Kernel SRU Workflow

focal/linux-aws-5.15: 5.15.0-1048.53~20.04.1 -proposed tracker

Bug #2038168 reported by Thadeu Lima de Souza Cascardo on 2023-10-02

This bug affects 1 person

	Status	Importance	Assigned to
Kernel SRU Workflow	Fix Released	Medium	Unassigned
Abi-testing	New	Undecided	Unassigned
Automated-testing	Invalid	Medium	Canonical Kernel Team
Boot-testing	Fix Released	Medium	Unassigned
Certification-testing	Invalid	Medium	Unassigned
New-review	Fix Released	Medium	Andy Whitcroft
Prepare-package	Fix Released	Medium	Tim Gardner
Prepare-package-generate	Fix Released	Medium	Tim Gardner
Prepare-package-lrg	Fix Released	Medium	Tim Gardner
Prepare-package-lrm	Fix Released	Medium	Tim Gardner
Prepare-package-lrs	Fix Released	Medium	Tim Gardner
Prepare-package-meta	Fix Released	Medium	Tim Gardner
Prepare-package-signed	Fix Released	Medium	Tim Gardner
Promote-signing-to-proposed	Invalid	Medium	Unassigned
Promote-to-proposed	Fix Released	Medium	Ubuntu Stable Release Updates Team
Promote-to-security	Fix Released	Medium	Andy Whitcroft
Promote-to-updates	Fix Released	Medium	Andy Whitcroft
Regression-testing	Fix Released	Medium	Tim Gardner
Security-signoff	Fix Released	Medium	Steve Beattie
Sru-review	Fix Released	Medium	Andy Whitcroft
Verification-testing	Fix Released	Medium	Canonical Kernel Team
canonical-signing-jobs
Task00	Fix Released	Medium	Andy Whitcroft
linux-aws-5.15 (Ubuntu)
Focal	Fix Released	Medium	Unassigned

Bug Description

This bug will contain status and test results related to a kernel source (or snap) as stated in the title.

For an explanation of the tasks and the associated workflow see:
https://wiki.ubuntu.com/Kernel/kernel-sru-workflow

-- swm properties --
built:
  from: 935d03bceacc660e
  route-entry: 2
delta:
  promote-to-proposed: [lrm, lrs, main, meta, signed, lrg, generate]
  promote-to-security: []
  promote-to-updates: [lrm, lrs, main, meta, signed]
flag:
  boot-testing-requested: true
  bugs-spammed: true
  proposed-announcement-sent: true
  proposed-testing-requested: true
issue: KSRU-10060
kernel-stable-master-bug: 2038169
packages:
  generate: linux-generate-aws-5.15
  lrg: linux-restricted-generate-aws-5.15
  lrm: linux-restricted-modules-aws-5.15
  lrs: linux-restricted-signatures-aws-5.15
  main: linux-aws-5.15
  meta: linux-meta-aws-5.15
  signed: linux-signed-aws-5.15
phase: Complete
phase-changed: Thursday, 19. October 2023 13:46 UTC
reason: {}
synthetic:
  :promote-to-as-proposed: Invalid
variant: debs
versions:
  lrm: 5.15.0-1048.53~20.04.1
  main: 5.15.0-1048.53~20.04.1
  meta: 5.15.0.1048.53~20.04.36
  signed: 5.15.0-1048.53~20.04.1
~~:
  announce:
    swm-transition-crankable: 2023-10-04 13:01:35.501552
  clamps:
    new-review: 935d03bceacc660e
    promote-to-proposed: 935d03bceacc660e
    self: 5.15.0-1048.53~20.04.1
    sru-review: 935d03bceacc660e

See original description

Tags:

CVE References

Thadeu Lima de Souza Cascardo (cascardo) on 2023-10-02

tags:	added: kernel-release-tracking-bug-live
description:	updated
tags:	added: kernel-sru-cycle-s2023.09.04-1
description:	updated
description:	updated
tags:	added: kernel-sru-backport-of-2038169

Thadeu Lima de Souza Cascardo (cascardo) on 2023-10-02

Changed in kernel-sru-workflow:
status:	New → Confirmed
importance:	Undecided → Medium

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-02

Changed in linux-aws-5.15 (Ubuntu Focal):
importance:	Undecided → Medium
Changed in kernel-sru-workflow:
status:	Confirmed → Triaged

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-02

description:	updated
Changed in kernel-sru-workflow:
status:	Triaged → In Progress

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-02

tags:	added: kernel-jira-issue-ksru-10060
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-04

description:

updated

Tim Gardner (timg-tpi) on 2023-10-04

summary:

- focal/linux-aws-5.15: <version to be filled> -proposed tracker
+ focal/linux-aws-5.15: 5.15.0-1048.53~20.04.1 -proposed tracker

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-04

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-04

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-04

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-05

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-05

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-05

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-05

description:	updated
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-05

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-05

description:	updated
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-05

description:	updated
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-05

description:	updated
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-05

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-05

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-05

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-05

description:	updated
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-05

description:	updated
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-05

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-05

description:	updated
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-05

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-05

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-05

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-05

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-05

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-05

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-10

description:

updated

Revision history for this message

Tim Gardner (timg-tpi) wrote on 2023-10-12:

RT: Updated hints. Tagging as passed.

tags:

added: regression-testing-passed

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-12

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-16

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-18

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-19

description:

updated

Revision history for this message

Launchpad Janitor (janitor) wrote on 2023-10-19:

Download full text (468.2 KiB)

This bug was fixed in the package linux-aws-5.15 - 5.15.0-1048.53~20.04.1

---------------
linux-aws-5.15 (5.15.0-1048.53~20.04.1) focal; urgency=medium

* focal/linux-aws-5.15: 5.15.0-1048.53~20.04.1 -proposed tracker
(LP: #2038168)

[ Ubuntu: 5.15.0-1048.53 ]

  * jammy/linux-aws: 5.15.0-1048.53 -proposed tracker (LP: #2038169)
  * jammy/linux: 5.15.0-87.97 -proposed tracker (LP: #2038209)
  * CVE-2023-4623
    - net/sched: sch_hfsc: Ensure inner classes have fsc curve
  * CVE-2023-42755
    - net/sched: Retire rsvp classifier
    - [Config] remove NET_CLS_RSVP and NET_CLS_RSVP6
  * CVE-2023-34319
    - xen/netback: Fix buffer overrun triggered by unusual packet
  * CVE-2023-4921
    - net: sched: sch_qfq: Fix UAF in qfq_dequeue()
  * CVE-2023-42752
    - igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
  * CVE-2023-4622
    - af_unix: Fix null-ptr-deref in unix_stream_sendpage().
  * CVE-2023-4244
    - netfilter: nft_set_rbtree: fix overlap expiration walk
    - netfilter: nf_tables: don't skip expired elements during walk
    - netfilter: nf_tables: adapt set backend to use GC transaction API
    - netfilter: nft_set_hash: mark set element as dead when deleting from packet
      path
    - netfilter: nf_tables: GC transaction API to avoid race with control plane
    - netfilter: nf_tables: remove busy mark and gc batch API
    - netfilter: nf_tables: don't fail inserts if duplicate has expired
    - netfilter: nf_tables: fix kdoc warnings after gc rework
    - netfilter: nf_tables: fix GC transaction races with netns and netlink event
      exit path
    - netfilter: nf_tables: GC transaction race with netns dismantle
    - netfilter: nf_tables: GC transaction race with abort path
    - netfilter: nf_tables: use correct lock to protect gc_list
    - netfilter: nf_tables: defer gc run if previous batch is still pending
    - netfilter: nft_dynset: disallow object maps
    - netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction
  * CVE-2023-42756
    - netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
  * CVE-2023-42753
    - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for
      ip_set_hash_netportnet.c
  * CVE-2023-5197
    - netfilter: nf_tables: skip bound chain in netns release path
    - netfilter: nf_tables: disallow rule removal from chain binding
  * CVE-2023-4881
    - netfilter: nftables: exthdr: fix 4-byte stack OOB write

linux-aws-5.15 (5.15.0-1047.52~20.04.1) focal; urgency=medium

* focal/linux-aws-5.15: 5.15.0-1047.52~20.04.1 -proposed tracker
(LP: #2036532)

[ Ubuntu: 5.15.0-1047.52 ]

  * jammy/linux-aws: 5.15.0-1047.52 -proposed tracker (LP: #2036533)
  * jammy/linux: 5.15.0-86.96 -proposed tracker (LP: #2036575)
  * 5.15.0-85 live migration regression (LP: #2036675)
    - Revert "KVM: x86: Always enable legacy FP/SSE in allowed user XFEATURES"
    - Revert "x86/kvm/fpu: Limit guest user_xfeatures to supported bits of XCR0"
  * Regression for ubuntu_bpf test build on Jammy 5.15.0-85.95 (LP: #2035181)
    - selftests/bpf: fix static assert compilation issue for test_cls_*.c
  * `refcount_t: underflow; use-after-free.` on hidon w/ 5.15.0-85...

This bug was fixed in the package linux-aws-5.15 - 5.15.0-1048.53~20.04.1

---------------
linux-aws-5.15 (5.15.0-1048.53~20.04.1) focal; urgency=medium

* focal/linux-aws-5.15: 5.15.0-1048.53~20.04.1 -proposed tracker
    (LP: #2038168)

[ Ubuntu: 5.15.0-1048.53 ]

linux-aws-5.15 (5.15.0-1047.52~20.04.1) focal; urgency=medium

* focal/linux-aws-5.15: 5.15.0-1047.52~20.04.1 -proposed tracker
    (LP: #2036532)

[ Ubuntu: 5.15.0-1047.52 ]

linux-aws-5.15 (5.15.0-1046.51~20.04.1) focal; urgency=medium

* focal/linux-aws-5.15: 5.15.0-1046.51~20.04.1 -proposed tracker
    (LP: #2033781)

[ Ubuntu: 5.15.0-1046.51 ]

* jammy/linux-aws: 5.15.0-1046.51 -proposed tracker (LP: #2033782)
  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
  * jammy/linux: 5.15.0-85.95 -proposed tracker (LP: #2033821)
  * Please enable Renesas RZ platform serial installer (LP: #2022361)
    - [Config] enable hihope RZ/G2M serial console
    - [Config] Mark sh-sci as built-in
  * Request backport of xen timekeeping performance improvements (LP: #2033122)
    - x86/xen/time: prefer tsc as clocksource when it is invariant
  * kdump doesn't work with UEFI secure boot and kernel lockdown enabled on
    ARM64 (LP: #2033007)
    - [Config]: Enable CONFIG_KEXEC_IMAGE_VERIFY_SIG
    - kexec, KEYS: make the code in bzImage64_verify_sig generic
    - arm64: kexec_file: use more system keyrings to verify kernel image signature
  * ubuntu_kernel_selftests:net:vrf-xfrm-tests.sh: 8 failed test cases on
    jammy/fips (LP: #2019880)
    - selftests: net: vrf-xfrm-tests: change authentication and encryption algos
  * ubuntu_kernel_selftests:net:tls: 88 failed test cases on jammy/fips
    (LP: #2019868)
    - selftests/harness: allow tests to be skipped during setup
    - selftests: net: tls: check if FIPS mode is enabled
  * A general-proteciton exception during guest migration to unsupported PKRU
    machine (LP: 2032164, reverted)
    - x86/kvm/fpu: Limit guest user_xfeatures to supported bits of XCR0
    - KVM: x86: Always enable legacy FP/SSE in allowed user XFEATURES
  * CVE-2023-4569
    - netfilter: nf_tables: deactivate catchall elements in next generation
  * CVE-2023-20569
    - x86/cpu, kvm: Add support for CPUID_80000021_EAX
    - x86/srso: Add a Speculative RAS Overflow mitigation
    - x86/srso: Add IBPB_BRTYPE support
    - x86/srso: Add SRSO_NO support
    - x86/srso: Add IBPB
    - x86/srso: Add IBPB on VMEXIT
    - x86/srso: Fix return thunks in generated code
    - x86/srso: Tie SBPB bit setting to microcode patch detection
    - x86: fix backwards merge of GDS/SRSO bit
    - x86/srso: Fix build breakage with the LLVM linker
    - x86/cpu: Fix __x86_return_thunk symbol type
    - x86/cpu: Fix up srso_safe_ret() and __x86_return_thunk()
    - x86/alternative: Make custom return thunk unconditional
    - objtool: Add frame-pointer-specific function ignore
    - x86/ibt: Add ANNOTATE_NOENDBR
    - x86/cpu: Clean up SRSO return thunk mess
    - x86/cpu: Rename original retbleed methods
    - x86/cpu: Rename srso_(.*)_alias to srso_alias_\1
    - x86/cpu: Cleanup the untrain mess
    - x86/srso: Explain the untraining sequences a bit more
    - x86/static_call: Fix __static_call_fixup()
    - x86/retpoline: Don't clobber RFLAGS during srso_safe_ret()
    - x86/srso: Disable the mitigation on unaffected configurations
    - x86/retpoline,kprobes: Fix position of thunk sections with CONFIG_LTO_CLANG
    - objtool/x86: Fixup frame-pointer vs rethunk
    - x86/srso: Correct the mitigation status when SMT is disabled
    - objtool/x86: Fix SRSO mess
    - Ubuntu: [Config]: enable Speculative Return Stack Overflow mitigation
  * Fix unreliable ethernet cable detection on I219 NIC (LP: #2028122)
    - e1000e: Use PME poll to circumvent unreliable ACPI wake
  * Need to get fine-grained control for FAN(TFN) Participant. (LP: #2031333)
    - ACPI: fan: Separate file for attributes creation
    - ACPI: fan: Optimize struct acpi_fan_fif
    - ACPI: fan: Properly handle fine grain control
    - ACPI: fan: Add additional attributes for fine grain control
  * [SRU][Ubuntu 22.04.1] Unable to interpret the frequency values in
    cpuinfo_min_freq and cpuino_max_freq sysfs files. (LP: #2030924)
    - cpufreq: intel_pstate: Fix scaling for hybrid-capable
  * CVE-2023-40283
    - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
  * CVE-2023-20588
    - x86/bugs: Increase the x86 bugs vector size to two u32s
    - x86/CPU/AMD: Do not leak quotient data after a division by 0
    - x86/CPU/AMD: Fix the DIV(0) initial fix attempt
  * CVE-2023-4194
    - net: tun_chr_open(): set sk_uid from current_fsuid()
    - net: tap_open(): set sk_uid from current_fsuid()
  * CVE-2023-4155
    - KVM: SEV: Refactor out sev_es_state struct
    - KVM: SEV: Fall back to vmalloc for SEV-ES scratch area if necessary
    - KVM: SVM: Do not terminate SEV-ES guests on GHCB validation failure
    - KVM: SVM: Exit to userspace on ENOMEM/EFAULT GHCB errors
    - KVM: SEV: snapshot the GHCB before accessing it
    - KVM: SEV: only access GHCB fields once
  * CVE-2023-1206
    - tcp: Reduce chance of collisions in inet6_hashfn().
  * Crashing with CPU soft lock on GA kernel 5.15.0.79.76 and HWE kernel
    5.19.0-46.47-22.04.1 (LP: #2032176)
    - Revert "KVM: x86: enable TDP MMU by default"
  * Jammy update: v5.15.122 upstream stable release (LP: #2032690)
    - Linux 5.15.122
    - Upstream stable to v5.15.122
  * Jammy update: v5.15.121 upstream stable release (LP: #2032689)
    - netfilter: nf_tables: drop map element references from preparation phase
    - fs: pipe: reveal missing function protoypes
    - x86/resctrl: Only show tasks' pid in current pid namespace
    - blk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_cost
    - md/raid10: check slab-out-of-bounds in md_bitmap_get_counter
    - md/raid10: fix overflow of md/safe_mode_delay
    - md/raid10: fix wrong setting of max_corr_read_errors
    - md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request
    - md/raid10: fix io loss while replacement replace rdev
    - irqchip/jcore-aic: Fix missing allocation of IRQ descriptors
    - svcrdma: Prevent page release when nothing was received
    - posix-timers: Prevent RT livelock in itimer_delete()
    - tracing/timer: Add missing hrtimer modes to decode_hrtimer_mode().
    - clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe
    - PM: domains: fix integer overflow issues in genpd_parse_state()
    - perf/arm-cmn: Fix DTC reset
    - powercap: RAPL: Fix CONFIG_IOSF_MBI dependency
    - ARM: 9303/1: kprobes: avoid missing-declaration warnings
    - cpufreq: intel_pstate: Fix energy_performance_preference for passive
    - thermal/drivers/sun8i: Fix some error handling paths in sun8i_ths_probe()
    - rcutorture: Correct name of use_softirq module parameter
    - rcuscale: Always log error message
    - rcuscale: Move shutdown from wait_event() to wait_event_idle()
    - rcu/rcuscale: Move rcu_scale_*() after kfree_scale_cleanup()
    - rcu/rcuscale: Stop kfree_scale_thread thread(s) after unloading rcuscale
    - kselftest: vDSO: Fix accumulation of uninitialized ret when CLOCK_REALTIME
      is undefined
    - perf/ibs: Fix interface via core pmu events
    - x86/mm: Fix __swp_entry_to_pte() for Xen PV guests
    - locking/atomic: arm: fix sync ops
    - evm: Complete description of evm_inode_setattr()
    - evm: Fix build warnings
    - ima: Fix build warnings
    - pstore/ram: Add check for kstrdup
    - igc: Enable and fix RX hash usage by netstack
    - wifi: ath9k: fix AR9003 mac hardware hang check register offset calculation
    - wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx
    - libbpf: btf_dump_type_data_check_overflow needs to consider
      BTF_MEMBER_BITFIELD_SIZE
    - samples/bpf: Fix buffer overflow in tcp_basertt
    - spi: spi-geni-qcom: Correct CS_TOGGLE bit in SPI_TRANS_CFG
    - wifi: wilc1000: fix for absent RSN capabilities WFA testcase
    - wifi: mwifiex: Fix the size of a memory allocation in
      mwifiex_ret_802_11_scan()
    - sctp: add bpf_bypass_getsockopt proto callback
    - libbpf: fix offsetof() and container_of() to work with CO-RE
    - bpf: Don't EFAULT for {g,s}setsockopt with wrong optlen
    - spi: dw: Round of n_bytes to power of 2
    - nfc: llcp: fix possible use of uninitialized variable in
      nfc_llcp_send_connect()
    - bpftool: JIT limited misreported as negative value on aarch64
    - regulator: core: Fix more error checking for debugfs_create_dir()
    - regulator: core: Streamline debugfs operations
    - wifi: orinoco: Fix an error handling path in spectrum_cs_probe()
    - wifi: orinoco: Fix an error handling path in orinoco_cs_probe()
    - wifi: atmel: Fix an error handling path in atmel_probe()
    - wl3501_cs: use eth_hw_addr_set()
    - wifi: wl3501_cs: Fix an error handling path in wl3501_probe()
    - wifi: ray_cs: Utilize strnlen() in parse_addr()
    - wifi: ray_cs: Drop useless status variable in parse_addr()
    - wifi: ray_cs: Fix an error handling path in ray_probe()
    - wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes
    - selftests/bpf: Fix check_mtu using wrong variable type
    - wifi: rsi: Do not configure WoWlan in shutdown hook if not enabled
    - wifi: rsi: Do not set MMC_PM_KEEP_POWER in shutdown
    - watchdog/perf: define dummy watchdog_update_hrtimer_threshold() on correct
      config
    - watchdog/perf: more properly prevent false positives with turbo modes
    - kexec: fix a memory leak in crash_shrink_memory()
    - memstick r592: make memstick_debug_get_tpc_name() static
    - wifi: ath9k: Fix possible stall on ath9k_txq_list_has_key()
    - rtnetlink: extend RTEXT_FILTER_SKIP_STATS to IFLA_VF_INFO
    - wifi: iwlwifi: pull from TXQs with softirqs disabled
    - iwlwifi: don't dump_stack() when we get an unexpected interrupt
    - wifi: iwlwifi: pcie: fix NULL pointer dereference in
      iwl_pcie_irq_rx_msix_handler()
    - wifi: cfg80211: rewrite merging of inherited elements
    - wifi: iwlwifi: mvm: indicate HW decrypt for beacon protection
    - wifi: ath9k: convert msecs to jiffies where needed
    - bpf: Omit superfluous address family check in __bpf_skc_lookup
    - bpf: Factor out socket lookup functions for the TC hookpoint.
    - bpf: Call __bpf_sk_lookup()/__bpf_skc_lookup() directly via TC hookpoint
    - bpf: Fix bpf socket lookup from tc/xdp to respect socket VRF bindings
    - can: length: fix bitstuffing count
    - igc: Fix race condition in PTP tx code
    - net: stmmac: fix double serdes powerdown
    - netlink: fix potential deadlock in netlink_set_err()
    - netlink: do not hard code device address lenth in fdb dumps
    - bonding: do not assume skb mac_header is set
    - selftests: rtnetlink: remove netdevsim device after ipsec offload test
    - gtp: Fix use-after-free in __gtp_encap_destroy().
    - net: axienet: Move reset before 64-bit DMA detection
    - sfc: fix crash when reading stats while NIC is resetting
    - lib/ts_bm: reset initial match offset for every block of text
    - netfilter: conntrack: dccp: copy entire header to stack buffer, not just
      basic one
    - netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return
      value.
    - ipvlan: Fix return value of ipvlan_queue_xmit()
    - netlink: Add __sock_i_ino() for __netlink_diag_dump().
    - drm/amd/display: Add logging for display MALL refresh setting
    - radeon: avoid double free in ci_dpm_init()
    - drm/amd/display: Explicitly specify update type per plane info change
    - Input: drv260x - sleep between polling GO bit
    - drm/bridge: tc358768: always enable HS video mode
    - drm/bridge: tc358768: fix PLL parameters computation
    - drm/bridge: tc358768: fix PLL target frequency
    - drm/bridge: tc358768: fix TCLK_ZEROCNT computation
    - drm/bridge: tc358768: Add atomic_get_input_bus_fmts() implementation
    - drm/bridge: tc358768: fix TCLK_TRAILCNT computation
    - drm/bridge: tc358768: fix THS_ZEROCNT computation
    - drm/bridge: tc358768: fix TXTAGOCNT computation
    - drm/bridge: tc358768: fix THS_TRAILCNT computation
    - drm/vram-helper: fix function names in vram helper doc
    - ARM: dts: BCM5301X: Drop "clock-names" from the SPI node
    - ARM: dts: meson8b: correct uart_B and uart_C clock references
    - Input: adxl34x - do not hardcode interrupt trigger type
    - drm: sun4i_tcon: use devm_clk_get_enabled in `sun4i_tcon_init_clocks`
    - drm/panel: sharp-ls043t1le01: adjust mode settings
    - ARM: dts: stm32: Move ethernet MAC EEPROM from SoM to carrier boards
    - bus: ti-sysc: Fix dispc quirk masking bool variables
    - arm64: dts: microchip: sparx5: do not use PSCI on reference boards
    - clk: imx: scu: use _safe list iterator to avoid a use after free
    - RDMA/bnxt_re: Disable/kill tasklet only if it is enabled
    - RDMA/bnxt_re: Fix to remove unnecessary return labels
    - RDMA/bnxt_re: Use unique names while registering interrupts
    - RDMA/bnxt_re: Remove a redundant check inside bnxt_re_update_gid
    - RDMA/bnxt_re: Fix to remove an unnecessary log
    - drm/msm/dsi: don't allow enabling 14nm VCO with unprogrammed rate
    - drm/msm/disp/dpu: get timing engine status from intf status register
    - drm/msm/dpu: Set DPU_DATA_HCTL_EN for in INTF_SC7180_MASK
    - ARM: dts: gta04: Move model property out of pinctrl node
    - arm64: dts: qcom: msm8916: correct camss unit address
    - arm64: dts: qcom: msm8994: correct SPMI unit address
    - arm64: dts: qcom: msm8996: correct camss unit address
    - arm64: dts: qcom: sdm630: correct camss unit address
    - arm64: dts: qcom: sdm845: correct camss unit address
    - arm64: dts: qcom: db820c: Move blsp1_uart2 pin states to msm8996.dtsi
    - arm64: dts: qcom: apq8016-sbc: Update modem and WiFi firmware path
    - arm64: dts: qcom: apq8016-sbc: Clarify firmware-names
    - arm64: dts: qcom: apq8016-sbc: fix mpps state names
    - arm64: dts: qcom: Drop unneeded extra device-specific includes
    - arm64: dts: qcom: apq8016-sbc: Fix regulator constraints
    - arm64: dts: qcom: apq8016-sbc: Fix 1.8V power rail on LS expansion
    - drm/panel: simple: fix active size for Ampire AM-480272H3TMQW-T01H
    - ARM: ep93xx: fix missing-prototype warnings
    - ARM: omap2: fix missing tick_broadcast() prototype
    - arm64: dts: qcom: apq8096: fix fixed regulator name property
    - arm64: dts: mediatek: mt8183: Add mediatek,broken-save-restore-fw to kukui
    - ARM: dts: stm32: Shorten the AV96 HDMI sound card name
    - memory: brcmstb_dpfe: fix testing array offset after use
    - ASoC: es8316: Increment max value for ALC Capture Target Volume control
    - ASoC: es8316: Do not set rate constraints for unsupported MCLKs
    - ARM: dts: meson8: correct uart_B and uart_C clock references
    - soc/fsl/qe: fix usb.c build errors
    - RDMA/irdma: avoid fortify-string warning in irdma_clr_wqes
    - IB/hfi1: Use bitmap_zalloc() when applicable
    - IB/hfi1: Fix wrong mmu_node used for user SDMA packet after invalidate
    - RDMA/hns: Fix hns_roce_table_get return value
    - ARM: dts: iwg20d-q7-common: Fix backlight pwm specifier
    - arm64: dts: renesas: ulcb-kf: Remove flow control for SCIF1
    - fbdev: omapfb: lcd_mipid: Fix an error handling path in mipid_spi_probe()
    - arm64: dts: ti: k3-j7200: Fix physical address of pin
    - ARM: dts: stm32: Fix audio routing on STM32MP15xx DHCOM PDK2
    - ARM: dts: stm32: fix i2s endpoint format property for stm32mp15xx-dkx
    - hwmon: (gsc-hwmon) fix fan pwm temperature scaling
    - hwmon: (adm1275) Allow setting sample averaging
    - hwmon: (pmbus/adm1275) Fix problems with temperature monitoring on ADM1272
    - ARM: dts: BCM5301X: fix duplex-full => full-duplex
    - drm/amdkfd: Fix potential deallocation of previously deallocated memory.
    - drm/amd/display: Fix artifacting on eDP panels when engaging freesync video
      mode
    - drm/radeon: fix possible division-by-zero errors
    - amdgpu: validate offset_in_bo of drm_amdgpu_gem_va
    - drm/msm/a5xx: really check for A510 in a5xx_gpu_init
    - RDMA/bnxt_re: wraparound mbox producer index
    - RDMA/bnxt_re: Avoid calling wake_up threads from spin_lock context
    - clk: imx: clk-imx8mn: fix memory leak in imx8mn_clocks_probe
    - clk: imx: clk-imx8mp: improve error handling in imx8mp_clocks_probe()
    - arm64: dts: qcom: sm8250-edo: Panel framebuffer is 2.5k instead of 4k
    - clk: clocking-wizard: Fix Oops in clk_wzrd_register_divider()
    - clk: tegra: tegra124-emc: Fix potential memory leak
    - ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer
    - drm/msm/dpu: do not enable color-management if DSPPs are not available
    - drm/msm/dp: Free resources after unregistering them
    - arm64: dts: mediatek: Add cpufreq nodes for MT8192
    - arm64: dts: mediatek: mt8192: Fix CPUs capacity-dmips-mhz
    - drm/msm/dpu: correct MERGE_3D length
    - clk: vc5: check memory returned by kasprintf()
    - clk: cdce925: check return value of kasprintf()
    - clk: si5341: return error if one synth clock registration fails
    - clk: si5341: check return value of {devm_}kasprintf()
    - clk: si5341: free unused memory on probe failure
    - clk: keystone: sci-clk: check return value of kasprintf()
    - clk: ti: clkctrl: check return value of kasprintf()
    - drivers: meson: secure-pwrc: always enable DMA domain
    - ovl: update of dentry revalidate flags after copy up
    - ASoC: imx-audmix: check return value of devm_kasprintf()
    - clk: Fix memory leak in devm_clk_notifier_register()
    - PCI: cadence: Fix Gen2 Link Retraining process
    - PCI: vmd: Reset VMD config register between soft reboots
    - scsi: qedf: Fix NULL dereference in error handling
    - pinctrl: bcm2835: Handle gpiochip_add_pin_range() errors
    - PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free
    - scsi: 3w-xxxx: Add error handling for initialization failure in tw_probe()
    - PCI: pciehp: Cancel bringup sequence if card is not present
    - PCI: ftpci100: Release the clock resources
    - PCI: Add pci_clear_master() stub for non-CONFIG_PCI
    - perf bench: Use unbuffered output when pipe/tee'ing to a file
    - perf bench: Add missing setlocale() call to allow usage of %'d style
      formatting
    - pinctrl: cherryview: Return correct value if pin in push-pull mode
    - kcsan: Don't expect 64 bits atomic builtins from 32 bits architectures
    - powerpc/interrupt: Don't read MSR from interrupt_exit_kernel_prepare()
    - powerpc/signal32: Force inlining of __unsafe_save_user_regs() and
      save_tm_user_regs_unsafe()
    - perf script: Fix allocation of evsel->priv related to per-event dump files
    - perf dwarf-aux: Fix off-by-one in die_get_varname()
    - powerpc/64s: Fix VAS mm use after free
    - pinctrl: microchip-sgpio: check return value of devm_kasprintf()
    - pinctrl: at91-pio4: check return value of devm_kasprintf()
    - powerpc/powernv/sriov: perform null check on iov before dereferencing iov
    - powerpc: simplify ppc_save_regs
    - powerpc: update ppc_save_regs to save current r1 in pt_regs
    - riscv: uprobes: Restore thread.bad_cause
    - powerpc/book3s64/mm: Fix DirectMap stats in /proc/meminfo
    - powerpc/mm/dax: Fix the condition when checking if altmap vmemap can cross-
      boundary
    - hwrng: virtio - add an internal buffer
    - hwrng: virtio - don't wait on cleanup
    - hwrng: virtio - don't waste entropy
    - hwrng: virtio - always add a pending request
    - hwrng: virtio - Fix race on data_avail and actual data
    - modpost: remove broken calculation of exception_table_entry size
    - crypto: nx - fix build warnings when DEBUG_FS is not enabled
    - modpost: fix section mismatch message for R_ARM_ABS32
    - modpost: fix section mismatch message for R_ARM_{PC24,CALL,JUMP24}
    - crypto: marvell/cesa - Fix type mismatch warning
    - modpost: fix off by one in is_executable_section()
    - ARC: define ASM_NL and __ALIGN(_STR) outside #ifdef __ASSEMBLY__ guard
    - crypto: qat - honor CRYPTO_TFM_REQ_MAY_SLEEP flag
    - crypto: qat - replace get_current_node() with numa_node_id()
    - crypto: qat - use reference to structure in dma_map_single()
    - crypto: kpp - Add helper to set reqsize
    - crypto: qat - Use helper to set reqsize
    - crypto: qat - unmap buffer before free for DH
    - crypto: qat - unmap buffers before free for RSA
    - NFSv4.1: freeze the session table upon receiving NFS4ERR_BADSESSION
    - SMB3: Do not send lease break acknowledgment if all file handles have been
      closed
    - dax: Fix dax_mapping_release() use after free
    - dax: Introduce alloc_dev_dax_id()
    - dax/kmem: Pass valid argument to memory_group_register_static
    - hwrng: st - keep clock enabled while hwrng is registered
    - kbuild: Disable GCOV for *.mod.o
    - efi/libstub: Disable PCI DMA before grabbing the EFI memory map
    - ksmbd: avoid field overflow warning
    - ACPI: utils: Fix acpi_evaluate_dsm_typed() redefinition error
    - bootmem: remove the vmemmap pages from kmemleak in free_bootmem_page
    - USB: serial: option: add LARA-R6 01B PIDs
    - usb: dwc3: gadget: Propagate core init errors to UDC during pullup
    - phy: tegra: xusb: Clear the driver reference in usb-phy dev
    - iio: adc: ad7192: Fix null ad7192_state pointer access
    - iio: adc: ad7192: Fix internal/external clock selection
    - iio: accel: fxls8962af: errata bug only applicable for FXLS8962AF
    - iio: accel: fxls8962af: fixup buffer scan element type
    - ALSA: hda/realtek: Add quirk for Clevo NPx0SNx
    - ALSA: jack: Fix mutex call in snd_jack_report()
    - block: fix signed int overflow in Amiga partition support
    - block: add overflow checks for Amiga partition support
    - block: change all __u32 annotations to __be32 in affs_hardblocks.h
    - block: increment diskseq on all media change events
    - SUNRPC: Fix UAF in svc_tcp_listen_data_ready()
    - w1: w1_therm: fix locking behavior in convert_t
    - w1: fix loop in w1_fini()
    - sh: j2: Use ioremap() to translate device tree address into kernel memory
    - usb: dwc2: platform: Improve error reporting for problems during .remove()
    - usb: dwc2: Fix some error handling paths
    - serial: 8250: omap: Fix freeing of resources on failed register
    - clk: qcom: camcc-sc7180: Add parent dependency to all camera GDSCs
    - clk: qcom: gcc-ipq6018: Use floor ops for sdcc clocks
    - media: usb: Check az6007_read() return value
    - media: videodev2.h: Fix struct v4l2_input tuner index comment
    - media: usb: siano: Fix warning due to null work_func_t function pointer
    - media: i2c: Correct format propagation for st-mipid02
    - clk: qcom: reset: Allow specifying custom reset delay
    - clk: qcom: reset: support resetting multiple bits
    - clk: qcom: ipq6018: fix networking resets
    - usb: dwc3: qcom: Fix potential memory leak
    - usb: gadget: u_serial: Add null pointer check in gserial_suspend
    - extcon: Fix kernel doc of property fields to avoid warnings
    - extcon: Fix kernel doc of property capability fields to avoid warnings
    - usb: phy: phy-tahvo: fix memory leak in tahvo_usb_probe()
    - usb: hide unused usbfs_notify_suspend/resume functions
    - serial: 8250: lock port for stop_rx() in omap8250_irq()
    - serial: 8250: lock port for UART_IER access in omap8250_irq()
    - kernfs: fix missing kernfs_idr_lock to remove an ID from the IDR
    - coresight: Fix loss of connection info when a module is unloaded
    - mfd: rt5033: Drop rt5033-battery sub-device
    - media: venus: helpers: Fix ALIGN() of non power of two
    - media: atomisp: gmin_platform: fix out_len in gmin_get_config_dsm_var()
    - KVM: s390: fix KVM_S390_GET_CMMA_BITS for GFNs in memslot holes
    - usb: dwc3: qcom: Release the correct resources in dwc3_qcom_remove()
    - usb: dwc3: qcom: Fix an error handling path in dwc3_qcom_probe()
    - usb: common: usb-conn-gpio: Set last role to unknown before initial
      detection
    - usb: dwc3-meson-g12a: Fix an error handling path in dwc3_meson_g12a_probe()
    - mfd: intel-lpss: Add missing check for platform_get_resource
    - Revert "usb: common: usb-conn-gpio: Set last role to unknown before initial
      detection"
    - serial: 8250_omap: Use force_suspend and resume for system suspend
    - test_firmware: return ENOMEM instead of ENOSPC on failed memory allocation
    - nvmem: rmem: Use NVMEM_DEVID_AUTO
    - mfd: stmfx: Fix error path in stmfx_chip_init
    - mfd: stmfx: Nullify stmfx->vdd in case of error
    - KVM: s390: vsie: fix the length of APCB bitmap
    - KVM: s390/diag: fix racy access of physical cpu number in diag 9c handler
    - mfd: stmpe: Only disable the regulators if they are enabled
    - phy: tegra: xusb: check return value of devm_kzalloc()
    - pwm: imx-tpm: force 'real_period' to be zero in suspend
    - pwm: sysfs: Do not apply state to already disabled PWMs
    - pwm: ab8500: Fix error code in probe()
    - pwm: mtk_disp: Fix the disable flow of disp_pwm
    - md/raid10: fix the condition to call bio_end_io_acct()
    - rtc: st-lpc: Release some resources in st_rtc_probe() in case of error
    - drm/i915/psr: Use hw.adjusted mode when calculating io/fast wake times
    - media: cec: i2c: ch7322: also select REGMAP
    - sctp: fix potential deadlock on &net->sctp.addr_wq_lock
    - net/sched: act_ipt: add sanity checks on table name and hook locations
    - Add MODULE_FIRMWARE() for FIRMWARE_TG357766.
    - ibmvnic: Do not reset dql stats on NON_FATAL err
    - net: dsa: vsc73xx: fix MTU configuration
    - spi: bcm-qspi: return error if neither hif_mspi nor mspi is available
    - mailbox: ti-msgmgr: Fill non-message tx data fields with 0x0
    - f2fs: fix error path handling in truncate_dnode()
    - octeontx2-af: Fix mapping for NIX block from CGX connection
    - octeontx2-af: Add validation before accessing cgx and lmac
    - ntfs: Fix panic about slab-out-of-bounds caused by ntfs_listxattr()
    - powerpc: allow PPC_EARLY_DEBUG_CPM only when SERIAL_CPM=y
    - net: bridge: keep ports without IFF_UNICAST_FLT in BR_PROMISC mode
    - tcp: annotate data races in __tcp_oow_rate_limited()
    - xsk: Honor SO_BINDTODEVICE on bind
    - net/sched: act_pedit: Add size check for TCA_PEDIT_PARMS_EX
    - riscv: move memblock_allow_resize() after linear mapping is ready
    - pptp: Fix fib lookup calls.
    - net: dsa: tag_sja1105: fix MAC DA patching from meta frames
    - octeontx-af: fix hardware timestamp configuration
    - s390/qeth: Fix vipa deletion
    - sh: dma: Fix DMA channel offset calculation
    - apparmor: fix missing error check for rhashtable_insert_fast
    - i2c: xiic: Defer xiic_wakeup() and __xiic_start_xfer() in xiic_process()
    - i2c: xiic: Don't try to handle more interrupt events after error
    - extcon: usbc-tusb320: Convert to i2c's .probe_new()
    - btrfs: do not BUG_ON() on tree mod log failure at balance_level()
    - i2c: qup: Add missing unwind goto in qup_i2c_probe()
    - NFSD: add encoding of op_recall flag for write delegation
    - io_uring: wait interruptibly for request completions on exit
    - mmc: core: disable TRIM on Kingston EMMC04G-M627
    - mmc: core: disable TRIM on Micron MTFC4GACAJCN-1M
    - mmc: mmci: Set PROBE_PREFER_ASYNCHRONOUS
    - mmc: sdhci: fix DMA configure compatibility issue when 64bit DMA mode is
      used.
    - bcache: fixup btree_cache_wait list damage
    - bcache: Remove unnecessary NULL point check in node allocations
    - bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent
    - um: Use HOST_DIR for mrproper
    - integrity: Fix possible multiple allocation in integrity_inode_get()
    - autofs: use flexible array in ioctl structure
    - shmem: use ramfs_kill_sb() for kill_sb method of ramfs-based tmpfs
    - ext4: Remove ext4 locking of moved directory
    - Revert "f2fs: fix potential corruption when moving a directory"
    - fs: Establish locking order for unrelated directories
    - fs: Lock moved directories
    - ipvs: increase ip_vs_conn_tab_bits range for 64BIT
    - jffs2: reduce stack usage in jffs2_build_xattr_subsystem()
    - fs: avoid empty option when generating legacy mount string
    - btrfs: add handling for RAID1C23/DUP to btrfs_reduce_alloc_profile
    - btrfs: delete unused BGs while reclaiming BGs
    - btrfs: bail out reclaim process if filesystem is read-only
    - btrfs: reinsert BGs failed to reclaim
    - btrfs: fix race when deleting quota root from the dirty cow roots list
    - btrfs: fix extent buffer leak after tree mod log failure at split_node()
    - btrfs: do not BUG_ON() on tree mod log failure at __btrfs_cow_block()
    - ASoC: mediatek: mt8173: Fix irq error path
    - ASoC: mediatek: mt8173: Fix snd_soc_component_initialize error path
    - ARM: dts: qcom: ipq4019: fix broken NAND controller properties override
    - ARM: orion5x: fix d2net gpio initialization
    - leds: trigger: netdev: Recheck NETDEV_LED_MODE_LINKUP on dev rename
    - fs: no need to check source
    - ovl: fix null pointer dereference in ovl_get_acl_rcu()
    - fanotify: disallow mount/sb marks on kernel internal pseudo fs
    - netfilter: conntrack: Avoid nf_ct_helper_hash uses after free
    - wireguard: queueing: use saner cpu selection wrapping
    - wireguard: netlink: send staged packets when setting initial private key
    - tty: serial: fsl_lpuart: add earlycon for imx8ulp platform
    - block/partition: fix signedness issue for Amiga partitions
    - io_uring: Use io_schedule* in cqring wait
    - io_uring: add reschedule point to handle_tw_list()
    - net: lan743x: Don't sleep in atomic context
    - workqueue: clean up WORK_* constant types, clarify masking
    - ksmbd: use ksmbd_req_buf_next() in ksmbd_smb2_check_message()
    - ksmbd: validate command payload size
    - ksmbd: fix out-of-bound read in smb2_write
    - ksmbd: validate session id and tree id in the compound request
    - drm/panel: simple: Add connector_type for innolux_at043tn24
    - drm/bridge: ti-sn65dsi86: Fix auxiliary bus lifetime
    - drm/panel: simple: Add Powertip PH800480T013 drm_display_mode flags
    - igc: Remove delay during TX ring configuration
    - net/mlx5e: fix double free in mlx5e_destroy_flow_table
    - net/mlx5e: fix memory leak in mlx5e_ptp_open
    - net/mlx5e: Check for NOT_READY flag state after locking
    - igc: set TP bit in 'supported' and 'advertising' fields of
      ethtool_link_ksettings
    - igc: Handle PPS start time programming for past time values
    - scsi: qla2xxx: Fix error code in qla2x00_start_sp()
    - bpf: Fix max stack depth check for async callbacks
    - net: mvneta: fix txq_map in case of txq_number==1
    - gve: Set default duplex configuration to full
    - ionic: remove WARN_ON to prevent panic_on_warn
    - net: bgmac: postpone turning IRQs off to avoid SoC hangs
    - net: prevent skb corruption on frag list segmentation
    - icmp6: Fix null-ptr-deref of ip6_null_entry->rt6i_idev in icmp6_dev().
    - udp6: fix udp6_ehashfn() typo
    - ntb: idt: Fix error handling in idt_pci_driver_init()
    - NTB: amd: Fix error handling in amd_ntb_pci_driver_init()
    - ntb: intel: Fix error handling in intel_ntb_pci_driver_init()
    - NTB: ntb_transport: fix possible memory leak while device_register() fails
    - NTB: ntb_tool: Add check for devm_kcalloc
    - ipv6/addrconf: fix a potential refcount underflow for idev
    - platform/x86: wmi: remove unnecessary argument
    - platform/x86: wmi: use guid_t and guid_equal()
    - platform/x86: wmi: move variables
    - platform/x86: wmi: Break possible infinite loop when parsing GUID
    - kernel/trace: Fix cleanup logic of enable_trace_eprobe
    - igc: Fix launchtime before start of cycle
    - igc: Fix inserting of empty frame for launchtime
    - bpf, riscv: Support riscv jit to provide bpf_line_info
    - riscv, bpf: Fix inconsistent JIT image generation
    - drm/i915: Fix one wrong caching mode enum usage
    - octeontx2-pf: Add additional check for MCAM rules
    - erofs: avoid infinite loop in z_erofs_do_read_page() when reading beyond EOF
    - erofs: decouple basic mount options from fs_context
    - erofs: fix fsdax unavailability for chunk-based regular files
    - wifi: airo: avoid uninitialized warning in airo_get_rate()
    - bpf: cpumap: Fix memory leak in cpu_map_update_elem
    - net/sched: flower: Ensure both minimum and maximum ports are specified
    - riscv: mm: fix truncation warning on RV32
    - netdevsim: fix uninitialized data in nsim_dev_trap_fa_cookie_write()
    - net/sched: make psched_mtu() RTNL-less safe
    - nvme-pci: remove nvme_queue from nvme_iod
    - nvme-pci: fix DMA direction of unmapping integrity data
    - pinctrl: amd: Fix mistake in handling clearing pins at startup
    - pinctrl: amd: Detect internal GPIO0 debounce handling
    - pinctrl: amd: Detect and mask spurious interrupts
    - pinctrl: amd: Only use special debounce behavior for GPIO 0
    - tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation
    - mtd: rawnand: meson: fix unaligned DMA buffers handling
    - net: bcmgenet: Ensure MDIO unregistration has clocks enabled
    - mm/damon/ops-common: atomically test and clear young on ptes and pmds
    - powerpc: Fail build if using recordmcount with binutils v2.37
    - misc: fastrpc: Create fastrpc scalar with correct buffer count
    - powerpc/security: Fix Speculation_Store_Bypass reporting on Power10
    - arm64: errata: Add detection for TRBE overwrite in FILL mode
    - erofs: fix compact 4B support for 16k block size
    - MIPS: Loongson: Fix cpu_probe_loongson() again
    - MIPS: KVM: Fix NULL pointer dereference
    - ext4: Fix reusing stale buffer heads from last failed mounting
    - ext4: fix wrong unit use in ext4_mb_clear_bb
    - ext4: get block from bh in ext4_free_blocks for fast commit replay
    - ext4: fix wrong unit use in ext4_mb_new_blocks
    - ext4: fix to check return value of freeze_bdev() in ext4_shutdown()
    - ext4: turn quotas off if mount failed after enabling quotas
    - ext4: only update i_reserved_data_blocks on successful block allocation
    - jfs: jfs_dmap: Validate db_l2nbperpage while mounting
    - hwrng: imx-rngc - fix the timeout for init and self check
    - dm integrity: reduce vmalloc space footprint on 32-bit architectures
    - PCI/PM: Avoid putting EloPOS E2/S2/H2 PCIe Ports in D3cold
    - PCI: Add function 1 DMA alias quirk for Marvell 88SE9235
    - PCI: qcom: Disable write access to read only registers for IP v2.3.3
    - PCI: rockchip: Assert PCI Configuration Enable bit after probe
    - PCI: rockchip: Write PCI Device ID to correct register
    - PCI: rockchip: Add poll and timeout to wait for PHY PLLs to be locked
    - PCI: rockchip: Fix legacy IRQ generation for RK3399 PCIe endpoint core
    - PCI: rockchip: Use u32 variable to access 32-bit registers
    - PCI: rockchip: Set address alignment for endpoint mode
    - misc: pci_endpoint_test: Free IRQs before removing the device
    - misc: pci_endpoint_test: Re-init completion for every test
    - mfd: pm8008: Fix module autoloading
    - md/raid0: add discard support for the 'original' layout
    - dm init: add dm-mod.waitfor to wait for asynchronously probed block devices
    - fs: dlm: return positive pid value for F_GETLK
    - drm/atomic: Allow vblank-enabled + self-refresh "disable"
    - drm/rockchip: vop: Leave vblank enabled in self-refresh
    - drm/amdgpu: fix clearing mappings for BOs that are always valid in VM
    - drm/amd/display: Correct `DMUB_FW_VERSION` macro
    - drm/amdgpu: avoid restore process run into dead loop.
    - drm/ttm: Don't leak a resource on swapout move error
    - serial: atmel: don't enable IRQs prematurely
    - tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() in
      case of error
    - tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() when
      iterating clk
    - tty: serial: imx: fix rs485 rx after tx
    - firmware: stratix10-svc: Fix a potential resource leak in
      svc_create_memory_pool()
    - libceph: harden msgr2.1 frame segment length checks
    - ceph: don't let check_caps skip sending responses for revoke msgs
    - xhci: Fix resume issue of some ZHAOXIN hosts
    - xhci: Fix TRB prefetch issue of ZHAOXIN hosts
    - xhci: Show ZHAOXIN xHCI root hub speed correctly
    - meson saradc: fix clock divider mask length
    - opp: Fix use-after-free in lazy_opp_tables after probe deferral
    - soundwire: qcom: fix storing port config out-of-bounds
    - Revert "8250: add support for ASIX devices with a FIFO bug"
    - bus: ixp4xx: fix IXP4XX_EXP_T1_MASK
    - s390/decompressor: fix misaligned symbol build error
    - tracing/histograms: Add histograms to hist_vars if they have referenced
      variables
    - tracing: Fix memory leak of iter->temp when reading trace_pipe
    - samples: ftrace: Save required argument registers in sample trampolines
    - net: ena: fix shift-out-of-bounds in exponential backoff
    - ring-buffer: Fix deadloop issue on reading trace_pipe
    - ftrace: Fix possible warning on checking all pages used in
      ftrace_process_locs()
    - xtensa: ISS: fix call to split_if_spec
    - tracing: Fix null pointer dereference in tracing_err_log_open()
    - selftests: mptcp: sockopt: return error if wrong mark
    - selftests: mptcp: depend on SYN_COOKIES
    - tracing/probes: Fix not to count error code to total length
    - tracing/probes: Fix to update dynamic data counter if fetcharg uses it
    - scsi: qla2xxx: Wait for io return on terminate rport
    - scsi: qla2xxx: Array index may go out of bound
    - scsi: qla2xxx: Avoid fcport pointer dereference
    - scsi: qla2xxx: Fix buffer overrun
    - scsi: qla2xxx: Fix potential NULL pointer dereference
    - scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport()
    - scsi: qla2xxx: Correct the index of array
    - scsi: qla2xxx: Pointer may be dereferenced
    - scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue
    - MIPS: kvm: Fix build error with KVM_MIPS_DEBUG_COP0_COUNTERS enabled
    - net/sched: sch_qfq: reintroduce lmax bound check for MTU
    - drm/atomic: Fix potential use-after-free in nonblocking commits
    - Linux 5.15.121
  * Jammy update: v5.15.120 upstream stable release (LP: #2032688)
    - mptcp: fix possible divide by zero in recvmsg()
    - mptcp: consolidate fallback and non fallback state machine
    - mm, hwpoison: try to recover from copy-on write faults
    - mm, hwpoison: when copy-on-write hits poison, take page offline
    - drm/amdgpu: Set vmbo destroy after pt bo is created
    - x86/microcode/AMD: Load late on both threads too
    - x86/smp: Use dedicated cache-line for mwait_play_dead()
    - can: isotp: isotp_sendmsg(): fix return error fix on TX path
    - bpf: ensure main program has an extable
    - HID: wacom: Use ktime_t rather than int when dealing with timestamps
    - HID: logitech-hidpp: add HIDPP_QUIRK_DELAYED_INIT for the T651.
    - Revert "thermal/drivers/mediatek: Use devm_of_iomap to avoid resource leak
      in mtk_thermal_probe"
    - perf symbols: Symbol lookup with kcore can fail if multiple segments match
      stext
    - scripts/tags.sh: Resolve gtags empty index generation
    - drm/amdgpu: Validate VM ioctl flags.
    - parisc: Delete redundant register definitions in <asm/assembly.h>
    - nubus: Partially revert proc_create_single_data() conversion
    - Linux 5.15.120
  * Jammy update: v5.15.119 upstream stable release (LP: #2032683)
    - drm/amd/display: fix the system hang while disable PSR
    - tracing: Add tracing_reset_all_online_cpus_unlocked() function
    - tpm, tpm_tis: Claim locality in interrupt handler
    - drm/amd/display: Add minimal pipe split transition state
    - drm/amd/display: Use dc_update_planes_and_stream
    - drm/amd/display: Add wrapper to call planes and stream update
    - tick/common: Align tick period during sched_timer setup
    - selftests: mptcp: lib: skip if missing symbol
    - selftests: mptcp: lib: skip if not below kernel version
    - selftests/mount_setattr: fix redefine struct mount_attr build error
    - selftests: mptcp: pm nl: remove hardcoded default limits
    - selftests: mptcp: join: use 'iptables-legacy' if available
    - selftests: mptcp: join: skip check if MIB counter not supported
    - nilfs2: fix buffer corruption due to concurrent device reads
    - ACPI: sleep: Avoid breaking S3 wakeup due to might_sleep()
    - KVM: Avoid illegal stage2 mapping on invalid memory slot
    - Drivers: hv: vmbus: Call hv_synic_free() if hv_synic_alloc() fails
    - Drivers: hv: vmbus: Fix vmbus_wait_for_unload() to scan present CPUs
    - PCI: hv: Fix a race condition bug in hv_pci_query_relations()
    - Revert "PCI: hv: Fix a timing issue which causes kdump to fail occasionally"
    - PCI: hv: Remove the useless hv_pcichild_state from struct hv_pci_dev
    - PCI: hv: Fix a race condition in hv_irq_unmask() that can cause panic
    - PCI: hv: Add a per-bus mutex state_lock
    - cgroup: Do not corrupt task iteration when rebinding subsystem
    - mmc: sdhci-msm: Disable broken 64-bit DMA on MSM8916
    - mmc: meson-gx: remove redundant mmc_request_done() call from irq context
    - mmc: mmci: stm32: fix max busy timeout calculation
    - ip_tunnels: allow VXLAN/GENEVE to inherit TOS/TTL from VLAN
    - regulator: pca9450: Fix LDO3OUT and LDO4OUT MASK
    - regmap: spi-avmm: Fix regmap_bus max_raw_write
    - writeback: fix dereferencing NULL mapping->host on writeback_page_template
    - io_uring/net: save msghdr->msg_control for retries
    - io_uring/net: clear msg_controllen on partial sendmsg retry
    - io_uring/net: disable partial retries for recvmsg with cmsg
    - nilfs2: prevent general protection fault in nilfs_clear_dirty_page()
    - x86/mm: Avoid using set_pgd() outside of real PGD pages
    - memfd: check for non-NULL file_seals in memfd_create() syscall
    - mmc: meson-gx: fix deferred probing
    - ieee802154: hwsim: Fix possible memory leaks
    - xfrm: Treat already-verified secpath entries as optional
    - xfrm: interface: rename xfrm_interface.c to xfrm_interface_core.c
    - xfrm: Ensure policies always checked on XFRM-I input path
    - bpf: track immediate values written to stack by BPF_ST instruction
    - bpf: Fix verifier id tracking of scalars on spill
    - xfrm: fix inbound ipv4/udp/esp packets to UDPv6 dualstack sockets
    - selftests: net: fcnal-test: check if FIPS mode is enabled
    - xfrm: Linearize the skb after offloading if needed.
    - net: qca_spi: Avoid high load if QCA7000 is not available
    - mmc: mtk-sd: fix deferred probing
    - mmc: mvsdio: fix deferred probing
    - mmc: omap: fix deferred probing
    - mmc: omap_hsmmc: fix deferred probing
    - mmc: owl: fix deferred probing
    - mmc: sdhci-acpi: fix deferred probing
    - mmc: sh_mmcif: fix deferred probing
    - mmc: usdhi60rol0: fix deferred probing
    - ipvs: align inner_mac_header for encapsulation
    - net: dsa: mt7530: fix trapping frames on non-MT7621 SoC MT7530 switch
    - net: dsa: mt7530: fix handling of BPDUs on MT7530 switch
    - be2net: Extend xmit workaround to BE3 chip
    - netfilter: nft_set_pipapo: .walk does not deal with generations
    - netfilter: nf_tables: disallow element updates of bound anonymous sets
    - netfilter: nf_tables: reject unbound anonymous set before commit phase
    - netfilter: nf_tables: reject unbound chain set before commit phase
    - netfilter: nf_tables: disallow updates of anonymous sets
    - netfilter: nfnetlink_osf: fix module autoload
    - Revert "net: phy: dp83867: perform soft reset and retain established link"
    - bpf/btf: Accept function names that contain dots
    - selftests: forwarding: Fix race condition in mirror installation
    - sch_netem: acquire qdisc lock in netem_change()
    - gpio: Allow per-parent interrupt data
    - gpiolib: Fix GPIO chip IRQ initialization restriction
    - gpio: sifive: add missing check for platform_get_irq
    - scsi: target: iscsi: Prevent login threads from racing between each other
    - HID: wacom: Add error check to wacom_parse_and_register()
    - arm64: Add missing Set/Way CMO encodings
    - media: cec: core: don't set last_initiator if tx in progress
    - nfcsim.c: Fix error checking for debugfs_create_dir
    - usb: gadget: udc: fix NULL dereference in remove()
    - nvme: double KA polling frequency to avoid KATO with TBKAS on
    - Input: soc_button_array - add invalid acpi_index DMI quirk handling
    - s390/cio: unregister device when the only path is gone
    - spi: lpspi: disable lpspi module irq in DMA mode
    - ASoC: simple-card: Add missing of_node_put() in case of error
    - soundwire: dmi-quirks: add new mapping for HP Spectre x360
    - ASoC: nau8824: Add quirk to active-high jack-detect
    - s390/purgatory: disable branch profiling
    - ARM: dts: Fix erroneous ADS touchscreen polarities
    - drm/exynos: vidi: fix a wrong error return
    - drm/exynos: fix race condition UAF in exynos_g2d_exec_ioctl
    - drm/radeon: fix race condition UAF in radeon_gem_set_domain_ioctl
    - vhost_net: revert upend_idx only on retriable error
    - x86/apic: Fix kernel panic when booting with intremap=off and x2apic_phys
    - i2c: imx-lpi2c: fix type char overflow issue when calculating the clock
      cycle
    - act_mirred: remove unneded merge conflict markers
    - Linux 5.15.119
  * Jammy update: v5.15.118 upstream stable release (LP: #2030239)
    - test_firmware: Use kstrtobool() instead of strtobool()
    - test_firmware: prevent race conditions by a correct implementation of
      locking
    - test_firmware: fix a memory leak with reqs buffer
    - ksmbd: fix slab-out-of-bounds read in smb2_handle_negotiate
    - drm/amdgpu: fix Null pointer dereference error in amdgpu_device_recover_vram
    - of: overlay: rename variables to be consistent
    - of: overlay: rework overlay apply and remove kfree()s
    - of: overlay: Fix missing of_node_put() in error case of
      init_overlay_changeset()
    - power: supply: ab8500: Fix external_power_changed race
    - power: supply: sc27xx: Fix external_power_changed race
    - power: supply: bq27xxx: Use mod_delayed_work() instead of cancel() +
      schedule()
    - ARM: dts: vexpress: add missing cache properties
    - tools: gpio: fix debounce_period_us output of lsgpio
    - power: supply: Ratelimit no data debug output
    - platform/x86: asus-wmi: Ignore WMI events with codes 0x7B, 0xC0
    - regulator: Fix error checking for debugfs_create_dir
    - irqchip/gic-v3: Disable pseudo NMIs on Mediatek devices w/ firmware issues
    - power: supply: Fix logic checking if system is running from battery
    - btrfs: scrub: try harder to mark RAID56 block groups read-only
    - btrfs: handle memory allocation failure in btrfs_csum_one_bio
    - ASoC: soc-pcm: test if a BE can be prepared
    - parisc: Improve cache flushing for PCXL in arch_sync_dma_for_cpu()
    - parisc: Flush gatt writes and adjust gatt mask in parisc_agp_mask_memory()
    - MIPS: unhide PATA_PLATFORM
    - MIPS: Alchemy: fix dbdma2
    - mips: Move initrd_start check after initrd address sanitisation.
    - ASoC: dwc: move DMA init to snd_soc_dai_driver probe()
    - xen/blkfront: Only check REQ_FUA for writes
    - drm:amd:amdgpu: Fix missing buffer object unlock in failure path
    - NVMe: Add MAXIO 1602 to bogus nid list.
    - irqchip/gic: Correctly validate OF quirk descriptors
    - wifi: cfg80211: fix locking in regulatory disconnect
    - wifi: cfg80211: fix double lock bug in reg_wdev_chan_valid()
    - epoll: ep_autoremove_wake_function should use list_del_init_careful
    - ocfs2: fix use-after-free when unmounting read-only filesystem
    - ocfs2: check new file size on fallocate call
    - nios2: dts: Fix tse_mac "max-frame-size" property
    - nilfs2: fix incomplete buffer cleanup in nilfs_btnode_abort_change_key()
    - nilfs2: fix possible out-of-bounds segment allocation in resize ioctl
    - kexec: support purgatories with .text.hot sections
    - x86/purgatory: remove PGO flags
    - powerpc/purgatory: remove PGO flags
    - ALSA: usb-audio: Add quirk flag for HEM devices to enable native DSD
      playback
    - dm thin metadata: check fail_io before using data_sm
    - nouveau: fix client work fence deletion race
    - RDMA/uverbs: Restrict usage of privileged QKEYs
    - net: usb: qmi_wwan: add support for Compal RXM-G1
    - drm/amdgpu: add missing radeon secondary PCI ID
    - ALSA: hda/realtek: Add a quirk for Compaq N14JP6
    - Remove DECnet support from kernel
    - [Config] updateconfigs for DECNET
    - thunderbolt: dma_test: Use correct value for absent rings when creating
      paths
    - thunderbolt: Mask ring interrupt on Intel hardware as well
    - USB: serial: option: add Quectel EM061KGL series
    - serial: lantiq: add missing interrupt ack
    - usb: dwc3: gadget: Reset num TRBs before giving back the request
    - RDMA/rtrs: Fix the last iu->buf leak in err path
    - RDMA/rtrs: Fix rxe_dealloc_pd warning
    - RDMA/rxe: Fix packet length checks
    - spi: fsl-dspi: avoid SCK glitches with continuous transfers
    - netfilter: nf_tables: integrate pipapo into commit protocol
    - netfilter: nfnetlink: skip error delivery on batch in case of ENOMEM
    - net: enetc: correct the indexes of highest and 2nd highest TCs
    - ping6: Fix send to link-local addresses with VRF.
    - net/sched: simplify tcf_pedit_act
    - net/sched: act_pedit: remove extra check for key type
    - net/sched: act_pedit: Parse L3 Header for L4 offset
    - RDMA/rxe: Remove the unused variable obj
    - RDMA/rxe: Removed unused name from rxe_task struct
    - RDMA/rxe: Fix the use-before-initialization error of resp_pkts
    - iavf: remove mask from iavf_irq_enable_queues()
    - octeontx2-af: fixed resource availability check
    - octeontx2-af: fix lbk link credits on cn10k
    - RDMA/mlx5: Initiate dropless RQ for RAW Ethernet functions
    - RDMA/cma: Always set static rate to 0 for RoCE
    - IB/uverbs: Fix to consider event queue closing also upon non-blocking mode
    - IB/isert: Fix dead lock in ib_isert
    - IB/isert: Fix possible list corruption in CMA handler
    - IB/isert: Fix incorrect release of isert connection
    - net: ethtool: correct MAX attribute value for stats
    - ipvlan: fix bound dev checking for IPv6 l3s mode
    - sctp: fix an error code in sctp_sf_eat_auth()
    - igc: Clean the TX buffer and TX descriptor ring
    - igb: fix nvm.ops.read() error handling
    - drm/nouveau: don't detect DSM for non-NVIDIA device
    - drm/nouveau/dp: check for NULL nv_connector->native_mode
    - drm/nouveau: add nv_encoder pointer check for NULL
    - cifs: fix lease break oops in xfstest generic/098
    - ext4: drop the call to ext4_error() from ext4_get_group_info()
    - net/sched: cls_api: Fix lockup on flushing explicitly created chain
    - net: lapbether: only support ethernet devices
    - dm: don't lock fs when the map is NULL during suspend or resume
    - net: tipc: resize nlattr array to correct size
    - selftests/ptp: Fix timestamp printf format for PTP_SYS_OFFSET
    - afs: Fix vlserver probe RTT handling
    - cgroup: always put cset in cgroup_css_set_put_fork
    - rcu/kvfree: Avoid freeing new kfree_rcu() memory after old grace period
    - neighbour: Remove unused inline function neigh_key_eq16()
    - net: Remove unused inline function dst_hold_and_use()
    - net: Remove DECnet leftovers from flow.h.
    - neighbour: delete neigh_lookup_nodev as not used
    - of: overlay: add entry to of_overlay_action_name[]
    - mmc: block: ensure error propagation for non-blk
    - nilfs2: reject devices with insufficient block count
    - Linux 5.15.118
  * Jammy update: v5.15.117 upstream stable release (LP: #2030107)
    - ata: ahci: fix enum constants for gcc-13
    - gcc-plugins: Reorganize gimple includes for GCC 13
    - remove the sx8 block driver
    - [Config] updateconfigs for BLK_DEV_SX8
    - sfc (gcc13): synchronize ef100_enqueue_skb()'s return type
    - i40e: Remove string printing for i40e_status
    - i40e: use int for i40e_status
    - i40e: fix build warning in ice_fltr_add_mac_to_list()
    - bonding (gcc13): synchronize bond_{a,t}lb_xmit() types
    - f2fs: fix iostat lock protection
    - blk-iocost: avoid 64-bit division in ioc_timer_fn
    - platform/surface: aggregator: Allow completion work-items to be executed in
      parallel
    - spi: qup: Request DMA before enabling clocks
    - afs: Fix setting of mtime when creating a file/dir/symlink
    - wifi: mt76: mt7615: fix possible race in mt7615_mac_sta_poll
    - neighbour: fix unaligned access to pneigh_entry
    - net: dsa: lan9303: allow vid != 0 in port_fdb_{add|del} methods
    - bpf: Fix UAF in task local storage
    - net/ipv6: fix bool/int mismatch for skip_notify_on_dev_down
    - net/smc: Avoid to access invalid RMBs' MRs in SMCRv1 ADD LINK CONT
    - net: enetc: correct the statistics of rx bytes
    - net/sched: fq_pie: ensure reasonable TCA_FQ_PIE_QUANTUM values
    - drm/i915: Explain the magic numbers for AUX SYNC/precharge length
    - drm/i915: Use 18 fast wake AUX sync len
    - Bluetooth: Fix l2cap_disconnect_req deadlock
    - Bluetooth: L2CAP: Add missing checks for invalid DCID
    - qed/qede: Fix scheduling while atomic
    - wifi: cfg80211: fix locking in sched scan stop work
    - selftests/bpf: Verify optval=NULL case
    - selftests/bpf: Fix sockopt_sk selftest
    - netfilter: conntrack: fix NULL pointer dereference in nf_confirm_cthelper
    - netfilter: ipset: Add schedule point in call_ad().
    - ipv6: rpl: Fix Route of Death.
    - rfs: annotate lockless accesses to sk->sk_rxhash
    - rfs: annotate lockless accesses to RFS sock flow table
    - drm/i915/selftests: Increase timeout for live_parallel_switch
    - drm/i915/selftests: Stop using kthread_stop()
    - drm/i915/selftests: Add some missing error propagation
    - net: sched: move rtm_tca_policy declaration to include file
    - net: sched: act_police: fix sparse errors in tcf_police_dump()
    - net: sched: fix possible refcount leak in tc_chain_tmplt_add()
    - bpf: Add extra path pointer check to d_path helper
    - lib: cpu_rmap: Fix potential use-after-free in irq_cpu_rmap_release()
    - bnxt_en: Don't issue AP reset during ethtool's reset operation
    - bnxt_en: Query default VLAN before VNIC setup on a VF
    - bnxt_en: Implement .set_port / .unset_port UDP tunnel callbacks
    - batman-adv: Broken sync while rescheduling delayed work
    - Input: xpad - delete a Razer DeathAdder mouse VID/PID entry
    - Input: psmouse - fix OOB access in Elantech protocol
    - Input: fix open count when closing inhibited device
    - ALSA: hda/realtek: Add quirk for Clevo NS50AU
    - ALSA: hda/realtek: Add a quirk for HP Slim Desktop S01
    - drm/i915/gt: Use the correct error value when kernel_context() fails
    - drm/amd/pm: conditionally disable pcie lane switching for some
      sienna_cichlid SKUs
    - drm/amdgpu: fix xclk freq on CHIP_STONEY
    - drm/amd/pm: Fix power context allocation in SMU13
    - can: j1939: j1939_sk_send_loop_abort(): improved error queue handling in
      J1939 Socket
    - can: j1939: change j1939_netdev_lock type to mutex
    - can: j1939: avoid possible use-after-free when j1939_can_rx_register fails
    - ceph: fix use-after-free bug for inodes when flushing capsnaps
    - s390/dasd: Use correct lock while counting channel queue length
    - Bluetooth: Fix use-after-free in hci_remove_ltk/hci_remove_irk
    - Bluetooth: hci_qca: fix debugfs registration
    - tee: amdtee: Add return_origin to 'struct tee_cmd_load_ta'
    - rbd: move RBD_OBJ_FLAG_COPYUP_ENABLED flag setting
    - rbd: get snapshot context after exclusive lock is ensured to be held
    - pinctrl: meson-axg: add missing GPIOA_18 gpio group
    - usb: usbfs: Enforce page requirements for mmap
    - usb: usbfs: Use consistent mmap functions
    - ARM: dts: at91: sama7g5ek: fix debounce delay property for shdwc
    - ASoC: codecs: wsa881x: do not set can_multi_write flag
    - arm64: dts: qcom: sc7180-lite: Fix SDRAM freq for misidentified sc7180-lite
      boards
    - arm64: dts: imx8qm-mek: correct GPIOs for USDHC2 CD and WP signals
    - arm64: dts: imx8-ss-dma: assign default clock rate for lpuarts
    - ASoC: mediatek: mt8195-afe-pcm: Convert to platform remove callback
      returning void
    - ASoC: mediatek: mt8195: fix use-after-free in driver remove path
    - arm64: dts: imx8mn-beacon: Fix SPI CS pinmux
    - i2c: mv64xxx: Fix reading invalid status value in atomic mode
    - firmware: arm_ffa: Set handle field to zero in memory descriptor
    - i2c: sprd: Delete i2c adapter in .remove's error path
    - eeprom: at24: also select REGMAP
    - riscv: fix kprobe __user string arg print fault issue
    - vduse: avoid empty string for dev name
    - vhost: support PACKED when setting-getting vring_base
    - vhost_vdpa: support PACKED when setting-getting vring_base
    - ext4: only check dquot_initialize_needed() when debugging
    - Linux 5.15.117
  * CVE-2023-4273
    - exfat: check if filename entries exceeds max filename length
  * CVE-2023-4128
    - net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-
      free
    - net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-
      free
    - net/sched: cls_route: No longer copy tcf_result on update to avoid use-
      after-free
  * CVE-2023-3863
    - nfc: llcp: simplify llcp_sock_connect() error paths
    - net: nfc: Fix use-after-free caused by nfc_llcp_find_local

linux-aws-5.15 (5.15.0-1045.50~20.04.1) focal; urgency=medium

* focal/linux-aws-5.15: 5.15.0-1045.50~20.04.1 -proposed tracker
    (LP: #2034161)

[ Ubuntu: 5.15.0-1045.50 ]

* jammy/linux-aws: 5.15.0-1045.50 -proposed tracker (LP: #2034162)
  * jammy/linux: 5.15.0-84.93 -proposed tracker (LP: #2034202)
  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
  * CVE-2023-4569
    - netfilter: nf_tables: deactivate catchall elements in next generation
  * CVE-2023-40283
    - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
  * CVE-2023-20588
    - x86/bugs: Increase the x86 bugs vector size to two u32s
    - x86/CPU/AMD: Do not leak quotient data after a division by 0
    - x86/CPU/AMD: Fix the DIV(0) initial fix attempt
  * CVE-2023-4128
    - net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-
      free
    - net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-
      free
    - net/sched: cls_route: No longer copy tcf_result on update to avoid use-
      after-free

linux-aws-5.15 (5.15.0-1044.49~20.04.1) focal; urgency=medium

* focal/linux-aws-5.15: 5.15.0-1044.49~20.04.1 -proposed tracker
    (LP: #2030382)

[ Ubuntu: 5.15.0-1044.49 ]

* jammy/linux-aws: 5.15.0-1044.49 -proposed tracker (LP: #2030383)
  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/s2023.07.10)
  * jammy/linux: 5.15.0-83.92 -proposed tracker (LP: #2031132)
  * libgnutls report "trap invalid opcode" when trying to install packages over
    https (LP: #2031093)
    - [Config]: disable CONFIG_GDS_FORCE_MITIGATION

linux-aws-5.15 (5.15.0-1043.48~20.04.1) focal; urgency=medium

* focal/linux-aws-5.15: 5.15.0-1043.48~20.04.1 -proposed tracker
    (LP: #2030548)

[ Ubuntu: 5.15.0-1043.48 ]

* jammy/linux-aws: 5.15.0-1043.48 -proposed tracker (LP: #2030549)
  * jammy/linux: 5.15.0-82.91 -proposed tracker (LP: #2031147)
  * libgnutls report "trap invalid opcode" when trying to install packages over
    https (LP: #2031093)
    - [Config]: disable CONFIG_GDS_FORCE_MITIGATION
  * jammy/linux: 5.15.0-80.87 -proposed tracker (LP: #2030588)
  * CVE-2022-40982
    - x86/mm: Initialize text poking earlier
    - x86/mm: fix poking_init() for Xen PV guests
    - x86/mm: Use mm_alloc() in poking_init()
    - mm: Move mm_cachep initialization to mm_init()
    - init: Provide arch_cpu_finalize_init()
    - x86/cpu: Switch to arch_cpu_finalize_init()
    - ARM: cpu: Switch to arch_cpu_finalize_init()
    - sparc/cpu: Switch to arch_cpu_finalize_init()
    - um/cpu: Switch to arch_cpu_finalize_init()
    - init: Remove check_bugs() leftovers
    - init: Invoke arch_cpu_finalize_init() earlier
    - init, x86: Move mem_encrypt_init() into arch_cpu_finalize_init()
    - x86/init: Initialize signal frame size late
    - x86/fpu: Remove cpuinfo argument from init functions
    - x86/fpu: Mark init functions __init
    - x86/fpu: Move FPU initialization into arch_cpu_finalize_init()
    - x86/xen: Fix secondary processors' FPU initialization
    - x86/speculation: Add Gather Data Sampling mitigation
    - x86/speculation: Add force option to GDS mitigation
    - x86/speculation: Add Kconfig option for GDS
    - KVM: Add GDS_NO support to KVM
    - Documentation/x86: Fix backwards on/off logic about YMM support
    - [Config]: Enable CONFIG_ARCH_HAS_CPU_FINALIZE_INIT and
      CONFIG_GDS_FORCE_MITIGATION
  * CVE-2023-21400
    - io_uring: ensure IOPOLL locks around deferred work
  * CVE-2023-4015
    - netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound
      set/chain
    - netfilter: nf_tables: unbind non-anonymous set if rule construction fails
    - netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
  * CVE-2023-3777
    - netfilter: nf_tables: skip bound chain on rule flush
  * CVE-2023-3995
    - netfilter: nf_tables: disallow rule addition to bound chain via
      NFTA_RULE_CHAIN_ID
  * CVE-2023-20593
    - x86/cpu/amd: Move the errata checking functionality up
    - x86/cpu/amd: Add a Zenbleed fix
  * CVE-2023-3776
    - net/sched: cls_fw: Fix improper refcount update leads to use-after-free
  * CVE-2023-4004
    - netfilter: nft_set_pipapo: fix improper element removal
  * CVE-2023-3611
    - net/sched: sch_qfq: refactor parsing of netlink parameters
    - net/sched: sch_qfq: account for stab overhead in qfq_enqueue
  * CVE-2023-3610
    - netfilter: nf_tables: fix chain binding transaction logic
  * CVE-2023-3609
    - net/sched: cls_u32: Fix reference counter leak leading to overflow

[ Ubuntu: 5.15.0-1042.47 ]

* jammy/linux-aws: 5.15.0-1042.47 -proposed tracker (LP: #2029289)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync update-dkms-versions helper

linux-aws-5.15 (5.15.0-1041.46~20.04.1) focal; urgency=medium

* focal/linux-aws-5.15: 5.15.0-1041.46~20.04.1 -proposed tracker
    (LP: #2026490)

* Packaging resync (LP: #1786013)
    - [Packaging] resync update-dkms-versions helper

[ Ubuntu: 5.15.0-1041.46 ]

* jammy/linux-aws: 5.15.0-1041.46 -proposed tracker (LP: #2026491)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync getabis
  * jammy/linux: 5.15.0-79.86 -proposed tracker (LP: #2026531)
  * Jammy update: v5.15.111 upstream stable release (LP: #2025095)
    - ASOC: Intel: sof_sdw: add quirk for Intel 'Rooks County' NUC M15
    - ASoC: soc-pcm: fix hw->formats cleared by soc_pcm_hw_init() for dpcm
    - x86/hyperv: Block root partition functionality in a Confidential VM
    - iio: adc: palmas_gpadc: fix NULL dereference on rmmod
    - ASoC: Intel: bytcr_rt5640: Add quirk for the Acer Iconia One 7 B1-750
    - selftests mount: Fix mount_setattr_test builds failed
    - asm-generic/io.h: suppress endianness warnings for readq() and writeq()
    - x86/cpu: Add model number for Intel Arrow Lake processor
    - wireguard: timers: cast enum limits members to int in prints
    - wifi: mt76: mt7921e: Set memory space enable in PCI_COMMAND if unset
    - arm64: Always load shadow stack pointer directly from the task struct
    - arm64: Stash shadow stack pointer in the task struct on interrupt
    - PCI: pciehp: Fix AB-BA deadlock between reset_lock and device_lock
    - PCI: qcom: Fix the incorrect register usage in v2.7.0 config
    - IMA: allow/fix UML builds
    - USB: dwc3: fix runtime pm imbalance on probe errors
    - USB: dwc3: fix runtime pm imbalance on unbind
    - hwmon: (k10temp) Check range scale when CUR_TEMP register is read-write
    - hwmon: (adt7475) Use device_property APIs when configuring polarity
    - posix-cpu-timers: Implement the missing timer_wait_running callback
    - blk-mq: release crypto keyslot before reporting I/O complete
    - blk-crypto: make blk_crypto_evict_key() return void
    - blk-crypto: make blk_crypto_evict_key() more robust
    - ext4: use ext4_journal_start/stop for fast commit transactions
    - staging: iio: resolver: ads1210: fix config mode
    - tty: Prevent writing chars during tcsetattr TCSADRAIN/FLUSH
    - xhci: fix debugfs register accesses while suspended
    - tick/nohz: Fix cpu_is_hotpluggable() by checking with nohz subsystem
    - MIPS: fw: Allow firmware to pass a empty env
    - ipmi:ssif: Add send_retries increment
    - ipmi: fix SSIF not responding under certain cond.
    - kheaders: Use array declaration instead of char
    - wifi: mt76: add missing locking to protect against concurrent rx/status
      calls
    - pwm: meson: Fix axg ao mux parents
    - pwm: meson: Fix g12a ao clk81 name
    - soundwire: qcom: correct setting ignore bit on v1.5.1
    - pinctrl: qcom: lpass-lpi: set output value before enabling output
    - ring-buffer: Sync IRQ works before buffer destruction
    - crypto: api - Demote BUG_ON() in crypto_unregister_alg() to a WARN_ON()
    - crypto: safexcel - Cleanup ring IRQ workqueues on load failure
    - rcu: Avoid stack overflow due to __rcu_irq_enter_check_tick() being kprobe-
      ed
    - reiserfs: Add security prefix to xattr name in reiserfs_security_write()
    - KVM: nVMX: Emulate NOPs in L2, and PAUSE if it's not intercepted
    - relayfs: fix out-of-bounds access in relay_file_read
    - writeback, cgroup: fix null-ptr-deref write in bdi_split_work_to_wbs
    - ksmbd: call rcu_barrier() in ksmbd_server_exit()
    - ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
    - ksmbd: fix memleak in session setup
    - i2c: omap: Fix standard mode false ACK readings
    - riscv: mm: remove redundant parameter of create_fdt_early_page_table
    - tracing: Fix permissions for the buffer_percent file
    - iommu/amd: Fix "Guest Virtual APIC Table Root Pointer" configuration in IRTE
    - ubifs: Fix memleak when insert_old_idx() failed
    - ubi: Fix return value overwrite issue in try_write_vid_and_data()
    - ubifs: Free memory for tmpfile name
    - xfs: don't consider future format versions valid
    - sound/oss/dmasound: fix build when drivers are mixed =y/=m
    - rcu: Fix missing TICK_DEP_MASK_RCU_EXP dependency check
    - selftests/resctrl: Return NULL if malloc_and_init_memory() did not alloc mem
    - selftests/resctrl: Extend CPU vendor detection
    - selftests/resctrl: Move ->setup() call outside of test specific branches
    - selftests/resctrl: Allow ->setup() to return errors
    - selftests/resctrl: Check for return value after write_schemata()
    - selinux: fix Makefile dependencies of flask.h
    - selinux: ensure av_permissions.h is built when needed
    - tpm, tpm_tis: Do not skip reset of original interrupt vector
    - tpm, tpm_tis: Claim locality before writing TPM_INT_ENABLE register
    - tpm, tpm_tis: Disable interrupts if tpm_tis_probe_irq() failed
    - tpm, tpm_tis: Claim locality before writing interrupt registers
    - tpm, tpm: Implement usage counter for locality
    - tpm, tpm_tis: Claim locality when interrupts are reenabled on resume
    - erofs: stop parsing non-compact HEAD index if clusterofs is invalid
    - erofs: fix potential overflow calculating xattr_isize
    - drm/rockchip: Drop unbalanced obj unref
    - drm/vgem: add missing mutex_destroy
    - drm/probe-helper: Cancel previous job before starting new one
    - tools/x86/kcpuid: Fix avx512bw and avx512lvl fields in Fn00000007
    - soc: ti: pm33xx: Fix refcount leak in am33xx_pm_probe
    - arm64: dts: renesas: r8a77990: Remove bogus voltages from OPP table
    - arm64: dts: renesas: r8a774c0: Remove bogus voltages from OPP table
    - drm/msm/disp/dpu: check for crtc enable rather than crtc active to release
      shared resources
    - EDAC/skx: Fix overflows on the DRAM row address mapping arrays
    - regulator: core: Shorten off-on-delay-us for always-on/boot-on by time since
      booted
    - arm64: dts: ti: k3-j721e-main: Remove ti,strobe-sel property
    - arm64: dts: broadcom: bcm4908: add DT for Netgear RAXE500
    - arm64: dts: Add DTS files for bcmbca SoC BCM63158
    - arm64: dts: Add DTS files for bcmbca SoC BCM4912
    - ARM64: dts: Add DTS files for bcmbca SoC BCM6858
    - arm64: dts: Add base DTS file for bcmbca device Asus GT-AX6000
    - arm64: dts: Move BCM4908 dts to bcmbca folder
    - arm64: dts: broadcom: bcmbca: bcm4908: fix NAND interrupt name
    - arm64: dts: broadcom: bcmbca: bcm4908: fix procmon nodename
    - arm64: dts: qcom: msm8998: Fix stm-stimulus-base reg name
    - arm64: dts: qcom: sdm845: correct dynamic power coefficients
    - arm64: dts: qcom: sdm845: Fix the PCI I/O port range
    - arm64: dts: qcom: msm8998: Fix the PCI I/O port range
    - arm64: dts: qcom: ipq8074: Fix the PCI I/O port range
    - arm64: dts: qcom: ipq6018: Fix the PCI I/O port range
    - arm64: dts: qcom: msm8996: Fix the PCI I/O port range
    - arm64: dts: qcom: sm8250: Fix the PCI I/O port range
    - ARM: dts: qcom: ipq4019: Fix the PCI I/O port range
    - ARM: dts: qcom: ipq8064: reduce pci IO size to 64K
    - ARM: dts: qcom: ipq8064: Fix the PCI I/O port range
    - x86/MCE/AMD: Use an u64 for bank_map
    - media: bdisp: Add missing check for create_workqueue
    - media: av7110: prevent underflow in write_ts_to_decoder()
    - firmware: qcom_scm: Clear download bit during reboot
    - drm/bridge: adv7533: Fix adv7533_mode_valid for adv7533 and adv7535
    - media: max9286: Free control handler
    - drm/msm/adreno: Defer enabling runpm until hw_init()
    - drm/msm/adreno: drop bogus pm_runtime_set_active()
    - drm: msm: adreno: Disable preemption on Adreno 510
    - drm/amd/display/dc/dce60/Makefile: Fix previous attempt to silence known
      override-init warnings
    - ACPI: processor: Fix evaluating _PDC method when running as Xen dom0
    - mmc: sdhci-of-esdhc: fix quirk to ignore command inhibit for data
    - drm: rcar-du: Fix a NULL vs IS_ERR() bug
    - ARM: dts: gta04: fix excess dma channel usage
    - firmware: arm_scmi: Fix xfers allocation on Rx channel
    - ACPI: VIOT: Initialize the correct IOMMU fwspec
    - drm/lima/lima_drv: Add missing unwind goto in lima_pdev_probe()
    - mailbox: mpfs: switch to txdone_poll
    - arm64: dts: qcom: sc7180-trogdor-lazor: correct trackpad supply
    - arm64: dts: qcom: msm8994-kitakami: drop unit address from PMI8994 regulator
    - arm64: dts: qcom: msm8994-msft-lumia-octagon: drop unit address from PMI8994
      regulator
    - drm/ttm: optimize pool allocations a bit v2
    - drm/ttm/pool: Fix ttm_pool_alloc error path
    - regulator: core: Consistently set mutex_owner when using
      ww_mutex_lock_slow()
    - regulator: core: Avoid lockdep reports when resolving supplies
    - x86/apic: Fix atomic update of offset in reserve_eilvt_offset()
    - media: rkvdec: fix use after free bug in rkvdec_remove
    - media: dm1105: Fix use after free bug in dm1105_remove due to race condition
    - media: saa7134: fix use after free bug in saa7134_finidev due to race
      condition
    - media: rcar_fdp1: Make use of the helper function
      devm_platform_ioremap_resource()
    - media: rcar_fdp1: Fix the correct variable assignments
    - platform: Provide a remove callback that returns no value
    - media: rcar_fdp1: Convert to platform remove callback returning void
    - media: rcar_fdp1: Fix refcount leak in probe and remove function
    - drm/amd/display: Fix potential null dereference
    - media: rc: gpio-ir-recv: Fix support for wake-up
    - media: venus: dec: Fix handling of the start cmd
    - regulator: stm32-pwr: fix of_iomap leak
    - x86/ioapic: Don't return 0 from arch_dynirq_lower_bound()
    - arm64: kgdb: Set PSTATE.SS to 1 to re-enable single-step
    - debugobject: Prevent init race with static objects
    - drm/i915: Make intel_get_crtc_new_encoder() less oopsy
    - tick/common: Align tick period with the HZ tick.
    - cpufreq: use correct unit when verify cur freq
    - hwmon: (pmbus/fsp-3y) Fix functionality bitmask in FSP-3Y YM-2151E
    - wifi: ath6kl: minor fix for allocation size
    - wifi: ath9k: hif_usb: fix memory leak of remain_skbs
    - wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list()
    - wifi: brcmfmac: support CQM RSSI notification with older firmware
    - wifi: ath6kl: reduce WARN to dev_dbg() in callback
    - tools: bpftool: Remove invalid \' json escape
    - wifi: rtw88: mac: Return the original error from rtw_pwr_seq_parser()
    - wifi: rtw88: mac: Return the original error from rtw_mac_power_switch()
    - bpf: take into account liveness when propagating precision
    - bpf: fix precision propagation verbose logging
    - scm: fix MSG_CTRUNC setting condition for SO_PASSSEC
    - selftests/bpf: Fix a fd leak in an error path in network_helpers.c
    - bpf: Remove misleading spec_v1 check on var-offset stack read
    - net: pcs: xpcs: remove double-read of link state when using AN
    - vlan: partially enable SIOCSHWTSTAMP in container
    - net/packet: annotate accesses to po->xmit
    - net/packet: convert po->origdev to an atomic flag
    - net/packet: convert po->auxdata to an atomic flag
    - scsi: target: Fix multiple LUN_RESET handling
    - scsi: target: iscsit: Fix TAS handling during conn cleanup
    - scsi: megaraid: Fix mega_cmd_done() CMDID_INT_CMDS
    - f2fs: handle dqget error in f2fs_transfer_project_quota()
    - f2fs: enforce single zone capacity
    - f2fs: apply zone capacity to all zone type
    - f2fs: compress: fix to call f2fs_wait_on_page_writeback() in
      f2fs_write_raw_pages()
    - crypto: caam - Clear some memory in instantiate_rng
    - crypto: sa2ul - Select CRYPTO_DES
    - wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_rfreg()
    - wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_reg()
    - wifi: rt2x00: Fix memory leak when handling surveys
    - net: qrtr: correct types of trace event parameters
    - selftests: xsk: Disable IPv6 on VETH1
    - selftests/bpf: Wait for receive in cg_storage_multi test
    - bpftool: Fix bug for long instructions in program CFG dumps
    - crypto: drbg - make drbg_prepare_hrng() handle jent instantiation errors
    - crypto: drbg - Only fail when jent is unavailable in FIPS mode
    - xsk: Fix unaligned descriptor validation
    - f2fs: fix to avoid use-after-free for cached IPU bio
    - scsi: lpfc: Fix ioremap issues in lpfc_sli4_pci_mem_setup()
    - net: ethernet: stmmac: dwmac-rk: fix optional phy regulator handling
    - bpf, sockmap: fix deadlocks in the sockhash and sockmap
    - nvmet: use i_size_read() to set size for file-ns
    - nvmet: move the call to nvmet_ns_changed out of nvmet_ns_revalidate
    - nvmet: fix error handling in nvmet_execute_identify_cns_cs_ns()
    - nvmet: fix Identify Namespace handling
    - nvmet: fix Identify Controller handling
    - nvmet: fix Identify Active Namespace ID list handling
    - nvmet: fix I/O Command Set specific Identify Controller
    - nvme: handle the persistent internal error AER
    - nvme: fix async event trace event
    - nvme-fcloop: fix "inconsistent {IN-HARDIRQ-W} -> {HARDIRQ-ON-W} usage"
    - selftests/bpf: Fix leaked bpf_link in get_stackid_cannot_attach
    - bpf, sockmap: Revert buggy deadlock fix in the sockhash and sockmap
    - md: drop queue limitation for RAID1 and RAID10
    - md: raid10 add nowait support
    - md/raid10: factor out code from wait_barrier() to stop_waiting_barrier()
    - md/raid10: fix task hung in raid10d
    - md/raid10: fix leak of 'r10bio->remaining' for recovery
    - md/raid10: fix memleak for 'conf->bio_split'
    - md/raid10: fix memleak of md thread
    - md/raid10: don't call bio_start_io_acct twice for bio which experienced read
      error
    - wifi: iwlwifi: yoyo: skip dump correctly on hw error
    - wifi: iwlwifi: yoyo: Fix possible division by zero
    - wifi: iwlwifi: mvm: initialize seq variable
    - wifi: iwlwifi: fw: move memset before early return
    - jdb2: Don't refuse invalidation of already invalidated buffers
    - wifi: iwlwifi: make the loop for card preparation effective
    - wifi: mt76: handle failure of vzalloc in mt7615_coredump_work
    - wifi: mt76: add flexible polling wait-interval support
    - wifi: mt76: mt7921e: fix probe timeout after reboot
    - wifi: mt76: fix 6GHz high channel not be scanned
    - wifi: mt76: mt7921e: improve reliability of dma reset
    - wifi: iwlwifi: mvm: check firmware response size
    - wifi: iwlwifi: fw: fix memory leak in debugfs
    - ixgbe: Allow flow hash to be set via ethtool
    - ixgbe: Enable setting RSS table to default values
    - net/mlx5: E-switch, Don't destroy indirect table in split rule
    - net: stmmac:fix system hang when setting up tag_8021q VLAN for DSA ports
    - bpf: Don't EFAULT for getsockopt with optval=NULL
    - netfilter: nf_tables: don't write table validation state without mutex
    - net/sched: sch_fq: fix integer overflow of "credit"
    - ipv4: Fix potential uninit variable access bug in __ip_make_skb()
    - netlink: Use copy_to_user() for optval in netlink_getsockopt().
    - net: amd: Fix link leak when verifying config failed
    - tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp.
    - ipmi: ASPEED_BT_IPMI_BMC: select REGMAP_MMIO instead of depending on it
    - drivers: staging: rtl8723bs: Fix locking in _rtw_join_timeout_handler()
    - drivers: staging: rtl8723bs: Fix locking in rtw_scan_timeout_handler()
    - pstore: Revert pmsg_lock back to a normal mutex
    - usb: host: xhci-rcar: remove leftover quirk handling
    - usb: dwc3: gadget: Change condition for processing suspend event
    - serial: stm32: re-introduce an irq flag condition in usart_receive_chars
    - serial: stm32: Re-assert RTS/DE GPIO in RS485 mode only if more data are
      transmitted
    - fpga: bridge: fix kernel-doc parameter description
    - iio: light: max44009: add missing OF device matching
    - serial: 8250_bcm7271: Fix arbitration handling
    - spi: spi-imx: using pm_runtime_resume_and_get instead of pm_runtime_get_sync
    - spi: imx: Don't skip cleanup in remove's error path
    - usb: gadget: udc: renesas_usb3: Fix use after free bug in
      renesas_usb3_remove due to race condition
    - PCI: imx6: Install the fault handler only on compatible match
    - ASoC: es8316: Handle optional IRQ assignment
    - linux/vt_buffer.h: allow either builtin or modular for macros
    - spi: qup: Don't skip cleanup in remove's error path
    - spi: fsl-spi: Fix CPM/QE mode Litte Endian
    - vmci_host: fix a race condition in vmci_host_poll() causing GPF
    - of: Fix modalias string generation
    - PCI/EDR: Clear Device Status after EDR error recovery
    - ia64: mm/contig: fix section mismatch warning/error
    - ia64: salinfo: placate defined-but-not-used warning
    - scripts/gdb: bail early if there are no clocks
    - scripts/gdb: bail early if there are no generic PD
    - HID: amd_sfh: Add support for shutdown operation
    - coresight: etm_pmu: Set the module field
    - ASoC: fsl_mqs: move of_node_put() to the correct location
    - spi: cadence-quadspi: fix suspend-resume implementations
    - i2c: cadence: cdns_i2c_master_xfer(): Fix runtime PM leak on error path
    - scripts/gdb: raise error with reduced debugging information
    - uapi/linux/const.h: prefer ISO-friendly __typeof__
    - sh: sq: Fix incorrect element size for allocating bitmap buffer
    - usb: gadget: tegra-xudc: Fix crash in vbus_draw
    - usb: chipidea: fix missing goto in `ci_hdrc_probe`
    - usb: mtu3: fix kernel panic at qmu transfer done irq handler
    - firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe
    - tty: serial: fsl_lpuart: adjust buffer length to the intended size
    - serial: 8250: Add missing wakeup event reporting
    - staging: rtl8192e: Fix W_DISABLE# does not work after stop/start
    - spmi: Add a check for remove callback when removing a SPMI driver
    - virtio_ring: don't update event idx on get_buf
    - macintosh/windfarm_smu_sat: Add missing of_node_put()
    - powerpc/mpc512x: fix resource printk format warning
    - powerpc/wii: fix resource printk format warnings
    - powerpc/sysdev/tsi108: fix resource printk format warnings
    - macintosh: via-pmu-led: requires ATA to be set
    - powerpc/rtas: use memmove for potentially overlapping buffer copy
    - sched/fair: Use __schedstat_set() in set_next_entity()
    - sched: Make struct sched_statistics independent of fair sched class
    - sched/fair: Fix inaccurate tally of ttwu_move_affine
    - perf/core: Fix hardlockup failure caused by perf throttle
    - Revert "objtool: Support addition to set CFA base"
    - sched/rt: Fix bad task migration for rt tasks
    - clk: at91: clk-sam9x60-pll: fix return value check
    - RDMA/siw: Fix potential page_array out of range access
    - RDMA/rdmavt: Delete unnecessary NULL check
    - workqueue: Introduce show_one_worker_pool and show_one_workqueue.
    - workqueue: Fix hung time report of worker pools
    - rtc: omap: include header for omap_rtc_power_off_program prototype
    - RDMA/mlx4: Prevent shift wrapping in set_user_sq_size()
    - rtc: meson-vrtc: Use ktime_get_real_ts64() to get the current time
    - fs/ntfs3: Fix memory leak if ntfs_read_mft failed
    - fs/ntfs3: Add check for kmemdup
    - fs/ntfs3: Fix OOB read in indx_insert_into_buffer
    - fs/ntfs3: Fix slab-out-of-bounds read in hdr_delete_de()
    - power: supply: generic-adc-battery: fix unit scaling
    - clk: add missing of_node_put() in "assigned-clocks" property parsing
    - RDMA/siw: Remove namespace check from siw_netdev_event()
    - clk: qcom: gcc-sm6115: Mark RCGs shared where applicable
    - RDMA/cm: Trace icm_send_rej event before the cm state is reset
    - RDMA/srpt: Add a check for valid 'mad_agent' pointer
    - IB/hfi1: Fix SDMA mmu_rb_node not being evicted in LRU order
    - IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests
    - NFSv4.1: Always send a RECLAIM_COMPLETE after establishing lease
    - clk: qcom: regmap: add PHY clock source implementation
    - clk: qcom: gcc-sm8350: fix PCIe PIPE clocks handling
    - Input: raspberrypi-ts - fix refcount leak in rpi_ts_probe
    - RDMA/mlx5: Fix flow counter query via DEVX
    - SUNRPC: remove the maximum number of retries in call_bind_status
    - RDMA/mlx5: Use correct device num_ports when modify DC
    - clocksource/drivers/davinci: Fix memory leak in davinci_timer_register when
      init fails
    - openrisc: Properly store r31 to pt_regs on unhandled exceptions
    - timekeeping: Fix references to nonexistent ktime_get_fast_ns()
    - SMB3: Add missing locks to protect deferred close file list
    - SMB3: Close deferred file handles in case of handle lease break
    - ext4: fix i_disksize exceeding i_size problem in paritally written case
    - ext4: fix use-after-free read in ext4_find_extent for bigalloc + inline
    - pinctrl: renesas: r8a779a0: Remove incorrect AVB[01] pinmux configuration
    - leds: TI_LMU_COMMON: select REGMAP instead of depending on it
    - dmaengine: mv_xor_v2: Fix an error code.
    - leds: tca6507: Fix error handling of using fwnode_property_read_string
    - pwm: mtk-disp: Disable shadow registers before setting backlight values
    - pwm: mtk-disp: Configure double buffering before reading in .get_state()
    - phy: tegra: xusb: Add missing tegra_xusb_port_unregister for usb2_port and
      ulpi_port
    - dma: gpi: remove spurious unlock in gpi_ch_init
    - dmaengine: dw-edma: Fix to change for continuous transfer
    - dmaengine: dw-edma: Fix to enable to issue dma request on DMA processing
    - dmaengine: at_xdmac: Fix concurrency over chan's completed_cookie
    - dmaengine: at_xdmac: Fix race for the tx desc callback
    - dmaengine: at_xdmac: do not enable all cyclic channels
    - thermal/drivers/mediatek: Use devm_of_iomap to avoid resource leak in
      mtk_thermal_probe
    - mfd: tqmx86: Do not access I2C_DETECT register through io_base
    - mfd: tqmx86: Specify IO port register range more precisely
    - mfd: tqmx86: Correct board names for TQMxE39x
    - afs: Fix updating of i_size with dv jump from server
    - parisc: Fix argument pointer in real64_call_asm()
    - ALSA: usb-audio: Add quirk for Pioneer DDJ-800
    - nilfs2: do not write dirty data after degenerating to read-only
    - nilfs2: fix infinite loop in nilfs_mdt_get_block()
    - md/raid10: fix null-ptr-deref in raid10_sync_request
    - mtd: core: provide unique name for nvmem device, take two
    - mtd: core: fix nvmem error reporting
    - mtd: core: fix error path for nvmem provider
    - mailbox: zynqmp: Fix IPI isr handling
    - mailbox: zynqmp: Fix typo in IPI documentation
    - wifi: rtl8xxxu: RTL8192EU always needs full init
    - clk: rockchip: rk3399: allow clk_cifout to force clk_cifout_src to reparent
    - scripts/gdb: fix lx-timerlist for Python3
    - btrfs: scrub: reject unsupported scrub flags
    - s390/dasd: fix hanging blockdevice after request requeue
    - ia64: fix an addr to taddr in huge_pte_offset()
    - dm verity: fix error handling for check_at_most_once on FEC
    - dm clone: call kmem_cache_destroy() in dm_clone_init() error path
    - dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path
    - dm flakey: fix a crash with invalid table line
    - dm ioctl: fix nested locking in table_clear() to remove deadlock concern
    - dm: don't lock fs when the map is NULL in process of resume
    - perf auxtrace: Fix address filter entire kernel size
    - perf intel-pt: Fix CYC timestamps after standalone CBR
    - sound/oss/dmasound: fix 'dmasound_setup' defined but not used
    - arm64: dts: qcom: sdm845: correct dynamic power coefficients - again
    - sched: Fix DEBUG && !SCHEDSTATS warn
    - Linux 5.15.111
  * Jammy update: v5.15.110 upstream stable release (LP: #2025090)
    - PCI/ASPM: Remove pcie_aspm_pm_state_change()
    - selftests/kselftest/runner/run_one(): allow running non-executable files
    - KVM: arm64: Retry fault if vma_lookup() results become invalid
    - KVM: arm64: Fix buffer overflow in kvm_arm_set_fw_reg()
    - drm/fb-helper: set x/yres_virtual in drm_fb_helper_check_var
    - bluetooth: Perform careful capability checks in hci_sock_ioctl()
    - USB: serial: option: add UNISOC vendor and TOZED LT70C product
    - driver core: Don't require dynamic_debug for initcall_debug probe timing
    - selftests: mptcp: join: fix "invalid address, ADD_ADDR timeout"
    - riscv: Move early dtb mapping into the fixmap region
    - riscv: Do not set initial_boot_params to the linear address of the dtb
    - riscv: No need to relocate the dtb as it lies in the fixmap region
    - Linux 5.15.110
  * Jammy update: v5.15.109 upstream stable release (LP: #2024265)
    - ARM: dts: rockchip: fix a typo error for rk3288 spdif node
    - arm64: dts: qcom: ipq8074-hk01: enable QMP device, not the PHY node
    - arm64: dts: meson-g12-common: specify full DMC range
    - arm64: dts: imx8mm-evk: correct pmic clock source
    - netfilter: br_netfilter: fix recent physdev match breakage
    - regulator: fan53555: Explicitly include bits header
    - regulator: fan53555: Fix wrong TCS_SLEW_MASK
    - virtio_net: bugfix overflow inside xdp_linearize_page()
    - sfc: Split STATE_READY in to STATE_NET_DOWN and STATE_NET_UP.
    - sfc: Fix use-after-free due to selftest_work
    - netfilter: nf_tables: fix ifdef to also consider nf_tables=m
    - i40e: fix accessing vsi->active_filters without holding lock
    - i40e: fix i40e_setup_misc_vector() error handling
    - netfilter: nf_tables: validate catch-all set elements
    - netfilter: nf_tables: tighten netlink attribute requirements for catch-all
      elements
    - bnxt_en: Do not initialize PTP on older P3/P4 chips
    - mlxfw: fix null-ptr-deref in mlxfw_mfa2_tlv_next()
    - bonding: Fix memory leak when changing bond type to Ethernet
    - net: rpl: fix rpl header size calculation
    - mlxsw: pci: Fix possible crash during initialization
    - spi: spi-rockchip: Fix missing unwind goto in rockchip_sfc_probe()
    - bpf: Fix incorrect verifier pruning due to missing register precision taints
    - e1000e: Disable TSO on i219-LM card to increase speed
    - f2fs: Fix f2fs_truncate_partial_nodes ftrace event
    - Input: i8042 - add quirk for Fujitsu Lifebook A574/H
    - platform/x86 (gigabyte-wmi): Add support for A320M-S2H V2
    - selftests: sigaltstack: fix -Wuninitialized
    - scsi: megaraid_sas: Fix fw_crash_buffer_show()
    - scsi: core: Improve scsi_vpd_inquiry() checks
    - net: dsa: b53: mmap: add phy ops
    - s390/ptrace: fix PTRACE_GET_LAST_BREAK error handling
    - nvme-tcp: fix a possible UAF when failing to allocate an io queue
    - xen/netback: use same error messages for same errors
    - platform/x86: gigabyte-wmi: add support for X570S AORUS ELITE
    - rtmutex: Add acquire semantics for rtmutex lock acquisition slow path
    - iio: light: tsl2772: fix reading proximity-diodes from device tree
    - nilfs2: initialize unused bytes in segment summary blocks
    - memstick: fix memory leak if card device is never registered
    - kernel/sys.c: fix and improve control flow in __sys_setres[ug]id()
    - mmc: sdhci_am654: Set HIGH_SPEED_ENA for SDR12 and SDR25
    - drm/i915: Fix fast wake AUX sync len
    - mm/khugepaged: check again on anon uffd-wp during isolation
    - mm: page_alloc: skip regions with hugetlbfs pages when allocating 1G pages
    - sched/uclamp: Fix fits_capacity() check in feec()
    - sched/uclamp: Make cpu_overutilized() use util_fits_cpu()
    - sched/uclamp: Cater for uclamp in find_energy_efficient_cpu()'s early exit
      condition
    - sched/fair: Detect capacity inversion
    - sched/fair: Consider capacity inversion in util_fits_cpu()
    - sched/uclamp: Fix a uninitialized variable warnings
    - sched/fair: Fixes for capacity inversion detection
    - MIPS: Define RUNTIME_DISCARD_EXIT in LD script
    - docs: futex: Fix kernel-doc references after code split-up preparation
    - purgatory: fix disabling debug info
    - fuse: fix attr version comparison in fuse_read_update_size()
    - fuse: always revalidate rename target dentry
    - fuse: fix deadlock between atomic O_TRUNC and page invalidation
    - udp: Call inet6_destroy_sock() in setsockopt(IPV6_ADDRFORM).
    - tcp/udp: Call inet6_destroy_sock() in IPv6 sk->sk_destruct().
    - inet6: Remove inet6_destroy_sock() in sk->sk_prot->destroy().
    - dccp: Call inet6_destroy_sock() via sk->sk_destruct().
    - sctp: Call inet6_destroy_sock() via sk->sk_destruct().
    - pwm: meson: Explicitly set .polarity in .get_state()
    - pwm: iqs620a: Explicitly set .polarity in .get_state()
    - pwm: hibvt: Explicitly set .polarity in .get_state()
    - counter: 104-quad-8: Fix race condition between FLAG and CNTR reads
    - iio: adc: at91-sama5d2_adc: fix an error code in at91_adc_allocate_trigger()
    - mm/page_alloc: fix potential deadlock on zonelist_update_seq seqlock
    - ASoC: fsl_asrc_dma: fix potential null-ptr-deref
    - ASN.1: Fix check for strdup() success
    - soc: sifive: l2_cache: fix missing iounmap() in error path in
      sifive_l2_init()
    - soc: sifive: l2_cache: fix missing free_irq() in error path in
      sifive_l2_init()
    - soc: sifive: l2_cache: fix missing of_node_put() in sifive_l2_init()
    - Linux 5.15.109
  * Disable hv-kvp-daemon if /dev/vmbus/hv_kvp is not present (LP: #2024900)
    - [Packaging] disable hv-kvp-daemon if needed
  * A deadlock issue in scsi rescan task while resuming from S3 (LP: #2018566)
    - ata: libata-scsi: Avoid deadlock on rescan after device resume
  * [SRU] Intel Sapphire Rapids HBM support needs CONFIG_NUMA_EMU (LP: #2008745)
    - [Config] Intel Sapphire Rapids HBM support needs CONFIG_NUMA_EMU
  * [22.04 FEAT] Enhanced Interpretation for PCI Functions on s390x - kernel
    part (LP: #1853306)
    - kvm: use kvfree() in kvm_arch_free_vm()
    - s390/sclp: add detection of IPL-complete-control facility
    - s390/pci: use phys_to_virt() for AIBVs/DIBVs
    - s390/sclp: detect the zPCI load/store interpretation facility
    - s390/sclp: detect the AISII facility
    - s390/sclp: detect the AENI facility
    - s390/sclp: detect the AISI facility
    - s390/airq: pass more TPI info to airq handlers
    - s390/airq: allow for airq structure that uses an input vector
    - s390/pci: externalize the SIC operation controls and routine
    - s390/pci: stash associated GISA designation
    - s390/pci: stash dtsm and maxstbl
    - vfio/pci: introduce CONFIG_VFIO_PCI_ZDEV_KVM
    - KVM: s390: pci: add basic kvm_zdev structure
    - KVM: s390: pci: do initial setup for AEN interpretation
    - KVM: s390: pci: enable host forwarding of Adapter Event Notifications
    - KVM: s390: mechanism to enable guest zPCI Interpretation
    - KVM: s390: pci: provide routines for enabling/disabling interrupt forwarding
    - KVM: s390: pci: add routines to start/stop interpretive execution
    - vfio-pci/zdev: add open/close device hooks
    - vfio-pci/zdev: add function handle to clp base capability
    - vfio-pci/zdev: different maxstbl for interpreted devices
    - KVM: s390: add KVM_S390_ZPCI_OP to manage guest zPCI devices
    - MAINTAINERS: additional files related kvm s390 pci passthrough
    - Documentation: kvm: extend KVM_S390_ZPCI_OP subheading underline
    - KVM: s390: pci: Hook to access KVM lowlevel from VFIO
    - KVM: s390: pci: fix plain integer as NULL pointer warnings
    - KVM: s390: pci: fix GAIT physical vs virtual pointers usage
    - KVM: s390: pci: register pci hooks without interpretation
    - [Config] enable VFIO zPCI pass-through for s390x
  * Undefined Behavior Sanitizer (UBSAN) causes failure to match symbols
    (LP: #2003374)
    - [Config] s390x: Re-adding UBSAN to configuration
  * CVE-2023-35001
    - netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
  * CVE-2023-31248
    - netfilter: nf_tables: do not ignore genmask when looking up chain by id
  * CVE-2023-3389
    - io_uring: hold uring mutex around poll removal
  * CVE-2023-3439
    - mctp: Add refcounts to mctp_dev
    - mctp: Allow MCTP on tun devices
    - mctp: make __mctp_dev_get() take a refcount hold
    - mctp: defer the kfree of object mdev->addrs
  * CVE-2023-3390
    - netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
  * CVE-2023-3141
    - memstick: r592: Fix UAF bug in r592_remove due to race condition
  * CVE-2023-3090
    - ipvlan:Fix out-of-bounds caused by unclear skb->cb
  * CVE-2022-48502
    - fs/ntfs3: Check fields while reading
  * ftrace in ubuntu_kernel_selftests failed with "check if duplicate events are
    caught" on J-5.15 P9 / J-kvm / L-kvm (LP: #1977827)
    - SAUCE: selftests/ftrace: Add test dependency
  * Add microphone support of the front headphone port on P3 Tower
    (LP: #2023650)
    - ALSA: hda/realtek: Add Lenovo P3 Tower platform
  * Add audio support for ThinkPad P1 Gen 6 and Z16 Gen 2 (LP: #2023539)
    - ALSA: hda/realtek: Add quirks for Lenovo Z13/Z16 Gen2
    - ALSA: hda/realtek: Add quirk for ThinkPad P1 Gen 6
  * Resolve synchronous exception on arm64 (LP: #2023311)
    - arm64: efi: Recover from synchronous exceptions occurring in firmware
  * Enable Tracing Configs for OSNOISE and TIMERLAT (LP: #2018591)
    - [Config] Enable OSNOISE_TRACER and TIMERLAT_TRACER configs
  * Severe NFS performance degradation after LP #2003053 (LP: #2022098)
    - SAUCE: Make NFS file-access stale cache behaviour opt-in
  * Encountering an issue with memcpy_fromio causing failed boot of SEV-enabled
    guest (LP: #2020319)
    - x86/sev: Unroll string mmio with CC_ATTR_GUEST_UNROLL_STRING_IO
  * linux-*: please enable dm-verity kconfigs to allow MoK/db verified root
    images (LP: #2019040)
    - [Config] CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG_SECONDARY_KEYRING=y
  * CVE-2023-2124
    - xfs: verify buffer contents when we skip log replay
  * CVE-2023-0597
    - x86/kasan: Map shadow for percpu pages on demand
    - x86/mm: Randomize per-cpu entry area
    - x86/mm: Recompute physical address for every page of per-CPU CEA mapping
    - x86/mm: Populate KASAN shadow for entire per-CPU range of CPU entry area
    - x86/mm: Do not shuffle CPU entry areas without KASLR
  * Jammy update: v5.15.108 upstream stable release (LP: #2023328)
    - Revert "pinctrl: amd: Disable and mask interrupts on resume"
    - ALSA: emu10k1: fix capture interrupt handler unlinking
    - ALSA: hda/sigmatel: add pin overrides for Intel DP45SG motherboard
    - ALSA: i2c/cs8427: fix iec958 mixer control deactivation
    - ALSA: firewire-tascam: add missing unwind goto in
      snd_tscm_stream_start_duplex()
    - ALSA: emu10k1: don't create old pass-through playback device on Audigy
    - ALSA: hda/sigmatel: fix S/PDIF out on Intel D*45* motherboards
    - Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp}
    - Bluetooth: Fix race condition in hidp_session_thread
    - btrfs: print checksum type and implementation at mount time
    - btrfs: fix fast csum implementation detection
    - fbmem: Reject FB_ACTIVATE_KD_TEXT from userspace
    - mtdblock: tolerate corrected bit-flips
    - mtd: rawnand: meson: fix bitmask for length in command word
    - mtd: rawnand: stm32_fmc2: remove unsupported EDO mode
    - mtd: rawnand: stm32_fmc2: use timings.mode instead of checking tRC_min
    - KVM: arm64: PMU: Restore the guest's EL0 event counting after migration
    - drm/i915/dsi: fix DSS CTL register offsets for TGL+
    - clk: sprd: set max_register according to mapping range
    - RDMA/irdma: Fix memory leak of PBLE objects
    - RDMA/irdma: Increase iWARP CM default rexmit count
    - RDMA/irdma: Add ipv4 check to irdma_find_listener()
    - IB/mlx5: Add support for 400G_8X lane speed
    - RDMA/cma: Allow UD qp_type to join multicast only
    - bpf: tcp: Use sock_gen_put instead of sock_put in bpf_iter_tcp
    - niu: Fix missing unwind goto in niu_alloc_channels()
    - tcp: restrict net.ipv4.tcp_app_win
    - drm/armada: Fix a potential double free in an error handling path
    - qlcnic: check pci_reset_function result
    - net: qrtr: Fix an uninit variable access bug in qrtr_tx_resume()
    - sctp: fix a potential overflow in sctp_ifwdtsn_skip
    - RDMA/core: Fix GID entry ref leak when create_ah fails
    - udp6: fix potential access to stale information
    - net: macb: fix a memory corruption in extended buffer descriptor mode
    - skbuff: Fix a race between coalescing and releasing SKBs
    - libbpf: Fix single-line struct definition output in btf_dump
    - ARM: 9290/1: uaccess: Fix KASAN false-positives
    - power: supply: cros_usbpd: reclassify "default case!" as debug
    - wifi: mwifiex: mark OF related data as maybe unused
    - i2c: imx-lpi2c: clean rx/tx buffers upon new message
    - i2c: hisi: Avoid redundant interrupts
    - efi: sysfb_efi: Add quirk for Lenovo Yoga Book X91F/L
    - drm: panel-orientation-quirks: Add quirk for Lenovo Yoga Book X90F
    - verify_pefile: relax wrapper length check
    - asymmetric_keys: log on fatal failures in PE/pkcs7
    - wifi: iwlwifi: mvm: fix mvmtxq->stopped handling
    - ACPI: resource: Add Medion S17413 to IRQ override quirk
    - counter: stm32-lptimer-cnt: Provide defines for clock polarities
    - counter: stm32-timer-cnt: Provide defines for slave mode selection
    - counter: Internalize sysfs interface code
    - counter: 104-quad-8: Fix Synapse action reported for Index signals
    - tracing: Add trace_array_puts() to write into instance
    - tracing: Have tracing_snapshot_instance_cond() write errors to the
      appropriate instance
    - i915/perf: Replace DRM_DEBUG with driver specific drm_dbg call
    - drm/i915: fix race condition UAF in i915_perf_add_config_ioctl
    - riscv: add icache flush for nommu sigreturn trampoline
    - net: sfp: initialize sfp->i2c_block_size at sfp allocation
    - net: phy: nxp-c45-tja11xx: add remove callback
    - net: phy: nxp-c45-tja11xx: fix unsigned long multiplication overflow
    - scsi: ses: Handle enclosure with just a primary component gracefully
    - x86/PCI: Add quirk for AMD XHCI controller that loses MSI-X state in D3hot
    - cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach()
    - mptcp: use mptcp_schedule_work instead of open-coding it
    - mptcp: stricter state check in mptcp_worker
    - ubi: Fix failure attaching when vid_hdr offset equals to (sub)page size
    - ubi: Fix deadlock caused by recursively holding work_sem
    - powerpc/papr_scm: Update the NUMA distance table for the target node
    - sched/fair: Move calculate of avg_load to a better location
    - sched/fair: Fix imbalance overflow
    - x86/rtc: Remove __init for runtime functions
    - i2c: ocores: generate stop condition after timeout in polling mode
    - nvme-pci: add NVME_QUIRK_BOGUS_NID for ADATA XPG GAMMIX S50
    - nvme-pci: avoid the deepest sleep state on ZHITAI TiPro7000 SSDs
    - nvme-pci: Crucial P2 has bogus namespace ids
    - nvme-pci: add NVME_QUIRK_BOGUS_NID for Lexar NM610
    - nvme-pci: add NVME_QUIRK_BOGUS_NID for Lexar NM760
    - nvme-pci: mark Lexar NM760 as IGNORE_DEV_SUBNQN
    - nvme-pci: add NVME_QUIRK_BOGUS_NID for T-FORCE Z330 SSD
    - kexec: turn all kexec_mutex acquisitions into trylocks
    - panic, kexec: make __crash_kexec() NMI safe
    - counter: fix docum. build problems after filename change
    - counter: Add the necessary colons and indents to the comments of
      counter_compi
    - nvme-pci: avoid the deepest sleep state on ZHITAI TiPro5000 SSDs
    - Linux 5.15.108
  * Jammy update: v5.15.107 upstream stable release (LP: #2023320)
    - ocfs2: ocfs2_mount_volume does cleanup job before return error
    - ocfs2: rewrite error handling of ocfs2_fill_super
    - ocfs2: fix memory leak in ocfs2_mount_volume()
    - NFSD: Fix sparse warning
    - NFSD: pass range end to vfs_fsync_range() instead of count
    - RDMA/irdma: Do not request 2-level PBLEs for CQ alloc
    - platform/x86: int3472: Split into 2 drivers
    - [Config] updateconfigs for Intel skl_int3472 driver split
    - platform/x86: int3472/discrete: Ensure the clk/power enable pins are in
      output mode
    - iavf: return errno code instead of status code
    - iavf/iavf_main: actually log ->src mask when talking about it
    - serial: 8250_exar: derive nr_ports from PCI ID for Acces I/O cards
    - serial: exar: Add support for Sealevel 7xxxC serial cards
    - bpf: hash map, avoid deadlock with suitable hash mask
    - gpio: GPIO_REGMAP: select REGMAP instead of depending on it
    - Drivers: vmbus: Check for channel allocation before looking up relids
    - pwm: cros-ec: Explicitly set .polarity in .get_state()
    - pwm: sprd: Explicitly set .polarity in .get_state()
    - KVM: s390: pv: fix external interruption loop not always detected
    - wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded
      sta
    - net: qrtr: combine nameservice into main module
    - [Config] updateconfigs for ns module merger
    - net: qrtr: Fix a refcount bug in qrtr_recvmsg()
    - NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL
    - icmp: guard against too small mtu
    - net: don't let netpoll invoke NAPI if in xmit context
    - net: dsa: mv88e6xxx: Reset mv88e6393x force WD event bit
    - sctp: check send stream number after wait_for_sndbuf
    - net: qrtr: Do not do DEL_SERVER broadcast after DEL_CLIENT
    - ipv6: Fix an uninit variable access bug in __ip6_make_skb()
    - platform/x86: think-lmi: Fix memory leak when showing current settings
    - platform/x86: think-lmi: Fix memory leaks when parsing ThinkStation WMI
      strings
    - platform/x86: think-lmi: Clean up display of current_value on Thinkstation
    - gpio: davinci: Add irq chip flag to skip set wake
    - net: ethernet: ti: am65-cpsw: Fix mdio cleanup in probe
    - net: stmmac: fix up RX flow hash indirection table when setting channels
    - sunrpc: only free unix grouplist after RCU settles
    - NFSD: callback request does not use correct credential for AUTH_SYS
    - ice: fix wrong fallback logic for FDIR
    - ice: Reset FDIR counter in FDIR init stage
    - ethtool: reset #lanes when lanes is omitted
    - gve: Secure enough bytes in the first TX desc for all TCP pkts
    - kbuild: refactor single builds of *.ko
    - usb: xhci: tegra: fix sleep in atomic call
    - xhci: also avoid the XHCI_ZERO_64B_REGS quirk with a passthrough iommu
    - usb: cdnsp: Fixes error: uninitialized symbol 'len'
    - usb: dwc3: pci: add support for the Intel Meteor Lake-S
    - USB: serial: cp210x: add Silicon Labs IFS-USB-DATACABLE IDs
    - usb: typec: altmodes/displayport: Fix configure initial pin assignment
    - USB: serial: option: add Telit FE990 compositions
    - USB: serial: option: add Quectel RM500U-CN modem
    - iio: adis16480: select CONFIG_CRC32
    - iio: adc: ti-ads7950: Set `can_sleep` flag for GPIO chip
    - iio: dac: cio-dac: Fix max DAC write value check for 12-bit
    - iio: light: cm32181: Unregister second I2C client if present
    - tty: serial: sh-sci: Fix transmit end interrupt handler
    - tty: serial: sh-sci: Fix Rx on RZ/G2L SCI
    - tty: serial: fsl_lpuart: avoid checking for transfer complete when
      UARTCTRL_SBK is asserted in lpuart32_tx_empty
    - nilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread()
    - nilfs2: fix sysfs interface lifetime
    - dt-bindings: serial: renesas,scif: Fix 4th IRQ for 4-IRQ SCIFs
    - ksmbd: do not call kvmalloc() with __GFP_NORETRY | __GFP_NO_WARN
    - ALSA: hda/realtek: Add quirk for Clevo X370SNW
    - coresight: etm4x: Do not access TRCIDR1 for identification
    - coresight-etm4: Fix for() loop drvdata->nr_addr_cmp range bug
    - iio: adc: ad7791: fix IRQ flags
    - scsi: qla2xxx: Fix memory leak in qla2x00_probe_one()
    - scsi: iscsi_tcp: Check that sock is valid before iscsi_set_param()
    - smb3: allow deferred close timeout to be configurable
    - smb3: lower default deferred close timeout to address perf regression
    - cifs: sanitize paths in cifs_update_super_prepath.
    - perf/core: Fix the same task check in perf_event_set_output
    - ftrace: Mark get_lock_parent_ip() __always_inline
    - ftrace: Fix issue that 'direct->addr' not restored in modify_ftrace_direct()
    - fs: drop peer group ids under namespace lock
    - can: j1939: j1939_tp_tx_dat_new(): fix out-of-bounds memory access
    - can: isotp: isotp_ops: fix poll() to not report false EPOLLOUT events
    - tracing: Free error logs of tracing instances
    - ASoC: hdac_hdmi: use set_stream() instead of set_tdm_slots()
    - mm: vmalloc: avoid warn_alloc noise caused by fatal signal
    - drm/panfrost: Fix the panfrost_mmu_map_fault_addr() error path
    - drm/nouveau/disp: Support more modes by checking with lower bpc
    - ring-buffer: Fix race while reader and writer are on the same page
    - mm/swap: fix swap_info_struct race between swapoff and get_swap_pages()
    - drm/bridge: lt9611: Fix PLL being unable to lock
    - mm: take a page reference when removing device exclusive entries
    - kbuild: fix single directory build
    - ocfs2: fix freeing uninitialized resource on ocfs2_dlm_shutdown
    - bpftool: Print newline before '}' for struct with padding only fields
    - Linux 5.15.107
  * Jammy update: v5.15.106 upstream stable release (LP: #2023233)
    - fsverity: don't drop pagecache at end of FS_IOC_ENABLE_VERITY
    - usb: dwc3: gadget: move cmd_endtransfer to extra function
    - usb: dwc3: gadget: Add 1ms delay after end transfer command without IOC
    - kernel: kcsan: kcsan_test: build without structleak plugin
    - kcsan: avoid passing -g for test
    - ksmbd: don't terminate inactive sessions after a few seconds
    - bus: imx-weim: fix branch condition evaluates to a garbage value
    - xfrm: Zero padding when dumping algos and encap
    - ASoC: codecs: tx-macro: Fix for KASAN: slab-out-of-bounds
    - md: avoid signed overflow in slot_store()
    - x86/PVH: obtain VGA console info in Dom0
    - net: hsr: Don't log netdev_err message on unknown prp dst node
    - ALSA: asihpi: check pao in control_message()
    - ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set()
    - fbdev: tgafb: Fix potential divide by zero
    - sched_getaffinity: don't assume 'cpumask_size()' is fully initialized
    - fbdev: nvidia: Fix potential divide by zero
    - fbdev: intelfb: Fix potential divide by zero
    - fbdev: lxfb: Fix potential divide by zero
    - fbdev: au1200fb: Fix potential divide by zero
    - tools/power turbostat: Fix /dev/cpu_dma_latency warnings
    - tools/power turbostat: fix decoding of HWP_STATUS
    - tracing: Fix wrong return in kprobe_event_gen_test.c
    - ca8210: Fix unsigned mac_len comparison with zero in ca8210_skb_tx()
    - mips: bmips: BCM6358: disable RAC flush for TP1
    - ALSA: usb-audio: Fix recursive locking at XRUN during syncing
    - platform/x86: think-lmi: add missing type attribute
    - platform/x86: think-lmi: use correct possible_values delimiters
    - platform/x86: think-lmi: only display possible_values if available
    - platform/x86: think-lmi: Add possible_values for ThinkStation
    - mtd: rawnand: meson: invalidate cache on polling ECC bit
    - SUNRPC: fix shutdown of NFS TCP client socket
    - sfc: ef10: don't overwrite offload features at NIC reset
    - scsi: megaraid_sas: Fix crash after a double completion
    - scsi: mpt3sas: Don't print sense pool info twice
    - ptp_qoriq: fix memory leak in probe()
    - net: dsa: microchip: ksz8863_smi: fix bulk access
    - r8169: fix RTL8168H and RTL8107E rx crc error
    - regulator: Handle deferred clk
    - net/net_failover: fix txq exceeding warning
    - net: stmmac: don't reject VLANs when IFF_PROMISC is set
    - drm/i915/tc: Fix the ICL PHY ownership check in TC-cold state
    - platform/x86/intel/pmc: Alder Lake PCH slp_s0_residency fix
    - can: bcm: bcm_tx_setup(): fix KMSAN uninit-value in vfs_write
    - s390/vfio-ap: fix memory leak in vfio_ap device driver
    - loop: suppress uevents while reconfiguring the device
    - loop: LOOP_CONFIGURE: send uevents for partitions
    - net: mvpp2: classifier flow fix fragmentation flags
    - net: mvpp2: parser fix QinQ
    - net: mvpp2: parser fix PPPoE
    - smsc911x: avoid PHY being resumed when interface is not up
    - ice: add profile conflict check for AVF FDIR
    - ice: fix invalid check for empty list in ice_sched_assoc_vsi_to_agg()
    - ALSA: ymfpci: Create card with device-managed snd_devm_card_new()
    - ALSA: ymfpci: Fix BUG_ON in probe function
    - net: ipa: compute DMA pool size properly
    - i40e: fix registers dump after run ethtool adapter self test
    - bnxt_en: Fix reporting of test result in ethtool selftest
    - bnxt_en: Fix typo in PCI id to device description string mapping
    - bnxt_en: Add missing 200G link speed reporting
    - net: dsa: mv88e6xxx: Enable IGMP snooping on user ports only
    - net: ethernet: mtk_eth_soc: fix flow block refcounting logic
    - pinctrl: ocelot: Fix alt mode for ocelot
    - iommu/vt-d: Allow zero SAGAW if second-stage not supported
    - Input: alps - fix compatibility with -funsigned-char
    - Input: focaltech - use explicitly signed char type
    - cifs: prevent infinite recursion in CIFSGetDFSRefer()
    - cifs: fix DFS traversal oops without CONFIG_CIFS_DFS_UPCALL
    - Input: goodix - add Lenovo Yoga Book X90F to nine_bytes_report DMI table
    - btrfs: fix race between quota disable and quota assign ioctls
    - btrfs: scan device in non-exclusive mode
    - zonefs: Always invalidate last cached page on append write
    - can: j1939: prevent deadlock by moving j1939_sk_errqueue()
    - xen/netback: don't do grant copy across page boundary
    - net: phy: dp83869: fix default value for tx-/rx-internal-delay
    - pinctrl: amd: Disable and mask interrupts on resume
    - pinctrl: at91-pio4: fix domain name assignment
    - powerpc: Don't try to copy PPR for task with NULL pt_regs
    - NFSv4: Fix hangs when recovering open state after a server reboot
    - ALSA: hda/conexant: Partial revert of a quirk for Lenovo
    - ALSA: usb-audio: Fix regression on detection of Roland VS-100
    - ALSA: hda/realtek: Add quirks for some Clevo laptops
    - ALSA: hda/realtek: Add quirk for Lenovo ZhaoYang CF4620Z
    - xtensa: fix KASAN report for show_stack
    - rcu: Fix rcu_torture_read ftrace event
    - drm/etnaviv: fix reference leak when mmaping imported buffer
    - drm/amd/display: Add DSC Support for Synaptics Cascaded MST Hub
    - KVM: arm64: Disable interrupts while walking userspace PTs
    - KVM: VMX: Move preemption timer <=> hrtimer dance to common x86
    - KVM: x86: Inject #GP on x2APIC WRMSR that sets reserved bits 63:32
    - KVM: x86: Purge "highest ISR" cache when updating APICv state
    - zonefs: Fix error message in zonefs_file_dio_append()
    - selftests/bpf: Test btf dump for struct with padding only fields
    - libbpf: Fix BTF-to-C converter's padding logic
    - selftests/bpf: Add few corner cases to test padding handling of btf_dump
    - libbpf: Fix btf_dump's packed struct determination
    - hsr: ratelimit only when errors are printed
    - x86/PVH: avoid 32-bit build warning when obtaining VGA console info
    - Linux 5.15.106
  * Jammy update: v5.15.105 upstream stable release (LP: #2023230)
    - interconnect: qcom: osm-l3: fix icc_onecell_data allocation
    - perf/core: Fix perf_output_begin parameter is incorrectly invoked in
      perf_event_bpf_output
    - perf: fix perf_event_context->time
    - tracing/hwlat: Replace sched_setaffinity with set_cpus_allowed_ptr
    - serial: fsl_lpuart: Fix comment typo
    - tty: serial: fsl_lpuart: switch to new dmaengine_terminate_* API
    - tty: serial: fsl_lpuart: fix race on RX DMA shutdown
    - serial: 8250: SERIAL_8250_ASPEED_VUART should depend on ARCH_ASPEED
    - [Config] updateconfigs for SERIAL_8250_ASPEED_VUART
    - serial: 8250: ASPEED_VUART: select REGMAP instead of depending on it
    - kthread: add the helper function kthread_run_on_cpu()
    - trace/hwlat: make use of the helper function kthread_run_on_cpu()
    - trace/hwlat: Do not start per-cpu thread if it is already running
    - net: tls: fix possible race condition between do_tls_getsockopt_conf() and
      do_tls_setsockopt_conf()
    - power: supply: bq24190_charger: using pm_runtime_resume_and_get instead of
      pm_runtime_get_sync
    - power: supply: bq24190: Fix use after free bug in bq24190_remove due to race
      condition
    - power: supply: da9150: Fix use after free bug in da9150_charger_remove due
      to race condition
    - ARM: dts: imx6sll: e60k02: fix usbotg1 pinctrl
    - ARM: dts: imx6sl: tolino-shine2hd: fix usbotg1 pinctrl
    - arm64: dts: imx8mn: specify #sound-dai-cells for SAI nodes
    - xsk: Add missing overflow check in xdp_umem_reg
    - iavf: fix inverted Rx hash condition leading to disabled hash
    - iavf: fix non-tunneled IPv6 UDP packet type and hashing
    - intel/igbvf: free irq on the error path in igbvf_request_msix()
    - igbvf: Regard vf reset nack as success
    - igc: fix the validation logic for taprio's gate list
    - i2c: imx-lpi2c: check only for enabled interrupt flags
    - i2c: hisi: Only use the completion interrupt to finish the transfer
    - scsi: scsi_dh_alua: Fix memleak for 'qdata' in alua_activate()
    - net: dsa: b53: mmap: fix device tree support
    - net: usb: smsc95xx: Limit packet length to skb->len
    - qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info
    - net: phy: Ensure state transitions are processed from phy_stop()
    - net: mdio: fix owner field for mdio buses registered using device-tree
    - net: mdio: fix owner field for mdio buses registered using ACPI
    - drm/i915/gt: perform uc late init after probe error injection
    - net: qcom/emac: Fix use after free bug in emac_remove due to race condition
    - net/ps3_gelic_net: Fix RX sk_buff length
    - net/ps3_gelic_net: Use dma_mapping_error
    - octeontx2-vf: Add missing free for alloc_percpu
    - bootconfig: Fix testcase to increase max node
    - keys: Do not cache key in task struct if key is requested from kernel thread
    - iavf: fix hang on reboot with ice
    - i40e: fix flow director packet filter programming
    - bpf: Adjust insufficient default bpf_jit_limit
    - net/mlx5e: Set uplink rep as NETNS_LOCAL
    - net/mlx5: Fix steering rules cleanup
    - net/mlx5: Read the TC mapping of all priorities on ETS query
    - net/mlx5: E-Switch, Fix an Oops in error handling code
    - net: dsa: tag_brcm: legacy: fix daisy-chained switches
    - atm: idt77252: fix kmemleak when rmmod idt77252
    - erspan: do not use skb_mac_header() in ndo_start_xmit()
    - net/sonic: use dma_mapping_error() for error check
    - nvme-tcp: fix nvme_tcp_term_pdu to match spec
    - hvc/xen: prevent concurrent accesses to the shared ring
    - ksmbd: add low bound validation to FSCTL_SET_ZERO_DATA
    - ksmbd: add low bound validation to FSCTL_QUERY_ALLOCATED_RANGES
    - ksmbd: fix possible refcount leak in smb2_open()
    - gve: Cache link_speed value from device
    - net: dsa: mt7530: move enabling disabling core clock to mt7530_pll_setup()
    - net: dsa: mt7530: move lowering TRGMII driving to mt7530_setup()
    - net: dsa: mt7530: move setting ssc_delta to PHY_INTERFACE_MODE_TRGMII case
    - net: mdio: thunder: Add missing fwnode_handle_put()
    - Bluetooth: btqcomsmd: Fix command timeout after setting BD address
    - Bluetooth: L2CAP: Fix responding with wrong PDU type
    - platform/chrome: cros_ec_chardev: fix kernel data leak from ioctl
    - thread_info: Add helpers to snapshot thread flags
    - entry: Snapshot thread flags
    - entry/rcu: Check TIF_RESCHED _after_ delayed RCU wake-up
    - hwmon: fix potential sensor registration fail if of_node is missing
    - hwmon (it87): Fix voltage scaling for chips with 10.9mV ADCs
    - scsi: qla2xxx: Synchronize the IOCB count to be in order
    - scsi: qla2xxx: Perform lockless command completion in abort path
    - uas: Add US_FL_NO_REPORT_OPCODES for JMicron JMS583Gen 2
    - thunderbolt: Use scale field when allocating USB3 bandwidth
    - thunderbolt: Call tb_check_quirks() after initializing adapters
    - thunderbolt: Disable interrupt auto clear for rings
    - thunderbolt: Add missing UNSET_INBOUND_SBTX for retimer access
    - thunderbolt: Use const qualifier for `ring_interrupt_index`
    - thunderbolt: Rename shadowed variables bit to interrupt_bit and
      auto_clear_bit
    - ACPI: x86: utils: Add Cezanne to the list for forcing StorageD3Enable
    - riscv: Bump COMMAND_LINE_SIZE value to 1024
    - drm/cirrus: NULL-check pipe->plane.state->fb in cirrus_pipe_update()
    - HID: cp2112: Fix driver not registering GPIO IRQ chip as threaded
    - ca8210: fix mac_len negative array access
    - HID: intel-ish-hid: ipc: Fix potential use-after-free in work function
    - m68k: Only force 030 bus error if PC not in exception table
    - selftests/bpf: check that modifier resolves after pointer
    - scsi: target: iscsi: Fix an error message in iscsi_check_key()
    - scsi: hisi_sas: Check devm_add_action() return value
    - scsi: ufs: core: Add soft dependency on governor_simpleondemand
    - scsi: lpfc: Check kzalloc() in lpfc_sli4_cgn_params_read()
    - scsi: lpfc: Avoid usage of list iterator variable after loop
    - scsi: storvsc: Handle BlockSize change in Hyper-V VHD/VHDX file
    - net: usb: cdc_mbim: avoid altsetting toggling for Telit FE990
    - net: usb: qmi_wwan: add Telit 0x1080 composition
    - sh: sanitize the flags on sigreturn
    - net/sched: act_mirred: better wording on protection against excessive stack
      growth
    - act_mirred: use the backlog for nested calls to mirred ingress
    - cifs: empty interface list when server doesn't support query interfaces
    - cifs: print session id while listing open files
    - scsi: core: Add BLIST_SKIP_VPD_PAGES for SKhynix H28U74301AMR
    - usb: dwc2: fix a devres leak in hw_enable upon suspend resume
    - usb: gadget: u_audio: don't let userspace block driver unbind
    - efi: sysfb_efi: Fix DMI quirks not working for simpledrm
    - mm/slab: Fix undefined init_cache_node_node() for NUMA and !SMP
    - fscrypt: destroy keyring after security_sb_delete()
    - fsverity: Remove WQ_UNBOUND from fsverity read workqueue
    - lockd: set file_lock start and end when decoding nlm4 testargs
    - arm64: dts: imx8mm-nitrogen-r2: fix WM8960 clock name
    - igb: revert rtnl_lock() that causes deadlock
    - dm thin: fix deadlock when swapping to thin device
    - usb: typec: tcpm: fix warning when handle discover_identity message
    - usb: cdns3: Fix issue with using incorrect PCI device function
    - usb: cdnsp: Fixes issue with redundant Status Stage
    - usb: cdnsp: changes PCI Device ID to fix conflict with CNDS3 driver
    - usb: chipdea: core: fix return -EINVAL if request role is the same with
      current role
    - usb: chipidea: core: fix possible concurrent when switch role
    - usb: ucsi: Fix NULL pointer deref in ucsi_connector_change()
    - kfence: avoid passing -g for test
    - KVM: x86: hyper-v: Avoid calling kvm_make_vcpus_request_mask() with
      vcpu_mask==NULL
    - ksmbd: set FILE_NAMED_STREAMS attribute in FS_ATTRIBUTE_INFORMATION
    - ksmbd: return STATUS_NOT_SUPPORTED on unsupported smb2.0 dialect
    - ksmbd: return unsupported error on smb1 mount
    - wifi: mac80211: fix qos on mesh interfaces
    - nilfs2: fix kernel-infoleak in nilfs_ioctl_wrap_copy()
    - drm/bridge: lt8912b: return EPROBE_DEFER if bridge is not found
    - drm/meson: fix missing component unbind on bind errors
    - drm/amdgpu/nv: Apply ASPM quirk on Intel ADL + AMD Navi
    - drm/i915/active: Fix missing debug object activation
    - drm/i915: Preserve crtc_state->inherited during state clearing
    - riscv: mm: Fix incorrect ASID argument when flushing TLB
    - riscv: Handle zicsr/zifencei issues between clang and binutils
    - tee: amdtee: fix race condition in amdtee_open_session
    - firmware: arm_scmi: Fix device node validation for mailbox transport
    - i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()
    - dm stats: check for and propagate alloc_percpu failure
    - dm crypt: add cond_resched() to dmcrypt_write()
    - dm crypt: avoid accessing uninitialized tasklet
    - sched/fair: sanitize vruntime of entity being placed
    - sched/fair: Sanitize vruntime of entity being migrated
    - mm: kfence: fix using kfence_metadata without initialization in
      show_object()
    - ocfs2: fix data corruption after failed write
    - Linux 5.15.105
  * Jammy update: v5.15.104 upstream stable release (LP: #2023225)
    - xfrm: Allow transport-mode states with AF_UNSPEC selector
    - drm/panfrost: Don't sync rpm suspension after mmu flushing
    - cifs: Move the in_send statistic to __smb_send_rqst()
    - drm/meson: fix 1px pink line on GXM when scaling video overlay
    - clk: HI655X: select REGMAP instead of depending on it
    - docs: Correct missing "d_" prefix for dentry_operations member
      d_weak_revalidate
    - scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add()
    - ALSA: hda: Match only Intel devices with CONTROLLER_IN_GPU()
    - netfilter: nft_nat: correct length for loading protocol registers
    - netfilter: nft_masq: correct length for loading protocol registers
    - netfilter: nft_redir: correct length for loading protocol registers
    - netfilter: nft_redir: correct value of inet type `.maxattrs`
    - scsi: core: Fix a procfs host directory removal regression
    - tcp: tcp_make_synack() can be called from process context
    - nfc: pn533: initialize struct pn533_out_arg properly
    - ipvlan: Make skb->skb_iif track skb->dev for l3s mode
    - i40e: Fix kernel crash during reboot when adapter is in recovery mode
    - vdpa_sim: not reset state in vdpasim_queue_ready
    - vdpa_sim: set last_used_idx as last_avail_idx in vdpasim_queue_ready
    - PCI: s390: Fix use-after-free of PCI resources with per-function hotplug
    - drm/i915/display: Workaround cursor left overs with PSR2 selective fetch
      enabled
    - drm/i915/display/psr: Use drm damage helpers to calculate plane damaged area
    - drm/i915/display: clean up comments
    - drm/i915/psr: Use calculated io and fast wake lines
    - net/smc: fix NULL sndbuf_desc in smc_cdc_tx_handler()
    - qed/qed_dev: guard against a possible division by zero
    - net: dsa: mt7530: remove now incorrect comment regarding port 5
    - net: dsa: mt7530: set PLL frequency and trgmii only when trgmii is used
    - loop: Fix use-after-free issues
    - net: tunnels: annotate lockless accesses to dev->needed_headroom
    - net: phy: smsc: bail out in lan87xx_read_status if genphy_read_status fails
    - nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition
    - net/smc: fix deadlock triggered by cancel_delayed_work_syn()
    - net: usb: smsc75xx: Limit packet length to skb->len
    - drm/bridge: Fix returned array size name for atomic_get_input_bus_fmts kdoc
    - block: null_blk: Fix handling of fake timeout request
    - nvme: fix handling single range discard request
    - nvmet: avoid potential UAF in nvmet_req_complete()
    - block: sunvdc: add check for mdesc_grab() returning NULL
    - ice: xsk: disable txq irq before flushing hw
    - net: dsa: mv88e6xxx: fix max_mtu of 1492 on 6165, 6191, 6220, 6250, 6290
    - ravb: avoid PHY being resumed when interface is not up
    - sh_eth: avoid PHY being resumed when interface is not up
    - ipv4: Fix incorrect table ID in IOCTL path
    - net: usb: smsc75xx: Move packet length check to prevent kernel panic in
      skb_pull
    - net/iucv: Fix size of interrupt data
    - qed/qed_mng_tlv: correctly zero out ->min instead of ->hour
    - ethernet: sun: add check for the mdesc_grab()
    - bonding: restore IFF_MASTER/SLAVE flags on bond enslave ether type change
    - bonding: restore bond's IFF_SLAVE flag if a non-eth dev enslave fails
    - hwmon: (adt7475) Display smoothing attributes in correct order
    - hwmon: (adt7475) Fix masking of hysteresis registers
    - hwmon: (xgene) Fix use after free bug in xgene_hwmon_remove due to race
      condition
    - hwmon: (ina3221) return prober error code
    - hwmon: (ucd90320) Add minimum delay between bus accesses
    - hwmon: tmp512: drop of_match_ptr for ID table
    - kconfig: Update config changed flag before calling callback
    - hwmon: (adm1266) Set `can_sleep` flag for GPIO chip
    - hwmon: (ltc2992) Set `can_sleep` flag for GPIO chip
    - media: m5mols: fix off-by-one loop termination error
    - mmc: atmel-mci: fix race between stop command and start of next command
    - jffs2: correct logic when creating a hole in jffs2_write_begin
    - ext4: fail ext4_iget if special inode unallocated
    - ext4: update s_journal_inum if it changes after journal replay
    - ext4: fix task hung in ext4_xattr_delete_inode
    - drm/amdkfd: Fix an illegal memory access
    - net/9p: fix bug in client create for .L
    - sh: intc: Avoid spurious sizeof-pointer-div warning
    - drm/amd/display: fix shift-out-of-bounds in CalculateVMAndRowBytes
    - ext4: fix possible double unlock when moving a directory
    - tty: serial: fsl_lpuart: skip waiting for transmission complete when
      UARTCTRL_SBK is asserted
    - serial: 8250_em: Fix UART port type
    - serial: 8250_fsl: fix handle_irq locking
    - firmware: xilinx: don't make a sleepable memory allocation from an atomic
      context
    - s390/ipl: add missing intersection check to ipl_report handling
    - interconnect: fix mem leak when freeing nodes
    - interconnect: exynos: fix node leak in probe PM QoS error path
    - tracing: Make splice_read available again
    - tracing: Check field value in hist_field_name()
    - tracing: Make tracepoint lockdep check actually test something
    - cifs: Fix smb2_set_path_size()
    - ALSA: hda: intel-dsp-config: add MTL PCI id
    - ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book2 Pro
    - Revert "riscv: mm: notify remote harts about mmu cache updates"
    - riscv: asid: Fixup stale TLB entry cause application crash
    - drm/shmem-helper: Remove another errant put in error path
    - drm/sun4i: fix missing component unbind on bind errors
    - drm/amd/pm: Fix sienna cichlid incorrect OD volage after resume
    - mptcp: fix possible deadlock in subflow_error_report
    - mptcp: add ro_after_init for tcp{,v6}_prot_override
    - mptcp: avoid setting TCP_CLOSE state twice
    - mptcp: fix lockdep false positive in mptcp_pm_nl_create_listen_socket()
    - ftrace: Fix invalid address access in lookup_rec() when index is 0
    - nvme-pci: add NVME_QUIRK_BOGUS_NID for Netac NV3000
    - mm/userfaultfd: propagate uffd-wp bit when PTE-mapping the huge zeropage
    - mmc: sdhci_am654: lower power-on failed message severity
    - fbdev: stifb: Provide valid pixelclock and add fb_check_var() checks
    - trace/hwlat: Do not wipe the contents of per-cpu thread data
    - net: phy: nxp-c45-tja11xx: fix MII_BASIC_CONFIG_REV bit
    - cpuidle: psci: Iterate backwards over list in psci_pd_remove()
    - x86/mce: Make sure logged MCEs are processed after sysfs update
    - x86/mm: Fix use of uninitialized buffer in sme_enable()
    - x86/resctrl: Clear staged_config[] before and after it is used
    - drm/i915: Don't use stolen memory for ring buffers with LLC
    - drm/i915/active: Fix misuse of non-idle barriers as fence trackers
    - io_uring: avoid null-ptr-deref in io_arm_poll_handler
    - PCI: Unify delay handling for reset and resume
    - PCI/DPC: Await readiness of secondary bus after reset
    - HID: core: Provide new max_buffer_size attribute to over-ride the default
    - HID: uhid: Over-ride the default maximum data buffer value with our own
    - perf: Fix check before add_event_to_groups() in perf_group_detach()
    - Linux 5.15.104
  * Jammy update: v5.15.103 upstream stable release (LP: #2023224)
    - fs: prevent out-of-bounds array speculation when closing a file descriptor
    - btrfs: fix percent calculation for bg reclaim message
    - perf inject: Fix --buildid-all not to eat up MMAP2
    - fork: allow CLONE_NEWTIME in clone3 flags
    - x86/CPU/AMD: Disable XSAVES on AMD family 0x17
    - drm/amdgpu: fix error checking in amdgpu_read_mm_registers for soc15
    - drm/connector: print max_requested_bpc in state debugfs
    - staging: rtl8723bs: Pass correct parameters to cfg80211_get_bss()
    - ext4: fix cgroup writeback accounting with fs-layer encryption
    - ext4: fix RENAME_WHITEOUT handling for inline directories
    - ext4: fix another off-by-one fsmap error on 1k block filesystems
    - ext4: move where set the MAY_INLINE_DATA flag is set
    - ext4: fix WARNING in ext4_update_inline_data
    - ext4: zero i_disksize when initializing the bootloader inode
    - nfc: change order inside nfc_se_io error path
    - KVM: Optimize kvm_make_vcpus_request_mask() a bit
    - KVM: Pre-allocate cpumasks for kvm_make_all_cpus_request_except()
    - KVM: Register /dev/kvm as the _very_ last thing during initialization
    - KVM: SVM: Don't rewrite guest ICR on AVIC IPI virtualization failure
    - KVM: SVM: Process ICR on AVIC IPI delivery failure due to invalid target
    - fs: dlm: fix log of lowcomms vs midcomms
    - fs: dlm: add midcomms init/start functions
    - fs: dlm: start midcomms before scand
    - udf: Fix off-by-one error when discarding preallocation
    - f2fs: avoid down_write on nat_tree_lock during checkpoint
    - f2fs: do not bother checkpoint by f2fs_get_node_info
    - f2fs: retry to update the inode page given data corruption
    - ipmi:ssif: Increase the message retry time
    - ipmi:ssif: Add a timer between request retries
    - irqdomain: Refactor __irq_domain_alloc_irqs()
    - iommu/vt-d: Fix PASID directory pointer coherency
    - block/brd: add error handling support for add_disk()
    - brd: mark as nowait compatible
    - arm64: efi: Make efi_rt_lock a raw_spinlock
    - RISC-V: Avoid dereferening NULL regs in die()
    - riscv: Avoid enabling interrupts in die()
    - riscv: Add header include guards to insn.h
    - scsi: core: Remove the /proc/scsi/${proc_name} directory earlier
    - regulator: Flag uncontrollable regulators as always_on
    - regulator: core: Fix off-on-delay-us for always-on/boot-on regulators
    - regulator: core: Use ktime_get_boottime() to determine how long a regulator
      was off
    - ext4: Fix possible corruption when moving a directory
    - drm/nouveau/kms/nv50-: remove unused functions
    - drm/nouveau/kms/nv50: fix nv50_wndw_new_ prototype
    - drm/msm: Fix potential invalid ptr free
    - drm/msm/a5xx: fix setting of the CP_PREEMPT_ENABLE_LOCAL register
    - drm/msm/a5xx: fix highest bank bit for a530
    - drm/msm/a5xx: fix the emptyness check in the preempt code
    - drm/msm/a5xx: fix context faults during ring switch
    - bgmac: fix *initial* chip reset to support BCM5358
    - nfc: fdp: add null check of devm_kmalloc_array in
      fdp_nci_i2c_read_device_properties
    - powerpc: dts: t1040rdb: fix compatible string for Rev A boards
    - ila: do not generate empty messages in ila_xlat_nl_cmd_get_mapping()
    - selftests: nft_nat: ensuring the listening side is up before starting the
      client
    - perf stat: Fix counting when initial delay configured
    - net: lan78xx: fix accessing the LAN7800's internal phy specific registers
      from the MAC driver
    - net: caif: Fix use-after-free in cfusbl_device_notify()
    - ice: copy last block omitted in ice_get_module_eeprom()
    - bpf, sockmap: Fix an infinite loop error when len is 0 in
      tcp_bpf_recvmsg_parser()
    - drm/msm/dpu: fix len of sc7180 ctl blocks
    - net: stmmac: add to set device wake up flag when stmmac init phy
    - net: phylib: get rid of unnecessary locking
    - bnxt_en: Avoid order-5 memory allocation for TPA data
    - netfilter: tproxy: fix deadlock due to missing BH disable
    - btf: fix resolving BTF_KIND_VAR after ARRAY, STRUCT, UNION, PTR
    - net: phy: smsc: Cache interrupt mask
    - net: phy: smsc: fix link up detection in forced irq mode
    - net: ethernet: mtk_eth_soc: fix RX data corruption issue
    - scsi: megaraid_sas: Update max supported LD IDs to 240
    - platform: x86: MLX_PLATFORM: select REGMAP instead of depending on it
    - net/smc: fix fallback failed while sendmsg with fastopen
    - octeontx2-af: Unlock contexts in the queue context cache in case of fault
      detection
    - SUNRPC: Fix a server shutdown leak
    - net: dsa: mt7530: permit port 5 to work without port 6 on MT7621 SoC
    - af_unix: Remove unnecessary brackets around CONFIG_AF_UNIX_OOB.
    - af_unix: fix struct pid leaks in OOB support
    - riscv: Use READ_ONCE_NOCHECK in imprecise unwinding stack mode
    - s390/ftrace: remove dead code
    - RISC-V: Don't check text_mutex during stop_machine
    - ext4: Fix deadlock during directory rename
    - irqdomain: Fix mapping-creation race
    - nbd: use the correct block_device in nbd_bdev_reset
    - iommu/amd: Add PCI segment support for ivrs_[ioapic/hpet/acpihid] commands
    - iommu/amd: Fix ill-formed ivrs_ioapic, ivrs_hpet and ivrs_acpihid options
    - iommu/amd: Add a length limitation for the ivrs_acpihid command-line
      parameter
    - staging: rtl8723bs: clean up comparsions to NULL
    - Staging: rtl8723bs: Placing opening { braces in previous line
    - staging: rtl8723bs: fix placement of braces
    - staging: rtl8723bs: Fix key-store index handling
    - watch_queue: fix IOC_WATCH_QUEUE_SET_SIZE alloc error paths
    - tpm/eventlog: Don't abort tpm_read_log on faulty ACPI address
    - xfs: use setattr_copy to set vfs inode attributes
    - xfs: remove XFS_PREALLOC_SYNC
    - xfs: fallocate() should call file_modified()
    - xfs: set prealloc flag in xfs_alloc_file_space()
    - fs: add mode_strip_sgid() helper
    - fs: move S_ISGID stripping into the vfs_*() helpers
    - attr: add in_group_or_capable()
    - fs: move should_remove_suid()
    - attr: add setattr_should_drop_sgid()
    - attr: use consistent sgid stripping checks
    - fs: use consistent setgid checks in is_sxid()
    - MIPS: Fix a compilation issue
    - powerpc/iommu: fix memory leak with using debugfs_lookup()
    - powerpc/kcsan: Exclude udelay to prevent recursive instrumentation
    - alpha: fix R_ALPHA_LITERAL reloc for large modules
    - macintosh: windfarm: Use unsigned type for 1-bit bitfields
    - PCI: Add SolidRun vendor ID
    - scripts: handle BrokenPipeError for python scripts
    - media: ov5640: Fix analogue gain control
    - media: rc: gpio-ir-recv: add remove function
    - filelocks: use mount idmapping for setlease permission check
    - ext4: refactor ext4_free_blocks() to pull out ext4_mb_clear_bb()
    - ext4: add ext4_sb_block_valid() refactored out of ext4_inode_block_valid()
    - ext4: add strict range checks while freeing blocks
    - ext4: block range must be validated before use in ext4_mb_clear_bb()
    - arch: fix broken BuildID for arm64 and riscv
    - powerpc/vmlinux.lds: Define RUNTIME_DISCARD_EXIT
    - powerpc/vmlinux.lds: Don't discard .rela* for relocatable builds
    - s390: define RUNTIME_DISCARD_EXIT to fix link error with GNU ld < 2.36
    - sh: define RUNTIME_DISCARD_EXIT
    - tools build: Add feature test for init_disassemble_info API changes
    - tools include: add dis-asm-compat.h to handle version differences
    - tools perf: Fix compilation error with new binutils
    - tools bpf_jit_disasm: Fix compilation error with new binutils
    - tools bpftool: Fix compilation error with new binutils
    - KVM: fix memoryleak in kvm_init()
    - xfs: remove xfs_setattr_time() declaration
    - UML: define RUNTIME_DISCARD_EXIT
    - fs: hold writers when changing mount's idmapping
    - KVM: nVMX: Don't use Enlightened MSR Bitmap for L3
    - KVM: VMX: Introduce vmx_msr_bitmap_l01_changed() helper
    - KVM: VMX: Fix crash due to uninitialized current_vmcs
    - Makefile: use -gdwarf-{4|5} for assembler for DEBUG_INFO_DWARF{4|5}
    - Linux 5.15.103
  * Jammy update: v5.15.102 upstream stable release (LP: #2020393)
    - staging: rtl8192e: Remove function ..dm_check_ac_dc_power calling a script
    - staging: rtl8192e: Remove call_usermodehelper starting RadioPower.sh
    - Linux 5.15.102
  * Jammy update: v5.15.101 upstream stable release (LP: #2020391)
    - Linux 5.15.101
  * Jammy update: v5.15.100 upstream stable release (LP: #2020387)
    - auxdisplay: hd44780: Fix potential memory leak in hd44780_remove()
    - fs/jfs: fix shift exponent db_agl2size negative
    - objtool: Fix memory leak in create_static_call_sections()
    - pwm: sifive: Reduce time the controller lock is held
    - pwm: sifive: Always let the first pwm_apply_state succeed
    - pwm: stm32-lp: fix the check on arr and cmp registers update
    - f2fs: use memcpy_{to,from}_page() where possible
    - fs: f2fs: initialize fsdata in pagecache_write()
    - f2fs: allow set compression option of files without blocks
    - um: vector: Fix memory leak in vector_config
    - ubi: ensure that VID header offset + VID header size <= alloc, size
    - ubifs: Fix build errors as symbol undefined
    - ubifs: Rectify space budget for ubifs_symlink() if symlink is encrypted
    - ubifs: Rectify space budget for ubifs_xrename()
    - ubifs: Fix wrong dirty space budget for dirty inode
    - ubifs: do_rename: Fix wrong space budget when target inode's nlink > 1
    - ubifs: Reserve one leb for each journal head while doing budget
    - ubi: Fix use-after-free when volume resizing failed
    - ubi: Fix unreferenced object reported by kmemleak in ubi_resize_volume()
    - ubifs: Fix memory leak in alloc_wbufs()
    - ubi: Fix possible null-ptr-deref in ubi_free_volume()
    - ubifs: Re-statistic cleaned znode count if commit failed
    - ubifs: ubifs_writepage: Mark page dirty after writing inode failed
    - ubi: fastmap: Fix missed fm_anchor PEB in wear-leveling after disabling
      fastmap
    - ubi: Fix UAF wear-leveling entry in eraseblk_count_seq_show()
    - ubi: ubi_wl_put_peb: Fix infinite loop when wear-leveling work failed
    - f2fs: fix to avoid potential memory corruption in __update_iostat_latency()
    - ext4: use ext4_fc_tl_mem in fast-commit replay path
    - netfilter: nf_tables: allow to fetch set elements when table has an owner
    - x86: um: vdso: Add '%rcx' and '%r11' to the syscall clobber list
    - um: virtio_uml: free command if adding to virtqueue failed
    - um: virtio_uml: mark device as unregistered when breaking it
    - um: virtio_uml: move device breaking into workqueue
    - um: virt-pci: properly remove PCI device from bus
    - watchdog: at91sam9_wdt: use devm_request_irq to avoid missing free_irq() in
      error path
    - watchdog: Fix kmemleak in watchdog_cdev_register
    - watchdog: pcwd_usb: Fix attempting to access uninitialized memory
    - watchdog: sbsa_wdog: Make sure the timeout programming is within the limits
    - netfilter: ctnetlink: fix possible refcount leak in
      ctnetlink_create_conntrack()
    - netfilter: ebtables: fix table blob use-after-free
    - netfilter: x_tables: fix percpu counter block leak on error path when
      creating new netns
    - ipv6: Add lwtunnel encap size of all siblings in nexthop calculation
    - sctp: add a refcnt in sctp_stream_priorities to avoid a nested loop
    - octeontx2-pf: Use correct struct reference in test condition
    - net: fix __dev_kfree_skb_any() vs drop monitor
    - 9p/xen: fix version parsing
    - 9p/xen: fix connection sequence
    - 9p/rdma: unmap receive dma buffer in rdma_request()/post_recv()
    - net/mlx5e: Verify flow_source cap before using it
    - net/mlx5: Geneve, Fix handling of Geneve object id as error code
    - nfc: fix memory leak of se_io context in nfc_genl_se_io
    - net/sched: transition act_pedit to rcu and percpu stats
    - net/sched: act_pedit: fix action bind logic
    - net/sched: act_mpls: fix action bind logic
    - net/sched: act_sample: fix action bind logic
    - ARM: dts: spear320-hmi: correct STMPE GPIO compatible
    - tcp: tcp_check_req() can be called from process context
    - vc_screen: modify vcs_size() handling in vcs_read()
    - rtc: sun6i: Always export the internal oscillator
    - genirq: Refactor accessors to use irq_data_get_affinity_mask
    - genirq: Add and use an irq_data_update_affinity helper
    - scsi: ipr: Work around fortify-string warning
    - rtc: allow rtc_read_alarm without read_alarm callback
    - loop: loop_set_status_from_info() check before assignment
    - ASoC: adau7118: don't disable regulators on device unbind
    - ASoC: zl38060: Remove spurious gpiolib select
    - ASoC: zl38060 add gpiolib dependency
    - ASoC: mediatek: mt8195: add missing initialization
    - thermal: intel: quark_dts: fix error pointer dereference
    - thermal: intel: BXT_PMIC: select REGMAP instead of depending on it
    - tracing: Add NULL checks for buffer in ring_buffer_free_read_page()
    - kernel/printk/index.c: fix memory leak with using debugfs_lookup()
    - firmware/efi sysfb_efi: Add quirk for Lenovo IdeaPad Duet 3
    - bootconfig: Increase max nodes of bootconfig from 1024 to 8192 for DCC
      support
    - mfd: arizona: Use pm_runtime_resume_and_get() to prevent refcnt leak
    - IB/hfi1: Update RMT size calculation
    - iommu/amd: Fix error handling for pdev_pri_ats_enable()
    - media: uvcvideo: Remove format descriptions
    - media: uvcvideo: Handle cameras with invalid descriptors
    - media: uvcvideo: Handle errors from calls to usb_string
    - media: uvcvideo: Quirk for autosuspend in Logitech B910 and C910
    - media: uvcvideo: Silence memcpy() run-time false positive warnings
    - USB: fix memory leak with using debugfs_lookup()
    - staging: emxx_udc: Add checks for dma_alloc_coherent()
    - tty: fix out-of-bounds access in tty_driver_lookup_tty()
    - tty: serial: fsl_lpuart: disable the CTS when send break signal
    - serial: sc16is7xx: setup GPIO controller later in probe
    - mei: bus-fixup:upon error print return values of send and receive
    - tools/iio/iio_utils:fix memory leak
    - iio: accel: mma9551_core: Prevent uninitialized variable in
      mma9551_read_status_word()
    - iio: accel: mma9551_core: Prevent uninitialized variable in
      mma9551_read_config_word()
    - soundwire: bus_type: Avoid lockdep assert in sdw_drv_probe()
    - PCI: loongson: Prevent LS7A MRRS increases
    - USB: dwc3: fix memory leak with using debugfs_lookup()
    - USB: chipidea: fix memory leak with using debugfs_lookup()
    - USB: uhci: fix memory leak with using debugfs_lookup()
    - USB: sl811: fix memory leak with using debugfs_lookup()
    - USB: fotg210: fix memory leak with using debugfs_lookup()
    - USB: isp116x: fix memory leak with using debugfs_lookup()
    - USB: isp1362: fix memory leak with using debugfs_lookup()
    - USB: gadget: gr_udc: fix memory leak with using debugfs_lookup()
    - USB: gadget: bcm63xx_udc: fix memory leak with using debugfs_lookup()
    - USB: gadget: lpc32xx_udc: fix memory leak with using debugfs_lookup()
    - USB: gadget: pxa25x_udc: fix memory leak with using debugfs_lookup()
    - USB: gadget: pxa27x_udc: fix memory leak with using debugfs_lookup()
    - usb: host: xhci: mvebu: Iterate over array indexes instead of using pointer
      math
    - USB: ene_usb6250: Allocate enough memory for full object
    - usb: uvc: Enumerate valid values for color matching
    - usb: gadget: uvc: Make bSourceID read/write
    - PCI: Align extra resources for hotplug bridges properly
    - PCI: Take other bus devices into account when distributing resources
    - tty: pcn_uart: fix memory leak with using debugfs_lookup()
    - misc: vmw_balloon: fix memory leak with using debugfs_lookup()
    - drivers: base: component: fix memory leak with using debugfs_lookup()
    - drivers: base: dd: fix memory leak with using debugfs_lookup()
    - kernel/fail_function: fix memory leak with using debugfs_lookup()
    - PCI: loongson: Add more devices that need MRRS quirk
    - PCI: Add ACS quirk for Wangxun NICs
    - phy: rockchip-typec: Fix unsigned comparison with less than zero
    - soundwire: cadence: Remove wasted space in response_buf
    - soundwire: cadence: Drain the RX FIFO after an IO timeout
    - net: tls: avoid hanging tasks on the tx_lock
    - x86/resctl: fix scheduler confusion with 'current'
    - drm/display/dp_mst: Fix down/up message handling after sink disconnect
    - drm/display/dp_mst: Fix down message handling after a packet reception error
    - Bluetooth: hci_sock: purge socket queues in the destruct() callback
    - media: uvcvideo: Fix race condition with usb_kill_urb
    - drm/virtio: Fix error code in virtio_gpu_object_shmem_init()
    - Revert "scsi: mpt3sas: Fix return value check of dma_get_required_mask()"
    - scsi: mpt3sas: Don't change DMA mask while reallocating pools
    - scsi: mpt3sas: re-do lost mpt3sas DMA mask fix
    - scsi: mpt3sas: Remove usage of dma_get_required_mask() API
    - malidp: Fix NULL vs IS_ERR() checking
    - usb: gadget: uvc: fix missing mutex_unlock() if kstrtou8() fails
    - Linux 5.15.100
  * Packaging resync (LP: #1786013)
    - [Packaging] resync update-dkms-versions helper
    - [Packaging] update annotations scripts

linux-aws-5.15 (5.15.0-1040.45~20.04.1) focal; urgency=medium

* focal/linux-aws-5.15: 5.15.0-1040.45~20.04.1 -proposed tracker
    (LP: #2026406)

[ Ubuntu: 5.15.0-1040.45 ]

* jammy/linux-aws: 5.15.0-1040.45 -proposed tracker (LP: #2026407)
  * jammy/linux: 5.15.0-78.85 -proposed tracker (LP: #2026448)
  * CVE-2023-35001
    - netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
  * CVE-2023-31248
    - netfilter: nf_tables: do not ignore genmask when looking up chain by id
  * CVE-2023-3389
    - io_uring: hold uring mutex around poll removal
  * CVE-2023-3439
    - mctp: Add refcounts to mctp_dev
    - mctp: Allow MCTP on tun devices
    - mctp: make __mctp_dev_get() take a refcount hold
    - mctp: defer the kfree of object mdev->addrs
  * CVE-2023-3390
    - netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
  * CVE-2023-3090
    - ipvlan:Fix out-of-bounds caused by unclear skb->cb
  * Packaging resync (LP: #1786013)
    - [Packaging] resync update-dkms-versions helper

linux-aws-5.15 (5.15.0-1039.44~20.04.1) focal; urgency=medium

* focal/linux-aws-5.15: 5.15.0-1039.44~20.04.1 -proposed tracker
    (LP: #2023864)

* Packaging resync (LP: #1786013)
    - [Packaging] resync update-dkms-versions helper

[ Ubuntu: 5.15.0-1039.44 ]

* jammy/linux-aws: 5.15.0-1039.44 -proposed tracker (LP: #2023865)
  * jammy/linux: 5.15.0-76.83 -proposed tracker (LP: #2023905)
  * cls_flower: off-by-one in fl_set_geneve_opt (LP: #2023577)
    - net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
  * Some INVLPG implementations can leave Global translations unflushed when
    PCIDs are enabled (LP: #2023220)
    - x86/mm: Avoid incomplete Global INVLPG flushes
  * jammy/linux: 5.15.0-75.82 -proposed tracker (LP: #2023065)
  * Jammy update: v5.15.102 upstream stable release (LP: #2020393)
    - wifi: cfg80211: Partial revert "wifi: cfg80211: Fix use after free for wext"
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
    - [Packaging] resync getabis
  * fix typo in config-checks invocation (LP: #2020413)
    - [Packaging] fix typo when calling the old config-check
    - [Packaging] fix typo in 4-checks.mk
  * support python < 3.9 with annotations (LP: #2020531)
    - [Packaging] kconfig/annotations.py: support older way of merging dicts

linux-aws-5.15 (5.15.0-1038.43~20.04.1) focal; urgency=medium

* focal/linux-aws-5.15: 5.15.0-1038.43~20.04.1 -proposed tracker
    (LP: #2019380)

* Use new annotations model (LP: #2019000)
    - [Config] aws-5.15: migrate all configs into annotations

[ Ubuntu: 5.15.0-1038.43 ]

* jammy/linux-aws: 5.15.0-1038.42 -proposed tracker (LP: #2019381)
  * Use new annotations model (LP: #2019000)
    - [Config] aws: migrate all configs into annotations

[ Ubuntu: 5.15.0-1038.42 ]

* jammy/linux-aws: 5.15.0-1038.42 -proposed tracker (LP: #2019381)
  * Jammy update: v5.15.99 upstream stable release (LP: #2018438)
    - [Config] aws: Drop MICROCODE_OLD_INTERFACE
  * support python < 3.9 with annotations (LP: #2020531)
    - [Packaging] kconfig/annotations.py: support older way of merging dicts
  * fix typo in config-checks invocation (LP: #2020413)
    - [Packaging] fix typo in 4-checks.mk
    - [Packaging] fix typo when calling the old config-check
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
    - [Packaging] resync getabis
  * jammy/linux: 5.15.0-74.81 -proposed tracker (LP: #2019420)
  * smartpqi: Update 22.04 driver to include recent bug fixes and support
    current generation devices (LP: #1998643)
    - scsi: smartpqi: Switch to attribute groups
    - scsi: smartpqi: Fix rmmod stack trace
    - scsi: smartpqi: Add PCI IDs
    - scsi: smartpqi: Enable SATA NCQ priority in sysfs
    - scsi: smartpqi: Eliminate drive spin down on warm boot
    - scsi: smartpqi: Quickly propagate path failures to SCSI midlayer
    - scsi: smartpqi: Fix a name typo and cleanup code
    - scsi: smartpqi: Fix a typo in func pqi_aio_submit_io()
    - scsi: smartpqi: Resolve delay issue with PQI_HZ value
    - scsi: smartpqi: Avoid drive spin-down during suspend
    - scsi: smartpqi: Update volume size after expansion
    - scsi: smartpqi: Speed up RAID 10 sequential reads
    - scsi: smartpqi: Expose SAS address for SATA drives
    - scsi: smartpqi: Fix NUMA node not updated during init
    - scsi: smartpqi: Fix BUILD_BUG_ON() statements
    - scsi: smartpqi: Fix hibernate and suspend
    - scsi: smartpqi: Fix lsscsi -t SAS addresses
    - scsi: smartpqi: Update version to 2.1.14-035
    - scsi: smartpqi: Fix unused variable pqi_pm_ops for clang
    - scsi: smartpqi: Stop using the SCSI pointer
    - scsi: smartpqi: Fix typo in comment
    - scsi: smartpqi: Shorten drive visibility after removal
    - scsi: smartpqi: Add controller fw version to console log
    - scsi: smartpqi: Add PCI IDs for ramaxel controllers
    - scsi: smartpqi: Close write read holes
    - scsi: smartpqi: Add driver support for multi-LUN devices
    - scsi: smartpqi: Fix PCI control linkdown system hang
    - scsi: smartpqi: Add PCI ID for Adaptec SmartHBA 2100-8i
    - scsi: smartpqi: Add PCI IDs for Lenovo controllers
    - scsi: smartpqi: Stop logging spurious PQI reset failures
    - scsi: smartpqi: Fix RAID map race condition
    - scsi: smartpqi: Add module param to disable managed ints
    - scsi: smartpqi: Update deleting a LUN via sysfs
    - scsi: smartpqi: Add ctrl ready timeout module parameter
    - scsi: smartpqi: Update copyright to current year
    - scsi: smartpqi: Update version to 2.1.18-045
    - scsi: smartpqi: Convert to host_tagset
    - scsi: smartpqi: Add new controller PCI IDs
    - scsi: smartpqi: Correct max LUN number
    - scsi: smartpqi: Change sysfs raid_level attribute to N/A for controllers
    - scsi: smartpqi: Correct device removal for multi-actuator devices
    - scsi: smartpqi: Add controller cache flush during rmmod
    - scsi: smartpqi: Initialize feature section info
    - scsi: smartpqi: Change version to 2.1.20-035
  * CVE-2023-32233
    - netfilter: nf_tables: deactivate anonymous set from preparation phase
  * CVE-2023-2612
    - SAUCE: shiftfs: prevent lock unbalance in shiftfs_create_object()
  * CVE-2023-31436
    - net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
  * CVE-2023-1380
    - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
  * Add  PPIN support for Intel EMR cpu (LP: #2019131)
    - x86/cpu: Merge Intel and AMD ppin_init() functions
    - x86/cpu: Add Xeon Emerald Rapids to list of CPUs that support PPIN
  * conntrack mark is not advertised via netlink (LP: #2016269)
    - netfilter: ctnetlink: revert to dumping mark regardless of event type
  * [SRU] Backport request for hpwdt from upstream 6.1 to Jammy (LP: #2008751)
    - watchdog/hpwdt: Enable HP_WATCHDOG for ARM64 systems.
    - watchdog/hpwdt: Include nmi.h only if CONFIG_HPWDT_NMI_DECODING
    - [Config] Add arm64 option to CONFIG_HP_WATCHDOG
  * Ubuntu 22.04 raise abnormal NIC MSI-X requests with larger CPU cores (256)
    (LP: #2012335)
    - ice: Allow operation with reduced device MSI-X
  * Dell: Enable speaker mute hotkey LED indicator (LP: #2015972)
    - platform/x86: dell-laptop: Register ctl-led for speaker-mute
  * [SRU]With "Performance per Watt (DAPC)" enabled in the BIOS, Bootup time is
    taking longer than expected (LP: #2008527)
    - cpufreq: ACPI: Defer setting boost MSRs
  * [SRU][Jammy] CONFIG_PCI_MESON is not enabled (LP: #2007745)
    - [Config] arm64: Enable PCI_MESON module
  * Jammy update: v5.15.99 upstream stable release (LP: #2018438)
    - HID: asus: use spinlock to protect concurrent accesses
    - HID: asus: use spinlock to safely schedule workers
    - powerpc/mm: Rearrange if-else block to avoid clang warning
    - ARM: OMAP2+: Fix memory leak in realtime_counter_init()
    - arm64: dts: qcom: qcs404: use symbol names for PCIe resets
    - arm64: dts: qcom: msm8996-tone: Fix USB taking 6 minutes to wake up
    - arm64: dts: qcom: sm8150-kumano: Panel framebuffer is 2.5k instead of 4k
    - arm64: dts: qcom: sm6125: Reorder HSUSB PHY clocks to match bindings
    - arm64: dts: imx8m: Align SoC unique ID node unit address
    - ARM: zynq: Fix refcount leak in zynq_early_slcr_init
    - arm64: dts: mediatek: mt8183: Fix systimer 13 MHz clock description
    - arm64: dts: qcom: sdm845-db845c: fix audio codec interrupt pin name
    - arm64: dts: qcom: sc7180: correct SPMI bus address cells
    - arm64: dts: qcom: sc7280: correct SPMI bus address cells
    - arm64: dts: meson-gx: Fix Ethernet MAC address unit name
    - arm64: dts: meson-g12a: Fix internal Ethernet PHY unit name
    - arm64: dts: meson-gx: Fix the SCPI DVFS node name and unit address
    - arm64: dts: msm8992-bullhead: add memory hole region
    - arm64: dts: qcom: msm8992-bullhead: Fix cont_splash_mem size
    - arm64: dts: qcom: msm8992-bullhead: Disable dfps_data_mem
    - arm64: dts: qcom: ipq8074: correct USB3 QMP PHY-s clock output names
    - arm64: dts: qcom: Fix IPQ8074 PCIe PHY nodes
    - arm64: dts: qcom: ipq8074: fix PCIe PHY serdes size
    - arm64: dts: qcom: ipq8074: fix Gen3 PCIe QMP PHY
    - arm64: dts: qcom: ipq8074: correct Gen2 PCIe ranges
    - arm64: dts: qcom: ipq8074: fix Gen3 PCIe node
    - arm64: dts: qcom: ipq8074: correct PCIe QMP PHY output clock names
    - arm64: dts: meson: remove CPU opps below 1GHz for G12A boards
    - ARM: OMAP1: call platform_device_put() in error case in
      omap1_dm_timer_init()
    - ARM: bcm2835_defconfig: Enable the framebuffer
    - ARM: s3c: fix s3c64xx_set_timer_source prototype
    - arm64: dts: ti: k3-j7200: Fix wakeup pinmux range
    - ARM: dts: exynos: correct wr-active property in Exynos3250 Rinato
    - ARM: imx: Call ida_simple_remove() for ida_simple_get
    - arm64: dts: amlogic: meson-gx: fix SCPI clock dvfs node name
    - arm64: dts: amlogic: meson-axg: fix SCPI clock dvfs node name
    - arm64: dts: amlogic: meson-gx: add missing SCPI sensors compatible
    - arm64: dts: amlogic: meson-gxl-s905d-sml5442tw: drop invalid clock-names
      property
    - arm64: dts: amlogic: meson-gx: add missing unit address to rng node name
    - arm64: dts: amlogic: meson-gxl: add missing unit address to eth-phy-mux node
      name
    - arm64: dts: amlogic: meson-gx-libretech-pc: fix update button name
    - arm64: dts: amlogic: meson-sm1-bananapi-m5: fix adc keys node names
    - arm64: dts: amlogic: meson-gxl-s905d-phicomm-n1: fix led node name
    - arm64: dts: amlogic: meson-gxbb-kii-pro: fix led node name
    - arm64: dts: amlogic: meson-sm1-odroid-hc4: fix active fan thermal trip
    - locking/rwsem: Optimize down_read_trylock() under highly contended case
    - locking/rwsem: Disable preemption in all down_read*() and up_read() code
      paths
    - arm64: dts: renesas: beacon-renesom: Fix gpio expander reference
    - arm64: dts: meson: bananapi-m5: switch VDDIO_C pin to OPEN_DRAIN
    - ARM: dts: sun8i: nanopi-duo2: Fix regulator GPIO reference
    - ARM: dts: imx7s: correct iomuxc gpr mux controller cells
    - arm64: dts: mt8192: Fix CPU map for single-cluster SoC
    - arm64: dts: mediatek: mt7622: Add missing pwm-cells to pwm node
    - blk-mq: avoid sleep in blk_mq_alloc_request_hctx
    - blk-mq: remove stale comment for blk_mq_sched_mark_restart_hctx
    - blk-mq: correct stale comment of .get_budget
    - arm64: dts: qcom: msm8992-lg-bullhead: Correct memory overlaps with the SMEM
      and MPSS memory regions
    - s390/dasd: Fix potential memleak in dasd_eckd_init()
    - sched/deadline,rt: Remove unused parameter from pick_next_[rt|dl]_entity()
    - sched/rt: pick_next_rt_entity(): check list_entry
    - x86/perf/zhaoxin: Add stepping check for ZXC
    - KEYS: asymmetric: Fix ECDSA use via keyctl uapi
    - arm64: dts: qcom: pmk8350: Specify PBS register for PON
    - arm64: dts: qcom: pmk8350: Use the correct PON compatible
    - block: bio-integrity: Copy flags when bio_integrity_payload is cloned
    - wifi: rsi: Fix memory leak in rsi_coex_attach()
    - wifi: rtlwifi: rtl8821ae: don't call kfree_skb() under spin_lock_irqsave()
    - wifi: rtlwifi: rtl8188ee: don't call kfree_skb() under spin_lock_irqsave()
    - wifi: rtlwifi: rtl8723be: don't call kfree_skb() under spin_lock_irqsave()
    - wifi: iwlegacy: common: don't call dev_kfree_skb() under spin_lock_irqsave()
    - wifi: libertas: fix memory leak in lbs_init_adapter()
    - wifi: rtl8xxxu: don't call dev_kfree_skb() under spin_lock_irqsave()
    - wifi: rtlwifi: Fix global-out-of-bounds bug in
      _rtl8812ae_phy_set_txpower_limit()
    - libbpf: Fix btf__align_of() by taking into account field offsets
    - wifi: ipw2x00: don't call dev_kfree_skb() under spin_lock_irqsave()
    - wifi: ipw2200: fix memory leak in ipw_wdev_init()
    - wifi: wilc1000: fix potential memory leak in wilc_mac_xmit()
    - wifi: brcmfmac: fix potential memory leak in brcmf_netdev_start_xmit()
    - wifi: brcmfmac: unmap dma buffer in brcmf_msgbuf_alloc_pktid()
    - wifi: libertas_tf: don't call kfree_skb() under spin_lock_irqsave()
    - wifi: libertas: if_usb: don't call kfree_skb() under spin_lock_irqsave()
    - wifi: libertas: main: don't call kfree_skb() under spin_lock_irqsave()
    - wifi: libertas: cmdresp: don't call kfree_skb() under spin_lock_irqsave()
    - wifi: wl3501_cs: don't call kfree_skb() under spin_lock_irqsave()
    - crypto: x86/ghash - fix unaligned access in ghash_setkey()
    - ACPICA: Drop port I/O validation for some regions
    - genirq: Fix the return type of kstat_cpu_irqs_sum()
    - rcu-tasks: Improve comments explaining tasks_rcu_exit_srcu purpose
    - rcu-tasks: Remove preemption disablement around srcu_read_[un]lock() calls
    - rcu-tasks: Fix synchronize_rcu_tasks() VS zap_pid_ns_processes()
    - lib/mpi: Fix buffer overrun when SG is too long
    - crypto: ccp - Avoid page allocation failure warning for SEV_GET_ID2
    - ACPICA: nsrepair: handle cases without a return value correctly
    - thermal/drivers/tsens: Drop msm8976-specific defines
    - thermal/drivers/tsens: Add compat string for the qcom,msm8960
    - thermal/drivers/tsens: Sort out msm8976 vs msm8956 data
    - thermal/drivers/tsens: fix slope values for msm8939
    - thermal/drivers/tsens: limit num_sensors to 9 for msm8939
    - wifi: rtl8xxxu: Fix memory leaks with RTL8723BU, RTL8192EU
    - wifi: orinoco: check return value of hermes_write_wordrec()
    - wifi: ath9k: htc_hst: free skb in ath9k_htc_rx_msg() if there is no callback
      function
    - ath9k: hif_usb: simplify if-if to if-else
    - ath9k: htc: clean up statistics macros
    - wifi: ath9k: hif_usb: clean up skbs if ath9k_hif_usb_rx_stream() fails
    - wifi: ath9k: Fix potential stack-out-of-bounds write in
      ath9k_wmi_rsp_callback()
    - wifi: ath11k: Fix memory leak in ath11k_peer_rx_frag_setup
    - wifi: cfg80211: Fix extended KCK key length check in
      nl80211_set_rekey_data()
    - ACPI: battery: Fix missing NUL-termination with large strings
    - crypto: ccp - Failure on re-initialization due to duplicate sysfs filename
    - crypto: essiv - Handle EBUSY correctly
    - crypto: seqiv - Handle EBUSY correctly
    - powercap: fix possible name leak in powercap_register_zone()
    - x86: Mark stop_this_cpu() __noreturn
    - x86/microcode: Rip out the OLD_INTERFACE
    - [Config] Drop MICROCODE_OLD_INTERFACE
    - x86/microcode: Default-disable late loading
    - x86/microcode: Print previous version of microcode after reload
    - x86/microcode: Add a parameter to microcode_check() to store CPU
      capabilities
    - x86/microcode: Check CPU capabilities after late microcode update correctly
    - x86/microcode: Adjust late loading result reporting message
    - crypto: xts - Handle EBUSY correctly
    - leds: led-class: Add missing put_device() to led_put()
    - crypto: ccp - Refactor out sev_fw_alloc()
    - crypto: ccp - Flush the SEV-ES TMR memory before giving it to firmware
    - bpftool: profile online CPUs instead of possible
    - mt76: mt7915: fix polling firmware-own status
    - net/mlx5: Enhance debug print in page allocation failure
    - irqchip: Fix refcount leak in platform_irqchip_probe
    - irqchip/alpine-msi: Fix refcount leak in alpine_msix_init_domains
    - irqchip/irq-mvebu-gicp: Fix refcount leak in mvebu_gicp_probe
    - irqchip/ti-sci: Fix refcount leak in ti_sci_intr_irq_domain_probe
    - s390/mem_detect: fix detect_memory() error handling
    - s390/vmem: fix empty page tables cleanup under KASAN
    - net: add sock_init_data_uid()
    - tun: tun_chr_open(): correctly initialize socket uid
    - tap: tap_open(): correctly initialize socket uid
    - OPP: fix error checking in opp_migrate_dentry()
    - Bluetooth: L2CAP: Fix potential user-after-free
    - Bluetooth: hci_qca: get wakeup status from serdev device handle
    - s390/ap: fix status returned by ap_aqic()
    - s390/ap: fix status returned by ap_qact()
    - libbpf: Fix alen calculation in libbpf_nla_dump_errormsg()
    - rds: rds_rm_zerocopy_callback() correct order for list_add_tail()
    - crypto: rsa-pkcs1pad - Use akcipher_request_complete
    - m68k: /proc/hardware should depend on PROC_FS
    - RISC-V: time: initialize hrtimer based broadcast clock event device
    - wifi: iwl3945: Add missing check for create_singlethread_workqueue
    - wifi: iwl4965: Add missing check for create_singlethread_workqueue()
    - wifi: mwifiex: fix loop iterator in mwifiex_update_ampdu_txwinsize()
    - selftests/bpf: Fix out-of-srctree build
    - ACPI: resource: Add IRQ overrides for MAINGEAR Vector Pro 2 models
    - ACPI: resource: Do IRQ override on all TongFang GMxRGxx
    - crypto: crypto4xx - Call dma_unmap_page when done
    - wifi: mac80211: make rate u32 in sta_set_rate_info_rx()
    - thermal/drivers/hisi: Drop second sensor hi3660
    - can: esd_usb: Move mislocated storage of SJA1000_ECC_SEG bits in case of a
      bus error
    - bpf: Fix global subprog context argument resolution logic
    - irqchip/irq-brcmstb-l2: Set IRQ_LEVEL for level triggered interrupts
    - irqchip/irq-bcm7120-l2: Set IRQ_LEVEL for level triggered interrupts
    - selftests/net: Interpret UDP_GRO cmsg data as an int value
    - l2tp: Avoid possible recursive deadlock in l2tp_tunnel_register()
    - net: bcmgenet: fix MoCA LED control
    - sefltests: netdevsim: wait for devlink instance after netns removal
    - drm: Fix potential null-ptr-deref due to drmm_mode_config_init()
    - drm/fourcc: Add missing big-endian XRGB1555 and RGB565 formats
    - drm/bridge: ti-sn65dsi83: Fix delay after reset deassert to match spec
    - drm: mxsfb: DRM_MXSFB should depend on ARCH_MXS || ARCH_MXC
    - [Config] Drop DRM_MXSFB for armhf-generic-lpae
    - drm/bridge: megachips: Fix error handling in i2c_register_driver()
    - drm/vkms: Fix memory leak in vkms_init()
    - drm/vkms: Fix null-ptr-deref in vkms_release()
    - drm/vc4: dpi: Add option for inverting pixel clock and output enable
    - drm/vc4: dpi: Fix format mapping for RGB565
    - drm: tidss: Fix pixel format definition
    - gpu: ipu-v3: common: Add of_node_put() for reference returned by
      of_graph_get_port_by_id()
    - hwmon: (ftsteutates) Fix scaling of measurements
    - drm/msm/hdmi: Add missing check for alloc_ordered_workqueue
    - pinctrl: qcom: pinctrl-msm8976: Correct function names for wcss pins
    - pinctrl: stm32: Fix refcount leak in stm32_pctrl_get_irq_domain
    - pinctrl: rockchip: Fix refcount leak in rockchip_pinctrl_parse_groups
    - drm/vc4: hvs: Set AXI panic modes
    - drm/vc4: hvs: Fix colour order for xRGB1555 on HVS5
    - drm/vc4: hdmi: Correct interlaced timings again
    - drm/msm: clean event_thread->worker in case of an error
    - scsi: qla2xxx: edif: Fix I/O timeout due to over-subscription
    - scsi: qla2xxx: Fix exchange oversubscription
    - scsi: qla2xxx: Fix exchange oversubscription for management commands
    - ASoC: fsl_sai: Update to modern clocking terminology
    - ASoC: fsl_sai: initialize is_dsp_mode flag
    - drm/msm/adreno: Fix null ptr access in adreno_gpu_cleanup()
    - ALSA: hda/ca0132: minor fix for allocation size
    - drm/msm/gem: Add check for kmalloc
    - drm/msm/dpu: Disallow unallocated resources to be returned
    - drm/bridge: lt9611: fix sleep mode setup
    - drm/bridge: lt9611: fix HPD reenablement
    - drm/bridge: lt9611: fix polarity programming
    - drm/bridge: lt9611: fix programming of video modes
    - drm/bridge: lt9611: fix clock calculation
    - drm/bridge: lt9611: pass a pointer to the of node
    - drm/mipi-dsi: Fix byte order of 16-bit DCS set/get brightness
    - drm: exynos: dsi: Fix MIPI_DSI*_NO_* mode flags
    - drm/msm/dsi: Allow 2 CTRLs on v2.5.0
    - drm/msm: use strscpy instead of strncpy
    - drm/msm/dpu: Add check for cstate
    - drm/msm/dpu: Add check for pstates
    - drm/msm/mdp5: Add check for kzalloc
    - pinctrl: bcm2835: Remove of_node_put() in bcm2835_of_gpio_ranges_fallback()
    - pinctrl: mediatek: fix coding style
    - pinctrl: mediatek: Initialize variable pullen and pullup to zero
    - pinctrl: mediatek: Initialize variable *buf to zero
    - gpu: host1x: Don't skip assigning syncpoints to channels
    - drm/tegra: firewall: Check for is_addr_reg existence in IMM check
    - drm/msm/dpu: set pdpu->is_rt_pipe early in dpu_plane_sspp_atomic_update()
    - drm/mediatek: dsi: Reduce the time of dsi from LP11 to sending cmd
    - drm/mediatek: Use NULL instead of 0 for NULL pointer
    - drm/mediatek: Drop unbalanced obj unref
    - drm/mediatek: mtk_drm_crtc: Add checks for devm_kcalloc
    - drm/mediatek: Clean dangling pointer on bind error path
    - ASoC: soc-compress.c: fixup private_data on snd_soc_new_compress()
    - gpio: vf610: connect GPIO label to dev name
    - spi: dw_bt1: fix MUX_MMIO dependencies
    - ASoC: mchp-spdifrx: fix controls which rely on rsr register
    - ASoC: mchp-spdifrx: fix return value in case completion times out
    - ASoC: mchp-spdifrx: fix controls that works with completion mechanism
    - ASoC: mchp-spdifrx: disable all interrupts in mchp_spdifrx_dai_remove()
    - ASoC: rsnd: fixup #endif position
    - ASoC: mchp-spdifrx: Fix uninitialized use of mr in mchp_spdifrx_hw_params()
    - ASoC: dt-bindings: meson: fix gx-card codec node regex
    - hwmon: (ltc2945) Handle error case in ltc2945_value_store
    - drm/amdgpu: fix enum odm_combine_mode mismatch
    - scsi: mpt3sas: Fix a memory leak
    - scsi: aic94xx: Add missing check for dma_map_single()
    - HID: multitouch: Add quirks for flipped axes
    - HID: retain initial quirks set up when creating HID devices
    - ASoC: codecs: Change bulk clock voting to optional voting in digital codecs
    - ASoC: codecs: rx-macro: move clk provider to managed variants
    - ASoC: codecs: tx-macro: move clk provider to managed variants
    - ASoC: codecs: rx-macro: move to individual clks from bulk
    - ASoC: codecs: tx-macro: move to individual clks from bulk
    - ASoC: codecs: lpass: fix incorrect mclk rate
    - spi: bcm63xx-hsspi: Fix multi-bit mode setting
    - hwmon: (mlxreg-fan) Return zero speed for broken fan
    - ASoC: tlv320adcx140: fix 'ti,gpio-config' DT property init
    - dm: remove flush_scheduled_work() during local_exit()
    - NFSv4: keep state manager thread active if swap is enabled
    - nfs4trace: fix state manager flag printing
    - NFS: fix disabling of swap
    - spi: synquacer: Fix timeout handling in synquacer_spi_transfer_one()
    - ASoC: soc-dapm.h: fixup warning struct snd_pcm_substream not declared
    - HID: bigben: use spinlock to protect concurrent accesses
    - HID: bigben_worker() remove unneeded check on report_field
    - HID: bigben: use spinlock to safely schedule workers
    - hid: bigben_probe(): validate report count
    - drm/shmem-helper: Fix locking for drm_gem_shmem_get_pages_sgt()
    - nfsd: fix race to check ls_layouts
    - cifs: Fix lost destroy smbd connection when MR allocate failed
    - cifs: Fix warning and UAF when destroy the MR list
    - gfs2: jdata writepage fix
    - perf llvm: Fix inadvertent file creation
    - leds: led-core: Fix refcount leak in of_led_get()
    - perf inject: Use perf_data__read() for auxtrace
    - perf intel-pt: Add documentation for Event Trace and TNT disable
    - perf intel-pt: Add link to the perf wiki's Intel PT page
    - perf intel-pt: Add support for emulated ptwrite
    - perf intel-pt: Do not try to queue auxtrace data on pipe
    - perf tools: Fix auto-complete on aarch64
    - sparc: allow PM configs for sparc32 COMPILE_TEST
    - printf: fix errname.c list
    - objtool: add UACCESS exceptions for __tsan_volatile_read/write
    - mfd: cs5535: Don't build on UML
    - mfd: pcf50633-adc: Fix potential memleak in pcf50633_adc_async_read()
    - dmaengine: idxd: Set traffic class values in GRPCFG on DSA 2.0
    - dmaengine: HISI_DMA should depend on ARCH_HISI
    - [Config] Add HISI_DMA=n for armhf
    - iio: light: tsl2563: Do not hardcode interrupt trigger type
    - usb: gadget: fusb300_udc: free irq on the error path in fusb300_probe()
    - i2c: designware: fix i2c_dw_clk_rate() return size to be u32
    - soundwire: cadence: Don't overflow the command FIFOs
    - driver core: fix potential null-ptr-deref in device_add()
    - kobject: modify kobject_get_path() to take a const *
    - kobject: Fix slab-out-of-bounds in fill_kobj_path()
    - alpha/boot/tools/objstrip: fix the check for ELF header
    - media: uvcvideo: Do not check for V4L2_CTRL_WHICH_DEF_VAL
    - media: uvcvideo: Remove s_ctrl and g_ctrl
    - media: uvcvideo: refactor __uvc_ctrl_add_mapping
    - media: uvcvideo: Add support for V4L2_CTRL_TYPE_CTRL_CLASS
    - media: uvcvideo: Use control names from framework
    - media: uvcvideo: Check controls flags before accessing them
    - media: uvcvideo: Check for INACTIVE in uvc_ctrl_is_accessible()
    - coresight: etm4x: Fix accesses to TRCSEQRSTEVR and TRCSEQSTR
    - coresight: cti: Prevent negative values of enable count
    - coresight: cti: Add PM runtime call in enable_store
    - ACPI: resource: Add helper function acpi_dev_get_memory_resources()
    - usb: typec: intel_pmc_mux: Use the helper acpi_dev_get_memory_resources()
    - usb: typec: intel_pmc_mux: Don't leak the ACPI device reference count
    - PCI/IOV: Enlarge virtfn sysfs name buffer
    - PCI: switchtec: Return -EFAULT for copy_to_user() errors
    - tty: serial: fsl_lpuart: disable Rx/Tx DMA in lpuart32_shutdown()
    - tty: serial: fsl_lpuart: clear LPUART Status Register in lpuart32_shutdown()
    - serial: tegra: Add missing clk_disable_unprepare() in tegra_uart_hw_init()
    - Revert "char: pcmcia: cm4000_cs: Replace mdelay with usleep_range in
      set_protocol"
    - eeprom: idt_89hpesx: Fix error handling in idt_init()
    - applicom: Fix PCI device refcount leak in applicom_init()
    - firmware: stratix10-svc: add missing gen_pool_destroy() in
      stratix10_svc_drv_probe()
    - VMCI: check context->notify_page after call to get_user_pages_fast() to
      avoid GPF
    - misc/mei/hdcp: Use correct macros to initialize uuid_le
    - driver core: fix resource leak in device_add()
    - drivers: base: transport_class: fix possible memory leak
    - drivers: base: transport_class: fix resource leak when
      transport_add_device() fails
    - firmware: dmi-sysfs: Fix null-ptr-deref in dmi_sysfs_register_handle
    - fotg210-udc: Add missing completion handler
    - dmaengine: dw-edma: Fix missing src/dst address of interleaved xfers
    - usb: early: xhci-dbc: Fix a potential out-of-bound memory access
    - tty: serial: fsl_lpuart: Fix the wrong RXWATER setting for rx dma case
    - RDMA/cxgb4: add null-ptr-check after ip_dev_find()
    - usb: musb: mediatek: don't unregister something that wasn't registered
    - usb: gadget: configfs: use to_config_usb_cfg() in os_desc_link()
    - usb: gadget: configfs: use to_usb_function_instance() in cfg (un)link func
    - usb: gadget: configfs: remove using list iterator after loop body as a ptr
    - usb: gadget: configfs: Restrict symlink creation is UDC already binded
    - iommu/vt-d: Set No Execute Enable bit in PASID table entry
    - power: supply: remove faulty cooling logic
    - RDMA/cxgb4: Fix potential null-ptr-deref in pass_establish()
    - usb: max-3421: Fix setting of I/O pins
    - RDMA/irdma: Cap MSIX used to online CPUs + 1
    - serial: fsl_lpuart: fix RS485 RTS polariy inverse issue
    - tty: serial: imx: Handle RS485 DE signal active high
    - tty: serial: imx: disable Ageing Timer interrupt request irq
    - dmaengine: dw-edma: Fix readq_ch() return value truncation
    - phy: rockchip-typec: fix tcphy_get_mode error case
    - iw_cxgb4: Fix potential NULL dereference in c4iw_fill_res_cm_id_entry()
    - iommu: Fix error unwind in iommu_group_alloc()
    - dmaengine: sf-pdma: pdma_desc memory leak fix
    - dmaengine: dw-axi-dmac: Do not dereference NULL structure
    - iommu/vt-d: Fix error handling in sva enable/disable paths
    - iommu/vt-d: Remove duplicate identity domain flag
    - iommu/vt-d: Check FL and SL capability sanity in scalable mode
    - iommu/vt-d: Use second level for GPA->HPA translation
    - iommu/vt-d: Allow to use flush-queue when first level is default
    - IB/hfi1: Fix math bugs in hfi1_can_pin_pages()
    - IB/hfi1: Fix sdma.h tx->num_descs off-by-one errors
    - remoteproc: qcom_q6v5_mss: Use a carveout to authenticate modem headers
    - media: ti: cal: fix possible memory leak in cal_ctx_create()
    - media: platform: ti: Add missing check for devm_regulator_get
    - powerpc: Remove linker flag from KBUILD_AFLAGS
    - s390/vdso: remove -nostdlib compiler flag
    - s390/vdso: Drop '-shared' from KBUILD_CFLAGS_64
    - builddeb: clean generated package content
    - media: max9286: Fix memleak in max9286_v4l2_register()
    - media: ov2740: Fix memleak in ov2740_init_controls()
    - media: ov5675: Fix memleak in ov5675_init_controls()
    - media: i2c: ov772x: Fix memleak in ov772x_probe()
    - media: i2c: imx219: Split common registers from mode tables
    - media: i2c: imx219: Fix binning for RAW8 capture
    - media: v4l2-jpeg: correct the skip count in jpeg_parse_app14_data
    - media: v4l2-jpeg: ignore the unknown APP14 marker
    - media: imx-jpeg: Apply clk_bulk api instead of operating specific clk
    - media: i2c: ov7670: 0 instead of -EINVAL was returned
    - media: usb: siano: Fix use after free bugs caused by do_submit_urb
    - media: saa7134: Use video_unregister_device for radio_dev
    - rpmsg: glink: Avoid infinite loop on intent for missing channel
    - udf: Define EFSCORRUPTED error code
    - ARM: dts: exynos: Use Exynos5420 compatible for the MIPI video phy
    - blk-iocost: fix divide by 0 error in calc_lcoefs()
    - trace/blktrace: fix memory leak with using debugfs_lookup()
    - wifi: ath9k: Fix use-after-free in ath9k_hif_usb_disconnect()
    - wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds()
    - rcu: Make RCU_LOCKDEP_WARN() avoid early lockdep checks
    - rcu: Suppress smp_processor_id() complaint in
      synchronize_rcu_expedited_wait()
    - rcu-tasks: Make rude RCU-Tasks work well with CPU hotplug
    - wifi: ath11k: debugfs: fix to work with multiple PCI devices
    - thermal: intel: Fix unsigned comparison with less than zero
    - timers: Prevent union confusion from unexpected restart_syscall()
    - x86/bugs: Reset speculation control settings on init
    - wifi: brcmfmac: ensure CLM version is null-terminated to prevent stack-out-
      of-bounds
    - wifi: mt7601u: fix an integer underflow
    - inet: fix fast path in __inet_hash_connect()
    - ice: restrict PTP HW clock freq adjustments to 100, 000, 000 PPB
    - ice: add missing checks for PF vsi type
    - ACPI: Don't build ACPICA with '-Os'
    - thermal: intel: intel_pch: Add support for Wellsburg PCH
    - clocksource: Suspend the watchdog temporarily when high read latency
      detected
    - crypto: hisilicon: Wipe entire pool on error
    - net: bcmgenet: Add a check for oversized packets
    - m68k: Check syscall_trace_enter() return code
    - netfilter: nf_tables: NULL pointer dereference in nf_tables_updobj()
    - wifi: mt76: dma: free rx_head in mt76_dma_rx_cleanup
    - ACPI: video: Fix Lenovo Ideapad Z570 DMI match
    - net/mlx5: fw_tracer: Fix debug print
    - coda: Avoid partial allocation of sig_inputArgs
    - uaccess: Add minimum bounds check on kernel buffer size
    - s390/idle: mark arch_cpu_idle() noinstr
    - time/debug: Fix memory leak with using debugfs_lookup()
    - PM: domains: fix memory leak with using debugfs_lookup()
    - PM: EM: fix memory leak with using debugfs_lookup()
    - Bluetooth: btusb: Add VID:PID 13d3:3529 for Realtek RTL8821CE
    - hv_netvsc: Check status in SEND_RNDIS_PKT completion message
    - scm: add user copy checks to put_cmsg()
    - drm/amd/display: Revert Reduce delay when sink device not able to ACK 00340h
      write
    - drm/amd/display: Fix potential null-deref in dm_resume
    - drm/omap: dsi: Fix excessive stack usage
    - HID: Add Mapping for System Microphone Mute
    - drm/tiny: ili9486: Do not assume 8-bit only SPI controllers
    - drm/radeon: free iio for atombios when driver shutdown
    - scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write
    - Revert "fbcon: don't lose the console font across generic->chip driver
      switch"
    - drm: amd: display: Fix memory leakage
    - drm/msm/dsi: Add missing check for alloc_ordered_workqueue
    - docs/scripts/gdb: add necessary make scripts_gdb step
    - ASoC: soc-compress: Reposition and add pcm_mutex
    - ASoC: kirkwood: Iterate over array indexes instead of using pointer math
    - regulator: max77802: Bounds check regulator id against opmode
    - regulator: s5m8767: Bounds check id indexing into arrays
    - gfs2: Improve gfs2_make_fs_rw error handling
    - hwmon: (coretemp) Simplify platform device handling
    - pinctrl: at91: use devm_kasprintf() to avoid potential leaks
    - scsi: snic: Fix memory leak with using debugfs_lookup()
    - HID: logitech-hidpp: Don't restart communication if not necessary
    - drm: panel-orientation-quirks: Add quirk for Lenovo IdeaPad Duet 3 10IGL5
    - dm thin: add cond_resched() to various workqueue loops
    - dm cache: add cond_resched() to various workqueue loops
    - nfsd: zero out pointers after putting nfsd_files on COPY setup error
    - drm/shmem-helper: Revert accidental non-GPL export
    - wifi: rtl8xxxu: fixing transmisison failure for rtl8192eu
    - firmware: coreboot: framebuffer: Ignore reserved pixel color bits
    - block: don't allow multiple bios for IOCB_NOWAIT issue
    - rtc: pm8xxx: fix set-alarm race
    - ipmi:ssif: resend_msg() cannot fail
    - ipmi_ssif: Rename idle state and check
    - s390/extmem: return correct segment type in __segment_load()
    - s390: discard .interp section
    - s390/kprobes: fix irq mask clobbering on kprobe reenter from post_handler
    - s390/kprobes: fix current_kprobe never cleared after kprobes reenter
    - cifs: Fix uninitialized memory read in smb3_qfs_tcon()
    - btrfs: hold block group refcount during async discard
    - locking/rwsem: Prevent non-first waiter from spinning in down_write()
      slowpath
    - ksmbd: fix wrong data area length for smb2 lock request
    - ksmbd: do not allow the actual frame length to be smaller than the rfc1002
      length
    - ARM: dts: exynos: correct HDMI phy compatible in Exynos4
    - hfs: fix missing hfs_bnode_get() in __hfs_bnode_create
    - fs: hfsplus: fix UAF issue in hfsplus_put_super
    - exfat: fix reporting fs error when reading dir beyond EOF
    - exfat: fix unexpected EOF while reading dir
    - exfat: redefine DIR_DELETED as the bad cluster number
    - exfat: fix inode->i_blocks for non-512 byte sector size device
    - fs: dlm: don't set stop rx flag after node reset
    - fs: dlm: move sending fin message into state change handling
    - fs: dlm: send FIN ack back in right cases
    - f2fs: fix information leak in f2fs_move_inline_dirents()
    - f2fs: fix cgroup writeback accounting with fs-layer encryption
    - ocfs2: fix defrag path triggering jbd2 ASSERT
    - ocfs2: fix non-auto defrag path not working issue
    - selftests/landlock: Skip overlayfs tests when not supported
    - selftests/landlock: Test ptrace as much as possible with Yama
    - udf: Truncate added extents on failed expansion
    - udf: Do not bother merging very long extents
    - udf: Do not update file length for failed writes to inline files
    - udf: Preserve link count of system files
    - udf: Detect system inodes linked into directory hierarchy
    - udf: Fix file corruption when appending just after end of preallocated
      extent
    - RDMA/siw: Fix user page pinning accounting
    - KVM: Destroy target device if coalesced MMIO unregistration fails
    - KVM: x86: Inject #GP if WRMSR sets reserved bits in APIC Self-IPI
    - KVM: SVM: Fix potential overflow in SEV's send|receive_update_data()
    - KVM: SVM: hyper-v: placate modpost section mismatch error
    - KVM: s390: disable migration mode when dirty tracking is disabled
    - x86/virt: Force GIF=1 prior to disabling SVM (for reboot flows)
    - x86/crash: Disable virt in core NMI crash handler to avoid double shootdown
    - x86/reboot: Disable virtualization in an emergency if SVM is supported
    - x86/reboot: Disable SVM, not just VMX, when stopping CPUs
    - x86/kprobes: Fix __recover_optprobed_insn check optimizing logic
    - x86/kprobes: Fix arch_check_optimized_kprobe check within optimized_kprobe
      range
    - x86/microcode/amd: Remove load_microcode_amd()'s bsp parameter
    - x86/microcode/AMD: Add a @cpu parameter to the reloading functions
    - x86/microcode/AMD: Fix mixed steppings support
    - x86/speculation: Allow enabling STIBP with legacy IBRS
    - Documentation/hw-vuln: Document the interaction between IBRS and STIBP
    - brd: return 0/-error from brd_insert_page()
    - ima: Align ima_file_mmap() parameters with mmap_file LSM hook
    - irqdomain: Fix association race
    - irqdomain: Fix disassociation race
    - irqdomain: Look for existing mapping only once
    - irqdomain: Drop bogus fwspec-mapping error handling
    - irqdomain: Fix domain registration race
    - crypto: qat - fix out-of-bounds read
    - io_uring: handle TIF_NOTIFY_RESUME when checking for task_work
    - io_uring: mark task TASK_RUNNING before handling resume/task work
    - io_uring: add a conditional reschedule to the IOPOLL cancelation loop
    - io_uring/rsrc: disallow multi-source reg buffers
    - io_uring: remove MSG_NOSIGNAL from recvmsg
    - io_uring/poll: allow some retries for poll triggering spuriously
    - ALSA: ice1712: Do not left ice->gpio_mutex locked in aureon_add_controls()
    - ALSA: hda/realtek: Add quirk for HP EliteDesk 800 G6 Tower PC
    - jbd2: fix data missing when reusing bh which is ready to be checkpointed
    - ext4: optimize ea_inode block expansion
    - ext4: refuse to create ea block when umounted
    - mtd: spi-nor: sfdp: Fix index value for SCCR dwords
    - mtd: spi-nor: spansion: Consider reserved bits in CFR5 register
    - mtd: spi-nor: Fix shift-out-of-bounds in spi_nor_set_erase_type
    - dm: send just one event on resize, not two
    - dm: add cond_resched() to dm_wq_work()
    - wifi: rtl8xxxu: Use a longer retry limit of 48
    - wifi: ath11k: allow system suspend to survive ath11k
    - wifi: cfg80211: Fix use after free for wext
    - qede: fix interrupt coalescing configuration
    - thermal: intel: powerclamp: Fix cur_state for multi package system
    - dm flakey: fix logic when corrupting a bio
    - dm flakey: don't corrupt the zero page
    - dm flakey: fix a bug with 32-bit highmem systems
    - ARM: dts: qcom: sdx55: Add Qcom SMMU-500 as the fallback for IOMMU node
    - ARM: dts: exynos: correct TMU phandle in Exynos4210
    - ARM: dts: exynos: correct TMU phandle in Exynos4
    - ARM: dts: exynos: correct TMU phandle in Odroid XU3 family
    - ARM: dts: exynos: correct TMU phandle in Exynos5250
    - ARM: dts: exynos: correct TMU phandle in Odroid XU
    - ARM: dts: exynos: correct TMU phandle in Odroid HC1
    - fuse: add inode/permission checks to fileattr_get/fileattr_set
    - rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails
    - ceph: update the time stamps and try to drop the suid/sgid
    - alpha: fix FEN fault handling
    - dax/kmem: Fix leak of memory-hotplug resources
    - mips: fix syscall_get_nr
    - media: ipu3-cio2: Fix PM runtime usage_count in driver unbind
    - remoteproc/mtk_scp: Move clk ops outside send_lock
    - docs: gdbmacros: print newest record
    - mm: memcontrol: deprecate charge moving
    - mm/thp: check and bail out if page in deferred queue already
    - ktest.pl: Give back console on Ctrt^C on monitor
    - ktest.pl: Fix missing "end_monitor" when machine check fails
    - ktest.pl: Add RUN_TIMEOUT option with default unlimited
    - ring-buffer: Handle race between rb_move_tail and rb_check_pages
    - tools/bootconfig: fix single & used for logical condition
    - scsi: qla2xxx: Fix link failure in NPIV environment
    - scsi: qla2xxx: Check if port is online before sending ELS
    - scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests
    - scsi: qla2xxx: Remove unintended flag clearing
    - scsi: qla2xxx: Fix erroneous link down
    - scsi: qla2xxx: Remove increment of interface err cnt
    - scsi: ses: Don't attach if enclosure has no components
    - scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process()
    - scsi: ses: Fix possible addl_desc_ptr out-of-bounds accesses
    - scsi: ses: Fix possible desc_ptr out-of-bounds accesses
    - scsi: ses: Fix slab-out-of-bounds in ses_intf_remove()
    - RISC-V: add a spin_shadow_stack declaration
    - riscv: mm: fix regression due to update_mmu_cache change
    - riscv: jump_label: Fixup unaligned arch_static_branch function
    - riscv, mm: Perform BPF exhandler fixup on page fault
    - riscv: ftrace: Remove wasted nops for !RISCV_ISA_C
    - riscv: ftrace: Reduce the detour code size to half
    - MIPS: DTS: CI20: fix otg power gpio
    - PCI/PM: Observe reset delay irrespective of bridge_d3
    - PCI: hotplug: Allow marking devices as disconnected during bind/unbind
    - PCI: Avoid FLR for AMD FCH AHCI adapters
    - iommu/vt-d: Avoid superfluous IOTLB tracking in lazy mode
    - vfio/type1: prevent underflow of locked_vm via exec()
    - vfio/type1: track locked_vm per dma
    - vfio/type1: restore locked_vm
    - drm/i915/quirks: Add inverted backlight quirk for HP 14-r206nv
    - drm/radeon: Fix eDP for single-display iMac11,2
    - drm/edid: fix AVI infoframe aspect ratio handling
    - perf intel-pt: pkt-decoder: Add CFE and EVD packets
    - qede: avoid uninitialized entries in coal_entry array
    - media: uvcvideo: Fix memory leak of object map on error exit path
    - iommu/vt-d: Fix an unbalanced rcu_read_lock/rcu_read_unlock()
    - arm64: dts: qcom: ipq8074: fix Gen2 PCIe QMP PHY
    - wifi: ath9k: use proper statements in conditionals
    - kbuild: Port silent mode detection to future gnu make.
    - Linux 5.15.99
    - [Config] Stop expecting mxsfb for ppc64el
  * Use new annotations model (LP: #2019000)
    - [Packaging] new annotations model infrastructure
    - [Config] migrate all configs into annotations
  * CVE-2023-30456
    - KVM: nVMX: add missing consistency checks for CR0 and CR4
  * CVE-2023-1859
    - 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race
      condition
  * CVE-2023-1670
    - xirc2ps_cs: Fix use after free bug in xirc2ps_detach
  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts

linux-aws-5.15 (5.15.0-1037.41~20.04.1) focal; urgency=medium

* focal/linux-aws-5.15: 5.15.0-1037.41~20.04.1 -proposed tracker
    (LP: #2019607)

[ Ubuntu: 5.15.0-1037.41 ]

* jammy/linux-aws: 5.15.0-1037.41 -proposed tracker (LP: #2019608)
  * jammy/linux: 5.15.0-73.80 -proposed tracker (LP: #2019647)
  * CVE-2023-32233
    - netfilter: nf_tables: deactivate anonymous set from preparation phase
  * CVE-2023-2612
    - SAUCE: shiftfs: prevent lock unbalance in shiftfs_create_object()
  * CVE-2023-31436
    - net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
  * CVE-2023-1380
    - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
  * CVE-2023-30456
    - KVM: nVMX: add missing consistency checks for CR0 and CR4
  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts

linux-aws-5.15 (5.15.0-1036.40~20.04.1) focal; urgency=medium

* focal/linux-aws-5.15: 5.15.0-1036.40~20.04.1 -proposed tracker
    (LP: #2016506)

[ Ubuntu: 5.15.0-1036.40 ]

* jammy/linux-aws: 5.15.0-1036.40 -proposed tracker (LP: #2016507)
  * jammy/linux: 5.15.0-72.79 -proposed tracker (LP: #2016548)
  * Add split lock detection for EMR (LP: #2015855)
    - x86/split_lock: Enumerate architectural split lock disable bit
  *  selftest: fib_tests: Always cleanup before exit  (LP: #2015956)
    - selftest: fib_tests: Always cleanup before exit
  * Add support for intel EMR cpu (LP: #2015372)
    - platform/x86: intel-uncore-freq: add Emerald Rapids support
    - perf/x86/intel/cstate: Add Emerald Rapids
    - perf/x86/rapl: Add support for Intel Emerald Rapids
    - intel_idle: add Emerald Rapids Xeon support
    - tools/power/x86/intel-speed-select: Add Emerald Rapid quirk
    - tools/power turbostat: Introduce support for EMR
    - powercap: intel_rapl: add support for Emerald Rapids
    - EDAC/i10nm: Add Intel Emerald Rapids server support
  * Kernel livepatch ftrace graph fix (LP: #2013603)
    - kprobes: treewide: Remove trampoline_address from
      kretprobe_trampoline_handler()
    - kprobes: treewide: Make it harder to refer kretprobe_trampoline directly
    - kprobes: Add kretprobe_find_ret_addr() for searching return address
    - s390/unwind: recover kretprobe modified return address in stacktrace
    - s390/unwind: fix fgraph return address recovery
  * Jammy update: v5.15.98 upstream stable release (LP: #2015600)
    - Linux 5.15.98
  * Jammy update: v5.15.97 upstream stable release (LP: #2015599)
    - ionic: refactor use of ionic_rx_fill()
    - Fix XFRM-I support for nested ESP tunnels
    - arm64: dts: rockchip: drop unused LED mode property from rk3328-roc-cc
    - ARM: dts: rockchip: add power-domains property to dp node on rk3288
    - HID: elecom: add support for TrackBall 056E:011C
    - ACPI: NFIT: fix a potential deadlock during NFIT teardown
    - btrfs: send: limit number of clones and allocated memory size
    - ASoC: rt715-sdca: fix clock stop prepare timeout issue
    - IB/hfi1: Assign npages earlier
    - neigh: make sure used and confirmed times are valid
    - HID: core: Fix deadloop in hid_apply_multiplier.
    - x86/cpu: Add Lunar Lake M
    - staging: mt7621-dts: change palmbus address to lower case
    - bpf: bpf_fib_lookup should not return neigh in NUD_FAILED state
    - net: Remove WARN_ON_ONCE(sk->sk_forward_alloc) from sk_stream_kill_queues().
    - vc_screen: don't clobber return value in vcs_read
    - scripts/tags.sh: Invoke 'realpath' via 'xargs'
    - scripts/tags.sh: fix incompatibility with PCRE2
    - usb: dwc3: pci: add support for the Intel Meteor Lake-M
    - USB: serial: option: add support for VW/Skoda "Carstick LTE"
    - usb: gadget: u_serial: Add null pointer check in gserial_resume
    - USB: core: Don't hold device lock while reading the "descriptors" sysfs file
    - Linux 5.15.97
  * Jammy update: v5.15.96 upstream stable release (LP: #2015595)
    - drm/etnaviv: don't truncate physical page address
    - wifi: rtl8xxxu: gen2: Turn on the rate control
    - drm/edid: Fix minimum bpc supported with DSC1.2 for HDMI sink
    - clk: mxl: Switch from direct readl/writel based IO to regmap based IO
    - clk: mxl: Remove redundant spinlocks
    - clk: mxl: Add option to override gate clks
    - clk: mxl: Fix a clk entry by adding relevant flags
    - powerpc: dts: t208x: Mark MAC1 and MAC2 as 10G
    - clk: mxl: syscon_node_to_regmap() returns error pointers
    - random: always mix cycle counter in add_latent_entropy()
    - KVM: x86: Fail emulation during EMULTYPE_SKIP on any exception
    - KVM: SVM: Skip WRMSR fastpath on VM-Exit if next RIP isn't valid
    - can: kvaser_usb: hydra: help gcc-13 to figure out cmd_len
    - powerpc: dts: t208x: Disable 10G on MAC1 and MAC2
    - powerpc: use generic version of arch_is_kernel_initmem_freed()
    - powerpc/vmlinux.lds: Ensure STRICT_ALIGN_SIZE is at least page aligned
    - powerpc/vmlinux.lds: Add an explicit symbol for the SRWX boundary
    - powerpc/64s/radix: Fix crash with unaligned relocated kernel
    - powerpc/64s/radix: Fix RWX mapping with relocated kernel
    - drm/i915/gvt: fix double free bug in split_2MB_gtt_entry
    - uaccess: Add speculation barrier to copy_from_user()
    - binder: read pre-translated fds from sender buffer
    - binder: defer copies of pre-patched txn data
    - binder: fix pointer cast warning
    - binder: Address corner cases in deferred copy and fixup
    - binder: Gracefully handle BINDER_TYPE_FDA objects with num_fds=0
    - nbd: fix possible overflow on 'first_minor' in nbd_dev_add()
    - wifi: mwifiex: Add missing compatible string for SD8787
    - audit: update the mailing list in MAINTAINERS
    - ext4: Fix function prototype mismatch for ext4_feat_ktype
    - bpf: add missing header file include
    - Linux 5.15.96
  * Debian autoreconstruct Fix restoration of execute permissions (LP: #2015498)
    - [Debian] autoreconstruct - fix restoration of execute permissions
  * kernel: fix __clear_user() inline assembly constraints (LP: #2013088)
    - s390/uaccess: add missing earlyclobber annotations to __clear_user()
  * Kernel crash during Mellanox performance testing (LP: #2015097)
    - net/mlx5: fs, refactor software deletion rule
  * expoline.o is packaged unconditionally for s390x (LP: #2013209)
    - [Packaging] Copy expoline.o only when produced by the build
  * Intel E810 NICs driver in causing hangs when booting and bonds configured
    (LP: #2004262)
    - ice: avoid bonding causing auxiliary plug/unplug under RTNL lock
  * Jammy update: v5.15.95 upstream stable release (LP: #2013118)
    - mptcp: fix locking for in-kernel listener creation
    - kprobes: treewide: Cleanup the error messages for kprobes
    - riscv: kprobe: Fixup misaligned load text
    - ACPI / x86: Add support for LPS0 callback handler
    - ASoC: Intel: sof_rt5682: always set dpcm_capture for amplifiers
    - ASoC: Intel: sof_cs42l42: always set dpcm_capture for amplifiers
    - selftests/bpf: Verify copy_register_state() preserves parent/live fields
    - ALSA: hda: Do not unset preset when cleaning up codec
    - bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself
    - ASoC: cs42l56: fix DT probe
    - tools/virtio: fix the vringh test for virtio ring changes
    - net/rose: Fix to not accept on connected socket
    - net: stmmac: do not stop RX_CLK in Rx LPI state for qcs404 SoC
    - drm/nouveau/devinit/tu102-: wait for GFW_BOOT_PROGRESS == COMPLETED
    - net: sched: sch: Bounds check priority
    - s390/decompressor: specify __decompress() buf len to avoid overflow
    - nvme-fc: fix a missing queue put in nvmet_fc_ls_create_association
    - drm/amd/display: Properly handle additional cases where DCN is not supported
    - platform/x86: touchscreen_dmi: Add Chuwi Vi8 (CWI501) DMI match
    - nvmem: core: add error handling for dev_set_name
    - nvmem: core: fix cleanup after dev_set_name()
    - nvmem: core: fix registration vs use race
    - nvmem: core: fix return value
    - xfs: zero inode fork buffer at allocation
    - xfs: fix potential log item leak
    - xfs: detect self referencing btree sibling pointers
    - xfs: set XFS_FEAT_NLINK correctly
    - xfs: validate v5 feature fields
    - xfs: avoid unnecessary runtime sibling pointer endian conversions
    - xfs: don't assert fail on perag references on teardown
    - xfs: assert in xfs_btree_del_cursor should take into account error
    - xfs: purge dquots after inode walk fails during quotacheck
    - xfs: don't leak btree cursor when insrec fails after a split
    - mptcp: do not wait for bare sockets' timeout
    - aio: fix mremap after fork null-deref
    - drm/amd/display: Fail atomic_check early on normalize_zpos error
    - platform/x86: amd-pmc: Fix compilation when CONFIG_DEBUGFS is disabled
    - platform/x86: amd-pmc: Correct usage of SMU version
    - platform/x86/amd: pmc: Disable IRQ1 wakeup for RN/CZN
    - netfilter: nft_tproxy: restrict to prerouting hook
    - tcp: Fix listen() regression in 5.15.88.
    - mmc: jz4740: Work around bug on JZ4760(B)
    - mmc: sdio: fix possible resource leaks in some error paths
    - mmc: mmc_spi: fix error handling in mmc_spi_probe()
    - ALSA: hda/conexant: add a new hda codec SN6180
    - ALSA: hda/realtek - fixed wrong gpio assigned
    - sched/psi: Fix use-after-free in ep_remove_wait_queue()
    - hugetlb: check for undefined shift on 32 bit architectures
    - of: reserved_mem: Have kmemleak ignore dynamically allocated reserved mem
    - selftest/lkdtm: Skip stack-entropy test if lkdtm is not available
    - net: Fix unwanted sign extension in netdev_stats_to_stats64()
    - revert "squashfs: harden sanity check in squashfs_read_xattr_id_table"
    - ixgbe: allow to increase MTU to 3K with XDP enabled
    - i40e: add double of VLAN header when computing the max MTU
    - net: bgmac: fix BCM5358 support by setting correct flags
    - net: ethernet: ti: am65-cpsw: Add RX DMA Channel Teardown Quirk
    - sctp: sctp_sock_filter(): avoid list_entry() on possibly empty list
    - dccp/tcp: Avoid negative sk_forward_alloc by ipv6_pinfo.pktoptions.
    - net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path
    - net: openvswitch: fix possible memory leak in ovs_meter_cmd_set()
    - net: stmmac: fix order of dwmac5 FlexPPS parametrization sequence
    - bnxt_en: Fix mqprio and XDP ring checking logic
    - net: stmmac: Restrict warning on disabling DMA store and fwd mode
    - ixgbe: add double of VLAN header when computing the max MTU
    - ipv6: Fix datagram socket connection with DSCP.
    - ipv6: Fix tcp socket connection with DSCP.
    - nilfs2: fix underflow in second superblock position calculations
    - mm/filemap: fix page end in filemap_get_read_batch
    - drm/i915/gen11: Moving WAs to icl_gt_workarounds_init()
    - drm/i915/gen11: Wa_1408615072/Wa_1407596294 should be on GT list
    - flow_offload: fill flags to action structure
    - net/sched: act_ctinfo: use percpu stats
    - i40e: Add checking for null for nlmsg_find_attr()
    - kvm: initialize all of the kvm_debugregs structure before sending it to
      userspace
    - alarmtimer: Prevent starvation by small intervals and SIG_IGN
    - ASoC: SOF: Intel: hda-dai: fix possible stream_tag leak
    - net: sched: sch: Fix off by one in htb_activate_prios()
    - platform/x86/amd: pmc: add CONFIG_SERIO dependency
    - Linux 5.15.95
  * CVE-2023-1075
    - net/tls: tls_is_tx_ready() checked list_entry
  * devlink_port_split from ubuntu_kernel_selftests.net fails on hirsute
    (KeyError: 'flavour') (LP: #1937133)
    - selftests: net: devlink_port_split.py: skip test if no suitable device
      available
  * Connection timeout due to conntrack limits (LP: #2011616)
    - netfilter: conntrack: adopt safer max chain length
  * Jammy update: v5.15.94 upstream stable release (LP: #2012673)
    - mm/migration: return errno when isolate_huge_page failed
    - migrate: hugetlb: check for hugetlb shared PMD in node migration
    - btrfs: limit device extents to the device size
    - btrfs: zlib: zero-initialize zlib workspace
    - ALSA: hda/realtek: Add Positivo N14KP6-TG
    - ALSA: emux: Avoid potential array out-of-bound in snd_emux_xg_control()
    - ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book2 Pro 360
    - ALSA: hda/realtek: Enable mute/micmute LEDs on HP Elitebook, 645 G9
    - tracing: Fix poll() and select() do not work on per_cpu trace_pipe and
      trace_pipe_raw
    - of/address: Return an error when no valid dma-ranges are found
    - can: j1939: do not wait 250 ms if the same addr was already claimed
    - xfrm: compat: change expression for switch in xfrm_xlate64
    - IB/hfi1: Restore allocated resources on failed copyout
    - xfrm/compat: prevent potential spectre v1 gadget in xfrm_xlate32_attr()
    - IB/IPoIB: Fix legacy IPoIB due to wrong number of queues
    - RDMA/irdma: Fix potential NULL-ptr-dereference
    - RDMA/usnic: use iommu_map_atomic() under spin_lock()
    - xfrm: fix bug with DSCP copy to v6 from v4 tunnel
    - net: phylink: move phy_device_free() to correctly release phy device
    - bonding: fix error checking in bond_debug_reregister()
    - net: phy: meson-gxl: use MMD access dummy stubs for GXL, internal PHY
    - ionic: clean interrupt before enabling queue to avoid credit race
    - uapi: add missing ip/ipv6 header dependencies for linux/stddef.h
    - ice: Do not use WQ_MEM_RECLAIM flag for workqueue
    - net: dsa: mt7530: don't change PVC_EG_TAG when CPU port becomes VLAN-aware
    - net: mscc: ocelot: fix VCAP filters not matching on MAC with "protocol
      802.1Q"
    - net/mlx5e: Move repeating clear_bit in mlx5e_rx_reporter_err_rq_cqe_recover
    - net/mlx5e: Introduce the mlx5e_flush_rq function
    - net/mlx5e: Update rx ring hw mtu upon each rx-fcs flag change
    - net/mlx5: Bridge, fix ageing of peer FDB entries
    - net/mlx5e: IPoIB, Show unknown speed instead of error
    - net/mlx5: fw_tracer, Clear load bit when freeing string DBs buffers
    - net/mlx5: fw_tracer, Zero consumer index when reloading the tracer
    - net/mlx5: Serialize module cleanup with reload and remove
    - igc: Add ndo_tx_timeout support
    - rds: rds_rm_zerocopy_callback() use list_first_entry()
    - selftests: forwarding: lib: quote the sysctl values
    - ALSA: pci: lx6464es: fix a debug loop
    - riscv: stacktrace: Fix missing the first frame
    - ASoC: topology: Return -ENOMEM on memory allocation failure
    - pinctrl: mediatek: Fix the drive register definition of some Pins
    - pinctrl: aspeed: Fix confusing types in return value
    - pinctrl: single: fix potential NULL dereference
    - spi: dw: Fix wrong FIFO level setting for long xfers
    - pinctrl: intel: Restore the pins that used to be in Direct IRQ mode
    - cifs: Fix use-after-free in rdata->read_into_pages()
    - net: USB: Fix wrong-direction WARNING in plusb.c
    - mptcp: be careful on subflow status propagation on errors
    - btrfs: free device in btrfs_close_devices for a single device filesystem
    - usb: core: add quirk for Alcor Link AK9563 smartcard reader
    - usb: typec: altmodes/displayport: Fix probe pin assign check
    - clk: ingenic: jz4760: Update M/N/OD calculation algorithm
    - ceph: flush cap releases when the session is flushed
    - riscv: Fixup race condition on PG_dcache_clean in flush_icache_pte
    - powerpc/64s/interrupt: Fix interrupt exit race with security mitigation
      switch
    - rtmutex: Ensure that the top waiter is always woken up
    - arm64: dts: meson-gx: Make mmc host controller interrupts level-sensitive
    - arm64: dts: meson-g12-common: Make mmc host controller interrupts level-
      sensitive
    - arm64: dts: meson-axg: Make mmc host controller interrupts level-sensitive
    - Fix page corruption caused by racy check in __free_pages
    - drm/amdgpu/fence: Fix oops due to non-matching drm_sched init/fini
    - drm/i915: Initialize the obj flags for shmem objects
    - drm/i915: Fix VBT DSI DVO port handling
    - x86/speculation: Identify processors vulnerable to SMT RSB predictions
    - KVM: x86: Mitigate the cross-thread return address predictions bug
    - Documentation/hw-vuln: Add documentation for Cross-Thread Return Predictions
    - Linux 5.15.94
  * Jammy update: v5.15.93 upstream stable release (LP: #2012665)
    - firewire: fix memory leak for payload of request subaction to IEC 61883-1
      FCP region
    - bus: sunxi-rsb: Fix error handling in sunxi_rsb_init()
    - ASoC: Intel: boards: fix spelling in comments
    - ASoC: Intel: bytcht_es8316: move comment to the right place
    - ASoC: Intel: bytcht_es8316: Drop reference count of ACPI device after use
    - ASoC: Intel: bytcr_rt5651: Drop reference count of ACPI device after use
    - ASoC: Intel: bytcr_rt5640: Drop reference count of ACPI device after use
    - ASoC: Intel: bytcr_wm5102: Drop reference count of ACPI device after use
    - bpf: Fix a possible task gone issue with bpf_send_signal[_thread]() helpers
    - ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path()
    - bpf: Support <8-byte scalar spill and refill
    - bpf: Fix to preserve reg parent/live fields when copying range info
    - bpf, sockmap: Check for any of tcp_bpf_prots when cloning a listener
    - arm64: dts: imx8mm: Fix pad control for UART1_DTE_RX
    - drm/vc4: hdmi: make CEC adapter name unique
    - scsi: Revert "scsi: core: map PQ=1, PDT=other values to
      SCSI_SCAN_TARGET_PRESENT"
    - vhost/net: Clear the pending messages when the backend is removed
    - WRITE is "data source", not destination...
    - READ is "data destination", not source...
    - fix iov_iter_bvec() "direction" argument
    - fix "direction" argument of iov_iter_kvec()
    - ice: Prevent set_channel from changing queues while RDMA active
    - qede: execute xdp_do_flush() before napi_complete_done()
    - virtio-net: execute xdp_do_flush() before napi_complete_done()
    - dpaa_eth: execute xdp_do_flush() before napi_complete_done()
    - dpaa2-eth: execute xdp_do_flush() before napi_complete_done()
    - sfc: correctly advertise tunneled IPv6 segmentation
    - net: phy: dp83822: Fix null pointer access on DP83825/DP83826 devices
    - block/bfq-iosched.c: use "false" rather than "BLK_RW_ASYNC"
    - block, bfq: replace 0/1 with false/true in bic apis
    - block, bfq: fix uaf for bfqq in bic_set_bfqq()
    - netrom: Fix use-after-free caused by accept on already connected socket
    - drm/i915/guc: Fix locking when searching for a hung request
    - drm/i915/adlp: Fix typo for reference clock
    - netfilter: br_netfilter: disable sabotage_in hook after first suppression
    - squashfs: harden sanity check in squashfs_read_xattr_id_table
    - net: phy: meson-gxl: Add generic dummy stubs for MMD register access
    - ip/ip6_gre: Fix changing addr gen mode not generating IPv6 link local
      address
    - ip/ip6_gre: Fix non-point-to-point tunnel not generating IPv6 link local
      address
    - riscv: kprobe: Fixup kernel panic when probing an illegal position
    - igc: return an error if the mac type is unknown in
      igc_ptp_systim_to_hwtstamp()
    - can: j1939: fix errant WARN_ON_ONCE in j1939_session_deactivate
    - ata: libata: Fix sata_down_spd_limit() when no link speed is reported
    - selftests: net: udpgso_bench_rx: Fix 'used uninitialized' compiler warning
    - selftests: net: udpgso_bench_rx/tx: Stop when wrong CLI args are provided
    - selftests: net: udpgso_bench_tx: Cater for pending datagrams zerocopy
      benchmarking
    - virtio-net: Keep stop() to follow mirror sequence of open()
    - net: openvswitch: fix flow memory leak in ovs_flow_cmd_new
    - efi: fix potential NULL deref in efi_mem_reserve_persistent
    - i2c: designware-pci: Add new PCI IDs for AMD NAVI GPU
    - i2c: mxs: suppress probe-deferral error message
    - scsi: target: core: Fix warning on RT kernels
    - perf/x86/intel: Add Emerald Rapids
    - scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress
    - scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
    - i2c: rk3x: fix a bunch of kernel-doc warnings
    - platform/x86: gigabyte-wmi: add support for B450M DS3H WIFI-CF
    - net/x25: Fix to not accept on connected socket
    - drm/amd/display: Fix timing not changning when freesync video is enabled
    - iio: adc: stm32-dfsdm: fill module aliases
    - usb: dwc3: qcom: enable vbus override when in OTG dr-mode
    - usb: gadget: f_fs: Fix unbalanced spinlock in __ffs_ep0_queue_wait
    - vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
    - Input: i8042 - add Clevo PCX0DX to i8042 quirk table
    - fbcon: Check font dimension limits
    - net: qrtr: free memory on error path in radix_tree_insert()
    - watchdog: diag288_wdt: do not use stack buffers for hardware data
    - watchdog: diag288_wdt: fix __diag288() inline assembly
    - ALSA: hda/realtek: Add Acer Predator PH315-54
    - efi: Accept version 2 of memory attributes table
    - iio: hid: fix the retval in accel_3d_capture_sample
    - iio: hid: fix the retval in gyro_3d_capture_sample
    - iio: adc: berlin2-adc: Add missing of_node_put() in error path
    - iio:adc:twl6030: Enable measurements of VUSB, VBAT and others
    - iio: imu: fxos8700: fix ACCEL measurement range selection
    - iio: imu: fxos8700: fix incomplete ACCEL and MAGN channels readback
    - iio: imu: fxos8700: fix IMU data bits returned to user space
    - iio: imu: fxos8700: fix map label of channel type to MAGN sensor
    - iio: imu: fxos8700: fix swapped ACCEL and MAGN channels readback
    - iio: imu: fxos8700: fix incorrect ODR mode readback
    - iio: imu: fxos8700: fix failed initialization ODR mode assignment
    - iio: imu: fxos8700: remove definition FXOS8700_CTRL_ODR_MIN
    - iio: imu: fxos8700: fix MAGN sensor scale and unit
    - nvmem: qcom-spmi-sdam: fix module autoloading
    - parisc: Fix return code of pdc_iodc_print()
    - parisc: Wire up PTRACE_GETREGS/PTRACE_SETREGS for compat case
    - riscv: disable generation of unwind tables
    - mm: hugetlb: proc: check for hugetlb shared PMD in /proc/PID/smaps
    - usb: gadget: f_uac2: Fix incorrect increment of bNumEndpoints
    - kernel/irq/irqdomain.c: fix memory leak with using debugfs_lookup()
    - x86/debug: Fix stack recursion caused by wrongly ordered DR7 accesses
    - fpga: stratix10-soc: Fix return value check in s10_ops_write_init()
    - mm/swapfile: add cond_resched() in get_swap_pages()
    - highmem: round down the address passed to kunmap_flush_on_unmap()
    - Squashfs: fix handling and sanity checking of xattr_ids count
    - drm/i915: Fix potential bit_17 double-free
    - nvmem: core: initialise nvmem->id early
    - nvmem: core: remove nvmem_config wp_gpio
    - nvmem: core: fix cell removal on error
    - serial: 8250_dma: Fix DMA Rx completion race
    - serial: 8250_dma: Fix DMA Rx rearm race
    - phy: qcom-qmp-combo: disable runtime PM on unbind
    - phy: qcom-qmp-combo: fix memleak on probe deferral
    - phy: qcom-qmp-usb: fix memleak on probe deferral
    - phy: qcom-qmp-combo: fix broken power on
    - phy: qcom-qmp-combo: fix runtime suspend
    - bpf: Fix incorrect state pruning for <8B spill/fill
    - bpf: Do not reject when the stack read size is different from the tracked
      scalar size
    - iio:adc:twl6030: Enable measurement of VAC
    - powerpc/imc-pmu: Revert nest_init_lock to being a mutex
    - fs/ntfs3: Validate attribute data and valid sizes
    - ovl: Use "buf" flexible array for memcpy() destination
    - fbdev: smscufx: fix error handling code in ufx_usb_probe
    - f2fs: fix to do sanity check on i_extra_isize in is_alive()
    - wifi: brcmfmac: Check the count value of channel spec to prevent out-of-
      bounds reads
    - gfs2: Cosmetic gfs2_dinode_{in,out} cleanup
    - gfs2: Always check inode size of inline inodes
    - bpf: Skip invalid kfunc call in backtrack_insn
    - Linux 5.15.93
  * CVE-2023-1118
    - media: rc: Fix use-after-free bugs caused by ene_tx_irqsim()
  * [SRU][Ubuntu 22.04.1]: Observed "Array Index out of bounds" Call Trace
    multiple times on Ubuntu 22.04.1 OS during boot (LP: #2008157)
    - scsi: megaraid_sas: Replace one-element array with flexible-array member in
      MR_FW_RAID_MAP
    - scsi: megaraid_sas: Replace one-element array with flexible-array member in
      MR_FW_RAID_MAP_DYNAMIC
    - scsi: megaraid_sas: Replace one-element array with flexible-array member in
      MR_DRV_RAID_MAP
    - scsi: megaraid_sas: Replace one-element array with flexible-array member in
      MR_PD_CFG_SEQ_NUM_SYNC
    - scsi: megaraid_sas: Use struct_size() in code related to struct
      MR_FW_RAID_MAP
    - scsi: megaraid_sas: Use struct_size() in code related to struct
      MR_PD_CFG_SEQ_NUM_SYNC
  * Revert "net/sched: taprio: make qdisc_leaf() see the per-netdev-queue pfifo
    child qdiscs" (LP: #2011926)
    - Revert "net/sched: taprio: make qdisc_leaf() see the per-netdev-queue pfifo
      child qdiscs"

linux-aws-5.15 (5.15.0-1035.39~20.04.1) focal; urgency=medium

* focal/linux-aws-5.15: 5.15.0-1035.39~20.04.1 -proposed tracker
    (LP: #2016780)

* CVE-2023-1829
    - [Config]: Make sure CONFIG_NET_CLS_TCINDEX is not available

[ Ubuntu: 5.15.0-1035.39 ]

* jammy/linux-aws: 5.15.0-1035.39 -proposed tracker (LP: #2016781)
  * CVE-2023-1829
    - [Config]: Make sure CONFIG_NET_CLS_TCINDEX is not available
  * jammy/linux: 5.15.0-71.78 -proposed tracker (LP: #2016820)
  * CVE-2023-1872
    - io_uring: add missing lock in io_get_file_fixed
    - io_uring: ensure that io_init_req() passes in the right issue_flags
  * CVE-2023-1829
    - net/sched: Retire tcindex classifier
    - [Config]: Make sure CONFIG_NET_CLS_TCINDEX is not available

linux-aws-5.15 (5.15.0-1034.38~20.04.1) focal; urgency=medium

* focal/linux-aws-5.15: 5.15.0-1034.38~20.04.1 -proposed tracker
    (LP: #2011878)

[ Ubuntu: 5.15.0-1034.38 ]

* jammy/linux-aws: 5.15.0-1034.38 -proposed tracker (LP: #2011879)
  * Packaging resync (LP: #1786013)
    - [Packaging] update variants
  * jammy/linux: 5.15.0-70.77 -proposed tracker (LP: #2011918)
  * CVE-2023-26545
    - net: mpls: fix stale pointer if allocation fails during device rename
  * CVE-2023-1281
    - net/sched: tcindex: update imperfect hash filters respecting rcu
  * [SRU][Ubuntu 22.04.1] mpi3mr: Add management application interface(BSG)
    support (LP: #1971151)
    - scsi: mpi3mr: Add bsg device support
    - scsi: mpi3mr: Add support for driver commands
    - scsi: mpi3mr: Move data structures/definitions from MPI headers to uapi
      header
    - scsi: mpi3mr: Add support for MPT commands
    - scsi: mpi3mr: Add support for PEL commands
    - scsi: mpi3mr: Expose adapter state to sysfs
    - scsi: mpi3mr: Add support for NVMe passthrough
    - scsi: mpi3mr: Update driver version to 8.0.0.69.0
    - scsi: mpi3mr: Increase I/O timeout value to 60s
    - scsi: mpi3mr: Hidden drives not removed during soft reset
    - scsi: mpi3mr: Return I/Os to an unrecoverable HBA with DID_ERROR
    - scsi: mpi3mr: Fix a NULL vs IS_ERR() bug in mpi3mr_bsg_init()
    - scsi: mpi3mr: Return error if dma_alloc_coherent() fails
    - scsi: mpi3mr: Add shost related sysfs attributes
    - scsi: mpi3mr: Add target device related sysfs attributes
    - scsi: mpi3mr: Rework mrioc->bsg_device model to fix warnings
    - scsi: mpi3mr: Fix kernel-doc
  * cpufreq: intel_pstate: Update Balance performance EPP for Sapphire Rapids
    (LP: #2008519)
    - cpufreq: intel_pstate: Update EPP for AlderLake mobile
    - cpufreq: intel_pstate: Adjust balance_performance EPP for Sapphire Rapids
  * Fail to output sound to external monitor which connects via docking station
    (LP: #2009024)
    - [Config] Enable CONFIG_SND_HDA_INTEL_HDMI_SILENT_STREAM
  * Fix mediatek wifi driver crash when loading wrong SAR table (LP: #2009118)
    - wifi: mt76: mt7921: fix error code of return in mt7921_acpi_read
  * Jammy update: v5.15.92 upstream stable release (LP: #2011472)
    - ARM: dts: imx: Fix pca9547 i2c-mux node name
    - ARM: dts: vf610: Fix pca9548 i2c-mux node names
    - arm64: dts: freescale: Fix pca954x i2c-mux node names
    - arm64: dts: imx8mq-thor96: fix no-mmc property for SDHCI
    - firmware: arm_scmi: Clear stale xfer->hdr.status
    - bpf: Skip task with pid=1 in send_signal_common()
    - erofs/zmap.c: Fix incorrect offset calculation
    - blk-cgroup: fix missing pd_online_fn() while activating policy
    - HID: playstation: sanity check DualSense calibration data.
    - dmaengine: imx-sdma: Fix a possible memory leak in sdma_transfer_init
    - cifs: fix return of uninitialized rc in dfs_cache_update_tgthint()
    - extcon: usbc-tusb320: fix kernel-doc warning
    - Bluetooth: fix null ptr deref on hci_sync_conn_complete_evt
    - tools: fix ARRAY_SIZE defines in tools and selftests hdrs
    - selftests/vm: remove ARRAY_SIZE define from individual tests
    - selftests: Provide local define of __cpuid_count()
    - net: fix NULL pointer in skb_segment_list
    - net: mctp: purge receive queues on sk destruction
    - Linux 5.15.92
  * Jammy update: v5.15.91 upstream stable release (LP: #2011467)
    - memory: tegra: Remove clients SID override programming
    - memory: atmel-sdramc: Fix missing clk_disable_unprepare in
      atmel_ramc_probe()
    - memory: mvebu-devbus: Fix missing clk_disable_unprepare in
      mvebu_devbus_probe()
    - dmaengine: ti: k3-udma: Do conditional decrement of
      UDMA_CHAN_RT_PEER_BCNT_REG
    - arm64: dts: imx8mp-phycore-som: Remove invalid PMIC property
    - ARM: dts: imx6ul-pico-dwarf: Use 'clock-frequency'
    - ARM: dts: imx7d-pico: Use 'clock-frequency'
    - ARM: dts: imx6qdl-gw560x: Remove incorrect 'uart-has-rtscts'
    - arm64: dts: imx8mm-beacon: Fix ecspi2 pinmux
    - ARM: imx: add missing of_node_put()
    - HID: intel_ish-hid: Add check for ishtp_dma_tx_map
    - arm64: dts: imx8mm-venice-gw7901: fix USB2 controller OC polarity
    - soc: imx8m: Fix incorrect check for of_clk_get_by_name()
    - reset: uniphier-glue: Use reset_control_bulk API
    - reset: uniphier-glue: Fix possible null-ptr-deref
    - EDAC/highbank: Fix memory leak in highbank_mc_probe()
    - firmware: arm_scmi: Harden shared memory access in fetch_response
    - firmware: arm_scmi: Harden shared memory access in fetch_notification
    - tomoyo: fix broken dependency on *.conf.default
    - RDMA/core: Fix ib block iterator counter overflow
    - IB/hfi1: Reject a zero-length user expected buffer
    - IB/hfi1: Reserve user expected TIDs
    - IB/hfi1: Fix expected receive setup error exit issues
    - IB/hfi1: Immediately remove invalid memory from hardware
    - IB/hfi1: Remove user expected buffer invalidate race
    - affs: initialize fsdata in affs_truncate()
    - PM: AVS: qcom-cpr: Fix an error handling path in cpr_probe()
    - arm64: dts: qcom: msm8992: Don't use sfpb mutex
    - arm64: dts: qcom: msm8992-libra: Add CPU regulators
    - arm64: dts: qcom: msm8992-libra: Fix the memory map
    - phy: ti: fix Kconfig warning and operator precedence
    - NFSD: fix use-after-free in nfsd4_ssc_setup_dul()
    - ARM: dts: at91: sam9x60: fix the ddr clock for sam9x60
    - amd-xgbe: TX Flow Ctrl Registers are h/w ver dependent
    - amd-xgbe: Delay AN timeout during KR training
    - bpf: Fix pointer-leak due to insufficient speculative store bypass
      mitigation
    - phy: rockchip-inno-usb2: Fix missing clk_disable_unprepare() in
      rockchip_usb2phy_power_on()
    - net: nfc: Fix use-after-free in local_cleanup()
    - net: wan: Add checks for NULL for utdm in undo_uhdlc_init and unmap_si_regs
    - net: enetc: avoid deadlock in enetc_tx_onestep_tstamp()
    - sch_htb: Avoid grafting on htb_destroy_class_offload when destroying htb
    - gpio: use raw spinlock for gpio chip shadowed data
    - gpio: mxc: Protect GPIO irqchip RMW with bgpio spinlock
    - gpio: mxc: Always set GPIOs used as interrupt source to INPUT mode
    - pinctrl/rockchip: Use temporary variable for struct device
    - pinctrl/rockchip: add error handling for pull/drive register getters
    - pinctrl: rockchip: fix reading pull type on rk3568
    - net: stmmac: Fix queue statistics reading
    - net/sched: sch_taprio: fix possible use-after-free
    - l2tp: Serialize access to sk_user_data with sk_callback_lock
    - l2tp: Don't sleep and disable BH under writer-side sk_callback_lock
    - l2tp: convert l2tp_tunnel_list to idr
    - l2tp: close all race conditions in l2tp_tunnel_register()
    - octeontx2-pf: Avoid use of GFP_KERNEL in atomic context
    - net: usb: sr9700: Handle negative len
    - net: mdio: validate parameter addr in mdiobus_get_phy()
    - HID: check empty report_list in hid_validate_values()
    - HID: check empty report_list in bigben_probe()
    - net: stmmac: fix invalid call to mdiobus_get_phy()
    - pinctrl: rockchip: fix mux route data for rk3568
    - HID: revert CHERRY_MOUSE_000C quirk
    - usb: gadget: f_fs: Prevent race during ffs_ep0_queue_wait
    - usb: gadget: f_fs: Ensure ep0req is dequeued before free_request
    - Bluetooth: Fix possible deadlock in rfcomm_sk_state_change
    - net: ipa: disable ipa interrupt during suspend
    - net/mlx5: E-switch, Fix setting of reserved fields on
      MODIFY_SCHEDULING_ELEMENT
    - net: mlx5: eliminate anonymous module_init & module_exit
    - drm/panfrost: fix GENERIC_ATOMIC64 dependency
    - dmaengine: Fix double increment of client_count in dma_chan_get()
    - net: macb: fix PTP TX timestamp failure due to packet padding
    - virtio-net: correctly enable callback during start_xmit
    - l2tp: prevent lockdep issue in l2tp_tunnel_register()
    - HID: betop: check shape of output reports
    - cifs: fix potential deadlock in cache_refresh_path()
    - dmaengine: xilinx_dma: call of_node_put() when breaking out of
      for_each_child_of_node()
    - phy: phy-can-transceiver: Skip warning if no "max-bitrate"
    - drm/amd/display: fix issues with driver unload
    - nvme-pci: fix timeout request state check
    - tcp: avoid the lookup process failing to get sk in ehash table
    - octeontx2-pf: Fix the use of GFP_KERNEL in atomic context on rt
    - ptdma: pt_core_execute_cmd() should use spinlock
    - device property: fix of node refcount leak in
      fwnode_graph_get_next_endpoint()
    - w1: fix deadloop in __w1_remove_master_device()
    - w1: fix WARNING after calling w1_process()
    - driver core: Fix test_async_probe_init saves device in wrong array
    - selftests/net: toeplitz: fix race on tpacket_v3 block close
    - net: dsa: microchip: ksz9477: port map correction in ALU table entry
      register
    - thermal/core: Remove duplicate information when an error occurs
    - thermal/core: Rename 'trips' to 'num_trips'
    - thermal: Validate new state in cur_state_store()
    - thermal/core: fix error code in __thermal_cooling_device_register()
    - thermal: core: call put_device() only after device_register() fails
    - net: stmmac: enable all safety features by default
    - tcp: fix rate_app_limited to default to 1
    - scsi: iscsi: Fix multiple iSCSI session unbind events sent to userspace
    - cpufreq: Add Tegra234 to cpufreq-dt-platdev blocklist
    - kcsan: test: don't put the expect array on the stack
    - cpufreq: Add SM6375 to cpufreq-dt-platdev blocklist
    - ASoC: fsl_micfil: Correct the number of steps on SX controls
    - net: usb: cdc_ether: add support for Thales Cinterion PLS62-W modem
    - drm: Add orientation quirk for Lenovo ideapad D330-10IGL
    - s390/debug: add _ASM_S390_ prefix to header guard
    - s390: expicitly align _edata and _end symbols on page boundary
    - perf/x86/msr: Add Emerald Rapids
    - perf/x86/intel/uncore: Add Emerald Rapids
    - cpufreq: armada-37xx: stop using 0 as NULL pointer
    - ASoC: fsl_ssi: Rename AC'97 streams to avoid collisions with AC'97 CODEC
    - ASoC: fsl-asoc-card: Fix naming of AC'97 CODEC widgets
    - spi: spidev: remove debug messages that access spidev->spi without locking
    - KVM: s390: interrupt: use READ_ONCE() before cmpxchg()
    - scsi: hisi_sas: Set a port invalid only if there are no devices attached
      when refreshing port id
    - r8152: add vendor/device ID pair for Microsoft Devkit
    - platform/x86: touchscreen_dmi: Add info for the CSL Panther Tab HD
    - platform/x86: asus-nb-wmi: Add alternate mapping for KEY_SCREENLOCK
    - lockref: stop doing cpu_relax in the cmpxchg loop
    - firmware: coreboot: Check size of table entry and use flex-array
    - drm/i915: Allow switching away via vga-switcheroo if uninitialized
    - drm/i915: Remove unused variable
    - x86: ACPI: cstate: Optimize C3 entry on AMD CPUs
    - fs: reiserfs: remove useless new_opts in reiserfs_remount
    - sysctl: add a new register_sysctl_init() interface
    - kernel/panic: move panic sysctls to its own file
    - panic: unset panic_on_warn inside panic()
    - ubsan: no need to unset panic_on_warn in ubsan_epilogue()
    - kasan: no need to unset panic_on_warn in end_report()
    - exit: Add and use make_task_dead.
    - objtool: Add a missing comma to avoid string concatenation
    - hexagon: Fix function name in die()
    - h8300: Fix build errors from do_exit() to make_task_dead() transition
    - csky: Fix function name in csky_alignment() and die()
    - ia64: make IA64_MCA_RECOVERY bool instead of tristate
    - panic: Separate sysctl logic from CONFIG_SMP
    - exit: Put an upper limit on how often we can oops
    - exit: Expose "oops_count" to sysfs
    - exit: Allow oops_limit to be disabled
    - panic: Consolidate open-coded panic_on_warn checks
    - panic: Introduce warn_limit
    - panic: Expose "warn_count" to sysfs
    - docs: Fix path paste-o for /sys/kernel/warn_count
    - exit: Use READ_ONCE() for all oops/warn limit reads
    - Bluetooth: hci_sync: cancel cmd_timer if hci_open failed
    - drm/amdgpu: complete gfxoff allow signal during suspend without delay
    - scsi: hpsa: Fix allocation size for scsi_host_alloc()
    - KVM: SVM: fix tsc scaling cache logic
    - module: Don't wait for GOING modules
    - tracing: Make sure trace_printk() can output as soon as it can be used
    - trace_events_hist: add check for return value of 'create_hist_field'
    - ftrace/scripts: Update the instructions for ftrace-bisect.sh
    - cifs: Fix oops due to uncleared server->smbd_conn in reconnect
    - i2c: mv64xxx: Remove shutdown method from driver
    - i2c: mv64xxx: Add atomic_xfer method to driver
    - ksmbd: add smbd max io size parameter
    - ksmbd: add max connections parameter
    - ksmbd: do not sign response to session request for guest login
    - ksmbd: downgrade ndr version error message to debug
    - ksmbd: limit pdu length size according to connection status
    - ovl: fail on invalid uid/gid mapping at copy up
    - KVM: x86/vmx: Do not skip segment attributes if unusable bit is set
    - KVM: arm64: GICv4.1: Fix race with doorbell on VPE activation/deactivation
    - thermal: intel: int340x: Protect trip temperature from concurrent updates
    - ipv6: fix reachability confirmation with proxy_ndp
    - ARM: 9280/1: mm: fix warning on phys_addr_t to void pointer assignment
    - EDAC/device: Respect any driver-supplied workqueue polling value
    - EDAC/qcom: Do not pass llcc_driv_data as edac_device_ctl_info's pvt_info
    - net: mana: Fix IRQ name - add PCI and queue number
    - scsi: ufs: core: Fix devfreq deadlocks
    - i2c: designware: use casting of u64 in clock multiplication to avoid
      overflow
    - netlink: prevent potential spectre v1 gadgets
    - net: fix UaF in netns ops registration error path
    - drm/i915/selftest: fix intel_selftest_modify_policy argument types
    - netfilter: nft_set_rbtree: Switch to node list walk for overlap detection
    - netfilter: nft_set_rbtree: skip elements in transaction from garbage
      collection
    - netlink: annotate data races around nlk->portid
    - netlink: annotate data races around dst_portid and dst_group
    - netlink: annotate data races around sk_state
    - ipv4: prevent potential spectre v1 gadget in ip_metrics_convert()
    - ipv4: prevent potential spectre v1 gadget in fib_metrics_match()
    - netfilter: conntrack: fix vtag checks for ABORT/SHUTDOWN_COMPLETE
    - netrom: Fix use-after-free of a listening socket.
    - net/sched: sch_taprio: do not schedule in taprio_reset()
    - sctp: fail if no bound addresses can be used for a given scope
    - riscv/kprobe: Fix instruction simulation of JALR
    - nvme: fix passthrough csi check
    - gpio: mxc: Unlock on error path in mxc_flip_edge()
    - ravb: Rename "no_ptp_cfg_active" and "ptp_cfg_active" variables
    - net: ravb: Fix lack of register setting after system resumed for Gen3
    - net: ravb: Fix possible hang if RIS2_QFF1 happen
    - net: mctp: mark socks as dead on unhash, prevent re-add
    - thermal: intel: int340x: Add locking to int340x_thermal_get_trip_type()
    - net/tg3: resolve deadlock in tg3_reset_task() during EEH
    - net: mdio-mux-meson-g12a: force internal PHY off on mux switch
    - treewide: fix up files incorrectly marked executable
    - tools: gpio: fix -c option of gpio-event-mon
    - Revert "Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI
      mode"
    - cpufreq: Move to_gov_attr_set() to cpufreq.h
    - cpufreq: governor: Use kobject release() method to free dbs_data
    - kbuild: Allow kernel installation packaging to override pkg-config
    - block: fix and cleanup bio_check_ro
    - x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL
    - netfilter: conntrack: unify established states for SCTP paths
    - perf/x86/amd: fix potential integer overflow on shift of a int
    - Linux 5.15.91
  * Kernel livepatch support for for s390x (LP: #1639924)
    - sched: Improve try_invoke_on_locked_down_task()
    - sched,rcu: Rework try_invoke_on_locked_down_task()
    - sched,livepatch: Use task_call_func()
    - sched: Simplify wake_up_*idle*()
    - sched,livepatch: Use wake_up_if_idle()
    - sched: Improve wake_up_all_idle_cpus() take #2
    - s390/entry: remove unused expoline thunk
    - s390: remove unused expoline to BC instructions
    - s390/nospec: generate single register thunks if possible
    - s390/nospec: add an option to use thunk-extern
    - s390/nospec: align and size extern thunks
    - bug: Use normal relative pointers in 'struct bug_entry'
    - s390/nospec: build expoline.o for modules_prepare target
    - [Config] Enable EXPOLINE_EXTERN on s390x
    - [Config] s390x: Removing UBSAN from configuration
  * Do not sort the task scan result from /proc when synthesizing perf events
    (LP: #2008971)
    - perf synthetic-events: Don't sort the task scan result from /proc
  * linux: Staging modules should be unsigned (LP: #1642368)
    - [Packaging] Move and update signature inclusion list
    - SAUCE: Add selective signing of staging modules
    - [Packaging] Add module-signature-check
    - [Packaging] module-signature-check: Check debian.<foo>/signature-inclusion
    - [Packaging] Introduce debian/scripts/sign-module
    - SAUCE: Switch to using debian/scripts/sign-module
  * Jammy update: v5.15.90 upstream stable release (LP: #2008933)
    - btrfs: fix trace event name typo for FLUSH_DELAYED_REFS
    - pNFS/filelayout: Fix coalescing test for single DS
    - tools/virtio: initialize spinlocks in vring_test.c
    - virtio_pci: modify ENOENT to EINVAL
    - vduse: Validate vq_num in vduse_validate_config()
    - net/ethtool/ioctl: return -EOPNOTSUPP if we have no phy stats
    - r8169: move rtl_wol_enable_rx() and rtl_prepare_power_down()
    - RDMA/srp: Move large values to a new enum for gcc13
    - btrfs: always report error in run_one_delayed_ref()
    - x86/asm: Fix an assembler warning with current binutils
    - f2fs: let's avoid panic if extent_tree is not created
    - perf/x86/rapl: Treat Tigerlake like Icelake
    - fbdev: omapfb: avoid stack overflow warning
    - Bluetooth: hci_qca: Fix driver shutdown on closed serdev
    - wifi: brcmfmac: fix regression for Broadcom PCIe wifi devices
    - wifi: mac80211: sdata can be NULL during AMPDU start
    - Add exception protection processing for vd in axi_chan_handle_err function
    - zonefs: Detect append writes at invalid locations
    - nilfs2: fix general protection fault in nilfs_btree_insert()
    - efi: fix userspace infinite retry read efivars after EFI runtime services
      page fault
    - ALSA: hda/realtek: fix mute/micmute LEDs for a HP ProBook
    - ALSA: hda/realtek: fix mute/micmute LEDs don't work for a HP platform
    - drm/amdgpu: disable runtime pm on several sienna cichlid cards(v2)
    - drm/amd: Delay removal of the firmware framebuffer
    - hugetlb: unshare some PMDs when splitting VMAs
    - io_uring: don't gate task_work run on TIF_NOTIFY_SIGNAL
    - eventpoll: add EPOLL_URING_WAKE poll wakeup flag
    - eventfd: provide a eventfd_signal_mask() helper
    - io_uring: pass in EPOLL_URING_WAKE for eventfd signaling and wakeups
    - io_uring: improve send/recv error handling
    - io_uring: ensure recv and recvmsg handle MSG_WAITALL correctly
    - io_uring: add flag for disabling provided buffer recycling
    - io_uring: support MSG_WAITALL for IORING_OP_SEND(MSG)
    - io_uring: allow re-poll if we made progress
    - io_uring: fix async accept on O_NONBLOCK sockets
    - io_uring: ensure that cached task references are always put on exit
    - io_uring: remove duplicated calls to io_kiocb_ppos
    - io_uring: update kiocb->ki_pos at execution time
    - io_uring: do not recalculate ppos unnecessarily
    - io_uring/rw: defer fsnotify calls to task context
    - xhci-pci: set the dma max_seg_size
    - usb: xhci: Check endpoint is valid before dereferencing it
    - xhci: Fix null pointer dereference when host dies
    - xhci: Add update_hub_device override for PCI xHCI hosts
    - xhci: Add a flag to disable USB3 lpm on a xhci root port level.
    - usb: acpi: add helper to check port lpm capability using acpi _DSM
    - xhci: Detect lpm incapable xHC USB3 roothub ports from ACPI tables
    - prlimit: do_prlimit needs to have a speculation check
    - USB: serial: option: add Quectel EM05-G (GR) modem
    - USB: serial: option: add Quectel EM05-G (CS) modem
    - USB: serial: option: add Quectel EM05-G (RS) modem
    - USB: serial: option: add Quectel EC200U modem
    - USB: serial: option: add Quectel EM05CN (SG) modem
    - USB: serial: option: add Quectel EM05CN modem
    - staging: vchiq_arm: fix enum vchiq_status return types
    - USB: misc: iowarrior: fix up header size for USB_DEVICE_ID_CODEMERCS_IOW100
    - misc: fastrpc: Don't remove map on creater_process and device_release
    - misc: fastrpc: Fix use-after-free race condition for maps
    - usb: core: hub: disable autosuspend for TI TUSB8041
    - comedi: adv_pci1760: Fix PWM instruction handling
    - ACPI: PRM: Check whether EFI runtime is available
    - mmc: sunxi-mmc: Fix clock refcount imbalance during unbind
    - mmc: sdhci-esdhc-imx: correct the tuning start tap and step setting
    - btrfs: do not abort transaction on failure to write log tree when syncing
      log
    - btrfs: fix race between quota rescan and disable leading to NULL pointer
      deref
    - cifs: do not include page data when checking signature
    - thunderbolt: Use correct function to calculate maximum USB3 link rate
    - riscv: dts: sifive: fu740: fix size of pcie 32bit memory
    - bpf: restore the ebpf program ID for BPF_AUDIT_UNLOAD and
      PERF_BPF_EVENT_PROG_UNLOAD
    - staging: mt7621-dts: change some node hex addresses to lower case
    - tty: serial: qcom-geni-serial: fix slab-out-of-bounds on RX FIFO buffer
    - tty: fix possible null-ptr-defer in spk_ttyio_release
    - USB: serial: cp210x: add SCALANCE LPE-9000 device id
    - usb: cdns3: remove fetched trb from cache before dequeuing
    - usb: host: ehci-fsl: Fix module alias
    - usb: typec: tcpm: Fix altmode re-registration causes sysfs create fail
    - usb: typec: altmodes/displayport: Add pin assignment helper
    - usb: typec: altmodes/displayport: Fix pin assignment calculation
    - usb: gadget: g_webcam: Send color matching descriptor per frame
    - usb: gadget: f_ncm: fix potential NULL ptr deref in ncm_bitrate()
    - usb-storage: apply IGNORE_UAS only for HIKSEMI MD202 on RTL9210
    - dt-bindings: phy: g12a-usb2-phy: fix compatible string documentation
    - dt-bindings: phy: g12a-usb3-pcie-phy: fix compatible string documentation
    - serial: pch_uart: Pass correct sg to dma_unmap_sg()
    - dmaengine: lgm: Move DT parsing after initialization
    - dmaengine: tegra210-adma: fix global intr clear
    - dmaengine: idxd: Let probe fail when workqueue cannot be enabled
    - serial: amba-pl011: fix high priority character transmission in rs486 mode
    - serial: atmel: fix incorrect baudrate setup
    - gsmi: fix null-deref in gsmi_get_variable
    - mei: me: add meteor lake point M DID
    - drm/i915: re-disable RC6p on Sandy Bridge
    - drm/i915/display: Check source height is > 0
    - drm/amd/display: Fix set scaling doesn's work
    - drm/amd/display: Calculate output_color_space after pixel encoding
      adjustment
    - drm/amd/display: Fix COLOR_SPACE_YCBCR2020_TYPE matrix
    - drm/amdgpu: drop experimental flag on aldebaran
    - fs/ntfs3: Fix attr_punch_hole() null pointer derenference
    - arm64: efi: Execute runtime services from a dedicated stack
    - efi: rt-wrapper: Add missing include
    - x86/fpu: Use _Alignof to avoid undefined behavior in TYPE_ALIGN
    - tracing: Use alignof__(struct {type b;}) instead of offsetof()
    - io_uring: io_kiocb_update_pos() should not touch file for non -1 offset
    - io_uring/net: fix fast_iov assignment in io_setup_async_msg()
    - net/mlx5: fix missing mutex_unlock in mlx5_fw_fatal_reporter_err_work()
    - block: mq-deadline: Rename deadline_is_seq_writes()
    - soc: qcom: apr: Make qcom,protection-domain optional again
    - mm/khugepaged: fix collapse_pte_mapped_thp() to allow anon_vma
    - io_uring: Clean up a false-positive warning from GCC 9.3.0
    - io_uring: fix double poll leak on repolling
    - io_uring/rw: ensure kiocb_end_write() is always called
    - io_uring/rw: remove leftover debug statement
    - Linux 5.15.90
  * Jammy update: v5.15.89 upstream stable release (LP: #2008929)
    - ALSA: control-led: use strscpy in set_led_id()
    - ALSA: hda/realtek - Turn on power early
    - ALSA: hda/realtek: Enable mute/micmute LEDs on HP Spectre x360 13-aw0xxx
    - KVM: arm64: Fix S1PTW handling on RO memslots
    - KVM: arm64: nvhe: Fix build with profile optimization
    - selftests: kvm: Fix a compile error in selftests/kvm/rseq_test.c
    - efi: tpm: Avoid READ_ONCE() for accessing the event log
    - docs: Fix the docs build with Sphinx 6.0
    - net: stmmac: add aux timestamps fifo clearance wait
    - perf auxtrace: Fix address filter duplicate symbol selection
    - s390/kexec: fix ipl report address for kdump
    - ASoC: qcom: lpass-cpu: Fix fallback SD line index handling
    - s390/cpum_sf: add READ_ONCE() semantics to compare and swap loops
    - s390/percpu: add READ_ONCE() to arch_this_cpu_to_op_simple()
    - drm/virtio: Fix GEM handle creation UAF
    - drm/i915/gt: Reset twice
    - net/mlx5e: Set action fwd flag when parsing tc action goto
    - cifs: Fix uninitialized memory read for smb311 posix symlink create
    - platform/x86: dell-privacy: Only register SW_CAMERA_LENS_COVER if present
    - platform/surface: aggregator: Ignore command messages not intended for us
    - platform/x86: dell-privacy: Fix SW_CAMERA_LENS_COVER reporting
    - dt-bindings: msm: dsi-controller-main: Fix operating-points-v2 constraint
    - drm/msm/adreno: Make adreno quirks not overwrite each other
    - dt-bindings: msm: dsi-controller-main: Fix power-domain constraint
    - dt-bindings: msm: dsi-controller-main: Fix description of core clock
    - dt-bindings: msm: dsi-phy-28nm: Add missing qcom, dsi-phy-regulator-ldo-mode
    - platform/x86: ideapad-laptop: Add Legion 5 15ARH05 DMI id to
      set_fn_lock_led_list[]
    - drm/msm/dp: do not complete dp_aux_cmd_fifo_tx() if irq is not for aux
      transfer
    - dt-bindings: msm/dsi: Don't require vdds-supply on 10nm PHY
    - dt-bindings: msm/dsi: Don't require vcca-supply on 14nm PHY
    - platform/x86: sony-laptop: Don't turn off 0x153 keyboard backlight during
      probe
    - ixgbe: fix pci device refcount leak
    - ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
    - bus: mhi: host: Fix race between channel preparation and M0 event
    - usb: ulpi: defer ulpi_register on ulpi_read_id timeout
    - iommu/iova: Fix alloc iova overflows issue
    - iommu/mediatek-v1: Fix an error handling path in mtk_iommu_v1_probe()
    - sched/core: Fix use-after-free bug in dup_user_cpus_ptr()
    - netfilter: ipset: Fix overflow before widen in the bitmap_ip_create()
      function.
    - powerpc/imc-pmu: Fix use of mutex in IRQs disabled section
    - x86/boot: Avoid using Intel mnemonics in AT&T syntax asm
    - EDAC/device: Fix period calculation in edac_device_reset_delay_period()
    - x86/resctrl: Fix task CLOSID/RMID update race
    - regulator: da9211: Use irq handler when ready
    - scsi: mpi3mr: Refer CONFIG_SCSI_MPI3MR in Makefile
    - scsi: ufs: Stop using the clock scaling lock in the error handler
    - scsi: ufs: core: WLUN suspend SSU/enter hibern8 fail recovery
    - ASoC: wm8904: fix wrong outputs volume after power reactivation
    - ALSA: usb-audio: Make sure to stop endpoints before closing EPs
    - ALSA: usb-audio: Relax hw constraints for implicit fb sync
    - tipc: fix unexpected link reset due to discovery messages
    - octeontx2-af: Fix LMAC config in cgx_lmac_rx_tx_enable
    - hvc/xen: lock console list traversal
    - nfc: pn533: Wait for out_urb's completion in pn533_usb_send_frame()
    - af_unix: selftest: Fix the size of the parameter to connect()
    - tools/nolibc: x86: Remove `r8`, `r9` and `r10` from the clobber list
    - tools/nolibc: x86-64: Use `mov $60,%eax` instead of `mov $60,%rax`
    - tools/nolibc: use pselect6 on RISCV
    - tools/nolibc/std: move the standard type definitions to std.h
    - tools/nolibc/types: split syscall-specific definitions into their own files
    - tools/nolibc/arch: split arch-specific code into individual files
    - tools/nolibc/arch: mark the _start symbol as weak
    - tools/nolibc: Remove .global _start from the entry point code
    - tools/nolibc: restore mips branch ordering in the _start block
    - tools/nolibc: fix the O_* fcntl/open macro definitions for riscv
    - net/sched: act_mpls: Fix warning during failed attribute validation
    - net/mlx5: Fix ptp max frequency adjustment range
    - net/mlx5e: Don't support encap rules with gbp option
    - perf build: Properly guard libbpf includes
    - igc: Fix PPS delta between two synchronized end-points
    - platform/surface: aggregator: Add missing call to ssam_request_sync_free()
    - Documentation: KVM: add API issues section
    - KVM: x86: Do not return host topology information from
      KVM_GET_SUPPORTED_CPUID
    - io_uring: lock overflowing for IOPOLL
    - arm64: atomics: format whitespace consistently
    - arm64: atomics: remove LL/SC trampolines
    - arm64: cmpxchg_double*: hazard against entire exchange variable
    - efi: fix NULL-deref in init error path
    - io_uring/io-wq: free worker if task_work creation is canceled
    - io_uring/io-wq: only free worker if it was allocated for creation
    - block: handle bio_split_to_limits() NULL return
    - Revert "usb: ulpi: defer ulpi_register on ulpi_read_id timeout"
    - pinctrl: amd: Add dynamic debugging for active GPIOs
    - Linux 5.15.89
  * Jammy update: v5.15.88 upstream stable release (LP: #2008927)
    - parisc: Align parisc MADV_XXX constants with all other architectures
    - serial: fixup backport of "serial: Deassert Transmit Enable on probe in
      driver-specific way"
    - net: sched: disallow noqueue for qdisc classes
    - ALSA: hda/hdmi: Add a HP device 0x8715 to force connect list
    - ALSA: hda - Enable headset mic on another Dell laptop with ALC3254
    - Linux 5.15.88
  * Fix selftests/ftracetests/Meta-selftests (LP: #2006453)
    - selftests/ftrace: Fix bash specific "==" operator
  * jammy/linux: 5.15.0-69.76 -proposed tracker (LP: #2012092)
  * NFS deathlock with last Kernel 5.4.0-144.161 and 5.15.0-67.74 (LP: #2009325)
    - NFS: Correct timing for assigning access cache timestamp

