Package "linux-kvm"

  linux-kvm (4.4.0-1071.78) xenial; urgency=medium

  * xenial/linux-kvm: 4.4.0-1071.78 -proposed tracker (LP: #1874796)

  [ Ubuntu: 4.4.0-179.209 ]

  * xenial/linux: 4.4.0-179.209 -proposed tracker (LP: #1874804)
  * Add debian/rules targets to compile/run kernel selftests (LP: #1874286)
    - [Packaging] add support to compile/run selftests
  * getitimer returns it_value=0 erroneously (LP: #1349028)
    - [Config] CONTEXT_TRACKING_FORCE policy should be unset
  * CVE-2020-11608
    - media: ov519: add missing endpoint sanity checks
  * CVE-2019-19060
    - iio: imu: adis16400: release allocated memory on failure
  * Xenial update: 4.4.219 upstream stable release (LP: #1874045)
    - drm/bochs: downgrade pci_request_region failure from error to warning
    - ipv4: fix a RCU-list lock in fib_triestat_seq_show
    - net, ip_tunnel: fix interface lookup with no key
    - sctp: fix possibly using a bad saddr with a given dst
    - l2tp: Correctly return -EBADF from pppol2tp_getname.
    - net: l2tp: Make l2tp_ip6 namespace aware
    - l2tp: fix race in l2tp_recv_common()
    - l2tp: ensure session can't get removed during pppol2tp_session_ioctl()
    - l2tp: fix duplicate session creation
    - l2tp: Refactor the codes with existing macros instead of literal number
    - l2tp: ensure sessions are freed after their PPPOL2TP socket
    - l2tp: fix race between l2tp_session_delete() and l2tp_tunnel_closeall()
    - usb: gadget: uac2: Drop unused device qualifier descriptor
    - usb: gadget: printer: Drop unused device qualifier descriptor
    - padata: always acquire cpu_hotplug_lock before pinst->lock
    - mm: mempolicy: require at least one nodeid for MPOL_PREFERRED
    - net: stmmac: dwmac1000: fix out-of-bounds mac address reg setting
    - random: always use batched entropy for get_random_u{32,64}
    - tools/accounting/getdelays.c: fix netlink attribute length
    - power: supply: axp288_charger: Fix unchecked return value
    - ASoC: jz4740-i2s: Fix divider written at incorrect offset in register
    - IB/hfi1: Call kobject_put() when kobject_init_and_add() fails
    - Bluetooth: RFCOMM: fix ODEBUG bug in rfcomm_dev_ioctl
    - RDMA/cm: Update num_paths in cma_resolve_iboe_route error flow
    - clk: qcom: rcg: Return failure for RCG update
    - drm_dp_mst_topology: fix broken drm_dp_sideband_parse_remote_dpcd_read()
    - Linux 4.4.219
  * Xenial update: 4.4.218 upstream stable release (LP: #1873852)
    - spi: qup: call spi_qup_pm_resume_runtime before suspending
    - powerpc: Include .BTF section
    - ARM: dts: dra7: Add "dma-ranges" property to PCIe RC DT nodes
    - spi/zynqmp: remove entry that causes a cs glitch
    - drm/exynos: dsi: propagate error value and silence meaningless warning
    - drm/exynos: dsi: fix workaround for the legacy clock name
    - altera-stapl: altera_get_note: prevent write beyond end of 'key'
    - USB: Disable LPM on WD19's Realtek Hub
    - usb: quirks: add NO_LPM quirk for RTL8153 based ethernet adapters
    - USB: serial: option: add ME910G1 ECM composition 0x110b
    - usb: host: xhci-plat: add a shutdown
    - USB: serial: pl2303: add device-id for HP LD381
    - ALSA: line6: Fix endless MIDI read loop
    - ALSA: seq: virmidi: Fix running status after receiving sysex
    - ALSA: seq: oss: Fix running status after receiving sysex
    - ALSA: pcm: oss: Avoid plugin buffer overflow
    - ALSA: pcm: oss: Remove WARNING from snd_pcm_plug_alloc() checks
    - staging: rtl8188eu: Add device id for MERCUSYS MW150US v2
    - staging/speakup: fix get_word non-space look-ahead
    - intel_th: Fix user-visible error codes
    - rtc: max8907: add missing select REGMAP_IRQ
    - memcg: fix NULL pointer dereference in __mem_cgroup_usage_unregister_event
    - mm: slub: be more careful about the double cmpxchg of freelist
    - mm, slub: prevent kmalloc_node crashes and memory leaks
    - x86/mm: split vmalloc_sync_all()
    - USB: cdc-acm: fix close_delay and closing_wait units in TIOCSSERIAL
    - USB: cdc-acm: fix rounding error in TIOCSSERIAL
    - kbuild: Disable -Wpointer-to-enum-cast
    - futex: Fix inode life-time issue
    - futex: Unbreak futex hashing
    - arm64: smp: fix smp_send_stop() behaviour
    - Revert "drm/dp_mst: Skip validating ports during destruction, just ref"
    - hsr: fix general protection fault in hsr_addr_is_self()
    - net: dsa: Fix duplicate frames flooded by learning
    - net_sched: cls_route: remove the right filter from hashtable
    - net_sched: keep alloc_hash updated after hash allocation
    - NFC: fdp: Fix a signedness bug in fdp_nci_send_patch()
    - slcan: not call free_netdev before rtnl_unlock in slcan_open
    - vxlan: check return value of gro_cells_init()
    - hsr: use rcu_read_lock() in hsr_get_node_{list/status}()
    - hsr: add restart routine into hsr_get_node_list()
    - hsr: set .netnsok flag
    - vhost: Check docket sk_family instead of call getname
    - IB/ipoib: Do not warn if IPoIB debugfs doesn't exist
    - uapi glibc compat: fix outer guard of net device flags enum
    - KVM: VMX: Do not allow reexecute_instruction() when skipping MMIO instr
    - drivers/hwspinlock: use correct radix tree API
    - net: ipv4: don't let PMTU updates increase route MTU
    - cpupower: avoid multiple definition with gcc -fno-common
    - dt-bindings: net: FMan erratum A050385
    - scsi: ipr: Fix softlockup when rescanning devices in petitboot
    - mac80211: Do not send mesh HWMP PREQ if HWMP is disabled
    - sxgbe: Fix off by one in samsung driver strncpy size arg
    - i2c: hix5hd2: add missed clk_disable_unprepare in remove
    - perf probe: Do not depend on dwfl_module_addrsym()
    - scripts/dtc: Remove redundant YYLOC global declaration
    - scsi: sd: Fix optimal I/O size for devices that change reported values
    - mac80211: mark station unauthorized before key removal
    - genirq: Fix reference leaks on irq affinity notifiers
    - vti[6]: fix packet tx through bpf_redirect() in XinY case

  linux-kvm (4.4.0-1070.77) xenial; urgency=medium

  * xenial/linux-kvm: 4.4.0-1070.77 -proposed tracker (LP: #1870652)

  [ Ubuntu: 4.4.0-178.208 ]

  * xenial/linux: 4.4.0-178.208 -proposed tracker (LP: #1870660)
  * CVE-2019-19768
    - blktrace: Protect q->blk_trace with RCU
    - blktrace: fix dereference after null check
  * Multiple Kexec in AWS Nitro instances fail (LP: #1869948)
    - net: ena: Add PCI shutdown handler to allow safe kexec
  * Insert test_bpf module will report 4 failures for ubuntu_bpf_jit on X s390x
    (LP: #1768452)
    - test_bpf: flag tests that cannot be jited on s390
  * Mounting LVM snapshots with xfs can hit kernel BUG in nvme driver
    (LP: #1869229)
    - block: fix bio_will_gap() for first bvec with offset
  * Xenial update: 4.4.217 upstream stable release (LP: #1868629)
    - NFS: Remove superfluous kmap in nfs_readdir_xdr_to_array
    - r8152: check disconnect status after long sleep
    - net: nfc: fix bounds checking bugs on "pipe"
    - bnxt_en: reinitialize IRQs when MTU is modified
    - fib: add missing attribute validation for tun_id
    - nl802154: add missing attribute validation
    - nl802154: add missing attribute validation for dev_type
    - team: add missing attribute validation for port ifindex
    - team: add missing attribute validation for array index
    - nfc: add missing attribute validation for SE API
    - nfc: add missing attribute validation for vendor subcommand
    - ipvlan: add cond_resched_rcu() while processing muticast backlog
    - ipvlan: do not add hardware address of master to its unicast filter list
    - ipvlan: egress mcast packets are not exceptional
    - ipvlan: do not use cond_resched_rcu() in ipvlan_process_multicast()
    - ipvlan: don't deref eth hdr before checking it's set
    - macvlan: add cond_resched() during multicast processing
    - net: fec: validate the new settings in fec_enet_set_coalesce()
    - slip: make slhc_compress() more robust against malicious packets
    - bonding/alb: make sure arp header is pulled before accessing it
    - net: fq: add missing attribute validation for orphan mask
    - iommu/vt-d: quirk_ioat_snb_local_iommu: replace WARN_TAINT with pr_warn +
      add_taint
    - drm/amd/display: remove duplicated assignment to grph_obj_type
    - gfs2_atomic_open(): fix O_EXCL|O_CREAT handling on cold dcache
    - KVM: x86: clear stale x86_emulate_ctxt->intercept value
    - ARC: define __ALIGN_STR and __ALIGN symbols for ARC
    - efi: Fix a race and a buffer overflow while reading efivars via sysfs
    - iommu/vt-d: dmar: replace WARN_TAINT with pr_warn + add_taint
    - iommu/vt-d: Fix a bug in intel_iommu_iova_to_phys() for huge page
    - nl80211: add missing attribute validation for critical protocol indication
    - nl80211: add missing attribute validation for channel switch
    - netfilter: cthelper: add missing attribute validation for cthelper
    - iommu/vt-d: Fix the wrong printing in RHSA parsing
    - iommu/vt-d: Ignore devices with out-of-spec domain number
    - ipv6: restrict IPV6_ADDRFORM operation
    - efi: Add a sanity check to efivar_store_raw()
    - batman-adv: Fix invalid read while copying bat_iv.bcast_own
    - batman-adv: Only put gw_node list reference when removed
    - batman-adv: Only put orig_node_vlan list reference when removed
    - batman-adv: Avoid endless loop in bat-on-bat netdevice check
    - batman-adv: Fix unexpected free of bcast_own on add_if error
    - batman-adv: Fix integer overflow in batadv_iv_ogm_calc_tq
    - batman-adv: init neigh node last seen field
    - batman-adv: Deactivate TO_BE_ACTIVATED hardif on shutdown
    - batman-adv: Drop reference to netdevice on last reference
    - batman-adv: Fix reference counting of vlan object for tt_local_entry
    - batman-adv: Avoid duplicate neigh_node additions
    - batman-adv: fix skb deref after free
    - batman-adv: Fix use-after-free/double-free of tt_req_node
    - batman-adv: Fix ICMP RR ethernet access after skb_linearize
    - batman-adv: Clean up untagged vlan when destroying via rtnl-link
    - batman-adv: Avoid nullptr dereference in bla after vlan_insert_tag
    - batman-adv: Avoid nullptr dereference in dat after vlan_insert_tag
    - batman-adv: Fix orig_node_vlan leak on orig_node_release
    - batman-adv: lock crc access in bridge loop avoidance
    - batman-adv: Fix non-atomic bla_claim::backbone_gw access
    - batman-adv: Fix reference leak in batadv_find_router
    - batman-adv: Free last_bonding_candidate on release of orig_node
    - batman-adv: Fix speedy join in gateway client mode
    - batman-adv: Add missing refcnt for last_candidate
    - batman-adv: Fix double free during fragment merge error
    - batman-adv: Fix transmission of final, 16th fragment
    - batman-adv: Fix rx packet/bytes stats on local ARP reply
    - batman-adv: fix TT sync flag inconsistencies
    - batman-adv: Fix lock for ogm cnt access in batadv_iv_ogm_calc_tq
    - batman-adv: Fix internal interface indices types
    - batman-adv: update data pointers after skb_cow()
    - batman-adv: Fix skbuff rcsum on packet reroute
    - batman-adv: Avoid race in TT TVLV allocator helper
    - batman-adv: Fix TT sync flags for intermediate TT responses
    - batman-adv: prevent TT request storms by not sending inconsistent TT TLVLs
    - batman-adv: Fix debugfs path for renamed hardif
    - batman-adv: Fix debugfs path for renamed softif
    - batman-adv: Avoid storing non-TT-sync flags on singular entries too
    - batman-adv: Prevent duplicated gateway_node entry
    - batman-adv: Prevent duplicated nc_node entry
    - batman-adv: Prevent duplicated global TT entry
    - batman-adv: Prevent duplicated tvlv handler
    - batman-adv: Reduce claim hash refcnt only for removed entry
    - batman-adv: Reduce tt_local hash refcnt only for removed entry
    - batman-adv: Reduce tt_global hash refcnt only for removed entry
    - batman-adv: Only read OGM tvlv_len after buffer len check
 

  linux-kvm (4.4.0-1069.76) xenial; urgency=medium

  * xenial/linux-kvm: 4.4.0-1069.76 -proposed tracker (LP: #1867234)

  [ Ubuntu: 4.4.0-177.207 ]

  * xenial/linux: 4.4.0-177.207 -proposed tracker (LP: #1867243)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync getabis
    - [Packaging] update helper scripts
  * Xenial update: 4.4.214 upstream stable release (LP: #1864775)
    - media: iguanair: fix endpoint sanity check
    - x86/cpu: Update cached HLE state on write to TSX_CTRL_CPUID_CLEAR
    - sparc32: fix struct ipc64_perm type definition
    - ASoC: qcom: Fix of-node refcount unbalance to link->codec_of_node
    - cls_rsvp: fix rsvp_policy
    - net: hsr: fix possible NULL deref in hsr_handle_frame()
    - net_sched: fix an OOB access in cls_tcindex
    - tcp: clear tp->total_retrans in tcp_disconnect()
    - tcp: clear tp->segs_{in|out} in tcp_disconnect()
    - media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors
    - mfd: dln2: More sanity checking for endpoints
    - brcmfmac: Fix memory leak in brcmf_usbdev_qinit
    - usb: gadget: legacy: set max_speed to super-speed
    - usb: gadget: f_ncm: Use atomic_t to track in-flight request
    - usb: gadget: f_ecm: Use atomic_t to track in-flight request
    - ALSA: dummy: Fix PCM format loop in proc output
    - lib/test_kasan.c: fix memory leak in kmalloc_oob_krealloc_more()
    - powerpc/pseries: Advance pfn if section is not present in lmb_is_removable()
    - mmc: spi: Toggle SPI polarity, do not hardcode it
    - PCI: keystone: Fix link training retries initiation
    - crypto: api - Check spawn->alg under lock in crypto_drop_spawn
    - scsi: qla2xxx: Fix mtcp dump collection failure
    - power: supply: ltc2941-battery-gauge: fix use-after-free
    - of: Add OF_DMA_DEFAULT_COHERENT & select it on powerpc
    - dm space map common: fix to ensure new block isn't already in use
    - crypto: pcrypt - Do not clear MAY_SLEEP flag in original request
    - crypto: api - Fix race condition in crypto_spawn_alg
    - crypto: picoxcell - adjust the position of tasklet_init and fix missed
      tasklet_kill
    - btrfs: set trans->drity in btrfs_commit_transaction
    - ARM: tegra: Enable PLLP bypass during Tegra124 LP1
    - mwifiex: fix unbalanced locking in mwifiex_process_country_ie()
    - sunrpc: expiry_time should be seconds not timeval
    - KVM: x86: Refactor prefix decoding to prevent Spectre-v1/L1TF attacks
    - KVM: x86: Protect DR-based index computations from Spectre-v1/L1TF attacks
    - KVM: x86: Protect kvm_hv_msr_[get|set]_crash_data() from Spectre-v1/L1TF
      attacks
    - KVM: x86: Protect ioapic_write_indirect() from Spectre-v1/L1TF attacks
    - KVM: x86: Protect MSR-based index computations in pmu.h from Spectre-v1/L1TF
      attacks
    - KVM: x86: Protect ioapic_read_indirect() from Spectre-v1/L1TF attacks
    - KVM: x86: Protect MSR-based index computations from Spectre-v1/L1TF attacks
      in x86.c
    - KVM: x86: Protect x86_decode_insn from Spectre-v1/L1TF attacks
    - KVM: x86: Protect MSR-based index computations in fixed_msr_to_seg_unit()
      from Spectre-v1/L1TF attacks
    - KVM: PPC: Book3S HV: Uninit vCPU if vcore creation fails
    - KVM: PPC: Book3S PR: Free shared page if mmu initialization fails
    - KVM: x86: Free wbinvd_dirty_mask if vCPU creation fails
    - scsi: qla2xxx: Fix the endianness of the qla82xx_get_fw_size() return type
    - scsi: csiostor: Adjust indentation in csio_device_reset
    - scsi: qla4xxx: Adjust indentation in qla4xxx_mem_free
    - ext2: Adjust indentation in ext2_fill_super
    - powerpc/44x: Adjust indentation in ibm4xx_denali_fixup_memsize
    - NFC: pn544: Adjust indentation in pn544_hci_check_presence
    - ppp: Adjust indentation into ppp_async_input
    - net: smc911x: Adjust indentation in smc911x_phy_configure
    - net: tulip: Adjust indentation in {dmfe, uli526x}_init_module
    - mfd: da9062: Fix watchdog compatible string
    - mfd: rn5t618: Mark ADC control register volatile
    - net: systemport: Avoid RBUF stuck in Wake-on-LAN mode
    - bonding/alb: properly access headers in bond_alb_xmit()
    - NFS: Fix memory leaks and corruption in readdir
    - NFS: Fix bool initialization/comparison
    - NFS: Directory page cache pages need to be locked when read
    - Btrfs: fix assertion failure on fsync with NO_HOLES enabled
    - btrfs: remove trivial locking wrappers of tree mod log
    - Btrfs: fix race between adding and putting tree mod seq elements and nodes
    - drm: atmel-hlcdc: enable clock before configuring timing engine
    - KVM: x86: drop picdev_in_range()
    - KVM: x86: Refactor picdev_write() to prevent Spectre-v1/L1TF attacks
    - KVM: x86: Protect pmu_intel.c from Spectre-v1/L1TF attacks
    - KVM: x86: Protect kvm_lapic_reg_write() from Spectre-v1/L1TF attacks
    - btrfs: flush write bio if we loop in extent_write_cache_pages
    - KVM: x86/mmu: Apply max PA check for MMIO sptes to 32-bit KVM
    - KVM: VMX: Add non-canonical check on writes to RTIT address MSRs
    - KVM: nVMX: vmread should not set rflags to specify success in case of #PF
    - cifs: fail i/o on soft mounts if sessionsetup errors out
    - clocksource: Prevent double add_timer_on() for watchdog_timer
    - perf/core: Fix mlock accounting in perf_mmap()
    - ASoC: pcm: update FE/BE trigger order based on the command
    - scsi: ufs: Fix ufshcd_probe_hba() reture value in case
      ufshcd_scsi_add_wlus() fails
    - rtc: hym8563: Return -EINVAL if the time is known to be invalid
    - ARC: [plat-axs10x]: Add missing multicast filter number to GMAC node
    - ARM: dts: at91: sama5d3: fix maximum peripheral clock rates
    - ARM: dts: at91: sama5d3: define clock rate range for tcb1
    - powerpc/pseries: Allow not having ibm, hypertas-functions::hcall-multi-tce
      for DDW
    - pinctrl: sh-pfc: r8a7778: Fix duplicate SDSELF_B and SD1_CLK_B
    - mwifiex: Fix possible buffer overflows in mwifiex_ret_w

  linux-kvm (4.4.0-1068.75) xenial; urgency=medium

  * xenial/linux-kvm: 4.4.0-1068.75 -proposed tracker (LP: #1865243)

  [ Ubuntu: 4.4.0-176.206 ]

  * xenial/linux: 4.4.0-176.206 -proposed tracker (LP: #1865106)
  * CVE-2020-2732
    - x86/vdso: Use RDPID in preference to LSL when available
    - KVM: x86: emulate RDPID
    - KVM: nVMX: Don't emulate instructions in guest mode
    - KVM: nVMX: Refactor IO bitmap checks into helper function
    - KVM: nVMX: Check IO instruction VM-exit conditions

  linux-kvm (4.4.0-1066.73) xenial; urgency=medium

  * xenial/linux-kvm: 4.4.0-1066.73 -proposed tracker (LP: #1861110)

  [ Ubuntu: 4.4.0-174.204 ]

  * xenial/linux: 4.4.0-174.204 -proposed tracker (LP: #1861122)
  * Xenial update: 4.4.211 upstream stable release (LP: #1860681)
    - hidraw: Return EPOLLOUT from hidraw_poll
    - HID: hidraw: Fix returning EPOLLOUT from hidraw_poll
    - HID: hidraw, uhid: Always report EPOLLOUT
    - cfg80211/mac80211: make ieee80211_send_layer2_update a public function
    - mac80211: Do not send Layer 2 Update frame before authorization
    - media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap
    - p54usb: Fix race between disconnect and firmware loading
    - ALSA: line6: Fix write on zero-sized buffer
    - ALSA: line6: Fix memory leak at line6_init_pcm() error path
    - xen: let alloc_xenballooned_pages() fail if not enough memory free
    - wimax: i2400: fix memory leak
    - wimax: i2400: Fix memory leak in i2400m_op_rfkill_sw_toggle
    - ext4: fix use-after-free race with debug_want_extra_isize
    - ext4: add more paranoia checking in ext4_expand_extra_isize handling
    - rtc: mt6397: fix alarm register overwrite
    - iommu: Remove device link to group on failure
    - gpio: Fix error message on out-of-range GPIO in lookup table
    - hsr: reset network header when supervision frame is created
    - cifs: Adjust indentation in smb2_open_file
    - RDMA/srpt: Report the SCSI residual to the initiator
    - scsi: enclosure: Fix stale device oops with hot replug
    - scsi: sd: Clear sdkp->protection_type if disk is reformatted without PI
    - platform/x86: asus-wmi: Fix keyboard brightness cannot be set to 0
    - iio: imu: adis16480: assign bias value only if operation succeeded
    - mei: fix modalias documentation
    - clk: samsung: exynos5420: Preserve CPU clocks configuration during
      suspend/resume
    - compat_ioctl: handle SIOCOUTQNSD
    - tty: serial: imx: use the sg count from dma_map_sg
    - tty: serial: pch_uart: correct usage of dma_unmap_sg
    - media: exynos4-is: Fix recursive locking in isp_video_release()
    - spi: atmel: fix handling of cs_change set on non-last xfer
    - rtlwifi: Remove unnecessary NULL check in rtl_regd_init
    - rtc: msm6242: Fix reading of 10-hour digit
    - rseq/selftests: Turn off timeout setting
    - hexagon: work around compiler crash
    - ocfs2: call journal flush to mark journal as empty after journal recovery
      when mount
    - ALSA: seq: Fix racy access for queue timer in proc read
    - Fix built-in early-load Intel microcode alignment
    - block: fix an integer overflow in logical block size
    - USB: serial: simple: Add Motorola Solutions TETRA MTP3xxx and MTP85xx
    - USB: serial: opticon: fix control-message timeouts
    - USB: serial: suppress driver bind attributes
    - USB: serial: ch341: handle unbound port at reset_resume
    - USB: serial: io_edgeport: add missing active-port sanity check
    - USB: serial: quatech2: handle unbound ports
    - scsi: mptfusion: Fix double fetch bug in ioctl
    - usb: core: hub: Improved device recognition on remote wakeup
    - x86/efistub: Disable paging at mixed mode entry
    - mm/page-writeback.c: avoid potential division by zero in wb_min_max_ratio()
    - net: stmmac: 16KB buffer must be 16 byte aligned
    - net: stmmac: Enable 16KB buffer size
    - USB: serial: io_edgeport: use irqsave() in USB's complete callback
    - USB: serial: io_edgeport: handle unbound ports on URB completion
    - USB: serial: keyspan: handle unbound ports
    - scsi: fnic: use kernel's '%pM' format option to print MAC
    - scsi: fnic: fix invalid stack access
    - arm64: dts: agilex/stratix10: fix pmu interrupt numbers
    - netfilter: fix a use-after-free in mtype_destroy()
    - batman-adv: Fix DAT candidate selection on little endian systems
    - macvlan: use skb_reset_mac_header() in macvlan_queue_xmit()
    - r8152: add missing endpoint sanity check
    - tcp: fix marked lost packets not being retransmitted
    - net: usb: lan78xx: limit size of local TSO packets
    - xen/blkfront: Adjust indentation in xlvbd_alloc_gendisk
    - cw1200: Fix a signedness bug in cw1200_load_firmware()
    - cfg80211: check for set_wiphy_params
    - scsi: esas2r: unlock on error in esas2r_nvram_read_direct()
    - scsi: qla4xxx: fix double free bug
    - scsi: bnx2i: fix potential use after free
    - scsi: target: core: Fix a pr_debug() argument
    - scsi: core: scsi_trace: Use get_unaligned_be*()
    - perf probe: Fix wrong address verification
    - regulator: ab8500: Remove SYSCLKREQ from enum ab8505_regulator_id
    - Linux 4.4.211
  * Xenial update: 4.4.210 upstream stable release (LP: #1859865)
    - chardev: Avoid potential use-after-free in 'chrdev_open()'
    - usb: chipidea: host: Disable port power only if previously enabled
    - ALSA: usb-audio: Apply the sample rate quirk for Bose Companion 5
    - kernel/trace: Fix do not unregister tracepoints when register
      sched_migrate_task fail
    - tracing: Have stack tracer compile when MCOUNT_INSN_SIZE is not defined
    - HID: Fix slab-out-of-bounds read in hid_field_extract
    - HID: uhid: Fix returning EPOLLOUT from uhid_char_poll
    - HID: hid-input: clear unmapped usages
    - Input: add safety guards to input_set_keycode()
    - drm/dp_mst: correct the shifting in DP_REMOTE_I2C_READ
    - can: gs_usb: gs_usb_probe(): use descriptors of current altsetting
    - can: mscan: mscan_rx_poll(): fix rx path lockup when returning from polling
      to irq mode
    - can: can_dropped_invalid_skb(): ensure an initialized headroom in outgoing
      CAN sk_buffs
    - staging: vt6656: set usb_set_intfdata on driver fail.
    - USB: serial: option: add ZLP support for 0x1bc7/0x9010
    - usb: musb: Disable pullup at init
    - usb: musb: dma: Correct parameter passed to IRQ handler
    - staging: rtl8188eu: Add device code for TP-Link TL-WN727N v5.21
    - tty: lin