SUSE-SU-2017:1853-1: important: Security update for the Linux Kernel

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Thu Jul 13 07:09:40 MDT 2017


   SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2017:1853-1
Rating:             important
References:         #1003581 #1004003 #1011044 #1012060 #1012382 
                    #1012422 #1012452 #1012829 #1012910 #1012985 
                    #1013561 #1013887 #1015342 #1015452 #1017461 
                    #1018885 #1020412 #1021424 #1022266 #1022595 
                    #1023287 #1025461 #1026570 #1027101 #1027512 
                    #1027974 #1028217 #1028310 #1028340 #1028883 
                    #1029607 #1030057 #1030070 #1031040 #1031142 
                    #1031147 #1031470 #1031500 #1031512 #1031555 
                    #1031717 #1031796 #1032141 #1032339 #1032345 
                    #1032400 #1032581 #1032803 #1033117 #1033281 
                    #1033336 #1033340 #1033885 #1034048 #1034419 
                    #1034635 #1034670 #1034671 #1034762 #1034902 
                    #1034995 #1035024 #1035866 #1035887 #1035920 
                    #1035922 #1036214 #1036638 #1036752 #1036763 
                    #1037177 #1037186 #1037384 #1037483 #1037669 
                    #1037840 #1037871 #1037969 #1038033 #1038043 
                    #1038085 #1038142 #1038143 #1038297 #1038458 
                    #1038544 #1038842 #1038843 #1038846 #1038847 
                    #1038848 #1038879 #1038981 #1038982 #1039214 
                    #1039348 #1039354 #1039700 #1039864 #1039882 
                    #1039883 #1039885 #1039900 #1040069 #1040125 
                    #1040182 #1040279 #1040351 #1040364 #1040395 
                    #1040425 #1040463 #1040567 #1040609 #1040855 
                    #1040929 #1040941 #1041087 #1041160 #1041168 
                    #1041242 #1041431 #1041810 #1042286 #1042356 
                    #1042421 #1042517 #1042535 #1042536 #1042863 
                    #1042886 #1043014 #1043231 #1043236 #1043347 
                    #1043371 #1043467 #1043488 #1043598 #1043912 
                    #1043935 #1043990 #1044015 #1044082 #1044120 
                    #1044125 #1044532 #1044767 #1044772 #1044854 
                    #1044880 #1044912 #1045154 #1045235 #1045286 
                    #1045307 #1045467 #1045568 #1046105 #1046434 
                    #1046589 #799133 #863764 #922871 #939801 
                    #966170 #966172 #966191 #966321 #966339 #971975 
                    #988065 #989311 #990058 #990682 #993832 #995542 
                    
Cross-References:   CVE-2017-1000365 CVE-2017-1000380 CVE-2017-7346
                    CVE-2017-7487 CVE-2017-7616 CVE-2017-7618
                    CVE-2017-8890 CVE-2017-8924 CVE-2017-8925
                    CVE-2017-9074 CVE-2017-9075 CVE-2017-9076
                    CVE-2017-9077 CVE-2017-9150 CVE-2017-9242
                   
Affected Products:
                    SUSE Linux Enterprise Workstation Extension 12-SP2
                    SUSE Linux Enterprise Software Development Kit 12-SP2
                    SUSE Linux Enterprise Server for Raspberry Pi 12-SP2
                    SUSE Linux Enterprise Server 12-SP2
                    SUSE Linux Enterprise Live Patching 12
                    SUSE Linux Enterprise High Availability 12-SP2
                    SUSE Linux Enterprise Desktop 12-SP2
                    OpenStack Cloud Magnum Orchestration 7
______________________________________________________________________________

   An update that solves 15 vulnerabilities and has 162 fixes
   is now available.

Description:



   The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.74 to receive
   various security and bugfixes.

   The following security bugs were fixed:

   - CVE-2017-1000365: The Linux Kernel imposes a size restriction on the
     arguments and environmental strings passed through
     RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but did not take the
     argument and environment pointers into account, which allowed attackers
     to bypass this limitation. (bnc#1039354).
   - CVE-2017-1000380: sound/core/timer.c in the Linux kernel is vulnerable
     to a data race in the ALSA /dev/snd/timer driver resulting in local
     users being able to read information belonging to other users, i.e.,
     uninitialized memory contents may be disclosed when a read and an ioctl
     happen at the same time (bnc#1044125).
   - CVE-2017-7346: The vmw_gb_surface_define_ioctl function in
     drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not
     validate certain levels data, which allowed local users to cause a
     denial of service (system hang) via a crafted ioctl call for a
     /dev/dri/renderD* device (bnc#1031796).
   - CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c
     in the Linux kernel is too late in checking whether an overwrite of an
     skb data structure may occur, which allowed local users to cause a
     denial of service (system crash) via crafted system calls (bnc#1041431).
   - CVE-2017-9076: The dccp_v6_request_recv_sock function in net/dccp/ipv6.c
     in the Linux kernel mishandled inheritance, which allowed local users to
     cause a denial of service or possibly have unspecified other impact via
     crafted system calls, a related issue to CVE-2017-8890 (bnc#1039885).
   - CVE-2017-9077: The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c
     in the Linux kernel mishandled inheritance, which allowed local users to
     cause a denial of service or possibly have unspecified other impact via
     crafted system calls, a related issue to CVE-2017-8890 (bnc#1040069).
   - CVE-2017-9075: The sctp_v6_create_accept_sk function in net/sctp/ipv6.c
     in the Linux kernel mishandled inheritance, which allowed local users to
     cause a denial of service or possibly have unspecified other impact via
     crafted system calls, a related issue to CVE-2017-8890 (bnc#1039883).
   - CVE-2017-9074: The IPv6 fragmentation implementation in the Linux kernel
     did not consider that the nexthdr field may be associated with an
     invalid option, which allowed local users to cause a denial of service
     (out-of-bounds read and BUG) or possibly have unspecified other impact
     via crafted socket and send system calls (bnc#1039882).
   - CVE-2017-8924: The edge_bulk_in_callback function in
     drivers/usb/serial/io_ti.c in the Linux kernel allowed local users to
     obtain sensitive information (in the dmesg ringbuffer and syslog) from
     uninitialized kernel memory by using a crafted USB device (posing as an
     io_ti USB serial device) to trigger an integer underflow. (bsc#1038982)
   - CVE-2017-8925: The omninet_open function in drivers/usb/serial/omninet.c
     in the Linux kernel allowed local users to cause a denial of service
     (tty exhaustion) by leveraging reference count mishandling. (bsc#1038981)
   - CVE-2017-7487: The ipxitf_ioctl function in net/ipx/af_ipx.c in the
     Linux kernel mishandled reference counts, which allowed local users to
     cause a denial of service (use-after-free) or possibly have unspecified
     other impact via a failed SIOCGIFADDR ioctl call for an IPX interface
     (bnc#1038879).
   - CVE-2017-8890: The inet_csk_clone_lock function in
     net/ipv4/inet_connection_sock.c in the Linux kernel allowed attackers to
     cause a denial of service (double free) or possibly have unspecified
     other impact by leveraging use of the accept system call (bnc#1038544).
   - CVE-2017-9150: The do_check function in kernel/bpf/verifier.c in the
     Linux kernel did not make the allow_ptr_leaks value available for
     restricting the output of the print_bpf_insn function, which allowed
     local users to obtain sensitive address information via crafted bpf
     system calls (bnc#1040279).
   - CVE-2017-7618: crypto/ahash.c in the Linux kernel allowed attackers to
     cause a denial of service (API operation calling its own callback, and
     infinite recursion) by triggering EBUSY on a full queue (bnc#1033340).
   - CVE-2017-7616: Incorrect error handling in the set_mempolicy and mbind
     compat syscalls in mm/mempolicy.c in the Linux kernel allowed local
     users to obtain sensitive information from uninitialized stack data by
     triggering failure of a certain bitmap operation (bnc#1033336).

   The following non-security bugs were fixed:

   - 9p: fix a potential acl leak (4.4.68 stable queue).
   - acpi / APEI: Add missing synchronize_rcu() on NOTIFY_SCI removal
     (bsc#1031717).
   - acpi / scan: Drop support for force_remove (bnc#1029607).
   - ahci: disable correct irq for dummy ports (bsc#1040125).
   - alsa: hda - Fix deadlock of controller device lock at unbinding (4.4.68
     stable queue).
   - arm: 8452/3: PJ4: make coprocessor access sequences buildable in Thumb2
     mode (4.4.68 stable queue).
   - arm: OMAP5 / DRA7: Fix HYP mode boot for thumb2 build (4.4.68 stable
     queue).
   - ASoC: Intel: Skylake: Uninitialized variable in probe_codec()
     (bsc#1043231).
   - ASoC: rt5640: use msleep() for long delays (bsc#1031717).
   - ASoC: sti: Fix error handling if of_clk_get() fails (bsc#1031717).
   - bcache: fix calling ida_simple_remove() with incorrect minor
     (bsc#1038085).
   - block: copy NOMERGE flag from bio to request (bsc#1030070).
   - block: get rid of blk_integrity_revalidate() (4.4.68 stable queue).
   - bna: add missing per queue ethtool stat (bsc#966321).
   - bna: avoid writing uninitialized data into hw registers (bsc#966321).
   - bna: integer overflow bug in debugfs (bsc#966321).
   - bnxt_en: allocate enough space for ->ntp_fltr_bmap (bsc#1020412
     FATE#321671).
   - bonding: avoid defaulting hard_header_len to ETH_HLEN on slave removal
     (bsc#1042286).
   - bonding: do not use stale speed and duplex information (bsc#1042286).
   - bonding: prevent out of bound accesses (bsc#1042286).
   - bpf, arm64: fix jit branch offset related to ldimm64 (4.4.68 stable
     queue).
   - brcmfmac: add fallback for devices that do not report per-chain values
     (bsc#1043231).
   - brcmfmac: avoid writing channel out of allocated array (bsc#1043231).
   - brcmfmac: Ensure pointer correctly set if skb data location changes
     (4.4.68 stable queue).
   - brcmfmac: Make skb header writable before use (4.4.68 stable queue).
   - brcmfmac: restore stopping netdev queue when bus clogs up (bsc#1031717).
   - btrfs: add a flags field to btrfs_fs_info (bsc#1012452).
   - btrfs: add ASSERT for block group's memory leak (bsc#1012452).
   - btrfs: add btrfs_trans_handle->fs_info pointer (bsc#1012452).
   - btrfs: add bytes_readonly to the spaceinfo at once (bsc#1012452).
   - btrfs: add check to sysfs handler of label (bsc#1012452).
   - btrfs: add dynamic debug support (bsc#1012452).
   - btrfs: add error handling for extent buffer in print tree (bsc#1012452).
   - btrfs: add missing bytes_readonly attribute file in sysfs (bsc#1012452).
   - btrfs: add missing check for writeback errors on fsync (bsc#1012452).
   - btrfs: add more validation checks for superblock (bsc#1012452).
   - btrfs: Add ratelimit to btrfs printing (bsc#1012452).
   - btrfs: add read-only check to sysfs handler of features (bsc#1012452).
   - btrfs: add semaphore to synchronize direct IO writes with fsync
     (bsc#1012452).
   - btrfs: add tracepoint for adding block groups (bsc#1012452).
   - btrfs: add tracepoints for flush events (bsc#1012452).
   - btrfs: add transaction space reservation tracepoints (bsc#1012452).
   - btrfs: add validadtion checks for chunk loading (bsc#1012452).
   - btrfs: add write protection to SET_FEATURES ioctl (bsc#1012452).
   - btrfs: allow balancing to dup with multi-device (bsc#1012452).
   - btrfs: always reserve metadata for delalloc extents (bsc#1012452).
   - btrfs: always use trans->block_rsv for orphans (bsc#1012452).
   - btrfs: avoid blocking open_ctree from cleaner_kthread (bsc#1012452).
   - btrfs: avoid deadlocks during reservations in btrfs_truncate_block
     (bsc#1012452).
   - btrfs: avoid overflowing f_bfree (bsc#1012452).
   - btrfs: avoid uninitialized variable warning (bsc#1012452).
   - btrfs: btrfs_abort_transaction, drop root parameter (bsc#1012452).
   - btrfs: __btrfs_buffered_write: Pass valid file offset when releasing
     delalloc space (bsc#1012452).
   - btrfs: __btrfs_buffered_write: Reserve/release extents aligned to block
     size (bsc#1012452).
   - btrfs: btrfs_check_super_valid: Allow 4096 as stripesize (bsc#1012452).
   - btrfs: btrfs_debug should consume fs_info when DEBUG is not defined
     (bsc#1012452).
   - btrfs: btrfs_ioctl_clone: Truncate complete page after performing clone
     operation (bsc#1012452).
   - btrfs: btrfs_page_mkwrite: Reserve space in sectorsized units
     (bsc#1012452).
   - btrfs: btrfs_relocate_chunk pass extent_root to btrfs_end_transaction
     (bsc#1012452).
   - btrfs: btrfs_submit_direct_hook: Handle map_length < bio vector length
     (bsc#1012452).
   - btrfs: build fixup for qgroup_account_snapshot (bsc#1012452).
   - btrfs: change BUG_ON()'s to ASSERT()'s in backref_cache_cleanup()
     (bsc#1012452).
   - btrfs: change delayed reservation fallback behavior (bsc#1012452).
   - btrfs: change how we calculate the global block rsv (bsc#1012452).
   - btrfs: change how we update the global block rsv (bsc#1012452).
   - btrfs: check btree node's nritems (bsc#1012452).
   - btrfs: check if extent buffer is aligned to sectorsize (bsc#1012452).
   - btrfs: check inconsistence between chunk and block group (bsc#1012452).
   - btrfs: check reserved when deciding to background flush (bsc#1012452).
   - btrfs: clarify do_chunk_alloc()'s return value (bsc#1012452).
   - btrfs: Clean pte corresponding to page straddling i_size (bsc#1012452).
   - btrfs: clean the old superblocks before freeing the device (bsc#1012452).
   - btrfs: clean up and optimize __check_raid_min_device() (bsc#1012452).
   - btrfs: cleanup assigning next active device with a check (bsc#1012452).
   - btrfs: cleanup BUG_ON in merge_bio (bsc#1012452).
   - btrfs: Cleanup compress_file_range() (bsc#1012452).
   - btrfs: cleanup error handling in extent_write_cached_pages (bsc#1012452).
   - btrfs: clear uptodate flags of pages in sys_array eb (bsc#1012452).
   - btrfs: clone: use vmalloc only as fallback for nodesize bufer
     (bsc#1012452).
   - btrfs: Compute and look up csums based on sectorsized blocks
     (bsc#1012452).
   - btrfs: convert nodesize macros to static inlines (bsc#1012452).
   - btrfs: convert printk(KERN_* to use pr_* calls (bsc#1012452).
   - btrfs: convert pr_* to btrfs_* where possible (bsc#1012452).
   - btrfs: convert send's verbose_printk to btrfs_debug (bsc#1012452).
   - btrfs: copy_to_sk drop unused root parameter (bsc#1012452).
   - btrfs: create a helper function to read the disk super (bsc#1012452).
   - btrfs: create example debugfs file only in debugging build (bsc#1012452).
   - btrfs: create helper btrfs_find_device_by_user_input() (bsc#1012452).
   - btrfs: create helper function __check_raid_min_devices() (bsc#1012452).
   - btrfs: csum_tree_block: return proper errno value (bsc#1012452).
   - btrfs: detect corruption when non-root leaf has zero item (bsc#1012452).
   - btrfs: device add and remove: use GFP_KERNEL (bsc#1012452).
   - btrfs: Direct I/O read: Work on sectorsized blocks (bsc#1012452).
   - btrfs: disable possible cause of premature ENOSPC (bsc#1040182)
   - btrfs: divide btrfs_update_reserved_bytes() into two functions
     (bsc#1012452).
   - btrfs: do not background blkdev_put() (bsc#1012452).
   - btrfs: do not bother kicking async if there's nothing to reclaim
     (bsc#1012452).
   - btrfs: do not BUG_ON() in btrfs_orphan_add (bsc#1012452).
   - btrfs: do not create empty block group if we have allocated data
     (bsc#1012452).
   - btrfs: do not decrease bytes_may_use when replaying extents
     (bsc#1012452).
   - btrfs: do not do nocow check unless we have to (bsc#1012452).
   - btrfs: do not do unnecessary delalloc flushes when relocating
     (bsc#1012452).
   - btrfs: do not force mounts to wait for cleaner_kthread to delete one or
     more subvolumes (bsc#1012452).
   - btrfs: do not wait for unrelated IO to finish before relocation
     (bsc#1012452).
   - btrfs: do not WARN() in btrfs_transaction_abort() for IO errors
     (bsc#1035866).
   - btrfs: do not write corrupted metadata blocks to disk (bsc#1012452).
   - btrfs: end transaction if we abort when creating uuid root (bsc#1012452).
   - btrfs: enhance btrfs_find_device_by_user_input() to check device path
     (bsc#1012452).
   - btrfs: error out if generic_bin_search get invalid arguments
     (bsc#1012452).
   - btrfs: expand cow_file_range() to support in-band dedup and
     subpage-blocksize (bsc#1012452).
   - btrfs: extend btrfs_set_extent_delalloc and its friends to support
     in-band dedupe and subpage size patchset (bsc#1012452).
   - btrfs: extent same: use GFP_KERNEL for page array allocations
     (bsc#1012452).
   - btrfs: fallback to vmalloc in btrfs_compare_tree (bsc#1012452).
   - btrfs: fallocate: use GFP_KERNEL (bsc#1012452).
   - btrfs: fallocate: Work with sectorsized blocks (bsc#1012452).
   - btrfs: fill relocation block rsv after allocation (bsc#1012452).
   - btrfs: fix an integer overflow check (bsc#1012452).
   - btrfs: fix a possible umount deadlock (bsc#1012452).
   - btrfs: Fix block size returned to user space (bsc#1012452).
   - btrfs: fix btrfs_no_printk stub helper (bsc#1012452).
   - btrfs: Fix BUG_ON condition in scrub_setup_recheck_block() (bsc#1012452).
   - btrfs: fix BUG_ON in btrfs_mark_buffer_dirty (bsc#1012452).
   - btrfs: fix BUG_ON in btrfs_submit_compressed_write (bsc#1012452).
   - btrfs: fix build warning (bsc#1012452).
   - btrfs: fix callers of btrfs_block_rsv_migrate (bsc#1012452).
   - btrfs: fix check_direct_IO() for non-iovec iterators (bsc#1012452).
   - btrfs: fix check_shared for fiemap ioctl (bsc#1037177).
   - btrfs: fix crash when tracepoint arguments are freed by wq callbacks
     (bsc#1012452).
   - btrfs: fix data loss after truncate when using the no-holes feature
     (bsc#1036214).
   - btrfs: fix deadlock in delayed_ref_async_start (bsc#1012452).
   - btrfs: fix delalloc accounting after copy_from_user faults (bsc#1012452).
   - btrfs: fix delalloc reservation amount tracepoint (bsc#1012452).
   - btrfs: fix disk_i_size update bug when fallocate() fails (bsc#1012452).
   - btrfs: fix divide error upon chunk's stripe_len (bsc#1012452).
   - btrfs: fix double free of fs root (bsc#1012452).
   - btrfs: fix eb memory leak due to readpage failure (bsc#1012452).
   - btrfs: fix em leak in find_first_block_group (bsc#1012452).
   - btrfs: fix emptiness check for dirtied extent buffers at check_leaf()
     (bsc#1012452).
   - btrfs: fix error handling in map_private_extent_buffer (bsc#1012452).
   - btrfs: fix error return code in btrfs_init_test_fs() (bsc#1012452).
   - btrfs: fix extent_same allowing destination offset beyond i_size
     (bsc#1012452).
   - btrfs: fix free space calculation in dump_space_info() (bsc#1012452).
   - btrfs: fix fsfreeze hang caused by delayed iputs deal (bsc#1012452).
   - btrfs: fix fspath error deallocation (bsc#1012452).
   - btrfs: fix handling of faults from btrfs_copy_from_user (bsc#1012452).
   - btrfs: fix int32 overflow in shrink_delalloc() (bsc#1012452).
   - btrfs: Fix integer overflow when calculating bytes_per_bitmap
     (bsc#1012452).
   - btrfs: fix invalid dereference in btrfs_retry_endio (bsc#1040395).
   - btrfs: fix invalid reference in replace_path (bsc#1012452).
   - btrfs: fix listxattrs not listing all xattrs packed in the same item
     (bsc#1012452).
   - btrfs: fix lockdep deadlock warning due to dev_replace (bsc#1012452).
   - btrfs: fix lock dep warning, move scratch dev out of device_list_mutex
     and uuid_mutex (bsc#1012452).
   - btrfs: fix lock dep warning move scratch super outside of chunk_mutex
     (bsc#1012452).
   - btrfs: fix __MAX_CSUM_ITEMS (bsc#1012452).
   - btrfs: fix memory leak during RAID 5/6 device replacement (bsc#1012452).
   - btrfs: fix memory leak of block group cache (bsc#1012452).
   - btrfs: fix memory leak of reloc_root (bsc#1012452).
   - btrfs: fix mixed block count of available space (bsc#1012452).
   - btrfs: fix one bug that process may endlessly wait for ticket in
     wait_reserve_ticket() (bsc#1012452).
   - btrfs: fix panic in balance due to EIO (bsc#1012452).
   - btrfs: fix race between block group relocation and nocow writes
     (bsc#1012452).
   - btrfs: fix race between device replace and block group removal
     (bsc#1012452).
   - btrfs: fix race between device replace and chunk allocation
     (bsc#1012452).
   - btrfs: fix race between device replace and discard (bsc#1012452).
   - btrfs: fix race between device replace and read repair (bsc#1012452).
   - btrfs: fix race between fsync and direct IO writes for prealloc extents
     (bsc#1012452).
   - btrfs: fix race between readahead and device replace/removal
     (bsc#1012452).
   - btrfs: fix race setting block group back to RW mode during device
     replace (bsc#1012452).
   - btrfs: fix race setting block group readonly during device replace
     (bsc#1012452).
   - btrfs: fix read_node_slot to return errors (bsc#1012452).
   - btrfs: fix release reserved extents trace points (bsc#1012452).
   - btrfs: fix segmentation fault when doing dio read (bsc#1040425).
   - btrfs: Fix slab accounting flags (bsc#1012452).
   - btrfs: fix truncate_space_check (bsc#1012452).
   - btrfs: fix unexpected return value of fiemap (bsc#1012452).
   - btrfs: fix unprotected assignment of the left cursor for device replace
     (bsc#1012452).
   - btrfs: fix WARNING in btrfs_select_ref_head() (bsc#1012452).
   - btrfs: flush_space: treat return value of do_chunk_alloc properly
     (bsc#1012452).
   - btrfs: Force stripesize to the value of sectorsize (bsc#1012452).
   - btrfs: free sys_array eb as soon as possible (bsc#1012452).
   - btrfs: GFP_NOFS does not GFP_HIGHMEM (bsc#1012452).
   - btrfs: Handle uninitialised inode eviction (bsc#1012452).
   - btrfs: hide test-only member under ifdef (bsc#1012452).
   - btrfs: improve check_node to avoid reading corrupted nodes (bsc#1012452).
   - btrfs: Improve FL_KEEP_SIZE handling in fallocate (bsc#1012452).
   - btrfs: introduce BTRFS_MAX_ITEM_SIZE (bsc#1012452).
   - btrfs: introduce device delete by devid (bsc#1012452).
   - btrfs: introduce raid-type to error-code table, for minimum device
     constraint (bsc#1012452).
   - btrfs: introduce ticketed enospc infrastructure (bsc#1012452).
   - btrfs: introduce tickets_id to determine whether asynchronous metadata
     reclaim work makes progress (bsc#1012452).
   - btrfs: ioctl: reorder exclusive op check in RM_DEV (bsc#1012452).
   - btrfs: kill BUG_ON in do_relocation (bsc#1012452).
   - btrfs: kill BUG_ON in run_delayed_tree_ref (bsc#1012452).
   - btrfs: kill BUG_ON()'s in btrfs_mark_extent_written (bsc#1012452).
   - btrfs: kill invalid ASSERT() in process_all_refs() (bsc#1012452).
   - btrfs: kill the start argument to read_extent_buffer_pages (bsc#1012452).
   - btrfs: kill unused writepage_io_hook callback (bsc#1012452).
   - btrfs: let callers of btrfs_alloc_root pass gfp flags (bsc#1012452).
   - btrfs: Limit inline extents to root->sectorsize (bsc#1012452).
   - btrfs: make find_workspace always succeed (bsc#1012452).
   - btrfs: make find_workspace warn if there are no workspaces (bsc#1012452).
   - btrfs: make mapping->writeback_index point to the last written page
     (bsc#1012452).
   - btrfs: make state preallocation more speculative in __set_extent_bit
     (bsc#1012452).
   - btrfs: make sure device is synced before return (bsc#1012452).
   - btrfs: make sure we stay inside the bvec during __btrfs_lookup_bio_sums
     (bsc#1012452).
   - btrfs: make use of btrfs_find_device_by_user_input() (bsc#1012452).
   - btrfs: make use of btrfs_scratch_superblocks() in btrfs_rm_device()
     (bsc#1012452).
   - btrfs: Manually implement device_total_bytes getter/setter (bsc#1043912).
   - btrfs: memset to avoid stale content in btree leaf (bsc#1012452).
   - btrfs: memset to avoid stale content in btree node block (bsc#1012452).
   - btrfs: move error handling code together in ctree.h (bsc#1012452).
   - btrfs: optimize check for stale device (bsc#1012452).
   - btrfs: Output more info for enospc_debug mount option (bsc#1012452).
   - btrfs: parent_start initialization cleanup (bsc#1012452).
   - btrfs: pass correct args to btrfs_async_run_delayed_refs() (bsc#1012452).
   - btrfs: pass number of devices to btrfs_check_raid_min_devices
     (bsc#1012452).
   - btrfs: pass the right error code to the btrfs_std_error (bsc#1012452).
   - btrfs: preallocate compression workspaces (bsc#1012452).
   - btrfs: Print Warning only if ENOSPC_DEBUG is enabled (bsc#1012452).
   - btrfs: Ratelimit "no csum found" info message (bsc#1012452).
   - btrfs: reada: add all reachable mirrors into reada device list
     (bsc#1012452).
   - btrfs: reada: Add missed segment checking in reada_find_zone
     (bsc#1012452).
   - btrfs: reada: Avoid many times of empty loop (bsc#1012452).
   - btrfs: reada: avoid undone reada extents in btrfs_reada_wait
     (bsc#1012452).
   - btrfs: reada: bypass adding extent when all zone failed (bsc#1012452).
   - btrfs: reada: Fix a debug code typo (bsc#1012452).
   - btrfs: reada: Fix in-segment calculation for reada (bsc#1012452).
   - btrfs: reada: ignore creating reada_extent for a non-existent device
     (bsc#1012452).
   - btrfs: reada: Jump into cleanup in direct way for __readahead_hook()
     (bsc#1012452).
   - btrfs: reada: limit max works count (bsc#1012452).
   - btrfs: reada: Move is_need_to_readahead contition earlier (bsc#1012452).
   - btrfs: reada: move reada_extent_put to place after __readahead_hook()
     (bsc#1012452).
   - btrfs: reada: Pass reada_extent into __readahead_hook directly
     (bsc#1012452).
   - btrfs: reada: reduce additional fs_info->reada_lock in reada_find_zone
     (bsc#1012452).
   - btrfs: reada: Remove level argument in severial functions (bsc#1012452).
   - btrfs: reada: simplify dev->reada_in_flight processing (bsc#1012452).
   - btrfs: reada: Use fs_info instead of root in __readahead_hook's argument
     (bsc#1012452).
   - btrfs: reada: use GFP_KERNEL everywhere (bsc#1012452).
   - btrfs: readdir: use GFP_KERNEL (bsc#1012452).
   - btrfs: refactor btrfs_dev_replace_start for reuse (bsc#1012452).
   - btrfs: Refactor btrfs_lock_cluster() to kill compiler warning
     (bsc#1012452).
   - btrfs: remove BUG() in raid56 (bsc#1012452).
   - btrfs: remove BUG_ON in start_transaction (bsc#1012452).
   - btrfs: remove BUG_ON()'s in btrfs_map_block (bsc#1012452).
   - btrfs: remove build fixup for qgroup_account_snapshot (bsc#1012452).
   - btrfs: remove redundant error check (bsc#1012452).
   - btrfs: remove save_error_info() (bsc#1012452).
   - btrfs: remove unnecessary btrfs_mark_buffer_dirty in split_leaf
     (bsc#1012452).
   - btrfs: remove unused function btrfs_assert() (bsc#1012452).
   - btrfs: rename and document compression workspace members (bsc#1012452).
   - btrfs: rename btrfs_find_device_by_user_input (bsc#1012452).
   - btrfs: rename btrfs_std_error to btrfs_handle_fs_error (bsc#1012452).
   - btrfs: rename __check_raid_min_devices (bsc#1012452).
   - btrfs: rename flags for vol args v2 (bsc#1012452).
   - btrfs: reorg btrfs_close_one_device() (bsc#1012452).
   - btrfs: Replace -ENOENT by -ERANGE in btrfs_get_acl() (bsc#1012452).
   - btrfs: Reset IO error counters before start of device replacing
     (bsc#1012452).
   - btrfs: reuse existing variable in scrub_stripe, reduce stack usage
     (bsc#1012452).
   - btrfs: Round down values which are written for total_bytes_size
     (bsc#1043912).
   - btrfs: s_bdev is not null after missing replace (bsc#1012452).
   - btrfs: scrub: Set bbio to NULL before calling btrfs_map_block
     (bsc#1012452).
   - btrfs: scrub: use GFP_KERNEL on the submission path (bsc#1012452).
   - btrfs: Search for all ordered extents that could span across a page
     (bsc#1012452).
   - btrfs: send: silence an integer overflow warning (bsc#1012452).
   - btrfs: send: use GFP_KERNEL everywhere (bsc#1012452).
   - btrfs: send: use temporary variable to store allocation size
     (bsc#1012452).
   - btrfs: send: use vmalloc only as fallback for clone_roots (bsc#1012452).
   - btrfs: send: use vmalloc only as fallback for clone_sources_tmp
     (bsc#1012452).
   - btrfs: send: use vmalloc only as fallback for read_buf (bsc#1012452).
   - btrfs: send: use vmalloc only as fallback for send_buf (bsc#1012452).
   - btrfs: Simplify conditions about compress while mapping btrfs flags to
     inode flags (bsc#1012452).
   - btrfs: sink gfp parameter to clear_extent_bits (bsc#1012452).
   - btrfs: sink gfp parameter to clear_extent_dirty (bsc#1012452).
   - btrfs: sink gfp parameter to clear_record_extent_bits (bsc#1012452).
   - btrfs: sink gfp parameter to convert_extent_bit (bsc#1012452).
   - btrfs: sink gfp parameter to set_extent_bits (bsc#1012452).
   - btrfs: sink gfp parameter to set_extent_defrag (bsc#1012452).
   - btrfs: sink gfp parameter to set_extent_delalloc (bsc#1012452).
   - btrfs: sink gfp parameter to set_extent_new (bsc#1012452).
   - btrfs: sink gfp parameter to set_record_extent_bits (bsc#1012452).
   - btrfs: skip commit transaction if we do not have enough pinned bytes
     (bsc#1037186).
   - btrfs: subpage-blocksize: Rate limit scrub error message (bsc#1012452).
   - btrfs: switch to common message helpers in open_ctree, adjust messages
     (bsc#1012452).
   - btrfs: switch to kcalloc in btrfs_cmp_data_prepare (bsc#1012452).
   - btrfs: sysfs: protect reading label by lock (bsc#1012452).
   - btrfs: trace pinned extents (bsc#1012452).
   - btrfs: track transid for delayed ref flushing (bsc#1012452).
   - btrfs: uapi/linux/btrfs.h migration, document subvol flags (bsc#1012452).
   - btrfs: uapi/linux/btrfs.h migration, move balance flags (bsc#1012452).
   - btrfs: uapi/linux/btrfs.h migration, move BTRFS_LABEL_SIZE (bsc#1012452).
   - btrfs: uapi/linux/btrfs.h migration, move feature flags (bsc#1012452).
   - btrfs: uapi/linux/btrfs.h migration, move struct
     btrfs_ioctl_defrag_range_args (bsc#1012452).
   - btrfs: uapi/linux/btrfs.h migration, qgroup limit flags (bsc#1012452).
   - btrfs: uapi/linux/btrfs_tree.h migration, item types and defines
     (bsc#1012452).
   - btrfs: uapi/linux/btrfs_tree.h, use __u8 and __u64 (bsc#1012452).
   - btrfs: unsplit printed strings (bsc#1012452).
   - btrfs: untangle gotos a bit in __clear_extent_bit (bsc#1012452).
   - btrfs: untangle gotos a bit in convert_extent_bit (bsc#1012452).
   - btrfs: untangle gotos a bit in __set_extent_bit (bsc#1012452).
   - btrfs: update btrfs_space_info's bytes_may_use timely (bsc#1012452).
   - btrfs: Use correct format specifier (bsc#1012452).
   - btrfs: use correct offset for reloc_inode in
     prealloc_file_extent_cluster() (bsc#1012452).
   - btrfs: use dynamic allocation for root item in create_subvol
     (bsc#1012452).
   - btrfs: Use (eb->start, seq) as search key for tree modification log
     (bsc#1012452).
   - btrfs: use existing device constraints table btrfs_raid_array
     (bsc#1012452).
   - btrfs: use FLUSH_LIMIT for relocation in reserve_metadata_bytes
     (bsc#1012452).
   - btrfs: use fs_info directly (bsc#1012452).
   - btrfs: use new error message helper in qgroup_account_snapshot
     (bsc#1012452).
   - btrfs: use proper type for failrec in extent_state (bsc#1012452).
   - btrfs: use root when checking need_async_flush (bsc#1012452).
   - btrfs: use the correct struct for BTRFS_IOC_LOGICAL_INO (bsc#1012452).
   - btrfs: Use __u64 in exported linux/btrfs.h (bsc#1012452).
   - btrfs: warn_on for unaccounted spaces (bsc#1012452).
   - ceph: check i_nlink while converting a file handle to dentry
     (bsc#1039864).
   - ceph: Check that the new inode size is within limits in ceph_fallocate()
     (bsc#1037969).
   - ceph: Correctly return NXIO errors from ceph_llseek (git-fixes).
   - ceph: fix file open flags on ppc64 (bsc#1022266).
   - ceph: fix memory leak in __ceph_setxattr() (bsc#1036763).
   - ceph: fix potential use-after-free (bsc#1043371).
   - ceph: fix recursively call between ceph_set_acl and __ceph_setattr
     (bsc#1034902).
   - ceph: memory leak in ceph_direct_read_write callback (bsc#1041810).
   - cfq-iosched: fix the delay of cfq_group's vdisktime under iops mode
     (bsc#1012829).
   - cgroup: remove redundant cleanup in css_create (bsc#1012829).
   - cifs: backport prepath matching fix (bsc#799133).
   - cifs: small underflow in cnvrtDosUnixTm() (bnc#1043935).
   - clk: Make x86/ conditional on CONFIG_COMMON_CLK (4.4.68 stable queue).
   - cpupower: Fix turbo frequency reporting for pre-Sandy Bridge cores
     (4.4.68 stable queue).
   - crypto: algif_aead - Require setkey before accept(2) (bsc#1031717).
   - crypto: sha-mb - Fix load failure (bsc#1037384).
   - cxgb4: Add control net_device for configuring PCIe VF (bsc#1021424).
   - cxgb4: Add llseek operation for flash debugfs entry (bsc#1021424).
   - cxgb4: add new routine to get adapter info (bsc#1021424).
   - cxgb4: Add PCI device ID for new adapter (bsc#1021424).
   - cxgb4: Add port description for new cards (bsc#1021424).
   - cxgb4: Add support to enable logging of firmware mailbox commands
     (bsc#1021424).
   - cxgb4: Check for firmware errors in the mailbox command loop
     (bsc#1021424).
   - cxgb4: correct device ID of T6 adapter (bsc#1021424).
   - cxgb4/cxgb4vf: Add set VF mac address support (bsc#1021424).
   - cxgb4/cxgb4vf: Allocate more queues for 25G and 100G adapter
     (bsc#1021424).
   - cxgb4/cxgb4vf: Assign netdev->dev_port with port ID (bsc#1021424).
   - cxgb4/cxgb4vf: Display 25G and 100G link speed (bsc#1021424).
   - cxgb4/cxgb4vf: Remove deprecated module parameters (bsc#1021424).
   - cxgb4: DCB message handler needs to use correct portid to netdev mapping
     (bsc#1021424).
   - cxgb4: Decode link down reason code obtained from firmware (bsc#1021424).
   - cxgb4: Do not assume FW_PORT_CMD reply is always port info msg
     (bsc#1021424).
   - cxgb4: do not call napi_hash_del() (bsc#1021424).
   - cxgb4: Do not sleep when mbox cmd is issued from interrupt context
     (bsc#1021424).
   - cxgb4: Enable SR-IOV configuration via PCI sysfs interface (bsc#1021424).
   - cxgb4: Fix issue while re-registering VF mgmt netdev (bsc#1021424).
   - cxgb4: MU requested by Chelsio (bsc#1021424).
   - cxgb4: Properly decode port module type (bsc#1021424).
   - cxgb4: Refactor t4_port_init function (bsc#1021424).
   - cxgb4: Reset dcb state machine and tx queue prio only if dcb is enabled
     (bsc#1021424).
   - cxgb4: Support compressed error vector for T6 (bsc#1021424).
   - cxgb4: Synchronize access to mailbox (bsc#1021424).
   - cxgb4: update latest firmware version supported (bsc#1021424).
   - dell-laptop: Adds support for keyboard backlight timeout AC settings
     (bsc#1013561).
   - Disable CONFIG_POWER_SUPPLY_DEBUG in debug kernel (bsc#1031500).
   - dmaengine: dw: fix typo in Kconfig (bsc#1031717).
   - dm: fix dm_target_io leak if clone_bio() returns an error (bsc#1040125).
   - dm-mpath: fix race window in do_end_io() (bsc#1011044).
   - dm: remove dummy dm_table definition (bsc#1045307)
   - dm round robin: do not use this_cpu_ptr() without having preemption
     disabled (bsc#1040125).
   - dm verity fec: fix block calculation (bsc#1040125).
   - dm verity fec: fix bufio leaks (bsc#1040125).
   - dm verity fec: limit error correction recursion (bsc#1040125).
   - drivers: base: dma-mapping: Fix typo in dmam_alloc_non_coherent comments
     (bsc#1031717).
   - Drivers: hv: vmbus: Raise retry/wait limits in vmbus_post_msg()
     (fate#320485, bsc#1023287, bsc#1028217).
   - drivers/tty: 8250: only call fintek_8250_probe when doing port I/O
     (bsc#1031717).
   - drm/i915: Disable tv output on i9x5gm (bsc#1039700).
   - drm/i915: Do not touch NULL sg on i915_gem_object_get_pages_gtt() error
     (bsc#1031717).
   - drm/i915: Fix mismatched INIT power domain disabling during suspend
     (bsc#1031717).
   - drm/i915: Introduce Kabypoint PCH for Kabylake H/DT (bsc#1032581).
   - drm/i915: Nuke debug messages from the pipe update critical section
     (bsc#1031717).
   - drm/i915: Program iboost settings for HDMI/DVI on SKL (bsc#1031717).
   - drm/i915: relax uncritical udelay_range() (bsc#1031717).
   - drm/i915: relax uncritical udelay_range() settings (bsc#1031717).
   - drm/i915: Use pagecache write to prepopulate shmemfs from pwrite-ioctl
     (bsc#1040463).
   - drm/mgag200: Fix to always set HiPri for G200e4 (bsc#1015452,
     bsc#995542).
   - drm/nouveau/tmr: fully separate alarm execution/pending lists
     (bsc#1043467).
   - drm/ttm: fix use-after-free races in vm fault handling (4.4.68 stable
     queue).
   - e1000e: Do not return uninitialized stats (bug#1034635).
   - efi: Do not issue error message when booted under Xen (bnc#1036638).
   - enic: set skb->hash type properly (bsc#922871 fate#318754).
   - ext4: fix data corruption for mmap writes (bsc#1012829).
   - ext4: fix data corruption with EXT4_GET_BLOCKS_ZERO (bsc#1012829).
   - ext4: fix use-after-iput when fscrypt contexts are inconsistent
     (bsc#1012829).
   - f2fs: fix bad prefetchw of NULL page (bsc#1012829).
   - f2fs: sanity check segment count (4.4.68 stable queue).
   - Fix kabi after adding new field to struct mddev (bsc#1040351).
   - Fix soft lockup in svc_rdma_send (bsc#1044854).
   - fnic: Return 'DID_IMM_RETRY' if rport is not ready (bsc#1035920).
   - fs/block_dev: always invalidate cleancache in invalidate_bdev()
     (git-fixes).
   - fs: fix data invalidation in the cleancache during direct IO (git-fixes).
   - fs/xattr.c: zero out memory copied to userspace in getxattr (git-fixes).
   - ftrace: Make ftrace_location_range() global (FATE#322421).
   - fuse: fix clearing suid, sgid for chown() (bsc#1012829).
   - hpsa: limit transfer length to 1MB (bsc#1025461).
   - hwpoison, memcg: forcibly uncharge LRU pages (bnc#1046105).
   - ib/addr: Fix setting source address in addr6_resolve() (bsc#1044082).
   - ib/core: Fix kernel crash during fail to initialize device (bsc#1022595).
   - ib/core: For multicast functions, verify that LIDs are multicast LIDs
     (bsc#1022595).
   - ib/core: If the MGID/MLID pair is not on the list return an error
     (bsc#1022595).
   - ib/ipoib: Fix deadlock between ipoib_stop and mcast join flow
     (bsc#1022595).
   - ib/ipoib: Fix memory leak in create child syscall (bsc#1022595).
   - ib/mlx5: Assign DSCP for R-RoCE QPs Address Path (bsc#966170 bsc#966172
     bsc#966191).
   - ib/mlx5: Check supported flow table size (bsc#966170 bsc#966172
     bsc#966191).
   - ib/mlx5: Enlarge autogroup flow table (bsc#966170 bsc#966172 bsc#966191).
   - ib/mlx5: Fix kernel to user leak prevention logic (bsc#966170 bsc#966172
     bsc#966191).
   - ibmvnic: Activate disabled RX buffer pools on reset (bsc#1044767).
   - ibmvnic: Add set_link_state routine for setting adapter link state
     (fate#322021, bsc#1031512).
   - ibmvnic: Allocate number of rx/tx buffers agreed on by firmware
     (fate#322021, bsc#1031512).
   - ibmvnic: Allocate zero-filled memory for sub crqs (fate#322021,
     bsc#1031512).
   - ibmvnic: Call napi_disable instead of napi_enable in failure path
     (fate#322021, bsc#1031512).
   - ibmvnic: Check adapter state during ibmvnic_poll (fate#322021,
     bsc#1040855).
   - ibmvnic: Check for driver reset first in ibmvnic_xmit (fate#322021,
     bsc#1038297).
   - ibmvnic: Cleanup failure path in ibmvnic_open (fate#322021, bsc#1031512).
   - ibmvnic: Clean up tx pools when closing (fate#322021, bsc#1038297).
   - ibmvnic: Client-initiated failover (bsc#1043990).
   - ibmvnic: Continue skb processing after skb completion error
     (fate#322021, bsc#1038297).
   - ibmvnic: Correct crq and resource releasing (fate#322021, bsc#1031512).
   - ibmvnic: Correct ibmvnic handling of device open/close (fate#322021,
     bsc#1031512).
   - ibmvnic: Correct return code checking for ibmvnic_init during probe
     (bsc#1045286).
   - ibmvnic: Create init and release routines for the bounce buffer
     (fate#322021, bsc#1031512).
   - ibmvnic: Create init and release routines for the rx pool (fate#322021,
     bsc#1031512).
   - ibmvnic: Create init and release routines for the tx pool (fate#322021,
     bsc#1031512).
   - ibmvnic: Create init/release routines for stats token (fate#322021,
     bsc#1031512).
   - ibmvnic: Deactivate RX pool buffer replenishment on H_CLOSED
     (fate#322021, bsc#1040855).
   - ibmvnic: Delete napi's when releasing driver resources (fate#322021,
     bsc#1038297).
   - ibmvnic: Disable irq prior to close (fate#322021, bsc#1031512).
   - ibmvnic: Do not disable IRQ after scheduling tasklet (fate#322021,
     bsc#1031512).
   - ibmvnic: driver initialization for kdump/kexec (bsc#1044772).
   - ibmvnic: Ensure that TX queues are disabled in __ibmvnic_close
     (bsc#1044767).
   - ibmvnic: Exit polling routine correctly during adapter reset
     (bsc#1044767).
   - ibmvnic: Fix assignment of RX/TX IRQ's (bsc#1046589).
   - ibmvnic: Fix cleanup of SKB's on driver close (fate#322021, bsc#1040855).
   - ibmvnic: Fix endian errors in error reporting output (fate#322021,
     bsc#1031512).
   - ibmvnic: Fix endian error when requesting device capabilities
     (fate#322021, bsc#1031512).
   - ibmvnic: Fix error handling when registering long-term-mapped  buffers
     (bsc#1045568).
   - ibmvnic: Fix ibmvnic_change_mac_addr struct format (fate#322021,
     bsc#1031512).
   - ibmvnic: Fix incorrectly defined ibmvnic_request_map_rsp structure
     (bsc#1045568).
   - ibmvnic: Fix initial MTU settings (bsc#1031512).
   - ibmvnic: fix missing unlock on error in __ibmvnic_reset() (fate#322021,
     bsc#1038297, Fixes: ed651a10875f).
   - ibmvnic: Fix overflowing firmware/hardware TX queue (fate#322021,
     bsc#1031512).
   - ibmvnic: Fixup atomic API usage (fate#322021, bsc#1031512).
   - ibmvnic: Free skb's in cases of failure in transmit (fate#322021,
     bsc#1031512).
   - ibmvnic: Free tx/rx scrq pointer array when releasing sub-crqs
     (fate#322021, bsc#1031512).
   - ibmvnic: Halt TX and report carrier off on H_CLOSED return code
     (fate#322021, bsc#1040855).
   - ibmvnic: Handle failover after failed init crq (fate#322021,
     bsc#1040855).
   - ibmvnic: Handle processing of CRQ messages in a tasklet (fate#322021,
     bsc#1031512).
   - ibmvnic: Initialize completion variables before starting work
     (fate#322021, bsc#1031512).
   - ibmvnic: Insert header on VLAN tagged received frame (fate#322021,
     bsc#1031512).
   - ibmvnic: Make CRQ interrupt tasklet wait for all capabilities crqs
     (fate#322021, bsc#1031512).
   - ibmvnic: Merge the two release_sub_crq_queue routines (fate#322021,
     bsc#1031512).
   - ibmvnic: Move ibmvnic adapter intialization to its own routine
     (fate#322021, bsc#1031512).
   - ibmvnic: Move initialization of sub crqs to ibmvnic_init (fate#322021,
     bsc#1031512).
   - ibmvnic: Move initialization of the stats token to ibmvnic_open
     (fate#322021, bsc#1031512).
   - ibmvnic: Move login and queue negotiation into ibmvnic_open
     (fate#322021, bsc#1031512).
   - ibmvnic: Move login to its own routine (fate#322021, bsc#1031512).
   - ibmvnic: Move queue restarting in ibmvnic_tx_complete (fate#322021,
     bsc#1038297).
   - ibmvnic: Move resource initialization to its own routine (fate#322021,
     bsc#1038297).
   - ibmvnic: Non-fatal error handling (fate#322021, bsc#1040855).
   - ibmvnic: Only retrieve error info if present (fate#322021, bsc#1031512).
   - ibmvnic: Record SKB RX queue during poll (fate#322021, bsc#1038297).
   - ibmvnic: Remove debugfs support (fate#322021, bsc#1031512).
   - ibmvnic: Remove inflight list (fate#322021, bsc#1031512).
   - ibmvnic: Remove module author mailing address (bsc#1045467).
   - ibmvnic: Remove netdev notify for failover resets (bsc#1044120).
   - ibmvnic: Remove unused bouce buffer (fate#322021, bsc#1031512).
   - ibmvnic: Remove VNIC_CLOSING check from pending_scrq (bsc#1044767).
   - ibmvnic: Replace is_closed with state field (fate#322021, bsc#1038297).
   - ibmvnic: Report errors when failing to release sub-crqs (fate#322021,
     bsc#1031512).
   - ibmvnic: Reset sub-crqs during driver reset (fate#322021, bsc#1040855).
   - ibmvnic: Reset the CRQ queue during driver reset (fate#322021,
     bsc#1040855).
   - ibmvnic: Reset tx/rx pools on driver reset (fate#322021, bsc#1040855).
   - ibmvnic: Return failure on attempted mtu change (bsc#1043236).
   - ibmvnic: Return from ibmvnic_resume if not in VNIC_OPEN state
     (bsc#1045235).
   - ibmvnic: Sanitize entire SCRQ buffer on reset (bsc#1044767).
   - ibmvnic: Send gratuitous arp on reset (fate#322021, bsc#1040855).
   - ibmvnic: Set real number of rx queues (fate#322021, bsc#1031512).
   - ibmvnic: Split initialization of scrqs to its own routine (fate#322021,
     bsc#1031512).
   - ibmvnic: Track state of adapter napis (fate#322021, bsc#1040855).
   - ibmvnic: Unmap longer term buffer before free (fate#322021, bsc#1031512).
   - ibmvnic: Updated reset handling (fate#322021, bsc#1038297).
   - ibmvnic: Update main crq initialization and release (fate#322021,
     bsc#1031512).
   - ibmvnic: Use common counter for capabilities checks (fate#322021,
     bsc#1031512).
   - ibmvnic: use max_mtu instead of req_mtu for MTU range check
     (bsc#1031512).
   - ibmvnic: Validate napi exist before disabling them (fate#322021,
     bsc#1031512).
   - ibmvnic: Wait for any pending scrqs entries at driver close
     (fate#322021, bsc#1038297).
   - ibmvnic: Whitespace correction in release_rx_pools (fate#322021,
     bsc#1038297).
   - iio: hid-sensor: Store restore poll and hysteresis on S3 (bsc#1031717).
   - infiniband: avoid dereferencing uninitialized dst on error path
     (git-fixes).
   - iommu/arm-smmu: Disable stalling faults for all endpoints (bsc#1038843).
   - iommu/dma: Respect IOMMU aperture when allocating (bsc#1038842).
   - iommu/exynos: Block SYSMMU while invalidating FLPD cache (bsc#1038848).
   - iommu: Handle default domain attach failure (bsc#1038846).
   - iommu/vt-d: Do not over-free page table directories (bsc#1038847).
   - ipv4, ipv6: ensure raw socket message is big enough to hold an IP header
     (4.4.68 stable queue).
   - ipv6: Do not use ufo handling on later transformed packets (bsc#1042286).
   - ipv6: fix endianness error in icmpv6_err (bsc#1042286).
   - ipv6: initialize route null entry in addrconf_init() (4.4.68 stable
     queue).
   - ipv6: release dst on error in ip6_dst_lookup_tail (git-fixes).
   - ipv6: reorder ip6_route_dev_notifier after ipv6_dev_notf (4.4.68 stable
     queue).
   - isa: Call isa_bus_init before dependent ISA bus drivers register
     (bsc#1031717).
   - iscsi-target: Return error if unable to add network portal (bsc#1032803).
   - iw_cxgb4: Fix error return code in c4iw_rdev_open() (bsc#1026570).
   - iw_cxgb4: Guard against null cm_id in dump_ep/qp (bsc#1026570).
   - iwlwifi: 8000: fix MODULE_FIRMWARE input.
   - iwlwifi: 9000: increase the number of queues.
   - iwlwifi: add device ID for 8265.
   - iwlwifi: add device IDs for the 8265 device.
   - iwlwifi: add disable_11ac module param.
   - iwlwifi: add new 3168 series devices support.
   - iwlwifi: add new 8260 PCI IDs.
   - iwlwifi: add new 8265.
   - iwlwifi: add new 8265 series PCI ID.
   - iwlwifi: Add new PCI IDs for 9260 and 5165 series.
   - iwlwifi: Add PCI IDs for the new 3168 series.
   - iwlwifi: Add PCI IDs for the new series 8165.
   - iwlwifi: add support for 12K Receive Buffers.
   - iwlwifi: add support for getting HW address from CSR.
   - iwlwifi: avoid d0i3 commands when no/init ucode is loaded.
   - iwlwifi: bail out in case of bad trans state.
   - iwlwifi: block the queues when we send ADD_STA for uAPSD.
   - iwlwifi: change the Intel Wireless email address.
   - iwlwifi: change the Intel Wireless email address.
   - iwlwifi: check for valid ethernet address provided by OEM.
   - iwlwifi: clean up transport debugfs handling.
   - iwlwifi: clear ieee80211_tx_info->driver_data in the op_mode.
   - iwlwifi: Document missing module options.
   - iwlwifi: dump prph registers in a common place for all transports.
   - iwlwifi: dvm: advertise NETIF_F_SG.
   - iwlwifi: dvm: fix compare_const_fl.cocci warnings.
   - iwlwifi: dvm: handle zero brightness for wifi LED.
   - iwlwifi: dvm: remove a wrong dependency on m.
   - iwlwifi: dvm: remove Kconfig default.
   - iwlwifi: dvm: remove stray debug code.
   - iwlwifi: export the _no_grab version of PRPH IO functions.
   - iwlwifi: expose fw usniffer mode to more utilities.
   - iwlwifi: fix double hyphen in MODULE_FIRMWARE for 8000.
   - iwlwifi: Fix firmware name maximum length definition.
   - iwlwifi: fix name of ucode loaded for 8265 series.
   - iwlwifi: fix printf specifier.
   - iwlwifi: generalize d0i3_entry_timeout module parameter.
   - iwlwifi: mvm: adapt the firmware assert log to new firmware.
   - iwlwifi: mvm: add 9000-series RX API.
   - iwlwifi: mvm: add 9000 series RX processing.
   - iwlwifi: mvm: add a non-trigger window to fw dbg triggers.
   - iwlwifi: mvm: add an option to start rs from HT/VHT rates.
   - iwlwifi: mvm: Add a station in monitor mode.
   - iwlwifi: mvm: add bt rrc and ttc to debugfs.
   - iwlwifi: mvm: add bt settings to debugfs.
   - iwlwifi: mvm: add ctdp operations to debugfs.
   - iwlwifi: mvm: add CT-KILL notification.
   - iwlwifi: mvm: add debug print if scan config is ignored.
   - iwlwifi: mvm: add extended dwell time.
   - iwlwifi: mvm: add new ADD_STA command version.
   - iwlwifi: mvm: Add P2P client snoozing.
   - iwlwifi: mvm: add registration to cooling device.
   - iwlwifi: mvm: add registration to thermal zone.
   - iwlwifi: mvm: add support for negative temperatures.
   - iwlwifi: mvm: add tlv for multi queue rx support.
   - iwlwifi: mvm: add trigger for firmware dump upon TDLS events.
   - iwlwifi: mvm: add trigger for firmware dump upon TX response status.
   - iwlwifi: mvm: advertise NETIF_F_SG.
   - iwlwifi: mvm: Align bt-coex priority with requirements.
   - iwlwifi: mvm: allow to disable beacon filtering for AP/GO interface.
   - iwlwifi: mvm: avoid harmless -Wmaybe-uninialized warning.
   - iwlwifi: mvm: avoid panics with thermal device usage.
   - iwlwifi: mvm: avoid to WARN about gscan capabilities.
   - iwlwifi: mvm: bail out if CTDP start operation fails.
   - iwlwifi: mvm: bump firmware API to 21.
   - iwlwifi: mvm: bump max API to 20.
   - iwlwifi: mvm: change access to ieee80211_hdr.
   - iwlwifi: mvm: change iwl_mvm_get_key_sta_id() to return the station.
   - iwlwifi: mvm: change mcc update API.
   - iwlwifi: mvm: change name of iwl_mvm_d3_update_gtk.
   - iwlwifi: mvm: Change number of associated stations when station becomes
     associated.
   - iwlwifi: mvm: change protocol offload flows.
   - iwlwifi: mvm: change the check for ADD_STA status.
   - iwlwifi: mvm: check FW's response for nvm access write cmd.
   - iwlwifi: mvm: check iwl_mvm_wowlan_config_key_params() return value.
   - iwlwifi: mvm: check minimum temperature notification length.
   - iwlwifi: mvm: cleanup roc te on restart cleanup.
   - iwlwifi: mvm: Configure fragmented scan for scheduled scan.
   - iwlwifi: mvm: configure scheduled scan according to traffic conditions.
   - iwlwifi: mvm: constify the parameters of a few functions in fw-dbg.c.
   - iwlwifi: mvm: Disable beacon storing in D3 when WOWLAN configured.
   - iwlwifi: mvm: disable DQA support.
   - iwlwifi: mvm: do not ask beacons when P2P GO vif and no assoc sta.
   - iwlwifi: mvm: do not keep an mvm ref when the interface is down.
   - iwlwifi: mvm: do not let NDPs mess the packet tracking.
   - iwlwifi: mvm: do not restart HW if suspend fails with unified image.
   - iwlwifi: mvm: Do not switch to D3 image on suspend.
   - iwlwifi: mvm: do not try to offload AES-CMAC in AP/IBSS modes.
   - iwlwifi: mvm: drop low_latency_agg_frame_cnt_limit.
   - iwlwifi: mvm: dump more registers upon error.
   - iwlwifi: mvm: dump the radio registers when the firmware crashes.
   - iwlwifi: mvm: enable L3 filtering.
   - iwlwifi: mvm: Enable MPLUT only on supported hw.
   - iwlwifi: mvm: enable VHT MU-MIMO for supported hardware.
   - iwlwifi: mvm: extend time event duration.
   - iwlwifi: mvm: fix accessing Null pointer during fw dump collection.
   - iwlwifi: mvm: fix d3_test with unified D0/D3 images.
   - iwlwifi: mvm: fix debugfs signedness warning.
   - iwlwifi: mvm: fix extended dwell time.
   - iwlwifi: mvm: fix incorrect fallthrough in iwl_mvm_check_running_scans().
   - iwlwifi: mvm: fix memory leaks in error paths upon fw error dump.
   - iwlwifi: mvm: fix netdetect starting/stopping for unified images.
   - iwlwifi: mvm: fix RSS key sizing.
   - iwlwifi: mvm: fix unregistration of thermal in some error flows.
   - iwlwifi: mvm: flush all used TX queues before suspending.
   - iwlwifi: mvm: forbid U-APSD for P2P Client if the firmware does not
     support it.
   - iwlwifi: mvm: handle pass all scan reporting.
   - iwlwifi: mvm: ignore LMAC scan notifications when running UMAC scans.
   - iwlwifi: mvm: infrastructure for frame-release message.
   - iwlwifi: mvm: kill iwl_mvm_enable_agg_txq.
   - iwlwifi: mvm: let the firmware choose the antenna for beacons.
   - iwlwifi: mvm: make collecting fw debug data optional.
   - iwlwifi: mvm: move fw-dbg code to separate file.
   - iwlwifi: mvm: only release the trans ref if d0i3 is supported in fw.
   - iwlwifi: mvm: prepare the code towards TSO implementation.
   - iwlwifi: mvm: refactor d3 key update functions.
   - iwlwifi: mvm: refactor the way fw_key_table is handled.
   - iwlwifi: mvm: remove an extra tab.
   - iwlwifi: mvm: Remove bf_vif from iwl_power_vifs.
   - iwlwifi: mvm: Remove iwl_mvm_update_beacon_abort.
   - iwlwifi: mvm: remove redundant d0i3 flag from the config struct.
   - iwlwifi: mvm: remove shadowing variable.
   - iwlwifi: mvm: remove stray nd_config element.
   - iwlwifi: mvm: remove the vif parameter of
     iwl_mvm_configure_bcast_filter().
   - iwlwifi: mvm: remove unnecessary check in iwl_mvm_is_d0i3_supported().
   - iwlwifi: mvm: remove useless WARN_ON and rely on cfg80211's combination.
   - iwlwifi: mvm: report wakeup for wowlan.
   - iwlwifi: mvm: reset mvm->scan_type when firmware is started.
   - iwlwifi: mvm: return the cooling state index instead of the budget.
   - iwlwifi: mvm: ROC: cleanup time event info on FW failure.
   - iwlwifi: mvm: ROC: Extend the ROC max delay duration & limit ROC
     duration.
   - iwlwifi: mvm: rs: fix a potential out of bounds access.
   - iwlwifi: mvm: rs: fix a theoretical access to uninitialized array
     elements.
   - iwlwifi: mvm: rs: fix a warning message.
   - iwlwifi: mvm: rs: fix TPC action decision algorithm.
   - iwlwifi: mvm: rs: fix TPC statistics handling.
   - iwlwifi: mvm: Send power command on BSS_CHANGED_BEACON_INFO if needed.
   - iwlwifi: mvm: set default new STA as non-aggregated.
   - iwlwifi: mvm: set the correct amsdu enum values.
   - iwlwifi: mvm: set the correct descriptor size for tracing.
   - iwlwifi: mvm: small update in the firmware API.
   - iwlwifi: mvm: support A-MSDU in A-MPDU.
   - iwlwifi: mvm: support beacon storing.
   - iwlwifi: mvm: support description for user triggered fw dbg collection.
   - iwlwifi: mvm: support rss queues configuration command.
   - iwlwifi: mvm: Support setting continuous recording debug mode.
   - iwlwifi: mvm: support setting minimum quota from debugfs.
   - iwlwifi: mvm: support sw queue start/stop from mvm.
   - iwlwifi: mvm: take care of padded packets.
   - iwlwifi: mvm: take the transport ref back when leaving.
   - iwlwifi: mvm: track low-latency sources separately.
   - iwlwifi: mvm: update GSCAN capabilities.
   - iwlwifi: mvm: update ucode status before stopping device.
   - iwlwifi: mvm: use build-time assertion for fw trigger ID.
   - iwlwifi: mvm: use firmware station lookup, combine code.
   - iwlwifi: mvm: various trivial cleanups.
   - iwlwifi: mvm: writing zero bytes to debugfs causes a crash.
   - iwlwifi: nvm: fix loading default NVM file.
   - iwlwifi: nvm: fix up phy section when reading it.
   - iwlwifi: pcie: add 9000 series multi queue rx DMA support.
   - iwlwifi: pcie: add infrastructure for multi-queue rx.
   - iwlwifi: pcie: add initial RTPM support for PCI.
   - iwlwifi: pcie: Add new configuration to enable MSIX.
   - iwlwifi: pcie: add pm_prepare and pm_complete ops.
   - iwlwifi: pcie: add RTPM support when wifi is enabled.
   - iwlwifi: pcie: aggregate Flow Handler configuration writes.
   - iwlwifi: pcie: allow the op_mode to block the tx queues.
   - iwlwifi: pcie: allow to pretend to have Tx CSUM for debug.
   - iwlwifi: pcie: avoid restocks inside rx loop if not emergency.
   - iwlwifi: pcie: buffer packets to avoid overflowing Tx queues.
   - iwlwifi: pcie: build an A-MSDU using TSO core.
   - iwlwifi: pcie: configure more RFH settings.
   - iwlwifi: pcie: detect and workaround invalid write ptr behavior.
   - iwlwifi: pcie: do not increment / decrement a bool.
   - iwlwifi: pcie: enable interrupts before releasing the NIC's CPU.
   - iwlwifi: pcie: enable multi-queue rx path.
   - iwlwifi: pcie: extend device reset delay.
   - iwlwifi: pcie: fine tune number of rxbs.
   - iwlwifi: pcie: fix a race in firmware loading flow.
   - iwlwifi: pcie: fix erroneous return value.
   - iwlwifi: pcie: fix global table size.
   - iwlwifi: pcie: fix identation in trans.c.
   - iwlwifi: pcie: fix RF-Kill vs. firmware load race.
   - iwlwifi: pcie: forbid RTPM on device removal.
   - iwlwifi: pcie: mark command queue lock with separate lockdep class.
   - iwlwifi: pcie: prevent skbs shadowing in iwl_trans_pcie_reclaim.
   - iwlwifi: pcie: refactor RXBs reclaiming code.
   - iwlwifi: pcie: remove ICT allocation message.
   - iwlwifi: pcie: remove pointer from debug message.
   - iwlwifi: pcie: re-organize code towards TSO.
   - iwlwifi: pcie: set RB chunk size back to 64.
   - iwlwifi: pcie: update iwl_mpdu_desc fields.
   - iwlwifi: print index in api/capa flags parsing message.
   - iwlwifi: refactor the code that reads the MAC address from the NVM.
   - iwlwifi: remove IWL_DL_LED.
   - iwlwifi: remove unused parameter from grab_nic_access.
   - iwlwifi: replace d0i3_mode and wowlan_d0i3 with more generic variables.
   - iwlwifi: set max firmware version of 7265 to 17.
   - iwlwifi: support ucode with d0 unified image - regular and usniffer.
   - iwlwifi: trans: make various conversion macros inlines.
   - iwlwifi: trans: support a callback for ASYNC commands.
   - iwlwifi: treat iwl_parse_nvm_data() MAC addr as little endian.
   - iwlwifi: tt: move ucode_loaded check under mutex.
   - iwlwifi: uninline iwl_trans_send_cmd.
   - iwlwifi: update host command messages to new format.
   - iwlwifi: Update PCI IDs for 8000 and 9000 series.
   - iwlwifi: update support for 3168 series firmware and NVM.
   - iwlwifi: various comments and code cleanups.
   - jump label: fix passing kbuild_cflags when checking for asm goto support
     (git-fixes).
   - kabi: Hide new include in arch/powerpc/kernel/process.c (fate#322421).
   - kabi: ignore fs_info parameter for tracepoints that didn't have it
     (bsc#1044912).
   - kABI: move and hide new cxgbi device owner field (bsc#1018885).
   - kABI: protect cgroup include in kernel/kthread (kabi).
   - kABI: protect struct fib_info (kabi).
   - kABI: protect struct mnt_namespace (kabi).
   - kABI: protect struct pglist_data (kabi).
   - kABI: protect struct snd_fw_async_midi_port (kabi).
   - kABI: protect struct xlog (bsc#1043598).
   - kABI: restore ttm_ref_object_add parameters (kabi).
   - kabi/severities: ignore kABi changes in iwlwifi stuff itself
   - kabi workaround for net: ipv6: Fix processing of RAs in presence of VRF
     (bsc#1042286).
   - kernel-binary.spec: Propagate MAKE_ARGS to %build (bsc#1012422)
   - kprobes/x86: Fix kernel panic when certain exception-handling addresses
     are probed (4.4.68 stable queue).
   - kvm: better MWAIT emulation for guests (bsc#1031142).
   - kvm: nVMX: do not leak PML full vmexit to L1 (4.4.68 stable queue).
   - kvm: nVMX: initialize PML fields in vmcs02 (4.4.68 stable queue).
   - kvm: svm: add support for RDTSCP (bsc#1033117).
   - l2tp: fix race in l2tp_recv_common() (bsc#1042286).
   - lan78xx: use skb_cow_head() to deal with cloned skbs (bsc#1045154).
   - leds: ktd2692: avoid harmless maybe-uninitialized warning (4.4.68 stable
     queue).
   - libata-scsi: Fixup ata_gen_passthru_sense() (bsc#1040125).
   - libceph: NULL deref on crush_decode() error path (bsc#1044015).
   - libcxgb: add library module for Chelsio drivers (bsc#1021424).
   - lib/mpi: mpi_read_raw_data(): fix nbits calculation (bsc#1003581).
   - lib/mpi: mpi_read_raw_data(): purge redundant clearing of nbits
     (bsc#1003581).
   - lib/mpi: mpi_read_raw_from_sgl(): do not include leading zero SGEs in
     nbytes (bsc#1003581).
   - lib/mpi: mpi_read_raw_from_sgl(): fix nbits calculation (bsc#1003581).
   - lib/mpi: mpi_read_raw_from_sgl(): fix out-of-bounds buffer access
     (bsc#1003581).
   - lib/mpi: mpi_read_raw_from_sgl(): purge redundant clearing of nbits
     (bsc#1003581).
   - lib/mpi: mpi_read_raw_from_sgl(): replace len argument by nbytes
     (bsc#1003581).
   - lib/mpi: mpi_read_raw_from_sgl(): sanitize meaning of indices
     (bsc#1003581).
   - libnvdimm, pfn: fix 'npfns' vs section alignment (bsc#1040125).
   - livepatch: Allow architectures to specify an alternate ftrace location
     (FATE#322421).
   - locking/ww_mutex: Fix compilation of __WW_MUTEX_INITIALIZER
     (bsc#1031717).
   - loop: Add PF_LESS_THROTTLE to block/loop device thread (bsc#1027101).
   - lpfc: remove incorrect lockdep assertion (bsc#1040125).
   - md: allow creation of mdNNN arrays via md_mod/parameters/new_array
     (bsc#1032339).
   - md.c:didn't unlock the mddev before return EINVAL in array_size_store
     (bsc#1038143).
   - md-cluster: fix potential lock issue in add_new_disk (bsc#1041087).
   - md: fix a null dereference (bsc#1040351).
   - md: handle read-only member devices better (bsc#1033281).
   - md: MD_CLOSING needs to be cleared after called md_set_readonly or
     do_md_stop (bsc#1038142).
   - md/raid1: avoid reusing a resync bio after error handling (Fate#311379).
   - md: support disabling of create-on-open semantics (bsc#1032339).
   - md: use a separate bio_set for synchronous IO (bsc#1040351).
   - media: am437x-vpfe: fix an uninitialized variable bug (bsc#1031717).
   - media: b2c2: use IS_REACHABLE() instead of open-coding it (bsc#1031717).
   - media: c8sectpfe: Rework firmware loading mechanism (bsc#1031717).
   - media: cx231xx-audio: fix NULL-deref at probe (bsc#1031717).
   - media: cx231xx-cards: fix NULL-deref at probe (bsc#1031717).
   - media: cx23885: uninitialized variable in cx23885_av_work_handler()
     (bsc#1031717).
   - media: DaVinci-VPBE: Check return value of a setup_if_config() call in
     vpbe_set_output() (bsc#1031717).
   - media: DaVinci-VPFE-Capture: fix error handling (bsc#1031717).
   - media: dib0700: fix NULL-deref at probe (bsc#1031717).
   - media: dvb-usb: avoid link error with dib3000m{b,c| (bsc#1031717).
   - media: exynos4-is: fix a format string bug (bsc#1031717).
   - media: gspca: konica: add missing endpoint sanity check (bsc#1031717).
   - media: lirc_imon: do not leave imon_probe() with mutex held
     (bsc#1031717).
   - media: pvrusb2: reduce stack usage pvr2_eeprom_analyze() (bsc#1031717).
   - media: rc: allow rc modules to be loaded if rc-main is not a module
     (bsc#1031717).
   - media: s5p-mfc: Fix unbalanced call to clock management (bsc#1031717).
   - media: sh-vou: clarify videobuf2 dependency (bsc#1031717).
   - media: staging: media: davinci_vpfe: unlock on error in vpfe_reqbufs()
     (bsc#1031717).
   - media: usbvision: fix NULL-deref at probe (bsc#1031717).
   - media: uvcvideo: Fix empty packet statistic (bsc#1031717).
   - media: vb2: Fix an off by one error in 'vb2_plane_vaddr' (bsc#1043231).
   - mem-hotplug: fix node spanned pages when we have a movable node
     (bnc#1034671).
   - mips: R2-on-R6 MULTU/MADDU/MSUBU emulation bugfix (4.4.68 stable queue).
   - mlx4: Fix memory leak after mlx4_en_update_priv() (bsc#966170 bsc#966172
     bsc#966191).
   - mmc: debugfs: correct wrong voltage value (bsc#1031717).
   - mmc: Downgrade error level (bsc#1042536).
   - mm,compaction: serialize waitqueue_active() checks (bsc#971975).
   - mmc: sdhci-pxav3: fix higher speed mode capabilities (bsc#1031717).
   - mmc: sdhci: restore behavior when setting VDD via external regulator
     (bsc#1031717).
   - mm: fix <linux/pagemap.h> stray kernel-doc notation (bnc#971975 VM --
     git fixes).
   - mm: fix new crash in unmapped_area_topdown() (bnc#1039348).
   - mm/hugetlb: check for reserved hugepages during memory offline
     (bnc#971975 VM -- git fixes).
   - mm/hugetlb: fix incorrect hugepages count during mem hotplug (bnc#971975
     VM -- git fixes).
   - module: fix memory leak on early load_module() failures (bsc#1043014).
   - mwifiex: Avoid skipping WEP key deletion for AP (4.4.68 stable queue).
   - mwifiex: debugfs: Fix (sometimes) off-by-1 SSID print (4.4.68 stable
     queue).
   - mwifiex: pcie: fix cmd_buf use-after-free in remove/reset (bsc#1031717).
   - mwifiex: Removed unused 'pkt_type' variable (bsc#1031717).
   - mwifiex: remove redundant dma padding in AMSDU (4.4.68 stable queue).
   - mwifiex: Remove unused 'bcd_usb' variable (bsc#1031717).
   - mwifiex: Remove unused 'chan_num' variable (bsc#1031717).
   - mwifiex: Remove unused 'pm_flag' variable (bsc#1031717).
   - mwifiex: Remove unused 'sta_ptr' variable (bsc#1031717).
   - net: bridge: start hello timer only if device is up (bnc#1012382).
   - netfilter: nf_conntrack_sip: extend request line validation
     (bsc#1042286).
   - netfilter: nf_ct_expect: remove the redundant slash when policy name is
     empty (bsc#1042286).
   - netfilter: nf_dup_ipv6: set again FLOWI_FLAG_KNOWN_NH at flowi6_flags
     (bsc#1042286).
   - netfilter: nf_nat_snmp: Fix panic when snmp_trap_helper fails to
     register (bsc#1042286).
   - netfilter: nfnetlink_queue: reject verdict request from different portid
     (bsc#1042286).
   - netfilter: restart search if moved to other chain (bsc#1042286).
   - netfilter: use fwmark_reflect in nf_send_reset (bsc#1042286).
   - net: fix compile error in skb_orphan_partial() (bnc#1012382).
   - net: ibmvnic: Remove unused net_stats member from struct ibmvnic_adapter
     (fate#322021, bsc#1031512).
   - net: icmp_route_lookup should use rt dev to determine L3 domain
     (bsc#1042286).
   - net: ipv6: Fix processing of RAs in presence of VRF (bsc#1042286).
   - net: ipv6: set route type for anycast routes (bsc#1042286).
   - net: l3mdev: Add master device lookup by index (bsc#1042286).
   - net: make netdev_for_each_lower_dev safe for device removal
     (bsc#1042286).
   - net/mlx5: Do not unlock fte while still using it (bsc#966170 bsc#966172
     bsc#966191).
   - net/mlx5e: Fix timestamping capabilities reporting (bsc#966170
     bsc#1015342).
   - net/mlx5e: Modify TIRs hash only when it's needed (bsc#966170 bsc#966172
     bsc#966191).
   - net/mlx5: Fix create autogroup prev initializer (bsc#966170 bsc#966172
     bsc#966191).
   - net/mlx5: Prevent setting multicast macs for VFs (bsc#966170 bsc#966172
     bsc#966191).
   - net/mlx5: Release FTE lock in error flow (bsc#966170 bsc#966172
     bsc#966191).
   - net: vrf: Create FIB tables on link create (bsc#1042286).
   - net: vrf: Fix crash when IPv6 is disabled at boot time (bsc#1042286).
   - net: vrf: Fix dev refcnt leak due to IPv6 prefix route (bsc#1042286).
   - net: vrf: Fix dst reference counting (bsc#1042286).
   - net: vrf: protect changes to private data with rcu (bsc#1042286).
   - net: vrf: Switch dst dev to loopback on device delete (bsc#1042286).
   - netxen_nic: set rcode to the return status from the call to
     netxen_issue_cmd (bsc#966339 FATE#320150).
   - nfsd4: minor NFSv2/v3 write decoding cleanup (bsc#1034670).
   - nfsd: check for oversized NFSv2/v3 arguments (bsc#1034670).
   - nfsd: stricter decoding of write-like NFSv2/v3 ops (bsc#1034670).
   - nfs: Fix an LOCK/OPEN race when unlinking an open file (git-fixes).
   - nfs: Fix "Do not increment lock sequence ID after NFS4ERR_MOVED"
     (git-fixes).
   - nfs: Fix inode corruption in nfs_prime_dcache() (git-fixes).
   - nfs: Fix missing pg_cleanup after nfs_pageio_cond_complete() (git-fixes).
   - nfs: Use GFP_NOIO for two allocations in writeback (git-fixes).
   - nfsv4.1: Fix Oopsable condition in server callback races (git-fixes).
   - nfsv4: do not let hanging mounts block other mounts (bsc#1040364).
   - nfsv4: fix a reference leak caused WARNING messages (git-fixes).
   - nfsv4: Fix the underestimation of delegation XDR space reservation
     (git-fixes).
   - nsfs: mark dentry with DCACHE_RCUACCESS (bsc#1012829).
   - nvme: Delete created IO queues on reset (bsc#1031717).
   - nvme: submit nvme_admin_activate_fw to admin queue (bsc#1044532).
   - ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock
     (bsc#1004003).
   - ocfs2: fix deadlock issue when taking inode lock at vfs entry points
     (bsc#1004003).
   - overlayfs: compat, fix incorrect dentry use in ovl_rename2 (bsc#1032400).
   - overlayfs: compat, use correct dentry to detect compat mode in
     ovl_compat_is_whiteout (bsc#1032400).
   - pci: pciehp: Prioritize data-link event over presence detect
     (bsc#1031040,bsc#1037483).
   - pci: Reverse standard ACS vs device-specific ACS enabling (bsc#1030057).
   - pci: Work around Intel Sunrise Point PCH incorrect ACS capability
     (bsc#1030057).
   - percpu: remove unused chunk_alloc parameter from pcpu_get_pages()
     (bnc#971975 VM -- git fixes).
   - perf/x86/intel/rapl: Make Knights Landings support functional
     (bsc#1042517).
   - perf/x86/intel/uncore: Remove SBOX support for Broadwell server
     (bsc#1035887).
   - phy: qcom-usb-hs: Add depends on EXTCON (4.4.68 stable queue).
   - pid_ns: Sleep in TASK_INTERRUPTIBLE in zap_pid_ns_processes
     (bnc#1012985).
   - PKCS#7: fix missing break on OID_sha224 case (bsc#1031717).
   - platform/x86: fujitsu-laptop: use brightness_set_blocking for
     LED-setting callbacks (bsc#1031717).
   - pm / QoS: Fix memory leak on resume_latency.notifiers (bsc#1043231).
   - pm / wakeirq: Enable dedicated wakeirq for suspend (bsc#1031717).
   - pm / wakeirq: Fix spurious wake-up events for dedicated wakeirqs
     (bsc#1031717).
   - pm / wakeirq: report a wakeup_event on dedicated wekup irq (bsc#1031717).
   - power: bq27xxx: fix register numbers of bq27500 (bsc#1031717).
   - powerpc/64: Fix flush_(d|i)cache_range() called from modules (bnc#863764
     fate#315275, LTC#103998).
   - powerpc: Create a helper for getting the kernel toc value (FATE#322421).
   - powerpc/fadump: add reschedule point while releasing memory
     (bsc#1040609).
   - powerpc/fadump: avoid duplicates in crash memory ranges (bsc#1037669).
   - powerpc/fadump: avoid holes in boot memory area when fadump is
     registered (bsc#1037669).
   - powerpc/fadump: provide a helpful error message (bsc#1037669).
   - powerpc/fadump: Reserve memory at an offset closer to bottom of RAM
     (bsc#1032141).
   - powerpc/fadump: return error when fadump registration fails
     (bsc#1040567).
   - powerpc/fadump: Update fadump documentation (bsc#1032141).
   - powerpc/ftrace: Add Kconfig & Make glue for mprofile-kernel
     (FATE#322421).
   - powerpc/ftrace: Add support for -mprofile-kernel ftrace ABI
     (FATE#322421).
   - powerpc/ftrace: Pass the correct stack pointer for
     DYNAMIC_FTRACE_WITH_REGS (FATE#322421).
   - powerpc/ftrace: Use $(CC_FLAGS_FTRACE) when disabling ftrace
     (FATE#322421).
   - powerpc/ftrace: Use generic ftrace_modify_all_code() (FATE#322421).
   - powerpc: introduce TIF_KGR_IN_PROGRESS thread flag (FATE#322421).
   - powerpc/livepatch: Add livepatch header (FATE#322421).
   - powerpc/livepatch: Add live patching support on ppc64le (FATE#322421).
   - powerpc/livepatch: Add livepatch stack to struct thread_info
     (FATE#322421).
   - powerpc/module: Create a special stub for ftrace_caller() (FATE#322421).
   - powerpc/module: Mark module stubs with a magic value (FATE#322421).
   - powerpc/module: Only try to generate the ftrace_caller() stub once
     (FATE#322421).
   - powerpc/modules: Never restore r2 for a mprofile-kernel style mcount()
     call (FATE#322421).
   - powerpc/powernv: Fix opal_exit tracepoint opcode (4.4.68 stable queue).
   - power: supply: bq24190_charger: Call power_supply_changed() for relevant
     component (4.4.68 stable queue).
   - power: supply: bq24190_charger: Call set_mode_host() on pm_resume()
     (4.4.68 stable queue).
   - power: supply: bq24190_charger: Do not read fault register outside
     irq_handle_thread() (4.4.68 stable queue).
   - power: supply: bq24190_charger: Fix irq trigger to IRQF_TRIGGER_FALLING
     (4.4.68 stable queue).
   - power: supply: bq24190_charger: Handle fault before status on interrupt
     (4.4.68 stable queue).
   - power: supply: bq24190_charger: Install irq_handler_thread() at end of
     probe() (4.4.68 stable queue).
   - printk: Correctly handle preemption in console_unlock() (bsc#1046434).
   - printk: Switch to the sync mode when an emergency message is printed
     (bsc#1034995).
   - printk/xen: Force printk sync mode when migrating Xen guest
     (bsc#1043347).
   - quota: fill in Q_XGETQSTAT inode information for inactive quotas
     (bsc#1042356).
   - radix-tree: fix radix_tree_iter_retry() for tagged iterators
     (bsc#1012829).
   - ravb: Fix use-after-free on `ifconfig eth0 down` (git-fixes).
   - rdma/iw_cxgb4: Add missing error codes for act open cmd (bsc#1026570).
   - rdma/iw_cxgb4: Always wake up waiter in c4iw_peer_abort_intr()
     (bsc#1026570).
   - rdma/iw_cxgb4: Low resource fixes for Completion queue (bsc#1026570).
   - rdma/iw_cxgb4: only read markers_enabled mod param once (bsc#1026570).
   - regulator: isl9305: fix array size (bsc#1031717).
   - reiserfs: do not preallocate blocks for extended attributes (bsc#990682).
   - Revert "acpi, nfit, libnvdimm: fix interleave set cookie calculation
     (64-bit comparison)" (kabi).
   - Revert "btrfs: qgroup: Move half of the qgroup accounting time out of"
     (bsc#1017461 bsc#1033885).
   - Revert "KVM: nested VMX: disable perf cpuid reporting" (4.4.68 stable
     queue).
   - Revert "l2tp: take reference on sessions being dumped" (kabi).
   - Revert "mac80211: pass block ack session timeout to to driver" (kabi).
   - Revert "mac80211: RX BA support for sta max_rx_aggregation_subframes"
     (kabi).
   - Revert "wlcore: Add RX_BA_WIN_SIZE_CHANGE_EVENT event" (kabi).
   - rpm/kernel-spec-macros: Fix the check if there is no rebuild counter
     (bsc#1012060)
   - rpm/SLES-UEFI-SIGN-Certificate-2048.crt: Update the certificate
     (bsc#1035922)
   - rtnetlink: NUL-terminate IFLA_PHYS_PORT_NAME string (4.4.68 stable
     queue).
   - rtnl: reset calcit fptr in rtnl_unregister() (bsc#1042286).
   - s390/dasd: check if query host access feature is supported (bsc#1037871).
   - sbp-target: Fix second argument of percpu_ida_alloc() (bsc#1032803).
   - scsi: be2iscsi: Add FUNCTION_RESET during driver unload (bsc#1038458).
   - scsi: be2iscsi: Add IOCTL to check UER supported (bsc#1038458).
   - scsi: be2iscsi: Add TPE recovery feature (bsc#1038458).
   - scsi: be2iscsi: Add V1 of EPFW cleanup IOCTL (bsc#1038458).
   - scsi: be2iscsi: allocate enough memory in beiscsi_boot_get_sinfo()
     (bsc#1038458).
   - scsi: be2iscsi: Check all zeroes IP before issuing IOCTL (bsc#1038458).
   - scsi: be2iscsi: Fail the sessions immediately after TPE (bsc#1038458).
   - scsi: be2iscsi: Fix async PDU handling path (bsc#1038458).
   - scsi: be2iscsi: Fix bad WRB index error (bsc#1038458).
   - scsi: be2iscsi: Fix checks for HBA in error state (bsc#1038458).
   - scsi: be2iscsi: Fix gateway APIs to support IPv4 & IPv6 (bsc#1038458).
   - scsi: be2iscsi: Fix POST check and reset sequence (bsc#1038458).
   - scsi: be2iscsi: Fix queue and connection parameters (bsc#1038458).
   - scsi: be2iscsi: Fix release of DHCP IP in static mode (bsc#1038458).
   - scsi: be2iscsi: Fix to add timer for UE detection (bsc#1038458).
   - scsi: be2iscsi: Fix to make boot discovery non-blocking (bsc#1038458).
   - scsi: be2iscsi: Fix to use correct configuration values (bsc#1038458).
   - scsi: be2iscsi: Handle only NET_PARAM in iface_get_param (bsc#1038458).
   - scsi: be2iscsi: Move functions to right files (bsc#1038458).
   - scsi: be2iscsi: Move VLAN code to common iface_set_param (bsc#1038458).
   - scsi: be2iscsi: Reduce driver load/unload time (bsc#1038458).
   - scsi: be2iscsi: Remove alloc_mcc_tag & beiscsi_pci_soft_reset
     (bsc#1038458).
   - scsi: be2iscsi: Remove isr_lock and dead code (bsc#1038458).
   - scsi: be2iscsi: Rename iface get/set/create/destroy APIs (bsc#1038458).
   - scsi: be2iscsi: Replace _bh version for mcc_lock spinlock (bsc#1038458).
   - scsi: be2iscsi: Set and return right iface v4/v6 states (bsc#1038458).
   - scsi: be2iscsi: Update copyright information (bsc#1038458).
   - scsi: be2iscsi: Update iface handle before any set param (bsc#1038458).
   - scsi: be2iscsi: Update the driver version (bsc#1038458).
   - scsi: cxgb4i: libcxgbi: add missing module_put() (bsc#1018885).
   - scsi: cxgb4i: libcxgbi: cxgb4: add T6 iSCSI completion feature
     (bsc#1021424).
   - scsi: cxlflash: Remove the device cleanly in the system shutdown path
     (bsc#1028310, fate#321597, bsc#1034762).  cherry-pick from SP3
   - scsi_dh_alua: do not call BUG_ON when updating port group (bsc#1028340).
   - scsi_dh_alua: Do not retry for unmapped device (bsc#1012910).
   - scsi_error: count medium access timeout only once per EH run
     (bsc#993832, bsc#1032345).
   - scsi: fnic: Correcting rport check location in fnic_queuecommand_lck
     (bsc#1035920).
   - scsi: ipr: do not set DID_PASSTHROUGH on CHECK CONDITION (bsc#1034419).
   - scsi: ipr: Driver version 2.6.4 (bsc#1031555).
   - scsi: ipr: Error path locking fixes (bsc#1031555).
   - scsi: ipr: Fix abort path race condition (bsc#1031555).
   - scsi: ipr: Fix missed EH wakeup (bsc#1031555).
   - scsi: ipr: Fix SATA EH hang (bsc#1031555).
   - scsi: ipr: Remove redundant initialization (bsc#1031555).
   - scsi: mac_scsi: Fix MAC_SCSI=m option when SCSI=m (4.4.68 stable queue).
   - scsi: scsi_dh_alua: Check scsi_device_get() return value (bsc#1040125).
   - scsi: scsi_dh_emc: return success in clariion_std_inquiry() (4.4.68
     stable queue).
   - scsi_transport_fc: do not call queue_work under lock (bsc#1013887).
   - scsi_transport_fc: fixup race condition in fc_rport_final_delete()
     (bsc#1013887).
   - scsi_transport_fc: return -EBUSY for deleted vport (bsc#1013887).
   - sctp: check af before verify address in sctp_addr_id2transport
     (git-fixes).
   - serial: 8250_omap: Fix probe and remove for PM runtime (4.4.68 stable
     queue).
   - smartpqi: limit transfer length to 1MB (bsc#1025461).
   - staging: emxx_udc: remove incorrect __init annotations (4.4.68 stable
     queue).
   - staging: rtl8188eu: prevent an underflow in rtw_check_beacon_data()
     (bsc#1031717).
   - staging: wlan-ng: add missing byte order conversion (4.4.68 stable
     queue).
   - sunrpc: Allow xprt->ops->timer method to sleep (git-fixes).
   - sunrpc: ensure correct error is reported by xs_tcp_setup_socket()
     (git-fixes).
   - sunrpc: fix UDP memory accounting (git-fixes).
   - sunrpc: Silence WARN_ON when NFSv4.1 over RDMA is in use (git-fixes).
   - supported.conf: added drivers/net/ethernet/chelsio/libcxgb/libcxgb
   - supported.conf: Bugzilla and FATE references for dcdbas and dell_rbu
   - sysfs: be careful of error returns from ops->show() (bsc#1028883).
   - tcp: account for ts offset only if tsecr not zero (bsc#1042286).
   - tcp: do not inherit fastopen_req from parent (4.4.68 stable queue).
   - tcp: do not underestimate skb->truesize in tcp_trim_head() (4.4.68
     stable queue).
   - tcp: fastopen: accept data/FIN present in SYNACK message (bsc#1042286).
   - tcp: fastopen: avoid negative sk_forward_alloc (bsc#1042286).
   - tcp: fastopen: call tcp_fin() if FIN present in SYNACK (bsc#1042286).
   - tcp: fastopen: fix rcv_wup initialization for TFO server on SYN/data
     (bsc#1042286).
   - tcp: fix wraparound issue in tcp_lp (4.4.68 stable queue).
   - Temporarily disable iwlwifi-expose-default-fallback-ucode-api ... for
     updating iwlwifi stack
   - thp: fix MADV_DONTNEED vs. numa balancing race (bnc#1027974).
   - thp: reduce indentation level in change_huge_pmd() (bnc#1027974).
   - tpm: Downgrade error level (bsc#1042535).
   - tpm: fix checks for policy digest existence in tpm2_seal_trusted()
     (bsc#1034048, Pending fixes 2017-04-10).
   - tpm: fix RC value check in tpm2_seal_trusted (bsc#1034048, Pending fixes
     2017-04-10).
   - tpm: fix: set continueSession attribute for the unseal operation
     (bsc#1034048, Pending fixes 2017-04-10).
   - tracing/kprobes: Enforce kprobes teardown after testing (bnc#1012985).
   - tty: Destroy ldisc instance on hangup (bnc#1043488).
   - tty: Fix ldisc crash on reopened tty (bnc#1043488).
   - tty: Handle NULL tty->ldisc (bnc#1043488).
   - tty: Move tty_ldisc_kill() (bnc#1043488).
   - tty: Prepare for destroying line discipline on hangup (bnc#1043488).
   - tty: Refactor tty_ldisc_reinit() for reuse (bnc#1043488).
   - tty: Reset c_line from driver's init_termios (bnc#1043488).
   - tty: Simplify tty_set_ldisc() exit handling (bnc#1043488).
   - tty: Use 'disc' for line discipline index name (bnc#1043488).
   - udp: avoid ufo handling on IP payload compression packets (bsc#1042286).
   - udplite: call proper backlog handlers (bsc#1042286).
   - Update config files: add CONFIG_IWLWIFI_PCIE_RTPM=y (FATE#323335)
   - Update
   patches.fixes/x86-pci-mark-broadwell-ep-home-agent-1-as-having-non-complian
     t-bars (bsc#1039214). Fix the wrong bsc number.
   - Update patches.fixes/xen-silence-efi-error-messge.patch (bnc#1039900).
   - Update ppc64le config files to use KGRAFT.
   - usb: chipidea: Handle extcon events properly (4.4.68 stable queue).
   - usb: chipidea: Only read/write OTGSC from one place (4.4.68 stable
     queue).
   - usb: host: ehci-exynos: Decrese node refcount on exynos_ehci_get_phy()
     error paths (4.4.68 stable queue).
   - usb: host: ohci-exynos: Decrese node refcount on exynos_ehci_get_phy()
     error paths (4.4.68 stable queue).
   - usb: musb: ux500: Fix NULL pointer dereference at system PM
     (bsc#1038033).
   - usb: serial: ark3116: fix open error handling (bnc#1038043).
   - usb: serial: ch341: add register and USB request definitions
     (bnc#1038043).
   - usb: serial: ch341: add support for parity, frame length, stop bits
     (bnc#1038043).
   - usb: serial: ch341: fix baud rate and line-control handling
     (bnc#1038043).
   - usb: serial: ch341: fix line settings after reset-resume (bnc#1038043).
   - usb: serial: ch341: fix modem-status handling (bnc#1038043).
   - usb: serial: ch341: reinitialize chip on reconfiguration (bnc#1038043).
   - usb: serial: digi_acceleport: fix incomplete rx sanity check (4.4.68
     stable queue).
   - usb: serial: fix compare_const_fl.cocci warnings (bnc#1038043).
   - usb: serial: ftdi_sio: fix latency-timer error handling (4.4.68 stable
     queue).
   - usb: serial: io_edgeport: fix descriptor error handling (4.4.68 stable
     queue).
   - usb: serial: io_edgeport: fix epic-descriptor handling (bnc#1038043).
   - usb: serial: keyspan_pda: fix receive sanity checks (4.4.68 stable
     queue).
   - usb: serial: mct_u232: fix modem-status error handling (4.4.68 stable
     queue).
   - usb: serial: quatech2: fix control-message error handling (bnc#1038043).
   - usb: serial: sierra: fix bogus alternate-setting assumption
     (bnc#1038043).
   - usb: serial: ssu100: fix control-message error handling (bnc#1038043).
   - usb: serial: ti_usb_3410_5052: fix control-message error handling
     (4.4.68 stable queue).
   - Use make --output-sync feature when available (bsc#1012422). The mesages
     in make output can interleave making it impossible to extract warnings
     reliably. Since version 4 GNU Make supports --output-sync flag that
     prints output of each sub-command atomically preventing this issue.
     Detect the flag and use it if available.
   - Use up spare in struct module for livepatch (FATE#322421).
   - vmxnet3: segCnt can be 1 for LRO packets (bsc#988065).
   - vrf: remove slave queue and private slave struct (bsc#1042286).
   - vsock: Detach QP check should filter out non matching QPs (bsc#1036752).
   - x86/CPU/AMD: Fix Zen SMT topology (bsc#1027512).
   - x86/ioapic: Restore IO-APIC irq_chip retrigger callback (4.4.68 stable
     queue).
   - x86/pci-calgary: Fix iommu_free() comparison of unsigned expression >= 0
     (4.4.68 stable queue).
   - x86/PCI: Mark Broadwell-EP Home Agent 1 as having non-compliant BARs
     (bsc#9048891).
   - x86/platform/intel-mid: Correct MSI IRQ line for watchdog device (4.4.68
     stable queue).
   - x86/platform/uv/BAU: Add generic function pointers (bsc#1035024).
   - x86/platform/uv/BAU: Add payload descriptor qualifier (bsc#1035024).
   - x86/platform/uv/BAU: Add status mmr location fields to bau_control
     (bsc#1035024).
   - x86/platform/uv/BAU: Add UV4-specific functions (bsc#1035024).
   - x86/platform/uv/BAU: Add uv_bau_version enumerated constants
     (bsc#1035024).
   - x86/platform/uv/BAU: Add wait_completion to bau_operations (bsc#1035024).
   - x86/platform/uv/BAU: Clean up and update printks (bsc#1035024).
   - x86/platform/uv/BAU: Cleanup bau_operations declaration and instances
     (bsc#1035024).
   - x86/platform/uv/BAU: Clean up pq_init() (bsc#1035024).
   - x86/platform/uv/BAU: Clean up vertical alignment (bsc#1035024).
   - x86/platform/uv/BAU: Convert uv_physnodeaddr() use to uv_gpa_to_offset()
     (bsc#1035024).
   - x86/platform/uv/BAU: Disable software timeout on UV4 hardware
     (bsc#1035024).
   - x86/platform/uv/BAU: Fix HUB errors by remove initial write to sw-ack
     register (bsc#1035024).
   - x86/platform/uv/BAU: Fix payload queue setup on UV4 hardware
     (bsc#1035024).
   - x86/platform/uv/BAU: Implement uv4_wait_completion with read_status
     (bsc#1035024).
   - x86/platform/uv/BAU: Populate ->uvhub_version with UV4 version
     information (bsc#1035024).
   - x86/platform/uv/BAU: Use generic function pointers (bsc#1035024).
   - x86/platform/uv: Fix calculation of Global Physical Address
     (bsc#1031147).
   - xen: add sysfs node for guest type (bnc#1037840).
   - xen: adjust early dom0 p2m handling to xen hypervisor behavior
     (bnc#1031470).
   - xen-blkback: do not leak stack data via response ring (bsc#1042863
     XSA-216).
   - xen/mce: do not issue error message for failed /dev/mcelog registration
     (bnc#1036638).
   - xfrm: Fix memory leak of aead algorithm name (bsc#1042286).
   - xfrm: Only add l3mdev oif to dst lookups (bsc#1042286).
   - xfs: add missing include dependencies to xfs_dir2.h (bsc#1042421).
   - xfs: do not assert fail on non-async buffers on ioacct decrement
     (bsc#1041160).
   - xfs: do not warn on buffers not being recovered due to LSN (bsc#1043598).
   - xfs: fix eofblocks race with file extending async dio writes
     (bsc#1040929).
   - xfs: Fix missed holes in SEEK_HOLE implementation (bsc#1041168).
   - xfs: fix off-by-one on max nr_pages in xfs_find_get_desired_pgoff()
     (bsc#1041168).
   - xfs: fix xfs_mode_to_ftype() prototype (bsc#1043598).
   - xfs: in _attrlist_by_handle, copy the cursor back to userspace
     (bsc#1041242).
   - xfs: log recovery tracepoints to track current lsn and buffer submission
     (bsc#1043598).
   - xfs: Make __xfs_xattr_put_listen preperly report errors (bsc#1041242).
   - xfs: only return -errno or success from attr ->put_listent (bsc#1041242).
   - xfs: pass current lsn to log recovery buffer validation (bsc#1043598).
   - xfs: refactor log record unpack and data processing (bsc#1043598).
   - xfs: replace xfs_mode_to_ftype table with switch statement (bsc#1042421).
   - xfs: rework log recovery to submit buffers on LSN boundaries
     (bsc#1043598).
   - xfs: rework the inline directory verifiers (bsc#1042421).
   - xfs: sanity check directory inode di_size (bsc#1042421).
   - xfs: sanity check inode di_mode (bsc#1042421).
   - xfs: Split default quota limits by quota type (bsc#1049421).
   - xfs: update metadata LSN in buffers during log recovery (bsc#1043598).
   - xfs: use ->b_state to fix buffer I/O accounting release race
     (bsc#1041160).
   - xfs: verify inline directory data forks (bsc#1042421).
   - zswap: do not param_set_charp while holding spinlock (VM Functionality,
     bsc#1042886).


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Workstation Extension 12-SP2:

      zypper in -t patch SUSE-SLE-WE-12-SP2-2017-1146=1

   - SUSE Linux Enterprise Software Development Kit 12-SP2:

      zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1146=1

   - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:

      zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1146=1

   - SUSE Linux Enterprise Server 12-SP2:

      zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1146=1

   - SUSE Linux Enterprise Live Patching 12:

      zypper in -t patch SUSE-SLE-Live-Patching-12-2017-1146=1

   - SUSE Linux Enterprise High Availability 12-SP2:

      zypper in -t patch SUSE-SLE-HA-12-SP2-2017-1146=1

   - SUSE Linux Enterprise Desktop 12-SP2:

      zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1146=1

   - OpenStack Cloud Magnum Orchestration 7:

      zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-1146=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Workstation Extension 12-SP2 (x86_64):

      kernel-default-debuginfo-4.4.74-92.29.1
      kernel-default-debugsource-4.4.74-92.29.1
      kernel-default-extra-4.4.74-92.29.1
      kernel-default-extra-debuginfo-4.4.74-92.29.1

   - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64):

      kernel-obs-build-4.4.74-92.29.1
      kernel-obs-build-debugsource-4.4.74-92.29.1

   - SUSE Linux Enterprise Software Development Kit 12-SP2 (noarch):

      kernel-docs-4.4.74-92.29.3

   - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64):

      kernel-default-4.4.74-92.29.1
      kernel-default-base-4.4.74-92.29.1
      kernel-default-base-debuginfo-4.4.74-92.29.1
      kernel-default-debuginfo-4.4.74-92.29.1
      kernel-default-debugsource-4.4.74-92.29.1
      kernel-default-devel-4.4.74-92.29.1
      kernel-syms-4.4.74-92.29.1

   - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch):

      kernel-devel-4.4.74-92.29.1
      kernel-macros-4.4.74-92.29.1
      kernel-source-4.4.74-92.29.1

   - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64):

      kernel-default-4.4.74-92.29.1
      kernel-default-base-4.4.74-92.29.1
      kernel-default-base-debuginfo-4.4.74-92.29.1
      kernel-default-debuginfo-4.4.74-92.29.1
      kernel-default-debugsource-4.4.74-92.29.1
      kernel-default-devel-4.4.74-92.29.1
      kernel-syms-4.4.74-92.29.1

   - SUSE Linux Enterprise Server 12-SP2 (noarch):

      kernel-devel-4.4.74-92.29.1
      kernel-macros-4.4.74-92.29.1
      kernel-source-4.4.74-92.29.1

   - SUSE Linux Enterprise Live Patching 12 (x86_64):

      kgraft-patch-4_4_74-92_29-default-1-4.1

   - SUSE Linux Enterprise High Availability 12-SP2 (ppc64le s390x x86_64):

      cluster-md-kmp-default-4.4.74-92.29.1
      cluster-md-kmp-default-debuginfo-4.4.74-92.29.1
      cluster-network-kmp-default-4.4.74-92.29.1
      cluster-network-kmp-default-debuginfo-4.4.74-92.29.1
      dlm-kmp-default-4.4.74-92.29.1
      dlm-kmp-default-debuginfo-4.4.74-92.29.1
      gfs2-kmp-default-4.4.74-92.29.1
      gfs2-kmp-default-debuginfo-4.4.74-92.29.1
      kernel-default-debuginfo-4.4.74-92.29.1
      kernel-default-debugsource-4.4.74-92.29.1
      ocfs2-kmp-default-4.4.74-92.29.1
      ocfs2-kmp-default-debuginfo-4.4.74-92.29.1

   - SUSE Linux Enterprise Desktop 12-SP2 (noarch):

      kernel-devel-4.4.74-92.29.1
      kernel-macros-4.4.74-92.29.1
      kernel-source-4.4.74-92.29.1

   - SUSE Linux Enterprise Desktop 12-SP2 (x86_64):

      kernel-default-4.4.74-92.29.1
      kernel-default-debuginfo-4.4.74-92.29.1
      kernel-default-debugsource-4.4.74-92.29.1
      kernel-default-devel-4.4.74-92.29.1
      kernel-default-extra-4.4.74-92.29.1
      kernel-default-extra-debuginfo-4.4.74-92.29.1
      kernel-syms-4.4.74-92.29.1

   - OpenStack Cloud Magnum Orchestration 7 (x86_64):

      kernel-default-4.4.74-92.29.1
      kernel-default-debuginfo-4.4.74-92.29.1
      kernel-default-debugsource-4.4.74-92.29.1


References:

   https://www.suse.com/security/cve/CVE-2017-1000365.html
   https://www.suse.com/security/cve/CVE-2017-1000380.html
   https://www.suse.com/security/cve/CVE-2017-7346.html
   https://www.suse.com/security/cve/CVE-2017-7487.html
   https://www.suse.com/security/cve/CVE-2017-7616.html
   https://www.suse.com/security/cve/CVE-2017-7618.html
   https://www.suse.com/security/cve/CVE-2017-8890.html
   https://www.suse.com/security/cve/CVE-2017-8924.html
   https://www.suse.com/security/cve/CVE-2017-8925.html
   https://www.suse.com/security/cve/CVE-2017-9074.html
   https://www.suse.com/security/cve/CVE-2017-9075.html
   https://www.suse.com/security/cve/CVE-2017-9076.html
   https://www.suse.com/security/cve/CVE-2017-9077.html
   https://www.suse.com/security/cve/CVE-2017-9150.html
   https://www.suse.com/security/cve/CVE-2017-9242.html
   https://bugzilla.suse.com/1003581
   https://bugzilla.suse.com/1004003
   https://bugzilla.suse.com/1011044
   https://bugzilla.suse.com/1012060
   https://bugzilla.suse.com/1012382
   https://bugzilla.suse.com/1012422
   https://bugzilla.suse.com/1012452
   https://bugzilla.suse.com/1012829
   https://bugzilla.suse.com/1012910
   https://bugzilla.suse.com/1012985
   https://bugzilla.suse.com/1013561
   https://bugzilla.suse.com/1013887
   https://bugzilla.suse.com/1015342
   https://bugzilla.suse.com/1015452
   https://bugzilla.suse.com/1017461
   https://bugzilla.suse.com/1018885
   https://bugzilla.suse.com/1020412
   https://bugzilla.suse.com/1021424
   https://bugzilla.suse.com/1022266
   https://bugzilla.suse.com/1022595
   https://bugzilla.suse.com/1023287
   https://bugzilla.suse.com/1025461
   https://bugzilla.suse.com/1026570
   https://bugzilla.suse.com/1027101
   https://bugzilla.suse.com/1027512
   https://bugzilla.suse.com/1027974
   https://bugzilla.suse.com/1028217
   https://bugzilla.suse.com/1028310
   https://bugzilla.suse.com/1028340
   https://bugzilla.suse.com/1028883
   https://bugzilla.suse.com/1029607
   https://bugzilla.suse.com/1030057
   https://bugzilla.suse.com/1030070
   https://bugzilla.suse.com/1031040
   https://bugzilla.suse.com/1031142
   https://bugzilla.suse.com/1031147
   https://bugzilla.suse.com/1031470
   https://bugzilla.suse.com/1031500
   https://bugzilla.suse.com/1031512
   https://bugzilla.suse.com/1031555
   https://bugzilla.suse.com/1031717
   https://bugzilla.suse.com/1031796
   https://bugzilla.suse.com/1032141
   https://bugzilla.suse.com/1032339
   https://bugzilla.suse.com/1032345
   https://bugzilla.suse.com/1032400
   https://bugzilla.suse.com/1032581
   https://bugzilla.suse.com/1032803
   https://bugzilla.suse.com/1033117
   https://bugzilla.suse.com/1033281
   https://bugzilla.suse.com/1033336
   https://bugzilla.suse.com/1033340
   https://bugzilla.suse.com/1033885
   https://bugzilla.suse.com/1034048
   https://bugzilla.suse.com/1034419
   https://bugzilla.suse.com/1034635
   https://bugzilla.suse.com/1034670
   https://bugzilla.suse.com/1034671
   https://bugzilla.suse.com/1034762
   https://bugzilla.suse.com/1034902
   https://bugzilla.suse.com/1034995
   https://bugzilla.suse.com/1035024
   https://bugzilla.suse.com/1035866
   https://bugzilla.suse.com/1035887
   https://bugzilla.suse.com/1035920
   https://bugzilla.suse.com/1035922
   https://bugzilla.suse.com/1036214
   https://bugzilla.suse.com/1036638
   https://bugzilla.suse.com/1036752
   https://bugzilla.suse.com/1036763
   https://bugzilla.suse.com/1037177
   https://bugzilla.suse.com/1037186
   https://bugzilla.suse.com/1037384
   https://bugzilla.suse.com/1037483
   https://bugzilla.suse.com/1037669
   https://bugzilla.suse.com/1037840
   https://bugzilla.suse.com/1037871
   https://bugzilla.suse.com/1037969
   https://bugzilla.suse.com/1038033
   https://bugzilla.suse.com/1038043
   https://bugzilla.suse.com/1038085
   https://bugzilla.suse.com/1038142
   https://bugzilla.suse.com/1038143
   https://bugzilla.suse.com/1038297
   https://bugzilla.suse.com/1038458
   https://bugzilla.suse.com/1038544
   https://bugzilla.suse.com/1038842
   https://bugzilla.suse.com/1038843
   https://bugzilla.suse.com/1038846
   https://bugzilla.suse.com/1038847
   https://bugzilla.suse.com/1038848
   https://bugzilla.suse.com/1038879
   https://bugzilla.suse.com/1038981
   https://bugzilla.suse.com/1038982
   https://bugzilla.suse.com/1039214
   https://bugzilla.suse.com/1039348
   https://bugzilla.suse.com/1039354
   https://bugzilla.suse.com/1039700
   https://bugzilla.suse.com/1039864
   https://bugzilla.suse.com/1039882
   https://bugzilla.suse.com/1039883
   https://bugzilla.suse.com/1039885
   https://bugzilla.suse.com/1039900
   https://bugzilla.suse.com/1040069
   https://bugzilla.suse.com/1040125
   https://bugzilla.suse.com/1040182
   https://bugzilla.suse.com/1040279
   https://bugzilla.suse.com/1040351
   https://bugzilla.suse.com/1040364
   https://bugzilla.suse.com/1040395
   https://bugzilla.suse.com/1040425
   https://bugzilla.suse.com/1040463
   https://bugzilla.suse.com/1040567
   https://bugzilla.suse.com/1040609
   https://bugzilla.suse.com/1040855
   https://bugzilla.suse.com/1040929
   https://bugzilla.suse.com/1040941
   https://bugzilla.suse.com/1041087
   https://bugzilla.suse.com/1041160
   https://bugzilla.suse.com/1041168
   https://bugzilla.suse.com/1041242
   https://bugzilla.suse.com/1041431
   https://bugzilla.suse.com/1041810
   https://bugzilla.suse.com/1042286
   https://bugzilla.suse.com/1042356
   https://bugzilla.suse.com/1042421
   https://bugzilla.suse.com/1042517
   https://bugzilla.suse.com/1042535
   https://bugzilla.suse.com/1042536
   https://bugzilla.suse.com/1042863
   https://bugzilla.suse.com/1042886
   https://bugzilla.suse.com/1043014
   https://bugzilla.suse.com/1043231
   https://bugzilla.suse.com/1043236
   https://bugzilla.suse.com/1043347
   https://bugzilla.suse.com/1043371
   https://bugzilla.suse.com/1043467
   https://bugzilla.suse.com/1043488
   https://bugzilla.suse.com/1043598
   https://bugzilla.suse.com/1043912
   https://bugzilla.suse.com/1043935
   https://bugzilla.suse.com/1043990
   https://bugzilla.suse.com/1044015
   https://bugzilla.suse.com/1044082
   https://bugzilla.suse.com/1044120
   https://bugzilla.suse.com/1044125
   https://bugzilla.suse.com/1044532
   https://bugzilla.suse.com/1044767
   https://bugzilla.suse.com/1044772
   https://bugzilla.suse.com/1044854
   https://bugzilla.suse.com/1044880
   https://bugzilla.suse.com/1044912
   https://bugzilla.suse.com/1045154
   https://bugzilla.suse.com/1045235
   https://bugzilla.suse.com/1045286
   https://bugzilla.suse.com/1045307
   https://bugzilla.suse.com/1045467
   https://bugzilla.suse.com/1045568
   https://bugzilla.suse.com/1046105
   https://bugzilla.suse.com/1046434
   https://bugzilla.suse.com/1046589
   https://bugzilla.suse.com/799133
   https://bugzilla.suse.com/863764
   https://bugzilla.suse.com/922871
   https://bugzilla.suse.com/939801
   https://bugzilla.suse.com/966170
   https://bugzilla.suse.com/966172
   https://bugzilla.suse.com/966191
   https://bugzilla.suse.com/966321
   https://bugzilla.suse.com/966339
   https://bugzilla.suse.com/971975
   https://bugzilla.suse.com/988065
   https://bugzilla.suse.com/989311
   https://bugzilla.suse.com/990058
   https://bugzilla.suse.com/990682
   https://bugzilla.suse.com/993832
   https://bugzilla.suse.com/995542



More information about the sle-security-updates mailing list