linux-aws-5.15 (5.15.0-1033.37~20.04.1) focal; urgency=medium

* focal/linux-aws-5.15: 5.15.0-1033.37~20.04.1 -proposed tracker
    (LP: #2012001)

[ Ubuntu: 5.15.0-1033.37 ]

* jammy/linux-aws: 5.15.0-1033.37 -proposed tracker (LP: #2011997)
  * NFS deathlock with last Kernel 5.4.0-144.161 and 5.15.0-67.74 (LP: #2009325)
    - NFS: Correct timing for assigning access cache timestamp

linux-aws-5.15 (5.15.0-1032.36~20.04.1) focal; urgency=medium

* focal/linux-aws-5.15: 5.15.0-1032.36~20.04.1 -proposed tracker
    (LP: #2008307)

* Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2023.02.27)

[ Ubuntu: 5.15.0-1032.36 ]

* jammy/linux-aws: 5.15.0-1032.36 -proposed tracker (LP: #2008308)
  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2023.02.27)
  * jammy/linux: 5.15.0-68.75 -proposed tracker (LP: #2008349)
  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2023.02.27)
  * Ubuntu 22.04 kernel 5.15.0-46-generic leaks kernel memory in kmalloc-2k
    slabs (LP: #1987430)
    - SAUCE: audit: fix memory leak of audit_log_lsm()
  * [EGS] Backport intel_idle support for Eagle Stream Ubuntu 22.04 release
    (LP: #2003267)
    - intel_idle: add SPR support
    - intel_idle: add 'preferred_cstates' module argument
    - intel_idle: add core C6 optimization for SPR
    - cpuidle: intel_idle: Drop redundant backslash at line end
    - intel_idle: Fix the 'preferred_cstates' module parameter
    - intel_idle: Fix SPR C6 optimization
    - intel_idle: make SPR C1 and C1E be independent
  * Fix speaker mute hotkey doesn't work on Dell G16 series (LP: #2003161)
    - platform/x86: dell-wmi: Add a keymap for KEY_MUTE in type 0x0010 table
  * Fix the ACPI _CPC not found error from kernel dmesg on some dynamic SSDT
    table loaded firmwares (LP: #2006077)
    - ACPI: bus: Avoid using CPPC if not supported by firmware
    - ACPI: bus: Set CPPC _OSC bits for all and when CPPC_LIB is supported
    - ACPI: CPPC: Only probe for _CPC if CPPC v2 is acked
  * rtcpie in timers from ubuntu_kernel_selftests randomly failing
    (LP: #1814234)
    - SAUCE: selftest: rtcpie: Force passing unreliable subtest
  * Jammy update: v5.15.87 upstream stable release (LP: #2007441)
    - usb: dwc3: qcom: Fix memory leak in dwc3_qcom_interconnect_init
    - cifs: fix oops during encryption
    - nvme-pci: fix doorbell buffer value endianness
    - nvme-pci: fix mempool alloc size
    - nvme-pci: fix page size checks
    - ACPI: resource: do IRQ override on LENOVO IdeaPad
    - ACPI: resource: do IRQ override on XMG Core 15
    - ACPI: resource: do IRQ override on Lenovo 14ALC7
    - block, bfq: fix uaf for bfqq in bfq_exit_icq_bfqq
    - ata: ahci: Fix PCS quirk application for suspend
    - nvme: fix the NVME_CMD_EFFECTS_CSE_MASK definition
    - nvmet: don't defer passthrough commands with trivial effects to the
      workqueue
    - fs/ntfs3: Validate BOOT record_size
    - fs/ntfs3: Add overflow check for attribute size
    - fs/ntfs3: Validate data run offset
    - fs/ntfs3: Add null pointer check to attr_load_runs_vcn
    - fs/ntfs3: Fix memory leak on ntfs_fill_super() error path
    - fs/ntfs3: Add null pointer check for inode operations
    - fs/ntfs3: Validate attribute name offset
    - fs/ntfs3: Validate buffer length while parsing index
    - fs/ntfs3: Validate resident attribute name
    - fs/ntfs3: Fix slab-out-of-bounds read in run_unpack
    - soundwire: dmi-quirks: add quirk variant for LAPBC710 NUC15
    - fs/ntfs3: Validate index root when initialize NTFS security
    - fs/ntfs3: Use __GFP_NOWARN allocation at wnd_init()
    - fs/ntfs3: Use __GFP_NOWARN allocation at ntfs_fill_super()
    - fs/ntfs3: Delete duplicate condition in ntfs_read_mft()
    - fs/ntfs3: Fix slab-out-of-bounds in r_page
    - objtool: Fix SEGFAULT
    - powerpc/rtas: avoid device tree lookups in rtas_os_term()
    - powerpc/rtas: avoid scheduling in rtas_os_term()
    - HID: multitouch: fix Asus ExpertBook P2 P2451FA trackpoint
    - HID: plantronics: Additional PIDs for double volume key presses quirk
    - pstore: Properly assign mem_type property
    - pstore/zone: Use GFP_ATOMIC to allocate zone buffer
    - hfsplus: fix bug causing custom uid and gid being unable to be assigned with
      mount
    - binfmt: Fix error return code in load_elf_fdpic_binary()
    - ovl: Use ovl mounter's fsuid and fsgid in ovl_link()
    - ALSA: line6: correct midi status byte when receiving data from podxt
    - ALSA: line6: fix stack overflow in line6_midi_transmit
    - pnode: terminate at peers of source
    - mfd: mt6360: Add bounds checking in Regmap read/write call-backs
    - md: fix a crash in mempool_free
    - mm, compaction: fix fast_isolate_around() to stay within boundaries
    - f2fs: should put a page when checking the summary info
    - f2fs: allow to read node block after shutdown
    - mmc: vub300: fix warning - do not call blocking ops when !TASK_RUNNING
    - tpm: acpi: Call acpi_put_table() to fix memory leak
    - tpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak
    - tpm: tpm_tis: Add the missed acpi_put_table() to fix memory leak
    - SUNRPC: Don't leak netobj memory when gss_read_proxy_verf() fails
    - kcsan: Instrument memcpy/memset/memmove with newer Clang
    - ASoC: Intel/SOF: use set_stream() instead of set_tdm_slots() for HDAudio
    - ASoC/SoundWire: dai: expand 'stream' concept beyond SoundWire
    - rcu-tasks: Simplify trc_read_check_handler() atomic operations
    - net/af_packet: add VLAN support for AF_PACKET SOCK_RAW GSO
    - net/af_packet: make sure to pull mac header
    - media: stv0288: use explicitly signed char
    - soc: qcom: Select REMAP_MMIO for LLCC driver
    - kest.pl: Fix grub2 menu handling for rebooting
    - ktest.pl minconfig: Unset configs instead of just removing them
    - jbd2: use the correct print format
    - perf/x86/intel/uncore: Disable I/O stacks to PMU mapping on ICX-D
    - perf/x86/intel/uncore: Clear attr_update properly
    - arm64: dts: qcom: sdm845-db845c: correct SPI2 pins drive strength
    - mmc: sdhci-sprd: Disable CLK_AUTO when the clock is less than 400K
    - btrfs: fix resolving backrefs for inline extent followed by prealloc
    - ARM: ux500: do not directly dereference __iomem
    - arm64: dts: qcom: sdm850-lenovo-yoga-c630: correct I2C12 pins drive strength
    - selftests: Use optional USERCFLAGS and USERLDFLAGS
    - PM/devfreq: governor: Add a private governor_data for governor
    - cpufreq: Init completion before kobject_init_and_add()
    - ALSA: patch_realtek: Fix Dell Inspiron Plus 16
    - ALSA: hda/realtek: Apply dual codec fixup for Dell Latitude laptops
    - fs: dlm: fix sock release if listen fails
    - fs: dlm: retry accept() until -EAGAIN or error returns
    - mptcp: mark ops structures as ro_after_init
    - mptcp: remove MPTCP 'ifdef' in TCP SYN cookies
    - dm cache: Fix ABBA deadlock between shrink_slab and dm_cache_metadata_abort
    - dm thin: Fix ABBA deadlock between shrink_slab and dm_pool_abort_metadata
    - dm thin: Use last transaction's pmd->root when commit failed
    - dm thin: resume even if in FAIL mode
    - dm thin: Fix UAF in run_timer_softirq()
    - dm integrity: Fix UAF in dm_integrity_dtr()
    - dm clone: Fix UAF in clone_dtr()
    - dm cache: Fix UAF in destroy()
    - dm cache: set needs_check flag after aborting metadata
    - tracing/hist: Fix out-of-bound write on 'action_data.var_ref_idx'
    - perf/core: Call LSM hook after copying perf_event_attr
    - of/kexec: Fix reading 32-bit "linux,initrd-{start,end}" values
    - KVM: VMX: Resume guest immediately when injecting #GP on ECREATE
    - KVM: nVMX: Inject #GP, not #UD, if "generic" VMXON CR0/CR4 check fails
    - KVM: nVMX: Properly expose ENABLE_USR_WAIT_PAUSE control to L1
    - x86/microcode/intel: Do not retry microcode reloading on the APs
    - ftrace/x86: Add back ftrace_expected for ftrace bug reports
    - x86/kprobes: Fix kprobes instruction boudary check with CONFIG_RETHUNK
    - x86/kprobes: Fix optprobe optimization check with CONFIG_RETHUNK
    - tracing: Fix race where eprobes can be called before the event
    - tracing: Fix complicated dependency of CONFIG_TRACER_MAX_TRACE
    - tracing/hist: Fix wrong return value in parse_action_params()
    - tracing/probes: Handle system names with hyphens
    - tracing: Fix infinite loop in tracing_read_pipe on overflowed
      print_trace_line
    - staging: media: tegra-video: fix chan->mipi value on error
    - staging: media: tegra-video: fix device_node use after free
    - ARM: 9256/1: NWFPE: avoid compiler-generated __aeabi_uldivmod
    - media: dvb-core: Fix double free in dvb_register_device()
    - cifs: fix confusing debug message
    - cifs: fix missing display of three mount options
    - rtc: ds1347: fix value written to century register
    - block: mq-deadline: Do not break sequential write streams to zoned HDDs
    - md/bitmap: Fix bitmap chunk size overflow issues
    - efi: Add iMac Pro 2017 to uefi skip cert quirk
    - wifi: wilc1000: sdio: fix module autoloading
    - ASoC: jz4740-i2s: Handle independent FIFO flush bits
    - ipu3-imgu: Fix NULL pointer dereference in imgu_subdev_set_selection()
    - ipmi: fix long wait in unload when IPMI disconnect
    - mtd: spi-nor: Check for zero erase size in spi_nor_find_best_erase_type()
    - ima: Fix a potential NULL pointer access in ima_restore_measurement_list
    - ipmi: fix use after free in _ipmi_destroy_user()
    - PCI: Fix pci_device_is_present() for VFs by checking PF
    - PCI/sysfs: Fix double free in error path
    - riscv: stacktrace: Fixup ftrace_graph_ret_addr retp argument
    - riscv: mm: notify remote harts about mmu cache updates
    - crypto: n2 - add missing hash statesize
    - driver core: Fix bus_type.match() error handling in __driver_attach()
    - phy: qcom-qmp-combo: fix sc8180x reset
    - iommu/amd: Fix ivrs_acpihid cmdline parsing code
    - remoteproc: core: Do pm_relax when in RPROC_OFFLINE state
    - parisc: led: Fix potential null-ptr-deref in start_task()
    - device_cgroup: Roll back to original exceptions after copy failure
    - drm/connector: send hotplug uevent on connector cleanup
    - drm/vmwgfx: Validate the box size for the snooped cursor
    - drm/i915/dsi: fix VBT send packet port selection for dual link DSI
    - drm/ingenic: Fix missing platform_driver_unregister() call in
      ingenic_drm_init()
    - ext4: silence the warning when evicting inode with dioread_nolock
    - ext4: add inode table check in __ext4_get_inode_loc to aovid possible
      infinite loop
    - ext4: remove trailing newline from ext4_msg() message
    - fs: ext4: initialize fsdata in pagecache_write()
    - ext4: fix use-after-free in ext4_orphan_cleanup
    - ext4: fix undefined behavior in bit shift for ext4_check_flag_values
    - ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode
    - ext4: add helper to check quota inums
    - ext4: fix bug_on in __es_tree_search caused by bad quota inode
    - ext4: fix reserved cluster accounting in __es_remove_extent()
    - ext4: check and assert if marking an no_delete evicting inode dirty
    - ext4: fix bug_on in __es_tree_search caused by bad boot loader inode
    - ext4: fix leaking uninitialized memory in fast-commit journal
    - ext4: fix uninititialized value in 'ext4_evict_inode'
    - ext4: init quota for 'old.inode' in 'ext4_rename'
    - ext4: fix delayed allocation bug in ext4_clu_mapped for bigalloc + inline
    - ext4: fix error code return to user-space in ext4_get_branch()
    - ext4: avoid BUG_ON when creating xattrs
    - ext4: fix kernel BUG in 'ext4_write_inline_data_end()'
    - ext4: fix inode leak in ext4_xattr_inode_create() on an error path
    - ext4: initialize quota before expanding inode in setproject ioctl
    - ext4: avoid unaccounted block allocation when expanding inode
    - ext4: allocate extended attribute value in vmalloc area
    - drm/amdgpu: handle polaris10/11 overlap asics (v2)
    - block: mq-deadline: Fix dd_finish_request() for zoned devices
    - tracing: Fix issue of missing one synthetic field
    - ext4: remove unused enum EXT4_FC_COMMIT_FAILED
    - ext4: use ext4_debug() instead of jbd_debug()
    - ext4: introduce EXT4_FC_TAG_BASE_LEN helper
    - ext4: factor out ext4_fc_get_tl()
    - ext4: fix potential out of bound read in ext4_fc_replay_scan()
    - ext4: disable fast-commit of encrypted dir operations
    - ext4: don't set up encryption key during jbd2 transaction
    - ext4: add missing validation of fast-commit record lengths
    - ext4: fix unaligned memory access in ext4_fc_reserve_space()
    - ext4: fix off-by-one errors in fast-commit block filling
    - ARM: renumber bits related to _TIF_WORK_MASK
    - phy: qcom-qmp-combo: fix out-of-bounds clock access
    - btrfs: replace strncpy() with strscpy()
    - btrfs: move missing device handling in a dedicate function
    - btrfs: fix extent map use-after-free when handling missing device in
      read_one_chunk
    - x86/mce: Get rid of msr_ops
    - x86/MCE/AMD: Clear DFR errors found in THR handler
    - media: s5p-mfc: Fix to handle reference queue during finishing
    - media: s5p-mfc: Clear workbit to handle error condition
    - media: s5p-mfc: Fix in register read and write for H264
    - perf probe: Use dwarf_attr_integrate as generic DWARF attr accessor
    - perf probe: Fix to get the DW_AT_decl_file and DW_AT_call_file as unsinged
      data
    - ravb: Fix "failed to switch device to config mode" message during unbind
    - ext4: goto right label 'failed_mount3a'
    - ext4: correct inconsistent error msg in nojournal mode
    - mbcache: automatically delete entries from cache on freeing
    - ext4: fix deadlock due to mbcache entry corruption
    - drm/i915/migrate: don't check the scratch page
    - drm/i915/migrate: fix offset calculation
    - drm/i915/migrate: fix length calculation
    - SUNRPC: ensure the matching upcall is in-flight upon downcall
    - btrfs: fix an error handling path in btrfs_defrag_leaves()
    - bpf: pull before calling skb_postpull_rcsum()
    - drm/panfrost: Fix GEM handle creation ref-counting
    - netfilter: nf_tables: consolidate set description
    - netfilter: nf_tables: add function to create set stateful expressions
    - netfilter: nf_tables: perform type checking for existing sets
    - vmxnet3: correctly report csum_level for encapsulated packet
    - netfilter: nf_tables: honor set timeout and garbage collection updates
    - veth: Fix race with AF_XDP exposing old or uninitialized descriptors
    - nfsd: shut down the NFSv4 state objects before the filecache
    - net: hns3: add interrupts re-initialization while doing VF FLR
    - net: hns3: refactor hns3_nic_reuse_page()
    - net: hns3: extract macro to simplify ring stats update code
    - net: hns3: fix miss L3E checking for rx packet
    - net: hns3: fix VF promisc mode not update when mac table full
    - net: sched: fix memory leak in tcindex_set_parms
    - qlcnic: prevent ->dcb use-after-free on qlcnic_dcb_enable() failure
    - net: dsa: mv88e6xxx: depend on PTP conditionally
    - nfc: Fix potential resource leaks
    - vdpa_sim: fix possible memory leak in vdpasim_net_init() and
      vdpasim_blk_init()
    - vhost/vsock: Fix error handling in vhost_vsock_init()
    - vringh: fix range used in iotlb_translate()
    - vhost: fix range used in translate_desc()
    - vdpa_sim: fix vringh initialization in vdpasim_queue_ready()
    - net/mlx5: E-Switch, properly handle ingress tagged packets on VST
    - net/mlx5: Add forgotten cleanup calls into mlx5_init_once() error path
    - net/mlx5: Avoid recovery in probe flows
    - net/mlx5e: IPoIB, Don't allow CQE compression to be turned on by default
    - net/mlx5e: TC, Refactor mlx5e_tc_add_flow_mod_hdr() to get flow attr
    - net/mlx5e: Always clear dest encap in neigh-update-del
    - net/mlx5e: Fix hw mtu initializing at XDP SQ allocation
    - net: amd-xgbe: add missed tasklet_kill
    - net: ena: Fix toeplitz initial hash value
    - net: ena: Don't register memory info on XDP exchange
    - net: ena: Account for the number of processed bytes in XDP
    - net: ena: Use bitmask to indicate packet redirection
    - net: ena: Fix rx_copybreak value update
    - net: ena: Set default value for RX interrupt moderation
    - net: ena: Update NUMA TPH hint register upon NUMA node update
    - net: phy: xgmiitorgmii: Fix refcount leak in xgmiitorgmii_probe
    - RDMA/mlx5: Fix mlx5_ib_get_hw_stats when used for device
    - RDMA/mlx5: Fix validation of max_rd_atomic caps for DC
    - drm/meson: Reduce the FIFO lines held when AFBC is not used
    - filelock: new helper: vfs_inode_has_locks
    - ceph: switch to vfs_inode_has_locks() to fix file lock bug
    - gpio: sifive: Fix refcount leak in sifive_gpio_probe
    - net: sched: atm: dont intepret cls results when asked to drop
    - net: sched: cbq: dont intepret cls results when asked to drop
    - net: sparx5: Fix reading of the MAC address
    - netfilter: ipset: fix hash:net,port,net hang with /0 subnet
    - netfilter: ipset: Rework long task execution when adding/deleting entries
    - perf tools: Fix resources leak in perf_data__open_dir()
    - drm/imx: ipuv3-plane: Fix overlay plane width
    - fs/ntfs3: don't hold ni_lock when calling truncate_setsize()
    - drivers/net/bonding/bond_3ad: return when there's no aggregator
    - octeontx2-pf: Fix lmtst ID used in aura free
    - usb: rndis_host: Secure rndis_query check against int overflow
    - perf stat: Fix handling of --for-each-cgroup with --bpf-counters to match
      non BPF mode
    - drm/i915: unpin on error in intel_vgpu_shadow_mm_pin()
    - caif: fix memory leak in cfctrl_linkup_request()
    - udf: Fix extension of the last extent in the file
    - ASoC: Intel: bytcr_rt5640: Add quirk for the Advantech MICA-071 tablet
    - nvme: fix multipath crash caused by flush request when blktrace is enabled
    - io_uring: check for valid register opcode earlier
    - nvmet: use NVME_CMD_EFFECTS_CSUPP instead of open coding it
    - nvme: also return I/O command effects from nvme_command_effects
    - btrfs: check superblock to ensure the fs was not modified at thaw time
    - x86/kexec: Fix double-free of elf header buffer
    - nfsd: fix handling of readdir in v4root vs. mount upcall timeout
    - fbdev: matroxfb: G200eW: Increase max memory from 1 MB to 16 MB
    - block: don't allow splitting of a REQ_NOWAIT bio
    - io_uring: fix CQ waiting timeout handling
    - thermal: int340x: Add missing attribute for data rate base
    - riscv: uaccess: fix type of 0 variable on error in get_user()
    - riscv, kprobes: Stricter c.jr/c.jalr decoding
    - drm/i915/gvt: fix gvt debugfs destroy
    - drm/i915/gvt: fix vgpu debugfs clean in remove
    - hfs/hfsplus: use WARN_ON for sanity check
    - hfs/hfsplus: avoid WARN_ON() for sanity check, use proper error handling
    - ksmbd: fix infinite loop in ksmbd_conn_handler_loop()
    - ksmbd: check nt_len to be at least CIFS_ENCPWD_SIZE in
      ksmbd_decode_ntlmssp_auth_blob
    - Revert "ACPI: PM: Add support for upcoming AMD uPEP HID AMDI007"
    - mptcp: dedicated request sock for subflow in v6
    - mptcp: use proper req destructor for IPv6
    - ext4: don't allow journal inode to have encrypt flag
    - selftests: set the BUILD variable to absolute path
    - btrfs: make thaw time super block check to also verify checksum
    - net: hns3: fix return value check bug of rx copybreak
    - mbcache: Avoid nesting of cache->c_list_lock under bit locks
    - efi: random: combine bootloader provided RNG seed with RNG protocol output
    - io_uring: Fix unsigned 'res' comparison with zero in io_fixup_rw_res()
    - drm/mgag200: Fix PLL setup for G200_SE_A rev >=4
    - Linux 5.15.87
  * Jammy update: v5.15.87 upstream stable release (LP: #2007441) //
    CVE-2022-41218 is assigned to those bugs above.
    - media: dvb-core: Fix UAF due to refcount races at releasing
  * RaptorLake: Fix the Screen is shaking by onboard HDMI port in mirror mode
    (LP: #1993561)
    - drm/i915/display: Drop check for doublescan mode in modevalid
    - drm/i915/display: Prune Interlace modes for Display >=12
  * CVE-2023-0266 // CVE-2023-0266 was assigned for this issue.
    - ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
  * CVE-2022-4382
    - USB: gadgetfs: Fix race between mounting and unmounting
  * CVE-2022-2196
    - KVM: VMX: Execute IBPB on emulated VM-exit when guest has IBRS
  * ubuntu_kernel_selftests: net:udpgso_bench.sh failed (LP: #1951447)
    - selftests: net: udpgso_bench: Fix racing bug between the rx/tx programs
  * net:fcnal-test.sh didn't return a non-zero value even with some sub-tests
    failed (LP: #2006692)
    - selftests: net/fcnal-test.sh: add exit code
  * LXD containers using shiftfs on ZFS or TMPFS broken on 5.15.0-48.54
    (LP: #1990849)
    - SAUCE: shiftfs: always rely on init_user_ns
    - [SAUCE] shiftfs: fix -EOVERFLOW inside the container
  * Regression in ext4 during online resize (LP: #2003816)
    - ext4: fix bad checksum after online resize
    - ext4: fix corruption when online resizing a 1K bigalloc fs
    - SAUCE: Export ext4_superblock_csum function
    - ext4: fix corrupt backup group descriptors after online resize
  * Jammy update: v5.15.86 upstream stable release (LP: #2005113)
    - usb: musb: remove extra check in musb_gadget_vbus_draw
    - arm64: dts: qcom: ipq6018-cp01-c1: use BLSPI1 pins
    - arm64: dts: qcom: sm8250-sony-xperia-edo: fix touchscreen bias-disable
    - arm64: dts: qcom: msm8996: Add MSM8996 Pro support
    - arm64: dts: qcom: msm8996: fix supported-hw in cpufreq OPP tables
    - arm64: dts: qcom: msm8996: fix GPU OPP table
    - ARM: dts: qcom: apq8064: fix coresight compatible
    - arm64: dts: qcom: sdm630: fix UART1 pin bias
    - arm64: dts: qcom: sdm845-cheza: fix AP suspend pin bias
    - arm64: dts: qcom: msm8916: Drop MSS fallback compatible
    - objtool, kcsan: Add volatile read/write instrumentation to whitelist
    - ARM: dts: stm32: Drop stm32mp15xc.dtsi from Avenger96
    - ARM: dts: stm32: Fix AV96 WLAN regulator gpio property
    - drivers: soc: ti: knav_qmss_queue: Mark knav_acc_firmwares as static
    - arm64: dts: qcom: pm660: Use unique ADC5_VCOIN address in node name
    - arm64: dts: qcom: sm8250: correct LPASS pin pull down
    - soc: qcom: llcc: make irq truly optional
    - arm64: dts: qcom: Correct QMP PHY child node name
    - arm64: dts: qcom: sm8150: fix UFS PHY registers
    - arm64: dts: qcom: sm8250: fix UFS PHY registers
    - arm64: dts: qcom: sm8350: fix UFS PHY registers
    - arm64: dts: qcom: sm8250: drop bogus DP PHY clock
    - soc: qcom: apr: make code more reuseable
    - soc: qcom: apr: Add check for idr_alloc and of_property_read_string_index
    - arm64: dts: qcom: sm6125: fix SDHCI CQE reg names
    - arm: dts: spear600: Fix clcd interrupt
    - soc: ti: knav_qmss_queue: Use pm_runtime_resume_and_get instead of
      pm_runtime_get_sync
    - soc: ti: knav_qmss_queue: Fix PM disable depth imbalance in knav_queue_probe
    - soc: ti: smartreflex: Fix PM disable depth imbalance in omap_sr_probe
    - arm64: Treat ESR_ELx as a 64-bit register
    - arm64: mm: kfence: only handle translation faults
    - perf: arm_dsu: Fix hotplug callback leak in dsu_pmu_init()
    - perf/arm_dmc620: Fix hotplug callback leak in dmc620_pmu_init()
    - perf/smmuv3: Fix hotplug callback leak in arm_smmu_pmu_init()
    - arm64: dts: ti: k3-am65-main: Drop dma-coherent in crypto node
    - arm64: dts: ti: k3-j721e-main: Drop dma-coherent in crypto node
    - ARM: dts: nuvoton: Remove bogus unit addresses from fixed-partition nodes
    - arm64: dts: mt6779: Fix devicetree build warnings
    - arm64: dts: mt2712e: Fix unit_address_vs_reg warning for oscillators
    - arm64: dts: mt2712e: Fix unit address for pinctrl node
    - arm64: dts: mt2712-evb: Fix vproc fixed regulators unit names
    - arm64: dts: mt2712-evb: Fix usb vbus regulators unit names
    - arm64: dts: mediatek: pumpkin-common: Fix devicetree warnings
    - arm64: dts: mediatek: mt6797: Fix 26M oscillator unit name
    - ARM: dts: dove: Fix assigned-addresses for every PCIe Root Port
    - ARM: dts: armada-370: Fix assigned-addresses for every PCIe Root Port
    - ARM: dts: armada-xp: Fix assigned-addresses for every PCIe Root Port
    - ARM: dts: armada-375: Fix assigned-addresses for every PCIe Root Port
    - ARM: dts: armada-38x: Fix assigned-addresses for every PCIe Root Port
    - ARM: dts: armada-39x: Fix assigned-addresses for every PCIe Root Port
    - ARM: dts: turris-omnia: Add ethernet aliases
    - ARM: dts: turris-omnia: Add switch port 6 node
    - arm64: dts: armada-3720-turris-mox: Add missing interrupt for RTC
    - seccomp: Move copy_seccomp() to no failure path.
    - pstore/ram: Fix error return code in ramoops_probe()
    - ARM: mmp: fix timer_read delay
    - pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP
    - tpm/tpm_ftpm_tee: Fix error handling in ftpm_mod_init()
    - tpm/tpm_crb: Fix error message in __crb_relinquish_locality()
    - ovl: store lower path in ovl_inode
    - ovl: use ovl_copy_{real,upper}attr() wrappers
    - ovl: remove privs in ovl_copyfile()
    - ovl: remove privs in ovl_fallocate()
    - sched/fair: Cleanup task_util and capacity type
    - sched/uclamp: Fix relationship between uclamp and migration margin
    - sched/uclamp: Make task_fits_capacity() use util_fits_cpu()
    - sched/uclamp: Make select_idle_capacity() use util_fits_cpu()
    - sched/fair: Removed useless update of p->recent_used_cpu
    - sched/core: Introduce sched_asym_cpucap_active()
    - sched/uclamp: Make asym_fits_capacity() use util_fits_cpu()
    - cpuidle: dt: Return the correct numbers of parsed idle states
    - alpha: fix TIF_NOTIFY_SIGNAL handling
    - alpha: fix syscall entry in !AUDUT_SYSCALL case
    - x86/sgx: Reduce delay and interference of enclave release
    - PM: hibernate: Fix mistake in kerneldoc comment
    - fs: don't audit the capability check in simple_xattr_list()
    - cpufreq: qcom-hw: Fix memory leak in qcom_cpufreq_hw_read_lut()
    - selftests/ftrace: event_triggers: wait longer for test_event_enable
    - perf: Fix possible memleak in pmu_dev_alloc()
    - lib/debugobjects: fix stat count and optimize debug_objects_mem_init
    - platform/x86: huawei-wmi: fix return value calculation
    - timerqueue: Use rb_entry_safe() in timerqueue_getnext()
    - proc: fixup uptime selftest
    - lib/fonts: fix undefined behavior in bit shift for get_default_font
    - ocfs2: fix memory leak in ocfs2_stack_glue_init()
    - MIPS: vpe-mt: fix possible memory leak while module exiting
    - MIPS: vpe-cmp: fix possible memory leak while module exiting
    - selftests/efivarfs: Add checking of the test return value
    - PNP: fix name memory leak in pnp_alloc_dev()
    - perf/x86/intel/uncore: Fix reference count leak in sad_cfg_iio_topology()
    - perf/x86/intel/uncore: Fix reference count leak in hswep_has_limit_sbox()
    - perf/x86/intel/uncore: Fix reference count leak in snr_uncore_mmio_map()
    - perf/x86/intel/uncore: Fix reference count leak in __uncore_imc_init_box()
    - platform/chrome: cros_usbpd_notify: Fix error handling in
      cros_usbpd_notify_init()
    - thermal: core: fix some possible name leaks in error paths
    - irqchip: gic-pm: Use pm_runtime_resume_and_get() in gic_probe()
    - irqchip/wpcm450: Fix memory leak in wpcm450_aic_of_init()
    - EDAC/i10nm: fix refcount leak in pci_get_dev_wrapper()
    - SUNRPC: Return true/false (not 1/0) from bool functions
    - NFSD: Finish converting the NFSv2 GETACL result encoder
    - nfsd: don't call nfsd_file_put from client states seqfile display
    - genirq/irqdesc: Don't try to remove non-existing sysfs files
    - cpufreq: amd_freq_sensitivity: Add missing pci_dev_put()
    - libfs: add DEFINE_SIMPLE_ATTRIBUTE_SIGNED for signed value
    - lib/notifier-error-inject: fix error when writing -errno to debugfs file
    - debugfs: fix error when writing negative value to atomic_t debugfs file
    - rapidio: fix possible name leaks when rio_add_device() fails
    - rapidio: rio: fix possible name leak in rio_register_mport()
    - clocksource/drivers/sh_cmt: Access registers according to spec
    - mips: ralink: mt7621: define MT7621_SYSC_BASE with __iomem
    - mips: ralink: mt7621: soc queries and tests as functions
    - mips: ralink: mt7621: do not use kzalloc too early
    - futex: Move to kernel/futex/
    - futex: Resend potentially swallowed owner death notification
    - cpu/hotplug: Make target_store() a nop when target == state
    - cpu/hotplug: Do not bail-out in DYING/STARTING sections
    - clocksource/drivers/timer-ti-dm: Fix missing clk_disable_unprepare in
      dmtimer_systimer_init_clock()
    - ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage()
    - uprobes/x86: Allow to probe a NOP instruction with 0x66 prefix
    - x86/xen: Fix memory leak in xen_smp_intr_init{_pv}()
    - x86/xen: Fix memory leak in xen_init_lock_cpu()
    - xen/privcmd: Fix a possible warning in privcmd_ioctl_mmap_resource()
    - PM: runtime: Do not call __rpm_callback() from rpm_idle()
    - platform/chrome: cros_ec_typec: Cleanup switch handle return paths
    - platform/chrome: cros_ec_typec: zero out stale pointers
    - platform/x86: mxm-wmi: fix memleak in mxm_wmi_call_mx[ds|mx]()
    - platform/x86: intel_scu_ipc: fix possible name leak in
      __intel_scu_ipc_register()
    - MIPS: BCM63xx: Add check for NULL for clk in clk_enable
    - MIPS: OCTEON: warn only once if deprecated link status is being used
    - lockd: set other missing fields when unlocking files
    - fs: sysv: Fix sysv_nblocks() returns wrong value
    - rapidio: fix possible UAF when kfifo_alloc() fails
    - eventfd: change int to __u64 in eventfd_signal() ifndef CONFIG_EVENTFD
    - relay: fix type mismatch when allocating memory in relay_create_buf()
    - hfs: Fix OOB Write in hfs_asc2mac
    - rapidio: devices: fix missing put_device in mport_cdev_open
    - platform/mellanox: mlxbf-pmc: Fix event typo
    - wifi: ath9k: hif_usb: fix memory leak of urbs in
      ath9k_hif_usb_dealloc_tx_urbs()
    - wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb()
    - wifi: rtl8xxxu: Fix reading the vendor of combo chips
    - drm/bridge: adv7533: remove dynamic lane switching from adv7533 bridge
    - libbpf: Fix use-after-free in btf_dump_name_dups
    - libbpf: Fix null-pointer dereference in find_prog_by_sec_insn()
    - ata: libata: move ata_{port,link,dev}_dbg to standard pr_XXX() macros
    - ata: add/use ata_taskfile::{error|status} fields
    - ata: libata: fix NCQ autosense logic
    - ipmi: kcs: Poll OBF briefly to reduce OBE latency
    - drm/amdgpu/powerplay/psm: Fix memory leak in power state init
    - media: v4l2-ctrls: Fix off-by-one error in integer menu control check
    - media: coda: jpeg: Add check for kmalloc
    - media: adv748x: afe: Select input port when initializing AFE
    - media: i2c: ad5820: Fix error path
    - venus: pm_helpers: Fix error check in vcodec_domains_get()
    - soreuseport: Fix socket selection for SO_INCOMING_CPU.
    - media: exynos4-is: don't rely on the v4l2_async_subdev internals
    - libbpf: Btf dedup identical struct test needs check for nested
      structs/arrays
    - can: kvaser_usb: do not increase tx statistics when sending error message
      frames
    - can: kvaser_usb: kvaser_usb_leaf: Get capabilities from device
    - can: kvaser_usb: kvaser_usb_leaf: Rename {leaf,usbcan}_cmd_error_event to
      {leaf,usbcan}_cmd_can_error_event
    - can: kvaser_usb: kvaser_usb_leaf: Handle CMD_ERROR_EVENT
    - can: kvaser_usb_leaf: Set Warning state even without bus errors
    - can: kvaser_usb: make use of units.h in assignment of frequency
    - can: kvaser_usb_leaf: Fix improved state not being reported
    - can: kvaser_usb_leaf: Fix wrong CAN state after stopping
    - can: kvaser_usb_leaf: Fix bogus restart events
    - can: kvaser_usb: Add struct kvaser_usb_busparams
    - can: kvaser_usb: Compare requested bittiming parameters with actual
      parameters in do_set_{,data}_bittiming
    - drm/rockchip: lvds: fix PM usage counter unbalance in poweron
    - clk: renesas: r9a06g032: Repair grave increment error
    - spi: Update reference to struct spi_controller
    - drm/panel/panel-sitronix-st7701: Remove panel on DSI attach failure
    - drm/msm/hdmi: drop unused GPIO support
    - drm/msm/hdmi: use devres helper for runtime PM management
    - bpf: Fix slot type check in check_stack_write_var_off
    - media: vivid: fix compose size exceed boundary
    - media: platform: exynos4-is: fix return value check in fimc_md_probe()
    - bpf: propagate precision in ALU/ALU64 operations
    - bpf: Check the other end of slot_type for STACK_SPILL
    - bpf: propagate precision across all frames, not just the last one
    - clk: qcom: gcc-sm8250: Use retention mode for USB GDSCs
    - mtd: Fix device name leak when register device failed in add_mtd_device()
    - Input: joystick - fix Kconfig warning for JOYSTICK_ADC
    - wifi: rsi: Fix handling of 802.3 EAPOL frames sent via control port
    - media: camss: Clean up received buffers on failed start of streaming
    - net, proc: Provide PROC_FS=n fallback for proc_create_net_single_write()
    - rxrpc: Fix ack.bufferSize to be 0 when generating an ack
    - bfq: fix waker_bfqq inconsistency crash
    - drm/radeon: Add the missed acpi_put_table() to fix memory leak
    - drm/mediatek: Modify dpi power on/off sequence.
    - ASoC: pxa: fix null-pointer dereference in filter()
    - libbpf: Fix uninitialized warning in btf_dump_dump_type_data
    - nvmet: only allocate a single slab for bvecs
    - regulator: core: fix unbalanced of node refcount in regulator_dev_lookup()
    - amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table()
    - nvme: return err on nvme_init_non_mdts_limits fail
    - regulator: qcom-rpmh: Fix PMR735a S3 regulator spec
    - drm/fourcc: Add packed 10bit YUV 4:2:0 format
    - drm/fourcc: Fix vsub/hsub for Q410 and Q401
    - integrity: Fix memory leakage in keyring allocation error path
    - ima: Fix misuse of dereference of pointer in template_desc_init_fields()
    - block: clear ->slave_dir when dropping the main slave_dir reference
    - wifi: ath10k: Fix return value in ath10k_pci_init()
    - drm/msm/a6xx: Fix speed-bin detection vs probe-defer
    - mtd: lpddr2_nvm: Fix possible null-ptr-deref
    - Input: elants_i2c - properly handle the reset GPIO when power is off
    - media: vidtv: Fix use-after-free in vidtv_bridge_dvb_init()
    - media: solo6x10: fix possible memory leak in solo_sysfs_init()
    - media: platform: exynos4-is: Fix error handling in fimc_md_init()
    - media: videobuf-dma-contig: use dma_mmap_coherent
    - inet: add READ_ONCE(sk->sk_bound_dev_if) in inet_csk_bind_conflict()
    - mtd: spi-nor: hide jedec_id sysfs attribute if not present
    - mtd: spi-nor: Fix the number of bytes for the dummy cycles
    - bpf: Move skb->len == 0 checks into __bpf_redirect
    - HID: hid-sensor-custom: set fixed size for custom attributes
    - pinctrl: k210: call of_node_put()
    - ALSA: pcm: fix undefined behavior in bit shift for SNDRV_PCM_RATE_KNOT
    - ALSA: seq: fix undefined behavior in bit shift for
      SNDRV_SEQ_FILTER_USE_EVENT
    - regulator: core: use kfree_const() to free space conditionally
    - clk: rockchip: Fix memory leak in rockchip_clk_register_pll()
    - drm/amdgpu: fix pci device refcount leak
    - bonding: fix link recovery in mode 2 when updelay is nonzero
    - mtd: maps: pxa2xx-flash: fix memory leak in probe
    - drbd: remove call to memset before free device/resource/connection
    - drbd: destroy workqueue when drbd device was freed
    - ASoC: qcom: Add checks for devm_kcalloc
    - media: vimc: Fix wrong function called when vimc_init() fails
    - media: imon: fix a race condition in send_packet()
    - clk: imx8mn: rename vpu_pll to m7_alt_pll
    - clk: imx: replace osc_hdmi with dummy
    - clk: imx8mn: fix imx8mn_sai2_sels clocks list
    - clk: imx8mn: fix imx8mn_enet_phy_sels clocks list
    - pinctrl: pinconf-generic: add missing of_node_put()
    - media: dvb-core: Fix ignored return value in dvb_register_frontend()
    - media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()
    - media: s5p-mfc: Add variant data for MFC v7 hardware for Exynos 3250 SoC
    - drm/tegra: Add missing clk_disable_unprepare() in tegra_dc_probe()
    - ASoC: dt-bindings: wcd9335: fix reset line polarity in example
    - ASoC: mediatek: mtk-btcvsd: Add checks for write and read of mtk_btcvsd_snd
    - NFSv4.2: Clear FATTR4_WORD2_SECURITY_LABEL when done decoding
    - NFSv4.2: Fix a memory stomp in decode_attr_security_label
    - NFSv4.2: Fix initialisation of struct nfs4_label
    - NFSv4: Fix a credential leak in _nfs4_discover_trunking()
    - NFSv4: Fix a deadlock between nfs4_open_recover_helper() and delegreturn
    - NFS: Fix an Oops in nfs_d_automount()
    - ALSA: asihpi: fix missing pci_disable_device()
    - wifi: iwlwifi: mvm: fix double free on tx path.
    - ASoC: mediatek: mt8173: Fix debugfs registration for components
    - ASoC: mediatek: mt8173: Enable IRQ when pdata is ready
    - drm/amd/pm/smu11: BACO is supported when it's in BACO state
    - drm/radeon: Fix PCI device refcount leak in radeon_atrm_get_bios()
    - drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios()
    - drm/amdkfd: Fix memory leakage
    - ASoC: pcm512x: Fix PM disable depth imbalance in pcm512x_probe
    - netfilter: conntrack: set icmpv6 redirects as RELATED
    - Input: wistron_btns - disable on UML
    - bpf, sockmap: Fix repeated calls to sock_put() when msg has more_data
    - bpf, sockmap: Fix missing BPF_F_INGRESS flag when using apply_bytes
    - bpf, sockmap: Fix data loss caused by using apply_bytes on ingress redirect
    - bonding: uninitialized variable in bond_miimon_inspect()
    - spi: spidev: mask SPI_CS_HIGH in SPI_IOC_RD_MODE
    - wifi: cfg80211: Fix not unregister reg_pdev when load_builtin_regdb_keys()
      fails
    - mt76: stop the radar detector after leaving dfs channel
    - wifi: mt76: mt7921: fix reporting of TX AGGR histogram
    - wifi: mt76: fix coverity overrun-call in mt76_get_txpower()
    - regulator: core: fix module refcount leak in set_supply()
    - clk: qcom: lpass-sc7180: Fix pm_runtime usage
    - clk: qcom: clk-krait: fix wrong div2 functions
    - hsr: Add a rcu-read lock to hsr_forward_skb().
    - hsr: Avoid double remove of a node.
    - hsr: Disable netpoll.
    - hsr: Synchronize sending frames to have always incremented outgoing seq nr.
    - hsr: Synchronize sequence number updates.
    - configfs: fix possible memory leak in configfs_create_dir()
    - regulator: core: fix resource leak in regulator_register()
    - hwmon: (jc42) Convert register access and caching to regmap/regcache
    - hwmon: (jc42) Restore the min/max/critical temperatures on resume
    - bpf, sockmap: fix race in sock_map_free()
    - ALSA: pcm: Set missing stop_operating flag at undoing trigger start
    - media: saa7164: fix missing pci_disable_device()
    - ALSA: mts64: fix possible null-ptr-defer in snd_mts64_interrupt
    - xprtrdma: Fix regbuf data not freed in rpcrdma_req_create()
    - SUNRPC: Fix missing release socket in rpc_sockname()
    - NFSv4.x: Fail client initialisation if state manager thread can't run
    - riscv, bpf: Emit fixed-length instructions for BPF_PSEUDO_FUNC
    - mmc: alcor: fix return value check of mmc_add_host()
    - mmc: moxart: fix return value check of mmc_add_host()
    - mmc: mxcmmc: fix return value check of mmc_add_host()
    - mmc: pxamci: fix return value check of mmc_add_host()
    - mmc: rtsx_pci: fix return value check of mmc_add_host()
    - mmc: rtsx_usb_sdmmc: fix return value check of mmc_add_host()
    - mmc: toshsd: fix return value check of mmc_add_host()
    - mmc: vub300: fix return value check of mmc_add_host()
    - mmc: wmt-sdmmc: fix return value check of mmc_add_host()
    - mmc: atmel-mci: fix return value check of mmc_add_host()
    - mmc: omap_hsmmc: fix return value check of mmc_add_host()
    - mmc: meson-gx: fix return value check of mmc_add_host()
    - mmc: via-sdmmc: fix return value check of mmc_add_host()
    - mmc: wbsd: fix return value check of mmc_add_host()
    - mmc: mmci: fix return value check of mmc_add_host()
    - mmc: renesas_sdhi: alway populate SCC pointer
    - memstick: ms_block: Add error handling support for add_disk()
    - memstick/ms_block: Add check for alloc_ordered_workqueue
    - mmc: core: Normalize the error handling branch in sd_read_ext_regs()
    - regulator: qcom-labibb: Fix missing of_node_put() in
      qcom_labibb_regulator_probe()
    - media: c8sectpfe: Add of_node_put() when breaking out of loop
    - media: coda: Add check for dcoda_iram_alloc
    - media: coda: Add check for kmalloc
    - clk: samsung: Fix memory leak in _samsung_clk_register_pll()
    - spi: spi-gpio: Don't set MOSI as an input if not 3WIRE mode
    - wifi: rtl8xxxu: Add __packed to struct rtl8723bu_c2h
    - wifi: rtl8xxxu: Fix the channel width reporting
    - wifi: brcmfmac: Fix error return code in brcmf_sdio_download_firmware()
    - blktrace: Fix output non-blktrace event when blk_classic option enabled
    - bpf: Do not zero-extend kfunc return values
    - clk: socfpga: Fix memory leak in socfpga_gate_init()
    - net: vmw_vsock: vmci: Check memcpy_from_msg()
    - net: defxx: Fix missing err handling in dfx_init()
    - net: stmmac: selftests: fix potential memleak in stmmac_test_arpoffload()
    - net: stmmac: fix possible memory leak in stmmac_dvr_probe()
    - drivers: net: qlcnic: Fix potential memory leak in qlcnic_sriov_init()
    - of: overlay: fix null pointer dereferencing in find_dup_cset_node_entry()
      and find_dup_cset_prop()
    - ethernet: s2io: don't call dev_kfree_skb() under spin_lock_irqsave()
    - net: farsync: Fix kmemleak when rmmods farsync
    - net/tunnel: wait until all sk_user_data reader finish before releasing the
      sock
    - net: apple: mace: don't call dev_kfree_skb() under spin_lock_irqsave()
    - net: apple: bmac: don't call dev_kfree_skb() under spin_lock_irqsave()
    - net: emaclite: don't call dev_kfree_skb() under spin_lock_irqsave()
    - net: ethernet: dnet: don't call dev_kfree_skb() under spin_lock_irqsave()
    - hamradio: don't call dev_kfree_skb() under spin_lock_irqsave()
    - net: amd: lance: don't call dev_kfree_skb() under spin_lock_irqsave()
    - af_unix: call proto_unregister() in the error path in af_unix_init()
    - net: amd-xgbe: Fix logic around active and passive cables
    - net: amd-xgbe: Check only the minimum speed for active/passive cables
    - can: tcan4x5x: Remove invalid write in clear_interrupts
    - can: m_can: Call the RAM init directly from m_can_chip_config
    - can: tcan4x5x: Fix use of register error status mask
    - net: lan9303: Fix read error execution path
    - ntb_netdev: Use dev_kfree_skb_any() in interrupt context
    - sctp: sysctl: make extra pointers netns aware
    - Bluetooth: MGMT: Fix error report for ADD_EXT_ADV_PARAMS
    - Bluetooth: btintel: Fix missing free skb in btintel_setup_combined()
    - Bluetooth: btusb: don't call kfree_skb() under spin_lock_irqsave()
    - Bluetooth: hci_qca: don't call kfree_skb() under spin_lock_irqsave()
    - Bluetooth: hci_ll: don't call kfree_skb() under spin_lock_irqsave()
    - Bluetooth: hci_h5: don't call kfree_skb() under spin_lock_irqsave()
    - Bluetooth: hci_bcsp: don't call kfree_skb() under spin_lock_irqsave()
    - Bluetooth: hci_core: don't call kfree_skb() under spin_lock_irqsave()
    - Bluetooth: RFCOMM: don't call kfree_skb() under spin_lock_irqsave()
    - stmmac: fix potential division by 0
    - i40e: Fix the inability to attach XDP program on downed interface
    - net: dsa: tag_8021q: avoid leaking ctx on dsa_tag_8021q_register() error
      path
    - apparmor: fix a memleak in multi_transaction_new()
    - apparmor: fix lockdep warning when removing a namespace
    - apparmor: Fix abi check to include v8 abi
    - crypto: hisilicon/qm - fix missing destroy qp_idr
    - crypto: sun8i-ss - use dma_addr instead u32
    - crypto: nitrox - avoid double free on error path in nitrox_sriov_init()
    - scsi: core: Fix a race between scsi_done() and scsi_timeout()
    - apparmor: Use pointer to struct aa_label for lbs_cred
    - PCI: dwc: Fix n_fts[] array overrun
    - RDMA/core: Fix order of nldev_exit call
    - PCI: pci-epf-test: Register notifier if only core_init_notifier is enabled
    - f2fs: Fix the race condition of resize flag between resizefs
    - crypto: rockchip - do not do custom power management
    - crypto: rockchip - do not store mode globally
    - crypto: rockchip - add fallback for cipher
    - crypto: rockchip - add fallback for ahash
    - crypto: rockchip - better handle cipher key
    - crypto: rockchip - remove non-aligned handling
    - crypto: rockchip - rework by using crypto_engine
    - apparmor: Fix memleak in alloc_ns()
    - f2fs: fix to invalidate dcc->f2fs_issue_discard in error path
    - f2fs: fix normal discard process
    - f2fs: fix to destroy sbi->post_read_wq in error path of f2fs_fill_super()
    - RDMA/irdma: Report the correct link speed
    - scsi: qla2xxx: Fix set-but-not-used variable warnings
    - RDMA/siw: Fix immediate work request flush to completion queue
    - IB/mad: Don't call to function that might sleep while in atomic context
    - RDMA/restrack: Release MR restrack when delete
    - RDMA/core: Make sure "ib_port" is valid when access sysfs node
    - RDMA/nldev: Return "-EAGAIN" if the cm_id isn't from expected port
    - RDMA/siw: Set defined status for work completion with undefined status
    - scsi: scsi_debug: Fix a warning in resp_write_scat()
    - crypto: ccree - Remove debugfs when platform_driver_register failed
    - crypto: cryptd - Use request context instead of stack for sub-request
    - crypto: hisilicon/qm - add missing pci_dev_put() in q_num_set()
    - RDMA/hns: Repacing 'dseg_len' by macros in fill_ext_sge_inl_data()
    - RDMA/hns: Fix ext_sge num error when post send
    - PCI: Check for alloc failure in pci_request_irq()
    - RDMA/hfi: Decrease PCI device reference count in error path
    - crypto: ccree - Make cc_debugfs_global_fini() available for module init
      function
    - RDMA/hns: fix memory leak in hns_roce_alloc_mr()
    - RDMA/rxe: Fix NULL-ptr-deref in rxe_qp_do_cleanup() when socket create
      failed
    - dt-bindings: imx6q-pcie: Fix clock names for imx6sx and imx8mq
    - dt-bindings: visconti-pcie: Fix interrupts array max constraints
    - scsi: hpsa: Fix possible memory leak in hpsa_init_one()
    - crypto: tcrypt - Fix multibuffer skcipher speed test mem leak
    - padata: Always leave BHs disabled when running ->parallel()
    - padata: Fix list iterator in padata_do_serial()
    - scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add()
    - scsi: hpsa: Fix error handling in hpsa_add_sas_host()
    - scsi: hpsa: Fix possible memory leak in hpsa_add_sas_device()
    - scsi: efct: Fix possible memleak in efct_device_init()
    - scsi: scsi_debug: Fix a warning in resp_verify()
    - scsi: scsi_debug: Fix a warning in resp_report_zones()
    - scsi: fcoe: Fix possible name leak when device_register() fails
    - scsi: scsi_debug: Fix possible name leak in sdebug_add_host_helper()
    - scsi: ipr: Fix WARNING in ipr_init()
    - scsi: fcoe: Fix transport not deattached when fcoe_if_init() fails
    - scsi: snic: Fix possible UAF in snic_tgt_create()
    - RDMA/nldev: Add checks for nla_nest_start() in fill_stat_counter_qps()
    - f2fs: avoid victim selection from previous victim section
    - RDMA/nldev: Fix failure to send large messages
    - crypto: amlogic - Remove kcalloc without check
    - crypto: omap-sham - Use pm_runtime_resume_and_get() in omap_sham_probe()
    - riscv/mm: add arch hook arch_clear_hugepage_flags
    - RDMA/hfi1: Fix error return code in parse_platform_config()
    - RDMA/srp: Fix error return code in srp_parse_options()
    - PCI: mt7621: Rename mt7621_pci_ to mt7621_pcie_
    - PCI: mt7621: Add sentinel to quirks table
    - orangefs: Fix sysfs not cleanup when dev init failed
    - RDMA/hns: Fix AH attr queried by query_qp
    - RDMA/hns: Fix PBL page MTR find
    - RDMA/hns: Fix page size cap from firmware
    - RDMA/hns: Fix error code of CMD
    - crypto: img-hash - Fix variable dereferenced before check 'hdev->req'
    - hwrng: amd - Fix PCI device refcount leak
    - hwrng: geode - Fix PCI device refcount leak
    - IB/IPoIB: Fix queue count inconsistency for PKEY child interfaces
    - RISC-V: Align the shadow stack
    - drivers: dio: fix possible memory leak in dio_init()
    - serial: tegra: Read DMA status before terminating
    - serial: 8250_bcm7271: Fix error handling in brcmuart_init()
    - class: fix possible memory leak in __class_register()
    - vfio: platform: Do not pass return buffer to ACPI _RST method
    - uio: uio_dmem_genirq: Fix missing unlock in irq configuration
    - uio: uio_dmem_genirq: Fix deadlock between irq config and handling
    - usb: fotg210-udc: Fix ages old endianness issues
    - staging: vme_user: Fix possible UAF in tsi148_dma_list_add
    - usb: typec: Check for ops->exit instead of ops->enter in altmode_exit
    - usb: typec: tcpci: fix of node refcount leak in tcpci_register_port()
    - usb: typec: tipd: Cleanup resources if devm_tps6598_psy_register fails
    - usb: typec: tipd: Fix spurious fwnode_handle_put in error path
    - extcon: usbc-tusb320: Add support for mode setting and reset
    - extcon: usbc-tusb320: Add support for TUSB320L
    - usb: typec: Factor out non-PD fwnode properties
    - extcon: usbc-tusb320: Factor out extcon into dedicated functions
    - extcon: usbc-tusb320: Add USB TYPE-C support
    - extcon: usbc-tusb320: Update state on probe even if no IRQ pending
    - serial: amba-pl011: avoid SBSA UART accessing DMACR register
    - serial: pl011: Do not clear RX FIFO & RX interrupt in unthrottle.
    - serial: stm32: move dma_request_chan() before clk_prepare_enable()
    - serial: pch: Fix PCI device refcount leak in pch_request_dma()
    - tty: serial: clean up stop-tx part in altera_uart_tx_chars()
    - tty: serial: altera_uart_{r,t}x_chars() need only uart_port
    - serial: altera_uart: fix locking in polling mode
    - serial: sunsab: Fix error handling in sunsab_init()
    - test_firmware: fix memory leak in test_firmware_init()
    - misc: ocxl: fix possible name leak in ocxl_file_register_afu()
    - ocxl: fix pci device refcount leak when calling get_function_0()
    - misc: tifm: fix possible memory leak in tifm_7xx1_switch_media()
    - misc: sgi-gru: fix use-after-free error in gru_set_context_option, gru_fault
      and gru_handle_user_call_os
    - firmware: raspberrypi: fix possible memory leak in rpi_firmware_probe()
    - cxl: fix possible null-ptr-deref in cxl_guest_init_afu|adapter()
    - cxl: fix possible null-ptr-deref in cxl_pci_init_afu|adapter()
    - iio: temperature: ltc2983: make bulk write buffer DMA-safe
    - iio: adis: handle devices that cannot unmask the drdy pin
    - iio: adis: stylistic changes
    - iio:imu:adis: Move exports into IIO_ADISLIB namespace
    - iio: adis: add '__adis_enable_irq()' implementation
    - counter: stm32-lptimer-cnt: fix the check on arr and cmp registers update
    - coresight: trbe: remove cpuhp instance node before remove cpuhp state
    - usb: roles: fix of node refcount leak in usb_role_switch_is_parent()
    - usb: gadget: f_hid: fix f_hidg lifetime vs cdev
    - usb: gadget: f_hid: fix refcount leak on error path
    - drivers: mcb: fix resource leak in mcb_probe()
    - mcb: mcb-parse: fix error handing in chameleon_parse_gdd()
    - chardev: fix error handling in cdev_device_add()
    - i2c: pxa-pci: fix missing pci_disable_device() on error in ce4100_i2c_probe
    - staging: rtl8192u: Fix use after free in ieee80211_rx()
    - staging: rtl8192e: Fix potential use-after-free in rtllib_rx_Monitor()
    - vme: Fix error not catched in fake_init()
    - gpiolib: Get rid of redundant 'else'
    - gpiolib: cdev: fix NULL-pointer dereferences
    - gpiolib: make struct comments into real kernel docs
    - gpiolib: protect the GPIO device against being dropped while in use by user-
      space
    - i2c: mux: reg: check return value after calling platform_get_resource()
    - i2c: ismt: Fix an out-of-bounds bug in ismt_access()
    - usb: storage: Add check for kcalloc
    - tracing/hist: Fix issue of losting command info in error_log
    - ksmbd: Fix resource leak in ksmbd_session_rpc_open()
    - samples: vfio-mdev: Fix missing pci_disable_device() in mdpy_fb_probe()
    - thermal/drivers/imx8mm_thermal: Validate temperature range
    - thermal/drivers/qcom/temp-alarm: Fix inaccurate warning for gen2
    - thermal/drivers/qcom/lmh: Fix irq handler return value
    - fbdev: ssd1307fb: Drop optional dependency
    - fbdev: pm2fb: fix missing pci_disable_device()
    - fbdev: via: Fix error in via_core_init()
    - fbdev: vermilion: decrease reference count in error path
    - fbdev: ep93xx-fb: Add missing clk_disable_unprepare in ep93xxfb_probe()
    - fbdev: geode: don't build on UML
    - fbdev: uvesafb: don't build on UML
    - fbdev: uvesafb: Fixes an error handling path in uvesafb_probe()
    - HSI: omap_ssi_core: fix unbalanced pm_runtime_disable()
    - HSI: omap_ssi_core: fix possible memory leak in ssi_probe()
    - power: supply: fix residue sysfs file in error handle route of
      __power_supply_register()
    - perf trace: Return error if a system call doesn't exist
    - perf trace: Use macro RAW_SYSCALL_ARGS_NUM to replace number
    - perf trace: Handle failure when trace point folder is missed
    - perf symbol: correction while adjusting symbol
    - power: supply: z2_battery: Fix possible memleak in z2_batt_probe()
    - HSI: omap_ssi_core: Fix error handling in ssi_init()
    - power: supply: ab8500: Fix error handling in ab8500_charger_init()
    - power: supply: fix null pointer dereferencing in
      power_supply_get_battery_info
    - perf stat: Refactor __run_perf_stat() common code
    - perf stat: Do not delay the workload with --delay
    - RDMA/siw: Fix pointer cast warning
    - fs/ntfs3: Avoid UBSAN error on true_sectors_per_clst()
    - overflow: Implement size_t saturating arithmetic helpers
    - fs/ntfs3: Harden against integer overflows
    - iommu/sun50i: Fix reset release
    - iommu/sun50i: Consider all fault sources for reset
    - iommu/sun50i: Fix R/W permission check
    - iommu/sun50i: Fix flush size
    - iommu/rockchip: fix permission bits in page table entries v2
    - phy: usb: s2 WoL wakeup_count not incremented for USB->Eth devices
    - include/uapi/linux/swab: Fix potentially missing __always_inline
    - pwm: tegra: Improve required rate calculation
    - fs/ntfs3: Fix slab-out-of-bounds read in ntfs_trim_fs
    - dmaengine: idxd: Fix crc_val field for completion record
    - rtc: rtc-cmos: Do not check ACPI_FADT_LOW_POWER_S0
    - rtc: cmos: Fix event handler registration ordering issue
    - rtc: cmos: Fix wake alarm breakage
    - rtc: cmos: fix build on non-ACPI platforms
    - rtc: cmos: Call cmos_wake_setup() from cmos_do_probe()
    - rtc: cmos: Call rtc_wake_setup() from cmos_do_probe()
    - rtc: cmos: Eliminate forward declarations of some functions
    - rtc: cmos: Rename ACPI-related functions
    - rtc: cmos: Disable ACPI RTC event on removal
    - rtc: snvs: Allow a time difference on clock register read
    - rtc: pcf85063: Fix reading alarm
    - iommu/amd: Fix pci device refcount leak in ppr_notifier()
    - iommu/fsl_pamu: Fix resource leak in fsl_pamu_probe()
    - macintosh: fix possible memory leak in macio_add_one_device()
    - macintosh/macio-adb: check the return value of ioremap()
    - powerpc/52xx: Fix a resource leak in an error handling path
    - cxl: Fix refcount leak in cxl_calc_capp_routing
    - powerpc/xmon: Fix -Wswitch-unreachable warning in bpt_cmds
    - powerpc/xive: add missing iounmap() in error path in
      xive_spapr_populate_irq_data()
    - powerpc/perf: callchain validate kernel stack pointer bounds
    - powerpc/83xx/mpc832x_rdb: call platform_device_put() in error case in
      of_fsl_spi_probe()
    - powerpc/hv-gpci: Fix hv_gpci event list
    - selftests/powerpc: Fix resource leaks
    - iommu/sun50i: Remove IOMMU_DOMAIN_IDENTITY
    - pwm: sifive: Call pwm_sifive_update_clock() while mutex is held
    - pwm: mtk-disp: Fix the parameters calculated by the enabled flag of disp_pwm
    - pwm: mediatek: always use bus clock for PWM on MT7622
    - remoteproc: sysmon: fix memory leak in qcom_add_sysmon_subdev()
    - remoteproc: qcom: q6v5: Fix potential null-ptr-deref in
      q6v5_wcss_init_mmio()
    - remoteproc: qcom_q6v5_pas: disable wakeup on probe fail or remove
    - remoteproc: qcom_q6v5_pas: detach power domains on remove
    - remoteproc: qcom_q6v5_pas: Fix missing of_node_put() in
      adsp_alloc_memory_region()
    - remoteproc: qcom: q6v5: Fix missing clk_disable_unprepare() in
      q6v5_wcss_qcs404_power_on()
    - powerpc/eeh: Drop redundant spinlock initialization
    - powerpc/pseries/eeh: use correct API for error log size
    - mfd: bd957x: Fix Kconfig dependency on REGMAP_IRQ
    - mfd: qcom_rpm: Fix an error handling path in qcom_rpm_probe()
    - mfd: pm8008: Remove driver data structure pm8008_data
    - mfd: pm8008: Fix return value check in pm8008_probe()
    - netfilter: flowtable: really fix NAT IPv6 offload
    - rtc: st-lpc: Add missing clk_disable_unprepare in st_rtc_probe()
    - rtc: pic32: Move devm_rtc_allocate_device earlier in pic32_rtc_probe()
    - rtc: pcf85063: fix pcf85063_clkout_control
    - nfsd: under NFSv4.1, fix double svc_xprt_put on rpc_create failure
    - net: macsec: fix net device access prior to holding a lock
    - mISDN: hfcsusb: don't call dev_kfree_skb/kfree_skb() under
      spin_lock_irqsave()
    - mISDN: hfcpci: don't call dev_kfree_skb/kfree_skb() under
      spin_lock_irqsave()
    - mISDN: hfcmulti: don't call dev_kfree_skb/kfree_skb() under
      spin_lock_irqsave()
    - block, bfq: fix possible uaf for 'bfqq->bic'
    - net: enetc: avoid buffer leaks on xdp_do_redirect() failure
    - nfc: pn533: Clear nfc_target before being used
    - unix: Fix race in SOCK_SEQPACKET's unix_dgram_sendmsg()
    - r6040: Fix kmemleak in probe and remove
    - igc: Enhance Qbv scheduling by using first flag bit
    - igc: Use strict cycles for Qbv scheduling
    - igc: Add checking for basetime less than zero
    - igc: allow BaseTime 0 enrollment for Qbv
    - igc: recalculate Qbv end_time by considering cycle time
    - igc: Lift TAPRIO schedule restriction
    - igc: Set Qbv start_time and end_time to end_time if not being configured in
      GCL
    - rtc: mxc_v2: Add missing clk_disable_unprepare()
    - selftests: devlink: fix the fd redirect in dummy_reporter_test
    - openvswitch: Fix flow lookup to use unmasked key
    - soc: mediatek: pm-domains: Fix the power glitch issue
    - arm64: dts: mt8183: Fix Mali GPU clock
    - skbuff: Account for tail adjustment during pull operations
    - mailbox: mpfs: read the system controller's status
    - mailbox: arm_mhuv2: Fix return value check in mhuv2_probe()
    - mailbox: zynq-ipi: fix error handling while device_register() fails
    - net_sched: reject TCF_EM_SIMPLE case for complex ematch module
    - rxrpc: Fix missing unlock in rxrpc_do_sendmsg()
    - myri10ge: Fix an error handling path in myri10ge_probe()
    - net: stream: purge sk_error_queue in sk_stream_kill_queues()
    - HID: amd_sfh: Add missing check for dma_alloc_coherent
    - rcu: Fix __this_cpu_read() lockdep warning in rcu_force_quiescent_state()
    - arm64: make is_ttbrX_addr() noinstr-safe
    - video: hyperv_fb: Avoid taking busy spinlock on panic path
    - x86/hyperv: Remove unregister syscore call from Hyper-V cleanup
    - binfmt_misc: fix shift-out-of-bounds in check_special_flags
    - fs: jfs: fix shift-out-of-bounds in dbAllocAG
    - udf: Avoid double brelse() in udf_rename()
    - jfs: Fix fortify moan in symlink
    - fs: jfs: fix shift-out-of-bounds in dbDiscardAG
    - ACPICA: Fix error code path in acpi_ds_call_control_method()
    - nilfs2: fix shift-out-of-bounds/overflow in nilfs_sb2_bad_offset()
    - nilfs2: fix shift-out-of-bounds due to too large exponent of block size
    - acct: fix potential integer overflow in encode_comp_t()
    - hfs: fix OOB Read in __hfs_brec_find
    - drm/etnaviv: add missing quirks for GC300
    - media: imx-jpeg: Disable useless interrupt to avoid kernel panic
    - brcmfmac: return error when getting invalid max_flowrings from dongle
    - wifi: ath9k: verify the expected usb_endpoints are present
    - wifi: ar5523: Fix use-after-free on ar5523_cmd() timed out
    - ASoC: codecs: rt298: Add quirk for KBL-R RVP platform
    - ipmi: fix memleak when unload ipmi driver
    - drm/amd/display: prevent memory leak
    - Revert "drm/amd/display: Limit max DSC target bpp for specific monitors"
    - qed (gcc13): use u16 for fid to be big enough
    - bpf: make sure skb->len != 0 when redirecting to a tunneling device
    - net: ethernet: ti: Fix return type of netcp_ndo_start_xmit()
    - hamradio: baycom_epp: Fix return type of baycom_send_packet()
    - wifi: brcmfmac: Fix potential shift-out-of-bounds in
      brcmf_fw_alloc_request()
    - igb: Do not free q_vector unless new one was allocated
    - drm/amdgpu: Fix type of second parameter in trans_msg() callback
    - drm/amdgpu: Fix type of second parameter in odn_edit_dpm_table() callback
    - s390/ctcm: Fix return type of ctc{mp,}m_tx()
    - s390/netiucv: Fix return type of netiucv_tx()
    - s390/lcs: Fix return type of lcs_start_xmit()
    - drm/msm: Use drm_mode_copy()
    - drm/rockchip: Use drm_mode_copy()
    - drm/sti: Use drm_mode_copy()
    - drm/mediatek: Fix return type of mtk_hdmi_bridge_mode_valid()
    - drivers/md/md-bitmap: check the return value of md_bitmap_get_counter()
    - md/raid1: stop mdx_raid1 thread when raid1 array run failed
    - drm/amd/display: fix array index out of bound error in bios parser
    - net: add atomic_long_t to net_device_stats fields
    - ipv6/sit: use DEV_STATS_INC() to avoid data-races
    - mrp: introduce active flags to prevent UAF when applicant uninit
    - ppp: associate skb with a device at tx
    - bpf: Prevent decl_tag from being referenced in func_proto arg
    - ethtool: avoiding integer overflow in ethtool_phys_id()
    - media: dvb-frontends: fix leak of memory fw
    - media: dvbdev: adopts refcnt to avoid UAF
    - media: dvb-usb: fix memory leak in dvb_usb_adapter_init()
    - blk-mq: fix possible memleak when register 'hctx' failed
    - drm/amd/display: Use the largest vready_offset in pipe group
    - libbpf: Avoid enum forward-declarations in public API in C++ mode
    - regulator: core: fix use_count leakage when handling boot-on
    - wifi: mt76: do not run mt76u_status_worker if the device is not running
    - mmc: f-sdh30: Add quirks for broken timeout clock capability
    - mmc: renesas_sdhi: better reset from HS400 mode
    - media: si470x: Fix use-after-free in si470x_int_in_callback()
    - clk: st: Fix memory leak in st_of_quadfs_setup()
    - crypto: hisilicon/hpre - fix resource leak in remove process
    - scsi: lpfc: Fix hard lockup when reading the rx_monitor from debugfs
    - scsi: ufs: Reduce the START STOP UNIT timeout
    - scsi: elx: libefc: Fix second parameter type in state callbacks
    - hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param()
    - drm/fsl-dcu: Fix return type of fsl_dcu_drm_connector_mode_valid()
    - drm/sti: Fix return type of sti_{dvo,hda,hdmi}_connector_mode_valid()
    - orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string()
    - orangefs: Fix kmemleak in orangefs_{kernel,client}_debug_init()
    - tools/include: Add _RET_IP_ and math definitions to kernel.h
    - KVM: selftests: Fix build regression by using accessor function
    - hwmon: (jc42) Fix missing unlock on error in jc42_write()
    - ALSA/ASoC: hda: move/rename snd_hdac_ext_stop_streams to hdac_stream.c
    - ALSA: hda: add snd_hdac_stop_streams() helper
    - ASoC: Intel: Skylake: Fix driver hang during shutdown
    - ASoC: mediatek: mt8173-rt5650-rt5514: fix refcount leak in
      mt8173_rt5650_rt5514_dev_probe()
    - ASoC: audio-graph-card: fix refcount leak of cpu_ep in
      __graph_for_each_link()
    - ASoC: rockchip: pdm: Add missing clk_disable_unprepare() in
      rockchip_pdm_runtime_resume()
    - ASoC: mediatek: mt8183: fix refcount leak in
      mt8183_mt6358_ts3a227_max98357_dev_probe()
    - ASoC: wm8994: Fix potential deadlock
    - ASoC: rockchip: spdif: Add missing clk_disable_unprepare() in
      rk_spdif_runtime_resume()
    - ASoC: rt5670: Remove unbalanced pm_runtime_put()
    - drm/i915/display: Don't disable DDI/Transcoder when setting phy test pattern
    - LoadPin: Ignore the "contents" argument of the LSM hooks
    - pstore: Switch pmsg_lock to an rt_mutex to avoid priority inversion
    - perf debug: Set debug_peo_args and redirect_to_stderr variable to correct
      values in perf_quiet_option()
    - afs: Fix lost servers_outstanding count
    - pstore: Make sure CONFIG_PSTORE_PMSG selects CONFIG_RT_MUTEXES
    - ALSA: usb-audio: add the quirk for KT0206 device
    - ALSA: hda/realtek: Add quirk for Lenovo TianYi510Pro-14IOB
    - ALSA: hda/hdmi: Add HP Device 0x8711 to force connect list
    - usb: cdnsp: fix lack of ZLP for ep0
    - usb: xhci-mtk: fix leakage of shared hcd when fail to set wakeup irq
    - arm64: dts: qcom: sm8250: fix USB-DP PHY registers
    - usb: dwc3: Fix race between dwc3_set_mode and __dwc3_set_mode
    - usb: dwc3: core: defer probe on ulpi_read_id timeout
    - xhci: Prevent infinite loop in transaction errors recovery for streams
    - HID: wacom: Ensure bootloader PID is usable in hidraw mode
    - HID: mcp2221: don't connect hidraw
    - loop: Fix the max_loop commandline argument treatment when it is set to 0
    - 9p: set req refcount to zero to avoid uninitialized usage
    - security: Restrict CONFIG_ZERO_CALL_USED_REGS to gcc or clang > 15.0.6
    - reiserfs: Add missing calls to reiserfs_security_free()
    - iio: fix memory leak in iio_device_register_eventset()
    - iio: adc: ad_sigma_delta: do not use internal iio_dev lock
    - iio: adc128s052: add proper .data members in adc128_of_match table
    - regulator: core: fix deadlock on regulator enable
    - floppy: Fix memory leak in do_floppy_init()
    - gcov: add support for checksum field
    - fbdev: fbcon: release buffer when fbcon_do_set_font() failed
    - ovl: fix use inode directly in rcu-walk mode
    - btrfs: do not BUG_ON() on ENOMEM when dropping extent items for a range
    - scsi: qla2xxx: Fix crash when I/O abort times out
    - net: stmmac: fix errno when create_singlethread_workqueue() fails
    - media: dvbdev: fix build warning due to comments
    - media: dvbdev: fix refcnt bug
    - extcon: usbc-tusb320: Call the Type-C IRQ handler only if a port is
      registered
    - mfd: qcom_rpm: Use devm_of_platform_populate() to simplify code
    - pwm: tegra: Fix 32 bit build
    - Linux 5.15.86
  * Screen freeze after resuming from suspend (nvme0: I/O timeout)
    (LP: #1996048) // Jammy update: v5.15.86 upstream stable release
    (LP: #2005113)
    - PCI: vmd: Disable MSI remapping after suspend
  * CVE-2023-23559
    - wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
  * CVE-2023-0045
    - x86/bugs: Flush IBP in ib_prctl_set()
  * jammy/linux: 5.15.0-67.74 -proposed tracker (LP: #2008074)
  * [Inspiron 7590, Realtek ALC3254, Speaker, Internal] fails after a while
    (LP: #2007798)
    - Revert "ASoC: soc-pcm: Don't zero TDM masks in __soc_pcm_open()"

linux-aws-5.15 (5.15.0-1031.35~20.04.1) focal; urgency=medium

* focal/linux-aws-5.15: 5.15.0-1031.35~20.04.1 -proposed tracker
    (LP: #2004304)

[ Ubuntu: 5.15.0-1031.35 ]

* jammy/linux-aws: 5.15.0-1031.35 -proposed tracker (LP: #2004305)
  * Jammy update: v5.15.81 upstream stable release (LP: #2003130)
    - [Config] aws: Updates after rebase
  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2023.01.30)
  * Regression in ext4 during online resize (LP: #2003816)
    - ext4: fix bad checksum after online resize
    - ext4: fix corruption when online resizing a 1K bigalloc fs
    - SAUCE: Export ext4_superblock_csum function
    - ext4: fix corrupt backup group descriptors after online resize
  * cma alloc failure in large 5.15 arm instances (LP: #1990167)
    - [Config] aws: Disable CONFIG_CMA for arm64
  * RDMA Back port DMA buffer fix (LP: #2004807)
    - RDMA/core: Fix ib block iterator counter overflow
  * jammy/linux: 5.15.0-66.73 -proposed tracker (LP: #2004636)
  * CVE-2023-0461
    - SAUCE: Fix inet_csk_listen_start after CVE-2023-0461
  * jammy/linux: 5.15.0-65.72 -proposed tracker (LP: #2004344)
  * Packaging resync (LP: #1786013)
    - [Packaging] update variants
    - debian/dkms-versions -- update from kernel-versions (main/2023.01.30)
  * NFS: client permission error after adding user to permissible group
    (LP: #2003053)
    - NFS: Clear the file access cache upon login
    - NFS: Judge the file access cache's timestamp in rcu path
    - NFS: Fix up a sparse warning
  * Fix W6400 hang after resume of S3 stress (LP: #2000299)
    - drm/amd/display: Manually adjust strobe for DCN303
  * Rear Audio port sometimes has no audio output after reboot(Cirrus Logic)
    (LP: #1998905)
    - ALSA: hda/cirrus: Add extra 10 ms delay to allow PLL settle and lock.
  * CVE-2022-20369
    - NFSD: fix use-after-free in __nfs42_ssc_open()
  * CVE-2023-0461
    - net/ulp: prevent ULP without clone op from entering the LISTEN status
    - net/ulp: use consistent error code when blocking ULP
  * CVE-2023-0179
    - netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits
  * Jammy update: v5.15.85 upstream stable release (LP: #2003139)
    - udf: Discard preallocation before extending file with a hole
    - udf: Fix preallocation discarding at indirect extent boundary
    - udf: Do not bother looking for prealloc extents if i_lenExtents matches
      i_size
    - udf: Fix extending file within last block
    - usb: gadget: uvc: Prevent buffer overflow in setup handler
    - USB: serial: option: add Quectel EM05-G modem
    - USB: serial: cp210x: add Kamstrup RF sniffer PIDs
    - USB: serial: f81232: fix division by zero on line-speed change
    - USB: serial: f81534: fix division by zero on line-speed change
    - xhci: Apply XHCI_RESET_TO_DEFAULT quirk to ADL-N
    - igb: Initialize mailbox message for VF reset
    - usb: dwc3: pci: Update PCIe device ID for USB3 controller on CPU sub-system
      for Raptor Lake
    - HID: uclogic: Add HID_QUIRK_HIDINPUT_FORCE quirk
    - selftests: net: Use "grep -E" instead of "egrep"
    - net: loopback: use NET_NAME_PREDICTABLE for name_assign_type
    - Linux 5.15.85
  * Jammy update: v5.15.84 upstream stable release (LP: #2003137)
    - x86/vdso: Conditionally export __vdso_sgx_enter_enclave()
    - vfs: fix copy_file_range() averts filesystem freeze protection
    - ASoC: fsl_micfil: explicitly clear software reset bit
    - ASoC: fsl_micfil: explicitly clear CHnF flags
    - ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx()
    - libbpf: Use page size as max_entries when probing ring buffer map
    - pinctrl: meditatek: Startup with the IRQs disabled
    - can: sja1000: fix size of OCR_MODE_MASK define
    - can: mcba_usb: Fix termination command argument
    - net: fec: don't reset irq coalesce settings to defaults on "ip link up"
    - ASoC: cs42l51: Correct PGA Volume minimum value
    - perf: Fix perf_pending_task() UaF
    - nvme-pci: clear the prp2 field when not used
    - ASoC: ops: Correct bounds check for second channel on SX controls
    - net: fec: properly guard irq coalesce setup
    - Linux 5.15.84
  * Jammy update: v5.15.83 upstream stable release (LP: #2003134)
    - clk: generalize devm_clk_get() a bit
    - clk: Provide new devm_clk helpers for prepared and enabled clocks
    - mmc: mtk-sd: Fix missing clk_disable_unprepare in msdc_of_clock_parse()
    - arm64: dts: rockchip: keep I2S1 disabled for GPIO function on ROCK Pi 4
      series
    - arm: dts: rockchip: fix node name for hym8563 rtc
    - arm: dts: rockchip: remove clock-frequency from rtc
    - ARM: dts: rockchip: fix ir-receiver node names
    - arm64: dts: rockchip: fix ir-receiver node names
    - ARM: dts: rockchip: rk3188: fix lcdc1-rgb24 node name
    - fs: use acquire ordering in __fget_light()
    - ARM: 9251/1: perf: Fix stacktraces for tracepoint events in THUMB2 kernels
    - ARM: 9266/1: mm: fix no-MMU ZERO_PAGE() implementation
    - ASoC: wm8962: Wait for updated value of WM8962_CLOCKING1 register
    - spi: mediatek: Fix DEVAPC Violation at KO Remove
    - ARM: dts: rockchip: disable arm_global_timer on rk3066 and rk3188
    - ASoC: rt711-sdca: fix the latency time of clock stop prepare state machine
      transitions
    - 9p/fd: Use P9_HDRSZ for header size
    - regulator: slg51000: Wait after asserting CS pin
    - ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event
    - selftests/net: Find nettest in current directory
    - btrfs: send: avoid unaligned encoded writes when attempting to clone range
    - ASoC: soc-pcm: Add NULL check in BE reparenting
    - regulator: twl6030: fix get status of twl6032 regulators
    - fbcon: Use kzalloc() in fbcon_prepare_logo()
    - usb: dwc3: gadget: Disable GUSB2PHYCFG.SUSPHY for End Transfer
    - 9p/xen: check logical size for buffer size
    - net: usb: qmi_wwan: add u-blox 0x1342 composition
    - mm/khugepaged: take the right locks for page table retraction
    - mm/khugepaged: fix GUP-fast interaction by sending IPI
    - mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths
    - rtc: mc146818-lib: extract mc146818_avoid_UIP
    - rtc: cmos: avoid UIP when writing alarm time
    - rtc: cmos: avoid UIP when reading alarm time
    - cifs: fix use-after-free caused by invalid pointer `hostname`
    - drm/bridge: anx7625: Fix edid_read break case in sp_tx_edid_read()
    - xen/netback: do some code cleanup
    - xen/netback: don't call kfree_skb() with interrupts disabled
    - media: videobuf2-core: take mmap_lock in vb2_get_unmapped_area()
    - soundwire: intel: Initialize clock stop timeout
    - media: v4l2-dv-timings.c: fix too strict blanking sanity checks
    - memcg: fix possible use-after-free in memcg_write_event_control()
    - mm/gup: fix gup_pud_range() for dax
    - Bluetooth: btusb: Add debug message for CSR controllers
    - Bluetooth: Fix crash when replugging CSR fake controllers
    - net: mana: Fix race on per-CQ variable napi work_done
    - KVM: s390: vsie: Fix the initialization of the epoch extension (epdx) field
    - drm/vmwgfx: Don't use screen objects when SEV is active
    - drm/amdgpu/sdma_v4_0: turn off SDMA ring buffer in the s2idle suspend
    - drm/shmem-helper: Remove errant put in error path
    - drm/shmem-helper: Avoid vm_open error paths
    - net: dsa: sja1105: avoid out of bounds access in sja1105_init_l2_policing()
    - HID: usbhid: Add ALWAYS_POLL quirk for some mice
    - HID: hid-lg4ff: Add check for empty lbuf
    - HID: core: fix shift-out-of-bounds in hid_report_raw_event
    - HID: ite: Enable QUIRK_TOUCHPAD_ON_OFF_REPORT on Acer Aspire Switch V 10
    - can: af_can: fix NULL pointer dereference in can_rcv_filter
    - clk: Fix pointer casting to prevent oops in devm_clk_release()
    - gpiolib: improve coding style for local variables
    - gpiolib: check the 'ngpios' property in core gpiolib code
    - gpiolib: fix memory leak in gpiochip_setup_dev()
    - netfilter: nft_set_pipapo: Actually validate intervals in fields after the
      first one
    - drm/vmwgfx: Fix race issue calling pin_user_pages
    - ieee802154: cc2520: Fix error return code in cc2520_hw_init()
    - ca8210: Fix crash by zero initializing data
    - netfilter: ctnetlink: fix compilation warning after data race fixes in ct
      mark
    - drm/bridge: ti-sn65dsi86: Fix output polarity setting bug
    - gpio: amd8111: Fix PCI device reference count leak
    - e1000e: Fix TX dispatch condition
    - igb: Allocate MSI-X vector when testing
    - net: broadcom: Add PTP_1588_CLOCK_OPTIONAL dependency for BCMGENET under
      ARCH_BCM2835
    - drm: bridge: dw_hdmi: fix preference of RGB modes over YUV420
    - af_unix: Get user_ns from in_skb in unix_diag_get_exact().
    - vmxnet3: correctly report encapsulated LRO packet
    - vmxnet3: use correct intrConf reference when using extended queues
    - Bluetooth: 6LoWPAN: add missing hci_dev_put() in get_l2cap_conn()
    - Bluetooth: Fix not cleanup led when bt_init fails
    - net: dsa: ksz: Check return value
    - net: dsa: hellcreek: Check return value
    - net: dsa: sja1105: Check return value
    - selftests: rtnetlink: correct xfrm policy rule in kci_test_ipsec_offload
    - mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add()
    - net: encx24j600: Add parentheses to fix precedence
    - net: encx24j600: Fix invalid logic in reading of MISTAT register
    - net: mdiobus: fwnode_mdiobus_register_phy() rework error handling
    - net: mdiobus: fix double put fwnode in the error path
    - octeontx2-pf: Fix potential memory leak in otx2_init_tc()
    - xen-netfront: Fix NULL sring after live migration
    - net: mvneta: Prevent out of bounds read in mvneta_config_rss()
    - i40e: Fix not setting default xps_cpus after reset
    - i40e: Fix for VF MAC address 0
    - i40e: Disallow ip4 and ip6 l4_4_bytes
    - NFC: nci: Bounds check struct nfc_target arrays
    - nvme initialize core quirks before calling nvme_init_subsystem
    - gpio/rockchip: fix refcount leak in rockchip_gpiolib_register()
    - net: stmmac: fix "snps,axi-config" node property parsing
    - ip_gre: do not report erspan version on GRE interface
    - net: microchip: sparx5: Fix missing destroy_workqueue of mact_queue
    - net: thunderx: Fix missing destroy_workqueue of nicvf_rx_mode_wq
    - net: hisilicon: Fix potential use-after-free in hisi_femac_rx()
    - net: mdio: fix unbalanced fwnode reference count in mdio_device_release()
    - net: hisilicon: Fix potential use-after-free in hix5hd2_rx()
    - tipc: Fix potential OOB in tipc_link_proto_rcv()
    - ipv4: Fix incorrect route flushing when source address is deleted
    - ipv4: Fix incorrect route flushing when table ID 0 is used
    - net: dsa: sja1105: fix memory leak in sja1105_setup_devlink_regions()
    - tipc: call tipc_lxc_xmit without holding node_read_lock
    - ethernet: aeroflex: fix potential skb leak in greth_init_rings()
    - dpaa2-switch: Fix memory leak in dpaa2_switch_acl_entry_add() and
      dpaa2_switch_acl_entry_remove()
    - net: phy: mxl-gpy: fix version reporting
    - net: plip: don't call kfree_skb/dev_kfree_skb() under spin_lock_irq()
    - ipv6: avoid use-after-free in ip6_fragment()
    - net: thunderbolt: fix memory leak in tbnet_open()
    - net: mvneta: Fix an out of bounds check
    - macsec: add missing attribute validation for offload
    - s390/qeth: fix various format strings
    - s390/qeth: fix use-after-free in hsci
    - can: esd_usb: Allow REC and TEC to return to zero
    - block: move CONFIG_BLOCK guard to top Makefile
    - io_uring: move to separate directory
    - io_uring: Fix a null-ptr-deref in io_tctx_exit_cb()
    - Linux 5.15.83
  * 5.15.0-58.64 breaks xen bridge networking (pvh domU) (LP: #2002889) // Jammy
    update: v5.15.83 upstream stable release (LP: #2003134)
    - xen/netback: fix build warning
  * Jammy update: v5.15.82 upstream stable release (LP: #2003132)
    - arm64: mte: Avoid setting PG_mte_tagged if no tags cleared or restored
    - drm/i915: Create a dummy object for gen6 ppgtt
    - drm/i915/gt: Use i915_vm_put on ppgtt_create error paths
    - erofs: fix order >= MAX_ORDER warning due to crafted negative i_size
    - btrfs: sink iterator parameter to btrfs_ioctl_logical_to_ino
    - btrfs: free btrfs_path before copying inodes to userspace
    - spi: spi-imx: Fix spi_bus_clk if requested clock is higher than input clock
    - btrfs: move QUOTA_ENABLED check to rescan_should_stop from
      btrfs_qgroup_rescan_worker
    - btrfs: qgroup: fix sleep from invalid context bug in btrfs_qgroup_inherit()
    - drm/display/dp_mst: Fix drm_dp_mst_add_affected_dsc_crtcs() return code
    - drm/amdgpu: update drm_display_info correctly when the edid is read
    - drm/amdgpu: Partially revert "drm/amdgpu: update drm_display_info correctly
      when the edid is read"
    - iio: health: afe4403: Fix oob read in afe4403_read_raw
    - iio: health: afe4404: Fix oob read in afe4404_[read|write]_raw
    - iio: light: rpr0521: add missing Kconfig dependencies
    - bpf, perf: Use subprog name when reporting subprog ksymbol
    - scripts/faddr2line: Fix regression in name resolution on ppc64le
    - ARM: at91: rm9200: fix usb device clock id
    - libbpf: Handle size overflow for ringbuf mmap
    - hwmon: (ltc2947) fix temperature scaling
    - hwmon: (ina3221) Fix shunt sum critical calculation
    - hwmon: (i5500_temp) fix missing pci_disable_device()
    - hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails
    - bpf: Do not copy spin lock field from user in bpf_selem_alloc
    - nvmem: rmem: Fix return value check in rmem_read()
    - of: property: decrement node refcount in of_fwnode_get_reference_args()
    - ixgbevf: Fix resource leak in ixgbevf_init_module()
    - i40e: Fix error handling in i40e_init_module()
    - fm10k: Fix error handling in fm10k_init_module()
    - iavf: remove redundant ret variable
    - iavf: Fix error handling in iavf_init_module()
    - e100: Fix possible use after free in e100_xmit_prepare
    - net/mlx5: DR, Fix uninitialized var warning
    - net/mlx5: Fix uninitialized variable bug in outlen_write()
    - net/mlx5e: Fix use-after-free when reverting termination table
    - can: sja1000_isa: sja1000_isa_probe(): add missing free_sja1000dev()
    - can: cc770: cc770_isa_probe(): add missing free_cc770dev()
    - can: etas_es58x: es58x_init_netdev(): free netdev when register_candev()
    - can: m_can: pci: add missing m_can_class_free_dev() in probe/remove methods
    - can: m_can: Add check for devm_clk_get
    - qlcnic: fix sleep-in-atomic-context bugs caused by msleep
    - aquantia: Do not purge addresses when setting the number of rings
    - wifi: cfg80211: fix buffer overflow in elem comparison
    - wifi: cfg80211: don't allow multi-BSSID in S1G
    - wifi: mac8021: fix possible oob access in ieee80211_get_rate_duration
    - net: phy: fix null-ptr-deref while probe() failed
    - net: ethernet: ti: am65-cpsw: fix error handling in am65_cpsw_nuss_probe()
    - net: net_netdev: Fix error handling in ntb_netdev_init_module()
    - net/9p: Fix a potential socket leak in p9_socket_open
    - net: ethernet: nixge: fix NULL dereference
    - net: wwan: iosm: fix kernel test robot reported error
    - net: wwan: iosm: fix dma_alloc_coherent incompatible pointer type
    - dsa: lan9303: Correct stat name
    - tipc: re-fetch skb cb after tipc_msg_validate
    - net: hsr: Fix potential use-after-free
    - net: mdiobus: fix unbalanced node reference count
    - afs: Fix fileserver probe RTT handling
    - net: tun: Fix use-after-free in tun_detach()
    - packet: do not set TP_STATUS_CSUM_VALID on CHECKSUM_COMPLETE
    - sctp: fix memory leak in sctp_stream_outq_migrate()
    - net: ethernet: renesas: ravb: Fix promiscuous mode after system resumed
    - hwmon: (coretemp) Check for null before removing sysfs attrs
    - hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new()
    - riscv: vdso: fix section overlapping under some conditions
    - riscv: mm: Proper page permissions after initmem free
    - ALSA: dice: fix regression for Lexicon I-ONIX FW810S
    - error-injection: Add prompt for function error injection
    - tools/vm/slabinfo-gnuplot: use "grep -E" instead of "egrep"
    - nilfs2: fix NULL pointer dereference in nilfs_palloc_commit_free_entry()
    - x86/bugs: Make sure MSR_SPEC_CTRL is updated properly upon resume from S3
    - pinctrl: intel: Save and restore pins in "direct IRQ" mode
    - v4l2: don't fall back to follow_pfn() if pin_user_pages_fast() fails
    - net: stmmac: Set MAC's flow control register to reflect current settings
    - mmc: mmc_test: Fix removal of debugfs file
    - mmc: core: Fix ambiguous TRIM and DISCARD arg
    - mmc: sdhci-esdhc-imx: correct CQHCI exit halt state check
    - mmc: sdhci-sprd: Fix no reset data and command after voltage switch
    - mmc: sdhci: Fix voltage switch delay
    - drm/amdgpu: temporarily disable broken Clang builds due to blown stack-frame
    - drm/amdgpu: enable Vangogh VCN indirect sram mode
    - drm/i915: Fix negative value passed as remaining time
    - drm/i915: Never return 0 if not all requests retired
    - tracing/osnoise: Fix duration type
    - tracing: Fix race where histograms can be called before the event
    - tracing: Free buffers when a used dynamic event is removed
    - io_uring: update res mask in io_poll_check_events
    - io_uring: fix tw losing poll events
    - io_uring: cmpxchg for poll arm refs release
    - io_uring: make poll refs more robust
    - io_uring/poll: fix poll_refs race with cancelation
    - KVM: x86/mmu: Fix race condition in direct_page_fault
    - ASoC: ops: Fix bounds check for _sx controls
    - pinctrl: single: Fix potential division by zero
    - riscv: Sync efi page table's kernel mappings before switching
    - riscv: fix race when vmap stack overflow
    - riscv: kexec: Fixup irq controller broken in kexec crash path
    - nvme: fix SRCU protection of nvme_ns_head list
    - iommu/vt-d: Fix PCI device refcount leak in has_external_pci()
    - iommu/vt-d: Fix PCI device refcount leak in dmar_dev_scope_init()
    - mm: __isolate_lru_page_prepare() in isolate_migratepages_block()
    - mm: migrate: fix THP's mapcount on isolation
    - parisc: Increase FRAME_WARN to 2048 bytes on parisc
    - Kconfig.debug: provide a little extra FRAME_WARN leeway when KASAN is
      enabled
    - selftests: net: add delete nexthop route warning test
    - selftests: net: fix nexthop warning cleanup double ip typo
    - ipv4: Handle attempt to delete multipath route when fib_info contains an nh
      reference
    - ipv4: Fix route deletion when nexthop info is not specified
    - serial: stm32: Factor out GPIO RTS toggling into separate function
    - serial: stm32: Use TC interrupt to deassert GPIO RTS in RS485 mode
    - serial: stm32: Deassert Transmit Enable on ->rs485_config()
    - i2c: npcm7xx: Fix error handling in npcm_i2c_init()
    - i2c: imx: Only DMA messages with I2C_M_DMA_SAFE flag set
    - ACPI: HMAT: remove unnecessary variable initialization
    - ACPI: HMAT: Fix initiator registration for single-initiator systems
    - Revert "clocksource/drivers/riscv: Events are stopped during CPU suspend"
    - char: tpm: Protect tpm_pm_suspend with locks
    - Input: raydium_ts_i2c - fix memory leak in raydium_i2c_send()
    - ipc/sem: Fix dangling sem_array access in semtimedop race
    - Linux 5.15.82
  * Jammy update: v5.15.81 upstream stable release (LP: #2003130)
    - ASoC: fsl_sai: use local device pointer
    - ASoC: fsl_asrc fsl_esai fsl_sai: allow CONFIG_PM=N
    - serial: Add rs485_supported to uart_port
    - serial: fsl_lpuart: Fill in rs485_supported
    - tty: serial: fsl_lpuart: don't break the on-going transfer when global reset
    - sctp: remove the unnecessary sinfo_stream check in sctp_prsctp_prune_unsent
    - sctp: clear out_curr if all frag chunks of current msg are pruned
    - cifs: introduce new helper for cifs_reconnect()
    - cifs: split out dfs code from cifs_reconnect()
    - cifs: support nested dfs links over reconnect
    - cifs: Fix connections leak when tlink setup failed
    - ata: libata-scsi: simplify __ata_scsi_queuecmd()
    - ata: libata-core: do not issue non-internal commands once EH is pending
    - drm/display: Don't assume dual mode adaptors support i2c sub-addressing
    - nvme-pci: add NVME_QUIRK_BOGUS_NID for Micron Nitro
    - nvme-pci: disable namespace identifiers for the MAXIO MAP1001
    - nvme-pci: disable write zeroes on various Kingston SSD
    - nvme-pci: add NVME_QUIRK_BOGUS_NID for Netac NV7000
    - iio: ms5611: Simplify IO callback parameters
    - iio: pressure: ms5611: fixed value compensation bug
    - ceph: do not update snapshot context when there is no new snapshot
    - ceph: avoid putting the realm twice when decoding snaps fails
    - x86/sgx: Create utility to validate user provided offset and length
    - x86/sgx: Add overflow check in sgx_validate_offset_length()
    - binder: validate alloc->mm in ->mmap() handler
    - ceph: Use kcalloc for allocating multiple elements
    - ceph: fix NULL pointer dereference for req->r_session
    - wifi: mac80211: fix memory free error when registering wiphy fail
    - wifi: mac80211_hwsim: fix debugfs attribute ps with rc table support
    - riscv: dts: sifive unleashed: Add PWM controlled LEDs
    - audit: fix undefined behavior in bit shift for AUDIT_BIT
    - wifi: airo: do not assign -1 to unsigned char
    - wifi: mac80211: Fix ack frame idr leak when mesh has no route
    - wifi: ath11k: Fix QCN9074 firmware boot on x86
    - spi: stm32: fix stm32_spi_prepare_mbr() that halves spi clk for every run
    - selftests/bpf: Add verifier test for release_reference()
    - Revert "net: macsec: report real_dev features when HW offloading is enabled"
    - platform/x86: ideapad-laptop: Disable touchpad_switch
    - platform/x86: touchscreen_dmi: Add info for the RCA Cambio W101 v2 2-in-1
    - platform/x86/intel/pmt: Sapphire Rapids PMT errata fix
    - platform/x86/intel/hid: Add some ACPI device IDs
    - scsi: ibmvfc: Avoid path failures during live migration
    - scsi: scsi_debug: Make the READ CAPACITY response compliant with ZBC
    - drm: panel-orientation-quirks: Add quirk for Acer Switch V 10 (SW5-017)
    - block, bfq: fix null pointer dereference in bfq_bio_bfqg()
    - arm64/syscall: Include asm/ptrace.h in syscall_wrapper header.
    - nvmet: fix memory leak in nvmet_subsys_attr_model_store_locked
    - Revert "drm/amdgpu: Revert "drm/amdgpu: getting fan speed pwm for vega10
      properly""
    - ALSA: usb-audio: add quirk to fix Hamedal C20 disconnect issue
    - RISC-V: vdso: Do not add missing symbols to version section in linker script
    - MIPS: pic32: treat port as signed integer
    - xfrm: fix "disable_policy" on ipv4 early demux
    - xfrm: replay: Fix ESN wrap around for GSO
    - af_key: Fix send_acquire race with pfkey_register
    - ARM: dts: am335x-pcm-953: Define fixed regulators in root node
    - ASoC: hdac_hda: fix hda pcm buffer overflow issue
    - ASoC: sgtl5000: Reset the CHIP_CLK_CTRL reg on remove
    - ASoC: soc-pcm: Don't zero TDM masks in __soc_pcm_open()
    - x86/hyperv: Restore VP assist page after cpu offlining/onlining
    - scsi: storvsc: Fix handling of srb_status and capacity change events
    - ASoC: max98373: Add checks for devm_kcalloc
    - regulator: core: fix kobject release warning and memory leak in
      regulator_register()
    - spi: dw-dma: decrease reference count in dw_spi_dma_init_mfld()
    - regulator: core: fix UAF in destroy_regulator()
    - bus: sunxi-rsb: Remove the shutdown callback
    - bus: sunxi-rsb: Support atomic transfers
    - tee: optee: fix possible memory leak in optee_register_device()
    - ARM: dts: at91: sam9g20ek: enable udc vbus gpio pinctrl
    - selftests: mptcp: more stable simult_flows tests
    - selftests: mptcp: fix mibit vs mbit mix up
    - net: liquidio: simplify if expression
    - rxrpc: Allow list of in-use local UDP endpoints to be viewed in /proc
    - rxrpc: Use refcount_t rather than atomic_t
    - rxrpc: Fix race between conn bundle lookup and bundle removal [ZDI-
      CAN-15975]
    - net: dsa: sja1105: disallow C45 transactions on the BASE-TX MDIO bus
    - nfc/nci: fix race with opening and closing
    - net: pch_gbe: fix potential memleak in pch_gbe_tx_queue()
    - 9p/fd: fix issue of list_del corruption in p9_fd_cancel()
    - netfilter: conntrack: Fix data-races around ct mark
    - netfilter: nf_tables: do not set up extensions for end interval
    - iavf: Fix a crash during reset task
    - iavf: Do not restart Tx queues after reset task failure
    - iavf: Fix race condition between iavf_shutdown and iavf_remove
    - ARM: mxs: fix memory leak in mxs_machine_init()
    - ARM: dts: imx6q-prti6q: Fix ref/tcxo-clock-frequency properties
    - net: ethernet: mtk_eth_soc: fix error handling in mtk_open()
    - net/mlx4: Check retval of mlx4_bitmap_init
    - net: mvpp2: fix possible invalid pointer dereference
    - net/qla3xxx: fix potential memleak in ql3xxx_send()
    - octeontx2-af: debugsfs: fix pci device refcount leak
    - net: pch_gbe: fix pci device refcount leak while module exiting
    - nfp: fill splittable of devlink_port_attrs correctly
    - nfp: add port from netdev validation for EEPROM access
    - macsec: Fix invalid error code set
    - Drivers: hv: vmbus: fix double free in the error path of
      vmbus_add_channel_work()
    - Drivers: hv: vmbus: fix possible memory leak in vmbus_device_register()
    - netfilter: ipset: regression in ip_set_hash_ip.c
    - net/mlx5: Do not query pci info while pci disabled
    - net/mlx5: Fix FW tracer timestamp calculation
    - net/mlx5: Fix handling of entry refcount when command is not issued to FW
    - tipc: set con sock in tipc_conn_alloc
    - tipc: add an extra conn_get in tipc_conn_alloc
    - tipc: check skb_linearize() return value in tipc_disc_rcv()
    - xfrm: Fix oops in __xfrm_state_delete()
    - xfrm: Fix ignored return value in xfrm6_init()
    - net: wwan: iosm: use ACPI_FREE() but not kfree() in ipc_pcie_read_bios_cfg()
    - sfc: fix potential memleak in __ef100_hard_start_xmit()
    - net: sparx5: fix error handling in sparx5_port_open()
    - net: sched: allow act_ct to be built without NF_NAT
    - NFC: nci: fix memory leak in nci_rx_data_packet()
    - regulator: twl6030: re-add TWL6032_SUBCLASS
    - bnx2x: fix pci device refcount leak in bnx2x_vf_is_pcie_pending()
    - dma-buf: fix racing conflict of dma_heap_add()
    - netfilter: ipset: restore allowing 64 clashing elements in hash:net,iface
    - netfilter: flowtable_offload: add missing locking
    - fs: do not update freeing inode i_io_list
    - dccp/tcp: Reset saddr on failure after inet6?_hash_connect().
    - ipv4: Fix error return code in fib_table_insert()
    - arcnet: fix potential memory leak in com20020_probe()
    - s390/dasd: fix no record found for raw_track_access
    - nfc: st-nci: fix incorrect validating logic in EVT_TRANSACTION
    - nfc: st-nci: fix memory leaks in EVT_TRANSACTION
    - nfc: st-nci: fix incorrect sizing calculations in EVT_TRANSACTION
    - net: enetc: manage ENETC_F_QBV in priv->active_offloads only when enabled
    - net: enetc: cache accesses to &priv->si->hw
    - net: enetc: preserve TX ring priority across reconfiguration
    - octeontx2-pf: Add check for devm_kcalloc
    - octeontx2-af: Fix reference count issue in rvu_sdp_init()
    - net: thunderx: Fix the ACPI memory leak
    - s390/crashdump: fix TOD programmable field size
    - lib/vdso: use "grep -E" instead of "egrep"
    - [Config] updateconfigs for CC_HAS_ASM_GOTO_TIED_OUTPUT
    - init/Kconfig: fix CC_HAS_ASM_GOTO_TIED_OUTPUT test with dash
    - nios2: add FORCE for vmlinuz.gz
    - mmc: sdhci-brcmstb: Re-organize flags
    - mmc: sdhci-brcmstb: Enable Clock Gating to save power
    - mmc: sdhci-brcmstb: Fix SDHCI_RESET_ALL for CQHCI
    - KVM: arm64: pkvm: Fixup boot mode to reflect that the kernel resumes from
      EL1
    - usb: dwc3: exynos: Fix remove() function
    - usb: cdnsp: Fix issue with Clear Feature Halt Endpoint
    - usb: cdnsp: fix issue with ZLP - added TD_SIZE = 1
    - ext4: fix use-after-free in ext4_ext_shift_extents
    - arm64: dts: rockchip: lower rk3399-puma-haikou SD controller clock frequency
    - iio: light: apds9960: fix wrong register for gesture gain
    - iio: core: Fix entry not deleted when iio_register_sw_trigger_type() fails
    - bus: ixp4xx: Don't touch bit 7 on IXP42x
    - usb: dwc3: gadget: conditionally remove requests
    - usb: dwc3: gadget: Return -ESHUTDOWN on ep disable
    - usb: dwc3: gadget: Clear ep descriptor last
    - nilfs2: fix nilfs_sufile_mark_dirty() not set segment usage as dirty
    - gcov: clang: fix the buffer overflow issue
    - mm: vmscan: fix extreme overreclaim and swap floods
    - KVM: x86: nSVM: leave nested mode on vCPU free
    - KVM: x86: forcibly leave nested mode on vCPU reset
    - KVM: x86: nSVM: harden svm_free_nested against freeing vmcb02 while still in
      use
    - KVM: x86: add kvm_leave_nested
    - KVM: x86: remove exit_int_info warning in svm_handle_exit
    - x86/tsx: Add a feature bit for TSX control MSR support
    - x86/pm: Add enumeration check before spec MSRs save/restore setup
    - x86/ioremap: Fix page aligned size calculation in __ioremap_caller()
    - Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI mode
    - ASoC: Intel: bytcht_es8316: Add quirk for the Nanote UMPC-01
    - tools: iio: iio_generic_buffer: Fix read size
    - serial: 8250: 8250_omap: Avoid RS485 RTS glitch on ->set_termios()
    - Input: goodix - try resetting the controller when no config is set
    - Input: soc_button_array - add use_low_level_irq module parameter
    - Input: soc_button_array - add Acer Switch V 10 to dmi_use_low_level_irq[]
    - Input: i8042 - apply probe defer to more ASUS ZenBook models
    - ASoC: stm32: dfsdm: manage cb buffers cleanup
    - xen-pciback: Allow setting PCI_MSIX_FLAGS_MASKALL too
    - xen/platform-pci: add missing free_irq() in error path
    - platform/x86: asus-wmi: add missing pci_dev_put() in asus_wmi_set_xusb2pr()
    - platform/x86: acer-wmi: Enable SW_TABLET_MODE on Switch V 10 (SW5-017)
    - drm/amdgpu: disable BACO support on more cards
    - zonefs: fix zone report size in __zonefs_io_error()
    - platform/x86: hp-wmi: Ignore Smart Experience App event
    - platform/x86: ideapad-laptop: Fix interrupt storm on fn-lock toggle on some
      Yoga laptops
    - [Config] updateconfigs for INET_TABLE_PERTURB_ORDER
    - tcp: configurable source port perturb table size
    - net: usb: qmi_wwan: add Telit 0x103a composition
    - scsi: iscsi: Fix possible memory leak when device_register() failed
    - gpu: host1x: Avoid trying to use GART on Tegra20
    - dm integrity: flush the journal on suspend
    - dm integrity: clear the journal on suspend
    - fuse: lock inode unconditionally in fuse_fallocate()
    - wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_OPER_CHANNEL attribute
    - wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_CHANNEL_LIST attribute
    - wifi: wilc1000: validate number of channels
    - genirq/msi: Shutdown managed interrupts with unsatifiable affinities
    - genirq: Always limit the affinity to online CPUs
    - irqchip/gic-v3: Always trust the managed affinity provided by the core code
    - genirq: Take the proposed affinity at face value if force==true
    - btrfs: free btrfs_path before copying root refs to userspace
    - btrfs: free btrfs_path before copying fspath to userspace
    - btrfs: free btrfs_path before copying subvol info to userspace
    - btrfs: zoned: fix missing endianness conversion in sb_write_pointer
    - btrfs: use kvcalloc in btrfs_get_dev_zone_info
    - btrfs: sysfs: normalize the error handling branch in btrfs_init_sysfs()
    - drm/amd/dc/dce120: Fix audio register mapping, stop triggering KASAN
    - drm/amd/display: No display after resume from WB/CB
    - drm/amdgpu: Enable Aldebaran devices to report CU Occupancy
    - drm/amdgpu: always register an MMU notifier for userptr
    - cifs: fix missed refcounting of ipc tcon
    - Linux 5.15.81
  * Jammy update: v5.15.80 upstream stable release (LP: #2003122)
    - mm: hwpoison: refactor refcount check handling
    - mm: hwpoison: handle non-anonymous THP correctly
    - mm: shmem: don't truncate page if memory failure happens
    - ASoC: wm5102: Revert "ASoC: wm5102: Fix PM disable depth imbalance in
      wm5102_probe"
    - ASoC: wm5110: Revert "ASoC: wm5110: Fix PM disable depth imbalance in
      wm5110_probe"
    - ASoC: wm8997: Revert "ASoC: wm8997: Fix PM disable depth imbalance in
      wm8997_probe"
    - ASoC: mt6660: Keep the pm_runtime enables before component stuff in
      mt6660_i2c_probe
    - ASoC: rt1019: Fix the TDM settings
    - ASoC: wm8962: Add an event handler for TEMP_HP and TEMP_SPK
    - spi: intel: Fix the offset to get the 64K erase opcode
    - ASoC: codecs: jz4725b: add missed Line In power control bit
    - ASoC: codecs: jz4725b: fix reported volume for Master ctl
    - ASoC: codecs: jz4725b: use right control for Capture Volume
    - ASoC: codecs: jz4725b: fix capture selector naming
    - ASoC: Intel: sof_sdw: add quirk variant for LAPBC710 NUC15
    - selftests/futex: fix build for clang
    - selftests/intel_pstate: fix build for ARCH=x86_64
    - ASoC: rt1308-sdw: add the default value of some registers
    - drm/amd/display: Remove wrong pipe control lock
    - ACPI: scan: Add LATT2021 to acpi_ignore_dep_ids[]
    - RDMA/efa: Add EFA 0xefa2 PCI ID
    - btrfs: raid56: properly handle the error when unable to find the missing
      stripe
    - NFSv4: Retry LOCK on OLD_STATEID during delegation return
    - ACPI: x86: Add another system to quirk list for forcing StorageD3Enable
    - firmware: arm_scmi: Cleanup the core driver removal callback
    - i2c: tegra: Allocate DMA memory for DMA engine
    - i2c: i801: add lis3lv02d's I2C address for Vostro 5568
    - drm/imx: imx-tve: Fix return type of imx_tve_connector_mode_valid
    - btrfs: remove pointless and double ulist frees in error paths of qgroup
      tests
    - x86/cpu: Add several Intel server CPU model numbers
    - ASoC: codecs: jz4725b: Fix spelling mistake "Sourc" -> "Source", "Routee" ->
      "Route"
    - mtd: spi-nor: intel-spi: Disable write protection only if asked
    - spi: intel: Use correct mask for flash and protected regions
    - KVM: x86/pmu: Do not speculatively query Intel GP PMCs that don't exist yet
    - hugetlbfs: don't delete error page from pagecache
    - arm64: dts: qcom: sa8155p-adp: Specify which LDO modes are allowed
    - arm64: dts: qcom: sm8150-xperia-kumano: Specify which LDO modes are allowed
    - arm64: dts: qcom: sm8250-xperia-edo: Specify which LDO modes are allowed
    - arm64: dts: qcom: sm8350-hdk: Specify which LDO modes are allowed
    - spi: stm32: Print summary 'callbacks suppressed' message
    - ARM: dts: at91: sama7g5: fix signal name of pin PB2
    - ASoC: core: Fix use-after-free in snd_soc_exit()
    - ASoC: tas2770: Fix set_tdm_slot in case of single slot
    - ASoC: tas2764: Fix set_tdm_slot in case of single slot
    - ARM: at91: pm: avoid soft resetting AC DLL
    - serial: 8250: omap: Fix missing PM runtime calls for omap8250_set_mctrl()
    - serial: 8250_omap: remove wait loop from Errata i202 workaround
    - serial: 8250: omap: Fix unpaired pm_runtime_put_sync() in omap8250_remove()
    - serial: 8250: omap: Flush PM QOS work on remove
    - serial: imx: Add missing .thaw_noirq hook
    - tty: n_gsm: fix sleep-in-atomic-context bug in gsm_control_send
    - bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb()
    - ASoC: soc-utils: Remove __exit for snd_soc_util_exit()
    - pinctrl: rockchip: list all pins in a possible mux route for PX30
    - scsi: scsi_transport_sas: Fix error handling in sas_phy_add()
    - block: sed-opal: kmalloc the cmd/resp buffers
    - bpf: Fix memory leaks in __check_func_call
    - arm64: Fix bit-shifting UB in the MIDR_CPU_MODEL() macro
    - siox: fix possible memory leak in siox_device_add()
    - parport_pc: Avoid FIFO port location truncation
    - pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map
    - drm/vc4: kms: Fix IS_ERR() vs NULL check for vc4_kms
    - drm/panel: simple: set bpc field for logic technologies displays
    - drm/drv: Fix potential memory leak in drm_dev_init()
    - drm: Fix potential null-ptr-deref in drm_vblank_destroy_worker()
    - arm64: dts: imx8mm: Fix NAND controller size-cells
    - arm64: dts: imx8mn: Fix NAND controller size-cells
    - ata: libata-transport: fix double ata_host_put() in ata_tport_add()
    - ata: libata-transport: fix error handling in ata_tport_add()
    - ata: libata-transport: fix error handling in ata_tlink_add()
    - ata: libata-transport: fix error handling in ata_tdev_add()
    - nfp: change eeprom length to max length enumerators
    - MIPS: fix duplicate definitions for exported symbols
    - MIPS: Loongson64: Add WARN_ON on kexec related kmalloc failed
    - bpf: Initialize same number of free nodes for each pcpu_freelist
    - net: bgmac: Drop free_netdev() from bgmac_enet_remove()
    - mISDN: fix possible memory leak in mISDN_dsp_element_register()
    - net: hinic: Fix error handling in hinic_module_init()
    - net: stmmac: ensure tx function is not running in stmmac_xdp_release()
    - soc: imx8m: Enable OCOTP clock before reading the register
    - net: liquidio: release resources when liquidio driver open failed
    - mISDN: fix misuse of put_device() in mISDN_register_device()
    - net: macvlan: Use built-in RCU list checking
    - net: caif: fix double disconnect client in chnl_net_open()
    - bnxt_en: Remove debugfs when pci_register_driver failed
    - net: mhi: Fix memory leak in mhi_net_dellink()
    - net: dsa: make dsa_master_ioctl() see through port_hwtstamp_get() shims
    - xen/pcpu: fix possible memory leak in register_pcpu()
    - net: ionic: Fix error handling in ionic_init_module()
    - net: ena: Fix error handling in ena_init()
    - net: hns3: fix setting incorrect phy link ksettings for firmware in
      resetting process
    - bridge: switchdev: Fix memory leaks when changing VLAN protocol
    - drbd: use after free in drbd_create_device()
    - platform/x86/intel: pmc: Don't unconditionally attach Intel PMC when
      virtualized
    - platform/surface: aggregator: Do not check for repeated unsequenced packets
    - cifs: add check for returning value of SMB2_close_init
    - net: ag71xx: call phylink_disconnect_phy if ag71xx_hw_enable() fail in
      ag71xx_open()
    - net/x25: Fix skb leak in x25_lapb_receive_frame()
    - cifs: Fix wrong return value checking when GETFLAGS
    - net: microchip: sparx5: Fix potential null-ptr-deref in sparx_stats_init()
      and sparx5_start()
    - net: thunderbolt: Fix error handling in tbnet_init()
    - cifs: add check for returning value of SMB2_set_info_init
    - ftrace: Fix the possible incorrect kernel message
    - ftrace: Optimize the allocation for mcount entries
    - ftrace: Fix null pointer dereference in ftrace_add_mod()
    - ring_buffer: Do not deactivate non-existant pages
    - tracing: Fix memory leak in tracing_read_pipe()
    - tracing/ring-buffer: Have polling block on watermark
    - tracing: Fix memory leak in test_gen_synth_cmd() and
      test_empty_synth_event()
    - tracing: Fix wild-memory-access in register_synth_event()
    - tracing: Fix race where eprobes can be called before the event
    - tracing: kprobe: Fix potential null-ptr-deref on trace_event_file in
      kprobe_event_gen_test_exit()
    - tracing: kprobe: Fix potential null-ptr-deref on trace_array in
      kprobe_event_gen_test_exit()
    - drm/amd/display: Add HUBP surface flip interrupt handler
    - ALSA: usb-audio: Drop snd_BUG_ON() from snd_usbmidi_output_open()
    - ALSA: hda/realtek: fix speakers for Samsung Galaxy Book Pro
    - ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360
    - Revert "usb: dwc3: disable USB core PHY management"
    - slimbus: qcom-ngd: Fix build error when CONFIG_SLIM_QCOM_NGD_CTRL=y &&
      CONFIG_QCOM_RPROC_COMMON=m
    - slimbus: stream: correct presence rate frequencies
    - speakup: fix a segfault caused by switching consoles
    - USB: bcma: Make GPIO explicitly optional
    - USB: serial: option: add Sierra Wireless EM9191
    - USB: serial: option: remove old LARA-R6 PID
    - USB: serial: option: add u-blox LARA-R6 00B modem
    - USB: serial: option: add u-blox LARA-L6 modem
    - USB: serial: option: add Fibocom FM160 0x0111 composition
    - usb: add NO_LPM quirk for Realforce 87U Keyboard
    - usb: chipidea: fix deadlock in ci_otg_del_timer
    - usb: cdns3: host: fix endless superspeed hub port reset
    - usb: typec: mux: Enter safe mode only when pins need to be reconfigured
    - iio: adc: at91_adc: fix possible memory leak in at91_adc_allocate_trigger()
    - iio: trigger: sysfs: fix possible memory leak in iio_sysfs_trig_init()
    - iio: adc: mp2629: fix wrong comparison of channel
    - iio: adc: mp2629: fix potential array out of bound access
    - iio: pressure: ms5611: changed hardcoded SPI speed to value limited
    - dm ioctl: fix misbehavior if list_versions races with module loading
    - serial: 8250: Fall back to non-DMA Rx if IIR_RDI occurs
    - serial: 8250: Flush DMA Rx on RLSI
    - serial: 8250_lpss: Configure DMA also w/o DMA filter
    - Input: iforce - invert valid length check when fetching device IDs
    - maccess: Fix writing offset in case of fault in
      strncpy_from_kernel_nofault()
    - net: phy: marvell: add sleep time after enabling the loopback bit
    - scsi: zfcp: Fix double free of FSF request when qdio send fails
    - iommu/vt-d: Preset Access bit for IOVA in FL non-leaf paging entries
    - iommu/vt-d: Set SRE bit only when hardware has SRS cap
    - firmware: coreboot: Register bus in module init
    - mmc: core: properly select voltage range without power cycle
    - mmc: sdhci-pci-o2micro: fix card detect fail issue caused by CD# debounce
      timeout
    - mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put()
    - docs: update mediator contact information in CoC doc
    - misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()
    - perf/x86/intel/pt: Fix sampling using single range output
    - nvme: restrict management ioctls to admin
    - nvme: ensure subsystem reset is single threaded
    - serial: 8250_lpss: Use 16B DMA burst with Elkhart Lake
    - perf: Improve missing SIGTRAP checking
    - ring-buffer: Include dropped pages in counting dirty patches
    - tracing: Fix warning on variable 'struct trace_array'
    - net: use struct_group to copy ip/ipv6 header addresses
    - scsi: target: tcm_loop: Fix possible name leak in tcm_loop_setup_hba_bus()
    - scsi: scsi_debug: Fix possible UAF in sdebug_add_host_helper()
    - kprobes: Skip clearing aggrprobe's post_handler in kprobe-on-ftrace case
    - Input: i8042 - fix leaking of platform device on module removal
    - macvlan: enforce a consistent minimal mtu
    - tcp: cdg: allow tcp_cdg_release() to be called multiple times
    - kcm: avoid potential race in kcm_tx_work
    - kcm: close race conditions on sk_receive_queue
    - 9p: trans_fd/p9_conn_cancel: drop client lock earlier
    - gfs2: Check sb_bsize_shift after reading superblock
    - gfs2: Switch from strlcpy to strscpy
    - 9p/trans_fd: always use O_NONBLOCK read/write
    - wifi: wext: use flex array destination for memcpy()
    - mm: fs: initialize fsdata passed to write_begin/write_end interface
    - net/9p: use a dedicated spinlock for trans_fd
    - ntfs: fix use-after-free in ntfs_attr_find()
    - ntfs: fix out-of-bounds read in ntfs_attr_find()
    - ntfs: check overflow when iterating ATTR_RECORDs
    - Linux 5.15.80
  * CVE-2022-4139
    - drm/i915: fix TLB invalidation for Gen12 video and compute engines
  * Jammy update: v5.15.79 upstream stable release (LP: #2001570)
    - fuse: fix readdir cache race
    - drm/amdkfd: avoid recursive lock in migrations back to RAM
    - drm/amdkfd: handle CPU fault on COW mapping
    - drm/amdkfd: Fix NULL pointer dereference in svm_migrate_to_ram()
    - hwspinlock: qcom: correct MMIO max register for newer SoCs
    - phy: stm32: fix an error code in probe
    - wifi: cfg80211: silence a sparse RCU warning
    - wifi: cfg80211: fix memory leak in query_regdb_file()
    - soundwire: qcom: reinit broadcast completion
    - soundwire: qcom: check for outanding writes before doing a read
    - bpf, verifier: Fix memory leak in array reallocation for stack state
    - bpf, sockmap: Fix the sk->sk_forward_alloc warning of sk_stream_kill_queues
    - wifi: mac80211: Set TWT Information Frame Disabled bit as 1
    - bpftool: Fix NULL pointer dereference when pin {PROG, MAP, LINK} without
      FILE
    - HID: hyperv: fix possible memory leak in mousevsc_probe()
    - bpf, sockmap: Fix sk->sk_forward_alloc warn_on in sk_stream_kill_queues
    - bpf: Fix sockmap calling sleepable function in teardown path
    - bpf, sock_map: Move cancel_work_sync() out of sock lock
    - bpf: Add helper macro bpf_for_each_reg_in_vstate
    - bpf: Fix wrong reg type conversion in release_reference()
    - net: gso: fix panic on frag_list with mixed head alloc types
    - macsec: delete new rxsc when offload fails
    - macsec: fix secy->n_rx_sc accounting
    - macsec: fix detection of RXSCs when toggling offloading
    - macsec: clear encryption keys from the stack after setting up offload
    - octeontx2-pf: Use hardware register for CQE count
    - octeontx2-pf: NIX TX overwrites SQ_CTX_HW_S[SQ_INT]
    - net: tun: Fix memory leaks of napi_get_frags
    - bnxt_en: Fix possible crash in bnxt_hwrm_set_coal()
    - bnxt_en: fix potentially incorrect return value for ndo_rx_flow_steer
    - net: fman: Unregister ethernet device on removal
    - capabilities: fix undefined behavior in bit shift for CAP_TO_MASK
    - phy: ralink: mt7621-pci: add sentinel to quirks table
    - KVM: s390: pv: don't allow userspace to set the clock under PV
    - net: lapbether: fix issue of dev reference count leakage in
      lapbeth_device_event()
    - hamradio: fix issue of dev reference count leakage in bpq_device_event()
    - net: wwan: iosm: fix memory leak in ipc_wwan_dellink
    - net: wwan: mhi: fix memory leak in mhi_mbim_dellink
    - drm/vc4: Fix missing platform_unregister_drivers() call in
      vc4_drm_register()
    - tcp: prohibit TCP_REPAIR_OPTIONS if data was already sent
    - ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network
    - can: af_can: fix NULL pointer dereference in can_rx_register()
    - net: stmmac: dwmac-meson8b: fix meson8b_devm_clk_prepare_enable()
    - net: broadcom: Fix BCMGENET Kconfig
    - tipc: fix the msg->req tlv len check in
      tipc_nl_compat_name_table_dump_header
    - dmaengine: pxa_dma: use platform_get_irq_optional
    - dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove()
    - dmaengine: ti: k3-udma-glue: fix memory leak when register device fail
    - net: lapbether: fix issue of invalid opcode in lapbeth_open()
    - drivers: net: xgene: disable napi when register irq failed in
      xgene_enet_open()
    - perf stat: Fix printing os->prefix in CSV metrics output
    - perf tools: Add the include/perf/ directory to .gitignore
    - netfilter: nfnetlink: fix potential dead lock in nfnetlink_rcv_msg()
    - netfilter: Cleanup nft_net->module_list from nf_tables_exit_net()
    - net: marvell: prestera: fix memory leak in prestera_rxtx_switch_init()
    - net: nixge: disable napi when enable interrupts failed in nixge_open()
    - net: wwan: iosm: fix memory leak in ipc_pcie_read_bios_cfg
    - net/mlx5: Bridge, verify LAG state when adding bond to bridge
    - net/mlx5: Allow async trigger completion execution on single CPU systems
    - net/mlx5e: E-Switch, Fix comparing termination table instance
    - net: cpsw: disable napi in cpsw_ndo_open()
    - net: cxgb3_main: disable napi when bind qsets failed in cxgb_up()
    - stmmac: intel: Enable 2.5Gbps for Intel AlderLake-S
    - stmmac: intel: Update PCH PTP clock rate from 200MHz to 204.8MHz
    - mctp: Fix an error handling path in mctp_init()
    - cxgb4vf: shut down the adapter when t4vf_update_port_info() failed in
      cxgb4vf_open()
    - stmmac: dwmac-loongson: fix missing pci_disable_msi() while module exiting
    - stmmac: dwmac-loongson: fix missing pci_disable_device() in
      loongson_dwmac_probe()
    - stmmac: dwmac-loongson: fix missing of_node_put() while module exiting
    - net: phy: mscc: macsec: clear encryption keys when freeing a flow
    - net: atlantic: macsec: clear encryption keys from the stack
    - ethernet: s2io: disable napi when start nic failed in s2io_card_up()
    - net: mv643xx_eth: disable napi when init rxq or txq failed in
      mv643xx_eth_open()
    - ethernet: tundra: free irq when alloc ring failed in tsi108_open()
    - net: macvlan: fix memory leaks of macvlan_common_newlink
    - riscv: process: fix kernel info leakage
    - riscv: vdso: fix build with llvm
    - riscv: fix reserved memory setup
    - arm64: efi: Fix handling of misaligned runtime regions and drop warning
    - MIPS: jump_label: Fix compat branch range check
    - mmc: cqhci: Provide helper for resetting both SDHCI and CQHCI
    - mmc: sdhci-of-arasan: Fix SDHCI_RESET_ALL for CQHCI
    - mmc: sdhci_am654: Fix SDHCI_RESET_ALL for CQHCI
    - mmc: sdhci-tegra: Fix SDHCI_RESET_ALL for CQHCI
    - mmc: sdhci-esdhc-imx: use the correct host caps for MMC_CAP_8_BIT_DATA
    - ALSA: hda/hdmi - enable runtime pm for more AMD display audio
    - ALSA: hda/ca0132: add quirk for EVGA Z390 DARK
    - ALSA: hda: fix potential memleak in 'add_widget_node'
    - ALSA: hda/realtek: Add Positivo C6300 model quirk
    - ALSA: usb-audio: Yet more regression for for the delayed card registration
    - ALSA: usb-audio: Add quirk entry for M-Audio Micro
    - ALSA: usb-audio: Add DSD support for Accuphase DAC-60
    - vmlinux.lds.h: Fix placement of '.data..decrypted' section
    - ata: libata-scsi: fix SYNCHRONIZE CACHE (16) command failure
    - nilfs2: fix deadlock in nilfs_count_free_blocks()
    - nilfs2: fix use-after-free bug of ns_writer on remount
    - drm/i915/dmabuf: fix sg_table handling in map_dma_buf
    - drm/amdgpu: disable BACO on special BEIGE_GOBY card
    - btrfs: fix match incorrectly in dev_args_match_device
    - btrfs: selftests: fix wrong error check in btrfs_free_dummy_root()
    - btrfs: zoned: initialize device's zone info for seeding
    - mms: sdhci-esdhc-imx: Fix SDHCI_RESET_ALL for CQHCI
    - udf: Fix a slab-out-of-bounds write bug in udf_find_entry()
    - mm/damon/dbgfs: check if rm_contexts input is for a real context
    - mm/memremap.c: map FS_DAX device memory as decrypted
    - mm/shmem: use page_mapping() to detect page cache for uffd continue
    - can: j1939: j1939_send_one(): fix missing CAN header initialization
    - cert host tools: Stop complaining about deprecated OpenSSL functions
    - dmaengine: at_hdmac: Fix at_lli struct definition
    - dmaengine: at_hdmac: Don't start transactions at tx_submit level
    - dmaengine: at_hdmac: Start transfer for cyclic channels in issue_pending
    - dmaengine: at_hdmac: Fix premature completion of desc in issue_pending
    - dmaengine: at_hdmac: Do not call the complete callback on
      device_terminate_all
    - dmaengine: at_hdmac: Protect atchan->status with the channel lock
    - dmaengine: at_hdmac: Fix concurrency problems by removing atc_complete_all()
    - dmaengine: at_hdmac: Fix concurrency over descriptor
    - dmaengine: at_hdmac: Free the memset buf without holding the chan lock
    - dmaengine: at_hdmac: Fix concurrency over the active list
    - dmaengine: at_hdmac: Fix descriptor handling when issuing it to hardware
    - dmaengine: at_hdmac: Fix completion of unissued descriptor in case of errors
    - dmaengine: at_hdmac: Don't allow CPU to reorder channel enable
    - dmaengine: at_hdmac: Fix impossible condition
    - dmaengine: at_hdmac: Check return code of dma_async_device_register
    - marvell: octeontx2: build error: unknown type name 'u64'
    - drm/amdkfd: Migrate in CPU page fault use current mm
    - net: tun: call napi_schedule_prep() to ensure we own a napi
    - x86/cpu: Restore AMD's DE_CFG MSR after resume
    - Linux 5.15.79
  * CVE-2022-47520
    - wifi: wilc1000: validate pairwise and authentication suite offsets
  * CVE-2022-3545
    - nfp: fix use-after-free in area_cache_get()

linux-aws-5.15 (5.15.0-1030.34~20.04.1) focal; urgency=medium

* focal/linux-aws-5.15: 5.15.0-1030.34~20.04.1 -proposed tracker
    (LP: #2003487)

[ Ubuntu: 5.15.0-1030.34 ]

* jammy/linux-aws: 5.15.0-1030.34 -proposed tracker (LP: #2003424)
  * jammy/linux: 5.15.0-60.66 -proposed tracker (LP: #2003450)
  * Revoke & rotate to new signing key (LP: #2002812)
    - [Packaging] Revoke and rotate to new signing key

linux-aws-5.15 (5.15.0-1029.33~20.04.1) focal; urgency=medium

* focal/linux-aws-5.15: 5.15.0-1029.33~20.04.1 -proposed tracker
    (LP: #2001758)

[ Ubuntu: 5.15.0-1029.33 ]

* jammy/linux-aws: 5.15.0-1029.33 -proposed tracker (LP: #2001759)
  * Jammy update: v5.15.75 upstream stable release (LP: #1996825) // Jammy
    update: v5.15.76 upstream stable release (LP: #1997113)
    - [Config] aws: Update configs after rebase
  * Support non-strict iommu mode on arm64 (LP: #1806488)
    - [Config] aws: CONFIG_IOMMU_DEFAULT_DMA_LAZY=y for arm64
  * jammy/linux: 5.15.0-59.65 -proposed tracker (LP: #2001801)
  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
  * CVE-2022-47940
    - ksmbd: validate length in smb2_write()
  * Fix iosm: WWAN cannot build the connection (DW5823e) (LP: #1998115)
    - net: wwan: iosm: fix driver not working with INTEL_IOMMU disabled
    - [Config] CONFIG_IOSM update annotations on arm64 armhf ppc64el s390x
  * support for same series backports versioning numbers (LP: #1993563)
    - [Packaging] sameport -- add support for sameport versioning
  * [DEP-8] Run ADT regression suite for lowlatency kernels Jammy and later
    (LP: #1999528)
    - [DEP-8] Fix regression suite to run on lowlatency
  * Micron NVME storage failure [1344,5407] (LP: #1998883)
    - nvme: add a bogus subsystem NQN quirk for Micron MTFDKBA2T0TFH
  * Jammy update: v5.15.78 upstream stable release (LP: #1998843)
    - scsi: lpfc: Rework MIB Rx Monitor debug info logic
    - serial: ar933x: Deassert Transmit Enable on ->rs485_config()
    - KVM: x86: Trace re-injected exceptions
    - KVM: x86: Treat #DBs from the emulator as fault-like (code and DR7.GD=1)
    - drm/amd/display: explicitly disable psr_feature_enable appropriately
    - mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
    - HID: playstation: add initial DualSense Edge controller support
    - KVM: x86: Protect the unused bits in MSR exiting flags
    - KVM: x86: Copy filter arg outside kvm_vm_ioctl_set_msr_filter()
    - KVM: x86: Add compat handler for KVM_X86_SET_MSR_FILTER
    - RDMA/cma: Use output interface for net_dev check
    - IB/hfi1: Correctly move list in sc_disable()
    - RDMA/hns: Remove magic number
    - RDMA/hns: Use hr_reg_xxx() instead of remaining roce_set_xxx()
    - RDMA/hns: Disable local invalidate operation
    - NFSv4: Fix a potential state reclaim deadlock
    - NFSv4.1: Handle RECLAIM_COMPLETE trunking errors
    - NFSv4.1: We must always send RECLAIM_COMPLETE after a reboot
    - SUNRPC: Fix null-ptr-deref when xps sysfs alloc failed
    - NFSv4.2: Fixup CLONE dest file size for zero-length count
    - nfs4: Fix kmemleak when allocate slot failed
    - net: dsa: Fix possible memory leaks in dsa_loop_init()
    - RDMA/core: Fix null-ptr-deref in ib_core_cleanup()
    - RDMA/qedr: clean up work queue on failure in qedr_alloc_resources()
    - net: dsa: fall back to default tagger if we can't load the one from DT
    - nfc: fdp: Fix potential memory leak in fdp_nci_send()
    - nfc: nxp-nci: Fix potential memory leak in nxp_nci_send()
    - nfc: s3fwrn5: Fix potential memory leak in s3fwrn5_nci_send()
    - nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send()
    - net: fec: fix improper use of NETDEV_TX_BUSY
    - ata: pata_legacy: fix pdc20230_set_piomode()
    - net: sched: Fix use after free in red_enqueue()
    - net: tun: fix bugs for oversize packet when napi frags enabled
    - netfilter: nf_tables: netlink notifier might race to release objects
    - netfilter: nf_tables: release flow rule object from commit path
    - ipvs: use explicitly signed chars
    - ipvs: fix WARNING in __ip_vs_cleanup_batch()
    - ipvs: fix WARNING in ip_vs_app_net_cleanup()
    - rose: Fix NULL pointer dereference in rose_send_frame()
    - mISDN: fix possible memory leak in mISDN_register_device()
    - isdn: mISDN: netjet: fix wrong check of device registration
    - btrfs: fix inode list leak during backref walking at resolve_indirect_refs()
    - btrfs: fix inode list leak during backref walking at find_parent_nodes()
    - btrfs: fix ulist leaks in error paths of qgroup self tests
    - netfilter: ipset: enforce documented limit to prevent allocating huge memory
    - Bluetooth: virtio_bt: Use skb_put to set length
    - Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del()
    - Bluetooth: L2CAP: Fix memory leak in vhci_write
    - net: mdio: fix undefined behavior in bit shift for __mdiobus_register
    - ibmvnic: Free rwi on reset success
    - stmmac: dwmac-loongson: fix invalid mdio_node
    - net/smc: Fix possible leaked pernet namespace in smc_init()
    - net, neigh: Fix null-ptr-deref in neigh_table_clear()
    - ipv6: fix WARNING in ip6_route_net_exit_late()
    - vsock: fix possible infinite sleep in vsock_connectible_wait_data()
    - drm/msm/hdmi: Remove spurious IRQF_ONESHOT flag
    - drm/msm/hdmi: fix IRQ lifetime
    - video/fbdev/stifb: Implement the stifb_fillrect() function
    - fbdev: stifb: Fall back to cfb_fillrect() on 32-bit HCRX cards
    - mtd: parsers: bcm47xxpart: print correct offset on read error
    - mtd: parsers: bcm47xxpart: Fix halfblock reads
    - s390/uaccess: add missing EX_TABLE entries to __clear_user()
    - s390/cio: fix out-of-bounds access on cio_ignore free
    - media: rkisp1: Don't pass the quantization to rkisp1_csm_config()
    - media: rkisp1: Initialize color space on resizer sink and source pads
    - media: rkisp1: Use correct macro for gradient registers
    - media: rkisp1: Zero v4l2_subdev_format fields in when validating links
    - media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE
    - media: cros-ec-cec: limit msg.len to CEC_MAX_MSG_SIZE
    - media: dvb-frontends/drxk: initialize err to 0
    - media: meson: vdec: fix possible refcount leak in vdec_probe()
    - media: v4l: subdev: Fail graciously when getting try data for NULL state
    - ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init()
    - scsi: core: Restrict legal sdev_state transitions via sysfs
    - HID: saitek: add madcatz variant of MMO7 mouse device ID
    - drm/amdgpu: set vm_update_mode=0 as default for Sienna Cichlid in SRIOV case
    - i2c: xiic: Add platform module alias
    - efi/tpm: Pass correct address to memblock_reserve
    - clk: qcom: Update the force mem core bit for GPU clocks
    - ARM: dts: imx6qdl-gw59{10,13}: fix user pushbutton GPIO offset
    - arm64: dts: imx8: correct clock order
    - arm64: dts: lx2160a: specify clock frequencies for the MDIO controllers
    - arm64: dts: ls1088a: specify clock frequencies for the MDIO controllers
    - arm64: dts: ls208xa: specify clock frequencies for the MDIO controllers
    - block: Fix possible memory leak for rq_wb on add_disk failure
    - firmware: arm_scmi: Suppress the driver's bind attributes
    - firmware: arm_scmi: Make Rx chan_setup fail on memory errors
    - firmware: arm_scmi: Fix devres allocation device in virtio transport
    - arm64: dts: juno: Add thermal critical trip points
    - i2c: piix4: Fix adapter not be removed in piix4_remove()
    - Bluetooth: L2CAP: Fix attempting to access uninitialized memory
    - block, bfq: protect 'bfqd->queued' by 'bfqd->lock'
    - af_unix: Fix memory leaks of the whole sk due to OOB skb.
    - fscrypt: stop using keyrings subsystem for fscrypt_master_key
    - fscrypt: fix keyring memory leak on mount failure
    - btrfs: fix lost file sync on direct IO write with nowait and dsync iocb
    - btrfs: fix tree mod log mishandling of reallocated nodes
    - btrfs: fix type of parameter generation in btrfs_get_dentry
    - ftrace: Fix use-after-free for dynamic ftrace_ops
    - tcp/udp: Make early_demux back namespacified.
    - tracing: kprobe: Fix memory leak in test_gen_kprobe/kretprobe_cmd()
    - kprobe: reverse kp->flags when arm_kprobe failed
    - ring-buffer: Check for NULL cpu_buffer in ring_buffer_wake_waiters()
    - tools/nolibc/string: Fix memcmp() implementation
    - tracing/histogram: Update document for KEYS_MAX size
    - capabilities: fix potential memleak on error path from vfs_getxattr_alloc()
    - fuse: add file_modified() to fallocate
    - efi: random: reduce seed size to 32 bytes
    - efi: random: Use 'ACPI reclaim' memory for random seed
    - arm64: entry: avoid kprobe recursion
    - perf/x86/intel: Fix pebs event constraints for ICL
    - perf/x86/intel: Add Cooper Lake stepping to isolation_ucodes[]
    - perf/x86/intel: Fix pebs event constraints for SPR
    - parisc: Make 8250_gsc driver dependend on CONFIG_PARISC
    - parisc: Export iosapic_serial_irq() symbol for serial port driver
    - parisc: Avoid printing the hardware path twice
    - ext4: fix warning in 'ext4_da_release_space'
    - ext4: fix BUG_ON() when directory entry has invalid rec_len
    - x86/syscall: Include asm/ptrace.h in syscall_wrapper header
    - KVM: x86: Mask off reserved bits in CPUID.80000006H
    - KVM: x86: Mask off reserved bits in CPUID.8000001AH
    - KVM: x86: Mask off reserved bits in CPUID.80000008H
    - KVM: x86: Mask off reserved bits in CPUID.80000001H
    - KVM: x86: Mask off reserved bits in CPUID.8000001FH
    - KVM: VMX: fully disable SGX if SECONDARY_EXEC_ENCLS_EXITING unavailable
    - KVM: arm64: Fix bad dereference on MTE-enabled systems
    - KVM: x86: emulator: em_sysexit should update ctxt->mode
    - KVM: x86: emulator: introduce emulator_recalc_and_set_mode
    - KVM: x86: emulator: update the emulation mode after rsm
    - KVM: x86: emulator: update the emulation mode after CR0 write
    - tee: Fix tee_shm_register() for kernel TEE drivers
    - ext4,f2fs: fix readahead of verity data
    - cifs: fix regression in very old smb1 mounts
    - drm/rockchip: dsi: Clean up 'usage_mode' when failing to attach
    - drm/rockchip: dsi: Force synchronous probe
    - drm/i915/sdvo: Filter out invalid outputs more sensibly
    - drm/i915/sdvo: Setup DDC fully before output init
    - wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
    - Linux 5.15.78
  * Fix AMD-PState driver for Genoa CPU (LP: #1998106)
    - Documentation: amd-pstate: add tracer tool introduction
    - Documentation: amd-pstate: grammar and sentence structure updates
    - Documentation: amd-pstate: Add unit test introduction
    - cpufreq: amd-pstate: cpufreq: amd-pstate: reset MSR_AMD_PERF_CTL register at
      init
    - cpufreq: amd-pstate: change amd-pstate driver to be built-in type
    - cpufreq: amd-pstate: add amd-pstate driver parameter for mode selection
    - Documentation: amd-pstate: add driver working mode introduction
    - Documentation: add amd-pstate kernel command line options
  * Mediatek WLAN RZ616(MT7922) SAR table control (LP: #1997200)
    - mt76: mt7921: add .set_sar_specs support
    - mt76: add 6 GHz band support in mt76_sar_freq_ranges
    - mt76: mt7921: introduce ACPI SAR support
    - mt76: connac: add support for limiting to maximum regulatory Tx power
    - mt76: move sar utilities to mt76-core module
    - mt76: mt7921: honor mt76_connac_mcu_set_rate_txpower return value in
      mt7921_config
    - mt76: mt7921: introduce ACPI SAR config in tx power
    - wifi: mt76: mt7921: fix use after free in mt7921_acpi_read()
  * [22.04/Jammy] Replace SAUCE AMD DP tunneling patch by upstream version
    (LP: #1989944)
    - Revert "UBUNTU: SAUCE: thunderbolt: Add DP out resource when DP tunnel is
      discovered."
    - thunderbolt: Add DP OUT resource when DP tunnel is discovered
  * Jammy update: v5.15.77 upstream stable release (LP: #1997981)
    - NFSv4: Fix free of uninitialized nfs4_label on referral lookup.
    - NFSv4: Add an fattr allocation to _nfs4_discover_trunking()
    - can: j1939: transport: j1939_session_skb_drop_old():
      spin_unlock_irqrestore() before kfree_skb()
    - can: kvaser_usb: Fix possible completions during init_completion
    - ALSA: Use del_timer_sync() before freeing timer
    - ALSA: usb-audio: Add quirks for M-Audio Fast Track C400/600
    - ALSA: au88x0: use explicitly signed char
    - ALSA: rme9652: use explicitly signed char
    - USB: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM
    - usb: gadget: uvc: fix sg handling in error case
    - usb: gadget: uvc: fix sg handling during video encode
    - usb: dwc3: gadget: Stop processing more requests on IMI
    - usb: dwc3: gadget: Don't set IMI for no_interrupt
    - usb: bdc: change state when port disconnected
    - usb: xhci: add XHCI_SPURIOUS_SUCCESS to ASM1042 despite being a V0.96
      controller
    - mtd: rawnand: marvell: Use correct logic for nand-keep-config
    - xhci: Add quirk to reset host back to default state at shutdown
    - xhci-pci: Set runtime PM as default policy on all xHC 1.2 or later devices
    - xhci: Remove device endpoints from bandwidth list when freeing the device
    - tools: iio: iio_utils: fix digit calculation
    - iio: light: tsl2583: Fix module unloading
    - iio: temperature: ltc2983: allocate iio channels once
    - iio: adxl372: Fix unsafe buffer attributes
    - fbdev: smscufx: Fix several use-after-free bugs
    - cpufreq: intel_pstate: Read all MSRs on the target CPU
    - cpufreq: intel_pstate: hybrid: Use known scaling factor for P-cores
    - fs/binfmt_elf: Fix memory leak in load_elf_binary()
    - exec: Copy oldsighand->action under spin-lock
    - mac802154: Fix LQI recording
    - scsi: qla2xxx: Use transport-defined speed mask for supported_speeds
    - drm/amdgpu: disallow gfxoff until GC IP blocks complete s2idle resume
    - drm/msm/dsi: fix memory corruption with too many bridges
    - drm/msm/hdmi: fix memory corruption with too many bridges
    - drm/msm/dp: fix IRQ lifetime
    - coresight: cti: Fix hang in cti_disable_hw()
    - mmc: sdhci_am654: 'select', not 'depends' REGMAP_MMIO
    - mmc: core: Fix kernel panic when remove non-standard SDIO card
    - mmc: sdhci-pci-core: Disable ES for ASUS BIOS on Jasper Lake
    - mmc: sdhci-esdhc-imx: Propagate ESDHC_FLAG_HS400* only on 8bit bus
    - counter: microchip-tcb-capture: Handle Signal1 read and Synapse
    - kernfs: fix use-after-free in __kernfs_remove
    - pinctrl: Ingenic: JZ4755 bug fixes
    - ARC: mm: fix leakage of memory allocated for PTE
    - perf auxtrace: Fix address filter symbol name match for modules
    - s390/futex: add missing EX_TABLE entry to __futex_atomic_op()
    - s390/pci: add missing EX_TABLE entries to
      __pcistg_mio_inuser()/__pcilg_mio_inuser()
    - Revert "scsi: lpfc: Resolve some cleanup issues following SLI path
      refactoring"
    - Revert "scsi: lpfc: Fix element offset in __lpfc_sli_release_iocbq_s4()"
    - Revert "scsi: lpfc: Fix locking for lpfc_sli_iocbq_lookup()"
    - Revert "scsi: lpfc: SLI path split: Refactor SCSI paths"
    - Revert "scsi: lpfc: SLI path split: Refactor fast and slow paths to native
      SLI4"
    - Revert "scsi: lpfc: SLI path split: Refactor lpfc_iocbq"
    - mmc: block: Remove error check of hw_reset on reset
    - ethtool: eeprom: fix null-deref on genl_info in dump
    - net: ieee802154: fix error return code in dgram_bind()
    - media: v4l2: Fix v4l2_i2c_subdev_set_name function documentation
    - media: atomisp: prevent integer overflow in sh_css_set_black_frame()
    - drm/msm: Fix return type of mdp4_lvds_connector_mode_valid
    - KVM: selftests: Fix number of pages for memory slot in
      memslot_modification_stress_test
    - ASoC: qcom: lpass-cpu: mark HDMI TX registers as volatile
    - perf: Fix missing SIGTRAPs
    - sched/core: Fix comparison in sched_group_cookie_match()
    - arc: iounmap() arg is volatile
    - mtd: rawnand: intel: Add missing of_node_put() in ebu_nand_probe()
    - ASoC: qcom: lpass-cpu: Mark HDMI TX parity register as volatile
    - ALSA: ac97: fix possible memory leak in snd_ac97_dev_register()
    - perf/x86/intel/lbr: Use setup_clear_cpu_cap() instead of clear_cpu_cap()
    - tipc: fix a null-ptr-deref in tipc_topsrv_accept
    - net: netsec: fix error handling in netsec_register_mdio()
    - net: hinic: fix incorrect assignment issue in hinic_set_interrupt_cfg()
    - net: hinic: fix memory leak when reading function table
    - net: hinic: fix the issue of CMDQ memory leaks
    - net: hinic: fix the issue of double release MBOX callback of VF
    - net: macb: Specify PHY PM management done by MAC
    - nfc: virtual_ncidev: Fix memory leak in virtual_nci_send()
    - x86/unwind/orc: Fix unreliable stack dump with gcov
    - amd-xgbe: fix the SFP compliance codes check for DAC cables
    - amd-xgbe: add the bit rate quirk for Molex cables
    - drm/i915/dp: Reset frl trained flag before restarting FRL training
    - atlantic: fix deadlock at aq_nic_stop
    - kcm: annotate data-races around kcm->rx_psock
    - kcm: annotate data-races around kcm->rx_wait
    - net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed
    - net: lantiq_etop: don't free skb when returning NETDEV_TX_BUSY
    - tcp: minor optimization in tcp_add_backlog()
    - tcp: fix a signed-integer-overflow bug in tcp_add_backlog()
    - tcp: fix indefinite deferral of RTO with SACK reneging
    - net-memcg: avoid stalls when under memory pressure
    - drm/amdkfd: Fix memory leak in kfd_mem_dmamap_userptr()
    - can: mscan: mpc5xxx: mpc5xxx_can_probe(): add missing put_clock() in error
      path
    - can: mcp251x: mcp251x_can_probe(): add missing unregister_candev() in error
      path
    - PM: hibernate: Allow hybrid sleep to work with s2idle
    - media: vivid: s_fbuf: add more sanity checks
    - media: vivid: dev->bitmap_cap wasn't freed in all cases
    - media: v4l2-dv-timings: add sanity checks for blanking values
    - media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check 'interlaced'
    - media: vivid: set num_in/outputs to 0 if not supported
    - perf vendor events power10: Fix hv-24x7 metric events
    - ipv6: ensure sane device mtu in tunnels
    - i40e: Fix ethtool rx-flow-hash setting for X722
    - i40e: Fix VF hang when reset is triggered on another VF
    - i40e: Fix flow-type by setting GL_HASH_INSET registers
    - net: ksz884x: fix missing pci_disable_device() on error in pcidev_init()
    - PM: domains: Fix handling of unavailable/disabled idle states
    - perf vendor events arm64: Fix incorrect Hisi hip08 L3 metrics
    - net: fec: limit register access on i.MX6UL
    - net: ethernet: ave: Fix MAC to be in charge of PHY PM
    - ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev()
    - ALSA: aoa: Fix I2S device accounting
    - openvswitch: switch from WARN to pr_warn
    - net: ehea: fix possible memory leak in ehea_register_port()
    - net: bcmsysport: Indicate MAC is in charge of PHY PM
    - nh: fix scope used to find saddr when adding non gw nh
    - net: broadcom: bcm4908enet: remove redundant variable bytes
    - net: broadcom: bcm4908_enet: update TX stats after actual transmission
    - netdevsim: remove dir in nsim_dev_debugfs_init() when creating ports dir
      failed
    - net/mlx5e: Do not increment ESN when updating IPsec ESN state
    - net/mlx5e: Extend SKB room check to include PTP-SQ
    - net/mlx5: Fix possible use-after-free in async command interface
    - net/mlx5: Print more info on pci error handlers
    - net/mlx5: Update fw fatal reporter state on PCI handlers successful recover
    - net/mlx5: Fix crash during sync firmware reset
    - net: do not sense pfmemalloc status in skb_append_pagefrags()
    - kcm: do not sense pfmemalloc status in kcm_sendpage()
    - net: enetc: survive memory pressure without crashing
    - arm64: Add AMPERE1 to the Spectre-BHB affected list
    - scsi: sd: Revert "scsi: sd: Remove a local variable"
    - can: rcar_canfd: fix channel specific IRQ handling for RZ/G2L
    - can: rcar_canfd: rcar_canfd_handle_global_receive(): fix IRQ storm on global
      FIFO receive
    - serial: core: move RS485 configuration tasks from drivers into core
    - serial: Deassert Transmit Enable on probe in driver-specific way
    - Linux 5.15.77
  * RCU stalls (LP: #1991951)
    - [Config] Harmonize RCU_CPU_STALL_TIMEOUT
  * Jammy update: v5.15.76 upstream stable release (LP: #1997113)
    - r8152: add PID for the Lenovo OneLink+ Dock
    - arm64/mm: Consolidate TCR_EL1 fields
    - usb: gadget: uvc: consistently use define for headerlen
    - usb: gadget: uvc: use on returned header len in video_encode_isoc_sg
    - usb: gadget: uvc: rework uvcg_queue_next_buffer to uvcg_complete_buffer
    - usb: gadget: uvc: giveback vb2 buffer on req complete
    - usb: gadget: uvc: improve sg exit condition
    - [Config] updateconfigs for ARM64_ERRATUM_1742098
    - arm64: errata: Remove AES hwcap for COMPAT tasks
    - perf/x86/intel/pt: Relax address filter validation
    - btrfs: enhance unsupported compat RO flags handling
    - ocfs2: clear dinode links count in case of error
    - ocfs2: fix BUG when iput after ocfs2_mknod fails
    - selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context()
    - cpufreq: qcom: fix writes in read-only memory region
    - i2c: qcom-cci: Fix ordering of pm_runtime_xx and i2c_add_adapter
    - x86/microcode/AMD: Apply the patch early on every logical thread
    - hwmon/coretemp: Handle large core ID value
    - ata: ahci-imx: Fix MODULE_ALIAS
    - x86/resctrl: Fix min_cbm_bits for AMD
    - cpufreq: qcom: fix memory leak in error path
    - drm/amdgpu: fix sdma doorbell init ordering on APUs
    - mm,hugetlb: take hugetlb_lock before decrementing h->resv_huge_pages
    - kvm: Add support for arch compat vm ioctls
    - KVM: arm64: vgic: Fix exit condition in scan_its_table()
    - media: ipu3-imgu: Fix NULL pointer dereference in active selection access
    - media: mceusb: set timeout to at least timeout provided
    - media: venus: dec: Handle the case where find_format fails
    - x86/topology: Fix multiple packages shown on a single-package system
    - x86/topology: Fix duplicated core ID within a package
    - btrfs: fix processing of delayed data refs during backref walking
    - btrfs: fix processing of delayed tree block refs during backref walking
    - drm/vc4: Add module dependency on hdmi-codec
    - ACPI: extlog: Handle multiple records
    - tipc: Fix recognition of trial period
    - tipc: fix an information leak in tipc_topsrv_kern_subscr
    - i40e: Fix DMA mappings leak
    - HID: magicmouse: Do not set BTN_MOUSE on double report
    - sfc: Change VF mac via PF as first preference if available.
    - net/atm: fix proc_mpc_write incorrect return value
    - net: phy: dp83867: Extend RX strap quirk for SGMII mode
    - net: phylink: add mac_managed_pm in phylink_config structure
    - scsi: lpfc: Fix memory leak in lpfc_create_port()
    - udp: Update reuse->has_conns under reuseport_lock.
    - cifs: Fix xid leak in cifs_create()
    - cifs: Fix xid leak in cifs_copy_file_range()
    - cifs: Fix xid leak in cifs_flock()
    - cifs: Fix xid leak in cifs_ses_add_channel()
    - dm: remove unnecessary assignment statement in alloc_dev()
    - net: hsr: avoid possible NULL deref in skb_clone()
    - ionic: catch NULL pointer issue on reconfig
    - netfilter: nf_tables: relax NFTA_SET_ELEM_KEY_END set flags requirements
    - nvme-hwmon: consistently ignore errors from nvme_hwmon_init
    - nvme-hwmon: kmalloc the NVME SMART log buffer
    - nvmet: fix workqueue MEM_RECLAIM flushing dependency
    - net: sched: cake: fix null pointer access issue when cake_init() fails
    - net: sched: delete duplicate cleanup of backlog and qlen
    - net: sched: sfb: fix null pointer access issue when sfb_init() fails
    - sfc: include vport_id in filter spec hash and equal()
    - wwan_hwsim: fix possible memory leak in wwan_hwsim_dev_new()
    - net: hns: fix possible memory leak in hnae_ae_register()
    - net: sched: fix race condition in qdisc_graft()
    - net: phy: dp83822: disable MDI crossover status change interrupt
    - iommu/vt-d: Allow NVS regions in arch_rmrr_sanity_check()
    - iommu/vt-d: Clean up si_domain in the init_dmars() error path
    - fs: dlm: fix invalid derefence of sb_lvbptr
    - arm64: mte: move register initialization to C
    - ksmbd: handle smb2 query dir request for OutputBufferLength that is too
      small
    - ksmbd: fix incorrect handling of iterate_dir
    - tracing: Simplify conditional compilation code in tracing_set_tracer()
    - tracing: Do not free snapshot if tracer is on cmdline
    - mmc: sdhci-tegra: Use actual clock rate for SW tuning correction
    - perf: Skip and warn on unknown format 'configN' attrs
    - ACPI: video: Force backlight native for more TongFang devices
    - x86/Kconfig: Drop check for -mabi=ms for CONFIG_EFI_STUB
    - Makefile.debug: re-enable debug info for .S files
    - mmc: core: Add SD card quirk for broken discard
    - mm: /proc/pid/smaps_rollup: fix no vma's null-deref
    - Linux 5.15.76
  * UBSAN: array-index-out-of-bounds in
    /build/linux-9H675w/linux-5.15.0/drivers/ata/libahci.c:968:41
    (LP: #1970074) // Jammy update: v5.15.76 upstream stable release
    (LP: #1997113)
    - ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS
  * Jammy update: v5.15.75 upstream stable release (LP: #1996825)
    - Revert "fs: check FMODE_LSEEK to control internal pipe splicing"
    - ALSA: oss: Fix potential deadlock at unregistration
    - ALSA: rawmidi: Drop register_mutex in snd_rawmidi_free()
    - ALSA: usb-audio: Fix potential memory leaks
    - ALSA: usb-audio: Fix NULL dererence at error path
    - ALSA: hda/realtek: remove ALC289_FIXUP_DUAL_SPK for Dell 5530
    - ALSA: hda/realtek: Correct pin configs for ASUS G533Z
    - ALSA: hda/realtek: Add quirk for ASUS GV601R laptop
    - ALSA: hda/realtek: Add Intel Reference SSID to support headset keys
    - mtd: rawnand: atmel: Unmap streaming DMA mappings
    - io_uring/net: don't update msg_name if not provided
    - hv_netvsc: Fix race between VF offering and VF association message from host
    - cifs: destage dirty pages before re-reading them for cache=none
    - cifs: Fix the error length of VALIDATE_NEGOTIATE_INFO message
    - iio: dac: ad5593r: Fix i2c read protocol requirements
    - iio: ltc2497: Fix reading conversion results
    - iio: adc: ad7923: fix channel readings for some variants
    - iio: pressure: dps310: Refactor startup procedure
    - iio: pressure: dps310: Reset chip after timeout
    - xhci: dbc: Fix memory leak in xhci_alloc_dbc()
    - usb: add quirks for Lenovo OneLink+ Dock
    - can: kvaser_usb: Fix use of uninitialized completion
    - can: kvaser_usb_leaf: Fix overread with an invalid command
    - can: kvaser_usb_leaf: Fix TX queue out of sync after restart
    - can: kvaser_usb_leaf: Fix CAN state after restart
    - mmc: sdhci-sprd: Fix minimum clock limit
    - i2c: designware: Fix handling of real but unexpected device interrupts
    - fs: dlm: fix race between test_bit() and queue_work()
    - fs: dlm: handle -EBUSY first in lock arg validation
    - HID: multitouch: Add memory barriers
    - quota: Check next/prev free block number after reading from quota file
    - platform/chrome: cros_ec_proto: Update version on GET_NEXT_EVENT failure
    - ASoC: wcd9335: fix order of Slimbus unprepare/disable
    - ASoC: wcd934x: fix order of Slimbus unprepare/disable
    - hwmon: (gsc-hwmon) Call of_node_get() before of_find_xxx API
    - net: thunderbolt: Enable DMA paths only after rings are enabled
    - regulator: qcom_rpm: Fix circular deferral regression
    - arm64: topology: move store_cpu_topology() to shared code
    - riscv: topology: fix default topology reporting
    - RISC-V: Make port I/O string accessors actually work
    - parisc: fbdev/stifb: Align graphics memory size to 4MB
    - riscv: Make VM_WRITE imply VM_READ
    - riscv: always honor the CONFIG_CMDLINE_FORCE when parsing dtb
    - riscv: Pass -mno-relax only on lld < 15.0.0
    - UM: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK
    - nvmem: core: Fix memleak in nvmem_register()
    - nvme-multipath: fix possible hang in live ns resize with ANA access
    - nvme-pci: set min_align_mask before calculating max_hw_sectors
    - dmaengine: mxs: use platform_driver_register
    - drm/virtio: Check whether transferred 2D BO is shmem
    - drm/virtio: Unlock reservations on virtio_gpu_object_shmem_init() error
    - drm/virtio: Use appropriate atomic state in virtio_gpu_plane_cleanup_fb()
    - drm/udl: Restore display mode on resume
    - [Config] updateconfigs for ARM64_ERRATUM_2441007
    - arm64: errata: Add Cortex-A55 to the repeat tlbi list
    - mm/damon: validate if the pmd entry is present before accessing
    - mm/mmap: undo ->mmap() when arch_validate_flags() fails
    - xen/gntdev: Prevent leaking grants
    - xen/gntdev: Accommodate VMA splitting
    - PCI: Sanitise firmware BAR assignments behind a PCI-PCI bridge
    - serial: 8250: Let drivers request full 16550A feature probing
    - serial: 8250: Request full 16550A feature probing for OxSemi PCIe devices
    - powercap: intel_rapl: Use standard Energy Unit for SPR Dram RAPL domain
    - powerpc/boot: Explicitly disable usage of SPE instructions
    - slimbus: qcom-ngd: use correct error in message of pdr_add_lookup() failure
    - slimbus: qcom-ngd: cleanup in probe error path
    - scsi: qedf: Populate sysfs attributes for vport
    - gpio: rockchip: request GPIO mux to pinctrl when setting direction
    - pinctrl: rockchip: add pinmux_ops.gpio_set_direction callback
    - fbdev: smscufx: Fix use-after-free in ufx_ops_open()
    - ksmbd: fix endless loop when encryption for response fails
    - ksmbd: Fix wrong return value and message length check in smb2_ioctl()
    - ksmbd: Fix user namespace mapping
    - fs: record I_DIRTY_TIME even if inode already has I_DIRTY_INODE
    - btrfs: fix race between quota enable and quota rescan ioctl
    - btrfs: set generation before calling btrfs_clean_tree_block in
      btrfs_init_new_buffer
    - f2fs: complete checkpoints during remount
    - f2fs: flush pending checkpoints when freezing super
    - f2fs: increase the limit for reserve_root
    - f2fs: fix to do sanity check on destination blkaddr during recovery
    - f2fs: fix to do sanity check on summary info
    - hardening: Avoid harmless Clang option under CONFIG_INIT_STACK_ALL_ZERO
    - hardening: Remove Clang's enable flag for -ftrivial-auto-var-init=zero
    - jbd2: wake up journal waiters in FIFO order, not LIFO
    - jbd2: fix potential buffer head reference count leak
    - jbd2: fix potential use-after-free in jbd2_fc_wait_bufs
    - jbd2: add miss release buffer head in fc_do_one_pass()
    - ext4: avoid crash when inline data creation follows DIO write
    - ext4: fix null-ptr-deref in ext4_write_info
    - ext4: make ext4_lazyinit_thread freezable
    - ext4: fix check for block being out of directory size
    - ext4: don't increase iversion counter for ea_inodes
    - ext4: ext4_read_bh_lock() should submit IO if the buffer isn't uptodate
    - ext4: place buffer head allocation before handle start
    - ext4: fix dir corruption when ext4_dx_add_entry() fails
    - ext4: fix miss release buffer head in ext4_fc_write_inode
    - ext4: fix potential memory leak in ext4_fc_record_modified_inode()
    - ext4: fix potential memory leak in ext4_fc_record_regions()
    - ext4: update 'state->fc_regions_size' after successful memory allocation
    - livepatch: fix race between fork and KLP transition
    - ftrace: Properly unset FTRACE_HASH_FL_MOD
    - ring-buffer: Allow splice to read previous partially read pages
    - ring-buffer: Have the shortest_full queue be the shortest not longest
    - ring-buffer: Check pending waiters when doing wake ups as well
    - ring-buffer: Add ring_buffer_wake_waiters()
    - ring-buffer: Fix race between reset page and reading page
    - tracing: Disable interrupt or preemption before acquiring arch_spinlock_t
    - tracing: Wake up ring buffer waiters on closing of the file
    - tracing: Wake up waiters when tracing is disabled
    - tracing: Add ioctl() to force ring buffer waiters to wake up
    - tracing: Move duplicate code of trace_kprobe/eprobe.c into header
    - tracing: Add "(fault)" name injection to kernel probes
    - tracing: Fix reading strings from synthetic events
    - thunderbolt: Explicitly enable lane adapter hotplug events at startup
    - efi: libstub: drop pointless get_memory_map() call
    - media: cedrus: Set the platform driver data earlier
    - media: cedrus: Fix endless loop in cedrus_h265_skip_bits()
    - blk-wbt: call rq_qos_add() after wb_normal is initialized
    - KVM: x86/emulator: Fix handing of POP SS to correctly set interruptibility
    - KVM: nVMX: Unconditionally purge queued/injected events on nested "exit"
    - KVM: nVMX: Don't propagate vmcs12's PERF_GLOBAL_CTRL settings to vmcs02
    - KVM: VMX: Drop bits 31:16 when shoving exception error code into VMCS
    - staging: greybus: audio_helper: remove unused and wrong debugfs usage
    - drm/nouveau/kms/nv140-: Disable interlacing
    - drm/nouveau: fix a use-after-free in nouveau_gem_prime_import_sg_table()
    - drm/i915: Fix watermark calculations for gen12+ RC CCS modifier
    - drm/i915: Fix watermark calculations for gen12+ MC CCS modifier
    - drm/i915: Fix watermark calculations for gen12+ CCS+CC modifier
    - drm/amd/display: Fix vblank refcount in vrr transition
    - smb3: must initialize two ACL struct fields to zero
    - selinux: use "grep -E" instead of "egrep"
    - ima: fix blocking of security.ima xattrs of unsupported algorithms
    - userfaultfd: open userfaultfds with O_RDONLY
    - ntfs3: rework xattr handlers and switch to POSIX ACL VFS helpers
    - thermal: cpufreq_cooling: Check the policy first in
      cpufreq_cooling_register()
    - sh: machvec: Use char[] for section boundaries
    - MIPS: SGI-IP27: Free some unused memory
    - MIPS: SGI-IP27: Fix platform-device leak in bridge_platform_create()
    - ARM: 9244/1: dump: Fix wrong pg_level in walk_pmd()
    - ARM: 9247/1: mm: set readonly for MT_MEMORY_RO with ARM_LPAE
    - objtool: Preserve special st_shndx indexes in elf_update_symbol
    - nfsd: Fix a memory leak in an error handling path
    - NFSD: Fix handling of oversized NFSv4 COMPOUND requests
    - wifi: rtlwifi: 8192de: correct checking of IQK reload
    - wifi: ath10k: add peer map clean up for peer delete in ath10k_sta_state()
    - leds: lm3601x: Don't use mutex after it was destroyed
    - bpf: Fix reference state management for synchronous callbacks
    - wifi: mac80211: allow bw change during channel switch in mesh
    - bpftool: Fix a wrong type cast in btf_dumper_int
    - spi: mt7621: Fix an error message in mt7621_spi_probe()
    - x86/resctrl: Fix to restore to original value when re-enabling hardware
      prefetch register
    - xsk: Fix backpressure mechanism on Tx
    - bpf: Disable preemption when increasing per-cpu map_locked
    - bpf: Propagate error from htab_lock_bucket() to userspace
    - bpf: Use this_cpu_{inc|dec|inc_return} for bpf_task_storage_busy
    - Bluetooth: btusb: mediatek: fix WMT failure during runtime suspend
    - wifi: rtl8xxxu: tighten bounds checking in rtl8xxxu_read_efuse()
    - wifi: rtw88: add missing destroy_workqueue() on error path in
      rtw_core_init()
    - selftests/xsk: Avoid use-after-free on ctx
    - spi: qup: add missing clk_disable_unprepare on error in spi_qup_resume()
    - spi: qup: add missing clk_disable_unprepare on error in
      spi_qup_pm_resume_runtime()
    - wifi: rtl8xxxu: Fix skb misuse in TX queue selection
    - spi: meson-spicc: do not rely on busy flag in pow2 clk ops
    - bpf: btf: fix truncated last_member_type_id in btf_struct_resolve
    - wifi: rtl8xxxu: gen2: Fix mistake in path B IQ calibration
    - wifi: rtl8xxxu: Remove copy-paste leftover in gen2_update_rate_mask
    - wifi: mt76: sdio: fix transmitting packet hangs
    - wifi: mt76: mt7615: add mt7615_mutex_acquire/release in
      mt7615_sta_set_decap_offload
    - wifi: mt76: mt7915: do not check state before configuring implicit beamform
    - Bluetooth: RFCOMM: Fix possible deadlock on socket shutdown/release
    - net: fs_enet: Fix wrong check in do_pd_setup
    - bpf: Ensure correct locking around vulnerable function find_vpid()
    - Bluetooth: hci_{ldisc,serdev}: check percpu_init_rwsem() failure
    - netfilter: conntrack: fix the gc rescheduling delay
    - netfilter: conntrack: revisit the gc initial rescheduling bias
    - wifi: ath11k: fix number of VHT beamformee spatial streams
    - x86/microcode/AMD: Track patch allocation size explicitly
    - x86/cpu: Include the header of init_ia32_feat_ctl()'s prototype
    - spi: dw: Fix PM disable depth imbalance in dw_spi_bt1_probe
    - spi/omap100k:Fix PM disable depth imbalance in omap1_spi100k_probe
    - skmsg: Schedule psock work if the cached skb exists on the psock
    - i2c: mlxbf: support lock mechanism
    - Bluetooth: hci_core: Fix not handling link timeouts propertly
    - xfrm: Reinject transport-mode packets through workqueue
    - netfilter: nft_fib: Fix for rpath check with VRF devices
    - spi: s3c64xx: Fix large transfers with DMA
    - wifi: rtl8xxxu: Fix AIFS written to REG_EDCA_*_PARAM
    - vhost/vsock: Use kvmalloc/kvfree for larger packets.
    - eth: alx: take rtnl_lock on resume
    - sctp: handle the error returned from sctp_auth_asoc_init_active_key
    - tcp: fix tcp_cwnd_validate() to not forget is_cwnd_limited
    - spi: Ensure that sg_table won't be used after being freed
    - hwmon: (pmbus/mp2888) Fix sensors readouts for MPS Multi-phase mp2888
      controller
    - net: rds: don't hold sock lock when cancelling work from
      rds_tcp_reset_callbacks()
    - bnx2x: fix potential memory leak in bnx2x_tpa_stop()
    - net: wwan: iosm: Call mutex_init before locking it
    - net/ieee802154: reject zero-sized raw_sendmsg()
    - once: add DO_ONCE_SLOW() for sleepable contexts
    - net: mvpp2: fix mvpp2 debugfs leak
    - drm: bridge: adv7511: fix CEC power down control register offset
    - drm: bridge: adv7511: unregister cec i2c device after cec adapter
    - drm/bridge: Avoid uninitialized variable warning
    - drm/mipi-dsi: Detach devices when removing the host
    - drm/virtio: Correct drm_gem_shmem_get_sg_table() error handling
    - drm/bridge: parade-ps8640: Fix regulator supply order
    - drm/dp_mst: fix drm_dp_dpcd_read return value checks
    - drm:pl111: Add of_node_put() when breaking out of
      for_each_available_child_of_node()
    - ASoC: mt6359: fix tests for platform_get_irq() failure
    - platform/chrome: fix double-free in chromeos_laptop_prepare()
    - platform/chrome: fix memory corruption in ioctl
    - ASoC: tas2764: Allow mono streams
    - ASoC: tas2764: Drop conflicting set_bias_level power setting
    - ASoC: tas2764: Fix mute/unmute
    - platform/x86: msi-laptop: Fix old-ec check for backlight registering
    - platform/x86: msi-laptop: Fix resource cleanup
    - platform/chrome: cros_ec_typec: Correct alt mode index
    - drm/amdgpu: add missing pci_disable_device() in
      amdgpu_pmops_runtime_resume()
    - drm/bridge: megachips: Fix a null pointer dereference bug
    - ASoC: rsnd: Add check for rsnd_mod_power_on
    - ALSA: hda: beep: Simplify keep-power-at-enable behavior
    - drm/bochs: fix blanking
    - drm/omap: dss: Fix refcount leak bugs
    - drm/amdgpu: Fix memory leak in hpd_rx_irq_create_workqueue()
    - mmc: au1xmmc: Fix an error handling path in au1xmmc_probe()
    - ASoC: eureka-tlv320: Hold reference returned from of_find_xxx API
    - drm/msm/dpu: index dpu_kms->hw_vbif using vbif_idx
    - drm/msm/dp: correct 1.62G link rate at dp_catalog_ctrl_config_msa()
    - drm/vmwgfx: Fix memory leak in vmw_mksstat_add_ioctl()
    - ASoC: codecs: tx-macro: fix kcontrol put
    - ASoC: da7219: Fix an error handling path in da7219_register_dai_clks()
    - ALSA: dmaengine: increment buffer pointer atomically
    - mmc: wmt-sdmmc: Fix an error handling path in wmt_mci_probe()
    - ASoC: wm8997: Fix PM disable depth imbalance in wm8997_probe
    - ASoC: wm5110: Fix PM disable depth imbalance in wm5110_probe
    - ASoC: wm5102: Fix PM disable depth imbalance in wm5102_probe
    - ASoC: mt6660: Fix PM disable depth imbalance in mt6660_i2c_probe
    - ALSA: hda/hdmi: Don't skip notification handling during PM operation
    - memory: pl353-smc: Fix refcount leak bug in pl353_smc_probe()
    - memory: of: Fix refcount leak bug in of_get_ddr_timings()
    - memory: of: Fix refcount leak bug in of_lpddr3_get_ddr_timings()
    - locks: fix TOCTOU race when granting write lease
    - soc: qcom: smsm: Fix refcount leak bugs in qcom_smsm_probe()
    - soc: qcom: smem_state: Add refcounting for the 'state->of_node'
    - ARM: dts: imx6qdl-kontron-samx6i: hook up DDC i2c bus
    - ARM: dts: turris-omnia: Fix mpp26 pin name and comment
    - ARM: dts: kirkwood: lsxl: fix serial line
    - ARM: dts: kirkwood: lsxl: remove first ethernet port
    - ia64: export memory_add_physaddr_to_nid to fix cxl build error
    - soc/tegra: fuse: Drop Kconfig dependency on TEGRA20_APB_DMA
    - arm64: dts: ti: k3-j7200: fix main pinmux range
    - ARM: dts: exynos: correct s5k6a3 reset polarity on Midas family
    - ARM: Drop CMDLINE_* dependency on ATAGS
    - ext4: don't run ext4lazyinit for read-only filesystems
    - arm64: ftrace: fix module PLTs with mcount
    - ARM: dts: exynos: fix polarity of VBUS GPIO of Origen
    - iio: adc: at91-sama5d2_adc: fix AT91_SAMA5D2_MR_TRACKTIM_MAX
    - iio: adc: at91-sama5d2_adc: check return status for pressure and touch
    - iio: adc: at91-sama5d2_adc: lock around oversampling and sample freq
    - iio: adc: at91-sama5d2_adc: disable/prepare buffer on suspend/resume
    - iio: inkern: only release the device node when done with it
    - iio: inkern: fix return value in devm_of_iio_channel_get_by_name()
    - iio: ABI: Fix wrong format of differential capacitance channel ABI.
    - iio: magnetometer: yas530: Change data type of hard_offsets to signed
    - RDMA/mlx5: Don't compare mkey tags in DEVX indirect mkey
    - usb: common: debug: Check non-standard control requests
    - clk: meson: Hold reference returned by of_get_parent()
    - clk: oxnas: Hold reference returned by of_get_parent()
    - clk: qoriq: Hold reference returned by of_get_parent()
    - clk: berlin: Add of_node_put() for of_get_parent()
    - clk: sprd: Hold reference returned by of_get_parent()
    - clk: tegra: Fix refcount leak in tegra210_clock_init
    - clk: tegra: Fix refcount leak in tegra114_clock_init
    - clk: tegra20: Fix refcount leak in tegra20_clock_init
    - HSI: omap_ssi: Fix refcount leak in ssi_probe
    - HSI: omap_ssi_port: Fix dma_map_sg error check
    - media: exynos4-is: fimc-is: Add of_node_put() when breaking out of loop
    - tty: xilinx_uartps: Fix the ignore_status
    - media: meson: vdec: add missing clk_disable_unprepare on error in
      vdec_hevc_start()
    - media: uvcvideo: Fix memory leak in uvc_gpio_parse
    - media: uvcvideo: Use entity get_cur in uvc_ctrl_set
    - media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init
    - RDMA/rxe: Fix "kernel NULL pointer dereference" error
    - RDMA/rxe: Fix the error caused by qp->sk
    - misc: ocxl: fix possible refcount leak in afu_ioctl()
    - fpga: prevent integer overflow in dfl_feature_ioctl_set_irq()
    - dmaengine: hisilicon: Disable channels when unregister hisi_dma
    - dmaengine: hisilicon: Fix CQ head update
    - dmaengine: hisilicon: Add multi-thread support for a DMA channel
    - dyndbg: fix static_branch manipulation
    - dyndbg: fix module.dyndbg handling
    - dyndbg: let query-modname override actual module name
    - dyndbg: drop EXPORTed dynamic_debug_exec_queries
    - clk: qcom: sm6115: Select QCOM_GDSC
    - mtd: devices: docg3: check the return value of devm_ioremap() in the probe
    - phy: amlogic: phy-meson-axg-mipi-pcie-analog: Hold reference returned by
      of_get_parent()
    - phy: phy-mtk-tphy: fix the phy type setting issue
    - mtd: rawnand: intel: Read the chip-select line from the correct OF node
    - mtd: rawnand: intel: Remove undocumented compatible string
    - mtd: rawnand: fsl_elbc: Fix none ECC mode
    - RDMA/irdma: Align AE id codes to correct flush code and event
    - RDMA/srp: Fix srp_abort()
    - RDMA/siw: Always consume all skbuf data in sk_data_ready() upcall.
    - RDMA/siw: Fix QP destroy to wait for all references dropped.
    - ata: fix ata_id_sense_reporting_enabled() and ata_id_has_sense_reporting()
    - ata: fix ata_id_has_devslp()
    - ata: fix ata_id_has_ncq_autosense()
    - ata: fix ata_id_has_dipm()
    - mtd: rawnand: meson: fix bit map use in meson_nfc_ecc_correct()
    - md/raid5: Ensure stripe_fill happens on non-read IO with journal
    - md/raid5: Remove unnecessary bio_put() in raid5_read_one_chunk()
    - RDMA/cm: Use SLID in the work completion as the DLID in responder side
    - IB: Set IOVA/LENGTH on IB_MR in core/uverbs layers
    - xhci: Don't show warning for reinit on known broken suspend
    - usb: gadget: function: fix dangling pnp_string in f_printer.c
    - drivers: serial: jsm: fix some leaks in probe
    - serial: 8250: Toggle IER bits on only after irq has been set up
    - tty: serial: fsl_lpuart: disable dma rx/tx use flags in lpuart_dma_shutdown
    - phy: qualcomm: call clk_disable_unprepare in the error handling
    - staging: vt6655: fix some erroneous memory clean-up loops
    - slimbus: qcom-ngd-ctrl: allow compile testing without QCOM_RPROC_COMMON
    - firmware: google: Test spinlock on panic path to avoid lockups
    - serial: 8250: Fix restoring termios speed after suspend
    - scsi: libsas: Fix use-after-free bug in smp_execute_task_sg()
    - scsi: iscsi: Rename iscsi_conn_queue_work()
    - scsi: iscsi: Add recv workqueue helpers
    - scsi: iscsi: Run recv path from workqueue
    - scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername()
    - clk: qcom: apss-ipq6018: mark apcs_alias0_core_clk as critical
    - clk: qcom: gcc-sm6115: Override default Alpha PLL regs
    - RDMA/rxe: Fix resize_finish() in rxe_queue.c
    - fsi: core: Check error number after calling ida_simple_get
    - mfd: intel_soc_pmic: Fix an error handling path in
      intel_soc_pmic_i2c_probe()
    - mfd: fsl-imx25: Fix an error handling path in mx25_tsadc_setup_irq()
    - mfd: lp8788: Fix an error handling path in lp8788_probe()
    - mfd: lp8788: Fix an error handling path in lp8788_irq_init() and
      lp8788_irq_init()
    - mfd: fsl-imx25: Fix check for platform_get_irq() errors
    - mfd: sm501: Add check for platform_driver_register()
    - clk: mediatek: mt8183: mfgcfg: Propagate rate changes to parent
    - dmaengine: ioat: stop mod_timer from resurrecting deleted timer in
      __cleanup()
    - usb: mtu3: fix failed runtime suspend in host only mode
    - spmi: pmic-arb: correct duplicate APID to PPID mapping logic
    - clk: vc5: Fix 5P49V6901 outputs disabling when enabling FOD
    - clk: baikal-t1: Fix invalid xGMAC PTP clock divider
    - clk: baikal-t1: Add shared xGMAC ref/ptp clocks internal parent
    - clk: baikal-t1: Add SATA internal ref clock buffer
    - clk: bcm2835: fix bcm2835_clock_rate_from_divisor declaration
    - clk: imx: scu: fix memleak on platform_device_add() fails
    - clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe
    - clk: ast2600: BCLK comes from EPLL
    - mailbox: mpfs: fix handling of the reg property
    - mailbox: mpfs: account for mbox offsets while sending
    - mailbox: bcm-ferxrm-mailbox: Fix error check for dma_map_sg
    - powerpc/configs: Properly enable PAPR_SCM in pseries_defconfig
    - powerpc/math_emu/efp: Include module.h
    - powerpc/sysdev/fsl_msi: Add missing of_node_put()
    - powerpc/pci_dn: Add missing of_node_put()
    - powerpc/powernv: add missing of_node_put() in opal_export_attrs()
    - powerpc: Fix fallocate and fadvise64_64 compat parameter combination
    - x86/hyperv: Fix 'struct hv_enlightened_vmcs' definition
    - powerpc/64s: Fix GENERIC_CPU build flags for PPC970 / G5
    - powerpc: Fix SPE Power ISA properties for e500v1 platforms
    - powerpc/kprobes: Fix null pointer reference in arch_prepare_kprobe()
    - powerpc/pseries/vas: Pass hw_cpu_id to node associativity HCALL
    - crypto: sahara - don't sleep when in softirq
    - crypto: hisilicon/zip - fix mismatch in get/set sgl_sge_nr
    - hwrng: arm-smccc-trng - fix NO_ENTROPY handling
    - cgroup: Honor caller's cgroup NS when resolving path
    - hwrng: imx-rngc - Moving IRQ handler registering after
      imx_rngc_irq_mask_clear()
    - crypto: qat - fix default value of WDT timer
    - crypto: hisilicon/qm - fix missing put dfx access
    - cgroup/cpuset: Enable update_tasks_cpumask() on top_cpuset
    - iommu/omap: Fix buffer overflow in debugfs
    - crypto: akcipher - default implementation for setting a private key
    - crypto: ccp - Release dma channels before dmaengine unrgister
    - crypto: inside-secure - Change swab to swab32
    - crypto: qat - fix DMA transfer direction
    - cifs: return correct error in ->calc_signature()
    - iommu/iova: Fix module config properly
    - tracing: kprobe: Fix kprobe event gen test module on exit
    - tracing: kprobe: Make gen test module work in arm and riscv
    - tracing/osnoise: Fix possible recursive locking in stop_per_cpu_kthreads
    - kbuild: remove the target in signal traps when interrupted
    - kbuild: rpm-pkg: fix breakage when V=1 is used
    - crypto: marvell/octeontx - prevent integer overflows
    - crypto: cavium - prevent integer overflow loading firmware
    - thermal/drivers/qcom/tsens-v0_1: Fix MSM8939 fourth sensor hw_id
    - ACPI: APEI: do not add task_work to kernel thread to avoid memory leak
    - f2fs: fix race condition on setting FI_NO_EXTENT flag
    - f2fs: fix to account FS_CP_DATA_IO correctly
    - selftest: tpm2: Add Client.__del__() to close /dev/tpm* handle
    - fs: dlm: fix race in lowcomms
    - rcu: Avoid triggering strict-GP irq-work when RCU is idle
    - rcu: Back off upon fill_page_cache_func() allocation failure
    - rcu-tasks: Convert RCU_LOCKDEP_WARN() to WARN_ONCE()
    - ACPI: video: Add Toshiba Satellite/Portege Z830 quirk
    - ACPI: tables: FPDT: Don't call acpi_os_map_memory() on invalid phys address
    - cpufreq: intel_pstate: Add Tigerlake support in no-HWP mode
    - MIPS: BCM47XX: Cast memcmp() of function to (void *)
    - powercap: intel_rapl: fix UBSAN shift-out-of-bounds issue
    - thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to
      avoid crash
    - ARM: decompressor: Include .data.rel.ro.local
    - ACPI: x86: Add a quirk for Dell Inspiron 14 2-in-1 for StorageD3Enable
    - x86/entry: Work around Clang __bdos() bug
    - NFSD: Return nfserr_serverfault if splice_ok but buf->pages have data
    - NFSD: fix use-after-free on source server when doing inter-server copy
    - wifi: brcmfmac: fix invalid address access when enabling SCAN log level
    - bpftool: Clear errno after libcap's checks
    - ice: set tx_tstamps when creating new Tx rings via ethtool
    - net: ethernet: ti: davinci_mdio: Add workaround for errata i2329
    - openvswitch: Fix double reporting of drops in dropwatch
    - openvswitch: Fix overreporting of drops in dropwatch
    - tcp: annotate data-race around tcp_md5sig_pool_populated
    - x86/mce: Retrieve poison range from hardware
    - wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg()
    - thunderbolt: Add back Intel Falcon Ridge end-to-end flow control workaround
    - xfrm: Update ipcomp_scratches with NULL when freed
    - iavf: Fix race between iavf_close and iavf_reset_task
    - wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()
    - Bluetooth: btintel: Mark Intel controller to support LE_STATES quirk
    - regulator: core: Prevent integer underflow
    - wifi: mt76: mt7921: reset msta->airtime_ac while clearing up hw value
    - Bluetooth: L2CAP: initialize delayed works at l2cap_chan_create()
    - Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times
    - can: bcm: check the result of can_send() in bcm_can_tx()
    - wifi: rt2x00: don't run Rt5592 IQ calibration on MT7620
    - wifi: rt2x00: set correct TX_SW_CFG1 MAC register for MT7620
    - wifi: rt2x00: set VGC gain for both chains of MT7620
    - wifi: rt2x00: set SoC wmac clock register
    - wifi: rt2x00: correctly set BBP register 86 for MT7620
    - hwmon: (sht4x) do not overflow clamping operation on 32-bit platforms
    - net: If sock is dead don't access sock's sk_wq in sk_stream_wait_memory
    - Bluetooth: L2CAP: Fix user-after-free
    - drm/nouveau/nouveau_bo: fix potential memory leak in nouveau_bo_alloc()
    - drm: Use size_t type for len variable in drm_copy_field()
    - drm: Prevent drm_copy_field() to attempt copying a NULL pointer
    - drm/komeda: Fix handling of atomic commits in the atomic_commit_tail hook
    - gpu: lontium-lt9611: Fix NULL pointer dereference in lt9611_connector_init()
    - drm/amd/display: fix overflow on MIN_I64 definition
    - udmabuf: Set ubuf->sg = NULL if the creation of sg table fails
    - drm: bridge: dw_hdmi: only trigger hotplug event on link change
    - ALSA: usb-audio: Register card at the last interface
    - drm/vc4: vec: Fix timings for VEC modes
    - drm: panel-orientation-quirks: Add quirk for Anbernic Win600
    - platform/chrome: cros_ec: Notify the PM of wake events during resume
    - platform/x86: msi-laptop: Change DMI match / alias strings to fix module
      autoloading
    - ASoC: SOF: pci: Change DMI match info to support all Chrome platforms
    - drm/amdgpu: fix initial connector audio value
    - drm/meson: reorder driver deinit sequence to fix use-after-free bug
    - drm/meson: explicitly remove aggregate driver at module unload time
    - mmc: sdhci-msm: add compatible string check for sdm670
    - drm/dp: Don't rewrite link config when setting phy test pattern
    - drm/amd/display: Remove interface for periodic interrupt 1
    - ARM: dts: imx7d-sdb: config the max pressure for tsc2046
    - ARM: dts: imx6q: add missing properties for sram
    - ARM: dts: imx6dl: add missing properties for sram
    - ARM: dts: imx6qp: add missing properties for sram
    - ARM: dts: imx6sl: add missing properties for sram
    - ARM: dts: imx6sll: add missing properties for sram
    - ARM: dts: imx6sx: add missing properties for sram
    - kselftest/arm64: Fix validatation termination record after EXTRA_CONTEXT
    - arm64: dts: imx8mq-librem5: Add bq25895 as max17055's power supply
    - btrfs: dump extra info if one free space cache has more bitmaps than it
      should
    - btrfs: scrub: try to fix super block errors
    - btrfs: don't print information about space cache or tree every remount
    - ARM: 9242/1: kasan: Only map modules if CONFIG_KASAN_VMALLOC=n
    - clk: zynqmp: Fix stack-out-of-bounds in strncpy`
    - media: cx88: Fix a null-ptr-deref bug in buffer_prepare()
    - media: platform: fix some double free in meson-ge2d and mtk-jpeg and s5p-mfc
    - clk: zynqmp: pll: rectify rate rounding in zynqmp_pll_round_rate
    - usb: host: xhci-plat: suspend and resume clocks
    - usb: host: xhci-plat: suspend/resume clks for brcm
    - dmaengine: ti: k3-udma: Reset UDMA_CHAN_RT byte counters to prevent overflow
    - scsi: 3w-9xxx: Avoid disabling device if failing to enable it
    - nbd: Fix hung when signal interrupts nbd_start_device_ioctl()
    - iommu/arm-smmu-v3: Make default domain type of HiSilicon PTT device to
      identity
    - power: supply: adp5061: fix out-of-bounds read in adp5061_get_chg_type()
    - staging: vt6655: fix potential memory leak
    - blk-throttle: prevent overflow while calculating wait time
    - ata: libahci_platform: Sanity check the DT child nodes number
    - bcache: fix set_at_max_writeback_rate() for multiple attached devices
    - soundwire: cadence: Don't overwrite msg->buf during write commands
    - soundwire: intel: fix error handling on dai registration issues
    - HID: roccat: Fix use-after-free in roccat_read()
    - eventfd: guard wake_up in eventfd fs calls as well
    - md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d
    - usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info()
    - usb: musb: Fix musb_gadget.c rxstate overflow bug
    - arm64: dts: imx8mp: Add snps,gfladj-refclk-lpm-sel quirk to USB nodes
    - usb: dwc3: core: Enable GUCTL1 bit 10 for fixing termination error after
      resume bug
    - Revert "usb: storage: Add quirk for Samsung Fit flash"
    - staging: rtl8723bs: fix potential memory leak in rtw_init_drv_sw()
    - staging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv()
    - scsi: tracing: Fix compile error in trace_array calls when TRACING is
      disabled
    - ext2: Use kvmalloc() for group descriptor array
    - nvme: copy firmware_rev on each init
    - nvmet-tcp: add bounds check on Transfer Tag
    - usb: idmouse: fix an uninit-value in idmouse_open
    - clk: bcm2835: Make peripheral PLLC critical
    - clk: bcm2835: Round UART input clock up
    - perf intel-pt: Fix segfault in intel_pt_print_info() with uClibc
    - io_uring: correct pinned_vm accounting
    - io_uring/rw: fix short rw error handling
    - io_uring/rw: fix error'ed retry return values
    - io_uring/rw: fix unexpected link breakage
    - mm: hugetlb: fix UAF in hugetlb_handle_userfault
    - net: ieee802154: return -EINVAL for unknown addr type
    - ALSA: usb-audio: Fix last interface check for registration
    - blk-wbt: fix that 'rwb->wc' is always set to 1 in wbt_init()
    - [Config] updateconfigs for MDIO_BITBANG
    - net: ethernet: ti: davinci_mdio: fix build for mdio bitbang uses
    - Revert "net/ieee802154: reject zero-sized raw_sendmsg()"
    - net/ieee802154: don't warn zero-sized raw_sendmsg()
    - drm/amd/display: Fix build breakage with CONFIG_DEBUG_FS=n
    - Kconfig.debug: simplify the dependency of DEBUG_INFO_DWARF4/5
    - Kconfig.debug: add toolchain checks for DEBUG_INFO_DWARF_TOOLCHAIN_DEFAULT
    - lib/Kconfig.debug: Add check for non-constant .{s,u}leb128 support to DWARF5
    - [Config] updateconfigs for AS_HAS_NON_CONST_LEB128
    - ext4: continue to expand file system when the target size doesn't reach
    - thermal: intel_powerclamp: Use first online CPU as control_cpu
    - gcov: support GCC 12.1 and newer compilers
    - io-wq: Fix memory leak in worker creation
    - Linux 5.15.75
  * [SRU] Ubuntu 22.04 - NVMe TCP - Host fails to reconnect to target after
    link down/link up sequence (LP: #1989990)
    - nvme-fabrics: parse nvme connect Linux error codes
    - nvme-tcp: handle number of queue changes
    - nvme-rdma: handle number of queue changes
    - nvmet: expose max queues to configfs

linux-aws-5.15 (5.15.0-1028.32~20.04.1) focal; urgency=medium

* focal/linux-aws-5.15: 5.15.0-1028.32~20.04.1 -proposed tracker
    (LP: #2001627)

[ Ubuntu: 5.15.0-1028.32 ]

* jammy/linux-aws: 5.15.0-1028.32 -proposed tracker (LP: #2001628)
  * jammy/linux: 5.15.0-58.64 -proposed tracker (LP: #2001670)
  * CVE-2022-3643
    - xen/netback: Ensure protocol headers don't fall in the non-linear area
  * CVE-2022-4378
    - proc: proc_skip_spaces() shouldn't think it is working on C strings
    - proc: avoid integer type confusion in get_proc_long
  * CVE-2022-45934
    - Bluetooth: L2CAP: Fix u8 overflow
  * CVE-2022-42896
    - Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
    - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm

linux-aws-5.15 (5.15.0-1027.31~20.04.1) focal; urgency=medium

* focal/linux-aws-5.15: 5.15.0-1027.31~20.04.1 -proposed tracker
    (LP: #1997693)

[ Ubuntu: 5.15.0-1027.31 ]

* jammy/linux-aws: 5.15.0-1024.28 -proposed tracker (LP: #1997694)
  * Jammy update: v5.15.65 upstream stable release (LP: #1991831) // Jammy
    update: v5.15.68 upstream stable release (LP: #1993003)
    - [Config] aws: Updates after rebase
  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2022.10.10)
  * jammy/linux: 5.15.0-57.63 -proposed tracker (LP: #1997737)
  * Packaging resync (LP: #1786013)
    - [Packaging] update variants
    - debian/dkms-versions -- update from kernel-versions (main/2022.11.14)
  * Expose built-in trusted and revoked certificates (LP: #1996892)
    - [Packaging] Expose built-in trusted and revoked certificates
  * TEE Support for CCP driver (LP: #1991608)
    - crypto: ccp: Add support for TEE for PCI ID 0x14CA
  * alsa: soc: the kernel print UBSAN calltrace on the machine with cs35l41
    codec (LP: #1996121)
    - ASoC: cs35l41: Add one more variable in the debug log
    - ASoC: cs35l41: Fix an out-of-bounds access in otp_packed_element_t
  * Fix ath11k deadlock on WCN6855 (LP: #1995041)
    - wifi: ath11k: avoid deadlock during regulatory update in
      ath11k_regd_update()
  * [UBUNTU 20.04] boot: Add s390x secure boot trailer (LP: #1996071)
    - s390/boot: add secure boot trailer
  * Fix rfkill causing soft blocked wifi (LP: #1996198)
    - platform/x86: hp_wmi: Fix rfkill causing soft blocked wifi
  * Fix Thunderbolt device hotplug fail when connect via thunderbolt dock
    (LP: #1991366)
    - PCI: Fix used_buses calculation in pci_scan_child_bus_extend()
    - PCI: Pass available buses even if the bridge is already configured
    - PCI: Move pci_assign_unassigned_root_bus_resources()
    - PCI: Distribute available resources for root buses, too
    - PCI: Fix whitespace and indentation
    - PCI: Fix typo in pci_scan_child_bus_extend()
  * md: Replace snprintf with scnprintf (LP: #1993315)
    - md: Replace snprintf with scnprintf
  * input/keyboard: the keyboard on some Asus laptops can't work (LP: #1992266)
    - ACPI: resource: Skip IRQ override on Asus Vivobook K3402ZA/K3502ZA
    - ACPI: resource: Add ASUS model S5402ZA to quirks
  * Fix Turbostat is not working for fam: 6 model: 191: stepping: 2 CPU
    (LP: #1991365)
    - tools/power turbostat: Add support for RPL-S
  * pcieport 0000:00:1b.0: PCIe Bus Error: severity=Uncorrected (Non-Fatal),
    type=Transaction Layer, (Requester ID) (LP: #1988797)
    - PCI/PTM: Cache PTM Capability offset
    - PCI/PTM: Add pci_upstream_ptm() helper
    - PCI/PTM: Separate configuration and enable
    - PCI/PTM: Add pci_suspend_ptm() and pci_resume_ptm()
    - PCI/PTM: Move pci_ptm_info() body into its only caller
    - PCI/PTM: Preserve RsvdP bits in PTM Control register
    - PCI/PTM: Reorder functions in logical order
    - PCI/PTM: Consolidate PTM interface declarations
    - PCI/PM: Always disable PTM for all devices during suspend
    - PCI/PM: Simplify pci_pm_suspend_noirq()
  * Fix RPL-S support on powercap/intel_rapl (LP: #1990161)
    - x86/cpu: Drop spurious underscore from RAPTOR_LAKE #define
    - x86/cpu: Add new Alderlake and Raptorlake CPU model numbers
    - x86/cpu: Add new Raptor Lake CPU model number
    - powercap: intel_rapl: add support for RaptorLake
    - powercap: intel_rapl: Add support for RAPTORLAKE_P
    - powercap: intel_rapl: Add support for RAPTORLAKE_S
  * AMD Yellow Carp system hang on HDMI plug in/out over HP hook2 docking
    (LP: #1991974)
    - drm/amd/display: Fix for link encoder access for MST.
    - drm/amd/display: Fix MST link encoder availability check.
    - drm/amd/display: FEC configuration for dpia links
    - drm/amd/display: FEC configuration for dpia links in MST mode
    - drm/amd/display: Add work around for tunneled MST.
  * Jammy update: v5.15.74 upstream stable release (LP: #1995638)
    - nilfs2: fix use-after-free bug of struct nilfs_root
    - nilfs2: fix leak of nilfs_root in case of writer thread creation failure
    - nilfs2: replace WARN_ONs by nilfs_error for checkpoint acquisition failure
    - ceph: don't truncate file in atomic_open
    - random: restore O_NONBLOCK support
    - random: clamp credited irq bits to maximum mixed
    - ALSA: hda: Fix position reporting on Poulsbo
    - efi: Correct Macmini DMI match in uefi cert quirk
    - USB: serial: qcserial: add new usb-id for Dell branded EM7455
    - Revert "powerpc/rtas: Implement reentrant rtas call"
    - Revert "crypto: qat - reduce size of mapped region"
    - random: avoid reading two cache lines on irq randomness
    - random: use expired timer rather than wq for mixing fast pool
    - Input: xpad - add supported devices as contributed on github
    - Input: xpad - fix wireless 360 controller breaking after suspend
    - misc: pci_endpoint_test: Aggregate params checking for xfer
    - misc: pci_endpoint_test: Fix pci_endpoint_test_{copy,write,read}() panic
    - Linux 5.15.74
  * Jammy update: v5.15.73 upstream stable release (LP: #1995637)
    - Makefile.extrawarn: Move -Wcast-function-type-strict to W=1
    - docs: update mediator information in CoC docs
    - xsk: Inherit need_wakeup flag for shared sockets
    - mm: gup: fix the fast GUP race against THP collapse
    - powerpc/64s/radix: don't need to broadcast IPI for radix pmd collapse flush
    - firmware: arm_scmi: Improve checks in the info_get operations
    - firmware: arm_scmi: Harden accesses to the sensor domains
    - firmware: arm_scmi: Add SCMI PM driver remove routine
    - dmaengine: xilinx_dma: Fix devm_platform_ioremap_resource error handling
    - dmaengine: xilinx_dma: cleanup for fetching xlnx,num-fstores property
    - dmaengine: xilinx_dma: Report error in case of dma_set_mask_and_coherent API
      failure
    - ARM: dts: fix Moxa SDIO 'compatible', remove 'sdhci' misnomer
    - scsi: qedf: Fix a UAF bug in __qedf_probe()
    - net/ieee802154: fix uninit value bug in dgram_sendmsg
    - net: marvell: prestera: add support for for Aldrin2
    - ALSA: hda/hdmi: Fix the converter reuse for the silent stream
    - um: Cleanup syscall_handler_t cast in syscalls_32.h
    - um: Cleanup compiler warning in arch/x86/um/tls_32.c
    - arch: um: Mark the stack non-executable to fix a binutils warning
    - net: atlantic: fix potential memory leak in aq_ndev_close()
    - drm/amd/display: Fix double cursor on non-video RGB MPO
    - drm/amd/display: Assume an LTTPR is always present on fixed_vs links
    - drm/amd/display: update gamut remap if plane has changed
    - drm/amd/display: skip audio setup when audio stream is enabled
    - mmc: core: Replace with already defined values for readability
    - mmc: core: Terminate infinite loop in SD-UHS voltage switch
    - perf parse-events: Identify broken modifiers
    - mm/huge_memory: minor cleanup for split_huge_pages_all
    - mm/huge_memory: use pfn_to_online_page() in split_huge_pages_all()
    - wifi: cfg80211: fix MCS divisor value
    - net/mlx5: Disable irq when locking lag_lock
    - usb: mon: make mmapped memory read only
    - USB: serial: ftdi_sio: fix 300 bps rate for SIO
    - rpmsg: qcom: glink: replace strncpy() with strscpy_pad()
    - Revert "clk: ti: Stop using legacy clkctrl names for omap4 and 5"
    - Linux 5.15.73
  * Jammy update: v5.15.72 upstream stable release (LP: #1995517)
    - ALSA: hda: Do disconnect jacks at codec unbind
    - ALSA: hda: Fix hang at HD-audio codec unbinding due to refcount saturation
    - ALSA: hda: Fix Nvidia dp infoframe
    - cgroup: reduce dependency on cgroup_mutex
    - cgroup: cgroup_get_from_id() must check the looked-up kn is a directory
    - uas: add no-uas quirk for Hiksemi usb_disk
    - usb-storage: Add Hiksemi USB3-FW to IGNORE_UAS
    - uas: ignore UAS for Thinkplus chips
    - usb: typec: ucsi: Remove incorrect warning
    - thunderbolt: Explicitly reset plug events delay back to USB4 spec value
    - net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455
    - Input: snvs_pwrkey - fix SNVS_HPVIDR1 register address
    - can: c_can: don't cache TX messages for C_CAN cores
    - clk: ingenic-tcu: Properly enable registers before accessing timers
    - x86/sgx: Do not fail on incomplete sanitization on premature stop of ksgxd
    - ARM: dts: integrator: Tag PCI host with device_type
    - ntfs: fix BUG_ON in ntfs_lookup_inode_by_name()
    - mm/damon/dbgfs: fix memory leak when using debugfs_lookup()
    - net: mt7531: only do PLL once after the reset
    - Revert "firmware: arm_scmi: Add clock management to the SCMI power domain"
    - drm/i915/gt: Restrict forced preemption to the active context
    - drm/amdgpu: Add amdgpu suspend-resume code path under SRIOV
    - vduse: prevent uninitialized memory accesses
    - libata: add ATA_HORKAGE_NOLPM for Pioneer BDR-207M and BDR-205
    - mmc: moxart: fix 4-bit bus width and remove 8-bit bus width
    - mmc: hsq: Fix data stomping during mmc recovery
    - mm/page_alloc: fix race condition between build_all_zonelists and page
      allocation
    - mm: prevent page_frag_alloc() from corrupting the memory
    - mm: fix dereferencing possible ERR_PTR
    - mm/migrate_device.c: flush TLB while holding PTL
    - mm: fix madivse_pageout mishandling on non-LRU page
    - mm,hwpoison: check mm when killing accessing process
    - media: dvb_vb2: fix possible out of bound access
    - media: rkvdec: Disable H.264 error detection
    - media: v4l2-compat-ioctl32.c: zero buffer passed to
      v4l2_compat_get_array_args()
    - swiotlb: max mapping size takes min align mask into account
    - ARM: dts: am33xx: Fix MMCHS0 dma properties
    - reset: imx7: Fix the iMX8MP PCIe PHY PERST support
    - ARM: dts: am5748: keep usb4_tm disabled
    - soc: sunxi: sram: Actually claim SRAM regions
    - soc: sunxi: sram: Prevent the driver from being unbound
    - soc: sunxi_sram: Make use of the helper function
      devm_platform_ioremap_resource()
    - soc: sunxi: sram: Fix probe function ordering issues
    - soc: sunxi: sram: Fix debugfs info for A64 SRAM C
    - ASoC: imx-card: Fix refcount issue with of_node_put
    - arm64: dts: qcom: sm8350: fix UFS PHY serdes size
    - ASoC: tas2770: Reinit regcache on reset
    - drm/bridge: lt8912b: add vsync hsync
    - drm/bridge: lt8912b: set hdmi or dvi mode
    - drm/bridge: lt8912b: fix corrupted image output
    - Revert "drm: bridge: analogix/dp: add panel prepare/unprepare in
      suspend/resume time"
    - Input: melfas_mip4 - fix return value check in mip4_probe()
    - gpio: mvebu: Fix check for pwm support on non-A8K platforms
    - usbnet: Fix memory leak in usbnet_disconnect()
    - net: sched: act_ct: fix possible refcount leak in tcf_ct_init()
    - cxgb4: fix missing unlock on ETHOFLD desc collect fail path
    - net/mlxbf_gige: Fix an IS_ERR() vs NULL bug in mlxbf_gige_mdio_probe
    - nvme: Fix IOC_PR_CLEAR and IOC_PR_RELEASE ioctls for nvme devices
    - wifi: mac80211: fix regression with non-QoS drivers
    - net: stmmac: power up/down serdes in stmmac_open/release
    - net: phy: Don't WARN for PHY_UP state in mdio_bus_phy_resume()
    - selftests: Fix the if conditions of in test_extra_filter()
    - vdpa/ifcvf: fix the calculation of queuepair
    - fs: split off setxattr_copy and do_setxattr function from setxattr
    - clk: imx: imx6sx: remove the SET_RATE_PARENT flag for QSPI clocks
    - clk: iproc: Do not rely on node name for correct PLL setup
    - KVM: x86: Hide IA32_PLATFORM_DCA_CAP[31:0] from the guest
    - x86/alternative: Fix race in try_get_desc()
    - drm/i915/gem: Really move i915_gem_context.link under ref protection
    - Linux 5.15.72
  * Jammy update: v5.15.71 upstream stable release (LP: #1995420)
    - drm/amdgpu: Separate vf2pf work item init from virt data exchange
    - drm/amdgpu: make sure to init common IP before gmc
    - staging: r8188eu: Remove support for devices with 8188FU chipset (0bda:f179)
    - staging: r8188eu: Add Rosewill USB-N150 Nano to device tables
    - usb: dwc3: gadget: Avoid starting DWC3 gadget during UDC unbind
    - usb: dwc3: Issue core soft reset before enabling run/stop
    - usb: dwc3: gadget: Prevent repeat pullup()
    - usb: dwc3: gadget: Refactor pullup()
    - usb: dwc3: gadget: Don't modify GEVNTCOUNT in pullup()
    - usb: dwc3: gadget: Avoid duplicate requests to enable Run/Stop
    - usb: add quirks for Lenovo OneLink+ Dock
    - usb: gadget: udc-xilinx: replace memcpy with memcpy_toio
    - Revert "usb: add quirks for Lenovo OneLink+ Dock"
    - Revert "usb: gadget: udc-xilinx: replace memcpy with memcpy_toio"
    - drivers/base: Fix unsigned comparison to -1 in CPUMAP_FILE_MAX_BYTES
    - USB: core: Fix RST error in hub.c
    - USB: serial: option: add Quectel BG95 0x0203 composition
    - USB: serial: option: add Quectel RM520N
    - ALSA: core: Fix double-free at snd_card_new()
    - ALSA: hda/tegra: set depop delay for tegra
    - ALSA: hda: add Intel 5 Series / 3400 PCI DID
    - ALSA: hda/realtek: Add quirk for Huawei WRT-WX9
    - ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5570 laptop
    - ALSA: hda/realtek: Re-arrange quirk table entries
    - ALSA: hda/realtek: Add pincfg for ASUS G513 HP jack
    - ALSA: hda/realtek: Add pincfg for ASUS G533Z HP jack
    - ALSA: hda/realtek: Add quirk for ASUS GA503R laptop
    - ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5530 laptop
    - iommu/vt-d: Check correct capability for sagaw determination
    - btrfs: fix hang during unmount when stopping block group reclaim worker
    - btrfs: fix hang during unmount when stopping a space reclaim worker
    - media: flexcop-usb: fix endpoint type check
    - usb: dwc3: core: leave default DMA if the controller does not support 64-bit
      DMA
    - efi: x86: Wipe setup_data on pure EFI boot
    - efi: libstub: check Shim mode using MokSBStateRT
    - wifi: mt76: fix reading current per-tid starting sequence number for
      aggregation
    - gpio: mockup: fix NULL pointer dereference when removing debugfs
    - gpio: mockup: Fix potential resource leakage when register a chip
    - gpiolib: cdev: Set lineevent_state::irq after IRQ register successfully
    - riscv: fix a nasty sigreturn bug...
    - kasan: call kasan_malloc() from __kmalloc_*track_caller()
    - can: flexcan: flexcan_mailbox_read() fix return value for drop = true
    - net: mana: Add rmb after checking owner bits
    - mm/slub: fix to return errno if kmalloc() fails
    - mm: slub: fix flush_cpu_slab()/__free_slab() invocations in task context.
    - KVM: x86: Inject #UD on emulated XSETBV if XSAVES isn't enabled
    - arm64: topology: fix possible overflow in amu_fie_setup()
    - vmlinux.lds.h: CFI: Reduce alignment of jump-table to function alignment
    - xfs: reorder iunlink remove operation in xfs_ifree
    - xfs: fix xfs_ifree() error handling to not leak perag ref
    - xfs: validate inode fork size against fork format
    - firmware: arm_scmi: Harden accesses to the reset domains
    - firmware: arm_scmi: Fix the asynchronous reset requests
    - arm64: dts: rockchip: Pull up wlan wake# on Gru-Bob
    - arm64: dts: rockchip: Fix typo in lisense text for PX30.Core
    - drm/mediatek: dsi: Add atomic {destroy,duplicate}_state, reset callbacks
    - arm64: dts: rockchip: Set RK3399-Gru PCLK_EDP to 24 MHz
    - dmaengine: ti: k3-udma-private: Fix refcount leak bug in of_xudma_dev_get()
    - arm64: dts: rockchip: Remove 'enable-active-low' from rk3399-puma
    - netfilter: nf_conntrack_sip: fix ct_sip_walk_headers
    - netfilter: nf_conntrack_irc: Tighten matching on DCC message
    - netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find()
    - ice: Don't double unplug aux on peer initiated reset
    - iavf: Fix cached head and tail value for iavf_get_tx_pending
    - ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header
    - net: core: fix flow symmetric hash
    - net: phy: aquantia: wait for the suspend/resume operations to finish
    - scsi: qla2xxx: Fix memory leak in __qlt_24xx_handle_abts()
    - scsi: mpt3sas: Fix return value check of dma_get_required_mask()
    - net: bonding: Share lacpdu_mcast_addr definition
    - net: bonding: Unsync device addresses on ndo_stop
    - net: team: Unsync device addresses on ndo_stop
    - drm/panel: simple: Fix innolux_g121i1_l01 bus_format
    - MIPS: lantiq: export clk_get_io() for lantiq_wdt.ko
    - MIPS: Loongson32: Fix PHY-mode being left unspecified
    - um: fix default console kernel parameter
    - iavf: Fix bad page state
    - mlxbf_gige: clear MDIO gateway lock after read
    - i40e: Fix set max_tx_rate when it is lower than 1 Mbps
    - sfc: fix TX channel offset when using legacy interrupts
    - sfc: fix null pointer dereference in efx_hard_start_xmit
    - drm/hisilicon/hibmc: Allow to be built if COMPILE_TEST is enabled
    - drm/hisilicon: Add depends on MMU
    - of: mdio: Add of_node_put() when breaking out of for_each_xx
    - net: ipa: properly limit modem routing table use
    - wireguard: ratelimiter: disable timings test by default
    - wireguard: netlink: avoid variable-sized memcpy on sockaddr
    - net: enetc: move enetc_set_psfp() out of the common enetc_set_features()
    - net: enetc: deny offload of tc-based TSN features on VF interfaces
    - net/sched: taprio: avoid disabling offload when it was never enabled
    - net/sched: taprio: make qdisc_leaf() see the per-netdev-queue pfifo child
      qdiscs
    - netfilter: nf_tables: fix nft_counters_enabled underflow at
      nf_tables_addchain()
    - netfilter: nf_tables: fix percpu memory leak at nf_tables_addchain()
    - netfilter: ebtables: fix memory leak when blob is malformed
    - net: ravb: Fix PHY state warning splat during system resume
    - net: sh_eth: Fix PHY state warning splat during system resume
    - can: gs_usb: gs_can_open(): fix race dev->can.state condition
    - perf stat: Fix BPF program section name
    - perf jit: Include program header in ELF files
    - perf kcore_copy: Do not check /proc/modules is unchanged
    - perf tools: Honor namespace when synthesizing build-ids
    - drm/mediatek: dsi: Move mtk_dsi_stop() call back to mtk_dsi_poweroff()
    - net/smc: Stop the CLC flow if no link to map buffers on
    - bonding: fix NULL deref in bond_rr_gen_slave_id
    - net: sunhme: Fix packet reception for len < RX_COPY_THRESHOLD
    - net: sched: fix possible refcount leak in tc_new_tfilter()
    - bnxt: prevent skb UAF after handing over to PTP worker
    - selftests: forwarding: add shebang for sch_red.sh
    - KVM: x86/mmu: Fold rmap_recycle into rmap_add
    - serial: fsl_lpuart: Reset prior to registration
    - serial: Create uart_xmit_advance()
    - serial: tegra: Use uart_xmit_advance(), fixes icount.tx accounting
    - serial: tegra-tcu: Use uart_xmit_advance(), fixes icount.tx accounting
    - s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup
    - drm/amd/amdgpu: fixing read wrong pf2vf data in SRIOV
    - Drivers: hv: Never allocate anything besides framebuffer from framebuffer
      memory region
    - drm/gma500: Fix BUG: sleeping function called from invalid context errors
    - drm/amd/pm: disable BACO entry/exit completely on several sienna cichlid
      cards
    - drm/amdgpu: use dirty framebuffer helper
    - drm/amd/display: Limit user regamma to a valid value
    - drm/amd/display: Reduce number of arguments of dml31's
      CalculateWatermarksAndDRAMSpeedChangeSupport()
    - drm/amd/display: Reduce number of arguments of dml31's
      CalculateFlipSchedule()
    - drm/amd/display: Mark dml30's UseMinimumDCFCLK() as noinline for stack usage
    - drm/rockchip: Fix return type of cdn_dp_connector_mode_valid
    - fsdax: Fix infinite loop in dax_iomap_rw()
    - workqueue: don't skip lockdep work dependency in cancel_work_sync()
    - i2c: imx: If pm_runtime_get_sync() returned 1 device access is possible
    - i2c: mlxbf: incorrect base address passed during io write
    - i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()
    - i2c: mlxbf: Fix frequency calculation
    - drm/amdgpu: don't register a dirty callback for non-atomic
    - NFSv4: Fixes for nfs4_inode_return_delegation()
    - devdax: Fix soft-reservation memory description
    - ext4: make directory inode spreading reflect flexbg size
    - ext4: fix bug in extents parsing when eh_entries == 0 and eh_depth > 0
    - ext4: limit the number of retries after discarding preallocations blocks
    - ext4: make mballoc try target group first even with mb_optimize_scan
    - ext4: avoid unnecessary spreading of allocations among groups
    - ext4: use locality group preallocation for small closed files
    - Linux 5.15.71
    - Revert "drm/amdgpu: use dirty framebuffer helper"
  * Jammy update: v5.15.70 upstream stable release (LP: #1995415)
    - drm/tegra: vic: Fix build warning when CONFIG_PM=n
    - serial: atmel: remove redundant assignment in rs485_config
    - tty: serial: atmel: Preserve previous USART mode if RS485 disabled
    - of: fdt: fix off-by-one error in unflatten_dt_nodes()
    - pinctrl: qcom: sc8180x: Fix gpio_wakeirq_map
    - pinctrl: qcom: sc8180x: Fix wrong pin numbers
    - pinctrl: rockchip: Enhance support for IRQ_TYPE_EDGE_BOTH
    - pinctrl: sunxi: Fix name for A100 R_PIO
    - NFSv4: Turn off open-by-filehandle and NFS re-export for NFSv4.0
    - gpio: mpc8xxx: Fix support for IRQ_TYPE_LEVEL_LOW flow_type in mpc85xx
    - drm/meson: Correct OSD1 global alpha value
    - drm/meson: Fix OSD1 RGB to YCbCr coefficient
    - block: blk_queue_enter() / __bio_queue_enter() must return -EAGAIN for
      nowait
    - parisc: ccio-dma: Add missing iounmap in error path in ccio_probe()
    - of/device: Fix up of_dma_configure_id() stub
    - cifs: revalidate mapping when doing direct writes
    - cifs: don't send down the destination address to sendmsg for a SOCK_STREAM
    - cifs: always initialize struct msghdr smb_msg completely
    - parisc: Allow CONFIG_64BIT with ARCH=parisc
    - tools/include/uapi: Fix <asm/errno.h> for parisc and xtensa
    - drm/amdgpu: Don't enable LTR if not supported
    - drm/amdgpu: move nbio ih_doorbell_range() into ih code for vega
    - drm/amdgpu: move nbio sdma_doorbell_range() into sdma code for vega
    - binder: remove inaccurate mmap_assert_locked()
    - arm64: dts: juno: Add missing MHU secure-irq
    - ASoC: nau8824: Fix semaphore unbalance at error paths
    - regulator: pfuze100: Fix the global-out-of-bounds access in
      pfuze100_regulator_probe()
    - scsi: lpfc: Return DID_TRANSPORT_DISRUPTED instead of DID_REQUEUE
    - rxrpc: Fix local destruction being repeated
    - rxrpc: Fix calc of resend age
    - wifi: mac80211_hwsim: check length for virtio packets
    - ALSA: hda/sigmatel: Keep power up while beep is enabled
    - ALSA: hda/tegra: Align BDL entry to 4KB boundary
    - net: usb: qmi_wwan: add Quectel RM520N
    - afs: Return -EAGAIN, not -EREMOTEIO, when a file already locked
    - MIPS: OCTEON: irq: Fix octeon_irq_force_ciu_mapping()
    - drm/panfrost: devfreq: set opp to the recommended one to configure regulator
    - mksysmap: Fix the mismatch of 'L0' symbols in System.map
    - video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
    - net: Find dst with sk's xfrm policy not ctl_sk
    - KVM: SEV: add cache flush to solve SEV cache incoherency issues
    - cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all()
    - ALSA: hda/sigmatel: Fix unused variable warning for beep power change
    - Linux 5.15.70
  * Jammy update: v5.15.69 upstream stable release (LP: #1993010)
    - NFS: Fix WARN_ON due to unionization of nfs_inode.nrequests
    - ACPI: resource: skip IRQ override on AMD Zen platforms
    - ARM: dts: imx: align SPI NOR node name with dtschema
    - ARM: dts: imx6qdl-kontron-samx6i: fix spi-flash compatible
    - ARM: dts: at91: fix low limit for CPU regulator
    - ARM: dts: at91: sama7g5ek: specify proper regulator output ranges
    - lockdep: Fix -Wunused-parameter for _THIS_IP_
    - x86/mm: Force-inline __phys_addr_nodebug()
    - task_stack, x86/cea: Force-inline stack helpers
    - tracing: hold caller_addr to hardirq_{enable,disable}_ip
    - tracefs: Only clobber mode/uid/gid on remount if asked
    - iommu/vt-d: Fix kdump kernels boot failure with scalable mode
    - Input: goodix - add support for GT1158
    - platform/surface: aggregator_registry: Add support for Surface Laptop Go 2
    - drm/msm/rd: Fix FIFO-full deadlock
    - dt-bindings: iio: gyroscope: bosch,bmg160: correct number of pins
    - HID: ishtp-hid-clientHID: ishtp-hid-client: Fix comment typo
    - hid: intel-ish-hid: ishtp: Fix ishtp client sending disordered message
    - tg3: Disable tg3 device on system reboot to avoid triggering AER
    - gpio: mockup: remove gpio debugfs when remove device
    - ieee802154: cc2520: add rc code in cc2520_tx()
    - Input: iforce - add support for Boeder Force Feedback Wheel
    - nvmet-tcp: fix unhandled tcp states in nvmet_tcp_state_change()
    - drm/amd/amdgpu: skip ucode loading if ucode_size == 0
    - net: dsa: hellcreek: Print warning only once
    - perf/arm_pmu_platform: fix tests for platform_get_irq() failure
    - platform/x86: acer-wmi: Acer Aspire One AOD270/Packard Bell Dot keymap fixes
    - usb: storage: Add ASUS <0x0b05:0x1932> to IGNORE_UAS
    - mm: Fix TLB flush for not-first PFNMAP mappings in unmap_region()
    - soc: fsl: select FSL_GUTS driver for DPIO
    - usb: gadget: f_uac2: clean up some inconsistent indenting
    - usb: gadget: f_uac2: fix superspeed transfer
    - RDMA/irdma: Use s/g array in post send only when its valid
    - Input: goodix - add compatible string for GT1158
    - Linux 5.15.69
  * Jammy update: v5.15.68 upstream stable release (LP: #1993003)
    - net: wwan: iosm: remove pointless null check
    - efi: libstub: Disable struct randomization
    - efi: capsule-loader: Fix use-after-free in efi_capsule_write
    - wifi: iwlegacy: 4965: corrected fix for potential off-by-one overflow in
      il4965_rs_fill_link_cmd()
    - fs: only do a memory barrier for the first set_buffer_uptodate()
    - Revert "mm: kmemleak: take a full lowmem check in kmemleak_*_phys()"
    - scsi: qla2xxx: Disable ATIO interrupt coalesce for quad port ISP27XX
    - scsi: megaraid_sas: Fix double kfree()
    - drm/gem: Fix GEM handle release errors
    - drm/amdgpu: Move psp_xgmi_terminate call from amdgpu_xgmi_remove_device to
      psp_hw_fini
    - drm/amdgpu: Check num_gfx_rings for gfx v9_0 rb setup.
    - drm/radeon: add a force flush to delay work when radeon
    - scsi: ufs: core: Reduce the power mode change timeout
    - Revert "parisc: Show error if wrong 32/64-bit compiler is being used"
    - parisc: ccio-dma: Handle kmalloc failure in ccio_init_resources()
    - parisc: Add runtime check to prevent PA2.0 kernels on PA1.x machines
    - arm64: cacheinfo: Fix incorrect assignment of signed error value to unsigned
      fw_level
    - netfilter: conntrack: work around exceeded receive window
    - cpufreq: check only freq_table in __resolve_freq()
    - net/core/skbuff: Check the return value of skb_copy_bits()
    - md: Flush workqueue md_rdev_misc_wq in md_alloc()
    - fbdev: fbcon: Destroy mutex on freeing struct fb_info
    - fbdev: chipsfb: Add missing pci_disable_device() in chipsfb_pci_init()
    - drm/amdgpu: mmVM_L2_CNTL3 register not initialized correctly
    - ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
    - ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc()
    - ALSA: aloop: Fix random zeros in capture data when using jiffies timer
    - ALSA: usb-audio: Fix an out-of-bounds bug in
      __snd_usb_parse_audio_interface()
    - tracing: Fix to check event_mutex is held while accessing trigger list
    - btrfs: zoned: set pseudo max append zone limit in zone emulation mode
    - vfio/type1: Unpin zero pages
    - kprobes: Prohibit probes in gate area
    - debugfs: add debugfs_lookup_and_remove()
    - sched/debug: fix dentry leak in update_sched_domain_debugfs
    - drm/amd/display: fix memory leak when using debugfs_lookup()
    - nvmet: fix a use-after-free
    - scsi: mpt3sas: Fix use-after-free warning
    - scsi: lpfc: Add missing destroy_workqueue() in error path
    - NFS: Further optimisations for 'ls -l'
    - NFS: Save some space in the inode
    - NFS: Fix another fsync() issue after a server reboot
    - cgroup: Elide write-locking threadgroup_rwsem when updating csses on an
      empty subtree
    - cgroup: Fix threadgroup_rwsem <-> cpus_read_lock() deadlock
    - ASoC: qcom: sm8250: add missing module owner
    - RDMA/rtrs-clt: Use the right sg_cnt after ib_dma_map_sg
    - RDMA/rtrs-srv: Pass the correct number of entries for dma mapped SGL
    - ARM: dts: imx6qdl-kontron-samx6i: remove duplicated node
    - soc: imx: gpcv2: Assert reset before ungating clock
    - regulator: core: Clean up on enable failure
    - tee: fix compiler warning in tee_shm_register()
    - RDMA/cma: Fix arguments order in net device validation
    - soc: brcmstb: pm-arm: Fix refcount leak and __iomem leak bugs
    - RDMA/hns: Fix supported page size
    - RDMA/hns: Fix wrong fixed value of qp->rq.wqe_shift
    - wifi: wilc1000: fix DMA on stack objects
    - ARM: at91: pm: fix self-refresh for sama7g5
    - ARM: at91: pm: fix DDR recalibration when resuming from backup and self-
      refresh
    - ARM: dts: at91: sama5d27_wlsom1: specify proper regulator output ranges
    - ARM: dts: at91: sama5d2_icp: specify proper regulator output ranges
    - ARM: dts: at91: sama5d27_wlsom1: don't keep ldo2 enabled all the time
    - ARM: dts: at91: sama5d2_icp: don't keep vdd_other enabled all the time
    - netfilter: br_netfilter: Drop dst references before setting.
    - netfilter: nf_tables: clean up hook list when offload flags check fails
    - RDMA/srp: Set scmnd->result only when scmnd is not NULL
    - ALSA: usb-audio: Inform the delayed registration more properly
    - ALSA: usb-audio: Register card again for iface over delayed_register option
    - rxrpc: Fix ICMP/ICMP6 error handling
    - rxrpc: Fix an insufficiently large sglist in rxkad_verify_packet_2()
    - afs: Use the operation issue time instead of the reply time for callbacks
    - Revert "net: phy: meson-gxl: improve link-up behavior"
    - sch_sfb: Don't assume the skb is still around after enqueueing to child
    - tipc: fix shift wrapping bug in map_get()
    - net: introduce __skb_fill_page_desc_noacc
    - tcp: TX zerocopy should not sense pfmemalloc status
    - ice: use bitmap_free instead of devm_kfree
    - i40e: Fix kernel crash during module removal
    - iavf: Detach device during reset task
    - xen-netback: only remove 'hotplug-status' when the vif is actually destroyed
    - RDMA/siw: Pass a pointer to virt_to_page()
    - ipv6: sr: fix out-of-bounds read when setting HMAC data.
    - IB/core: Fix a nested dead lock as part of ODP flow
    - RDMA/mlx5: Set local port to one when accessing counters
    - erofs: fix pcluster use-after-free on UP platforms
    - nvme-tcp: fix UAF when detecting digest errors
    - nvme-tcp: fix regression that causes sporadic requests to time out
    - tcp: fix early ETIMEDOUT after spurious non-SACK RTO
    - nvmet: fix mar and mor off-by-one errors
    - RDMA/irdma: Report the correct max cqes from query device
    - RDMA/irdma: Return correct WC error for bind operation failure
    - RDMA/irdma: Report RNR NAK generation in device caps
    - sch_sfb: Also store skb len before calling child enqueue
    - perf script: Fix Cannot print 'iregs' field for hybrid systems
    - hwmon: (tps23861) fix byte order in resistance register
    - ASoC: mchp-spdiftx: remove references to mchp_i2s_caps
    - ASoC: mchp-spdiftx: Fix clang -Wbitfield-constant-conversion
    - MIPS: loongson32: ls1c: Fix hang during startup
    - kbuild: disable header exports for UML in a straightforward way
    - i40e: Refactor tc mqprio checks
    - i40e: Fix ADQ rate limiting for PF
    - swiotlb: avoid potential left shift overflow
    - iommu/amd: use full 64-bit value in build_completion_wait()
    - s390/boot: fix absolute zero lowcore corruption on boot
    - hwmon: (mr75203) fix VM sensor allocation when "intel,vm-map" not defined
    - hwmon: (mr75203) update pvt->v_num and vm_num to the actual number of used
      sensors
    - hwmon: (mr75203) fix voltage equation for negative source input
    - hwmon: (mr75203) fix multi-channel voltage reading
    - hwmon: (mr75203) enable polling for all VM channels
    - arm64/bti: Disable in kernel BTI when cross section thunks are broken
    - [Config] updateconfigs for ARM64_BTI_KERNEL
    - iommu/vt-d: Correctly calculate sagaw value of IOMMU
    - [Config] updateconfigs for ARM64_ERRATUM_2457168
    - arm64: errata: add detection for AMEVCNTR01 incrementing incorrectly
    - drm/bridge: display-connector: implement bus fmts callbacks
    - perf machine: Use path__join() to compose a path instead of snprintf(dir,
      '/', filename)
    - ARM: at91: ddr: remove CONFIG_SOC_SAMA7 dependency
    - Linux 5.15.68
  * Jammy update: v5.15.67 upstream stable release (LP: #1991841)
    - Linux 5.15.67
  * Jammy update: v5.15.66 upstream stable release (LP: #1991840)
    - drm/msm/dsi: fix the inconsistent indenting
    - drm/msm/dp: delete DP_RECOVERED_CLOCK_OUT_EN to fix tps4
    - drm/msm/dsi: Fix number of regulators for msm8996_dsi_cfg
    - drm/msm/dsi: Fix number of regulators for SDM660
    - platform/x86: pmc_atom: Fix SLP_TYPx bitfield mask
    - iio: adc: mcp3911: make use of the sign bit
    - skmsg: Fix wrong last sg check in sk_msg_recvmsg()
    - bpf: Restrict bpf_sys_bpf to CAP_PERFMON
    - bpf, cgroup: Fix kernel BUG in purge_effective_progs
    - ieee802154/adf7242: defer destroy_workqueue call
    - drm/i915/backlight: extract backlight code to a separate file
    - drm/i915/display: avoid warnings when registering dual panel backlight
    - ALSA: hda: intel-nhlt: remove use of __func__ in dev_dbg
    - ALSA: hda: intel-nhlt: Correct the handling of fmt_config flexible array
    - wifi: cfg80211: debugfs: fix return type in ht40allow_map_read()
    - Revert "xhci: turn off port power in shutdown"
    - net: sparx5: fix handling uneven length packets in manual extraction
    - net: smsc911x: Stop and start PHY during suspend and resume
    - openvswitch: fix memory leak at failed datapath creation
    - net: dsa: xrs700x: Use irqsave variant for u64 stats update
    - net: sched: tbf: don't call qdisc_put() while holding tree lock
    - net/sched: fix netdevice reference leaks in attach_default_qdiscs()
    - ethernet: rocker: fix sleep in atomic context bug in neigh_timer_handler
    - mlxbf_gige: compute MDIO period based on i1clk
    - kcm: fix strp_init() order and cleanup
    - sch_cake: Return __NET_XMIT_STOLEN when consuming enqueued skb
    - tcp: annotate data-race around challenge_timestamp
    - Revert "sch_cake: Return __NET_XMIT_STOLEN when consuming enqueued skb"
    - net/smc: Remove redundant refcount increase
    - soundwire: qcom: fix device status array range
    - serial: fsl_lpuart: RS485 RTS polariy is inverse
    - staging: rtl8712: fix use after free bugs
    - staging: r8188eu: add firmware dependency
    - powerpc: align syscall table for ppc32
    - vt: Clear selection before changing the font
    - musb: fix USB_MUSB_TUSB6010 dependency
    - tty: serial: lpuart: disable flow control while waiting for the transmit
      engine to complete
    - Input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag
    - iio: ad7292: Prevent regulator double disable
    - iio: adc: mcp3911: use correct formula for AD conversion
    - misc: fastrpc: fix memory corruption on probe
    - misc: fastrpc: fix memory corruption on open
    - USB: serial: ftdi_sio: add Omron CS1W-CIF31 device id
    - mmc: core: Fix UHS-I SD 1.8V workaround branch
    - mmc: core: Fix inconsistent sd3_bus_mode at UHS-I SD voltage switch failure
    - binder: fix UAF of ref->proc caused by race condition
    - binder: fix alloc->vma_vm_mm null-ptr dereference
    - cifs: fix small mempool leak in SMB2_negotiate()
    - KVM: VMX: Heed the 'msr' argument in msr_write_intercepted()
    - drm/i915/reg: Fix spelling mistake "Unsupport" -> "Unsupported"
    - clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops
    - Revert "clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops"
    - clk: core: Fix runtime PM sequence in clk_core_unprepare()
    - Input: rk805-pwrkey - fix module autoloading
    - clk: bcm: rpi: Fix error handling of raspberrypi_fw_get_rate
    - clk: bcm: rpi: Use correct order for the parameters of devm_kcalloc()
    - clk: bcm: rpi: Prevent out-of-bounds access
    - clk: bcm: rpi: Add missing newline
    - hwmon: (gpio-fan) Fix array out of bounds access
    - gpio: pca953x: Add mutex_lock for regcache sync in PM
    - KVM: x86: Mask off unsupported and unknown bits of IA32_ARCH_CAPABILITIES
    - xen/grants: prevent integer overflow in gnttab_dma_alloc_pages()
    - mm: pagewalk: Fix race between unmap and page walker
    - xen-blkback: Advertise feature-persistent as user requested
    - xen-blkfront: Advertise feature-persistent as user requested
    - xen-blkfront: Cache feature_persistent value before advertisement
    - thunderbolt: Use the actual buffer in tb_async_error()
    - usb: dwc3: pci: Add support for Intel Raptor Lake
    - media: mceusb: Use new usb_control_msg_*() routines
    - xhci: Add grace period after xHC start to prevent premature runtime suspend.
    - USB: serial: cp210x: add Decagon UCA device id
    - USB: serial: option: add support for OPPO R11 diag port
    - USB: serial: option: add Quectel EM060K modem
    - USB: serial: option: add support for Cinterion MV32-WA/WB RmNet mode
    - usb: typec: altmodes/displayport: correct pin assignment for UFP receptacles
    - usb: typec: intel_pmc_mux: Add new ACPI ID for Meteor Lake IOM device
    - usb: typec: tcpm: Return ENOTSUPP for power supply prop writes
    - usb: dwc2: fix wrong order of phy_power_on and phy_init
    - usb: cdns3: fix issue with rearming ISO OUT endpoint
    - usb: cdns3: fix incorrect handling TRB_SMM flag for ISOC transfer
    - USB: cdc-acm: Add Icom PMR F3400 support (0c26:0020)
    - usb-storage: Add ignore-residue quirk for NXP PN7462AU
    - s390/hugetlb: fix prepare_hugepage_range() check for 2 GB hugepages
    - s390: fix nospec table alignments
    - USB: core: Prevent nested device-reset calls
    - usb: xhci-mtk: relax TT periodic bandwidth allocation
    - usb: xhci-mtk: fix bandwidth release issue
    - usb: gadget: mass_storage: Fix cdrom data transfers on MAC-OS
    - driver core: Don't probe devices after bus_type.match() probe deferral
    - wifi: mac80211: Don't finalize CSA in IBSS mode if state is disconnected
    - wifi: mac80211: Fix UAF in ieee80211_scan_rx()
    - net: Use u64_stats_fetch_begin_irq() for stats fetch.
    - net: mac802154: Fix a condition in the receive path
    - ALSA: hda/realtek: Add speaker AMP init for Samsung laptops with ALC298
    - ALSA: seq: oss: Fix data-race for max_midi_devs access
    - ALSA: seq: Fix data-race at module auto-loading
    - drm/i915/glk: ECS Liva Q2 needs GLK HDMI port timing quirk
    - drm/i915: Skip wm/ddb readout for disabled pipes
    - tty: n_gsm: add sanity check for gsm->receive in gsm_receive_buf()
    - kbuild: Add skip_encoding_btf_enum64 option to pahole
    - usb: dwc3: fix PHY disable sequence
    - usb: dwc3: qcom: fix use-after-free on runtime-PM wakeup
    - usb: dwc3: disable USB core PHY management
    - USB: serial: ch341: fix lost character on LCR updates
    - USB: serial: ch341: fix disabled rx timer on older devices
    - Linux 5.15.66
  * Jammy update: v5.15.65 upstream stable release (LP: #1991831)
    - mm: Force TLB flush for PFNMAP mappings before unlink_file_vma()
    - drm/bridge: Add stubs for devm_drm_of_get_bridge when OF is disabled
    - ACPI: thermal: drop an always true check
    - drm/vc4: hdmi: Rework power up
    - drm/vc4: hdmi: Depends on CONFIG_PM
    - firmware: tegra: bpmp: Do only aligned access to IPC memory area
    - crypto: lib - remove unneeded selection of XOR_BLOCKS
    - Drivers: hv: balloon: Support status report for larger page sizes
    - mm/hugetlb: avoid corrupting page->mapping in hugetlb_mcopy_atomic_pte
    - [Config] updateconfigs for ARM64_ERRATUM_2441009
    - arm64: errata: Add Cortex-A510 to the repeat tlbi list
    - io_uring: Remove unused function req_ref_put
    - kbuild: Fix include path in scripts/Makefile.modpost
    - Bluetooth: L2CAP: Fix build errors in some archs
    - HID: steam: Prevent NULL pointer dereference in steam_{recv,send}_report
    - udmabuf: Set the DMA mask for the udmabuf device (v2)
    - media: pvrusb2: fix memory leak in pvr_probe
    - HID: hidraw: fix memory leak in hidraw_release()
    - net: fix refcount bug in sk_psock_get (2)
    - fbdev: fb_pm2fb: Avoid potential divide by zero error
    - ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is
      dead
    - bpf: Don't redirect packets with invalid pkt_len
    - ALSA: usb-audio: Add quirk for LH Labs Geek Out HD Audio 1V5
    - HID: add Lenovo Yoga C630 battery quirk
    - HID: AMD_SFH: Add a DMI quirk entry for Chromebooks
    - HID: asus: ROG NKey: Ignore portion of 0x5a report
    - HID: thrustmaster: Add sparco wheel and fix array length
    - drm/i915/gt: Skip TLB invalidations once wedged
    - mmc: mtk-sd: Clear interrupts when cqe off/disable
    - mmc: sdhci-of-dwcmshc: add reset call back for rockchip Socs
    - mmc: sdhci-of-dwcmshc: rename rk3568 to rk35xx
    - mmc: sdhci-of-dwcmshc: Re-enable support for the BlueField-3 SoC
    - btrfs: remove root argument from btrfs_unlink_inode()
    - btrfs: remove no longer needed logic for replaying directory deletes
    - btrfs: add and use helper for unlinking inode during log replay
    - btrfs: fix warning during log replay when bumping inode link count
    - fs/ntfs3: Fix work with fragmented xattr
    - ASoC: sh: rz-ssi: Improve error handling in rz_ssi_probe() error path
    - drm/amd/display: Avoid MPC infinite loop
    - drm/amd/display: Fix HDMI VSIF V3 incorrect issue
    - drm/amd/display: For stereo keep "FLIP_ANY_FRAME"
    - drm/amd/display: clear optc underflow before turn off odm clock
    - ksmbd: return STATUS_BAD_NETWORK_NAME error status if share is not
      configured
    - neigh: fix possible DoS due to net iface start/stop loop
    - s390/hypfs: avoid error message under KVM
    - ksmbd: don't remove dos attribute xattr on O_TRUNC open
    - drm/amd/pm: add missing ->fini_microcode interface for Sienna Cichlid
    - drm/amd/display: Fix pixel clock programming
    - drm/amdgpu: Increase tlb flush timeout for sriov
    - drm/amd/display: avoid doing vm_init multiple time
    - netfilter: conntrack: NF_CONNTRACK_PROCFS should no longer default to y
    - testing: selftests: nft_flowtable.sh: use random netns names
    - btrfs: move lockdep class helpers to locking.c
    - btrfs: fix lockdep splat with reloc root extent buffers
    - btrfs: tree-checker: check for overlapping extent items
    - kprobes: don't call disarm_kprobe() for disabled kprobes
    - btrfs: fix space cache corruption and potential double allocations
    - android: binder: fix lockdep check on clearing vma
    - net/af_packet: check len when min_header_len equals to 0
    - net: neigh: don't call kfree_skb() under spin_lock_irqsave()
    - Linux 5.15.65
  * CVE-2022-2663
    - netfilter: nf_conntrack_irc: Fix forged IP logic
  * CVE-2022-3061
    - video: fbdev: i740fb: Error out if 'pixclock' equals zero
  * jammy/linux: 5.15.0-56.62 -proposed tracker (LP: #1997079)
  * CVE-2022-3566
    - tcp: Fix data races around icsk->icsk_af_ops.
  * CVE-2022-3567
    - ipv6: annotate some data-races around sk->sk_prot
    - ipv6: Fix data races around sk->sk_prot.
  * CVE-2022-3621
    - nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
  * CVE-2022-3564
    - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
  * CVE-2022-3524
    - tcp/udp: Fix memory leak in ipv6_renew_options().
  * CVE-2022-3565
    - mISDN: fix use-after-free bugs in l1oip timer handlers
  * CVE-2022-3594
    - r8152: Rate limit overflow messages
  * CVE-2022-43945
    - SUNRPC: Fix svcxdr_init_decode's end-of-buffer calculation
    - SUNRPC: Fix svcxdr_init_encode's buflen calculation
    - NFSD: Protect against send buffer overflow in NFSv2 READDIR
    - NFSD: Protect against send buffer overflow in NFSv3 READDIR
    - NFSD: Protect against send buffer overflow in NFSv2 READ
    - NFSD: Protect against send buffer overflow in NFSv3 READ
    - NFSD: Remove "inline" directives on op_rsize_bop helpers
    - NFSD: Cap rsize_bop result based on send buffer size
  * CVE-2022-42703
    - mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
  * 5.15.0-53-generic no longer boots (LP: #1996740)
    - drm/amd/display: Add helper for blanking all dp displays

-- Tim Gardner <tim.gardner@canonical.com>  Wed, 04 Oct 2023 10:18:10 -0600

Changed in linux-aws-5.15 (Ubuntu Focal):
status:	New → Fix Released

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-19

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-19

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-19

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-19

description:

updated

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-10-19: Workflow done!

All tasks have been completed and the bug is being closed

Changed in kernel-sru-workflow:
status:	In Progress → Fix Committed

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-11-28

Changed in kernel-sru-workflow:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.