[ubuntu/xenial-security] linux-hwe-edge 4.10.0-14.16~16.04.1 (Accepted)
Andy Whitcroft
apw at canonical.com
Tue Apr 4 14:37:29 UTC 2017
linux-hwe-edge (4.10.0-14.16~16.04.1) xenial; urgency=low
[ Tim Gardner ]
* Release Tracking Bug
- LP: #1673837
* msleep() bug causes Nuvoton I2C TPM device driver delays (LP: #1667567)
- tpm: msleep() delays - replace with usleep_range() in i2c nuvoton driver
- SAUCE: tpm: add sleep only for retry in i2c_nuvoton_write_status()
* C++ demangling support missing from perf (LP: #1396654)
- [Config] added binutils-dev to Build-deps
* dm-queue-length module is not included in installer/initramfs (LP: #1673350)
- [Config] d-i: Also add dm-queue-length to multipath modules
* move aufs.ko from -extra to linux-image package (LP: #1673498)
- [config] aufs.ko moved to linux-image package
* Using an NVMe drive causes huge power drain (LP: #1664602)
- nvme: Add a quirk mechanism that uses identify_ctrl
- nvme: Enable autonomous power state transitions
* Broadcom bluetooth modules sometimes fail to initialize (LP: #1483101)
- Bluetooth: btbcm: Add a delay for module reset
* Need support of Broadcom bluetooth device [413c:8143] (LP: #1166113)
- Bluetooth: btusb: Add support for 413c:8143
* Zesty update to v4.10.3 stable release (LP: #1673118)
- serial: 8250_pci: Add MKS Tenta SCOM-0800 and SCOM-0801 cards
- KVM: s390: Disable dirty log retrieval for UCONTROL guests
- KVM: VMX: use correct vmcs_read/write for guest segment selector/base
- Bluetooth: Add another AR3012 04ca:3018 device
- phy: qcom-ufs: Don't kfree devres resource
- phy: qcom-ufs: Fix misplaced jump label
- s390/qdio: clear DSCI prior to scanning multiple input queues
- s390/dcssblk: fix device size calculation in dcssblk_direct_access()
- s390/kdump: Use "LINUX" ELF note name instead of "CORE"
- s390/chsc: Add exception handler for CHSC instruction
- s390: TASK_SIZE for kernel threads
- s390/topology: correct allocation of topology information
- s390: make setup_randomness work
- s390: use correct input data address for setup_randomness
- net: mvpp2: fix DMA address calculation in mvpp2_txq_inc_put()
- cxl: Prevent read/write to AFU config space while AFU not configured
- cxl: fix nested locking hang during EEH hotplug
- brcmfmac: fix incorrect event channel deduction
- mnt: Tuck mounts under others instead of creating shadow/side mounts.
- IB/ipoib: Fix deadlock between rmmod and set_mode
- IB/IPoIB: Add destination address when re-queue packet
- IB/mlx5: Fix out-of-bound access
- IB/SRP: Avoid using IB_MR_TYPE_SG_GAPS
- IB/srp: Avoid that duplicate responses trigger a kernel bug
- IB/srp: Fix race conditions related to task management
- Btrfs: fix data loss after truncate when using the no-holes feature
- orangefs: Use RCU for destroy_inode
- memory/atmel-ebi: Fix ns <-> cycles conversions
- tracing: Fix return value check in trace_benchmark_reg()
- ktest: Fix child exit code processing
- ceph: remove req from unsafe list when unregistering it
- target: Fix NULL dereference during LUN lookup + active I/O shutdown
- drivers/pci/hotplug: Handle presence detection change properly
- drivers/pci/hotplug: Fix initial state for empty slot
- nlm: Ensure callback code also checks that the files match
- pwm: pca9685: Fix period change with same duty cycle
- xtensa: move parse_tag_fdt out of #ifdef CONFIG_BLK_DEV_INITRD
- nfit, libnvdimm: fix interleave set cookie calculation
- mac80211: flush delayed work when entering suspend
- mac80211: don't reorder frames with SN smaller than SSN
- mac80211: don't handle filtered frames within a BA session
- mac80211: use driver-indicated transmitter STA only for data frames
- drm/amdgpu: add more cases to DCE11 possible crtc mask setup
- drm/amdgpu/pm: check for headless before calling compute_clocks
- Revert "drm/amdgpu: update tile table for oland/hainan"
- drm/ast: Fix AST2400 POST failure without BMC FW or VBIOS
- drm/radeon: handle vfct with multiple vbios images
- drm/edid: Add EDID_QUIRK_FORCE_8BPC quirk for Rotel RSX-1058
- drm/ttm: Make sure BOs being swapped out are cacheable
- drm/vmwgfx: Work around drm removal of control nodes
- drm/imx: imx-tve: Do not set the regulator voltage
- drm/atomic: fix an error code in mode_fixup()
- drm/i915/gvt: Disable access to stolen memory as a guest
- drm: Cancel drm_fb_helper_dirty_work on unload
- drm: Cancel drm_fb_helper_resume_work on unload
- drm/i915: Recreate internal objects with single page segments if dmar fails
- drm/i915: Avoid spurious WARNs about the wrong pipe in the PPS code
- drm/i915: Check for timeout completion when waiting for the rq to submitted
- drm/i915: Pass timeout==0 on to i915_gem_object_wait_fence()
- drm/i915: Fix not finding the VBT when it overlaps with OPREGION_ASLE_EXT
- libceph: use BUG() instead of BUG_ON(1)
- x86, mm: fix gup_pte_range() vs DAX mappings
- x86/tlb: Fix tlb flushing when lguest clears PGE
- thp: fix another corner case of munlock() vs. THPs
- mm: do not call mem_cgroup_free() from within mem_cgroup_alloc()
- kasan: resched in quarantine_remove_cache()
- fat: fix using uninitialized fields of fat_inode/fsinfo_inode
- drivers: hv: Turn off write permission on the hypercall page
- Linux 4.10.3
* Zesty update to v4.10.2 stable release (LP: #1672544)
- MIPS: pic32mzda: Fix linker error for pic32_get_pbclk()
- MIPS: Fix special case in 64 bit IP checksumming.
- MIPS: BCM47XX: Fix button inversion for Asus WL-500W
- MIPS: OCTEON: Fix copy_from_user fault handling for large buffers
- MIPS: Lantiq: Keep ethernet enabled during boot
- MIPS: Clear ISA bit correctly in get_frame_info()
- MIPS: Prevent unaligned accesses during stack unwinding
- MIPS: Fix get_frame_info() handling of microMIPS function size
- MIPS: Fix is_jump_ins() handling of 16b microMIPS instructions
- MIPS: Calculate microMIPS ra properly when unwinding the stack
- MIPS: Handle microMIPS jumps in the same way as MIPS32/MIPS64 jumps
- mmc: sdhci-acpi: support deferred probe
- am437x-vpfe: always assign bpp variable
- uvcvideo: Fix a wrong macro
- media: fix dm1105.c build error
- cxd2820r: fix gpio null pointer dereference
- dvb-usb: don't use stack for firmware load
- lirc_dev: LIRC_{G,S}ET_REC_MODE do not work
- media: Properly pass through media entity types in entity enumeration
- ext4: fix deadlock between inline_data and ext4_expand_extra_isize_ea()
- spi: s3c64xx: fix inconsistency between binding and driver
- ARM: at91: define LPDDR types
- ARM: dts: at91: Enable DMA on sama5d4_xplained console
- ARM: dts: at91: Enable DMA on sama5d2_xplained console
- ALSA: hda/realtek - Cannot adjust speaker's volume on a Dell AIO
- ALSA: hda - fix Lewisburg audio issue
- ALSA: timer: Reject user params with too small ticks
- ALSA: ctxfi: Fallback DMA mask to 32bit
- ALSA: seq: Fix link corruption by event error handling
- ALSA: hda - Add subwoofer support for Dell Inspiron 17 7000 Gaming
- ALSA: hda - Fix micmute hotkey problem for a lenovo AIO machine
- hwmon: (it87) Do not overwrite bit 2..6 of pwm control registers
- hwmon: (it87) Ensure that pwm control cache is current before updating values
- staging: greybus: loopback: fix broken udelay
- staging/lustre/lnet: Fix allocation size for sv_cpt_data
- staging: rtl: fix possible NULL pointer dereference
- coresight: STM: Balance enable/disable
- coresight: fix kernel panic caused by invalid CPU
- regulator: Fix regulator_summary for deviceless consumers
- tpm_tis: use default timeout value if chip reports it as zero
- tpm_tis: fix the error handling of init_tis()
- iommu/vt-d: Fix some macros that are incorrectly specified in intel-iommu
- iommu/vt-d: Tylersburg isoch identity map check is done too late.
