Security update for the Linux Kernel

Announcement ID: SUSE-SU-2018:3934-1
Rating: important
References:
Cross-References:
CVSS scores:
  • CVE-2017-16533 ( SUSE ): 4.6 CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2017-16533 ( NVD ): 6.6 CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2017-18224 ( NVD ): 4.7 CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2018-18386 ( SUSE ): 6.2 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2018-18386 ( NVD ): 3.3 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  • CVE-2018-18445 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  • CVE-2018-18445 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2018-18445 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2018-18710 ( SUSE ): 5.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • CVE-2018-18710 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected Products:
  • SUSE Linux Enterprise High Performance Computing 12 SP4
  • SUSE Linux Enterprise Server 12 SP4
  • SUSE Linux Enterprise Server for SAP Applications 12 SP4

An update that solves five vulnerabilities and has 101 security fixes can now be installed.

Description:

The SUSE Linux Enterprise 12 SP4 kernel for Azure was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2018-18710: An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658 (bnc#1113751).
  • CVE-2018-18445: Faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandled 32-bit right shifts (bnc#1112372).
  • CVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825).
  • CVE-2017-18224: fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allowed local users to cause a denial of service (BUG) by modifying a certain e_cpos field (bnc#1084831).
  • CVE-2017-16533: The usbhid_parse function in drivers/hid/usbhid/hid-core.c allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066674).

The following non-security bugs were fixed:

  • acpi, nfit: Prefer _DSM over _LSR for namespace label reads (bsc#112128).
  • acpi / processor: Fix the return value of acpi_processor_ids_walk() (bsc#1051510).
  • aio: fix io_destroy(2) vs. lookup_ioctx() race (git-fixes).
  • alsa: hda: Add 2 more models to the power_save blacklist (bsc#1051510).
  • alsa: hda - Add mic quirk for the Lenovo G50-30 (17aa:3905) (bsc#1051510).
  • alsa: hda - Add quirk for ASUS G751 laptop (bsc#1051510).
  • alsa: hda - Fix headphone pin config for ASUS G751 (bsc#1051510).
  • alsa: hda: fix unused variable warning (bsc#1051510).
  • alsa: hda/realtek - Cannot adjust speaker's volume on Dell XPS 27 7760 (bsc#1051510).
  • alsa: hda/realtek - Fix the problem of the front MIC on the Lenovo M715 (bsc#1051510).
  • alsa: usb-audio: update quirk for B&W PX to remove microphone (bsc#1051510).
  • apparmor: Check buffer bounds when mapping permissions mask (git-fixes).
  • ARM: bcm2835: Add GET_THROTTLED firmware property (bsc#1108468).
  • ASoC: intel: skylake: Add missing break in skl_tplg_get_token() (bsc#1051510).
  • ASoC: Intel: Skylake: Reset the controller in probe (bsc#1051510).
  • ASoC: rsnd: adg: care clock-frequency size (bsc#1051510).
  • ASoC: rsnd: do not fallback to PIO mode when -EPROBE_DEFER (bsc#1051510).
  • ASoC: rt5514: Fix the issue of the delay volume applied again (bsc#1051510).
  • ASoC: sigmadsp: safeload should not have lower byte limit (bsc#1051510).
  • ASoC: wm8804: Add ACPI support (bsc#1051510).
  • ath10k: fix kernel panic issue during pci probe (bsc#1051510).
  • ath10k: fix scan crash due to incorrect length calculation (bsc#1051510).
  • ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait (bsc#1051510).
  • autofs: fix autofs_sbi() does not check super block type (git-fixes).
  • autofs: fix slab out of bounds read in getname_kernel() (git-fixes).
  • autofs: mount point create should honour passed in mode (git-fixes).
  • badblocks: fix wrong return value in badblocks_set if badblocks are disabled (git-fixes).
  • batman-adv: Avoid probe ELP information leak (bsc#1051510).
  • batman-adv: fix backbone_gw refcount on queue_work() failure (bsc#1051510).
  • batman-adv: fix hardif_neigh refcount on queue_work() failure (bsc#1051510).
  • bdi: Fix another oops in wb_workfn() (bsc#1112746).
  • bdi: Preserve kabi when adding cgwb_release_mutex (bsc#1112746).
  • blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers (bsc#1111819).
  • blk-mq: I/O and timer unplugs are inverted in blktrace (bsc#1112713).
  • block, bfq: fix wrong init of saved start time for weight raising (bsc#1112708).
  • block: bfq: swap puts in bfqg_and_blkg_put (bsc#1112712).
  • block: bvec_nr_vecs() returns value for wrong slab (bsc#1111834).
  • bpf/verifier: disallow pointer subtraction (bsc#1083647).
