Package "linux-aws"

  linux-aws (4.15.0-1060.62) bionic; urgency=medium

  * bionic/linux-aws: 4.15.0-1060.62 -proposed tracker (LP: #1862808)

  [ Ubuntu: 4.15.0-88.88 ]

  * bionic/linux: 4.15.0-88.88 -proposed tracker (LP: #1862824)
  * Segmentation fault (kernel oops) with memory-hotplug in
    ubuntu_kernel_selftests on Bionic kernel (LP: #1862312)
    - Revert "mm/memory_hotplug: fix online/offline_pages called w.o.
      mem_hotplug_lock"
    - mm/memory_hotplug: fix online/offline_pages called w.o. mem_hotplug_lock

  linux-aws (4.15.0-1058.60) bionic; urgency=medium

  * bionic/linux-aws: 4.15.0-1058.60 -proposed tracker (LP: #1859795)

  * Update EFA driver to 1.5.0 (LP: #1850195)
    - SAUCE: linux/efa: Fix incorrect error print
    - SAUCE: linux/efa: Fix ‘err’ may be used uninitialized in this function
      warning
    - SAUCE: linux/efa: Add support for CentOS 7.7
    - SAUCE: linux/efa: Clear the admin command buffer prior to its submission
    - SAUCE: linux/efa: Bump driver version to 1.4.1
    - SAUCE: linux/efa: Store network attributes in device attributes
    - SAUCE: linux/efa: Support remote read access in MR registration
    - SAUCE: linux/efa: Expose RDMA read related attributes
    - SAUCE: linux/efa: Add ib_uverbs as a soft dependency
    - SAUCE: linux/efa: Use the ib_port_phys_state enum values
    - SAUCE: linux/efa: Backport missing driver id
    - SAUCE: linux/efa: Check sscanf return value
    - SAUCE: linux/efa: SuSE 15.1 support
    - SAUCE: linux/efa: Bump driver version to 1.5.0

  * linux-aws: swapoff optimization (LP: #1858618)
    - UBUNTU SAUCE [aws]: mm: swap: improve swap readahead heuristic

  * ARM CPU erratum Neoverse-N1 #1542419 (LP: #1855729)
    - arm64: Add support for new control bits CTR_EL0.DIC and CTR_EL0.IDC
    - arm64: Add part number for Neoverse N1
    - arm64: cpufeature: Trap CTR_EL0 access only where it is necessary
    - arm64: errata: Hide CTR_EL0.DIC on systems affected by Neoverse-N1 #1542419
    - arm64: Fake the IminLine size on systems affected by Neoverse-N1 #1542419
    - arm64: compat: Workaround Neoverse-N1 #1542419 for compat user-space
    - aws: [Config] updateconfigs for ARM64_ERRATUM_1542419

  [ Ubuntu: 4.15.0-75.85 ]

  * bionic/linux: 4.15.0-75.85 -proposed tracker (LP: #1859705)
  * use-after-free in i915_ppgtt_close (LP: #1859522) // CVE-2020-7053
    - SAUCE: drm/i915: Fix use-after-free when destroying GEM context
  * CVE-2019-14615
    - drm/i915/gen9: Clear residual context state on context switch
  * PAN is broken for execute-only user mappings on ARMv8 (LP: #1858815)
    - arm64: Revert support for execute-only user mappings
  * [Regression] usb usb2-port2: Cannot enable. Maybe the USB cable is bad?
    (LP: #1856608)
    - SAUCE: Revert "usb: handle warm-reset port requests on hub resume"
  * Miscellaneous Ubuntu changes
    - update dkms package versions

  [ Ubuntu: 4.15.0-74.84 ]

  * bionic/linux: 4.15.0-74.84 -proposed tracker (LP: #1856749)
  * [Hyper-V] KVP daemon fails to start on first boot of disco VM (LP: #1820063)
    - [Packaging] bind hv_kvp_daemon startup to hv_kvp device
  * Unrevert "arm64: Use firmware to detect CPUs that are not affected by
    Spectre-v2" (LP: #1854207)
    - arm64: Get rid of __smccc_workaround_1_hvc_*
    - arm64: Use firmware to detect CPUs that are not affected by Spectre-v2
  * Bionic kernel panic on Cavium ThunderX CN88XX (LP: #1853485)
    - SAUCE: irqchip/gic-v3-its: Add missing return value in
      its_irq_domain_activate()

 -- Connor Kuehl <email address hidden> Wed, 15 Jan 2020 10:27:24 -0800

  linux-aws (4.15.0-1057.59) bionic; urgency=medium

  * bionic/linux-aws: 4.15.0-1057.59 -proposed tracker (LP: #1854802)

  * Bionic update: upstream stable patchset 2019-11-21 (LP: #1853519)
    - aws: [Config] CONFIG_SGL_ALLOC=y

  * update ENA driver for DIMLIB dynamic interrupt moderation (LP: #1853180)
    - aws: [Config] CONFIG_DIMLIB=y

  [ Ubuntu: 4.15.0-73.82 ]

  * bionic/linux: 4.15.0-73.82 -proposed tracker (LP: #1854819)
  * CVE-2019-14901
    - SAUCE: mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()
  * CVE-2019-14896 // CVE-2019-14897
    - SAUCE: libertas: Fix two buffer overflows at parsing bss descriptor
  * CVE-2019-14895
    - SAUCE: mwifiex: fix possible heap overflow in mwifiex_process_country_ie()
  * CVE-2019-18660: patches for Ubuntu (LP: #1853142) // CVE-2019-18660
    - powerpc/64s: support nospectre_v2 cmdline option
    - powerpc/book3s64: Fix link stack flush on context switch
    - KVM: PPC: Book3S HV: Flush link stack on guest exit to host kernel
  * Please add patch fixing RK818 ID detection (LP: #1853192)
    - SAUCE: mfd: rk808: Fix RK818 ID template
  * [SRU][B/OEM-B/OEM-OSP1/D] Enable new Elan touchpads which are not in current
    whitelist (LP: #1853246)
    - HID: quirks: Fix keyboard + touchpad on Lenovo Miix 630
    - Input: elan_i2c - export the device id whitelist
    - HID: quirks: Refactor ELAN 400 and 401 handling
  * Lenovo dock MAC Address pass through doesn't work in Ubuntu (LP: #1827961)
    - r8152: Add macpassthru support for ThinkPad Thunderbolt 3 Dock Gen 2
  * s390/dasd: reduce the default queue depth and nr of hardware queues
    (LP: #1852257)
    - s390/dasd: reduce the default queue depth and nr of hardware queues
  * External microphone can't work on some dell machines with the codec alc256
    or alc236 (LP: #1853791)
    - SAUCE: ALSA: hda/realtek - Move some alc256 pintbls to fallback table
    - SAUCE: ALSA: hda/realtek - Move some alc236 pintbls to fallback table
  * Memory leak in net/xfrm/xfrm_state.c - 8 pages per ipsec connection
    (LP: #1853197)
    - xfrm: Fix memleak on xfrm state destroy
  * CVE-2019-19083
    - drm/amd/display: memory leak
  * update ENA driver for DIMLIB dynamic interrupt moderation (LP: #1853180)
    - net: ena: add intr_moder_rx_interval to struct ena_com_dev and use it
    - net: ena: switch to dim algorithm for rx adaptive interrupt moderation
    - net: ena: reimplement set/get_coalesce()
    - net: ena: enable the interrupt_moderation in driver_supported_features
    - net: ena: remove code duplication in
      ena_com_update_nonadaptive_moderation_interval _*()
    - net: ena: remove old adaptive interrupt moderation code from ena_netdev
    - net: ena: remove ena_restore_ethtool_params() and relevant fields
    - net: ena: remove all old adaptive rx interrupt moderation code from ena_com
    - net: ena: fix update of interrupt moderation register
    - net: ena: fix retrieval of nonadaptive interrupt moderation intervals
