ESB-2017.2162 - [SUSE] kernel: Multiple vulnerabilities 2017-08-30

Printable version
PGP/GPG verifiable version

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2017.2162
        SUSE Security Update: Security update for the Linux Kernel
                              30 August 2017

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:          kernel
Publisher:        SUSE
Operating System: SUSE
Impact/Access:    Root Compromise   -- Existing Account
                  Denial of Service -- Existing Account
Resolution:       Patch/Upgrade
CVE Names:        CVE-2017-1000112 CVE-2017-1000111 CVE-2017-11473
                  CVE-2017-10810 CVE-2017-8831 CVE-2017-7542
                  CVE-2017-7541 CVE-2017-7533 

Reference:        ESB-2017.2150
                  ESB-2017.2075
                  ESB-2017.1981
                  ESB-2017.1966
                  ESB-2017.1958
                  ESB-2017.1929
                  ESB-2017.2033.2

- --------------------------BEGIN INCLUDED TEXT--------------------

   SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2017:2286-1
Rating:             important
References:         #1005778 #1006180 #1011913 #1012829 #1013887 
                    #1015337 #1015342 #1016119 #1019151 #1019695 
                    #1020645 #1022476 #1022600 #1022604 #1023175 
                    #1024346 #1024373 #1025461 #1026570 #1028173 
                    #1028286 #1029693 #1030552 #1031515 #1031717 
                    #1031784 #1033587 #1034075 #1034113 #1034762 
                    #1036215 #1036632 #1037344 #1037404 #1037838 
                    #1037994 #1038078 #1038616 #1038792 #1039153 
                    #1039348 #1039915 #1040307 #1040347 #1040351 
                    #1041958 #1042257 #1042286 #1042314 #1042422 
                    #1042778 #1043261 #1043347 #1043520 #1043598 
                    #1043652 #1043805 #1043912 #1044112 #1044443 
                    #1044623 #1044636 #1045154 #1045293 #1045330 
                    #1045404 #1045563 #1045596 #1045709 #1045715 
                    #1045866 #1045922 #1045937 #1046105 #1046170 
                    #1046434 #1046651 #1046655 #1046682 #1046821 
                    #1046985 #1047027 #1047048 #1047096 #1047118 
                    #1047121 #1047152 #1047174 #1047277 #1047343 
                    #1047354 #1047418 #1047506 #1047595 #1047651 
                    #1047653 #1047670 #1047802 #1048146 #1048155 
                    #1048221 #1048317 #1048348 #1048356 #1048421 
                    #1048451 #1048501 #1048891 #1048912 #1048914 
                    #1048916 #1048919 #1049231 #1049289 #1049298 
                    #1049361 #1049483 #1049486 #1049603 #1049619 
                    #1049645 #1049706 #1049882 #1050061 #1050188 
                    #1050211 #1050320 #1050322 #1050677 #1051022 
                    #1051048 #1051059 #1051239 #1051399 #1051471 
                    #1051478 #1051479 #1051556 #1051663 #1051689 
                    #1051979 #1052049 #1052223 #1052311 #1052325 
                    #1052365 #1052442 #1052533 #1052709 #1052773 
                    #1052794 #1052899 #1052925 #1053043 #1053117 
                    #964063 #974215 #998664 
Cross-References:   CVE-2017-1000111 CVE-2017-1000112 CVE-2017-10810
                    CVE-2017-11473 CVE-2017-7533 CVE-2017-7541
                    CVE-2017-7542 CVE-2017-8831
Affected Products:
                    SUSE Linux Enterprise Workstation Extension 12-SP3
                    SUSE Linux Enterprise Software Development Kit 12-SP3
                    SUSE Linux Enterprise Server 12-SP3
                    SUSE Linux Enterprise Live Patching 12-SP3
                    SUSE Linux Enterprise High Availability 12-SP3
                    SUSE Linux Enterprise Desktop 12-SP3
______________________________________________________________________________

   An update that solves 8 vulnerabilities and has 150 fixes
   is now available.

Description:



   The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.82 to receive
   various security and bugfixes.


   The following security bugs were fixed:

   - CVE-2017-1000111: Fixed a race condition in net-packet code that could
     be exploited to cause out-of-bounds memory access (bsc#1052365).
   - CVE-2017-1000112: Fixed a race condition in net-packet code that could
     have been exploited by unprivileged users to gain root access.
     (bsc#1052311).
   - CVE-2017-8831: The saa7164_bus_get function in
     drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel allowed
     local users to cause a denial of service (out-of-bounds array access) or
     possibly have unspecified other impact by changing a certain
     sequence-number value, aka a "double fetch" vulnerability (bnc#1037994).
   - CVE-2017-7542: The ip6_find_1stfragopt function in
     net/ipv6/output_core.c in the Linux kernel allowed local users to cause
     a denial of service (integer overflow and infinite loop) by leveraging
     the ability to open a raw socket (bnc#1049882).
   - CVE-2017-11473: Buffer overflow in the mp_override_legacy_irq() function
     in arch/x86/kernel/acpi/boot.c in the Linux kernel allowed local users
     to gain privileges via a crafted ACPI table (bnc#1049603).
   - CVE-2017-7533: Race condition in the fsnotify implementation in the
     Linux kernel allowed local users to gain privileges or cause a denial of
     service (memory corruption) via a crafted application that leverages
     simultaneous execution of the inotify_handle_event and vfs_rename
     functions (bnc#1049483 bnc#1050677).
   - CVE-2017-7541: The brcmf_cfg80211_mgmt_tx function in
     drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux
     kernel allowed local users to cause a denial of service (buffer overflow
     and system crash) or possibly gain privileges via a crafted
     NL80211_CMD_FRAME Netlink packet (bnc#1049645).
   - CVE-2017-10810: Memory leak in the virtio_gpu_object_create function in
     drivers/gpu/drm/virtio/virtgpu_object.c in the Linux kernel allowed
     attackers to cause a denial of service (memory consumption) by
     triggering object-initialization failures (bnc#1047277).

   The following non-security bugs were fixed:

