linux-azure (4.13.0-1014.17) xenial; urgency=medium

  * linux-azure: 4.13.0-1014.17 -proposed tracker (LP: #1761459)

  * retpoline hints: primary infrastructure and initial hints (LP: #1758856)
    - [Config] retpoline -- switch to new format

  * [Hyper-V] PCI: hv: Fix 2 hang issues in hv_compose_msi_msg (LP: #1758378)
    - SAUCE: PCI: hv: Serialize the present and eject work items
    - SAUCE: PCI: hv: Fix 2 hang issues in hv_compose_msi_msg()
    - SAUCE: PCI: hv: Fix a comment typo in _hv_pcifront_read_config()
    - SAUCE: PCI: hv: Remove the bogus test in hv_eject_device_work()
    - SAUCE: PCI: hv: Only queue new work items in hv_pci_devices_present() if
      necessary

  [ Ubuntu: 4.13.0-39.44 ]

  * linux: 4.13.0-39.44 -proposed tracker (LP: #1761456)
  * intel-microcode 3.20180312.0 causes lockup at login screen(w/ linux-
    image-4.13.0-37-generic) (LP: #1759920) // CVE-2017-5715 (Spectre v2
    Intel) // CVE-2017-5754
    - x86/mm: Reinitialize TLB state on hotplug and resume
  * intel-microcode 3.20180312.0 causes lockup at login screen(w/ linux-
    image-4.13.0-37-generic) (LP: #1759920) // CVE-2017-5715 (Spectre v2 Intel)
    - Revert "x86/mm: Only set IBPB when the new thread cannot ptrace current
      thread"
    - x86/speculation: Use Indirect Branch Prediction Barrier in context switch
  * DKMS driver builds fail with: Cannot use CONFIG_STACK_VALIDATION=y, please
    install libelf-dev, libelf-devel or elfutils-libelf-devel (LP: #1760876)
    - [Packaging] include the retpoline extractor in the headers
  * retpoline hints: primary infrastructure and initial hints (LP: #1758856)
    - [Packaging] retpoline-extract: flag *0xNNN(%reg) branches
    - x86/speculation, objtool: Annotate indirect calls/jumps for objtool
    - x86/speculation, objtool: Annotate indirect calls/jumps for objtool on 
32bit
    - x86/paravirt, objtool: Annotate indirect calls
    - [Packaging] retpoline -- add safe usage hint support
    - [Packaging] retpoline-check -- only report additions
    - [Packaging] retpoline -- widen indirect call/jmp detection
    - [Packaging] retpoline -- elide %rip relative indirections
    - [Packaging] retpoline -- clear hint information from packages
    - KVM: x86: Make indirect calls in emulator speculation safe
    - KVM: VMX: Make indirect call speculation safe
    - x86/boot, objtool: Annotate indirect jump in secondary_startup_64()
    - SAUCE: early/late -- annotate indirect calls in early/late initialisation
      code
    - SAUCE: vga_set_mode -- avoid jump tables
    - [Config] retpoline -- switch to new format
    - [Packaging] retpoline hints -- handle missing files when RETPOLINE not
      enabled
    - [Packaging] final-checks -- remove check for empty retpoline files
  * retpoline: ignore %cs:0xNNN constant indirections (LP: #1752655)
    - [Packaging] retpoline -- elide %cs:0xNNNN constants on i386
  * zfs system process hung on container stop/delete (LP: #1754584)
    - SAUCE: Fix non-prefaulted page deadlock (LP: #1754584)
  * zfs-linux 0.6.5.11-1ubuntu5 ADT test failure with linux 4.15.0-1.2
    (LP: #1737761)
    - SAUCE: (noup) Update zfs to 0.6.5.11-1ubuntu3.2
  * AT_BASE_PLATFORM in AUXV is absent on kernels available on Ubuntu 17.10
    (LP: #1759312)
    - powerpc/64s: Fix NULL AT_BASE_PLATFORM when using DT CPU features
  * btrfs and tar sparse truncate archives (LP: #1757565)
    - Btrfs: move definition of the function btrfs_find_new_delalloc_bytes
    - Btrfs: fix reported number of inode blocks after buffered append writes
  * efifb broken on ThunderX-based Gigabyte nodes (LP: #1758375)
    - drivers/fbdev/efifb: Allow BAR to be moved instead of claiming it
  * Intel i40e PF reset due to incorrect MDD detection (continues...)
    (LP: #1723127)
    - i40e/i40evf: Account for frags split over multiple descriptors in check
      linearize
  * Fix an issue that when system in S3, USB keyboard can't wake up the system.
    (LP: #1759511)
    - ACPI / PM: Allow deeper wakeup power states with no _SxD nor _SxW
  * [8086:3e92] display becomes blank after S3 (LP: #1759188)
    - drm/i915: Apply Display WA #1183 on skl, kbl, and cfl
  * add audio kernel patches for Raven (LP: #1758364)
    - ALSA: hda: Add Raven PCI ID
    - ALSA: hda/realtek - Fix ALC700 family no sound issue
  * Cpu utilization showing system time for kvm guests (performance) (sysstat)
    (LP: #1755979)
    - KVM: PPC: Book3S HV: Fix guest time accounting with 
VIRT_CPU_ACCOUNTING_GEN
  * Kernel panic on a nfsroot system (LP: #1734327)
    - Revert "UBUNTU: SAUCE: LSM stacking: add stacking support to apparmor
      network hooks"
    - Revert "UBUNTU: SAUCE: LSM stacking: LSM: Infrastructure management of the
      remaining blobs"
  * can't record sound via front headset port on the Dell Precision 3630
    (LP: #1759088)
    - ALSA: hda/realtek - Fix Dell headset Mic can't record
  * speaker can't output sound anymore after system resumes from S3 on a lenovo
    machine with alc257 (LP: #1758829)
    - ALSA: hda/realtek - Fix speaker no sound after system resume
  * hda driver initialization takes too much time on the machine with coffeelake
    audio controller [8086:a348] (LP: #1758800)
    - ALSA: hda - Force polling mode on CFL for fixing codec communication
  * Let headset-mode initialization be called on Dell Precision 3930
    (LP: #1757584)
    - ALSA: hda/realtek - Add headset mode support for Dell laptop
  * ubuntu_zram_smoke test will cause soft lockup on Artful ThunderX ARM64
    (LP: #1755073)
    - SAUCE: crypto: thunderx_zip: Fix fallout from CONFIG_VMAP_STACK
  * [Hyper-V] include kvp fix for Avoid reading past allocated blocks from KVP
    file (LP: #1750349)
    - hv: kvp: Avoid reading past allocated blocks from KVP file
  * IMA policy parsing is broken in 4.13 (LP: #1755804)
    - ima/policy: fix parsing of fsuuid
  * external mic not work on Dell OptiPlex 7460 AIO (LP: #1755954)
    - ALSA: hda/realtek - Add headset mode support for Dell laptop
  * sbsa watchdog crashes thunderx2 system (LP: #1755595)
    - watchdog: sbsa: use 32-bit read for WCV
  * CVE-2018-8043
    - net: phy: mdio-bcm-unimac: fix potential NULL dereference in
      unimac_mdio_probe()

