[ubuntu/artful-security] linux-snapdragon 4.4.0-1090.95 (Accepted)

Andy Whitcroft apw at canonical.com
Thu May 3 02:04:31 UTC 2018

linux-snapdragon (4.4.0-1090.95) xenial; urgency=medium

  * linux-snapdragon: 4.4.0-1090.95 -proposed tracker (LP: #1763689)

  * Ubuntu-4.4.0-120.144 fails to boot on arm64* hardware (LP: #1763644)
    - [Config] arm64: disable BPF_JIT_ALWAYS_ON

  [ Ubuntu: 4.4.0-121.145 ]

  * linux: 4.4.0-121.145 -proposed tracker (LP: #1763687)
  * Ubuntu-4.4.0-120.144 fails to boot on arm64* hardware (LP: #1763644)
    - [Config] arm64: disable BPF_JIT_ALWAYS_ON

linux-snapdragon (4.4.0-1089.94) xenial; urgency=medium

  * linux-snapdragon: 4.4.0-1089.94 -proposed tracker (LP: #1761448)

  [ Ubuntu: 4.4.0-120.144 ]

  * linux: 4.4.0-120.144 -proposed tracker (LP: #1761438)
  * intel-microcode 3.20180312.0 causes lockup at login screen(w/ linux-
    image-4.13.0-37-generic) (LP: #1759920) // CVE-2017-5715 (Spectre v2 Intel)
    - Revert "x86/mm: Only set IBPB when the new thread cannot ptrace current
    - x86/speculation: Use Indirect Branch Prediction Barrier in context switch
  * DKMS driver builds fail with: Cannot use CONFIG_STACK_VALIDATION=y, please
    install libelf-dev, libelf-devel or elfutils-libelf-devel (LP: #1760876)
    - [Packaging] include the retpoline extractor in the headers
  * retpoline hints: primary infrastructure and initial hints (LP: #1758856)
    - [Packaging] retpoline-extract: flag *0xNNN(%reg) branches
    - x86/speculation, objtool: Annotate indirect calls/jumps for objtool
    - x86/speculation, objtool: Annotate indirect calls/jumps for objtool on 32bit
    - x86/paravirt, objtool: Annotate indirect calls
    - x86/asm: Stop depending on ptrace.h in alternative.h
    - [Packaging] retpoline -- add safe usage hint support
    - [Packaging] retpoline-check -- only report additions
    - [Packaging] retpoline -- widen indirect call/jmp detection
    - [Packaging] retpoline -- elide %rip relative indirections
    - [Packaging] retpoline -- clear hint information from packages
    - SAUCE: modpost: add discard to non-allocatable whitelist
    - KVM: x86: Make indirect calls in emulator speculation safe
    - KVM: VMX: Make indirect call speculation safe
    - x86/boot, objtool: Annotate indirect jump in secondary_startup_64()
    - SAUCE: early/late -- annotate indirect calls in early/late initialisation
    - SAUCE: vga_set_mode -- avoid jump tables
    - [Config] retpoline -- switch to new format
    - [Packaging] final-checks -- remove check for empty retpoline files
  * Xenial update to 4.4.117 stable release (LP: #1756860)
    - IB/mlx4: Fix incorrectly releasing steerable UD QPs when have only ETH ports
    - PM / devfreq: Propagate error from devfreq_add_device()
    - s390: fix handling of -1 in set{,fs}[gu]id16 syscalls
    - ARM: dts: STi: Add gpio polarity for "hdmi,hpd-gpio" property
    - arm: spear600: Add missing interrupt-parent of rtc
    - arm: spear13xx: Fix dmas cells
    - arm: spear13xx: Fix spics gpio controller's warning
    - ALSA: seq: Fix regression by incorrect ioctl_mutex usages
    - KVM/x86: Reduce retpoline performance impact in slot_handle_level_range(),
      by always inlining iterator helper methods
    - x86/cpu: Change type of x86_cache_size variable to unsigned int
    - drm/radeon: adjust tested variable
    - rtc-opal: Fix handling of firmware error codes, prevent busy loops
    - ext4: save error to disk in __ext4_grp_locked_error()
    - ext4: correct documentation for grpid mount option
    - mm: hide a #warning for COMPILE_TEST
    - video: fbdev: atmel_lcdfb: fix display-timings lookup
    - console/dummy: leave .con_font_get set to NULL
    - rtlwifi: rtl8821ae: Fix connection lost problem correctly
