inline + - alx: take rtnl before calling __alx_open from resume + - atm: Preserve value of skb->truesize when accounting to vcc + - atm: zatm: Fix potential Spectre v1 + - [x86] hv_netvsc: split sub-channel setup into async and sync + - ipv6: sr: fix passing wrong flags to crypto_alloc_shash() + - ipvlan: fix IFLA_MTU ignored on NEWLINK + - ixgbe: split XDP_TX tail and XDP_REDIRECT map flushing + - net: dccp: avoid crash in ccid3_hc_rx_send_feedback() + - net: dccp: switch rx_tstamp_last_feedback to monotonic clock + - net: fix use-after-free in GRO with ESP + - net/mlx5e: Avoid dealing with vport representors if not being e-switch + manager + - net/mlx5e: Don't attempt to dereference the ppriv struct if not being + eswitch manager + - net/mlx5: E-Switch, Avoid setup attempt if not being e-switch manager + - net/mlx5: Fix command interface race in polling mode + - net/mlx5: Fix incorrect raw command length parsing + - net/mlx5: Fix required capability for manipulating MPFS + - net/mlx5: Fix wrong size allocation for QoS ETC TC regitster + - [armhf, arm64] net: mvneta: fix the Rx desc DMA address in the Rx path + - net/packet: fix use-after-free + - net/sched: act_ife: fix recursive lock and idr leak + - net/sched: act_ife: preserve the action control in case of error + - net_sched: blackhole: tell upper qdisc about dropped packets + - net: sungem: fix rx checksum support + - net/tcp: Fix socket lookups with SO_BINDTODEVICE + - qede: Adverstise software timestamp caps when PHC is not available. + - qed: Fix setting of incorrect eswitch mode. + - qed: Fix use of incorrect size in memcpy call. + - qed: Limit msix vectors in kdump kernel to the minimum required count. + - qmi_wwan: add support for the Dell Wireless 5821e module + - r8152: napi hangup fix after disconnect + - [s390x] qeth: don't clobber buffer on async TX completion + - [armhf, arm64] stmmac: fix DMA channel hang in half-duplex mode + - tcp: fix Fast Open key endianness + - tcp: prevent bogus FRTO undos with non-SACK flows + - vhost_net: validate sock before trying to put its fd + - VSOCK: fix loopback on big-endian systems + - nfp: flower: fix mpls ether type detection + - net: use dev_change_tx_queue_len() for SIOCSIFTXQLEN + - nfp: reject binding to shared blocks + - xen-netfront: Fix mismatched rtnl_unlock + - xen-netfront: Update features after registering netdev + - enic: do not overwrite error code + - i40e: split XDP_TX tail and XDP_REDIRECT map flushing + - IB/mlx5: Avoid dealing with vport representors if not being e-switch + manager + - [s390x] Revert "s390/qeth: use Read device to query hypervisor for MAC" + - [s390x] qeth: avoid using is_multicast_ether_addr_64bits on (u8 *)[6] + - [s390x] qeth: fix race when setting MAC address + - sfc: correctly initialise filter rwsem for farch + - virtio_net: split XDP_TX kick and XDP_REDIRECT map flushing + - [x86] kvm/Kconfig: Ensure CRYPTO_DEV_CCP_DD state at minimum matches + KVM_AMD + - net: cxgb3_main: fix potential Spectre v1 + - net: lan78xx: Fix race in tx pending skb size calculation + - [x86] PCI: hv: Disable/enable IRQs rather than BH in hv_compose_msi_msg() + - netfilter: ebtables: reject non-bridge targets + - reiserfs: fix buffer overflow with long warning messages + - KEYS: DNS: fix parsing multiple options + - tls: Stricter error checking in zerocopy sendmsg path + - autofs: fix slab out of bounds read in getname_kernel() + - netfilter: ipv6: nf_defrag: drop skb dst before queueing + - bpf: reject any prog that failed read-only lock + - rds: avoid unenecessary cong_update in loop transport + - block: don't use blocking queue entered for recursive bio submits + - bpf: sockmap, fix crash when ipv6 sock is added + - bpf: sockmap, consume_skb in close path + - bpf: don't leave partial mangled prog in jit_subprogs error path + - net/nfc: Avoid stalls when nfc_alloc_send_skb() returned NULL. + - ipvs: initialize tbl->entries after allocation + - ipvs: initialize tbl->entries in ip_vs_lblc_init_svc() + - [armhf, arm64] smccc: Add SMCCC-specific return codes + - [arm64] Add 'ssbd' command-line option + - [arm64] ssbd: Add global mitigation state accessor + - [arm64] ssbd: Skip apply_ssbd if not using dynamic mitigation + - [arm64] ssbd: Restore mitigation status on CPU resume + - [arm64] ssbd: Introduce thread flag to control userspace mitigation + - [arm64] ssbd: Add prctl interface for per-thread mitigation + - [arm64] KVM: Add HYP per-cpu accessors + ARCH_FEATURES_FUNC_ID + - bpf: enforce correct alignment for instructions + - [armhf] bpf: fix to use bpf_jit_binary_lock_ro api + - bpf: undo prog rejection on read-only lock failure + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.17.10 + - scsi: sd_zbc: Fix variable type and bogus comment + - scsi: qla2xxx: Fix inconsistent DMA mem alloc/free + - scsi: qla2xxx: Fix kernel crash due to late workqueue allocation + - scsi: qla2xxx: Fix NULL pointer dereference for fcport search + - KVM/Eventfd: Avoid crash when assign and deassign specific eventfd in + parallel. + - KVM: irqfd: fix race between EPOLLHUP and irq_bypass_register_consumer + - [x86] KVM: VMX: Mark VMXArea with revision_id of physical CPU even when + eVMCS enabled + - [x86] kvm/vmx: don't read current->thread.{fs,gs}base of legacy tasks + - [x86] kvmclock: set pvti_cpu0_va after enabling kvmclock + - [x86] apm: Don't access __preempt_count with zeroed fs + - [x86] events/intel/ds: Fix bts_interrupt_threshold alignment + - [x86] MCE: Remove min interval polling limitation + - fat: fix memory allocation failure handling of match_strdup() + - ALSA: rawmidi: Change resized buffers atomically + - [x86] ALSA: hda/realtek - Add Panasonic CF-SZ6 headset jack quirk + - [x86] ALSA: hda/realtek - Yet another Clevo P950 quirk entry + - [x86] ALSA: hda: add mute led support for HP ProBook 455 G5 + - mm: memcg: fix use after free in mem_cgroup_iter() + - mm/huge_memory.c: fix data loss when splitting a file pmd + - [x86] cpufreq: intel_pstate: Register when ACPI PCCH is present + - [x86, arm64, powerpc*] vfio/pci: Fix potential Spectre v1 + - stop_machine: Disable preemption when waking two stopper threads + - [powerpc*] powerpc/powernv: Fix save/restore of SPRG3 on entry/exit from + stop (idle) + - drm/amdgpu: Reserve VM root shared fence slot for command submission (v3) + - [x86] drm/i915: Fix hotplug irq ack on i965/g4x + - Revert "drm/amd/display: Don't return ddc result and read_bytes in same + return value" + - [x86] drm/nouveau: Remove bogus crtc check in pmops_runtime_idle + - [x86] drm/nouveau: Use drm_connector_list_iter_* for iterating connectors + - [x86] drm/nouveau: Avoid looping through fake MST connectors + - gen_stats: Fix netlink stats dumping in the presence of padding + - ipv4: Return EINVAL when ping_group_range sysctl doesn't map to user ns + - ipv6: fix useless rol32 call on hash + - ipv6: ila: select CONFIG_DST_CACHE + - lib/rhashtable: consider param->min_size when setting initial table size + - net: diag: Don't double-free TCP_NEW_SYN_RECV sockets in tcp_abort + - net: Don't copy pfmemalloc flag in __copy_skb_header() + - skbuff: Unconditionally copy pfmemalloc in __skb_clone() + - net/ipv4: Set oif in fib_compute_spec_dst + - net/ipv6: Do not allow device only routes via the multipath API + - net: phy: fix flag masking in __set_phy_supported + - qmi_wwan: add support for Quectel EG91 + - rhashtable: add restart routine in rhashtable_free_and_destroy() + - sch_fq_codel: zero q->flows_cnt when fq_codel_init fails + - tg3: Add higher cpu clock for 5762. + - net: ip6_gre: get ipv6hdr after skb_cow_head() + - sctp: introduce sctp_dst_mtu + - sctp: fix the issue that pathmtu may be set lower than MINSEGMENT + - [x86] hv_netvsc: Fix napi reschedule while receive completion is busy + - net: aquantia: vlan unicast address list correct handling + - net/mlx4_en: Don't reuse RX page when XDP is set + - ipv6: make DAD fail with enhanced DAD when nonce length differs + - net: usb: asix: replace mii_nway_restart in resume path + - [alpha] fix osf_wait4() breakage + - drm_mode_create_lease_ioctl(): fix open-coded filp_clone_open() + - xhci: Fix perceived dead host due to runtime suspend race with event + handler + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.17.11 + - [x86] KVM: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR + - [x86] Revert "iommu/intel-iommu: Enable CONFIG_DMA_DIRECT_OPS=y and clean + up intel_{alloc,free}_coherent()" + - [mips*] Fix off-by-one in pci_resource_to_user() + - [arm64] clk: mvebu: armada-37xx-periph: Fix switching CPU rate from 300Mhz + to 1.2GHz + - [x86] xen/PVH: Set up GS segment for stack canary + - [x86] drm/nouveau: Fix runtime PM leak in nv50_disp_atomic_commit() + - [x86] drm/nouveau: Set DRIVER_ATOMIC cap earlier to fix debugfs + - [arm64] clk: meson-gxbb: set fclk_div2 as CLK_IS_CRITICAL + - bonding: set default miimon value for non-arp modes if not set + - ip: hash fragments consistently + - ip: in cmsg IP(V6)_ORIGDSTADDR call pskb_may_pull + - net: dsa: mv88e6xxx: fix races between lock and irq freeing + - net/mlx4_core: Save the qpn from the input modifier in RST2INIT wrapper + - net-next/hinic: fix a problem in hinic_xmit_frame() + - net: skb_segment() should not return NULL + - tcp: fix dctcp delayed ACK schedule + - tcp: helpers to send special DCTCP ack + - tcp: do not cancel delay-AcK on DCTCP special ACK + - tcp: do not delay ACK in DCTCP upon CE status change + - net/mlx5: E-Switch, UBSAN fix undefined behavior in mlx5_eswitch_mode + - r8169: restore previous behavior to accept BIOS WoL settings + - tls: check RCV_SHUTDOWN in tls_wait_data + - net/mlx5e: Add ingress/egress indication for offloaded TC flows + - net/mlx5e: Only allow offloading decap egress (egdev) flows + - net/mlx5e: Refine ets validation function + - nfp: flower: ensure dead neighbour entries are not offloaded + - sock: fix sg page frag coalescing in sk_alloc_sg + - net: phy: consider PHY_IGNORE_INTERRUPT in phy_start_aneg_priv + - multicast: do not restore deleted record source filter mode to new one + - net/ipv6: Fix linklocal to global address with VRF + - net/mlx5e: Don't allow aRFS for encapsulated packets + - net/mlx5e: Fix quota counting in aRFS expire flow + - net/mlx5: Adjust clock overflow work period + - rtnetlink: add rtnl_link_state check in rtnl_configure_link + - vxlan: add new fdb alloc and create helpers + - vxlan: make netlink notify in vxlan_fdb_destroy optional + - vxlan: fix default fdb entry netlink notify ordering during netdev create + - tcp: free batches of packets in tcp_prune_ofo_queue() + CVE-2018-5390 + - tcp: avoid collapses in tcp_prune_queue() if possible + - tcp: detect malicious patterns in tcp_collapse_ofo_queue() + - tcp: call tcp_drop() from tcp_data_queue_ofo() + - tcp: add tcp_ooo_try_coalesce() helper + - Revert "staging:r8188eu: Use lib80211 to support TKIP" + - staging: speakup: fix wraparound in uaccess length check + - usb: cdc_acm: Add quirk for Castles VEGA3000 + - usb: core: handle hub C_PORT_OVER_CURRENT condition + - [armhf, arm64] usb: dwc2: Fix DMA alignment to start at allocated boundary + - [armhf, arm64] usb: xhci: Fix memory leak in xhci_endpoint_reset() + - [x86, arm64] ACPICA: AML Parser: ignore dispatcher error status during + table load + - driver core: Partially revert "driver core: correct device's shutdown + order" + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.17.12 + - Input: elan_i2c - add ACPI ID for lenovo ideapad 330 + - Input: i8042 - add Lenovo LaVie Z to the i8042 reset list + - Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST + - mm: disallow mappings that conflict for devm_memremap_pages() + - kvm, mm: account shadow page tables to kmemcg + - delayacct: fix crash in delayacct_blkio_end() after delayacct init failure + - tracing: Fix double free of event_trigger_data + - tracing: Fix possible double free in event_enable_trigger_func() + - kthread, tracing: Don't expose half-written comm when creating kthreads + - tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure + - tracing: Quiet gcc warning about maybe unused link variable + - [arm64] fix vmemmap BUILD_BUG_ON() triggering on !vmemmap setups + - [x86] drm/i915/glk: Add Quirk for GLK NUC HDMI port issues. + - kcov: ensure irq code sees a valid area + - mm: check for SIGKILL inside dup_mmap() loop + - drm/amd/powerplay: Set higher SCLK&MCLK frequency than dpm7 in OD (v2) + - xen/netfront: raise max number of slots in xennet_get_responses() + - [x86] hv_netvsc: fix network namespace issues with VF support + - skip LAYOUTRETURN if layout is invalid + - ixgbe: Fix setting of TC configuration for macvlan case + - ALSA: emu10k1: add error handling for snd_ctl_add + - ALSA: fm801: add error handling for snd_ctl_add + - NFSv4.1: Fix the client behaviour on NFS4ERR_SEQ_FALSE_RETRY + - nfsd: fix error handling in nfs4_set_delegation() + - nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo + - vfio: platform: Fix reset module leak in error path + - vfio/mdev: Check globally for duplicate devices + - vfio/type1: Fix task tracking for QEMU vCPU hotplug + - kernel/hung_task.c: show all hung tasks before panic + - mem_cgroup: make sure moving_account, move_lock_task and stat_cpu in the + same cacheline + - mm: /proc/pid/pagemap: hide swap entries from unprivileged users + - mm: vmalloc: avoid racy handling of debugobjects in vunmap + - mm/slub.c: add __printf verification to slab_err() + - rtc: ensure rtc_set_alarm fails when alarms are not supported + - rxrpc: Fix terminal retransmission connection ID to include the channel + - [arm64] net: hns3: Fix for VF mailbox cannot receiving PF response + - perf tools: Fix pmu events parsing rule + - netfilter: ipset: forbid family for hash:mac sets + - netfilter: ipset: List timing out entries with "timeout 1" instead of zero + - printk: drop in_nmi check from printk_safe_flush_on_panic() + - [armhf] bpf: fix inconsistent naming about emit_a32_lsr_{r64,i64} + - ceph: fix alignment of rasize + - ceph: fix use-after-free in ceph_statfs() + - e1000e: Ignore TSYNCRXCTL when getting I219 clock attributes + - infiniband: fix a possible use-after-free bug (CVE-2018-14734) + - [powerpc*] lib: Adjust .balign inside string functions for PPC32 + - [powerpc*] 64s: Add barrier_nospec + - [powerpc*] eeh: Fix use-after-release of EEH driver + - [powerpc*] 64s: Fix compiler store ordering to SLB shadow area + - [arm64] net: hns3: Fix for phy not link up problem after resetting + - [arm64] net: hns3: Fix for service_task not running problem after + resetting + - RDMA/mad: Convert BUG_ONs to error flows + - lightnvm: fix partial read error path + - lightnvm: proper error handling for pblk_bio_add_pages + - lightnvm: pblk: warn in case of corrupted write buffer + - netfilter: nf_tables: check msg_type before nft_trans_set(trans) + - pnfs: Don't release the sequence slot until we've processed layoutget on + open + - NFS: Fix up nfs_post_op_update_inode() to force ctime updates + - disable loading f2fs module on PAGE_SIZE > 4KB + - f2fs: fix error path of move_data_page + - f2fs: don't drop dentry pages after fs shutdown + - f2fs: fix to don't trigger writeback during recovery + - f2fs: fix to wait page writeback during revoking atomic write + - f2fs: Fix deadlock in shutdown ioctl + - f2fs: fix missing clear FI_NO_PREALLOC in some error case + - f2fs: fix to detect failure of dquot_initialize + - f2fs: fix race in between GC and atomic open + - block, bfq: remove wrong lock in bfq_requests_merged + - usbip: usbip_detach: Fix memory, udev context and udev leak + - usbip: dynamically allocate idev by nports found in sysfs + - [x86] perf/x86/intel/uncore: Correct fixed counter index check in + generic code + - [x86] perf/x86/intel/uncore: Correct fixed counter index check for NHM + - PCI: Fix devm_pci_alloc_host_bridge() memory leak + - btrfs: balance dirty metadata pages in btrfs_finish_ordered_io + - iwlwifi: pcie: fix race in Rx buffer allocator + - iwlwifi: mvm: open BA session only when sta is authorized + - Bluetooth: hci_qca: Fix "Sleep inside atomic section" warning + - drm/amd/display: Do not program interrupt status on disabled crtc + - Bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011 + - ASoC: dpcm: fix BE dai not hw_free and shutdown + - mfd: cros_ec: Fail early if we cannot identify the EC + - mwifiex: handle race during mwifiex_usb_disconnect + - wlcore: sdio: check for valid platform device data before suspend + - [arm64] net: hns3: Fixes initalization of RoCE handle and makes it + conditional + - [arm64] net: hns3: Fixes the init of the VALID BD info in the descriptor + - media: tw686x: Fix incorrect vb2_mem_ops GFP flags + - media: cec-pin-error-inj: avoid a false-positive Spectre detection + - media: videobuf2-core: don't call memop 'finish' when queueing + - Btrfs: don't return ino to ino cache if inode item removal fails + - Btrfs: don't BUG_ON() in btrfs_truncate_inode_items() + - btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups + - btrfs: qgroup: Finish rescan when hit the last leaf of extent tree + - [x86] microcode: Make the late update update_lock a raw lock for RT + - PM / wakeup: Make s2idle_lock a RAW_SPINLOCK + - PCI: Prevent sysfs disable of device while driver is attached + - [arm64] soc: qcom: qmi: fix a buffer sizing bug + - [arm64] soc: qcom: smem: fix qcom_smem_set_global_partition() + - [arm64] soc: qcom: smem: byte swap values properly + - nvme-rdma: stop admin queue before freeing it + - nvme-pci: Fix AER reset handling + - ath: Add regulatory mapping for : FCC3_ETSIC, ETSI8_WORLD, APL13_WORLD, + APL2_FCCA, Uganda, Tanzania, Serbia, Bermuda and Bahamas + - sched/cpufreq: Modify aggregate utilization to always include blocked FAIR + utilization + - [powerpc*] Add a missing include header + - [powerpc*] chrp/time: Make some functions static, add missing header + include + - [powerpc*] powermac: Add missing prototype for note_bootable_part() + - [powerpc*] powermac: Mark variable x as unused + - powerpc: Add __printf verification to prom_printf + - [x86] KVM: prevent integer overflows in KVM_MEMORY_ENCRYPT_REG_REGION + - [powerpc*] 8xx: fix invalid register expression in head_8xx.S + - [arm64] pinctrl: msm: fix gpio-hog related boot issues + - bpf: fix multi-function JITed dump obtained via syscall + - [powerpc*] bpf: pad function address loads with NOPs + - PCI: pciehp: Request control of native hotplug only if supported + - mwifiex: correct histogram data with appropriate index + - ima: based on policy verify firmware signatures (pre-allocated buffer) + - spi: Add missing pm_runtime_put_noidle() after failed get + - [arm64] net: hns3: Fix for CMDQ and Misc. interrupt init order problem + - [arm64] net: hns3: Fix the missing client list node initialization + - [arm64] net: hns3: Fix for hns3 module is loaded multiple times problem + - fscrypt: use unbound workqueue for decryption + - [armhf, arm64] net: mvpp2: Add missing VLAN tag detection + - scsi: ufs: ufshcd: fix possible unclocked register access + - scsi: ufs: fix exception event handling + - [s390x] scsi: zfcp: assert that the ERP lock is held when tracing a + recovery trigger + - drm/nouveau: remove fence wait code from deferred client work handler + - drm/nouveau/gem: lookup VMAs for buffers referenced by pushbuf ioctl + - drm/nouveau/fifo/gk104-: poll for runlist update completion + - Bluetooth: btusb: add ID for LiteOn 04ca:301a + - rtc: tps6586x: fix possible race condition + - rtc: vr41xx: fix possible race condition + - rtc: tps65910: fix possible race condition + - ALSA: emu10k1: Rate-limit error messages about page errors + - regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops + - md/raid1: add error handling of read error from FailFast device + - md: fix NULL dereference of mddev->pers in remove_and_add_spares() + - ixgbevf: fix MAC address changes through ixgbevf_set_mac() + - gpu: host1x: Acquire a reference to the IOVA cache + - media: smiapp: fix timeout checking in smiapp_read_nvm + - PCI/DPC: Clear interrupt status in interrupt handler top half + - clocksource: Move inline keyword to the beginning of function declarations + - net: ethernet: ti: cpsw-phy-sel: check bus_find_device() ret value + - ALSA: usb-audio: Apply rate limit to warning messages in URB complete + callback + - [arm64] net: hns3: Fix for fiber link up problem + - media: atomisp: ov2680: don't declare unused vars + - media: staging: atomisp: Comment out several unused sensor resolutions + - [arm64] cmpwait: Clear event register before arming exclusive monitor + - HID: hid-plantronics: Re-resend Update to map button for PTT products + - drm/amd/display: remove need of modeset flag for overlay planes (V2) + - drm/radeon: fix mode_valid's return type + - drm/amdgpu: Remove VRAM from shared bo domains. + - drm/amd/display: Fix dim display on DCE11 + - IB: Fix RDMA_RXE and INFINIBAND_RDMAVT dependencies for DMA_VIRT_OPS + - [powerpc*] embedded6xx/hlwd-pic: Prevent interrupts from being handled by + Starlet + - HID: i2c-hid: check if device is there before really probing + - rsi: Add null check for virtual interfaces in wowlan config + - nvmem: properly handle returned value nvmem_reg_read + - [armhf] ARM: dts: imx53: Fix LDB OF graph warning + - i40e: free the skb after clearing the bitlock + - tty: Fix data race in tty_insert_flip_string_fixed_flag + - dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA + - net: phy: phylink: Release link GPIO + - media: rcar_jpu: Add missing clk_disable_unprepare() on error in + jpu_open() + - libata: Fix command retry decision + - ACPI / LPSS: Only call pwm_add_table() for Bay Trail PWM if PMIC HRV is 2 + - media: media-device: fix ioctl function types + - media: saa7164: Fix driver name in debug output + - media: em28xx: Fix DualHD broken second tuner + - mtd: rawnand: fsl_ifc: fix FSL NAND driver to read all ONFI parameter + pages + - brcmfmac: Add support for bcm43364 wireless chipset + - [s390x] cpum_sf: Add data entry sizes to sampling trailer entry + - perf: fix invalid bit in diagnostic entry + - net: phy: sfp: handle cases where neither BR, min nor BR, max is given + - bnxt_en: Check unsupported speeds in bnxt_update_link() on PF only. + - bnxt_en: Always forward VF MAC address to the PF. + - mm, powerpc, x86: define VM_PKEY_BITx bits if CONFIG_ARCH_HAS_PKEYS is + enabled + - staging: most: cdev: fix chrdev_region leak + - scsi: 3w-9xxx: fix a missing-check bug + - scsi: 3w-xxxx: fix a missing-check bug + - scsi: megaraid: silence a static checker bug + - scsi: hisi_sas: config ATA de-reset as an constrained command for v3 hw + - soc/tegra: pmc: Don't allocate struct tegra_powergate on stack + - scsi: qedf: Set the UNLOADING flag when removing a vport + - dma-direct: try reallocation with GFP_DMA32 if possible + - staging: lustre: o2iblnd: fix race at kiblnd_connect_peer + - staging: lustre: o2iblnd: Fix FastReg map/unmap for MLX5 + - thermal: exynos: fix setting rising_threshold for Exynos5433 + - regulator: add dummy function of_find_regulator_by_node + - bpf: fix references to free_bpf_prog_info() in comments + - f2fs: avoid fsync() failure caused by EAGAIN in writepage() + - media: em28xx: fix a regression with HVR-950 + - media: siano: get rid of __le32/__le16 cast warnings + - mt76x2: fix avg_rssi estimation + - drm/atomic: Handling the case when setting old crtc for plane + - mmc: sdhci-omap: Fix when capabilities are obtained from + SDHCI_CAPABILITIES reg + - f2fs: check cap_resource only for data blocks + - mlxsw: spectrum_router: Return an error for non-default FIB rules + - ALSA: hda/ca0132: fix build failure when a local macro is defined + - mmc: dw_mmc: update actual clock for mmc debugfs + - mmc: pwrseq: Use kmalloc_array instead of stack VLA + - [arm64] dt-bindings: pinctrl: meson: add support for the Meson8m2 SoC + - [armhf] spi: meson-spicc: Fix error handling in meson_spicc_probe() + - [arm64] net: hns3: Fixes the out of bounds access in hclge_map_tqp + - dt-bindings: net: meson-dwmac: new compatible name for AXG SoC + - i40e: Add advertising 10G LR mode + - i40e: avoid overflow in i40e_ptp_adjfreq() + - mt76: add rcu locking around tx scheduling + - backlight: pwm_bl: Don't use GPIOF_* with gpiod_get_direction + - stop_machine: Use raw spinlocks + - delayacct: Use raw_spinlocks + - ath10k: fix kernel panic while reading tpc_stats + - memory: tegra: Do not handle spurious interrupts + - memory: tegra: Apply interrupts mask per SoC + - nvme: lightnvm: add granby support + - ASoC: fsl_ssi: Use u32 variable type when using regmap_read() + - ASoC: compress: Only call free for components which have been opened + - igb: Fix queue selection on MAC filters on i210 + - qtnfmac: pearl: pcie: fix memory leak in qtnf_fw_work_handler + - drm/gma500: fix psb_intel_lvds_mode_valid()'s return type + - ipconfig: Correctly initialise ic_nameservers + - rsi: Fix 'invalid vdd' warning in mmc + - rsi: fix nommu_map_sg overflow kernel panic + - audit: allow not equal op for audit by executable + - [armhf, arm64] drm/rockchip: analogix_dp: Do not call Analogix code before + bind + - [x86] platform/x86: dell-smbios: Match on www.dell.com in OEM strings too + - staging: vchiq_core: Fix missing semaphore release in error case + - staging: lustre: llite: correct removexattr detection + - staging: lustre: ldlm: free resource when ldlm_lock_create() fails. + - staging: ks7010: fix error handling in ks7010_upload_firmware + - serial: core: Make sure compiler barfs for 16-byte earlycon names + - soc: imx: gpcv2: Do not pass static memory as platform data + - microblaze: Fix simpleImage format generation + - usb: hub: Don't wait for connect state at resume for powered-off ports + - crypto: authencesn - don't leak pointers to authenc keys + - crypto: authenc - don't leak pointers to authenc keys + - y2038: ipc: Use ktime_get_real_seconds consistently + - media: rc: mce_kbd decoder: low timeout values cause double keydowns + - media: omap3isp: fix unbalanced dma_iommu_mapping + - regulator: Don't return or expect -errno from of_map_mode() + - ath10k: search all IEs for variant before falling back + - drm/stm: ltdc: fix warning in ltdc_crtc_update_clut() + - scsi: scsi_dh: replace too broad "TP9" string with the exact models + - scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs + - scsi: cxlflash: Synchronize reset and remove ops + - scsi: cxlflash: Avoid clobbering context control register value + - PCI/ASPM: Disable ASPM L1.2 Substate if we don't have LTR + - media: atomisp: compat32: fix __user annotations + - media: cec: fix smatch error + - media: si470x: fix __be16 annotations + - net: socionext: reset hardware in ndo_stop + - ASoC: topology: Fix bclk and fsync inversion in set_link_hw_format() + - ASoC: topology: Add missing clock gating parameter when parsing hw_configs + - [armhf] ARM: dts: imx6qdl-wandboard: Let the codec control MCLK pinctrl + - drm: Add DP PSR2 sink enable bit + - drm/atomic-helper: Drop plane->fb references only for + drm_atomic_helper_shutdown() + - drm/dp/mst: Fix off-by-one typo when dump payload table + - drm/amdgpu: Avoid reclaim while holding locks taken in MMU notifier + - block: bio_iov_iter_get_pages: fix size of last iovec + - blkdev: __blkdev_direct_IO_simple: fix leak in error case + - block: reset bi_iter.bi_done after splitting bio + - nvmet-fc: fix target sgl list on large transfers + - i2c: rcar: handle RXDMA HW behaviour on Gen3 + - random: mix rdrand with entropy sent in from userspace + - squashfs: be more careful about metadata corruption + - ext4: fix false negatives *and* false positives in + ext4_check_descriptors() + - ext4: fix inline data updates with checksums enabled + - ext4: check for allocation block validity with block group locked + - ext4: fix check to prevent initializing reserved inodes + - gpio: of: Handle fixed regulator flags properly + - gpio: uniphier: set legitimate irq trigger type in .to_irq hook + - RDMA/uverbs: Protect from attempts to create flows on unsupported QP + - net: dsa: qca8k: Force CPU port to its highest bandwidth + - net: dsa: qca8k: Enable RXMAC when bringing up a port + - net: dsa: qca8k: Add QCA8334 binding documentation + - net: dsa: qca8k: Allow overwriting CPU port setting + - ipv4: remove BUG_ON() from fib_compute_spec_dst + - netdevsim: don't leak devlink resources + - net: ena: Fix use of uninitialized DMA address bits field + - net: fix amd-xgbe flow-control issue + - net: lan78xx: fix rx handling before first packet is send + - net: mdio-mux: bcm-iproc: fix wrong getter and setter pair + - NET: stmmac: align DMA stuff to largest cache line length + - RDS: RDMA: Fix the NULL-ptr deref in rds_ib_get_mr + - tcp_bbr: fix bw probing to raise in-flight data for very small BDPs + - virtio_net: Fix incosistent received bytes counter + - xen-netfront: wait xenbus state change when load module manually + - cxgb4: Added missing break in ndo_udp_tunnel_{add/del} + - net: rollback orig value on failure of dev_qdisc_change_tx_queue_len + - netlink: Do not subscribe to non-existent groups + - netlink: Don't shift with UB on nlk->ngroups + - tcp: do not force quickack when receiving out-of-order packets + - tcp: add max_quickacks param to tcp_incr_quickack and + tcp_enter_quickack_mode + - tcp: do not aggressively quick ack after ECN events + - tcp: refactor tcp_ecn_check_ce to remove sk type cast + - tcp: add one more quick ack after after ECN events + - tcp: ack immediately when a cwr packet arrives + - ACPI / LPSS: Avoid PM quirks on suspend and resume from hibernation + - [x86, arm64] ACPICA: AML Parser: ignore control method status in + module-level code + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.17.13 + - bonding: avoid lockdep confusion in bond_get_stats() + - inet: frag: enforce memory limits earlier + - ipv4: frags: handle possible skb truesize change + - net: dsa: Do not suspend/resume closed slave_dev + - netlink: Fix spectre v1 gadget in netlink_create() + - [armhf, arm64] net: stmmac: Fix WoL for PCI-based setups + - rxrpc: Fix user call ID check in rxrpc_service_prealloc_one + - net/mlx5e: E-Switch, Initialize eswitch only if eswitch manager + - net/mlx5e: Set port trust mode to PCP as default + - net/mlx5e: IPoIB, Set the netdevice sw mtu in ipoib enhanced flow + - squashfs: more metadata hardening + - can: ems_usb: Fix memory leak on ems_usb_disconnect() + - net: socket: fix potential spectre v1 gadget in socketcall + - net: socket: Fix potential spectre v1 gadget in sock_is_registered + - virtio_balloon: fix another race between migration and ballooning + - [x86] efi: Access EFI MMIO data as unencrypted when SEV is active + - [x86] apic: Future-proof the TSC_DEADLINE quirk for SKX + - [x86] entry/64: Remove %ebx handling from error_entry/exit + - [86] kvm: x86: vmx: fix vpid leak + - audit: fix potential null dereference 'context->module.name' + - ipc/shm.c add ->pagesize function to shm_vm_ops + - userfaultfd: remove uffd flags from vma->vm_flags if UFFD_EVENT_FORK fails + - iwlwifi: add more card IDs for 9000 series + - brcmfmac: fix regression in parsing NVRAM for multiple devices + - RDMA/uverbs: Expand primary and alt AV port checks + - [x86] crypto: padlock-aes - Fix Nano workaround data corruption + - [armhf, arm64] drm/vc4: Reset ->{x, y}_scaling[1] when dealing with + uniplanar formats + - drm/atomic: Check old_plane_state->crtc in drm_atomic_helper_async_check() + - drm/atomic: Initialize variables in drm_atomic_helper_async_check() to + make gcc happy + - scsi: sg: fix minor memory leak in error path + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.17.14 + - scsi: qla2xxx: Fix unintialized List head crash + - scsi: qla2xxx: Fix NPIV deletion by calling wait_for_sess_deletion + - scsi: qla2xxx: Fix driver unload by shutting down chip + - scsi: qla2xxx: Fix ISP recovery on unload + - scsi: qla2xxx: Return error when TMF returns + - jfs: Fix usercopy whitelist for inline inode data + - genirq: Make force irq threading setup more robust + - [x86] perf/x86/intel/uncore: Fix hardcoded index of Broadwell extra PCI + devices + - nohz: Fix local_timer_softirq_pending() + - nohz: Fix missing tick reprogram when interrupting an inline softirq + - netlink: Don't shift on 64 for ngroups + - ring_buffer: tracing: Inherit the tracing setting to next ring buffer + - i2c: imx: Fix reinit_completion() use + - Btrfs: fix file data corruption after cloning a range and fsync + - Partially revert "block: fail op_is_write() requests to read-only + partitions" (Closes: #900442) + - xfs: don't call xfs_da_shrink_inode with NULL bp + - xfs: validate cached inodes are free when allocated + - jfs: Fix inconsistency between memory allocation and ea_buf->max_size + + [ Ben Hutchings ] + * [armhf] gpu: host1x: Drop my build fix in favour of upstream fix: + - Revert "Revert "gpu: host1x: Add IOMMU support"" + - gpu: host1x: Fix compiler errors by converting to dma_addr_t + * [ia64] sched: Disable SCHED_STACK_END_CHECK (Closes: #905461) + * mtd: powernv_flash: set of_node in mtd's dev (Closes: #904380) + * block: really disable runtime-pm for blk-mq (Closes: #904441) + + [ Bastian Blank ] + * Bump ABI to 2 + + -- Bastian Blank <waldi@debian.org> Mon, 13 Aug 2018 15:33:58 +0200 + +linux (4.17.8-1) unstable; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.17.7 + - bpf: reject passing modified ctx to helper functions + - [mips*] Call dump_stack() from show_regs() + - [mips*] Use async IPIs for arch_trigger_cpumask_backtrace() + - [mips*] Fix ioremap() RAM check + - [armhf] drm/etnaviv: Check for platform_device_register_simple() failure + - [armhf] drm/etnaviv: Fix driver unregistering + - [armhf] drm/etnaviv: bring back progress check in job timeout handler + - ACPICA: Clear status of all events when entering S5 + - [armhf] mmc: sdhci-esdhc-imx: allow 1.8V modes without 100/200MHz + pinctrl states + - [armhf] mmc: dw_mmc: fix card threshold control configuration + - [x86] ibmasm: don't write out of bounds in read handler + - [arm64,x86] staging: rtl8723bs: Prevent an underflow in + rtw_check_beacon_data(). + - ata: Fix ZBC_OUT command block check + - ata: Fix ZBC_OUT all bit handling + - [x86] mei: discard messages from not connected client during power down. + - mtd: spi-nor: cadence-quadspi: Fix direct mode write timeouts + - tracing/kprobe: Release kprobe print_fmt properly + - vmw_balloon: fix inflation with batching + - ahci: Add Intel Ice Lake LP PCI ID + - ahci: Disable LPM on Lenovo 50 series laptops with a too old BIOS + - [x86] thunderbolt: Notify userspace when boot_acl is changed + - USB: serial: ch341: fix type promotion bug in ch341_control_in() + - USB: serial: cp210x: add another USB ID for Qivicon ZigBee stick + - USB: serial: keyspan_pda: fix modem-status error handling + - USB: yurex: fix out-of-bounds uaccess in read handler + - USB: serial: mos7840: fix status-register error handling + - usb: quirks: add delay quirks for Corsair Strafe + - xhci: xhci-mem: off by one in xhci_stream_id_to_ring() + - mm: zero unavailable pages before memmap init + - ALSA: hda/realtek - two more lenovo models need fixup of + MIC_LOCATION + - ALSA: hda - Handle pm failure during hotplug + - mm: do not drop unused pages when userfaultd is running + - fs/proc/task_mmu.c: fix Locked field in /proc/pid/smaps* + - x86/purgatory: add missing FORCE to Makefile target + - fs, elf: make sure to page align bss in load_elf_library + - mm: do not bug_on on incorrect length in __mm_populate() + - tracing: Reorder display of TGID to be after PID + - kbuild: delete INSTALL_FW_PATH from kbuild documentation + - acpi, nfit: Fix scrub idle detection + - [arm64] neon: Fix function may_use_simd() return error status + - tools build: fix # escaping in .cmd files for future Make + - IB/hfi1: Fix incorrect mixing of ERR_PTR and NULL return values + - [arm64,armhf] i2c: tegra: Fix NACK error handling + - i2c: recovery: if possible send STOP with recovery pulses + - iw_cxgb4: correctly enforce the max reg_mr depth + - [x86] xen: remove global bit from __default_kernel_pte_mask for pv + guests + - [x86] xen: setup pv irq ops vector earlier + - bsg: fix bogus EINVAL on non-data commands + - [x86] uprobes/x86: Remove incorrect WARN_ON() in uprobe_init_insn() + - netfilter: nf_queue: augment nfqa_cfg_policy + - crypto: don't optimize keccakf() + - netfilter: x_tables: initialise match/target check parameter + struct + - loop: add recursion validation to LOOP_CHANGE_FD + - xfs: fix inobt magic number check + - PM / hibernate: Fix oops at snapshot_write() + - RDMA/ucm: Mark UCM interface as BROKEN + - loop: remember whether sysfs_create_group() was done + - [x86] kvm: vmx: Nested VM-entry prereqs for event inj. + - f2fs: give message and set need_fsck given broken node id + - f2fs: avoid bug_on on corrupted inode + - f2fs: sanity check on sit entry + - f2fs: sanity check for total valid node blocks + - [armhf] dts: armada-38x: use the new thermal binding + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.17.8 + - mm: don't do zero_resv_unavail if memmap is not allocated + + [ Ben Hutchings ] + * ext4: fix false negatives *and* false positives in ext4_check_descriptors() + (Closes: #903838) + * Fix remaining build failures with gcc 8 (Closes: #897802): + - tools/lib/api/fs/fs.c: Fix misuse of strncpy() + - usbip: Fix misuse of strncpy() + + [ Salvatore Bonaccorso ] + * Ignore ABI changes for acpi_nfit_desc_init and acpi_nfit_init + * Ignore ABI changes for loop_register_transfer + + -- Salvatore Bonaccorso <carnil@debian.org> Fri, 20 Jul 2018 23:08:27 +0200 + +linux (4.17.6-2) unstable; urgency=medium + + [ Ben Hutchings ] + * [armhf] drm/sun4i: Ignore ABI changes (fixes FTBFS) + * debian/control: Fix arch/profile qualifications for libelf-dev + build-dependency + * debian/rules.real: Pass KERNEL_ARCH variable down to debian/rules.d + * debian/rules.d/tools/perf/Makefile: Use KERNEL_ARCH variable + * linux-kbuild: Fix the assumed host architecture for cross-built objtool + * [ppc64] linux-bootwrapper: Work around compiler include path quirk + (fixes FTBFS) + * Fix file conflicts between debug packages where a vDSO is identical + (Closes: #872263): + - kbuild: Add build salt to the kernel and modules + - [arm64,powerpc,x86] Add build salt to the vDSO + - Set BUILD_SALT equal to the release string + * init: Avoid ABI change for build salt + + [ Vagrant Cascadian ] + * [riscv64] Build linux-libc-dev (Closes: #886440). + Thanks to Manuel A. Fernandez Montecelo. + + -- Ben Hutchings <ben@decadent.org.uk> Sun, 15 Jul 2018 23:45:56 +0100 + +linux (4.17.6-1) unstable; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.17.4 + - [x86] spectre_v1: Disable compiler optimizations over + array_index_mask_nospec() + - [x86] xen: Add call of speculative_store_bypass_ht_init() to PV paths + - [x86] UV: Add adjustable set memory block size function + - [x86] UV: Use new set memory block size function + - [x86] UV: Add kernel parameter to set memory block size + - [x86] mce: Improve error message when kernel cannot recover + - [x86] mce: Check for alternate indication of machine check recovery on + Skylake + - [x86] mce: Fix incorrect "Machine check from unknown source" message + - [x86] mce: Do not overwrite MCi_STATUS in mce_no_way_out() + - [x86] Call fixup_exception() before notify_die() in math_error() + - [m68k] mm: Adjust VM area to be unmapped by gap size for __iounmap() + - [m68k] mac: Fix SWIM memory resource end address + - hwmon: (k10temp) Add support for Stoney Ridge and Bristol Ridge CPUs + - mtd: spi-nor: intel-spi: Fix atomic sequence handling + - serial: sh-sci: Use spin_{try}lock_irqsave instead of open coding version + - signal/xtensa: Consistenly use SIGBUS in do_unaligned_user + - PM / Domains: Fix error path during attach in genpd + - PCI / PM: Do not clear state_saved for devices that remain suspended + - ACPI / LPSS: Avoid PM quirks on suspend and resume from S3 + - PM / core: Fix supplier device runtime PM usage counter imbalance + - PM / OPP: Update voltage in case freq == old_freq + - mmc: renesas_sdhi: really fix WP logic regressions + - usb: do not reset if a low-speed or full-speed device timed out + - 1wire: family module autoload fails because of upper/lower case mismatch. + - ASoC: dapm: delete dapm_kcontrol_data paths list before freeing it + - ASoC: cs35l35: Add use_single_rw to regmap config + - ASoC: mediatek: preallocate pages use platform device + - ASoC: cirrus: i2s: Fix LRCLK configuration + - ASoC: cirrus: i2s: Fix {TX|RX}LinCtrlData setup + - thermal: bcm2835: Stop using printk format %pCr + - lib/vsprintf: Remove atomic-unsafe support for %pCr + - ftrace/selftest: Have the reset_trigger code be a bit more careful + - mips: ftrace: fix static function graph tracing + - branch-check: fix long->int truncation when profiling branches + - ipmi:bt: Set the timeout before doing a capabilities check + - Bluetooth: hci_qca: Avoid missing rampatch failure with userspace fw + loader + - printk: fix possible reuse of va_list variable + - fuse: fix congested state leak on aborted connections + - fuse: atomic_o_trunc should truncate pagecache + - fuse: don't keep dead fuse_conn at fuse_fill_super(). + - fuse: fix control dir setup and teardown + - [powerpc*] mm/hash: Add missing isync prior to kernel stack SLB switch + - [powerpc*] pkeys: Detach execute_only key on !PROT_EXEC + - [powerpc*] ptrace: Fix setting 512B aligned breakpoints with + PTRACE_SET_DEBUGREG + - [powerpc*] perf: Fix memory allocation for core-imc based on + num_possible_cpus() + - [powerpc*] ptrace: Fix enforcement of DAWR constraints + - [powerpc*] powernv/ioda2: Remove redundant free of TCE pages + - [powerpc*] powernv: copy/paste - Mask SO bit in CR + - [powerpc*] powernv/cpuidle: Init all present cpus for deep states + - [powerpc*] cpuidle: powernv: Fix promotion from snooze if next state + disabled + - [powerpc*] fadump: Unregister fadump on kexec down path. + - libnvdimm, pmem: Do not flush power-fail protected CPU caches + - [armhf, arm64] soc: rockchip: power-domain: Fix wrong value when power + up pd with writemask + - [powerpc*] 64s/radix: Fix radix_kvm_prefetch_workaround paca access of not + possible CPU + - [powerpc] e500mc: Set assembler machine type to e500mc + - [powerpc*] 64s: Fix DT CPU features Power9 DD2.1 logic + - cxl: Configure PSL to not use APC virtual machines + - cxl: Disable prefault_mode in Radix mode + - [armhf] 8764/1: kgdb: fix NUMREGBYTES so that gdb_regs[] is the correct size + - [armhf] dts: Fix SPI node for Arria10 + - [armhf] dts: socfpga: Fix NAND controller node compatible + - [armhf] dts: socfpga: Fix NAND controller clock supply + - [armhf] dts: socfpga: Fix NAND controller node compatible for Arria10 + - hwrng: core - Always drop the RNG in hwrng_unregister() + - softirq: Reorder trace_softirqs_on to prevent lockdep splat + - [arm64] Fix syscall restarting around signal suppressed by tracer + - [arm64] crypto: arm64/aes-blk - fix and move skcipher_walk_done out of + kernel_neon_begin, _end + - [arm64] kpti: Use early_param for kpti= command-line option + - [arm64] mm: Ensure writes to swapper are ordered wrt subsequent cache + maintenance + - [arm64] dts: marvell: fix CP110 ICU node size + - [arm64] dts: meson: disable sd-uhs modes on the libretech-cc + - [arm64] dts: meson-gx: fix ATF reserved memory region + - of: overlay: validate offset from property fixups + - of: unittest: for strings, account for trailing \0 in property length + field + - of: platform: stop accessing invalid dev in of_platform_device_destroy + - tpm: fix use after free in tpm2_load_context() + - tpm: fix race condition in tpm_common_write() + - efi/libstub/tpm: Initialize efi_physical_addr_t vars to zero for mixed + mode + - IB/qib: Fix DMA api warning with debug kernel + - IB/{hfi1, qib}: Add handling of kernel restart + - IB/mlx4: Mark user MR as writable if actual virtual memory is writable + - IB/core: Make testing MR flags for writability a static inline function + - IB/mlx5: Fetch soft WQE's on fatal error state + - IB/isert: Fix for lib/dma_debug check_sync warning + - IB/isert: fix T10-pi check mask setting + - IB/hfi1: Fix fault injection init/exit issues + - IB/hfi1: Reorder incorrect send context disable + - IB/hfi1: Optimize kthread pointer locking when queuing CQ entries + - IB/hfi1: Fix user context tail allocation for DMA_RTAIL + - IB/uverbs: Fix ordering of ucontext check in ib_uverbs_write + - RDMA/mlx4: Discard unknown SQP work requests + - xprtrdma: Return -ENOBUFS when no pages are available + - RDMA/core: Save kernel caller name when creating CQ using ib_create_cq() + - mtd: rawnand: Do not check FAIL bit when executing a SET_FEATURES op + - mtd: cfi_cmdset_0002: Change write buffer to check correct value + - mtd: rawnand: denali_dt: set clk_x_rate to 200 MHz unconditionally + - mtd: rawnand: fix return value check for bad block status + - mtd: rawnand: mxc: set spare area size register explicitly + - mtd: rawnand: micron: add ONFI_FEATURE_ON_DIE_ECC to supported features + - mtd: rawnand: All AC chips have a broken GET_FEATURES(TIMINGS). + - mtd: cfi_cmdset_0002: Use right chip in do_ppb_xxlock() + - mtd: cfi_cmdset_0002: fix SEGV unlocking multiple chips + - mtd: cfi_cmdset_0002: Fix unlocking requests crossing a chip boudary + - mtd: cfi_cmdset_0002: Avoid walking all chips when unlocking. + - clk:aspeed: Fix reset bits for PCI/VGA and PECI + - [x86] PCI: hv: Make sure the bus domain is really unique + - PCI: Add ACS quirk for Intel 7th & 8th Gen mobile + - PCI: Add ACS quirk for Intel 300 series + - PCI: pciehp: Clear Presence Detect and Data Link Layer Status Changed on + resume + - PCI: Account for all bridges on bus when distributing bus numbers + - auxdisplay: fix broken menu + - pinctrl: armada-37xx: Fix spurious irq management + - pinctrl: samsung: Correct EINTG banks order + - pinctrl: devicetree: Fix pctldev pointer overwrite + - cpufreq: intel_pstate: Fix scaling max/min limits with Turbo 3.0 + - [mips*] pb44: Fix i2c-gpio GPIO descriptor table + - [mips*] io: Add barrier after register read in inX() + - time: Make sure jiffies_to_msecs() preserves non-zero time periods + - irqchip/gic-v3-its: Don't bind LPI to unavailable NUMA node + - locking/rwsem: Fix up_read_non_owner() warning with DEBUG_RWSEMS + - X.509: unpack RSA signatureValue field from BIT STRING + - Btrfs: fix return value on rename exchange failure + - iio: adc: ad7791: remove sample freq sysfs attributes + - iio: sca3000: Fix an error handling path in 'sca3000_probe()' + - mm: fix __gup_device_huge vs unmap + - scsi: scsi_debug: Fix memory leak on module unload + - scsi: hpsa: disable device during shutdown + - scsi: qla2xxx: Delete session for nport id change + - scsi: qla2xxx: Fix setting lower transfer speed if GPSC fails + - scsi: qla2xxx: Mask off Scope bits in retry delay + - scsi: qla2xxx: Spinlock recursion in qla_target + - scsi: zfcp: fix missing SCSI trace for result of eh_host_reset_handler + - scsi: zfcp: fix missing SCSI trace for retry of abort / scsi_eh TMF + - scsi: zfcp: fix misleading REC trigger trace where erp_action setup + failed + - scsi: zfcp: fix missing REC trigger trace on terminate_rport_io early + return + - scsi: zfcp: fix missing REC trigger trace on terminate_rport_io for + ERP_FAILED + - scsi: zfcp: fix missing REC trigger trace for all objects in ERP_FAILED + - scsi: zfcp: fix missing REC trigger trace on enqueue without ERP thread + - linvdimm, pmem: Preserve read-only setting for pmem devices + - libnvdimm, pmem: Unconditionally deep flush on *sync + - [armhf] clk: meson: meson8b: mark fclk_div2 gate clocks as CLK_IS_CRITICAL + - [armhf] rtc: sun6i: Fix bit_idx value for clk_register_gate + - md: fix two problems with setting the "re-add" device state. + - rpmsg: smd: do not use mananged resources for endpoints and channels + - ubi: fastmap: Cancel work upon detach + - ubi: fastmap: Correctly handle interrupted erasures in EBA + - UBIFS: Fix potential integer overflow in allocation + - backlight: as3711_bl: Fix Device Tree node lookup + - backlight: max8925_bl: Fix Device Tree node lookup + - backlight: tps65217_bl: Fix Device Tree node lookup + - Revert "iommu/amd_iommu: Use CONFIG_DMA_DIRECT_OPS=y and + dma_direct_{alloc,free}()" + - f2fs: don't use GFP_ZERO for page caches + - um: Fix initialization of vector queues + - um: Fix raw interface options + - mfd: twl-core: Fix clock initialization + - mfd: intel-lpss: Program REMAP register in PIO mode + - mfd: intel-lpss: Fix Intel Cannon Lake LPSS I2C input clock + - perf tools: Fix symbol and object code resolution for vdso32 and vdsox32 + - [x86] perf intel-pt: Fix sync_switch INTEL_PT_SS_NOT_TRACING + - [x86] perf intel-pt: Fix decoding to accept CBR between FUP and + corresponding TIP + - [x86] perf intel-pt: Fix MTC timing after overflow + - [x86] perf intel-pt: Fix "Unexpected indirect branch" error + - [x86] perf intel-pt: Fix packet decoding of CYC packets + - media: vsp1: Release buffers for each video node + - media: uvcvideo: Support realtek's UVC 1.5 device + - media: cx231xx: Ignore an i2c mux adapter + - media: v4l2-compat-ioctl32: prevent go past max size + - media: cx231xx: Add support for AverMedia DVD EZMaker 7 + - media: rc: mce_kbd decoder: fix stuck keys + - media: dvb_frontend: fix locking issues at dvb_frontend_get_event() + - nfsd: restrict rd_maxcount to svc_max_payload in nfsd_encode_readdir + - NFSv4: Fix possible 1-byte stack overflow in + nfs_idmap_read_and_verify_message + - NFSv4: Revert commit 5f83d86cf531d ("NFSv4.x: Fix wraparound issues..") + - NFSv4: Fix a typo in nfs41_sequence_process + - video: uvesafb: Fix integer overflow in allocation (CVE-2018-13406) + - ACPI / LPSS: Add missing prv_offset setting for byt/cht PWM devices + - Input: silead - add MSSL0002 ACPI HID + - Input: elan_i2c - add ELAN0618 (Lenovo v330 15IKB) ACPI ID + - pwm: lpss: platform: Save/restore the ctrl register over a suspend/resume + - rbd: flush rbd_dev->watch_dwork after watch is unregistered + - mm/ksm.c: ignore STABLE_FLAG of rmap_item->address in rmap_walk_ksm() + - mm: fix devmem_is_allowed() for sub-page System RAM intersections + - xen: Remove unnecessary BUG_ON from __unbind_from_irq() + - net: ethernet: fix suspend/resume in davinci_emac + - udf: Detect incorrect directory size + - Input: xpad - fix GPD Win 2 controller name + - Input: psmouse - fix button reporting for basic protocols + - Input: elan_i2c_smbus - fix more potential stack buffer overflows + - Input: elantech - enable middle button of touchpads on ThinkPad P52 + - Input: elantech - fix V4 report decoding for module with middle key + - ALSA: timer: Fix UBSAN warning at SNDRV_TIMER_IOCTL_NEXT_DEVICE ioctl + - ALSA: hda - Force to link down at runtime suspend on ATI/AMD HDMI + - ALSA: hda/realtek - Fix pop noise on Lenovo P50 & co + - ALSA: hda/realtek - Add a quirk for FSC ESPRIMO U9210 + - ALSA: hda/realtek - Fix the problem of two front mics on more machines + - Revert "i2c: algo-bit: init the bus to a known state" + - i2c: gpio: initialize SCL to HIGH again + - slub: fix failure when we delete and create a slab cache + - kasan: depend on CONFIG_SLUB_DEBUG + - dm: use bio_split() when splitting out the already processed bio + - pmem: only set QUEUE_FLAG_DAX for fsdax mode + - block: Fix transfer when chunk sectors exceeds max + - block: Fix cloning of requests with a special payload + - [x86] e820: put !E820_TYPE_RAM regions into memblock.reserved + - selinux: move user accesses in selinuxfs out of locked regions + - [x86] entry/64/compat: Fix "x86/entry/64/compat: Preserve r8-r11 in int + $0x80" + - [x86] efi: Fix efi_call_phys_epilog() with CONFIG_X86_5LEVEL=y + - dm zoned: avoid triggering reclaim from inside dmz_map() + - dm thin: handle running out of data space vs concurrent discard + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.17.5 + - [armhf,arm64] usb: dwc2: fix the incorrect bitmaps for the ports of + multi_tt hub + - usb: typec: tcpm: fix logbuffer index is wrong if _tcpm_log is re-entered + - acpi: Add helper for deactivating memory region + - usb: typec: ucsi: acpi: Workaround for cache mode issue + - usb: typec: ucsi: Fix for incorrect status data issue + - xhci: Fix kernel oops in trace_xhci_free_virt_device + - n_tty: Fix stall at n_tty_receive_char_special(). + - n_tty: Access echo_* variables carefully. + - [armhf] iio: mma8452: Fix ignoring MMA8452_INT_DRDY + - serial: 8250_pci: Remove stalled entries in blacklist + - serdev: fix memleak on module unload + - vt: prevent leaking uninitialized data to userspace via /dev/vcs* + - drm/amdgpu: Add APU support in vi_set_uvd_clocks + - drm/amdgpu: Add APU support in vi_set_vce_clocks + - drm/amdgpu: fix the missed vcn fw version report + - drm/amdgpu: Grab/put runtime PM references in atomic_commit_tail() + - drm/amdgpu: fix clear_all and replace handling in the VM (v2) + - drm/amd/display: Clear connector's edid pointer + - [x86] drm/i915/dp: Send DPCD ON for MST before phy_up + - drm/qxl: Call qxl_bo_unref outside atomic context + - [armhf] Revert "drm/sun4i: Handle DRM_BUS_FLAG_PIXDATA_*EDGE" + - drm/amdgpu: Don't default to DC support for Kaveri and older + - drm/amdgpu: Use kvmalloc_array for allocating VRAM manager nodes array + - drm/amdgpu: Refactor amdgpu_vram_mgr_bo_invisible_size helper + - drm/amdgpu: Make amdgpu_vram_mgr_bo_invisible_size always accurate + - drm/amdgpu: Update pin_size values before unpinning BO + - drm/amdgpu: GPU vs CPU page size fixes in amdgpu_vm_bo_split_mapping + - drm/amdgpu: Count disabled CRTCs in commit tail earlier + - drm/amd/display: release spinlock before committing updates to stream + - [x86] drm/i915: Allow DBLSCAN user modes with eDP/LVDS/DSI + - [x86] drm/i915: Fix PIPESTAT irq ack on i965/g4x + - [x86] drm/i915: Disallow interlaced modes on g4x DP outputs + - [x86] drm/i915: Turn off g4x DP port in .post_disable() + - [x86] drm/i915: Enable provoking vertex fix on Gen9 systems. + - netfilter: ip6t_rpfilter: provide input interface for route lookup + - netfilter: xt_connmark: fix list corruption on rmmod + - netfilter: nf_tables: use WARN_ON_ONCE instead of BUG_ON in + nft_do_chain() + - [arm64] dts: meson-gxl-s905x-p212: Add phy-supply for usb0 + - [x86] mm: Don't free P4D table when it is folded at runtime + - [armhf] dts: imx6q: Use correct SDMA script for SPI5 core + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.17.6 + - userfaultfd: hugetlbfs: fix userfaultfd_huge_must_wait() pte access + - mm: hugetlb: yield when prepping struct pages + - mm: teach dump_page() to correctly output poisoned struct pages + - PCI / ACPI / PM: Resume bridges w/o drivers on suspend-to-RAM + - ACPICA: Drop leading newlines from error messages + - ACPI / battery: Safe unregistering of hooks + - tracing: Avoid string overflow + - tracing: Fix missing return symbol in function_graph output + - scsi: sg: mitigate read/write abuse + - scsi: aacraid: Fix PD performance regression over incorrect qd being set + - scsi: target: Fix truncated PR-in ReadKeys response + - [s390x] Correct register corruption in critical section cleanup + - drbd: fix access after free + - vfio: Use get_user_pages_longterm correctly + - [armhf] dts: imx51-zii-rdu1: fix touchscreen pinctrl + - [armhf] dts: omap3: Fix am3517 mdio and emac clock references + - [armhf] dts: dra7: Disable metastability workaround for USB2 + - cifs: Fix use after free of a mid_q_entry + - cifs: Fix memory leak in smb2_set_ea() + - cifs: Fix slab-out-of-bounds in send_set_info() on SMB2 ACE setting + - cifs: Fix infinite loop when using hard mount option + - drm: Use kvzalloc for allocating blob property memory + - drm/udl: fix display corruption of the last line + - drm/amdgpu: Add amdgpu_atpx_get_dhandle() + - drm/amdgpu: Dynamically probe for ATIF handle (v2) + - ext4: include the illegal physical block in the bad map ext4_error msg + - ext4: add more mount time checks of the superblock + - ext4: check superblock mapped prior to committing + - HID: i2c-hid: Fix "incomplete report" noise + - HID: hiddev: fix potential Spectre v1 (CVE-2017-5715) + - HID: debug: check length before copy_to_user() + - HID: core: allow concurrent registration of drivers + - i2c: core: smbus: fix a potential missing-check bug + - i2c: smbus: kill memory leak on emulated and failed DMA SMBus xfers + - fs: allow per-device dax status checking for filesystems + - dax: change bdev_dax_supported() to support boolean returns + - dax: check for QUEUE_FLAG_DAX in bdev_dax_supported() + - dm: prevent DAX mounts if not supported + - mtd: cfi_cmdset_0002: Change definition naming to retry write operation + - mtd: cfi_cmdset_0002: Change erase functions to retry for error + - mtd: cfi_cmdset_0002: Change erase functions to check chip good only + - netfilter: nf_log: don't hold nf_log_mutex during user access + - [x86] staging: comedi: quatech_daqp_cs: fix no-op loop + daqp_ao_insn_write() + - Revert mm/vmstat.c: fix vmstat_update() preemption BUG + + [ Sjoerd Simons ] + * [armhf] DRM: Enable CONFIG_DRM_IMX_PARALLEL_DISPLAY + + [ Ben Hutchings ] + * linux-tools: Fix cross-build of objtool + * [powerpcspe] Fix build failures (thanks to James Clarke): + - powerpc/lib/sstep: Fix building for powerpcspe + - powerpc/lib/Makefile: Don't pull in quad.o for 32-bit kernels + - linux-perf: Disable building for powerpcspe + * [powerpc,powerpcspe,ppc64] Fix cross-build (Closes: #903096): + - Introduce linux-bootwrapper-<abiname> package containing boot wrapper + tools for the host architecture + - linux-image: Install symlinks to boot wrapper tools instead of the + native tools built by kbuild + * fs: Fix up non-directory creation in SGID directories (CVE-2018-13405) + * sound/pci/hda: Ignore ABI changes + * HID: Avoid ABI change in 4.17.6 + * dax: Avoid ABI change in 4.17.6 + + [ Cyril Brulebois ] + * udeb: Add virtio_console to virtio-modules (Closes: #903122). + + -- Ben Hutchings <ben@decadent.org.uk> Thu, 12 Jul 2018 02:05:27 +0100 + +linux (4.17.3-1) unstable; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.17.3 + - net: aquantia: fix unsigned numvecs comparison with less than zero + - bonding: re-evaluate force_primary when the primary slave name changes + - cdc_ncm: avoid padding beyond end of skb + - ipv6: allow PMTU exceptions to local routes + - [armhf,arm64] net: dsa: add error handling for pskb_trim_rcsum + - net/sched: act_simple: fix parsing of TCA_DEF_DATA + - tcp: verify the checksum of the first data segment in a new connection + - socket: close race condition between sock_close() and sockfs_setattr() + (CVE-2018-12232) + - udp: fix rx queue len reported by diag and proc interface + - net: in virtio_net_hdr only add VLAN_HLEN to csum_start if payload holds + vlan + - ACPICA: AML parser: attempt to continue loading table after error + - ext4: fix hole length detection in ext4_ind_map_blocks() + - ext4: update mtime in ext4_punch_hole even if no blocks are released + - ext4: do not allow external inodes for inline data (CVE-2018-11412) + - ext4: bubble errors from ext4_find_inline_data_nolock() up to ext4_iget() + - ext4: correctly handle a zero-length xattr with a non-zero e_value_offs + (CVE-2018-10840) + - ext4: fix fencepost error in check for inode count overflow during resize + - driver core: Don't ignore class_dir_create_and_add() failure. + - Btrfs: allow empty subvol= again + - Btrfs: fix clone vs chattr NODATASUM race + - Btrfs: fix memory and mount leak in btrfs_ioctl_rm_dev_v2() + - btrfs: return error value if create_io_em failed in cow_file_range + - btrfs: scrub: Don't use inode pages for device replace + - ALSA: usb-audio: Disable the quirk for Nura headset + - ALSA: hda - Handle kzalloc() failure in snd_hda_attach_pcm_stream() + - [x86] MCE: Fix stack out-of-bounds write in mce-inject.c: Flags_read() + - smb3: fix various xid leaks + - smb3: on reconnect set PreviousSessionId field + - CIFS: 511c54a2f69195b28afb9dd119f03787b1625bb4 adds a check for session + expiry + - cifs: For SMB2 security informaion query, check for minimum sized + security descriptor instead of sizeof FileAllInformation class + - nbd: fix nbd device deletion + - nbd: update size when connected + - nbd: use bd_set_size when updating disk size + - blk-mq: reinit q->tag_set_list entry only after grace period + - bdi: Move cgroup bdi_writeback to a dedicated low concurrency workqueue + - cpufreq: Fix new policy initialization during limits updates via sysfs + - cpufreq: governors: Fix long idle detection logic in load calculation + - libata: zpodd: small read overflow in eject_tray() + - libata: Drop SanDisk SD7UB3Q*G1001 NOLPM quirk + - nvme/pci: Sync controller reset for AER slot_reset + - [x86] vector: Fix the args of vector_alloc tracepoint + - [x86] apic/vector: Prevent hlist corruption and leaks + - [x86] apic: Provide apic_ack_irq() + - [x86] ioapic: Use apic_ack_irq() + - [x86] platform/uv: Use apic_ack_irq() + - irq_remapping: Use apic_ack_irq() + - genirq/generic_pending: Do not lose pending affinity update + - genirq/affinity: Defer affinity setting if irq chip is busy + - genirq/migration: Avoid out of line call if pending is not set + - [x86] intel_rdt: Enable CMT and MBM on new Skylake stepping + - media: uvcvideo: Prevent setting unavailable flags + - media: rc: ensure input/lirc device can be opened after register + - iwlwifi: fw: harden page loading code + - [x86] HID: intel_ish-hid: ipc: register more pm callbacks to support + hibernation + - HID: wacom: Correct logical maximum Y for 2nd-gen Intuos Pro large + - vhost: fix info leak due to uninitialized memory (CVE-2018-1118) + - fs/binfmt_misc.c: do not allow offset overflow + - mm, page_alloc: do not break __GFP_THISNODE by zonelist reset + + [ Ben Hutchings ] + * [amd64,arm64,armhf] android: Build modules to support Anbox + (Closes: #901492) + - Export symbols needed by Android drivers + - Enable building ashmem and binder as modules + - Enable ANDROID + - Enable ANDROID_BINDER_IPC, ASHMEM as modules + - Set ANDROID_BINDER_DEVICES="binder" + - Disable ANDROID_BINDER_IPC_32BIT + * [mips*] Increase RELOCATION_TABLE_SIZE to 0x00140000 (fixes FTBFS) + * Set ABI to 1 + * [x86,arm64] Disable code signing for upload to unstable + * [x86] virt: vbox: Only copy_from_user the request-header once + (CVE-2018-12633) + * [x86] vboxguest: Enable VBOXGUEST and DRM_VBOXVIDEO as modules + * aufs: Update support patchset to aufs4.x-rcN-20180611 + * debian/rules.d/scripts/mod/gendef.py: Use Python 3 + * debian/rules: Fix pkg.linux.notools build profile + * tracing: Check for no filter when processing event filters (CVE-2018-12714) + * dm: Enable DM_INTEGRITY as module (except on armel) (Closes: #896649) + * debian/lib/python/debian_linux/debian.py: Accept arbitrary revision + suffixes (Closes: #898087) + * ext4: add corruption check in ext4_xattr_set_entry() (CVE-2018-10879) + * ext4: always verify the magic number in xattr blocks (CVE-2018-10879) + * ext4: always check block group bounds in ext4_init_block_bitmap() + (CVE-2018-10878) + * ext4: make sure bitmaps and the inode table don't overlap with bg + descriptors (CVE-2018-10878) + * ext4: only look at the bg_flags field if it is valid (CVE-2018-10876) + * ext4: verify the depth of extent tree in ext4_find_extent() + (CVE-2018-10877) + * ext4: clear i_data in ext4_inode_info when removing inline data + (CVE-2018-10881) + * ext4: never move the system.data xattr out of the inode body + (CVE-2018-10880) + * jbd2: don't mark block as modified if the handle is out of credits + (CVE-2018-10883) + * ext4: avoid running out of journal credits when appending to an inline file + (CVE-2018-10883) + * ext4: add more inode number paranoia checks (CVE-2018-10882) + * jfs: Fix inconsistency between memory allocation and ea_buf->max_size + (CVE-2018-12233) + * debian/control: Move bison and flex to Build-Depends (Closes: #901712) + + [ Romain Perier ] + * [x86] amdgpu: Enable DCN 1.0 Raven family (Closes: #901349) + * [armhf] Enable missing SND_EDMA_SOC for davinci-mcasp on the BeagleBoneBlack + + [ Vagrant Cascadian ] + * [arm64] Add device-tree to support Pinebook. + + -- Ben Hutchings <ben@decadent.org.uk> Mon, 02 Jul 2018 22:13:27 +0100 + +linux (4.17.2-1~exp1) experimental; urgency=medium + + * New upstream release: https://kernelnewbies.org/Linux_4.17 + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.17.1 + - netfilter: nf_flow_table: attach dst to skbs + - bnx2x: use the right constant + - ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds + - ipv6: omit traffic class when calculating flow hash + - l2tp: fix refcount leakage on PPPoL2TP sockets + - netdev-FAQ: clarify DaveM's position for stable backports + - net: metrics: add proper netlink validation + - net/packet: refine check for priv area size + - rtnetlink: validate attributes in do_setlink() + - sctp: not allow transport timeout value less than HZ/5 for hb_timer + - team: use netdev_features_t instead of u32 + - vrf: check the original netdevice for generating redirect + - net: dsa: b53: Fix for brcm tag issue in Cygnus SoC + - ipmr: fix error path when ipmr_new_table fails + - PCI: hv: Do not wait forever on a device that has disappeared + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.17.2 + - crypto: chelsio - request to HW should wrap + - blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers + - KVM: X86: Fix reserved bits check for MOV to CR3 + - KVM: x86: introduce linear_{read,write}_system + - kvm: fix typo in flag name + - kvm: nVMX: Enforce cpl=0 for VMX instructions + - KVM: x86: pass kvm_vcpu to kvm_read_guest_virt and kvm_write_guest_virt_system + - kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access + - staging: android: ion: Switch to pr_warn_once in ion_buffer_destroy + - NFC: pn533: don't send USB data off of the stack + - usbip: vhci_sysfs: fix potential Spectre v1 + - usb-storage: Add support for FL_ALWAYS_SYNC flag in the UAS driver + - usb-storage: Add compatibility quirk flags for G-Technologies G-Drive + - Input: xpad - add GPD Win 2 Controller USB IDs + - phy: qcom-qusb2: Fix crash if nvmem cell not specified + - usb: core: message: remove extra endianness conversion in usb_set_isoch_delay + - usb: typec: wcove: Remove dependency on HW FSM + - usb: gadget: function: printer: avoid wrong list handling in printer_write() + - usb: gadget: udc: renesas_usb3: fix double phy_put() + - usb: gadget: udc: renesas_usb3: should remove debugfs + - usb: gadget: udc: renesas_usb3: should call pm_runtime_enable() before add udc + - usb: gadget: udc: renesas_usb3: should call devm_phy_get() before add udc + - usb: gadget: udc: renesas_usb3: should fail if devm_phy_get() returns error + - usb: gadget: udc: renesas_usb3: disable the controller's irqs for reconnecting + - serial: sh-sci: Stop using printk format %pCr + - tty/serial: atmel: use port->name as name in request_irq() + - serial: samsung: fix maxburst parameter for DMA transactions + - serial: 8250: omap: Fix idling of clocks for unused uarts + - vmw_balloon: fixing double free when batching mode is off + - doc: fix sysfs ABI documentation + - arm64: defconfig: Enable CONFIG_PINCTRL_MT7622 by default + - tty: pl011: Avoid spuriously stuck-off interrupts + - crypto: ccree - correct host regs offset + - Input: goodix - add new ACPI id for GPD Win 2 touch screen + - Input: elan_i2c - add ELAN0612 (Lenovo v330 14IKB) ACPI ID + - crypto: caam - strip input zeros from RSA input buffer + - crypto: caam - fix DMA mapping dir for generated IV + - crypto: caam - fix IV DMA mapping and updating + - crypto: caam/qi - fix IV DMA mapping and updating + - crypto: caam - fix size of RSA prime factor q + - crypto: cavium - Fix fallout from CONFIG_VMAP_STACK + - crypto: cavium - Limit result reading attempts + - crypto: vmx - Remove overly verbose printk from AES init routines + - crypto: vmx - Remove overly verbose printk from AES XTS init + - crypto: omap-sham - fix memleak + + [ Vagrant Cascadian ] + * [armhf] Enable MFD_AC100 and RTC_DRV_AC100, used in allwinner A80/A83t + systems. + + [ Helge Deller ] + * [hppa] Disable debug info due to required disk size. + + [ Bastian Blank ] + * [cloud-amd64] Enable VIRTUALIZATION. (closes: #900861) + * [cloud-amd64] Enable MEMORY_HOTPLUG. + + [ Romain Perier ] + * [arm64] correct voltage selector for Firefly-RK3399 (Closes: #900799) + + [ Vagrant Cascadian ] + * [arm64] Enable configuration options used in Firefly-RK3399: + DRM_ROCKCHIP, ROCKCHIP_ANALOGIX_DP, ROCKCHIP_DW_HDMI, + ROCKCHIP_DW_MIPI_DSI, ROCKCHIP_SARADC, ROCKCHIP_IOMMU, ROCKCHIP_EFUSE, + PHY_ROCKCHIP_TYPEC, ROCKCHIP_THERMAL (Closes: #901159). + Thanks to Heinrich Schuchardt. + + -- Bastian Blank <waldi@debian.org> Tue, 19 Jun 2018 22:00:47 +0200 + +linux (4.17~rc7-1~exp1) experimental; urgency=medium + + * New upstream release candidate + + [ Romain Perier] + * Update patch debian/wireless-disable-regulatory.db-direct-loading.patch to + fix a FTBFS with undefined symbol reg_query_regdb_wmm() that is used by + wireless driver iwlwifi. + + [ Luca Boccassi ] + * Disable building linux-doc-* and tools documentation when the "nodoc" + build profile is used. + * Add new "pkg.linux.nosource" build profile that disables building the + linux-source-* package, and a "[packages] source" option for the + debian/config/defines file that defines the default behaviour. + * Remove redundant "Dual License" from debian/copyright to fix Lintian + source warning "space-in-std-shortname-in-dep5-copyright". + * Add missing Copyright line to debian/copyright to fix Lintian source + warning "missing-field-in-dep5-copyright". + + [ John Paul Adrian Glaubitz ] + * [m68k] Enable CONFIG_PATA_GAYLE as module. + + [ Ben Hutchings ] + * Fix building only versioned tools packages + * Reclassify lockdep packages as unversioned tools + * [hppa/parisc64-smp] IB: Fix RDMA_RXE and INFINIBAND_RDMAVT dependencies for + DMA_VIRT_OPS + * rtl8192se: Fix warning introduced by "firmware: Remove redundant log + messages from drivers" + * SCSI: Enable SCSI_MQ_DEFAULT. This can be reverted using the kernel + parameter: scsi_mod.use_blk_mq=n + * dm: Enable DM_MQ_DEFAULT. This can be reverted using the kernel parameter: + dm_mod.use_blk_mq=n + + [ Jason Duerstock ] + * [ia64] udeb: Add compress-modules package (fixes FTBFS) + + [ YunQiang Su ] + * [mips{,64}el/loongson-3] enable NUMA, CPU_PM, CPU_IDLE, RS780_HPET, + REGULATOR. (Closes: #898521). + * [mips{,64}r6{,el}] use boston as the target, and enable MIPS_CPS. + Add a patch to disable uImage generation to avoid depend on u-boot-tools. + Fix typo the EL's flavor names in installer: not same within defines + Malta is never used for r6. (Closes: #898523) + Boston also requires relocation table size >= 0x00121000. + + [ Vagrant Cascadian ] + * [armhf] Update mtd-modules: Replace pxa3xx_nand with marvell_nand. + + [ Hideki Yamane ] + * Improve battery life on laptops (Closes: #898629) + Thanks to Hans de Goede <hdegoede@redhat.com> + - ATA: A new SATA link-powermanagement-policy will be the default on all + Intel mobile chipsets. This can be reverted by passing + "ahci.mobile_lpm_policy=0" on the kernel commandline. + - sound: Enable Intel HDA codec power-saving by default with a 1 second + timeout. This can be overridden by passing "snd_hda_intel.power_save=0" + on the kernel commandline (0 is previously default). + - BlueTooth: Enable USB autosuspend for Bluetooth USB devices by default. + This can be disabled by passing "btusb.enable_autosuspend=n" on the + kernel commandline. + + [ Bastian Blank ] + * [cloud-amd64] Disable some filesystems. + + -- Ben Hutchings <ben@decadent.org.uk> Tue, 29 May 2018 09:54:12 +0100 + +linux (4.17~rc3-1~exp1) experimental; urgency=medium + + * New upstream release candidate + + [ Ben Hutchings ] + * [amd64] Drop our patch "Don't WARN about expected W+X pages on Xen"; the + problem appears to have been fixed upstream + * Drop our patch "Kbuild: kconfig: Verbose version of --listnewconfig"; + listnewconfig now shows symbol values by default + * debian/rules.real: Stop enabling verbose output for listnewconfig target + * Documentation: typec.rst: Use literal-block element with ascii art + * Documentation: Update references to drivers/base/firmware_class.c + * [armhf] Enable MTD_NAND_MARVELL as module, replacing MTD_NAND_PXA3xx + * linux-kbuild: Update genksyms makefile to run flex and bison + * Add support for building only versioned tools packages + * Change generation of linux-doc, linux-source, linux-support package names + + [ Luca Boccassi ] + * Build-Dep on libelf-dev even for nopython/notools builds to fix FTBFS, + needed when CONFIG_STACK_VALIDATION and CONFIG_UNWINDER_ORC are enabled. + + -- Ben Hutchings <ben@decadent.org.uk> Mon, 30 Apr 2018 00:13:06 +0100 + +linux (4.16.16-2) unstable; urgency=medium + + * [powerpc*] Ignore further ABI changes in cxl. + * [ia64] Add compress-modules udeb. + + -- Bastian Blank <waldi@debian.org> Fri, 22 Jun 2018 11:50:22 +0200 + +linux (4.16.16-1) unstable; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.13 + - [mips*] c-r4k: Fix data corruption related to cache coherence + - [mips*] ptrace: Expose FIR register through FP regset + - [mips*] Fix ptrace(2) PTRACE_PEEKUSR and PTRACE_POKEUSR accesses to o32 + FGRs + - affs_lookup(): close a race with affs_remove_link() + - fix breakage caused by d_find_alias() semantics change + - fs: don't scan the inode cache before SB_BORN is set + - aio: fix io_destroy(2) vs. lookup_ioctx() race + - Btrfs: fix error handling in btrfs_truncate() + - ALSA: timer: Fix pause event notification + - do d_instantiate/unlock_new_inode combinations safely + - mmc: block: propagate correct returned value in mmc_rpmb_ioctl + - mmc: sdhci-iproc: remove hard coded mmc cap 1.8v + - mmc: sdhci-iproc: fix 32bit writes for TRANSFER_MODE register + - mmc: sdhci-iproc: add SDHCI_QUIRK2_HOST_OFF_CARD_ON for cygnus + - ahci: Add PCI ID for Cannon Lake PCH-LP AHCI + - libata: Blacklist some Sandisk SSDs for NCQ + - libata: blacklist Micron 500IT SSD with MU01 firmware + - xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent + - drm/vmwgfx: Fix 32-bit VMW_PORT_HB_[IN|OUT] macros + - [arm64] lse: Add early clobbers to some input/output asm operands + - [arm64] export tishift functions to modules + - [powerpc*] 64s: Clear PCR on boot + - IB/hfi1: Use after free race condition in send context error path + - IB/umem: Use the correct mm during ib_umem_release + - sr: pass down correctly sized SCSI sense buffer (CVE-2018-11506) + - bcma: fix buffer size caused crash in bcma_core_mips_print_irq() + - idr: fix invalid ptr dereference on item delete + - Revert "ipc/shm: Fix shmat mmap nil-page protection" + - ipc/shm: fix shmat() nil address after round-down when remapping + - mm/kasan: don't vfree() nonexistent vm_area + - kasan: free allocated shadow memory on MEM_CANCEL_ONLINE + - kasan: fix memory hotplug during boot + - kernel/sys.c: fix potential Spectre v1 issue + - PM / core: Fix direct_complete handling for devices with no callbacks + - KVM/VMX: Expose SSBD properly to guests + - KVM: s390: vsie: fix < 8k check for the itdba + - KVM: x86: Update cpuid properly when CR4.OSXAVE or CR4.PKE is changed + - kvm: x86: IA32_ARCH_CAPABILITIES is always supported + - x86/kvm: fix LAPIC timer drift when guest uses periodic mode + - [armhf] dts: sun4i: Fix incorrect clocks for displays + - sh: fix debug trap failure to process signals before return to user + - firmware: dmi_scan: Fix UUID length safety check + - nvme: don't send keep-alives to the discovery controller + - Btrfs: clean up resources during umount after trans is aborted + - Btrfs: fix loss of prealloc extents past i_size after fsync log replay + - x86/pgtable: Don't set huge PUD/PMD on non-leaf entries + - x86/mm: Do not forbid _PAGE_RW before init for __ro_after_init + - bnxt_en: Ignore src port field in decap filter nodes + - nvme: expand nvmf_check_if_ready checks + - fs/proc/proc_sysctl.c: fix potential page fault while unregistering + sysctl table + - kasan: fix invalid-free test crashing the kernel + - kasan, slub: fix handling of kasan_slab_free hook + - swap: divide-by-zero when zero length swap file on ssd + - z3fold: fix memory leak + - sr: get/drop reference to device in revalidate and check_events + - Force log to disk before reading the AGF during a fstrim + - cpufreq: CPPC: Initialize shared perf capabilities of CPUs + - powerpc/fscr: Enable interrupts earlier before calling get_user() + - perf tools: Fix perf builds with clang support + - perf clang: Add support for recent clang versions + - dp83640: Ensure against premature access to PHY registers after reset + - ibmvnic: Zero used TX descriptor counter on reset + - genirq/affinity: Don't return with empty affinity masks on error + - mm/ksm: fix interaction with THP + - mm: fix races between address_space dereference and free in + page_evicatable + - mm: thp: fix potential clearing to referenced flag in + page_idle_clear_pte_refs_one() + - Btrfs: bail out on error during replay_dir_deletes + - Btrfs: fix NULL pointer dereference in log_dir_items + - btrfs: Fix possible softlock on single core machines + - IB/rxe: Fix for oops in rxe_register_device on ppc64le arch + - ocfs2/dlm: don't handle migrate lockres if already in shutdown + - [powerpc*] 64s: Fix restore of AMOR on POWER9 after deep sleep + - sched/rt: Fix rq->clock_update_flags < RQCF_ACT_SKIP warning + - x86/mm: Fix bogus warning during EFI bootup, use boot_cpu_has() instead + of this_cpu_has() in build_cr3_noflush() + - KVM: VMX: raise internal error for exception during invalid protected + mode state + - lan78xx: Connect phy early + - fscache: Fix hanging wait on page discarded by writeback + - dmaengine: rcar-dmac: Fix too early/late system suspend/resume callbacks + - [sparc64] Make atomic_xchg() an inline function rather than a macro. + - riscv/spinlock: Strengthen implementations with fences + - platform/x86: dell-smbios: Fix memory leaks in build_tokens_sysfs() + - net: bgmac: Fix endian access in bgmac_dma_tx_ring_free() + - net: bgmac: Correctly annotate register space + - bnxt_en: fix clear flags in ethtool reset handling + - [powerpc*] 64s: sreset panic if there is no debugger or crash dump handlers + - btrfs: tests/qgroup: Fix wrong tree backref level + - Btrfs: fix copy_items() return value when logging an inode + - btrfs: fix lockdep splat in btrfs_alloc_subvolume_writers + - btrfs: qgroup: Fix root item corruption when multiple same source + snapshots are created with quota enabled + - rxrpc: Fix resend event time calculation + - rxrpc: Fix Tx ring annotation after initial Tx failure + - rxrpc: Don't treat call aborts as conn aborts + - xen/acpi: off by one in read_acpi_id() + - drivers: macintosh: rack-meter: really fix bogus memsets + - ACPI: acpi_pad: Fix memory leak in power saving threads + - powerpc/mpic: Check if cpu_possible() in mpic_physmask() + - ieee802154: ca8210: fix uninitialised data read + - ath10k: advertize beacon_int_min_gcd + - iommu/amd: Take into account that alloc_dev_data() may return NULL + - intel_th: Use correct method of finding hub + - [m68k] set dma and coherent masks for platform FEC ethernets + - iwlwifi: mvm: check if mac80211_queue is valid in iwl_mvm_disable_txq + - iwlwifi: mvm: take RCU lock before dereferencing + - net/mlx5e: Move all TX timeout logic to be under state lock + - parisc/pci: Switch LBA PCI bus from Hard Fail to Soft Fail mode + - perf mmap: Fix accessing unmapped mmap in perf_mmap__read_done() + - hwmon: (nct6775) Fix writing pwmX_mode + - mt76x2: fix possible NULL pointer dereferencing in mt76x2_tx() + - mt76x2: fix warning in ieee80211_get_key_rx_seq() + - [powerpc] perf: Prevent kernel address leak to userspace via BHRB buffer + - [powerpc] perf: Fix kernel address leak via sampling registers + - rsi: fix kernel panic observed on 64bit machine + - tools/thermal: tmon: fix for segfault + - selftests: Print the test we're running to /dev/kmsg + - i40e: hold the RTNL lock while changing interrupt schemes + - net/mlx5: Protect from command bit overflow + - watchdog: davinci_wdt: fix error handling in davinci_wdt_probe() + - net: hns3: fix for the wrong shift problem in hns3_set_txbd_baseinfo + - net: hns3: fix for returning wrong value problem in + hns3_get_rss_indir_size + - net: hns3: fix for returning wrong value problem in hns3_get_rss_key_size + - net: qualcomm: rmnet: check for null ep to avoid null pointer dereference + - ath10k: Fix kernel panic while using worker (ath10k_sta_rc_update_wk) + - nvme_fc: fix abort race on teardown with lld reject + - nvme-pci: disable APST for Samsung NVMe SSD 960 EVO + ASUS PRIME Z370-A + - ath9k: fix crash in spectral scan + - btrfs: fix null pointer deref when target device is missing + - cxgb4: Setup FW queues before registering netdev + - hv_netvsc: Fix the return status in RX path + - ima: Fix Kconfig to select TPM 2.0 CRB interface + - ima: Fallback to the builtin hash algorithm + - watchdog: aspeed: Allow configuring for alternate boot + - gfs2: Check for the end of metadata in punch_hole + - virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS + - [armhf] dts: socfpga: fix GIC PPI warning + - ima: clear IMA_HASH + - ext4: don't complain about incorrect features when probing + - drm/vmwgfx: Unpin the screen object backup buffer when not used + - iommu/mediatek: Fix protect memory setting + - cpufreq: cppc_cpufreq: Fix cppc_cpufreq_init() failure path + - firmware: fix checking for return values for fw_add_devm_name() + - IB/mlx5: Set the default active rate and width to QDR and 4X + - zorro: Set up z->dev.dma_mask for the DMA API + - bcache: quit dc->writeback_thread when BCACHE_DEV_DETACHING is set + - remoteproc: imx_rproc: Fix an error handling path in 'imx_rproc_probe()' + - bcache: fix cached_dev->count usage for bch_cache_set_error() + - ACPICA: Events: add a return on failure from acpi_hw_register_read + - ACPICA: Fix memory leak on unusual memory leak + - bcache: stop dc->writeback_rate_update properly + - ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c + - cxgb4: Fix queue free path of ULD drivers + - i2c: mv64xxx: Apply errata delay only in standard mode + - KVM: lapic: stop advertising DIRECTED_EOI when in-kernel IOAPIC is in use + - perf top: Fix top.c[all] all-graph config option reading + - perf stat: Fix core dump when flag T is used + - IB/core: Honor port_num while resolving GID for IB link layer + - drm/amdkfd: add missing include of mm.h + - coresight: Use %px to print pcsr instead of %p + - ibmvnic: Fix reset return from closed state + - regulator: gpio: Fix some error handling paths in 'gpio_regulator_probe()' + - spi: bcm-qspi: fIX some error handling paths + - net/smc: pay attention to MAX_ORDER for CQ entries + - MIPS: ath79: Fix AR724X_PLL_REG_PCIE_CONFIG offset + - powerpc/vas: Fix cleanup when VAS is not configured + - PCI: Restore config space on runtime resume despite being unbound + - watchdog: sprd_wdt: Fix error handling in sprd_wdt_enable() + - watchdog: dw: RMW the control register + - watchdog: aspeed: Fix translation of reset mode to ctrl register + - ipmi_ssif: Fix kernel panic at msg_done_handler + - [arm64] drm/meson: Fix some error handling paths in 'meson_drv_bind_master()' + - [arm64] drm/meson: Fix an un-handled error path in 'meson_drv_bind_master()' + - [powerpc] powernv/npu: Fix deadlock in mmio_invalidate() + - f2fs: flush cp pack except cp pack 2 page at first + - cxl: Check if PSL data-cache is available before issue flush request + - f2fs: fix to set KEEP_SIZE bit in f2fs_zero_range + - f2fs: fix to clear CP_TRIMMED_FLAG + - f2fs: fix to check extent cache in f2fs_drop_extent_tree + - perf/core: Fix installing cgroup events on CPU + - max17042: propagate of_node to power supply device + - perf/core: Fix perf_output_read_group() + - drm/panel: simple: Fix the bus format for the Ontat panel + - hwmon: (pmbus/max8688) Accept negative page register values + - hwmon: (pmbus/adm1275) Accept negative page register values + - [amd64] perf: Properly save/restore the PMU state in the NMI handler + - cdrom: do not call check_disk_change() inside cdrom_open() + - [armhf, arm64] efi: Only register page tables when they exist + - [amd64] perf: Fix large period handling on Broadwell CPUs + - [amd64] perf: Fix event update for auto-reload + - [arm64] dts: qcom: Fix SPI5 config on MSM8996 + - [arm64] soc: qcom: wcnss_ctrl: Fix increment in NV upload + - gfs2: Fix fallocate chunk size + - [amd64] x86/devicetree: Initialize device tree before using it + - [amd64] x86/devicetree: Fix device IRQ settings in DT + - phy: rockchip-emmc: retry calpad busy trimming + - ALSA: vmaster: Propagate slave error + - phy: qcom-qmp: Fix phy pipe clock gating + - drm/bridge: sii902x: Retry status read after DDI I2C + - drm/amdgpu: Clean sdma wptr register when only enable wptr polling + - tools: hv: fix compiler warnings about major/target_fname + - block: null_blk: fix 'Invalid parameters' when loading module + - dmaengine: pl330: fix a race condition in case of threaded irqs + - [powerpc] mm/slice: Remove intermediate bitmap copy + - [powerpc] mm/slice: create header files dedicated to slices + - [powerpc] mm/slice: Enhance for supporting PPC32 + - [powerpc] mm/slice: Fix hugepage allocation at hint address on 8xx + - dmaengine: rcar-dmac: Check the done lists in rcar_dmac_chan_get_residue() + - enic: enable rq before updating rq descriptors + - watchdog: asm9260_wdt: fix error handling in asm9260_wdt_probe() + - hwrng: stm32 - add reset during probe + - pinctrl: devicetree: Fix dt_to_map_one_config handling of hogs + - pinctrl: artpec6: dt: add missing pin group uart5nocts + - vfio-ccw: fence off transport mode + - dmaengine: qcom: bam_dma: get num-channels and num-ees from dt + - drm: omapdrm: dss: Move initialization code from component bind to probe + - [armhf] dts: dra71-evm: Correct evm_sd regulator max voltage + - drm/amdgpu: disable GFX ring and disable PQ wptr in hw_fini + - drm/amdgpu: adjust timeout for ib_ring_tests(v2) + - ibmvnic: Allocate statistics buffers during probe + - [armhf, arm64] net: stmmac: ensure that the device has released ownership + before reading data + - [armhf, arm64] net: stmmac: ensure that the MSS desc is the last desc to + set the own bit + - cpufreq: Reorder cpufreq_online() error code path + - dpaa_eth: fix SG mapping + - PCI: Add function 1 DMA alias quirk for Marvell 88SE9220 + - udf: Provide saner default for invalid uid / gid + - ixgbe: prevent ptp_rx_hang from running when in FILTER_ALL mode + - sh_eth: fix TSU init on SH7734/R8A7740 + - power: supply: ltc2941-battery-gauge: Fix temperature units + - [armhf] dts: bcm283x: Fix probing of bcm2835-i2s + - [armhf] dts: bcm283x: Fix pin function of JTAG pins + - PCMCIA / PM: Avoid noirq suspend aborts during suspend-to-idle + - hwrng: bcm2835 - Handle deferred clock properly + - audit: return on memory error to avoid null pointer dereference + - [armhf, arm64] net: stmmac: call correct function in + stmmac_mac_config_rx_queues_routing() + - rcu: Call touch_nmi_watchdog() while printing stall warnings + - pinctrl: sh-pfc: r8a7796: Fix MOD_SEL register pin assignment for SSI + pins group + - dt-bindings: display: msm/dsi: Fix the PHY regulator supply props + - drm/amd/display: Set vsc pack revision when DPCD revision is >= 1.2 + - dpaa_eth: fix pause capability advertisement logic + - [mips*/octeon] Fix logging messages with spurious periods after newlines + - [arm64] soc: renesas: r8a77970-sysc: fix power area parents + - [armhf] drm/rockchip: Respect page offset for PRIME mmap calls + - x86/apic: Set up through-local-APIC mode on the boot CPU if 'noapic' + specified + - perf report: Fix wrong jump arrow + - perf tests: Use arch__compare_symbol_names to compare symbols + - perf report: Fix memory corruption in --branch-history mode + --branch-history + - perf tests: Fix dwarf unwind for stripped binaries + - selftests/net: fixes psock_fanout eBPF test case + - drm/vblank: Data type fixes for 64-bit vblank sequences. + - netlabel: If PF_INET6, check sk_buff ip header version + - drm: rcar-du: lvds: Fix LVDS startup on R-Car Gen3 + - drm: rcar-du: lvds: Fix LVDS startup on R-Car Gen2 + - selftests: Add FIB onlink tests + - regmap: Correct comparison in regmap_cached + - soc: amlogic: meson-gx-pwrc-vpu: fix error on shutdown when domain is + powered off + - i40e: Add delay after EMP reset for firmware to recover + - [armhf] dts: imx7d: cl-som-imx7: fix pinctrl_enet + - [armhf] dts: porter: Fix HDMI output routing + - regulator: of: Add a missing 'of_node_put()' in an error handling path of + 'of_regulator_match()' + - pinctrl: msm: Use dynamic GPIO numbering + - pinctrl: mcp23s08: spi: Fix regmap debugfs entries + - kdb: make "mdr" command repeat + - drm/vmwgfx: Set dmabuf_size when vmw_dmabuf_init is successful + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.14 + - objtool: Support GCC 8's cold subfunctions + - objtool: Support GCC 8 switch tables + - objtool: Detect RIP-relative switch table references + - objtool: Detect RIP-relative switch table references, part 2 + - objtool: Fix "noreturn" detection for recursive sibling calls + - x86/mce/AMD: Carve out SMCA get_block_address() code + - x86/MCE/AMD: Cache SMCA MISC block addresses + - drm/vmwgfx: Use kasprintf + - drm/vmwgfx: Fix host logging / guestinfo reading error paths + - Revert "pinctrl: msm: Use dynamic GPIO numbering" + - xfs: convert XFS_AGFL_SIZE to a helper function + - xfs: detect agfl count corruption and reset agfl + - Input: synaptics - Lenovo Carbon X1 Gen5 (2017) devices should use RMI + - Input: synaptics - Lenovo Thinkpad X1 Carbon G5 (2017) with Elantech trackpoints should use RMI + - Input: synaptics - add Intertouch support on X1 Carbon 6th and X280 + - Input: synaptics - add Lenovo 80 series ids to SMBus + - Input: elan_i2c_smbus - fix corrupted stack + - tracing: Fix crash when freeing instances with event triggers + - tracing: Make the snapshot trigger work with instances + - nvme: fix extended data LBA supported setting + - selinux: KASAN: slab-out-of-bounds in xattr_getsecurity + - cfg80211: further limit wiphy names to 64 bytes + - drm/amd/powerplay: Fix enum mismatch + - rtlwifi: rtl8192cu: Remove variable self-assignment in rf.c + - iio: ad7793: implement IIO_CHAN_INFO_SAMP_FREQ + - iio: hid-sensor-trigger: Fix sometimes not powering up the sensor after resume + - iio:buffer: make length types match kfifo types + - iio:kfifo_buf: check for uint overflow + - iio: adc: stm32-dfsdm: fix successive oversampling settings + - iio: adc: stm32-dfsdm: fix sample rate for div2 spi clock + - iio: adc: at91-sama5d2_adc: fix channel configuration for differential channels + - iio: adc: select buffer for at91-sama5d2_adc + - MIPS: lantiq: gphy: Drop reboot/remove reset asserts + - MIPS: ptrace: Fix PTRACE_PEEKUSR requests for 64-bit FGRs + - MIPS: prctl: Disallow FRE without FR with PR_SET_FP_MODE requests + - scsi: scsi_transport_srp: Fix shost to rport translation + - stm class: Use vmalloc for the master map + - hwtracing: stm: fix build error on some arches + - IB/core: Fix error code for invalid GID entry + - mm/huge_memory.c: __split_huge_page() use atomic ClearPageDirty() + - Revert "rt2800: use TXOP_BACKOFF for probe frames" + - intel_th: Use correct device when freeing buffers + - drm/psr: Fix missed entry in PSR setup time table. + - drm/i915/lvds: Move acpi lid notification registration to registration phase + - drm/i915: Disable LVDS on Radiant P845 + - fix io_destroy()/aio_complete() race + - mm: fix the NULL mapping case in __isolate_lru_page() + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.15 + - mmap: introduce sane default mmap limits + - mmap: relax file size limit for regular files + - netfilter: nf_flow_table: attach dst to skbs + - kconfig: Avoid format overflow warning from GCC 8.1 + - be2net: Fix error detection logic for BE3 + - bnx2x: use the right constant + - cls_flower: Fix incorrect idr release when failing to modify rule + - dccp: don't free ccid2_hc_tx_sock struct in dccp_disconnect() + - enic: set DMA mask to 47 bit + - ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds + - ip6_tunnel: remove magic mtu value 0xFFF8 + - ipmr: properly check rhltable_init() return value + - ipv4: remove warning in ip_recv_error + - ipv6: omit traffic class when calculating flow hash + - isdn: eicon: fix a missing-check bug + - kcm: Fix use-after-free caused by clonned sockets + - l2tp: fix refcount leakage on PPPoL2TP sockets + - mlxsw: spectrum: Forbid creation of VLAN 1 over port/LAG + - netdev-FAQ: clarify DaveM's position for stable backports + - net: ethernet: davinci_emac: fix error handling in probe() + - net: ipv4: add missing RTA_TABLE to rtm_ipv4_policy + - net: metrics: add proper netlink validation + - net/packet: refine check for priv area size + - net: phy: broadcom: Fix bcm_write_exp() + - net: usb: cdc_mbim: add flag FLAG_SEND_ZLP + - packet: fix reserve calculation + - qed: Fix mask for physical address in ILT entry + - rtnetlink: validate attributes in do_setlink() + - sctp: not allow transport timeout value less than HZ/5 for hb_timer + - team: use netdev_features_t instead of u32 + - vhost: synchronize IOTLB message with dev cleanup + - vrf: check the original netdevice for generating redirect + - ipv6: sr: fix memory OOB access in seg6_do_srh_encap/inline + - net: phy: broadcom: Fix auxiliary control register reads + - net-sysfs: Fix memory leak in XPS configuration + - virtio-net: correctly transmit XDP buff after linearizing + - virtio-net: fix leaking page for gso packet during mergeable XDP + - net/mlx4: Fix irq-unsafe spinlock usage + - net/mlx5e: When RXFCS is set, add FCS data into checksum calculation + - tun: Fix NULL pointer dereference in XDP redirect + - virtio-net: correctly check num_buf during err path + - net: dsa: b53: Fix for brcm tag issue in Cygnus SoC + - net : sched: cls_api: deal with egdev path only if needed + - virtio-net: correctly redirect linearized packet + - ip_tunnel: restore binding to ifaces with a large mtu + - net: netsec: reduce DMA mask to 40 bits + - vhost_net: flush batched heads before trying to busy polling + - PCI: hv: Do not wait forever on a device that has disappeared + - drm: set FMODE_UNSIGNED_OFFSET for drm files + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.16 + - netfilter: nf_tables: fix NULL pointer dereference on nft_ct_helper_obj_dump() + - crypto: chelsio - request to HW should wrap + - blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers + - af_key: Always verify length of provided sadb_key + - KVM: X86: Fix reserved bits check for MOV to CR3 + - KVM: x86: introduce linear_{read,write}_system + - kvm: nVMX: Enforce cpl=0 for VMX instructions + - KVM: x86: pass kvm_vcpu to kvm_read_guest_virt and kvm_write_guest_virt_system + - staging: android: ion: Switch to pr_warn_once in ion_buffer_destroy + - NFC: pn533: don't send USB data off of the stack + - usbip: vhci_sysfs: fix potential Spectre v1 + - usb-storage: Add support for FL_ALWAYS_SYNC flag in the UAS driver + - usb-storage: Add compatibility quirk flags for G-Technologies G-Drive + - Input: xpad - add GPD Win 2 Controller USB IDs + - phy: qcom-qusb2: Fix crash if nvmem cell not specified + - usb: core: message: remove extra endianness conversion in usb_set_isoch_delay + - usb: typec: wcove: Remove dependency on HW FSM + - usb: gadget: function: printer: avoid wrong list handling in printer_write() + - usb: gadget: udc: renesas_usb3: fix double phy_put() + - usb: gadget: udc: renesas_usb3: should remove debugfs + - usb: gadget: udc: renesas_usb3: should call pm_runtime_enable() before add udc + - usb: gadget: udc: renesas_usb3: should call devm_phy_get() before add udc + - usb: gadget: udc: renesas_usb3: should fail if devm_phy_get() returns error + - usb: gadget: udc: renesas_usb3: disable the controller's irqs for reconnecting + - serial: sh-sci: Stop using printk format %pCr + - tty/serial: atmel: use port->name as name in request_irq() + - serial: samsung: fix maxburst parameter for DMA transactions + - serial: 8250: omap: Fix idling of clocks for unused uarts + - vmw_balloon: fixing double free when batching mode is off + - tty: pl011: Avoid spuriously stuck-off interrupts + - kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access + - Input: goodix - add new ACPI id for GPD Win 2 touch screen + - Input: elan_i2c - add ELAN0612 (Lenovo v330 14IKB) ACPI ID + - crypto: caam - strip input zeros from RSA input buffer + - crypto: caam - fix DMA mapping dir for generated IV + - crypto: caam - fix IV DMA mapping and updating + - crypto: caam/qi - fix IV DMA mapping and updating + - crypto: caam - fix size of RSA prime factor q + - crypto: cavium - Fix fallout from CONFIG_VMAP_STACK + - crypto: cavium - Limit result reading attempts + - crypto: vmx - Remove overly verbose printk from AES init routines + - crypto: vmx - Remove overly verbose printk from AES XTS init + - crypto: omap-sham - fix memleak + + [ Vagrant Cascadian ] + * [armhf] Enable MFD_AC100 and RTC_DRV_AC100, used in allwinner A80/A83t + systems. + + [ Yves-Alexis Perez ] + * hardening: enable FORTIFY_SOURCE, disable HARDENED_USERCOPY_FALLBACK + * [x86] hardening: enable REFCOUNT_FULL + + [ Ben Hutchings ] + * ext4: Fix duplicate softdep fields in module info + + [ Bastian Blank ] + * hv_netvsc: Fix a network regression after ifdown/ifup + * [rt] Update to 4.16.15-rt7. + + [ Vagrant Cascadian ] + * [arm64] Enable configuration options used in Firefly-RK3399: + DRM_ROCKCHIP, ROCKCHIP_ANALOGIX_DP, ROCKCHIP_DW_HDMI, + ROCKCHIP_DW_MIPI_DSI, ROCKCHIP_SARADC, ROCKCHIP_IOMMU, ROCKCHIP_EFUSE, + PHY_ROCKCHIP_TYPEC, ROCKCHIP_THERMAL (Closes: #901159). + Thanks to Heinrich Schuchardt. + * [arm64,armhf] Add device-tree to support Raspberry PI 3b+. + + -- Bastian Blank <waldi@debian.org> Tue, 19 Jun 2018 20:23:54 +0200 + +linux (4.16.12-1) unstable; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.6 + - Revert "pinctrl: intel: Initialize GPIO properly when used through + irqchip" + - [armhf] drm: bridge: dw-hdmi: Fix overflow workaround for Amlogic Meson + GX SoCs + - i40e: Fix attach VF to VM issue + - tpm: cmd_ready command can be issued only after granting locality + - tpm: tpm-interface: fix tpm_transmit/_cmd kdoc + - tpm: add retry logic + - Revert "ath10k: send (re)assoc peer command when NSS changed" + - bonding: do not set slave_dev npinfo before slave_enable_netpoll in + bond_enslave + - docs: ip-sysctl.txt: fix name of some ipv6 variables + - ipv6: add RTA_TABLE and RTA_PREFSRC to rtm_ipv6_policy + - ipv6: sr: fix NULL pointer dereference in seg6_do_srh_encap()- v4 pkts + - KEYS: DNS: limit the length of option strings + - l2tp: check sockaddr length in pppol2tp_connect() + - llc: delete timers synchronously in llc_sk_free() + - net: af_packet: fix race in PACKET_{R|T}X_RING + - net: fix deadlock while clearing neighbor proxy table + - [arm64,armhf] net: mvpp2: Fix DMA address mask size + - net: qmi_wwan: add Wistron Neweb D19Q1 + - net/smc: fix shutdown in state SMC_LISTEN + - net: stmmac: Disable ACS Feature for GMAC >= 4 + - packet: fix bitfield update race + - pppoe: check sockaddr length in pppoe_connect() + - Revert "macsec: missing dev_put() on error in macsec_newlink()" + - sctp: do not check port in sctp_inet6_cmp_addr + - strparser: Do not call mod_delayed_work with a timeout of LONG_MAX + - strparser: Fix incorrect strp->need_bytes value. + - tcp: clear tp->packets_out when purging write queue + - tcp: don't read out-of-bounds opsize + - tcp: md5: reject TCP_MD5SIG or TCP_MD5SIG_EXT on established sockets + - team: avoid adding twice the same option to the event list + - team: fix netconsole setup over team + - tipc: add policy for TIPC_NLA_NET_ADDR + - vlan: Fix reading memory beyond skb->tail in skb_vlan_tagged_multi + - vmxnet3: fix incorrect dereference when rxvlan is disabled + - [amd64,arm64] amd-xgbe: Add pre/post auto-negotiation phy hooks + - [amd64,arm64] amd-xgbe: Improve KR auto-negotiation and training + - [amd64,arm64] amd-xgbe: Only use the SFP supported transceiver signals + - net: sched: ife: signal not finding metaid + - net: sched: ife: handle malformed tlv length + - net: sched: ife: check on metadata length + - l2tp: hold reference on tunnels in netlink dumps + - l2tp: hold reference on tunnels printed in pppol2tp proc file + - l2tp: hold reference on tunnels printed in l2tp/tunnels debugfs file + - l2tp: fix {pppol2tp, l2tp_dfs}_seq_stop() in case of seq_file overflow + - llc: hold llc_sap before release_sock() + - llc: fix NULL pointer deref for SOCK_ZAPPED + - [s390x] qeth: fix error handling in adapter command callbacks + - [s390x] qeth: avoid control IO completion stalls + - [s390x] qeth: handle failure on workqueue creation + - [armhf] net: ethernet: ti: cpsw: fix tx vlan priority mapping + - net: validate attribute sizes in neigh_dump_table() + - bnxt_en: Fix memory fault in bnxt_ethtool_init() + - virtio-net: add missing virtqueue kick when flushing packets + - VSOCK: make af_vsock.ko removable again + - net: aquantia: Regression on reset with 1.x firmware + - tun: fix vlan packet truncation + - net: aquantia: oops when shutdown on already stopped device + - virtio_net: split out ctrl buffer + - virtio_net: fix adding vids on big-endian + - Revert "mm/hmm: fix header file if/else/endif maze" + - commoncap: Handle memory allocation failure. + - scsi: mptsas: Disable WRITE SAME + - cdrom: information leak in cdrom_ioctl_media_changed() (CVE-2018-10940) + - fsnotify: Fix fsnotify_mark_connector race + - [m68k] mac: Don't remap SWIM MMIO region + - [m68k] block/swim: Check drive type + - [m68k] block/swim: Don't log an error message for an invalid ioctl + - [m68k] block/swim: Remove extra put_disk() call from error path + - [m68k] block/swim: Rename macros to avoid inconsistent inverted logic + - [m68k] block/swim: Select appropriate drive on device open + - [m68k] block/swim: Fix array bounds check + - [m68k] block/swim: Fix IO error at end of medium + - tracing: Fix missing tab for hwlat_detector print format + - hwmon: (k10temp) Add temperature offset for Ryzen 2700X + - hwmon: (k10temp) Add support for AMD Ryzen w/ Vega graphics + - [s390x] cio: update chpid descriptor after resource accessibility event + - [s390x] dasd: fix IO error for newly defined devices + - [s390x] uprobes: implement arch_uretprobe_is_alive() + - [s390x] cpum_cf: rename IBM z13/z14 counter names + - kprobes: Fix random address output of blacklist file + - ACPI / video: Only default only_lcd to true on Win8-ready _desktops_ + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.7 + - ext4: prevent right-shifting extents beyond EXT_MAX_BLOCKS + - ext4: set h_journal if there is a failure starting a reserved handle + - ext4: add MODULE_SOFTDEP to ensure crc32c is included in the initramfs + - random: set up the NUMA crng instances after the CRNG is fully + initialized + - random: fix possible sleeping allocation from irq context + - random: rate limit unseeded randomness warnings + - usbip: usbip_event: fix to not print kernel pointer address + - usbip: usbip_host: fix to hold parent lock for device_attach() calls + - usbip: vhci_hcd: Fix usb device and sockfd leaks + - usbip: vhci_hcd: check rhport before using in vhci_hub_control() + - Revert "xhci: plat: Register shutdown for xhci_plat" + - xhci: Fix USB ports for Dell Inspiron 5775 + - USB: serial: simple: add libtransistor console + - USB: serial: ftdi_sio: use jtag quirk for Arrow USB Blaster + - USB: serial: cp210x: add ID for NI USB serial console + - [arm64] serial: mvebu-uart: Fix local flags handling on termios update + - usb: typec: ucsi: Increase command completion timeout value + - usb: core: Add quirk for HP v222w 16GB Mini + - USB: Increment wakeup count on remote wakeup. + - ALSA: usb-audio: Skip broken EU on Dell dock USB-audio + - virtio: add ability to iterate over vqs + - virtio_console: don't tie bufs to a vq + - virtio_console: free buffers after reset + - virtio_console: drop custom control queue cleanup + - virtio_console: move removal code + - virtio_console: reset on out of memory + - drm/virtio: fix vq wait_event condition + - tty: Don't call panic() at tty_ldisc_init() + - tty: n_gsm: Fix long delays with control frame timeouts in ADM mode + - tty: n_gsm: Fix DLCI handling for ADM mode if debug & 2 is not set + - tty: Avoid possible error pointer dereference at tty_ldisc_restore(). + - tty: Use __GFP_NOFAIL for tty_ldisc_get() + - ALSA: dice: fix OUI for TC group + - ALSA: dice: fix error path to destroy initialized stream data + - ALSA: hda - Skip jack and others for non-existing PCM streams + - ALSA: opl3: Hardening for potential Spectre v1 + - ALSA: asihpi: Hardening for potential Spectre v1 + - ALSA: hdspm: Hardening for potential Spectre v1 + - ALSA: rme9652: Hardening for potential Spectre v1 + - ALSA: control: Hardening for potential Spectre v1 + - ALSA: pcm: Return negative delays from SNDRV_PCM_IOCTL_DELAY. + - ALSA: core: Report audio_tstamp in snd_pcm_sync_ptr + - ALSA: seq: oss: Fix unbalanced use lock for synth MIDI device + - ALSA: seq: oss: Hardening for potential Spectre v1 + - ALSA: hda: Hardening for potential Spectre v1 + - ALSA: hda/realtek - Add some fixes for ALC233 + - ALSA: hda/realtek - Update ALC255 depop optimize + - ALSA: hda/realtek - change the location for one of two front mics + - mtd: spi-nor: cadence-quadspi: Fix page fault kernel panic + - mtd: cfi: cmdset_0001: Do not allow read/write to suspend erase block. + - mtd: cfi: cmdset_0001: Workaround Micron Erase suspend bug. + - mtd: cfi: cmdset_0002: Do not allow read/write to suspend erase block. + - mtd: rawnand: tango: Fix struct clk memory leak + - mtd: rawnand: marvell: fix the chip-select DT parsing logic + - kobject: don't use WARN for registration failures + - scsi: sd_zbc: Avoid that resetting a zone fails sporadically + - scsi: sd: Defer spinning up drive while SANITIZE is in progress + - blk-mq: start request gstate with gen 1 + - bfq-iosched: ensure to clear bic/bfqq pointers when preparing request + - block: do not use interruptible wait anywhere + - [s390x] vfio: ccw: process ssch with interrupts disabled + - [arm64] PCI: aardvark: Fix logic in advk_pcie_{rd,wr}_conf() + - [arm64] PCI: aardvark: Set PIO_ADDR_LS correctly in advk_pcie_rd_conf() + - [arm64] PCI: aardvark: Use ISR1 instead of ISR0 interrupt in legacy irq + mode + - [arm64] PCI: aardvark: Fix PCIe Max Read Request Size setting + - [armhf,arm64] KVM: Close VMID generation race + - [powerpc*] mm: Flush cache on memory hot(un)plug + - [powerpc*] mce: Fix a bug where mce loops on memory UE. + - [powerpc*] powernv/npu: Do a PID GPU TLB flush when invalidating a large + address range + - crypto: drbg - set freed buffers to NULL + - libceph: un-backoff on tick when we have a authenticated session + - libceph: reschedule a tick in finish_hunting() + - libceph: validate con->state at the top of try_write() + - PCI / PM: Do not clear state_saved in pci_pm_freeze() when smart suspend + is set + - module: Fix display of wrong module .text address + - earlycon: Use a pointer table to fix __earlycon_table stride + - [powerpc*] cpufreq: powernv: Fix hardlockup due to synchronous smp_call + in timer interrupt + - [powerpc*] rtc: opal: Fix OPAL RTC driver OPAL_BUSY loops + - drm/edid: Reset more of the display info + - drm/amdgpu: set COMPUTE_PGM_RSRC1 for SGPR/VGPR clearing shaders + - [x86] drm/i915/fbdev: Enable late fbdev initial configuration + - [x86] drm/i915/audio: set minimum CD clock to twice the BCLK + - [x86] drm/i915: Enable display WA#1183 from its correct spot + - drm/amd/display: Fix deadlock when flushing irq + - drm/amd/display: Don't read EDID in atomic_check + - drm/amd/display: Disallow enabling CRTC without primary plane with FB + - objtool, perf: Fix GCC 8 -Wrestrict error + - [x86] ipc: Fix x32 version of shmid64_ds and msqid64_ds + - [x86] smpboot: Don't use mwait_play_dead() on AMD systems + - [x86] microcode/intel: Save microcode patch unconditionally + - [x86] microcode: Do not exit early from __reload_late() + - tick/sched: Do not mess with an enqueued hrtimer + - [x86] crypto: ccp - add check to get PSP master only when PSP is + detected + - [armhf,arm64] KVM: Add PSCI version selection API + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.8 + - ACPI / button: make module loadable when booted in non-ACPI mode + - [arm64] Add work around for Arm Cortex-A55 Erratum 1024718 + - ALSA: hda - Fix incorrect usage of IS_REACHABLE() + - ALSA: pcm: Check PCM state at xfern compat ioctl + - ALSA: seq: Fix races at MIDI encoding in snd_virmidi_output_trigger() + - ALSA: dice: fix kernel NULL pointer dereference due to invalid + calculation for array index + - ALSA: aloop: Mark paused device as inactive + - ALSA: aloop: Add missing cable lock to ctl API callbacks + - errseq: Always report a writeback error once + - tracepoint: Do not warn on ENOMEM + - scsi: target: Fix fortify_panic kernel exception + - Input: leds - fix out of bound access + - Input: atmel_mxt_ts - add touchpad button mapping for Samsung Chromebook + Pro + - swiotlb: fix inversed DMA_ATTR_NO_WARN test + - rtlwifi: cleanup 8723be ant_sel definition + - xfs: prevent creating negative-sized file via INSERT_RANGE + - RDMA/cxgb4: release hw resources on device removal + - RDMA/ucma: Allow resolving address w/o specifying source address + - RDMA/mlx5: Fix multiple NULL-ptr deref errors in rereg_mr flow + - RDMA/mlx4: Add missed RSS hash inner header flag + - RDMA/mlx5: Protect from shift operand overflow + - NET: usb: qmi_wwan: add support for ublox R410M PID 0x90b2 + - IB/mlx5: Use unlimited rate when static rate is not supported + - infiniband: mlx5: fix build errors when INFINIBAND_USER_ACCESS=m + - IB/hfi1: Fix handling of FECN marked multicast packet + - IB/hfi1: Fix loss of BECN with AHG + - IB/hfi1: Fix NULL pointer dereference when invalid num_vls is used + - iw_cxgb4: Atomically flush per QP HW CQEs + - btrfs: Take trans lock before access running trans in check_delayed_ref + - [arm64,armhf] drm/vc4: Make sure vc4_bo_{inc,dec}_usecnt() calls are + balanced + - [x86] drm/vmwgfx: Fix a buffer object leak + - drm/bridge: vga-dac: Fix edid memory leak + - xhci: Fix use-after-free in xhci_free_virt_device + - USB: serial: visor: handle potential invalid device configuration + - [arm64,armhf] usb: dwc3: gadget: Fix list_del corruption in + dwc3_ep_dequeue + - USB: Accept bulk endpoints with 1024-byte maxpacket + - USB: serial: option: reimplement interface masking + - USB: serial: option: adding support for ublox R410M + - [arm64,armhf] usb: musb: host: fix potential NULL pointer dereference + - [arm64, armhf] usb: musb: trace: fix NULL pointer dereference in + musb_g_tx() + - [x86] platform/x86: asus-wireless: Fix NULL pointer dereference + - [x86] platform/x86: Kconfig: Fix dell-laptop dependency chain. + - [x86] KVM: remove APIC Timer periodic/oneshot spikes + - [x86] tsc: Always unregister clocksource_tsc_early + - [x86] tsc: Fix mark_tsc_unstable() + - [arm64] irqchip/qcom: Fix check for spurious interrupts + - clocksource: Allow clocksource_mark_unstable() on unregistered + clocksources + - clocksource: Initialize cs->wd_list + - clocksource: Consistent de-rate when marking unstable + - tracing: Fix bad use of igrab in trace_uprobe.c + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.9 + - ipvs: fix rtnl_lock lockups caused by start_sync_thread + - netfilter: ebtables: don't attempt to allocate 0-sized compat array + - clk: ti: fix flag space conflict with clkctrl clocks + - rds: tcp: must use spin_lock_irq* and not spin_lock_bh with + rds_tcp_conn_lock + - crypto: af_alg - fix possible uninit-value in alg_bind() + - netlink: fix uninit-value in netlink_sendmsg + - net: fix rtnh_ok() + - net: initialize skb->peeked when cloning + - net: fix uninit-value in __hw_addr_add_ex() + - dccp: initialize ireq->ir_mark + - ipv4: fix uninit-value in ip_route_output_key_hash_rcu() + - soreuseport: initialise timewait reuseport field + - inetpeer: fix uninit-value in inet_getpeer + - bpf/tracing: fix a deadlock in perf_event_detach_bpf_prog + - memcg: fix per_node_info cleanup + - perf: Remove superfluous allocation error check + - i2c: dev: prevent ZERO_SIZE_PTR deref in i2cdev_ioctl_rdwr() + - tcp: fix TCP_REPAIR_QUEUE bound checking + - bdi: wake up concurrent wb_shutdown() callers. + - bdi: Fix use after free bug in debugfs_remove() + - bdi: Fix oops in wb_workfn() + - compat: fix 4-byte infoleak via uninitialized struct field + - gpioib: do not free unrequested descriptors + - gpio: fix error path in lineevent_create + - rfkill: gpio: fix memory leak in probe error path + - libata: Apply NOLPM quirk for SanDisk SD7UB3Q*G1001 SSDs + - dm integrity: use kvfree for kvmalloc'd memory + - tracing: Fix regex_match_front() to not over compare the test string + - mm: sections are not offlined during memory hotremove + - mm, oom: fix concurrent munlock and oom reaper unmap (CVE-2018-1000200) + - ceph: fix rsize/wsize capping in ceph_direct_read_write() + - can: kvaser_usb: Increase correct stats counter in kvaser_usb_rx_can_msg() + - [armhf,arm64] drm/vc4: Fix scaling of uni-planar formats + - drm/ttm: Use GFP_TRANSHUGE_LIGHT for allocating huge pages + - [x86] drm/i915: Fix drm:intel_enable_lvds ERROR message in kernel log + - [x86] drm/i915: Adjust eDP's logical vco in a reliable place. + - drm/nouveau: Fix deadlock in nv50_mstm_register_connector() + (Closes: #898825) + - drm/nouveau/ttm: don't dereference nvbo::cli, it can outlive client + - drm/atomic: Clean old_state/new_state in drm_atomic_state_default_clear() + - drm/atomic: Clean private obj old_state/new_state in + drm_atomic_state_default_clear() + - net: atm: Fix potential Spectre v1 + - atm: zatm: Fix potential Spectre v1 + - PCI / PM: Always check PME wakeup capability for runtime wakeup support + - PCI / PM: Check device_may_wakeup() in pci_enable_wake() + - cpufreq: schedutil: Avoid using invalid next_freq + - Revert "Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174" + - [x86] Bluetooth: btusb: Add Dell XPS 13 9360 to + btusb_needs_reset_resume_table + - Bluetooth: btusb: Only check needs_reset_resume DMI table for QCA rome + chipsets + - [armhf] thermal: exynos: Reading temperature makes sense only when TMU is + turned on + - [armhf] thermal: exynos: Propagate error value from tmu_read() + - nvme: add quirk to force medium priority for SQ creation + - nvme: Fix sync controller reset return + - smb3: directory sync should not return an error + - swiotlb: silent unwanted warning "buffer is full" + - sched/core: Fix possible Spectre-v1 indexing for sched_prio_to_weight[] + - sched/autogroup: Fix possible Spectre-v1 indexing for + sched_prio_to_weight[] + - tracing/uprobe_event: Fix strncpy corner case + - [x86] perf: Fix possible Spectre-v1 indexing for hw_perf_event cache_* + - [x86] perf/cstate: Fix possible Spectre-v1 indexing for pkg_msr + - [x86] perf/msr: Fix possible Spectre-v1 indexing in the MSR driver + - perf/core: Fix possible Spectre-v1 indexing for ->aux_pages[] + - [x86] perf: Fix possible Spectre-v1 indexing for x86_pmu::event_map() + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.10 + - 8139too: Use disable_irq_nosync() in rtl8139_poll_controller() + - bridge: check iface upper dev when setting master via ioctl + - dccp: fix tasklet usage + - ipv4: fix fnhe usage by non-cached routes + - ipv4: fix memory leaks in udp_sendmsg, ping_v4_sendmsg + - llc: better deal with too small mtu + - net: ethernet: sun: niu set correct packet size in skb + - [armhf] net: ethernet: ti: cpsw: fix packet leaking in dual_mac mode + - net/mlx4_en: Fix an error handling path in 'mlx4_en_init_netdev()' + - net/mlx4_en: Verify coalescing parameters are in range + - net/mlx5e: Err if asked to offload TC match on frag being first + - net/mlx5: E-Switch, Include VF RDMA stats in vport statistics + - net sched actions: fix refcnt leak in skbmod + - net_sched: fq: take care of throttled flows before reuse + - net: support compat 64-bit time in {s,g}etsockopt + - openvswitch: Don't swap table in nlattr_set() after OVS_ATTR_NESTED is + found + - qmi_wwan: do not steal interfaces from class drivers + - r8169: fix powering up RTL8168h + - rds: do not leak kernel memory to user land + - sctp: delay the authentication for the duplicated cookie-echo chunk + - sctp: fix the issue that the cookie-ack with auth can't get processed + - sctp: handle two v4 addrs comparison in sctp_inet6_cmp_addr + - sctp: remove sctp_chunk_put from fail_mark err path in + sctp_ulpevent_make_rcvmsg + - sctp: use the old asoc when making the cookie-ack chunk in dupcook_d + - tcp_bbr: fix to zero idle_restart only upon S/ACKed data + - tcp: ignore Fast Open on repair mode + - tg3: Fix vunmap() BUG_ON() triggered from tg3_free_consistent(). + - bonding: do not allow rlb updates to invalid mac + - bonding: send learning packets for vlans on slave + - net: sched: fix error path in tcf_proto_create() when modules are not + configured + - net/mlx5e: TX, Use correct counter in dma_map error flow + - net/mlx5: Avoid cleaning flow steering table twice during error flow + - [x86] hv_netvsc: set master device + - ipv6: fix uninit-value in ip6_multipath_l3_keys() + - net/mlx5e: Allow offloading ipv4 header re-write for icmp + - udp: fix SO_BINDTODEVICE + - net/mlx5e: DCBNL fix min inline header size for dscp + - sctp: clear the new asoc's stream outcnt in sctp_stream_update + - tcp: restore autocorking + - tipc: fix one byte leak in tipc_sk_set_orig_addr() + - [x86] hv_netvsc: Fix net device attach on older Windows hosts + - ipv4: reset fnhe_mtu_locked after cache route flushed + - net/mlx5: Fix mlx5_get_vector_affinity function + - net: phy: sfp: fix the BR,min computation + - net/smc: keep clcsock reference in smc_tcp_listen_work() + - scsi: aacraid: Correct hba_send to include iu_type + - proc: do not access cmdline nor environ from file-backed areas + (CVE-2018-1120) + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.11 + - xhci: Fix USB3 NULL pointer dereference at logical disconnect. + - usbip: usbip_host: refine probe and disconnect debug msgs to be useful + - usbip: usbip_host: delete device from busid_table after rebind + - usbip: usbip_host: run rebind from exit when module is removed + - usbip: usbip_host: fix NULL-ptr deref and use-after-free errors + - usbip: usbip_host: fix bad unlock balance during stub_probe() + - ALSA: usb: mixer: volume quirk for CM102-A+/102S+ + - ALSA: hda/realtek - Clevo P950ER ALC1220 Fixup + - ALSA: hda: Add Lenovo C50 All in one to the power_save blacklist + - ALSA: control: fix a redundant-copy issue + - [amd64] spi: pxa2xx: Allow 64-bit DMA + - KVM: vmx: update sec exec controls for UMIP iff emulating UMIP + - [armhf,arm64] KVM: Properly protect VGIC locks from IRQs + - [armhf,arm64] KVM: VGIC/ITS: Promote irq_lock() in update_affinity + - [armhf,arm64] KVM: VGIC/ITS save/restore: protect kvm_read_guest() calls + - [armhf,arm64] KVM: VGIC/ITS: protect kvm_read_guest() calls with SRCU + lock + - hwmon: (k10temp) Fix reading critical temperature register + - hwmon: (k10temp) Use API function to access System Management Network + - [s390x] vfio: ccw: fix cleanup if cp_prefetch fails + - tracing/x86/xen: Remove zero data size trace events + trace_xen_mmu_flush_tlb{_all} + - vsprintf: Replace memory barrier with static_key for random_ptr_key + update + - [x86] amd_nb: Add support for Raven Ridge CPUs + - [arm64] tee: shm: fix use-after-free via temporarily dropped reference + - netfilter: nf_tables: free set name in error path + - netfilter: nf_tables: can't fail after linking rule into active rule + list + - netfilter: nf_tables: nf_tables_obj_lookup_byhandle() can be static + - [arm64] dts: marvell: armada-cp110: Add clocks for the xmdio node + - [arm64] dts: marvell: armada-cp110: Add mg_core_clk for ethernet node + - i2c: designware: fix poll-after-enable regression + - mtd: rawnand: marvell: Fix read logic for layouts with ->nchunks > 2 + - [powerpc*] powerpc/powernv: Fix NVRAM sleep in invalid context when + crashing + - drm: Match sysfs name in link removal to link creation + - radix tree: fix multi-order iteration race + - mm: don't allow deferred pages with NEED_PER_CPU_KM + - [x86] drm/i915/gen9: Add WaClearHIZ_WM_CHICKEN3 for bxt and glk + - [s390x] qdio: fix access to uninitialized qdio_q fields + - [s390x] cpum_sf: ensure sample frequency of perf event attributes is + non-zero + - [s390x] qdio: don't release memory in qdio_setup_irq() + - [s390x] remove indirect branch from do_softirq_own_stack + - bcache: return 0 from bch_debug_init() if CONFIG_DEBUG_FS=n + - [x86] pkeys: Override pkey when moving away from PROT_EXEC + - [x86] pkeys: Do not special case protection key 0 + - efi: Avoid potential crashes, fix the 'struct efi_pci_io_protocol_32' + definition for mixed mode + - [arm*] 8771/1: kprobes: Prohibit kprobes on do_undefinstr + - [x86] apic/x2apic: Initialize cluster ID properly + - [x86] mm: Drop TS_COMPAT on 64-bit exec() syscall + - tick/broadcast: Use for_each_cpu() specially on UP kernels + - [arm*] 8769/1: kprobes: Fix to use get_kprobe_ctlblk after irq-disabed + - [arm*] 8770/1: kprobes: Prohibit probing on optimized_callback + - [arm*] 8772/1: kprobes: Prohibit kprobes on get_user functions + - Btrfs: fix xattr loss after power failure + - Btrfs: send, fix invalid access to commit roots due to concurrent + snapshotting + - btrfs: property: Set incompat flag if lzo/zstd compression is set + - btrfs: fix crash when trying to resume balance without the resume flag + - btrfs: Split btrfs_del_delalloc_inode into 2 functions + - btrfs: Fix delalloc inodes invalidation during transaction abort + - btrfs: fix reading stale metadata blocks after degraded raid1 mounts + - x86/nospec: Simplify alternative_msr_write() + - x86/bugs: Concentrate bug detection into a separate function + - x86/bugs: Concentrate bug reporting into a separate function + - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits + - x86/bugs, KVM: Support the combination of guest and host IBRS + - x86/bugs: Expose /sys/../spec_store_bypass + - x86/cpufeatures: Add X86_FEATURE_RDS + - x86/bugs: Provide boot parameters for the spec_store_bypass_disable + mitigation + - x86/bugs/intel: Set proper CPU features and setup RDS + - x86/bugs: Whitelist allowed SPEC_CTRL MSR values + - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested + - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest + - x86/speculation: Create spec-ctrl.h to avoid include hell + - prctl: Add speculation control prctls + - x86/process: Allow runtime control of Speculative Store Bypass + - x86/speculation: Add prctl for Speculative Store Bypass mitigation + - nospec: Allow getting/setting on non-current task + - proc: Provide details on speculation flaw mitigations + - seccomp: Enable speculation flaw mitigations + - x86/bugs: Make boot modes __ro_after_init + - prctl: Add force disable speculation + - seccomp: Use PR_SPEC_FORCE_DISABLE + - seccomp: Add filter flag to opt-out of SSB mitigation + - seccomp: Move speculation migitation control to arch code + - x86/speculation: Make "seccomp" the default mode for Speculative Store + Bypass + - x86/bugs: Rename _RDS to _SSBD + - proc: Use underscores for SSBD in 'status' + - Documentation/spec_ctrl: Do some minor cleanups + - x86/bugs: Fix __ssb_select_mitigation() return type + - x86/bugs: Make cpu_show_common() static + - x86/bugs: Fix the parameters alignment and missing void + - x86/cpu: Make alternative_msr_write work for 32-bit code + - KVM: SVM: Move spec control call after restore of GS + - x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP + - x86/cpufeatures: Disentangle MSR_SPEC_CTRL enumeration from IBRS + - x86/cpufeatures: Disentangle SSBD enumeration + - x86/cpufeatures: Add FEATURE_ZEN + - x86/speculation: Handle HT correctly on AMD + - x86/bugs, KVM: Extend speculation control for VIRT_SPEC_CTRL + - x86/speculation: Add virtualized speculative store bypass disable + support + - x86/speculation: Rework speculative_store_bypass_update() + - x86/bugs: Unify x86_spec_ctrl_{set_guest,restore_host} + - x86/bugs: Expose x86_spec_ctrl_base directly + - x86/bugs: Remove x86_spec_ctrl_set() + - x86/bugs: Rework spec_ctrl base and mask logic + - x86/speculation, KVM: Implement support for VIRT_SPEC_CTRL/LS_CFG + - KVM: SVM: Implement VIRT_SPEC_CTRL support for SSBD + - x86/bugs: Rename SSBD_NO to SSB_NO + - bpf: Prevent memory disambiguation attack + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.12 + - net/mlx5: Fix build break when CONFIG_SMP=n + - net: Fix a bug in removing queues from XPS map + - net/mlx4_core: Fix error handling in mlx4_init_port_info. + - net/sched: fix refcnt leak in the error path of tcf_vlan_init() + - net: sched: red: avoid hashing NULL child + - net/smc: check for missing nlattrs in SMC_PNETID messages + - net: test tailroom before appending to linear skb + - packet: in packet_snd start writing at link layer allocation + - sock_diag: fix use-after-free read in __sk_free + - tcp: purge write queue in tcp_connect_init() + - tun: fix use after free for ptr_ring + - tuntap: fix use after free during release + - cxgb4: Correct ntuple mask validation for hash filters + - [armhf] net: dsa: bcm_sf2: Fix RX_CLS_LOC_ANY overwrite for last rule + - net: dsa: Do not register devlink for unused ports + - [armhf] net: dsa: bcm_sf2: Fix IPv6 rules and chain ID + - [armhf] net: dsa: bcm_sf2: Fix IPv6 rule half deletion + - 3c59x: convert to generic DMA API + - cxgb4: fix offset in collecting TX rate limit info + - vmxnet3: set the DMA mask before the first DMA map operation + - vmxnet3: use DMA memory barriers where required + - net: ip6_gre: Request headroom in __gre6_xmit() + - net: ip6_gre: Fix headroom request in ip6erspan_tunnel_xmit() + - net: ip6_gre: Split up ip6gre_tnl_link_config() + - net: ip6_gre: Split up ip6gre_tnl_change() + - net: ip6_gre: Split up ip6gre_newlink() + - net: ip6_gre: Split up ip6gre_changelink() + - net: ip6_gre: Fix ip6erspan hlen calculation + - net: ip6_gre: fix tunnel metadata device sharing. + - [sparc*]: vio: use put_device() instead of kfree() + - ext2: fix a block leak + - [powerpc*] rfi-flush: Always enable fallback flush on pseries + - [powerpc*] Add security feature flags for Spectre/Meltdown + - [powerpc*] pseries: Add new H_GET_CPU_CHARACTERISTICS flags + - [powerpc*] pseries: Set or clear security feature flags + - [powerpc*] powerpc/powernv: Set or clear security feature flags + - [powerpc*] powerpc/64s: Move cpu_show_meltdown() + - [powerpc*] powerpc/64s: Enhance the information in cpu_show_meltdown() + - [powerpc*] powerpc/powernv: Use the security flags in + pnv_setup_rfi_flush() + - [powerpc*] powerpc/pseries: Use the security flags in + pseries_setup_rfi_flush() + - [powerpc*] powerpc/64s: Wire up cpu_show_spectre_v1() + - [powerpc*] powerpc/64s: Wire up cpu_show_spectre_v2() + - [powerpc*] powerpc/pseries: Fix clearing of security feature flags + - [powerpc*] powerpc: Move default security feature flags + - [powerpc*] powerpc/64s: Add support for a store forwarding barrier at + kernel entry/exit + - [s390x] move nobp parameter functions to nospec-branch.c + - [s390x] add automatic detection of the spectre defense + - [s390x] report spectre mitigation via syslog + - [s390x] add sysfs attributes for spectre + - [s390x] add assembler macros for CPU alternatives + - [s390x] correct nospec auto detection init order + - [s390x] correct module section names for expoline code revert + - [s390x] move expoline assembler macros to a header + - [s390x] crc32-vx: use expoline for indirect branches + - [s390x] lib: use expoline for indirect branches + - [s390x] ftrace: use expoline for indirect branches + - [s390x] kernel: use expoline for indirect branches + - [s390x] move spectre sysfs attribute code + - [s390x] extend expoline to BC instructions + - [s390x] use expoline thunks in the BPF JIT + - scsi: sg: allocate with __GFP_ZERO in sg_build_indirect() + - [s390x] scsi: zfcp: fix infinite iteration on ERP ready list + - Bluetooth: btusb: Add USB ID 7392:a611 for Edimax EW-7611ULB + - ALSA: usb-audio: Add native DSD support for Luxman DA-06 + - [arm64,armhf] usb: dwc3: Add SoftReset PHY synchonization delay + - [arm64,armhf] usb: dwc3: Update DWC_usb31 GTXFIFOSIZ reg fields + - [arm64,armhf] usb: dwc3: Makefile: fix link error on randconfig + - xhci: zero usb device slot_id member when disabling and freeing a xhci slot + - [arm64,armhf] usb: dwc2: Fix interval type issue + - [arm64,armhf] usb: dwc2: hcd: Fix host channel halt flow + - [arm64,armhf] usb: dwc2: host: Fix transaction errors in host mode + - usbip: Correct maximum value of CONFIG_USBIP_VHCI_HC_PORTS + - media: em28xx: USB bulk packet size fix + - Bluetooth: btusb: Add device ID for RTL8822BE + - Bluetooth: btusb: Add support for Intel Bluetooth device 22560 + [8087:0026] + - xhci: Show what USB release number the xHC supports from protocol + capablity + - loop: don't call into filesystem while holding lo_ctl_mutex + - loop: fix LOOP_GET_STATUS lock imbalance + - cfg80211: limit wiphy names to 128 bytes + - hfsplus: stop workqueue when fill_super() failed + - [x86] kexec: Avoid double free_page() upon do_kexec_load() failure + - staging: bcm2835-audio: Release resources on module_exit() + - staging: lustre: fix bug in osc_enter_cache_try + - [x86] staging: rtl8192u: return -ENOMEM on failed allocation of + priv->oldaddr + - staging: lustre: lmv: correctly iput lmo_root + - [arm64] crypto: inside-secure - move the digest to the request context + - [arm64] crypto: inside-secure - wait for the request to complete if in + the backlog + - [x86] crypto: ccp - don't disable interrupts while setting up debugfs + - [arm64] crypto: inside-secure - do not process request if no command was + issued + - [arm64] crypto: inside-secure - fix the cache_len computation + - [arm64] crypto: inside-secure - fix the extra cache computation + - [arm64] crypto: inside-secure - do not overwrite the threshold value + - [armhf] crypto: sunxi-ss - Add MODULE_ALIAS to sun4i-ss + - [arm64] crypto: inside-secure - fix the invalidation step during + cra_exit + - scsi: aacraid: Insure command thread is not recursively stopped + - scsi: devinfo: add HP DISK-SUBSYSTEM device, for HP XP arrays + - scsi: lpfc: Fix NVME Initiator FirstBurst + - scsi: core: Make SCSI Status CONDITION MET equivalent to GOOD + - scsi: mvsas: fix wrong endianness of sgpio api + - scsi: lpfc: Fix issue_lip if link is disabled + - scsi: lpfc: Fix nonrecovery of NVME controller after cable swap. + - scsi: lpfc: Fix soft lockup in lpfc worker thread during LIP testing + - scsi: lpfc: Fix IO failure during hba reset testing with nvme io. + - scsi: lpfc: Fix frequency of Release WQE CQEs + - [armhf] clk: rockchip: Fix wrong parent for SDMMC phase clock for rk3228 + - clk: Don't show the incorrect clock phase + - clk: hisilicon: mark wdt_mux_p[] as const + - [arm64,armhf] clk: tegra: Fix pll_u rate configuration + - [armhf] clk: rockchip: Prevent calculating mmc phase if clock rate is + zero + - [armhf] clk: samsung: s3c2410: Fix PLL rates + - [armhf] clk: samsung: exynos7: Fix PLL rates + - [armhf] clk: samsung: exynos5260: Fix PLL rates + - [armhf] clk: samsung: exynos5433: Fix PLL rates + - [armhf] clk: samsung: exynos5250: Fix PLL rates + - [armhf] clk: samsung: exynos3250: Fix PLL rates + - clk: meson: axg: fix the od shift of the sys_pll + - clk: meson: axg: add the fractional part of the fixed_pll + - media: cx23885: Override 888 ImpactVCBe crystal frequency + - media: cx23885: Set subdev host data to clk_freq pointer + - media: em28xx: Add Hauppauge SoloHD/DualHD bulk models + - media: v4l: vsp1: Fix display stalls when requesting too many inputs + - media: i2c: adv748x: fix HDMI field heights + - media: vb2: Fix videobuf2 to map correct area + - media: vivid: fix incorrect capabilities for radio + - media: cx25821: prevent out-of-bounds read on array card + - [arm64] serial: mvebu-uart: fix tx lost characters + - [sh4] serial: sh-sci: Fix out-of-bounds access through DT alias + - [armhf] serial: samsung: Fix out-of-bounds access through serial port + index + - [armhf] serial: imx: Fix out-of-bounds access through serial port index + - [armhf] serial: arc_uart: Fix out-of-bounds access through DT alias + - [arm*] serial: 8250: Don't service RX FIFO if interrupts are disabled + - [armhf] rtc: snvs: Fix usage of snvs_rtc_enable + - rtc: hctosys: Ensure system time doesn't overflow time_t + - [arm64,armhf] rtc: rk808: fix possible race condition + - [armel/marvell] rtc: m41t80: fix race conditions + - [m68k] rtc: rp5c01: fix possible race condition + + [ Romain Perier ] + * [armhf] DRM: Enable DW_HDMI_AHB_AUDIO and DW_HDMI_CEC (Closes: #897204) + * [armhf] MFD: Enable MFD_TPS65217 (Closes: #897590) + + [ Ben Hutchings ] + * kbuild: use -fmacro-prefix-map to make __FILE__ a relative path + * Bump ABI to 2 + * [rt] Update to 4.16.8-rt3 + * [x86] KVM: VMX: Expose SSBD properly to guests. + + [ Salvatore Bonaccorso ] + * [rt] Update to 4.16.7-rt1 and reenable + * [rt] certs: Reference certificate for test key used in Debian signing + service + + -- Salvatore Bonaccorso <carnil@debian.org> Sun, 27 May 2018 14:05:03 +0200 + +linux (4.16.5-1) unstable; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.1 + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.2 + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.3 + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.4 + - ext4: limit xattr size to INT_MAX (CVE-2018-1095) + - random: fix crng_ready() test (CVE-2018-1108) + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.5 + + [ Ben Hutchings ] + * aufs: gen-patch: Fix Subject generation to skip SPDX-License-Identifier + * aufs: Update support patchset to aufs4.16-20180409 (no functional change) + * wireless: Add Debian wireless-regdb certificates (see #892229) + * Add support for compilers installed outside the default PATH + * linux-headers: Change linux-kbuild dependency to be versioned + * Set ABI to 1 + * [x86,arm64] Disable code signing for upload to unstable + * debian/lib/python/debian_linux/debian.py: Fix binNMU changelog parsing + * debian/lib/python/debian_linux/debian.py: Fix binNMU revision parsing + * xfs: enhance dinode verifier (CVE-2018-10322) + * xfs: set format back to extents if xfs_bmap_extents_to_btree + (CVE-2018-10323) + * udeb: Add algif_skcipher to crypto-modules (Closes: #896968) + * ext4: fix bitmap position validation (fixes regression in 4.15.17-1) + * debian/lib/python/debian_linux/gencontrol.py: Allow uploads to *-security + with a simple revision + + [ Vagrant Cascadian ] + * [arm64] Add patches to support SATA on Tegra210/Jetson-TX1. + + [ James Clarke ] + * [ia64] Drop nic-modules Depends overrides (fixes FTBFS) + + [ Vagrant Cascadian ] + * [arm64] Enable features to support Pinebook and other A64 systems: + CONFIG_USB_MUSB_HDRC, CONFIG_USB_MUSB_SUNXI, CONFIG_SUN8I_DE2_CCU, + CONFIG_DMA_SUN6I + * [arm64] Add patch enabling simplefb LCD on A64. + + [ Roger Shimizu ] + * [armel] Add dependency of udeb modules (fixes FTBFS): + - Add lzo_decompress to lzo-modules. + - Add cmdlinepart to mtd-modules. + * [armel] Add dependency of udeb packages (fixes FTBFS): + - Add package dependency of mtd-modules to jffs2-modules. + - Add package dependency of lzo-modules to squashfs-modules. + + [ Helge Deller ] + * [hppa] Switch to self-decompressing kernel to save disk space in /boot + + [ Uwe Kleine-König ] + * [amd64] enable AMD 10GbE Ethernet driver (CONFIG_AMD_XGBE=m) + + -- Ben Hutchings <ben@decadent.org.uk> Sun, 29 Apr 2018 17:09:14 +0100 + +linux (4.16-1~exp1) experimental; urgency=medium + + * New upstream release: https://kernelnewbies.org/Linux_4.16 + + [ Jeremy Stanley ] + * [x86] Power management support for GPD Pocket UMPC systems + (Closes: #895164) + - Enable CONFIG_PWM_LPSS_PLATFORM as a module (provides support for the + low-level power subsystem handling backlight control) along with its + dependency CONFIG_PWM=y + - Enable CONFIG_INTEL_INT0002_VGPIO as a module (provides support for the + Bay Trail/Cherry Trail virtual GPIO controller to handle power events) + - Enable CONFIG_REGULATOR (needed to build the already enabled + CONFIG_INTEL_CHT_INT33FE module which provides support for the ACPI + interface) + - Enable CONFIG_TYPEC_FUSB302 as a module (provides support for the USB + type-C interface) along with its dependencies CONFIG_TYPEC=m and + CONFIG_TYPEC_TCPM=m + - Enable CONFIG_BATTERY_MAX17042 as a module (provides support for the + battery level monitor) + - Enable CONFIG_CHARGER_BQ24190 as a module (provides support for the + battery charger) along with its dependencies CONFIG_EXTCON=m, + CONFIG_EXTCON_INTEL_CHT_WC=m, CONFIG_I2C_CHT_WC=m and + CONFIG_INTEL_SOC_PMIC_CHTWC=y + + [ Roger Shimizu ] + * [armel] Bring back armel build by reverting two commits that disabled + armel previously: + - [2ed70eb] "Add empty featuresets for armel to help abiupdate script" + - [5f62872] "(Temporarily) disable armel kernel image build" + * [armel] Reduce armel image size by: + - Set CONFIG_CRYPTO_MANAGER_DISABLE_TESTS=y + - Change MTD, MTD_CMDLINE_PARTS, RTC_DRV_MV, and SPI_ORION from + built-in to module. + - Disable VT, ZSWAP, RD_BZIP2, and RD_LZMA. + Thanks to Leigh Brown <leigh@solinno.co.uk> for his idea to disable VT. + + [ Riku Voipio ] + * [armhf] Add dove cubox support, thanks to Josua Mayer (Closes: #876774) + + [ Sjoerd Simons ] + * Enable DRM_DP_AUX_CHARDEV (Closes: #890235) + + [ Ben Hutchings ] + * Set ABI name to trunk + * debian/config: Rename [build]signed-modules setting to signed-code + * debian/lib/python/debian_linux/gencontrol.py: Allow overriding output + filenames + * debian/lib/python/debian_linux/debian.py: Close changelog after parsing + * debian/lib/python/debian_linux/debian.py: Allow parsing any file as + changelog + * debian/rules.d/tools/lib/lockdep/Makefile: Fix repeated 'make install' + * Add template source package to support code signing + * Use a dummy build profile for udebs that we test-build before signing + * debian/lib/python/debian_linux/debian.py: Parse bottom lines of changelog + entries + * debian/bin/gencontrol_signed.py: Copy maintainer and date into template's + changelog + * [x86,arm64] Enable code signing again + * certs: Add certificate for test key used in Debian signing service + * integrity: Disable IMA until it works properly with lockdown + + -- Ben Hutchings <ben@decadent.org.uk> Sun, 08 Apr 2018 14:44:18 +0200 + +linux (4.16~rc6-1~exp1) experimental; urgency=medium + + * New upstream release candidate + + [ Jeremy Stanley ] + * [x86] Enable CONFIG_GPD_POCKET_FAN as a module (provides fan control on + GPD Pocket UMPC systems) (Closes: #893451) + + [ Uwe Kleine-König ] + * [arm64] enable various drivers as module for teres-i OSHW laptop + (Closes: #892786) + + [ Helge Deller ] + * [hppa] Re-enable 32-bit SMP kernel build. Qemu now supports it. + + [ Ben Hutchings ] + * udeb: Add dependency from nic-modules to zlib-modules (fixes FTBFS on + some architectures) + * i40e: Add kconfig dependency to ensure cmpxchg64() is available + (fixes FTBFS on some architectures) + * [ia64] Re-add configuration for kernel and udebs: + - Revert "Remove all support for ia64" (Closes: #886693) + - Disable IRDA, consistent with other architectures + - linux-image: Don't suggest fdutils + - Compile with gcc-7 + - linux-image: Improve flavour descriptions + - udeb: Combine core-modules/kernel-image and scsi{,-common,-extra}-modules + - udeb: Add i2c-modules + + [ Vagrant Cascadian ] + * [armhf] Enable ARCH_MESON and related drivers. + * [armhf] Add device-tree patches from linux-next to support USB and + Ethernet on meson8b. + + -- Ben Hutchings <ben@decadent.org.uk> Tue, 20 Mar 2018 13:52:03 +0000 + +linux (4.16~rc5-1~exp1) experimental; urgency=medium + + * New upstream release candidate + + [ Uwe Kleine-König ] + * netfilter: enable NFT_FIB_NETDEV as module + + [ Thadeu Lima de Souza Cascardo ] + * [powerpc,ppc64el,ppc64] Enable CRASH_DUMP (Closes: #883432) + + [ Bastian Blank ] + * Drop note about Xen from long descriptions. + + [ Vagrant Cascadian ] + * [arm64] Enable ROCKCHIP_IODOMAIN as a module, to enable PCIe reset. + * [arm64] Enable REGULATOR_FAN53555 as a module, enabling cpufreq to + work on rk3399 A72 cores. + * [arm64] Apply patch from linux-next to fix eMMC corruption on + Odroid-C2 (Closes: #879072). + + [ Ben Hutchings ] + * debian/control: Update profile qualification for build-deps on bison + and flex, which are now used to build kconfig + * debian/rules.d/tools/kconfig/Makefile: Use bison and flex to build kconfig + + -- Ben Hutchings <ben@decadent.org.uk> Tue, 13 Mar 2018 02:06:57 +0000 + +linux (4.15.17-1) unstable; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.15.12 + - [i386] vm86: Fix POPF emulation + - [i386] speculation, objtool: Annotate indirect calls/jumps for objtool on + 32-bit kernels + - [x86] speculation: Remove Skylake C2 from Speculation Control microcode + blacklist + - [x86] KVM: Fix device passthrough when SME is active + - [x86] mm: Fix vmalloc_fault to use pXd_large + - [hppa] Handle case where flush_cache_range is called with no context + - ALSA: pcm: Fix UAF in snd_pcm_oss_get_formats() + - ALSA: hda - Revert power_save option default value + - ALSA: seq: Fix possible UAF in snd_seq_check_queue() + - ALSA: seq: Clear client entry before deleting else at closing + - drm/nouveau/bl: Fix oops on driver unbind + - drm/nouveau/mmu: ALIGN_DOWN correct variable (Closes: #895750) + - drm/amdgpu: fix prime teardown order + - drm/radeon: fix prime teardown order + - drm/amdgpu/dce: Don't turn off DP sink when disconnected + - fs: Teach path_connected to handle nfs filesystems with multiple roots. + - [armhf,arm64] KVM: Reduce verbosity of KVM init log + - [armhf,arm64] KVM: Reset mapped IRQs on VM reset + - [armhf,arm64] kvm: vgic-v3: Tighten synchronization for guests using v2 + on v3 + - [armhf.arm64] KVM: vgic: Don't populate multiple LRs with the same vintid + - lock_parent() needs to recheck if dentry got __dentry_kill'ed under it + - fs/aio: Add explicit RCU grace period when freeing kioctx + - fs/aio: Use RCU accessors for kioctx_table->table[] + - RDMAVT: Fix synchronization around percpu_ref + - [armhf.arm64] irqchip/gic-v3-its: Ensure nr_ites >= nr_lpis + - nvme: fix subsystem multiple controllers support check + - xfs: preserve i_rdev when recycling a reclaimable inode + - btrfs: Fix NULL pointer exception in find_bio_stripe + - btrfs: add missing initialization in btrfs_check_shared + - btrfs: alloc_chunk: fix DUP stripe size handling + - btrfs: Fix use-after-free when cleaning up fs_devs with a single stale + device + - btrfs: remove spurious WARN_ON(ref->count < 0) in find_parent_nodes + - btrfs: Fix memory barriers usage with device stats counters + - scsi: qla2xxx: Fix smatch warning in qla25xx_delete_{rsp|req}_que + - scsi: qla2xxx: Fix NULL pointer access for fcport structure + - scsi: qla2xxx: Fix logo flag for qlt_free_session_done() + - scsi: qla2xxx: Fix crashes in qla2x00_probe_one on probe failure + - usb: dwc2: fix STM32F7 USB OTG HS compatible + - USB: gadget: udc: Add missing platform_device_put() on error in + bdc_pci_probe() + - usb: dwc3: Fix GDBGFIFOSPACE_TYPE values + - usb: dwc3: core: Power-off core/PHYs on system_suspend in host mode + - usb: dwc3: of-simple: fix oops by unbalanced clk disable call + - usb: gadget: udc: renesas_usb3: fix oops in renesas_usb3_remove() + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.15.13 + - scsi: megaraid_sas: Do not use 32-bit atomic request descriptor for + Ventura controllers + - drm/amdgpu: use polling mem to set SDMA3 wptr for VF + - Bluetooth: hci_qca: Avoid setup failure on missing rampatch + - [arm64] Bluetooth: btqcomsmd: Fix skb double free corruption + - [x86] cpufreq: longhaul: Revert transition_delay_us to 200 ms + - [arm64] drm/msm: fix leak in failed get_pages + - IB/ipoib: Warn when one port fails to initialize + - RDMA/iwpm: Fix uninitialized error code in iwpm_send_mapinfo() + - [x86] hv_netvsc: Fix the receive buffer size limit + - [x86] hv_netvsc: Fix the TX/RX buffer default sizes + - tcp: allow TLP in ECN CWR + - libbpf: prefer global symbols as bpf program name source + - rtlwifi: rtl_pci: Fix the bug when inactiveps is enabled. + - rtlwifi: always initialize variables given to RT_TRACE() + - media: bt8xx: Fix err 'bt878_probe()' + - ath10k: handling qos at STA side based on AP WMM enable/disable + - media: dvb-frontends: Add delay to Si2168 restart + - qmi_wwan: set FLAG_SEND_ZLP to avoid network initiated disconnect + - serial: 8250_dw: Disable clock on error + - [armhf,arm64] cros_ec: fix nul-termination for firmware build info + - watchdog: Fix potential kref imbalance when opening watchdog + - watchdog: Fix kref imbalance seen if handle_boot_enabled=0 + - platform/chrome: Use proper protocol transfer function + - [armhf] drm/tilcdc: ensure nonatomic iowrite64 is not used + - mmc: avoid removing non-removable hosts during suspend + - mmc: block: fix logical error to avoid memory leak + - /dev/mem: Add bounce buffer for copy-out + - [arm64] net: phy: meson-gxl: check phy_write return value + - IB/ipoib: Avoid memory leak if the SA returns a different DGID + - RDMA/cma: Use correct size when writing netlink stats + - IB/umem: Fix use of npages/nmap fields + - iser-target: avoid reinitializing rdma contexts for isert commands + - bpf/cgroup: fix a verification error for a CGROUP_DEVICE type prog + - PCI/ASPM: Calculate LTR_L1.2_THRESHOLD from device characteristics + - vgacon: Set VGA struct resource types + - [armhf] omapdrm: panel: fix compatible vendor string for td028ttec1 + - [arm64] mmc: sdhci-xenon: wait 5ms after set 1.8V signal enable + - [armhf] drm/omap: DMM: Check for DMM readiness after successful + transaction commit + - pty: cancel pty slave port buf's work in tty_release + - clk: check ops pointer on clock register + - clk: use round rate to bail out early in set_rate + - pinctrl: Really force states during suspend/resume + - [armhf,arm64] pinctrl: rockchip: enable clock when reading pin direction + register + - [x86] iommu/vt-d: clean up pr_irq if request_threaded_irq fails + - ip6_vti: adjust vti mtu according to mtu of lower device + - ip_gre: fix error path when erspan_rcv failed + - ip_gre: fix potential memory leak in erspan_rcv + - [arm64] soc: qcom: smsm: fix child-node lookup + - scsi: lpfc: Fix SCSI LUN discovery when SCSI and NVME enabled + - scsi: lpfc: Fix issues connecting with nvme initiator + - RDMA/ocrdma: Fix permissions for OCRDMA_RESET_STATS + - nfsd4: permit layoutget of executable-only files + - clk: Don't touch hardware when reparenting during registration + - hwrng: core - Clean up RNG list when last hwrng is unregistered + - [armhf] dmaengine: ti-dma-crossbar: Fix event mapping for + TPCC_EVT_MUX_60_63 + - IB/mlx5: Fix integer overflows in mlx5_ib_create_srq + - IB/mlx5: Fix out-of-bounds read in create_raw_packet_qp_rq + - [x86] RDMA/vmw_pvrdma: Fix usage of user response structures in ABI file + - serial: 8250_pci: Don't fail on multiport card class + - RDMA/core: Do not use invalid destination in determining port reuse + - clk: migrate the count of orphaned clocks at init + - RDMA/ucma: Fix access to non-initialized CM_ID object + - RDMA/ucma: Don't allow join attempts for unsupported AF family + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.15.14 + - [armhf] iio: st_pressure: st_accel: pass correct platform data to init + - [arm64] iio: adc: meson-saradc: unlock on error in meson_sar_adc_lock() + - ALSA: usb-audio: Fix parsing descriptor of UAC2 processing unit + - ALSA: aloop: Sync stale timer before release + - ALSA: aloop: Fix access to not-yet-ready substream via cable + - ALSA: hda - Force polling mode on CFL for fixing codec communication + - ALSA: hda/realtek - Fix speaker no sound after system resume + - ALSA: hda/realtek - Fix Dell headset Mic can't record + - ALSA: hda/realtek - Always immediately update mute LED with pin VREF + - mmc: core: Fix tracepoint print of blk_addr and blksz + - mmc: core: Disable HPI for certain Micron (Numonyx) eMMC cards + - mmc: block: fix updating ext_csd caches on ioctl call + - [armhf] mmc: dw_mmc: Fix the DTO/CTO timeout overflow calculation for + 32-bit systems + - [armhf] mmc: dw_mmc: exynos: fix the suspend/resume issue for exynos5433 + - [armhf,arm64] mmc: dw_mmc: fix falling from idmac to PIO mode when + dw_mci_reset occurs + - PCI: Add function 1 DMA alias quirk for Highpoint RocketRAID 644L + - lockdep: fix fs_reclaim warning + - [armhf,arm64] clk: bcm2835: Fix ana->maskX definitions + - [armhf,arm64] clk: bcm2835: Protect sections updating shared registers + - [armhf,arm64] clk: sunxi-ng: a31: Fix CLK_OUT_* clock ops + - RDMA/mlx5: Fix crash while accessing garbage pointer and freed memory + - [x86] Drivers: hv: vmbus: Fix ring buffer signaling + - [armhf] pinctrl: samsung: Validate alias coming from DT + - Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table + - Bluetooth: btusb: Add Dell OptiPlex 3060 to btusb_needs_reset_resume_table + - Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174 + - libata: fix length validation of ATAPI-relayed SCSI commands + - libata: remove WARN() for DMA or PIO command without data + - libata: don't try to pass through NCQ commands to non-NCQ devices + - libata: Apply NOLPM quirk to Crucial MX100 512GB SSDs + - libata: disable LPM for Crucial BX100 SSD 500GB drive + - libata: Enable queued TRIM for Samsung SSD 860 + - libata: Apply NOLPM quirk to Crucial M500 480 and 960GB SSDs + - libata: Make Crucial BX100 500GB LPM quirk apply to all firmware versions + - libata: Modify quirks for MX100 to limit NCQ_TRIM quirk to MU01 version + - sched, cgroup: Don't reject lower cpu.max on ancestors + - cgroup: fix rule checking for threaded mode switching + - nfsd: remove blocked locks on client teardown + - hugetlbfs: check for pgoff value overflow (CVE-2018-7740) + - [x86] mm: implement free pmd/pte page interfaces + - mm/khugepaged.c: convert VM_BUG_ON() to collapse fail + - mm/thp: do not wait for lock_page() in deferred_split_scan() + - mm/shmem: do not wait for lock_page() in shmem_unused_huge_shrink() + - Revert "mm: page_alloc: skip over regions of invalid pfns where possible" + - [x86] drm/vmwgfx: Fix black screen and device errors when running without + fbdev + - [x86] drm/vmwgfx: Fix a destoy-while-held mutex problem. + - drm/radeon: Don't turn off DP sink when disconnected + - drm/amd/display: We shouldn't set format_default on plane as atomic driver + - drm/amd/display: Add one to EDID's audio channel count when passing to DC + - drm: Reject getfb for multi-plane framebuffers + - drm: udl: Properly check framebuffer mmap offsets + - mm/vmscan: wake up flushers for legacy cgroups too + - module: propagate error in modules_open() + - acpi, numa: fix pxm to online numa node associations + - ACPI / watchdog: Fix off-by-one error at resource assignment + - libnvdimm, {btt, blk}: do integrity setup before add_disk() + - brcmfmac: fix P2P_DEVICE ethernet address generation + - rtlwifi: rtl8723be: Fix loss of signal + - tracing: probeevent: Fix to support minus offset from symbol + - mtdchar: fix usage of mtd_ooblayout_ecc() + - staging: ncpfs: memory corruption in ncp_read_kernel() (CVE-2018-8822) + - [i386] can: cc770: Fix stalls on rt-linux, remove redundant IRQ ack + - [i386] can: cc770: Fix queue stall & dropped RTR reply + - [i386] can: cc770: Fix use after free in cc770_tx_interrupt() + - tty: vt: fix up tabstops properly + - [amd64] entry: Don't use IST entry for #BP stack + - [amd64] vsyscall: Use proper accessor to update P4D entry + - [x86] efi: Free efi_pgd with free_pages() + - posix-timers: Protect posix clock array access against speculation + - [x86] kvm: fix icebp instruction handling + - [amd64] build: Force the linker to use 2MB page size + - [amd64] boot: Verify alignment of the LOAD segment + - [x86] hwmon: (k10temp) Only apply temperature offset if result is positive + - [x86] hwmon: (k10temp) Add temperature offset for Ryzen 1900X + - [x86] perf/intel/uncore: Fix Skylake UPI event format + - perf stat: Fix CVS output format for non-supported counters + - perf/core: Fix ctx_event_type in ctx_resched() + - trace/bpf: remove helper bpf_perf_prog_read_value from tracepoint type + programs + - [x86] perf/intel: Don't accidentally clear high bits in bdw_limit_period() + - [x86] perf/intel/uncore: Fix multi-domain PCI CHA enumeration bug on + Skylake servers + - iio: ABI: Fix name of timestamp sysfs file + - bpf: skip unnecessary capability check + - [amd64] bpf: increase number of passes + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.15.15 + - net: dsa: Fix dsa_is_user_port() test inversion + - openvswitch: meter: fix the incorrect calculation of max delta_t + - qed: Fix MPA unalign flow in case header is split across two packets. + - tcp: purge write queue upon aborting the connection + - qed: Fix non TCP packets should be dropped on iWARP ll2 connection + - net: phy: relax error checking when creating sysfs link netdev->phydev + - devlink: Remove redundant free on error path + - macvlan: filter out unsupported feature flags + - net: ipv6: keep sk status consistent after datagram connect failure + - ipv6: old_dport should be a __be16 in __ip6_datagram_connect() + - ipv6: sr: fix NULL pointer dereference when setting encap source address + - ipv6: sr: fix scheduling in RCU when creating seg6 lwtunnel state + - net: phy: Tell caller result of phy_change() + - ipv6: Reflect MTU changes on PMTU of exceptions for MTU-less routes + - net sched actions: return explicit error when tunnel_key mode is not + specified + - ppp: avoid loop in xmit recursion detection code + - rhashtable: Fix rhlist duplicates insertion + - sch_netem: fix skb leak in netem_enqueue() + - ieee802154: 6lowpan: fix possible NULL deref in lowpan_device_event() + - net: use skb_to_full_sk() in skb_update_prio() + - net: Fix hlist corruptions in inet_evict_bucket() + - [s390x] qeth: free netdevice when removing a card + - [s390x] qeth: when thread completes, wake up all waiters + - [s390x] qeth: lock read device while queueing next buffer + - [s390x] qeth: on channel error, reject further cmd requests + - dccp: check sk for closed state in dccp_sendmsg() + - ipv6: fix access to non-linear packet in ndisc_fill_redirect_hdr_option() + - l2tp: do not accept arbitrary sockets + - [armhf] net: ethernet: ti: cpsw: add check for in-band mode setting with + RGMII PHY interface + - [armhf] net: fec: Fix unbalanced PM runtime calls + - [s390x] net/iucv: Free memory obtained by kzalloc + - netlink: avoid a double skb free in genlmsg_mcast() + - net: Only honor ifindex in IP_PKTINFO if non-0 + - net: systemport: Rewrite __bcm_sysport_tx_reclaim() + - qede: Fix qedr link update + - skbuff: Fix not waking applications when errors are enqueued + - team: Fix double free in error path + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.15.16 + - [armhf] OMAP: Fix SRAM W+X mapping + - [armhf] 8746/1: vfp: Go back to clearing vfp_current_hw_state[] + - [armhf] dts: sun6i: a31s: bpi-m2: improve pmic properties + - [armhf] dts: sun6i: a31s: bpi-m2: add missing regulators + - mtd: jedec_probe: Fix crash in jedec_read_mfr() + - ALSA: usb-audio: Add native DSD support for TEAC UD-301 + - ALSA: pcm: Use dma_bytes as size parameter in dma_mmap_coherent() + - ALSA: pcm: potential uninitialized return values + - perf/hwbp: Simplify the perf-hwbp code, fix documentation + - ceph: only dirty ITER_IOVEC pages for direct read + - ipc/shm.c: add split function to shm_vm_ops + - [powerpc*] mm: Add tracking of the number of coprocessors using a context + - [powerpc*] mm: Workaround Nest MMU bug with TLB invalidations + - [powerpc*] 64s: Fix lost pending interrupt due to race causing lost + update to irq_happened + - [powerpc*] 64s: Fix i-side SLB miss bad address handler saving + nonvolatile GPRs + - partitions/msdos: Unable to mount UFS 44bsd partitions + - xfrm_user: uncoditionally validate esn replay attribute struct + - RDMA/ucma: Check AF family prior resolving address + - RDMA/ucma: Fix use-after-free access in ucma_close + - RDMA/ucma: Ensure that CM_ID exists prior to access it + - RDMA/rdma_cm: Fix use after free race with process_one_req + - RDMA/ucma: Check that device is connected prior to access it + - RDMA/ucma: Check that device exists prior to accessing it + - RDMA/ucma: Introduce safer rdma_addr_size() variants + - ipv6: fix possible deadlock in rt6_age_examine_exception() + - net: xfrm: use preempt-safe this_cpu_read() in ipcomp_alloc_tfms() + - xfrm: Refuse to insert 32 bit userspace socket policies on 64 bit systems + - percpu: add __GFP_NORETRY semantics to the percpu balancing path + - netfilter: x_tables: make allocation less aggressive + - netfilter: bridge: ebt_among: add more missing match size checks + - l2tp: fix races with ipv4-mapped ipv6 addresses + - netfilter: drop template ct when conntrack is skipped. + - netfilter: x_tables: add and use xt_check_proc_name + - [arm64] phy: qcom-ufs: add MODULE_LICENSE tag + - Bluetooth: Fix missing encryption refresh on Security Request + - [x86] drm/i915/dp: Write to SET_POWER dpcd to enable MST hub. + - bitmap: fix memset optimization on big-endian systems + - [x86] mei: remove dev_err message on an unsupported ioctl + - /dev/mem: Avoid overwriting "err" in read_mem() + - media: usbtv: prevent double free in error case (CVE-2017-17975) + - crypto: lrw - Free rctx->ext with kzfree + - [arm64] crypto: inside-secure - fix clock management + - crypto: testmgr - Fix incorrect values in PKCS#1 test vector + - crypto: ahash - Fix early termination in hash walk + - [x86] crypto: ccp - return an actual key size from RSA max_size callback + - [arm*] crypto - Fix random regeneration of S_shipped + - [x86] crypto: cast5-avx - fix ECB encryption when long sg follows short + one + - Btrfs: fix unexpected cow in run_delalloc_nocow + - [x86] staging: comedi: ni_mio_common: ack ai fifo error interrupts. + - Revert "base: arch_topology: fix section mismatch build warnings" + - [x86] Input: ALPS - fix TrackStick detection on Thinkpad L570 and + Latitude 7370 + - [x86] Input: i8042 - add Lenovo ThinkPad L460 to i8042 reset list + - [x86] Input: i8042 - enable MUX on Sony VAIO VGN-CS series to fix touchpad + - vt: change SGR 21 to follow the standards + - [arm64] net: hns: Fix ethtool private flags (CVE-2017-18222) + - Fix slab name "biovec-(1<<(21-12))" + - [armhf] Revert "ARM: dts: am335x-pepper: Fix the audio CODEC's reset pin" + - [armhf] Revert "ARM: dts: omap3-n900: Fix the audio CODEC's reset pin" + - Revert "cpufreq: Fix governor module removal race" + - Revert "ip6_vti: adjust vti mtu according to mtu of lower device" + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.15.17 + - i40iw: Fix sequence number for the first partial FPDU + - i40iw: Correct Q1/XF object count equation + - i40iw: Validate correct IRD/ORD connection parameters + - [arm64] clk: meson: mpll: use 64-bit maths in params_from_rate + - ipv6: Reinject IPv6 packets if IPsec policy matches after SNAT + - thermal: power_allocator: fix one race condition issue for + thermal_instances list + - perf probe: Find versioned symbols from map + - perf probe: Add warning message if there is unexpected event name + - perf evsel: Fix swap for samples with raw data + - perf evsel: Enable ignore_missing_thread for pid option + - l2tp: fix missing print session offset info + - rds; Reset rs->rs_bound_addr in rds_add_bound() failure path + - [x86] ACPI / video: Default lcd_only to true on Win8-ready and newer + machines + - net/mlx4_en: Change default QoS settings + - IB/mlx5: Report inner RSS capability + - VFS: close race between getcwd() and d_move() + - [armhf,arm64] watchdog: dw_wdt: add stop watchdog operation + - clk: divider: fix incorrect usage of container_of + - PM / devfreq: Fix potential NULL pointer dereference in governor_store + - gpiolib: don't dereference a desc before validation + - net_sch: red: Fix the new offload indication + - [arm64] thermal/drivers/hisi: Remove bogus const from function return type + - RDMA/cma: Mark end of CMA ID messages + - f2fs: fix lock dependency in between dio_rwsem & i_mmap_sem + - [armhf] clk: sunxi-ng: a83t: Add M divider to TCON1 clock + - media: videobuf2-core: don't go out of the buffer range + - [x86] ASoC: Intel: Skylake: Disable clock gating during firmware and + library download + - [x86] ASoC: Intel: cht_bsw_rt5645: Analog Mic support + - [arm64] drm/msm: Fix NULL deref in adreno_load_gpu + - IB/ipoib: Fix for notify send CQ failure messages + - scsi: libiscsi: Allow sd_shutdown on bad transport + - scsi: mpt3sas: Proper handling of set/clear of "ATA command pending" flag. + - [armhf,arm64] irqchip/gic-v3: Fix the driver probe() fail due to disabled + GICC entry + - ACPI: EC: Fix debugfs_create_*() usage + - mac80211: Fix setting TX power on monitor interfaces + - vfb: fix video mode and line_length being set when loaded + - gpio: label descriptors using the device name + - [arm64] asid: Do not replace active_asids if already 0 + - [powerpc*] powernv-cpufreq: Add helper to extract pstate from PMSR + - IB/rdmavt: Allocate CQ memory on the correct node + - blk-mq: avoid to map CPU into stale hw queue + - blk-mq: fix race between updating nr_hw_queues and switching io sched + - nvme-fabrics: protect against module unload during create_ctrl + - nvme-fabrics: don't check for non-NULL module in nvmf_register_transport + - [x86] pinctrl: baytrail: Enable glitch filter for GPIOs used as interrupts + - nvme_fcloop: disassocate local port structs + - nvme_fcloop: fix abort race condition + - tpm: return a TPM_RC_COMMAND_CODE response if command is not implemented + - perf report: Fix a no annotate browser displayed issue + - [x86] staging: lustre: disable preempt while sampling processor id. + - [x86] ASoC: Intel: sst: Fix the return value o + 'sst_send_byte_stream_mrfld()' + - [armhf] power: supply: axp288_charger: Properly stop work on probe-error + / remove + - rt2x00: do not pause queue unconditionally on error path + - wl1251: check return from call to wl1251_acx_arp_ip_filter + - net/mlx5: Fix race for multiple RoCE enable + - bcache: ret IOERR when read meets metadata error + - bcache: stop writeback thread after detaching + - bcache: segregate flash only volume write streams + - scsi: libsas: Use dynamic alloced work to avoid sas event lost + - net: Fix netdev_WARN_ONCE macro + - scsi: libsas: fix memory leak in sas_smp_get_phy_events() (CVE-2018-7757) + - scsi: libsas: fix error when getting phy events + - scsi: libsas: initialize sas_phy status according to response of DISCOVER + - net/mlx5e: IPoIB, Use correct timestamp in child receive flow + - blk-mq: fix kernel oops in blk_mq_tag_idle() + - tty: n_gsm: Allow ADM response in addition to UA for control dlci + - block, bfq: put async queues for root bfq groups too + - serdev: Fix serdev_uevent failure on ACPI enumerated serdev-controllers + - i40evf: don't rely on netif_running() outside rtnl_lock() + - drm/amd/powerplay: fix memory leakage when reload (v2) + - cxgb4vf: Fix SGE FL buffer initialization logic for 64K pages + - PM / domains: Don't skip driver's ->suspend|resume_noirq() callbacks + - scsi: megaraid_sas: Error handling for invalid ldcount provided by + firmware in RAID map + - scsi: megaraid_sas: unload flag should be set after scsi_remove_host is + called + - RDMA/cma: Fix rdma_cm path querying for RoCE + - [x86] gart: Exclude GART aperture from vmcore + - sdhci: Advertise 2.0v supply on SDIO host controller + - Input: goodix - disable IRQs while suspended + - mtd: mtd_oobtest: Handle bitflips during reads + - crypto: aes-generic - build with -Os on gcc-7+ + - perf tools: Fix copyfile_offset update of output offset + - tcmu: release blocks for partially setup cmds + - [x86] thermal: int3400_thermal: fix error handling in + int3400_thermal_probe() + - [x86] drm/i915/cnp: Ignore VBT request for know invalid DDC pin. + - [x86] drm/i915/cnp: Properly handle VBT ddc pin out of bounds. + - [x86] microcode: Propagate return value from updating functions + - [x86] CPU: Add a microcode loader callback + - [x86] CPU: Check CPU feature bits after microcode upgrade + - [x86] microcode: Get rid of struct apply_microcode_ctx + - [x86] microcode/intel: Check microcode revision before updating sibling + threads + - [x86] microcode/intel: Writeback and invalidate caches before updating + microcode + - [x86] microcode: Do not upload microcode if CPUs are offline + - [x86] microcode/intel: Look into the patch cache first + - [x86] microcode: Request microcode on the BSP + - [x86] microcode: Synchronize late microcode loading + - [x86] microcode: Attempt late loading only when new microcode is present + - [x86] microcode: Fix CPU synchronization routine + - arp: fix arp_filter on l3slave devices + - ipv6: the entire IPv6 header chain must fit the first fragment + - lan78xx: Crash in lan78xx_writ_reg (Workqueue: events + lan78xx_deferred_multicast_write) + - net: dsa: Discard frames from unused ports + - net: fix possible out-of-bound read in skb_network_protocol() + - net/ipv6: Fix route leaking between VRFs + - net/ipv6: Increment OUTxxx counters after netfilter hook + - netlink: make sure nladdr has correct size in netlink_connect() + - net/mlx5e: Verify coalescing parameters in range + - net sched actions: fix dumping which requires several messages to user + space + - net/sched: fix NULL dereference in the error path of tcf_bpf_init() + - pptp: remove a buggy dst release in pptp_connect() + - r8169: fix setting driver_data after register_netdev + - sctp: do not leak kernel memory to user space + - sctp: sctp_sockaddr_af must check minimal addr length for AF_INET6 + - sky2: Increase D3 delay to sky2 stops working after suspend + - vhost: correctly remove wait queue during poll failure + - vlan: also check phy_driver ts_info for vlan's real device + - vrf: Fix use after free and double free in vrf_finish_output + - bonding: fix the err path for dev hwaddr sync in bond_enslave + - bonding: move dev_mc_sync after master_upper_dev_link in bond_enslave + - bonding: process the err returned by dev_set_allmulti properly in + bond_enslave + - net: fool proof dev_valid_name() + - ip_tunnel: better validate user provided tunnel names + - ipv6: sit: better validate user provided tunnel names + - ip6_gre: better validate user provided tunnel names + - ip6_tunnel: better validate user provided tunnel names + - vti6: better validate user provided tunnel names + - net/mlx5e: Set EQE based as default TX interrupt moderation mode + - net_sched: fix a missing idr_remove() in u32_delete_key() + - net/sched: fix NULL dereference in the error path of tcf_vlan_init() + - net/mlx5e: Avoid using the ipv6 stub in the TC offload neigh update path + - net/mlx5e: Fix memory usage issues in offloading TC flows + - net/sched: fix NULL dereference in the error path of tcf_sample_init() + - nfp: use full 40 bits of the NSP buffer address + - ipv6: sr: fix seg6 encap performances with TSO enabled + - net/mlx5e: Don't override vport admin link state in switchdev mode + - net/mlx5e: Sync netdev vxlan ports at open + - net/sched: fix NULL dereference in the error path of tunnel_key_init() + - net/sched: fix NULL dereference on the error path of tcf_skbmod_init() + - strparser: Fix sign of err codes + - net/mlx4_en: Fix mixed PFC and Global pause user control requests + - net/mlx5e: Fix traffic being dropped on VF representor + - vhost: validate log when IOTLB is enabled + - route: check sysctl_fib_multipath_use_neigh earlier than hash + - team: move dev_mc_sync after master_upper_dev_link in team_port_add + - vhost_net: add missing lock nesting notation + - net/mlx4_core: Fix memory leak while delete slave's resources + + [ Roger Shimizu ] + * [armel] Bring back armel build by reverting two commits that disabled + armel previously: + - [2ed70eb] "Add empty featuresets for armel to help abiupdate script" + - [5f62872] "(Temporarily) disable armel kernel image build" + * [armel] Reduce armel image size by: + - Set CONFIG_CRYPTO_MANAGER_DISABLE_TESTS=y + - Change MTD, MTD_CMDLINE_PARTS, RTC_DRV_MV, and SPI_ORION from + built-in to module. + - Disable VT, ZSWAP, RD_BZIP2, and RD_LZMA. + Thanks to Leigh Brown <leigh@solinno.co.uk> for his idea to disable VT. + * [armel] Add dependency of udeb modules (fixes FTBFS): + - Add lzo_decompress to lzo-modules. + - Add cmdlinepart to mtd-modules. + * [armel] Add dependency of udeb packages (fixes FTBFS): + - Add package dependency of mtd-modules to jffs2-modules. + - Add package dependency of lzo-modules to squashfs-modules. + + [ Ben Hutchings ] + * wireless: Disable regulatory.db direct loading (see #892229) + * Bump ABI to 3 + * scsi: libsas: direct call probe and destruct (CVE-2017-18232) + * ext4: fail ext4_iget for root directory if unallocated (CVE-2018-1092) + * ext4: add validity checks for bitmap block numbers (CVE-2018-1093) + * ext4: always initialize the crc32c checksum driver (CVE-2018-1094) + * scsi: libsas: defer ata device eh commands to libata (CVE-2018-10021) + * [armel/marvell] linux-image: Replace supported model list with wiki link + * [armhf] udeb: Add i2c-exynos5 to i2c-modules (Closes: #895976) + * [arm*] iio: Enable DHT11 as module (Closes: #873176) + * udeb: Move arc4 and ecb from nic-wireless-modules to crypto-modules + (Closes: #895362) + * SCSI: Enable SCSI_SYM53C8XX_2 as module on all architectures + (Closes: #895532) + * [x86] Enable MFD_AXP20X_I2C, AXP288_FUEL_GAUGE as modules (Closes: #895129) + * w1: Enable all "slave" device drivers (Closes: #895340) + * [arm64] net/phy: Enable MDIO_BUS_MUX_MMIOREG as module (Closes: #894336) + * [x86] net: Enable THUNDERBOLT_NET as module (Closes: #894310) + * [x86] platform: Enable DELL_SMBIOS_SMM, DELL_SMBIOS_WMI as modules + (closes: #893976) + * ath9k_htc: Fix regression in 4.15, thanks to Ben Caradoc-Davies + (Closes: #891060) + - mac80211: add ieee80211_hw flag for QoS NDP support + - ath9k_htc: use non-QoS NDP for AP probing + * squashfs: Enable SQUASHFS_ZSTD (Closes: #883410) + * block: Enable BLK_SED_OPAL (except on armel) + * [arm64] Enable ARCH_SYNQUACER and related driver modules (Closes: #891787) + * [arm64] PCI: Enable PCI_TEGRA (Closes: #888817) + * [amd64] net: Enable AQTION as module + * udeb: Rename lzo-modules to compress-modules + * udeb: Add zstd_decompress to compress-modules and make squashfs-modules + depend on it + + [ Vagrant Cascadian ] + * [armhf] Add patch to fix loading of imx6q-cpufreq module. + + -- Ben Hutchings <ben@decadent.org.uk> Thu, 19 Apr 2018 11:13:03 +0100 + +linux (4.15.11-1) unstable; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.15.5 + - IB/umad: Fix use of unprotected device pointer + - IB/qib: Fix comparison error with qperf compare/swap test + - IB/mlx4: Fix incorrectly releasing steerable UD QPs when have only ETH + ports + - IB/core: Fix two kernel warnings triggered by rxe registration + - IB/core: Fix ib_wc structure size to remain in 64 bytes boundary + - IB/core: Avoid a potential OOPs for an unused optional parameter + - RDMA/rxe: Fix a race condition related to the QP error state + - RDMA/rxe: Fix a race condition in rxe_requester() + - RDMA/rxe: Fix rxe_qp_cleanup() + - [powerpc*] cpufreq: powernv: Dont assume distinct pstate values for + nominal and pmin + - swiotlb: suppress warning when __GFP_NOWARN is set + - PM / devfreq: Propagate error from devfreq_add_device() + - mwifiex: resolve reset vs. remove()/shutdown() deadlocks + - ocfs2: try a blocking lock before return AOP_TRUNCATED_PAGE + - trace_uprobe: Display correct offset in uprobe_events + - [powerpc*] radix: Remove trace_tlbie call from radix__flush_tlb_all + - [powerpc*] kernel: Block interrupts when updating TIDR + - [powerpc*] vas: Don't set uses_vas for kernel windows + - [powerpc*] numa: Invalidate numa_cpu_lookup_table on cpu remove + - [powerpc*] mm: Flush radix process translations when setting MMU type + - [powerpc*] xive: Use hw CPU ids when configuring the CPU queues + - dma-buf: fix reservation_object_wait_timeout_rcu once more v2 + - [s390x] fix handling of -1 in set{,fs}[gu]id16 syscalls + - [arm64] dts: msm8916: Correct ipc references for smsm + - [x86] gpu: add CFL to early quirks + - [x86] kexec: Make kexec (mostly) work in 5-level paging mode + - [x86] xen: init %gs very early to avoid page faults with stack protector + - [x86] PM: Make APM idle driver initialize polling state + - mm, memory_hotplug: fix memmap initialization + - [amd64] entry: Clear extra registers beyond syscall arguments, to reduce + speculation attack surface + - [amd64] entry/compat: Clear registers for compat syscalls, to reduce + speculation attack surface + - [armhf] crypto: sun4i_ss_prng - fix return value of sun4i_ss_prng_generate + - [armhf] crypto: sun4i_ss_prng - convert lock to _bh in + sun4i_ss_prng_generate + - [powerpc*] mm/radix: Split linear mapping on hot-unplug + - [x86] speculation: Update Speculation Control microcode blacklist + - [x86] speculation: Correct Speculation Control microcode blacklist again + - [x86] Revert "x86/speculation: Simplify + indirect_branch_prediction_barrier()" + - [x86] KVM: Reduce retpoline performance impact in + slot_handle_level_range(), by always inlining iterator helper methods + - [X86] nVMX: Properly set spec_ctrl and pred_cmd before merging MSRs + - [x86] KVM/nVMX: Set the CPU_BASED_USE_MSR_BITMAPS if we have a valid L02 + MSR bitmap + - [x86] speculation: Clean up various Spectre related details + - PM / runtime: Update links_count also if !CONFIG_SRCU + - PM: cpuidle: Fix cpuidle_poll_state_init() prototype + - [x86] platform: wmi: fix off-by-one write in wmi_dev_probe() + - [amd64] entry: Clear registers for exceptions/interrupts, to reduce + speculation attack surface + - [amd64] entry: Merge SAVE_C_REGS and SAVE_EXTRA_REGS, remove unused + extensions + - [amd64] entry: Merge the POP_C_REGS and POP_EXTRA_REGS macros into a + single POP_REGS macro + - [amd64] entry: Interleave XOR register clearing with PUSH instructions + - [amd64] entry: Introduce the PUSH_AND_CLEAN_REGS macro + - [amd64] entry: Use PUSH_AND_CLEAN_REGS in more cases + - [amd64] entry: Get rid of the ALLOC_PT_GPREGS_ON_STACK and + SAVE_AND_CLEAR_REGS macros + - [amd64] entry: Indent PUSH_AND_CLEAR_REGS and POP_REGS properly + - [amd64] entry: Fix paranoid_entry() frame pointer warning + - [amd64] entry: Remove the unused 'icebp' macro + - gfs2: Fixes to "Implement iomap for block_map" + - objtool: Fix segfault in ignore_unreachable_insn() + - [x86] debug, objtool: Annotate WARN()-related UD2 as reachable + - [x86] debug: Use UD2 for WARN() + - [x86] speculation: Fix up array_index_nospec_mask() asm constraint + - nospec: Move array_index_nospec() parameter checking into separate macro + - [x86] speculation: Add <asm/msr-index.h> dependency + - [x86] mm: Rename flush_tlb_single() and flush_tlb_one() to + __flush_tlb_one_[user|kernel]() + - [x86] cpu: Rename cpu_data.x86_mask to cpu_data.x86_stepping + - [x86] spectre: Fix an error message + - [x86] cpu: Change type of x86_cache_size variable to unsigned int + - [amd64] entry: Fix CR3 restore in paranoid_exit() + - drm/ttm: Don't add swapped BOs to swap-LRU list + - drm/ttm: Fix 'buf' pointer update in ttm_bo_vm_access_kmap() (v2) + - drm/qxl: unref cursor bo when finished with it + - drm/qxl: reapply cursor after resetting primary + - drm/amd/powerplay: Fix smu_table_entry.handle type + - drm/ast: Load lut in crtc_commit + - drm: Check for lessee in DROP_MASTER ioctl + - [arm64] Add missing Falkor part number for branch predictor hardening + - drm/radeon: Add dpm quirk for Jet PRO (v2) + - drm/radeon: adjust tested variable + - [x86] smpboot: Fix uncore_pci_remove() indexing bug when hot-removing a + physical CPU + - [powerpc*] rtc-opal: Fix handling of firmware error codes, prevent busy + loops + - mbcache: initialize entry->e_referenced in mb_cache_entry_create() + - mmc: sdhci: Implement an SDHCI-specific bounce buffer + - [armhf,arm64] mmc: bcm2835: Don't overwrite max frequency unconditionally + - [arm64] Revert "mmc: meson-gx: include tx phase in the tuning process" + - mlx5: fix mlx5_get_vector_affinity to start from completion vector 0 + - [x86] Revert "apple-gmux: lock iGP IO to protect from vgaarb changes" + - ext4: fix a race in the ext4 shutdown path + - ext4: save error to disk in __ext4_grp_locked_error() + - ext4: correct documentation for grpid mount option + - mm: Fix memory size alignment in devm_memremap_pages_release() + - [mips*] Fix typo BIG_ENDIAN to CPU_BIG_ENDIAN + - [mips*] CPS: Fix MIPS_ISA_LEVEL_RAW fallout + - [mips*] Fix incorrect mem=X@Y handling + - [arm64] PCI: Disable MSI for HiSilicon Hip06/Hip07 only in Root Port mode + - [armhf,arm64] PCI: iproc: Fix NULL pointer dereference for BCMA + - [x86] PCI: pciehp: Assume NoCompl+ for Thunderbolt ports + - console/dummy: leave .con_font_get set to NULL + - rbd: whitelist RBD_FEATURE_OPERATIONS feature bit + - xen: Fix {set,clear}_foreign_p2m_mapping on autotranslating guests + - xenbus: track caller request id + - seq_file: fix incomplete reset on read from zero offset + - tracing: Fix parsing of globs with a wildcard at the beginning + - mpls, nospec: Sanitize array index in mpls_label_ok() (CVE-2017-5753) + - rtlwifi: rtl8821ae: Fix connection lost problem correctly + - [arm64] proc: Set PTE_NG for table entries to avoid traversing them twice + - xprtrdma: Fix calculation of ri_max_send_sges + - xprtrdma: Fix BUG after a device removal + - blk-wbt: account flush requests correctly + - target/iscsi: avoid NULL dereference in CHAP auth error path + - iscsi-target: make sure to wake up sleeping login worker + - dm: correctly handle chained bios in dec_pending() + - Btrfs: fix deadlock in run_delalloc_nocow + - Btrfs: fix crash due to not cleaning up tree log block's dirty bits + - Btrfs: fix extent state leak from tree log + - Btrfs: fix btrfs_evict_inode to handle abnormal inodes correctly + - Btrfs: fix use-after-free on root->orphan_block_rsv + - Btrfs: fix unexpected -EEXIST when creating new inode + - 9p/trans_virtio: discard zero-length reply + - mtd: nand: vf610: set correct ooblayout + - ALSA: hda - Fix headset mic detection problem for two Dell machines + - ALSA: usb-audio: Fix UAC2 get_ctl request with a RANGE attribute + - ALSA: hda/realtek - Add headset mode support for Dell laptop + - ALSA: hda/realtek - Enable Thinkpad Dock device for ALC298 platform + - ALSA: hda/realtek: PCI quirk for Fujitsu U7x7 + - ALSA: usb-audio: add implicit fb quirk for Behringer UFX1204 + - ALSA: usb: add more device quirks for USB DSD devices + - ALSA: seq: Fix racy pool initializations (CVE-2018-7566) + - [armhf,arm64] mvpp2: fix multicast address filter + - usb: Move USB_UHCI_BIG_ENDIAN_* out of USB_SUPPORT + - [x86] mm, mm/hwpoison: Don't unconditionally unmap kernel 1:1 pages + - [armhf] dts: exynos: fix RTC interrupt for exynos5410 + - [arm64] dts: msm8916: Add missing #phy-cells + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.15.6 + - tun: fix tun_napi_alloc_frags() frag allocator + - ptr_ring: fail early if queue occupies more than KMALLOC_MAX_SIZE + - ptr_ring: try vmalloc() when kmalloc() fails + - selinux: ensure the context is NUL terminated in + security_context_to_sid_core() + - selinux: skip bounded transition processing if the policy isn't loaded + - media: pvrusb2: properly check endpoint types + - [x86] crypto: twofish-3way - Fix %rbp usage + - blk_rq_map_user_iov: fix error override + - [x86] KVM: fix escape of guest dr6 to the host + - kcov: detect double association with a single task + - netfilter: x_tables: fix int overflow in xt_alloc_table_info() + - netfilter: x_tables: avoid out-of-bounds reads in + xt_request_find_{match|target} + - netfilter: ipt_CLUSTERIP: fix out-of-bounds accesses in + clusterip_tg_check() + - netfilter: on sockopt() acquire sock lock only in the required scope + - netfilter: xt_cgroup: initialize info->priv in cgroup_mt_check_v1() + - netfilter: xt_RATEEST: acquire xt_rateest_mutex for hash insert + - rds: tcp: correctly sequence cleanup on netns deletion. + - rds: tcp: atomically purge entries from rds_tcp_conn_list during netns + delete + - net: avoid skb_warn_bad_offload on IS_ERR + - net_sched: gen_estimator: fix lockdep splat + - [arm64] dts: add #cooling-cells to CPU nodes + - dn_getsockoptdecnet: move nf_{get/set}sockopt outside sock lock + - xhci: Fix NULL pointer in xhci debugfs + - xhci: Fix xhci debugfs devices node disappearance after hibernation + - xhci: xhci debugfs device nodes weren't removed after device plugged out + - xhci: fix xhci debugfs errors in xhci_stop + - usbip: keep usbip_device sockfd state in sync with tcp_socket + - [x86] mei: me: add cannon point device ids + - [x86] mei: me: add cannon point device ids for 4th device + - vmalloc: fix __GFP_HIGHMEM usage for vmalloc_32 on 32b systems + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.15.7 + - netfilter: drop outermost socket lock in getsockopt() + - [arm64] mm: don't write garbage into TTBR1_EL1 register + - kconfig.h: Include compiler types to avoid missed struct attributes + - scsi: ibmvfc: fix misdefined reserved field in ibmvfc_fcp_rsp_info + - [mips*] Drop spurious __unused in struct compat_flock + - cfg80211: fix cfg80211_beacon_dup + - i2c: designware: must wait for enable + - [armhf,arm64] i2c: bcm2835: Set up the rising/falling edge delays + - X.509: fix BUG_ON() when hash algorithm is unsupported + - X.509: fix NULL dereference when restricting key with unsupported_sig + - PKCS#7: fix certificate chain verification + - PKCS#7: fix certificate blacklisting + - [x86] genirq/matrix: Handle CPU offlining proper + - RDMA/uverbs: Protect from races between lookup and destroy of uobjects + - RDMA/uverbs: Protect from command mask overflow + - RDMA/uverbs: Fix bad unlock balance in ib_uverbs_close_xrcd + - RDMA/uverbs: Fix circular locking dependency + - RDMA/uverbs: Sanitize user entered port numbers prior to access it + - iio: buffer: check if a buffer has been set up when poll is called + - Kbuild: always define endianess in kconfig.h + - [x86] apic/vector: Handle vector release on CPU unplug correctly + - mm, swap, frontswap: fix THP swap if frontswap enabled + - mm: don't defer struct page initialization for Xen pv guests + - uapi/if_ether.h: move __UAPI_DEF_ETHHDR libc define + - [armhf,arm64] irqchip/gic-v3: Use wmb() instead of smb_wmb() in + gic_raise_softirq() + - [mips*] irqchip/mips-gic: Avoid spuriously handling masked interrupts + - PCI/cxgb4: Extend T3 PCI quirk to T4+ devices + - [x86] net: thunderbolt: Tear down connection properly on suspend + - [x86] net: thunderbolt: Run disconnect flow asynchronously when logout is + received + - ohci-hcd: Fix race condition caused by ohci_urb_enqueue() and + io_watchdog_func() + - usb: ohci: Proper handling of ed_rm_list to handle race condition between + usb_kill_urb() and finish_unlinks() + - [arm64] Remove unimplemented syscall log message + - [arm64] Disable unhandled signal log messages by default + - [arm64] cpufeature: Fix CTR_EL0 field definitions + - USB: Add delay-init quirk for Corsair K70 RGB keyboards + - drm/edid: Add 6 bpc quirk for CPT panel in Asus UX303LA + - usb: host: ehci: use correct device pointer for dma ops + - usb: dwc3: gadget: Set maxpacket size for ep0 IN + - usb: dwc3: ep0: Reset TRB counter for ep0 IN + - usb: ldusb: add PIDs for new CASSY devices supported by this driver + - Revert "usb: musb: host: don't start next rx urb if current one failed" + - usb: gadget: f_fs: Process all descriptors during bind + - usb: gadget: f_fs: Use config_ep_by_speed() + - drm/cirrus: Load lut in crtc_commit + - drm/atomic: Fix memleak on ERESTARTSYS during non-blocking commits + - drm: Handle unexpected holes in color-eviction + - drm/amdgpu: disable MMHUB power gating on raven + - drm/amdgpu: fix VA hole handling on Vega10 v3 + - drm/amdgpu: Add dpm quirk for Jet PRO (v2) + - drm/amdgpu: only check mmBIF_IOV_FUNC_IDENTIFIER on tonga/fiji + - drm/amdgpu: add atpx quirk handling (v2) + - drm/amdgpu: Avoid leaking PM domain on driver unbind (v2) + - drm/amdgpu: add new device to use atpx quirk + - [arm64] __show_regs: Only resolve kernel symbols when running at EL1 + - [x86] drm/i915/breadcrumbs: Ignore unsubmitted signalers + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.15.8 + - vsprintf: avoid misleading "(null)" for %px + - hrtimer: Ensure POSIX compliance (relative CLOCK_REALTIME hrtimers) + - ipmi_si: Fix error handling of platform device + - [x86] platform: dell-laptop: Allocate buffer on heap rather than globally + - [powerpc*] pseries: Enable RAS hotplug events later + - Bluetooth: btusb: Use DMI matching for QCA reset_resume quirking + - ixgbe: fix crash in build_skb Rx code path + - [x86] tpm: st33zp24: fix potential buffer overruns caused by bit glitches + on the bus + - tpm: fix potential buffer overruns caused by bit glitches on the bus + - [x86] tpm_i2c_infineon: fix potential buffer overruns caused by bit + glitches on the bus + - [x86] tpm_i2c_nuvoton: fix potential buffer overruns caused by bit + glitches on the bus + - [x86] tpm_tis: fix potential buffer overruns caused by bit glitches on + the bus + - ALSA: usb-audio: Add a quirck for B&W PX headphones + - ALSA: control: Fix memory corruption risk in snd_ctl_elem_read + - [x86] ALSA: x86: Fix missing spinlock and mutex initializations + - ALSA: hda: Add a power_save blacklist + - ALSA: hda - Fix pincfg at resume on Lenovo T470 dock + - mmc: sdhci-pci: Fix S0i3 for Intel BYT-based controllers + - [armhf,arm64] mmc: dw_mmc-k3: Fix out-of-bounds access through DT alias + - [armhf,arm64] mmc: dw_mmc: Avoid accessing registers in runtime suspended + state + - [armhf,arm64] mmc: dw_mmc: Factor out dw_mci_init_slot_caps + - [armhf,arm64] mmc: dw_mmc: Fix out-of-bounds access for slot's caps + - timers: Forward timer base before migrating timers + - [hppa] Use cr16 interval timers unconditionally on qemu + - [hppa] Reduce irq overhead when run in qemu + - [hppa] Fix ordering of cache and TLB flushes + - [hppa] Hide virtual kernel memory layout + - btrfs: use proper endianness accessors for super_copy + - block: fix the count of PGPGOUT for WRITE_SAME + - block: kyber: fix domain token leak during requeue + - block: pass inclusive 'lend' parameter to truncate_inode_pages_range + - vfio: disable filesystem-dax page pinning + - dax: fix vma_is_fsdax() helper + - direct-io: Fix sleep in atomic due to sync AIO + - [x86] xen: Zero MSR_IA32_SPEC_CTRL before suspend + - [x86] cpu_entry_area: Sync cpu_entry_area to initial_page_table + - bridge: check brport attr show in brport_show + - fib_semantics: Don't match route with mismatching tclassid + - hdlc_ppp: carrier detect ok, don't turn off negotiation + - [arm64] net: amd-xgbe: fix comparison to bitshift when dealing with a mask + - [armhf] net: ethernet: ti: cpsw: fix net watchdog timeout + - net: fix race on decreasing number of TX queues + - net: ipv4: don't allow setting net.ipv4.route.min_pmtu below 68 + - netlink: ensure to loop over all netns in genlmsg_multicast_allns() + - net: sched: report if filter is too large to dump + - ppp: prevent unregistered channels from connecting to PPP units + - sctp: verify size of a new chunk in _sctp_make_chunk() (CVE-2018-5803) + - udplite: fix partial checksum initialization + - net/mlx5e: Fix TCP checksum in LRO buffers + - sctp: fix dst refcnt leak in sctp_v4_get_dst + - net/mlx5e: Specify numa node when allocating drop rq + - net: phy: fix phy_start to consider PHY_IGNORE_INTERRUPT + - tcp: Honor the eor bit in tcp_mtu_probe + - rxrpc: Fix send in rxrpc_send_data_packet() + - tcp_bbr: better deal with suboptimal GSO + - doc: Change the min default value of tcp_wmem/tcp_rmem. + - net/mlx5e: Fix loopback self test when GRO is off + - net_sched: gen_estimator: fix broken estimators based on percpu stats + - net/sched: cls_u32: fix cls_u32 on filter replace + - sctp: do not pr_err for the duplicated node in transport rhlist + - net: ipv4: Set addr_type in hash_keys for forwarded case + - sctp: fix dst refcnt leak in sctp_v6_get_dst() + - bridge: Fix VLAN reference count problem + - net/mlx5e: Verify inline header size do not exceed SKB linear size + - tls: Use correct sk->sk_prot for IPV6 + - [arm64] amd-xgbe: Restore PCI interrupt enablement setting on resume + - cls_u32: fix use after free in u32_destroy_key() + - netlink: put module reference if dump start fails + - tcp: purge write queue upon RST + - tuntap: correctly add the missing XDP flush + - tuntap: disable preemption during XDP processing + - virtio-net: disable NAPI only when enabled during XDP set + - cxgb4: fix trailing zero in CIM LA dump + - net/mlx5: Fix error handling when adding flow rules + - net: phy: Restore phy_resume() locking assumption + - tcp: tracepoint: only call trace_tcp_send_reset with full socket + - l2tp: don't use inet_shutdown on tunnel destroy + - l2tp: don't use inet_shutdown on ppp session destroy + - l2tp: fix races with tunnel socket close + - l2tp: fix race in pppol2tp_release with session object destroy + - l2tp: fix tunnel lookup use-after-free race + - [s390x] qeth: fix underestimated count of buffer elements + - [s390x] qeth: fix SETIP command handling + - [s390x] qeth: fix overestimated count of buffer elements + - [s390x] qeth: fix IP removal on offline cards + - [s390x] qeth: fix double-free on IP add/remove race + - [s390x] Revert "s390/qeth: fix using of ref counter for rxip addresses" + - [s390x] qeth: fix IP address lookup for L3 devices + - [s390x] qeth: fix IPA command submission race + - tcp: revert F-RTO middle-box workaround + - tcp: revert F-RTO extension to detect more spurious timeouts + - blk-mq: don't call io sched's .requeue_request when requeueing rq to + ->dispatch + - media: m88ds3103: don't call a non-initalized function + - [x86] EDAC, sb_edac: Fix out of bound writes during DIMM configuration on + KNL + - [s390x] KVM: take care of clock-comparator sign control + - [s390x] KVM: provide only a single function for setting the tod (fix SCK) + - [s390x] KVM: consider epoch index on hotplugged CPUs + - [s390x] KVM: consider epoch index on TOD clock syncs + - nospec: Allow index argument to have const-qualified type + - [x86] mm: Fix {pmd,pud}_{set,clear}_flags() + - [armhf] orion: fix orion_ge00_switch_board_info initialization + - [armhf] dts: rockchip: Remove 1.8 GHz operation point from phycore som + - [armhf] mvebu: Fix broken PL310_ERRATA_753970 selects + - [x86] KVM: Fix SMRAM accessing even if VM is shutdown + - KVM: mmu: Fix overlap between public and private memslots + - [x86] KVM: Remove indirect MSR op calls from SPEC_CTRL + - [x86] KVM: move LAPIC initialization after VMCS creation + - [x86] KVM/VMX: Optimize vmx_vcpu_run() and svm_vcpu_run() by marking the + RDMSR path as unlikely() + - [x86] KVM: fix vcpu initialization with userspace lapic + - [x86] KVM: remove WARN_ON() for when vm_munmap() fails + - [x86] ACPI / bus: Parse tables as term_list for Dell XPS 9570 and + Precision M5530 + - [armhf] dts: LogicPD SOM-LV: Fix I2C1 pinmux + - [armhf] dts: LogicPD Torpedo: Fix I2C1 pinmux + - [powerpc*] 64s/radix: Boot-time NULL pointer protection using a guard-PID + - md: only allow remove_and_add_spares when no sync_thread running. + - [x86] platform: dell-laptop: fix kbd_get_state's request value + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.15.9 + - bpf: fix mlock precharge on arraymaps + - bpf: fix memory leak in lpm_trie map_free callback function + - bpf: fix rcu lockdep warning for lpm_trie map_free callback + - [amd64] bpf: implement retpoline for tail call (CVE-2017-5715) + - [arm64] bpf: fix out of bounds access in tail call + - bpf: add schedule points in percpu arrays management + - bpf: allow xadd only on aligned memory + - [powerpc*] bpf, ppc64: fix out of bounds access in tail call + - scsi: mpt3sas: fix oops in error handlers after shutdown/unload + - scsi: mpt3sas: wait for and flush running commands on shutdown/unload + - [x86] KVM: fix backward migration with async_PF + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.15.10 + - RDMA/ucma: Limit possible option size + - RDMA/ucma: Check that user doesn't overflow QP state + - RDMA/mlx5: Fix integer overflow while resizing CQ + - bpf: cpumap: use GFP_KERNEL instead of GFP_ATOMIC in + __cpu_map_entry_alloc() + - IB/uverbs: Improve lockdep_check + - mac80211_hwsim: don't use WQ_MEM_RECLAIM + - [x86] drm/i915: Check for fused or unused pipes + - [x86] drm/i915/audio: fix check for av_enc_map overflow + - [x86] drm/i915: Fix rsvd2 mask when out-fence is returned + - [x86] drm/i915: Clear the in-use marker on execbuf failure + - [x86] drm/i915: Disable DC states around GMBUS on GLK + - [x86] drm/i915: Update watermark state correctly in sanitize_watermarks + - [x86] drm/i915: Try EDID bitbanging on HDMI after failed read + - [x86] drm/i915/perf: fix perf stream opening lock + - scsi: core: Avoid that ATA error handling can trigger a kernel hang or + oops (Closes: #891467) + - scsi: qla2xxx: Fix NULL pointer crash due to active timer for ABTS + - [x86] drm/i915: Always call to intel_display_set_init_power() in + resume_early. + - workqueue: Allow retrieval of current task's work struct + - drm: Allow determining if current task is output poll worker + - drm/nouveau: Fix deadlock on runtime suspend + - drm/radeon: Fix deadlock on runtime suspend + - drm/amdgpu: Fix deadlock on runtime suspend + - drm/nouveau: prefer XBGR2101010 for addfb ioctl + - drm/amd/powerplay/smu7: allow mclk switching with no displays + - drm/amd/powerplay/vega10: allow mclk switching with no displays + - Revert "drm/radeon/pm: autoswitch power state when in balanced mode" + - drm/amd/display: check for ipp before calling cursor operations + - drm/radeon: insist on 32-bit DMA for Cedar on PPC64/PPC64LE + - drm/amd/powerplay: fix power over limit on Fiji + - drm/amd/display: Default HDMI6G support to true. Log VBIOS table error. + - drm/amdgpu: used cached pcie gen info for SI (v2) + - drm/amdgpu: Notify sbios device ready before send request + - drm/radeon: fix KV harvesting + - drm/amdgpu: fix KV harvesting + - drm/amdgpu:Correct max uvd handles + - drm/amdgpu:Always save uvd vcpu_bo in VM Mode + - ovl: redirect_dir=nofollow should not follow redirect for opaque lower + - [mips*/octeon] irq: Check for null return on kzalloc allocation + - PCI: dwc: Fix enumeration end when reaching root subordinate + - Revert "Input: synaptics - Lenovo Thinkpad T460p devices should use RMI" + - bug: use %pB in BUG and stack protector failure + - lib/bug.c: exclude non-BUG/WARN exceptions from report_bug() + - mm/memblock.c: hardcode the end_pfn being -1 + - Documentation/sphinx: Fix Directive import error + - loop: Fix lost writes caused by missing flag + - virtio_ring: fix num_free handling in error case + - [x390x] KVM: fix memory overwrites when not using SCA entries + - [arm64] mm: fix thinko in non-global page table attribute check + - IB/core: Fix missing RDMA cgroups release in case of failure to register + device + - Revert "nvme: create 'slaves' and 'holders' entries for hidden + controllers" + - kbuild: Handle builtin dtb file names containing hyphens + - dm bufio: avoid false-positive Wmaybe-uninitialized warning + - IB/mlx5: Fix incorrect size of klms in the memory region + - bcache: fix crashes in duplicate cache device register + - bcache: don't attach backing with duplicate UUID + - [x86] MCE: Save microcode revision in machine check records + - [x86] MCE: Serialize sysfs changes (CVE-2018-7995) + - perf tools: Fix trigger class trigger_on() + - [x86] spectre_v2: Don't check microcode versions when running under + hypervisors + - ALSA: hda/realtek - Add support headset mode for DELL WYSE + - ALSA: hda/realtek - Add headset mode support for Dell laptop + - ALSA: hda/realtek: Limit mic boost on T480 + - ALSA: hda/realtek - Fix dock line-out volume on Dell Precision 7520 + - ALSA: hda/realtek - Make dock sound work on ThinkPad L570 + - ALSA: seq: Don't allow resizing pool in use + - ALSA: seq: More protection for concurrent write and ioctl races + - ALSA: hda - Fix a wrong FIXUP for alc289 on Dell machines + - ALSA: hda: add dock and led support for HP EliteBook 820 G3 + - ALSA: hda: add dock and led support for HP ProBook 640 G2 + - scsi: qla2xxx: Fix NULL pointer crash due to probe failure + - scsi: qla2xxx: Fix recursion while sending terminate exchange + - dt-bindings: Document mti,mips-cpc binding + - nospec: Kill array_index_nospec_mask_check() + - nospec: Include <asm/barrier.h> dependency + - [x86] entry: Reduce the code footprint of the 'idtentry' macro + - [x86] entry/64: Use 'xorl' for faster register clearing + - [x86] mm: Remove stale comment about KMEMCHECK + - [x86] asm: Improve how GEN_*_SUFFIXED_RMWcc() specify clobbers + - [x86] IO-APIC: Avoid warning in 32-bit builds + - [x86] LDT: Avoid warning in 32-bit builds with older gcc + - x86-64/realmode: Add instruction suffix + - Revert "x86/retpoline: Simplify vmexit_fill_RSB()" + - [x86] speculation: Use IBRS if available before calling into firmware + - [x86] retpoline: Support retpoline builds with Clang + - [x86] speculation, objtool: Annotate indirect calls/jumps for objtool + - [x86] speculation: Move firmware_restrict_branch_speculation_*() from C + to CPP + - [x86] paravirt, objtool: Annotate indirect calls + - [x86] boot, objtool: Annotate indirect jump in secondary_startup_64() + - [x86] mm/sme, objtool: Annotate indirect call in sme_encrypt_execute() + - objtool: Use existing global variables for options + - objtool: Add retpoline validation + - objtool: Add module specific retpoline rules + - objtool, retpolines: Integrate objtool with retpoline support more + closely + - objtool: Fix another switch table detection issue + - objtool: Fix 32-bit build + - [x86] kprobes: Fix kernel crash when probing .entry_trampoline code + - watchdog: hpwdt: SMBIOS check + - watchdog: hpwdt: Check source of NMI + - watchdog: hpwdt: fix unused variable warning + - watchdog: hpwdt: Remove legacy NMI sourcing. + - netfilter: add back stackpointer size checks (CVE-2018-1065) + - netfilter: ipt_CLUSTERIP: fix a race condition of proc file creation + - netfilter: xt_hashlimit: fix lock imbalance + - netfilter: x_tables: fix missing timer initialization in xt_LED + - netfilter: nat: cope with negative port range + - netfilter: IDLETIMER: be syzkaller friendly + - netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets + (CVE-2018-1068) + - netfilter: bridge: ebt_among: add missing match size checks + - netfilter: ipv6: fix use-after-free Write in nf_nat_ipv6_manip_pkt + - netfilter: use skb_to_full_sk in ip6_route_me_harder + - tpm_tis: Move ilb_base_addr to tpm_tis_data + - tpm: Keep CLKRUN enabled throughout the duration of transmit_cmd() + - tpm: delete the TPM_TIS_CLK_ENABLE flag + - tpm: remove unused variables + - tpm: only attempt to disable the LPC CLKRUN if is already enabled + - [x86] xen: Calculate __max_logical_packages on PV domains + - scsi: qla2xxx: Fix system crash for Notify ack timeout handling + - scsi: qla2xxx: Fix gpnid error processing + - scsi: qla2xxx: Move session delete to driver work queue + - scsi: qla2xxx: Skip IRQ affinity for Target QPairs + - scsi: qla2xxx: Fix re-login for Nport Handle in use + - scsi: qla2xxx: Retry switch command on time out + - scsi: qla2xxx: Serialize GPNID for multiple RSCN + - scsi: qla2xxx: Fix login state machine stuck at GPDB + - scsi: qla2xxx: Fix NPIV host cleanup in target mode + - scsi: qla2xxx: Relogin to target port on a cable swap + - scsi: qla2xxx: Fix Relogin being triggered too fast + - scsi: qla2xxx: Fix PRLI state check + - scsi: qla2xxx: Fix abort command deadlock due to spinlock + - scsi: qla2xxx: Replace fcport alloc with qla2x00_alloc_fcport + - scsi: qla2xxx: Fix scan state field for fcport + - scsi: qla2xxx: Clear loop id after delete + - scsi: qla2xxx: Defer processing of GS IOCB calls + - scsi: qla2xxx: Remove aborting ELS IOCB call issued as part of timeout. + - scsi: qla2xxx: Fix system crash in qlt_plogi_ack_unref + - scsi: qla2xxx: Fix memory leak in dual/target mode + - NFS: Fix an incorrect type in struct nfs_direct_req + - pNFS: Prevent the layout header refcount going to zero in pnfs_roc() + - NFS: Fix unstable write completion + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.15.11 + - [x86] Treat R_X86_64_PLT32 as R_X86_64_PC32 + - usb: host: xhci-rcar: add support for r8a77965 + - xhci: Fix front USB ports on ASUS PRIME B350M-A + - xhci: fix endpoint context tracer output + - [sh4] serial: sh-sci: prevent lockup on full TTY buffers + - tty/serial: atmel: add new version check for usart + - uas: fix comparison for error code + - [x86] staging: comedi: fix comedi_nsamples_left. + - USB: storage: Add JMicron bridge 152d:2567 to unusual_devs.h + - usbip: vudc: fix null pointer dereference on udc->lock + - usb: quirks: add control message delay for 1b1c:1b20 + - usb: usbmon: Read text within supplied buffer size + - usb: gadget: f_fs: Fix use-after-free in ffs_fs_kill_sb() + - [arm64,armhf] usb: dwc3: Fix lock-up on ID change during system + suspend/resume + - serial: 8250_pci: Add Brainboxes UC-260 4 port serial device + - serial: core: mark port as initialized in autoconfig + - earlycon: add reg-offset to physical address before mapping + - dm mpath: fix passing integrity data + - Revert "btrfs: use proper endianness accessors for super_copy" + - gfs2: Clean up {lookup,fillup}_metapath + - gfs2: Fixes to "Implement iomap for block_map" (2) + - [armhf] spi: imx: Fix failure path leak on GPIO request error correctly + - HID: multitouch: Only look at non touch fields in first packet of a + frame + - [powerpc*] KVM: Book3S HV: Avoid shifts by negative amounts + - drm/edid: set ELD connector type in drm_edid_to_eld() + - dma-buf/fence: Fix lock inversion within dma-fence-array + - video/hdmi: Allow "empty" HDMI infoframes + - [powerpc*] KVM: Book3S HV: Fix typo in kvmppc_hv_get_dirty_log_radix() + - HID: elo: clear BTN_LEFT mapping + - iwlwifi: mvm: rs: don't override the rate history in the search cycle + - [armhf] dts: exynos: Correct Trats2 panel reset line + - drm/amdgpu: fix get_max_engine_clock_in_mhz + - USB: ledtrig-usbport: fix of-node leak + - dt-bindings: serial: Add common rs485 binding for RTS polarity + - sched: Stop switched_to_rt() from sending IPIs to offline CPUs + - sched: Stop resched_cpu() from sending IPIs to offline CPUs + - crypto: chelsio - Fix an error code in chcr_hash_dma_map() + - crypto: keywrap - Add missing ULL suffixes for 64-bit constants + - crypto: cavium - fix memory leak on info + - test_firmware: fix setting old custom fw path back on exit + - drm/vblank: Fix vblank timestamp debugs + - net: ieee802154: adf7242: Fix bug if defined DEBUG + - perf report: Fix -D output for user metadata events + - net: xfrm: allow clearing socket xfrm policies. + - gpiolib: don't allow OPEN_DRAIN & OPEN_SOURCE flags simultaneously + - mtd: nand: fix interpretation of NAND_CMD_NONE in nand_command[_lp]() + - [arm64] net: thunderx: Set max queue count taking XDP_TX into account + - [armhf] dts: am335x-pepper: Fix the audio CODEC's reset pin + - [armhf] dts: omap3-n900: Fix the audio CODEC's reset pin + - mtd: nand: ifc: update bufnum mask for ver >= 2.0.0 + - userns: Don't fail follow_automount based on s_user_ns + - xfrm: Fix xfrm_replay_overflow_offload_esn + - leds: pm8058: Silence pointer to integer size warning + - bpf: fix stack state printing in verifier log + - [armhf] drm/etnaviv: make THERMAL selectable + - ath10k: update tdls teardown state to target + - cpufreq: Fix governor module removal race + - [x86] KVM: Restart the guest when insn_len is zero and SEV is enabled + - drm/amdgpu:fix random missing of FLR NOTIFY + - scsi: lpfc: Fix crash during driver unload with running nvme traffic + - scsi: ses: don't ask for diagnostic pages repeatedly during probe + - [armhf] drm/sun4i: Fix format mask in DE2 driver + - [s390x] perf annotate: Fix unnecessary memory allocation for s390x + - perf annotate: Fix objdump comment parsing for Intel mov dissassembly + - iwlwifi: mvm: avoid dumping assert log when device is stopped + - drm/amdgpu:fix virtual dce bug + - drm/amdgpu: fix amdgpu_sync_resv v2 + - bnxt_en: Uninitialized variable in bnxt_tc_parse_actions() + - [arm64] clk: qcom: msm8916: fix mnd_width for codec_digcodec + - mwifiex: cfg80211: do not change virtual interface during scan + processing + - ath10k: fix invalid STS_CAP_OFFSET_MASK + - tools/usbip: fixes build with musl libc toolchain + - [armhf] spi: sun6i: disable/unprepare clocks on remove + - bnxt_en: Don't print "Link speed -1 no longer supported" messages. + - scsi: core: scsi_get_device_flags_keyed(): Always return device flags + - scsi: devinfo: apply to HP XP the same flags as Hitachi VSP + - scsi: dh: add new rdac devices + - media: vsp1: Prevent suspending and resuming DRM pipelines + - dm raid: fix raid set size revalidation + - media: cpia2: Fix a couple off by one bugs + - [arm*] media: davinci: vpif_capture: add NULL check on devm_kzalloc + return value + - virtio_net: Disable interrupts if napi_complete_done rescheduled napi + - net: sched: drop qdisc_reset from dev_graft_qdisc + - veth: set peer GSO values + - [x86] drm/amdkfd: Fix memory leaks in kfd topology + - [powerpc*] modules: Don't try to restore r2 after a sibling call + - [powerpc/powerpc64,ppc64*] Don't trace irqs-off at interrupt return to + soft-disabled context + - [arm64] dts: renesas: salvator-common: Add EthernetAVB PHY reset + - agp/intel: Flush all chipset writes after updating the GGTT + - mac80211_hwsim: enforce PS_MANUAL_POLL to be set after PS_ENABLED + - mac80211: remove BUG() when interface type is invalid + - crypto: caam/qi - use correct print specifier for size_t + - mmc: mmc_test: Ensure command queue is disabled for testing + - Fix misannotated out-of-line _copy_to_user() + - ipvlan: add L2 check for packets arriving via virtual devices + - locking/locktorture: Fix num reader/writer corner cases + - ima: relax requiring a file signature for new files with zero length + - IB/mlx5: revisit -Wmaybe-uninitialized warning + - [arm64] dmaengine: qcom_hidma: check pending interrupts + - [x86] drm/i915/glk: Disable Guc and HuC on GLK + + [ Ben Hutchings ] + * aufs: gen-patch: Fix Subject generation to skip SPDX-License-Identifier + * aufs: Update support patchset to aufs4.15-20180219 (no functional change) + * debian/control: Point Vcs URLs to Salsa + * [x86] sound/soc/intel: Enable SND_SOC_INTEL_SST_TOPLEVEL, + SND_SOC_INTEL_HASWELL, SND_SOC_INTEL_BAYTRAIL, SND_SST_ATOM_HIFI2_PLATFORM, + SND_SOC_INTEL_SKYLAKE as modules; re-enable dependent board drivers + (Closes: #892629) + * firmware_class: Refer to Debian wiki page when logging missing firmware + (Closes: #888405) + * amdgpu: Abort probing if firmware is not installed, as we do in radeon + * Bump ABI to 2 + * [amd64] udeb: Add vmd to scsi-modules, required for NVMe on some systems + (Closes: #891482) + * udeb: Update patterns for PHY modules included in usb-modules + (Closes: #893154) + + [ Uwe Kleine-König ] + * netfilter: enable NFT_FIB_NETDEV as module + + [ Thadeu Lima de Souza Cascardo ] + * [powerpc,ppc64el,ppc64] Enable CRASH_DUMP (Closes: #883432) + + [ Bastian Blank ] + * Drop note about Xen from long descriptions. + + [ Vagrant Cascadian ] + * [arm64] Enable ROCKCHIP_IODOMAIN as a module, to enable PCIe reset. + * [arm64] Enable REGULATOR_FAN53555 as a module, enabling cpufreq to + work on rk3399 A72 cores. + * [arm64] Apply patch from linux-next to fix eMMC corruption on + Odroid-C2 (Closes: #879072). + + [ Salvatore Bonaccorso ] + * mac80211_hwsim: fix possible memory leak in hwsim_new_radio_nl() + (CVE-2018-8087) + + -- Salvatore Bonaccorso <carnil@debian.org> Tue, 20 Mar 2018 09:31:07 +0100 + +linux (4.15.4-1) unstable; urgency=medium + + * New upstream release: https://kernelnewbies.org/Linux_4.15 + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.15.1 + - Bluetooth: hci_serdev: Init hci_uart proto_lock to avoid oops + - tools/gpio: Fix build error with musl libc + - gpio: stmpe: i2c transfer are forbiden in atomic context + - gpio: Fix kernel stack leak to userspace + - scsi: storvsc: missing error code in storvsc_probe() + - staging: lustre: separate a connection destroy from free struct kib_conn + - staging: ccree: NULLify backup_info when unused + - staging: ccree: fix fips event irq handling build + - usb: option: Add support for FS040U modem + - serial: 8250_dw: Revert "Improve clock rate setting" + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.15.2 + - [x86] KVM: Make indirect calls in emulator speculation safe + - [x86] KVM: VMX: Make indirect call speculation safe + - module/retpoline: Warn about missing retpoline in module + - [x86] cpufeatures: Add CPUID_7_EDX CPUID leaf + - [x86] cpufeatures: Add Intel feature bits for Speculation Control + - [x86] cpufeatures: Add AMD feature bits for Speculation Control + - [x86] msr: Add definitions for new speculation control MSRs + - [x86] pti: Do not enable PTI on CPUs which are not vulnerable to + Meltdown + - [x86] cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 + microcodes + - [x86] speculation: Add basic IBPB (Indirect Branch Prediction Barrier) + support + - [x86] alternative: Print unadorned pointers + - [x86] nospec: Fix header guards names + - [x86] bugs: Drop one "mitigation" from dmesg + - [x86] cpu/bugs: Make retpoline module warning conditional + - [x86] cpufeatures: Clean up Spectre v2 related CPUID flags + - [x86] retpoline: Simplify vmexit_fill_RSB() + - [x86] speculation: Simplify indirect_branch_prediction_barrier() + - [x86] KVM: nVMX: Eliminate vmcs02 pool + - [x86] KVM: VMX: introduce alloc_loaded_vmcs + - objtool: Improve retpoline alternative handling + - objtool: Add support for alternatives at the end of a section + - objtool: Warn on stripped section symbol + - [x86] mm: Fix overlap of i386 CPU_ENTRY_AREA with FIX_BTMAP + - [x86] spectre: Check CONFIG_RETPOLINE in command line parser + - [x86] entry/64: Remove the SYSCALL64 fast path + - [x86] entry/64: Push extra regs right away + - [x86] asm: Move 'status' from thread_struct to thread_info + - Documentation: Document array_index_nospec + - array_index_nospec: Sanitize speculative array de-references + - [x86] Implement array_index_mask_nospec + - [x86] Introduce barrier_nospec + - [x86] Introduce __uaccess_begin_nospec() and uaccess_try_nospec + - [x86] usercopy: Replace open coded stac/clac with __uaccess_{begin, end} + - [x86] uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec + - [x86] get_user: Use pointer masking to limit speculation + - [x86] syscall: Sanitize syscall table de-references under speculation + - vfs, fdtable: Prevent bounds-check bypass via speculative execution + - nl80211: Sanitize array index in parse_txq_params + - [x86] spectre: Report get_user mitigation for spectre_v1 + - [x86] spectre: Fix spelling mistake: "vunerable"-> "vulnerable" + - [x86] cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel + - [x86] speculation: Use Indirect Branch Prediction Barrier in context + switch + - [x86] paravirt: Remove 'noreplace-paravirt' cmdline option + - [x86] KVM: VMX: make MSR bitmaps per-VCPU + - [x86] kvm: Update spectre-v1 mitigation + - [x86] retpoline: Avoid retpolines for built-in __init functions + - [x86] spectre: Simplify spectre_v2 command line parsing + - [x86] pti: Mark constant arrays as __initconst + - [x86] speculation: Fix typo IBRS_ATT, which should be IBRS_ALL + - [x86] KVM: Update the reverse_cpuid list to include CPUID_7_EDX + - [x86] KVM: Add IBPB support + - [x86] KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES + - [x86] KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL + - [x86] KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL + - serial: core: mark port as initialized after successful IRQ change + - fpga: region: release of_parse_phandle nodes after use + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.15.3 + - ip6mr: fix stale iterator + - net: igmp: add a missing rcu locking section + - qlcnic: fix deadlock bug + - qmi_wwan: Add support for Quectel EP06 + - r8169: fix RTL8168EP take too long to complete driver initialization. + - tcp: release sk_frag.page in tcp_disconnect + - vhost_net: stop device during reset owner + - ipv6: addrconf: break critical section in addrconf_verify_rtnl() + - ipv6: change route cache aging logic + - Revert "defer call to mem_cgroup_sk_alloc()" + - net: ipv6: send unsolicited NA after DAD + - rocker: fix possible null pointer dereference in + rocker_router_fib_event_work + - tcp_bbr: fix pacing_gain to always be unity when using lt_bw + - cls_u32: add missing RCU annotation. + - ipv6: Fix SO_REUSEPORT UDP socket with implicit sk_ipv6only + - soreuseport: fix mem leak in reuseport_add_sock() + - net_sched: get rid of rcu_barrier() in tcf_block_put_ext() + - net: sched: fix use-after-free in tcf_block_put_ext + - crypto: tcrypt - fix S/G table for test_aead_speed() + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.15.4 + - cifs: Fix missing put_xid in cifs_file_strict_mmap + - cifs: Fix autonegotiate security settings mismatch + - CIFS: zero sensitive data when freeing + - cpufreq: mediatek: add mediatek related projects into blacklist + - [arm64] watchdog: gpio_wdt: set WDOG_HW_RUNNING in gpio_wdt_stop + - Revert "drm/i915: mark all device info struct with __initconst" + - sched/rt: Use container_of() to get root domain in + rto_push_irq_work_func() + - sched/rt: Up the root domain ref count when passing it around via IPIs + - [arm64] mm: Use non-global mappings for kernel space + - [arm64] mm: Temporarily disable ARM64_SW_TTBR0_PAN + - [arm64] mm: Move ASID from TTBR0 to TTBR1 + - [arm64] mm: Remove pre_ttbr0_update_workaround for Falkor erratum #E1003 + - [arm64] mm: Rename post_ttbr0_update_workaround + - [arm64] mm: Fix and re-enable ARM64_SW_TTBR0_PAN + - [arm64] mm: Allocate ASIDs in pairs + - [arm64] mm: Add arm64_kernel_unmapped_at_el0 helper + - [arm64] mm: Invalidate both kernel and user ASIDs when performing TLBI + - [arm64] entry: Add exception trampoline page for exceptions from EL0 + - [arm64] mm: Map entry trampoline into trampoline and kernel page tables + - [arm64] entry: Explicitly pass exception level to kernel_ventry macro + - [arm64] entry: Hook up entry trampoline to exception vectors + - [arm64] erratum: Work around Falkor erratum #E1003 in trampoline code + - [arm64] cpu_errata: Add Kryo to Falkor 1003 errata + - [arm64] tls: Avoid unconditional zeroing of tpidrro_el0 for native tasks + - [arm64] entry: Add fake CPU feature for unmapping the kernel at EL0 + - [arm64] kaslr: Put kernel vectors address in separate data page + - [arm64] use RET instruction for exiting the trampoline + - [arm64] Kconfig: Add CONFIG_UNMAP_KERNEL_AT_EL0 + - [arm64] Kconfig: Reword UNMAP_KERNEL_AT_EL0 kconfig entry + - [arm64] Take into account ID_AA64PFR0_EL1.CSV3 + - [arm64] capabilities: Handle duplicate entries for a capability + - [arm64] mm: Introduce TTBR_ASID_MASK for getting at the ASID in the TTBR + - [arm64] kpti: Fix the interaction between ASID switching and software PAN + - [arm64] cputype: Add MIDR values for Cavium ThunderX2 CPUs + - [arm64] Turn on KPTI only on CPUs that need it + - [arm64] kpti: Make use of nG dependent on arm64_kernel_unmapped_at_el0() + - [arm64] mm: Permit transitioning from Global to Non-Global without BBM + - [arm64] kpti: Add ->enable callback to remap swapper using nG mappings + - [arm64] Force KPTI to be disabled on Cavium ThunderX + - [arm64] entry: Reword comment about post_ttbr_update_workaround + - [arm64] idmap: Use "awx" flags for .idmap.text .pushsection directives + - [arm64] barrier: Add CSDB macros to control data-value prediction + - [arm64] Implement array_index_mask_nospec() + - [arm64] Make USER_DS an inclusive limit + - [arm64] Use pointer masking to limit uaccess speculation + - [arm64] entry: Ensure branch through syscall table is bounded under + speculation + - [arm64] uaccess: Prevent speculative use of the current addr_limit + - [arm64] uaccess: Don't bother eliding access_ok checks in __{get, + put}_user + - [arm64] uaccess: Mask __user pointers for __arch_{clear, copy_*}_user + - [arm64] futex: Mask __user pointers prior to dereference + - [arm64] cpufeature: __this_cpu_has_cap() shouldn't stop early + - [arm64] Run enable method for errata work arounds on late CPUs + - [arm64] cpufeature: Pass capability structure to ->enable callback + - drivers/firmware: Expose psci_get_version through psci_ops structure + - [arm64] Move post_ttbr_update_workaround to C code + - [arm64] Add skeleton to harden the branch predictor against aliasing + attacks + - [arm64] Move BP hardening to check_and_switch_context + - [arm64] KVM: Use per-CPU vector when BP hardening is enabled + - [arm64] entry: Apply BP hardening for high-priority synchronous + exceptions + - [arm64] entry: Apply BP hardening for suspicious interrupts from EL0 + - [arm64] cputype: Add missing MIDR values for Cortex-A72 and Cortex-A75 + - [arm64] Implement branch predictor hardening for affected Cortex-A CPUs + - [arm64] Implement branch predictor hardening for Falkor + - [arm64] Branch predictor hardening for Cavium ThunderX2 + - [arm64] KVM: Increment PC after handling an SMC trap + - [armhf,arm64] KVM: Consolidate the PSCI include files + - [armhf,arm64] KVM: Add PSCI_VERSION helper + - [armhf,arm64] KVM: Add smccc accessors to PSCI code + - [armhf,arm64] KVM: Implement PSCI 1.0 support + - [armhf,arm64] KVM: Advertise SMCCC v1.1 + - [arm64] KVM: Make PSCI_VERSION a fast path + - [armhf,arm64] KVM: Turn kvm_psci_version into a static inline + - [arm64] KVM: Report SMCCC_ARCH_WORKAROUND_1 BP hardening support + - [arm64] KVM: Add SMCCC_ARCH_WORKAROUND_1 fast handling + - firmware/psci: Expose PSCI conduit + - firmware/psci: Expose SMCCC version through psci_ops + - arm/arm64: smccc: Make function identifiers an unsigned quantity + - arm/arm64: smccc: Implement SMCCC v1.1 inline primitive + - [arm64] Add ARM_SMCCC_ARCH_WORKAROUND_1 BP hardening support + - [arm64] Kill PSCI_GET_VERSION as a variant-2 workaround + - mtd: cfi: convert inline functions to macros + - mtd: nand: brcmnand: Disable prefetch by default + - mtd: nand: Fix nand_do_read_oob() return value + - mtd: nand: sunxi: Fix ECC strength choice + - ubi: Fix race condition between ubi volume creation and udev + - ubi: fastmap: Erase outdated anchor PEBs during attach + - ubi: block: Fix locking for idr_alloc/idr_remove + - ubifs: free the encrypted symlink target + - nfs/pnfs: fix nfs_direct_req ref leak when i/o falls back to the mds + - nfs41: do not return ENOMEM on LAYOUTUNAVAILABLE + - NFS: Add a cond_resched() to nfs_commit_release_pages() + - NFS: Fix nfsstat breakage due to LOOKUPP + - NFS: commit direct writes even if they fail partially + - NFS: reject request for id_legacy key without auxdata + - NFS: Fix a race between mmap() and O_DIRECT + - nfsd: Detect unhashed stids in nfsd4_verify_open_stid() + - kernfs: fix regression in kernfs_fop_write caused by wrong type + - ahci: Annotate PCI ids for mobile Intel chipsets as such + - ahci: Add PCI ids for Intel Bay Trail, Cherry Trail and Apollo Lake AHCI + - ahci: Add Intel Cannon Lake PCH-H PCI ID + - crypto: hash - introduce crypto_hash_alg_has_setkey() + - crypto: cryptd - pass through absence of ->setkey() + - crypto: mcryptd - pass through absence of ->setkey() + - crypto: poly1305 - remove ->setkey() method + - crypto: hash - annotate algorithms taking optional key + - crypto: hash - prevent using keyed hashes without setting key + - media: v4l2-ioctl.c: use check_fmt for enum/g/s/try_fmt + - media: v4l2-ioctl.c: don't copy back the result for -ENOTTY + - media: v4l2-compat-ioctl32.c: add missing VIDIOC_PREPARE_BUF + - media: v4l2-compat-ioctl32.c: fix the indentation + - media: v4l2-compat-ioctl32.c: move 'helper' functions to __get/put_v4l2_format32 + - media: v4l2-compat-ioctl32.c: avoid sizeof(type) + - media: v4l2-compat-ioctl32.c: copy m.userptr in put_v4l2_plane32 + - media: v4l2-compat-ioctl32.c: fix ctrl_is_pointer + - media: v4l2-compat-ioctl32.c: copy clip list in put_v4l2_window32 + - media: v4l2-compat-ioctl32.c: drop pr_info for unknown buffer type + - media: v4l2-compat-ioctl32.c: don't copy back the result for certain errors + - media: v4l2-compat-ioctl32.c: refactor compat ioctl32 logic + - media: v4l2-compat-ioctl32.c: make ctrl_is_pointer work for subdevs + - crypto: caam - fix endless loop when DECO acquire fails + - crypto: sha512-mb - initialize pending lengths correctly + - crypto: talitos - fix Kernel Oops on hashing an empty file + - [armhf,arm64 KVM: Fix SMCCC handling of unimplemented SMC/HVC calls + - [x86] KVM: nVMX: Fix races when sending nested PI while dest + enters/leaves L2 + - [x86] KVM: nVMX: Fix bug of injecting L2 exception into L1 + - [powerpc*] KVM: PPC: Book3S HV: Make sure we don't re-enter guest + without XIVE loaded + - [powerpc*] KVM: PPC: Book3S HV: Drop locks before reading guest memory + - [armhf,arm64] KVM: Handle CPU_PM_ENTER_FAILED + - [powerpc*] KVM: PPC: Book3S PR: Fix broken select due to misspelling + - watchdog: imx2_wdt: restore previous timeout after suspend+resume + - afs: Add missing afs_put_cell() + - afs: Need to clear responded flag in addr cursor + - afs: Fix missing cursor clearance + - afs: Fix server list handling + - btrfs: Handle btrfs_set_extent_delalloc failure in fixup worker + - Btrfs: raid56: iterate raid56 internal bio with bio_for_each_segment_all + - kasan: don't emit builtin calls when sanitization is off + - kasan: rework Kconfig settings + - media: dvb_frontend: be sure to init dvb_frontend_handle_ioctl() return + code + - media: dvb-frontends: fix i2c access helpers for KASAN + - media: dt-bindings/media/cec-gpio.txt: mention the CEC/HPD max voltages + - media: ts2020: avoid integer overflows on 32 bit machines + - media: vivid: fix module load error when enabling fb and no_error_inj=1 + - media: cxusb, dib0700: ignore XC2028_I2C_FLUSH + - fs/proc/kcore.c: use probe_kernel_read() instead of memcpy() + - kernel/async.c: revert "async: simplify lowest_in_progress()" + - kernel/relay.c: revert "kernel/relay.c: fix potential memory leak" + - pipe: actually allow root to exceed the pipe buffer limits + - pipe: fix off-by-one error when checking buffer limits + - HID: quirks: Fix keyboard + touchpad on Toshiba Click Mini not working + - Bluetooth: btsdio: Do not bind to non-removable BCM43341 + - Revert "Bluetooth: btusb: fix QCA Rome suspend/resume" + - Bluetooth: btusb: Restore QCA Rome suspend/resume fix with a "rewritten" + version + - ipmi: use dynamic memory for DMI driver override + - signal/openrisc: Fix do_unaligned_access to send the proper signal + - signal/sh: Ensure si_signo is initialized in do_divide_error + - alpha: fix crash if pthread_create races with signal delivery + - alpha: osf_sys.c: fix put_tv32 regression + - alpha: Fix mixed up args in EXC macro in futex operations + - alpha: fix reboot on Avanti platform + - alpha: fix formating of stack content + - xtensa: fix futex_atomic_cmpxchg_inatomic + - EDAC, octeon: Fix an uninitialized variable warning + - genirq: Make legacy autoprobing work again + - pinctrl: intel: Initialize GPIO properly when used through irqchip + - pinctrl: mcp23s08: fix irq setup order + - pinctrl: sx150x: Unregister the pinctrl on release + - pinctrl: sx150x: Register pinctrl before adding the gpiochip + - pinctrl: sx150x: Add a static gpio/pinctrl pin range mapping + - pktcdvd: Fix pkt_setup_dev() error path + - pktcdvd: Fix a recently introduced NULL pointer dereference + - blk-mq: quiesce queue before freeing queue + - clocksource/drivers/stm32: Fix kernel panic with multiple timers + - lib/ubsan.c: s/missaligned/misaligned/ + - lib/ubsan: add type mismatch handler for new GCC/Clang + - objtool: Fix switch-table detection + - [arm64] dts: marvell: add Ethernet aliases + - drm/i915: Avoid PPS HW/SW state mismatch due to rounding + - ACPI: sbshc: remove raw pointer from printk() message (CVE-2018-5750) + - acpi, nfit: fix register dimm error handling + - ovl: force r/o mount when index dir creation fails + - ovl: fix failure to fsync lower dir + - ovl: take mnt_want_write() for work/index dir setup + - ovl: take mnt_want_write() for removing impure xattr + - ovl: hash directory inodes for fsnotify + - devpts: fix error handling in devpts_mntget() + - ftrace: Remove incorrect setting of glob search field + - scsi: core: Ensure that the SCSI error handler gets woken up + - scsi: lpfc: Fix crash after bad bar setup on driver attachment + - scsi: cxlflash: Reset command ioasc + - rcu: Export init_rcu_head() and destroy_rcu_head() to GPL modules + + [ Bastian Blank ] + * Add cloud-amd64 kernel flavour. + - Support Microsoft Azure. + - Support Amazon EC2. + - Support Google Compute Engine. + * Enable NUMA_BALANCING_DEFAULT_ENABLED, enabled by all others. + * Enable INET_ESP_OFFLOAD, INET6_ESP_OFFLOAD, IPV6_SEG6_LWTUNNEL, + IPV6_SEG6_HMAC, NF_LOG_NETDEV, IP_SET_HASH_IPMAC, NET_ACT_SAMPLE, + IPVTAP, VIRTIO_MMIO, CRYPTO_RSA, CRYPTO_DH, CRYPTO_ECDH. + * x86: Enable SCHED_MC_PRIO, HYPERV_VSOCKETS. + * Enable NVME_MULTIPATH, NVME_FC, NVME_TARGET_FC, move nvme module into + scsi-modules installer udeb. + * Switch to SLUB as kernel allocator. (Closes: #862718) + - Enable SLUB_DEBUG, SLAB_FREELIST_HARDENED except on armel/marvell. + (Closes: #883069) + * Fix building of liblockdep. + + [ Uwe Kleine-König ] + * [arm64] enable I2C_PXA for espressobin (Closes: #886983) + + [ Ben Hutchings ] + * Enable CGROUP_BPF (except for armel) (Closes: #872560) + * usb: Enable USBIP_CORE, USBIP_VHCI_HCD, USBIP_HOST, USBIP_VUDC as + modules on all architectures (Closes: #888042) + * [x86] Rewrite "Make x32 syscall support conditional on a kernel parameter" + to use a static key + + [ Salvatore Bonaccorso ] + * (Temporarily) disable armel kernel image build. + The armel/marvell kernel size is growing to large and the compressed + image is over the limit. + Given the armel architecture will most likely not be part of Buster, + disable the image build. + Cf. https://lists.debian.org/debian-kernel/2018/01/msg00278.html + * Set ABI to 1 + + -- Salvatore Bonaccorso <carnil@debian.org> Sun, 18 Feb 2018 09:36:49 +0100 + +linux (4.15~rc8-1~exp1) experimental; urgency=medium + + * New upstream release candidate + - RDS: Heap OOB write in rds_message_alloc_sgs() (CVE-2018-5332) + - RDS: null pointer dereference in rds_atomic_free_op (CVE-2018-5333) + - loop: fix concurrent lo_open/lo_release (CVE-2018-5344) + + [ Ben Hutchings ] + * [arm64] Update "add kernel config option to lock down when in Secure Boot + mode" for 4.15 + * efi: Enable LOCK_DOWN_IN_EFI_SECURE_BOOT, replacing + EFI_SECURE_BOOT_LOCK_DOWN + * iio: Enable AD5446 as module, replacing TI_DAC7512 + + -- Ben Hutchings <ben@decadent.org.uk> Mon, 15 Jan 2018 04:43:14 +0000 + +linux (4.15~rc5-1~exp1) experimental; urgency=medium + + * New upstream release candidate + + [ Riku Voipio ] + * [arm64] udeb: add multifunction devices + * [arm64] udeb: add mvebu comphy for armada 8K + + [ Ben Hutchings ] + * aufs: Update support patchset to aufs4.x-rcN-20171218 + * lockdown: Update patchset to 2017-11-10 version + * lockdown: Update calls to kernel_is_locked_down() in "mtd: Disable slram and + phram when locked down" + * cpupower: Move library to multiarch directory + * [rt] Disable until it is updated for 4.15 or later + * linux-kbuild: Add objtool + + -- Ben Hutchings <ben@decadent.org.uk> Wed, 27 Dec 2017 02:48:14 +0000 + +linux (4.14.17-1) unstable; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.14 + - dm bufio: fix shrinker scans when (nr_to_scan < retain_target) + - can: gs_usb: fix return value of the "set_bittiming" callback + - IB/srpt: Disable RDMA access by the initiator + - IB/srpt: Fix ACL lookup during login + - [mips*] Validate PR_SET_FP_MODE prctl(2) requests against the ABI of the + task + - [mips*] Factor out NT_PRFPREG regset access helpers + - [mips*] Guard against any partial write attempt with PTRACE_SETREGSET + - [mips*] Consistently handle buffer counter with PTRACE_SETREGSET + - [mips*] Fix an FCSR access API regression with NT_PRFPREG and MSA + - [mips*] Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET + - [mips*] Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset accesses + - cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC (Closes: #888954) + - [x86] kvm: vmx: Scrub hardware GPRs at VM-exit (partial mitigation of + CVE-2017-5715, CVE-2017-5753) + - [x86] platform: wmi: Call acpi_wmi_init() later + - iw_cxgb4: only call the cq comp_handler when the cq is armed + - iw_cxgb4: atomically flush the qp + - iw_cxgb4: only clear the ARMED bit if a notification is needed + - iw_cxgb4: reflect the original WR opcode in drain cqes + - iw_cxgb4: when flushing, complete all wrs in a chain + - [x86] acpi: Handle SCI interrupts above legacy space gracefully + - ALSA: pcm: Remove incorrect snd_BUG_ON() usages + - ALSA: pcm: Workaround for weird PulseAudio behavior on rewind error + - ALSA: pcm: Add missing error checks in OSS emulation plugin builder + - ALSA: pcm: Abort properly at pending signal in OSS read/write loops + - ALSA: pcm: Allow aborting mutex lock at OSS read/write loops + - ALSA: aloop: Release cable upon open error path + - ALSA: aloop: Fix inconsistent format due to incomplete rule + - ALSA: aloop: Fix racy hw constraints adjustment + - [x86] acpi: Reduce code duplication in mp_override_legacy_irq() + - 8021q: fix a memory leak for VLAN 0 device + - ip6_tunnel: disable dst caching if tunnel is dual-stack + - net: core: fix module type in sock_diag_bind + - RDS: Heap OOB write in rds_message_alloc_sgs() (CVE-2018-5332) + - RDS: null pointer dereference in rds_atomic_free_op (CVE-2018-5333) + - net: fec: restore dev_id in the cases of probe error + - net: fec: defer probe if regulator is not ready + - net: fec: free/restore resource in related probe error pathes + - sctp: do not retransmit upon FragNeeded if PMTU discovery is disabled + - sctp: fix the handling of ICMP Frag Needed for too small MTUs + - [arm64, armhf] net: stmmac: enable EEE in MII, GMII or RGMII only + - ipv6: fix possible mem leaks in ipv6_make_skb() + - net/sched: Fix update of lastuse in act modules implementing + stats_update + - ipv6: sr: fix TLVs not being copied using setsockopt + - sfp: fix sfp-bus oops when removing socket/upstream + - membarrier: Disable preemption when calling smp_call_function_many() + - crypto: algapi - fix NULL dereference in crypto_remove_spawns() + - rbd: reacquire lock should update lock owner client id + - rbd: set max_segments to USHRT_MAX + - iwlwifi: pcie: fix DMA memory mapping / unmapping + - [x86] microcode/intel: Extend BDW late-loading with a revision check + - [x86] KVM: Add memory barrier on vmcs field lookup + - [powerpc*] KVM: Book3S PR: Fix WIMG handling under pHyp + - [powerpc*] KVM: Book3S HV: Drop prepare_done from struct kvm_resize_hpt + - [powerpc*] KVM: Book3S HV: Fix use after free in case of multiple resize + requests + - [powerpc*] KVM: Book3S HV: Always flush TLB in kvmppc_alloc_reset_hpt() + - [x86] drm/vmwgfx: Don't cache framebuffer maps + - [x86] drm/vmwgfx: Potential off by one in vmw_view_add() + - [x86] drm/i915/gvt: Clear the shadow page table entry after post-sync + - [x86] drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake. + - [x86] drm/i915: Move init_clock_gating() back to where it was + - [x86] drm/i915: Fix init_clock_gating for resume + - bpf: prevent out-of-bounds speculation (partial mitigation of + CVE-2017-5753) + - bpf, array: fix overflow in max_entries and undefined behavior in + index_mask + - bpf: arsh is not supported in 32 bit alu thus reject it + - [arm64, armhf] usb: misc: usb3503: make sure reset is low for at least + 100us + - USB: fix usbmon BUG trigger + - USB: UDC core: fix double-free in usb_add_gadget_udc_release + - usbip: remove kernel addresses from usb device and urb debug msgs + - usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious input + - usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null xfer + buffer + - staging: android: ashmem: fix a race condition in ASHMEM_SET_SIZE ioctl + (CVE-2017-13216) + - mux: core: fix double get_device() + - kdump: write correct address of mem_section into vmcoreinfo + - apparmor: fix ptrace label match when matching stacked labels + - [x86] pti: Unbreak EFI old_memmap + - [x86] Documentation: Add PTI description + - [x86] cpufeatures: Add X86_BUG_SPECTRE_V[12] + - sysfs/cpu: Add vulnerability folder + - [x86] cpu: Implement CPU vulnerabilites sysfs functions + - [x86] tboot: Unbreak tboot with PTI enabled + - [x86] mm/pti: Remove dead logic in pti_user_pagetable_walk*() + - [x86] cpu/AMD: Make LFENCE a serializing instruction + - [x86] cpu/AMD: Use LFENCE_RDTSC in preference to MFENCE_RDTSC + - [x86] alternatives: Fix optimize_nops() checking + - [x86] pti: Make unpoison of pgd for trusted boot work for real + - [x86] retpoline: Add initial retpoline support (partial mitigation of + CVE-2017-5715) + - [x86] spectre: Add boot time option to select Spectre v2 mitigation + - [x86] retpoline/crypto: Convert crypto assembler indirect jumps + - [x86] retpoline/entry: Convert entry assembler indirect jumps + - [x86] retpoline/ftrace: Convert ftrace assembler indirect jumps + - [x86] retpoline/hyperv: Convert assembler indirect jumps + - [x86] retpoline/xen: Convert Xen hypercall indirect jumps + - [x86] retpoline/checksum32: Convert assembler indirect jumps + - [x86] retpoline/irq32: Convert assembler indirect jumps + - [x86] retpoline: Fill return stack buffer on vmexit + - [x86] pti: Fix !PCID and sanitize defines + - [x86] perf: Disable intel_bts when PTI + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.15 + - tools/objtool/Makefile: don't assume sync-check.sh is executable + - objtool: Fix seg fault with clang-compiled objects + - objtool: Fix Clang enum conversion warning + - objtool: Fix seg fault caused by missing parameter + - [powerpc*] pseries: Add H_GET_CPU_CHARACTERISTICS flags & wrapper + - [powerpc*] 64: Add macros for annotating the destination of rfid/hrfid + - [powerpc*] 64s: Simple RFI macro conversions + - [powerpc*] 64: Convert the syscall exit path to use RFI_TO_USER/KERNEL + - [powerpc*] 64: Convert fast_exception_return to use RFI_TO_USER/KERNEL + - [powerpc*] 64s: Convert slb_miss_common to use RFI_TO_USER/KERNEL + - [powerpc*] 64s: Add support for RFI flush of L1-D cache + - [powerpc*] 64s: Support disabling RFI flush with no_rfi_flush and nopti + - [powerpc*] pseries: Query hypervisor for RFI flush settings + - [powerpc*] powernv: Check device-tree for RFI flush settings + - futex: Avoid violating the 10th rule of futex + - futex: Prevent overflow by strengthen input validation (CVE-2018-6927) + - ALSA: seq: Make ioctls race-free (CVE-2018-1000004) + - ALSA: pcm: Remove yet superfluous WARN_ON() + - ALSA: hda - Apply headphone noise quirk for another Dell XPS 13 variant + - ALSA: hda - Apply the existing quirk to iMac 14,1 + - IB/hfi1: Prevent a NULL dereference + - RDMA/mlx5: Fix out-of-bound access while querying AH + - timers: Unconditionally check deferrable base + - af_key: fix buffer overread in verify_address_len() + - af_key: fix buffer overread in parse_exthdrs() + - iser-target: Fix possible use-after-free in connection establishment + error + - delayacct: Account blkio completion on the correct task + - objtool: Fix seg fault with gold linker + - [armhf] mmc: sdhci-esdhc-imx: Fix i.MX53 eSDHCv3 clock + - [x86] kasan: Panic if there is not enough memory to boot + - [x86] retpoline: Fill RSB on context switch for affected CPUs + - [x86] retpoline: Add LFENCE to the retpoline/RSB filling RSB macros + - objtool: Improve error message for bad file argument + - [x86] cpufeature: Move processor tracing out of scattered features + - [x86] intel_rdt/cqm: Prevent use after free + - [x86] mm/pkeys: Fix fill_sig_info_pkey + - [x86] idt: Mark IDT tables __initconst + - [x86] tsc: Future-proof native_calibrate_tsc() + - [x86] tsc: Fix erroneous TSC rate on Skylake Xeon + - pipe: avoid round_pipe_size() nr_pages overflow on 32-bit + - [x86] apic/vector: Fix off by one in error path + - [x86] mm: Clean up register saving in the __enc_copy() assembly code + - [x86] mm: Use a struct to reduce parameters for SME PGD mapping + - [x86] mm: Centralize PMD flags in sme_encrypt_kernel() + - [x86] mm: Prepare sme_encrypt_kernel() for PAGE aligned encryption + - [armhf] OMAP3: hwmod_data: add missing module_offs for MMC3 + - [x86] mm: Encrypt the initrd earlier for BSP microcode update + - Input: ALPS - fix multi-touch decoding on SS4 plus touchpads + - Input: synaptics-rmi4 - prevent UAF reported by KASAN + - [armhf] Input: twl6040-vibra - fix child-node lookup + - [armhf] Input: twl4030-vibra - fix sibling-node lookup + - tracing: Fix converting enum's from the map in trace_event_eval_update() + - phy: work around 'phys' references to usb-nop-xceiv devices + - [arm64] dts: marvell: armada-cp110: Fix clock resources for various node + - [armhf] sunxi_defconfig: Enable CMA + - [armel] dts: kirkwood: fix pin-muxing of MPP7 on OpenBlocks A7 + - can: peak: fix potential bug in packet fragmentation + - can: af_can: can_rcv(): replace WARN_ONCE by pr_warn_once + - can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once + - i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA + - proc: fix coredump vs read /proc/*/stat race + - libata: apply MAX_SEC_1024 to all LITEON EP1 series devices + - workqueue: avoid hard lockups in show_workqueue_state() + - [x86] drm/vmwgfx: fix memory corruption with legacy/sou connectors + - dm btree: fix serious bug in btree_split_beneath() + - dm thin metadata: THIN_MAX_CONCURRENT_LOCKS should be 6 + - dm integrity: don't store cipher request on the stack + - dm crypt: fix crash by adding missing check for auth key size + - dm crypt: wipe kernel key copy after IV initialization + - dm crypt: fix error return code in crypt_ctr() + - [x86] x86: Use __nostackprotect for sme_encrypt_kernel + - [alpha] PCI: Fix noname IRQ level detection + - [mips*] CM: Drop WARN_ON(vp != 0) + - [arm*] KVM: Check pagesize when allocating a hugepage at Stage 2 + - [arm64] KVM: Fix SMCCC handling of unimplemented SMC/HVC calls + - [x86] mce: Make machine check speculation protected + - retpoline: Introduce start/end markers of indirect thunk + - [x86] kprobes: Blacklist indirect thunk functions for kprobes + - [x86] kprobes: Disable optimizing on the function jumps to indirect + thunk + - [x86] retpoline: Optimize inline assembler for vmexit_fill_RSB + - [x86] mm: Rework wbinvd, hlt operation in stop_this_cpu() + - mm, page_vma_mapped: Drop faulty pointer arithmetics in check_pte() + - [arm64, armhf] net: mvpp2: do not disable GMAC padding + - [mips]: AR7: ensure the port type's FCR value is used + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.16 + - mm, page_alloc: fix potential false positive in __zone_watermark_ok + - xfrm: Fix a race in the xdst pcpu cache. + - Input: xpad - add support for PDP Xbox One controllers + - Input: trackpoint - force 3 buttons if 0 button is reported + - Input: trackpoint - only expose supported controls for Elan, ALPS and + NXP + - Btrfs: fix stale entries in readdir + - [s390x] KVM: add proper locking for CMMA migration bitmap + - [arm*] net: bpf: avoid 'bx' instruction on non-Thumb capable CPUs + - [arm*] net: bpf: fix tail call jumps + - [arm*] net: bpf: fix stack alignment + - [arm*] net: bpf: move stack documentation + - [arm*] net: bpf: correct stack layout documentation + - [arm*] net: bpf: fix register saving + - [arm*] net: bpf: fix LDX instructions + - [arm*] net: bpf: clarify tail_call index + - [arm64,armhf] drm/vc4: Fix NULL pointer dereference in + vc4_save_hang_state() + - net: Allow neigh contructor functions ability to modify the primary_key + - ipv4: Make neigh lookup keys for loopback/point-to-point devices be + INADDR_ANY + - dccp: don't restart ccid2_hc_tx_rto_expire() if sk in closed state + - ipv6: Fix getsockopt() for sockets with default IPV6_AUTOFLOWLABEL + - ipv6: fix udpv6 sendmsg crash caused by too small MTU + - ipv6: ip6_make_skb() needs to clear cork.base.dst + - lan78xx: Fix failure in USB Full Speed + - net: igmp: fix source address check for IGMPv3 reports + - net: qdisc_pkt_len_init() should be more robust + - net: tcp: close sock if net namespace is exiting + - net/tls: Fix inverted error codes to avoid endless loop + - net: vrf: Add support for sends to local broadcast address + - pppoe: take ->needed_headroom of lower device into account on xmit + - r8169: fix memory corruption on retrieval of hardware statistics. + - sctp: do not allow the v4 socket to bind a v4mapped v6 address + - sctp: return error if the asoc has been peeled off in + sctp_wait_for_sndbuf + - tipc: fix a memory leak in tipc_nl_node_get_link() + - {net,ib}/mlx5: Don't disable local loopback multicast traffic when + needed + - net/mlx5: Fix get vector affinity helper function + - ppp: unlock all_ppp_mutex before registering device + - be2net: restore properly promisc mode after queues reconfiguration + - ip6_gre: init dev->mtu and dev->hard_header_len correctly + - gso: validate gso_type in GSO handlers + - tun: fix a memory leak for tfile->tx_array + - flow_dissector: properly cap thoff field + - sctp: reinit stream if stream outcnt has been change by sinit in sendmsg + - netlink: extack needs to be reset each time through loop + - net/mlx5e: Fix fixpoint divide exception in mlx5e_am_stats_compare + - nfp: use the correct index for link speed table + - netlink: reset extack earlier in netlink_rcv_skb + - net/tls: Only attach to sockets in ESTABLISHED state + - tls: fix sw_ctx leak + - tls: return -EBUSY if crypto_info is already set + - tls: reset crypto_info when do_tls_setsockopt_tx fails + - net: ipv4: Make "ip route get" match iif lo rules again. + - vmxnet3: repair memory leak + - perf/x86/amd/power: Do not load AMD power module on !AMD platforms + - [x86] microcode/intel: Extend BDW late-loading further with LLC size + check + - [x86] microcode: Fix again accessing initrd after having been freed + - [x86] mm/64: Fix vmapped stack syncing on very-large-memory 4-level + systems + - hrtimer: Reset hrtimer cpu base proper on CPU hotplug + - bpf: introduce BPF_JIT_ALWAYS_ON config + - bpf: fix divides by zero + - bpf: fix 32-bit divide by zero + - bpf: reject stores into ctx via st and xadd + - [arm64] bpf: fix stack_depth tracking in combination with tail calls + - cpufreq: governor: Ensure sufficiently large sampling intervals + - nfsd: auth: Fix gid sorting when rootsquash enabled (CVE-2018-1000028) + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.17 + - futex: Fix OWNER_DEAD fixup + - loop: fix concurrent lo_open/lo_release (CVE-2018-5344) + - [x86] KVM: Fix CPUID function for word 6 (80000001_ECX) + - gpio: Fix kernel stack leak to userspace + - ALSA: hda - Reduce the suspend time consumption for ALC256 + - crypto: ecdh - fix typo in KPP dependency of CRYPTO_ECDH + - [x86] crypto: aesni - handle zero length dst buffer + - [x86] crypto: aesni - fix typo in generic_gcmaes_decrypt + - crypto: gcm - add GCM IV size constant + - [x86] crypto: aesni - Use GCM IV size constant + - [x86] crypto: aesni - add wrapper for generic gcm(aes) + - [x86] crypto: aesni - Fix out-of-bounds access of the data buffer in + generic-gcm-aesni + - [x86] crypto: aesni - Fix out-of-bounds access of the AAD buffer in + generic-gcm-aesni + - [arm64] crypto: inside-secure - fix hash when length is a multiple of a + block + - [arm64] crypto: inside-secure - avoid unmapping DMA memory that was not + mapped + - crypto: sha3-generic - fixes for alignment and big endian operation + - crypto: af_alg - whitelist mask and type + - HID: wacom: EKR: ensure devres groups at higher indexes are released + - HID: wacom: Fix reporting of touch toggle (WACOM_HID_WD_MUTE_DEVICE) + events + - igb: Free IRQs when device is hotplugged + - ima/policy: fix parsing of fsuuid + - scsi: aacraid: Fix udev inquiry race condition + - scsi: aacraid: Fix hang in kdump + - VFS: Handle lazytime in do_mount() + - [arm64,armhf] drm/vc4: Account for interrupts in flight + - btrfs: Fix transaction abort during failure in btrfs_rm_dev_item + - Btrfs: bail out gracefully rather than BUG_ON + - cpupowerutils: bench - Fix cpu online check + - cpupower : Fix cpupower working when cpu0 is offline + - [x86] KVM: nVMX/nSVM: Don't intercept #UD when running L2 + - [x86] KVM: emulator: Return to user-mode on L1 CPL=0 emulation failure + - [x86] KVM: Don't re-execute instruction when not passing CR2 value + - [x86] KVM: Fix operand/address-size during instruction decoding + - [x86] KVM: nVMX: Fix mmu context after VMLAUNCH/VMRESUME failure + - [x86] KVM: fix em_fxstor() sleeping while in atomic + - [x86] KVM: ioapic: Fix level-triggered EOI and IOAPIC reconfigure race + - [x86] KVM: ioapic: Clear Remote IRR when entry is switched to + edge-triggered + - [x86] KVM: ioapic: Preserve read-only values in the redirection table + - [x86] KVM: nVMX: Fix vmx_check_nested_events() return value in case an + event was reinjected to L2 + - nvme-fabrics: introduce init command check for a queue that is not alive + - nvme-fc: check if queue is ready in queue_rq + - nvme-loop: check if queue is ready in queue_rq + - nvme-pci: disable APST on Samsung SSD 960 EVO + ASUS PRIME B350M-A + - nvme-pci: avoid hmb desc array idx out-of-bound when hmmaxd set. + - nvmet-fc: correct ref counting error when deferred rcv used + - [s390x] topology: fix compile error in file arch/s390/kernel/smp.c + - [s390x] zcrypt: Fix wrong comparison leading to strange load balancing + - ACPI / bus: Leave modalias empty for devices which are not present + - null_blk: fix dev->badblocks leak + - [s390x] fix alloc_pgste check in init_new_context again + - rxrpc: The mutex lock returned by rxrpc_accept_call() needs releasing + - rxrpc: Provide a different lockdep key for call->user_mutex for kernel + calls + - rxrpc: Fix service endpoint expiry + - bcache: check return value of register_shrinker + - drm/amdgpu: Fix SDMA load/unload sequence on HWS disabled mode + - [x86] drm/amdkfd: Fix SDMA ring buffer size calculation + - [x86] drm/amdkfd: Fix SDMA oversubsription handling + - uapi: fix linux/kfd_ioctl.h userspace compilation errors + - nvme-rdma: don't complete requests before a send work request has + completed + - openvswitch: fix the incorrect flow action alloc size + - [armhf] drm/rockchip: dw-mipi-dsi: fix possible un-balanced runtime PM + enable + - mac80211: use QoS NDP for AP probing + - mac80211: fix the update of path metric for RANN frame + - btrfs: fix deadlock when writing out space cache + - sctp: only allow the asoc reset when the asoc outq is empty + - sctp: avoid flushing unsent queue when doing asoc reset + - sctp: set sender next_tsn for the old result with ctsn_ack_point plus 1 + - reiserfs: remove unneeded i_version bump + - [x86] KVM: Fix softlockup when get the current kvmclock + - [x86] KVM: VMX: Fix rflags cache during vCPU reset + - Btrfs: fix list_add corruption and soft lockups in fsync + - KVM: Let KVM_SET_SIGNAL_MASK work as advertised + - xfs: always free inline data before resetting inode fork during ifree + - xfs: log recovery should replay deferred ops in order + - xen-netfront: remove warning when unloading module + - nfsd: CLOSE SHOULD return the invalid special stateid for NFSv4.x (x>0) + - nfsd: Ensure we check stateid validity in the seqid operation checks + - grace: replace BUG_ON by WARN_ONCE in exit_net hook + - nfsd: check for use of the closed special stateid + - race of lockd inetaddr notifiers vs nlmsvc_rqst change + - lockd: fix "list_add double add" caused by legacy signal interface + - quota: propagate error from __dquot_initialize + - [arm64,armhf] net: mvpp2: fix the txq_init error path + - [arm64] net: phy: marvell10g: fix the PHY id mask + - bnxt_en: Fix an error handling path in 'bnxt_get_module_eeprom()' + - Btrfs: incremental send, fix wrong unlink path after renaming file + - nvme-pci: fix NULL pointer dereference in nvme_free_host_mem() + - xfs: fortify xfs_alloc_buftarg error handling + - drm/amdgpu: don't try to move pinned BOs + - quota: Check for register_shrinker() failure. + - SUNRPC: Allow connect to return EHOSTUNREACH + - kmemleak: add scheduling point to kmemleak_scan() + - [armhf] drm/omap: Fix error handling path in 'omap_dmm_probe()' + - [armhf] drm/omap: displays: panel-dpi: add backlight dependency + - xfs: ubsan fixes + - xfs: Properly retry failed dquot items in case of error during buffer + writeback + - perf/core: Fix memory leak triggered by perf --namespace + - scsi: aacraid: Prevent crash in case of free interrupt during scsi EH + path + - scsi: ufs: ufshcd: fix potential NULL pointer dereference in + ufshcd_config_vreg + - iwlwifi: mvm: fix the TX queue hang timeout for MONITOR vif type + - iwlwifi: fix access to prph when transport is stopped + - [arm*] dts: NSP: Disable AHCI controller for HR NSP boards + - [arm*] ARM: dts: NSP: Fix PPI interrupt types + - media: usbtv: add a new usbid + - [x86] xen: Support early interrupts in xen pv guests + - usb: gadget: don't dereference g until after it has been null checked + - staging: rtl8188eu: Fix incorrect response to SIOCGIWESSID + - [arm64,armhf] drm/vc4: Move IRQ enable to PM path + - [x86] KVM: emulate #UD while in guest mode + - [x86] staging: lustre: separate a connection destroy from free struct + kib_conn + - tty: fix data race between tty_init_dev and flush of buf + - USB: serial: pl2303: new device id for Chilitag + - USB: cdc-acm: Do not log urb submission errors on disconnect + - CDC-ACM: apply quirk for card reader + - USB: serial: io_edgeport: fix possible sleep-in-atomic + - usbip: prevent bind loops on devices attached to vhci_hcd + - usbip: list: don't list devices attached to vhci_hcd + - USB: serial: simple: add Motorola Tetra driver + - usb: f_fs: Prevent gadget unbind if it is already unbound + - usb: uas: unconditionally bring back host after reset + - usb/gadget: Fix "high bandwidth" check in usb_gadget_ep_match_desc() + - [x86] mei: me: allow runtime pm for platform with D0i3 + - serial: 8250_of: fix return code when probe function fails to get reset + - serial: 8250_uniphier: fix error return code in uniphier_uart_probe() + - [armhf] serial: imx: Only wakeup via RTSDEN bit if the system has + RTS/CTS + - [armhf] spi: imx: do not access registers while clocks disabled + - iio: adc: stm32: fix scan of multiple channels with DMA + - iio: chemical: ccs811: Fix output of IIO_CONCENTRATION channels + - test_firmware: fix missing unlock on error in + config_num_requests_store() + - Input: synaptics-rmi4 - unmask F03 interrupts when port is opened + - Input: synaptics-rmi4 - do not delete interrupt memory too early + - [x86] efi: Clarify that reset attack mitigation needs appropriate + userspace + + [ Salvatore Bonaccorso ] + * [rt] Update to 4.14.15-rt11 + * [rt] Update to 4.14.15-rt13 + * crypto: ecc - Fix NULL pointer deref. on no default_rng (Closes: #886556) + * mac80211: Avoid ABI change in 4.14.17 + * rxrpc: Avoid ABI change in 4.14.17 + + [ Ben Hutchings ] + * bpf: Avoid ABI change in 4.14.14 + * usbip: Reduce USBIP_VHCI_HC_PORTS to 15, the maximum allowed for SuperSpeed + hubs (Closes: #878866) + * [x86] Add versioned build-dependency on gcc-7 for retpoline support + * [x86] linux-compiler-gcc-7-x86: Add versioned dependency on gcc-7 for + retpoline support + * linux-compiler-gcc-7-{arm,s390,x86}: Remove specific (and wrong) compiler + version from description (Closes: #883363) + * [x86] linux-headers: Depend on updated linux-compiler-gcc-7-x86 + + [ Riku Voipio ] + * [arm64] build in reset drivers + * [arm64] enable COMMON_CLK_HI655X so wifi and bluetooth work on Hikey + + -- Salvatore Bonaccorso <carnil@debian.org> Wed, 14 Feb 2018 06:56:06 +0100 + +linux (4.14.13-1) unstable; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.13 + - [x86] mm: Set MODULES_END to 0xffffffffff000000 + - [x86] mm: Map cpu_entry_area at the same place on 4/5 level + - [x86] kaslr: Fix the vaddr_end mess + - [x86] events/intel/ds: Use the proper cache flush method for mapping ds + buffers + - [x86] alternatives: Add missing '\n' at end of ALTERNATIVE inline asm + - [x86] pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN + - kernel/acct.c: fix the acct->needcheck check in check_free_space() + - mm/mprotect: add a cond_resched() inside change_pmd_range() + - mm/sparse.c: wrong allocation for mem_section + - userfaultfd: clear the vma->vm_userfaultfd_ctx if UFFD_EVENT_FORK fails + - btrfs: fix refcount_t usage when deleting btrfs_delayed_nodes + - efi/capsule-loader: Reinstate virtual capsule mapping + - [sparc*] crypto: n2 - cure use after free + - crypto: chacha20poly1305 - validate the digest size + - crypto: pcrypt - fix freeing pcrypt instances + - crypto: chelsio - select CRYPTO_GF128MUL + - [x86] drm/i915: Disable DC states around GMBUS on GLK + - [x86] drm/i915: Apply Display WA #1183 on skl, kbl, and cfl + - fscache: Fix the default for fscache_maybe_release_page() + - [x86] CPU: Avoid unnecessary IPIs in arch_freq_get_on_cpu() + - [x86] CPU: Always show current CPU frequency in /proc/cpuinfo + - kernel/signal.c: protect the traced SIGNAL_UNKILLABLE tasks from SIGKILL + - kernel/signal.c: protect the SIGNAL_UNKILLABLE tasks from + !sig_kernel_only() signals + - kernel/signal.c: remove the no longer needed SIGNAL_UNKILLABLE check in + complete_signal() + - [arm64] iommu/arm-smmu-v3: Don't free page table ops twice + - [arm64] iommu/arm-smmu-v3: Cope with duplicated Stream IDs + - [powerpc* ]mm: Fix SEGV on mapped region to return SEGV_ACCERR + - Input: elantech - add new icbody type 15 + - [x86] microcode/AMD: Add support for fam17h microcode loading + - apparmor: fix regression in mount mediation when feature set is pinned + - [hppa/parisc] Fix alignment of pa_tlb_lock in assembly on 32-bit SMP + kernel + - [hppa/parisc] qemu idle sleep support + - mtd: nand: pxa3xx: Fix READOOB implementation + - [s390x] KVM: fix cmma migration for multiple memory slots + - [s390x] KVM: prevent buffer overrun on memory hotplug during migration + + [ Salvatore Bonaccorso ] + * libsas: Disable asynchronous aborts for SATA devices + * drm/nouveau/disp/gf119: add missing drive vfunc ptr (Closes: #880660) + + [ Riku Voipio ] + * [arm64] disable CONFIG_HW_RANDOM_OMAP until the IRQ storm bug is fixed + + [ Ben Hutchings ] + * abiupdate.py: Add support for security mirrors + * Fix dependencies related to objtool (Closes: #886474): + - linux-headers: Add versioned dependency on linux-kbuild + - Revert "objtool: Fix CONFIG_STACK_VALIDATION=y warning for out-of-tree + modules" + + -- Ben Hutchings <ben@decadent.org.uk> Sun, 14 Jan 2018 19:45:05 +0000 + +linux (4.14.12-2) unstable; urgency=medium + + [ Ben Hutchings ] + * linux-kbuild: Add objtool + * linux-headers: Add symlink to linux-kbuild tools directory for objtool + + [ Salvatore Bonaccorso ] + * linux-headers: Add symlink to linux-kbuild tools directory for objtool in + architecture-specific headers package. + Thanks to Luca Boccassi (Closes: #886366) + + -- Salvatore Bonaccorso <carnil@debian.org> Sat, 06 Jan 2018 09:08:42 +0100 + +linux (4.14.12-1) unstable; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.8 + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.9 + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.10 + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.11 + - x86/cpufeatures: Add X86_BUG_CPU_INSECURE + - x86/mm/pti: Disable global pages if PAGE_TABLE_ISOLATION=y + - x86/mm/pti: Prepare the x86/entry assembly code for entry/exit CR3 + switching + - x86/mm/pti: Add infrastructure for page table isolation + - x86/pti: Add the pti= cmdline option and documentation + - x86/mm/pti: Add mapping helper functions + - x86/mm/pti: Allow NX poison to be set in p4d/pgd + - x86/mm/pti: Allocate a separate user PGD + - x86/mm/pti: Populate user PGD + - x86/mm/pti: Add functions to clone kernel PMDs + - x86/mm/pti: Force entry through trampoline when PTI active + - x86/mm/pti: Share cpu_entry_area with user space page tables + - x86/entry: Align entry text section to PMD boundary + - x86/mm/pti: Share entry text PMD + - x86/mm/pti: Map ESPFIX into user space + - x86/cpu_entry_area: Add debugstore entries to cpu_entry_area + - x86/events/intel/ds: Map debug buffers in cpu_entry_area + - x86/mm/64: Make a full PGD-entry size hole in the memory map + - x86/pti: Put the LDT in its own PGD if PTI is on + - x86/pti: Map the vsyscall page if needed + - x86/mm: Allow flushing for future ASID switches + - x86/mm: Abstract switching CR3 + - x86/mm: Use/Fix PCID to optimize user/kernel switches + - x86/mm: Optimize RESTORE_CR3 + - x86/mm: Use INVPCID for __native_flush_tlb_single() + - x86/mm: Clarify the whole ASID/kernel PCID/user PCID naming + - x86/dumpstack: Indicate in Oops whether PTI is configured and enabled + - x86/mm/pti: Add Kconfig + - net: Fix double free and memory corruption in get_net_ns_by_id() + (CVE-2017-15129) + * [amd64] Implement Kernel Page Table Isolation (KPTI, aka KAISER) + (CVE-2017-5754) + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.12 + - exec: Weaken dumpability for secureexec + - capabilities: fix buffer overread on very short xattr + - x86/cpu, x86/pti: Do not enable PTI on AMD processors + - x86/pti: Make sure the user/kernel PTEs match + - x86/dumpstack: Fix partial register dumps + - x86/dumpstack: Print registers for first stack frame + - x86/pti: Switch to kernel CR3 at early in entry_SYSCALL_compat() + - x86/process: Define cpu_tss_rw in same section as declaration + + [ Ben Hutchings ] + * e1000e: Fix e1000_check_for_copper_link_ich8lan return value. + (Closes: #885348) + + [ Vagrant Cascadian ] + * [arm64] Backport patch from linux-next to support SMP on tegra210 + systems. + + [ Salvatore Bonaccorso ] + * [rt] Update to 4.14.8-rt9 + * Bump ABI to 3 + * Revert "scsi: libsas: allow async aborts" + Fixes "Oops: NULL pointer dereference - RIP: + isci_task_abort_task+0x30/0x3e0 [isci]" (Closes: #882414) + * x86/tlb: Drop the _GPL from the cpu_tlbstate export + + -- Salvatore Bonaccorso <carnil@debian.org> Fri, 05 Jan 2018 21:20:26 +0100 + +linux (4.14.7-1) unstable; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.3 + - [s390x] fix transactional execution control register handling + - [s390x] noexec: execute kexec datamover without DAT + - [s390x] runtime instrumention: fix possible memory corruption + - [s390x] guarded storage: fix possible memory corruption + - [s390x] disassembler: add missing end marker for e7 table + - [s390x] disassembler: increase show_code buffer size + - ACPI / PM: Fix acpi_pm_notifier_lock vs flush_workqueue() deadlock + - ACPI / EC: Fix regression related to triggering source of EC event + handling + - cpufreq: schedutil: Reset cached_raw_freq when not in sync with next_freq + - serdev: fix registration of second slave + - sched: Make resched_cpu() unconditional + - lib/mpi: call cond_resched() from mpi_powm() loop + - [x86] boot: Fix boot failure when SMP MP-table is based at 0 + - [x86] decoder: Add new TEST instruction pattern + - [amd64] entry: Fix entry_SYSCALL_64_after_hwframe() IRQ tracing + - [x86] perf: intel: Hide TSX events when RTM is not supported + - [arm64] Implement arch-specific pte_access_permitted() + - [armhf/armmp-lpae] 8722/1: mm: make STRICT_KERNEL_RWX effective for LPAE + - [armhf/armmp-lpae] 8721/1: mm: dump: check hardware RO bit for LPAE + - uapi: fix linux/tls.h userspace compilation error + - uapi: fix linux/rxrpc.h userspace compilation errors + - [mips*/4kc-malta] cmpxchg64() and HAVE_VIRT_CPU_ACCOUNTING_GEN don't work + for 32-bit SMP + - [armhf,arm64] net: mvneta: fix handling of the Tx descriptor counter + - nbd: wait uninterruptible for the dead timeout + - nbd: don't start req until after the dead connection logic + - PM / OPP: Add missing of_node_put(np) + - PCI/ASPM: Account for downstream device's Port Common_Mode_Restore_Time + - PCI/ASPM: Use correct capability pointer to program LTR_L1.2_THRESHOLD + - [x86] PCI: hv: Use effective affinity mask + - [arm64] PCI: Set Cavium ACS capability quirk flags to assert RR/CR/SV/UF + - [arm64] PCI: Apply Cavium ThunderX ACS quirk to more Root Ports + - dm integrity: allow unaligned bv_offset + - dm cache: fix race condition in the writeback mode overwrite_bio + optimisation + - dm crypt: allow unaligned bv_offset + - dm zoned: ignore last smaller runt zone + - dm mpath: remove annoying message of 'blk_get_request() returned -11' + - dm bufio: fix integer overflow when limiting maximum cache size + - ovl: Put upperdentry if ovl_check_origin() fails + - dm: allocate struct mapped_device with kvzalloc + - sched/rt: Simplify the IPI based RT balancing logic + - dm: fix race between dm_get_from_kobject() and __dm_destroy() + - dm: discard support requires all targets in a table support discards + - [mips*] Fix odd fp register warnings with MIPS64r2 + - [mips*/4kc-malta] Fix MIPS64 FP save/restore on 32-bit kernels + - [mips*] dts: remove bogus bcm96358nb4ser.dtb from dtb-y entry + - [mips*] Fix an n32 core file generation regset support regression + - [mips*] math-emu: Fix final emulation phase for certain instructions + - rt2x00usb: mark device removed when get ENOENT usb error + - mm/z3fold.c: use kref to prevent page free/compact race + - autofs: don't fail mount for transient error + - nilfs2: fix race condition that causes file system corruption + - fscrypt: lock mutex before checking for bounce page pool + - eCryptfs: use after free in ecryptfs_release_messaging() + - libceph: don't WARN() if user tries to add invalid key + - bcache: check ca->alloc_thread initialized before wake up it + - fs: guard_bio_eod() needs to consider partitions + - fanotify: fix fsnotify_prepare_user_wait() failure + - isofs: fix timestamps beyond 2027 + - btrfs: change how we decide to commit transactions during flushing + - f2fs: expose some sectors to user in inline data or dentry case + - NFS: Fix typo in nomigration mount option + - NFS: Revert "NFS: Move the flock open mode check into nfs_flock()" + - nfs: Fix ugly referral attributes + - NFS: Avoid RCU usage in tracepoints + - NFS: revalidate "." etc correctly on "open". + - nfsd: deal with revoked delegations appropriately + - rtlwifi: rtl8192ee: Fix memory leak when loading firmware + - rtlwifi: fix uninitialized rtlhal->last_suspend_sec time + - iwlwifi: fix firmware names for 9000 and A000 series hw + - md: fix deadlock error in recent patch. + - md: don't check MD_SB_CHANGE_CLEAN in md_allow_write + - Bluetooth: btqcomsmd: Add support for BD address setup + - md/bitmap: revert a patch + - fsnotify: clean up fsnotify_prepare/finish_user_wait() + - fsnotify: pin both inode and vfsmount mark + - fsnotify: fix pinning group in fsnotify_prepare_user_wait() + - ata: fixes kernel crash while tracing ata_eh_link_autopsy event + - ext4: fix interaction between i_size, fallocate, and delalloc after a + crash + - ext4: prevent data corruption with inline data + DAX + - ext4: prevent data corruption with journaling + DAX + - ALSA: pcm: update tstamp only if audio_tstamp changed + - ALSA: usb-audio: Add sanity checks to FE parser + - ALSA: usb-audio: Fix potential out-of-bound access at parsing SU + - ALSA: usb-audio: Add sanity checks in v2 clock parsers + - ALSA: timer: Remove kernel warning at compat ioctl error paths + - ALSA: hda/realtek - Fix ALC275 no sound issue + - ALSA: hda: Fix too short HDMI/DP chmap reporting + - ALSA: hda - Fix yet remaining issue with vmaster 0dB initialization + - ALSA: hda/realtek - Fix ALC700 family no sound issue + - [x86] mfd: lpc_ich: Avoton/Rangeley uses SPI_BYT method + - fix a page leak in vhost_scsi_iov_to_sgl() error recovery + - 9p: Fix missing commas in mount options + - fs/9p: Compare qid.path in v9fs_test_inode + - net/9p: Switch to wait_event_killable() + - scsi: qla2xxx: Suppress a kernel complaint in qla_init_base_qpair() + - scsi: sd_zbc: Fix sd_zbc_read_zoned_characteristics() + - scsi: lpfc: fix pci hot plug crash in timer management routines + - scsi: lpfc: fix pci hot plug crash in list_add call + - scsi: lpfc: Fix crash receiving ELS while detaching driver + - scsi: lpfc: Fix FCP hba_wqidx assignment + - scsi: lpfc: Fix oops if nvmet_fc_register_targetport fails + - iscsi-target: Make TASK_REASSIGN use proper se_cmd->cmd_kref + - iscsi-target: Fix non-immediate TMR reference leak + - target: fix null pointer regression in core_tmr_drain_tmr_list + - target: fix buffer offset in core_scsi3_pri_read_full_status + - target: Fix QUEUE_FULL + SCSI task attribute handling + - target: Fix caw_sem leak in transport_generic_request_failure + - target: Fix quiese during transport_write_pending_qf endless loop + - target: Avoid early CMD_T_PRE_EXECUTE failures during ABORT_TASK + - mtd: Avoid probe failures when mtd->dbg.dfs_dir is invalid + - mtd: nand: atmel: Actually use the PM ops + - mtd: nand: omap2: Fix subpage write + - mtd: nand: Fix writing mtdoops to nand flash. + - mtd: nand: mtk: fix infinite ECC decode IRQ issue + - p54: don't unregister leds when they are not initialized + - block: Fix a race between blk_cleanup_queue() and timeout handling + - raid1: prevent freeze_array/wait_all_barriers deadlock + - genirq: Track whether the trigger type has been set + - [armhf,arm64] irqchip/gic-v3: Fix ppi-partitions lookup + - lockd: double unregister of inetaddr notifiers + - [powerpc*] KVM: Book3S HV: Don't call real-mode XICS hypercall handlers + if not enabled + - [x86] KVM: nVMX: set IDTR and GDTR limits when loading L1 host state + - [x86] KVM: SVM: obey guest PAT + - [x86] kvm: vmx: Reinstate support for CPUs without virtual NMI + (Closes: #884482) + - dax: fix PMD faults on zero-length files + - dax: fix general protection fault in dax_alloc_inode + - SUNRPC: Fix tracepoint storage issues with svc_recv and svc_rqst_status + - [armhf] clk: ti: dra7-atl-clock: fix child-node lookups + - libnvdimm, dimm: clear 'locked' status on successful DIMM enable + - libnvdimm, pfn: make 'resource' attribute only readable by root + - libnvdimm, namespace: fix label initialization to use valid seq numbers + - libnvdimm, region : make 'resource' attribute only readable by root + - libnvdimm, namespace: make 'resource' attribute only readable by root + - svcrdma: Preserve CB send buffer across retransmits + - IB/srpt: Do not accept invalid initiator port names + - IB/cm: Fix memory corruption in handling CM request + - IB/hfi1: Fix incorrect available receive user context count + - IB/srp: Avoid that a cable pull can trigger a kernel crash + - IB/core: Avoid crash on pkey enforcement failed in received MADs + - IB/core: Only maintain real QPs in the security lists + - NFC: fix device-allocation error return + - spi-nor: intel-spi: Fix broken software sequencing codes + - fm10k,i40e,i40evf,igb,igbvf,ixgbe,ixgbevf: Use smp_rmb rather than + read_barrier_depends + - [hppa] Fix validity check of pointer size argument in new CAS + implementation + - [powerpc*] Fix boot on BOOK3S_32 with CONFIG_STRICT_KERNEL_RWX + - [powerpc*] mm/radix: Fix crashes on Power9 DD1 with radix MMU and + STRICT_RWX + - [powerpc*] perf/imc: Use cpu_to_node() not topology_physical_package_id() + - [powerpc*] signal: Properly handle return value from uprobe_deny_signal() + - [powerpc*] 64s: Fix masking of SRR1 bits on instruction fault + - [powerpc*] 64s/radix: Fix 128TB-512TB virtual address boundary case + allocation + - [powerpc*] 64s/hash: Fix 512T hint detection to use >= 128T + - [powerpc*] 64s/hash: Fix 128TB-512TB virtual address boundary case + allocation + - [powerpc*] 64s/hash: Fix fork() with 512TB process address space + - [powerpc*] 64s/hash: Allow MAP_FIXED allocations to cross 128TB boundary + - media: Don't do DMA on stack for firmware upload in the AS102 driver + - media: rc: check for integer overflow + - media: rc: nec decoder should not send both repeat and keycode + - media: v4l2-ctrl: Fix flags field on Control events + - [arm64] media: venus: fix wrong size on dma_free + - [arm64] media: venus: venc: fix bytesused v4l2_plane field + - [arm64] media: venus: reimplement decoder stop command + - [arm64] dts: meson-gxl: Add alternate ARM Trusted Firmware reserved + memory zone + - iwlwifi: fix wrong struct for a000 device + - iwlwifi: fix PCI IDs and configuration mapping for 9000 series + - iwlwifi: mvm: support version 7 of the SCAN_REQ_UMAC FW command + - e1000e: Fix error path in link detection + - e1000e: Fix return value test + - e1000e: Separate signaling for link check/link up + - e1000e: Avoid receiver overrun interrupt bursts + - e1000e: fix buffer overrun while the I219 is processing DMA transactions + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.4 + - [x86]: platform: hp-wmi: Fix tablet mode detection for convertibles + - mm, memory_hotplug: do not back off draining pcp free pages from kworker + context + - mm, oom_reaper: gather each vma to prevent leaking TLB entry + - [armhf,arm64] mm/cma: fix alloc_contig_range ret code/potential leak + - mm: fix device-dax pud write-faults triggered by get_user_pages() + - mm, hugetlbfs: introduce ->split() to vm_operations_struct + - device-dax: implement ->split() to catch invalid munmap attempts + - mm: introduce get_user_pages_longterm + - mm: fail get_vaddr_frames() for filesystem-dax mappings + - v4l2: disable filesystem-dax mapping support + - IB/core: disable memory registration of filesystem-dax vmas + - exec: avoid RLIMIT_STACK races with prlimit() + - mm/madvise.c: fix madvise() infinite loop under special circumstances + - mm: migrate: fix an incorrect call of prep_transhuge_page() + - mm, memcg: fix mem_cgroup_swapout() for THPs + - fs/fat/inode.c: fix sb_rdonly() change + - autofs: revert "autofs: take more care to not update last_used on path + walk" + - autofs: revert "autofs: fix AT_NO_AUTOMOUNT not being honored" + - mm/hugetlb: fix NULL-pointer dereference on 5-level paging machine + - btrfs: clear space cache inode generation always + - nfsd: Fix stateid races between OPEN and CLOSE + - nfsd: Fix another OPEN stateid race + - nfsd: fix panic in posix_unblock_lock called from nfs4_laundromat + - crypto: algif_aead - skip SGL entries with NULL page + - crypto: af_alg - remove locking in async callback + - crypto: skcipher - Fix skcipher_walk_aead_common + - lockd: lost rollback of set_grace_period() in lockd_down_net() + - [s390x] revert ELF_ET_DYN_BASE base changes + - [armhf] drm: omapdrm: Fix DPI on platforms using the DSI VDDS + - [armhf] omapdrm: hdmi4: Correct the SoC revision matching + - [arm64] module-plts: factor out PLT generation code for ftrace + - [arm64] ftrace: emit ftrace-mod.o contents through code + - [powerpc*] powernv: Fix kexec crashes caused by tlbie tracing + - [powerpc*] kexec: Fix kexec/kdump in P9 guest kernels + - [x86] KVM: pvclock: Handle first-time write to pvclock-page contains + random junk + - [x86] KVM: Exit to user-mode on #UD intercept when emulator requires + - [x86] KVM: inject exceptions produced by x86_decode_insn + - [x86] KVM: lapic: Split out x2apic ldr calculation + - [x86] KVM: lapic: Fixup LDR on load in x2apic + - mmc: sdhci: Avoid swiotlb buffer being full + - mmc: block: Fix missing blk_put_request() + - mmc: block: Check return value of blk_get_request() + - mmc: core: Do not leave the block driver in a suspended state + - mmc: block: Ensure that debugfs files are removed + - mmc: core: prepend 0x to pre_eol_info entry in sysfs + - mmc: core: prepend 0x to OCR entry in sysfs + - ACPI / EC: Fix regression related to PM ops support in ECDT device + - eeprom: at24: fix reading from 24MAC402/24MAC602 + - eeprom: at24: correctly set the size for at24mac402 + - eeprom: at24: check at24_read/write arguments + - [alpha,x86] i2c: i801: Fix Failed to allocate irq -2147483648 error + - bcache: Fix building error on MIPS + - bcache: only permit to recovery read error when cache device is clean + - bcache: recover data from backing when data is clean + - hwmon: (jc42) optionally try to disable the SMBUS timeout + - nvme-pci: add quirk for delay before CHK RDY for WDC SN200 + - Revert "drm/radeon: dont switch vt on suspend" + - drm/amdgpu: potential uninitialized variable in amdgpu_vce_ring_parse_cs() + - drm/amdgpu: Potential uninitialized variable in + amdgpu_vm_update_directories() + - drm/amdgpu: correct reference clock value on vega10 + - drm/amdgpu: fix error handling in amdgpu_bo_do_create + - drm/amdgpu: Properly allocate VM invalidate eng v2 + - drm/amdgpu: Remove check which is not valid for certain VBIOS + - drm/ttm: fix ttm_bo_cleanup_refs_or_queue once more + - dma-buf: make reservation_object_copy_fences rcu save + - drm/amdgpu: reserve root PD while releasing it + - drm/ttm: Always and only destroy bo->ttm_resv in ttm_bo_release_list + - drm/vblank: Fix flip event vblank count + - drm/vblank: Tune drm_crtc_accurate_vblank_count() WARN down to a debug + - drm/tilcdc: Precalculate total frametime in tilcdc_crtc_set_mode() + - drm/radeon: fix atombios on big endian + - drm/panel: simple: Add missing panel_simple_unprepare() calls + - [arm64] drm/hisilicon: Ensure LDI regs are properly configured. + - drm/ttm: once more fix ttm_buffer_object_transfer + - drm/amd/pp: fix typecast error in powerplay. + - drm/fb_helper: Disable all crtc's when initial setup fails. + - drm/edid: Don't send non-zero YQ in AVI infoframe for HDMI 1.x sinks + - drm/amdgpu: move UVD/VCE and VCN structure out from union + - drm/amdgpu: Set adev->vcn.irq.num_types for VCN + - IB/core: Do not warn on lid conversions for OPA + - IB/hfi1: Do not warn on lid conversions for OPA + - e1000e: fix the use of magic numbers for buffer overrun issue + - md: forbid a RAID5 from having both a bitmap and a journal. + - [x86] drm/i915: Fix false-positive assert_rpm_wakelock_held in + i915_pmic_bus_access_notifier v2 + - [x86] drm/i915: Re-register PMIC bus access notifier on runtime resume + - [x86] drm/i915/fbdev: Serialise early hotplug events with async fbdev + config + - [x86] drm/i915/gvt: Correct ADDR_4K/2M/1G_MASK definition + - [x86] drm/i915: Don't try indexed reads to alternate slave addresses + - [x86] drm/i915: Prevent zero length "index" write + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.5 + - drm/amdgpu: Use unsigned ring indices in amdgpu_queue_mgr_map + - [s390x] runtime instrumentation: simplify task exit handling + - usbip: fix usbip attach to find a port that matches the requested speed + - usbip: Fix USB device hang due to wrong enabling of scatter-gather + - uas: Always apply US_FL_NO_ATA_1X quirk to Seagate devices + - usb: quirks: Add no-lpm quirk for KY-688 USB 3.1 Type-C Hub + - serial: 8250_early: Only set divisor if valid clk & baud + - [mips*] Add custom serial.h with BASE_BAUD override for generic kernel + - ima: fix hash algorithm initialization + - [s390x] vfio-ccw: Do not attempt to free no-op, test and tic cda. + - PM / Domains: Fix genpd to deal with drivers returning 1 from ->prepare() + - [s390x] pci: do not require AIS facility + - serial: 8250_fintek: Fix rs485 disablement on invalid ioctl() + - staging: rtl8188eu: avoid a null dereference on pmlmepriv + - [arm64] mmc: sdhci-msm: fix issue with power irq + - hwmon: (pmbus/core) Prevent unintentional setting of page to 0xFF + - perf/core: Fix __perf_read_group_add() locking + - [armhf] PCI: dra7xx: Create functional dependency between PCIe and PHY + - [x86] intel_rdt: Initialize bitmask of shareable resource if CDP enabled + - [x86] intel_rdt: Fix potential deadlock during resctrl mount + - serial: 8250: Preserve DLD[7:4] for PORT_XR17V35X + - kprobes: Use synchronize_rcu_tasks() for optprobe with CONFIG_PREEMPT=y + - [x86] entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt() + - [armhf,arm64] clocksource/drivers/arm_arch_timer: Validate CNTFRQ after + enabling frame + - [x86] EDAC, sb_edac: Fix missing break in switch + - [arm64] cpuidle: Correct driver unregistration if init fails + - usb: xhci: Return error when host is dead in xhci_disable_slot() + - [armel,armhf] sysrq : fix Show Regs call trace on ARM + - [sh4] serial: sh-sci: suppress warning for ports without dma channels + - [armhf] serial: imx: Update cached mctrl value when changing RTS + - [x86] kprobes: Disable preemption in ftrace-based jprobes + - [x86] locking/refcounts, asm: Use unique .text section for refcount + exceptions + - [s390x] ptrace: fix guarded storage regset handling + - perf tools: Fix leaking rec_argv in error cases + - mm, x86/mm: Fix performance regression in get_user_pages_fast() + - iio: adc: ti-ads1015: add 10% to conversion wait time + - iio: multiplexer: add NULL check on devm_kzalloc() and devm_kmemdup() + return values + - [x86] locking/refcounts, asm: Enable CONFIG_ARCH_HAS_REFCOUNT + - [powerpc*] jprobes: Disable preemption when triggered through ftrace + - [powerpc*] kprobes: Disable preemption before invoking probe handler for + optprobes + - usb: hub: Cycle HUB power when initialization fails + - [armhf,arm64] USB: ulpi: fix bus-node lookup + - xhci: Don't show incorrect WARN message about events for empty rings + - usb: xhci: fix panic in xhci_free_virt_devices_depth_first + - USB: core: Add type-specific length check of BOS descriptors + - USB: usbfs: Filter flags passed in from user space + - usb: host: fix incorrect updating of offset + - locking/refcounts: Do not force refcount_t usage as GPL-only export + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.6 + - usb: gadget: core: Fix ->udc_set_speed() speed handling + - serdev: ttyport: add missing receive_buf sanity checks + - serdev: ttyport: fix NULL-deref on hangup + - serdev: ttyport: fix tty locking in close + - usb: f_fs: Force Reserved1=1 in OS_DESC_EXT_COMPAT + - can: peak/pci: fix potential bug when probe() fails + - can: kvaser_usb: free buf in error paths + - can: kvaser_usb: Fix comparison bug in kvaser_usb_read_bulk_callback() + - can: kvaser_usb: ratelimit errors if incomplete messages are received + - can: kvaser_usb: cancel urb on -EPIPE and -EPROTO + - can: ems_usb: cancel urb on -EPIPE and -EPROTO + - can: esd_usb2: cancel urb on -EPIPE and -EPROTO + - can: usb_8dev: cancel urb on -EPIPE and -EPROTO + - can: peak/pcie_fd: fix potential bug in restarting tx queue + - virtio: release virtio index when fail to device_register + - [arm64] pinctrl: armada-37xx: Fix direction_output() callback behavior + - [x86] Drivers: hv: vmbus: Fix a rescind issue + - [x86] hv: kvp: Avoid reading past allocated blocks from KVP file + - firmware: vpd: Destroy vpd sections in remove function + - firmware: vpd: Tie firmware kobject to device lifetime + - firmware: vpd: Fix platform driver and device registration/unregistration + - scsi: dma-mapping: always provide dma_get_cache_alignment + - scsi: use dma_get_cache_alignment() as minimum DMA alignment + - scsi: libsas: align sata_device's rps_resp on a cacheline + - efi: Move some sysfs files to be read-only by root + - efi/esrt: Use memunmap() instead of kfree() to free the remapping + - ASN.1: fix out-of-bounds read when parsing indefinite length item + - ASN.1: check for error from ASN1_OP_END__ACT actions + - KEYS: add missing permission check for request_key() destination + (CVE-2017-17807) + - KEYS: reject NULL restriction string when type is specified + - X.509: reject invalid BIT STRING for subjectPublicKey + - X.509: fix comparisons of ->pkey_algo + - [x86] idt: Load idt early in start_secondary + - [x86] PCI: Make broadcom_postcore_init() check acpi_disabled + - [x86] KVM: fix APIC page invalidation + - btrfs: fix missing error return in btrfs_drop_snapshot + - btrfs: handle errors while updating refcounts in update_ref_for_cow + - ALSA: pcm: prevent UAF in snd_pcm_info + - ALSA: seq: Remove spurious WARN_ON() at timer check + - ALSA: usb-audio: Fix out-of-bound error + - ALSA: usb-audio: Add check return value for usb_string() + - [x86] iommu/vt-d: Fix scatterlist offset handling + - smp/hotplug: Move step CPUHP_AP_SMPCFD_DYING to the correct place + - [s390x] always save and restore all registers on context switch + - [s390x] mm: fix off-by-one bug in 5-level page table handling + - [s390x] fix compat system call table + - [s390x] KVM: Fix skey emulation permission check + - [powerpc*] Revert "powerpc: Do not call ppc_md.panic in fadump panic + notifier" + - [powerpc*] 64s: Initialize ISAv3 MMU registers before setting partition + table + - iwlwifi: mvm: mark MIC stripped MPDUs + - iwlwifi: mvm: don't use transmit queue hang detection when it is not + possible + - iwlwifi: mvm: flush queue before deleting ROC + - iwlwifi: mvm: fix packet injection + - iwlwifi: mvm: enable RX offloading with TKIP and WEP + - brcmfmac: change driver unbind order of the sdio function devices + - md/r5cache: move mddev_lock() out of r5c_journal_mode_set() + - [armhf] drm/bridge: analogix dp: Fix runtime PM state in get_modes() + callback + - [armhf] drm/exynos: gem: Drop NONCONTIG flag for buffers allocated + without IOMMU + - [x86] drm/i915: Fix vblank timestamp/frame counter jumps on gen2 + - media: dvb: i2c transfers over usb cannot be done from stack + - media: rc: sir_ir: detect presence of port + - media: rc: partial revert of "media: rc: per-protocol repeat period" + - [arm64] KVM: fix VTTBR_BADDR_MASK BUG_ON off-by-one + - [armhf] KVM: Fix VTTBR_BADDR_MASK BUG_ON off-by-one + - [x86] KVM: VMX: remove I/O port 0x80 bypass on Intel hosts + (CVE-2017-1000407) + - [armhf,arm64] KVM: Fix broken GICH_ELRSR big endian conversion + - [armhf,arm64] KVM: vgic-irqfd: Fix MSI entry allocation + - [armhf,arm64] KVM: vgic: Preserve the revious read from the pending table + - [armhf,arm64] KVM: vgic-its: Check result of allocation before use + - [arm64] fpsimd: Prevent registers leaking from dead tasks + - [arm64] SW PAN: Point saved ttbr0 at the zero page when switching to + init_mm + - [arm64] SW PAN: Update saved ttbr0 value on enter_lazy_tlb + - [armhf] Revert "ARM: dts: imx53: add srtc node" + - [armhf] bus: arm-cci: Fix use of smp_processor_id() in preemptible context + - IB/core: Only enforce security for InfiniBand + - [armel,armhf] BUG if jumping to usermode address in kernel mode + - [armel,armhf] avoid faulting on qemu + - [arm64] irqchip/qcom: Fix u32 comparison with value less than zero + - [powerpc*] perf: Fix pmu_count to count only nest imc pmus + - apparmor: fix leak of null profile name if profile allocation fails + - mac80211_hwsim: Fix memory leak in hwsim_new_radio_nl() + - gre6: use log_ecn_error module parameter in ip6_tnl_rcv() + - route: also update fnhe_genid when updating a route cache + - route: update fnhe_expires for redirect when the fnhe exists + - rsi: fix memory leak on buf and usb_reg_buf + - pipe: match pipe_max_size data type with procfs + - lib/genalloc.c: make the avail variable an atomic_long_t + - NFS: Fix a typo in nfs_rename() + - sunrpc: Fix rpc_task_begin trace point + - nfp: inherit the max_mtu from the PF netdev + - nfp: fix flower offload metadata flag usage + - xfs: fix forgotten rcu read unlock when skipping inode reclaim + - block: wake up all tasks blocked in get_request() + - [sparc64] mm: set fields in deferred pages + - zsmalloc: calling zs_map_object() from irq is a bug + - slub: fix sysfs duplicate filename creation when slub_debug=O + - sctp: do not free asoc when it is already dead in sctp_sendmsg + - sctp: use the right sk after waking up from wait_buf sleep + - fcntl: don't leak fd reference when fixup_compat_flock fails + - geneve: fix fill_info when link down + - bpf: fix lockdep splat + - [arm64] clk: qcom: common: fix legacy board-clock registration + - [arm64] clk: hi3660: fix incorrect uart3 clock freqency + - atm: horizon: Fix irq release error + - xfrm: Copy policy family in clone_policy + - f2fs: fix to clear FI_NO_PREALLOC + - bnxt_re: changing the ip address shouldn't affect new connections + - IB/mlx4: Increase maximal message size under UD QP + - IB/mlx5: Assign send CQ and recv CQ of UMR QP + - afs: Fix total-length calculation for multiple-page send + - afs: Connect up the CB.ProbeUuid + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.7 + - net: realtek: r8169: implement set_link_ksettings() + - [s390x] qeth: fix early exit from error path + - tipc: fix memory leak in tipc_accept_from_sock() + - vhost: fix skb leak in handle_rx() + - rds: Fix NULL pointer dereference in __rds_rdma_map + - sit: update frag_off info + - tcp: add tcp_v4_fill_cb()/tcp_v4_restore_cb() + - packet: fix crash in fanout_demux_rollover() + - net/packet: fix a race in packet_bind() and packet_notifier() + - tcp: remove buggy call to tcp_v6_restore_cb() + - usbnet: fix alignment for frames with no ethernet header + - net: remove hlist_nulls_add_tail_rcu() + - stmmac: reset last TSO segment size after device open + - tcp/dccp: block bh before arming time_wait timer + - [s390x] qeth: build max size GSO skbs on L2 devices + - [s390x] qeth: fix thinko in IPv4 multicast address tracking + - [s390x] qeth: fix GSO throughput regression + - tcp: use IPCB instead of TCP_SKB_CB in inet_exact_dif_match() + - tipc: call tipc_rcv() only if bearer is up in tipc_udp_recv() + - tcp: use current time in tcp_rcv_space_adjust() + - net: sched: cbq: create block for q->link.block + - tap: free skb if flags error + - tcp: when scheduling TLP, time of RTO should account for current ACK + - tun: free skb in early errors + - net: ipv6: Fixup device for anycast routes during copy + - tun: fix rcu_read_lock imbalance in tun_build_skb + - net: accept UFO datagrams from tuntap and packet + - net: openvswitch: datapath: fix data type in queue_gso_packets + - cls_bpf: don't decrement net's refcount when offload fails + - sctp: use right member as the param of list_for_each_entry + - ipmi: Stop timers before cleaning up the module + - usb: gadget: ffs: Forbid usb_ep_alloc_request from sleeping + - fcntl: don't cap l_start and l_end values for F_GETLK64 in compat syscall + - fix kcm_clone() + - [armhf,arm64] KVM: vgic-its: Preserve the revious read from the pending + table + - kbuild: do not call cc-option before KBUILD_CFLAGS initialization + - [powerpc*] powernv/idle: Round up latency and residency values + - ipvlan: fix ipv6 outbound device + - blk-mq: Avoid that request queue removal can trigger list corruption + - nvmet-rdma: update queue list during ib_device removal + - audit: Allow auditd to set pid to 0 to end auditing + - audit: ensure that 'audit=1' actually enables audit for PID 1 + - dm raid: fix panic when attempting to force a raid to sync + - md: free unused memory after bitmap resize + - RDMA/cxgb4: Annotate r2 and stag as __be32 + - [x86] intel_rdt: Fix potential deadlock during resctrl unmount + + [ Salvatore Bonaccorso ] + * Add ABI reference for 4.14.0-1 + * xen/time: do not decrease steal time after live migration on xen + (Closes: #871608) + * crypto: salsa20 - fix blkcipher_walk API usage (CVE-2017-17805) + * crypto: hmac - require that the underlying hash algorithm is unkeyed + (CVE-2017-17806) + + [ Vagrant Cascadian ] + * [armhf, arm64] Backport patches from 4.15.x to support dwmac-sun8i. + + [ Ben Hutchings ] + * [rt] Update to 4.14.6-rt7: + - hrtimer: account for migrated timers + - crypto: mcryptd: protect the per-CPU queue with a lock + - tracing: Update inter-event hist trigger support to v7: + + Rename virtual "$common_timestamp" field to "common_timestamp" + + Fix use-after-free in trigger removal + - mm/slub: close possible memory-leak in kmem_cache_alloc_bulk() + - crypto: limit more FPU-enabled sections + * dccp: CVE-2017-8824: use-after-free in DCCP code + * netfilter: nfnetlink_cthelper: Add missing permission checks + (CVE-2017-17448) + * netlink: Add netns check on taps (CVE-2017-17449) + * netfilter: xt_osf: Add missing permission checks (CVE-2017-17450) + * USB: core: prevent malicious bNumInterfaces overflow (CVE-2017-17558) + * net: ipv4: fix for a race condition in raw_sendmsg (CVE-2017-17712) + * media: dvb-usb-v2: lmedm04: Improve logic checking of warm start + (CVE-2017-16538) + * media: dvb-usb-v2: lmedm04: move ts2020 attach to dm04_lme2510_tuner + (CVE-2017-16538) + * media: hdpvr: Fix an error handling path in hdpvr_probe() (CVE-2017-16644) + * [armhf,arm64,x86] KVM: Fix stack-out-of-bounds read in write_mmio + (CVE-2017-17741) + * bluetooth: Prevent stack info leak from the EFS element. + (CVE-2017-1000410) + * bpf/verifier: Fix multiple security issues (Closes: #883558): + - encapsulate verifier log state into a structure + - move global verifier log into verifier environment + - fix branch pruning logic + - fix bounds calculation on BPF_RSH + - fix incorrect sign extension in check_alu_op() (CVE-2017-16995) + - fix incorrect tracking of register size truncation (CVE-2017-16996) + - fix 32-bit ALU op verification + - fix missing error return in check_stack_boundary() + - force strict alignment checks for stack pointers + - don't prune branches when a scalar is replaced with a pointer + - fix integer overflows + * Bump ABI to 2 + + -- Ben Hutchings <ben@decadent.org.uk> Fri, 22 Dec 2017 14:12:23 +0000 + +linux (4.14.2-1) unstable; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.1 + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.2 + - mm/pagewalk.c: report holes in hugetlb ranges (CVE-2017-16994) + + [ Ben Hutchings ] + * [rt] Update to 4.14-rt1 and reenable (Closes: #882192) + * i40e: Build for 32-bit targets again + - i40e/i40evf: organize and re-number feature flags + - i40e: fix flags declaration + - Revert "i40e: Build for 64-bit targets only" + * aufs: Update support patchset to aufs4.14-20171120 + * [armel] Change configuration to reduce image size (fixes FTBFS): + - Change CONNECTOR from built-in to module, and disable PROC_EVENTS + - Disable INTEGRITY and dependent options + - video: Disable USB_APPLEDISPLAY, BACKLIGHT_CLASS_DEVICE + * apparmor: fix oops in audit_signal_cb hook (regression in 4.14) + * leds: Enable LEDS_BRIGHTNESS_HW_CHANGED (Closes: #872862) + * [rt] Add new signing subkey for Steven Rostedt + * [rt] Update to 4.14.1-rt3 + * Set ABI to 1 + * mmap: Remember the MAP_FIXED flag as VM_FIXED + * [x86] mmap: Add an exception to the stack gap for Hotspot JVM compatibility + (Closes: #865303) + + [ Salvatore Bonaccorso ] + * mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d() + (CVE-2017-1000405) + + -- Ben Hutchings <ben@decadent.org.uk> Thu, 30 Nov 2017 12:33:47 +0000 + +linux (4.14-1~exp1) experimental; urgency=medium + + * New upstream release: https://kernelnewbies.org/Linux_4.14 + + [ Ben Hutchings ] + * debian/control: Set Rules-Requires-Root to no + * [armhf] drm: Enable DRM_SUN4I, DRM_SUN4I_HDMI, DRM_SUN4I_BACKEND, + DRM_SUN8I_MIXER as modules; and DRM_SUN4I_HDMI_CEC (Closes: #881570) + * media: dvb-core: always call invoke_release() in fe_free() + * dvb_frontend: don't use-after-free the frontend struct (CVE-2017-16648) + * Set ABI name to trunk + + [ Bastian Blank ] + * Enable CRYPTO_SHA3. + + [ Riku Voipio ] + * [arm64] enable generic server options. + - NUMA, ACPI_NUMA, CRASH_DUMP, VFIO, HOTPLUG_PCI, ACPI_CPPC_CPUFREQ, + MMC_SDHCI_ACPI, PL330_DMA + * [arm64] enable various server platform drivers + - NET_XGENE_V2, EDAC_THUNDERX, MMC_CAVIUM_THUNDER, + GPIO_XLP, I2C_XLP9XX, SPI_XLP, DRM_HISI_HIBMC, HISI_SAS_PCI, + GPIO_WATCHDOG, ARM_SP805_WATCHDOG, ARM_SBSA_WATCHDOG, DW_WATCHDOG + * [arm64] enable support for Marvell arm64 boards + - CRYPTO_DEV_MARVELL_CESA, MARVELL_PHY, MARVELL_10G_PHY, + PHY_MVEBU_CP110_COMPHY, RTC_DRV_MV, RTC_DRV_ARMADA38X, SPI_ARMADA_3700 + ARMADA_THERMAL, HW_RANDOM_OMAP, CRYPTO_DEV_SAFEXCE + * [arm64] 96boards Hikey and Dragonboard support + - PCIE_KIRIN, TEE, OPTEE, SND_I2S_HI6210_I2S, DRM_I2C_ADV7511_AUDIO, + CMA, USB_ISP176, USB_CHIPIDEA_ULPI, USB_DWC3_ULPI, NOP_USB_XCEIV + USB_ULPI, RPMSG_QCOM*, PHY_QCOM*, QCOM_IOMMU, QCOM_CLK*, etc + - SERIAL_DEV_BUS for HiKey bluetooth + * All options as modules when possible + + -- Ben Hutchings <ben@decadent.org.uk> Fri, 17 Nov 2017 00:16:15 +0000 + +linux (4.14~rc7-1~exp1) experimental; urgency=medium + + * New upstream release candidate + + [ Ben Hutchings ] + * [mips*] Increase RELOCATION_TABLE_SIZE to 0x00120000 (fixes FTBFS) + * debian/bin/gencontrol.py: Set encoding to UTF-8 globally + * [alpha] udeb: Remove empty fb-modules package (fixes FTBFS) + * [armel] udeb: Remove fbcon from fb-modules package + + [ Uwe Kleine-König ] + * [arm64] add BRCMFMAC_SDIO for wifi on Raspberry Pi 3 (Closes: #877911) + + [ Vagrant Cascadian ] + * Enable SQUASHFS_LZ4 in default config. + + -- Ben Hutchings <ben@decadent.org.uk> Mon, 30 Oct 2017 18:31:38 +0000 + +linux (4.14~rc5-1~exp1) experimental; urgency=medium + + * New upstream release candidate + + [ Ben Hutchings ] + * Update kconfig for 4.14: + - [alpha] fbdev: Re-enable FRAMEBUFFER_CONSOLE as built-in + - [armel] fbdev: Explicitly disable FRAMEBUFFER_CONSOLE, as it can no + longer be a module + - [arm64] Re-enable MMC_QCOM_DML + - Change RC_CORE back to being a module + - power/supply: Enable BATTERY_BQ27XXX and BATTERY_BQ27XXX_HDQ as modules, + replacing W1_SLAVE_BQ27000 + * net: Disable IRDA, which will soon be deleted upstream + * [mips*] Increase RELOCATION_TABLE_SIZE to 0x00110000 for all flavours + (fixes FTBFS) + * i40e: Build for 64-bit targets only (fixes FTBFS on hppa) + * Compile with gcc-7 on all architectures + + [ John Paul Adrian Glaubitz ] + * [m68k] udeb: Build ata-modules package, include libata + * [m68k] udeb: Add ide-cd_mod to cdrom-core-modules + * [m68k] udeb: Build ide-core-modules package, include ide-core + * [m68k] udeb: Build ide-modules package, include ide-gd_mod + * [m68k] udeb: Move old IDE drivers from pata-modules to ide-modules: + - buddha, falconide, gayle, macide, q40ide + * [m68k] udeb: Add missing SCSI drivers to scsi-modules: + - a2091, a3000, a4000t, bvme6000_scsi, gvp11, mvme16x_scsi, zorro7xx + * [m68k] Build uncompressed kernel image by default. + + [ Uwe Kleine-König ] + * media: drop explicit setting of DVB_MAX_ADAPTERS to follow upstream default + (Closes: #878846) + + -- Ben Hutchings <ben@decadent.org.uk> Tue, 17 Oct 2017 23:37:52 +0100 + +linux (4.14~rc3-1~exp1) experimental; urgency=medium + + * New upstream release candidate + + [ Ben Hutchings ] + * aufs: Update support patchset to aufs4.x-rcN-20171002 + + -- Ben Hutchings <ben@decadent.org.uk> Mon, 02 Oct 2017 04:47:08 +0100 + +linux (4.13.13-1) unstable; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.11 + - workqueue: replace pool->manager_arb mutex with a flag + - [x86] ALSA: hda/realtek - Add support for ALC236/ALC3204 + - [x86] ALSA: hda - fix headset mic problem for Dell machines with alc236 + - ceph: unlock dangling spinlock in try_flush_caps() + - [powerpc*] KVM: PPC: Fix oops when checking KVM_CAP_PPC_HTM + (CVE-2017-15306) + - [powerpc*] KVM: PPC: Book3S HV: POWER9 more doorbell fixes + - [powerpc*] KVM: PPC: Book3S: Protect kvmppc_gpa_to_ua() with SRCU + - [s390x] kvm: fix detection of guest machine checks + - nbd: handle interrupted sendmsg with a sndtimeo set + - spi: uapi: spidev: add missing ioctl header + - spi: a3700: Return correct value on timeout detection + - spi: bcm-qspi: Fix use after free in bcm_qspi_probe() in error path + - spi: armada-3700: Fix failing commands with quad-SPI + - ovl: add NULL check in ovl_alloc_inode + - ovl: fix EIO from lookup of non-indexed upper + - ovl: handle ENOENT on index lookup + - ovl: do not cleanup unsupported index entries + - fuse: fix READDIRPLUS skipping an entry + - xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap() + - xen: fix booting ballooned down hvm guest + - cifs: Select all required crypto modules + - CIFS: Fix NULL pointer deref on SMB2_tcon() failure + - Input: elan_i2c - add ELAN0611 to the ACPI table + - Input: gtco - fix potential out-of-bound access (CVE-2017-16643) + - Fix encryption labels and lengths for SMB3.1.1 + - SMB3: Validate negotiate request must always be signed + - assoc_array: Fix a buggy node-splitting case (CVE-2017-12193) + - [s390x] scsi: zfcp: fix erp_action use-before-initialize in REC action + trace + - scsi: aacraid: Fix controller initialization failure + - scsi: qla2xxx: Initialize Work element before requesting IRQs + - scsi: sg: Re-fix off by one in sg_fill_request_table() + - [x86] cpu/AMD: Apply the Erratum 688 fix when the BIOS doesn't + - [x86] drm/amd/powerplay: fix uninitialized variable + - [x86] drm/i915/perf: fix perf enable/disable ioctls with 32bits + userspace + - [armhf] can: sun4i: fix loopback mode + - can: kvaser_usb: Correct return value in printout + - can: kvaser_usb: Ignore CMD_FLUSH_QUEUE_REPLY messages + - cfg80211: fix connect/disconnect edge cases + - ipsec: Fix aborted xfrm policy dump crash + - [armhf] regulator: fan53555: fix I2C device ids (Closes: #879768) + - [powerpc*] xive: Fix the size of the cpumask used in + xive_find_target_in_mask() + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.12 + - ALSA: timer: Add missing mutex lock for compat ioctls + - ALSA: seq: Fix nested rwsem annotation for lockdep splat + - cifs: check MaxPathNameComponentLength != 0 before using it + (Closes: #880504) + - KEYS: return full count in keyring_read() if buffer is too small + - KEYS: trusted: fix writing past end of buffer in trusted_read() + - KEYS: fix out-of-bounds read during ASN.1 parsing + - ASoC: adau17x1: Workaround for noise bug in ADC + - virtio_blk: Fix an SG_IO regression + - [arm64] ensure __dump_instr() checks addr_limit + - [arm64] KVM: its: Fix missing dynamic allocation check in scan_its_table + - [armhf, arm64] KVM: set right LR register value for 32 bit guest when + inject abort + - [armhf,arm64] kvm: Disable branch profiling in HYP code + - [armhf] dts: mvebu: pl310-cache disable double-linefill + - drm/amdgpu: return -ENOENT from uvd 6.0 early init for harvesting + - drm/amdgpu: allow harvesting check for Polaris VCE + - userfaultfd: hugetlbfs: prevent UFFDIO_COPY to fill beyond the end of + i_size + - ocfs2: fstrim: Fix start offset of first cluster group during fstrim + - fs/hugetlbfs/inode.c: fix hwpoison reserve accounting + - mm, swap: fix race between swap count continuation operations + - [x86] drm/i915: Do not rely on wm preservation for ILK watermarks + - [x86] drm/i915/edp: read edp display control registers unconditionally + - [mips*] bpf: Fix a typo in build_one_insn() + - [mips*] smp-cmp: Use right include for task_struct + - [mips*] SMP: Fix deadlock & online race + - Revert "x86: do not use cpufreq_quick_get() for /proc/cpuinfo "cpu MHz"" + - [powerpc*] kprobes: Dereference function pointers only if the address + does not belong to kernel text + - futex: Fix more put_pi_state() vs. exit_pi_state_list() races + - perf/cgroup: Fix perf cgroup hierarchy support + - [x86] mcelog: Get rid of RCU remnants + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.13 + - netfilter: nat: Revert "netfilter: nat: convert nat bysrc hash to + rhashtable" + - netfilter: nft_set_hash: disable fast_ops for 2-len keys (Closes: #880145) + - workqueue: Fix NULL pointer dereference + - crypto: ccm - preserve the IV buffer + - [x86] crypto: sha1-mb - fix panic due to unaligned access + - [x86] crypto: sha256-mb - fix panic due to unaligned access + - KEYS: fix NULL pointer dereference during ASN.1 parsing [ver #2] + - [x86] ACPI / PM: Blacklist Low Power S0 Idle _DSM for Dell XPS13 9360 + - ACPICA: Dispatch active GPEs at init time + - ACPICA: Make it possible to enable runtime GPEs earlier + - ACPI / scan: Enable GPEs before scanning the namespace + - [armel,armhf] 8720/1: ensure dump_instr() checks addr_limit + - ALSA: timer: Limit max instances per timer + - ALSA: usb-audio: support new Amanero Combo384 firmware version + - [x86] ALSA: hda - fix headset mic problem for Dell machines with alc274 + - ALSA: seq: Fix OSS sysex delivery in OSS emulation + - ALSA: seq: Avoid invalid lockdep class warning + - [mips*] Fix CM region target definitions + - [powerpc*] KVM: Book3S HV: Fix exclusion between HPT resizing and other + HPT updates + - Input: elan_i2c - add ELAN060C to the ACPI table + - rbd: use GFP_NOIO for parent stat and data requests + - [x86] drm/vmwgfx: Fix Ubuntu 17.10 Wayland black screen issue + - [armhf] can: sun4i: handle overrun in RX FIFO + - can: peak: Add support for new PCIe/M2 CAN FD interfaces + - [x86] debug: Handle warnings before the notifier chain, to fix KGDB crash + - [x86] smpboot: Make optimization of delay calibration work correctly + - [x86] oprofile/ppro: Do not use __this_cpu*() in preemptible context + + [ Salvatore Bonaccorso ] + * mac80211: accept key reinstall without changing anything (CVE-2017-13080) + * sctp: do not peel off an assoc from one netns to another one + (CVE-2017-15115) + + [ Ben Hutchings ] + * linux-image: Recommend apparmor, as systemd units with an AppArmor + profile will fail without it (Closes: #880441) + * [powerpc*] kvm: Ignore ABI change in 4.13.6 (fixes FTBFS) + * swap: Avoid ABI change in 4.13.12 + * mac80211: use constant time comparison with keys + * mac80211: don't compare TKIP TX MIC key in reinstall prevention + * usb: usbtest: fix NULL pointer dereference (CVE-2017-16532) + * media: cx231xx-cards: fix NULL-deref on missing association descriptor + (CVE-2017-16536) + * media: imon: Fix null-ptr-deref in imon_probe (CVE-2017-16537) + * media: dib0700: fix invalid dvb_detach argument (CVE-2017-16646) + * net: usb: asix: fill null-ptr-deref in asix_suspend (CVE-2017-16647) + * net: cdc_ether: fix divide by 0 on bad descriptors (CVE-2017-16649) + * net: qmi_wwan: fix divide by 0 on bad descriptors (CVE-2017-16650) + * nftables: Enable NFT_RT, NFT_SET_BITMAP, NFT_OBJREF as modules + (Closes: #881931) + * [powerpc*/*64*] drm: Enable DRM_AMDGPU as module (Closes: #881593) + * amdgpu: Enable DRM_AMDGPU_USERPTR on all architectures + * amdgpu: Enable DRM_AMDGPU_SI, CONFIG_DRM_AMDGPU_CIK (Closes: #847570) + * [arm64,x86] net/wireless: Enable RTL8723BS as module (Closes: #881568) + * [arm64] nvmem: Enable NVMEM_SUNXI_SID as module (Closes: #881567) + * [x86] rmi4: Disable RMI4_SMB (Closes: #880471) + * ALSA: timer: Avoid ABI change in 4.13.13 + * netfilter: nat: Avoid ABI change in 4.13.13 + + -- Ben Hutchings <ben@decadent.org.uk> Thu, 16 Nov 2017 21:04:10 +0000 + +linux (4.13.10-1) unstable; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.5 + - cifs: check rsp for NULL before dereferencing in SMB2_open + - cifs: release cifs root_cred after exit_cifs + - cifs: release auth_key.response for reconnect. + - nvme-pci: fix host memory buffer allocation fallback + - nvme-pci: use appropriate initial chunk size for HMB allocation + - nvme-pci: propagate (some) errors from host memory buffer setup + - dax: remove the pmem_dax_ops->flush abstraction + - dm integrity: do not check integrity for failed read operations + - mmc: block: Fix incorrectly initialized requests + - fs/proc: Report eip/esp in /prod/PID/stat for coredumping + - scsi: scsi_transport_fc: fix NULL pointer dereference in + fc_bsg_job_timeout + - cifs: SMB3: Add support for multidialect negotiate (SMB2.1 and later) + - mac80211: fix VLAN handling with TXQs + - mac80211_hwsim: Use proper TX power + - mac80211: flush hw_roc_start work before cancelling the ROC + - genirq: Make sparse_irq_lock protect what it should protect + - genirq/msi: Fix populating multiple interrupts + - genirq: Fix cpumask check in __irq_startup_managed() + - [powerpc*] KVM: Book3S HV: Hold kvm->lock around call to + kvmppc_update_lpcr + - [powerpc*] KVM: Book3S HV: Fix bug causing host SLB to be restored + incorrectly + - [powerpc*] KVM: PPC: Book3S HV: Don't access XIVE PIPR register using + byte accesses + - tracing: Fix trace_pipe behavior for instance traces + - tracing: Erase irqsoff trace with empty write + - tracing: Remove RCU work arounds from stack tracer + - md/raid5: fix a race condition in stripe batch + - md/raid5: preserve STRIPE_ON_UNPLUG_LIST in break_stripe_batch_list + - scsi: aacraid: Fix 2T+ drives on SmartIOC-2000 + - scsi: aacraid: Add a small delay after IOP reset + - [armhf] drm/exynos: Fix locking in the suspend/resume paths + - [x86] drm/i915/gvt: Fix incorrect PCI BARs reporting + - Revert "drm/i915/bxt: Disable device ready before shutdown command" + - drm/amdgpu: revert tile table update for oland + - drm/radeon: disable hard reset in hibernate for APUs + - crypto: drbg - fix freeing of resources + - security/keys: properly zero out sensitive key material in big_key + - security/keys: rewrite all of big_key crypto + - KEYS: fix writing past end of user-supplied buffer in keyring_read() + - KEYS: prevent creating a different user's keyrings + - [x86] libnvdimm, namespace: fix btt claim class crash + - [powerpc*] eeh: Create PHB PEs after EEH is initialized + - [powerpc*] pseries: Fix parent_dn reference leak in add_dt_node() + - [powerpc*] tm: Flush TM only if CPU has TM feature + - [mips*] Fix perf event init + - [s390x] perf: fix bug when creating per-thread event + - [s390x] mm: make pmdp_invalidate() do invalidation only + - [s390x] mm: fix write access check in gup_huge_pmd() + - PM: core: Fix device_pm_check_callbacks() + - Revert "IB/ipoib: Update broadcast object if PKey value was changed in + index 0" + - cifs: Fix SMB3.1.1 guest authentication to Samba + - cifs: SMB3: Fix endian warning + - cifs: SMB3: Warn user if trying to sign connection that authenticated as + guest + - cifs: SMB: Validate negotiate (to protect against downgrade) even if + signing off + - cifs: SMB3: handle new statx fields + - cifs: SMB3: Don't ignore O_SYNC/O_DSYNC and O_DIRECT flags + - vfs: Return -ENXIO for negative SEEK_HOLE / SEEK_DATA offsets + - libceph: don't allow bidirectional swap of pg-upmap-items + - brd: fix overflow in __brd_direct_access + - gfs2: Fix debugfs glocks dump + - bsg-lib: don't free job in bsg_prepare_job + - iw_cxgb4: drop listen destroy replies if no ep found + - iw_cxgb4: remove the stid on listen create failure + - iw_cxgb4: put ep reference in pass_accept_req() + - rcu: Allow for page faults in NMI handlers + - mmc: sdhci-pci: Fix voltage switch for some Intel host controllers + - extable: Consolidate *kernel_text_address() functions + - extable: Enable RCU if it is not watching in kernel_text_address() + - seccomp: fix the usage of get/put_seccomp_filter() in seccomp_get_filter() + - [arm64] Make sure SPsel is always set + - [arm64] mm: Use READ_ONCE when dereferencing pointer to pte table + - [arm64] fault: Route pte translation faults via do_translation_fault + - [x86] KVM: VMX: extract __pi_post_block + - [x86] KVM: VMX: avoid double list add with VT-d posted interrupts + - [x86] KVM: VMX: simplify and fix vmx_vcpu_pi_load + - [x86] KVM: nVMX: fix HOST_CR3/HOST_CR4 cache + - [x86] kvm: Handle async PF in RCU read-side critical sections + - xfs: validate bdev support for DAX inode flag + - sched/sysctl: Check user input value of sysctl_sched_time_avg + - irq/generic-chip: Don't replace domain's name + - mtd: Fix partition alignment check on multi-erasesize devices + - [armhf] etnaviv: fix submit error path + - [armhf] etnaviv: fix gem object list corruption + - futex: Fix pi_state->owner serialization + - md: fix a race condition for flush request handling + - md: separate request handling + - PCI: Fix race condition with driver_override + - btrfs: fix NULL pointer dereference from free_reloc_roots() + - btrfs: clear ordered flag on cleaning up ordered extents + - btrfs: finish ordered extent cleaning if no progress is found + - btrfs: propagate error to btrfs_cmp_data_prepare caller + - btrfs: prevent to set invalid default subvolid + - [x86] platform: fujitsu-laptop: Don't oops when FUJ02E3 is not presnt + - PM / OPP: Call notifier without holding opp_table->lock + - [x86] mm: Fix fault error path using unsafe vma pointer + - [x86] fpu: Don't let userspace set bogus xcomp_bv (CVE-2017-15537) + - [x86] KVM: VMX: do not change SN bit in vmx_update_pi_irte() + - [x86] KVM: VMX: remove WARN_ON_ONCE in kvm_vcpu_trigger_posted_interrupt + - [x86] KVM: VMX: use cmpxchg64 + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.6 + - [armhf,arm64] usb: dwc3: ep0: fix DMA starvation by assigning req->trb on + ep0 + - mlxsw: spectrum: Fix EEPROM access in case of SFP/SFP+ + - net: bonding: Fix transmit load balancing in balance-alb mode if + specified by sysfs + - openvswitch: Fix an error handling path in + 'ovs_nla_init_match_and_action()' + - net: bonding: fix tlb_dynamic_lb default value + - net_sched: gen_estimator: fix scaling error in bytes/packets samples + - net: sched: fix use-after-free in tcf_action_destroy and tcf_del_walker + - sctp: potential read out of bounds in sctp_ulpevent_type_enabled() + - tcp: update skb->skb_mstamp more carefully + - bpf/verifier: reject BPF_ALU64|BPF_END + - tcp: fix data delivery rate + - udpv6: Fix the checksum computation when HW checksum does not apply + - ip6_gre: skb_push ipv6hdr before packing the header in ip6gre_header + - net: phy: Fix mask value write on gmii2rgmii converter speed register + - ip6_tunnel: do not allow loading ip6_tunnel if ipv6 is disabled in cmdline + - net/sched: cls_matchall: fix crash when used with classful qdisc + - 8139too: revisit napi_complete_done() usage + - bpf: do not disable/enable BH in bpf_map_free_id() + - tcp: fastopen: fix on syn-data transmit failure + - [powerpc*] net: emac: Fix napi poll list corruption + - net: ipv6: fix regression of no RTM_DELADDR sent after DAD failure + - packet: hold bind lock when rebinding to fanout hook (CVE-2017-15649) + - net: change skb->mac_header when Generic XDP calls adjust_head + - net_sched: always reset qdisc backlog in qdisc_reset() + - [armhf,arm64] net: stmmac: Cocci spatch "of_table" + - [arm64] net: qcom/emac: specify the correct size when mapping a DMA buffer + - vti: fix use after free in vti_tunnel_xmit/vti6_tnl_xmit + - l2tp: fix race condition in l2tp_tunnel_delete + - tun: bail out from tun_get_user() if the skb is empty + - [armhf,arm64] net: dsa: mv88e6xxx: Allow dsa and cpu ports in multiple + vlans + - [armhf,arm64] net: dsa: Fix network device registration order + - packet: in packet_do_bind, test fanout with bind_lock held (CVE-2017-15649) + - packet: only test po->has_vnet_hdr once in packet_snd + - [armhf,arm64] net: dsa: mv88e6xxx: lock mutex when freeing IRQs + - net: Set sk_prot_creator when cloning sockets to the right proto + - net/mlx5e: IPoIB, Fix access to invalid memory address + - netlink: do not proceed if dump's start() errs + - ip6_gre: ip6gre_tap device should keep dst + - ip6_tunnel: update mtu properly for ARPHRD_ETHER tunnel device in tx path + - IPv4: early demux can return an error code + - tipc: use only positive error codes in messages + - l2tp: fix l2tp_eth module loading + - socket, bpf: fix possible use after free + - net: rtnetlink: fix info leak in RTM_GETSTATS call + - [amd64] bpf: fix bpf_tail_call() x64 JIT + - usb: gadget: core: fix ->udc_set_speed() logic + - USB: gadgetfs: Fix crash caused by inadequate synchronization + - USB: gadgetfs: fix copy_to_user while holding spinlock + - usb: gadget: udc: atmel: set vbus irqflags explicitly + - usb-storage: unusual_devs entry to fix write-access regression for + Seagate external drives + - usb-storage: fix bogus hardware error messages for ATA pass-thru devices + - ALSA: usb-audio: Check out-of-bounds access by corrupted buffer descriptor + - usb: pci-quirks.c: Corrected timeout values used in handshake + - USB: cdc-wdm: ignore -EPIPE from GetEncapsulatedResponse + - USB: dummy-hcd: fix connection failures (wrong speed) + - USB: dummy-hcd: fix infinite-loop resubmission bug + - USB: dummy-hcd: Fix erroneous synchronization change + - USB: devio: Prevent integer overflow in proc_do_submiturb() + - USB: g_mass_storage: Fix deadlock when driver is unbound + - USB: uas: fix bug in handling of alternate settings + - USB: core: harden cdc_parse_cdc_header + - usb: Increase quirk delay for USB devices + - USB: fix out-of-bounds in usb_set_configuration + - usb: xhci: Free the right ring in xhci_add_endpoint() + - xhci: fix finding correct bus_state structure for USB 3.1 hosts + - xhci: fix wrong endpoint ESIT value shown in tracing + - usb: host: xhci-plat: allow sysdev to inherit from ACPI + - xhci: Fix sleeping with spin_lock_irq() held in ASmedia 1042A workaround + - xhci: set missing SuperSpeedPlus Link Protocol bit in roothub descriptor + - [x86] Revert "xhci: Limit USB2 port wake support for AMD Promontory hosts" + - [armhf] iio: adc: twl4030: Fix an error handling path in + 'twl4030_madc_probe()' + - [armhf] iio: adc: twl4030: Disable the vusb3v1 rugulator in the error + handling path of 'twl4030_madc_probe()' + - iio: core: Return error for failed read_reg + - uwb: properly check kthread_run return value + - uwb: ensure that endpoint is interrupt + - ksm: fix unlocked iteration over vmas in cmp_and_merge_page() + - mm, hugetlb, soft_offline: save compound page order before page migration + - mm, oom_reaper: skip mm structs with mmu notifiers + - mm: fix RODATA_TEST failure "rodata_test: test data was not read only" + - mm: avoid marking swap cached page as lazyfree + - mm: fix data corruption caused by lazyfree page + - userfaultfd: non-cooperative: fix fork use after free + - ALSA: compress: Remove unused variable + - Revert "ALSA: echoaudio: purge contradictions between dimension matrix + members and total number of members" + - ALSA: usx2y: Suppress kernel warning at page allocation failures + - [powerpc*] powernv: Increase memory block size to 1GB on radix + - [powerpc*] Fix action argument for cpufeatures-based TLB flush + - percpu: make this_cpu_generic_read() atomic w.r.t. interrupts + - [x86] intel_th: pci: Add Lewisburg PCH support + - driver core: platform: Don't read past the end of "driver_override" buffer + - cgroup: Reinit cgroup_taskset structure before cgroup_migrate_execute() + returns + - [x86] Drivers: hv: fcopy: restore correct transfer length + - [x86] vmbus: don't acquire the mutex in vmbus_hvsock_device_unregister() + - ftrace: Fix kmemleak in unregister_ftrace_graph + - ovl: fix error value printed in ovl_lookup_index() + - ovl: fix dput() of ERR_PTR in ovl_cleanup_index() + - ovl: fix dentry leak in ovl_indexdir_cleanup() + - ovl: fix missing unlock_rename() in ovl_do_copy_up() + - ovl: fix regression caused by exclusive upper/work dir protection + - [arm64] dt marvell: Fix AP806 system controller size + - [arm64] Ensure the instruction emulation is ready for userspace + - HID: rmi: Make sure the HID device is opened on resume + - HID: i2c-hid: allocate hid buffers for real worst case + - HID: wacom: leds: Don't try to control the EKR's read-only LEDs + - HID: wacom: Properly report negative values from Intuos Pro 2 Bluetooth + - HID: wacom: Correct coordinate system of touchring and pen twist + - HID: wacom: generic: Send MSC_SERIAL and ABS_MISC when leaving prox + - HID: wacom: generic: Clear ABS_MISC when tool leaves proximity + - HID: wacom: Always increment hdev refcount within wacom_get_hdev_data + - HID: wacom: bits shifted too much for 9th and 10th buttons + - btrfs: avoid overflow when sector_t is 32 bit + - Btrfs: fix overlap of fs_info::flags values + - dm crypt: reject sector_size feature if device length is not aligned to it + - dm ioctl: fix alignment of event number in the device list + - dm crypt: fix memory leak in crypt_ctr_cipher_old() + - [powerpc*] KVM: Book3S: Fix server always zero from kvmppc_xive_get_xive() + - [x86] kvm: Avoid async PF preempting the kernel incorrectly + - iwlwifi: mvm: use IWL_HCMD_NOCOPY for MCAST_FILTER_CMD + - scsi: sd: Implement blacklist option for WRITE SAME w/ UNMAP + - scsi: sd: Do not override max_sectors_kb sysfs setting + - brcmfmac: setup passive scan if requested by user-space + - [x86] drm/i915: always update ELD connector type after get modes + - [x86] drm/i915/bios: ignore HDMI on port A + - bsg-lib: fix use-after-free under memory-pressure + - nvme-pci: Use PCI bus address for data/queues in CMB + - mmc: core: add driver strength selection when selecting hs400es + - nl80211: Define policy for packet pattern attributes + - [armhf] clk: samsung: exynos4: Enable VPLL and EPLL clocks for + suspend/resume cycle + - udp: perform source validation for mcast early demux + - udp: fix bcast packet reception + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.7 + - watchdog: Revert "iTCO_wdt: all versions count down twice" + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.8 + - USB: dummy-hcd: Fix deadlock caused by disconnect detection + - [mips*] math-emu: Remove pr_err() calls from fpu_emu() + - [mips*] bpf: Fix uninitialised target compiler error + - [x86] mei: always use domain runtime pm callbacks. + - [armhf] dmaengine: edma: Align the memcpy acnt array size with the + transfer + - [armhf] dmaengine: ti-dma-crossbar: Fix possible race condition with + dma_inuse + - NFS: Fix uninitialized rpc_wait_queue + - nfs/filelayout: fix oops when freeing filelayout segment + - HID: usbhid: fix out-of-bounds bug + - crypto: skcipher - Fix crash on zero-length input + - crypto: shash - Fix zero-length shash ahash digest crash + - [x86] KVM: nVMX: fix guest CR4 loading when emulating L2 to L1 exit + - [x86] pinctrl/amd: Fix build dependency on pinmux code + - [x86] iommu/amd: Finish TLB flush in amd_iommu_unmap() + - device property: Track owner device of device property + - Revert "vmalloc: back off when the current task is killed" + - fs/mpage.c: fix mpage_writepage() for pages with buffers + - ALSA: usb-audio: Kill stray URB at exiting + - ALSA: seq: Fix copy_from_user() call inside lock + - ALSA: caiaq: Fix stray URB at probe error path + - ALSA: line6: Fix NULL dereference at podhd_disconnect() + - ALSA: line6: Fix missing initialization before error path + - ALSA: line6: Fix leftover URB at error-path during probe + - drm/atomic: Unref duplicated drm_atomic_state in + drm_atomic_helper_resume() + - [x86] drm/i915/edp: Get the Panel Power Off timestamp after panel is off + - [x86] drm/i915: Read timings from the correct transcoder in + intel_crtc_mode_get() + - [x86] drm/i915/bios: parse DDI ports also for CHV for HDMI DDC pin and DP + AUX channel + - [x86] drm/i915: Use crtc_state_is_legacy_gamma in intel_color_check + - usb: gadget: configfs: Fix memory leak of interface directory data + - usb: gadget: composite: Fix use-after-free in + usb_composite_overwrite_options + - [arm64] PCI: aardvark: Move to struct pci_host_bridge IRQ mapping + functions + - [armhf,armhf] Revert "PCI: tegra: Do not allocate MSI target memory" + - direct-io: Prevent NULL pointer access in submit_page_section + - fix unbalanced page refcounting in bio_map_user_iov (CVE-2017-12190) + - more bio_map_user_iov() leak fixes + - bio_copy_user_iov(): don't ignore ->iov_offset + - perf script: Add missing separator for "-F ip,brstack" (and brstackoff) + - genirq/cpuhotplug: Enforce affinity setting on startup of managed irqs + - genirq/cpuhotplug: Add sanity check for effective affinity mask + - USB: serial: cp210x: fix partnum regression + - USB: serial: console: fix use-after-free on disconnect + - USB: serial: console: fix use-after-free after failed setup + - RAS/CEC: Use the right length for "cec_disable" + - [x86] alternatives: Fix alt_max_short macro to really be a max() + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.9 + - [x86] apic: Silence "FW_BUG TSC_DEADLINE disabled due to Errata" on CPUs + without the feature + - [x86] apic: Silence "FW_BUG TSC_DEADLINE disabled due to Errata" on + hypervisors + - [armhf,arm64] perf pmu: Unbreak perf record for arm/arm64 with events + with explicit PMU + - mm: page_vma_mapped: ensure pmd is loaded with READ_ONCE outside of lock + - HID: hid-elecom: extend to fix descriptor for HUGE trackball + - [x86] Drivers: hv: vmbus: Fix rescind handling issues + - [x86] Drivers: hv: vmbus: Fix bugs in rescind handling + - [x86] vmbus: simplify hv_ringbuffer_read + - [x86] vmbus: refactor hv_signal_on_read + - [x86] vmbus: eliminate duplicate cached index + - [x86] vmbus: more host signalling avoidance + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.10 + - USB: core: fix out-of-bounds access bug in usb_get_bos_descriptor() + - usb: hub: Allow reset retry for USB2 devices on connect bounce + - ALSA: usb-audio: Add native DSD support for Pro-Ject Pre Box S2 Digital + - can: gs_usb: fix busy loop if no more TX context is available + - scsi: qla2xxx: Fix uninitialized work element + - nbd: don't set the device size until we're connected + - [s390x] cputime: fix guest/irq/softirq times after CPU hotplug + - [hppa/parisc] Fix double-word compare and exchange in LWS code on 32-bit + kernels + - [hppa] Fix detection of nonsynchronous cr16 cycle counters + - iio: dummy: events: Add missing break + - [armhf] usb: musb: sunxi: Explicitly release USB PHY on exit + - [armhf] USB: musb: fix session-bit runtime-PM quirk + - [armhf] USB: musb: fix late external abort on suspend + - [armhf] usb: musb: musb_cppi41: Fix the address of teardown and autoreq + registers + - [armhf] usb: musb: musb_cppi41: Fix cppi41_set_dma_mode() for DA8xx + - [armhf] usb: musb: musb_cppi41: Configure the number of channels for DA8xx + - [armhf] usb: musb: Check for host-mode using is_host_active() on reset + interrupt + - xhci: Identify USB 3.1 capable hosts by their port protocol capability + - xhci: Cleanup current_cmd in xhci_cleanup_command_queue() + - usb: xhci: Reset halted endpoint if trb is noop + - usb: xhci: Handle error condition in xhci_stop_device() + - can: esd_usb2: Fix can_dlc value for received RTR, frames + - can: af_can: can_pernet_init(): add missing error handling for kzalloc + returning NULL + - KEYS: encrypted: fix dereference of NULL user_key_payload + - mmc: sdhci-pci: Fix default d3_retune for Intel host controllers + - [x86] drm/i915: Use bdw_ddi_translations_fdi for Broadwell + - drm/nouveau/kms/nv50: fix oops during DP IRQ handling on non-MST boards + - drm/nouveau/bsp/g92: disable by default + - drm/nouveau/mmu: flush tlbs before deleting page tables + - media: cec: Respond to unregistered initiators, when applicable + - media: dvb: i2c transfers over usb cannot be done from stack + - ALSA: seq: Enable 'use' locking in all configurations + - ALSA: hda: Remove superfluous '-' added by printk conversion + - ALSA: hda: Abort capability probe at invalid register read + - [x86] i2c: ismt: Separate I2C block read from SMBus block read + - [x86] i2c: piix4: Fix SMBus port selection for AMD Family 17h chips + - Revert "tools/power turbostat: stop migrating, unless '-m'" + - brcmfmac: Add check for short event packets + - brcmsmac: make some local variables 'static const' to reduce stack size + - [armhf] dts: sun6i: Fix endpoint IDs in second display pipeline + - [i386] clockevents/drivers/cs5535: Improve resilience to spurious + interrupts + - rtlwifi: rtl8821ae: Fix connection lost problem + - [x86] microcode/intel: Disable late loading on model 79 + - lib/digsig: fix dereference of NULL user_key_payload + - fscrypt: fix dereference of NULL user_key_payload + - ecryptfs: fix dereference of NULL user_key_payload + - KEYS: Fix race between updating and finding a negative key + (CVE-2017-15951) + - FS-Cache: fix dereference of NULL user_key_payload + - KEYS: don't let add_key() update an uninstantiated key (CVE-2017-15299) + - pkcs7: Prevent NULL pointer dereference, since sinfo is not always set. + - [arm64] dts: rockchip: correct vqmmc voltage for rk3399 platforms + - ALSA: hda - Fix incorrect TLV callback check introduced during set_fs() + removal + - iomap_dio_rw: Allocate AIO completion queue before submitting dio + - xfs: don't unconditionally clear the reflink flag on zero-block files + - xfs: evict CoW fork extents when performing finsert/fcollapse + - fs/xfs: Use %pS printk format for direct addresses + - xfs: report zeroed or not correctly in xfs_zero_range() + - xfs: update i_size after unwritten conversion in dio completion + - xfs: perag initialization should only touch m_ag_max_usable for AG 0 + - xfs: Capture state of the right inode in xfs_iflush_done + - xfs: always swap the cow forks when swapping extents + - xfs: handle racy AIO in xfs_reflink_end_cow + - xfs: Don't log uninitialised fields in inode structures + - xfs: move more RT specific code under CONFIG_XFS_RT + - xfs: don't change inode mode if ACL update fails + - xfs: reinit btree pointer on attr tree inactivation walk + - xfs: handle error if xfs_btree_get_bufs fails + - xfs: cancel dirty pages on invalidation + - xfs: trim writepage mapping to within eof + - xfs: move two more RT specific functions into CONFIG_XFS_RT + + [ Ben Hutchings ] + * [arm64] brcmfmac: Enable BRCMFMAC_SDIO (Closes: #877911) + * Update build dependencies on libbabeltrace[,-ctf}-dev + * linux-kbuild: Include scripts/ld-version.sh, needed for powerpc 64-bit + modules + * dax: Avoid most ABI changes in 4.13.5 + * SCSI: Avoid ABI change in 4.13.6 + * [x86] kvm: Ignore ABI change in 4.13.6 + * inet, l2tp, snd-seq, usb/gadget: Ignore ABI changes + * [armel,armhf] mbus: Ignore ABI change in 4.13.10 + * Revert "bpf: one perf event close won't free bpf program attached ..." + to avoid an ABI change + * [armel] security: Enable SECURITY_APPARMOR and disable SECURITY_SELINUX + * security: Enable DEFAULT_SECURITY_APPARMOR + * mac80211: Avoid ABI change in 4.13.5 + * [x86] rmi4: Enable RMI4_SMB as module (Closes: #875621) + * KEYS: Limit ABI change in 4.13.10 + + -- Ben Hutchings <ben@decadent.org.uk> Mon, 30 Oct 2017 15:32:11 +0000 + +linux (4.13.4-2) unstable; urgency=medium + + [ Ben Hutchings ] + * [armhf,arm64] thermal: Enable BCM2835_THERMAL as module (Closes: #877699) + + [ Salvatore Bonaccorso ] + * brcmfmac: add length check in brcmf_cfg80211_escan_handler() + (CVE-2017-0786) + * [powerpc*] Use emergency stack for kernel TM Bad Thing program + (CVE-2017-1000255) + * [powerpc*] Fix illegal TM state in signal handler + * mac80211: fix deadlock in driver-managed RX BA session start. + Thanks to Eric Côté (Closes: #878092) + * KEYS: prevent KEYCTL_READ on negative key (CVE-2017-12192) + * waitid(): Add missing access_ok() checks (CVE-2017-5123) + * ALSA: seq: Fix use-after-free at creating a port (CVE-2017-15265) + * [x86] KVM: nVMX: update last_nonleaf_level when initializing nested EPT + (CVE-2017-12188) + * [x86] KVM: MMU: always terminate page walks at level 1 (CVE-2017-12188) + + -- Salvatore Bonaccorso <carnil@debian.org> Sun, 15 Oct 2017 08:57:36 +0200 + +linux (4.13.4-1) unstable; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.3 + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.4 + + [ Ben Hutchings ] + * [armhf,arm64] mmc: Enable MMC_BCM2835 (Closes: #845422) + * [arm64ilp32] Build a linux-libc-dev package (Closes: #874536) + * [mips*r6*] Re-enable these architectures, now that dak knows about them + (Closes: #825024) + * [x86] Enable INTEL_CHT_INT33FE as module (Closes: #873164) + * [armhf] Enable AXP20X_ADC, CHARGER_AXP20X, BATTERY_AXP20X, GPIO_AXP209, + AXP288_CHARGER, AXP288_FUEL_GAUGE, EXTCON_AXP288, AXP288_ADC as modules + (Closes: #873038) + * thp: Enable TRANSPARENT_HUGEPAGE_ALWAYS instead of + TRANSPARENT_HUGEPAGE_MADVISE + * ALSA: Enable SND_OSSEMUL, a new dependency of SND_{MIXER,PCM}_OSS + * [armel] rtc: Disable RTC_NVMEM + * [x86] hyperv-daemons: Use pid file name in init script status operation + * Update policy version to 4.1.1: + - linux-doc: Build an empty package when the nodoc profile is used + - [x86] hyperv-daemons: Create pid files under /run, not /var/run + - Change all binary packages with priority: extra to priority: optional + - Install copyright file (and some other documentation) when the nodoc + profile is used + * debian/control: Move many build dependencies to Build-Depends-Arch field + * debian/control: Remove obsolete workarounds and alternate build deps + * usbip: Stop building broken libusbip-dev package + * Rename lintian-overrides template files to be consistent + * linux-image-dbg: Override lintian errors binary-from-other-architecture and + shlib-without-PT_GNU_STACK-section for vDSOs + * [armhf] dts: exynos: Add dwc3 SUSPHY quirk (Closes: #843448) + * liblockdep: Make missing function declarations fatal errors, to catch use + of missing kernel APIs + * liblockdep: Define pr_cont() + * Set ABI to 1 + + [ Uwe Kleine-König ] + * [arm64] really enable NET_DSA_MV88E6XXX for Espressobin + + [ John Paul Adrian Glaubitz ] + * [m68k] Enable CONFIG_PATA_FALCON as module. + + [ Salvatore Bonaccorso ] + * fix infoleak in waitid(2) (CVE-2017-14954) + + -- Ben Hutchings <ben@decadent.org.uk> Sun, 01 Oct 2017 15:52:09 +0100 + +linux (4.13.2-1~exp1) experimental; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.2 + + [ Uwe Kleine-König ] + * USB/misc: reenable UCSI which got lost due to upstream changes + * update kernel config templates for upstream changes + * [amd64] enable CONFIG_SPI_PXA2XX for Apple MacBook Pro (Closes: #872004) + + -- Ben Hutchings <ben@decadent.org.uk> Tue, 19 Sep 2017 18:35:42 +0100 + +linux (4.13.1-1~exp1) experimental; urgency=medium + + * New upstream release: https://kernelnewbies.org/Linux_4.13 + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.1 + + [ Roger Shimizu ] + * debian/bin/buildcheck.py: + Add check for uncompressed Image size, which is necessary for + armel/marvell flavour currently. + + [ Ben Hutchings ] + * [mips*/octeon] mmc: Enable MMC_CAVIUM_OCTEON as module (Closes: #800594) + + [ Uwe Kleine-König ] + * [arm64] enable NET_DSA_MV88E6XXX for Espressobin. + + -- Ben Hutchings <ben@decadent.org.uk> Mon, 11 Sep 2017 05:40:04 +0100 + +linux (4.13~rc7-1~exp1) experimental; urgency=medium + + * New upstream release candidate + + [ Ben Hutchings ] + * [sh4] Do not use hyphen in exported variable names (fixes FTBFS) + * aufs: Update support patchset to aufs4.x-rcN-20170828 + + [ Roger Shimizu ] + * [armel] Disable CONFIG_STRICT_KERNEL_RWX, which will save about 3MB + on linux Image (before compression). (Closes: #870185) + * [armel] Change MTD_OF_PARTS, MTD_BLOCK, and MTD_PHYSMAP_OF from + built-in to modules. + Also change all RTC related except RTC_DRV_MV, which includes + RTC_DRV_DS1307, RTC_DRV_RS5C372, RTC_DRV_PCF8563, RTC_DRV_M41T80, + and RTC_DRV_S35390A, to modules. Because most marvell boards use + RTC_DRV_MV. (above two fix FTBFS) + + -- Ben Hutchings <ben@decadent.org.uk> Wed, 30 Aug 2017 20:39:57 +0100 + +linux (4.13~rc5-1~exp1) experimental; urgency=medium + + * New upstream release candidate + + [ Ben Hutchings ] + * cpupower: Add/update definition of MSRHEADER macro for turbostat and + x86_energy_perf_policy + * Remove support for upstream DocBook-based documentation, including the + linux-manual package + * liblockdep: Re-enable liblockdep packages following upstream fixes + + -- Ben Hutchings <ben@decadent.org.uk> Mon, 14 Aug 2017 23:20:50 +0100 + +linux (4.12.13-1) unstable; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.13 + - mtd: nand: make Samsung SLC NAND usable again + - mtd: nand: hynix: add support for 20nm NAND chips + - [armhf] mtd: nand: mxc: Fix mxc_v1 ooblayout + - nvme-fabrics: generate spec-compliant UUID NQNs + - btrfs: resume qgroup rescan on rw remount + - rtlwifi: btcoexist: Fix breakage of ant_sel for rtl8723be + - radix-tree: must check __radix_tree_preload() return value + - mm: kvfree the swap cluster info if the swap file is unsatisfactory + - mm/swapfile.c: fix swapon frontswap_map memory leak on error + - mm/memory.c: fix mem_cgroup_oom_disable() call missing + - [i386] ALSA: msnd: Optimize / harden DSP and MIDI loops + - [x86] KVM: SVM: Limit PFERR_NESTED_GUEST_PAGE error_code check to L1 guest + - rt2800: fix TX_PIN_CFG setting for non MT7620 chips + - Bluetooth: Properly check L2CAP config option output buffer length + (CVE-2017-1000251) (Closes: #875881) + - [arm64] dts: marvell: armada-37xx: Fix GIC maintenance interrupt + - [armel,armhf] 8692/1: mm: abort uaccess retries upon fatal signal + - NFS: Fix 2 use after free issues in the I/O code + - NFS: Sync the correct byte range during synchronous writes + - NFSv4: Fix up mirror allocation + - xfs: XFS_IS_REALTIME_INODE() should be false if no rt device present + (CVE-2017-14340) + + [ Salvatore Bonaccorso ] + * sctp: Avoid out-of-bounds reads from address storage (CVE-2017-7558) + * scsi: qla2xxx: Fix an integer overflow in sysfs code (CVE-2017-14051) + * Add ABI reference for 4.12.0-2 + + [ Ben Hutchings ] + * nl80211: check for the required netlink attributes presence (CVE-2017-12153) + * [x86] kvm: nVMX: Don't allow L2 to access the hardware CR8 (CVE-2017-12154) + * video: fbdev: aty: do not leak uninitialized padding in clk to userspace + (CVE-2017-14156) + * scsi: fix the issue that iscsi_if_rx doesn't parse nlmsg properly + (CVE-2017-14489) + * packet: Don't write vnet header beyond end of buffer (CVE-2017-14497) + * [x86] KVM: VMX: Do not BUG() on out-of-bounds guest IRQ (CVE-2017-1000252) + * nfs: Ignore ABI change + + -- Ben Hutchings <ben@decadent.org.uk> Tue, 19 Sep 2017 01:59:17 +0100 + +linux (4.12.12-2) unstable; urgency=medium + + * debian/source/lintian-overrides: Override license-problem-gfdl-invariants + error triggered by a ReSTified copy of the GFDL + + -- Ben Hutchings <ben@decadent.org.uk> Mon, 11 Sep 2017 04:35:28 +0100 + +linux (4.12.12-1) unstable; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.7 + - ppp: Fix false xmit recursion detect with two ppp devices + - ppp: fix xmit recursion detection on ppp channels + - tcp: avoid setting cwnd to invalid ssthresh after cwnd reduction states + - net: fix keepalive code vs TCP_FASTOPEN_CONNECT + - ipv6: set rt6i_protocol properly in the route when it is installed + - [s390x] bpf: fix jit branch offset related to ldimm64 + - net/mlx4_en: don't set CHECKSUM_COMPLETE on SCTP packets + - net: sched: set xt_tgchk_param par.net properly in ipt_init_target + - net: sched: set xt_tgchk_param par.nft_compat as 0 in ipt_init_target + - tcp: fastopen: tcp_connect() must refresh the route + - qmi_wwan: fix NULL deref on disconnect + - net: avoid skb_warn_bad_offload false positives on UFO + - igmp: Fix regression caused by igmp sysctl namespace code. + - scsi: sg: only check for dxfer_len greater than 256M + - btrfs: Remove false alert when fiemap range is smaller than on-disk + extent + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.8 + - mm: ratelimit PFNs busy info message + - mm: fix list corruptions on shmem shrinklist + - futex: Remove unnecessary warning from get_futex_key + - xfs: Fix leak of discard bio + - [armhf] pinctrl: armada-37xx: Fix number of pin in south bridge + - mtd: nand: Fix timing setup for NANDs that do not support SET FEATURES + - mtd: nand: Declare tBERS, tR and tPROG as u64 to avoid integer overflow + - iscsi-target: fix memory leak in iscsit_setup_text_cmd() + - iscsi-target: Fix iscsi_np reset hung task during parallel delete + - usb-storage: fix deadlock involving host lock and scsi_done + - target: Fix node_acl demo-mode + uncached dynamic shutdown regression + - fuse: initialize the flock flag in fuse_file on allocation + - i2c: designware: Some broken DSTDs use 1MiHz instead of 1MHz + - nand: fix wrong default oob layout for small pages using soft ecc + - mmc: mmc: correct the logic for setting HS400ES signal voltage + - nfs/flexfiles: fix leak of nfs4_ff_ds_version arrays + - [armhf] drm/etnaviv: Fix off-by-one error in reloc checking + - [x86] drm/i915: Fix out-of-bounds array access in bdw_load_gamma_lut + - [armhf] usb: musb: fix tx fifo flush handling again + - USB: hcd: Mark secondary HCD as dead if the primary one died + - [armhf] iio: accel: st_accel: add SPI-3wire support + - [x86] iio: accel: bmc150: Always restore device to normal mode after + suspend-resume + - iio: light: tsl2563: use correct event code + - staging: comedi: comedi_fops: do not call blocking ops when !TASK_RUNNING + - uas: Add US_FL_IGNORE_RESIDUE for Initio Corporation INIC-3069 + - firmware: fix batched requests - wake all waiters + - firmware: fix batched requests - send wake up on failure on direct lookups + - firmware: avoid invalid fallback aborts by using killable wait + - block: Make blk_mq_delay_kick_requeue_list() rerun the queue at a quiet + time + - USB: Check for dropped connection before switching to full speed + - usb: core: unlink urbs from the tail of the endpoint's urb_list + - usb: quirks: Add no-lpm quirk for Moshi USB to Ethernet Adapter + - usb:xhci:Add quirk for Certain failing HP keyboard on reset after resume + - PCI: Protect pci_error_handlers->reset_notify() usage with device_lock() + - xhci: Reset Renesas uPD72020x USB controller for 32-bit DMA issue + - pnfs/blocklayout: require 64-bit sector_t + - [x86] pinctrl: cherryview: Add Setzer models to the Chromebook DMI quirk + - [armhf] pinctrl: sunxi: add a missing function of A10/A20 pinctrl driver + - [x86] pinctrl: intel: merrifield: Correct UART pin lists + - [armhf] pinctrl: samsung: Remove bogus irq_[un]mask from resource + management + - [arm64] pinctrl: meson-gxbb: Add missing GPIODV_18 pin entry + - [arm64] pinctrl: meson-gxl: Add missing GPIODV_18 pin entry + - [mips*] Revert "MIPS: Don't unnecessarily include kmalloc.h into + <asm/cache.h>." + - [mips*/octeon] Fix broken EDAC driver. + - [ppc64el] Fix /proc/cpuinfo revision for POWER9 DD2 + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.9 + - audit: Fix use after free in audit_remove_watch_rule() + - [hppa] pci memory bar assignment fails with 64bit kernels on dino/cujo + - [x86] crypto: sha1 - Fix reads beyond the number of blocks passed + - [x86] drm/i915: Perform an invalidate prior to executing golden + renderstate + - drm/amdgpu: save list length when fence is signaled + - md: fix test in md_write_start() + - md: always clear ->safemode when md_check_recovery gets the mddev lock. + - MD: not clear ->safemode for external metadata array + - ALSA: seq: 2nd attempt at fixing race creating a queue + - ALSA: usb-audio: Apply sample rate quirk to Sennheiser headset + - ALSA: usb-audio: Add mute TLV for playback volumes on C-Media devices + - ALSA: usb-audio: add DSD support for new Amanero PID + - mm: discard memblock data later + - slub: fix per memcg cache leak on css offline + - mm: fix double mmap_sem unlock on MMF_UNSTABLE enforced SIGBUS + - mm/cma_debug.c: fix stack corruption due to sprintf usage + - mm/mempolicy: fix use after free when calling get_mempolicy + - mm/vmalloc.c: don't unconditonally use __GFP_HIGHMEM + - [amd64,arm64] mm: revert x86_64 and arm64 ELF_ET_DYN_BASE base changes + - xen: fix bio vec merging (CVE-2017-12134) (Closes: #866511) + - [armhf] ARM: dts: imx6qdl-nitrogen6_som2: fix PCIe reset + - blk-mq-pci: add a fallback when pci_irq_get_affinity returns NULL + - [powerpc*] Fix VSX enabling/flushing to also test MSR_FP and MSR_VEC + - xen-blkfront: use a right index when checking requests + - [x86] perf: Fix RDPMC vs. mm_struct tracking + - [amd64] asm: Clear AC on NMI entries + - [x86] Fix norandmaps/ADDR_NO_RANDOMIZE + - [x86] elf: Remove the unnecessary ADDR_NO_RANDOMIZE checks + - genirq: Restore trigger settings in irq_modify_status() + - genirq/ipi: Fixup checks against nr_cpu_ids + - kernel/watchdog: Prevent false positives with turbo modes + - Sanitize 'move_pages()' permission checks (CVE-2017-14140) + - pids: make task_tgid_nr_ns() safe + - debug: Fix WARN_ON_ONCE() for modules + - usb: optimize acpi companion search for usb port devices + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.10 + - [sparc64] remove unnecessary log message + - bonding: require speed/duplex only for 802.3ad, alb and tlb + - bonding: ratelimit failed speed/duplex update warning + - af_key: do not use GFP_KERNEL in atomic contexts + - dccp: purge write queue in dccp_destroy_sock() + - dccp: defer ccid_hc_tx_delete() at dismantle time + - ipv4: fix NULL dereference in free_fib_info_rcu() + - net_sched/sfq: update hierarchical backlog when drop packet + - net_sched: remove warning from qdisc_hash_add + - bpf: fix bpf_trace_printk on 32 bit archs + - net: igmp: Use ingress interface rather than vrf device + - openvswitch: fix skb_panic due to the incorrect actions attrlen + - ptr_ring: use kmalloc_array() + - ipv4: better IP_MAX_MTU enforcement + - nfp: fix infinite loop on umapping cleanup + - tun: handle register_netdevice() failures properly + - sctp: fully initialize the IPv6 address in sctp_v6_to_addr() + - tipc: fix use-after-free + - ipv6: reset fn->rr_ptr when replacing route + - ipv6: repair fib6 tree in failure case + - tcp: when rearming RTO, if RTO time is in past then fire RTO ASAP + - net/mlx4_core: Enable 4K UAR if SRIOV module parameter is not enabled + - irda: do not leak initialized list.dev to userspace + - net: sched: fix NULL pointer dereference when action calls some targets + - net_sched: fix order of queue length updates in qdisc_replace() + - bpf, verifier: add additional patterns to evaluate_reg_imm_alu + - bpf: fix mixed signed/unsigned derived min/max value bounds + - bpf/verifier: fix min/max handling in BPF_SUB + - Input: ALPS - fix two-finger scroll breakage in right side on ALPS + touchpad + - [s390x] KVM: sthyi: fix sthyi inline assembly + - [s390x] KVM: sthyi: fix specification exception detection + - [x86] KVM: simplify handling of PKRU + - [x86] KVM, pkeys: do not use PKRU value in vcpu->arch.guest_fpu.state + - [x86] KVM: block guest protection keys unless the host has them enabled + - ALSA: core: Fix unexpected error at replacing user TLV + - ALSA: firewire: fix NULL pointer dereference when releasing + uninitialized data of iso-resource + - ALSA: firewire-motu: destroy stream data surely at failure of card + initialization + - PM/hibernate: touch NMI watchdog when creating snapshot + - mm, shmem: fix handling /sys/kernel/mm/transparent_hugepage/shmem_enabled + - dax: fix deadlock due to misaligned PMD faults + - i2c: designware: Fix system suspend + - mm/madvise.c: fix freeing of locked page with MADV_FREE + - fork: fix incorrect fput of ->exe_file causing use-after-free + - mm/memblock.c: reversed logic in memblock_discard() + - [arm64] fpsimd: Prevent registers leaking across exec + - drm: Fix framebuffer leak + - drm: Release driver tracking before making the object available again + - [armhf] drm/sun4i: Implement drm_driver lastclose to restore fbdev + console + - drm/atomic: Handle -EDEADLK with out-fences correctly + - drm/atomic: If the atomic check fails, return its value first + - [x86] drm/i915/vbt: ignore extraneous child devices for a port + - [x86] drm/i915/gvt: Fix the kernel null pointer error + - Revert "drm/amdgpu: fix vblank_time when displays are off" + - ACPI: device property: Fix node lookup in + acpi_graph_get_child_prop_value() + - tracing: Call clear_boot_tracer() at lateinit_sync + - tracing: Missing error code in tracer_alloc_buffers() + - tracing: Fix kmemleak in tracing_map_array_free() + - tracing: Fix freeing of filter in create_filter() when set_str is false + - RDMA/uverbs: Initialize cq_context appropriately + - cifs: Fix df output for users with quota limits + - cifs: return ENAMETOOLONG for overlong names in + cifs_open()/cifs_lookup() + - nfsd: Limit end of page list when decoding NFSv4 WRITE + - ring-buffer: Have ring_buffer_alloc_read_page() return error on offline + CPU + - virtio_pci: fix cpu affinity support + - ftrace: Check for null ret_stack on profile function graph entry + function + - perf/core: Fix group {cpu,task} validation + - timers: Fix excessive granularity of new timers after a nohz idle + - [x86] mm: Fix use-after-free of ldt_struct + - net: sunrpc: svcsock: fix NULL-pointer exception + - netfilter: expect: fix crash when putting uninited expectation + - netfilter: nat: fix src map lookup + - netfilter: nfnetlink: Improve input length sanitization in nfnetlink_rcv + - Bluetooth: hidp: fix possible might sleep error in hidp_session_thread + - Bluetooth: cmtp: fix possible might sleep error in cmtp_session + - Bluetooth: bnep: fix possible might sleep error in bnep_session + - iio: hid-sensor-trigger: Fix the race with user space powering up + sensors + - iommu: Fix wrong freeing of iommu_device->dev + - Clarify (and fix) MAX_LFS_FILESIZE macros + - ACPI: EC: Fix regression related to wrong ECDT initialization order + - [powerpc*] mm: Ensure cpumask update is ordered + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.11 + - [arm64] mm: abort uaccess retries upon fatal signal + - [x86] io: Add "memory" clobber to insb/insw/insl/outsb/outsw/outsl + - [mips*] irqchip: mips-gic: SYNC after enabling GIC region + - Input: synaptics - fix device info appearing different on reconnect + - Input: xpad - fix PowerA init quirk for some gamepad models + - crypto: chacha20 - fix handling of chunked input + - [x86] i2c: ismt: Don't duplicate the receive length for block reads + - [x86] i2c: ismt: Return EMSGSIZE for block reads with bogus length + - crypto: algif_skcipher - only call put_page on referenced and used pages + - mm, uprobes: fix multiple free of ->uprobes_state.xol_area + - mm, madvise: ensure poisoned pages are removed from per-cpu lists + - ceph: fix readpage from fscache + - cpumask: fix spurious cpumask_of_node() on non-NUMA multi-node configs + - cpuset: Fix incorrect memory_pressure control file mapping + - CIFS: Fix maximum SMB2 header size + - CIFS: remove endian related sparse warning + - dm mpath: do not lock up a CPU with requeuing activity + - [x86] drm/vmwgfx: Fix F26 Wayland screen update issue + - [arm64, armhf] wl1251: add a missing spin_lock_init() + - [arm64] mmc: sdhci-xenon: add set_power callback + - lib/mpi: kunmap after finishing accessing buffer + - xfrm: policy: check policy direction value + - drm/ttm: Fix accounting error when fail to get pages for pool + - nvme: fix the definition of the doorbell buffer config support bit + - drm/nouveau/i2c/gf119-: add support for address-only transactions + - epoll: fix race between ep_poll_callback(POLLFREE) and + ep_free()/ep_remove() + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.12 + - usb: quirks: add delay init quirk for Corsair Strafe RGB keyboard + - USB: serial: option: add support for D-Link DWM-157 C1 + - usb: Add device quirk for Logitech HD Pro Webcam C920-C + - usb:xhci:Fix regression when ATI chipsets detected + - [armhf] USB: musb: fix external abort on suspend + - USB: core: Avoid race of async_completed() w/ usbdev_release() + - [x86] staging/rts5208: fix incorrect shift to extract upper nybble + - iio: adc: ti-ads1015: fix incorrect data rate setting update + - iio: adc: ti-ads1015: fix scale information for ADS1115 + - iio: adc: ti-ads1015: enable conversion when CONFIG_PM is not set + - iio: adc: ti-ads1015: avoid getting stale result after runtime resume + - iio: adc: ti-ads1015: don't return invalid value from buffer setup + callbacks + - iio: adc: ti-ads1015: add adequate wait time to get correct conversion + - driver core: bus: Fix a potential double free + - HID: wacom: Do not completely map WACOM_HID_WD_TOUCHRINGSTATUS usage + - [x86] intel_th: pci: Add Cannon Lake PCH-H support + - [x86] intel_th: pci: Add Cannon Lake PCH-LP support + - ath10k: fix memory leak in rx ring buffer allocation + - Input: trackpoint - assume 3 buttons when buttons detection fails + - rtlwifi: rtl_pci_probe: Fix fail path of _rtl_pci_find_adapter + - Bluetooth: Add support of 13d3:3494 RTL8723BE device + - iwlwifi: pci: add new PCI ID for 7265D + - dlm: avoid double-free on error path in dlm_device_{register,unregister} + - mwifiex: correct channel stat buffer overflows + - [s390x] mm: avoid empty zero pages for KVM guests to avoid postcopy + hangs + - [s390x] mm: fix BUG_ON in crst_table_upgrade + - drm/nouveau/pci/msi: disable MSI on big-endian platforms by default + - drm/nouveau: Fix error handling in nv50_disp_atomic_commit + - workqueue: Fix flag collision + - ahci: don't use MSI for devices with the silly Intel NVMe remapping + scheme + - cs5536: add support for IDE controller variant + - scsi: sg: protect against races between mmap() and SG_SET_RESERVED_SIZE + - scsi: sg: recheck MMAP_IO request length with lock held + - of/device: Prevent buffer overflow in of_device_modalias() + - rtlwifi: Fix memory leak when firmware request fails + - rtlwifi: Fix fallback firmware loading + + [ Ben Hutchings ] + * [alpha] udeb: Add i2c-modules (fixes FTBFS) + * cpupower: Add/update definition of MSRHEADER macro for turbostat and + x86_energy_perf_policy (Closes: #872414) + * Bump ABI to 2 + + [ Roger Shimizu ] + * [armel] Disable CONFIG_STRICT_KERNEL_RWX, which will save about 3MB + on linux Image (before compression). (Closes: #870185) + + [ Uwe Kleine-König ] + * mtd: nandsim: remove debugfs entries in error path + + -- Ben Hutchings <ben@decadent.org.uk> Sun, 10 Sep 2017 19:42:51 +0100 + +linux (4.12.6-1) unstable; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.3 + - brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx() + (CVE-2017-7541) + - [sparc64] Adding asm-prototypes.h for genksyms to generate crc + - [sparc64] sed regex in Makefile.build requires line break between + exported symbols + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.4 + - f2fs: sanity check checkpoint segno and blkoff (CVE-2017-10663) + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.5 + - dentry name snapshots (CVE-2017-7533) + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.6 + - saa7164: fix double fetch PCIe access condition (CVE-2017-8831) + - ipv6: avoid overflow of offset in ip6_find_1stfragopt (CVE-2017-7542) + + [ Ben Hutchings ] + * media: Enable USB_RAINSHADOW_CEC as module (see #868511) + * Clean up symbol version fixes for symbols exported from asm + (fixes FTBFS on sparc64): + - [alpha] Un-revert "alpha: move exports to actual definitions" + - [alpha] Restore symbol versions for symbols exported from assembly + - [m68k] Un-revert "m68k: move exports to definitions" + - [sparc64] Un-revert "sparc: move exports to definitions" + * [mips*/octeon] Fix broken EDAC driver (fixes FTBFS) + * [armhf] Revert "gpu: host1x: Add IOMMU support" + * [armhf] udeb: Replace imx-ipuv3-crtc with imxdrm in fb-modules + * [i386] perf tools: Fix unwind build (fixes FTBFS) + * debian/control: Fix version in dependencies on arch-independent + linux-headers-*-common* (Closes: #869511) + * xfrm: policy: check policy direction value (CVE-2017-11600) + * rtlwifi: Fix memory leak when firmware request fails + * rtlwifi: Fix fallback firmware loading (Closes: #869084) + * [arm64] video: Enable FRAMEBUFFER_CONSOLE (Closes: #870071) + * integrity: Enable INTEGRITY_SIGNATURE, INTEGRITY_ASYMMETRIC_KEYS + (Closes: #869565) + * [x86] sound: Enable SND_X86; enable HDMI_LPE_AUDIO as module + (Closes: #869372) + * blk-mq: Change MQ_IOSCHED_KYBER from built-in to module + * blk-mq: Enable IOSCHED_BFQ as module (Closes: #869028); enable + BFQ_GROUP_IOSCHED + * bfq: Enable auto-loading when built as a module + * netfilter: Enable NFT_FIB_IPV4, NFT_FIB_IPV6, NFT_FIB_INET as modules + (Closes: #868803) + * [amd64,arm64] mm: Revert x86_64 and arm64 ELF_ET_DYN_BASE base + (Closes: #869090) + + [ Salvatore Bonaccorso ] + * packet: fix tp_reserve race in packet_set_ring (CVE-2017-1000111) + * udp: consistently apply ufo or fragmentation (CVE-2017-1000112) + * Set ABI to 1 + + [ Uwe Kleine-König ] + * [arm64] enable MMC_SDHCI_XENON and MVNETA for Espressobin and enable + respective device in its device tree (Closes: #871049) + + [ Roger Shimizu ] + * [armel] Change NAND related stuff to modules (fixes FTBFS) + + -- Ben Hutchings <ben@decadent.org.uk> Sat, 12 Aug 2017 23:09:26 +0100 + +linux (4.12.2-1~exp1) experimental; urgency=medium + + * New upstream release: https://kernelnewbies.org/Linux_4.12 + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.1 + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.2 + + [ Ben Hutchings ] + * Add script to regenerate lockdown patch series from git + * [rt] Disable until it is updated for 4.12 or later + * scripts/mod: Update modpost wrapper for 4.12 + * Set ABI name to trunk + + -- Ben Hutchings <ben@decadent.org.uk> Tue, 18 Jul 2017 12:19:38 +0100 + +linux (4.11.11-1) unstable; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.7 + - fs: pass on flags in compat_writev + - configfs: Fix race between create_link and configfs_rmdir + - can: gs_usb: fix memory leak in gs_cmd_reset() + - ila_xlat: add missing hash secret initialization + - cpufreq: conservative: Allow down_threshold to take values from 1 to 10 + - vb2: Fix an off by one error in 'vb2_plane_vaddr' + - cec: race fix: don't return -ENONET in cec_receive() + - selinux: fix double free in selinux_parse_opts_str() + - mac80211: don't look at the PM bit of BAR frames + - mac80211/wpa: use constant time memory comparison for MACs + - [x86] drm/amdgpu: Fix overflow of watermark calcs at > 4k resolutions. + - [x86] drm/i915: Fix GVT-g PVINFO version compatibility check + - [x86] drm/i915: Fix scaling check for 90/270 degree plane rotation + - [x86] drm/i915: Do not sync RCU during shrinking + - mac80211: fix IBSS presp allocation size + - mac80211: strictly check mesh address extension mode + - mac80211: fix dropped counter in multiqueue RX + - mac80211: don't send SMPS action frame in AP mode when not needed + - [arm64, armhf] drm/vc4: Fix OOPSes from trying to cache a partially + constructed BO. + - serial: 8250_lpss: Unconditionally set PCI master for Quark + - [sh4] serial: sh-sci: Fix (AUTO)RTS in sci_init_pins() + - [sh4] serial: sh-sci: Fix late enablement of AUTORTS + - [x86] mm/32: Set the '__vmalloc_start_set' flag in initmem_init() + - [armhf] mfd: axp20x: Add support for dts property "xpowers,master-mode" + - [armhf] dt-bindings: mfd: axp20x: Add "xpowers,master-mode" property for + AXP806 PMICs + - [powerpc] mm: Add physical address to Linux page table dump + - staging: rtl8188eu: prevent an underflow in rtw_check_beacon_data() + - [armhf] iio: adc: ti_am335x_adc: allocating too much in probe + - [x86] ALSA: hda: Add Geminilake id to SKL_PLUS + - ALSA: usb-audio: fix Amanero Combo384 quirk on big-endian hosts + - USB: hub: fix SS max number of ports + - usb: core: fix potential memory leak in error path during hcd creation + - [x86] USB: usbip: fix nonconforming hub descriptor + - [arm64, armhf] usb: dwc3: gadget: Fix ISO transfer performance + - pvrusb2: reduce stack usage pvr2_eeprom_analyze() + - USB: gadget: dummy_hcd: fix hub-descriptor removable fields + - coda: restore original firmware locations + - usb: xhci: Fix USB 3.1 supported protocol parsing + - usb: xhci: ASMedia ASM1042A chipset need shorts TX quirk + - USB: gadget: fix GPF in gadgetfs + - USB: gadgetfs, dummy-hcd, net2280: fix locking for callbacks + - mm/memory-failure.c: use compound_head() flags for huge pages + - swap: cond_resched in swap_cgroup_prepare() + - mm: numa: avoid waiting on freed migrated pages + - userfaultfd: shmem: handle coredumping in handle_userfault() + - sched/core: Idle_task_exit() shouldn't use switch_mm_irqs_off() + - genirq: Release resources in __setup_irq() error path + - alarmtimer: Prevent overflow of relative timers + - alarmtimer: Rate limit periodic intervals + - virtio_balloon: disable VIOMMU support + - [mips*] Fix bnezc/jialc return address calculation + - [mips*] .its targets depend on vmlinux + - [sparc*] crypto: Work around deallocated stack frame reference gcc bug + on sparc. + - [armhf] dts: am335x-sl50: Fix card detect pin for mmc1 + - [armhf] dts: am335x-sl50: Fix cannot claim requested pins for spi0 + - mm: larger stack guard gap, between vmas + - Allow stack to grow up to address space limit + - mm: fix new crash in unmapped_area_topdown() + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.8 + - [armhf] clk: sunxi-ng: a31: Correct lcd1-ch1 clock register offset + - [armhf] clk: sunxi-ng: v3s: Fix usb otg device reset bit + - [armhf] clk: sunxi-ng: sun5i: Fix ahb_bist_clk definition + - xen/blkback: fix disconnect while I/Os in flight + - xen-blkback: don't leak stack data via response ring (XSA-216, + CVE-2017-10911) + - ALSA: firewire-lib: Fix stall of process context at packet error + - ALSA: pcm: Don't treat NULL chmap as a fatal error + - ALSA: hda - Add Coffelake PCI ID + - ALSA: hda - Apply quirks to Broxton-T, too + - fs/exec.c: account for argv/envp pointers (CVE-2017-1000365) + - [powerpc] perf: Fix oops when kthread execs user process + - autofs: sanity check status reported with AUTOFS_DEV_IOCTL_FAIL + - fs/dax.c: fix inefficiency in dax_writeback_mapping_range() + - lib/cmdline.c: fix get_options() overflow while parsing ranges + - [x86] perf/x86/intel: Add 1G DTLB load/store miss support for SKL + - perf probe: Fix probe definition for inlined functions + - [x86] KVM: fix singlestepping over syscall (CVE-2017-7518) + - [s390x] KVM gaccess: fix real-space designation asce handling for gmap + shadows + - [powerpc*] KVM: Book3S HV: Cope with host using large decrementer mode + - [powerpc*] KVM: Book3S HV: Preserve userspace HTM state properly + - [powerpc*] KVM: Book3S HV: Ignore timebase offset on POWER9 DD1 + - [powerpc*] KVM: Book3S HV: Context-switch EBB registers properly + - [powerpc*] KVM: Book3S HV: Restore critical SPRs to host values on guest + exit + - [powerpc*] KVM: Book3S HV: Save/restore host values of debug registers + - CIFS: Improve readdir verbosity + - CIFS: Fix some return values in case of error in 'crypt_message' + - cxgb4: notify uP to route ctrlq compl to rdma rspq + - HID: Add quirk for Dell PIXART OEM mouse + - random: silence compiler warnings and fix race + - signal: Only reschedule timers on signals timers have sent + - [powerpc] kprobes: Pause function_graph tracing during jprobes handling + - ]powerpc*] 64s: Handle data breakpoints in Radix mode + - Input: i8042 - add Fujitsu Lifebook AH544 to notimeout list + - brcmfmac: add parameter to pass error code in firmware callback + - brcmfmac: use firmware callback upon failure to load + - brcmfmac: unbind all devices upon failure in firmware callback + - time: Fix clock->read(clock) race around clocksource changes + - time: Fix CLOCK_MONOTONIC_RAW sub-nanosecond accounting + - [arm64] vdso: Fix nsec handling for CLOCK_MONOTONIC_RAW + - target: Fix kref->refcount underflow in transport_cmd_finish_abort + - iscsi-target: Fix delayed logout processing greater than + SECONDS_FOR_LOGOUT_COMP + - iscsi-target: Reject immediate data underflow larger than SCSI transfer + length + - drm/radeon: add a PX quirk for another K53TK variant + - drm/radeon: add a quirk for Toshiba Satellite L20-183 + - [x86] drm/amdgpu/atom: fix ps allocation size for EnableDispPowerGating + - [x86] drm/amdgpu: adjust default display clock + - [x86] drm/amdgpu: add Polaris12 DID + - ACPI / scan: Apply default enumeration to devices with ACPI drivers + - ACPI / scan: Fix enumeration for special SPI and I2C devices + - rxrpc: Fix several cases where a padded len isn't checked in ticket + decode (CVE-2017-7482) + - drm: Fix GETCONNECTOR regression + - usb: gadget: f_fs: avoid out of bounds access on comp_desc + - spi: double time out tolerance + - net: phy: fix marvell phy status reading + - netfilter: xtables: zero padding in data_to_user + - netfilter: xtables: fix build failure from COMPAT_XT_ALIGN outside + CONFIG_COMPAT + - brcmfmac: fix uninitialized warning in brcmf_usb_probe_phase2() + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.9 + - net: don't call strlen on non-terminated string in dev_set_alias() + - net: Fix inconsistent teardown and release of private netdev state. + - [s390x] net: fix up for "Fix inconsistent teardown and release of + private netdev state" + - mac80211: free netdev on dev_alloc_name() error + - decnet: dn_rtmsg: Improve input length sanitization in + dnrmg_receive_user_skb + - net: Zero ifla_vf_info in rtnl_fill_vfinfo() + - net: ipv6: Release route when device is unregistering + - net: vrf: Make add_fib_rules per network namespace flag + - af_unix: Add sockaddr length checks before accessing sa_family in bind + and connect handlers + - Fix an intermittent pr_emerg warning about lo becoming free. + - sctp: disable BH in sctp_for_each_endpoint + - net: caif: Fix a sleep-in-atomic bug in cfpkt_create_pfx + - net: tipc: Fix a sleep-in-atomic bug in tipc_msg_reverse + - net/mlx5: Remove several module events out of ethtool stats + - net/mlx5e: Added BW check for DIM decision mechanism + - net/mlx5e: Fix wrong indications in DIM due to counter wraparound + - net/mlx5: Enable 4K UAR only when page size is bigger than 4K + - proc: snmp6: Use correct type in memset + - igmp: acquire pmc lock for ip_mc_clear_src() + - igmp: add a missing spin_lock_init() + - qmi_wwan: new Telewell and Sierra device IDs + - net: don't global ICMP rate limit packets originating from loopback + - ipv6: fix calling in6_ifa_hold incorrectly for dad work + - sctp: return next obj by passing pos + 1 into sctp_transport_get_idx + - net/mlx5e: Fix min inline value for VF rep SQs + - net/mlx5e: Avoid doing a cleanup call if the profile doesn't have it + - net/mlx5: Wait for FW readiness before initializing command interface + - net/mlx5e: Fix timestamping capabilities reporting + - decnet: always not take dst->__refcnt when inserting dst into hash table + - net: 8021q: Fix one possible panic caused by BUG_ON in free_netdev + - ipv6: Do not leak throw route references + - rtnetlink: add IFLA_GROUP to ifla_policy + - netfilter: synproxy: fix conntrackd interaction + - NFSv4.x/callback: Create the callback service through svc_create_pooled + - xen/blkback: don't use xen_blkif_get() in xen-blkback kthread + - [mips*] head: Reorder instructions missing a delay slot + - [mips*] Avoid accidental raw backtrace + - [mips*] pm-cps: Drop manual cache-line alignment of ready_count + - [mips*] Fix IRQ tracing & lockdep when rescheduling + - ALSA: hda - Fix endless loop of codec configure + - ALSA: hda - set input_path bitmap to zero after moving it to new place + - NFSv4.2: Don't send mode again in post-EXCLUSIVE4_1 SETATTR with umask + - NFSv4.1: Fix a race in nfs4_proc_layoutget + - Revert "NFS: nfs_rename() handle -ERESTARTSYS dentry left behind" + - ovl: copy-up: don't unlock between lookup and link + - gpiolib: fix filtering out unwanted events + - [x86] intel_rdt: Fix memory leak on mount failure + - [x86] perf/x86/intel/uncore: Fix wrong box pointer check + - [x86] drm/vmwgfx: Free hash table allocated by cmdbuf managed res mgr + - dm thin: do not queue freed thin mapping for next stage processing + - [x86] mm: Fix boot crash caused by incorrect loop count calculation in + sync_global_pgds() + - [arm64] pinctrl/amd: Use regular interrupt instead of chained + - mm/vmalloc.c: huge-vmap: fail gracefully on unexpected huge vmap + mappings + - xen/blkback: don't free be structure too early + - xfrm6: Fix IPv6 payload_len in xfrm6_transport_finish + - xfrm: move xfrm_garbage_collect out of xfrm_policy_flush + - xfrm: fix stack access out of bounds with CONFIG_XFRM_SUB_POLICY + - xfrm: NULL dereference on allocation failure + - xfrm: Oops on error in pfkey_msg2xfrm_state() + - [arm64] PCI: Fix struct acpi_pci_root_ops allocation failure path + - [arm64] ACPI: Fix BAD_MADT_GICC_ENTRY() macro implementation + - [arm*] 8685/1: ensure memblock-limit is pmd-aligned + - [arm*] davinci: PM: Free resources in error handling path in + 'davinci_pm_init' + - [arm*] davinci: PM: Do not free useful resources in normal path in + 'davinci_pm_init' + - Revert "x86/entry: Fix the end of the stack for newly forked tasks" + - [x86] boot/KASLR: Fix kexec crash due to 'virt_addr' calculation bug + - [x86] perf: Fix spurious NMI with PEBS Load Latency event + - [x86] mpx: Correctly report do_mpx_bt_fault() failures to user-space + - [x86] mm: Fix flush_tlb_page() on Xen + - ocfs2: o2hb: revert hb threshold to keep compatible + - ocfs2: fix deadlock caused by recursive locking in xattr + - iommu/dma: Don't reserve PCI I/O windows + - [amd64] iommu/amd: Fix incorrect error handling in + amd_iommu_bind_pasid() + - [amd64] iommu/amd: Fix interrupt remapping when disable guest_mode + - mtd: nand: brcmnand: Check flash #WP pin status before nand + erase/program + - mtd: nand: fsmc: fix NAND width handling + - [x86] KVM: fix emulation of RSM and IRET instructions + - [x86] KVM: vPMU: fix undefined shift in intel_pmu_refresh() + - [x86] KVM: zero base3 of unusable segments + - KVM: nVMX: Fix exception injection + - esp4: Fix udpencap for local TCP packets. + - [armhf] hsi: Fix build regression due to netdev destructor fix. + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.10 + - fs: completely ignore unknown open flags + - driver core: platform: fix race condition with driver_override + - RDMA/uverbs: Check port number supplied by user verbs cmds + - ceph: choose readdir frag based on previous readdir reply + - tracing/kprobes: Allow to create probe with a module name starting with a + digit + - drm/virtio: don't leak bo on drm_gem_object_init failure (CVE-2017-10810) + - usb: dwc3: replace %p with %pK + - Add USB quirk for HVR-950q to avoid intermittent device resets + - usb: usbip: set buffer pointers to NULL after free + - usb: Fix typo in the definition of Endpoint[out]Request + - USB: core: fix device node leak + - [armhf] pinctrl: meson: meson8b: fix the NAND DQS pins + - [armhf,arm64] pinctrl: sunxi: Fix SPDIF function name for A83T + - pinctrl: core: Fix warning by removing bogus code + - [x86] xhci: Limit USB2 port wake support for AMD Promontory hosts + - gfs2: Fix glock rhashtable rcu bug + - Add "shutdown" to "struct class". + - tpm: Issue a TPM2_Shutdown for TPM2 devices. + - tpm: fix a kernel memory leak in tpm-sysfs.c + - [x86] uaccess: Optimize copy_user_enhanced_fast_string() for short strings + - xen: avoid deadlock in xenbus driver + - crypto: drbg - Fixes panic in wait_for_completion call + - [x86] rt286: add Thinkpad Helix 2 to force_combo_jack_table + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.11 + - mqueue: fix a use-after-free in sys_mq_notify() (CVE-2017-11176) + - proc: Fix proc_sys_prune_dcache to hold a sb reference + - locking/rwsem-spinlock: Fix EINTR branch in __down_write_common() + - [x86] staging: comedi: fix clean-up of comedi_class in comedi_init() + - crypto: rsa-pkcs1pad - use constant time memory comparison for MACs + - ext4: check return value of kstrtoull correctly in reserved_clusters_store + - [x86] mm/pat: Don't report PAT on CPUs that don't support it + + [ Ben Hutchings ] + * [m68k] udeb: Use only the common module list for nic-shared-modules + (fixes FTBFS) + * [sparc64] Update "Revert "sparc: move exports to definitions"" for the + addition of __multi3 (fixes FTBFS) + * binfmt_elf: use ELF_ET_DYN_BASE only for PIE (CVE-2017-1000370, + CVE-2017-1000371) + * [rt] Update to 4.11.9-rt7: + - smp/hotplug: Move unparking of percpu threads to the control CPU + - cpu_pm: replace raw_notifier to atomic_notifier + * media: Enable MEDIA_CEC_SUPPORT, VIDEO_VIVID_CEC; USB_PULSE8_CEC as module + (Closes: #868511) + * [armhf] udeb: Add sunxi_wdt to kernel-image (Closes: #866130) + * crypto: Enable CRYPTO_USER, CRYPTO_USER_API_RNG as modules (Closes: #868291) + * udeb: Add dm-raid to md-modules (Closes: #868251) + * [arm64] sound: Enable SND_HDA_INTEL as module (Closes: #867611) + * aufs: Update support patchset to aufs4.11.7+-20170703 (Closes: #867257) + * [x86] ideapad-laptop: Add various IdeaPad models to no_hw_rfkill list + (Closes: #866706) + * firmware: dmi: Add DMI_PRODUCT_FAMILY identification string + * [x86] pinctrl: cherryview: Extend the Chromebook DMI quirk to Intel_Strago + systems (Closes: #862723) + * [armhf] Add ARM Mali Midgard device tree bindings and gpu node for rk3288 + (thanks to Guillaume Tucker) (Closes: #865646) + + [ Uwe Kleine-König ] + * [arm64] enable FB_SIMPLE + + [ Vagrant Cascadian ] + * [arm64] Enable support for Rockchip systems (Closes: #860976). + + [ Salvatore Bonaccorso ] + * Bump ABI to 2 + * [rt] Update to 4.11.8-rt5 + + [ Cyril Brulebois ] + * [arm64,armhf] udeb: Ship usb3503 module in usb-modules, needed for + e.g. Arndale development boards, thanks to Wei Liu (Closes: #865645). + + -- Ben Hutchings <ben@decadent.org.uk> Mon, 17 Jul 2017 03:01:21 +0100 + +linux (4.11.6-1) unstable; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.4 + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.5 + - [x86] drm/vmwgfx: limit the number of mip levels in + vmw_gb_surface_define_ioctl() (CVE-2017-7346) + - [x86] drm/vmwgfx: Make sure backup_handle is always valid (CVE-2017-9605) + - ALSA: timer: Fix race between read and ioctl (CVE-2017-1000380) + - ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT + (CVE-2017-1000380) + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.6 + + [ John Paul Adrian Glaubitz ] + * [m68k] udeb: Build affs-modules package + * [m68k] udeb: Build hfs-modules package + * [m68k] udeb: Build nic-modules package + * [m68k] udeb: Build pata-modules package + * [m68k] udeb: Build scsi-core-modules package + * [m68k] udeb: Move non-shared modules from nic-shared-modules to nic-modules + * [m68k] udeb: Add buddha, falconide, gayle, macide, q40ide to pata-modules + * [m68k] udeb: Add atari_scsi, mac_esp, mac_scsi to scsi-modules + + [ Ben Hutchings ] + * [x86] Enable SERIAL_8250_MID as built-in (Closes: #864368) + * Set ABI to 1 + * debian/rules.real: Include rules.defs before using architecture variables + (Closes: #862842) + * [rt] Update to 4.11.5-rt1 and reenable + * fs: Reenable HPFS_FS as module (Closes: #864878) + * USB: serial: option: add two Longcheer device ids (Closes: #864604) + * [armhf] PCI: Enable PCI_HOST_GENERIC (Closes: #864726) + * mm: larger stack guard gap, between vmas (CVE-2017-1000364) + + -- Ben Hutchings <ben@decadent.org.uk> Tue, 20 Jun 2017 00:25:45 +0100 + +linux (4.11.3-1~exp1) experimental; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.1 + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.2 + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.3 + + [ Ben Hutchings ] + * [armel] udeb: Add af_packet. firmware_class, nls_base to kernel-image + (fixes FTBFS) + * [m68k] Update 'Revert "m68k: move exports to definitions"' for 4.11 + (fixes FTBFS) (Closes: #862393) + + -- Ben Hutchings <ben@decadent.org.uk> Mon, 05 Jun 2017 14:13:41 +0100 + +linux (4.11-1~exp2) experimental; urgency=medium + + * [armel/marvell] Change MQ_IOSCHED_DEADLINE, FW_LOADER, HWMON, + INPUT_MOUSEDEV, THERMAL, SERIAL_8250_PCI, SERIAL_8250_EXAR, NLS, PACKET + from built-in to modules (fixes FTBFS) + * usbip: Fix potential format overflow in userspace tools (fixes FTBFS on + 64-bit architectures with gcc-7) + * [mips*/octeon] Increase RELOCATION_TABLE_SIZE to 0x00110000 (fixes FTBFS) + + -- Ben Hutchings <ben@decadent.org.uk> Fri, 05 May 2017 04:35:12 +0100 + +linux (4.11-1~exp1) experimental; urgency=medium + + * New upstream release: https://kernelnewbies.org/Linux_4.11 + (thanks to Lukas Wunner for rebasing up to 4.11-rc6) + + [ Ben Hutchings ] + * aufs: Update support patchset to aufs4.x-rcN-20170410 + * [arm64,x86] Replace securelevel patch set with lockdown patch set + * [x86] Make hyperv-modules depends on nic-shared-modules, as hv_utils now + implements PTP clock + * [arm64] Enable ARCH_SUNXI, RTC_DRV_SUN6I as built-in, + MMC_SUNXI and PHY_SUN4I_USB as modules (Closes: #860855) + * [arm64] Enable REGULATOR_GPIO as module (Closes: #860222) + * block: Enable BLK_WBT, BLK_WBT_MQ (Closes: #859570) + + -- Ben Hutchings <ben@decadent.org.uk> Tue, 02 May 2017 20:57:50 +0100 + +linux (4.10.7-1~exp1) experimental; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.1 + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.2 + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.3 + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.4 + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.5 + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.6 + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.7 + + [ Ben Hutchings ] + * netfilter: Enable NF_SOCKET_IPV4, NF_SOCKET_IPV6 as modules + (Closes: #858897) + * [s390x] Set NR_CPUS=256 (Closes: #858731) + * Enable BUG_ON_DATA_CORRUPTION + + -- Ben Hutchings <ben@decadent.org.uk> Fri, 31 Mar 2017 00:41:15 +0100 + +linux (4.10-1~exp1) experimental; urgency=medium + + * New upstream release: https://kernelnewbies.org/Linux_4.10 + + [ Ben Hutchings ] + * aufs: Update support patchset to aufs4.x-rcN-20170206 + * Set ABI to trunk + + [ Roger Shimizu ] + * debian/copyright & debian/README.source: + - Prefer https URL than http for security merit. + + -- Ben Hutchings <ben@decadent.org.uk> Wed, 22 Feb 2017 20:58:19 +0000 + +linux (4.10~rc6-1~exp2) experimental; urgency=medium + + * [s390x] Un-revert upstream change moving exports to assembly sources + (fixes FTBFS) + * [sparc64] topology_64.h: Fix condition for including cpudata.h + (might fix FTBFS) + * [powerpc*] Fix various build failures: + - Revert the initial stack protector support + - Fix missing CRC for _mcount + - [ppc64el] udeb: Exclude ehea from nic-modules + * debian/control: Fix compiler build-dependencies for cross-building + * [armel] Adjust configuration to reduce image size (fixes FTBFS): + - PCI: Disable PCIEAER, PCIEASPM + - net: Disable LWTUNNEL, IPV6_ILA + - trace: Disable UPROBE_EVENT + + -- Ben Hutchings <ben@decadent.org.uk> Thu, 02 Feb 2017 03:44:51 +0000 + +linux (4.10~rc6-1~exp1) experimental; urgency=medium + + * New upstream release candidate + + [ Ben Hutchings ] + * [rt] Disable until it is updated for 4.10 or later + * [amd64] Enable LEGACY_VSYSCALL_NONE instead of LEGACY_VSYSCALL_EMULATE + (Closes: #852620). This breaks (e)glibc versions < 2.14 and dietlibc + versions < 0.33. It can be reverted using the kernel parameter: + vsyscall=emulate + * [arm64] Enable DRM_MESON, MMC_MESON_GX, DWMAC_MESON, MESON_GXL_PHY, + PHY_MESON8B_USB2, MESON_WATCHDOG as modules + * net: Enable SFC_FALCON as module; SFC_FALCON_MTD + * cpupower: Fix compiler options for turbostat on 4.10 + * linux-doc: Update documentation file list for 4.10 + * linux-doc: Fix up symlinks to gzipped docs + * debian/control: Add build-dependency on graphviz for documentation + * linux-doc: Copy source to build directory, to avoid creating files in + source directory + + [ Roger Shimizu ] + * debian/copyright: Add GPL/X11 Dual License + + -- Ben Hutchings <ben@decadent.org.uk> Tue, 31 Jan 2017 15:33:20 +0000 + linux (4.9.30-2) unstable; urgency=high * [x86] Enable SERIAL_8250_MID as built-in (Closes: #864368) |