group.of.nepali.translators team mailing list archive
-
group.of.nepali.translators team
-
Mailing list archive
-
Message #23212
[Bug 1760653] Re: test_077_config_security_ipsec in kernel security test failed with 4.4/4.15 kvm
This bug was fixed in the package linux-kvm - 4.15.0-1006.6
---------------
linux-kvm (4.15.0-1006.6) bionic; urgency=medium
* linux-kvm: 4.15.0-1006.6 -proposed tracker (LP: #1765498)
[ Ubuntu: 4.15.0-18.19 ]
* linux: 4.15.0-18.19 -proposed tracker (LP: #1765490)
* [regression] Ubuntu 18.04:[4.15.0-17-generic #18] KVM Guest Kernel:
meltdown: rfi/fallback displacement flush not enabled bydefault (kvm)
(LP: #1765429)
- powerpc/pseries: Fix clearing of security feature flags
* signing: only install a signed kernel (LP: #1764794)
- [Packaging] update to Debian like control scripts
- [Packaging] switch to triggers for postinst.d postrm.d handling
- [Packaging] signing -- switch to raw-signing tarballs
- [Packaging] signing -- switch to linux-image as signed when available
- [Config] signing -- enable Opal signing for ppc64el
- [Packaging] printenv -- add signing options
* [18.04 FEAT] Sign POWER host/NV kernels (LP: #1696154)
- [Packaging] signing -- add support for signing Opal kernel binaries
* Please cherrypick s390 unwind fix (LP: #1765083)
- s390/compat: fix setup_frame32
* Ubuntu 18.04 installer does not detect any IPR based HDD/RAID array [S822L]
[ipr] (LP: #1751813)
- d-i: move ipr to storage-core-modules on ppc64el
* drivers/gpu/drm/bridge/adv7511/adv7511.ko missing (LP: #1764816)
- SAUCE: (no-up) rename the adv7511 drm driver to adv7511_drm
* Miscellaneous Ubuntu changes
- [Packaging] Add linux-oem to rebuild test blacklist.
[ Ubuntu: 4.15.0-17.18 ]
* linux: 4.15.0-17.18 -proposed tracker (LP: #1764498)
* Eventual OOM with profile reloads (LP: #1750594)
- SAUCE: apparmor: fix memory leak when duplicate profile load
linux-kvm (4.15.0-1005.5) bionic; urgency=medium
* linux-kvm: 4.15.0-1005.5 -proposed tracker (LP: #1763792)
* test_151_sysctl_disables_bpf_unpriv_userns in kernel security test failed
with 4.4/4.15 kvm (LP: #1760656)
- kvm: [config] enable BPF_SYSCALL
* test_077_config_security_ipsec in kernel security test failed with 4.4/4.15
kvm (LP: #1760653)
- kvm: [config] enable ipsec configs
* test_072_config_strict_devmem in kernel security test failed with 4.4/4.15
kvm (LP: #1760648) // test_072_strict_devmem in kernel security test failed
with 4.4/4.15 kvm (LP: #1760649)
- kvm: [config] enable DEVMEM
* test_076_config_security_acl_ext4 in kernel security test failed with
4.4/4.15 kvm (LP: #1760652) // test_160_setattr_CVE_2015_1350 in kernel
security test failed with 4.4/4.15 kvm (LP: #1760657)
- kvm: [config] enable POSIX_ACL, XATTR, FS_SECURITY for all filesystems
* test_074_config_security_default_mmap_min_addr in kernel security test
failed with 4.4/4.15 kvm (LP: #1760650)
- kvm: [config] DEFAULT_MMAP_MIN_ADDR=65536
* linux-kvm 4.15 needs UNWINDER_FRAME_POINTER (LP: #1763107)
- kvm: [Config] CONFIG_UNWINDER_FRAME_POINTER=y for amd64
[ Ubuntu: 4.15.0-16.17 ]
* linux: 4.15.0-16.17 -proposed tracker (LP: #1763785)
* [18.04] [bug] CFL-S(CNP)/CNL GPIO testing failed (LP: #1757346)
- [Config]: Set CONFIG_PINCTRL_CANNONLAKE=y
* [Ubuntu 18.04] USB Type-C test failed on GLK (LP: #1758797)
- SAUCE: usb: typec: ucsi: Increase command completion timeout value
* Fix trying to "push" an already active pool VP (LP: #1763386)
- SAUCE: powerpc/xive: Fix trying to "push" an already active pool VP
* hisi_sas: Revert and replace SAUCE patches w/ upstream (LP: #1762824)
- Revert "UBUNTU: SAUCE: scsi: hisi_sas: export device table of v3 hw to
userspace"
- Revert "UBUNTU: SAUCE: scsi: hisi_sas: config for hip08 ES"
- scsi: hisi_sas: modify some register config for hip08
- scsi: hisi_sas: add v3 hw MODULE_DEVICE_TABLE()
* Realtek card reader - RTS5243 [VEN_10EC&DEV_5260] (LP: #1737673)
- misc: rtsx: Move Realtek Card Reader Driver to misc
- updateconfigs for Realtek Card Reader Driver
- misc: rtsx: Add support for RTS5260
- misc: rtsx: Fix symbol clashes
* Mellanox [mlx5] [bionic] UBSAN: Undefined behaviour in
./include/linux/net_dim.h (LP: #1763269)
- net/mlx5e: Fix int overflow
* apparmor bug fixes for bionic (LP: #1763427)
- apparmor: fix logging of the existence test for signals
- apparmor: make signal label match work when matching stacked labels
- apparmor: audit unknown signal numbers
- apparmor: fix memory leak on buffer on error exit path
- apparmor: fix mediation of prlimit
* dangling symlinks to loaded apparmor policy (LP: #1755563) // apparmor bug
fixes for bionic (LP: #1763427)
- apparmor: fix dangling symlinks to policy rawdata after replacement
* [OPAL] Assert fail:
core/mem_region.c:447:lock_held_by_me(®ion->free_list_lock)
(LP: #1762913)
- powerpc/watchdog: remove arch_trigger_cpumask_backtrace
* [LTC Test] Ubuntu 18.04: tm_trap_test failed on P8 compat mode guest
(LP: #1762928)
- powerpc/tm: Fix endianness flip on trap
* Add support for RT5660 codec based sound cards on Baytrail (LP: #1657674)
- SAUCE: (no-up) ASoC: Intel: Support machine driver for RT5660 on Baytrail
- SAUCE: (no-up) ASoC: rt5660: Add ACPI support
- SAUCE: (no-up): ASoC: Intel: bytcr-rt5660: Add MCLK, quirks
- [Config] CONFIG_SND_SOC_INTEL_BYTCR_RT5660_MACH=m, CONFIG_SND_SOC_RT5660=m
* /dev/ipmi enumeration flaky on Cavium Sabre nodes (LP: #1762812)
- i2c: xlp9xx: return ENXIO on slave address NACK
- i2c: xlp9xx: Handle transactions with I2C_M_RECV_LEN properly
- i2c: xlp9xx: Check for Bus state before every transfer
- i2c: xlp9xx: Handle NACK on DATA properly
* [18.04 FEAT] Add kvm_stat from kernel tree (LP: #1734130)
- tools/kvm_stat: simplify the sortkey function
- tools/kvm_stat: use a namedtuple for storing the values
- tools/kvm_stat: use a more pythonic way to iterate over dictionaries
- tools/kvm_stat: avoid 'is' for equality checks
- tools/kvm_stat: fix crash when filtering out all non-child trace events
- tools/kvm_stat: print error on invalid regex
- tools/kvm_stat: fix debugfs handling
- tools/kvm_stat: mark private methods as such
- tools/kvm_stat: eliminate extra guest/pid selection dialog
- tools/kvm_stat: separate drilldown and fields filtering
- tools/kvm_stat: group child events indented after parent
- tools/kvm_stat: print 'Total' line for multiple events only
- tools/kvm_stat: Fix python3 syntax
- tools/kvm_stat: Don't use deprecated file()
- tools/kvm_stat: Remove unused function
- [Packaging] Add linux-tools-host package for VM host tools
- [Config] do_tools_host=true for amd64
* Bionic update to v4.15.17 stable release (LP: #1763366)
- i40iw: Fix sequence number for the first partial FPDU
- i40iw: Correct Q1/XF object count equation
- i40iw: Validate correct IRD/ORD connection parameters
- clk: meson: mpll: use 64-bit maths in params_from_rate
- ARM: dts: ls1021a: add "fsl,ls1021a-esdhc" compatible string to esdhc node
- Bluetooth: Add a new 04ca:3015 QCA_ROME device
- ipv6: Reinject IPv6 packets if IPsec policy matches after SNAT
- thermal: power_allocator: fix one race condition issue for thermal_instances
list
- perf probe: Find versioned symbols from map
- perf probe: Add warning message if there is unexpected event name
- perf evsel: Fix swap for samples with raw data
- perf evsel: Enable ignore_missing_thread for pid option
- l2tp: fix missing print session offset info
- rds; Reset rs->rs_bound_addr in rds_add_bound() failure path
- ACPI / video: Default lcd_only to true on Win8-ready and newer machines
- IB/mlx5: Report inner RSS capability
- VFS: close race between getcwd() and d_move()
- watchdog: dw_wdt: add stop watchdog operation
- clk: divider: fix incorrect usage of container_of
- PM / devfreq: Fix potential NULL pointer dereference in governor_store
- gpiolib: don't dereference a desc before validation
- net_sch: red: Fix the new offload indication
- selftests/net: fix bugs in address and port initialization
- thermal/drivers/hisi: Remove bogus const from function return type
- RDMA/cma: Mark end of CMA ID messages
- hwmon: (ina2xx) Make calibration register value fixed
- f2fs: fix lock dependency in between dio_rwsem & i_mmap_sem
- clk: sunxi-ng: a83t: Add M divider to TCON1 clock
- media: videobuf2-core: don't go out of the buffer range
- ASoC: Intel: Skylake: Disable clock gating during firmware and library
download
- ASoC: Intel: cht_bsw_rt5645: Analog Mic support
- drm/msm: Fix NULL deref in adreno_load_gpu
- IB/ipoib: Fix for notify send CQ failure messages
- spi: sh-msiof: Fix timeout failures for TX-only DMA transfers
- scsi: mpt3sas: Proper handling of set/clear of "ATA command pending" flag.
- irqchip/ompic: fix return value check in ompic_of_init()
- irqchip/gic-v3: Fix the driver probe() fail due to disabled GICC entry
- ACPI: EC: Fix debugfs_create_*() usage
- mac80211: Fix setting TX power on monitor interfaces
- vfb: fix video mode and line_length being set when loaded
- crypto: crypto4xx - perform aead icv check in the driver
- gpio: label descriptors using the device name
- arm64: asid: Do not replace active_asids if already 0
- powernv-cpufreq: Add helper to extract pstate from PMSR
- IB/rdmavt: Allocate CQ memory on the correct node
- blk-mq: avoid to map CPU into stale hw queue
- blk-mq: fix race between updating nr_hw_queues and switching io sched
- backlight: tdo24m: Fix the SPI CS between transfers
- nvme-fabrics: protect against module unload during create_ctrl
- nvme-fabrics: don't check for non-NULL module in nvmf_register_transport
- pinctrl: baytrail: Enable glitch filter for GPIOs used as interrupts
- nvme_fcloop: disassocate local port structs
- nvme_fcloop: fix abort race condition
- tpm: return a TPM_RC_COMMAND_CODE response if command is not implemented
- perf report: Fix a no annotate browser displayed issue
- staging: lustre: disable preempt while sampling processor id.
- ASoC: Intel: sst: Fix the return value of 'sst_send_byte_stream_mrfld()'
- power: supply: axp288_charger: Properly stop work on probe-error / remove
- rt2x00: do not pause queue unconditionally on error path
- wl1251: check return from call to wl1251_acx_arp_ip_filter
- net/mlx5: Fix race for multiple RoCE enable
- bcache: ret IOERR when read meets metadata error
- bcache: stop writeback thread after detaching
- bcache: segregate flash only volume write streams
- net: Fix netdev_WARN_ONCE macro
- net/mlx5e: IPoIB, Use correct timestamp in child receive flow
- blk-mq: fix kernel oops in blk_mq_tag_idle()
- tty: n_gsm: Allow ADM response in addition to UA for control dlci
- block, bfq: put async queues for root bfq groups too
- serdev: Fix serdev_uevent failure on ACPI enumerated serdev-controllers
- EDAC, mv64x60: Fix an error handling path
- uio_hv_generic: check that host supports monitor page
- Bluetooth: hci_bcm: Mandate presence of shutdown and device wake GPIO
- Bluetooth: hci_bcm: Validate IRQ before using it
- Bluetooth: hci_bcm: Make shutdown and device wake GPIO optional
- i40evf: don't rely on netif_running() outside rtnl_lock()
- drm/amd/powerplay: fix memory leakage when reload (v2)
- cxgb4vf: Fix SGE FL buffer initialization logic for 64K pages
- PM / domains: Don't skip driver's ->suspend|resume_noirq() callbacks
- scsi: megaraid_sas: Error handling for invalid ldcount provided by firmware
in RAID map
- scsi: megaraid_sas: unload flag should be set after scsi_remove_host is
called
- RDMA/cma: Fix rdma_cm path querying for RoCE
- gpio: thunderx: fix error return code in thunderx_gpio_probe()
- x86/gart: Exclude GART aperture from vmcore
- sdhci: Advertise 2.0v supply on SDIO host controller
- Input: goodix - disable IRQs while suspended
- mtd: mtd_oobtest: Handle bitflips during reads
- crypto: aes-generic - build with -Os on gcc-7+
- perf tools: Fix copyfile_offset update of output offset
- tcmu: release blocks for partially setup cmds
- thermal: int3400_thermal: fix error handling in int3400_thermal_probe()
- drm/i915/cnp: Ignore VBT request for know invalid DDC pin.
- drm/i915/cnp: Properly handle VBT ddc pin out of bounds.
- x86/microcode: Propagate return value from updating functions
- x86/CPU: Add a microcode loader callback
- x86/CPU: Check CPU feature bits after microcode upgrade
- x86/microcode: Get rid of struct apply_microcode_ctx
- x86/microcode/intel: Check microcode revision before updating sibling
threads
- x86/microcode/intel: Writeback and invalidate caches before updating
microcode
- x86/microcode: Do not upload microcode if CPUs are offline
- x86/microcode/intel: Look into the patch cache first
- x86/microcode: Request microcode on the BSP
- x86/microcode: Synchronize late microcode loading
- x86/microcode: Attempt late loading only when new microcode is present
- x86/microcode: Fix CPU synchronization routine
- arp: fix arp_filter on l3slave devices
- ipv6: the entire IPv6 header chain must fit the first fragment
- lan78xx: Crash in lan78xx_writ_reg (Workqueue: events
lan78xx_deferred_multicast_write)
- net: dsa: Discard frames from unused ports
- net: fix possible out-of-bound read in skb_network_protocol()
- net/ipv6: Fix route leaking between VRFs
- net/ipv6: Increment OUTxxx counters after netfilter hook
- netlink: make sure nladdr has correct size in netlink_connect()
- net/mlx5e: Verify coalescing parameters in range
- net sched actions: fix dumping which requires several messages to user space
- net/sched: fix NULL dereference in the error path of tcf_bpf_init()
- pptp: remove a buggy dst release in pptp_connect()
- r8169: fix setting driver_data after register_netdev
- sctp: do not leak kernel memory to user space
- sctp: sctp_sockaddr_af must check minimal addr length for AF_INET6
- vhost: correctly remove wait queue during poll failure
- vlan: also check phy_driver ts_info for vlan's real device
- vrf: Fix use after free and double free in vrf_finish_output
- bonding: fix the err path for dev hwaddr sync in bond_enslave
- bonding: move dev_mc_sync after master_upper_dev_link in bond_enslave
- bonding: process the err returned by dev_set_allmulti properly in
bond_enslave
- net: fool proof dev_valid_name()
- ip_tunnel: better validate user provided tunnel names
- ipv6: sit: better validate user provided tunnel names
- ip6_gre: better validate user provided tunnel names
- ip6_tunnel: better validate user provided tunnel names
- vti6: better validate user provided tunnel names
- net/mlx5e: Set EQE based as default TX interrupt moderation mode
- net_sched: fix a missing idr_remove() in u32_delete_key()
- net/sched: fix NULL dereference in the error path of tcf_vlan_init()
- net/mlx5e: Avoid using the ipv6 stub in the TC offload neigh update path
- net/mlx5e: Fix memory usage issues in offloading TC flows
- net/sched: fix NULL dereference in the error path of tcf_sample_init()
- nfp: use full 40 bits of the NSP buffer address
- ipv6: sr: fix seg6 encap performances with TSO enabled
- net/mlx5e: Don't override vport admin link state in switchdev mode
- net/mlx5e: Sync netdev vxlan ports at open
- net/sched: fix NULL dereference in the error path of tunnel_key_init()
- net/sched: fix NULL dereference on the error path of tcf_skbmod_init()
- strparser: Fix sign of err codes
- net/mlx4_en: Fix mixed PFC and Global pause user control requests
- net/mlx5e: Fix traffic being dropped on VF representor
- vhost: validate log when IOTLB is enabled
- route: check sysctl_fib_multipath_use_neigh earlier than hash
- team: move dev_mc_sync after master_upper_dev_link in team_port_add
- vhost_net: add missing lock nesting notation
- net/mlx4_core: Fix memory leak while delete slave's resources
- Linux 4.15.17
* sky2 gigabit ethernet driver sometimes stops working after lid-open resume
from sleep (88E8055) (LP: #1758507) // Bionic update to v4.15.17 stable
release (LP: #1763366)
- sky2: Increase D3 delay to sky2 stops working after suspend
* [Featire] CNL: Enable RAPL support (LP: #1685712)
- powercap: RAPL: Add support for Cannon Lake
* System Z {kernel} UBUNTU18.04 wrong kernel config (LP: #1762719)
- s390: move nobp parameter functions to nospec-branch.c
- s390: add automatic detection of the spectre defense
- s390: report spectre mitigation via syslog
- s390: add sysfs attributes for spectre
- [Config] CONFIG_EXPOLINE_AUTO=y, CONFIG_KERNEL_NOBP=n for s390
- s390: correct nospec auto detection init order
* Merge the linux-snapdragon kernel into bionic master/snapdragon
(LP: #1763040)
- drm/msm: fix spelling mistake: "ringubffer" -> "ringbuffer"
- drm/msm: fix msm_rd_dump_submit prototype
- drm/msm: gpu: Only sync fences on rings that exist
- wcn36xx: set default BTLE coexistence config
- wcn36xx: Add hardware scan offload support
- wcn36xx: Reduce spinlock in indication handler
- wcn36xx: fix incorrect assignment to msg_body.min_ch_time
- wcn36xx: release DMA memory in case of error
- mailbox: qcom: Convert APCS IPC driver to use regmap
- mailbox: qcom: Create APCS child device for clock controller
- clk: qcom: Add A53 PLL support
- clk: qcom: Add regmap mux-div clocks support
- clk: qcom: Add APCS clock controller support
- clk: qcom: msm8916: Fix return value check in qcom_apcs_msm8916_clk_probe()
- media: venus: venc: set correctly GOP size and number of B-frames
- media: venus: venc: configure entropy mode
- media: venus: venc: Apply inloop deblocking filter
- media: venus: cleanup set_property controls
- arm64: defconfig: enable REMOTEPROC
- arm64: defconfig: enable QCOM audio drivers for APQ8016 and DB410c
- kernel: configs; add distro.config
- arm64: configs: enable WCN36xx
- kernel: distro.config: enable debug friendly USB network adpater
- arm64: configs: enable QCOM Venus
- arm64: defconfig: Enable a53/apcs and avs
- arm64: defconfig: enable ondemand governor as default
- arm64: defconfig: enable QCOM_TSENS
- arm64: defconfig: enable new trigger modes for leds
- kernel: configs: enable dm_mod and dm_crypt
- Force the SMD regulator driver to be compiled-in
- arm64: defconfig: enable CFG80211_DEFAULT_PS by default
- arm64: configs: enable BT_QCOMSMD
- kernel: configs: add more USB net drivers
- arm64: defconfig: disable ANALOG_TV and DIGITAL_TV
- arm64: configs: Enable camera drivers
- kernel: configs: add freq stat to sysfs
- arm64: defconfig: enable CONFIG_USB_CONFIGFS_F_FS by default
- arm64: defconfig: Enable QRTR features
- kernel: configs: set USB_CONFIG_F_FS in distro.config
- kernel: distro.config: enable 'schedutil' CPUfreq governor
- kernel: distro.config: enable 'fq' and 'fq_codel' qdiscs
- kernel: distro.config: enable 'BBR' TCP congestion algorithm
- arm64: defconfig: enable LEDS_QCOM_LPG
- HACK: drm/msm/iommu: Remove runtime_put calls in map/unmap
- power: avs: Add support for CPR (Core Power Reduction)
- power: avs: cpr: Use raw mem access for qfprom
- power: avs: cpr: fix with new reg_sequence structures
- power: avs: cpr: Register with cpufreq-dt
- regulator: smd: Add floor and corner operations
- PM / OPP: Support adjusting OPP voltages at runtime
- PM / OPP: Drop RCU usage in dev_pm_opp_adjust_voltage()
- PM / OPP: HACK: Allow to set regulator without opp_list
- PM / OPP: Add a helper to get an opp regulator for device
- cpufreq: Add apq8016 to cpufreq-dt-platdev blacklist
- regulator: smd: Allow REGULATOR_QCOM_SMD_RPM=m
- ov5645: I2C address change
- i2c: Add Qualcomm Camera Control Interface driver
- camss: vfe: Skip first four frames from sensor
- camss: Do not register if no cameras are present
- i2c-qcom-cci: Fix run queue completion timeout
- i2c-qcom-cci: Fix I2C address bug
- media: ov5645: Fix I2C address
- drm/bridge/adv7511: Delay clearing of HPD interrupt status
- HACK: drm/msm/adv7511: Don't rely on interrupts for EDID parsing
- leds: Add driver for Qualcomm LPG
- wcn36xx: Fix warning due to duplicate scan_completed notification
- arm64: dts: Add CPR DT node for msm8916
- arm64: dts: add spmi-regulator nodes
- arm64: dts: msm8916: Add cpufreq support
- arm64: dts: msm8916: Add a shared CPU opp table
- arm64: dts: msm8916: Add cpu cooling maps
- arm64: dts: pm8916: Mark the s2 regulator as always-on
- dt-bindings: mailbox: qcom: Document the APCS clock binding
- arm64: dts: qcom: msm8916: Add msm8916 A53 PLL DT node
- arm64: dts: qcom: msm8916: Use the new APCS mailbox driver
- arm64: dts: qcom: msm8916: Add clock properties to the APCS node
- arm64: dts: qcom: apq8016-sbc: Allow USR4 LED to notify kernel panic
- dt-bindings: media: Binding document for Qualcomm Camera Control Interface
driver
- MAINTAINERS: Add Qualcomm Camera Control Interface driver
- DT: leds: Add Qualcomm Light Pulse Generator binding
- arm64: dts: qcom: msm8996: Add mpp and lpg blocks
- arm64: dts: qcom: Add pwm node for pm8916
- arm64: dts: qcom: Add user LEDs on db820c
- arm64: dts: qcom: Add WiFI/BT LEDs on db820c
- ARM: dts: qcom: Add LPG node to pm8941
- ARM: dts: qcom: honami: Add LPG node and RGB LED
- arm64: dts: qcom: Add Camera Control Interface support
- arm64: dts: qcom: Add apps_iommu vfe child node
- arm64: dts: qcom: Add camss device node
- arm64: dts: qcom: Add ov5645 device nodes
- arm64: dts: msm8916: Fix camera sensors I2C addresses
- arm: dts: qcom: db410c: Enable PWM signal on MPP4
- packaging: arm64: add a uboot flavour - part1
- packaging: arm64: add a uboot flavour - part2
- packaging: arm64: add a uboot flavour - part3
- packaging: arm64: add a uboot flavour - part4
- packaging: arm64: add a uboot flavour - part5
- packaging: arm64: rename uboot flavour to snapdragon
- [Config] updateconfigs after qcomlt import
- [Config] arm64: snapdragon: COMMON_CLK_QCOM=y
- [Config] arm64: snapdragon: MSM_GCC_8916=y
- [Config] arm64: snapdragon: REGULATOR_FIXED_VOLTAGE=y
- [Config] arm64: snapdragon: PINCTRL_MSM8916=y
- [Config] arm64: snapdragon: HWSPINLOCK_QCOM=y
- [Config] arm64: snapdragon: SPMI=y, SPMI_MSM_PMIC_ARB=y
- [Config] arm64: snapdragon: REGMAP_SPMI=y, PINCTRL_QCOM_SPMI_PMIC=y
- [Config] arm64: snapdragon: REGULATOR_QCOM_SPMI=y
- [Config] arm64: snapdragon: MFD_SPMI_PMIC=y
- [Config] arm64: snapdragon: QCOM_SMEM=y
- [Config] arm64: snapdragon: RPMSG=y, RPMSG_QCOM_SMD=y
- [Config] arm64: snapdragon: QCOM_SMD_RPM=y, REGULATOR_QCOM_SMD_RPM=y
- [Config] arm64: snapdragon: QCOM_CLK_SMD_RPM=y
- [Config] arm64: snapdragon: QCOM_BAM_DMA=y
- [Config] arm64: snapdragon: QCOM_HIDMA=y, QCOM_HIDMA_MGMT=y
- [Config] arm64: snapdragon: QCOM_CPR=y
- [Config] arm64: snapdragon: QCOM_QFPROM=y, QCOM_TSENS=y
- [Config] arm64: snapdragon: MMC_SDHCI=y, MMC_SDHCI_PLTFM=y, MMC_SDHCI_MSM=y
- [Config] turn off DRM_MSM_REGISTER_LOGGING
- [Config] arm64: snapdragon: I2C_QUP=y
- [Config] arm64: snapdragon: SPI_QUP=y
- [Config] arm64: snapdragon: USB_ULPI_BUS=y, PHY_QCOM_USB_HS=y
- [Config] arm64: snapdragon: QCOM_APCS_IPC=y
- [Config] arm64: snapdragon: QCOM_WCNSS_CTRL=y
- [Config] arm64: snapdragon: QCOM_SMSM=y
- [Config] arm64: snapdragon: QCOM_SMP2P=y
- [Config] arm64: snapdragon: DRM_MSM=y
- [Config] arm64: snapdragon: SND_SOC=y
- [Config] arm64: snapdragon: QCOM_WCNSS_PIL=m
- [Config] arm64: snapdragon: QCOM_A53PLL=y, QCOM_CLK_APCS_MSM8916=y
- [Config] arm64: snapdragon: INPUT_PM8941_PWRKEY=y
- [Config] arm64: snapdragon: MEDIA_SUBDRV_AUTOSELECT=y, VIDEO_OV5645=m
- [Config] arm64: snapdragon: SND_SOC_APQ8016_SBC=y, SND_SOC_LPASS_APQ8016=y
- [Config] arm64: snapdragon: SND_SOC_MSM8916_WCD_ANALOG=y,
SND_SOC_MSM8916_WCD_DIGITAL=y
- SAUCE: media: ov5645: skip address change if dt addr == default addr
- SAUCE: drm/msm/adv7511: wrap hacks under CONFIG_ADV7511_SNAPDRAGON_HACKS
#ifdefs
- [Config] arm64: snapdragon: ADV7511_SNAPDRAGON_HACKS=y
- packaging: snapdragon: fixup ABI paths
* LSM stacking patches for bionic (LP: #1763062)
- SAUCE: LSM stacking: procfs: add smack subdir to attrs
- SAUCE: LSM stacking: LSM: Manage credential security blobs
- SAUCE: LSM stacking: LSM: Manage file security blobs
- SAUCE: LSM stacking: LSM: Manage task security blobs
- SAUCE: LSM stacking: LSM: Manage remaining security blobs
- SAUCE: LSM stacking: LSM: General stacking
- SAUCE: LSM stacking: fixup initialize task->security
- SAUCE: LSM stacking: fixup: alloc_task_ctx is dead code
- SAUCE: LSM stacking: add support for stacking getpeersec_stream
- SAUCE: LSM stacking: add stacking support to apparmor network hooks
- SAUCE: LSM stacking: fixup apparmor stacking enablement
- SAUCE: LSM stacking: fixup stacking kconfig
- SAUCE: LSM stacking: allow selecting multiple LSMs using kernel boot params
- SAUCE: LSM stacking: provide prctl interface for setting context
- SAUCE: LSM stacking: inherit current display LSM
- SAUCE: LSM stacking: keep an index for each registered LSM
- SAUCE: LSM stacking: verify display LSM
- SAUCE: LSM stacking: provide a way to specify the default display lsm
- SAUCE: LSM stacking: make sure LSM blob align on 64 bit boundaries
- SAUCE: LSM stacking: add /proc/<pid>/attr/display_lsm
- SAUCE: LSM stacking: add Kconfig to set default display LSM
- SAUCE: LSM stacking: add configs for LSM stacking
- SAUCE: LSM stacking: add apparmor and selinux proc dirs
- SAUCE: LSM stacking: remove procfs context interface
* linux 4.13.0-13.14 ADT test failure with linux 4.13.0-13.14
(LP: #1720779) // LSM stacking patches for bionic (LP: #1763062)
- SAUCE: LSM stacking: check for invalid zero sized writes
* RDMA/hns: ensure for-loop actually iterates and free's buffers
(LP: #1762757)
- RDMA/hns: ensure for-loop actually iterates and free's buffers
* Support cq/rq record doorbell for RDMA on HSilicon hip08 systems
(LP: #1762755)
- RDMA/hns: Fix the endian problem for hns
- RDMA/hns: Support rq record doorbell for the user space
- RDMA/hns: Support cq record doorbell for the user space
- RDMA/hns: Support rq record doorbell for kernel space
- RDMA/hns: Support cq record doorbell for kernel space
- RDMA/hns: Fix cqn type and init resp
- RDMA/hns: Fix init resp when alloc ucontext
- RDMA/hns: Fix cq record doorbell enable in kernel
* Replace LPC patchset with upstream version (LP: #1762758)
- Revert "UBUNTU: SAUCE: MAINTAINERS: Add maintainer for HiSilicon LPC driver"
- Revert "UBUNTU: SAUCE: HISI LPC: Add ACPI support"
- Revert "UBUNTU: SAUCE: ACPI / scan: do not enumerate Indirect IO host
children"
- Revert "UBUNTU: SAUCE: HISI LPC: Support the LPC host on Hip06/Hip07 with DT
bindings"
- Revert "UBUNTU: SAUCE: OF: Add missing I/O range exception for indirect-IO
devices"
- Revert "UBUNTU: SAUCE: PCI: Apply the new generic I/O management on PCI IO
hosts"
- Revert "UBUNTU: SAUCE: PCI: Add fwnode handler as input param of
pci_register_io_range()"
- Revert "UBUNTU: SAUCE: PCI: Remove unused __weak attribute in
pci_register_io_range()"
- Revert "UBUNTU: SAUCE: LIB: Introduce a generic PIO mapping method"
- lib: Add generic PIO mapping method
- PCI: Remove __weak tag from pci_register_io_range()
- PCI: Add fwnode handler as input param of pci_register_io_range()
- PCI: Apply the new generic I/O management on PCI IO hosts
- of: Add missing I/O range exception for indirect-IO devices
- HISI LPC: Support the LPC host on Hip06/Hip07 with DT bindings
- ACPI / scan: Rename acpi_is_serial_bus_slave() for more general use
- ACPI / scan: Do not enumerate Indirect IO host children
- HISI LPC: Add ACPI support
- MAINTAINERS: Add John Garry as maintainer for HiSilicon LPC driver
* Enable Tunneled Operations on POWER9 (LP: #1762448)
- powerpc/powernv: Enable tunneled operations
- cxl: read PHB indications from the device tree
* PSL traces reset after PERST for debug AFU image (LP: #1762462)
- cxl: Enable NORST bit in PSL_DEBUG register for PSL9
* NFS + sec=krb5 is broken (LP: #1759791)
- sunrpc: remove incorrect HMAC request initialization
* Raspberry Pi 3 microSD support missing from the installer (LP: #1729128)
- d-i: add bcm2835 to block-modules
* Backport USB core quirks (LP: #1762695)
- usb: core: Add "quirks" parameter for usbcore
- usb: core: Copy parameter string correctly and remove superfluous null check
- usb: core: Add USB_QUIRK_DELAY_CTRL_MSG to usbcore quirks
* [Ubuntu 18.04] cryptsetup: 'device-mapper: reload ioctl on failed' when
setting up a second end-to-end encrypted disk (LP: #1762353)
- SAUCE: s390/crypto: Adjust s390 aes and paes cipher
* Additional spectre and meltdown patches (LP: #1760099) // CVE-2017-5715
- powerpc/64s: Wire up cpu_show_spectre_v2()
* Additional spectre and meltdown patches (LP: #1760099) // CVE-2017-5753
- powerpc/64s: Wire up cpu_show_spectre_v1()
* Additional spectre and meltdown patches (LP: #1760099) // CVE-2017-5754
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration
- powerpc/64s: Move cpu_show_meltdown()
- powerpc/64s: Enhance the information in cpu_show_meltdown()
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
* Additional spectre and meltdown patches (LP: #1760099) // CVE-2017-5715 //
CVE-2017-5753 // CVE-2017-5754
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Set or clear security feature flags
* Hisilicon network subsystem 3 support (LP: #1761610)
- net: hns3: export pci table of hclge and hclgevf to userspace
- d-i: Add hns3 drivers to nic-modules
* "ip a" command on a guest VM shows UNKNOWN status (LP: #1761534)
- virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS
* perf vendor events arm64: Enable JSON events for ThunderX2 B0 (LP: #1760712)
- perf vendor events aarch64: Add JSON metrics for ARM Cortex-A53 Processor
- perf vendor events: Drop incomplete multiple mapfile support
- perf vendor events: Fix error code in json_events()
- perf vendor events: Drop support for unused topic directories
- perf vendor events: Add support for pmu events vendor subdirectory
- perf vendor events arm64: Relocate ThunderX2 JSON to cavium subdirectory
- perf vendor events arm64: Relocate Cortex A53 JSONs to arm subdirectory
- perf vendor events: Add support for arch standard events
- perf vendor events arm64: Add armv8-recommended.json
- perf vendor events arm64: Fixup ThunderX2 to use recommended events
- perf vendor events arm64: fixup A53 to use recommended events
- perf vendor events arm64: add HiSilicon hip08 JSON file
- perf vendor events arm64: Enable JSON events for ThunderX2 B0
* Warning "cache flush timed out!" seen when unloading the cxl driver
(LP: #1762367)
- cxl: Check if PSL data-cache is available before issue flush request
* Bionic update to 4.15.16 stable release (LP: #1762370)
- ARM: OMAP: Fix SRAM W+X mapping
- ARM: 8746/1: vfp: Go back to clearing vfp_current_hw_state[]
- ARM: dts: sun6i: a31s: bpi-m2: improve pmic properties
- ARM: dts: sun6i: a31s: bpi-m2: add missing regulators
- mtd: jedec_probe: Fix crash in jedec_read_mfr()
- mtd: nand: atmel: Fix get_sectorsize() function
- ALSA: usb-audio: Add native DSD support for TEAC UD-301
- ALSA: pcm: Use dma_bytes as size parameter in dma_mmap_coherent()
- ALSA: pcm: potential uninitialized return values
- x86/platform/uv/BAU: Add APIC idt entry
- perf/hwbp: Simplify the perf-hwbp code, fix documentation
- ceph: only dirty ITER_IOVEC pages for direct read
- ipc/shm.c: add split function to shm_vm_ops
- i2c: i2c-stm32f7: fix no check on returned setup
- powerpc/mm: Add tracking of the number of coprocessors using a context
- powerpc/mm: Workaround Nest MMU bug with TLB invalidations
- powerpc/64s: Fix i-side SLB miss bad address handler saving nonvolatile GPRs
- partitions/msdos: Unable to mount UFS 44bsd partitions
- xfrm_user: uncoditionally validate esn replay attribute struct
- RDMA/ucma: Check AF family prior resolving address
- RDMA/ucma: Fix use-after-free access in ucma_close
- RDMA/ucma: Ensure that CM_ID exists prior to access it
- RDMA/rdma_cm: Fix use after free race with process_one_req
- RDMA/ucma: Check that device is connected prior to access it
- RDMA/ucma: Check that device exists prior to accessing it
- RDMA/ucma: Introduce safer rdma_addr_size() variants
- ipv6: fix possible deadlock in rt6_age_examine_exception()
- net: xfrm: use preempt-safe this_cpu_read() in ipcomp_alloc_tfms()
- xfrm: Refuse to insert 32 bit userspace socket policies on 64 bit systems
- percpu: add __GFP_NORETRY semantics to the percpu balancing path
- netfilter: x_tables: make allocation less aggressive
- netfilter: bridge: ebt_among: add more missing match size checks
- l2tp: fix races with ipv4-mapped ipv6 addresses
- netfilter: drop template ct when conntrack is skipped.
- netfilter: x_tables: add and use xt_check_proc_name
- phy: qcom-ufs: add MODULE_LICENSE tag
- Bluetooth: Fix missing encryption refresh on Security Request
- drm/i915/dp: Write to SET_POWER dpcd to enable MST hub.
- bitmap: fix memset optimization on big-endian systems
- USB: serial: ftdi_sio: add RT Systems VX-8 cable
- USB: serial: ftdi_sio: add support for Harman FirmwareHubEmulator
- USB: serial: cp210x: add ELDAT Easywave RX09 id
- serial: 8250: Add Nuvoton NPCM UART
- mei: remove dev_err message on an unsupported ioctl
- /dev/mem: Avoid overwriting "err" in read_mem()
- media: usbtv: prevent double free in error case
- parport_pc: Add support for WCH CH382L PCI-E single parallel port card.
- crypto: lrw - Free rctx->ext with kzfree
- crypto: talitos - don't persistently map req_ctx->hw_context and
req_ctx->buf
- crypto: inside-secure - fix clock management
- crypto: testmgr - Fix incorrect values in PKCS#1 test vector
- crypto: talitos - fix IPsec cipher in length
- crypto: ahash - Fix early termination in hash walk
- crypto: caam - Fix null dereference at error path
- crypto: ccp - return an actual key size from RSA max_size callback
- crypto: arm,arm64 - Fix random regeneration of S_shipped
- crypto: x86/cast5-avx - fix ECB encryption when long sg follows short one
- Btrfs: fix unexpected cow in run_delalloc_nocow
- staging: comedi: ni_mio_common: ack ai fifo error interrupts.
- Revert "base: arch_topology: fix section mismatch build warnings"
- Input: ALPS - fix TrackStick detection on Thinkpad L570 and Latitude 7370
- Input: i8042 - add Lenovo ThinkPad L460 to i8042 reset list
- Input: i8042 - enable MUX on Sony VAIO VGN-CS series to fix touchpad
- vt: change SGR 21 to follow the standards
- ARM: dts: DRA76-EVM: Set powerhold property for tps65917
- net: hns: Fix ethtool private flags
- Fix slab name "biovec-(1<<(21-12))"
- Revert "ARM: dts: am335x-pepper: Fix the audio CODEC's reset pin"
- Revert "ARM: dts: omap3-n900: Fix the audio CODEC's reset pin"
- Revert "cpufreq: Fix governor module removal race"
- Revert "ip6_vti: adjust vti mtu according to mtu of lower device"
- Linux 4.15.16
* [18.04][config] regression: nvme and nvme_core couldn't be built as modules
starting 4.15-rc2 (LP: #1759893)
- SAUCE: Revert "lightnvm: include NVM Express driver if OCSSD is selected for
build"
- [Config] CONFIG_BLK_DEV_NMVE=m
* Miscellaneous Ubuntu changes
- [Packaging] Only install cloud init files when do_tools_common=true
-- Thadeu Lima de Souza Cascardo <cascardo@xxxxxxxxxxxxx> Fri, 20 Apr
2018 12:16:40 -0300
** Changed in: linux-kvm (Ubuntu Bionic)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5715
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5753
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5754
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1760653
Title:
test_077_config_security_ipsec in kernel security test failed with
4.4/4.15 kvm
Status in QA Regression Testing:
Invalid
Status in linux package in Ubuntu:
Incomplete
Status in linux-kvm package in Ubuntu:
Fix Released
Status in linux source package in Xenial:
New
Status in linux-kvm source package in Xenial:
Fix Committed
Status in linux source package in Bionic:
Incomplete
Status in linux-kvm source package in Bionic:
Fix Released
Bug description:
FAIL: test_077_config_security_ipsec (__main__.KernelSecurityTest)
Config options for IPsec
----------------------------------------------------------------------
Traceback (most recent call last):
File "./test-kernel-security.py", line 897, in test_077_config_security_ipsec
self.assertTrue(self._test_config(c), 'CONFIG_%s is not set' % (c))
AssertionError: CONFIG_XFRM_USER is not set
Steps to reproduce:
Deploy the node with Xenial 4.4 kernel, install linux-kvm
sudo apt-get install python-minimal
git clone --depth=1 git://kernel.ubuntu.com/ubuntu/autotest-client-tests -b master-next
git clone --depth=1 git://kernel.ubuntu.com/ubuntu/autotest
rm -fr autotest/client/tests
ln -sf ~/autotest-client-tests autotest/client/tests
AUTOTEST_PATH=/home/ubuntu/autotest sudo -E autotest/client/autotest-local --verbose autotest/client/tests/ubuntu_qrt_kernel_security/control
ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: linux-image-4.4.0-1019-kvm 4.4.0-1019.24
ProcVersionSignature: User Name 4.4.0-1019.24-kvm 4.4.98
Uname: Linux 4.4.0-1019-kvm x86_64
NonfreeKernelModules: signpost
ApportVersion: 2.20.1-0ubuntu2.15
Architecture: amd64
Date: Mon Apr 2 17:17:15 2018
ProcEnviron:
TERM=xterm-256color
PATH=(custom, no user)
XDG_RUNTIME_DIR=<set>
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: linux-kvm
UpgradeStatus: No upgrade log present (probably fresh install)
To manage notifications about this bug go to:
https://bugs.launchpad.net/qa-regression-testing/+bug/1760653/+subscriptions
