Package "linux-kvm"

  linux-kvm (4.15.0-1084.86) bionic; urgency=medium

  * bionic/linux-kvm: 4.15.0-1084.86 -proposed tracker (LP: #1911288)

  * CONFIG_BASE_SMALL=1 restricts pid space, which conflicts with systemd
    default sysctl (LP: #1866149)
    - [Config]: set CONFIG_BASE_FULL

  [ Ubuntu: 4.15.0-133.137 ]

  * bionic/linux: 4.15.0-133.137 -proposed tracker (LP: #1911295)
  * [drm:qxl_enc_commit [qxl]] *ERROR* head number too large or missing monitors
    config: (LP: #1908219)
    - qxl: remove qxl_io_log()
    - qxl: move qxl_send_monitors_config()
    - qxl: hook monitors_config updates into crtc, not encoder.
  * Touchpad not detected on ByteSpeed C15B laptop (LP: #1906128)
    - Input: i8042 - add ByteSpeed touchpad to noloop table
  * vmx_nm_test in ubuntu_kvm_unit_tests interrupted on X-oracle-4.15 /
    B-oracle-4.15 / X-KVM / B-KVM (LP: #1872401)
    - KVM: nVMX: Always reflect #NM VM-exits to L1
  * stack trace in kernel (LP: #1903596)
    - net: napi: remove useless stack trace
  * CVE-2020-27777
    - [Config]: Set CONFIG_PPC_RTAS_FILTER
  * Bionic update: upstream stable patchset 2020-12-04 (LP: #1906875)
    - regulator: defer probe when trying to get voltage from unresolved supply
    - ring-buffer: Fix recursion protection transitions between interrupt context
    - time: Prevent undefined behaviour in timespec64_to_ns()
    - nbd: don't update block size after device is started
    - btrfs: sysfs: init devices outside of the chunk_mutex
    - btrfs: reschedule when cloning lots of extents
    - genirq: Let GENERIC_IRQ_IPI select IRQ_DOMAIN_HIERARCHY
    - hv_balloon: disable warning when floor reached
    - net: xfrm: fix a race condition during allocing spi
    - perf tools: Add missing swap for ino_generation
    - ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link()
    - can: rx-offload: don't call kfree_skb() from IRQ context
    - can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ
      context
    - can: dev: __can_get_echo_skb(): fix real payload length return value for RTR
      frames
    - can: can_create_echo_skb(): fix echo skb generation: always use skb_clone()
    - can: peak_usb: add range checking in decode operations
    - can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping
    - can: peak_canfd: pucan_handle_can_rx(): fix echo management when loopback is
      on
    - xfs: flush new eof page on truncate to avoid post-eof corruption
    - Btrfs: fix missing error return if writeback for extent buffer never started
    - ath9k_htc: Use appropriate rs_datalen type
    - usb: gadget: goku_udc: fix potential crashes in probe
    - gfs2: Free rd_bits later in gfs2_clear_rgrpd to fix use-after-free
    - gfs2: Add missing truncate_inode_pages_final for sd_aspace
    - gfs2: check for live vs. read-only file system in gfs2_fitrim
    - scsi: hpsa: Fix memory leak in hpsa_init_one()
    - drm/amdgpu: perform srbm soft reset always on SDMA resume
    - mac80211: fix use of skb payload instead of header
    - cfg80211: regulatory: Fix inconsistent format argument
    - scsi: scsi_dh_alua: Avoid crash during alua_bus_detach()
    - iommu/amd: Increase interrupt remapping table limit to 512 entries
    - pinctrl: intel: Set default bias in case no particular value given
    - ARM: 9019/1: kprobes: Avoid fortify_panic() when copying optprobe template
    - pinctrl: aspeed: Fix GPI only function problem.
    - nbd: fix a block_device refcount leak in nbd_release
    - xfs: fix flags argument to rmap lookup when converting shared file rmaps
    - xfs: fix rmap key and record comparison functions
    - xfs: fix a missing unlock on error in xfs_fs_map_blocks
    - of/address: Fix of_node memory leak in of_dma_is_coherent
    - cosa: Add missing kfree in error path of cosa_write
    - perf: Fix get_recursion_context()
    - ext4: correctly report "not supported" for {usr,grp}jquota when
      !CONFIG_QUOTA
    - ext4: unlock xattr_sem properly in ext4_inline_data_truncate()
    - thunderbolt: Add the missed ida_simple_remove() in ring_request_msix()
    - uio: Fix use-after-free in uio_unregister_device()
    - usb: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode
    - mei: protect mei_cl_mtu from null dereference
    - futex: Don't enable IRQs unconditionally in put_pi_state()
    - ocfs2: initialize ip_next_orphan
    - selinux: Fix error return code in sel_ib_pkey_sid_slow()
    - don't dump the threads that had been already exiting when zapped.
    - drm/gma500: Fix out-of-bounds access to struct drm_device.vblank[]
    - pinctrl: amd: use higher precision for 512 RtcClk
    - pinctrl: amd: fix incorrect way to disable debounce filter
    - swiotlb: fix "x86: Don't panic if can not alloc buffer for swiotlb"
    - IPv6: Set SIT tunnel hard_header_len to zero
    - net/af_iucv: fix null pointer dereference on shutdown
    - net/x25: Fix null-ptr-deref in x25_connect
    - vrf: Fix fast path output packet handling with async Netfilter rules
    - r8169: fix potential skb double free in an error path
    - net: Update window_clamp if SOCK_RCVBUF is set
    - random32: make prandom_u32() output unpredictable
    - x86/speculation: Allow IBPB to be conditionally enabled on CPUs with always-
      on STIBP
    - perf/core: Fix bad use of igrab()
    - perf/core: Fix crash when using HW tracing kernel filters
    - perf/core: Fix a memory leak in perf_event_parse_addr_filter()
    - Revert "kernel/reboot.c: convert simple_strtoul to kstrtoint"
    - reboot: fix overflow parsing reboot cpu number
    - Convert trailing spaces and periods in path components
    - xfs: fix scrub flagging rtinherit even if there is no rt device
    - drm/amd/pm: perform SMC reset on suspend/hibernation
    - drm/amd/pm: do not use ixFEATURE_STATUS for checking smc running
    - s390/smp: move rcu_cpu_starting() earlier
    - tpm_tis: Disable interrupts on ThinkPad T490s
    - tick/common: Touch watchdog in tick_unfreeze() on all CPUs
    - mfd: sprd: Add

