Bug #1746463 “apparmor profile load in stacked policy container ...” : Bionic (18.04) : Bugs : apparmor package : Ubuntu

Revision history for this message

Launchpad Janitor (janitor) wrote on 2018-02-02:

#1

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in apparmor (Ubuntu Artful):
status:	New → Confirmed
Changed in apparmor (Ubuntu):
status:	New → Confirmed

Khaled El Mously (kmously) on 2018-02-04

Changed in apparmor (Ubuntu Artful):
status:	Confirmed → Fix Committed

Revision history for this message

Jamie Strandboge (jdstrand) wrote on 2018-02-27:

#3

This is affected snapd spread tests in GCE, where they have a xenial userspace and 4.13 kernel:

# cat /proc/version_signature
Ubuntu 4.13.0-1011.15-gcp 4.13.13

Revision history for this message

Jamie Strandboge (jdstrand) wrote on 2018-02-27:

#4

Here are more details on the snapd test failure: https://forum.snapcraft.io/t/lxd-issue-due-to-snap-confine-apparmor-profile/4203/18

Changed in snapd:
status:	New → Triaged

Revision history for this message

Jamie Strandboge (jdstrand) wrote on 2018-02-27:

#5

Add a snapd task so that when the https://launchpad.net/ubuntu/+source/linux-gcp is Fix Released, snapd can re-enable the tests/main/lxd test on GCE.

Changed in linux (Ubuntu Artful):
status:	New → Fix Committed
Changed in apparmor (Ubuntu Artful):
status:	Fix Committed → Won't Fix
Changed in linux (Ubuntu Bionic):
status:	New → Confirmed
tags:	added: aa-kernel

Revision history for this message

Jamie Strandboge (jdstrand) wrote on 2018-02-27:

#6

Since this is going to be fixed in 'linux' and 'linux-gcp', adding tasks for those.

Changed in apparmor (Ubuntu Artful):
status:	Won't Fix → Fix Committed
Changed in linux (Ubuntu Artful):
status:	Fix Committed → Confirmed
Changed in apparmor (Ubuntu Xenial):
status:	New → Won't Fix
Changed in linux (Ubuntu Xenial):
status:	New → Invalid
Changed in linux-gcp (Ubuntu Artful):
status:	New → Invalid
Changed in linux-gcp (Ubuntu Bionic):
status:	New → Invalid
Changed in linux-gcp (Ubuntu Xenial):
status:	New → Confirmed

Revision history for this message

Jamie Strandboge (jdstrand) wrote on 2018-02-27:

#7

FYI, the following kernels are also affected (all 4.13 based):
* linux-azure
* linux-hwe
* linux-hwe-edge
* linux-oem
* linux-raspi2

Revision history for this message

Launchpad Janitor (janitor) wrote on 2018-03-06:

#8

Download full text (38.0 KiB)

This bug was fixed in the package linux-gcp - 4.15.0-1001.1

---------------
linux-gcp (4.15.0-1001.1) bionic; urgency=medium

* linux-gcp: 4.15.0-1001.1 -proposed tracker (LP: #1752101)

  * linux xenial derivatives fail to build (LP: #1691814) // Prepare linux-gcp
    for bionic (LP: #1752069)
    - [Packaging] Set do_tools_common in common vars

  * Prepare linux-gcp for bionic (LP: #1752069)
    - linux-gcp: Update base kernel version
    - [Config] linux-gcp: Reset config annotations to master
    - [Config] linux-gcp: Add annotations overlay
    - [Config] linux-gcp: updateconfigs after rebase to Ubuntu-4.15.0-10.11
    - Ubuntu: linux-gcp: Revert build_arch=x86
    - [Packaging] linux-gcp: Update Vcs-Git for bionic

* CVE-2017-5715 (Spectre v2 retpoline)
- [Config] linux-gcp: disable retpoline checks for first upload

* [Packaging] Allow overlay of config annotations (LP: #1752072)
- [Packaging] config-check: allow overlay annotations files

[ Ubuntu: 4.15.0-10.11 ]

  * linux: 4.15.0-10.11 -proposed tracker (LP: #1749250)
  * "swiotlb: coherent allocation failed" dmesg spam with linux 4.15.0-9.10
    (LP: #1749202)
    - swiotlb: suppress warning when __GFP_NOWARN is set
    - drm/ttm: specify DMA_ATTR_NO_WARN for huge page pools
  * linux-tools: perf incorrectly linking libbfd (LP: #1748922)
    - SAUCE: tools -- add ability to disable libbfd
    - [Packaging] correct disablement of libbfd
  * [Artful] Realtek ALC225: 2 secs noise when a headset plugged in
    (LP: #1744058)
    - ALSA: hda/realtek - update ALC225 depop optimize
  * [Artful] Support headset mode for DELL WYSE (LP: #1723913)
    - SAUCE: ALSA: hda/realtek - Add support headset mode for DELL WYSE
  * headset mic can't be detected on two Dell machines (LP: #1748807)
    - ALSA: hda/realtek - Support headset mode for ALC215/ALC285/ALC289
    - ALSA: hda - Fix headset mic detection problem for two Dell machines
  * Bionic update to v4.15.3 stable release (LP: #1749191)
    - ip6mr: fix stale iterator
    - net: igmp: add a missing rcu locking section
    - qlcnic: fix deadlock bug
    - qmi_wwan: Add support for Quectel EP06
    - r8169: fix RTL8168EP take too long to complete driver initialization.
    - tcp: release sk_frag.page in tcp_disconnect
    - vhost_net: stop device during reset owner
    - ipv6: addrconf: break critical section in addrconf_verify_rtnl()
    - ipv6: change route cache aging logic
    - Revert "defer call to mem_cgroup_sk_alloc()"
    - net: ipv6: send unsolicited NA after DAD
    - rocker: fix possible null pointer dereference in
      rocker_router_fib_event_work
    - tcp_bbr: fix pacing_gain to always be unity when using lt_bw
    - cls_u32: add missing RCU annotation.
    - ipv6: Fix SO_REUSEPORT UDP socket with implicit sk_ipv6only
    - soreuseport: fix mem leak in reuseport_add_sock()
    - net_sched: get rid of rcu_barrier() in tcf_block_put_ext()
    - net: sched: fix use-after-free in tcf_block_put_ext
    - media: mtk-vcodec: add missing MODULE_LICENSE/DESCRIPTION
    - media: soc_camera: soc_scale_crop: add missing
      MODULE_DESCRIPTION/AUTHOR/LICENSE
    - media: tegra-cec: add missing MODULE_DESCRIPTION/AUTHOR/L...

This bug was fixed in the package linux-gcp - 4.15.0-1001.1

---------------
linux-gcp (4.15.0-1001.1) bionic; urgency=medium

* linux-gcp: 4.15.0-1001.1 -proposed tracker (LP: #1752101)

* linux xenial derivatives fail to build (LP: #1691814) // Prepare linux-gcp
    for bionic (LP: #1752069)
    - [Packaging] Set do_tools_common in common vars

* Prepare linux-gcp for bionic (LP: #1752069)
    - linux-gcp: Update base kernel version
    - [Config] linux-gcp: Reset config annotations to master
    - [Config] linux-gcp: Add annotations overlay
    - [Config] linux-gcp: updateconfigs after rebase to Ubuntu-4.15.0-10.11
    - Ubuntu: linux-gcp: Revert build_arch=x86
    - [Packaging] linux-gcp: Update Vcs-Git for bionic

* CVE-2017-5715 (Spectre v2 retpoline)
    - [Config] linux-gcp: disable retpoline checks for first upload

* [Packaging] Allow overlay of config annotations (LP: #1752072)
    - [Packaging] config-check: allow overlay annotations files

[ Ubuntu: 4.15.0-10.11 ]

* linux: 4.15.0-10.11 -proposed tracker (LP: #1749250)
  * "swiotlb: coherent allocation failed" dmesg spam with linux 4.15.0-9.10
    (LP: #1749202)
    - swiotlb: suppress warning when __GFP_NOWARN is set
    - drm/ttm: specify DMA_ATTR_NO_WARN for huge page pools
  * linux-tools: perf incorrectly linking libbfd (LP: #1748922)
    - SAUCE: tools -- add ability to disable libbfd
    - [Packaging] correct disablement of libbfd
  * [Artful] Realtek ALC225: 2 secs noise when a headset plugged in
    (LP: #1744058)
    - ALSA: hda/realtek - update ALC225 depop optimize
  * [Artful] Support headset mode for DELL WYSE (LP: #1723913)
    - SAUCE: ALSA: hda/realtek - Add support headset mode for DELL WYSE
  * headset mic can't be detected on two Dell machines (LP: #1748807)
    - ALSA: hda/realtek - Support headset mode for ALC215/ALC285/ALC289
    - ALSA: hda - Fix headset mic detection problem for two Dell machines
  * Bionic update to v4.15.3 stable release (LP: #1749191)
    - ip6mr: fix stale iterator
    - net: igmp: add a missing rcu locking section
    - qlcnic: fix deadlock bug
    - qmi_wwan: Add support for Quectel EP06
    - r8169: fix RTL8168EP take too long to complete driver initialization.
    - tcp: release sk_frag.page in tcp_disconnect
    - vhost_net: stop device during reset owner
    - ipv6: addrconf: break critical section in addrconf_verify_rtnl()
    - ipv6: change route cache aging logic
    - Revert "defer call to mem_cgroup_sk_alloc()"
    - net: ipv6: send unsolicited NA after DAD
    - rocker: fix possible null pointer dereference in
      rocker_router_fib_event_work
    - tcp_bbr: fix pacing_gain to always be unity when using lt_bw
    - cls_u32: add missing RCU annotation.
    - ipv6: Fix SO_REUSEPORT UDP socket with implicit sk_ipv6only
    - soreuseport: fix mem leak in reuseport_add_sock()
    - net_sched: get rid of rcu_barrier() in tcf_block_put_ext()
    - net: sched: fix use-after-free in tcf_block_put_ext
    - media: mtk-vcodec: add missing MODULE_LICENSE/DESCRIPTION
    - media: soc_camera: soc_scale_crop: add missing
      MODULE_DESCRIPTION/AUTHOR/LICENSE
    - media: tegra-cec: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
    - gpio: uniphier: fix mismatch between license text and MODULE_LICENSE
    - crypto: tcrypt - fix S/G table for test_aead_speed()
    - Linux 4.15.3
  * bnx2x_attn_int_deasserted3:4323 MC assert! (LP: #1715519) //
    CVE-2018-1000026
    - net: create skb_gso_validate_mac_len()
    - bnx2x: disable GSO where gso_size is too big for hardware
  * ethtool -p fails to light NIC LED on HiSilicon D05 systems (LP: #1748567)
    - net: hns: add ACPI mode support for ethtool -p
  * CVE-2017-5715 (Spectre v2 Intel)
    - [Packaging] retpoline files must be sorted
    - [Packaging] pull in retpoline files
  * [Feature] PXE boot with Intel Omni-Path (LP: #1712031)
    - d-i: Add hfi1 to nic-modules
  * CVE-2017-5715 (Spectre v2 retpoline)
    - [Packaging] retpoline -- add call site validation
    - [Config] disable retpoline checks for first upload
  * Do not duplicate changelog entries assigned to more than one bug or CVE
    (LP: #1743383)
    - [Packaging] git-ubuntu-log -- handle multiple bugs/cves better

[ Ubuntu: 4.15.0-9.10 ]

* linux: 4.15.0-9.10 -proposed tracker (LP: #1748244)
  * Miscellaneous Ubuntu changes
    - [Debian] tests -- remove gcc-multilib dependency for arm64

[ Ubuntu: 4.15.0-8.9 ]

* linux: 4.15.0-8.9 -proposed tracker (LP: #1748075)
  * Bionic update to v4.15.2 stable release (LP: #1748072)
    - KVM: x86: Make indirect calls in emulator speculation safe
    - KVM: VMX: Make indirect call speculation safe
    - module/retpoline: Warn about missing retpoline in module
    - x86/cpufeatures: Add CPUID_7_EDX CPUID leaf
    - x86/cpufeatures: Add Intel feature bits for Speculation Control
    - x86/cpufeatures: Add AMD feature bits for Speculation Control
    - x86/msr: Add definitions for new speculation control MSRs
    - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
    - x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes
    - x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support
    - x86/alternative: Print unadorned pointers
    - x86/nospec: Fix header guards names
    - x86/bugs: Drop one "mitigation" from dmesg
    - x86/cpu/bugs: Make retpoline module warning conditional
    - x86/cpufeatures: Clean up Spectre v2 related CPUID flags
    - x86/retpoline: Simplify vmexit_fill_RSB()
    - x86/speculation: Simplify indirect_branch_prediction_barrier()
    - auxdisplay: img-ascii-lcd: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
    - iio: adc/accel: Fix up module licenses
    - pinctrl: pxa: pxa2xx: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
    - ASoC: pcm512x: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
    - KVM: nVMX: Eliminate vmcs02 pool
    - KVM: VMX: introduce alloc_loaded_vmcs
    - objtool: Improve retpoline alternative handling
    - objtool: Add support for alternatives at the end of a section
    - objtool: Warn on stripped section symbol
    - x86/mm: Fix overlap of i386 CPU_ENTRY_AREA with FIX_BTMAP
    - x86/spectre: Check CONFIG_RETPOLINE in command line parser
    - x86/entry/64: Remove the SYSCALL64 fast path
    - x86/entry/64: Push extra regs right away
    - x86/asm: Move 'status' from thread_struct to thread_info
    - Documentation: Document array_index_nospec
    - array_index_nospec: Sanitize speculative array de-references
    - x86: Implement array_index_mask_nospec
    - x86: Introduce barrier_nospec
    - x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec
    - x86/usercopy: Replace open coded stac/clac with __uaccess_{begin, end}
    - x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec
    - x86/get_user: Use pointer masking to limit speculation
    - x86/syscall: Sanitize syscall table de-references under speculation
    - vfs, fdtable: Prevent bounds-check bypass via speculative execution
    - nl80211: Sanitize array index in parse_txq_params
    - x86/spectre: Report get_user mitigation for spectre_v1
    - x86/spectre: Fix spelling mistake: "vunerable"-> "vulnerable"
    - x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel
    - x86/speculation: Use Indirect Branch Prediction Barrier in context switch
    - x86/paravirt: Remove 'noreplace-paravirt' cmdline option
    - KVM: VMX: make MSR bitmaps per-VCPU
    - x86/kvm: Update spectre-v1 mitigation
    - x86/retpoline: Avoid retpolines for built-in __init functions
    - x86/spectre: Simplify spectre_v2 command line parsing
    - x86/pti: Mark constant arrays as __initconst
    - x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL
    - KVM/x86: Update the reverse_cpuid list to include CPUID_7_EDX
    - KVM/x86: Add IBPB support
    - KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES
    - KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL
    - KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL
    - serial: core: mark port as initialized after successful IRQ change
    - fpga: region: release of_parse_phandle nodes after use
    - Linux 4.15.2
  * Add support for the NIC on SynQuacer E-Series boards (LP: #1747792)
    - net: phy: core: remove now uneeded disabling of interrupts
    - [Config] CONFIG_NET_VENDOR_SOCIONEXT=y & CONFIG_SNI_NETSEC=m
    - net: socionext: Add Synquacer NetSec driver
    - net: socionext: include linux/io.h to fix build
    - net: socionext: Fix error return code in netsec_netdev_open()
  * [Artful/Bionic] [Config] enable EDAC_GHES for ARM64 (LP: #1747746)
    - [Config] CONFIG_EDAC_GHES=y
  * support thunderx2 vendor pmu events (LP: #1747523)
    - perf pmu: Pass pmu as a parameter to get_cpuid_str()
    - perf tools arm64: Add support for get_cpuid_str function.
    - perf pmu: Add helper function is_pmu_core to detect PMU CORE devices
    - perf vendor events arm64: Add ThunderX2 implementation defined pmu core
      events
    - perf pmu: Add check for valid cpuid in perf_pmu__find_map()
  * linux 4.14.0-7.9 ADT test failure with linux 4.14.0-7.9 (LP: #1732463)
    - SAUCE: mm: disable vma based swap readahead by default
    - SAUCE: mm: fix memory hotplug in ZONE_HIGHMEM
  * Miscellaneous Ubuntu changes
    - [Config] Fix CONFIG_PROFILE_ALL_BRANCHES annotations

[ Ubuntu: 4.15.0-7.8 ]

* Bionic update to v4.15.1 stable release (LP: #1747169)
    - Bluetooth: hci_serdev: Init hci_uart proto_lock to avoid oops
    - tools/gpio: Fix build error with musl libc
    - gpio: stmpe: i2c transfer are forbiden in atomic context
    - gpio: Fix kernel stack leak to userspace
    - ALSA: hda - Reduce the suspend time consumption for ALC256
    - crypto: ecdh - fix typo in KPP dependency of CRYPTO_ECDH
    - crypto: aesni - handle zero length dst buffer
    - crypto: aesni - fix typo in generic_gcmaes_decrypt
    - crypto: aesni - add wrapper for generic gcm(aes)
    - crypto: aesni - Fix out-of-bounds access of the data buffer in generic-gcm-
      aesni
    - crypto: aesni - Fix out-of-bounds access of the AAD buffer in generic-gcm-
      aesni
    - crypto: inside-secure - fix hash when length is a multiple of a block
    - crypto: inside-secure - avoid unmapping DMA memory that was not mapped
    - crypto: sha3-generic - fixes for alignment and big endian operation
    - crypto: af_alg - whitelist mask and type
    - HID: wacom: EKR: ensure devres groups at higher indexes are released
    - HID: wacom: Fix reporting of touch toggle (WACOM_HID_WD_MUTE_DEVICE) events
    - power: reset: zx-reboot: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
    - gpio: iop: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
    - gpio: ath79: add missing MODULE_DESCRIPTION/LICENSE
    - mtd: nand: denali_pci: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
    - igb: Free IRQs when device is hotplugged
    - ima/policy: fix parsing of fsuuid
    - scsi: aacraid: Fix udev inquiry race condition
    - scsi: aacraid: Fix hang in kdump
    - scsi: storvsc: missing error code in storvsc_probe()
    - staging: lustre: separate a connection destroy from free struct kib_conn
    - staging: ccree: NULLify backup_info when unused
    - staging: ccree: fix fips event irq handling build
    - tty: fix data race between tty_init_dev and flush of buf
    - usb: option: Add support for FS040U modem
    - USB: serial: pl2303: new device id for Chilitag
    - USB: cdc-acm: Do not log urb submission errors on disconnect
    - CDC-ACM: apply quirk for card reader
    - USB: serial: io_edgeport: fix possible sleep-in-atomic
    - usbip: prevent bind loops on devices attached to vhci_hcd
    - usbip: list: don't list devices attached to vhci_hcd
    - USB: serial: simple: add Motorola Tetra driver
    - usb: f_fs: Prevent gadget unbind if it is already unbound
    - usb: uas: unconditionally bring back host after reset
    - usb/gadget: Fix "high bandwidth" check in usb_gadget_ep_match_desc()
    - ANDROID: binder: remove waitqueue when thread exits.
    - android: binder: use VM_ALLOC to get vm area
    - mei: me: allow runtime pm for platform with D0i3
    - serial: 8250_of: fix return code when probe function fails to get reset
    - serial: 8250_uniphier: fix error return code in uniphier_uart_probe()
    - serial: 8250_dw: Revert "Improve clock rate setting"
    - serial: imx: Only wakeup via RTSDEN bit if the system has RTS/CTS
    - spi: imx: do not access registers while clocks disabled
    - iio: adc: stm32: fix scan of multiple channels with DMA
    - iio: chemical: ccs811: Fix output of IIO_CONCENTRATION channels
    - test_firmware: fix missing unlock on error in config_num_requests_store()
    - Input: synaptics-rmi4 - unmask F03 interrupts when port is opened
    - Input: synaptics-rmi4 - do not delete interrupt memory too early
    - x86/efi: Clarify that reset attack mitigation needs appropriate userspace
    - Linux 4.15.1
  * Dell XPS 13 9360 bluetooth (Atheros) won't connect after resume
    (LP: #1744712)
    - Revert "Bluetooth: btusb: fix QCA Rome suspend/resume"
    - Bluetooth: btusb: Restore QCA Rome suspend/resume fix with a "rewritten"
      version
  * apparmor profile load in stacked policy container fails (LP: #1746463)
    - SAUCE: apparmor: fix display of .ns_name for containers

[ Ubuntu: 4.15.0-6.7 ]

* upload urgency should be medium by default (LP: #1745338)
    - [Packaging] update urgency to medium by default
  * Shutdown hang on 16.04 with iscsi targets (LP: #1569925)
    - scsi: libiscsi: Allow sd_shutdown on bad transport
  * Miscellaneous Ubuntu changes
    - SAUCE: (noup) Update spl to 0.7.5-1ubuntu1, zfs to 0.7.5-1ubuntu1
    - Revert "UBUNTU: SAUCE: mm: fix memory hotplug in ZONE_HIGHMEM"
    - Revert "UBUNTU: SAUCE: mm: disable vma based swap readahead by default"
  * Rebase to v4.15

[ Ubuntu: 4.15.0-5.6 ]

* $(LOCAL_ENV_CC) and $(LOCAL_ENV_DISTCC_HOSTS) should be properly quoted
    (LP: #1744077)
    - [Debian] pass LOCAL_ENV_CC and LOCAL_ENV_DISTCC_HOSTS properly
  * Missing install-time driver for QLogic QED 25/40/100Gb Ethernet NIC
    (LP: #1743638)
    - [d-i] Add qede to nic-modules udeb
  * boot failure on AMD Raven + WesternXT (LP: #1742759)
    - SAUCE: drm/amdgpu: add atpx quirk handling (v2)
  * Unable to handle kernel NULL pointer dereference at isci_task_abort_task
    (LP: #1726519)
    - SAUCE: Revert "scsi: libsas: allow async aborts"
  * Update Ubuntu-4.15.0 config to support Intel Atom devices (LP: #1739939)
    - [Config] CONFIG_SERIAL_DEV_BUS=y, CONFIG_SERIAL_DEV_CTRL_TTYPORT=y
  * Miscellaneous Ubuntu changes
    - Rebase to v4.15-rc7
    - [Config] CONFIG_CPU_ISOLATION=y
    - [Config] Update annotations following config review
    - Revert "UBUNTU: SAUCE: Import aufs driver"
    - SAUCE: Import aufs driver
    - ubuntu: vbox -- update to 5.2.6-dfsg-1
    - ubuntu: vbox: build fixes for 4.15
    - ubuntu: vbox -- update to 5.2.6-dfsg-2
    - hio: updates for timer api changes in 4.15
    - enable hio build
    - Rebase to v4.15-rc9
  * Rebase to v4.15-rc9

[ Ubuntu: 4.15.0-4.5 ]

* [0cf3:e010] QCA6174A XR failed to pair with bt 4.0 device  (LP: #1741166)
    - SAUCE: Bluetooth: btusb: Add support for 0cf3:e010
  * External HDMI monitor failed to show screen on Lenovo X1 series
    (LP: #1738523)
    - SAUCE: drm/i915: Disable writing of TMDS_OE on Lenovo ThinkPad X1 series
  * Miscellaneous Ubuntu changes
    - [Debian] autoreconstruct - add resoration of execute permissions
  * Rebase to v4.15-rc4

[ Ubuntu: 4.15.0-3.4 ]

* ubuntu/xr-usb-serial didn't get built in zesty and artful (LP: #1733281)
    - SAUCE: make sure ubuntu/xr-usb-serial builds for x86
  * Rebase to v4.15-rc6

[ Ubuntu: 4.15.0-2.3 ]

* nvidia-graphics-drivers-384 384.90-0ubuntu6 ADT test failure with linux
    4.15.0-1.2 (LP: #1737752)
    - x86/mm: Unbreak modules that use the DMA API
  * Ubuntu 17.10 corrupting BIOS - many LENOVO laptops models (LP: #1734147)
    - [Config] CONFIG_SPI_INTEL_SPI_*=n
  * power: commonise configs IBMVETH/IBMVSCSI and ensure both are in linux-image
    and udebs (LP: #1521712)
    - [Config] Include ibmvnic in nic-modules
  * Enable arm64 emulation of removed ARMv7 instructions (LP: #1545542)
    - [Config] Enable support for emulation of deprecated ARMv8 instructions
  * Miscellaneous Ubuntu changes
    - SAUCE: (noup) Update spl with 4.15 compat fix (LP:#1737761)
    - Enable zfs build
    - [Debian] add icp to zfs-modules.ignore
  * Rebase to v4.15-rc4

[ Ubuntu: 4.15.0-1.2 ]

* Disabling zfs does not always disable module checks for the zfs modules
    (LP: #1737176)
    - [Packaging] disable zfs module checks when zfs is disabled
  * Miscellaneous Ubuntu changes
    - [Config] CONFIG_UNWINDER_FRAME_POINTER=y for amd64
  * Rebase to v4.15-rc3

[ Ubuntu: 4.15.0-0.1 ]

* Miscellaneous Ubuntu changes
    - ubuntu: vbox -- update to 5.2.2-dfsg-2
    - ubuntu: vbox: build fixes for 4.15
    - disable hio build
    - [Config] Update kernel lockdown options to fix build errors
    - Disable zfs build
    - SAUCE: Import aufs driver
    - [Config] Enable AUFS config options
  * Rebase to v4.15-rc2

[ Ubuntu: 4.14.0-11.13 ]

* linux: 4.14.0-11.13 -proposed tracker (LP: #1736168)
  * CVE-2017-1000405
    - mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d()
  * linux 4.14.0-7.9 ADT test failure with linux 4.14.0-7.9 (LP: #1732463)
    - SAUCE: mm: disable vma based swap readahead by default
    - SAUCE: mm: fix memory hotplug in ZONE_HIGHMEM
  * Bionic update to v4.14.3 stable release (LP: #1735843)
    - s390: fix transactional execution control register handling
    - s390/noexec: execute kexec datamover without DAT
    - s390/runtime instrumention: fix possible memory corruption
    - s390/guarded storage: fix possible memory corruption
    - s390/disassembler: add missing end marker for e7 table
    - s390/disassembler: increase show_code buffer size
    - ACPI / PM: Fix acpi_pm_notifier_lock vs flush_workqueue() deadlock
    - ACPI / EC: Fix regression related to triggering source of EC event handling
    - cpufreq: schedutil: Reset cached_raw_freq when not in sync with next_freq
    - serdev: fix registration of second slave
    - sched: Make resched_cpu() unconditional
    - lib/mpi: call cond_resched() from mpi_powm() loop
    - x86/boot: Fix boot failure when SMP MP-table is based at 0
    - x86/decoder: Add new TEST instruction pattern
    - x86/entry/64: Fix entry_SYSCALL_64_after_hwframe() IRQ tracing
    - x86/entry/64: Add missing irqflags tracing to native_load_gs_index()
    - perf/x86/intel: Hide TSX events when RTM is not supported
    - arm64: Implement arch-specific pte_access_permitted()
    - ARM: 8722/1: mm: make STRICT_KERNEL_RWX effective for LPAE
    - ARM: 8721/1: mm: dump: check hardware RO bit for LPAE
    - uapi: fix linux/tls.h userspace compilation error
    - uapi: fix linux/rxrpc.h userspace compilation errors
    - MIPS: cmpxchg64() and HAVE_VIRT_CPU_ACCOUNTING_GEN don't work for 32-bit SMP
    - MIPS: ralink: Fix MT7628 pinmux
    - MIPS: ralink: Fix typo in mt7628 pinmux function
    - net: mvneta: fix handling of the Tx descriptor counter
    - nbd: wait uninterruptible for the dead timeout
    - nbd: don't start req until after the dead connection logic
    - PM / OPP: Add missing of_node_put(np)
    - PCI/ASPM: Account for downstream device's Port Common_Mode_Restore_Time
    - PCI/ASPM: Use correct capability pointer to program LTR_L1.2_THRESHOLD
    - PCI: hv: Use effective affinity mask
    - PCI: Set Cavium ACS capability quirk flags to assert RR/CR/SV/UF
    - PCI: Apply Cavium ThunderX ACS quirk to more Root Ports
    - ALSA: hda: Add Raven PCI ID
    - dm integrity: allow unaligned bv_offset
    - dm cache: fix race condition in the writeback mode overwrite_bio
      optimisation
    - dm crypt: allow unaligned bv_offset
    - dm zoned: ignore last smaller runt zone
    - dm mpath: remove annoying message of 'blk_get_request() returned -11'
    - dm bufio: fix integer overflow when limiting maximum cache size
    - ovl: Put upperdentry if ovl_check_origin() fails
    - dm: allocate struct mapped_device with kvzalloc
    - sched/rt: Simplify the IPI based RT balancing logic
    - MIPS: pci: Remove KERN_WARN instance inside the mt7620 driver
    - dm: fix race between dm_get_from_kobject() and __dm_destroy()
    - dm: discard support requires all targets in a table support discards
    - MIPS: Fix odd fp register warnings with MIPS64r2
    - MIPS: Fix MIPS64 FP save/restore on 32-bit kernels
    - MIPS: dts: remove bogus bcm96358nb4ser.dtb from dtb-y entry
    - MIPS: Fix an n32 core file generation regset support regression
    - MIPS: BCM47XX: Fix LED inversion for WRT54GSv1
    - MIPS: math-emu: Fix final emulation phase for certain instructions
    - rt2x00usb: mark device removed when get ENOENT usb error
    - mm/z3fold.c: use kref to prevent page free/compact race
    - autofs: don't fail mount for transient error
    - nilfs2: fix race condition that causes file system corruption
    - fscrypt: lock mutex before checking for bounce page pool
    - eCryptfs: use after free in ecryptfs_release_messaging()
    - libceph: don't WARN() if user tries to add invalid key
    - bcache: check ca->alloc_thread initialized before wake up it
    - fs: guard_bio_eod() needs to consider partitions
    - fanotify: fix fsnotify_prepare_user_wait() failure
    - isofs: fix timestamps beyond 2027
    - btrfs: change how we decide to commit transactions during flushing
    - f2fs: expose some sectors to user in inline data or dentry case
    - NFS: Fix typo in nomigration mount option
    - NFS: Revert "NFS: Move the flock open mode check into nfs_flock()"
    - nfs: Fix ugly referral attributes
    - NFS: Avoid RCU usage in tracepoints
    - NFS: revalidate "." etc correctly on "open".
    - nfsd: deal with revoked delegations appropriately
    - rtlwifi: rtl8192ee: Fix memory leak when loading firmware
    - rtlwifi: fix uninitialized rtlhal->last_suspend_sec time
    - iwlwifi: fix firmware names for 9000 and A000 series hw
    - md: fix deadlock error in recent patch.
    - md: don't check MD_SB_CHANGE_CLEAN in md_allow_write
    - Bluetooth: btqcomsmd: Add support for BD address setup
    - md/bitmap: revert a patch
    - fsnotify: clean up fsnotify_prepare/finish_user_wait()
    - fsnotify: pin both inode and vfsmount mark
    - fsnotify: fix pinning group in fsnotify_prepare_user_wait()
    - ata: fixes kernel crash while tracing ata_eh_link_autopsy event
    - ext4: fix interaction between i_size, fallocate, and delalloc after a crash
    - ext4: prevent data corruption with inline data + DAX
    - ext4: prevent data corruption with journaling + DAX
    - ALSA: pcm: update tstamp only if audio_tstamp changed
    - ALSA: usb-audio: Add sanity checks to FE parser
    - ALSA: usb-audio: Fix potential out-of-bound access at parsing SU
    - ALSA: usb-audio: Add sanity checks in v2 clock parsers
    - ALSA: timer: Remove kernel warning at compat ioctl error paths
    - ALSA: hda/realtek - Fix ALC275 no sound issue
    - ALSA: hda: Fix too short HDMI/DP chmap reporting
    - ALSA: hda - Fix yet remaining issue with vmaster 0dB initialization
    - ALSA: hda/realtek - Fix ALC700 family no sound issue
    - ASoC: sun8i-codec: Invert Master / Slave condition
    - ASoC: sun8i-codec: Fix left and right channels inversion
    - ASoC: sun8i-codec: Set the BCLK divider
    - mfd: lpc_ich: Avoton/Rangeley uses SPI_BYT method
    - fix a page leak in vhost_scsi_iov_to_sgl() error recovery
    - 9p: Fix missing commas in mount options
    - fs/9p: Compare qid.path in v9fs_test_inode
    - net/9p: Switch to wait_event_killable()
    - scsi: qla2xxx: Suppress a kernel complaint in qla_init_base_qpair()
    - scsi: sd_zbc: Fix sd_zbc_read_zoned_characteristics()
    - scsi: lpfc: fix pci hot plug crash in timer management routines
    - scsi: lpfc: fix pci hot plug crash in list_add call
    - scsi: lpfc: Fix crash receiving ELS while detaching driver
    - scsi: lpfc: Fix FCP hba_wqidx assignment
    - scsi: lpfc: Fix oops if nvmet_fc_register_targetport fails
    - iscsi-target: Make TASK_REASSIGN use proper se_cmd->cmd_kref
    - iscsi-target: Fix non-immediate TMR reference leak
    - target: fix null pointer regression in core_tmr_drain_tmr_list
    - target: fix buffer offset in core_scsi3_pri_read_full_status
    - target: Fix QUEUE_FULL + SCSI task attribute handling
    - target: Fix caw_sem leak in transport_generic_request_failure
    - target: Fix quiese during transport_write_pending_qf endless loop
    - target: Avoid early CMD_T_PRE_EXECUTE failures during ABORT_TASK
    - mtd: Avoid probe failures when mtd->dbg.dfs_dir is invalid
    - mtd: nand: Export nand_reset() symbol
    - mtd: nand: atmel: Actually use the PM ops
    - mtd: nand: omap2: Fix subpage write
    - mtd: nand: Fix writing mtdoops to nand flash.
    - mtd: nand: mtk: fix infinite ECC decode IRQ issue
    - mailbox: bcm-flexrm-mailbox: Fix FlexRM ring flush sequence
    - p54: don't unregister leds when they are not initialized
    - block: Fix a race between blk_cleanup_queue() and timeout handling
    - raid1: prevent freeze_array/wait_all_barriers deadlock
    - genirq: Track whether the trigger type has been set
    - irqchip/gic-v3: Fix ppi-partitions lookup
    - lockd: double unregister of inetaddr notifiers
    - KVM: PPC: Book3S HV: Don't call real-mode XICS hypercall handlers if not
      enabled
    - KVM: nVMX: set IDTR and GDTR limits when loading L1 host state
    - KVM: SVM: obey guest PAT
    - kvm: vmx: Reinstate support for CPUs without virtual NMI
    - dax: fix PMD faults on zero-length files
    - dax: fix general protection fault in dax_alloc_inode
    - SUNRPC: Fix tracepoint storage issues with svc_recv and svc_rqst_status
    - clk: ti: dra7-atl-clock: fix child-node lookups
    - libnvdimm, dimm: clear 'locked' status on successful DIMM enable
    - libnvdimm, pfn: make 'resource' attribute only readable by root
    - libnvdimm, namespace: fix label initialization to use valid seq numbers
    - libnvdimm, region : make 'resource' attribute only readable by root
    - libnvdimm, namespace: make 'resource' attribute only readable by root
    - svcrdma: Preserve CB send buffer across retransmits
    - IB/srpt: Do not accept invalid initiator port names
    - IB/cm: Fix memory corruption in handling CM request
    - IB/hfi1: Fix incorrect available receive user context count
    - IB/srp: Avoid that a cable pull can trigger a kernel crash
    - IB/core: Avoid crash on pkey enforcement failed in received MADs
    - IB/core: Only maintain real QPs in the security lists
    - NFC: fix device-allocation error return
    - spi-nor: intel-spi: Fix broken software sequencing codes
    - i40e: Use smp_rmb rather than read_barrier_depends
    - igb: Use smp_rmb rather than read_barrier_depends
    - igbvf: Use smp_rmb rather than read_barrier_depends
    - ixgbevf: Use smp_rmb rather than read_barrier_depends
    - i40evf: Use smp_rmb rather than read_barrier_depends
    - fm10k: Use smp_rmb rather than read_barrier_depends
    - ixgbe: Fix skb list corruption on Power systems
    - parisc: Fix validity check of pointer size argument in new CAS
      implementation
    - powerpc: Fix boot on BOOK3S_32 with CONFIG_STRICT_KERNEL_RWX
    - powerpc/mm/radix: Fix crashes on Power9 DD1 with radix MMU and STRICT_RWX
    - powerpc/perf/imc: Use cpu_to_node() not topology_physical_package_id()
    - powerpc/signal: Properly handle return value from uprobe_deny_signal()
    - powerpc/64s: Fix masking of SRR1 bits on instruction fault
    - powerpc/64s/radix: Fix 128TB-512TB virtual address boundary case allocation
    - powerpc/64s/hash: Fix 512T hint detection to use >= 128T
    - powerpc/64s/hash: Fix 128TB-512TB virtual address boundary case allocation
    - powerpc/64s/hash: Fix fork() with 512TB process address space
    - powerpc/64s/hash: Allow MAP_FIXED allocations to cross 128TB boundary
    - media: Don't do DMA on stack for firmware upload in the AS102 driver
    - media: rc: check for integer overflow
    - media: rc: nec decoder should not send both repeat and keycode
    - cx231xx-cards: fix NULL-deref on missing association descriptor
    - media: v4l2-ctrl: Fix flags field on Control events
    - media: venus: fix wrong size on dma_free
    - media: venus: venc: fix bytesused v4l2_plane field
    - media: venus: reimplement decoder stop command
    - ARM64: dts: meson-gxl: Add alternate ARM Trusted Firmware reserved memory
      zone
    - iwlwifi: fix wrong struct for a000 device
    - iwlwifi: add a new a000 device
    - iwlwifi: pcie: sort IDs for the 9000 series for easier comparisons
    - iwlwifi: add new cards for a000 series
    - iwlwifi: add new cards for 8265 series
    - iwlwifi: add new cards for 8260 series
    - iwlwifi: fix PCI IDs and configuration mapping for 9000 series
    - iwlwifi: mvm: support version 7 of the SCAN_REQ_UMAC FW command
    - e1000e: Fix error path in link detection
    - e1000e: Fix return value test
    - e1000e: Separate signaling for link check/link up
    - e1000e: Avoid receiver overrun interrupt bursts
    - e1000e: fix buffer overrun while the I219 is processing DMA transactions
    - Linux 4.14.3
  * Miscellaneous Ubuntu changes
    - SAUCE: s390/topology: don't inline cpu_to_node
    - SAUCE: (noup) Update spl to 0.7.3-1ubuntu1, zfs to 0.7.3-1ubuntu1

[ Ubuntu: 4.14.0-10.12 ]

* linux: 4.14.0-10.12 -proposed tracker (LP: #1734901)
  * Miscellaneous Ubuntu changes
    - SAUCE: Enable the ACPI kernel debugger and acpidbg tool
    - [Packaging] Include arch/arm64/kernel/ftrace-mod.o in headers package

[ Ubuntu: 4.14.0-9.11 ]

* linux: 4.14.0-9.11 -proposed tracker (LP: #1734728)
  * Miscellaneous Ubuntu changes
    - Revert "UBUNTU: SAUCE: (noup) Update spl to 0.7.3-1ubuntu1, zfs to
      0.7.3-1ubuntu1"

[ Ubuntu: 4.14.0-8.10 ]

* linux: 4.14.0-8.10 -proposed tracker (LP: #1734695)
  * Bionic update to v4.14.2 stable release (LP: #1734694)
    - bio: ensure __bio_clone_fast copies bi_partno
    - af_netlink: ensure that NLMSG_DONE never fails in dumps
    - vxlan: fix the issue that neigh proxy blocks all icmpv6 packets
    - net: cdc_ncm: GetNtbFormat endian fix
    - fealnx: Fix building error on MIPS
    - net/sctp: Always set scope_id in sctp_inet6_skb_msgname
    - ima: do not update security.ima if appraisal status is not INTEGRITY_PASS
    - serial: omap: Fix EFR write on RTS deassertion
    - serial: 8250_fintek: Fix finding base_port with activated SuperIO
    - tpm-dev-common: Reject too short writes
    - rcu: Fix up pending cbs check in rcu_prepare_for_idle
    - mm/pagewalk.c: report holes in hugetlb ranges
    - ocfs2: fix cluster hang after a node dies
    - ocfs2: should wait dio before inode lock in ocfs2_setattr()
    - ipmi: fix unsigned long underflow
    - mm/page_alloc.c: broken deferred calculation
    - mm/page_ext.c: check if page_ext is not prepared
    - coda: fix 'kernel memory exposure attempt' in fsync
    - ipmi: Prefer ACPI system interfaces over SMBIOS ones
    - Linux 4.14.2
  * Bionic update to v4.14.1 stable release (LP: #1734693)
    - EDAC, sb_edac: Don't create a second memory controller if HA1 is not present
    - dmaengine: dmatest: warn user when dma test times out
    - media: imon: Fix null-ptr-deref in imon_probe
    - media: dib0700: fix invalid dvb_detach argument
    - crypto: dh - Fix double free of ctx->p
    - crypto: dh - Don't permit 'p' to be 0
    - crypto: dh - Don't permit 'key' or 'g' size longer than 'p'
    - crypto: brcm - Explicity ACK mailbox message
    - USB: early: Use new USB product ID and strings for DbC device
    - USB: usbfs: compute urb->actual_length for isochronous
    - USB: Add delay-init quirk for Corsair K70 LUX keyboards
    - usb: gadget: f_fs: Fix use-after-free in ffs_free_inst
    - USB: serial: metro-usb: stop I/O after failed open
    - USB: serial: Change DbC debug device binding ID
    - USB: serial: qcserial: add pid/vid for Sierra Wireless EM7355 fw update
    - USB: serial: garmin_gps: fix I/O after failed probe and remove
    - USB: serial: garmin_gps: fix memory leak on probe errors
    - selftests/x86/protection_keys: Fix syscall NR redefinition warnings
    - x86/MCE/AMD: Always give panic severity for UC errors in kernel context
    - platform/x86: peaq-wmi: Add DMI check before binding to the WMI interface
    - platform/x86: peaq_wmi: Fix missing terminating entry for peaq_dmi_table
    - HID: cp2112: add HIDRAW dependency
    - HID: wacom: generic: Recognize WACOM_HID_WD_PEN as a type of pen collection
    - rpmsg: glink: Add missing MODULE_LICENSE
    - staging: wilc1000: Fix bssid buffer offset in Txq
    - staging: sm750fb: Fix parameter mistake in poke32
    - staging: ccree: fix 64 bit scatter/gather DMA ops
    - staging: greybus: spilib: fix use-after-free after deregistration
    - staging: rtl8188eu: Revert 4 commits breaking ARP
    - spi: fix use-after-free at controller deregistration
    - sparc32: Add cmpxchg64().
    - sparc64: mmu_context: Add missing include files
    - sparc64: Fix page table walk for PUD hugepages
    - Linux 4.14.1
  * Set PANIC_TIMEOUT=10 on Power Systems (LP: #1730660)
    - [Config]: Set PANIC_TIMEOUT=10 on ppc64el
  * enable CONFIG_SND_SOC_INTEL_BYT_CHT_NOCODEC_MACH easily confuse users
    (LP: #1732627)
    - [Config] CONFIG_SND_SOC_INTEL_BYT_CHT_NOCODEC_MACH=n
  * Miscellaneous Ubuntu changes
    - SAUCE: (noup) Update spl to 0.7.3-1ubuntu1, zfs to 0.7.3-1ubuntu1

[ Ubuntu: 4.14.0-7.9 ]

* Miscellaneous Ubuntu changes
    - SAUCE: apparmor: add base infastructure for socket mediation
    - SAUCE: apparmor: af_unix mediation
    - SAUCE: LSM stacking: procfs: add smack subdir to attrs
    - SAUCE: LSM stacking: LSM: manage credential security blobs
    - SAUCE: LSM stacking: LSM: Manage file security blobs
    - SAUCE: LSM stacking: LSM: manage task security blobs
    - SAUCE: LSM stacking: LSM: Infrastructure management of the remaining blobs
    - SAUCE: LSM stacking: LSM: general but not extreme module stacking
    - SAUCE: LSM stacking: LSM: Complete task_alloc hook
    - SAUCE: LSM stacking: fixup procsfs: add smack subdir to attrs
    - SAUCE: LSM stacking: fixup initialize task->security
    - SAUCE: LSM stacking: fixup: alloc_task_ctx is dead code
    - SAUCE: LSM stacking: add support for stacking getpeersec_stream
    - SAUCE: LSM stacking: add stacking support to apparmor network hooks
    - SAUCE: LSM stacking: fixup apparmor stacking enablement
    - SAUCE: LSM stacking: fixup stacking kconfig
    - SAUCE: LSM stacking: allow selecting multiple LSMs using kernel boot params
    - SAUCE: LSM stacking: provide prctl interface for setting context
    - SAUCE: LSM stacking: inherit current display LSM
    - SAUCE: LSM stacking: keep an index for each registered LSM
    - SAUCE: LSM stacking: verify display LSM
    - SAUCE: LSM stacking: provide a way to specify the default display lsm
    - SAUCE: LSM stacking: make sure LSM blob align on 64 bit boundaries
    - SAUCE: LSM stacking: add /proc/<pid>/attr/display_lsm
    - SAUCE: LSM stacking: add Kconfig to set default display LSM
    - SAUCE: LSM stacking: add configs for LSM stacking
    - SAUCE: LSM stacking: check for invalid zero sized writes
    - [Config] Run updateconfigs after merging LSM stacking
    - [Config] CONFIG_AMD_MEM_ENCRYPT=y
  * Rebase to v4.14

[ Ubuntu: 4.14.0-6.8 ]

* Miscellaneous Ubuntu changes
    - SAUCE: add workarounds to enable ZFS for 4.14
  * Rebase to v4.14-rc8

[ Ubuntu: 4.14.0-5.7 ]

* Miscellaneous Ubuntu changes
    - [Debian] Fix invocation of dh_prep for dbgsym packages

[ Ubuntu: 4.14.0-4.5 ]

* Miscellaneous Ubuntu changes
    - [Packaging] virtualbox -- reduce in kernel module versions
    - vbox-update: Fix up KERN_DIR definitions
    - ubuntu: vbox -- update to 5.2.0-dfsg-2
    - [Config] CONFIG_AMD_MEM_ENCRYPT=n
  * Rebase to v4.14-rc7

[ Ubuntu: 4.14.0-3.4 ]

* Touchpad and TrackPoint Dose Not Work on Lenovo X1C6 and X280 (LP: #1723986)
    - SAUCE: Input: synaptics-rmi4 - RMI4 can also use SMBUS version 3
    - SAUCE: Input: synaptics - Lenovo X1 Carbon 5 should use SMBUS/RMI
    - SAUCE: Input: synaptics - add Intertouch support on X1 Carbon 6th and X280
  * powerpc/64s: Add workaround for P9 vector CI load issuenext (LP: #1721070)
    - powerpc/64s: Add workaround for P9 vector CI load issue
  * Miscellaneous Ubuntu changes
    - SAUCE: staging: vboxvideo: Fix reporting invalid suggested-offset-properties
    - [Config] CONFIG_DRM_VBOXVIDEO=m
    - SAUCE: Import aufs driver
    - [Config] Enable aufs
    - [Config] Reorder annotations file after enabling aufs
    - vbox-update: Disable imported vboxvideo module
    - ubuntu: vbox -- update to 5.1.30-dfsg-1
    - Enable vbox
    - hio: Use correct sizes when initializing ssd_index_bits* arrays
    - hio: Update io stat accounting for 4.14
    - Enable hio
  * Rebase to v4.14-rc5
  * Rebase to v4.14-rc6

[ Ubuntu: 4.14.0-2.3 ]

* [Bug] USB controller failed to respond on Denverton after loading
    intel_th_pci module (LP: #1715833)
    - SAUCE: PCI: Disable broken RTIT_BAR of Intel TH
  * CONFIG_DEBUG_FS is not enabled by "make zfcpdump_defconfig" with Ubuntu
    17.10 (kernel 4.13) (LP: #1719290)
    - SAUCE: s390: update zfcpdump_defconfig
  * Add installer support for Broadcom BCM573xx network drivers. (LP: #1720466)
    - d-i: Add bnxt_en to nic-modules.
  * Miscellaneous Ubuntu changes
    - [Config] Update annotations for 4.14-rc2
  * Rebase to v4.14-rc3
  * Rebase to v4.14-rc4

[ Ubuntu: 4.14.0-1.2 ]

* [Bug] USB 3.1 Gen2 works as 5Gbps (LP: #1720045)
    - xhci: set missing SuperSpeedPlus Link Protocol bit in roothub descriptor
  * Please make linux-libc-dev Provide: aufs-dev (LP: #1716091)
    - [Packaging] Add aufs-dev to the Provides: for linux-libc-dev
  * Upgrade to 4.13.0-11.12 in artful amd64 VM breaks display on wayland
    (LP: #1718679)
    - [Config] CONFIG_DRM_VBOXVIDEO=n
  * ipmmu-vmsa driver breaks arm64 boots (LP: #1718734)
    - [Config] Disable CONFIG_IPMMU_VMSA on arm64
  * autopkgtest profile fails to build on armhf (LP: #1717920)
    - [Packaging] autopkgtest -- disable d-i when dropping flavours
  * Miscellaneous Ubuntu changes
    - [Config] CONFIG_I2C_XLP9XX=m
    - [Packaging] Use SRCPKGNAME rather than hard-coding the source package name
  * Rebase to v4.14-rc2

[ Ubuntu: 4.14.0-0.1 ]

* Miscellaneous Ubuntu changes
    - Disable vbox build
    - Disable hio build
    - Disable zfs build
  * Rebase to v4.14-rc1

-- Marcelo Henrique Cerri <marcelo.cerri@canonical.com>  Tue, 27 Feb 2018 09:47:24 -0300

Changed in linux-gcp (Ubuntu Bionic):
status:	Invalid → Fix Released

Stefan Bader (smb) on 2018-03-14

Changed in linux (Ubuntu Artful):
status:	Confirmed → Fix Committed

Revision history for this message

Stefan Bader (smb) wrote on 2018-03-19:

#9

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-artful' to 'verification-done-artful'. If the problem still exists, change the tag 'verification-needed-artful' to 'verification-failed-artful'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: verification-needed-artful

Revision history for this message

Launchpad Janitor (janitor) wrote on 2018-04-03:

#10

Download full text (18.9 KiB)

This bug was fixed in the package linux - 4.13.0-38.43

---------------
linux (4.13.0-38.43) artful; urgency=medium

* linux: 4.13.0-38.43 -proposed tracker (LP: #1755762)

  * Servers going OOM after updating kernel from 4.10 to 4.13 (LP: #1748408)
    - i40e: Fix memory leak related filter programming status
    - i40e: Add programming descriptors to cleaned_count

* [SRU] Lenovo E41 Mic mute hotkey is not responding (LP: #1753347)
- platform/x86: ideapad-laptop: Increase timeout to wait for EC answer

* fails to dump with latest kpti fixes (LP: #1750021)
- kdump: write correct address of mem_section into vmcoreinfo

  * headset mic can't be detected on two Dell machines (LP: #1748807)
    - ALSA: hda/realtek - Support headset mode for ALC215/ALC285/ALC289
    - ALSA: hda - Fix headset mic detection problem for two Dell machines
    - ALSA: hda - Fix a wrong FIXUP for alc289 on Dell machines

  * CIFS SMB2/SMB3 does not work for domain based DFS (LP: #1747572)
    - CIFS: make IPC a regular tcon
    - CIFS: use tcon_ipc instead of use_ipc parameter of SMB2_ioctl
    - CIFS: dump IPC tcon in debug proc file

* i2c-thunderx: erroneous error message "unhandled state: 0" (LP: #1754076)
- i2c: octeon: Prevent error message on bus error

* hisi_sas: Add disk LED support (LP: #1752695)
- scsi: hisi_sas: directly attached disk LED feature for v2 hw

  * EDAC, sb_edac: Backport 1 patch to Ubuntu 17.10 (Fix missing DIMM sysfs
    entries with KNL SNC2/SNC4 mode) (LP: #1743856)
    - EDAC, sb_edac: Fix missing DIMM sysfs entries with KNL SNC2/SNC4 mode

  * [regression] Colour banding and artefacts appear system-wide on an Asus
    Zenbook UX303LA with Intel HD 4400 graphics (LP: #1749420)
    - drm/edid: Add 6 bpc quirk for CPT panel in Asus UX303LA

* DVB Card with SAA7146 chipset not working (LP: #1742316)
- vmalloc: fix __GFP_HIGHMEM usage for vmalloc_32 on 32b systems

  * [Asus UX360UA] battery status in unity-panel is not changing when battery is
    being charged (LP: #1661876) // AC adapter status not detected on Asus
    ZenBook UX410UAK (LP: #1745032)
    - ACPI / battery: Add quirk for Asus UX360UA and UX410UAK

* ASUS UX305LA - Battery state not detected correctly (LP: #1482390)
- ACPI / battery: Add quirk for Asus GL502VSK and UX305LA

  * support thunderx2 vendor pmu events (LP: #1747523)
    - perf pmu: Extract function to get JSON alias map
    - perf pmu: Pass pmu as a parameter to get_cpuid_str()
    - perf tools arm64: Add support for get_cpuid_str function.
    - perf pmu: Add helper function is_pmu_core to detect PMU CORE devices
    - perf vendor events arm64: Add ThunderX2 implementation defined pmu core
      events
    - perf pmu: Add check for valid cpuid in perf_pmu__find_map()

* lpfc.ko module doesn't work (LP: #1746970)
- scsi: lpfc: Fix loop mode target discovery

  * Ubuntu 17.10 crashes on vmalloc.c (LP: #1739498)
    - powerpc/mm/book3s64: Make KERN_IO_START a variable
    - powerpc/mm/slb: Move comment next to the code it's referring to
    - powerpc/mm/hash64: Make vmalloc 56T on hash

* ethtool -p fails to light NIC LED on HiSilicon D05 systems (LP: #1748567)
- net...

This bug was fixed in the package linux - 4.13.0-38.43

---------------
linux (4.13.0-38.43) artful; urgency=medium

* linux: 4.13.0-38.43 -proposed tracker (LP: #1755762)

* Servers going OOM after updating kernel from 4.10 to 4.13 (LP: #1748408)
    - i40e: Fix memory leak related filter programming status
    - i40e: Add programming descriptors to cleaned_count

* [SRU] Lenovo E41 Mic mute hotkey is not responding (LP: #1753347)
    - platform/x86: ideapad-laptop: Increase timeout to wait for EC answer

* fails to dump with latest kpti fixes (LP: #1750021)
    - kdump: write correct address of mem_section into vmcoreinfo

* headset mic can't be detected on two Dell machines (LP: #1748807)
    - ALSA: hda/realtek - Support headset mode for ALC215/ALC285/ALC289
    - ALSA: hda - Fix headset mic detection problem for two Dell machines
    - ALSA: hda - Fix a wrong FIXUP for alc289 on Dell machines

* CIFS SMB2/SMB3 does not work for domain based DFS (LP: #1747572)
    - CIFS: make IPC a regular tcon
    - CIFS: use tcon_ipc instead of use_ipc parameter of SMB2_ioctl
    - CIFS: dump IPC tcon in debug proc file

* i2c-thunderx: erroneous error message "unhandled state: 0" (LP: #1754076)
    - i2c: octeon: Prevent error message on bus error

* hisi_sas: Add disk LED support (LP: #1752695)
    - scsi: hisi_sas: directly attached disk LED feature for v2 hw

* EDAC, sb_edac: Backport 1 patch to Ubuntu 17.10 (Fix missing DIMM sysfs
    entries with KNL SNC2/SNC4 mode) (LP: #1743856)
    - EDAC, sb_edac: Fix missing DIMM sysfs entries with KNL SNC2/SNC4 mode

* [regression] Colour banding and artefacts appear system-wide on an Asus
    Zenbook UX303LA with Intel HD 4400 graphics (LP: #1749420)
    - drm/edid: Add 6 bpc quirk for CPT panel in Asus UX303LA

* DVB Card with SAA7146 chipset not working (LP: #1742316)
    - vmalloc: fix __GFP_HIGHMEM usage for vmalloc_32 on 32b systems

* [Asus UX360UA] battery status in unity-panel is not changing when battery is
    being charged (LP: #1661876) // AC adapter status not detected on Asus
    ZenBook UX410UAK (LP: #1745032)
    - ACPI / battery: Add quirk for Asus UX360UA and UX410UAK

* ASUS UX305LA - Battery state not detected correctly (LP: #1482390)
    - ACPI / battery: Add quirk for Asus GL502VSK and UX305LA

* support thunderx2 vendor pmu events (LP: #1747523)
    - perf pmu: Extract function to get JSON alias map
    - perf pmu: Pass pmu as a parameter to get_cpuid_str()
    - perf tools arm64: Add support for get_cpuid_str function.
    - perf pmu: Add helper function is_pmu_core to detect PMU CORE devices
    - perf vendor events arm64: Add ThunderX2 implementation defined pmu core
      events
    - perf pmu: Add check for valid cpuid in perf_pmu__find_map()

* lpfc.ko module doesn't work (LP: #1746970)
    - scsi: lpfc: Fix loop mode target discovery

* Ubuntu 17.10 crashes on vmalloc.c (LP: #1739498)
    - powerpc/mm/book3s64: Make KERN_IO_START a variable
    - powerpc/mm/slb: Move comment next to the code it's referring to
    - powerpc/mm/hash64: Make vmalloc 56T on hash

* ethtool -p fails to light NIC LED on HiSilicon D05 systems (LP: #1748567)
    - net: hns: add ACPI mode support for ethtool -p

* CVE-2017-17807
    - KEYS: add missing permission check for request_key() destination

* [Artful SRU] Fix capsule update regression (LP: #1746019)
    - efi/capsule-loader: Reinstate virtual capsule mapping

* [Artful/Bionic] [Config] enable EDAC_GHES for ARM64 (LP: #1747746)
    - Ubuntu: [Config] enable EDAC_GHES for ARM64

* linux-tools: perf incorrectly linking libbfd (LP: #1748922)
    - SAUCE: tools -- add ability to disable libbfd
    - [Packaging] correct disablement of libbfd

* Cherry pick c96f5471ce7d for delayacct fix (LP: #1747769)
    - delayacct: Account blkio completion on the correct task

* Error in CPU frequency reporting when nominal and min pstates are same
    (cpufreq) (LP: #1746174)
    - cpufreq: powernv: Dont assume distinct pstate values for nominal and pmin

* retpoline abi files are empty on i386 (LP: #1751021)
    - [Packaging] retpoline-extract -- instantiate retpoline files for i386
    - [Packaging] final-checks -- sanity checking ABI contents
    - [Packaging] final-checks -- check for empty retpoline files

* [P9,Power NV][WSP][Ubuntu 1804] : "Kernel access of bad area " when grouping
    different pmu events using perf fuzzer . (perf:) (LP: #1746225)
    - powerpc/perf: Fix oops when grouping different pmu events

* bnx2x_attn_int_deasserted3:4323 MC assert! (LP: #1715519) //
    CVE-2018-1000026
    - net: create skb_gso_validate_mac_len()
    - bnx2x: disable GSO where gso_size is too big for hardware

* Ubuntu16.04.03: ISAv3 initialize MMU registers before setting partition
    table (LP: #1736145)
    - powerpc/64s: Initialize ISAv3 MMU registers before setting partition table

* powerpc/powernv: Flush console before platform error reboot (LP: #1735159)
    - powerpc/powernv: Flush console before platform error reboot

* Touchpad stops working after a few seconds in Lenovo ideapad 320
    (LP: #1732056)
    - pinctrl/amd: fix masking of GPIO interrupts

* [Artful][Wyse 3040] System hang when trying to enable an offlined CPU core
    (LP: #1736393)
    - SAUCE: drm/i915:Don't set chip specific data
    - SAUCE: drm/i915: make previous commit affects Wyse 3040 only

* ppc64el: Do not call ibm,os-term on panic (LP: #1736954)
    - powerpc: Do not call ppc_md.panic in fadump panic notifier

* Artful update to 4.13.16 stable release (LP: #1744213)
    - tcp_nv: fix division by zero in tcpnv_acked()
    - net: vrf: correct FRA_L3MDEV encode type
    - tcp: do not mangle skb->cb[] in tcp_make_synack()
    - net: systemport: Correct IPG length settings
    - netfilter/ipvs: clear ipvs_property flag when SKB net namespace changed
    - l2tp: don't use l2tp_tunnel_find() in l2tp_ip and l2tp_ip6
    - bonding: discard lowest hash bit for 802.3ad layer3+4
    - net: cdc_ether: fix divide by 0 on bad descriptors
    - net: qmi_wwan: fix divide by 0 on bad descriptors
    - qmi_wwan: Add missing skb_reset_mac_header-call
    - net: usb: asix: fill null-ptr-deref in asix_suspend
    - tcp: gso: avoid refcount_t warning from tcp_gso_segment()
    - tcp: fix tcp_fastretrans_alert warning
    - vlan: fix a use-after-free in vlan_device_event()
    - net/mlx5: Cancel health poll before sending panic teardown command
    - net/mlx5e: Set page to null in case dma mapping fails
    - af_netlink: ensure that NLMSG_DONE never fails in dumps
    - vxlan: fix the issue that neigh proxy blocks all icmpv6 packets
    - net: cdc_ncm: GetNtbFormat endian fix
    - fealnx: Fix building error on MIPS
    - net/sctp: Always set scope_id in sctp_inet6_skb_msgname
    - ima: do not update security.ima if appraisal status is not INTEGRITY_PASS
    - serial: omap: Fix EFR write on RTS deassertion
    - serial: 8250_fintek: Fix finding base_port with activated SuperIO
    - tpm-dev-common: Reject too short writes
    - rcu: Fix up pending cbs check in rcu_prepare_for_idle
    - ocfs2: fix cluster hang after a node dies
    - ocfs2: should wait dio before inode lock in ocfs2_setattr()
    - ipmi: fix unsigned long underflow
    - mm/page_alloc.c: broken deferred calculation
    - mm/page_ext.c: check if page_ext is not prepared
    - x86/cpu/amd: Derive L3 shared_cpu_map from cpu_llc_shared_mask
    - coda: fix 'kernel memory exposure attempt' in fsync
    - Linux 4.13.16

* Artful update to 4.13.15 stable release (LP: #1744212)
    - media: imon: Fix null-ptr-deref in imon_probe
    - media: dib0700: fix invalid dvb_detach argument
    - crypto: dh - Fix double free of ctx->p
    - crypto: dh - Don't permit 'p' to be 0
    - crypto: dh - Don't permit 'key' or 'g' size longer than 'p'
    - USB: early: Use new USB product ID and strings for DbC device
    - USB: usbfs: compute urb->actual_length for isochronous
    - USB: Add delay-init quirk for Corsair K70 LUX keyboards
    - usb: gadget: f_fs: Fix use-after-free in ffs_free_inst
    - USB: serial: metro-usb: stop I/O after failed open
    - USB: serial: Change DbC debug device binding ID
    - USB: serial: qcserial: add pid/vid for Sierra Wireless EM7355 fw update
    - USB: serial: garmin_gps: fix I/O after failed probe and remove
    - USB: serial: garmin_gps: fix memory leak on probe errors
    - x86/MCE/AMD: Always give panic severity for UC errors in kernel context
    - platform/x86: peaq-wmi: Add DMI check before binding to the WMI interface
    - platform/x86: peaq_wmi: Fix missing terminating entry for peaq_dmi_table
    - HID: cp2112: add HIDRAW dependency
    - HID: wacom: generic: Recognize WACOM_HID_WD_PEN as a type of pen collection
    - staging: wilc1000: Fix bssid buffer offset in Txq
    - staging: ccree: fix 64 bit scatter/gather DMA ops
    - staging: greybus: spilib: fix use-after-free after deregistration
    - staging: vboxvideo: Fix reporting invalid suggested-offset-properties
    - staging: rtl8188eu: Revert 4 commits breaking ARP
    - Linux 4.13.15

* time drifting on linux-hwe kernels (LP: #1744988)
    - x86/tsc: Future-proof native_calibrate_tsc()
    - x86/tsc: Fix erroneous TSC rate on Skylake Xeon
    - x86/tsc: Print tsc_khz, when it differs from cpu_khz

* Please backport vmd suspend/resume patches to 16.04 hwe (LP: #1745508)
    - PCI: vmd: Free up IRQs on suspend path

* CVE-2017-17448
    - netfilter: nfnetlink_cthelper: Add missing permission checks

* Dell XPS 13 9360 bluetooth (Atheros) won't connect after resume
    (LP: #1744712)
    - Bluetooth: btusb: Restore QCA Rome suspend/resume fix with a "rewritten"
      version

* [SRU] TrackPoint: middle button doesn't work on TrackPoint-compatible
    device. (LP: #1746002)
    - Input: trackpoint - force 3 buttons if 0 button is reported

* TB16 dock ethernet corrupts data with hw checksum silently failing
    (LP: #1729674)
    - r8152: disable RX aggregation on Dell TB16 dock

* [Artful] Realtek ALC225: 2 secs noise when a headset plugged in
    (LP: #1744058)
    - Revert "UBUNTU: SAUCE: ALSA: hda/realtek - Add support headset mode for DELL
      WYSE"
    - SAUCE: ALSA: hda/realtek - Add support headset mode for DELL WYSE
    - ALSA: hda/realtek - update ALC225 depop optimize

* [A] skb leak in vhost_net / tun / tap (LP: #1738975)
    - vhost: fix skb leak in handle_rx()
    - tap: free skb if flags error
    - tun: free skb in early errors

* Commit d9018976cdb6 missing in Kernels <4.14.x preventing lasting fix of
    Intel SPI bug on certain serial flash (LP: #1742696)
    - mfd: lpc_ich: Do not touch SPI-NOR write protection bit on Haswell/Broadwell
    - spi-nor: intel-spi: Fix broken software sequencing codes

* CVE-2018-5332
    - RDS: Heap OOB write in rds_message_alloc_sgs()

* [A] KVM Windows BSOD on 4.13.x (LP: #1738972)
    - KVM: x86: fix APIC page invalidation

* elantech touchpad of Lenovo L480/580 failed to detect hw_version
    (LP: #1733605)
    - Input: elantech - add new icbody type 15

* [SRU] External HDMI monitor failed to show screen on Lenovo X1 series
    (LP: #1738523)
    - SAUCE: drm/i915: Disable writing of TMDS_OE on Lenovo ThinkPad X1 series

* ubuntu/xr-usb-serial didn't get built in zesty and artful (LP: #1733281)
    - SAUCE: make sure ubuntu/xr-usb-serial builds for x86

* Disabling zfs does not always disable module checks for the zfs modules
    (LP: #1737176)
    - [Packaging] disable zfs module checks when zfs is disabled

* CVE-2017-17806
    - crypto: hmac - require that the underlying hash algorithm is unkeyed

* CVE-2017-17805
    - crypto: salsa20 - fix blkcipher_walk API usage

* CVE-2017-16994
    - mm/pagewalk.c: report holes in hugetlb ranges

* CVE-2017-17450
    - netfilter: xt_osf: Add missing permission checks

* apparmor profile load in stacked policy container fails (LP: #1746463)
    - SAUCE: apparmor: fix display of .ns_name for containers

* CVE-2017-15129
    - net: Fix double free and memory corruption in get_net_ns_by_id()

* CVE-2018-5344
    - loop: fix concurrent lo_open/lo_release

* CVE-2017-1000407
    - KVM: VMX: remove I/O port 0x80 bypass on Intel hosts

* CVE-2017-0861
    - ALSA: pcm: prevent UAF in snd_pcm_info

* perf stat segfaults on uncore events w/o -a (LP: #1745246)
    - perf xyarray: Save max_x, max_y
    - perf evsel: Fix buffer overflow while freeing events

* Support cppc-cpufreq driver on ThunderX2 systems (LP: #1745007)
    - mailbox: PCC: Move the MAX_PCC_SUBSPACES definition to header file
    - ACPI / CPPC: Make CPPC ACPI driver aware of PCC subspace IDs
    - ACPI / CPPC: Fix KASAN global out of bounds warning
    - ACPI: CPPC: remove initial assignment of pcc_ss_data

* P-state not working in kernel 4.13 (LP: #1743269)
    - x86 / CPU: Avoid unnecessary IPIs in arch_freq_get_on_cpu()
    - x86 / CPU: Always show current CPU frequency in /proc/cpuinfo

* Regression: KVM no longer supports Intel CPUs without Virtual NMI
    (LP: #1741655)
    - kvm: vmx: Reinstate support for CPUs without virtual NMI

* System hang with Linux kernel due to mainline commit 24247aeeabe
    (LP: #1733662)
    - x86/intel_rdt/cqm: Prevent use after free

* $(LOCAL_ENV_CC) and $(LOCAL_ENV_DISTCC_HOSTS) should be properly quoted
    (LP: #1744077)
    - [Debian] pass LOCAL_ENV_CC and LOCAL_ENV_DISTCC_HOSTS properly

* the wifi driver is always hard blocked on a lenovo laptop (LP: #1743672)
    - ACPI: EC: Fix possible issues related to EC initialization order

* text VTs are unavailable on desktop after upgrade to Ubuntu 17.10
    (LP: #1724911)
    - drm/i915/fbdev: Always forward hotplug events

* Samsung SSD 960 EVO 500GB refused to change power state (LP: #1705748)
    - nvme-pci: disable APST on Samsung SSD 960 EVO + ASUS PRIME B350M-A

* [0cf3:e010] QCA6174A XR failed to pair with bt 4.0 device  (LP: #1741166)
    - Bluetooth: btusb: Add support for 0cf3:e010

* CVE-2017-17741
    - KVM: Fix stack-out-of-bounds read in write_mmio

* CVE-2018-5333
    - RDS: null pointer dereference in rds_atomic_free_op

* [800 G3 SFF] [800 G3 DM]External microphone of headset(3-ring) is working,
    2-ring mic not working, both not shown in sound settings  (LP: #1740974)
    - ALSA: hda - Add MIC_NO_PRESENCE fixup for 2 HP machines

* Two front mics can't work on a lenovo machine (LP: #1740973)
    - ALSA: hda - change the location for one mic on a Lenovo machine

* No external microphone be detected via headset jack on a dell machine
    (LP: #1740972)
    - ALSA: hda - fix headset mic detection issue on a Dell machine

*  Can't detect external headset via line-out jack on some Dell machines
    (LP: #1740971)
    - ALSA: hda/realtek - Fix Dell AIO LineOut issue

* Support realtek new codec alc257 in the alsa hda driver  (LP: #1738911)
    - ALSA: hda/realtek - New codec support for ALC257

* Add support for 16g huge pages on Ubuntu 16.04.2 PowerNV (LP: #1706247)
    - powerpc/mm/hugetlb: Allow runtime allocation of 16G.
    - powerpc/mm/hugetlb: Add support for reserving gigantic huge pages via kernel
      command line
    - mm/hugetlb: Allow arch to override and call the weak function

* the kernel is blackholing IPv6 packets to linkdown nexthops (LP: #1738219)
    - ipv6: Do not consider linkdown nexthops during multipath

* e1000e in 4.4.0-97-generic breaks 82574L under heavy load. (LP: #1730550)
    - e1000e: Avoid receiver overrun interrupt bursts
    - e1000e: Separate signaling for link check/link up

* Ubuntu 17.10: Include patch "crypto: vmx - Use skcipher for ctr fallback"
    (LP: #1732978)
    - crypto: vmx - Use skcipher for ctr fallback

* QCA Rome bluetooth can not wakeup after USB runtime suspended.
    (LP: #1737890)
    - Bluetooth: btusb: driver to enable the usb-wakeup feature

* /dev/bcache/by-uuid links not created after reboot (LP: #1729145)
    - SAUCE: (no-up) bcache: decouple emitting a cached_dev CHANGE uevent

* Some VMs fail to reboot with "watchdog: BUG: soft lockup - CPU#0 stuck for
    22s! [systemd:1]" (LP: #1730717)
    - SAUCE: exec: fix lockup because retry loop may never exit

* Request to backport cxlflash patches to 16.04 HWE Kernel (LP: #1730515)
    - scsi: cxlflash: Use derived maximum write same length
    - scsi: cxlflash: Allow cards without WWPN VPD to configure
    - scsi: cxlflash: Derive pid through accessors

* vagrant artful64 box filesystem too small (LP: #1726818)
    - block: factor out __blkdev_issue_zero_pages()
    - block: cope with WRITE ZEROES failing in blkdev_issue_zeroout()

* Artful update to 4.13.14 stable release (LP: #1744121)
    - ppp: fix race in ppp device destruction
    - gso: fix payload length when gso_size is zero
    - ipv4: Fix traffic triggered IPsec connections.
    - ipv6: Fix traffic triggered IPsec connections.
    - netlink: do not set cb_running if dump's start() errs
    - net: call cgroup_sk_alloc() earlier in sk_clone_lock()
    - macsec: fix memory leaks when skb_to_sgvec fails
    - l2tp: check ps->sock before running pppol2tp_session_ioctl()
    - netlink: fix netlink_ack() extack race
    - sctp: add the missing sock_owned_by_user check in sctp_icmp_redirect
    - tcp/dccp: fix ireq->opt races
    - packet: avoid panic in packet_getsockopt()
    - geneve: Fix function matching VNI and tunnel ID on big-endian
    - net: bridge: fix returning of vlan range op errors
    - soreuseport: fix initialization race
    - ipv6: flowlabel: do not leave opt->tot_len with garbage
    - sctp: full support for ipv6 ip_nonlocal_bind & IP_FREEBIND
    - tcp/dccp: fix lockdep splat in inet_csk_route_req()
    - tcp/dccp: fix other lockdep splats accessing ireq_opt
    - net: dsa: check master device before put
    - net/unix: don't show information about sockets from other namespaces
    - tap: double-free in error path in tap_open()
    - net/mlx5: Fix health work queue spin lock to IRQ safe
    - net/mlx5e: Properly deal with encap flows add/del under neigh update
    - ipip: only increase err_count for some certain type icmp in ipip_err
    - ip6_gre: only increase err_count for some certain type icmpv6 in ip6gre_err
    - ip6_gre: update dst pmtu if dev mtu has been updated by toobig in
      __gre6_xmit
    - tcp: refresh tp timestamp before tcp_mtu_probe()
    - tap: reference to KVA of an unloaded module causes kernel panic
    - sctp: reset owner sk for data chunks on out queues when migrating a sock
    - net_sched: avoid matching qdisc with zero handle
    - l2tp: hold tunnel in pppol2tp_connect()
    - ipv6: addrconf: increment ifp refcount before ipv6_del_addr()
    - tcp: fix tcp_mtu_probe() vs highest_sack
    - mac80211: accept key reinstall without changing anything
    - mac80211: use constant time comparison with keys
    - mac80211: don't compare TKIP TX MIC key in reinstall prevention
    - usb: usbtest: fix NULL pointer dereference
    - Input: ims-psu - check if CDC union descriptor is sane
    - EDAC, sb_edac: Don't create a second memory controller if HA1 is not present
    - dmaengine: dmatest: warn user when dma test times out
    - Linux 4.13.14

-- Stefan Bader <stefan.bader@canonical.com>  Wed, 14 Mar 2018 11:38:23 +0100

Changed in linux (Ubuntu Artful):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2018-04-03:

#11

Download full text (27.2 KiB)

This bug was fixed in the package linux-gcp - 4.13.0-1012.16

---------------
linux-gcp (4.13.0-1012.16) xenial; urgency=medium

* linux-gcp: 4.13.0-1012.16 -proposed tracker (LP: #1755771)

[ Ubuntu: 4.13.0-38.43 ]

  * linux: 4.13.0-38.43 -proposed tracker (LP: #1755762)
  * Servers going OOM after updating kernel from 4.10 to 4.13 (LP: #1748408)
    - i40e: Fix memory leak related filter programming status
    - i40e: Add programming descriptors to cleaned_count
  * [SRU] Lenovo E41 Mic mute hotkey is not responding (LP: #1753347)
    - platform/x86: ideapad-laptop: Increase timeout to wait for EC answer
  * fails to dump with latest kpti fixes (LP: #1750021)
    - kdump: write correct address of mem_section into vmcoreinfo
  * headset mic can't be detected on two Dell machines (LP: #1748807)
    - ALSA: hda/realtek - Support headset mode for ALC215/ALC285/ALC289
    - ALSA: hda - Fix headset mic detection problem for two Dell machines
    - ALSA: hda - Fix a wrong FIXUP for alc289 on Dell machines
  * CIFS SMB2/SMB3 does not work for domain based DFS (LP: #1747572)
    - CIFS: make IPC a regular tcon
    - CIFS: use tcon_ipc instead of use_ipc parameter of SMB2_ioctl
    - CIFS: dump IPC tcon in debug proc file
  * i2c-thunderx: erroneous error message "unhandled state: 0" (LP: #1754076)
    - i2c: octeon: Prevent error message on bus error
  * hisi_sas: Add disk LED support (LP: #1752695)
    - scsi: hisi_sas: directly attached disk LED feature for v2 hw
  * EDAC, sb_edac: Backport 1 patch to Ubuntu 17.10 (Fix missing DIMM sysfs
    entries with KNL SNC2/SNC4 mode) (LP: #1743856)
    - EDAC, sb_edac: Fix missing DIMM sysfs entries with KNL SNC2/SNC4 mode
  * [regression] Colour banding and artefacts appear system-wide on an Asus
    Zenbook UX303LA with Intel HD 4400 graphics (LP: #1749420)
    - drm/edid: Add 6 bpc quirk for CPT panel in Asus UX303LA
  * DVB Card with SAA7146 chipset not working (LP: #1742316)
    - vmalloc: fix __GFP_HIGHMEM usage for vmalloc_32 on 32b systems
  * [Asus UX360UA] battery status in unity-panel is not changing when battery is
    being charged (LP: #1661876) // AC adapter status not detected on Asus
    ZenBook UX410UAK (LP: #1745032)
    - ACPI / battery: Add quirk for Asus UX360UA and UX410UAK
  * ASUS UX305LA - Battery state not detected correctly (LP: #1482390)
    - ACPI / battery: Add quirk for Asus GL502VSK and UX305LA
  * support thunderx2 vendor pmu events (LP: #1747523)
    - perf pmu: Extract function to get JSON alias map
    - perf pmu: Pass pmu as a parameter to get_cpuid_str()
    - perf tools arm64: Add support for get_cpuid_str function.
    - perf pmu: Add helper function is_pmu_core to detect PMU CORE devices
    - perf vendor events arm64: Add ThunderX2 implementation defined pmu core
      events
    - perf pmu: Add check for valid cpuid in perf_pmu__find_map()
  * lpfc.ko module doesn't work (LP: #1746970)
    - scsi: lpfc: Fix loop mode target discovery
  * Ubuntu 17.10 crashes on vmalloc.c (LP: #1739498)
    - powerpc/mm/book3s64: Make KERN_IO_START a variable
    - powerpc/mm/slb: Move comment next to the code it's referring to
    - powerpc/mm/hash64: Make vmalloc 56T on hash...

This bug was fixed in the package linux-gcp - 4.13.0-1012.16

---------------
linux-gcp (4.13.0-1012.16) xenial; urgency=medium

* linux-gcp: 4.13.0-1012.16 -proposed tracker (LP: #1755771)

[ Ubuntu: 4.13.0-38.43 ]

* linux: 4.13.0-38.43 -proposed tracker (LP: #1755762)
  * Servers going OOM after updating kernel from 4.10 to 4.13 (LP: #1748408)
    - i40e: Fix memory leak related filter programming status
    - i40e: Add programming descriptors to cleaned_count
  * [SRU] Lenovo E41 Mic mute hotkey is not responding (LP: #1753347)
    - platform/x86: ideapad-laptop: Increase timeout to wait for EC answer
  * fails to dump with latest kpti fixes (LP: #1750021)
    - kdump: write correct address of mem_section into vmcoreinfo
  * headset mic can't be detected on two Dell machines (LP: #1748807)
    - ALSA: hda/realtek - Support headset mode for ALC215/ALC285/ALC289
    - ALSA: hda - Fix headset mic detection problem for two Dell machines
    - ALSA: hda - Fix a wrong FIXUP for alc289 on Dell machines
  * CIFS SMB2/SMB3 does not work for domain based DFS (LP: #1747572)
    - CIFS: make IPC a regular tcon
    - CIFS: use tcon_ipc instead of use_ipc parameter of SMB2_ioctl
    - CIFS: dump IPC tcon in debug proc file
  * i2c-thunderx: erroneous error message "unhandled state: 0" (LP: #1754076)
    - i2c: octeon: Prevent error message on bus error
  * hisi_sas: Add disk LED support (LP: #1752695)
    - scsi: hisi_sas: directly attached disk LED feature for v2 hw
  * EDAC, sb_edac: Backport 1 patch to Ubuntu 17.10 (Fix missing DIMM sysfs
    entries with KNL SNC2/SNC4 mode) (LP: #1743856)
    - EDAC, sb_edac: Fix missing DIMM sysfs entries with KNL SNC2/SNC4 mode
  * [regression] Colour banding and artefacts appear system-wide on an Asus
    Zenbook UX303LA with Intel HD 4400 graphics (LP: #1749420)
    - drm/edid: Add 6 bpc quirk for CPT panel in Asus UX303LA
  * DVB Card with SAA7146 chipset not working (LP: #1742316)
    - vmalloc: fix __GFP_HIGHMEM usage for vmalloc_32 on 32b systems
  * [Asus UX360UA] battery status in unity-panel is not changing when battery is
    being charged (LP: #1661876) // AC adapter status not detected on Asus
    ZenBook UX410UAK (LP: #1745032)
    - ACPI / battery: Add quirk for Asus UX360UA and UX410UAK
  * ASUS UX305LA - Battery state not detected correctly (LP: #1482390)
    - ACPI / battery: Add quirk for Asus GL502VSK and UX305LA
  * support thunderx2 vendor pmu events (LP: #1747523)
    - perf pmu: Extract function to get JSON alias map
    - perf pmu: Pass pmu as a parameter to get_cpuid_str()
    - perf tools arm64: Add support for get_cpuid_str function.
    - perf pmu: Add helper function is_pmu_core to detect PMU CORE devices
    - perf vendor events arm64: Add ThunderX2 implementation defined pmu core
      events
    - perf pmu: Add check for valid cpuid in perf_pmu__find_map()
  * lpfc.ko module doesn't work (LP: #1746970)
    - scsi: lpfc: Fix loop mode target discovery
  * Ubuntu 17.10 crashes on vmalloc.c (LP: #1739498)
    - powerpc/mm/book3s64: Make KERN_IO_START a variable
    - powerpc/mm/slb: Move comment next to the code it's referring to
    - powerpc/mm/hash64: Make vmalloc 56T on hash
  * ethtool -p fails to light NIC LED on HiSilicon D05 systems (LP: #1748567)
    - net: hns: add ACPI mode support for ethtool -p
  * CVE-2017-17807
    - KEYS: add missing permission check for request_key() destination
  * [Artful SRU] Fix capsule update regression (LP: #1746019)
    - efi/capsule-loader: Reinstate virtual capsule mapping
  * [Artful/Bionic] [Config] enable EDAC_GHES for ARM64 (LP: #1747746)
    - Ubuntu: [Config] enable EDAC_GHES for ARM64
  * linux-tools: perf incorrectly linking libbfd (LP: #1748922)
    - SAUCE: tools -- add ability to disable libbfd
    - [Packaging] correct disablement of libbfd
  * Cherry pick c96f5471ce7d for delayacct fix (LP: #1747769)
    - delayacct: Account blkio completion on the correct task
  * Error in CPU frequency reporting when nominal and min pstates are same
    (cpufreq) (LP: #1746174)
    - cpufreq: powernv: Dont assume distinct pstate values for nominal and pmin
  * retpoline abi files are empty on i386 (LP: #1751021)
    - [Packaging] retpoline-extract -- instantiate retpoline files for i386
    - [Packaging] final-checks -- sanity checking ABI contents
    - [Packaging] final-checks -- check for empty retpoline files
  * [P9,Power NV][WSP][Ubuntu 1804] : "Kernel access of bad area " when grouping
    different pmu events using perf fuzzer . (perf:) (LP: #1746225)
    - powerpc/perf: Fix oops when grouping different pmu events
  * bnx2x_attn_int_deasserted3:4323 MC assert! (LP: #1715519) //
    CVE-2018-1000026
    - net: create skb_gso_validate_mac_len()
    - bnx2x: disable GSO where gso_size is too big for hardware
  * Ubuntu16.04.03: ISAv3 initialize MMU registers before setting partition
    table (LP: #1736145)
    - powerpc/64s: Initialize ISAv3 MMU registers before setting partition table
  * powerpc/powernv: Flush console before platform error reboot (LP: #1735159)
    - powerpc/powernv: Flush console before platform error reboot
  * Touchpad stops working after a few seconds in Lenovo ideapad 320
    (LP: #1732056)
    - pinctrl/amd: fix masking of GPIO interrupts
  * [Artful][Wyse 3040] System hang when trying to enable an offlined CPU core
    (LP: #1736393)
    - SAUCE: drm/i915:Don't set chip specific data
    - SAUCE: drm/i915: make previous commit affects Wyse 3040 only
  * ppc64el: Do not call ibm,os-term on panic (LP: #1736954)
    - powerpc: Do not call ppc_md.panic in fadump panic notifier
  * Artful update to 4.13.16 stable release (LP: #1744213)
    - tcp_nv: fix division by zero in tcpnv_acked()
    - net: vrf: correct FRA_L3MDEV encode type
    - tcp: do not mangle skb->cb[] in tcp_make_synack()
    - net: systemport: Correct IPG length settings
    - netfilter/ipvs: clear ipvs_property flag when SKB net namespace changed
    - l2tp: don't use l2tp_tunnel_find() in l2tp_ip and l2tp_ip6
    - bonding: discard lowest hash bit for 802.3ad layer3+4
    - net: cdc_ether: fix divide by 0 on bad descriptors
    - net: qmi_wwan: fix divide by 0 on bad descriptors
    - qmi_wwan: Add missing skb_reset_mac_header-call
    - net: usb: asix: fill null-ptr-deref in asix_suspend
    - tcp: gso: avoid refcount_t warning from tcp_gso_segment()
    - tcp: fix tcp_fastretrans_alert warning
    - vlan: fix a use-after-free in vlan_device_event()
    - net/mlx5: Cancel health poll before sending panic teardown command
    - net/mlx5e: Set page to null in case dma mapping fails
    - af_netlink: ensure that NLMSG_DONE never fails in dumps
    - vxlan: fix the issue that neigh proxy blocks all icmpv6 packets
    - net: cdc_ncm: GetNtbFormat endian fix
    - fealnx: Fix building error on MIPS
    - net/sctp: Always set scope_id in sctp_inet6_skb_msgname
    - ima: do not update security.ima if appraisal status is not INTEGRITY_PASS
    - serial: omap: Fix EFR write on RTS deassertion
    - serial: 8250_fintek: Fix finding base_port with activated SuperIO
    - tpm-dev-common: Reject too short writes
    - rcu: Fix up pending cbs check in rcu_prepare_for_idle
    - ocfs2: fix cluster hang after a node dies
    - ocfs2: should wait dio before inode lock in ocfs2_setattr()
    - ipmi: fix unsigned long underflow
    - mm/page_alloc.c: broken deferred calculation
    - mm/page_ext.c: check if page_ext is not prepared
    - x86/cpu/amd: Derive L3 shared_cpu_map from cpu_llc_shared_mask
    - coda: fix 'kernel memory exposure attempt' in fsync
    - Linux 4.13.16
  * Artful update to 4.13.15 stable release (LP: #1744212)
    - media: imon: Fix null-ptr-deref in imon_probe
    - media: dib0700: fix invalid dvb_detach argument
    - crypto: dh - Fix double free of ctx->p
    - crypto: dh - Don't permit 'p' to be 0
    - crypto: dh - Don't permit 'key' or 'g' size longer than 'p'
    - USB: early: Use new USB product ID and strings for DbC device
    - USB: usbfs: compute urb->actual_length for isochronous
    - USB: Add delay-init quirk for Corsair K70 LUX keyboards
    - usb: gadget: f_fs: Fix use-after-free in ffs_free_inst
    - USB: serial: metro-usb: stop I/O after failed open
    - USB: serial: Change DbC debug device binding ID
    - USB: serial: qcserial: add pid/vid for Sierra Wireless EM7355 fw update
    - USB: serial: garmin_gps: fix I/O after failed probe and remove
    - USB: serial: garmin_gps: fix memory leak on probe errors
    - x86/MCE/AMD: Always give panic severity for UC errors in kernel context
    - platform/x86: peaq-wmi: Add DMI check before binding to the WMI interface
    - platform/x86: peaq_wmi: Fix missing terminating entry for peaq_dmi_table
    - HID: cp2112: add HIDRAW dependency
    - HID: wacom: generic: Recognize WACOM_HID_WD_PEN as a type of pen collection
    - staging: wilc1000: Fix bssid buffer offset in Txq
    - staging: ccree: fix 64 bit scatter/gather DMA ops
    - staging: greybus: spilib: fix use-after-free after deregistration
    - staging: vboxvideo: Fix reporting invalid suggested-offset-properties
    - staging: rtl8188eu: Revert 4 commits breaking ARP
    - Linux 4.13.15
  * time drifting on linux-hwe kernels (LP: #1744988)
    - x86/tsc: Future-proof native_calibrate_tsc()
    - x86/tsc: Fix erroneous TSC rate on Skylake Xeon
    - x86/tsc: Print tsc_khz, when it differs from cpu_khz
  * Please backport vmd suspend/resume patches to 16.04 hwe (LP: #1745508)
    - PCI: vmd: Free up IRQs on suspend path
  * CVE-2017-17448
    - netfilter: nfnetlink_cthelper: Add missing permission checks
  * Dell XPS 13 9360 bluetooth (Atheros) won't connect after resume
    (LP: #1744712)
    - Bluetooth: btusb: Restore QCA Rome suspend/resume fix with a "rewritten"
      version
  * [SRU] TrackPoint: middle button doesn't work on TrackPoint-compatible
    device. (LP: #1746002)
    - Input: trackpoint - force 3 buttons if 0 button is reported
  * TB16 dock ethernet corrupts data with hw checksum silently failing
    (LP: #1729674)
    - r8152: disable RX aggregation on Dell TB16 dock
  * [Artful] Realtek ALC225: 2 secs noise when a headset plugged in
    (LP: #1744058)
    - Revert "UBUNTU: SAUCE: ALSA: hda/realtek - Add support headset mode for DELL
      WYSE"
    - SAUCE: ALSA: hda/realtek - Add support headset mode for DELL WYSE
    - ALSA: hda/realtek - update ALC225 depop optimize
  * [A] skb leak in vhost_net / tun / tap (LP: #1738975)
    - vhost: fix skb leak in handle_rx()
    - tap: free skb if flags error
    - tun: free skb in early errors
  * Commit d9018976cdb6 missing in Kernels <4.14.x preventing lasting fix of
    Intel SPI bug on certain serial flash (LP: #1742696)
    - mfd: lpc_ich: Do not touch SPI-NOR write protection bit on Haswell/Broadwell
    - spi-nor: intel-spi: Fix broken software sequencing codes
  * CVE-2018-5332
    - RDS: Heap OOB write in rds_message_alloc_sgs()
  * [A] KVM Windows BSOD on 4.13.x (LP: #1738972)
    - KVM: x86: fix APIC page invalidation
  * elantech touchpad of Lenovo L480/580 failed to detect hw_version
    (LP: #1733605)
    - Input: elantech - add new icbody type 15
  * [SRU] External HDMI monitor failed to show screen on Lenovo X1 series
    (LP: #1738523)
    - SAUCE: drm/i915: Disable writing of TMDS_OE on Lenovo ThinkPad X1 series
  * ubuntu/xr-usb-serial didn't get built in zesty and artful (LP: #1733281)
    - SAUCE: make sure ubuntu/xr-usb-serial builds for x86
  * Disabling zfs does not always disable module checks for the zfs modules
    (LP: #1737176)
    - [Packaging] disable zfs module checks when zfs is disabled
  * CVE-2017-17806
    - crypto: hmac - require that the underlying hash algorithm is unkeyed
  * CVE-2017-17805
    - crypto: salsa20 - fix blkcipher_walk API usage
  * CVE-2017-16994
    - mm/pagewalk.c: report holes in hugetlb ranges
  * CVE-2017-17450
    - netfilter: xt_osf: Add missing permission checks
  * apparmor profile load in stacked policy container fails (LP: #1746463)
    - SAUCE: apparmor: fix display of .ns_name for containers
  * CVE-2017-15129
    - net: Fix double free and memory corruption in get_net_ns_by_id()
  * CVE-2018-5344
    - loop: fix concurrent lo_open/lo_release
  * CVE-2017-1000407
    - KVM: VMX: remove I/O port 0x80 bypass on Intel hosts
  * CVE-2017-0861
    - ALSA: pcm: prevent UAF in snd_pcm_info
  * perf stat segfaults on uncore events w/o -a (LP: #1745246)
    - perf xyarray: Save max_x, max_y
    - perf evsel: Fix buffer overflow while freeing events
  * Support cppc-cpufreq driver on ThunderX2 systems (LP: #1745007)
    - mailbox: PCC: Move the MAX_PCC_SUBSPACES definition to header file
    - ACPI / CPPC: Make CPPC ACPI driver aware of PCC subspace IDs
    - ACPI / CPPC: Fix KASAN global out of bounds warning
    - ACPI: CPPC: remove initial assignment of pcc_ss_data
  * P-state not working in kernel 4.13 (LP: #1743269)
    - x86 / CPU: Avoid unnecessary IPIs in arch_freq_get_on_cpu()
    - x86 / CPU: Always show current CPU frequency in /proc/cpuinfo
  * Regression: KVM no longer supports Intel CPUs without Virtual NMI
    (LP: #1741655)
    - kvm: vmx: Reinstate support for CPUs without virtual NMI
  * System hang with Linux kernel due to mainline commit 24247aeeabe
    (LP: #1733662)
    - x86/intel_rdt/cqm: Prevent use after free
  * $(LOCAL_ENV_CC) and $(LOCAL_ENV_DISTCC_HOSTS) should be properly quoted
    (LP: #1744077)
    - [Debian] pass LOCAL_ENV_CC and LOCAL_ENV_DISTCC_HOSTS properly
  * the wifi driver is always hard blocked on a lenovo laptop (LP: #1743672)
    - ACPI: EC: Fix possible issues related to EC initialization order
  * text VTs are unavailable on desktop after upgrade to Ubuntu 17.10
    (LP: #1724911)
    - drm/i915/fbdev: Always forward hotplug events
  * Samsung SSD 960 EVO 500GB refused to change power state (LP: #1705748)
    - nvme-pci: disable APST on Samsung SSD 960 EVO + ASUS PRIME B350M-A
  * [0cf3:e010] QCA6174A XR failed to pair with bt 4.0 device  (LP: #1741166)
    - Bluetooth: btusb: Add support for 0cf3:e010
  * CVE-2017-17741
    - KVM: Fix stack-out-of-bounds read in write_mmio
  * CVE-2018-5333
    - RDS: null pointer dereference in rds_atomic_free_op
  * [800 G3 SFF] [800 G3 DM]External microphone of headset(3-ring) is working,
    2-ring mic not working, both not shown in sound settings  (LP: #1740974)
    - ALSA: hda - Add MIC_NO_PRESENCE fixup for 2 HP machines
  * Two front mics can't work on a lenovo machine (LP: #1740973)
    - ALSA: hda - change the location for one mic on a Lenovo machine
  * No external microphone be detected via headset jack on a dell machine
    (LP: #1740972)
    - ALSA: hda - fix headset mic detection issue on a Dell machine
  *  Can't detect external headset via line-out jack on some Dell machines
    (LP: #1740971)
    - ALSA: hda/realtek - Fix Dell AIO LineOut issue
  * Support realtek new codec alc257 in the alsa hda driver  (LP: #1738911)
    - ALSA: hda/realtek - New codec support for ALC257
  * Add support for 16g huge pages on Ubuntu 16.04.2 PowerNV (LP: #1706247)
    - powerpc/mm/hugetlb: Allow runtime allocation of 16G.
    - powerpc/mm/hugetlb: Add support for reserving gigantic huge pages via kernel
      command line
    - mm/hugetlb: Allow arch to override and call the weak function
  * the kernel is blackholing IPv6 packets to linkdown nexthops (LP: #1738219)
    - ipv6: Do not consider linkdown nexthops during multipath
  * e1000e in 4.4.0-97-generic breaks 82574L under heavy load. (LP: #1730550)
    - e1000e: Avoid receiver overrun interrupt bursts
    - e1000e: Separate signaling for link check/link up
  * Ubuntu 17.10: Include patch "crypto: vmx - Use skcipher for ctr fallback"
    (LP: #1732978)
    - crypto: vmx - Use skcipher for ctr fallback
  * QCA Rome bluetooth can not wakeup after USB runtime suspended.
    (LP: #1737890)
    - Bluetooth: btusb: driver to enable the usb-wakeup feature
  * /dev/bcache/by-uuid links not created after reboot (LP: #1729145)
    - SAUCE: (no-up) bcache: decouple emitting a cached_dev CHANGE uevent
  * Some VMs fail to reboot with "watchdog: BUG: soft lockup - CPU#0 stuck for
    22s! [systemd:1]" (LP: #1730717)
    - SAUCE: exec: fix lockup because retry loop may never exit
  * Request to backport cxlflash patches to 16.04 HWE Kernel (LP: #1730515)
    - scsi: cxlflash: Use derived maximum write same length
    - scsi: cxlflash: Allow cards without WWPN VPD to configure
    - scsi: cxlflash: Derive pid through accessors
  * vagrant artful64 box filesystem too small (LP: #1726818)
    - block: factor out __blkdev_issue_zero_pages()
    - block: cope with WRITE ZEROES failing in blkdev_issue_zeroout()
  * Artful update to 4.13.14 stable release (LP: #1744121)
    - ppp: fix race in ppp device destruction
    - gso: fix payload length when gso_size is zero
    - ipv4: Fix traffic triggered IPsec connections.
    - ipv6: Fix traffic triggered IPsec connections.
    - netlink: do not set cb_running if dump's start() errs
    - net: call cgroup_sk_alloc() earlier in sk_clone_lock()
    - macsec: fix memory leaks when skb_to_sgvec fails
    - l2tp: check ps->sock before running pppol2tp_session_ioctl()
    - netlink: fix netlink_ack() extack race
    - sctp: add the missing sock_owned_by_user check in sctp_icmp_redirect
    - tcp/dccp: fix ireq->opt races
    - packet: avoid panic in packet_getsockopt()
    - geneve: Fix function matching VNI and tunnel ID on big-endian
    - net: bridge: fix returning of vlan range op errors
    - soreuseport: fix initialization race
    - ipv6: flowlabel: do not leave opt->tot_len with garbage
    - sctp: full support for ipv6 ip_nonlocal_bind & IP_FREEBIND
    - tcp/dccp: fix lockdep splat in inet_csk_route_req()
    - tcp/dccp: fix other lockdep splats accessing ireq_opt
    - net: dsa: check master device before put
    - net/unix: don't show information about sockets from other namespaces
    - tap: double-free in error path in tap_open()
    - net/mlx5: Fix health work queue spin lock to IRQ safe
    - net/mlx5e: Properly deal with encap flows add/del under neigh update
    - ipip: only increase err_count for some certain type icmp in ipip_err
    - ip6_gre: only increase err_count for some certain type icmpv6 in ip6gre_err
    - ip6_gre: update dst pmtu if dev mtu has been updated by toobig in
      __gre6_xmit
    - tcp: refresh tp timestamp before tcp_mtu_probe()
    - tap: reference to KVA of an unloaded module causes kernel panic
    - sctp: reset owner sk for data chunks on out queues when migrating a sock
    - net_sched: avoid matching qdisc with zero handle
    - l2tp: hold tunnel in pppol2tp_connect()
    - ipv6: addrconf: increment ifp refcount before ipv6_del_addr()
    - tcp: fix tcp_mtu_probe() vs highest_sack
    - mac80211: accept key reinstall without changing anything
    - mac80211: use constant time comparison with keys
    - mac80211: don't compare TKIP TX MIC key in reinstall prevention
    - usb: usbtest: fix NULL pointer dereference
    - Input: ims-psu - check if CDC union descriptor is sane
    - EDAC, sb_edac: Don't create a second memory controller if HA1 is not present
    - dmaengine: dmatest: warn user when dma test times out
    - Linux 4.13.14

[ Ubuntu: 4.13.0-37.42 ]

* linux: 4.13.0-37.42 -proposed tracker (LP: #1751798)
  * CVE-2017-5715 // CVE-2017-5753 // CVE-2017-5754
    - arm64: Add ASM_BUG()
    - arm64: consistently use bl for C exception entry
    - arm64: move non-entry code out of .entry.text
    - arm64: unwind: avoid percpu indirection for irq stack
    - arm64: unwind: disregard frame.sp when validating frame pointer
    - arm64: mm: Fix set_memory_valid() declaration
    - arm64: Convert __inval_cache_range() to area-based
    - arm64: Expose DC CVAP to userspace
    - arm64: Handle trapped DC CVAP
    - arm64: Implement pmem API support
    - arm64: uaccess: Implement *_flushcache variants
    - arm64/vdso: Support mremap() for vDSO
    - arm64: unwind: reference pt_regs via embedded stack frame
    - arm64: unwind: remove sp from struct stackframe
    - arm64: uaccess: Add the uaccess_flushcache.c file
    - arm64: fix pmem interface definition
    - arm64: compat: Remove leftover variable declaration
    - fork: allow arch-override of VMAP stack alignment
    - arm64: kernel: remove {THREAD,IRQ_STACK}_START_SP
    - arm64: factor out PAGE_* and CONT_* definitions
    - arm64: clean up THREAD_* definitions
    - arm64: clean up irq stack definitions
    - arm64: move SEGMENT_ALIGN to <asm/memory.h>
    - efi/arm64: add EFI_KIMG_ALIGN
    - arm64: factor out entry stack manipulation
    - arm64: assembler: allow adr_this_cpu to use the stack pointer
    - arm64: use an irq stack pointer
    - arm64: add basic VMAP_STACK support
    - arm64: add on_accessible_stack()
    - arm64: add VMAP_STACK overflow detection
    - arm64: Convert pte handling from inline asm to using (cmp)xchg
    - kvm: arm64: Convert kvm_set_s2pte_readonly() from inline asm to cmpxchg()
    - arm64: Move PTE_RDONLY bit handling out of set_pte_at()
    - arm64: Ignore hardware dirty bit updates in ptep_set_wrprotect()
    - arm64: Remove the !CONFIG_ARM64_HW_AFDBM alternative code paths
    - arm64: introduce separated bits for mm_context_t flags
    - arm64: cleanup {COMPAT_,}SET_PERSONALITY() macro
    - KVM: arm/arm64: Fix guest external abort matching
    - KVM: arm/arm64: vgic: constify seq_operations and file_operations
    - KVM: arm/arm64: vITS: Drop its_ite->lpi field
    - KVM: arm/arm64: Extract GICv3 max APRn index calculation
    - KVM: arm/arm64: Support uaccess of GICC_APRn
    - arm64: Use larger stacks when KASAN is selected
    - arm64: Define cputype macros for Falkor CPU
    - arm64: SW PAN: Point saved ttbr0 at the zero page when switching to init_mm
    - arm64: SW PAN: Update saved ttbr0 value on enter_lazy_tlb
    - x86/syscalls: Check address limit on user-mode return
    - arm/syscalls: Check address limit on user-mode return
    - arm64/syscalls: Check address limit on user-mode return
    - Revert "arm/syscalls: Check address limit on user-mode return"
    - syscalls: Use CHECK_DATA_CORRUPTION for addr_limit_user_check
    - arm/syscalls: Optimize address limit check
    - arm64/syscalls: Move address limit check in loop
    - futex: Remove duplicated code and fix undefined behaviour
    - arm64: KVM: Fix SMCCC handling of unimplemented SMC/HVC calls
    - arm64: syscallno is secretly an int, make it official
    - arm64: move TASK_* definitions to <asm/processor.h>
    - arm64: mm: Use non-global mappings for kernel space
    - arm64: mm: Temporarily disable ARM64_SW_TTBR0_PAN
    - arm64: mm: Move ASID from TTBR0 to TTBR1
    - arm64: mm: Remove pre_ttbr0_update_workaround for Falkor erratum #E1003
    - arm64: mm: Rename post_ttbr0_update_workaround
    - arm64: mm: Fix and re-enable ARM64_SW_TTBR0_PAN
    - arm64: mm: Allocate ASIDs in pairs
    - arm64: mm: Add arm64_kernel_unmapped_at_el0 helper
    - arm64: mm: Invalidate both kernel and user ASIDs when performing TLBI
    - arm64: entry: Add exception trampoline page for exceptions from EL0
    - arm64: mm: Map entry trampoline into trampoline and kernel page tables
    - arm64: entry: Explicitly pass exception level to kernel_ventry macro
    - arm64: entry: Hook up entry trampoline to exception vectors
    - arm64: erratum: Work around Falkor erratum #E1003 in trampoline code
    - arm64: cpu_errata: Add Kryo to Falkor 1003 errata
    - arm64: tls: Avoid unconditional zeroing of tpidrro_el0 for native tasks
    - arm64: entry: Add fake CPU feature for unmapping the kernel at EL0
    - arm64: kaslr: Put kernel vectors address in separate data page
    - arm64: use RET instruction for exiting the trampoline
    - arm64: Kconfig: Add CONFIG_UNMAP_KERNEL_AT_EL0
    - arm64: Kconfig: Reword UNMAP_KERNEL_AT_EL0 kconfig entry
    - arm64: Take into account ID_AA64PFR0_EL1.CSV3
    - arm64: capabilities: Handle duplicate entries for a capability
    - arm64: mm: Introduce TTBR_ASID_MASK for getting at the ASID in the TTBR
    - arm64: kpti: Fix the interaction between ASID switching and software PAN
    - arm64: cputype: Add MIDR values for Cavium ThunderX2 CPUs
    - arm64: Turn on KPTI only on CPUs that need it
    - arm64: kpti: Make use of nG dependent on arm64_kernel_unmapped_at_el0()
    - arm64: mm: Permit transitioning from Global to Non-Global without BBM
    - arm64: kpti: Add ->enable callback to remap swapper using nG mappings
    - arm64: Force KPTI to be disabled on Cavium ThunderX
    - arm64: entry: Reword comment about post_ttbr_update_workaround
    - arm64: idmap: Use "awx" flags for .idmap.text .pushsection directives
    - arm64: barrier: Add CSDB macros to control data-value prediction
    - arm64: Implement array_index_mask_nospec()
    - arm64: Make USER_DS an inclusive limit
    - arm64: Use pointer masking to limit uaccess speculation
    - arm64: entry: Ensure branch through syscall table is bounded under
      speculation
    - arm64: uaccess: Prevent speculative use of the current addr_limit
    - arm64: uaccess: Don't bother eliding access_ok checks in __{get, put}_user
    - arm64: uaccess: Mask __user pointers for __arch_{clear, copy_*}_user
    - arm64: futex: Mask __user pointers prior to dereference
    - arm64: cpufeature: __this_cpu_has_cap() shouldn't stop early
    - arm64: Run enable method for errata work arounds on late CPUs
    - arm64: cpufeature: Pass capability structure to ->enable callback
    - drivers/firmware: Expose psci_get_version through psci_ops structure
    - arm64: Move post_ttbr_update_workaround to C code
    - arm64: Add skeleton to harden the branch predictor against aliasing attacks
    - arm64: Move BP hardening to check_and_switch_context
    - arm64: KVM: Use per-CPU vector when BP hardening is enabled
    - arm64: entry: Apply BP hardening for high-priority synchronous exceptions
    - arm64: entry: Apply BP hardening for suspicious interrupts from EL0
    - arm64: cputype: Add missing MIDR values for Cortex-A72 and Cortex-A75
    - arm64: Implement branch predictor hardening for affected Cortex-A CPUs
    - arm64: Implement branch predictor hardening for Falkor
    - arm64: Branch predictor hardening for Cavium ThunderX2
    - arm64: KVM: Increment PC after handling an SMC trap
    - arm/arm64: KVM: Consolidate the PSCI include files
    - arm/arm64: KVM: Add PSCI_VERSION helper
    - arm/arm64: KVM: Add smccc accessors to PSCI code
    - arm/arm64: KVM: Implement PSCI 1.0 support
    - arm/arm64: KVM: Advertise SMCCC v1.1
    - arm64: KVM: Make PSCI_VERSION a fast path
    - arm/arm64: KVM: Turn kvm_psci_version into a static inline
    - arm64: KVM: Report SMCCC_ARCH_WORKAROUND_1 BP hardening support
    - arm64: KVM: Add SMCCC_ARCH_WORKAROUND_1 fast handling
    - firmware/psci: Expose PSCI conduit
    - firmware/psci: Expose SMCCC version through psci_ops
    - arm/arm64: smccc: Make function identifiers an unsigned quantity
    - arm/arm64: smccc: Implement SMCCC v1.1 inline primitive
    - arm64: Add ARM_SMCCC_ARCH_WORKAROUND_1 BP hardening support
    - arm64: Kill PSCI_GET_VERSION as a variant-2 workaround
    - [Config] UNMAP_KERNEL_AT_EL0=y && HARDEN_BRANCH_PREDICTOR=y
    - SAUCE: arm64: __idmap_cpu_set_reserved_ttbr1: fix !ARM64_PA_BITS_52 logic
    - arm64: Add missing Falkor part number for branch predictor hardening
    - arm64: mm: fix thinko in non-global page table attribute check
  * linux-image-4.13.0-26-generic / linux-image-extra-4.13.0-26-generic fail to
    boot (LP: #1742721)
    - staging: sm750fb: Fix parameter mistake in poke32

[ Ubuntu: 4.13.0-36.40 ]

* linux: 4.13.0-36.40 -proposed tracker (LP: #1750010)
  * Rebuild without "CVE-2017-5754 ARM64 KPTI fixes" patch set

-- Stefan Bader <stefan.bader@canonical.com>  Thu, 15 Mar 2018 10:39:50 +0100

Changed in linux-gcp (Ubuntu Xenial):
status:	Confirmed → Fix Released
status:	Confirmed → Fix Released

	Status	Importance	Assigned to
snapd	Triaged	Undecided	Unassigned
apparmor (Ubuntu)	Confirmed	Undecided	Unassigned
Xenial	Won't Fix	Undecided	Unassigned
Artful	Fix Committed	Undecided	Unassigned
Bionic	Confirmed	Undecided	Unassigned
linux (Ubuntu)	Confirmed	Undecided	Unassigned
Xenial	Invalid	Undecided	Unassigned
Artful	Fix Released	Undecided	Unassigned
Bionic	Confirmed	Undecided	Unassigned
linux-gcp (Ubuntu)	Fix Released	Undecided	Unassigned
Xenial	Fix Released	Undecided	Unassigned
Artful	Invalid	Undecided	Unassigned
Bionic	Fix Released	Undecided	Unassigned

Ubuntu
apparmor package

apparmor profile load in stacked policy container fails

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Ubuntuapparmor package

apparmor profile load in stacked policy container fails

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Ubuntu
apparmor package