   - acpi/nfit: Add support of NVDIMM memory error notification in ACPI 6.2
     (bsc#1052325).
   - acpi/nfit: Issue Start ARS to retrieve existing records (bsc#1052325).
   - acpi / processor: Avoid reserving IO regions too early (bsc#1051478).
   - acpi / scan: Prefer devices without _HID for _ADR matching (git-fixes).
   - Add "shutdown" to "struct class" (bsc#1053117).
   - af_key: Add lock to key dump (bsc#1047653).
   - af_key: Fix slab-out-of-bounds in pfkey_compile_policy (bsc#1047354).
   - alsa: fm801: Initialize chip after IRQ handler is registered
     (bsc#1031717).
   - alsa: hda - add more ML register definitions (bsc#1048356).
   - alsa: hda - add sanity check to force the separate stream tags
     (bsc#1048356).
   - alsa: hda: Add support for parsing new HDA capabilities (bsc#1048356).
   - alsa: hdac: Add support for hda DMA Resume capability (bsc#1048356).
   - alsa: hdac_regmap - fix the register access for runtime PM (bsc#1048356).
   - alsa: hda: Fix cpu lockup when stopping the cmd dmas (bsc#1048356).
   - alsa: hda - Fix endless loop of codec configure (bsc#1031717).
   - alsa: hda: fix to wait for RIRB & CORB DMA to set (bsc#1048356).
   - alsa: hda - Loop interrupt handling until really cleared (bsc#1048356).
   - alsa: hda - move bus_parse_capabilities to core (bsc#1048356).
   - alsa: hda - set input_path bitmap to zero after moving it to new place
     (bsc#1031717).
   - alsa: hda - set intel audio clock to a proper value (bsc#1048356).
   - arm64: kernel: restrict /dev/mem read() calls to linear region
     (bsc#1046651).
   - arm64: mm: remove page_mapping check in __sync_icache_dcache
     (bsc#1040347).
   - arm64: Update config files. Disable DEVKMEM
   - b43: Add missing MODULE_FIRMWARE() (bsc#1037344).
   - bcache: force trigger gc (bsc#1038078).
   - bcache: only recovery I/O error for writethrough mode (bsc#1043652).
   - bcache: only recovery I/O error for writethrough mode (bsc#1043652).
   - bdi: Fix use-after-free in wb_congested_put() (bsc#1040307).
   - blacklist.conf: 9eeacd3a2f17 not a bug fix (bnc#1050061)
   - blacklist.conf: add inapplicable commits for wifi (bsc#1031717)
   - blacklist.conf: add non-applicable fixes for iwlwifi (FATE#323335)
   - blacklist.conf: add unapplicable/cosmetic iwlwifi fixes (bsc#1031717).
   - blacklist.conf: add unapplicable drm fixes (bsc#1031717).
   - blacklist.conf: Blacklist aa2369f11ff7 ('mm/gup.c: fix access_ok()
     argument type') (bsc#1051478) Fixes only a compile-warning.
   - blacklist.conf: Blacklist c133c7615751 ('x86/nmi: Fix timeout test in
     test_nmi_ipi()') It only fixes a self-test (bsc#1051478).
   - blacklist.conf: Blacklist c9525a3fab63 ('x86/watchdog: Fix Kconfig help
     text file path reference to lockup watchdog documentation') Updates only
     kconfig help-text (bsc#1051478).
   - blkfront: add uevent for size change (bnc#1036632).
   - blk-mq: map all HWQ also in hyperthreaded system (bsc#1045866).
   - block: add kblock_mod_delayed_work_on() (bsc#1050211).
   - block: Allow bdi re-registration (bsc#1040307).
   - block: do not allow updates through sysfs until registration completes
     (bsc#1047027).
   - block: Fix front merge check (bsc#1051239).
   - block: Make blk_mq_delay_kick_requeue_list() rerun the queue at a quiet
     time (bsc#1050211).
   - block: Make del_gendisk() safer for disks without queues (bsc#1040307).
   - block: Move bdi_unregister() to del_gendisk() (bsc#1040307).
   - block: provide bio_uninit() free freeing integrity/task associations
     (bsc#1050211).
   - bluetooth: hidp: fix possible might sleep error in hidp_session_thread
     (bsc#1031784).
   - brcmfmac: Fix glom_skb leak in brcmf_sdiod_recv_chain (bsc#1031717).
   - btrfs: add cond_resched to btrfs_qgroup_trace_leaf_items (bsc#1028286).
   - btrfs: Add WARN_ON for qgroup reserved underflow (bsc#1031515).
   - btrfs: Do not clear SGID when inheriting ACLs (bsc#1030552).
   - btrfs: fix lockup in find_free_extent with read-only block groups
     (bsc#1046682).
   - btrfs: incremental send, fix invalid path for link commands
     (bsc#1051479).
   - btrfs: incremental send, fix invalid path for unlink commands
     (bsc#1051479).
   - btrfs: Manually implement device_total_bytes getter/setter (bsc#1043912).
   - btrfs: resume qgroup rescan on rw remount (bsc#1047152).
   - btrfs: Round down values which are written for total_bytes_size
     (bsc#1043912).
   - btrfs: send, fix invalid path after renaming and linking file
     (bsc#1051479).
   - cifs: Fix some return values in case of error in 'crypt_message'
     (bnc#1047802).
   - clocksource/drivers/arm_arch_timer: Fix read and iounmap of incorrect
     variable (bsc#1045937).
   - cpuidle: dt: Add missing 'of_node_put()' (bnc#1022476).
   - crypto: s5p-sss - fix incorrect usage of scatterlists api (bsc#1048317).
   - cx82310_eth: use skb_cow_head() to deal with cloned skbs (bsc# 1045154).
   - cxgb4: fix a NULL dereference (bsc#1005778).
   - cxgb4: fix BUG() on interrupt deallocating path of ULD (bsc#1005778).
   - cxgb4: fix memory leak in init_one() (bsc#1005778).
   - cxl: Unlock on error in probe (bsc#1034762, Pending SUSE Kernel Fixes).
   - dentry name snapshots (bsc#1049483).
   - device-dax: fix sysfs attribute deadlock (bsc#1048919).
   - dm: fix second blk_delay_queue() parameter to be in msec units not
     (bsc#1047670).
   - dm: make flush bios explicitly sync (bsc#1050211).
   - dm raid1: fixes two crash cases if mirror leg failed (bsc#1043520)
   - drivers/char: kmem: disable on arm64 (bsc#1046655).
   - drivers: hv: As a bandaid, increase HV_UTIL_TIMEOUT from 30 to 60
     seconds (bnc#1039153)
   - drivers: hv: Fix a typo (fate#320485).
   - drivers: hv: Fix the bug in generating the guest ID (fate#320485).
   - drivers: hv: util: Fix a typo (fate#320485).
   - drivers: hv: util: Make hv_poll_channel() a little more efficient
     (fate#320485).
   - drivers: hv: vmbus: Close timing hole that can corrupt per-cpu page
     (fate#320485).
   - drivers: hv: vmbus: Fix error code returned by vmbus_post_msg()
     (fate#320485).
   - drivers: hv: vmbus: Get the current time from the current clocksource
     (fate#320485, bnc#1044112).
   - drivers: hv: vmbus: Get the current time from the current clocksource
     (fate#320485, bnc#1044112, bnc#1042778, bnc#1029693).
   - drivers: hv: vmbus: Increase the time between retries in
     vmbus_post_msg() (fate#320485, bnc#1044112).
   - drivers: hv: vmbus: Increase the time between retries in
     vmbus_post_msg() (fate#320485, bnc#1044112).
   - drivers: hv: vmbus: Move the code to signal end of message (fate#320485).
   - drivers: hv: vmbus: Move the definition of generate_guest_id()
     (fate#320485).
   - drivers: hv: vmbus: Move the definition of hv_x64_msr_hypercall_contents
     (fate#320485).
   - drivers: hv: vmbus: Restructure the clockevents code (fate#320485).
   - drm/amdgpu: Fix overflow of watermark calcs at > 4k resolutions
     (bsc#1031717).
   - drm/bochs: Implement nomodeset (bsc#1047096).
   - drm/i915/fbdev: Stop repeating tile configuration on stagnation
     (bsc#1031717).
   - drm/i915: Fix scaler init during CRTC HW state readout (bsc#1031717).
   - drm/i915: Serialize GTT/Aperture accesses on BXT (bsc#1046821).
   - drm/virtio: do not leak bo on drm_gem_object_init failure (bsc#1047277).
   - drm/vmwgfx: Fix large topology crash (bsc#1048155).
   - drm/vmwgfx: Support topology greater than texture size (bsc#1048155).
   - Drop patches; obsoleted by 'scsi: Add STARGET_CREATE_REMOVE state'
   - efi/libstub: Skip GOP with PIXEL_BLT_ONLY format (bnc#974215).
   - ext2: Do not clear SGID when inheriting ACLs (bsc#1030552).
   - ext4: avoid unnecessary stalls in ext4_evict_inode() (bsc#1049486).
   - ext4: Do not clear SGID when inheriting ACLs (bsc#1030552).
   - ext4: handle the rest of ext4_mb_load_buddy() ENOMEM errors
     (bsc#1012829).
   - Fix kABI breakage by HD-audio bus caps extensions (bsc#1048356).
   - Fix kABI breakage by KVM CVE fix (bsc#1045922).
   - fs/fcntl: f_setown, avoid undefined behaviour (bnc#1006180).
   - fs: pass on flags in compat_writev (bsc#1050211).
   - fuse: initialize the flock flag in fuse_file on allocation (git-fixes).
   - gcov: add support for gcc version >= 6 (bsc#1051663).
   - gcov: support GCC 7.1 (bsc#1051663).
   - gfs2: fix flock panic issue (bsc#1012829).
   - hpsa: limit transfer length to 1MB (bsc#1025461).
   - hrtimer: Catch invalid clockids again (bsc#1047651).
   - hrtimer: Revert CLOCK_MONOTONIC_RAW support (bsc#1047651).
   - hv_netvsc: change netvsc device default duplex to FULL (fate#320485).
   - hv_netvsc: Exclude non-TCP port numbers from vRSS hashing (bsc#1048421).
   - hv_netvsc: Fix the carrier state error when data path is off
     (fate#320485).
   - hv_netvsc: Fix the queue index computation in forwarding case
     (bsc#1048421).
   - hv_netvsc: Remove unnecessary var link_state from struct
     netvsc_device_info (fate#320485).
   - hv: print extra debug in kvp_on_msg in error paths (bnc#1039153).
   - hv_utils: drop .getcrosststamp() support from PTP driver (fate#320485,
     bnc#1044112).
   - hv_utils: drop .getcrosststamp() support from PTP driver (fate#320485,
     bnc#1044112, bnc#1042778, bnc#1029693).
   - hv_utils: fix TimeSync work on pre-TimeSync-v4 hosts (fate#320485,
     bnc#1044112).
   - hv_utils: fix TimeSync work on pre-TimeSync-v4 hosts (fate#320485,
     bnc#1044112, bnc#1042778, bnc#1029693).
   - hv_util: switch to using timespec64 (fate#320485).
   - hwpoison, memcg: forcibly uncharge LRU pages (bnc#1046105).
   - hyperv: fix warning about missing prototype (fate#320485).
   - hyperv: netvsc: Neaten netvsc_send_pkt by using a temporary
     (fate#320485).
   - hyperv: remove unnecessary return variable (fate#320485).
   - i2c: designware-baytrail: fix potential null pointer dereference on dev
     (bsc#1011913).
   - i40e: add hw struct local variable (bsc#1039915).
   - i40e: add private flag to control source pruning (bsc#1034075).
   - i40e: add VSI info to macaddr messages (bsc#1039915).
   - i40e: avoid looping to check whether we're in VLAN mode (bsc#1039915).
   - i40e: avoid O(n^2) loop when deleting all filters (bsc#1039915).
   - i40e: delete filter after adding its replacement when converting
     (bsc#1039915).
   - i40e: do not add broadcast filter for VFs (bsc#1039915).
   - i40e: do not allow i40e_vsi_(add|kill)_vlan to operate when VID<1
     (bsc#1039915).
   - i40e: drop is_vf and is_netdev fields in struct i40e_mac_filter
     (bsc#1039915).
   - i40e: enable VSI broadcast promiscuous mode instead of adding broadcast
     filter (bsc#1039915).
   - i40e: factor out addition/deletion of VLAN per each MAC address
     (bsc#1039915).
   - i40e: fix ethtool to get EEPROM data from X722 interface (bsc#1047418).
   - i40e: fix MAC filters when removing VLANs (bsc#1039915).
   - i40e: fold the i40e_is_vsi_in_vlan check into i40e_put_mac_in_vlan
     (bsc#1039915).
   - i40e/i40evf: Fix use after free in Rx cleanup path (bsc#1051689).
   - i40e: implement __i40e_del_filter and use where applicable (bsc#1039915).
   - i40e: make use of __dev_uc_sync and __dev_mc_sync (bsc#1039915).
   - i40e: move all updates for VLAN mode into i40e_sync_vsi_filters
     (bsc#1039915).
   - i40e: move i40e_put_mac_in_vlan and i40e_del_mac_all_vlan (bsc#1039915).
   - i40e: no need to check is_vsi_in_vlan before calling
     i40e_del_mac_all_vlan (bsc#1039915).
   - i40e: properly cleanup on allocation failure in i40e_sync_vsi_filters
     (bsc#1039915).
   - i40e: recalculate vsi->active_filters from hash contents (bsc#1039915).
   - i40e: refactor i40e_put_mac_in_vlan to avoid changing f->vlan
     (bsc#1039915).
   - i40e: refactor i40e_update_filter_state to avoid passing aq_err
     (bsc#1039915).
   - i40e: refactor Rx filter handling (bsc#1039915).
   - i40e: Removal of workaround for simple MAC address filter deletion
     (bsc#1039915).
   - i40e: remove code to handle dev_addr specially (bsc#1039915).
   - i40e: removed unreachable code (bsc#1039915).
   - i40e: remove duplicate add/delete adminq command code for filters
     (bsc#1039915).
   - i40e: remove second check of VLAN_N_VID in i40e_vlan_rx_add_vid
     (bsc#1039915).
   - i40e: rename i40e_put_mac_in_vlan and i40e_del_mac_all_vlan
     (bsc#1039915).
   - i40e: restore workaround for removing default MAC filter (bsc#1039915).