  • btrfs: Enhance btrfs_trim_fs function to handle error better (Dependency for bsc#1113667).
  • btrfs: Ensure btrfs_trim_fs can trim the whole filesystem (bsc#1113667).
  • btrfs: fix file data corruption after cloning a range and fsync (bsc#1111901).
  • btrfs: fix missing error return in btrfs_drop_snapshot (Git-fixes bsc#1109919).
  • btrfs: fix mount failure after fsync due to hard link recreation (bsc#1103543).
  • btrfs: handle errors while updating refcounts in update_ref_for_cow (Git-fixes bsc#1109915).
  • btrfs: send, fix invalid access to commit roots due to concurrent snapshotting (bsc#1111904).
  • cdc-acm: fix race between reset and control messaging (bsc#1051510).
  • ceph: avoid a use-after-free in ceph_destroy_options() (bsc#1111983).
  • cfg80211: fix a type issue in ieee80211_chandef_to_operating_class() (bsc#1051510).
  • cifs: check for STATUS_USER_SESSION_DELETED (bsc#1112902).
  • cifs: check for STATUS_USER_SESSION_DELETED (bsc#1112902).
  • cifs: connect to servername instead of IP for IPC$ share (bsc#1106359).
  • cifs: fix memory leak in SMB2_open() (bsc#1112894).
  • cifs: fix memory leak in SMB2_open() (bsc#1112894).
  • cifs: Fix use after free of a mid_q_entry (bsc#1112903).
  • cifs: Fix use after free of a mid_q_entry (bsc#1112903).
  • clk: x86: add "ether_clk" alias for Bay Trail / Cherry Trail (bsc#1051510).
  • clk: x86: Stop marking clocks as CLK_IS_CRITICAL (bsc#1051510).
  • clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs (bsc#1051510).
  • clocksource/drivers/timer-atmel-pit: Properly handle error cases (bsc#1051510).
  • coda: fix 'kernel memory exposure attempt' in fsync (bsc#1051510).
  • crypto: caam - fix implicit casts in endianness helpers (bsc#1051510).
  • crypto: ccp - add timeout support in the SEV command (bsc#1106838).
  • crypto: chelsio - Fix memory corruption in DMA Mapped buffers (bsc#1051510).
  • crypto: lrw - Fix out-of bounds access on counter overflow (bsc#1051510).
  • crypto: mxs-dcp - Fix wait logic on chan threads (bsc#1051510).
  • crypto: qat - Fix KASAN stack-out-of-bounds bug in adf_probe() (bsc#1051510).
  • crypto: tcrypt - fix ghash-generic speed test (bsc#1051510).
  • dax: Fix deadlock in dax_lock_mapping_entry() (bsc#1109951).
  • debugobjects: Make stack check warning more informative (bsc#1051510).
  • Disable DRM patches that broke vbox video driver KMP (bsc#1111076)
  • Documentation/l1tf: Fix small spelling typo (bsc#1051510).
  • do d_instantiate/unlock_new_inode combinations safely (git-fixes).
  • Do not leak MNT_INTERNAL away from internal mounts (git-fixes).
  • drm/amdgpu: add another ATPX quirk for TOPAZ (bsc#1051510).
  • drm/amdgpu: fix error handling in amdgpu_cs_user_fence_chunk (bsc#1106110)
  • drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 (bsc#1051510).
  • drm/amdgpu: Fix vce work queue was not cancelled when suspend (bsc#1106110)
  • drm/amdgpu/powerplay: fix missing break in switch statements (bsc#1113722)
  • drm/amdgpu: Pulling old prepare and submit for flip back (bsc#1051510).
  • drm/amdgpu: revert "fix deadlock of reservation between cs and gpu reset v2" (bsc#1051510).
  • drm/edid: VSDB yCBCr420 Deep Color mode bit definitions (bsc#1051510).
  • drm/hisilicon: hibmc: Do not carry error code in HiBMC framebuffer (bsc#1113722)
  • drm/hisilicon: hibmc: Do not overwrite fb helper surface depth (bsc#1113722)
  • drm/i915/audio: Hook up component bindings even if displays are (bsc#1113722)
  • drm/i915/dp: Link train Fallback on eDP only if fallback link BW can fit panel's native mode (bsc#1051510).
  • drm/i915/gen9+: Fix initial readout for Y tiled framebuffers (bsc#1113722)
  • drm/i915/glk: Add Quirk for GLK NUC HDMI port issues (bsc#1051510).
  • drm/i915: Restore vblank interrupts earlier (bsc#1051510).
  • drm: mali-dp: Call drm_crtc_vblank_reset on device init (bsc#1051510).
  • drm/mediatek: fix OF sibling-node lookup (bsc#1106110)
  • drm/msm: fix OF child-node lookup (bsc#1106110)
  • drm/nouveau/disp: fix DP disable race (bsc#1051510).
