Package "linux-kvm"

  linux-kvm (4.15.0-1046.46) bionic; urgency=medium

  [ Ubuntu: 4.15.0-64.73 ]

  * powerpc/tm: Fix restoring FP/VMX facility incorrectly on interrupts
    (CVE-2019-15031) / powerpc/tm: Fix FP/VMX unavailable exceptions inside a
    transaction (CVE-2019-15030) (LP: #1843533) // CVE-2019-15031
    - powerpc/tm: Fix FP/VMX unavailable exceptions inside a transaction
    - powerpc/tm: Fix restoring FP/VMX facility incorrectly on interrupts
  * CVE-2019-14835
    - vhost: fix dirty log buffer overflow

 -- Stefan Bader <email address hidden> Mon, 16 Sep 2019 14:59:24 +0200

  linux-kvm (4.15.0-1043.43) bionic; urgency=medium

  * bionic/linux-kvm: 4.15.0-1043.43 -proposed tracker (LP: #1839993)

  * Bionic update: upstream stable patchset 2019-07-26 (LP: #1838116)
    - [Config] kvm: updateconfigs for CONFIG_R3964 (BROKEN)
    - [Config] kvm: updateconfigs for CONFIG_LDISC_AUTOLOAD

  [ Ubuntu: 4.15.0-59.66 ]

  * bionic/linux: 4.15.0-59.66 -proposed tracker (LP: #1840006)
  * zfs not completely removed from bionic tree (LP: #1840051)
    - SAUCE: (noup) remove completely the zfs code
  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
  * [18.04 FEAT] Enhanced hardware support (LP: #1836857)
    - s390: report new CPU capabilities
    - s390: add alignment hints to vector load and store
  * [18.04 FEAT] Enhanced CPU-MF hardware counters - kernel part (LP: #1836860)
    - s390/cpum_cf: Add support for CPU-MF SVN 6
    - s390/cpumf: Add extended counter set definitions for model 8561 and 8562
  * ideapad_laptop disables WiFi/BT radios on Lenovo Y540 (LP: #1837136)
    - platform/x86: ideapad-laptop: Remove no_hw_rfkill_list
  * Stacked onexec transitions fail when under NO NEW PRIVS restrictions
    (LP: #1839037)
    - SAUCE: apparmor: fix nnp subset check failure when, stacking
  * bcache: bch_allocator_thread(): hung task timeout (LP: #1784665) // Tight
    timeout for bcache removal causes spurious failures (LP: #1796292)
    - SAUCE: bcache: fix deadlock in bcache_allocator
  * bcache: bch_allocator_thread(): hung task timeout (LP: #1784665)
    - bcache: never writeback a discard operation
    - bcache: improve bcache_reboot()
    - bcache: fix writeback target calc on large devices
    - bcache: add journal statistic
    - bcache: fix high CPU occupancy during journal
    - bcache: use pr_info() to inform duplicated CACHE_SET_IO_DISABLE set
    - bcache: fix incorrect sysfs output value of strip size
    - bcache: fix error return value in memory shrink
    - bcache: fix using of loop variable in memory shrink
    - bcache: Fix indentation
    - bcache: Add __printf annotation to __bch_check_keys()
    - bcache: Annotate switch fall-through
    - bcache: Fix kernel-doc warnings
    - bcache: Remove an unused variable
    - bcache: Suppress more warnings about set-but-not-used variables
    - bcache: Reduce the number of sparse complaints about lock imbalances
    - bcache: Fix a compiler warning in bcache_device_init()
    - bcache: Move couple of string arrays to sysfs.c
    - bcache: Move couple of functions to sysfs.c
    - bcache: Replace bch_read_string_list() by __sysfs_match_string()
  * linux hwe i386 kernel 5.0.0-21.22~18.04.1 crashes on Lenovo x220
    (LP: #1838115)