   - i40e: set broadcast promiscuous mode for each active VLAN (bsc#1039915).
   - i40e: store MAC/VLAN filters in a hash with the MAC Address as key
     (bsc#1039915).
   - i40e: use (add|rm)_vlan_all_mac helper functions when changing PVID
     (bsc#1039915).
   - i40evf: fix merge error in older patch (bsc#1024346 FATE#321239
     bsc#1024373 FATE#321247).
   - i40e: when adding or removing MAC filters, correctly handle VLANs
     (bsc#1039915).
   - i40e: When searching all MAC/VLAN filters, ignore removed filters
     (bsc#1039915).
   - i40e: write HENA for VFs (bsc#1039915).
   - IB/hfi1: Wait for QSFP modules to initialize (bsc#1019151).
   - IB/iser: Fix connection teardown race condition (bsc#1050211).
   - ibmvnic: Check for transport event on driver resume (bsc#1051556,
     bsc#1052709).
   - ibmvnic: Initialize SCRQ's during login renegotiation (bsc#1052223).
   - ibmvnic: Report rx buffer return codes as netdev_dbg (bsc#1052794).
   - IB/rxe: Fix kernel panic from skb destructor (bsc#1049361).
   - iio: hid-sensor: fix return of -EINVAL on invalid values in ret or value
     (bsc#1031717).
   - include/linux/mmzone.h: simplify zone_intersects() (bnc#1047506).
   - input: gpio-keys - fix check for disabling unsupported keys
     (bsc#1031717).
   - introduce the walk_process_tree() helper (bnc#1022476).
   - iommu/amd: Add flush counters to struct dma_ops_domain (bsc#1045709).
   - iommu/amd: Add locking to per-domain flush-queue (bsc#1045709).
   - iommu/amd: Add new init-state IOMMU_CMDLINE_DISABLED (bsc#1045715).
   - iommu/amd: Add per-domain flush-queue data structures (bsc#1045709).
   - iommu/amd: Add per-domain timer to flush per-cpu queues (bsc#1045709).
   - iommu/amd: Check for error states first in iommu_go_to_state()
     (bsc#1045715).
   - iommu/amd: Constify irq_domain_ops (bsc#1045709).
   - iommu/amd: Disable IOMMUs at boot if they are enabled (bsc#1045715).
   - iommu/amd: Enable ga_log_intr when enabling guest_mode (bsc1052533).
   - iommu/amd: Fix interrupt remapping when disable guest_mode (bsc#1051471).
   - iommu/amd: Fix schedule-while-atomic BUG in initialization code
     (bsc1052533).
   - iommu/amd: Free already flushed ring-buffer entries before full-check
     (bsc#1045709).
   - iommu/amd: Free IOMMU resources when disabled on command line
     (bsc#1045715).
   - iommu/amd: Make use of the per-domain flush queue (bsc#1045709).
   - iommu/amd: Ratelimit io-page-faults per device (bsc#1045709).
   - iommu/amd: Reduce amount of MMIO when submitting commands (bsc#1045709).
   - iommu/amd: Reduce delay waiting for command buffer space (bsc#1045709).
   - iommu/amd: Remove amd_iommu_disabled check from amd_iommu_detect()
     (bsc#1045715).
   - iommu/amd: Remove queue_release() function (bsc#1045709).
   - iommu/amd: Rename free_on_init_error() (bsc#1045715).
   - iommu/amd: Rip out old queue flushing code (bsc#1045709).
   - iommu/amd: Set global pointers to NULL after freeing them (bsc#1045715).
   - iommu/amd: Suppress IO_PAGE_FAULTs in kdump kernel (bsc#1045715
     bsc#1043261).
   - iommu: Remove a patch because it caused problems for users. See
     bsc#1048348.
   - ipv4: Should use consistent conditional judgement for ip fragment in
     __ip_append_data and ip_finish_output (bsc#1041958).
   - ipv6: Should use consistent conditional judgement for ip6 fragment
     between __ip6_append_data and ip6_finish_output (bsc#1041958).
   - iw_cxgb4: Fix error return code in c4iw_rdev_open() (bsc#1026570).
   - iwlwifi: 8000: fix MODULE_FIRMWARE input (FATE#321353, FATE#323335).
   - iwlwifi: 9000: increase the number of queues (FATE#321353, FATE#323335).
   - iwlwifi: add device ID for 8265 (FATE#321353, FATE#323335).
   - iwlwifi: add device IDs for the 8265 device (FATE#321353, FATE#323335).
   - iwlwifi: add disable_11ac module param (FATE#321353, FATE#323335).
   - iwlwifi: add new 3168 series devices support (FATE#321353, FATE#323335).
   - iwlwifi: add new 8260 PCI IDs (FATE#321353, FATE#323335).
   - iwlwifi: add new 8265 (FATE#321353, FATE#323335).
   - iwlwifi: add new 8265 series PCI ID (FATE#321353, FATE#323335).
   - iwlwifi: Add new PCI IDs for 9260 and 5165 series (FATE#321353,
     FATE#323335).
   - iwlwifi: Add PCI IDs for the new 3168 series (FATE#321353, FATE#323335).
   - iwlwifi: Add PCI IDs for the new series 8165 (FATE#321353, FATE#323335).
   - iwlwifi: add support for 12K Receive Buffers (FATE#321353, FATE#323335).
   - iwlwifi: add support for getting HW address from CSR (FATE#321353,
     FATE#323335).
   - iwlwifi: avoid d0i3 commands when no/init ucode is loaded (FATE#321353,
     FATE#323335).
   - iwlwifi: bail out in case of bad trans state (FATE#321353, FATE#323335).
   - iwlwifi: block the queues when we send ADD_STA for uAPSD (FATE#321353,
     FATE#323335).
   - iwlwifi: change the Intel Wireless email address (FATE#321353,
     FATE#323335).
   - iwlwifi: change the Intel Wireless email address (FATE#321353,
     FATE#323335).
   - iwlwifi: check for valid ethernet address provided by OEM (FATE#321353,
     FATE#323335).
   - iwlwifi: clean up transport debugfs handling (FATE#321353, FATE#323335).
   - iwlwifi: clear ieee80211_tx_info->driver_data in the op_mode
     (FATE#321353, FATE#323335).
   - iwlwifi: Document missing module options (FATE#321353, FATE#323335).
   - iwlwifi: dump prph registers in a common place for all transports
     (FATE#321353, FATE#323335).
   - iwlwifi: dvm: advertise NETIF_F_SG (FATE#321353, FATE#323335).
   - iwlwifi: dvm: fix compare_const_fl.cocci warnings (FATE#321353,
     FATE#323335).
   - iwlwifi: dvm: handle zero brightness for wifi LED (FATE#321353,
     FATE#323335).
   - iwlwifi: dvm: remove a wrong dependency on m (FATE#321353, FATE#323335).
   - iwlwifi: dvm: remove Kconfig default (FATE#321353, FATE#323335).
   - iwlwifi: dvm: remove stray debug code (FATE#321353, FATE#323335).
   - iwlwifi: export the _no_grab version of PRPH IO functions (FATE#321353,
     FATE#323335).
   - iwlwifi: expose fw usniffer mode to more utilities (FATE#321353,
     FATE#323335).
   - iwlwifi: fix double hyphen in MODULE_FIRMWARE for 8000 (FATE#321353,
     FATE#323335).
   - iwlwifi: Fix firmware name maximum length definition (FATE#321353,
     FATE#323335).
   - iwlwifi: fix name of ucode loaded for 8265 series (FATE#321353,
     FATE#323335).
   - iwlwifi: fix printf specifier (FATE#321353, FATE#323335).
   - iwlwifi: generalize d0i3_entry_timeout module parameter (FATE#321353,
     FATE#323335).
   - iwlwifi: missing error code in iwl_trans_pcie_alloc() (bsc#1031717).
   - iwlwifi: mvm: adapt the firmware assert log to new firmware
     (FATE#321353, FATE#323335).
   - iwlwifi: mvm: add 9000-series RX API (FATE#321353, FATE#323335).
   - iwlwifi: mvm: add 9000 series RX processing (FATE#321353, FATE#323335).
   - iwlwifi: mvm: add a non-trigger window to fw dbg triggers (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: add an option to start rs from HT/VHT rates (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: Add a station in monitor mode (FATE#321353, FATE#323335).
   - iwlwifi: mvm: add bt rrc and ttc to debugfs (FATE#321353, FATE#323335).
   - iwlwifi: mvm: add bt settings to debugfs (FATE#321353, FATE#323335).
   - iwlwifi: mvm: add ctdp operations to debugfs (FATE#321353, FATE#323335).
   - iwlwifi: mvm: add CT-KILL notification (FATE#321353, FATE#323335).
   - iwlwifi: mvm: add debug print if scan config is ignored (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: add extended dwell time (FATE#321353, FATE#323335).
   - iwlwifi: mvm: add new ADD_STA command version (FATE#321353, FATE#323335).
   - iwlwifi: mvm: Add P2P client snoozing (FATE#321353, FATE#323335).
   - iwlwifi: mvm: add registration to cooling device (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: add registration to thermal zone (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: add support for negative temperatures (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: add tlv for multi queue rx support (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: add trigger for firmware dump upon TDLS events
     (FATE#321353, FATE#323335).
   - iwlwifi: mvm: add trigger for firmware dump upon TX response status
     (FATE#321353, FATE#323335).
   - iwlwifi: mvm: advertise NETIF_F_SG (FATE#321353, FATE#323335).
   - iwlwifi: mvm: Align bt-coex priority with requirements (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: allow to disable beacon filtering for AP/GO interface
     (FATE#321353, FATE#323335).
   - iwlwifi: mvm: avoid harmless -Wmaybe-uninialized warning (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: avoid panics with thermal device usage (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: avoid to WARN about gscan capabilities (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: bail out if CTDP start operation fails (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: bump firmware API to 21 (FATE#321353, FATE#323335).
   - iwlwifi: mvm: bump max API to 20 (FATE#321353, FATE#323335).
   - iwlwifi: mvm: change access to ieee80211_hdr (FATE#321353, FATE#323335).
   - iwlwifi: mvm: change iwl_mvm_get_key_sta_id() to return the station
     (FATE#321353, FATE#323335).
   - iwlwifi: mvm: change mcc update API (FATE#321353, FATE#323335).
   - iwlwifi: mvm: change name of iwl_mvm_d3_update_gtk (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: Change number of associated stations when station becomes
     associated (FATE#321353, FATE#323335).
   - iwlwifi: mvm: change protocol offload flows (FATE#321353, FATE#323335).
   - iwlwifi: mvm: change the check for ADD_STA status (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: check FW's response for nvm access write cmd (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: check iwl_mvm_wowlan_config_key_params() return value
     (FATE#321353, FATE#323335).
   - iwlwifi: mvm: check minimum temperature notification length
     (FATE#321353, FATE#323335).
   - iwlwifi: mvm: cleanup roc te on restart cleanup (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: compare full command ID (FATE#321353, FATE#323335).
   - iwlwifi: mvm: Configure fragmented scan for scheduled scan (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: configure scheduled scan according to traffic conditions
     (FATE#321353, FATE#323335).
   - iwlwifi: mvm: constify the parameters of a few functions in fw-dbg.c
     (FATE#321353, FATE#323335).
   - iwlwifi: mvm: Disable beacon storing in D3 when WOWLAN configured
     (FATE#321353, FATE#323335).
   - iwlwifi: mvm: disable DQA support (FATE#321353, FATE#323335).
   - iwlwifi: mvm: do not ask beacons when P2P GO vif and no assoc sta
     (FATE#321353, FATE#323335).
   - iwlwifi: mvm: do not keep an mvm ref when the interface is down
     (FATE#321353, FATE#323335).
   - iwlwifi: mvm: do not let NDPs mess the packet tracking (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: do not restart HW if suspend fails with unified image
     (FATE#321353, FATE#323335).
   - iwlwifi: mvm: Do not switch to D3 image on suspend (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: do not try to offload AES-CMAC in AP/IBSS modes
     (FATE#321353, FATE#323335).
   - iwlwifi: mvm: drop low_latency_agg_frame_cnt_limit (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: dump more registers upon error (FATE#321353, FATE#323335).
   - iwlwifi: mvm: dump the radio registers when the firmware crashes
     (FATE#321353, FATE#323335).
   - iwlwifi: mvm: enable L3 filtering (FATE#321353, FATE#323335).
   - iwlwifi: mvm: Enable MPLUT only on supported hw (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: enable VHT MU-MIMO for supported hardware (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: extend time event duration (FATE#321353, FATE#323335).
   - iwlwifi: mvm: fix accessing Null pointer during fw dump collection
     (FATE#321353, FATE#323335).
   - iwlwifi: mvm: fix d3_test with unified D0/D3 images (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: fix debugfs signedness warning (FATE#321353, FATE#323335).
   - iwlwifi: mvm: fix extended dwell time (FATE#321353, FATE#323335).
   - iwlwifi: mvm: fix incorrect fallthrough in iwl_mvm_check_running_scans()
     (FATE#321353, FATE#323335).
   - iwlwifi: mvm: fix memory leaks in error paths upon fw error dump