  • drm/nouveau: Do not disable polling in fallback mode (bsc#1103356).
  • drm/nouveau/TBDdevinit: do not fail when PMU/PRE_OS is missing from VBIOS (bsc#1051510).
  • drm/sti: do not remove the drm_bridge that was never added (bsc#1100132)
  • drm/sun4i: Fix an ulong overflow in the dotclock driver (bsc#1106110)
  • drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset() (bsc#1113722)
  • e1000: check on netif_running() before calling e1000_up() (bsc#1051510).
  • e1000: ensure to free old tx/rx rings in set_ringparam() (bsc#1051510).
  • edac: Raise the maximum number of memory controllers (bsc#1113780).
  • edac, thunderx: Fix memory leak in thunderx_l2c_threaded_isr() (bsc#1114279).
  • eeprom: at24: change nvmem stride to 1 (bsc#1051510).
  • eeprom: at24: check at24_read/write arguments (bsc#1051510).
  • eeprom: at24: correctly set the size for at24mac402 (bsc#1051510).
  • enic: do not call enic_change_mtu in enic_probe (bsc#1051510).
  • enic: handle mtu change for vf properly (bsc#1051510).
  • enic: initialize enic->rfs_h.lock in enic_probe (bsc#1051510).
  • ethtool: fix a privilege escalation bug (bsc#1076830).
  • ext2, dax: set ext2_dax_aops for dax files (bsc#1112554).
  • ext4: avoid arithemetic overflow that can trigger a BUG (bsc#1112736).
  • ext4: avoid divide by zero fault when deleting corrupted inline directories (bsc#1112735).
  • ext4: check for NUL characters in extended attribute's name (bsc#1112732).
  • ext4: check to make sure the rename(2)'s destination is not freed (bsc#1112734).
  • ext4: do not mark mmp buffer head dirty (bsc#1112743).
  • ext4: fix online resize's handling of a too-small final block group (bsc#1112739).
  • ext4: fix online resizing for bigalloc file systems with a 1k block size (bsc#1112740).
  • ext4: fix spectre gadget in ext4_mb_regular_allocator() (bsc#1112733).
  • ext4: recalucate superblock checksum after updating free blocks/inodes (bsc#1112738).
  • ext4: reset error code in ext4_find_entry in fallback (bsc#1112731).
  • ext4: show test_dummy_encryption mount option in /proc/mounts (bsc#1112741).
  • fbdev/omapfb: fix omapfb_memory_read infoleak (bsc#1051510).
  • firmware: raspberrypi: Register hwmon driver (bsc#1108468).
  • floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl (bsc#1051510).
  • fs: dcache: Avoid livelock between d_alloc_parallel and __d_add (git-fixes).
  • fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() (git-fixes).
  • fs: dcache: Use READ_ONCE when accessing i_dir_seq (git-fixes).
  • fs/quota: Fix spectre gadget in do_quotactl (bsc#1112745).
  • getname_kernel() needs to make sure that ->name != ->iname in long case (git-fixes).
  • gpio: adp5588: Fix sleep-in-atomic-context bug (bsc#1051510).
  • gpio: Fix crash due to registration race (bsc#1051510).
  • gpiolib-acpi: Register GpioInt ACPI event handlers from a late_initcall (bsc#1051510).
  • gpio: mb86s70: Revert "Return error if requesting an already assigned gpio" (bsc#1051510).
  • hfsplus: do not return 0 when fill_super() failed (bsc#1051510).
  • hfsplus: stop workqueue when fill_super() failed (bsc#1051510).
  • hfs: prevent crash on exit from failed search (bsc#1051510).
  • hid: add support for Apple Magic Keyboards (bsc#1051510).
  • hid: hid-saitek: Add device ID for RAT 7 Contagion (bsc#1051510).
  • hid: hid-sensor-hub: Force logical minimum to 1 for power and report state (bsc#1051510).
  • hid: quirks: fix support for Apple Magic Keyboards (bsc#1051510).
  • hid: sensor-hub: Restore fixup for Lenovo ThinkPad Helix 2 sensor hub report (bsc#1051510).
  • hv: avoid crash in vmbus sysfs files (bnc#1108377).
  • hv_netvsc: Fix a deadlock by getting rtnl lock earlier in netvsc_probe() (bsc#1109772).
  • hv_netvsc: fix schedule in RCU context ().
  • hwmon: Add support for RPi voltage sensor (bsc#1108468).
  • hwmon: (adt7475) Make adt7475_read_word() return errors (bsc#1051510).
  • hwmon: (ina2xx) fix sysfs shunt resistor read access (bsc#1051510).
