Package "linux-kvm"

  linux-kvm (4.15.0-1100.102) bionic; urgency=medium

  * bionic/linux-kvm: 4.15.0-1100.102 -proposed tracker (LP: #1942580)

  * Bionic update: upstream stable patchset 2021-08-17 (LP: #1940315)
    - [Config] kvm: updateconfigs for UNIX_SCM

  * dbgsym contains no debug symbols (LP: #1935855)
    - [config] kvm: CONFIG_DEBUG_INFO=y

  [ Ubuntu: 4.15.0-157.164 ]

  * bionic/linux: 4.15.0-157.164 -proposed tracker (LP: #1942588)
  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2021.09.06)
  * dell300x: rsi wifi and bluetooth crash after suspend and resume
    (LP: #1940488)
    - Revert "rsi: Use resume_noirq for SDIO"
  * LRMv5: switch primary version handling to kernel-versions data set
    (LP: #1928921)
    - [Packaging] switch to kernel-versions
  * kvm_unit_tests: emulator test fails on 4.4 / 4.15 kernel, timeout
    (LP: #1932966)
    - kvm: Add emulation for movups/movupd
  * memory leaking when removing a profile (LP: #1939915)
    - security/apparmor/label.c: Clean code by removing redundant instructions
    - apparmor: Fix memory leak of profile proxy
  * ubunut_kernel_selftests: memory-hotplug: avoid spamming logs with
    dump_page() (LP: #1941829)
    - selftests: memory-hotplug: avoid spamming logs with dump_page(), ratio limit
      hot-remove error test
  * Bionic update: upstream stable patchset 2021-08-27 (LP: #1941916)
    - btrfs: mark compressed range uptodate only if all bio succeed
    - regulator: rt5033: Fix n_voltages settings for BUCK and LDO
    - r8152: Fix potential PM refcount imbalance
    - qed: fix possible unpaired spin_{un}lock_bh in _qed_mcp_cmd_and_union()
    - net: Fix zero-copy head len calculation.
    - Revert "Bluetooth: Shutdown controller after workqueues are flushed or
      cancelled"
    - KVM: do not allow mapping valid but non-reference-counted pages
    - Revert "watchdog: iTCO_wdt: Account for rebooting on second timeout"
    - spi: mediatek: Fix fifo transfer
    - padata: validate cpumask without removed CPU during offline
    - Revert "ACPICA: Fix memory leak caused by _CID repair function"
    - ALSA: seq: Fix racy deletion of subscriber
    - clk: stm32f4: fix post divisor setup for I2S/SAI PLLs
    - omap5-board-common: remove not physically existing vdds_1v8_main fixed-
      regulator
    - scsi: sr: Return correct event when media event code is 3
    - media: videobuf2-core: dequeue if start_streaming fails
    - net: natsemi: Fix missing pci_disable_device() in probe and remove
    - nfp: update ethtool reporting of pauseframe control
    - mips: Fix non-POSIX regexp
    - bnx2x: fix an error code in bnx2x_nic_load()
    - net: pegasus: fix uninit-value in get_interrupt_interval
    - net: fec: fix use-after-free in fec_drv_remove
    - net: vxge: fix use-after-free in vxge_device_unregister
    - Bluetooth: defer cleanup of resources in hci_unregister_dev()
    - USB: usbtmc: Fix RCU stall warning
    - USB: serial: option: add Telit FD980 composition 0x1056