    - Btrfs: fix deadlock in run_delalloc_nocow
    - Btrfs: fix crash due to not cleaning up tree log block's dirty bits
    - Btrfs: fix unexpected -EEXIST when creating new inode
    - ALSA: hda - Fix headset mic detection problem for two Dell machines
    - ALSA: usb-audio: Fix UAC2 get_ctl request with a RANGE attribute
    - ALSA: hda/realtek: PCI quirk for Fujitsu U7x7
    - ALSA: usb-audio: add implicit fb quirk for Behringer UFX1204
    - ALSA: seq: Fix racy pool initializations
    - mvpp2: fix multicast address filter
    - dm: correctly handle chained bios in dec_pending()
    - x86: fix build warnign with 32-bit PAE
    - vfs: don't do RCU lookup of empty pathnames
    - ARM: pxa/tosa-bt: add MODULE_LICENSE tag
    - ARM: dts: s5pv210: add interrupt-parent for ohci
    - media: r820t: fix r820t_write_reg for KASAN
    - Linux 4.4.117
  * zfs system process hung on container stop/delete (LP: #1754584)
    - SAUCE: (noup) zfs to
    - SAUCE: Fix non-prefaulted page deadlock (LP: #1754584)
  * apparmor: fix bad __initdata tagging on, apparmor_initialized (LP: #1758471)
    - SAUCE: apparmor: fix bad __initdata tagging on, apparmor_initialized
  * Xenial update to 4.4.116 stable release (LP: #1756121)
    - powerpc/bpf/jit: Disable classic BPF JIT on ppc64le
    - powerpc/64: Fix flush_(d|i)cache_range() called from modules
    - powerpc: Fix VSX enabling/flushing to also test MSR_FP and MSR_VEC
    - powerpc: Simplify module TOC handling
    - ASoC: pcm512x: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
    - usbip: vhci_hcd: clear just the USB_PORT_STAT_POWER bit
    - usbip: fix 3eee23c3ec14 tcp_socket address still in the status file
    - net: cdc_ncm: initialize drvflags before usage
    - ASoC: simple-card: Fix misleading error message
    - ASoC: rsnd: don't call free_irq() on Parent SSI
    - ASoC: rsnd: avoid duplicate free_irq()
    - drm: rcar-du: Use the VBK interrupt for vblank events
    - drm: rcar-du: Fix race condition when disabling planes at CRTC stop
    - x86/asm: Fix inline asm call constraints for GCC 4.4
    - ip6mr: fix stale iterator
    - net: igmp: add a missing rcu locking section
    - qlcnic: fix deadlock bug
    - r8169: fix RTL8168EP take too long to complete driver initialization.
    - tcp: release sk_frag.page in tcp_disconnect
    - vhost_net: stop device during reset owner
    - media: soc_camera: soc_scale_crop: add missing
    - KEYS: encrypted: fix buffer overread in valid_master_desc()
    - don't put symlink bodies in pagecache into highmem
    - crypto: tcrypt - fix S/G table for test_aead_speed()
    - x86/microcode: Do the family check first
    - powerpc/pseries: include linux/types.h in asm/hvcall.h
    - cifs: Fix missing put_xid in cifs_file_strict_mmap
    - cifs: Fix autonegotiate security settings mismatch
    - CIFS: zero sensitive data when freeing
    - dmaengine: dmatest: fix container_of member in dmatest_callback
    - x86/kaiser: fix build error with KASAN && !FUNCTION_GRAPH_TRACER
    - kaiser: fix compile error without vsyscall
    - netfilter: nf_queue: Make the queue_handler pernet
    - posix-timer: Properly check sigevent->sigev_notify
    - usb: gadget: uvc: Missing files for configfs interface
    - sched/rt: Use container_of() to get root domain in rto_push_irq_work_func()
    - sched/rt: Up the root domain ref count when passing it around via IPIs
    - media: dvb-usb-v2: lmedm04: Improve logic checking of warm start
    - media: dvb-usb-v2: lmedm04: move ts2020 attach to dm04_lme2510_tuner
    - mtd: cfi: convert inline functions to macros
    - mtd: nand: brcmnand: Disable prefetch by default
    - mtd: nand: Fix nand_do_read_oob() return value
    - mtd: nand: sunxi: Fix ECC strength choice
    - ubi: block: Fix locking for idr_alloc/idr_remove
    - nfs/pnfs: fix nfs_direct_req ref leak when i/o falls back to the mds
    - NFS: Add a cond_resched() to nfs_commit_release_pages()
    - NFS: commit direct writes even if they fail partially
    - NFS: reject request for id_legacy key without auxdata
    - kernfs: fix regression in kernfs_fop_write caused by wrong type
    - ahci: Annotate PCI ids for mobile Intel chipsets as such
    - ahci: Add PCI ids for Intel Bay Trail, Cherry Trail and Apollo Lake AHCI
    - ahci: Add Intel Cannon Lake PCH-H PCI ID
    - crypto: hash - introduce crypto_hash_alg_has_setkey()
    - crypto: cryptd - pass through absence of ->setkey()
    - crypto: poly1305 - remove ->setkey() method
    - nsfs: mark dentry with DCACHE_RCUACCESS
    - media: v4l2-ioctl.c: don't copy back the result for -ENOTTY
    - vb2: V4L2_BUF_FLAG_DONE is set after DQBUF
    - media: v4l2-compat-ioctl32.c: add missing VIDIOC_PREPARE_BUF
    - media: v4l2-compat-ioctl32.c: fix the indentation
    - media: v4l2-compat-ioctl32.c: move 'helper' functions to
    - media: v4l2-compat-ioctl32.c: avoid sizeof(type)
    - media: v4l2-compat-ioctl32.c: copy m.userptr in put_v4l2_plane32
    - media: v4l2-compat-ioctl32.c: fix ctrl_is_pointer
    - media: v4l2-compat-ioctl32.c: make ctrl_is_pointer work for subdevs
    - media: v4l2-compat-ioctl32: Copy v4l2_window->global_alpha
    - media: v4l2-compat-ioctl32.c: copy clip list in put_v4l2_window32
    - media: v4l2-compat-ioctl32.c: drop pr_info for unknown buffer type
    - media: v4l2-compat-ioctl32.c: don't copy back the result for certain errors
    - media: v4l2-compat-ioctl32.c: refactor compat ioctl32 logic
    - crypto: caam - fix endless loop when DECO acquire fails
    - arm: KVM: Fix SMCCC handling of unimplemented SMC/HVC calls
    - KVM: nVMX: Fix races when sending nested PI while dest enters/leaves L2
    - watchdog: imx2_wdt: restore previous timeout after suspend+resume
    - media: ts2020: avoid integer overflows on 32 bit machines
    - media: cxusb, dib0700: ignore XC2028_I2C_FLUSH
    - kernel/async.c: revert "async: simplify lowest_in_progress()"
    - HID: quirks: Fix keyboard + touchpad on Toshiba Click Mini not working
    - Bluetooth: btsdio: Do not bind to non-removable BCM43341
    - Bluetooth: btusb: Restore QCA Rome suspend/resume fix with a "rewritten"
    - signal/openrisc: Fix do_unaligned_access to send the proper signal
    - signal/sh: Ensure si_signo is initialized in do_divide_error
    - alpha: fix crash if pthread_create races with signal delivery
    - alpha: fix reboot on Avanti platform
    - xtensa: fix futex_atomic_cmpxchg_inatomic
    - EDAC, octeon: Fix an uninitialized variable warning
    - pktcdvd: Fix pkt_setup_dev() error path
    - btrfs: Handle btrfs_set_extent_delalloc failure in fixup worker
    - ACPI: sbshc: remove raw pointer from printk() message
    - ovl: fix failure to fsync lower dir
    - mn10300/misalignment: Use SIGSEGV SEGV_MAPERR to report a failed user copy
    - ftrace: Remove incorrect setting of glob search field
    - Linux 4.4.116
  * Xenial update to 4.4.116 stable release (LP: #1756121) // CVE-2017-5754
    - Revert "UBUNTU: SAUCE: UBUNTU: [Config] Disable CONFIG_PPC_DEBUG_RFI"
    - Revert "UBUNTU: SAUCE: rfi-flush: Fix some RFI conversions in the KVM code"
    - Revert "UBUNTU: SAUCE: rfi-flush: Fix the 32-bit KVM build"
    - Revert "UBUNTU: SAUCE: rfi-flush: Fallback flush add load dependency"
    - Revert "UBUNTU: SAUCE: rfi-flush: Use rfi-flush in printks"
    - Revert "UBUNTU: SAUCE: rfi-flush: Add no_rfi_flush and nopti comandline
    - Revert "UBUNTU: SAUCE: rfi-flush: Refactor the macros so the nops are
      defined once"
    - Revert "UBUNTU: SAUCE: rfi-flush: Fix HRFI_TO_UNKNOWN"