linux-azure (4.13.0-1013.16) xenial; urgency=medium

  * linux-azure: 4.13.0-1013.16 -proposed tracker (LP: #1755773)

  * ubuntu/xr-usb-serial didn't get built in zesty and artful (LP: #1733281)
    - ubuntu: Only build ubuntu/xr-usb-serial when USB is enabled

  [ Ubuntu: 4.13.0-38.43 ]

  * linux: 4.13.0-38.43 -proposed tracker (LP: #1755762)
  * Servers going OOM after updating kernel from 4.10 to 4.13 (LP: #1748408)
    - i40e: Fix memory leak related filter programming status
    - i40e: Add programming descriptors to cleaned_count
  * [SRU] Lenovo E41 Mic mute hotkey is not responding (LP: #1753347)
    - platform/x86: ideapad-laptop: Increase timeout to wait for EC answer
  * fails to dump with latest kpti fixes (LP: #1750021)
    - kdump: write correct address of mem_section into vmcoreinfo
  * headset mic can't be detected on two Dell machines (LP: #1748807)
    - ALSA: hda/realtek - Support headset mode for ALC215/ALC285/ALC289
    - ALSA: hda - Fix headset mic detection problem for two Dell machines
    - ALSA: hda - Fix a wrong FIXUP for alc289 on Dell machines
  * CIFS SMB2/SMB3 does not work for domain based DFS (LP: #1747572)
    - CIFS: make IPC a regular tcon
    - CIFS: use tcon_ipc instead of use_ipc parameter of SMB2_ioctl
    - CIFS: dump IPC tcon in debug proc file
  * i2c-thunderx: erroneous error message "unhandled state: 0" (LP: #1754076)
    - i2c: octeon: Prevent error message on bus error
  * hisi_sas: Add disk LED support (LP: #1752695)
    - scsi: hisi_sas: directly attached disk LED feature for v2 hw
  * EDAC, sb_edac: Backport 1 patch to Ubuntu 17.10 (Fix missing DIMM sysfs
    entries with KNL SNC2/SNC4 mode) (LP: #1743856)
    - EDAC, sb_edac: Fix missing DIMM sysfs entries with KNL SNC2/SNC4 mode
  * [regression] Colour banding and artefacts appear system-wide on an Asus
    Zenbook UX303LA with Intel HD 4400 graphics (LP: #1749420)
    - drm/edid: Add 6 bpc quirk for CPT panel in Asus UX303LA
  * DVB Card with SAA7146 chipset not working (LP: #1742316)
    - vmalloc: fix __GFP_HIGHMEM usage for vmalloc_32 on 32b systems
  * [Asus UX360UA] battery status in unity-panel is not changing when battery is
    being charged (LP: #1661876) // AC adapter status not detected on Asus
    ZenBook UX410UAK (LP: #1745032)
    - ACPI / battery: Add quirk for Asus UX360UA and UX410UAK
  * ASUS UX305LA - Battery state not detected correctly (LP: #1482390)
    - ACPI / battery: Add quirk for Asus GL502VSK and UX305LA
  * support thunderx2 vendor pmu events (LP: #1747523)
    - perf pmu: Extract function to get JSON alias map
    - perf pmu: Pass pmu as a parameter to get_cpuid_str()
    - perf tools arm64: Add support for get_cpuid_str function.
    - perf pmu: Add helper function is_pmu_core to detect PMU CORE devices
    - perf vendor events arm64: Add ThunderX2 implementation defined pmu core
      events
    - perf pmu: Add check for valid cpuid in perf_pmu__find_map()
  * lpfc.ko module doesn't work (LP: #1746970)
    - scsi: lpfc: Fix loop mode target discovery
  * Ubuntu 17.10 crashes on vmalloc.c (LP: #1739498)
    - powerpc/mm/book3s64: Make KERN_IO_START a variable
    - powerpc/mm/slb: Move comment next to the code it's referring to
    - powerpc/mm/hash64: Make vmalloc 56T on hash
  * ethtool -p fails to light NIC LED on HiSilicon D05 systems (LP: #1748567)
    - net: hns: add ACPI mode support for ethtool -p
  * CVE-2017-17807
    - KEYS: add missing permission check for request_key() destination
  * [Artful SRU] Fix capsule update regression (LP: #1746019)
    - efi/capsule-loader: Reinstate virtual capsule mapping
  * [Artful/Bionic] [Config] enable EDAC_GHES for ARM64 (LP: #1747746)
    - Ubuntu: [Config] enable EDAC_GHES for ARM64
  * linux-tools: perf incorrectly linking libbfd (LP: #1748922)
    - SAUCE: tools -- add ability to disable libbfd
