Bug #1811981 “test_410_config_lock_down_kernel in ubuntu_kernel_...” : Bugs : ubuntu-kernel-tests

Po-Hsu Lin (cypressyew) on 2019-01-16

tags:	added: bionic ppc64el
description:	updated

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2019-01-16: Missing required logs.

#1

This bug is missing log files that will aid in diagnosing the problem. While running an Ubuntu kernel (not a mainline or third-party kernel) please enter the following command in a terminal window:

apport-collect 1811981

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu):
status:	New → Incomplete

Revision history for this message

Po-Hsu Lin (cypressyew) wrote on 2019-01-17: Re: test_410_config_lock_down_kernel in ubuntu_kernel_security test failed on Bionic with PowerPC

#2

This could be found on KVM kernel as well.

Revision history for this message

Steve Beattie (sbeattie) wrote on 2019-01-17:

#3

Po-Hsu, thanks for the report. I'm not sure the lock down kernel config makes sense for ppc64el and s390x, and the qa-regression-testing script should be updated to reflect that.

The linux-kvm case is possibly worth adjusting the config, I need to discuss that more with the Security Team.

Revision history for this message

Kleber Sacilotto de Souza (kleber-souza) wrote on 2019-01-31:

#4

This testcase also fails with linux-kvm for Cosmic.

Revision history for this message

Po-Hsu Lin (cypressyew) wrote on 2019-02-01:

#5

Didn't see this for ppc64el on the latest 4.15 bionic kernel (4.15.0-45)

Revision history for this message

Po-Hsu Lin (cypressyew) wrote on 2019-03-07:

#6

I think the fix is here for the PowerPC:
https://git.launchpad.net/qa-regression-testing/commit/?id=2082aec714a3a053664082a747b9c166b398cc4f

So this issue can be called fixed in the qa-regression-testing suite.

We will address the kernel configs here.

Changed in qa-regression-testing:
status:	New → Fix Released

Revision history for this message

Po-Hsu Lin (cypressyew) wrote on 2019-03-11:

#7

Hello Steve,

regarding you comment #3:

The linux-kvm case is possibly worth adjusting the config, I need to discuss that more with the Security Team.

Do we need to enable this on the KVM kernel?
Thanks.

no longer affects:

linux (Ubuntu)

Po-Hsu Lin (cypressyew) on 2019-05-24

summary:

test_410_config_lock_down_kernel in ubuntu_kernel_security test failed
- on Bionic with PowerPC
+ on B/C KVM

Po-Hsu Lin (cypressyew) on 2019-06-10

no longer affects:	linux (Ubuntu Bionic)
no longer affects:	linux (Ubuntu Cosmic)
summary:	test_410_config_lock_down_kernel in ubuntu_kernel_security test failed - on B/C KVM + on B/C/D KVM

Po-Hsu Lin (cypressyew) on 2019-06-10

Changed in ubuntu-kernel-tests:
status:	New → In Progress
assignee:	nobody → Po-Hsu Lin (cypressyew)
Changed in linux-kvm (Ubuntu):
assignee:	nobody → Po-Hsu Lin (cypressyew)
Changed in linux-kvm (Ubuntu Bionic):
assignee:	nobody → Po-Hsu Lin (cypressyew)
Changed in linux-kvm (Ubuntu Cosmic):
assignee:	nobody → Po-Hsu Lin (cypressyew)
Changed in linux-kvm (Ubuntu Disco):
assignee:	nobody → Po-Hsu Lin (cypressyew)
status:	New → In Progress
Changed in linux-kvm (Ubuntu Cosmic):
status:	New → In Progress
Changed in linux-kvm (Ubuntu Bionic):
status:	New → In Progress
Changed in linux-kvm (Ubuntu):
status:	New → In Progress

Po-Hsu Lin (cypressyew) on 2019-06-10

description:

updated

Revision history for this message

Po-Hsu Lin (cypressyew) wrote on 2019-06-10:

#8

https://lists.ubuntu.com/archives/kernel-team/2019-June/101275.html

tags:

added: amd64 cosmic disco ubuntu-kernel-security
removed: ppc64el

Khaled El Mously (kmously) on 2019-06-11

Changed in linux-kvm (Ubuntu Bionic):
status:	In Progress → Fix Committed
Changed in linux-kvm (Ubuntu Cosmic):
status:	In Progress → Fix Committed
Changed in linux-kvm (Ubuntu Disco):
status:	In Progress → Fix Committed

Po-Hsu Lin (cypressyew) on 2019-07-16

tags:

added: ubuntu-qrt-kernel-security
removed: ubuntu-kernel-security

Revision history for this message

Steve Beattie (sbeattie) wrote on 2019-07-16:

#9

I can confirm that the CONFIG_LOCK_DOWN_KERNEL config is enabled in the 4.15.0-1039.39 linux-kvm kernel in bionic-proposed. Thanks!

tags:

added: verification-done-bionic

Revision history for this message

Steve Beattie (sbeattie) wrote on 2019-07-16:

#10

I can confirm that the CONFIG_LOCK_DOWN_KERNEL config is enabled in the 5.0.0-1011.12 linux-kvm kernel in disco-proposed. Thanks!

tags:

added: verifiction-done-disco

Po-Hsu Lin (cypressyew) on 2019-07-19

Changed in ubuntu-kernel-tests:
status:	In Progress → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2019-07-22:

#11

Download full text (11.6 KiB)

This bug was fixed in the package linux-kvm - 4.15.0-1039.39

---------------
linux-kvm (4.15.0-1039.39) bionic; urgency=medium

* linux-kvm: 4.15.0-1039.39 -proposed tracker (LP: #1834940)

  * q-r-t security test wants SCHED_STACK_END_CHECK to be enabled in KVM kernels
    (LP: #1812159)
    - [Config]: enable SCHED_STACK_END_CHECK

  * test_410_config_lock_down_kernel in ubuntu_kernel_security test failed on
    B/C/D KVM (LP: #1811981)
    - [Config]: enable CONFIG_LOCK_DOWN_KERNEL

[ Ubuntu: 4.15.0-55.60 ]

  * linux: 4.15.0-55.60 -proposed tracker (LP: #1834954)
  * Request backport of ceph commits into bionic (LP: #1834235)
    - ceph: use atomic_t for ceph_inode_info::i_shared_gen
    - ceph: define argument structure for handle_cap_grant
    - ceph: flush pending works before shutdown super
    - ceph: send cap releases more aggressively
    - ceph: single workqueue for inode related works
    - ceph: avoid dereferencing invalid pointer during cached readdir
    - ceph: quota: add initial infrastructure to support cephfs quotas
    - ceph: quota: support for ceph.quota.max_files
    - ceph: quota: don't allow cross-quota renames
    - ceph: fix root quota realm check
    - ceph: quota: support for ceph.quota.max_bytes
    - ceph: quota: update MDS when max_bytes is approaching
    - ceph: quota: add counter for snaprealms with quota
    - ceph: avoid iput_final() while holding mutex or in dispatch thread
  * QCA9377 isn't being recognized sometimes (LP: #1757218)
    - SAUCE: USB: Disable USB2 LPM at shutdown
  * hns: fix ICMP6 neighbor solicitation messages discard problem (LP: #1833140)
    - net: hns: fix ICMP6 neighbor solicitation messages discard problem
    - net: hns: fix unsigned comparison to less than zero
  * Fix occasional boot time crash in hns driver (LP: #1833138)
    - net: hns: Fix probabilistic memory overwrite when HNS driver initialized
  * use-after-free in hns_nic_net_xmit_hw (LP: #1833136)
    - net: hns: fix KASAN: use-after-free in hns_nic_net_xmit_hw()
  * hns: attempt to restart autoneg when disabled should report error
    (LP: #1833147)
    - net: hns: Restart autoneg need return failed when autoneg off
  * systemd 237-3ubuntu10.14 ADT test failure on Bionic ppc64el (test-seccomp)
    (LP: #1821625)
    - powerpc: sys_pkey_alloc() and sys_pkey_free() system calls
    - powerpc: sys_pkey_mprotect() system call
  * [UBUNTU] pkey: Indicate old mkvp only if old and curr. mkvp are different
    (LP: #1832625)
    - pkey: Indicate old mkvp only if old and current mkvp are different
  * [UBUNTU] kernel: Fix gcm-aes-s390 wrong scatter-gather list processing
    (LP: #1832623)
    - s390/crypto: fix gcm-aes-s390 selftest failures
  * System crashes on hot adding a core with drmgr command (4.15.0-48-generic)
    (LP: #1833716)
    - powerpc/numa: improve control of topology updates
    - powerpc/numa: document topology_updates_enabled, disable by default
  * Kernel modules generated incorrectly when system is localized to a non-
    English language (LP: #1828084)
    - scripts: override locale from environment when running recordmcount.pl
  * [UBUNTU] kernel: Fix wrong dispatching for control domain CPRBs
  ...

This bug was fixed in the package linux-kvm - 4.15.0-1039.39

---------------
linux-kvm (4.15.0-1039.39) bionic; urgency=medium

* linux-kvm: 4.15.0-1039.39 -proposed tracker (LP: #1834940)

* q-r-t security test wants SCHED_STACK_END_CHECK to be enabled in KVM kernels
    (LP: #1812159)
    - [Config]: enable SCHED_STACK_END_CHECK

* test_410_config_lock_down_kernel in ubuntu_kernel_security test failed on
    B/C/D KVM (LP: #1811981)
    - [Config]: enable CONFIG_LOCK_DOWN_KERNEL

[ Ubuntu: 4.15.0-55.60 ]