    - x86/mm: Check for pfn instead of page in vmalloc_sync_one()
    - x86/mm: Sync also unmappings in vmalloc_sync_all()
    - mm/vmalloc.c: add priority threshold to __purge_vmap_area_lazy()
    - mm/vmalloc: Sync unmappings in __purge_vmap_area_lazy()
  * [bionic] drm/i915: softpin broken, needs to be fixed for 32bit mesa
    (LP: #1815172)
    - drm/i915: Mark up GTT sizes as u64
    - drm/i915/gvt: Use I915_GTT_PAGE_SIZE
    - drm/i915: Compare user's 64b GTT offset even on 32b
  * Bionic update: upstream stable patchset 2019-08-07 (LP: #1839376)
    - ARM: riscpc: fix DMA
    - ARM: dts: rockchip: Make rk3288-veyron-minnie run at hs200
    - ARM: dts: rockchip: Make rk3288-veyron-mickey's emmc work again
    - ARM: dts: rockchip: Mark that the rk3288 timer might stop in suspend
    - ftrace: Enable trampoline when rec count returns back to one
    - kernel/module.c: Only return -EEXIST for modules that have finished loading
    - MIPS: lantiq: Fix bitfield masking
    - dmaengine: rcar-dmac: Reject zero-length slave DMA requests
    - clk: tegra210: fix PLLU and PLLU_OUT1
    - fs/adfs: super: fix use-after-free bug
    - btrfs: fix minimum number of chunk errors for DUP
    - cifs: Fix a race condition with cifs_echo_request
    - ceph: fix improper use of smp_mb__before_atomic()
    - ceph: return -ERANGE if virtual xattr value didn't fit in buffer
    - ACPI: blacklist: fix clang warning for unused DMI table
    - scsi: zfcp: fix GCC compiler warning emitted with -Wmaybe-uninitialized
    - x86: kvm: avoid constant-conversion warning
    - ACPI: fix false-positive -Wuninitialized warning
    - be2net: Signal that the device cannot transmit during reconfiguration
    - x86/apic: Silence -Wtype-limits compiler warnings
    - x86: math-emu: Hide clang warnings for 16-bit overflow
    - mm/cma.c: fail if fixed declaration can't be honored
    - coda: add error handling for fget
    - coda: fix build using bare-metal toolchain
    - uapi linux/coda_psdev.h: move upc_req definition from uapi to kernel side
      headers
    - drivers/rapidio/devices/rio_mport_cdev.c: NUL terminate some strings
    - ipc/mqueue.c: only perform resource calculation if user valid
    - xen/pv: Fix a boot up hang revealed by int3 self test
    - x86/kvm: Don't call kvm_spurious_fault() from .fixup
    - x86/paravirt: Fix callee-saved function ELF sizes
    - x86, boot: Remove multiple copy of static function sanitize_boot_params()
    - drm/nouveau: fix memory leak in nouveau_conn_reset()
    - kbuild: initialize CLANG_FLAGS correctly in the top Makefile
    - Btrfs: fix incremental send failure after deduplication
    - Btrfs: fix race leading to fs corruption after transaction abort
    - mmc: dw_mmc: Fix occasional hang after tuning on eMMC
    - gpiolib: fix incorrect IRQ requesting of an active-low lineevent
    - IB/hfi1: Fix Spectre v1 vulnerability
    - selinux: fix memory leak in policydb_init()
    - s390/dasd: fix endless loop after read unit address configuration
    - parisc: Fix build of compressed kernel even with debug enabled
    - drivers/perf: arm_pmu: Fix failure path in PM notifier
    - nbd: replace kill_bdev() with __invalidate_device() again
    - xen/swiotlb: fix condition for calling xen_destroy_contiguous_region()
    - IB/mlx5: Fix unreg_umr t