    - [Packaging] correct disablement of libbfd
  * Cherry pick c96f5471ce7d for delayacct fix (LP: #1747769)
    - delayacct: Account blkio completion on the correct task
  * Error in CPU frequency reporting when nominal and min pstates are same
    (cpufreq) (LP: #1746174)
    - cpufreq: powernv: Dont assume distinct pstate values for nominal and pmin
  * retpoline abi files are empty on i386 (LP: #1751021)
    - [Packaging] retpoline-extract -- instantiate retpoline files for i386
    - [Packaging] final-checks -- sanity checking ABI contents
    - [Packaging] final-checks -- check for empty retpoline files
  * [P9,Power NV][WSP][Ubuntu 1804] : "Kernel access of bad area " when grouping
    different pmu events using perf fuzzer . (perf:) (LP: #1746225)
    - powerpc/perf: Fix oops when grouping different pmu events
  * bnx2x_attn_int_deasserted3:4323 MC assert! (LP: #1715519) //
    CVE-2018-1000026
    - net: create skb_gso_validate_mac_len()
    - bnx2x: disable GSO where gso_size is too big for hardware
  * Ubuntu16.04.03: ISAv3 initialize MMU registers before setting partition
    table (LP: #1736145)
    - powerpc/64s: Initialize ISAv3 MMU registers before setting partition table
  * powerpc/powernv: Flush console before platform error reboot (LP: #1735159)
    - powerpc/powernv: Flush console before platform error reboot
  * Touchpad stops working after a few seconds in Lenovo ideapad 320
    (LP: #1732056)
    - pinctrl/amd: fix masking of GPIO interrupts
  * [Artful][Wyse 3040] System hang when trying to enable an offlined CPU core
    (LP: #1736393)
    - SAUCE: drm/i915:Don't set chip specific data
    - SAUCE: drm/i915: make previous commit affects Wyse 3040 only
  * ppc64el: Do not call ibm,os-term on panic (LP: #1736954)
    - powerpc: Do not call ppc_md.panic in fadump panic notifier
  * Artful update to 4.13.16 stable release (LP: #1744213)
    - tcp_nv: fix division by zero in tcpnv_acked()
    - net: vrf: correct FRA_L3MDEV encode type
    - tcp: do not mangle skb->cb[] in tcp_make_synack()
    - net: systemport: Correct IPG length settings
    - netfilter/ipvs: clear ipvs_property flag when SKB net namespace changed
    - l2tp: don't use l2tp_tunnel_find() in l2tp_ip and l2tp_ip6
    - bonding: discard lowest hash bit for 802.3ad layer3+4
    - net: cdc_ether: fix divide by 0 on bad descriptors
    - net: qmi_wwan: fix divide by 0 on bad descriptors
    - qmi_wwan: Add missing skb_reset_mac_header-call
    - net: usb: asix: fill null-ptr-deref in asix_suspend
    - tcp: gso: avoid refcount_t warning from tcp_gso_segment()
    - tcp: fix tcp_fastretrans_alert warning
    - vlan: fix a use-after-free in vlan_device_event()
    - net/mlx5: Cancel health poll before sending panic teardown command
    - net/mlx5e: Set page to null in case dma mapping fails
    - af_netlink: ensure that NLMSG_DONE never fails in dumps
    - vxlan: fix the issue that neigh proxy blocks all icmpv6 packets
    - net: cdc_ncm: GetNtbFormat endian fix
    - fealnx: Fix building error on MIPS
    - net/sctp: Always set scope_id in sctp_inet6_skb_msgname
    - ima: do not update security.ima if appraisal status is not INTEGRITY_PASS
    - serial: omap: Fix EFR write on RTS deassertion
    - serial: 8250_fintek: Fix finding base_port with activated SuperIO
    - tpm-dev-common: Reject too short writes
    - rcu: Fix up pending cbs check in rcu_prepare_for_idle
    - ocfs2: fix cluster hang after a node dies
    - ocfs2: should wait dio before inode lock in ocfs2_setattr()
    - ipmi: fix unsigned long underflow
    - mm/page_alloc.c: broken deferred calculation
    - mm/page_ext.c: check if page_ext is not prepared
    - x86/cpu/amd: Derive L3 shared_cpu_map from cpu_llc_shared_mask
    - coda: fix 'kernel memory exposure attempt' in fsync
    - Linux 4.13.16
  * Artful update to 4.13.15 stable release (LP: #1744212)
    - media: imon: Fix null-ptr-deref in imon_probe
    - media: dib0700: fix invalid dvb_detach argument
    - crypto: dh - Fix double free of ctx->p
    - crypto: dh - Don't permit 'p' to be 0
    - crypto: dh - Don't permit 'key' or 'g' size longer than 'p'
    - USB: early: Use new USB product ID and strings for DbC device
    - USB: usbfs: compute urb->actual_length for isochronous
    - USB: Add delay-init quirk for Corsair K70 LUX keyboards
    - usb: gadget: f_fs: Fix use-after-free in ffs_free_inst
    - USB: serial: metro-usb: stop I/O after failed open
    - USB: serial: Change DbC debug device binding ID
    - USB: serial: qcserial: add pid/vid for Sierra Wireless EM7355 fw update
    - USB: serial: garmin_gps: fix I/O after failed probe and remove
    - USB: serial: garmin_gps: fix memory leak on probe errors
    - x86/MCE/AMD: Always give panic severity for UC errors in kernel context
    - platform/x86: peaq-wmi: Add DMI check before binding to the WMI interface
    - platform/x86: peaq_wmi: Fix missing terminating entry for peaq_dmi_table
    - HID: cp2112: add HIDRAW dependency
    - HID: wacom: generic: Recognize WACOM_HID_WD_PEN as a type of pen 
collection
    - staging: wilc1000: Fix bssid buffer offset in Txq
    - staging: ccree: fix 64 bit scatter/gather DMA ops
    - staging: greybus: spilib: fix use-after-free after deregistration
    - staging: vboxvideo: Fix reporting invalid suggested-offset-properties
    - staging: rtl8188eu: Revert 4 commits breaking ARP
    - Linux 4.13.15
  * time drifting on linux-hwe kernels (LP: #1744988)
    - x86/tsc: Future-proof native_calibrate_tsc()
    - x86/tsc: Fix erroneous TSC rate on Skylake Xeon
    - x86/tsc: Print tsc_khz, when it differs from cpu_khz
  * Please backport vmd suspend/resume patches to 16.04 hwe (LP: #1745508)
    - PCI: vmd: Free up IRQs on suspend path
  * CVE-2017-17448
    - netfilter: nfnetlink_cthelper: Add missing permission checks
  * Dell XPS 13 9360 bluetooth (Atheros) won't connect after resume
    (LP: #1744712)
    - Bluetooth: btusb: Restore QCA Rome suspend/resume fix with a "rewritten"
      version
  * [SRU] TrackPoint: middle button doesn't work on TrackPoint-compatible
    device. (LP: #1746002)
    - Input: trackpoint - force 3 buttons if 0 button is reported
  * TB16 dock ethernet corrupts data with hw checksum silently failing
    (LP: #1729674)
    - r8152: disable RX aggregation on Dell TB16 dock
  * [Artful] Realtek ALC225: 2 secs noise when a headset plugged in
    (LP: #1744058)
    - Revert "UBUNTU: SAUCE: ALSA: hda/realtek - Add support headset mode for 
DELL
      WYSE"
    - SAUCE: ALSA: hda/realtek - Add support headset mode for DELL WYSE
    - ALSA: hda/realtek - update ALC225 depop optimize
  * [A] skb leak in vhost_net / tun / tap (LP: #1738975)
    - vhost: fix skb leak in handle_rx()
    - tap: free skb if flags error
    - tun: free skb in early errors
  * Commit d9018976cdb6 missing in Kernels <4.14.x preventing lasting fix of
    Intel SPI bug on certain serial flash (LP: #1742696)
    - mfd: lpc_ich: Do not touch SPI-NOR write protection bit on 
Haswell/Broadwell
    - spi-nor: intel-spi: Fix broken software sequencing codes
  * CVE-2018-5332
    - RDS: Heap OOB write in rds_message_alloc_sgs()
  * [A] KVM Windows BSOD on 4.13.x (LP: #1738972)
    - KVM: x86: fix APIC page invalidation
  * elantech touchpad of Lenovo L480/580 failed to detect hw_version
    (LP: #1733605)
    - Input: elantech - add new icbody type 15
  * [SRU] External HDMI monitor failed to show screen on Lenovo X1 series
    (LP: #1738523)
    - SAUCE: drm/i915: Disable writing of TMDS_OE on Lenovo ThinkPad X1 series
  * ubuntu/xr-usb-serial didn't get built in zesty and artful (LP: #1733281)
    - SAUCE: make sure ubuntu/xr-usb-serial builds for x86
  * Disabling zfs does not always disable module checks for the zfs modules
    (LP: #1737176)
    - [Packaging] disable zfs module checks when zfs is disabled
  * CVE-2017-17806
    - crypto: hmac - require that the underlying hash algorithm is unkeyed
  * CVE-2017-17805
    - crypto: salsa20 - fix blkcipher_walk API usage
  * CVE-2017-16994
    - mm/pagewalk.c: report holes in hugetlb ranges
  * CVE-2017-17450
    - netfilter: xt_osf: Add missing permission checks
  * apparmor profile load in stacked policy container fails (LP: #1746463)
    - SAUCE: apparmor: fix display of .ns_name for containers
  * CVE-2017-15129
    - net: Fix double free and memory corruption in get_net_ns_by_id()
  * CVE-2018-5344
    - loop: fix concurrent lo_open/lo_release
  * CVE-2017-1000407
    - KVM: VMX: remove I/O port 0x80 bypass on Intel hosts
  * CVE-2017-0861
    - ALSA: pcm: prevent UAF in snd_pcm_info
  * perf stat segfaults on uncore events w/o -a (LP: #1745246)
    - perf xyarray: Save max_x, max_y
    - perf evsel: Fix buffer overflow while freeing events
  * Support cppc-cpufreq driver on ThunderX2 systems (LP: #1745007)
    - mailbox: PCC: Move the MAX_PCC_SUBSPACES definition to header file
    - ACPI / CPPC: Make CPPC ACPI driver aware of PCC subspace IDs
    - ACPI / CPPC: Fix KASAN global out of bounds warning
    - ACPI: CPPC: remove initial assignment of pcc_ss_data
  * P-state not working in kernel 4.13 (LP: #1743269)
    - x86 / CPU: Avoid unnecessary IPIs in arch_freq_get_on_cpu()
    - x86 / CPU: Always show current CPU frequency in /proc/cpuinfo
  * Regression: KVM no longer supports Intel CPUs without Virtual NMI
    (LP: #1741655)
    - kvm: vmx: Reinstate support for CPUs without virtual NMI
  * System hang with Linux kernel due to mainline commit 24247aeeabe
    (LP: #1733662)
    - x86/intel_rdt/cqm: Prevent use after free
  * $(LOCAL_ENV_CC) and $(LOCAL_ENV_DISTCC_HOSTS) should be properly quoted
    (LP: #1744077)
    - [Debian] pass LOCAL_ENV_CC and LOCAL_ENV_DISTCC_HOSTS properly
  * the wifi driver is always hard blocked on a lenovo laptop (LP: #1743672)
    - ACPI: EC: Fix possible issues related to EC initialization order
  * text VTs are unavailable on desktop after upgrade to Ubuntu 17.10
    (LP: #1724911)
    - drm/i915/fbdev: Always forward hotplug events
  * Samsung SSD 960 EVO 500GB refused to change power state (LP: #1705748)
    - nvme-pci: disable APST on Samsung SSD 960 EVO + ASUS PRIME B350M-A
  * [0cf3:e010] QCA6174A XR failed to pair with bt 4.0 device  (LP: #1741166)
    - Bluetooth: btusb: Add support for 0cf3:e010
  * CVE-2017-17741
    - KVM: Fix stack-out-of-bounds read in write_mmio
  * CVE-2018-5333
    - RDS: null pointer dereference in rds_atomic_free_op
  * [800 G3 SFF] [800 G3 DM]External microphone of headset(3-ring) is working,
    2-ring mic not working, both not shown in sound settings  (LP: #1740974)
    - ALSA: hda - Add MIC_NO_PRESENCE fixup for 2 HP machines
  * Two front mics can't work on a lenovo machine (LP: #1740973)
    - ALSA: hda - change the location for one mic on a Lenovo machine
  * No external microphone be detected via headset jack on a dell machine
    (LP: #1740972)
    - ALSA: hda - fix headset mic detection issue on a Dell machine
  *  Can't detect external headset via line-out jack on some Dell machines
    (LP: #1740971)
    - ALSA: hda/realtek - Fix Dell AIO LineOut issue
  * Support realtek new codec alc257 in the alsa hda driver  (LP: #1738911)
    - ALSA: hda/realtek - New codec support for ALC257
  * Add support for 16g huge pages on Ubuntu 16.04.2 PowerNV (LP: #1706247)
    - powerpc/mm/hugetlb: Allow runtime allocation of 16G.
    - powerpc/mm/hugetlb: Add support for reserving gigantic huge pages via 
kernel
      command line
    - mm/hugetlb: Allow arch to override and call the weak function
  * the kernel is blackholing IPv6 packets to linkdown nexthops (LP: #1738219)
    - ipv6: Do not consider linkdown nexthops during multipath
  * e1000e in 4.4.0-97-generic breaks 82574L under heavy load. (LP: #1730550)
    - e1000e: Avoid receiver overrun interrupt bursts
    - e1000e: Separate signaling for link check/link up
  * Ubuntu 17.10: Include patch "crypto: vmx - Use skcipher for ctr fallback"
    (LP: #1732978)
    - crypto: vmx - Use skcipher for ctr fallback
  * QCA Rome bluetooth can not wakeup after USB runtime suspended.
    (LP: #1737890)
    - Bluetooth: btusb: driver to enable the usb-wakeup feature
  * /dev/bcache/by-uuid links not created after reboot (LP: #1729145)
    - SAUCE: (no-up) bcache: decouple emitting a cached_dev CHANGE uevent
  * Some VMs fail to reboot with "watchdog: BUG: soft lockup - CPU#0 stuck for
    22s! [systemd:1]" (LP: #1730717)
    - SAUCE: exec: fix lockup because retry loop may never exit
  * Request to backport cxlflash patches to 16.04 HWE Kernel (LP: #1730515)
    - scsi: cxlflash: Use derived maximum write same length
    - scsi: cxlflash: Allow cards without WWPN VPD to configure
    - scsi: cxlflash: Derive pid through accessors
  * vagrant artful64 box filesystem too small (LP: #1726818)
    - block: factor out __blkdev_issue_zero_pages()
    - block: cope with WRITE ZEROES failing in blkdev_issue_zeroout()
  * Artful update to 4.13.14 stable release (LP: #1744121)
    - ppp: fix race in ppp device destruction
    - gso: fix payload length when gso_size is zero
    - ipv4: Fix traffic triggered IPsec connections.
    - ipv6: Fix traffic triggered IPsec connections.
    - netlink: do not set cb_running if dump's start() errs
    - net: call cgroup_sk_alloc() earlier in sk_clone_lock()
    - macsec: fix memory leaks when skb_to_sgvec fails
    - l2tp: check ps->sock before running pppol2tp_session_ioctl()
    - netlink: fix netlink_ack() extack race
    - sctp: add the missing sock_owned_by_user check in sctp_icmp_redirect
    - tcp/dccp: fix ireq->opt races
    - packet: avoid panic in packet_getsockopt()
    - geneve: Fix function matching VNI and tunnel ID on big-endian
    - net: bridge: fix returning of vlan range op errors
    - soreuseport: fix initialization race
    - ipv6: flowlabel: do not leave opt->tot_len with garbage
    - sctp: full support for ipv6 ip_nonlocal_bind & IP_FREEBIND
    - tcp/dccp: fix lockdep splat in inet_csk_route_req()
    - tcp/dccp: fix other lockdep splats accessing ireq_opt
    - net: dsa: check master device before put
    - net/unix: don't show information about sockets from other namespaces
    - tap: double-free in error path in tap_open()
    - net/mlx5: Fix health work queue spin lock to IRQ safe
    - net/mlx5e: Properly deal with encap flows add/del under neigh update
    - ipip: only increase err_count for some certain type icmp in ipip_err
    - ip6_gre: only increase err_count for some certain type icmpv6 in 
ip6gre_err
    - ip6_gre: update dst pmtu if dev mtu has been updated by toobig in
      __gre6_xmit
    - tcp: refresh tp timestamp before tcp_mtu_probe()
    - tap: reference to KVA of an unloaded module causes kernel panic
    - sctp: reset owner sk for data chunks on out queues when migrating a sock
    - net_sched: avoid matching qdisc with zero handle
    - l2tp: hold tunnel in pppol2tp_connect()
    - ipv6: addrconf: increment ifp refcount before ipv6_del_addr()
    - tcp: fix tcp_mtu_probe() vs highest_sack
    - mac80211: accept key reinstall without changing anything
    - mac80211: use constant time comparison with keys
    - mac80211: don't compare TKIP TX MIC key in reinstall prevention
    - usb: usbtest: fix NULL pointer dereference
    - Input: ims-psu - check if CDC union descriptor is sane
    - EDAC, sb_edac: Don't create a second memory controller if HA1 is not 
present
    - dmaengine: dmatest: warn user when dma test times out
    - Linux 4.13.14

