[ubuntu/xenial-security] linux 4.4.0-138.164 (Accepted)

Steve Langasek steve.langasek at canonical.com
Mon Oct 22 16:32:49 UTC 2018


linux (4.4.0-138.164) xenial; urgency=medium

  * linux: 4.4.0-138.164 -proposed tracker (LP: #1795582)

  * Linux 4.4.155 stable release build is broken on ppc64 (LP: #1795662)
    - powerpc/fadump: Return error when fadump registration fails

  * Kernel hang on drive pull caused by regression introduced by commit
    287922eb0b18 (LP: #1791790)
    - block: Fix a race between blk_cleanup_queue() and timeout handling

  * qeth: use vzalloc for QUERY OAT buffer (LP: #1793086)
    - s390/qeth: use vzalloc for QUERY OAT buffer

  * Page leaking in cachefiles_read_backing_file while vmscan is active
    (LP: #1793430)
    - SAUCE: cachefiles: Page leaking in cachefiles_read_backing_file while vmscan
      is active

  * Bugfix for handling of shadow doorbell buffer (LP: #1788222)
    - nvme-pci: add a memory barrier to nvme_dbbuf_update_and_check_event

  * Xenial update to 4.4.155 stable release (LP: #1792419)
    - net: 6lowpan: fix reserved space for single frames
    - net: mac802154: tx: expand tailroom if necessary
    - 9p/net: Fix zero-copy path in the 9p virtio transport
    - net: lan78xx: Fix misplaced tasklet_schedule() call
    - spi: davinci: fix a NULL pointer dereference
    - drm/i915/userptr: reject zero user_size
    - powerpc/fadump: handle crash memory ranges array index overflow
    - powerpc/pseries: Fix endianness while restoring of r3 in MCE handler.
    - fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed
    - 9p/virtio: fix off-by-one error in sg list bounds check
    - net/9p/client.c: version pointer uninitialized
    - net/9p/trans_fd.c: fix race-condition by flushing workqueue before the
      kfree()
    - dm cache metadata: save in-core policy_hint_size to on-disk superblock
    - iio: ad9523: Fix displayed phase
    - iio: ad9523: Fix return value for ad952x_store()
    - vmw_balloon: fix inflation of 64-bit GFNs
    - vmw_balloon: do not use 2MB without batching
    - vmw_balloon: VMCI_DOORBELL_SET does not check status
    - vmw_balloon: fix VMCI use when balloon built into kernel
    - tracing: Do not call start/stop() functions when tracing_on does not change
    - tracing/blktrace: Fix to allow setting same value
    - kthread, tracing: Don't expose half-written comm when creating kthreads
    - uprobes: Use synchronize_rcu() not synchronize_sched()
    - 9p: fix multiple NULL-pointer-dereferences
    - PM / sleep: wakeup: Fix build error caused by missing SRCU support
    - pnfs/blocklayout: off by one in bl_map_stripe()
    - ARM: tegra: Fix Tegra30 Cardhu PCA954x reset
    - mm/tlb: Remove tlb_remove_table() non-concurrent condition
    - iommu/vt-d: Add definitions for PFSID
    - iommu/vt-d: Fix dev iotlb pfsid use
    - osf_getdomainname(): use copy_to_user()
    - sys: don't hold uts_sem while accessing userspace memory
    - userns: move user access out of the mutex
    - ubifs: Fix memory leak in lprobs self-check
    - Revert "UBIFS: Fix potential integer overflow in allocation"
    - ubifs: Check data node size before truncate
    - ubifs: Fix synced_i_size calculation for xattr inodes
    - pwm: tiehrpwm: Fix disabling of output of PWMs
    - fb: fix lost console when the user unplugs a USB adapter
    - udlfb: set optimal write delay
    - getxattr: use correct xattr length
    - bcache: release dc->writeback_lock properly in bch_writeback_thread()
    - perf auxtrace: Fix queue resize
    - fs/quota: Fix spectre gadget in do_quotactl
    - x86/io: add interface to reserve io memtype for a resource range. (v1.1)
    - drm/drivers: add support for using the arch wc mapping API.
    - Linux 4.4.155

