Package "linux-kvm"

 linux-kvm (4.15.0-1039.39) bionic; urgency=medium
 .
   * linux-kvm: 4.15.0-1039.39 -proposed tracker (LP: #1834940)
 .
   * q-r-t security test wants SCHED_STACK_END_CHECK to be enabled in KVM kernels
     (LP: #1812159)
     - [Config]: enable SCHED_STACK_END_CHECK
 .
   * test_410_config_lock_down_kernel in ubuntu_kernel_security test failed on
     B/C/D KVM (LP: #1811981)
     - [Config]: enable CONFIG_LOCK_DOWN_KERNEL
 .
   [ Ubuntu: 4.15.0-55.60 ]
 .
   * linux: 4.15.0-55.60 -proposed tracker (LP: #1834954)
   * Request backport of ceph commits into bionic (LP: #1834235)
     - ceph: use atomic_t for ceph_inode_info::i_shared_gen
     - ceph: define argument structure for handle_cap_grant
     - ceph: flush pending works before shutdown super
     - ceph: send cap releases more aggressively
     - ceph: single workqueue for inode related works
     - ceph: avoid dereferencing invalid pointer during cached readdir
     - ceph: quota: add initial infrastructure to support cephfs quotas
     - ceph: quota: support for ceph.quota.max_files
     - ceph: quota: don't allow cross-quota renames
     - ceph: fix root quota realm check
     - ceph: quota: support for ceph.quota.max_bytes
     - ceph: quota: update MDS when max_bytes is approaching
     - ceph: quota: add counter for snaprealms with quota
     - ceph: avoid iput_final() while holding mutex or in dispatch thread
   * QCA9377 isn't being recognized sometimes (LP: #1757218)
     - SAUCE: USB: Disable USB2 LPM at shutdown
   * hns: fix ICMP6 neighbor solicitation messages discard problem (LP: #1833140)
     - net: hns: fix ICMP6 neighbor solicitation messages discard problem
     - net: hns: fix unsigned comparison to less than zero
   * Fix occasional boot time crash in hns driver (LP: #1833138)
     - net: hns: Fix probabilistic memory overwrite when HNS driver initialized
   * use-after-free in hns_nic_net_xmit_hw (LP: #1833136)
     - net: hns: fix KASAN: use-after-free in hns_nic_net_xmit_hw()
   * hns: attempt to restart autoneg when disabled should report error
     (LP: #1833147)
     - net: hns: Restart autoneg need return failed when autoneg off
   * systemd 237-3ubuntu10.14 ADT test failure on Bionic ppc64el (test-seccomp)
     (LP: #1821625)
     - powerpc: sys_pkey_alloc() and sys_pkey_free() system calls
     - powerpc: sys_pkey_mprotect() system call
   * [UBUNTU] pkey: Indicate old mkvp only if old and curr. mkvp are different
     (LP: #1832625)
     - pkey: Indicate old mkvp only if old and current mkvp are different
   * [UBUNTU] kernel: Fix gcm-aes-s390 wrong scatter-gather list processing
     (LP: #1832623)
     - s390/crypto: fix gcm-aes-s390 selftest failures
   * System crashes on hot adding a core with drmgr command (4.15.0-48-generic)
     (LP: #1833716)
     - powerpc/numa: improve control of topology updates
     - powerpc/numa: document topology_updates_enabled, disable by default
   * Kernel modules generated incorrectly when system is localized to a non-
     English language (LP: #1828084)
     - scripts: override locale from environment when running recordmcount.pl
   * [UBUNTU] kernel: Fix wrong dispatching for control domain CPRBs
     (LP: #1832624)
     - s390/zcrypt: Fix wrong dispatching for control domain CPRBs
   * CVE-2019-11815
     - net: rds: force to destroy connection if t_sock is NULL in
       rds_tcp_kill_sock().