  linux-kvm (4.15.0-1083.85) bionic; urgency=medium

  * bionic/linux-kvm: 4.15.0-1083.85 -proposed tracker (LP: #1910061)

  [ Ubuntu: 4.15.0-131.135 ]

  * bionic/linux: 4.15.0-131.135 -proposed tracker (LP: #1910068)
  * Packaging resync (LP: #1786013)
    - update dkms package versions
  * [drm:qxl_enc_commit [qxl]] *ERROR* head number too large or missing monitors
    config: (LP: #1908219)
    - qxl: remove qxl_io_log()
    - qxl: move qxl_send_monitors_config()
    - qxl: hook monitors_config updates into crtc, not encoder.
  * Touchpad not detected on ByteSpeed C15B laptop (LP: #1906128)
    - Input: i8042 - add ByteSpeed touchpad to noloop table
  * vmx_nm_test in ubuntu_kvm_unit_tests interrupted on X-oracle-4.15 /
    B-oracle-4.15 / X-KVM / B-KVM (LP: #1872401)
    - KVM: nVMX: Always reflect #NM VM-exits to L1
  * stack trace in kernel (LP: #1903596)
    - net: napi: remove useless stack trace
  * CVE-2020-27777
    - [Config]: Set CONFIG_PPC_RTAS_FILTER
  * Bionic update: upstream stable patchset 2020-12-04 (LP: #1906875)
    - regulator: defer probe when trying to get voltage from unresolved supply
    - ring-buffer: Fix recursion protection transitions between interrupt context
    - time: Prevent undefined behaviour in timespec64_to_ns()
    - nbd: don't update block size after device is started
    - btrfs: sysfs: init devices outside of the chunk_mutex
    - btrfs: reschedule when cloning lots of extents
    - genirq: Let GENERIC_IRQ_IPI select IRQ_DOMAIN_HIERARCHY
    - hv_balloon: disable warning when floor reached
    - net: xfrm: fix a race condition during allocing spi
    - perf tools: Add missing swap for ino_generation
    - ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link()
    - can: rx-offload: don't call kfree_skb() from IRQ context
    - can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ
      context
    - can: dev: __can_get_echo_skb(): fix real payload length return value for RTR
      frames
    - can: can_create_echo_skb(): fix echo skb generation: always use skb_clone()
    - can: peak_usb: add range checking in decode operations
    - can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping
    - can: peak_canfd: pucan_handle_can_rx(): fix echo management when loopback is
      on
    - xfs: flush new eof page on truncate to avoid post-eof corruption
    - Btrfs: fix missing error return if writeback for extent buffer never started
    - ath9k_htc: Use appropriate rs_datalen type
    - usb: gadget: goku_udc: fix potential crashes in probe
    - gfs2: Free rd_bits later in gfs2_clear_rgrpd to fix use-after-free
    - gfs2: Add missing truncate_inode_pages_final for sd_aspace
    - gfs2: check for live vs. read-only file system in gfs2_fitrim
    - scsi: hpsa: Fix memory leak in hpsa_init_one()
    - drm/amdgpu: perform srbm soft reset always on SDMA resume
    - mac80211: fix use of skb payload instead of header
    - cfg80211: regulatory: Fix inconsistent format argument
    - scsi: scsi_dh_alua: Avoid crash during alua_bus_detach()
    - iommu/amd: Increase interrupt remapping table limit to 512 entries
    - pinctrl: intel: Set default bias in case no particular value given
    - ARM: 9019/1: kprobes: Avoid fortify_panic() when copying optprobe template
    - pinctrl: aspeed: Fix GPI only function problem.
    - nbd: fix a block_device refcount leak in nbd_release
    - xfs: fix flags argument to rmap lookup when converting shared file rmaps
    - xfs: fix rmap key and record comparison functions
    - xfs: fix a missing unlock on error in xfs_fs_map_blocks
    - of/address: Fix of_node memory leak in of_dma_is_coherent
    - cosa: Add missing kfree in error path of cosa_write
    - perf: Fix get_recursion_context()
    - ext4: correctly report "not supported" for {usr,grp}jquota when
      !CONFIG_QUOTA
    - ext4: unlock xattr_sem properly in ext4_inline_data_truncate()
    - thunderbolt: Add the missed ida_simple_remove() in ring_request_msix()
    - uio: Fix use-after-free in uio_unregister_device()
    - usb: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode
    - mei: protect mei_cl_mtu from null dereference
    - futex: Don't enable IRQs unconditionally in put_pi_state()
    - ocfs2: initialize ip_next_orphan
    - selinux: Fix error return code in sel_ib_pkey_sid_slow()
    - don't dump the threads that had been already exiting when zapped.
    - drm/gma500: Fix out-of-bounds access to struct drm_device.vblank[]
    - pinctrl: amd: use higher precision for 512 RtcClk
    - pinctrl: amd: fix incorrect way to disable debounce filter
    - swiotlb: fix "x86: Don't panic if can not alloc buffer for swiotlb"
    - IPv6: Set SIT tunnel hard_header_len to zero
    - net/af_iucv: fix null pointer dereference on shutdown
    - net/x25: Fix null-ptr-deref in x25_connect
    - vrf: Fix fast path output packet handling with async Netfilter rules
    - r8169: fix potential skb double free in an error path
    - net: Update window_clamp if SOCK_RCVBUF is set
    - random32: make prandom_u32() output unpredictable
    - x86/speculation: Allow IBPB to be conditionally enabled on CPUs with always-
      on STIBP
    - perf/core: Fix bad use of igrab()
    - perf/core: Fix crash when using HW tracing kernel filters
    - perf/core: Fix a memory leak in perf_event_parse_addr_filter()
    - Revert "kernel/reboot.c: convert simple_strtoul to kstrtoint"
    - reboot: fix overflow parsing reboot cpu number
    - Convert trailing spaces and periods in path components
    - xfs: fix scrub flagging rtinherit even if there is no rt device
    - drm/amd/pm: perform SMC reset on suspend/hibernation
    - drm/amd/pm: do not use ixFEATURE_STATUS for checking smc running
    - s390/smp: move rcu_cpu_starting() earlier
    - tpm_tis: Disable interrupts on ThinkPad T490s
    - tick/common: Touch watchdog in tick_unfreeze() on all CPUs
    - mfd: sprd: Add wakeup capability for PMIC IRQ
    - btrfs: ref-verify: fix memory leak in

  linux-kvm (4.15.0-1082.84) bionic; urgency=medium

  * bionic/linux-kvm: 4.15.0-1082.84 -proposed tracker (LP: #1907628)

  [ Ubuntu: 4.15.0-129.132 ]

  * bionic/linux: 4.15.0-129.132 -proposed tracker (LP: #1907635)
  * Packaging resync (LP: #1786013)
    - update dkms package versions
  * Ubuntu 18.04- call trace in kernel buffer when unloading ib_ipoib module
    (LP: #1904848)
    - SAUCE: net/mlx5e: IPoIB, initialize update_stat_work for ipoib devices
  * memory is leaked when tasks are moved to net_prio (LP: #1886859)
    - netprio_cgroup: Fix unlimited memory leak of v2 cgroups
  * s390: dbginfo.sh triggers kernel panic, reading from
    /sys/kernel/mm/page_idle/bitmap (LP: #1904884)
    - mm/page_idle.c: skip offline pages
  * Bionic update: upstream stable patchset 2020-11-23 (LP: #1905333)
    - drm/i915: Break up error capture compression loops with cond_resched()
    - tipc: fix use-after-free in tipc_bcast_get_mode
    - gianfar: Replace skb_realloc_headroom with skb_cow_head for PTP
    - gianfar: Account for Tx PTP timestamp in the skb headroom
    - net: usb: qmi_wwan: add Telit LE910Cx 0x1230 composition
    - sctp: Fix COMM_LOST/CANT_STR_ASSOC err reporting on big-endian platforms
    - sfp: Fix error handing in sfp_probe()
    - Blktrace: bail out early if block debugfs is not configured
    - i40e: Fix of memory leak and integer truncation in i40e_virtchnl.c
    - Fonts: Replace discarded const qualifier
    - ALSA: usb-audio: Add implicit feedback quirk for Qu-16
    - lib/crc32test: remove extra local_irq_disable/enable
    - kthread_worker: prevent queuing delayed work from timer_fn when it is being
      canceled
    - mm: always have io_remap_pfn_range() set pgprot_decrypted()
    - gfs2: Wake up when sd_glock_disposal becomes zero
    - ftrace: Fix recursion check for NMI test
    - ftrace: Handle tracing when switching between context
    - tracing: Fix out of bounds write in get_trace_buf
    - futex: Handle transient "ownerless" rtmutex state correctly
    - ARM: dts: sun4i-a10: fix cpu_alert temperature
    - x86/kexec: Use up-to-dated screen_info copy to fill boot params
    - of: Fix reserved-memory overlap detection
    - blk-cgroup: Fix memleak on error path
    - blk-cgroup: Pre-allocate tree node on blkg_conf_prep
    - scsi: core: Don't start concurrent async scan on same host
    - vsock: use ns_capable_noaudit() on socket create
    - drm/vc4: drv: Add error handding for bind
    - ACPI: NFIT: Fix comparison to '-ENXIO'
    - vt: Disable KD_FONT_OP_COPY
    - fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent
    - serial: 8250_mtk: Fix uart_get_baud_rate warning
    - serial: txx9: add missing platform_driver_unregister() on error in
      serial_txx9_init
    - USB: serial: cyberjack: fix write-URB completion race
    - USB: serial: option: add Quectel EC200T module support
    - USB: serial: option: add LE910Cx compositions 0x1203, 0x1230, 0x1231
    - USB: serial: option: add Telit FN980 composition 0x1055
    - USB: Add NO_LPM quirk for Kingston flash drive
    - usb: mtu3: fix panic in mtu3_gadget_stop()
    - ARC: stack unwinding: avoid indefinite looping
    - Revert "ARC: entry: fix potential EFA clobber when TIF_SYSCALL_TRACE"
    - PM: runtime: Resume the device earlier in __device_release_driver()
    - btrfs: extent_io: add proper error handling to lock_extent_buffer_for_io()
    - Btrfs: fix unwritten extent buffers and hangs on future writeback attempts
    - btrfs: tree-checker: fix the error message for transid error
    - mm: mempolicy: fix potential pte_unmap_unlock pte error
    - tools: perf: Fix build error in v4.19.y
    - net: dsa: read mac address from DT for slave device
    - arm64: dts: marvell: espressobin: Add ethernet switch aliases
  * Bionic update: upstream stable patchset 2020-11-23 (LP: #1905333) //
    CVE-2019-19770 which shows this issue is not a core debugfs issue, but
    - blktrace: fix debugfs use after free
  * Bionic update: upstream stable patchset 2020-11-18 (LP: #1904791)
    - scripts/setlocalversion: make git describe output more reliable
    - arm64: link with -z norelro regardless of CONFIG_RELOCATABLE
    - gtp: fix an use-before-init in gtp_newlink()
    - ravb: Fix bit fields checking in ravb_hwtstamp_get()
    - tipc: fix memory leak caused by tipc_buf_append()
    - arch/x86/amd/ibs: Fix re-arming IBS Fetch
    - x86/xen: disable Firmware First mode for correctable memory errors
    - fuse: fix page dereference after free
    - p54: avoid accessing the data mapped to streaming DMA
    - mtd: lpddr: Fix bad logic in print_drs_error
    - ata: sata_rcar: Fix DMA boundary mask
    - fscrypt: return -EXDEV for incompatible rename or link into encrypted dir
    - x86/unwind/orc: Fix inactive tasks with stack pointer in %sp on GCC 10
      compiled kernels
    - mlxsw: core: Fix use-after-free in mlxsw_emad_trans_finish()
    - futex: Fix incorrect should_fail_futex() handling
    - powerpc/powernv/smp: Fix spurious DBG() warning
    - powerpc: select ARCH_WANT_IRQS_OFF_ACTIVATE_MM
    - sparc64: remove mm_cpumask clearing to fix kthread_use_mm race
    - f2fs: add trace exit in exception path
    - f2fs: fix to check segment boundary during SIT page readahead
    - um: change sigio_spinlock to a mutex
    - ARM: 8997/2: hw_breakpoint: Handle inexact watchpoint addresses
    - xfs: fix realtime bitmap/summary file truncation when growing rt volume
    - video: fbdev: pvr2fb: initialize variables
    - ath10k: start recovery process when payload length exceeds max htc length
      for sdio
    - ath10k: fix VHT NSS calculation when STBC is enabled
    - drm/brige/megachips: Add checking if ge_b850v3_lvds_init() is working
      correctly
    - media: videodev2.h: RGB BT2020 and HSV are always full range
    - media: platform: Improve queue set up flow for bug fixing
    - usb: typec: tcpm: During PR_SWAP, source caps should be sent only after
      tSwapSourceStart
    - m

  linux-kvm (4.15.0-1081.83) bionic; urgency=medium

  * bionic/linux-kvm: 4.15.0-1081.83 -proposed tracker (LP: #1907347)

  [ Ubuntu: 4.15.0-128.131 ]

  * bionic/linux: 4.15.0-128.131 -proposed tracker (LP: #1907354)
  * Packaging resync (LP: #1786013)
    - update dkms package versions
  * raid10: discard leads to corrupted file system (LP: #1907262)
    - Revert "md/raid10: improve discard request for far layout"
    - Revert "md/raid10: improve raid10 discard request"
    - Revert "md/raid10: pull codes that wait for blocked dev into one function"
    - Revert "md/raid10: extend r10bio devs to raid disks"
    - Revert "md: add md_submit_discard_bio() for submitting discard bio"

  [ Ubuntu: 4.15.0-126.129 ]

  * bionic/linux: 4.15.0-126.129 -proposed tracker (LP: #1905305)
  * CVE-2020-4788
    - SAUCE: powerpc/64s: Define MASKABLE_RELON_EXCEPTION_PSERIES_OOL
    - SAUCE: powerpc/64s: move some exception handlers out of line
    - powerpc/64s: flush L1D on kernel entry
    - SAUCE: powerpc: Add a framework for user access tracking
    - powerpc: Implement user_access_begin and friends
    - powerpc: Fix __clear_user() with KUAP enabled
    - powerpc/uaccess: Evaluate macro arguments once, before user access is
      allowed
    - powerpc/64s: flush L1D after user accesses

 -- Marcelo Henrique Cerri <email address hidden> Wed, 09 Dec 2020 12:08:38 -0300