  * Xenial update to 4.4.154 stable release (LP: #1792392)
    - sched/sysctl: Check user input value of sysctl_sched_time_avg
    - Cipso: cipso_v4_optptr enter infinite loop
    - vti6: fix PMTU caching and reporting on xmit
    - xfrm: fix missing dst_release() after policy blocking lbcast and multicast
    - xfrm: free skb if nlsk pointer is NULL
    - mac80211: add stations tied to AP_VLANs during hw reconfig
    - nl80211: Add a missing break in parse_station_flags
    - drm/bridge: adv7511: Reset registers on hotplug
    - scsi: libiscsi: fix possible NULL pointer dereference in case of TMF
    - drm/imx: imx-ldb: disable LDB on driver bind
    - drm/imx: imx-ldb: check if channel is enabled before printing warning
    - usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in
      init_controller()
    - usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in
      r8a66597_queue()
    - usb/phy: fix PPC64 build errors in phy-fsl-usb.c
    - tools: usb: ffs-test: Fix build on big endian systems
    - usb: gadget: f_uac2: fix endianness of 'struct cntrl_*_lay3'
    - tools/power turbostat: fix -S on UP systems
    - net: caif: Add a missing rcu_read_unlock() in caif_flow_cb
    - qed: Fix possible race for the link state value.
    - atl1c: reserve min skb headroom
    - net: prevent ISA drivers from building on PPC32
    - can: mpc5xxx_can: check of_iomap return before use
    - i2c: davinci: Avoid zero value of CLKH
    - media: staging: omap4iss: Include asm/cacheflush.h after generic includes
    - bnx2x: Fix invalid memory access in rss hash config path.
    - net: axienet: Fix double deregister of mdio
    - selftests/ftrace: Add snapshot and tracing_on test case
    - zswap: re-check zswap_is_full() after do zswap_shrink()
    - tools/power turbostat: Read extended processor family from CPUID
    - Revert "MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum"
    - enic: handle mtu change for vf properly
    - arc: fix build errors in arc/include/asm/delay.h
    - arc: fix type warnings in arc/mm/cache.c
    - drivers: net: lmc: fix case value for target abort error
    - scsi: fcoe: drop frames in ELS LOGO error path
    - scsi: vmw_pvscsi: Return DID_RESET for status SAM_STAT_COMMAND_TERMINATED
    - mm/memory.c: check return value of ioremap_prot
    - cifs: add missing debug entries for kconfig options
    - cifs: check kmalloc before use
    - smb3: Do not send SMB3 SET_INFO if nothing changed
    - smb3: don't request leases in symlink creation and query
    - btrfs: don't leak ret from do_chunk_alloc
    - s390/kvm: fix deadlock when killed by oom
    - ext4: check for NUL characters in extended attribute's name
    - ext4: sysfs: print ext4_super_block fields as little-endian
    - ext4: reset error code in ext4_find_entry in fallback
    - arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid()
    - KVM: arm/arm64: Skip updating PTE entry if no change
    - KVM: arm/arm64: Skip updating PMD entry if no change
    - x86/speculation/l1tf: Suggest what to do on systems with too much RAM
    - x86/process: Re-export start_thread()
    - fuse: Don't access pipe->buffers without pipe_lock()
    - fuse: fix double request_end()
    - fuse: fix unlocked access to processing queue
    - fuse: umount should wait for all requests
    - fuse: Fix oops at process_init_reply()
    - fuse: Add missed unlock_page() to fuse_readpages_fill()
    - udl-kms: change down_interruptible to down
    - udl-kms: handle allocation failure
    - udl-kms: fix crash due to uninitialized memory
    - ASoC: dpcm: don't merge format from invalid codec dai
    - ASoC: sirf: Fix potential NULL pointer dereference
    - pinctrl: freescale: off by one in imx1_pinconf_group_dbg_show()
    - x86/irqflags: Mark native_restore_fl extern inline
    - s390: fix br_r1_trampoline for machines without exrl
    - s390/qdio: reset old sbal_state flags
    - kprobes: Make list and blacklist root user read only
    - MIPS: Correct the 64-bit DSP accumulator register size
    - MIPS: lib: Provide MIPS64r6 __multi3() for GCC < 7
    - scsi: sysfs: Introduce sysfs_{un,}break_active_protection()
    - scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock
    - iscsi target: fix session creation failure handling
    - cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status
    - Linux 4.4.154

  * Xenial update to 4.4.153 stable release (LP: #1792383)
    - x86/mm: Fix use-after-free of ldt_struct
    - ovl: Ensure upper filesystem supports d_type
    - ovl: Do d_type check only if work dir creation was successful
    - ovl: warn instead of error if d_type is not supported
    - Linux 4.4.153