   * Sound device not detected after resume from hibernate (LP: #1826868)
     - drm/i915: Force 2*96 MHz cdclk on glk/cnl when audio power is enabled
     - drm/i915: Save the old CDCLK atomic state
     - drm/i915: Remove redundant store of logical CDCLK state
     - drm/i915: Skip modeset for cdclk changes if possible
   * Handle overflow in proc_get_long of sysctl (LP: #1833935)
     - sysctl: handle overflow in proc_get_long
   * Dell XPS 13 (9370) defaults to s2idle sleep/suspend instead of deep, NVMe
     drains lots of power under s2idle (LP: #1808957)
     - Revert "UBUNTU: SAUCE: pci/nvme: prevent WDC PC SN720 NVMe from entering D3
       and being disabled"
     - Revert "UBUNTU: SAUCE: nvme: add quirk to not call disable function when
       suspending"
     - Revert "UBUNTU: SAUCE: pci: prevent Intel NVMe SSDPEKKF from entering D3"
     - Revert "SAUCE: nvme: add quirk to not call disable function when suspending"
     - Revert "SAUCE: pci: prevent sk hynix nvme from entering D3"
     - PCI: PM: Avoid possible suspend-to-idle issue
     - PCI: PM: Skip devices in D0 for suspend-to-idle
     - nvme-pci: Sync queues on reset
     - nvme: Export get and set features
     - nvme-pci: Use host managed power state for suspend
   * linux v4.15 ftbfs on a newer host kernel (e.g. hwe) (LP: #1823429)
     - selinux: use kernel linux/socket.h for genheaders and mdp
   * 32-bit x86 kernel 4.15.0-50 crash in vmalloc_sync_all (LP: #1830433)
     - x86/mm/pat: Disable preemption around __flush_tlb_all()
     - x86/mm: Drop usage of __flush_tlb_all() in kernel_physical_mapping_init()
     - x86/mm: Disable ioremap free page handling on x86-PAE
     - ioremap: Update pgtable free interfaces with addr
     - x86/mm: Add TLB purge to free pmd/pte page interfaces
     - x86/init: fix build with CONFIG_SWAP=n
     - x86/mm: provide pmdp_establish() helper
     - x86/mm: Use WRITE_ONCE() when setting PTEs
   * hinic: fix oops due to race in set_rx_mode (LP: #1832048)
     - hinic: fix a bug in set rx mode
   * ubuntu 18.04 flickering screen with Radeon X1600 (LP: #1791312)
     - drm/radeon: prefer lower reference dividers
   * Login screen never appears on vmwgfx using bionic kernel 4.15 (LP: #1832138)
     - drm/vmwgfx: use monotonic event timestamps
   * [linux-azure] Block Layer Commits Requested in Azure Kernels (LP: #1834499)
     - block: Clear kernel memory before copying to user
     - block/bio: Do not zero user pages
   * CONFIG_LOG_BUF_SHIFT set to 14 is too low on arm64 (LP: #1824864)
     - [Config] CONFIG_LOG_BUF_SHIFT=18 on all 64bit arches
   * Handle overflow

 linux-kvm (4.15.0-1038.38) bionic; urgency=medium
 .
   * linux-kvm: 4.15.0-1038.38 -proposed tracker (LP: #1833976)
 .
   [ Ubuntu: 4.15.0-54.58 ]
 .
   * linux: 4.15.0-54.58 -proposed tracker (LP: #1833987)
   * Remote denial of service (resource exhaustion) caused by TCP SACK scoreboard
     manipulation (LP: #1831638) // CVE-2019-11478
     - tcp: refine memory limit test in tcp_fragment()
   * CVE-2019-11479
     - SAUCE: tcp: add tcp_min_snd_mss sysctl
     - SAUCE: tcp: enforce tcp_min_snd_mss in tcp_mtu_probing()

 linux-kvm (4.15.0-1037.37) bionic; urgency=medium
 .
