Ubuntu
linux package

Cosmic update: v4.18.12 upstream stable release

Bug #1796139 reported by Seth Forshee on 2018-10-04

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	linux (Ubuntu)	Fix Released	Medium	Seth Forshee
	Cosmic	Fix Released	Medium	Seth Forshee

Bug Description

SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

v4.18.12 upstream stable release
from git://git.kernel.org/

The following patches from the v4.18.12 stable release shall be applied:

crypto: skcipher - Fix -Wstringop-truncation warnings
iio: adc: ina2xx: avoid kthread_stop() with stale task_struct
tsl2550: fix lux1_input error in low light
misc: ibmvmc: Use GFP_ATOMIC under spin lock
vmci: type promotion bug in qp_host_get_user_memory()
siox: don't create a thread without starting it
x86/numa_emulation: Fix emulated-to-physical node mapping
staging: rts5208: fix missing error check on call to rtsx_write_register
power: supply: axp288_charger: Fix initial constant_charge_current value
misc: sram: enable clock before registering regions
serial: sh-sci: Stop RX FIFO timer during port shutdown
uwb: hwa-rc: fix memory leak at probe
power: vexpress: fix corruption in notifier registration
iommu/amd: make sure TLB to be flushed before IOVA freed
Bluetooth: Add a new Realtek 8723DE ID 0bda:b009
USB: serial: kobil_sct: fix modem-status error handling
6lowpan: iphc: reset mac_header after decompress to fix panic
iommu/msm: Don't call iommu_device_{,un}link from atomic context
s390/mm: correct allocate_pgste proc_handler callback
power: remove possible deadlock when unregistering power_supply
drm/amd/display/dc/dce: Fix multiple potential integer overflows
drm/amd/display: fix use of uninitialized memory
md-cluster: clear another node's suspend_area after the copy is finished
cxgb4: Fix the condition to check if the card is T5
RDMA/bnxt_re: Fix a couple off by one bugs
RDMA/i40w: Hold read semaphore while looking after VMA
RDMA/bnxt_re: Fix a bunch of off by one bugs in qplib_fp.c
IB/core: type promotion bug in rdma_rw_init_one_mr()
media: exynos4-is: Prevent NULL pointer dereference in __isp_video_try_fmt()
IB/mlx4: Test port number before querying type.
powerpc/kdump: Handle crashkernel memory reservation failure
media: fsl-viu: fix error handling in viu_of_probe()
vhost_net: Avoid tx vring kicks during busyloop
media: staging/imx: fill vb2_v4l2_buffer field entry
IB/mlx5: Fix GRE flow specification
include/rdma/opa_addr.h: Fix an endianness issue
x86/tsc: Add missing header to tsc_msr.c
ARM: hwmod: RTC: Don't assume lock/unlock will be called with irq enabled
x86/entry/64: Add two more instruction suffixes
ARM: dts: ls1021a: Add missing cooling device properties for CPUs
scsi: target/iscsi: Make iscsit_ta_authentication() respect the output buffer size
thermal: i.MX: Allow thermal probe to fail gracefully in case of bad calibration.
scsi: klist: Make it safe to use klists in atomic context
scsi: ibmvscsi: Improve strings handling
scsi: target: Avoid that EXTENDED COPY commands trigger lock inversion
usb: wusbcore: security: cast sizeof to int for comparison
ath10k: sdio: use same endpoint id for all packets in a bundle
ath10k: sdio: set skb len for all rx packets
powerpc/powernv/ioda2: Reduce upper limit for DMA window size
platform/x86: asus-wireless: Fix uninitialized symbol usage
ACPI / button: increment wakeup count only when notified
s390/sysinfo: add missing #ifdef CONFIG_PROC_FS
alarmtimer: Prevent overflow for relative nanosleep
s390/dasd: correct numa_node in dasd_alloc_queue
s390/scm_blk: correct numa_node in scm_blk_dev_setup
s390/extmem: fix gcc 8 stringop-overflow warning
mtd: rawnand: atmel: add module param to avoid using dma
iio: accel: adxl345: convert address field usage in iio_chan_spec
posix-timers: Make forward callback return s64
posix-timers: Sanitize overrun handling
ALSA: snd-aoa: add of_node_put() in error path
selftests: forwarding: Tweak tc filters for mirror-to-gretap tests
ath10k: use locked skb_dequeue for rx completions
media: s3c-camif: ignore -ENOIOCTLCMD from v4l2_subdev_call for s_power
media: soc_camera: ov772x: correct setting of banding filter
media: omap3isp: zero-initialize the isp cam_xclk{a,b} initial data
media: ov772x: add checks for register read errors
staging: android: ashmem: Fix mmap size validation
media: ov772x: allow i2c controllers without I2C_FUNC_PROTOCOL_MANGLING
staging: mt7621-eth: Fix memory leak in mtk_add_mac() error path
drivers/tty: add error handling for pcmcia_loop_config
arm64: dts: renesas: salvator-common: Fix adv7482 decimal unit addresses
serial: pxa: Fix an error handling path in 'serial_pxa_probe()'
staging: mt7621-dts: Fix remaining pcie warnings
media: tm6000: add error handling for dvb_register_adapter
ASoC: qdsp6: qdafe: fix some off by one bugs
net: phy: xgmiitorgmii: Check read_status results
ath10k: protect ath10k_htt_rx_ring_free with rx_ring.lock
drm/sun4i: Enable DW HDMI PHY clock
net: phy: xgmiitorgmii: Check phy_driver ready before accessing
drm/sun4i: Fix releasing node when enumerating enpoints
ath10k: transmit queued frames after processing rx packets
mt76x2: fix mrr idx/count estimation in mt76x2_mac_fill_tx_status()
rndis_wlan: potential buffer overflow in rndis_wlan_auth_indication()
brcmsmac: fix wrap around in conversion from constant to s16
bitfield: fix *_encode_bits()
wlcore: Add missing PM call for wlcore_cmd_wait_for_event_or_timeout()
drm/omap: gem: Fix mm_list locking
ARM: mvebu: declare asm symbols as character arrays in pmsu.c
RDMA/uverbs: Don't overwrite NULL pointer with ZERO_SIZE_PTR
Documentation/process: fix reST table border error
perf/hw_breakpoint: Split attribute parse and commit
arm: dts: mediatek: Add missing cooling device properties for CPUs
HID: hid-ntrig: add error handling for sysfs_create_group
HID: i2c-hid: Use devm to allocate i2c_hid struct
MIPS: boot: fix build rule of vmlinux.its.S
arm64: dts: renesas: Fix VSPD registers range
drm/v3d: Take a lock across GPU scheduler job creation and queuing.
perf/x86/intel/lbr: Fix incomplete LBR call stack
scsi: bnx2i: add error handling for ioremap_nocache
iomap: complete partial direct I/O writes synchronously
spi: orion: fix CS GPIO handling again
scsi: megaraid_sas: Update controller info during resume
ASoC: Intel: bytcr_rt5640: Fix Acer Iconia 8 over-current detect threshold
ASoC: rt1305: Use ULL suffixes for 64-bit constants
ASoC: rsnd: SSI parent cares SWSP bit
EDAC, i7core: Fix memleaks and use-after-free on probe and remove
ASoC: dapm: Fix potential DAI widget pointer deref when linking DAIs
module: exclude SHN_UNDEF symbols from kallsyms api
gpio: Fix wrong rounding in gpio-menz127
nfsd: fix corrupted reply to badly ordered compound
EDAC: Fix memleak in module init error path
EDAC, altera: Fix an error handling path in altr_s10_sdram_probe()
staging: pi433: fix race condition in pi433_ioctl
ath10k: fix incorrect size of dma_free_coherent in ath10k_ce_alloc_src_ring_64
ath10k: snoc: use correct bus-specific pointer in RX retry
fs/lock: skip lock owner pid translation in case we are in init_pid_ns
ath10k: fix memory leak of tpc_stats
Input: xen-kbdfront - fix multi-touch XenStore node's locations
iio: 104-quad-8: Fix off-by-one error in register selection
drm/vc4: Add missing formats to vc4_format_mod_supported().
ARM: dts: dra7: fix DCAN node addresses
drm/vc4: plane: Expand the lower bits by repeating the higher bits
perf tests: Fix indexing when invoking subtests
gpio: tegra: Fix tegra_gpio_irq_set_type()
block: fix deadline elevator drain for zoned block devices
x86/mm: Expand static page table for fixmap space
tty: serial: lpuart: avoid leaking struct tty_struct
serial: imx: restore handshaking irq for imx1
serial: mvebu-uart: Fix reporting of effective CSIZE to userspace
serial: cpm_uart: return immediately from console poll
intel_th: Fix device removal logic
intel_th: Fix resource handling for ACPI glue layer
spi: tegra20-slink: explicitly enable/disable clock
spi: sh-msiof: Fix invalid SPI use during system suspend
spi: sh-msiof: Fix handling of write value for SISTR register
spi: rspi: Fix invalid SPI use during system suspend
spi: rspi: Fix interrupted DMA transfers
regulator: fix crash caused by null driver data
regulator: Fix 'do-nothing' value for regulators without suspend state
USB: fix error handling in usb_driver_claim_interface()
USB: handle NULL config in usb_find_alt_setting()
usb: roles: Take care of driver module reference counting
usb: musb: dsps: do not disable CPPI41 irq in driver teardown
USB: usbdevfs: sanitize flags more
USB: usbdevfs: restore warning for nonsensical flags
Revert "usb: cdc-wdm: Fix a sleep-in-atomic-context bug in service_outstanding_interrupt()"
USB: remove LPM management from usb_driver_claim_interface()
uaccess: Fix is_source param for check_copy_size() in copy_to_iter_mcsafe()
ext2, dax: set ext2_dax_aops for dax files
filesystem-dax: Fix use of zero page
IB/srp: Avoid that sg_reset -d ${srp_device} triggers an infinite loop
IB/hfi1: Fix SL array bounds check
IB/hfi1: Invalid user input can result in crash
IB/hfi1: Fix context recovery when PBC has an UnsupportedVL
IB/hfi1: Fix destroy_qp hang after a link down
ACPI / hotplug / PCI: Don't scan for non-hotplug bridges if slot is not bridge
RDMA/uverbs: Atomically flush and mark closed the comp event queue
arm64: KVM: Tighten guest core register access from userspace
ARM: OMAP2+: Fix null hwmod for ti-sysc debug
ARM: OMAP2+: Fix module address for modules using mpu_rt_idx
bus: ti-sysc: Fix module register ioremap for larger offsets
qed: Wait for ready indication before rereading the shmem
qed: Wait for MCP halt and resume commands to take place
qed: Prevent a possible deadlock during driver load and unload
qed: Avoid sending mailbox commands when MFW is not responsive
thermal: of-thermal: disable passive polling when thermal zone is disabled
isofs: reject hardware sector size > 2048 bytes
mmc: atmel-mci: fix bad logic of sg_copy_{from,to}_buffer conversion
mmc: android-goldfish: fix bad logic of sg_copy_{from,to}_buffer conversion
bus: ti-sysc: Fix no_console_suspend handling
ARM: dts: omap4-droid4: fix vibrations on Droid 4
bpf, sockmap: fix sock_hash_alloc and reject zero-sized keys
bpf, sockmap: fix sock hash count in alloc_sock_hash_elem
tls: possible hang when do_tcp_sendpages hits sndbuf is full case
bpf: sockmap: write_space events need to be passed to TCP handler
drm/amdgpu: fix VM clearing for the root PD
drm/amdgpu: fix preamble handling
amdgpu: fix multi-process hang issue
net/ncsi: Fixup .dumpit message flags and ID check in Netlink handler
tcp_bbr: add bbr_check_probe_rtt_done() helper
tcp_bbr: in restart from idle, see if we should exit PROBE_RTT
net: hns: fix length and page_offset overflow when CONFIG_ARM64_64K_PAGES
net: hns: fix skb->truesize underestimation
net: hns3: fix page_offset overflow when CONFIG_ARM64_64K_PAGES
ice: Fix multiple static analyser warnings
ice: Report stats for allocated queues via ethtool stats
ice: Clean control queues only when they are initialized
ice: Fix bugs in control queue processing
ice: Use order_base_2 to calculate higher power of 2
ice: Set VLAN flags correctly
tools: bpftool: return from do_event_pipe() on bad arguments
ice: Fix a few null pointer dereference issues
ice: Fix potential return of uninitialized value
e1000: check on netif_running() before calling e1000_up()
e1000: ensure to free old tx/rx rings in set_ringparam()
ixgbe: fix driver behaviour after issuing VFLR
i40e: Fix for Tx timeouts when interface is brought up if DCB is enabled
i40e: fix condition of WARN_ONCE for stat strings
crypto: chtls - fix null dereference chtls_free_uld()
crypto: cavium/nitrox - fix for command corruption in queue full case with backlog submissions.
hwmon: (ina2xx) fix sysfs shunt resistor read access
hwmon: (adt7475) Make adt7475_read_word() return errors
Revert "ARM: dts: imx7d: Invert legacy PCI irq mapping"
drm/amdgpu: Enable/disable gfx PG feature in rlc safe mode
drm/amdgpu: Update power state at the end of smu hw_init.
ata: ftide010: Add a quirk for SQ201
nvme-fcloop: Fix dropped LS's to removed target port
ARM: dts: omap4-droid4: Fix emmc errors seen on some devices
drm/amdgpu: Need to set moved to true when evict bo
arm/arm64: smccc-1.1: Make return values unsigned long
arm/arm64: smccc-1.1: Handle function result as parameters
i2c: i801: Allow ACPI AML access I/O ports not reserved for SMBus
clk: x86: Set default parent to 48Mhz
x86/pti: Fix section mismatch warning/error
KVM: PPC: Book3S HV: Fix guest r11 corruption with POWER9 TM workarounds
powerpc: fix csum_ipv6_magic() on little endian platforms
powerpc/pkeys: Fix reading of ibm, processor-storage-keys property
powerpc/pseries: Fix unitialized timer reset on migration
arm64: KVM: Sanitize PSTATE.M when being set from userspace
media: v4l: event: Prevent freeing event subscriptions while accessed
Linux 4.18.12

