[ubuntu/zesty-proposed] linux-raspi2 4.10.0-1000.2 (Accepted)
Tim Gardner
tim.gardner at canonical.com
Thu Mar 9 12:51:20 UTC 2017
linux-raspi2 (4.10.0-1000.2) zesty; urgency=low
* UBUNTU: [Debian] Don't attempt to sign files if CONFIG_MODULE_SIG=n
fixes FTBS
linux-raspi2 (4.10.0-1000.1) zesty; urgency=low
* Rebased against Ubuntu-4.10.0-11.13
* Started with https://github.com/raspberrypi/linux.git rpi-4.10.y
commit 54ed9a995304217e81c8269ef1a842d241a48d9c
linux-raspi2 (4.10.0-1000.0) zesty; urgency=low
* Dummy Entry
linux (4.10.0-11.13) zesty; urgency=low
[ Tim Gardner ]
* Release Tracking Bug
- LP: #1669127
* linux-tools-common should Depends: lsb-release (LP: #1667571)
- [Config] linux-tools-common depends on lsb-release
* Ubuntu (Zesty): When we miss LSI/INTx interrupts on slot, message is too
imprecise (LP: #1668382)
- of/irq: improve error report on irq discovery process failure
* Zesty update to v4.10.1 stable release (LP: #1668993)
- ptr_ring: fix race conditions when resizing
- ip: fix IP_CHECKSUM handling
- net: socket: fix recvmmsg not returning error from sock_error
- tty: serial: msm: Fix module autoload
- USB: serial: mos7840: fix another NULL-deref at open
- USB: serial: cp210x: add new IDs for GE Bx50v3 boards
- USB: serial: ftdi_sio: fix modem-status error handling
- USB: serial: ftdi_sio: fix extreme low-latency setting
- USB: serial: ftdi_sio: fix line-status over-reporting
- USB: serial: spcp8x5: fix modem-status handling
- USB: serial: opticon: fix CTS retrieval at open
- USB: serial: ark3116: fix register-accessor error handling
- USB: serial: console: fix uninitialised spinlock
- x86/platform/goldfish: Prevent unconditional loading
- goldfish: Sanitize the broken interrupt handler
- netfilter: nf_ct_helper: warn when not applying default helper assignment
- ACPICA: Linuxize: Restore and fix Intel compiler build
- block: fix double-free in the failure path of cgwb_bdi_init()
- rtlwifi: rtl_usb: Fix for URB leaking when doing ifconfig up/down
- xfs: clear delalloc and cache on buffered write failure
- Linux 4.10.1
* [UBUNTU Zesty] mlx5 - Improve OVS offload driver (LP: #1668019)
- net/sched: cls_flower: Disallow duplicate internal elements
- net/sched: cls_flower: Properly handle classifier flags dumping
- net/sched: cls_matchall: Dump the classifier flags
- net/sched: Reflect HW offload status
- net/sched: cls_flower: Reflect HW offload status
- net/sched: cls_matchall: Reflect HW offloading status
- net/sched: cls_u32: Reflect HW offload status
- net/sched: cls_bpf: Reflect HW offload status
- net/mlx5: Push min-inline mode resolution helper into the core
- IB/mlx5: Enable Eth VFs to query their min-inline value for user-space
- net/mlx5: Use exact encap header size for the FW input buffer
- net/mlx5e: Add TC offloads matching on IPv6 encapsulation headers
- net/mlx5e: TC ipv4 tunnel encap offload cosmetic changes
- net/mlx5e: Use the full tunnel key info for encapsulation offload house- keeping
- net/mlx5e: Maximize ip tunnel key usage on the TC offloading path
- net/mlx5e: Support SRIOV TC encapsulation offloads for IPv6 tunnels
- net/mlx5: E-Switch, Enlarge the FDB size for the switchdev mode
- net/mlx5: Fix static checker warnings
* [Hyper-V] Ubuntu 14.04.2 LTS Generation 2 SCSI Errors on VSS Based Backups
(LP: #1470250)
- SAUCE: Tools: hv: vss: Thaw the filesystem and continue after freeze fails
* Ubuntu17.04: Need more patches for aacraid to bring up Boston System
(LP: #1668726)
- scsi: aacraid: Remove duplicate irq management code
- scsi: aacraid: Added aacraid.h include guard
- scsi: aacraid: added support for init_struct_8
- scsi: aacraid: Added sa firmware support
- scsi: aacraid: Retrieve and update the device types
- scsi: aacraid: Reworked scsi command submission path
- scsi: aacraid: Process Error for response I/O
- scsi: aacraid: Added support for response path
- scsi: aacraid: Added support for read medium error
- scsi: aacraid: Reworked aac_command_thread
- scsi: aacraid: Added support for periodic wellness sync
- scsi: aacraid: Retrieve Queue Depth from Adapter FW
- scsi: aacraid: Added support to set QD of attached drives
- scsi: aacraid: Added support for hotplug
- scsi: aacraid: Include HBA direct interface
- scsi: aacraid: Add task management functionality
- scsi: aacraid: Added support to abort cmd and reset lun
- scsi: aacraid: VPD 83 type3 support
- scsi: aacraid: Added new IWBR reset
- scsi: aacraid: Added ioctl to trigger IOP/IWBR reset
- scsi: aacraid: Retrieve HBA host information ioctl
- scsi: aacraid: Update copyrights
- scsi: aacraid: Change Driver Version Prefix
- scsi: aacraid: update version
- scsi: aacraid: rcode is unsigned and should be signed int
- scsi: aacraid: avoid open-coded upper_32_bits
- scsi: aacraid: Fix camel case
- scsi: aacraid: Use correct channel number for raw srb
- scsi: aacraid: Fix for excessive prints on EEH
- scsi: aacraid: Prevent E3 lockup when deleting units
- scsi: aacraid: Fix memory leak in fib init path
- scsi: aacraid: Added sysfs for driver version
- scsi: aacraid: Fix sync fibs time out on controller reset
- scsi: aacraid: Skip wellness sync on controller failure
- scsi: aacraid: Reload offlined drives after controller reset
- scsi: aacraid: Decrease adapter health check interval
- scsi: aacraid: Skip IOP reset on controller panic(SMART Family)
- scsi: aacraid: Reorder Adapter status check
- scsi: aacraid: Save adapter fib log before an IOP reset
- scsi: aacraid: Fix a potential spinlock double unlock bug
- scsi: aacraid: Update driver version
- scsi: aacraid: Fixed expander hotplug for SMART family
* Ubuntu 17.04: "Oops: Exception in kernel mode, sig: 5 [#1]" seen during
fadump over ssh on Alpine machine. (LP: #1655241)
- Revert "UBUNTU: SAUCE: powerpc/fadump: set an upper limit for boot memory size"
- SAUCE: powerpc/fadump: set an upper limit for boot memory size (V2)
* CAPI:Ubuntu: Kernel panic while rebooting (LP: #1667599)
- pci/hotplug/pnv-php: Remove WARN_ON() in pnv_php_put_slot()
- pci/hotplug/pnv-php: Disable surprise hotplug capability on conflicts
- pci/hotplug/pnv-php: Disable MSI and PCI device properly
* Nvlink2: Additional patches (LP: #1667081)
- powerpc/powernv: Initialise nest mmu
- powerpc/powernv: Use OPAL call for TCE kill on NVLink2
- powerpc/mm: refactor radix physical page mapping
- powerpc/mm: add radix__create_section_mapping()
- powerpc/mm: add radix__remove_section_mapping()
- powerpc/mm: unstub radix__vmemmap_remove_mapping()
- [Config] Enforce CONFIG_MOVABLE_NODE=y for ppc64el
* PowerNV: No rate limit for kernel error "KVM can't copy data from"
(LP: #1667416)
- SAUCE: KVM: PPC: Book3S: Ratelimit copy data failure error messages
* Please disable unnecessary config options in the Ubuntu 17.04 kernel config
(LP: #1667490)
- [Config] Disable experimental IMA options
* POWER9: AST: Improve AST 2500 support (LP: #1667424)
- SAUCE: drm/ast: Handle configuration without P2A bridge
- SAUCE: drm/ast: const'ify mode setting tables
- SAUCE: drm/ast: Remove spurrious include
- SAUCE: drm/ast: Fix calculation of MCLK
- SAUCE: drm/ast: Base support for AST2500
- SAUCE: drm/ast: Fixed vram size incorrect issue on POWER
- SAUCE: drm/ast: Factor mmc_test code in POST code
- SAUCE: drm/ast: Rename ast_init_dram_2300 to ast_post_chip_2300
- SAUCE: drm/ast: POST code for the new AST2500
- SAUCE: drm/ast: Fix test for VGA enabled
- SAUCE: drm/ast: Call open_key before enable_mmio in POST code
* POWER9: Additional patches for 17.04 and 16.04.2 (LP: #1667116)
- powerpc/mm: Update PROTFAULT handling in the page fault path
- powerpc/mm/radix: Update pte update sequence for pte clear case
- powerpc/mm/radix: Use ptep_get_and_clear_full when clearing pte for full mm
- powerpc/mm/radix: Skip ptesync in pte update helpers
- SAUCE: powerpc/mm/hash: Always clear UPRT and Host Radix bits when setting up CPU
* POWER9: Improve PMU capabilites (LP: #1667413)
- powerpc/perf: use is_kernel_addr macro in perf_get_misc_flags()
- powerpc/perf: Avoid FAB_*_MATCH checks for power9
- powerpc/perf: Add restrictions to PMC5 in power9 DD1
- powerpc/perf: Use Instruction Counter value
- powerpc/perf: Use PM_INST_DISP for generic instructions sample
- powerpc/perf: Add alternative event table and function for power9
- powerpc/perf: Add PM_INST_DISP event to Power9 event list
- powerpc/perf: Factor out event_alternative function
* Miscellaneous Ubuntu changes
- [Config] CONFIG_QCOM_FALKOR_ERRATUM_1009=y
- [Config] CONFIG_QCOM_L2_PMU=y
- [Config] CONFIG_QCOM_FALKOR_ERRATUM_1003=y
- ubuntu: vbox -- Update to 5.1.14-dfsg-2
* Miscellaneous upstream changes
- arm64: errata: Provide macro for major and minor cpu revisions
- arm64: Define Falkor v1 CPU
- arm64: Use __tlbi() macros in KVM code
- arm64: Work around Falkor erratum 1009
- perf: add qcom l2 cache perf events driver
- arm64: arch_timer: document Hisilicon erratum 161010101
- arm64: Work around Falkor erratum 1003
- ACPI/IORT: Fix iort_node_get_id() mapping entries indexing
- net: qcom/emac: add ethtool support
- Revert "net: qcom/emac: configure the external phy to allow pause frames"
- net: qcom/emac: rename emac_phy to emac_sgmii and move it
- net: qcom/emac: claim the irq only when the device is opened
- net: qcom/emac: display the phy driver info after we connect
- net: qcom/emac: always use autonegotiation to configure the SGMII link
- net: qcom/emac: do not call emac_mac_start twice
- net: qcom/emac: remove extraneous wake-on-lan code
- net: qcom/emac: add an error interrupt handler for the sgmii
- net: qcom/emac: add ethool support for setting pause parameters
- net: qcom/emac: fix semicolon.cocci warnings
- net: qcom/emac: add ethtool support for reading hardware registers
- net: qcom/emac: add ethtool support for setting ring parameters
- net: qcom/emac: fix a sizeof() typo
linux (4.10.0-10.12) zesty; urgency=low
[ Tim Gardner ]
* Release Tracking Bug
- LP: #1666636
* POWER9 : Enable Stop 0-2 with ESL=EC=0 (LP: #1666197)
- powernv:idle: Add IDLE_STATE_ENTER_SEQ_NORET macro
- powernv:stop: Rename pnv_arch300_idle_init to pnv_power9_idle_init
- cpuidle:powernv: Add helper function to populate powernv idle states.
- powernv: Pass PSSCR value and mask to power9_idle_stop
- Documentation:powerpc: Add device-tree bindings for power-mgt
* ecryptfs fails to load block cipher on ppc64el (LP: #1666483)
- [Config] CONFIG_CRYPTO_DEV_VMX=n
* [ubuntu 16.10] Enable OPTPROBES for powerpc (LP: #1585741)
- powerpc/bpf: Introduce __PPC_SH64()
- powerpc: Add helper to check if offset is within relative branch range
- powerpc/kprobes: Fixes for kprobe_lookup_name() on BE
- powerpc/kprobes: Implement Optprobes
- powerpc/kprobes: Optimize kprobe in kretprobe_trampoline()
* Miscellaneous Ubuntu changes
- [Config] CONFIG_QCOM_IRQ_COMBINER=y
- [Config] CONFIG_ARM_ARCH_TIMER_OOL_WORKAROUND=y
- [Config] CONFIG_HISILICON_ERRATUM_161010101=y
* Miscellaneous upstream changes
- ACPI: Generic GSI: Do not attempt to map non-GSI IRQs during bus scan
- ACPI: Add support for ResourceSource/IRQ domain mapping
- irqchip/qcom: Add IRQ combiner driver
- clocksource/drivers/arm_arch_timer: Add dt binding for hisilicon-161010101 erratum
- clocksource/drivers/arm_arch_timer: Remove fsl-a008585 parameter
- clocksource/drivers/arm_arch_timer: Introduce generic errata handling infrastructure
- clocksource/drivers/arm_arch_timer: Work around Hisilicon erratum 161010101
- iommu/dma: Allow MSI-only cookies
- iommu: Rename iommu_dm_regions into iommu_resv_regions
- iommu: Add a new type field in iommu_resv_region
- iommu: iommu_alloc_resv_region
- iommu: Only map direct mapped regions
- iommu: iommu_get_group_resv_regions
- iommu: Implement reserved_regions iommu-group sysfs file
- iommu/vt-d: Implement reserved region get/put callbacks
- iommu/amd: Declare MSI and HT regions as reserved IOVA regions
- iommu/arm-smmu: Implement reserved region get/put callbacks
- iommu/arm-smmu-v3: Implement reserved region get/put callbacks
- irqdomain: Add irq domain MSI and MSI_REMAP flags
- genirq/msi: Set IRQ_DOMAIN_FLAG_MSI on MSI domain creation
- irqdomain: irq_domain_check_msi_remap
- irqchip/gicv3-its: Sets IRQ_DOMAIN_FLAG_MSI_REMAP
- vfio/type1: Allow transparent MSI IOVA allocation
- vfio/type1: Check MSI remapping at irq domain level
- iommu/arm-smmu: Do not advertise IOMMU_CAP_INTR_REMAP anymore
- iommu/arm-smmu-v3: Clear prior settings when updating STEs
- iommu/arm-smmu-v3: limit use of 2-level stream tables
- iommu/arm-smmu: Support for Extended Stream ID (16 bit)
- iommu/arm-smmu: Fix for ThunderX erratum #27704
linux (4.10.0-9.11) zesty; urgency=low
[ Tim Gardner ]
* Release Tracking Bug
- LP: #1666214
* linux: disable CONFIG_PCIEPORTBUS in the kernel (LP: #1665404)
- [Config] CONFIG_PCIEPORTBUS=n for ppc64el
* linux-lts-xenial 4.4.0-63.84~14.04.2 ADT test failure with linux-lts-xenial
4.4.0-63.84~14.04.2 (LP: #1664912)
- SAUCE: apparmor: fix link auditing failure due to, uninitialized var
* Ubuntu 17.04: "Oops: Exception in kernel mode, sig: 5 [#1]" seen during
fadump over ssh on Alpine machine. (LP: #1655241)
- SAUCE: powerpc/fadump: set an upper limit for boot memory size
* In Ubuntu 17.04 : after reboot getting message in console like Unable to
open file: /etc/keys/x509_ima.der (-2) (LP: #1656908)
- SAUCE: ima: Downgrade error to warning
* NFS client : permission denied when trying to access subshare, since kernel
4.4.0-31 (LP: #1649292)
- fs: Better permission checking for submounts
* Miscellaneous Ubuntu changes
- SAUCE: (noup) Update spl to 0.6.5.9-1, zfs to 0.6.5.9-2
- [Config] CONFIG_SCSI_HISI_SAS=m on arm64
- d-i: Add hisi_sas_v2_hw to scsi-modules
- d-i: Add hns_enet_drv to nic-modules
- d-i: Add supporting modules for hns_enet_drv to nic-modules
- rebase to v4.10
[ Upstream Kernel Changes ]
* rebase to v4.10
linux (4.10.0-8.10) zesty; urgency=low
[ Tim Gardner ]
* Release Tracking Bug
- LP: #1664217
* [Hyper-V] Bug fixes for storvsc (tagged queuing, error conditions)
(LP: #1663687)
- scsi: storvsc: Enable tracking of queue depth
- scsi: storvsc: Remove the restriction on max segment size
- scsi: storvsc: Enable multi-queue support
- scsi: storvsc: use tagged SRB requests if supported by the device
- scsi: storvsc: properly handle SRB_ERROR when sense message is present
- scsi: storvsc: properly set residual data length on errors
* Ubuntu16.10-KVM:Big configuration with multiple guests running SRIOV VFs
caused KVM host hung and all KVM guests down. (LP: #1651248)
- KVM: PPC: Book 3S: XICS cleanup: remove XICS_RM_REJECT
- KVM: PPC: Book 3S: XICS: correct the real mode ICP rejecting counter
- KVM: PPC: Book 3S: XICS: Fix potential issue with duplicate IRQ resends
- KVM: PPC: Book 3S: XICS: Implement ICS P/Q states
- KVM: PPC: Book 3S: XICS: Don't lock twice when checking for resend
* overlay: mkdir fails if directory exists in lowerdir in a user namespace
(LP: #1531747)
- SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs
* CVE-2016-1575 (LP: #1534961)
- SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs
* CVE-2016-1576 (LP: #1535150)
- SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs
* Miscellaneous Ubuntu changes
- SAUCE: md/raid6 algorithms: scale test duration for speedier boots
- SAUCE: Import aufs driver
- d-i: Build message-modules udeb for arm64
- rebase to v4.10-rc8
* Miscellaneous upstream changes
- Revert "UBUNTU: SAUCE: aufs -- remove .readlink assignment"
- Revert "UBUNTU: SAUCE: (no-up) aufs: for v4.9-rc1, support setattr_prepare()"
- Revert "UBUNTU: SAUCE: aufs -- Add flags argument to aufs_rename()"
- Revert "UBUNTU: SAUCE: aufs -- Convert to use xattr handlers"
- Revert "UBUNTU: SAUCE: Import aufs driver"
[ Upstream Kernel Changes ]
* rebase to v4.10-rc8
linux (4.10.0-7.9) zesty; urgency=low
[ Tim Gardner ]
* Release Tracking Bug
- LP: #1662201
* AMDGPU support for CIK parts in kernel config? (LP: #1661887)
- [Config] CONFIG_DRM_AMDGPU_CIK=y
* regession tests failing after stackprofile test is run (LP: #1661030)
- fix regression with domain change in complain mode
* Permission denied and inconsistent behavior in complain mode with 'ip netns
list' command (LP: #1648903)
- fix regression with domain change in complain mode
* flock not mediated by 'k' (LP: #1658219)
- SAUCE: apparmor: flock mediation is not being enforced on cache check
* unexpected errno=13 and disconnected path when trying to open /proc/1/ns/mnt
from a unshared mount namespace (LP: #1656121)
- SAUCE: apparmor: null profiles should inherit parent control flags
* apparmor refcount leak of profile namespace when removing profiles
(LP: #1660849)
- SAUCE: apparmor: fix ns ref count link when removing profiles from policy
* tor in lxd: apparmor="DENIED" operation="change_onexec"
namespace="root//CONTAINERNAME_<var-lib-lxd>" profile="unconfined"
name="system_tor" (LP: #1648143)
- SAUCE: apparmor: Fix no_new_privs blocking change_onexec when using stacked
namespaces
* apparmor_parser hangs indefinitely when called by multiple threads
(LP: #1645037)
- SAUCE: apparmor: fix lock ordering for mkdir
* apparmor leaking securityfs pin count (LP: #1660846)
- SAUCE: apparmor: fix leak on securityfs pin count
* apparmor reference count leak when securityfs_setup_d_inode\ () fails
(LP: #1660845)
- SAUCE: apparmor: fix reference count leak when securityfs_setup_d_inode()
fails
* apparmor not checking error if security_pin_fs() fails (LP: #1660842)
- SAUCE: apparmor: fix not handling error case when securityfs_pin_fs() fails
* apparmor oops in bind_mnt when dev_path lookup fails (LP: #1660840)
- SAUCE: apparmor: fix oops in bind_mnt when dev_path lookup fails
* apparmor auditing denied access of special apparmor .null fi\ le
(LP: #1660836)
- SAUCE: apparmor: Don't audit denied access of special apparmor .null file
* apparmor label leak when new label is unused (LP: #1660834)
- SAUCE: apparmor: fix label leak when new label is unused
* apparmor reference count bug in label_merge_insert() (LP: #1660833)
- SAUCE: apparmor: fix reference count bug in label_merge_insert()
* apparmor's raw_data file in securityfs is sometimes truncated (LP: #1638996)
- SAUCE: apparmor: fix replacement race in reading rawdata
* unix domain socket cross permission check failing with nested namespaces
(LP: #1660832)
- SAUCE: apparmor: fix cross ns perm of unix domain sockets
* Regression tests can not detect binfmt_elf mmpa semantic change
(LP: #1630069)
- SAUCE: apparmor: add flag to detect semantic change, to binfmt_elf mmap
* Support snaps inside of lxd containers (LP: #1611078)
- apparmor: add interface to be able to grab loaded policy
- apparmor: refactor aa_prepare_ns into prepare_ns and create_ns routines
- apparmor: add __aa_find_ns fn
- apparmor: add mkdir/rmdir interface to manage policy namespaces
- apparmor: fix oops in pivot_root mediation
- apparmor: fix warning that fn build_pivotroot discards const
- apparmor: add interface to advertise status of current task stacking
- apparmor: update policy permissions to consider ns being viewed/managed
- apparmor: add per ns policy management interface
- apparmor: bump domain stacking version to 1.2
* change_hat is logging failures during expected hat probing (LP: #1615893)
- SAUCE: apparmor: Fix auditing behavior for change_hat probing
* deleted files outside of the namespace are not being treated as disconnected
(LP: #1615892)
- SAUCE: apparmor: deleted dentries can be disconnected
* stacking to unconfined in a child namespace confuses mediation
(LP: #1615890)
- SAUCE: apparmor: special case unconfined when determining the mode
* apparmor module parameters can be changed after the policy is locked
(LP: #1615895)
- SAUCE: apparmor: fix: parameters can be changed after policy is locked
* AppArmor profile reloading causes an intermittent kernel BUG (LP: #1579135)
- SAUCE: apparmor: fix vec_unique for vectors larger than 8
* label vec reductions can result in reference labels instead of direct access
to labels (LP: #1615889)
- SAUCE: apparmor: reduction of vec to single entry is just that entry
* profiles from different namespaces can block other namespaces from being
able to load a profile (LP: #1615887)
- SAUCE: apparmor: profiles in one ns can affect mediation in another ns
* The label build for onexec when stacking is wrong (LP: #1615881)
- SAUCE: apparmor: Fix label build for onexec stacking.
* The inherit check for new to old label comparison for domain transitions is
wrong (LP: #1615880)
- SAUCE: apparmor: Fix new to old label comparison for domain transitions
* warning stack trace while playing with apparmor namespaces (LP: #1593874)
- SAUCE: apparmor: fix stack trace when removing namespace with profiles
* __label_update proxy comparison test is wrong (LP: #1615878)
- SAUCE: apparmor: Fix __label_update proxy comparison test
* reading /sys/kernel/security/apparmor/profiles requires CAP_MAC_ADMIN
(LP: #1560583)
- SAUCE: apparmor: Allow ns_root processes to open profiles file
- SAUCE: apparmor: Consult sysctl when reading profiles in a user ns
* policy namespace stacking (LP: #1379535)
- SAUCE: (no-up) apparmor: rebase of apparmor3.5-beta1 snapshot for 4.8
- SAUCE: add a sysctl to enable unprivileged user ns AppArmor policy loading
* brd module compiled as built-in (LP: #1593293)
- [Config] CONFIG_BLK_DEV_RAM=m
* Miscellaneous Ubuntu changes
- SAUCE: apparmor: Fix FTBFS due to bad include path
- SAUCE: apparmor: add data query support
- rebase to v4.10-rc7
* Miscellaneous upstream changes
- fixup backout policy view capable for forward port
- apparmor: fix: Rework the iter loop for label_update
- apparmor: add more assertions for updates/merges to help catch errors
- apparmor: Make pivot root transitions work with stacking
- apparmor: convert delegating deleted files to mediate deleted files
- apparmor: add missing parens. not a bug fix but highly recommended
- apparmor: add a stack_version file to allow detection of bug fixes
- apparmor: push path lookup into mediation loop
- apparmor: default to allowing unprivileged userns policy
- apparmor: fix: permissions test to view and manage policy
- apparmor: Add Basic ns cross check condition for ipc
[ Upstream Kernel Changes ]
* rebase to v4.10-rc7
linux (4.10.0-6.8) zesty; urgency=low
[ Tim Gardner ]
* Release Tracking Bug
- LP: #1661300
* flock not mediated by 'k' (LP: #1658219)
- SAUCE: apparmor: flock mediation is not being enforced on cache check
* unexpected errno=13 and disconnected path when trying to open /proc/1/ns/mnt
from a unshared mount namespace (LP: #1656121)
- SAUCE: apparmor: null profiles should inherit parent control flags
* apparmor refcount leak of profile namespace when removing profiles
(LP: #1660849)
- SAUCE: apparmor: fix ns ref count link when removing profiles from policy
* tor in lxd: apparmor="DENIED" operation="change_onexec"
namespace="root//CONTAINERNAME_<var-lib-lxd>" profile="unconfined"
name="system_tor" (LP: #1648143)
- SAUCE: apparmor: Fix no_new_privs blocking change_onexec when using stacked
namespaces
* apparmor_parser hangs indefinitely when called by multiple threads
(LP: #1645037)
- SAUCE: apparmor: fix lock ordering for mkdir
* apparmor leaking securityfs pin count (LP: #1660846)
- SAUCE: apparmor: fix leak on securityfs pin count
* apparmor reference count leak when securityfs_setup_d_inode\ () fails
(LP: #1660845)
- SAUCE: apparmor: fix reference count leak when securityfs_setup_d_inode()
fails
* apparmor not checking error if security_pin_fs() fails (LP: #1660842)
- SAUCE: apparmor: fix not handling error case when securityfs_pin_fs() fails
* apparmor oops in bind_mnt when dev_path lookup fails (LP: #1660840)
- SAUCE: apparmor: fix oops in bind_mnt when dev_path lookup fails
* apparmor auditing denied access of special apparmor .null fi\ le
(LP: #1660836)
- SAUCE: apparmor: Don't audit denied access of special apparmor .null file
* apparmor label leak when new label is unused (LP: #1660834)
- SAUCE: apparmor: fix label leak when new label is unused
* apparmor reference count bug in label_merge_insert() (LP: #1660833)
- SAUCE: apparmor: fix reference count bug in label_merge_insert()
* apparmor's raw_data file in securityfs is sometimes truncated (LP: #1638996)
- SAUCE: apparmor: fix replacement race in reading rawdata
* unix domain socket cross permission check failing with nested namespaces
(LP: #1660832)
- SAUCE: apparmor: fix cross ns perm of unix domain sockets
* Kdump through NMI SMP and single core not working on Ubuntu16.10
(LP: #1630924)
- hv: don't reset hv_context.tsc_page on crash
* [17.04 FEAT] Integrate kernel message catalogue for s390x into Ubuntu
distribution (LP: #1628889)
- SAUCE: s390: kernel message catalog
* Miscellaneous Ubuntu changes
- [Config] Drop powerpc ABI files
linux (4.10.0-5.7) zesty; urgency=low
* [regression 4.8.0-14 -> 4.8.0-17] keyboard and touchscreen lost on Acer
Chromebook R11 (LP: #1630238)
- [Config] CONFIG_TOUCHSCREEN_ELAN=y,CONFIG_PINCTRL_CHERRYVIEW=y for amd64
* Enable CONFIG_NET_DROP_MONITOR=m in Ubuntu Kernel (LP: #1660634)
- [Config] Update annotations for CONFIG_NET_DROP_MONITOR
* Miscellaneous Ubuntu changes
- d-i: initrd needs msm_emac on amberwing platform.
- [Config] Remove powerpc architecture builds
- [Config] updateconfigs after removing powerpc configs
- [Config] Update annotations after removing powerpc configs
- SAUCE: Disable timers selftest for now
- Rebase to v4.10-rc6
- SAUCE: (no-up) Update zfs to 0.6.5.8-0ubuntu9
- Enable zfs build
- [Config] CONFIG_NET_DROP_MONITOR=m
[ Upstream Kernel Changes ]
* rebase to v4.10-rc6
linux (4.10.0-4.6) zesty; urgency=low
* Miscellaneous upstream changes
- Revert "UBUNTU: Disable all flavors for the powerpc architecture"
linux (4.10.0-3.5) zesty; urgency=low
* KVM module handling different per Architecture - ppc64el (LP: #1657734)
- [Config] powerpc: Add kvm-hv and kvm-pr to the generic inclusion list
* ENA network driver moved to -extra (LP: #1657767)
- [Config] Move Amazon ENA network driver to the main kernel package
* [Hyper-V] mkfs regression in 4.10 fixed by patch in "for-4.11"
(LP: #1657539)
- block: relax check on sg gap
* i915 module requests unreleased GUC firmware files (LP: #1626740)
- SAUCE: (no-up) i915: Remove MODULE_FIRMWARE statements for unreleased
firmware
* [17.04 FEAT] Integrate kernel message catalogue for s390x into Ubuntu
distribution (LP: #1628889)
- [Config] CONFIG_KMSG_IDS=y for s390
- SAUCE: s390 Kernel message catalog
* Miscellaneous Ubuntu changes
- ubuntu: vbox -- Update to 5.1.14-dfsg-1
- SAUCE: vbox -- remove .readlink assignment
- Enable vbox build
- [Config] CONFIG_DEFAULT_IOSCHED=cfq
- [Config] Bump CONFIG_NR_CPUS up to 256 on arm64
- [Config] Fix up s390x config options changed during 4.10 rebase
- [Config] Update annotations for 4.10
- Disable all flavors for the powerpc architecture
[ Upstream Kernel Changes ]
* rebase to v4.10-rc5
linux (4.10.0-2.4) zesty; urgency=low
* Move some kernel modules to the main kernel package (part 2) (LP: #1655002)
- [Config] Add IBM power drivers to the inclusion list
* Miscellaneous Ubuntu changes
- [Config] linux-source Provides should not be a macro
- [Config] Correct the note URL for LATENCYTOP
- rebase to v4.10-rc4
[ Upstream Kernel Changes ]
* rebase to v4.10-rc4
linux (4.10.0-1.3) zesty; urgency=low
[ Upstream Kernel Changes ]
* rebase to v4.10-rc3
linux (4.10.0-0.2) zesty; urgency=low
* [17.04 FEAT] Build IMA and the TPM device drivers into the KVM on POWER
host/NV kernel (LP: #1643652)
- [Config] Update and enforce IMA options
* Miscellaneous Ubuntu changes
- [Config] Disble stack protector for powerpc-smp
linux (4.10.0-0.1) zesty; urgency=low
* IP-over-DDP packets dropped (LP: #1559772)
- [Config] CONFIG_IPDDP=n
* Miscellaneous Ubuntu changes
- [Config] Update annotations with recent config changes
- SAUCE: aufs -- remove .readlink assignment
- disable vbox build
- disable ZFS build
[ Upstream Kernel Changes ]
* rebase to v4.10-rc2
linux (4.9.0-11.12) zesty; urgency=low
* Miscellaneous Ubuntu changes
- UBUNTU: SAUCE: Add '-fno-pie -no-pie' to cflags for x86 selftests
- UBUNTU: SAUCE: (no-up) aufs: for v4.9-rc1, support setattr_prepare()
[ Upstream Kernel Changes ]
* rebase to v4.9
linux (4.9.0-10.11) zesty; urgency=low
* d-i is missing usb support for platforms that use the xhci-platform driver
(LP: #1625222)
- d-i initrd needs additional usb modules to support the merlin platform
* Miscellaneous Ubuntu changes
- SAUCE: Import aufs driver
- SAUCE: aufs -- Convert to use xattr handlers
- SAUCE: aufs -- Add flags argument to aufs_rename()
- [Config] Enable aufs
- [Config] CONFIG_FSL_FMAN=y for powerpc
- SAUCE: powerpc64: Fix legacy cmpi mneomonic assumption
- [Config] Restore powerpc64-emb
linux (4.9.0-9.10) zesty; urgency=low
* Kernel Fixes to get TCMU File Backed Optical to work (LP: #1646204)
- SAUCE: target/user: Fix use-after-free of tcmu_cmds if they are expired
* Yakkety: arm64: CONFIG_ARM64_ERRATUM_845719 isn't enabled (LP: #1647793)
- [Config] CONFIG_ARM64_ERRATUM_845719=y
* Update hio driver to 2.1.0.28 (LP: #1646643)
- SAUCE: hio: update to Huawei ES3000_V2 (2.1.0.28)
* Miscellaneous Ubuntu changes
- ubuntu: vbox -- Update to 5.1.10-dfsg-2
- Build vbox for ARCH=x86
- SAUCE: Add aufs driver
- SAUCE: aufs -- Convert to use xattr handlers
- SAUCE: aufs -- Updates for rename2
- SAUCE: Export symbols used by aufs
- [Config] Enable aufs
linux (4.9.0-8.9) zesty; urgency=low
* Miscellaneous Ubuntu changes
- SAUCE: xr-usb-serial: only build for x86
Fixes s390x FTBS
linux (4.9.0-7.8) zesty; urgency=low
* Driver for Exar USB UART (LP: #1645591)
- SAUCE: xr-usb-serial: Driver for Exar USB serial ports
- SAUCE: xr-usb-serial: interface for switching modes
- SAUCE: cdc-acm: Exclude Exar USB serial ports
[ Upstream Kernel Changes ]
* rebase to v4.9-rc8
linux (4.9.0-6.7) zesty; urgency=low
* Miscellaneous Ubuntu changes
- Set build_arch=x86 for i386
linux (4.9.0-5.6) zesty; urgency=low
* Miscellaneous Ubuntu changes
- [Debian] restore tools build
- Set build_arch=x86 for amd64 and x32
linux (4.9.0-4.5) zesty; urgency=low
* linux: Staging modules should be unsigned (LP: #1642368)
- [Debian] Suppress module signing for staging drivers
- SAUCE: Add rtl drivers to signature inclusion list
* [17.04 FEAT] Build IMA and the TPM device drivers into the KVM on POWER
host/NV kernel (LP: #1643652)
- [Config] CONFIG_IMA=y
* Miscellaneous Ubuntu changes
- [Debian] config-check -- Make it easier to find annotations syntax errors
- [Config] Enable various drivers for ARM platforms
- [Config] Fix s390x config carnage
- [Config] Set CONFIG_KEXEC=y for all architectures
- [Config] Fix up CONFIG_I2C_SLAVE values
- [Config] Set CONFIG_WLAN_VENDOR_TI=y for all supported kernels
- [Config] Set CONFIG_PWM_PCA9685=m for amd64 and i386
- [Config] Set CONFIG_ZONE_DMA=m for amd64-generic
- [Config] Update annotations
- [Config] CONFIG_NR_CPUS=8192 for amd64
linux (4.9.0-3.4) zesty; urgency=low
* Miscellaneous Ubuntu changes
- SAUCE: (namespace) security/integrity: Harden against malformed xattrs
- SAUCE: (namespace) block_dev: Support checking inode permissions in lookup_bdev()
- SAUCE: (namespace) block_dev: Check permissions towards block device inode when mounting
- SAUCE: (namespace) mtd: Check permissions towards mtd block device inode when mounting
- SAUCE: (namespace) fs: Allow superblock owner to change ownership of inodes
- SAUCE: (namespace) fs: Don't remove suid for CAP_FSETID for userns root
- SAUCE: (namespace) fs: Allow superblock owner to access do_remount_sb()
- SAUCE: (namespace) capabilities: Allow privileged user in s_user_ns to set security.* xattrs
- SAUCE: (namespace) fs: Allow CAP_SYS_ADMIN in s_user_ns to freeze and thaw filesystems
- SAUCE: (namespace) posix_acl: Export posix_acl_fix_xattr_userns() to modules
- SAUCE: (namespace) fuse: Add support for pid namespaces
- SAUCE: (namespace) fuse: Support fuse filesystems outside of init_user_ns
- SAUCE: (namespace) fuse: Translate ids in posix acl xattrs
- SAUCE: (namespace) fuse: Restrict allow_other to the superblock's namespace or a descendant
- SAUCE: (namespace) fuse: Allow user namespace mounts
- SAUCE: (namespace) ext4: Add support for unprivileged mounts from user namespaces
- SAUCE: (namespace) ext4: Add module parameter to enable user namespace mounts
- SAUCE: (namespace) block_dev: Forbid unprivileged mounting when device is opened for writing
- SAUCE: (noup) Update spl to 0.6.5.8-0ubuntu7, zfs to 0.6.5.8-2ubuntu1
* Miscellaneous upstream changes
- Revert "UBUNTU: SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs"
[ Upstream Kernel Changes ]
* rebase to v4.9-rc7
linux (4.9.0-2.3) zesty; urgency=low
* Fix Kernel Crashing under IBM Virtual Scsi Driver (LP: #1642299)
- SAUCE: ibmvscsis: Rearrange functions for future patches
- SAUCE: ibmvscsis: Synchronize cmds at tpg_enable_store time
- SAUCE: ibmvscsis: Synchronize cmds at remove time
- SAUCE: ibmvscsis: Clean up properly if target_submit_cmd/tmr fails
- SAUCE: ibmvscsis: Return correct partition name/# to client
- SAUCE: ibmvscsis: Issues from Dan Carpenter/Smatch
* Move some kernel modules to the main kernel package (LP: #1642228)
- [Config] Move some powerpc kernel modules to the main kernel package
* linux: Staging modules should be unsigned (LP: #1642368)
- [Debian] Suppress module signing for staging drivers
* Miscellaneous Ubuntu changes
- SAUCE: UEFI: bpf: disable bpf when module security is enabled
[ Upstream Kernel Changes ]
* rebase to v4.9-rc6
linux (4.9.0-1.2) zesty; urgency=low
* hio: SSD data corruption under stress test (LP: #1638700)
- SAUCE: hio: set bi_error field to signal an I/O error on a BIO
- SAUCE: hio: splitting bio in the entry of .make_request_fn
* hio Ubuntu sauce driver needs porting to 4.8 (LP: #1635594)
- SAUCE: import Huawei ES3000_V2 (2.1.0.23)
- SAUCE: hio: bio_endio() no longer takes errors arg
- SAUCE: hio: blk_queue make_request_fn now returns a blk_qc_t
- SAUCE: hio: use alloc_cpumask_var to avoid -Wframe-larger-than
- SAUCE: hio: fix mask maybe-uninitialized warning
- SAUCE: hio: port to v4.8 base
- [config] enable CONFIG_HIO (Huawei ES3000_V2 PCIe SSD driver)
- SAUCE: hio: Makefile and Kconfig
- [Config] Enforce CONFIG_HIO
* Miscellaneous Ubuntu changes
- rebase to v4.9-rc5
- zfs: remove the never implemented aio_fsync file operation
- [Config] Disable powerpc64-emb for FTBS
[ Upstream Kernel Changes ]
* rebase to v4.9-rc5
linux (4.9.0-0.1) zesty; urgency=low
[ Upstream Kernel Changes ]
* rebase to v4.9-rc4
- LP: #1465724
- LP: #1535802
linux (4.9.0-0.0) yakkety; urgency=low
[ Seth Forshee ]
* Release Tracking Bug
- LP: #1632918
* Revert "If zone is so small that watermarks are the same, stop zone balance"
in yakkety (LP: #1632894)
- Revert "UBUNTU: SAUCE: (no-up) If zone is so small that watermarks are the
same, stop zone balance."
Date: 2017-03-06 17:36:15.545797+00:00
Changed-By: Tim Gardner <tim.gardner at canonical.com>
https://launchpad.net/ubuntu/+source/linux-raspi2/4.10.0-1000.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Zesty-changes
mailing list