     (FATE#321353, FATE#323335).
   - iwlwifi: mvm: fix netdetect starting/stopping for unified images
     (FATE#321353, FATE#323335).
   - iwlwifi: mvm: fix RSS key sizing (FATE#321353, FATE#323335).
   - iwlwifi: mvm: fix unregistration of thermal in some error flows
     (FATE#321353, FATE#323335).
   - iwlwifi: mvm: flush all used TX queues before suspending (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: forbid U-APSD for P2P Client if the firmware does not
     support it (FATE#321353, FATE#323335).
   - iwlwifi: mvm: handle pass all scan reporting (FATE#321353, FATE#323335).
   - iwlwifi: mvm: ignore LMAC scan notifications when running UMAC scans
     (FATE#321353, FATE#323335).
   - iwlwifi: mvm: infrastructure for frame-release message (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: kill iwl_mvm_enable_agg_txq (FATE#321353, FATE#323335).
   - iwlwifi: mvm: let the firmware choose the antenna for beacons
     (FATE#321353, FATE#323335).
   - iwlwifi: mvm: make collecting fw debug data optional (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: move fw-dbg code to separate file (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: only release the trans ref if d0i3 is supported in fw
     (FATE#321353, FATE#323335).
   - iwlwifi: mvm: prepare the code towards TSO implementation (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: refactor d3 key update functions (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: refactor the way fw_key_table is handled (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: remove an extra tab (FATE#321353, FATE#323335).
   - iwlwifi: mvm: Remove bf_vif from iwl_power_vifs (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: Remove iwl_mvm_update_beacon_abort (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: remove redundant d0i3 flag from the config struct
     (FATE#321353, FATE#323335).
   - iwlwifi: mvm: remove shadowing variable (FATE#321353, FATE#323335).
   - iwlwifi: mvm: remove stray nd_config element (FATE#321353, FATE#323335).
   - iwlwifi: mvm: remove the vif parameter of
     iwl_mvm_configure_bcast_filter() (FATE#321353, FATE#323335).
   - iwlwifi: mvm: remove unnecessary check in iwl_mvm_is_d0i3_supported()
     (FATE#321353, FATE#323335).
   - iwlwifi: mvm: remove useless WARN_ON and rely on cfg80211's combination
     (FATE#321353, FATE#323335).
   - iwlwifi: mvm: report wakeup for wowlan (FATE#321353, FATE#323335).
   - iwlwifi: mvm: reset mvm->scan_type when firmware is started
     (FATE#321353, FATE#323335).
   - iwlwifi: mvm: reset the fw_dump_desc pointer after ASSERT (bsc#1031717).
   - iwlwifi: mvm: return the cooling state index instead of the budget
     (FATE#321353, FATE#323335).
   - iwlwifi: mvm: ROC: cleanup time event info on FW failure (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: ROC: Extend the ROC max delay duration & limit ROC
     duration (FATE#321353, FATE#323335).
   - iwlwifi: mvm: rs: fix a potential out of bounds access (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: rs: fix a theoretical access to uninitialized array
     elements (FATE#321353, FATE#323335).
   - iwlwifi: mvm: rs: fix a warning message (FATE#321353, FATE#323335).
   - iwlwifi: mvm: rs: fix TPC action decision algorithm (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: rs: fix TPC statistics handling (FATE#321353, FATE#323335).
   - iwlwifi: mvm: Send power command on BSS_CHANGED_BEACON_INFO if needed
     (FATE#321353, FATE#323335).
   - iwlwifi: mvm: set default new STA as non-aggregated (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: set the correct amsdu enum values (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: set the correct descriptor size for tracing (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: small update in the firmware API (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: support A-MSDU in A-MPDU (FATE#321353, FATE#323335).
   - iwlwifi: mvm: support beacon storing (FATE#321353, FATE#323335).
   - iwlwifi: mvm: support description for user triggered fw dbg collection
     (FATE#321353, FATE#323335).
   - iwlwifi: mvm: support rss queues configuration command (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: Support setting continuous recording debug mode
     (FATE#321353, FATE#323335).
   - iwlwifi: mvm: support setting minimum quota from debugfs (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: support sw queue start/stop from mvm (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: synchronize firmware DMA paging memory (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: take care of padded packets (FATE#321353, FATE#323335).
   - iwlwifi: mvm: take the transport ref back when leaving (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: track low-latency sources separately (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: unconditionally stop device after init (bsc#1031717).
   - iwlwifi: mvm: unmap the paging memory before freeing it (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: update GSCAN capabilities (FATE#321353, FATE#323335).
   - iwlwifi: mvm: update ucode status before stopping device (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: use build-time assertion for fw trigger ID (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: use firmware station lookup, combine code (FATE#321353,
     FATE#323335).
   - iwlwifi: mvm: various trivial cleanups (FATE#321353, FATE#323335).
   - iwlwifi: mvm: writing zero bytes to debugfs causes a crash (FATE#321353,
     FATE#323335).
   - iwlwifi: nvm: fix loading default NVM file (FATE#321353, FATE#323335).
   - iwlwifi: nvm: fix up phy section when reading it (FATE#321353,
     FATE#323335).
   - iwlwifi: pcie: add 9000 series multi queue rx DMA support (FATE#321353,
     FATE#323335).
   - iwlwifi: pcie: add infrastructure for multi-queue rx (FATE#321353,
     FATE#323335).
   - iwlwifi: pcie: add initial RTPM support for PCI (FATE#321353,
     FATE#323335).
   - iwlwifi: pcie: Add new configuration to enable MSIX (FATE#321353,
     FATE#323335).
   - iwlwifi: pcie: add pm_prepare and pm_complete ops (FATE#321353,
     FATE#323335).
   - iwlwifi: pcie: add RTPM support when wifi is enabled (FATE#321353,
     FATE#323335).
   - iwlwifi: pcie: aggregate Flow Handler configuration writes (FATE#321353,
     FATE#323335).
   - iwlwifi: pcie: allow the op_mode to block the tx queues (FATE#321353,
     FATE#323335).
   - iwlwifi: pcie: allow to pretend to have Tx CSUM for debug (FATE#321353,
     FATE#323335).
   - iwlwifi: pcie: avoid restocks inside rx loop if not emergency
     (FATE#321353, FATE#323335).
   - iwlwifi: pcie: buffer packets to avoid overflowing Tx queues
     (FATE#321353, FATE#323335).
   - iwlwifi: pcie: build an A-MSDU using TSO core (FATE#321353, FATE#323335).
   - iwlwifi: pcie: configure more RFH settings (FATE#321353, FATE#323335).
   - iwlwifi: pcie: detect and workaround invalid write ptr behavior
     (FATE#321353, FATE#323335).
   - iwlwifi: pcie: do not increment / decrement a bool (FATE#321353,
     FATE#323335).
   - iwlwifi: pcie: enable interrupts before releasing the NIC's CPU
     (FATE#321353, FATE#323335).
   - iwlwifi: pcie: enable multi-queue rx path (FATE#321353, FATE#323335).
   - iwlwifi: pcie: extend device reset delay (FATE#321353, FATE#323335).
   - iwlwifi: pcie: fine tune number of rxbs (FATE#321353, FATE#323335).
   - iwlwifi: pcie: fix a race in firmware loading flow (FATE#321353,
     FATE#323335).
   - iwlwifi: pcie: fix command completion name debug (bsc#1031717).
   - iwlwifi: pcie: fix erroneous return value (FATE#321353, FATE#323335).
   - iwlwifi: pcie: fix global table size (FATE#321353, FATE#323335).
   - iwlwifi: pcie: fix identation in trans.c (FATE#321353, FATE#323335).
   - iwlwifi: pcie: fix RF-Kill vs. firmware load race (FATE#321353,
     FATE#323335).
   - iwlwifi: pcie: forbid RTPM on device removal (FATE#321353, FATE#323335).
   - iwlwifi: pcie: mark command queue lock with separate lockdep class
     (FATE#321353, FATE#323335).
   - iwlwifi: pcie: prevent skbs shadowing in iwl_trans_pcie_reclaim
     (FATE#321353, FATE#323335).
   - iwlwifi: pcie: refactor RXBs reclaiming code (FATE#321353, FATE#323335).
   - iwlwifi: pcie: remove ICT allocation message (FATE#321353, FATE#323335).
   - iwlwifi: pcie: remove pointer from debug message (FATE#321353,
     FATE#323335).
   - iwlwifi: pcie: re-organize code towards TSO (FATE#321353, FATE#323335).
   - iwlwifi: pcie: set RB chunk size back to 64 (FATE#321353, FATE#323335).
   - iwlwifi: pcie: update iwl_mpdu_desc fields (FATE#321353, FATE#323335).
   - iwlwifi: print index in api/capa flags parsing message (FATE#321353,
     FATE#323335).
   - iwlwifi: refactor the code that reads the MAC address from the NVM
     (FATE#321353, FATE#323335).
   - iwlwifi: remove IWL_DL_LED (FATE#321353, FATE#323335).
   - iwlwifi: remove unused parameter from grab_nic_access (FATE#321353,
     FATE#323335).
   - iwlwifi: replace d0i3_mode and wowlan_d0i3 with more generic variables
     (FATE#321353, FATE#323335).
   - iwlwifi: set max firmware version of 7265 to 17 (FATE#321353,
     FATE#323335).
   - iwlwifi: support ucode with d0 unified image - regular and usniffer
     (FATE#321353, FATE#323335).
   - iwlwifi: trans: make various conversion macros inlines (FATE#321353,
     FATE#323335).
   - iwlwifi: trans: support a callback for ASYNC commands (FATE#321353,
     FATE#323335).
   - iwlwifi: treat iwl_parse_nvm_data() MAC addr as little endian
     (FATE#321353, FATE#323335).
   - iwlwifi: tt: move ucode_loaded check under mutex (FATE#321353,
     FATE#323335).
   - iwlwifi: uninline iwl_trans_send_cmd (FATE#321353, FATE#323335).
   - iwlwifi: update host command messages to new format (FATE#321353,
     FATE#323335).
   - iwlwifi: Update PCI IDs for 8000 and 9000 series (FATE#321353,
     FATE#323335).
   - iwlwifi: update support for 3168 series firmware and NVM (FATE#321353,
     FATE#323335).
   - iwlwifi: various comments and code cleanups (FATE#321353, FATE#323335).
   - kABI-fix for "x86/panic: replace smp_send_stop() with kdump friendly
     version in panic path" (bsc#1051478).
   - kABI: protect lwtunnel include in ip6_route.h (kabi).
   - KABI protect struct acpi_nfit_desc (bsc#1052325).
   - kABI: protect struct iscsi_tpg_attrib (kabi).
   - kABI: protect struct se_lun (kabi).
   - kABI: protect struct tpm_chip (kabi).
   - kABI: protect struct xfrm_dst (kabi).
   - kABI: protect struct xfrm_dst (kabi).
   - kabi/severities: add drivers/scsi/hisi_sas to kabi severities
   - kabi/severities: ignore kABi changes in iwlwifi stuff itself
   - kvm: nVMX: fix msr bitmaps to prevent L2 from accessing L0 x2APIC
     (bsc#1051478).
   - kvm: nVMX: Fix nested_vmx_check_msr_bitmap_controls (bsc#1051478).
   - kvm: nVMX: Fix nested VPID vmx exec control (bsc#1051478).
   - kvm: x86: avoid simultaneous queueing of both IRQ and SMI (bsc#1051478).
   - libnvdimm: fix badblock range handling of ARS range (bsc#1023175).
   - libnvdimm: fix badblock range handling of ARS range (bsc#1051048).
   - libnvdimm, pmem: fix a NULL pointer BUG in nd_pmem_notify (bsc#1023175).
   - libnvdimm, pmem: fix a NULL pointer BUG in nd_pmem_notify (bsc#1048919).
   - libnvdimm, region: fix flush hint detection crash (bsc#1048919).
   - lightnvm: fix "warning: ‘ret’ may be used uninitialized"
     (FATE#319466).
   - mac80211_hwsim: Replace bogus hrtimer clockid (bsc#1047651).
   - md-cluster: Fix a memleak in an error handling path (bsc#1049289).
   - md: do not return -EAGAIN in md_allow_write for external metadata arrays
     (bsc#1047174).
   - md: fix sleep in atomic (bsc#1040351).
   - mm: call page_ext_init() after all struct pages are initialized (VM
     Debugging Functionality, bsc#1047048).
   - mm: fix classzone_idx underflow in shrink_zones() (VM Functionality,
     bsc#1042314).
   - mm: make PR_SET_THP_DISABLE immediately active (bnc#1048891).
   - mm, memory_hotplug: get rid of is_zone_device_section fix (bnc#1047595).
   - mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack
     (bnc#1039348).
   - mwifiex: do not update MCS set from hostapd (bsc#1031717).
   - net: account for current skb length when deciding about UFO
     (bsc#1041958).
   - net: add netdev_lockdep_set_classes() helper (fate#320485).
   - net: ena: add hardware hints capability to the driver (bsc#1047121).
   - net: ena: add hardware hints capability to the driver (bsc#1047121).
   - net: ena: add missing return when ena_com_get_io_handlers() fails
     (bsc#1047121).
   - net: ena: add missing return when ena_com_get_io_handlers() fails
     (bsc#1047121).
   - net: ena: add missing unmap bars on device removal (bsc#1047121).
   - net: ena: add missing unmap bars on device removal (bsc#1047121).
   - net: ena: add reset reason for each device FLR (bsc#1047121).
   - net: ena: add reset reason for each device FLR (bsc#1047121).
   - net: ena: add support for out of order rx buffers refill (bsc#1047121).
   - net: ena: add support for out of order rx buffers refill (bsc#1047121).
   - net: ena: allow the driver to work with small number of msix vectors
     (bsc#1047121).
   - net: ena: allow the driver to work with small number of msix vectors
     (bsc#1047121).
   - net: ena: bug fix in lost tx packets detection mechanism (bsc#1047121).
   - net: ena: bug fix in lost tx packets detection mechanism (bsc#1047121).
   - net: ena: change return value for unsupported features unsupported
     return value (bsc#1047121).
   - net: ena: change return value for unsupported features unsupported
     return value (bsc#1047121).
   - net: ena: change sizeof() argument to be the type pointer (bsc#1047121).
   - net: ena: change sizeof() argument to be the type pointer (bsc#1047121).
   - net: ena: disable admin msix while working in polling mode (bsc#1047121).
   - net: ena: disable admin msix while working in polling mode (bsc#1047121).
   - net: ena: fix bug that might cause hang after consecutive open/close
     interface (bsc#1047121).
   - net: ena: fix bug that might cause hang after consecutive open/close
     interface (bsc#1047121).
   - net: ena: fix race condition between submit and completion admin command
     (bsc#1047121).
   - net: ena: fix race condition between submit and completion admin command
     (bsc#1047121).
   - net: ena: fix rare uncompleted admin command false alarm (bsc#1047121).
   - net: ena: fix rare uncompleted admin command false alarm (bsc#1047121).
   - net: ena: fix theoretical Rx hang on low memory systems (bsc#1047121).
   - net: ena: fix theoretical Rx hang on low memory systems (bsc#1047121).
   - net: ena: separate skb allocation to dedicated function (bsc#1047121).
   - net: ena: separate skb allocation to dedicated function (bsc#1047121).
   - net/ena: switch to pci_alloc_irq_vectors (bsc#1047121).
   - net: ena: update driver's rx drop statistics (bsc#1047121).
   - net: ena: update driver's rx drop statistics (bsc#1047121).
   - net: ena: update ena driver to version 1.1.7 (bsc#1047121).
   - net: ena: update ena driver to version 1.1.7 (bsc#1047121).
   - net: ena: update ena driver to version 1.2.0 (bsc#1047121).
   - net: ena: update ena driver to version 1.2.0 (bsc#1047121).
   - net: ena: use lower_32_bits()/upper_32_bits() to split dma address
     (bsc#1047121).
   - net: ena: use lower_32_bits()/upper_32_bits() to split dma address
     (bsc#1047121).
   - net: ena: use napi_schedule_irqoff when possible (bsc#1047121).
   - net: ena: use napi_schedule_irqoff when possible (bsc#1047121).
   - net: handle NAPI_GRO_FREE_STOLEN_HEAD case also in napi_frags_finish()
     (bsc#1042286).
   - net: hns: Bugfix for Tx timeout handling in hns driver (bsc#1048451).
   - net: hyperv: use new api ethtool_{get|set}_link_ksettings (fate#320485).
   - net/mlx4_core: Fixes missing capability bit in flags2 capability dump
     (bsc#1015337).
   - net/mlx4_core: Fix namespace misalignment in QinQ VST support commit
     (bsc#1015337).
   - net/mlx4_core: Fix sl_to_vl_change bit offset in flags2 dump
     (bsc#1015337).
   - net/mlx5: Cancel delayed recovery work when unloading the driver
     (bsc#1015342).
   - net/mlx5: Clean SRIOV eswitch resources upon VF creation failure
     (bsc#1015342).
   - net/mlx5: Consider tx_enabled in all modes on remap (bsc#1015342).
   - net/mlx5e: Add field select to MTPPS register (bsc#1015342).
   - net/mlx5e: Add missing support for PTP_CLK_REQ_PPS request (bsc#1015342).
   - net/mlx5e: Change 1PPS out scheme (bsc#1015342).
   - net/mlx5e: Fix broken disable 1PPS flow (bsc#1015342).
   - net/mlx5e: Fix outer_header_zero() check size (bsc#1015342).
   - net/mlx5e: Fix TX carrier errors report in get stats ndo (bsc#1015342).
   - net/mlx5e: Initialize CEE's getpermhwaddr address buffer to 0xff
     (bsc#1015342).
   - net/mlx5e: Rename physical symbol errors counter (bsc#1015342).
   - net/mlx5: Fix driver load error flow when firmware is stuck (git-fixes).
   - net/mlx5: Fix mlx5_add_flow_rules call with correct num of dests
     (bsc#1015342).
   - net/mlx5: Fix mlx5_ifc_mtpps_reg_bits structure size (bsc#1015342).
   - net/mlx5: Fix offset of hca cap reserved field (bsc#1015342).
   - net: phy: Do not perform software reset for Generic PHY (bsc#1042286).
   - netvsc: add comments about callback's and NAPI (fate#320485).
   - netvsc: Add #include's for csum_* function declarations (fate#320485).
   - netvsc: add rtnl annotations in rndis (fate#320485).
   - netvsc: add some rtnl_dereference annotations (fate#320485).
   - netvsc: avoid race with callback (fate#320485).
   - netvsc: change logic for change mtu and set_queues (fate#320485).
   - netvsc: change max channel calculation (fate#320485).
   - netvsc: change order of steps in setting queues (fate#320485).
   - netvsc: Deal with rescinded channels correctly (fate#320485).
   - netvsc: do not access netdev->num_rx_queues directly (fate#320485).
   - netvsc: do not overload variable in same function (fate#320485).
   - netvsc: do not print pointer value in error message (fate#320485).
   - netvsc: eliminate unnecessary skb == NULL checks (fate#320485).
   - netvsc: enable GRO (fate#320485).
   - netvsc: Fix a bug in sub-channel handling (fate#320485).
   - netvsc: fix and cleanup rndis_filter_set_packet_filter (fate#320485).
   - netvsc: fix calculation of available send sections (fate#320485).
   - netvsc: fix dereference before null check errors (fate#320485).
   - netvsc: fix error unwind on device setup failure (fate#320485).
   - netvsc: fix hang on netvsc module removal (fate#320485).
   - netvsc: fix NAPI performance regression (fate#320485).
   - netvsc: fix net poll mode (fate#320485).
   - netvsc: fix netvsc_set_channels (fate#320485).
   - netvsc: fix ptr_ret.cocci warnings (fate#320485).
   - netvsc: fix rcu dereference warning from ethtool (fate#320485).
   - netvsc: fix RCU warning in get_stats (fate#320485).
   - netvsc: fix return value for set_channels (fate#320485).
   - netvsc: fix rtnl deadlock on unregister of vf (fate#320485, bsc#1052442).
   - netvsc: fix use after free on module removal (fate#320485).
   - netvsc: fix warnings reported by lockdep (fate#320485).
   - netvsc: fold in get_outbound_net_device (fate#320485).
   - netvsc: force link update after MTU change (fate#320485).
   - netvsc: handle offline mtu and channel change (fate#320485).
   - netvsc: implement NAPI (fate#320485).
   - netvsc: include rtnetlink.h (fate#320485).
   - netvsc: Initialize all channel related state prior to opening the
     channel (fate#320485).
   - netvsc: make sure and unregister datapath (fate#320485, bsc#1052899).
   - netvsc: make sure napi enabled before vmbus_open (fate#320485).
   - netvsc: mark error cases as unlikely (fate#320485).
   - netvsc: move filter setting to rndis_device (fate#320485).
   - netvsc: need napi scheduled during removal (fate#320485).
   - netvsc: need rcu_derefence when accessing internal device info
     (fate#320485).
   - netvsc: optimize calculation of number of slots (fate#320485).
   - netvsc: optimize receive completions (fate#320485).
   - netvsc: pass net_device to netvsc_init_buf and netvsc_connect_vsp
     (fate#320485).
   - netvsc: prefetch the first incoming ring element (fate#320485).
   - netvsc: Properly initialize the return value (fate#320485).
   - netvsc: remove bogus rtnl_unlock (fate#320485).
   - netvsc: remove no longer used max_num_rss queues (fate#320485).
   - netvsc: Remove redundant use of ipv6_hdr() (fate#320485).
   - netvsc: remove unnecessary indirection of page_buffer (fate#320485).
   - netvsc: remove unnecessary lock on shutdown (fate#320485).
   - netvsc: remove unused #define (fate#320485).
   - netvsc: replace netdev_alloc_skb_ip_align with napi_alloc_skb
     (fate#320485).
   - netvsc: save pointer to parent netvsc_device in channel table
     (fate#320485).
   - netvsc: signal host if receive ring is emptied (fate#320485).
   - netvsc: transparent VF management (fate#320485, bsc#1051979).
   - netvsc: use ERR_PTR to avoid dereference issues (fate#320485).
   - netvsc: use hv_get_bytes_to_read (fate#320485).
   - netvsc: use napi_consume_skb (fate#320485).
   - netvsc: use RCU to protect inner device structure (fate#320485).
   - netvsc: uses RCU instead of removal flag (fate#320485).
   - netvsc: use typed pointer for internal state (fate#320485).
   - nfs: Cache aggressively when file is open for writing (bsc#1033587).
   - nfs: Do not flush caches for a getattr that races with writeback
     (bsc#1033587).
   - nfs: invalidate file size when taking a lock (git-fixes).
   - nfs: only invalidate dentrys that are clearly invalid (bsc#1047118).
   - nfs: Optimize fallocate by refreshing mapping when needed (git-fixes).
   - nvme: add hostid token to fabric options (bsc#1045293).
   - nvme: also provide a UUID in the WWID sysfs attribute (bsc#1048146).
   - nvme: fabrics commands should use the fctype field for data direction
     (bsc#1043805).
   - nvme-pci: fix CMB sysfs file removal in reset path (bsc#1050211).
   - nvme/pci: Fix stuck nvme reset (bsc#1043805).
   - nvmet: identify controller: improve standard compliance (bsc#1048146).
   - nvme: wwid_show: strip trailing 0-bytes (bsc#1048146).
   - ocfs2: Do not clear SGID when inheriting ACLs (bsc#1030552).
   - ocfs2: fix deadlock caused by recursive locking in xattr (bsc#1012829).
   - ocfs2: Make ocfs2_set_acl() static (bsc#1030552).
   - pci: Add Mellanox device IDs (bsc#1051478).
   - pci: Convert Mellanox broken INTx quirks to be for listed devices only
     (bsc#1051478).
   - pci: Correct PCI_STD_RESOURCE_END usage (bsc#1051478).
   - pci: dwc: dra7xx: Use RW1C for IRQSTATUS_MSI and IRQSTATUS_MAIN
     (bsc#1051478).
   - pci: dwc: Fix uninitialized variable in dw_handle_msi_irq()
     (bsc#1051478).
   - pci: Enable ECRC only if device supports it (bsc#1051478).
   - pci: hv: Allocate interrupt descriptors with GFP_ATOMIC (fate#320295,
     bnc#1034113).
   - pci: hv: Lock PCI bus on device eject (fate#320295, bnc#1034113).
     Replaces a change for (bnc#998664)
   - pci/msi: fix the pci_alloc_irq_vectors_affinity stub (bsc#1050211).
   - pci/msi: Ignore affinity if pre/post vector count is more than min_vecs
     (1050211).
   - pci/pm: Fix native PME handling during system suspend/resume
     (bsc#1051478).
   - pci: Support INTx masking on ConnectX-4 with firmware x.14.1100+
     (bsc#1051478).
   - perf/x86: Fix spurious NMI with PEBS Load Latency event (bsc#1051478).
   - perf/x86/intel: Cure bogus unwind from PEBS entries (bsc#1051478).
   - perf/x86/intel: Fix PEBSv3 record drain (bsc#1051478).
   - pipe: cap initial pipe capacity according to pipe-max-size limit
     (bsc#1045330).
   - platform/x86: ideapad-laptop: Add IdeaPad 310-15IKB to no_hw_rfkill
     (bsc#1051022).
   - platform/x86: ideapad-laptop: Add IdeaPad V310-15ISK to no_hw_rfkill
     (bsc#1051022).
   - platform/x86: ideapad-laptop: Add IdeaPad V510-15IKB to no_hw_rfkill
     (bsc#1051022).
   - platform/x86: ideapad-laptop: Add Lenovo Yoga 910-13IKB to no_hw_rfkill
     dmi list (bsc#1051022).
   - platform/x86: ideapad-laptop: Add several models to no_hw_rfkill
     (bsc#1051022).
   - platform/x86: ideapad-laptop: Add Y520-15IKBN to no_hw_rfkill
     (bsc#1051022).
   - platform/x86: ideapad-laptop: Add Y700 15-ACZ to no_hw_rfkill DMI list
     (bsc#1051022).
   - platform/x86: ideapad-laptop: Add Y720-15IKBN to no_hw_rfkill
     (bsc#1051022).
   - pm / Hibernate: Fix scheduling while atomic during hibernation
     (bsc#1051059).
   - powerpc: Add POWER9 architected mode to cputable (bsc#1048916,
     fate#321439).
   - powerpc/fadump: Add a warning when 'fadump_reserve_mem=' is used