  [ Ubuntu: 4.13.0-37.42 ]

  * linux: 4.13.0-37.42 -proposed tracker (LP: #1751798)
  * CVE-2017-5715 // CVE-2017-5753 // CVE-2017-5754
    - arm64: Add ASM_BUG()
    - arm64: consistently use bl for C exception entry
    - arm64: move non-entry code out of .entry.text
    - arm64: unwind: avoid percpu indirection for irq stack
    - arm64: unwind: disregard frame.sp when validating frame pointer
    - arm64: mm: Fix set_memory_valid() declaration
    - arm64: Convert __inval_cache_range() to area-based
    - arm64: Expose DC CVAP to userspace
    - arm64: Handle trapped DC CVAP
    - arm64: Implement pmem API support
    - arm64: uaccess: Implement *_flushcache variants
    - arm64/vdso: Support mremap() for vDSO
    - arm64: unwind: reference pt_regs via embedded stack frame
    - arm64: unwind: remove sp from struct stackframe
    - arm64: uaccess: Add the uaccess_flushcache.c file
    - arm64: fix pmem interface definition
    - arm64: compat: Remove leftover variable declaration
    - fork: allow arch-override of VMAP stack alignment
    - arm64: kernel: remove {THREAD,IRQ_STACK}_START_SP
    - arm64: factor out PAGE_* and CONT_* definitions
    - arm64: clean up THREAD_* definitions
    - arm64: clean up irq stack definitions
    - arm64: move SEGMENT_ALIGN to <asm/memory.h>
    - efi/arm64: add EFI_KIMG_ALIGN
    - arm64: factor out entry stack manipulation
    - arm64: assembler: allow adr_this_cpu to use the stack pointer
    - arm64: use an irq stack pointer
    - arm64: add basic VMAP_STACK support
    - arm64: add on_accessible_stack()
    - arm64: add VMAP_STACK overflow detection
    - arm64: Convert pte handling from inline asm to using (cmp)xchg
    - kvm: arm64: Convert kvm_set_s2pte_readonly() from inline asm to cmpxchg()
    - arm64: Move PTE_RDONLY bit handling out of set_pte_at()
    - arm64: Ignore hardware dirty bit updates in ptep_set_wrprotect()
    - arm64: Remove the !CONFIG_ARM64_HW_AFDBM alternative code paths
    - arm64: introduce separated bits for mm_context_t flags
    - arm64: cleanup {COMPAT_,}SET_PERSONALITY() macro
    - KVM: arm/arm64: Fix guest external abort matching
    - KVM: arm/arm64: vgic: constify seq_operations and file_operations
    - KVM: arm/arm64: vITS: Drop its_ite->lpi field
    - KVM: arm/arm64: Extract GICv3 max APRn index calculation
    - KVM: arm/arm64: Support uaccess of GICC_APRn
    - arm64: Use larger stacks when KASAN is selected
    - arm64: Define cputype macros for Falkor CPU
    - arm64: SW PAN: Point saved ttbr0 at the zero page when switching to 
init_mm
    - arm64: SW PAN: Update saved ttbr0 value on enter_lazy_tlb
    - x86/syscalls: Check address limit on user-mode return
    - arm/syscalls: Check address limit on user-mode return
    - arm64/syscalls: Check address limit on user-mode return
    - Revert "arm/syscalls: Check address limit on user-mode return"
    - syscalls: Use CHECK_DATA_CORRUPTION for addr_limit_user_check
    - arm/syscalls: Optimize address limit check
    - arm64/syscalls: Move address limit check in loop
    - futex: Remove duplicated code and fix undefined behaviour
    - arm64: KVM: Fix SMCCC handling of unimplemented SMC/HVC calls
    - arm64: syscallno is secretly an int, make it official
    - arm64: move TASK_* definitions to <asm/processor.h>
    - arm64: mm: Use non-global mappings for kernel space
    - arm64: mm: Temporarily disable ARM64_SW_TTBR0_PAN
    - arm64: mm: Move ASID from TTBR0 to TTBR1
    - arm64: mm: Remove pre_ttbr0_update_workaround for Falkor erratum #E1003
    - arm64: mm: Rename post_ttbr0_update_workaround
    - arm64: mm: Fix and re-enable ARM64_SW_TTBR0_PAN
    - arm64: mm: Allocate ASIDs in pairs
    - arm64: mm: Add arm64_kernel_unmapped_at_el0 helper
    - arm64: mm: Invalidate both kernel and user ASIDs when performing TLBI
    - arm64: entry: Add exception trampoline page for exceptions from EL0
    - arm64: mm: Map entry trampoline into trampoline and kernel page tables
    - arm64: entry: Explicitly pass exception level to kernel_ventry macro
    - arm64: entry: Hook up entry trampoline to exception vectors
    - arm64: erratum: Work around Falkor erratum #E1003 in trampoline code
    - arm64: cpu_errata: Add Kryo to Falkor 1003 errata
    - arm64: tls: Avoid unconditional zeroing of tpidrro_el0 for native tasks
    - arm64: entry: Add fake CPU feature for unmapping the kernel at EL0
    - arm64: kaslr: Put kernel vectors address in separate data page
    - arm64: use RET instruction for exiting the trampoline
    - arm64: Kconfig: Add CONFIG_UNMAP_KERNEL_AT_EL0
    - arm64: Kconfig: Reword UNMAP_KERNEL_AT_EL0 kconfig entry
    - arm64: Take into account ID_AA64PFR0_EL1.CSV3
    - arm64: capabilities: Handle duplicate entries for a capability
    - arm64: mm: Introduce TTBR_ASID_MASK for getting at the ASID in the TTBR
    - arm64: kpti: Fix the interaction between ASID switching and software PAN
    - arm64: cputype: Add MIDR values for Cavium ThunderX2 CPUs
    - arm64: Turn on KPTI only on CPUs that need it
    - arm64: kpti: Make use of nG dependent on arm64_kernel_unmapped_at_el0()
    - arm64: mm: Permit transitioning from Global to Non-Global without BBM
    - arm64: kpti: Add ->enable callback to remap swapper using nG mappings
    - arm64: Force KPTI to be disabled on Cavium ThunderX
    - arm64: entry: Reword comment about post_ttbr_update_workaround
    - arm64: idmap: Use "awx" flags for .idmap.text .pushsection directives
    - arm64: barrier: Add CSDB macros to control data-value prediction
    - arm64: Implement array_index_mask_nospec()
    - arm64: Make USER_DS an inclusive limit
    - arm64: Use pointer masking to limit uaccess speculation
    - arm64: entry: Ensure branch through syscall table is bounded under
      speculation
    - arm64: uaccess: Prevent speculative use of the current addr_limit
    - arm64: uaccess: Don't bother eliding access_ok checks in __{get, put}_user
    - arm64: uaccess: Mask __user pointers for __arch_{clear, copy_*}_user
    - arm64: futex: Mask __user pointers prior to dereference
    - arm64: cpufeature: __this_cpu_has_cap() shouldn't stop early
    - arm64: Run enable method for errata work arounds on late CPUs
    - arm64: cpufeature: Pass capability structure to ->enable callback
    - drivers/firmware: Expose psci_get_version through psci_ops structure
    - arm64: Move post_ttbr_update_workaround to C code
    - arm64: Add skeleton to harden the branch predictor against aliasing 
attacks
    - arm64: Move BP hardening to check_and_switch_context
    - arm64: KVM: Use per-CPU vector when BP hardening is enabled
    - arm64: entry: Apply BP hardening for high-priority synchronous exceptions
    - arm64: entry: Apply BP hardening for suspicious interrupts from EL0
    - arm64: cputype: Add missing MIDR values for Cortex-A72 and Cortex-A75
    - arm64: Implement branch predictor hardening for affected Cortex-A CPUs
    - arm64: Implement branch predictor hardening for Falkor
    - arm64: Branch predictor hardening for Cavium ThunderX2
    - arm64: KVM: Increment PC after handling an SMC trap
    - arm/arm64: KVM: Consolidate the PSCI include files
    - arm/arm64: KVM: Add PSCI_VERSION helper
    - arm/arm64: KVM: Add smccc accessors to PSCI code
    - arm/arm64: KVM: Implement PSCI 1.0 support
    - arm/arm64: KVM: Advertise SMCCC v1.1
    - arm64: KVM: Make PSCI_VERSION a fast path
    - arm/arm64: KVM: Turn kvm_psci_version into a static inline
    - arm64: KVM: Report SMCCC_ARCH_WORKAROUND_1 BP hardening support
    - arm64: KVM: Add SMCCC_ARCH_WORKAROUND_1 fast handling
    - firmware/psci: Expose PSCI conduit
    - firmware/psci: Expose SMCCC version through psci_ops
    - arm/arm64: smccc: Make function identifiers an unsigned quantity
    - arm/arm64: smccc: Implement SMCCC v1.1 inline primitive
    - arm64: Add ARM_SMCCC_ARCH_WORKAROUND_1 BP hardening support
    - arm64: Kill PSCI_GET_VERSION as a variant-2 workaround
    - [Config] UNMAP_KERNEL_AT_EL0=y && HARDEN_BRANCH_PREDICTOR=y
    - SAUCE: arm64: __idmap_cpu_set_reserved_ttbr1: fix !ARM64_PA_BITS_52 logic
    - arm64: Add missing Falkor part number for branch predictor hardening
    - arm64: mm: fix thinko in non-global page table attribute check
  * linux-image-4.13.0-26-generic / linux-image-extra-4.13.0-26-generic fail to
    boot (LP: #1742721)
    - staging: sm750fb: Fix parameter mistake in poke32

  [ Ubuntu: 4.13.0-36.40 ]

  * linux: 4.13.0-36.40 -proposed tracker (LP: #1750010)
  * Rebuild without "CVE-2017-5754 ARM64 KPTI fixes" patch set

Date: 2018-04-06 02:34:13.987200+00:00
Changed-By: Marcelo Cerri <marcelo.ce...@canonical.com>
Signed-By: Łukasz Zemczak <lukasz.zemc...@canonical.com>
https://launchpad.net/ubuntu/+source/linux-azure/4.13.0-1014.17
Sorry, changesfile not available.
-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

Reply via email to