Package "linux-kvm"

 linux-kvm (4.4.0-1055.62) xenial; urgency=medium
 .
   * xenial/linux-kvm: 4.4.0-1055.62 -proposed tracker (LP: #1840012)
 .
   * CVE-2019-10638
     - [Config] kvm: CONFIG_TEST_HASH=n
 .
   [ Ubuntu: 4.4.0-160.188 ]
 .
   * xenial/linux: 4.4.0-160.188 -proposed tracker (LP: #1840021)
   * Packaging resync (LP: #1786013)
     - [Packaging] update helper scripts
   * EeePC 1005px laptop backlight is off after system boot up (LP: #1837117)
     - platform/x86: asus-wmi: Only Tell EC the OS will handle display hotkeys from
       asus_nb_wmi
   * CVE-2019-10638
     - [Config] CONFIG_TEST_HASH=n
     - siphash: add cryptographically secure PRF
     - inet: switch IP ID generator to siphash
   * Stacked onexec transitions fail when under NO NEW PRIVS restrictions
     (LP: #1839037)
     - SAUCE: apparmor: fix nnp subset check failure, when stacking
   * AppArmor onexec transition causes WARN kernel stack trace (LP: #1838627)
     - SAUCE: apparmor: fix audit failures when performing profile transitions
   * flock not mediated by 'k' (LP: #1658219) // Ubuntu 16.04: read access
     incorrectly implies 'm' rule (LP: #1838090)
     - SAUCE: apparmor: flock mediation is not being, enforced on cache check
   * bcache: bch_allocator_thread(): hung task timeout (LP: #1784665) // Tight
     timeout for bcache removal causes spurious failures (LP: #1796292)
     - SAUCE: bcache: fix deadlock in bcache_allocator
   * bcache: bch_allocator_thread(): hung task timeout (LP: #1784665)
     - bcache: improve bcache_reboot()
     - bcache: add journal statistic
     - bcache: fix high CPU occupancy during journal
     - bcache: fix incorrect sysfs output value of strip size
     - bcache: fix error return value in memory shrink
     - bcache: fix using of loop variable in memory shrink
     - bcache: Fix indentation
     - bcache: Add __printf annotation to __bch_check_keys()
     - bcache: Annotate switch fall-through
     - bcache: Fix kernel-doc warnings
     - bcache: Remove an unused variable
     - bcache: Suppress more warnings about set-but-not-used variables
     - bcache: Reduce the number of sparse complaints about lock imbalances
     - bcache: Move couple of functions to sysfs.c
   * CVE-2019-3900
     - vhost: introduce vhost_vq_avail_empty()
     - vhost_net: tx batching
     - vhost_net: do not stall on zerocopy depletion
     - vhost-net: set packet weight of tx polling to 2 * vq size
     - vhost_net: use packet weight for rx handler, too
     - vhost_net: introduce vhost_exceeds_weight()
     - vhost: introduce vhost_exceeds_weight()
     - vhost_net: fix possible infinite loop
     - vhost: scsi: add weight support
   * Xenial: ZFS deadlock in shrinker path with xattrs (LP: #1839521)
     - SAUCE: (noup) Update zfs to 0.6.5.6-0ubuntu28
   * CVE-2019-13648
     - powerpc/tm: Fix oops on sigreturn on systems without TM
   * CVE-2018-20856
     - block: blk_init_allocated_queue() set q->fq as NULL in the fail case
   * CVE-2019-14283
     - floppy: fix out-of-bounds read in copy_buffer
   * CVE-2019-14284
     - floppy: fix div-by-zero in setup_format_params
   * Xenial update: 4.4.186 upstream stable release (LP: #1838467)
     - Input: elantech - enable middle button support on 2 ThinkPads
     - samples, bpf: fix to change the buffer size for read()
     - mac80211: mesh: fix RCU warning
     - dt-bindings: can: mcp251x: add mcp25625 support
     - can: mcp251x: add support for mcp25625
     - Input: imx_keypad - make sure keyboard can always wake up system
     - ARM: davinci: da850-evm: call regulator_has_full_constraints()
     - ARM: davinci: da8xx: specify dma_coherent_mask for lcdc
     - md: fix for divide error in status_resync
     - bnx2x: Check if transceiver implements DDM before access
     - udf: Fix incorrect final NOT_ALLOCATED (hole) extent length
     - x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()
     - x86/tls: Fix possible spectre-v1 in do_get_thread_area()
     - mwifiex: Abort at too short BSS descriptor element
     - fscrypt: don't set policy for a dead directory
     - mwifiex: Don't abort on small, spec-compliant vendor IEs
     - USB: serial: ftdi_sio: add ID for isodebug v1
     - USB: serial: option: add support for GosunCn ME3630 RNDIS mode
     - usb: gadget: ether: Fix race between gether_disconnect and rx_submit
     - usb: renesas_usbhs: add a workaround for a race condition of workqueue
     - staging: comedi: dt282x: fix a null pointer deref on interrupt
     - staging: comedi: amplc_pci230: fix null pointer deref on interrupt
     - carl9170: fix misuse of device driver API
     - VMCI: Fix integer overflow in VMCI handle arrays
     - MIPS: Remove superfluous check for __linux__
     - e1000e: start network tx queue only when link is up
     - perf/core: Fix perf_sample_regs_user() mm check
     - ARM: omap2: remove incorrect __init annotation
     - be2net: fix link failure after ethtool offline test
     - ppp: mppe: Add softdep to arc4
     - sis900: fix TX completion
     - dm verity: use message limit for data block corruption message
     - kvm: x86: avoid warning on repeated KVM_SET_TSS_ADDR
     - ARC: hide unused function unw_hdr_alloc
     - s390: fix stfle zero padding
     - s390/qdio: (re-)initialize tiqdio list entries
     - s390/qdio: don't touch the dsci in tiqdio_add_input_queues()
     - KVM: x86: protect KVM_CREATE_PIT/KVM_CREATE_PIT2 with kvm->lock
     - Linux 4.4.186

 linux-kvm (4.4.0-1053.60) xenial; urgency=medium
 .
   * xenial/linux-kvm: 4.4.0-1053.60 -proposed tracker (LP: #1837591)
 .
   * CVE-2018-5383
     - kvm: [Config]: CRYPTO_ECDH=m
 .
   * linux-kvm: please support kexec (LP: #1799791)
     - [Config]: enable KEXEC and KEXEC_FILE
 .
   [ Ubuntu: 4.4.0-158.186 ]
 .
   * xenial/linux: 4.4.0-158.186 -proposed tracker (LP: #1837609)
   * Packaging resync (LP: #1786013)
     - [Packaging] resync git-ubuntu-log
     - [Packaging] update helper scripts
   * ixgbe{vf} - Physical Function gets IRQ when VF checks link state
     (LP: #1836760)
     - ixgbevf: Use cached link state instead of re-reading the value for ethtool
   * CVE-2018-5383
     - crypto: kpp - Key-agreement Protocol Primitives API (KPP)
     - crypto: dh - Add DH software implementation
     - crypto: ecdh - Add ECDH software support
     - crypto: ecdh - make ecdh_shared_secret unique
     - crypto: doc - add KPP documentation
     - crypto: kpp, (ec)dh - fix typos
     - crypto: ecc - remove unused function arguments
     - crypto: ecc - remove unnecessary casts
     - crypto: ecc - rename ecdh_make_pub_key()
     - crypto: ecdh - add privkey generation support
     - crypto: ecc - Fix NULL pointer deref. on no default_rng
     - [Config] CRYPTO_ECDH=m
     - Bluetooth: convert smp and selftest to crypto kpp API
     - crypto: ecdh - add public key verification test
   * Xenial update: 4.4.185 upstream stable release (LP: #1836668)
     - fs/binfmt_flat.c: make load_flat_shared_library() work
     - scsi: vmw_pscsi: Fix use-after-free in pvscsi_queue_lck()
     - tracing: Silence GCC 9 array bounds warning
     - gcc-9: silence 'address-of-packed-member' warning
     - usb: chipidea: udc: workaround for endpoint conflict issue
     - Input: uinput - add compat ioctl number translation for UI_*_FF_UPLOAD
     - apparmor: enforce nullbyte at end of tag string
     - parport: Fix mem leak in parport_register_dev_model
     - parisc: Fix compiler warnings in float emulation code
     - IB/hfi1: Insure freeze_work work_struct is canceled on shutdown
     - MIPS: uprobes: remove set but not used variable 'epc'
     - net: hns: Fix loopback test failed at copper ports
     - sparc: perf: fix updated event period in response to PERF_EVENT_IOC_PERIOD
     - scripts/checkstack.pl: Fix arm64 wrong or unknown architecture
     - scsi: ufs: Check that space was properly alloced in copy_query_response
     - s390/qeth: fix VLAN attribute in bridge_hostnotify udev event
     - hwmon: (pmbus/core) Treat parameters as paged if on multiple pages
     - Btrfs: fix race between readahead and device replace/removal
     - btrfs: start readahead also in seed devices
     - can: flexcan: fix timeout when set small bitrate
     - can: purge socket error queue on sock destruct
     - ARM: imx: cpuidle-imx6sx: Restrict the SW2ISO increase to i.MX6SX
     - Bluetooth: Align minimum encryption key size for LE and BR/EDR connections
     - Bluetooth: Fix regression with minimum encryption key size alignment
     - SMB3: retry on STATUS_INSUFFICIENT_RESOURCES instead of failing write
     - cfg80211: fix memory leak of wiphy device name
     - mac80211: drop robust management frames from unknown TA
     - perf ui helpline: Use strlcpy() as a shorter form of strncpy() + explicit
       set nul
     - perf help: Remove needless use of strncpy()
     - 9p/rdma: do not disconnect on down_interruptible EAGAIN
     - 9p: acl: fix uninitialized iattr access
     - 9p/rdma: remove useless check in cm_event_handler
     - 9p: p9dirent_read: check network-provided name length
     - net/9p: include trans_common.h to fix missing prototype warning.
     - ovl: modify ovl_permission() to do checks on two inodes
     - x86/speculation: Allow guests to use SSBD even if host does not
     - cpu/speculation: Warn on unsupported mitigations= parameter
     - sctp: change to hold sk after auth shkey is created successfully
     - tipc: change to use register_pernet_device
     - tipc: check msg->req data len in tipc_nl_compat_bearer_disable
     - team: Always enable vlan tx offload
     - ipv4: Use return value of inet_iif() for __raw_v4_lookup in the while loop
     - bonding: Always enable vlan tx offload
     - net: check before dereferencing netdev_ops during busy poll
     - Bluetooth: Fix faulty expression for minimum encryption key size check
     - um: Compile with modern headers
     - ASoC : cs4265 : readable register too low
     - spi: bitbang: Fix NULL pointer dereference in spi_unregister_master
     - ASoC: max98090: remove 24-bit format support if RJ is 0
     - usb: gadget: fusb300_udc: Fix memory leak of fusb300->ep[i]
     - usb: gadget: udc: lpc32xx: allocate descriptor with GFP_ATOMIC
     - scsi: hpsa: correct ioaccel2 chaining
     - ARC: Assume multiplier is always present
     - ARC: fix build warning in elf.h
     - MIPS: math-emu: do not use bools for arithmetic
     - mfd: omap-usb-tll: Fix register offsets
     - swiotlb: Make linux/swiotlb.h standalone includible
     - bug.h: work around GCC PR82365 in BUG()
     - MIPS: Workaround GCC __builtin_unreachable reordering bug
     - ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME
     - crypto: user - prevent operating on larval algorithms
     - ALSA: seq: fix incorrect order of dest_client/dest_ports arguments
     - ALSA: firewire-lib/fireworks: fix miss detection of received MIDI messages
     - ALSA: usb-audio: fix sign unintended sign extension on left shifts
     - lib/mpi: Fix karactx leak in mpi_powm
     - btrfs: Ensure replaced device doesn't have pending chunk allocation
     - tty: rocket: fix incorrect forward declaration of 'rp_init()'
     - ARC: handle gcc generated __builtin_trap for older compiler
     - arm64, vdso: Define vdso_{start,end} as array
     - KVM: x86: degrade WARN to pr_warn_ratelimited
     - dmaengine: imx-sdma: remove BD_INTR for channel0
     - Linux 4.4.185
   * Xenial update: 4.4.184 upstrea

 linux-kvm (4.4.0-1052.59) xenial; urgency=medium
 .
   * linux-kvm: 4.4.0-1052.59 -proposed tracker (LP: #1834909)
 .
   * Xenial update: 4.4.180 upstream stable release (LP: #1830176)
     - [Config]: enable CONFIG_SCHED_SMT
 .
   * q-r-t security test wants SCHED_STACK_END_CHECK to be enabled in KVM kernels
     (LP: #1812159)
     - [Config]: enable SCHED_STACK_END_CHECK
 .
   [ Ubuntu: 4.4.0-155.182 ]
 .
   * linux: 4.4.0-155.182 -proposed tracker (LP: #1834918)
   * Geneve tunnels don't work when ipv6 is disabled (LP: #1794232)
     - geneve: correctly handle ipv6.disable module parameter
   * Kernel modules generated incorrectly when system is localized to a non-
     English language (LP: #1828084)
     - scripts: override locale from environment when running recordmcount.pl
   * Handle overflow in proc_get_long of sysctl (LP: #1833935)
     - sysctl: handle overflow in proc_get_long
   * Xenial update: 4.4.181 upstream stable release (LP: #1832661)
     - x86/speculation/mds: Revert CPU buffer clear on double fault exit
     - x86/speculation/mds: Improve CPU buffer clear documentation
     - ARM: exynos: Fix a leaked reference by adding missing of_node_put
     - crypto: vmx - fix copy-paste error in CTR mode
     - crypto: crct10dif-generic - fix use via crypto_shash_digest()
     - crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest()
     - ALSA: usb-audio: Fix a memory leak bug
     - ALSA: hda/hdmi - Consider eld_valid when reporting jack event
     - ALSA: hda/realtek - EAPD turn on later
     - ASoC: max98090: Fix restore of DAPM Muxes
     - ASoC: RT5677-SPI: Disable 16Bit SPI Transfers
     - mm/mincore.c: make mincore() more conservative
     - ocfs2: fix ocfs2 read inode data panic in ocfs2_iget
     - mfd: da9063: Fix OTP control register names to match datasheets for
       DA9063/63L
     - tty/vt: fix write/write race in ioctl(KDSKBSENT) handler
     - ext4: actually request zeroing of inode table after grow
     - ext4: fix ext4_show_options for file systems w/o journal
     - Btrfs: do not start a transaction at iterate_extent_inodes()
     - bcache: fix a race between cache register and cacheset unregister
     - bcache: never set KEY_PTRS of journal key to 0 in journal_reclaim()
     - ipmi:ssif: compare block number correctly for multi-part return messages
     - crypto: gcm - Fix error return code in crypto_gcm_create_common()
     - crypto: gcm - fix incompatibility between "gcm" and "gcm_base"
     - crypto: chacha20poly1305 - set cra_name correctly
     - crypto: salsa20 - don't access already-freed walk.iv
     - crypto: arm/aes-neonbs - don't access already-freed walk.iv
     - writeback: synchronize sync(2) against cgroup writeback membership switches
     - fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going
       into workqueue when umount
     - ALSA: hda/realtek - Fix for Lenovo B50-70 inverted internal microphone bug
     - KVM: x86: Skip EFER vs. guest CPUID checks for host-initiated writes
     - net: avoid weird emergency message
     - net/mlx4_core: Change the error print to info print
     - ppp: deflate: Fix possible crash in deflate_init
     - tipc: switch order of device registration to fix a crash
     - tipc: fix modprobe tipc failed after switch order of device registration
     - stm class: Fix channel free in stm output free path
     - md: add mddev->pers to avoid potential NULL pointer dereference
     - intel_th: msu: Fix single mode with IOMMU
     - of: fix clang -Wunsequenced for be32_to_cpu()
     - cifs: fix strcat buffer overflow and reduce raciness in
       smb21_set_oplock_level()
     - media: ov6650: Fix sensor possibly not detected on probe
     - NFS4: Fix v4.0 client state corruption when mount
     - clk: tegra: Fix PLLM programming on Tegra124+ when PMC overrides divider
     - fuse: fix writepages on 32bit
     - fuse: honor RLIMIT_FSIZE in fuse_file_fallocate
     - iommu/tegra-smmu: Fix invalid ASID bits on Tegra30/114
     - ceph: flush dirty inodes before proceeding with remount
     - tracing: Fix partial reading of trace event's id file
     - memory: tegra: Fix integer overflow on tick value calculation
     - perf intel-pt: Fix instructions sampling rate
     - perf intel-pt: Fix improved sample timestamp
     - perf intel-pt: Fix sample timestamp wrt non-taken branches
     - fbdev: sm712fb: fix brightness control on reboot, don't set SR30
     - fbdev: sm712fb: fix VRAM detection, don't set SR70/71/74/75
     - fbdev: sm712fb: fix white screen of death on reboot, don't set CR3B-CR3F
     - fbdev: sm712fb: fix boot screen glitch when sm712fb replaces VGA
     - fbdev: sm712fb: fix crashes during framebuffer writes by correctly mapping
       VRAM
     - fbdev: sm712fb: fix support for 1024x768-16 mode
     - fbdev: sm712fb: use 1024x768 by default on non-MIPS, fix garbled display
     - fbdev: sm712fb: fix crashes and garbled display during DPMS modesetting
     - PCI: Mark Atheros AR9462 to avoid bus reset
     - dm delay: fix a crash when invalid device is specified
     - xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink
     - xfrm6_tunnel: Fix potential panic when unloading xfrm6_tunnel module
     - vti4: ipip tunnel deregistration fixes.
     - xfrm4: Fix uninitialized memory read in _decode_session4
     - KVM: arm/arm64: Ensure vcpu target is unset on reset failure
     - power: supply: sysfs: prevent endless uevent loop with
       CONFIG_POWER_SUPPLY_DEBUG
     - ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour
     - perf bench numa: Add define for RUSAGE_THREAD if not present
     - Revert "Don't jump to compute_result state from check_result state"
     - md/raid: raid5 preserve the writeback action after the parity check
     - btrfs: Honour FITRIM range constraints during free space trim
     - fbdev: sm712fb: fix memory frequency by avoiding a switch/case fallthrough
     - ext4: do not delete unlinked inode from orphan

 linux-kvm (4.4.0-1051.58) xenial; urgency=medium
 .
   * linux-kvm: 4.4.0-1051.58 -proposed tracker (LP: #1834021)
 .
   [ Ubuntu: 4.4.0-154.181 ]
 .
   * linux: 4.4.0-154.181 -proposed tracker (LP: #1834030)
   * CVE-2019-11478
     - tcp: refine memory limit test in tcp_fragment()
   * CVE-2019-11479
     - SAUCE: tcp: add tcp_min_snd_mss sysctl
     - SAUCE: tcp: enforce tcp_min_snd_mss in tcp_mtu_probing()

 linux-kvm (4.4.0-1050.57) xenial; urgency=medium
 .
   * linux-kvm: 4.4.0-1050.57 -proposed tracker (LP: #1833785)
 .
   [ Ubuntu: 4.4.0-153.180 ]
 .
   * linux: 4.4.0-153.180 -proposed tracker (LP: #1833794)
   * Bluetooth regressions with Xenial kernel 4.4.0-152.179 (LP: #1833698)
     - Revert "Bluetooth: Align minimum encryption key size for LE and BR/EDR
       connections"
 .