   * linux-kvm: 4.15.0-1037.37 -proposed tracker (LP: #1832564)
 .
   * test_410_config_lock_down_kernel in ubuntu_kernel_security test failed on
     B/C/D KVM (LP: #1811981)
     - [Config]: enable CONFIG_LOCK_DOWN_KERNEL
 .
   [ Ubuntu: 4.15.0-53.57 ]
 .
   * linux: 4.15.0-53.57 -proposed tracker (LP: #1832578)
   * CVE-2019-11479
     - SAUCE: tcp: add tcp_min_snd_mss sysctl
     - SAUCE: tcp: enforce tcp_min_snd_mss in tcp_mtu_probing()
   * CVE-2019-11085
     - drm/i915/gvt: Fix mmap range check
     - drm/i915: make mappable struct resource centric
     - drm/i915/gvt: Fix aperture read/write emulation when enable x-no-mmap=on
   * CVE-2019-11884
     - Bluetooth: hidp: fix buffer overflow
   * af_alg06 test from crypto test suite in LTP failed with kernel oops on B/C
     (LP: #1829725)
     - crypto: authenc - fix parsing key with misaligned rta_len
   * CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130 // CVE-2019-11091
     - SAUCE: Synchronize MDS mitigations with upstream
     - Documentation: Correct the possible MDS sysfs values
     - x86/speculation/mds: Fix documentation typo
   * CVE-2019-11091
     - x86/mds: Add MDSUM variant to the MDS documentation
   * alignment test in powerpc from ubuntu_kernel_selftests failed on B/C Power9
     (LP: #1813118)
     - selftests/powerpc: Remove Power9 copy_unaligned test
   * TRACE_syscall.ptrace_syscall_dropped in seccomp from ubuntu_kernel_selftests
     failed on B/C PowerPC (LP: #1812796)
     - selftests/seccomp: Enhance per-arch ptrace syscall skip tests
   * Add powerpc/alignment_handler test for selftests (LP: #1828935)
     - selftests/powerpc: Add alignment handler selftest
     - selftests/powerpc: Fix to use ucontext_t instead of struct ucontext
   * Cannot build kernel 4.15.0-48.51 due to an in-source-tree ZFS module.
     (LP: #1828763)
     - SAUCE: (noup) Update zfs to 0.7.5-1ubuntu16.5
   * Eletrical noise occurred when external headset enter powersaving mode on a
     DEll machine (LP: #1828798)
     - ALSA: hda/realtek - Reduce click noise on Dell Precision 5820 headphone
     - ALSA: hda/realtek - Fixup headphone noise via runtime suspend
   * [18.04/18.10] File libperf-jvmti.so is missing in linux-tools-common deb on
     Ubuntu (LP: #1761379)
     - [Packaging] Support building libperf-jvmti.so
   * TCP : race condition on socket ownership in tcp_close() (LP: #1830813)
     - tcp: do not release socket ownership in tcp_close()
   * bionic: netlink: potential shift overflow in netlink_bind() (LP: #1831103)
     - netlink: Don't shift on 64 for ngroups
   * Add support to Comet Lake LPSS (LP: #1830175)
     - mfd: intel-lpss: Add Intel Comet Lake PCI IDs
   * Reduce NAPI weight in hns driver from 256 to 64 (LP: #1830587)
     - net: hns: Use NAPI_POLL_WEIGHT for hns driver
   * x86: add support for AMD Rome (LP: #1819485)
     - x86: irq_remapping: Move irq remapping mode enum
     - iommu/amd: Add support for higher 64-bit IOMMU Control Register
     - iommu/amd: Add support for IOMMU XT mode
     - hwmon/k10temp, x86/amd_nb: Consolidate shared device IDs
     - hwmon/k10temp: Add support for AMD family 17h, model 30h CPUs
     - x86/amd_nb: Add PCI device IDs for family 17h, model 30h
     - x86/MCE/AMD: Fix the thresholding machinery initialization order
     - x86/amd_nb: Add support for newer PCI topologies
   * nx842 - CRB request time out (-110) when uninstall NX modules and initiate
     NX request (LP: #1827755)
     - crypto/nx: Initialize 842 high and normal RxFIFO control registers
   * Require improved hypervisor detection patch in Ubuntu 18.04 (LP: #1829972)
     - s390/early: improve machine detection

 linux-kvm (4.15.0-1035.35) bionic; urgency=medium
 .