    - net: ena: fix incorrect update of intr_delay_resolution
    - net: ena: Select DIMLIB for ENA_ETHERNET
    - SAUCE: net: ena: fix issues in setting interrupt moderation params in
      ethtool
    - SAUCE: net: ena: fix too long default tx interrupt moderation interval
  * CONFIG_ARCH_ROCKCHIP is not set in ubuntu 18.04 aarch64,arm64 (LP: #1825222)
    - [Config] Enable ROCKCHIP support for arm64
  * backport DIMLIB (lib/dim/) to pre-5.2 kernels (LP: #1852637)
    - include/linux/bitops.h: introduce BITS_PER_TYPE
    - [Config] enable DIMLIB
    - linux/dim: import DIMLIB (lib/dim/)
    - SAUCE: linux/dim: avoid library object filename clash
  * The alsa hda driver is not loaded due to the missing of PCIID for Comet
    Lake-S [8086:a3f0] (LP: #1852070)
    - SAUCE: ALSA: hda: Add Cometlake-S PCI ID
  * Can't adjust brightness on DELL UHD dGPU AIO (LP: #1813877)
    - SAUCE: platform/x86: dell-uart-backlight: add missing status command
    - SAUCE: platform/x86: dell-uart-backlight: load driver by scalar status
    - SAUCE: platform/x86: dell-uart-backlight: add force parameter
    - SAUCE: platform/x86: dell-uart-backlight: add quirk for old platforms
  * Enable framebuffer fonts auto selection for HighDPI screen (LP: #1851623)
    - fonts: Fix coding style
    - fonts: Prefer a bigger font for high resolution screens
  * Disable unreliable HPET on CFL-H system (LP: #1852216)
    - SAUCE: x86/intel: Disable HPET on Intel Coffe Lake H platforms
  * i40e: Setting VF MAC address causes General Protection Fault (LP: #1852432)
    - i40e: Fix crash caused by stress setting of VF MAC addresses
  * Bionic update: upstream stable patchset 2019-11-27 (LP: #1854216)
    - spi: mediatek: use correct mata->xfer_len when in fifo transfer
    - tee: optee: add missing of_node_put after of_device_is_available
    - net: cdc_ncm: Signedness bug in cdc_ncm_set_dgram_size()
    - idr: Fix idr_get_next race with idr_remove
    - mm/memory_hotplug: don't access uninitialized memmaps in shrink_pgdat_span()
    - mm/memory_hotplug: fix updating the node span
    - arm64: uaccess: Ensure PAN is re-enabled after unhandled uaccess fault
    - fbdev: Ditch fb_edid_add_monspecs
    - net: ovs: fix return type of ndo_start_xmit function
    - net: xen-netback: fix return type of ndo_start_xmit function
    - ARM: dts: dra7: Enable workaround for errata i870 in PCIe host mode
    - ARM: dts: omap5: enable OTG role for DWC3 controller
    - f2fs: return correct errno in f2fs_gc
    - ARM: dts: sun8i: h3-h5: ir register size should be the whole memory block
    - SUNRPC: Fix priority queue fairness
    - IB/hfi1: Ensure ucast_dlid access doesnt exceed bounds
    - kvm: arm/arm64: Fix stage2_flush_memslot for 4 level page table
    - arm64/numa: Report correct memblock range for the dummy node
    - ath10k: fix vdev-start timeout on error
    - ata: ahci_brcm: Allow using driver or DSL SoCs
    - ath9k: fix reporting calculated new FFT upper max
    - usb: gadget: udc: f

  linux-aws (4.15.0-1056.58) bionic; urgency=medium

  * bionic/linux-aws: 4.15.0-1056.58 -proposed tracker (LP: #1854029)

  [ Ubuntu: 4.15.0-72.81 ]

  * bionic/linux: 4.15.0-72.81 -proposed tracker (LP: #1854027)
  * [Regression] Bionic kernel 4.15.0-71.80 can not boot on ThunderX
    (LP: #1853326)
    - Revert "arm64: Use firmware to detect CPUs that are not affected by
      Spectre-v2"
    - Revert "arm64: Get rid of __smccc_workaround_1_hvc_*"
  * [Regression] Bionic kernel 4.15.0-71.80 can not boot on ThunderX2 and
    Kunpeng920 (LP: #1852723)
    - SAUCE: arm64: capabilities: Move setup_boot_cpu_capabilities() call to
      correct place

  linux-aws (4.15.0-1054.56) bionic; urgency=medium

  * CVE-2019-11135
    - [Config] Disable TSX by default when possible

  [ Ubuntu: 4.15.0-69.78 ]

  * KVM NULL pointer deref (LP: #1851205)
    - KVM: nVMX: handle page fault in vmread fix
  * CVE-2018-12207
    - KVM: MMU: drop vcpu param in gpte_access
    - kvm: Convert kvm_lock to a mutex
    - kvm: x86: Do not release the page inside mmu_set_spte()
    - KVM: x86: make FNAME(fetch) and __direct_map more similar
    - KVM: x86: remove now unneeded hugepage gfn adjustment
    - KVM: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON
    - KVM: x86: add tracepoints around __direct_map and FNAME(fetch)
    - kvm: x86, powerpc: do not allow clearing largepages debugfs entry
    - SAUCE: KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is
      active
    - SAUCE: x86: Add ITLB_MULTIHIT bug infrastructure
    - SAUCE: kvm: mmu: ITLB_MULTIHIT mitigation
    - SAUCE: kvm: Add helper function for creating VM worker threads
    - SAUCE: kvm: x86: mmu: Recovery of shattered NX large pages
    - SAUCE: cpu/speculation: Uninline and export CPU mitigations helpers
    - SAUCE: kvm: x86: mmu: Apply global mitigations knob to ITLB_MULTIHIT
  * CVE-2019-11135
    - KVM: x86: use Intel speculation bugs and features as derived in generic x86
      code
    - x86/msr: Add the IA32_TSX_CTRL MSR
    - x86/cpu: Add a helper function x86_read_arch_cap_msr()
    - x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default
    - x86/speculation/taa: Add mitigation for TSX Async Abort
    - x86/speculation/taa: Add sysfs reporting for TSX Async Abort
    - kvm/x86: Export MDS_NO=0 to guests when TSX is enabled
    - x86/tsx: Add "auto" option to the tsx= cmdline parameter
    - x86/speculation/taa: Add documentation for TSX Async Abort
    - x86/tsx: Add config options to set tsx=on|off|auto
    - SAUCE: x86/speculation/taa: Call tsx_init()
    - SAUCE: x86/cpu: Include cpu header from bugs.c
    - [Config] Disable TSX by default when possible
  * CVE-2019-0154
    - SAUCE: drm/i915: Lower RM timeout to avoid DSI hard hangs
    - SAUCE: drm/i915/gen8+: Add RC6 CTX corruption WA
  * CVE-2019-0155
    - drm/i915/gtt: Add read only pages to gen8_pte_encode
    - drm/i915/gtt: Read-only pages for insert_entries on bdw+
    - drm/i915/gtt: Disable read-only support under GVT
    - drm/i915: Prevent writing into a read-only object via a GGTT mmap
    - drm/i915/cmdparser: Check reg_table_count before derefencing.
    - drm/i915/cmdparser: Do not check past the cmd length.
    - drm/i915: Silence smatch for cmdparser
    - drm/i915: Move engine->needs_cmd_parser to engine->flags
    - SAUCE: drm/i915: Rename gen7 cmdparser tables
    - SAUCE: drm/i915: Disable Secure Batches for gen6+
    - SAUCE: drm/i915: Remove Master tables from cmdparser
    - SAUCE: drm/i915: Add support for mandatory cmdparsing
    - SAUCE: drm/i915: Support ro ppgtt mapped cmdparser shadow buffers
    - SAUCE: drm/i915: Allow parsing of unsized batches
    - SAUCE: drm/i915: Add gen9 BCS cmdparsing
    - SAUCE: drm/i915/cmdparser: Use explicit goto for error paths
    - SAUCE: drm/i915/cmdparser: Add support for backward jumps
    - SAUCE: drm/i915/cmdparser: Ignore Length operands during command matching

  [ Ubuntu: 4.15.0-68.77 ]

  * bionic/linux: 4.15.0-68.77 -proposed tracker (LP: #1849855)
  * [REGRESSION] md/raid0: cannot assemble multi-zone RAID0 with default_layout
    setting (LP: #1849682)
    - Revert "md/raid0: avoid RAID0 data corruption due to layout confusion."