    - Revert "UBUNTU: SAUCE: rfi-flush: Fix the fallback flush to actually
    - Revert "UBUNTU: SAUCE: rfi-flush: Rework pseries logic to be more cautious"
    - Revert "UBUNTU: SAUCE: rfi-flush: Rework powernv logic to be more cautious"
    - Revert "UBUNTU: SAUCE: rfi-flush: Add barriers to the fallback L1D flushing"
    - Revert "UBUNTU: SAUCE: Fix compilation errors for arch/powerpc/lib/feature-
    - Revert "UBUNTU: SAUCE: Remove setup.h include file otherwise compilation
      complains about missing header file."
    - Revert "UBUNTU: SAUCE: powerpc/asm: Allow including ppc_asm.h in asm files"
    - Revert "UBUNTU: SAUCE: rfi-flush: Add speculation barrier before ori 30,30,0
    - Revert "UBUNTU: SAUCE: rfi-flush: Allow HV to advertise multiple flush
    - Revert "UBUNTU: SAUCE: rfi-flush: Support more than one flush type at once"
    - Revert "UBUNTU: SAUCE: rfi-flush: Expand the RFI section to two nop slots"
    - Revert "UBUNTU: SAUCE: rfi-flush: Push the instruction selection down to the
      patching routine"
    - Revert "UBUNTU: SAUCE: rfi-flush: Make l1d_flush_type bit flags"
    - Revert "UBUNTU: SAUCE: rfi-flush: Implement congruence-first fallback flush"
    - Revert "UBUNTU: SAUCE: KVM: Revert the implementation of
    - Revert "UBUNTU: SAUCE: rfi-flush: kvmppc_skip_(H)interrupt returns to host"
    - Revert "UBUNTU: SAUCE: Fixup rfid in kvmppc_skip_Hinterrupt should be hrfid"
    - Revert "UBUNTU: SAUCE: rfi-flush: Add HRFI_TO_UNKNOWN and use it in denorm"
    - Revert "UBUNTU: SAUCE: rfi-flush: Make DEBUG_RFI a CONFIG option"
    - Revert "UBUNTU: SAUCE: powerpc: Secure memory rfi flush"
    - powerpc/pseries: Add H_GET_CPU_CHARACTERISTICS flags & wrapper
    - powerpc/64: Add macros for annotating the destination of rfid/hrfid
    - powerpc/64s: Simple RFI macro conversions
    - powerpc/64: Convert fast_exception_return to use RFI_TO_USER/KERNEL
    - powerpc/64: Convert the syscall exit path to use RFI_TO_USER/KERNEL
    - powerpc/64s: Convert slb_miss_common to use RFI_TO_USER/KERNEL
    - powerpc/64s: Add support for RFI flush of L1-D cache
    - powerpc/64s: Support disabling RFI flush with no_rfi_flush and nopti
    - powerpc/pseries: Query hypervisor for RFI flush settings
    - powerpc/powernv: Check device-tree for RFI flush settings
    - powerpc/64s: Wire up cpu_show_meltdown()
    - powerpc/64s: Allow control of RFI flush via debugfs
  * Intel i40e PF reset due to incorrect MDD detection (continues...)
    (LP: #1723127)
    - i40e/i40evf: Account for frags split over multiple descriptors in check
    - i40e/i40evf: Allow up to 12K bytes of data per Tx descriptor instead of 8K
  * Xenial update to 4.4.115 stable release (LP: #1755509)
    - x86: bpf_jit: small optimization in emit_bpf_tail_call()
    - bpf: fix bpf_tail_call() x64 JIT
    - bpf: introduce BPF_JIT_ALWAYS_ON config
    - bpf: arsh is not supported in 32 bit alu thus reject it
    - bpf: avoid false sharing of map refcount with max_entries
    - bpf: fix divides by zero
    - bpf: fix 32-bit divide by zero
    - bpf: reject stores into ctx via st and xadd
    - x86/pti: Make unpoison of pgd for trusted boot work for real
    - kaiser: fix intel_bts perf crashes
    - ALSA: seq: Make ioctls race-free
    - crypto: aesni - handle zero length dst buffer
    - crypto: af_alg - whitelist mask and type
    - power: reset: zx-reboot: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
    - gpio: iop: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
    - gpio: ath79: add missing MODULE_DESCRIPTION/LICENSE
    - mtd: nand: denali_pci: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
    - igb: Free IRQs when device is hotplugged
    - KVM: x86: emulator: Return to user-mode on L1 CPL=0 emulation failure
    - KVM: x86: Don't re-execute instruction when not passing CR2 value
    - KVM: X86: Fix operand/address-size during instruction decoding
    - KVM: x86: ioapic: Fix level-triggered EOI and IOAPIC reconfigure race
    - KVM: x86: ioapic: Clear Remote IRR when entry is switched to edge-triggered
    - KVM: x86: ioapic: Preserve read-only values in the redirection table
    - ACPI / bus: Leave modalias empty for devices which are not present
    - cpufreq: Add Loongson machine dependencies
    - bcache: check return value of register_shrinker
    - drm/amdgpu: Fix SDMA load/unload sequence on HWS disabled mode
    - drm/amdkfd: Fix SDMA ring buffer size calculation
    - drm/amdkfd: Fix SDMA oversubsription handling
    - openvswitch: fix the incorrect flow action alloc size
    - mac80211: fix the update of path metric for RANN frame
    - btrfs: fix deadlock when writing out space cache
    - KVM: VMX: Fix rflags cache during vCPU reset
    - xen-netfront: remove warning when unloading module
    - nfsd: CLOSE SHOULD return the invalid special stateid for NFSv4.x (x>0)
    - nfsd: Ensure we check stateid validity in the seqid operation checks
    - grace: replace BUG_ON by WARN_ONCE in exit_net hook
    - nfsd: check for use of the closed special stateid
    - lockd: fix "list_add double add" caused by legacy signal interface
    - hwmon: (pmbus) Use 64bit math for DIRECT format values
    - powerpc/ppc64el -- Remove ll_temac module from 64-bit builds
    - net: ethernet: xilinx: Mark XILINX_LL_TEMAC broken on 64-bit
    - quota: Check for register_shrinker() failure.
    - SUNRPC: Allow connect to return EHOSTUNREACH
    - kmemleak: add scheduling point to kmemleak_scan()
    - drm/omap: Fix error handling path in 'omap_dmm_probe()'
    - xfs: ubsan fixes
    - scsi: aacraid: Prevent crash in case of free interrupt during scsi EH path
    - scsi: ufs: ufshcd: fix potential NULL pointer dereference in
    - media: usbtv: add a new usbid
    - usb: gadget: don't dereference g until after it has been null checked
    - staging: rtl8188eu: Fix incorrect response to SIOCGIWESSID
    - usb: option: Add support for FS040U modem
    - USB: serial: pl2303: new device id for Chilitag
    - USB: cdc-acm: Do not log urb submission errors on disconnect
    - CDC-ACM: apply quirk for card reader
    - USB: serial: io_edgeport: fix possible sleep-in-atomic
    - usbip: prevent bind loops on devices attached to vhci_hcd
    - usbip: list: don't list devices attached to vhci_hcd
    - USB: serial: simple: add Motorola Tetra driver
    - usb: f_fs: Prevent gadget unbind if it is already unbound
    - usb: uas: unconditionally bring back host after reset
    - selinux: general protection fault in sock_has_perm
    - serial: imx: Only wakeup via RTSDEN bit if the system has RTS/CTS
    - spi: imx: do not access registers while clocks disabled
    - Linux 4.4.115
  * retpoline: ignore %cs:0xNNN constant indirections (LP: #1752655)
    - [Packaging] retpoline -- elide %cs:0xNNNN constants on i386

  [ Ubuntu: 4.4.0-119.143 ]

  * linux: 4.4.0-119.143 -proposed tracker (LP: #1760327)
  * Dell XPS 13 9360 bluetooth scan can not detect any device (LP: #1759821)
    - Revert "Bluetooth: btusb: fix QCA Rome suspend/resume"

  [ Ubuntu: 4.4.0-118.142 ]

  * linux: 4.4.0-118.142 -proposed tracker (LP: #1759607)
  * Kernel panic with AWS 4.4.0-1053 / 4.4.0-1015 (Trusty) (LP: #1758869)
    - x86/microcode/AMD: Do not load when running on a hypervisor
  * CVE-2018-8043
    - net: phy: mdio-bcm-unimac: fix potential NULL dereference in

Date: 2018-04-13 15:32:17.520846+00:00
Changed-By: Kleber Sacilotto de Souza <kleber.souza at canonical.com>
Signed-By: Andy Whitcroft <apw at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Artful-changes mailing list