  * Xenial update to 4.4.152 stable release (LP: #1792377)
    - ARC: Explicitly add -mmedium-calls to CFLAGS
    - netfilter: ipv6: nf_defrag: reduce struct net memory waste
    - selftests: pstore: return Kselftest Skip code for skipped tests
    - selftests: static_keys: return Kselftest Skip code for skipped tests
    - selftests: user: return Kselftest Skip code for skipped tests
    - selftests: zram: return Kselftest Skip code for skipped tests
    - selftests: sync: add config fragment for testing sync framework
    - ARM: dts: Cygnus: Fix I2C controller interrupt type
    - usb: dwc2: fix isoc split in transfer with no data
    - usb: gadget: composite: fix delayed_status race condition when set_interface
    - usb: gadget: dwc2: fix memory leak in gadget_init()
    - scsi: xen-scsifront: add error handling for xenbus_printf
    - arm64: make secondary_start_kernel() notrace
    - qed: Add sanity check for SIMD fastpath handler.
    - enic: initialize enic->rfs_h.lock in enic_probe
    - net: hamradio: use eth_broadcast_addr
    - net: propagate dev_get_valid_name return code
    - ARC: Enable machine_desc->init_per_cpu for !CONFIG_SMP
    - net: davinci_emac: match the mdio device against its compatible if possible
    - locking/lockdep: Do not record IRQ state within lockdep code
    - ipv6: mcast: fix unsolicited report interval after receiving querys
    - Smack: Mark inode instant in smack_task_to_inode
    - cxgb4: when disabling dcb set txq dcb priority to 0
    - brcmfmac: stop watchdog before detach and free everything
    - ARM: dts: am437x: make edt-ft5x06 a wakeup source
    - usb: xhci: increase CRS timeout value
    - perf test session topology: Fix test on s390
    - perf report powerpc: Fix crash if callchain is empty
    - selftests/x86/sigreturn/64: Fix spurious failures on AMD CPUs
    - ARM: dts: da850: Fix interrups property for gpio
    - dmaengine: k3dma: Off by one in k3_of_dma_simple_xlate()
    - md/raid10: fix that replacement cannot complete recovery after reassemble
    - drm/exynos: gsc: Fix support for NV16/61, YUV420/YVU420 and YUV422 modes
    - drm/exynos: decon5433: Fix per-plane global alpha for XRGB modes
    - drm/exynos: decon5433: Fix WINCONx reset value
    - bnx2x: Fix receiving tx-timeout in error or recovery state.
    - m68k: fix "bad page state" oops on ColdFire boot
    - HID: wacom: Correct touch maximum XY of 2nd-gen Intuos
    - ARM: imx_v6_v7_defconfig: Select ULPI support
    - ARM: imx_v4_v5_defconfig: Select ULPI support
    - tracing: Use __printf markup to silence compiler
    - kasan: fix shadow_size calculation error in kasan_module_alloc
    - smsc75xx: Add workaround for gigabit link up hardware errata.
    - netfilter: x_tables: set module owner for icmp(6) matches
    - ARM: pxa: irq: fix handling of ICMR registers in suspend/resume
    - ieee802154: at86rf230: switch from BUG_ON() to WARN_ON() on problem
    - ieee802154: at86rf230: use __func__ macro for debug messages
    - ieee802154: fakelb: switch from BUG_ON() to WARN_ON() on problem
    - drm/armada: fix colorkey mode property
    - bnxt_en: Fix for system hang if request_irq fails
    - perf llvm-utils: Remove bashism from kernel include fetch script
    - ARM: 8780/1: ftrace: Only set kernel memory back to read-only after boot
    - ARM: dts: am3517.dtsi: Disable reference to OMAP3 OTG controller
    - ixgbe: Be more careful when modifying MAC filters
    - packet: reset network header if packet shorter than ll reserved space
    - qlogic: check kstrtoul() for errors
    - tcp: remove DELAYED ACK events in DCTCP
    - drm/nouveau/gem: off by one bugs in nouveau_gem_pushbuf_reloc_apply()
    - net/ethernet/freescale/fman: fix cross-build error
    - net: usb: rtl8150: demote allmulti message to dev_dbg()
    - net: qca_spi: Avoid packet drop during initial sync
    - net: qca_spi: Make sure the QCA7000 reset is triggered
    - net: qca_spi: Fix log level if probe fails
    - tcp: identify cryptic messages as TCP seq # bugs
    - staging: android: ion: check for kref overflow
    - KVM: irqfd: fix race between EPOLLHUP and irq_bypass_register_consumer
    - ext4: fix spectre gadget in ext4_mb_regular_allocator()
    - parisc: Remove ordered stores from syscall.S
    - xfrm_user: prevent leaking 2 bytes of kernel memory
    - netfilter: conntrack: dccp: treat SYNC/SYNCACK as invalid if no prior state
    - packet: refine ring v3 block size test to hold one frame
    - bridge: Propagate vlan add failure to user
    - parisc: Remove unnecessary barriers from spinlock.h
    - PCI: hotplug: Don't leak pci_slot on registration failure
    - PCI: Skip MPS logic for Virtual Functions (VFs)
    - PCI: pciehp: Fix use-after-free on unplug
    - i2c: imx: Fix race condition in dma read
    - reiserfs: fix broken xattr handling (heap corruption, bad retval)
    - Linux 4.4.152

  * Xenial update to 4.4.151 stable release (LP: #1792340)
    - dccp: fix undefined behavior with 'cwnd' shift in ccid2_cwnd_restart()
    - l2tp: use sk_dst_check() to avoid race on sk->sk_dst_cache
    - llc: use refcount_inc_not_zero() for llc_sap_find()
    - net_sched: Fix missing res info when create new tc_index filter
    - vsock: split dwork to avoid reinitializations
    - net_sched: fix NULL pointer dereference when delete tcindex filter
    - ALSA: hda - Sleep for 10ms after entering D3 on Conexant codecs
    - ALSA: hda - Turn CX8200 into D3 as well upon reboot
    - ALSA: vx222: Fix invalid endian conversions
    - ALSA: virmidi: Fix too long output trigger loop
    - ALSA: cs5535audio: Fix invalid endian conversion
    - ALSA: hda: Correct Asrock B85M-ITX power_save blacklist entry
    - ALSA: memalloc: Don't exceed over the requested size
    - ALSA: vxpocket: Fix invalid endian conversions
    - USB: serial: sierra: fix potential deadlock at close
    - USB: option: add support for DW5821e
    - ACPI: save NVS memory for Lenovo G50-45
    - ACPI / PM: save NVS memory for ASUS 1025C laptop
    - serial: 8250_dw: always set baud rate in dw8250_set_termios
    - Bluetooth: avoid killing an already killed socket
    - isdn: Disable IIOCDBGVAR
    - Linux 4.4.151

  * Xenial update to 4.4.150 stable release (LP: #1792336)
    - x86/speculation/l1tf: Exempt zeroed PTEs from inversion
    - Linux 4.4.150

  * Xenial update to 4.4.149 stable release (LP: #1792310)
    - x86/mm: Disable ioremap free page handling on x86-PAE
    - tcp: Fix missing range_truesize enlargement in the backport
    - kasan: don't emit builtin calls when sanitization is off
    - i2c: ismt: fix wrong device address when unmap the data buffer
    - kbuild: verify that $DEPMOD is installed
    - crypto: vmac - require a block cipher with 128-bit block size
    - crypto: vmac - separate tfm and request context
    - crypto: blkcipher - fix crash flushing dcache in error path
    - crypto: ablkcipher - fix crash flushing dcache in error path
    - ASoC: Intel: cht_bsw_max98090_ti: Fix jack initialization
    - ioremap: Update pgtable free interfaces with addr
    - x86/mm: Add TLB purge to free pmd/pte page interfaces
    - Linux 4.4.149

  * Xenial update to 4.4.149 stable release (LP: #1792310) // CVE-2018-9363
    - Bluetooth: hidp: buffer overflow in hidp_process_report

  * Xenial update to 4.4.148 stable release (LP: #1792174)
    - ext4: fix check to prevent initializing reserved inodes
    - tpm: fix race condition in tpm_common_write()
    - ipv4+ipv6: Make INET*_ESP select CRYPTO_ECHAINIV
    - fork: unconditionally clear stack on fork
    - parisc: Enable CONFIG_MLONGCALLS by default
    - parisc: Define mb() and add memory barriers to assembler unlock sequences
    - xen/netfront: don't cache skb_shinfo()
    - ACPI / LPSS: Add missing prv_offset setting for byt/cht PWM devices
    - scsi: sr: Avoid that opening a CD-ROM hangs with runtime power management
      enabled
    - root dentries need RCU-delayed freeing
    - fix mntput/mntput race
    - fix __legitimize_mnt()/mntput() race
    - IB/core: Make testing MR flags for writability a static inline function
    - IB/mlx4: Mark user MR as writable if actual virtual memory is writable
    - IB/ocrdma: fix out of bounds access to local buffer
    - ARM: dts: imx6sx: fix irq for pcie bridge
    - kprobes/x86: Fix %p uses in error messages
    - x86/irqflags: Provide a declaration for native_save_fl
    - SAUCE: Sync pgtable_64.h with upstream stable
    - mm: x86: move _PAGE_SWP_SOFT_DIRTY from bit 7 to bit 1
    - SAUCE: Sync pgtable-3level.h with upstream stable
    - SAUCE: Sync pgtable.h with upstream stable
    - mm: Add vm_insert_pfn_prot()
    - mm: fix cache mode tracking in vm_insert_mixed()
    - x86/mm/kmmio: Make the tracer robust against L1TF
    - x86/init: fix build with CONFIG_SWAP=n
    - Linux 4.4.148

  * Xenial update to 4.4.147 stable release (LP: #1792109)
    - scsi: qla2xxx: Fix ISP recovery on unload
    - scsi: qla2xxx: Return error when TMF returns
    - genirq: Make force irq threading setup more robust
    - nohz: Fix local_timer_softirq_pending()
    - netlink: Do not subscribe to non-existent groups
    - netlink: Don't shift with UB on nlk->ngroups
    - netlink: Don't shift on 64 for ngroups
    - ACPI / PCI: Bail early in acpi_pci_add_bus() if there is no ACPI handle
    - ring_buffer: tracing: Inherit the tracing setting to next ring buffer
    - i2c: imx: Fix reinit_completion() use
    - Linux 4.4.147

  * Xenial update to 4.4.146 stable release (LP: #1791953)
    - MIPS: Fix off-by-one in pci_resource_to_user()
    - Input: elan_i2c - add ACPI ID for lenovo ideapad 330
    - Input: i8042 - add Lenovo LaVie Z to the i8042 reset list
    - Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST
    - tracing: Fix double free of event_trigger_data
    - tracing: Fix possible double free in event_enable_trigger_func()
    - tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure
    - tracing: Quiet gcc warning about maybe unused link variable
    - xen/netfront: raise max number of slots in xennet_get_responses()
    - ALSA: emu10k1: add error handling for snd_ctl_add
    - ALSA: fm801: add error handling for snd_ctl_add
    - nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo
    - mm: vmalloc: avoid racy handling of debugobjects in vunmap
    - mm/slub.c: add __printf verification to slab_err()
    - rtc: ensure rtc_set_alarm fails when alarms are not supported
    - netfilter: ipset: List timing out entries with "timeout 1" instead of zero
    - infiniband: fix a possible use-after-free bug
    - hvc_opal: don't set tb_ticks_per_usec in udbg_init_opal_common()
    - powerpc/64s: Fix compiler store ordering to SLB shadow area
    - RDMA/mad: Convert BUG_ONs to error flows
    - disable loading f2fs module on PAGE_SIZE > 4KB
    - f2fs: fix to don't trigger writeback during recovery
    - usbip: usbip_detach: Fix memory, udev context and udev leak
    - perf/x86/intel/uncore: Correct fixed counter index check in generic code
    - perf/x86/intel/uncore: Correct fixed counter index check for NHM
    - iwlwifi: pcie: fix race in Rx buffer allocator
    - Bluetooth: hci_qca: Fix "Sleep inside atomic section" warning
    - Bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011
    - ASoC: dpcm: fix BE dai not hw_free and shutdown
    - mfd: cros_ec: Fail early if we cannot identify the EC
    - mwifiex: handle race during mwifiex_usb_disconnect
    - wlcore: sdio: check for valid platform device data before suspend
    - media: videobuf2-core: don't call memop 'finish' when queueing
    - btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups
    - btrfs: qgroup: Finish rescan when hit the last leaf of extent tree
    - PCI: Prevent sysfs disable of device while driver is attached
    - ath: Add regulatory mapping for FCC3_ETSIC
    - ath: Add regulatory mapping for ETSI8_WORLD
    - ath: Add regulatory mapping for APL13_WORLD
    - ath: Add regulatory mapping for APL2_FCCA
    - ath: Add regulatory mapping for Uganda
    - ath: Add regulatory mapping for Tanzania
    - ath: Add regulatory mapping for Serbia
    - ath: Add regulatory mapping for Bermuda
    - ath: Add regulatory mapping for Bahamas
    - powerpc/32: Add a missing include header
    - powerpc/chrp/time: Make some functions static, add missing header include
    - powerpc/powermac: Add missing prototype for note_bootable_part()
    - powerpc/powermac: Mark variable x as unused
    - powerpc/8xx: fix invalid register expression in head_8xx.S
    - pinctrl: at91-pio4: add missing of_node_put
    - PCI: pciehp: Request control of native hotplug only if supported
    - mwifiex: correct histogram data with appropriate index
    - scsi: ufs: fix exception event handling
    - ALSA: emu10k1: Rate-limit error messages about page errors
    - regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops
    - md: fix NULL dereference of mddev->pers in remove_and_add_spares()
    - media: smiapp: fix timeout checking in smiapp_read_nvm
    - ALSA: usb-audio: Apply rate limit to warning messages in URB complete
      callback
    - HID: hid-plantronics: Re-resend Update to map button for PTT products
    - drm/radeon: fix mode_valid's return type
    - powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by
      Starlet
    - HID: i2c-hid: check if device is there before really probing
    - tty: Fix data race in tty_insert_flip_string_fixed_flag
    - dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA
    - media: rcar_jpu: Add missing clk_disable_unprepare() on error in jpu_open()
    - libata: Fix command retry decision
    - media: saa7164: Fix driver name in debug output
    - mtd: rawnand: fsl_ifc: fix FSL NAND driver to read all ONFI parameter pages
    - brcmfmac: Add support for bcm43364 wireless chipset
    - s390/cpum_sf: Add data entry sizes to sampling trailer entry
    - perf: fix invalid bit in diagnostic entry
    - scsi: 3w-9xxx: fix a missing-check bug
    - scsi: 3w-xxxx: fix a missing-check bug
    - scsi: megaraid: silence a static checker bug
    - thermal: exynos: fix setting rising_threshold for Exynos5433
    - bpf: fix references to free_bpf_prog_info() in comments
    - media: siano: get rid of __le32/__le16 cast warnings
    - drm/atomic: Handling the case when setting old crtc for plane
    - ALSA: hda/ca0132: fix build failure when a local macro is defined
    - memory: tegra: Do not handle spurious interrupts
    - memory: tegra: Apply interrupts mask per SoC
    - drm/gma500: fix psb_intel_lvds_mode_valid()'s return type
    - ipconfig: Correctly initialise ic_nameservers
    - rsi: Fix 'invalid vdd' warning in mmc
    - audit: allow not equal op for audit by executable
    - microblaze: Fix simpleImage format generation
    - usb: hub: Don't wait for connect state at resume for powered-off ports
    - crypto: authencesn - don't leak pointers to authenc keys
    - crypto: authenc - don't leak pointers to authenc keys
    - media: omap3isp: fix unbalanced dma_iommu_mapping
    - scsi: scsi_dh: replace too broad "TP9" string with the exact models
    - scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs
    - media: si470x: fix __be16 annotations
    - drm: Add DP PSR2 sink enable bit
    - random: mix rdrand with entropy sent in from userspace
    - squashfs: be more careful about metadata corruption
    - ext4: fix inline data updates with checksums enabled
    - ext4: check for allocation block validity with block group locked
    - dmaengine: pxa_dma: remove duplicate const qualifier
    - ASoC: pxa: Fix module autoload for platform drivers
    - ipv4: remove BUG_ON() from fib_compute_spec_dst
    - net: fix amd-xgbe flow-control issue
    - net: lan78xx: fix rx handling before first packet is send
    - xen-netfront: wait xenbus state change when load module manually
    - NET: stmmac: align DMA stuff to largest cache line length
    - tcp: do not force quickack when receiving out-of-order packets
    - tcp: add max_quickacks param to tcp_incr_quickack and
      tcp_enter_quickack_mode
    - tcp: do not aggressively quick ack after ECN events
    - tcp: refactor tcp_ecn_check_ce to remove sk type cast
    - tcp: add one more quick ack after after ECN events
    - inet: frag: enforce memory limits earlier
    - net: dsa: Do not suspend/resume closed slave_dev
    - netlink: Fix spectre v1 gadget in netlink_create()
    - squashfs: more metadata hardening
    - squashfs: more metadata hardenings
    - can: ems_usb: Fix memory leak on ems_usb_disconnect()
    - net: socket: fix potential spectre v1 gadget in socketcall
    - virtio_balloon: fix another race between migration and ballooning
    - kvm: x86: vmx: fix vpid leak
    - crypto: padlock-aes - Fix Nano workaround data corruption
    - scsi: sg: fix minor memory leak in error path
    - Linux 4.4.146

  * Xenial update to 4.4.145 stable release (LP: #1791942)
    - MIPS: ath79: fix register address in ath79_ddr_wb_flush()
    - ip: hash fragments consistently
    - net/mlx4_core: Save the qpn from the input modifier in RST2INIT wrapper
    - rtnetlink: add rtnl_link_state check in rtnl_configure_link
    - tcp: fix dctcp delayed ACK schedule
    - tcp: helpers to send special DCTCP ack
    - tcp: do not cancel delay-AcK on DCTCP special ACK
    - tcp: do not delay ACK in DCTCP upon CE status change
    - ip: in cmsg IP(V6)_ORIGDSTADDR call pskb_may_pull
    - usb: cdc_acm: Add quirk for Castles VEGA3000
    - usb: core: handle hub C_PORT_OVER_CURRENT condition
    - usb: gadget: f_fs: Only return delayed status when len is 0
    - driver core: Partially revert "driver core: correct device's shutdown order"
    - can: xilinx_can: fix RX loop if RXNEMP is asserted without RXOK
    - can: xilinx_can: fix recovery from error states not being propagated
    - can: xilinx_can: fix device dropping off bus on RX overrun
    - can: xilinx_can: keep only 1-2 frames in TX FIFO to fix TX accounting
    - can: xilinx_can: fix incorrect clear of non-processed interrupts
    - can: xilinx_can: fix RX overflow interrupt not being enabled
    - turn off -Wattribute-alias
    - ARM: fix put_user() for gcc-8
    - Linux 4.4.145

  * kernel panic - null pointer dereference on ipset operations (LP: #1793753)
    - netfilter: ipset: fix race condition in ipset save, swap and delete
    - netfilter: ipset: Fix race between dump and swap

  * Improvements to the kernel source package preparation (LP: #1793461)
    - [Packaging] startnewrelease: add support for backport kernels

  * update ENA driver to latest mainline version (LP: #1792044)
    - net: ena: Remove redundant unlikely()
    - net: ena: reduce the severity of some printouts
    - net: ena: fix rare kernel crash when bar memory remap fails
    - net: ena: fix wrong max Tx/Rx queues on ethtool
    - net: ena: improve ENA driver boot time.
    - net: ena: remove legacy suspend suspend/resume support
    - net: ena: add power management ops to the ENA driver
    - net: ena: add statistics for missed tx packets
    - net: ena: add new admin define for future support of IPv6 RSS
    - net: ena: increase ena driver version to 1.3.0
    - net: ena: fix race condition between device reset and link up setup
    - net: ena: add detection and recovery mechanism for handling missed/misrouted
      MSI-X
    - net: ena: increase ena driver version to 1.5.0
    - net: ena: fix error handling in ena_down() sequence
    - net: ena: Eliminate duplicate barriers on weakly-ordered archs
    - SAUCE: ena: devm_kzalloc() -> devm_kcalloc()
    - net: ena: Fix use of uninitialized DMA address bits field
    - net: ena: fix surprise unplug NULL dereference kernel crash
    - net: ena: fix driver when PAGE_SIZE == 64kB
    - net: ena: fix device destruction to gracefully free resources
    - net: ena: fix potential double ena_destroy_device()
    - net: ena: fix missing lock during device destruction
    - net: ena: fix missing calls to READ_ONCE
    - net: ena: fix incorrect usage of memory barriers

Date: 2018-10-02 17:11:12.317827+00:00
Changed-By: Kleber Sacilotto de Souza <kleber.souza at canonical.com>
Signed-By: Steve Langasek <steve.langasek at canonical.com>
https://launchpad.net/ubuntu/+source/linux/4.4.0-138.164
-------------- next part --------------
Sorry, changesfile not available.


More information about the Xenial-changes mailing list