Bug #2039191 “Kernel oops on 32-0bit kernels due to x86_cache_al...” : Bugs : linux-gcp package : Ubuntu

Stefan Bader (smb) on 2023-10-13

Changed in linux-aws (Ubuntu Mantic):
importance:	Undecided → High
status:	New → In Progress

John Cabaj (john-cabaj) on 2023-10-13

Changed in linux-gcp (Ubuntu Jammy):
status:	New → Triaged
Changed in linux-gcp (Ubuntu Lunar):
status:	New → Triaged
Changed in linux-gcp (Ubuntu Mantic):
status:	New → Triaged
Changed in linux-aws (Ubuntu Lunar):
status:	New → Triaged
Changed in linux-aws (Ubuntu Jammy):
status:	New → Triaged

Revision history for this message

John Cabaj (john-cabaj) wrote on 2023-10-13:

#1

Removing Jammy from nominations as jammy:linux-gcp-6.2 and jammy:linux-aws-6.2 will be getting the patch via lunar:linux-gcp and lunar:linux-aws respectively.

no longer affects:	linux-gcp (Ubuntu Jammy)
no longer affects:	linux-aws (Ubuntu Jammy)

John Cabaj (john-cabaj) on 2023-10-20

Changed in linux-gcp (Ubuntu Mantic):
status:	Triaged → Fix Committed
Changed in linux-gcp (Ubuntu Lunar):
status:	Triaged → Fix Committed

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-10-25:

#2

This bug is awaiting verification that the linux-gcp/6.5.0-1008.8 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-mantic-linux-gcp' to 'verification-done-mantic-linux-gcp'. If the problem still exists, change the tag 'verification-needed-mantic-linux-gcp' to 'verification-failed-mantic-linux-gcp'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-mantic-linux-gcp-v2 verification-needed-mantic-linux-gcp

Revision history for this message

John Cabaj (john-cabaj) wrote on 2023-10-27:

#3

Verified to boot successfully. 32-bit machines otherwise not used on GCP, anyway.

tags:

added: verification-done-mantic-linux-gcp
removed: verification-needed-mantic-linux-gcp

Revision history for this message

Launchpad Janitor (janitor) wrote on 2023-10-30:

#4

This bug was fixed in the package linux-gcp - 6.5.0-1008.8

---------------
linux-gcp (6.5.0-1008.8) mantic; urgency=medium

* mantic/linux-gcp: 6.5.0-1008.8 -proposed tracker (LP: #2039197)

  * Kernel oops on 32-0bit kernels due to x86_cache_alignment initialization
    (LP: #2039191)
    - x86/boot: Move x86_cache_alignment initialization to correct spot

[ Ubuntu: 6.5.0-10.10 ]

  * mantic/linux: 6.5.0-10.10 -proposed tracker (LP: #2039204)
  * CVE-2023-4921
    - net: sched: sch_qfq: Fix UAF in qfq_dequeue()
  * CVE-2023-42756
    - netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
  * CVE-2023-4881
    - netfilter: nftables: exthdr: fix 4-byte stack OOB write
  * CVE-2023-5197
    - netfilter: nf_tables: disallow rule removal from chain binding

-- John Cabaj <email address hidden> Fri, 20 Oct 2023 11:29:13 -0500

Changed in linux-gcp (Ubuntu Mantic):
status:	Fix Committed → Fix Released

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-11-04:

#5

This bug is awaiting verification that the linux-aws/6.2.0-1016.16 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-lunar-linux-aws' to 'verification-done-lunar-linux-aws'. If the problem still exists, change the tag 'verification-needed-lunar-linux-aws' to 'verification-failed-lunar-linux-aws'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-lunar-linux-aws-v2 verification-needed-lunar-linux-aws

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-11-06:

#6

This bug is awaiting verification that the linux-gcp/6.2.0-1019.21 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-lunar-linux-gcp' to 'verification-done-lunar-linux-gcp'. If the problem still exists, change the tag 'verification-needed-lunar-linux-gcp' to 'verification-failed-lunar-linux-gcp'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-lunar-linux-gcp-v2 verification-needed-lunar-linux-gcp

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-11-07:

#7

This bug is awaiting verification that the linux-azure/6.2.0-1017.17 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-lunar-linux-azure' to 'verification-done-lunar-linux-azure'. If the problem still exists, change the tag 'verification-needed-lunar-linux-azure' to 'verification-failed-lunar-linux-azure'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-lunar-linux-azure-v2 verification-needed-lunar-linux-azure

Revision history for this message

John Cabaj (john-cabaj) wrote on 2023-11-18:

#8

Verified to boot successfully. 32-bit machines otherwise not used on GCP, anyway.

tags:

added: verification-done-lunar-linux-gcp
removed: verification-needed-lunar-linux-gcp

Revision history for this message

Launchpad Janitor (janitor) wrote on 2023-11-20:

#9

This bug was fixed in the package linux-aws - 6.2.0-1016.16

---------------
linux-aws (6.2.0-1016.16) lunar; urgency=medium

* lunar/linux-aws: 6.2.0-1016.16 -proposed tracker (LP: #2041881)

* Include cifs.ko in linux-modules package (LP: #2042546)
- [Packaging] Replace fs/cifs with fs/smb/client in inclusion list

  * Kernel oops on 32-0bit kernels due to x86_cache_alignment initialization
    (LP: #2039191)
    - x86/boot: Move x86_cache_alignment initialization to correct spot

[ Ubuntu: 6.2.0-37.38 ]

  * lunar/linux: 6.2.0-37.38 -proposed tracker (LP: #2041899)
  * CVE-2023-31085
    - ubi: Refuse attaching if mtd's erasesize is 0
  * CVE-2023-25775
    - RDMA/irdma: Prevent zero-length STAG registration
  * CVE-2023-45871
    - igb: set max size RX buffer when store bad packet is enabled
  * CVE-2023-5345
    - fs/smb/client: Reset password pointer to NULL
  * CVE-2023-5090
    - x86: KVM: SVM: always update the x2avic msr interception
  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts

-- Tim Gardner <email address hidden> Fri, 03 Nov 2023 01:41:32 -0600

Changed in linux-aws (Ubuntu Lunar):
status:	Triaged → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2023-11-29:

#10

This bug was fixed in the package linux-gcp - 6.2.0-1019.21

---------------
linux-gcp (6.2.0-1019.21) lunar; urgency=medium

* lunar/linux-gcp: 6.2.0-1019.21 -proposed tracker (LP: #2041886)

* Include cifs.ko in linux-modules package (LP: #2042546)
- [Packaging] Replace fs/cifs with fs/smb/client in inclusion list

* No graphic desktop environment on Google GCP instances (LP: #2039732)
- [Config] gcp: Inherit CONFIG_SYSFB_SIMPLEFB from master

  * Kernel oops on 32-0bit kernels due to x86_cache_alignment initialization
    (LP: #2039191)
    - x86/boot: Move x86_cache_alignment initialization to correct spot

[ Ubuntu: 6.2.0-37.38 ]

  * lunar/linux: 6.2.0-37.38 -proposed tracker (LP: #2041899)
  * CVE-2023-31085
    - ubi: Refuse attaching if mtd's erasesize is 0
  * CVE-2023-25775
    - RDMA/irdma: Prevent zero-length STAG registration
  * CVE-2023-45871
    - igb: set max size RX buffer when store bad packet is enabled
  * CVE-2023-5345
    - fs/smb/client: Reset password pointer to NULL
  * CVE-2023-5090
    - x86: KVM: SVM: always update the x2avic msr interception
  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts

-- Manuel Diewald <email address hidden> Thu, 02 Nov 2023 21:47:27 +0100

Changed in linux-gcp (Ubuntu Lunar):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2024-01-04:

#11

Download full text (87.2 KiB)

This bug was fixed in the package linux-gcp - 6.6.0-1001.1

---------------
linux-gcp (6.6.0-1001.1) noble; urgency=medium

* noble/linux-gcp: 6.6.0-1001.1 -proposed tracker (LP: #2045153)

  * Packaging resync (LP: #1786013)
    - [Packaging] update update.conf
    - debian/dkms-versions -- update from kernel-versions (main/d2023.11.21)

* Miscellaneous Ubuntu changes
- [Config] updateconfigs after Ubuntu-6.6.0-14.14 rebase

[ Ubuntu: 6.6.0-14.14 ]

  * noble/linux: 6.6.0-14.14 -proposed tracker (LP: #2045243)
  * Noble update: v6.6.3 upstream stable release (LP: #2045244)
    - locking/ww_mutex/test: Fix potential workqueue corruption
    - btrfs: abort transaction on generation mismatch when marking eb as dirty
    - lib/generic-radix-tree.c: Don't overflow in peek()
    - x86/retpoline: Make sure there are no unconverted return thunks due to KCSAN
    - perf/core: Bail out early if the request AUX area is out of bound
    - srcu: Fix srcu_struct node grpmask overflow on 64-bit systems
    - selftests/lkdtm: Disable CONFIG_UBSAN_TRAP in test config
    - clocksource/drivers/timer-imx-gpt: Fix potential memory leak
    - clocksource/drivers/timer-atmel-tcb: Fix initialization on SAM9 hardware
    - srcu: Only accelerate on enqueue time
    - smp,csd: Throw an error if a CSD lock is stuck for too long
    - cpu/hotplug: Don't offline the last non-isolated CPU
    - workqueue: Provide one lock class key per work_on_cpu() callsite
    - x86/mm: Drop the 4 MB restriction on minimal NUMA node memory size
    - wifi: plfxlc: fix clang-specific fortify warning
    - wifi: ath12k: Ignore fragments from uninitialized peer in dp
    - wifi: mac80211_hwsim: fix clang-specific fortify warning
    - wifi: mac80211: don't return unset power in ieee80211_get_tx_power()
    - atl1c: Work around the DMA RX overflow issue
    - bpf: Detect IP == ksym.end as part of BPF program
    - wifi: ath9k: fix clang-specific fortify warnings
    - wifi: ath12k: fix possible out-of-bound read in ath12k_htt_pull_ppdu_stats()
    - wifi: ath10k: fix clang-specific fortify warning
    - wifi: ath12k: fix possible out-of-bound write in
      ath12k_wmi_ext_hal_reg_caps()
    - ACPI: APEI: Fix AER info corruption when error status data has multiple
      sections
    - net: sfp: add quirk for Fiberstone GPON-ONU-34-20BI
    - wifi: mt76: mt7921e: Support MT7992 IP in Xiaomi Redmibook 15 Pro (2023)
    - wifi: mt76: fix clang-specific fortify warnings
    - net: annotate data-races around sk->sk_tx_queue_mapping
    - net: annotate data-races around sk->sk_dst_pending_confirm
    - wifi: ath12k: mhi: fix potential memory leak in ath12k_mhi_register()
    - wifi: ath10k: Don't touch the CE interrupt registers after power up
    - net: sfp: add quirk for FS's 2.5G copper SFP
    - vsock: read from socket's error queue
    - bpf: Ensure proper register state printing for cond jumps
    - wifi: iwlwifi: mvm: fix size check for fw_link_id
    - Bluetooth: btusb: Add date->evt_skb is NULL check
    - Bluetooth: Fix double free in hci_conn_cleanup
    - ACPI: EC: Add quirk for HP 250 G7 Notebook PC
    - tsnep: Fix tsnep_request_irq() format-overflow warning
    - gpiolib:...

This bug was fixed in the package linux-gcp - 6.6.0-1001.1

---------------
linux-gcp (6.6.0-1001.1) noble; urgency=medium

* noble/linux-gcp: 6.6.0-1001.1 -proposed tracker (LP: #2045153)

* Packaging resync (LP: #1786013)
    - [Packaging] update update.conf
    - debian/dkms-versions -- update from kernel-versions (main/d2023.11.21)

* Miscellaneous Ubuntu changes
    - [Config] updateconfigs after Ubuntu-6.6.0-14.14 rebase

[ Ubuntu: 6.6.0-14.14 ]

