Ubuntu
linux-azure package

Enable secure boot on linux-azure

Bug #1754042 reported by David Coronel on 2018-03-07

This bug affects 1 person

	Status	Importance	Assigned to
linux-azure (Ubuntu)	Fix Released	Undecided	Marcelo Cerri
Xenial	Fix Released	Undecided	Marcelo Cerri
Bionic	Fix Released	Undecided	Marcelo Cerri

Bug Description

Impact: linux-azure needs to add support for secure boot to support Hyper-V Generation 2 Virtual Machines.

Fix: UEFI support needs to be enabled for linux-azure and new signed package needs to be created it for that.

Testcase: After installing the new linux-azure kernel with UEFI support and the linux-signed-azure package on a gen2 azure instance or on a hyperv virtual machine with secure boot enabled, the user should be able to still boot normally and /proc/sys/kernel/secure_boot should have the value "1".

See original description

CVE References

Marcelo Cerri (mhcerri) on 2018-03-07

description:	updated
Changed in linux-azure (Ubuntu Xenial):
status:	New → In Progress
assignee:	nobody → Marcelo Cerri (mhcerri)
Changed in linux-azure (Ubuntu Bionic):
assignee:	nobody → Marcelo Cerri (mhcerri)

Marcelo Cerri (mhcerri) on 2018-03-07

Changed in linux-azure (Ubuntu Xenial):
status:	In Progress → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2018-03-22:

This bug was fixed in the package linux-azure - 4.13.0-1012.15

---------------
linux-azure (4.13.0-1012.15) xenial; urgency=medium

* linux-azure: 4.13.0-1012.15 -proposed tracker (LP: #1751799)

* Enable secure boot on linux-azure (LP: #1754042)
- Revert "UBUNTU: [debian] azure: do not build uefi signed binary"

* [Hyper-v] Set CONFIG_I2C_PIIX4 to "n" (LP: #1752999)
- [Config] azure: CONFIG_I2C_PIIX4=n

  * [Hyper-V] Drivers: hv: vmbus: Fix ring buffer signaling (LP: #1748662)
    - Revert "UBUNTU: SAUCE: vmbus: fix performance regression"
    - Revert "UBUNTU: SAUCE: vmbus: simplify packet iterator"
    - Revert "UBUNTU: SAUCE: vmbus: don't need to check interrupt mask on read
      side"
    - SAUCE: hv: vmbus: Fix ring buffer signaling

* [Hyper-V] set config: CONFIG_EDAC_DECODE_MCE=y (LP: #1751123)
- [Config] azure: CONFIG_EDAC_DECODE_MCE=y

-- Marcelo Henrique Cerri <email address hidden> Wed, 07 Mar 2018 13:37:00 -0300

Changed in linux-azure (Ubuntu Xenial):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2018-04-05:

Download full text (73.0 KiB)

This bug was fixed in the package linux-azure - 4.15.0-1003.3

---------------
linux-azure (4.15.0-1003.3) bionic; urgency=medium

* linux-azure: 4.15.0-1003.3 -proposed tracker (LP: #1757167)

* Enable secure boot on linux-azure (LP: #1754042)
- Revert "UBUNTU: [debian] azure: do not build uefi signed binary"

* [Hyper-v] Set CONFIG_I2C_PIIX4 to "n" (LP: #1752999)
- [Config] azure: CONFIG_I2C_PIIX4=n

* [Hyper-V] set config: CONFIG_EDAC_DECODE_MCE=y (LP: #1751123)
- [Config] azure: CONFIG_EDAC_DECODE_MCE=y

  * Miscellaneous Ubuntu changes
    - [Config] updateconfigs after rebase to Ubuntu-4.15.0-13.14
    - [Config] fix up retpoline abi files

[ Ubuntu: 4.15.0-13.14 ]

This bug was fixed in the package linux-azure - 4.15.0-1003.3

---------------
linux-azure (4.15.0-1003.3) bionic; urgency=medium

* linux-azure: 4.15.0-1003.3 -proposed tracker (LP: #1757167)

* Enable secure boot on linux-azure (LP: #1754042)
    - Revert "UBUNTU: [debian] azure: do not build uefi signed binary"

* [Hyper-v] Set CONFIG_I2C_PIIX4 to "n" (LP: #1752999)
    - [Config] azure: CONFIG_I2C_PIIX4=n

* [Hyper-V] set config: CONFIG_EDAC_DECODE_MCE=y (LP: #1751123)
    - [Config] azure: CONFIG_EDAC_DECODE_MCE=y

* Miscellaneous Ubuntu changes
    - [Config] updateconfigs after rebase to Ubuntu-4.15.0-13.14
    - [Config] fix up retpoline abi files

[ Ubuntu: 4.15.0-13.14 ]