* linux: 4.15.0-55.60 -proposed tracker (LP: #1834954)
  * Request backport of ceph commits into bionic (LP: #1834235)
    - ceph: use atomic_t for ceph_inode_info::i_shared_gen
    - ceph: define argument structure for handle_cap_grant
    - ceph: flush pending works before shutdown super
    - ceph: send cap releases more aggressively
    - ceph: single workqueue for inode related works
    - ceph: avoid dereferencing invalid pointer during cached readdir
    - ceph: quota: add initial infrastructure to support cephfs quotas
    - ceph: quota: support for ceph.quota.max_files
    - ceph: quota: don't allow cross-quota renames
    - ceph: fix root quota realm check
    - ceph: quota: support for ceph.quota.max_bytes
    - ceph: quota: update MDS when max_bytes is approaching
    - ceph: quota: add counter for snaprealms with quota
    - ceph: avoid iput_final() while holding mutex or in dispatch thread
  * QCA9377 isn't being recognized sometimes (LP: #1757218)
    - SAUCE: USB: Disable USB2 LPM at shutdown
  * hns: fix ICMP6 neighbor solicitation messages discard problem (LP: #1833140)
    - net: hns: fix ICMP6 neighbor solicitation messages discard problem
    - net: hns: fix unsigned comparison to less than zero
  * Fix occasional boot time crash in hns driver (LP: #1833138)
    - net: hns: Fix probabilistic memory overwrite when HNS driver initialized
  *  use-after-free in hns_nic_net_xmit_hw (LP: #1833136)
    - net: hns: fix KASAN: use-after-free in hns_nic_net_xmit_hw()
  * hns: attempt to restart autoneg when disabled should report error
    (LP: #1833147)
    - net: hns: Restart autoneg need return failed when autoneg off
  * systemd 237-3ubuntu10.14 ADT test failure on Bionic ppc64el (test-seccomp)
    (LP: #1821625)
    - powerpc: sys_pkey_alloc() and sys_pkey_free() system calls
    - powerpc: sys_pkey_mprotect() system call
  * [UBUNTU] pkey: Indicate old mkvp only if old and curr. mkvp are different
    (LP: #1832625)
    - pkey: Indicate old mkvp only if old and current mkvp are different
  * [UBUNTU] kernel: Fix gcm-aes-s390 wrong scatter-gather list processing
    (LP: #1832623)
    - s390/crypto: fix gcm-aes-s390 selftest failures
  * System crashes on hot adding a core with drmgr command (4.15.0-48-generic)
    (LP: #1833716)
    - powerpc/numa: improve control of topology updates
    - powerpc/numa: document topology_updates_enabled, disable by default
  * Kernel modules generated incorrectly when system is localized to a non-
    English language (LP: #1828084)
    - scripts: override locale from environment when running recordmcount.pl
  * [UBUNTU] kernel: Fix wrong dispatching for control domain CPRBs
    (LP: #1832624)
    - s390/zcrypt: Fix wrong dispatching for control domain CPRBs
  * CVE-2019-11815
    - net: rds: force to destroy connection if t_sock is NULL in
      rds_tcp_kill_sock().
  * Sound device not detected after resume from hibernate (LP: #1826868)
    - drm/i915: Force 2*96 MHz cdclk on glk/cnl when audio power is enabled
    - drm/i915: Save the old CDCLK atomic state
    - drm/i915: Remove redundant store of logical CDCLK state
    - drm/i915: Skip modeset for cdclk changes if possible
  * Handle overflow in proc_get_long of sysctl (LP: #1833935)
    - sysctl: handle overflow in proc_get_long
  * Dell XPS 13 (9370) defaults to s2idle sleep/suspend instead of deep, NVMe
    drains lots of power under s2idle (LP: #1808957)
    - Revert "UBUNTU: SAUCE: pci/nvme: prevent WDC PC SN720 NVMe from entering D3
      and being disabled"
    - Revert "UBUNTU: SAUCE: nvme: add quirk to not call disable function when
      suspending"
    - Revert "UBUNTU: SAUCE: pci: prevent Intel NVMe SSDPEKKF from entering D3"
    - Revert "SAUCE: nvme: add quirk to not call disable function when suspending"
    - Revert "SAUCE: pci: prevent sk hynix nvme from entering D3"
    - PCI: PM: Avoid possible suspend-to-idle issue
    - PCI: PM: Skip devices in D0 for suspend-to-idle
    - nvme-pci: Sync queues on reset
    - nvme: Export get and set features
    - nvme-pci: Use host managed power state for suspend
  * linux v4.15 ftbfs on a newer host kernel (e.g. hwe) (LP: #1823429)
    - selinux: use kernel linux/socket.h for genheaders and mdp
  * 32-bit x86 kernel 4.15.0-50 crash in vmalloc_sync_all (LP: #1830433)
    - x86/mm/pat: Disable preemption around __flush_tlb_all()
    - x86/mm: Drop usage of __flush_tlb_all() in kernel_physical_mapping_init()
    - x86/mm: Disable ioremap free page handling on x86-PAE
    - ioremap: Update pgtable free interfaces with addr
    - x86/mm: Add TLB purge to free pmd/pte page interfaces
    - x86/init: fix build with CONFIG_SWAP=n
    - x86/mm: provide pmdp_establish() helper
    - x86/mm: Use WRITE_ONCE() when setting PTEs
  * hinic: fix oops due to race in set_rx_mode (LP: #1832048)
    - hinic: fix a bug in set rx mode
  * ubuntu 18.04 flickering screen with Radeon X1600 (LP: #1791312)
    - drm/radeon: prefer lower reference dividers
  * Login screen never appears on vmwgfx using bionic kernel 4.15 (LP: #1832138)
    - drm/vmwgfx: use monotonic event timestamps
  * [linux-azure] Block Layer Commits Requested in Azure Kernels (LP: #1834499)
    - block: Clear kernel memory before copying to user
    - block/bio: Do not zero user pages
  * CONFIG_LOG_BUF_SHIFT set to 14 is too low on arm64 (LP: #1824864)
    - [Config] CONFIG_LOG_BUF_SHIFT=18 on all 64bit arches
  * Handle overflow for file-max (LP: #1834310)
    - sysctl: handle overflow for file-max
    - kernel/sysctl.c: fix out-of-bounds access when setting file-max
  * [ALSA] [PATCH] Headset fixup for System76 Gazelle (gaze14) (LP: #1827555)
    - ALSA: hda/realtek - Headset fixup for System76 Gazelle (gaze14)
    - ALSA: hda/realtek - Corrected fixup for System76 Gazelle (gaze14)
  * crashdump fails on HiSilicon D06 (LP: #1828868)
    - iommu/arm-smmu-v3: Abort all transactions if SMMU is enabled in kdump kernel
    - iommu/arm-smmu-v3: Don't disable SMMU in kdump kernel
  * CVE-2019-11833
    - ext4: zero out the unused memory region in the extent tree block
  * zfs 0.7.9 fixes a bug (https://github.com/zfsonlinux/zfs/pull/7343) that
    hangs the system completely (LP: #1772412)
    - SAUCE: (noup) Update zfs to 0.7.5-1ubuntu16.6
  * does not detect headphone when there is no other output devices
    (LP: #1831065)
    - ALSA: hda/realtek - Fixed hp_pin no value
    - ALSA: hda/realtek - Use a common helper for hp pin reference
  * kernel crash : net_sched  race condition in tcindex_destroy() (LP: #1825942)
    - net_sched: fix NULL pointer dereference when delete tcindex filter
    - RCU, workqueue: Implement rcu_work
    - net_sched: switch to rcu_work
    - net_sched: fix a race condition in tcindex_destroy()
    - net_sched: fix a memory leak in cls_tcindex
    - net_sched: initialize net pointer inside tcf_exts_init()
    - net_sched: fix two more memory leaks in cls_tcindex
  * Support new ums-realtek device (LP: #1831840)
    - USB: usb-storage: Add new ID to ums-realtek
  * amd_iommu possible data corruption (LP: #1823037)
    - iommu/amd: Reserve exclusion range in iova-domain
    - iommu/amd: Set exclusion range correctly
  * Add new sound card PCIID into the alsa driver (LP: #1832299)
    - ALSA: hda: Add Icelake PCI ID
    - ALSA: hda/intel: add CometLake PCI IDs
  * sky2 ethernet card doesn't work after returning from suspend
    (LP: #1807259) // sky2 ethernet card link not up after suspend
    (LP: #1809843)
    - sky2: Disable MSI on Dell Inspiron 1545 and Gateway P-79
  * idle-page oopses when accessing page frames that are out of range
    (LP: #1833410)
    - mm/page_idle.c: fix oops because end_pfn is larger than max_pfn
  * Add pointstick support on HP ZBook 17 G5 (LP: #1833387)
    - Revert "HID: multitouch: Support ALPS PTP stick with pid 0x120A"
    - SAUCE: HID: multitouch: Add pointstick support for ALPS Touchpad
  * [SRU][B/B-OEM/B-OEM-OSP-1/C/D/E] Add trackpoint middle button support of 2
    new thinpads (LP: #1833637)
    - Input: elantech - enable middle button support on 2 ThinkPads
  * CVE-2019-11085
    - drm/i915/gvt: Fix mmap range check
    - drm/i915: make mappable struct resource centric
    - drm/i915/gvt: Fix aperture read/write emulation when enable x-no-mmap=on
  * CVE-2019-11884
    - Bluetooth: hidp: fix buffer overflow
  * af_alg06 test from crypto test suite in LTP failed with kernel oops on B/C
    (LP: #1829725)
    - crypto: authenc - fix parsing key with misaligned rta_len
  * CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130 // CVE-2019-11091
    - SAUCE: Synchronize MDS mitigations with upstream
    - Documentation: Correct the possible MDS sysfs values
    - x86/speculation/mds: Fix documentation typo
  * CVE-2019-11091
    - x86/mds: Add MDSUM variant to the MDS documentation
  * alignment test in powerpc from ubuntu_kernel_selftests failed on B/C Power9
    (LP: #1813118)
    - selftests/powerpc: Remove Power9 copy_unaligned test
  * TRACE_syscall.ptrace_syscall_dropped in seccomp from ubuntu_kernel_selftests
    failed on B/C PowerPC (LP: #1812796)
    - selftests/seccomp: Enhance per-arch ptrace syscall skip tests
  * Add powerpc/alignment_handler test for selftests (LP: #1828935)
    - selftests/powerpc: Add alignment handler selftest
    - selftests/powerpc: Fix to use ucontext_t instead of struct ucontext
  * Cannot build kernel 4.15.0-48.51 due to an in-source-tree ZFS module.
    (LP: #1828763)
    - SAUCE: (noup) Update zfs to 0.7.5-1ubuntu16.5
  * Eletrical noise occurred when external headset enter powersaving mode on a
    DEll machine (LP: #1828798)
    - ALSA: hda/realtek - Reduce click noise on Dell Precision 5820 headphone
    - ALSA: hda/realtek - Fixup headphone noise via runtime suspend
  * [18.04/18.10] File libperf-jvmti.so is missing in linux-tools-common deb on
    Ubuntu (LP: #1761379)
    - [Packaging] Support building libperf-jvmti.so
  * TCP : race condition on socket ownership in tcp_close() (LP: #1830813)
    - tcp: do not release socket ownership in tcp_close()
  * bionic: netlink: potential shift overflow in netlink_bind() (LP: #1831103)
    - netlink: Don't shift on 64 for ngroups
  * Add support to Comet Lake LPSS (LP: #1830175)
    - mfd: intel-lpss: Add Intel Comet Lake PCI IDs
  * Reduce NAPI weight in hns driver from 256 to 64 (LP: #1830587)
    - net: hns: Use NAPI_POLL_WEIGHT for hns driver
  * x86: add support for AMD Rome (LP: #1819485)
    - x86: irq_remapping: Move irq remapping mode enum
    - iommu/amd: Add support for higher 64-bit IOMMU Control Register
    - iommu/amd: Add support for IOMMU XT mode
    - hwmon/k10temp, x86/amd_nb: Consolidate shared device IDs
    - hwmon/k10temp: Add support for AMD family 17h, model 30h CPUs
    - x86/amd_nb: Add PCI device IDs for family 17h, model 30h
    - x86/MCE/AMD: Fix the thresholding machinery initialization order
    - x86/amd_nb: Add support for newer PCI topologies
  * nx842 - CRB request time out (-110) when uninstall NX modules and initiate
    NX request (LP: #1827755)
    - crypto/nx: Initialize 842 high and normal RxFIFO control registers
  * Require improved hypervisor detection patch in Ubuntu 18.04 (LP: #1829972)
    - s390/early: improve machine detection

-- Khalid Elmously <khalid.elmously@canonical.com>  Wed, 03 Jul 2019 00:48:13 -0400

Changed in linux-kvm (Ubuntu Bionic):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2019-07-22:

#12

Download full text (58.0 KiB)

This bug was fixed in the package linux-kvm - 5.0.0-1011.12

---------------
linux-kvm (5.0.0-1011.12) disco; urgency=medium

* linux-kvm: 5.0.0-1011.12 -proposed tracker (LP: #1834892)

  * q-r-t security test wants SCHED_STACK_END_CHECK to be enabled in KVM kernels
    (LP: #1812159)
    - [Config]: enable SCHED_STACK_END_CHECK

  * PAGE_POISONING / PAGE_POISONING_NO_SANITY / PAGE_POISONING_ZERO option was
    expected to be set in C-KVM (LP: #1812624)
    - [Config]: enable PAGE_POISONING, PAGE_POISONING_NO_SANITY,
      PAGE_POISONING_ZERO