* noble/linux: 6.6.0-14.14 -proposed tracker (LP: #2045243)
  * Noble update: v6.6.3 upstream stable release (LP: #2045244)
    - locking/ww_mutex/test: Fix potential workqueue corruption
    - btrfs: abort transaction on generation mismatch when marking eb as dirty
    - lib/generic-radix-tree.c: Don't overflow in peek()
    - x86/retpoline: Make sure there are no unconverted return thunks due to KCSAN
    - perf/core: Bail out early if the request AUX area is out of bound
    - srcu: Fix srcu_struct node grpmask overflow on 64-bit systems
    - selftests/lkdtm: Disable CONFIG_UBSAN_TRAP in test config
    - clocksource/drivers/timer-imx-gpt: Fix potential memory leak
    - clocksource/drivers/timer-atmel-tcb: Fix initialization on SAM9 hardware
    - srcu: Only accelerate on enqueue time
    - smp,csd: Throw an error if a CSD lock is stuck for too long
    - cpu/hotplug: Don't offline the last non-isolated CPU
    - workqueue: Provide one lock class key per work_on_cpu() callsite
    - x86/mm: Drop the 4 MB restriction on minimal NUMA node memory size
    - wifi: plfxlc: fix clang-specific fortify warning
    - wifi: ath12k: Ignore fragments from uninitialized peer in dp
    - wifi: mac80211_hwsim: fix clang-specific fortify warning
    - wifi: mac80211: don't return unset power in ieee80211_get_tx_power()
    - atl1c: Work around the DMA RX overflow issue
    - bpf: Detect IP == ksym.end as part of BPF program
    - wifi: ath9k: fix clang-specific fortify warnings
    - wifi: ath12k: fix possible out-of-bound read in ath12k_htt_pull_ppdu_stats()
    - wifi: ath10k: fix clang-specific fortify warning
    - wifi: ath12k: fix possible out-of-bound write in
      ath12k_wmi_ext_hal_reg_caps()
    - ACPI: APEI: Fix AER info corruption when error status data has multiple
      sections
    - net: sfp: add quirk for Fiberstone GPON-ONU-34-20BI
    - wifi: mt76: mt7921e: Support MT7992 IP in Xiaomi Redmibook 15 Pro (2023)
    - wifi: mt76: fix clang-specific fortify warnings
    - net: annotate data-races around sk->sk_tx_queue_mapping
    - net: annotate data-races around sk->sk_dst_pending_confirm
    - wifi: ath12k: mhi: fix potential memory leak in ath12k_mhi_register()
    - wifi: ath10k: Don't touch the CE interrupt registers after power up
    - net: sfp: add quirk for FS's 2.5G copper SFP
    - vsock: read from socket's error queue
    - bpf: Ensure proper register state printing for cond jumps
    - wifi: iwlwifi: mvm: fix size check for fw_link_id
    - Bluetooth: btusb: Add date->evt_skb is NULL check
    - Bluetooth: Fix double free in hci_conn_cleanup
    - ACPI: EC: Add quirk for HP 250 G7 Notebook PC
    - tsnep: Fix tsnep_request_irq() format-overflow warning
    - gpiolib: acpi: Add a ignore interrupt quirk for Peaq C1010
    - platform/chrome: kunit: initialize lock for fake ec_dev
    - of: address: Fix address translation when address-size is greater than 2
    - platform/x86: thinkpad_acpi: Add battery quirk for Thinkpad X120e
    - drm/gma500: Fix call trace when psb_gem_mm_init() fails
    - drm/amdkfd: ratelimited SQ interrupt messages
    - drm/komeda: drop all currently held locks if deadlock happens
    - drm/amd/display: Blank phantom OTG before enabling
    - drm/amd/display: Don't lock phantom pipe on disabling
    - drm/amd/display: add seamless pipe topology transition check
    - drm/edid: Fixup h/vsync_end instead of h/vtotal
    - md: don't rely on 'mddev->pers' to be set in mddev_suspend()
    - drm/amdgpu: not to save bo in the case of RAS err_event_athub
    - drm/amdkfd: Fix a race condition of vram buffer unref in svm code
    - drm/amdgpu: update retry times for psp vmbx wait
    - drm/amd: Update `update_pcie_parameters` functions to use uint8_t arguments
    - drm/amd/display: use full update for clip size increase of large plane
      source
    - string.h: add array-wrappers for (v)memdup_user()
    - kernel: kexec: copy user-array safely
    - kernel: watch_queue: copy user-array safely
    - drm_lease.c: copy user-array safely
    - drm: vmwgfx_surface.c: copy user-array safely
    - drm/msm/dp: skip validity check for DP CTS EDID checksum
    - drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7
    - drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga
    - drm/amdgpu: Fix potential null pointer derefernce
    - drm/panel: fix a possible null pointer dereference
    - drm/panel/panel-tpo-tpg110: fix a possible null pointer dereference
    - drm/radeon: fix a possible null pointer dereference
    - drm/amdgpu/vkms: fix a possible null pointer dereference
    - drm/panel: st7703: Pick different reset sequence
    - drm/amdkfd: Fix shift out-of-bounds issue
    - drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL
    - drm/amd: Disable PP_PCIE_DPM_MASK when dynamic speed switching not supported
    - drm/amd/display: fix num_ways overflow error
    - drm/amd: check num of link levels when update pcie param
    - soc: qcom: pmic: Fix resource leaks in a device_for_each_child_node() loop
    - arm64: dts: rockchip: Add NanoPC T6 PCIe e-key support
    - arm64: dts: ls208xa: use a pseudo-bus to constrain usb dma size
    - selftests/efivarfs: create-read: fix a resource leak
    - ASoC: mediatek: mt8188-mt6359: support dynamic pinctrl
    - ASoC: soc-card: Add storage for PCI SSID
    - ASoC: SOF: Pass PCI SSID to machine driver
    - ASoC: Intel: sof_sdw: Copy PCI SSID to struct snd_soc_card
    - ASoC: cs35l56: Use PCI SSID as the firmware UID
    - crypto: pcrypt - Fix hungtask for PADATA_RESET
    - ASoC: SOF: ipc4: handle EXCEPTION_CAUGHT notification from firmware
    - RDMA/hfi1: Use FIELD_GET() to extract Link Width
    - scsi: hisi_sas: Set debugfs_dir pointer to NULL after removing debugfs
    - scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool
    - fs/jfs: Add check for negative db_l2nbperpage
    - fs/jfs: Add validity check for db_maxag and db_agpref
    - jfs: fix array-index-out-of-bounds in dbFindLeaf
    - jfs: fix array-index-out-of-bounds in diAlloc
    - HID: lenovo: Detect quirk-free fw on cptkbd and stop applying workaround
    - ARM: 9320/1: fix stack depot IRQ stack filter
    - ALSA: hda: Fix possible null-ptr-deref when assigning a stream
    - gpiolib: of: Add quirk for mt2701-cs42448 ASoC sound
    - PCI: tegra194: Use FIELD_GET()/FIELD_PREP() with Link Width fields
    - PCI: mvebu: Use FIELD_PREP() with Link Width
    - atm: iphase: Do PCI error checks on own line
    - PCI: Do error check on own line to split long "if" conditions
    - scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup()
    - PCI: Use FIELD_GET() to extract Link Width
    - PCI: Extract ATS disabling to a helper function
    - PCI: Disable ATS for specific Intel IPU E2000 devices
    - PCI: dwc: Add dw_pcie_link_set_max_link_width()
    - PCI: dwc: Add missing PCI_EXP_LNKCAP_MLW handling
    - misc: pci_endpoint_test: Add Device ID for R-Car S4-8 PCIe controller
    - PCI: Use FIELD_GET() in Sapphire RX 5600 XT Pulse quirk
    - ASoC: Intel: soc-acpi-cht: Add Lenovo Yoga Tab 3 Pro YT3-X90 quirk
    - crypto: hisilicon/qm - prevent soft lockup in receive loop
    - HID: Add quirk for Dell Pro Wireless Keyboard and Mouse KM5221W
    - exfat: support handle zero-size directory
    - mfd: intel-lpss: Add Intel Lunar Lake-M PCI IDs
    - iio: adc: stm32-adc: harden against NULL pointer deref in stm32_adc_probe()
    - thunderbolt: Apply USB 3.x bandwidth quirk only in software connection
      manager
    - tty: vcc: Add check for kstrdup() in vcc_probe()
    - dt-bindings: phy: qcom,snps-eusb2-repeater: Add magic tuning overrides
    - phy: qualcomm: phy-qcom-eusb2-repeater: Use regmap_fields
    - phy: qualcomm: phy-qcom-eusb2-repeater: Zero out untouched tuning regs
    - usb: dwc3: core: configure TX/RX threshold for DWC3_IP
    - usb: ucsi: glink: use the connector orientation GPIO to provide switch
      events
    - soundwire: dmi-quirks: update HP Omen match
    - f2fs: fix error path of __f2fs_build_free_nids
    - f2fs: fix error handling of __get_node_page
    - usb: host: xhci: Avoid XHCI resume delay if SSUSB device is not present
    - usb: gadget: f_ncm: Always set current gadget in ncm_bind()
    - 9p/trans_fd: Annotate data-racy writes to file::f_flags
    - 9p: v9fs_listxattr: fix %s null argument warning
    - i3c: mipi-i3c-hci: Fix out of bounds access in hci_dma_irq_handler
    - i2c: i801: Add support for Intel Birch Stream SoC
    - i2c: fix memleak in i2c_new_client_device()
    - i2c: sun6i-p2wi: Prevent potential division by zero
    - virtio-blk: fix implicit overflow on virtio_max_dma_size
    - i3c: master: mipi-i3c-hci: Fix a kernel panic for accessing DAT_data.
    - media: gspca: cpia1: shift-out-of-bounds in set_flicker
    - media: vivid: avoid integer overflow
    - media: ipu-bridge: increase sensor_name size
    - gfs2: ignore negated quota changes
    - gfs2: fix an oops in gfs2_permission
    - media: cobalt: Use FIELD_GET() to extract Link Width
    - media: ccs: Fix driver quirk struct documentation
    - media: imon: fix access to invalid resource for the second interface
    - drm/amd/display: Avoid NULL dereference of timing generator
    - gfs2: Fix slab-use-after-free in gfs2_qd_dealloc
    - kgdb: Flush console before entering kgdb on panic
    - riscv: VMAP_STACK overflow detection thread-safe
    - i2c: dev: copy userspace array safely
    - ASoC: ti: omap-mcbsp: Fix runtime PM underflow warnings
    - drm/qxl: prevent memory leak
    - ALSA: hda/realtek: Add quirk for ASUS UX7602ZM
    - drm/amdgpu: fix software pci_unplug on some chips
    - pwm: Fix double shift bug
    - mtd: rawnand: tegra: add missing check for platform_get_irq()
    - wifi: iwlwifi: Use FW rate for non-data frames
    - sched/core: Optimize in_task() and in_interrupt() a bit
    - samples/bpf: syscall_tp_user: Rename num_progs into nr_tests
    - samples/bpf: syscall_tp_user: Fix array out-of-bound access
    - dt-bindings: serial: fix regex pattern for matching serial node children
    - SUNRPC: ECONNRESET might require a rebind
    - mtd: rawnand: intel: check return value of devm_kasprintf()
    - mtd: rawnand: meson: check return value of devm_kasprintf()
    - drm/i915/mtl: avoid stringop-overflow warning
    - NFSv4.1: fix handling NFS4ERR_DELAY when testing for session trunking
    - SUNRPC: Add an IS_ERR() check back to where it was
    - NFSv4.1: fix SP4_MACH_CRED protection for pnfs IO
    - SUNRPC: Fix RPC client cleaned up the freed pipefs dentries
    - RISC-V: hwprobe: Fix vDSO SIGSEGV
    - riscv: provide riscv-specific is_trap_insn()
    - gfs2: Silence "suspicious RCU usage in gfs2_permission" warning
    - drm/i915/tc: Fix -Wformat-truncation in intel_tc_port_init
    - riscv: split cache ops out of dma-noncoherent.c
    - vdpa_sim_blk: allocate the buffer zeroed
    - vhost-vdpa: fix use after free in vhost_vdpa_probe()