   * linux-kvm: 4.15.0-1035.35 -proposed tracker (LP: #1829204)
 .
   [ Ubuntu: 4.15.0-51.55 ]
 .
   * linux: 4.15.0-51.55 -proposed tracker (LP: #1829219)
   * disable a.out support (LP: #1818552)
     - [Config] Disable a.out support
   * [UBUNTU] qdio: clear intparm during shutdown (LP: #1828394)
     - s390/qdio: clear intparm during shutdown
   * ftrace in ubuntu_kernel_selftests hang with Cosmic kernel (LP: #1826385)
     - kprobes/x86: Fix instruction patching corruption when copying more than one
       RIP-relative instruction
   * touchpad not working on lenovo yoga 530 (LP: #1787775)
     - Revert "UBUNTU: SAUCE: i2c:amd Depends on ACPI"
     - Revert "UBUNTU: SAUCE: i2c:amd move out pointer in union i2c_event_base"
     - Revert "UBUNTU: SAUCE: i2c:amd I2C Driver based on PCI Interface for
       upcoming platform"
     - i2c: add helpers to ease DMA handling
     - i2c: add a message flag for DMA safe buffers
     - i2c: add extra check to safe DMA buffer helper
     - i2c: Add drivers for the AMD PCIe MP2 I2C controller
     - [Config] Update config for AMD MP2 I2C driver
     - [Config] Update I2C_AMD_MP2 annotations
   * tm-unavailable in powerpc/tm failed on Bionic Power9 (LP: #1813129)
     - selftests/powerpc: Check for pthread errors in tm-unavailable
     - selftests/powerpc: Skip tm-unavailable if TM is not enabled
   * cp_abort in powerpc/context_switch from ubunut_kernel_selftests failed on
     Bionic P9 (LP: #1813134)
     - selftests/powerpc: Remove redundant cp_abort test
   * bionic/linux: completely remove snapdragon files from sources (LP: #1827880)
     - [Packaging] remove snapdragon dead files
     - [Config] update configs after snapdragon removal
   * The noise keeps occurring when Headset is plugged in on a Dell machine
     (LP: #1827972)
     - ALSA: hda/realtek - Fixed Dell AIO speaker noise
   * Geneve tunnels don't work when ipv6 is disabled (LP: #1794232)
     - geneve: correctly handle ipv6.disable module parameter
   * There are 4 HDMI/Displayport audio output listed in sound setting without
     attach any HDMI/DP monitor (LP: #1827967)
     - ALSA: hda/hdmi - Read the pin sense from register when repolling
     - ALSA: hda/hdmi - Consider eld_valid when reporting jack event
   * Headphone jack switch sense is inverted: plugging in headphones disables
     headphone output (LP: #1824259)
     - ASoC: rt5645: Headphone Jack sense inverts on the LattePanda board
   * CTAUTO:DevOps:860.50:devops4fp1:Error occurred during LINUX Dmesg error
     Checking for all LINUX clients for devops4p10 (LP: #1766201)
     - SAUCE: integrity: downgrade error to warning
   * Screen freeze after resume from S3 when HDMI monitor plugged on Dell
     Precision 7740 (LP: #1825958)
     - PCI: Restore resized BAR state on resume
   * potential memory corruption on arm64 on dev release (LP: #1827437)
     - driver core: Postpone DMA tear-down until after devres release
   * powerpc/pmu/ebb test in ubuntu_kernel_selftest failed with "error while
     loading shared libraries" on Bionic/Cosmic PowerPC (LP: #1812805)
     - selftests/powerpc/pmu: Link ebb tests with -no-pie
   * unnecessary request_queue freeze (LP: #1815733)
     - block: avoid setting nr_requests to current value
     - block: avoid setting none scheduler if it's already none
   * Kprobe event string type argument failed in ftrace from
     ubuntu_kernel_selftests on B/C i386 (LP: #1825780)
     - selftests/ftrace: Fix kprobe string testcase to not probe notrace function
   * hns: fix socket accounting (LP: #1826911)
     - net: hns: fix skb->truesize underestimation
   * False positive test result in run_netsocktests from net in
     ubuntu_kernel_selftest (LP: #1825777)
     - selftests/net: correct the return value for run_netsocktests

 linux-kvm (4.15.0-1033.33) bionic; urgency=medium
 .
   * linux-kvm: 4.15.0-1033.33 -proposed tracker (LP: #1826343)
 .
   [ Ubuntu: 4.15.0-49.52 ]
 .
   * linux: 4.15.0-49.52 -proposed tracker (LP: #1826358)
   * Backport support for software count cache flush Spectre v2 mitigation. (CVE)
     (required for POWER9 DD2.3) (LP: #1822870)
     - powerpc/64s: Add support for ori barrier_nospec patching
     - powerpc/64s: Patch barrier_nospec in modules
     - powerpc/64s: Enable barrier_nospec based on firmware settings
     - powerpc: Use barrier_nospec in copy_from_user()
     - powerpc/64: Use barrier_nospec in syscall entry
     - powerpc/64s: Enhance the information in cpu_show_spectre_v1()
     - powerpc/64: Disable the speculation barrier from the command line
     - powerpc/64: Make stf barrier PPC_BOOK3S_64 specific.
     - powerpc/64: Add CONFIG_PPC_BARRIER_NOSPEC
     - powerpc/64: Call setup_barrier_nospec() from setup_arch()
     - powerpc/64: Make meltdown reporting Book3S 64 specific
     - powerpc/lib/code-patching: refactor patch_instruction()
     - powerpc/lib/feature-fixups: use raw_patch_instruction()
     - powerpc/asm: Add a patch_site macro & helpers for patching instructions
     - powerpc/64s: Add new security feature flags for count cache flush
     - powerpc/64s: Add support for software count cache flush
     - powerpc/pseries: Query hypervisor for count cache flush settings
     - powerpc/powernv: Query firmware for count cache flush settings
     - powerpc/fsl: Add nospectre_v2 command line argument
     - KVM: PPC: Book3S: Add count cache flush parameters to kvmppc_get_cpu_char()
     - [Config] Add CONFIG_PPC_BARRIER_NOSPEC
   * Packaging resync (LP: #1786013)
     - [Packaging] resync git-ubuntu-log
   * autopkgtests run too often, too much and don't skip enough (LP: #1823056)
     - [Debian] Set +x on rebuild testcase.
     - [Debian] Skip rebuild test, for regression-suite deps.
     - [Debian] Make ubuntu-regression-suite skippable on unbootable kernels.
     - [Debian] make rebuild use skippable error codes when skipping.
     - [Debian] Only run regression-suite, if requested to.
   * bionic: fork out linux-snapdragon into its own topic kernel (LP: #1820868)
     - [Packaging] remove arm64 snapdragon from getabis
     - [Config] config changes for snapdragon split
     - packaging: arm64: disable building the snapdragon flavour
   * CVE-2017-5753
     - KVM: arm/arm64: vgic: fix possible spectre-v1 in vgic_get_irq()
     - media: dvb_ca_en50221: prevent using slot_info for Spectre attacs
     - sysvipc/sem: mitigate semnum index against spectre v1
     - libahci: Fix possible Spectre-v1 pmp indexing in ahci_led_store()
     - s390/keyboard: sanitize array index in do_kdsk_ioctl
     - arm64: fix possible spectre-v1 write in ptrace_hbp_set_event()
     - KVM: arm/arm64: vgic: Fix possible spectre-v1 write in vgic_mmio_write_apr()
     - pktcdvd: Fix possible Spectre-v1 for pkt_devs
     - net: socket: fix potential spectre v1 gadget in socketcall
     - net: socket: Fix potential spectre v1 gadget in sock_is_registered
     - drm/amdgpu/pm: Fix potential Spectre v1
     - netlink: Fix spectre v1 gadget in netlink_create()
     - ext4: fix spectre gadget in ext4_mb_regular_allocator()
     - drm/i915/kvmgt: Fix potential Spectre v1
     - net: sock_diag: Fix spectre v1 gadget in __sock_diag_cmd()
     - fs/quota: Fix spectre gadget in do_quotactl
     - hwmon: (nct6775) Fix potential Spectre v1
     - mac80211_hwsim: Fix possible Spectre-v1 for hwsim_world_regdom_custom
     - switchtec: Fix Spectre v1 vulnerability
     - misc: hmc6352: fix potential Spectre v1
     - tty: vt_ioctl: fix potential Spectre v1
     - nl80211: Fix possible Spectre-v1 for NL80211_TXRATE_HT
     - nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds
     - IB/ucm: Fix Spectre v1 vulnerability
     - RDMA/ucma: Fix Spectre v1 vulnerability
     - drm/bufs: Fix Spectre v1 vulnerability
     - usb: gadget: storage: Fix Spectre v1 vulnerability
     - ptp: fix Spectre v1 vulnerability
     - HID: hiddev: fix potential Spectre v1
     - vhost: Fix Spectre V1 vulnerability
     - drivers/misc/sgi-gru: fix Spectre v1 vulnerability
     - ipv4: Fix potential Spectre v1 vulnerability
     - aio: fix spectre gadget in lookup_ioctx
     - ALSA: emux: Fix potential Spectre v1 vulnerabilities
     - ALSA: pcm: Fix potential Spectre v1 vulnerability
     - ip6mr: Fix potential Spectre v1 vulnerability
     - ALSA: rme9652: Fix potential Spectre v1 vulnerability
     - ALSA: emu10k1: Fix potential Spectre v1 vulnerabilities
     - KVM: arm/arm64: vgic: Fix off-by-one bug in vgic_get_irq()
     - drm/ioctl: Fix Spectre v1 vulnerabilities
     - char/mwave: fix potential Spectre v1 vulnerability
     - applicom: Fix potential Spectre v1 vulnerabilities
     - ipmi: msghandler: Fix potential Spectre v1 vulnerabilities
     - powerpc/ptrace: Mitigate potential Spectre v1
     - cfg80211: prevent speculation on cfg80211_classify8021d() return
     - ALSA: rawmidi: Fix potential Spectre v1 vulnerability
     - ALSA: seq: oss: Fix Spectre v1 vulnerability
   * Bionic: Sync to Xenial (Spectre) (LP: #1822760)
     - x86/speculation/l1tf: Suggest what to do on systems with too much RAM
     - KVM: SVM: Add MSR-based feature support for serializing LFENCE
     - KVM: VMX: fixes for vmentry_l1d_flush module parameter
     - KVM: X86: Allow userspace to define the microcode version
     - SAUCE: [Fix] x86/KVM/VMX: Add L1D flush logic
     - SAUCE: [Fix] x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on
       vmentry
   * [SRU] [B/OEM] Fix ACPI bug that causes boot failure (LP: #1819921)
     - SAUCE: ACPI / bus: Add some Lenovo laptops in list of acpi table term list
   * Bionic update: upstream stable patchset for fuse 2019-04-12 (LP: #1824553)
     - fuse: fix double request_end()
     - fuse: fix unlocked access to processing queue
     - fuse: umount should wait for all requests