  linux-kvm (4.15.0-1042.42) bionic; urgency=medium

  * bionic/linux-kvm: 4.15.0-1042.42 -proposed tracker (LP: #1839276)

  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts

  [ Ubuntu: 4.15.0-58.64 ]

  * unable to handle kernel NULL pointer dereference at 000000000000002c (IP:
    iget5_locked+0x9e/0x1f0) (LP: #1838982)
    - Revert "ovl: set I_CREATING on inode being created"
    - Revert "new primitive: discard_new_inode()"

  linux-kvm (4.15.0-1039.39) bionic; urgency=medium

  * linux-kvm: 4.15.0-1039.39 -proposed tracker (LP: #1834940)

  * q-r-t security test wants SCHED_STACK_END_CHECK to be enabled in KVM kernels
    (LP: #1812159)
    - [Config]: enable SCHED_STACK_END_CHECK

  * test_410_config_lock_down_kernel in ubuntu_kernel_security test failed on
    B/C/D KVM (LP: #1811981)
    - [Config]: enable CONFIG_LOCK_DOWN_KERNEL

  [ Ubuntu: 4.15.0-55.60 ]

  * linux: 4.15.0-55.60 -proposed tracker (LP: #1834954)
  * Request backport of ceph commits into bionic (LP: #1834235)
    - ceph: use atomic_t for ceph_inode_info::i_shared_gen
    - ceph: define argument structure for handle_cap_grant
    - ceph: flush pending works before shutdown super
    - ceph: send cap releases more aggressively
    - ceph: single workqueue for inode related works
    - ceph: avoid dereferencing invalid pointer during cached readdir
    - ceph: quota: add initial infrastructure to support cephfs quotas
    - ceph: quota: support for ceph.quota.max_files
    - ceph: quota: don't allow cross-quota renames
    - ceph: fix root quota realm check
    - ceph: quota: support for ceph.quota.max_bytes
    - ceph: quota: update MDS when max_bytes is approaching
    - ceph: quota: add counter for snaprealms with quota
    - ceph: avoid iput_final() while holding mutex or in dispatch thread
  * QCA9377 isn't being recognized sometimes (LP: #1757218)
    - SAUCE: USB: Disable USB2 LPM at shutdown
  * hns: fix ICMP6 neighbor solicitation messages discard problem (LP: #1833140)
    - net: hns: fix ICMP6 neighbor solicitation messages discard problem
    - net: hns: fix unsigned comparison to less than zero
  * Fix occasional boot time crash in hns driver (LP: #1833138)
    - net: hns: Fix probabilistic memory overwrite when HNS driver initialized
  * use-after-free in hns_nic_net_xmit_hw (LP: #1833136)
    - net: hns: fix KASAN: use-after-free in hns_nic_net_xmit_hw()
  * hns: attempt to restart autoneg when disabled should report error
    (LP: #1833147)
    - net: hns: Restart autoneg need return failed when autoneg off
  * systemd 237-3ubuntu10.14 ADT test failure on Bionic ppc64el (test-seccomp)
    (LP: #1821625)
    - powerpc: sys_pkey_alloc() and sys_pkey_free() system calls
    - powerpc: sys_pkey_mprotect() system call
  * [UBUNTU] pkey: Indicate old mkvp only if old and curr. mkvp are different
    (LP: #1832625)
    - pkey: Indicate old mkvp only if old and current mkvp are different
  * [UBUNTU] kernel: Fix gcm-aes-s390 wrong scatter-gather list processing
    (LP: #1832623)
    - s390/crypto: fix gcm-aes-s390 selftest failures
  * System crashes on hot adding a core with drmgr command (4.15.0-48-generic)
    (LP: #1833716)
    - powerpc/numa: improve control of topology updates
    - powerpc/numa: document topology_updates_enabled, disable by default
  * Kernel modules generated incorrectly when system is localized to a non-
    English language (LP: #1828084)
    - scripts: override locale from environment when running recordmcount.pl
  * [UBUNTU] kernel: Fix wrong dispatching for control domain CPRBs
    (LP: #1832624)
    - s390/zcrypt: Fix wrong dispatching for control domain CPRBs
  * CVE-2019-11815
    - net: rds: force to destroy connection if t_sock is NULL in
      rds_tcp_kill_sock().
  * Sound device not detected after resume from hibernate (LP: #1826868)
    - drm/i915: Force 2*96 MHz cdclk on glk/cnl when audio power is enabled
    - drm/i915: Save the old CDCLK atomic state
    - drm/i915: Remove redundant store of logical CDCLK state
    - drm/i915: Skip modeset for cdclk changes if possible
  * Handle overflow in proc_get_long of sysctl (LP: #1833935)
    - sysctl: handle overflow in proc_get_long
  * Dell XPS 13 (9370) defaults to s2idle sleep/suspend instead of deep, NVMe
    drains lots of power under s2idle (LP: #1808957)
    - Revert "UBUNTU: SAUCE: pci/nvme: prevent WDC PC SN720 NVMe from entering D3
      and being disabled"
    - Revert "UBUNTU: SAUCE: nvme: add quirk to not call disable function when
      suspending"
    - Revert "UBUNTU: SAUCE: pci: prevent Intel NVMe SSDPEKKF from entering D3"
    - Revert "SAUCE: nvme: add quirk to not call disable function when suspending"
    - Revert "SAUCE: pci: prevent sk hynix nvme from entering D3"
    - PCI: PM: Avoid possible suspend-to-idle issue
    - PCI: PM: Skip devices in D0 for suspend-to-idle
    - nvme-pci: Sync queues on reset
    - nvme: Export get and set features
    - nvme-pci: Use host managed power state for suspend
  * linux v4.15 ftbfs on a newer host kernel (e.g. hwe) (LP: #1823429)
    - selinux: use kernel linux/socket.h for genheaders and mdp
  * 32-bit x86 kernel 4.15.0-50 crash in vmalloc_sync_all (LP: #1830433)
    - x86/mm/pat: Disable preemption around __flush_tlb_all()
    - x86/mm: Drop usage of __flush_tlb_all() in kernel_physical_mapping_init()
    - x86/mm: Disable ioremap free page handling on x86-PAE
    - ioremap: Update pgtable free interfaces with addr
    - x86/mm: Add TLB purge to free pmd/pte page interfaces
    - x86/init: fix build with CONFIG_SWAP=n
    - x86/mm: provide pmdp_establish() helper
    - x86/mm: Use WRITE_ONCE() when setting PTEs
  * hinic: fix oops due to race in set_rx_mode (LP: #1832048)
    - hinic: fix a bug in set rx mode
  * ubuntu 18.04 flickering screen with Radeon X1600 (LP: #1791312)
    - drm/radeon: prefer lower reference dividers
  * Login screen never appears on vmwgfx using bionic kernel 4.15 (LP: #1832138)
    - drm/vmwgfx: use monotonic event timestamps
  * [linux-azure] Block Layer Commits Requested in Azure Kernels (LP: #1834499)
    - block: Clear kernel memory before copying to user
    - block/bio: Do not zero user pages
  * CONFIG_LOG_BUF_SHIFT set to 14 is too low on arm64 (LP: #1824864)
    - [Config] CONFIG_LOG_BUF_SHIFT=18 on all 64bit arches
  * Handle overflow for file-max (LP: #1834310)
    - sysctl: handle overflow for file-max
    - kernel/sysctl.c: fix out-of-bounds