The following patches from the v4.18.12 stable release have already been applied:

net: hns3: Fix for mailbox message truncated problem
net: hns3: Fix for mac pause not disable in pfc mode
net: hns3: Fix warning bug when doing lp selftest
net: hns3: Fix get_vector ops in hclgevf_main module
ALSA: hda: Add AZX_DCAPS_PM_RUNTIME for AMD Raven Ridge
scsi: hisi_sas: Fix the conflict between dev gone and host reset
floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl
usb: core: safely deal with the dynamic quirk lists
Input: elantech - enable middle button of touchpad on ThinkPad P72

See original description

Tags:

CVE References

Seth Forshee (sforshee) on 2018-10-04

tags:	added: kernel-stable-tracking-bug
Changed in linux (Ubuntu Cosmic):
assignee:	nobody → Seth Forshee (sforshee)
importance:	Undecided → Medium
status:	New → In Progress

Seth Forshee (sforshee) on 2018-10-04

description:	updated
Changed in linux (Ubuntu Cosmic):
status:	In Progress → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2018-10-12:

Download full text (60.2 KiB)

This bug was fixed in the package linux - 4.18.0-9.10

---------------
linux (4.18.0-9.10) cosmic; urgency=medium

* linux: 4.18.0-9.10 -proposed tracker (LP: #1796346)

This bug was fixed in the package linux - 4.18.0-9.10

---------------
linux (4.18.0-9.10) cosmic; urgency=medium

* linux: 4.18.0-9.10 -proposed tracker (LP: #1796346)