  * test_410_config_lock_down_kernel in ubuntu_kernel_security test failed on
    B/C/D KVM (LP: #1811981)
    - [Config]: enable CONFIG_LOCK_DOWN_KERNEL

[ Ubuntu: 5.0.0-21.22 ]

  * linux: 5.0.0-21.22 -proposed tracker (LP: #1834902)
  * Disco update: 5.0.15 upstream stable release (LP: #1834529)
    - net: stmmac: Use bfsize1 in ndesc_init_rx_desc
    - Drivers: hv: vmbus: Remove the undesired put_cpu_ptr() in hv_synic_cleanup()
    - ubsan: Fix nasty -Wbuiltin-declaration-mismatch GCC-9 warnings
    - staging: greybus: power_supply: fix prop-descriptor request size
    - staging: wilc1000: Avoid GFP_KERNEL allocation from atomic context.
    - staging: most: cdev: fix chrdev_region leak in mod_exit
    - staging: most: sound: pass correct device when creating a sound card
    - ASoC: tlv320aic3x: fix reset gpio reference counting
    - ASoC: hdmi-codec: fix S/PDIF DAI
    - ASoC: stm32: sai: fix iec958 controls indexation
    - ASoC: stm32: sai: fix exposed capabilities in spdif mode
    - ASoC: stm32: sai: fix race condition in irq handler
    - ASoC:soc-pcm:fix a codec fixup issue in TDM case
    - ASoC:hdac_hda:use correct format to setup hda codec
    - ASoC:intel:skl:fix a simultaneous playback & capture issue on hda platform
    - ASoC: dpcm: prevent snd_soc_dpcm use after free
    - ASoC: nau8824: fix the issue of the widget with prefix name
    - ASoC: nau8810: fix the issue of widget with prefixed name
    - ASoC: samsung: odroid: Fix clock configuration for 44100 sample rate
    - ASoC: rt5682: Check JD status when system resume
    - ASoC: rt5682: fix jack type detection issue
    - ASoC: rt5682: recording has no sound after booting
    - ASoC: wm_adsp: Add locking to wm_adsp2_bus_error
    - clk: meson-gxbb: round the vdec dividers to closest
    - ASoC: stm32: dfsdm: manage multiple prepare
    - ASoC: stm32: dfsdm: fix debugfs warnings on entry creation
    - ASoC: cs4270: Set auto-increment bit for register writes
    - ASoC: dapm: Fix NULL pointer dereference in snd_soc_dapm_free_kcontrol
    - drm/omap: hdmi4_cec: Fix CEC clock handling for PM
    - IB/hfi1: Clear the IOWAIT pending bits when QP is put into error state
    - IB/hfi1: Eliminate opcode tests on mr deref
    - IB/hfi1: Fix the allocation of RSM table
    - MIPS: KGDB: fix kgdb support for SMP platforms.
    - ASoC: tlv320aic32x4: Fix Common Pins
    - drm/mediatek: Fix an error code in mtk_hdmi_dt_parse_pdata()
    - perf/x86/intel: Fix handling of wakeup_events for multi-entry PEBS
    - perf/x86/intel: Initialize TFA MSR
    - linux/kernel.h: Use parentheses around argument in u64_to_user_ptr()
    - iov_iter: F...

This bug was fixed in the package linux-kvm - 5.0.0-1011.12

---------------
linux-kvm (5.0.0-1011.12) disco; urgency=medium

* linux-kvm: 5.0.0-1011.12 -proposed tracker (LP: #1834892)

* q-r-t security test wants SCHED_STACK_END_CHECK to be enabled in KVM kernels
    (LP: #1812159)
    - [Config]: enable SCHED_STACK_END_CHECK

* PAGE_POISONING / PAGE_POISONING_NO_SANITY / PAGE_POISONING_ZERO option was
    expected to be set in C-KVM (LP: #1812624)
    - [Config]: enable PAGE_POISONING, PAGE_POISONING_NO_SANITY,
      PAGE_POISONING_ZERO

* test_410_config_lock_down_kernel in ubuntu_kernel_security test failed on
    B/C/D KVM (LP: #1811981)
    - [Config]: enable CONFIG_LOCK_DOWN_KERNEL

[ Ubuntu: 5.0.0-21.22 ]

* linux: 5.0.0-21.22 -proposed tracker (LP: #1834902)
  * Disco update: 5.0.15 upstream stable release (LP: #1834529)
    - net: stmmac: Use bfsize1 in ndesc_init_rx_desc
    - Drivers: hv: vmbus: Remove the undesired put_cpu_ptr() in hv_synic_cleanup()
    - ubsan: Fix nasty -Wbuiltin-declaration-mismatch GCC-9 warnings
    - staging: greybus: power_supply: fix prop-descriptor request size
    - staging: wilc1000: Avoid GFP_KERNEL allocation from atomic context.
    - staging: most: cdev: fix chrdev_region leak in mod_exit
    - staging: most: sound: pass correct device when creating a sound card
    - ASoC: tlv320aic3x: fix reset gpio reference counting
    - ASoC: hdmi-codec: fix S/PDIF DAI
    - ASoC: stm32: sai: fix iec958 controls indexation
    - ASoC: stm32: sai: fix exposed capabilities in spdif mode
    - ASoC: stm32: sai: fix race condition in irq handler
    - ASoC:soc-pcm:fix a codec fixup issue in TDM case
    - ASoC:hdac_hda:use correct format to setup hda codec
    - ASoC:intel:skl:fix a simultaneous playback & capture issue on hda platform
    - ASoC: dpcm: prevent snd_soc_dpcm use after free
    - ASoC: nau8824: fix the issue of the widget with prefix name
    - ASoC: nau8810: fix the issue of widget with prefixed name
    - ASoC: samsung: odroid: Fix clock configuration for 44100 sample rate
    - ASoC: rt5682: Check JD status when system resume
    - ASoC: rt5682: fix jack type detection issue
    - ASoC: rt5682: recording has no sound after booting
    - ASoC: wm_adsp: Add locking to wm_adsp2_bus_error
    - clk: meson-gxbb: round the vdec dividers to closest
    - ASoC: stm32: dfsdm: manage multiple prepare
    - ASoC: stm32: dfsdm: fix debugfs warnings on entry creation
    - ASoC: cs4270: Set auto-increment bit for register writes
    - ASoC: dapm: Fix NULL pointer dereference in snd_soc_dapm_free_kcontrol
    - drm/omap: hdmi4_cec: Fix CEC clock handling for PM
    - IB/hfi1: Clear the IOWAIT pending bits when QP is put into error state
    - IB/hfi1: Eliminate opcode tests on mr deref
    - IB/hfi1: Fix the allocation of RSM table
    - MIPS: KGDB: fix kgdb support for SMP platforms.
    - ASoC: tlv320aic32x4: Fix Common Pins
    - drm/mediatek: Fix an error code in mtk_hdmi_dt_parse_pdata()
    - perf/x86/intel: Fix handling of wakeup_events for multi-entry PEBS
    - perf/x86/intel: Initialize TFA MSR
    - linux/kernel.h: Use parentheses around argument in u64_to_user_ptr()
    - iov_iter: Fix build error without CONFIG_CRYPTO
    - xtensa: fix initialization of pt_regs::syscall in start_thread
    - ASoC: rockchip: pdm: fix regmap_ops hang issue
    - drm/amdkfd: Add picasso pci id
    - drm/amdgpu: Adjust IB test timeout for XGMI configuration
    - drm/amdgpu: amdgpu_device_recover_vram always failed if only one node in
      shadow_list
    - drm/amd/display: fix cursor black issue
    - ASoC: cs35l35: Disable regulators on driver removal
    - objtool: Add rewind_stack_do_exit() to the noreturn list
    - slab: fix a crash by reading /proc/slab_allocators
    - drm/sun4i: tcon top: Fix NULL/invalid pointer dereference in
      sun8i_tcon_top_un/bind
    - virtio_pci: fix a NULL pointer reference in vp_del_vqs
    - RDMA/vmw_pvrdma: Fix memory leak on pvrdma_pci_remove
    - RDMA/hns: Fix bug that caused srq creation to fail
    - KEYS: trusted: fix -Wvarags warning
    - scsi: csiostor: fix missing data copy in csio_scsi_err_handler()
    - drm/mediatek: fix possible object reference leak
    - drm/mediatek: fix the rate and divder of hdmi phy for MT2701
    - drm/mediatek: make implementation of recalc_rate() for MT2701 hdmi phy
    - drm/mediatek: remove flag CLK_SET_RATE_PARENT for MT2701 hdmi phy
    - drm/mediatek: using new factor for tvdpll for MT2701 hdmi phy
    - drm/mediatek: no change parent rate in round_rate() for MT2701 hdmi phy
    - ASoC: Intel: kbl: fix wrong number of channels
    - ASoC: stm32: sai: fix master clock management
    - ALSA: hda: Fix racy display power access
    - virtio-blk: limit number of hw queues by nr_cpu_ids
    - blk-mq: introduce blk_mq_complete_request_sync()
    - nvme: cancel request synchronously
    - nvme-fc: correct csn initialization and increments on error
    - nvmet: fix discover log page when offsets are used
    - platform/x86: pmc_atom: Drop __initconst on dmi table
    - NFSv4.1 fix incorrect return value in copy_file_range
    - perf/core: Fix perf_event_disable_inatomic() race
    - genirq: Prevent use-after-free and work list corruption
    - usb: dwc3: Allow building USB_DWC3_QCOM without EXTCON
    - usb: dwc3: Fix default lpm_nyet_threshold value
    - USB: serial: f81232: fix interrupt worker not stop
    - USB: cdc-acm: fix unthrottle races
    - usb-storage: Set virt_boundary_mask to avoid SG overflows
    - intel_th: pci: Add Comet Lake support
    - iio: adc: qcom-spmi-adc5: Fix of-based module autoloading
    - cpufreq: armada-37xx: fix frequency calculation for opp
    - ACPI / LPSS: Use acpi_lpss_* instead of acpi_subsys_* functions for
      hibernate
    - soc: sunxi: Fix missing dependency on REGMAP_MMIO
    - scsi: lpfc: change snprintf to scnprintf for possible overflow
    - scsi: qla2xxx: Fix incorrect region-size setting in optrom SYSFS routines
    - scsi: qla2xxx: Fix device staying in blocked state
    - Bluetooth: Align minimum encryption key size for LE and BR/EDR connections
    - Bluetooth: Fix not initializing L2CAP tx_credits
    - Bluetooth: hci_bcm: Fix empty regulator supplies for Intel Macs
    - UAS: fix alignment of scatter/gather segments
    - ASoC: Intel: avoid Oops if DMA setup fails
    - i3c: Fix a shift wrap bug in i3c_bus_set_addr_slot_status()
    - locking/futex: Allow low-level atomic operations to return -EAGAIN
    - arm64: futex: Bound number of LDXR/STXR loops in FUTEX_WAKE_OP
    - Linux 5.0.15
    - Revert "Bluetooth: Align minimum encryption key size for LE and BR/EDR
      connections"
  * QCA9377 isn't being recognized sometimes (LP: #1757218)
    - SAUCE: USB: Disable USB2 LPM at shutdown
  * Cache line contention prevents scaling of 100Gbps performance (LP: #1832909)
    - iommu/iova: Separate atomic variables to improve performance
  * net: hns: Fix loopback test failed at copper ports (LP: #1833132)
    - net: hns: Fix loopback test failed at copper ports
  * hns: fix ICMP6 neighbor solicitation messages discard problem (LP: #1833140)
    - net: hns: fix unsigned comparison to less than zero
  * [UBUNTU] pkey: Indicate old mkvp only if old and curr. mkvp are different
    (LP: #1832625)
    - pkey: Indicate old mkvp only if old and current mkvp are different
  * [UBUNTU] kernel: Fix gcm-aes-s390 wrong scatter-gather list processing
    (LP: #1832623)
    - s390/crypto: fix gcm-aes-s390 selftest failures
  * AX88772A USB to Ethernet dongle doesn't work (LP: #1834114)
    - net: phy: rename Asix Electronics PHY driver
    - [Config] update configs and annotations for ASIX renamed
  * Add nvidia-418 dkms build support to disco (LP: #1834476)
    - add nvidia-418 dkms build
  * depmod may prefer unsigned l-r-m nvidia modules to signed modules
    (LP: #1834479)
    - [Packaging] dkms-build--nvidia-N -- clean up unsigned ko files
  * Hi1620 driver updates from upstream 5.2 merge window (LP: #1830815)
    - ethtool: Added support for 50Gbps per lane link modes
    - net: hns3: Make hclgevf_update_link_mode static
    - net: hns3: Make hclge_destroy_cmd_queue static
    - RDMA/hns: Only assign the relatived fields of psn if IB_QP_SQ_PSN is set
    - RDMA/hns: Only assign the fields of the rq psn if IB_QP_RQ_PSN is set
    - RDMA/hns: Update the range of raq_psn field of qp context
    - RDMA/hns: Only assgin some fields if the relatived attr_mask is set
    - RDMA/hns: Hide error print information with roce vf device
    - RDMA/hns: Bugfix for sending with invalidate
    - RDMA/hns: Delete unused variable in hns_roce_v2_modify_qp function
    - RDMA/hns: Limit scope of hns_roce_cmq_send()
    - RDMA/hns: Convert cq_table to XArray
    - RDMA/hns: Convert qp_table_tree to XArray
    - RDMA/hns: Fix bad endianess of port_pd variable
    - net: hns3: check 1000M half for hns3_ethtool_ops.set_link_ksettings
    - net: hns3: reduce resources use in kdump kernel
    - net: hns3: modify the VF network port media type acquisition method
    - net: hns3: return 0 and print warning when hit duplicate MAC
    - net: hns3: minor optimization for ring_space
    - net: hns3: minor optimization for datapath
    - net: hns3: simplify hclgevf_cmd_csq_clean
    - net: hns3: add protect when handling mac addr list
    - net: hns3: check resetting status in hns3_get_stats()
    - net: hns3: prevent change MTU when resetting
    - net: hns3: modify HNS3_NIC_STATE_INITED flag in
      hns3_reset_notify_uninit_enet
    - net: hns3: split function hnae3_match_n_instantiate()
    - RDMA/hns: Dump detailed driver-specific CQ
    - RDMA/hns: Support to create 1M srq queue
    - RDMA/hns: Bugfix for SCC hem free
    - net: hns3: set vport alive state to default while resetting
    - net: hns3: set up the vport alive state while reinitializing
    - net: hns3: not reset vport who not alive when PF reset
    - net: hns3: adjust the timing of hns3_client_stop when unloading
    - net: hns3: deactive the reset timer when reset successfully
    - net: hns3: ignore lower-level new coming reset
    - net: hns3: do not request reset when hardware resetting
    - net: hns3: handle pending reset while reset fail
    - net: hns3: stop mailbox handling when command queue need re-init
    - net: hns3: add error handler for initializing command queue
    - net: hns3: remove resetting check in hclgevf_reset_task_schedule
    - net: hns3: fix keep_alive_timer not stop problem
    - scsi: hisi_sas: add host reset interface for test
    - scsi: hisi_sas: Remedy inconsistent PHY down state in software
    - scsi: hisi_sas: Fix for setting the PHY linkrate when disconnected
    - scsi: hisi_sas: Adjust the printk format of functions hisi_sas_init_device()
    - scsi: hisi_sas: allocate different SAS address for directly attached
      situation
    - scsi: hisi_sas: Support all RAS events with MSI interrupts
    - scsi: hisi_sas: Don't hard reset disk during controller reset
    - scsi: hisi_sas: Don't fail IT nexus reset for Open Reject timeout
    - scsi: hisi_sas: Some misc tidy-up
    - net: hns3: modify VLAN initialization to be compatible with port based VLAN
    - net: hns3: fix VLAN offload handle for VLAN inserted by port
    - net: hns3: fix set port based VLAN for PF
    - net: hns3: fix set port based VLAN issue for VF
    - net: hns3: minor refactor for hns3_rx_checksum
    - net: hns3: add hns3_gro_complete for HW GRO process
    - net: hns3: always assume no drop TC for performance reason
    - net: hns3: divide shared buffer between TC
    - net: hns3: set dividual reset level for all RAS and MSI-X errors
    - net: hns3: do not initialize MDIO bus when PHY is inexistent
    - net: hns3: free the pending skb when clean RX ring
    - net: hns3: code optimization for command queue' spin lock
    - net: hns3: fix sparse: warning when calling hclge_set_vlan_filter_hw()
    - net: hns3: fix for vport->bw_limit overflow problem
    - net: hns3: add reset statistics info for PF
    - net: hns3: add reset statistics for VF
    - net: hns3: add some debug information for hclge_check_event_cause
    - net: hns3: add some debug info for hclgevf_get_mbx_resp()
    - net: hns3: refine tx timeout count handle
    - net: hns3: fix loop condition of hns3_get_tx_timeo_queue_info()
    - net: hns3: dump more information when tx timeout happens
    - net: hns3: Add support for netif message level settings
    - net: hns3: add support for dump ncl config by debugfs
    - net: hns3: Add handling of MAC tunnel interruption
    - net: hns3: add queue's statistics update to service task
    - net: hns3: add function type check for debugfs help information
    - RDMA/hns: Bugfix for mapping user db
    - net: hns3: fix data race between ring->next_to_clean
    - net: hns3: fix for TX clean num when cleaning TX BD
    - net: hns3: handle the BD info on the last BD of the packet
    - net: hns3: stop sending keep alive msg when VF command queue needs reinit
    - net: hns3: use atomic_t replace u32 for arq's count
    - net: hns3: use a reserved byte to identify need_resp flag
    - net: hns3: not reset TQP in the DOWN while VF resetting
    - net: hns3: fix pause configure fail problem
    - net: hns3: extend the loopback state acquisition time
    - net: hns3: prevent double free in hns3_put_ring_config()
    - net: hns3: remove reset after command send failed
    - net: hns3: add support for multiple media type
    - net: hns3: add autoneg and change speed support for fibre port
    - net: hns3: add support for FEC encoding control
    - net: hns3: unify maybe_stop_tx for TSO and non-TSO case
    - net: hns3: use napi_schedule_irqoff in hard interrupts handlers
    - net: hns3: add counter for times RX pages gets allocated
    - net: hns3: add linearizing checking for TSO case
    - net: hns3: fix for tunnel type handling in hns3_rx_checksum
    - net: hns3: refactor BD filling for l2l3l4 info
    - net: hns3: combine len and checksum handling for inner and outer header.
    - net: hns3: fix error handling for desc filling
    - net: hns3: optimize the barrier using when cleaning TX BD
    - net: hns3: unify the page reusing for page size 4K and 64K
    - net: hns3: some cleanup for struct hns3_enet_ring
    - net: hns3: use devm_kcalloc when allocating desc_cb
    - net: hns3: remove redundant assignment of l2_hdr to itself
    - net: hns3: initialize CPU reverse mapping
    - net: hns3: refine the flow director handle
    - net: hns3: add aRFS support for PF
    - net: hns3: fix for FEC configuration
    - RDMA/hns: Remove unnecessary print message in aeq
    - RDMA/hns: Update CQE specifications
    - RDMA/hns: Move spin_lock_irqsave to the correct place
    - RDMA/hns: Remove jiffies operation in disable interrupt context
    - RDMA/hns: Replace magic numbers with #defines
    - net: hns3: fix compile warning without CONFIG_RFS_ACCEL
    - net: hns3: fix for HNS3_RXD_GRO_SIZE_M macro
    - net: hns3: add support for dump firmware statistics by debugfs
    - net: hns3: use HCLGE_STATE_NIC_REGISTERED to indicate PF NIC client has
      registered
    - net: hns3: use HCLGE_STATE_ROCE_REGISTERED to indicate PF ROCE client has
      registered
    - net: hns3: use HCLGEVF_STATE_NIC_REGISTERED to indicate VF NIC client has
      registered
    - net: hns3: modify hclge_init_client_instance()
    - net: hns3: modify hclgevf_init_client_instance()
    - net: hns3: add handshake with hardware while doing reset
    - net: hns3: stop schedule reset service while unloading driver
    - net: hns3: adjust hns3_uninit_phy()'s location in the hns3_client_uninit()
    - net: hns3: fix a memory leak issue for hclge_map_unmap_ring_to_vf_vector
    - RDMA/hns: Bugfix for posting multiple srq work request
    - net: hns3: remove redundant core reset
    - net: hns3: don't configure new VLAN ID into VF VLAN table when it's full
    - net: hns3: fix VLAN filter restore issue after reset
    - net: hns3: set the port shaper according to MAC speed
    - net: hns3: add a check to pointer in error_detected and slot_reset
    - net: hns3: set ops to null when unregister ad_dev
    - net: hns3: add handling of two bits in MAC tunnel interrupts
    - net: hns3: remove setting bit of reset_requests when handling mac tunnel
      interrupts
    - net: hns3: add opcode about query and clear RAS & MSI-X to special opcode
    - net: hns3: delay and separate enabling of NIC and ROCE HW errors
    - RDMA/hns: fix inverted logic of readl read and shift
    - RDMA/hns: Bugfix for filling the sge of srq
    - net: hns3: log detail error info of ROCEE ECC and AXI errors
    - net: hns3: fix wrong size of mailbox responding data
    - net: hns3: make HW GRO handling compliant with SW GRO
    - net: hns3: replace numa_node_id with numa_mem_id for buffer reusing
    - net: hns3: refactor hns3_get_new_int_gl function
    - net: hns3: trigger VF reset if a VF has an over_8bd_nfe_err
    - net: hns3: delete the redundant user NIC codes
    - net: hns3: small changes for magic numbers
    - net: hns3: use macros instead of magic numbers
    - net: hns3: refactor PF/VF RSS hash key configuration
    - net: hns3: some modifications to simplify and optimize code
    - net: hns3: fix some coding style issues
    - net: hns3: delay setting of reset level for hw errors until slot_reset is
      called
    - net: hns3: fix avoid unnecessary resetting for the H/W errors which do not
      require reset
    - net: hns3: process H/W errors occurred before HNS dev initialization
    - net: hns3: add recovery for the H/W errors occurred before the HNS dev
      initialization
    - net: hns3: some changes of MSI-X bits in PPU(RCB)
    - net: hns3: extract handling of mpf/pf msi-x errors into functions
    - net: hns3: clear restting state when initializing HW device
    - net: hns3: free irq when exit from abnormal branch
    - net: hns3: fix for dereferencing before null checking
    - net: hns3: fix for skb leak when doing selftest
    - net: hns3: delay ring buffer clearing during reset
    - net: hns3: some variable modification
    - net: hns3: fix dereference of ae_dev before it is null checked
    - scsi: hisi_sas: Delete PHY timers when rmmod or probe failed
    - scsi: hisi_sas: Fix the issue of argument mismatch of printing ecc errors
    - scsi: hisi_sas: Reduce HISI_SAS_SGE_PAGE_CNT in size
    - scsi: hisi_sas: Change the type of some numbers to unsigned
    - scsi: hisi_sas: Ignore the error code between phy down to phy up
    - scsi: hisi_sas: Disable stash for v3 hw
    - net: hns3: Add missing newline at end of file
    - net: hns3: Fix inconsistent indenting
    - RDMa/hns: Don't stuck in endless timeout loop
  * Kernel modules generated incorrectly when system is localized to a non-
    English language (LP: #1828084)
    - scripts: override locale from environment when running recordmcount.pl
  * [UBUNTU] kernel: Fix wrong dispatching for control domain CPRBs
    (LP: #1832624)
    - s390/zcrypt: Fix wrong dispatching for control domain CPRBs
  * shiftfs: allow changing ro/rw for subvolumes (LP: #1832316)
    - SAUCE: shiftfs: allow changing ro/rw for subvolumes
  * Sound device not detected after resume from hibernate (LP: #1826868)
    - drm/i915: Force 2*96 MHz cdclk on glk/cnl when audio power is enabled
    - drm/i915: Save the old CDCLK atomic state
    - drm/i915: Remove redundant store of logical CDCLK state
    - drm/i915: Skip modeset for cdclk changes if possible
  * [raven] fix screen corruption on modprobe (LP: #1831846)
    - drm/amdgpu: keep stolen memory on picasso
    - drm/amdgpu: reserve stollen vram for raven series
  * Handle overflow in proc_get_long of sysctl (LP: #1833935)
    - sysctl: handle overflow in proc_get_long
  * Oops during sas expander hotplugging (LP: #1831799)
    - scsi: libsas: delete sas port if expander discover failed
  * [SRU][B/B-OEM/C/D/OEM-OSP1] Add RTL8822 wifi driver rtw88 (LP: #1831828)
    - rtw88: new Realtek 802.11ac driver
    - rtw88: fix shift of more than 32 bits of a integer
    - rtw88: phy: mark expected switch fall-throughs
    - rtw88: Make RA_MASK macros ULL
    - [Config] Add realtek wifi RTW88 support
  * Dell XPS 13 (9370) defaults to s2idle sleep/suspend instead of deep, NVMe
    drains lots of power under s2idle (LP: #1808957)
    - Revert "UBUNTU: SAUCE: pci/nvme: prevent WDC PC SN720 NVMe from entering D3
      and being disabled"
    - Revert "UBUNTU: SAUCE: nvme: add quirk to not call disable function when
      suspending"
    - Revert "UBUTU: SAUCE: pci: prevent Intel NVMe SSDPEKKF from entering D3"
    - Revert "UBUNTU: SAUCE: nvme: add quirk to not call disable function when
      suspending"
    - Revert "UBUNTU: SAUCE: pci: prevent sk hynix nvme from entering D3"
    - PCI: PM: Avoid possible suspend-to-idle issue
    - PCI: PM: Skip devices in D0 for suspend-to-idle
    - nvme-pci: Sync queues on reset
    - nvme: Export get and set features
    - nvme-pci: Use host managed power state for suspend
  * arm64: cma_alloc errors at boot (LP: #1823753)
    - [Config] Bump CMA_SIZE_MBYTES to 32 on arm64
    - dma-contiguous: add dma_{alloc, free}_contiguous() helpers
    - dma-contiguous: use fallback alloc_pages for single pages
    - dma-contiguous: fix !CONFIG_DMA_CMA version of dma_{alloc,
      free}_contiguous()
  * libsas: old linkrate advertised after phy disabled (LP: #1830435)
    - scsi: libsas: Inject revalidate event for root port event
    - scsi: libsas: Do discovery on empty PHY to update PHY info
  * fanotify06 from ubuntu_ltp_syscalls failed (LP: #1833028)
    - ovl: do not generate duplicate fsnotify events for "fake" path
  * hinic: fix oops due to race in set_rx_mode (LP: #1832048)
    - hinic: fix a bug in set rx mode
  * ubuntu 18.04 flickering screen with Radeon X1600 (LP: #1791312)
    - drm/radeon: prefer lower reference dividers
  * [ALSA] [PATCH] Headset fixup for System76 Gazelle (gaze14) (LP: #1827555)
    - ALSA: hda/realtek - Headset fixup for System76 Gazelle (gaze14)
    - ALSA: hda/realtek - Corrected fixup for System76 Gazelle (gaze14)
  * ftrace in ubuntu_kernel_selftests complains "Illegal number" because of the
    absence of tput (LP: #1828989)
    - selftests/ftrace: Handle the absence of tput
  * CVE-2019-11833
    - ext4: zero out the unused memory region in the extent tree block
  * Disco update: 5.0.14 upstream stable release (LP: #1832775)
    - selftests/seccomp: Prepare for exclusive seccomp flags
    - seccomp: Make NEW_LISTENER and TSYNC flags exclusive
    - ARC: memset: fix build with L1_CACHE_SHIFT != 6
    - iwlwifi: fix driver operation for 5350
    - mwifiex: Make resume actually do something useful again on SDIO cards
    - mtd: rawnand: marvell: Clean the controller state before each operation
    - mac80211: don't attempt to rename ERR_PTR() debugfs dirs
    - i2c: synquacer: fix enumeration of slave devices
    - i2c: imx: correct the method of getting private data in notifier_call
    - i2c: Prevent runtime suspend of adapter when Host Notify is required
    - ALSA: hda/realtek - Add new Dell platform for headset mode
    - USB: yurex: Fix protection fault after device removal
    - USB: w1 ds2490: Fix bug caused by improper use of altsetting array
    - USB: dummy-hcd: Fix failure to give back unlinked URBs
    - usb: usbip: fix isoc packet num validation in get_pipe
    - USB: core: Fix unterminated string returned by usb_string()
    - USB: core: Fix bug caused by duplicate interface PM usage counter
    - KVM: lapic: Disable timer advancement if adaptive tuning goes haywire
    - KVM: x86: Consider LAPIC TSC-Deadline timer expired if deadline too short
    - KVM: lapic: Track lapic timer advance per vCPU
    - KVM: lapic: Allow user to disable adaptive tuning of timer advancement
    - KVM: lapic: Convert guest TSC to host time domain if necessary
    - arm64: dts: rockchip: fix rk3328-roc-cc gmac2io tx/rx_delay
    - HID: logitech: check the return value of create_singlethread_workqueue
    - HID: debug: fix race condition with between rdesc_show() and device removal
    - rtc: cros-ec: Fail suspend/resume if wake IRQ can't be configured
    - rtc: sh: Fix invalid alarm warning for non-enabled alarm
    - ARM: OMAP2+: add missing of_node_put after of_device_is_available
    - batman-adv: Reduce claim hash refcnt only for removed entry
    - batman-adv: Reduce tt_local hash refcnt only for removed entry
    - batman-adv: Reduce tt_global hash refcnt only for removed entry
    - batman-adv: fix warning in function batadv_v_elp_get_throughput
    - ARM: dts: rockchip: Fix gpu opp node names for rk3288
    - reset: meson-audio-arb: Fix missing .owner setting of reset_controller_dev
    - ARM: dts: Fix dcan clkctrl clock for am3
    - i40e: fix i40e_ptp_adjtime when given a negative delta
    - ixgbe: fix mdio bus registration
    - i40e: fix WoL support check
    - riscv: fix accessing 8-byte variable from RV32
    - HID: quirks: Fix keyboard + touchpad on Lenovo Miix 630
    - net: hns3: fix compile error
    - xdp: fix cpumap redirect SKB creation bug
    - net/mlx5: E-Switch, Protect from invalid memory access in offload fdb table
    - net/mlx5: E-Switch, Fix esw manager vport indication for more vport commands
    - bonding: show full hw address in sysfs for slave entries
    - net: stmmac: use correct DMA buffer size in the RX descriptor
    - net: stmmac: ratelimit RX error logs
    - net: stmmac: don't stop NAPI processing when dropping a packet
    - net: stmmac: don't overwrite discard_frame status
    - net: stmmac: fix dropping of multi-descriptor RX frames
    - net: stmmac: don't log oversized frames
    - jffs2: fix use-after-free on symlink traversal
    - debugfs: fix use-after-free on symlink traversal
    - mfd: twl-core: Disable IRQ while suspended
    - block: use blk_free_flush_queue() to free hctx->fq in blk_mq_init_hctx
    - rtc: da9063: set uie_unsupported when relevant
    - HID: input: add mapping for Assistant key
    - vfio/pci: use correct format characters
    - scsi: core: add new RDAC LENOVO/DE_Series device
    - scsi: storvsc: Fix calculation of sub-channel count
    - arm/mach-at91/pm : fix possible object reference leak
    - blk-mq: do not reset plug->rq_count before the list is sorted
    - arm64: fix wrong check of on_sdei_stack in nmi context
    - net: hns: fix KASAN: use-after-free in hns_nic_net_xmit_hw()
    - net: hns: Fix probabilistic memory overwrite when HNS driver initialized
    - net: hns: fix ICMP6 neighbor solicitation messages discard problem
    - net: hns: Fix WARNING when remove HNS driver with SMMU enabled
    - libcxgb: fix incorrect ppmax calculation
    - KVM: SVM: prevent DBG_DECRYPT and DBG_ENCRYPT overflow
    - kmemleak: powerpc: skip scanning holes in the .bss section
    - hugetlbfs: fix memory leak for resv_map
    - sh: fix multiple function definition build errors
    - null_blk: prevent crash from bad home_node value
    - xsysace: Fix error handling in ace_setup
    - fs: stream_open - opener for stream-like files so that read and write can
      run simultaneously without deadlock
    - ARM: orion: don't use using 64-bit DMA masks
    - ARM: iop: don't use using 64-bit DMA masks
    - perf/x86/amd: Update generic hardware cache events for Family 17h
    - Bluetooth: btusb: request wake pin with NOAUTOEN
    - Bluetooth: mediatek: fix up an error path to restore bdev->tx_state
    - clk: qcom: Add missing freq for usb30_master_clk on 8998
    - usb: dwc3: Reset num_trbs after skipping
    - staging: iio: adt7316: allow adt751x to use internal vref for all dacs
    - staging: iio: adt7316: fix the dac read calculation
    - staging: iio: adt7316: fix handling of dac high resolution option
    - staging: iio: adt7316: fix the dac write calculation
    - scsi: RDMA/srpt: Fix a credit leak for aborted commands
    - ASoC: Intel: bytcr_rt5651: Revert "Fix DMIC map headsetmic mapping"
    - ASoC: rsnd: gen: fix SSI9 4/5/6/7 busif related register address
    - ASoC: sunxi: sun50i-codec-analog: Rename hpvcc regulator supply to cpvdd
    - ASoC: wm_adsp: Correct handling of compressed streams that restart
    - ASoC: dpcm: skip missing substream while applying symmetry
    - ASoC: stm32: fix sai driver name initialisation
    - KVM: VMX: Save RSI to an unused output in the vCPU-run asm blob
    - KVM: nVMX: Remove a rogue "rax" clobber from nested_vmx_check_vmentry_hw()
    - kvm: vmx: Fix typos in vmentry/vmexit control setting
    - KVM: lapic: Check for in-kernel LAPIC before deferencing apic pointer
    - platform/x86: intel_pmc_core: Fix PCH IP name
    - platform/x86: intel_pmc_core: Handle CFL regmap properly
    - IB/core: Unregister notifier before freeing MAD security
    - IB/core: Fix potential memory leak while creating MAD agents
    - IB/core: Destroy QP if XRC QP fails
    - Input: snvs_pwrkey - initialize necessary driver data before enabling IRQ
    - Input: stmfts - acknowledge that setting brightness is a blocking call
    - gpio: mxc: add check to return defer probe if clock tree NOT ready
    - selinux: avoid silent denials in permissive mode under RCU walk
    - selinux: never allow relabeling on context mounts
    - mac80211: Honor SW_CRYPTO_CONTROL for unicast keys in AP VLAN mode
    - powerpc/mm/hash: Handle mmap_min_addr correctly in get_unmapped_area topdown
      search
    - x86/mce: Improve error message when kernel cannot recover, p2
    - clk: x86: Add system specific quirk to mark clocks as critical
    - x86/mm/KASLR: Fix the size of the direct mapping section
    - x86/mm: Fix a crash with kmemleak_scan()
    - x86/mm/tlb: Revert "x86/mm: Align TLB invalidation info"
    - i2c: i2c-stm32f7: Fix SDADEL minimum formula
    - media: v4l2: i2c: ov7670: Fix PLL bypass register values
    - ASoC: wm_adsp: Check for buffer in trigger stop
    - mm/kmemleak.c: fix unused-function warning
    - Linux 5.0.14
  * [ZenBook S UX391UA, Realtek ALC294, Mic, Internal] No sound at all
    (LP: #1784485) // Disco update: 5.0.14 upstream stable release
    (LP: #1832775)
    - ALSA: hda/realtek - Apply the fixup for ASUS Q325UAR
  * Support new ums-realtek device (LP: #1831840)
    - USB: usb-storage: Add new ID to ums-realtek
  * amd_iommu possible data corruption (LP: #1823037)
    - iommu/amd: Set exclusion range correctly
  * Add new sound card PCIID into the alsa driver (LP: #1832299)
    - ALSA: hda/intel: add CometLake PCI IDs
  * idle-page oopses when accessing page frames that are out of range
    (LP: #1833410)
    - mm/page_idle.c: fix oops because end_pfn is larger than max_pfn
  * Sometimes touchpad automatically trigger double click (LP: #1833484)
    - SAUCE: i2c: designware: Add disable runtime pm quirk
  * Disco update: 5.0.13 upstream stable release (LP: #1832749)
    - ipv4: ip_do_fragment: Preserve skb_iif during fragmentation
    - ipv6: A few fixes on dereferencing rt->from
    - ipv6: fix races in ip6_dst_destroy()
    - ipv6/flowlabel: wait rcu grace period before put_pid()
    - ipv6: invert flowlabel sharing check in process and user mode
    - l2ip: fix possible use-after-free
    - l2tp: use rcu_dereference_sk_user_data() in l2tp_udp_encap_recv()
    - net: dsa: bcm_sf2: fix buffer overflow doing set_rxnfc
    - net: phy: marvell: Fix buffer overrun with stats counters
    - net/tls: avoid NULL pointer deref on nskb->sk in fallback
    - rxrpc: Fix net namespace cleanup
    - sctp: avoid running the sctp state machine recursively
    - selftests: fib_rule_tests: print the result and return 1 if any tests failed
    - packet: validate msg_namelen in send directly
    - packet: in recvmsg msg_name return at least sizeof sockaddr_ll
    - selftests: fib_rule_tests: Fix icmp proto with ipv6
    - tcp: add sanity tests in tcp_add_backlog()
    - udp: fix GRO reception in case of length mismatch
    - udp: fix GRO packet of death
    - bnxt_en: Improve multicast address setup logic.
    - bnxt_en: Free short FW command HWRM memory in error path in bnxt_init_one()
    - bnxt_en: Fix possible crash in bnxt_hwrm_ring_free() under error conditions.
    - bnxt_en: Pass correct extended TX port statistics size to firmware.
    - bnxt_en: Fix statistics context reservation logic.
    - bnxt_en: Fix uninitialized variable usage in bnxt_rx_pkt().
    - net/tls: don't copy negative amounts of data in reencrypt
    - net/tls: fix copy to fragments in reencrypt
    - KVM: x86: Whitelist port 0x7e for pre-incrementing %rip
    - KVM: nVMX: Fix size checks in vmx_set_nested_state
    - ALSA: line6: use dynamic buffers
    - iwlwifi: mvm: properly check debugfs dentry before using it
    - ath10k: Drop WARN_ON()s that always trigger during system resume
    - Linux 5.0.13
  * Add pointstick support on HP ZBook 17 G5 (LP: #1833387)
    - Revert "HID: multitouch: Support ALPS PTP stick with pid 0x120A"
    - SAUCE: HID: multitouch: Add pointstick support for ALPS Touchpad
  * [SRU][B/B-OEM/B-OEM-OSP-1/C/D/E] Add trackpoint middle button support of 2
    new thinpads (LP: #1833637)
    - Input: elantech - enable middle button support on 2 ThinkPads
  * Kernel panic upon resetting ixgbe SR-IOV VFIO virtual function using 5.0
    kernel (LP: #1829652)
    - SAUCE: ixgbe: Avoid NULL pointer dereference with VF on non-IPsec hw
  * CVE-2019-11884
    - Bluetooth: hidp: fix buffer overflow
  * TPM module can not initial (LP: #1826142)
    - spi: Optionally use GPIO descriptors for CS GPIOs
    - spi: dw: Convert to use CS GPIO descriptors
    - spi: dw: fix warning unused variable 'ret'
    - spi: Support high CS when using descriptors
    - spi: dw: Fix default polarity of native chipselect
    - gpio: of: Fix logic inversion
    - spi: Add missing error handling for CS GPIOs
  * CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130 // CVE-2019-11091
    - SAUCE: Synchronize MDS mitigations with upstream
    - Documentation: Correct the possible MDS sysfs values
    - x86/speculation/mds: Fix documentation typo
  * CVE-2019-11091
    - x86/mds: Add MDSUM variant to the MDS documentation
  * Regression for ubuntu_kernel_selftests [net] ubuntu_bpf test case fails to
    build on disco (LP: #1829812)
    - tools: bpftool: add basic probe capability, probe syscall availability
    - tools: bpftool: add probes for eBPF program types
  * POSIX fix for ftrace test in ubuntu_kernel_selftests (LP: #1828995)
    - selftests/ftrace: Replace \e with \033
    - selftests/ftrace: Replace echo -e with printf
  * Disco update: 5.0.12 upstream stable release (LP: #1830934)
    - selinux: use kernel linux/socket.h for genheaders and mdp
    - Revert "ACPICA: Clear status of GPEs before enabling them"
    - drm/i915: Do not enable FEC without DSC
    - mm: make page ref count overflow check tighter and more explicit
    - mm: add 'try_get_page()' helper function
    - mm: prevent get_user_pages() from overflowing page refcount
    - fs: prevent page refcount overflow in pipe_buf_get
    - arm64: dts: renesas: r8a77990: Fix SCIF5 DMA channels
    - ARM: dts: bcm283x: Fix hdmi hpd gpio pull
    - s390: limit brk randomization to 32MB
    - mt76x02: fix hdr pointer in write txwi for USB
    - mt76: mt76x2: fix external LNA gain settings
    - mt76: mt76x2: fix 2.4 GHz channel gain settings
    - net: ieee802154: fix a potential NULL pointer dereference
    - ieee802154: hwsim: propagate genlmsg_reply return code
    - Btrfs: fix file corruption after snapshotting due to mix of buffered/DIO
      writes
    - net: stmmac: don't set own bit too early for jumbo frames
    - net: stmmac: fix jumbo frame sending with non-linear skbs
    - qlcnic: Avoid potential NULL pointer dereference
    - xsk: fix umem memory leak on cleanup
    - staging: axis-fifo: add CONFIG_OF dependency
    - staging, mt7621-pci: fix build without pci support
    - netfilter: nft_set_rbtree: check for inactive element after flag mismatch
    - netfilter: bridge: set skb transport_header before entering
      NF_INET_PRE_ROUTING
    - netfilter: fix NETFILTER_XT_TARGET_TEE dependencies
    - netfilter: ip6t_srh: fix NULL pointer dereferences
    - s390/qeth: fix race when initializing the IP address table
    - ARM: imx51: fix a leaked reference by adding missing of_node_put
    - sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init()
    - serial: ar933x_uart: Fix build failure with disabled console
    - KVM: arm64: Reset the PMU in preemptible context
    - arm64: KVM: Always set ICH_HCR_EL2.EN if GICv4 is enabled
    - KVM: arm/arm64: vgic-its: Take the srcu lock when writing to guest memory
    - KVM: arm/arm64: vgic-its: Take the srcu lock when parsing the memslots
    - usb: dwc3: pci: add support for Comet Lake PCH ID
    - usb: gadget: net2280: Fix overrun of OUT messages
    - usb: gadget: net2280: Fix net2280_dequeue()
    - usb: gadget: net2272: Fix net2272_dequeue()
    - ARM: dts: pfla02: increase phy reset duration
    - i2c: i801: Add support for Intel Comet Lake
    - KVM: arm/arm64: Fix handling of stage2 huge mappings
    - net: ks8851: Dequeue RX packets explicitly
    - net: ks8851: Reassert reset pin if chip ID check fails
    - net: ks8851: Delay requesting IRQ until opened
    - net: ks8851: Set initial carrier state to down
    - staging: rtl8188eu: Fix potential NULL pointer dereference of kcalloc
    - staging: rtlwifi: rtl8822b: fix to avoid potential NULL pointer dereference
    - staging: rtl8712: uninitialized memory in read_bbreg_hdl()
    - staging: rtlwifi: Fix potential NULL pointer dereference of kzalloc
    - net: phy: Add DP83825I to the DP83822 driver
    - net: macb: Add null check for PCLK and HCLK
    - net/sched: don't dereference a->goto_chain to read the chain index
    - ARM: dts: imx6qdl: Fix typo in imx6qdl-icore-rqs.dtsi
    - drm/tegra: hub: Fix dereference before check
    - NFS: Fix a typo in nfs_init_timeout_values()
    - net: xilinx: fix possible object reference leak
    - net: ibm: fix possible object reference leak
    - net: ethernet: ti: fix possible object reference leak
    - drm: Fix drm_release() and device unplug
    - gpio: aspeed: fix a potential NULL pointer dereference
    - drm/meson: Fix invalid pointer in meson_drv_unbind()
    - drm/meson: Uninstall IRQ handler
    - ARM: davinci: fix build failure with allnoconfig
    - sbitmap: order READ/WRITE freed instance and setting clear bit
    - staging: vc04_services: Fix an error code in vchiq_probe()
    - scsi: mpt3sas: Fix kernel panic during expander reset
    - scsi: aacraid: Insure we don't access PCIe space during AER/EEH
    - scsi: qla4xxx: fix a potential NULL pointer dereference
    - usb: usb251xb: fix to avoid potential NULL pointer dereference
    - leds: trigger: netdev: fix refcnt leak on interface rename
    - SUNRPC: fix uninitialized variable warning
    - x86/realmode: Don't leak the trampoline kernel address
    - usb: u132-hcd: fix resource leak
    - ceph: fix use-after-free on symlink traversal
    - scsi: zfcp: reduce flood of fcrscn1 trace records on multi-element RSCN
    - x86/mm: Don't exceed the valid physical address space
    - libata: fix using DMA buffers on stack
    - kbuild: skip parsing pre sub-make code for recursion
    - afs: Fix StoreData op marshalling
    - gpio: of: Check propname before applying "cs-gpios" quirks
    - gpio: of: Check for "spi-cs-high" in child instead of parent node
    - KVM: nVMX: Do not inherit quadrant and invalid for the root shadow EPT
    - KVM: SVM: Workaround errata#1096 (insn_len maybe zero on SMAP violation)
    - kvm/x86: Move MSR_IA32_ARCH_CAPABILITIES to array emulated_msrs
    - x86/kvm/hyper-v: avoid spurious pending stimer on vCPU init
    - KVM: selftests: assert on exit reason in CR4/cpuid sync test
    - KVM: selftests: explicitly disable PIE for tests
    - KVM: selftests: disable stack protector for all KVM tests
    - KVM: selftests: complete IO before migrating guest state
    - gpio: of: Fix of_gpiochip_add() error path
    - nvme-multipath: relax ANA state check
    - nvmet: fix building bvec from sg list
    - nvmet: fix error flow during ns enable
    - perf cs-etm: Add missing case value
    - perf machine: Update kernel map address and re-order properly
    - kconfig/[mn]conf: handle backspace (^H) key
    - iommu/amd: Reserve exclusion range in iova-domain
    - kasan: fix variable 'tag' set but not used warning
    - ptrace: take into account saved_sigmask in PTRACE{GET,SET}SIGMASK
    - leds: pca9532: fix a potential NULL pointer dereference
    - leds: trigger: netdev: use memcpy in device_name_store
    - Linux 5.0.12
    - [Config] Document drop of axis-fifo for amd64/i386
  * Disco update: 5.0.11 upstream stable release (LP: #1830929)
    - netfilter: nf_tables: bogus EBUSY when deleting set after flush
    - netfilter: nf_tables: bogus EBUSY in helper removal from transaction
    - intel_th: gth: Fix an off-by-one in output unassigning
    - powerpc/vdso32: fix CLOCK_MONOTONIC on PPC64
    - ALSA: hda/realtek - Move to ACT_INIT state
    - fs/proc/proc_sysctl.c: Fix a NULL pointer dereference
    - block, bfq: fix use after free in bfq_bfqq_expire
    - cifs: fix memory leak in SMB2_read
    - cifs: fix page reference leak with readv/writev
    - cifs: do not attempt cifs operation on smb2+ rename error
    - tracing: Fix a memory leak by early error exit in trace_pid_write()
    - tracing: Fix buffer_ref pipe ops
    - crypto: xts - Fix atomic sleep when walking skcipher
    - crypto: lrw - Fix atomic sleep when walking skcipher
    - gpio: eic: sprd: Fix incorrect irq type setting for the sync EIC
    - zram: pass down the bvec we need to read into in the work struct
    - lib/Kconfig.debug: fix build error without CONFIG_BLOCK
    - MIPS: scall64-o32: Fix indirect syscall number load
    - trace: Fix preempt_enable_no_resched() abuse
    - mm: do not boost watermarks to avoid fragmentation for the DISCONTIG memory
      model
    - arm64: mm: Ensure tail of unaligned initrd is reserved
    - IB/rdmavt: Fix frwr memory registration
    - RDMA/mlx5: Do not allow the user to write to the clock page
    - RDMA/mlx5: Use rdma_user_map_io for mapping BAR pages
    - RDMA/ucontext: Fix regression with disassociate
    - sched/numa: Fix a possible divide-by-zero
    - ceph: only use d_name directly when parent is locked
    - ceph: ensure d_name stability in ceph_dentry_hash()
    - ceph: fix ci->i_head_snapc leak
    - nfsd: Don't release the callback slot unless it was actually held
    - nfsd: wake waiters blocked on file_lock before deleting it
    - nfsd: wake blocked file lock waiters before sending callback
    - sunrpc: don't mark uninitialised items as VALID.
    - perf/x86/intel: Update KBL Package C-state events to also include
      PC8/PC9/PC10 counters
    - Input: synaptics-rmi4 - write config register values to the right offset
    - dmaengine: sh: rcar-dmac: With cyclic DMA residue 0 is valid
    - dmaengine: sh: rcar-dmac: Fix glitch in dmaengine_tx_status
    - dmaengine: mediatek-cqdma: fix wrong register usage in mtk_cqdma_start
    - ARM: 8857/1: efi: enable CP15 DMB instructions before cleaning the cache
    - powerpc/mm/radix: Make Radix require HUGETLB_PAGE
    - drm/vc4: Fix memory leak during gpu reset.
    - drm/ttm: fix re-init of global structures
    - drm/vc4: Fix compilation error reported by kbuild test bot
    - ext4: fix some error pointer dereferences
    - loop: do not print warn message if partition scan is successful
    - tipc: handle the err returned from cmd header function
    - slip: make slhc_free() silently accept an error pointer
    - workqueue: Try to catch flush_work() without INIT_WORK().
    - sched/deadline: Correctly handle active 0-lag timers
    - mac80211_hwsim: calculate if_combination.max_interfaces
    - NFS: Forbid setting AF_INET6 to "struct sockaddr_in"->sin_family.
    - netfilter: ebtables: CONFIG_COMPAT: drop a bogus WARN_ON
    - fm10k: Fix a potential NULL pointer dereference
    - tipc: check bearer name with right length in tipc_nl_compat_bearer_enable
    - tipc: check link name with right length in tipc_nl_compat_link_set
    - net: netrom: Fix error cleanup path of nr_proto_init
    - net/rds: Check address length before reading address family
    - rxrpc: fix race condition in rxrpc_input_packet()
    - pin iocb through aio.
    - aio: fold lookup_kiocb() into its sole caller
    - aio: keep io_event in aio_kiocb
    - aio: store event at final iocb_put()
    - Fix aio_poll() races
    - x86, retpolines: Raise limit for generating indirect calls from switch-case
    - x86/retpolines: Disable switch jump tables when retpolines are enabled
    - rdma: fix build errors on s390 and MIPS due to bad ZERO_PAGE use
    - ipv4: add sanity checks in ipv4_link_failure()
    - ipv4: set the tcp_min_rtt_wlen range from 0 to one day
    - mlxsw: spectrum: Fix autoneg status in ethtool
    - net/mlx5e: ethtool, Remove unsupported SFP EEPROM high pages query
    - net: rds: exchange of 8K and 1M pool
    - net/rose: fix unbound loop in rose_loopback_timer()
    - net: stmmac: move stmmac_check_ether_addr() to driver probe
    - net/tls: fix refcount adjustment in fallback
    - stmmac: pci: Adjust IOT2000 matching
    - team: fix possible recursive locking when add slaves
    - net: socionext: replace napi_alloc_frag with the netdev variant on init
    - net/ncsi: handle overflow when incrementing mac address
    - mlxsw: pci: Reincrease PCI reset timeout
    - mlxsw: spectrum: Put MC TCs into DWRR mode
    - net/mlx5e: Fix the max MTU check in case of XDP
    - net/mlx5e: Fix use-after-free after xdp_return_frame
    - net/tls: avoid potential deadlock in tls_set_device_offload_rx()
    - net/tls: don't leak IV and record seq when offload fails
    - Linux 5.0.11
  * Disco update: 5.0.10 upstream stable release (LP: #1830922)
    - bonding: fix event handling for stacked bonds
    - failover: allow name change on IFF_UP slave interfaces
    - net: atm: Fix potential Spectre v1 vulnerabilities
    - net: bridge: fix per-port af_packet sockets
    - net: bridge: multicast: use rcu to access port list from
      br_multicast_start_querier
    - net: fec: manage ahb clock in runtime pm
    - net: Fix missing meta data in skb with vlan packet
    - net: fou: do not use guehdr after iptunnel_pull_offloads in gue_udp_recv
    - tcp: tcp_grow_window() needs to respect tcp_space()
    - team: set slave to promisc if team is already in promisc mode
    - tipc: missing entries in name table of publications
    - vhost: reject zero size iova range
    - ipv4: recompile ip options in ipv4_link_failure
    - ipv4: ensure rcu_read_lock() in ipv4_link_failure()
    - mlxsw: spectrum_switchdev: Add MDB entries in prepare phase
    - mlxsw: core: Do not use WQ_MEM_RECLAIM for EMAD workqueue
    - mlxsw: core: Do not use WQ_MEM_RECLAIM for mlxsw ordered workqueue
    - mlxsw: core: Do not use WQ_MEM_RECLAIM for mlxsw workqueue
    - mlxsw: spectrum_router: Do not check VRF MAC address
    - net: thunderx: raise XDP MTU to 1508
    - net: thunderx: don't allow jumbo frames with XDP
    - net/tls: fix the IV leaks
    - net/tls: don't leak partially sent record in device mode
    - net: strparser: partially revert "strparser: Call skb_unclone conditionally"
    - net/tls: fix build without CONFIG_TLS_DEVICE
    - net: bridge: fix netlink export of vlan_stats_per_port option
    - net/mlx5e: XDP, Avoid checksum complete when XDP prog is loaded
    - net/mlx5e: Protect against non-uplink representor for encap
    - net/mlx5e: Switch to Toeplitz RSS hash by default
    - net/mlx5e: Rx, Fixup skb checksum for packets with tail padding
    - net/mlx5e: Rx, Check ip headers sanity
    - Revert "net/mlx5e: Enable reporting checksum unnecessary also for L3
      packets"
    - net/mlx5: FPGA, tls, hold rcu read lock a bit longer
    - net/tls: prevent bad memory access in tls_is_sk_tx_device_offloaded()
    - net/mlx5: FPGA, tls, idr remove on flow delete
    - route: Avoid crash from dereferencing NULL rt->from
    - nfp: flower: replace CFI with vlan present
    - nfp: flower: remove vlan CFI bit from push vlan action
    - sch_cake: Use tc_skb_protocol() helper for getting packet protocol
    - sch_cake: Make sure we can write the IP header before changing DSCP bits
    - NFC: nci: Add some bounds checking in nci_hci_cmd_received()
    - nfc: nci: Potential off by one in ->pipes[] array
    - sch_cake: Simplify logic in cake_select_tin()
    - CIFS: keep FileInfo handle live during oplock break
    - cifs: Fix lease buffer length error
    - cifs: Fix use-after-free in SMB2_write
    - cifs: Fix use-after-free in SMB2_read
    - cifs: fix handle leak in smb2_query_symlink()
    - fs/dax: Deposit pagetable even when installing zero page
    - KVM: x86: Don't clear EFER during SMM transitions for 32-bit vCPU
    - KVM: x86: svm: make sure NMI is injected after nmi_singlestep
    - Staging: iio: meter: fixed typo
    - staging: iio: ad7192: Fix ad7193 channel address
    - iio: gyro: mpu3050: fix chip ID reading
    - iio/gyro/bmg160: Use millidegrees for temperature scale
    - iio:chemical:bme680: Fix, report temperature in millidegrees
    - iio:chemical:bme680: Fix SPI read interface
    - iio: cros_ec: Fix the maths for gyro scale calculation
    - iio: ad_sigma_delta: select channel when reading register
    - iio: dac: mcp4725: add missing powerdown bits in store eeprom
    - iio: Fix scan mask selection
    - iio: adc: at91: disable adc channel interrupt in timeout case
    - iio: core: fix a possible circular locking dependency
    - io: accel: kxcjk1013: restore the range after resume.
    - staging: most: core: use device description as name
    - staging: comedi: vmk80xx: Fix use of uninitialized semaphore
    - staging: comedi: vmk80xx: Fix possible double-free of ->usb_rx_buf
    - staging: comedi: ni_usb6501: Fix use of uninitialized mutex
    - staging: comedi: ni_usb6501: Fix possible double-free of ->usb_rx_buf
    - ALSA: core: Fix card races between register and disconnect
    - Input: elan_i2c - add hardware ID for multiple Lenovo laptops
    - serial: sh-sci: Fix HSCIF RX sampling point adjustment
    - serial: sh-sci: Fix HSCIF RX sampling point calculation
    - vt: fix cursor when clearing the screen
    - scsi: core: set result when the command cannot be dispatched
    - Revert "scsi: fcoe: clear FC_RP_STARTED flags when receiving a LOGO"
    - i3c: dw: Fix dw_i3c_master_disable controller by using correct mask
    - i3c: Fix the verification of random PID
    - Revert "svm: Fix AVIC incomplete IPI emulation"
    - coredump: fix race condition between mmget_not_zero()/get_task_mm() and core
      dumping
    - x86/kvm: move kvm_load/put_guest_xcr0 into atomic context
    - ipmi: fix sleep-in-atomic in free_user at cleanup SRCU user->release_barrier
    - crypto: x86/poly1305 - fix overflow during partial reduction
    - drm/ttm: fix out-of-bounds read in ttm_put_pages() v2
    - arm64: futex: Restore oldval initialization to work around buggy compilers
    - x86/kprobes: Verify stack frame on kretprobe
    - kprobes: Mark ftrace mcount handler functions nokprobe
    - x86/kprobes: Avoid kretprobe recursion bug
    - kprobes: Fix error check when reusing optimized probes
    - rt2x00: do not increment sequence number while re-transmitting
    - mac80211: do not call driver wake_tx_queue op during reconfig
    - s390/mem_detect: Use IS_ENABLED(CONFIG_BLK_DEV_INITRD)
    - drm/amdgpu/gmc9: fix VM_L2_CNTL3 programming
    - perf/x86/amd: Add event map for AMD Family 17h
    - x86/cpu/bugs: Use __initconst for 'const' init data
    - perf/x86: Fix incorrect PEBS_REGS
    - x86/speculation: Prevent deadlock on ssb_state::lock
    - timers/sched_clock: Prevent generic sched_clock wrap caused by tick_freeze()
    - nfit/ars: Remove ars_start_flags
    - nfit/ars: Introduce scrub_flags
    - nfit/ars: Allow root to busy-poll the ARS state machine
    - nfit/ars: Avoid stale ARS results
    - tpm/tpm_i2c_atmel: Return -E2BIG when the transfer is incomplete
    - tpm: Fix the type of the return value in calc_tpm2_event_size()
    - Revert "kbuild: use -Oz instead of -Os when using clang"
    - sched/fair: Limit sched_cfs_period_timer() loop to avoid hard lockup
    - tpm: fix an invalid condition in tpm_common_poll
    - mt76x02: avoid status_list.lock and sta->rate_ctrl_lock dependency
    - device_cgroup: fix RCU imbalance in error case
    - perf/ring_buffer: Fix AUX record suppression
    - mm/memory_hotplug: do not unlock after failing to take the
      device_hotplug_lock
    - mm/vmstat.c: fix /proc/vmstat format for CONFIG_DEBUG_TLBFLUSH=y
      CONFIG_SMP=n
    - ALSA: info: Fix racy addition/deletion of nodes
    - percpu: stop printing kernel addresses
    - kernel/sysctl.c: fix out-of-bounds access when setting file-max
    - Linux 5.0.10
  * Disco update: 5.0.9 upstream stable release (LP: #1830906)
    - ARC: u-boot args: check that magic number is correct
    - arc: hsdk_defconfig: Enable CONFIG_BLK_DEV_RAM
    - perf/core: Restore mmap record type correctly
    - mips: bcm47xx: Enable USB power on Netgear WNDR3400v2
    - ext4: avoid panic during forced reboot
    - ext4: add missing brelse() in add_new_gdb_meta_bg()
    - ext4: report real fs size after failed resize
    - ALSA: echoaudio: add a check for ioremap_nocache
    - ALSA: sb8: add a check for request_region
    - auxdisplay: hd44780: Fix memory leak on ->remove()
    - drm/udl: use drm_gem_object_put_unlocked.
    - IB/mlx4: Fix race condition between catas error reset and aliasguid flows
    - i40iw: Avoid panic when handling the inetdev event
    - mmc: davinci: remove extraneous __init annotation
    - ALSA: opl3: fix mismatch between snd_opl3_drum_switch definition and
      declaration
    - paride/pf: cleanup queues when detection fails
    - paride/pcd: cleanup queues when detection fails
    - thermal/intel_powerclamp: fix __percpu declaration of worker_data
    - thermal: samsung: Fix incorrect check after code merge
    - thermal: bcm2835: Fix crash in bcm2835_thermal_debugfs
    - thermal/int340x_thermal: Add additional UUIDs
    - thermal/int340x_thermal: fix mode setting
    - thermal/intel_powerclamp: fix truncated kthread name
    - scsi: iscsi: flush running unbind operations when removing a session
    - sched/cpufreq: Fix 32-bit math overflow
    - sched/core: Fix buffer overflow in cgroup2 property cpu.max
    - x86/mm: Don't leak kernel addresses
    - tools/power turbostat: return the exit status of a command
    - scsi: core: Also call destroy_rcu_head() for passthrough requests
    - scsi: qla2xxx: Fix NULL pointer crash due to stale CPUID
    - perf stat: Fix --no-scale
    - perf list: Don't forget to drop the reference to the allocated thread_map
    - perf tools: Fix errors under optimization level '-Og'
    - perf config: Fix an error in the config template documentation
    - perf config: Fix a memory leak in collect_config()
    - perf build-id: Fix memory leak in print_sdt_events()
    - perf top: Fix error handling in cmd_top()
    - perf hist: Add missing map__put() in error case
    - perf map: Remove map from 'names' tree in __maps__remove()
    - perf maps: Purge all maps from the 'names' tree
    - perf top: Fix global-buffer-overflow issue
    - perf evsel: Free evsel->counts in perf_evsel__exit()
    - perf tests: Fix a memory leak of cpu_map object in the
      openat_syscall_event_on_all_cpus test
    - perf tests: Fix memory leak by expr__find_other() in test__expr()
    - perf tests: Fix a memory leak in test__perf_evsel__tp_sched_test()
    - ACPI / utils: Drop reference in test for device presence
    - PM / Domains: Avoid a potential deadlock
    - blk-iolatency: #include "blk.h"
    - drm/exynos/mixer: fix MIXER shadow registry synchronisation code
    - irqchip/stm32: Don't clear rising/falling config registers at init
    - irqchip/stm32: Don't set rising configuration registers at init
    - irqchip/mbigen: Don't clear eventid when freeing an MSI
    - x86/hpet: Prevent potential NULL pointer dereference
    - x86/hyperv: Prevent potential NULL pointer dereference
    - x86/cpu/cyrix: Use correct macros for Cyrix calls on Geode processors
    - drm/nouveau/debugfs: Fix check of pm_runtime_get_sync failure
    - iommu/vt-d: Check capability before disabling protected memory
    - iommu/vt-d: Save the right domain ID used by hardware
    - x86/hw_breakpoints: Make default case in hw_breakpoint_arch_parse() return
      an error
    - cifs: fix that return -EINVAL when do dedupe operation
    - fix incorrect error code mapping for OBJECTID_NOT_FOUND
    - cifs: Fix slab-out-of-bounds when tracing SMB tcon
    - x86/gart: Exclude GART aperture from kcore
    - ext4: prohibit fstrim in norecovery mode
    - lkdtm: Print real addresses
    - lkdtm: Add tests for NULL pointer dereference
    - drm/amdgpu: psp_ring_destroy cause psp->km_ring.ring_mem NULL
    - drm/panel: panel-innolux: set display off in innolux_panel_unprepare
    - crypto: axis - fix for recursive locking from bottom half
    - Revert "ACPI / EC: Remove old CLEAR_ON_RESUME quirk"
    - coresight: cpu-debug: Support for CA73 CPUs
    - PCI: Blacklist power management of Gigabyte X299 DESIGNARE EX PCIe ports
    - PCI/ASPM: Save LTR Capability for suspend/resume
    - f2fs: sync filesystem after roll-forward recovery
    - drm/nouveau/volt/gf117: fix speedo readout register
    - platform/x86: intel_pmc_core: Quirk to ignore XTAL shutdown
    - ARM: 8839/1: kprobe: make patch_lock a raw_spinlock_t
    - drm/amdkfd: use init_mqd function to allocate object for hid_mqd (CI)
    - appletalk: Fix use-after-free in atalk_proc_exit
    - cifs: return -ENODATA when deleting an xattr that does not exist
    - lib/div64.c: off by one in shift
    - rxrpc: Fix client call connect/disconnect race
    - f2fs: fix to dirty inode for i_mode recovery
    - f2fs: fix to use kvfree instead of kzfree
    - f2fs: fix to add refcount once page is tagged PG_private
    - include/linux/swap.h: use offsetof() instead of custom __swapoffset macro
    - bpf: fix use after free in bpf_evict_inode
    - IB/hfi1: Failed to drain send queue when QP is put into error state
    - paride/pf: Fix potential NULL pointer dereference
    - paride/pcd: Fix potential NULL pointer dereference and mem leak
    - Linux 5.0.9
  * crashdump fails on HiSilicon D06 (LP: #1828868)
    - iommu/arm-smmu-v3: Don't disable SMMU in kdump kernel
  * Eletrical noise occurred when external headset enter powersaving mode on a
    DEll machine (LP: #1828798)
    - ALSA: hda/realtek - Fixup headphone noise via runtime suspend
  * [18.04/18.10] File libperf-jvmti.so is missing in linux-tools-common deb on
    Ubuntu (LP: #1761379)
    - [Packaging] Support building libperf-jvmti.so
  * ethtool identify command doesn't blink LED on Hi1620 NICs (LP: #1829306)
    - net: phy: marvell: add new default led configure for m88e151x
  * Add support to Comet Lake LPSS (LP: #1830175)
    - mfd: intel-lpss: Add Intel Comet Lake PCI IDs
  * Reduce NAPI weight in hns driver from 256 to 64 (LP: #1830587)
    - net: hns: Use NAPI_POLL_WEIGHT for hns driver

-- Connor Kuehl <connor.kuehl@canonical.com>  Tue, 02 Jul 2019 14:21:39 -0700

Changed in linux-kvm (Ubuntu Disco):
status:	Fix Committed → Fix Released

Launchpad Janitor (janitor) on 2019-07-23

Changed in linux-kvm (Ubuntu):
status:	In Progress → Fix Released

Po-Hsu Lin (cypressyew) on 2021-03-12

Changed in linux-kvm (Ubuntu Cosmic):
status:	Fix Committed → Won't Fix

ubuntu-kernel-tests

test_410_config_lock_down_kernel in ubuntu_kernel_security test failed on B/C/D KVM

Bug Description

CVE References

Other bug subscribers

Remote bug watches

	Status	Importance	Assigned to
QA Regression Testing	Fix Released	Undecided	Unassigned
ubuntu-kernel-tests	Fix Released	Undecided	Po-Hsu Lin
linux-kvm (Ubuntu)	Fix Released	Undecided	Po-Hsu Lin
Bionic	Fix Released	Undecided	Po-Hsu Lin
Cosmic	Won't Fix	Undecided	Po-Hsu Lin
Disco	Fix Released	Undecided	Po-Hsu Lin