  • hwmon: rpi: add module alias to raspberrypi-hwmon (bsc#1108468).
  • hwrng: core - document the quality field (bsc#1051510).
  • hypfs_kill_super(): deal with failed allocations (bsc#1051510).
  • i2c: i2c-scmi: fix for i2c_smbus_write_block_data (bsc#1051510).
  • i2c: rcar: cleanup DMA for all kinds of failure (bsc#1051510).
  • iio: adc: at91: fix acking DRDY irq on simple conversions (bsc#1051510).
  • iio: adc: at91: fix wrong channel number in triggered buffer mode (bsc#1051510).
  • iio: adc: imx25-gcq: Fix leak of device_node in mx25_gcq_setup_cfgs() (bsc#1051510).
  • Input: atakbd - fix Atari CapsLock behaviour (bsc#1051510).
  • Input: atakbd - fix Atari keymap (bsc#1051510).
  • intel_th: pci: Add Ice Lake PCH support (bsc#1051510).
  • iommu/arm-smmu: Error out only if not enough context interrupts (bsc#1106237).
  • iommu/vt-d: Add definitions for PFSID (bsc#1106237).
  • iommu/vt-d: Fix dev iotlb pfsid use (bsc#1106237).
  • iommu/vt-d: Fix scatterlist offset handling (bsc#1106237).
  • ipc/shm.c add ->pagesize function to shm_vm_ops (bsc#1111811).
  • iwlwifi: dbg: do not crash if the firmware crashes in the middle of a debug dump (bsc#1051510).
  • iwlwifi: mvm: Allow TKIP for AP mode (bsc#1051510).
  • iwlwifi: mvm: check for n_profiles validity in EWRD ACPI (bsc#1051510).
  • iwlwifi: mvm: clear HW_RESTART_REQUESTED when stopping the interface (bsc#1051510).
  • iwlwifi: mvm: open BA session only when sta is authorized (bsc#1051510).
  • iwlwifi: mvm: send BCAST management frames to the right station (bsc#1051510).
  • iwlwifi: pcie: gen2: build A-MSDU only for GSO (bsc#1051510).
  • iwlwifi: pcie gen2: check iwl_pcie_gen2_set_tb() return value (bsc#1051510).
  • jbd2: fix use after free in jbd2_log_do_checkpoint() (bsc#1113257).
  • kABI: Hide get_msr_feature() in kvm_x86_ops (bsc#1106240).
  • KABI: hide new member in struct iommu_table from genksyms (bsc#1061840).
  • KABI: powerpc: export __find_linux_pte as __find_linux_pte_or_hugepte (bsc#1061840).
  • kabi/severities: correct nvdimm kabi exclusion
  • kabi/severities: ignore ppc64 realmode helpers. KVM fixes remove exports of realmode_pfn_to_page iommu_tce_xchg_rm mm_iommu_lookup_rm mm_iommu_ua_to_hpa_rm. Some are no longer used and others are no longer exported because the code was consolideted in one place. These helpers are to be called in realmode and linking to them from non-KVM modules is a bug. Hence removing them does not break KABI.
  • kabi/severities: ignore __xive_vm_h_* KVM internal symbols.
  • Kbuild: fix # escaping in .cmd files for future Make (git-fixes).
  • kernfs: update comment about kernfs_path() return value (bsc#1051510).
  • kprobes/x86: Fix %p uses in error messages (bsc#1110006).
  • ksm: fix unlocked iteration over vmas in cmp_and_merge_page() (VM Functionality bsc#1111806).
  • kvm: Make VM ioctl do valloc for some archs (bsc#1111506).
  • KVM: PPC: Add pt_regs into kvm_vcpu_arch and move vcpu->arch.gpr[] into it (bsc#1061840).
  • KVM: PPC: Avoid marking DMA-mapped pages dirty in real mode (bsc#1061840).
  • KVM: PPC: Book3S: Add MMIO emulation for VMX instructions (bsc#1061840).
  • KVM: PPC: Book3S: Allow backing bigger guest IOMMU pages with smaller physical pages (bsc#1061840).
  • KVM: PPC: Book3S: Check KVM_CREATE_SPAPR_TCE_64 parameters (bsc#1061840).
  • KVM: PPC: Book3S: Eliminate some unnecessary checks (bsc#1061840).
  • KVM: PPC: Book3S: Fix compile error that occurs with some gcc versions (bsc#1061840).
  • KVM: PPC: Book3S: Fix matching of hardware and emulated TCE tables (bsc#1061840).
  • KVM: PPC: Book3S HV: Add of_node_put() in success path (bsc#1061840).
  • KVM: PPC: Book3S HV: Add 'online' register to ONE_REG interface (bsc#1061840).
  • KVM: PPC: Book3S HV: Allow creating max number of VCPUs on POWER9 (bsc#1061840).
  • KVM: PPC: Book3S HV: Allow HPT and radix on the same core for POWER9 v2.2 (bsc#1061840).
  • KVM: PPC: Book3S HV: Avoid crash from THP collapse during radix page fault (bsc#1061840).
  • KVM: PPC: Book3S HV: Avoid shifts by negative amounts (bsc#1061840).
  • KVM: PPC: Book3S HV: Check DR not IR to chose real vs virt mode MMIOs (bsc#1061840).
  • KVM: PPC: Book3S HV: Do not truncate HPTE index in xlate function (bsc#1061840).
  • KVM: PPC: Book3S HV: Do not use compound_order to determine host mapping size (bsc#1061840).
  • KVM: PPC: Book3S HV: Do not use existing "prodded" flag for XIVE escalations (bsc#1061840).
  • KVM: PPC: Book 3S HV: Do ptesync in radix guest exit path (bsc#1061840).
  • KVM: PPC: Book3S HV: Do SLB load/unload with guest LPCR value loaded (bsc#1061840).
  • KVM: PPC: Book3S HV: Enable migration of decrementer register (bsc#1061840).
  • KVM: PPC: Book3S HV: Factor fake-suspend handling out of kvmppc_save/restore_tm (bsc#1061840).
  • KVM: PPC: Book3S HV: Fix conditions for starting vcpu (bsc#1061840).
  • KVM: PPC: Book3S HV: Fix constant size warning (bsc#1061840).
  • KVM: PPC: Book3S HV: Fix duplication of host SLB entries (bsc#1061840).
  • KVM: PPC: Book3S HV: Fix guest r11 corruption with POWER9 TM workarounds (bsc#1061840).
  • KVM: PPC: Book3S HV: Fix handling of large pages in radix page fault handler (bsc#1061840).
  • KVM: PPC: Book3S HV: Fix handling of secondary HPTEG in HPT resizing code (bsc#1061840).
  • KVM: PPC: Book3S HV: Fix inaccurate comment (bsc#1061840).
  • KVM: PPC: Book3S HV: Fix kvmppc_bad_host_intr for real mode interrupts (bsc#1061840).
  • KVM: PPC: Book3S HV: Fix trap number return from __kvmppc_vcore_entry (bsc#1061840).
  • KVM: PPC: Book3S HV: Fix typo in kvmppc_hv_get_dirty_log_radix() (bsc#1061840).
  • KVM: PPC: Book3S HV: Fix VRMA initialization with 2MB or 1GB memory backing (bsc#1061840).
  • KVM: PPC: Book3S HV: Handle 1GB pages in radix page fault handler (bsc#1061840).
  • KVM: PPC: Book3S HV: Improve handling of debug-trigger HMIs on POWER9 (bsc#1061840).
  • KVM: PPC: Book3S HV: Keep XIVE escalation interrupt masked unless ceded (bsc#1061840).
  • KVM: PPC: Book3S HV: Lockless tlbie for HPT hcalls (bsc#1061840).
  • KVM: PPC: Book3S HV: Make HPT resizing work on POWER9 (bsc#1061840).
  • KVM: PPC: Book3S HV: Make radix clear pte when unmapping (bsc#1061840).
  • KVM: PPC: Book3S HV: Make radix use correct tlbie sequence in kvmppc_radix_tlbie_page (bsc#1061840).
  • KVM: PPC: Book3S HV: Make xive_pushed a byte, not a word (bsc#1061840).
  • KVM: PPC: Book3S HV: Pack VCORE IDs to access full VCPU ID space (bsc#1061840).
  • KVM: PPC: Book3S HV: radix: Do not clear partition PTE when RC or write bits do not match (bsc#1061840).
  • KVM: PPC: Book3S HV: Radix page fault handler optimizations (bsc#1061840).
  • KVM: PPC: Book3S HV: radix: Refine IO region partition scope attributes (bsc#1061840).
  • KVM: PPC: Book3S HV: Read kvm->arch.emul_smt_mode under kvm->lock (bsc#1061840).
  • KVM: PPC: Book3S HV: Recursively unmap all page table entries when unmapping (bsc#1061840).
  • KVM: PPC: Book3S HV: Remove useless statement (bsc#1061840).
  • KVM: PPC: Book3S HV: Remove vcpu->arch.dec usage (bsc#1061840).
  • KVM: PPC: Book3S HV: Send kvmppc_bad_interrupt NMIs to Linux handlers (bsc#1061840).
  • KVM: PPC: Book3S HV: Set RWMR on POWER8 so PURR/SPURR count correctly (bsc#1061840).
  • KVM: PPC: Book3S HV: Snapshot timebase offset on guest entry (bsc#1061840).