    - USB: serial: ch341: fix character loss at high transfer rates
    - USB: serial: ftdi_sio: add device ID for Auto-M3 OP-COM v2
    - usb: gadget: f_hid: added GET_IDLE and SET_IDLE handlers
    - usb: gadget: f_hid: fixed NULL pointer dereference
    - usb: gadget: f_hid: idle uses the highest byte for duration
    - usb: otg-fsm: Fix hrtimer list corruption
    - scripts/tracing: fix the bug that can't parse raw_trace_func
    - staging: rtl8723bs: Fix a resource leak in sd_int_dpc
    - media: rtl28xxu: fix zero-length control request
    - pipe: increase minimum default pipe size to 2 pages
    - ext4: fix potential htree corruption when growing large_dir directories
    - serial: 8250: Mask out floating 16/32-bit bus bits
    - MIPS: Malta: Do not byte-swap accesses to the CBUS UART
    - pcmcia: i82092: fix a null pointer dereference bug
    - spi: meson-spicc: fix memory leak in meson_spicc_remove
    - perf/x86/amd: Don't touch the AMD64_EVENTSEL_HOSTONLY bit inside the guest
    - qmi_wwan: add network device usage statistics for qmimux devices
    - libata: fix ata_pio_sector for CONFIG_HIGHMEM
    - reiserfs: add check for root_inode in reiserfs_fill_super
    - reiserfs: check directory items on read from disk
    - alpha: Send stop IPI to send to online CPUs
    - net/qla3xxx: fix schedule while atomic in ql_wait_for_drvr_lock and
      ql_adapter_reset
    - USB:ehci:fix Kunpeng920 ehci hardware problem
    - ppp: Fix generating ppp unit id when ifname is not specified
    - ovl: prevent private clone if bind mount is not allowed
    - net: xilinx_emaclite: Do not print real IOMEM pointer
    - KVM: x86: accept userspace interrupt only if no event is injected
    - KVM: x86/mmu: Fix per-cpu counter corruption on 32-bit builds
  * Bionic update: upstream stable patchset 2021-08-17 (LP: #1940315)
    - selftest: fix build error in tools/testing/selftests/vm/userfaultfd.c
    - KVM: x86: determine if an exception has an error code only when injecting
      it.
    - net: split out functions related to registering inflight socket files
    - [Config] updateconfigs for UNIX_SCM
    - af_unix: fix garbage collect vs MSG_PEEK
    - net/802/mrp: fix memleak in mrp_request_join()
    - net/802/garp: fix memleak in garp_request_join()
    - net: annotate data race around sk_ll_usec
    - sctp: move 198 addresses from unusable to private scope
    - hfs: add missing clean-up in hfs_fill_super
    - hfs: fix high memory mapping in hfs_bnode_read
    - hfs: add lock nesting notation to hfs_find_init
    - ARM: dts: versatile: Fix up interrupt controller node names
    - virtio_net: Do not pull payload in skb->head
    - gro: ensure frag0 meets IP header alignment
    - x86/kvm: fix vcpu-id indexed array sizes
    - ocfs2: fix zero out valid data
    - ocfs2: issue zeroout to EOF blocks
    - can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF
    - can: mcba_usb_start(): add missing urb->transfer_dma

  linux-kvm (4.15.0-1099.101) bionic; urgency=medium

  * bionic/linux-kvm: 4.15.0-1099.101 -proposed tracker (LP: #1939825)

  [ Ubuntu: 4.15.0-156.163 ]

  * bionic/linux: 4.15.0-156.163 -proposed tracker (LP: #1940162)
  * linux (LP: #1940564)
    - SAUCE: Revert "scsi: core: Cap scsi_host cmd_per_lun at can_queue"
  * fails to launch linux L2 guests on AMD (LP: #1940134) // CVE-2021-3653
    - KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl
      (CVE-2021-3653)
  * fails to launch linux L2 guests on AMD (LP: #1940134)
    - SAUCE: Revert "UBUNTU: SAUCE: KVM: nSVM: avoid picking up unsupported bits
      from L2 in int_ctl"

  [ Ubuntu: 4.15.0-155.162 ]

  * bionic/linux: 4.15.0-155.162 -proposed tracker (LP: #1939833)
  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2021.08.16)
  * CVE-2021-3656
    - SAUCE: KVM: nSVM: always intercept VMLOAD/VMSAVE when nested
  * CVE-2021-3653
    - SAUCE: KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl
  * dev_forward_skb: do not scrub skb mark within the same name space
    (LP: #1935040)
    - dev_forward_skb: do not scrub skb mark within the same name space
  * 'ptrace trace' needed to readlink() /proc/*/ns/* files on older kernels
    (LP: #1890848)
    - apparmor: fix ptrace read check
  * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824)
    - ALSA: usb-audio: fix rate on Ozone Z90 USB headset
    - media: dvb-usb: fix wrong definition
    - Input: usbtouchscreen - fix control-request directions
    - net: can: ems_usb: fix use-after-free in ems_usb_disconnect()
    - usb: gadget: eem: fix echo command packet response issue
    - USB: cdc-acm: blacklist Heimann USB Appset device
    - ntfs: fix validity check for file name attribute
    - iov_iter_fault_in_readable() should do nothing in xarray case
    - Input: joydev - prevent use of not validated data in JSIOCSBTNMAP ioctl
    - ARM: dts: at91: sama5d4: fix pinctrl muxing
    - btrfs: send: fix invalid path for unlink operations after parent
      orphanization
    - btrfs: clear defrag status of a root if starting transaction fails
    - ext4: cleanup in-core orphan list if ext4_truncate() failed to get a
      transaction handle
    - ext4: fix kernel infoleak via ext4_extent_header
    - ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit
    - ext4: remove check for zero nr_to_scan in ext4_es_scan()
    - ext4: fix avefreec in find_group_orlov
    - ext4: use ext4_grp_locked_error in mb_find_extent
    - can: gw: synchronize rcu operations before removing gw job entry
    - can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in
      TX path
    - SUNRPC: Fix the batch tasks count wraparound.
    - SUNRPC: Should wake up the privileged task firstly.
    - s390/cio: dont call css_wait_for_slow_path() inside a lock
    - rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path
    - iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA
      as volatile, too
    - iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR
    - iio: ltr501: ltr501_read_ps(): add missing endianness conversion
    - serial: sh-sci: Stop dmaengine transfer in sci_stop_tx()
    - serial_cs: Add Option International GSM-Ready 56K/ISDN modem
    - serial_cs: remove wrong GLOBETROTTER.cis entry
    - ath9k: Fix kernel NULL pointer dereference during ath_reset_internal()
    - ssb: sdio: Don't overwrite const buffer if block_write fails
    - rsi: Assign beacon rate settings to the correct rate_info descriptor field
    - seq_buf: Make trace_seq_putmem_hex() support data longer than 8
    - fuse: check connected before queueing on fpq->io
    - spi: Make of_register_spi_device also set the fwnode
    - spi: spi-loopback-test: Fix 'tx_buf' might be 'rx_buf'
    - spi: spi-topcliff-pch: Fix potential double free in
      pch_spi_process_messages()
    - spi: omap-100k: Fix the length judgment problem
    - crypto: nx - add missing MODULE_DEVICE_TABLE
    - media: cpia2: fix memory leak in cpia2_usb_probe
    - media: cobalt: fix race condition in setting HPD
    - media: pvrusb2: fix warning in pvr2_i2c_core_done
    - crypto: qat - check return code of qat_hal_rd_rel_reg()
    - crypto: qat - remove unused macro in FW loader
    - media: em28xx: Fix possible memory leak of em28xx struct
    - media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release
    - media: bt8xx: Fix a missing check bug in bt878_probe
    - media: st-hva: Fix potential NULL pointer dereferences
    - media: dvd_usb: memory leak in cinergyt2_fe_attach
    - mmc: via-sdmmc: add a check against NULL pointer dereference
    - crypto: shash - avoid comparing pointers to exported functions under CFI
    - media: dvb_net: avoid speculation from net slot
    - media: siano: fix device register error path
    - btrfs: fix error handling in __btrfs_update_delayed_inode
    - btrfs: abort transaction if we fail to update the delayed inode
    - btrfs: disable build on platforms having page size 256K
    - regulator: da9052: Ensure enough delay time for .set_voltage_time_sel
    - HID: do not use down_interruptible() when unbinding devices
    - ACPI: processor idle: Fix up C-state latency if not ordered
    - hv_utils: Fix passing zero to 'PTR_ERR' warning
    - lib: vsprintf: Fix handling of number field widths in vsscanf
    - ACPI: EC: Make more Asus laptops use ECDT _GPE
    - block_dump: remove block_dump feature in mark_inode_dirty()
    - fs: dlm: cancel work sync othercon
    - random32: Fix implicit truncation warning in prandom_seed_state()
    - fs: dlm: fix memory leak when fenced
    - ACPICA: Fix memory leak caused by _CID repair function
    - ACPI: bus: Call kobject_put() in acpi_init() error path
    - platform/x86: toshiba_acpi: Fix missing error code in
      toshiba_acpi_setup_keyboard()
    - ACPI: tables: Add custom DSDT file as makefile prerequisite
   

  linux-kvm (4.15.0-1098.100) bionic; urgency=medium

  * bionic/linux-kvm: 4.15.0-1098.100 -proposed tracker (LP: #1936558)

  [ Ubuntu: 4.15.0-154.161 ]

  * bionic/linux: 4.15.0-154.161 -proposed tracker (LP: #1938411)
  * Potential reverts of 4.19.y stable changes in 18.04 (LP: #1938537)
    - SAUCE: Revert "locking/mutex: clear MUTEX_FLAGS if wait_list is empty due to
      signal"
    - SAUCE: Revert "drm/amd/amdgpu: fix refcount leak"
  * Packaging resync (LP: #1786013)
    - [Packaging] resync getabis
    - [Packaging] update helper scripts
    - update dkms package versions
  * btrfs: Automatic balance returns -EUCLEAN and leads to forced readonly
    filesystem (LP: #1934709) // CVE-2019-19036
    - btrfs: Validate child tree block's level and first key
    - btrfs: Detect unbalanced tree with empty leaf before crashing btree
      operations
  * btrfs: Automatic balance returns -EUCLEAN and leads to forced readonly
    filesystem (LP: #1934709)
    - Revert "btrfs: Detect unbalanced tree with empty leaf before crashing btree
      operations"
    - Revert "btrfs: Validate child tree block's level and first key"
    - btrfs: Only check first key for committed tree blocks
    - btrfs: Fix wrong first_key parameter in replace_path
  * Enable fib-onlink-tests.sh and msg_zerocopy.sh in kselftests/net on Bionic
    (LP: #1934759)
    - selftests: Add fib-onlink-tests.sh to TEST_PROGS
    - selftests: net: use TEST_PROGS_EXTENDED
    - selftests/net: enable msg_zerocopy test
    - SAUCE: selftests: Make fib-onlink-tests.sh executable
  * Kernel oops due to uninitialized list on kernfs (kernfs_kill_sb)
    (LP: #1934175)
    - kernfs: deal with kernfs_fill_super() failures
    - unfuck sysfs_mount()
  * large_dir in ext4 broken (LP: #1933074)
    - SAUCE: ext4: fix directory index node split corruption
  * btrfs: Attempting to balance a nearly full filesystem with relocated root
    nodes fails (LP: #1933172) // CVE-2019-19036
    - btrfs: reloc: fix reloc root leak and NULL pointer dereference
  * btrfs: Attempting to balance a nearly full filesystem with relocated root
    nodes fails (LP: #1933172)
    - Revert "btrfs: reloc: fix reloc root leak and NULL pointer dereference"
  * Pixel format change broken for Elgato Cam Link 4K (LP: #1932367)
    - (upstream) media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K
  * Bionic update: upstream stable patchset 2021-06-23 (LP: #1933375)
    - net: usb: cdc_ncm: don't spew notifications
    - efi: Allow EFI_MEMORY_XP and EFI_MEMORY_RO both to be cleared
    - efi: cper: fix snprintf() use in cper_dimm_err_location()
    - vfio/pci: Fix error return code in vfio_ecap_init()
    - vfio/pci: zap_vma_ptes() needs MMU
    - vfio/platform: fix module_put call in error flow
    - ipvs: ignore IP_VS_SVC_F_HASHED flag when adding service
    - HID: pidff: fix error return code in hid_pidff_init()
    - HID: i2c-hid: fix format string mismatch
    - netfilter: nfnetlink_cthelper: hit EBUSY on updates if size mismatches
    - ieee802154: fix error return code in ieee802154_add_iface()
    - ieee802154: fix error return code in ieee802154_llsec_getparams()
    - Bluetooth: fix the erroneous flush_work() order
    - Bluetooth: use correct lock to prevent UAF of hdev object
    - net: caif: added cfserl_release function
    - net: caif: add proper error handling
    - net: caif: fix memory leak in caif_device_notify
    - net: caif: fix memory leak in cfusbl_device_notify
    - ALSA: timer: Fix master timer notification
    - ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed
    - pid: take a reference when initializing `cad_pid`
    - ocfs2: fix data corruption by fallocate
    - nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect
    - btrfs: fix error handling in btrfs_del_csums
    - btrfs: fixup error handling in fixup_inode_link_counts
    - mm, hugetlb: fix simple resv_huge_pages underflow on UFFDIO_COPY
    - selftests/bpf: make 'dubious pointer arithmetic' test useful
    - bnxt_en: Remove the setting of dev_port.
    - KVM: SVM: Truncate GPR value for DR and CR accesses in !64-bit mode
    - sched/fair: Optimize select_idle_cpu
    - xen-pciback: redo VF placement in the virtual topology
    - ALSA: usb: update old-style static const declaration
    - nl80211: validate key indexes for cfg80211_registered_device
    - x86/apic: Mark _all_ legacy interrupts when IO/APIC is missing
    - btrfs: return errors from btrfs_del_csums in cleanup_ref_head
    - KVM: arm64: Fix debug register indexing

  [ Ubuntu: 4.15.0-153.160 ]

  * bionic/linux: 4.15.0-153.160 -proposed tracker (LP: #1938319)
  * 4.15.0-151 is freezing various CPUs (LP: #1938013)
    - mac80211: fix memory corruption in EAPOL handling

 -- Kelsey Skunberg <email address hidden> Mon, 02 Aug 2021 14:56:13 -0600