    - gcc-plugins: randstruct: Only warn about true flexible arrays
    - bpf: handle ldimm64 properly in check_cfg()
    - bpf: fix precision backtracking instruction iteration
    - bpf: fix control-flow graph checking in privileged mode
    - net: set SOCK_RCU_FREE before inserting socket into hashtable
    - ipvlan: add ipvlan_route_v6_outbound() helper
    - tty: Fix uninit-value access in ppp_sync_receive()
    - net: ti: icssg-prueth: Add missing icss_iep_put to error path
    - net: ti: icssg-prueth: Fix error cleanup on failing pruss_request_mem_region
    - xen/events: avoid using info_for_irq() in xen_send_IPI_one()
    - net: hns3: fix add VLAN fail issue
    - net: hns3: add barrier in vf mailbox reply process
    - net: hns3: fix incorrect capability bit display for copper port
    - net: hns3: fix out-of-bounds access may occur when coalesce info is read via
      debugfs
    - net: hns3: fix variable may not initialized problem in hns3_init_mac_addr()
    - net: hns3: fix VF reset fail issue
    - net: hns3: fix VF wrong speed and duplex issue
    - tipc: Fix kernel-infoleak due to uninitialized TLV value
    - net: mvneta: fix calls to page_pool_get_stats
    - ppp: limit MRU to 64K
    - xen/events: fix delayed eoi list handling
    - blk-mq: make sure active queue usage is held for bio_integrity_prep()
    - ptp: annotate data-race around q->head and q->tail
    - bonding: stop the device in bond_setup_by_slave()
    - net: ethernet: cortina: Fix max RX frame define
    - net: ethernet: cortina: Handle large frames
    - net: ethernet: cortina: Fix MTU max setting
    - af_unix: fix use-after-free in unix_stream_read_actor()
    - netfilter: nf_conntrack_bridge: initialize err to 0
    - netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval()
    - netfilter: nf_tables: bogus ENOENT when destroying element which does not
      exist
    - net: stmmac: fix rx budget limit check
    - net: stmmac: avoid rx queue overrun
    - pds_core: use correct index to mask irq
    - pds_core: fix up some format-truncation complaints
    - gve: Fixes for napi_poll when budget is 0
    - io_uring/fdinfo: remove need for sqpoll lock for thread/pid retrieval
    - Revert "net/mlx5: DR, Supporting inline WQE when possible"
    - net/mlx5: Free used cpus mask when an IRQ is released
    - net/mlx5: Decouple PHC .adjtime and .adjphase implementations
    - net/mlx5e: fix double free of encap_header
    - net/mlx5e: fix double free of encap_header in update funcs
    - net/mlx5e: Fix pedit endianness
    - net/mlx5e: Don't modify the peer sent-to-vport rules for IPSec offload
    - net/mlx5e: Avoid referencing skb after free-ing in drop path of
      mlx5e_sq_xmit_wqe
    - net/mlx5e: Track xmit submission to PTP WQ after populating metadata map
    - net/mlx5e: Update doorbell for port timestamping CQ before the software
      counter
    - net/mlx5: Increase size of irq name buffer
    - net/mlx5e: Reduce the size of icosq_str
    - net/mlx5e: Check return value of snprintf writing to fw_version buffer
    - net/mlx5e: Check return value of snprintf writing to fw_version buffer for
      representors
    - net: sched: do not offload flows with a helper in act_ct
    - macvlan: Don't propagate promisc change to lower dev in passthru
    - tools/power/turbostat: Fix a knl bug
    - tools/power/turbostat: Enable the C-state Pre-wake printing
    - scsi: ufs: core: Expand MCQ queue slot to DeviceQueueDepth + 1
    - cifs: spnego: add ';' in HOST_KEY_LEN
    - cifs: fix check of rc in function generate_smb3signingkey
    - perf/core: Fix cpuctx refcounting
    - i915/perf: Fix NULL deref bugs with drm_dbg() calls
    - perf: arm_cspmu: Reject events meant for other PMUs
    - drivers: perf: Check find_first_bit() return value
    - media: venus: hfi: add checks to perform sanity on queue pointers
    - perf intel-pt: Fix async branch flags
    - powerpc/perf: Fix disabling BHRB and instruction sampling
    - randstruct: Fix gcc-plugin performance mode to stay in group
    - spi: Fix null dereference on suspend
    - bpf: Fix check_stack_write_fixed_off() to correctly spill imm
    - bpf: Fix precision tracking for BPF_ALU | BPF_TO_BE | BPF_END
    - scsi: mpt3sas: Fix loop logic
    - scsi: megaraid_sas: Increase register read retry rount from 3 to 30 for
      selected registers
    - scsi: ufs: qcom: Update PHY settings only when scaling to higher gears
    - scsi: qla2xxx: Fix system crash due to bad pointer access
    - scsi: ufs: core: Fix racing issue between ufshcd_mcq_abort() and ISR
    - x86/shstk: Delay signal entry SSP write until after user accesses
    - crypto: x86/sha - load modules based on CPU features
    - x86/PCI: Avoid PME from D3hot/D3cold for AMD Rembrandt and Phoenix USB4
    - x86/apic/msi: Fix misconfigured non-maskable MSI quirk
    - x86/cpu/hygon: Fix the CPU topology evaluation for real
    - KVM: x86: hyper-v: Don't auto-enable stimer on write from user-space
    - KVM: x86: Ignore MSR_AMD64_TW_CFG access
    - KVM: x86: Clear bit12 of ICR after APIC-write VM-exit
    - KVM: x86: Fix lapic timer interrupt lost after loading a snapshot.
    - mmc: sdhci-pci-gli: GL9755: Mask the replay timer timeout of AER
    - sched: psi: fix unprivileged polling against cgroups
    - audit: don't take task_lock() in audit_exe_compare() code path
    - audit: don't WARN_ON_ONCE(!current->mm) in audit_exe_compare()
    - proc: sysctl: prevent aliased sysctls from getting passed to init
    - tty/sysrq: replace smp_processor_id() with get_cpu()
    - tty: serial: meson: fix hard LOCKUP on crtscts mode
    - acpi/processor: sanitize _OSC/_PDC capabilities for Xen dom0
    - hvc/xen: fix console unplug
    - hvc/xen: fix error path in xen_hvc_init() to always register frontend driver
    - hvc/xen: fix event channel handling for secondary consoles
    - PCI/sysfs: Protect driver's D3cold preference from user space
    - mm/damon/sysfs: remove requested targets when online-commit inputs
    - mm/damon/sysfs: update monitoring target regions for online input commit
    - watchdog: move softlockup_panic back to early_param
    - iommufd: Fix missing update of domains_itree after splitting iopt_area
    - fbdev: stifb: Make the STI next font pointer a 32-bit signed offset
    - dm crypt: account large pages in cc->n_allocated_pages
    - mm/damon/lru_sort: avoid divide-by-zero in hot threshold calculation
    - mm/damon/ops-common: avoid divide-by-zero during region hotness calculation
    - mm/damon: implement a function for max nr_accesses safe calculation
    - mm/damon/core: avoid divide-by-zero during monitoring results update
    - mm/damon/sysfs-schemes: handle tried region directory allocation failure
    - mm/damon/sysfs-schemes: handle tried regions sysfs directory allocation
      failure
    - mm/damon/core.c: avoid unintentional filtering out of schemes
    - mm/damon/sysfs: check error from damon_sysfs_update_target()
    - parisc: Add nop instructions after TLB inserts
    - ACPI: resource: Do IRQ override on TongFang GMxXGxx
    - regmap: Ensure range selector registers are updated after cache sync
    - wifi: ath11k: fix temperature event locking
    - wifi: ath11k: fix dfs radar event locking
    - wifi: ath11k: fix htt pktlog locking
    - wifi: ath11k: fix gtk offload status event locking
    - wifi: ath12k: fix htt mlo-offset event locking
    - wifi: ath12k: fix dfs-radar and temperature event locking
    - mmc: meson-gx: Remove setting of CMD_CFG_ERROR
    - genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware
    - sched/core: Fix RQCF_ACT_SKIP leak
    - pmdomain: bcm: bcm2835-power: check if the ASB register is equal to enable
    - KEYS: trusted: tee: Refactor register SHM usage
    - KEYS: trusted: Rollback init_trusted() consistently
    - PCI: keystone: Don't discard .remove() callback
    - PCI: keystone: Don't discard .probe() callback
    - pmdomain: amlogic: Fix mask for the second NNA mem PD domain
    - arm64: Restrict CPU_BIG_ENDIAN to GNU as or LLVM IAS 15.x or newer
    - arm64: module: Fix PLT counting when CONFIG_RANDOMIZE_BASE=n
    - pmdomain: imx: Make imx pgc power domain also set the fwnode
    - parisc/agp: Use 64-bit LE values in SBA IOMMU PDIR table
    - parisc/pdc: Add width field to struct pdc_model
    - parisc/power: Add power soft-off when running on qemu
    - cpufreq: stats: Fix buffer overflow detection in trans_stats()
    - powercap: intel_rapl: Downgrade BIOS locked limits pr_warn() to pr_debug()
    - clk: socfpga: Fix undefined behavior bug in struct stratix10_clock_data
    - clk: visconti: Fix undefined behavior bug in struct visconti_pll_provider
    - integrity: powerpc: Do not select CA_MACHINE_KEYRING
    - clk: qcom: ipq8074: drop the CLK_SET_RATE_PARENT flag from PLL clocks
    - clk: qcom: ipq6018: drop the CLK_SET_RATE_PARENT flag from PLL clocks
    - ksmbd: fix recursive locking in vfs helpers
    - ksmbd: handle malformed smb1 message
    - ksmbd: fix slab out of bounds write in smb_inherit_dacl()
    - mmc: vub300: fix an error code
    - mmc: sdhci_am654: fix start loop index for TAP value parsing
    - mmc: Add quirk MMC_QUIRK_BROKEN_CACHE_FLUSH for Micron eMMC Q2J54A
    - PCI: qcom-ep: Add dedicated callback for writing to DBI2 registers
    - PCI/ASPM: Fix L1 substate handling in aspm_attr_store_common()
    - PCI: kirin: Don't discard .remove() callback
    - PCI: exynos: Don't discard .remove() callback
    - PCI: Lengthen reset delay for VideoPropulsion Torrent QN16e card
    - wifi: wilc1000: use vmm_table as array in wilc struct
    - svcrdma: Drop connection after an RDMA Read error
    - rcu/tree: Defer setting of jiffies during stall reset
    - arm64: dts: qcom: ipq6018: Fix hwlock index for SMEM
    - dt-bindings: timer: renesas,rz-mtu3: Fix overflow/underflow interrupt names
    - PM: hibernate: Use __get_safe_page() rather than touching the list
    - PM: hibernate: Clean up sync_read handling in snapshot_write_next()
    - rcu: kmemleak: Ignore kmemleak false positives when RCU-freeing objects
    - btrfs: don't arbitrarily slow down delalloc if we're committing
    - thermal: intel: powerclamp: fix mismatch in get function for max_idle
    - arm64: dts: qcom: ipq5332: Fix hwlock index for SMEM
    - arm64: dts: qcom: ipq8074: Fix hwlock index for SMEM
    - firmware: qcom_scm: use 64-bit calling convention only when client is 64-bit
    - ACPI: FPDT: properly handle invalid FPDT subtables
    - arm64: dts: qcom: ipq9574: Fix hwlock index for SMEM
    - arm64: dts: qcom: ipq6018: Fix tcsr_mutex register size
    - leds: trigger: netdev: Move size check in set_device_name
    - mfd: qcom-spmi-pmic: Fix reference leaks in revid helper
    - mfd: qcom-spmi-pmic: Fix revid implementation
    - ima: annotate iint mutex to avoid lockdep false positive warnings
    - ima: detect changes to the backing overlay file
