* Surelock-GA2:kernel panic/ exception @ pcibios_set_pcie_reset_state+0x118/0x280 + cxl_reset+0x5c/0xc0 (LP: #1545037)
- powerpc/eeh: Fix stale cached primary bus
* Miscellaneous Ubuntu changes
- SAUCE: fs: Add user namesapace member to struct super_block
- SAUCE: fs: Limit file caps to the user namespace of the super block
- SAUCE: Smack: Add support for unprivileged mounts from user namespaces
- SAUCE: block_dev: Support checking inode permissions in lookup_bdev()
- SAUCE: block_dev: Check permissions towards block device inode when mounting
- SAUCE: fs: Treat foreign mounts as nosuid
- SAUCE: selinux: Add support for unprivileged mounts from user namespaces
- SAUCE: userns: Replace in_userns with current_in_userns
- SAUCE: Smack: Handle labels consistently in untrusted mounts
- SAUCE: fs: Check for invalid i_uid in may_follow_link()
- SAUCE: cred: Reject inodes with invalid ids in set_create_file_as()
- SAUCE: fs: Refuse uid/gid changes which don't map into s_user_ns
- SAUCE: fs: Update posix_acl support to handle user namespace mounts
- SAUCE: fs: Ensure the mounter of a filesystem is privileged towards its inodes
- SAUCE: fs: Don't remove suid for CAP_FSETID in s_user_ns
- SAUCE: fs: Allow superblock owner to access do_remount_sb()
- SAUCE: capabilities: Allow privileged user in s_user_ns to set security.* xattrs
- SAUCE: fuse: Add support for pid namespaces
- SAUCE: fuse: Support fuse filesystems outside of init_user_ns
- SAUCE: fuse: Restrict allow_other to the superblock's namespace or a descendant
- SAUCE: fuse: Allow user namespace mounts
- SAUCE: mtd: Check permissions towards mtd block device inode when mounting
- SAUCE: fs: Update i_[ug]id_(read|write) to translate relative to s_user_ns
- SAUCE: quota: Convert ids relative to s_user_ns
- SAUCE: evm: Translate user/group ids relative to s_user_ns when computing HMAC
- SAUCE: fs: Allow CAP_SYS_ADMIN in s_user_ns to freeze and thaw filesystems
- SAUCE: quota: Treat superblock owner as privilged
- SAUCE: ima/evm: Allow root in s_user_ns to set xattrs
- SAUCE: block_dev: Forbid unprivileged mounting when device is opened for writing
- SAUCE: ext4: Add support for unprivileged mounts from user namespaces
- SAUCE: ext4: Add module parameter to enable user namespace mounts
- SAUCE: fuse: Add module parameter to enable user namespace mounts
* Miscellaneous upstream changes
- megaraid: Fix possible NULL pointer deference in mraid_mm_ioctl
- libahci: Implement the capability to override the generic ahci interrupt handler.
- ata: Remove the AHCI_HFLAG_EDGE_IRQ support from libahci.
- ahci_xgene: Implement the workaround to fix the missing of the edge interrupt for the HOST_IRQ_STAT.
-- Tim Gardner <email address hidden> Fri, 12 Feb 2016 09:49:05 -0700
This bug was fixed in the package linux - 4.4.0-6.21
---------------
linux (4.4.0-6.21) xenial; urgency=low
[ Tim Gardner ]
* Release Tracking Bug
- LP: #1546283
* Naples/Zen, NTB Driver (LP: #1542071)
- [Config] CONFIG_NTB_AMD=m
- NTB: Add support for AMD PCI-Express Non-Transparent Bridge
* [Hyper-V] kernel panic occurs when installing Ubuntu Server x32 (LP: #1495983)
- SAUCE: storvsc: use small sg_tablesize on x86
* Enable arm64 emulation of removed ARMv7 instructions (LP: #1545542) ARMV8_DEPRECATE D=y
- [Config] CONFIG_
* Surelock-GA2:kernel panic/ exception @ pcibios_ set_pcie_ reset_state+ 0x118/0x280 + cxl_reset+0x5c/0xc0 (LP: #1545037)
- powerpc/eeh: Fix stale cached primary bus
* Miscellaneous Ubuntu changes file_as( ) (read|write) to translate relative to s_user_ns
- SAUCE: fs: Add user namesapace member to struct super_block
- SAUCE: fs: Limit file caps to the user namespace of the super block
- SAUCE: Smack: Add support for unprivileged mounts from user namespaces
- SAUCE: block_dev: Support checking inode permissions in lookup_bdev()
- SAUCE: block_dev: Check permissions towards block device inode when mounting
- SAUCE: fs: Treat foreign mounts as nosuid
- SAUCE: selinux: Add support for unprivileged mounts from user namespaces
- SAUCE: userns: Replace in_userns with current_in_userns
- SAUCE: Smack: Handle labels consistently in untrusted mounts
- SAUCE: fs: Check for invalid i_uid in may_follow_link()
- SAUCE: cred: Reject inodes with invalid ids in set_create_
- SAUCE: fs: Refuse uid/gid changes which don't map into s_user_ns
- SAUCE: fs: Update posix_acl support to handle user namespace mounts
- SAUCE: fs: Ensure the mounter of a filesystem is privileged towards its inodes
- SAUCE: fs: Don't remove suid for CAP_FSETID in s_user_ns
- SAUCE: fs: Allow superblock owner to access do_remount_sb()
- SAUCE: capabilities: Allow privileged user in s_user_ns to set security.* xattrs
- SAUCE: fuse: Add support for pid namespaces
- SAUCE: fuse: Support fuse filesystems outside of init_user_ns
- SAUCE: fuse: Restrict allow_other to the superblock's namespace or a descendant
- SAUCE: fuse: Allow user namespace mounts
- SAUCE: mtd: Check permissions towards mtd block device inode when mounting
- SAUCE: fs: Update i_[ug]id_
- SAUCE: quota: Convert ids relative to s_user_ns
- SAUCE: evm: Translate user/group ids relative to s_user_ns when computing HMAC
- SAUCE: fs: Allow CAP_SYS_ADMIN in s_user_ns to freeze and thaw filesystems
- SAUCE: quota: Treat superblock owner as privilged
- SAUCE: ima/evm: Allow root in s_user_ns to set xattrs
- SAUCE: block_dev: Forbid unprivileged mounting when device is opened for writing
- SAUCE: ext4: Add support for unprivileged mounts from user namespaces
- SAUCE: ext4: Add module parameter to enable user namespace mounts
- SAUCE: fuse: Add module parameter to enable user namespace mounts
* Miscellaneous upstream changes
- megaraid: Fix possible NULL pointer deference in mraid_mm_ioctl
- libahci: Implement the capability to override the generic ahci interrupt handler.
- ata: Remove the AHCI_HFLAG_EDGE_IRQ support from libahci.
- ahci_xgene: Implement the workaround to fix the missing of the edge interrupt for the HOST_IRQ_STAT.
-- Tim Gardner <email address hidden> Fri, 12 Feb 2016 09:49:05 -0700