Release linux (4.8.15-2).

-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAlhtitEACgkQ57/I7JWG
 EQlPqQ//V6+eUGkATmlFFyxsM91OsMgZyxtt0Pzf7XvFg4gBr+hJIaJwxasVRZGi
 w/r4uYHmiX7fLrXnanT+RekT1zCGQBOLUvm2Rlwi845PAl9fMCSb+9Jiz60THeN7
 cHg7JEvNhTEEDpLK1FJlU3fiMqb5LRdUTkz+RkhKRfITm4/bT3h0Ow72/Xy6JsrI
 nAf/AyncvBCQvrIUXYyfyHUPhkYMk8L7bC6G4o803kFdPYTb1WR2gRbpsI6jSVs8
 YFbrfMpH1foPHiTVWP+inDN9LA2TO8QGMvAuCAQzQuLzKztrU0i/1shjDfaN61qx
 xQhXE08TwNnkDZQCtIFZrLkRPSFlLqFqVWyL9eyPAYNAnZeugxB6F3HOWk5cKWqj
 NPpZ10zAnKliPnL7z+eFlxLq34UgVqqe1FeRB5iBEC2dQYEs3LuB1RF2zFOuZ74T
 cvXKJJhuR4iMNcAOax6Uab+3iyC/PGm5VSiCL+IPbD7H9IaXLcICE8l1r0zRs5Sa
 Um4YQKTy8kFK/CRsEOB8CofXMuBXLzEw2xeNn6187d/ZeA7uiUsyd2nVkXnO0FNt
 B2JkV6kwO99WAnNwTZSwF7QJJe8ir7X4X1qdk00sqNYiDff/CBHjRT1gLRzNyOuJ
 r9QFKRt4UGF3XGpE89czRRoHfP9WkdrmdmP1i/DnkSVO6L8/y6Y=
 =AxAX
 -----END PGP SIGNATURE-----

Merge tag 'debian/4.8.15-2'

debian/changelog

@@ -92,6 +92,43 @@ linux (4.9~rc3-1~exp1) experimental; urgency=medium
 
  -- Ben Hutchings <ben@decadent.org.uk>  Thu, 03 Nov 2016 16:51:55 -0600
 
+linux (4.8.15-2) unstable; urgency=medium
+
+  [ Ben Hutchings ]
+  * [x86] Enable INTEL_VBTN as module (Closes: #848967)
+  * debian/control: Change build-dependency on asciidoc to prefer the new
+    asciidoc-base, so we don't pull in LaTeX unnecessarily
+  * [x86] Enable LEDS_DELL_NETBOOKS and DELL_SMBIOS as modules; re-enable
+    DELL_LAPTOP and DELL_WMI as modules (Closes: #849674)
+  * [powerpc*] boot: Request no dynamic linker for boot wrapper
+    (Closes: #848851, FTBFS on ppc6el)
+  * cpufreq: Enable CPU_FREQ_GOV_SCHEDUTIL as module
+  * [x86] ACPI: Enable DPTF_POWER as module
+  * [x86] perf: Enable PERF_EVENTS_AMD_POWER as module
+  * [x86] perf: Change PERF_EVENTS_INTEL_{CSTATE,RAPL,UNCORE} from built-in
+    to modules
+  * PCI: Enable PCIE_DPC (except for armel/versatile)
+  * [amd64] PCI: Enable PCI_HYPERV as module
+  * inet: Enable INET_DIAG_DESTROY
+  * tcp: Enable TCP_CONG_NV as module
+  * ipv6: Enable IPV6_ILA as module
+  * net/sched: Enable NET_CLS_MATCHALL, NET_ACT_IFE, NET_IFE_SKBMARK,
+    NET_IFE_SKBPRIO as modules
+  * hci_uart: Enable BT_HCIUART_AG6XX
+  * nvme: Enable NVME_RDMA, NVME_TARGET, NVME_TARGET_RDMA as modules
+  * [amd64] mic: Enable VOP_BUS and VOP as modules; re-enable INTEL_MIC_HOST as
+    module
+  * debian/control: Add Salvatore Bonaccorso to Uploaders
+  * [rt] Update to 4.8.15-rt10 (no functional change)
+
+  [ Salvatore Bonaccorso ]
+  * sg_write()/bsg_write() is not fit to be called under KERNEL_DS
+    (CVE-2016-10088)
+  * kvm: nVMX: Allow L1 to intercept software exceptions (#BP and #OF)
+    (CVE-2016-9588)
+
+ -- Ben Hutchings <ben@decadent.org.uk>  Wed, 04 Jan 2017 19:39:36 +0000
+
 linux (4.8.15-1) unstable; urgency=medium
 
   * New upstream stable update:

debian/config/amd64/config

@@ -9,10 +9,12 @@ CONFIG_CALGARY_IOMMU_ENABLED_BY_DEFAULT=y
 # CONFIG_MAXSMP is not set
 CONFIG_NR_CPUS=512
 CONFIG_X86_16BIT=y
+CONFIG_X86_VSYSCALL_EMULATION=y
 CONFIG_NUMA=y
 CONFIG_AMD_NUMA=y
 CONFIG_X86_64_ACPI_NUMA=y
 CONFIG_NUMA_EMU=y
+CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS=y
 CONFIG_EFI_MIXED=y
 CONFIG_KEXEC_FILE=y
 CONFIG_KEXEC_VERIFY_SIG=y
@@ -133,10 +135,12 @@ CONFIG_MAC_EMUMOUSEBTN=y
 ##
 CONFIG_INTEL_MIC_BUS=m
 CONFIG_SCIF_BUS=m
+CONFIG_VOP_BUS=m
 CONFIG_INTEL_MIC_HOST=m
 # CONFIG_INTEL_MIC_CARD is not set
 CONFIG_SCIF=m
 CONFIG_MIC_COSM=m
+CONFIG_VOP=m
 
 ##
 ## file: drivers/net/Kconfig
@@ -153,6 +157,11 @@ CONFIG_FUJITSU_ES=m
 ##
 CONFIG_NVDIMM_PFN=y
 
+##
+## file: drivers/pci/Kconfig
+##
+CONFIG_PCI_HYPERV=y
+
 ##
 ## file: drivers/scsi/Kconfig
 ##

debian/config/armel/config.marvell

@@ -495,6 +495,11 @@ CONFIG_MWIFIEX_SDIO=m
 ##
 CONFIG_PCI_MVEBU=y
 
+##
+## file: drivers/pci/pcie/Kconfig
+##
+# CONFIG_PCIE_DPC is not set
+
 ##
 ## file: drivers/pcmcia/Kconfig
 ##

debian/config/config

@@ -5,6 +5,8 @@ CONFIG_OPROFILE=m
 CONFIG_KPROBES=y
 CONFIG_JUMP_LABEL=y
 # CONFIG_STATIC_KEYS_SELFTEST is not set
+#. Until we work out how to package them
+# CONFIG_GCC_PLUGINS is not set
 ## choice: Stack Protector buffer overflow detection
 CONFIG_CC_STACKPROTECTOR_STRONG=y
 ## end choice
@@ -161,6 +163,7 @@ CONFIG_ACPI_TABLE_UPGRADE=y
 # CONFIG_ACPI_BGRT is not set
 # CONFIG_ACPI_REDUCED_HARDWARE_ONLY is not set
 # CONFIG_PMIC_OPREGION is not set
+# CONFIG_ACPI_CONFIGFS is not set
 
 ##
 ## file: drivers/acpi/nfit/Kconfig
@@ -353,6 +356,7 @@ CONFIG_BT_HCIUART_3WIRE=y
 CONFIG_BT_HCIUART_INTEL=y
 CONFIG_BT_HCIUART_BCM=y
 CONFIG_BT_HCIUART_QCA=y
+CONFIG_BT_HCIUART_AG6XX=y
 # CONFIG_BT_HCIBTUART is not set
 CONFIG_BT_MRVL=m
 CONFIG_BT_MRVL_SDIO=m
@@ -437,6 +441,7 @@ CONFIG_CPU_FREQ_GOV_POWERSAVE=m
 CONFIG_CPU_FREQ_GOV_USERSPACE=m
 CONFIG_CPU_FREQ_GOV_ONDEMAND=m
 CONFIG_CPU_FREQ_GOV_CONSERVATIVE=m
+CONFIG_CPU_FREQ_GOV_SCHEDUTIL=m
 # CONFIG_CPUFREQ_DT is not set
 
 ##
@@ -2594,6 +2599,7 @@ CONFIG_MTD_NAND_CS553X=m
 CONFIG_MTD_NAND_NANDSIM=m
 # CONFIG_MTD_NAND_PLATFORM is not set
 # CONFIG_MTD_NAND_HISI504 is not set
+# CONFIG_MTD_NAND_MTK is not set
 
 ##
 ## file: drivers/mtd/onenand/Kconfig
@@ -2608,6 +2614,7 @@ CONFIG_MTD_ONENAND_2X_PROGRAM=y
 ## file: drivers/mtd/spi-nor/Kconfig
 ##
 CONFIG_MTD_SPI_NOR=m
+# CONFIG_MTD_MT81xx_NOR is not set
 CONFIG_MTD_SPI_NOR_USE_4K_SECTORS=y
 
 ##
@@ -2677,6 +2684,11 @@ CONFIG_CAN_CALC_BITTIMING=y
 ##
 # CONFIG_CAN_CC770 is not set
 
+##
+## file: drivers/net/can/ifi_canfd/Kconfig
+##
+# CONFIG_CAN_IFI_CANFD is not set
+
 ##
 ## file: drivers/net/can/m_can/Kconfig
 ##
@@ -3629,12 +3641,18 @@ CONFIG_NFC_PORT100=m
 ## file: drivers/nfc/pn533/Kconfig
 ##
 CONFIG_NFC_PN533_USB=m
+# CONFIG_NFC_PN533_I2C is not set
 
 ##
 ## file: drivers/nfc/st21nfca/Kconfig
 ##
 # CONFIG_NFC_ST21NFCA_I2C is not set
 
+##
+## file: drivers/nfc/st95hf/Kconfig
+##
+# CONFIG_NFC_ST95HF is not set
+
 ##
 ## file: drivers/ntb/Kconfig
 ##
@@ -3644,6 +3662,15 @@ CONFIG_NFC_PN533_USB=m
 ## file: drivers/nvme/host/Kconfig
 ##
 CONFIG_BLK_DEV_NVME=m
+# CONFIG_BLK_DEV_NVME_SCSI is not set
+CONFIG_NVME_RDMA=m
+
+##
+## file: drivers/nvme/target/Kconfig
+##
+CONFIG_NVME_TARGET=m
+# CONFIG_NVME_TARGET_LOOP is not set
+CONFIG_NVME_TARGET_RDMA=m
 
 ##
 ## file: drivers/of/Kconfig
@@ -3676,6 +3703,11 @@ CONFIG_PCI_IOV=y
 # CONFIG_PCI_PRI is not set
 # CONFIG_PCI_PASID is not set
 
+##
+## file: drivers/pci/host/Kconfig
+##
+# CONFIG_PCIE_DW_PLAT is not set
+
 ##
 ## file: drivers/pci/hotplug/Kconfig
 ##
@@ -3688,6 +3720,7 @@ CONFIG_PCIEPORTBUS=y
 CONFIG_HOTPLUG_PCI_PCIE=y
 CONFIG_PCIEASPM=y
 # CONFIG_PCIEASPM_DEBUG is not set
+CONFIG_PCIE_DPC=y
 
 ##
 ## file: drivers/pci/pcie/aer/Kconfig
@@ -5590,6 +5623,7 @@ CONFIG_MODVERSIONS=y
 CONFIG_MODULE_SIG_SHA256=y
 ## end choice
 # CONFIG_MODULE_COMPRESS is not set
+# CONFIG_TRIM_UNUSED_KSYMS is not set
 
 ##
 ## file: kernel/gcov/Kconfig
@@ -5834,6 +5868,7 @@ CONFIG_IO_STRICT_DEVMEM=y
 ## file: mm/Kconfig
 ##
 CONFIG_MEMORY_HOTPLUG=y
+# CONFIG_MEMORY_HOTPLUG_DEFAULT_ONLINE is not set
 CONFIG_MEMORY_HOTREMOVE=y
 CONFIG_BALLOON_COMPACTION=y
 CONFIG_COMPACTION=y
@@ -5855,6 +5890,7 @@ CONFIG_ZSWAP=y
 CONFIG_ZBUD=y
 CONFIG_ZSMALLOC=m
 # CONFIG_PGTABLE_MAPPING is not set
+# CONFIG_DEFERRED_STRUCT_PAGE_INIT is not set
 
 ##
 ## file: mm/Kconfig.debug
@@ -5884,6 +5920,7 @@ CONFIG_LWTUNNEL=y
 ## file: net/6lowpan/Kconfig
 ##
 CONFIG_6LOWPAN=m
+# CONFIG_6LOWPAN_DEBUGFS is not set
 CONFIG_6LOWPAN_NHC=m
 CONFIG_6LOWPAN_NHC_DEST=m
 CONFIG_6LOWPAN_NHC_FRAGMENT=m
@@ -5937,6 +5974,7 @@ CONFIG_BT_BREDR=y
 CONFIG_BT_HS=y
 CONFIG_BT_LE=y
 CONFIG_BT_6LOWPAN=m
+# CONFIG_BT_LEDS is not set
 # CONFIG_BT_SELFTEST is not set
 CONFIG_BT_DEBUGFS=y
 
@@ -6095,6 +6133,7 @@ CONFIG_INET_XFRM_MODE_TUNNEL=m
 CONFIG_INET_XFRM_MODE_BEET=m
 CONFIG_INET_DIAG=m
 CONFIG_INET_UDP_DIAG=m
+CONFIG_INET_DIAG_DESTROY=y
 CONFIG_TCP_CONG_ADVANCED=y
 CONFIG_TCP_CONG_BIC=m
 CONFIG_TCP_CONG_CUBIC=y
@@ -6103,6 +6142,7 @@ CONFIG_TCP_CONG_HTCP=m
 CONFIG_TCP_CONG_HSTCP=m
 CONFIG_TCP_CONG_HYBLA=m
 CONFIG_TCP_CONG_VEGAS=m
+CONFIG_TCP_CONG_NV=m
 CONFIG_TCP_CONG_SCALABLE=m
 CONFIG_TCP_CONG_LP=m
 CONFIG_TCP_CONG_VENO=m
@@ -6170,6 +6210,7 @@ CONFIG_INET6_AH=m
 CONFIG_INET6_ESP=m
 CONFIG_INET6_IPCOMP=m
 CONFIG_IPV6_MIP6=y
+CONFIG_IPV6_ILA=m
 CONFIG_INET6_XFRM_MODE_TRANSPORT=m
 CONFIG_INET6_XFRM_MODE_TUNNEL=m
 CONFIG_INET6_XFRM_MODE_BEET=m
@@ -6219,6 +6260,11 @@ CONFIG_IP6_NF_NAT=m
 CONFIG_IP6_NF_TARGET_MASQUERADE=m
 CONFIG_IP6_NF_TARGET_NPT=m
 
+##
+## file: net/kcm/Kconfig
+##
+# CONFIG_AF_KCM is not set
+
 ##
 ## file: net/l2tp/Kconfig
 ##
@@ -6267,6 +6313,11 @@ CONFIG_NET_MPLS_GSO=y
 CONFIG_MPLS_ROUTING=m
 CONFIG_MPLS_IPTUNNEL=m
 
+##
+## file: net/ncsi/Kconfig
+##
+# CONFIG_NET_NCSI is not set
+
 ##
 ## file: net/netfilter/Kconfig
 ##
@@ -6554,6 +6605,7 @@ CONFIG_NET_CLS_FLOW=m
 CONFIG_NET_CLS_CGROUP=m
 CONFIG_NET_CLS_BPF=m
 CONFIG_NET_CLS_FLOWER=m
+CONFIG_NET_CLS_MATCHALL=m
 CONFIG_NET_EMATCH=y
 CONFIG_NET_EMATCH_STACK=32
 CONFIG_NET_EMATCH_CMP=m
@@ -6577,6 +6629,9 @@ CONFIG_NET_ACT_CSUM=m
 CONFIG_NET_ACT_VLAN=m
 CONFIG_NET_ACT_BPF=m
 CONFIG_NET_ACT_CONNMARK=m
+CONFIG_NET_ACT_IFE=m
+CONFIG_NET_IFE_SKBMARK=m
+CONFIG_NET_IFE_SKBPRIO=m
 CONFIG_NET_CLS_IND=y
 
 ##
@@ -6600,6 +6655,11 @@ CONFIG_RPCSEC_GSS_KRB5=m
 CONFIG_SUNRPC_DEBUG=y
 CONFIG_SUNRPC_XPRT_RDMA=m
 
+##
+## file: net/switchdev/Kconfig
+##
+# CONFIG_NET_SWITCHDEV is not set
+
 ##
 ## file: net/tipc/Kconfig
 ##

debian/config/featureset-rt/config

@@ -6,3 +6,4 @@ CONFIG_WAKEUP_LATENCY_HIST=y
 CONFIG_RCU_EXPERT=y
 #. Certificate paths are resolved relative to debian/build/source_rt
 CONFIG_SYSTEM_TRUSTED_KEYS="../../certs/benh@debian.org.cert.pem"
+CONFIG_HWLAT_DETECTOR=m

debian/config/kernelarch-x86/config

@@ -18,6 +18,7 @@ CONFIG_HYPERVISOR_GUEST=y
 CONFIG_PARAVIRT=y
 # CONFIG_PARAVIRT_DEBUG is not set
 CONFIG_PARAVIRT_SPINLOCKS=y
+# CONFIG_QUEUED_LOCK_STAT is not set
 CONFIG_KVM_GUEST=y
 # CONFIG_KVM_DEBUG_FS is not set
 # CONFIG_PARAVIRT_TIME_ACCOUNTING is not set
@@ -111,6 +112,14 @@ CONFIG_OPTIMIZE_INLINING=y
 # CONFIG_DEBUG_NMI_SELFTEST is not set
 # CONFIG_PUNIT_ATOM_DEBUG is not set
 
+##
+## file: arch/x86/events/Kconfig
+##
+CONFIG_PERF_EVENTS_INTEL_UNCORE=m
+CONFIG_PERF_EVENTS_INTEL_RAPL=m
+CONFIG_PERF_EVENTS_INTEL_CSTATE=m
+CONFIG_PERF_EVENTS_AMD_POWER=m
+
 ##
 ## file: arch/x86/kvm/Kconfig
 ##
@@ -202,6 +211,11 @@ CONFIG_ACPI_APEI_MEMORY_FAILURE=y
 # CONFIG_ACPI_APEI_EINJ is not set
 # CONFIG_ACPI_APEI_ERST_DEBUG is not set
 
+##
+## file: drivers/acpi/dptf/Kconfig
+##
+CONFIG_DPTF_POWER=m
+
 ##
 ## file: drivers/ata/Kconfig
 ##
@@ -820,6 +834,7 @@ CONFIG_ISDN_DIVAS_MAINT=m
 ## file: drivers/leds/Kconfig
 ##
 CONFIG_LEDS_CLEVO_MAIL=m
+CONFIG_LEDS_DELL_NETBOOKS=m
 CONFIG_LEDS_MENF21BMC=m
 
 ##
@@ -1317,6 +1332,7 @@ CONFIG_ACER_WMI=m
 CONFIG_ACERHDF=m
 CONFIG_ALIENWARE_WMI=m
 CONFIG_ASUS_LAPTOP=m
+CONFIG_DELL_SMBIOS=m
 CONFIG_DELL_LAPTOP=m
 CONFIG_DELL_WMI=m
 CONFIG_DELL_WMI_AIO=m
@@ -1355,6 +1371,7 @@ CONFIG_ACPI_TOSHIBA=m
 CONFIG_TOSHIBA_BT_RFKILL=m
 CONFIG_TOSHIBA_HAPS=m
 CONFIG_ACPI_CMPC=m
+CONFIG_INTEL_VBTN=m
 CONFIG_INTEL_IPS=m
 CONFIG_IBM_RTL=m
 CONFIG_SAMSUNG_LAPTOP=m

debian/patches/bugfix/all/kvm-nVMX-Allow-L1-to-intercept-software-exceptions-B.patch

@@ -0,0 +1,65 @@
+From: Jim Mattson <jmattson@google.com>
+Date: Mon, 12 Dec 2016 11:01:37 -0800
+Subject: kvm: nVMX: Allow L1 to intercept software exceptions (#BP and #OF)
+Origin: https://git.kernel.org/linus/ef85b67385436ddc1998f45f1d6a210f935b3388
+
+When L2 exits to L0 due to "exception or NMI", software exceptions
+(#BP and #OF) for which L1 has requested an intercept should be
+handled by L1 rather than L0. Previously, only hardware exceptions
+were forwarded to L1.
+
+Signed-off-by: Jim Mattson <jmattson@google.com>
+Cc: stable@vger.kernel.org
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+---
+ arch/x86/kvm/vmx.c | 11 +++++------
+ 1 file changed, 5 insertions(+), 6 deletions(-)
+
+diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
+index c41d7ffdda5a..24db5fb6f575 100644
+--- a/arch/x86/kvm/vmx.c
++++ b/arch/x86/kvm/vmx.c
+@@ -1389,10 +1389,10 @@ static inline bool nested_cpu_has_posted_intr(struct vmcs12 *vmcs12)
+ 	return vmcs12->pin_based_vm_exec_control & PIN_BASED_POSTED_INTR;
+ }
+ 
+-static inline bool is_exception(u32 intr_info)
++static inline bool is_nmi(u32 intr_info)
+ {
+ 	return (intr_info & (INTR_INFO_INTR_TYPE_MASK | INTR_INFO_VALID_MASK))
+-		== (INTR_TYPE_HARD_EXCEPTION | INTR_INFO_VALID_MASK);
++		== (INTR_TYPE_NMI_INTR | INTR_INFO_VALID_MASK);
+ }
+ 
+ static void nested_vmx_vmexit(struct kvm_vcpu *vcpu, u32 exit_reason,
+@@ -5728,7 +5728,7 @@ static int handle_exception(struct kvm_vcpu *vcpu)
+ 	if (is_machine_check(intr_info))
+ 		return handle_machine_check(vcpu);
+ 
+-	if ((intr_info & INTR_INFO_INTR_TYPE_MASK) == INTR_TYPE_NMI_INTR)
++	if (is_nmi(intr_info))
+ 		return 1;  /* already handled by vmx_vcpu_run() */
+ 
+ 	if (is_no_device(intr_info)) {
+@@ -8170,7 +8170,7 @@ static bool nested_vmx_exit_handled(struct kvm_vcpu *vcpu)
+ 
+ 	switch (exit_reason) {
+ 	case EXIT_REASON_EXCEPTION_NMI:
+-		if (!is_exception(intr_info))
++		if (is_nmi(intr_info))
+ 			return false;
+ 		else if (is_page_fault(intr_info))
+ 			return enable_ept;
+@@ -8765,8 +8765,7 @@ static void vmx_complete_atomic_exit(struct vcpu_vmx *vmx)
+ 		kvm_machine_check();
+ 
+ 	/* We need to handle NMIs before interrupts are enabled */
+-	if ((exit_intr_info & INTR_INFO_INTR_TYPE_MASK) == INTR_TYPE_NMI_INTR &&
+-	    (exit_intr_info & INTR_INFO_VALID_MASK)) {
++	if (is_nmi(exit_intr_info)) {
+ 		kvm_before_handle_nmi(&vmx->vcpu);
+ 		asm("int $2");
+ 		kvm_after_handle_nmi(&vmx->vcpu);
+-- 
+2.11.0
+

debian/patches/bugfix/all/sg_write-bsg_write-is-not-fit-to-be-called-under-KER.patch

@@ -0,0 +1,48 @@
+From: Al Viro <viro@zeniv.linux.org.uk>
+Date: Fri, 16 Dec 2016 13:42:06 -0500
+Subject: sg_write()/bsg_write() is not fit to be called under KERNEL_DS
+Origin: https://git.kernel.org/linus/128394eff343fc6d2f32172f03e24829539c5835
+
+Both damn things interpret userland pointers embedded into the payload;
+worse, they are actually traversing those.  Leaving aside the bad
+API design, this is very much _not_ safe to call with KERNEL_DS.
+Bail out early if that happens.
+
+Cc: stable@vger.kernel.org
+Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
+---
+ block/bsg.c       | 3 +++
+ drivers/scsi/sg.c | 3 +++
+ 2 files changed, 6 insertions(+)
+
+diff --git a/block/bsg.c b/block/bsg.c
+index 8a05a404ae70..a57046de2f07 100644
+--- a/block/bsg.c
++++ b/block/bsg.c
+@@ -655,6 +655,9 @@ bsg_write(struct file *file, const char __user *buf, size_t count, loff_t *ppos)
+ 
+ 	dprintk("%s: write %Zd bytes\n", bd->name, count);
+ 
++	if (unlikely(segment_eq(get_fs(), KERNEL_DS)))
++		return -EINVAL;
++
+ 	bsg_set_block(bd, file);
+ 
+ 	bytes_written = 0;
+diff --git a/drivers/scsi/sg.c b/drivers/scsi/sg.c
+index 070332eb41f3..dbe5b4b95df0 100644
+--- a/drivers/scsi/sg.c
++++ b/drivers/scsi/sg.c
+@@ -581,6 +581,9 @@ sg_write(struct file *filp, const char __user *buf, size_t count, loff_t * ppos)
+ 	sg_io_hdr_t *hp;
+ 	unsigned char cmnd[SG_MAX_CDB_SIZE];
+ 
++	if (unlikely(segment_eq(get_fs(), KERNEL_DS)))
++		return -EINVAL;
++
+ 	if ((!(sfp = (Sg_fd *) filp->private_data)) || (!(sdp = sfp->parentdp)))
+ 		return -ENXIO;
+ 	SCSI_LOG_TIMEOUT(3, sg_printk(KERN_INFO, sdp,
+-- 
+2.11.0
+

debian/patches/bugfix/powerpc/powerpc-boot-request-no-dynamic-linker-for-boot-wrap.patch

@@ -0,0 +1,69 @@
+From: Nicholas Piggin <npiggin@gmail.com>
+Date: Mon, 28 Nov 2016 12:42:26 +1100
+Subject: powerpc/boot: Request no dynamic linker for boot wrapper
+Origin: https://git.kernel.org/linus/ff45000fcb56b5b0f1a14a865d3541746d838a0a
+Bug-Debian: https://bugs.debian.org/848851
+
+The boot wrapper performs its own relocations and does not require
+PT_INTERP segment. However currently we don't tell the linker that.
+
+Prior to binutils 2.28 that works OK. But since binutils commit
+1a9ccd70f9a7 ("Fix the linker so that it will not silently generate ELF
+binaries with invalid program headers. Fix readelf to report such
+invalid binaries.") binutils tries to create a program header segment
+due to PT_INTERP, and the link fails because there is no space for it:
+
+  ld: arch/powerpc/boot/zImage.pseries: Not enough room for program headers, try linking with -N
+  ld: final link failed: Bad value
+
+So tell the linker not to do that, by passing --no-dynamic-linker.
+
+Cc: stable@vger.kernel.org
+Reported-by: Anton Blanchard <anton@samba.org>
+Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
+[mpe: Drop dependency on ld-version.sh and massage change log]
+Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
+---
+ arch/powerpc/boot/wrapper | 24 +++++++++++++++++++++++-
+ 1 file changed, 23 insertions(+), 1 deletion(-)
+
+--- a/arch/powerpc/boot/wrapper
++++ b/arch/powerpc/boot/wrapper
+@@ -181,6 +181,28 @@ case "$elfformat" in
+     elf32-powerpc)	format=elf32ppc	;;
+ esac
+ 
++ld_version()
++{
++    # Poached from scripts/ld-version.sh, but we don't want to call that because
++    # this script (wrapper) is distributed separately from the kernel source.
++    # Extract linker version number from stdin and turn into single number.
++    awk '{
++	gsub(".*\\)", "");
++	gsub(".*version ", "");
++	gsub("-.*", "");
++	split($1,a, ".");
++	print a[1]*100000000 + a[2]*1000000 + a[3]*10000;
++	exit
++    }'
++}
++
++# Do not include PT_INTERP segment when linking pie. Non-pie linking
++# just ignores this option.
++LD_VERSION=$(${CROSS}ld --version | ld_version)
++LD_NO_DL_MIN_VERSION=$(echo 2.26 | ld_version)
++if [ "$LD_VERSION" -ge "$LD_NO_DL_MIN_VERSION" ] ; then
++	nodl="--no-dynamic-linker"
++fi
+ 
+ platformo=$object/"$platform".o
+ lds=$object/zImage.lds
+@@ -446,7 +468,7 @@ if [ "$platform" != "miboot" ]; then
+         text_start="-Ttext $link_address"
+     fi
+ #link everything
+-    ${CROSS}ld -m $format -T $lds $text_start $pie -o "$ofile" \
++    ${CROSS}ld -m $format -T $lds $text_start $pie $nodl -o "$ofile" \
+ 	$platformo $tmp $object/wrapper.a
+     rm $tmp
+ fi

debian/patches/series

@@ -47,6 +47,7 @@ debian/fanotify-taint-on-use-of-fanotify_access_permissions.patch
 
 # Arch bug fixes
 bugfix/arm64/arm64-mm-limit-task_size_64-for-compatibility.patch
+bugfix/powerpc/powerpc-boot-request-no-dynamic-linker-for-boot-wrap.patch
 
 # Arch features
 features/mips/MIPS-increase-MAX-PHYSMEM-BITS-on-Loongson-3-only.patch
@@ -105,6 +106,8 @@ bugfix/x86/x86-kbuild-enable-modversions-for-symbols-exported-f.patch
 bugfix/powerpc/powerpc-remove-mac-on-linux-hooks.patch
 bugfix/powerpc/powerpc-fix-missing-crcs-add-yet-more-asm-prototypes.patch
 bugfix/all/module-disable-matching-missing-version-crc.patch
+bugfix/all/sg_write-bsg_write-is-not-fit-to-be-called-under-KER.patch
+bugfix/all/kvm-nVMX-Allow-L1-to-intercept-software-exceptions-B.patch
 
 # ABI maintenance
 

debian/templates/control.source.in

@@ -1,7 +1,7 @@
 Section: kernel
 Priority: optional
 Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
-Uploaders: Bastian Blank <waldi@debian.org>, maximilian attems <maks@debian.org>, Ben Hutchings <ben@decadent.org.uk>
+Uploaders: Bastian Blank <waldi@debian.org>, maximilian attems <maks@debian.org>, Ben Hutchings <ben@decadent.org.uk>, Salvatore Bonaccorso <carnil@debian.org>
 Standards-Version: 3.9.8
 Build-Depends:
  debhelper (>= 10.1~),
@@ -26,7 +26,7 @@ Build-Depends:
 #   not have M-A: allowed but need unqualified name for newer versions
  openssl (>= 1.1.0-1~) <!stage1> | openssl:native <!stage1>,
 # used by upstream to build perf documentation
- asciidoc <!stage1 !nodoc !pkg.linux.notools>,
+ asciidoc-base <!stage1 !nodoc !pkg.linux.notools> | asciidoc <!stage1 !nodoc !pkg.linux.notools>,
  xmlto <!stage1 !nodoc !pkg.linux.notools>,
 # used by upstream to build perf
  bison <!stage1 !pkg.linux.notools !nopython>,