  • KVM: PPC: Book3S HV: Streamline setting of reference and change bits (bsc#1061840).
  • KVM: PPC: Book3S HV: Use a helper to unmap ptes in the radix fault path (bsc#1061840).
  • KVM: PPC: Book3S HV: Use __gfn_to_pfn_memslot() in page fault handler (bsc#1061840).
  • KVM: PPC: Book3S HV: XIVE: Resend re-routed interrupts on CPU priority change (bsc#1061840).
  • KVM: PPC: Book3S PR: Add guest MSR parameter for kvmppc_save_tm()/kvmppc_restore_tm() (bsc#1061840).
  • KVM: PPC: Book3S PR: Move kvmppc_save_tm/kvmppc_restore_tm to separate file (bsc#1061840).
  • KVM: PPC: Book3S: Use correct page shift in H_STUFF_TCE (bsc#1061840).
  • KVM: PPC: Fix a mmio_host_swabbed uninitialized usage issue (bsc#1061840).
  • KVM: PPC: Make iommu_table::it_userspace big endian (bsc#1061840).
  • KVM: PPC: Move nip/ctr/lr/xer registers to pt_regs in kvm_vcpu_arch (bsc#1061840).
  • KVM: PPC: Use seq_puts() in kvmppc_exit_timing_show() (bsc#1061840).
  • KVM: SVM: Add MSR-based feature support for serializing LFENCE (bsc#1106240).
  • KVM: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR (bsc#1106240).
  • KVM: VMX: Tell the nested hypervisor to skip L1D flush on vmentry (bsc#1106240).
  • KVM: x86: Add a framework for supporting MSR-based features (bsc#1106240).
  • KVM: x86: define SVM/VMX specific kvm_arch_[alloc|free]_vm (bsc#1111506).
  • KVM: X86: Introduce kvm_get_msr_feature() (bsc#1106240).
  • kvm/x86: kABI fix for vm_alloc/vm_free changes (bsc#1111506).
  • kvm: x86: Set highest physical address bits in non-present/reserved SPTEs (bsc#1106240).
  • libertas: call into generic suspend code before turning off power (bsc#1051510).
  • libnvdimm, badrange: remove a WARN for list_empty (bsc#112128).
  • libnvdimm, dimm: Maximize label transfer size (bsc#1111921, bsc#1113408).
  • libnvdimm, dimm: Maximize label transfer size (bsc#1111921, bsc#1113408, bsc#1113972).
  • libnvdimm: Introduce locked DIMM capacity support (bsc#112128).
  • libnvdimm, label: change nvdimm_num_label_slots per UEFI 2.7 (bsc#1111921, bsc#1113408).
  • libnvdimm, label: change nvdimm_num_label_slots per UEFI 2.7 (bsc#1111921, bsc#1113408, bsc#1113972).
  • libnvdimm, label: Fix sparse warning (bsc#1111921, bsc#1113408, ).
  • libnvdimm, label: Fix sparse warning (bsc#1111921, bsc#1113408, bsc#1113972).
  • libnvdimm: move poison list functions to a new 'badrange' file (bsc#112128).
  • libnvdimm/nfit_test: add firmware download emulation (bsc#112128).
  • libnvdimm/nfit_test: adding support for unit testing enable LSS status (bsc#112128).
  • libnvdimm, testing: Add emulation for smart injection commands (bsc#112128).
  • libnvdimm, testing: update the default smart ctrl_temperature (bsc#112128).
  • lib/ubsan: add type mismatch handler for new GCC/Clang (bsc#1051510).
  • lib/ubsan.c: s/missaligned/misaligned/ (bsc#1051510).
  • livepatch: create and include UAPI headers ().
  • lockd: fix "list_add double add" caused by legacy signal interface (git-fixes).
  • loop: add recursion validation to LOOP_CHANGE_FD (bsc#1112711).
  • loop: do not call into filesystem while holding lo_ctl_mutex (bsc#1112710).
  • loop: fix LOOP_GET_STATUS lock imbalance (bsc#1113284).
  • mac80211: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bsc#1051510).
  • mac80211: do not convert to A-MSDU if frag/subframe limited (bsc#1051510).
  • mac80211: do not Tx a deauth frame if the AP forbade Tx (bsc#1051510).
  • mac80211: fix a race between restart and CSA flows (bsc#1051510).
  • mac80211: Fix station bandwidth setting after channel switch (bsc#1051510).
  • mac80211_hwsim: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bsc#1051510).
  • mac80211_hwsim: require at least one channel (bsc#1051510).
  • mac80211: mesh: fix HWMP sequence numbering to follow standard (bsc#1051510).
  • mac80211: minstrel: fix using short preamble CCK rates on HT clients (bsc#1051510).
  • mac80211: Run TXQ teardown code before de-registering interfaces (bsc#1051510).
  • mac80211: shorten the IBSS debug messages (bsc#1051510).
  • mach64: detect the dot clock divider correctly on sparc (bsc#1051510).
  • make sure that __dentry_kill() always invalidates d_seq, unhashed or not (git-fixes).
  • md: fix NULL dereference of mddev->pers in remove_and_add_spares() (git-fixes).
  • md/raid10: fix that replacement cannot complete recovery after reassemble (git-fixes).
  • md/raid1: add error handling of read error from FailFast device (git-fixes).
  • md/raid5-cache: disable reshape completely (git-fixes).
  • md/raid5: fix data corruption of replacements after originals dropped (git-fixes).
  • media: af9035: prevent buffer overflow on write (bsc#1051510).
  • media: cx231xx: fix potential sign-extension overflow on large shift (bsc#1051510).
  • media: dvb: fix compat ioctl translation (bsc#1051510).
  • media: em28xx: fix input name for Terratec AV 350 (bsc#1051510).
  • media: em28xx: use a default format if TRY_FMT fails (bsc#1051510).
  • media: pci: cx23885: handle adding to list failure (bsc#1051510).
  • media: tvp5150: avoid going past array on v4l2_querymenu() (bsc#1051510).
  • media: tvp5150: fix switch exit in set control handler (bsc#1051510).
  • media: tvp5150: fix width alignment during set_selection() (bsc#1051510).
  • media: uvcvideo: Fix uvc_alloc_entity() allocation alignment (bsc#1051510).
  • media: v4l2-tpg: fix kernel oops when enabling HFLIP and OSD (bsc#1051510).
  • media: videobuf-dma-sg: Fix dma_{sync,unmap}_sg() calls (bsc#1051510).
  • media: vsp1: Fix YCbCr planar formats pitch calculation (bsc#1051510).
  • mfd: arizona: Correct calling of runtime_put_sync (bsc#1051510).
  • mmc: block: avoid multiblock reads for the last sector in SPI mode (bsc#1051510).
  • mm: fix BUG_ON() in vmf_insert_pfn_pud() from VM_MIXEDMAP removal (bsc#1111841).
  • mm/migrate: Use spin_trylock() while resetting rate limit ().
  • mm: /proc/pid/pagemap: hide swap entries from unprivileged users (Git-fixes bsc#1109907).
  • modpost: ignore livepatch unresolved relocations ().
  • move changes without Git-commit out of sorted section
  • mwifiex: handle race during mwifiex_usb_disconnect (bsc#1051510).
  • net/smc: retain old name for diag_mode field (bsc#1106287, LTC#170892).
  • net/smc: use __aligned_u64 for 64-bit smc_diag fields (bsc#1101138, LTC#164002).
  • NFC: nfcmrvl_uart: fix OF child-node lookup (bsc#1051510).
  • nfit_test: add error injection DSMs (bsc#112128).
  • nfit_test: fix buffer overrun, add sanity check (bsc#112128).
  • nfit_test: improve structure offset handling (bsc#112128).
  • nfit_test: prevent parsing error of nfit_test.0 (bsc#112128).
  • nfit_test: when clearing poison, also remove badrange entries (bsc#112128).
  • NFS: Avoid quadratic search when freeing delegations (bsc#1084760).
  • nvdimm: Clarify comment in sizeof_namespace_index (bsc#1111921, bsc#1113408).
  • nvdimm: Clarify comment in sizeof_namespace_index (bsc#1111921, bsc#1113408, bsc#1113972).
  • nvdimm: Remove empty if statement (bsc#1111921, bsc#1113408, ).
  • nvdimm: Remove empty if statement (bsc#1111921, bsc#1113408, bsc#1113972).
  • nvdimm: Sanity check labeloff (bsc#1111921, bsc#1113408, ).
  • nvdimm: Sanity check labeloff (bsc#1111921, bsc#1113408, bsc#1113972).
  • nvdimm: Split label init out from the logic for getting config data (bsc#1111921, bsc#1113408).
  • nvdimm: Split label init out from the logic for getting config data (bsc#1111921, bsc#1113408, bsc#1113972).
  • nvdimm: Use namespace index data to reduce number of label reads needed (bsc#1111921, bsc#1113408).
  • nvdimm: Use namespace index data to reduce number of label reads needed (bsc#1111921, bsc#1113408, bsc#1113972).
  • of: add helper to lookup compatible child node (bsc#1106110)
  • orangefs: fix deadlock; do not write i_size in read_iter (bsc#1051510).
  • orangefs: initialize op on loop restart in orangefs_devreq_read (bsc#1051510).
  • orangefs_kill_sb(): deal with allocation failures (bsc#1051510).
  • orangefs: use list_for_each_entry_safe in purge_waiting_ops (bsc#1051510).
  • ovl: fix format of setxattr debug (git-fixes).
  • ovl: Sync upper dirty data when syncing overlayfs (git-fixes).
  • PCI/ASPM: Fix link_state teardown on device removal (bsc#1051510).
  • PCI: hv: Do not wait forever on a device that has disappeared (bsc#1109806).
  • PCI: hv: Use effective affinity mask (bsc#1109772).
  • PCI: Reprogram bridge prefetch registers on resume (bsc#1051510).
  • pipe: match pipe_max_size data type with procfs (git-fixes).
  • PM / Domains: Fix genpd to deal with drivers returning 1 from ->prepare() (bsc#1051510).
  • powerpc/kvm/booke: Fix altivec related build break (bsc#1061840).
  • powerpc/kvm: Switch kvm pmd allocator to custom allocator (bsc#1061840).
  • powerpc/mm/hugetlb: initialize the pagetable cache correctly for hugetlb (bsc#1091800).
  • powerpc/mm: Rename find_linux_pte_or_hugepte() (bsc#1061840).
  • powerpc/numa: Skip onlining a offline node in kdump path (bsc#1109784).
  • powerpc/powernv: Add indirect levels to it_userspace (bsc#1061840).
  • powerpc/powernv/ioda2: Reduce upper limit for DMA window size (bsc#1055120).
  • powerpc/powernv/ioda: Allocate indirect TCE levels on demand (bsc#1061840).
  • powerpc/powernv/ioda: Finish removing explicit max window size check (bsc#1061840).
  • powerpc/powernv/ioda: Remove explicit max window size check (bsc#1061840).
  • powerpc/powernv: Move TCE manupulation code to its own file (bsc#1061840).
  • powerpc/powernv: Rework TCE level allocation (bsc#1061840).
  • powerpc/pseries: Fix build break for SPLPAR=n and CPU hotplug (bsc#1079524, git-fixes).
  • powerpc/pseries: Fix CONFIG_NUMA=n build (bsc#1067906, git-fixes).
  • powerpc/pseries: Fix "OF: ERROR: Bad of_node_put() on /cpus" during DLPAR (bsc#1113295).
  • powerpc: pseries: remove dlpar_attach_node dependency on full path (bsc#1113295).
  • powerpc/rtas: Fix a potential race between CPU-Offline & Migration (bsc#1111870).
  • powerpc/xive: Move definition of ESB bits (bsc#1061840).
  • powerpc/xmon: Add ISA v3.0 SPRs to SPR dump (bsc#1061840).
  • printk: drop in_nmi check from printk_safe_flush_on_panic() (bsc#1112170).
  • printk/tracing: Do not trace printk_nmi_enter() (bsc#1112208).
  • proc: restrict kernel stack dumps to root (git-fixes). blacklist.conf:
  • qmi_wwan: Added support for Gemalto's Cinterion ALASxx WWAN interface (bsc#1051510).
  • qrtr: add MODULE_ALIAS macro to smd (bsc#1051510).
  • r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED (bsc#1051510).
  • race of lockd inetaddr notifiers vs nlmsvc_rqst change (git-fixes).
  • RAID10 BUG_ON in raise_barrier when force is true and conf->barrier is 0 (git-fixes).
  • random: rate limit unseeded randomness warnings (git-fixes).
  • rculist: add list_for_each_entry_from_rcu() (bsc#1084760).
  • rculist: Improve documentation for list_for_each_entry_from_rcu() (bsc#1084760).
  • reiserfs: add check to detect corrupted directory entry (bsc#1109818).
  • reiserfs: do not panic on bad directory entries (bsc#1109818).
  • rename a hv patch to reduce conflicts in -AZURE
  • reorder a qedi patch to allow further work in this branch
  • resource: Include resource end in walk_*() interfaces (bsc#1114279).
  • Revert "drm/amdgpu: Add an ATPX quirk for hybrid laptop" (bsc#1051510).
  • Revert "drm/i915/gvt: set max priority for gvt context" (bsc#1051510).
  • Revert "gpio: set up initial state from .get_direction()" (bsc#1051510).
  • Revert "iommu/io-pgtable: Avoid redundant TLB syncs" (bsc#1106237).
  • Revert "mwifiex: fix incorrect ht capability problem" (bsc#1051510).
  • Revert "mwifiex: handle race during mwifiex_usb_disconnect" (bsc#1051510).
  • Revert "pinctrl: sunxi: Do not enforce bias disable (for now)" (bsc#1051510).
  • rpc_pipefs: fix double-dput() (bsc#1051510).
  • rpmsg: Correct support for MODULE_DEVICE_TABLE() (git-fixes).
  • sched/numa: Limit the conditions where scan period is reset ().
  • s