* linux: 4.15.0-13.14 -proposed tracker (LP: #1756408)
  * devpts: handle bind-mounts (LP: #1755857)
    - SAUCE: devpts: hoist out check for DEVPTS_SUPER_MAGIC
    - SAUCE: devpts: resolve devpts bind-mounts
    - SAUCE: devpts: comment devpts_mntget()
    - SAUCE: selftests: add devpts selftests
  * [bionic][arm64] d-i: add hisi_sas_v3_hw to scsi-modules (LP: #1756103)
    - d-i: add hisi_sas_v3_hw to scsi-modules
  * [Bionic][ARM64] enable ROCE and HNS3 driver support for hip08 SoC
    (LP: #1756097)
    - RDMA/hns: Refactor eq code for hip06
    - RDMA/hns: Add eq support of hip08
    - RDMA/hns: Add detailed comments for mb() call
    - RDMA/hns: Add rq inline data support for hip08 RoCE
    - RDMA/hns: Update the usage of sr_max and rr_max field
    - RDMA/hns: Set access flags of hip08 RoCE
    - RDMA/hns: Filter for zero length of sge in hip08 kernel mode
    - RDMA/hns: Fix QP state judgement before sending work requests
    - RDMA/hns: Assign dest_qp when deregistering mr
    - RDMA/hns: Fix endian problems around imm_data and rkey
    - RDMA/hns: Assign the correct value for tx_cqn
    - RDMA/hns: Create gsi qp in hip08
    - RDMA/hns: Add gsi qp support for modifying qp in hip08
    - RDMA/hns: Fill sq wqe context of ud type in hip08
    - RDMA/hns: Assign zero for pkey_index of wc in hip08
    - RDMA/hns: Update the verbs of polling for completion
    - RDMA/hns: Set the guid for hip08 RoCE device
    - net: hns3: Refactor of the reset interrupt handling logic
    - net: hns3: Add reset service task for handling reset requests
    - net: hns3: Refactors the requested reset & pending reset handling code
    - net: hns3: Add HNS3 VF IMP(Integrated Management Proc) cmd interface
    - net: hns3: Add mailbox support to VF driver
    - net: hns3: Add HNS3 VF HCL(Hardware Compatibility Layer) Support
    - net: hns3: Add HNS3 VF driver to kernel build framework
    - net: hns3: Unified HNS3 {VF|PF} Ethernet Driver for hip08 SoC
    - net: hns3: Add mailbox support to PF driver
    - net: hns3: Change PF to add ring-vect binding & resetQ to mailbox
    - net: hns3: Add mailbox interrupt handling to PF driver
    - net: hns3: add support to query tqps number
    - net: hns3: add support to modify tqps number
    - net: hns3: change the returned tqp number by ethtool -x
    - net: hns3: free the ring_data structrue when change tqps
    - net: hns3: get rss_size_max from configuration but not hardcode
    - net: hns3: add a mask initialization for mac_vlan table
    - net: hns3: add vlan offload config command
    - net: hns3: add ethtool related offload command
    - net: hns3: add handling vlan tag offload in bd
    - net: hns3: cleanup mac auto-negotiation state query
    - net: hns3: fix for getting auto-negotiation state in hclge_get_autoneg
    - net: hns3: add support for set_pauseparam
    - net: hns3: add support to update flow control settings after autoneg
    - net: hns3: add Asym Pause support to phy default features
    - net: hns3: add support for querying advertised pause frame by ethtool ethx
    - net: hns3: Increase the default depth of bucket for TM shaper
    - net: hns3: change TM sched mode to TC-based mode when SRIOV enabled
    - net: hns3: hns3_get_channels() can be static
    - net: hns3: Add ethtool interface for vlan filter
    - net: hns3: Disable VFs change rxvlan offload status
    - net: hns3: Unify the strings display of packet statistics
    - net: hns3: Fix spelling errors
    - net: hns3: Remove repeat statistic of rx_errors
    - net: hns3: Modify the update period of packet statistics
    - net: hns3: Mask the packet statistics query when NIC is down
    - net: hns3: Fix an error of total drop packet statistics
    - net: hns3: Fix a loop index error of tqp statistics query
    - net: hns3: Fix an error macro definition of HNS3_TQP_STAT
    - net: hns3: Remove a useless member of struct hns3_stats
    - net: hns3: Add packet statistics of netdev
    - net: hns3: Fix a response data read error of tqp statistics query
    - net: hns3: fix for updating fc_mode_last_time
    - net: hns3: fix for setting MTU
    - net: hns3: fix for changing MTU
    - net: hns3: add MTU initialization for hardware
    - net: hns3: fix for not setting pause parameters
    - net: hns3: remove redundant semicolon
    - net: hns3: Add more packet size statisctics
    - Revert "net: hns3: Add packet statistics of netdev"
    - net: hns3: report the function type the same line with hns3_nic_get_stats64
    - net: hns3: add ethtool_ops.get_channels support for VF
    - net: hns3: remove TSO config command from VF driver
    - net: hns3: add ethtool_ops.get_coalesce support to PF
    - net: hns3: add ethtool_ops.set_coalesce support to PF
    - net: hns3: refactor interrupt coalescing init function
    - net: hns3: refactor GL update function
    - net: hns3: remove unused GL setup function
    - net: hns3: change the unit of GL value macro
    - net: hns3: add int_gl_idx setup for TX and RX queues
    - net: hns3: add feature check when feature changed
    - net: hns3: check for NULL function pointer in hns3_nic_set_features
    - net: hns: Fix for variable may be used uninitialized warnings
    - net: hns3: add support for get_regs
    - net: hns3: add manager table initialization for hardware
    - net: hns3: add ethtool -p support for fiber port
    - net: hns3: add net status led support for fiber port
    - net: hns3: converting spaces into tabs to avoid checkpatch.pl warning
    - net: hns3: add get/set_coalesce support to VF
    - net: hns3: add int_gl_idx setup for VF
    - [Config]: enable CONFIG_HNS3_HCLGEVF as module.
  * [Bionic][ARM64] add RAS extension and SDEI features (LP: #1756096)
    - KVM: arm64: Store vcpu on the stack during __guest_enter()
    - KVM: arm/arm64: Convert kvm_host_cpu_state to a static per-cpu allocation
    - KVM: arm64: Change hyp_panic()s dependency on tpidr_el2
    - arm64: alternatives: use tpidr_el2 on VHE hosts
    - KVM: arm64: Stop save/restoring host tpidr_el1 on VHE
    - Docs: dt: add devicetree binding for describing arm64 SDEI firmware
    - firmware: arm_sdei: Add driver for Software Delegated Exceptions
    - arm64: Add vmap_stack header file
    - arm64: uaccess: Add PAN helper
    - arm64: kernel: Add arch-specific SDEI entry code and CPU masking
    - firmware: arm_sdei: Add support for CPU and system power states
    - firmware: arm_sdei: add support for CPU private events
    - arm64: acpi: Remove __init from acpi_psci_use_hvc() for use by SDEI
    - firmware: arm_sdei: Discover SDEI support via ACPI
    - arm64: sysreg: Move to use definitions for all the SCTLR bits
    - arm64: cpufeature: Detect CPU RAS Extentions
    - arm64: kernel: Survive corrected RAS errors notified by SError
    - arm64: Unconditionally enable IESB on exception entry/return for firmware-
      first
    - arm64: kernel: Prepare for a DISR user
    - KVM: arm/arm64: mask/unmask daif around VHE guests
    - KVM: arm64: Set an impdef ESR for Virtual-SError using VSESR_EL2.
    - KVM: arm64: Save/Restore guest DISR_EL1
    - KVM: arm64: Save ESR_EL2 on guest SError
    - KVM: arm64: Handle RAS SErrors from EL1 on guest exit
    - KVM: arm64: Handle RAS SErrors from EL2 on guest exit
    - KVM: arm64: Emulate RAS error registers and set HCR_EL2's TERR & TEA
    - [Config]: enable RAS_EXTN and ARM_SDE_INTERFACE
  * [Bionic][ARM64] PCI and SAS driver patches for hip08 SoCs (LP: #1756094)
    - scsi: hisi_sas: fix dma_unmap_sg() parameter
    - scsi: ata: enhance the definition of SET MAX feature field value
    - scsi: hisi_sas: relocate clearing ITCT and freeing device
    - scsi: hisi_sas: optimise port id refresh function
    - scsi: hisi_sas: some optimizations of host controller reset
    - scsi: hisi_sas: modify hisi_sas_dev_gone() for reset
    - scsi: hisi_sas: add an mechanism to do reset work synchronously
    - scsi: hisi_sas: change ncq process for v3 hw
    - scsi: hisi_sas: add RAS feature for v3 hw
    - scsi: hisi_sas: add some print to enhance debugging
    - scsi: hisi_sas: improve int_chnl_int_v2_hw() consistency with v3 hw
    - scsi: hisi_sas: add v2 hw port AXI error handling support
    - scsi: hisi_sas: use an general way to delay PHY work
    - scsi: hisi_sas: do link reset for some CHL_INT2 ints
    - scsi: hisi_sas: judge result of internal abort
    - scsi: hisi_sas: add internal abort dev in some places
    - scsi: hisi_sas: fix SAS_QUEUE_FULL problem while running IO
    - scsi: hisi_sas: re-add the lldd_port_deformed()
    - scsi: hisi_sas: add v3 hw suspend and resume
    - scsi: hisi_sas: Change frame type for SET MAX commands
    - scsi: hisi_sas: make local symbol host_attrs static
    - scsi: hisi_sas: fix a bug in hisi_sas_dev_gone()
    - SAUCE: scsi: hisi_sas: config for hip08 ES
    - SAUCE: scsi: hisi_sas: export device table of v3 hw to userspace
    - PM / core: Add LEAVE_SUSPENDED driver flag
    - PCI / PM: Support for LEAVE_SUSPENDED driver flag
    - PCI/AER: Skip recovery callbacks for correctable errors from ACPI APEI
    - PCI/ASPM: Calculate LTR_L1.2_THRESHOLD from device characteristics
    - PCI/ASPM: Enable Latency Tolerance Reporting when supported
    - PCI/ASPM: Unexport internal ASPM interfaces
    - PCI: Make PCI_SCAN_ALL_PCIE_DEVS work for Root as well as Downstream Ports
    - PCI/AER: Return error if AER is not supported
    - PCI/DPC: Enable DPC only if AER is available
  * [CVE] Spectre: System Z {kernel} UBUNTU18.04 (LP: #1754580)
    - s390: scrub registers on kernel entry and KVM exit
    - s390: add optimized array_index_mask_nospec
    - s390/alternative: use a copy of the facility bit mask
    - s390: add options to change branch prediction behaviour for the kernel
    - s390: run user space and KVM guests with modified branch prediction
    - s390: introduce execute-trampolines for branches
    - s390: Replace IS_ENABLED(EXPOLINE_*) with IS_ENABLED(CONFIG_EXPOLINE_*)
    - s390: do not bypass BPENTER for interrupt system calls
    - s390/entry.S: fix spurious zeroing of r0
  * s390/crypto: Fix kernel crash on aes_s390 module remove (LP: #1753424)
    - SAUCE: s390/crypto: Fix kernel crash on aes_s390 module remove.
  * [Feature]Update Ubuntu 18.04 lpfc FC driver with 32/64GB HBA support and bug
    fixes (LP: #1752182)
    - scsi: lpfc: FLOGI failures are reported when connected to a private loop.
    - scsi: lpfc: Expand WQE capability of every NVME hardware queue
    - scsi: lpfc: Handle XRI_ABORTED_CQE in soft IRQ
    - scsi: lpfc: Fix NVME LS abort_xri
    - scsi: lpfc: Raise maximum NVME sg list size for 256 elements
    - scsi: lpfc: Driver fails to detect direct attach storage array
    - scsi: lpfc: Fix display for debugfs queInfo
    - scsi: lpfc: Adjust default value of lpfc_nvmet_mrq
    - scsi: lpfc: Fix ndlp ref count for pt2pt mode issue RSCN
    - scsi: lpfc: Linux LPFC driver does not process all RSCNs
    - scsi: lpfc: correct port registrations with nvme_fc
    - scsi: lpfc: Correct driver deregistrations with host nvme transport
    - scsi: lpfc: Fix crash during driver unload with running nvme traffic
    - scsi: lpfc: Fix driver handling of nvme resources during unload
    - scsi: lpfc: small sg cnt cleanup
    - scsi: lpfc: Fix random heartbeat timeouts during heavy IO
    - scsi: lpfc: update driver version to 11.4.0.5
    - scsi: lpfc: Fix -EOVERFLOW behavior for NVMET and defer_rcv
    - scsi: lpfc: Fix receive PRLI handling
    - scsi: lpfc: Increase SCSI CQ and WQ sizes.
    - scsi: lpfc: Fix SCSI LUN discovery when SCSI and NVME enabled
    - scsi: lpfc: Fix issues connecting with nvme initiator
    - scsi: lpfc: Fix infinite wait when driver unregisters a remote NVME port.
    - scsi: lpfc: Beef up stat counters for debug
    - scsi: lpfc: update driver version to 11.4.0.6
    - scsi: lpfc: correct sg_seg_cnt attribute min vs default
    - scsi: scsi_transport_fc: fix typos on 64/128 GBit define names
    - scsi: lpfc: don't dereference localport before it has been null checked
    - scsi: lpfc: fix a couple of minor indentation issues
    - treewide: Use DEVICE_ATTR_RW
    - treewide: Use DEVICE_ATTR_RO
    - treewide: Use DEVICE_ATTR_WO
    - scsi: lpfc: Fix frequency of Release WQE CQEs
    - scsi: lpfc: Increase CQ and WQ sizes for SCSI
    - scsi: lpfc: move placement of target destroy on driver detach
    - scsi: lpfc: correct debug counters for abort
    - scsi: lpfc: Add WQ Full Logic for NVME Target
    - scsi: lpfc: Fix PRLI handling when topology type changes
    - scsi: lpfc: Fix IO failure during hba reset testing with nvme io.
    - scsi: lpfc: Fix RQ empty firmware trap
    - scsi: lpfc: Allow set of maximum outstanding SCSI cmd limit for a target
    - scsi: lpfc: Fix soft lockup in lpfc worker thread during LIP testing
    - scsi: lpfc: Fix issue_lip if link is disabled
    - scsi: lpfc: Indicate CONF support in NVMe PRLI
    - scsi: lpfc: Fix SCSI io host reset causing kernel crash
    - scsi: lpfc: Validate adapter support for SRIU option
    - scsi: lpfc: Fix header inclusion in lpfc_nvmet
    - scsi: lpfc: Treat SCSI Write operation Underruns as an error
    - scsi: lpfc: Fix nonrecovery of NVME controller after cable swap.
    - scsi: lpfc: update driver version to 11.4.0.7
    - scsi: lpfc: Update 11.4.0.7 modified files for 2018 Copyright
    - scsi: lpfc: Rework lpfc to allow different sli4 cq and eq handlers
    - scsi: lpfc: Rework sli4 doorbell infrastructure
    - scsi: lpfc: Add SLI-4 if_type=6 support to the code base
    - scsi: lpfc: Add push-to-adapter support to sli4
    - scsi: lpfc: Add PCI Ids for if_type=6 hardware
    - scsi: lpfc: Add 64G link speed support
    - scsi: lpfc: Add if_type=6 support for cycling valid bits
    - scsi: lpfc: Enable fw download on if_type=6 devices
    - scsi: lpfc: Add embedded data pointers for enhanced performance
    - scsi: lpfc: Fix nvme embedded io length on new hardware
    - scsi: lpfc: Work around NVME cmd iu SGL type
    - scsi: lpfc: update driver version to 12.0.0.0
    - scsi: lpfc: Change Copyright of 12.0.0.0 modified files to 2018
    - scsi: lpfc: use __raw_writeX on DPP copies
    - scsi: lpfc: Add missing unlock in WQ full logic
  * CVE-2018-8043
    - net: phy: mdio-bcm-unimac: fix potential NULL dereference in
      unimac_mdio_probe()
  * Bionic update to 4.15.10 stable release (LP: #1756100)
    - Revert "UBUNTU: SAUCE: ALSA: hda/realtek - Add support headset mode for DELL
      WYSE"
    - RDMA/ucma: Limit possible option size
    - RDMA/ucma: Check that user doesn't overflow QP state
    - RDMA/mlx5: Fix integer overflow while resizing CQ
    - bpf: cpumap: use GFP_KERNEL instead of GFP_ATOMIC in __cpu_map_entry_alloc()
    - IB/uverbs: Improve lockdep_check
    - mac80211_hwsim: don't use WQ_MEM_RECLAIM
    - net/smc: fix NULL pointer dereference on sock_create_kern() error path
    - regulator: stm32-vrefbuf: fix check on ready flag
    - drm/i915: Check for fused or unused pipes
    - drm/i915/audio: fix check for av_enc_map overflow
    - drm/i915: Fix rsvd2 mask when out-fence is returned
    - drm/i915: Clear the in-use marker on execbuf failure
    - drm/i915: Disable DC states around GMBUS on GLK
    - drm/i915: Update watermark state correctly in sanitize_watermarks
    - drm/i915: Try EDID bitbanging on HDMI after failed read
    - drm/i915/perf: fix perf stream opening lock
    - scsi: core: Avoid that ATA error handling can trigger a kernel hang or oops
    - scsi: qla2xxx: Fix NULL pointer crash due to active timer for ABTS
    - drm/i915: Always call to intel_display_set_init_power() in resume_early.
    - workqueue: Allow retrieval of current task's work struct
    - drm: Allow determining if current task is output poll worker
    - drm/nouveau: Fix deadlock on runtime suspend
    - drm/radeon: Fix deadlock on runtime suspend
    - drm/amdgpu: Fix deadlock on runtime suspend
    - drm/nouveau: prefer XBGR2101010 for addfb ioctl
    - drm/amd/powerplay/smu7: allow mclk switching with no displays
    - drm/amd/powerplay/vega10: allow mclk switching with no displays
    - Revert "drm/radeon/pm: autoswitch power state when in balanced mode"
    - drm/amd/display: check for ipp before calling cursor operations
    - drm/radeon: insist on 32-bit DMA for Cedar on PPC64/PPC64LE
    - drm/amd/powerplay: fix power over limit on Fiji
    - drm/amd/display: Default HDMI6G support to true. Log VBIOS table error.
    - drm/amdgpu: used cached pcie gen info for SI (v2)
    - drm/amdgpu: Notify sbios device ready before send request
    - drm/radeon: fix KV harvesting
    - drm/amdgpu: fix KV harvesting
    - drm/amdgpu:Correct max uvd handles
    - drm/amdgpu:Always save uvd vcpu_bo in VM Mode
    - ovl: redirect_dir=nofollow should not follow redirect for opaque lower
    - MIPS: BMIPS: Do not mask IPIs during suspend
    - MIPS: ath25: Check for kzalloc allocation failure
    - MIPS: OCTEON: irq: Check for null return on kzalloc allocation
    - PCI: dwc: Fix enumeration end when reaching root subordinate
    - Input: matrix_keypad - fix race when disabling interrupts
    - Revert "Input: synaptics - Lenovo Thinkpad T460p devices should use RMI"
    - bug: use %pB in BUG and stack protector failure
    - lib/bug.c: exclude non-BUG/WARN exceptions from report_bug()
    - mm/memblock.c: hardcode the end_pfn being -1
    - Documentation/sphinx: Fix Directive import error
    - loop: Fix lost writes caused by missing flag
    - virtio_ring: fix num_free handling in error case
    - KVM: s390: fix memory overwrites when not using SCA entries
    - arm64: mm: fix thinko in non-global page table attribute check
    - IB/core: Fix missing RDMA cgroups release in case of failure to register
      device
    - Revert "nvme: create 'slaves' and 'holders' entries for hidden controllers"
    - kbuild: Handle builtin dtb file names containing hyphens
    - dm bufio: avoid false-positive Wmaybe-uninitialized warning
    - IB/mlx5: Fix incorrect size of klms in the memory region
    - bcache: fix crashes in duplicate cache device register
    - bcache: don't attach backing with duplicate UUID
    - x86/MCE: Save microcode revision in machine check records
    - x86/MCE: Serialize sysfs changes
    - perf tools: Fix trigger class trigger_on()
    - x86/spectre_v2: Don't check microcode versions when running under
      hypervisors
    - ALSA: hda/realtek - Add support headset mode for DELL WYSE
    - ALSA: hda/realtek - Add headset mode support for Dell laptop
    - ALSA: hda/realtek: Limit mic boost on T480
    - ALSA: hda/realtek - Fix dock line-out volume on Dell Precision 7520
    - ALSA: hda/realtek - Make dock sound work on ThinkPad L570
    - ALSA: seq: More protection for concurrent write and ioctl races
    - ALSA: hda: add dock and led support for HP EliteBook 820 G3
    - ALSA: hda: add dock and led support for HP ProBook 640 G2
    - scsi: qla2xxx: Fix NULL pointer crash due to probe failure
    - scsi: qla2xxx: Fix recursion while sending terminate exchange
    - dt-bindings: Document mti,mips-cpc binding
    - MIPS: CPC: Map registers using DT in mips_cpc_default_phys_base()
    - nospec: Kill array_index_nospec_mask_check()
    - nospec: Include <asm/barrier.h> dependency
    - x86/entry: Reduce the code footprint of the 'idtentry' macro
    - x86/entry/64: Use 'xorl' for faster register clearing
    - x86/mm: Remove stale comment about KMEMCHECK
    - x86/asm: Improve how GEN_*_SUFFIXED_RMWcc() specify clobbers
    - x86/IO-APIC: Avoid warning in 32-bit builds
    - x86/LDT: Avoid warning in 32-bit builds with older gcc
    - x86-64/realmode: Add instruction suffix
    - Revert "x86/retpoline: Simplify vmexit_fill_RSB()"
    - x86/speculation: Use IBRS if available before calling into firmware
    - x86/retpoline: Support retpoline builds with Clang
    - x86/speculation, objtool: Annotate indirect calls/jumps for objtool
    - x86/speculation: Move firmware_restrict_branch_speculation_*() from C to CPP
    - x86/paravirt, objtool: Annotate indirect calls
    - x86/boot, objtool: Annotate indirect jump in secondary_startup_64()
    - x86/mm/sme, objtool: Annotate indirect call in sme_encrypt_execute()
    - objtool: Use existing global variables for options
    - objtool: Add retpoline validation
    - objtool: Add module specific retpoline rules
    - objtool, retpolines: Integrate objtool with retpoline support more closely
    - objtool: Fix another switch table detection issue
    - objtool: Fix 32-bit build
    - x86/kprobes: Fix kernel crash when probing .entry_trampoline code
    - watchdog: hpwdt: SMBIOS check
    - watchdog: hpwdt: Check source of NMI
    - watchdog: hpwdt: fix unused variable warning
    - watchdog: hpwdt: Remove legacy NMI sourcing.
    - netfilter: add back stackpointer size checks
    - netfilter: ipt_CLUSTERIP: fix a race condition of proc file creation
    - netfilter: xt_hashlimit: fix lock imbalance
    - netfilter: x_tables: fix missing timer initialization in xt_LED
    - netfilter: nat: cope with negative port range
    - netfilter: IDLETIMER: be syzkaller friendly
    - netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets
    - netfilter: bridge: ebt_among: add missing match size checks
    - netfilter: ipv6: fix use-after-free Write in nf_nat_ipv6_manip_pkt
    - netfilter: use skb_to_full_sk in ip6_route_me_harder
    - tpm_tis: Move ilb_base_addr to tpm_tis_data
    - tpm: Keep CLKRUN enabled throughout the duration of transmit_cmd()
    - tpm: delete the TPM_TIS_CLK_ENABLE flag
    - tpm: remove unused variables
    - tpm: only attempt to disable the LPC CLKRUN if is already enabled
    - x86/xen: Calculate __max_logical_packages on PV domains
    - scsi: qla2xxx: Fix system crash for Notify ack timeout handling
    - scsi: qla2xxx: Fix gpnid error processing
    - scsi: qla2xxx: Move session delete to driver work queue
    - scsi: qla2xxx: Skip IRQ affinity for Target QPairs
    - scsi: qla2xxx: Fix re-login for Nport Handle in use
    - scsi: qla2xxx: Retry switch command on time out
    - scsi: qla2xxx: Serialize GPNID for multiple RSCN
    - scsi: qla2xxx: Fix login state machine stuck at GPDB
    - scsi: qla2xxx: Fix NPIV host cleanup in target mode
    - scsi: qla2xxx: Relogin to target port on a cable swap
    - scsi: qla2xxx: Fix Relogin being triggered too fast
    - scsi: qla2xxx: Fix PRLI state check
    - scsi: qla2xxx: Fix abort command deadlock due to spinlock
    - scsi: qla2xxx: Replace fcport alloc with qla2x00_alloc_fcport
    - scsi: qla2xxx: Fix scan state field for fcport
    - scsi: qla2xxx: Clear loop id after delete
    - scsi: qla2xxx: Defer processing of GS IOCB calls
    - scsi: qla2xxx: Remove aborting ELS IOCB call issued as part of timeout.
    - scsi: qla2xxx: Fix system crash in qlt_plogi_ack_unref
    - scsi: qla2xxx: Fix memory leak in dual/target mode
    - NFS: Fix an incorrect type in struct nfs_direct_req
    - pNFS: Prevent the layout header refcount going to zero in pnfs_roc()
    - NFS: Fix unstable write completion
    - Linux 4.15.10
  * Bionic update to 4.15.10 stable release (LP: #1756100) // CVE-2018-1000004.
    - ALSA: seq: Don't allow resizing pool in use
  * nfp: prioritize stats updates (LP: #1752061)
    - nfp: flower: prioritize stats updates
  * Ubuntu 18.04 - Kernel crash on nvme subsystem-reset /dev/nvme0 (Bolt / NVMe)
    (LP: #1753371)
    - nvme-pci: Fix EEH failure on ppc
  * sbsa watchdog crashes thunderx2 system (LP: #1755595)
    - watchdog: sbsa: use 32-bit read for WCV
  * KVM: s390: add vcpu stat counters for many instruction (LP: #1755132)
    - KVM: s390: diagnoses are instructions as well
    - KVM: s390: add vcpu stat counters for many instruction
  * CIFS SMB2/SMB3 does not work for domain based DFS (LP: #1747572)
    - CIFS: make IPC a regular tcon
    - CIFS: use tcon_ipc instead of use_ipc parameter of SMB2_ioctl
    - CIFS: dump IPC tcon in debug proc file
  * i2c-thunderx: erroneous error message "unhandled state: 0" (LP: #1754076)
    - i2c: octeon: Prevent error message on bus error
  * Boston-LC:bos1u1: Stress test on Qlogic Fibre Channel on Ubuntu KVM guest
    that caused KVM host crashed in qlt_free_session_done call (LP: #1750441)
    - scsi: qla2xxx: Fix memory corruption during hba reset test
  * Ubuntu 18.04 - Performance: Radix page fault handler bug in KVM
    (LP: #1752236)
    - KVM: PPC: Book3S HV: Fix handling of large pages in radix page fault handler
  * Fix ARC hit rate (LP: #1755158)
    - SAUCE: Fix ARC hit rate (LP: #1755158)
  * Bionic update to 4.15.9 stable release (LP: #1755275)
    - bpf: fix mlock precharge on arraymaps
    - bpf: fix memory leak in lpm_trie map_free callback function
    - bpf: fix rcu lockdep warning for lpm_trie map_free callback
    - bpf, x64: implement retpoline for tail call
    - bpf, arm64: fix out of bounds access in tail call
    - bpf: add schedule points in percpu arrays management
    - bpf: allow xadd only on aligned memory
    - bpf, ppc64: fix out of bounds access in tail call
    - scsi: mpt3sas: fix oops in error handlers after shutdown/unload
    - scsi: mpt3sas: wait for and flush running commands on shutdown/unload
    - KVM: x86: fix backward migration with async_PF
    - Linux 4.15.9
  * Bionic update to 4.15.8 stable release (LP: #1755179)
    - hrtimer: Ensure POSIX compliance (relative CLOCK_REALTIME hrtimers)
    - ipmi_si: Fix error handling of platform device
    - platform/x86: dell-laptop: Allocate buffer on heap rather than globally
    - powerpc/pseries: Enable RAS hotplug events later
    - Bluetooth: btusb: Use DMI matching for QCA reset_resume quirking
    - ixgbe: fix crash in build_skb Rx code path
    - tpm: st33zp24: fix potential buffer overruns caused by bit glitches on the
      bus
    - tpm: fix potential buffer overruns caused by bit glitches on the bus
    - tpm_i2c_infineon: fix potential buffer overruns caused by bit glitches on
      the bus
    - tpm_i2c_nuvoton: fix potential buffer overruns caused by bit glitches on the
      bus
    - tpm_tis: fix potential buffer overruns caused by bit glitches on the bus
    - ALSA: usb-audio: Add a quirck for B&W PX headphones
    - ALSA: control: Fix memory corruption risk in snd_ctl_elem_read
    - ALSA: x86: Fix missing spinlock and mutex initializations
    - ALSA: hda: Add a power_save blacklist
    - ALSA: hda - Fix pincfg at resume on Lenovo T470 dock
    - mmc: sdhci-pci: Fix S0i3 for Intel BYT-based controllers
    - mmc: dw_mmc-k3: Fix out-of-bounds access through DT alias
    - mmc: dw_mmc: Avoid accessing registers in runtime suspended state
    - mmc: dw_mmc: Factor out dw_mci_init_slot_caps
    - mmc: dw_mmc: Fix out-of-bounds access for slot's caps
    - timers: Forward timer base before migrating timers
    - parisc: Use cr16 interval timers unconditionally on qemu
    - parisc: Reduce irq overhead when run in qemu
    - parisc: Fix ordering of cache and TLB flushes
    - parisc: Hide virtual kernel memory layout
    - btrfs: use proper endianness accessors for super_copy
    - block: fix the count of PGPGOUT for WRITE_SAME
    - block: kyber: fix domain token leak during requeue
    - block: pass inclusive 'lend' parameter to truncate_inode_pages_range
    - vfio: disable filesystem-dax page pinning
    - cpufreq: s3c24xx: Fix broken s3c_cpufreq_init()
    - dax: fix vma_is_fsdax() helper
    - direct-io: Fix sleep in atomic due to sync AIO
    - x86/xen: Zero MSR_IA32_SPEC_CTRL before suspend
    - x86/platform/intel-mid: Handle Intel Edison reboot correctly
    - x86/cpu_entry_area: Sync cpu_entry_area to initial_page_table
    - bridge: check brport attr show in brport_show
    - fib_semantics: Don't match route with mismatching tclassid
    - hdlc_ppp: carrier detect ok, don't turn off negotiation
    - ipv6 sit: work around bogus gcc-8 -Wrestrict warning
    - net: amd-xgbe: fix comparison to bitshift when dealing with a mask
    - net: ethernet: ti: cpsw: fix net watchdog timeout
    - net: fix race on decreasing number of TX queues
    - net: ipv4: don't allow setting net.ipv4.route.min_pmtu below 68
    - netlink: ensure to loop over all netns in genlmsg_multicast_allns()
    - net: sched: report if filter is too large to dump
    - ppp: prevent unregistered channels from connecting to PPP units
    - sctp: verify size of a new chunk in _sctp_make_chunk()
    - udplite: fix partial checksum initialization
    - net/mlx5e: Fix TCP checksum in LRO buffers
    - sctp: fix dst refcnt leak in sctp_v4_get_dst
    - mlxsw: spectrum_switchdev: Check success of FDB add operation
    - net/mlx5e: Specify numa node when allocating drop rq
    - net: phy: fix phy_start to consider PHY_IGNORE_INTERRUPT
    - tcp: Honor the eor bit in tcp_mtu_probe
    - rxrpc: Fix send in rxrpc_send_data_packet()
    - tcp_bbr: better deal with suboptimal GSO
    - doc: Change the min default value of tcp_wmem/tcp_rmem.
    - net/mlx5e: Fix loopback self test when GRO is off
    - net_sched: gen_estimator: fix broken estimators based on percpu stats
    - net/sched: cls_u32: fix cls_u32 on filter replace
    - sctp: do not pr_err for the duplicated node in transport rhlist
    - mlxsw: spectrum_router: Fix error path in mlxsw_sp_vr_create
    - net: ipv4: Set addr_type in hash_keys for forwarded case
    - sctp: fix dst refcnt leak in sctp_v6_get_dst()
    - bridge: Fix VLAN reference count problem
    - net/mlx5e: Verify inline header size do not exceed SKB linear size
    - tls: Use correct sk->sk_prot for IPV6
    - amd-xgbe: Restore PCI interrupt enablement setting on resume
    - cls_u32: fix use after free in u32_destroy_key()
    - mlxsw: spectrum_router: Do not unconditionally clear route offload
      indication
    - netlink: put module reference if dump start fails
    - tcp: purge write queue upon RST
    - tuntap: correctly add the missing XDP flush
    - tuntap: disable preemption during XDP processing
    - virtio-net: disable NAPI only when enabled during XDP set
    - cxgb4: fix trailing zero in CIM LA dump
    - net/mlx5: Fix error handling when adding flow rules
    - net: phy: Restore phy_resume() locking assumption
    - tcp: tracepoint: only call trace_tcp_send_reset with full socket
    - l2tp: don't use inet_shutdown on tunnel destroy
    - l2tp: don't use inet_shutdown on ppp session destroy
    - l2tp: fix races with tunnel socket close
    - l2tp: fix race in pppol2tp_release with session object destroy
    - l2tp: fix tunnel lookup use-after-free race
    - s390/qeth: fix underestimated count of buffer elements
    - s390/qeth: fix SETIP command handling
    - s390/qeth: fix overestimated count of buffer elements
    - s390/qeth: fix IP removal on offline cards
    - s390/qeth: fix double-free on IP add/remove race
    - Revert "s390/qeth: fix using of ref counter for rxip addresses"
    - s390/qeth: fix IP address lookup for L3 devices
    - s390/qeth: fix IPA command submission race
    - tcp: revert F-RTO middle-box workaround
    - tcp: revert F-RTO extension to detect more spurious timeouts
    - blk-mq: don't call io sched's .requeue_request when requeueing rq to
      ->dispatch
    - media: m88ds3103: don't call a non-initalized function
    - EDAC, sb_edac: Fix out of bound writes during DIMM configuration on KNL
    - KVM: s390: take care of clock-comparator sign control
    - KVM: s390: provide only a single function for setting the tod (fix SCK)
    - KVM: s390: consider epoch index on hotplugged CPUs
    - KVM: s390: consider epoch index on TOD clock syncs
    - nospec: Allow index argument to have const-qualified type
    - x86/mm: Fix {pmd,pud}_{set,clear}_flags()
    - ARM: orion: fix orion_ge00_switch_board_info initialization
    - ARM: dts: rockchip: Remove 1.8 GHz operation point from phycore som
    - ARM: mvebu: Fix broken PL310_ERRATA_753970 selects
    - ARM: kvm: fix building with gcc-8
    - KVM: X86: Fix SMRAM accessing even if VM is shutdown
    - KVM: mmu: Fix overlap between public and private memslots
    - KVM/x86: Remove indirect MSR op calls from SPEC_CTRL
    - KVM: x86: move LAPIC initialization after VMCS creation
    - KVM/VMX: Optimize vmx_vcpu_run() and svm_vcpu_run() by marking the RDMSR
      path as unlikely()
    - KVM: x86: fix vcpu initialization with userspace lapic
    - KVM/x86: remove WARN_ON() for when vm_munmap() fails
    - ACPI / bus: Parse tables as term_list for Dell XPS 9570 and Precision M5530
    - ARM: dts: LogicPD SOM-LV: Fix I2C1 pinmux
    - ARM: dts: LogicPD Torpedo: Fix I2C1 pinmux
    - powerpc/64s/radix: Boot-time NULL pointer protection using a guard-PID
    - md: only allow remove_and_add_spares when no sync_thread running.
    - platform/x86: dell-laptop: fix kbd_get_state's request value
    - Linux 4.15.8
  * ZFS setgid broken on 0.7 (LP: #1753288)
    - SAUCE: Fix ZFS setgid
  * /proc/kallsyms prints "(null)" for null addresses in 4.15 (LP: #1754297)
    - vsprintf: avoid misleading "(null)" for %px
  * Miscellaneous Ubuntu changes
    - d-i: Add netsec to nic-modules
    - [Config] fix up retpoline abi files
    - [Config] set NOBP and expoline options for s390

[ Ubuntu: 4.15.0-12.13 ]

* linux: 4.15.0-12.13 -proposed tracker (LP: #1754059)
  * CONFIG_EFI=y on armhf (LP: #1726362)
    - [Config] CONFIG_EFI=y on armhf, reconcile secureboot EFI settings
  * ppc64el: Support firmware disable of RFI flush (LP: #1751994)
    - powerpc/pseries: Support firmware disable of RFI flush
    - powerpc/powernv: Support firmware disable of RFI flush
  * [Feature] CFL/CNL (PCH:CNP-H): New GPIO Commit added (GPIO Driver needed)
    (LP: #1751714)
    - gpio / ACPI: Drop unnecessary ACPI GPIO to Linux GPIO translation
    - pinctrl: intel: Allow custom GPIO base for pad groups
    - pinctrl: cannonlake: Align GPIO number space with Windows
  * [Feature] Add xHCI debug device support in the driver (LP: #1730832)
    - usb: xhci: Make some static functions global
    - usb: xhci: Add DbC support in xHCI driver
    - [Config] USB_XHCI_DBGCAP=y for commit mainline dfba2174dc42.
  * [SRU] Lenovo E41 Mic mute hotkey is not responding (LP: #1753347)
    - platform/x86: ideapad-laptop: Increase timeout to wait for EC answer
  * headset mic can't be detected on two Dell machines (LP: #1748807)
    - ALSA: hda - Fix a wrong FIXUP for alc289 on Dell machines
  * hisi_sas: Add disk LED support (LP: #1752695)
    - scsi: hisi_sas: directly attached disk LED feature for v2 hw
  * [Feature] [Graphics]Whiskey Lake (Coffelake-U 4+2) new PCI Device ID adds
    (LP: #1742561)
    - drm/i915/cfl: Adding more Coffee Lake PCI IDs.
  * [Bug] [USB Function][CFL-CNL PCH]Stall Error and USB Transaction Error in
    trace, Disable of device-initiated U1/U2 failed and rebind failed: -517
    during suspend/resume with usb storage. (LP: #1730599)
    - usb: Don't print a warning if interface driver rebind is deferred at resume
  * retpoline: ignore %cs:0xNNN constant indirections (LP: #1752655)
    - [Packaging] retpoline -- elide %cs:0xNNNN constants on i386
    - [Config] retpoline -- clean up i386 retpoline files
  * hisilicon hibmc regression due to ea642c3216cb ("drm/ttm: add io_mem_pfn
    callback") (LP: #1738334)
    - drm/ttm: add ttm_bo_io_mem_pfn to check io_mem_pfn
  * [Asus UX360UA] battery status in unity-panel is not changing when battery is
    being charged (LP: #1661876) // AC adapter status not detected on Asus
    ZenBook UX410UAK (LP: #1745032)
    - ACPI / battery: Add quirk for Asus UX360UA and UX410UAK
  * ASUS UX305LA - Battery state not detected correctly (LP: #1482390)
    - ACPI / battery: Add quirk for Asus GL502VSK and UX305LA
  * [18.04 FEAT] Automatically detect layer2 setting in the qeth device driver
    (LP: #1747639)
    - s390/diag: add diag26c support for VNIC info
    - s390/qeth: support early setup for z/VM NICs
  * Bionic update to v4.15.7 stable release (LP: #1752317)
    - netfilter: drop outermost socket lock in getsockopt()
    - arm64: mm: don't write garbage into TTBR1_EL1 register
    - kconfig.h: Include compiler types to avoid missed struct attributes
    - MIPS: boot: Define __ASSEMBLY__ for its.S build
    - xtensa: fix high memory/reserved memory collision
    - scsi: ibmvfc: fix misdefined reserved field in ibmvfc_fcp_rsp_info
    - MIPS: Drop spurious __unused in struct compat_flock
    - cfg80211: fix cfg80211_beacon_dup
    - i2c: designware: must wait for enable
    - i2c: bcm2835: Set up the rising/falling edge delays
    - X.509: fix BUG_ON() when hash algorithm is unsupported
    - X.509: fix NULL dereference when restricting key with unsupported_sig
    - PKCS#7: fix certificate chain verification
    - PKCS#7: fix certificate blacklisting
    - extcon: int3496: process id-pin first so that we start with the right status
    - genirq/matrix: Handle CPU offlining proper
    - RDMA/uverbs: Protect from races between lookup and destroy of uobjects
    - RDMA/uverbs: Protect from command mask overflow
    - RDMA/uverbs: Fix bad unlock balance in ib_uverbs_close_xrcd
    - RDMA/uverbs: Fix circular locking dependency
    - RDMA/uverbs: Sanitize user entered port numbers prior to access it
    - iio: adc: stm32: fix stm32h7_adc_enable error handling
    - iio: srf08: fix link error "devm_iio_triggered_buffer_setup" undefined
    - iio: buffer: check if a buffer has been set up when poll is called
    - iio: adis_lib: Initialize trigger before requesting interrupt
    - Kbuild: always define endianess in kconfig.h
    - x86/apic/vector: Handle vector release on CPU unplug correctly
    - x86/oprofile: Fix bogus GCC-8 warning in nmi_setup()
    - mm, swap, frontswap: fix THP swap if frontswap enabled
    - mm: don't defer struct page initialization for Xen pv guests
    - uapi/if_ether.h: move __UAPI_DEF_ETHHDR libc define
    - irqchip/gic-v3: Use wmb() instead of smb_wmb() in gic_raise_softirq()
    - irqchip/mips-gic: Avoid spuriously handling masked interrupts
    - PCI/cxgb4: Extend T3 PCI quirk to T4+ devices
    - net: thunderbolt: Tear down connection properly on suspend
    - net: thunderbolt: Run disconnect flow asynchronously when logout is received
    - ohci-hcd: Fix race condition caused by ohci_urb_enqueue() and
      io_watchdog_func()
    - usb: ohci: Proper handling of ed_rm_list to handle race condition between
      usb_kill_urb() and finish_unlinks()
    - arm64: Remove unimplemented syscall log message
    - arm64: Disable unhandled signal log messages by default
    - arm64: cpufeature: Fix CTR_EL0 field definitions
    - Add delay-init quirk for Corsair K70 RGB keyboards
    - usb: host: ehci: use correct device pointer for dma ops
    - usb: dwc3: gadget: Set maxpacket size for ep0 IN
    - usb: dwc3: ep0: Reset TRB counter for ep0 IN
    - usb: phy: mxs: Fix NULL pointer dereference on i.MX23/28
    - usb: ldusb: add PIDs for new CASSY devices supported by this driver
    - Revert "usb: musb: host: don't start next rx urb if current one failed"
    - usb: gadget: f_fs: Process all descriptors during bind
    - usb: gadget: f_fs: Use config_ep_by_speed()
    - usb: renesas_usbhs: missed the "running" flag in usb_dmac with rx path
    - drm/cirrus: Load lut in crtc_commit
    - drm/atomic: Fix memleak on ERESTARTSYS during non-blocking commits
    - drm: Handle unexpected holes in color-eviction
    - drm/amdgpu: disable MMHUB power gating on raven
    - drm/amdgpu: fix VA hole handling on Vega10 v3
    - drm/amdgpu: Add dpm quirk for Jet PRO (v2)
    - drm/amdgpu: only check mmBIF_IOV_FUNC_IDENTIFIER on tonga/fiji
    - drm/amdgpu: Avoid leaking PM domain on driver unbind (v2)
    - drm/amdgpu: add new device to use atpx quirk
    - arm64: __show_regs: Only resolve kernel symbols when running at EL1
    - drm/i915/breadcrumbs: Ignore unsubmitted signalers
    - microblaze: fix endian handling
    - Linux 4.15.7
  * [regression] Colour banding and artefacts appear system-wide on an Asus
    Zenbook UX303LA with Intel HD 4400 graphics (LP: #1749420) // Bionic update
    to v4.15.7 stable release (LP: #1752317)
    - drm/edid: Add 6 bpc quirk for CPT panel in Asus UX303LA
  * errors with sas hotplug (LP: #1752146)
    - scsi: libsas: fix memory leak in sas_smp_get_phy_events()
    - scsi: libsas: fix error when getting phy events
    - scsi: libsas: initialize sas_phy status according to response of DISCOVER
    - scsi: libsas: Use dynamic alloced work to avoid sas event lost
    - scsi: libsas: shut down the PHY if events reached the threshold
    - scsi: libsas: make the event threshold configurable
    - scsi: libsas: Use new workqueue to run sas event and disco event
    - scsi: libsas: use flush_workqueue to process disco events synchronously
    - scsi: libsas: direct call probe and destruct
    - scsi: libsas: notify event PORTE_BROADCAST_RCVD in sas_enable_revalidation()
  * rtnetlink: enable namespace identifying properties in rtnetlink requests
    (LP: #1748232)
    - rtnetlink: enable IFLA_IF_NETNSID in do_setlink()
    - rtnetlink: enable IFLA_IF_NETNSID for RTM_SETLINK
    - rtnetlink: enable IFLA_IF_NETNSID for RTM_DELLINK
    - rtnetlink: enable IFLA_IF_NETNSID for RTM_NEWLINK
    - rtnetlink: remove check for IFLA_IF_NETNSID
    - rtnetlink: require unique netns identifier
  * Bionic update to v4.15.6 stable release (LP: #1752119)
    - tun: fix tun_napi_alloc_frags() frag allocator
    - ptr_ring: fail early if queue occupies more than KMALLOC_MAX_SIZE
    - ptr_ring: try vmalloc() when kmalloc() fails
    - selinux: ensure the context is NUL terminated in
      security_context_to_sid_core()
    - selinux: skip bounded transition processing if the policy isn't loaded
    - media: pvrusb2: properly check endpoint types
    - crypto: x86/twofish-3way - Fix %rbp usage
    - staging: android: ion: Add __GFP_NOWARN for system contig heap
    - staging: android: ion: Switch from WARN to pr_warn
    - blk_rq_map_user_iov: fix error override
    - KVM: x86: fix escape of guest dr6 to the host
    - kcov: detect double association with a single task
    - netfilter: x_tables: fix int overflow in xt_alloc_table_info()
    - netfilter: x_tables: avoid out-of-bounds reads in
      xt_request_find_{match|target}
    - netfilter: ipt_CLUSTERIP: fix out-of-bounds accesses in clusterip_tg_check()
    - netfilter: on sockopt() acquire sock lock only in the required scope
    - netfilter: xt_cgroup: initialize info->priv in cgroup_mt_check_v1()
    - netfilter: xt_RATEEST: acquire xt_rateest_mutex for hash insert
    - rds: tcp: correctly sequence cleanup on netns deletion.
    - rds: tcp: atomically purge entries from rds_tcp_conn_list during netns
      delete
    - net: avoid skb_warn_bad_offload on IS_ERR
    - net_sched: gen_estimator: fix lockdep splat
    - soc: qcom: rmtfs_mem: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
    - ASoC: ux500: add MODULE_LICENSE tag
    - video: fbdev/mmp: add MODULE_LICENSE
    - ARM: 8743/1: bL_switcher: add MODULE_LICENSE tag
    - arm64: dts: add #cooling-cells to CPU nodes
    - dn_getsockoptdecnet: move nf_{get/set}sockopt outside sock lock
    - ANDROID: binder: remove WARN() for redundant txn error
    - ANDROID: binder: synchronize_rcu() when using POLLFREE.
    - staging: android: ashmem: Fix a race condition in pin ioctls
    - binder: check for binder_thread allocation failure in binder_poll()
    - binder: replace "%p" with "%pK"
    - staging: fsl-mc: fix build testing on x86
    - staging: iio: adc: ad7192: fix external frequency setting
    - staging: iio: ad5933: switch buffer mode to software
    - xhci: Fix NULL pointer in xhci debugfs
    - xhci: Fix xhci debugfs devices node disappearance after hibernation
    - xhci: xhci debugfs device nodes weren't removed after device plugged out
    - xhci: fix xhci debugfs errors in xhci_stop
    - usbip: keep usbip_device sockfd state in sync with tcp_socket
    - crypto: s5p-sss - Fix kernel Oops in AES-ECB mode
    - mei: me: add cannon point device ids
    - mei: me: add cannon point device ids for 4th device
    - vmalloc: fix __GFP_HIGHMEM usage for vmalloc_32 on 32b systems
    - Linux 4.15.6
  * Unable to insert test_bpf module on Bionic s390x (LP: #1751234)
    - bpf: fix selftests/bpf test_kmod.sh failure when CONFIG_BPF_JIT_ALWAYS_ON=y
  * [Ubuntu 18.04 FEAT] OpenCAPI enabling (LP: #1746988)
    - powerpc/powernv: Introduce new PHB type for opencapi links
    - powerpc/powernv: Set correct configuration space size for opencapi devices
    - powerpc/powernv: Add opal calls for opencapi
    - powerpc/powernv: Add platform-specific services for opencapi
    - powerpc/powernv: Capture actag information for the device
    - ocxl: Driver code for 'generic' opencapi devices
    - ocxl: Add AFU interrupt support
    - ocxl: Add a kernel API for other opencapi drivers
    - ocxl: Add trace points
    - ocxl: Add Makefile and Kconfig
    - [Config] CONFIG_OCXL=m for ppc64el
    - cxl: Remove support for "Processing accelerators" class
    - ocxl: Documentation
    - ocxl: add MAINTAINERS entry
    - cxl: Add support for ASB_Notify on POWER9
  * Request to update 18.04 kernel aacraid to upstream 4.16 version
    (LP: #1746801)
    - scsi: aacraid: remove unused variable managed_request_id
    - scsi: aacraid: Do not attempt abort when Fw panicked
    - scsi: aacraid: Do not remove offlined devices
    - scsi: aacraid: Fix ioctl reset hang
    - scsi: aacraid: Allow reset_host sysfs var to recover Panicked Fw
    - scsi: aacraid: Refactor reset_host store function
    - scsi: aacraid: Move code to wait for IO completion to shutdown func
    - scsi: aacraid: Create bmic submission function from bmic identify
    - scsi: aacraid: Change phy luns function to use common bmic function
    - scsi: aacraid: Refactor and rename to make mirror existing changes
    - scsi: aacraid: Add target setup helper function
    - scsi: aacraid: Untangle targets setup from report phy luns
    - scsi: aacraid: Move function around to match existing code
    - scsi: aacraid: Create helper functions to get lun info
    - scsi: aacraid: Save bmic phy information for each phy
    - scsi: aacraid: Add helper function to set queue depth
    - scsi: aacraid: Merge func to get container information
    - scsi: aacraid: Process hba and container hot plug events in single function
    - scsi: aacraid: Added macros to help loop through known buses and targets
    - scsi: aacraid: Refactor resolve luns code and scsi functions
    - scsi: aacraid: Merge adapter setup with resolve luns
    - scsi: aacraid: Block concurrent hotplug event handling
    - scsi: aacraid: Use hotplug handling function in place of scsi_scan_host
    - scsi: aacraid: Reschedule host scan in case of failure
    - scsi: aacraid: Fix hang while scanning in eh recovery
    - scsi: aacraid: Skip schedule rescan in case of kdump
    - scsi: aacraid: Remove unused rescan variable
    - scsi: aacraid: Remove AAC_HIDE_DISK check in queue command
    - scsi: aacraid: Update driver version to 50877
    - scsi: aacraid: Fix driver oops with dead battery
    - scsi: aacraid: remove redundant setting of variable c
    - scsi: aacraid: Get correct lun count
    - scsi: aacraid: Delay for rescan worker needs to be 10 seconds
  * [18.04] kpatch - Add livepatch hook support for ppc64le (LP: #1741992)
    - powerpc/modules: Add REL24 relocation support of livepatch symbols
    - powerpc/modules: Don't try to restore r2 after a sibling call
    - powerpc/modules: Improve restore_r2() error message
  * Ubuntu 18.04 - Include latest ibmvnic fixes in Ubuntu kernel (LP: #1748517)
    - ibmvnic: Rename IBMVNIC_MAX_TX_QUEUES to IBMVNIC_MAX_QUEUES
    - ibmvnic: Increase maximum number of RX/TX queues
    - ibmvnic: Include header descriptor support for ARP packets
    - ibmvnic: Don't handle RX interrupts when not up.
    - ibmvnic: Wait for device response when changing MAC
    - ibmvnic: fix firmware version when no firmware level has been provided by
      the VIOS server
    - ibmvnic: fix empty firmware version and errors cleanup
    - ibmvnic: Fix rx queue cleanup for non-fatal resets
    - ibmvnic: Ensure that buffers are NULL after free
    - ibmvnic: queue reset when CRQ gets closed during reset
    - ibmvnic: Reset long term map ID counter
    - ibmvnic: Remove skb->protocol checks in ibmvnic_xmit
    - ibmvnic: Wait until reset is complete to set carrier on
    - ibmvnic: Fix login buffer memory leaks
    - ibmvnic: Fix NAPI structures memory leak
    - ibmvnic: Free RX socket buffer in case of adapter error
    - ibmvnic: Clean RX pool buffers during device close
    - ibmvnic: Check for NULL skb's in NAPI poll routine
    - ibmvnic: Fix early release of login buffer
  * Power9 DD 2.2 needs HMI fixup backport of upstream
    patch(d075745d893c78730e4a3b7a60fca23c2f764081) into kernel (LP: #1751834)
    - KVM: PPC: Book3S HV: Improve handling of debug-trigger HMIs on POWER9
  * Driver not found in Ubuntu kernel does not detect interface (LP: #1745927)
    - d-i: add cxgb4 to nic-modules
  * BCM5719/tg3 loses connectivity due to missing heartbeats between fw and
    driver (LP: #1751337)
    - tg3: APE heartbeat changes
  * Miscellaneous Ubuntu changes
    - ubuntu: vbox -- update to 5.2.6-dfsg-5
    - Revert "UBUNTU: SAUCE: Import aufs driver"
    - SAUCE: Import aufs driver
    - Revert "UBUNTU: SAUCE: (no-up) Convert bnx2x firmware files to ihex format"
    - [Packaging] retpoline-extract: flag *0xNNN(%reg) branches
    - [Config] fix up retpoline abi files
    - ubuntu: vbox -- update to 5.2.8-dfsg-2

[ Ubuntu: 4.15.0-11.12 ]

* linux: 4.15.0-11.12 -proposed tracker (LP: #1751285)
  * Support low-pin-count devices on Hisilicon SoCs (LP: #1677319)
    - [Config] CONFIG_INDIRECT_PIO=y
    - SAUCE: LIB: Introduce a generic PIO mapping method
    - SAUCE: PCI: Remove unused __weak attribute in pci_register_io_range()
    - SAUCE: PCI: Add fwnode handler as input param of pci_register_io_range()
    - SAUCE: PCI: Apply the new generic I/O management on PCI IO hosts
    - SAUCE: OF: Add missing I/O range exception for indirect-IO devices
    - [Config] CONFIG_HISILICON_LPC=y
    - SAUCE: HISI LPC: Support the LPC host on Hip06/Hip07 with DT bindings
    - SAUCE: ACPI / scan: do not enumerate Indirect IO host children
    - SAUCE: HISI LPC: Add ACPI support
    - SAUCE: MAINTAINERS: Add maintainer for HiSilicon LPC driver
  * Bionic update to v4.15.5 stable release (LP: #1751131)
    - scsi: smartpqi: allow static build ("built-in")
    - IB/umad: Fix use of unprotected device pointer
    - IB/qib: Fix comparison error with qperf compare/swap test
    - IB/mlx4: Fix incorrectly releasing steerable UD QPs when have only ETH ports
    - IB/core: Fix two kernel warnings triggered by rxe registration
    - IB/core: Fix ib_wc structure size to remain in 64 bytes boundary
    - IB/core: Avoid a potential OOPs for an unused optional parameter
    - selftests: seccomp: fix compile error seccomp_bpf
    - kselftest: fix OOM in memory compaction test
    - RDMA/rxe: Fix a race condition related to the QP error state
    - RDMA/rxe: Fix a race condition in rxe_requester()
    - RDMA/rxe: Fix rxe_qp_cleanup()
    - cpufreq: powernv: Dont assume distinct pstate values for nominal and pmin
    - PM / devfreq: Propagate error from devfreq_add_device()
    - mwifiex: resolve reset vs. remove()/shutdown() deadlocks
    - ocfs2: try a blocking lock before return AOP_TRUNCATED_PAGE
    - trace_uprobe: Display correct offset in uprobe_events
    - powerpc/radix: Remove trace_tlbie call from radix__flush_tlb_all
    - powerpc/kernel: Block interrupts when updating TIDR
    - powerpc/vas: Don't set uses_vas for kernel windows
    - powerpc/numa: Invalidate numa_cpu_lookup_table on cpu remove
    - powerpc/mm: Flush radix process translations when setting MMU type
    - powerpc/xive: Use hw CPU ids when configuring the CPU queues
    - dma-buf: fix reservation_object_wait_timeout_rcu once more v2
    - s390: fix handling of -1 in set{,fs}[gu]id16 syscalls
    - arm64: dts: msm8916: Correct ipc references for smsm
    - ARM: lpc3250: fix uda1380 gpio numbers
    - ARM: dts: STi: Add gpio polarity for "hdmi,hpd-gpio" property
    - ARM: dts: nomadik: add interrupt-parent for clcd
    - arm: dts: mt7623: fix card detection issue on bananapi-r2
    - arm: spear600: Add missing interrupt-parent of rtc
    - arm: spear13xx: Fix dmas cells
    - arm: spear13xx: Fix spics gpio controller's warning
    - x86/gpu: add CFL to early quirks
    - x86/kexec: Make kexec (mostly) work in 5-level paging mode
    - x86/xen: init %gs very early to avoid page faults with stack protector
    - x86: PM: Make APM idle driver initialize polling state
    - mm, memory_hotplug: fix memmap initialization
    - x86/entry/64: Clear extra registers beyond syscall arguments, to reduce
      speculation attack surface
    - x86/entry/64/compat: Clear registers for compat syscalls, to reduce
      speculation attack surface
    - compiler-gcc.h: Introduce __optimize function attribute
    - compiler-gcc.h: __nostackprotector needs gcc-4.4 and up
    - crypto: sun4i_ss_prng - fix return value of sun4i_ss_prng_generate
    - crypto: sun4i_ss_prng - convert lock to _bh in sun4i_ss_prng_generate
    - powerpc/mm/radix: Split linear mapping on hot-unplug
    - x86/mm/pti: Fix PTI comment in entry_SYSCALL_64()
    - x86/speculation: Update Speculation Control microcode blacklist
    - x86/speculation: Correct Speculation Control microcode blacklist again
    - Revert "x86/speculation: Simplify indirect_branch_prediction_barrier()"
    - KVM/x86: Reduce retpoline performance impact in slot_handle_level_range(),
      by always inlining iterator helper methods
    - X86/nVMX: Properly set spec_ctrl and pred_cmd before merging MSRs
    - KVM/nVMX: Set the CPU_BASED_USE_MSR_BITMAPS if we have a valid L02 MSR
      bitmap
    - x86/speculation: Clean up various Spectre related details
    - PM / runtime: Update links_count also if !CONFIG_SRCU
    - PM: cpuidle: Fix cpuidle_poll_state_init() prototype
    - platform/x86: wmi: fix off-by-one write in wmi_dev_probe()
    - x86/entry/64: Clear registers for exceptions/interrupts, to reduce
      speculation attack surface
    - x86/entry/64: Merge SAVE_C_REGS and SAVE_EXTRA_REGS, remove unused
      extensions
    - x86/entry/64: Merge the POP_C_REGS and POP_EXTRA_REGS macros into a single
      POP_REGS macro
    - x86/entry/64: Interleave XOR register clearing with PUSH instructions
    - x86/entry/64: Introduce the PUSH_AND_CLEAN_REGS macro
    - x86/entry/64: Use PUSH_AND_CLEAN_REGS in more cases
    - x86/entry/64: Get rid of the ALLOC_PT_GPREGS_ON_STACK and
      SAVE_AND_CLEAR_REGS macros
    - x86/entry/64: Indent PUSH_AND_CLEAR_REGS and POP_REGS properly
    - x86/entry/64: Fix paranoid_entry() frame pointer warning
    - x86/entry/64: Remove the unused 'icebp' macro
    - selftests/x86: Fix vDSO selftest segfault for vsyscall=none
    - selftests/x86: Clean up and document sscanf() usage
    - selftests/x86/pkeys: Remove unused functions
    - selftests/x86: Fix build bug caused by the 5lvl test which has been moved to
      the VM directory
    - selftests/x86: Do not rely on "int $0x80" in test_mremap_vdso.c
    - gfs2: Fixes to "Implement iomap for block_map"
    - selftests/x86: Do not rely on "int $0x80" in single_step_syscall.c
    - selftests/x86: Disable tests requiring 32-bit support on pure 64-bit systems
    - objtool: Fix segfault in ignore_unreachable_insn()
    - x86/debug, objtool: Annotate WARN()-related UD2 as reachable
    - x86/debug: Use UD2 for WARN()
    - x86/speculation: Fix up array_index_nospec_mask() asm constraint
    - nospec: Move array_index_nospec() parameter checking into separate macro
    - x86/speculation: Add <asm/msr-index.h> dependency
    - x86/mm: Rename flush_tlb_single() and flush_tlb_one() to
      __flush_tlb_one_[user|kernel]()
    - selftests/x86/mpx: Fix incorrect bounds with old _sigfault
    - x86/cpu: Rename cpu_data.x86_mask to cpu_data.x86_stepping
    - x86/spectre: Fix an error message
    - x86/cpu: Change type of x86_cache_size variable to unsigned int
    - x86/entry/64: Fix CR3 restore in paranoid_exit()
    - drm/ttm: Don't add swapped BOs to swap-LRU list
    - drm/ttm: Fix 'buf' pointer update in ttm_bo_vm_access_kmap() (v2)
    - drm/qxl: unref cursor bo when finished with it
    - drm/qxl: reapply cursor after resetting primary
    - drm/amd/powerplay: Fix smu_table_entry.handle type
    - drm/ast: Load lut in crtc_commit
    - drm: Check for lessee in DROP_MASTER ioctl
    - arm64: Add missing Falkor part number for branch predictor hardening
    - drm/radeon: Add dpm quirk for Jet PRO (v2)
    - drm/radeon: adjust tested variable
    - x86/smpboot: Fix uncore_pci_remove() indexing bug when hot-removing a
      physical CPU
    - rtc-opal: Fix handling of firmware error codes, prevent busy loops
    - mbcache: initialize entry->e_referenced in mb_cache_entry_create()
    - mmc: sdhci: Implement an SDHCI-specific bounce buffer
    - mmc: bcm2835: Don't overwrite max frequency unconditionally
    - Revert "mmc: meson-gx: include tx phase in the tuning process"
    - mlx5: fix mlx5_get_vector_affinity to start from completion vector 0
    - Revert "apple-gmux: lock iGP IO to protect from vgaarb changes"
    - jbd2: fix sphinx kernel-doc build warnings
    - ext4: fix a race in the ext4 shutdown path
    - ext4: save error to disk in __ext4_grp_locked_error()
    - ext4: correct documentation for grpid mount option
    - mm: hide a #warning for COMPILE_TEST
    - mm: Fix memory size alignment in devm_memremap_pages_release()
    - MIPS: Fix typo BIG_ENDIAN to CPU_BIG_ENDIAN
    - MIPS: CPS: Fix MIPS_ISA_LEVEL_RAW fallout
    - MIPS: Fix incorrect mem=X@Y handling
    - PCI: Disable MSI for HiSilicon Hip06/Hip07 only in Root Port mode
    - PCI: iproc: Fix NULL pointer dereference for BCMA
    - PCI: pciehp: Assume NoCompl+ for Thunderbolt ports
    - PCI: keystone: Fix interrupt-controller-node lookup
    - video: fbdev: atmel_lcdfb: fix display-timings lookup
    - console/dummy: leave .con_font_get set to NULL
    - rbd: whitelist RBD_FEATURE_OPERATIONS feature bit
    - xen: Fix {set,clear}_foreign_p2m_mapping on autotranslating guests
    - xenbus: track caller request id
    - seq_file: fix incomplete reset on read from zero offset
    - tracing: Fix parsing of globs with a wildcard at the beginning
    - mpls, nospec: Sanitize array index in mpls_label_ok()
    - rtlwifi: rtl8821ae: Fix connection lost problem correctly
    - arm64: proc: Set PTE_NG for table entries to avoid traversing them twice
    - xprtrdma: Fix calculation of ri_max_send_sges
    - xprtrdma: Fix BUG after a device removal
    - blk-wbt: account flush requests correctly
    - target/iscsi: avoid NULL dereference in CHAP auth error path
    - iscsi-target: make sure to wake up sleeping login worker
    - dm: correctly handle chained bios in dec_pending()
    - Btrfs: fix deadlock in run_delalloc_nocow
    - Btrfs: fix crash due to not cleaning up tree log block's dirty bits
    - Btrfs: fix extent state leak from tree log
    - Btrfs: fix btrfs_evict_inode to handle abnormal inodes correctly
    - Btrfs: fix use-after-free on root->orphan_block_rsv
    - Btrfs: fix unexpected -EEXIST when creating new inode
    - 9p/trans_virtio: discard zero-length reply
    - mtd: nand: vf610: set correct ooblayout
    - ALSA: usb-audio: Fix UAC2 get_ctl request with a RANGE attribute
    - ALSA: hda/realtek - Add headset mode support for Dell laptop
    - ALSA: hda/realtek - Enable Thinkpad Dock device for ALC298 platform
    - ALSA: hda/realtek: PCI quirk for Fujitsu U7x7
    - ALSA: usb-audio: add implicit fb quirk for Behringer UFX1204
    - ALSA: usb: add more device quirks for USB DSD devices
    - ALSA: seq: Fix racy pool initializations
    - mvpp2: fix multicast address filter
    - usb: Move USB_UHCI_BIG_ENDIAN_* out of USB_SUPPORT
    - x86/mm, mm/hwpoison: Don't unconditionally unmap kernel 1:1 pages
    - ARM: dts: exynos: fix RTC interrupt for exynos5410
    - ARM: pxa/tosa-bt: add MODULE_LICENSE tag
    - arm64: dts: msm8916: Add missing #phy-cells
    - ARM: dts: s5pv210: add interrupt-parent for ohci
    - arm: dts: mt7623: Update ethsys binding
    - arm: dts: mt2701: Add reset-cells
    - ARM: dts: Delete bogus reference to the charlcd
    - media: r820t: fix r820t_write_reg for KASAN
    - mmc: sdhci-of-esdhc: fix eMMC couldn't work after kexec
    - mmc: sdhci-of-esdhc: fix the mmc error after sleep on ls1046ardb
    - Linux 4.15.5
  * retpoline abi files are empty on i386 (LP: #1751021)
    - [Packaging] retpoline-extract -- instantiate retpoline files for i386
    - [Packaging] final-checks -- sanity checking ABI contents
    - [Packaging] final-checks -- check for empty retpoline files
    - [Config] Disable i386 retpoline check for next upload
  * Bionic update to v4.15.4 stable release (LP: #1751064)
    - watchdog: indydog: Add dependency on SGI_HAS_INDYDOG
    - cifs: Fix missing put_xid in cifs_file_strict_mmap
    - cifs: Fix autonegotiate security settings mismatch
    - CIFS: zero sensitive data when freeing
    - cpufreq: mediatek: add mediatek related projects into blacklist
    - dmaengine: dmatest: fix container_of member in dmatest_callback
    - ssb: Do not disable PCI host on non-Mips
    - watchdog: gpio_wdt: set WDOG_HW_RUNNING in gpio_wdt_stop
    - Revert "drm/i915: mark all device info struct with __initconst"
    - sched/rt: Use container_of() to get root domain in rto_push_irq_work_func()
    - sched/rt: Up the root domain ref count when passing it around via IPIs
    - media: dvb-usb-v2: lmedm04: Improve logic checking of warm start