     (bsc#1049231).
   - powerpc/ftrace: Pass the correct stack pointer for
     DYNAMIC_FTRACE_WITH_REGS (FATE#322421).
   - powerpc/perf: Fix branch event code for power9 (fate#321438,  Pending
     SUSE Kernel Fixes).
   - powerpc/perf: Fix oops when kthread execs user process
   - powerpc/perf: Fix SDAR_MODE value for continous sampling on Power9
     (bsc#1053043 (git-fixes)).
   - powerpc: Support POWER9 in architected mode (bsc#1048916, fate#321439).
   - powerpc/tm: Fix saving of TM SPRs in core dump (fate#318470, git-fixes
     08e1c01d6aed).
   - prctl: propagate has_child_subreaper flag to every descendant
     (bnc#1022476).
   - printk: Correctly handle preemption in console_unlock() (bsc#1046434).
   - printk/xen: Force printk sync mode when migrating Xen guest
     (bsc#1043347).
   - qed: Add missing static/local dcbx info (bsc#1019695).
   - qed: Correct print in iscsi error-flow (bsc#1019695).
   - qeth: fix L3 next-hop im xmit qeth hdr (bnc#1052773, LTC#157374).
   - rbd: drop extra rbd_img_request_get (bsc#1045596).
   - rbd: make sure pages are freed by libceph (bsc#1045596).
   - rdma/bnxt_re: checking for NULL instead of IS_ERR() (bsc#1052925).
   - rdma/iw_cxgb4: Always wake up waiter in c4iw_peer_abort_intr()
     (bsc#1026570).
   - rdma/mlx5: Fix existence check for extended address vector (bsc#1015342).
   - rdma/qedr: Prevent memory overrun in verbs' user responses (bsc#1022604
     FATE#321747).
   - reiserfs: Do not clear SGID when inheriting ACLs (bsc#1030552).
   - Remove upstream commit e14b4db7a567 netvsc: fix race during
     initialization will be replaced by following changes
   - reorder upstream commit d0c2c9973ecd net: use core MTU range checking in
     virt drivers
   - Revert "ACPI / video: Add force_native quirk for HP Pavilion dv6"
     (bsc#1031717).
   - Revert "Add "shutdown" to "struct class"." (kabi).
   - Revert "KVM: x86: fix emulation of RSM and IRET instructions" (kabi).
   - Revert "Make file credentials available to the seqfile interfaces"
     (kabi).
   - Revert "mm/list_lru.c: fix list_lru_count_node() to be race free" (kabi).
   - Revert "netvsc: optimize calculation of number of slots" (fate#320485).
   - Revert "powerpc/numa: Fix percpu allocations to be NUMA aware"
     (bsc#1048914).
   - Revert "powerpc/numa: Fix percpu allocations to be NUMA aware"
     (bsc#1048914).
   - Revert "/proc/iomem: only expose physical resource addresses to
     privileged users" (kabi).
   - Revert "tpm: Issue a TPM2_Shutdown for TPM2 devices." (kabi).
   - rpm/kernel-binary.spec.in: find-debuginfo.sh should not touch build-id
     This needs rpm-4.14+ (bsc#964063).
   - s390/crash: Remove unused KEXEC_NOTE_BYTES (bsc#1049706).
   - s390/kdump: remove code to create ELF notes in the crashed system
     (bsc#1049706).
   - sched/core: Allow __sched_setscheduler() in interrupts when PI is not
     used (bnc#1022476).
   - sched/debug: Print the scheduler topology group mask (bnc#1022476).
   - sched/fair, cpumask: Export for_each_cpu_wrap() (bnc#1022476).
   - sched/fair: Fix O(nr_cgroups) in load balance path (bnc#1022476).
   - sched/fair: Use task_groups instead of leaf_cfs_rq_list to walk all
     cfs_rqs (bnc#1022476).
   - sched/topology: Add sched_group_capacity debugging (bnc#1022476).
   - sched/topology: Fix building of overlapping sched-groups (bnc#1022476).
   - sched/topology: Fix overlapping sched_group_capacity (bnc#1022476).
   - sched/topology: Move comment about asymmetric node setups (bnc#1022476).
   - sched/topology: Refactor function build_overlap_sched_groups()
     (bnc#1022476).
   - sched/topology: Remove FORCE_SD_OVERLAP (bnc#1022476).
   - sched/topology: Simplify build_overlap_sched_groups() (bnc#1022476).
   - sched/topology: Small cleanup (bnc#1022476).
   - sched/topology: Verify the first group matches the child domain
     (bnc#1022476).
   - scsi: aacraid: Do not copy uninitialized stack memory to userspace
     (bsc#1048912).
   - scsi: aacraid: fix leak of data from stack back to userspace
     (bsc#1048912).
   - scsi: aacraid: fix PCI error recovery path (bsc#1048912).
   - scsi: Add STARGET_CREATE_REMOVE state to scsi_target_state (bsc#1013887).
   - scsi: bnx2i: missing error code in bnx2i_ep_connect() (bsc#1048221).
   - scsi: bnx2i: missing error code in bnx2i_ep_connect() (bsc#1048221).
   - scsi_devinfo: fixup string compare (bsc#1037404).
   - scsi_dh_alua: suppress errors from unsupported devices (bsc#1038792).
   - scsi: hisi_sas: add pci_dev in hisi_hba struct (bsc#1049298).
   - scsi: hisi_sas: add v2 hw internal abort timeout workaround
     (bsc#1049298).
   - scsi: hisi_sas: controller reset for multi-bits ECC and AXI fatal errors
     (bsc#1049298).
   - scsi: hisi_sas: fix NULL deference when TMF timeouts (bsc#1049298).
   - scsi: hisi_sas: fix timeout check in hisi_sas_internal_task_abort()
     (bsc#1049298).
   - scsi: hisi_sas: optimise DMA slot memory (bsc#1049298).
   - scsi: hisi_sas: optimise the usage of hisi_hba.lock (bsc#1049298).
   - scsi: hisi_sas: relocate get_ata_protocol() (bsc#1049298).
   - scsi: hisi_sas: workaround a SoC SATA IO processing bug (bsc#1049298).
   - scsi: hisi_sas: workaround SoC about abort timeout bug (bsc#1049298).
   - scsi: hisi_sas: workaround STP link SoC bug (bsc#1049298).
   - scsi: kABI fix for new state STARGET_CREATED_REMOVE (bsc#1013887).
   - scsi: lpfc: Add auto EQ delay logic (bsc#1042257).
   - scsi: lpfc: Added recovery logic for running out of NVMET IO context
     resources (bsc#1037838).
   - scsi: lpfc: Adding additional stats counters for nvme (bsc#1037838).
   - scsi: lpfc: Add MDS Diagnostic support (bsc#1037838).
   - scsi: lpfc: Cleanup entry_repost settings on SLI4 queues (bsc#1037838).
   - scsi: lpfc: do not double count abort errors (bsc#1048912).
   - scsi: lpfc: Driver responds LS_RJT to Beacon Off ELS - Linux
     (bsc#1044623).
   - scsi: lpfc: Fix crash after firmware flash when IO is running
     (bsc#1044623).
   - scsi: lpfc: Fix crash doing IO with resets (bsc#1044623).
   - scsi: lpfc: Fix crash in lpfc_sli_ringtxcmpl_put when nvmet gets an
     abort request (bsc#1044623).
   - scsi: lpfc: Fix debugfs root inode "lpfc" not getting deleted on driver
     unload (bsc#1037838).
   - scsi: lpfc: Fix defects reported by Coverity Scan (bsc#1042257).
   - scsi: lpfc: fix linking against modular NVMe support (bsc#1048912).
   - scsi: lpfc: Fix NMI watchdog assertions when running nvmet IOPS tests
     (bsc#1037838).
   - scsi: lpfc: Fix NVMEI driver not decrementing counter causing bad rport
     state (bsc#1037838).
   - scsi: lpfc: Fix nvme io stoppage after link bounce (bsc#1045404).
   - scsi: lpfc: Fix NVMEI's handling of NVMET's PRLI response attributes
     (bsc#1037838).
   - scsi: lpfc: Fix NVME I+T not registering NVME as a supported FC4 type
     (bsc#1037838).
   - scsi: lpfc: Fix nvmet RQ resource needs for large block writes
     (bsc#1037838).
   - scsi: lpfc: fix refcount error on node list (bsc#1045404).
   - scsi: lpfc: Fix SLI3 drivers attempting NVME ELS commands (bsc#1044623).
   - scsi: lpfc: Fix system crash when port is reset (bsc#1037838).
   - scsi: lpfc: Fix system panic when express lane enabled (bsc#1044623).
   - scsi: lpfc: Fix used-RPI accounting problem (bsc#1037838).
   - scsi: lpfc: Reduce time spent in IRQ for received NVME commands
     (bsc#1044623).
   - scsi: lpfc: Separate NVMET data buffer pool fir ELS/CT (bsc#1037838).
   - scsi: lpfc: Separate NVMET RQ buffer posting from IO resources
     SGL/iocbq/context (bsc#1037838).
   - scsi: lpfc: update to revision to 11.4.0.1 (bsc#1044623).
   - scsi: lpfc: update version to 11.2.0.14 (bsc#1037838).
   - scsi: lpfc: Vport creation is failing with "Link Down" error
     (bsc#1044623).
   - scsi: qedf: Fix a return value in case of error in
     'qedf_alloc_global_queues' (bsc#1048912).
   - scsi: qedi: Fix return code in qedi_ep_connect() (bsc#1048912).
   - scsi: qedi: Remove WARN_ON for untracked cleanup (bsc#1044443).
   - scsi: qedi: Remove WARN_ON from clear task context (bsc#1044443).
   - scsi: storvsc: Prefer kcalloc over kzalloc with multiply (fate#320485).
   - scsi: storvsc: remove return at end of void function (fate#320485).
   - scsi: storvsc: Workaround for virtual DVD SCSI version (fate#320485,
     bnc#1044636).
   - sfc: Add ethtool -m support for QSFP modules (bsc#1049619).
   - smartpqi: limit transfer length to 1MB (bsc#1025461).
   - smsc75xx: use skb_cow_head() to deal with cloned skbs (bsc#1045154).
   - sr9700: use skb_cow_head() to deal with cloned skbs (bsc#1045154).
   - string.h: add memcpy_and_pad() (bsc#1048146).
   - sysctl: do not print negative flag for proc_douintvec (bnc#1046985).
   - Temporarily disable iwlwifi-expose-default-fallback-ucode-api ... for
     updating iwlwifi stack
   - timers: Plug locking race vs. timer migration (bnc#1022476).
   - tools: hv: Add clean up for included files in Ubuntu net config
     (fate#320485).
   - tools: hv: Add clean up function for Ubuntu config (fate#320485).
   - tools: hv: properly handle long paths (fate#320485).
   - tools: hv: set allow-hotplug for VF on Ubuntu (fate#320485).
   - tools: hv: set hotplug for VF on Suse (fate#320485).
   - Tools: hv: vss: Thaw the filesystem and continue if freeze call has
     timed out (fate#320485).
   - tpm: Issue a TPM2_Shutdown for TPM2 devices (bsc#1053117).
   - tpm: KABI fix (bsc#1053117).
   - tpm_tis: Fix IRQ autoprobing when using platform_device (bsc#1020645,
     fate#321435, fate#321507, fate#321600, Pending fixes 2017-07-06).
   - tpm_tis: Use platform_get_irq (bsc#1020645, fate#321435, fate#321507,
     fate#321600, Pending fixes 2017-07-06).
   - tpm/tpm_crb: fix priv->cmd_size initialisation (bsc#1020645,
     fate#321435, fate#321507, fate#321600, Pending SUSE Kernel Fixes).
   - udf: Fix deadlock between writeback and udf_setsize() (bsc#1012829).
   - udf: Fix races with i_size changes during readpage (bsc#1012829).
   - Update config files: add CONFIG_IWLWIFI_PCIE_RTPM=y (FATE#323335)
   - vfs: fix missing inode_get_dev sites (bsc#1052049).
   - vmbus: cleanup header file style (fate#320485).
   - vmbus: expose debug info for drivers (fate#320485).
   - vmbus: fix spelling errors (fate#320485).
   - vmbus: introduce in-place packet iterator (fate#320485).
   - vmbus: only reschedule tasklet if time limit exceeded (fate#320485).
   - vmbus: re-enable channel tasklet (fate#320485).
   - vmbus: remove unnecessary initialization (fate#320485).
   - vmbus: remove useless return's (fate#320485).
   - x86/dmi: Switch dmi_remap() from ioremap() to ioremap_cache()
     (bsc#1051399).
   - x86/hyperv: Check frequency MSRs presence according to the specification
     (fate#320485).
   - x86/LDT: Print the real LDT base address (bsc#1051478).
   - x86/mce: Make timer handling more robust (bsc#1042422).
   - x86/panic: replace smp_send_stop() with kdump friendly version in panic
     path (bsc#1051478).
   - x86/platform/uv/BAU: Disable BAU on single hub configurations
     (bsc#1050320).
   - x86/platform/uv/BAU: Fix congested_response_us not taking effect
     (bsc#1050322).
   - xen: allocate page for shared info page from low memory (bnc#1038616).
   - xen/balloon: do not online new memory initially (bnc#1028173).
   - xen: hold lock_device_hotplug throughout vcpu hotplug operations
     (bsc#1042422).
   - xen-netfront: Rework the fix for Rx stall during OOM and network stress
     (git-fixes).
   - xen/pvh*: Support > 32 VCPUs at domain restore (bnc#1045563).
   - xfrm: NULL dereference on allocation failure (bsc#1047343).
   - xfrm: Oops on error in pfkey_msg2xfrm_state() (bsc#1047653).
   - xfs: detect and handle invalid iclog size set by mkfs (bsc#1043598).
   - xfs: detect and trim torn writes during log recovery (bsc#1036215).
   - xfs: do not BUG() on mixed direct and mapped I/O (bsc#1050188).
   - xfs: Do not clear SGID when inheriting ACLs (bsc#1030552).
   - xfs: refactor and open code log record crc check (bsc#1036215).
   - xfs: refactor log record start detection into a new helper (bsc#1036215).
   - xfs: return start block of first bad log record during recovery
     (bsc#1036215).
   - xfs: support a crc verification only log record pass (bsc#1036215).
   - xgene: Do not fail probe, if there is no clk resource for SGMII
     interfaces (bsc#1048501).
   - xilinx network drivers: disable (bsc#1046170).


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Workstation Extension 12-SP3:

      zypper in -t patch SUSE-SLE-WE-12-SP3-2017-1404=1

   - SUSE Linux Enterprise Software Development Kit 12-SP3:

      zypper in -t patch SUSE-SLE-SDK-12-SP3-2017-1404=1

   - SUSE Linux Enterprise Server 12-SP3:

      zypper in -t patch SUSE-SLE-SERVER-12-SP3-2017-1404=1

   - SUSE Linux Enterprise Live Patching 12-SP3:

      zypper in -t patch SUSE-SLE-Live-Patching-12-SP3-2017-1404=1

   - SUSE Linux Enterprise High Availability 12-SP3:

      zypper in -t patch SUSE-SLE-HA-12-SP3-2017-1404=1

   - SUSE Linux Enterprise Desktop 12-SP3:

      zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2017-1404=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Workstation Extension 12-SP3 (x86_64):

      kernel-default-debuginfo-4.4.82-6.3.1
      kernel-default-debugsource-4.4.82-6.3.1
      kernel-default-extra-4.4.82-6.3.1
      kernel-default-extra-debuginfo-4.4.82-6.3.1

   - SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64):

      kernel-obs-build-4.4.82-6.3.3
      kernel-obs-build-debugsource-4.4.82-6.3.3

   - SUSE Linux Enterprise Software Development Kit 12-SP3 (noarch):

      kernel-docs-4.4.82-6.3.5

   - SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64):

      kernel-default-4.4.82-6.3.1
      kernel-default-base-4.4.82-6.3.1
      kernel-default-base-debuginfo-4.4.82-6.3.1
      kernel-default-debuginfo-4.4.82-6.3.1
      kernel-default-debugsource-4.4.82-6.3.1
      kernel-default-devel-4.4.82-6.3.1
      kernel-syms-4.4.82-6.3.1

   - SUSE Linux Enterprise Server 12-SP3 (noarch):

      kernel-devel-4.4.82-6.3.1
      kernel-macros-4.4.82-6.3.1
      kernel-source-4.4.82-6.3.1

   - SUSE Linux Enterprise Server 12-SP3 (s390x):

      kernel-default-man-4.4.82-6.3.1

   - SUSE Linux Enterprise Live Patching 12-SP3 (x86_64):

      kgraft-patch-4_4_82-6_3-default-1-2.1
      kgraft-patch-4_4_82-6_3-default-debuginfo-1-2.1

   - SUSE Linux Enterprise High Availability 12-SP3 (ppc64le s390x x86_64):

      cluster-md-kmp-default-4.4.82-6.3.1
      cluster-md-kmp-default-debuginfo-4.4.82-6.3.1
      dlm-kmp-default-4.4.82-6.3.1
      dlm-kmp-default-debuginfo-4.4.82-6.3.1
      gfs2-kmp-default-4.4.82-6.3.1
      gfs2-kmp-default-debuginfo-4.4.82-6.3.1
      kernel-default-debuginfo-4.4.82-6.3.1
      kernel-default-debugsource-4.4.82-6.3.1
      ocfs2-kmp-default-4.4.82-6.3.1
      ocfs2-kmp-default-debuginfo-4.4.82-6.3.1

   - SUSE Linux Enterprise Desktop 12-SP3 (noarch):

      kernel-devel-4.4.82-6.3.1
      kernel-macros-4.4.82-6.3.1
      kernel-source-4.4.82-6.3.1

   - SUSE Linux Enterprise Desktop 12-SP3 (x86_64):

      kernel-default-4.4.82-6.3.1
      kernel-default-debuginfo-4.4.82-6.3.1
      kernel-default-debugsource-4.4.82-6.3.1
      kernel-default-devel-4.4.82-6.3.1
      kernel-default-extra-4.4.82-6.3.1
      kernel-default-extra-debuginfo-4.4.82-6.3.1
      kernel-syms-4.4.82-6.3.1


References:

   https://www.suse.com/security/cve/CVE-2017-1000111.html
   https://www.suse.com/security/cve/CVE-2017-1000112.html
   https://www.suse.com/security/cve/CVE-2017-10810.html
   https://www.suse.com/security/cve/CVE-2017-11473.html
   https://www.suse.com/security/cve/CVE-2017-7533.html
   https://www.suse.com/security/cve/CVE-2017-7541.html
   https://www.suse.com/security/cve/CVE-2017-7542.html
   https://www.suse.com/security/cve/CVE-2017-8831.html
   https://bugzilla.suse.com/1005778
   https://bugzilla.suse.com/1006180
   https://bugzilla.suse.com/1011913
   https://bugzilla.suse.com/1012829
   https://bugzilla.suse.com/1013887
   https://bugzilla.suse.com/1015337
   https://bugzilla.suse.com/1015342
   https://bugzilla.suse.com/1016119
   https://bugzilla.suse.com/1019151
   https://bugzilla.suse.com/1019695
   https://bugzilla.suse.com/1020645
   https://bugzilla.suse.com/1022476
   https://bugzilla.suse.com/1022600
   https://bugzilla.suse.com/1022604
   https://bugzilla.suse.com/1023175
   https://bugzilla.suse.com/1024346
   https://bugzilla.suse.com/1024373
   https://bugzilla.suse.com/1025461
   https://bugzilla.suse.com/1026570
   https://bugzilla.suse.com/1028173
   https://bugzilla.suse.com/1028286
   https://bugzilla.suse.com/1029693
   https://bugzilla.suse.com/1030552
   https://bugzilla.suse.com/1031515
   https://bugzilla.suse.com/1031717
   https://bugzilla.suse.com/1031784
   https://bugzilla.suse.com/1033587
   https://bugzilla.suse.com/1034075
   https://bugzilla.suse.com/1034113
   https://bugzilla.suse.com/1034762
   https://bugzilla.suse.com/1036215
   https://bugzilla.suse.com/1036632
   https://bugzilla.suse.com/1037344
   https://bugzilla.suse.com/1037404
   https://bugzilla.suse.com/1037838
   https://bugzilla.suse.com/1037994
   https://bugzilla.suse.com/1038078
   https://bugzilla.suse.com/1038616
   https://bugzilla.suse.com/1038792
   https://bugzilla.suse.com/1039153
   https://bugzilla.suse.com/1039348
   https://bugzilla.suse.com/1039915
   https://bugzilla.suse.com/1040307
   https://bugzilla.suse.com/1040347
   https://bugzilla.suse.com/1040351
   https://bugzilla.suse.com/1041958
   https://bugzilla.suse.com/1042257
   https://bugzilla.suse.com/1042286
   https://bugzilla.suse.com/1042314
   https://bugzilla.suse.com/1042422
   https://bugzilla.suse.com/1042778
   https://bugzilla.suse.com/1043261
   https://bugzilla.suse.com/1043347
   https://bugzilla.suse.com/1043520
   https://bugzilla.suse.com/1043598
   https://bugzilla.suse.com/1043652
   https://bugzilla.suse.com/1043805
   https://bugzilla.suse.com/1043912
   https://bugzilla.suse.com/1044112
   https://bugzilla.suse.com/1044443
   https://bugzilla.suse.com/1044623
   https://bugzilla.suse.com/1044636
   https://bugzilla.suse.com/1045154
   https://bugzilla.suse.com/1045293
   https://bugzilla.suse.com/1045330
   https://bugzilla.suse.com/1045404
   https://bugzilla.suse.com/1045563
   https://bugzilla.suse.com/1045596
   https://bugzilla.suse.com/1045709
   https://bugzilla.suse.com/1045715
   https://bugzilla.suse.com/1045866
   https://bugzilla.suse.com/1045922
   https://bugzilla.suse.com/1045937
   https://bugzilla.suse.com/1046105
   https://bugzilla.suse.com/1046170
   https://bugzilla.suse.com/1046434
   https://bugzilla.suse.com/1046651
   https://bugzilla.suse.com/1046655
   https://bugzilla.suse.com/1046682
   https://bugzilla.suse.com/1046821
   https://bugzilla.suse.com/1046985
   https://bugzilla.suse.com/1047027
   https://bugzilla.suse.com/1047048
   https://bugzilla.suse.com/1047096
   https://bugzilla.suse.com/1047118
   https://bugzilla.suse.com/1047121
   https://bugzilla.suse.com/1047152
   https://bugzilla.suse.com/1047174
   https://bugzilla.suse.com/1047277
   https://bugzilla.suse.com/1047343
   https://bugzilla.suse.com/1047354
   https://bugzilla.suse.com/1047418
   https://bugzilla.suse.com/1047506
   https://bugzilla.suse.com/1047595
   https://bugzilla.suse.com/1047651
   https://bugzilla.suse.com/1047653
   https://bugzilla.suse.com/1047670
   https://bugzilla.suse.com/1047802
   https://bugzilla.suse.com/1048146
   https://bugzilla.suse.com/1048155
   https://bugzilla.suse.com/1048221
   https://bugzilla.suse.com/1048317
   https://bugzilla.suse.com/1048348
   https://bugzilla.suse.com/1048356
   https://bugzilla.suse.com/1048421
   https://bugzilla.suse.com/1048451
   https://bugzilla.suse.com/1048501
   https://bugzilla.suse.com/1048891
   https://bugzilla.suse.com/1048912
   https://bugzilla.suse.com/1048914
   https://bugzilla.suse.com/1048916
   https://bugzilla.suse.com/1048919
   https://bugzilla.suse.com/1049231
   https://bugzilla.suse.com/1049289
   https://bugzilla.suse.com/1049298
   https://bugzilla.suse.com/1049361
   https://bugzilla.suse.com/1049483
   https://bugzilla.suse.com/1049486
   https://bugzilla.suse.com/1049603
   https://bugzilla.suse.com/1049619
   https://bugzilla.suse.com/1049645
   https://bugzilla.suse.com/1049706
   https://bugzilla.suse.com/1049882
   https://bugzilla.suse.com/1050061
   https://bugzilla.suse.com/1050188
   https://bugzilla.suse.com/1050211
   https://bugzilla.suse.com/1050320
   https://bugzilla.suse.com/1050322
   https://bugzilla.suse.com/1050677
   https://bugzilla.suse.com/1051022
   https://bugzilla.suse.com/1051048
   https://bugzilla.suse.com/1051059
   https://bugzilla.suse.com/1051239
   https://bugzilla.suse.com/1051399
   https://bugzilla.suse.com/1051471
   https://bugzilla.suse.com/1051478
   https://bugzilla.suse.com/1051479
   https://bugzilla.suse.com/1051556
   https://bugzilla.suse.com/1051663
   https://bugzilla.suse.com/1051689
   https://bugzilla.suse.com/1051979
   https://bugzilla.suse.com/1052049
   https://bugzilla.suse.com/1052223
   https://bugzilla.suse.com/1052311
   https://bugzilla.suse.com/1052325
   https://bugzilla.suse.com/1052365
   https://bugzilla.suse.com/1052442
   https://bugzilla.suse.com/1052533
   https://bugzilla.suse.com/1052709
   https://bugzilla.suse.com/1052773
   https://bugzilla.suse.com/1052794
   https://bugzilla.suse.com/1052899
   https://bugzilla.suse.com/1052925
   https://bugzilla.suse.com/1053043
   https://bugzilla.suse.com/1053117
   https://bugzilla.suse.com/964063
   https://bugzilla.suse.com/974215
   https://bugzilla.suse.com/998664

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWaYkI4x+lLeg9Ub1AQhlSQ//RxrLhBkHHvGY1SYrj+eJ3AXvoeLfFDOv
TxhiLhkJg/4AEMU2Wyjw1YulVQ4lTVTikZ+la3Y48/VSskBIc0i4764Lk8yFlXrP
NoMZoml9yCz2VoZEaLIEctmEEkjN/MyhP9Je/R/Rtn7xIRXQksO++Lm0Z42hELR3
b6LKhjUDggP6tcbg3ulni/hOyIckAra38RA45L2vGLi5O7py/b/G9qyksQn6g2Fq
oiBZw8CKJ1fGUz1J22C8KX+s0pwmXtZcMG1HqAXg0iLBNFSzKuCty9NyeyRLPacy
Ex21MLwDlgehzeK0iJ9kTtLOc7V3aGuv6an5u3qfKVOX2v9iP3bk5Li6mzTTKs6q
v3L/gVHVMDiQwUv1Bdoeo1BKmdG6XHFNRtnBqzuIMuRwgsHVZ+MovSsU+OZmF4j3
csgiLBXXdFtUzWib/Yx8EqaJxlymugy2rOvvKJ8K3IeKcLi1dKhp9EqPUS2+D8fQ
eX9Sy0egPqVVK0kF/0Vap5hOyny0g5nSOowGKvzy2BU0dvl5aB5bI9sjSlTlkI9w
IkLxohn6Yj3LZZcrbosQzp9LQfis3vaKEqSLBsZKZPJjNgM08zYCTHCarVc0bzMz
wsoNE8M35DOZFhdC9iAoSZUeAXXFEOgGuDm7nCreRytI3NV9y5Nx8Bv4jZPouAbk
XMurJ9oqB8s=
=rgr4
-----END PGP SIGNATURE-----

« Back to bulletins