Security update for the Linux Kernel

Announcement ID:	SUSE-SU-2018:0535-1
Rating:	important
References:	bsc#1005776 bsc#1006867 bsc#1012382 bsc#1012829 bsc#1027054 bsc#1031717 bsc#1034503 bsc#1035432 bsc#1042286 bsc#1043441 bsc#1045330 bsc#1062840 bsc#1065600 bsc#1065615 bsc#1066223 bsc#1067118 bsc#1068032 bsc#1068569 bsc#1069135 bsc#1071306 bsc#1071892 bsc#1072363 bsc#1072689 bsc#1072739 bsc#1072865 bsc#1073401 bsc#1074198 bsc#1074426 bsc#1075087 bsc#1076282 bsc#1077285 bsc#1077513 bsc#1077560 bsc#1077779 bsc#1078583 bsc#1078609 bsc#1078672 bsc#1078673 bsc#1078787 bsc#1079029 bsc#1079038 bsc#1079384 bsc#1079989 bsc#1080014 bsc#1080263 bsc#1080344 bsc#1080360 bsc#1080364 bsc#1080384 bsc#1080464 bsc#1080774 bsc#1080809 bsc#1080813 bsc#1080851 bsc#1081134 bsc#1081431 bsc#1081491 bsc#1081498 bsc#1081500 bsc#1081512 bsc#1081671 bsc#1082223 bsc#1082299 bsc#1082478 bsc#1082795 bsc#1082864 bsc#1082897 bsc#1082979 bsc#1082993 bsc#1083494 bsc#1083548 bsc#1084610 bsc#1085053 bsc#1085107 bsc#1085224 bsc#1085239 bsc#863764 bsc#966328 bsc#975772 bsc#983145
Cross-References:	CVE-2017-13166 CVE-2017-15951 CVE-2017-16644 CVE-2017-16912 CVE-2017-16913 CVE-2017-17975 CVE-2017-18208 CVE-2018-1000026 CVE-2018-1068 CVE-2018-8087
CVSS scores:	CVE-2017-13166 ( SUSE ): 7.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2017-13166 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2017-15951 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVE-2017-15951 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2017-15951 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2017-16644 ( SUSE ): 4.6 CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2017-16644 ( NVD ): 6.6 CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2017-16912 ( SUSE ): 6.2 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2017-16912 ( NVD ): 5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2017-16913 ( SUSE ): 6.2 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2017-16913 ( NVD ): 5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2017-17975 ( SUSE ): 3.5 CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L CVE-2017-17975 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2017-18208 ( SUSE ): 6.2 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2017-18208 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2018-1000026 ( SUSE ): 7.7 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H CVE-2018-1000026 ( NVD ): 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H CVE-2018-1000026 ( NVD ): 7.7 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H CVE-2018-1068 ( SUSE ): 8.4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2018-1068 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2018-1068 ( NVD ): 6.7 CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2018-8087 ( SUSE ): 5.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2018-8087 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:	Magnum Orchestration 7 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise High Availability Extension 12 SP2 SUSE Linux Enterprise High Performance Computing 12 SP2 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Server for SAP Applications 12 SP1 SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2 SUSE Linux Enterprise Software Bootstrap Kit 12 12-SP2 SUSE Linux Enterprise Software Development Kit 12 12-SP2 SUSE Linux Enterprise Workstation Extension 12 SP2

An update that solves 10 vulnerabilities and has 70 security fixes can now be installed.

Description:

The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.120 to receive various security and bugfixes.

The following security bugs were fixed:

CVE-2017-13166: An elevation of privilege vulnerability in the v4l2 video driver was fixed. (bnc#1072865).
CVE-2017-15951: The KEYS subsystem did not correctly synchronize the actions of updating versus finding a key in the "negative" state to avoid a race condition, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls (bnc#1062840 bnc#1065615).
CVE-2017-16644: The hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c allowed local users to cause a denial of service (improper error handling and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1067118).
CVE-2017-16912: The "get_pipe()" function (drivers/usb/usbip/stub_rx.c) allowed attackers to cause a denial of service (out-of-bounds read) via a specially crafted USB over IP packet (bnc#1078673).