    - media: dvb-usb-v2: lmedm04: move ts2020 attach to dm04_lme2510_tuner
    - media: hdpvr: Fix an error handling path in hdpvr_probe()
    - arm64: mm: Use non-global mappings for kernel space
    - arm64: mm: Temporarily disable ARM64_SW_TTBR0_PAN
    - arm64: mm: Move ASID from TTBR0 to TTBR1
    - arm64: mm: Remove pre_ttbr0_update_workaround for Falkor erratum #E1003
    - arm64: mm: Rename post_ttbr0_update_workaround
    - arm64: mm: Fix and re-enable ARM64_SW_TTBR0_PAN
    - arm64: mm: Allocate ASIDs in pairs
    - arm64: mm: Add arm64_kernel_unmapped_at_el0 helper
    - arm64: mm: Invalidate both kernel and user ASIDs when performing TLBI
    - arm64: entry: Add exception trampoline page for exceptions from EL0
    - arm64: mm: Map entry trampoline into trampoline and kernel page tables
    - arm64: entry: Explicitly pass exception level to kernel_ventry macro
    - arm64: entry: Hook up entry trampoline to exception vectors
    - arm64: erratum: Work around Falkor erratum #E1003 in trampoline code
    - arm64: cpu_errata: Add Kryo to Falkor 1003 errata
    - arm64: tls: Avoid unconditional zeroing of tpidrro_el0 for native tasks
    - arm64: entry: Add fake CPU feature for unmapping the kernel at EL0
    - arm64: kaslr: Put kernel vectors address in separate data page
    - arm64: use RET instruction for exiting the trampoline
    - arm64: Kconfig: Add CONFIG_UNMAP_KERNEL_AT_EL0
    - arm64: Kconfig: Reword UNMAP_KERNEL_AT_EL0 kconfig entry
    - arm64: Take into account ID_AA64PFR0_EL1.CSV3
    - arm64: capabilities: Handle duplicate entries for a capability
    - arm64: mm: Introduce TTBR_ASID_MASK for getting at the ASID in the TTBR
    - arm64: kpti: Fix the interaction between ASID switching and software PAN
    - arm64: cputype: Add MIDR values for Cavium ThunderX2 CPUs
    - arm64: kpti: Make use of nG dependent on arm64_kernel_unmapped_at_el0()
    - arm64: mm: Permit transitioning from Global to Non-Global without BBM
    - arm64: kpti: Add ->enable callback to remap swapper using nG mappings
    - arm64: Force KPTI to be disabled on Cavium ThunderX
    - arm64: entry: Reword comment about post_ttbr_update_workaround
    - arm64: idmap: Use "awx" flags for .idmap.text .pushsection directives
    - perf: arm_spe: Fail device probe when arm64_kernel_unmapped_at_el0()
    - arm64: barrier: Add CSDB macros to control data-value prediction
    - arm64: Implement array_index_mask_nospec()
    - arm64: Make USER_DS an inclusive limit
    - arm64: Use pointer masking to limit uaccess speculation
    - arm64: entry: Ensure branch through syscall table is bounded under
      speculation
    - arm64: uaccess: Prevent speculative use of the current addr_limit
    - arm64: uaccess: Don't bother eliding access_ok checks in __{get, put}_user
    - arm64: uaccess: Mask __user pointers for __arch_{clear, copy_*}_user
    - arm64: futex: Mask __user pointers prior to dereference
    - arm64: cpufeature: __this_cpu_has_cap() shouldn't stop early
    - arm64: Run enable method for errata work arounds on late CPUs
    - arm64: cpufeature: Pass capability structure to ->enable callback
    - drivers/firmware: Expose psci_get_version through psci_ops structure
    - arm64: Move post_ttbr_update_workaround to C code
    - arm64: Add skeleton to harden the branch predictor against aliasing attacks
    - arm64: Move BP hardening to check_and_switch_context
    - arm64: KVM: Use per-CPU vector when BP hardening is enabled
    - arm64: entry: Apply BP hardening for high-priority synchronous exceptions
    - arm64: entry: Apply BP hardening for suspicious interrupts from EL0
    - arm64: cputype: Add missing MIDR values for Cortex-A72 and Cortex-A75
    - arm64: Implement branch predictor hardening for affected Cortex-A CPUs
    - arm64: Implement branch predictor hardening for Falkor
    - arm64: Branch predictor hardening for Cavium ThunderX2
    - arm64: KVM: Increment PC after handling an SMC trap
    - arm/arm64: KVM: Consolidate the PSCI include files
    - arm/arm64: KVM: Add PSCI_VERSION helper
    - arm/arm64: KVM: Add smccc accessors to PSCI code
    - arm/arm64: KVM: Implement PSCI 1.0 support
    - arm/arm64: KVM: Advertise SMCCC v1.1
    - arm64: KVM: Make PSCI_VERSION a fast path
    - arm/arm64: KVM: Turn kvm_psci_version into a static inline
    - arm64: KVM: Report SMCCC_ARCH_WORKAROUND_1 BP hardening support
    - arm64: KVM: Add SMCCC_ARCH_WORKAROUND_1 fast handling
    - firmware/psci: Expose PSCI conduit
    - firmware/psci: Expose SMCCC version through psci_ops
    - arm/arm64: smccc: Make function identifiers an unsigned quantity
    - arm/arm64: smccc: Implement SMCCC v1.1 inline primitive
    - arm64: Add ARM_SMCCC_ARCH_WORKAROUND_1 BP hardening support
    - arm64: Kill PSCI_GET_VERSION as a variant-2 workaround
    - mtd: cfi: convert inline functions to macros
    - mtd: nand: brcmnand: Disable prefetch by default
    - mtd: nand: Fix nand_do_read_oob() return value
    - mtd: nand: sunxi: Fix ECC strength choice
    - ubi: Fix race condition between ubi volume creation and udev
    - ubi: fastmap: Erase outdated anchor PEBs during attach
    - ubi: block: Fix locking for idr_alloc/idr_remove
    - ubifs: free the encrypted symlink target
    - nfs/pnfs: fix nfs_direct_req ref leak when i/o falls back to the mds
    - nfs41: do not return ENOMEM on LAYOUTUNAVAILABLE
    - NFS: Add a cond_resched() to nfs_commit_release_pages()
    - NFS: Fix nfsstat breakage due to LOOKUPP
    - NFS: commit direct writes even if they fail partially
    - NFS: reject request for id_legacy key without auxdata
    - NFS: Fix a race between mmap() and O_DIRECT
    - nfsd: Detect unhashed stids in nfsd4_verify_open_stid()
    - kernfs: fix regression in kernfs_fop_write caused by wrong type
    - ahci: Annotate PCI ids for mobile Intel chipsets as such
    - ahci: Add PCI ids for Intel Bay Trail, Cherry Trail and Apollo Lake AHCI
    - ahci: Add Intel Cannon Lake PCH-H PCI ID
    - crypto: hash - introduce crypto_hash_alg_has_setkey()
    - crypto: cryptd - pass through absence of ->setkey()
    - crypto: mcryptd - pass through absence of ->setkey()
    - crypto: poly1305 - remove ->setkey() method
    - crypto: hash - annotate algorithms taking optional key
    - crypto: hash - prevent using keyed hashes without setting key
    - media: v4l2-ioctl.c: use check_fmt for enum/g/s/try_fmt
    - media: v4l2-ioctl.c: don't copy back the result for -ENOTTY
    - media: v4l2-compat-ioctl32.c: add missing VIDIOC_PREPARE_BUF
    - media: v4l2-compat-ioctl32.c: fix the indentation
    - media: v4l2-compat-ioctl32.c: move 'helper' functions to
      __get/put_v4l2_format32
    - media: v4l2-compat-ioctl32.c: avoid sizeof(type)
    - media: v4l2-compat-ioctl32.c: copy m.userptr in put_v4l2_plane32
    - media: v4l2-compat-ioctl32.c: fix ctrl_is_pointer
    - media: v4l2-compat-ioctl32.c: copy clip list in put_v4l2_window32
    - media: v4l2-compat-ioctl32.c: drop pr_info for unknown buffer type
    - media: v4l2-compat-ioctl32.c: don't copy back the result for certain errors
    - media: v4l2-compat-ioctl32.c: refactor compat ioctl32 logic
    - media: v4l2-compat-ioctl32.c: make ctrl_is_pointer work for subdevs
    - crypto: caam - fix endless loop when DECO acquire fails
    - crypto: sha512-mb - initialize pending lengths correctly
    - crypto: talitos - fix Kernel Oops on hashing an empty file
    - arm: KVM: Fix SMCCC handling of unimplemented SMC/HVC calls
    - KVM: nVMX: Fix races when sending nested PI while dest enters/leaves L2
    - KVM: nVMX: Fix bug of injecting L2 exception into L1
    - KVM: PPC: Book3S HV: Make sure we don't re-enter guest without XIVE loaded
    - KVM: PPC: Book3S HV: Drop locks before reading guest memory
    - KVM: arm/arm64: Handle CPU_PM_ENTER_FAILED
    - KVM: PPC: Book3S PR: Fix broken select due to misspelling
    - ASoC: acpi: fix machine driver selection based on quirk
    - ASoC: rockchip: i2s: fix playback after runtime resume
    - ASoC: skl: Fix kernel warning due to zero NHTL entry
    - ASoC: compress: Correct handling of copy callback
    - watchdog: imx2_wdt: restore previous timeout after suspend+resume
    - afs: Add missing afs_put_cell()
    - afs: Need to clear responded flag in addr cursor
    - afs: Fix missing cursor clearance
    - afs: Fix server list handling
    - btrfs: Handle btrfs_set_extent_delalloc failure in fixup worker
    - Btrfs: raid56: iterate raid56 internal bio with bio_for_each_segment_all
    - kasan: don't emit builtin calls when sanitization is off
    - kasan: rework Kconfig settings
    - media: dvb_frontend: be sure to init dvb_frontend_handle_ioctl() return code
    - media: dvb-frontends: fix i2c access helpers for KASAN
    - media: dt-bindings/media/cec-gpio.txt: mention the CEC/HPD max voltages
    - media: ts2020: avoid integer overflows on 32 bit machines
    - media: vivid: fix module load error when enabling fb and no_error_inj=1
    - media: cxusb, dib0700: ignore XC2028_I2C_FLUSH
    - fs/proc/kcore.c: use probe_kernel_read() instead of memcpy()
    - kernel/async.c: revert "async: simplify lowest_in_progress()"
    - kernel/relay.c: revert "kernel/relay.c: fix potential memory leak"
    - pipe: actually allow root to exceed the pipe buffer limits
    - pipe: fix off-by-one error when checking buffer limits
    - HID: quirks: Fix keyboard + touchpad on Toshiba Click Mini not working
    - Bluetooth: btsdio: Do not bind to non-removable BCM43341
    - ipmi: use dynamic memory for DMI driver override
    - signal/openrisc: Fix do_unaligned_access to send the proper signal
    - signal/sh: Ensure si_signo is initialized in do_divide_error
    - alpha: fix crash if pthread_create races with signal delivery
    - alpha: osf_sys.c: fix put_tv32 regression
    - alpha: Fix mixed up args in EXC macro in futex operations
    - alpha: fix reboot on Avanti platform
    - alpha: fix formating of stack content
    - xtensa: fix futex_atomic_cmpxchg_inatomic
    - EDAC, octeon: Fix an uninitialized variable warning
    - genirq: Make legacy autoprobing work again
    - pinctrl: intel: Initialize GPIO properly when used through irqchip
    - pinctrl: mcp23s08: fix irq setup order
    - pinctrl: sx150x: Unregister the pinctrl on release
    - pinctrl: sx150x: Register pinctrl before adding the gpiochip
    - pinctrl: sx150x: Add a static gpio/pinctrl pin range mapping
    - pktcdvd: Fix pkt_setup_dev() error path
    - pktcdvd: Fix a recently introduced NULL pointer dereference
    - blk-mq: quiesce queue before freeing queue
    - clocksource/drivers/stm32: Fix kernel panic with multiple timers
    - lib/ubsan.c: s/missaligned/misaligned/
    - lib/ubsan: add type mismatch handler for new GCC/Clang
    - objtool: Fix switch-table detection
    - arm64: dts: marvell: add Ethernet aliases
    - drm/i915: Avoid PPS HW/SW state mismatch due to rounding
    - ACPI: sbshc: remove raw pointer from printk() message
    - acpi, nfit: fix register dimm error handling
    - ovl: force r/o mount when index dir creation fails
    - ovl: fix failure to fsync lower dir
    - ovl: take mnt_want_write() for work/index dir setup
    - ovl: take mnt_want_write() for removing impure xattr
    - ovl: hash directory inodes for fsnotify
    - mn10300/misalignment: Use SIGSEGV SEGV_MAPERR to report a failed user copy
    - devpts: fix error handling in devpts_mntget()
    - ftrace: Remove incorrect setting of glob search field
    - scsi: core: Ensure that the SCSI error handler gets woken up
    - scsi: lpfc: Fix crash after bad bar setup on driver attachment
    - scsi: cxlflash: Reset command ioasc
    - rcu: Export init_rcu_head() and destroy_rcu_head() to GPL modules
    - Linux 4.15.4
    - updateconfigs after v4.14.4 stable updates
  * Bionic update to v4.15.4 stable release (LP: #1751064) // CVE-2017-5754 and
    do not need KPTI when KASLR is off.
    - arm64: Turn on KPTI only on CPUs that need it
  * Miscellaneous Ubuntu changes
    - [Config] fix up removed retpoline call sites

-- Marcelo Henrique Cerri <marcelo.cerri@canonical.com>  Wed, 21 Mar 2018 18:25:41 -0300

Changed in linux-azure (Ubuntu Bionic):
status:	New → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntulinux-azure package