- CIFS: Fix splice read for non-cached files
- mm, devm_memremap_pages: hold device_hotplug lock over mem_hotplug_{begin, done}
- mm/page_alloc: fix nodes for reclaim in fast path
- mm: vmpressure: fix sending wrong events on underflow
- mm: do not access page->mapping directly on page_endio
- mm balloon: umount balloon_mnt when removing vb device
- mm, vmscan: cleanup lru size claculations
- mm, vmscan: consider eligible zones in get_scan_count
- sigaltstack: support SS_AUTODISARM for CONFIG_COMPAT
- ipc/shm: Fix shmat mmap nil-page protection
- ima: fix ima_d_path() possible race with rename
- PM / devfreq: Fix available_governor sysfs
- PM / devfreq: Fix wrong trans_stat of passive devfreq device
- dm cache: fix corruption seen when using cache > 2TB
- dm stats: fix a leaked s->histogram_boundaries array
- dm round robin: revert "use percpu 'repeat_count' and 'current_path'"
- dm raid: fix data corruption on reshape request
- scsi: qla2xxx: Cleaned up queue configuration code.
- scsi: qla2xxx: Fix response queue count for Target mode.
- scsi: qla2xxx: Fix Regression introduced by pci_alloc_irq_vectors_affinity call.
- Revert "scsi: aacraid: Reorder Adapter status check"
- scsi: aacraid: Reorder Adapter status check
- scsi: use 'scsi_device_from_queue()' for scsi_dh
- power: reset: at91-poweroff: timely shutdown LPDDR memories
- Fix: Disable sys_membarrier when nohz_full is enabled
- jbd2: don't leak modified metadata buffers on an aborted journal
- block/loop: fix race between I/O and set_status
- loop: fix LO_FLAGS_PARTSCAN hang
- ext4: Include forgotten start block on fallocate insert range
- ext4: do not polute the extents cache while shifting extents
- ext4: trim allocation requests to group size
- ext4: fix data corruption in data=journal mode
- ext4: fix use-after-iput when fscrypt contexts are inconsistent
- ext4: fix inline data error paths
- ext4: preserve the needs_recovery flag when the journal is aborted
- ext4: return EROFS if device is r/o and journal replay is needed
- ext4: fix fencepost in s_first_meta_bg validation
- samples/seccomp: fix 64-bit comparison macros
- mei: remove support for broken parallel read
- ath10k: fix boot failure in UTF mode/testmode
- ath5k: drop bogus warning on drv_set_key with unsupported cipher
- ath9k: fix race condition in enabling/disabling IRQs
- ath9k: use correct OTP register offsets for the AR9340 and AR9550
- PCI: hv: Fix wslot_to_devfn() to fix warnings on device removal
- PCI: altera: Fix TLP_CFG_DW0 for TLP write
- Drivers: hv: vmbus: Raise retry/wait limits in vmbus_post_msg()
- crypto: xts - Add ECB dependency
- crypto: testmgr - Pad aes_ccm_enc_tv_template vector
- crypto: xts - Propagate NEED_FALLBACK bit
- crypto: api - Add crypto_requires_off helper
- fuse: add missing FR_FORCE
- x86/pkeys: Check against max pkey to avoid overflows
- arm/arm64: KVM: Enforce unconditional flush to PoC when mapping to stage-2
- arm64: dma-mapping: Fix dma_mapping_error() when bypassing SWIOTLB
- arm64: fix erroneous __raw_read_system_reg() cases
- KVM: arm/arm64: vgic: Stop injecting the MSI occurrence twice
- Revert "arm64: mm: set the contiguous bit for kernel mappings where appropriate"
- iio: pressure: mpl115: do not rely on structure field ordering
- iio: pressure: mpl3115: do not rely on structure field ordering
- can: gs_usb: Don't use stack memory for USB transfers
- can: usb_8dev: Fix memory leak of priv->cmd_msg_buffer
- w1: don't leak refcount on slave attach failure in w1_attach_slave_device()
- w1: ds2490: USB transfer buffers need to be DMAable
- usb: musb: da8xx: Remove CPPI 3.0 quirk and methods
- usb: dwc3: gadget: skip Set/Clear Halt when invalid
- usb: host: xhci: plat: check hcc_params after add hcd
- usb: gadget: udc-core: Rescan pending list on driver unbind
- usb: gadget: udc: fsl: Add missing complete function.
- usb: gadget: f_hid: fix: Free out requests
- usb: gadget: f_hid: fix: Prevent accessing released memory
- usb: gadget: f_hid: Use spinlock instead of mutex
- usb: gadget: f_hid: fix: Move IN request allocation to set_alt()
- hv: allocate synic pages for all present CPUs
- hv: init percpu_list in hv_synic_alloc()
- Drivers: hv: vmbus: Prevent sending data on a rescinded channel
- Drivers: hv: vmbus: Fix a rescind handling bug
- Drivers: hv: util: kvp: Fix a rescind processing issue
- Drivers: hv: util: Fcopy: Fix a rescind processing issue
- Drivers: hv: util: Backup: Fix a rescind processing issue
- RDMA/core: Fix incorrect structure packing for booleans
- rdma_cm: fail iwarp accepts w/o connection params
- gfs2: Add missing rcu locking for glock lookup
- remoteproc: qcom: mdt_loader: Don't overwrite firmware object
- rtlwifi: Fix alignment issues
- rtlwifi: rtl8192c-common: Fix "BUG: KASAN:
- VME: restore bus_remove function causing incomplete module unload
- nfsd: minor nfsd_setattr cleanup
- nfsd: special case truncates some more
- NFSv4: Fix memory and state leak in _nfs4_open_and_get_state
- NFSv4: Fix reboot recovery in copy offload
- pNFS/flexfiles: If the layout is invalid, it must be updated before retrying
- Revert "NFSv4.1: Handle NFS4ERR_BADSESSION/NFS4ERR_DEADSESSION replies to OP_SEQUENCE"
- NFSv4: fix getacl head length estimation
- NFSv4: fix getacl ERANGE for some ACL buffer sizes
- f2fs: fix a problem of using memory after free
- f2fs: fix multiple f2fs_add_link() calls having same name
- f2fs: add ovp valid_blocks check for bg gc victim to fg_gc
- f2fs: avoid to issue redundant discard commands
- f2fs: Fix zoned block device support
- rtc: sun6i: Disable the build as a module
- rtc: sun6i: Add some locking
- rtc: sun6i: Switch to the external oscillator
- md linear: fix a race between linear_add() and linear_congested()
- bcma: use (get|put)_device when probing/removing device driver
- mtd: nand: ifc: Fix location of eccstat registers for IFC V1.0
- dmaengine: ipu: Make sure the interrupt routine checks all interrupts.
- xprtrdma: Fix Read chunk padding
- xprtrdma: Per-connection pad optimization
- xprtrdma: Disable pad optimization by default
- xprtrdma: Reduce required number of send SGEs
- powerpc/xmon: Fix data-breakpoint
- powerpc/mm: Add MMU_FTR_KERNEL_RO to possible feature mask
- module: fix memory leak on early load_module() failures
- MIPS: IP22: Reformat inline assembler code to modern standards.
- MIPS: IP22: Fix build error due to binutils 2.25 uselessnes.
- ceph: update readpages osd request according to size of pages
- Linux 4.10.2
* kernel selftests ADT failure with linux 4.10.0-13.15 on ppc64el (LP: #1672510)
- SAUCE: Add '-fno-ie -no-pie' to cflags for powerpc ptrace tests
* arm64: Workaround QDF2400 erratum 0065 (LP: #1672486)
- [Config] CONFIG_QCOM_QDF2400_ERRATUM_0065=y
- irqchip/gicv3-its: Add workaround for QDF2400 ITS erratum 0065
* arm64 MSI/PCIe passthrough patches break build of certain configs (LP: #1672502)
- irqdomain: Add empty irq_domain_check_msi_remap
* pinctrl: qcom: add get_direction function (LP: #1672504)
- pinctrl: qcom: add get_direction function
* perf probes on arm64 don't work with 4.10 kernel b/c of register name issue (LP: #1671917)
- perf probe: Fix wrong register name for arm64
* cleanup primary tree for linux-hwe layering issues (LP: #1637473)
- [Config] linux-source-* is in the primary linux namespace
* hv_set_ifconfig script parsing fails for certain configuration (LP: #1640109)
- hv_set_ifconfig -- handle DHCP interfaces correctly
- hv_set_ifconfig -- ensure we include the last stanza
* Revert "UBUNTU: SAUCE: Disable timers selftest for now" (LP: #1672372)
- Revert "UBUNTU: SAUCE: Disable timers selftest for now"
* Ubuntu 16.10: Network checksum fixes needed for IPoIB for Mellanox CX4/CX5 card (LP: #1670247)
- powerpc/64: Fix checksum folding in csum_add()
* POWER9: Additional power9 patches (LP: #1671613)
- mm/autonuma: don't use set_pte_at when updating protnone ptes
- mm/autonuma: let architecture override how the write bit should be stashed in a protnone pte.
- powerpc/mm/autonuma: switch ppc64 to its own implementation of saved write
- mm/gup: check for protnone only if it is a PTE entry
- mm/thp/autonuma: use TNF flag instead of vm fault
- SAUCE: powerpc/mm: handle protnone ptes on fork
- SAUCE: power/mm: update pte_write and pte_wrprotect to handle savedwrite
- mm/ksm: improve deduplication of zero pages with colouring
- mm: introduce page_vma_mapped_walk()
- mm, ksm: convert write_protect_page() to use page_vma_mapped_walk()
- mm/ksm: handle protnone saved writes when making page write protect
* POWER9 : Enable Stop 0-2 with ESL=EC=0 (LP: #1666197)
- powerpc/powernv: Fix bug due to labeling ambiguity in power_enter_stop
* Miscellaneous Ubuntu changes
- [Debian] consider renames in gen-auto-reconstruct
linux (4.10.0-13.15) zesty; urgency=low
[ Tim Gardner ]
* Release Tracking Bug
- LP: #1671614
* ehci-platform needed in usb-modules udeb (LP: #1671589)
- d-i: add ehci-platform to usb-modules
* irqchip/gic-v3-its: Enable cacheable attribute Read-allocate hints
(LP: #1671598)
- irqchip/gic-v3-its: Enable cacheable attribute Read-allocate hints
* iommu: Fix static checker warning in iommu_insert_device_resv_regions
(LP: #1671599)
- iommu: Fix static checker warning in iommu_insert_device_resv_regions
* QDF2400: Fix panic introduced by erratum 1003 (LP: #1671602)
- arm64: Avoid clobbering mm in erratum workaround on QDF2400
* QDF2400 PCI ports require ACS quirk (LP: #1671601)
- PCI: Add ACS quirk for Qualcomm QDF2400 and QDF2432
* tty: pl011: Work around QDF2400 E44 stuck BUSY bit (LP: #1671600)
- tty: pl011: Work around QDF2400 E44 stuck BUSY bit
* CVE-2017-2636
- tty: n_hdlc: get rid of racy n_hdlc.tbuf
* Sync virtualbox to 5.1.16-dfsg-1 in zesty (LP: #1671470)
- ubuntu: vbox -- Update to 5.1.16-dfsg-1
linux (4.10.0-12.14) zesty; urgency=low
[ Tim Gardner ]
* Release Tracking Bug
- LP: #1671235
* POWER9: Improve CAS negotiation (LP: #1671169)
- powerpc: Parse the command line before calling CAS
- powerpc: Update to new option-vector-5 format for CAS
* lowlatency kernel is lacking support for latencytop (LP: #1655986)
- [Config] CONFIG_LATENCYTOP=y for amd64 lowlatency
* Power9 kernel: add virtualization patches (LP: #1670800)
- powerpc: Add POWER9 architected mode to cputable
* h-prod does not function across cores (LP: #1670726)
- KVM: PPC: Book3S HV: Fix H_PROD to actually wake the target vcpu
* CIFS: Enable encryption for SMB3 (LP: #1670508)
- cifs: Simplify SMB2 and SMB311 dependencies
- cifs: Only select the required crypto modules
- cifs: Add soft dependencies
- CIFS: Separate SMB2 header structure
- CIFS: Make SendReceive2() takes resp iov
- CIFS: Make send_cancel take rqst as argument
- CIFS: Send RFC1001 length in a separate iov
- CIFS: Separate SMB2 sync header processing
- CIFS: Separate RFC1001 length processing for SMB2 read
- CIFS: Add capability to transform requests before sending
- CIFS: Enable encryption during session setup phase
- CIFS: Encrypt SMB3 requests before sending
- CIFS: Add transform header handling callbacks
- CIFS: Add mid handle callback
- CIFS: Add copy into pages callback for a read operation
- CIFS: Decrypt and process small encrypted packets
- CIFS: Add capability to decrypt big read responses
- CIFS: Allow to switch on encryption with seal mount option
- CIFS: Fix possible use after free in demultiplex thread
* FC Adapter (LPe32000-based) prints "iotag out of range", goes offline, and
delays boot a lot (Ubuntu17.04/Emulex/lpfc)) (LP: #1670490)
- scsi: lpfc: Correct WQ creation for pagesize
- scsi: lpfc: Add missing memory barrier
* Ubuntu 17.04: Guest does not reflect all the cpus hotplugged (LP: #1670315)
- powerpc/64: Don't try to use radix MMU under a hypervisor
- powerpc/pseries: Fixes for the "ibm,architecture-vec-5" options
- powerpc/64: Enable use of radix MMU under hypervisor on POWER9
- powerpc/pseries: Advertise HPT resizing support via CAS
- powerpc/pseries: Advertise Hot Plug Event support to firmware
- powerpc/pseries: Report DLPAR capabilities
- powerpc/pseries: Make the acquire/release of the drc for memory a seperate step
- powerpc/pseries: Introduce memory hotplug READD operation
- powerpc/pseries: Fix build break when MEMORY_HOTREMOVE=n
- powerpc/pseries: Implement indexed-count hotplug memory add
- powerpc/pseries: Implement indexed-count hotplug memory remove
- powerpc/pseries: Revert 'Auto-online hotplugged memory'
* Allow Unity8 to run inside Virtualbox (LP: #1669807)
- ubuntu: vbox -- Update to 5.1.14-dfsg-3
* ecryptfs fails to load block cipher on ppc64el (LP: #1666483)
- crypto: vmx - Use skcipher for cbc fallback
- crypto: vmx - Use skcipher for xts fallback
- [Config] CONFIG_CRYPTO_DEV_VMX=y
* Regression in 4.4.0-65-generic causes very frequent system crashes
(LP: #1669611)
- Revert "UBUNTU: SAUCE: apparmor: fix lock ordering for mkdir"
- Revert "UBUNTU: SAUCE: apparmor: fix leak on securityfs pin count"
- Revert "UBUNTU: SAUCE: apparmor: fix reference count leak when securityfs_setup_d_inode() fails"
- Revert "UBUNTU: SAUCE: apparmor: fix not handling error case when securityfs_pin_fs() fails"
* [ubuntu 16.10] Enable OPTPROBES for powerpc (LP: #1585741)
- powerpc/optprobes: Fix TOC handling in optprobes trampoline
* [Ubuntu 17.04] Kernel panics when large number of hugepages is passed as an
boot argument to kernel. (LP: #1665113)
- SAUCE: mm/cgroup: avoid panic when init with low memory
* bcache device numbers increase by 16 (LP: #1667078)
- SAUCE: bcache: Fix bcache device names
* [Feature] GLK Intel PT write (LP: #1645962)
- perf/x86/intel/pt: Add format strings for PTWRITE and power event tracing
* arm64: ACPI platform MSI support required for new systems (LP: #1669061)
- SAUCE: ACPI: IORT: fix the indentation in iort_scan_node()
- SAUCE: ACPI: IORT: add missing comment for iort_dev_find_its_id()
- SAUCE: ACPI: IORT: minor cleanup for iort_match_node_callback()
- SAUCE: irqchip: gic-v3-its: keep the head file include in alphabetic order
- SAUCE: irqchip: gicv3-its: platform-msi: refactor its_pmsi_prepare()
- SAUCE: irqchip: gicv3-its: platform-msi: refactor its_pmsi_init() to prepare for ACPI
- SAUCE: irqchip: gicv3-its: platform-msi: scan MADT to create platform msi domain
- SAUCE: ACPI: IORT: rename iort_node_map_rid() to make it generic
- SAUCE: ACPI: IORT: introduce iort_node_map_platform_id() to retrieve dev id
- SAUCE: ACPI: platform-msi: retrieve dev id from IORT
- SAUCE: ACPI: platform: setup MSI domain for ACPI based platform device
- SAUCE: msi: platform: make platform_msi_create_device_domain() ACPI aware
- SAUCE: irqchip: mbigen: drop module owner
- SAUCE: irqchip: mbigen: introduce mbigen_of_create_domain()
- SAUCE: irqchip: mbigen: Add ACPI support
* Miscellaneous Ubuntu changes
- [Debian] Don't attempt to sign files if CONFIG_MODULE_SIG=n
linux (4.10.0-11.13) zesty; urgency=low
[ Tim Gardner ]
* Release Tracking Bug
- LP: #1669127
* linux-tools-common should Depends: lsb-release (LP: #1667571)
- [Config] linux-tools-common depends on lsb-release
* Ubuntu (Zesty): When we miss LSI/INTx interrupts on slot, message is too
imprecise (LP: #1668382)
- of/irq: improve error report on irq discovery process failure
* Zesty update to v4.10.1 stable release (LP: #1668993)
- ptr_ring: fix race conditions when resizing
- ip: fix IP_CHECKSUM handling
- net: socket: fix recvmmsg not returning error from sock_error
- tty: serial: msm: Fix module autoload
- USB: serial: mos7840: fix another NULL-deref at open
- USB: serial: cp210x: add new IDs for GE Bx50v3 boards
- USB: serial: ftdi_sio: fix modem-status error handling
- USB: serial: ftdi_sio: fix extreme low-latency setting
- USB: serial: ftdi_sio: fix line-status over-reporting
- USB: serial: spcp8x5: fix modem-status handling
- USB: serial: opticon: fix CTS retrieval at open
- USB: serial: ark3116: fix register-accessor error handling
- USB: serial: console: fix uninitialised spinlock
- x86/platform/goldfish: Prevent unconditional loading
- goldfish: Sanitize the broken interrupt handler
- netfilter: nf_ct_helper: warn when not applying default helper assignment
- ACPICA: Linuxize: Restore and fix Intel compiler build
- block: fix double-free in the failure path of cgwb_bdi_init()
- rtlwifi: rtl_usb: Fix for URB leaking when doing ifconfig up/down
- xfs: clear delalloc and cache on buffered write failure
- Linux 4.10.1
* [UBUNTU Zesty] mlx5 - Improve OVS offload driver (LP: #1668019)
- net/sched: cls_flower: Disallow duplicate internal elements
- net/sched: cls_flower: Properly handle classifier flags dumping
- net/sched: cls_matchall: Dump the classifier flags
- net/sched: Reflect HW offload status
- net/sched: cls_flower: Reflect HW offload status
- net/sched: cls_matchall: Reflect HW offloading status
- net/sched: cls_u32: Reflect HW offload status
- net/sched: cls_bpf: Reflect HW offload status
- net/mlx5: Push min-inline mode resolution helper into the core
- IB/mlx5: Enable Eth VFs to query their min-inline value for user-space
- net/mlx5: Use exact encap header size for the FW input buffer
- net/mlx5e: Add TC offloads matching on IPv6 encapsulation headers
- net/mlx5e: TC ipv4 tunnel encap offload cosmetic changes
- net/mlx5e: Use the full tunnel key info for encapsulation offload house- keeping
- net/mlx5e: Maximize ip tunnel key usage on the TC offloading path
- net/mlx5e: Support SRIOV TC encapsulation offloads for IPv6 tunnels
- net/mlx5: E-Switch, Enlarge the FDB size for the switchdev mode
- net/mlx5: Fix static checker warnings
* [Hyper-V] Ubuntu 14.04.2 LTS Generation 2 SCSI Errors on VSS Based Backups
(LP: #1470250)
- SAUCE: Tools: hv: vss: Thaw the filesystem and continue after freeze fails
* Ubuntu17.04: Need more patches for aacraid to bring up Boston System
(LP: #1668726)
- scsi: aacraid: Remove duplicate irq management code
- scsi: aacraid: Added aacraid.h include guard
- scsi: aacraid: added support for init_struct_8
- scsi: aacraid: Added sa firmware support
- scsi: aacraid: Retrieve and update the device types
- scsi: aacraid: Reworked scsi command submission path
- scsi: aacraid: Process Error for response I/O
- scsi: aacraid: Added support for response path
- scsi: aacraid: Added support for read medium error
- scsi: aacraid: Reworked aac_command_thread
- scsi: aacraid: Added support for periodic wellness sync
- scsi: aacraid: Retrieve Queue Depth from Adapter FW
- scsi: aacraid: Added support to set QD of attached drives
- scsi: aacraid: Added support for hotplug
- scsi: aacraid: Include HBA direct interface
- scsi: aacraid: Add task management functionality
- scsi: aacraid: Added support to abort cmd and reset lun
- scsi: aacraid: VPD 83 type3 support
- scsi: aacraid: Added new IWBR reset
- scsi: aacraid: Added ioctl to trigger IOP/IWBR reset
- scsi: aacraid: Retrieve HBA host information ioctl
- scsi: aacraid: Update copyrights
- scsi: aacraid: Change Driver Version Prefix
- scsi: aacraid: update version
- scsi: aacraid: rcode is unsigned and should be signed int
- scsi: aacraid: avoid open-coded upper_32_bits
- scsi: aacraid: Fix camel case
- scsi: aacraid: Use correct channel number for raw srb
- scsi: aacraid: Fix for excessive prints on EEH
- scsi: aacraid: Prevent E3 lockup when deleting units
- scsi: aacraid: Fix memory leak in fib init path
- scsi: aacraid: Added sysfs for driver version
- scsi: aacraid: Fix sync fibs time out on controller reset
- scsi: aacraid: Skip wellness sync on controller failure
- scsi: aacraid: Reload offlined drives after controller reset
- scsi: aacraid: Decrease adapter health check interval
- scsi: aacraid: Skip IOP reset on controller panic(SMART Family)
- scsi: aacraid: Reorder Adapter status check
- scsi: aacraid: Save adapter fib log before an IOP reset
- scsi: aacraid: Fix a potential spinlock double unlock bug
- scsi: aacraid: Update driver version
- scsi: aacraid: Fixed expander hotplug for SMART family
* Ubuntu 17.04: "Oops: Exception in kernel mode, sig: 5 [#1]" seen during
fadump over ssh on Alpine machine. (LP: #1655241)
- Revert "UBUNTU: SAUCE: powerpc/fadump: set an upper limit for boot memory size"
- SAUCE: powerpc/fadump: set an upper limit for boot memory size (V2)
* CAPI:Ubuntu: Kernel panic while rebooting (LP: #1667599)
- pci/hotplug/pnv-php: Remove WARN_ON() in pnv_php_put_slot()
- pci/hotplug/pnv-php: Disable surprise hotplug capability on conflicts
- pci/hotplug/pnv-php: Disable MSI and PCI device properly
* Nvlink2: Additional patches (LP: #1667081)
- powerpc/powernv: Initialise nest mmu
- powerpc/powernv: Use OPAL call for TCE kill on NVLink2
- powerpc/mm: refactor radix physical page mapping
- powerpc/mm: add radix__create_section_mapping()
- powerpc/mm: add radix__remove_section_mapping()
- powerpc/mm: unstub radix__vmemmap_remove_mapping()
- [Config] Enforce CONFIG_MOVABLE_NODE=y for ppc64el
* PowerNV: No rate limit for kernel error "KVM can't copy data from"
(LP: #1667416)
- SAUCE: KVM: PPC: Book3S: Ratelimit copy data failure error messages
* Please disable unnecessary config options in the Ubuntu 17.04 kernel config
(LP: #1667490)
- [Config] Disable experimental IMA options
* POWER9: AST: Improve AST 2500 support (LP: #1667424)
- SAUCE: drm/ast: Handle configuration without P2A bridge
- SAUCE: drm/ast: const'ify mode setting tables
- SAUCE: drm/ast: Remove spurrious include
- SAUCE: drm/ast: Fix calculation of MCLK
- SAUCE: drm/ast: Base support for AST2500
- SAUCE: drm/ast: Fixed vram size incorrect issue on POWER
- SAUCE: drm/ast: Factor mmc_test code in POST code
- SAUCE: drm/ast: Rename ast_init_dram_2300 to ast_post_chip_2300
- SAUCE: drm/ast: POST code for the new AST2500
- SAUCE: drm/ast: Fix test for VGA enabled
- SAUCE: drm/ast: Call open_key before enable_mmio in POST code
* POWER9: Additional patches for 17.04 and 16.04.2 (LP: #1667116)
- powerpc/mm: Update PROTFAULT handling in the page fault path
- powerpc/mm/radix: Update pte update sequence for pte clear case
- powerpc/mm/radix: Use ptep_get_and_clear_full when clearing pte for full mm
- powerpc/mm/radix: Skip ptesync in pte update helpers
- SAUCE: powerpc/mm/hash: Always clear UPRT and Host Radix bits when setting up CPU
* POWER9: Improve PMU capabilites (LP: #1667413)
- powerpc/perf: use is_kernel_addr macro in perf_get_misc_flags()
- powerpc/perf: Avoid FAB_*_MATCH checks for power9
- powerpc/perf: Add restrictions to PMC5 in power9 DD1
- powerpc/perf: Use Instruction Counter value
- powerpc/perf: Use PM_INST_DISP for generic instructions sample
- powerpc/perf: Add alternative event table and function for power9
- powerpc/perf: Add PM_INST_DISP event to Power9 event list
- powerpc/perf: Factor out event_alternative function
* Miscellaneous Ubuntu changes
- [Config] CONFIG_QCOM_FALKOR_ERRATUM_1009=y
- [Config] CONFIG_QCOM_L2_PMU=y
- [Config] CONFIG_QCOM_FALKOR_ERRATUM_1003=y
- ubuntu: vbox -- Update to 5.1.14-dfsg-2
* Miscellaneous upstream changes
- arm64: errata: Provide macro for major and minor cpu revisions
- arm64: Define Falkor v1 CPU
- arm64: Use __tlbi() macros in KVM code
- arm64: Work around Falkor erratum 1009
- perf: add qcom l2 cache perf events driver
- arm64: arch_timer: document Hisilicon erratum 161010101
- arm64: Work around Falkor erratum 1003
- ACPI/IORT: Fix iort_node_get_id() mapping entries indexing
- net: qcom/emac: add ethtool support
- Revert "net: qcom/emac: configure the external phy to allow pause frames"
- net: qcom/emac: rename emac_phy to emac_sgmii and move it
- net: qcom/emac: claim the irq only when the device is opened
- net: qcom/emac: display the phy driver info after we connect
- net: qcom/emac: always use autonegotiation to configure the SGMII link
- net: qcom/emac: do not call emac_mac_start twice
- net: qcom/emac: remove extraneous wake-on-lan code
- net: qcom/emac: add an error interrupt handler for the sgmii
- net: qcom/emac: add ethool support for setting pause parameters
- net: qcom/emac: fix semicolon.cocci warnings
- net: qcom/emac: add ethtool support for reading hardware registers
- net: qcom/emac: add ethtool support for setting ring parameters
- net: qcom/emac: fix a sizeof() typo
linux (4.10.0-10.12) zesty; urgency=low
[ Tim Gardner ]
* Release Tracking Bug
- LP: #1666636
* POWER9 : Enable Stop 0-2 with ESL=EC=0 (LP: #1666197)
- powernv:idle: Add IDLE_STATE_ENTER_SEQ_NORET macro
- powernv:stop: Rename pnv_arch300_idle_init to pnv_power9_idle_init
- cpuidle:powernv: Add helper function to populate powernv idle states.
- powernv: Pass PSSCR value and mask to power9_idle_stop
- Documentation:powerpc: Add device-tree bindings for power-mgt
* ecryptfs fails to load block cipher on ppc64el (LP: #1666483)
- [Config] CONFIG_CRYPTO_DEV_VMX=n
* [ubuntu 16.10] Enable OPTPROBES for powerpc (LP: #1585741)
- powerpc/bpf: Introduce __PPC_SH64()
- powerpc: Add helper to check if offset is within relative branch range
- powerpc/kprobes: Fixes for kprobe_lookup_name() on BE
- powerpc/kprobes: Implement Optprobes
- powerpc/kprobes: Optimize kprobe in kretprobe_trampoline()
* Miscellaneous Ubuntu changes
- [Config] CONFIG_QCOM_IRQ_COMBINER=y
- [Config] CONFIG_ARM_ARCH_TIMER_OOL_WORKAROUND=y
- [Config] CONFIG_HISILICON_ERRATUM_161010101=y
* Miscellaneous upstream changes
- ACPI: Generic GSI: Do not attempt to map non-GSI IRQs during bus scan
- ACPI: Add support for ResourceSource/IRQ domain mapping
- irqchip/qcom: Add IRQ combiner driver
- clocksource/drivers/arm_arch_timer: Add dt binding for hisilicon-161010101 erratum
- clocksource/drivers/arm_arch_timer: Remove fsl-a008585 parameter
- clocksource/drivers/arm_arch_timer: Introduce generic errata handling infrastructure
- clocksource/drivers/arm_arch_timer: Work around Hisilicon erratum 161010101
- iommu/dma: Allow MSI-only cookies
- iommu: Rename iommu_dm_regions into iommu_resv_regions
- iommu: Add a new type field in iommu_resv_region
- iommu: iommu_alloc_resv_region
- iommu: Only map direct mapped regions
- iommu: iommu_get_group_resv_regions
- iommu: Implement reserved_regions iommu-group sysfs file
- iommu/vt-d: Implement reserved region get/put callbacks
- iommu/amd: Declare MSI and HT regions as reserved IOVA regions
- iommu/arm-smmu: Implement reserved region get/put callbacks
- iommu/arm-smmu-v3: Implement reserved region get/put callbacks
- irqdomain: Add irq domain MSI and MSI_REMAP flags
- genirq/msi: Set IRQ_DOMAIN_FLAG_MSI on MSI domain creation
- irqdomain: irq_domain_check_msi_remap
- irqchip/gicv3-its: Sets IRQ_DOMAIN_FLAG_MSI_REMAP
- vfio/type1: Allow transparent MSI IOVA allocation
- vfio/type1: Check MSI remapping at irq domain level
- iommu/arm-smmu: Do not advertise IOMMU_CAP_INTR_REMAP anymore
- iommu/arm-smmu-v3: Clear prior settings when updating STEs
- iommu/arm-smmu-v3: limit use of 2-level stream tables
- iommu/arm-smmu: Support for Extended Stream ID (16 bit)
- iommu/arm-smmu: Fix for ThunderX erratum #27704
linux (4.10.0-9.11) zesty; urgency=low
[ Tim Gardner ]
* Release Tracking Bug
- LP: #1666214
* linux: disable CONFIG_PCIEPORTBUS in the kernel (LP: #1665404)
- [Config] CONFIG_PCIEPORTBUS=n for ppc64el
* linux-lts-xenial 4.4.0-63.84~14.04.2 ADT test failure with linux-lts-xenial
4.4.0-63.84~14.04.2 (LP: #1664912)
- SAUCE: apparmor: fix link auditing failure due to, uninitialized var
* Ubuntu 17.04: "Oops: Exception in kernel mode, sig: 5 [#1]" seen during
fadump over ssh on Alpine machine. (LP: #1655241)
- SAUCE: powerpc/fadump: set an upper limit for boot memory size
* In Ubuntu 17.04 : after reboot getting message in console like Unable to
open file: /etc/keys/x509_ima.der (-2) (LP: #1656908)
- SAUCE: ima: Downgrade error to warning
* NFS client : permission denied when trying to access subshare, since kernel
4.4.0-31 (LP: #1649292)
- fs: Better permission checking for submounts
* Miscellaneous Ubuntu changes
- SAUCE: (noup) Update spl to 0.6.5.9-1, zfs to 0.6.5.9-2
- [Config] CONFIG_SCSI_HISI_SAS=m on arm64
- d-i: Add hisi_sas_v2_hw to scsi-modules
- d-i: Add hns_enet_drv to nic-modules
- d-i: Add supporting modules for hns_enet_drv to nic-modules
- rebase to v4.10
[ Upstream Kernel Changes ]
* rebase to v4.10
linux (4.10.0-8.10) zesty; urgency=low
[ Tim Gardner ]
* Release Tracking Bug
- LP: #1664217
* [Hyper-V] Bug fixes for storvsc (tagged queuing, error conditions)
(LP: #1663687)
- scsi: storvsc: Enable tracking of queue depth
- scsi: storvsc: Remove the restriction on max segment size
- scsi: storvsc: Enable multi-queue support
- scsi: storvsc: use tagged SRB requests if supported by the device
- scsi: storvsc: properly handle SRB_ERROR when sense message is present
- scsi: storvsc: properly set residual data length on errors
* Ubuntu16.10-KVM:Big configuration with multiple guests running SRIOV VFs
caused KVM host hung and all KVM guests down. (LP: #1651248)
- KVM: PPC: Book 3S: XICS cleanup: remove XICS_RM_REJECT
- KVM: PPC: Book 3S: XICS: correct the real mode ICP rejecting counter
- KVM: PPC: Book 3S: XICS: Fix potential issue with duplicate IRQ resends
- KVM: PPC: Book 3S: XICS: Implement ICS P/Q states
- KVM: PPC: Book 3S: XICS: Don't lock twice when checking for resend
* overlay: mkdir fails if directory exists in lowerdir in a user namespace
(LP: #1531747)
- SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs
* CVE-2016-1575 (LP: #1534961)
- SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs
* CVE-2016-1576 (LP: #1535150)
- SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs
* Miscellaneous Ubuntu changes
- SAUCE: md/raid6 algorithms: scale test duration for speedier boots
- SAUCE: Import aufs driver
- d-i: Build message-modules udeb for arm64
- rebase to v4.10-rc8
* Miscellaneous upstream changes
- Revert "UBUNTU: SAUCE: aufs -- remove .readlink assignment"
- Revert "UBUNTU: SAUCE: (no-up) aufs: for v4.9-rc1, support setattr_prepare()"
- Revert "UBUNTU: SAUCE: aufs -- Add flags argument to aufs_rename()"
- Revert "UBUNTU: SAUCE: aufs -- Convert to use xattr handlers"
- Revert "UBUNTU: SAUCE: Import aufs driver"
[ Upstream Kernel Changes ]
* rebase to v4.10-rc8
linux (4.10.0-7.9) zesty; urgency=low
[ Tim Gardner ]
* Release Tracking Bug
- LP: #1662201
* AMDGPU support for CIK parts in kernel config? (LP: #1661887)
- [Config] CONFIG_DRM_AMDGPU_CIK=y
* regession tests failing after stackprofile test is run (LP: #1661030)
- fix regression with domain change in complain mode
* Permission denied and inconsistent behavior in complain mode with 'ip netns
list' command (LP: #1648903)
- fix regression with domain change in complain mode
* flock not mediated by 'k' (LP: #1658219)
- SAUCE: apparmor: flock mediation is not being enforced on cache check
* unexpected errno=13 and disconnected path when trying to open /proc/1/ns/mnt
from a unshared mount namespace (LP: #1656121)
- SAUCE: apparmor: null profiles should inherit parent control flags
* apparmor refcount leak of profile namespace when removing profiles
(LP: #1660849)
- SAUCE: apparmor: fix ns ref count link when removing profiles from policy
* tor in lxd: apparmor="DENIED" operation="change_onexec"
namespace="root//CONTAINERNAME_<var-lib-lxd>" profile="unconfined"
name="system_tor" (LP: #1648143)
- SAUCE: apparmor: Fix no_new_privs blocking change_onexec when using stacked
namespaces
* apparmor_parser hangs indefinitely when called by multiple threads
(LP: #1645037)
- SAUCE: apparmor: fix lock ordering for mkdir
* apparmor leaking securityfs pin count (LP: #1660846)
- SAUCE: apparmor: fix leak on securityfs pin count
* apparmor reference count leak when securityfs_setup_d_inode\ () fails
(LP: #1660845)
- SAUCE: apparmor: fix reference count leak when securityfs_setup_d_inode()
fails
* apparmor not checking error if security_pin_fs() fails (LP: #1660842)
- SAUCE: apparmor: fix not handling error case when securityfs_pin_fs() fails
* apparmor oops in bind_mnt when dev_path lookup fails (LP: #1660840)
- SAUCE: apparmor: fix oops in bind_mnt when dev_path lookup fails
* apparmor auditing denied access of special apparmor .null fi\ le
(LP: #1660836)
- SAUCE: apparmor: Don't audit denied access of special apparmor .null file
* apparmor label leak when new label is unused (LP: #1660834)
- SAUCE: apparmor: fix label leak when new label is unused
* apparmor reference count bug in label_merge_insert() (LP: #1660833)
- SAUCE: apparmor: fix reference count bug in label_merge_insert()
* apparmor's raw_data file in securityfs is sometimes truncated (LP: #1638996)
- SAUCE: apparmor: fix replacement race in reading rawdata
* unix domain socket cross permission check failing with nested namespaces
(LP: #1660832)
- SAUCE: apparmor: fix cross ns perm of unix domain sockets
* Regression tests can not detect binfmt_elf mmpa semantic change
(LP: #1630069)
- SAUCE: apparmor: add flag to detect semantic change, to binfmt_elf mmap
* Support snaps inside of lxd containers (LP: #1611078)
- apparmor: add interface to be able to grab loaded policy
- apparmor: refactor aa_prepare_ns into prepare_ns and create_ns routines
- apparmor: add __aa_find_ns fn
- apparmor: add mkdir/rmdir interface to manage policy namespaces
- apparmor: fix oops in pivot_root mediation
- apparmor: fix warning that fn build_pivotroot discards const
- apparmor: add interface to advertise status of current task stacking
- apparmor: update policy permissions to consider ns being viewed/managed
- apparmor: add per ns policy management interface
- apparmor: bump domain stacking version to 1.2
* change_hat is logging failures during expected hat probing (LP: #1615893)
- SAUCE: apparmor: Fix auditing behavior for change_hat probing
* deleted files outside of the namespace are not being treated as disconnected
(LP: #1615892)
- SAUCE: apparmor: deleted dentries can be disconnected
* stacking to unconfined in a child namespace confuses mediation
(LP: #1615890)
- SAUCE: apparmor: special case unconfined when determining the mode
* apparmor module parameters can be changed after the policy is locked
(LP: #1615895)
- SAUCE: apparmor: fix: parameters can be changed after policy is locked
* AppArmor profile reloading causes an intermittent kernel BUG (LP: #1579135)
- SAUCE: apparmor: fix vec_unique for vectors larger than 8
* label vec reductions can result in reference labels instead of direct access
to labels (LP: #1615889)
- SAUCE: apparmor: reduction of vec to single entry is just that entry
* profiles from different namespaces can block other namespaces from being
able to load a profile (LP: #1615887)
- SAUCE: apparmor: profiles in one ns can affect mediation in another ns
* The label build for onexec when stacking is wrong (LP: #1615881)
- SAUCE: apparmor: Fix label build for onexec stacking.
* The inherit check for new to old label comparison for domain transitions is
wrong (LP: #1615880)
- SAUCE: apparmor: Fix new to old label comparison for domain transitions
* warning stack trace while playing with apparmor namespaces (LP: #1593874)
- SAUCE: apparmor: fix stack trace when removing namespace with profiles
* __label_update proxy comparison test is wrong (LP: #1615878)
- SAUCE: apparmor: Fix __label_update proxy comparison test
* reading /sys/kernel/security/apparmor/profiles requires CAP_MAC_ADMIN
(LP: #1560583)
- SAUCE: apparmor: Allow ns_root processes to open profiles file
- SAUCE: apparmor: Consult sysctl when reading profiles in a user ns
* policy namespace stacking (LP: #1379535)
- SAUCE: (no-up) apparmor: rebase of apparmor3.5-beta1 snapshot for 4.8
- SAUCE: add a sysctl to enable unprivileged user ns AppArmor policy loading
* brd module compiled as built-in (LP: #1593293)
- [Config] CONFIG_BLK_DEV_RAM=m
* Miscellaneous Ubuntu changes
- SAUCE: apparmor: Fix FTBFS due to bad include path
- SAUCE: apparmor: add data query support
- rebase to v4.10-rc7
* Miscellaneous upstream changes
- fixup backout policy view capable for forward port
- apparmor: fix: Rework the iter loop for label_update
- apparmor: add more assertions for updates/merges to help catch errors
- apparmor: Make pivot root transitions work with stacking
- apparmor: convert delegating deleted files to mediate deleted files
- apparmor: add missing parens. not a bug fix but highly recommended
- apparmor: add a stack_version file to allow detection of bug fixes
- apparmor: push path lookup into mediation loop
- apparmor: default to allowing unprivileged userns policy
- apparmor: fix: permissions test to view and manage policy
- apparmor: Add Basic ns cross check condition for ipc
[ Upstream Kernel Changes ]
* rebase to v4.10-rc7
linux (4.10.0-6.8) zesty; urgency=low
[ Tim Gardner ]
* Release Tracking Bug
- LP: #1661300
* flock not mediated by 'k' (LP: #1658219)
- SAUCE: apparmor: flock mediation is not being enforced on cache check
* unexpected errno=13 and disconnected path when trying to open /proc/1/ns/mnt
from a unshared mount namespace (LP: #1656121)
- SAUCE: apparmor: null profiles should inherit parent control flags
* apparmor refcount leak of profile namespace when removing profiles
(LP: #1660849)
- SAUCE: apparmor: fix ns ref count link when removing profiles from policy
* tor in lxd: apparmor="DENIED" operation="change_onexec"
namespace="root//CONTAINERNAME_<var-lib-lxd>" profile="unconfined"
name="system_tor" (LP: #1648143)
- SAUCE: apparmor: Fix no_new_privs blocking change_onexec when using stacked
namespaces
* apparmor_parser hangs indefinitely when called by multiple threads
(LP: #1645037)
- SAUCE: apparmor: fix lock ordering for mkdir
* apparmor leaking securityfs pin count (LP: #1660846)
- SAUCE: apparmor: fix leak on securityfs pin count
* apparmor reference count leak when securityfs_setup_d_inode\ () fails
(LP: #1660845)
- SAUCE: apparmor: fix reference count leak when securityfs_setup_d_inode()
fails
* apparmor not checking error if security_pin_fs() fails (LP: #1660842)
- SAUCE: apparmor: fix not handling error case when securityfs_pin_fs() fails
* apparmor oops in bind_mnt when dev_path lookup fails (LP: #1660840)
- SAUCE: apparmor: fix oops in bind_mnt when dev_path lookup fails
* apparmor auditing denied access of special apparmor .null fi\ le
(LP: #1660836)
- SAUCE: apparmor: Don't audit denied access of special apparmor .null file
* apparmor label leak when new label is unused (LP: #1660834)
- SAUCE: apparmor: fix label leak when new label is unused
* apparmor reference count bug in label_merge_insert() (LP: #1660833)
- SAUCE: apparmor: fix reference count bug in label_merge_insert()
* apparmor's raw_data file in securityfs is sometimes truncated (LP: #1638996)
- SAUCE: apparmor: fix replacement race in reading rawdata
* unix domain socket cross permission check failing with nested namespaces
(LP: #1660832)
- SAUCE: apparmor: fix cross ns perm of unix domain sockets
* Kdump through NMI SMP and single core not working on Ubuntu16.10
(LP: #1630924)
- hv: don't reset hv_context.tsc_page on crash
* [17.04 FEAT] Integrate kernel message catalogue for s390x into Ubuntu
distribution (LP: #1628889)
- SAUCE: s390: kernel message catalog
* Miscellaneous Ubuntu changes
- [Config] Drop powerpc ABI files
linux (4.10.0-5.7) zesty; urgency=low
* [regression 4.8.0-14 -> 4.8.0-17] keyboard and touchscreen lost on Acer
Chromebook R11 (LP: #1630238)
- [Config] CONFIG_TOUCHSCREEN_ELAN=y,CONFIG_PINCTRL_CHERRYVIEW=y for amd64
* Enable CONFIG_NET_DROP_MONITOR=m in Ubuntu Kernel (LP: #1660634)
- [Config] Update annotations for CONFIG_NET_DROP_MONITOR
* Miscellaneous Ubuntu changes
- d-i: initrd needs msm_emac on amberwing platform.
- [Config] Remove powerpc architecture builds
- [Config] updateconfigs after removing powerpc configs
- [Config] Update annotations after removing powerpc configs
- SAUCE: Disable timers selftest for now
- Rebase to v4.10-rc6
- SAUCE: (no-up) Update zfs to 0.6.5.8-0ubuntu9
- Enable zfs build
- [Config] CONFIG_NET_DROP_MONITOR=m
[ Upstream Kernel Changes ]
* rebase to v4.10-rc6
linux (4.10.0-4.6) zesty; urgency=low
* Miscellaneous upstream changes
- Revert "UBUNTU: Disable all flavors for the powerpc architecture"
linux (4.10.0-3.5) zesty; urgency=low
* KVM module handling different per Architecture - ppc64el (LP: #1657734)
- [Config] powerpc: Add kvm-hv and kvm-pr to the generic inclusion list
* ENA network driver moved to -extra (LP: #1657767)
- [Config] Move Amazon ENA network driver to the main kernel package
* [Hyper-V] mkfs regression in 4.10 fixed by patch in "for-4.11"
(LP: #1657539)
- block: relax check on sg gap
* i915 module requests unreleased GUC firmware files (LP: #1626740)
- SAUCE: (no-up) i915: Remove MODULE_FIRMWARE statements for unreleased
firmware
* [17.04 FEAT] Integrate kernel message catalogue for s390x into Ubuntu
distribution (LP: #1628889)
- [Config] CONFIG_KMSG_IDS=y for s390
- SAUCE: s390 Kernel message catalog
* Miscellaneous Ubuntu changes
- ubuntu: vbox -- Update to 5.1.14-dfsg-1
- SAUCE: vbox -- remove .readlink assignment
- Enable vbox build
- [Config] CONFIG_DEFAULT_IOSCHED=cfq
- [Config] Bump CONFIG_NR_CPUS up to 256 on arm64
- [Config] Fix up s390x config options changed during 4.10 rebase
- [Config] Update annotations for 4.10
- Disable all flavors for the powerpc architecture
[ Upstream Kernel Changes ]
* rebase to v4.10-rc5
linux (4.10.0-2.4) zesty; urgency=low
* Move some kernel modules to the main kernel package (part 2) (LP: #1655002)
- [Config] Add IBM power drivers to the inclusion list
* Miscellaneous Ubuntu changes
- [Config] linux-source Provides should not be a macro
- [Config] Correct the note URL for LATENCYTOP
- rebase to v4.10-rc4
[ Upstream Kernel Changes ]
* rebase to v4.10-rc4
linux (4.10.0-1.3) zesty; urgency=low
[ Upstream Kernel Changes ]
* rebase to v4.10-rc3
linux (4.10.0-0.2) zesty; urgency=low
* [17.04 FEAT] Build IMA and the TPM device drivers into the KVM on POWER
host/NV kernel (LP: #1643652)
- [Config] Update and enforce IMA options
* Miscellaneous Ubuntu changes
- [Config] Disble stack protector for powerpc-smp
linux (4.10.0-0.1) zesty; urgency=low
* IP-over-DDP packets dropped (LP: #1559772)
- [Config] CONFIG_IPDDP=n
* Miscellaneous Ubuntu changes
- [Config] Update annotations with recent config changes
- SAUCE: aufs -- remove .readlink assignment
- disable vbox build
- disable ZFS build
[ Upstream Kernel Changes ]
* rebase to v4.10-rc2
linux (4.9.0-11.12) zesty; urgency=low
* Miscellaneous Ubuntu changes
- UBUNTU: SAUCE: Add '-fno-pie -no-pie' to cflags for x86 selftests
- UBUNTU: SAUCE: (no-up) aufs: for v4.9-rc1, support setattr_prepare()
[ Upstream Kernel Changes ]
* rebase to v4.9
linux (4.9.0-10.11) zesty; urgency=low
* d-i is missing usb support for platforms that use the xhci-platform driver
(LP: #1625222)
- d-i initrd needs additional usb modules to support the merlin platform
* Miscellaneous Ubuntu changes
- SAUCE: Import aufs driver
- SAUCE: aufs -- Convert to use xattr handlers
- SAUCE: aufs -- Add flags argument to aufs_rename()
- [Config] Enable aufs
- [Config] CONFIG_FSL_FMAN=y for powerpc
- SAUCE: powerpc64: Fix legacy cmpi mneomonic assumption
- [Config] Restore powerpc64-emb
linux (4.9.0-9.10) zesty; urgency=low
* Kernel Fixes to get TCMU File Backed Optical to work (LP: #1646204)
- SAUCE: target/user: Fix use-after-free of tcmu_cmds if they are expired
* Yakkety: arm64: CONFIG_ARM64_ERRATUM_845719 isn't enabled (LP: #1647793)
- [Config] CONFIG_ARM64_ERRATUM_845719=y
* Update hio driver to 2.1.0.28 (LP: #1646643)
- SAUCE: hio: update to Huawei ES3000_V2 (2.1.0.28)
* Miscellaneous Ubuntu changes
- ubuntu: vbox -- Update to 5.1.10-dfsg-2
- Build vbox for ARCH=x86
- SAUCE: Add aufs driver
- SAUCE: aufs -- Convert to use xattr handlers
- SAUCE: aufs -- Updates for rename2
- SAUCE: Export symbols used by aufs
- [Config] Enable aufs
linux (4.9.0-8.9) zesty; urgency=low
* Miscellaneous Ubuntu changes
- SAUCE: xr-usb-serial: only build for x86
Fixes s390x FTBS
linux (4.9.0-7.8) zesty; urgency=low
* Driver for Exar USB UART (LP: #1645591)
- SAUCE: xr-usb-serial: Driver for Exar USB serial ports
- SAUCE: xr-usb-serial: interface for switching modes
- SAUCE: cdc-acm: Exclude Exar USB serial ports
[ Upstream Kernel Changes ]
* rebase to v4.9-rc8
linux (4.9.0-6.7) zesty; urgency=low
* Miscellaneous Ubuntu changes
- Set build_arch=x86 for i386
linux (4.9.0-5.6) zesty; urgency=low
* Miscellaneous Ubuntu changes
- [Debian] restore tools build
- Set build_arch=x86 for amd64 and x32
linux (4.9.0-4.5) zesty; urgency=low
* linux: Staging modules should be unsigned (LP: #1642368)
- [Debian] Suppress module signing for staging drivers
- SAUCE: Add rtl drivers to signature inclusion list
* [17.04 FEAT] Build IMA and the TPM device drivers into the KVM on POWER
host/NV kernel (LP: #1643652)
- [Config] CONFIG_IMA=y
* Miscellaneous Ubuntu changes
- [Debian] config-check -- Make it easier to find annotations syntax errors
- [Config] Enable various drivers for ARM platforms
- [Config] Fix s390x config carnage
- [Config] Set CONFIG_KEXEC=y for all architectures
- [Config] Fix up CONFIG_I2C_SLAVE values
- [Config] Set CONFIG_WLAN_VENDOR_TI=y for all supported kernels
- [Config] Set CONFIG_PWM_PCA9685=m for amd64 and i386
- [Config] Set CONFIG_ZONE_DMA=m for amd64-generic
- [Config] Update annotations
- [Config] CONFIG_NR_CPUS=8192 for amd64
linux (4.9.0-3.4) zesty; urgency=low
* Miscellaneous Ubuntu changes
- SAUCE: (namespace) security/integrity: Harden against malformed xattrs
- SAUCE: (namespace) block_dev: Support checking inode permissions in lookup_bdev()
- SAUCE: (namespace) block_dev: Check permissions towards block device inode when mounting
- SAUCE: (namespace) mtd: Check permissions towards mtd block device inode when mounting
- SAUCE: (namespace) fs: Allow superblock owner to change ownership of inodes
- SAUCE: (namespace) fs: Don't remove suid for CAP_FSETID for userns root
- SAUCE: (namespace) fs: Allow superblock owner to access do_remount_sb()
- SAUCE: (namespace) capabilities: Allow privileged user in s_user_ns to set security.* xattrs
- SAUCE: (namespace) fs: Allow CAP_SYS_ADMIN in s_user_ns to freeze and thaw filesystems
- SAUCE: (namespace) posix_acl: Export posix_acl_fix_xattr_userns() to modules
- SAUCE: (namespace) fuse: Add support for pid namespaces
- SAUCE: (namespace) fuse: Support fuse filesystems outside of init_user_ns
- SAUCE: (namespace) fuse: Translate ids in posix acl xattrs
- SAUCE: (namespace) fuse: Restrict allow_other to the superblock's namespace or a descendant
- SAUCE: (namespace) fuse: Allow user namespace mounts
- SAUCE: (namespace) ext4: Add support for unprivileged mounts from user namespaces
- SAUCE: (namespace) ext4: Add module parameter to enable user namespace mounts
- SAUCE: (namespace) block_dev: Forbid unprivileged mounting when device is opened for writing
- SAUCE: (noup) Update spl to 0.6.5.8-0ubuntu7, zfs to 0.6.5.8-2ubuntu1
* Miscellaneous upstream changes
- Revert "UBUNTU: SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs"
[ Upstream Kernel Changes ]
* rebase to v4.9-rc7
linux (4.9.0-2.3) zesty; urgency=low
* Fix Kernel Crashing under IBM Virtual Scsi Driver (LP: #1642299)
- SAUCE: ibmvscsis: Rearrange functions for future patches
- SAUCE: ibmvscsis: Synchronize cmds at tpg_enable_store time
- SAUCE: ibmvscsis: Synchronize cmds at remove time
- SAUCE: ibmvscsis: Clean up properly if target_submit_cmd/tmr fails
- SAUCE: ibmvscsis: Return correct partition name/# to client
- SAUCE: ibmvscsis: Issues from Dan Carpenter/Smatch
* Move some kernel modules to the main kernel package (LP: #1642228)
- [Config] Move some powerpc kernel modules to the main kernel package
* linux: Staging modules should be unsigned (LP: #1642368)
- [Debian] Suppress module signing for staging drivers
* Miscellaneous Ubuntu changes
- SAUCE: UEFI: bpf: disable bpf when module security is enabled
[ Upstream Kernel Changes ]
* rebase to v4.9-rc6
linux (4.9.0-1.2) zesty; urgency=low
* hio: SSD data corruption under stress test (LP: #1638700)
- SAUCE: hio: set bi_error field to signal an I/O error on a BIO
- SAUCE: hio: splitting bio in the entry of .make_request_fn
* hio Ubuntu sauce driver needs porting to 4.8 (LP: #1635594)
- SAUCE: import Huawei ES3000_V2 (2.1.0.23)
- SAUCE: hio: bio_endio() no longer takes errors arg
- SAUCE: hio: blk_queue make_request_fn now returns a blk_qc_t
- SAUCE: hio: use alloc_cpumask_var to avoid -Wframe-larger-than
- SAUCE: hio: fix mask maybe-uninitialized warning
- SAUCE: hio: port to v4.8 base
- [config] enable CONFIG_HIO (Huawei ES3000_V2 PCIe SSD driver)
- SAUCE: hio: Makefile and Kconfig
- [Config] Enforce CONFIG_HIO
* Miscellaneous Ubuntu changes
- rebase to v4.9-rc5
- zfs: remove the never implemented aio_fsync file operation
- [Config] Disable powerpc64-emb for FTBS
[ Upstream Kernel Changes ]
* rebase to v4.9-rc5
linux (4.9.0-0.1) zesty; urgency=low
[ Upstream Kernel Changes ]
* rebase to v4.9-rc4
- LP: #1465724
- LP: #1535802
linux (4.9.0-0.0) yakkety; urgency=low
[ Seth Forshee ]
* Release Tracking Bug
- LP: #1632918
* Revert "If zone is so small that watermarks are the same, stop zone balance"
in yakkety (LP: #1632894)
- Revert "UBUNTU: SAUCE: (no-up) If zone is so small that watermarks are the
same, stop zone balance."
Date: 2017-03-17 17:24:13.696919+00:00
Changed-By: Tim Gardner <tim.gardner at canonical.com>
Signed-By: Andy Whitcroft <apw at canonical.com>
https://launchpad.net/ubuntu/+source/linux-hwe-edge/4.10.0-14.16~16.04.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Xenial-changes
mailing list