Bug #1832624 “[UBUNTU] kernel: Fix wrong dispatching for control...” : Bugs : linux package : Ubuntu

bugproxy (bugproxy) on 2019-06-12

tags:	added: architecture-s39064 bugnameltc-178125 severity-high targetmilestone-inin1910
Changed in ubuntu:
assignee:	nobody → Skipper Bug Screeners (skipper-screen-team)
affects:	ubuntu → linux (Ubuntu)

Andrew Cloke (andrew-cloke) on 2019-06-12

Changed in ubuntu-z-systems:
importance:	Undecided → High
assignee:	nobody → Canonical Kernel Team (canonical-kernel-team)

Revision history for this message

Frank Heimes (fheimes) wrote on 2019-06-17:

#1

Commit ID got upstream accepted with kernel v5.2-rc3, so will be automatically part of 19.10, when target kernel 5.2 finally lands in eoan.
Kernel SRU needed for 19.04 and 18.04.

Changed in ubuntu-z-systems:
status:	New → Triaged

Si Watt (s1w4tt29) on 2019-06-18

Changed in ubuntu-z-systems:
status:	Triaged → In Progress

Revision history for this message

bugproxy (bugproxy) wrote on 2019-06-18: Here is a backport of the upstream patch.

#2

Here is a backport of the upstream patch. Edit (6.2 KiB, text/plain)

------- Comment (attachment only) From <email address hidden> 2019-06-18 09:50 EDT-------

Revision history for this message

Harald Freudenberger (freude-5) wrote on 2019-06-26:

#3

s390-zcrypt-Fix-wrong-dispatching-for-control-domain.ubuntu_bionic.patch Edit (6.2 KiB, text/plain)

Here is a backport done against
git clone git://kernel.ubuntu.com/ubuntu/ubuntu-bionic --branch master-next --single-branch

Please note, I just did the technical backport without any compiler involvement or similar.
However, as I am the owner of this code, it should apply and compile cleanly.

regards Harald Freudenberger

Ubuntu Foundations Team Bug Bot (crichton) on 2019-06-26

tags:

added: patch

Revision history for this message

Frank Heimes (fheimes) wrote on 2019-06-26:

#4

The new backport/patch applies nicely on the bionic-next tree - thx Harald!

Frank Heimes (fheimes) on 2019-06-27

description:

updated

Frank Heimes (fheimes) on 2019-06-27

description:

updated

Frank Heimes (fheimes) on 2019-06-27

Changed in ubuntu-z-systems:
status:	In Progress → Triaged

Frank Heimes (fheimes) on 2019-06-27

Changed in ubuntu-z-systems:
status:	Triaged → Confirmed

Revision history for this message

Frank Heimes (fheimes) wrote on 2019-06-27:

#5

Kernel SRU request submitted:
https://lists.ubuntu.com/archives/kernel-team/2019-June/thread.html#101687

Changed in linux (Ubuntu):
status:	New → In Progress
Changed in ubuntu-z-systems:
status:	Confirmed → In Progress

Stefan Bader (smb) on 2019-07-01

Changed in linux (Ubuntu Bionic):
importance:	Undecided → Medium
Changed in linux (Ubuntu Disco):
importance:	Undecided → Medium

Kleber Sacilotto de Souza (kleber-souza) on 2019-07-01

Changed in linux (Ubuntu Bionic):
status:	New → Fix Committed
Changed in linux (Ubuntu Disco):
status:	New → Fix Committed

Revision history for this message

Frank Heimes (fheimes) wrote on 2019-07-01:

#6

Waiting to set 'linux (Ubuntu)' to Fix Committed or Fix Released until Eoan's target kernel 5.2 (or higher) hits the archive ...

Frank Heimes (fheimes) on 2019-07-02

Changed in ubuntu-z-systems:
status:	In Progress → Fix Committed

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2019-07-03:

#7

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-disco' to 'verification-done-disco'. If the problem still exists, change the tag 'verification-needed-disco' to 'verification-failed-disco'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: verification-needed-disco

Revision history for this message

bugproxy (bugproxy) wrote on 2019-07-03: Comment bridged from LTC Bugzilla

#8

------- Comment From <email address hidden> 2019-07-03 08:39 EDT-------
Already verfied upstream by IBM

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2019-07-03:

#9

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-bionic' to 'verification-done-bionic'. If the problem still exists, change the tag 'verification-needed-bionic' to 'verification-failed-bionic'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: verification-needed-bionic

Revision history for this message

Frank Heimes (fheimes) wrote on 2019-07-03:

#10

Due to comment #8 (where I got notified by IBM that it should be 'verified upfront' rather than 'upstream', which is a typo) I'm adjusting the tags to verified-done.

tags:

added: verification-done-bionic verification-done-disco
removed: verification-needed-bionic verification-needed-disco

Revision history for this message

Launchpad Janitor (janitor) wrote on 2019-07-22:

#11

Download full text (11.2 KiB)

This bug was fixed in the package linux - 4.15.0-55.60

---------------
linux (4.15.0-55.60) bionic; urgency=medium

* linux: 4.15.0-55.60 -proposed tracker (LP: #1834954)

  * Request backport of ceph commits into bionic (LP: #1834235)
    - ceph: use atomic_t for ceph_inode_info::i_shared_gen
    - ceph: define argument structure for handle_cap_grant
    - ceph: flush pending works before shutdown super
    - ceph: send cap releases more aggressively
    - ceph: single workqueue for inode related works
    - ceph: avoid dereferencing invalid pointer during cached readdir
    - ceph: quota: add initial infrastructure to support cephfs quotas
    - ceph: quota: support for ceph.quota.max_files
    - ceph: quota: don't allow cross-quota renames
    - ceph: fix root quota realm check
    - ceph: quota: support for ceph.quota.max_bytes
    - ceph: quota: update MDS when max_bytes is approaching
    - ceph: quota: add counter for snaprealms with quota
    - ceph: avoid iput_final() while holding mutex or in dispatch thread

* QCA9377 isn't being recognized sometimes (LP: #1757218)
- SAUCE: USB: Disable USB2 LPM at shutdown

  * hns: fix ICMP6 neighbor solicitation messages discard problem (LP: #1833140)
    - net: hns: fix ICMP6 neighbor solicitation messages discard problem
    - net: hns: fix unsigned comparison to less than zero

* Fix occasional boot time crash in hns driver (LP: #1833138)
- net: hns: Fix probabilistic memory overwrite when HNS driver initialized

* use-after-free in hns_nic_net_xmit_hw (LP: #1833136)
- net: hns: fix KASAN: use-after-free in hns_nic_net_xmit_hw()

  * hns: attempt to restart autoneg when disabled should report error
    (LP: #1833147)
    - net: hns: Restart autoneg need return failed when autoneg off

  * systemd 237-3ubuntu10.14 ADT test failure on Bionic ppc64el (test-seccomp)
    (LP: #1821625)
    - powerpc: sys_pkey_alloc() and sys_pkey_free() system calls
    - powerpc: sys_pkey_mprotect() system call

  * [UBUNTU] pkey: Indicate old mkvp only if old and curr. mkvp are different
    (LP: #1832625)
    - pkey: Indicate old mkvp only if old and current mkvp are different

  * [UBUNTU] kernel: Fix gcm-aes-s390 wrong scatter-gather list processing
    (LP: #1832623)
    - s390/crypto: fix gcm-aes-s390 selftest failures

  * System crashes on hot adding a core with drmgr command (4.15.0-48-generic)
    (LP: #1833716)
    - powerpc/numa: improve control of topology updates
    - powerpc/numa: document topology_updates_enabled, disable by default

  * Kernel modules generated incorrectly when system is localized to a non-
    English language (LP: #1828084)
    - scripts: override locale from environment when running recordmcount.pl

  * [UBUNTU] kernel: Fix wrong dispatching for control domain CPRBs
    (LP: #1832624)
    - s390/zcrypt: Fix wrong dispatching for control domain CPRBs

  * CVE-2019-11815
    - net: rds: force to destroy connection if t_sock is NULL in
      rds_tcp_kill_sock().

  * Sound device not detected after resume from hibernate (LP: #1826868)
    - drm/i915: Force 2*96 MHz cdclk on glk/cnl when audio power is enabled
    - drm/i915: Save the old CDCLK atomic state
...

This bug was fixed in the package linux - 4.15.0-55.60

---------------
linux (4.15.0-55.60) bionic; urgency=medium

* linux: 4.15.0-55.60 -proposed tracker (LP: #1834954)

* Request backport of ceph commits into bionic (LP: #1834235)
    - ceph: use atomic_t for ceph_inode_info::i_shared_gen
    - ceph: define argument structure for handle_cap_grant
    - ceph: flush pending works before shutdown super
    - ceph: send cap releases more aggressively
    - ceph: single workqueue for inode related works
    - ceph: avoid dereferencing invalid pointer during cached readdir
    - ceph: quota: add initial infrastructure to support cephfs quotas
    - ceph: quota: support for ceph.quota.max_files
    - ceph: quota: don't allow cross-quota renames
    - ceph: fix root quota realm check
    - ceph: quota: support for ceph.quota.max_bytes
    - ceph: quota: update MDS when max_bytes is approaching
    - ceph: quota: add counter for snaprealms with quota
    - ceph: avoid iput_final() while holding mutex or in dispatch thread

* QCA9377 isn't being recognized sometimes (LP: #1757218)
    - SAUCE: USB: Disable USB2 LPM at shutdown

* hns: fix ICMP6 neighbor solicitation messages discard problem (LP: #1833140)
    - net: hns: fix ICMP6 neighbor solicitation messages discard problem
    - net: hns: fix unsigned comparison to less than zero

* Fix occasional boot time crash in hns driver (LP: #1833138)
    - net: hns: Fix probabilistic memory overwrite when HNS driver initialized

*  use-after-free in hns_nic_net_xmit_hw (LP: #1833136)
    - net: hns: fix KASAN: use-after-free in hns_nic_net_xmit_hw()

* hns: attempt to restart autoneg when disabled should report error
    (LP: #1833147)
    - net: hns: Restart autoneg need return failed when autoneg off

* systemd 237-3ubuntu10.14 ADT test failure on Bionic ppc64el (test-seccomp)
    (LP: #1821625)
    - powerpc: sys_pkey_alloc() and sys_pkey_free() system calls
    - powerpc: sys_pkey_mprotect() system call

* [UBUNTU] pkey: Indicate old mkvp only if old and curr. mkvp are different
    (LP: #1832625)
    - pkey: Indicate old mkvp only if old and current mkvp are different

* [UBUNTU] kernel: Fix gcm-aes-s390 wrong scatter-gather list processing
    (LP: #1832623)
    - s390/crypto: fix gcm-aes-s390 selftest failures

* System crashes on hot adding a core with drmgr command (4.15.0-48-generic)
    (LP: #1833716)
    - powerpc/numa: improve control of topology updates
    - powerpc/numa: document topology_updates_enabled, disable by default

* Kernel modules generated incorrectly when system is localized to a non-
    English language (LP: #1828084)
    - scripts: override locale from environment when running recordmcount.pl

* [UBUNTU] kernel: Fix wrong dispatching for control domain CPRBs
    (LP: #1832624)
    - s390/zcrypt: Fix wrong dispatching for control domain CPRBs

* CVE-2019-11815
    - net: rds: force to destroy connection if t_sock is NULL in
      rds_tcp_kill_sock().

* Sound device not detected after resume from hibernate (LP: #1826868)
    - drm/i915: Force 2*96 MHz cdclk on glk/cnl when audio power is enabled
    - drm/i915: Save the old CDCLK atomic state
    - drm/i915: Remove redundant store of logical CDCLK state
    - drm/i915: Skip modeset for cdclk changes if possible

* Handle overflow in proc_get_long of sysctl (LP: #1833935)
    - sysctl: handle overflow in proc_get_long

* Dell XPS 13 (9370) defaults to s2idle sleep/suspend instead of deep, NVMe
    drains lots of power under s2idle (LP: #1808957)
    - Revert "UBUNTU: SAUCE: pci/nvme: prevent WDC PC SN720 NVMe from entering D3
      and being disabled"
    - Revert "UBUNTU: SAUCE: nvme: add quirk to not call disable function when
      suspending"
    - Revert "UBUNTU: SAUCE: pci: prevent Intel NVMe SSDPEKKF from entering D3"
    - Revert "SAUCE: nvme: add quirk to not call disable function when suspending"
    - Revert "SAUCE: pci: prevent sk hynix nvme from entering D3"
    - PCI: PM: Avoid possible suspend-to-idle issue
    - PCI: PM: Skip devices in D0 for suspend-to-idle
    - nvme-pci: Sync queues on reset
    - nvme: Export get and set features
    - nvme-pci: Use host managed power state for suspend

* linux v4.15 ftbfs on a newer host kernel (e.g. hwe) (LP: #1823429)
    - selinux: use kernel linux/socket.h for genheaders and mdp

* 32-bit x86 kernel 4.15.0-50 crash in vmalloc_sync_all (LP: #1830433)
    - x86/mm/pat: Disable preemption around __flush_tlb_all()
    - x86/mm: Drop usage of __flush_tlb_all() in kernel_physical_mapping_init()
    - x86/mm: Disable ioremap free page handling on x86-PAE
    - ioremap: Update pgtable free interfaces with addr
    - x86/mm: Add TLB purge to free pmd/pte page interfaces
    - x86/init: fix build with CONFIG_SWAP=n
    - x86/mm: provide pmdp_establish() helper
    - x86/mm: Use WRITE_ONCE() when setting PTEs

* hinic: fix oops due to race in set_rx_mode (LP: #1832048)
    - hinic: fix a bug in set rx mode

* ubuntu 18.04 flickering screen with Radeon X1600 (LP: #1791312)
    - drm/radeon: prefer lower reference dividers

* Login screen never appears on vmwgfx using bionic kernel 4.15 (LP: #1832138)
    - drm/vmwgfx: use monotonic event timestamps

* [linux-azure] Block Layer Commits Requested in Azure Kernels (LP: #1834499)
    - block: Clear kernel memory before copying to user
    - block/bio: Do not zero user pages

* CONFIG_LOG_BUF_SHIFT set to 14 is too low on arm64 (LP: #1824864)
    - [Config] CONFIG_LOG_BUF_SHIFT=18 on all 64bit arches

* Handle overflow for file-max (LP: #1834310)
    - sysctl: handle overflow for file-max
    - kernel/sysctl.c: fix out-of-bounds access when setting file-max

* [ALSA] [PATCH] Headset fixup for System76 Gazelle (gaze14) (LP: #1827555)
    - ALSA: hda/realtek - Headset fixup for System76 Gazelle (gaze14)
    - ALSA: hda/realtek - Corrected fixup for System76 Gazelle (gaze14)

* crashdump fails on HiSilicon D06 (LP: #1828868)
    - iommu/arm-smmu-v3: Abort all transactions if SMMU is enabled in kdump kernel
    - iommu/arm-smmu-v3: Don't disable SMMU in kdump kernel

* CVE-2019-11833
    - ext4: zero out the unused memory region in the extent tree block

* zfs 0.7.9 fixes a bug (https://github.com/zfsonlinux/zfs/pull/7343) that
    hangs the system completely (LP: #1772412)
    - SAUCE: (noup) Update zfs to 0.7.5-1ubuntu16.6

* does not detect headphone when there is no other output devices
    (LP: #1831065)
    - ALSA: hda/realtek - Fixed hp_pin no value
    - ALSA: hda/realtek - Use a common helper for hp pin reference

* kernel crash : net_sched  race condition in tcindex_destroy() (LP: #1825942)
    - net_sched: fix NULL pointer dereference when delete tcindex filter
    - RCU, workqueue: Implement rcu_work
    - net_sched: switch to rcu_work
    - net_sched: fix a race condition in tcindex_destroy()
    - net_sched: fix a memory leak in cls_tcindex
    - net_sched: initialize net pointer inside tcf_exts_init()
    - net_sched: fix two more memory leaks in cls_tcindex

* Support new ums-realtek device (LP: #1831840)
    - USB: usb-storage: Add new ID to ums-realtek

* amd_iommu possible data corruption (LP: #1823037)
    - iommu/amd: Reserve exclusion range in iova-domain
    - iommu/amd: Set exclusion range correctly

* Add new sound card PCIID into the alsa driver (LP: #1832299)
    - ALSA: hda: Add Icelake PCI ID
    - ALSA: hda/intel: add CometLake PCI IDs

* sky2 ethernet card doesn't work after returning from suspend
    (LP: #1807259) // sky2 ethernet card link not up after suspend
    (LP: #1809843)
    - sky2: Disable MSI on Dell Inspiron 1545 and Gateway P-79

* idle-page oopses when accessing page frames that are out of range
    (LP: #1833410)
    - mm/page_idle.c: fix oops because end_pfn is larger than max_pfn

* Add pointstick support on HP ZBook 17 G5 (LP: #1833387)
    - Revert "HID: multitouch: Support ALPS PTP stick with pid 0x120A"
    - SAUCE: HID: multitouch: Add pointstick support for ALPS Touchpad

* [SRU][B/B-OEM/B-OEM-OSP-1/C/D/E] Add trackpoint middle button support of 2
    new thinpads (LP: #1833637)
    - Input: elantech - enable middle button support on 2 ThinkPads

* CVE-2019-11085
    - drm/i915/gvt: Fix mmap range check
    - drm/i915: make mappable struct resource centric
    - drm/i915/gvt: Fix aperture read/write emulation when enable x-no-mmap=on

* CVE-2019-11884
    - Bluetooth: hidp: fix buffer overflow

* af_alg06 test from crypto test suite in LTP failed with kernel oops on B/C
    (LP: #1829725)
    - crypto: authenc - fix parsing key with misaligned rta_len

* CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130 // CVE-2019-11091
    - SAUCE: Synchronize MDS mitigations with upstream
    - Documentation: Correct the possible MDS sysfs values
    - x86/speculation/mds: Fix documentation typo

* CVE-2019-11091
    - x86/mds: Add MDSUM variant to the MDS documentation

* alignment test in powerpc from ubuntu_kernel_selftests failed on B/C Power9
    (LP: #1813118)
    - selftests/powerpc: Remove Power9 copy_unaligned test

* TRACE_syscall.ptrace_syscall_dropped in seccomp from ubuntu_kernel_selftests
    failed on B/C PowerPC (LP: #1812796)
    - selftests/seccomp: Enhance per-arch ptrace syscall skip tests

* Add powerpc/alignment_handler test for selftests (LP: #1828935)
    - selftests/powerpc: Add alignment handler selftest
    - selftests/powerpc: Fix to use ucontext_t instead of struct ucontext

* Cannot build kernel 4.15.0-48.51 due to an in-source-tree ZFS module.
    (LP: #1828763)
    - SAUCE: (noup) Update zfs to 0.7.5-1ubuntu16.5

* Eletrical noise occurred when external headset enter powersaving mode on a
    DEll machine (LP: #1828798)
    - ALSA: hda/realtek - Reduce click noise on Dell Precision 5820 headphone
    - ALSA: hda/realtek - Fixup headphone noise via runtime suspend

* [18.04/18.10] File libperf-jvmti.so is missing in linux-tools-common deb on
    Ubuntu (LP: #1761379)
    - [Packaging] Support building libperf-jvmti.so

* TCP : race condition on socket ownership in tcp_close() (LP: #1830813)
    - tcp: do not release socket ownership in tcp_close()

* bionic: netlink: potential shift overflow in netlink_bind() (LP: #1831103)
    - netlink: Don't shift on 64 for ngroups

* Add support to Comet Lake LPSS (LP: #1830175)
    - mfd: intel-lpss: Add Intel Comet Lake PCI IDs

* Reduce NAPI weight in hns driver from 256 to 64 (LP: #1830587)
    - net: hns: Use NAPI_POLL_WEIGHT for hns driver

* x86: add support for AMD Rome (LP: #1819485)
    - x86: irq_remapping: Move irq remapping mode enum
    - iommu/amd: Add support for higher 64-bit IOMMU Control Register
    - iommu/amd: Add support for IOMMU XT mode
    - hwmon/k10temp, x86/amd_nb: Consolidate shared device IDs
    - hwmon/k10temp: Add support for AMD family 17h, model 30h CPUs
    - x86/amd_nb: Add PCI device IDs for family 17h, model 30h
    - x86/MCE/AMD: Fix the thresholding machinery initialization order
    - x86/amd_nb: Add support for newer PCI topologies

* nx842 - CRB request time out (-110) when uninstall NX modules and initiate
    NX request (LP: #1827755)
    - crypto/nx: Initialize 842 high and normal RxFIFO control registers

* Require improved hypervisor detection patch in Ubuntu 18.04 (LP: #1829972)
    - s390/early: improve machine detection

-- Kleber Sacilotto de Souza <kleber.souza@canonical.com>  Tue, 02 Jul 2019 18:41:49 +0200

Changed in linux (Ubuntu Bionic):
status:	Fix Committed → Fix Released

Revision history for this message

Frank Heimes (fheimes) wrote on 2019-07-22:

#12

Changing "linux (Ubuntu)" to Fix Released, since the patch got upstream accepted with kernel 5.2 and kernel 5.2 landed in Eoan's release pocket.

Changed in linux (Ubuntu):
status:	In Progress → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2019-07-23:

#13

Download full text (57.5 KiB)

This bug was fixed in the package linux - 5.0.0-21.22

---------------
linux (5.0.0-21.22) disco; urgency=medium

* linux: 5.0.0-21.22 -proposed tracker (LP: #1834902)

  * Disco update: 5.0.15 upstream stable release (LP: #1834529)
    - net: stmmac: Use bfsize1 in ndesc_init_rx_desc
    - Drivers: hv: vmbus: Remove the undesired put_cpu_ptr() in hv_synic_cleanup()
    - ubsan: Fix nasty -Wbuiltin-declaration-mismatch GCC-9 warnings
    - staging: greybus: power_supply: fix prop-descriptor request size
    - staging: wilc1000: Avoid GFP_KERNEL allocation from atomic context.
    - staging: most: cdev: fix chrdev_region leak in mod_exit
    - staging: most: sound: pass correct device when creating a sound card
    - ASoC: tlv320aic3x: fix reset gpio reference counting
    - ASoC: hdmi-codec: fix S/PDIF DAI
    - ASoC: stm32: sai: fix iec958 controls indexation
    - ASoC: stm32: sai: fix exposed capabilities in spdif mode
    - ASoC: stm32: sai: fix race condition in irq handler
    - ASoC:soc-pcm:fix a codec fixup issue in TDM case
    - ASoC:hdac_hda:use correct format to setup hda codec
    - ASoC:intel:skl:fix a simultaneous playback & capture issue on hda platform
    - ASoC: dpcm: prevent snd_soc_dpcm use after free
    - ASoC: nau8824: fix the issue of the widget with prefix name
    - ASoC: nau8810: fix the issue of widget with prefixed name
    - ASoC: samsung: odroid: Fix clock configuration for 44100 sample rate
    - ASoC: rt5682: Check JD status when system resume
    - ASoC: rt5682: fix jack type detection issue
    - ASoC: rt5682: recording has no sound after booting
    - ASoC: wm_adsp: Add locking to wm_adsp2_bus_error
    - clk: meson-gxbb: round the vdec dividers to closest
    - ASoC: stm32: dfsdm: manage multiple prepare
    - ASoC: stm32: dfsdm: fix debugfs warnings on entry creation
    - ASoC: cs4270: Set auto-increment bit for register writes
    - ASoC: dapm: Fix NULL pointer dereference in snd_soc_dapm_free_kcontrol
    - drm/omap: hdmi4_cec: Fix CEC clock handling for PM
    - IB/hfi1: Clear the IOWAIT pending bits when QP is put into error state
    - IB/hfi1: Eliminate opcode tests on mr deref
    - IB/hfi1: Fix the allocation of RSM table
    - MIPS: KGDB: fix kgdb support for SMP platforms.
    - ASoC: tlv320aic32x4: Fix Common Pins
    - drm/mediatek: Fix an error code in mtk_hdmi_dt_parse_pdata()
    - perf/x86/intel: Fix handling of wakeup_events for multi-entry PEBS
    - perf/x86/intel: Initialize TFA MSR
    - linux/kernel.h: Use parentheses around argument in u64_to_user_ptr()
    - iov_iter: Fix build error without CONFIG_CRYPTO
    - xtensa: fix initialization of pt_regs::syscall in start_thread
    - ASoC: rockchip: pdm: fix regmap_ops hang issue
    - drm/amdkfd: Add picasso pci id
    - drm/amdgpu: Adjust IB test timeout for XGMI configuration
    - drm/amdgpu: amdgpu_device_recover_vram always failed if only one node in
      shadow_list
    - drm/amd/display: fix cursor black issue
    - ASoC: cs35l35: Disable regulators on driver removal
    - objtool: Add rewind_stack_do_exit() to the noreturn list
    - slab: fix a crash by reading /proc/slab_allocators
    - drm/sun4i: tcon top: Fix NULL/inv...

This bug was fixed in the package linux - 5.0.0-21.22

---------------
linux (5.0.0-21.22) disco; urgency=medium

* linux: 5.0.0-21.22 -proposed tracker (LP: #1834902)

* Disco update: 5.0.15 upstream stable release (LP: #1834529)
    - net: stmmac: Use bfsize1 in ndesc_init_rx_desc
    - Drivers: hv: vmbus: Remove the undesired put_cpu_ptr() in hv_synic_cleanup()
    - ubsan: Fix nasty -Wbuiltin-declaration-mismatch GCC-9 warnings
    - staging: greybus: power_supply: fix prop-descriptor request size
    - staging: wilc1000: Avoid GFP_KERNEL allocation from atomic context.
    - staging: most: cdev: fix chrdev_region leak in mod_exit
    - staging: most: sound: pass correct device when creating a sound card
    - ASoC: tlv320aic3x: fix reset gpio reference counting
    - ASoC: hdmi-codec: fix S/PDIF DAI
    - ASoC: stm32: sai: fix iec958 controls indexation
    - ASoC: stm32: sai: fix exposed capabilities in spdif mode
    - ASoC: stm32: sai: fix race condition in irq handler
    - ASoC:soc-pcm:fix a codec fixup issue in TDM case
    - ASoC:hdac_hda:use correct format to setup hda codec
    - ASoC:intel:skl:fix a simultaneous playback & capture issue on hda platform
    - ASoC: dpcm: prevent snd_soc_dpcm use after free
    - ASoC: nau8824: fix the issue of the widget with prefix name
    - ASoC: nau8810: fix the issue of widget with prefixed name
    - ASoC: samsung: odroid: Fix clock configuration for 44100 sample rate
    - ASoC: rt5682: Check JD status when system resume
    - ASoC: rt5682: fix jack type detection issue
    - ASoC: rt5682: recording has no sound after booting
    - ASoC: wm_adsp: Add locking to wm_adsp2_bus_error
    - clk: meson-gxbb: round the vdec dividers to closest
    - ASoC: stm32: dfsdm: manage multiple prepare
    - ASoC: stm32: dfsdm: fix debugfs warnings on entry creation
    - ASoC: cs4270: Set auto-increment bit for register writes
    - ASoC: dapm: Fix NULL pointer dereference in snd_soc_dapm_free_kcontrol
    - drm/omap: hdmi4_cec: Fix CEC clock handling for PM
    - IB/hfi1: Clear the IOWAIT pending bits when QP is put into error state
    - IB/hfi1: Eliminate opcode tests on mr deref
    - IB/hfi1: Fix the allocation of RSM table
    - MIPS: KGDB: fix kgdb support for SMP platforms.
    - ASoC: tlv320aic32x4: Fix Common Pins
    - drm/mediatek: Fix an error code in mtk_hdmi_dt_parse_pdata()
    - perf/x86/intel: Fix handling of wakeup_events for multi-entry PEBS
    - perf/x86/intel: Initialize TFA MSR
    - linux/kernel.h: Use parentheses around argument in u64_to_user_ptr()
    - iov_iter: Fix build error without CONFIG_CRYPTO
    - xtensa: fix initialization of pt_regs::syscall in start_thread
    - ASoC: rockchip: pdm: fix regmap_ops hang issue
    - drm/amdkfd: Add picasso pci id
    - drm/amdgpu: Adjust IB test timeout for XGMI configuration
    - drm/amdgpu: amdgpu_device_recover_vram always failed if only one node in
      shadow_list
    - drm/amd/display: fix cursor black issue
    - ASoC: cs35l35: Disable regulators on driver removal
    - objtool: Add rewind_stack_do_exit() to the noreturn list
    - slab: fix a crash by reading /proc/slab_allocators
    - drm/sun4i: tcon top: Fix NULL/invalid pointer dereference in
      sun8i_tcon_top_un/bind
    - virtio_pci: fix a NULL pointer reference in vp_del_vqs
    - RDMA/vmw_pvrdma: Fix memory leak on pvrdma_pci_remove
    - RDMA/hns: Fix bug that caused srq creation to fail
    - KEYS: trusted: fix -Wvarags warning
    - scsi: csiostor: fix missing data copy in csio_scsi_err_handler()
    - drm/mediatek: fix possible object reference leak
    - drm/mediatek: fix the rate and divder of hdmi phy for MT2701
    - drm/mediatek: make implementation of recalc_rate() for MT2701 hdmi phy
    - drm/mediatek: remove flag CLK_SET_RATE_PARENT for MT2701 hdmi phy
    - drm/mediatek: using new factor for tvdpll for MT2701 hdmi phy
    - drm/mediatek: no change parent rate in round_rate() for MT2701 hdmi phy
    - ASoC: Intel: kbl: fix wrong number of channels
    - ASoC: stm32: sai: fix master clock management
    - ALSA: hda: Fix racy display power access
    - virtio-blk: limit number of hw queues by nr_cpu_ids
    - blk-mq: introduce blk_mq_complete_request_sync()
    - nvme: cancel request synchronously
    - nvme-fc: correct csn initialization and increments on error
    - nvmet: fix discover log page when offsets are used
    - platform/x86: pmc_atom: Drop __initconst on dmi table
    - NFSv4.1 fix incorrect return value in copy_file_range
    - perf/core: Fix perf_event_disable_inatomic() race
    - genirq: Prevent use-after-free and work list corruption
    - usb: dwc3: Allow building USB_DWC3_QCOM without EXTCON
    - usb: dwc3: Fix default lpm_nyet_threshold value
    - USB: serial: f81232: fix interrupt worker not stop
    - USB: cdc-acm: fix unthrottle races
    - usb-storage: Set virt_boundary_mask to avoid SG overflows
    - intel_th: pci: Add Comet Lake support
    - iio: adc: qcom-spmi-adc5: Fix of-based module autoloading
    - cpufreq: armada-37xx: fix frequency calculation for opp
    - ACPI / LPSS: Use acpi_lpss_* instead of acpi_subsys_* functions for
      hibernate
    - soc: sunxi: Fix missing dependency on REGMAP_MMIO
    - scsi: lpfc: change snprintf to scnprintf for possible overflow
    - scsi: qla2xxx: Fix incorrect region-size setting in optrom SYSFS routines
    - scsi: qla2xxx: Fix device staying in blocked state
    - Bluetooth: Align minimum encryption key size for LE and BR/EDR connections
    - Bluetooth: Fix not initializing L2CAP tx_credits
    - Bluetooth: hci_bcm: Fix empty regulator supplies for Intel Macs
    - UAS: fix alignment of scatter/gather segments
    - ASoC: Intel: avoid Oops if DMA setup fails
    - i3c: Fix a shift wrap bug in i3c_bus_set_addr_slot_status()
    - locking/futex: Allow low-level atomic operations to return -EAGAIN
    - arm64: futex: Bound number of LDXR/STXR loops in FUTEX_WAKE_OP
    - Linux 5.0.15
    - Revert "Bluetooth: Align minimum encryption key size for LE and BR/EDR
      connections"

* QCA9377 isn't being recognized sometimes (LP: #1757218)
    - SAUCE: USB: Disable USB2 LPM at shutdown

* Cache line contention prevents scaling of 100Gbps performance (LP: #1832909)
    - iommu/iova: Separate atomic variables to improve performance

* net: hns: Fix loopback test failed at copper ports (LP: #1833132)
    - net: hns: Fix loopback test failed at copper ports

* hns: fix ICMP6 neighbor solicitation messages discard problem (LP: #1833140)
    - net: hns: fix unsigned comparison to less than zero

* [UBUNTU] pkey: Indicate old mkvp only if old and curr. mkvp are different
    (LP: #1832625)
    - pkey: Indicate old mkvp only if old and current mkvp are different

* [UBUNTU] kernel: Fix gcm-aes-s390 wrong scatter-gather list processing
    (LP: #1832623)
    - s390/crypto: fix gcm-aes-s390 selftest failures

* AX88772A USB to Ethernet dongle doesn't work (LP: #1834114)
    - net: phy: rename Asix Electronics PHY driver
    - [Config] update configs and annotations for ASIX renamed

* Add nvidia-418 dkms build support to disco (LP: #1834476)
    - add nvidia-418 dkms build

* depmod may prefer unsigned l-r-m nvidia modules to signed modules
    (LP: #1834479)
    - [Packaging] dkms-build--nvidia-N -- clean up unsigned ko files

* Hi1620 driver updates from upstream 5.2 merge window (LP: #1830815)
    - ethtool: Added support for 50Gbps per lane link modes
    - net: hns3: Make hclgevf_update_link_mode static
    - net: hns3: Make hclge_destroy_cmd_queue static
    - RDMA/hns: Only assign the relatived fields of psn if IB_QP_SQ_PSN is set
    - RDMA/hns: Only assign the fields of the rq psn if IB_QP_RQ_PSN is set
    - RDMA/hns: Update the range of raq_psn field of qp context
    - RDMA/hns: Only assgin some fields if the relatived attr_mask is set
    - RDMA/hns: Hide error print information with roce vf device
    - RDMA/hns: Bugfix for sending with invalidate
    - RDMA/hns: Delete unused variable in hns_roce_v2_modify_qp function
    - RDMA/hns: Limit scope of hns_roce_cmq_send()
    - RDMA/hns: Convert cq_table to XArray
    - RDMA/hns: Convert qp_table_tree to XArray
    - RDMA/hns: Fix bad endianess of port_pd variable
    - net: hns3: check 1000M half for hns3_ethtool_ops.set_link_ksettings
    - net: hns3: reduce resources use in kdump kernel
    - net: hns3: modify the VF network port media type acquisition method
    - net: hns3: return 0 and print warning when hit duplicate MAC
    - net: hns3: minor optimization for ring_space
    - net: hns3: minor optimization for datapath
    - net: hns3: simplify hclgevf_cmd_csq_clean
    - net: hns3: add protect when handling mac addr list
    - net: hns3: check resetting status in hns3_get_stats()
    - net: hns3: prevent change MTU when resetting
    - net: hns3: modify HNS3_NIC_STATE_INITED flag in
      hns3_reset_notify_uninit_enet
    - net: hns3: split function hnae3_match_n_instantiate()
    - RDMA/hns: Dump detailed driver-specific CQ
    - RDMA/hns: Support to create 1M srq queue
    - RDMA/hns: Bugfix for SCC hem free
    - net: hns3: set vport alive state to default while resetting
    - net: hns3: set up the vport alive state while reinitializing
    - net: hns3: not reset vport who not alive when PF reset
    - net: hns3: adjust the timing of hns3_client_stop when unloading
    - net: hns3: deactive the reset timer when reset successfully
    - net: hns3: ignore lower-level new coming reset
    - net: hns3: do not request reset when hardware resetting
    - net: hns3: handle pending reset while reset fail
    - net: hns3: stop mailbox handling when command queue need re-init
    - net: hns3: add error handler for initializing command queue
    - net: hns3: remove resetting check in hclgevf_reset_task_schedule
    - net: hns3: fix keep_alive_timer not stop problem
    - scsi: hisi_sas: add host reset interface for test
    - scsi: hisi_sas: Remedy inconsistent PHY down state in software
    - scsi: hisi_sas: Fix for setting the PHY linkrate when disconnected
    - scsi: hisi_sas: Adjust the printk format of functions hisi_sas_init_device()
    - scsi: hisi_sas: allocate different SAS address for directly attached
      situation
    - scsi: hisi_sas: Support all RAS events with MSI interrupts
    - scsi: hisi_sas: Don't hard reset disk during controller reset
    - scsi: hisi_sas: Don't fail IT nexus reset for Open Reject timeout
    - scsi: hisi_sas: Some misc tidy-up
    - net: hns3: modify VLAN initialization to be compatible with port based VLAN
    - net: hns3: fix VLAN offload handle for VLAN inserted by port
    - net: hns3: fix set port based VLAN for PF
    - net: hns3: fix set port based VLAN issue for VF
    - net: hns3: minor refactor for hns3_rx_checksum
    - net: hns3: add hns3_gro_complete for HW GRO process
    - net: hns3: always assume no drop TC for performance reason
    - net: hns3: divide shared buffer between TC
    - net: hns3: set dividual reset level for all RAS and MSI-X errors
    - net: hns3: do not initialize MDIO bus when PHY is inexistent
    - net: hns3: free the pending skb when clean RX ring
    - net: hns3: code optimization for command queue' spin lock
    - net: hns3: fix sparse: warning when calling hclge_set_vlan_filter_hw()
    - net: hns3: fix for vport->bw_limit overflow problem
    - net: hns3: add reset statistics info for PF
    - net: hns3: add reset statistics for VF
    - net: hns3: add some debug information for hclge_check_event_cause
    - net: hns3: add some debug info for hclgevf_get_mbx_resp()
    - net: hns3: refine tx timeout count handle
    - net: hns3: fix loop condition of hns3_get_tx_timeo_queue_info()
    - net: hns3: dump more information when tx timeout happens
    - net: hns3: Add support for netif message level settings
    - net: hns3: add support for dump ncl config by debugfs
    - net: hns3: Add handling of MAC tunnel interruption
    - net: hns3: add queue's statistics update to service task
    - net: hns3: add function type check for debugfs help information
    - RDMA/hns: Bugfix for mapping user db
    - net: hns3: fix data race between ring->next_to_clean
    - net: hns3: fix for TX clean num when cleaning TX BD
    - net: hns3: handle the BD info on the last BD of the packet
    - net: hns3: stop sending keep alive msg when VF command queue needs reinit
    - net: hns3: use atomic_t replace u32 for arq's count
    - net: hns3: use a reserved byte to identify need_resp flag
    - net: hns3: not reset TQP in the DOWN while VF resetting
    - net: hns3: fix pause configure fail problem
    - net: hns3: extend the loopback state acquisition time
    - net: hns3: prevent double free in hns3_put_ring_config()
    - net: hns3: remove reset after command send failed
    - net: hns3: add support for multiple media type
    - net: hns3: add autoneg and change speed support for fibre port
    - net: hns3: add support for FEC encoding control
    - net: hns3: unify maybe_stop_tx for TSO and non-TSO case
    - net: hns3: use napi_schedule_irqoff in hard interrupts handlers
    - net: hns3: add counter for times RX pages gets allocated
    - net: hns3: add linearizing checking for TSO case
    - net: hns3: fix for tunnel type handling in hns3_rx_checksum
    - net: hns3: refactor BD filling for l2l3l4 info
    - net: hns3: combine len and checksum handling for inner and outer header.
    - net: hns3: fix error handling for desc filling
    - net: hns3: optimize the barrier using when cleaning TX BD
    - net: hns3: unify the page reusing for page size 4K and 64K
    - net: hns3: some cleanup for struct hns3_enet_ring
    - net: hns3: use devm_kcalloc when allocating desc_cb
    - net: hns3: remove redundant assignment of l2_hdr to itself
    - net: hns3: initialize CPU reverse mapping
    - net: hns3: refine the flow director handle
    - net: hns3: add aRFS support for PF
    - net: hns3: fix for FEC configuration
    - RDMA/hns: Remove unnecessary print message in aeq
    - RDMA/hns: Update CQE specifications
    - RDMA/hns: Move spin_lock_irqsave to the correct place
    - RDMA/hns: Remove jiffies operation in disable interrupt context
    - RDMA/hns: Replace magic numbers with #defines
    - net: hns3: fix compile warning without CONFIG_RFS_ACCEL
    - net: hns3: fix for HNS3_RXD_GRO_SIZE_M macro
    - net: hns3: add support for dump firmware statistics by debugfs
    - net: hns3: use HCLGE_STATE_NIC_REGISTERED to indicate PF NIC client has
      registered
    - net: hns3: use HCLGE_STATE_ROCE_REGISTERED to indicate PF ROCE client has
      registered
    - net: hns3: use HCLGEVF_STATE_NIC_REGISTERED to indicate VF NIC client has
      registered
    - net: hns3: modify hclge_init_client_instance()
    - net: hns3: modify hclgevf_init_client_instance()
    - net: hns3: add handshake with hardware while doing reset
    - net: hns3: stop schedule reset service while unloading driver
    - net: hns3: adjust hns3_uninit_phy()'s location in the hns3_client_uninit()
    - net: hns3: fix a memory leak issue for hclge_map_unmap_ring_to_vf_vector
    - RDMA/hns: Bugfix for posting multiple srq work request
    - net: hns3: remove redundant core reset
    - net: hns3: don't configure new VLAN ID into VF VLAN table when it's full
    - net: hns3: fix VLAN filter restore issue after reset
    - net: hns3: set the port shaper according to MAC speed
    - net: hns3: add a check to pointer in error_detected and slot_reset
    - net: hns3: set ops to null when unregister ad_dev
    - net: hns3: add handling of two bits in MAC tunnel interrupts
    - net: hns3: remove setting bit of reset_requests when handling mac tunnel
      interrupts
    - net: hns3: add opcode about query and clear RAS & MSI-X to special opcode
    - net: hns3: delay and separate enabling of NIC and ROCE HW errors
    - RDMA/hns: fix inverted logic of readl read and shift
    - RDMA/hns: Bugfix for filling the sge of srq
    - net: hns3: log detail error info of ROCEE ECC and AXI errors
    - net: hns3: fix wrong size of mailbox responding data
    - net: hns3: make HW GRO handling compliant with SW GRO
    - net: hns3: replace numa_node_id with numa_mem_id for buffer reusing
    - net: hns3: refactor hns3_get_new_int_gl function
    - net: hns3: trigger VF reset if a VF has an over_8bd_nfe_err
    - net: hns3: delete the redundant user NIC codes
    - net: hns3: small changes for magic numbers
    - net: hns3: use macros instead of magic numbers
    - net: hns3: refactor PF/VF RSS hash key configuration
    - net: hns3: some modifications to simplify and optimize code
    - net: hns3: fix some coding style issues
    - net: hns3: delay setting of reset level for hw errors until slot_reset is
      called
    - net: hns3: fix avoid unnecessary resetting for the H/W errors which do not
      require reset
    - net: hns3: process H/W errors occurred before HNS dev initialization
    - net: hns3: add recovery for the H/W errors occurred before the HNS dev
      initialization
    - net: hns3: some changes of MSI-X bits in PPU(RCB)
    - net: hns3: extract handling of mpf/pf msi-x errors into functions
    - net: hns3: clear restting state when initializing HW device
    - net: hns3: free irq when exit from abnormal branch
    - net: hns3: fix for dereferencing before null checking
    - net: hns3: fix for skb leak when doing selftest
    - net: hns3: delay ring buffer clearing during reset
    - net: hns3: some variable modification
    - net: hns3: fix dereference of ae_dev before it is null checked
    - scsi: hisi_sas: Delete PHY timers when rmmod or probe failed
    - scsi: hisi_sas: Fix the issue of argument mismatch of printing ecc errors
    - scsi: hisi_sas: Reduce HISI_SAS_SGE_PAGE_CNT in size
    - scsi: hisi_sas: Change the type of some numbers to unsigned
    - scsi: hisi_sas: Ignore the error code between phy down to phy up
    - scsi: hisi_sas: Disable stash for v3 hw
    - net: hns3: Add missing newline at end of file
    - net: hns3: Fix inconsistent indenting
    - RDMa/hns: Don't stuck in endless timeout loop

* Kernel modules generated incorrectly when system is localized to a non-
    English language (LP: #1828084)
    - scripts: override locale from environment when running recordmcount.pl

* [UBUNTU] kernel: Fix wrong dispatching for control domain CPRBs
    (LP: #1832624)
    - s390/zcrypt: Fix wrong dispatching for control domain CPRBs

* shiftfs: allow changing ro/rw for subvolumes (LP: #1832316)
    - SAUCE: shiftfs: allow changing ro/rw for subvolumes

* Sound device not detected after resume from hibernate (LP: #1826868)
    - drm/i915: Force 2*96 MHz cdclk on glk/cnl when audio power is enabled
    - drm/i915: Save the old CDCLK atomic state
    - drm/i915: Remove redundant store of logical CDCLK state
    - drm/i915: Skip modeset for cdclk changes if possible

* [raven] fix screen corruption on modprobe (LP: #1831846)
    - drm/amdgpu: keep stolen memory on picasso
    - drm/amdgpu: reserve stollen vram for raven series

* Handle overflow in proc_get_long of sysctl (LP: #1833935)
    - sysctl: handle overflow in proc_get_long

* Oops during sas expander hotplugging (LP: #1831799)
    - scsi: libsas: delete sas port if expander discover failed

* [SRU][B/B-OEM/C/D/OEM-OSP1] Add RTL8822 wifi driver rtw88 (LP: #1831828)
    - rtw88: new Realtek 802.11ac driver
    - rtw88: fix shift of more than 32 bits of a integer
    - rtw88: phy: mark expected switch fall-throughs
    - rtw88: Make RA_MASK macros ULL
    - [Config] Add realtek wifi RTW88 support

* Dell XPS 13 (9370) defaults to s2idle sleep/suspend instead of deep, NVMe
    drains lots of power under s2idle (LP: #1808957)
    - Revert "UBUNTU: SAUCE: pci/nvme: prevent WDC PC SN720 NVMe from entering D3
      and being disabled"
    - Revert "UBUNTU: SAUCE: nvme: add quirk to not call disable function when
      suspending"
    - Revert "UBUTU: SAUCE: pci: prevent Intel NVMe SSDPEKKF from entering D3"
    - Revert "UBUNTU: SAUCE: nvme: add quirk to not call disable function when
      suspending"
    - Revert "UBUNTU: SAUCE: pci: prevent sk hynix nvme from entering D3"
    - PCI: PM: Avoid possible suspend-to-idle issue
    - PCI: PM: Skip devices in D0 for suspend-to-idle
    - nvme-pci: Sync queues on reset
    - nvme: Export get and set features
    - nvme-pci: Use host managed power state for suspend

* arm64: cma_alloc errors at boot (LP: #1823753)
    - [Config] Bump CMA_SIZE_MBYTES to 32 on arm64
    - dma-contiguous: add dma_{alloc, free}_contiguous() helpers
    - dma-contiguous: use fallback alloc_pages for single pages
    - dma-contiguous: fix !CONFIG_DMA_CMA version of dma_{alloc,
      free}_contiguous()

* libsas: old linkrate advertised after phy disabled (LP: #1830435)
    - scsi: libsas: Inject revalidate event for root port event
    - scsi: libsas: Do discovery on empty PHY to update PHY info

* fanotify06 from ubuntu_ltp_syscalls failed (LP: #1833028)
    - ovl: do not generate duplicate fsnotify events for "fake" path

* hinic: fix oops due to race in set_rx_mode (LP: #1832048)
    - hinic: fix a bug in set rx mode

* ubuntu 18.04 flickering screen with Radeon X1600 (LP: #1791312)
    - drm/radeon: prefer lower reference dividers

* [ALSA] [PATCH] Headset fixup for System76 Gazelle (gaze14) (LP: #1827555)
    - ALSA: hda/realtek - Headset fixup for System76 Gazelle (gaze14)
    - ALSA: hda/realtek - Corrected fixup for System76 Gazelle (gaze14)

* ftrace in ubuntu_kernel_selftests complains "Illegal number" because of the
    absence of tput (LP: #1828989)
    - selftests/ftrace: Handle the absence of tput

* CVE-2019-11833
    - ext4: zero out the unused memory region in the extent tree block

* Disco update: 5.0.14 upstream stable release (LP: #1832775)
    - selftests/seccomp: Prepare for exclusive seccomp flags
    - seccomp: Make NEW_LISTENER and TSYNC flags exclusive
    - ARC: memset: fix build with L1_CACHE_SHIFT != 6
    - iwlwifi: fix driver operation for 5350
    - mwifiex: Make resume actually do something useful again on SDIO cards
    - mtd: rawnand: marvell: Clean the controller state before each operation
    - mac80211: don't attempt to rename ERR_PTR() debugfs dirs
    - i2c: synquacer: fix enumeration of slave devices
    - i2c: imx: correct the method of getting private data in notifier_call
    - i2c: Prevent runtime suspend of adapter when Host Notify is required
    - ALSA: hda/realtek - Add new Dell platform for headset mode
    - USB: yurex: Fix protection fault after device removal
    - USB: w1 ds2490: Fix bug caused by improper use of altsetting array
    - USB: dummy-hcd: Fix failure to give back unlinked URBs
    - usb: usbip: fix isoc packet num validation in get_pipe
    - USB: core: Fix unterminated string returned by usb_string()
    - USB: core: Fix bug caused by duplicate interface PM usage counter
    - KVM: lapic: Disable timer advancement if adaptive tuning goes haywire
    - KVM: x86: Consider LAPIC TSC-Deadline timer expired if deadline too short
    - KVM: lapic: Track lapic timer advance per vCPU
    - KVM: lapic: Allow user to disable adaptive tuning of timer advancement
    - KVM: lapic: Convert guest TSC to host time domain if necessary
    - arm64: dts: rockchip: fix rk3328-roc-cc gmac2io tx/rx_delay
    - HID: logitech: check the return value of create_singlethread_workqueue
    - HID: debug: fix race condition with between rdesc_show() and device removal
    - rtc: cros-ec: Fail suspend/resume if wake IRQ can't be configured
    - rtc: sh: Fix invalid alarm warning for non-enabled alarm
    - ARM: OMAP2+: add missing of_node_put after of_device_is_available
    - batman-adv: Reduce claim hash refcnt only for removed entry
    - batman-adv: Reduce tt_local hash refcnt only for removed entry
    - batman-adv: Reduce tt_global hash refcnt only for removed entry
    - batman-adv: fix warning in function batadv_v_elp_get_throughput
    - ARM: dts: rockchip: Fix gpu opp node names for rk3288
    - reset: meson-audio-arb: Fix missing .owner setting of reset_controller_dev
    - ARM: dts: Fix dcan clkctrl clock for am3
    - i40e: fix i40e_ptp_adjtime when given a negative delta
    - ixgbe: fix mdio bus registration
    - i40e: fix WoL support check
    - riscv: fix accessing 8-byte variable from RV32
    - HID: quirks: Fix keyboard + touchpad on Lenovo Miix 630
    - net: hns3: fix compile error
    - xdp: fix cpumap redirect SKB creation bug
    - net/mlx5: E-Switch, Protect from invalid memory access in offload fdb table
    - net/mlx5: E-Switch, Fix esw manager vport indication for more vport commands
    - bonding: show full hw address in sysfs for slave entries
    - net: stmmac: use correct DMA buffer size in the RX descriptor
    - net: stmmac: ratelimit RX error logs
    - net: stmmac: don't stop NAPI processing when dropping a packet
    - net: stmmac: don't overwrite discard_frame status
    - net: stmmac: fix dropping of multi-descriptor RX frames
    - net: stmmac: don't log oversized frames
    - jffs2: fix use-after-free on symlink traversal
    - debugfs: fix use-after-free on symlink traversal
    - mfd: twl-core: Disable IRQ while suspended
    - block: use blk_free_flush_queue() to free hctx->fq in blk_mq_init_hctx
    - rtc: da9063: set uie_unsupported when relevant
    - HID: input: add mapping for Assistant key
    - vfio/pci: use correct format characters
    - scsi: core: add new RDAC LENOVO/DE_Series device
    - scsi: storvsc: Fix calculation of sub-channel count
    - arm/mach-at91/pm : fix possible object reference leak
    - blk-mq: do not reset plug->rq_count before the list is sorted
    - arm64: fix wrong check of on_sdei_stack in nmi context
    - net: hns: fix KASAN: use-after-free in hns_nic_net_xmit_hw()
    - net: hns: Fix probabilistic memory overwrite when HNS driver initialized
    - net: hns: fix ICMP6 neighbor solicitation messages discard problem
    - net: hns: Fix WARNING when remove HNS driver with SMMU enabled
    - libcxgb: fix incorrect ppmax calculation
    - KVM: SVM: prevent DBG_DECRYPT and DBG_ENCRYPT overflow
    - kmemleak: powerpc: skip scanning holes in the .bss section
    - hugetlbfs: fix memory leak for resv_map
    - sh: fix multiple function definition build errors
    - null_blk: prevent crash from bad home_node value
    - xsysace: Fix error handling in ace_setup
    - fs: stream_open - opener for stream-like files so that read and write can
      run simultaneously without deadlock
    - ARM: orion: don't use using 64-bit DMA masks
    - ARM: iop: don't use using 64-bit DMA masks
    - perf/x86/amd: Update generic hardware cache events for Family 17h
    - Bluetooth: btusb: request wake pin with NOAUTOEN
    - Bluetooth: mediatek: fix up an error path to restore bdev->tx_state
    - clk: qcom: Add missing freq for usb30_master_clk on 8998
    - usb: dwc3: Reset num_trbs after skipping
    - staging: iio: adt7316: allow adt751x to use internal vref for all dacs
    - staging: iio: adt7316: fix the dac read calculation
    - staging: iio: adt7316: fix handling of dac high resolution option
    - staging: iio: adt7316: fix the dac write calculation
    - scsi: RDMA/srpt: Fix a credit leak for aborted commands
    - ASoC: Intel: bytcr_rt5651: Revert "Fix DMIC map headsetmic mapping"
    - ASoC: rsnd: gen: fix SSI9 4/5/6/7 busif related register address
    - ASoC: sunxi: sun50i-codec-analog: Rename hpvcc regulator supply to cpvdd
    - ASoC: wm_adsp: Correct handling of compressed streams that restart
    - ASoC: dpcm: skip missing substream while applying symmetry
    - ASoC: stm32: fix sai driver name initialisation
    - KVM: VMX: Save RSI to an unused output in the vCPU-run asm blob
    - KVM: nVMX: Remove a rogue "rax" clobber from nested_vmx_check_vmentry_hw()
    - kvm: vmx: Fix typos in vmentry/vmexit control setting
    - KVM: lapic: Check for in-kernel LAPIC before deferencing apic pointer
    - platform/x86: intel_pmc_core: Fix PCH IP name
    - platform/x86: intel_pmc_core: Handle CFL regmap properly
    - IB/core: Unregister notifier before freeing MAD security
    - IB/core: Fix potential memory leak while creating MAD agents
    - IB/core: Destroy QP if XRC QP fails
    - Input: snvs_pwrkey - initialize necessary driver data before enabling IRQ
    - Input: stmfts - acknowledge that setting brightness is a blocking call
    - gpio: mxc: add check to return defer probe if clock tree NOT ready
    - selinux: avoid silent denials in permissive mode under RCU walk
    - selinux: never allow relabeling on context mounts
    - mac80211: Honor SW_CRYPTO_CONTROL for unicast keys in AP VLAN mode
    - powerpc/mm/hash: Handle mmap_min_addr correctly in get_unmapped_area topdown
      search
    - x86/mce: Improve error message when kernel cannot recover, p2
    - clk: x86: Add system specific quirk to mark clocks as critical
    - x86/mm/KASLR: Fix the size of the direct mapping section
    - x86/mm: Fix a crash with kmemleak_scan()
    - x86/mm/tlb: Revert "x86/mm: Align TLB invalidation info"
    - i2c: i2c-stm32f7: Fix SDADEL minimum formula
    - media: v4l2: i2c: ov7670: Fix PLL bypass register values
    - ASoC: wm_adsp: Check for buffer in trigger stop
    - mm/kmemleak.c: fix unused-function warning
    - Linux 5.0.14

* [ZenBook S UX391UA, Realtek ALC294, Mic, Internal] No sound at all
    (LP: #1784485) // Disco update: 5.0.14 upstream stable release
    (LP: #1832775)
    - ALSA: hda/realtek - Apply the fixup for ASUS Q325UAR

* Support new ums-realtek device (LP: #1831840)
    - USB: usb-storage: Add new ID to ums-realtek

* amd_iommu possible data corruption (LP: #1823037)
    - iommu/amd: Set exclusion range correctly

* Add new sound card PCIID into the alsa driver (LP: #1832299)
    - ALSA: hda/intel: add CometLake PCI IDs

* idle-page oopses when accessing page frames that are out of range
    (LP: #1833410)
    - mm/page_idle.c: fix oops because end_pfn is larger than max_pfn

* Sometimes touchpad automatically trigger double click (LP: #1833484)
    - SAUCE: i2c: designware: Add disable runtime pm quirk

* Disco update: 5.0.13 upstream stable release (LP: #1832749)
    - ipv4: ip_do_fragment: Preserve skb_iif during fragmentation
    - ipv6: A few fixes on dereferencing rt->from
    - ipv6: fix races in ip6_dst_destroy()
    - ipv6/flowlabel: wait rcu grace period before put_pid()
    - ipv6: invert flowlabel sharing check in process and user mode
    - l2ip: fix possible use-after-free
    - l2tp: use rcu_dereference_sk_user_data() in l2tp_udp_encap_recv()
    - net: dsa: bcm_sf2: fix buffer overflow doing set_rxnfc
    - net: phy: marvell: Fix buffer overrun with stats counters
    - net/tls: avoid NULL pointer deref on nskb->sk in fallback
    - rxrpc: Fix net namespace cleanup
    - sctp: avoid running the sctp state machine recursively
    - selftests: fib_rule_tests: print the result and return 1 if any tests failed
    - packet: validate msg_namelen in send directly
    - packet: in recvmsg msg_name return at least sizeof sockaddr_ll
    - selftests: fib_rule_tests: Fix icmp proto with ipv6
    - tcp: add sanity tests in tcp_add_backlog()
    - udp: fix GRO reception in case of length mismatch
    - udp: fix GRO packet of death
    - bnxt_en: Improve multicast address setup logic.
    - bnxt_en: Free short FW command HWRM memory in error path in bnxt_init_one()
    - bnxt_en: Fix possible crash in bnxt_hwrm_ring_free() under error conditions.
    - bnxt_en: Pass correct extended TX port statistics size to firmware.
    - bnxt_en: Fix statistics context reservation logic.
    - bnxt_en: Fix uninitialized variable usage in bnxt_rx_pkt().
    - net/tls: don't copy negative amounts of data in reencrypt
    - net/tls: fix copy to fragments in reencrypt
    - KVM: x86: Whitelist port 0x7e for pre-incrementing %rip
    - KVM: nVMX: Fix size checks in vmx_set_nested_state
    - ALSA: line6: use dynamic buffers
    - iwlwifi: mvm: properly check debugfs dentry before using it
    - ath10k: Drop WARN_ON()s that always trigger during system resume
    - Linux 5.0.13

* Add pointstick support on HP ZBook 17 G5 (LP: #1833387)
    - Revert "HID: multitouch: Support ALPS PTP stick with pid 0x120A"
    - SAUCE: HID: multitouch: Add pointstick support for ALPS Touchpad

* [SRU][B/B-OEM/B-OEM-OSP-1/C/D/E] Add trackpoint middle button support of 2
    new thinpads (LP: #1833637)
    - Input: elantech - enable middle button support on 2 ThinkPads

* Kernel panic upon resetting ixgbe SR-IOV VFIO virtual function using 5.0
    kernel (LP: #1829652)
    - SAUCE: ixgbe: Avoid NULL pointer dereference with VF on non-IPsec hw

* CVE-2019-11884
    - Bluetooth: hidp: fix buffer overflow

* TPM module can not initial (LP: #1826142)
    - spi: Optionally use GPIO descriptors for CS GPIOs
    - spi: dw: Convert to use CS GPIO descriptors
    - spi: dw: fix warning unused variable 'ret'
    - spi: Support high CS when using descriptors
    - spi: dw: Fix default polarity of native chipselect
    - gpio: of: Fix logic inversion
    - spi: Add missing error handling for CS GPIOs

* CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130 // CVE-2019-11091
    - SAUCE: Synchronize MDS mitigations with upstream
    - Documentation: Correct the possible MDS sysfs values
    - x86/speculation/mds: Fix documentation typo

* CVE-2019-11091
    - x86/mds: Add MDSUM variant to the MDS documentation

* Regression for ubuntu_kernel_selftests [net] ubuntu_bpf test case fails to
    build on disco (LP: #1829812)
    - tools: bpftool: add basic probe capability, probe syscall availability
    - tools: bpftool: add probes for eBPF program types

* POSIX fix for ftrace test in ubuntu_kernel_selftests (LP: #1828995)
    - selftests/ftrace: Replace \e with \033
    - selftests/ftrace: Replace echo -e with printf

* Disco update: 5.0.12 upstream stable release (LP: #1830934)
    - selinux: use kernel linux/socket.h for genheaders and mdp
    - Revert "ACPICA: Clear status of GPEs before enabling them"
    - drm/i915: Do not enable FEC without DSC
    - mm: make page ref count overflow check tighter and more explicit
    - mm: add 'try_get_page()' helper function
    - mm: prevent get_user_pages() from overflowing page refcount
    - fs: prevent page refcount overflow in pipe_buf_get
    - arm64: dts: renesas: r8a77990: Fix SCIF5 DMA channels
    - ARM: dts: bcm283x: Fix hdmi hpd gpio pull
    - s390: limit brk randomization to 32MB
    - mt76x02: fix hdr pointer in write txwi for USB
    - mt76: mt76x2: fix external LNA gain settings
    - mt76: mt76x2: fix 2.4 GHz channel gain settings
    - net: ieee802154: fix a potential NULL pointer dereference
    - ieee802154: hwsim: propagate genlmsg_reply return code
    - Btrfs: fix file corruption after snapshotting due to mix of buffered/DIO
      writes
    - net: stmmac: don't set own bit too early for jumbo frames
    - net: stmmac: fix jumbo frame sending with non-linear skbs
    - qlcnic: Avoid potential NULL pointer dereference
    - xsk: fix umem memory leak on cleanup
    - staging: axis-fifo: add CONFIG_OF dependency
    - staging, mt7621-pci: fix build without pci support
    - netfilter: nft_set_rbtree: check for inactive element after flag mismatch
    - netfilter: bridge: set skb transport_header before entering
      NF_INET_PRE_ROUTING
    - netfilter: fix NETFILTER_XT_TARGET_TEE dependencies
    - netfilter: ip6t_srh: fix NULL pointer dereferences
    - s390/qeth: fix race when initializing the IP address table
    - ARM: imx51: fix a leaked reference by adding missing of_node_put
    - sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init()
    - serial: ar933x_uart: Fix build failure with disabled console
    - KVM: arm64: Reset the PMU in preemptible context
    - arm64: KVM: Always set ICH_HCR_EL2.EN if GICv4 is enabled
    - KVM: arm/arm64: vgic-its: Take the srcu lock when writing to guest memory
    - KVM: arm/arm64: vgic-its: Take the srcu lock when parsing the memslots
    - usb: dwc3: pci: add support for Comet Lake PCH ID
    - usb: gadget: net2280: Fix overrun of OUT messages
    - usb: gadget: net2280: Fix net2280_dequeue()
    - usb: gadget: net2272: Fix net2272_dequeue()
    - ARM: dts: pfla02: increase phy reset duration
    - i2c: i801: Add support for Intel Comet Lake
    - KVM: arm/arm64: Fix handling of stage2 huge mappings
    - net: ks8851: Dequeue RX packets explicitly
    - net: ks8851: Reassert reset pin if chip ID check fails
    - net: ks8851: Delay requesting IRQ until opened
    - net: ks8851: Set initial carrier state to down
    - staging: rtl8188eu: Fix potential NULL pointer dereference of kcalloc
    - staging: rtlwifi: rtl8822b: fix to avoid potential NULL pointer dereference
    - staging: rtl8712: uninitialized memory in read_bbreg_hdl()
    - staging: rtlwifi: Fix potential NULL pointer dereference of kzalloc
    - net: phy: Add DP83825I to the DP83822 driver
    - net: macb: Add null check for PCLK and HCLK
    - net/sched: don't dereference a->goto_chain to read the chain index
    - ARM: dts: imx6qdl: Fix typo in imx6qdl-icore-rqs.dtsi
    - drm/tegra: hub: Fix dereference before check
    - NFS: Fix a typo in nfs_init_timeout_values()
    - net: xilinx: fix possible object reference leak
    - net: ibm: fix possible object reference leak
    - net: ethernet: ti: fix possible object reference leak
    - drm: Fix drm_release() and device unplug
    - gpio: aspeed: fix a potential NULL pointer dereference
    - drm/meson: Fix invalid pointer in meson_drv_unbind()
    - drm/meson: Uninstall IRQ handler
    - ARM: davinci: fix build failure with allnoconfig
    - sbitmap: order READ/WRITE freed instance and setting clear bit
    - staging: vc04_services: Fix an error code in vchiq_probe()
    - scsi: mpt3sas: Fix kernel panic during expander reset
    - scsi: aacraid: Insure we don't access PCIe space during AER/EEH
    - scsi: qla4xxx: fix a potential NULL pointer dereference
    - usb: usb251xb: fix to avoid potential NULL pointer dereference
    - leds: trigger: netdev: fix refcnt leak on interface rename
    - SUNRPC: fix uninitialized variable warning
    - x86/realmode: Don't leak the trampoline kernel address
    - usb: u132-hcd: fix resource leak
    - ceph: fix use-after-free on symlink traversal
    - scsi: zfcp: reduce flood of fcrscn1 trace records on multi-element RSCN
    - x86/mm: Don't exceed the valid physical address space
    - libata: fix using DMA buffers on stack
    - kbuild: skip parsing pre sub-make code for recursion
    - afs: Fix StoreData op marshalling
    - gpio: of: Check propname before applying "cs-gpios" quirks
    - gpio: of: Check for "spi-cs-high" in child instead of parent node
    - KVM: nVMX: Do not inherit quadrant and invalid for the root shadow EPT
    - KVM: SVM: Workaround errata#1096 (insn_len maybe zero on SMAP violation)
    - kvm/x86: Move MSR_IA32_ARCH_CAPABILITIES to array emulated_msrs
    - x86/kvm/hyper-v: avoid spurious pending stimer on vCPU init
    - KVM: selftests: assert on exit reason in CR4/cpuid sync test
    - KVM: selftests: explicitly disable PIE for tests
    - KVM: selftests: disable stack protector for all KVM tests
    - KVM: selftests: complete IO before migrating guest state
    - gpio: of: Fix of_gpiochip_add() error path
    - nvme-multipath: relax ANA state check
    - nvmet: fix building bvec from sg list
    - nvmet: fix error flow during ns enable
    - perf cs-etm: Add missing case value
    - perf machine: Update kernel map address and re-order properly
    - kconfig/[mn]conf: handle backspace (^H) key
    - iommu/amd: Reserve exclusion range in iova-domain
    - kasan: fix variable 'tag' set but not used warning
    - ptrace: take into account saved_sigmask in PTRACE{GET,SET}SIGMASK
    - leds: pca9532: fix a potential NULL pointer dereference
    - leds: trigger: netdev: use memcpy in device_name_store
    - Linux 5.0.12
    - [Config] Document drop of axis-fifo for amd64/i386

* Disco update: 5.0.11 upstream stable release (LP: #1830929)
    - netfilter: nf_tables: bogus EBUSY when deleting set after flush
    - netfilter: nf_tables: bogus EBUSY in helper removal from transaction
    - intel_th: gth: Fix an off-by-one in output unassigning
    - powerpc/vdso32: fix CLOCK_MONOTONIC on PPC64
    - ALSA: hda/realtek - Move to ACT_INIT state
    - fs/proc/proc_sysctl.c: Fix a NULL pointer dereference
    - block, bfq: fix use after free in bfq_bfqq_expire
    - cifs: fix memory leak in SMB2_read
    - cifs: fix page reference leak with readv/writev
    - cifs: do not attempt cifs operation on smb2+ rename error
    - tracing: Fix a memory leak by early error exit in trace_pid_write()
    - tracing: Fix buffer_ref pipe ops
    - crypto: xts - Fix atomic sleep when walking skcipher
    - crypto: lrw - Fix atomic sleep when walking skcipher
    - gpio: eic: sprd: Fix incorrect irq type setting for the sync EIC
    - zram: pass down the bvec we need to read into in the work struct
    - lib/Kconfig.debug: fix build error without CONFIG_BLOCK
    - MIPS: scall64-o32: Fix indirect syscall number load
    - trace: Fix preempt_enable_no_resched() abuse
    - mm: do not boost watermarks to avoid fragmentation for the DISCONTIG memory
      model
    - arm64: mm: Ensure tail of unaligned initrd is reserved
    - IB/rdmavt: Fix frwr memory registration
    - RDMA/mlx5: Do not allow the user to write to the clock page
    - RDMA/mlx5: Use rdma_user_map_io for mapping BAR pages
    - RDMA/ucontext: Fix regression with disassociate
    - sched/numa: Fix a possible divide-by-zero
    - ceph: only use d_name directly when parent is locked
    - ceph: ensure d_name stability in ceph_dentry_hash()
    - ceph: fix ci->i_head_snapc leak
    - nfsd: Don't release the callback slot unless it was actually held
    - nfsd: wake waiters blocked on file_lock before deleting it
    - nfsd: wake blocked file lock waiters before sending callback
    - sunrpc: don't mark uninitialised items as VALID.
    - perf/x86/intel: Update KBL Package C-state events to also include
      PC8/PC9/PC10 counters
    - Input: synaptics-rmi4 - write config register values to the right offset
    - dmaengine: sh: rcar-dmac: With cyclic DMA residue 0 is valid
    - dmaengine: sh: rcar-dmac: Fix glitch in dmaengine_tx_status
    - dmaengine: mediatek-cqdma: fix wrong register usage in mtk_cqdma_start
    - ARM: 8857/1: efi: enable CP15 DMB instructions before cleaning the cache
    - powerpc/mm/radix: Make Radix require HUGETLB_PAGE
    - drm/vc4: Fix memory leak during gpu reset.
    - drm/ttm: fix re-init of global structures
    - drm/vc4: Fix compilation error reported by kbuild test bot
    - ext4: fix some error pointer dereferences
    - loop: do not print warn message if partition scan is successful
    - tipc: handle the err returned from cmd header function
    - slip: make slhc_free() silently accept an error pointer
    - workqueue: Try to catch flush_work() without INIT_WORK().
    - sched/deadline: Correctly handle active 0-lag timers
    - mac80211_hwsim: calculate if_combination.max_interfaces
    - NFS: Forbid setting AF_INET6 to "struct sockaddr_in"->sin_family.
    - netfilter: ebtables: CONFIG_COMPAT: drop a bogus WARN_ON
    - fm10k: Fix a potential NULL pointer dereference
    - tipc: check bearer name with right length in tipc_nl_compat_bearer_enable
    - tipc: check link name with right length in tipc_nl_compat_link_set
    - net: netrom: Fix error cleanup path of nr_proto_init
    - net/rds: Check address length before reading address family
    - rxrpc: fix race condition in rxrpc_input_packet()
    - pin iocb through aio.
    - aio: fold lookup_kiocb() into its sole caller
    - aio: keep io_event in aio_kiocb
    - aio: store event at final iocb_put()
    - Fix aio_poll() races
    - x86, retpolines: Raise limit for generating indirect calls from switch-case
    - x86/retpolines: Disable switch jump tables when retpolines are enabled
    - rdma: fix build errors on s390 and MIPS due to bad ZERO_PAGE use
    - ipv4: add sanity checks in ipv4_link_failure()
    - ipv4: set the tcp_min_rtt_wlen range from 0 to one day
    - mlxsw: spectrum: Fix autoneg status in ethtool
    - net/mlx5e: ethtool, Remove unsupported SFP EEPROM high pages query
    - net: rds: exchange of 8K and 1M pool
    - net/rose: fix unbound loop in rose_loopback_timer()
    - net: stmmac: move stmmac_check_ether_addr() to driver probe
    - net/tls: fix refcount adjustment in fallback
    - stmmac: pci: Adjust IOT2000 matching
    - team: fix possible recursive locking when add slaves
    - net: socionext: replace napi_alloc_frag with the netdev variant on init
    - net/ncsi: handle overflow when incrementing mac address
    - mlxsw: pci: Reincrease PCI reset timeout
    - mlxsw: spectrum: Put MC TCs into DWRR mode
    - net/mlx5e: Fix the max MTU check in case of XDP
    - net/mlx5e: Fix use-after-free after xdp_return_frame
    - net/tls: avoid potential deadlock in tls_set_device_offload_rx()
    - net/tls: don't leak IV and record seq when offload fails
    - Linux 5.0.11

* Disco update: 5.0.10 upstream stable release (LP: #1830922)
    - bonding: fix event handling for stacked bonds
    - failover: allow name change on IFF_UP slave interfaces
    - net: atm: Fix potential Spectre v1 vulnerabilities
    - net: bridge: fix per-port af_packet sockets
    - net: bridge: multicast: use rcu to access port list from
      br_multicast_start_querier
    - net: fec: manage ahb clock in runtime pm
    - net: Fix missing meta data in skb with vlan packet
    - net: fou: do not use guehdr after iptunnel_pull_offloads in gue_udp_recv
    - tcp: tcp_grow_window() needs to respect tcp_space()
    - team: set slave to promisc if team is already in promisc mode
    - tipc: missing entries in name table of publications
    - vhost: reject zero size iova range
    - ipv4: recompile ip options in ipv4_link_failure
    - ipv4: ensure rcu_read_lock() in ipv4_link_failure()
    - mlxsw: spectrum_switchdev: Add MDB entries in prepare phase
    - mlxsw: core: Do not use WQ_MEM_RECLAIM for EMAD workqueue
    - mlxsw: core: Do not use WQ_MEM_RECLAIM for mlxsw ordered workqueue
    - mlxsw: core: Do not use WQ_MEM_RECLAIM for mlxsw workqueue
    - mlxsw: spectrum_router: Do not check VRF MAC address
    - net: thunderx: raise XDP MTU to 1508
    - net: thunderx: don't allow jumbo frames with XDP
    - net/tls: fix the IV leaks
    - net/tls: don't leak partially sent record in device mode
    - net: strparser: partially revert "strparser: Call skb_unclone conditionally"
    - net/tls: fix build without CONFIG_TLS_DEVICE
    - net: bridge: fix netlink export of vlan_stats_per_port option
    - net/mlx5e: XDP, Avoid checksum complete when XDP prog is loaded
    - net/mlx5e: Protect against non-uplink representor for encap
    - net/mlx5e: Switch to Toeplitz RSS hash by default
    - net/mlx5e: Rx, Fixup skb checksum for packets with tail padding
    - net/mlx5e: Rx, Check ip headers sanity
    - Revert "net/mlx5e: Enable reporting checksum unnecessary also for L3
      packets"
    - net/mlx5: FPGA, tls, hold rcu read lock a bit longer
    - net/tls: prevent bad memory access in tls_is_sk_tx_device_offloaded()
    - net/mlx5: FPGA, tls, idr remove on flow delete
    - route: Avoid crash from dereferencing NULL rt->from
    - nfp: flower: replace CFI with vlan present
    - nfp: flower: remove vlan CFI bit from push vlan action
    - sch_cake: Use tc_skb_protocol() helper for getting packet protocol
    - sch_cake: Make sure we can write the IP header before changing DSCP bits
    - NFC: nci: Add some bounds checking in nci_hci_cmd_received()
    - nfc: nci: Potential off by one in ->pipes[] array
    - sch_cake: Simplify logic in cake_select_tin()
    - CIFS: keep FileInfo handle live during oplock break
    - cifs: Fix lease buffer length error
    - cifs: Fix use-after-free in SMB2_write
    - cifs: Fix use-after-free in SMB2_read
    - cifs: fix handle leak in smb2_query_symlink()
    - fs/dax: Deposit pagetable even when installing zero page
    - KVM: x86: Don't clear EFER during SMM transitions for 32-bit vCPU
    - KVM: x86: svm: make sure NMI is injected after nmi_singlestep
    - Staging: iio: meter: fixed typo
    - staging: iio: ad7192: Fix ad7193 channel address
    - iio: gyro: mpu3050: fix chip ID reading
    - iio/gyro/bmg160: Use millidegrees for temperature scale
    - iio:chemical:bme680: Fix, report temperature in millidegrees
    - iio:chemical:bme680: Fix SPI read interface
    - iio: cros_ec: Fix the maths for gyro scale calculation
    - iio: ad_sigma_delta: select channel when reading register
    - iio: dac: mcp4725: add missing powerdown bits in store eeprom
    - iio: Fix scan mask selection
    - iio: adc: at91: disable adc channel interrupt in timeout case
    - iio: core: fix a possible circular locking dependency
    - io: accel: kxcjk1013: restore the range after resume.
    - staging: most: core: use device description as name
    - staging: comedi: vmk80xx: Fix use of uninitialized semaphore
    - staging: comedi: vmk80xx: Fix possible double-free of ->usb_rx_buf
    - staging: comedi: ni_usb6501: Fix use of uninitialized mutex
    - staging: comedi: ni_usb6501: Fix possible double-free of ->usb_rx_buf
    - ALSA: core: Fix card races between register and disconnect
    - Input: elan_i2c - add hardware ID for multiple Lenovo laptops
    - serial: sh-sci: Fix HSCIF RX sampling point adjustment
    - serial: sh-sci: Fix HSCIF RX sampling point calculation
    - vt: fix cursor when clearing the screen
    - scsi: core: set result when the command cannot be dispatched
    - Revert "scsi: fcoe: clear FC_RP_STARTED flags when receiving a LOGO"
    - i3c: dw: Fix dw_i3c_master_disable controller by using correct mask
    - i3c: Fix the verification of random PID
    - Revert "svm: Fix AVIC incomplete IPI emulation"
    - coredump: fix race condition between mmget_not_zero()/get_task_mm() and core
      dumping
    - x86/kvm: move kvm_load/put_guest_xcr0 into atomic context
    - ipmi: fix sleep-in-atomic in free_user at cleanup SRCU user->release_barrier
    - crypto: x86/poly1305 - fix overflow during partial reduction
    - drm/ttm: fix out-of-bounds read in ttm_put_pages() v2
    - arm64: futex: Restore oldval initialization to work around buggy compilers
    - x86/kprobes: Verify stack frame on kretprobe
    - kprobes: Mark ftrace mcount handler functions nokprobe
    - x86/kprobes: Avoid kretprobe recursion bug
    - kprobes: Fix error check when reusing optimized probes
    - rt2x00: do not increment sequence number while re-transmitting
    - mac80211: do not call driver wake_tx_queue op during reconfig
    - s390/mem_detect: Use IS_ENABLED(CONFIG_BLK_DEV_INITRD)
    - drm/amdgpu/gmc9: fix VM_L2_CNTL3 programming
    - perf/x86/amd: Add event map for AMD Family 17h
    - x86/cpu/bugs: Use __initconst for 'const' init data
    - perf/x86: Fix incorrect PEBS_REGS
    - x86/speculation: Prevent deadlock on ssb_state::lock
    - timers/sched_clock: Prevent generic sched_clock wrap caused by tick_freeze()
    - nfit/ars: Remove ars_start_flags
    - nfit/ars: Introduce scrub_flags
    - nfit/ars: Allow root to busy-poll the ARS state machine
    - nfit/ars: Avoid stale ARS results
    - tpm/tpm_i2c_atmel: Return -E2BIG when the transfer is incomplete
    - tpm: Fix the type of the return value in calc_tpm2_event_size()
    - Revert "kbuild: use -Oz instead of -Os when using clang"
    - sched/fair: Limit sched_cfs_period_timer() loop to avoid hard lockup
    - tpm: fix an invalid condition in tpm_common_poll
    - mt76x02: avoid status_list.lock and sta->rate_ctrl_lock dependency
    - device_cgroup: fix RCU imbalance in error case
    - perf/ring_buffer: Fix AUX record suppression
    - mm/memory_hotplug: do not unlock after failing to take the
      device_hotplug_lock
    - mm/vmstat.c: fix /proc/vmstat format for CONFIG_DEBUG_TLBFLUSH=y
      CONFIG_SMP=n
    - ALSA: info: Fix racy addition/deletion of nodes
    - percpu: stop printing kernel addresses
    - kernel/sysctl.c: fix out-of-bounds access when setting file-max
    - Linux 5.0.10

* Disco update: 5.0.9 upstream stable release (LP: #1830906)
    - ARC: u-boot args: check that magic number is correct
    - arc: hsdk_defconfig: Enable CONFIG_BLK_DEV_RAM
    - perf/core: Restore mmap record type correctly
    - mips: bcm47xx: Enable USB power on Netgear WNDR3400v2
    - ext4: avoid panic during forced reboot
    - ext4: add missing brelse() in add_new_gdb_meta_bg()
    - ext4: report real fs size after failed resize
    - ALSA: echoaudio: add a check for ioremap_nocache
    - ALSA: sb8: add a check for request_region
    - auxdisplay: hd44780: Fix memory leak on ->remove()
    - drm/udl: use drm_gem_object_put_unlocked.
    - IB/mlx4: Fix race condition between catas error reset and aliasguid flows
    - i40iw: Avoid panic when handling the inetdev event
    - mmc: davinci: remove extraneous __init annotation
    - ALSA: opl3: fix mismatch between snd_opl3_drum_switch definition and
      declaration
    - paride/pf: cleanup queues when detection fails
    - paride/pcd: cleanup queues when detection fails
    - thermal/intel_powerclamp: fix __percpu declaration of worker_data
    - thermal: samsung: Fix incorrect check after code merge
    - thermal: bcm2835: Fix crash in bcm2835_thermal_debugfs
    - thermal/int340x_thermal: Add additional UUIDs
    - thermal/int340x_thermal: fix mode setting
    - thermal/intel_powerclamp: fix truncated kthread name
    - scsi: iscsi: flush running unbind operations when removing a session
    - sched/cpufreq: Fix 32-bit math overflow
    - sched/core: Fix buffer overflow in cgroup2 property cpu.max
    - x86/mm: Don't leak kernel addresses
    - tools/power turbostat: return the exit status of a command
    - scsi: core: Also call destroy_rcu_head() for passthrough requests
    - scsi: qla2xxx: Fix NULL pointer crash due to stale CPUID
    - perf stat: Fix --no-scale
    - perf list: Don't forget to drop the reference to the allocated thread_map
    - perf tools: Fix errors under optimization level '-Og'
    - perf config: Fix an error in the config template documentation
    - perf config: Fix a memory leak in collect_config()
    - perf build-id: Fix memory leak in print_sdt_events()
    - perf top: Fix error handling in cmd_top()
    - perf hist: Add missing map__put() in error case
    - perf map: Remove map from 'names' tree in __maps__remove()
    - perf maps: Purge all maps from the 'names' tree
    - perf top: Fix global-buffer-overflow issue
    - perf evsel: Free evsel->counts in perf_evsel__exit()
    - perf tests: Fix a memory leak of cpu_map object in the
      openat_syscall_event_on_all_cpus test
    - perf tests: Fix memory leak by expr__find_other() in test__expr()
    - perf tests: Fix a memory leak in test__perf_evsel__tp_sched_test()
    - ACPI / utils: Drop reference in test for device presence
    - PM / Domains: Avoid a potential deadlock
    - blk-iolatency: #include "blk.h"
    - drm/exynos/mixer: fix MIXER shadow registry synchronisation code
    - irqchip/stm32: Don't clear rising/falling config registers at init
    - irqchip/stm32: Don't set rising configuration registers at init
    - irqchip/mbigen: Don't clear eventid when freeing an MSI
    - x86/hpet: Prevent potential NULL pointer dereference
    - x86/hyperv: Prevent potential NULL pointer dereference
    - x86/cpu/cyrix: Use correct macros for Cyrix calls on Geode processors
    - drm/nouveau/debugfs: Fix check of pm_runtime_get_sync failure
    - iommu/vt-d: Check capability before disabling protected memory
    - iommu/vt-d: Save the right domain ID used by hardware
    - x86/hw_breakpoints: Make default case in hw_breakpoint_arch_parse() return
      an error
    - cifs: fix that return -EINVAL when do dedupe operation
    - fix incorrect error code mapping for OBJECTID_NOT_FOUND
    - cifs: Fix slab-out-of-bounds when tracing SMB tcon
    - x86/gart: Exclude GART aperture from kcore
    - ext4: prohibit fstrim in norecovery mode
    - lkdtm: Print real addresses
    - lkdtm: Add tests for NULL pointer dereference
    - drm/amdgpu: psp_ring_destroy cause psp->km_ring.ring_mem NULL
    - drm/panel: panel-innolux: set display off in innolux_panel_unprepare
    - crypto: axis - fix for recursive locking from bottom half
    - Revert "ACPI / EC: Remove old CLEAR_ON_RESUME quirk"
    - coresight: cpu-debug: Support for CA73 CPUs
    - PCI: Blacklist power management of Gigabyte X299 DESIGNARE EX PCIe ports
    - PCI/ASPM: Save LTR Capability for suspend/resume
    - f2fs: sync filesystem after roll-forward recovery
    - drm/nouveau/volt/gf117: fix speedo readout register
    - platform/x86: intel_pmc_core: Quirk to ignore XTAL shutdown
    - ARM: 8839/1: kprobe: make patch_lock a raw_spinlock_t
    - drm/amdkfd: use init_mqd function to allocate object for hid_mqd (CI)
    - appletalk: Fix use-after-free in atalk_proc_exit
    - cifs: return -ENODATA when deleting an xattr that does not exist
    - lib/div64.c: off by one in shift
    - rxrpc: Fix client call connect/disconnect race
    - f2fs: fix to dirty inode for i_mode recovery
    - f2fs: fix to use kvfree instead of kzfree
    - f2fs: fix to add refcount once page is tagged PG_private
    - include/linux/swap.h: use offsetof() instead of custom __swapoffset macro
    - bpf: fix use after free in bpf_evict_inode
    - IB/hfi1: Failed to drain send queue when QP is put into error state
    - paride/pf: Fix potential NULL pointer dereference
    - paride/pcd: Fix potential NULL pointer dereference and mem leak
    - Linux 5.0.9

* crashdump fails on HiSilicon D06 (LP: #1828868)
    - iommu/arm-smmu-v3: Don't disable SMMU in kdump kernel

* Eletrical noise occurred when external headset enter powersaving mode on a
    DEll machine (LP: #1828798)
    - ALSA: hda/realtek - Fixup headphone noise via runtime suspend

* [18.04/18.10] File libperf-jvmti.so is missing in linux-tools-common deb on
    Ubuntu (LP: #1761379)
    - [Packaging] Support building libperf-jvmti.so

* ethtool identify command doesn't blink LED on Hi1620 NICs (LP: #1829306)
    - net: phy: marvell: add new default led configure for m88e151x

* Add support to Comet Lake LPSS (LP: #1830175)
    - mfd: intel-lpss: Add Intel Comet Lake PCI IDs

* Reduce NAPI weight in hns driver from 256 to 64 (LP: #1830587)
    - net: hns: Use NAPI_POLL_WEIGHT for hns driver

-- Stefan Bader <stefan.bader@canonical.com>  Tue, 02 Jul 2019 12:25:52 +0200

Changed in linux (Ubuntu Disco):
status:	Fix Committed → Fix Released

Frank Heimes (fheimes) on 2019-07-23

Changed in ubuntu-z-systems:
status:	Fix Committed → Fix Released

Revision history for this message

bugproxy (bugproxy) wrote on 2019-07-23:

#14

------- Comment From <email address hidden> 2019-07-23 02:36 EDT-------
IBM Bugzilla status -> closed, Fix Released for all requested distros

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2019-08-22:

#15

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-xenial' to 'verification-done-xenial'. If the problem still exists, change the tag 'verification-needed-xenial' to 'verification-failed-xenial'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: verification-needed-xenial

Revision history for this message

bugproxy (bugproxy) wrote on 2019-08-26:

#16

------- Comment From <email address hidden> 2019-08-26 08:55 EDT-------
Verified upfront by IBM...

Ubuntu
linux package

[UBUNTU] kernel: Fix wrong dispatching for control domain CPRBs

Bug Description

CVE References

Other bug subscribers

Patches

Bug attachments

Remote bug watches

	Status	Importance	Assigned to
Ubuntu on IBM z Systems	Fix Released	High	Canonical Kernel Team
linux (Ubuntu)	Fix Released	Undecided	Skipper Bug Screeners
Bionic	Fix Released	Medium	Unassigned
Disco	Fix Released	Medium	Unassigned

Ubuntulinux package

[UBUNTU] kernel: Fix wrong dispatching for control domain CPRBs

Bug Description

CVE References

Other bug subscribers

Patches

Bug attachments

Remote bug watches

Ubuntu
linux package