    - netfilter: nf_tables: remove catchall element in GC sync path
    - netfilter: nf_tables: split async and sync catchall in two functions
    - ASoC: soc-dai: add flag to mute and unmute stream during trigger
    - ASoC: codecs: wsa883x: make use of new mute_unmute_on_trigger flag
    - selftests/resctrl: Fix uninitialized .sa_flags
    - selftests/resctrl: Remove duplicate feature check from CMT test
    - selftests/resctrl: Move _GNU_SOURCE define into Makefile
    - selftests/resctrl: Refactor feature check to use resource and feature name
    - selftests/resctrl: Fix feature checks
    - selftests/resctrl: Reduce failures due to outliers in MBA/MBM tests
    - hid: lenovo: Resend all settings on reset_resume for compact keyboards
    - ASoC: codecs: wsa-macro: fix uninitialized stack variables with name prefix
    - jbd2: fix potential data lost in recovering journal raced with synchronizing
      fs bdev
    - quota: explicitly forbid quota files from being encrypted
    - kernel/reboot: emergency_restart: Set correct system_state
    - scripts/gdb/vmalloc: disable on no-MMU
    - fs: use nth_page() in place of direct struct page manipulation
    - mips: use nth_page() in place of direct struct page manipulation
    - i2c: core: Run atomic i2c xfer when !preemptible
    - selftests/clone3: Fix broken test under !CONFIG_TIME_NS
    - tracing: Have the user copy of synthetic event address use correct context
    - driver core: Release all resources during unbind before updating device
      links
    - mcb: fix error handling for different scenarios when parsing
    - dmaengine: stm32-mdma: correct desc prep when channel running
    - s390/mm: add missing arch_set_page_dat() call to vmem_crst_alloc()
    - s390/mm: add missing arch_set_page_dat() call to gmap allocations
    - s390/cmma: fix detection of DAT pages
    - mm/cma: use nth_page() in place of direct struct page manipulation
    - mm/hugetlb: use nth_page() in place of direct struct page manipulation
    - mm/memory_hotplug: use pfn math in place of direct struct page manipulation
    - mm: make PR_MDWE_REFUSE_EXEC_GAIN an unsigned long
    - mtd: cfi_cmdset_0001: Byte swap OTP info
    - cxl/region: Do not try to cleanup after cxl_region_setup_targets() fails
    - i3c: master: cdns: Fix reading status register
    - i3c: master: svc: fix race condition in ibi work thread
    - i3c: master: svc: fix wrong data return when IBI happen during start frame
    - i3c: master: svc: fix ibi may not return mandatory data byte
    - i3c: master: svc: fix check wrong status register in irq handler
    - i3c: master: svc: fix SDA keep low when polling IBIWON timeout happen
    - i3c: master: svc: fix random hot join failure since timeout error
    - cxl/region: Fix x1 root-decoder granularity calculations
    - cxl/port: Fix delete_endpoint() vs parent unregistration race
    - Bluetooth: btusb: Add RTW8852BE device 13d3:3570 to device tables
    - Bluetooth: btusb: Add 0bda:b85b for Fn-Link RTL8852BE
    - drm/amd/display: enable dsc_clk even if dsc_pg disabled
    - torture: Make torture_hrtimeout_ns() take an hrtimer mode parameter
    - rcutorture: Fix stuttering races and other issues
    - selftests/resctrl: Remove bw_report and bm_type from main()
    - selftests/resctrl: Simplify span lifetime
    - selftests/resctrl: Make benchmark command const and build it with pointers
    - selftests/resctrl: Extend signal handler coverage to unmount on receiving
      signal
    - parisc: Prevent booting 64-bit kernels on PA1.x machines
    - parisc/pgtable: Do not drop upper 5 address bits of physical address
    - parisc/power: Fix power soft-off when running on qemu
    - parisc: fix mmap_base calculation when stack grows upwards
    - xhci: Enable RPM on controllers that support low-power states
    - smb3: fix creating FIFOs when mounting with "sfu" mount option
    - smb3: fix touch -h of symlink
    - smb3: allow dumping session and tcon id to improve stats analysis and
      debugging
    - smb3: fix caching of ctime on setxattr
    - smb: client: fix use-after-free bug in cifs_debug_data_proc_show()
    - smb: client: fix use-after-free in smb2_query_info_compound()
    - smb: client: fix potential deadlock when releasing mids
    - smb: client: fix mount when dns_resolver key is not available
    - cifs: reconnect helper should set reconnect for the right channel
    - cifs: force interface update before a fresh session setup
    - cifs: do not reset chan_max if multichannel is not supported at mount
    - cifs: do not pass cifs_sb when trying to add channels
    - cifs: Fix encryption of cleared, but unset rq_iter data buffers
    - xfs: recovery should not clear di_flushiter unconditionally
    - btrfs: zoned: wait for data BG to be finished on direct IO allocation
    - ALSA: info: Fix potential deadlock at disconnection
    - ALSA: hda/realtek: Enable Mute LED on HP 255 G8
    - ALSA: hda/realtek - Add Dell ALC295 to pin fall back table
    - ALSA: hda/realtek - Enable internal speaker of ASUS K6500ZC
    - ALSA: hda/realtek: Enable Mute LED on HP 255 G10
    - ALSA: hda/realtek: Add quirks for HP Laptops
    - Revert ncsi: Propagate carrier gain/loss events to the NCSI controller
    - Revert "i2c: pxa: move to generic GPIO recovery"
    - lsm: fix default return value for vm_enough_memory
    - lsm: fix default return value for inode_getsecctx
    - sbsa_gwdt: Calculate timeout with 64-bit math
    - i2c: designware: Disable TX_EMPTY irq while waiting for block length byte
    - s390/ap: fix AP bus crash on early config change callback invocation
    - net: ethtool: Fix documentation of ethtool_sprintf()
    - net: dsa: lan9303: consequently nested-lock physical MDIO
    - net: phylink: initialize carrier state at creation
    - gfs2: don't withdraw if init_threads() got interrupted
    - i2c: i801: fix potential race in i801_block_transaction_byte_by_byte
    - f2fs: do not return EFSCORRUPTED, but try to run online repair
    - f2fs: set the default compress_level on ioctl
    - f2fs: avoid format-overflow warning
    - f2fs: split initial and dynamic conditions for extent_cache
    - media: lirc: drop trailing space from scancode transmit
    - media: sharp: fix sharp encoding
    - media: venus: hfi_parser: Add check to keep the number of codecs within
      range
    - media: venus: hfi: fix the check to handle session buffer requirement
    - media: venus: hfi: add checks to handle capabilities from firmware
    - media: ccs: Correctly initialise try compose rectangle
    - drm/mediatek/dp: fix memory leak on ->get_edid callback audio detection
    - drm/mediatek/dp: fix memory leak on ->get_edid callback error path
    - dm-bufio: fix no-sleep mode
    - dm-verity: don't use blocking calls from tasklets
    - nfsd: fix file memleak on client_opens_release
    - NFSD: Update nfsd_cache_append() to use xdr_stream
    - LoongArch: Mark __percpu functions as always inline
    - tracing: fprobe-event: Fix to check tracepoint event and return
    - swiotlb: do not free decrypted pages if dynamic
    - swiotlb: fix out-of-bounds TLB allocations with CONFIG_SWIOTLB_DYNAMIC
    - riscv: Using TOOLCHAIN_HAS_ZIHINTPAUSE marco replace zihintpause
    - riscv: put interrupt entries into .irqentry.text
    - riscv: mm: Update the comment of CONFIG_PAGE_OFFSET
    - riscv: correct pt_level name via pgtable_l5/4_enabled
    - riscv: kprobes: allow writing to x0
    - mmc: sdhci-pci-gli: A workaround to allow GL9750 to enter ASPM L1.2
    - mm: fix for negative counter: nr_file_hugepages
    - mm: kmem: drop __GFP_NOFAIL when allocating objcg vectors
    - mptcp: deal with large GSO size
    - mptcp: add validity check for sending RM_ADDR
    - mptcp: fix setsockopt(IP_TOS) subflow locking
    - selftests: mptcp: fix fastclose with csum failure
    - r8169: fix network lost after resume on DASH systems
    - r8169: add handling DASH when DASH is disabled
    - mmc: sdhci-pci-gli: GL9750: Mask the replay timer timeout of AER
    - media: qcom: camss: Fix pm_domain_on sequence in probe
    - media: qcom: camss: Fix vfe_get() error jump
    - media: qcom: camss: Fix VFE-17x vfe_disable_output()
    - media: qcom: camss: Fix VFE-480 vfe_disable_output()
    - media: qcom: camss: Fix missing vfe_lite clocks check
    - media: qcom: camss: Fix set CSI2_RX_CFG1_VC_MODE when VC is greater than 3
    - media: qcom: camss: Fix invalid clock enable bit disjunction
    - media: qcom: camss: Fix csid-gen2 for test pattern generator
    - Revert "HID: logitech-dj: Add support for a new lightspeed receiver
      iteration"
    - Revert "net: r8169: Disable multicast filter for RTL8168H and RTL8107E"
    - ext4: fix race between writepages and remount
    - ext4: no need to generate from free list in mballoc
    - ext4: make sure allocate pending entry not fail
    - ext4: apply umask if ACL support is disabled
    - ext4: correct offset of gdb backup in non meta_bg group to update_backups
    - ext4: mark buffer new if it is unwritten to avoid stale data exposure
    - ext4: correct return value of ext4_convert_meta_bg
    - ext4: correct the start block of counting reserved clusters
    - ext4: remove gdb backup copy for meta bg in setup_new_flex_group_blocks
    - ext4: add missed brelse in update_backups
    - ext4: properly sync file size update after O_SYNC direct IO
    - ext4: fix racy may inline data check in dio write
    - drm/amd/pm: Handle non-terminated overdrive commands.
    - drm: bridge: it66121: ->get_edid callback must not return err pointers
    - x86/srso: Move retbleed IBPB check into existing 'has_microcode' code block
    - drm/amd/display: Add Null check for DPP resource
    - drm/i915/mtl: Support HBR3 rate with C10 phy and eDP in MTL
    - drm/i915: Bump GLK CDCLK frequency when driving multiple pipes
    - drm/i915: Fix potential spectre vulnerability
    - drm/i915: Flush WC GGTT only on required platforms
    - drm/amd/pm: Fix error of MACO flag setting code
    - drm/amdgpu/smu13: drop compute workload workaround
    - drm/amdgpu: don't use pci_is_thunderbolt_attached()
    - drm/amdgpu: fix GRBM read timeout when do mes_self_test
    - drm/amdgpu: add a retry for IP discovery init
    - drm/amdgpu: don't use ATRM for external devices
    - drm/amdgpu: fix error handling in amdgpu_vm_init
    - drm/amdgpu: fix error handling in amdgpu_bo_list_get()
    - drm/amdgpu: lower CS errors to debug severity
    - drm/amdgpu: Fix possible null pointer dereference
    - drm/amd/display: Guard against invalid RPTR/WPTR being set
    - drm/amd/display: Fix DSC not Enabled on Direct MST Sink
    - drm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer()
    - drm/amd/display: Enable fast plane updates on DCN3.2 and above
    - drm/amd/display: Clear dpcd_sink_ext_caps if not set
    - drm/amd/display: Change the DMCUB mailbox memory location from FB to inbox
    - Linux 6.6.3

[ Ubuntu: 6.6.0-13.13 ]

* noble/linux: 6.6.0-13.13 -proposed tracker (LP: #2044107)
  * Noble update: v6.6.2 upstream stable release (LP: #2044126)
    - hwmon: (nct6775) Fix incorrect variable reuse in fan_div calculation
    - numa: Generalize numa_map_to_online_node()
    - sched/topology: Fix sched_numa_find_nth_cpu() in CPU-less case
    - sched/topology: Fix sched_numa_find_nth_cpu() in non-NUMA case
    - sched/fair: Fix cfs_rq_is_decayed() on !SMP
    - iov_iter, x86: Be consistent about the __user tag on copy_mc_to_user()
    - sched/uclamp: Set max_spare_cap_cpu even if max_spare_cap is 0
    - sched/uclamp: Ignore (util == 0) optimization in feec() when p_util_max = 0
    - objtool: Propagate early errors
    - sched: Fix stop_one_cpu_nowait() vs hotplug
    - nfsd: Handle EOPENSTALE correctly in the filecache
    - vfs: fix readahead(2) on block devices
    - writeback, cgroup: switch inodes with dirty timestamps to release dying
      cgwbs
    - x86/srso: Fix SBPB enablement for (possible) future fixed HW
    - x86/srso: Print mitigation for retbleed IBPB case
    - x86/srso: Fix vulnerability reporting for missing microcode
    - x86/srso: Fix unret validation dependencies
    - futex: Don't include process MM in futex key on no-MMU
    - x86/numa: Introduce numa_fill_memblks()
    - ACPI/NUMA: Apply SRAT proximity domain to entire CFMWS window
    - cgroup/cpuset: Fix load balance state in update_partition_sd_lb()
    - x86/sev-es: Allow copy_from_kernel_nofault() in earlier boot
    - x86/boot: Fix incorrect startup_gdt_descr.size
    - cpu/SMT: Make SMT control more robust against enumeration failures
    - x86/apic: Fake primary thread mask for XEN/PV
    - srcu: Fix callbacks acceleration mishandling
    - drivers/clocksource/timer-ti-dm: Don't call clk_get_rate() in stop function
    - x86/nmi: Fix out-of-order NMI nesting checks & false positive warning
    - pstore/platform: Add check for kstrdup
    - perf: Optimize perf_cgroup_switch()
    - selftests/x86/lam: Zero out buffer for readlink()
    - PCI/MSI: Provide stubs for IMS functions
    - string: Adjust strtomem() logic to allow for smaller sources
    - genirq/matrix: Exclude managed interrupts in irq_matrix_allocated()
    - irqchip/sifive-plic: Fix syscore registration for multi-socket systems
    - wifi: ath12k: fix undefined behavior with __fls in dp
    - wifi: cfg80211: add flush functions for wiphy work
    - wifi: mac80211: move radar detect work to wiphy work
    - wifi: mac80211: move scan work to wiphy work
    - wifi: mac80211: move offchannel works to wiphy work
    - wifi: mac80211: move sched-scan stop work to wiphy work
    - wifi: mac80211: fix RCU usage warning in mesh fast-xmit
    - wifi: cfg80211: fix off-by-one in element defrag
    - wifi: mac80211: fix # of MSDU in A-MSDU calculation
    - wifi: iwlwifi: honor the enable_ini value
    - wifi: iwlwifi: don't use an uninitialized variable
    - i40e: fix potential memory leaks in i40e_remove()
    - iavf: Fix promiscuous mode configuration flow messages
    - selftests/bpf: Correct map_fd to data_fd in tailcalls
    - bpf, x64: Fix tailcall infinite loop
    - wifi: cfg80211: fix kernel-doc for wiphy_delayed_work_flush()
    - udp: introduce udp->udp_flags
    - udp: move udp->no_check6_tx to udp->udp_flags
    - udp: move udp->no_check6_rx to udp->udp_flags
    - udp: move udp->gro_enabled to udp->udp_flags
    - udp: add missing WRITE_ONCE() around up->encap_rcv
    - udp: move udp->accept_udp_{l4|fraglist} to udp->udp_flags
    - udp: lockless UDP_ENCAP_L2TPINUDP / UDP_GRO
    - udp: annotate data-races around udp->encap_type
    - udplite: remove UDPLITE_BIT
    - udplite: fix various data-races
    - selftests/bpf: Skip module_fentry_shadow test when bpf_testmod is not
      available
    - tcp: call tcp_try_undo_recovery when an RTOd TFO SYNACK is ACKed
    - bpf: Fix kfunc callback register type handling
    - gve: Use size_add() in call to struct_size()
    - mlxsw: Use size_mul() in call to struct_size()
    - tls: Use size_add() in call to struct_size()
    - tipc: Use size_add() in calls to struct_size()
    - net: spider_net: Use size_add() in call to struct_size()
    - ice: fix pin assignment for E810-T without SMA control
    - net: ethernet: mtk_wed: fix EXT_INT_STATUS_RX_FBUF definitions for MT7986
      SoC
    - wifi: rtw88: debug: Fix the NULL vs IS_ERR() bug for debugfs_create_file()
    - wifi: ath12k: fix DMA unmap warning on NULL DMA address
    - wifi: ath11k: fix boot failure with one MSI vector
    - wifi: mac80211: fix check for unusable RX result
    - PM: sleep: Fix symbol export for _SIMPLE_ variants of _PM_OPS()
    - cpufreq: tegra194: fix warning due to missing opp_put
    - wifi: mt76: mt7603: rework/fix rx pse hang check
    - wifi: mt76: mt7603: improve watchdog reset reliablity
    - wifi: mt76: mt7603: improve stuck beacon handling
    - wifi: mt76: remove unused error path in mt76_connac_tx_complete_skb
    - wifi: mt76: mt7996: set correct wcid in txp
    - wifi: mt76: mt7996: fix beamform mcu cmd configuration
    - wifi: mt76: mt7996: fix beamformee ss subfield in EHT PHY cap
    - wifi: mt76: mt7996: fix wmm queue mapping
    - wifi: mt76: mt7996: fix rx rate report for CBW320-2
    - wifi: mt76: mt7996: fix TWT command format
    - wifi: mt76: update beacon size limitation
    - wifi: mt76: fix potential memory leak of beacon commands
    - wifi: mt76: get rid of false alamrs of tx emission issues
    - wifi: mt76: fix per-band IEEE80211_CONF_MONITOR flag comparison
    - wifi: mt76: mt7915: fix beamforming availability check
    - wifi: mt76: move struct ieee80211_chanctx_conf up to struct mt76_vif
    - wifi: mt76: mt7921: fix the wrong rate pickup for the chanctx driver
    - wifi: mt76: mt7921: fix the wrong rate selected in fw for the chanctx driver
    - wifi: ath: dfs_pattern_detector: Fix a memory initialization issue
    - tcp_metrics: add missing barriers on delete
    - tcp_metrics: properly set tp->snd_ssthresh in tcp_init_metrics()
    - tcp_metrics: do not create an entry from tcp_init_metrics()
    - wifi: rtlwifi: fix EDCA limit set by BT coexistence
    - ACPI: property: Allow _DSD buffer data only for byte accessors
    - ACPI: video: Add acpi_backlight=vendor quirk for Toshiba Portégé R100
    - can: etas_es58x: rework the version check logic to silence -Wformat-
      truncation
    - can: etas_es58x: add missing a blank line after declaration
    - libbpf: Fix syscall access arguments on riscv
    - selftests/bpf: Define SYS_PREFIX for riscv
    - selftests/bpf: Define SYS_NANOSLEEP_KPROBE_NAME for riscv
    - r8152: break the loop when the budget is exhausted
    - wifi: ath11k: fix Tx power value during active CAC
    - can: dev: can_restart(): don't crash kernel if carrier is OK
    - can: dev: can_restart(): fix race condition between controller restart and
      netif_carrier_on()
    - can: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is
      accessed out of bounds
    - PM / devfreq: rockchip-dfi: Make pmu regmap mandatory
    - wifi: wfx: fix case where rates are out of order
    - netfilter: nf_tables: Drop pointless memset when dumping rules
    - virtio-net: fix mismatch of getting tx-frames
    - virtio-net: consistently save parameters for per-queue
    - virtio-net: fix per queue coalescing parameter setting
    - virtio-net: fix the vq coalescing setting for vq resize
    - wifi: rtw88: Remove duplicate NULL check before calling usb_kill/free_urb()
    - thermal: core: prevent potential string overflow
    - r8169: fix rare issue with broken rx after link-down on RTL8125
    - thermal/drivers/mediatek: Fix probe for THERMAL_V2
    - bpf: Fix missed rcu read lock in bpf_task_under_cgroup()
    - net: skb_find_text: Ignore patterns extending past 'to'
    - selftests/bpf: Make linked_list failure test more robust
    - thermal: core: Don't update trip points inside the hysteresis range
    - chtls: fix tp->rcv_tstamp initialization
    - tcp: fix cookie_init_timestamp() overflows
    - wifi: iwlwifi: mvm: update station's MFP flag after association
    - wifi: iwlwifi: mvm: fix removing pasn station for responder
    - wifi: iwlwifi: mvm: use correct sta ID for IGTK/BIGTK
    - wifi: mac80211: don't recreate driver link debugfs in reconfig
    - wifi: mac80211: Fix setting vif links
    - wifi: iwlwifi: yoyo: swap cdb and jacket bits values
    - wifi: iwlwifi: mvm: Correctly set link configuration
    - wifi: iwlwifi: mvm: Fix key flags for IGTK on AP interface
    - wifi: iwlwifi: mvm: Don't always bind/link the P2P Device interface
    - wifi: iwlwifi: mvm: change iwl_mvm_flush_sta() API
    - wifi: iwlwifi: mvm: fix iwl_mvm_mac_flush_sta()
    - wifi: iwlwifi: mvm: remove TDLS stations from FW
    - wifi: iwlwifi: increase number of RX buffers for EHT devices
    - wifi: iwlwifi: mvm: fix netif csum flags
    - wifi: iwlwifi: pcie: synchronize IRQs before NAPI
    - wifi: iwlwifi: mvm: update IGTK in mvmvif upon D3 resume
    - wifi: iwlwifi: empty overflow queue during flush
    - Bluetooth: ISO: Pass BIG encryption info through QoS
    - Bluetooth: Make handle of hci_conn be unique
    - Bluetooth: hci_sync: Fix Opcode prints in bt_dev_dbg/err
    - bpf: Fix unnecessary -EBUSY from htab_lock_bucket
    - ACPI: sysfs: Fix create_pnp_modalias() and create_of_modalias()
    - mptcp: properly account fastopen data
    - ipv6: avoid atomic fragment on GSO packets
    - virtio_net: use u64_stats_t infra to avoid data-races
    - net: add DEV_STATS_READ() helper
    - ipvlan: properly track tx_errors
    - regmap: debugfs: Fix a erroneous check after snprintf()
    - spi: tegra: Fix missing IRQ check in tegra_slink_probe()
    - clk: qcom: ipq5332: Drop set rate parent from gpll0 dependent clocks
    - clk: qcom: gcc-msm8996: Remove RPM bus clocks
    - clk: qcom: clk-rcg2: Fix clock rate overflow for high parent frequencies
    - clk: qcom: mmcc-msm8998: Don't check halt bit on some branch clks
    - clk: qcom: mmcc-msm8998: Fix the SMMU GDSC
    - clk: qcom: gcc-sm8150: Fix gcc_sdcc2_apps_clk_src
    - gpio: sim: initialize a managed pointer when declaring it
    - regulator: mt6358: Fail probe on unknown chip ID
    - clk: imx: Select MXC_CLK for CLK_IMX8QXP
    - clk: imx: imx8: Fix an error handling path in
      clk_imx_acm_attach_pm_domains()
    - clk: imx: imx8: Fix an error handling path if
      devm_clk_hw_register_mux_parent_data_table() fails
    - clk: imx: imx8: Fix an error handling path in imx8_acm_clk_probe()
    - clk: imx: imx8mq: correct error handling path
    - clk: imx: imx8qxp: Fix elcdif_pll clock
    - clk: renesas: rcar-gen3: Extend SDnH divider table
    - clk: renesas: rzg2l: Wait for status bit of SD mux before continuing
    - clk: renesas: rzg2l: Lock around writes to mux register
    - clk: renesas: rzg2l: Trust value returned by hardware
    - clk: renesas: rzg2l: Use FIELD_GET() for PLL register fields
    - clk: renesas: rzg2l: Fix computation formula
    - clk: linux/clk-provider.h: fix kernel-doc warnings and typos
    - spi: nxp-fspi: use the correct ioremap function
    - clk: ralink: mtmips: quiet unused variable warning
    - clk: keystone: pll: fix a couple NULL vs IS_ERR() checks
    - clk: ti: fix double free in of_ti_divider_clk_setup()
    - clk: npcm7xx: Fix incorrect kfree
    - clk: mediatek: clk-mt6765: Add check for mtk_alloc_clk_data
    - clk: mediatek: clk-mt6779: Add check for mtk_alloc_clk_data
    - clk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data
    - clk: mediatek: clk-mt7629-eth: Add check for mtk_alloc_clk_data
    - clk: mediatek: clk-mt7629: Add check for mtk_alloc_clk_data
    - clk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data
    - clk: qcom: config IPQ_APSS_6018 should depend on QCOM_SMEM
    - clk: qcom: clk-alpha-pll: introduce stromer plus ops
    - clk: qcom: apss-ipq-pll: Use stromer plus ops for stromer plus pll
    - clk: qcom: apss-ipq-pll: Fix 'l' value for ipq5332_pll_config
    - clk: qcom: ipq5018: drop the CLK_SET_RATE_PARENT flag from GPLL clocks
    - clk: qcom: ipq9574: drop the CLK_SET_RATE_PARENT flag from GPLL clocks
    - clk: qcom: ipq5332: drop the CLK_SET_RATE_PARENT flag from GPLL clocks
    - clk: mediatek: fix double free in mtk_clk_register_pllfh()
    - platform/x86: wmi: Fix probe failure when failing to register WMI devices
    - platform/x86: wmi: Fix opening of char device
    - regulator: qcom-rpmh: Fix smps4 regulator for pm8550ve
    - hwmon: (axi-fan-control) Fix possible NULL pointer dereference
    - hwmon: (coretemp) Fix potentially truncated sysfs attribute name
    - Revert "hwmon: (sch56xx-common) Add DMI override table"
    - Revert "hwmon: (sch56xx-common) Add automatic module loading on supported
      devices"
    - hwmon: (pmbus/mp2975) Move PGOOD fix
    - hwmon: (sch5627) Use bit macros when accessing the control register
    - hwmon: (sch5627) Disallow write access if virtual registers are locked
    - hte: tegra: Fix missing error code in tegra_hte_test_probe()
    - platform/chrome: cros_ec_lpc: Separate host command and irq disable
    - spi: omap2-mcspi: switch to use modern name
    - spi: omap2-mcspi: Fix hardcoded reference clock
    - drm: bridge: samsung-dsim: Initialize ULPS EXIT for i.MX8M DSIM
    - drm: bridge: for GENERIC_PHY_MIPI_DPHY also select GENERIC_PHY
    - drm: bridge: samsung-dsim: Fix waiting for empty cmd transfer FIFO on older
      Exynos
    - drm/loongson: Fix error handling in lsdc_pixel_pll_setup()
    - drm/rockchip: vop: Fix reset of state in duplicate state crtc funcs
    - drm/rockchip: vop: Fix call to crtc reset helper
    - drm/rockchip: vop2: Don't crash for invalid duplicate_state
    - drm/rockchip: vop2: Add missing call to crtc reset helper
    - drm/radeon: possible buffer overflow
    - drm/radeon: Remove the references of radeon_gem_ pread & pwrite ioctls
    - drm: bridge: it66121: Fix invalid connector dereference
    - drm/bridge: lt8912b: Fix bridge_detach
    - drm/bridge: lt8912b: Fix crash on bridge detach
    - drm/bridge: lt8912b: Manually disable HPD only if it was enabled
    - drm/bridge: lt8912b: Add missing drm_bridge_attach call
    - drm/ssd130x: Fix screen clearing
    - drm/mediatek: Fix coverity issue with unintentional integer overflow
    - x86/tdx: Zero out the missing RSI in TDX_HYPERCALL macro
    - drm/bridge: tc358768: Fix use of uninitialized variable
    - drm/bridge: tc358768: Fix bit updates
    - drm/bridge: tc358768: Use struct videomode
    - drm/bridge: tc358768: Print logical values, not raw register values
    - drm/bridge: tc358768: Use dev for dbg prints, not priv->dev
    - drm/bridge: tc358768: Rename dsibclk to hsbyteclk
    - drm/bridge: tc358768: Clean up clock period code
    - drm/bridge: tc358768: Fix tc358768_ns_to_cnt()
    - drm: Call drm_atomic_helper_shutdown() at shutdown/remove time for misc
      drivers
    - drm/amdgpu: Increase IH soft ring size for GFX v9.4.3 dGPU
    - drm/amdkfd: fix some race conditions in vram buffer alloc/free of svm code
    - drm/amdkfd: Remove svm range validated_once flag
    - drm/amdkfd: Handle errors from svm validate and map
    - drm/amd/display: Fix null pointer dereference in error message
    - drm/amd/display: Check all enabled planes in dm_check_crtc_cursor
    - drm/amd/display: Refactor dm_get_plane_scale helper
    - drm/amd/display: Bail from dm_check_crtc_cursor if no relevant change
    - io_uring/kbuf: Fix check of BID wrapping in provided buffers
    - io_uring/kbuf: Allow the full buffer id space for provided buffers
    - drm/mediatek: Add mmsys_dev_num to mt8188 vdosys0 driver data
    - drm/mediatek: Fix iommu fault by swapping FBs after updating plane state
    - drm/mediatek: Fix iommu fault during crtc enabling
    - accel/habanalabs/gaudi2: Fix incorrect string length computation in
      gaudi2_psoc_razwi_get_engines()
    - drm/msm/adreno: Fix SM6375 GPU ID
    - drm/msm/a6xx: Fix unknown speedbin case
    - drm/rockchip: cdn-dp: Fix some error handling paths in cdn_dp_probe()
    - gpu: host1x: Correct allocated size for contexts
    - drm/bridge: lt9611uxc: fix the race in the error path
    - arm64/arm: xen: enlighten: Fix KPTI checks
    - drm/rockchip: Fix type promotion bug in rockchip_gem_iommu_map()
    - xenbus: fix error exit in xenbus_init()
    - xen: Make struct privcmd_irqfd's layout architecture independent
    - xen: irqfd: Use _IOW instead of the internal _IOC() macro
    - xen-pciback: Consider INTx disabled when MSI/MSI-X is enabled
    - drm/msm/dsi: use msm_gem_kernel_put to free TX buffer
    - drm/msm/dsi: free TX buffer in unbind
    - clocksource/drivers/arm_arch_timer: limit XGene-1 workaround
    - drm: mediatek: mtk_dsi: Fix NO_EOT_PACKET settings/handling
    - drivers/perf: hisi: use cpuhp_state_remove_instance_nocalls() for
      hisi_hns3_pmu uninit process
    - drm/amd/pm: Fix a memory leak on an error path
    - perf/arm-cmn: Fix DTC domain detection
    - drivers/perf: hisi_pcie: Check the type first in pmu::event_init()
    - perf: hisi: Fix use-after-free when register pmu fails
    - ARM: dts: renesas: blanche: Fix typo in GP_11_2 pin name
    - arm64: dts: qcom: sdm845: Fix PSCI power domain names
    - arm64: dts: qcom: sdm845: cheza doesn't support LMh node
    - arm64: dts: qcom: sc7280: link usb3_phy_wrapper_gcc_usb30_pipe_clk
    - arm64: dts: qcom: msm8916: Fix iommu local address range
    - arm64: dts: qcom: msm8992-libra: drop duplicated reserved memory
    - arm64: dts: qcom: sm6125: Pad APPS IOMMU address to 8 characters
    - arm64: dts: qcom: sc7280: Add missing LMH interrupts
    - arm64: dts: qcom: qrb2210-rb1: Swap UART index
    - arm64: dts: qcom: qrb2210-rb1: Fix regulators
    - arm64: dts: qcom: sdm670: Fix pdc mapping
    - arm64: dts: qcom: sc7280: drop incorrect EUD port on SoC side
    - arm64: dts: qcom: sm8150: add ref clock to PCIe PHYs
    - arm64: dts: qcom: sm8350: fix pinctrl for UART18
    - arm64: dts: qcom: sdm845-mtp: fix WiFi configuration
    - arm64: dts: qcom: sdx75-idp: align RPMh regulator nodes with bindings
    - ARM64: dts: marvell: cn9310: Use appropriate label for spi1 pins
    - arm64: dts: qcom: msm8976: Fix ipc bit shifts
    - arm64: dts: qcom: msm8939: Fix iommu local address range
    - riscv: dts: allwinner: remove address-cells from intc node
    - arm64: dts: qcom: apq8016-sbc: Add missing ADV7533 regulators
    - ARM: dts: qcom: apq8026-samsung-matisse-wifi: Fix inverted hall sensor
    - ARM: dts: qcom: mdm9615: populate vsdcc fixed regulator
    - soc: qcom: llcc: Handle a second device without data corruption
    - kunit: Fix missed memory release in kunit_free_suite_set()
    - kunit: Fix the wrong kfree of copy for kunit_filter_suites()
    - kunit: Fix possible memory leak in kunit_filter_suites()
    - kunit: test: Fix the possible memory leak in executor_test
    - ARM: dts: stm32: stm32f7-pinctrl: don't use multiple blank lines
    - firmware: ti_sci: Mark driver as non removable
    - arm64: dts: ti: k3-j721s2-evm-gesi: Specify base dtb for overlay file
    - arm64: dts: ti: verdin-am62: disable MIPI DSI bridge
    - arm64: dts: ti: k3-am625-beagleplay: Fix typo in ramoops reg
    - arm64: dts: ti: k3-am62a7-sk: Drop i2c-1 to 100Khz
    - arm64: dts: ti: Fix HDMI Audio overlay in Makefile
    - firmware: arm_ffa: Assign the missing IDR allocation ID to the FFA device
    - firmware: arm_ffa: Allow the FF-A drivers to use 32bit mode of messaging
    - ARM: dts: am3517-evm: Fix LED3/4 pinmux
    - clk: scmi: Free scmi_clk allocated when the clocks with invalid info are
      skipped
    - arm64: dts: imx8qm-ss-img: Fix jpegenc compatible entry
    - arm64: dts: imx8mp-debix-model-a: Remove USB hub reset-gpios
    - arm64: dts: imx8mm: Add sound-dai-cells to micfil node
    - arm64: dts: imx8mn: Add sound-dai-cells to micfil node
    - arm64: tegra: Fix P3767 card detect polarity
    - arm64: tegra: Fix P3767 QSPI speed
    - firmware: tegra: Add suspend hook and reset BPMP IPC early on resume
    - memory: tegra: Set BPMP msg flags to reset IPC channels
    - arm64: tegra: Use correct interrupts for Tegra234 TKE
    - selftests/pidfd: Fix ksft print formats
    - selftests/resctrl: Ensure the benchmark commands fits to its array
    - soc: qcom: pmic_glink: fix connector type to be DisplayPort
    - ARM: dts: BCM5301X: Explicitly disable unused switch CPU ports
    - iommufd: Add iopt_area_alloc()
    - module/decompress: use vmalloc() for gzip decompression workspace
    - ASoC: cs35l41: Handle mdsync_down reg write errors
    - ASoC: cs35l41: Handle mdsync_up reg write errors
    - ASoC: cs35l41: Initialize completion object before requesting IRQ
    - ASoC: cs35l41: Fix broken shared boost activation
    - ASoC: cs35l41: Verify PM runtime resume errors in IRQ handler
    - ASoC: cs35l41: Undo runtime PM changes at driver exit time
    - ALSA: hda: cs35l41: Fix unbalanced pm_runtime_get()
    - ALSA: hda: cs35l41: Undo runtime PM changes at driver exit time
    - KEYS: Include linux/errno.h in linux/verification.h
    - crypto: ccp - Get a free page to use while fetching initial nonce
    - crypto: ccp - Fix ioctl unit tests
    - crypto: ccp - Fix DBC sample application error handling
    - crypto: ccp - Fix sample application signature passing
    - crypto: ccp - Fix some unfused tests
    - crypto: hisilicon/hpre - Fix a erroneous check after snprintf()
    - hwrng: bcm2835 - Fix hwrng throughput regression
    - hwrng: geode - fix accessing registers
    - RDMA/core: Use size_{add,sub,mul}() in calls to struct_size()
    - crypto: qat - fix state machines cleanup paths
    - crypto: qat - ignore subsequent state up commands
    - crypto: qat - fix unregistration of crypto algorithms
    - crypto: qat - fix unregistration of compression algorithms
    - scsi: ibmvfc: Fix erroneous use of rtas_busy_delay with hcall return code
    - ASoC: soc-pcm.c: Make sure DAI parameters cleared if the DAI becomes
      inactive
    - libnvdimm/of_pmem: Use devm_kstrdup instead of kstrdup and check its return
      value
    - nd_btt: Make BTT lanes preemptible
    - crypto: caam/qi2 - fix Chacha20 + Poly1305 self test failure
    - crypto: caam/jr - fix Chacha20 + Poly1305 self test failure
    - crypto: qat - increase size of buffers
    - ASoC: SOF: ipc4-topology: Use size_add() in call to struct_size()
    - PCI: vmd: Correct PCI Header Type Register's multi-function check
    - hid: cp2112: Fix duplicate workqueue initialization
    - crypto: hisilicon/qm - fix PF queue parameter issue
    - ARM: 9321/1: memset: cast the constant byte to unsigned char
    - ARM: 9323/1: mm: Fix ARCH_LOW_ADDRESS_LIMIT when CONFIG_ZONE_DMA
    - ext4: add missing initialization of call_notify_error in update_super_work()
    - ext4: move 'ix' sanity check to corrent position
    - kselftest: vm: fix mdwe's mmap_FIXED test case
    - ASoC: fsl: mpc5200_dma.c: Fix warning of Function parameter or member not
      described
    - backlight: pwm_bl: Disable PWM on shutdown, suspend and remove
    - ASoC: Intel: sof_sdw_rt_sdca_jack_common: add rt713 support
    - ASoC: fsl-asoc-card: Add comment for mclk in the codec_priv
    - fs: dlm: Fix the size of a buffer in dlm_create_debug_file()
    - dlm: fix creating multiple node structures
    - dlm: fix remove member after close call
    - dlm: be sure we reset all nodes at forced shutdown
    - dlm: fix no ack after final message
    - IB/mlx5: Fix rdma counter binding for RAW QP
    - RDMA/hns: Fix printing level of asynchronous events
    - RDMA/hns: Fix uninitialized ucmd in hns_roce_create_qp_common()
    - RDMA/hns: Fix signed-unsigned mixed comparisons
    - RDMA/hns: Add check for SL
    - RDMA/hns: The UD mode can only be configured with DCQCN
    - RDMA/hns: Fix unnecessary port_num transition in HW stats allocation
    - RDMA/hns: Fix init failure of RoCE VF and HIP08
    - ASoC: SOF: core: Ensure sof_ops_free() is still called when probe never ran.
    - ASoC: intel: sof_sdw: Stop processing CODECs when enough are found
    - ASoC: fsl: Fix PM disable depth imbalance in fsl_easrc_probe
    - scsi: ufs: core: Leave space for '\0' in utf8 desc string
    - RDMA/hfi1: Workaround truncation compilation error
    - hid: cp2112: Fix IRQ shutdown stopping polling for all IRQs on chip
    - HID: uclogic: Fix user-memory-access bug in
      uclogic_params_ugee_v2_init_event_hooks()
    - HID: uclogic: Fix a work->entry not empty bug in __queue_work()
    - sh: bios: Revive earlyprintk support
    - HID: logitech-hidpp: Don't restart IO, instead defer hid_connect() only
    - HID: logitech-hidpp: Revert "Don't restart communication if not necessary"
    - HID: logitech-hidpp: Move get_wireless_feature_index() check to
      hidpp_connect_event()
    - ASoC: Intel: Skylake: Fix mem leak when parsing UUIDs fails
    - PCI: endpoint: Fix double free in __pci_epc_create()
    - padata: Fix refcnt handling in padata_free_shell()
    - certs: Break circular dependency when selftest is modular
    - crypto: qat - consolidate services structure
    - crypto: qat - enable dc chaining service
    - crypto: qat - refactor fw config related functions
    - crypto: qat - use masks for AE groups
    - crypto: qat - fix ring to service map for QAT GEN4
    - crypto: qat - fix deadlock in backlog processing
    - ASoC: ams-delta.c: use component after check
    - erofs: fix erofs_insert_workgroup() lockref usage
    - IB/mlx5: Fix init stage error handling to avoid double free of same QP and
      UAF
    - mfd: core: Un-constify mfd_cell.of_reg
    - mfd: core: Ensure disabled devices are skipped without aborting
    - mfd: dln2: Fix double put in dln2_probe
    - dt-bindings: mfd: mt6397: Split out compatible for MediaTek MT6366 PMIC
    - mfd: arizona-spi: Set pdata.hpdet_channel for ACPI enumerated devs
    - leds: turris-omnia: Do not use SMBUS calls
    - leds: pwm: Don't disable the PWM when the LED should be off
    - leds: trigger: ledtrig-cpu:: Fix 'output may be truncated' issue for 'cpu'
    - scripts/gdb: fix usage of MOD_TEXT not defined when CONFIG_MODULES=n
    - perf stat: Fix aggr mode initialization
    - iio: frequency: adf4350: Use device managed functions and fix power down
      issue.
    - pinctrl: baytrail: fix debounce disable case
    - perf kwork: Fix incorrect and missing free atom in work_push_atom()
    - perf kwork: Add the supported subcommands to the document
    - perf kwork: Set ordered_events to true in 'struct perf_tool'
    - f2fs: compress: fix deadloop in f2fs_write_cache_pages()
    - f2fs: compress: fix to avoid use-after-free on dic
    - f2fs: compress: fix to avoid redundant compress extension
    - f2fs: fix to drop meta_inode's page cache in f2fs_put_super()
    - tty: tty_jobctrl: fix pid memleak in disassociate_ctty()
    - perf parse-events: Fix tracepoint name memory leak
    - livepatch: Fix missing newline character in klp_resolve_symbols()
    - pinctrl: renesas: rzg2l: Make reverse order of enable() for disable()
    - perf vendor events arm64: Fix for AmpereOne metrics
    - perf record: Fix BTF type checks in the off-cpu profiling
    - dmaengine: idxd: Register dsa_bus_type before registering idxd sub-drivers
    - usb: dwc2: fix possible NULL pointer dereference caused by driver
      concurrency
    - usb: chipidea: Fix DMA overwrite for Tegra
    - usb: chipidea: Simplify Tegra DMA alignment code
    - dmaengine: ti: edma: handle irq_of_parse_and_map() errors
    - tools/perf: Update call stack check in builtin-lock.c
    - misc: st_core: Do not call kfree_skb() under spin_lock_irqsave()
    - debugfs: Fix __rcu type comparison warning
    - tools: iio: iio_generic_buffer ensure alignment
    - USB: usbip: fix stub_dev hub disconnect
    - dmaengine: pxa_dma: Remove an erroneous BUG_ON() in pxad_free_desc()
    - f2fs: fix to initialize map.m_pblk in f2fs_precache_extents()
    - interconnect: qcom: qdu1000: Set ACV enable_mask
    - interconnect: qcom: sc7180: Set ACV enable_mask
    - interconnect: qcom: sc7280: Set ACV enable_mask
    - interconnect: qcom: sc8180x: Set ACV enable_mask
    - interconnect: qcom: sc8280xp: Set ACV enable_mask
    - interconnect: qcom: sdm670: Set ACV enable_mask
    - interconnect: qcom: sdm845: Set ACV enable_mask
    - interconnect: qcom: sm6350: Set ACV enable_mask
    - interconnect: qcom: sm8150: Set ACV enable_mask
    - interconnect: qcom: sm8250: Set ACV enable_mask
    - interconnect: qcom: sm8350: Set ACV enable_mask
    - interconnect: qcom: osm-l3: Replace custom implementation of COUNT_ARGS()
    - powerpc: Only define __parse_fpscr() when required
    - interconnect: fix error handling in qnoc_probe()
    - perf build: Add missing comment about NO_LIBTRACEEVENT=1
    - perf parse-events: Fix for term values that are raw events
    - perf mem-events: Avoid uninitialized read
    - s390/ap: re-init AP queues on config on
    - modpost: fix tee MODULE_DEVICE_TABLE built on big-endian host
    - modpost: fix ishtp MODULE_DEVICE_TABLE built on big-endian host
    - perf tools: Do not ignore the default vmlinux.h
    - powerpc/40x: Remove stale PTE_ATOMIC_UPDATES macro
    - powerpc/xive: Fix endian conversion size
    - powerpc: Hide empty pt_regs at base of the stack
    - perf trace: Use the right bpf_probe_read(_str) variant for reading user data
    - powerpc/vas: Limit open window failure messages in log bufffer
    - powerpc/imc-pmu: Use the correct spinlock initializer.
    - powerpc/pseries: fix potential memory leak in init_cpu_associativity()
    - perf vendor events: Update PMC used in PM_RUN_INST_CMPL event for power10
      platform
    - xhci: Loosen RPM as default policy to cover for AMD xHC 1.1
    - usb: host: xhci-plat: fix possible kernel oops while resuming
    - powerpc/vmcore: Add MMU information to vmcoreinfo
    - perf machine: Avoid out of bounds LBR memory read
    - libperf rc_check: Make implicit enabling work for GCC
    - perf hist: Add missing puts to hist__account_cycles
    - perf vendor events intel: Fix broadwellde tma_info_system_dram_bw_use metric
    - perf vendor events intel: Add broadwellde two metrics
    - 9p/net: fix possible memory leak in p9_check_errors()
    - rtla: Fix uninitialized variable found
    - i3c: Fix potential refcount leak in i3c_master_register_new_i3c_devs
    - rtc: brcmstb-waketimer: support level alarm_irq
    - cxl/pci: Remove unnecessary device reference management in sanitize work
    - cxl/pci: Cleanup 'sanitize' to always poll
    - cxl/pci: Remove inconsistent usage of dev_err_probe()
    - cxl/pci: Clarify devm host for memdev relative setup
    - cxl/pci: Fix sanitize notifier setup
    - cxl/memdev: Fix sanitize vs decoder setup locking
    - cxl/mem: Fix shutdown order
    - virt: sevguest: Fix passing a stack buffer as a scatterlist target
    - rtc: pcf85363: fix wrong mask/val parameters in regmap_update_bits call
    - cxl/region: Prepare the decoder match range helper for reuse
    - cxl/region: Calculate a target position in a region interleave
    - cxl/region: Use cxl_calc_interleave_pos() for auto-discovery
    - cxl/region: Fix cxl_region_rwsem lock held when returning to user space
    - cxl/core/regs: Rename @dev to @host in struct cxl_register_map
    - cxl/port: Fix @host confusion in cxl_dport_setup_regs()
    - cxl/hdm: Remove broken error path
    - pcmcia: cs: fix possible hung task and memory leak pccardd()
    - pcmcia: ds: fix refcount leak in pcmcia_device_add()
    - pcmcia: ds: fix possible name leak in error path in pcmcia_device_add()
    - media: imx-jpeg: initiate a drain of the capture queue in dynamic resolution
      change
    - media: hantro: Check whether reset op is defined before use
    - media: verisilicon: Do not enable G2 postproc downscale if source is
      narrower than destination
    - media: ov13b10: Fix some error checking in probe
    - media: ov5640: fix vblank unchange issue when work at dvp mode
    - media: i2c: max9286: Fix some redundant of_node_put() calls
    - media: ov5640: Fix a memory leak when ov5640_probe fails
    - media: bttv: fix use after free error due to btv->timeout timer
    - media: amphion: handle firmware debug message
    - media: mtk-jpegenc: Fix bug in JPEG encode quality selection
    - media: s3c-camif: Avoid inappropriate kfree()
    - media: vidtv: psi: Add check for kstrdup
    - media: vidtv: mux: Add check and kfree for kstrdup
    - media: cedrus: Fix clock/reset sequence
    - media: i2c: imx219: Convert to CCI register access helpers
    - media: i2c: imx219: Replace register addresses with macros
    - media: i2c: imx219: Drop IMX219_REG_CSI_LANE_MODE from common regs array
    - media: cadence: csi2rx: Unregister v4l2 async notifier
    - media: dvb-usb-v2: af9035: fix missing unlock
    - media: verisilicon: Fixes clock list for rk3588 av1 decoder
    - media: mediatek: vcodec: Handle invalid encoder vsi
    - media: imx-jpeg: notify source chagne event when the first picture parsed
    - media: mediatek: vcodec: using encoder device to alloc/free encoder memory
    - media: platform: mtk-mdp3: fix uninitialized variable in mdp_path_config()
    - media: cec: meson: always include meson sub-directory in Makefile
    - cpupower: fix reference to nonexistent document
    - regmap: prevent noinc writes from clobbering cache
    - drm/amdgpu/gfx10,11: use memcpy_to/fromio for MQDs
    - drm/amdgpu: don't put MQDs in VRAM on ARM | ARM64
    - pwm: sti: Reduce number of allocations and drop usage of chip_data
    - pwm: brcmstb: Utilize appropriate clock APIs in suspend/resume
    - Input: synaptics-rmi4 - fix use after free in rmi_unregister_function()
    - watchdog: marvell_gti_wdt: Fix error code in probe()
    - watchdog: ixp4xx: Make sure restart always works
    - llc: verify mac len before reading mac header
    - hsr: Prevent use after free in prp_create_tagged_frame()
    - tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING
    - rxrpc: Fix two connection reaping bugs
    - bpf: Check map->usercnt after timer->timer is assigned
    - inet: shrink struct flowi_common
    - octeontx2-pf: Fix error codes
    - octeontx2-pf: Fix holes in error code
    - net: page_pool: add missing free_percpu when page_pool_init fail
    - dccp: Call security_inet_conn_request() after setting IPv4 addresses.
    - dccp/tcp: Call security_inet_conn_request() after setting IPv6 addresses.
    - net: r8169: Disable multicast filter for RTL8168H and RTL8107E
    - Fix termination state for idr_for_each_entry_ul()
    - net: stmmac: xgmac: Enable support for multiple Flexible PPS outputs
    - selftests: pmtu.sh: fix result checking
    - octeontx2-pf: Free pending and dropped SQEs
    - net/smc: fix dangling sock under state SMC_APPFINCLOSEWAIT
    - net/smc: allow cdc msg send rather than drop it with NULL sndbuf_desc
    - net/smc: put sk reference if close work was canceled
    - nvme: fix error-handling for io_uring nvme-passthrough
    - riscv: boot: Fix creation of loader.bin
    - ice: Fix SRIOV LAG disable on non-compliant aggregate
    - ice: lag: in RCU, use atomic allocation
    - ice: Fix VF-VF filter rules in switchdev mode
    - ice: Fix VF-VF direction matching in drop rule in switchdev
    - tg3: power down device only on SYSTEM_POWER_OFF
    - nbd: fix uaf in nbd_open
    - blk-core: use pr_warn_ratelimited() in bio_check_ro()
    - vsock/virtio: remove socket from connected/bound list on shutdown
    - r8169: respect userspace disabling IFF_MULTICAST
    - virtio/vsock: Fix uninit-value in virtio_transport_recv_pkt()
    - net: enetc: shorten enetc_setup_xdp_prog() error message to fit
      NETLINK_MAX_FMTMSG_LEN
    - i2c: iproc: handle invalid slave state
    - netfilter: xt_recent: fix (increase) ipv6 literal buffer length
    - netfilter: nat: fix ipv6 nat redirect with mapped and scoped addresses
    - net/sched: act_ct: Always fill offloading tuple iifidx
    - RISC-V: Don't fail in riscv_of_parent_hartid() for disabled HARTs
    - net: ti: icss-iep: fix setting counter value
    - drivers: perf: Do not broadcast to other cpus when starting a counter
    - module/decompress: use kvmalloc() consistently
    - fs: dlm: Simplify buffer size computation in dlm_create_debug_file()
    - drm/vc4: tests: Fix UAF in the mock helpers
    - drm/syncobj: fix DRM_SYNCOBJ_WAIT_FLAGS_WAIT_AVAILABLE
    - ASoC: rt712-sdca: fix speaker route missing issue
    - ASoC: mediatek: mt8186_mt6366_rt1019_rt5682s: trivial: fix error messages
    - ASoC: hdmi-codec: register hpd callback on component probe
    - ASoC: dapm: fix clock get name
    - spi: spi-zynq-qspi: add spi-mem to driver kconfig dependencies
    - arm64/arm: arm_pmuv3: perf: Don't truncate 64-bit registers
    - fbdev: imsttfb: fix double free in probe()
    - fbdev: imsttfb: fix a resource leak in probe
    - ALSA: hda/realtek: Add support dual speaker for Dell
    - fbdev: fsl-diu-fb: mark wr_reg_wa() static
    - tracing/kprobes: Fix the order of argument descriptions
    - eventfs: Check for NULL ef in eventfs_set_attr()
    - selftests: mptcp: run userspace pm tests slower
    - selftests: mptcp: fix wait_rm_addr/sf parameters
    - io_uring/net: ensure socket is marked connected on connect retry
    - x86/amd_nb: Use Family 19h Models 60h-7Fh Function 4 IDs
    - Revert "PCI/ASPM: Disable only ASPM_STATE_L1 when driver, disables L1"
    - Revert "mmc: core: Capture correct oemid-bits for eMMC cards"
    - btrfs: use u64 for buffer sizes in the tree search ioctls
    - btrfs: make found_logical_ret parameter mandatory for function
      queue_scrub_stripe()
    - Linux 6.6.2
  * Noble update: v6.6.1 upstream stable release (LP: #2044125)
    - drm/amd/display: Don't use fsleep for PSR exit waits
    - power: supply: core: Use blocking_notifier_call_chain to avoid RCU complaint
    - perf evlist: Avoid frequency mode for the dummy event
    - tracing: Have trace_event_file have ref counters
    - eventfs: Remove "is_freed" union with rcu head
    - eventfs: Save ownership and mode
    - eventfs: Delete eventfs_inode when the last dentry is freed
    - eventfs: Use simple_recursive_removal() to clean up dentries
    - ALSA: usb-audio: add quirk flag to enable native DSD for McIntosh devices
    - PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device
    - usb: storage: set 1.50 as the lower bcdDevice for older "Super Top"
      compatibility
    - usb: typec: tcpm: Add additional checks for contaminant
    - usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm()
    - usb: raw-gadget: properly handle interrupted requests
    - Bluetooth: hci_bcm4377: Mark bcm4378/bcm4387 as BROKEN_LE_CODED
    - tty: n_gsm: fix race condition in status line change on dead connections
    - tty: 8250: Remove UC-257 and UC-431
    - tty: 8250: Add support for additional Brainboxes UC cards
    - tty: 8250: Add support for Brainboxes UP cards
    - tty: 8250: Add support for Intashield IS-100
    - tty: 8250: Fix port count of PX-257
    - tty: 8250: Fix up PX-803/PX-857
    - tty: 8250: Add support for additional Brainboxes PX cards
    - tty: 8250: Add support for Intashield IX cards
    - tty: 8250: Add Brainboxes Oxford Semiconductor-based quirks
    - dt-bindings: serial: rs485: Add rs485-rts-active-high
    - misc: pci_endpoint_test: Add deviceID for J721S2 PCIe EP device support
    - serial: core: Fix runtime PM handling for pending tx
    - ALSA: hda: intel-dsp-config: Fix JSL Chromebook quirk detection
    - ASoC: SOF: sof-pci-dev: Fix community key quirk detection
    - Linux 6.6.1
  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/d2023.11.21)
    - [Packaging] update variants
  * Support mipi camera on Intel Meteor Lake platform (LP: #2031412)
    - SAUCE: iommu: intel-ipu: use IOMMU passthrough mode for Intel IPUs on Meteor
      Lake
    - SAUCE: platform/x86: int3472: Add handshake GPIO function
  * [SRU][J/L/M] UBUNTU: [Packaging] Make WWAN driver a loadable module
    (LP: #2033406)
    - [Packaging] Make WWAN driver loadable modules
  * usbip: error: failed to open /usr/share/hwdata//usb.ids (LP: #2039439)
    - [Packaging] Make linux-tools-common depend on hwdata
  * [Mediatek] mt8195-demo: enable CONFIG_MTK_IOMMU as module for multimedia and
    PCIE peripherals (LP: #2036587)
    - [Config] Enable CONFIG_MTK_IOMMU on arm64
  * linux-*: please enable dm-verity kconfigs to allow MoK/db verified root
    images (LP: #2019040)
    - [Config] CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG_SECONDARY_KEYRING=y
  * kexec enable to load/kdump zstd compressed zimg (LP: #2037398)
    - [Packaging] Revert arm64 image format to Image.gz
  * Mantic minimized/minimal cloud images do not receive IP address during
    provisioning; systemd regression with wait-online (LP: #2036968)
    - [Config] Enable virtio-net as built-in to avoid race
  * Make backlight module auto detect dell_uart_backlight (LP: #2008882)
    - SAUCE: ACPI: video: Dell AIO UART backlight detection
  * Enable ASPM for NVMe behind VMD (LP: #2034504)
    - SAUCE: PCI/ASPM: Allow ASPM override over FADT default
    - SAUCE: PCI: vmd: Mark ASPM override for device behind VMD bridge
  * Linux 6.2 fails to reboot with current u-boot-nezha (LP: #2021364)
    - [Config] Default to performance CPUFreq governor on riscv64
  * Enable Nezha board (LP: #1975592)
    - [Config] Enable CONFIG_REGULATOR_FIXED_VOLTAGE on riscv64
    - [Config] Build in D1 clock drivers on riscv64
    - [Config] Enable CONFIG_SUN6I_RTC_CCU on riscv64
    - [Config] Enable CONFIG_SUNXI_WATCHDOG on riscv64
    - [Config] Disable SUN50I_DE2_BUS on riscv64
    - [Config] Disable unneeded sunxi pinctrl drivers on riscv64
  * Enable Nezha board (LP: #1975592) // Enable StarFive VisionFive 2 board
    (LP: #2013232)
    - [Config] Enable CONFIG_SERIAL_8250_DW on riscv64
  * Enable StarFive VisionFive 2 board (LP: #2013232)
    - [Config] Enable CONFIG_PINCTRL_STARFIVE_JH7110_SYS on riscv64
    - [Config] Enable CONFIG_STARFIVE_WATCHDOG on riscv64
  * rcu_sched detected stalls on CPUs/tasks (LP: #1967130)
    - [Config] Enable virtually mapped stacks on riscv64
  * RISC-V kernel config is out of sync with other archs (LP: #1981437)
    - [Config] Sync riscv64 config with other architectures
  * Missing BT IDs for support for Intel Discrete Misty Peak2/BE202
    (LP: #2033455)
    - SAUCE: Bluetooth: btusb: Add support for Intel Misty Peak - 8087:0038
  * Check for changes relevant for security certifications (LP: #1945989)
    - [Packaging] Add a new fips-checks script
  * Installation support for SMARC RZ/G2L platform (LP: #2030525)
    - [Config] build Renesas RZ/G2L USBPHY control driver statically
  * Add support for kernels compiled with CONFIG_EFI_ZBOOT (LP: #2002226)
    - [Config]: Turn on CONFIG_EFI_ZBOOT on ARM64
  * Default module signing algo should be accelerated (LP: #2034061)
    - [Config] Default module signing algo should be accelerated
  * Miscellaneous Ubuntu changes
    - [Packaging] move linux-unstable to linux
    - [Config] no change: reorder annotations
  * Miscellaneous upstream changes
    - Revert "UBUNTU: SAUCE: vmd: fixup bridge ASPM by driver name instead"
    - Revert "UBUNTU: SAUCE: PCI/ASPM: Enable LTR for endpoints behind VMD"
    - Revert "UBUNTU: SAUCE: PCI/ASPM: Enable ASPM for links under VMD domain"

[ Ubuntu: 6.6.0-12.12 ]

* noble/linux-unstable: 6.6.0-12.12 -proposed tracker (LP: #2043664)
  * Miscellaneous Ubuntu changes
    - [Packaging] temporarily disable zfs dkms

[ Ubuntu: 6.6.0-11.11 ]

* noble/linux-unstable: 6.6.0-11.11 -proposed tracker (LP: #2043480)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
    - [Packaging] resync update-dkms-versions helper
    - [Packaging] update variants
    - debian/dkms-versions -- update from kernel-versions (main/d2023.11.14)
  * Miscellaneous Ubuntu changes
    - [Packaging] move to Noble
    - [Config] toolchain version update

[ Ubuntu: 6.6.0-10.10 ]

* mantic/linux-unstable: 6.6.0-10.10 -proposed tracker (LP: #2043088)
  * Bump arm64's CONFIG_NR_CPUS to 512 (LP: #2042897)
    - [Config] Bump CONFIG_NR_CPUS to 512 for arm64
  * Miscellaneous Ubuntu changes
    - [Config] Include a note for the NR_CPUS setting on riscv64
    - SAUCE: apparmor4.0.0 [83/83]: Fix inode_init for changed prototype

[ Ubuntu: 6.6.0-9.9 ]

* mantic/linux-unstable: 6.6.0-9.9 -proposed tracker (LP: #2041852)
  * Switch IMA default hash to sha256 (LP: #2041735)
    - [Config] Switch IMA_DEFAULT_HASH from sha1 to sha256
  * apparmor restricts read access of user namespace mediation sysctls to root
    (LP: #2040194)
    - SAUCE: apparmor4.0.0 [82/82]: apparmor: open userns related sysctl so lxc
      can check if restriction are in place
  * AppArmor spams kernel log with assert when auditing (LP: #2040192)
    - SAUCE: apparmor4.0.0 [81/82]: apparmor: fix request field from a prompt
      reply that denies all access
  * apparmor notification files verification (LP: #2040250)
    - SAUCE: apparmor4.0.0 [80/82]: apparmor: fix notification header size
  * apparmor oops when racing to retrieve a notification (LP: #2040245)
    - SAUCE: apparmor4.0.0 [79/82]: apparmor: fix oops when racing to retrieve
      notification
  * Disable restricting unprivileged change_profile by default, due to LXD
    latest/stable not yet compatible with this new apparmor feature
    (LP: #2038567)
    - SAUCE: apparmor4.0.0 [78/82]: apparmor: Make
      apparmor_restrict_unprivileged_unconfined opt-in
  * update apparmor and LSM stacking patch set (LP: #2028253)
    - SAUCE: apparmor4.0.0 [01/82]: add/use fns to print hash string hex value
    - SAUCE: apparmor4.0.0 [02/82]: rename SK_CTX() to aa_sock and make it an
      inline fn
    - SAUCE: apparmor4.0.0 [03/82]: patch to provide compatibility with v2.x net
      rules
    - SAUCE: apparmor4.0.0 [04/82]: add user namespace creation mediation
    - SAUCE: apparmor4.0.0 [05/82]: Add sysctls for additional controls of unpriv
      userns restrictions
    - SAUCE: apparmor4.0.0 [06/82]: af_unix mediation
    - SAUCE: apparmor4.0.0 [07/82]: Add fine grained mediation of posix mqueues
    - SAUCE: apparmor4.0.0 [08/82]: Stacking v38: LSM: Identify modules by more
      than name
    - SAUCE: apparmor4.0.0 [09/82]: Stacking v38: LSM: Add an LSM identifier for
      external use
    - SAUCE: apparmor4.0.0 [10/82]: Stacking v38: LSM: Identify the process
      attributes for each module
    - SAUCE: apparmor4.0.0 [11/82]: Stacking v38: LSM: Maintain a table of LSM
      attribute data
    - SAUCE: apparmor4.0.0 [12/82]: Stacking v38: proc: Use lsmids instead of lsm
      names for attrs
    - SAUCE: apparmor4.0.0 [13/82]: Stacking v38: integrity: disassociate
      ima_filter_rule from security_audit_rule
    - SAUCE: apparmor4.0.0 [14/82]: Stacking v38: LSM: Infrastructure management
      of the sock security
    - SAUCE: apparmor4.0.0 [15/82]: Stacking v38: LSM: Add the lsmblob data
      structure.
    - SAUCE: apparmor4.0.0 [16/82]: Stacking v38: LSM: provide lsm name and id
      slot mappings
    - SAUCE: apparmor4.0.0 [17/82]: Stacking v38: IMA: avoid label collisions with
      stacked LSMs
    - SAUCE: apparmor4.0.0 [18/82]: Stacking v38: LSM: Use lsmblob in
      security_audit_rule_match
    - SAUCE: apparmor4.0.0 [19/82]: Stacking v38: LSM: Use lsmblob in
      security_kernel_act_as
    - SAUCE: apparmor4.0.0 [20/82]: Stacking v38: LSM: Use lsmblob in
      security_secctx_to_secid
    - SAUCE: apparmor4.0.0 [21/82]: Stacking v38: LSM: Use lsmblob in
      security_secid_to_secctx
    - SAUCE: apparmor4.0.0 [22/82]: Stacking v38: LSM: Use lsmblob in
      security_ipc_getsecid
    - SAUCE: apparmor4.0.0 [23/82]: Stacking v38: LSM: Use lsmblob in
      security_current_getsecid
    - SAUCE: apparmor4.0.0 [24/82]: Stacking v38: LSM: Use lsmblob in
      security_inode_getsecid
    - SAUCE: apparmor4.0.0 [25/82]: Stacking v38: LSM: Use lsmblob in
      security_cred_getsecid
    - SAUCE: apparmor4.0.0 [26/82]: Stacking v38: LSM: Specify which LSM to
      display
    - SAUCE: apparmor4.0.0 [28/82]: Stacking v38: LSM: Ensure the correct LSM
      context releaser
    - SAUCE: apparmor4.0.0 [29/82]: Stacking v38: LSM: Use lsmcontext in
      security_secid_to_secctx
    - SAUCE: apparmor4.0.0 [30/82]: Stacking v38: LSM: Use lsmcontext in
      security_inode_getsecctx
    - SAUCE: apparmor4.0.0 [31/82]: Stacking v38: Use lsmcontext in
      security_dentry_init_security
    - SAUCE: apparmor4.0.0 [32/82]: Stacking v38: LSM: security_secid_to_secctx in
      netlink netfilter
    - SAUCE: apparmor4.0.0 [33/82]: Stacking v38: NET: Store LSM netlabel data in
      a lsmblob
    - SAUCE: apparmor4.0.0 [34/82]: Stacking v38: binder: Pass LSM identifier for
      confirmation
    - SAUCE: apparmor4.0.0 [35/82]: Stacking v38: LSM: security_secid_to_secctx
      module selection
    - SAUCE: apparmor4.0.0 [36/82]: Stacking v38: Audit: Keep multiple LSM data in
      audit_names
    - SAUCE: apparmor4.0.0 [37/82]: Stacking v38: Audit: Create audit_stamp
      structure
    - SAUCE: apparmor4.0.0 [38/82]: Stacking v38: LSM: Add a function to report
      multiple LSMs
    - SAUCE: apparmor4.0.0 [39/82]: Stacking v38: Audit: Allow multiple records in
      an audit_buffer
    - SAUCE: apparmor4.0.0 [40/82]: Stacking v38: Audit: Add record for multiple
      task security contexts
    - SAUCE: apparmor4.0.0 [41/82]: Stacking v38: audit: multiple subject lsm
      values for netlabel
    - SAUCE: apparmor4.0.0 [42/82]: Stacking v38: Audit: Add record for multiple
      object contexts
    - SAUCE: apparmor4.0.0 [43/82]: Stacking v38: netlabel: Use a struct lsmblob
      in audit data
    - SAUCE: apparmor4.0.0 [44/82]: Stacking v38: LSM: Removed scaffolding
      function lsmcontext_init
    - SAUCE: apparmor4.0.0 [45/82]: Stacking v38: AppArmor: Remove the exclusive
      flag
    - SAUCE: apparmor4.0.0 [46/82]: combine common_audit_data and
      apparmor_audit_data
    - SAUCE: apparmor4.0.0 [47/82]: setup slab cache for audit data
    - SAUCE: apparmor4.0.0 [48/82]: rename audit_data->label to
      audit_data->subj_label
    - SAUCE: apparmor4.0.0 [49/82]: pass cred through to audit info.
    - SAUCE: apparmor4.0.0 [50/82]: Improve debug print infrastructure
    - SAUCE: apparmor4.0.0 [51/82]: add the ability for profiles to have a
      learning cache
    - SAUCE: apparmor4.0.0 [52/82]: enable userspace upcall for mediation
    - SAUCE: apparmor4.0.0 [53/82]: cache buffers on percpu list if there is lock
      contention
    - SAUCE: apparmor4.0.0 [54/82]: advertise availability of exended perms
    - SAUCE: apparmor4.0.0 [56/82]: cleanup: provide separate audit messages for
      file and policy checks
    - SAUCE: apparmor4.0.0 [57/82]: prompt - lock down prompt interface
    - SAUCE: apparmor4.0.0 [58/82]: prompt - ref count pdb
    - SAUCE: apparmor4.0.0 [59/82]: prompt - allow controlling of caching of a
      prompt response
    - SAUCE: apparmor4.0.0 [60/82]: prompt - add refcount to audit_node in prep or
      reuse and delete
    - SAUCE: apparmor4.0.0 [61/82]: prompt - refactor to moving caching to
      uresponse
    - SAUCE: apparmor4.0.0 [62/82]: prompt - Improve debug statements
    - SAUCE: apparmor4.0.0 [63/82]: prompt - fix caching
    - SAUCE: apparmor4.0.0 [64/82]: prompt - rework build to use append fn, to
      simplify adding strings
    - SAUCE: apparmor4.0.0 [65/82]: prompt - refcount notifications
    - SAUCE: apparmor4.0.0 [66/82]: prompt - add the ability to reply with a
      profile name
    - SAUCE: apparmor4.0.0 [67/82]: prompt - fix notification cache when updating
    - SAUCE: apparmor4.0.0 [68/82]: prompt - add tailglob on name for cache
      support
    - SAUCE: apparmor4.0.0 [69/82]: prompt - allow profiles to set prompts as
      interruptible
    - SAUCE: apparmor4.0.0 [74/82]: advertise disconnected.path is available
    - SAUCE: apparmor4.0.0 [75/82]: fix invalid reference on profile->disconnected
    - SAUCE: apparmor4.0.0 [76/82]: add io_uring mediation
    - SAUCE: apparmor4.0.0 [77/82]: apparmor: Fix regression in mount mediation
  * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe]
    apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in mantic
    (LP: #2032602)
    - SAUCE: apparmor4.0.0 [70/82]: prompt - add support for advanced filtering of
      notifications
    - SAUCE: apparmor4.0.0 [71/82]: userns - add the ability to reference a global
      variable for a feature value
    - SAUCE: apparmor4.0.0 [72/82]: userns - make it so special unconfined
      profiles can mediate user namespaces
    - SAUCE: apparmor4.0.0 [73/82]: userns - allow restricting unprivileged
      change_profile
  * LSM stacking and AppArmor for 6.2: additional fixes (LP: #2017903) // update
    apparmor and LSM stacking patch set (LP: #2028253)
    - SAUCE: apparmor4.0.0 [55/82]: fix profile verification and enable it
  * udev fails to make prctl() syscall with apparmor=0 (as used by maas by
    default) (LP: #2016908) // update apparmor and LSM stacking patch set
    (LP: #2028253)
    - SAUCE: apparmor4.0.0 [27/82]: Stacking v38: Fix prctl() syscall with
      apparmor=0
  * Miscellaneous Ubuntu changes
    - [Config] SECURITY_APPARMOR_RESTRICT_USERNS=y

[ Ubuntu: 6.6.0-8.8 ]

* mantic/linux-unstable: 6.6.0-8.8 -proposed tracker (LP: #2040243)
  * Miscellaneous Ubuntu changes
    - abi: gc reference to phy-rtk-usb2/phy-rtk-usb3

[ Ubuntu: 6.6.0-7.7 ]

* mantic/linux-unstable: 6.6.0-7.7 -proposed tracker (LP: #2040147)
  * test_021_aslr_dapper_libs from ubuntu_qrt_kernel_security failed on K-5.19 /
    J-OEM-6.1 / J-6.2 AMD64 (LP: #1983357)
    - [Config]: set ARCH_MMAP_RND_{COMPAT_, }BITS to the maximum
  * Miscellaneous Ubuntu changes
    - [Config] updateconfigs following v6.6-rc7 rebase

[ Ubuntu: 6.6.0-6.6 ]

* mantic/linux-unstable: 6.6.0-6.6 -proposed tracker (LP: #2039780)
  * Miscellaneous Ubuntu changes
    - rebase on v6.6-rc6
    - [Config] updateconfigs following v6.6-rc6 rebase
  * Rebase to v6.6-rc6

[ Ubuntu: 6.6.0-5.5 ]

* mantic/linux-unstable: 6.6.0-5.5 -proposed tracker (LP: #2038899)
  * Miscellaneous Ubuntu changes
    - rebase on v6.6-rc5
    - [Config] updateconfigs following v6.6-rc5 rebase
  * Rebase to v6.6-rc5

[ Ubuntu: 6.6.0-4.4 ]

* mantic/linux-unstable: 6.6.0-4.4 -proposed tracker (LP: #2038423)
  * Miscellaneous Ubuntu changes
    - rebase on v6.6-rc4
  * Rebase to v6.6-rc4

[ Ubuntu: 6.6.0-3.3 ]

* mantic/linux-unstable: 6.6.0-3.3 -proposed tracker (LP: #2037622)
  * Miscellaneous Ubuntu changes
    - [Config] updateconfigs following v6.6-rc3 rebase
  * Miscellaneous upstream changes
    - Revert "UBUNTU: SAUCE: enforce rust availability only on x86_64"
    - arm64: rust: Enable Rust support for AArch64
    - arm64: rust: Enable PAC support for Rust.
    - arm64: Restrict Rust support to little endian only.

[ Ubuntu: 6.6.0-2.2 ]

* Miscellaneous upstream changes
    - UBUBNTU: [Config] build all COMEDI drivers as modules

[ Ubuntu: 6.6.0-1.1 ]

* Miscellaneous Ubuntu changes
    - [Packaging] move linux to linux-unstable
    - [Packaging] rebase on v6.6-rc1
    - [Config] updateconfigs following v6.6-rc1 rebase
    - [packaging] skip ABI, modules and retpoline checks
    - update dropped.txt
    - [Config] SHIFT_FS FTBFS with Linux 6.6, disable it
    - [Config] DELL_UART_BACKLIGHT FTBFS with Linux 6.6, disable it
    - [Packaging] debian/dkms-versions: temporarily disable dkms
    - [Packaging] temporarily disable signing for s390x
  * Rebase to v6.6-rc1

[ Ubuntu: 6.6.0-0.0 ]

* Empty entry

-- Paolo Pisati <paolo.pisati@canonical.com>  Fri, 01 Dec 2023 09:32:27 +0100

Changed in linux-gcp (Ubuntu):
status:	Fix Committed → Fix Released

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2024-02-08:

#12

This bug is awaiting verification that the linux-azure/6.5.0-1013.13 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-mantic-linux-azure' to 'verification-done-mantic-linux-azure'. If the problem still exists, change the tag 'verification-needed-mantic-linux-azure' to 'verification-failed-mantic-linux-azure'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-mantic-linux-azure-v2 verification-needed-mantic-linux-azure

Ubuntu
linux-gcp package

Kernel oops on 32-0bit kernels due to x86_cache_alignment initialization

Bug Description

CVE References

Other bug subscribers

Remote bug watches

	Status	Importance	Assigned to
linux-aws (Ubuntu)	In Progress	High	Unassigned
Lunar	Fix Released	Undecided	Unassigned
Mantic	In Progress	High	Unassigned
linux-gcp (Ubuntu)	Fix Released	Undecided	Unassigned
Lunar	Fix Released	Undecided	Unassigned
Mantic	Fix Released	Undecided	Unassigned

Ubuntulinux-gcp package

Kernel oops on 32-0bit kernels due to x86_cache_alignment initialization

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Ubuntu
linux-gcp package