The SUSE Linux Enterprise 12 SP4 kernel for Azure was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-18710: An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658 . - CVE-2018-18445: Faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandled 32-bit right shifts . - CVE-2018-18386: drivers/tty/n_tty.c allowed local attackers to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ . - CVE-2017-18224: fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allowed local users to cause a denial of service by modifying a certain e_cpos field . - CVE-2017-16533: The usbhid_parse function in drivers/hid/usbhid/hid-core.c allowed local users to cause a denial of service or possibly have unspecified other impact via a crafted USB device . The following non-security bugs were fixed: - acpi, nfit: Prefer _DSM over _LSR for namespace label reads . - acpi / processor: Fix the return value of acpi_processor_ids_walk . - aio: fix io_destroy vs. lookup_ioctx race . - alsa: hda: Add 2 more models to the power_save blacklist . - alsa: hda - Add mic quirk for the Lenovo G50-30 . - alsa: hda - Add quirk for ASUS G751 laptop . - alsa: hda - Fix headphone pin config for ASUS G751 . - alsa: hda: fix unused variable warning . - alsa: hda/realtek - Cannot adjust speaker"s volume on Dell XPS 27 7760 . - alsa: hda/realtek - Fix the problem of the front MIC on the Lenovo M715 . - alsa: usb-audio: update quirk for Bamp;W PX to remove microphone . - apparmor: Check buffer bounds when mapping permissions mask . - ARM: bcm2835: Add GET_THROTTLED firmware property . - ASoC: intel: skylake: Add missing break in skl_tplg_get_token . - ASoC: Intel: Skylake: Reset the controller in probe . - ASoC: rsnd: adg: care clock-frequency size . - ASoC: rsnd: do not fallback to PIO mode when -EPROBE_DEFER . - ASoC: rt5514: Fix the issue of the delay volume applied again . - ASoC: sigmadsp: safeload should not have lower byte limit . - ASoC: wm8804: Add ACPI support . - ath10k: fix kernel panic issue during pci probe . - ath10k: fix scan crash due to incorrect length calculation . - ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait . - autofs: fix autofs_sbi does not check super block type . - autofs: fix slab out of bounds read in getname_kernel . - autofs: mount point create should honour passed in mode . - badblocks: fix wrong return value in badblocks_set if badblocks are disabled . - batman-adv: Avoid probe ELP information leak . - batman-adv: fix backbone_gw refcount on queue_work failure . - batman-adv: fix hardif_neigh refcount on queue_work failure . - bdi: Fix another oops in wb_workfn . - bdi: Preserve kabi when adding cgwb_release_mutex . - blkdev_report_zones_ioctl: Use vmalloc to allocate large buffers . - blk-mq: I/O and timer unplugs are inverted in blktrace . - block, bfq: fix wrong init of saved start time for weight raising . - block: bfq: swap puts in bfqg_and_blkg_put . - block: bvec_nr_vecs returns value for wrong slab . - bpf/verifier: disallow pointer subtraction . - btrfs: Enhance btrfs_trim_fs function to handle error better . - btrfs: Ensure btrfs_trim_fs can trim the whole filesystem . - btrfs: fix file data corruption after cloning a range and fsync . - btrfs: fix missing error return in btrfs_drop_snapshot . - btrfs: fix mount failure after fsync due to hard link recreation . - btrfs: handle errors while updating refcounts in update_ref_for_cow . - btrfs: send, fix invalid access to commit roots due to concurrent snapshotting . - cdc-acm: fix race between reset and control messaging . - ceph: avoid a use-after-free in ceph_destroy_options . - cfg80211: fix a type issue in ieee80211_chandef_to_operating_class . - cifs: check for STATUS_USER_SESSION_DELETED . - cifs: check for STATUS_USER_SESSION_DELETED . - cifs: connect to servername instead of IP for IPC$ share . - cifs: fix memory leak in SMB2_open . - cifs: fix memory leak in SMB2_open . - cifs: Fix use after free of a mid_q_entry . - cifs: Fix use after free of a mid_q_entry . - clk: x86: add quot;ether_clkquot; alias for Bay Trail / Cherry Trail . - clk: x86: Stop marking clocks as CLK_IS_CRITICAL . - clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs . - clocksource/drivers/timer-atmel-pit: Properly handle error cases . - coda: fix "kernel memory exposure attempt" in fsync . - crypto: caam - fix implicit casts in endianness helpers . - crypto: ccp - add timeout support in the SEV command . - crypto: chelsio - Fix memory corruption in DMA Mapped buffers . - crypto: lrw - Fix out-of bounds access on counter overflow . - crypto: mxs-dcp - Fix wait logic on chan threads . - crypto: qat - Fix KASAN stack-out-of-bounds bug in adf_probe . - crypto: tcrypt - fix ghash-generic speed test . - dax: Fix deadlock in dax_lock_mapping_entry . - debugobjects: Make stack check warning more informative . - Disable DRM patches that broke vbox video driver KMP - Documentation/l1tf: Fix small spelling typo . - do d_instantiate/unlock_new_inode combinations safely . - Do not leak MNT_INTERNAL away from internal mounts . - drm/amdgpu: add another ATPX quirk for TOPAZ . - drm/amdgpu: fix error handling in amdgpu_cs_user_fence_chunk - drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 . - drm/amdgpu: Fix vce work queue was not cancelled when suspend - drm/amdgpu/powerplay: fix missing break in switch statements - drm/amdgpu: Pulling old prepare and submit for flip back . - drm/amdgpu: revert quot;fix deadlock of reservation between cs and gpu reset v2quot; . - drm/edid: VSDB yCBCr420 Deep Color mode bit definitions . - drm/hisilicon: hibmc: Do not carry error code in HiBMC framebuffer - drm/hisilicon: hibmc: Do not overwrite fb helper surface depth - drm/i915/audio: Hook up component bindings even if displays are - drm/i915/dp: Link train Fallback on eDP only if fallback link BW can fit panel"s native mode . - drm/i915/gen9+: Fix initial readout for Y tiled framebuffers - drm/i915/glk: Add Quirk for GLK NUC HDMI port issues . - drm/i915: Restore vblank interrupts earlier . - drm: mali-dp: Call drm_crtc_vblank_reset on device init . - drm/mediatek: fix OF sibling-node lookup - drm/msm: fix OF child-node lookup - drm/nouveau/disp: fix DP disable race . - drm/nouveau: Do not disable polling in fallback mode . - drm/nouveau/TBDdevinit: do not fail when PMU/PRE_OS is missing from VBIOS . - drm/sti: do not remove the drm_bridge that was never added - drm/sun4i: Fix an ulong overflow in the dotclock driver - drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset - e1000: check on netif_running before calling e1000_up . - e1000: ensure to free old tx/rx rings in set_ringparam . - edac: Raise the maximum number of memory controllers . - edac, thunderx: Fix memory leak in thunderx_l2c_threaded_isr . - eeprom: at24: change nvmem stride to 1 . - eeprom: at24: check at24_read/write arguments . - eeprom: at24: correctly set the size for at24mac402 . - enic: do not call enic_change_mtu in enic_probe . - enic: handle mtu change for vf properly . - enic: initialize enic-gt;rfs_h.lock in enic_probe . - ethtool: fix a privilege escalation bug . - ext2, dax: set ext2_dax_aops for dax files . - ext4: avoid arithemetic overflow that can trigger a BUG . - ext4: avoid divide by zero fault when deleting corrupted inline directories . - ext4: check for NUL characters in extended attribute"s name . - ext4: check to make sure the rename"s destination is not freed . - ext4: do not mark mmp buffer head dirty . - ext4: fix online resize"s handling of a too-small final block group . - ext4: fix online resizing for bigalloc file systems with a 1k block size . - ext4: fix spectre gadget in ext4_mb_regular_allocator . - ext4: recalucate superblock checksum after updating free blocks/inodes . - ext4: reset error code in ext4_find_entry in fallback . - ext4: show test_dummy_encryption mount option in /proc/mounts . - fbdev/omapfb: fix omapfb_memory_read infoleak . - firmware: raspberrypi: Register hwmon driver . - floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl . - fs: dcache: Avoid livelock between d_alloc_parallel and __d_add . - fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot . - fs: dcache: Use READ_ONCE when accessing i_dir_seq . - fs/quota: Fix spectre gadget in do_quotactl . - getname_kernel needs to make sure that -gt;name != -gt;iname in long case . - gpio: adp5588: Fix sleep-in-atomic-context bug . - gpio: Fix crash due to registration race . - gpiolib-acpi: Register GpioInt ACPI event handlers from a late_initcall . - gpio: mb86s70: Revert quot;Return error if requesting an already assigned gpioquot; . - hfsplus: do not return 0 when fill_super failed . - hfsplus: stop workqueue when fill_super failed . - hfs: prevent crash on exit from failed search . - hid: add support for Apple Magic Keyboards . - hid: hid-saitek: Add device ID for RAT 7 Contagion . - hid: hid-sensor-hub: Force logical minimum to 1 for power and report state . - hid: quirks: fix support for Apple Magic Keyboards . - hid: sensor-hub: Restore fixup for Lenovo ThinkPad Helix 2 sensor hub report . - hv: avoid crash in vmbus sysfs files . - hv_netvsc: Fix a deadlock by getting rtnl lock earlier in netvsc_probe . - hv_netvsc: fix schedule in RCU context . - hwmon: Add support for RPi voltage sensor . - hwmon: Make adt7475_read_word return errors . - hwmon: fix sysfs shunt resistor read access . - hwmon: rpi: add module alias to raspberrypi-hwmon . - hwrng: core - document the quality field . - hypfs_kill_super: deal with failed allocations . - i2c: i2c-scmi: fix for i2c_smbus_write_block_data . - i2c: rcar: cleanup DMA for all kinds of failure . - iio: adc: at91: fix acking DRDY irq on simple conversions . - iio: adc: at91: fix wrong channel number in triggered buffer mode . - iio: adc: imx25-gcq: Fix leak of device_node in mx25_gcq_setup_cfgs . - Input: atakbd - fix Atari CapsLock behaviour . - Input: atakbd - fix Atari keymap . - intel_th: pci: Add Ice Lake PCH support . - iommu/arm-smmu: Error out only if not enough context interrupts . - iommu/vt-d: Add definitions for PFSID . - iommu/vt-d: Fix dev iotlb pfsid use . - iommu/vt-d: Fix scatterlist offset handling . - ipc/shm.c add -gt;pagesize function to shm_vm_ops . - iwlwifi: dbg: do not crash if the firmware crashes in the middle of a debug dump . - iwlwifi: mvm: Allow TKIP for AP mode . - iwlwifi: mvm: check for n_profiles validity in EWRD ACPI . - iwlwifi: mvm: clear HW_RESTART_REQUESTED when stopping the interface . - iwlwifi: mvm: open BA session only when sta is authorized . - iwlwifi: mvm: send BCAST management frames to the right station . - iwlwifi: pcie: gen2: build A-MSDU only for GSO . - iwlwifi: pcie gen2: check iwl_pcie_gen2_set_tb return value . - jbd2: fix use after free in jbd2_log_do_checkpoint . - kABI: Hide get_msr_feature in kvm_x86_ops . - KABI: hide new member in struct iommu_table from genksyms . - KABI: powerpc: export __find_linux_pte as __find_linux_pte_or_hugepte . - kabi/severities: correct nvdimm kabi exclusion - kabi/severities: ignore ppc64 realmode helpers. KVM fixes remove exports of realmode_pfn_to_page iommu_tce_xchg_rm mm_iommu_lookup_rm mm_iommu_ua_to_hpa_rm. Some are no longer used and others are no longer exported because the code was consolideted in one place. These helpers are to be called in realmode and linking to them from non-KVM modules is a bug. Hence removing them does not break KABI. - kabi/severities: ignore __xive_vm_h_* KVM internal symbols. - Kbuild: fix # escaping in .cmd files for future Make . - kernfs: update comment about kernfs_path return value . - kprobes/x86: Fix %p uses in error messages . - ksm: fix unlocked iteration over vmas in cmp_and_merge_page . - kvm: Make VM ioctl do valloc for some archs . - KVM: PPC: Add pt_regs into kvm_vcpu_arch and move vcpu-gt;arch.gpr[] into it . - KVM: PPC: Avoid marking DMA-mapped pages dirty in real mode . - KVM: PPC: Book3S: Add MMIO emulation for VMX instructions . - KVM: PPC: Book3S: Allow backing bigger guest IOMMU pages with smaller physical pages . - KVM: PPC: Book3S: Check KVM_CREATE_SPAPR_TCE_64 parameters . - KVM: PPC: Book3S: Eliminate some unnecessary checks . - KVM: PPC: Book3S: Fix compile error that occurs with some gcc versions . - KVM: PPC: Book3S: Fix matching of hardware and emulated TCE tables . - KVM: PPC: Book3S HV: Add of_node_put in success path . - KVM: PPC: Book3S HV: Add "online" register to ONE_REG interface . - KVM: PPC: Book3S HV: Allow creating max number of VCPUs on POWER9 . - KVM: PPC: Book3S HV: Allow HPT and radix on the same core for POWER9 v2.2 . - KVM: PPC: Book3S HV: Avoid crash from THP collapse during radix page fault . - KVM: PPC: Book3S HV: Avoid shifts by negative amounts . - KVM: PPC: Book3S HV: Check DR not IR to chose real vs virt mode MMIOs . - KVM: PPC: Book3S HV: Do not truncate HPTE index in xlate function . - KVM: PPC: Book3S HV: Do not use compound_order to determine host mapping size . - KVM: PPC: Book3S HV: Do not use existing quot;proddedquot; flag for XIVE escalations . - KVM: PPC: Book 3S HV: Do ptesync in radix guest exit path . - KVM: PPC: Book3S HV: Do SLB load/unload with guest LPCR value loaded . - KVM: PPC: Book3S HV: Enable migration of decrementer register . - KVM: PPC: Book3S HV: Factor fake-suspend handling out of kvmppc_save/restore_tm . - KVM: PPC: Book3S HV: Fix conditions for starting vcpu . - KVM: PPC: Book3S HV: Fix constant size warning . - KVM: PPC: Book3S HV: Fix duplication of host SLB entries . - KVM: PPC: Book3S HV: Fix guest r11 corruption with POWER9 TM workarounds . - KVM: PPC: Book3S HV: Fix handling of large pages in radix page fault handler . - KVM: PPC: Book3S HV: Fix handling of secondary HPTEG in HPT resizing code . - KVM: PPC: Book3S HV: Fix inaccurate comment . - KVM: PPC: Book3S HV: Fix kvmppc_bad_host_intr for real mode interrupts . - KVM: PPC: Book3S HV: Fix trap number return from __kvmppc_vcore_entry . - KVM: PPC: Book3S HV: Fix typo in kvmppc_hv_get_dirty_log_radix . - KVM: PPC: Book3S HV: Fix VRMA initialization with 2MB or 1GB memory backing . - KVM: PPC: Book3S HV: Handle 1GB pages in radix page fault handler . - KVM: PPC: Book3S HV: Improve handling of debug-trigger HMIs on POWER9 . - KVM: PPC: Book3S HV: Keep XIVE escalation interrupt masked unless ceded . - KVM: PPC: Book3S HV: Lockless tlbie for HPT hcalls . - KVM: PPC: Book3S HV: Make HPT resizing work on POWER9 . - KVM: PPC: Book3S HV: Make radix clear pte when unmapping . - KVM: PPC: Book3S HV: Make radix use correct tlbie sequence in kvmppc_radix_tlbie_page . - KVM: PPC: Book3S HV: Make xive_pushed a byte, not a word . - KVM: PPC: Book3S HV: Pack VCORE IDs to access full VCPU ID space . - KVM: PPC: Book3S HV: radix: Do not clear partition PTE when RC or write bits do not match . - KVM: PPC: Book3S HV: Radix page fault handler optimizations . - KVM: PPC: Book3S HV: radix: Refine IO region partition scope attributes . - KVM: PPC: Book3S HV: Read kvm-gt;arch.emul_smt_mode under kvm-gt;lock . - KVM: PPC: Book3S HV: Recursively unmap all page table entries when unmapping . - KVM: PPC: Book3S HV: Remove useless statement . - KVM: PPC: Book3S HV: Remove vcpu-gt;arch.dec usage . - KVM: PPC: Book3S HV: Send kvmppc_bad_interrupt NMIs to Linux handlers . - KVM: PPC: Book3S HV: Set RWMR on POWER8 so PURR/SPURR count correctly . - KVM: PPC: Book3S HV: Snapshot timebase offset on guest entry . - KVM: PPC: Book3S HV: Streamline setting of reference and change bits . - KVM: PPC: Book3S HV: Use a helper to unmap ptes in the radix fault path . - KVM: PPC: Book3S HV: Use __gfn_to_pfn_memslot in page fault handler . - KVM: PPC: Book3S HV: XIVE: Resend re-routed interrupts on CPU priority change . - KVM: PPC: Book3S PR: Add guest MSR parameter for kvmppc_save_tm/kvmppc_restore_tm . - KVM: PPC: Book3S PR: Move kvmppc_save_tm/kvmppc_restore_tm to separate file . - KVM: PPC: Book3S: Use correct page shift in H_STUFF_TCE . - KVM: PPC: Fix a mmio_host_swabbed uninitialized usage issue . - KVM: PPC: Make iommu_table::it_userspace big endian . - KVM: PPC: Move nip/ctr/lr/xer registers to pt_regs in kvm_vcpu_arch . - KVM: PPC: Use seq_puts in kvmppc_exit_timing_show . - KVM: SVM: Add MSR-based feature support for serializing LFENCE . - KVM: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR . - KVM: VMX: Tell the nested hypervisor to skip L1D flush on vmentry . - KVM: x86: Add a framework for supporting MSR-based features . - KVM: x86: define SVM/VMX specific kvm_arch_[alloc|free]_vm . - KVM: X86: Introduce kvm_get_msr_feature . - kvm/x86: kABI fix for vm_alloc/vm_free changes . - kvm: x86: Set highest physical address bits in non-present/reserved SPTEs . - libertas: call into generic suspend code before turning off power . - libnvdimm, badrange: remove a WARN for list_empty . - libnvdimm, dimm: Maximize label transfer size . - libnvdimm, dimm: Maximize label transfer size . - libnvdimm: Introduce locked DIMM capacity support . - libnvdimm, label: change nvdimm_num_label_slots per UEFI 2.7 . - libnvdimm, label: change nvdimm_num_label_slots per UEFI 2.7 . - libnvdimm, label: Fix sparse warning . - libnvdimm, label: Fix sparse warning . - libnvdimm: move poison list functions to a new "badrange" file . - libnvdimm/nfit_test: add firmware download emulation . - libnvdimm/nfit_test: adding support for unit testing enable LSS status . - libnvdimm, testing: Add emulation for smart injection commands . - libnvdimm, testing: update the default smart ctrl_temperature . - lib/ubsan: add type mismatch handler for new GCC/Clang . - lib/ubsan.c: s/missaligned/misaligned/ . - livepatch: create and include UAPI headers . - lockd: fix quot;list_add double addquot; caused by legacy signal interface . - loop: add recursion validation to LOOP_CHANGE_FD . - loop: do not call into filesystem while holding lo_ctl_mutex . - loop: fix LOOP_GET_STATUS lock imbalance . - mac80211: correct use of IEEE80211_VHT_CAP_RXSTBC_X . - mac80211: do not convert to A-MSDU if frag/subframe limited . - mac80211: do not Tx a deauth frame if the AP forbade Tx . - mac80211: fix a race between restart and CSA flows . - mac80211: Fix station bandwidth setting after channel switch . - mac80211_hwsim: correct use of IEEE80211_VHT_CAP_RXSTBC_X . - mac80211_hwsim: require at least one channel . - mac80211: mesh: fix HWMP sequence numbering to follow standard . - mac80211: minstrel: fix using short preamble CCK rates on HT clients . - mac80211: Run TXQ teardown code before de-registering interfaces . - mac80211: shorten the IBSS debug messages . - mach64: detect the dot clock divider correctly on sparc . - make sure that __dentry_kill always invalidates d_seq, unhashed or not . - md: fix NULL dereference of mddev-gt;pers in remove_and_add_spares . - md/raid10: fix that replacement cannot complete recovery after reassemble . - md/raid1: add error handling of read error from FailFast device . - md/raid5-cache: disable reshape completely . - md/raid5: fix data corruption of replacements after originals dropped . - media: af9035: prevent buffer overflow on write . - media: cx231xx: fix potential sign-extension overflow on large shift . - media: dvb: fix compat ioctl translation . - media: em28xx: fix input name for Terratec AV 350 . - media: em28xx: use a default format if TRY_FMT fails . - media: pci: cx23885: handle adding to list failure . - media: tvp5150: avoid going past array on v4l2_querymenu . - media: tvp5150: fix switch exit in set control handler . - media: tvp5150: fix width alignment during set_selection . - media: uvcvideo: Fix uvc_alloc_entity allocation alignment . - media: v4l2-tpg: fix kernel oops when enabling HFLIP and OSD . - media: videobuf-dma-sg: Fix dma_{sync,unmap}_sg calls . - media: vsp1: Fix YCbCr planar formats pitch calculation . - mfd: arizona: Correct calling of runtime_put_sync . - mmc: block: avoid multiblock reads for the last sector in SPI mode . - mm: fix BUG_ON in vmf_insert_pfn_pud from VM_MIXEDMAP removal . - mm/migrate: Use spin_trylock while resetting rate limit . - mm: /proc/pid/pagemap: hide swap entries from unprivileged users . - modpost: ignore livepatch unresolved relocations . - move changes without Git-commit out of sorted section - mwifiex: handle race during mwifiex_usb_disconnect . - net/smc: retain old name for diag_mode field . - net/smc: use __aligned_u64 for 64-bit smc_diag fields . - NFC: nfcmrvl_uart: fix OF child-node lookup . - nfit_test: add error injection DSMs . - nfit_test: fix buffer overrun, add sanity check . - nfit_test: improve structure offset handling . - nfit_test: prevent parsing error of nfit_test.0 . - nfit_test: when clearing poison, also remove badrange entries . - NFS: Avoid quadratic search when freeing delegations . - nvdimm: Clarify comment in sizeof_namespace_index . - nvdimm: Clarify comment in sizeof_namespace_index . - nvdimm: Remove empty if statement . - nvdimm: Remove empty if statement . - nvdimm: Sanity check labeloff . - nvdimm: Sanity check labeloff . - nvdimm: Split label init out from the logic for getting config data . - nvdimm: Split label init out from the logic for getting config data . - nvdimm: Use namespace index data to reduce number of label reads needed . - nvdimm: Use namespace index data to reduce number of label reads needed . - of: add helper to lookup compatible child node - orangefs: fix deadlock; do not write i_size in read_iter . - orangefs: initialize op on loop restart in orangefs_devreq_read . - orangefs_kill_sb: deal with allocation failures . - orangefs: use list_for_each_entry_safe in purge_waiting_ops . - ovl: fix format of setxattr debug . - ovl: Sync upper dirty data when syncing overlayfs . - PCI/ASPM: Fix link_state teardown on device removal . - PCI: hv: Do not wait forever on a device that has disappeared . - PCI: hv: Use effective affinity mask . - PCI: Reprogram bridge prefetch registers on resume . - pipe: match pipe_max_size data type with procfs . - PM / Domains: Fix genpd to deal with drivers returning 1 from -gt;prepare . - powerpc/kvm/booke: Fix altivec related build break . - powerpc/kvm: Switch kvm pmd allocator to custom allocator . - powerpc/mm/hugetlb: initialize the pagetable cache correctly for hugetlb . - powerpc/mm: Rename find_linux_pte_or_hugepte . - powerpc/numa: Skip onlining a offline node in kdump path . - powerpc/powernv: Add indirect levels to it_userspace . - powerpc/powernv/ioda2: Reduce upper limit for DMA window size . - powerpc/powernv/ioda: Allocate indirect TCE levels on demand . - powerpc/powernv/ioda: Finish removing explicit max window size check . - powerpc/powernv/ioda: Remove explicit max window size check . - powerpc/powernv: Move TCE manupulation code to its own file . - powerpc/powernv: Rework TCE level allocation . - powerpc/pseries: Fix build break for SPLPAR=n and CPU hotplug . - powerpc/pseries: Fix CONFIG_NUMA=n build . - powerpc/pseries: Fix quot;OF: ERROR: Bad of_node_put on /cpusquot; during DLPAR . - powerpc: pseries: remove dlpar_attach_node dependency on full path . - powerpc/rtas: Fix a potential race between CPU-Offline amp; Migration . - powerpc/xive: Move definition of ESB bits . - powerpc/xmon: Add ISA v3.0 SPRs to SPR dump . - printk: drop in_nmi check from printk_safe_flush_on_panic . - printk/tracing: Do not trace printk_nmi_enter . - proc: restrict kernel stack dumps to root . blacklist.conf: - qmi_wwan: Added support for Gemalto"s Cinterion ALASxx WWAN interface . - qrtr: add MODULE_ALIAS macro to smd . - r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED . - race of lockd inetaddr notifiers vs nlmsvc_rqst change . - RAID10 BUG_ON in raise_barrier when force is true and conf-gt;barrier is 0 . - random: rate limit unseeded randomness warnings . - rculist: add list_for_each_entry_from_rcu . - rculist: Improve documentation for list_for_each_entry_from_rcu . - reiserfs: add check to detect corrupted directory entry . - reiserfs: do not panic on bad directory entries . - rename a hv patch to reduce conflicts in -AZURE - reorder a qedi patch to allow further work in this branch - resource: Include resource end in walk_* interfaces . - Revert quot;drm/amdgpu: Add an ATPX quirk for hybrid laptopquot; . - Revert quot;drm/i915/gvt: set max priority for gvt contextquot; . - Revert quot;gpio: set up initial state from .get_directionquot; . - Revert quot;iommu/io-pgtable: Avoid redundant TLB syncsquot; . - Revert quot;mwifiex: fix incorrect ht capability problemquot; . - Revert quot;mwifiex: handle race during mwifiex_usb_disconnectquot; . - Revert quot;pinctrl: sunxi: Do not enforce bias disable quot; . - rpc_pipefs: fix double-dput . - rpmsg: Correct support for MODULE_DEVICE_TABLE . - sched/numa: Limit the conditions where scan period is reset . - scripts/series2git: - scripts/series2git: Revert the change mistakenly taken A quot;fixquot; for series2git went in mistakenly among other patches. Revert it here. It"ll be picked up from a proper branch if need. - scsi: core: Allow state transitions from OFFLINE to BLOCKED . - scsi: core: Allow state transitions from OFFLINE to BLOCKED . - scsi: ipr: Eliminate duplicate barriers . - scsi: ipr: fix incorrect indentation of assignment statement . - scsi: ipr: Use dma_pool_zalloc . - scsi: libfc: check fc_frame_payload_get return value for null . - scsi: libfc: check fc_frame_payload_get return value for null . - scsi: libfc: retry PRLI if we cannot analyse the payload . - scsi: libfc: retry PRLI if we cannot analyse the payload . - scsi: qla2xxx: do not allow negative thresholds . - scsi: qla2xxx: Fix driver hang when FC-NVMe LUNs are configured . - scsi: qla2xxx: Fix duplicate switch database entries . - scsi: qla2xxx: Fix for double free of SRB structure . - scsi: qla2xxx: Fix memory leak for allocating abort IOCB . - scsi: qla2xxx: Fix NVMe session hang on unload . - scsi: qla2xxx: Fix NVMe Target discovery . - scsi: qla2xxx: Fix recursive mailbox timeout . - scsi: qla2xxx: Fix re-using LoopID when handle is in use . - scsi: qla2xxx: Move log messages before issuing command to firmware . - scsi: qla2xxx: Return switch command on a timeout . - scsi: target: prefer dbroot of /etc/target over /var/target . - serial: 8250: Fix clearing FIFOs in RS485 mode again . - signal: Properly deliver SIGSEGV from x86 uprobes . - smb2: fix missing files in root share directory listing . - smb2: fix missing files in root share directory listing . - smb3: fill in statfs fsid and correct namelen . - smb3: fill in statfs fsid and correct namelen . - smb3: fix reset of bytes read and written stats . - smb3: fix reset of bytes read and written stats . - smb3: on reconnect set PreviousSessionId field . - smb3: on reconnect set PreviousSessionId field . - sock_diag: fix use-after-free read in __sk_free . - soc/tegra: pmc: Fix child-node lookup . - soreuseport: initialise timewait reuseport field . - sound: do not call skl_init_chip to reset intel skl soc . - sound: enable interrupt after dma buffer initialization . - spi/bcm63xx-hsspi: keep pll clk enabled . - spi: bcm-qspi: switch back to reading flash using smaller chunks . - spi: sh-msiof: fix deferred probing . - squashfs: be more careful about metadata corruption . - Squashfs: Compute expected length from inode size rather than block length . - squashfs metadata 2: electric boogaloo . - squashfs: more metadata hardening . - squashfs: more metadata hardening . - staging: comedi: ni_mio_common: protect register write overflow . - stm: Potential read overflow in stm_char_policy_set_ioctl . - supported.conf: mark raspberrypi-hwmon as supported - switchtec: Fix Spectre v1 vulnerability . - sysfs: Do not return POSIX ACL xattrs via listxattr . - target: log Data-Out timeouts as errors . - target: log NOP ping timeouts as errors . - target: split out helper for cxn timeout error stashing . - target: stash sess_err_stats on Data-Out timeout . - target: use ISCSI_IQN_LEN in iscsi_target_stat . - team: Forbid enslaving team device to itself . - tools build: fix # escaping in .cmd files for future Make . - tools/testing/nvdimm: advertise a write cache for nfit_test . - tools/testing/nvdimm: allow custom error code injection . - tools/testing/nvdimm: disable labels for nfit_test.1 . - tools/testing/nvdimm: enable labels for nfit_test.1 dimms . - tools/testing/nvdimm: fix missing newline in nfit_test_dimm "handle" attribute . - tools/testing/nvdimm: Fix support for emulating controller temperature . - tools/testing/nvdimm: force nfit_test to depend on instrumented modules . - tools/testing/nvdimm: improve emulation of smart injection . - tools/testing/nvdimm: kaddr and pfn can be NULL to -gt;direct_access . - tools/testing/nvdimm: Make DSM failure code injection an override . - tools/testing/nvdimm: smart alarm/threshold control . - tools/testing/nvdimm: stricter bounds checking for error injection commands . - tools/testing/nvdimm: support nfit_test_dimm attributes under nfit_test.1 . - tools/testing/nvdimm: unit test clear-error commands . - tools/vm/page-types.c: fix quot;defined but not usedquot; warning . - tools/vm/slabinfo.c: fix sign-compare warning . - tracing: Add barrier to trace_printk buffer nesting modification . - tty: Do not block on IO when ldisc change is pending . - tty: fix data race between tty_init_dev and flush of buf . - tty: Hold tty_ldisc_lock during tty_reopen . - tty/ldsem: Add lockdep asserts for ldisc_sem . - tty/ldsem: Convert to regular lockdep annotations . - tty/ldsem: Decrement wait_readers on timeouted down_read . - tty/ldsem: Wake up readers after timed out down_write . - tty: Simplify tty-gt;count math in tty_reopen . - Update patches.arch/KVM-PPC-Book3S-HV-Snapshot-timebase-offset-on-guest-.patch . - Update patches.arch/powerpc-powernv-ioda2-Reduce-upper-limit-for-DMA-win.patch . - Update patches.fixes/0002-nfs41-do-not-return-ENOMEM-on-LAYOUTUNAVAILABLE.patch . - Update patches.fixes/libnvdimm-dimm-maximize-label-transfer-size.patch . - Update patches.fixes/libnvdimm-label-change-nvdimm_num_label_slots-per-uefi-2-7.pa tch . - Update patches.fixes/libnvdimm-label-fix-sparse-warning.patch . - Update patches.fixes/nvdimm-clarify-comment-in-sizeof_namespace_index.patch . - Update patches.fixes/nvdimm-remove-empty-if-statement.patch . - Update patches.fixes/nvdimm-sanity-check-labeloff.patch . - Update patches.fixes/nvdimm-split-label-init-out-from-the-logic-for-getting-config -data.patch . - Update patches.fixes/nvdimm-use-namespace-index-data-to-reduce-number-of-label-rea ds-needed.patch . - usb: chipidea: Prevent unbalanced IRQ disable . - usb: gadget: fotg210-udc: Fix memory leak of fotg210-gt;ep[i] . - usb: gadget: fsl_udc_core: check allocation return value and cleanup on failure . - usb: gadget: fsl_udc_core: fixup struct_udc_setup documentation . - usbip: tools: fix atoi on non-null terminated string . - USB: remove LPM management from usb_driver_claim_interface . - USB: serial: cypress_m8: fix interrupt-out transfer length . - USB: serial: simple: add Motorola Tetra MTP6550 id . - usb: xhci-mtk: resume USB3 roothub first . - USB: yurex: Check for truncation in yurex_read . - userfaultfd: hugetlbfs: fix userfaultfd_huge_must_wait pte access . - use the new async probing feature for the hyperv drivers . - Use upstream version of pci-hyperv patch - VFS: close race between getcwd and d_move . - vfs: fix freeze protection in mnt_want_write_file for overlayfs . - vmbus: do not return values for uninitalized channels . - vti4: Do not count header length twice on tunnel setup . - vti6: fix PMTU caching and reporting on xmit . - vti6: remove !skb-gt;ignore_df check from vti6_xmit . - Workaround for mysterious NVMe breakage with i915 CFL . - x86/acpi: Prevent X2APIC id 0xffffffff from being accounted . - x86/boot/KASLR: Work around firmware bugs by excluding EFI_BOOT_SERVICES_* and EFI_LOADER_* from KASLR"s choice . - x86/boot: Move EISA setup to a separate file . - x86/cpufeature: Add User-Mode Instruction Prevention definitions . - x86/cpufeatures: Add Intel Total Memory Encryption cpufeature . - x86/eisa: Add missing include . - x86/EISA: Do not probe EISA bus for Xen PV guests . - x86/fpu: Remove second definition of fpu in __fpu__restore_sig . - x86/irq: implement irq_data_get_effective_affinity_mask for v4.12 . - x86/kasan: Panic if there is not enough memory to boot . - x86/kexec: Correct KEXEC_BACKUP_SRC_END off-by-one error . - x86/MCE: Fix stack out-of-bounds write in mce-inject.c: Flags_read . - x86, nfit_test: Add unit test for memcpy_mcsafe . - x86/paravirt: Fix some warning messages . - x86/percpu: Fix this_cpu_read . - x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit on 32bit . - x86/time: Correct the attribute on jiffies" definition . - xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap . - xen: Remove unnecessary BUG_ON from __unbind_from_irq . - xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent . - xfrm: use complete IPv6 addresses for hash . - xfs: do not fail when converting shortform attr to long form during ATTR_REPLACE . - xfs: do not fail when converting shortform attr to long form during ATTR_REPLACE . - xhci: Add missing CAS workaround for Intel Sunrise Point xHCI . - xhci: Do not print a warning when setting link state for disabled ports . Special Instructions and Notes: Please reboot the system after installing this update.