* Cosmic update: v4.18.12 upstream stable release (LP: #1796139)
    - crypto: skcipher - Fix -Wstringop-truncation warnings
    - iio: adc: ina2xx: avoid kthread_stop() with stale task_struct
    - tsl2550: fix lux1_input error in low light
    - misc: ibmvmc: Use GFP_ATOMIC under spin lock
    - vmci: type promotion bug in qp_host_get_user_memory()
    - siox: don't create a thread without starting it
    - x86/numa_emulation: Fix emulated-to-physical node mapping
    - staging: rts5208: fix missing error check on call to rtsx_write_register
    - power: supply: axp288_charger: Fix initial constant_charge_current value
    - misc: sram: enable clock before registering regions
    - serial: sh-sci: Stop RX FIFO timer during port shutdown
    - uwb: hwa-rc: fix memory leak at probe
    - power: vexpress: fix corruption in notifier registration
    - iommu/amd: make sure TLB to be flushed before IOVA freed
    - Bluetooth: Add a new Realtek 8723DE ID 0bda:b009
    - USB: serial: kobil_sct: fix modem-status error handling
    - 6lowpan: iphc: reset mac_header after decompress to fix panic
    - iommu/msm: Don't call iommu_device_{,un}link from atomic context
    - s390/mm: correct allocate_pgste proc_handler callback
    - power: remove possible deadlock when unregistering power_supply
    - drm/amd/display/dc/dce: Fix multiple potential integer overflows
    - drm/amd/display: fix use of uninitialized memory
    - md-cluster: clear another node's suspend_area after the copy is finished
    - cxgb4: Fix the condition to check if the card is T5
    - RDMA/bnxt_re: Fix a couple off by one bugs
    - RDMA/i40w: Hold read semaphore while looking after VMA
    - RDMA/bnxt_re: Fix a bunch of off by one bugs in qplib_fp.c
    - IB/core: type promotion bug in rdma_rw_init_one_mr()
    - media: exynos4-is: Prevent NULL pointer dereference in __isp_video_try_fmt()
    - IB/mlx4: Test port number before querying type.
    - powerpc/kdump: Handle crashkernel memory reservation failure
    - media: fsl-viu: fix error handling in viu_of_probe()
    - vhost_net: Avoid tx vring kicks during busyloop
    - media: staging/imx: fill vb2_v4l2_buffer field entry
    - IB/mlx5: Fix GRE flow specification
    - include/rdma/opa_addr.h: Fix an endianness issue
    - x86/tsc: Add missing header to tsc_msr.c
    - ARM: hwmod: RTC: Don't assume lock/unlock will be called with irq enabled
    - x86/entry/64: Add two more instruction suffixes
    - ARM: dts: ls1021a: Add missing cooling device properties for CPUs
    - scsi: target/iscsi: Make iscsit_ta_authentication() respect the output
      buffer size
    - thermal: i.MX: Allow thermal probe to fail gracefully in case of bad
      calibration.
    - scsi: klist: Make it safe to use klists in atomic context
    - scsi: ibmvscsi: Improve strings handling
    - scsi: target: Avoid that EXTENDED COPY commands trigger lock inversion
    - usb: wusbcore: security: cast sizeof to int for comparison
    - ath10k: sdio: use same endpoint id for all packets in a bundle
    - ath10k: sdio: set skb len for all rx packets
    - powerpc/powernv/ioda2: Reduce upper limit for DMA window size
    - platform/x86: asus-wireless: Fix uninitialized symbol usage
    - ACPI / button: increment wakeup count only when notified
    - s390/sysinfo: add missing #ifdef CONFIG_PROC_FS
    - alarmtimer: Prevent overflow for relative nanosleep
    - s390/dasd: correct numa_node in dasd_alloc_queue
    - s390/scm_blk: correct numa_node in scm_blk_dev_setup
    - s390/extmem: fix gcc 8 stringop-overflow warning
    - mtd: rawnand: atmel: add module param to avoid using dma
    - iio: accel: adxl345: convert address field usage in iio_chan_spec
    - posix-timers: Make forward callback return s64
    - posix-timers: Sanitize overrun handling
    - ALSA: snd-aoa: add of_node_put() in error path
    - selftests: forwarding: Tweak tc filters for mirror-to-gretap tests
    - ath10k: use locked skb_dequeue for rx completions
    - media: s3c-camif: ignore -ENOIOCTLCMD from v4l2_subdev_call for s_power
    - media: soc_camera: ov772x: correct setting of banding filter
    - media: omap3isp: zero-initialize the isp cam_xclk{a,b} initial data
    - media: ov772x: add checks for register read errors
    - staging: android: ashmem: Fix mmap size validation
    - media: ov772x: allow i2c controllers without I2C_FUNC_PROTOCOL_MANGLING
    - staging: mt7621-eth: Fix memory leak in mtk_add_mac() error path
    - drivers/tty: add error handling for pcmcia_loop_config
    - arm64: dts: renesas: salvator-common: Fix adv7482 decimal unit addresses
    - serial: pxa: Fix an error handling path in 'serial_pxa_probe()'
    - staging: mt7621-dts: Fix remaining pcie warnings
    - media: tm6000: add error handling for dvb_register_adapter
    - ASoC: qdsp6: qdafe: fix some off by one bugs
    - net: phy: xgmiitorgmii: Check read_status results
    - ath10k: protect ath10k_htt_rx_ring_free with rx_ring.lock
    - drm/sun4i: Enable DW HDMI PHY clock
    - net: phy: xgmiitorgmii: Check phy_driver ready before accessing
    - drm/sun4i: Fix releasing node when enumerating enpoints
    - ath10k: transmit queued frames after processing rx packets
    - mt76x2: fix mrr idx/count estimation in mt76x2_mac_fill_tx_status()
    - rndis_wlan: potential buffer overflow in rndis_wlan_auth_indication()
    - brcmsmac: fix wrap around in conversion from constant to s16
    - bitfield: fix *_encode_bits()
    - wlcore: Add missing PM call for wlcore_cmd_wait_for_event_or_timeout()
    - drm/omap: gem: Fix mm_list locking
    - ARM: mvebu: declare asm symbols as character arrays in pmsu.c
    - RDMA/uverbs: Don't overwrite NULL pointer with ZERO_SIZE_PTR
    - Documentation/process: fix reST table border error
    - perf/hw_breakpoint: Split attribute parse and commit
    - arm: dts: mediatek: Add missing cooling device properties for CPUs
    - HID: hid-ntrig: add error handling for sysfs_create_group
    - HID: i2c-hid: Use devm to allocate i2c_hid struct
    - MIPS: boot: fix build rule of vmlinux.its.S
    - arm64: dts: renesas: Fix VSPD registers range
    - drm/v3d: Take a lock across GPU scheduler job creation and queuing.
    - perf/x86/intel/lbr: Fix incomplete LBR call stack
    - scsi: bnx2i: add error handling for ioremap_nocache
    - iomap: complete partial direct I/O writes synchronously
    - spi: orion: fix CS GPIO handling again
    - scsi: megaraid_sas: Update controller info during resume
    - ASoC: Intel: bytcr_rt5640: Fix Acer Iconia 8 over-current detect threshold
    - ASoC: rt1305: Use ULL suffixes for 64-bit constants
    - ASoC: rsnd: SSI parent cares SWSP bit
    - EDAC, i7core: Fix memleaks and use-after-free on probe and remove
    - ASoC: dapm: Fix potential DAI widget pointer deref when linking DAIs
    - module: exclude SHN_UNDEF symbols from kallsyms api
    - gpio: Fix wrong rounding in gpio-menz127
    - nfsd: fix corrupted reply to badly ordered compound
    - EDAC: Fix memleak in module init error path
    - EDAC, altera: Fix an error handling path in altr_s10_sdram_probe()
    - staging: pi433: fix race condition in pi433_ioctl
    - ath10k: fix incorrect size of dma_free_coherent in
      ath10k_ce_alloc_src_ring_64
    - ath10k: snoc: use correct bus-specific pointer in RX retry
    - fs/lock: skip lock owner pid translation in case we are in init_pid_ns
    - ath10k: fix memory leak of tpc_stats
    - Input: xen-kbdfront - fix multi-touch XenStore node's locations
    - iio: 104-quad-8: Fix off-by-one error in register selection
    - drm/vc4: Add missing formats to vc4_format_mod_supported().
    - ARM: dts: dra7: fix DCAN node addresses
    - drm/vc4: plane: Expand the lower bits by repeating the higher bits
    - perf tests: Fix indexing when invoking subtests
    - gpio: tegra: Fix tegra_gpio_irq_set_type()
    - block: fix deadline elevator drain for zoned block devices
    - x86/mm: Expand static page table for fixmap space
    - tty: serial: lpuart: avoid leaking struct tty_struct
    - serial: imx: restore handshaking irq for imx1
    - serial: mvebu-uart: Fix reporting of effective CSIZE to userspace
    - serial: cpm_uart: return immediately from console poll
    - intel_th: Fix device removal logic
    - intel_th: Fix resource handling for ACPI glue layer
    - spi: tegra20-slink: explicitly enable/disable clock
    - spi: sh-msiof: Fix invalid SPI use during system suspend
    - spi: sh-msiof: Fix handling of write value for SISTR register
    - spi: rspi: Fix invalid SPI use during system suspend
    - spi: rspi: Fix interrupted DMA transfers
    - regulator: fix crash caused by null driver data
    - regulator: Fix 'do-nothing' value for regulators without suspend state
    - USB: fix error handling in usb_driver_claim_interface()
    - USB: handle NULL config in usb_find_alt_setting()
    - usb: roles: Take care of driver module reference counting
    - usb: musb: dsps: do not disable CPPI41 irq in driver teardown
    - USB: usbdevfs: sanitize flags more
    - USB: usbdevfs: restore warning for nonsensical flags
    - Revert "usb: cdc-wdm: Fix a sleep-in-atomic-context bug in
      service_outstanding_interrupt()"
    - USB: remove LPM management from usb_driver_claim_interface()
    - uaccess: Fix is_source param for check_copy_size() in copy_to_iter_mcsafe()
    - ext2, dax: set ext2_dax_aops for dax files
    - filesystem-dax: Fix use of zero page
    - IB/srp: Avoid that sg_reset -d ${srp_device} triggers an infinite loop
    - IB/hfi1: Fix SL array bounds check
    - IB/hfi1: Invalid user input can result in crash
    - IB/hfi1: Fix context recovery when PBC has an UnsupportedVL
    - IB/hfi1: Fix destroy_qp hang after a link down
    - ACPI / hotplug / PCI: Don't scan for non-hotplug bridges if slot is not
      bridge
    - RDMA/uverbs: Atomically flush and mark closed the comp event queue
    - arm64: KVM: Tighten guest core register access from userspace
    - ARM: OMAP2+: Fix null hwmod for ti-sysc debug
    - ARM: OMAP2+: Fix module address for modules using mpu_rt_idx
    - bus: ti-sysc: Fix module register ioremap for larger offsets
    - qed: Wait for ready indication before rereading the shmem
    - qed: Wait for MCP halt and resume commands to take place
    - qed: Prevent a possible deadlock during driver load and unload
    - qed: Avoid sending mailbox commands when MFW is not responsive
    - thermal: of-thermal: disable passive polling when thermal zone is disabled
    - isofs: reject hardware sector size > 2048 bytes
    - mmc: atmel-mci: fix bad logic of sg_copy_{from,to}_buffer conversion
    - mmc: android-goldfish: fix bad logic of sg_copy_{from,to}_buffer conversion
    - bus: ti-sysc: Fix no_console_suspend handling
    - ARM: dts: omap4-droid4: fix vibrations on Droid 4
    - bpf, sockmap: fix sock_hash_alloc and reject zero-sized keys
    - bpf, sockmap: fix sock hash count in alloc_sock_hash_elem
    - tls: possible hang when do_tcp_sendpages hits sndbuf is full case
    - bpf: sockmap: write_space events need to be passed to TCP handler
    - drm/amdgpu: fix VM clearing for the root PD
    - drm/amdgpu: fix preamble handling
    - amdgpu: fix multi-process hang issue
    - net/ncsi: Fixup .dumpit message flags and ID check in Netlink handler
    - tcp_bbr: add bbr_check_probe_rtt_done() helper
    - tcp_bbr: in restart from idle, see if we should exit PROBE_RTT
    - net: hns: fix length and page_offset overflow when CONFIG_ARM64_64K_PAGES
    - net: hns: fix skb->truesize underestimation
    - net: hns3: fix page_offset overflow when CONFIG_ARM64_64K_PAGES
    - ice: Fix multiple static analyser warnings
    - ice: Report stats for allocated queues via ethtool stats
    - ice: Clean control queues only when they are initialized
    - ice: Fix bugs in control queue processing
    - ice: Use order_base_2 to calculate higher power of 2
    - ice: Set VLAN flags correctly
    - tools: bpftool: return from do_event_pipe() on bad arguments
    - ice: Fix a few null pointer dereference issues
    - ice: Fix potential return of uninitialized value
    - e1000: check on netif_running() before calling e1000_up()
    - e1000: ensure to free old tx/rx rings in set_ringparam()
    - ixgbe: fix driver behaviour after issuing VFLR
    - i40e: Fix for Tx timeouts when interface is brought up if DCB is enabled
    - i40e: fix condition of WARN_ONCE for stat strings
    - crypto: chtls - fix null dereference chtls_free_uld()
    - crypto: cavium/nitrox - fix for command corruption in queue full case with
      backlog submissions.
    - hwmon: (ina2xx) fix sysfs shunt resistor read access
    - hwmon: (adt7475) Make adt7475_read_word() return errors
    - Revert "ARM: dts: imx7d: Invert legacy PCI irq mapping"
    - drm/amdgpu: Enable/disable gfx PG feature in rlc safe mode
    - drm/amdgpu: Update power state at the end of smu hw_init.
    - ata: ftide010: Add a quirk for SQ201
    - nvme-fcloop: Fix dropped LS's to removed target port
    - ARM: dts: omap4-droid4: Fix emmc errors seen on some devices
    - drm/amdgpu: Need to set moved to true when evict bo
    - arm/arm64: smccc-1.1: Make return values unsigned long
    - arm/arm64: smccc-1.1: Handle function result as parameters
    - i2c: i801: Allow ACPI AML access I/O ports not reserved for SMBus
    - clk: x86: Set default parent to 48Mhz
    - x86/pti: Fix section mismatch warning/error
    - KVM: PPC: Book3S HV: Fix guest r11 corruption with POWER9 TM workarounds
    - powerpc: fix csum_ipv6_magic() on little endian platforms
    - powerpc/pkeys: Fix reading of ibm, processor-storage-keys property
    - powerpc/pseries: Fix unitialized timer reset on migration
    - arm64: KVM: Sanitize PSTATE.M when being set from userspace
    - media: v4l: event: Prevent freeing event subscriptions while accessed
    - Linux 4.18.12

* Fix usbcore.quirks when used at boot (LP: #1795784)
    - usb: core: safely deal with the dynamic quirk lists

* Dell new AIO requires a new uart backlight driver (LP: #1727235)
    - SAUCE: platform/x86: dell-uart-backlight: new backlight driver for DELL AIO
    - updateconfigs for Dell UART backlight driver

* Please make CONFIG_PWM_LPSS_PCI and CONFIG_PWM_LPSS_PLATFORM built in to
    make brightness adjustment working on various BayTrail/CherryTrail-based
    devices (LP: #1783964)
    - [Config]: Make PWM_LPSS_* built-in

* CVE-2018-5391
    - SAUCE: Revert "net: increase fragment memory usage limits"

* check and fix zkey required kernel modules locations in debs, udebs, and
    initramfs (LP: #1794346)
    - [Config] add s390 crypto modules to crypt-modules udeb

* iptables --list --numeric fails on -virtual kernel / -virtual missing
    bpfilter (LP: #1795036)
    - [Config] add bpfilter.ko to generic inclusion list

* fails to build  on armhf because of module rename (LP: #1795665)
    - [Config] omapfb was renamed to omap2fb

* qeth: use vzalloc for QUERY OAT buffer (LP: #1793086)
    - s390/qeth: use vzalloc for QUERY OAT buffer

* Cosmic update to 4.18.11 stable release (LP: #1795486)
    - gso_segment: Reset skb->mac_len after modifying network header
    - ipv6: fix possible use-after-free in ip6_xmit()
    - net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT
    - net: hp100: fix always-true check for link up state
    - pppoe: fix reception of frames with no mac header
    - qmi_wwan: set DTR for modems in forced USB2 mode
    - udp4: fix IP_CMSG_CHECKSUM for connected sockets
    - tls: don't copy the key out of tls12_crypto_info_aes_gcm_128
    - tls: zero the crypto information from tls_context before freeing
    - tls: clear key material from kernel memory when do_tls_setsockopt_conf fails
    - neighbour: confirm neigh entries when ARP packet is received
    - udp6: add missing checks on edumux packet processing
    - net/sched: act_sample: fix NULL dereference in the data path
    - hv_netvsc: fix schedule in RCU context
    - net: dsa: mv88e6xxx: Fix ATU Miss Violation
    - socket: fix struct ifreq size in compat ioctl
    - tls: fix currently broken MSG_PEEK behavior
    - ipv6: use rt6_info members when dst is set in rt6_fill_node
    - net/ipv6: do not copy dst flags on rt init
    - net: mvpp2: let phylink manage the carrier state
    - net: rtnl_configure_link: fix dev flags changes arg to __dev_notify_flags
    - NFC: Fix possible memory corruption when handling SHDLC I-Frame commands
    - NFC: Fix the number of pipes
    - ASoC: wm9712: fix replace codec to component
    - ASoC: cs4265: fix MMTLR Data switch control
    - ASoC: tas6424: Save last fault register even when clear
    - ASoC: rsnd: fixup not to call clk_get/set under non-atomic
    - ASoC: uapi: fix sound/skl-tplg-interface.h userspace compilation errors
    - ALSA: bebob: fix memory leak for M-Audio FW1814 and ProjectMix I/O at error
      path
    - ALSA: bebob: use address returned by kmalloc() instead of kernel stack for
      streaming DMA mapping
    - ALSA: emu10k1: fix possible info leak to userspace on
      SNDRV_EMU10K1_IOCTL_INFO
    - ALSA: fireface: fix memory leak in ff400_switch_fetching_mode()
    - ALSA: firewire-digi00x: fix memory leak of private data
    - ALSA: firewire-tascam: fix memory leak of private data
    - ALSA: fireworks: fix memory leak of response buffer at error path
    - ALSA: oxfw: fix memory leak for model-dependent data at error path
    - ALSA: oxfw: fix memory leak of discovered stream formats at error path
    - ALSA: oxfw: fix memory leak of private data
    - mtd: devices: m25p80: Make sure the buffer passed in op is DMA-able
    - mtd: rawnand: denali: fix a race condition when DMA is kicked
    - platform/x86: dell-smbios-wmi: Correct a memory leak
    - platform/x86: alienware-wmi: Correct a memory leak
    - xen/netfront: don't bug in case of too many frags
    - xen/x86/vpmu: Zero struct pt_regs before calling into sample handling code
    - spi: fix IDR collision on systems with both fixed and dynamic SPI bus
      numbers
    - Revert "PCI: Add ACS quirk for Intel 300 series"
    - ring-buffer: Allow for rescheduling when removing pages
    - crypto: x86/aegis,morus - Do not require OSXSAVE for SSE2
    - fork: report pid exhaustion correctly
    - mm: disable deferred struct page for 32-bit arches
    - mm: shmem.c: Correctly annotate new inodes for lockdep
    - Revert "rpmsg: core: add support to power domains for devices"
    - bpf/verifier: disallow pointer subtraction
    - Revert "uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct
      member name"
    - scsi: target: iscsi: Use bin2hex instead of a re-implementation
    - Revert "ubifs: xattr: Don't operate on deleted inodes"
    - libata: mask swap internal and hardware tag
    - ocfs2: fix ocfs2 read block panic
    - drm/i915/bdw: Increase IPS disable timeout to 100ms
    - drm/nouveau: Reset MST branching unit before enabling
    - drm/nouveau: Only write DP_MSTM_CTRL when needed
    - drm/nouveau: Remove duplicate poll_enable() in pmops_runtime_suspend()
    - drm/nouveau: Fix deadlocks in nouveau_connector_detect()
    - drm/nouveau/drm/nouveau: Don't forget to cancel hpd_work on suspend/unload
    - drm/nouveau/drm/nouveau: Fix bogus drm_kms_helper_poll_enable() placement
    - drm/nouveau/drm/nouveau: Fix deadlock with fb_helper with async RPM requests
    - drm/nouveau/drm/nouveau: Use pm_runtime_get_noresume() in connector_detect()
    - drm/nouveau/drm/nouveau: Prevent handling ACPI HPD events too early
    - drm/vc4: Fix the "no scaling" case on multi-planar YUV formats
    - drm: udl: Destroy framebuffer only if it was initialized
    - drm/amdgpu: add new polaris pci id
    - tty: vt_ioctl: fix potential Spectre v1
    - ext4: check to make sure the rename(2)'s destination is not freed
    - ext4: avoid divide by zero fault when deleting corrupted inline directories
    - ext4: avoid arithemetic overflow that can trigger a BUG
    - ext4: recalucate superblock checksum after updating free blocks/inodes
    - ext4: fix online resize's handling of a too-small final block group
    - ext4: fix online resizing for bigalloc file systems with a 1k block size
    - ext4: don't mark mmp buffer head dirty
    - ext4: show test_dummy_encryption mount option in /proc/mounts
    - ext4, dax: add ext4_bmap to ext4_dax_aops
    - ext4, dax: set ext4_dax_aops for dax files
    - sched/fair: Fix vruntime_normalized() for remote non-migration wakeup
    - vmw_balloon: include asm/io.h
    - iw_cxgb4: only allow 1 flush on user qps
    - spi: Fix double IDR allocation with DT aliases
    - Linux 4.18.11

* CVE-2018-14633
    - scsi: target: iscsi: Use hex2bin instead of a re-implementation

* Cosmic update to 4.18.10 stable release (LP: #1794597)
    - be2net: Fix memory leak in be_cmd_get_profile_config()
    - net/mlx5: Fix use-after-free in self-healing flow
    - net: qca_spi: Fix race condition in spi transfers
    - rds: fix two RCU related problems
    - tipc: orphan sock in tipc_release()
    - net/mlx5: E-Switch, Fix memory leak when creating switchdev mode FDB tables
    - net/tls: Set count of SG entries if sk_alloc_sg returns -ENOSPC
    - net/mlx5: Check for error in mlx5_attach_interface
    - net/mlx5: Fix debugfs cleanup in the device init/remove flow
    - erspan: fix error handling for erspan tunnel
    - erspan: return PACKET_REJECT when the appropriate tunnel is not found
    - tcp: really ignore MSG_ZEROCOPY if no SO_ZEROCOPY
    - net/mlx5: Fix not releasing read lock when adding flow rules
    - net/mlx5: Fix possible deadlock from lockdep when adding fte to fg
    - net/mlx5: Use u16 for Work Queue buffer fragment size
    - usb: dwc3: change stream event enable bit back to 13
    - iommu/arm-smmu-v3: sync the OVACKFLG to PRIQ consumer register
    - iommu/io-pgtable-arm-v7s: Abort allocation when table address overflows the
      PTE
    - iommu/io-pgtable-arm: Fix pgtable allocation in selftest
    - ALSA: msnd: Fix the default sample sizes
    - ALSA: usb-audio: Add support for Encore mDSD USB DAC
    - ALSA: usb-audio: Fix multiple definitions in AU0828_DEVICE() macro
    - xfrm: fix 'passing zero to ERR_PTR()' warning
    - amd-xgbe: use dma_mapping_error to check map errors
    - nfp: don't fail probe on pci_sriov_set_totalvfs() errors
    - iwlwifi: cancel the injective function between hw pointers to tfd entry
      index
    - gfs2: Special-case rindex for gfs2_grow
    - clk: imx6ul: fix missing of_node_put()
    - clk: imx6sll: fix missing of_node_put()
    - clk: mvebu: armada-37xx-periph: Fix wrong return value in get_parent
    - Input: pxrc - fix freeing URB on device teardown
    - clk: core: Potentially free connection id
    - clk: clk-fixed-factor: Clear OF_POPULATED flag in case of failure
    - kbuild: add .DELETE_ON_ERROR special target
    - kbuild: do not update config when running install targets
    - media: tw686x: Fix oops on buffer alloc failure
    - dmaengine: pl330: fix irq race with terminate_all
    - MIPS: ath79: fix system restart
    - media: videobuf2-core: check for q->error in vb2_core_qbuf()
    - IB/rxe: Drop QP0 silently
    - block: allow max_discard_segments to be stacked
    - IB/ipoib: Fix error return code in ipoib_dev_init()
    - mtd/maps: fix solutionengine.c printk format warnings
    - media: ov5645: Supported external clock is 24MHz
    - perf test: Fix subtest number when showing results
    - gfs2: Don't reject a supposedly full bitmap if we have blocks reserved
    - perf tools: Synthesize GROUP_DESC feature in pipe mode
    - perf tests: Fix record+probe_libc_inet_pton.sh for powerpc64
    - perf tests: Fix record+probe_libc_inet_pton.sh when event exists
    - perf tests: Fix record+probe_libc_inet_pton.sh to ensure cleanups
    - fbdev: omapfb: off by one in omapfb_register_client()
    - perf tools: Fix struct comm_str removal crash
    - video: goldfishfb: fix memory leak on driver remove
    - fbdev/via: fix defined but not used warning
    - perf powerpc: Fix callchain ip filtering when return address is in a
      register
    - video: fbdev: pxafb: clear allocated memory for video modes
    - fbdev: Distinguish between interlaced and progressive modes
    - omapfb: rename omap2 module to omap2fb.ko
    - ARM: exynos: Clear global variable on init error path
    - perf powerpc: Fix callchain ip filtering
    - nvmet: fix file discard return status
    - nvme-rdma: unquiesce queues when deleting the controller
    - KVM: arm/arm64: vgic: Fix possible spectre-v1 write in vgic_mmio_write_apr()
    - powerpc/powernv: opal_put_chars partial write fix
    - perf script: Show correct offsets for DWARF-based unwinding
    - staging: bcm2835-camera: fix timeout handling in wait_for_completion_timeout
    - staging: bcm2835-camera: handle wait_for_completion_timeout return properly
    - ASoC: rt5514: Fix the issue of the delay volume applied
    - MIPS: jz4740: Bump zload address
    - mac80211: restrict delayed tailroom needed decrement
    - Smack: Fix handling of IPv4 traffic received by PF_INET6 sockets
    - wan/fsl_ucc_hdlc: use IS_ERR_VALUE() to check return value of qe_muram_alloc
    - arm64: fix possible spectre-v1 write in ptrace_hbp_set_event()
    - reset: imx7: Fix always writing bits as 0
    - ALSA: usb-audio: Generic DSD detection for Thesycon-based implementations
    - nfp: avoid buffer leak when FW communication fails
    - xen-netfront: fix queue name setting
    - arm64: dts: qcom: db410c: Fix Bluetooth LED trigger
    - ARM: dts: qcom: msm8974-hammerhead: increase load on l20 for sdhci
    - soc: qcom: smem: Correct check for global partition
    - s390/qeth: fix race in used-buffer accounting
    - s390/qeth: reset layer2 attribute on layer switch
    - platform/x86: toshiba_acpi: Fix defined but not used build warnings
    - KVM: arm/arm64: Fix vgic init race
    - drivers/base: stop new probing during shutdown
    - i2c: aspeed: Fix initial values of master and slave state
    - drm/amd/pp: Set Max clock level to display by default
    - regulator: qcom_spmi: Use correct regmap when checking for error
    - regulator: qcom_spmi: Fix warning Bad of_node_put()
    - iommu/ipmmu-vmsa: IMUCTRn.TTSEL needs a special usage on R-Car Gen3
    - dmaengine: mv_xor_v2: kill the tasklets upon exit
    - crypto: sharah - Unregister correct algorithms for SAHARA 3
    - x86/pti: Check the return value of pti_user_pagetable_walk_p4d()
    - x86/pti: Check the return value of pti_user_pagetable_walk_pmd()
    - x86/mm/pti: Add an overflow check to pti_clone_pmds()
    - PCI/AER: Honor "pcie_ports=native" even if HEST sets FIRMWARE_FIRST
    - xen-netfront: fix warn message as irq device name has '/'
    - RDMA/cma: Protect cma dev list with lock
    - pstore: Fix incorrect persistent ram buffer mapping
    - xen/netfront: fix waiting for xenbus state change
    - IB/ipoib: Avoid a race condition between start_xmit and cm_rep_handler
    - mmc: omap_hsmmc: fix wakeirq handling on removal
    - ipmi: Rework SMI registration failure
    - ipmi: Move BT capabilities detection to the detect call
    - ipmi: Fix I2C client removal in the SSIF driver
    - ovl: fix oopses in ovl_fill_super() failure paths
    - vmbus: don't return values for uninitalized channels
    - Tools: hv: Fix a bug in the key delete code
    - misc: ibmvsm: Fix wrong assignment of return code
    - misc: hmc6352: fix potential Spectre v1
    - xhci: Fix use after free for URB cancellation on a reallocated endpoint
    - usb: Don't die twice if PCI xhci host is not responding in resume
    - usb: xhci: fix interrupt transfer error happened on MTK platforms
    - usb: mtu3: fix error of xhci port id when enable U3 dual role
    - mei: ignore not found client in the enumeration
    - mei: bus: fix hw module get/put balance
    - mei: bus: need to unlink client before freeing
    - dm verity: fix crash on bufio buffer that was allocated with vmalloc
    - USB: Add quirk to support DJI CineSSD
    - usb: uas: add support for more quirk flags
    - usb: Avoid use-after-free by flushing endpoints early in usb_set_interface()
    - usb: host: u132-hcd: Fix a sleep-in-atomic-context bug in u132_get_frame()
    - USB: add quirk for WORLDE Controller KS49 or Prodipe MIDI 49C USB controller
    - usb: gadget: udc: renesas_usb3: fix maxpacket size of ep0
    - USB: net2280: Fix erroneous synchronization change
    - USB: serial: io_ti: fix array underflow in completion handler
    - usb: misc: uss720: Fix two sleep-in-atomic-context bugs
    - USB: serial: ti_usb_3410_5052: fix array underflow in completion handler
    - USB: yurex: Fix buffer over-read in yurex_write()
    - usb: cdc-wdm: Fix a sleep-in-atomic-context bug in
      service_outstanding_interrupt()
    - Revert "cdc-acm: implement put_char() and flush_chars()"
    - cifs: prevent integer overflow in nxt_dir_entry()
    - CIFS: fix wrapping bugs in num_entries()
    - cifs: integer overflow in in SMB2_ioctl()
    - xtensa: ISS: don't allocate memory in platform_setup
    - perf/core: Force USER_DS when recording user stack data
    - perf tools: Fix maps__find_symbol_by_name()
    - of: fix phandle cache creation for DTs with no phandles
    - x86/EISA: Don't probe EISA bus for Xen PV guests
    - NFSv4: Fix a tracepoint Oops in initiate_file_draining()
    - NFSv4.1 fix infinite loop on I/O.
    - of: add helper to lookup compatible child node
    - mmc: meson-mx-sdio: fix OF child-node lookup
    - binfmt_elf: Respect error return from `regset->active'
    - net/mlx5: Add missing SET_DRIVER_VERSION command translation
    - arm64: dts: uniphier: Add missing cooling device properties for CPUs
    - audit: fix use-after-free in audit_add_watch
    - mtdchar: fix overflows in adjustment of `count`
    - vfs: fix freeze protection in mnt_want_write_file() for overlayfs
    - bpf: fix rcu annotations in compute_effective_progs()
    - spi: dw: fix possible race condition
    - Bluetooth: Use lock_sock_nested in bt_accept_enqueue
    - evm: Don't deadlock if a crypto algorithm is unavailable
    - KVM: PPC: Book3S HV: Add of_node_put() in success path
    - security: check for kstrdup() failure in lsm_append()
    - PM / devfreq: use put_device() instead of kfree()
    - KVM: PPC: Book3S: Fix matching of hardware and emulated TCE tables
    - MIPS: loongson64: cs5536: Fix PCI_OHCI_INT_REG reads
    - configfs: fix registered group removal
    - pinctrl: mt7622: Fix probe fail by misuse the selector
    - pinctrl: rza1: Fix selector use for groups and functions
    - arm64: dts: mt7622: update a clock property for UART0
    - sched/core: Use smp_mb() in wake_woken_function()
    - efi/esrt: Only call efi_mem_reserve() for boot services memory
    - ARM: hisi: handle of_iomap and fix missing of_node_put
    - ARM: hisi: fix error handling and missing of_node_put
    - ARM: hisi: check of_iomap and fix missing of_node_put
    - liquidio: fix hang when re-binding VF host drv after running DPDK VF driver
    - gpu: ipu-v3: csi: pass back mbus_code_to_bus_cfg error codes
    - ASoC: hdmi-codec: fix routing
    - serial: 8250: of: Correct of_platform_serial_setup() error handling
    - tty: fix termios input-speed encoding when using BOTHER
    - tty: fix termios input-speed encoding
    - mmc: sdhci-of-esdhc: set proper dma mask for ls104x chips
    - mmc: tegra: prevent HS200 on Tegra 3
    - mmc: sdhci: do not try to use 3.3V signaling if not supported
    - drm/nouveau: Fix runtime PM leak in drm_open()
    - drm/nouveau/debugfs: Wake up GPU before doing any reclocking
    - drm/nouveau: tegra: Detach from ARM DMA/IOMMU mapping
    - tls: Fix zerocopy_from_iter iov handling
    - parport: sunbpp: fix error return code
    - sched/fair: Fix util_avg of new tasks for asymmetric systems
    - coresight: Handle errors in finding input/output ports
    - coresight: tpiu: Fix disabling timeouts
    - coresight: ETM: Add support for Arm Cortex-A73 and Cortex-A35
    - f2fs: do checkpoint in kill_sb
    - tools/testing/nvdimm: Fix support for emulating controller temperature
    - drm/amd/display: support access ddc for mst branch
    - ASoC: qdsp6: q6afe-dai: fix a range check in of_q6afe_parse_dai_data()
    - lightnvm: pblk: assume that chunks are closed on 1.2 devices
    - lightnvm: pblk: enable line minor version detection
    - staging: bcm2835-audio: Don't leak workqueue if open fails
    - gpio: pxa: Fix potential NULL dereference
    - gpiolib: Mark gpio_suffixes array with __maybe_unused
    - net: gemini: Allow multiple ports to instantiate
    - net: mvpp2: make sure we use single queue mode on PPv2.1
    - rcutorture: Use monotonic timestamp for stall detection
    - mfd: 88pm860x-i2c: switch to i2c_lock_bus(..., I2C_LOCK_SEGMENT)
    - input: rohm_bu21023: switch to i2c_lock_bus(..., I2C_LOCK_SEGMENT)
    - drm/amdkfd: Fix kernel queue 64 bit doorbell offset calculation
    - drm/amdkfd: Fix error codes in kfd_get_process
    - rtc: bq4802: add error handling for devm_ioremap
    - selftests: vDSO - fix to return KSFT_SKIP when test couldn't be run
    - selftests/android: initialize heap_type to avoid compiling warning
    - ALSA: pcm: Fix snd_interval_refine first/last with open min/max
    - scsi: libfc: fixup 'sleeping function called from invalid context'
    - scsi: lpfc: Fix NVME Target crash in defer rcv logic
    - scsi: lpfc: Fix panic if driver unloaded when port is offline
    - remoteproc: qcom: q6v5-pil: fix modem hang on SDM845 after axis2 clk unvote
    - selftest: timers: Tweak raw_skew to SKIP when ADJ_OFFSET/other clock
      adjustments are in progress
    - ASoC: rt5651: Fix workqueue cancel vs irq free race on remove
    - drm/panel: type promotion bug in s6e8aa0_read_mtp_id()
    - arm64: perf: Disable PMU while processing counter overflows
    - drm/amd/pp: Send khz clock values to DC for smu7/8
    - dmaengine: sh: rcar-dmac: avoid to write CHCR.TE to 1 if TCR is set to 0
    - staging: fsl-dpaa2/eth: Fix DMA mapping direction
    - block/DAC960.c: fix defined but not used build warnings
    - IB/mlx5: fix uaccess beyond "count" in debugfs read/write handlers
    - blk-mq: only attempt to merge bio if there is rq in sw queue
    - blk-mq: avoid to synchronize rcu inside blk_cleanup_queue()
    - pinctrl: msm: Fix msm_config_group_get() to be compliant
    - pinctrl: qcom: spmi-gpio: Fix pmic_gpio_config_get() to be compliant
    - clk: tegra: bpmp: Don't crash when a clock fails to register
    - mei: bus: type promotion bug in mei_nfc_if_version()
    - crypto: ccp - add timeout support in the SEV command
    - Linux 4.18.10

* Fix MCE handling for user access of poisoned device-dax mapping
    (LP: #1774366)
    - x86/mce: Fix set_mce_nospec() to avoid #GP fault

* [Ubuntu] s390/crypto: Fix return code checking in cbc_paes_crypt.
    (LP: #1794294)
    - s390/crypto: Fix return code checking in cbc_paes_crypt()

* Oracle cosmic image does not find broadcom network device in Shape
    VMStandard2.1 (LP: #1790652)
    - SAUCE: bnxt_en: Fix VF mac address regression.

* Page leaking in cachefiles_read_backing_file while vmscan is active
    (LP: #1793430)
    - SAUCE: cachefiles: Page leaking in cachefiles_read_backing_file while vmscan
      is active

* hns3: enable ethtool rx-vlan-filter on supported hw (LP: #1793394)
    - net: hns3: Add vlan filter setting by ethtool command -K

* hns3: Modifying channel parameters will reset ring parameters back to
    defaults (LP: #1793404)
    - net: hns3: Fix desc num set to default when setting channel

* hisi_sas: Add SATA FIX check for v3 hw (LP: #1794151)
    - scsi: hisi_sas: Add SATA FIS check for v3 hw

* Fix potential corruption using SAS controller on HiSilicon arm64 boards
    (LP: #1794156)
    - scsi: hisi_sas: add memory barrier in task delivery function

* hisi_sas: Reduce unnecessary spin lock contention (LP: #1794165)
    - scsi: hisi_sas: Tidy hisi_sas_task_prep()

* Add functional level reset support for the SAS controller on HiSilicon D06
    systems (LP: #1794166)
    - scsi: hisi_sas: tidy host controller reset function a bit
    - scsi: hisi_sas: relocate some common code for v3 hw
    - scsi: hisi_sas: Implement handlers of PCIe FLR for v3 hw

* HiSilicon SAS controller doesn't recover from PHY STP link timeout
    (LP: #1794172)
    - scsi: hisi_sas: tidy channel interrupt handler for v3 hw
    - scsi: hisi_sas: Fix the failure of recovering PHY from STP link timeout

* Cosmic update to 4.18.9 stable release (LP: #1793682)
    - i2c: xiic: Make the start and the byte count write atomic
    - i2c: i801: fix DNV's SMBCTRL register offset
    - HID: multitouch: fix Elan panels with 2 input modes declaration
    - HID: core: fix grouping by application
    - HID: input: fix leaking custom input node name
    - mm/hugetlb: filter out hugetlb pages if HUGEPAGE migration is not supported.
    - memory_hotplug: fix kernel_panic on offline page processing
    - mac80211: don't update the PM state of a peer upon a multicast frame
    - scsi: lpfc: Correct MDS diag and nvmet configuration
    - nbd: don't allow invalid blocksize settings
    - block: don't warn when doing fsync on read-only devices
    - block: bfq: swap puts in bfqg_and_blkg_put
    - android: binder: fix the race mmap and alloc_new_buf_locked
    - MIPS: VDSO: Match data page cache colouring when D$ aliases
    - SMB3: Backup intent flag missing for directory opens with backupuid mounts
    - smb3: check for and properly advertise directory lease support
    - cifs: connect to servername instead of IP for IPC$ share
    - btrfs: fix qgroup_free wrong num_bytes in btrfs_subvolume_reserve_metadata
    - Btrfs: fix data corruption when deduplicating between different files
    - arm64: KVM: Only force FPEXC32_EL2.EN if trapping FPSIMD
    - KVM: arm/arm64: Clean dcache to PoC when changing PTE due to CoW
    - KVM: PPC: Book3S HV: Use correct pagesize in kvm_unmap_radix()
    - KVM: s390: vsie: copy wrapping keys to right place
    - KVM: x86: SVM: Set EMULTYPE_NO_REEXECUTE for RSM emulation
    - KVM: VMX: Do not allow reexecute_instruction() when skipping MMIO instr
    - KVM: x86: Invert emulation re-execute behavior to make it opt-in
    - KVM: x86: Merge EMULTYPE_RETRY and EMULTYPE_ALLOW_REEXECUTE
    - KVM: x86: Default to not allowing emulation retry in kvm_mmu_page_fault
    - KVM: x86: Do not re-{try,execute} after failed emulation in L2
    - ARC: [plat-axs*/plat-hsdk]: Allow U-Boot to pass MAC-address to the kernel
    - ACPI / LPSS: Force LPSS quirks on boot
    - memory: ti-aemif: fix a potential NULL-pointer dereference
    - ALSA: hda - Fix cancel_work_sync() stall from jackpoll work
    - cpu/hotplug: Adjust misplaced smb() in cpuhp_thread_fun()
    - cpu/hotplug: Prevent state corruption on error rollback
    - x86/microcode: Make sure boot_cpu_data.microcode is up-to-date
    - x86/microcode: Update the new microcode revision unconditionally
    - x86/process: Don't mix user/kernel regs in 64bit __show_regs()
    - x86/apic/vector: Make error return value negative
    - switchtec: Fix Spectre v1 vulnerability
    - ARC: [plat-axs*]: Enable SWAP
    - tc-testing: flush gact actions on test teardown
    - tc-testing: remove duplicate spaces in connmark match patterns
    - misc: mic: SCIF Fix scif_get_new_port() error handling
    - ALSA: hda/realtek - Add mute LED quirk for HP Spectre x360
    - ethtool: Remove trailing semicolon for static inline
    - i2c: aspeed: Add an explicit type casting for *get_clk_reg_val
    - Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV
    - pinctrl: berlin: fix 'pctrl->functions' allocation in
      berlin_pinctrl_build_state
    - gpio: tegra: Move driver registration to subsys_init level
    - powerpc/4xx: Fix error return path in ppc4xx_msi_probe()
    - selftests/bpf: fix a typo in map in map test
    - media: davinci: vpif_display: Mix memory leak on probe error path
    - media: dw2102: Fix memleak on sequence of probes
    - net: phy: Fix the register offsets in Broadcom iProc mdio mux driver
    - scsi: qla2xxx: Fix unintended Logout
    - scsi: qla2xxx: Fix session state stuck in Get Port DB
    - scsi: qla2xxx: Silent erroneous message
    - clk: scmi: Fix the rounding of clock rate
    - blk-mq: fix updating tags depth
    - scsi: lpfc: Fix driver crash when re-registering NVME rports.
    - scsi: target: fix __transport_register_session locking
    - md/raid5: fix data corruption of replacements after originals dropped
    - timers: Clear timer_base::must_forward_clk with timer_base::lock held
    - media: camss: csid: Configure data type and decode format properly
    - gpu: ipu-v3: default to id 0 on missing OF alias
    - misc: ti-st: Fix memory leak in the error path of probe()
    - uio: potential double frees if __uio_register_device() fails
    - firmware: vpd: Fix section enabled flag on vpd_section_destroy
    - Drivers: hv: vmbus: Cleanup synic memory free path
    - tty: rocket: Fix possible buffer overwrite on register_PCI
    - uio: fix possible circular locking dependency
    - iwlwifi: pcie: don't access periphery registers when not available
    - IB/IPoIB: Set ah valid flag in multicast send flow
    - f2fs: fix to active page in lru list for read path
    - f2fs: do not set free of current section
    - f2fs: Keep alloc_valid_block_count in sync
    - f2fs: issue discard align to section in LFS mode
    - f2fs: fix defined but not used build warnings
    - f2fs: fix to detect looped node chain correctly
    - ASoC: soc-pcm: Use delay set in component pointer function
    - perf tools: Allow overriding MAX_NR_CPUS at compile time
    - device-dax: avoid hang on error before devm_memremap_pages()
    - NFSv4.0 fix client reference leak in callback
    - perf c2c report: Fix crash for empty browser
    - perf evlist: Fix error out while applying initial delay and LBR
    - powerpc/pseries: fix EEH recovery of some IOV devices
    - macintosh/via-pmu: Add missing mmio accessors
    - perf build: Fix installation directory for eBPF
    - ath9k: report tx status on EOSP
    - ath9k_hw: fix channel maximum power level test
    - ath10k: prevent active scans on potential unusable channels
    - wlcore: Set rx_status boottime_ns field on rx
    - rpmsg: core: add support to power domains for devices
    - mtd: rawnand: make subop helpers return unsigned values
    - scsi: tcmu: do not set max_blocks if data_bitmap has been setup
    - MIPS: Fix ISA virt/bus conversion for non-zero PHYS_OFFSET
    - ata: libahci: Allow reconfigure of DEVSLP register
    - ata: libahci: Correct setting of DEVSLP register
    - nfs: Referrals not inheriting proto setting from parent
    - scsi: 3ware: fix return 0 on the error path of probe
    - tools/testing/nvdimm: kaddr and pfn can be NULL to ->direct_access()
    - ath10k: disable bundle mgmt tx completion event support
    - media: em28xx: explicitly disable TS packet filter
    - PCI: mobiveil: Add missing ../pci.h include
    - PCI: mobiveil: Fix struct mobiveil_pcie.pcie_reg_base address type
    - powerpc/mm: Don't report PUDs as memory leaks when using kmemleak
    - Bluetooth: hidp: Fix handling of strncpy for hid->name information
    - x86/mm: Remove in_nmi() warning from vmalloc_fault()
    - regulator: tps65217: Fix NULL pointer dereference on probe
    - pinctrl: imx: off by one in imx_pinconf_group_dbg_show()
    - gpio: pxa: disable pinctrl calls for PXA3xx
    - gpio: ml-ioh: Fix buffer underwrite on probe error path
    - pinctrl/amd: only handle irq if it is pending and unmasked
    - net: mvneta: fix mtu change on port without link
    - f2fs: try grabbing node page lock aggressively in sync scenario
    - pktcdvd: Fix possible Spectre-v1 for pkt_devs
    - f2fs: fix to skip GC if type in SSA and SIT is inconsistent
    - tpm_tis_spi: Pass the SPI IRQ down to the driver
    - tpm/tpm_i2c_infineon: switch to i2c_lock_bus(..., I2C_LOCK_SEGMENT)
    - f2fs: fix to do sanity check with reserved blkaddr of inline inode
    - MIPS: Octeon: add missing of_node_put()
    - MIPS: generic: fix missing of_node_put()
    - thermal: rcar_thermal: avoid NULL dereference in absence of IRQ resources
    - thermal_hwmon: Sanitize attribute name passed to hwmon
    - net: dcb: For wild-card lookups, use priority -1, not 0
    - dm cache: only allow a single io_mode cache feature to be requested
    - Input: atmel_mxt_ts - only use first T9 instance
    - media: s5p-mfc: Fix buffer look up in s5p_mfc_handle_frame_{new, copy_time}
      functions
    - media: rcar-csi2: update stream start for V3M
    - media: helene: fix xtal frequency setting at power on
    - drm/amd/display: Prevent PSR from being enabled if initialization fails
    - media: em28xx: Fix dual transport stream operation
    - iommu/arm-smmu-v3: Abort all transactions if SMMU is enabled in kdump kernel
    - f2fs: fix to wait on page writeback before updating page
    - f2fs: Fix uninitialized return in f2fs_ioc_shutdown()
    - media: em28xx: Fix DualHD disconnect oops
    - f2fs: avoid potential deadlock in f2fs_sbi_store
    - f2fs: fix to do sanity check with secs_per_zone
    - mfd: rave-sp: Initialize flow control and parity of the port
    - iommu/ipmmu-vmsa: Fix allocation in atomic context
    - mfd: ti_am335x_tscadc: Fix struct clk memory leak
    - f2fs: fix to do sanity check with {sit,nat}_ver_bitmap_bytesize
    - f2fs: fix to propagate return value of scan_nat_page()
    - f2fs: fix to do sanity check with extra_attr feature
    - RDMA/hns: Add illegal hop_num judgement
    - NFSv4.1: Fix a potential layoutget/layoutrecall deadlock
    - RDMA/hns: Update the data type of immediate data
    - MIPS: WARN_ON invalid DMA cache maintenance, not BUG_ON
    - MIPS: mscc: ocelot: fix length of memory address space for MIIM
    - RDMA/cma: Do not ignore net namespace for unbound cm_id
    - clocksource: Revert "Remove kthread"
    - autofs: fix autofs_sbi() does not check super block type
    - mm: get rid of vmacache_flush_all() entirely
    - Linux 4.18.9

* SRU: Enable middle button of touchpad on ThinkPad P72 (LP: #1793463)
    - Input: elantech - enable middle button of touchpad on ThinkPad P72

* Improvements to the kernel source package preparation (LP: #1793461)
    - [Packaging] startnewrelease: add support for backport kernels

* hns3: Retrieve RoCE MSI-X config from firmware (LP: #1793221)
    - net: hns3: Fix MSIX allocation issue for VF
    - net: hns3: Refine the MSIX allocation for PF

* Fix unusable NVIDIA GPU after S3 (LP: #1793338)
    - SAUCE: PCI: Reprogram bridge prefetch registers on resume

* net: hns: Avoid hang when link is changed while handling packets
    (LP: #1792209)
    - net: hns: add the code for cleaning pkt in chip
    - net: hns: add netif_carrier_off before change speed and duplex

* Cosmic update to v4.18.8 stable release (LP: #1793069)
    - act_ife: fix a potential use-after-free
    - ipv4: tcp: send zero IPID for RST and ACK sent in SYN-RECV and TIME-WAIT
      state
    - net: bcmgenet: use MAC link status for fixed phy
    - net: macb: do not disable MDIO bus at open/close time
    - net: sched: Fix memory exposure from short TCA_U32_SEL
    - qlge: Fix netdev features configuration.
    - r8169: add support for NCube 8168 network card
    - tcp: do not restart timewait timer on rst reception
    - vti6: remove !skb->ignore_df check from vti6_xmit()
    - act_ife: move tcfa_lock down to where necessary
    - act_ife: fix a potential deadlock
    - net: sched: action_ife: take reference to meta module
    - bnxt_en: Clean up unused functions.
    - bnxt_en: Do not adjust max_cp_rings by the ones used by RDMA.
    - net/sched: act_pedit: fix dump of extended layered op
    - tipc: fix a missing rhashtable_walk_exit()
    - hv_netvsc: Fix a deadlock by getting rtnl lock earlier in netvsc_probe()
    - tipc: fix the big/little endian issue in tipc_dest
    - sctp: remove useless start_fail from sctp_ht_iter in proc
    - erspan: set erspan_ver to 1 by default when adding an erspan dev
    - net: macb: Fix regression breaking non-MDIO fixed-link PHYs
    - ipv6: don't get lwtstate twice in ip6_rt_copy_init()
    - net/ipv6: init ip6 anycast rt->dst.input as ip6_input
    - net/ipv6: Only update MTU metric if it set
    - net/ipv6: Put lwtstate when destroying fib6_info
    - net/mlx5: Fix SQ offset in QPs with small RQ
    - r8169: set RxConfig after tx/rx is enabled for RTL8169sb/8110sb devices
    - Revert "net: stmmac: Do not keep rearming the coalesce timer in stmmac_xmit"
    - ip6_vti: fix creating fallback tunnel device for vti6
    - ip6_vti: fix a null pointer deference when destroy vti6 tunnel
    - nfp: wait for posted reconfigs when disabling the device
    - sctp: hold transport before accessing its asoc in sctp_transport_get_next
    - mlxsw: spectrum_switchdev: Do not leak RIFs when removing bridge
    - vhost: correctly check the iova range when waking virtqueue
    - hv_netvsc: ignore devices that are not PCI
    - cifs: check if SMB2 PDU size has been padded and suppress the warning
    - hfsplus: don't return 0 when fill_super() failed
    - hfs: prevent crash on exit from failed search
    - sunrpc: Don't use stack buffer with scatterlist
    - fork: don't copy inconsistent signal handler state to child
    - fs/proc/vmcore.c: hide vmcoredd_mmap_dumps() for nommu builds
    - reiserfs: change j_timestamp type to time64_t
    - iommu/rockchip: Handle errors returned from PM framework
    - hfsplus: fix NULL dereference in hfsplus_lookup()
    - iommu/rockchip: Move irq request past pm_runtime_enable
    - fs/proc/kcore.c: use __pa_symbol() for KCORE_TEXT list entries
    - fat: validate ->i_start before using
    - workqueue: skip lockdep wq dependency in cancel_work_sync()
    - workqueue: re-add lockdep dependencies for flushing
    - scripts: modpost: check memory allocation results
    - apparmor: fix an error code in __aa_create_ns()
    - virtio: pci-legacy: Validate queue pfn
    - x86/mce: Add notifier_block forward declaration
    - i2c: core: ACPI: Make acpi_gsb_i2c_read_bytes() check i2c_transfer return
      value
    - IB/hfi1: Invalid NUMA node information can cause a divide by zero
    - pwm: meson: Fix mux clock names
    - powerpc/topology: Get topology for shared processors at boot
    - mm/fadvise.c: fix signed overflow UBSAN complaint
    - mm: make DEFERRED_STRUCT_PAGE_INIT explicitly depend on SPARSEMEM
    - fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot()
    - platform/x86: intel_punit_ipc: fix build errors
    - bpf, sockmap: fix map elem deletion race with smap_stop_sock
    - tcp, ulp: fix leftover icsk_ulp_ops preventing sock from reattach
    - bpf, sockmap: fix sock_map_ctx_update_elem race with exist/noexist
    - net/xdp: Fix suspicious RCU usage warning
    - bpf, sockmap: fix leakage of smap_psock_map_entry
    - samples/bpf: all XDP samples should unload xdp/bpf prog on SIGTERM
    - netfilter: ip6t_rpfilter: set F_IFACE for linklocal addresses
    - s390/kdump: Fix memleak in nt_vmcoreinfo
    - ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest()
    - mfd: sm501: Set coherent_dma_mask when creating subdevices
    - netfilter: x_tables: do not fail xt_alloc_table_info too easilly
    - platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360
    - netfilter: fix memory leaks on netlink_dump_start error
    - tcp, ulp: add alias for all ulp modules
    - ubi: Initialize Fastmap checkmapping correctly
    - RDMA/hns: Fix usage of bitmap allocation functions return values
    - ACPICA: ACPICA: add status check for acpi_hw_read before assigning return
      value
    - perf arm spe: Fix uninitialized record error variable
    - net: hns3: Fix for command format parsing error in
      hclge_is_all_function_id_zero
    - block: don't warn for flush on read-only device
    - PCI: Match Root Port's MPS to endpoint's MPSS as necessary
    - drm/amd/display: Guard against null crtc in CRC IRQ
    - coccicheck: return proper error code on fail
    - perf tools: Check for null when copying nsinfo.
    - f2fs: avoid race between zero_range and background GC
    - f2fs: fix avoid race between truncate and background GC
    - RISC-V: Use KBUILD_CFLAGS instead of KCFLAGS when building the vDSO
    - irqchip/stm32: Fix init error handling
    - irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP
    - net/9p/trans_fd.c: fix race by holding the lock
    - net/9p: fix error path of p9_virtio_probe
    - f2fs: fix to clear PG_checked flag in set_page_dirty()
    - pinctrl: axp209: Fix NULL pointer dereference after allocation
    - bpf: fix bpffs non-array map seq_show issue
    - powerpc/uaccess: Enable get_user(u64, *p) on 32-bit
    - powerpc: Fix size calculation using resource_size()
    - perf probe powerpc: Fix trace event post-processing
    - block: bvec_nr_vecs() returns value for wrong slab
    - brcmfmac: fix brcmf_wiphy_wowl_params() NULL pointer dereference
    - s390/dasd: fix hanging offline processing due to canceled worker
    - s390/dasd: fix panic for failed online processing
    - ACPI / scan: Initialize status to ACPI_STA_DEFAULT
    - blk-mq: count the hctx as active before allocating tag
    - scsi: aic94xx: fix an error code in aic94xx_init()
    - NFSv4: Fix error handling in nfs4_sp4_select_mode()
    - Input: do not use WARN() in input_alloc_absinfo()
    - xen/balloon: fix balloon initialization for PVH Dom0
    - PCI: mvebu: Fix I/O space end address calculation
    - dm kcopyd: avoid softlockup in run_complete_job
    - staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice
    - ASoC: rt5677: Fix initialization of rt5677_of_match.data
    - iommu/omap: Fix cache flushes on L2 table entries
    - selftests/powerpc: Kill child processes on SIGINT
    - selinux: cleanup dentry and inodes on error in selinuxfs
    - RDS: IB: fix 'passing zero to ERR_PTR()' warning
    - cfq: Suppress compiler warnings about comparisons
    - smb3: fix reset of bytes read and written stats
    - CIFS: fix memory leak and remove dead code
    - SMB3: Number of requests sent should be displayed for SMB3 not just CIFS
    - smb3: if server does not support posix do not allow posix mount option
    - powerpc/platforms/85xx: fix t1042rdb_diu.c build errors & warning
    - powerpc/64s: Make rfi_flush_fallback a little more robust
    - um: fix parallel building with O= option
    - powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX.
    - clk: rockchip: Add pclk_rkpwm_pmu to PMU critical clocks in rk3399
    - drm/amd/display: Read back max backlight value at boot
    - KVM: vmx: track host_state.loaded using a loaded_vmcs pointer
    - kvm: nVMX: Fix fault vector for VMX operation at CPL > 0
    - drm/etnaviv: fix crash in GPU suspend when init failed due to buffer
      placement
    - btrfs: Exit gracefully when chunk map cannot be inserted to the tree
    - btrfs: replace: Reset on-disk dev stats value after replace
    - btrfs: fix in-memory value of total_devices after seed device deletion
    - btrfs: relocation: Only remove reloc rb_trees if reloc control has been
      initialized
    - btrfs: tree-checker: Detect invalid and empty essential trees
    - btrfs: check-integrity: Fix NULL pointer dereference for degraded mount
    - btrfs: lift uuid_mutex to callers of btrfs_open_devices
    - btrfs: Don't remove block group that still has pinned down bytes
    - btrfs: Fix a C compliance issue
    - arm64: rockchip: Force CONFIG_PM on Rockchip systems
    - ARM: rockchip: Force CONFIG_PM on Rockchip systems
    - btrfs: do btrfs_free_stale_devices outside of device_list_add
    - btrfs: extend locked section when adding a new device in device_list_add
    - btrfs: rename local devices for fs_devices in btrfs_free_stale_devices(
    - btrfs: use device_list_mutex when removing stale devices
    - btrfs: lift uuid_mutex to callers of btrfs_scan_one_device
    - btrfs: lift uuid_mutex to callers of btrfs_parse_early_options
    - btrfs: reorder initialization before the mount locks uuid_mutex
    - btrfs: fix mount and ioctl device scan ioctl race
    - drm/i915/lpe: Mark LPE audio runtime pm as "no callbacks"
    - drm/i915: Nuke the LVDS lid notifier
    - drm/i915: Increase LSPCON timeout
    - drm/i915: Free write_buf that we allocated with kzalloc.
    - drm/amdgpu: update uvd_v6_0_ring_vm_funcs to use new nop packet
    - drm/amdgpu: fix a reversed condition
    - drm/amdgpu: Fix RLC safe mode test in gfx_v9_0_enter_rlc_safe_mode
    - drm/amd/pp: Convert voltage unit in mV*4 to mV on CZ/ST
    - drm/amd/powerplay: fixed uninitialized value
    - drm/amd/pp/Polaris12: Fix a chunk of registers missed to program
    - drm/edid: Quirk Vive Pro VR headset non-desktop.
    - drm/amd/display: fix type of variable
    - drm/amd/display: Don't share clk source between DP and HDMI
    - drm/amd/display: update clk for various HDMI color depths
    - drm/amd/display: Use requested HDMI aspect ratio
    - drm/amd/display: Report non-DP display as disconnected without EDID
    - drm/rockchip: lvds: add missing of_node_put
    - drm/rockchip: vop: split out core clock enablement into separate functions
    - drm/rockchip: vop: fix irq disabled after vop driver probed
    - drm/amd/display: Pass connector id when executing VBIOS CT
    - drm/amd/display: Check if clock source in use before disabling
    - drm/amdgpu: update tmr mc address
    - drm/amdgpu:add tmr mc address into amdgpu_firmware_info
    - drm/amdgpu:add new firmware id for VCN
    - drm/amdgpu:add VCN support in PSP driver
    - drm/amdgpu:add VCN booting with firmware loaded by PSP
    - drm/amdgpu: fix incorrect use of fcheck
    - drm/amdgpu: fix incorrect use of drm_file->pid
    - drm/i915: Re-apply "Perform link quality check, unconditionally during long
      pulse"
    - uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member name
    - mm: respect arch_dup_mmap() return value
    - drm/i915: set DP Main Stream Attribute for color range on DDI platforms
    - x86/tsc: Prevent result truncation on 32bit
    - drm/amdgpu: Keep track of amount of pinned CPU visible VRAM
    - drm/amdgpu: Make pin_size values atomic
    - drm/amdgpu: Warn and update pin_size values when destroying a pinned BO
    - drm/amdgpu: Don't warn on destroying a pinned BO
    - debugobjects: Make stack check warning more informative
    - x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear
    - x86/xen: don't write ptes directly in 32-bit PV guests
    - kbuild: make missing $DEPMOD a Warning instead of an Error
    - kvm: x86: Set highest physical address bits in non-present/reserved SPTEs
    - x86: kvm: avoid unused variable warning
    - HID: redragon: fix num lock and caps lock LEDs
    - ASoC: wm8994: Fix missing break in switch
    - Linux 4.18.8

* [Regression] Colour banding appears on Lenovo B50-80 integrated display
    (LP: #1788308) // Cosmic update to v4.18.8 stable release (LP: #1793069)
    - drm/edid: Add 6 bpc quirk for SDC panel in Lenovo B50-80

* Fix I2C touchpanels' interrupt storms after system suspend (LP: #1792309)
    - HID: i2c-hid: Fix flooded incomplete report after S3 on Rayd touchscreen
    - HID: i2c-hid: Don't reset device upon system resume

* Error reported when creating ZFS pool with "-t" option, despite successful
    pool creation (LP: #1769937)
    - SAUCE: (noup) Update zfs to 0.7.9-3ubuntu6

* update ENA driver to latest mainline version (LP: #1792044)
    - net: ena: fix surprise unplug NULL dereference kernel crash
    - net: ena: fix driver when PAGE_SIZE == 64kB
    - net: ena: fix device destruction to gracefully free resources
    - net: ena: fix potential double ena_destroy_device()
    - net: ena: fix missing lock during device destruction
    - net: ena: fix missing calls to READ_ONCE
    - net: ena: fix incorrect usage of memory barriers

* device hotplug of vfio devices can lead to deadlock in vfio_pci_release
    (LP: #1792099)
    - SAUCE: vfio -- release device lock before userspace requests

* [AEP-bug] ext4: more rare direct I/O vs unmap failures (LP: #1787089)
    - dax: dax_layout_busy_page() warn on !exceptional
    - ext4: handle layout changes to pinned DAX mappings
    - xfs: Close race between direct IO and xfs_break_layouts()

* [Bug][CLX]assertion failure with util_range_rw using libpmemlog, possible
    kernel DAX bug (LP: #1789146)
    - dax: remove VM_MIXEDMAP for fsdax and device dax

* [Feature] Optimize huge page clear/copy cache behavior (LP: #1730836)
    - mm, clear_huge_page: move order algorithm into a separate function
    - mm, huge page: copy target sub-page last when copy huge page
    - mm, hugetlbfs: rename address to haddr in hugetlb_cow()
    - mm, hugetlbfs: pass fault address to cow handler

* [ICL] Touch support (LP: #1771245)
    - mfd: intel-lpss: Add Ice Lake PCI IDs

* Miscellaneous Ubuntu changes
    - [Packaging] retpoline -- fix temporary filenaming
    - SAUCE: update aufs to aufs4.18 20180910
    - CONFIG_BCH_CONST_PARAMS=n
    - Packaging: final-checks: remove trailing backport suffix

-- Seth Forshee <seth.forshee@canonical.com>  Fri, 05 Oct 2018 11:13:20 -0500

Changed in linux (Ubuntu Cosmic):
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

Duplicates of this bug

Bug #1796170

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntulinux package