[ubuntu/disco-proposed] linux-gcp_4.18.0-1004.5_amd64.tar.gz - (Accepted)

Khalid Elmously khalid.elmously at canonical.com
Mon Nov 19 12:03:06 UTC 2018


linux-gcp (4.18.0-1004.5) cosmic; urgency=medium

  * linux-gcp: 4.18.0-1004.5 -proposed tracker (LP: #1802750)

  [ Ubuntu: 4.18.0-12.13 ]

  * linux: 4.18.0-12.13 -proposed tracker (LP: #1802743)
  * [FEAT] Guest-dedicated Crypto Adapters (LP: #1787405)
    - s390/zcrypt: Add ZAPQ inline function.
    - s390/zcrypt: Review inline assembler constraints.
    - s390/zcrypt: Integrate ap_asm.h into include/asm/ap.h.
    - s390/zcrypt: fix ap_instructions_available() returncodes
    - KVM: s390: vsie: simulate VCPU SIE entry/exit
    - KVM: s390: introduce and use KVM_REQ_VSIE_RESTART
    - KVM: s390: refactor crypto initialization
    - s390: vfio-ap: base implementation of VFIO AP device driver
    - s390: vfio-ap: register matrix device with VFIO mdev framework
    - s390: vfio-ap: sysfs interfaces to configure adapters
    - s390: vfio-ap: sysfs interfaces to configure domains
    - s390: vfio-ap: sysfs interfaces to configure control domains
    - s390: vfio-ap: sysfs interface to view matrix mdev matrix
    - KVM: s390: interface to clear CRYCB masks
    - s390: vfio-ap: implement mediated device open callback
    - s390: vfio-ap: implement VFIO_DEVICE_GET_INFO ioctl
    - s390: vfio-ap: zeroize the AP queues
    - s390: vfio-ap: implement VFIO_DEVICE_RESET ioctl
    - KVM: s390: Clear Crypto Control Block when using vSIE
    - KVM: s390: vsie: Do the CRYCB validation first
    - KVM: s390: vsie: Make use of CRYCB FORMAT2 clear
    - KVM: s390: vsie: Allow CRYCB FORMAT-2
    - KVM: s390: vsie: allow CRYCB FORMAT-1
    - KVM: s390: vsie: allow CRYCB FORMAT-0
    - KVM: s390: vsie: allow guest FORMAT-0 CRYCB on host FORMAT-1
    - KVM: s390: vsie: allow guest FORMAT-1 CRYCB on host FORMAT-2
    - KVM: s390: vsie: allow guest FORMAT-0 CRYCB on host FORMAT-2
    - KVM: s390: device attrs to enable/disable AP interpretation
    - KVM: s390: CPU model support for AP virtualization
    - s390: doc: detailed specifications for AP virtualization
    - KVM: s390: fix locking for crypto setting error path
    - KVM: s390: Tracing APCB changes
    - s390: vfio-ap: setup APCB mask using KVM dedicated function
    - [Config:] Enable CONFIG_S390_AP_IOMMU and set CONFIG_VFIO_AP to module.
  * Bypass of mount visibility through userns + mount propagation (LP: #1789161)
    - mount: Retest MNT_LOCKED in do_umount
    - mount: Don't allow copying MNT_UNBINDABLE|MNT_LOCKED mounts
  *  CVE-2018-18955: nested user namespaces with more than five extents
    incorrectly grant privileges over inode (LP: #1801924) // CVE-2018-18955
    - userns: also map extents in the reverse map to kernel IDs
  * kdump fail due to an IRQ storm (LP: #1797990)
    - SAUCE: x86/PCI: Export find_cap() to be used in early PCI code
    - SAUCE: x86/quirks: Add parameter to clear MSIs early on boot
    - SAUCE: x86/quirks: Scan all busses for early PCI quirks
  * crash in ENA driver on removing an interface (LP: #1802341)
    - SAUCE: net: ena: fix crash during ena_remove()
  * Ubuntu 18.04.1 - [s390x] Kernel panic while stressing network bonding
    (LP: #1797367)
    - s390/qeth: reduce hard-coded access to ccw channels
    - s390/qeth: sanitize strings in debug messages
  * Add checksum offload and TSO support for HiNIC adapters (LP: #1800664)
    - net-next/hinic: add checksum offload and TSO support
  * smartpqi updates for ubuntu 18.04.2 (LP: #1798208)
    - scsi: smartpqi: improve handling for sync requests
    - scsi: smartpqi: improve error checking for sync requests
    - scsi: smartpqi: add inspur advantech ids
    - scsi: smartpqi: fix critical ARM issue reading PQI index registers
    - scsi: smartpqi: bump driver version to 1.1.4-130
  * [GLK/CLX] Enhanced IBRS (LP: #1786139)
    - x86/speculation: Remove SPECTRE_V2_IBRS in enum spectre_v2_mitigation
    - x86/speculation: Support Enhanced IBRS on future CPUs
  * Enable keyboard wakeup for S2Idle laptops (LP: #1798552)
    - Input: i8042 - enable keyboard wakeups by default when s2idle is used
  * Overlayfs in user namespace leaks directory content of inaccessible
    directories (LP: #1793458) // CVE-2018-6559
    - SAUCE: overlayfs: ensure mounter privileges when reading directories
  * Update ENA driver to version 2.0.1K (LP: #1798182)
    - net: ena: remove ndo_poll_controller
    - net: ena: fix auto casting to boolean
    - net: ena: minor performance improvement
    - net: ena: complete host info to match latest ENA spec
    - net: ena: introduce Low Latency Queues data structures according to ENA spec
    - net: ena: add functions for handling Low Latency Queues in ena_com
    - net: ena: add functions for handling Low Latency Queues in ena_netdev
    - net: ena: use CSUM_CHECKED device indication to report skb's checksum status
    - net: ena: explicit casting and initialization, and clearer error handling
    - net: ena: limit refill Rx threshold to 256 to avoid latency issues
    - net: ena: change rx copybreak default to reduce kernel memory pressure
    - net: ena: remove redundant parameter in ena_com_admin_init()
    - net: ena: update driver version to 2.0.1
    - net: ena: fix indentations in ena_defs for better readability
    - net: ena: Fix Kconfig dependency on X86
    - net: ena: enable Low Latency Queues
    - net: ena: fix compilation error in xtensa architecture
  * Cosmic update: 4.18.17 upstream stable release (LP: #1802119)
    - xfrm: Validate address prefix lengths in the xfrm selector.
    - xfrm6: call kfree_skb when skb is toobig
    - xfrm: reset transport header back to network header after all input
      transforms ahave been applied
    - xfrm: reset crypto_done when iterating over multiple input xfrms
    - mac80211: Always report TX status
    - cfg80211: reg: Init wiphy_idx in regulatory_hint_core()
    - mac80211: fix pending queue hang due to TX_DROP
    - cfg80211: Address some corner cases in scan result channel updating
    - mac80211: TDLS: fix skb queue/priority assignment
    - mac80211: fix TX status reporting for ieee80211s
    - ARM: 8799/1: mm: fix pci_ioremap_io() offset check
    - xfrm: validate template mode
    - drm/i2c: tda9950: fix timeout counter check
    - drm/i2c: tda9950: set MAX_RETRIES for errors only
    - netfilter: bridge: Don't sabotage nf_hook calls from an l3mdev
    - netfilter: conntrack: get rid of double sizeof
    - arm64: hugetlb: Fix handling of young ptes
    - ARM: dts: BCM63xx: Fix incorrect interrupt specifiers
    - net: macb: Clean 64b dma addresses if they are not detected
    - soc: fsl: qbman: qman: avoid allocating from non existing gen_pool
    - soc: fsl: qe: Fix copy/paste bug in ucc_get_tdm_sync_shift()
    - nl80211: Fix possible Spectre-v1 for NL80211_TXRATE_HT
    - mac80211_hwsim: fix locking when iterating radios during ns exit
    - mac80211_hwsim: fix race in radio destruction from netlink notifier
    - mac80211_hwsim: do not omit multicast announce of first added radio
    - Bluetooth: SMP: fix crash in unpairing
    - pxa168fb: prepare the clock
    - qed: Avoid implicit enum conversion in qed_set_tunn_cls_info
    - qed: Fix mask parameter in qed_vf_prep_tunn_req_tlv
    - qed: Avoid implicit enum conversion in qed_roce_mode_to_flavor
    - qed: Avoid constant logical operation warning in qed_vf_pf_acquire
    - qed: Avoid implicit enum conversion in qed_iwarp_parse_rx_pkt
    - nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds
    - scsi: qedi: Initialize the stats mutex lock
    - rxrpc: Fix checks as to whether we should set up a new call
    - rxrpc: Fix RTT gathering
    - rxrpc: Fix transport sockopts to get IPv4 errors on an IPv6 socket
    - rxrpc: Fix error distribution
    - netfilter: nft_set_rbtree: add missing rb_erase() in GC routine
    - netfilter: avoid erronous array bounds warning
    - asix: Check for supported Wake-on-LAN modes
    - ax88179_178a: Check for supported Wake-on-LAN modes
    - lan78xx: Check for supported Wake-on-LAN modes
    - sr9800: Check for supported Wake-on-LAN modes
    - r8152: Check for supported Wake-on-LAN Modes
    - smsc75xx: Check for Wake-on-LAN modes
    - smsc95xx: Check for Wake-on-LAN modes
    - cfg80211: fix use-after-free in reg_process_hint()
    - KVM: nVMX: Do not expose MPX VMX controls when guest MPX disabled
    - KVM: x86: Do not use kvm_x86_ops->mpx_supported() directly
    - KVM: nVMX: Fix emulation of VM_ENTRY_LOAD_BNDCFGS
    - perf/core: Fix perf_pmu_unregister() locking
    - perf/x86/intel/uncore: Use boot_cpu_data.phys_proc_id instead of hardcorded
      physical package ID 0
    - perf/ring_buffer: Prevent concurent ring buffer access
    - perf/x86/intel/uncore: Fix PCI BDF address of M3UPI on SKX
    - perf/x86/amd/uncore: Set ThreadMask and SliceMask for L3 Cache perf events
    - thunderbolt: Do not handle ICM events after domain is stopped
    - thunderbolt: Initialize after IOMMUs
    - net: fec: fix rare tx timeout
    - declance: Fix continuation with the adapter identification message
    - RISCV: Fix end PFN for low memory
    - Revert "serial: 8250_dw: Fix runtime PM handling"
    - locking/ww_mutex: Fix runtime warning in the WW mutex selftest
    - drm/amd/display: Signal hw_done() after waiting for flip_done()
    - be2net: don't flip hw_features when VXLANs are added/deleted
    - powerpc/numa: Skip onlining a offline node in kdump path
    - net: cxgb3_main: fix a missing-check bug
    - yam: fix a missing-check bug
    - ocfs2: fix crash in ocfs2_duplicate_clusters_by_page()
    - mm/gup_benchmark: fix unsigned comparison to zero in __gup_benchmark_ioctl
    - mm/migrate.c: split only transparent huge pages when allocation fails
    - x86/paravirt: Fix some warning messages
    - clk: mvebu: armada-37xx-periph: Remove unused var num_parents
    - libertas: call into generic suspend code before turning off power
    - perf report: Don't try to map ip to invalid map
    - tls: Fix improper revert in zerocopy_from_iter
    - HID: i2c-hid: Remove RESEND_REPORT_DESCR quirk and its handling
    - compiler.h: Allow arch-specific asm/compiler.h
    - ARM: dts: imx53-qsb: disable 1.2GHz OPP
    - perf python: Use -Wno-redundant-decls to build with PYTHON=python3
    - perf record: Use unmapped IP for inline callchain cursors
    - rxrpc: Don't check RXRPC_CALL_TX_LAST after calling rxrpc_rotate_tx_window()
    - rxrpc: Carry call state out of locked section in rxrpc_rotate_tx_window()
    - rxrpc: Only take the rwind and mtu values from latest ACK
    - rxrpc: Fix connection-level abort handling
    - KVM: x86: support CONFIG_KVM_AMD=y with CONFIG_CRYPTO_DEV_CCP_DD=m
    - net: ena: fix warning in rmmod caused by double iounmap
    - net: ena: fix rare bug when failed restart/resume is followed by driver
      removal
    - net: ena: fix NULL dereference due to untimely napi initialization
    - gpio: Assign gpio_irq_chip::parents to non-stack pointer
    - IB/mlx5: Unmap DMA addr from HCA before IOMMU
    - rds: RDS (tcp) hangs on sendto() to unresponding address
    - selftests: rtnetlink.sh explicitly requires bash.
    - selftests: udpgso_bench.sh explicitly requires bash
    - vmlinux.lds.h: Fix incomplete .text.exit discards
    - vmlinux.lds.h: Fix linker warnings about orphan .LPBX sections
    - afs: Fix cell proc list
    - fs/fat/fatent.c: add cond_resched() to fat_count_free_clusters()
    - Revert "mm: slowly shrink slabs with a relatively small number of objects"
    - Revert "netfilter: ipv6: nf_defrag: drop skb dst before queueing"
    - perf tools: Disable parallelism for 'make clean'
    - bridge: do not add port to router list when receives query with source
      0.0.0.0
    - ipv6: mcast: fix a use-after-free in inet6_mc_check
    - ipv6/ndisc: Preserve IPv6 control buffer if protocol error handlers are
      called
    - ipv6: rate-limit probes for neighbourless routes
    - llc: set SOCK_RCU_FREE in llc_sap_add_socket()
    - net: fec: don't dump RX FIFO register when not available
    - net/ipv6: Fix index counter for unicast addresses in in6_dump_addrs
    - net/mlx5e: fix csum adjustments caused by RXFCS
    - net: sched: gred: pass the right attribute to gred_change_table_def()
    - net: socket: fix a missing-check bug
    - net: stmmac: Fix stmmac_mdio_reset() when building stmmac as modules
    - net: udp: fix handling of CHECKSUM_COMPLETE packets
    - r8169: fix NAPI handling under high load
    - rtnetlink: Disallow FDB configuration for non-Ethernet device
    - sctp: fix race on sctp_id2asoc
    - tipc: fix unsafe rcu locking when accessing publication list
    - udp6: fix encap return code for resubmitting
    - vhost: Fix Spectre V1 vulnerability
    - virtio_net: avoid using netif_tx_disable() for serializing tx routine
    - ethtool: fix a privilege escalation bug
    - bonding: fix length of actor system
    - ip6_tunnel: Fix encapsulation layout
    - openvswitch: Fix push/pop ethernet validation
    - net: ipmr: fix unresolved entry dumps
    - net/mlx5: Take only bit 24-26 of wqe.pftype_wq for page fault type
    - net: bcmgenet: Poll internal PHY for GENETv5
    - net: sched: Fix for duplicate class dump
    - net/sched: cls_api: add missing validation of netlink attributes
    - net/ipv6: Allow onlink routes to have a device mismatch if it is the default
      route
    - sctp: fix the data size calculation in sctp_data_size
    - sctp: not free the new asoc when sctp_wait_for_connect returns err
    - net/mlx5: Fix memory leak when setting fpga ipsec caps
    - net/smc: fix smc_buf_unuse to use the lgr pointer
    - mlxsw: spectrum_switchdev: Don't ignore deletions of learned MACs
    - net: bpfilter: use get_pid_task instead of pid_task
    - net: drop skb on failure in ip_check_defrag()
    - net: fix pskb_trim_rcsum_slow() with odd trim offset
    - mlxsw: core: Fix devlink unregister flow
    - sparc64: Export __node_distance.
    - sparc64: Make corrupted user stacks more debuggable.
    - sparc64: Make proc_id signed.
    - sparc64: Set %l4 properly on trap return after handling signals.
    - sparc64: Wire up compat getpeername and getsockname.
    - sparc: Fix single-pcr perf event counter management.
    - sparc: Fix syscall fallback bugs in VDSO.
    - sparc: Throttle perf events properly.
    - net: bridge: remove ipv6 zero address check in mcast queries
    - Linux 4.18.17
  * Cosmic update: 4.18.16 upstream stable release (LP: #1802100)
    - soundwire: Fix duplicate stream state assignment
    - soundwire: Fix incorrect exit after configuring stream
    - soundwire: Fix acquiring bus lock twice during master release
    - media: af9035: prevent buffer overflow on write
    - spi: gpio: Fix copy-and-paste error
    - batman-adv: Avoid probe ELP information leak
    - batman-adv: Fix segfault when writing to throughput_override
    - batman-adv: Fix segfault when writing to sysfs elp_interval
    - batman-adv: Prevent duplicated gateway_node entry
    - batman-adv: Prevent duplicated nc_node entry
    - batman-adv: Prevent duplicated softif_vlan entry
    - batman-adv: Prevent duplicated global TT entry
    - batman-adv: Prevent duplicated tvlv handler
    - batman-adv: fix backbone_gw refcount on queue_work() failure
    - batman-adv: fix hardif_neigh refcount on queue_work() failure
    - cxgb4: fix abort_req_rss6 struct
    - clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-
      am43 SoCs
    - scsi: ibmvscsis: Fix a stringop-overflow warning
    - scsi: ibmvscsis: Ensure partition name is properly NUL terminated
    - intel_th: pci: Add Ice Lake PCH support
    - Input: atakbd - fix Atari keymap
    - Input: atakbd - fix Atari CapsLock behaviour
    - selftests: pmtu: properly redirect stderr to /dev/null
    - net: emac: fix fixed-link setup for the RTL8363SB switch
    - ravb: do not write 1 to reserved bits
    - net/smc: fix non-blocking connect problem
    - net/smc: fix sizeof to int comparison
    - qed: Fix populating the invalid stag value in multi function mode.
    - qed: Do not add VLAN 0 tag to untagged frames in multi-function mode.
    - PCI: dwc: Fix scheduling while atomic issues
    - RDMA/uverbs: Fix validity check for modify QP
    - scsi: lpfc: Synchronize access to remoteport via rport
    - drm: mali-dp: Call drm_crtc_vblank_reset on device init
    - scsi: ipr: System hung while dlpar adding primary ipr adapter back
    - scsi: sd: don't crash the host on invalid commands
    - bpf: sockmap only allow ESTABLISHED sock state
    - bpf: sockmap, fix transition through disconnect without close
    - bpf: test_maps, only support ESTABLISHED socks
    - net/mlx4: Use cpumask_available for eq->affinity_mask
    - clocksource/drivers/fttmr010: Fix set_next_event handler
    - RDMA/bnxt_re: Fix system crash during RDMA resource initialization
    - RISC-V: include linux/ftrace.h in asm-prototypes.h
    - iommu/rockchip: Free irqs in shutdown handler
    - pinctrl/amd: poll InterruptEnable bits in amd_gpio_irq_set_type
    - powerpc/tm: Fix userspace r13 corruption
    - powerpc/tm: Avoid possible userspace r1 corruption on reclaim
    - powerpc/numa: Use associativity if VPHN hcall is successful
    - iommu/amd: Return devid as alias for ACPI HID devices
    - x86/boot: Fix kexec booting failure in the SEV bit detection code
    - Revert "vfs: fix freeze protection in mnt_want_write_file() for overlayfs"
    - mremap: properly flush TLB before releasing the page
    - ARC: build: Get rid of toolchain check
    - ARC: build: Don't set CROSS_COMPILE in arch's Makefile
    - Linux 4.18.16
  * Cosmic update: 4.18.15 upstream stable release (LP: #1802082)
    - bnxt_en: Fix TX timeout during netpoll.
    - bnxt_en: free hwrm resources, if driver probe fails.
    - bonding: avoid possible dead-lock
    - ip6_tunnel: be careful when accessing the inner header
    - ip_tunnel: be careful when accessing the inner header
    - ipv4: fix use-after-free in ip_cmsg_recv_dstaddr()
    - ipv6: take rcu lock in rawv6_send_hdrinc()
    - net: dsa: bcm_sf2: Call setup during switch resume
    - net: hns: fix for unmapping problem when SMMU is on
    - net: ipv4: update fnhe_pmtu when first hop's MTU changes
    - net/ipv6: Display all addresses in output of /proc/net/if_inet6
    - netlabel: check for IPV4MASK in addrinfo_get
    - net: mvpp2: Extract the correct ethtype from the skb for tx csum offload
    - net: mvpp2: fix a txq_done race condition
    - net: sched: Add policy validation for tc attributes
    - net: sched: cls_u32: fix hnode refcounting
    - net: systemport: Fix wake-up interrupt race during resume
    - net/usb: cancel pending work when unbinding smsc75xx
    - qlcnic: fix Tx descriptor corruption on 82xx devices
    - qmi_wwan: Added support for Gemalto's Cinterion ALASxx WWAN interface
    - rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096
    - sctp: update dst pmtu with the correct daddr
    - team: Forbid enslaving team device to itself
    - tipc: fix flow control accounting for implicit connect
    - udp: Unbreak modules that rely on external __skb_recv_udp() availability
    - net: qualcomm: rmnet: Skip processing loopback packets
    - net: qualcomm: rmnet: Fix incorrect allocation flag in transmit
    - net: qualcomm: rmnet: Fix incorrect allocation flag in receive path
    - tun: remove unused parameters
    - tun: initialize napi_mutex unconditionally
    - tun: napi flags belong to tfile
    - net: stmmac: Fixup the tail addr setting in xmit path
    - net/packet: fix packet drop as of virtio gso
    - net: dsa: bcm_sf2: Fix unbind ordering
    - net/mlx5e: Set vlan masks for all offloaded TC rules
    - net: aquantia: memory corruption on jumbo frames
    - net/mlx5: E-Switch, Fix out of bound access when setting vport rate
    - bonding: pass link-local packets to bonding master also.
    - bonding: fix warning message
    - net: stmmac: Rework coalesce timer and fix multi-queue races
    - nfp: avoid soft lockups under control message storm
    - bnxt_en: don't try to offload VLAN 'modify' action
    - net-ethtool: ETHTOOL_GUFO did not and should not require CAP_NET_ADMIN
    - net: phy: phylink: fix SFP interface autodetection
    - sfp: fix oops with ethtool -m
    - tcp/dccp: fix lockdep issue when SYN is backlogged
    - inet: make sure to grab rcu_read_lock before using ireq->ireq_opt
    - net: dsa: b53: Keep CPU port as tagged in all VLANs
    - rtnetlink: Fail dump if target netnsid is invalid
    - bnxt_en: Fix VNIC reservations on the PF.
    - net: ipv4: don't let PMTU updates increase route MTU
    - net/mlx5: Check for SQ and not RQ state when modifying hairpin SQ
    - bnxt_en: Fix enables field in HWRM_QUEUE_COS2BW_CFG request
    - bnxt_en: get the reduced max_irqs by the ones used by RDMA
    - net/ipv6: Remove extra call to ip6_convert_metrics for multipath case
    - net/ipv6: stop leaking percpu memory in fib6 info
    - net: mscc: fix the frame extraction into the skb
    - qed: Fix shmem structure inconsistency between driver and the mfw.
    - r8169: fix network stalls due to missing bit TXCFG_AUTO_FIFO
    - r8169: set RX_MULTI_EN bit in RxConfig for 8168F-family chips
    - vxlan: fill ttl inherit info
    - ASoC: dapm: Fix NULL pointer deference on CODEC to CODEC DAIs
    - ASoC: max98373: Added speaker FS gain cotnrol register to volatile.
    - ASoC: rt5514: Fix the issue of the delay volume applied again
    - selftests: android: move config up a level
    - selftests: kselftest: Remove outdated comment
    - ASoC: max98373: Added 10ms sleep after amp software reset
    - ASoC: wm8804: Add ACPI support
    - ASoC: sigmadsp: safeload should not have lower byte limit
    - ASoC: q6routing: initialize data correctly
    - selftests: add headers_install to lib.mk
    - selftests/efivarfs: add required kernel configs
    - selftests: memory-hotplug: add required configs
    - ASoC: rsnd: adg: care clock-frequency size
    - ASoC: rsnd: don't fallback to PIO mode when -EPROBE_DEFER
    - hwmon: (nct6775) Fix access to fan pulse registers
    - Fix cg_read_strcmp()
    - ASoC: AMD: Ensure reset bit is cleared before configuring
    - drm/pl111: Make sure of_device_id tables are NULL terminated
    - Bluetooth: SMP: Fix trying to use non-existent local OOB data
    - Bluetooth: Use correct tfm to generate OOB data
    - Bluetooth: hci_ldisc: Free rw_semaphore on close
    - mfd: omap-usb-host: Fix dts probe of children
    - KVM: PPC: Book3S HV: Don't use compound_order to determine host mapping size
    - scsi: iscsi: target: Don't use stack buffer for scatterlist
    - scsi: qla2xxx: Fix an endian bug in fcpcmd_is_corrupted()
    - sound: enable interrupt after dma buffer initialization
    - sound: don't call skl_init_chip() to reset intel skl soc
    - bpf: btf: Fix end boundary calculation for type section
    - bpf: use __GFP_COMP while allocating page
    - hwmon: (nct6775) Fix virtual temperature sources for NCT6796D
    - hwmon: (nct6775) Fix RPM output for fan7 on NCT6796D
    - stmmac: fix valid numbers of unicast filter entries
    - hwmon: (nct6775) Use different register to get fan RPM for fan7
    - net: ethernet: ti: add missing GENERIC_ALLOCATOR dependency
    - net: macb: disable scatter-gather for macb on sama5d3
    - ARM: dts: at91: add new compatibility string for macb on sama5d3
    - PCI: hv: support reporting serial number as slot information
    - clk: x86: add "ether_clk" alias for Bay Trail / Cherry Trail
    - clk: x86: Stop marking clocks as CLK_IS_CRITICAL
    - pinctrl: cannonlake: Fix gpio base for GPP-E
    - x86/kvm/lapic: always disable MMIO interface in x2APIC mode
    - drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7
    - drm/amdkfd: Change the control stack MTYPE from UC to NC on GFX9
    - drm/amdkfd: Fix ATS capablity was not reported correctly on some APUs
    - mm: slowly shrink slabs with a relatively small number of objects
    - mm/vmstat.c: fix outdated vmstat_text
    - afs: Fix afs_server struct leak
    - afs: Fix clearance of reply
    - MIPS: Fix CONFIG_CMDLINE handling
    - MIPS: VDSO: Always map near top of user memory
    - mach64: detect the dot clock divider correctly on sparc
    - vsprintf: Fix off-by-one bug in bstr_printf() processing dereferenced
      pointers
    - percpu: stop leaking bitmap metadata blocks
    - perf script python: Fix export-to-postgresql.py occasional failure
    - perf script python: Fix export-to-sqlite.py sample columns
    - s390/cio: Fix how vfio-ccw checks pinned pages
    - dm cache: destroy migration_cache if cache target registration failed
    - dm: fix report zone remapping to account for partition offset
    - dm linear: eliminate linear_end_io call if CONFIG_DM_ZONED disabled
    - dm linear: fix linear_end_io conditional definition
    - cgroup: Fix dom_cgrp propagation when enabling threaded mode
    - Input: xpad - add support for Xbox1 PDP Camo series gamepad
    - drm/nouveau/drm/nouveau: Grab runtime PM ref in nv50_mstc_detect()
    - mmc: block: avoid multiblock reads for the last sector in SPI mode
    - pinctrl: mcp23s08: fix irq and irqchip setup order
    - arm64: perf: Reject stand-alone CHAIN events for PMUv3
    - mm/mmap.c: don't clobber partially overlapping VMA with MAP_FIXED_NOREPLACE
    - mm/thp: fix call to mmu_notifier in set_pmd_migration_entry() v2
    - filesystem-dax: Fix dax_layout_busy_page() livelock
    - mm: Preserve _PAGE_DEVMAP across mprotect() calls
    - i2c: i2c-scmi: fix for i2c_smbus_write_block_data
    - KVM: PPC: Book3S HV: Avoid crash from THP collapse during radix page fault
    - Linux 4.18.15
  * Cosmic update: 4.18.14 upstream stable release (LP: #1801986)
    - perf/core: Add sanity check to deal with pinned event failure
    - mm: migration: fix migration of huge PMD shared pages
    - mm, thp: fix mlocking THP page with migration enabled
    - mm/vmstat.c: skip NR_TLB_REMOTE_FLUSH* properly
    - KVM: VMX: check for existence of secondary exec controls before accessing
    - blk-mq: I/O and timer unplugs are inverted in blktrace
    - pstore/ram: Fix failure-path memory leak in ramoops_init
    - clocksource/drivers/timer-atmel-pit: Properly handle error cases
    - fbdev/omapfb: fix omapfb_memory_read infoleak
    - mmc: core: Fix debounce time to use microseconds
    - mmc: slot-gpio: Fix debounce time to use miliseconds again
    - mac80211: allocate TXQs for active monitor interfaces
    - drm/amdgpu: Fix vce work queue was not cancelled when suspend
    - drm: fix use-after-free read in drm_mode_create_lease_ioctl()
    - x86/vdso: Fix asm constraints on vDSO syscall fallbacks
    - selftests/x86: Add clock_gettime() tests to test_vdso
    - x86/vdso: Only enable vDSO retpolines when enabled and supported
    - x86/vdso: Fix vDSO syscall fallback asm constraint regression
    - Revert "UBUNTU: SAUCE: PCI: Reprogram bridge prefetch registers on resume"
    - PCI: Reprogram bridge prefetch registers on resume
    - mac80211: fix setting IEEE80211_KEY_FLAG_RX_MGMT for AP mode keys
    - PM / core: Clear the direct_complete flag on errors
    - dm mpath: fix attached_handler_name leak and dangling hw_handler_name
      pointer
    - dm cache metadata: ignore hints array being too small during resize
    - dm cache: fix resize crash if user doesn't reload cache table
    - xhci: Add missing CAS workaround for Intel Sunrise Point xHCI
    - usb: xhci-mtk: resume USB3 roothub first
    - USB: serial: simple: add Motorola Tetra MTP6550 id
    - USB: serial: option: improve Quectel EP06 detection
    - USB: serial: option: add two-endpoints device-id flag
    - usb: cdc_acm: Do not leak URB buffers
    - tty: Drop tty->count on tty_reopen() failure
    - of: unittest: Disable interrupt node tests for old world MAC systems
    - powerpc: Avoid code patching freed init sections
    - powerpc/lib: fix book3s/32 boot failure due to code patching
    - ARC: clone syscall to setp r25 as thread pointer
    - f2fs: fix invalid memory access
    - tipc: call start and done ops directly in __tipc_nl_compat_dumpit()
    - ucma: fix a use-after-free in ucma_resolve_ip()
    - ubifs: Check for name being NULL while mounting
    - rds: rds_ib_recv_alloc_cache() should call alloc_percpu_gfp() instead
    - ath10k: fix scan crash due to incorrect length calculation
    - Linux 4.18.14
  * Cosmic update: 4.18.13 upstream stable release (LP: #1801931)
    - rseq/selftests: fix parametrized test with -fpie
    - mac80211: Run TXQ teardown code before de-registering interfaces
    - mac80211_hwsim: require at least one channel
    - Btrfs: fix unexpected failure of nocow buffered writes after snapshotting
      when low on space
    - KVM: PPC: Book3S HV: Don't truncate HPTE index in xlate function
    - cfg80211: remove division by size of sizeof(struct ieee80211_wmm_rule)
    - btrfs: btrfs_shrink_device should call commit transaction at the end
    - scsi: csiostor: add a check for NULL pointer after kmalloc()
    - scsi: csiostor: fix incorrect port capabilities
    - scsi: libata: Add missing newline at end of file
    - scsi: aacraid: fix a signedness bug
    - bpf, sockmap: fix potential use after free in bpf_tcp_close
    - bpf, sockmap: fix psock refcount leak in bpf_tcp_recvmsg
    - bpf: sockmap, decrement copied count correctly in redirect error case
    - mac80211: correct use of IEEE80211_VHT_CAP_RXSTBC_X
    - mac80211_hwsim: correct use of IEEE80211_VHT_CAP_RXSTBC_X
    - cfg80211: make wmm_rule part of the reg_rule structure
    - mac80211_hwsim: Fix possible Spectre-v1 for hwsim_world_regdom_custom
    - nl80211: Fix nla_put_u8 to u16 for NL80211_WMMR_TXOP
    - nl80211: Pass center frequency in kHz instead of MHz
    - bpf: fix several offset tests in bpf_msg_pull_data
    - gpio: adp5588: Fix sleep-in-atomic-context bug
    - mac80211: mesh: fix HWMP sequence numbering to follow standard
    - mac80211: avoid kernel panic when building AMSDU from non-linear SKB
    - gpiolib: acpi: Switch to cansleep version of GPIO library call
    - gpiolib-acpi: Register GpioInt ACPI event handlers from a late_initcall
    - gpio: dwapb: Fix error handling in dwapb_gpio_probe()
    - bpf: fix msg->data/data_end after sg shift repair in bpf_msg_pull_data
    - bpf: fix shift upon scatterlist ring wrap-around in bpf_msg_pull_data
    - bpf: fix sg shift repair start offset in bpf_msg_pull_data
    - tipc: switch to rhashtable iterator
    - sh_eth: Add R7S9210 support
    - net: mvpp2: initialize port of_node pointer
    - tc-testing: add test-cases for numeric and invalid control action
    - cfg80211: nl80211_update_ft_ies() to validate NL80211_ATTR_IE
    - mac80211: do not convert to A-MSDU if frag/subframe limited
    - mac80211: always account for A-MSDU header changes
    - tools/kvm_stat: fix python3 issues
    - tools/kvm_stat: fix handling of invalid paths in debugfs provider
    - tools/kvm_stat: fix updates for dead guests
    - gpio: Fix crash due to registration race
    - ARC: atomics: unbork atomic_fetch_##op()
    - Revert "blk-throttle: fix race between blkcg_bio_issue_check() and
      cgroup_rmdir()"
    - md/raid5-cache: disable reshape completely
    - RAID10 BUG_ON in raise_barrier when force is true and conf->barrier is 0
    - selftests: pmtu: maximum MTU for vti4 is 2^16-1-20
    - selftests: pmtu: detect correct binary to ping ipv6 addresses
    - ibmvnic: Include missing return code checks in reset function
    - bpf: Fix bpf_msg_pull_data()
    - bpf: avoid misuse of psock when TCP_ULP_BPF collides with another ULP
    - i2c: uniphier: issue STOP only for last message or I2C_M_STOP
    - i2c: uniphier-f: issue STOP only for last message or I2C_M_STOP
    - net: cadence: Fix a sleep-in-atomic-context bug in macb_halt_tx()
    - fs/cifs: don't translate SFM_SLASH (U+F026) to backslash
    - mac80211: fix an off-by-one issue in A-MSDU max_subframe computation
    - cfg80211: fix a type issue in ieee80211_chandef_to_operating_class()
    - mac80211: fix WMM TXOP calculation
    - mac80211: fix a race between restart and CSA flows
    - mac80211: Fix station bandwidth setting after channel switch
    - mac80211: don't Tx a deauth frame if the AP forbade Tx
    - mac80211: shorten the IBSS debug messages
    - fsnotify: fix ignore mask logic in fsnotify()
    - net/ibm/emac: wrong emac_calc_base call was used by typo
    - nds32: fix logic for module
    - nds32: add NULL entry to the end of_device_id array
    - nds32: Fix empty call trace
    - nds32: Fix get_user/put_user macro expand pointer problem
    - nds32: fix build error because of wrong semicolon
    - tools/vm/slabinfo.c: fix sign-compare warning
    - tools/vm/page-types.c: fix "defined but not used" warning
    - nds32: linker script: GCOV kernel may refers data in __exit
    - ceph: avoid a use-after-free in ceph_destroy_options()
    - firmware: arm_scmi: fix divide by zero when sustained_perf_level is zero
    - afs: Fix cell specification to permit an empty address list
    - mm: madvise(MADV_DODUMP): allow hugetlbfs pages
    - bpf: 32-bit RSH verification must truncate input before the ALU op
    - netfilter: xt_cluster: add dependency on conntrack module
    - netfilter: xt_checksum: ignore gso skbs
    - HID: intel-ish-hid: Enable Sunrise Point-H ish driver
    - HID: add support for Apple Magic Keyboards
    - usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i]
    - HID: hid-saitek: Add device ID for RAT 7 Contagion
    - scsi: iscsi: target: Set conn->sess to NULL when iscsi_login_set_conn_values
      fails
    - scsi: iscsi: target: Fix conn_ops double free
    - scsi: qedi: Add the CRC size within iSCSI NVM image
    - perf annotate: Properly interpret indirect call
    - perf evsel: Fix potential null pointer dereference in perf_evsel__new_idx()
    - perf util: Fix bad memory access in trace info.
    - perf probe powerpc: Ignore SyS symbols irrespective of endianness
    - perf annotate: Fix parsing aarch64 branch instructions after objdump update
    - netfilter: kconfig: nat related expression depend on nftables core
    - netfilter: nf_tables: release chain in flushing set
    - Revert "iio: temperature: maxim_thermocouple: add MAX31856 part"
    - iio: imu: st_lsm6dsx: take into account ts samples in wm configuration
    - RDMA/ucma: check fd type in ucma_migrate_id()
    - riscv: Do not overwrite initrd_start and initrd_end
    - HID: sensor-hub: Restore fixup for Lenovo ThinkPad Helix 2 sensor hub report
    - usb: host: xhci-plat: Iterate over parent nodes for finding quirks
    - USB: yurex: Check for truncation in yurex_read()
    - nvmet-rdma: fix possible bogus dereference under heavy load
    - bnxt_re: Fix couple of memory leaks that could lead to IOMMU call traces
    - net/mlx5: Consider PCI domain in search for next dev
    - dm raid: fix reshape race on small devices
    - drm/nouveau: fix oops in client init failure path
    - drm/nouveau/mmu: don't attempt to dereference vmm without valid instance
      pointer
    - drm/nouveau/TBDdevinit: don't fail when PMU/PRE_OS is missing from VBIOS
    - drm/nouveau/disp: fix DP disable race
    - drm/nouveau/disp/gm200-: enforce identity-mapped SOR assignment for LVDS/eDP
      panels
    - dm raid: fix stripe adding reshape deadlock
    - dm raid: fix rebuild of specific devices by updating superblock
    - dm raid: fix RAID leg rebuild errors
    - r8169: set TxConfig register after TX / RX is enabled, just like RxConfig
    - fs/cifs: suppress a string overflow warning
    - perf/x86/intel: Add support/quirk for the MISPREDICT bit on Knights Landing
      CPUs
    - sched/topology: Set correct NUMA topology type
    - dm thin metadata: try to avoid ever aborting transactions
    - netfilter: nfnetlink_queue: Solve the NFQUEUE/conntrack clash for NF_REPEAT
    - netfilter: xt_hashlimit: use s->file instead of s->private
    - arch/hexagon: fix kernel/dma.c build warning
    - hexagon: modify ffs() and fls() to return int
    - drm/amdgpu: Fix SDMA hang in prt mode v2
    - arm64: jump_label.h: use asm_volatile_goto macro instead of "asm goto"
    - drm/amdgpu: fix error handling in amdgpu_cs_user_fence_chunk
    - r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED
    - s390/qeth: don't dump past end of unknown HW header
    - cifs: read overflow in is_valid_oplock_break()
    - asm-generic: io: Fix ioport_map() for !CONFIG_GENERIC_IOMAP &&
      CONFIG_INDIRECT_PIO
    - xen/manage: don't complain about an empty value in control/sysrq node
    - xen: avoid crash in disable_hotplug_cpu
    - xen: fix GCC warning and remove duplicate EVTCHN_ROW/EVTCHN_COL usage
    - x86/APM: Fix build warning when PROC_FS is not enabled
    - new primitive: discard_new_inode()
    - vfs: don't evict uninitialized inode
    - ovl: set I_CREATING on inode being created
    - ovl: fix access beyond unterminated strings
    - ovl: fix memory leak on unlink of indexed file
    - ovl: fix format of setxattr debug
    - sysfs: Do not return POSIX ACL xattrs via listxattr
    - b43: fix DMA error related regression with proprietary firmware
    - firmware: Fix security issue with request_firmware_into_buf()
    - firmware: Always initialize the fw_priv list object
    - cpufreq: qcom-kryo: Fix section annotations
    - smb2: fix missing files in root share directory listing
    - iommu/amd: Clear memory encryption mask from physical address
    - crypto: qat - Fix KASAN stack-out-of-bounds bug in adf_probe()
    - crypto: chelsio - Fix memory corruption in DMA Mapped buffers.
    - crypto: mxs-dcp - Fix wait logic on chan threads
    - crypto: caam/jr - fix ablkcipher_edesc pointer arithmetic
    - gpiolib: Free the last requested descriptor
    - Drivers: hv: vmbus: Use get/put_cpu() in vmbus_connect()
    - tools: hv: fcopy: set 'error' in case an unknown operation was requested
    - proc: restrict kernel stack dumps to root
    - ocfs2: fix locking for res->tracking and dlm->tracking_list
    - HID: i2c-hid: disable runtime PM operations on hantick touchpad
    - ixgbe: check return value of napi_complete_done()
    - dm thin metadata: fix __udivdi3 undefined on 32-bit
    - Revert "drm/amd/pp: Send khz clock values to DC for smu7/8"
    - Linux 4.18.13
  * Volume control not working Dell XPS 27 (7760) (LP: #1775068) // Cosmic
    update: 4.18.13 upstream stable release (LP: #1801931)
    - ALSA: hda/realtek - Cannot adjust speaker's volume on Dell XPS 27 7760
  * [Bionic][Cosmic]  ipmi: Fix timer race with module unload (LP: #1799281)
    - ipmi: Fix timer race with module unload
  * [Bionic][Cosmic] Fix to ipmi to support vendor specific messages greater
    than 255 bytes (LP: #1799794)
    - ipmi:ssif: Add support for multi-part transmit messages > 2 parts
  * 18.10 kernel does not appear to validate kernel module signatures correctly
    (LP: #1798863) // CVE-2018-18653
    - SAUCE: (efi-lockdown) module: remove support for deferring module signature
      verification to IMA
  * 18.10 kernel does not appear to validate kernel module signatures correctly
    (LP: #1798863)
    - SAUCE: (efi-lockdown) module: trust keys from secondary keyring for module
      signing
  * [Ubuntu] net/af_iucv: fix skb leaks for HiperTransport (LP: #1800639)
    - net/af_iucv: drop inbound packets with invalid flags
    - net/af_iucv: fix skb handling on HiperTransport xmit error
  * Power consumption during s2idle is higher than long idle(sk hynix)
    (LP: #1801875)
    - SAUCE: pci: prevent sk hynix nvme from entering D3
    - SAUCE: nvme: add quirk to not call disable function when suspending
  * NULL pointer dereference at 0000000000000020 when access
    dst_orig->ops->family in function  xfrm_lookup_with_ifid() (LP: #1801878)
    - xfrm: Fix NULL pointer dereference when skb_dst_force clears the dst_entry.
  * hns3: map tx ring to tc (LP: #1802023)
    - net: hns3: Set tx ring' tc info when netdev is up
  * [Ubuntu] qeth: Fix potential array overrun in cmd/rc lookup (LP: #1800641)
    - s390: qeth_core_mpc: Use ARRAY_SIZE instead of reimplementing its function
    - s390: qeth: Fix potential array overrun in cmd/rc lookup
  * Mellanox CX5 stops pinging with rx_wqe_err (mlx5_core) (LP: #1799393)
    - net/mlx5: WQ, fixes for fragmented WQ buffers API
  * Vulkan applications cause permanent memory leak with Intel GPU
    (LP: #1798165)
    - drm/syncobj: Don't leak fences when WAIT_FOR_SUBMIT is set
  * Packaging resync (LP: #1786013)
    - [Package] add support for specifying the primary makefile

Date: Wed, 14 Nov 2018 22:31:51 -0500
Changed-By: Khalid Elmously <khalid.elmously at canonical.com>
Maintainer: Launchpad Build Daemon <buildd at lcy01-amd64-024.buildd>

-------------- next part --------------
Format: 1.8
Date: Wed, 14 Nov 2018 22:31:51 -0500
Source: linux-gcp
Binary: linux-gcp-headers-4.18.0-1004 linux-gcp-tools-4.18.0-1004 linux-image-unsigned-4.18.0-1004-gcp linux-modules-4.18.0-1004-gcp linux-modules-extra-4.18.0-1004-gcp linux-headers-4.18.0-1004-gcp linux-image-unsigned-4.18.0-1004-gcp-dbgsym linux-tools-4.18.0-1004-gcp
Architecture: amd64 amd64_translations
Version: 4.18.0-1004.5
Distribution: cosmic
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd at lcy01-amd64-024.buildd>
Changed-By: Khalid Elmously <khalid.elmously at canonical.com>
Description:
 linux-gcp-headers-4.18.0-1004 - Header files related to Linux kernel version 4.18.0
 linux-gcp-tools-4.18.0-1004 - Linux kernel version specific tools for version 4.18.0-1004
 linux-headers-4.18.0-1004-gcp - Linux kernel headers for version 4.18.0 on 64 bit x86 SMP
 linux-image-unsigned-4.18.0-1004-gcp - Linux kernel image for version 4.18.0 on 64 bit x86 SMP
 linux-image-unsigned-4.18.0-1004-gcp-dbgsym - Linux kernel debug image for version 4.18.0 on 64 bit x86 SMP
 linux-modules-4.18.0-1004-gcp - Linux kernel extra modules for version 4.18.0 on 64 bit x86 SMP
 linux-modules-extra-4.18.0-1004-gcp - Linux kernel extra modules for version 4.18.0 on 64 bit x86 SMP
 linux-tools-4.18.0-1004-gcp - Linux kernel version specific tools for version 4.18.0-1004
Launchpad-Bugs-Fixed: 1775068 1786013 1786139 1787405 1789161 1793458 1797367 1797990 1798165 1798182 1798208 1798552 1798863 1799281 1799393 1799794 1800639 1800641 1800664 1801875 1801878 1801924 1801931 1801986 1802023 1802082 1802100 1802119 1802341 1802743 1802750
Changes:
 linux-gcp (4.18.0-1004.5) cosmic; urgency=medium
 .
   * linux-gcp: 4.18.0-1004.5 -proposed tracker (LP: #1802750)
 .
   [ Ubuntu: 4.18.0-12.13 ]
 .
   * linux: 4.18.0-12.13 -proposed tracker (LP: #1802743)
   * [FEAT] Guest-dedicated Crypto Adapters (LP: #1787405)
     - s390/zcrypt: Add ZAPQ inline function.
     - s390/zcrypt: Review inline assembler constraints.
     - s390/zcrypt: Integrate ap_asm.h into include/asm/ap.h.
     - s390/zcrypt: fix ap_instructions_available() returncodes
     - KVM: s390: vsie: simulate VCPU SIE entry/exit
     - KVM: s390: introduce and use KVM_REQ_VSIE_RESTART
     - KVM: s390: refactor crypto initialization
     - s390: vfio-ap: base implementation of VFIO AP device driver
     - s390: vfio-ap: register matrix device with VFIO mdev framework
     - s390: vfio-ap: sysfs interfaces to configure adapters
     - s390: vfio-ap: sysfs interfaces to configure domains
     - s390: vfio-ap: sysfs interfaces to configure control domains
     - s390: vfio-ap: sysfs interface to view matrix mdev matrix
     - KVM: s390: interface to clear CRYCB masks
     - s390: vfio-ap: implement mediated device open callback
     - s390: vfio-ap: implement VFIO_DEVICE_GET_INFO ioctl
     - s390: vfio-ap: zeroize the AP queues
     - s390: vfio-ap: implement VFIO_DEVICE_RESET ioctl
     - KVM: s390: Clear Crypto Control Block when using vSIE
     - KVM: s390: vsie: Do the CRYCB validation first
     - KVM: s390: vsie: Make use of CRYCB FORMAT2 clear
     - KVM: s390: vsie: Allow CRYCB FORMAT-2
     - KVM: s390: vsie: allow CRYCB FORMAT-1
     - KVM: s390: vsie: allow CRYCB FORMAT-0
     - KVM: s390: vsie: allow guest FORMAT-0 CRYCB on host FORMAT-1
     - KVM: s390: vsie: allow guest FORMAT-1 CRYCB on host FORMAT-2
     - KVM: s390: vsie: allow guest FORMAT-0 CRYCB on host FORMAT-2
     - KVM: s390: device attrs to enable/disable AP interpretation
     - KVM: s390: CPU model support for AP virtualization
     - s390: doc: detailed specifications for AP virtualization
     - KVM: s390: fix locking for crypto setting error path
     - KVM: s390: Tracing APCB changes
     - s390: vfio-ap: setup APCB mask using KVM dedicated function
     - [Config:] Enable CONFIG_S390_AP_IOMMU and set CONFIG_VFIO_AP to module.
   * Bypass of mount visibility through userns + mount propagation (LP: #1789161)
     - mount: Retest MNT_LOCKED in do_umount
     - mount: Don't allow copying MNT_UNBINDABLE|MNT_LOCKED mounts
   *  CVE-2018-18955: nested user namespaces with more than five extents
     incorrectly grant privileges over inode (LP: #1801924) // CVE-2018-18955
     - userns: also map extents in the reverse map to kernel IDs
   * kdump fail due to an IRQ storm (LP: #1797990)
     - SAUCE: x86/PCI: Export find_cap() to be used in early PCI code
     - SAUCE: x86/quirks: Add parameter to clear MSIs early on boot
     - SAUCE: x86/quirks: Scan all busses for early PCI quirks
   * crash in ENA driver on removing an interface (LP: #1802341)
     - SAUCE: net: ena: fix crash during ena_remove()
   * Ubuntu 18.04.1 - [s390x] Kernel panic while stressing network bonding
     (LP: #1797367)
     - s390/qeth: reduce hard-coded access to ccw channels
     - s390/qeth: sanitize strings in debug messages
   * Add checksum offload and TSO support for HiNIC adapters (LP: #1800664)
     - net-next/hinic: add checksum offload and TSO support
   * smartpqi updates for ubuntu 18.04.2 (LP: #1798208)
     - scsi: smartpqi: improve handling for sync requests
     - scsi: smartpqi: improve error checking for sync requests
     - scsi: smartpqi: add inspur advantech ids
     - scsi: smartpqi: fix critical ARM issue reading PQI index registers
     - scsi: smartpqi: bump driver version to 1.1.4-130
   * [GLK/CLX] Enhanced IBRS (LP: #1786139)
     - x86/speculation: Remove SPECTRE_V2_IBRS in enum spectre_v2_mitigation
     - x86/speculation: Support Enhanced IBRS on future CPUs
   * Enable keyboard wakeup for S2Idle laptops (LP: #1798552)
     - Input: i8042 - enable keyboard wakeups by default when s2idle is used
   * Overlayfs in user namespace leaks directory content of inaccessible
     directories (LP: #1793458) // CVE-2018-6559
     - SAUCE: overlayfs: ensure mounter privileges when reading directories
   * Update ENA driver to version 2.0.1K (LP: #1798182)
     - net: ena: remove ndo_poll_controller
     - net: ena: fix auto casting to boolean
     - net: ena: minor performance improvement
     - net: ena: complete host info to match latest ENA spec
     - net: ena: introduce Low Latency Queues data structures according to ENA spec
     - net: ena: add functions for handling Low Latency Queues in ena_com
     - net: ena: add functions for handling Low Latency Queues in ena_netdev
     - net: ena: use CSUM_CHECKED device indication to report skb's checksum status
     - net: ena: explicit casting and initialization, and clearer error handling
     - net: ena: limit refill Rx threshold to 256 to avoid latency issues
     - net: ena: change rx copybreak default to reduce kernel memory pressure
     - net: ena: remove redundant parameter in ena_com_admin_init()
     - net: ena: update driver version to 2.0.1
     - net: ena: fix indentations in ena_defs for better readability
     - net: ena: Fix Kconfig dependency on X86
     - net: ena: enable Low Latency Queues
     - net: ena: fix compilation error in xtensa architecture
   * Cosmic update: 4.18.17 upstream stable release (LP: #1802119)
     - xfrm: Validate address prefix lengths in the xfrm selector.
     - xfrm6: call kfree_skb when skb is toobig
     - xfrm: reset transport header back to network header after all input
       transforms ahave been applied
     - xfrm: reset crypto_done when iterating over multiple input xfrms
     - mac80211: Always report TX status
     - cfg80211: reg: Init wiphy_idx in regulatory_hint_core()
     - mac80211: fix pending queue hang due to TX_DROP
     - cfg80211: Address some corner cases in scan result channel updating
     - mac80211: TDLS: fix skb queue/priority assignment
     - mac80211: fix TX status reporting for ieee80211s
     - ARM: 8799/1: mm: fix pci_ioremap_io() offset check
     - xfrm: validate template mode
     - drm/i2c: tda9950: fix timeout counter check
     - drm/i2c: tda9950: set MAX_RETRIES for errors only
     - netfilter: bridge: Don't sabotage nf_hook calls from an l3mdev
     - netfilter: conntrack: get rid of double sizeof
     - arm64: hugetlb: Fix handling of young ptes
     - ARM: dts: BCM63xx: Fix incorrect interrupt specifiers
     - net: macb: Clean 64b dma addresses if they are not detected
     - soc: fsl: qbman: qman: avoid allocating from non existing gen_pool
     - soc: fsl: qe: Fix copy/paste bug in ucc_get_tdm_sync_shift()
     - nl80211: Fix possible Spectre-v1 for NL80211_TXRATE_HT
     - mac80211_hwsim: fix locking when iterating radios during ns exit
     - mac80211_hwsim: fix race in radio destruction from netlink notifier
     - mac80211_hwsim: do not omit multicast announce of first added radio
     - Bluetooth: SMP: fix crash in unpairing
     - pxa168fb: prepare the clock
     - qed: Avoid implicit enum conversion in qed_set_tunn_cls_info
     - qed: Fix mask parameter in qed_vf_prep_tunn_req_tlv
     - qed: Avoid implicit enum conversion in qed_roce_mode_to_flavor
     - qed: Avoid constant logical operation warning in qed_vf_pf_acquire
     - qed: Avoid implicit enum conversion in qed_iwarp_parse_rx_pkt
     - nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds
     - scsi: qedi: Initialize the stats mutex lock
     - rxrpc: Fix checks as to whether we should set up a new call
     - rxrpc: Fix RTT gathering
     - rxrpc: Fix transport sockopts to get IPv4 errors on an IPv6 socket
     - rxrpc: Fix error distribution
     - netfilter: nft_set_rbtree: add missing rb_erase() in GC routine
     - netfilter: avoid erronous array bounds warning
     - asix: Check for supported Wake-on-LAN modes
     - ax88179_178a: Check for supported Wake-on-LAN modes
     - lan78xx: Check for supported Wake-on-LAN modes
     - sr9800: Check for supported Wake-on-LAN modes
     - r8152: Check for supported Wake-on-LAN Modes
     - smsc75xx: Check for Wake-on-LAN modes
     - smsc95xx: Check for Wake-on-LAN modes
     - cfg80211: fix use-after-free in reg_process_hint()
     - KVM: nVMX: Do not expose MPX VMX controls when guest MPX disabled
     - KVM: x86: Do not use kvm_x86_ops->mpx_supported() directly
     - KVM: nVMX: Fix emulation of VM_ENTRY_LOAD_BNDCFGS
     - perf/core: Fix perf_pmu_unregister() locking
     - perf/x86/intel/uncore: Use boot_cpu_data.phys_proc_id instead of hardcorded
       physical package ID 0
     - perf/ring_buffer: Prevent concurent ring buffer access
     - perf/x86/intel/uncore: Fix PCI BDF address of M3UPI on SKX
     - perf/x86/amd/uncore: Set ThreadMask and SliceMask for L3 Cache perf events
     - thunderbolt: Do not handle ICM events after domain is stopped
     - thunderbolt: Initialize after IOMMUs
     - net: fec: fix rare tx timeout
     - declance: Fix continuation with the adapter identification message
     - RISCV: Fix end PFN for low memory
     - Revert "serial: 8250_dw: Fix runtime PM handling"
     - locking/ww_mutex: Fix runtime warning in the WW mutex selftest
     - drm/amd/display: Signal hw_done() after waiting for flip_done()
     - be2net: don't flip hw_features when VXLANs are added/deleted
     - powerpc/numa: Skip onlining a offline node in kdump path
     - net: cxgb3_main: fix a missing-check bug
     - yam: fix a missing-check bug
     - ocfs2: fix crash in ocfs2_duplicate_clusters_by_page()
     - mm/gup_benchmark: fix unsigned comparison to zero in __gup_benchmark_ioctl
     - mm/migrate.c: split only transparent huge pages when allocation fails
     - x86/paravirt: Fix some warning messages
     - clk: mvebu: armada-37xx-periph: Remove unused var num_parents
     - libertas: call into generic suspend code before turning off power
     - perf report: Don't try to map ip to invalid map
     - tls: Fix improper revert in zerocopy_from_iter
     - HID: i2c-hid: Remove RESEND_REPORT_DESCR quirk and its handling
     - compiler.h: Allow arch-specific asm/compiler.h
     - ARM: dts: imx53-qsb: disable 1.2GHz OPP
     - perf python: Use -Wno-redundant-decls to build with PYTHON=python3
     - perf record: Use unmapped IP for inline callchain cursors
     - rxrpc: Don't check RXRPC_CALL_TX_LAST after calling rxrpc_rotate_tx_window()
     - rxrpc: Carry call state out of locked section in rxrpc_rotate_tx_window()
     - rxrpc: Only take the rwind and mtu values from latest ACK
     - rxrpc: Fix connection-level abort handling
     - KVM: x86: support CONFIG_KVM_AMD=y with CONFIG_CRYPTO_DEV_CCP_DD=m
     - net: ena: fix warning in rmmod caused by double iounmap
     - net: ena: fix rare bug when failed restart/resume is followed by driver
       removal
     - net: ena: fix NULL dereference due to untimely napi initialization
     - gpio: Assign gpio_irq_chip::parents to non-stack pointer
     - IB/mlx5: Unmap DMA addr from HCA before IOMMU
     - rds: RDS (tcp) hangs on sendto() to unresponding address
     - selftests: rtnetlink.sh explicitly requires bash.
     - selftests: udpgso_bench.sh explicitly requires bash
     - vmlinux.lds.h: Fix incomplete .text.exit discards
     - vmlinux.lds.h: Fix linker warnings about orphan .LPBX sections
     - afs: Fix cell proc list
     - fs/fat/fatent.c: add cond_resched() to fat_count_free_clusters()
     - Revert "mm: slowly shrink slabs with a relatively small number of objects"
     - Revert "netfilter: ipv6: nf_defrag: drop skb dst before queueing"
     - perf tools: Disable parallelism for 'make clean'
     - bridge: do not add port to router list when receives query with source
       0.0.0.0
     - ipv6: mcast: fix a use-after-free in inet6_mc_check
     - ipv6/ndisc: Preserve IPv6 control buffer if protocol error handlers are
       called
     - ipv6: rate-limit probes for neighbourless routes
     - llc: set SOCK_RCU_FREE in llc_sap_add_socket()
     - net: fec: don't dump RX FIFO register when not available
     - net/ipv6: Fix index counter for unicast addresses in in6_dump_addrs
     - net/mlx5e: fix csum adjustments caused by RXFCS
     - net: sched: gred: pass the right attribute to gred_change_table_def()
     - net: socket: fix a missing-check bug
     - net: stmmac: Fix stmmac_mdio_reset() when building stmmac as modules
     - net: udp: fix handling of CHECKSUM_COMPLETE packets
     - r8169: fix NAPI handling under high load
     - rtnetlink: Disallow FDB configuration for non-Ethernet device
     - sctp: fix race on sctp_id2asoc
     - tipc: fix unsafe rcu locking when accessing publication list
     - udp6: fix encap return code for resubmitting
     - vhost: Fix Spectre V1 vulnerability
     - virtio_net: avoid using netif_tx_disable() for serializing tx routine
     - ethtool: fix a privilege escalation bug
     - bonding: fix length of actor system
     - ip6_tunnel: Fix encapsulation layout
     - openvswitch: Fix push/pop ethernet validation
     - net: ipmr: fix unresolved entry dumps
     - net/mlx5: Take only bit 24-26 of wqe.pftype_wq for page fault type
     - net: bcmgenet: Poll internal PHY for GENETv5
     - net: sched: Fix for duplicate class dump
     - net/sched: cls_api: add missing validation of netlink attributes
     - net/ipv6: Allow onlink routes to have a device mismatch if it is the default
       route
     - sctp: fix the data size calculation in sctp_data_size
     - sctp: not free the new asoc when sctp_wait_for_connect returns err
     - net/mlx5: Fix memory leak when setting fpga ipsec caps
     - net/smc: fix smc_buf_unuse to use the lgr pointer
     - mlxsw: spectrum_switchdev: Don't ignore deletions of learned MACs
     - net: bpfilter: use get_pid_task instead of pid_task
     - net: drop skb on failure in ip_check_defrag()
     - net: fix pskb_trim_rcsum_slow() with odd trim offset
     - mlxsw: core: Fix devlink unregister flow
     - sparc64: Export __node_distance.
     - sparc64: Make corrupted user stacks more debuggable.
     - sparc64: Make proc_id signed.
     - sparc64: Set %l4 properly on trap return after handling signals.
     - sparc64: Wire up compat getpeername and getsockname.
     - sparc: Fix single-pcr perf event counter management.
     - sparc: Fix syscall fallback bugs in VDSO.
     - sparc: Throttle perf events properly.
     - net: bridge: remove ipv6 zero address check in mcast queries
     - Linux 4.18.17
   * Cosmic update: 4.18.16 upstream stable release (LP: #1802100)
     - soundwire: Fix duplicate stream state assignment
     - soundwire: Fix incorrect exit after configuring stream
     - soundwire: Fix acquiring bus lock twice during master release
     - media: af9035: prevent buffer overflow on write
     - spi: gpio: Fix copy-and-paste error
     - batman-adv: Avoid probe ELP information leak
     - batman-adv: Fix segfault when writing to throughput_override
     - batman-adv: Fix segfault when writing to sysfs elp_interval
     - batman-adv: Prevent duplicated gateway_node entry
     - batman-adv: Prevent duplicated nc_node entry
     - batman-adv: Prevent duplicated softif_vlan entry
     - batman-adv: Prevent duplicated global TT entry
     - batman-adv: Prevent duplicated tvlv handler
     - batman-adv: fix backbone_gw refcount on queue_work() failure
     - batman-adv: fix hardif_neigh refcount on queue_work() failure
     - cxgb4: fix abort_req_rss6 struct
     - clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-
       am43 SoCs
     - scsi: ibmvscsis: Fix a stringop-overflow warning
     - scsi: ibmvscsis: Ensure partition name is properly NUL terminated
     - intel_th: pci: Add Ice Lake PCH support
     - Input: atakbd - fix Atari keymap
     - Input: atakbd - fix Atari CapsLock behaviour
     - selftests: pmtu: properly redirect stderr to /dev/null
     - net: emac: fix fixed-link setup for the RTL8363SB switch
     - ravb: do not write 1 to reserved bits
     - net/smc: fix non-blocking connect problem
     - net/smc: fix sizeof to int comparison
     - qed: Fix populating the invalid stag value in multi function mode.
     - qed: Do not add VLAN 0 tag to untagged frames in multi-function mode.
     - PCI: dwc: Fix scheduling while atomic issues
     - RDMA/uverbs: Fix validity check for modify QP
     - scsi: lpfc: Synchronize access to remoteport via rport
     - drm: mali-dp: Call drm_crtc_vblank_reset on device init
     - scsi: ipr: System hung while dlpar adding primary ipr adapter back
     - scsi: sd: don't crash the host on invalid commands
     - bpf: sockmap only allow ESTABLISHED sock state
     - bpf: sockmap, fix transition through disconnect without close
     - bpf: test_maps, only support ESTABLISHED socks
     - net/mlx4: Use cpumask_available for eq->affinity_mask
     - clocksource/drivers/fttmr010: Fix set_next_event handler
     - RDMA/bnxt_re: Fix system crash during RDMA resource initialization
     - RISC-V: include linux/ftrace.h in asm-prototypes.h
     - iommu/rockchip: Free irqs in shutdown handler
     - pinctrl/amd: poll InterruptEnable bits in amd_gpio_irq_set_type
     - powerpc/tm: Fix userspace r13 corruption
     - powerpc/tm: Avoid possible userspace r1 corruption on reclaim
     - powerpc/numa: Use associativity if VPHN hcall is successful
     - iommu/amd: Return devid as alias for ACPI HID devices
     - x86/boot: Fix kexec booting failure in the SEV bit detection code
     - Revert "vfs: fix freeze protection in mnt_want_write_file() for overlayfs"
     - mremap: properly flush TLB before releasing the page
     - ARC: build: Get rid of toolchain check
     - ARC: build: Don't set CROSS_COMPILE in arch's Makefile
     - Linux 4.18.16
   * Cosmic update: 4.18.15 upstream stable release (LP: #1802082)
     - bnxt_en: Fix TX timeout during netpoll.
     - bnxt_en: free hwrm resources, if driver probe fails.
     - bonding: avoid possible dead-lock
     - ip6_tunnel: be careful when accessing the inner header
     - ip_tunnel: be careful when accessing the inner header
     - ipv4: fix use-after-free in ip_cmsg_recv_dstaddr()
     - ipv6: take rcu lock in rawv6_send_hdrinc()
     - net: dsa: bcm_sf2: Call setup during switch resume
     - net: hns: fix for unmapping problem when SMMU is on
     - net: ipv4: update fnhe_pmtu when first hop's MTU changes
     - net/ipv6: Display all addresses in output of /proc/net/if_inet6
     - netlabel: check for IPV4MASK in addrinfo_get
     - net: mvpp2: Extract the correct ethtype from the skb for tx csum offload
     - net: mvpp2: fix a txq_done race condition
     - net: sched: Add policy validation for tc attributes
     - net: sched: cls_u32: fix hnode refcounting
     - net: systemport: Fix wake-up interrupt race during resume
     - net/usb: cancel pending work when unbinding smsc75xx
     - qlcnic: fix Tx descriptor corruption on 82xx devices
     - qmi_wwan: Added support for Gemalto's Cinterion ALASxx WWAN interface
     - rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096
     - sctp: update dst pmtu with the correct daddr
     - team: Forbid enslaving team device to itself
     - tipc: fix flow control accounting for implicit connect
     - udp: Unbreak modules that rely on external __skb_recv_udp() availability
     - net: qualcomm: rmnet: Skip processing loopback packets
     - net: qualcomm: rmnet: Fix incorrect allocation flag in transmit
     - net: qualcomm: rmnet: Fix incorrect allocation flag in receive path
     - tun: remove unused parameters
     - tun: initialize napi_mutex unconditionally
     - tun: napi flags belong to tfile
     - net: stmmac: Fixup the tail addr setting in xmit path
     - net/packet: fix packet drop as of virtio gso
     - net: dsa: bcm_sf2: Fix unbind ordering
     - net/mlx5e: Set vlan masks for all offloaded TC rules
     - net: aquantia: memory corruption on jumbo frames
     - net/mlx5: E-Switch, Fix out of bound access when setting vport rate
     - bonding: pass link-local packets to bonding master also.
     - bonding: fix warning message
     - net: stmmac: Rework coalesce timer and fix multi-queue races
     - nfp: avoid soft lockups under control message storm
     - bnxt_en: don't try to offload VLAN 'modify' action
     - net-ethtool: ETHTOOL_GUFO did not and should not require CAP_NET_ADMIN
     - net: phy: phylink: fix SFP interface autodetection
     - sfp: fix oops with ethtool -m
     - tcp/dccp: fix lockdep issue when SYN is backlogged
     - inet: make sure to grab rcu_read_lock before using ireq->ireq_opt
     - net: dsa: b53: Keep CPU port as tagged in all VLANs
     - rtnetlink: Fail dump if target netnsid is invalid
     - bnxt_en: Fix VNIC reservations on the PF.
     - net: ipv4: don't let PMTU updates increase route MTU
     - net/mlx5: Check for SQ and not RQ state when modifying hairpin SQ
     - bnxt_en: Fix enables field in HWRM_QUEUE_COS2BW_CFG request
     - bnxt_en: get the reduced max_irqs by the ones used by RDMA
     - net/ipv6: Remove extra call to ip6_convert_metrics for multipath case
     - net/ipv6: stop leaking percpu memory in fib6 info
     - net: mscc: fix the frame extraction into the skb
     - qed: Fix shmem structure inconsistency between driver and the mfw.
     - r8169: fix network stalls due to missing bit TXCFG_AUTO_FIFO
     - r8169: set RX_MULTI_EN bit in RxConfig for 8168F-family chips
     - vxlan: fill ttl inherit info
     - ASoC: dapm: Fix NULL pointer deference on CODEC to CODEC DAIs
     - ASoC: max98373: Added speaker FS gain cotnrol register to volatile.
     - ASoC: rt5514: Fix the issue of the delay volume applied again
     - selftests: android: move config up a level
     - selftests: kselftest: Remove outdated comment
     - ASoC: max98373: Added 10ms sleep after amp software reset
     - ASoC: wm8804: Add ACPI support
     - ASoC: sigmadsp: safeload should not have lower byte limit
     - ASoC: q6routing: initialize data correctly
     - selftests: add headers_install to lib.mk
     - selftests/efivarfs: add required kernel configs
     - selftests: memory-hotplug: add required configs
     - ASoC: rsnd: adg: care clock-frequency size
     - ASoC: rsnd: don't fallback to PIO mode when -EPROBE_DEFER
     - hwmon: (nct6775) Fix access to fan pulse registers
     - Fix cg_read_strcmp()
     - ASoC: AMD: Ensure reset bit is cleared before configuring
     - drm/pl111: Make sure of_device_id tables are NULL terminated
     - Bluetooth: SMP: Fix trying to use non-existent local OOB data
     - Bluetooth: Use correct tfm to generate OOB data
     - Bluetooth: hci_ldisc: Free rw_semaphore on close
     - mfd: omap-usb-host: Fix dts probe of children
     - KVM: PPC: Book3S HV: Don't use compound_order to determine host mapping size
     - scsi: iscsi: target: Don't use stack buffer for scatterlist
     - scsi: qla2xxx: Fix an endian bug in fcpcmd_is_corrupted()
     - sound: enable interrupt after dma buffer initialization
     - sound: don't call skl_init_chip() to reset intel skl soc
     - bpf: btf: Fix end boundary calculation for type section
     - bpf: use __GFP_COMP while allocating page
     - hwmon: (nct6775) Fix virtual temperature sources for NCT6796D
     - hwmon: (nct6775) Fix RPM output for fan7 on NCT6796D
     - stmmac: fix valid numbers of unicast filter entries
     - hwmon: (nct6775) Use different register to get fan RPM for fan7
     - net: ethernet: ti: add missing GENERIC_ALLOCATOR dependency
     - net: macb: disable scatter-gather for macb on sama5d3
     - ARM: dts: at91: add new compatibility string for macb on sama5d3
     - PCI: hv: support reporting serial number as slot information
     - clk: x86: add "ether_clk" alias for Bay Trail / Cherry Trail
     - clk: x86: Stop marking clocks as CLK_IS_CRITICAL
     - pinctrl: cannonlake: Fix gpio base for GPP-E
     - x86/kvm/lapic: always disable MMIO interface in x2APIC mode
     - drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7
     - drm/amdkfd: Change the control stack MTYPE from UC to NC on GFX9
     - drm/amdkfd: Fix ATS capablity was not reported correctly on some APUs
     - mm: slowly shrink slabs with a relatively small number of objects
     - mm/vmstat.c: fix outdated vmstat_text
     - afs: Fix afs_server struct leak
     - afs: Fix clearance of reply
     - MIPS: Fix CONFIG_CMDLINE handling
     - MIPS: VDSO: Always map near top of user memory
     - mach64: detect the dot clock divider correctly on sparc
     - vsprintf: Fix off-by-one bug in bstr_printf() processing dereferenced
       pointers
     - percpu: stop leaking bitmap metadata blocks
     - perf script python: Fix export-to-postgresql.py occasional failure
     - perf script python: Fix export-to-sqlite.py sample columns
     - s390/cio: Fix how vfio-ccw checks pinned pages
     - dm cache: destroy migration_cache if cache target registration failed
     - dm: fix report zone remapping to account for partition offset
     - dm linear: eliminate linear_end_io call if CONFIG_DM_ZONED disabled
     - dm linear: fix linear_end_io conditional definition
     - cgroup: Fix dom_cgrp propagation when enabling threaded mode
     - Input: xpad - add support for Xbox1 PDP Camo series gamepad
     - drm/nouveau/drm/nouveau: Grab runtime PM ref in nv50_mstc_detect()
     - mmc: block: avoid multiblock reads for the last sector in SPI mode
     - pinctrl: mcp23s08: fix irq and irqchip setup order
     - arm64: perf: Reject stand-alone CHAIN events for PMUv3
     - mm/mmap.c: don't clobber partially overlapping VMA with MAP_FIXED_NOREPLACE
     - mm/thp: fix call to mmu_notifier in set_pmd_migration_entry() v2
     - filesystem-dax: Fix dax_layout_busy_page() livelock
     - mm: Preserve _PAGE_DEVMAP across mprotect() calls
     - i2c: i2c-scmi: fix for i2c_smbus_write_block_data
     - KVM: PPC: Book3S HV: Avoid crash from THP collapse during radix page fault
     - Linux 4.18.15
   * Cosmic update: 4.18.14 upstream stable release (LP: #1801986)
     - perf/core: Add sanity check to deal with pinned event failure
     - mm: migration: fix migration of huge PMD shared pages
     - mm, thp: fix mlocking THP page with migration enabled
     - mm/vmstat.c: skip NR_TLB_REMOTE_FLUSH* properly
     - KVM: VMX: check for existence of secondary exec controls before accessing
     - blk-mq: I/O and timer unplugs are inverted in blktrace
     - pstore/ram: Fix failure-path memory leak in ramoops_init
     - clocksource/drivers/timer-atmel-pit: Properly handle error cases
     - fbdev/omapfb: fix omapfb_memory_read infoleak
     - mmc: core: Fix debounce time to use microseconds
     - mmc: slot-gpio: Fix debounce time to use miliseconds again
     - mac80211: allocate TXQs for active monitor interfaces
     - drm/amdgpu: Fix vce work queue was not cancelled when suspend
     - drm: fix use-after-free read in drm_mode_create_lease_ioctl()
     - x86/vdso: Fix asm constraints on vDSO syscall fallbacks
     - selftests/x86: Add clock_gettime() tests to test_vdso
     - x86/vdso: Only enable vDSO retpolines when enabled and supported
     - x86/vdso: Fix vDSO syscall fallback asm constraint regression
     - Revert "UBUNTU: SAUCE: PCI: Reprogram bridge prefetch registers on resume"
     - PCI: Reprogram bridge prefetch registers on resume
     - mac80211: fix setting IEEE80211_KEY_FLAG_RX_MGMT for AP mode keys
     - PM / core: Clear the direct_complete flag on errors
     - dm mpath: fix attached_handler_name leak and dangling hw_handler_name
       pointer
     - dm cache metadata: ignore hints array being too small during resize
     - dm cache: fix resize crash if user doesn't reload cache table
     - xhci: Add missing CAS workaround for Intel Sunrise Point xHCI
     - usb: xhci-mtk: resume USB3 roothub first
     - USB: serial: simple: add Motorola Tetra MTP6550 id
     - USB: serial: option: improve Quectel EP06 detection
     - USB: serial: option: add two-endpoints device-id flag
     - usb: cdc_acm: Do not leak URB buffers
     - tty: Drop tty->count on tty_reopen() failure
     - of: unittest: Disable interrupt node tests for old world MAC systems
     - powerpc: Avoid code patching freed init sections
     - powerpc/lib: fix book3s/32 boot failure due to code patching
     - ARC: clone syscall to setp r25 as thread pointer
     - f2fs: fix invalid memory access
     - tipc: call start and done ops directly in __tipc_nl_compat_dumpit()
     - ucma: fix a use-after-free in ucma_resolve_ip()
     - ubifs: Check for name being NULL while mounting
     - rds: rds_ib_recv_alloc_cache() should call alloc_percpu_gfp() instead
     - ath10k: fix scan crash due to incorrect length calculation
     - Linux 4.18.14
   * Cosmic update: 4.18.13 upstream stable release (LP: #1801931)
     - rseq/selftests: fix parametrized test with -fpie
     - mac80211: Run TXQ teardown code before de-registering interfaces
     - mac80211_hwsim: require at least one channel
     - Btrfs: fix unexpected failure of nocow buffered writes after snapshotting
       when low on space
     - KVM: PPC: Book3S HV: Don't truncate HPTE index in xlate function
     - cfg80211: remove division by size of sizeof(struct ieee80211_wmm_rule)
     - btrfs: btrfs_shrink_device should call commit transaction at the end
     - scsi: csiostor: add a check for NULL pointer after kmalloc()
     - scsi: csiostor: fix incorrect port capabilities
     - scsi: libata: Add missing newline at end of file
     - scsi: aacraid: fix a signedness bug
     - bpf, sockmap: fix potential use after free in bpf_tcp_close
     - bpf, sockmap: fix psock refcount leak in bpf_tcp_recvmsg
     - bpf: sockmap, decrement copied count correctly in redirect error case
     - mac80211: correct use of IEEE80211_VHT_CAP_RXSTBC_X
     - mac80211_hwsim: correct use of IEEE80211_VHT_CAP_RXSTBC_X
     - cfg80211: make wmm_rule part of the reg_rule structure
     - mac80211_hwsim: Fix possible Spectre-v1 for hwsim_world_regdom_custom
     - nl80211: Fix nla_put_u8 to u16 for NL80211_WMMR_TXOP
     - nl80211: Pass center frequency in kHz instead of MHz
     - bpf: fix several offset tests in bpf_msg_pull_data
     - gpio: adp5588: Fix sleep-in-atomic-context bug
     - mac80211: mesh: fix HWMP sequence numbering to follow standard
     - mac80211: avoid kernel panic when building AMSDU from non-linear SKB
     - gpiolib: acpi: Switch to cansleep version of GPIO library call
     - gpiolib-acpi: Register GpioInt ACPI event handlers from a late_initcall
     - gpio: dwapb: Fix error handling in dwapb_gpio_probe()
     - bpf: fix msg->data/data_end after sg shift repair in bpf_msg_pull_data
     - bpf: fix shift upon scatterlist ring wrap-around in bpf_msg_pull_data
     - bpf: fix sg shift repair start offset in bpf_msg_pull_data
     - tipc: switch to rhashtable iterator
     - sh_eth: Add R7S9210 support
     - net: mvpp2: initialize port of_node pointer
     - tc-testing: add test-cases for numeric and invalid control action
     - cfg80211: nl80211_update_ft_ies() to validate NL80211_ATTR_IE
     - mac80211: do not convert to A-MSDU if frag/subframe limited
     - mac80211: always account for A-MSDU header changes
     - tools/kvm_stat: fix python3 issues
     - tools/kvm_stat: fix handling of invalid paths in debugfs provider
     - tools/kvm_stat: fix updates for dead guests
     - gpio: Fix crash due to registration race
     - ARC: atomics: unbork atomic_fetch_##op()
     - Revert "blk-throttle: fix race between blkcg_bio_issue_check() and
       cgroup_rmdir()"
     - md/raid5-cache: disable reshape completely
     - RAID10 BUG_ON in raise_barrier when force is true and conf->barrier is 0
     - selftests: pmtu: maximum MTU for vti4 is 2^16-1-20
     - selftests: pmtu: detect correct binary to ping ipv6 addresses
     - ibmvnic: Include missing return code checks in reset function
     - bpf: Fix bpf_msg_pull_data()
     - bpf: avoid misuse of psock when TCP_ULP_BPF collides with another ULP
     - i2c: uniphier: issue STOP only for last message or I2C_M_STOP
     - i2c: uniphier-f: issue STOP only for last message or I2C_M_STOP
     - net: cadence: Fix a sleep-in-atomic-context bug in macb_halt_tx()
     - fs/cifs: don't translate SFM_SLASH (U+F026) to backslash
     - mac80211: fix an off-by-one issue in A-MSDU max_subframe computation
     - cfg80211: fix a type issue in ieee80211_chandef_to_operating_class()
     - mac80211: fix WMM TXOP calculation
     - mac80211: fix a race between restart and CSA flows
     - mac80211: Fix station bandwidth setting after channel switch
     - mac80211: don't Tx a deauth frame if the AP forbade Tx
     - mac80211: shorten the IBSS debug messages
     - fsnotify: fix ignore mask logic in fsnotify()
     - net/ibm/emac: wrong emac_calc_base call was used by typo
     - nds32: fix logic for module
     - nds32: add NULL entry to the end of_device_id array
     - nds32: Fix empty call trace
     - nds32: Fix get_user/put_user macro expand pointer problem
     - nds32: fix build error because of wrong semicolon
     - tools/vm/slabinfo.c: fix sign-compare warning
     - tools/vm/page-types.c: fix "defined but not used" warning
     - nds32: linker script: GCOV kernel may refers data in __exit
     - ceph: avoid a use-after-free in ceph_destroy_options()
     - firmware: arm_scmi: fix divide by zero when sustained_perf_level is zero
     - afs: Fix cell specification to permit an empty address list
     - mm: madvise(MADV_DODUMP): allow hugetlbfs pages
     - bpf: 32-bit RSH verification must truncate input before the ALU op
     - netfilter: xt_cluster: add dependency on conntrack module
     - netfilter: xt_checksum: ignore gso skbs
     - HID: intel-ish-hid: Enable Sunrise Point-H ish driver
     - HID: add support for Apple Magic Keyboards
     - usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i]
     - HID: hid-saitek: Add device ID for RAT 7 Contagion
     - scsi: iscsi: target: Set conn->sess to NULL when iscsi_login_set_conn_values
       fails
     - scsi: iscsi: target: Fix conn_ops double free
     - scsi: qedi: Add the CRC size within iSCSI NVM image
     - perf annotate: Properly interpret indirect call
     - perf evsel: Fix potential null pointer dereference in perf_evsel__new_idx()
     - perf util: Fix bad memory access in trace info.
     - perf probe powerpc: Ignore SyS symbols irrespective of endianness
     - perf annotate: Fix parsing aarch64 branch instructions after objdump update
     - netfilter: kconfig: nat related expression depend on nftables core
     - netfilter: nf_tables: release chain in flushing set
     - Revert "iio: temperature: maxim_thermocouple: add MAX31856 part"
     - iio: imu: st_lsm6dsx: take into account ts samples in wm configuration
     - RDMA/ucma: check fd type in ucma_migrate_id()
     - riscv: Do not overwrite initrd_start and initrd_end
     - HID: sensor-hub: Restore fixup for Lenovo ThinkPad Helix 2 sensor hub report
     - usb: host: xhci-plat: Iterate over parent nodes for finding quirks
     - USB: yurex: Check for truncation in yurex_read()
     - nvmet-rdma: fix possible bogus dereference under heavy load
     - bnxt_re: Fix couple of memory leaks that could lead to IOMMU call traces
     - net/mlx5: Consider PCI domain in search for next dev
     - dm raid: fix reshape race on small devices
     - drm/nouveau: fix oops in client init failure path
     - drm/nouveau/mmu: don't attempt to dereference vmm without valid instance
       pointer
     - drm/nouveau/TBDdevinit: don't fail when PMU/PRE_OS is missing from VBIOS
     - drm/nouveau/disp: fix DP disable race
     - drm/nouveau/disp/gm200-: enforce identity-mapped SOR assignment for LVDS/eDP
       panels
     - dm raid: fix stripe adding reshape deadlock
     - dm raid: fix rebuild of specific devices by updating superblock
     - dm raid: fix RAID leg rebuild errors
     - r8169: set TxConfig register after TX / RX is enabled, just like RxConfig
     - fs/cifs: suppress a string overflow warning
     - perf/x86/intel: Add support/quirk for the MISPREDICT bit on Knights Landing
       CPUs
     - sched/topology: Set correct NUMA topology type
     - dm thin metadata: try to avoid ever aborting transactions
     - netfilter: nfnetlink_queue: Solve the NFQUEUE/conntrack clash for NF_REPEAT
     - netfilter: xt_hashlimit: use s->file instead of s->private
     - arch/hexagon: fix kernel/dma.c build warning
     - hexagon: modify ffs() and fls() to return int
     - drm/amdgpu: Fix SDMA hang in prt mode v2
     - arm64: jump_label.h: use asm_volatile_goto macro instead of "asm goto"
     - drm/amdgpu: fix error handling in amdgpu_cs_user_fence_chunk
     - r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED
     - s390/qeth: don't dump past end of unknown HW header
     - cifs: read overflow in is_valid_oplock_break()
     - asm-generic: io: Fix ioport_map() for !CONFIG_GENERIC_IOMAP &&
       CONFIG_INDIRECT_PIO
     - xen/manage: don't complain about an empty value in control/sysrq node
     - xen: avoid crash in disable_hotplug_cpu
     - xen: fix GCC warning and remove duplicate EVTCHN_ROW/EVTCHN_COL usage
     - x86/APM: Fix build warning when PROC_FS is not enabled
     - new primitive: discard_new_inode()
     - vfs: don't evict uninitialized inode
     - ovl: set I_CREATING on inode being created
     - ovl: fix access beyond unterminated strings
     - ovl: fix memory leak on unlink of indexed file
     - ovl: fix format of setxattr debug
     - sysfs: Do not return POSIX ACL xattrs via listxattr
     - b43: fix DMA error related regression with proprietary firmware
     - firmware: Fix security issue with request_firmware_into_buf()
     - firmware: Always initialize the fw_priv list object
     - cpufreq: qcom-kryo: Fix section annotations
     - smb2: fix missing files in root share directory listing
     - iommu/amd: Clear memory encryption mask from physical address
     - crypto: qat - Fix KASAN stack-out-of-bounds bug in adf_probe()
     - crypto: chelsio - Fix memory corruption in DMA Mapped buffers.
     - crypto: mxs-dcp - Fix wait logic on chan threads
     - crypto: caam/jr - fix ablkcipher_edesc pointer arithmetic
     - gpiolib: Free the last requested descriptor
     - Drivers: hv: vmbus: Use get/put_cpu() in vmbus_connect()
     - tools: hv: fcopy: set 'error' in case an unknown operation was requested
     - proc: restrict kernel stack dumps to root
     - ocfs2: fix locking for res->tracking and dlm->tracking_list
     - HID: i2c-hid: disable runtime PM operations on hantick touchpad
     - ixgbe: check return value of napi_complete_done()
     - dm thin metadata: fix __udivdi3 undefined on 32-bit
     - Revert "drm/amd/pp: Send khz clock values to DC for smu7/8"
     - Linux 4.18.13
   * Volume control not working Dell XPS 27 (7760) (LP: #1775068) // Cosmic
     update: 4.18.13 upstream stable release (LP: #1801931)
     - ALSA: hda/realtek - Cannot adjust speaker's volume on Dell XPS 27 7760
   * [Bionic][Cosmic]  ipmi: Fix timer race with module unload (LP: #1799281)
     - ipmi: Fix timer race with module unload
   * [Bionic][Cosmic] Fix to ipmi to support vendor specific messages greater
     than 255 bytes (LP: #1799794)
     - ipmi:ssif: Add support for multi-part transmit messages > 2 parts
   * 18.10 kernel does not appear to validate kernel module signatures correctly
     (LP: #1798863) // CVE-2018-18653
     - SAUCE: (efi-lockdown) module: remove support for deferring module signature
       verification to IMA
   * 18.10 kernel does not appear to validate kernel module signatures correctly
     (LP: #1798863)
     - SAUCE: (efi-lockdown) module: trust keys from secondary keyring for module
       signing
   * [Ubuntu] net/af_iucv: fix skb leaks for HiperTransport (LP: #1800639)
     - net/af_iucv: drop inbound packets with invalid flags
     - net/af_iucv: fix skb handling on HiperTransport xmit error
   * Power consumption during s2idle is higher than long idle(sk hynix)
     (LP: #1801875)
     - SAUCE: pci: prevent sk hynix nvme from entering D3
     - SAUCE: nvme: add quirk to not call disable function when suspending
   * NULL pointer dereference at 0000000000000020 when access
     dst_orig->ops->family in function  xfrm_lookup_with_ifid() (LP: #1801878)
     - xfrm: Fix NULL pointer dereference when skb_dst_force clears the dst_entry.
   * hns3: map tx ring to tc (LP: #1802023)
     - net: hns3: Set tx ring' tc info when netdev is up
   * [Ubuntu] qeth: Fix potential array overrun in cmd/rc lookup (LP: #1800641)
     - s390: qeth_core_mpc: Use ARRAY_SIZE instead of reimplementing its function
     - s390: qeth: Fix potential array overrun in cmd/rc lookup
   * Mellanox CX5 stops pinging with rx_wqe_err (mlx5_core) (LP: #1799393)
     - net/mlx5: WQ, fixes for fragmented WQ buffers API
   * Vulkan applications cause permanent memory leak with Intel GPU
     (LP: #1798165)
     - drm/syncobj: Don't leak fences when WAIT_FOR_SUBMIT is set
   * Packaging resync (LP: #1786013)
     - [Package] add support for specifying the primary makefile
Checksums-Sha1:
 e2f20054a03bc24672ea736ff60de5180399dc16 10469184 linux-gcp-headers-4.18.0-1004_4.18.0-1004.5_amd64.deb
 d35c0f22020e55a0f735b1090cd44ecee286bbde 5655748 linux-gcp-tools-4.18.0-1004-dbgsym_4.18.0-1004.5_amd64.ddeb
 d16c8f2b8bb84d0b81e718a57f9e645435a1f581 1195436 linux-gcp-tools-4.18.0-1004_4.18.0-1004.5_amd64.deb
 5f4e1157e5e462fa5fb801b087a9455ff598cd0a 14863 linux-gcp_4.18.0-1004.5_amd64.buildinfo
 ebeb6d3a0f6025492c0cd306483735eab4bc9ef4 8239210 linux-gcp_4.18.0-1004.5_amd64.tar.gz
 f562de047c59def182684c503b576ed3eb28391f 24118 linux-gcp_4.18.0-1004.5_amd64_translations.tar.gz
 830379ccb28241e4b0c14ad2f4cb83837fe8543d 1180932 linux-headers-4.18.0-1004-gcp_4.18.0-1004.5_amd64.deb
 72b67b46f0124beedfb9b43232a2af0d5be4fc08 829121632 linux-image-unsigned-4.18.0-1004-gcp-dbgsym_4.18.0-1004.5_amd64.ddeb
 1fad82cae250a2d8d92d45aeed8dba9e077bdcca 8268988 linux-image-unsigned-4.18.0-1004-gcp_4.18.0-1004.5_amd64.deb
 2addc8e578e569379af301d034afeb4588be2aff 13329892 linux-modules-4.18.0-1004-gcp_4.18.0-1004.5_amd64.deb
 f2d0765d47bc050e2bf2dfec4d7fd74200e69d4f 32719860 linux-modules-extra-4.18.0-1004-gcp_4.18.0-1004.5_amd64.deb
 4cc92089f6498e2cd2d4b8f4404fce19472cf8f9 1944 linux-tools-4.18.0-1004-gcp_4.18.0-1004.5_amd64.deb
Checksums-Sha256:
 e41b967a7afe57f692ef2a12c8726f3dea80f33cb1826dd10a78d1634c359d4b 10469184 linux-gcp-headers-4.18.0-1004_4.18.0-1004.5_amd64.deb
 1c9627b63d502d76df472df666bb8fe3eb4707db5fe9d5f0090a1a1a03cb2d9f 5655748 linux-gcp-tools-4.18.0-1004-dbgsym_4.18.0-1004.5_amd64.ddeb
 fd86f8061e0ede3980f3b8122f186ce4512f0d743a03c08e3269d266deb4b6bd 1195436 linux-gcp-tools-4.18.0-1004_4.18.0-1004.5_amd64.deb
 30370bb1963b498819f55e5e2c0f71b4101c3bd98c8e2e129c2a3ee13710bfd5 14863 linux-gcp_4.18.0-1004.5_amd64.buildinfo
 9fbf74b2d8a2e4d55d2e96b7aad9371459788dd4448511f0a16c5a6408124c38 8239210 linux-gcp_4.18.0-1004.5_amd64.tar.gz
 f2de7aa7bab7e39fd4981a31a72c5108821dff4c09c835f2a40b53e2267be410 24118 linux-gcp_4.18.0-1004.5_amd64_translations.tar.gz
 38bb5b313694e70f8ce9ab037f8e46f7c843ae4c026b4790c0acab91f4da5438 1180932 linux-headers-4.18.0-1004-gcp_4.18.0-1004.5_amd64.deb
 7a6cebff9df89212ded6b93d10fb05b8fd30a193869c39e47c0138528506df56 829121632 linux-image-unsigned-4.18.0-1004-gcp-dbgsym_4.18.0-1004.5_amd64.ddeb
 245c330c1dc1ce30380669f6622a61da70bd503af65c080b3d47845f4fb30caa 8268988 linux-image-unsigned-4.18.0-1004-gcp_4.18.0-1004.5_amd64.deb
 881f6a0a0be7068b62e39506fc16ce83b199387ecddd2c264d774b3515802621 13329892 linux-modules-4.18.0-1004-gcp_4.18.0-1004.5_amd64.deb
 deb569263114a8d76c427cefbb972202d29fc3e4090ffcf6d4affc11242a31f6 32719860 linux-modules-extra-4.18.0-1004-gcp_4.18.0-1004.5_amd64.deb
 6bf52f700769fc6ab10b63548a3bc5eaa9e585d174fdbc35b73d33aee875e798 1944 linux-tools-4.18.0-1004-gcp_4.18.0-1004.5_amd64.deb
Files:
 9107f0f3a2436e5b60de13fff743287d 10469184 devel optional linux-gcp-headers-4.18.0-1004_4.18.0-1004.5_amd64.deb
 24f10d2322b6d0e53deabca5dae122e6 5655748 debug optional linux-gcp-tools-4.18.0-1004-dbgsym_4.18.0-1004.5_amd64.ddeb
 d20641a3cf4147e094649822d14fdae8 1195436 devel optional linux-gcp-tools-4.18.0-1004_4.18.0-1004.5_amd64.deb
 c1bfc9904485792748f92d65f013b819 14863 devel optional linux-gcp_4.18.0-1004.5_amd64.buildinfo
 b730f3ab6ff8a3adc1651dc92176bc6e 8239210 raw-signing - linux-gcp_4.18.0-1004.5_amd64.tar.gz
 a15bcebe4da8fc1c6d0ef2b81a676b03 24118 raw-translations - linux-gcp_4.18.0-1004.5_amd64_translations.tar.gz
 c026da799c6421bd53672fe29dc46550 1180932 devel optional linux-headers-4.18.0-1004-gcp_4.18.0-1004.5_amd64.deb
 1171fc9076bd83ab5008f9bd3901e890 829121632 devel optional linux-image-unsigned-4.18.0-1004-gcp-dbgsym_4.18.0-1004.5_amd64.ddeb
 a70531a88279d2bb942da2c52186ab81 8268988 kernel optional linux-image-unsigned-4.18.0-1004-gcp_4.18.0-1004.5_amd64.deb
 ece7d83d98cee24681858b202df0a029 13329892 kernel optional linux-modules-4.18.0-1004-gcp_4.18.0-1004.5_amd64.deb
 3ca37e70bfcd38b6524bdfc7dec46e84 32719860 kernel optional linux-modules-extra-4.18.0-1004-gcp_4.18.0-1004.5_amd64.deb
 38b088db4f8616a32f0f29bbd8cf4c5e 1944 devel optional linux-tools-4.18.0-1004-gcp_4.18.0-1004.5_amd64.deb


More information about the Disco-changes mailing list