[ubuntu/artful-updates] linux-snapdragon 4.4.0-1094.99 (Accepted)
Andy Whitcroft
apw at canonical.com
Mon Jun 11 21:27:40 UTC 2018
linux-snapdragon (4.4.0-1094.99) xenial; urgency=medium
* linux-snapdragon: 4.4.0-1094.99 -proposed tracker (LP: #1772965)
[ Ubuntu: 4.4.0-128.154 ]
* linux: 4.4.0-128.154 -proposed tracker (LP: #1772960)
* CVE-2018-3639 (x86)
- x86/cpu: Make alternative_msr_write work for 32-bit code
- x86/bugs: Fix the parameters alignment and missing void
- KVM: SVM: Move spec control call after restore of GS
- x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP
- x86/cpufeatures: Disentangle MSR_SPEC_CTRL enumeration from IBRS
- x86/cpufeatures: Disentangle SSBD enumeration
- x86/cpu/AMD: Fix erratum 1076 (CPB bit)
- x86/cpufeatures: Add FEATURE_ZEN
- x86/speculation: Handle HT correctly on AMD
- x86/bugs, KVM: Extend speculation control for VIRT_SPEC_CTRL
- x86/speculation: Add virtualized speculative store bypass disable support
- x86/speculation: Rework speculative_store_bypass_update()
- x86/bugs: Unify x86_spec_ctrl_{set_guest,restore_host}
- x86/bugs: Expose x86_spec_ctrl_base directly
- x86/bugs: Remove x86_spec_ctrl_set()
- x86/bugs: Rework spec_ctrl base and mask logic
- x86/speculation, KVM: Implement support for VIRT_SPEC_CTRL/LS_CFG
- KVM: SVM: Implement VIRT_SPEC_CTRL support for SSBD
- x86/bugs: Rename SSBD_NO to SSB_NO
- KVM: VMX: Expose SSBD properly to guests.
* [i915_bpo] Fix flickering issue after panel change (LP: #1770565)
- drm/i915: Fix iboost setting for DDI with 4 lanes on SKL
- drm/i915: Name the "iboost bit"
- drm/i915: Program iboost settings for HDMI/DVI on SKL
- drm/i915: Move bxt_ddi_vswing_sequence() call into intel_ddi_pre_enable()
for HDMI
- drm/i915: Explicitly use ddi buf trans entry 9 for hdmi
- drm/i915: Split DP/eDP/FDI and HDMI/DVI DDI buffer programming apart
- drm/i915: Get the iboost setting based on the port type
- drm/i915: Simplify intel_ddi_get_encoder_port()
- drm/i915: Fix iboost setting for SKL Y/U DP DDI buffer translation entry 2
- drm/i915: KBL - Recommended buffer translation programming for DisplayPort
- drm/i915: Ignore OpRegion panel type except on select machines
* [SRU][Bionic/Artful] fix false positives in W+X checking (LP: #1769696)
- init: fix false positives in W+X checking
* [Ubuntu 16.04] kernel: fix rwlock implementation (LP: #1761674)
- SAUCE: (no-up) s390: fix rwlock implementation
* linux < 4.11: unable to use netfilter logging from non-init namespaces
(LP: #1766573)
- netfilter: allow logging from non-init namespaces
* [LTC Test] Ubuntu 18.04: tm_sigreturn failed on P8 compat mode 16.04.04
guest (LP: #1771439)
- powerpc: signals: Discard transaction state from signal frames
* QCA9377 requires more IRAM banks for its new firmware (LP: #1748345)
- ath10k: update the IRAM bank number for QCA9377
* i915/kbl_dmc_ver1.bin failed with error -2 package 1.157.17 kernel
4.4.0-116-generic (LP: #1752536)
- ubuntu: i915_bpo - Add MODULE_FIRMWARE for Geminilake's DMC
* Xenial update to 4.4.131 stable release (LP: #1768825)
- ext4: prevent right-shifting extents beyond EXT_MAX_BLOCKS
- ext4: set h_journal if there is a failure starting a reserved handle
- ext4: add validity checks for bitmap block numbers
- ext4: fix bitmap position validation
- usbip: usbip_host: fix to hold parent lock for device_attach() calls
- usbip: vhci_hcd: Fix usb device and sockfd leaks
- USB: serial: simple: add libtransistor console
- USB: serial: ftdi_sio: use jtag quirk for Arrow USB Blaster
- USB: serial: cp210x: add ID for NI USB serial console
- usb: core: Add quirk for HP v222w 16GB Mini
- USB: Increment wakeup count on remote wakeup.
- ALSA: usb-audio: Skip broken EU on Dell dock USB-audio
- virtio: add ability to iterate over vqs
- virtio_console: free buffers after reset
- drm/virtio: fix vq wait_event condition
- tty: Don't call panic() at tty_ldisc_init()
- tty: n_gsm: Fix long delays with control frame timeouts in ADM mode
- tty: n_gsm: Fix DLCI handling for ADM mode if debug & 2 is not set
- tty: Use __GFP_NOFAIL for tty_ldisc_get()
- ALSA: core: Report audio_tstamp in snd_pcm_sync_ptr
- ALSA: seq: oss: Fix unbalanced use lock for synth MIDI device
- ALSA: hda/realtek - Add some fixes for ALC233
- mtd: cfi: cmdset_0001: Do not allow read/write to suspend erase block.
- mtd: cfi: cmdset_0001: Workaround Micron Erase suspend bug.
- mtd: cfi: cmdset_0002: Do not allow read/write to suspend erase block.
- kobject: don't use WARN for registration failures
- scsi: sd: Defer spinning up drive while SANITIZE is in progress
- ARM: amba: Make driver_override output consistent with other buses
- ARM: amba: Fix race condition with driver_override
- ARM: amba: Don't read past the end of sysfs "driver_override" buffer
- ASoC: fsl_esai: Fix divisor calculation failure at lower ratio
- libceph: validate con->state at the top of try_write()
- x86/ipc: Fix x32 version of shmid64_ds and msqid64_ds
- x86/smpboot: Don't use mwait_play_dead() on AMD systems
- serial: mctrl_gpio: export mctrl_gpio_disable_ms and mctrl_gpio_init
- serial: mctrl_gpio: Add missing module license
- Linux 4.4.131
* Xenial update to 4.4.130 stable release (LP: #1768474) // CVE-2017-5715 //
CVE-2017-5753
- SAUCE: s390: print messages for gmb and nobp
* Xenial update to 4.4.130 stable release (LP: #1768474)
- cifs: do not allow creating sockets except with SMB1 posix exensions
- x86/tsc: Prevent 32bit truncation in calc_hpet_ref()
- perf: Return proper values for user stack errors
- staging: ion : Donnot wakeup kswapd in ion system alloc
- r8152: add Linksys USB3GIGV1 id
- Input: drv260x - fix initializing overdrive voltage
- ath9k_hw: check if the chip failed to wake up
- jbd2: fix use after free in kjournald2()
- Revert "ath10k: send (re)assoc peer command when NSS changed"
- Revert "UBUNTU: SAUCE: s390: print messages for gmb and nobp"
- Revert "UBUNTU: SAUCE: s390: improve cpu alternative handling for gmb and
nobp"
- Revert "s390: add ppa to kernel entry / exit"
- Revert "s390: introduce CPU alternatives"
- s390: introduce CPU alternatives
- s390: enable CPU alternatives unconditionally
- s390/alternative: use a copy of the facility bit mask
- s390: add options to change branch prediction behaviour for the kernel
- s390: scrub registers on kernel entry and KVM exit
- s390: add optimized array_index_mask_nospec
- s390: run user space and KVM guests with modified branch prediction
- s390: introduce execute-trampolines for branches
- s390: Replace IS_ENABLED(EXPOLINE_*) with IS_ENABLED(CONFIG_EXPOLINE_*)
- s390: do not bypass BPENTER for interrupt system calls
- s390/entry.S: fix spurious zeroing of r0
- s390: move nobp parameter functions to nospec-branch.c
- s390: add automatic detection of the spectre defense
- [Config] Add CONFIG_EXPOLINE=y and CONFIG_EXPOLINE_AUTO=y
- s390: report spectre mitigation via syslog
- s390: add sysfs attributes for spectre
- s390: correct nospec auto detection init order
- s390: correct module section names for expoline code revert
- bonding: do not set slave_dev npinfo before slave_enable_netpoll in
bond_enslave
- KEYS: DNS: limit the length of option strings
- l2tp: check sockaddr length in pppol2tp_connect()
- net: validate attribute sizes in neigh_dump_table()
- llc: delete timers synchronously in llc_sk_free()
- tcp: don't read out-of-bounds opsize
- team: avoid adding twice the same option to the event list
- team: fix netconsole setup over team
- packet: fix bitfield update race
- pppoe: check sockaddr length in pppoe_connect()
- vlan: Fix reading memory beyond skb->tail in skb_vlan_tagged_multi
- sctp: do not check port in sctp_inet6_cmp_addr
- llc: hold llc_sap before release_sock()
- llc: fix NULL pointer deref for SOCK_ZAPPED
- tipc: add policy for TIPC_NLA_NET_ADDR
- net: fix deadlock while clearing neighbor proxy table
- tcp: md5: reject TCP_MD5SIG or TCP_MD5SIG_EXT on established sockets
- net: af_packet: fix race in PACKET_{R|T}X_RING
- ipv6: add RTA_TABLE and RTA_PREFSRC to rtm_ipv6_policy
- scsi: mptsas: Disable WRITE SAME
- cdrom: information leak in cdrom_ioctl_media_changed()
- s390/cio: update chpid descriptor after resource accessibility event
- s390/uprobes: implement arch_uretprobe_is_alive()
- Linux 4.4.130
- SAUCE: s390: Add 'nogmb' kernel parameter
* Xenial update to 4.4.129 stable release (LP: #1768429)
- media: v4l2-compat-ioctl32: don't oops on overlay
- parisc: Fix out of array access in match_pci_device()
- perf intel-pt: Fix overlap detection to identify consecutive buffers
correctly
- perf intel-pt: Fix sync_switch
- perf intel-pt: Fix error recovery from missing TIP packet
- perf intel-pt: Fix timestamp following overflow
- radeon: hide pointless #warning when compile testing
- block/loop: fix deadlock after loop_set_status
- s390/qdio: don't retry EQBS after CCQ 96
- s390/qdio: don't merge ERROR output buffers
- s390/ipl: ensure loadparm valid flag is set
- getname_kernel() needs to make sure that ->name != ->iname in long case
- rtl8187: Fix NULL pointer dereference in priv->conf_mutex
- hwmon: (ina2xx) Fix access to uninitialized mutex
- cdc_ether: flag the Cinterion AHS8 modem by gemalto as WWAN
- slip: Check if rstate is initialized before uncompressing
- lan78xx: Correctly indicate invalid OTP
- x86/hweight: Get rid of the special calling convention
- [Config] Remove ARCH_HWEIGHT_CFLAGS
- x86/hweight: Don't clobber %rdi
- tty: make n_tty_read() always abort if hangup is in progress
- ubifs: Check ubifs_wbuf_sync() return code
- ubi: fastmap: Don't flush fastmap work on detach
- ubi: Fix error for write access
- ubi: Reject MLC NAND
- fs/reiserfs/journal.c: add missing resierfs_warning() arg
- resource: fix integer overflow at reallocation
- ipc/shm: fix use-after-free of shm file via remap_file_pages()
- mm, slab: reschedule cache_reap() on the same CPU
- usb: musb: gadget: misplaced out of bounds check
- ARM: dts: at91: at91sam9g25: fix mux-mask pinctrl property
- ARM: dts: at91: sama5d4: fix pinctrl compatible string
- xen-netfront: Fix hang on device removal
- regmap: Fix reversed bounds check in regmap_raw_write()
- ACPI / video: Add quirk to force acpi-video backlight on Samsung 670Z5E
- ACPI / hotplug / PCI: Check presence of slot itself in get_slot_status()
- USB:fix USB3 devices behind USB3 hubs not resuming at hibernate thaw
- usb: dwc3: pci: Properly cleanup resource
- HID: i2c-hid: fix size check and type usage
- powerpc/powernv: Handle unknown OPAL errors in opal_nvram_write()
- powerpc/64: Fix smp_wmb barrier definition use use lwsync consistently
- powerpc/powernv: define a standard delay for OPAL_BUSY type retry loops
- powerpc/powernv: Fix OPAL NVRAM driver OPAL_BUSY loops
- HID: Fix hid_report_len usage
- HID: core: Fix size as type u32
- ASoC: ssm2602: Replace reg_default_raw with reg_default
- thunderbolt: Resume control channel after hibernation image is created
- random: use a tighter cap in credit_entropy_bits_safe()
- jbd2: if the journal is aborted then don't allow update of the log tail
- ext4: don't update checksum of new initialized bitmaps
- ext4: fail ext4_iget for root directory if unallocated
- RDMA/ucma: Don't allow setting RDMA_OPTION_IB_PATH without an RDMA device
- ALSA: pcm: Fix UAF at PCM release via PCM timer access
- IB/srp: Fix srp_abort()
- IB/srp: Fix completion vector assignment algorithm
- dmaengine: at_xdmac: fix rare residue corruption
- um: Use POSIX ucontext_t instead of struct ucontext
- iommu/vt-d: Fix a potential memory leak
- mmc: jz4740: Fix race condition in IRQ mask update
- clk: mvebu: armada-38x: add support for 1866MHz variants
- clk: mvebu: armada-38x: add support for missing clocks
- clk: bcm2835: De-assert/assert PLL reset signal when appropriate
- thermal: imx: Fix race condition in imx_thermal_probe()
- watchdog: f71808e_wdt: Fix WD_EN register read
- ALSA: oss: consolidate kmalloc/memset 0 call to kzalloc
- ALSA: pcm: Use ERESTARTSYS instead of EINTR in OSS emulation
- ALSA: pcm: Avoid potential races between OSS ioctls and read/write
- ALSA: pcm: Return -EBUSY for OSS ioctls changing busy streams
- ALSA: pcm: Fix mutex unbalance in OSS emulation ioctls
- ALSA: pcm: Fix endless loop for XRUN recovery in OSS emulation
- vfio-pci: Virtualize PCIe & AF FLR
- vfio/pci: Virtualize Maximum Payload Size
- vfio/pci: Virtualize Maximum Read Request Size
- ext4: don't allow r/w mounts if metadata blocks overlap the superblock
- drm/radeon: Fix PCIe lane width calculation
- ext4: fix crashes in dioread_nolock mode
- ext4: fix deadlock between inline_data and ext4_expand_extra_isize_ea()
- ALSA: line6: Use correct endpoint type for midi output
- ALSA: rawmidi: Fix missing input substream checks in compat ioctls
- ALSA: hda - New VIA controller suppor no-snoop path
- HID: hidraw: Fix crash on HIDIOCGFEATURE with a destroyed device
- MIPS: uaccess: Add micromips clobbers to bzero invocation
- MIPS: memset.S: EVA & fault support for small_memset
- MIPS: memset.S: Fix return of __clear_user from Lpartial_fixup
- MIPS: memset.S: Fix clobber of v1 in last_fixup
- powerpc/eeh: Fix enabling bridge MMIO windows
- powerpc/lib: Fix off-by-one in alternate feature patching
- jffs2_kill_sb(): deal with failed allocations
- hypfs_kill_super(): deal with failed allocations
- rpc_pipefs: fix double-dput()
- Don't leak MNT_INTERNAL away from internal mounts
- autofs: mount point create should honour passed in mode
- mm: allow GFP_{FS,IO} for page_cache_read page cache allocation
- mm/filemap.c: fix NULL pointer in page_cache_tree_insert()
- ext4: bugfix for mmaped pages in mpage_release_unused_pages()
- fanotify: fix logic of events on child
- writeback: safer lock nesting
- Linux 4.4.129
* CVE-2018-8087
- mac80211_hwsim: fix possible memory leak in hwsim_new_radio_nl()
* Integrated Webcam Realtek Integrated_Webcam_HD (0bda:58f4) not working in
DELL XPS 13 9370 with firmware 1.50 (LP: #1763748)
- SAUCE: media: uvcvideo: Support realtek's UVC 1.5 device
* [Xenial] Kernels OOPS when mwifiex is in AP mode (LP: #1769671)
- Revert "UBUNTU: SAUCE: mwifiex: do not dereference invalid pointer"
- Revert "UBUNTU: SAUCE: net/wireless: do not dereference invalid pointer"
- mwifiex: cfg80211: do not change virtual interface during scan processing
* user space process hung in 'D' state waiting for disk io to complete
(LP: #1750038)
- NFS: Use GFP_NOIO for two allocations in writeback
* Acer Swift sf314-52 power button not managed (LP: #1766054)
- SAUCE: platform/x86: acer-wmi: add another KEY_POWER keycode
[ Ubuntu: 4.4.0-127.153 ]
* CVE-2018-3639 (powerpc)
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Set or clear security feature flags
- powerpc/64s: Move cpu_show_meltdown()
- powerpc/64s: Enhance the information in cpu_show_meltdown()
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/64s: Wire up cpu_show_spectre_v1()
- powerpc/64s: Wire up cpu_show_spectre_v2()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel
entry/exit
* CVE-2018-3639 (x86)
- SAUCE: Clean up IBPB and IBRS control functions and macros
- SAUCE: Fix up IBPB and IBRS kernel parameters documentation
- SAUCE: Remove #define X86_FEATURE_PTI
- x86/cpufeature: Move some of the scattered feature bits to x86_capability
- x86/cpufeature: Cleanup get_cpu_cap()
- x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6
- x86/cpufeatures: Add CPUID_7_EDX CPUID leaf
- x86/cpufeatures: Add Intel feature bits for Speculation Control
- SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf
- x86/cpufeatures: Add AMD feature bits for Speculation Control
- x86/msr: Add definitions for new speculation control MSRs
- SAUCE: x86/msr: Rename MSR spec control feature bits
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes
- x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support
- x86/speculation: Add <asm/msr-index.h> dependency
- x86/cpufeatures: Clean up Spectre v2 related CPUID flags
- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel
- SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code
- SAUCE: x86: Add alternative_msr_write
- SAUCE: x86/nospec: Simplify alternative_msr_write()
- SAUCE: x86/bugs: Concentrate bug detection into a separate function
- SAUCE: x86/bugs: Concentrate bug reporting into a separate function
- arch: Introduce post-init read-only memory
- SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS
- SAUCE: x86/bugs: Expose /sys/../spec_store_bypass
- SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS
- SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable
mitigation
- SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS
- SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if
requested
- SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell
- SAUCE: prctl: Add speculation control prctls
- x86/process: Optimize TIF checks in __switch_to_xtra()
- SAUCE: x86/process: Allow runtime control of Speculative Store Bypass
- SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation
- SAUCE: nospec: Allow getting/setting on non-current task
- SAUCE: proc: Provide details on speculation flaw mitigations
- SAUCE: seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- SAUCE: x86/bugs: Make boot modes __ro_after_init
- SAUCE: prctl: Add force disable speculation
- SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE
- selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC
- SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation
- SAUCE: seccomp: Move speculation migitation control to arch code
- SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative
Store Bypass
- SAUCE: x86/bugs: Rename _RDS to _SSBD
- SAUCE: proc: Use underscores for SSBD in 'status'
- SAUCE: Documentation/spec_ctrl: Do some minor cleanups
- SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type
- SAUCE: x86/bugs: Make cpu_show_common() static
- x86/entry: define _TIF_ALLWORK_MASK flags explicitly
- Revert "x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2
microcodes"
- SAUCE: kvm/cpuid: Fix CPUID_7_0.EDX handling
Date: 2018-05-25 15:18:13.487440+00:00
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Signed-By: Andy Whitcroft <apw at canonical.com>
https://launchpad.net/ubuntu/+source/linux-snapdragon/4.4.0-1094.99
-------------- next part --------------
Sorry, changesfile not available.
More information about the Artful-changes
mailing list