CVE-2017-16913: The "stub_recv_cmd_submit()" function (drivers/usb/usbip/stub_rx.c) when handling CMD_SUBMIT packets allowed attackers to cause a denial of service (arbitrary memory allocation) via a specially crafted USB over IP packet (bnc#1078672).
CVE-2017-17975: Use-after-free in the usbtv_probe function in drivers/media/usb/usbtv/usbtv-core.c allowed attackers to cause a denial of service (system crash) or possibly have unspecified other impact by triggering failure of audio registration, because a kfree of the usbtv data structure occurs during a usbtv_video_free call, but the usbtv_video_fail label's code attempts to both access and free this data structure (bnc#1074426).
CVE-2017-18208: The madvise_willneed function in mm/madvise.c allowed local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping (bnc#1083494).
CVE-2018-8087: Memory leak in the hwsim_new_radio_nl function in drivers/net/wireless/mac80211_hwsim.c allowed local users to cause a denial of service (memory consumption) by triggering an out-of-array error case (bnc#1085053).
CVE-2018-1000026: A insufficient input validation vulnerability in the bnx2x network card driver could result in DoS: Network card firmware assertion takes card off-line. This attack appear to be exploitable via An attacker on a must pass a very large, specially crafted packet to the bnx2x card. This can be done from an untrusted guest VM. (bnc#1079384).
CVE-2018-1068: Insufficient user provided offset checking in the ebtables compat code allowed local attackers to overwrite kernel memory and potentially execute code. (bsc#1085107)

The following non-security bugs were fixed:

acpi / bus: Leave modalias empty for devices which are not present (bnc#1012382).
acpi: sbshc: remove raw pointer from printk() message (bnc#1012382).
Add delay-init quirk for Corsair K70 RGB keyboards (bnc#1012382).
add ip6_make_flowinfo helper (bsc#1042286).
ahci: Add Intel Cannon Lake PCH-H PCI ID (bnc#1012382).
ahci: Add PCI ids for Intel Bay Trail, Cherry Trail and Apollo Lake AHCI (bnc#1012382).
ahci: Annotate PCI ids for mobile Intel chipsets as such (bnc#1012382).
alpha: fix crash if pthread_create races with signal delivery (bnc#1012382).
alpha: fix reboot on Avanti platform (bnc#1012382).
alsa: hda/ca0132 - fix possible NULL pointer use (bnc#1012382).
alsa: hda - Fix headset mic detection problem for two Dell machines (bnc#1012382).
alsa: hda/realtek - Add headset mode support for Dell laptop (bsc#1031717).
alsa: hda/realtek: PCI quirk for Fujitsu U7x7 (bnc#1012382).
alsa: hda - Reduce the suspend time consumption for ALC256 (bsc#1031717).
alsa: hda - Use IS_REACHABLE() for dependency on input (bsc#1031717).
alsa: seq: Fix racy pool initializations (bnc#1012382).
alsa: seq: Fix regression by incorrect ioctl_mutex usages (bnc#1012382).
alsa: usb-audio: add implicit fb quirk for Behringer UFX1204 (bnc#1012382).
alsa: usb-audio: Fix UAC2 get_ctl request with a RANGE attribute (bnc#1012382).
amd-xgbe: Fix unused suspend handlers build warning (bnc#1012382).
arm64: define BUG() instruction without CONFIG_BUG (bnc#1012382).
arm64: Disable unhandled signal log messages by default (bnc#1012382).
arm64: dts: add #cooling-cells to CPU nodes (bnc#1012382).
arm64: Kconfig: select COMPAT_BINFMT_ELF only when BINFMT_ELF is set (bnc#1012382).
arm: 8731/1: Fix csum_partial_copy_from_user() stack mismatch (bnc#1012382).
arm: AM33xx: PRM: Remove am33xx_pwrdm_read_prev_pwrst function (bnc#1012382).
arm: dts: am4372: Correct the interrupts_properties of McASP (bnc#1012382).
arm: dts: Fix omap4 hang with GPS connected to USB by using wakeupgen (bnc#1012382).
arm: dts: ls1021a: fix incorrect clock references (bnc#1012382).
arm: dts: s5pv210: add interrupt-parent for ohci (bnc#1012382).
arm: dts: STi: Add gpio polarity for "hdmi,hpd-gpio" property (bnc#1012382).
arm: kvm: Fix SMCCC handling of unimplemented SMC/HVC calls (bnc#1012382).
arm: OMAP2+: Fix SRAM virt to phys translation for save_secure_ram_context (bnc#1012382).
arm: omap2: hide omap3_save_secure_ram on non-OMAP3 builds (git-fixes).
arm: pxa/tosa-bt: add MODULE_LICENSE tag (bnc#1012382).
arm: spear13xx: Fix dmas cells (bnc#1012382).
arm: spear13xx: Fix spics gpio controller's warning (bnc#1012382).
arm: spear600: Add missing interrupt-parent of rtc (bnc#1012382).
arm: tegra: select USB_ULPI from EHCI rather than platform (bnc#1012382).
asoc: au1x: Fix timeout tests in au1xac97c_ac97_read() (bsc#1031717).
asoc: Intel: Kconfig: fix build when acpi is not enabled (bnc#1012382).
asoc: Intel: sst: Fix the return value of 'sst_send_byte_stream_mrfld()' (bsc#1031717).
asoc: mediatek: add i2c dependency (bnc#1012382).
asoc: nuc900: Fix a loop timeout test (bsc#1031717).
asoc: pcm512x: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012382).
asoc: rockchip: disable clock on error (bnc#1012382).
asoc: rockchip: use __maybe_unused to hide st_irq_syscfg_resume (bnc#1012382).
asoc: rsnd: avoid duplicate free_irq() (bnc#1012382).
asoc: rsnd: do not call free_irq() on Parent SSI (bnc#1012382).
asoc: simple-card: Fix misleading error message (bnc#1012382).
asoc: ux500: add MODULE_LICENSE tag (bnc#1012382).
ata: ahci_xgene: free structure returned by acpi_get_object_info() (bsc#1082979).
b2c2: flexcop: avoid unused function warnings (bnc#1012382).
binder: add missing binder_unlock() (bnc#1012382).
binder: check for binder_thread allocation failure in binder_poll() (bnc#1012382).
binfmt_elf: compat: avoid unused function warning (bnc#1012382).
blacklist.conf: commit fd5f7cde1b85d4c8e09 ("printk: Never set console_may_schedule in console_trylock()")
blktrace: fix unlocked registration of tracepoints (bnc#1012382).
bluetooth: btsdio: Do not bind to non-removable BCM43341 (bnc#1012382).
bluetooth: btusb: Restore QCA Rome suspend/resume fix with a "rewritten" version (bnc#1012382).
bnx2x: Improve reliability in case of nested PCI errors (bnc#1012382).
bnxt_en: Fix the 'Invalid VF' id check in bnxt_vf_ndo_prep routine (bnc#1012382).
bpf: arsh is not supported in 32 bit alu thus reject it (bnc#1012382).
bpf: avoid false sharing of map refcount with max_entries (bnc#1012382).
bpf: fix 32-bit divide by zero (bnc#1012382).
bpf: fix bpf_tail_call() x64 JIT (bnc#1012382).
bpf: fix divides by zero (bnc#1012382).
bpf: introduce BPF_JIT_ALWAYS_ON config (bnc#1012382).
bpf: reject stores into ctx via st and xadd (bnc#1012382).
bridge: implement missing ndo_uninit() (bsc#1042286).
bridge: move bridge multicast cleanup to ndo_uninit (bsc#1042286).
btrfs: copy fsid to super_block s_uuid (bsc#1080774).
btrfs: fix crash due to not cleaning up tree log block's dirty bits (bnc#1012382).
btrfs: fix deadlock in run_delalloc_nocow (bnc#1012382).
btrfs: fix deadlock when writing out space cache (bnc#1012382).
btrfs: fix kernel oops while reading compressed data (bsc#1081671).
btrfs: Fix possible off-by-one in btrfs_search_path_in_tree (bnc#1012382).
btrfs: Fix quota reservation leak on preallocated files (bsc#1079989).
btrfs: fix unexpected -EEXIST when creating new inode (bnc#1012382).
btrfs: Handle btrfs_set_extent_delalloc failure in fixup worker (bnc#1012382).
can: flex_can: Correct the checking for frame length in flexcan_start_xmit() (bnc#1012382).
cdrom: turn off autoclose by default (bsc#1080813).
cfg80211: check dev_set_name() return value (bnc#1012382).
cfg80211: fix cfg80211_beacon_dup (bnc#1012382).
cifs: dump IPC tcon in debug proc file (bsc#1071306).
cifs: Fix autonegotiate security settings mismatch (bnc#1012382).
cifs: Fix missing put_xid in cifs_file_strict_mmap (bnc#1012382).
cifs: make IPC a regular tcon (bsc#1071306).
cifs: use tcon_ipc instead of use_ipc parameter of SMB2_ioctl (bsc#1071306).
cifs: zero sensitive data when freeing (bnc#1012382).
clk: fix a panic error caused by accessing NULL pointer (bnc#1012382).
console/dummy: leave .con_font_get set to NULL (bnc#1012382).
cpufreq: Add Loongson machine dependencies (bnc#1012382).
crypto: aesni - handle zero length dst buffer (bnc#1012382).
crypto: af_alg - whitelist mask and type (bnc#1012382).
crypto: caam - fix endless loop when DECO acquire fails (bnc#1012382).
crypto: cryptd - pass through absence of ->setkey() (bnc#1012382).
crypto: hash - introduce crypto_hash_alg_has_setkey() (bnc#1012382).
crypto: poly1305 - remove ->setkey() method (bnc#1012382).
crypto: s5p-sss - Fix kernel Oops in AES-ECB mode (bnc#1012382).
crypto: tcrypt - fix S/G table for test_aead_speed() (bnc#1012382).
crypto: x86/twofish-3way - Fix %rbp usage (bnc#1012382).
cw1200: fix bogus maybe-uninitialized warning (bnc#1012382).
dccp: limit sk_filter trim to payload (bsc#1042286).
dell-wmi, dell-laptop: depends DMI (bnc#1012382).
dlm: fix double list_del() (bsc#1082795).
dlm: fix NULL pointer dereference in send_to_sock() (bsc#1082795).
dmaengine: at_hdmac: fix potential NULL pointer dereference in atc_prep_dma_interleaved (bnc#1012382).
dmaengine: dmatest: fix container_of member in dmatest_callback (bnc#1012382).
dmaengine: ioat: Fix error handling path (bnc#1012382).
dmaengine: jz4740: disable/unprepare clk if probe fails (bnc#1012382).
dmaengine: zx: fix build warning (bnc#1012382).
dm: correctly handle chained bios in dec_pending() (bnc#1012382).
dn_getsockoptdecnet: move nf_{get/set}sockopt outside sock lock (bnc#1012382).
do not put symlink bodies in pagecache into highmem (bnc#1012382).
dpt_i2o: fix build warning (bnc#1012382).
driver-core: use 'dev' argument in dev_dbg_ratelimited stub (bnc#1012382).
drivers/net: fix eisa_driver probe section mismatch (bnc#1012382).
drm/amdgpu: Avoid leaking PM domain on driver unbind (v2) (bnc#1012382).
drm/amdgpu: Fix SDMA load/unload sequence on HWS disabled mode (bnc#1012382).
drm/amdkfd: Fix SDMA oversubsription handling (bnc#1012382).
drm/amdkfd: Fix SDMA ring buffer size calculation (bnc#1012382).
drm/armada: fix leak of crtc structure (bnc#1012382).
drm/edid: Add 6 bpc quirk for CPT panel in Asus UX303LA (bnc#1012382).
drm/gma500: remove helper function (bnc#1012382).
drm/gma500: Sanity-check pipe index (bnc#1012382).
drm/nouveau: hide gcc-4.9 -Wmaybe-uninitialized (bnc#1012382).
drm/nouveau/pci: do a msi rearm on init (bnc#1012382).
drm/radeon: adjust tested variable (bnc#1012382).
drm: rcar-du: Fix race condition when disabling planes at CRTC stop (bnc#1012382).
drm: rcar-du: Use the VBK interrupt for vblank events (bnc#1012382).
drm: Require __GFP_NOFAIL for the legacy drm_modeset_lock_all (bnc#1012382).
drm/ttm: check the return value of kzalloc (bnc#1012382).
drm/vmwgfx: use *_32_bits() macros (bnc#1012382).
e1000: fix disabling already-disabled warning (bnc#1012382).
edac, octeon: Fix an uninitialized variable warning (bnc#1012382).
em28xx: only use mt9v011 if camera support is enabled (bnc#1012382).
enable DST_CACHE in non-vanilla configs except s390x/zfcpdump
ext4: correct documentation for grpid mount option (bnc#1012382).
ext4: do not unnecessarily allocate buffer in recently_deleted() (bsc#1080344).
ext4: Fix data exposure after failed AIO DIO (bsc#1069135 bsc#1082864).
ext4: save error to disk in __ext4_grp_locked_error() (bnc#1012382).
f2fs: fix a bug caused by NULL extent tree (bsc#1082478). While this fs is not supported by SLE it affects opensuse users so let's add it to our kernel for opensuse merging.
fbdev: auo_k190x: avoid unused function warnings (bnc#1012382).
fbdev: s6e8ax0: avoid unused function warnings (bnc#1012382).
fbdev: sis: enforce selection of at least one backend (bnc#1012382).
fbdev: sm712fb: avoid unused function warnings (bnc#1012382).
flow_dissector: Check skb for VLAN only if skb specified (bsc#1042286).
flow_dissector: fix vlan tag handling (bsc#1042286).
flow_dissector: For stripped vlan, get vlan info from skb->vlan_tci (bsc#1042286).
ftrace: Remove incorrect setting of glob search field (bnc#1012382).
geneve: fix populating tclass in geneve_get_v6_dst (bsc#1042286).
genirq/msi: Add stubs for get_cached_msi_msg/pci_write_msi_msg (bnc#1012382).
genksyms: Fix segfault with invalid declarations (bnc#1012382).
gianfar: fix a flooded alignment reports because of padding issue (bnc#1012382).
go7007: add MEDIA_CAMERA_SUPPORT dependency (bnc#1012382).
gpio: ath79: add missing MODULE_DESCRIPTION/LICENSE (bnc#1012382).
gpio: intel-mid: Fix build warning when !CONFIG_PM (bnc#1012382).
gpio: iop: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012382).
gpio: xgene: mark PM functions as __maybe_unused (bnc#1012382).
grace: replace BUG_ON by WARN_ONCE in exit_net hook (bnc#1012382).
gre: build header correctly for collect metadata tunnels (bsc#1042286).
gre: do not assign header_ops in collect metadata mode (bsc#1042286).
gre: do not keep the GRE header around in collect medata mode (bsc#1042286).
gre: reject GUE and FOU in collect metadata mode (bsc#1042286).
hdpvr: hide unused variable (bnc#1012382).
hid: quirks: Fix keyboard + touchpad on Toshiba Click Mini not working (bnc#1012382).
hippi: Fix a Fix a possible sleep-in-atomic bug in rr_close (bnc#1012382).
hrtimer: Ensure POSIX compliance (relative CLOCK_REALTIME hrtimers) (bnc#1012382).
hwmon: (pmbus) Use 64bit math for DIRECT format values (bnc#1012382).
hwrng: exynos - use __maybe_unused to hide pm functions (bnc#1012382).
i2c: remove __init from i2c_register_board_info() (bnc#1012382).
ib/ipoib: Fix race condition in neigh creation (bnc#1012382).
ib/mlx4: Fix incorrectly releasing steerable UD QPs when have only ETH ports (bnc#1012382).
ib/mlx4: Fix mlx4_ib_alloc_mr error flow (bnc#1012382).
ibmvnic: Account for VLAN header length in TX buffers (bsc#1085239).
ibmvnic: Account for VLAN tag in L2 Header descriptor (bsc#1085239).
ibmvnic: Allocate max queues stats buffers (bsc#1081498).
ibmvnic: Allocate statistics buffers during probe (bsc#1082993).
ibmvnic: Check for NULL skb's in NAPI poll routine (bsc#1081134, git-fixes).
ibmvnic: Clean RX pool buffers during device close (bsc#1081134).
ibmvnic: Clean up device close (bsc#1084610).
ibmvnic: Correct goto target for tx irq initialization failure (bsc#1082223).
ibmvnic: Do not attempt to login if RX or TX queues are not allocated (bsc#1082993).
ibmvnic: Do not disable device during failover or partition migration (bsc#1084610).
ibmvnic: Ensure that buffers are NULL after free (bsc#1080014).
ibmvnic: Fix early release of login buffer (bsc#1081134, git-fixes).
ibmvnic: fix empty firmware version and errors cleanup (bsc#1079038).
ibmvnic: fix firmware version when no firmware level has been provided by the VIOS server (bsc#1079038).
ibmvnic: Fix login buffer memory leaks (bsc#1081134).
ibmvnic: Fix NAPI structures memory leak (bsc#1081134).
ibmvnic: Fix recent errata commit (bsc#1085239).
ibmvnic: Fix rx queue cleanup for non-fatal resets (bsc#1080014).
ibmvnic: Fix TX descriptor tracking again (bsc#1082993).
ibmvnic: Fix TX descriptor tracking (bsc#1081491).
ibmvnic: Free and re-allocate scrqs when tx/rx scrqs change (bsc#1081498).
ibmvnic: Free RX socket buffer in case of adapter error (bsc#1081134).
ibmvnic: Generalize TX pool structure (bsc#1085224).
ibmvnic: Handle TSO backing device errata (bsc#1085239).
ibmvnic: Harden TX/RX pool cleaning (bsc#1082993).
ibmvnic: Improve TX buffer accounting (bsc#1085224).
ibmvnic: Keep track of supplementary TX descriptors (bsc#1081491).
ibmvnic: Make napi usage dynamic (bsc#1081498).
ibmvnic: Move active sub-crq count settings (bsc#1081498).
ibmvnic: Pad small packets to minimum MTU size (bsc#1085239).
ibmvnic: queue reset when CRQ gets closed during reset (bsc#1080263).
ibmvnic: Remove skb->protocol checks in ibmvnic_xmit (bsc#1080384).
ibmvnic: Rename active queue count variables (bsc#1081498).
ibmvnic: Reorganize device close (bsc#1084610).
ibmvnic: Report queue stops and restarts as debug output (bsc#1082993).
ibmvnic: Reset long term map ID counter (bsc#1080364).
ibmvnic: Split counters for scrq/pools/napi (bsc#1082223).
ibmvnic: Update and clean up reset TX pool routine (bsc#1085224).
ibmvnic: Update release RX pool routine (bsc#1085224).
ibmvnic: Update TX and TX completion routines (bsc#1085224).
ibmvnic: Update TX pool initialization routine (bsc#1085224).
ibmvnic: Wait until reset is complete to set carrier on (bsc#1081134).
idle: i7300: add PCI dependency (bnc#1012382).
igb: Free IRQs when device is hotplugged (bnc#1012382).
iio: adc: axp288: remove redundant duplicate const on axp288_adc_channels (bnc#1012382).
iio: adis_lib: Initialize trigger before requesting interrupt (bnc#1012382).
iio: buffer: check if a buffer has been set up when poll is called (bnc#1012382).
input: tca8418_keypad - hide gcc-4.9 -Wmaybe-uninitialized warning (bnc#1012382).
input: tca8418_keypad - remove double read of key event register (git-fixes).
iommu/amd: Add align parameter to alloc_irq_index() (bsc#975772).
iommu/amd: Enforce alignment for MSI IRQs (bsc#975772).
iommu/amd: Fix alloc_irq_index() increment (bsc#975772).
iommu/vt-d: Use domain instead of cache fetching (bsc#975772).
ip6mr: fix stale iterator (bnc#1012382).
ipc/msg: introduce msgctl(MSG_STAT_ANY) (bsc#1072689).
ipc/sem: introduce semctl(SEM_STAT_ANY) (bsc#1072689).
ipc/shm: introduce shmctl(SHM_STAT_ANY) (bsc#1072689).
ip_tunnel: fix preempt warning in ip tunnel creation/updating (bnc#1012382).
ip_tunnel: replace dst_cache with generic implementation (bnc#1012382).
ipv4: allow local fragmentation in ip_finish_output_gso() (bsc#1042286).
ipv4: fix checksum annotation in udp4_csum_init (bsc#1042286).
ipv4: ipconfig: avoid unused ic_proto_used symbol (bnc#1012382).
ipv4: update comment to document GSO fragmentation cases (bsc#1042286).
ipv6: datagram: Refactor dst lookup and update codes to a new function (bsc#1042286).
ipv6: datagram: Refactor flowi6 init codes to a new function (bsc#1042286).
ipv6: datagram: Update dst cache of a connected datagram sk during pmtu update (bsc#1042286).
ipv6: fix checksum annotation in udp6_csum_init (bsc#1042286).
ipv6: icmp6: Allow icmp messages to be looped back (bnc#1012382).
ipv6/ila: fix nlsize calculation for lwtunnel (bsc#1042286).
ipv6: remove unused in6_addr struct (bsc#1042286).
ipv6: tcp: fix endianness annotation in tcp_v6_send_response (bsc#1042286).
ipv6: udp: Do a route lookup and update during release_cb (bsc#1042286).
ipvlan: Add the skb->mark as flow4's member to lookup route (bnc#1012382).
ipvlan: fix multicast processing (bsc#1042286).
ipvlan: fix various issues in ipvlan_process_multicast() (bsc#1042286).
irqchip/gic-v3: Use wmb() instead of smb_wmb() in gic_raise_softirq() (bnc#1012382).
isdn: eicon: reduce stack size of sig_ind function (bnc#1012382).
isdn: icn: remove a #warning (bnc#1012382).
isdn: sc: work around type mismatch warning (bnc#1012382).
jffs2: Fix use-after-free bug in jffs2_iget()'s error handling path (git-fixes).
kABI: protect struct cpuinfo_x86 (kabi).
kABI: protect struct ip_tunnel and reintroduce ip_tunnel_dst_reset_all (kabi).
kABI: reintroduce crypto_poly1305_setkey (kabi).
kabi: restore kabi after "net: replace dst_cache ip6_tunnel implementation with the generic one" (bsc#1082897).
kabi: restore nft_set_elem_destroy() signature (bsc#1042286).
kabi: restore rhashtable_insert_slow() signature (bsc#1042286).
kabi/severities: add __x86_indirect_thunk_rsp
kabi/severities: as per bsc#1068569 we can ignore XFS kabi The gods have spoken, let there be light.
kabi: uninline sk_receive_skb() (bsc#1042286).
kaiser: fix compile error without vsyscall (bnc#1012382).
kaiser: fix intel_bts perf crashes (bnc#1012382).
kasan: rework Kconfig settings (bnc#1012382).
kernel/async.c: revert "async: simplify lowest_in_progress()" (bnc#1012382).
kernel: fix rwlock implementation (bnc#1080360, LTC#164371).
kernfs: fix regression in kernfs_fop_write caused by wrong type (bnc#1012382).
keys: encrypted: fix buffer overread in valid_master_desc() (bnc#1012382).
kmemleak: add scheduling point to kmemleak_scan() (bnc#1012382).
kvm: add X86_LOCAL_APIC dependency (bnc#1012382).
kvm: arm/arm64: Check pagesize when allocating a hugepage at Stage 2 (bsc#1079029).
kvm: nVMX: Fix kernel panics induced by illegal INVEPT/INVVPID types (bnc#1012382).
kvm: nVMX: Fix races when sending nested PI while dest enters/leaves L2 (bnc#1012382).
kvm: nVMX: invvpid handling improvements (bnc#1012382).
kvm: nVMX: kmap() can't fail (bnc#1012382).
kvm: nVMX: vmx_complete_nested_posted_interrupt() can't fail (bnc#1012382).
kvm: PPC: Book3S PR: Fix svcpu copying with preemption enabled (bsc#1066223).
kvm: VMX: clean up declaration of VPID/EPT invalidation types (bnc#1012382).
kvm: VMX: Fix rflags cache during vCPU reset (bnc#1012382).
kvm: VMX: Make indirect call speculation safe (bnc#1012382).
kvm: x86: Do not re-execute instruction when not passing CR2 value (bnc#1012382).
kvm: x86: emulator: Return to user-mode on L1 CPL=0 emulation failure (bnc#1012382).
kvm: x86: fix escape of guest dr6 to the host (bnc#1012382).
kvm: X86: Fix operand/address-size during instruction decoding (bnc#1012382).
kvm: x86: ioapic: Clear Remote IRR when entry is switched to edge-triggered (bnc#1012382).
kvm: x86: ioapic: Fix level-triggered EOI and IOAPIC reconfigure race (bnc#1012382).
kvm: x86: ioapic: Preserve read-only values in the redirection table (bnc#1012382).
kvm: x86: Make indirect calls in emulator speculation safe (bnc#1012382).
kvm/x86: Reduce retpoline performance impact in slot_handle_level_range(), by always inlining iterator helper methods (bnc#1012382).
l2tp: fix use-after-free during module unload (bsc#1042286).
led: core: Fix brightness setting when setting delay_off=0 (bnc#1012382).
leds: do not overflow sysfs buffer in led_trigger_show (bsc#1080464).
lib/mpi: Fix umul_ppmm() for MIPS64r6 (bnc#1012382).
livepatch: introduce shadow variable API (bsc#1082299 fate#313296). Shadow variables support.
livepatch: __kgr_shadow_get_or_alloc() is local to shadow.c (bsc#1082299 fate#313296). Shadow variables support.
lockd: fix "list_add double add" caused by legacy signal interface (bnc#1012382).
loop: fix concurrent lo_open/lo_release (bnc#1012382).
mac80211: fix the update of path metric for RANN frame (bnc#1012382).
mac80211: mesh: drop frames appearing to be from us (bnc#1012382).
Make DST_CACHE a silent config option (bnc#1012382).
mdio-sun4i: Fix a memory leak (bnc#1012382).
md/raid1: Use a new variable to count flighting sync requests(bsc#1078609)
media: cxusb, dib0700: ignore XC2028_I2C_FLUSH (bnc#1012382).
media: dvb-usb-v2: lmedm04: Improve logic checking of warm start (bnc#1012382).
media: dvb-usb-v2: lmedm04: move ts2020 attach to dm04_lme2510_tuner (bnc#1012382).
media: r820t: fix r820t_write_reg for KASAN (bnc#1012382).
media: s5k6aa: describe some function parameters (bnc#1012382).
media: soc_camera: soc_scale_crop: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012382).
media: ts2020: avoid integer overflows on 32 bit machines (bnc#1012382).
media: usbtv: add a new usbid (bnc#1012382).
media: v4l2-compat-ioctl32.c: add missing VIDIOC_PREPARE_BUF (bnc#1012382).
media: v4l2-compat-ioctl32.c: avoid sizeof(type) (bnc#1012382).
media: v4l2-compat-ioctl32.c: copy clip list in put_v4l2_window32 (bnc#1012382).
media: v4l2-compat-ioctl32.c: copy m.userptr in put_v4l2_plane32 (bnc#1012382).
media: v4l2-compat-ioctl32.c: do not copy back the result for certain errors (bnc#1012382).
media: v4l2-compat-ioctl32.c: drop pr_info for unknown buffer type (bnc#1012382).
media: v4l2-compat-ioctl32.c: fix ctrl_is_pointer (bnc#1012382).
media: v4l2-compat-ioctl32.c: fix the indentation (bnc#1012382).
media: v4l2-compat-ioctl32.c: make ctrl_is_pointer work for subdevs (bnc#1012382).
media: v4l2-compat-ioctl32.c: move 'helper' functions to __get/put_v4l2_format32 (bnc#1012382).
media: v4l2-compat-ioctl32: Copy v4l2_window->global_alpha (bnc#1012382).
media: