This bug was fixed in the package linux-gcp - 4.15.0-1001.1 --------------- linux-gcp (4.15.0-1001.1) bionic; urgency=medium
* linux-gcp: 4.15.0-1001.1 -proposed tracker (LP: #1752101) * linux xenial derivatives fail to build (LP: #1691814) // Prepare linux-gcp for bionic (LP: #1752069) - [Packaging] Set do_tools_common in common vars * Prepare linux-gcp for bionic (LP: #1752069) - linux-gcp: Update base kernel version - [Config] linux-gcp: Reset config annotations to master - [Config] linux-gcp: Add annotations overlay - [Config] linux-gcp: updateconfigs after rebase to Ubuntu-4.15.0-10.11 - Ubuntu: linux-gcp: Revert build_arch=x86 - [Packaging] linux-gcp: Update Vcs-Git for bionic * CVE-2017-5715 (Spectre v2 retpoline) - [Config] linux-gcp: disable retpoline checks for first upload * [Packaging] Allow overlay of config annotations (LP: #1752072) - [Packaging] config-check: allow overlay annotations files [ Ubuntu: 4.15.0-10.11 ] * linux: 4.15.0-10.11 -proposed tracker (LP: #1749250) * "swiotlb: coherent allocation failed" dmesg spam with linux 4.15.0-9.10 (LP: #1749202) - swiotlb: suppress warning when __GFP_NOWARN is set - drm/ttm: specify DMA_ATTR_NO_WARN for huge page pools * linux-tools: perf incorrectly linking libbfd (LP: #1748922) - SAUCE: tools -- add ability to disable libbfd - [Packaging] correct disablement of libbfd * [Artful] Realtek ALC225: 2 secs noise when a headset plugged in (LP: #1744058) - ALSA: hda/realtek - update ALC225 depop optimize * [Artful] Support headset mode for DELL WYSE (LP: #1723913) - SAUCE: ALSA: hda/realtek - Add support headset mode for DELL WYSE * headset mic can't be detected on two Dell machines (LP: #1748807) - ALSA: hda/realtek - Support headset mode for ALC215/ALC285/ALC289 - ALSA: hda - Fix headset mic detection problem for two Dell machines * Bionic update to v4.15.3 stable release (LP: #1749191) - ip6mr: fix stale iterator - net: igmp: add a missing rcu locking section - qlcnic: fix deadlock bug - qmi_wwan: Add support for Quectel EP06 - r8169: fix RTL8168EP take too long to complete driver initialization. - tcp: release sk_frag.page in tcp_disconnect - vhost_net: stop device during reset owner - ipv6: addrconf: break critical section in addrconf_verify_rtnl() - ipv6: change route cache aging logic - Revert "defer call to mem_cgroup_sk_alloc()" - net: ipv6: send unsolicited NA after DAD - rocker: fix possible null pointer dereference in rocker_router_fib_event_work - tcp_bbr: fix pacing_gain to always be unity when using lt_bw - cls_u32: add missing RCU annotation. - ipv6: Fix SO_REUSEPORT UDP socket with implicit sk_ipv6only - soreuseport: fix mem leak in reuseport_add_sock() - net_sched: get rid of rcu_barrier() in tcf_block_put_ext() - net: sched: fix use-after-free in tcf_block_put_ext - media: mtk-vcodec: add missing MODULE_LICENSE/DESCRIPTION - media: soc_camera: soc_scale_crop: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE - media: tegra-cec: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE - gpio: uniphier: fix mismatch between license text and MODULE_LICENSE - crypto: tcrypt - fix S/G table for test_aead_speed() - Linux 4.15.3 * bnx2x_attn_int_deasserted3:4323 MC assert! (LP: #1715519) // CVE-2018-1000026 - net: create skb_gso_validate_mac_len() - bnx2x: disable GSO where gso_size is too big for hardware * ethtool -p fails to light NIC LED on HiSilicon D05 systems (LP: #1748567) - net: hns: add ACPI mode support for ethtool -p * CVE-2017-5715 (Spectre v2 Intel) - [Packaging] retpoline files must be sorted - [Packaging] pull in retpoline files * [Feature] PXE boot with Intel Omni-Path (LP: #1712031) - d-i: Add hfi1 to nic-modules * CVE-2017-5715 (Spectre v2 retpoline) - [Packaging] retpoline -- add call site validation - [Config] disable retpoline checks for first upload * Do not duplicate changelog entries assigned to more than one bug or CVE (LP: #1743383) - [Packaging] git-ubuntu-log -- handle multiple bugs/cves better [ Ubuntu: 4.15.0-9.10 ] * linux: 4.15.0-9.10 -proposed tracker (LP: #1748244) * Miscellaneous Ubuntu changes - [Debian] tests -- remove gcc-multilib dependency for arm64 [ Ubuntu: 4.15.0-8.9 ] * linux: 4.15.0-8.9 -proposed tracker (LP: #1748075) * Bionic update to v4.15.2 stable release (LP: #1748072) - KVM: x86: Make indirect calls in emulator speculation safe - KVM: VMX: Make indirect call speculation safe - module/retpoline: Warn about missing retpoline in module - x86/cpufeatures: Add CPUID_7_EDX CPUID leaf - x86/cpufeatures: Add Intel feature bits for Speculation Control - x86/cpufeatures: Add AMD feature bits for Speculation Control - x86/msr: Add definitions for new speculation control MSRs - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes - x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support - x86/alternative: Print unadorned pointers - x86/nospec: Fix header guards names - x86/bugs: Drop one "mitigation" from dmesg - x86/cpu/bugs: Make retpoline module warning conditional - x86/cpufeatures: Clean up Spectre v2 related CPUID flags - x86/retpoline: Simplify vmexit_fill_RSB() - x86/speculation: Simplify indirect_branch_prediction_barrier() - auxdisplay: img-ascii-lcd: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE - iio: adc/accel: Fix up module licenses - pinctrl: pxa: pxa2xx: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE - ASoC: pcm512x: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE - KVM: nVMX: Eliminate vmcs02 pool - KVM: VMX: introduce alloc_loaded_vmcs - objtool: Improve retpoline alternative handling - objtool: Add support for alternatives at the end of a section - objtool: Warn on stripped section symbol - x86/mm: Fix overlap of i386 CPU_ENTRY_AREA with FIX_BTMAP - x86/spectre: Check CONFIG_RETPOLINE in command line parser - x86/entry/64: Remove the SYSCALL64 fast path - x86/entry/64: Push extra regs right away - x86/asm: Move 'status' from thread_struct to thread_info - Documentation: Document array_index_nospec - array_index_nospec: Sanitize speculative array de-references - x86: Implement array_index_mask_nospec - x86: Introduce barrier_nospec - x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec - x86/usercopy: Replace open coded stac/clac with __uaccess_{begin, end} - x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec - x86/get_user: Use pointer masking to limit speculation - x86/syscall: Sanitize syscall table de-references under speculation - vfs, fdtable: Prevent bounds-check bypass via speculative execution - nl80211: Sanitize array index in parse_txq_params - x86/spectre: Report get_user mitigation for spectre_v1 - x86/spectre: Fix spelling mistake: "vunerable"-> "vulnerable" - x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel - x86/speculation: Use Indirect Branch Prediction Barrier in context switch - x86/paravirt: Remove 'noreplace-paravirt' cmdline option - KVM: VMX: make MSR bitmaps per-VCPU - x86/kvm: Update spectre-v1 mitigation - x86/retpoline: Avoid retpolines for built-in __init functions - x86/spectre: Simplify spectre_v2 command line parsing - x86/pti: Mark constant arrays as __initconst - x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL - KVM/x86: Update the reverse_cpuid list to include CPUID_7_EDX - KVM/x86: Add IBPB support - KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES - KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL - KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL - serial: core: mark port as initialized after successful IRQ change - fpga: region: release of_parse_phandle nodes after use - Linux 4.15.2 * Add support for the NIC on SynQuacer E-Series boards (LP: #1747792) - net: phy: core: remove now uneeded disabling of interrupts - [Config] CONFIG_NET_VENDOR_SOCIONEXT=y & CONFIG_SNI_NETSEC=m - net: socionext: Add Synquacer NetSec driver - net: socionext: include linux/io.h to fix build - net: socionext: Fix error return code in netsec_netdev_open() * [Artful/Bionic] [Config] enable EDAC_GHES for ARM64 (LP: #1747746) - [Config] CONFIG_EDAC_GHES=y * support thunderx2 vendor pmu events (LP: #1747523) - perf pmu: Pass pmu as a parameter to get_cpuid_str() - perf tools arm64: Add support for get_cpuid_str function. - perf pmu: Add helper function is_pmu_core to detect PMU CORE devices - perf vendor events arm64: Add ThunderX2 implementation defined pmu core events - perf pmu: Add check for valid cpuid in perf_pmu__find_map() * linux 4.14.0-7.9 ADT test failure with linux 4.14.0-7.9 (LP: #1732463) - SAUCE: mm: disable vma based swap readahead by default - SAUCE: mm: fix memory hotplug in ZONE_HIGHMEM * Miscellaneous Ubuntu changes - [Config] Fix CONFIG_PROFILE_ALL_BRANCHES annotations [ Ubuntu: 4.15.0-7.8 ] * Bionic update to v4.15.1 stable release (LP: #1747169) - Bluetooth: hci_serdev: Init hci_uart proto_lock to avoid oops - tools/gpio: Fix build error with musl libc - gpio: stmpe: i2c transfer are forbiden in atomic context - gpio: Fix kernel stack leak to userspace - ALSA: hda - Reduce the suspend time consumption for ALC256 - crypto: ecdh - fix typo in KPP dependency of CRYPTO_ECDH - crypto: aesni - handle zero length dst buffer - crypto: aesni - fix typo in generic_gcmaes_decrypt - crypto: aesni - add wrapper for generic gcm(aes) - crypto: aesni - Fix out-of-bounds access of the data buffer in generic-gcm- aesni - crypto: aesni - Fix out-of-bounds access of the AAD buffer in generic-gcm- aesni - crypto: inside-secure - fix hash when length is a multiple of a block - crypto: inside-secure - avoid unmapping DMA memory that was not mapped - crypto: sha3-generic - fixes for alignment and big endian operation - crypto: af_alg - whitelist mask and type - HID: wacom: EKR: ensure devres groups at higher indexes are released - HID: wacom: Fix reporting of touch toggle (WACOM_HID_WD_MUTE_DEVICE) events - power: reset: zx-reboot: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE - gpio: iop: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE - gpio: ath79: add missing MODULE_DESCRIPTION/LICENSE - mtd: nand: denali_pci: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE - igb: Free IRQs when device is hotplugged - ima/policy: fix parsing of fsuuid - scsi: aacraid: Fix udev inquiry race condition - scsi: aacraid: Fix hang in kdump - scsi: storvsc: missing error code in storvsc_probe() - staging: lustre: separate a connection destroy from free struct kib_conn - staging: ccree: NULLify backup_info when unused - staging: ccree: fix fips event irq handling build - tty: fix data race between tty_init_dev and flush of buf - usb: option: Add support for FS040U modem - USB: serial: pl2303: new device id for Chilitag - USB: cdc-acm: Do not log urb submission errors on disconnect - CDC-ACM: apply quirk for card reader - USB: serial: io_edgeport: fix possible sleep-in-atomic - usbip: prevent bind loops on devices attached to vhci_hcd - usbip: list: don't list devices attached to vhci_hcd - USB: serial: simple: add Motorola Tetra driver - usb: f_fs: Prevent gadget unbind if it is already unbound - usb: uas: unconditionally bring back host after reset - usb/gadget: Fix "high bandwidth" check in usb_gadget_ep_match_desc() - ANDROID: binder: remove waitqueue when thread exits. - android: binder: use VM_ALLOC to get vm area - mei: me: allow runtime pm for platform with D0i3 - serial: 8250_of: fix return code when probe function fails to get reset - serial: 8250_uniphier: fix error return code in uniphier_uart_probe() - serial: 8250_dw: Revert "Improve clock rate setting" - serial: imx: Only wakeup via RTSDEN bit if the system has RTS/CTS - spi: imx: do not access registers while clocks disabled - iio: adc: stm32: fix scan of multiple channels with DMA - iio: chemical: ccs811: Fix output of IIO_CONCENTRATION channels - test_firmware: fix missing unlock on error in config_num_requests_store() - Input: synaptics-rmi4 - unmask F03 interrupts when port is opened - Input: synaptics-rmi4 - do not delete interrupt memory too early - x86/efi: Clarify that reset attack mitigation needs appropriate userspace - Linux 4.15.1 * Dell XPS 13 9360 bluetooth (Atheros) won't connect after resume (LP: #1744712) - Revert "Bluetooth: btusb: fix QCA Rome suspend/resume" - Bluetooth: btusb: Restore QCA Rome suspend/resume fix with a "rewritten" version * apparmor profile load in stacked policy container fails (LP: #1746463) - SAUCE: apparmor: fix display of .ns_name for containers [ Ubuntu: 4.15.0-6.7 ] * upload urgency should be medium by default (LP: #1745338) - [Packaging] update urgency to medium by default * Shutdown hang on 16.04 with iscsi targets (LP: #1569925) - scsi: libiscsi: Allow sd_shutdown on bad transport * Miscellaneous Ubuntu changes - SAUCE: (noup) Update spl to 0.7.5-1ubuntu1, zfs to 0.7.5-1ubuntu1 - Revert "UBUNTU: SAUCE: mm: fix memory hotplug in ZONE_HIGHMEM" - Revert "UBUNTU: SAUCE: mm: disable vma based swap readahead by default" * Rebase to v4.15 [ Ubuntu: 4.15.0-5.6 ] * $(LOCAL_ENV_CC) and $(LOCAL_ENV_DISTCC_HOSTS) should be properly quoted (LP: #1744077) - [Debian] pass LOCAL_ENV_CC and LOCAL_ENV_DISTCC_HOSTS properly * Missing install-time driver for QLogic QED 25/40/100Gb Ethernet NIC (LP: #1743638) - [d-i] Add qede to nic-modules udeb * boot failure on AMD Raven + WesternXT (LP: #1742759) - SAUCE: drm/amdgpu: add atpx quirk handling (v2) * Unable to handle kernel NULL pointer dereference at isci_task_abort_task (LP: #1726519) - SAUCE: Revert "scsi: libsas: allow async aborts" * Update Ubuntu-4.15.0 config to support Intel Atom devices (LP: #1739939) - [Config] CONFIG_SERIAL_DEV_BUS=y, CONFIG_SERIAL_DEV_CTRL_TTYPORT=y * Miscellaneous Ubuntu changes - Rebase to v4.15-rc7 - [Config] CONFIG_CPU_ISOLATION=y - [Config] Update annotations following config review - Revert "UBUNTU: SAUCE: Import aufs driver" - SAUCE: Import aufs driver - ubuntu: vbox -- update to 5.2.6-dfsg-1 - ubuntu: vbox: build fixes for 4.15 - ubuntu: vbox -- update to 5.2.6-dfsg-2 - hio: updates for timer api changes in 4.15 - enable hio build - Rebase to v4.15-rc9 * Rebase to v4.15-rc9 [ Ubuntu: 4.15.0-4.5 ] * [0cf3:e010] QCA6174A XR failed to pair with bt 4.0 device (LP: #1741166) - SAUCE: Bluetooth: btusb: Add support for 0cf3:e010 * External HDMI monitor failed to show screen on Lenovo X1 series (LP: #1738523) - SAUCE: drm/i915: Disable writing of TMDS_OE on Lenovo ThinkPad X1 series * Miscellaneous Ubuntu changes - [Debian] autoreconstruct - add resoration of execute permissions * Rebase to v4.15-rc4 [ Ubuntu: 4.15.0-3.4 ] * ubuntu/xr-usb-serial didn't get built in zesty and artful (LP: #1733281) - SAUCE: make sure ubuntu/xr-usb-serial builds for x86 * Rebase to v4.15-rc6 [ Ubuntu: 4.15.0-2.3 ] * nvidia-graphics-drivers-384 384.90-0ubuntu6 ADT test failure with linux 4.15.0-1.2 (LP: #1737752) - x86/mm: Unbreak modules that use the DMA API * Ubuntu 17.10 corrupting BIOS - many LENOVO laptops models (LP: #1734147) - [Config] CONFIG_SPI_INTEL_SPI_*=n * power: commonise configs IBMVETH/IBMVSCSI and ensure both are in linux-image and udebs (LP: #1521712) - [Config] Include ibmvnic in nic-modules * Enable arm64 emulation of removed ARMv7 instructions (LP: #1545542) - [Config] Enable support for emulation of deprecated ARMv8 instructions * Miscellaneous Ubuntu changes - SAUCE: (noup) Update spl with 4.15 compat fix (LP:#1737761) - Enable zfs build - [Debian] add icp to zfs-modules.ignore * Rebase to v4.15-rc4 [ Ubuntu: 4.15.0-1.2 ] * Disabling zfs does not always disable module checks for the zfs modules (LP: #1737176) - [Packaging] disable zfs module checks when zfs is disabled * Miscellaneous Ubuntu changes - [Config] CONFIG_UNWINDER_FRAME_POINTER=y for amd64 * Rebase to v4.15-rc3 [ Ubuntu: 4.15.0-0.1 ] * Miscellaneous Ubuntu changes - ubuntu: vbox -- update to 5.2.2-dfsg-2 - ubuntu: vbox: build fixes for 4.15 - disable hio build - [Config] Update kernel lockdown options to fix build errors - Disable zfs build - SAUCE: Import aufs driver - [Config] Enable AUFS config options * Rebase to v4.15-rc2 [ Ubuntu: 4.14.0-11.13 ] * linux: 4.14.0-11.13 -proposed tracker (LP: #1736168) * CVE-2017-1000405 - mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d() * linux 4.14.0-7.9 ADT test failure with linux 4.14.0-7.9 (LP: #1732463) - SAUCE: mm: disable vma based swap readahead by default - SAUCE: mm: fix memory hotplug in ZONE_HIGHMEM * Bionic update to v4.14.3 stable release (LP: #1735843) - s390: fix transactional execution control register handling - s390/noexec: execute kexec datamover without DAT - s390/runtime instrumention: fix possible memory corruption - s390/guarded storage: fix possible memory corruption - s390/disassembler: add missing end marker for e7 table - s390/disassembler: increase show_code buffer size - ACPI / PM: Fix acpi_pm_notifier_lock vs flush_workqueue() deadlock - ACPI / EC: Fix regression related to triggering source of EC event handling - cpufreq: schedutil: Reset cached_raw_freq when not in sync with next_freq - serdev: fix registration of second slave - sched: Make resched_cpu() unconditional - lib/mpi: call cond_resched() from mpi_powm() loop - x86/boot: Fix boot failure when SMP MP-table is based at 0 - x86/decoder: Add new TEST instruction pattern - x86/entry/64: Fix entry_SYSCALL_64_after_hwframe() IRQ tracing - x86/entry/64: Add missing irqflags tracing to native_load_gs_index() - perf/x86/intel: Hide TSX events when RTM is not supported - arm64: Implement arch-specific pte_access_permitted() - ARM: 8722/1: mm: make STRICT_KERNEL_RWX effective for LPAE - ARM: 8721/1: mm: dump: check hardware RO bit for LPAE - uapi: fix linux/tls.h userspace compilation error - uapi: fix linux/rxrpc.h userspace compilation errors - MIPS: cmpxchg64() and HAVE_VIRT_CPU_ACCOUNTING_GEN don't work for 32-bit SMP - MIPS: ralink: Fix MT7628 pinmux - MIPS: ralink: Fix typo in mt7628 pinmux function - net: mvneta: fix handling of the Tx descriptor counter - nbd: wait uninterruptible for the dead timeout - nbd: don't start req until after the dead connection logic - PM / OPP: Add missing of_node_put(np) - PCI/ASPM: Account for downstream device's Port Common_Mode_Restore_Time - PCI/ASPM: Use correct capability pointer to program LTR_L1.2_THRESHOLD - PCI: hv: Use effective affinity mask - PCI: Set Cavium ACS capability quirk flags to assert RR/CR/SV/UF - PCI: Apply Cavium ThunderX ACS quirk to more Root Ports - ALSA: hda: Add Raven PCI ID - dm integrity: allow unaligned bv_offset - dm cache: fix race condition in the writeback mode overwrite_bio optimisation - dm crypt: allow unaligned bv_offset - dm zoned: ignore last smaller runt zone - dm mpath: remove annoying message of 'blk_get_request() returned -11' - dm bufio: fix integer overflow when limiting maximum cache size - ovl: Put upperdentry if ovl_check_origin() fails - dm: allocate struct mapped_device with kvzalloc - sched/rt: Simplify the IPI based RT balancing logic - MIPS: pci: Remove KERN_WARN instance inside the mt7620 driver - dm: fix race between dm_get_from_kobject() and __dm_destroy() - dm: discard support requires all targets in a table support discards - MIPS: Fix odd fp register warnings with MIPS64r2 - MIPS: Fix MIPS64 FP save/restore on 32-bit kernels - MIPS: dts: remove bogus bcm96358nb4ser.dtb from dtb-y entry - MIPS: Fix an n32 core file generation regset support regression - MIPS: BCM47XX: Fix LED inversion for WRT54GSv1 - MIPS: math-emu: Fix final emulation phase for certain instructions - rt2x00usb: mark device removed when get ENOENT usb error - mm/z3fold.c: use kref to prevent page free/compact race - autofs: don't fail mount for transient error - nilfs2: fix race condition that causes file system corruption - fscrypt: lock mutex before checking for bounce page pool - eCryptfs: use after free in ecryptfs_release_messaging() - libceph: don't WARN() if user tries to add invalid key - bcache: check ca->alloc_thread initialized before wake up it - fs: guard_bio_eod() needs to consider partitions - fanotify: fix fsnotify_prepare_user_wait() failure - isofs: fix timestamps beyond 2027 - btrfs: change how we decide to commit transactions during flushing - f2fs: expose some sectors to user in inline data or dentry case - NFS: Fix typo in nomigration mount option - NFS: Revert "NFS: Move the flock open mode check into nfs_flock()" - nfs: Fix ugly referral attributes - NFS: Avoid RCU usage in tracepoints - NFS: revalidate "." etc correctly on "open". - nfsd: deal with revoked delegations appropriately - rtlwifi: rtl8192ee: Fix memory leak when loading firmware - rtlwifi: fix uninitialized rtlhal->last_suspend_sec time - iwlwifi: fix firmware names for 9000 and A000 series hw - md: fix deadlock error in recent patch. - md: don't check MD_SB_CHANGE_CLEAN in md_allow_write - Bluetooth: btqcomsmd: Add support for BD address setup - md/bitmap: revert a patch - fsnotify: clean up fsnotify_prepare/finish_user_wait() - fsnotify: pin both inode and vfsmount mark - fsnotify: fix pinning group in fsnotify_prepare_user_wait() - ata: fixes kernel crash while tracing ata_eh_link_autopsy event - ext4: fix interaction between i_size, fallocate, and delalloc after a crash - ext4: prevent data corruption with inline data + DAX - ext4: prevent data corruption with journaling + DAX - ALSA: pcm: update tstamp only if audio_tstamp changed - ALSA: usb-audio: Add sanity checks to FE parser - ALSA: usb-audio: Fix potential out-of-bound access at parsing SU - ALSA: usb-audio: Add sanity checks in v2 clock parsers - ALSA: timer: Remove kernel warning at compat ioctl error paths - ALSA: hda/realtek - Fix ALC275 no sound issue - ALSA: hda: Fix too short HDMI/DP chmap reporting - ALSA: hda - Fix yet remaining issue with vmaster 0dB initialization - ALSA: hda/realtek - Fix ALC700 family no sound issue - ASoC: sun8i-codec: Invert Master / Slave condition - ASoC: sun8i-codec: Fix left and right channels inversion - ASoC: sun8i-codec: Set the BCLK divider - mfd: lpc_ich: Avoton/Rangeley uses SPI_BYT method - fix a page leak in vhost_scsi_iov_to_sgl() error recovery - 9p: Fix missing commas in mount options - fs/9p: Compare qid.path in v9fs_test_inode - net/9p: Switch to wait_event_killable() - scsi: qla2xxx: Suppress a kernel complaint in qla_init_base_qpair() - scsi: sd_zbc: Fix sd_zbc_read_zoned_characteristics() - scsi: lpfc: fix pci hot plug crash in timer management routines - scsi: lpfc: fix pci hot plug crash in list_add call - scsi: lpfc: Fix crash receiving ELS while detaching driver - scsi: lpfc: Fix FCP hba_wqidx assignment - scsi: lpfc: Fix oops if nvmet_fc_register_targetport fails - iscsi-target: Make TASK_REASSIGN use proper se_cmd->cmd_kref - iscsi-target: Fix non-immediate TMR reference leak - target: fix null pointer regression in core_tmr_drain_tmr_list - target: fix buffer offset in core_scsi3_pri_read_full_status - target: Fix QUEUE_FULL + SCSI task attribute handling - target: Fix caw_sem leak in transport_generic_request_failure - target: Fix quiese during transport_write_pending_qf endless loop - target: Avoid early CMD_T_PRE_EXECUTE failures during ABORT_TASK - mtd: Avoid probe failures when mtd->dbg.dfs_dir is invalid - mtd: nand: Export nand_reset() symbol - mtd: nand: atmel: Actually use the PM ops - mtd: nand: omap2: Fix subpage write - mtd: nand: Fix writing mtdoops to nand flash. - mtd: nand: mtk: fix infinite ECC decode IRQ issue - mailbox: bcm-flexrm-mailbox: Fix FlexRM ring flush sequence - p54: don't unregister leds when they are not initialized - block: Fix a race between blk_cleanup_queue() and timeout handling - raid1: prevent freeze_array/wait_all_barriers deadlock - genirq: Track whether the trigger type has been set - irqchip/gic-v3: Fix ppi-partitions lookup - lockd: double unregister of inetaddr notifiers - KVM: PPC: Book3S HV: Don't call real-mode XICS hypercall handlers if not enabled - KVM: nVMX: set IDTR and GDTR limits when loading L1 host state - KVM: SVM: obey guest PAT - kvm: vmx: Reinstate support for CPUs without virtual NMI - dax: fix PMD faults on zero-length files - dax: fix general protection fault in dax_alloc_inode - SUNRPC: Fix tracepoint storage issues with svc_recv and svc_rqst_status - clk: ti: dra7-atl-clock: fix child-node lookups - libnvdimm, dimm: clear 'locked' status on successful DIMM enable - libnvdimm, pfn: make 'resource' attribute only readable by root - libnvdimm, namespace: fix label initialization to use valid seq numbers - libnvdimm, region : make 'resource' attribute only readable by root - libnvdimm, namespace: make 'resource' attribute only readable by root - svcrdma: Preserve CB send buffer across retransmits - IB/srpt: Do not accept invalid initiator port names - IB/cm: Fix memory corruption in handling CM request - IB/hfi1: Fix incorrect available receive user context count - IB/srp: Avoid that a cable pull can trigger a kernel crash - IB/core: Avoid crash on pkey enforcement failed in received MADs - IB/core: Only maintain real QPs in the security lists - NFC: fix device-allocation error return - spi-nor: intel-spi: Fix broken software sequencing codes - i40e: Use smp_rmb rather than read_barrier_depends - igb: Use smp_rmb rather than read_barrier_depends - igbvf: Use smp_rmb rather than read_barrier_depends - ixgbevf: Use smp_rmb rather than read_barrier_depends - i40evf: Use smp_rmb rather than read_barrier_depends - fm10k: Use smp_rmb rather than read_barrier_depends - ixgbe: Fix skb list corruption on Power systems - parisc: Fix validity check of pointer size argument in new CAS implementation - powerpc: Fix boot on BOOK3S_32 with CONFIG_STRICT_KERNEL_RWX - powerpc/mm/radix: Fix crashes on Power9 DD1 with radix MMU and STRICT_RWX - powerpc/perf/imc: Use cpu_to_node() not topology_physical_package_id() - powerpc/signal: Properly handle return value from uprobe_deny_signal() - powerpc/64s: Fix masking of SRR1 bits on instruction fault - powerpc/64s/radix: Fix 128TB-512TB virtual address boundary case allocation - powerpc/64s/hash: Fix 512T hint detection to use >= 128T - powerpc/64s/hash: Fix 128TB-512TB virtual address boundary case allocation - powerpc/64s/hash: Fix fork() with 512TB process address space - powerpc/64s/hash: Allow MAP_FIXED allocations to cross 128TB boundary - media: Don't do DMA on stack for firmware upload in the AS102 driver - media: rc: check for integer overflow - media: rc: nec decoder should not send both repeat and keycode - cx231xx-cards: fix NULL-deref on missing association descriptor - media: v4l2-ctrl: Fix flags field on Control events - media: venus: fix wrong size on dma_free - media: venus: venc: fix bytesused v4l2_plane field - media: venus: reimplement decoder stop command - ARM64: dts: meson-gxl: Add alternate ARM Trusted Firmware reserved memory zone - iwlwifi: fix wrong struct for a000 device - iwlwifi: add a new a000 device - iwlwifi: pcie: sort IDs for the 9000 series for easier comparisons - iwlwifi: add new cards for a000 series - iwlwifi: add new cards for 8265 series - iwlwifi: add new cards for 8260 series - iwlwifi: fix PCI IDs and configuration mapping for 9000 series - iwlwifi: mvm: support version 7 of the SCAN_REQ_UMAC FW command - e1000e: Fix error path in link detection - e1000e: Fix return value test - e1000e: Separate signaling for link check/link up - e1000e: Avoid receiver overrun interrupt bursts - e1000e: fix buffer overrun while the I219 is processing DMA transactions - Linux 4.14.3 * Miscellaneous Ubuntu changes - SAUCE: s390/topology: don't inline cpu_to_node - SAUCE: (noup) Update spl to 0.7.3-1ubuntu1, zfs to 0.7.3-1ubuntu1 [ Ubuntu: 4.14.0-10.12 ] * linux: 4.14.0-10.12 -proposed tracker (LP: #1734901) * Miscellaneous Ubuntu changes - SAUCE: Enable the ACPI kernel debugger and acpidbg tool - [Packaging] Include arch/arm64/kernel/ftrace-mod.o in headers package [ Ubuntu: 4.14.0-9.11 ] * linux: 4.14.0-9.11 -proposed tracker (LP: #1734728) * Miscellaneous Ubuntu changes - Revert "UBUNTU: SAUCE: (noup) Update spl to 0.7.3-1ubuntu1, zfs to 0.7.3-1ubuntu1" [ Ubuntu: 4.14.0-8.10 ] * linux: 4.14.0-8.10 -proposed tracker (LP: #1734695) * Bionic update to v4.14.2 stable release (LP: #1734694) - bio: ensure __bio_clone_fast copies bi_partno - af_netlink: ensure that NLMSG_DONE never fails in dumps - vxlan: fix the issue that neigh proxy blocks all icmpv6 packets - net: cdc_ncm: GetNtbFormat endian fix - fealnx: Fix building error on MIPS - net/sctp: Always set scope_id in sctp_inet6_skb_msgname - ima: do not update security.ima if appraisal status is not INTEGRITY_PASS - serial: omap: Fix EFR write on RTS deassertion - serial: 8250_fintek: Fix finding base_port with activated SuperIO - tpm-dev-common: Reject too short writes - rcu: Fix up pending cbs check in rcu_prepare_for_idle - mm/pagewalk.c: report holes in hugetlb ranges - ocfs2: fix cluster hang after a node dies - ocfs2: should wait dio before inode lock in ocfs2_setattr() - ipmi: fix unsigned long underflow - mm/page_alloc.c: broken deferred calculation - mm/page_ext.c: check if page_ext is not prepared - coda: fix 'kernel memory exposure attempt' in fsync - ipmi: Prefer ACPI system interfaces over SMBIOS ones - Linux 4.14.2 * Bionic update to v4.14.1 stable release (LP: #1734693) - EDAC, sb_edac: Don't create a second memory controller if HA1 is not present - dmaengine: dmatest: warn user when dma test times out - media: imon: Fix null-ptr-deref in imon_probe - media: dib0700: fix invalid dvb_detach argument - crypto: dh - Fix double free of ctx->p - crypto: dh - Don't permit 'p' to be 0 - crypto: dh - Don't permit 'key' or 'g' size longer than 'p' - crypto: brcm - Explicity ACK mailbox message - USB: early: Use new USB product ID and strings for DbC device - USB: usbfs: compute urb->actual_length for isochronous - USB: Add delay-init quirk for Corsair K70 LUX keyboards - usb: gadget: f_fs: Fix use-after-free in ffs_free_inst - USB: serial: metro-usb: stop I/O after failed open - USB: serial: Change DbC debug device binding ID - USB: serial: qcserial: add pid/vid for Sierra Wireless EM7355 fw update - USB: serial: garmin_gps: fix I/O after failed probe and remove - USB: serial: garmin_gps: fix memory leak on probe errors - selftests/x86/protection_keys: Fix syscall NR redefinition warnings - x86/MCE/AMD: Always give panic severity for UC errors in kernel context - platform/x86: peaq-wmi: Add DMI check before binding to the WMI interface - platform/x86: peaq_wmi: Fix missing terminating entry for peaq_dmi_table - HID: cp2112: add HIDRAW dependency - HID: wacom: generic: Recognize WACOM_HID_WD_PEN as a type of pen collection - rpmsg: glink: Add missing MODULE_LICENSE - staging: wilc1000: Fix bssid buffer offset in Txq - staging: sm750fb: Fix parameter mistake in poke32 - staging: ccree: fix 64 bit scatter/gather DMA ops - staging: greybus: spilib: fix use-after-free after deregistration - staging: rtl8188eu: Revert 4 commits breaking ARP - spi: fix use-after-free at controller deregistration - sparc32: Add cmpxchg64(). - sparc64: mmu_context: Add missing include files - sparc64: Fix page table walk for PUD hugepages - Linux 4.14.1 * Set PANIC_TIMEOUT=10 on Power Systems (LP: #1730660) - [Config]: Set PANIC_TIMEOUT=10 on ppc64el * enable CONFIG_SND_SOC_INTEL_BYT_CHT_NOCODEC_MACH easily confuse users (LP: #1732627) - [Config] CONFIG_SND_SOC_INTEL_BYT_CHT_NOCODEC_MACH=n * Miscellaneous Ubuntu changes - SAUCE: (noup) Update spl to 0.7.3-1ubuntu1, zfs to 0.7.3-1ubuntu1 [ Ubuntu: 4.14.0-7.9 ] * Miscellaneous Ubuntu changes - SAUCE: apparmor: add base infastructure for socket mediation - SAUCE: apparmor: af_unix mediation - SAUCE: LSM stacking: procfs: add smack subdir to attrs - SAUCE: LSM stacking: LSM: manage credential security blobs - SAUCE: LSM stacking: LSM: Manage file security blobs - SAUCE: LSM stacking: LSM: manage task security blobs - SAUCE: LSM stacking: LSM: Infrastructure management of the remaining blobs - SAUCE: LSM stacking: LSM: general but not extreme module stacking - SAUCE: LSM stacking: LSM: Complete task_alloc hook - SAUCE: LSM stacking: fixup procsfs: add smack subdir to attrs - SAUCE: LSM stacking: fixup initialize task->security - SAUCE: LSM stacking: fixup: alloc_task_ctx is dead code - SAUCE: LSM stacking: add support for stacking getpeersec_stream - SAUCE: LSM stacking: add stacking support to apparmor network hooks - SAUCE: LSM stacking: fixup apparmor stacking enablement - SAUCE: LSM stacking: fixup stacking kconfig - SAUCE: LSM stacking: allow selecting multiple LSMs using kernel boot params - SAUCE: LSM stacking: provide prctl interface for setting context - SAUCE: LSM stacking: inherit current display LSM - SAUCE: LSM stacking: keep an index for each registered LSM - SAUCE: LSM stacking: verify display LSM - SAUCE: LSM stacking: provide a way to specify the default display lsm - SAUCE: LSM stacking: make sure LSM blob align on 64 bit boundaries - SAUCE: LSM stacking: add /proc/<pid>/attr/display_lsm - SAUCE: LSM stacking: add Kconfig to set default display LSM - SAUCE: LSM stacking: add configs for LSM stacking - SAUCE: LSM stacking: check for invalid zero sized writes - [Config] Run updateconfigs after merging LSM stacking - [Config] CONFIG_AMD_MEM_ENCRYPT=y * Rebase to v4.14 [ Ubuntu: 4.14.0-6.8 ] * Miscellaneous Ubuntu changes - SAUCE: add workarounds to enable ZFS for 4.14 * Rebase to v4.14-rc8 [ Ubuntu: 4.14.0-5.7 ] * Miscellaneous Ubuntu changes - [Debian] Fix invocation of dh_prep for dbgsym packages [ Ubuntu: 4.14.0-4.5 ] * Miscellaneous Ubuntu changes - [Packaging] virtualbox -- reduce in kernel module versions - vbox-update: Fix up KERN_DIR definitions - ubuntu: vbox -- update to 5.2.0-dfsg-2 - [Config] CONFIG_AMD_MEM_ENCRYPT=n * Rebase to v4.14-rc7 [ Ubuntu: 4.14.0-3.4 ] * Touchpad and TrackPoint Dose Not Work on Lenovo X1C6 and X280 (LP: #1723986) - SAUCE: Input: synaptics-rmi4 - RMI4 can also use SMBUS version 3 - SAUCE: Input: synaptics - Lenovo X1 Carbon 5 should use SMBUS/RMI - SAUCE: Input: synaptics - add Intertouch support on X1 Carbon 6th and X280 * powerpc/64s: Add workaround for P9 vector CI load issuenext (LP: #1721070) - powerpc/64s: Add workaround for P9 vector CI load issue * Miscellaneous Ubuntu changes - SAUCE: staging: vboxvideo: Fix reporting invalid suggested-offset-properties - [Config] CONFIG_DRM_VBOXVIDEO=m - SAUCE: Import aufs driver - [Config] Enable aufs - [Config] Reorder annotations file after enabling aufs - vbox-update: Disable imported vboxvideo module - ubuntu: vbox -- update to 5.1.30-dfsg-1 - Enable vbox - hio: Use correct sizes when initializing ssd_index_bits* arrays - hio: Update io stat accounting for 4.14 - Enable hio * Rebase to v4.14-rc5 * Rebase to v4.14-rc6 [ Ubuntu: 4.14.0-2.3 ] * [Bug] USB controller failed to respond on Denverton after loading intel_th_pci module (LP: #1715833) - SAUCE: PCI: Disable broken RTIT_BAR of Intel TH * CONFIG_DEBUG_FS is not enabled by "make zfcpdump_defconfig" with Ubuntu 17.10 (kernel 4.13) (LP: #1719290) - SAUCE: s390: update zfcpdump_defconfig * Add installer support for Broadcom BCM573xx network drivers. (LP: #1720466) - d-i: Add bnxt_en to nic-modules. * Miscellaneous Ubuntu changes - [Config] Update annotations for 4.14-rc2 * Rebase to v4.14-rc3 * Rebase to v4.14-rc4 [ Ubuntu: 4.14.0-1.2 ] * [Bug] USB 3.1 Gen2 works as 5Gbps (LP: #1720045) - xhci: set missing SuperSpeedPlus Link Protocol bit in roothub descriptor * Please make linux-libc-dev Provide: aufs-dev (LP: #1716091) - [Packaging] Add aufs-dev to the Provides: for linux-libc-dev * Upgrade to 4.13.0-11.12 in artful amd64 VM breaks display on wayland (LP: #1718679) - [Config] CONFIG_DRM_VBOXVIDEO=n * ipmmu-vmsa driver breaks arm64 boots (LP: #1718734) - [Config] Disable CONFIG_IPMMU_VMSA on arm64 * autopkgtest profile fails to build on armhf (LP: #1717920) - [Packaging] autopkgtest -- disable d-i when dropping flavours * Miscellaneous Ubuntu changes - [Config] CONFIG_I2C_XLP9XX=m - [Packaging] Use SRCPKGNAME rather than hard-coding the source package name * Rebase to v4.14-rc2 [ Ubuntu: 4.14.0-0.1 ] * Miscellaneous Ubuntu changes - Disable vbox build - Disable hio build - Disable zfs build * Rebase to v4.14-rc1 -- Marcelo Henrique Cerri <marcelo.ce...@canonical.com> Tue, 27 Feb 2018 09:47:24 -0300 ** Changed in: linux-gcp (Ubuntu Bionic) Status: Invalid => Fix Released ** CVE added: https://cve.mitre.org/cgi- bin/cvename.cgi?name=2017-1000405 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5715 ** CVE added: https://cve.mitre.org/cgi- bin/cvename.cgi?name=2018-1000026 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1746463 Title: apparmor profile load in stacked policy container fails Status in snapd: Triaged Status in apparmor package in Ubuntu: Confirmed Status in linux package in Ubuntu: Confirmed Status in linux-gcp package in Ubuntu: Fix Released Status in apparmor source package in Xenial: Won't Fix Status in linux source package in Xenial: Invalid Status in linux-gcp source package in Xenial: Confirmed Status in apparmor source package in Artful: Fix Committed Status in linux source package in Artful: Confirmed Status in linux-gcp source package in Artful: Invalid Status in apparmor source package in Bionic: Confirmed Status in linux source package in Bionic: Confirmed Status in linux-gcp source package in Bionic: Fix Released Bug description: LXD containers on an artful or bionic host with aa namespaces, should be able to load the lxc policies. However /lib/apparmor/profile-load skips that part when running in a container. aa-status shows 0 policies /lib/apparmor/profile-load is failing due to is_container_with_internal_policy() failing due to /sys/kernel/security/apparmor/.ns_name being empty which causes if [ "${ns_name#lxd-*}" = "$ns_name" ] && \ [ "${ns_name#lxc-*}" = "$ns_name" ]; then return 1 fi to fail To manage notifications about this bug go to: https://bugs.launchpad.net/snapd/+bug/1746463/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp