--- linux-ibm-6.8.0.orig/Documentation/ABI/testing/debugfs-driver-qat +++ linux-ibm-6.8.0/Documentation/ABI/testing/debugfs-driver-qat @@ -81,3 +81,29 @@ : Number of Compress and Verify (CnV) errors and type of the last CnV error detected by Acceleration Engine N. + +What: /sys/kernel/debug/qat__/heartbeat/inject_error +Date: March 2024 +KernelVersion: 6.8 +Contact: qat-linux@intel.com +Description: (WO) Write to inject an error that simulates an heartbeat + failure. This is to be used for testing purposes. + + After writing this file, the driver stops arbitration on a + random engine and disables the fetching of heartbeat counters. + If a workload is running on the device, a job submitted to the + accelerator might not get a response and a read of the + `heartbeat/status` attribute might report -1, i.e. device + unresponsive. + The error is unrecoverable thus the device must be restarted to + restore its functionality. + + This attribute is available only when the kernel is built with + CONFIG_CRYPTO_DEV_QAT_ERROR_INJECTION=y. + + A write of 1 enables error injection. + + The following example shows how to enable error injection:: + + # cd /sys/kernel/debug/qat__ + # echo 1 > heartbeat/inject_error --- linux-ibm-6.8.0.orig/Documentation/ABI/testing/ima_policy +++ linux-ibm-6.8.0/Documentation/ABI/testing/ima_policy @@ -26,7 +26,7 @@ [uid=] [euid=] [gid=] [egid=] [fowner=] [fgroup=]] lsm: [[subj_user=] [subj_role=] [subj_type=] - [obj_user=] [obj_role=] [obj_type=]] + [obj_user=] [obj_role=] [obj_type=] [lsm=]] option: [digest_type=] [template=] [permit_directio] [appraise_type=] [appraise_flag=] [appraise_algos=] [keyrings=] @@ -138,6 +138,12 @@ measure subj_user=_ func=FILE_CHECK mask=MAY_READ + It is possible to explicitly specify which security + module a rule applies to using lsm=. If the security + module specified is not active on the system the rule + will be rejected. If lsm= is not specified the first + security module registered on the system will be assumed. + Example of measure rules using alternate PCRs:: measure func=KEXEC_KERNEL_CHECK pcr=4 --- linux-ibm-6.8.0.orig/Documentation/ABI/testing/sysfs-devices-system-cpu +++ linux-ibm-6.8.0/Documentation/ABI/testing/sysfs-devices-system-cpu @@ -516,6 +516,7 @@ /sys/devices/system/cpu/vulnerabilities/mds /sys/devices/system/cpu/vulnerabilities/meltdown /sys/devices/system/cpu/vulnerabilities/mmio_stale_data + /sys/devices/system/cpu/vulnerabilities/reg_file_data_sampling /sys/devices/system/cpu/vulnerabilities/retbleed /sys/devices/system/cpu/vulnerabilities/spec_store_bypass /sys/devices/system/cpu/vulnerabilities/spectre_v1 --- linux-ibm-6.8.0.orig/Documentation/ABI/testing/sysfs-driver-qat +++ linux-ibm-6.8.0/Documentation/ABI/testing/sysfs-driver-qat @@ -141,3 +141,23 @@ 64 This attribute is only available for qat_4xxx devices. + +What: /sys/bus/pci/devices//qat/auto_reset +Date: March 2024 +KernelVersion: 6.8 +Contact: qat-linux@intel.com +Description: (RW) Reports the current state of the autoreset feature + for a QAT device + + Write to the attribute to enable or disable device auto reset. + + Device auto reset is disabled by default. + + The values are: + + * 1/Yy/on: auto reset enabled. If the device encounters an + unrecoverable error, it will be reset automatically. + * 0/Nn/off: auto reset disabled. If the device encounters an + unrecoverable error, it will not be reset. + + This attribute is only available for qat_4xxx devices. --- linux-ibm-6.8.0.orig/Documentation/Makefile +++ linux-ibm-6.8.0/Documentation/Makefile @@ -112,7 +112,7 @@ $(Q)$(YNL_TOOL) -i $< -o $@ htmldocs: $(YNL_INDEX) - @$(srctree)/scripts/sphinx-pre-install --version-check + @$(srctree)/scripts/sphinx-pre-install --version-check --no-virtualenv @+$(foreach var,$(SPHINXDIRS),$(call loop_cmd,sphinx,html,$(var),,$(var))) # If Rust support is available and .config exists, add rustdoc generated contents. --- linux-ibm-6.8.0.orig/Documentation/admin-guide/hw-vuln/index.rst +++ linux-ibm-6.8.0/Documentation/admin-guide/hw-vuln/index.rst @@ -21,3 +21,4 @@ cross-thread-rsb srso gather_data_sampling + reg-file-data-sampling --- linux-ibm-6.8.0.orig/Documentation/admin-guide/hw-vuln/reg-file-data-sampling.rst +++ linux-ibm-6.8.0/Documentation/admin-guide/hw-vuln/reg-file-data-sampling.rst @@ -0,0 +1,104 @@ +================================== +Register File Data Sampling (RFDS) +================================== + +Register File Data Sampling (RFDS) is a microarchitectural vulnerability that +only affects Intel Atom parts(also branded as E-cores). RFDS may allow +a malicious actor to infer data values previously used in floating point +registers, vector registers, or integer registers. RFDS does not provide the +ability to choose which data is inferred. CVE-2023-28746 is assigned to RFDS. + +Affected Processors +=================== +Below is the list of affected Intel processors [#f1]_: + + =================== ============ + Common name Family_Model + =================== ============ + ATOM_GOLDMONT 06_5CH + ATOM_GOLDMONT_D 06_5FH + ATOM_GOLDMONT_PLUS 06_7AH + ATOM_TREMONT_D 06_86H + ATOM_TREMONT 06_96H + ALDERLAKE 06_97H + ALDERLAKE_L 06_9AH + ATOM_TREMONT_L 06_9CH + RAPTORLAKE 06_B7H + RAPTORLAKE_P 06_BAH + ATOM_GRACEMONT 06_BEH + RAPTORLAKE_S 06_BFH + =================== ============ + +As an exception to this table, Intel Xeon E family parts ALDERLAKE(06_97H) and +RAPTORLAKE(06_B7H) codenamed Catlow are not affected. They are reported as +vulnerable in Linux because they share the same family/model with an affected +part. Unlike their affected counterparts, they do not enumerate RFDS_CLEAR or +CPUID.HYBRID. This information could be used to distinguish between the +affected and unaffected parts, but it is deemed not worth adding complexity as +the reporting is fixed automatically when these parts enumerate RFDS_NO. + +Mitigation +========== +Intel released a microcode update that enables software to clear sensitive +information using the VERW instruction. Like MDS, RFDS deploys the same +mitigation strategy to force the CPU to clear the affected buffers before an +attacker can extract the secrets. This is achieved by using the otherwise +unused and obsolete VERW instruction in combination with a microcode update. +The microcode clears the affected CPU buffers when the VERW instruction is +executed. + +Mitigation points +----------------- +VERW is executed by the kernel before returning to user space, and by KVM +before VMentry. None of the affected cores support SMT, so VERW is not required +at C-state transitions. + +New bits in IA32_ARCH_CAPABILITIES +---------------------------------- +Newer processors and microcode update on existing affected processors added new +bits to IA32_ARCH_CAPABILITIES MSR. These bits can be used to enumerate +vulnerability and mitigation capability: + +- Bit 27 - RFDS_NO - When set, processor is not affected by RFDS. +- Bit 28 - RFDS_CLEAR - When set, processor is affected by RFDS, and has the + microcode that clears the affected buffers on VERW execution. + +Mitigation control on the kernel command line +--------------------------------------------- +The kernel command line allows to control RFDS mitigation at boot time with the +parameter "reg_file_data_sampling=". The valid arguments are: + + ========== ================================================================= + on If the CPU is vulnerable, enable mitigation; CPU buffer clearing + on exit to userspace and before entering a VM. + off Disables mitigation. + ========== ================================================================= + +Mitigation default is selected by CONFIG_MITIGATION_RFDS. + +Mitigation status information +----------------------------- +The Linux kernel provides a sysfs interface to enumerate the current +vulnerability status of the system: whether the system is vulnerable, and +which mitigations are active. The relevant sysfs file is: + + /sys/devices/system/cpu/vulnerabilities/reg_file_data_sampling + +The possible values in this file are: + + .. list-table:: + + * - 'Not affected' + - The processor is not vulnerable + * - 'Vulnerable' + - The processor is vulnerable, but no mitigation enabled + * - 'Vulnerable: No microcode' + - The processor is vulnerable but microcode is not updated. + * - 'Mitigation: Clear Register File' + - The processor is vulnerable and the CPU buffer clearing mitigation is + enabled. + +References +---------- +.. [#f1] Affected Processors + https://www.intel.com/content/www/us/en/developer/topic-technology/software-security-guidance/processors-affected-consolidated-product-cpu-model.html --- linux-ibm-6.8.0.orig/Documentation/admin-guide/hw-vuln/spectre.rst +++ linux-ibm-6.8.0/Documentation/admin-guide/hw-vuln/spectre.rst @@ -138,11 +138,10 @@ the BHB might be shared across privilege levels even in the presence of Enhanced IBRS. -Currently the only known real-world BHB attack vector is via -unprivileged eBPF. Therefore, it's highly recommended to not enable -unprivileged eBPF, especially when eIBRS is used (without retpolines). -For a full mitigation against BHB attacks, it's recommended to use -retpolines (or eIBRS combined with retpolines). +Previously the only known real-world BHB attack vector was via unprivileged +eBPF. Further research has found attacks that don't require unprivileged eBPF. +For a full mitigation against BHB attacks it is recommended to set BHI_DIS_S or +use the BHB clearing sequence. Attack scenarios ---------------- @@ -430,6 +429,23 @@ 'PBRSB-eIBRS: Not affected' CPU is not affected by PBRSB =========================== ======================================================= + - Branch History Injection (BHI) protection status: + +.. list-table:: + + * - BHI: Not affected + - System is not affected + * - BHI: Retpoline + - System is protected by retpoline + * - BHI: BHI_DIS_S + - System is protected by BHI_DIS_S + * - BHI: SW loop; KVM SW loop + - System is protected by software clearing sequence + * - BHI: Syscall hardening + - Syscalls are hardened against BHI + * - BHI: Syscall hardening; KVM: SW loop + - System is protected from userspace attacks by syscall hardening; KVM is protected by software clearing sequence + Full mitigation might require a microcode update from the CPU vendor. When the necessary microcode is not available, the kernel will report vulnerability. @@ -484,7 +500,11 @@ Systems which support enhanced IBRS (eIBRS) enable IBRS protection once at boot, by setting the IBRS bit, and they're automatically protected against - Spectre v2 variant attacks. + some Spectre v2 variant attacks. The BHB can still influence the choice of + indirect branch predictor entry, and although branch predictor entries are + isolated between modes when eIBRS is enabled, the BHB itself is not isolated + between modes. Systems which support BHI_DIS_S will set it to protect against + BHI attacks. On Intel's enhanced IBRS systems, this includes cross-thread branch target injections on SMT systems (STIBP). In other words, Intel eIBRS enables @@ -638,6 +658,22 @@ spectre_v2=off. Spectre variant 1 mitigations cannot be disabled. + spectre_bhi= + + [X86] Control mitigation of Branch History Injection + (BHI) vulnerability. Syscalls are hardened against BHI + regardless of this setting. This setting affects the deployment + of the HW BHI control and the SW BHB clearing sequence. + + on + unconditionally enable. + off + unconditionally disable. + auto + enable if hardware mitigation + control(BHI_DIS_S) is available, otherwise + enable alternate mitigation in KVM. + For spectre_v2_user see Documentation/admin-guide/kernel-parameters.txt Mitigation selection guide --- linux-ibm-6.8.0.orig/Documentation/admin-guide/kernel-parameters.txt +++ linux-ibm-6.8.0/Documentation/admin-guide/kernel-parameters.txt @@ -848,6 +848,10 @@ Format: ,,,[,] + cpufreq_driver= [X86] Allow only the named cpu frequency scaling driver + to register. Example: cpufreq_driver=powernow-k8 + Format: { none | STRING } + cpuidle.off=1 [CPU_IDLE] disable the cpuidle sub-system @@ -1150,6 +1154,26 @@ The filter can be disabled or changed to another driver later using sysfs. + reg_file_data_sampling= + [X86] Controls mitigation for Register File Data + Sampling (RFDS) vulnerability. RFDS is a CPU + vulnerability which may allow userspace to infer + kernel data values previously stored in floating point + registers, vector registers, or integer registers. + RFDS only affects Intel Atom processors. + + on: Turns ON the mitigation. + off: Turns OFF the mitigation. + + This parameter overrides the compile time default set + by CONFIG_MITIGATION_RFDS. Mitigation cannot be + disabled when other VERW based mitigations (like MDS) + are enabled. In order to disable RFDS mitigation all + VERW based mitigations need to be disabled. + + For details see: + Documentation/admin-guide/hw-vuln/reg-file-data-sampling.rst + driver_async_probe= [KNL] List of driver names to be probed asynchronously. * matches with all driver names. If * is specified, the @@ -3398,6 +3422,7 @@ nospectre_bhb [ARM64] nospectre_v1 [X86,PPC] nospectre_v2 [X86,PPC,S390,ARM64] + reg_file_data_sampling=off [X86] retbleed=off [X86] spec_store_bypass_disable=off [X86,PPC] spectre_v2_user=off [X86] @@ -4370,6 +4395,12 @@ nomsi [MSI] If the PCI_MSI kernel config parameter is enabled, this kernel boot option can be used to disable the use of MSI interrupts system-wide. + clearmsi [X86] Clears MSI/MSI-X enable bits early in boot + time in order to avoid issues like adapters + screaming irqs and preventing boot progress. + Also, it enforces the PCI Local Bus spec + rule that those bits should be 0 in system reset + events (useful for kexec/kdump cases). noioapicquirk [APIC] Disable all boot interrupt quirks. Safety option to keep boot IRQs enabled. This should never be necessary. @@ -5034,6 +5065,11 @@ this kernel boot parameter, forcibly setting it to zero. + rcutree.enable_rcu_lazy= [KNL] + To save power, batch RCU callbacks and flush after + delay, memory pressure or callback list growing too + big. + rcuscale.gp_async= [KNL] Measure performance of asynchronous grace-period primitives such as call_rcu(). @@ -6012,6 +6048,18 @@ sonypi.*= [HW] Sony Programmable I/O Control Device driver See Documentation/admin-guide/laptops/sonypi.rst + spectre_bhi= [X86] Control mitigation of Branch History Injection + (BHI) vulnerability. Syscalls are hardened against BHI + reglardless of this setting. This setting affects the + deployment of the HW BHI control and the SW BHB + clearing sequence. + + on - unconditionally enable. + off - unconditionally disable. + auto - (default) enable hardware mitigation + (BHI_DIS_S) if available, otherwise enable + alternate mitigation in KVM. + spectre_v2= [X86] Control mitigation of Spectre variant 2 (indirect branch speculation) vulnerability. The default operation protects the kernel from --- linux-ibm-6.8.0.orig/Documentation/cgroups/namespace.txt +++ linux-ibm-6.8.0/Documentation/cgroups/namespace.txt @@ -0,0 +1,142 @@ + CGroup Namespaces + +CGroup Namespace provides a mechanism to virtualize the view of the +/proc//cgroup file. The CLONE_NEWCGROUP clone-flag can be used with +clone() and unshare() syscalls to create a new cgroup namespace. +The process running inside the cgroup namespace will have its /proc//cgroup +output restricted to cgroupns-root. cgroupns-root is the cgroup of the process +at the time of creation of the cgroup namespace. + +Prior to CGroup Namespace, the /proc//cgroup file used to show complete +path of the cgroup of a process. In a container setup (where a set of cgroups +and namespaces are intended to isolate processes), the /proc//cgroup file +may leak potential system level information to the isolated processes. + +For Example: + $ cat /proc/self/cgroup + 0:cpuset,cpu,cpuacct,memory,devices,freezer,hugetlb:/batchjobs/container_id1 + +The path '/batchjobs/container_id1' can generally be considered as system-data +and its desirable to not expose it to the isolated process. + +CGroup Namespaces can be used to restrict visibility of this path. +For Example: + # Before creating cgroup namespace + $ ls -l /proc/self/ns/cgroup + lrwxrwxrwx 1 root root 0 2014-07-15 10:37 /proc/self/ns/cgroup -> cgroup:[4026531835] + $ cat /proc/self/cgroup + 0:cpuset,cpu,cpuacct,memory,devices,freezer,hugetlb:/batchjobs/container_id1 + + # unshare(CLONE_NEWCGROUP) and exec /bin/bash + $ ~/unshare -c + [ns]$ ls -l /proc/self/ns/cgroup + lrwxrwxrwx 1 root root 0 2014-07-15 10:35 /proc/self/ns/cgroup -> cgroup:[4026532183] + # From within new cgroupns, process sees that its in the root cgroup + [ns]$ cat /proc/self/cgroup + 0:cpuset,cpu,cpuacct,memory,devices,freezer,hugetlb:/ + + # From global cgroupns: + $ cat /proc//cgroup + 0:cpuset,cpu,cpuacct,memory,devices,freezer,hugetlb:/batchjobs/container_id1 + + # Unshare cgroupns along with userns and mountns + # Following calls unshare(CLONE_NEWCGROUP|CLONE_NEWUSER|CLONE_NEWNS), then + # sets up uid/gid map and execs /bin/bash + $ ~/unshare -c -u -m + # Originally, we were in /batchjobs/container_id1 cgroup. Mount our own cgroup + # hierarchy. + [ns]$ mount -t cgroup cgroup /tmp/cgroup + [ns]$ ls -l /tmp/cgroup + total 0 + -r--r--r-- 1 root root 0 2014-10-13 09:32 cgroup.controllers + -r--r--r-- 1 root root 0 2014-10-13 09:32 cgroup.populated + -rw-r--r-- 1 root root 0 2014-10-13 09:25 cgroup.procs + -rw-r--r-- 1 root root 0 2014-10-13 09:32 cgroup.subtree_control + +The cgroupns-root (/batchjobs/container_id1 in above example) becomes the +filesystem root for the namespace specific cgroupfs mount. + +The virtualization of /proc/self/cgroup file combined with restricting +the view of cgroup hierarchy by namespace-private cgroupfs mount +should provide a completely isolated cgroup view inside the container. + +In its current form, the cgroup namespaces patcheset provides following +behavior: + +(1) The 'cgroupns-root' for a cgroup namespace is the cgroup in which + the process calling unshare is running. + For ex. if a process in /batchjobs/container_id1 cgroup calls unshare, + cgroup /batchjobs/container_id1 becomes the cgroupns-root. + For the init_cgroup_ns, this is the real root ('/') cgroup + (identified in code as cgrp_dfl_root.cgrp). + +(2) The cgroupns-root cgroup does not change even if the namespace + creator process later moves to a different cgroup. + $ ~/unshare -c # unshare cgroupns in some cgroup + [ns]$ cat /proc/self/cgroup + 0:cpuset,cpu,cpuacct,memory,devices,freezer,hugetlb:/ + [ns]$ mkdir sub_cgrp_1 + [ns]$ echo 0 > sub_cgrp_1/cgroup.procs + [ns]$ cat /proc/self/cgroup + 0:cpuset,cpu,cpuacct,memory,devices,freezer,hugetlb:/sub_cgrp_1 + +(3) Each process gets its CGROUPNS specific view of /proc//cgroup +(a) Processes running inside the cgroup namespace will be able to see + cgroup paths (in /proc/self/cgroup) only inside their root cgroup + [ns]$ sleep 100000 & # From within unshared cgroupns + [1] 7353 + [ns]$ echo 7353 > sub_cgrp_1/cgroup.procs + [ns]$ cat /proc/7353/cgroup + 0:cpuset,cpu,cpuacct,memory,devices,freezer,hugetlb:/sub_cgrp_1 + +(b) From global cgroupns, the real cgroup path will be visible: + $ cat /proc/7353/cgroup + 0:cpuset,cpu,cpuacct,memory,devices,freezer,hugetlb:/batchjobs/container_id1/sub_cgrp_1 + +(c) From a sibling cgroupns (cgroupns root-ed at a different cgroup), cgroup + path relative to its own cgroupns-root will be shown: + # ns2's cgroupns-root is at '/batchjobs/container_id2' + [ns2]$ cat /proc/7353/cgroup + 0:cpuset,cpu,cpuacct,memory,devices,freezer,hugetlb:/../container_id2/sub_cgrp_1 + + Note that the relative path always starts with '/' to indicate that its + relative to the cgroupns-root of the caller. + +(4) Processes inside a cgroupns can move in-and-out of the cgroupns-root + (if they have proper access to external cgroups). + # From inside cgroupns (with cgroupns-root at /batchjobs/container_id1), and + # assuming that the global hierarchy is still accessible inside cgroupns: + $ cat /proc/7353/cgroup + 0:cpuset,cpu,cpuacct,memory,devices,freezer,hugetlb:/sub_cgrp_1 + $ echo 7353 > batchjobs/container_id2/cgroup.procs + $ cat /proc/7353/cgroup + 0:cpuset,cpu,cpuacct,memory,devices,freezer,hugetlb:/../container_id2 + + Note that this kind of setup is not encouraged. A task inside cgroupns + should only be exposed to its own cgroupns hierarchy. Otherwise it makes + the virtualization of /proc//cgroup less useful. + +(5) Setns to another cgroup namespace is allowed when: + (a) the process has CAP_SYS_ADMIN in its current userns + (b) the process has CAP_SYS_ADMIN in the target cgroupns' userns + No implicit cgroup changes happen with attaching to another cgroupns. It + is expected that the somone moves the attaching process under the target + cgroupns-root. + +(6) When some thread from a multi-threaded process unshares its + cgroup-namespace, the new cgroupns gets applied to the entire process (all + the threads). For the unified-hierarchy this is expected as it only allows + process-level containerization. For the legacy hierarchies this may be + unexpected. So all the threads in the process will have the same cgroup. + +(7) The cgroup namespace is alive as long as there is atleast 1 + process inside it. When the last process exits, the cgroup + namespace is destroyed. The cgroupns-root and the actual cgroups + remain though. + +(8) Namespace specific cgroup hierarchy can be mounted by a process running + inside cgroupns: + $ mount -t cgroup -o __DEVEL__sane_behavior cgroup $MOUNT_POINT + + This will mount the unified cgroup hierarchy with cgroupns-root as the + filesystem root. The process needs CAP_SYS_ADMIN in its userns and mntns. --- linux-ibm-6.8.0.orig/Documentation/process/changes.rst +++ linux-ibm-6.8.0/Documentation/process/changes.rst @@ -31,7 +31,7 @@ ====================== =============== ======================================== GNU C 5.1 gcc --version Clang/LLVM (optional) 11.0.0 clang --version -Rust (optional) 1.74.1 rustc --version +Rust (optional) 1.75.0 rustc --version bindgen (optional) 0.65.1 bindgen --version GNU make 3.82 make --version bash 4.2 bash --version --- linux-ibm-6.8.0.orig/Documentation/sphinx/cdomain.py +++ linux-ibm-6.8.0/Documentation/sphinx/cdomain.py @@ -37,12 +37,29 @@ import sphinx from sphinx import addnodes -from sphinx.domains.c import c_funcptr_sig_re, c_sig_re from sphinx.domains.c import CObject as Base_CObject from sphinx.domains.c import CDomain as Base_CDomain from itertools import chain import re +# fixes https://github.com/sphinx-doc/sphinx/commit/0f49e30c51b5cc5055cda5b4b294c2dd9d1df573#r38750737 + +# pylint: disable=invalid-name +c_sig_re = re.compile( + r'''^([^(]*?) # return type + ([\w:.]+) \s* # thing name (colon allowed for C++) + (?: \((.*)\) )? # optionally arguments + (\s+const)? $ # const specifier + ''', re.VERBOSE) + +c_funcptr_sig_re = re.compile( + r'''^([^(]+?) # return type + (\( [^()]+ \)) \s* # name in parentheses + \( (.*) \) # arguments + (\s+const)? $ # const specifier + ''', re.VERBOSE) +# pylint: enable=invalid-name + __version__ = '1.1' # Get Sphinx version --- linux-ibm-6.8.0.orig/Kbuild +++ linux-ibm-6.8.0/Kbuild @@ -97,3 +97,4 @@ obj-$(CONFIG_NET) += net/ obj-y += virt/ obj-y += $(ARCH_DRIVERS) +obj-y += ubuntu/ --- linux-ibm-6.8.0.orig/Kconfig +++ linux-ibm-6.8.0/Kconfig @@ -19,6 +19,8 @@ source "drivers/Kconfig" +source "ubuntu/Kconfig" + source "fs/Kconfig" source "security/Kconfig" --- linux-ibm-6.8.0.orig/MAINTAINERS +++ linux-ibm-6.8.0/MAINTAINERS @@ -190,6 +190,18 @@ F: Documentation/devicetree/bindings/power/supply/*ab8500* F: drivers/power/supply/*ab8500* +AAEON DEVICE DRIVER WITH WMI INTERFACE +M: Edward Lin +M: Kunyang Fan +M: Frank Hsieh +M: Jacob Wu +S: Supported +F: drivers/gpio/gpio-aaeon.c +F: drivers/hwmon/hwmon-aaeon.c +F: drivers/leds/leds-aaeon.c +F: drivers/mfd/mfd-aaeon.c +F: drivers/watchdog/wdt_aaeon.c + ABI/API L: linux-api@vger.kernel.org F: include/linux/syscalls.h --- linux-ibm-6.8.0.orig/Makefile +++ linux-ibm-6.8.0/Makefile @@ -1,7 +1,7 @@ # SPDX-License-Identifier: GPL-2.0 VERSION = 6 PATCHLEVEL = 8 -SUBLEVEL = 0 +SUBLEVEL = 1 EXTRAVERSION = NAME = Hurr durr I'ma ninja sloth @@ -549,6 +549,9 @@ -I$(objtree)/include \ $(USERINCLUDE) +# UBUNTU: Include our third party driver stuff too +LINUXINCLUDE += -I$(srctree)/ubuntu/include + KBUILD_AFLAGS := -D__ASSEMBLY__ -fno-PIE KBUILD_CFLAGS := @@ -1278,8 +1281,9 @@ quiet_cmd_headers_install = INSTALL $(INSTALL_HDR_PATH)/include cmd_headers_install = \ mkdir -p $(INSTALL_HDR_PATH); \ - rsync -mrl --include='*/' --include='*\.h' --exclude='*' \ - usr/include $(INSTALL_HDR_PATH) + find usr/include -type f -name '*.h' -print0 | \ + tar -czf - --null --no-recursion --no-wildcards-match-slash -T- | \ + tar -xzf - --strip-components=1 -C $(INSTALL_HDR_PATH) PHONY += headers_install headers_install: headers @@ -1294,6 +1298,7 @@ $(if $(filter um, $(SRCARCH)), $(error Headers not exportable for UML)) $(Q)$(MAKE) $(hdr-inst)=include/uapi $(Q)$(MAKE) $(hdr-inst)=arch/$(SRCARCH)/include/uapi + $(Q)$(MAKE) $(hdr-inst)=ubuntu/include dst=include oldheaders= ifdef CONFIG_HEADERS_INSTALL prepare: headers @@ -1485,7 +1490,7 @@ # Directories & files removed with 'make mrproper' MRPROPER_FILES += include/config include/generated \ arch/$(SRCARCH)/include/generated .objdiff \ - debian snap tar-install \ + snap tar-install \ .config .config.old .version \ Module.symvers \ certs/signing_key.pem \ --- linux-ibm-6.8.0.orig/Ubuntu.md +++ linux-ibm-6.8.0/Ubuntu.md @@ -0,0 +1,8 @@ +Name: linux-ibm +Version: 6.2.0 +Series: 23.04 (lunar) +Description: + This is the source code for the Ubuntu linux kernel for the 23.04 series. This + source tree is used to produce the flavours: ibm. + This kernel is configured to support the widest range of desktop, laptop and + server configurations. --- linux-ibm-6.8.0.orig/arch/arm/Makefile +++ linux-ibm-6.8.0/arch/arm/Makefile @@ -59,6 +59,9 @@ # KBUILD_CFLAGS += $(call cc-option,-fno-ipa-sra) +# Need -msoft-float for gcc 11 for the below instruction set selection +KBUILD_CFLAGS += -msoft-float + # This selects which instruction set is used. arch-$(CONFIG_CPU_32v7M) :=-march=armv7-m arch-$(CONFIG_CPU_32v7) :=-march=armv7-a @@ -141,7 +144,7 @@ # Need -Uarm for gcc < 3.x KBUILD_CPPFLAGS +=$(cpp-y) -KBUILD_CFLAGS +=$(CFLAGS_ABI) $(CFLAGS_ISA) $(arch-y) $(tune-y) $(call cc-option,-mshort-load-bytes,$(call cc-option,-malignment-traps,)) -msoft-float -Uarm +KBUILD_CFLAGS +=$(CFLAGS_ABI) $(CFLAGS_ISA) $(arch-y) $(tune-y) $(call cc-option,-mshort-load-bytes,$(call cc-option,-malignment-traps,)) -Uarm KBUILD_AFLAGS +=$(CFLAGS_ABI) $(AFLAGS_ISA) -Wa,$(arch-y) $(tune-y) -include asm/unified.h -msoft-float CHECKFLAGS += -D__arm__ --- linux-ibm-6.8.0.orig/arch/arm64/Kconfig +++ linux-ibm-6.8.0/arch/arm64/Kconfig @@ -1550,7 +1550,7 @@ # 64K | 29 | 16 | 13 | 13 | config ARCH_FORCE_MAX_ORDER int - default "13" if ARM64_64K_PAGES + default "13" if ARM64_64K_PAGES || (ARCH_THUNDER && ARM64_4K_PAGES) default "11" if ARM64_16K_PAGES default "10" help --- linux-ibm-6.8.0.orig/arch/arm64/kernel/fpsimd.c +++ linux-ibm-6.8.0/arch/arm64/kernel/fpsimd.c @@ -1923,7 +1923,7 @@ put_cpu_fpsimd_context(); } -EXPORT_SYMBOL_GPL(kernel_neon_begin); +EXPORT_SYMBOL(kernel_neon_begin); /* * kernel_neon_end(): give the CPU FPSIMD registers back to the current task @@ -1950,7 +1950,7 @@ else clear_thread_flag(TIF_KERNEL_FPSTATE); } -EXPORT_SYMBOL_GPL(kernel_neon_end); +EXPORT_SYMBOL(kernel_neon_end); #ifdef CONFIG_EFI --- linux-ibm-6.8.0.orig/arch/powerpc/Makefile +++ linux-ibm-6.8.0/arch/powerpc/Makefile @@ -238,7 +238,7 @@ all: zImage # With make 3.82 we cannot mix normal and wildcard targets -BOOT_TARGETS1 := zImage zImage.initrd uImage +BOOT_TARGETS1 := zImage zImage.initrd uImage vmlinux.strip BOOT_TARGETS2 := zImage% dtbImage% treeImage.% cuImage.% simpleImage.% uImage.% PHONY += $(BOOT_TARGETS1) $(BOOT_TARGETS2) --- linux-ibm-6.8.0.orig/arch/powerpc/include/asm/cputhreads.h +++ linux-ibm-6.8.0/arch/powerpc/include/asm/cputhreads.h @@ -3,6 +3,7 @@ #define _ASM_POWERPC_CPUTHREADS_H #ifndef __ASSEMBLY__ +#include #include #include --- linux-ibm-6.8.0.orig/arch/powerpc/kernel/module_64.c +++ linux-ibm-6.8.0/arch/powerpc/kernel/module_64.c @@ -347,12 +347,13 @@ static void dedotify_versions(struct modversion_info *vers, unsigned long size) { - struct modversion_info *end; + struct modversion_info *end = (void *)vers + size; - for (end = (void *)vers + size; vers < end; vers++) + for (; vers < end && vers->next; vers = (void *)vers + vers->next) { if (vers->name[0] == '.') { memmove(vers->name, vers->name+1, strlen(vers->name)); } + } } /* --- linux-ibm-6.8.0.orig/arch/powerpc/kernel/pci-common.c +++ linux-ibm-6.8.0/arch/powerpc/kernel/pci-common.c @@ -360,6 +360,7 @@ } return NULL; } +EXPORT_SYMBOL(pci_find_hose_for_OF_device); struct pci_controller *pci_find_controller_for_domain(int domain_nr) { @@ -1630,6 +1631,7 @@ { return pci_bus_find_capability(fake_pci_bus(hose, bus), devfn, cap); } +EXPORT_SYMBOL_GPL(early_find_capability); struct device_node *pcibios_get_phb_of_node(struct pci_bus *bus) { --- linux-ibm-6.8.0.orig/arch/powerpc/kernel/setup-common.c +++ linux-ibm-6.8.0/arch/powerpc/kernel/setup-common.c @@ -35,6 +35,7 @@ #include #include #include +#include #include #include #include @@ -67,6 +68,7 @@ #include #include #include +#include #include "setup.h" @@ -896,6 +898,16 @@ */ initialize_cache_info(); + /* + * Lock down the kernel if booted in secure mode. This is required to + * maintain kernel integrity. + */ + if (IS_ENABLED(CONFIG_LOCK_DOWN_IN_SECURE_BOOT)) { + if (is_ppc_secureboot_enabled()) + security_lock_kernel_down("PowerNV Secure Boot mode", + LOCKDOWN_INTEGRITY_MAX); + } + /* Initialize RTAS if available. */ rtas_initialize(); --- linux-ibm-6.8.0.orig/arch/powerpc/lib/sstep.c +++ linux-ibm-6.8.0/arch/powerpc/lib/sstep.c @@ -8,6 +8,7 @@ #include #include #include +#include #include #include #include --- linux-ibm-6.8.0.orig/arch/powerpc/platforms/pseries/vio.c +++ linux-ibm-6.8.0/arch/powerpc/platforms/pseries/vio.c @@ -39,7 +39,6 @@ .name = "vio", .type = "", .dev.init_name = "vio", - .dev.bus = &vio_bus_type, }; #ifdef CONFIG_PPC_SMLPAR --- linux-ibm-6.8.0.orig/arch/riscv/boot/dts/microchip/mpfs-icicle-kit.dts +++ linux-ibm-6.8.0/arch/riscv/boot/dts/microchip/mpfs-icicle-kit.dts @@ -160,9 +160,11 @@ status = "okay"; }; +/* UBUNTU: PCIe support is not yet ready, so disable it for now &pcie { status = "okay"; }; +*/ &qspi { status = "okay"; --- linux-ibm-6.8.0.orig/arch/riscv/boot/dts/sifive/fu740-c000.dtsi +++ linux-ibm-6.8.0/arch/riscv/boot/dts/sifive/fu740-c000.dtsi @@ -42,7 +42,7 @@ }; }; cpu1: cpu@1 { - compatible = "sifive,bullet0", "riscv"; + compatible = "sifive,u74-mc", "sifive,bullet0", "riscv"; d-cache-block-size = <64>; d-cache-sets = <64>; d-cache-size = <32768>; @@ -69,7 +69,7 @@ }; }; cpu2: cpu@2 { - compatible = "sifive,bullet0", "riscv"; + compatible = "sifive,u74-mc", "sifive,bullet0", "riscv"; d-cache-block-size = <64>; d-cache-sets = <64>; d-cache-size = <32768>; @@ -96,7 +96,7 @@ }; }; cpu3: cpu@3 { - compatible = "sifive,bullet0", "riscv"; + compatible = "sifive,u74-mc", "sifive,bullet0", "riscv"; d-cache-block-size = <64>; d-cache-sets = <64>; d-cache-size = <32768>; @@ -123,7 +123,7 @@ }; }; cpu4: cpu@4 { - compatible = "sifive,bullet0", "riscv"; + compatible = "sifive,u74-mc", "sifive,bullet0", "riscv"; d-cache-block-size = <64>; d-cache-sets = <64>; d-cache-size = <32768>; --- linux-ibm-6.8.0.orig/arch/riscv/boot/dts/sifive/hifive-unleashed-a00-microsemi.dts +++ linux-ibm-6.8.0/arch/riscv/boot/dts/sifive/hifive-unleashed-a00-microsemi.dts @@ -0,0 +1,28 @@ +// SPDX-License-Identifier: (GPL-2.0 OR MIT) + +#include "hifive-unleashed-a00.dts" + +/ { + soc { + pcie: pcie@2030000000 { + #address-cells = <0x3>; + #interrupt-cells = <0x1>; + #size-cells = <0x2>; + compatible = "microsemi,ms-pf-axi-pcie-host"; + device_type = "pci"; + bus-range = <0x01 0x7f>; + interrupt-map = <0 0 0 1 &ms_pcie_intc 0 0 0 0 2 &ms_pcie_intc 1 0 0 0 3 &ms_pcie_intc 2 0 0 0 4 &ms_pcie_intc 3>; + interrupt-map-mask = <0 0 0 7>; + interrupt-parent = <&plic0>; + interrupts = <32>; + ranges = <0x3000000 0x0 0x40000000 0x0 0x40000000 0x0 0x20000000>; + reg = <0x20 0x30000000 0x0 0x4000000 0x20 0x0 0x0 0x100000>; + reg-names = "control", "apb"; + ms_pcie_intc: interrupt-controller { + #address-cells = <0>; + #interrupt-cells = <1>; + interrupt-controller; + }; + }; + }; +}; --- linux-ibm-6.8.0.orig/arch/riscv/mm/init.c +++ linux-ibm-6.8.0/arch/riscv/mm/init.c @@ -824,6 +824,10 @@ disable_pgtable_l4(); } + /* UBUNTU: Force disable sv57 and fallback to sv48 */ + if (pgtable_l5_enabled) + disable_pgtable_l5(); + memset(early_pg_dir, 0, PAGE_SIZE); memset(early_p4d, 0, PAGE_SIZE); memset(early_pud, 0, PAGE_SIZE); --- linux-ibm-6.8.0.orig/arch/s390/include/asm/ipl.h +++ linux-ibm-6.8.0/arch/s390/include/asm/ipl.h @@ -139,6 +139,7 @@ unsigned char flags, unsigned short cert); int ipl_report_add_certificate(struct ipl_report *report, void *key, unsigned long addr, unsigned long len); +bool ipl_get_secureboot(void); /* * DIAG 308 support --- linux-ibm-6.8.0.orig/arch/s390/kernel/ipl.c +++ linux-ibm-6.8.0/arch/s390/kernel/ipl.c @@ -2520,3 +2520,8 @@ } #endif + +bool ipl_get_secureboot(void) +{ + return !!ipl_secure_flag; +} --- linux-ibm-6.8.0.orig/arch/s390/kernel/setup.c +++ linux-ibm-6.8.0/arch/s390/kernel/setup.c @@ -51,6 +51,7 @@ #include #include #include +#include #include #include @@ -891,6 +892,9 @@ log_component_list(); + if (ipl_get_secureboot()) + security_lock_kernel_down("Secure IPL mode", LOCKDOWN_INTEGRITY_MAX); + /* Have one command line that is parsed and saved in /proc/cmdline */ /* boot_command_line has been already set up in early.c */ *cmdline_p = boot_command_line; --- linux-ibm-6.8.0.orig/arch/x86/Kconfig +++ linux-ibm-6.8.0/arch/x86/Kconfig @@ -2614,6 +2614,42 @@ If in doubt, say N. +config MITIGATION_RFDS + bool "RFDS Mitigation" + depends on CPU_SUP_INTEL + default y + help + Enable mitigation for Register File Data Sampling (RFDS) by default. + RFDS is a hardware vulnerability which affects Intel Atom CPUs. It + allows unprivileged speculative access to stale data previously + stored in floating point, vector and integer registers. + See also + +choice + prompt "Clear branch history" + depends on CPU_SUP_INTEL + default SPECTRE_BHI_ON + help + Enable BHI mitigations. BHI attacks are a form of Spectre V2 attacks + where the branch history buffer is poisoned to speculatively steer + indirect branches. + See + +config SPECTRE_BHI_ON + bool "on" + help + Equivalent to setting spectre_bhi=on command line parameter. +config SPECTRE_BHI_OFF + bool "off" + help + Equivalent to setting spectre_bhi=off command line parameter. +config SPECTRE_BHI_AUTO + bool "auto" + help + Equivalent to setting spectre_bhi=auto command line parameter. + +endchoice + endif config ARCH_HAS_ADD_PAGES --- linux-ibm-6.8.0.orig/arch/x86/entry/common.c +++ linux-ibm-6.8.0/arch/x86/entry/common.c @@ -49,7 +49,7 @@ if (likely(unr < NR_syscalls)) { unr = array_index_nospec(unr, NR_syscalls); - regs->ax = sys_call_table[unr](regs); + regs->ax = x64_sys_call(regs, unr); return true; } return false; @@ -66,7 +66,7 @@ if (IS_ENABLED(CONFIG_X86_X32_ABI) && likely(xnr < X32_NR_syscalls)) { xnr = array_index_nospec(xnr, X32_NR_syscalls); - regs->ax = x32_sys_call_table[xnr](regs); + regs->ax = x32_sys_call(regs, xnr); return true; } return false; @@ -162,7 +162,7 @@ if (likely(unr < IA32_NR_syscalls)) { unr = array_index_nospec(unr, IA32_NR_syscalls); - regs->ax = ia32_sys_call_table[unr](regs); + regs->ax = ia32_sys_call(regs, unr); } else if (nr != -1) { regs->ax = __ia32_sys_ni_syscall(regs); } @@ -189,7 +189,7 @@ } /** - * int80_emulation - 32-bit legacy syscall entry + * do_int80_emulation - 32-bit legacy syscall C entry from asm * * This entry point can be used by 32-bit and 64-bit programs to perform * 32-bit system calls. Instances of INT $0x80 can be found inline in @@ -207,7 +207,7 @@ * eax: system call number * ebx, ecx, edx, esi, edi, ebp: arg1 - arg 6 */ -DEFINE_IDTENTRY_RAW(int80_emulation) +__visible noinstr void do_int80_emulation(struct pt_regs *regs) { int nr; --- linux-ibm-6.8.0.orig/arch/x86/entry/entry_64.S +++ linux-ibm-6.8.0/arch/x86/entry/entry_64.S @@ -116,6 +116,7 @@ /* clobbers %rax, make sure it is after saving the syscall nr */ IBRS_ENTER UNTRAIN_RET + CLEAR_BRANCH_HISTORY call do_syscall_64 /* returns with IRQs disabled */ @@ -1494,3 +1495,63 @@ call make_task_dead SYM_CODE_END(rewind_stack_and_make_dead) .popsection + +/* + * This sequence executes branches in order to remove user branch information + * from the branch history tracker in the Branch Predictor, therefore removing + * user influence on subsequent BTB lookups. + * + * It should be used on parts prior to Alder Lake. Newer parts should use the + * BHI_DIS_S hardware control instead. If a pre-Alder Lake part is being + * virtualized on newer hardware the VMM should protect against BHI attacks by + * setting BHI_DIS_S for the guests. + * + * CALLs/RETs are necessary to prevent Loop Stream Detector(LSD) from engaging + * and not clearing the branch history. The call tree looks like: + * + * call 1 + * call 2 + * call 2 + * call 2 + * call 2 + * call 2 + * ret + * ret + * ret + * ret + * ret + * ret + * + * This means that the stack is non-constant and ORC can't unwind it with %rsp + * alone. Therefore we unconditionally set up the frame pointer, which allows + * ORC to unwind properly. + * + * The alignment is for performance and not for safety, and may be safely + * refactored in the future if needed. + */ +SYM_FUNC_START(clear_bhb_loop) + push %rbp + mov %rsp, %rbp + movl $5, %ecx + ANNOTATE_INTRA_FUNCTION_CALL + call 1f + jmp 5f + .align 64, 0xcc + ANNOTATE_INTRA_FUNCTION_CALL +1: call 2f + RET + .align 64, 0xcc +2: movl $5, %eax +3: jmp 4f + nop +4: sub $1, %eax + jnz 3b + sub $1, %ecx + jnz 1b + RET +5: lfence + pop %rbp + RET +SYM_FUNC_END(clear_bhb_loop) +EXPORT_SYMBOL_GPL(clear_bhb_loop) +STACK_FRAME_NON_STANDARD(clear_bhb_loop) --- linux-ibm-6.8.0.orig/arch/x86/entry/entry_64_compat.S +++ linux-ibm-6.8.0/arch/x86/entry/entry_64_compat.S @@ -92,6 +92,7 @@ IBRS_ENTER UNTRAIN_RET + CLEAR_BRANCH_HISTORY /* * SYSENTER doesn't filter flags, so we need to clear NT and AC @@ -206,6 +207,7 @@ IBRS_ENTER UNTRAIN_RET + CLEAR_BRANCH_HISTORY movq %rsp, %rdi call do_fast_syscall_32 @@ -276,3 +278,17 @@ ANNOTATE_NOENDBR int3 SYM_CODE_END(entry_SYSCALL_compat) + +/* + * int 0x80 is used by 32 bit mode as a system call entry. Normally idt entries + * point to C routines, however since this is a system call interface the branch + * history needs to be scrubbed to protect against BHI attacks, and that + * scrubbing needs to take place in assembly code prior to entering any C + * routines. + */ +SYM_CODE_START(int80_emulation) + ANNOTATE_NOENDBR + UNWIND_HINT_FUNC + CLEAR_BRANCH_HISTORY + jmp do_int80_emulation +SYM_CODE_END(int80_emulation) --- linux-ibm-6.8.0.orig/arch/x86/entry/syscall_32.c +++ linux-ibm-6.8.0/arch/x86/entry/syscall_32.c @@ -18,8 +18,25 @@ #include #undef __SYSCALL +/* + * The sys_call_table[] is no longer used for system calls, but + * kernel/trace/trace_syscalls.c still wants to know the system + * call address. + */ +#ifdef CONFIG_X86_32 #define __SYSCALL(nr, sym) __ia32_##sym, - -__visible const sys_call_ptr_t ia32_sys_call_table[] = { +const sys_call_ptr_t sys_call_table[] = { #include }; +#undef __SYSCALL +#endif + +#define __SYSCALL(nr, sym) case nr: return __ia32_##sym(regs); + +long ia32_sys_call(const struct pt_regs *regs, unsigned int nr) +{ + switch (nr) { + #include + default: return __ia32_sys_ni_syscall(regs); + } +}; --- linux-ibm-6.8.0.orig/arch/x86/entry/syscall_64.c +++ linux-ibm-6.8.0/arch/x86/entry/syscall_64.c @@ -11,8 +11,23 @@ #include #undef __SYSCALL +/* + * The sys_call_table[] is no longer used for system calls, but + * kernel/trace/trace_syscalls.c still wants to know the system + * call address. + */ #define __SYSCALL(nr, sym) __x64_##sym, - -asmlinkage const sys_call_ptr_t sys_call_table[] = { +const sys_call_ptr_t sys_call_table[] = { #include }; +#undef __SYSCALL + +#define __SYSCALL(nr, sym) case nr: return __x64_##sym(regs); + +long x64_sys_call(const struct pt_regs *regs, unsigned int nr) +{ + switch (nr) { + #include + default: return __x64_sys_ni_syscall(regs); + } +}; --- linux-ibm-6.8.0.orig/arch/x86/entry/syscall_x32.c +++ linux-ibm-6.8.0/arch/x86/entry/syscall_x32.c @@ -11,8 +11,12 @@ #include #undef __SYSCALL -#define __SYSCALL(nr, sym) __x64_##sym, +#define __SYSCALL(nr, sym) case nr: return __x64_##sym(regs); -asmlinkage const sys_call_ptr_t x32_sys_call_table[] = { -#include +long x32_sys_call(const struct pt_regs *regs, unsigned int nr) +{ + switch (nr) { + #include + default: return __x64_sys_ni_syscall(regs); + } }; --- linux-ibm-6.8.0.orig/arch/x86/include/asm/cpufeature.h +++ linux-ibm-6.8.0/arch/x86/include/asm/cpufeature.h @@ -91,8 +91,9 @@ CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 18, feature_bit) || \ CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 19, feature_bit) || \ CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 20, feature_bit) || \ + CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 21, feature_bit) || \ REQUIRED_MASK_CHECK || \ - BUILD_BUG_ON_ZERO(NCAPINTS != 21)) + BUILD_BUG_ON_ZERO(NCAPINTS != 22)) #define DISABLED_MASK_BIT_SET(feature_bit) \ ( CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 0, feature_bit) || \ @@ -116,8 +117,9 @@ CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 18, feature_bit) || \ CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 19, feature_bit) || \ CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 20, feature_bit) || \ + CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 21, feature_bit) || \ DISABLED_MASK_CHECK || \ - BUILD_BUG_ON_ZERO(NCAPINTS != 21)) + BUILD_BUG_ON_ZERO(NCAPINTS != 22)) #define cpu_has(c, bit) \ (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ --- linux-ibm-6.8.0.orig/arch/x86/include/asm/cpufeatures.h +++ linux-ibm-6.8.0/arch/x86/include/asm/cpufeatures.h @@ -13,7 +13,7 @@ /* * Defines x86 CPU feature bits */ -#define NCAPINTS 21 /* N 32-bit words worth of info */ +#define NCAPINTS 22 /* N 32-bit words worth of info */ #define NBUGINTS 2 /* N 32-bit bug flags */ /* @@ -457,6 +457,17 @@ #define X86_FEATURE_SRSO_NO (20*32+29) /* "" CPU is not affected by SRSO */ /* + * Extended auxiliary flags: Linux defined - for features scattered in various + * CPUID levels like 0x80000022, etc and Linux defined features. + * + * Reuse free bits when adding new feature flags! + */ +#define X86_FEATURE_CLEAR_BHB_LOOP (21*32+ 1) /* "" Clear branch history at syscall entry using SW loop */ +#define X86_FEATURE_BHI_CTRL (21*32+ 2) /* "" BHI_DIS_S HW control available */ +#define X86_FEATURE_CLEAR_BHB_HW (21*32+ 3) /* "" BHI_DIS_S HW control enabled */ +#define X86_FEATURE_CLEAR_BHB_LOOP_ON_VMEXIT (21*32+ 4) /* "" Clear branch history at vmexit using SW loop */ + +/* * BUG word(s) */ #define X86_BUG(x) (NCAPINTS*32 + (x)) @@ -503,4 +514,6 @@ /* BUG word 2 */ #define X86_BUG_SRSO X86_BUG(1*32 + 0) /* AMD SRSO bug */ #define X86_BUG_DIV0 X86_BUG(1*32 + 1) /* AMD DIV0 speculation bug */ +#define X86_BUG_RFDS X86_BUG(1*32 + 2) /* CPU is vulnerable to Register File Data Sampling */ +#define X86_BUG_BHI X86_BUG(1*32 + 3) /* CPU is affected by Branch History Injection */ #endif /* _ASM_X86_CPUFEATURES_H */ --- linux-ibm-6.8.0.orig/arch/x86/include/asm/disabled-features.h +++ linux-ibm-6.8.0/arch/x86/include/asm/disabled-features.h @@ -143,6 +143,7 @@ #define DISABLED_MASK18 (DISABLE_IBT) #define DISABLED_MASK19 0 #define DISABLED_MASK20 0 -#define DISABLED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 21) +#define DISABLED_MASK21 0 +#define DISABLED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 22) #endif /* _ASM_X86_DISABLED_FEATURES_H */ --- linux-ibm-6.8.0.orig/arch/x86/include/asm/msr-index.h +++ linux-ibm-6.8.0/arch/x86/include/asm/msr-index.h @@ -50,10 +50,13 @@ #define SPEC_CTRL_SSBD BIT(SPEC_CTRL_SSBD_SHIFT) /* Speculative Store Bypass Disable */ #define SPEC_CTRL_RRSBA_DIS_S_SHIFT 6 /* Disable RRSBA behavior */ #define SPEC_CTRL_RRSBA_DIS_S BIT(SPEC_CTRL_RRSBA_DIS_S_SHIFT) +#define SPEC_CTRL_BHI_DIS_S_SHIFT 10 /* Disable Branch History Injection behavior */ +#define SPEC_CTRL_BHI_DIS_S BIT(SPEC_CTRL_BHI_DIS_S_SHIFT) /* A mask for bits which the kernel toggles when controlling mitigations */ #define SPEC_CTRL_MITIGATIONS_MASK (SPEC_CTRL_IBRS | SPEC_CTRL_STIBP | SPEC_CTRL_SSBD \ - | SPEC_CTRL_RRSBA_DIS_S) + | SPEC_CTRL_RRSBA_DIS_S \ + | SPEC_CTRL_BHI_DIS_S) #define MSR_IA32_PRED_CMD 0x00000049 /* Prediction Command */ #define PRED_CMD_IBPB BIT(0) /* Indirect Branch Prediction Barrier */ @@ -152,6 +155,10 @@ * are restricted to targets in * kernel. */ +#define ARCH_CAP_BHI_NO BIT(20) /* + * CPU is not affected by Branch + * History Injection. + */ #define ARCH_CAP_PBRSB_NO BIT(24) /* * Not susceptible to Post-Barrier * Return Stack Buffer Predictions. @@ -165,6 +172,14 @@ * CPU is not vulnerable to Gather * Data Sampling (GDS). */ +#define ARCH_CAP_RFDS_NO BIT(27) /* + * Not susceptible to Register + * File Data Sampling. + */ +#define ARCH_CAP_RFDS_CLEAR BIT(28) /* + * VERW clears CPU Register + * File. + */ #define ARCH_CAP_XAPIC_DISABLE BIT(21) /* * IA32_XAPIC_DISABLE_STATUS MSR --- linux-ibm-6.8.0.orig/arch/x86/include/asm/nospec-branch.h +++ linux-ibm-6.8.0/arch/x86/include/asm/nospec-branch.h @@ -326,6 +326,19 @@ ALTERNATIVE "", __stringify(verw _ASM_RIP(mds_verw_sel)), X86_FEATURE_CLEAR_CPU_BUF .endm +#ifdef CONFIG_X86_64 +.macro CLEAR_BRANCH_HISTORY + ALTERNATIVE "", "call clear_bhb_loop", X86_FEATURE_CLEAR_BHB_LOOP +.endm + +.macro CLEAR_BRANCH_HISTORY_VMEXIT + ALTERNATIVE "", "call clear_bhb_loop", X86_FEATURE_CLEAR_BHB_LOOP_ON_VMEXIT +.endm +#else +#define CLEAR_BRANCH_HISTORY +#define CLEAR_BRANCH_HISTORY_VMEXIT +#endif + #else /* __ASSEMBLY__ */ #define ANNOTATE_RETPOLINE_SAFE \ @@ -366,6 +379,10 @@ extern void entry_untrain_ret(void); extern void entry_ibpb(void); +#ifdef CONFIG_X86_64 +extern void clear_bhb_loop(void); +#endif + extern void (*x86_return_thunk)(void); #ifdef CONFIG_CALL_DEPTH_TRACKING --- linux-ibm-6.8.0.orig/arch/x86/include/asm/pci-direct.h +++ linux-ibm-6.8.0/arch/x86/include/asm/pci-direct.h @@ -10,9 +10,11 @@ extern u32 read_pci_config(u8 bus, u8 slot, u8 func, u8 offset); extern u8 read_pci_config_byte(u8 bus, u8 slot, u8 func, u8 offset); extern u16 read_pci_config_16(u8 bus, u8 slot, u8 func, u8 offset); +extern u32 pci_early_find_cap(int bus, int slot, int func, int cap); extern void write_pci_config(u8 bus, u8 slot, u8 func, u8 offset, u32 val); extern void write_pci_config_byte(u8 bus, u8 slot, u8 func, u8 offset, u8 val); extern void write_pci_config_16(u8 bus, u8 slot, u8 func, u8 offset, u16 val); +extern unsigned int pci_early_clear_msi; extern int early_pci_allowed(void); #endif /* _ASM_X86_PCI_DIRECT_H */ --- linux-ibm-6.8.0.orig/arch/x86/include/asm/required-features.h +++ linux-ibm-6.8.0/arch/x86/include/asm/required-features.h @@ -99,6 +99,7 @@ #define REQUIRED_MASK18 0 #define REQUIRED_MASK19 0 #define REQUIRED_MASK20 0 -#define REQUIRED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 21) +#define REQUIRED_MASK21 0 +#define REQUIRED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 22) #endif /* _ASM_X86_REQUIRED_FEATURES_H */ --- linux-ibm-6.8.0.orig/arch/x86/include/asm/syscall.h +++ linux-ibm-6.8.0/arch/x86/include/asm/syscall.h @@ -16,19 +16,17 @@ #include /* for TS_COMPAT */ #include +/* This is used purely for kernel/trace/trace_syscalls.c */ typedef long (*sys_call_ptr_t)(const struct pt_regs *); extern const sys_call_ptr_t sys_call_table[]; -#if defined(CONFIG_X86_32) -#define ia32_sys_call_table sys_call_table -#else /* * These may not exist, but still put the prototypes in so we * can use IS_ENABLED(). */ -extern const sys_call_ptr_t ia32_sys_call_table[]; -extern const sys_call_ptr_t x32_sys_call_table[]; -#endif +extern long ia32_sys_call(const struct pt_regs *, unsigned int nr); +extern long x32_sys_call(const struct pt_regs *, unsigned int nr); +extern long x64_sys_call(const struct pt_regs *, unsigned int nr); /* * Only the low 32 bits of orig_ax are meaningful, so we return int. @@ -127,6 +125,7 @@ } bool do_syscall_64(struct pt_regs *regs, int nr); +void do_int80_emulation(struct pt_regs *regs); #endif /* CONFIG_X86_32 */ --- linux-ibm-6.8.0.orig/arch/x86/kernel/aperture_64.c +++ linux-ibm-6.8.0/arch/x86/kernel/aperture_64.c @@ -136,32 +136,6 @@ } -/* Find a PCI capability */ -static u32 __init find_cap(int bus, int slot, int func, int cap) -{ - int bytes; - u8 pos; - - if (!(read_pci_config_16(bus, slot, func, PCI_STATUS) & - PCI_STATUS_CAP_LIST)) - return 0; - - pos = read_pci_config_byte(bus, slot, func, PCI_CAPABILITY_LIST); - for (bytes = 0; bytes < 48 && pos >= 0x40; bytes++) { - u8 id; - - pos &= ~3; - id = read_pci_config_byte(bus, slot, func, pos+PCI_CAP_LIST_ID); - if (id == 0xff) - break; - if (id == cap) - return pos; - pos = read_pci_config_byte(bus, slot, func, - pos+PCI_CAP_LIST_NEXT); - } - return 0; -} - /* Read a standard AGPv3 bridge header */ static u32 __init read_agp(int bus, int slot, int func, int cap, u32 *order) { @@ -250,8 +224,8 @@ case PCI_CLASS_BRIDGE_HOST: case PCI_CLASS_BRIDGE_OTHER: /* needed? */ /* AGP bridge? */ - cap = find_cap(bus, slot, func, - PCI_CAP_ID_AGP); + cap = pci_early_find_cap(bus, slot, + func, PCI_CAP_ID_AGP); if (!cap) break; *valid_agp = 1; --- linux-ibm-6.8.0.orig/arch/x86/kernel/cpu/bugs.c +++ linux-ibm-6.8.0/arch/x86/kernel/cpu/bugs.c @@ -422,6 +422,13 @@ if (boot_cpu_has_bug(X86_BUG_MDS) || (boot_cpu_has_bug(X86_BUG_TAA) && boot_cpu_has(X86_FEATURE_RTM))) setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF); + + /* + * X86_FEATURE_CLEAR_CPU_BUF could be enabled by other VERW based + * mitigations, disable KVM-only mitigation in that case. + */ + if (boot_cpu_has(X86_FEATURE_CLEAR_CPU_BUF)) + static_branch_disable(&mmio_stale_data_clear); else static_branch_enable(&mmio_stale_data_clear); @@ -474,6 +481,57 @@ early_param("mmio_stale_data", mmio_stale_data_parse_cmdline); #undef pr_fmt +#define pr_fmt(fmt) "Register File Data Sampling: " fmt + +enum rfds_mitigations { + RFDS_MITIGATION_OFF, + RFDS_MITIGATION_VERW, + RFDS_MITIGATION_UCODE_NEEDED, +}; + +/* Default mitigation for Register File Data Sampling */ +static enum rfds_mitigations rfds_mitigation __ro_after_init = + IS_ENABLED(CONFIG_MITIGATION_RFDS) ? RFDS_MITIGATION_VERW : RFDS_MITIGATION_OFF; + +static const char * const rfds_strings[] = { + [RFDS_MITIGATION_OFF] = "Vulnerable", + [RFDS_MITIGATION_VERW] = "Mitigation: Clear Register File", + [RFDS_MITIGATION_UCODE_NEEDED] = "Vulnerable: No microcode", +}; + +static void __init rfds_select_mitigation(void) +{ + if (!boot_cpu_has_bug(X86_BUG_RFDS) || cpu_mitigations_off()) { + rfds_mitigation = RFDS_MITIGATION_OFF; + return; + } + if (rfds_mitigation == RFDS_MITIGATION_OFF) + return; + + if (x86_read_arch_cap_msr() & ARCH_CAP_RFDS_CLEAR) + setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF); + else + rfds_mitigation = RFDS_MITIGATION_UCODE_NEEDED; +} + +static __init int rfds_parse_cmdline(char *str) +{ + if (!str) + return -EINVAL; + + if (!boot_cpu_has_bug(X86_BUG_RFDS)) + return 0; + + if (!strcmp(str, "off")) + rfds_mitigation = RFDS_MITIGATION_OFF; + else if (!strcmp(str, "on")) + rfds_mitigation = RFDS_MITIGATION_VERW; + + return 0; +} +early_param("reg_file_data_sampling", rfds_parse_cmdline); + +#undef pr_fmt #define pr_fmt(fmt) "" fmt static void __init md_clear_update_mitigation(void) @@ -498,11 +556,19 @@ taa_mitigation = TAA_MITIGATION_VERW; taa_select_mitigation(); } - if (mmio_mitigation == MMIO_MITIGATION_OFF && - boot_cpu_has_bug(X86_BUG_MMIO_STALE_DATA)) { + /* + * MMIO_MITIGATION_OFF is not checked here so that mmio_stale_data_clear + * gets updated correctly as per X86_FEATURE_CLEAR_CPU_BUF state. + */ + if (boot_cpu_has_bug(X86_BUG_MMIO_STALE_DATA)) { mmio_mitigation = MMIO_MITIGATION_VERW; mmio_select_mitigation(); } + if (rfds_mitigation == RFDS_MITIGATION_OFF && + boot_cpu_has_bug(X86_BUG_RFDS)) { + rfds_mitigation = RFDS_MITIGATION_VERW; + rfds_select_mitigation(); + } out: if (boot_cpu_has_bug(X86_BUG_MDS)) pr_info("MDS: %s\n", mds_strings[mds_mitigation]); @@ -512,6 +578,8 @@ pr_info("MMIO Stale Data: %s\n", mmio_strings[mmio_mitigation]); else if (boot_cpu_has_bug(X86_BUG_MMIO_UNKNOWN)) pr_info("MMIO Stale Data: Unknown: No mitigations\n"); + if (boot_cpu_has_bug(X86_BUG_RFDS)) + pr_info("Register File Data Sampling: %s\n", rfds_strings[rfds_mitigation]); } static void __init md_clear_select_mitigation(void) @@ -519,11 +587,12 @@ mds_select_mitigation(); taa_select_mitigation(); mmio_select_mitigation(); + rfds_select_mitigation(); /* - * As MDS, TAA and MMIO Stale Data mitigations are inter-related, update - * and print their mitigation after MDS, TAA and MMIO Stale Data - * mitigation selection is done. + * As these mitigations are inter-related and rely on VERW instruction + * to clear the microarchitural buffers, update and print their status + * after mitigation selection is done for each of these vulnerabilities. */ md_clear_update_mitigation(); } @@ -1537,6 +1606,79 @@ dump_stack(); } +/* + * Set BHI_DIS_S to prevent indirect branches in kernel to be influenced by + * branch history in userspace. Not needed if BHI_NO is set. + */ +static bool __init spec_ctrl_bhi_dis(void) +{ + if (!boot_cpu_has(X86_FEATURE_BHI_CTRL)) + return false; + + x86_spec_ctrl_base |= SPEC_CTRL_BHI_DIS_S; + update_spec_ctrl(x86_spec_ctrl_base); + setup_force_cpu_cap(X86_FEATURE_CLEAR_BHB_HW); + + return true; +} + +enum bhi_mitigations { + BHI_MITIGATION_OFF, + BHI_MITIGATION_ON, + BHI_MITIGATION_AUTO, +}; + +static enum bhi_mitigations bhi_mitigation __ro_after_init = + IS_ENABLED(CONFIG_SPECTRE_BHI_ON) ? BHI_MITIGATION_ON : + IS_ENABLED(CONFIG_SPECTRE_BHI_OFF) ? BHI_MITIGATION_OFF : + BHI_MITIGATION_AUTO; + +static int __init spectre_bhi_parse_cmdline(char *str) +{ + if (!str) + return -EINVAL; + + if (!strcmp(str, "off")) + bhi_mitigation = BHI_MITIGATION_OFF; + else if (!strcmp(str, "on")) + bhi_mitigation = BHI_MITIGATION_ON; + else if (!strcmp(str, "auto")) + bhi_mitigation = BHI_MITIGATION_AUTO; + else + pr_err("Ignoring unknown spectre_bhi option (%s)", str); + + return 0; +} +early_param("spectre_bhi", spectre_bhi_parse_cmdline); + +static void __init bhi_select_mitigation(void) +{ + if (bhi_mitigation == BHI_MITIGATION_OFF) + return; + + /* Retpoline mitigates against BHI unless the CPU has RRSBA behavior */ + if (cpu_feature_enabled(X86_FEATURE_RETPOLINE) && + !(x86_read_arch_cap_msr() & ARCH_CAP_RRSBA)) + return; + + if (spec_ctrl_bhi_dis()) + return; + + if (!IS_ENABLED(CONFIG_X86_64)) + return; + + /* Mitigate KVM by default */ + setup_force_cpu_cap(X86_FEATURE_CLEAR_BHB_LOOP_ON_VMEXIT); + pr_info("Spectre BHI mitigation: SW BHB clearing on vm exit\n"); + + if (bhi_mitigation == BHI_MITIGATION_AUTO) + return; + + /* Mitigate syscalls when the mitigation is forced =on */ + setup_force_cpu_cap(X86_FEATURE_CLEAR_BHB_LOOP); + pr_info("Spectre BHI mitigation: SW BHB clearing on syscall\n"); +} + static void __init spectre_v2_select_mitigation(void) { enum spectre_v2_mitigation_cmd cmd = spectre_v2_parse_cmdline(); @@ -1648,6 +1790,9 @@ mode == SPECTRE_V2_RETPOLINE) spec_ctrl_disable_kernel_rrsba(); + if (boot_cpu_has(X86_BUG_BHI)) + bhi_select_mitigation(); + spectre_v2_enabled = mode; pr_info("%s\n", spectre_v2_strings[mode]); @@ -2612,6 +2757,11 @@ sched_smt_active() ? "vulnerable" : "disabled"); } +static ssize_t rfds_show_state(char *buf) +{ + return sysfs_emit(buf, "%s\n", rfds_strings[rfds_mitigation]); +} + static char *stibp_state(void) { if (spectre_v2_in_eibrs_mode(spectre_v2_enabled) && @@ -2620,15 +2770,15 @@ switch (spectre_v2_user_stibp) { case SPECTRE_V2_USER_NONE: - return ", STIBP: disabled"; + return "; STIBP: disabled"; case SPECTRE_V2_USER_STRICT: - return ", STIBP: forced"; + return "; STIBP: forced"; case SPECTRE_V2_USER_STRICT_PREFERRED: - return ", STIBP: always-on"; + return "; STIBP: always-on"; case SPECTRE_V2_USER_PRCTL: case SPECTRE_V2_USER_SECCOMP: if (static_key_enabled(&switch_to_cond_stibp)) - return ", STIBP: conditional"; + return "; STIBP: conditional"; } return ""; } @@ -2637,10 +2787,10 @@ { if (boot_cpu_has(X86_FEATURE_IBPB)) { if (static_key_enabled(&switch_mm_always_ibpb)) - return ", IBPB: always-on"; + return "; IBPB: always-on"; if (static_key_enabled(&switch_mm_cond_ibpb)) - return ", IBPB: conditional"; - return ", IBPB: disabled"; + return "; IBPB: conditional"; + return "; IBPB: disabled"; } return ""; } @@ -2650,14 +2800,31 @@ if (boot_cpu_has_bug(X86_BUG_EIBRS_PBRSB)) { if (boot_cpu_has(X86_FEATURE_RSB_VMEXIT_LITE) || boot_cpu_has(X86_FEATURE_RSB_VMEXIT)) - return ", PBRSB-eIBRS: SW sequence"; + return "; PBRSB-eIBRS: SW sequence"; else - return ", PBRSB-eIBRS: Vulnerable"; + return "; PBRSB-eIBRS: Vulnerable"; } else { - return ", PBRSB-eIBRS: Not affected"; + return "; PBRSB-eIBRS: Not affected"; } } +static const char * const spectre_bhi_state(void) +{ + if (!boot_cpu_has_bug(X86_BUG_BHI)) + return "; BHI: Not affected"; + else if (boot_cpu_has(X86_FEATURE_CLEAR_BHB_HW)) + return "; BHI: BHI_DIS_S"; + else if (boot_cpu_has(X86_FEATURE_CLEAR_BHB_LOOP)) + return "; BHI: SW loop, KVM: SW loop"; + else if (boot_cpu_has(X86_FEATURE_RETPOLINE) && + !(x86_read_arch_cap_msr() & ARCH_CAP_RRSBA)) + return "; BHI: Retpoline"; + else if (boot_cpu_has(X86_FEATURE_CLEAR_BHB_LOOP_ON_VMEXIT)) + return "; BHI: Syscall hardening, KVM: SW loop"; + + return "; BHI: Vulnerable (Syscall hardening enabled)"; +} + static ssize_t spectre_v2_show_state(char *buf) { if (spectre_v2_enabled == SPECTRE_V2_LFENCE) @@ -2670,13 +2837,15 @@ spectre_v2_enabled == SPECTRE_V2_EIBRS_LFENCE) return sysfs_emit(buf, "Vulnerable: eIBRS+LFENCE with unprivileged eBPF and SMT\n"); - return sysfs_emit(buf, "%s%s%s%s%s%s%s\n", + return sysfs_emit(buf, "%s%s%s%s%s%s%s%s\n", spectre_v2_strings[spectre_v2_enabled], ibpb_state(), - boot_cpu_has(X86_FEATURE_USE_IBRS_FW) ? ", IBRS_FW" : "", + boot_cpu_has(X86_FEATURE_USE_IBRS_FW) ? "; IBRS_FW" : "", stibp_state(), - boot_cpu_has(X86_FEATURE_RSB_CTXSW) ? ", RSB filling" : "", + boot_cpu_has(X86_FEATURE_RSB_CTXSW) ? "; RSB filling" : "", pbrsb_eibrs_state(), + spectre_bhi_state(), + /* this should always be at the end */ spectre_v2_module_string()); } @@ -2771,6 +2940,9 @@ case X86_BUG_GDS: return gds_show_state(buf); + case X86_BUG_RFDS: + return rfds_show_state(buf); + default: break; } @@ -2845,4 +3017,9 @@ { return cpu_show_common(dev, attr, buf, X86_BUG_GDS); } + +ssize_t cpu_show_reg_file_data_sampling(struct device *dev, struct device_attribute *attr, char *buf) +{ + return cpu_show_common(dev, attr, buf, X86_BUG_RFDS); +} #endif --- linux-ibm-6.8.0.orig/arch/x86/kernel/cpu/cacheinfo.c +++ linux-ibm-6.8.0/arch/x86/kernel/cpu/cacheinfo.c @@ -178,7 +178,16 @@ struct amd_northbridge *nb; }; -static unsigned short num_cache_leaves; +static inline unsigned int get_num_cache_leaves(unsigned int cpu) +{ + return get_cpu_cacheinfo(cpu)->num_leaves; +} + +static inline void +set_num_cache_leaves(unsigned int nr_leaves, unsigned int cpu) +{ + get_cpu_cacheinfo(cpu)->num_leaves = nr_leaves; +} /* AMD doesn't have CPUID4. Emulate it here to report the same information to the user. This makes some assumptions about the machine: @@ -718,19 +727,21 @@ void init_amd_cacheinfo(struct cpuinfo_x86 *c) { + unsigned int cpu = c->cpu_index; + if (boot_cpu_has(X86_FEATURE_TOPOEXT)) { - num_cache_leaves = find_num_cache_leaves(c); + set_num_cache_leaves(find_num_cache_leaves(c), cpu); } else if (c->extended_cpuid_level >= 0x80000006) { if (cpuid_edx(0x80000006) & 0xf000) - num_cache_leaves = 4; + set_num_cache_leaves(4, cpu); else - num_cache_leaves = 3; + set_num_cache_leaves(3, cpu); } } void init_hygon_cacheinfo(struct cpuinfo_x86 *c) { - num_cache_leaves = find_num_cache_leaves(c); + set_num_cache_leaves(find_num_cache_leaves(c), c->cpu_index); } void init_intel_cacheinfo(struct cpuinfo_x86 *c) @@ -742,19 +753,19 @@ unsigned int l2_id = 0, l3_id = 0, num_threads_sharing, index_msb; if (c->cpuid_level > 3) { - static int is_initialized; - - if (is_initialized == 0) { - /* Init num_cache_leaves from boot CPU */ - num_cache_leaves = find_num_cache_leaves(c); - is_initialized++; - } + /* + * There should be at least one leaf. A non-zero value means + * that the number of leaves has been initialized. + */ + if (!get_num_cache_leaves(c->cpu_index)) + set_num_cache_leaves(find_num_cache_leaves(c), + c->cpu_index); /* * Whenever possible use cpuid(4), deterministic cache * parameters cpuid leaf to find the cache details */ - for (i = 0; i < num_cache_leaves; i++) { + for (i = 0; i < get_num_cache_leaves(c->cpu_index); i++) { struct _cpuid4_info_regs this_leaf = {}; int retval; @@ -790,14 +801,14 @@ * Don't use cpuid2 if cpuid4 is supported. For P4, we use cpuid2 for * trace cache */ - if ((num_cache_leaves == 0 || c->x86 == 15) && c->cpuid_level > 1) { + if ((!get_num_cache_leaves(c->cpu_index) || c->x86 == 15) && c->cpuid_level > 1) { /* supports eax=2 call */ int j, n; unsigned int regs[4]; unsigned char *dp = (unsigned char *)regs; int only_trace = 0; - if (num_cache_leaves != 0 && c->x86 == 15) + if (get_num_cache_leaves(c->cpu_index) && c->x86 == 15) only_trace = 1; /* Number of times to iterate */ @@ -991,14 +1002,6 @@ int init_cache_level(unsigned int cpu) { - struct cpu_cacheinfo *this_cpu_ci = get_cpu_cacheinfo(cpu); - - if (!num_cache_leaves) - return -ENOENT; - if (!this_cpu_ci) - return -EINVAL; - this_cpu_ci->num_levels = 3; - this_cpu_ci->num_leaves = num_cache_leaves; return 0; } --- linux-ibm-6.8.0.orig/arch/x86/kernel/cpu/common.c +++ linux-ibm-6.8.0/arch/x86/kernel/cpu/common.c @@ -1163,6 +1163,7 @@ #define NO_SPECTRE_V2 BIT(8) #define NO_MMIO BIT(9) #define NO_EIBRS_PBRSB BIT(10) +#define NO_BHI BIT(11) #define VULNWL(vendor, family, model, whitelist) \ X86_MATCH_VENDOR_FAM_MODEL(vendor, family, model, whitelist) @@ -1225,18 +1226,18 @@ VULNWL_INTEL(ATOM_TREMONT_D, NO_ITLB_MULTIHIT | NO_EIBRS_PBRSB), /* AMD Family 0xf - 0x12 */ - VULNWL_AMD(0x0f, NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO), - VULNWL_AMD(0x10, NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO), - VULNWL_AMD(0x11, NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO), - VULNWL_AMD(0x12, NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO), + VULNWL_AMD(0x0f, NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO | NO_BHI), + VULNWL_AMD(0x10, NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO | NO_BHI), + VULNWL_AMD(0x11, NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO | NO_BHI), + VULNWL_AMD(0x12, NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO | NO_BHI), /* FAMILY_ANY must be last, otherwise 0x0f - 0x12 matches won't work */ - VULNWL_AMD(X86_FAMILY_ANY, NO_MELTDOWN | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO | NO_EIBRS_PBRSB), - VULNWL_HYGON(X86_FAMILY_ANY, NO_MELTDOWN | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO | NO_EIBRS_PBRSB), + VULNWL_AMD(X86_FAMILY_ANY, NO_MELTDOWN | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO | NO_EIBRS_PBRSB | NO_BHI), + VULNWL_HYGON(X86_FAMILY_ANY, NO_MELTDOWN | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO | NO_EIBRS_PBRSB | NO_BHI), /* Zhaoxin Family 7 */ - VULNWL(CENTAUR, 7, X86_MODEL_ANY, NO_SPECTRE_V2 | NO_SWAPGS | NO_MMIO), - VULNWL(ZHAOXIN, 7, X86_MODEL_ANY, NO_SPECTRE_V2 | NO_SWAPGS | NO_MMIO), + VULNWL(CENTAUR, 7, X86_MODEL_ANY, NO_SPECTRE_V2 | NO_SWAPGS | NO_MMIO | NO_BHI), + VULNWL(ZHAOXIN, 7, X86_MODEL_ANY, NO_SPECTRE_V2 | NO_SWAPGS | NO_MMIO | NO_BHI), {} }; @@ -1267,6 +1268,8 @@ #define SRSO BIT(5) /* CPU is affected by GDS */ #define GDS BIT(6) +/* CPU is affected by Register File Data Sampling */ +#define RFDS BIT(7) static const struct x86_cpu_id cpu_vuln_blacklist[] __initconst = { VULNBL_INTEL_STEPPINGS(IVYBRIDGE, X86_STEPPING_ANY, SRBDS), @@ -1294,9 +1297,18 @@ VULNBL_INTEL_STEPPINGS(TIGERLAKE, X86_STEPPING_ANY, GDS), VULNBL_INTEL_STEPPINGS(LAKEFIELD, X86_STEPPING_ANY, MMIO | MMIO_SBDS | RETBLEED), VULNBL_INTEL_STEPPINGS(ROCKETLAKE, X86_STEPPING_ANY, MMIO | RETBLEED | GDS), - VULNBL_INTEL_STEPPINGS(ATOM_TREMONT, X86_STEPPING_ANY, MMIO | MMIO_SBDS), - VULNBL_INTEL_STEPPINGS(ATOM_TREMONT_D, X86_STEPPING_ANY, MMIO), - VULNBL_INTEL_STEPPINGS(ATOM_TREMONT_L, X86_STEPPING_ANY, MMIO | MMIO_SBDS), + VULNBL_INTEL_STEPPINGS(ALDERLAKE, X86_STEPPING_ANY, RFDS), + VULNBL_INTEL_STEPPINGS(ALDERLAKE_L, X86_STEPPING_ANY, RFDS), + VULNBL_INTEL_STEPPINGS(RAPTORLAKE, X86_STEPPING_ANY, RFDS), + VULNBL_INTEL_STEPPINGS(RAPTORLAKE_P, X86_STEPPING_ANY, RFDS), + VULNBL_INTEL_STEPPINGS(RAPTORLAKE_S, X86_STEPPING_ANY, RFDS), + VULNBL_INTEL_STEPPINGS(ATOM_GRACEMONT, X86_STEPPING_ANY, RFDS), + VULNBL_INTEL_STEPPINGS(ATOM_TREMONT, X86_STEPPING_ANY, MMIO | MMIO_SBDS | RFDS), + VULNBL_INTEL_STEPPINGS(ATOM_TREMONT_D, X86_STEPPING_ANY, MMIO | RFDS), + VULNBL_INTEL_STEPPINGS(ATOM_TREMONT_L, X86_STEPPING_ANY, MMIO | MMIO_SBDS | RFDS), + VULNBL_INTEL_STEPPINGS(ATOM_GOLDMONT, X86_STEPPING_ANY, RFDS), + VULNBL_INTEL_STEPPINGS(ATOM_GOLDMONT_D, X86_STEPPING_ANY, RFDS), + VULNBL_INTEL_STEPPINGS(ATOM_GOLDMONT_PLUS, X86_STEPPING_ANY, RFDS), VULNBL_AMD(0x15, RETBLEED), VULNBL_AMD(0x16, RETBLEED), @@ -1330,6 +1342,24 @@ ia32_cap & ARCH_CAP_SBDR_SSDP_NO); } +static bool __init vulnerable_to_rfds(u64 ia32_cap) +{ + /* The "immunity" bit trumps everything else: */ + if (ia32_cap & ARCH_CAP_RFDS_NO) + return false; + + /* + * VMMs set ARCH_CAP_RFDS_CLEAR for processors not in the blacklist to + * indicate that mitigation is needed because guest is running on a + * vulnerable hardware or may migrate to such hardware: + */ + if (ia32_cap & ARCH_CAP_RFDS_CLEAR) + return true; + + /* Only consult the blacklist when there is no enumeration: */ + return cpu_matches(cpu_vuln_blacklist, RFDS); +} + static void __init cpu_set_bug_bits(struct cpuinfo_x86 *c) { u64 ia32_cap = x86_read_arch_cap_msr(); @@ -1441,6 +1471,16 @@ boot_cpu_has(X86_FEATURE_AVX)) setup_force_cpu_bug(X86_BUG_GDS); + if (vulnerable_to_rfds(ia32_cap)) + setup_force_cpu_bug(X86_BUG_RFDS); + + /* When virtualized, eIBRS could be hidden, assume vulnerable */ + if (!(ia32_cap & ARCH_CAP_BHI_NO) && + !cpu_matches(cpu_vuln_whitelist, NO_BHI) && + (boot_cpu_has(X86_FEATURE_IBRS_ENHANCED) || + boot_cpu_has(X86_FEATURE_HYPERVISOR))) + setup_force_cpu_bug(X86_BUG_BHI); + if (cpu_matches(cpu_vuln_whitelist, NO_MELTDOWN)) return; --- linux-ibm-6.8.0.orig/arch/x86/kernel/cpu/scattered.c +++ linux-ibm-6.8.0/arch/x86/kernel/cpu/scattered.c @@ -28,6 +28,7 @@ { X86_FEATURE_EPB, CPUID_ECX, 3, 0x00000006, 0 }, { X86_FEATURE_INTEL_PPIN, CPUID_EBX, 0, 0x00000007, 1 }, { X86_FEATURE_RRSBA_CTRL, CPUID_EDX, 2, 0x00000007, 2 }, + { X86_FEATURE_BHI_CTRL, CPUID_EDX, 4, 0x00000007, 2 }, { X86_FEATURE_CQM_LLC, CPUID_EDX, 1, 0x0000000f, 0 }, { X86_FEATURE_CQM_OCCUP_LLC, CPUID_EDX, 0, 0x0000000f, 1 }, { X86_FEATURE_CQM_MBM_TOTAL, CPUID_EDX, 1, 0x0000000f, 1 }, --- linux-ibm-6.8.0.orig/arch/x86/kernel/early-quirks.c +++ linux-ibm-6.8.0/arch/x86/kernel/early-quirks.c @@ -29,6 +29,37 @@ #include #include +static void __init early_pci_clear_msi(int bus, int slot, int func) +{ + int pos; + u16 ctrl; + + if (likely(!pci_early_clear_msi)) + return; + + pr_info_once("Clearing MSI/MSI-X enable bits early in boot (quirk)\n"); + + pos = pci_early_find_cap(bus, slot, func, PCI_CAP_ID_MSI); + if (pos) { + ctrl = read_pci_config_16(bus, slot, func, pos + PCI_MSI_FLAGS); + ctrl &= ~PCI_MSI_FLAGS_ENABLE; + write_pci_config_16(bus, slot, func, pos + PCI_MSI_FLAGS, ctrl); + + /* Read again to flush previous write */ + ctrl = read_pci_config_16(bus, slot, func, pos + PCI_MSI_FLAGS); + } + + pos = pci_early_find_cap(bus, slot, func, PCI_CAP_ID_MSIX); + if (pos) { + ctrl = read_pci_config_16(bus, slot, func, pos + PCI_MSIX_FLAGS); + ctrl &= ~PCI_MSIX_FLAGS_ENABLE; + write_pci_config_16(bus, slot, func, pos + PCI_MSIX_FLAGS, ctrl); + + /* Read again to flush previous write */ + ctrl = read_pci_config_16(bus, slot, func, pos + PCI_MSIX_FLAGS); + } +} + static void __init fix_hypertransport_config(int num, int slot, int func) { u32 htcfg; @@ -728,6 +759,7 @@ PCI_CLASS_BRIDGE_HOST, PCI_ANY_ID, 0, force_disable_hpet}, { PCI_VENDOR_ID_BROADCOM, 0x4331, PCI_CLASS_NETWORK_OTHER, PCI_ANY_ID, 0, apple_airport_reset}, + { PCI_ANY_ID, PCI_ANY_ID, 0, 0, 0, early_pci_clear_msi}, {} }; @@ -780,6 +812,10 @@ PCI_HEADER_TYPE); if ((type & PCI_HEADER_TYPE_MASK) == PCI_HEADER_TYPE_BRIDGE) { + /* pci_early_clear_msi scans the buses differently. */ + if (pci_early_clear_msi) + return -1; + sec = read_pci_config_byte(num, slot, func, PCI_SECONDARY_BUS); if (sec > num) early_pci_scan_bus(sec); @@ -806,8 +842,13 @@ void __init early_quirks(void) { + int bus; + if (!early_pci_allowed()) return; early_pci_scan_bus(0); + /* pci_early_clear_msi scans more buses. */ + for (bus = 1; pci_early_clear_msi && bus < 256; bus++) + early_pci_scan_bus(bus); } --- linux-ibm-6.8.0.orig/arch/x86/kernel/reboot.c +++ linux-ibm-6.8.0/arch/x86/kernel/reboot.c @@ -487,7 +487,46 @@ DMI_MATCH(DMI_PRODUCT_NAME, "VGN-Z540N"), }, }, - + { /* Handle problems with rebooting on the Latitude E6520. */ + .callback = set_pci_reboot, + .ident = "Dell Latitude E6520", + .matches = { + DMI_MATCH(DMI_SYS_VENDOR, "Dell Inc."), + DMI_MATCH(DMI_PRODUCT_NAME, "Latitude E6520"), + }, + }, + { /* Handle problems with rebooting on the OptiPlex 790. */ + .callback = set_pci_reboot, + .ident = "Dell OptiPlex 790", + .matches = { + DMI_MATCH(DMI_SYS_VENDOR, "Dell Inc."), + DMI_MATCH(DMI_PRODUCT_NAME, "OptiPlex 790"), + }, + }, + { /* Handle problems with rebooting on the OptiPlex 990. */ + .callback = set_pci_reboot, + .ident = "Dell OptiPlex 990", + .matches = { + DMI_MATCH(DMI_SYS_VENDOR, "Dell Inc."), + DMI_MATCH(DMI_PRODUCT_NAME, "OptiPlex 990"), + }, + }, + { /* Handle problems with rebooting on the Latitude E6220. */ + .callback = set_pci_reboot, + .ident = "Dell Latitude E6220", + .matches = { + DMI_MATCH(DMI_SYS_VENDOR, "Dell Inc."), + DMI_MATCH(DMI_PRODUCT_NAME, "Latitude E6220"), + }, + }, + { /* Handle problems with rebooting on the OptiPlex 390. */ + .callback = set_pci_reboot, + .ident = "Dell OptiPlex 390", + .matches = { + DMI_MATCH(DMI_SYS_VENDOR, "Dell Inc."), + DMI_MATCH(DMI_PRODUCT_NAME, "OptiPlex 390"), + }, + }, { } }; --- linux-ibm-6.8.0.orig/arch/x86/kernel/setup.c +++ linux-ibm-6.8.0/arch/x86/kernel/setup.c @@ -21,6 +21,7 @@ #include #include #include +#include #include #include #include @@ -902,6 +903,14 @@ efi_init(); reserve_ibft_region(); + + efi_set_secure_boot(boot_params.secure_boot); + +#ifdef CONFIG_LOCK_DOWN_IN_SECURE_BOOT + if (efi_enabled(EFI_SECURE_BOOT)) + security_lock_kernel_down("EFI Secure Boot mode", LOCKDOWN_INTEGRITY_MAX); +#endif + dmi_setup(); /* @@ -1064,19 +1073,7 @@ /* Allocate bigger log buffer */ setup_log_buf(1); - if (efi_enabled(EFI_BOOT)) { - switch (boot_params.secure_boot) { - case efi_secureboot_mode_disabled: - pr_info("Secure boot disabled\n"); - break; - case efi_secureboot_mode_enabled: - pr_info("Secure boot enabled\n"); - break; - default: - pr_info("Secure boot could not be determined\n"); - break; - } - } + efi_set_secure_boot(boot_params.secure_boot); reserve_initrd(); --- linux-ibm-6.8.0.orig/arch/x86/kvm/reverse_cpuid.h +++ linux-ibm-6.8.0/arch/x86/kvm/reverse_cpuid.h @@ -52,7 +52,7 @@ #define X86_FEATURE_IPRED_CTRL KVM_X86_FEATURE(CPUID_7_2_EDX, 1) #define KVM_X86_FEATURE_RRSBA_CTRL KVM_X86_FEATURE(CPUID_7_2_EDX, 2) #define X86_FEATURE_DDPD_U KVM_X86_FEATURE(CPUID_7_2_EDX, 3) -#define X86_FEATURE_BHI_CTRL KVM_X86_FEATURE(CPUID_7_2_EDX, 4) +#define KVM_X86_FEATURE_BHI_CTRL KVM_X86_FEATURE(CPUID_7_2_EDX, 4) #define X86_FEATURE_MCDT_NO KVM_X86_FEATURE(CPUID_7_2_EDX, 5) /* CPUID level 0x80000007 (EDX). */ @@ -126,6 +126,7 @@ KVM_X86_TRANSLATE_FEATURE(CONSTANT_TSC); KVM_X86_TRANSLATE_FEATURE(PERFMON_V2); KVM_X86_TRANSLATE_FEATURE(RRSBA_CTRL); + KVM_X86_TRANSLATE_FEATURE(BHI_CTRL); default: return x86_feature; } --- linux-ibm-6.8.0.orig/arch/x86/kvm/vmx/vmenter.S +++ linux-ibm-6.8.0/arch/x86/kvm/vmx/vmenter.S @@ -275,6 +275,8 @@ call vmx_spec_ctrl_restore_host + CLEAR_BRANCH_HISTORY_VMEXIT + /* Put return value in AX */ mov %_ASM_BX, %_ASM_AX --- linux-ibm-6.8.0.orig/arch/x86/kvm/x86.c +++ linux-ibm-6.8.0/arch/x86/kvm/x86.c @@ -1623,7 +1623,8 @@ ARCH_CAP_SKIP_VMENTRY_L1DFLUSH | ARCH_CAP_SSB_NO | ARCH_CAP_MDS_NO | \ ARCH_CAP_PSCHANGE_MC_NO | ARCH_CAP_TSX_CTRL_MSR | ARCH_CAP_TAA_NO | \ ARCH_CAP_SBDR_SSDP_NO | ARCH_CAP_FBSDP_NO | ARCH_CAP_PSDP_NO | \ - ARCH_CAP_FB_CLEAR | ARCH_CAP_RRSBA | ARCH_CAP_PBRSB_NO | ARCH_CAP_GDS_NO) + ARCH_CAP_FB_CLEAR | ARCH_CAP_RRSBA | ARCH_CAP_PBRSB_NO | ARCH_CAP_GDS_NO | \ + ARCH_CAP_RFDS_NO | ARCH_CAP_RFDS_CLEAR | ARCH_CAP_BHI_NO) static u64 kvm_get_arch_capabilities(void) { @@ -1655,6 +1656,8 @@ data |= ARCH_CAP_SSB_NO; if (!boot_cpu_has_bug(X86_BUG_MDS)) data |= ARCH_CAP_MDS_NO; + if (!boot_cpu_has_bug(X86_BUG_RFDS)) + data |= ARCH_CAP_RFDS_NO; if (!boot_cpu_has(X86_FEATURE_RTM)) { /* --- linux-ibm-6.8.0.orig/arch/x86/pci/common.c +++ linux-ibm-6.8.0/arch/x86/pci/common.c @@ -34,6 +34,7 @@ #endif int pcibios_last_bus = -1; unsigned long pirq_table_addr; +unsigned int pci_early_clear_msi; const struct pci_raw_ops *__read_mostly raw_pci_ops; const struct pci_raw_ops *__read_mostly raw_pci_ext_ops; @@ -614,6 +615,9 @@ } else if (!strcmp(str, "skip_isa_align")) { pci_probe |= PCI_CAN_SKIP_ISA_ALIGN; return NULL; + } else if (!strcmp(str, "clearmsi")) { + pci_early_clear_msi = 1; + return NULL; } else if (!strcmp(str, "noioapicquirk")) { noioapicquirk = 1; return NULL; --- linux-ibm-6.8.0.orig/arch/x86/pci/early.c +++ linux-ibm-6.8.0/arch/x86/pci/early.c @@ -51,6 +51,31 @@ outw(val, 0xcfc + (offset&2)); } +u32 pci_early_find_cap(int bus, int slot, int func, int cap) +{ + int bytes; + u8 pos; + + if (!(read_pci_config_16(bus, slot, func, PCI_STATUS) & + PCI_STATUS_CAP_LIST)) + return 0; + + pos = read_pci_config_byte(bus, slot, func, PCI_CAPABILITY_LIST); + for (bytes = 0; bytes < 48 && pos >= 0x40; bytes++) { + u8 id; + + pos &= ~3; + id = read_pci_config_byte(bus, slot, func, pos+PCI_CAP_LIST_ID); + if (id == 0xff) + break; + if (id == cap) + return pos; + pos = read_pci_config_byte(bus, slot, func, + pos+PCI_CAP_LIST_NEXT); + } + return 0; +} + int early_pci_allowed(void) { return (pci_probe & (PCI_PROBE_CONF1|PCI_PROBE_NOEARLY)) == --- linux-ibm-6.8.0.orig/certs/blacklist.c +++ linux-ibm-6.8.0/certs/blacklist.c @@ -276,6 +276,9 @@ if (IS_ERR(key)) { pr_err("Problem with revocation key (%ld)\n", PTR_ERR(key)); return PTR_ERR(key); + } else { + pr_notice("Revoked X.509 cert '%s'\n", + key_ref_to_ptr(key)->description); } return 0; --- linux-ibm-6.8.0.orig/crypto/aegis128-neon-inner.c +++ linux-ibm-6.8.0/crypto/aegis128-neon-inner.c @@ -148,8 +148,8 @@ kiv, vld1q_u8(const1), vld1q_u8(const0), - k ^ vld1q_u8(const0), - k ^ vld1q_u8(const1), + (uint8x16_t) (k ^ vld1q_u8(const0)), + (uint8x16_t) (k ^ vld1q_u8(const1)), }}; int i; --- linux-ibm-6.8.0.orig/crypto/asymmetric_keys/x509_loader.c +++ linux-ibm-6.8.0/crypto/asymmetric_keys/x509_loader.c @@ -41,6 +41,7 @@ if (IS_ERR(key)) { pr_err("Problem loading in-kernel X.509 certificate (%ld)\n", PTR_ERR(key)); + WARN_ON_ONCE(1); } else { pr_notice("Loaded X.509 cert '%s'\n", key_ref_to_ptr(key)->description); --- linux-ibm-6.8.0.orig/crypto/fips.c +++ linux-ibm-6.8.0/crypto/fips.c @@ -14,7 +14,8 @@ #include #include -int fips_enabled; +/* LP: #2049082 UBUNTU: SAUCE: FIPS kernels default to FIPS mode */ +int fips_enabled = 1; EXPORT_SYMBOL_GPL(fips_enabled); ATOMIC_NOTIFIER_HEAD(fips_fail_notif_chain); --- linux-ibm-6.8.0.orig/debian.ibm/changelog +++ linux-ibm-6.8.0/debian.ibm/changelog @@ -0,0 +1,8584 @@ +linux-ibm (6.8.0-1003.3) noble; urgency=medium + + * noble/linux-ibm: 6.8.0-1003.3 -proposed tracker (LP: #2061096) + + * Packaging resync (LP: #1786013) + - [Packaging] drop getabis data + - [Packaging] Replace fs/cifs with fs/smb in inclusion list + - [Packaging] update variants + + * Miscellaneous Ubuntu changes + - [Config] updateconfigs following Ubuntu-6.8.0-25.25 rebase + - [Packaging] sync build dependencies with generic + + * Rebase on Ubuntu-6.8.0-25.25 + + -- Paolo Pisati Fri, 12 Apr 2024 16:26:30 +0200 + +linux-ibm (6.8.0-1001.1) noble; urgency=medium + + * noble/linux-ibm: 6.8.0-1001.1 -proposed tracker (LP: #2052778) + + * Packaging resync (LP: #1786013) + - debian.ibm/dkms-versions -- update from kernel-versions (main/d2024.02.07) + + * Miscellaneous Ubuntu changes + - [packaging] update rust, clang and bindgen build-deps + - [Config] updateconfigs following 6.8.0-7.7 rebase + + [ Ubuntu: 6.8.0-7.7 ] + + * noble/linux: 6.8.0-7.7 -proposed tracker (LP: #2052691) + * update apparmor and LSM stacking patch set (LP: #2028253) + - SAUCE: apparmor4.0.0 [01/87]: LSM stacking v39: integrity: disassociate + ima_filter_rule from security_audit_rule + - SAUCE: apparmor4.0.0 [02/87]: LSM stacking v39: SM: Infrastructure + management of the sock security + - SAUCE: apparmor4.0.0 [03/87]: LSM stacking v39: LSM: Add the lsmblob data + structure. + - SAUCE: apparmor4.0.0 [04/87]: LSM stacking v39: IMA: avoid label collisions + with stacked LSMs + - SAUCE: apparmor4.0.0 [05/87]: LSM stacking v39: LSM: Use lsmblob in + security_audit_rule_match + - SAUCE: apparmor4.0.0 [06/87]: LSM stacking v39: LSM: Add lsmblob_to_secctx + hook + - SAUCE: apparmor4.0.0 [07/87]: LSM stacking v39: Audit: maintain an lsmblob + in audit_context + - SAUCE: apparmor4.0.0 [08/87]: LSM stacking v39: LSM: Use lsmblob in + security_ipc_getsecid + - SAUCE: apparmor4.0.0 [09/87]: LSM stacking v39: Audit: Update shutdown LSM + data + - SAUCE: apparmor4.0.0 [10/87]: LSM stacking v39: LSM: Use lsmblob in + security_current_getsecid + - SAUCE: apparmor4.0.0 [11/87]: LSM stacking v39: LSM: Use lsmblob in + security_inode_getsecid + - SAUCE: apparmor4.0.0 [12/87]: LSM stacking v39: Audit: use an lsmblob in + audit_names + - SAUCE: apparmor4.0.0 [13/87]: LSM stacking v39: LSM: Create new + security_cred_getlsmblob LSM hook + - SAUCE: apparmor4.0.0 [14/87]: LSM stacking v39: Audit: Change context data + from secid to lsmblob + - SAUCE: apparmor4.0.0 [15/87]: LSM stacking v39: Netlabel: Use lsmblob for + audit data + - SAUCE: apparmor4.0.0 [16/87]: LSM stacking v39: LSM: Ensure the correct LSM + context releaser + - SAUCE: apparmor4.0.0 [17/87]: LSM stacking v39: LSM: Use lsmcontext in + security_secid_to_secctx + - SAUCE: apparmor4.0.0 [18/87]: LSM stacking v39: LSM: Use lsmcontext in + security_lsmblob_to_secctx + - SAUCE: apparmor4.0.0 [19/87]: LSM stacking v39: LSM: Use lsmcontext in + security_inode_getsecctx + - SAUCE: apparmor4.0.0 [20/87]: LSM stacking v39: LSM: Use lsmcontext in + security_dentry_init_security + - SAUCE: apparmor4.0.0 [21/87]: LSM stacking v39: LSM: + security_lsmblob_to_secctx module selection + - SAUCE: apparmor4.0.0 [22/87]: LSM stacking v39: Audit: Create audit_stamp + structure + - SAUCE: apparmor4.0.0 [23/87]: LSM stacking v39: Audit: Allow multiple + records in an audit_buffer + - SAUCE: apparmor4.0.0 [24/87]: LSM stacking v39: Audit: Add record for + multiple task security contexts + - SAUCE: apparmor4.0.0 [25/87]: LSM stacking v39: audit: multiple subject lsm + values for netlabel + - SAUCE: apparmor4.0.0 [26/87]: LSM stacking v39: Audit: Add record for + multiple object contexts + - SAUCE: apparmor4.0.0 [27/87]: LSM stacking v39: LSM: Remove unused + lsmcontext_init() + - SAUCE: apparmor4.0.0 [28/87]: LSM stacking v39: LSM: Improve logic in + security_getprocattr + - SAUCE: apparmor4.0.0 [29/87]: LSM stacking v39: LSM: secctx provider check + on release + - SAUCE: apparmor4.0.0 [31/87]: LSM stacking v39: LSM: Exclusive secmark usage + - SAUCE: apparmor4.0.0 [32/87]: LSM stacking v39: LSM: Identify which LSM + handles the context string + - SAUCE: apparmor4.0.0 [33/87]: LSM stacking v39: AppArmor: Remove the + exclusive flag + - SAUCE: apparmor4.0.0 [34/87]: LSM stacking v39: LSM: Add mount opts blob + size tracking + - SAUCE: apparmor4.0.0 [35/87]: LSM stacking v39: LSM: allocate mnt_opts blobs + instead of module specific data + - SAUCE: apparmor4.0.0 [36/87]: LSM stacking v39: LSM: Infrastructure + management of the key security blob + - SAUCE: apparmor4.0.0 [37/87]: LSM stacking v39: LSM: Infrastructure + management of the mnt_opts security blob + - SAUCE: apparmor4.0.0 [38/87]: LSM stacking v39: LSM: Correct handling of + ENOSYS in inode_setxattr + - SAUCE: apparmor4.0.0 [39/87]: LSM stacking v39: LSM: Remove lsmblob + scaffolding + - SAUCE: apparmor4.0.0 [40/87]: LSM stacking v39: LSM: Allow reservation of + netlabel + - SAUCE: apparmor4.0.0 [41/87]: LSM stacking v39: LSM: restrict + security_cred_getsecid() to a single LSM + - SAUCE: apparmor4.0.0 [42/87]: LSM stacking v39: Smack: Remove + LSM_FLAG_EXCLUSIVE + - SAUCE: apparmor4.0.0 [43/87]: LSM stacking v39: UBUNTU: SAUCE: apparmor4.0.0 + [12/95]: add/use fns to print hash string hex value + - SAUCE: apparmor4.0.0 [44/87]: patch to provide compatibility with v2.x net + rules + - SAUCE: apparmor4.0.0 [45/87]: add unpriviled user ns mediation + - SAUCE: apparmor4.0.0 [46/87]: Add sysctls for additional controls of unpriv + userns restrictions + - SAUCE: apparmor4.0.0 [47/87]: af_unix mediation + - SAUCE: apparmor4.0.0 [48/87]: Add fine grained mediation of posix mqueues + - SAUCE: apparmor4.0.0 [49/87]: setup slab cache for audit data + - SAUCE: apparmor4.0.0 [50/87]: Improve debug print infrastructure + - SAUCE: apparmor4.0.0 [51/87]: add the ability for profiles to have a + learning cache + - SAUCE: apparmor4.0.0 [52/87]: enable userspace upcall for mediation + - SAUCE: apparmor4.0.0 [53/87]: prompt - lock down prompt interface + - SAUCE: apparmor4.0.0 [54/87]: prompt - allow controlling of caching of a + prompt response + - SAUCE: apparmor4.0.0 [55/87]: prompt - add refcount to audit_node in prep or + reuse and delete + - SAUCE: apparmor4.0.0 [56/87]: prompt - refactor to moving caching to + uresponse + - SAUCE: apparmor4.0.0 [57/87]: prompt - Improve debug statements + - SAUCE: apparmor4.0.0 [58/87]: prompt - fix caching + - SAUCE: apparmor4.0.0 [59/87]: prompt - rework build to use append fn, to + simplify adding strings + - SAUCE: apparmor4.0.0 [60/87]: prompt - refcount notifications + - SAUCE: apparmor4.0.0 [61/87]: prompt - add the ability to reply with a + profile name + - SAUCE: apparmor4.0.0 [62/87]: prompt - fix notification cache when updating + - SAUCE: apparmor4.0.0 [63/87]: prompt - add tailglob on name for cache + support + - SAUCE: apparmor4.0.0 [64/87]: prompt - allow profiles to set prompts as + interruptible + - SAUCE: apparmor4.0.0 [65/87] v6.8 prompt:fixup interruptible + - SAUCE: apparmor4.0.0 [69/87]: add io_uring mediation + - SAUCE: apparmor4.0.0 [70/87]: apparmor: fix oops when racing to retrieve + notification + - SAUCE: apparmor4.0.0 [71/87]: apparmor: fix notification header size + - SAUCE: apparmor4.0.0 [72/87]: apparmor: fix request field from a prompt + reply that denies all access + - SAUCE: apparmor4.0.0 [73/87]: apparmor: open userns related sysctl so lxc + can check if restriction are in place + - SAUCE: apparmor4.0.0 [74/87]: apparmor: cleanup attachment perm lookup to + use lookup_perms() + - SAUCE: apparmor4.0.0 [75/87]: apparmor: remove redundant unconfined check. + - SAUCE: apparmor4.0.0 [76/87]: apparmor: switch signal mediation to using + RULE_MEDIATES + - SAUCE: apparmor4.0.0 [77/87]: apparmor: ensure labels with more than one + entry have correct flags + - SAUCE: apparmor4.0.0 [78/87]: apparmor: remove explicit restriction that + unconfined cannot use change_hat + - SAUCE: apparmor4.0.0 [79/87]: apparmor: cleanup: refactor file_perm() to + provide semantics of some checks + - SAUCE: apparmor4.0.0 [80/87]: apparmor: carry mediation check on label + - SAUCE: apparmor4.0.0 [81/87]: apparmor: convert easy uses of unconfined() to + label_mediates() + - SAUCE: apparmor4.0.0 [82/87]: apparmor: add additional flags to extended + permission. + - SAUCE: apparmor4.0.0 [83/87]: apparmor: add support for profiles to define + the kill signal + - SAUCE: apparmor4.0.0 [84/87]: apparmor: fix x_table_lookup when stacking is + not the first entry + - SAUCE: apparmor4.0.0 [85/87]: apparmor: allow profile to be transitioned + when a user ns is created + - SAUCE: apparmor4.0.0 [86/87]: apparmor: add ability to mediate caps with + policy state machine + - SAUCE: apparmor4.0.0 [87/87]: fixup notify + - [Config] disable CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS + * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe] + apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in mantic + (LP: #2032602) + - SAUCE: apparmor4.0.0 [66/87]: prompt - add support for advanced filtering of + notifications + - SAUCE: apparmor4.0.0 [67/87]: userns - add the ability to reference a global + variable for a feature value + - SAUCE: apparmor4.0.0 [68/87]: userns - make it so special unconfined + profiles can mediate user namespaces + + [ Ubuntu: 6.8.0-6.6 ] + + * noble/linux: 6.8.0-6.6 -proposed tracker (LP: #2052592) + * Packaging resync (LP: #1786013) + - debian.master/dkms-versions -- update from kernel-versions + (main/d2024.02.07) + - [Packaging] update variants + * FIPS kernels should default to fips mode (LP: #2049082) + - SAUCE: Enable fips mode by default, in FIPS kernels only + * Fix snapcraftyaml.yaml for jammy:linux-raspi (LP: #2051468) + - [Packaging] Remove old snapcraft.yaml + * Azure: Fix regression introduced in LP: #2045069 (LP: #2052453) + - hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed + * Miscellaneous Ubuntu changes + - [Packaging] Remove in-tree abi checks + - [Packaging] drop abi files with clean + - [Packaging] Remove do_full_source variable (fixup) + - [Packaging] Remove update-dkms-versions and move dkms-versions + - [Config] updateconfigs following v6.8-rc3 rebase + - [packaging] rename to linux + - [packaging] rebase on v6.8-rc3 + - [packaging] disable signing for ppc64el + * Rebase on v6.8-rc3 + + [ Ubuntu: 6.8.0-5.5 ] + + * noble/linux-unstable: 6.8.0-5.5 -proposed tracker (LP: #2052136) + * Miscellaneous upstream changes + - Revert "mm/sparsemem: fix race in accessing memory_section->usage" + + [ Ubuntu: 6.8.0-4.4 ] + + * noble/linux-unstable: 6.8.0-4.4 -proposed tracker (LP: #2051502) + * Migrate from fbdev drivers to simpledrm and DRM fbdev emulation layer + (LP: #1965303) + - [Config] enable simpledrm and DRM fbdev emulation layer + * Miscellaneous Ubuntu changes + - [Config] toolchain update + * Miscellaneous upstream changes + - rust: upgrade to Rust 1.75.0 + + [ Ubuntu: 6.8.0-3.3 ] + + * noble/linux-unstable: 6.8.0-3.3 -proposed tracker (LP: #2051488) + * update apparmor and LSM stacking patch set (LP: #2028253) + - SAUCE: apparmor4.0.0 [43/87]: LSM stacking v39: UBUNTU: SAUCE: apparmor4.0.0 + [12/95]: add/use fns to print hash string hex value + - SAUCE: apparmor4.0.0 [44/87]: patch to provide compatibility with v2.x net + rules + - SAUCE: apparmor4.0.0 [45/87]: add unpriviled user ns mediation + - SAUCE: apparmor4.0.0 [46/87]: Add sysctls for additional controls of unpriv + userns restrictions + - SAUCE: apparmor4.0.0 [47/87]: af_unix mediation + - SAUCE: apparmor4.0.0 [48/87]: Add fine grained mediation of posix mqueues + - SAUCE: apparmor4.0.0 [49/87]: setup slab cache for audit data + - SAUCE: apparmor4.0.0 [50/87]: Improve debug print infrastructure + - SAUCE: apparmor4.0.0 [51/87]: add the ability for profiles to have a + learning cache + - SAUCE: apparmor4.0.0 [52/87]: enable userspace upcall for mediation + - SAUCE: apparmor4.0.0 [53/87]: prompt - lock down prompt interface + - SAUCE: apparmor4.0.0 [54/87]: prompt - allow controlling of caching of a + prompt response + - SAUCE: apparmor4.0.0 [55/87]: prompt - add refcount to audit_node in prep or + reuse and delete + - SAUCE: apparmor4.0.0 [56/87]: prompt - refactor to moving caching to + uresponse + - SAUCE: apparmor4.0.0 [57/87]: prompt - Improve debug statements + - SAUCE: apparmor4.0.0 [58/87]: prompt - fix caching + - SAUCE: apparmor4.0.0 [59/87]: prompt - rework build to use append fn, to + simplify adding strings + - SAUCE: apparmor4.0.0 [60/87]: prompt - refcount notifications + - SAUCE: apparmor4.0.0 [61/87]: prompt - add the ability to reply with a + profile name + - SAUCE: apparmor4.0.0 [62/87]: prompt - fix notification cache when updating + - SAUCE: apparmor4.0.0 [63/87]: prompt - add tailglob on name for cache + support + - SAUCE: apparmor4.0.0 [64/87]: prompt - allow profiles to set prompts as + interruptible + - SAUCE: apparmor4.0.0 [69/87]: add io_uring mediation + - [Config] disable CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS + * apparmor restricts read access of user namespace mediation sysctls to root + (LP: #2040194) + - SAUCE: apparmor4.0.0 [73/87]: apparmor: open userns related sysctl so lxc + can check if restriction are in place + * AppArmor spams kernel log with assert when auditing (LP: #2040192) + - SAUCE: apparmor4.0.0 [72/87]: apparmor: fix request field from a prompt + reply that denies all access + * apparmor notification files verification (LP: #2040250) + - SAUCE: apparmor4.0.0 [71/87]: apparmor: fix notification header size + * apparmor oops when racing to retrieve a notification (LP: #2040245) + - SAUCE: apparmor4.0.0 [70/87]: apparmor: fix oops when racing to retrieve + notification + * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe] + apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in mantic + (LP: #2032602) + - SAUCE: apparmor4.0.0 [66/87]: prompt - add support for advanced filtering of + notifications + - SAUCE: apparmor4.0.0 [67/87]: userns - add the ability to reference a global + variable for a feature value + - SAUCE: apparmor4.0.0 [68/87]: userns - make it so special unconfined + profiles can mediate user namespaces + * Miscellaneous Ubuntu changes + - SAUCE: apparmor4.0.0 [01/87]: LSM stacking v39: integrity: disassociate + ima_filter_rule from security_audit_rule + - SAUCE: apparmor4.0.0 [02/87]: LSM stacking v39: SM: Infrastructure + management of the sock security + - SAUCE: apparmor4.0.0 [03/87]: LSM stacking v39: LSM: Add the lsmblob data + structure. + - SAUCE: apparmor4.0.0 [04/87]: LSM stacking v39: IMA: avoid label collisions + with stacked LSMs + - SAUCE: apparmor4.0.0 [05/87]: LSM stacking v39: LSM: Use lsmblob in + security_audit_rule_match + - SAUCE: apparmor4.0.0 [06/87]: LSM stacking v39: LSM: Add lsmblob_to_secctx + hook + - SAUCE: apparmor4.0.0 [07/87]: LSM stacking v39: Audit: maintain an lsmblob + in audit_context + - SAUCE: apparmor4.0.0 [08/87]: LSM stacking v39: LSM: Use lsmblob in + security_ipc_getsecid + - SAUCE: apparmor4.0.0 [09/87]: LSM stacking v39: Audit: Update shutdown LSM + data + - SAUCE: apparmor4.0.0 [10/87]: LSM stacking v39: LSM: Use lsmblob in + security_current_getsecid + - SAUCE: apparmor4.0.0 [11/87]: LSM stacking v39: LSM: Use lsmblob in + security_inode_getsecid + - SAUCE: apparmor4.0.0 [12/87]: LSM stacking v39: Audit: use an lsmblob in + audit_names + - SAUCE: apparmor4.0.0 [13/87]: LSM stacking v39: LSM: Create new + security_cred_getlsmblob LSM hook + - SAUCE: apparmor4.0.0 [14/87]: LSM stacking v39: Audit: Change context data + from secid to lsmblob + - SAUCE: apparmor4.0.0 [15/87]: LSM stacking v39: Netlabel: Use lsmblob for + audit data + - SAUCE: apparmor4.0.0 [16/87]: LSM stacking v39: LSM: Ensure the correct LSM + context releaser + - SAUCE: apparmor4.0.0 [17/87]: LSM stacking v39: LSM: Use lsmcontext in + security_secid_to_secctx + - SAUCE: apparmor4.0.0 [18/87]: LSM stacking v39: LSM: Use lsmcontext in + security_lsmblob_to_secctx + - SAUCE: apparmor4.0.0 [19/87]: LSM stacking v39: LSM: Use lsmcontext in + security_inode_getsecctx + - SAUCE: apparmor4.0.0 [20/87]: LSM stacking v39: LSM: Use lsmcontext in + security_dentry_init_security + - SAUCE: apparmor4.0.0 [21/87]: LSM stacking v39: LSM: + security_lsmblob_to_secctx module selection + - SAUCE: apparmor4.0.0 [22/87]: LSM stacking v39: Audit: Create audit_stamp + structure + - SAUCE: apparmor4.0.0 [23/87]: LSM stacking v39: Audit: Allow multiple + records in an audit_buffer + - SAUCE: apparmor4.0.0 [24/87]: LSM stacking v39: Audit: Add record for + multiple task security contexts + - SAUCE: apparmor4.0.0 [25/87]: LSM stacking v39: audit: multiple subject lsm + values for netlabel + - SAUCE: apparmor4.0.0 [26/87]: LSM stacking v39: Audit: Add record for + multiple object contexts + - SAUCE: apparmor4.0.0 [27/87]: LSM stacking v39: LSM: Remove unused + lsmcontext_init() + - SAUCE: apparmor4.0.0 [28/87]: LSM stacking v39: LSM: Improve logic in + security_getprocattr + - SAUCE: apparmor4.0.0 [29/87]: LSM stacking v39: LSM: secctx provider check + on release + - SAUCE: apparmor4.0.0 [30/87]: LSM stacking v39: LSM: Single calls in + socket_getpeersec hooks + - SAUCE: apparmor4.0.0 [31/87]: LSM stacking v39: LSM: Exclusive secmark usage + - SAUCE: apparmor4.0.0 [32/87]: LSM stacking v39: LSM: Identify which LSM + handles the context string + - SAUCE: apparmor4.0.0 [33/87]: LSM stacking v39: AppArmor: Remove the + exclusive flag + - SAUCE: apparmor4.0.0 [34/87]: LSM stacking v39: LSM: Add mount opts blob + size tracking + - SAUCE: apparmor4.0.0 [35/87]: LSM stacking v39: LSM: allocate mnt_opts blobs + instead of module specific data + - SAUCE: apparmor4.0.0 [36/87]: LSM stacking v39: LSM: Infrastructure + management of the key security blob + - SAUCE: apparmor4.0.0 [37/87]: LSM stacking v39: LSM: Infrastructure + management of the mnt_opts security blob + - SAUCE: apparmor4.0.0 [38/87]: LSM stacking v39: LSM: Correct handling of + ENOSYS in inode_setxattr + - SAUCE: apparmor4.0.0 [39/87]: LSM stacking v39: LSM: Remove lsmblob + scaffolding + - SAUCE: apparmor4.0.0 [40/87]: LSM stacking v39: LSM: Allow reservation of + netlabel + - SAUCE: apparmor4.0.0 [41/87]: LSM stacking v39: LSM: restrict + security_cred_getsecid() to a single LSM + - SAUCE: apparmor4.0.0 [42/87]: LSM stacking v39: Smack: Remove + LSM_FLAG_EXCLUSIVE + - SAUCE: apparmor4.0.0 [65/87] v6.8 prompt:fixup interruptible + - SAUCE: apparmor4.0.0 [74/87]: apparmor: cleanup attachment perm lookup to + use lookup_perms() + - SAUCE: apparmor4.0.0 [75/87]: apparmor: remove redundant unconfined check. + - SAUCE: apparmor4.0.0 [76/87]: apparmor: switch signal mediation to using + RULE_MEDIATES + - SAUCE: apparmor4.0.0 [77/87]: apparmor: ensure labels with more than one + entry have correct flags + - SAUCE: apparmor4.0.0 [78/87]: apparmor: remove explicit restriction that + unconfined cannot use change_hat + - SAUCE: apparmor4.0.0 [79/87]: apparmor: cleanup: refactor file_perm() to + provide semantics of some checks + - SAUCE: apparmor4.0.0 [80/87]: apparmor: carry mediation check on label + - SAUCE: apparmor4.0.0 [81/87]: apparmor: convert easy uses of unconfined() to + label_mediates() + - SAUCE: apparmor4.0.0 [82/87]: apparmor: add additional flags to extended + permission. + - SAUCE: apparmor4.0.0 [83/87]: apparmor: add support for profiles to define + the kill signal + - SAUCE: apparmor4.0.0 [84/87]: apparmor: fix x_table_lookup when stacking is + not the first entry + - SAUCE: apparmor4.0.0 [85/87]: apparmor: allow profile to be transitioned + when a user ns is created + - SAUCE: apparmor4.0.0 [86/87]: apparmor: add ability to mediate caps with + policy state machine + - SAUCE: apparmor4.0.0 [87/87]: fixup notify + - [Config] updateconfigs following v6.8-rc2 rebase + + [ Ubuntu: 6.8.0-2.2 ] + + * noble/linux-unstable: 6.8.0-2.2 -proposed tracker (LP: #2051110) + * Miscellaneous Ubuntu changes + - [Config] toolchain update + - [Config] enable Rust + + [ Ubuntu: 6.8.0-1.1 ] + + * noble/linux-unstable: 6.8.0-1.1 -proposed tracker (LP: #2051102) + * Miscellaneous Ubuntu changes + - [packaging] move to v6.8-rc1 + - [Config] updateconfigs following v6.8-rc1 rebase + - SAUCE: export file_close_fd() instead of close_fd_get_file() + - SAUCE: cpufreq: s/strlcpy/strscpy/ + - debian/dkms-versions -- temporarily disable zfs dkms + - debian/dkms-versions -- temporarily disable ipu6 and isvsc dkms + - debian/dkms-versions -- temporarily disable v4l2loopback + + [ Ubuntu: 6.8.0-0.0 ] + + * Empty entry. + + [ Ubuntu: 6.7.0-7.7 ] + + * noble/linux-unstable: 6.7.0-7.7 -proposed tracker (LP: #2049357) + * Packaging resync (LP: #1786013) + - [Packaging] update variants + * Miscellaneous Ubuntu changes + - [Packaging] re-enable signing for s390x and ppc64el + + [ Ubuntu: 6.7.0-6.6 ] + + * Empty entry. + + [ Ubuntu: 6.7.0-2.2 ] + + * noble/linux: 6.7.0-2.2 -proposed tracker (LP: #2049182) + * Packaging resync (LP: #1786013) + - [Packaging] resync getabis + * Enforce RETPOLINE and SLS mitigrations (LP: #2046440) + - SAUCE: objtool: Make objtool check actually fatal upon fatal errors + - SAUCE: objtool: make objtool SLS validation fatal when building with + CONFIG_SLS=y + - SAUCE: objtool: make objtool RETPOLINE validation fatal when building with + CONFIG_RETPOLINE=y + - SAUCE: scripts: remove generating .o-ur objects + - [Packaging] Remove all custom retpoline-extract code + - Revert "UBUNTU: SAUCE: vga_set_mode -- avoid jump tables" + - Revert "UBUNTU: SAUCE: early/late -- annotate indirect calls in early/late + initialisation code" + - Revert "UBUNTU: SAUCE: apm -- annotate indirect calls within + firmware_restrict_branch_speculation_{start,end}" + * Miscellaneous Ubuntu changes + - [Packaging] temporarily disable riscv64 builds + - [Packaging] temporarily disable Rust dependencies on riscv64 + + [ Ubuntu: 6.7.0-1.1 ] + + * noble/linux: 6.7.0-1.1 -proposed tracker (LP: #2048859) + * Packaging resync (LP: #1786013) + - [Packaging] update variants + - debian/dkms-versions -- update from kernel-versions (main/d2024.01.02) + * [UBUNTU 23.04] Regression: Ubuntu 23.04/23.10 do not include uvdevice + anymore (LP: #2048919) + - [Config] Enable S390_UV_UAPI (built-in) + * Support mipi camera on Intel Meteor Lake platform (LP: #2031412) + - SAUCE: iommu: intel-ipu: use IOMMU passthrough mode for Intel IPUs on Meteor + Lake + - SAUCE: platform/x86: int3472: Add handshake GPIO function + * [SRU][J/L/M] UBUNTU: [Packaging] Make WWAN driver a loadable module + (LP: #2033406) + - [Packaging] Make WWAN driver loadable modules + * usbip: error: failed to open /usr/share/hwdata//usb.ids (LP: #2039439) + - [Packaging] Make linux-tools-common depend on hwdata + * [Mediatek] mt8195-demo: enable CONFIG_MTK_IOMMU as module for multimedia and + PCIE peripherals (LP: #2036587) + - [Config] Enable CONFIG_MTK_IOMMU on arm64 + * linux-*: please enable dm-verity kconfigs to allow MoK/db verified root + images (LP: #2019040) + - [Config] CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG_SECONDARY_KEYRING=y + * kexec enable to load/kdump zstd compressed zimg (LP: #2037398) + - [Packaging] Revert arm64 image format to Image.gz + * Mantic minimized/minimal cloud images do not receive IP address during + provisioning; systemd regression with wait-online (LP: #2036968) + - [Config] Enable virtio-net as built-in to avoid race + * Make backlight module auto detect dell_uart_backlight (LP: #2008882) + - SAUCE: ACPI: video: Dell AIO UART backlight detection + * Linux 6.2 fails to reboot with current u-boot-nezha (LP: #2021364) + - [Config] Default to performance CPUFreq governor on riscv64 + * Enable Nezha board (LP: #1975592) + - [Config] Build in D1 clock drivers on riscv64 + - [Config] Enable CONFIG_SUN6I_RTC_CCU on riscv64 + - [Config] Enable CONFIG_SUNXI_WATCHDOG on riscv64 + - [Config] Disable SUN50I_DE2_BUS on riscv64 + - [Config] Disable unneeded sunxi pinctrl drivers on riscv64 + * Enable StarFive VisionFive 2 board (LP: #2013232) + - [Config] Enable CONFIG_PINCTRL_STARFIVE_JH7110_SYS on riscv64 + - [Config] Enable CONFIG_STARFIVE_WATCHDOG on riscv64 + * rcu_sched detected stalls on CPUs/tasks (LP: #1967130) + - [Config] Enable virtually mapped stacks on riscv64 + * Check for changes relevant for security certifications (LP: #1945989) + - [Packaging] Add a new fips-checks script + * Installation support for SMARC RZ/G2L platform (LP: #2030525) + - [Config] build Renesas RZ/G2L USBPHY control driver statically + * Add support for kernels compiled with CONFIG_EFI_ZBOOT (LP: #2002226) + - [Config]: Turn on CONFIG_EFI_ZBOOT on ARM64 + * Default module signing algo should be accelerated (LP: #2034061) + - [Config] Default module signing algo should be accelerated + * Miscellaneous Ubuntu changes + - [Config] annotations clean-up + [ Upstream Kernel Changes ] + * Rebase to v6.7 + + [ Ubuntu: 6.7.0-0.0 ] + + * Empty entry + + [ Ubuntu: 6.7.0-5.5 ] + + * noble/linux-unstable: 6.7.0-5.5 -proposed tracker (LP: #2048118) + * Packaging resync (LP: #1786013) + - debian/dkms-versions -- update from kernel-versions (main/d2024.01.02) + * Miscellaneous Ubuntu changes + - [Packaging] re-enable Rust support + - [Packaging] temporarily disable riscv64 builds + + [ Ubuntu: 6.7.0-4.4 ] + + * noble/linux-unstable: 6.7.0-4.4 -proposed tracker (LP: #2047807) + * unconfined profile denies userns_create for chromium based processes + (LP: #1990064) + - [Config] disable CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS + * apparmor restricts read access of user namespace mediation sysctls to root + (LP: #2040194) + - SAUCE: apparmor4.0.0 [69/69]: apparmor: open userns related sysctl so lxc + can check if restriction are in place + * AppArmor spams kernel log with assert when auditing (LP: #2040192) + - SAUCE: apparmor4.0.0 [68/69]: apparmor: fix request field from a prompt + reply that denies all access + * apparmor notification files verification (LP: #2040250) + - SAUCE: apparmor4.0.0 [67/69]: apparmor: fix notification header size + * apparmor oops when racing to retrieve a notification (LP: #2040245) + - SAUCE: apparmor4.0.0 [66/69]: apparmor: fix oops when racing to retrieve + notification + * update apparmor and LSM stacking patch set (LP: #2028253) + - SAUCE: apparmor4.0.0 [01/69]: add/use fns to print hash string hex value + - SAUCE: apparmor4.0.0 [02/69]: patch to provide compatibility with v2.x net + rules + - SAUCE: apparmor4.0.0 [03/69]: add unpriviled user ns mediation + - SAUCE: apparmor4.0.0 [04/69]: Add sysctls for additional controls of unpriv + userns restrictions + - SAUCE: apparmor4.0.0 [05/69]: af_unix mediation + - SAUCE: apparmor4.0.0 [06/69]: Add fine grained mediation of posix mqueues + - SAUCE: apparmor4.0.0 [07/69]: Stacking v38: LSM: Identify modules by more + than name + - SAUCE: apparmor4.0.0 [08/69]: Stacking v38: LSM: Add an LSM identifier for + external use + - SAUCE: apparmor4.0.0 [09/69]: Stacking v38: LSM: Identify the process + attributes for each module + - SAUCE: apparmor4.0.0 [10/69]: Stacking v38: LSM: Maintain a table of LSM + attribute data + - SAUCE: apparmor4.0.0 [11/69]: Stacking v38: proc: Use lsmids instead of lsm + names for attrs + - SAUCE: apparmor4.0.0 [12/69]: Stacking v38: integrity: disassociate + ima_filter_rule from security_audit_rule + - SAUCE: apparmor4.0.0 [13/69]: Stacking v38: LSM: Infrastructure management + of the sock security + - SAUCE: apparmor4.0.0 [14/69]: Stacking v38: LSM: Add the lsmblob data + structure. + - SAUCE: apparmor4.0.0 [15/69]: Stacking v38: LSM: provide lsm name and id + slot mappings + - SAUCE: apparmor4.0.0 [16/69]: Stacking v38: IMA: avoid label collisions with + stacked LSMs + - SAUCE: apparmor4.0.0 [17/69]: Stacking v38: LSM: Use lsmblob in + security_audit_rule_match + - SAUCE: apparmor4.0.0 [18/69]: Stacking v38: LSM: Use lsmblob in + security_kernel_act_as + - SAUCE: apparmor4.0.0 [19/69]: Stacking v38: LSM: Use lsmblob in + security_secctx_to_secid + - SAUCE: apparmor4.0.0 [20/69]: Stacking v38: LSM: Use lsmblob in + security_secid_to_secctx + - SAUCE: apparmor4.0.0 [21/69]: Stacking v38: LSM: Use lsmblob in + security_ipc_getsecid + - SAUCE: apparmor4.0.0 [22/69]: Stacking v38: LSM: Use lsmblob in + security_current_getsecid + - SAUCE: apparmor4.0.0 [23/69]: Stacking v38: LSM: Use lsmblob in + security_inode_getsecid + - SAUCE: apparmor4.0.0 [24/69]: Stacking v38: LSM: Use lsmblob in + security_cred_getsecid + - SAUCE: apparmor4.0.0 [25/69]: Stacking v38: LSM: Specify which LSM to + display + - SAUCE: apparmor4.0.0 [27/69]: Stacking v38: LSM: Ensure the correct LSM + context releaser + - SAUCE: apparmor4.0.0 [28/69]: Stacking v38: LSM: Use lsmcontext in + security_secid_to_secctx + - SAUCE: apparmor4.0.0 [29/69]: Stacking v38: LSM: Use lsmcontext in + security_inode_getsecctx + - SAUCE: apparmor4.0.0 [30/69]: Stacking v38: Use lsmcontext in + security_dentry_init_security + - SAUCE: apparmor4.0.0 [31/69]: Stacking v38: LSM: security_secid_to_secctx in + netlink netfilter + - SAUCE: apparmor4.0.0 [32/69]: Stacking v38: NET: Store LSM netlabel data in + a lsmblob + - SAUCE: apparmor4.0.0 [33/69]: Stacking v38: binder: Pass LSM identifier for + confirmation + - SAUCE: apparmor4.0.0 [34/69]: Stacking v38: LSM: security_secid_to_secctx + module selection + - SAUCE: apparmor4.0.0 [35/69]: Stacking v38: Audit: Keep multiple LSM data in + audit_names + - SAUCE: apparmor4.0.0 [36/69]: Stacking v38: Audit: Create audit_stamp + structure + - SAUCE: apparmor4.0.0 [37/69]: Stacking v38: LSM: Add a function to report + multiple LSMs + - SAUCE: apparmor4.0.0 [38/69]: Stacking v38: Audit: Allow multiple records in + an audit_buffer + - SAUCE: apparmor4.0.0 [39/69]: Stacking v38: Audit: Add record for multiple + task security contexts + - SAUCE: apparmor4.0.0 [40/69]: Stacking v38: audit: multiple subject lsm + values for netlabel + - SAUCE: apparmor4.0.0 [41/69]: Stacking v38: Audit: Add record for multiple + object contexts + - SAUCE: apparmor4.0.0 [42/69]: Stacking v38: netlabel: Use a struct lsmblob + in audit data + - SAUCE: apparmor4.0.0 [43/69]: Stacking v38: LSM: Removed scaffolding + function lsmcontext_init + - SAUCE: apparmor4.0.0 [44/69]: Stacking v38: AppArmor: Remove the exclusive + flag + - SAUCE: apparmor4.0.0 [45/69]: setup slab cache for audit data + - SAUCE: apparmor4.0.0 [46/69]: Improve debug print infrastructure + - SAUCE: apparmor4.0.0 [47/69]: add the ability for profiles to have a + learning cache + - SAUCE: apparmor4.0.0 [48/69]: enable userspace upcall for mediation + - SAUCE: apparmor4.0.0 [49/69]: prompt - lock down prompt interface + - SAUCE: apparmor4.0.0 [50/69]: prompt - allow controlling of caching of a + prompt response + - SAUCE: apparmor4.0.0 [51/69]: prompt - add refcount to audit_node in prep or + reuse and delete + - SAUCE: apparmor4.0.0 [52/69]: prompt - refactor to moving caching to + uresponse + - SAUCE: apparmor4.0.0 [53/69]: prompt - Improve debug statements + - SAUCE: apparmor4.0.0 [54/69]: prompt - fix caching + - SAUCE: apparmor4.0.0 [55/69]: prompt - rework build to use append fn, to + simplify adding strings + - SAUCE: apparmor4.0.0 [56/69]: prompt - refcount notifications + - SAUCE: apparmor4.0.0 [57/69]: prompt - add the ability to reply with a + profile name + - SAUCE: apparmor4.0.0 [58/69]: prompt - fix notification cache when updating + - SAUCE: apparmor4.0.0 [59/69]: prompt - add tailglob on name for cache + support + - SAUCE: apparmor4.0.0 [60/69]: prompt - allow profiles to set prompts as + interruptible + - SAUCE: apparmor4.0.0 [64/69]: advertise disconnected.path is available + - SAUCE: apparmor4.0.0 [65/69]: add io_uring mediation + * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe] + apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in mantic + (LP: #2032602) + - SAUCE: apparmor4.0.0 [61/69]: prompt - add support for advanced filtering of + notifications + - SAUCE: apparmor4.0.0 [62/69]: userns - add the ability to reference a global + variable for a feature value + - SAUCE: apparmor4.0.0 [63/69]: userns - make it so special unconfined + profiles can mediate user namespaces + * udev fails to make prctl() syscall with apparmor=0 (as used by maas by + default) (LP: #2016908) // update apparmor and LSM stacking patch set + (LP: #2028253) + - SAUCE: apparmor4.0.0 [26/69]: Stacking v38: Fix prctl() syscall with + apparmor=0 + * Fix RPL-U CPU C-state always keep at C3 when system run PHM with idle screen + on (LP: #2042385) + - SAUCE: r8169: Add quirks to enable ASPM on Dell platforms + * [Debian] autoreconstruct - Do not generate chmod -x for deleted files + (LP: #2045562) + - [Debian] autoreconstruct - Do not generate chmod -x for deleted files + * Disable Legacy TIOCSTI (LP: #2046192) + - [Config]: disable CONFIG_LEGACY_TIOCSTI + * Packaging resync (LP: #1786013) + - [Packaging] update variants + - [Packaging] remove helper scripts + - [Packaging] update annotations scripts + * Miscellaneous Ubuntu changes + - [Packaging] rules: Remove unused dkms make variables + - [Config] update annotations after rebase to v6.7-rc8 + [ Upstream Kernel Changes ] + * Rebase to v6.7-rc8 + + [ Ubuntu: 6.7.0-3.3 ] + + * noble/linux-unstable: 6.7.0-3.3 -proposed tracker (LP: #2046060) + * enable CONFIG_INTEL_TDX_HOST in linux >= 6.7 for noble (LP: #2046040) + - [Config] enable CONFIG_INTEL_TDX_HOST + * linux tools packages for derived kernels refuse to install simultaneously + due to libcpupower name collision (LP: #2035971) + - [Packaging] Statically link libcpupower into cpupower tool + * make lazy RCU a boot time option (LP: #2045492) + - SAUCE: rcu: Provide a boot time parameter to control lazy RCU + * Build failure if run in a console (LP: #2044512) + - [Packaging] Fix kernel module compression failures + * Turning COMPAT_32BIT_TIME off on arm64 (64k & derivatives) (LP: #2038582) + - [Config] y2038: Turn off COMPAT and COMPAT_32BIT_TIME on arm64 64k + * Turning COMPAT_32BIT_TIME off on riscv64 (LP: #2038584) + - [Config] y2038: Disable COMPAT_32BIT_TIME on riscv64 + * Turning COMPAT_32BIT_TIME off on ppc64el (LP: #2038587) + - [Config] y2038: Disable COMPAT and COMPAT_32BIT_TIME on ppc64le + * [UBUNTU 23.04] Kernel config option missing for s390x PCI passthrough + (LP: #2042853) + - [Config] CONFIG_VFIO_PCI_ZDEV_KVM=y + * back-out zstd module compression automatic for backports (LP: #2045593) + - [Packaging] make ZSTD module compression conditional + * Miscellaneous Ubuntu changes + - [Packaging] Remove do_full_source variable + - [Packaging] Remove obsolete config handling + - [Packaging] Remove support for sub-flavors + - [Packaging] Remove old linux-libc-dev version hack + - [Packaging] Remove obsolete scripts + - [Packaging] Remove README.inclusion-list + - [Packaging] make $(stampdir)/stamp-build-perarch depend on build-arch + - [Packaging] Enable rootless builds + - [Packaging] Allow to run debian/rules without (fake)root + - [Packaging] remove unneeded trailing slash for INSTALL_MOD_PATH + - [Packaging] override KERNELRELEASE instead of KERNELVERSION + - [Config] update toolchain versions in annotations + - [Packaging] drop useless linux-doc + - [Packaging] scripts: Rewrite insert-ubuntu-changes in Python + - [Packaging] enable riscv64 builds + - [Packaging] remove the last sub-flavours bit + - [Packaging] check debian.env to determine do_libc_dev_package + - [Packaging] remove debian.*/variants + - [Packaging] remove do_libc_dev_package variable + - [Packaging] move linux-libc-dev.stub to debian/control.d/ + - [Packaging] Update check to build linux-libc-dev to the source package name + - [Packaging] rules: Remove startnewrelease target + - [Packaging] Remove debian/commit-templates + - [Config] update annotations after rebase to v6.7-rc4 + [ Upstream Kernel Changes ] + * Rebase to v6.7-rc4 + + [ Ubuntu: 6.7.0-2.2 ] + + * noble/linux-unstable: 6.7.0-2.2 -proposed tracker (LP: #2045107) + * Miscellaneous Ubuntu changes + - [Packaging] re-enable Rust + - [Config] enable Rust in annotations + - [Packaging] Remove do_enforce_all variable + - [Config] disable Softlogic 6x10 capture card driver on armhf + - [Packaging] disable Rust support + - [Config] update annotations after rebase to v6.7-rc3 + [ Upstream Kernel Changes ] + * Rebase to v6.7-rc3 + + [ Ubuntu: 6.7.0-1.1 ] + + * noble/linux-unstable: 6.7.0-1.1 -proposed tracker (LP: #2044069) + * Packaging resync (LP: #1786013) + - [Packaging] update annotations scripts + - [Packaging] update helper scripts + * Miscellaneous Ubuntu changes + - [Config] update annotations after rebase to v6.7-rc2 + [ Upstream Kernel Changes ] + * Rebase to v6.7-rc2 + + [ Ubuntu: 6.7.0-0.0 ] + + * Empty entry + + [ Ubuntu: 6.6.0-12.12 ] + + * noble/linux-unstable: 6.6.0-12.12 -proposed tracker (LP: #2043664) + * Miscellaneous Ubuntu changes + - [Packaging] temporarily disable zfs dkms + + [ Ubuntu: 6.6.0-11.11 ] + + * noble/linux-unstable: 6.6.0-11.11 -proposed tracker (LP: #2043480) + * Packaging resync (LP: #1786013) + - [Packaging] resync git-ubuntu-log + - [Packaging] resync update-dkms-versions helper + - [Packaging] update variants + - debian/dkms-versions -- update from kernel-versions (main/d2023.11.14) + * Miscellaneous Ubuntu changes + - [Packaging] move to Noble + - [Config] toolchain version update + + [ Ubuntu: 6.6.0-10.10 ] + + * mantic/linux-unstable: 6.6.0-10.10 -proposed tracker (LP: #2043088) + * Bump arm64's CONFIG_NR_CPUS to 512 (LP: #2042897) + - [Config] Bump CONFIG_NR_CPUS to 512 for arm64 + * Miscellaneous Ubuntu changes + - [Config] Include a note for the NR_CPUS setting on riscv64 + - SAUCE: apparmor4.0.0 [83/83]: Fix inode_init for changed prototype + + [ Ubuntu: 6.6.0-9.9 ] + + * mantic/linux-unstable: 6.6.0-9.9 -proposed tracker (LP: #2041852) + * Switch IMA default hash to sha256 (LP: #2041735) + - [Config] Switch IMA_DEFAULT_HASH from sha1 to sha256 + * apparmor restricts read access of user namespace mediation sysctls to root + (LP: #2040194) + - SAUCE: apparmor4.0.0 [82/82]: apparmor: open userns related sysctl so lxc + can check if restriction are in place + * AppArmor spams kernel log with assert when auditing (LP: #2040192) + - SAUCE: apparmor4.0.0 [81/82]: apparmor: fix request field from a prompt + reply that denies all access + * apparmor notification files verification (LP: #2040250) + - SAUCE: apparmor4.0.0 [80/82]: apparmor: fix notification header size + * apparmor oops when racing to retrieve a notification (LP: #2040245) + - SAUCE: apparmor4.0.0 [79/82]: apparmor: fix oops when racing to retrieve + notification + * Disable restricting unprivileged change_profile by default, due to LXD + latest/stable not yet compatible with this new apparmor feature + (LP: #2038567) + - SAUCE: apparmor4.0.0 [78/82]: apparmor: Make + apparmor_restrict_unprivileged_unconfined opt-in + * update apparmor and LSM stacking patch set (LP: #2028253) + - SAUCE: apparmor4.0.0 [01/82]: add/use fns to print hash string hex value + - SAUCE: apparmor4.0.0 [02/82]: rename SK_CTX() to aa_sock and make it an + inline fn + - SAUCE: apparmor4.0.0 [03/82]: patch to provide compatibility with v2.x net + rules + - SAUCE: apparmor4.0.0 [04/82]: add user namespace creation mediation + - SAUCE: apparmor4.0.0 [05/82]: Add sysctls for additional controls of unpriv + userns restrictions + - SAUCE: apparmor4.0.0 [06/82]: af_unix mediation + - SAUCE: apparmor4.0.0 [07/82]: Add fine grained mediation of posix mqueues + - SAUCE: apparmor4.0.0 [08/82]: Stacking v38: LSM: Identify modules by more + than name + - SAUCE: apparmor4.0.0 [09/82]: Stacking v38: LSM: Add an LSM identifier for + external use + - SAUCE: apparmor4.0.0 [10/82]: Stacking v38: LSM: Identify the process + attributes for each module + - SAUCE: apparmor4.0.0 [11/82]: Stacking v38: LSM: Maintain a table of LSM + attribute data + - SAUCE: apparmor4.0.0 [12/82]: Stacking v38: proc: Use lsmids instead of lsm + names for attrs + - SAUCE: apparmor4.0.0 [13/82]: Stacking v38: integrity: disassociate + ima_filter_rule from security_audit_rule + - SAUCE: apparmor4.0.0 [14/82]: Stacking v38: LSM: Infrastructure management + of the sock security + - SAUCE: apparmor4.0.0 [15/82]: Stacking v38: LSM: Add the lsmblob data + structure. + - SAUCE: apparmor4.0.0 [16/82]: Stacking v38: LSM: provide lsm name and id + slot mappings + - SAUCE: apparmor4.0.0 [17/82]: Stacking v38: IMA: avoid label collisions with + stacked LSMs + - SAUCE: apparmor4.0.0 [18/82]: Stacking v38: LSM: Use lsmblob in + security_audit_rule_match + - SAUCE: apparmor4.0.0 [19/82]: Stacking v38: LSM: Use lsmblob in + security_kernel_act_as + - SAUCE: apparmor4.0.0 [20/82]: Stacking v38: LSM: Use lsmblob in + security_secctx_to_secid + - SAUCE: apparmor4.0.0 [21/82]: Stacking v38: LSM: Use lsmblob in + security_secid_to_secctx + - SAUCE: apparmor4.0.0 [22/82]: Stacking v38: LSM: Use lsmblob in + security_ipc_getsecid + - SAUCE: apparmor4.0.0 [23/82]: Stacking v38: LSM: Use lsmblob in + security_current_getsecid + - SAUCE: apparmor4.0.0 [24/82]: Stacking v38: LSM: Use lsmblob in + security_inode_getsecid + - SAUCE: apparmor4.0.0 [25/82]: Stacking v38: LSM: Use lsmblob in + security_cred_getsecid + - SAUCE: apparmor4.0.0 [26/82]: Stacking v38: LSM: Specify which LSM to + display + - SAUCE: apparmor4.0.0 [28/82]: Stacking v38: LSM: Ensure the correct LSM + context releaser + - SAUCE: apparmor4.0.0 [29/82]: Stacking v38: LSM: Use lsmcontext in + security_secid_to_secctx + - SAUCE: apparmor4.0.0 [30/82]: Stacking v38: LSM: Use lsmcontext in + security_inode_getsecctx + - SAUCE: apparmor4.0.0 [31/82]: Stacking v38: Use lsmcontext in + security_dentry_init_security + - SAUCE: apparmor4.0.0 [32/82]: Stacking v38: LSM: security_secid_to_secctx in + netlink netfilter + - SAUCE: apparmor4.0.0 [33/82]: Stacking v38: NET: Store LSM netlabel data in + a lsmblob + - SAUCE: apparmor4.0.0 [34/82]: Stacking v38: binder: Pass LSM identifier for + confirmation + - SAUCE: apparmor4.0.0 [35/82]: Stacking v38: LSM: security_secid_to_secctx + module selection + - SAUCE: apparmor4.0.0 [36/82]: Stacking v38: Audit: Keep multiple LSM data in + audit_names + - SAUCE: apparmor4.0.0 [37/82]: Stacking v38: Audit: Create audit_stamp + structure + - SAUCE: apparmor4.0.0 [38/82]: Stacking v38: LSM: Add a function to report + multiple LSMs + - SAUCE: apparmor4.0.0 [39/82]: Stacking v38: Audit: Allow multiple records in + an audit_buffer + - SAUCE: apparmor4.0.0 [40/82]: Stacking v38: Audit: Add record for multiple + task security contexts + - SAUCE: apparmor4.0.0 [41/82]: Stacking v38: audit: multiple subject lsm + values for netlabel + - SAUCE: apparmor4.0.0 [42/82]: Stacking v38: Audit: Add record for multiple + object contexts + - SAUCE: apparmor4.0.0 [43/82]: Stacking v38: netlabel: Use a struct lsmblob + in audit data + - SAUCE: apparmor4.0.0 [44/82]: Stacking v38: LSM: Removed scaffolding + function lsmcontext_init + - SAUCE: apparmor4.0.0 [45/82]: Stacking v38: AppArmor: Remove the exclusive + flag + - SAUCE: apparmor4.0.0 [46/82]: combine common_audit_data and + apparmor_audit_data + - SAUCE: apparmor4.0.0 [47/82]: setup slab cache for audit data + - SAUCE: apparmor4.0.0 [48/82]: rename audit_data->label to + audit_data->subj_label + - SAUCE: apparmor4.0.0 [49/82]: pass cred through to audit info. + - SAUCE: apparmor4.0.0 [50/82]: Improve debug print infrastructure + - SAUCE: apparmor4.0.0 [51/82]: add the ability for profiles to have a + learning cache + - SAUCE: apparmor4.0.0 [52/82]: enable userspace upcall for mediation + - SAUCE: apparmor4.0.0 [53/82]: cache buffers on percpu list if there is lock + contention + - SAUCE: apparmor4.0.0 [54/82]: advertise availability of exended perms + - SAUCE: apparmor4.0.0 [56/82]: cleanup: provide separate audit messages for + file and policy checks + - SAUCE: apparmor4.0.0 [57/82]: prompt - lock down prompt interface + - SAUCE: apparmor4.0.0 [58/82]: prompt - ref count pdb + - SAUCE: apparmor4.0.0 [59/82]: prompt - allow controlling of caching of a + prompt response + - SAUCE: apparmor4.0.0 [60/82]: prompt - add refcount to audit_node in prep or + reuse and delete + - SAUCE: apparmor4.0.0 [61/82]: prompt - refactor to moving caching to + uresponse + - SAUCE: apparmor4.0.0 [62/82]: prompt - Improve debug statements + - SAUCE: apparmor4.0.0 [63/82]: prompt - fix caching + - SAUCE: apparmor4.0.0 [64/82]: prompt - rework build to use append fn, to + simplify adding strings + - SAUCE: apparmor4.0.0 [65/82]: prompt - refcount notifications + - SAUCE: apparmor4.0.0 [66/82]: prompt - add the ability to reply with a + profile name + - SAUCE: apparmor4.0.0 [67/82]: prompt - fix notification cache when updating + - SAUCE: apparmor4.0.0 [68/82]: prompt - add tailglob on name for cache + support + - SAUCE: apparmor4.0.0 [69/82]: prompt - allow profiles to set prompts as + interruptible + - SAUCE: apparmor4.0.0 [74/82]: advertise disconnected.path is available + - SAUCE: apparmor4.0.0 [75/82]: fix invalid reference on profile->disconnected + - SAUCE: apparmor4.0.0 [76/82]: add io_uring mediation + - SAUCE: apparmor4.0.0 [77/82]: apparmor: Fix regression in mount mediation + * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe] + apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in mantic + (LP: #2032602) + - SAUCE: apparmor4.0.0 [70/82]: prompt - add support for advanced filtering of + notifications + - SAUCE: apparmor4.0.0 [71/82]: userns - add the ability to reference a global + variable for a feature value + - SAUCE: apparmor4.0.0 [72/82]: userns - make it so special unconfined + profiles can mediate user namespaces + - SAUCE: apparmor4.0.0 [73/82]: userns - allow restricting unprivileged + change_profile + * LSM stacking and AppArmor for 6.2: additional fixes (LP: #2017903) // update + apparmor and LSM stacking patch set (LP: #2028253) + - SAUCE: apparmor4.0.0 [55/82]: fix profile verification and enable it + * udev fails to make prctl() syscall with apparmor=0 (as used by maas by + default) (LP: #2016908) // update apparmor and LSM stacking patch set + (LP: #2028253) + - SAUCE: apparmor4.0.0 [27/82]: Stacking v38: Fix prctl() syscall with + apparmor=0 + * Miscellaneous Ubuntu changes + - [Config] SECURITY_APPARMOR_RESTRICT_USERNS=y + + [ Ubuntu: 6.6.0-8.8 ] + + * mantic/linux-unstable: 6.6.0-8.8 -proposed tracker (LP: #2040243) + * Miscellaneous Ubuntu changes + - abi: gc reference to phy-rtk-usb2/phy-rtk-usb3 + + [ Ubuntu: 6.6.0-7.7 ] + + * mantic/linux-unstable: 6.6.0-7.7 -proposed tracker (LP: #2040147) + * test_021_aslr_dapper_libs from ubuntu_qrt_kernel_security failed on K-5.19 / + J-OEM-6.1 / J-6.2 AMD64 (LP: #1983357) + - [Config]: set ARCH_MMAP_RND_{COMPAT_, }BITS to the maximum + * Miscellaneous Ubuntu changes + - [Config] updateconfigs following v6.6-rc7 rebase + + [ Ubuntu: 6.6.0-6.6 ] + + * mantic/linux-unstable: 6.6.0-6.6 -proposed tracker (LP: #2039780) + * Miscellaneous Ubuntu changes + - rebase on v6.6-rc6 + - [Config] updateconfigs following v6.6-rc6 rebase + [ Upstream Kernel Changes ] + * Rebase to v6.6-rc6 + + [ Ubuntu: 6.6.0-5.5 ] + + * mantic/linux-unstable: 6.6.0-5.5 -proposed tracker (LP: #2038899) + * Miscellaneous Ubuntu changes + - rebase on v6.6-rc5 + - [Config] updateconfigs following v6.6-rc5 rebase + [ Upstream Kernel Changes ] + * Rebase to v6.6-rc5 + + [ Ubuntu: 6.6.0-4.4 ] + + * mantic/linux-unstable: 6.6.0-4.4 -proposed tracker (LP: #2038423) + * Miscellaneous Ubuntu changes + - rebase on v6.6-rc4 + [ Upstream Kernel Changes ] + * Rebase to v6.6-rc4 + + [ Ubuntu: 6.6.0-3.3 ] + + * mantic/linux-unstable: 6.6.0-3.3 -proposed tracker (LP: #2037622) + * Miscellaneous Ubuntu changes + - [Config] updateconfigs following v6.6-rc3 rebase + * Miscellaneous upstream changes + - Revert "UBUNTU: SAUCE: enforce rust availability only on x86_64" + - arm64: rust: Enable Rust support for AArch64 + - arm64: rust: Enable PAC support for Rust. + - arm64: Restrict Rust support to little endian only. + + [ Ubuntu: 6.6.0-2.2 ] + + * Miscellaneous upstream changes + - UBUBNTU: [Config] build all COMEDI drivers as modules + + [ Ubuntu: 6.6.0-1.1 ] + + * Miscellaneous Ubuntu changes + - [Packaging] move linux to linux-unstable + - [Packaging] rebase on v6.6-rc1 + - [Config] updateconfigs following v6.6-rc1 rebase + - [packaging] skip ABI, modules and retpoline checks + - update dropped.txt + - [Config] SHIFT_FS FTBFS with Linux 6.6, disable it + - [Config] DELL_UART_BACKLIGHT FTBFS with Linux 6.6, disable it + - [Packaging] debian/dkms-versions: temporarily disable dkms + - [Packaging] temporarily disable signing for s390x + [ Upstream Kernel Changes ] + * Rebase to v6.6-rc1 + + [ Ubuntu: 6.6.0-0.0 ] + + * Empty entry + + -- Paolo Pisati Fri, 09 Feb 2024 18:08:28 +0100 + +linux-ibm (6.8.0-1000.0) noble; urgency=medium + + * Empty entry. + + -- Paolo Pisati Fri, 09 Feb 2024 18:03:08 +0100 + + +linux-ibm (6.6.0-1001.1) noble; urgency=medium + + * noble/linux-ibm: 6.6.0-1001.1 -proposed tracker (LP: #2048900) + + * Packaging resync (LP: #1786013) + - [Packaging] remove helper scripts + - [Packaging] update update.conf + - debian/dkms-versions -- update from kernel-versions (main/d2023.10.05) + + * Miscellaneous Ubuntu changes + - [packaging] move to Noble and Linux v6.6 + - [Config] updateconfigs following 6.6.0-14.14 rebase + + -- Paolo Pisati Wed, 10 Jan 2024 16:13:19 +0100 + +linux-ibm (6.6.0-1000.0) noble; urgency=medium + + * Empty entry. + + -- Paolo Pisati Wed, 10 Jan 2024 15:13:35 +0100 + +linux-ibm (6.5.0-1009.9) mantic; urgency=medium + + * mantic/linux-ibm: 6.5.0-1009.9 -proposed tracker (LP: #2038693) + + [ Ubuntu: 6.5.0-9.9 ] + + * mantic/linux: 6.5.0-9.9 -proposed tracker (LP: #2038687) + * update apparmor and LSM stacking patch set (LP: #2028253) + - re-apply apparmor 4.0.0 + * Disable restricting unprivileged change_profile by default, due to LXD + latest/stable not yet compatible with this new apparmor feature + (LP: #2038567) + - SAUCE: apparmor: Make apparmor_restrict_unprivileged_unconfined opt-in + + [ Ubuntu: 6.5.0-8.8 ] + + * mantic/linux: 6.5.0-8.8 -proposed tracker (LP: #2038577) + * update apparmor and LSM stacking patch set (LP: #2028253) + - SAUCE: apparmor3.2.0 [02/60]: rename SK_CTX() to aa_sock and make it an + inline fn + - SAUCE: apparmor3.2.0 [05/60]: Add sysctls for additional controls of unpriv + userns restrictions + - SAUCE: apparmor3.2.0 [08/60]: Stacking v38: LSM: Identify modules by more + than name + - SAUCE: apparmor3.2.0 [09/60]: Stacking v38: LSM: Add an LSM identifier for + external use + - SAUCE: apparmor3.2.0 [10/60]: Stacking v38: LSM: Identify the process + attributes for each module + - SAUCE: apparmor3.2.0 [11/60]: Stacking v38: LSM: Maintain a table of LSM + attribute data + - SAUCE: apparmor3.2.0 [12/60]: Stacking v38: proc: Use lsmids instead of lsm + names for attrs + - SAUCE: apparmor3.2.0 [13/60]: Stacking v38: integrity: disassociate + ima_filter_rule from security_audit_rule + - SAUCE: apparmor3.2.0 [14/60]: Stacking v38: LSM: Infrastructure management + of the sock security + - SAUCE: apparmor3.2.0 [15/60]: Stacking v38: LSM: Add the lsmblob data + structure. + - SAUCE: apparmor3.2.0 [16/60]: Stacking v38: LSM: provide lsm name and id + slot mappings + - SAUCE: apparmor3.2.0 [17/60]: Stacking v38: IMA: avoid label collisions with + stacked LSMs + - SAUCE: apparmor3.2.0 [18/60]: Stacking v38: LSM: Use lsmblob in + security_audit_rule_match + - SAUCE: apparmor3.2.0 [19/60]: Stacking v38: LSM: Use lsmblob in + security_kernel_act_as + - SAUCE: apparmor3.2.0 [20/60]: Stacking v38: LSM: Use lsmblob in + security_secctx_to_secid + - SAUCE: apparmor3.2.0 [21/60]: Stacking v38: LSM: Use lsmblob in + security_secid_to_secctx + - SAUCE: apparmor3.2.0 [22/60]: Stacking v38: LSM: Use lsmblob in + security_ipc_getsecid + - SAUCE: apparmor3.2.0 [23/60]: Stacking v38: LSM: Use lsmblob in + security_current_getsecid + - SAUCE: apparmor3.2.0 [24/60]: Stacking v38: LSM: Use lsmblob in + security_inode_getsecid + - SAUCE: apparmor3.2.0 [25/60]: Stacking v38: LSM: Use lsmblob in + security_cred_getsecid + - SAUCE: apparmor3.2.0 [26/60]: Stacking v38: LSM: Specify which LSM to + display + - SAUCE: apparmor3.2.0 [28/60]: Stacking v38: LSM: Ensure the correct LSM + context releaser + - SAUCE: apparmor3.2.0 [29/60]: Stacking v38: LSM: Use lsmcontext in + security_secid_to_secctx + - SAUCE: apparmor3.2.0 [30/60]: Stacking v38: LSM: Use lsmcontext in + security_inode_getsecctx + - SAUCE: apparmor3.2.0 [31/60]: Stacking v38: Use lsmcontext in + security_dentry_init_security + - SAUCE: apparmor3.2.0 [32/60]: Stacking v38: LSM: security_secid_to_secctx in + netlink netfilter + - SAUCE: apparmor3.2.0 [33/60]: Stacking v38: NET: Store LSM netlabel data in + a lsmblob + - SAUCE: apparmor3.2.0 [34/60]: Stacking v38: binder: Pass LSM identifier for + confirmation + - SAUCE: apparmor3.2.0 [35/60]: Stacking v38: LSM: security_secid_to_secctx + module selection + - SAUCE: apparmor3.2.0 [36/60]: Stacking v38: Audit: Keep multiple LSM data in + audit_names + - SAUCE: apparmor3.2.0 [37/60]: Stacking v38: Audit: Create audit_stamp + structure + - SAUCE: apparmor3.2.0 [38/60]: Stacking v38: LSM: Add a function to report + multiple LSMs + - SAUCE: apparmor3.2.0 [39/60]: Stacking v38: Audit: Allow multiple records in + an audit_buffer + - SAUCE: apparmor3.2.0 [40/60]: Stacking v38: Audit: Add record for multiple + task security contexts + - SAUCE: apparmor3.2.0 [41/60]: Stacking v38: audit: multiple subject lsm + values for netlabel + - SAUCE: apparmor3.2.0 [42/60]: Stacking v38: Audit: Add record for multiple + object contexts + - SAUCE: apparmor3.2.0 [43/60]: Stacking v38: netlabel: Use a struct lsmblob + in audit data + - SAUCE: apparmor3.2.0 [44/60]: Stacking v38: LSM: Removed scaffolding + function lsmcontext_init + - SAUCE: apparmor3.2.0 [45/60]: Stacking v38: AppArmor: Remove the exclusive + flag + - SAUCE: apparmor3.2.0 [46/60]: combine common_audit_data and + apparmor_audit_data + - SAUCE: apparmor3.2.0 [47/60]: setup slab cache for audit data + - SAUCE: apparmor3.2.0 [48/60]: rename audit_data->label to + audit_data->subj_label + - SAUCE: apparmor3.2.0 [49/60]: pass cred through to audit info. + - SAUCE: apparmor3.2.0 [50/60]: Improve debug print infrastructure + - SAUCE: apparmor3.2.0 [51/60]: add the ability for profiles to have a + learning cache + - SAUCE: apparmor3.2.0 [52/60]: enable userspace upcall for mediation + - SAUCE: apparmor3.2.0 [53/60]: cache buffers on percpu list if there is lock + contention + - SAUCE: apparmor3.2.0 [55/60]: advertise availability of exended perms + - SAUCE: apparmor3.2.0 [60/60]: [Config] enable + CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS + * LSM stacking and AppArmor for 6.2: additional fixes (LP: #2017903) // update + apparmor and LSM stacking patch set (LP: #2028253) + - SAUCE: apparmor3.2.0 [57/60]: fix profile verification and enable it + * udev fails to make prctl() syscall with apparmor=0 (as used by maas by + default) (LP: #2016908) // update apparmor and LSM stacking patch set + (LP: #2028253) + - SAUCE: apparmor3.2.0 [27/60]: Stacking v38: Fix prctl() syscall with + apparmor=0 + * kinetic: apply new apparmor and LSM stacking patch set (LP: #1989983) // + update apparmor and LSM stacking patch set (LP: #2028253) + - SAUCE: apparmor3.2.0 [01/60]: add/use fns to print hash string hex value + - SAUCE: apparmor3.2.0 [03/60]: patch to provide compatibility with v2.x net + rules + - SAUCE: apparmor3.2.0 [04/60]: add user namespace creation mediation + - SAUCE: apparmor3.2.0 [06/60]: af_unix mediation + - SAUCE: apparmor3.2.0 [07/60]: Add fine grained mediation of posix mqueues + + -- Paolo Pisati Fri, 06 Oct 2023 22:05:09 +0200 + +linux-ibm (6.5.0-1008.8) mantic; urgency=medium + + * mantic/linux-ibm: 6.5.0-1008.8 -proposed tracker (LP: #2037877) + + [ Ubuntu: 6.5.0-7.7 ] + + * mantic/linux: 6.5.0-7.7 -proposed tracker (LP: #2037611) + * kexec enable to load/kdump zstd compressed zimg (LP: #2037398) + - [Packaging] Revert arm64 image format to Image.gz + * Mantic minimized/minimal cloud images do not receive IP address during + provisioning (LP: #2036968) + - [Config] Enable virtio-net as built-in to avoid race + * Miscellaneous Ubuntu changes + - SAUCE: Add mdev_set_iommu_device() kABI + - [Config] update gcc version in annotations + + -- Paolo Pisati Mon, 02 Oct 2023 10:23:08 +0200 + +linux-ibm (6.5.0-1007.7) mantic; urgency=medium + + * mantic/linux-ibm: 6.5.0-1007.7 -proposed tracker (LP: #2037629) + + -- Paolo Pisati Fri, 29 Sep 2023 15:19:20 +0200 + +linux-ibm (6.5.0-1006.6) mantic; urgency=medium + + * mantic/linux-ibm: 6.5.0-1006.6 -proposed tracker (LP: #2035601) + + * Miscellaneous Ubuntu changes + - [Config] updateconfigs after Ubuntu-6.5.0-6.6 rebase + - [packaging] update rust, clang and bindgen build-deps + + -- Paolo Pisati Mon, 25 Sep 2023 13:39:35 +0200 + +linux-ibm (6.5.0-1005.5) mantic; urgency=medium + + * mantic/linux-ibm: 6.5.0-1005.5 -proposed tracker (LP: #2034550) + + * Packaging resync (LP: #1786013) + - debian/dkms-versions -- update from kernel-versions (main/d2023.08.23) + + -- Paolo Pisati Wed, 06 Sep 2023 16:25:29 +0200 + +linux-ibm (6.5.0-1004.4) mantic; urgency=medium + + * mantic/linux-ibm: 6.5.0-1004.4 -proposed tracker (LP: #2034046) + + * Packaging resync (LP: #1786013) + - debian/dkms-versions -- update from kernel-versions (main/d2023.08.23) + + -- Paolo Pisati Mon, 04 Sep 2023 17:25:35 +0200 + +linux-ibm (6.5.0-1003.3) mantic; urgency=medium + + * mantic/linux-ibm: 6.5.0-1003.3 -proposed tracker (LP: #2033241) + + * Packaging resync (LP: #1786013) + - debian/dkms-versions -- update from kernel-versions (main/d2023.08.23) + + * Miscellaneous Ubuntu changes + - [Packaging] derive it from mantic:linux + - [Config] updateconfigs after rebase on Ubuntu-6.5.0-2.2 + + -- Paolo Pisati Wed, 30 Aug 2023 09:04:47 +0200 + +linux-ibm (6.5.0-1002.2) mantic; urgency=medium + + * mantic/linux-ibm: 6.5.0-1002.2 -proposed tracker (LP: #2029341) + + * Miscellaneous Ubuntu changes + - [Packaging] add libstdc++-dev, python3-dev and zstd to build-depends + + -- Paolo Pisati Wed, 02 Aug 2023 10:02:40 +0200 + +linux-ibm (6.5.0-1001.1) mantic; urgency=medium + + * mantic/linux-ibm: 6.5.0-1001.1 -proposed tracker (LP: #2029224) + + * Packaging resync (LP: #1786013) + - [Packaging] resync update-dkms-versions helper + + * Miscellaneous Ubuntu changes + - [Packaging] move to Mantic 6.5 + - [Config] updateconfigs after rebase on Ubuntu-unstable-6.5.0-4.4 + + -- Paolo Pisati Tue, 01 Aug 2023 18:23:51 +0200 + +linux-ibm (6.5.0-1000.0) mantic; urgency=medium + + * lunar/linux-ibm: 6.2.0-1002.2 -proposed tracker (LP: #2016274) + + * Packaging resync (LP: #1786013) + - debian/dkms-versions -- update from kernel-versions (main/master) + + * Kernel 6.1 bumped the disk consumption on default images by 15% + (LP: #2015867) + - [Config] disable Rust support + + * Miscellaneous Ubuntu changes + - rebase on Ubuntu-6.2.0-21.21 + + * Rebase on Ubuntu-6.2.0-21.21 + + -- Paolo Pisati Fri, 14 Apr 2023 16:16:11 +0200 + +linux-ibm (6.2.0-1001.1) lunar; urgency=medium + + * lunar/linux-ibm: 6.2.0-1001.1 -proposed tracker (LP: #2013193) + + * enable Rust support in the kernel (LP: #2007654) + - [Packaging] add rust dependencies + + * remove circular dep between linux-image and modules (LP: #1989334) + - [Packaging] remove circular dep between modules and image + + * Packaging resync (LP: #1786013) + - [Packaging] update update.conf + + * Some derivative kernel tools packages don't depend on linux-tools-common + (LP: #1914774) + - [Packaging] ibm: linux-tools-common and linux-cloud-tools-common are one per + series + + * Miscellaneous Ubuntu changes + - [Packaging] add python3 as a build dependency + - [packaging] manually remove ipu6 and ivsc DKMS entries + - [Config] updateconfigs following 6.2 rebase + + -- Paolo Pisati Wed, 29 Mar 2023 12:35:51 +0200 + +linux-ibm (6.1.0-1001.1) lunar; urgency=medium + + * lunar/linux-ibm: 6.1.0-1001.1 -proposed tracker (LP: #1998495) + + * Miscellaneous Ubuntu changes + - [packaging] switch to Lunar and Linux 6.1 + - [Config] updateconfigs following unstable rebase + - [Config] migrateconfigs to annotations + + -- Paolo Pisati Fri, 02 Dec 2022 11:05:58 +0100 + +linux-ibm (5.19.0-1008.8) lunar; urgency=medium + + * kinetic/linux-ibm: 5.19.0-1008.8 -proposed tracker (LP: #1992747) + + * Packaging resync (LP: #1786013) + - debian/dkms-versions -- update from kernel-versions (main/master) + + * Miscellaneous Ubuntu changes + - [Config] updateconfigs following Ubuntu-5.19.0-21.21 rebase + + -- Paolo Pisati Thu, 13 Oct 2022 12:52:57 +0200 + +linux-ibm (5.19.0-1007.7) kinetic; urgency=medium + + * kinetic/linux-ibm: 5.19.0-1007.7 -proposed tracker (LP: #1991268) + + * Packaging resync (LP: #1786013) + - debian/dkms-versions -- update from kernel-versions (main/master) + + * Miscellaneous Ubuntu changes + - [Config] updateconfigs following Ubuntu-5.19.0-19.19 rebase + + -- Paolo Pisati Mon, 03 Oct 2022 11:20:51 +0200 + +linux-ibm (5.19.0-1006.6) kinetic; urgency=medium + + * kinetic/linux-ibm: 5.19.0-1006.6 -proposed tracker (LP: #1990508) + + * Packaging resync (LP: #1786013) + - debian/dkms-versions -- update from kernel-versions (main/master) + + * Miscellaneous Ubuntu changes + - [Config] updateconfigs following Ubuntu-5.19.0-18.18 rebase + + -- Paolo Pisati Thu, 22 Sep 2022 20:31:19 +0200 + +linux-ibm (5.19.0-1005.5) kinetic; urgency=medium + + * kinetic/linux-ibm: 5.19.0-1005.5 -proposed tracker (LP: #1988725) + + * Packaging resync (LP: #1786013) + - debian/dkms-versions -- update from kernel-versions (main/master) + + * Miscellaneous Ubuntu changes + - [Config] updateconfigs following Ubuntu-5.19.0-16.16 rebase + + -- Paolo Pisati Wed, 07 Sep 2022 10:27:53 +0200 + +linux-ibm (5.19.0-1004.4) kinetic; urgency=medium + + * kinetic/linux-ibm: 5.19.0-1004.4 -proposed tracker (LP: #1983445) + + * Miscellaneous Ubuntu changes + - [Config] updateconfigs following Ubuntu-5.19.0-15.15 rebase + + -- Paolo Pisati Wed, 03 Aug 2022 15:55:21 +0200 + +linux-ibm (5.19.0-1003.3) kinetic; urgency=medium + + * kinetic/linux-ibm: 5.19.0-1003.3 -proposed tracker (LP: #1983080) + + -- Paolo Pisati Fri, 29 Jul 2022 11:49:42 +0200 + +linux-ibm (5.19.0-1002.2) kinetic; urgency=medium + + * kinetic/linux-ibm: 5.19.0-1002.2 -proposed tracker (LP: #1982807) + + * Packaging resync (LP: #1786013) + - debian/dkms-versions -- update from kernel-versions (main/master) + + * Miscellaneous Ubuntu changes + - [Config] updateconfigs following Ubuntu-5.19.0-12.12 rebase + + -- Paolo Pisati Wed, 27 Jul 2022 17:04:56 +0200 + +linux-ibm (5.19.0-1001.1) kinetic; urgency=medium + + * kinetic/linux-ibm: 5.19.0-1001.1 -proposed tracker (LP: #1980072) + + * Packaging resync (LP: #1786013) + - debian/dkms-versions -- update from kernel-versions (main/master) + + * Miscellaneous Ubuntu changes + - [Packaging] switch to kinetic 5.19.0 + - [Config] updateconfigs and annotations following 5.19.0-7.7 rebase + + -- Paolo Pisati Wed, 29 Jun 2022 15:05:12 +0200 + +linux-ibm (5.19.0-1000.0) kinetic; urgency=medium + + * Dummy entry + + -- Paolo Pisati Wed, 29 Jun 2022 14:46:01 +0200 + +linux-ibm (5.18.0-1001.1) kinetic; urgency=medium + + * kinetic/linux-ibm: 5.18.0-1001.1 -proposed tracker (LP: #1975970) + + * Packaging resync (LP: #1786013) + - debian/dkms-versions -- update from kernel-versions (main/master) + + * Miscellaneous Ubuntu changes + - [Packaging] switch to kinetic 5.18.0 + - [Config] updateconfigs and annotations following 5.18.0-6.6 rebase + + -- Paolo Pisati Fri, 10 Jun 2022 15:59:34 +0200 + +linux-ibm (5.18.0-1000.0) kinetic; urgency=medium + + * Dummy entry + + -- Paolo Pisati Fri, 10 Jun 2022 15:31:15 +0200 + +linux-ibm (5.15.0-1003.3) jammy; urgency=medium + + * jammy/linux-ibm: 5.15.0-1003.3 -proposed tracker (LP: #1969494) + + [ Ubuntu: 5.15.0-27.28 ] + + * jammy/linux: 5.15.0-27.28 -proposed tracker (LP: #1968954) + + [ Ubuntu: 5.15.0-26.27 ] + + * jammy/linux: 5.15.0-26.27 -proposed tracker (LP: #1968850) + * CVE-2022-1016 + - netfilter: nf_tables: initialize registers in nft_do_chain() + * CVE-2022-1015 + - netfilter: nf_tables: validate registers coming from userspace. + * CVE-2022-26490 + - nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION + * harden indirect calls against BHI attacks (LP: #1967579) + - objtool: Classify symbols + - objtool: Explicitly avoid self modifying code in .altinstr_replacement + - objtool: Shrink struct instruction + - objtool,x86: Replace alternatives with .retpoline_sites + - x86/retpoline: Remove unused replacement symbols + - x86/asm: Fix register order + - x86/asm: Fixup odd GEN-for-each-reg.h usage + - x86/retpoline: Move the retpoline thunk declarations to nospec-branch.h + - x86/retpoline: Create a retpoline thunk array + - x86/alternative: Implement .retpoline_sites support + - x86/alternative: Handle Jcc __x86_indirect_thunk_\reg + - x86/alternative: Try inline spectre_v2=retpoline,amd + - x86/alternative: Add debug prints to apply_retpolines() + - bpf,x86: Simplify computing label offsets + - bpf,x86: Respect X86_FEATURE_RETPOLINE* + + -- Andrea Righi Wed, 20 Apr 2022 08:01:18 +0200 + +linux-ibm (5.15.0-1002.2) jammy; urgency=medium + + * jammy/linux-ibm: 5.15.0-1002.2 -proposed tracker (LP: #1966484) + + [ Ubuntu: 5.15.0-25.25 ] + + * jammy/linux: 5.15.0-25.25 -proposed tracker (LP: #1967146) + * Miscellaneous Ubuntu changes + - SAUCE: Revert "scsi: core: Reallocate device's budget map on queue depth + change" + + [ Ubuntu: 5.15.0-24.24 ] + + * jammy/linux: 5.15.0-24.24 -proposed tracker (LP: #1966305) + * Update OS policy capability handshake (LP: #1966089) + - thermal: int340x: Update OS policy capability handshake + * Jammy update: v5.15.30 upstream stable release (LP: #1966057) + - Revert "xfrm: state and policy should fail if XFRMA_IF_ID 0" + - arm64: dts: rockchip: fix rk3399-puma-haikou USB OTG mode + - xfrm: Check if_id in xfrm_migrate + - xfrm: Fix xfrm migrate issues when address family changes + - arm64: dts: rockchip: fix rk3399-puma eMMC HS400 signal integrity + - arm64: dts: rockchip: align pl330 node name with dtschema + - arm64: dts: rockchip: reorder rk3399 hdmi clocks + - arm64: dts: agilex: use the compatible "intel,socfpga-agilex-hsotg" + - ARM: dts: rockchip: reorder rk322x hmdi clocks + - ARM: dts: rockchip: fix a typo on rk3288 crypto-controller + - mac80211: refuse aggregations sessions before authorized + - MIPS: smp: fill in sibling and core maps earlier + - ARM: 9178/1: fix unmet dependency on BITREVERSE for HAVE_ARCH_BITREVERSE + - Bluetooth: hci_core: Fix leaking sent_cmd skb + - can: rcar_canfd: rcar_canfd_channel_probe(): register the CAN device when + fully ready + - atm: firestream: check the return value of ioremap() in fs_init() + - iwlwifi: don't advertise TWT support + - drm/vrr: Set VRR capable prop only if it is attached to connector + - nl80211: Update bss channel on channel switch for P2P_CLIENT + - tcp: make tcp_read_sock() more robust + - sfc: extend the locking on mcdi->seqno + - bnx2: Fix an error message + - kselftest/vm: fix tests build with old libc + - x86/module: Fix the paravirt vs alternative order + - ice: Fix race condition during interface enslave + - Linux 5.15.30 + * Jammy update: v5.15.29 upstream stable release (LP: #1966056) + - arm64: dts: qcom: sm8350: Describe GCC dependency clocks + - arm64: dts: qcom: sm8350: Correct UFS symbol clocks + - HID: elo: Revert USB reference counting + - HID: hid-thrustmaster: fix OOB read in thrustmaster_interrupts + - ARM: boot: dts: bcm2711: Fix HVS register range + - clk: qcom: gdsc: Add support to update GDSC transition delay + - clk: qcom: dispcc: Update the transition delay for MDSS GDSC + - HID: vivaldi: fix sysfs attributes leak + - arm64: dts: armada-3720-turris-mox: Add missing ethernet0 alias + - tipc: fix kernel panic when enabling bearer + - vdpa/mlx5: add validation for VIRTIO_NET_CTRL_MQ_VQ_PAIRS_SET command + - vduse: Fix returning wrong type in vduse_domain_alloc_iova() + - net: phy: meson-gxl: fix interrupt handling in forced mode + - mISDN: Fix memory leak in dsp_pipeline_build() + - vhost: fix hung thread due to erroneous iotlb entries + - virtio-blk: Don't use MAX_DISCARD_SEGMENTS if max_discard_seg is zero + - vdpa: fix use-after-free on vp_vdpa_remove + - isdn: hfcpci: check the return value of dma_set_mask() in setup_hw() + - net: qlogic: check the return value of dma_alloc_coherent() in + qed_vf_hw_prepare() + - esp: Fix possible buffer overflow in ESP transformation + - esp: Fix BEET mode inter address family tunneling on GSO + - qed: return status of qed_iov_get_link + - smsc95xx: Ignore -ENODEV errors when device is unplugged + - gpiolib: acpi: Convert ACPI value of debounce to microseconds + - drm/sun4i: mixer: Fix P010 and P210 format numbers + - net: dsa: mt7530: fix incorrect test in mt753x_phylink_validate() + - ARM: dts: aspeed: Fix AST2600 quad spi group + - iavf: Fix handling of vlan strip virtual channel messages + - i40e: stop disabling VFs due to PF error responses + - ice: stop disabling VFs due to PF error responses + - ice: Fix error with handling of bonding MTU + - ice: Don't use GFP_KERNEL in atomic context + - ice: Fix curr_link_speed advertised speed + - ethernet: Fix error handling in xemaclite_of_probe + - tipc: fix incorrect order of state message data sanity check + - net: ethernet: ti: cpts: Handle error for clk_enable + - net: ethernet: lpc_eth: Handle error for clk_enable + - net: marvell: prestera: Add missing of_node_put() in + prestera_switch_set_base_mac_addr + - ax25: Fix NULL pointer dereference in ax25_kill_by_device + - net/mlx5: Fix size field in bufferx_reg struct + - net/mlx5: Fix a race on command flush flow + - net/mlx5e: Lag, Only handle events from highest priority multipath entry + - NFC: port100: fix use-after-free in port100_send_complete + - selftests: pmtu.sh: Kill tcpdump processes launched by subshell. + - selftests: pmtu.sh: Kill nettest processes launched in subshell. + - gpio: ts4900: Do not set DAT and OE together + - gianfar: ethtool: Fix refcount leak in gfar_get_ts_info + - net: phy: DP83822: clear MISR2 register to disable interrupts + - sctp: fix kernel-infoleak for SCTP sockets + - net: bcmgenet: Don't claim WOL when its not available + - net: phy: meson-gxl: improve link-up behavior + - selftests/bpf: Add test for bpf_timer overwriting crash + - swiotlb: fix info leak with DMA_FROM_DEVICE + - usb: dwc3: pci: add support for the Intel Raptor Lake-S + - pinctrl: tigerlake: Revert "Add Alder Lake-M ACPI ID" + - KVM: Fix lockdep false negative during host resume + - kvm: x86: Disable KVM_HC_CLOCK_PAIRING if tsc is in always catchup mode + - spi: rockchip: Fix error in getting num-cs property + - spi: rockchip: terminate dma transmission when slave abort + - drm/vc4: hdmi: Unregister codec device on unbind + - x86/kvm: Don't use pv tlb/ipi/sched_yield if on 1 vCPU + - net-sysfs: add check for netdevice being present to speed_show + - hwmon: (pmbus) Clear pmbus fault/warning bits after read + - PCI: Mark all AMD Navi10 and Navi14 GPU ATS as broken + - gpio: Return EPROBE_DEFER if gc->to_irq is NULL + - drm/amdgpu: bypass tiling flag check in virtual display case (v2) + - Revert "xen-netback: remove 'hotplug-status' once it has served its purpose" + - Revert "xen-netback: Check for hotplug-status existence before watching" + - ipv6: prevent a possible race condition with lifetimes + - tracing: Ensure trace buffer is at least 4096 bytes large + - tracing/osnoise: Make osnoise_main to sleep for microseconds + - selftest/vm: fix map_fixed_noreplace test failure + - selftests/memfd: clean up mapping in mfd_fail_write + - ARM: Spectre-BHB: provide empty stub for non-config + - fuse: fix fileattr op failure + - fuse: fix pipe buffer lifetime for direct_io + - staging: rtl8723bs: Fix access-point mode deadlock + - staging: gdm724x: fix use after free in gdm_lte_rx() + - net: macb: Fix lost RX packet wakeup race in NAPI receive + - riscv: alternative only works on !XIP_KERNEL + - mmc: meson: Fix usage of meson_mmc_post_req() + - riscv: Fix auipc+jalr relocation range checks + - tracing/osnoise: Force quiescent states while tracing + - arm64: dts: marvell: armada-37xx: Remap IO space to bus address 0x0 + - arm64: Ensure execute-only permissions are not allowed without EPAN + - arm64: kasan: fix include error in MTE functions + - swiotlb: rework "fix info leak with DMA_FROM_DEVICE" + - KVM: x86/mmu: kvm_faultin_pfn has to return false if pfh is returned + - virtio: unexport virtio_finalize_features + - virtio: acknowledge all features before access + - net/mlx5: Fix offloading with ESWITCH_IPV4_TTL_MODIFY_ENABLE + - ARM: fix Thumb2 regression with Spectre BHB + - watch_queue: Fix filter limit check + - watch_queue, pipe: Free watchqueue state after clearing pipe ring + - watch_queue: Fix to release page in ->release() + - watch_queue: Fix to always request a pow-of-2 pipe ring size + - watch_queue: Fix the alloc bitmap size to reflect notes allocated + - watch_queue: Free the alloc bitmap when the watch_queue is torn down + - watch_queue: Fix lack of barrier/sync/lock between post and read + - watch_queue: Make comment about setting ->defunct more accurate + - x86/boot: Fix memremap of setup_indirect structures + - x86/boot: Add setup_indirect support in early_memremap_is_setup_data() + - x86/sgx: Free backing memory after faulting the enclave page + - x86/traps: Mark do_int3() NOKPROBE_SYMBOL + - drm/panel: Select DRM_DP_HELPER for DRM_PANEL_EDP + - btrfs: make send work with concurrent block group relocation + - drm/i915: Workaround broken BIOS DBUF configuration on TGL/RKL + - riscv: dts: k210: fix broken IRQs on hart1 + - block: drop unused includes in + - Revert "net: dsa: mv88e6xxx: flush switchdev FDB workqueue before removing + VLAN" + - vhost: allow batching hint without size + - Linux 5.15.29 + * Jammy update: v5.15.28 upstream stable release (LP: #1966055) + - slip: fix macro redefine warning + - ARM: fix co-processor register typo + - ARM: Do not use NOCROSSREFS directive with ld.lld + - arm64: Do not include __READ_ONCE() block in assembly files + - ARM: fix build warning in proc-v7-bugs.c + - xen/xenbus: don't let xenbus_grant_ring() remove grants in error case + - xen/grant-table: add gnttab_try_end_foreign_access() + - xen/blkfront: don't use gnttab_query_foreign_access() for mapped status + - xen/netfront: don't use gnttab_query_foreign_access() for mapped status + - xen/scsifront: don't use gnttab_query_foreign_access() for mapped status + - xen/gntalloc: don't use gnttab_query_foreign_access() + - xen: remove gnttab_query_foreign_access() + - xen/9p: use alloc/free_pages_exact() + - xen/pvcalls: use alloc/free_pages_exact() + - xen/gnttab: fix gnttab_end_foreign_access() without page specified + - xen/netfront: react properly to failing gnttab_end_foreign_access_ref() + - Revert "ACPI: PM: s2idle: Cancel wakeup before dispatching EC GPE" + - Linux 5.15.28 + * zfcpdump-kernel update to v5.15 (LP: #1965766) + - SAUCE: Audit: Fix incorrect static inline function declration. + * [22.04 FEAT] SMC-R v2 Support (LP: #1929035) + - net/smc: save stack space and allocate smc_init_info + - net/smc: prepare for SMC-Rv2 connection + - net/smc: add SMC-Rv2 connection establishment + - net/smc: add listen processing for SMC-Rv2 + - net/smc: add v2 format of CLC decline message + - net/smc: retrieve v2 gid from IB device + - net/smc: add v2 support to the work request layer + - net/smc: extend LLC layer for SMC-Rv2 + - net/smc: add netlink support for SMC-Rv2 + - net/smc: stop links when their GID is removed + - net/smc: fix kernel panic caused by race of smc_sock + - net/smc: Fix hung_task when removing SMC-R devices + * [22.04 FEAT] Transparent PCI device recovery (LP: #1959532) + - s390/pci: tolerate inconsistent handle in recover + - s390/pci: add simpler s390dbf traces for events + - s390/pci: refresh function handle in iomap + - s390/pci: implement reset_slot for hotplug slot + - PCI: Export pci_dev_lock() + - s390/pci: implement minimal PCI error recovery + * Mute/mic LEDs no function on some HP platfroms (LP: #1965080) + - ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machines + * [22.04 FEAT] smc: Add User-defined EID (Enterprise ID) Support - kernel + (LP: #1929060) + - net/smc: add support for user defined EIDs + - net/smc: keep static copy of system EID + - net/smc: add generic netlink support for system EID + * Rotate to 2021v1 signing key (LP: #1964990) + - [Packaging] Rotate to 2021v1 signing key + * [22.04 FEAT] zcrypt DD: Exploitation Support of new IBM Z Crypto Hardware + (kernel part) (LP: #1959547) + - s390/zcrypt: rework of debug feature messages + - s390/ap/zcrypt: debug feature improvements + - s390/zcrypt: CEX8S exploitation support + - s390/zcrypt: handle checkstopped cards with new state + - s390/zcrypt: Support CPRB minor version T7 + - s390/zcrypt: change reply buffer size offering + - s390/zcrypt: Provide target domain for EP11 cprbs to scheduling function + - s390/airq: use DMA memory for summary indicators + * [22.04 FEAT] [VS2103] Set KVM_CAP_S390_MEM_OP_EXTENSION capability to 211 + (LP: #1963901) + - SAUCE: Set KVM_CAP_S390_MEM_OP_EXTENSION capability to 211 + * dependency on crda obsolete according to Debian (LP: #1958918) + - [Packaging] switch dependency from crda to wireless-regdb + * Cirrus audio support [1028:0BB5] & [1028:0BB6] (LP: #1964748) + - ALSA: hda/cs8409: Add new Warlock SKUs to patch_cs8409 + * Miscellaneous Ubuntu changes + - [Packaging] mark dkms-build-configure--zfs executable + - [Packaging] Fix bashism in dkms-build script + - [Packaging] Always catch errors in dkms-build scripts + - [Config] toolchain version update + * Miscellaneous upstream changes + - Ubuntu: remove leftover reference to ubuntu/hio driver + - Reverting commits 61005756c824 and cdb0f8e66513 due to a conflict with + LP#1929035. Re-pick them afterwards, which will establish the upstream + commit content and order again. + - Revert "UBUNTU: [Packaging] Rotate to 2021v1 signing key" + + -- Andrea Righi Fri, 01 Apr 2022 11:34:48 +0200 + +linux-ibm (5.15.0-1001.1) jammy; urgency=medium + + * jammy/linux-ibm: 5.15.0-1001.1 -proposed tracker (LP: #1964939) + + * Packaging resync (LP: #1786013) + - [Packaging] update Ubuntu.md + + * Miscellaneous Ubuntu changes + - [Packaging] ibm: prepare packaging for linux-ibm + + [ Ubuntu: 5.15.0-23.23 ] + + * jammy/linux: 5.15.0-23.23 -proposed tracker (LP: #1964573) + + [ Ubuntu: 5.15.0-22.22 ] + + * jammy/linux: 5.15.0-22.22 -proposed tracker (LP: #1960290) + + -- Krzysztof Kozlowski Wed, 16 Mar 2022 10:31:26 +0100 + +linux-ibm (5.15.0-1000.0) jammy; urgency=medium + + * Empty entry. + + -- Krzysztof Kozlowski Tue, 15 Mar 2022 11:16:18 +0100 + +linux-ibm (5.4.0-1018.20) focal; urgency=medium + + * focal/linux-ibm: 5.4.0-1018.20 -proposed tracker (LP: #1964194) + + [ Ubuntu: 5.4.0-105.119 ] + + * CVE-2022-0847 + - lib/iov_iter: initialize "flags" in new pipe_buffer + * Broken network on some AWS instances with focal/impish kernels + (LP: #1961968) + - SAUCE: Revert "PCI/MSI: Mask MSI-X vectors only on success" + * [UBUNTU 20.04] kernel: Add support for CPU-MF counter second version 7 + (LP: #1960182) + - s390/cpumf: Support for CPU Measurement Facility CSVN 7 + - s390/cpumf: Support for CPU Measurement Sampling Facility LS bit + * Hipersocket page allocation failure on Ubuntu 20.04 based SSC environments + (LP: #1959529) + - s390/qeth: use memory reserves to back RX buffers + * CVE-2022-0516 + - KVM: s390: Return error on SIDA memop on normal guest + * CVE-2022-0435 + - tipc: improve size validations for received domain records + * CVE-2022-0492 + - cgroup-v1: Require capabilities to set release_agent + * Recalled NFSv4 files delegations overwhelm server (LP: #1957986) + - NFSv4: Fix delegation handling in update_open_stateid() + - NFSv4: nfs4_callback_getattr() should ignore revoked delegations + - NFSv4: Delegation recalls should not find revoked delegations + - NFSv4: fail nfs4_refresh_delegation_stateid() when the delegation was + revoked + - NFS: Rename nfs_inode_return_delegation_noreclaim() + - NFSv4: Don't remove the delegation from the super_list more than once + - NFSv4: Hold the delegation spinlock when updating the seqid + - NFSv4: Clear the NFS_DELEGATION_REVOKED flag in + nfs_update_inplace_delegation() + - NFSv4: Update the stateid seqid in nfs_revoke_delegation() + - NFSv4: Revoke the delegation on success in nfs4_delegreturn_done() + - NFSv4: Ignore requests to return the delegation if it was revoked + - NFSv4: Don't reclaim delegations that have been returned or revoked + - NFSv4: nfs4_return_incompatible_delegation() should check delegation + validity + - NFSv4: Fix nfs4_inode_make_writeable() + - NFS: nfs_inode_find_state_and_recover() fix stateid matching + - NFSv4: Fix races between open and delegreturn + - NFSv4: Handle NFS4ERR_OLD_STATEID in delegreturn + - NFSv4: Don't retry the GETATTR on old stateid in nfs4_delegreturn_done() + - NFSv4: nfs_inode_evict_delegation() should set NFS_DELEGATION_RETURNING + - NFS: Clear NFS_DELEGATION_RETURN_IF_CLOSED when the delegation is returned + - NFSv4: Try to return the delegation immediately when marked for return on + close + - NFSv4: Add accounting for the number of active delegations held + - NFSv4: Limit the total number of cached delegations + - NFSv4: Ensure the delegation is pinned in nfs_do_return_delegation() + - NFSv4: Ensure the delegation cred is pinned when we call delegreturn + * Focal update: v5.4.174 upstream stable release (LP: #1960566) + - HID: uhid: Fix worker destroying device without any protection + - HID: wacom: Reset expected and received contact counts at the same time + - HID: wacom: Ignore the confidence flag when a touch is removed + - HID: wacom: Avoid using stale array indicies to read contact count + - f2fs: fix to do sanity check in is_alive() + - nfc: llcp: fix NULL error pointer dereference on sendmsg() after failed + bind() + - mtd: rawnand: gpmi: Add ERR007117 protection for nfc_apply_timings + - mtd: rawnand: gpmi: Remove explicit default gpmi clock setting for i.MX6 + - x86/gpu: Reserve stolen memory for first integrated Intel GPU + - tools/nolibc: x86-64: Fix startup code bug + - tools/nolibc: i386: fix initial stack alignment + - tools/nolibc: fix incorrect truncation of exit code + - rtc: cmos: take rtc_lock while reading from CMOS + - media: v4l2-ioctl.c: readbuffers depends on V4L2_CAP_READWRITE + - media: flexcop-usb: fix control-message timeouts + - media: mceusb: fix control-message timeouts + - media: em28xx: fix control-message timeouts + - media: cpia2: fix control-message timeouts + - media: s2255: fix control-message timeouts + - media: dib0700: fix undefined behavior in tuner shutdown + - media: redrat3: fix control-message timeouts + - media: pvrusb2: fix control-message timeouts + - media: stk1160: fix control-message timeouts + - can: softing_cs: softingcs_probe(): fix memleak on registration failure + - lkdtm: Fix content of section containing lkdtm_rodata_do_nothing() + - iommu/io-pgtable-arm-v7s: Add error handle for page table allocation failure + - dma_fence_array: Fix PENDING_ERROR leak in dma_fence_array_signaled() + - PCI: Add function 1 DMA alias quirk for Marvell 88SE9125 SATA controller + - mm_zone: add function to check if managed dma zone exists + - mm/page_alloc.c: do not warn allocation failure on zone DMA if no managed + pages + - shmem: fix a race between shmem_unused_huge_shrink and shmem_evict_inode + - drm/rockchip: dsi: Hold pm-runtime across bind/unbind + - drm/rockchip: dsi: Reconfigure hardware on resume() + - drm/panel: kingdisplay-kd097d04: Delete panel on attach() failure + - drm/panel: innolux-p079zca: Delete panel on attach() failure + - drm/rockchip: dsi: Fix unbalanced clock on probe error + - Bluetooth: cmtp: fix possible panic when cmtp_init_sockets() fails + - clk: bcm-2835: Pick the closest clock rate + - clk: bcm-2835: Remove rounding up the dividers + - wcn36xx: Indicate beacon not connection loss on MISSED_BEACON_IND + - wcn36xx: Release DMA channel descriptor allocations + - media: videobuf2: Fix the size printk format + - media: aspeed: fix mode-detect always time out at 2nd run + - media: em28xx: fix memory leak in em28xx_init_dev + - media: aspeed: Update signal status immediately to ensure sane hw state + - arm64: dts: meson-gxbb-wetek: fix HDMI in early boot + - arm64: dts: meson-gxbb-wetek: fix missing GPIO binding + - Bluetooth: stop proccessing malicious adv data + - tee: fix put order in teedev_close_context() + - media: dmxdev: fix UAF when dvb_register_device() fails + - crypto: qce - fix uaf on qce_ahash_register_one + - arm64: dts: ti: k3-j721e: correct cache-sets info + - tty: serial: atmel: Check return code of dmaengine_submit() + - tty: serial: atmel: Call dma_async_issue_pending() + - media: rcar-csi2: Correct the selection of hsfreqrange + - media: imx-pxp: Initialize the spinlock prior to using it + - media: si470x-i2c: fix possible memory leak in si470x_i2c_probe() + - media: mtk-vcodec: call v4l2_m2m_ctx_release first when file is released + - media: venus: core: Fix a resource leak in the error handling path of + 'venus_probe()' + - netfilter: bridge: add support for pppoe filtering + - arm64: dts: qcom: msm8916: fix MMC controller aliases + - ACPI: EC: Rework flushing of EC work while suspended to idle + - drm/amdgpu: Fix a NULL pointer dereference in + amdgpu_connector_lcd_native_mode() + - drm/radeon/radeon_kms: Fix a NULL pointer dereference in + radeon_driver_open_kms() + - arm64: dts: ti: k3-j721e: Fix the L2 cache sets + - tty: serial: uartlite: allow 64 bit address + - serial: amba-pl011: do not request memory region twice + - floppy: Fix hang in watchdog when disk is ejected + - staging: rtl8192e: return error code from rtllib_softmac_init() + - staging: rtl8192e: rtllib_module: fix error handle case in alloc_rtllib() + - Bluetooth: btmtksdio: fix resume failure + - media: dib8000: Fix a memleak in dib8000_init() + - media: saa7146: mxb: Fix a NULL pointer dereference in mxb_attach() + - media: si2157: Fix "warm" tuner state detection + - sched/rt: Try to restart rt period timer when rt runtime exceeded + - rcu/exp: Mark current CPU as exp-QS in IPI loop second pass + - mwifiex: Fix possible ABBA deadlock + - xfrm: fix a small bug in xfrm_sa_len() + - crypto: stm32/cryp - fix xts and race condition in crypto_engine requests + - crypto: stm32/cryp - fix double pm exit + - crypto: stm32/cryp - fix lrw chaining mode + - ARM: dts: gemini: NAS4220-B: fis-index-block with 128 KiB sectors + - media: dw2102: Fix use after free + - media: msi001: fix possible null-ptr-deref in msi001_probe() + - media: coda/imx-vdoa: Handle dma_set_coherent_mask error codes + - drm/msm/dpu: fix safe status debugfs file + - drm/bridge: ti-sn65dsi86: Set max register for regmap + - media: hantro: Fix probe func error path + - xfrm: interface with if_id 0 should return error + - xfrm: state and policy should fail if XFRMA_IF_ID 0 + - ARM: 9159/1: decompressor: Avoid UNPREDICTABLE NOP encoding + - usb: ftdi-elan: fix memory leak on device disconnect + - ARM: dts: armada-38x: Add generic compatible to UART nodes + - mmc: meson-mx-sdio: add IRQ check + - selinux: fix potential memleak in selinux_add_opt() + - bpftool: Enable line buffering for stdout + - x86/mce/inject: Avoid out-of-bounds write when setting flags + - ACPI: scan: Create platform device for BCM4752 and LNV4752 ACPI nodes + - pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in + __nonstatic_find_io_region() + - pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in + nonstatic_find_mem_region() + - netfilter: ipt_CLUSTERIP: fix refcount leak in clusterip_tg_check() + - bpf: Fix SO_RCVBUF/SO_SNDBUF handling in _bpf_setsockopt(). + - ppp: ensure minimum packet size in ppp_write() + - rocker: fix a sleeping in atomic bug + - staging: greybus: audio: Check null pointer + - fsl/fman: Check for null pointer after calling devm_ioremap + - Bluetooth: hci_bcm: Check for error irq + - HID: hid-uclogic-params: Invalid parameter check in uclogic_params_init + - HID: hid-uclogic-params: Invalid parameter check in + uclogic_params_get_str_desc + - HID: hid-uclogic-params: Invalid parameter check in + uclogic_params_huion_init + - HID: hid-uclogic-params: Invalid parameter check in + uclogic_params_frame_init_v1_buttonpad + - debugfs: lockdown: Allow reading debugfs files that are not world readable + - net/mlx5e: Don't block routes with nexthop objects in SW + - Revert "net/mlx5e: Block offload of outer header csum for UDP tunnels" + - net/mlx5: Set command entry semaphore up once got index free + - spi: spi-meson-spifc: Add missing pm_runtime_disable() in meson_spifc_probe + - tpm: add request_locality before write TPM_INT_ENABLE + - can: softing: softing_startstop(): fix set but not used variable warning + - can: xilinx_can: xcan_probe(): check for error irq + - pcmcia: fix setting of kthread task states + - net: mcs7830: handle usb read errors properly + - ext4: avoid trim error on fs with small groups + - ALSA: jack: Add missing rwsem around snd_ctl_remove() calls + - ALSA: PCM: Add missing rwsem around snd_ctl_remove() calls + - ALSA: hda: Add missing rwsem around snd_ctl_remove() calls + - RDMA/hns: Validate the pkey index + - clk: imx8mn: Fix imx8mn_clko1_sels + - powerpc/prom_init: Fix improper check of prom_getprop() + - ASoC: uniphier: drop selecting non-existing SND_SOC_UNIPHIER_AIO_DMA + - ALSA: oss: fix compile error when OSS_DEBUG is enabled + - char/mwave: Adjust io port register size + - binder: fix handling of error during copy + - iommu/io-pgtable-arm: Fix table descriptor paddr formatting + - scsi: ufs: Fix race conditions related to driver data + - PCI/MSI: Fix pci_irq_vector()/pci_irq_get_affinity() + - powerpc/powermac: Add additional missing lockdep_register_key() + - RDMA/core: Let ib_find_gid() continue search even after empty entry + - RDMA/cma: Let cma_resolve_ib_dev() continue search even after empty entry + - ASoC: rt5663: Handle device_property_read_u32_array error codes + - clk: stm32: Fix ltdc's clock turn off by clk_disable_unused() after system + enter shell + - dmaengine: pxa/mmp: stop referencing config->slave_id + - iommu/iova: Fix race between FQ timeout and teardown + - phy: uniphier-usb3ss: fix unintended writing zeros to PHY register + - ASoC: samsung: idma: Check of ioremap return value + - misc: lattice-ecp3-config: Fix task hung when firmware load failed + - mips: lantiq: add support for clk_set_parent() + - mips: bcm63xx: add support for clk_set_parent() + - RDMA/cxgb4: Set queue pair state when being queried + - of: base: Fix phandle argument length mismatch error message + - Bluetooth: Fix debugfs entry leak in hci_register_dev() + - fs: dlm: filter user dlm messages for kernel locks + - drm/lima: fix warning when CONFIG_DEBUG_SG=y & CONFIG_DMA_API_DEBUG=y + - ar5523: Fix null-ptr-deref with unexpected WDCMSG_TARGET_START reply + - drm/nouveau/pmu/gm200-: avoid touching PMU outside of DEVINIT/PREOS/ACR + - ARM: shmobile: rcar-gen2: Add missing of_node_put() + - batman-adv: allow netlink usage in unprivileged containers + - usb: gadget: f_fs: Use stream_open() for endpoint files + - drm: panel-orientation-quirks: Add quirk for the Lenovo Yoga Book X91F/L + - HID: apple: Do not reset quirks when the Fn key is not found + - media: b2c2: Add missing check in flexcop_pci_isr: + - EDAC/synopsys: Use the quirk for version instead of ddr version + - mlxsw: pci: Add shutdown method in PCI driver + - drm/bridge: megachips: Ensure both bridges are probed before registration + - gpiolib: acpi: Do not set the IRQ type if the IRQ is already in use + - HSI: core: Fix return freed object in hsi_new_client + - mwifiex: Fix skb_over_panic in mwifiex_usb_recv() + - rsi: Fix use-after-free in rsi_rx_done_handler() + - rsi: Fix out-of-bounds read in rsi_read_pkt() + - usb: uhci: add aspeed ast2600 uhci support + - floppy: Add max size check for user space request + - x86/mm: Flush global TLB when switching to trampoline page-table + - media: uvcvideo: Increase UVC_CTRL_CONTROL_TIMEOUT to 5 seconds. + - media: saa7146: hexium_orion: Fix a NULL pointer dereference in + hexium_attach() + - media: m920x: don't use stack on USB reads + - iwlwifi: mvm: synchronize with FW after multicast commands + - ath10k: Fix tx hanging + - net-sysfs: update the queue counts in the unregistration path + - net: phy: prefer 1000baseT over 1000baseKX + - gpio: aspeed: Convert aspeed_gpio.lock to raw_spinlock + - x86/mce: Mark mce_panic() noinstr + - x86/mce: Mark mce_end() noinstr + - x86/mce: Mark mce_read_aux() noinstr + - net: bonding: debug: avoid printing debug logs when bond is not notifying + peers + - bpf: Do not WARN in bpf_warn_invalid_xdp_action() + - HID: quirks: Allow inverting the absolute X/Y values + - media: igorplugusb: receiver overflow should be reported + - media: saa7146: hexium_gemini: Fix a NULL pointer dereference in + hexium_attach() + - mmc: core: Fixup storing of OCR for MMC_QUIRK_NONSTD_SDIO + - audit: ensure userspace is penalized the same as the kernel when under + pressure + - arm64: dts: ls1028a-qds: move rtc node to the correct i2c bus + - arm64: tegra: Adjust length of CCPLEX cluster MMIO region + - cpufreq: Fix initialization of min and max frequency QoS requests + - usb: hub: Add delay for SuperSpeed hub resume to let links transit to U0 + - ath9k: Fix out-of-bound memcpy in ath9k_hif_usb_rx_stream + - iwlwifi: fix leaks/bad data after failed firmware load + - iwlwifi: remove module loading failure message + - iwlwifi: mvm: Fix calculation of frame length + - um: registers: Rename function names to avoid conflicts and build problems + - jffs2: GC deadlock reading a page that is used in jffs2_write_begin() + - ACPICA: actypes.h: Expand the ACPI_ACCESS_ definitions + - ACPICA: Utilities: Avoid deleting the same object twice in a row + - ACPICA: Executer: Fix the REFCLASS_REFOF case in acpi_ex_opcode_1A_0T_1R() + - ACPICA: Fix wrong interpretation of PCC address + - ACPICA: Hardware: Do not flush CPU cache when entering S4 and S5 + - drm/amdgpu: fixup bad vram size on gmc v8 + - ACPI: battery: Add the ThinkPad "Not Charging" quirk + - btrfs: remove BUG_ON() in find_parent_nodes() + - btrfs: remove BUG_ON(!eie) in find_parent_nodes + - net: mdio: Demote probed message to debug print + - mac80211: allow non-standard VHT MCS-10/11 + - dm btree: add a defensive bounds check to insert_at() + - dm space map common: add bounds check to sm_ll_lookup_bitmap() + - net: phy: marvell: configure RGMII delays for 88E1118 + - net: gemini: allow any RGMII interface mode + - regulator: qcom_smd: Align probe function with rpmh-regulator + - serial: pl010: Drop CR register reset on set_termios + - serial: core: Keep mctrl register state and cached copy in sync + - random: do not throw away excess input to crng_fast_load + - parisc: Avoid calling faulthandler_disabled() twice + - powerpc/6xx: add missing of_node_put + - powerpc/powernv: add missing of_node_put + - powerpc/cell: add missing of_node_put + - powerpc/btext: add missing of_node_put + - powerpc/watchdog: Fix missed watchdog reset due to memory ordering race + - i2c: i801: Don't silently correct invalid transfer size + - powerpc/smp: Move setup_profiling_timer() under CONFIG_PROFILING + - i2c: mpc: Correct I2C reset procedure + - clk: meson: gxbb: Fix the SDM_EN bit for MPLL0 on GXBB + - powerpc/powermac: Add missing lockdep_register_key() + - KVM: PPC: Book3S: Suppress failed alloc warning in H_COPY_TOFROM_GUEST + - w1: Misuse of get_user()/put_user() reported by sparse + - scsi: lpfc: Trigger SLI4 firmware dump before doing driver cleanup + - ALSA: seq: Set upper limit of processed events + - powerpc: handle kdump appropriately with crash_kexec_post_notifiers option + - MIPS: OCTEON: add put_device() after of_find_device_by_node() + - i2c: designware-pci: Fix to change data types of hcnt and lcnt parameters + - MIPS: Octeon: Fix build errors using clang + - scsi: sr: Don't use GFP_DMA + - ASoC: mediatek: mt8173: fix device_node leak + - power: bq25890: Enable continuous conversion for ADC at charging + - rpmsg: core: Clean up resources on announce_create failure. + - crypto: omap-aes - Fix broken pm_runtime_and_get() usage + - crypto: stm32/crc32 - Fix kernel BUG triggered in probe() + - crypto: caam - replace this_cpu_ptr with raw_cpu_ptr + - ubifs: Error path in ubifs_remount_rw() seems to wrongly free write buffers + - fuse: Pass correct lend value to filemap_write_and_wait_range() + - serial: Fix incorrect rs485 polarity on uart open + - cputime, cpuacct: Include guest time in user time in cpuacct.stat + - tracing/kprobes: 'nmissed' not showed correctly for kretprobe + - iwlwifi: mvm: Increase the scan timeout guard to 30 seconds + - s390/mm: fix 2KB pgtable release race + - drm/etnaviv: limit submit sizes + - drm/nouveau/kms/nv04: use vzalloc for nv04_display + - drm/bridge: analogix_dp: Make PSR-exit block less + - PCI: pci-bridge-emul: Properly mark reserved PCIe bits in PCI config space + - PCI: pci-bridge-emul: Correctly set PCIe capabilities + - PCI: pci-bridge-emul: Set PCI_STATUS_CAP_LIST for PCIe device + - xfrm: fix policy lookup for ipv6 gre packets + - btrfs: fix deadlock between quota enable and other quota operations + - btrfs: check the root node for uptodate before returning it + - btrfs: respect the max size in the header when activating swap file + - ext4: make sure to reset inode lockdep class when quota enabling fails + - ext4: make sure quota gets properly shutdown on error + - ext4: set csum seed in tmp inode while migrating to extents + - ext4: Fix BUG_ON in ext4_bread when write quota data + - ext4: don't use the orphan list when migrating an inode + - drm/radeon: fix error handling in radeon_driver_open_kms + - of: base: Improve argument length mismatch error + - firmware: Update Kconfig help text for Google firmware + - media: rcar-csi2: Optimize the selection PHTW register + - Documentation: dmaengine: Correctly describe dmatest with channel unset + - Documentation: ACPI: Fix data node reference documentation + - Documentation: refer to config RANDOMIZE_BASE for kernel address-space + randomization + - Documentation: fix firewire.rst ABI file path error + - scsi: core: Show SCMD_LAST in text form + - RDMA/hns: Modify the mapping attribute of doorbell to device + - RDMA/rxe: Fix a typo in opcode name + - dmaengine: stm32-mdma: fix STM32_MDMA_CTBR_TSEL_MASK + - Revert "net/mlx5: Add retry mechanism to the command entry index allocation" + - powerpc/cell: Fix clang -Wimplicit-fallthrough warning + - powerpc/fsl/dts: Enable WA for erratum A-009885 on fman3l MDIO buses + - bpftool: Remove inclusion of utilities.mak from Makefiles + - ipv4: avoid quadratic behavior in netns dismantle + - net/fsl: xgmac_mdio: Fix incorrect iounmap when removing module + - parisc: pdc_stable: Fix memory leak in pdcs_register_pathentries + - f2fs: fix to reserve space for IO align feature + - af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress + - clk: si5341: Fix clock HW provider cleanup + - net: axienet: limit minimum TX ring size + - net: axienet: fix number of TX ring slots for available check + - net: axienet: increase default TX ring size to 128 + - rtc: pxa: fix null pointer dereference + - inet: frags: annotate races around fqdir->dead and fqdir->high_thresh + - netns: add schedule point in ops_exit_list() + - xfrm: Don't accidentally set RTO_ONLINK in decode_session4() + - gre: Don't accidentally set RTO_ONLINK in gre_fill_metadata_dst() + - libcxgb: Don't accidentally set RTO_ONLINK in cxgb_find_route() + - perf script: Fix hex dump character output + - dmaengine: at_xdmac: Don't start transactions at tx_submit level + - dmaengine: at_xdmac: Print debug message after realeasing the lock + - dmaengine: at_xdmac: Fix concurrency over xfers_list + - dmaengine: at_xdmac: Fix lld view setting + - dmaengine: at_xdmac: Fix at_xdmac_lld struct definition + - arm64: dts: qcom: msm8996: drop not documented adreno properties + - net_sched: restore "mpu xxx" handling + - bcmgenet: add WOL IRQ check + - net: ethernet: mtk_eth_soc: fix error checking in mtk_mac_config() + - dt-bindings: display: meson-dw-hdmi: add missing sound-name-prefix property + - dt-bindings: display: meson-vpu: Add missing amlogic,canvas property + - scripts/dtc: dtx_diff: remove broken example from help text + - lib82596: Fix IRQ check in sni_82596_probe + - lib/test_meminit: destroy cache in kmem_cache_alloc_bulk() test + - mtd: nand: bbt: Fix corner case in bad block table handling + - Revert "ia64: kprobes: Use generic kretprobe trampoline handler" + - Linux 5.4.174 + * Focal update: v5.4.173 upstream stable release (LP: #1959701) + - kbuild: Add $(KBUILD_HOSTLDFLAGS) to 'has_libelf' test + - devtmpfs regression fix: reconfigure on each mount + - orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc() + - perf: Protect perf_guest_cbs with RCU + - KVM: s390: Clarify SIGP orders versus STOP/RESTART + - media: uvcvideo: fix division by zero at stream start + - rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore() with + interrupts enabled + - firmware: qemu_fw_cfg: fix sysfs information leak + - firmware: qemu_fw_cfg: fix NULL-pointer deref on duplicate entries + - firmware: qemu_fw_cfg: fix kobject leak in probe error path + - KVM: x86: remove PMU FIXED_CTR3 from msrs_to_save_all + - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master after + reboot from Windows + - mtd: fixup CFI on ixp4xx + - ARM: 9025/1: Kconfig: CPU_BIG_ENDIAN depends on !LD_IS_LLD + - Linux 5.4.173 + * Focal update: v5.4.172 upstream stable release (LP: #1959698) + - workqueue: Fix unbind_workers() VS wq_worker_running() race + - Bluetooth: btusb: fix memory leak in btusb_mtk_submit_wmt_recv_urb() + - Bluetooth: bfusb: fix division by zero in send path + - USB: core: Fix bug in resuming hub's handling of wakeup requests + - USB: Fix "slab-out-of-bounds Write" bug in usb_hcd_poll_rh_status + - mmc: sdhci-pci: Add PCI ID for Intel ADL + - veth: Do not record rx queue hint in veth_xmit + - mfd: intel-lpss: Fix too early PM enablement in the ACPI ->probe() + - drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) + functions + - can: gs_usb: fix use of uninitialized variable, detach device on reception + of invalid USB data + - can: gs_usb: gs_can_start_xmit(): zero-initialize hf->{flags,reserved} + - random: fix data race on crng_node_pool + - random: fix data race on crng init time + - random: fix crash on multiple early calls to add_bootloader_randomness() + - media: Revert "media: uvcvideo: Set unique vdev name based in type" + - staging: wlan-ng: Avoid bitwise vs logical OR warning in + hfa384x_usb_throttlefn() + - drm/i915: Avoid bitwise vs logical OR warning in snb_wm_latency_quirk() + - staging: greybus: fix stack size warning with UBSAN + - Linux 5.4.172 + * Focal update: v5.4.171 upstream stable release (LP: #1959437) + - f2fs: quota: fix potential deadlock + - Input: touchscreen - Fix backport of + a02dcde595f7cbd240ccd64de96034ad91cffc40 + - selftests: x86: fix [-Wstringop-overread] warn in test_process_vm_readv() + - tracing: Fix check for trace_percpu_buffer validity in get_trace_buf() + - tracing: Tag trace_percpu_buffer as a percpu pointer + - ieee802154: atusb: fix uninit value in atusb_set_extended_addr + - iavf: Fix limit of total number of queues to active queues of VF + - RDMA/core: Don't infoleak GRH fields + - RDMA/uverbs: Check for null return of kmalloc_array + - mac80211: initialize variable have_higher_than_11mbit + - i40e: fix use-after-free in i40e_sync_filters_subtask() + - i40e: Fix for displaying message regarding NVM version + - i40e: Fix incorrect netdev's real number of RX/TX queues + - ipv4: Check attribute length for RTA_GATEWAY in multipath route + - ipv4: Check attribute length for RTA_FLOW in multipath route + - ipv6: Check attribute length for RTA_GATEWAY in multipath route + - ipv6: Check attribute length for RTA_GATEWAY when deleting multipath route + - lwtunnel: Validate RTA_ENCAP_TYPE attribute length + - batman-adv: mcast: don't send link-local multicast to mcast routers + - sch_qfq: prevent shift-out-of-bounds in qfq_init_qdisc + - net: phy: micrel: set soft_reset callback to genphy_soft_reset for KSZ8081 + - power: supply: core: Break capacity loop + - power: reset: ltc2952: Fix use of floating point literals + - rndis_host: support Hytera digital radios + - phonet: refcount leak in pep_sock_accep + - ipv6: Continue processing multipath route even if gateway attribute is + invalid + - ipv6: Do cleanup if attribute validation fails in multipath route + - usb: mtu3: fix interval value for intr and isoc + - scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown() + - ip6_vti: initialize __ip6_tnl_parm struct in vti6_siocdevprivate + - net: udp: fix alignment problem in udp4_seq_show() + - atlantic: Fix buff_ring OOB in aq_ring_rx_clean + - mISDN: change function names to avoid conflicts + - Linux 5.4.171 + * Focal update: v5.4.170 upstream stable release (LP: #1958898) + - tee: handle lookup of shm with reference count 0 + - Input: i8042 - add deferred probe support + - Input: i8042 - enable deferred probe quirk for ASUS UM325UA + - tomoyo: Check exceeded quota early in tomoyo_domain_quota_is_ok(). + - platform/x86: apple-gmux: use resource_size() with res + - memblock: fix memblock_phys_alloc() section mismatch error + - recordmcount.pl: fix typo in s390 mcount regex + - selinux: initialize proto variable in selinux_ip_postroute_compat() + - scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write() + - net/mlx5: DR, Fix NULL vs IS_ERR checking in dr_domain_init_resources + - sctp: use call_rcu to free endpoint + - net: usb: pegasus: Do not drop long Ethernet frames + - net: lantiq_xrx200: fix statistics of received bytes + - NFC: st21nfca: Fix memory leak in device probe and remove + - ionic: Initialize the 'lif->dbid_inuse' bitmap + - net/mlx5e: Fix wrong features assignment in case of error + - selftests/net: udpgso_bench_tx: fix dst ip argument + - net/ncsi: check for error return from call to nla_put_u32 + - fsl/fman: Fix missing put_device() call in fman_port_probe + - i2c: validate user data in compat ioctl + - nfc: uapi: use kernel size_t to fix user-space builds + - uapi: fix linux/nfc.h userspace compilation errors + - xhci: Fresco FL1100 controller should not have BROKEN_MSI quirk set. + - usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear. + - usb: mtu3: add memory barrier before set GPD's HWO + - usb: mtu3: fix list_head check warning + - usb: mtu3: set interval of FS intr and isoc endpoint + - binder: fix async_free_space accounting for empty parcels + - scsi: vmw_pvscsi: Set residual data length conditionally + - Input: appletouch - initialize work before device registration + - Input: spaceball - fix parsing of movement data packets + - net: fix use-after-free in tw_timer_handler + - perf script: Fix CPU filtering of a script's switch events + - Linux 5.4.170 + * Focal update: v5.4.170 upstream stable release (LP: #1958898) // HID_ASUS + should depend on USB_HID in stable v4.15 backports (LP: #1959762) + - HID: asus: Add depends on USB_HID to HID_ASUS Kconfig option + * Focal update: v5.4.169 upstream stable release (LP: #1958557) + - net: usb: lan78xx: add Allied Telesis AT29M2-AF + - serial: 8250_fintek: Fix garbled text for console + - arm64: dts: allwinner: orangepi-zero-plus: fix PHY mode + - spi: change clk_disable_unprepare to clk_unprepare + - IB/qib: Fix memory leak in qib_user_sdma_queue_pkts() + - netfilter: fix regression in looped (broad|multi)cast's MAC handling + - qlcnic: potential dereference null pointer of rx_queue->page_ring + - net: accept UFOv6 packages in virtio_net_hdr_to_skb + - net: skip virtio_net_hdr_set_proto if protocol already set + - ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module + - bonding: fix ad_actor_system option setting to default + - fjes: Check for error irq + - drivers: net: smc911x: Check for error irq + - sfc: falcon: Check null pointer of rx_queue->page_ring + - Input: elantech - fix stack out of bound access in + elantech_change_report_id() + - hwmon: (lm90) Fix usage of CONFIG2 register in detect function + - hwmon: (lm90) Add max6654 support to lm90 driver + - hwmon: (lm90) Add basic support for TI TMP461 + - hwmon: (lm90) Introduce flag indicating extended temperature support + - hwmon: (lm90) Drop critical attribute support for MAX6654 + - ALSA: jack: Check the return value of kstrdup() + - ALSA: drivers: opl3: Fix incorrect use of vp->state + - ALSA: hda/realtek: Amp init fixup for HP ZBook 15 G6 + - Input: atmel_mxt_ts - fix double free in mxt_read_info_block + - ipmi: bail out if init_srcu_struct fails + - ipmi: ssif: initialize ssif_info->client early + - ipmi: fix initialization when workqueue allocation fails + - parisc: Correct completer in lws start + - x86/pkey: Fix undefined behaviour with PKRU_WD_BIT + - pinctrl: stm32: consider the GPIO offset to expose all the GPIO lines + - mmc: sdhci-tegra: Fix switch to HS400ES mode + - mmc: core: Disable card detect during shutdown + - ARM: 9169/1: entry: fix Thumb2 bug in iWMMXt exception handling + - tee: optee: Fix incorrect page free bug + - f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() + - usb: gadget: u_ether: fix race in setting MAC address in setup phase + - KVM: VMX: Fix stale docs for kvm-intel.emulate_invalid_guest_state + - mm: mempolicy: fix THP allocations escaping mempolicy restrictions + - pinctrl: mediatek: fix global-out-of-bounds issue + - hwmom: (lm90) Fix citical alarm status for MAX6680/MAX6681 + - hwmon: (lm90) Do not report 'busy' status bit as alarm + - ax25: NPD bug when detaching AX25 device + - hamradio: defer ax25 kfree after unregister_netdev + - hamradio: improve the incomplete fix to avoid NPD + - phonet/pep: refuse to enable an unbound pipe + - Linux 5.4.169 + * Focal update: v5.4.168 upstream stable release (LP: #1957991) + - KVM: selftests: Make sure kvm_create_max_vcpus test won't hit RLIMIT_NOFILE + - mac80211: mark TX-during-stop for TX in in_reconfig + - mac80211: send ADDBA requests using the tid/queue of the aggregation session + - firmware: arm_scpi: Fix string overflow in SCPI genpd driver + - virtio_ring: Fix querying of maximum DMA mapping size for virtio device + - recordmcount.pl: look for jgnop instruction as well as bcrl on s390 + - dm btree remove: fix use after free in rebalance_children() + - audit: improve robustness of the audit queue handling + - iio: adc: stm32: fix a current leak by resetting pcsel before disabling vdda + - nfsd: fix use-after-free due to delegation race + - arm64: dts: rockchip: remove mmc-hs400-enhanced-strobe from rk3399-khadas- + edge + - arm64: dts: rockchip: fix rk3399-leez-p710 vcc3v3-lan supply + - arm64: dts: rockchip: fix audio-supply for Rock Pi 4 + - mac80211: track only QoS data frames for admission control + - ARM: socfpga: dts: fix qspi node compatible + - clk: Don't parent clks until the parent is fully registered + - selftests: net: Correct ping6 expected rc from 2 to 1 + - s390/kexec_file: fix error handling when applying relocations + - sch_cake: do not call cake_destroy() from cake_init() + - inet_diag: use jiffies_delta_to_msecs() + - inet_diag: fix kernel-infoleak for UDP sockets + - selftests: Fix raw socket bind tests with VRF + - selftests: Fix IPv6 address bind tests + - dmaengine: st_fdma: fix MODULE_ALIAS + - selftest/net/forwarding: declare NETIFS p9 p10 + - mac80211: agg-tx: refactor sending addba + - mac80211: agg-tx: don't schedule_and_wake_txq() under sta->lock + - mac80211: accept aggregation sessions on 6 GHz + - mac80211: fix lookup when adding AddBA extension element + - net: sched: lock action when translating it to flow_action infra + - flow_offload: return EOPNOTSUPP for the unsupported mpls action type + - rds: memory leak in __rds_conn_create() + - soc/tegra: fuse: Fix bitwise vs. logical OR warning + - igb: Fix removal of unicast MAC filters of VFs + - igbvf: fix double free in `igbvf_probe` + - ixgbe: set X550 MDIO speed before talking to PHY + - netdevsim: Zero-initialize memory for new map's value in function + nsim_bpf_map_alloc + - net: Fix double 0x prefix print in SKB dump + - net/smc: Prevent smc_release() from long blocking + - net: systemport: Add global locking for descriptor lifecycle + - sit: do not call ipip6_dev_free() from sit_init_net() + - USB: NO_LPM quirk Lenovo USB-C to Ethernet Adapher(RTL8153-04) + - PCI/MSI: Clear PCI_MSIX_FLAGS_MASKALL on error + - PCI/MSI: Mask MSI-X vectors only on success + - usb: xhci: Extend support for runtime power management for AMD's Yellow + carp. + - USB: serial: cp210x: fix CP2105 GPIO registration + - USB: serial: option: add Telit FN990 compositions + - timekeeping: Really make sure wall_to_monotonic isn't positive + - libata: if T_LENGTH is zero, dma direction should be DMA_NONE + - drm/amdgpu: correct register access for RLC_JUMP_TABLE_RESTORE + - mac80211: validate extended element ID is present + - mwifiex: Remove unnecessary braces from HostCmd_SET_SEQ_NO_BSS_INFO + - Input: touchscreen - avoid bitwise vs logical OR warning + - ARM: dts: imx6ull-pinfunc: Fix CSI_DATA07__ESAI_TX0 pad name + - xsk: Do not sleep in poll() when need_wakeup set + - media: mxl111sf: change mutex_init() location + - fuse: annotate lock in fuse_reverse_inval_entry() + - ovl: fix warning in ovl_create_real() + - scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select() + - rcu: Mark accesses to rcu_state.n_force_qs + - mac80211: fix regression in SSN handling of addba tx + - net: sched: Fix suspicious RCU usage while accessing tcf_tunnel_info + - Revert "xsk: Do not sleep in poll() when need_wakeup set" + - xen/blkfront: harden blkfront against event channel storms + - xen/netfront: harden netfront against event channel storms + - xen/console: harden hvc_xen against event channel storms + - xen/netback: fix rx queue stall detection + - xen/netback: don't queue unlimited number of packages + - Linux 5.4.168 + * Focal update: v5.4.167 upstream stable release (LP: #1957987) + - nfc: fix segfault in nfc_genl_dump_devices_done + - drm/msm/dsi: set default num_data_lanes + - net/mlx4_en: Update reported link modes for 1/10G + - parisc/agp: Annotate parisc agp init functions with __init + - i2c: rk3x: Handle a spurious start completion interrupt flag + - net: netlink: af_netlink: Prevent empty skb by adding a check on len. + - drm/amd/display: Fix for the no Audio bug with Tiled Displays + - drm/amd/display: add connector type check for CRC source set + - tracing: Fix a kmemleak false positive in tracing_map + - KVM: x86: Ignore sparse banks size for an "all CPUs", non-sparse IPI req + - selinux: fix race condition when computing ocontext SIDs + - bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc + - hwmon: (dell-smm) Fix warning on /proc/i8k creation error + - memblock: free_unused_memmap: use pageblock units instead of MAX_ORDER + - memblock: align freed memory map on pageblock boundaries with SPARSEMEM + - memblock: ensure there is no overflow in memblock_overlaps_region() + - arm: extend pfn_valid to take into account freed memory map alignment + - arm: ioremap: don't abuse pfn_valid() to check if pfn is in RAM + - Linux 5.4.167 + * Packaging resync (LP: #1786013) + - [Packaging] resync getabis + + [ Ubuntu: 5.4.0-104.118 ] + + * CVE-2022-23960 + - SAUCE: kvm: arm: fix build on 32-bit + + -- Khalid Elmously Wed, 09 Mar 2022 19:16:49 -0500 + +linux-ibm (5.4.0-1017.19) focal; urgency=medium + + * Disable unprivileged BPF by default (LP: #1961338) + - [Config] set CONFIG_BPF_UNPRIV_DEFAULT_OFF=y + + * Packaging resync (LP: #1786013) + - [Packaging] resync getabis + + [ Ubuntu: 5.4.0-103.117 ] + + * CVE-2022-23960 + - arm64: Add part number for Arm Cortex-A77 + - arm64: Add Neoverse-N2, Cortex-A710 CPU part definition + - arm64: Add Cortex-X2 CPU part definition + - arm64: add ID_AA64ISAR2_EL1 sys register + - SAUCE: arm64: entry.S: Add ventry overflow sanity checks + - SAUCE: arm64: entry: Make the trampoline cleanup optional + - SAUCE: arm64: entry: Free up another register on kpti's tramp_exit path + - SAUCE: arm64: entry: Move the trampoline data page before the text page + - SAUCE: arm64: entry: Allow tramp_alias to access symbols after the 4K + boundary + - SAUCE: arm64: entry: Don't assume tramp_vectors is the start of the vectors + - SAUCE: arm64: entry: Move trampoline macros out of ifdef'd section + - SAUCE: arm64: entry: Make the kpti trampoline's kpti sequence optional + - SAUCE: arm64: entry: Allow the trampoline text to occupy multiple pages + - SAUCE: arm64: entry: Add non-kpti __bp_harden_el1_vectors for mitigations + - SAUCE: arm64: entry: Add vectors that have the bhb mitigation sequences + - SAUCE: arm64: entry: Add macro for reading symbol addresses from the + trampoline + - SAUCE: arm64: Add percpu vectors for EL1 + - SAUCE: arm64: proton-pack: Report Spectre-BHB vulnerabilities as part of + Spectre-v2 + - SAUCE: KVM: arm64: Add templates for BHB mitigation sequences + - SAUCE: arm64: Mitigate spectre style branch history side channels + - SAUCE: KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered and + migrated + - SAUCE: arm64: Use the clearbhb instruction in mitigations + - [Config]: set CONFIG_MITIGATE_SPECTRE_BRANCH_HISTORY=y + * CVE-2022-25636 + - netfilter: nf_tables_offload: incorrect flow offload action array size + * CVE-2022-0001 + - x86/speculation: Merge one test in spectre_v2_user_select_mitigation() + - x86,bugs: Unconditionally allow spectre_v2=retpoline,amd + - SAUCE: x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE + - SAUCE: x86/speculation: Add eIBRS + Retpoline options + - SAUCE: Documentation/hw-vuln: Update spectre doc + * Disable unprivileged BPF by default (LP: #1961338) + - bpf: Add kconfig knob for disabling unpriv bpf by default + - [Config] set CONFIG_BPF_UNPRIV_DEFAULT_OFF=y + + -- Marcelo Henrique Cerri Wed, 02 Mar 2022 10:40:08 -0300 + +linux-ibm (5.4.0-1015.16) focal; urgency=medium + + * focal/linux-ibm: 5.4.0-1015.16 -proposed tracker (LP: #1959263) + + [ Ubuntu: 5.4.0-100.113 ] + + * focal/linux: 5.4.0-100.113 -proposed tracker (LP: #1959900) + * CVE-2022-22942 + - SAUCE: drm/vmwgfx: Fix stale file descriptors on failed usercopy + * CVE-2022-0330 + - drm/i915: Flush TLBs before releasing backing store + * Focal update: v5.4.166 upstream stable release (LP: #1957008) + - netfilter: selftest: conntrack_vrf.sh: fix file permission + - Linux 5.4.166 + - net/packet: rx_owner_map depends on pg_vec + - USB: gadget: bRequestType is a bitfield, not a enum + - HID: holtek: fix mouse probing + - udp: using datalen to cap ipv6 udp max gso segments + - selftests: Calculate udpgso segment count without header adjustment + * Focal update: v5.4.165 upstream stable release (LP: #1957007) + - serial: tegra: Change lower tolerance baud rate limit for tegra20 and + tegra30 + - ntfs: fix ntfs_test_inode and ntfs_init_locked_inode function type + - HID: quirks: Add quirk for the Microsoft Surface 3 type-cover + - HID: google: add eel USB id + - HID: add hid_is_usb() function to make it simpler for USB detection + - HID: add USB_HID dependancy to hid-prodikeys + - HID: add USB_HID dependancy to hid-chicony + - HID: add USB_HID dependancy on some USB HID drivers + - HID: bigbenff: prevent null pointer dereference + - HID: wacom: fix problems when device is not a valid USB device + - HID: check for valid USB device for many HID drivers + - can: kvaser_usb: get CAN clock frequency from device + - can: kvaser_pciefd: kvaser_pciefd_rx_error_frame(): increase correct + stats->{rx,tx}_errors counter + - can: sja1000: fix use after free in ems_pcmcia_add_card() + - nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done + - selftests: netfilter: add a vrf+conntrack testcase + - vrf: don't run conntrack on vrf with !dflt qdisc + - bpf: Fix the off-by-two error in range markings + - ice: ignore dropped packets during init + - bonding: make tx_rebalance_counter an atomic + - nfp: Fix memory leak in nfp_cpp_area_cache_add() + - seg6: fix the iif in the IPv6 socket control block + - udp: using datalen to cap max gso segments + - iavf: restore MSI state on reset + - iavf: Fix reporting when setting descriptor count + - IB/hfi1: Correct guard on eager buffer deallocation + - mm: bdi: initialize bdi_min_ratio when bdi is unregistered + - ALSA: ctl: Fix copy of updated id with element read/write + - ALSA: hda/realtek - Add headset Mic support for Lenovo ALC897 platform + - ALSA: pcm: oss: Fix negative period/buffer sizes + - ALSA: pcm: oss: Limit the period size to 16MB + - ALSA: pcm: oss: Handle missing errors in snd_pcm_oss_change_params*() + - btrfs: clear extent buffer uptodate when we fail to write it + - btrfs: replace the BUG_ON in btrfs_del_root_ref with proper error handling + - nfsd: Fix nsfd startup race (again) + - tracefs: Have new files inherit the ownership of their parent + - clk: qcom: regmap-mux: fix parent clock lookup + - drm/syncobj: Deal with signalled fences in drm_syncobj_find_fence. + - can: pch_can: pch_can_rx_normal: fix use after free + - can: m_can: Disable and ignore ELO interrupt + - x86/sme: Explicitly map new EFI memmap table as encrypted + - libata: add horkage for ASMedia 1092 + - wait: add wake_up_pollfree() + - SAUCE: binder: export __wake_up_pollfree for binder module + - binder: use wake_up_pollfree() + - signalfd: use wake_up_pollfree() + - aio: keep poll requests on waitqueue until completed + - aio: fix use-after-free due to missing POLLFREE handling + - tracefs: Set all files to the same group ownership as the mount option + - block: fix ioprio_get(IOPRIO_WHO_PGRP) vs setuid(2) + - qede: validate non LSO skb length + - ASoC: qdsp6: q6routing: Fix return value from msm_routing_put_audio_mixer + - i40e: Fix failed opcode appearing if handling messages from VF + - i40e: Fix pre-set max number of queues for VF + - mtd: rawnand: fsmc: Take instruction delay into account + - mtd: rawnand: fsmc: Fix timing computation + - dt-bindings: net: Reintroduce PHY no lane swap binding + - tools build: Remove needless libpython-version feature check that breaks + test-all fast path + - net: cdc_ncm: Allow for dwNtbOutMaxSize to be unset or zero + - net: altera: set a couple error code in probe() + - net: fec: only clear interrupt of handling queue in fec_enet_rx_queue() + - net, neigh: clear whole pneigh_entry at alloc time + - net/qla3xxx: fix an error code in ql_adapter_up() + - Revert "UBUNTU: SAUCE: selftests: fib_tests: assign address to dummy1 for + rp_filter tests" + - selftests/fib_tests: Rework fib_rp_filter_test() + - USB: gadget: detect too-big endpoint 0 requests + - USB: gadget: zero allocate endpoint 0 buffers + - usb: core: config: fix validation of wMaxPacketValue entries + - xhci: Remove CONFIG_USB_DEFAULT_PERSIST to prevent xHCI from runtime + suspending + - usb: core: config: using bit mask instead of individual bits + - xhci: avoid race between disable slot command and host runtime suspend + - iio: trigger: Fix reference counting + - iio: trigger: stm32-timer: fix MODULE_ALIAS + - iio: stk3310: Don't return error code in interrupt handler + - iio: mma8452: Fix trigger reference couting + - iio: ltr501: Don't return error code in trigger handler + - iio: kxsd9: Don't return error code in trigger handler + - iio: itg3200: Call iio_trigger_notify_done() on error + - iio: dln2-adc: Fix lockdep complaint + - iio: dln2: Check return value of devm_iio_trigger_register() + - iio: at91-sama5d2: Fix incorrect sign extension + - iio: adc: axp20x_adc: fix charging current reporting on AXP22x + - iio: ad7768-1: Call iio_trigger_notify_done() on error + - iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove + - irqchip/armada-370-xp: Fix return value of armada_370_xp_msi_alloc() + - irqchip/armada-370-xp: Fix support for Multi-MSI interrupts + - irqchip/irq-gic-v3-its.c: Force synchronisation when issuing INVALL + - irqchip: nvic: Fix offset for Interrupt Priority Offsets + - misc: fastrpc: fix improper packet size calculation + - bpf: Add selftests to cover packet access corner cases + - Linux 5.4.165 + * Focal update: v5.4.164 upstream stable release (LP: #1956381) + - NFSv42: Fix pagecache invalidation after COPY/CLONE + - of: clk: Make self-contained + - arm64: dts: mcbin: support 2W SFP modules + - can: j1939: j1939_tp_cmd_recv(): check the dst address of TP.CM_BAM + - gfs2: Fix length of holes reported at end-of-file + - drm/sun4i: fix unmet dependency on RESET_CONTROLLER for PHY_SUN6I_MIPI_DPHY + - mac80211: do not access the IV when it was stripped + - net/smc: Transfer remaining wait queue entries during fallback + - atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait + - net: return correct error code + - platform/x86: thinkpad_acpi: Fix WWAN device disabled issue after S3 deep + - s390/setup: avoid using memblock_enforce_memory_limit + - btrfs: check-integrity: fix a warning on write caching disabled disk + - thermal: core: Reset previous low and high trip during thermal zone init + - scsi: iscsi: Unblock session then wake up error handler + - ata: ahci: Add Green Sardine vendor ID as board_ahci_mobile + - ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in + hns_dsaf_ge_srst_by_port() + - net: tulip: de4x5: fix the problem that the array 'lp->phy[8]' may be out of + bound + - net: ethernet: dec: tulip: de4x5: fix possible array overflows in + type3_infoblock() + - perf hist: Fix memory leak of a perf_hpp_fmt + - perf report: Fix memory leaks around perf_tip() + - net/smc: Avoid warning of possible recursive locking + - vrf: Reset IPCB/IP6CB when processing outbound pkts in vrf dev xmit + - kprobes: Limit max data_size of the kretprobe instances + - rt2x00: do not mark device gone on EPROTO errors during start + - cpufreq: Fix get_cpu_device() failure in add_cpu_dev_symlink() + - s390/pci: move pseudo-MMIO to prevent MIO overlap + - sata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl + - sata_fsl: fix warning in remove_proc_entry when rmmod sata_fsl + - i2c: stm32f7: flush TX FIFO upon transfer errors + - i2c: stm32f7: recover the bus on access timeout + - i2c: stm32f7: stop dma transfer in case of NACK + - i2c: cbus-gpio: set atomic transfer callback + - natsemi: xtensa: fix section mismatch warnings + - net: qlogic: qlcnic: Fix a NULL pointer dereference in + qlcnic_83xx_add_rings() + - net: mpls: Fix notifications when deleting a device + - siphash: use _unaligned version by default + - net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources() + - selftests: net: Correct case name + - rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer() + - net: usb: lan78xx: lan78xx_phy_init(): use PHY_POLL instead of "0" if no IRQ + is available + - net: marvell: mvpp2: Fix the computation of shared CPUs + - net: annotate data-races on txq->xmit_lock_owner + - ipv4: convert fib_num_tclassid_users to atomic_t + - net/rds: correct socket tunable error in rds_tcp_tune() + - net/smc: Keep smc_close_final rc during active close + - drm/msm: Do hw_init() before capturing GPU state + - ipv6: fix memory leak in fib6_rule_suppress + - KVM: x86/pmu: Fix reserved bits for AMD PerfEvtSeln register + - sched/uclamp: Fix rq->uclamp_max not set on first enqueue + - parisc: Fix KBUILD_IMAGE for self-extracting kernel + - parisc: Fix "make install" on newer debian releases + - vgacon: Propagate console boot parameters before calling `vc_resize' + - xhci: Fix commad ring abort, write all 64 bits to CRCR register. + - USB: NO_LPM quirk Lenovo Powered USB-C Travel Hub + - usb: typec: tcpm: Wait in SNK_DEBOUNCED until disconnect + - x86/tsc: Add a timer to make sure TSC_adjust is always checked + - x86/tsc: Disable clocksource watchdog for TSC on qualified platorms + - x86/64/mm: Map all kernel memory into trampoline_pgd + - tty: serial: msm_serial: Deactivate RX DMA for polling support + - serial: pl011: Add ACPI SBSA UART match id + - serial: core: fix transmit-buffer reset and memleak + - serial: 8250_pci: Fix ACCES entries in pci_serial_quirks array + - serial: 8250_pci: rewrite pericom_do_set_divisor() + - iwlwifi: mvm: retry init flow if failed + - parisc: Mark cr16 CPU clocksource unstable on all SMP machines + - net/tls: Fix authentication failure in CCM mode + - Linux 5.4.164 + * Focal update: v5.4.163 upstream stable release (LP: #1956380) + - USB: serial: option: add Telit LE910S1 0x9200 composition + - USB: serial: option: add Fibocom FM101-GL variants + - usb: dwc2: gadget: Fix ISOC flow for elapsed frames + - usb: dwc2: hcd_queue: Fix use of floating point literal + - net: nexthop: fix null pointer dereference when IPv6 is not enabled + - usb: typec: fusb302: Fix masking of comparator and bc_lvl interrupts + - usb: hub: Fix usb enumeration issue due to address0 race + - usb: hub: Fix locking issues with address0_mutex + - binder: fix test regression due to sender_euid change + - ALSA: ctxfi: Fix out-of-range access + - media: cec: copy sequence field for the reply + - HID: wacom: Use "Confidence" flag to prevent reporting invalid contacts + - staging/fbtft: Fix backlight + - staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() + - xen: don't continue xenstore initialization in case of errors + - xen: detect uninitialized xenbus in xenbus_init + - KVM: PPC: Book3S HV: Prevent POWER7/8 TLB flush flushing SLB + - tracing/uprobe: Fix uprobe_perf_open probes iteration + - tracing: Fix pid filtering when triggers are attached + - mmc: sdhci: Fix ADMA for PAGE_SIZE >= 64KiB + - mdio: aspeed: Fix "Link is Down" issue + - PCI: aardvark: Deduplicate code in advk_pcie_rd_conf() + - PCI: aardvark: Wait for endpoint to be ready before training link + - PCI: aardvark: Fix big endian support + - PCI: aardvark: Train link immediately after enabling training + - PCI: aardvark: Improve link training + - PCI: aardvark: Issue PERST via GPIO + - PCI: aardvark: Replace custom macros by standard linux/pci_regs.h macros + - PCI: aardvark: Don't touch PCIe registers if no card connected + - PCI: aardvark: Fix compilation on s390 + - PCI: aardvark: Move PCIe reset card code to advk_pcie_train_link() + - PCI: aardvark: Update comment about disabling link training + - PCI: pci-bridge-emul: Fix array overruns, improve safety + - PCI: aardvark: Configure PCIe resources from 'ranges' DT property + - PCI: aardvark: Fix PCIe Max Payload Size setting + - PCI: aardvark: Implement re-issuing config requests on CRS response + - PCI: aardvark: Simplify initialization of rootcap on virtual bridge + - PCI: aardvark: Fix link training + - PCI: aardvark: Fix support for bus mastering and PCI_COMMAND on emulated + bridge + - PCI: aardvark: Set PCI Bridge Class Code to PCI Bridge + - PCI: aardvark: Fix support for PCI_BRIDGE_CTL_BUS_RESET on emulated bridge + - pinctrl: armada-37xx: Correct PWM pins definitions + - arm64: dts: marvell: armada-37xx: Set pcie_reset_pin to gpio function + - proc/vmcore: fix clearing user buffer by properly using clear_user() + - netfilter: ipvs: Fix reuse connection if RS weight is 0 + - ARM: dts: BCM5301X: Fix I2C controller interrupt + - ARM: dts: BCM5301X: Add interrupt properties to GPIO node + - ASoC: qdsp6: q6routing: Conditionally reset FrontEnd Mixer + - ASoC: topology: Add missing rwsem around snd_ctl_remove() calls + - net: ieee802154: handle iftypes as u32 + - firmware: arm_scmi: pm: Propagate return value to caller + - NFSv42: Don't fail clone() unless the OP_CLONE operation failed + - ARM: socfpga: Fix crash with CONFIG_FORTIRY_SOURCE + - scsi: mpt3sas: Fix kernel panic during drive powercycle test + - drm/vc4: fix error code in vc4_create_object() + - iavf: Prevent changing static ITR values if adaptive moderation is on + - ipv6: fix typos in __ip6_finish_output() + - nfp: checking parameter process for rx-usecs/tx-usecs is invalid + - net: ipv6: add fib6_nh_release_dsts stub + - net: nexthop: release IPv6 per-cpu dsts when replacing a nexthop group + - scsi: core: sysfs: Fix setting device state to SDEV_RUNNING + - net/smc: Ensure the active closing peer first closes clcsock + - nvmet-tcp: fix incomplete data digest send + - net/ncsi : Add payload to be 32-bit aligned to fix dropped packets + - PM: hibernate: use correct mode for swsusp_close() + - tcp_cubic: fix spurious Hystart ACK train detections for not-cwnd-limited + flows + - nvmet: use IOCB_NOWAIT only if the filesystem supports it + - igb: fix netpoll exit with traffic + - MIPS: use 3-level pgtable for 64KB page size on MIPS_VA_BITS_48 + - net: vlan: fix underflow for the real_dev refcnt + - net/smc: Don't call clcsock shutdown twice when smc shutdown + - net: hns3: fix VF RSS failed problem after PF enable multi-TCs + - net: mscc: ocelot: don't downgrade timestamping RX filters in SIOCSHWTSTAMP + - net: mscc: ocelot: correctly report the timestamping RX filters in ethtool + - f2fs: set SBI_NEED_FSCK flag when inconsistent node block found + - smb3: do not error on fsync when readonly + - vhost/vsock: fix incorrect used length reported to the guest + - tracing: Check pid filtering when creating events + - s390/mm: validate VMA in PGSTE manipulation functions + - shm: extend forced shm destroy to support objects from several IPC nses + - NFC: add NCI_UNREG flag to eliminate the race + - fuse: release pipe buf after last use + - xen: sync include/xen/interface/io/ring.h with Xen's newest version + - xen/blkfront: read response from backend only once + - xen/blkfront: don't take local copy of a request from the ring page + - xen/blkfront: don't trust the backend response data blindly + - xen/netfront: read response from backend only once + - xen/netfront: don't read data from request on the ring page + - xen/netfront: disentangle tx_skb_freelist + - xen/netfront: don't trust the backend response data blindly + - tty: hvc: replace BUG_ON() with negative return value + - Linux 5.4.163 + * net/mlx5e: EPERM on vlan 0 programming (LP: #1957753) + - net/mlx5e: Unblock setting vid 0 for VF in case PF isn't eswitch manager + * CVE-2021-4083 + - fget: check that the fd still exists after getting a ref to it + * CVE-2021-4155 + - xfs: map unwritten blocks in XFS_IOC_{ALLOC, FREE}SP just like fallocate + + -- Khalid Elmously Fri, 11 Feb 2022 21:43:23 -0500 + +linux-ibm (5.4.0-1014.15) focal; urgency=medium + + * focal/linux-ibm: 5.4.0-1014.15 -proposed tracker (LP: #1959802) + + [ Ubuntu: 5.4.0-99.112 ] + + * focal/linux: 5.4.0-99.112 -proposed tracker (LP: #1959817) + * linux-image-5.4.0-97.110 freezes by accessing cifs shares (LP: #1959665) + - Revert "cifs: To match file servers, make sure the server hostname matches" + - Revert "cifs: set a minimum of 120s for next dns resolution" + - Revert "cifs: use the expiry output of dns_query to schedule next + resolution" + + -- Khalid Elmously Sat, 05 Feb 2022 23:16:38 -0500 + +linux-ibm (5.4.0-1013.14) focal; urgency=medium + + * focal/linux-ibm: 5.4.0-1013.14 -proposed tracker (LP: #1955231) + + [ Ubuntu: 5.4.0-97.110 ] + + * icmp_redirect from selftests fails on F/kvm (unary operator expected) + (LP: #1938964) + - selftests: icmp_redirect: pass xfail=0 to log_test() + * Focal: CIFS stable updates (LP: #1954926) + - cifs: use the expiry output of dns_query to schedule next resolution + - cifs: set a minimum of 120s for next dns resolution + - cifs: To match file servers, make sure the server hostname matches + * seccomp_bpf in seccomp from ubuntu_kernel_selftests failed to build on B-5.4 + (LP: #1896420) + - SAUCE: selftests/seccomp: fix "storage size of 'md' isn't known" build issue + - SAUCE: selftests/seccomp: Fix s390x regs not defined issue + * system crash when removing ipmi_msghandler module (LP: #1950666) + - ipmi: Move remove_work to dedicated workqueue + - ipmi: msghandler: Make symbol 'remove_work_wq' static + * zcrypt DD: Toleration for new IBM Z Crypto Hardware - (Backport to Ubuntu + 20.04) (LP: #1954680) + - s390/AP: support new dynamic AP bus size limit + * [UBUNTU 20.04] KVM hardware diagnose data improvements for guest kernel - + kernel part (LP: #1953334) + - s390/setup: diag 318: refactor struct + - s390/kvm: diagnose 0x318 sync and reset + - KVM: s390: remove diag318 reset code + - KVM: s390: add debug statement for diag 318 CPNC data + * Updates to ib_peer_memory requested by Nvidia (LP: #1947206) + - SAUCE: RDMA/core: Updated ib_peer_memory + * Include Infiniband Peer Memory interface (LP: #1923104) + - IB: Allow calls to ib_umem_get from kernel ULPs + - SAUCE: RDMA/core: Introduce peer memory interface + * Focal update: v5.4.162 upstream stable release (LP: #1954834) + - arm64: zynqmp: Do not duplicate flash partition label property + - arm64: zynqmp: Fix serial compatible string + - ARM: dts: NSP: Fix mpcore, mmc node names + - scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq() + - arm64: dts: hisilicon: fix arm,sp805 compatible string + - RDMA/bnxt_re: Check if the vlan is valid before reporting + - usb: musb: tusb6010: check return value after calling + platform_get_resource() + - usb: typec: tipd: Remove WARN_ON in tps6598x_block_read + - arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency + - arm64: dts: freescale: fix arm,sp805 compatible string + - ASoC: SOF: Intel: hda-dai: fix potential locking issue + - clk: imx: imx6ul: Move csi_sel mux to correct base register + - ASoC: nau8824: Add DMI quirk mechanism for active-high jack-detect + - scsi: advansys: Fix kernel pointer leak + - firmware_loader: fix pre-allocated buf built-in firmware use + - ARM: dts: omap: fix gpmc,mux-add-data type + - usb: host: ohci-tmio: check return value after calling + platform_get_resource() + - ARM: dts: ls1021a: move thermal-zones node out of soc/ + - ARM: dts: ls1021a-tsn: use generic "jedec,spi-nor" compatible for flash + - ALSA: ISA: not for M68K + - tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc + - MIPS: sni: Fix the build + - scsi: target: Fix ordered tag handling + - scsi: target: Fix alua_tg_pt_gps_count tracking + - iio: imu: st_lsm6dsx: Avoid potential array overflow in st_lsm6dsx_set_odr() + - powerpc/5200: dts: fix memory node unit name + - ALSA: gus: fix null pointer dereference on pointer block + - powerpc/dcr: Use cmplwi instead of 3-argument cmpli + - sh: check return code of request_irq + - maple: fix wrong return value of maple_bus_init(). + - f2fs: fix up f2fs_lookup tracepoints + - sh: fix kconfig unmet dependency warning for FRAME_POINTER + - sh: math-emu: drop unused functions + - sh: define __BIG_ENDIAN for math-emu + - clk: ingenic: Fix bugs with divided dividers + - clk/ast2600: Fix soc revision for AHB + - clk: qcom: gcc-msm8996: Drop (again) gcc_aggre1_pnoc_ahb_clk + - mips: BCM63XX: ensure that CPU_SUPPORTS_32BIT_KERNEL is set + - sched/core: Mitigate race cpus_share_cache()/update_top_cache_domain() + - tracing: Save normal string variables + - tracing/histogram: Do not copy the fixed-size char array field over the + field size + - RDMA/netlink: Add __maybe_unused to static inline in C file + - perf bpf: Avoid memory leak from perf_env__insert_btf() + - perf bench futex: Fix memory leak of perf_cpu_map__new() + - perf tests: Remove bash construct from record+zstd_comp_decomp.sh + - net: bnx2x: fix variable dereferenced before check + - iavf: check for null in iavf_fix_features + - iavf: free q_vectors before queues in iavf_disable_vf + - iavf: Fix failure to exit out from last all-multicast mode + - iavf: prevent accidental free of filter structure + - iavf: validate pointers + - iavf: Fix for the false positive ASQ/ARQ errors while issuing VF reset + - MIPS: generic/yamon-dt: fix uninitialized variable error + - mips: bcm63xx: add support for clk_get_parent() + - mips: lantiq: add support for clk_get_parent() + - platform/x86: hp_accel: Fix an error handling path in 'lis3lv02d_probe()' + - scsi: core: sysfs: Fix hang when device state is set via sysfs + - net: sched: act_mirred: drop dst for the direction from egress to ingress + - net: dpaa2-eth: fix use-after-free in dpaa2_eth_remove + - net: virtio_net_hdr_to_skb: count transport header in UFO + - i40e: Fix correct max_pkt_size on VF RX queue + - i40e: Fix NULL ptr dereference on VSI filter sync + - i40e: Fix changing previously set num_queue_pairs for PFs + - i40e: Fix ping is lost after configuring ADq on VF + - i40e: Fix creation of first queue by omitting it if is not power of two + - i40e: Fix display error code in dmesg + - NFC: reorganize the functions in nci_request + - drm/nouveau: hdmigv100.c: fix corrupted HDMI Vendor InfoFrame + - NFC: reorder the logic in nfc_{un,}register_device + - KVM: PPC: Book3S HV: Use GLOBAL_TOC for kvmppc_h_set_dabr/xdabr() + - perf/x86/intel/uncore: Fix filter_tid mask for CHA events on Skylake Server + - perf/x86/intel/uncore: Fix IIO event constraints for Skylake Server + - s390/kexec: fix return code handling + - arm64: vdso32: suppress error message for 'make mrproper' + - tun: fix bonding active backup with arp monitoring + - hexagon: export raw I/O routines for modules + - ipc: WARN if trying to remove ipc object which is absent + - mm: kmemleak: slob: respect SLAB_NOLEAKTRACE flag + - x86/hyperv: Fix NULL deref in set_hv_tscchange_cb() if Hyper-V setup fails + - s390/kexec: fix memory leak of ipl report buffer + - udf: Fix crash after seekdir + - btrfs: fix memory ordering between normal and ordered work functions + - parisc/sticon: fix reverse colors + - cfg80211: call cfg80211_stop_ap when switch from P2P_GO type + - drm/udl: fix control-message timeout + - drm/nouveau: use drm_dev_unplug() during device removal + - drm/i915/dp: Ensure sink rate values are always valid + - drm/amdgpu: fix set scaling mode Full/Full aspect/Center not works on vga + and dvi connectors + - Revert "net: mvpp2: disable force link UP during port init procedure" + - perf/core: Avoid put_page() when GUP fails + - batman-adv: Consider fragmentation for needed_headroom + - batman-adv: Reserve needed_*room for fragments + - batman-adv: Don't always reallocate the fragmentation skb head + - ASoC: DAPM: Cover regression by kctl change notification fix + - usb: max-3421: Use driver data instead of maintaining a list of bound + devices + - ice: Delete always true check of PF pointer + - ALSA: hda: hdac_ext_stream: fix potential locking issues + - ALSA: hda: hdac_stream: fix potential locking issue in + snd_hdac_stream_assign() + - Linux 5.4.162 + * Focal update: v5.4.161 upstream stable release (LP: #1954828) + - scsi: ufs: Fix interrupt error message for shared interrupts + - MIPS: Fix assembly error from MIPSr2 code used within MIPS_ISA_ARCH_LEVEL + - ext4: fix lazy initialization next schedule time computation in more + granular unit + - scsi: ufs: Fix tm request when non-fatal error happens + - fortify: Explicitly disable Clang support + - parisc/entry: fix trace test in syscall exit path + - PCI/MSI: Destroy sysfs before freeing entries + - PCI/MSI: Deal with devices lying about their MSI mask capability + - PCI: Add MSI masking quirk for Nvidia ION AHCI + - erofs: remove the occupied parameter from z_erofs_pagevec_enqueue() + - erofs: fix unsafe pagevec reuse of hooked pclusters + - Linux 5.4.161 + * Focal update: v5.4.160 upstream stable release (LP: #1953387) + - xhci: Fix USB 3.1 enumeration issues by increasing roothub power-on-good + delay + - usb: xhci: Enable runtime-pm by default on AMD Yellow Carp platform + - binder: use euid from cred instead of using task + - binder: use cred instead of task for selinux checks + - binder: use cred instead of task for getsecid + - Input: iforce - fix control-message timeout + - Input: elantench - fix misreporting trackpoint coordinates + - Input: i8042 - Add quirk for Fujitsu Lifebook T725 + - libata: fix read log timeout value + - ocfs2: fix data corruption on truncate + - scsi: qla2xxx: Fix kernel crash when accessing port_speed sysfs file + - scsi: qla2xxx: Fix use after free in eh_abort path + - mmc: dw_mmc: Dont wait for DRTO on Write RSP error + - parisc: Fix ptrace check on syscall return + - tpm: Check for integer overflow in tpm2_map_response_body() + - firmware/psci: fix application of sizeof to pointer + - crypto: s5p-sss - Add error handling in s5p_aes_probe() + - media: ite-cir: IR receiver stop working after receive overflow + - media: ir-kbd-i2c: improve responsiveness of hauppauge zilog receivers + - media: v4l2-ioctl: Fix check_ext_ctrls + - ALSA: hda/realtek: Add quirk for Clevo PC70HS + - ALSA: hda/realtek: Add a quirk for Acer Spin SP513-54N + - ALSA: hda/realtek: Add quirk for ASUS UX550VE + - ALSA: hda/realtek: Add quirk for HP EliteBook 840 G7 mute LED + - ALSA: ua101: fix division by zero at probe + - ALSA: 6fire: fix control and bulk message timeouts + - ALSA: line6: fix control and interrupt message timeouts + - ALSA: usb-audio: Add registration quirk for JBL Quantum 400 + - ALSA: synth: missing check for possible NULL after the call to kstrdup + - ALSA: timer: Fix use-after-free problem + - ALSA: timer: Unconditionally unlink slave instances, too + - fuse: fix page stealing + - x86/sme: Use #define USE_EARLY_PGTABLE_L5 in mem_encrypt_identity.c + - x86/cpu: Fix migration safety with X86_BUG_NULL_SEL + - x86/irq: Ensure PI wakeup handler is unregistered before module unload + - cavium: Return negative value when pci_alloc_irq_vectors() fails + - scsi: qla2xxx: Return -ENOMEM if kzalloc() fails + - scsi: qla2xxx: Fix unmap of already freed sgl + - cavium: Fix return values of the probe function + - sfc: Don't use netif_info before net_device setup + - hyperv/vmbus: include linux/bitops.h + - ARM: dts: sun7i: A20-olinuxino-lime2: Fix ethernet phy-mode + - reset: socfpga: add empty driver allowing consumers to probe + - mmc: winbond: don't build on M68K + - drm: panel-orientation-quirks: Add quirk for Aya Neo 2021 + - bpf: Define bpf_jit_alloc_exec_limit for arm64 JIT + - bpf: Prevent increasing bpf_jit_limit above max + - xen/netfront: stop tx queues during live migration + - nvmet-tcp: fix a memory leak when releasing a queue + - spi: spl022: fix Microwire full duplex mode + - net: multicast: calculate csum of looped-back and forwarded packets + - watchdog: Fix OMAP watchdog early handling + - drm: panel-orientation-quirks: Add quirk for GPD Win3 + - nvmet-tcp: fix header digest verification + - r8169: Add device 10ec:8162 to driver r8169 + - vmxnet3: do not stop tx queues after netif_device_detach() + - nfp: bpf: relax prog rejection for mtu check through max_pkt_offset + - net/smc: Correct spelling mistake to TCPF_SYN_RECV + - btrfs: clear MISSING device status bit in btrfs_close_one_device + - btrfs: fix lost error handling when replaying directory deletes + - btrfs: call btrfs_check_rw_degradable only if there is a missing device + - ia64: kprobes: Fix to pass correct trampoline address to the handler + - hwmon: (pmbus/lm25066) Add offset coefficients + - regulator: s5m8767: do not use reset value as DVS voltage if GPIO DVS is + disabled + - regulator: dt-bindings: samsung,s5m8767: correct s5m8767,pmic-buck-default- + dvs-idx property + - EDAC/sb_edac: Fix top-of-high-memory value for Broadwell/Haswell + - mwifiex: fix division by zero in fw download path + - ath6kl: fix division by zero in send path + - ath6kl: fix control-message timeout + - ath10k: fix control-message timeout + - ath10k: fix division by zero in send path + - PCI: Mark Atheros QCA6174 to avoid bus reset + - rtl8187: fix control-message timeouts + - evm: mark evm_fixmode as __ro_after_init + - wcn36xx: Fix HT40 capability for 2Ghz band + - mwifiex: Read a PCI register after writing the TX ring write pointer + - libata: fix checking of DMA state + - wcn36xx: handle connection loss indication + - rsi: fix occasional initialisation failure with BT coex + - rsi: fix key enabled check causing unwanted encryption for vap_id > 0 + - rsi: fix rate mask set leading to P2P failure + - rsi: Fix module dev_oper_mode parameter description + - RDMA/qedr: Fix NULL deref for query_qp on the GSI QP + - signal: Remove the bogus sigkill_pending in ptrace_stop + - signal/mips: Update (_save|_restore)_fp_context to fail with -EFAULT + - power: supply: max17042_battery: Prevent int underflow in set_soc_threshold + - power: supply: max17042_battery: use VFSOC for capacity when no rsns + - KVM: nVMX: Query current VMCS when determining if MSR bitmaps are in use + - can: j1939: j1939_tp_cmd_recv(): ignore abort message in the BAM transport + - can: j1939: j1939_can_recv(): ignore messages with invalid source address + - powerpc/85xx: Fix oops when mpc85xx_smp_guts_ids node cannot be found + - serial: core: Fix initializing and restoring termios speed + - ALSA: mixer: oss: Fix racy access to slots + - ALSA: mixer: fix deadlock in snd_mixer_oss_set_volume + - xen/balloon: add late_initcall_sync() for initial ballooning done + - PCI: pci-bridge-emul: Fix emulation of W1C bits + - PCI: aardvark: Do not clear status bits of masked interrupts + - PCI: aardvark: Fix checking for link up via LTSSM state + - PCI: aardvark: Do not unmask unused interrupts + - PCI: aardvark: Fix reporting Data Link Layer Link Active + - PCI: aardvark: Fix return value of MSI domain .alloc() method + - PCI: aardvark: Read all 16-bits from PCIE_MSI_PAYLOAD_REG + - quota: check block number when reading the block in quota file + - quota: correct error number in free_dqentry() + - pinctrl: core: fix possible memory leak in pinctrl_enable() + - iio: dac: ad5446: Fix ad5622_write() return value + - USB: serial: keyspan: fix memleak on probe errors + - USB: iowarrior: fix control-message timeouts + - USB: chipidea: fix interrupt deadlock + - dma-buf: WARN on dmabuf release with pending attachments + - drm: panel-orientation-quirks: Update the Lenovo Ideapad D330 quirk (v2) + - drm: panel-orientation-quirks: Add quirk for KD Kurio Smart C15200 2-in-1 + - drm: panel-orientation-quirks: Add quirk for the Samsung Galaxy Book 10.6 + - Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() + - Bluetooth: fix use-after-free error in lock_sock_nested() + - drm/panel-orientation-quirks: add Valve Steam Deck + - platform/x86: wmi: do not fail if disabling fails + - MIPS: lantiq: dma: add small delay after reset + - MIPS: lantiq: dma: reset correct number of channel + - locking/lockdep: Avoid RCU-induced noinstr fail + - net: sched: update default qdisc visibility after Tx queue cnt changes + - smackfs: Fix use-after-free in netlbl_catmap_walk() + - x86: Increase exception stack sizes + - mwifiex: Run SET_BSS_MODE when changing from P2P to STATION vif-type + - mwifiex: Properly initialize private structure on interface type changes + - ath10k: high latency fixes for beacon buffer + - media: mt9p031: Fix corrupted frame after restarting stream + - media: netup_unidvb: handle interrupt properly according to the firmware + - media: stm32: Potential NULL pointer dereference in dcmi_irq_thread() + - media: uvcvideo: Set capability in s_param + - media: uvcvideo: Return -EIO for control errors + - media: uvcvideo: Set unique vdev name based in type + - media: s5p-mfc: fix possible null-pointer dereference in s5p_mfc_probe() + - media: s5p-mfc: Add checking to s5p_mfc_probe(). + - media: imx: set a media_device bus_info string + - media: mceusb: return without resubmitting URB in case of -EPROTO error. + - ia64: don't do IA64_CMPXCHG_DEBUG without CONFIG_PRINTK + - brcmfmac: Add DMI nvram filename quirk for Cyberbook T116 tablet + - media: rcar-csi2: Add checking to rcsi2_start_receiver() + - ipmi: Disable some operations during a panic + - ACPICA: Avoid evaluating methods too early during system resume + - media: ipu3-imgu: imgu_fmt: Handle properly try + - media: ipu3-imgu: VIDIOC_QUERYCAP: Fix bus_info + - media: usb: dvd-usb: fix uninit-value bug in dibusb_read_eeprom_byte() + - net-sysfs: try not to restart the syscall if it will fail eventually + - tracefs: Have tracefs directories not set OTH permission bits by default + - ath: dfs_pattern_detector: Fix possible null-pointer dereference in + channel_detector_create() + - iov_iter: Fix iov_iter_get_pages{,_alloc} page fault return value + - ACPI: battery: Accept charges over the design capacity as full + - leaking_addresses: Always print a trailing newline + - memstick: r592: Fix a UAF bug when removing the driver + - lib/xz: Avoid overlapping memcpy() with invalid input with in-place + decompression + - lib/xz: Validate the value before assigning it to an enum variable + - workqueue: make sysfs of unbound kworker cpumask more clever + - tracing/cfi: Fix cmp_entries_* functions signature mismatch + - mwl8k: Fix use-after-free in mwl8k_fw_state_machine() + - block: remove inaccurate requeue check + - nvmet: fix use-after-free when a port is removed + - nvmet-tcp: fix use-after-free when a port is removed + - nvme: drop scan_lock and always kick requeue list when removing namespaces + - PM: hibernate: Get block device exclusively in swsusp_check() + - selftests: kvm: fix mismatched fclose() after popen() + - iwlwifi: mvm: disable RX-diversity in powersave + - smackfs: use __GFP_NOFAIL for smk_cipso_doi() + - ARM: clang: Do not rely on lr register for stacktrace + - gre/sit: Don't generate link-local addr if addr_gen_mode is + IN6_ADDR_GEN_MODE_NONE + - ARM: 9136/1: ARMv7-M uses BE-8, not BE-32 + - vrf: run conntrack only in context of lower/physdev for locally generated + packets + - net: annotate data-race in neigh_output() + - btrfs: do not take the uuid_mutex in btrfs_rm_device + - spi: bcm-qspi: Fix missing clk_disable_unprepare() on error in + bcm_qspi_probe() + - x86/hyperv: Protect set_hv_tscchange_cb() against getting preempted + - parisc: fix warning in flush_tlb_all + - task_stack: Fix end_of_stack() for architectures with upwards-growing stack + - parisc/unwind: fix unwinder when CONFIG_64BIT is enabled + - parisc/kgdb: add kgdb_roundup() to make kgdb work with idle polling + - netfilter: conntrack: set on IPS_ASSURED if flows enters internal stream + state + - selftests/bpf: Fix strobemeta selftest regression + - Bluetooth: fix init and cleanup of sco_conn.timeout_work + - rcu: Fix existing exp request check in sync_sched_exp_online_cleanup() + - drm/v3d: fix wait for TMU write combiner flush + - virtio-gpu: fix possible memory allocation failure + - net: net_namespace: Fix undefined member in key_remove_domain() + - cgroup: Make rebind_subsystems() disable v2 controllers all at once + - wilc1000: fix possible memory leak in cfg_scan_result() + - Bluetooth: btmtkuart: fix a memleak in mtk_hci_wmt_sync + - crypto: caam - disable pkc for non-E SoCs + - rxrpc: Fix _usecs_to_jiffies() by using usecs_to_jiffies() + - net: dsa: rtl8366rb: Fix off-by-one bug + - ath10k: Fix missing frame timestamp for beacon/probe-resp + - drm/amdgpu: fix warning for overflow check + - media: em28xx: add missing em28xx_close_extension + - media: cxd2880-spi: Fix a null pointer dereference on error handling path + - media: dvb-usb: fix ununit-value in az6027_rc_query + - media: TDA1997x: handle short reads of hdmi info frame. + - media: mtk-vpu: Fix a resource leak in the error handling path of + 'mtk_vpu_probe()' + - media: radio-wl1273: Avoid card name truncation + - media: si470x: Avoid card name truncation + - media: tm6000: Avoid card name truncation + - media: cx23885: Fix snd_card_free call on null card pointer + - kprobes: Do not use local variable when creating debugfs file + - crypto: ecc - fix CRYPTO_DEFAULT_RNG dependency + - cpuidle: Fix kobject memory leaks in error paths + - media: em28xx: Don't use ops->suspend if it is NULL + - ath9k: Fix potential interrupt storm on queue reset + - EDAC/amd64: Handle three rank interleaving mode + - netfilter: nft_dynset: relax superfluous check on set updates + - media: dvb-frontends: mn88443x: Handle errors of clk_prepare_enable() + - crypto: qat - detect PFVF collision after ACK + - crypto: qat - disregard spurious PFVF interrupts + - hwrng: mtk - Force runtime pm ops for sleep ops + - b43legacy: fix a lower bounds test + - b43: fix a lower bounds test + - mmc: sdhci-omap: Fix NULL pointer exception if regulator is not configured + - memstick: avoid out-of-range warning + - memstick: jmb38x_ms: use appropriate free function in jmb38x_ms_alloc_host() + - net, neigh: Fix NTF_EXT_LEARNED in combination with NTF_USE + - hwmon: Fix possible memleak in __hwmon_device_register() + - hwmon: (pmbus/lm25066) Let compiler determine outer dimension of + lm25066_coeff + - ath10k: fix max antenna gain unit + - drm/msm: uninitialized variable in msm_gem_import() + - net: stream: don't purge sk_error_queue in sk_stream_kill_queues() + - mmc: mxs-mmc: disable regulator on error and in the remove function + - block: ataflop: fix breakage introduced at blk-mq refactoring + - platform/x86: thinkpad_acpi: Fix bitwise vs. logical warning + - mt76: mt76x02: fix endianness warnings in mt76x02_mac.c + - rsi: stop thread firstly in rsi_91x_init() error handling + - mwifiex: Send DELBA requests according to spec + - phy: micrel: ksz8041nl: do not use power down mode + - nvme-rdma: fix error code in nvme_rdma_setup_ctrl + - PM: hibernate: fix sparse warnings + - clocksource/drivers/timer-ti-dm: Select TIMER_OF + - drm/msm: Fix potential NULL dereference in DPU SSPP + - smackfs: use netlbl_cfg_cipsov4_del() for deleting cipso_v4_doi + - libbpf: Fix BTF data layout checks and allow empty BTF + - s390/gmap: don't unconditionally call pte_unmap_unlock() in __gmap_zap() + - irq: mips: avoid nested irq_enter() + - tcp: don't free a FIN sk_buff in tcp_remove_empty_skb() + - samples/kretprobes: Fix return value if register_kretprobe() failed + - KVM: s390: Fix handle_sske page fault handling + - libertas_tf: Fix possible memory leak in probe and disconnect + - libertas: Fix possible memory leak in probe and disconnect + - wcn36xx: add proper DMA memory barriers in rx path + - drm/amdgpu/gmc6: fix DMA mask from 44 to 40 bits + - net: amd-xgbe: Toggle PLL settings during rate change + - net: phylink: avoid mvneta warning when setting pause parameters + - crypto: pcrypt - Delay write to padata->info + - selftests/bpf: Fix fclose/pclose mismatch in test_progs + - udp6: allow SO_MARK ctrl msg to affect routing + - ibmvnic: don't stop queue in xmit + - ibmvnic: Process crqs after enabling interrupts + - RDMA/rxe: Fix wrong port_cap_flags + - clk: mvebu: ap-cpu-clk: Fix a memory leak in error handling paths + - ARM: s3c: irq-s3c24xx: Fix return value check for s3c24xx_init_intc() + - arm64: dts: rockchip: Fix GPU register width for RK3328 + - ARM: dts: qcom: msm8974: Add xo_board reference clock to DSI0 PHY + - RDMA/bnxt_re: Fix query SRQ failure + - arm64: dts: meson-g12a: Fix the pwm regulator supply properties + - ARM: dts: at91: tse850: the emac<->phy interface is rmii + - scsi: dc395: Fix error case unwinding + - MIPS: loongson64: make CPU_LOONGSON64 depends on MIPS_FP_SUPPORT + - JFS: fix memleak in jfs_mount + - ALSA: hda: Reduce udelay() at SKL+ position reporting + - arm: dts: omap3-gta04a4: accelerometer irq fix + - soc/tegra: Fix an error handling path in tegra_powergate_power_up() + - memory: fsl_ifc: fix leak of irq and nand_irq in fsl_ifc_ctrl_probe + - clk: at91: check pmc node status before registering syscore ops + - video: fbdev: chipsfb: use memset_io() instead of memset() + - serial: 8250_dw: Drop wrong use of ACPI_PTR() + - usb: gadget: hid: fix error code in do_config() + - power: supply: rt5033_battery: Change voltage values to µV + - scsi: csiostor: Uninitialized data in csio_ln_vnp_read_cbfn() + - RDMA/mlx4: Return missed an error if device doesn't support steering + - staging: ks7010: select CRYPTO_HASH/CRYPTO_MICHAEL_MIC + - ARM: dts: stm32: fix SAI sub nodes register range + - ASoC: cs42l42: Correct some register default values + - ASoC: cs42l42: Defer probe if request_threaded_irq() returns EPROBE_DEFER + - phy: qcom-qusb2: Fix a memory leak on probe + - serial: xilinx_uartps: Fix race condition causing stuck TX + - HID: u2fzero: clarify error check and length calculations + - HID: u2fzero: properly handle timeouts in usb_submit_urb + - powerpc/44x/fsp2: add missing of_node_put + - mips: cm: Convert to bitfield API to fix out-of-bounds access + - power: supply: bq27xxx: Fix kernel crash on IRQ handler register error + - apparmor: fix error check + - rpmsg: Fix rpmsg_create_ept return when RPMSG config is not defined + - pnfs/flexfiles: Fix misplaced barrier in nfs4_ff_layout_prepare_ds + - drm/plane-helper: fix uninitialized variable reference + - PCI: aardvark: Don't spam about PIO Response Status + - PCI: aardvark: Fix preserving PCI_EXP_RTCTL_CRSSVE flag on emulated bridge + - opp: Fix return in _opp_add_static_v2() + - NFS: Fix deadlocks in nfs_scan_commit_list() + - fs: orangefs: fix error return code of orangefs_revalidate_lookup() + - mtd: spi-nor: hisi-sfc: Remove excessive clk_disable_unprepare() + - mtd: core: don't remove debugfs directory if device is in use + - dmaengine: at_xdmac: fix AT_XDMAC_CC_PERID() macro + - auxdisplay: img-ascii-lcd: Fix lock-up when displaying empty string + - auxdisplay: ht16k33: Connect backlight to fbdev + - auxdisplay: ht16k33: Fix frame buffer device blanking + - soc: fsl: dpaa2-console: free buffer before returning from + dpaa2_console_read + - netfilter: nfnetlink_queue: fix OOB when mac header was cleared + - dmaengine: dmaengine_desc_callback_valid(): Check for `callback_result` + - signal/sh: Use force_sig(SIGKILL) instead of do_group_exit(SIGKILL) + - m68k: set a default value for MEMORY_RESERVE + - watchdog: f71808e_wdt: fix inaccurate report in WDIOC_GETTIMEOUT + - ar7: fix kernel builds for compiler test + - scsi: qla2xxx: Fix gnl list corruption + - scsi: qla2xxx: Turn off target reset during issue_lip + - NFSv4: Fix a regression in nfs_set_open_stateid_locked() + - i2c: xlr: Fix a resource leak in the error handling path of + 'xlr_i2c_probe()' + - xen-pciback: Fix return in pm_ctrl_init() + - net: davinci_emac: Fix interrupt pacing disable + - net: vlan: fix a UAF in vlan_dev_real_dev() + - ACPI: PMIC: Fix intel_pmic_regs_handler() read accesses + - bonding: Fix a use-after-free problem when bond_sysfs_slave_add() failed + - mm/zsmalloc.c: close race window between zs_pool_dec_isolated() and + zs_unregister_migration() + - zram: off by one in read_block_state() + - perf bpf: Add missing free to bpf_event__print_bpf_prog_info() + - llc: fix out-of-bound array index in llc_sk_dev_hash() + - nfc: pn533: Fix double free when pn533_fill_fragment_skbs() fails + - arm64: pgtable: make __pte_to_phys/__phys_to_pte_val inline functions + - bpf: sockmap, strparser, and tls are reusing qdisc_skb_cb and colliding + - net/sched: sch_taprio: fix undefined behavior in ktime_mono_to_any + - net: hns3: allow configure ETS bandwidth of all TCs + - vsock: prevent unnecessary refcnt inc for nonblocking connect + - net/smc: fix sk_refcnt underflow on linkdown and fallback + - cxgb4: fix eeprom len when diagnostics not implemented + - selftests/net: udpgso_bench_rx: fix port argument + - ARM: 9155/1: fix early early_iounmap() + - ARM: 9156/1: drop cc-option fallbacks for architecture selection + - parisc: Fix set_fixmap() on PA1.x CPUs + - irqchip/sifive-plic: Fixup EOI failed when masked + - f2fs: should use GFP_NOFS for directory inodes + - net, neigh: Enable state migration between NUD_PERMANENT and NTF_USE + - 9p/net: fix missing error check in p9_check_errors + - ovl: fix deadlock in splice write + - powerpc/lib: Add helper to check if offset is within conditional branch + range + - powerpc/bpf: Validate branch ranges + - powerpc/bpf: Fix BPF_SUB when imm == 0x80000000 + - powerpc/security: Add a helper to query stf_barrier type + - powerpc/bpf: Emit stf barrier instruction sequences for BPF_NOSPEC + - mm, oom: pagefault_out_of_memory: don't force global OOM for dying tasks + - mm, oom: do not trigger out_of_memory from the #PF + - video: backlight: Drop maximum brightness override for brightness zero + - s390/cio: check the subchannel validity for dev_busid + - s390/tape: fix timer initialization in tape_std_assign() + - s390/cio: make ccw_device_dma_* more robust + - powerpc/powernv/prd: Unregister OPAL_MSG_PRD2 notifier during module unload + - PCI: Add PCI_EXP_DEVCTL_PAYLOAD_* macros + - SUNRPC: Partial revert of commit 6f9f17287e78 + - ath10k: fix invalid dma_addr_t token assignment + - selftests/bpf: Fix also no-alu32 strobemeta selftest + - Linux 5.4.160 + - soc/tegra: pmc: Fix imbalanced clock disabling in error code path + * Focal update: v5.4.159 upstream stable release (LP: #1953071) + - Revert "x86/kvm: fix vcpu-id indexed array sizes" + - usb: ehci: handshake CMD_RUN instead of STS_HALT + - usb: gadget: Mark USB_FSL_QE broken on 64-bit + - usb: musb: Balance list entry in musb_gadget_queue + - usb-storage: Add compatibility quirk flags for iODD 2531/2541 + - binder: don't detect sender/target during buffer cleanup + - printk/console: Allow to disable console output by using console="" or + console=null + - isofs: Fix out of bound access for corrupted isofs image + - comedi: dt9812: fix DMA buffers on stack + - comedi: ni_usb6501: fix NULL-deref in command paths + - comedi: vmk80xx: fix transfer-buffer overflows + - comedi: vmk80xx: fix bulk-buffer overflow + - comedi: vmk80xx: fix bulk and interrupt message timeouts + - staging: r8712u: fix control-message timeout + - staging: rtl8192u: fix control-message timeouts + - media: staging/intel-ipu3: css: Fix wrong size comparison imgu_css_fw_init + - rsi: fix control-message timeout + - Linux 5.4.159 + * Focal update: v5.4.158 upstream stable release (LP: #1953066) + - scsi: core: Put LLD module refcnt after SCSI device is released + - vrf: Revert "Reset skb conntrack connection..." + - net: ethernet: microchip: lan743x: Fix skb allocation failure + - media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() + - Revert "xhci: Set HCD flag to defer primary roothub registration" + - Revert "usb: core: hcd: Add support for deferring roothub registration" + - sfc: Fix reading non-legacy supported link modes + - ARM: 9120/1: Revert "amba: make use of -1 IRQs warn" + - Linux 5.4.158 + * [Ubuntu 20.04] Problem leading IUCV service down (on s390x) (LP: #1913442) + - usercopy: mark dma-kmalloc caches as usercopy caches + + -- Khalid Elmously Wed, 26 Jan 2022 18:33:22 -0500 + +linux-ibm (5.4.0-1012.13) focal; urgency=medium + + [ Ubuntu: 5.4.0-96.109 ] + + * Support builtin revoked certificates (LP: #1932029) + - [Config]: add i386 to CONFIG_SYSTEM_REVOCATION_KEYS annotation + * CVE-2022-0185 + - SAUCE: vfs: Out-of-bounds write of heap buffer in fs_context.c + - SAUCE: vfs: test that one given mount param is not larger than PAGE_SIZE + + [ Ubuntu: 5.4.0-94.106 ] + + * focal/linux: 5.4.0-94.106 -proposed tracker (LP: #1956628) + * [Regression] Focal kernel 5.4.0-92.103 fails to boot when Secure Encrypted + Virtualization(SEV) is enabled (LP: #1956575) + - x86/ioremap: Map EFI-reserved memory as encrypted for SEV + + -- Stefan Bader Thu, 13 Jan 2022 14:14:31 +0100 + +linux-ibm (5.4.0-1010.11) focal; urgency=medium + + * focal/linux-ibm: 5.4.0-1010.11 -proposed tracker (LP: #1952302) + + * Re-enable DEBUG_INFO_BTF where it was disabled (LP: #1945632) + - [Config] ibm: Enable CONFIG_DEBUG_INFO_BTF on all arches + + * Support builtin revoked certificates (LP: #1932029) + - [Config] ibm: Configure CONFIG_SYSTEM_REVOCATION_KEYS with revoked keys + + [ Ubuntu: 5.4.0-92.103 ] + + * focal/linux: 5.4.0-92.103 -proposed tracker (LP: #1952316) + * Packaging resync (LP: #1786013) + - [Packaging] resync update-dkms-versions helper + - debian/dkms-versions -- update from kernel-versions (main/2021.11.29) + * CVE-2021-4002 + - tlb: mmu_gather: add tlb_flush_*_range APIs + - hugetlbfs: flush TLBs correctly after huge_pmd_unshare + * Re-enable DEBUG_INFO_BTF where it was disabled (LP: #1945632) + - [Config] Enable CONFIG_DEBUG_INFO_BTF on all arches + * Focal linux-azure: Vm crash on Dv5/Ev5 (LP: #1950462) + - KVM: VMX: eVMCS: make evmcs_sanitize_exec_ctrls() work again + - jump_label: Fix usage in module __init + * Support builtin revoked certificates (LP: #1932029) + - Revert "UBUNTU: SAUCE: (lockdown) Make get_cert_list() not complain about + cert lists that aren't present." + - integrity: Move import of MokListRT certs to a separate routine + - integrity: Load certs from the EFI MOK config table + - certs: Add ability to preload revocation certs + - integrity: Load mokx variables into the blacklist keyring + - certs: add 'x509_revocation_list' to gitignore + - SAUCE: Dump stack when X.509 certificates cannot be loaded + - [Packaging] build canonical-revoked-certs.pem from branch/arch certs + - [Packaging] Revoke 2012 UEFI signing certificate as built-in + - [Config] Configure CONFIG_SYSTEM_REVOCATION_KEYS with revoked keys + * Support importing mokx keys into revocation list from the mok table + (LP: #1928679) + - efi: Support for MOK variable config table + - efi: mokvar-table: fix some issues in new code + - efi: mokvar: add missing include of asm/early_ioremap.h + - efi/mokvar: Reserve the table only if it is in boot services data + - SAUCE: integrity: add informational messages when revoking certs + * Support importing mokx keys into revocation list from the mok table + (LP: #1928679) // CVE-2020-26541 when certificates are revoked via + MokListXRT. + - SAUCE: integrity: Load mokx certs from the EFI MOK config table + * Focal update: v5.4.157 upstream stable release (LP: #1951883) + - ARM: 9133/1: mm: proc-macros: ensure *_tlb_fns are 4B aligned + - ARM: 9134/1: remove duplicate memcpy() definition + - ARM: 9139/1: kprobes: fix arch_init_kprobes() prototype + - ARM: 9141/1: only warn about XIP address when not compile testing + - ipv6: use siphash in rt6_exception_hash() + - ipv4: use siphash instead of Jenkins in fnhe_hashfun() + - usbnet: sanity check for maxpacket + - usbnet: fix error return code in usbnet_probe() + - Revert "pinctrl: bcm: ns: support updated DT binding as syscon subnode" + - ata: sata_mv: Fix the error handling of mv_chip_id() + - nfc: port100: fix using -ERRNO as command type mask + - net/tls: Fix flipped sign in tls_err_abort() calls + - mmc: vub300: fix control-message timeouts + - mmc: cqhci: clear HALT state after CQE enable + - mmc: dw_mmc: exynos: fix the finding clock sample value + - mmc: sdhci: Map more voltage level to SDHCI_POWER_330 + - mmc: sdhci-esdhc-imx: clear the buffer_read_ready to reset standard tuning + circuit + - cfg80211: scan: fix RCU in cfg80211_add_nontrans_list() + - net: lan78xx: fix division by zero in send path + - tcp_bpf: Fix one concurrency problem in the tcp_bpf_send_verdict function + - IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields + - IB/hfi1: Fix abba locking issue with sc_disable() + - nvmet-tcp: fix data digest pointer calculation + - nvme-tcp: fix data digest pointer calculation + - RDMA/mlx5: Set user priority for DCT + - arm64: dts: allwinner: h5: NanoPI Neo 2: Fix ethernet node + - regmap: Fix possible double-free in regcache_rbtree_exit() + - net: batman-adv: fix error handling + - net: Prevent infinite while loop in skb_tx_hash() + - RDMA/sa_query: Use strscpy_pad instead of memcpy to copy a string + - nios2: Make NIOS2_DTB_SOURCE_BOOL depend on !COMPILE_TEST + - net: ethernet: microchip: lan743x: Fix driver crash when lan743x_pm_resume + fails + - net: ethernet: microchip: lan743x: Fix dma allocation failure by using + dma_set_mask_and_coherent + - net: nxp: lpc_eth.c: avoid hang when bringing interface down + - net/tls: Fix flipped sign in async_wait.err assignment + - phy: phy_ethtool_ksettings_get: Lock the phy for consistency + - phy: phy_start_aneg: Add an unlocked version + - sctp: use init_tag from inithdr for ABORT chunk + - sctp: fix the processing for INIT_ACK chunk + - sctp: fix the processing for COOKIE_ECHO chunk + - sctp: add vtag check in sctp_sf_violation + - sctp: add vtag check in sctp_sf_do_8_5_1_E_sa + - sctp: add vtag check in sctp_sf_ootb + - net: use netif_is_bridge_port() to check for IFF_BRIDGE_PORT + - cfg80211: correct bridge/4addr mode check + - KVM: s390: clear kicked_mask before sleeping again + - KVM: s390: preserve deliverable_mask in __airqs_kick_single_vcpu + - perf script: Check session->header.env.arch before using it + - Linux 5.4.157 + * keyboard not working on Medion notebook s17 series (LP: #1950536) + - ACPI: resources: Add one more Medion model in IRQ override quirk + * creat09 from ubuntu_ltp_syscalls and cve-2018-13405 from ubuntu_ltp/cve + failed with XFS (LP: #1950239) + - xfs: ensure that the inode uid/gid match values match the icdinode ones + - xfs: merge the projid fields in struct xfs_icdinode + - xfs: remove the icdinode di_uid/di_gid members + - xfs: fix up non-directory creation in SGID directories + * reuseport_bpf_numa in net from ubuntu_kernel_selftests fails on ppc64le + (LP: #1867570) + - selftests/net: Fix reuseport_bpf_numa by skipping unavailable nodes + * Focal update: v5.4.156 upstream stable release (LP: #1951295) + - parisc: math-emu: Fix fall-through warnings + - net: switchdev: do not propagate bridge updates across bridges + - tee: optee: Fix missing devices unregister during optee_remove + - ARM: dts: at91: sama5d2_som1_ek: disable ISC node by default + - xtensa: xtfpga: use CONFIG_USE_OF instead of CONFIG_OF + - xtensa: xtfpga: Try software restart before simulating CPU reset + - NFSD: Keep existing listeners on portlist error + - dma-debug: fix sg checks in debug_dma_map_sg() + - ASoC: wm8960: Fix clock configuration on slave mode + - netfilter: ipvs: make global sysctl readonly in non-init netns + - lan78xx: select CRC32 + - net: dsa: lantiq_gswip: fix register definition + - NIOS2: irqflags: rename a redefined register name + - net: hns3: reset DWRR of unused tc to zero + - net: hns3: add limit ets dwrr bandwidth cannot be 0 + - net: hns3: disable sriov before unload hclge layer + - net: stmmac: Fix E2E delay mechanism + - net: enetc: fix ethtool counter name for PM0_TERR + - can: rcar_can: fix suspend/resume + - can: peak_usb: pcan_usb_fd_decode_status(): fix back to ERROR_ACTIVE state + notification + - can: peak_pci: peak_pci_remove(): fix UAF + - can: j1939: j1939_tp_rxtimer(): fix errant alert in j1939_tp_rxtimer + - can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv + - can: j1939: j1939_xtp_rx_dat_one(): cancel session if receive TP.DT with + error length + - can: j1939: j1939_xtp_rx_rts_session_new(): abort TP less than 9 bytes + - ceph: fix handling of "meta" errors + - ocfs2: fix data corruption after conversion from inline format + - ocfs2: mount fails with buffer overflow in strlen + - elfcore: correct reference to CONFIG_UML + - ALSA: usb-audio: Provide quirk for Sennheiser GSP670 Headset + - ALSA: hda/realtek: Add quirk for Clevo PC50HS + - ASoC: DAPM: Fix missing kctl change notifications + - audit: fix possible null-pointer dereference in audit_filter_rules + - powerpc64/idle: Fix SP offsets when saving GPRs + - KVM: PPC: Book3S HV: Fix stack handling in idle_kvm_start_guest() + - KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to + guest + - powerpc/idle: Don't corrupt back chain when going idle + - mm, slub: fix mismatch between reconstructed freelist depth and cnt + - mm, slub: fix potential memoryleak in kmem_cache_open() + - nfc: nci: fix the UAF of rf_conn_info object + - isdn: cpai: check ctr->cnr to avoid array index out of bound + - netfilter: Kconfig: use 'default y' instead of 'm' for bool config option + - selftests: netfilter: remove stray bash debug line + - gcc-plugins/structleak: add makefile var for disabling structleak + - btrfs: deal with errors when checking if a dir entry exists during log + replay + - net: stmmac: add support for dwmac 3.40a + - ARM: dts: spear3xx: Fix gmac node + - isdn: mISDN: Fix sleeping function called from invalid context + - platform/x86: intel_scu_ipc: Update timeout value in comment + - ALSA: hda: avoid write to STATESTS if controller is in reset + - Input: snvs_pwrkey - add clk handling + - scsi: core: Fix shost->cmd_per_lun calculation in scsi_add_host_with_dma() + - tracing: Have all levels of checks prevent recursion + - ARM: 9122/1: select HAVE_FUTEX_CMPXCHG + - pinctrl: stm32: use valid pin identifier in stm32_pinctrl_resume() + - Linux 5.4.156 + * ubuntu_ltp / finit_module02 fails on v4.15 and other kernels + (LP: #1950644) // Focal update: v5.4.156 upstream stable release + (LP: #1951295) + - vfs: check fd has read access in kernel_read_file_from_fd() + * Focal update: v5.4.155 upstream stable release (LP: #1951291) + - ovl: simplify file splice + - ALSA: usb-audio: Add quirk for VF0770 + - ALSA: seq: Fix a potential UAF by wrong private_free call order + - ALSA: hda/realtek: Complete partial device name to avoid ambiguity + - ALSA: hda/realtek: Add quirk for Clevo X170KM-G + - ALSA: hda/realtek - ALC236 headset MIC recording issue + - ALSA: hda/realtek: Fix the mic type detection issue for ASUS G551JW + - nds32/ftrace: Fix Error: invalid operands (*UND* and *UND* sections) for `^' + - s390: fix strrchr() implementation + - csky: don't let sigreturn play with priveleged bits of status register + - csky: Fixup regs.sr broken in ptrace + - btrfs: unlock newly allocated extent buffer after error + - btrfs: deal with errors when replaying dir entry during log replay + - btrfs: deal with errors when adding inode reference during log replay + - btrfs: check for error when looking up inode during dir entry replay + - watchdog: orion: use 0 for unset heartbeat + - x86/resctrl: Free the ctrlval arrays when domain_setup_mon_state() fails + - mei: me: add Ice Lake-N device id. + - xhci: guard accesses to ep_state in xhci_endpoint_reset() + - xhci: Fix command ring pointer corruption while aborting a command + - xhci: Enable trust tx length quirk for Fresco FL11 USB controller + - cb710: avoid NULL pointer subtraction + - efi/cper: use stack buffer for error record decoding + - efi: Change down_interruptible() in virt_efi_reset_system() to + down_trylock() + - usb: musb: dsps: Fix the probe error path + - Input: xpad - add support for another USB ID of Nacon GC-100 + - USB: serial: qcserial: add EM9191 QDL support + - USB: serial: option: add Quectel EC200S-CN module support + - USB: serial: option: add Telit LE910Cx composition 0x1204 + - USB: serial: option: add prod. id for Quectel EG91 + - EDAC/armada-xp: Fix output of uncorrectable error counter + - nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells + - x86/Kconfig: Do not enable AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT automatically + - powerpc/xive: Discard disabled interrupts in get_irqchip_state() + - iio: adc: aspeed: set driver data when adc probe. + - iio: adc128s052: Fix the error handling path of 'adc128_probe()' + - iio: mtk-auxadc: fix case IIO_CHAN_INFO_PROCESSED + - iio: light: opt3001: Fixed timeout error when 0 lux + - iio: ssp_sensors: add more range checking in ssp_parse_dataframe() + - iio: ssp_sensors: fix error code in ssp_print_mcu_debug() + - iio: dac: ti-dac5571: fix an error code in probe() + - sctp: account stream padding length for reconf chunk + - gpio: pca953x: Improve bias setting + - net: arc: select CRC32 + - net: korina: select CRC32 + - net/mlx5e: Mutually exclude RX-FCS and RX-port-timestamp + - net: stmmac: fix get_hw_feature() on old hardware + - net: encx24j600: check error in devm_regmap_init_encx24j600 + - ethernet: s2io: fix setting mac address during resume + - nfc: fix error handling of nfc_proto_register() + - NFC: digital: fix possible memory leak in digital_tg_listen_mdaa() + - NFC: digital: fix possible memory leak in digital_in_send_sdd_req() + - pata_legacy: fix a couple uninitialized variable bugs + - ata: ahci_platform: fix null-ptr-deref in ahci_platform_enable_regulators() + - mlxsw: thermal: Fix out-of-bounds memory accesses + - platform/mellanox: mlxreg-io: Fix argument base in kstrtou32() call + - drm/panel: olimex-lcd-olinuxino: select CRC32 + - drm/msm: Fix null pointer dereference on pointer edp + - drm/msm/dsi: Fix an error code in msm_dsi_modeset_init() + - drm/msm/dsi: fix off by one in dsi_bus_clk_enable error handling + - acpi/arm64: fix next_platform_timer() section mismatch error + - mqprio: Correct stats in mqprio_dump_class_stats(). + - qed: Fix missing error code in qed_slowpath_start() + - r8152: select CRC32 and CRYPTO/CRYPTO_HASH/CRYPTO_SHA256 + - ionic: don't remove netdev->dev_addr when syncing uc list + - Linux 5.4.155 + * [UBUNTU 20.04] kernel: unable to read partitions on virtio-block dasd (kvm) + (LP: #1950144) // Focal update: v5.4.155 upstream stable release + (LP: #1951291) + - virtio: write back F_VERSION_1 before validate + * Focal update: v5.4.154 upstream stable release (LP: #1951288) + - net: phy: bcm7xxx: Fixed indirect MMD operations + - ext4: correct the error path of ext4_write_inline_data_end() + - HID: apple: Fix logical maximum and usage maximum of Magic Keyboard JIS + - netfilter: ip6_tables: zero-initialize fragment offset + - HID: wacom: Add new Intuos BT (CTL-4100WL/CTL-6100WL) device IDs + - netfilter: nf_nat_masquerade: make async masq_inet6_event handling generic + - netfilter: nf_nat_masquerade: defer conntrack walk to work queue + - mac80211: Drop frames from invalid MAC address in ad-hoc mode + - m68k: Handle arrivals of multiple signals correctly + - net: prevent user from passing illegal stab size + - mac80211: check return value of rhashtable_init + - net: sun: SUNVNET_COMMON should depend on INET + - drm/amdgpu: fix gart.bo pin_count leak + - scsi: ses: Fix unsigned comparison with less than zero + - scsi: virtio_scsi: Fix spelling mistake "Unsupport" -> "Unsupported" + - sched: Always inline is_percpu_thread() + - Linux 5.4.154 + * Focal update: v5.4.153 upstream stable release (LP: #1950014) + - Partially revert "usb: Kconfig: using select for USB_COMMON dependency" + - USB: cdc-acm: fix racy tty buffer accesses + - USB: cdc-acm: fix break reporting + - usb: typec: tcpm: handle SRC_STARTUP state if cc changes + - xen/privcmd: fix error handling in mmap-resource processing + - mmc: meson-gx: do not use memcpy_to/fromio for dram-access-quirk + - ovl: fix missing negative dentry check in ovl_rename() + - nfsd: fix error handling of register_pernet_subsys() in init_nfsd() + - nfsd4: Handle the NFSv4 READDIR 'dircount' hint being zero + - xen/balloon: fix cancelled balloon action + - ARM: dts: omap3430-sdp: Fix NAND device node + - ARM: dts: qcom: apq8064: use compatible which contains chipid + - MIPS: BPF: Restore MIPS32 cBPF JIT + - bpf, mips: Validate conditional branch offsets + - soc: qcom: socinfo: Fixed argument passed to platform_set_data() + - ARM: dts: qcom: apq8064: Use 27MHz PXO clock as DSI PLL reference + - soc: qcom: mdt_loader: Drop PT_LOAD check on hash segment + - ARM: dts: imx: Add missing pinctrl-names for panel on M53Menlo + - ARM: dts: imx: Fix USB host power regulator polarity on M53Menlo + - arm64: dts: qcom: pm8150: use qcom,pm8998-pon binding + - xtensa: move XCHAL_KIO_* definitions to kmem_layout.h + - xtensa: use CONFIG_USE_OF instead of CONFIG_OF + - xtensa: call irqchip_init only when CONFIG_USE_OF is selected + - bpf, arm: Fix register clobbering in div/mod implementation + - bpf: Fix integer overflow in prealloc_elems_and_freelist() + - phy: mdio: fix memory leak + - net_sched: fix NULL deref in fifo_set_limit() + - powerpc/fsl/dts: Fix phy-connection-type for fm1mac3 + - ptp_pch: Load module automatically if ID matches + - arm64: dts: freescale: Fix SP805 clock-names + - arm64: dts: ls1028a: add missing CAN nodes + - ARM: imx6: disable the GIC CPU interface before calling stby-poweroff + sequence + - net: bridge: use nla_total_size_64bit() in br_get_linkxstats_size() + - net/sched: sch_taprio: properly cancel timer from taprio_destroy() + - net: sfp: Fix typo in state machine debug string + - netlink: annotate data races around nlk->bound + - bus: ti-sysc: Use CLKDM_NOAUTO for dra7 dcan1 for errata i893 + - video: fbdev: gbefb: Only instantiate device when built for IP32 + - drm/nouveau/debugfs: fix file release memory leak + - gve: Correct available tx qpl check + - rtnetlink: fix if_nlmsg_stats_size() under estimation + - gve: fix gve_get_stats() + - i40e: fix endless loop under rtnl + - i40e: Fix freeing of uninitialized misc IRQ vector + - net: prefer socket bound to interface when not in VRF + - i2c: acpi: fix resource leak in reconfiguration device addition + - bpf, s390: Fix potential memory leak about jit_data + - RISC-V: Include clone3() on rv32 + - x86/platform/olpc: Correct ifdef symbol to intended CONFIG_OLPC_XO15_SCI + - x86/hpet: Use another crystalball to evaluate HPET usability + - x86/Kconfig: Correct reference to MWINCHIP3D + - Linux 5.4.153 + * Focal update: v5.4.152 upstream stable release (LP: #1950009) + - net: mdio: introduce a shutdown method to mdio device drivers + - xen-netback: correct success/error reporting for the SKB-with-fraglist case + - sparc64: fix pci_iounmap() when CONFIG_PCI is not set + - ext2: fix sleeping in atomic bugs on error + - scsi: sd: Free scsi_disk device via put_device() + - usb: testusb: Fix for showing the connection speed + - usb: dwc2: check return value after calling platform_get_resource() + - selftests: be sure to make khdr before other targets + - selftests:kvm: fix get_warnings_count() ignoring fscanf() return warn + - scsi: ses: Retry failed Send/Receive Diagnostic commands + - tools/vm/page-types: remove dependency on opt_file for idle page tracking + - KVM: do not shrink halt_poll_ns below grow_start + - kvm: x86: Add AMD PMU MSRs to msrs_to_save_all[] + - perf/x86: Reset destroy callback on event init failure + - silence nfscache allocation warnings with kvzalloc + - libata: Add ATA_HORKAGE_NO_NCQ_ON_ATI for Samsung 860 and 870 SSD. + - Linux 5.4.152 + * linux-aws: Fix backport of RDMA/efa: Expose maximum TX doorbell batch + (LP: #1949882) + - SAUCE: aws: Fix backport of RDMA/efa: Expose maximum TX doorbell batch + + -- Khalid Elmously Wed, 08 Dec 2021 01:42:02 -0500 + +linux-ibm (5.4.0-1008.9) focal; urgency=medium + + * focal/linux-ibm: 5.4.0-1008.9 -proposed tracker (LP: #1949827) + + * Packaging resync (LP: #1786013) + - [Packaging] resync update-dkms-versions helper + + [ Ubuntu: 5.4.0-91.102 ] + + * focal/linux: 5.4.0-91.102 -proposed tracker (LP: #1949840) + * Packaging resync (LP: #1786013) + - [Packaging] update Ubuntu.md + - debian/dkms-versions -- update from kernel-versions (main/2021.11.08) + * KVM emulation failure when booting into VM crash kernel with multiple CPUs + (LP: #1948862) + - KVM: x86: Properly reset MMU context at vCPU RESET/INIT + * aufs: kernel bug with apparmor and fuseblk (LP: #1948470) + - SAUCE: aufs: bugfix, stop omitting path->mnt + * ebpf: bpf_redirect fails with ip6 gre interfaces (LP: #1947164) + - net: handle ARPHRD_IP6GRE in dev_is_mac_header_xmit() + * require CAP_NET_ADMIN to attach N_HCI ldisc (LP: #1949516) + - Bluetooth: hci_ldisc: require CAP_NET_ADMIN to attach N_HCI ldisc + * ACL updates on OCFS2 are not revalidated (LP: #1947161) + - ocfs2: fix remounting needed after setfacl command + * ppc64 BPF JIT mod by 1 will not return 0 (LP: #1948351) + - powerpc/bpf: Fix BPF_MOD when imm == 1 + * Drop "UBUNTU: SAUCE: cachefiles: Page leaking in + cachefiles_read_backing_file while vmscan is active" (LP: #1947709) + - Revert "UBUNTU: SAUCE: cachefiles: Page leaking in + cachefiles_read_backing_file while vmscan is active" + * Reassign I/O Path of ConnectX-5 Port 1 before Port 2 causes NULL dereference + (LP: #1943464) + - s390/pci: fix leak of PCI device structure + - s390/pci: fix use after free of zpci_dev + - s390/pci: fix zpci_zdev_put() on reserve + * [SRU][F] USB: serial: pl2303: add support for PL2303HXN (LP: #1948377) + - USB: serial: pl2303: add support for PL2303HXN + - USB: serial: pl2303: fix line-speed handling on newer chips + * Focal update: v5.4.151 upstream stable release (LP: #1947888) + - tty: Fix out-of-bound vmalloc access in imageblit + - cpufreq: schedutil: Use kobject release() method to free sugov_tunables + - cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory + - usb: cdns3: fix race condition before setting doorbell + - fs-verity: fix signed integer overflow with i_size near S64_MAX + - hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary + structure field + - hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary + structure field + - hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary + structure field + - scsi: ufs: Fix illegal offset in UPIU event trace + - mac80211: fix use-after-free in CCMP/GCMP RX + - x86/kvmclock: Move this_cpu_pvti into kvmclock.h + - drm/amd/display: Pass PCI deviceid into DC + - ipvs: check that ip_vs_conn_tab_bits is between 8 and 20 + - hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced + from sysfs + - mac80211: Fix ieee80211_amsdu_aggregate frag_tail bug + - mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap + - mac80211: mesh: fix potentially unaligned access + - mac80211-hwsim: fix late beacon hrtimer handling + - sctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb + - hwmon: (tmp421) report /PVLD condition as fault + - hwmon: (tmp421) fix rounding for negative values + - net: ipv4: Fix rtnexthop len when RTA_FLOW is present + - e100: fix length calculation in e100_get_regs_len + - e100: fix buffer overrun in e100_get_regs + - selftests, bpf: test_lwt_ip_encap: Really disable rp_filter + - scsi: csiostor: Add module softdep on cxgb4 + - net: hns3: do not allow call hns3_nic_net_open repeatedly + - net: sched: flower: protect fl_walk() with rcu + - af_unix: fix races in sk_peer_pid and sk_peer_cred accesses + - perf/x86/intel: Update event constraints for ICX + - elf: don't use MAP_FIXED_NOREPLACE for elf interpreter mappings + - debugfs: debugfs_create_file_size(): use IS_ERR to check for error + - ipack: ipoctal: fix stack information leak + - ipack: ipoctal: fix tty registration race + - ipack: ipoctal: fix tty-registration error handling + - ipack: ipoctal: fix missing allocation-failure check + - ipack: ipoctal: fix module reference leak + - ext4: fix loff_t overflow in ext4_max_bitmap_size() + - ext4: fix reserved space counter leakage + - ext4: fix potential infinite loop in ext4_dx_readdir() + - HID: u2fzero: ignore incomplete packets without data + - net: udp: annotate data race around udp_sk(sk)->corkflag + - net: stmmac: don't attach interface until resume finishes + - PCI: Fix pci_host_bridge struct device release/free handling + - libnvdimm/pmem: Fix crash triggered when I/O in-flight during unbind + - hso: fix bailout in error case of probe + - usb: hso: fix error handling code of hso_create_net_device + - usb: hso: remove the bailout parameter + - crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() + - HID: betop: fix slab-out-of-bounds Write in betop_probe + - netfilter: ipset: Fix oversized kvmalloc() calls + - HID: usbhid: free raw_report buffers in usbhid_stop + - Linux 5.4.151 + * Focal update: v5.4.150 upstream stable release (LP: #1947886) + - usb: gadget: r8a66597: fix a loop in set_feature() + - usb: dwc2: gadget: Fix ISOC flow for BDMA and Slave + - usb: dwc2: gadget: Fix ISOC transfer complete handling for DDMA + - usb: musb: tusb6010: uninitialized data in tusb_fifo_write_unaligned() + - cifs: fix incorrect check for null pointer in header_assemble + - xen/x86: fix PV trap handling on secondary processors + - usb-storage: Add quirk for ScanLogic SL11R-IDE older than 2.6c + - USB: serial: cp210x: add ID for GW Instek GDM-834x Digital Multimeter + - USB: cdc-acm: fix minor-number release + - binder: make sure fd closes complete + - staging: greybus: uart: fix tty use after free + - Re-enable UAS for LaCie Rugged USB3-FW with fk quirk + - USB: serial: mos7840: remove duplicated 0xac24 device ID + - USB: serial: option: add Telit LN920 compositions + - USB: serial: option: remove duplicate USB device ID + - USB: serial: option: add device id for Foxconn T99W265 + - mcb: fix error handling in mcb_alloc_bus() + - erofs: fix up erofs_lookup tracepoint + - btrfs: prevent __btrfs_dump_space_info() to underflow its free space + - serial: mvebu-uart: fix driver's tx_empty callback + - net: hso: fix muxed tty registration + - afs: Fix incorrect triggering of sillyrename on 3rd-party invalidation + - platform/x86/intel: punit_ipc: Drop wrong use of ACPI_PTR() + - enetc: Fix illegal access when reading affinity_hint + - bnxt_en: Fix TX timeout when TX ring size is set to the smallest + - net/smc: add missing error check in smc_clc_prfx_set() + - gpio: uniphier: Fix void functions to remove return value + - qed: rdma - don't wait for resources under hw error recovery flow + - net/mlx4_en: Don't allow aRFS for encapsulated packets + - scsi: iscsi: Adjust iface sysfs attr detection + - tty: synclink_gt, drop unneeded forward declarations + - tty: synclink_gt: rename a conflicting function name + - fpga: machxo2-spi: Return an error on failure + - fpga: machxo2-spi: Fix missing error code in machxo2_write_complete() + - thermal/core: Potential buffer overflow in thermal_build_list_of_policies() + - cifs: fix a sign extension bug + - scsi: qla2xxx: Restore initiator in dual mode + - scsi: lpfc: Use correct scnprintf() limit + - irqchip/goldfish-pic: Select GENERIC_IRQ_CHIP to fix build + - irqchip/gic-v3-its: Fix potential VPE leak on error + - md: fix a lock order reversal in md_alloc + - blktrace: Fix uaf in blk_trace access after removing by sysfs + - net: macb: fix use after free on rmmod + - net: stmmac: allow CSR clock of 300MHz + - m68k: Double cast io functions to unsigned long + - ipv6: delay fib6_sernum increase in fib6_add + - bpf: Add oversize check before call kvcalloc() + - xen/balloon: use a kernel thread instead a workqueue + - nvme-multipath: fix ANA state updates when a namespace is not present + - sparc32: page align size in arch_dma_alloc + - blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd + - compiler.h: Introduce absolute_pointer macro + - net: i825xx: Use absolute_pointer for memcpy from fixed memory location + - sparc: avoid stringop-overread errors + - qnx4: avoid stringop-overread errors + - parisc: Use absolute_pointer() to define PAGE0 + - arm64: Mark __stack_chk_guard as __ro_after_init + - alpha: Declare virt_to_phys and virt_to_bus parameter as pointer to volatile + - net: 6pack: Fix tx timeout and slot time + - spi: Fix tegra20 build with CONFIG_PM=n + - EDAC/synopsys: Fix wrong value type assignment for edac_mode + - thermal/drivers/int340x: Do not set a wrong tcc offset on resume + - arm64: dts: marvell: armada-37xx: Extend PCIe MEM space + - xen/balloon: fix balloon kthread freezing + - qnx4: work around gcc false positive warning bug + - Linux 5.4.150 + * ACL updates on OCFS2 are not revalidated (LP: #1947161) // Focal update: + v5.4.150 upstream stable release (LP: #1947886) + - ocfs2: drop acl cache for directories too + * Focal update: v5.4.149 upstream stable release (LP: #1947885) + - PCI: pci-bridge-emul: Fix big-endian support + - PCI: aardvark: Indicate error in 'val' when config read fails + - PCI: pci-bridge-emul: Add PCIe Root Capabilities Register + - PCI: aardvark: Fix reporting CRS value + - PCI/ACPI: Add Ampere Altra SOC MCFG quirk + - KVM: remember position in kvm->vcpus array + - console: consume APC, DM, DCS + - s390/pci_mmio: fully validate the VMA before calling follow_pte() + - ARM: Qualify enabling of swiotlb_init() + - apparmor: remove duplicate macro list_entry_is_head() + - ARM: 9077/1: PLT: Move struct plt_entries definition to header + - ARM: 9078/1: Add warn suppress parameter to arm_gen_branch_link() + - ARM: 9079/1: ftrace: Add MODULE_PLTS support + - ARM: 9098/1: ftrace: MODULE_PLT: Fix build problem without DYNAMIC_FTRACE + - sctp: validate chunk size in __rcv_asconf_lookup + - sctp: add param size validation for SCTP_PARAM_SET_PRIMARY + - staging: rtl8192u: Fix bitwise vs logical operator in + TranslateRxSignalStuff819xUsb() + - um: virtio_uml: fix memory leak on init failures + - dmaengine: acpi: Avoid comparison GSI with Linux vIRQ + - thermal/drivers/exynos: Fix an error code in exynos_tmu_probe() + - 9p/trans_virtio: Remove sysfs file on probe failure + - prctl: allow to setup brk for et_dyn executables + - nilfs2: use refcount_dec_and_lock() to fix potential UAF + - profiling: fix shift-out-of-bounds bugs + - pwm: lpc32xx: Don't modify HW state in .probe() after the PWM chip was + registered + - phy: avoid unnecessary link-up delay in polling mode + - net: stmmac: reset Tx desc base address before restarting Tx + - Kconfig.debug: drop selecting non-existing HARDLOCKUP_DETECTOR_ARCH + - thermal/core: Fix thermal_cooling_device_register() prototype + - drivers: base: cacheinfo: Get rid of DEFINE_SMP_CALL_CACHE_FUNCTION() + - parisc: Move pci_dev_is_behind_card_dino to where it is used + - dmaengine: sprd: Add missing MODULE_DEVICE_TABLE + - dmaengine: ioat: depends on !UML + - dmaengine: xilinx_dma: Set DMA mask for coherent APIs + - ceph: request Fw caps before updating the mtime in ceph_write_iter + - ceph: lockdep annotations for try_nonblocking_invalidate + - btrfs: fix lockdep warning while mounting sprout fs + - nilfs2: fix memory leak in nilfs_sysfs_create_device_group + - nilfs2: fix NULL pointer in nilfs_##name##_attr_release + - nilfs2: fix memory leak in nilfs_sysfs_create_##name##_group + - nilfs2: fix memory leak in nilfs_sysfs_delete_##name##_group + - nilfs2: fix memory leak in nilfs_sysfs_create_snapshot_group + - nilfs2: fix memory leak in nilfs_sysfs_delete_snapshot_group + - pwm: img: Don't modify HW state in .remove() callback + - pwm: rockchip: Don't modify HW state in .remove() callback + - pwm: stm32-lp: Don't modify HW state in .remove() callback + - blk-throttle: fix UAF by deleteing timer in blk_throtl_exit() + - rtc: rx8010: select REGMAP_I2C + - drm/nouveau/nvkm: Replace -ENOSYS with -ENODEV + - Linux 5.4.149 + + -- Khalid Elmously Tue, 30 Nov 2021 23:49:46 -0500 + +linux-ibm (5.4.0-1007.8) focal; urgency=medium + + * focal/linux-ibm: 5.4.0-1007.8 -proposed tracker (LP: #1947246) + + * Packaging resync (LP: #1786013) + - [Packaging] update Ubuntu.md + + [ Ubuntu: 5.4.0-90.101 ] + + * focal/linux: 5.4.0-90.101 -proposed tracker (LP: #1947260) + * Packaging resync (LP: #1786013) + - debian/dkms-versions -- update from kernel-versions (main/2021.10.18) + * Add final-checks to check certificates (LP: #1947174) + - [Packaging] Add system trusted and revocation keys final check + * No sound on Lenovo laptop models Legion 15IMHG05, Yoga 7 14ITL5, and 13s + Gen2 (LP: #1939052) + - ALSA: hda/realtek: Quirks to enable speaker output for Lenovo Legion 7i + 15IMHG05, Yoga 7i 14ITL5/15ITL5, and 13s Gen2 laptops. + - ALSA: hda/realtek: Fix for quirk to enable speaker output on the Lenovo 13s + Gen2 + * CVE-2020-36385 + - RDMA/cma: Add missing locking to rdma_accept() + - RDMA/ucma: Fix the locking of ctx->file + - RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy + * Focal update: v5.4.148 upstream stable release (LP: #1946802) + - rtc: tps65910: Correct driver module alias + - btrfs: wake up async_delalloc_pages waiters after submit + - btrfs: reset replace target device to allocation state on close + - blk-zoned: allow zone management send operations without CAP_SYS_ADMIN + - blk-zoned: allow BLKREPORTZONE without CAP_SYS_ADMIN + - PCI/MSI: Skip masking MSI-X on Xen PV + - powerpc/perf/hv-gpci: Fix counter value parsing + - xen: fix setting of max_pfn in shared_info + - include/linux/list.h: add a macro to test if entry is pointing to the head + - 9p/xen: Fix end of loop tests for list_for_each_entry + - tools/thermal/tmon: Add cross compiling support + - pinctrl: stmfx: Fix hazardous u8[] to unsigned long cast + - pinctrl: ingenic: Fix incorrect pull up/down info + - soc: qcom: aoss: Fix the out of bound usage of cooling_devs + - soc: aspeed: lpc-ctrl: Fix boundary check for mmap + - soc: aspeed: p2a-ctrl: Fix boundary check for mmap + - arm64: head: avoid over-mapping in map_memory + - crypto: public_key: fix overflow during implicit conversion + - block: bfq: fix bfq_set_next_ioprio_data() + - power: supply: max17042: handle fails of reading status register + - dm crypt: Avoid percpu_counter spinlock contention in crypt_page_alloc() + - VMCI: fix NULL pointer dereference when unmapping queue pair + - media: uvc: don't do DMA on stack + - media: rc-loopback: return number of emitters rather than error + - Revert "dmaengine: imx-sdma: refine to load context only once" + - dmaengine: imx-sdma: remove duplicated sdma_load_context + - libata: add ATA_HORKAGE_NO_NCQ_TRIM for Samsung 860 and 870 SSDs + - ARM: 9105/1: atags_to_fdt: don't warn about stack size + - PCI/portdrv: Enable Bandwidth Notification only if port supports it + - PCI: Restrict ASMedia ASM1062 SATA Max Payload Size Supported + - PCI: Return ~0 data on pciconfig_read() CAP_SYS_ADMIN failure + - PCI: xilinx-nwl: Enable the clock through CCF + - PCI: aardvark: Fix checking for PIO status + - PCI: aardvark: Increase polling delay to 1.5s while waiting for PIO response + - PCI: aardvark: Fix masking and unmasking legacy INTx interrupts + - HID: input: do not report stylus battery state as "full" + - f2fs: quota: fix potential deadlock + - scsi: bsg: Remove support for SCSI_IOCTL_SEND_COMMAND + - IB/hfi1: Adjust pkey entry in index 0 + - RDMA/iwcm: Release resources if iw_cm module initialization fails + - docs: Fix infiniband uverbs minor number + - pinctrl: samsung: Fix pinctrl bank pin count + - vfio: Use config not menuconfig for VFIO_NOIOMMU + - powerpc/stacktrace: Include linux/delay.h + - RDMA/efa: Remove double QP type assignment + - f2fs: show f2fs instance in printk_ratelimited + - f2fs: reduce the scope of setting fsck tag when de->name_len is zero + - openrisc: don't printk() unconditionally + - dma-debug: fix debugfs initialization order + - SUNRPC: Fix potential memory corruption + - scsi: fdomain: Fix error return code in fdomain_probe() + - pinctrl: single: Fix error return code in pcs_parse_bits_in_pinctrl_entry() + - scsi: smartpqi: Fix an error code in pqi_get_raid_map() + - scsi: qedi: Fix error codes in qedi_alloc_global_queues() + - scsi: qedf: Fix error codes in qedf_alloc_global_queues() + - powerpc/config: Renable MTD_PHYSMAP_OF + - scsi: target: avoid per-loop XCOPY buffer allocations + - HID: i2c-hid: Fix Elan touchpad regression + - KVM: PPC: Book3S HV Nested: Reflect guest PMU in-use to L0 when guest SPRs + are live + - platform/x86: dell-smbios-wmi: Add missing kfree in error-exit from + run_smbios_call + - fscache: Fix cookie key hashing + - clk: at91: sam9x60: Don't use audio PLL + - clk: at91: clk-generated: pass the id of changeable parent at registration + - clk: at91: clk-generated: Limit the requested rate to our range + - KVM: PPC: Fix clearing never mapped TCEs in realmode + - f2fs: fix to account missing .skipped_gc_rwsem + - f2fs: fix unexpected ENOENT comes from f2fs_map_blocks() + - f2fs: fix to unmap pages from userspace process in punch_hole() + - MIPS: Malta: fix alignment of the devicetree buffer + - kbuild: Fix 'no symbols' warning when CONFIG_TRIM_UNUSD_KSYMS=y + - userfaultfd: prevent concurrent API initialization + - drm/amdgpu: Fix amdgpu_ras_eeprom_init() + - ASoC: atmel: ATMEL drivers don't need HAS_DMA + - media: dib8000: rewrite the init prbs logic + - crypto: mxs-dcp - Use sg_mapping_iter to copy data + - PCI: Use pci_update_current_state() in pci_enable_device_flags() + - tipc: keep the skb in rcv queue until the whole data is read + - iio: dac: ad5624r: Fix incorrect handling of an optional regulator. + - iavf: do not override the adapter state in the watchdog task + - iavf: fix locking of critical sections + - ARM: dts: qcom: apq8064: correct clock names + - video: fbdev: kyro: fix a DoS bug by restricting user input + - netlink: Deal with ESRCH error in nlmsg_notify() + - Smack: Fix wrong semantics in smk_access_entry() + - drm: avoid blocking in drm_clients_info's rcu section + - igc: Check if num of q_vectors is smaller than max before array access + - usb: host: fotg210: fix the endpoint's transactional opportunities + calculation + - usb: host: fotg210: fix the actual_length of an iso packet + - usb: gadget: u_ether: fix a potential null pointer dereference + - USB: EHCI: ehci-mv: improve error handling in mv_ehci_enable() + - usb: gadget: composite: Allow bMaxPower=0 if self-powered + - staging: board: Fix uninitialized spinlock when attaching genpd + - tty: serial: jsm: hold port lock when reporting modem line changes + - drm/amd/display: Fix timer_per_pixel unit error + - drm/amd/amdgpu: Update debugfs link_settings output link_rate field in hex + - bpf/tests: Fix copy-and-paste error in double word test + - bpf/tests: Do not PASS tests without actually testing the result + - video: fbdev: asiliantfb: Error out if 'pixclock' equals zero + - video: fbdev: kyro: Error out if 'pixclock' equals zero + - video: fbdev: riva: Error out if 'pixclock' equals zero + - ipv4: ip_output.c: Fix out-of-bounds warning in ip_copy_addrs() + - flow_dissector: Fix out-of-bounds warnings + - s390/jump_label: print real address in a case of a jump label bug + - s390: make PCI mio support a machine flag + - serial: 8250: Define RX trigger levels for OxSemi 950 devices + - xtensa: ISS: don't panic in rs_init + - hvsi: don't panic on tty_register_driver failure + - serial: 8250_pci: make setup_port() parameters explicitly unsigned + - staging: ks7010: Fix the initialization of the 'sleep_status' structure + - samples: bpf: Fix tracex7 error raised on the missing argument + - ata: sata_dwc_460ex: No need to call phy_exit() befre phy_init() + - Bluetooth: skip invalid hci_sync_conn_complete_evt + - workqueue: Fix possible memory leaks in wq_numa_init() + - bonding: 3ad: fix the concurrency between __bond_release_one() and + bond_3ad_state_machine_handler() + - arm64: tegra: Fix Tegra194 PCIe EP compatible string + - ASoC: Intel: bytcr_rt5640: Move "Platform Clock" routes to the maps for the + matching in-/output + - media: imx258: Rectify mismatch of VTS value + - media: imx258: Limit the max analogue gain to 480 + - media: v4l2-dv-timings.c: fix wrong condition in two for-loops + - media: TDA1997x: fix tda1997x_query_dv_timings() return value + - media: tegra-cec: Handle errors of clk_prepare_enable() + - ARM: dts: imx53-ppd: Fix ACHC entry + - arm64: dts: qcom: sdm660: use reg value for memory node + - net: ethernet: stmmac: Do not use unreachable() in ipq806x_gmac_probe() + - drm/msm: mdp4: drop vblank get/put from prepare/complete_commit + - selftests/bpf: Fix xdp_tx.c prog section name + - Bluetooth: schedule SCO timeouts with delayed_work + - Bluetooth: avoid circular locks in sco_sock_connect + - net/mlx5: Fix variable type to match 64bit + - gpu: drm: amd: amdgpu: amdgpu_i2c: fix possible uninitialized-variable + access in amdgpu_i2c_router_select_ddc_port() + - drm/display: fix possible null-pointer dereference in dcn10_set_clock() + - mac80211: Fix monitor MTU limit so that A-MSDUs get through + - ARM: tegra: tamonten: Fix UART pad setting + - arm64: tegra: Fix compatible string for Tegra132 CPUs + - arm64: dts: ls1046a: fix eeprom entries + - nvme-tcp: don't check blk_mq_tag_to_rq when receiving pdu data + - Bluetooth: Fix handling of LE Enhanced Connection Complete + - opp: Don't print an error if required-opps is missing + - serial: sh-sci: fix break handling for sysrq + - tcp: enable data-less, empty-cookie SYN with TFO_SERVER_COOKIE_NOT_REQD + - rpc: fix gss_svc_init cleanup on failure + - staging: rts5208: Fix get_ms_information() heap buffer size + - gfs2: Don't call dlm after protocol is unmounted + - usb: chipidea: host: fix port index underflow and UBSAN complains + - lockd: lockd server-side shouldn't set fl_ops + - drm/exynos: Always initialize mapping in exynos_drm_register_dma() + - m68knommu: only set CONFIG_ISA_DMA_API for ColdFire sub-arch + - btrfs: tree-log: check btrfs_lookup_data_extent return value + - ASoC: Intel: Skylake: Fix module configuration for KPB and MIXER + - ASoC: Intel: Skylake: Fix passing loadable flag for module + - of: Don't allow __of_attached_node_sysfs() without CONFIG_SYSFS + - mmc: sdhci-of-arasan: Check return value of non-void funtions + - mmc: rtsx_pci: Fix long reads when clock is prescaled + - selftests/bpf: Enlarge select() timeout for test_maps + - mmc: core: Return correct emmc response in case of ioctl error + - cifs: fix wrong release in sess_alloc_buffer() failed path + - Revert "USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST + quirk set" + - usb: musb: musb_dsps: request_irq() after initializing musb + - usbip: give back URBs for unsent unlink requests during cleanup + - usbip:vhci_hcd USB port can get stuck in the disabled state + - ASoC: rockchip: i2s: Fix regmap_ops hang + - ASoC: rockchip: i2s: Fixup config for DAIFMT_DSP_A/B + - drm/amdkfd: Account for SH/SE count when setting up cu masks. + - iwlwifi: mvm: fix a memory leak in iwl_mvm_mac_ctxt_beacon_changed + - iwlwifi: mvm: avoid static queue number aliasing + - iwlwifi: mvm: fix access to BSS elements + - net/mlx5: DR, Enable QP retransmission + - parport: remove non-zero check on count + - ath9k: fix OOB read ar9300_eeprom_restore_internal + - ath9k: fix sleeping in atomic context + - net: fix NULL pointer reference in cipso_v4_doi_free + - fix array-index-out-of-bounds in taprio_change + - net: w5100: check return value after calling platform_get_resource() + - parisc: fix crash with signals and alloca + - ovl: fix BUG_ON() in may_delete() when called from ovl_cleanup() + - scsi: BusLogic: Fix missing pr_cont() use + - scsi: qla2xxx: Changes to support kdump kernel + - scsi: qla2xxx: Sync queue idx with queue_pair_map idx + - cpufreq: powernv: Fix init_chip_info initialization in numa=off + - s390/pv: fix the forcing of the swiotlb + - mm/hugetlb: initialize hugetlb_usage in mm_init + - mm,vmscan: fix divide by zero in get_scan_count + - memcg: enable accounting for pids in nested pid namespaces + - platform/chrome: cros_ec_proto: Send command again when timeout occurs + - lib/test_stackinit: Fix static initializer test + - net: dsa: lantiq_gswip: fix maximum frame length + - drm/msi/mdp4: populate priv->kms in mdp4_kms_init + - drm/amdgpu: Fix BUG_ON assert + - drm/panfrost: Simplify lock_region calculation + - drm/panfrost: Use u64 for size in lock_region + - drm/panfrost: Clamp lock region to Bifrost minimum + - btrfs: fix upper limit for max_inline for page size 64K + - xen: reset legacy rtc flag for PV domU + - bnx2x: Fix enabling network interfaces without VFs + - arm64/sve: Use correct size when reinitialising SVE state + - PM: base: power: don't try to use non-existing RTC for storing data + - PCI: Add AMD GPU multi-function power dependencies + - drm/amd/amdgpu: Increase HWIP_MAX_INSTANCE to 10 + - drm/etnaviv: return context from etnaviv_iommu_context_get + - drm/etnaviv: put submit prev MMU context when it exists + - drm/etnaviv: stop abusing mmu_context as FE running marker + - drm/etnaviv: keep MMU context across runtime suspend/resume + - drm/etnaviv: exec and MMU state is lost when resetting the GPU + - drm/etnaviv: fix MMU context leak on GPU reset + - drm/etnaviv: reference MMU context when setting up hardware state + - drm/etnaviv: add missing MMU context put when reaping MMU mapping + - s390/sclp: fix Secure-IPL facility detection + - x86/mm: Fix kern_addr_valid() to cope with existing but not present entries + - tipc: fix an use-after-free issue in tipc_recvmsg + - net-caif: avoid user-triggerable WARN_ON(1) + - ptp: dp83640: don't define PAGE0 + - net/l2tp: Fix reference count leak in l2tp_udp_recv_core + - r6040: Restore MDIO clock frequency after MAC reset + - tipc: increase timeout in tipc_sk_enqueue() + - perf machine: Initialize srcline string member in add_location struct + - net/mlx5: FWTrace, cancel work on alloc pd error flow + - net/mlx5: Fix potential sleeping in atomic context + - events: Reuse value read using READ_ONCE instead of re-reading it + - vhost_net: fix OoB on sendmsg() failure. + - net/af_unix: fix a data-race in unix_dgram_poll + - net: dsa: destroy the phylink instance on any error in dsa_slave_phy_setup + - tcp: fix tp->undo_retrans accounting in tcp_sacktag_one() + - qed: Handle management FW error + - dt-bindings: arm: Fix Toradex compatible typo + - ibmvnic: check failover_pending in login response + - KVM: PPC: Book3S HV: Tolerate treclaim. in fake-suspend mode changing + registers + - net: hns3: pad the short tunnel frame before sending to hardware + - net: hns3: change affinity_mask to numa node range + - net: hns3: disable mac in flr process + - net: hns3: fix the timing issue of VF clearing interrupt sources + - mm/memory_hotplug: use "unsigned long" for PFN in zone_for_pfn_range() + - dt-bindings: mtd: gpmc: Fix the ECC bytes vs. OOB bytes equation + - mfd: db8500-prcmu: Adjust map to reality + - PCI: Add ACS quirks for NXP LX2xx0 and LX2xx2 platforms + - fuse: fix use after free in fuse_read_interrupt() + - mfd: Don't use irq_create_mapping() to resolve a mapping + - tracing/probes: Reject events which have the same name of existing one + - PCI: Add ACS quirks for Cavium multi-function devices + - Set fc_nlinfo in nh_create_ipv4, nh_create_ipv6 + - net: usb: cdc_mbim: avoid altsetting toggling for Telit LN920 + - PCI: ibmphp: Fix double unmap of io_mem + - ethtool: Fix an error code in cxgb2.c + - NTB: Fix an error code in ntb_msit_probe() + - NTB: perf: Fix an error code in perf_setup_inbuf() + - mfd: axp20x: Update AXP288 volatile ranges + - PCI: Fix pci_dev_str_match_path() alloc while atomic bug + - mfd: tqmx86: Clear GPIO IRQ resource when no IRQ is set + - KVM: arm64: Handle PSCI resets before userspace touches vCPU state + - PCI: Sync __pci_register_driver() stub for CONFIG_PCI=n + - mtd: rawnand: cafe: Fix a resource leak in the error handling path of + 'cafe_nand_probe()' + - ARC: export clear_user_page() for modules + - perf unwind: Do not overwrite FEATURE_CHECK_LDFLAGS-libunwind-{x86,aarch64} + - net: dsa: b53: Fix calculating number of switch ports + - netfilter: socket: icmp6: fix use-after-scope + - fq_codel: reject silly quantum parameters + - qlcnic: Remove redundant unlock in qlcnic_pinit_from_rom + - ip_gre: validate csum_start only on pull + - net: renesas: sh_eth: Fix freeing wrong tx descriptor + - Linux 5.4.148 + * Focal update: v5.4.147 upstream stable release (LP: #1946795) + - Linux 5.4.147 + - upstream stable to v5.4.147 + * CVE-2021-3428 + - ext4: save the error code which triggered an ext4_error() in the superblock + - ext4: simulate various I/O and checksum errors when reading metadata + - ext4: save all error info in save_error_info() and drop ext4_set_errno() + - ext4: check journal inode extents more carefully + * ip6gretap / erspan / ip6erspan in rtnetlink.sh from net of + ubuntu_kernel_selftests failed on B-5.4-aws / B-5.4-gke / B-5.4-oracle / + B-5.4-azure / B-5.4 (LP: #1896448) + - SAUCE: selftests: rtnetlink: fixes for older iproute2 + * CVE-2019-19449 + - f2fs: fix wrong total_sections check and fsmeta check + - f2fs: fix to do sanity check on segment/section count + * kernel bug found when disconnecting one fiber channel interface on Cisco + Chassis with fnic DRV_VERSION "1.6.0.47" (LP: #1944586) + - scsi: fnic: Do not call 'scsi_done()' for unhandled commands + * memfd from ubuntu_kernel_selftests failed to build on B-5.4 (unknown type + name ‘__u64’) (LP: #1944613) + - SAUCE: selftests/memfd: fix __u64 not defined build issue + * Medion Notebook Keyboard not working (LP: #1909814) + - ACPI: resources: Add DMI-based legacy IRQ override quirk + * vrf: fix refcnt leak with vxlan slaves (LP: #1945180) + - ipv4: Fix device used for dst_alloc with local routes + * Check for changes relevant for security certifications (LP: #1945989) + - [Packaging] Add a new fips-checks script + - [Packaging] Add fips-checks as part of finalchecks + * Fix cold plugged USB device on certain PCIe USB cards (LP: #1945211) + - Revert "UBUNTU: SAUCE: Revert "usb: core: reduce power-on-good delay time of + root hub"" + - usb: core: hcd: Add support for deferring roothub registration + - xhci: Set HCD flag to defer primary roothub registration + - usb: core: hcd: Modularize HCD stop configuration in usb_stop_hcd() + * CVE-2021-3759 + - memcg: enable accounting of ipc resources + * Focal update: v5.4.146 upstream stable release (LP: #1946024) + - locking/mutex: Fix HANDOFF condition + - regmap: fix the offset of register error log + - crypto: mxs-dcp - Check for DMA mapping errors + - sched/deadline: Fix reset_on_fork reporting of DL tasks + - power: supply: axp288_fuel_gauge: Report register-address on readb / writeb + errors + - crypto: omap-sham - clear dma flags only after omap_sham_update_dma_stop() + - sched/deadline: Fix missing clock update in migrate_task_rq_dl() + - rcu/tree: Handle VM stoppage in stall detection + - hrtimer: Avoid double reprogramming in __hrtimer_start_range_ns() + - hrtimer: Ensure timerfd notification for HIGHRES=n + - udf: Check LVID earlier + - udf: Fix iocharset=utf8 mount option + - isofs: joliet: Fix iocharset=utf8 mount option + - bcache: add proper error unwinding in bcache_device_init + - nvme-tcp: don't update queue count when failing to set io queues + - nvme-rdma: don't update queue count when failing to set io queues + - nvmet: pass back cntlid on successful completion + - power: supply: max17042_battery: fix typo in MAx17042_TOFF + - s390/cio: add dev_busid sysfs entry for each subchannel + - libata: fix ata_host_start() + - crypto: qat - do not ignore errors from enable_vf2pf_comms() + - crypto: qat - handle both source of interrupt in VF ISR + - crypto: qat - fix reuse of completion variable + - crypto: qat - fix naming for init/shutdown VF to PF notifications + - crypto: qat - do not export adf_iov_putmsg() + - fcntl: fix potential deadlock for &fasync_struct.fa_lock + - udf_get_extendedattr() had no boundary checks. + - s390/kasan: fix large PMD pages address alignment check + - s390/debug: fix debug area life cycle + - m68k: emu: Fix invalid free in nfeth_cleanup() + - sched: Fix UCLAMP_FLAG_IDLE setting + - spi: spi-fsl-dspi: Fix issue with uninitialized dma_slave_config + - spi: spi-pic32: Fix issue with uninitialized dma_slave_config + - genirq/timings: Fix error return code in irq_timings_test_irqs() + - lib/mpi: use kcalloc in mpi_resize + - clocksource/drivers/sh_cmt: Fix wrong setting if don't request IRQ for clock + source channel + - crypto: qat - use proper type for vf_mask + - certs: Trigger creation of RSA module signing key if it's not an RSA key + - regulator: vctrl: Use locked regulator_get_voltage in probe path + - regulator: vctrl: Avoid lockdep warning in enable/disable ops + - spi: sprd: Fix the wrong WDG_LOAD_VAL + - spi: spi-zynq-qspi: use wait_for_completion_timeout to make + zynq_qspi_exec_mem_op not interruptible + - EDAC/i10nm: Fix NVDIMM detection + - drm/panfrost: Fix missing clk_disable_unprepare() on error in + panfrost_clk_init() + - media: TDA1997x: enable EDID support + - soc: rockchip: ROCKCHIP_GRF should not default to y, unconditionally + - media: cxd2880-spi: Fix an error handling path + - bpf: Fix a typo of reuseport map in bpf.h. + - bpf: Fix potential memleak and UAF in the verifier. + - ARM: dts: aspeed-g6: Fix HVI3C function-group in pinctrl dtsi + - arm64: dts: renesas: r8a77995: draak: Remove bogus adv7511w properties + - soc: qcom: rpmhpd: Use corner in power_off + - media: dvb-usb: fix uninit-value in dvb_usb_adapter_dvb_init + - media: dvb-usb: fix uninit-value in vp702x_read_mac_addr + - media: dvb-usb: Fix error handling in dvb_usb_i2c_init + - media: go7007: remove redundant initialization + - media: coda: fix frame_mem_ctrl for YUV420 and YVU420 formats + - Bluetooth: sco: prevent information leak in sco_conn_defer_accept() + - 6lowpan: iphc: Fix an off-by-one check of array index + - netns: protect netns ID lookups with RCU + - tcp: seq_file: Avoid skipping sk during tcp_seek_last_pos + - ARM: dts: meson8: Use a higher default GPU clock frequency + - ARM: dts: meson8b: odroidc1: Fix the pwm regulator supply properties + - ARM: dts: meson8b: mxq: Fix the pwm regulator supply properties + - ARM: dts: meson8b: ec100: Fix the pwm regulator supply properties + - net/mlx5e: Prohibit inner indir TIRs in IPoIB + - cgroup/cpuset: Fix a partition bug with hotplug + - net: cipso: fix warnings in netlbl_cipsov4_add_std + - i2c: highlander: add IRQ check + - leds: lt3593: Put fwnode in any case during ->probe() + - leds: trigger: audio: Add an activate callback to ensure the initial + brightness is set + - media: em28xx-input: fix refcount bug in em28xx_usb_disconnect + - media: venus: venc: Fix potential null pointer dereference on pointer fmt + - PCI: PM: Avoid forcing PCI_D0 for wakeup reasons inconsistently + - PCI: PM: Enable PME if it can be signaled from D3cold + - soc: qcom: smsm: Fix missed interrupts if state changes while masked + - debugfs: Return error during {full/open}_proxy_open() on rmmod + - Bluetooth: increase BTNAMSIZ to 21 chars to fix potential buffer overflow + - PM: EM: Increase energy calculation precision + - drm/msm/dpu: make dpu_hw_ctl_clear_all_blendstages clear necessary LMs + - arm64: dts: exynos: correct GIC CPU interfaces address range on Exynos7 + - counter: 104-quad-8: Return error when invalid mode during ceiling_write + - Bluetooth: fix repeated calls to sco_sock_kill + - drm/msm/dsi: Fix some reference counted resource leaks + - usb: gadget: udc: at91: add IRQ check + - usb: phy: fsl-usb: add IRQ check + - usb: phy: twl6030: add IRQ checks + - usb: gadget: udc: renesas_usb3: Fix soc_device_match() abuse + - usb: host: ohci-tmio: add IRQ check + - usb: phy: tahvo: add IRQ check + - mac80211: Fix insufficient headroom issue for AMSDU + - lockd: Fix invalid lockowner cast after vfs_test_lock + - nfsd4: Fix forced-expiry locking + - usb: gadget: mv_u3d: request_irq() after initializing UDC + - mm/swap: consider max pages in iomap_swapfile_add_extent + - Bluetooth: add timeout sanity check to hci_inquiry + - i2c: iop3xx: fix deferred probing + - i2c: s3c2410: fix IRQ check + - rsi: fix error code in rsi_load_9116_firmware() + - rsi: fix an error code in rsi_probe() + - ASoC: Intel: Skylake: Leave data as is when invoking TLV IPCs + - ASoC: Intel: Skylake: Fix module resource and format selection + - mmc: dw_mmc: Fix issue with uninitialized dma_slave_config + - mmc: moxart: Fix issue with uninitialized dma_slave_config + - bpf: Fix possible out of bound write in narrow load handling + - CIFS: Fix a potencially linear read overflow + - i2c: mt65xx: fix IRQ check + - usb: ehci-orion: Handle errors of clk_prepare_enable() in probe + - usb: bdc: Fix an error handling path in 'bdc_probe()' when no suitable DMA + config is available + - tty: serial: fsl_lpuart: fix the wrong mapbase value + - ASoC: wcd9335: Fix a double irq free in the remove function + - ASoC: wcd9335: Fix a memory leak in the error handling path of the probe + function + - ASoC: wcd9335: Disable irq on slave ports in the remove function + - ath6kl: wmi: fix an error code in ath6kl_wmi_sync_point() + - bcma: Fix memory leak for internally-handled cores + - brcmfmac: pcie: fix oops on failure to resume and reprobe + - ipv6: make exception cache less predictible + - ipv4: make exception cache less predictible + - net: sched: Fix qdisc_rate_table refcount leak when get tcf_block failed + - net: qualcomm: fix QCA7000 checksum handling + - octeontx2-af: Fix loop in free and unmap counter + - ipv4: fix endianness issue in inet_rtm_getroute_build_skb() + - bpf: Introduce BPF nospec instruction for mitigating Spectre v4 + - bpf: Fix leakage due to insufficient speculative store bypass mitigation + - bpf: verifier: Allocate idmap scratch in verifier env + - bpf: Fix pointer arithmetic mask tightening under state pruning + - tty: Fix data race between tiocsti() and flush_to_ldisc() + - perf/x86/amd/ibs: Extend PERF_PMU_CAP_NO_EXCLUDE to IBS Op + - x86/resctrl: Fix a maybe-uninitialized build warning treated as error + - KVM: s390: index kvm->arch.idle_mask by vcpu_idx + - KVM: x86: Update vCPU's hv_clock before back to guest when tsc_offset is + adjusted + - KVM: nVMX: Unconditionally clear nested.pi_pending on nested VM-Enter + - fuse: truncate pagecache on atomic_o_trunc + - fuse: flush extending writes + - IMA: remove -Wmissing-prototypes warning + - IMA: remove the dependency on CRYPTO_MD5 + - fbmem: don't allow too huge resolutions + - backlight: pwm_bl: Improve bootloader/kernel device handover + - clk: kirkwood: Fix a clocking boot regression + - Linux 5.4.146 + * AMD A8-7680 (amdgpu): broken Xorg acceleration and hibernation + (LP: #1920674) // Focal update: v5.4.146 upstream stable release + (LP: #1946024) + - drm/amdgpu/acp: Make PM domain really work + * Focal update: v5.4.145 upstream stable release (LP: #1945517) + - fscrypt: add fscrypt_symlink_getattr() for computing st_size + - ext4: report correct st_size for encrypted symlinks + - f2fs: report correct st_size for encrypted symlinks + - ubifs: report correct st_size for encrypted symlinks + - kthread: Fix PF_KTHREAD vs to_kthread() race + - xtensa: fix kconfig unmet dependency warning for HAVE_FUTEX_CMPXCHG + - gpu: ipu-v3: Fix i.MX IPU-v3 offset calculations for (semi)planar U/V + formats + - reset: reset-zynqmp: Fixed the argument data type + - qed: Fix the VF msix vectors flow + - net: macb: Add a NULL check on desc_ptp + - qede: Fix memset corruption + - perf/x86/intel/pt: Fix mask of num_address_ranges + - perf/x86/amd/ibs: Work around erratum #1197 + - perf/x86/amd/power: Assign pmu.module + - cryptoloop: add a deprecation warning + - ARM: 8918/2: only build return_address() if needed + - ALSA: hda/realtek: Workaround for conflicting SSID on ASUS ROG Strix G17 + - ALSA: pcm: fix divide error in snd_pcm_lib_ioctl + - ARC: wireup clone3 syscall + - media: stkwebcam: fix memory leak in stk_camera_probe + - igmp: Add ip_mc_list lock in ip_check_mc_rcu + - USB: serial: mos7720: improve OOM-handling in read_mos_reg() + - ipv4/icmp: l3mdev: Perform icmp error route lookup on source device routing + table (v2) + - powerpc/boot: Delete unneeded .globl _zimage_start + - net: ll_temac: Remove left-over debug message + - mm/page_alloc: speed up the iteration of max_order + - Revert "r8169: avoid link-up interrupt issue on RTL8106e if user enables + ASPM" + - x86/events/amd/iommu: Fix invalid Perf result due to IOMMU PMC power-gating + - Revert "btrfs: compression: don't try to compress if we don't have enough + pages" + - ALSA: usb-audio: Add registration quirk for JBL Quantum 800 + - usb: host: xhci-rcar: Don't reload firmware after the completion + - usb: mtu3: use @mult for HS isoc or intr + - usb: mtu3: fix the wrong HS mult value + - xhci: fix unsafe memory usage in xhci tracing + - x86/reboot: Limit Dell Optiplex 990 quirk to early BIOS versions + - PCI: Call Max Payload Size-related fixup quirks early + - Linux 5.4.145 + * Focal update: v5.4.144 upstream stable release (LP: #1944756) + - net: qrtr: fix another OOB Read in qrtr_endpoint_post + - ARC: Fix CONFIG_STACKDEPOT + - netfilter: conntrack: collect all entries in one cycle + - once: Fix panic when module unload + - ovl: fix uninitialized pointer read in ovl_lookup_real_one() + - mmc: sdhci-msm: Update the software timeout value for sdhc + - mm, oom: make the calculation of oom badness more accurate + - can: usb: esd_usb2: esd_usb2_rx_event(): fix the interchange of the CAN RX + and TX error counters + - Revert "USB: serial: ch341: fix character loss at high transfer rates" + - USB: serial: option: add new VID/PID to support Fibocom FG150 + - usb: dwc3: gadget: Fix dwc3_calc_trbs_left() + - usb: dwc3: gadget: Stop EP0 transfers during pullup disable + - scsi: core: Fix hang of freezing queue between blocking and running device + - RDMA/bnxt_re: Add missing spin lock initialization + - IB/hfi1: Fix possible null-pointer dereference in _extend_sdma_tx_descs() + - e1000e: Fix the max snoop/no-snoop latency for 10M + - RDMA/efa: Free IRQ vectors on error flow + - ip_gre: add validation for csum_start + - xgene-v2: Fix a resource leak in the error handling path of 'xge_probe()' + - net: marvell: fix MVNETA_TX_IN_PRGRS bit number + - rtnetlink: Return correct error on changing device netns + - net: hns3: clear hardware resource when loading driver + - net: hns3: fix duplicate node in VLAN list + - net: hns3: fix get wrong pfc_en when query PFC configuration + - drm/i915: Fix syncmap memory leak + - usb: gadget: u_audio: fix race condition on endpoint stop + - perf/x86/intel/uncore: Fix integer overflow on 23 bit left shift of a u32 + - opp: remove WARN when no valid OPPs remain + - virtio: Improve vq->broken access to avoid any compiler optimization + - virtio_pci: Support surprise removal of virtio pci device + - vringh: Use wiov->used to check for read/write desc order + - qed: qed ll2 race condition fixes + - qed: Fix null-pointer dereference in qed_rdma_create_qp() + - drm: Copy drm_wait_vblank to user before returning + - drm/nouveau/disp: power down unused DP links during init + - net/rds: dma_map_sg is entitled to merge entries + - btrfs: fix race between marking inode needs to be logged and log syncing + - vt_kdsetmode: extend console locking + - bpf: Track contents of read-only maps as scalars + - bpf: Fix cast to pointer from integer of different size warning + - net: dsa: mt7530: fix VLAN traffic leaks again + - KVM: x86/mmu: Treat NX as used (not reserved) for all !TDP shadow MMUs + - arm64: dts: qcom: msm8994-angler: Fix gpio-reserved-ranges 85-88 + - btrfs: fix NULL pointer dereference when deleting device by invalid id + - Revert "floppy: reintroduce O_NDELAY fix" + - Revert "parisc: Add assembly implementations for memset, strlen, strcpy, + strncpy and strcat" + - net: don't unconditionally copy_from_user a struct ifreq for socket ioctls + - audit: move put_tree() to avoid trim_trees refcount underflow and UAF + - Linux 5.4.144 + + -- Khalid Elmously Mon, 25 Oct 2021 01:24:46 -0400 + +linux-ibm (5.4.0-1006.7) focal; urgency=medium + + * focal/linux-ibm: 5.4.0-1006.7 -proposed tracker (LP: #1944888) + + [ Ubuntu: 5.4.0-89.100 ] + + * focal/linux: 5.4.0-89.100 -proposed tracker (LP: #1944901) + * Packaging resync (LP: #1786013) + - debian/dkms-versions -- update from kernel-versions (main/2021.09.27) + * ext4 journal recovery fails w/ data=journal + mmap (LP: #1847340) + - jbd2: introduce/export functions + jbd2_journal_submit|finish_inode_data_buffers() + - jbd2, ext4, ocfs2: introduce/use journal callbacks + j_submit|finish_inode_data_buffers() + - ext4: data=journal: fixes for ext4_page_mkwrite() + - ext4: data=journal: write-protect pages on j_submit_inode_data_buffers() + - ext4: fix mmap write protection for data=journal mode + * CVE-2021-40490 + - ext4: fix race writing to an inline_data file while its xattrs are changing + * Obsolete patch "UBUNTU: SAUCE: ext4: fix directory index node split + corruption" (LP: #1942902) + - Revert "UBUNTU: SAUCE: ext4: fix directory index node split corruption" + * psock_snd.sh in net from ubuntu_kernel_selftests ADT failure with + focal/groovy/hirsute/impish (LP: #1892213) + - selftests/net: remove min gso test in packet_snd + * Focal update: v5.4.143 upstream stable release (LP: #1944212) + - ext4: fix EXT4_MAX_LOGICAL_BLOCK macro + - x86/fpu: Make init_fpstate correct with optimized XSAVE + - ath: Use safer key clearing with key cache entries + - ath9k: Clear key cache explicitly on disabling hardware + - ath: Export ath_hw_keysetmac() + - ath: Modify ath_key_delete() to not need full key entry + - ath9k: Postpone key cache entry deletion for TXQ frames reference it + - mtd: cfi_cmdset_0002: fix crash when erasing/writing AMD cards + - media: zr364xx: propagate errors from zr364xx_start_readpipe() + - media: zr364xx: fix memory leaks in probe() + - media: drivers/media/usb: fix memory leak in zr364xx_probe + - USB: core: Avoid WARNings for 0-length descriptor requests + - dmaengine: xilinx_dma: Fix read-after-free bug when terminating transfers + - dmaengine: usb-dmac: Fix PM reference leak in usb_dmac_probe() + - ARM: dts: am43x-epos-evm: Reduce i2c0 bus speed for tps65218 + - dmaengine: of-dma: router_xlate to return -EPROBE_DEFER if controller is not + yet available + - scsi: megaraid_mm: Fix end of loop tests for list_for_each_entry() + - scsi: scsi_dh_rdac: Avoid crash during rdac_bus_attach() + - scsi: core: Avoid printing an error if target_alloc() returns -ENXIO + - scsi: core: Fix capacity set to zero after offlinining device + - ARM: dts: nomadik: Fix up interrupt controller node names + - net: usb: lan78xx: don't modify phy_device state concurrently + - drm/amd/display: Fix Dynamic bpp issue with 8K30 with Navi 1X + - Bluetooth: hidp: use correct wait queue when removing ctrl_wait + - iommu: Check if group is NULL before remove device + - cpufreq: armada-37xx: forbid cpufreq for 1.2 GHz variant + - dccp: add do-while-0 stubs for dccp_pr_debug macros + - virtio: Protect vqs list access + - vhost: Fix the calculation in vhost_overflow() + - bpf: Clear zext_dst of dead insns + - bnxt: don't lock the tx queue from napi poll + - bnxt: disable napi before canceling DIM + - net: 6pack: fix slab-out-of-bounds in decode_data + - ptp_pch: Restore dependency on PCI + - bnxt_en: Add missing DMA memory barriers + - vrf: Reset skb conntrack connection on VRF rcv + - virtio-net: support XDP when not more queues + - virtio-net: use NETIF_F_GRO_HW instead of NETIF_F_LRO + - net: qlcnic: add missed unlock in qlcnic_83xx_flash_read32 + - net: mdio-mux: Don't ignore memory allocation errors + - net: mdio-mux: Handle -EPROBE_DEFER correctly + - ovs: clear skb->tstamp in forwarding path + - i40e: Fix ATR queue selection + - iavf: Fix ping is lost after untrusted VF had tried to change MAC + - ovl: add splice file read write helper + - mmc: dw_mmc: Fix hang on data CRC error + - ALSA: hda - fix the 'Capture Switch' value change notifications + - tracing / histogram: Fix NULL pointer dereference on strcmp() on NULL event + name + - slimbus: messaging: start transaction ids from 1 instead of zero + - slimbus: messaging: check for valid transaction id + - slimbus: ngd: reset dma setup during runtime pm + - ipack: tpci200: fix many double free issues in tpci200_pci_probe + - ipack: tpci200: fix memory leak in the tpci200_register + - btrfs: prevent rename2 from exchanging a subvol with a directory from + different parents + - PCI: Increase D3 delay for AMD Renoir/Cezanne XHCI + - ASoC: intel: atom: Fix breakage for PCM buffer address setup + - mm, memcg: avoid stale protection values when cgroup is above protection + - mm: memcontrol: fix occasional OOMs due to proportional memory.low reclaim + - fs: warn about impending deprecation of mandatory locks + - netfilter: nft_exthdr: fix endianness of tcp option cast + - Linux 5.4.143 + * Focal update: v5.4.142 upstream stable release (LP: #1944202) + - iio: adc: ti-ads7950: Ensure CS is deasserted after reading channels + - iio: humidity: hdc100x: Add margin to the conversion time + - iio: adc: Fix incorrect exit of for-loop + - ASoC: xilinx: Fix reference to PCM buffer address + - ASoC: intel: atom: Fix reference to PCM buffer address + - i2c: dev: zero out array used for i2c reads from userspace + - ceph: reduce contention in ceph_check_delayed_caps() + - ACPI: NFIT: Fix support for virtual SPA ranges + - libnvdimm/region: Fix label activation vs errors + - ieee802154: hwsim: fix GPF in hwsim_set_edge_lqi + - ieee802154: hwsim: fix GPF in hwsim_new_edge_nl + - ASoC: cs42l42: Correct definition of ADC Volume control + - ASoC: cs42l42: Don't allow SND_SOC_DAIFMT_LEFT_J + - ASoC: cs42l42: Fix inversion of ADC Notch Switch control + - ASoC: cs42l42: Remove duplicate control for WNF filter frequency + - netfilter: nf_conntrack_bridge: Fix memory leak when error + - ASoC: cs42l42: Fix LRCLK frame start edge + - net: dsa: mt7530: add the missing RxUnicast MIB counter + - platform/x86: pcengines-apuv2: revert wiring up simswitch GPIO as LED + - platform/x86: pcengines-apuv2: Add missing terminating entries to gpio- + lookup tables + - net: phy: micrel: Fix link detection on ksz87xx switch" + - ppp: Fix generating ifname when empty IFLA_IFNAME is specified + - net: sched: act_mirred: Reset ct info when mirror/redirect skb + - iavf: Set RSS LUT and key in reset handle path + - psample: Add a fwd declaration for skbuff + - net/mlx5: Fix return value from tracer initialization + - drm/meson: fix colour distortion from HDR set during vendor u-boot + - net: dsa: microchip: Fix ksz_read64() + - net: Fix memory leak in ieee802154_raw_deliver + - net: igmp: fix data-race in igmp_ifc_timer_expire() + - net: dsa: lan9303: fix broken backpressure in .port_fdb_dump + - net: dsa: lantiq: fix broken backpressure in .port_fdb_dump + - net: dsa: sja1105: fix broken backpressure in .port_fdb_dump + - net: bridge: fix memleak in br_add_if() + - net: linkwatch: fix failure to restore device state across suspend/resume + - tcp_bbr: fix u32 wrap bug in round logic if bbr_init() called after 2B + packets + - net: igmp: increase size of mr_ifc_count + - xen/events: Fix race in set_evtchn_to_irq + - vsock/virtio: avoid potential deadlock when vsock device remove + - nbd: Aovid double completion of a request + - powerpc/kprobes: Fix kprobe Oops happens in booke + - x86/tools: Fix objdump version check again + - genirq: Provide IRQCHIP_AFFINITY_PRE_STARTUP + - x86/msi: Force affinity setup before startup + - x86/ioapic: Force affinity setup before startup + - x86/resctrl: Fix default monitoring groups reporting + - genirq/msi: Ensure deactivation on teardown + - genirq/timings: Prevent potential array overflow in __irq_timings_store() + - PCI/MSI: Enable and mask MSI-X early + - PCI/MSI: Mask all unused MSI-X entries + - PCI/MSI: Enforce that MSI-X table entry is masked for update + - PCI/MSI: Enforce MSI[X] entry updates to be visible + - PCI/MSI: Do not set invalid bits in MSI mask + - PCI/MSI: Correct misleading comments + - PCI/MSI: Use msi_mask_irq() in pci_msi_shutdown() + - PCI/MSI: Protect msi_desc::masked for multi-MSI + - KVM: VMX: Use current VMCS to query WAITPKG support for MSR emulation + - ceph: add some lockdep assertions around snaprealm handling + - ceph: clean up locking annotation for ceph_get_snap_realm and + __lookup_snap_realm + - ceph: take snap_empty_lock atomically with snaprealm refcount change + - vmlinux.lds.h: Handle clang's module.{c,d}tor sections + - iommu/vt-d: Fix agaw for a supported 48 bit guest address width + - Linux 5.4.142 + * Focal update: v5.4.141 upstream stable release (LP: #1943484) + - KVM: SVM: Fix off-by-one indexing when nullifying last used SEV VMCB + - tee: Correct inappropriate usage of TEE_SHM_DMA_BUF flag + - media: v4l2-mem2mem: always consider OUTPUT queue during poll + - tracing: Reject string operand in the histogram expression + - usb: dwc3: Stop active transfers before halting the controller + - usb: dwc3: gadget: Allow runtime suspend if UDC unbinded + - usb: dwc3: gadget: Restart DWC3 gadget when enabling pullup + - usb: dwc3: gadget: Prevent EP queuing while stopping transfers + - usb: dwc3: gadget: Clear DEP flags after stop transfers in ep disable + - usb: dwc3: gadget: Disable gadget IRQ during pullup disable + - usb: dwc3: gadget: Avoid runtime resume if disabling pullup + - KVM: X86: MMU: Use the correct inherited permissions to get shadow page + - USB:ehci:fix Kunpeng920 ehci hardware problem + - ALSA: hda: Add quirk for ASUS Flow x13 + - ppp: Fix generating ppp unit id when ifname is not specified + - ovl: prevent private clone if bind mount is not allowed + - btrfs: make qgroup_free_reserved_data take btrfs_inode + - btrfs: make btrfs_qgroup_reserve_data take btrfs_inode + - btrfs: qgroup: allow to unreserve range without releasing other ranges + - btrfs: qgroup: try to flush qgroup space when we get -EDQUOT + - btrfs: transaction: Cleanup unused TRANS_STATE_BLOCKED + - btrfs: qgroup: remove ASYNC_COMMIT mechanism in favor of reserve retry- + after-EDQUOT + - btrfs: fix lockdep splat when enabling and disabling qgroups + - net: xilinx_emaclite: Do not print real IOMEM pointer + - btrfs: qgroup: don't commit transaction when we already hold the handle + - btrfs: export and rename qgroup_reserve_meta + - btrfs: don't flush from btrfs_delayed_inode_reserve_metadata + - Linux 5.4.141 + + [ Ubuntu: 5.4.0-88.99 ] + + * focal/linux: 5.4.0-88.99 -proposed tracker (LP: #1944747) + * Packaging resync (LP: #1786013) + - debian/dkms-versions -- update from kernel-versions (main/2021.09.06) + * please drop virtualbox-guest-dkms virtualbox-guest-source (LP: #1933248) + - Revert "UBUNTU: [Config] Disable virtualbox dkms build" + + [ Ubuntu: 5.4.0-87.98 ] + + * please drop virtualbox-guest-dkms virtualbox-guest-source (LP: #1933248) + - [Config] Disable virtualbox dkms build + * Packaging resync (LP: #1786013) + - debian/dkms-versions -- update from kernel-versions (main/2021.09.06) + * LRMv5: switch primary version handling to kernel-versions data set + (LP: #1928921) + - [Packaging] switch to kernel-versions + * disable “CONFIG_HISI_DMA” config for ubuntu version (LP: #1936771) + - Disable CONFIG_HISI_DMA + - [Config] Record hisi_dma no longer built for arm64 + * memory leaking when removing a profile (LP: #1939915) + - apparmor: Fix memory leak of profile proxy + * CryptoExpress EP11 cards are going offline (LP: #1939618) + - s390/zcrypt: Support for CCA protected key block version 2 + - s390: Replace zero-length array with flexible-array member + - s390/zcrypt: Use scnprintf() for avoiding potential buffer overflow + - s390/zcrypt: replace snprintf/sprintf with scnprintf + - s390/ap: Remove ap device suspend and resume callbacks + - s390/zcrypt: use fallthrough; + - s390/zcrypt: use kvmalloc instead of kmalloc for 256k alloc + - s390/ap: remove power management code from ap bus and drivers + - s390/ap: introduce new ap function ap_get_qdev() + - s390/zcrypt: use kzalloc + - s390/zcrypt: fix smatch warnings + - s390/zcrypt: code beautification and struct field renames + - s390/zcrypt: split ioctl function into smaller code units + - s390/ap: rename and clarify ap state machine related stuff + - s390/zcrypt: provide cex4 cca sysfs attributes for cex3 + - s390/ap: rework crypto config info and default domain code + - s390/zcrypt: simplify cca_findcard2 loop code + - s390/zcrypt: remove set_fs() invocation in zcrypt device driver + - s390/ap: remove unnecessary spin_lock_init() + - s390/zcrypt: Support for CCA APKA master keys + - s390/zcrypt: introduce msg tracking in zcrypt functions + - s390/ap: split ap queue state machine state from device state + - s390/ap: add error response code field for ap queue devices + - s390/ap: add card/queue deconfig state + - s390/sclp: Add support for SCLP AP adapter config/deconfig + - s390/ap: Support AP card SCLP config and deconfig operations + - s390/ap/zcrypt: revisit ap and zcrypt error handling + - s390/zcrypt: move ap_msg param one level up the call chain + - s390/zcrypt: Introduce Failure Injection feature + - s390/zcrypt: fix wrong format specifications + - s390/ap: fix ap devices reference counting + - s390/zcrypt: return EIO when msg retry limit reached + - s390/zcrypt: fix zcard and zqueue hot-unplug memleak + - s390/ap: Fix hanging ioctl caused by wrong msg counter + * memfd from ubuntu_kernel_selftests failed to build on B-5.4 (LP: #1926142) + - SAUCE: selftests/memfd: fix build when F_SEAL_FUTURE_WRITE is not defined + * [SRU] Ice driver causes the kernel to crash with Ubuntu 20.04.2 with ethtool + specific register commands (LP: #1939855) + - ice: Fix bad register reads + * ubunut_kernel_selftests: memory-hotplug: avoid spamming logs with + dump_page() (LP: #1941829) + - selftests: memory-hotplug: avoid spamming logs with dump_page(), ratio limit + hot-remove error test + * e1000e blocks the boot process when it tried to write checksum to its NVM + (LP: #1936998) + - e1000e: Do not take care about recovery NVM checksum + * Focal update: v5.4.140 upstream stable release (LP: #1941798) + - Revert "ACPICA: Fix memory leak caused by _CID repair function" + - ALSA: seq: Fix racy deletion of subscriber + - arm64: dts: ls1028a: fix node name for the sysclk + - ARM: imx: add missing iounmap() + - ARM: imx: add missing clk_disable_unprepare() + - ARM: dts: imx6qdl-sr-som: Increase the PHY reset duration to 10ms + - ARM: dts: colibri-imx6ull: limit SDIO clock to 25MHz + - ARM: imx: fix missing 3rd argument in macro imx_mmdc_perf_init + - ARM: dts: imx: Swap M53Menlo pinctrl_power_button/pinctrl_power_out pins + - arm64: dts: armada-3720-turris-mox: remove mrvl,i2c-fast-mode + - ALSA: usb-audio: fix incorrect clock source setting + - clk: stm32f4: fix post divisor setup for I2S/SAI PLLs + - ARM: dts: am437x-l4: fix typo in can@0 node + - omap5-board-common: remove not physically existing vdds_1v8_main fixed- + regulator + - spi: imx: mx51-ecspi: Reinstate low-speed CONFIGREG delay + - spi: imx: mx51-ecspi: Fix low-speed CONFIGREG delay calculation + - scsi: sr: Return correct event when media event code is 3 + - media: videobuf2-core: dequeue if start_streaming fails + - dmaengine: imx-dma: configure the generic DMA type to make it work + - net, gro: Set inner transport header offset in tcp/udp GRO hook + - net: dsa: sja1105: overwrite dynamic FDB entries with static ones in + .port_fdb_add + - net: dsa: sja1105: invalidate dynamic FDB entries learned concurrently with + statically added ones + - net: phy: micrel: Fix detection of ksz87xx switch + - net: natsemi: Fix missing pci_disable_device() in probe and remove + - gpio: tqmx86: really make IRQ optional + - sctp: move the active_key update after sh_keys is added + - nfp: update ethtool reporting of pauseframe control + - net: ipv6: fix returned variable type in ip6_skb_dst_mtu + - mips: Fix non-POSIX regexp + - bnx2x: fix an error code in bnx2x_nic_load() + - net: pegasus: fix uninit-value in get_interrupt_interval + - net: fec: fix use-after-free in fec_drv_remove + - net: vxge: fix use-after-free in vxge_device_unregister + - blk-iolatency: error out if blk_get_queue() failed in iolatency_set_limit() + - Bluetooth: defer cleanup of resources in hci_unregister_dev() + - USB: usbtmc: Fix RCU stall warning + - USB: serial: option: add Telit FD980 composition 0x1056 + - USB: serial: ch341: fix character loss at high transfer rates + - USB: serial: ftdi_sio: add device ID for Auto-M3 OP-COM v2 + - firmware_loader: use -ETIMEDOUT instead of -EAGAIN in fw_load_sysfs_fallback + - firmware_loader: fix use-after-free in firmware_fallback_sysfs + - ALSA: hda/realtek: add mic quirk for Acer SF314-42 + - ALSA: usb-audio: Add registration quirk for JBL Quantum 600 + - usb: cdns3: Fixed incorrect gadget state + - usb: gadget: f_hid: added GET_IDLE and SET_IDLE handlers + - usb: gadget: f_hid: fixed NULL pointer dereference + - usb: gadget: f_hid: idle uses the highest byte for duration + - usb: otg-fsm: Fix hrtimer list corruption + - clk: fix leak on devm_clk_bulk_get_all() unwind + - scripts/tracing: fix the bug that can't parse raw_trace_func + - tracing / histogram: Give calculation hist_fields a size + - optee: Clear stale cache entries during initialization + - tee: add tee_shm_alloc_kernel_buf() + - optee: Fix memory leak when failing to register shm pages + - tpm_ftpm_tee: Free and unregister TEE shared memory during kexec + - staging: rtl8723bs: Fix a resource leak in sd_int_dpc + - staging: rtl8712: get rid of flush_scheduled_work + - media: rtl28xxu: fix zero-length control request + - pipe: increase minimum default pipe size to 2 pages + - ext4: fix potential htree corruption when growing large_dir directories + - serial: tegra: Only print FIFO error message when an error occurs + - serial: 8250_mtk: fix uart corruption issue when rx power off + - serial: 8250: Mask out floating 16/32-bit bus bits + - MIPS: Malta: Do not byte-swap accesses to the CBUS UART + - serial: 8250_pci: Enumerate Elkhart Lake UARTs via dedicated driver + - serial: 8250_pci: Avoid irq sharing for MSI(-X) interrupts. + - timers: Move clearing of base::timer_running under base:: Lock + - pcmcia: i82092: fix a null pointer dereference bug + - md/raid10: properly indicate failure when ending a failed write request + - KVM: x86: accept userspace interrupt only if no event is injected + - KVM: Do not leak memory for duplicate debugfs directories + - KVM: x86/mmu: Fix per-cpu counter corruption on 32-bit builds + - arm64: vdso: Avoid ISB after reading from cntvct_el0 + - soc: ixp4xx: fix printing resources + - spi: meson-spicc: fix memory leak in meson_spicc_remove + - soc: ixp4xx/qmgr: fix invalid __iomem access + - perf/x86/amd: Don't touch the AMD64_EVENTSEL_HOSTONLY bit inside the guest + - bpf, selftests: Adjust few selftest result_unpriv outcomes + - libata: fix ata_pio_sector for CONFIG_HIGHMEM + - reiserfs: add check for root_inode in reiserfs_fill_super + - reiserfs: check directory items on read from disk + - virt_wifi: fix error on connect + - alpha: Send stop IPI to send to online CPUs + - net/qla3xxx: fix schedule while atomic in ql_wait_for_drvr_lock and + ql_adapter_reset + - arm64: fix compat syscall return truncation + - Linux 5.4.140 + * Focal update: v5.4.139 upstream stable release (LP: #1941796) + - btrfs: delete duplicated words + other fixes in comments + - btrfs: do not commit logs and transactions during link and rename operations + - btrfs: fix race causing unnecessary inode logging during link and rename + - btrfs: fix lost inode on log replay after mix of fsync, rename and inode + eviction + - regulator: rt5033: Fix n_voltages settings for BUCK and LDO + - spi: stm32h7: fix full duplex irq handler handling + - ASoC: tlv320aic31xx: fix reversed bclk/wclk master bits + - r8152: Fix potential PM refcount imbalance + - qed: fix possible unpaired spin_{un}lock_bh in _qed_mcp_cmd_and_union() + - net: Fix zero-copy head len calculation. + - nvme: fix nvme_setup_command metadata trace event + - ACPI: fix NULL pointer dereference + - Revert "Bluetooth: Shutdown controller after workqueues are flushed or + cancelled" + - firmware: arm_scmi: Ensure drivers provide a probe function + - firmware: arm_scmi: Add delayed response status check + - bpf: Inherit expanded/patched seen count from old aux data + - bpf: Do not mark insn as seen under speculative path verification + - bpf: Fix leakage under speculation on mispredicted branches + - bpf: Test_verifier, add alu32 bounds tracking tests + - bpf, selftests: Add a verifier test for assigning 32bit reg states to 64bit + ones + - bpf, selftests: Adjust few selftest outcomes wrt unreachable code + - spi: mediatek: Fix fifo transfer + - Linux 5.4.139 + * Focal update: v5.4.138 upstream stable release (LP: #1940559) + - net_sched: check error pointer in tcf_dump_walker() + - x86/asm: Ensure asm/proto.h can be included stand-alone + - btrfs: fix rw device counting in __btrfs_free_extra_devids + - btrfs: mark compressed range uptodate only if all bio succeed + - x86/kvm: fix vcpu-id indexed array sizes + - KVM: add missing compat KVM_CLEAR_DIRTY_LOG + - ocfs2: fix zero out valid data + - ocfs2: issue zeroout to EOF blocks + - can: j1939: j1939_xtp_rx_dat_one(): fix rxtimer value between consecutive + TP.DT to 750ms + - can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF + - can: mcba_usb_start(): add missing urb->transfer_dma initialization + - can: usb_8dev: fix memory leak + - can: ems_usb: fix memory leak + - can: esd_usb2: fix memory leak + - HID: wacom: Re-enable touch by default for Cintiq 24HDT / 27QHDT + - NIU: fix incorrect error return, missed in previous revert + - nfc: nfcsim: fix use after free during module unload + - cfg80211: Fix possible memory leak in function cfg80211_bss_update + - netfilter: conntrack: adjust stop timestamp to real expiry value + - netfilter: nft_nat: allow to specify layer 4 protocol NAT only + - i40e: Fix logic of disabling queues + - i40e: Fix firmware LLDP agent related warning + - i40e: Fix queue-to-TC mapping on Tx + - i40e: Fix log TC creation failure when max num of queues is exceeded + - tipc: fix sleeping in tipc accept routine + - net: Set true network header for ECN decapsulation + - mlx4: Fix missing error code in mlx4_load_one() + - net: llc: fix skb_over_panic + - net/mlx5: Fix flow table chaining + - net/mlx5e: Fix nullptr in mlx5e_hairpin_get_mdev() + - sctp: fix return value check in __sctp_rcv_asconf_lookup + - tulip: windbond-840: Fix missing pci_disable_device() in probe and remove + - sis900: Fix missing pci_disable_device() in probe and remove + - can: hi311x: fix a signedness bug in hi3110_cmd() + - PCI: mvebu: Setup BAR0 in order to fix MSI + - powerpc/pseries: Fix regression while building external modules + - i40e: Add additional info to PHY type error + - can: j1939: j1939_session_deactivate(): clarify lifetime of session object + - Linux 5.4.138 + * Focal update: v5.4.137 upstream stable release (LP: #1940557) + - selftest: fix build error in tools/testing/selftests/vm/userfaultfd.c + - tools: Allow proper CC/CXX/... override with LLVM=1 in Makefile.include + - KVM: x86: determine if an exception has an error code only when injecting + it. + - af_unix: fix garbage collect vs MSG_PEEK + - workqueue: fix UAF in pwq_unbound_release_workfn() + - cgroup1: fix leaked context root causing sporadic NULL deref in LTP + - net/802/mrp: fix memleak in mrp_request_join() + - net/802/garp: fix memleak in garp_request_join() + - net: annotate data race around sk_ll_usec + - sctp: move 198 addresses from unusable to private scope + - ipv6: allocate enough headroom in ip6_finish_output2() + - hfs: add missing clean-up in hfs_fill_super + - hfs: fix high memory mapping in hfs_bnode_read + - hfs: add lock nesting notation to hfs_find_init + - firmware: arm_scmi: Fix possible scmi_linux_errmap buffer overflow + - firmware: arm_scmi: Fix range check for the maximum number of pending + messages + - cifs: fix the out of range assignment to bit fields in + parse_server_interfaces + - iomap: remove the length variable in iomap_seek_data + - iomap: remove the length variable in iomap_seek_hole + - ARM: dts: versatile: Fix up interrupt controller node names + - ipv6: ip6_finish_output2: set sk into newly allocated nskb + - Linux 5.4.137 + * Focal update: v5.4.136 upstream stable release (LP: #1939899) + - igc: Fix use-after-free error during reset + - igb: Fix use-after-free error during reset + - igc: change default return of igc_read_phy_reg() + - ixgbe: Fix an error handling path in 'ixgbe_probe()' + - igc: Prefer to use the pci_release_mem_regions method + - igc: Fix an error handling path in 'igc_probe()' + - igb: Fix an error handling path in 'igb_probe()' + - fm10k: Fix an error handling path in 'fm10k_probe()' + - e1000e: Fix an error handling path in 'e1000_probe()' + - iavf: Fix an error handling path in 'iavf_probe()' + - igb: Check if num of q_vectors is smaller than max before array access + - igb: Fix position of assignment to *ring + - gve: Fix an error handling path in 'gve_probe()' + - ipv6: fix 'disable_policy' for fwd packets + - selftests: icmp_redirect: remove from checking for IPv6 route get + - selftests: icmp_redirect: IPv6 PMTU info should be cleared after redirect + - pwm: sprd: Ensure configuring period and duty_cycle isn't wrongly skipped + - cxgb4: fix IRQ free race during driver unload + - nvme-pci: do not call nvme_dev_remove_admin from nvme_remove + - perf probe: Fix dso->nsinfo refcounting + - perf env: Fix sibling_dies memory leak + - perf test session_topology: Delete session->evlist + - perf test event_update: Fix memory leak of evlist + - perf dso: Fix memory leak in dso__new_map() + - perf script: Fix memory 'threads' and 'cpus' leaks on exit + - perf lzma: Close lzma stream on exit + - perf probe-file: Delete namelist in del_events() on the error path + - perf data: Close all files in close_dir() + - spi: imx: add a check for speed_hz before calculating the clock + - spi: stm32: Use dma_request_chan() instead dma_request_slave_channel() + - spi: stm32: fixes pm_runtime calls in probe/remove + - regulator: hi6421: Use correct variable type for regmap api val argument + - regulator: hi6421: Fix getting wrong drvdata + - spi: mediatek: fix fifo rx mode + - ASoC: rt5631: Fix regcache sync errors on resume + - liquidio: Fix unintentional sign extension issue on left shift of u16 + - s390/bpf: Perform r1 range checking before accessing jit->seen_reg[r1] + - bpf, sockmap, tcp: sk_prot needs inuse_idx set for proc stats + - bpftool: Check malloc return value in mount_bpffs_for_pin + - net: fix uninit-value in caif_seqpkt_sendmsg + - efi/tpm: Differentiate missing and invalid final event log table. + - net: decnet: Fix sleeping inside in af_decnet + - KVM: PPC: Book3S: Fix CONFIG_TRANSACTIONAL_MEM=n crash + - KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak + - net: sched: fix memory leak in tcindex_partial_destroy_work + - netrom: Decrease sock refcount when sock timers expire + - scsi: iscsi: Fix iface sysfs attr detection + - scsi: target: Fix protect handling in WRITE SAME(32) + - spi: cadence: Correct initialisation of runtime PM again + - bnxt_en: Improve bnxt_ulp_stop()/bnxt_ulp_start() call sequence. + - bnxt_en: Refresh RoCE capabilities in bnxt_ulp_probe() + - bnxt_en: Add missing check for BNXT_STATE_ABORT_ERR in bnxt_fw_rset_task() + - bnxt_en: Check abort error state in bnxt_half_open_nic() + - net: hisilicon: rename CACHE_LINE_MASK to avoid redefinition + - net/tcp_fastopen: fix data races around tfo_active_disable_stamp + - net: hns3: fix rx VLAN offload state inconsistent issue + - net/sched: act_skbmod: Skip non-Ethernet packets + - ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions + - nvme-pci: don't WARN_ON in nvme_reset_work if ctrl.state is not RESETTING + - Revert "USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem" + - afs: Fix tracepoint string placement with built-in AFS + - r8169: Avoid duplicate sysfs entry creation error + - nvme: set the PRACT bit when using Write Zeroes with T10 PI + - sctp: update active_key for asoc when old key is being replaced + - net: sched: cls_api: Fix the the wrong parameter + - drm/panel: raspberrypi-touchscreen: Prevent double-free + - proc: Avoid mixing integer types in mem_rw() + - s390/ftrace: fix ftrace_update_ftrace_func implementation + - s390/boot: fix use of expolines in the DMA code + - ALSA: usb-audio: Add missing proc text entry for BESPOKEN type + - ALSA: usb-audio: Add registration quirk for JBL Quantum headsets + - ALSA: sb: Fix potential ABBA deadlock in CSP driver + - ALSA: hdmi: Expose all pins on MSI MS-7C94 board + - xhci: Fix lost USB 2 remote wake + - KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow + - KVM: PPC: Book3S HV Nested: Sanitise H_ENTER_NESTED TM state + - usb: hub: Disable USB 3 device initiated lpm if exit latency is too high + - usb: hub: Fix link power management max exit latency (MEL) calculations + - USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS + - usb: max-3421: Prevent corruption of freed memory + - usb: renesas_usbhs: Fix superfluous irqs happen after usb_pkt_pop() + - USB: serial: option: add support for u-blox LARA-R6 family + - USB: serial: cp210x: fix comments for GE CS1000 + - USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick + - usb: dwc2: gadget: Fix sending zero length packet in DDMA mode. + - firmware/efi: Tell memblock about EFI iomem reservations + - tracing/histogram: Rename "cpu" to "common_cpu" + - tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. + - btrfs: check for missing device in btrfs_trim_fs + - media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() + - ixgbe: Fix packet corruption due to missing DMA sync + - selftest: use mmap instead of posix_memalign to allocate memory + - userfaultfd: do not untag user pointers + - hugetlbfs: fix mount mode command line processing + - rbd: don't hold lock_rwsem while running_list is being drained + - rbd: always kick acquire on "acquired" and "released" notifications + - nds32: fix up stack guard gap + - drm: Return -ENOTTY for non-drm ioctls + - net: dsa: mv88e6xxx: use correct .stats_set_histogram() on Topaz + - net: bcmgenet: ensure EXT_ENERGY_DET_MASK is clear + - iio: accel: bma180: Use explicit member assignment + - iio: accel: bma180: Fix BMA25x bandwidth register values + - btrfs: compression: don't try to compress if we don't have enough pages + - PCI: Mark AMD Navi14 GPU ATS as broken + - perf inject: Close inject.output on exit + - xhci: add xhci_get_virt_ep() helper + - Linux 5.4.136 + * Focal update: v5.4.135 upstream stable release (LP: #1939442) + - ARM: dts: gemini: rename mdio to the right name + - ARM: dts: gemini: add device_type on pci + - ARM: dts: rockchip: fix pinctrl sleep nodename for rk3036-kylin and rk3288 + - arm64: dts: rockchip: fix pinctrl sleep nodename for rk3399.dtsi + - ARM: dts: rockchip: Fix the timer clocks order + - ARM: dts: rockchip: Fix IOMMU nodes properties on rk322x + - ARM: dts: rockchip: Fix power-controller node names for rk3066a + - ARM: dts: rockchip: Fix power-controller node names for rk3188 + - ARM: dts: rockchip: Fix power-controller node names for rk3288 + - arm64: dts: rockchip: Fix power-controller node names for px30 + - arm64: dts: rockchip: Fix power-controller node names for rk3328 + - reset: ti-syscon: fix to_ti_syscon_reset_data macro + - ARM: brcmstb: dts: fix NAND nodes names + - ARM: Cygnus: dts: fix NAND nodes names + - ARM: NSP: dts: fix NAND nodes names + - ARM: dts: BCM63xx: Fix NAND nodes names + - ARM: dts: Hurricane 2: Fix NAND nodes names + - ARM: dts: imx6: phyFLEX: Fix UART hardware flow control + - ARM: imx: pm-imx5: Fix references to imx5_cpu_suspend_info + - rtc: mxc_v2: add missing MODULE_DEVICE_TABLE + - kbuild: sink stdout from cmd for silent build + - ARM: dts: am57xx-cl-som-am57x: fix ti,no-reset-on-init flag for gpios + - ARM: dts: am437x-gp-evm: fix ti,no-reset-on-init flag for gpios + - ARM: dts: stm32: fix gpio-keys node on STM32 MCU boards + - ARM: dts: stm32: fix RCC node name on stm32f429 MCU + - ARM: dts: stm32: fix timer nodes on STM32 MCU to prevent warnings + - arm64: dts: juno: Update SCPI nodes as per the YAML schema + - ARM: dts: rockchip: fix supply properties in io-domains nodes + - ARM: dts: stm32: fix i2c node name on stm32f746 to prevent warnings + - ARM: dts: stm32: move stmmac axi config in ethernet node on stm32mp15 + - soc/tegra: fuse: Fix Tegra234-only builds + - firmware: tegra: bpmp: Fix Tegra234-only builds + - arm64: dts: ls208xa: remove bus-num from dspi node + - arm64: dts: imx8mq: assign PCIe clocks + - thermal/core: Correct function name thermal_zone_device_unregister() + - kbuild: mkcompile_h: consider timestamp if KBUILD_BUILD_TIMESTAMP is set + - rtc: max77686: Do not enforce (incorrect) interrupt trigger type + - scsi: aic7xxx: Fix unintentional sign extension issue on left shift of u8 + - scsi: libsas: Add LUN number check in .slave_alloc callback + - scsi: libfc: Fix array index out of bound exception + - scsi: qedf: Add check to synchronize abort and flush + - sched/fair: Fix CFS bandwidth hrtimer expiry type + - s390: introduce proper type handling call_on_stack() macro + - cifs: prevent NULL deref in cifs_compose_mount_options() + - arm64: dts: armada-3720-turris-mox: add firmware node + - firmware: turris-mox-rwtm: add marvell,armada-3700-rwtm-firmware compatible + string + - arm64: dts: marvell: armada-37xx: move firmware node to generic dtsi file + - f2fs: Show casefolding support only when supported + - usb: cdns3: Enable TDL_CHK only for OUT ep + - Revert "UBUNTU: SAUCE: Revert "mm: memcg/slab: fix memory leak at non-root + kmem_cache destroy"" + - mm: slab: fix kmem_cache_create failed when sysfs node not destroyed + - dm writecache: return the exact table values that were set + - net: dsa: mv88e6xxx: enable .port_set_policy() on Topaz + - net: dsa: mv88e6xxx: enable .rmu_disable() on Topaz + - net: ipv6: fix return value of ip6_skb_dst_mtu + - netfilter: ctnetlink: suspicious RCU usage in ctnetlink_dump_helpinfo + - net/sched: act_ct: fix err check for nf_conntrack_confirm + - net: bridge: sync fdb to new unicast-filtering ports + - net: bcmgenet: Ensure all TX/RX queues DMAs are disabled + - net: ip_tunnel: fix mtu calculation for ETHER tunnel devices + - net: moxa: fix UAF in moxart_mac_probe + - net: qcom/emac: fix UAF in emac_remove + - net: ti: fix UAF in tlan_remove_one + - net: send SYNACK packet with accepted fwmark + - net: validate lwtstate->data before returning from skb_tunnel_info() + - net: fddi: fix UAF in fza_probe + - dma-buf/sync_file: Don't leak fences on merge failure + - tcp: annotate data races around tp->mtu_info + - ipv6: tcp: drop silly ICMPv6 packet too big messages + - bpftool: Properly close va_list 'ap' by va_end() on error + - perf test bpf: Free obj_buf + - udp: annotate data races around unix_sk(sk)->gso_size + - Linux 5.4.135 + * Focal update: v5.4.134 upstream stable release (LP: #1939440) + - KVM: mmio: Fix use-after-free Read in kvm_vm_ioctl_unregister_coalesced_mmio + - KVM: x86: Use guest MAXPHYADDR from CPUID.0x8000_0008 iff TDP is enabled + - KVM: X86: Disable hardware breakpoints unconditionally before kvm_x86->run() + - scsi: core: Fix bad pointer dereference when ehandler kthread is invalid + - tracing: Do not reference char * as a string in histograms + - cgroup: verify that source is a string + - fbmem: Do not delete the mode that is still in use + - net: moxa: Use devm_platform_get_and_ioremap_resource() + - dmaengine: fsl-qdma: check dma_set_mask return value + - srcu: Fix broken node geometry after early ssp init + - tty: serial: fsl_lpuart: fix the potential risk of division or modulo by + zero + - misc/libmasm/module: Fix two use after free in ibmasm_init_one + - misc: alcor_pci: fix null-ptr-deref when there is no PCI bridge + - iio: gyro: fxa21002c: Balance runtime pm + use pm_runtime_resume_and_get(). + - iio: magn: bmc150: Balance runtime pm + use pm_runtime_resume_and_get() + - ALSA: usx2y: Don't call free_pages_exact() with NULL address + - Revert "ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro" + - w1: ds2438: fixing bug that would always get page0 + - scsi: hisi_sas: Propagate errors in interrupt_init_v1_hw() + - scsi: lpfc: Fix "Unexpected timeout" error in direct attach topology + - scsi: lpfc: Fix crash when lpfc_sli4_hba_setup() fails to initialize the + SGLs + - scsi: core: Cap scsi_host cmd_per_lun at can_queue + - ALSA: ac97: fix PM reference leak in ac97_bus_remove() + - tty: serial: 8250: serial_cs: Fix a memory leak in error handling path + - scsi: scsi_dh_alua: Check for negative result value + - fs/jfs: Fix missing error code in lmLogInit() + - scsi: megaraid_sas: Fix resource leak in case of probe failure + - scsi: megaraid_sas: Early detection of VD deletion through RaidMap update + - scsi: megaraid_sas: Handle missing interrupts while re-enabling IRQs + - scsi: iscsi: Add iscsi_cls_conn refcount helpers + - scsi: iscsi: Fix conn use after free during resets + - scsi: iscsi: Fix shost->max_id use + - scsi: qedi: Fix null ref during abort handling + - mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE + - mfd: cpcap: Fix cpcap dmamask not set warnings + - ASoC: img: Fix PM reference leak in img_i2s_in_probe() + - serial: tty: uartlite: fix console setup + - s390/sclp_vt220: fix console name to match device + - ALSA: sb: Fix potential double-free of CSP mixer elements + - powerpc/ps3: Add dma_mask to ps3_dma_region + - iommu/arm-smmu: Fix arm_smmu_device refcount leak when arm_smmu_rpm_get + fails + - iommu/arm-smmu: Fix arm_smmu_device refcount leak in address translation + - gpio: zynq: Check return value of pm_runtime_get_sync + - ALSA: ppc: fix error return code in snd_pmac_probe() + - selftests/powerpc: Fix "no_handler" EBB selftest + - gpio: pca953x: Add support for the On Semi pca9655 + - ASoC: soc-core: Fix the error return code in + snd_soc_of_parse_audio_routing() + - s390/processor: always inline stap() and __load_psw_mask() + - s390/ipl_parm: fix program check new psw handling + - s390/mem_detect: fix diag260() program check new psw handling + - s390/mem_detect: fix tprot() program check new psw handling + - Input: hideep - fix the uninitialized use in hideep_nvm_unlock() + - ALSA: bebob: add support for ToneWeal FW66 + - ALSA: usb-audio: scarlett2: Fix 18i8 Gen 2 PCM Input count + - ALSA: usb-audio: scarlett2: Fix data_mutex lock + - ALSA: usb-audio: scarlett2: Fix scarlett2_*_ctl_put() return values + - usb: gadget: f_hid: fix endianness issue with descriptors + - usb: gadget: hid: fix error return code in hid_bind() + - powerpc/boot: Fixup device-tree on little endian + - ASoC: Intel: kbl_da7219_max98357a: shrink platform_id below 20 characters + - backlight: lm3630a: Fix return code of .update_status() callback + - ALSA: hda: Add IRQ check for platform_get_irq() + - ALSA: usb-audio: scarlett2: Fix 6i6 Gen 2 line out descriptions + - staging: rtl8723bs: fix macro value for 2.4Ghz only device + - intel_th: Wait until port is in reset before programming it + - i2c: core: Disable client irq on reboot/shutdown + - power: supply: sc27xx: Add missing MODULE_DEVICE_TABLE + - power: supply: sc2731_charger: Add missing MODULE_DEVICE_TABLE + - pwm: spear: Don't modify HW state in .remove callback + - power: supply: ab8500: Avoid NULL pointers + - power: supply: max17042: Do not enforce (incorrect) interrupt trigger type + - power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE + - ARM: 9087/1: kprobes: test-thumb: fix for LLVM_IAS=1 + - PCI/P2PDMA: Avoid pci_get_slot(), which may sleep + - watchdog: Fix possible use-after-free in wdt_startup() + - watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff() + - watchdog: Fix possible use-after-free by calling del_timer_sync() + - watchdog: imx_sc_wdt: fix pretimeout + - x86/fpu: Return proper error codes from user access functions + - PCI: tegra: Add missing MODULE_DEVICE_TABLE + - orangefs: fix orangefs df output. + - ceph: remove bogus checks and WARN_ONs from ceph_set_page_dirty + - NFS: nfs_find_open_context() may only select open files + - power: supply: charger-manager: add missing MODULE_DEVICE_TABLE + - power: supply: ab8500: add missing MODULE_DEVICE_TABLE + - pwm: img: Fix PM reference leak in img_pwm_enable() + - pwm: tegra: Don't modify HW state in .remove callback + - ACPI: AMBA: Fix resource name in /proc/iomem + - ACPI: video: Add quirk for the Dell Vostro 3350 + - virtio-blk: Fix memory leak among suspend/resume procedure + - virtio_net: Fix error handling in virtnet_restore() + - virtio_console: Assure used length from device is limited + - x86/signal: Detect and prevent an alternate signal stack overflow + - f2fs: add MODULE_SOFTDEP to ensure crc32 is included in the initramfs + - PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun + - power: supply: rt5033_battery: Fix device tree enumeration + - NFSv4: Initialise connection to the server in nfs4_alloc_client() + - um: fix error return code in slip_open() + - um: fix error return code in winch_tramp() + - watchdog: aspeed: fix hardware timeout calculation + - nfs: fix acl memory leak of posix_acl_create() + - ubifs: Set/Clear I_LINKABLE under i_lock for whiteout inode + - PCI: iproc: Fix multi-MSI base vector number allocation + - PCI: iproc: Support multi-MSI only on uniprocessor kernel + - x86/fpu: Limit xstate copy size in xstateregs_set() + - pwm: imx1: Don't disable clocks at device remove time + - virtio_net: move tx vq operation under tx queue lock + - nvme-tcp: can't set sk_user_data without write_lock + - ALSA: isa: Fix error return code in snd_cmi8330_probe() + - NFSv4/pNFS: Don't call _nfs4_pnfs_v3_ds_connect multiple times + - hexagon: use common DISCARDS macro + - ARM: dts: gemini-rut1xx: remove duplicate ethernet node + - reset: a10sr: add missing of_match_table reference + - ARM: exynos: add missing of_node_put for loop iteration + - ARM: dts: exynos: fix PWM LED max brightness on Odroid XU/XU3 + - ARM: dts: exynos: fix PWM LED max brightness on Odroid HC1 + - ARM: dts: exynos: fix PWM LED max brightness on Odroid XU4 + - memory: atmel-ebi: add missing of_node_put for loop iteration + - reset: brcmstb: Add missing MODULE_DEVICE_TABLE + - memory: pl353: Fix error return code in pl353_smc_probe() + - rtc: fix snprintf() checking in is_rtc_hctosys() + - arm64: dts: renesas: v3msk: Fix memory size + - ARM: dts: r8a7779, marzen: Fix DU clock names + - firmware: tegra: Fix error return code in tegra210_bpmp_init() + - firmware: arm_scmi: Reset Rx buffer to max size during async commands + - ARM: dts: BCM5301X: Fixup SPI binding + - reset: bail if try_module_get() fails + - memory: fsl_ifc: fix leak of IO mapping on probe failure + - memory: fsl_ifc: fix leak of private memory on probe failure + - ARM: dts: am335x: align ti,pindir-d0-out-d1-in property with dt-shema + - ARM: dts: am437x: align ti,pindir-d0-out-d1-in property with dt-shema + - ARM: dts: imx6q-dhcom: Fix ethernet reset time properties + - ARM: dts: imx6q-dhcom: Fix ethernet plugin detection problems + - ARM: dts: imx6q-dhcom: Add gpios pinctrl for i2c bus recovery + - thermal/drivers/rcar_gen3_thermal: Fix coefficient calculations + - firmware: turris-mox-rwtm: fix reply status decoding function + - firmware: turris-mox-rwtm: report failures better + - firmware: turris-mox-rwtm: fail probing when firmware does not support hwrng + - scsi: be2iscsi: Fix an error handling path in beiscsi_dev_probe() + - mips: always link byteswap helpers into decompressor + - mips: disable branch profiling in boot/decompress.o + - MIPS: vdso: Invalid GIC access through VDSO + - scsi: scsi_dh_alua: Fix signedness bug in alua_rtpg() + - misc: alcor_pci: fix inverted branch condition + - Linux 5.4.134 + + [ Ubuntu: 5.4.0-86.97 ] + + * s390x BPF JIT vulnerabilities (LP: #1943960) + - SAUCE: s390/bpf: Fix 64-bit subtraction of the -0x80000000 constant + - SAUCE: s390/bpf: Fix optimizing out zero-extensions + + -- Khalid Elmously Sun, 03 Oct 2021 23:07:33 -0400 + +linux-ibm (5.4.0-1005.6) focal; urgency=medium + + * focal/linux-ibm: 5.4.0-1005.6 -proposed tracker (LP: #1942544) + + * please drop virtualbox-guest-dkms virtualbox-guest-source (LP: #1933248) + - [Config] ibm: Disable virtualbox dkms build + + * Packaging resync (LP: #1786013) + - [Packaging] update variants + + -- Kelsey Skunberg Tue, 14 Sep 2021 12:40:21 -0600 + +linux-ibm (5.4.0-1004.5) focal; urgency=medium + + * focal/linux-ibm: 5.4.0-1004.5 -proposed tracker (LP: #1939786) + + * Focal update: v5.4.129 upstream stable release (LP: #1936242) + - [Config] ibm: enable CONFIG_SYSTEM_REVOCATION_LIST + + [ Ubuntu: 5.4.0-84.94 ] + + * focal/linux: 5.4.0-84.94 -proposed tracker (LP: #1941767) + * Server boot failure after adding checks for ACPI IRQ override (LP: #1941657) + - Revert "ACPI: resources: Add checks for ACPI IRQ override" + + [ Ubuntu: 5.4.0-83.93 ] + + * focal/linux: 5.4.0-83.93 -proposed tracker (LP: #1940159) + * fails to launch linux L2 guests on AMD (LP: #1940134) // CVE-2021-3653 + - KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl + (CVE-2021-3653) + * fails to launch linux L2 guests on AMD (LP: #1940134) + - SAUCE: Revert "UBUNTU: SAUCE: KVM: nSVM: avoid picking up unsupported bits + from L2 in int_ctl" + + [ Ubuntu: 5.4.0-82.92 ] + + * focal/linux: 5.4.0-82.92 -proposed tracker (LP: #1939799) + * Packaging resync (LP: #1786013) + - debian/dkms-versions -- update from kernel-versions (main/2021.08.16) + * CVE-2021-3656 + - SAUCE: KVM: nSVM: always intercept VMLOAD/VMSAVE when nested + * CVE-2021-3653 + - SAUCE: KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl + * [regression] USB device is not detected during boot (LP: #1939638) + - SAUCE: Revert "usb: core: reduce power-on-good delay time of root hub" + * dev_forward_skb: do not scrub skb mark within the same name space + (LP: #1935040) + - dev_forward_skb: do not scrub skb mark within the same name space + * XPS 9510 (TGL) Screen Brightness could not be changed (LP: #1933566) + - SAUCE: drm/i915: Force DPCD backlight mode for Dell XPS 9510(TGL) + * Acer Aspire 5 sound driver issues (LP: #1930188) + - ALSA: hda/realtek: headphone and mic don't work on an Acer laptop + * Sony Dualshock 4 usb dongle crashes the whole system (LP: #1935846) + - HID: sony: Workaround for DS4 dongle hotplug kernel crash. + * [21.10 FEAT] KVM: Provide a secure guest indication (LP: #1933173) + - s390/uv: add prot virt guest/host indication files + - s390/uv: fix prot virt host indication compilation + * Skip rtcpie test in kselftests/timers if the default RTC device does not + exist (LP: #1937991) + - selftests: timers: rtcpie: skip test if default RTC device does not exist + * Focal update: v5.4.133 upstream stable release (LP: #1938713) + - drm/mxsfb: Don't select DRM_KMS_FB_HELPER + - drm/zte: Don't select DRM_KMS_FB_HELPER + - drm/amd/amdgpu/sriov disable all ip hw status by default + - drm/vc4: fix argument ordering in vc4_crtc_get_margins() + - net: pch_gbe: Use proper accessors to BE data in pch_ptp_match() + - drm/amd/display: fix use_max_lb flag for 420 pixel formats + - hugetlb: clear huge pte during flush function on mips platform + - atm: iphase: fix possible use-after-free in ia_module_exit() + - mISDN: fix possible use-after-free in HFC_cleanup() + - atm: nicstar: Fix possible use-after-free in nicstar_cleanup() + - net: Treat __napi_schedule_irqoff() as __napi_schedule() on PREEMPT_RT + - drm/mediatek: Fix PM reference leak in mtk_crtc_ddp_hw_init() + - reiserfs: add check for invalid 1st journal block + - drm/virtio: Fix double free on probe failure + - drm/sched: Avoid data corruptions + - udf: Fix NULL pointer dereference in udf_symlink function + - e100: handle eeprom as little endian + - igb: handle vlan types with checker enabled + - drm/bridge: cdns: Fix PM reference leak in cdns_dsi_transfer() + - clk: renesas: r8a77995: Add ZA2 clock + - clk: tegra: Ensure that PLLU configuration is applied properly + - ipv6: use prandom_u32() for ID generation + - RDMA/cxgb4: Fix missing error code in create_qp() + - dm space maps: don't reset space map allocation cursor when committing + - pinctrl: mcp23s08: fix race condition in irq handler + - ice: set the value of global config lock timeout longer + - virtio_net: Remove BUG() to avoid machine dead + - net: bcmgenet: check return value after calling platform_get_resource() + - net: mvpp2: check return value after calling platform_get_resource() + - net: micrel: check return value after calling platform_get_resource() + - drm/amd/display: Update scaling settings on modeset + - drm/amd/display: Release MST resources on switch from MST to SST + - drm/amd/display: Set DISPCLK_MAX_ERRDET_CYCLES to 7 + - drm/amdkfd: use allowed domain for vmbo validation + - fjes: check return value after calling platform_get_resource() + - selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC + - r8169: avoid link-up interrupt issue on RTL8106e if user enables ASPM + - drm/amd/display: Verify Gamma & Degamma LUT sizes in amdgpu_dm_atomic_check + - xfrm: Fix error reporting in xfrm_state_construct. + - wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP + - wl1251: Fix possible buffer overflow in wl1251_cmd_scan + - cw1200: add missing MODULE_DEVICE_TABLE + - bpf: Fix up register-based shifts in interpreter to silence KUBSAN + - mt76: mt7615: fix fixed-rate tx status reporting + - net: fix mistake path for netdev_features_strings + - net: sched: fix error return code in tcf_del_walker() + - drm/amdkfd: Walk through list with dqm lock hold + - rtl8xxxu: Fix device info for RTL8192EU devices + - atm: nicstar: use 'dma_free_coherent' instead of 'kfree' + - atm: nicstar: register the interrupt handler in the right place + - vsock: notify server to shutdown when client has pending signal + - RDMA/rxe: Don't overwrite errno from ib_umem_get() + - iwlwifi: mvm: don't change band on bound PHY contexts + - iwlwifi: pcie: free IML DMA memory allocation + - iwlwifi: pcie: fix context info freeing + - sfc: avoid double pci_remove of VFs + - sfc: error code if SRIOV cannot be disabled + - wireless: wext-spy: Fix out-of-bounds warning + - media, bpf: Do not copy more entries than user space requested + - net: ip: avoid OOM kills with large UDP sends over loopback + - RDMA/cma: Fix rdma_resolve_route() memory leak + - Bluetooth: btusb: Fixed too many in-token issue for Mediatek Chip. + - Bluetooth: Fix the HCI to MGMT status conversion table + - Bluetooth: Shutdown controller after workqueues are flushed or cancelled + - Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc. + - sctp: validate from_addr_param return + - sctp: add size validation when walking chunks + - MIPS: loongsoon64: Reserve memory below starting pfn to prevent Oops + - MIPS: set mips32r5 for virt extensions + - fscrypt: don't ignore minor_hash when hash is 0 + - crypto: ccp - Annotate SEV Firmware file names + - perf bench: Fix 2 memory sanitizer warnings + - powerpc/mm: Fix lockup on kernel exec fault + - powerpc/barrier: Avoid collision with clang's __lwsync macro + - drm/amdgpu: Update NV SIMD-per-CU to 2 + - drm/radeon: Add the missed drm_gem_object_put() in + radeon_user_framebuffer_create() + - drm/rockchip: dsi: remove extra component_del() call + - drm/amd/display: fix incorrrect valid irq check + - pinctrl/amd: Add device HID for new AMD GPIO controller + - drm/tegra: Don't set allow_fb_modifiers explicitly + - drm/msm/mdp4: Fix modifier support enabling + - drm/arm/malidp: Always list modifiers + - mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode + - mmc: core: clear flags before allowing to retune + - mmc: core: Allow UHS-I voltage switch for SDSC cards if supported + - ata: ahci_sunxi: Disable DIPM + - cpu/hotplug: Cure the cpusets trainwreck + - clocksource/arm_arch_timer: Improve Allwinner A64 timer workaround + - fpga: stratix10-soc: Add missing fpga_mgr_free() call + - MIPS: fix "mipsel-linux-ld: decompress.c:undefined reference to `memmove'" + - ASoC: tegra: Set driver_name=tegra for all machine drivers + - qemu_fw_cfg: Make fw_cfg_rev_attr a proper kobj_attribute + - ipmi/watchdog: Stop watchdog timer when the current action is 'none' + - thermal/drivers/int340x/processor_thermal: Fix tcc setting + - ubifs: Fix races between xattr_{set|get} and listxattr operations + - power: supply: ab8500: Fix an old bug + - nvmem: core: add a missing of_node_put + - extcon: intel-mrfld: Sync hardware and software state on init + - seq_buf: Fix overflow in seq_buf_putmem_hex() + - rq-qos: fix missed wake-ups in rq_qos_throttle try two + - tracing: Simplify & fix saved_tgids logic + - tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT + - ipack/carriers/tpci200: Fix a double free in tpci200_pci_probe + - coresight: tmc-etf: Fix global-out-of-bounds in tmc_update_etf_buffer() + - dm btree remove: assign new_root only when removal succeeds + - PCI: Leave Apple Thunderbolt controllers on for s2idle or standby + - PCI: aardvark: Fix checking for PIO Non-posted Request + - PCI: aardvark: Implement workaround for the readback value of VEND_ID + - media: subdev: disallow ioctl for saa6588/davinci + - media: dtv5100: fix control-request directions + - media: zr364xx: fix memory leak in zr364xx_start_readpipe + - media: gspca/sq905: fix control-request direction + - media: gspca/sunplus: fix zero-length control requests + - pinctrl: mcp23s08: Fix missing unlock on error in mcp23s08_irq() + - jfs: fix GPF in diFree + - smackfs: restrict bytes count in smk_set_cipso() + - Linux 5.4.133 + * Focal update: v5.4.132 upstream stable release (LP: #1938199) + - ALSA: usb-audio: fix rate on Ozone Z90 USB headset + - ALSA: usb-audio: Fix OOB access at proc output + - ALSA: usb-audio: scarlett2: Fix wrong resume call + - ALSA: intel8x0: Fix breakage at ac97 clock measurement + - ALSA: hda/realtek: Add another ALC236 variant support + - ALSA: hda/realtek: Improve fixup for HP Spectre x360 15-df0xxx + - ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D + - ALSA: hda/realtek: Apply LED fixup for HP Dragonfly G1, too + - media: dvb-usb: fix wrong definition + - Input: usbtouchscreen - fix control-request directions + - net: can: ems_usb: fix use-after-free in ems_usb_disconnect() + - usb: gadget: eem: fix echo command packet response issue + - USB: cdc-acm: blacklist Heimann USB Appset device + - usb: dwc3: Fix debugfs creation flow + - usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() + - xhci: solve a double free problem while doing s4 + - ntfs: fix validity check for file name attribute + - copy_page_to_iter(): fix ITER_DISCARD case + - iov_iter_fault_in_readable() should do nothing in xarray case + - Input: joydev - prevent use of not validated data in JSIOCSBTNMAP ioctl + - arm_pmu: Fix write counter incorrect in ARMv7 big-endian mode + - ARM: dts: at91: sama5d4: fix pinctrl muxing + - btrfs: send: fix invalid path for unlink operations after parent + orphanization + - btrfs: clear defrag status of a root if starting transaction fails + - ext4: cleanup in-core orphan list if ext4_truncate() failed to get a + transaction handle + - ext4: fix kernel infoleak via ext4_extent_header + - ext4: return error code when ext4_fill_flex_info() fails + - ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit + - ext4: remove check for zero nr_to_scan in ext4_es_scan() + - ext4: fix avefreec in find_group_orlov + - ext4: use ext4_grp_locked_error in mb_find_extent + - can: gw: synchronize rcu operations before removing gw job entry + - can: j1939: j1939_sk_init(): set SOCK_RCU_FREE to call sk_destruct() after + RCU is done + - can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in + TX path + - mac80211: remove iwlwifi specific workaround that broke sta NDP tx + - SUNRPC: Fix the batch tasks count wraparound. + - SUNRPC: Should wake up the privileged task firstly. + - perf/smmuv3: Don't trample existing events with global filter + - KVM: PPC: Book3S HV: Workaround high stack usage with clang + - s390/cio: dont call css_wait_for_slow_path() inside a lock + - rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path + - iio: light: tcs3472: do not free unallocated IRQ + - iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA + as volatile, too + - iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR + - iio: ltr501: ltr501_read_ps(): add missing endianness conversion + - serial: mvebu-uart: fix calculation of clock divisor + - serial: sh-sci: Stop dmaengine transfer in sci_stop_tx() + - serial_cs: Add Option International GSM-Ready 56K/ISDN modem + - serial_cs: remove wrong GLOBETROTTER.cis entry + - ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() + - ssb: sdio: Don't overwrite const buffer if block_write fails + - rsi: Assign beacon rate settings to the correct rate_info descriptor field + - rsi: fix AP mode with WPA failure due to encrypted EAPOL + - tracing/histograms: Fix parsing of "sym-offset" modifier + - tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing + - seq_buf: Make trace_seq_putmem_hex() support data longer than 8 + - powerpc/stacktrace: Fix spurious "stale" traces in raise_backtrace_ipi() + - evm: Execute evm_inode_init_security() only when an HMAC key is loaded + - evm: Refuse EVM_ALLOW_METADATA_WRITES only if an HMAC key is loaded + - fuse: ignore PG_workingset after stealing + - fuse: check connected before queueing on fpq->io + - fuse: reject internal errno + - spi: Make of_register_spi_device also set the fwnode + - media: mdk-mdp: fix pm_runtime_get_sync() usage count + - media: s5p: fix pm_runtime_get_sync() usage count + - media: sh_vou: fix pm_runtime_get_sync() usage count + - media: mtk-vcodec: fix PM runtime get logic + - media: s5p-jpeg: fix pm_runtime_get_sync() usage count + - media: sti/bdisp: fix pm_runtime_get_sync() usage count + - media: exynos-gsc: fix pm_runtime_get_sync() usage count + - spi: spi-loopback-test: Fix 'tx_buf' might be 'rx_buf' + - spi: spi-topcliff-pch: Fix potential double free in + pch_spi_process_messages() + - spi: omap-100k: Fix the length judgment problem + - regulator: uniphier: Add missing MODULE_DEVICE_TABLE + - hwrng: exynos - Fix runtime PM imbalance on error + - crypto: nx - add missing MODULE_DEVICE_TABLE + - media: sti: fix obj-$(config) targets + - media: cpia2: fix memory leak in cpia2_usb_probe + - media: cobalt: fix race condition in setting HPD + - media: pvrusb2: fix warning in pvr2_i2c_core_done + - media: imx: imx7_mipi_csis: Fix logging of only error event counters + - crypto: qat - check return code of qat_hal_rd_rel_reg() + - crypto: qat - remove unused macro in FW loader + - sched/fair: Fix ascii art by relpacing tabs + - media: em28xx: Fix possible memory leak of em28xx struct + - media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release + - media: bt8xx: Fix a missing check bug in bt878_probe + - media: st-hva: Fix potential NULL pointer dereferences + - Makefile: fix GDB warning with CONFIG_RELR + - media: dvd_usb: memory leak in cinergyt2_fe_attach + - memstick: rtsx_usb_ms: fix UAF + - mmc: sdhci-sprd: use sdhci_sprd_writew + - mmc: via-sdmmc: add a check against NULL pointer dereference + - crypto: shash - avoid comparing pointers to exported functions under CFI + - media: dvb_net: avoid speculation from net slot + - media: siano: fix device register error path + - media: imx-csi: Skip first few frames from a BT.656 source + - hwmon: (max31790) Report correct current pwm duty cycles + - hwmon: (max31790) Fix pwmX_enable attributes + - drivers/perf: fix the missed ida_simple_remove() in ddr_perf_probe() + - KVM: PPC: Book3S HV: Fix TLB management on SMT8 POWER9 and POWER10 + processors + - btrfs: fix error handling in __btrfs_update_delayed_inode + - btrfs: abort transaction if we fail to update the delayed inode + - btrfs: disable build on platforms having page size 256K + - locking/lockdep: Fix the dep path printing for backwards BFS + - lockding/lockdep: Avoid to find wrong lock dep path in check_irq_usage() + - KVM: s390: get rid of register asm usage + - regulator: mt6358: Fix vdram2 .vsel_mask + - regulator: da9052: Ensure enough delay time for .set_voltage_time_sel + - media: Fix Media Controller API config checks + - HID: do not use down_interruptible() when unbinding devices + - EDAC/ti: Add missing MODULE_DEVICE_TABLE + - ACPI: processor idle: Fix up C-state latency if not ordered + - hv_utils: Fix passing zero to 'PTR_ERR' warning + - lib: vsprintf: Fix handling of number field widths in vsscanf + - ACPI: EC: Make more Asus laptops use ECDT _GPE + - block_dump: remove block_dump feature in mark_inode_dirty() + - fs: dlm: cancel work sync othercon + - random32: Fix implicit truncation warning in prandom_seed_state() + - fs: dlm: fix memory leak when fenced + - ACPICA: Fix memory leak caused by _CID repair function + - ACPI: bus: Call kobject_put() in acpi_init() error path + - block: fix race between adding/removing rq qos and normal IO + - platform/x86: toshiba_acpi: Fix missing error code in + toshiba_acpi_setup_keyboard() + - nvmet-fc: do not check for invalid target port in nvmet_fc_handle_fcp_rqst() + - EDAC/Intel: Do not load EDAC driver when running as a guest + - PCI: hv: Add check for hyperv_initialized in init_hv_pci_drv() + - clocksource: Retry clock read if long delays detected + - ACPI: tables: Add custom DSDT file as makefile prerequisite + - HID: wacom: Correct base usage for capacitive ExpressKey status bits + - cifs: fix missing spinlock around update to ses->status + - block: fix discard request merge + - kthread_worker: fix return value when kthread_mod_delayed_work() races with + kthread_cancel_delayed_work_sync() + - ia64: mca_drv: fix incorrect array size calculation + - writeback, cgroup: increment isw_nr_in_flight before grabbing an inode + - media: s5p_cec: decrement usage count if disabled + - crypto: ixp4xx - dma_unmap the correct address + - crypto: ux500 - Fix error return code in hash_hw_final() + - sata_highbank: fix deferred probing + - pata_rb532_cf: fix deferred probing + - media: I2C: change 'RST' to "RSET" to fix multiple build errors + - sched/uclamp: Fix wrong implementation of cpu.uclamp.min + - sched/uclamp: Fix locking around cpu_util_update_eff() + - kbuild: run the checker after the compiler + - kbuild: Fix objtool dependency for 'OBJECT_FILES_NON_STANDARD_ := n' + - pata_octeon_cf: avoid WARN_ON() in ata_host_activate() + - evm: fix writing /evm overflow + - crypto: ccp - Fix a resource leak in an error handling path + - media: rc: i2c: Fix an error message + - pata_ep93xx: fix deferred probing + - media: exynos4-is: Fix a use after free in isp_video_release + - media: au0828: fix a NULL vs IS_ERR() check + - media: tc358743: Fix error return code in tc358743_probe_of() + - media: gspca/gl860: fix zero-length control requests + - m68k: atari: Fix ATARI_KBD_CORE kconfig unmet dependency warning + - media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() + - crypto: nitrox - fix unchecked variable in nitrox_register_interrupts + - crypto: omap-sham - Fix PM reference leak in omap sham ops + - mmc: usdhi6rol0: fix error return code in usdhi6_probe() + - arm64: consistently use reserved_pg_dir + - arm64/mm: Fix ttbr0 values stored in struct thread_info for software-pan + - media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx + - hwmon: (max31722) Remove non-standard ACPI device IDs + - hwmon: (max31790) Fix fan speed reporting for fan7..12 + - KVM: nVMX: Ensure 64-bit shift when checking VMFUNC bitmap + - regulator: hi655x: Fix pass wrong pointer to config.driver_data + - btrfs: clear log tree recovering status if starting transaction fails + - sched/rt: Fix RT utilization tracking during policy change + - sched/rt: Fix Deadline utilization tracking during policy change + - sched/uclamp: Fix uclamp_tg_restrict() + - spi: spi-sun6i: Fix chipselect/clock bug + - crypto: nx - Fix RCU warning in nx842_OF_upd_status + - ACPI: sysfs: Fix a buffer overrun problem with description_show() + - extcon: extcon-max8997: Fix IRQ freeing at error path + - blk-wbt: introduce a new disable state to prevent false positive by + rwb_enabled() + - blk-wbt: make sure throttle is enabled properly + - ACPI: Use DEVICE_ATTR_ macros + - ACPI: bgrt: Fix CFI violation + - cpufreq: Make cpufreq_online() call driver->offline() on errors + - ocfs2: fix snprintf() checking + - dax: fix ENOMEM handling in grab_mapping_entry() + - xfrm: xfrm_state_mtu should return at least 1280 for ipv6 + - video: fbdev: imxfb: Fix an error message + - net: mvpp2: Put fwnode in error case during ->probe() + - net: pch_gbe: Propagate error from devm_gpio_request_one() + - pinctrl: renesas: r8a7796: Add missing bias for PRESET# pin + - pinctrl: renesas: r8a77990: JTAG pins do not have pull-down capabilities + - clk: meson: g12a: fix gp0 and hifi ranges + - net: ftgmac100: add missing error return code in ftgmac100_probe() + - drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in + cdn_dp_grf_write() + - drm/rockchip: dsi: move all lane config except LCDC mux to bind() + - ehea: fix error return code in ehea_restart_qps() + - net/sched: act_vlan: Fix modify to allow 0 + - RDMA/core: Sanitize WQ state received from the userspace + - RDMA/rxe: Fix failure during driver load + - drm: qxl: ensure surf.data is ininitialized + - tools/bpftool: Fix error return code in do_batch() + - ath10k: go to path err_unsupported when chip id is not supported + - ath10k: add missing error return code in ath10k_pci_probe() + - wireless: carl9170: fix LEDS build errors & warnings + - ieee802154: hwsim: Fix possible memory leak in hwsim_subscribe_all_others + - wcn36xx: Move hal_buf allocation to devm_kmalloc in probe + - ssb: Fix error return code in ssb_bus_scan() + - brcmfmac: fix setting of station info chains bitmask + - brcmfmac: correctly report average RSSI in station info + - brcmsmac: mac80211_if: Fix a resource leak in an error handling path + - ath10k: Fix an error code in ath10k_add_interface() + - netlabel: Fix memory leak in netlbl_mgmt_add_common + - RDMA/mlx5: Don't add slave port to unaffiliated list + - netfilter: nft_exthdr: check for IPv6 packet before further processing + - netfilter: nft_osf: check for TCP packet before further processing + - netfilter: nft_tproxy: restrict support to TCP and UDP transport protocols + - RDMA/rxe: Fix qp reference counting for atomic ops + - samples/bpf: Fix the error return code of xdp_redirect's main() + - net: ethernet: aeroflex: fix UAF in greth_of_remove + - net: ethernet: ezchip: fix UAF in nps_enet_remove + - net: ethernet: ezchip: fix error handling + - vrf: do not push non-ND strict packets with a source LLA through packet taps + again + - net: sched: add barrier to ensure correct ordering for lockless qdisc + - tls: prevent oversized sendfile() hangs by ignoring MSG_MORE + - pkt_sched: sch_qfq: fix qfq_change_class() error path + - vxlan: add missing rcu_read_lock() in neigh_reduce() + - net/ipv4: swap flow ports when validating source + - tc-testing: fix list handling + - ieee802154: hwsim: Fix memory leak in hwsim_add_one + - ieee802154: hwsim: avoid possible crash in hwsim_del_edge_nl() + - mac80211: remove iwlwifi specific workaround NDPs of null_response + - net: bcmgenet: Fix attaching to PYH failed on RPi 4B + - ipv6: exthdrs: do not blindly use init_net + - bpf: Do not change gso_size during bpf_skb_change_proto() + - i40e: Fix error handling in i40e_vsi_open + - i40e: Fix autoneg disabling for non-10GBaseT links + - Revert "ibmvnic: remove duplicate napi_schedule call in open function" + - ibmvnic: free tx_pool if tso_pool alloc fails + - ipv6: fix out-of-bound access in ip6_parse_tlv() + - e1000e: Check the PCIm state + - bpfilter: Specify the log level for the kmsg message + - gve: Fix swapped vars when fetching max queues + - Revert "be2net: disable bh with spin_lock in be_process_mcc" + - Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid + - Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event + - clk: actions: Fix UART clock dividers on Owl S500 SoC + - clk: actions: Fix SD clocks factor table on Owl S500 SoC + - clk: actions: Fix bisp_factor_table based clocks on Owl S500 SoC + - clk: si5341: Avoid divide errors due to bogus register contents + - clk: si5341: Update initialization magic + - writeback: fix obtain a reference to a freeing memcg css + - net: lwtunnel: handle MTU calculation in forwading + - net: sched: fix warning in tcindex_alloc_perfect_hash + - RDMA/mlx5: Don't access NULL-cleared mpi pointer + - MIPS: Fix PKMAP with 32-bit MIPS huge page support + - staging: fbtft: Rectify GPIO handling + - rcu: Invoke rcu_spawn_core_kthreads() from rcu_spawn_gp_kthread() + - tty: nozomi: Fix a resource leak in an error handling function + - mwifiex: re-fix for unaligned accesses + - iio: adis_buffer: do not return ints in irq handlers + - iio: adis16400: do not return ints in irq handlers + - iio: accel: bma180: Fix buffer alignment in + iio_push_to_buffers_with_timestamp() + - iio: accel: bma220: Fix buffer alignment in + iio_push_to_buffers_with_timestamp() + - iio: accel: hid: Fix buffer alignment in + iio_push_to_buffers_with_timestamp() + - iio: accel: kxcjk-1013: Fix buffer alignment in + iio_push_to_buffers_with_timestamp() + - iio:accel:mxc4005: Drop unnecessary explicit casts in regmap_bulk_read calls + - iio: accel: mxc4005: Fix overread of data and alignment issue. + - iio: accel: stk8312: Fix buffer alignment in + iio_push_to_buffers_with_timestamp() + - iio: accel: stk8ba50: Fix buffer alignment in + iio_push_to_buffers_with_timestamp() + - iio: adc: ti-ads1015: Fix buffer alignment in + iio_push_to_buffers_with_timestamp() + - iio: adc: vf610: Fix buffer alignment in + iio_push_to_buffers_with_timestamp() + - iio: gyro: bmg160: Fix buffer alignment in + iio_push_to_buffers_with_timestamp() + - iio: humidity: am2315: Fix buffer alignment in + iio_push_to_buffers_with_timestamp() + - iio: prox: srf08: Fix buffer alignment in + iio_push_to_buffers_with_timestamp() + - iio: prox: pulsed-light: Fix buffer alignment in + iio_push_to_buffers_with_timestamp() + - iio: prox: as3935: Fix buffer alignment in + iio_push_to_buffers_with_timestamp() + - iio: magn: hmc5843: Fix buffer alignment in + iio_push_to_buffers_with_timestamp() + - iio: magn: bmc150: Fix buffer alignment in + iio_push_to_buffers_with_timestamp() + - iio: light: isl29125: Fix buffer alignment in + iio_push_to_buffers_with_timestamp() + - iio: light: tcs3414: Fix buffer alignment in + iio_push_to_buffers_with_timestamp() + - iio: light: tcs3472: Fix buffer alignment in + iio_push_to_buffers_with_timestamp() + - iio: cros_ec_sensors: Fix alignment of buffer in + iio_push_to_buffers_with_timestamp() + - iio: potentiostat: lmp91000: Fix alignment of buffer in + iio_push_to_buffers_with_timestamp() + - ASoC: rk3328: fix missing clk_disable_unprepare() on error in + rk3328_platform_probe() + - ASoC: hisilicon: fix missing clk_disable_unprepare() on error in + hi6210_i2s_startup() + - backlight: lm3630a_bl: Put fwnode in error case during ->probe() + - ASoC: rsnd: tidyup loop on rsnd_adg_clk_query() + - Input: hil_kbd - fix error return code in hil_dev_connect() + - mtd: partitions: redboot: seek fis-index-block in the right node + - char: pcmcia: error out if 'num_bytes_read' is greater than 4 in + set_protocol() + - firmware: stratix10-svc: Fix a resource leak in an error handling path + - tty: nozomi: Fix the error handling path of 'nozomi_card_init()' + - leds: lm3532: select regmap I2C API + - leds: lm36274: cosmetic: rename lm36274_data to chip + - leds: lm3692x: Put fwnode in any case during ->probe() + - scsi: FlashPoint: Rename si_flags field + - fsi: core: Fix return of error values on failures + - fsi: scom: Reset the FSI2PIB engine for any error + - fsi: occ: Don't accept response from un-initialized OCC + - fsi/sbefifo: Clean up correct FIFO when receiving reset request from SBE + - fsi/sbefifo: Fix reset timeout + - visorbus: fix error return code in visorchipset_init() + - s390: appldata depends on PROC_SYSCTL + - iommu/dma: Fix IOVA reserve dma ranges + - ASoC: mediatek: mtk-btcvsd: Fix an error handling path in + 'mtk_btcvsd_snd_probe()' + - usb: gadget: f_fs: Fix setting of device and driver data cross-references + - usb: dwc2: Don't reset the core after setting turnaround time + - eeprom: idt_89hpesx: Put fwnode in matching case during ->probe() + - eeprom: idt_89hpesx: Restore printing the unsupported fwnode name + - iio: at91-sama5d2_adc: remove usage of iio_priv_to_dev() helper + - iio: adc: at91-sama5d2: Fix buffer alignment in + iio_push_to_buffers_with_timestamp() + - iio: adc: hx711: Fix buffer alignment in + iio_push_to_buffers_with_timestamp() + - iio: adc: mxs-lradc: Fix buffer alignment in + iio_push_to_buffers_with_timestamp() + - iio: adc: ti-ads8688: Fix alignment of buffer in + iio_push_to_buffers_with_timestamp() + - iio: magn: rm3100: Fix alignment of buffer in + iio_push_to_buffers_with_timestamp() + - staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() + - staging: gdm724x: check for overflow in gdm_lte_netif_rx() + - staging: rtl8712: remove redundant check in r871xu_drv_init + - staging: rtl8712: fix memory leak in rtl871x_load_fw_cb + - staging: mt7621-dts: fix pci address for PCI memory range + - serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates + - iio: light: vcnl4035: Fix buffer alignment in + iio_push_to_buffers_with_timestamp() + - iio: prox: isl29501: Fix buffer alignment in + iio_push_to_buffers_with_timestamp() + - ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK + - of: Fix truncation of memory sizes on 32-bit platforms + - mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in + marvell_nfc_resume() + - scsi: mpt3sas: Fix error return value in _scsih_expander_add() + - soundwire: stream: Fix test for DP prepare complete + - phy: uniphier-pcie: Fix updating phy parameters + - phy: ti: dm816x: Fix the error handling path in 'dm816x_usb_phy_probe() + - extcon: sm5502: Drop invalid register write in sm5502_reg_data + - extcon: max8997: Add missing modalias string + - ASoC: atmel-i2s: Fix usage of capture and playback at the same time + - configfs: fix memleak in configfs_release_bin_file + - leds: as3645a: Fix error return code in as3645a_parse_node() + - leds: ktd2692: Fix an error handling path + - powerpc: Offline CPU in stop_this_cpu() + - serial: mvebu-uart: do not allow changing baudrate when uartclk is not + available + - serial: mvebu-uart: correctly calculate minimal possible baudrate + - arm64: dts: marvell: armada-37xx: Fix reg for standard variant of UART + - vfio/pci: Handle concurrent vma faults + - mm/huge_memory.c: don't discard hugepage if other processes are mapping it + - mm/z3fold: fix potential memory leak in z3fold_destroy_pool() + - selftests/vm/pkeys: fix alloc_random_pkey() to make it really, really random + - perf llvm: Return -ENOMEM when asprintf() fails + - scsi: target: cxgbit: Unmap DMA buffer before calling target_execute_cmd() + - mmc: block: Disable CMDQ on the ioctl path + - mmc: vub3000: fix control-request direction + - scsi: core: Retry I/O for Notify (Enable Spinup) Required error + - iommu/dma: Fix compile warning in 32-bit builds + - Linux 5.4.132 + * Keyboard not working (LP: #1909814) // Focal update: v5.4.132 upstream + stable release (LP: #1938199) + - ACPI: resources: Add checks for ACPI IRQ override + * Focal update: v5.4.131 upstream stable release (LP: #1936245) + - KVM: SVM: Periodically schedule when unregistering regions on destroy + - s390/stack: fix possible register corruption with stack switch helper + - KVM: SVM: Call SEV Guest Decommission if ASID binding fails + - xen/events: reset active flag for lateeoi events later + - Linux 5.4.131 + * Focal update: v5.4.130 upstream stable release (LP: #1936244) + - scsi: sr: Return appropriate error code when disk is ejected + - drm/nouveau: fix dma_address check for CPU/GPU sync + - gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP + - RDMA/mlx5: Block FDB rules when not in switchdev mode + - Linux 5.4.130 + * Focal update: v5.4.129 upstream stable release (LP: #1936242) + - module: limit enabling module.sig_enforce + - drm/nouveau: wait for moving fence after pinning v2 + - drm/radeon: wait for moving fence after pinning + - ARM: 9081/1: fix gcc-10 thumb2-kernel regression + - mmc: meson-gx: use memcpy_to/fromio for dram-access-quirk + - kbuild: add CONFIG_LD_IS_LLD + - arm64: link with -z norelro for LLD or aarch64-elf + - MIPS: generic: Update node names to avoid unit addresses + - spi: spi-nxp-fspi: move the register operation after the clock enable + - Revert "PCI: PM: Do not read power state in pci_enable_device_flags()" + - dmaengine: zynqmp_dma: Fix PM reference leak in + zynqmp_dma_alloc_chan_resourc() + - mac80211: remove warning in ieee80211_get_sband() + - mac80211_hwsim: drop pending frames on stop + - cfg80211: call cfg80211_leave_ocb when switching away from OCB + - dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe() + - dmaengine: mediatek: free the proper desc in desc_free handler + - dmaengine: mediatek: do not issue a new desc if one is still current + - dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma + - net: ipv4: Remove unneed BUG() function + - mac80211: drop multicast fragments + - net: ethtool: clear heap allocations for ethtool function + - ping: Check return value of function 'ping_queue_rcv_skb' + - inet: annotate date races around sk->sk_txhash + - net: phy: dp83867: perform soft reset and retain established link + - net: caif: fix memory leak in ldisc_open + - net/packet: annotate accesses to po->bind + - net/packet: annotate accesses to po->ifindex + - r8152: Avoid memcpy() over-reading of ETH_SS_STATS + - sh_eth: Avoid memcpy() over-reading of ETH_SS_STATS + - r8169: Avoid memcpy() over-reading of ETH_SS_STATS + - KVM: selftests: Fix kvm_check_cap() assertion + - net: qed: Fix memcpy() overflow of qed_dcbx_params() + - recordmcount: Correct st_shndx handling + - PCI: Add AMD RS690 quirk to enable 64-bit DMA + - net: ll_temac: Add memory-barriers for TX BD access + - net: ll_temac: Avoid ndo_start_xmit returning NETDEV_TX_BUSY + - pinctrl: stm32: fix the reported number of GPIO lines per bank + - nilfs2: fix memory leak in nilfs_sysfs_delete_device_group + - KVM: do not allow mapping valid but non-reference-counted pages + - i2c: robotfuzz-osif: fix control-request directions + - kthread_worker: split code for canceling the delayed work timer + - kthread: prevent deadlock when kthread_mod_delayed_work() races with + kthread_cancel_delayed_work_sync() + - mm: add VM_WARN_ON_ONCE_PAGE() macro + - mm/rmap: remove unneeded semicolon in page_not_mapped() + - mm/rmap: use page_not_mapped in try_to_unmap() + - mm, thp: use head page in __migration_entry_wait() + - mm/thp: fix __split_huge_pmd_locked() on shmem migration entry + - mm/thp: make is_huge_zero_pmd() safe and quicker + - mm/thp: try_to_unmap() use TTU_SYNC for safe splitting + - mm/thp: fix vma_address() if virtual address below file offset + - mm/thp: fix page_address_in_vma() on file THP tails + - mm/thp: unmap_mapping_page() to fix THP truncate_cleanup_page() + - mm: thp: replace DEBUG_VM BUG with VM_WARN when unmap fails for split + - mm: page_vma_mapped_walk(): use page for pvmw->page + - mm: page_vma_mapped_walk(): settle PageHuge on entry + - mm: page_vma_mapped_walk(): use pmde for *pvmw->pmd + - mm: page_vma_mapped_walk(): prettify PVMW_MIGRATION block + - mm: page_vma_mapped_walk(): crossing page table boundary + - mm: page_vma_mapped_walk(): add a level of indentation + - mm: page_vma_mapped_walk(): use goto instead of while (1) + - mm: page_vma_mapped_walk(): get vma_address_end() earlier + - mm/thp: fix page_vma_mapped_walk() if THP mapped by ptes + - mm/thp: another PVMW_SYNC fix in page_vma_mapped_walk() + - mm, futex: fix shared futex pgoff on shmem huge page + - [Config] enable CONFIG_SYSTEM_REVOCATION_LIST + - certs: Add EFI_CERT_X509_GUID support for dbx entries + - certs: Move load_system_certificate_list to a common function + - Linux 5.4.129 + * Patch To Fix Bug in the Linux Block Layer Responsible For Merging BIOs + (LP: #1931497) + - block: return the correct bvec when checking for gaps + + -- Kelsey Skunberg Thu, 02 Sep 2021 11:47:18 -0600 + +linux-ibm (5.4.0-1003.4) focal; urgency=medium + + * focal/linux-ibm: 5.4.0-1003.4 -proposed tracker (LP: #1938357) + + * Packaging resync (LP: #1786013) + - [Packaging] update variants + + * Miscellaneous Ubuntu changes + - [packaging] debian.ibm: update inclusion-list + - [packaging] ibm: update annotations to v3 + - [packaging] ibm: Update amd64.mk to remove nvidia/hyperv + - [packaging] ibm: Remove dependency of modules-extra on wireless stuff + + [ Ubuntu: 5.4.0-81.91 ] + + * Packaging resync (LP: #1786013) + - update dkms package versions + * large_dir in ext4 broken (LP: #1933074) + - SAUCE: ext4: fix directory index node split corruption + * Some test in kselftest/net on focal source tree were not tested at all + (LP: #1934282) + - selftests/net: add missing tests to Makefile + * curtin: install flash-kernel in arm64 UEFI unexpected (LP: #1918427) + - [Packaging] Allow grub-efi-arm* to satisfy recommends on ARM + * Add l2tp.sh in net from ubuntu_kernel_selftests back (LP: #1934293) + - Revert "UBUNTU: SAUCE: selftests/net -- disable l2tp.sh test" + * icmp_redirect.sh in net from ubuntu_kernel_selftests failed on F-OEM-5.6 / + F-OEM-5.10 / F-OEM-5.13 / F / G / H (LP: #1880645) + - selftests: icmp_redirect: support expected failures + * Focal update: v5.4.128 upstream stable release (LP: #1934179) + - dmaengine: ALTERA_MSGDMA depends on HAS_IOMEM + - dmaengine: QCOM_HIDMA_MGMT depends on HAS_IOMEM + - dmaengine: stedma40: add missing iounmap() on error in d40_probe() + - afs: Fix an IS_ERR() vs NULL check + - mm/memory-failure: make sure wait for page writeback in memory_failure + - kvm: LAPIC: Restore guard to prevent illegal APIC register access + - batman-adv: Avoid WARN_ON timing related checks + - net: ipv4: fix memory leak in netlbl_cipsov4_add_std + - vrf: fix maximum MTU + - net: rds: fix memory leak in rds_recvmsg + - net: lantiq: disable interrupt before sheduling NAPI + - udp: fix race between close() and udp_abort() + - rtnetlink: Fix regression in bridge VLAN configuration + - net/sched: act_ct: handle DNAT tuple collision + - net/mlx5e: Remove dependency in IPsec initialization flows + - net/mlx5e: Fix page reclaim for dead peer hairpin + - net/mlx5: Consider RoCE cap before init RDMA resources + - net/mlx5e: allow TSO on VXLAN over VLAN topologies + - net/mlx5e: Block offload of outer header csum for UDP tunnels + - netfilter: synproxy: Fix out of bounds when parsing TCP options + - sch_cake: Fix out of bounds when parsing TCP options and header + - alx: Fix an error handling path in 'alx_probe()' + - net: stmmac: dwmac1000: Fix extended MAC address registers definition + - net: make get_net_ns return error if NET_NS is disabled + - qlcnic: Fix an error handling path in 'qlcnic_probe()' + - netxen_nic: Fix an error handling path in 'netxen_nic_probe()' + - net: qrtr: fix OOB Read in qrtr_endpoint_post + - ptp: improve max_adj check against unreasonable values + - net: cdc_ncm: switch to eth%d interface naming + - lantiq: net: fix duplicated skb in rx descriptor ring + - net: usb: fix possible use-after-free in smsc75xx_bind + - net: fec_ptp: fix issue caused by refactor the fec_devtype + - net: ipv4: fix memory leak in ip_mc_add1_src + - net/af_unix: fix a data-race in unix_dgram_sendmsg / unix_release_sock + - be2net: Fix an error handling path in 'be_probe()' + - net: hamradio: fix memory leak in mkiss_close + - net: cdc_eem: fix tx fixup skb leak + - cxgb4: fix wrong shift. + - bnxt_en: Rediscover PHY capabilities after firmware reset + - bnxt_en: Call bnxt_ethtool_free() in bnxt_init_one() error path + - icmp: don't send out ICMP messages with a source address of 0.0.0.0 + - net: ethernet: fix potential use-after-free in ec_bhf_remove + - regulator: bd70528: Fix off-by-one for buck123 .n_voltages setting + - ASoC: rt5659: Fix the lost powers for the HDA header + - spi: stm32-qspi: Always wait BUSY bit to be cleared in stm32_qspi_wait_cmd() + - pinctrl: ralink: rt2880: avoid to error in calls is pin is already enabled + - radeon: use memcpy_to/fromio for UVD fw upload + - hwmon: (scpi-hwmon) shows the negative temperature properly + - can: bcm: fix infoleak in struct bcm_msg_head + - can: bcm/raw/isotp: use per module netdevice notifier + - can: j1939: fix Use-after-Free, hold skb ref while in use + - can: mcba_usb: fix memory leak in mcba_usb + - usb: core: hub: Disable autosuspend for Cypress CY7C65632 + - tracing: Do not stop recording cmdlines when tracing is off + - tracing: Do not stop recording comms if the trace file is being read + - tracing: Do no increment trace_clock_global() by one + - PCI: Mark TI C667X to avoid bus reset + - PCI: Mark some NVIDIA GPUs to avoid bus reset + - PCI: aardvark: Don't rely on jiffies while holding spinlock + - PCI: aardvark: Fix kernel panic during PIO transfer + - PCI: Add ACS quirk for Broadcom BCM57414 NIC + - PCI: Work around Huawei Intelligent NIC VF FLR erratum + - KVM: x86: Immediately reset the MMU context when the SMM flag is cleared + - ARCv2: save ABI registers across signal handling + - x86/process: Check PF_KTHREAD and not current->mm for kernel threads + - x86/pkru: Write hardware init value to PKRU when xstate is init + - x86/fpu: Reset state for all signal restore failures + - dmaengine: pl330: fix wrong usage of spinlock flags in dma_cyclc + - cfg80211: make certificate generation more robust + - cfg80211: avoid double free of PMSR request + - net: ll_temac: Make sure to free skb when it is completely used + - net: ll_temac: Fix TX BD buffer overwrite + - net: bridge: fix vlan tunnel dst null pointer dereference + - net: bridge: fix vlan tunnel dst refcnt when egressing + - mm/slub: clarify verification reporting + - mm/slub: fix redzoning for small allocations + - mm/slub.c: include swab.h + - net: stmmac: disable clocks in stmmac_remove_config_dt() + - net: fec_ptp: add clock rate zero check + - tools headers UAPI: Sync linux/in.h copy with the kernel sources + - KVM: arm/arm64: Fix KVM_VGIC_V3_ADDR_TYPE_REDIST read + - ARM: OMAP: replace setup_irq() by request_irq() + - clocksource/drivers/timer-ti-dm: Add clockevent and clocksource support + - clocksource/drivers/timer-ti-dm: Prepare to handle dra7 timer wrap issue + - clocksource/drivers/timer-ti-dm: Handle dra7 timer wrap errata i940 + - usb: dwc3: debugfs: Add and remove endpoint dirs dynamically + - usb: dwc3: core: fix kernel panic when do reboot + - Linux 5.4.128 + * linux-azure CIFS DFS oops (LP: #1935833) + - cifs: get rid of unused parameter in reconn_setup_dfs_targets() + - cifs: handle empty list of targets in cifs_reconnect() + * pmtu.sh from net in ubuntu_kernel_selftests failed with no error message + (LP: #1887661) + - selftests: pmtu.sh: improve the test result processing + * cifs: On cifs_reconnect, resolve the hostname again (LP: #1929831) + - cifs: rename reconn_inval_dfs_target() + - cifs: Simplify reconnect code when dfs upcall is enabled + - cifs: Avoid error pointer dereference + - cifs: On cifs_reconnect, resolve the hostname again. + * Pixel format change broken for Elgato Cam Link 4K (LP: #1932367) + - (upstream) media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K + * Focal update: v5.4.127 upstream stable release (LP: #1933851) + - net: ieee802154: fix null deref in parse dev addr + - HID: quirks: Set INCREMENT_USAGE_ON_DUPLICATE for Saitek X65 + - HID: hid-input: add mapping for emoji picker key + - HID: hid-sensor-hub: Return error for hid_set_field() failure + - HID: quirks: Add quirk for Lenovo optical mouse + - HID: multitouch: set Stylus suffix for Stylus-application devices, too + - HID: Add BUS_VIRTUAL to hid_connect logging + - HID: usbhid: fix info leak in hid_submit_ctrl + - drm/tegra: sor: Do not leak runtime PM reference + - ARM: OMAP2+: Fix build warning when mmc_omap is not built + - gfs2: Prevent direct-I/O write fallback errors from getting lost + - HID: gt683r: add missing MODULE_DEVICE_TABLE + - riscv: Use -mno-relax when using lld linker + - gfs2: Fix use-after-free in gfs2_glock_shrink_scan + - scsi: target: core: Fix warning on realtime kernels + - ethernet: myri10ge: Fix missing error code in myri10ge_probe() + - scsi: qedf: Do not put host in qedf_vport_create() unconditionally + - scsi: scsi_devinfo: Add blacklist entry for HPE OPEN-V + - nvme-loop: reset queue count to 1 in nvme_loop_destroy_io_queues() + - nvme-loop: clear NVME_LOOP_Q_LIVE when nvme_loop_configure_admin_queue() + fails + - nvme-loop: check for NVME_LOOP_Q_LIVE in nvme_loop_destroy_admin_queue() + - net: ipconfig: Don't override command-line hostnames or domains + - drm/amd/display: Allow bandwidth validation for 0 streams. + - rtnetlink: Fix missing error code in rtnl_bridge_notify() + - net/x25: Return the correct errno code + - net: Return the correct errno code + - fib: Return the correct errno code + - Linux 5.4.127 + * Focal update: v5.4.126 upstream stable release (LP: #1933369) + - proc: Check /proc/$pid/attr/ writes against file opener + - proc: Track /proc/$pid/attr/ opener mm_struct + - ASoC: max98088: fix ni clock divider calculation + - spi: Fix spi device unregister flow + - net/nfc/rawsock.c: fix a permission check bug + - usb: cdns3: Fix runtime PM imbalance on error + - ASoC: Intel: bytcr_rt5640: Add quirk for the Glavey TM800A550L tablet + - ASoC: Intel: bytcr_rt5640: Add quirk for the Lenovo Miix 3-830 tablet + - vfio-ccw: Serialize FSM IDLE state with I/O completion + - ASoC: sti-sas: add missing MODULE_DEVICE_TABLE + - spi: sprd: Add missing MODULE_DEVICE_TABLE + - isdn: mISDN: netjet: Fix crash in nj_probe: + - bonding: init notify_work earlier to avoid uninitialized use + - netlink: disable IRQs for netlink_lock_table() + - net: mdiobus: get rid of a BUG_ON() + - cgroup: disable controllers at parse time + - wq: handle VM suspension in stall detection + - net/qla3xxx: fix schedule while atomic in ql_sem_spinlock + - RDS tcp loopback connection can hang + - scsi: bnx2fc: Return failure if io_req is already in ABTS processing + - scsi: vmw_pvscsi: Set correct residual data length + - scsi: hisi_sas: Drop free_irq() of devm_request_irq() allocated irq + - scsi: target: qla2xxx: Wait for stop_phase1 at WWN removal + - net: macb: ensure the device is available before accessing GEMGXL control + registers + - net: appletalk: cops: Fix data race in cops_probe1 + - net: dsa: microchip: enable phy errata workaround on 9567 + - nvme-fabrics: decode host pathing error for connect + - MIPS: Fix kernel hang under FUNCTION_GRAPH_TRACER and PREEMPT_TRACER + - dm verity: fix require_signatures module_param permissions + - bnx2x: Fix missing error code in bnx2x_iov_init_one() + - nvme-tcp: remove incorrect Kconfig dep in BLK_DEV_NVME + - powerpc/fsl: set fsl,i2c-erratum-a004447 flag for P2041 i2c controllers + - powerpc/fsl: set fsl,i2c-erratum-a004447 flag for P1010 i2c controllers + - spi: Don't have controller clean up spi device before driver unbind + - spi: Cleanup on failure of initial setup + - i2c: mpc: Make use of i2c_recover_bus() + - i2c: mpc: implement erratum A-004447 workaround + - x86/boot: Add .text.* to setup.ld + - spi: bcm2835: Fix out-of-bounds access with more than 4 slaves + - drm: Fix use-after-free read in drm_getunique() + - drm: Lock pointer access in drm_master_release() + - kvm: avoid speculation-based attacks from out-of-range memslot accesses + - staging: rtl8723bs: Fix uninitialized variables + - btrfs: return value from btrfs_mark_extent_written() in case of error + - btrfs: promote debugging asserts to full-fledged checks in validate_super + - cgroup1: don't allow '\n' in renaming + - USB: f_ncm: ncm_bitrate (speed) is unsigned + - usb: f_ncm: only first packet of aggregate needs to start timer + - usb: pd: Set PD_T_SINK_WAIT_CAP to 310ms + - usb: dwc3: ep0: fix NULL pointer exception + - usb: musb: fix MUSB_QUIRK_B_DISCONNECT_99 handling + - usb: typec: wcove: Use LE to CPU conversion when accessing msg->header + - usb: typec: ucsi: Clear PPM capability data in ucsi_init() error path + - usb: gadget: f_fs: Ensure io_completion_wq is idle during unbind + - USB: serial: ftdi_sio: add NovaTech OrionMX product ID + - USB: serial: omninet: add device id for Zyxel Omni 56K Plus + - USB: serial: quatech2: fix control-request directions + - USB: serial: cp210x: fix alternate function for CP2102N QFN20 + - usb: gadget: eem: fix wrong eem header operation + - usb: fix various gadgets null ptr deref on 10gbps cabling. + - usb: fix various gadget panics on 10gbps cabling + - regulator: core: resolve supply for boot-on/always-on regulators + - regulator: max77620: Use device_set_of_node_from_dev() + - usb: typec: mux: Fix copy-paste mistake in typec_mux_match + - RDMA/ipoib: Fix warning caused by destroying non-initial netns + - RDMA/mlx4: Do not map the core_clock page to user space unless enabled + - vmlinux.lds.h: Avoid orphan section with !SMP + - perf: Fix data race between pin_count increment/decrement + - sched/fair: Make sure to update tg contrib for blocked load + - KVM: x86: Ensure liveliness of nested VM-Enter fail tracepoint message + - IB/mlx5: Fix initializing CQ fragments buffer + - NFS: Fix a potential NULL dereference in nfs_get_client() + - NFSv4: Fix deadlock between nfs4_evict_inode() and nfs4_opendata_get_inode() + - perf session: Correct buffer copying when peeking events + - kvm: fix previous commit for 32-bit builds + - NFS: Fix use-after-free in nfs4_init_client() + - NFSv4: Fix second deadlock in nfs4_evict_inode() + - NFSv4: nfs4_proc_set_acl needs to restore NFS_CAP_UIDGID_NOMAP on error. + - scsi: core: Fix error handling of scsi_host_alloc() + - scsi: core: Fix failure handling of scsi_add_host_with_dma() + - scsi: core: Put .shost_dev in failure path if host state changes to RUNNING + - scsi: core: Only put parent device if host state differs from SHOST_CREATED + - ftrace: Do not blindly read the ip address in ftrace_bug() + - tracing: Correct the length check which causes memory corruption + - proc: only require mm_struct for writing + - Linux 5.4.126 + * Focal update: v5.4.125 upstream stable release (LP: #1932957) + - btrfs: tree-checker: do not error out if extent ref hash doesn't match + - net: usb: cdc_ncm: don't spew notifications + - ALSA: usb: update old-style static const declaration + - nl80211: validate key indexes for cfg80211_registered_device + - hwmon: (dell-smm-hwmon) Fix index values + - netfilter: conntrack: unregister ipv4 sockopts on error unwind + - efi: Allow EFI_MEMORY_XP and EFI_MEMORY_RO both to be cleared + - efi: cper: fix snprintf() use in cper_dimm_err_location() + - vfio/pci: Fix error return code in vfio_ecap_init() + - vfio/pci: zap_vma_ptes() needs MMU + - samples: vfio-mdev: fix error handing in mdpy_fb_probe() + - vfio/platform: fix module_put call in error flow + - ipvs: ignore IP_VS_SVC_F_HASHED flag when adding service + - HID: pidff: fix error return code in hid_pidff_init() + - HID: i2c-hid: fix format string mismatch + - net/sched: act_ct: Fix ct template allocation for zone 0 + - ACPICA: Clean up context mutex during object deletion + - netfilter: nft_ct: skip expectations for confirmed conntrack + - netfilter: nfnetlink_cthelper: hit EBUSY on updates if size mismatches + - ieee802154: fix error return code in ieee802154_add_iface() + - ieee802154: fix error return code in ieee802154_llsec_getparams() + - ixgbevf: add correct exception tracing for XDP + - ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions + - ice: write register with correct offset + - ice: Fix VFR issues for AVF drivers that expect ATQLEN cleared + - ice: Allow all LLDP packets from PF to Tx + - i2c: qcom-geni: Add shutdown callback for i2c + - i40e: optimize for XDP_REDIRECT in xsk path + - i40e: add correct exception tracing for XDP + - arm64: dts: ls1028a: fix memory node + - arm64: dts: zii-ultra: fix 12V_MAIN voltage + - ARM: dts: imx7d-meerkat96: Fix the 'tuning-step' property + - ARM: dts: imx7d-pico: Fix the 'tuning-step' property + - ARM: dts: imx: emcon-avari: Fix nxp,pca8574 #gpio-cells + - bus: ti-sysc: Fix flakey idling of uarts and stop using swsup_sidle_act + - tipc: add extack messages for bearer/media failure + - tipc: fix unique bearer names sanity check + - Bluetooth: fix the erroneous flush_work() order + - Bluetooth: use correct lock to prevent UAF of hdev object + - net: caif: added cfserl_release function + - net: caif: add proper error handling + - net: caif: fix memory leak in caif_device_notify + - net: caif: fix memory leak in cfusbl_device_notify + - HID: i2c-hid: Skip ELAN power-on command after reset + - HID: magicmouse: fix NULL-deref on disconnect + - HID: multitouch: require Finger field to mark Win8 reports as MT + - ALSA: timer: Fix master timer notification + - ALSA: hda: Fix for mute key LED for HP Pavilion 15-CK0xx + - ARM: dts: imx6dl-yapp4: Fix RGMII connection to QCA8334 switch + - ARM: dts: imx6q-dhcom: Add PU,VDD1P1,VDD2P5 regulators + - ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed + - usb: dwc2: Fix build in periphal-only mode + - pid: take a reference when initializing `cad_pid` + - ocfs2: fix data corruption by fallocate + - nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect + - drm/amdgpu: Don't query CE and UE errors + - drm/amdgpu: make sure we unpin the UVD BO + - x86/apic: Mark _all_ legacy interrupts when IO/APIC is missing + - btrfs: mark ordered extent and inode with error if we fail to finish + - btrfs: fix error handling in btrfs_del_csums + - btrfs: return errors from btrfs_del_csums in cleanup_ref_head + - btrfs: fixup error handling in fixup_inode_link_counts + - mm, hugetlb: fix simple resv_huge_pages underflow on UFFDIO_COPY + - bnxt_en: Remove the setting of dev_port. + - mm: add thp_order + - XArray: add xa_get_order + - XArray: add xas_split + - mm/filemap: fix storing to a THP shadow entry + - btrfs: fix unmountable seed device after fstrim + - KVM: SVM: Truncate GPR value for DR and CR accesses in !64-bit mode + - KVM: arm64: Fix debug register indexing + - lib/lz4: explicitly support in-place decompression + - xen-pciback: redo VF placement in the virtual topology + - i2c: qcom-geni: Suspend and resume the bus during SYSTEM_SLEEP_PM ops + - neighbour: allow NUD_NOARP entries to be forced GCed + - Linux 5.4.125 + + [ Ubuntu: 5.4.0-80.90 ] + + * CVE-2021-33909 + - SAUCE: seq_file: Disallow extremely large seq buffer allocations + + -- Khalid Elmously Fri, 13 Aug 2021 00:54:04 -0400 + +linux-ibm (5.4.0-1002.2) focal; urgency=medium + + * Miscellaneous Ubuntu changes + - [ibm] Convert to f/ibm instead of b/ibm-5.4 + - [config] updateconfig after converting to f/ibm + + [ Ubuntu: 5.4.0-79.88 ] + + * focal/linux: 5.4.0-79.88 -proposed tracker (LP: #1934343) + * lxd exec fails (LP: #1934187) + - SAUCE: Revert "proc: Check /proc/$pid/attr/ writes against file opener" + + [ Ubuntu: 5.4.0-78.87 ] + + * focal/linux: 5.4.0-78.87 -proposed tracker (LP: #1932478) + * Packaging resync (LP: #1786013) + - [Packaging] resync getabis + - [Packaging] update helper scripts + - update dkms package versions + * Disable hv-kvp-daemon.service on certain instance types (LP: #1932081) + - [Packaging]: Add kernel command line condition to hv-kvp-daemon service + * QLogic Direct-Connect host can't discover SCSI-FC or NVMe/FC devices + (LP: #1860724) + - scsi: qla2xxx: Serialize fc_port alloc in N2N + - scsi: qla2xxx: Set Nport ID for N2N + - scsi: qla2xxx: Fix point-to-point (N2N) device discovery issue + - scsi: qla2xxx: Fix N2N and NVMe connect retry failure + * [SRU] Add support for E810 NIC to Ice Driver in Focal (LP: #1912511) + - ice: add additional E810 device id + * Focal update: v5.4.124 upstream stable release (LP: #1931166) + - ALSA: hda/realtek: Headphone volume is controlled by Front mixer + - ALSA: usb-audio: scarlett2: Fix device hang with ehci-pci + - ALSA: usb-audio: scarlett2: Improve driver startup messages + - cifs: set server->cipher_type to AES-128-CCM for SMB3.0 + - NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return() + - iommu/vt-d: Fix sysfs leak in alloc_iommu() + - perf intel-pt: Fix sample instruction bytes + - perf intel-pt: Fix transaction abort handling + - perf scripts python: exported-sql-viewer.py: Fix copy to clipboard from Top + Calls by elapsed Time report + - perf scripts python: exported-sql-viewer.py: Fix Array TypeError + - perf scripts python: exported-sql-viewer.py: Fix warning display + - proc: Check /proc/$pid/attr/ writes against file opener + - net: hso: fix control-request directions + - ath10k: Validate first subframe of A-MSDU before processing the list + - dm snapshot: properly fix a crash when an origin has no snapshots + - drm/amdgpu/vcn1: add cancel_delayed_work_sync before power gate + - drm/amdgpu/vcn2.0: add cancel_delayed_work_sync before power gate + - drm/amdgpu/vcn2.5: add cancel_delayed_work_sync before power gate + - selftests/gpio: Use TEST_GEN_PROGS_EXTENDED + - selftests/gpio: Move include of lib.mk up + - selftests/gpio: Fix build when source tree is read only + - kgdb: fix gcc-11 warnings harder + - Documentation: seccomp: Fix user notification documentation + - serial: core: fix suspicious security_locked_down() call + - misc/uss720: fix memory leak in uss720_probe + - thunderbolt: dma_port: Fix NVM read buffer bounds and offset issue + - mei: request autosuspend after sending rx flow control + - staging: iio: cdc: ad7746: avoid overwrite of num_channels + - iio: gyro: fxas21002c: balance runtime power in error path + - iio: adc: ad7768-1: Fix too small buffer passed to + iio_push_to_buffers_with_timestamp() + - iio: adc: ad7124: Fix missbalanced regulator enable / disable on error. + - iio: adc: ad7124: Fix potential overflow due to non sequential channel + numbers + - iio: adc: ad7793: Add missing error code in ad7793_setup() + - serial: 8250_pci: Add support for new HPE serial device + - serial: 8250_pci: handle FL_NOIRQ board flag + - USB: trancevibrator: fix control-request direction + - USB: usbfs: Don't WARN about excessively large memory allocations + - serial: tegra: Fix a mask operation that is always true + - serial: sh-sci: Fix off-by-one error in FIFO threshold register setting + - serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait' + - USB: serial: ti_usb_3410_5052: add startech.com device id + - USB: serial: option: add Telit LE910-S1 compositions 0x7010, 0x7011 + - USB: serial: ftdi_sio: add IDs for IDS GmbH Products + - USB: serial: pl2303: add device id for ADLINK ND-6530 GC + - thermal/drivers/intel: Initialize RW trip to THERMAL_TEMP_INVALID + - usb: dwc3: gadget: Properly track pending and queued SG + - usb: gadget: udc: renesas_usb3: Fix a race in usb3_start_pipen() + - net: usb: fix memory leak in smsc75xx_bind + - spi: spi-geni-qcom: Fix use-after-free on unbind + - Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails + - fs/nfs: Use fatal_signal_pending instead of signal_pending + - NFS: fix an incorrect limit in filelayout_decode_layout() + - NFS: Fix an Oopsable condition in __nfs_pageio_add_request() + - NFS: Don't corrupt the value of pg_bytes_written in nfs_do_recoalesce() + - NFSv4: Fix v4.0/v4.1 SEEK_DATA return -ENOTSUPP when set NFS_V4_2 config + - drm/meson: fix shutdown crash when component not probed + - net/mlx5e: Fix multipath lag activation + - net/mlx5e: Fix nullptr in add_vlan_push_action() + - net/mlx4: Fix EEPROM dump support + - Revert "net:tipc: Fix a double free in tipc_sk_mcast_rcv" + - tipc: wait and exit until all work queues are done + - tipc: skb_linearize the head skb when reassembling msgs + - spi: spi-fsl-dspi: Fix a resource leak in an error handling path + - net: dsa: mt7530: fix VLAN traffic leaks + - net: dsa: fix a crash if ->get_sset_count() fails + - net: dsa: sja1105: error out on unsupported PHY mode + - i2c: s3c2410: fix possible NULL pointer deref on read message after write + - i2c: i801: Don't generate an interrupt on bus reset + - i2c: sh_mobile: Use new clock calculation formulas for RZ/G2E + - perf jevents: Fix getting maximum number of fds + - platform/x86: hp_accel: Avoid invoking _INI to speed up resume + - gpio: cadence: Add missing MODULE_DEVICE_TABLE + - Revert "media: usb: gspca: add a missed check for goto_low_power" + - Revert "ALSA: sb: fix a missing check of snd_ctl_add" + - Revert "serial: max310x: pass return value of spi_register_driver" + - serial: max310x: unregister uart driver in case of failure and abort + - Revert "net: fujitsu: fix a potential NULL pointer dereference" + - net: fujitsu: fix potential null-ptr-deref + - Revert "net/smc: fix a NULL pointer dereference" + - net: caif: remove BUG_ON(dev == NULL) in caif_xmit + - Revert "char: hpet: fix a missing check of ioremap" + - char: hpet: add checks after calling ioremap + - Revert "ALSA: gus: add a check of the status of snd_ctl_add" + - Revert "ALSA: usx2y: Fix potential NULL pointer dereference" + - Revert "isdn: mISDNinfineon: fix potential NULL pointer dereference" + - isdn: mISDNinfineon: check/cleanup ioremap failure correctly in setup_io + - Revert "ath6kl: return error code in ath6kl_wmi_set_roam_lrssi_cmd()" + - ath6kl: return error code in ath6kl_wmi_set_roam_lrssi_cmd() + - Revert "isdn: mISDN: Fix potential NULL pointer dereference of kzalloc" + - isdn: mISDN: correctly handle ph_info allocation failure in hfcsusb_ph_info + - Revert "dmaengine: qcom_hidma: Check for driver register failure" + - dmaengine: qcom_hidma: comment platform_driver_register call + - Revert "libertas: add checks for the return value of sysfs_create_group" + - libertas: register sysfs groups properly + - Revert "ASoC: cs43130: fix a NULL pointer dereference" + - ASoC: cs43130: handle errors in cs43130_probe() properly + - Revert "media: dvb: Add check on sp8870_readreg" + - media: dvb: Add check on sp8870_readreg return + - Revert "media: gspca: mt9m111: Check write_bridge for timeout" + - media: gspca: mt9m111: Check write_bridge for timeout + - Revert "media: gspca: Check the return value of write_bridge for timeout" + - media: gspca: properly check for errors in po1030_probe() + - Revert "net: liquidio: fix a NULL pointer dereference" + - net: liquidio: Add missing null pointer checks + - Revert "brcmfmac: add a check for the status of usb_register" + - brcmfmac: properly check for bus register errors + - btrfs: return whole extents in fiemap + - scsi: BusLogic: Fix 64-bit system enumeration error for Buslogic + - openrisc: Define memory barrier mb + - btrfs: do not BUG_ON in link_to_fixup_dir + - platform/x86: hp-wireless: add AMD's hardware id to the supported list + - platform/x86: intel_punit_ipc: Append MODULE_DEVICE_TABLE for ACPI + - platform/x86: touchscreen_dmi: Add info for the Mediacom Winpad 7.0 W700 + tablet + - SMB3: incorrect file id in requests compounded with open + - drm/amd/display: Disconnect non-DP with no EDID + - drm/amd/amdgpu: fix refcount leak + - drm/amdgpu: Fix a use-after-free + - drm/amd/amdgpu: fix a potential deadlock in gpu reset + - net: netcp: Fix an error message + - net: dsa: fix error code getting shifted with 4 in dsa_slave_get_sset_count + - ASoC: cs42l42: Regmap must use_single_read/write + - vfio-ccw: Check initialized flag in cp_init() + - net: really orphan skbs tied to closing sk + - net: fec: fix the potential memory leak in fec_enet_init() + - net: mdio: thunder: Fix a double free issue in the .remove function + - net: mdio: octeon: Fix some double free issues + - openvswitch: meter: fix race when getting now_ms. + - tls splice: check SPLICE_F_NONBLOCK instead of MSG_DONTWAIT + - net: sched: fix packet stuck problem for lockless qdisc + - net: sched: fix tx action rescheduling issue during deactivation + - net: sched: fix tx action reschedule issue with stopped queue + - net: hso: check for allocation failure in hso_create_bulk_serial_device() + - net: bnx2: Fix error return code in bnx2_init_board() + - bnxt_en: Include new P5 HV definition in VF check. + - mld: fix panic in mld_newpack() + - gve: Check TX QPL was actually assigned + - gve: Update mgmt_msix_idx if num_ntfy changes + - gve: Add NULL pointer checks when freeing irqs. + - gve: Upgrade memory barrier in poll routine + - gve: Correct SKB queue index validation. + - cxgb4: avoid accessing registers when clearing filters + - staging: emxx_udc: fix loop in _nbu2ss_nuke() + - ASoC: cs35l33: fix an error code in probe() + - bpf: Set mac_len in bpf_skb_change_head + - ixgbe: fix large MTU request from VF + - scsi: libsas: Use _safe() loop in sas_resume_port() + - net: lantiq: fix memory corruption in RX ring + - ipv6: record frag_max_size in atomic fragments in input path + - ALSA: usb-audio: scarlett2: snd_scarlett_gen2_controls_create() can be + static + - net: ethernet: mtk_eth_soc: Fix packet statistics support for MT7628/88 + - sch_dsmark: fix a NULL deref in qdisc_reset() + - MIPS: alchemy: xxs1500: add gpio-au1000.h header file + - MIPS: ralink: export rt_sysc_membase for rt2880_wdt.c + - drm/i915/display: fix compiler warning about array overrun + - i915: fix build warning in intel_dp_get_link_status() + - drivers/net/ethernet: clean up unused assignments + - net: hns3: check the return of skb_checksum_help() + - Revert "Revert "ALSA: usx2y: Fix potential NULL pointer dereference"" + - net: hso: bail out on interrupt URB allocation failure + - neighbour: Prevent Race condition in neighbour subsytem + - usb: core: reduce power-on-good delay time of root hub + - Linux 5.4.124 + * Focal update: v5.4.123 upstream stable release (LP: #1931160) + - usb: dwc3: gadget: Enable suspend events + - perf unwind: Fix separate debug info files when using elfutils' libdw's + unwinder + - perf unwind: Set userdata for all __report_module() paths + - NFC: nci: fix memory leak in nci_allocate_device + - Linux 5.4.123 + * Focal update: v5.4.122 upstream stable release (LP: #1931159) + - firmware: arm_scpi: Prevent the ternary sign expansion bug + - openrisc: Fix a memory leak + - RDMA/siw: Properly check send and receive CQ pointers + - RDMA/siw: Release xarray entry + - RDMA/rxe: Clear all QP fields if creation failed + - scsi: ufs: core: Increase the usable queue depth + - scsi: qla2xxx: Fix error return code in qla82xx_write_flash_dword() + - RDMA/mlx5: Recover from fatal event in dual port mode + - RDMA/core: Don't access cm_id after its destruction + - platform/mellanox: mlxbf-tmfifo: Fix a memory barrier issue + - platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios + - RDMA/uverbs: Fix a NULL vs IS_ERR() bug + - ptrace: make ptrace() fail if the tracee changed its pid unexpectedly + - nvmet: seset ns->file when open fails + - locking/mutex: clear MUTEX_FLAGS if wait_list is empty due to signal + - btrfs: avoid RCU stalls while running delayed iputs + - cifs: fix memory leak in smb2_copychunk_range + - ALSA: dice: fix stream format for TC Electronic Konnekt Live at high + sampling transfer frequency + - ALSA: intel8x0: Don't update period unless prepared + - ALSA: line6: Fix racy initialization of LINE6 MIDI + - ALSA: dice: fix stream format at middle sampling rate for Alesis iO 26 + - ALSA: firewire-lib: fix calculation for size of IR context payload + - ALSA: usb-audio: Validate MS endpoint descriptors + - ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro + - ALSA: hda: fixup headset for ASUS GU502 laptop + - Revert "ALSA: sb8: add a check for request_region" + - ALSA: firewire-lib: fix check for the size of isochronous packet payload + - ALSA: hda/realtek: reset eapd coeff to default value for alc287 + - ALSA: hda/realtek: Add some CLOVE SSIDs of ALC293 + - ALSA: hda/realtek: Fix silent headphone output on ASUS UX430UA + - ALSA: hda/realtek: Add fixup for HP OMEN laptop + - ALSA: hda/realtek: Add fixup for HP Spectre x360 15-df0xxx + - uio_hv_generic: Fix a memory leak in error handling paths + - Revert "rapidio: fix a NULL pointer dereference when create_workqueue() + fails" + - rapidio: handle create_workqueue() failure + - Revert "serial: mvebu-uart: Fix to avoid a potential NULL pointer + dereference" + - drm/amdgpu: disable 3DCGCG on picasso/raven1 to avoid compute hang + - drm/amdgpu: update gc golden setting for Navi12 + - drm/amdgpu: update sdma golden setting for Navi12 + - mmc: sdhci-pci-gli: increase 1.8V regulator wait + - xen-pciback: reconfigure also from backend watch handler + - dm snapshot: fix crash with transient storage and zero chunk size + - Revert "video: hgafb: fix potential NULL pointer dereference" + - Revert "net: stmicro: fix a missing check of clk_prepare" + - Revert "leds: lp5523: fix a missing check of return value of lp55xx_read" + - Revert "hwmon: (lm80) fix a missing check of bus read in lm80 probe" + - Revert "video: imsttfb: fix potential NULL pointer dereferences" + - Revert "ecryptfs: replace BUG_ON with error handling code" + - Revert "scsi: ufs: fix a missing check of devm_reset_control_get" + - Revert "gdrom: fix a memory leak bug" + - cdrom: gdrom: deallocate struct gdrom_unit fields in remove_gdrom + - cdrom: gdrom: initialize global variable at init time + - Revert "media: rcar_drif: fix a memory disclosure" + - Revert "rtlwifi: fix a potential NULL pointer dereference" + - Revert "qlcnic: Avoid potential NULL pointer dereference" + - Revert "niu: fix missing checks of niu_pci_eeprom_read" + - ethernet: sun: niu: fix missing checks of niu_pci_eeprom_read() + - net: stmicro: handle clk_prepare() failure during init + - scsi: ufs: handle cleanup correctly on devm_reset_control_get error + - net: rtlwifi: properly check for alloc_workqueue() failure + - ics932s401: fix broken handling of errors when word reading fails + - leds: lp5523: check return value of lp5xx_read and jump to cleanup code + - qlcnic: Add null check after calling netdev_alloc_skb + - video: hgafb: fix potential NULL pointer dereference + - vgacon: Record video mode changes with VT_RESIZEX + - vt: Fix character height handling with VT_RESIZEX + - tty: vt: always invoke vc->vc_sw->con_resize callback + - nvme-multipath: fix double initialization of ANA state + - ext4: fix error handling in ext4_end_enable_verity() + - Bluetooth: L2CAP: Fix handling LE modes by L2CAP_OPTIONS + - nvmet: use new ana_log_size instead the old one + - video: hgafb: correctly handle card detect failure during probe + - Bluetooth: SMP: Fail if remote and local public keys are identical + - Linux 5.4.122 + * Focal update: v5.4.121 upstream stable release (LP: #1931158) + - x86/msr: Fix wr/rdmsr_safe_regs_on_cpu() prototypes + - kgdb: fix gcc-11 warning on indentation + - usb: sl811-hcd: improve misleading indentation + - cxgb4: Fix the -Wmisleading-indentation warning + - isdn: capi: fix mismatched prototypes + - pinctrl: ingenic: Improve unreachable code generation + - xsk: Simplify detection of empty and full rings + - virtio_net: Do not pull payload in skb->head + - PCI: thunder: Fix compile testing + - dmaengine: dw-edma: Fix crash on loading/unloading driver + - ARM: 9066/1: ftrace: pause/unpause function graph tracer in cpu_suspend() + - ACPI / hotplug / PCI: Fix reference count leak in enable_slot() + - Input: elants_i2c - do not bind to i2c-hid compatible ACPI instantiated + devices + - Input: silead - add workaround for x86 BIOS-es which bring the chip up in a + stuck state + - um: Mark all kernel symbols as local + - um: Disable CONFIG_GCOV with MODULES + - ARM: 9075/1: kernel: Fix interrupted SMC calls + - scripts/recordmcount.pl: Fix RISC-V regex for clang + - riscv: Workaround mcount name prior to clang-13 + - scsi: lpfc: Fix illegal memory access on Abort IOCBs + - ceph: fix fscache invalidation + - scsi: target: tcmu: Return from tcmu_handle_completions() if cmd_id not + found + - bridge: Fix possible races between assigning rx_handler_data and setting + IFF_BRIDGE_PORT bit + - drm/amd/display: Fix two cursor duplication when using overlay + - gpiolib: acpi: Add quirk to ignore EC wakeups on Dell Venue 10 Pro 5055 + - ALSA: hda: generic: change the DAC ctl name for LO+SPK or LO+HP + - block: reexpand iov_iter after read/write + - lib: stackdepot: turn depot_lock spinlock to raw_spinlock + - net: stmmac: Do not enable RX FIFO overflow interrupts + - ip6_gre: proper dev_{hold|put} in ndo_[un]init methods + - sit: proper dev_{hold|put} in ndo_[un]init methods + - ip6_tunnel: sit: proper dev_{hold|put} in ndo_[un]init methods + - ipv6: remove extra dev_hold() for fallback tunnels + - KVM: arm64: Initialize VCPU mdcr_el2 before loading it + - tweewide: Fix most Shebang lines + - scripts: switch explicitly to Python 3 + - Linux 5.4.121 + * Focal update: v5.4.120 upstream stable release (LP: #1930474) + - tpm: fix error return code in tpm2_get_cc_attrs_tbl() + - tpm, tpm_tis: Extend locality handling to TPM2 in tpm_tis_gen_interrupt() + - tpm, tpm_tis: Reserve locality in tpm_tis_resume() + - KVM: x86/mmu: Remove the defunct update_pte() paging hook + - PM: runtime: Fix unpaired parent child_count for force_resume + - fs: dlm: fix debugfs dump + - tipc: convert dest node's address to network order + - ASoC: Intel: bytcr_rt5640: Enable jack-detect support on Asus T100TAF + - net: stmmac: Set FIFO sizes for ipq806x + - ASoC: rsnd: core: Check convert rate in rsnd_hw_params + - i2c: bail out early when RDWR parameters are wrong + - ALSA: hdsp: don't disable if not enabled + - ALSA: hdspm: don't disable if not enabled + - ALSA: rme9652: don't disable if not enabled + - ALSA: bebob: enable to deliver MIDI messages for multiple ports + - Bluetooth: Set CONF_NOT_COMPLETE as l2cap_chan default + - Bluetooth: initialize skb_queue_head at l2cap_chan_create() + - net: bridge: when suppression is enabled exclude RARP packets + - Bluetooth: check for zapped sk before connecting + - ip6_vti: proper dev_{hold|put} in ndo_[un]init methods + - ASoC: Intel: bytcr_rt5640: Add quirk for the Chuwi Hi8 tablet + - i2c: Add I2C_AQ_NO_REP_START adapter quirk + - mac80211: clear the beacon's CRC after channel switch + - pinctrl: samsung: use 'int' for register masks in Exynos + - mt76: mt76x0: disable GTK offloading + - cuse: prevent clone + - ASoC: rsnd: call rsnd_ssi_master_clk_start() from rsnd_ssi_init() + - Revert "iommu/amd: Fix performance counter initialization" + - iommu/amd: Remove performance counter pre-initialization test + - drm/amd/display: Force vsync flip when reconfiguring MPCC + - selftests: Set CC to clang in lib.mk if LLVM is set + - kconfig: nconf: stop endless search loops + - ALSA: hda/hdmi: fix race in handling acomp ELD notification at resume + - sctp: Fix out-of-bounds warning in sctp_process_asconf_param() + - flow_dissector: Fix out-of-bounds warning in __skb_flow_bpf_to_target() + - powerpc/smp: Set numa node before updating mask + - ASoC: rt286: Generalize support for ALC3263 codec + - ethtool: ioctl: Fix out-of-bounds warning in store_link_ksettings_for_user() + - net: sched: tapr: prevent cycle_time == 0 in parse_taprio_schedule + - samples/bpf: Fix broken tracex1 due to kprobe argument change + - powerpc/pseries: Stop calling printk in rtas_stop_self() + - drm/amd/display: fixed divide by zero kernel crash during dsc enablement + - wl3501_cs: Fix out-of-bounds warnings in wl3501_send_pkt + - wl3501_cs: Fix out-of-bounds warnings in wl3501_mgmt_join + - qtnfmac: Fix possible buffer overflow in qtnf_event_handle_external_auth + - powerpc/iommu: Annotate nested lock for lockdep + - iavf: remove duplicate free resources calls + - net: ethernet: mtk_eth_soc: fix RX VLAN offload + - bnxt_en: Add PCI IDs for Hyper-V VF devices. + - ia64: module: fix symbolizer crash on fdescr + - ASoC: rt286: Make RT286_SET_GPIO_* readable and writable + - thermal: thermal_of: Fix error return code of + thermal_of_populate_bind_params() + - f2fs: fix a redundant call to f2fs_balance_fs if an error occurs + - PCI: iproc: Fix return value of iproc_msi_irq_domain_alloc() + - PCI: Release OF node in pci_scan_device()'s error path + - ARM: 9064/1: hw_breakpoint: Do not directly check the event's + overflow_handler hook + - rpmsg: qcom_glink_native: fix error return code of qcom_glink_rx_data() + - NFSv4.2: Always flush out writes in nfs42_proc_fallocate() + - NFS: Deal correctly with attribute generation counter overflow + - PCI: endpoint: Fix missing destroy_workqueue() + - pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() + - NFSv4.2 fix handling of sr_eof in SEEK's reply + - rtc: fsl-ftm-alarm: add MODULE_TABLE() + - ceph: fix inode leak on getattr error in __fh_to_dentry + - rtc: ds1307: Fix wday settings for rx8130 + - net: hns3: fix incorrect configuration for igu_egu_hw_err + - net: hns3: initialize the message content in hclge_get_link_mode() + - net: hns3: add check for HNS3_NIC_STATE_INITED in + hns3_reset_notify_up_enet() + - net: hns3: fix for vxlan gpe tx checksum bug + - net: hns3: use netif_tx_disable to stop the transmit queue + - net: hns3: disable phy loopback setting in hclge_mac_start_phy + - sctp: do asoc update earlier in sctp_sf_do_dupcook_a + - RISC-V: Fix error code returned by riscv_hartid_to_cpuid() + - sunrpc: Fix misplaced barrier in call_decode + - ethernet:enic: Fix a use after free bug in enic_hard_start_xmit + - sctp: fix a SCTP_MIB_CURRESTAB leak in sctp_sf_do_dupcook_b + - netfilter: xt_SECMARK: add new revision to fix structure layout + - drm/radeon: Fix off-by-one power_state index heap overwrite + - drm/radeon: Avoid power table parsing memory leaks + - khugepaged: fix wrong result value for trace_mm_collapse_huge_page_isolate() + - mm/hugeltb: handle the error case in hugetlb_fix_reserve_counts() + - mm/migrate.c: fix potential indeterminate pte entry in + migrate_vma_insert_page() + - ksm: fix potential missing rmap_item for stable_node + - net: fix nla_strcmp to handle more then one trailing null character + - smc: disallow TCP_ULP in smc_setsockopt() + - netfilter: nfnetlink_osf: Fix a missing skb_header_pointer() NULL check + - can: m_can: m_can_tx_work_queue(): fix tx_skb race condition + - sched: Fix out-of-bound access in uclamp + - sched/fair: Fix unfairness caused by missing load decay + - kernel: kexec_file: fix error return code of kexec_calculate_store_digests() + - netfilter: nftables: avoid overflows in nft_hash_buckets() + - i40e: Fix use-after-free in i40e_client_subtask() + - i40e: fix the restart auto-negotiation after FEC modified + - i40e: Fix PHY type identifiers for 2.5G and 5G adapters + - ARC: entry: fix off-by-one error in syscall number validation + - ARC: mm: PAE: use 40-bit physical page mask + - powerpc/64s: Fix crashes when toggling stf barrier + - powerpc/64s: Fix crashes when toggling entry flush barrier + - hfsplus: prevent corruption in shrinking truncate + - squashfs: fix divide error in calculate_skip() + - userfaultfd: release page in error path to avoid BUG_ON + - mm/hugetlb: fix F_SEAL_FUTURE_WRITE + - drm/radeon/dpm: Disable sclk switching on Oland when two 4K 60Hz monitors + are connected + - drm/i915: Avoid div-by-zero on gen2 + - iio: proximity: pulsedlight: Fix rumtime PM imbalance on error + - usb: fotg210-hcd: Fix an error message + - hwmon: (occ) Fix poll rate limiting + - ACPI: scan: Fix a memory leak in an error handling path + - kyber: fix out of bounds access when preempted + - nbd: Fix NULL pointer in flush_workqueue + - blk-mq: Swap two calls in blk_mq_exit_queue() + - iomap: fix sub-page uptodate handling + - usb: dwc3: omap: improve extcon initialization + - usb: dwc3: pci: Enable usb2-gadget-lpm-disable for Intel Merrifield + - usb: xhci: Increase timeout for HC halt + - usb: dwc2: Fix gadget DMA unmap direction + - usb: core: hub: fix race condition about TRSMRCY of resume + - usb: dwc3: gadget: Return success always for kick transfer in ep queue + - xhci: Do not use GFP_KERNEL in (potentially) atomic context + - xhci: Add reset resume quirk for AMD xhci controller. + - iio: gyro: mpu3050: Fix reported temperature value + - iio: tsl2583: Fix division by a zero lux_val + - cdc-wdm: untangle a circular dependency between callback and softint + - KVM: x86: Cancel pvclock_gtod_work on module removal + - mm: fix struct page layout on 32-bit systems + - FDDI: defxx: Make MMIO the configuration default except for EISA + - MIPS: Reinstate platform `__div64_32' handler + - MIPS: Avoid DIVU in `__div64_32' is result would be zero + - MIPS: Avoid handcoded DIVU in `__div64_32' altogether + - thermal/core/fair share: Lock the thermal zone while looping over instances + - f2fs: fix error handling in f2fs_end_enable_verity() + - ARM: 9011/1: centralize phys-to-virt conversion of DT/ATAGS address + - ARM: 9012/1: move device tree mapping out of linear region + - ARM: 9020/1: mm: use correct section size macro to describe the FDT virtual + address + - ARM: 9027/1: head.S: explicitly map DT even if it lives in the first + physical section + - usb: typec: tcpm: Fix error while calculating PPS out values + - kobject_uevent: remove warning in init_uevent_argv() + - netfilter: conntrack: Make global sysctls readonly in non-init netns + - clk: exynos7: Mark aclk_fsys1_200 as critical + - nvme: do not try to reconfigure APST when the controller is not live + - ASoC: rsnd: check all BUSIF status when error + - Linux 5.4.120 + * scsi: storvsc: Parameterize number hardware queues (LP: #1930626) + - scsi: storvsc: Parameterize number hardware queues + + [ Ubuntu: 5.4.0-77.86 ] + + * UAF on CAN J1939 j1939_can_recv (LP: #1932209) + - SAUCE: can: j1939: delay release of j1939_priv after synchronize_rcu + * UAF on CAN BCM bcm_rx_handler (LP: #1931855) + - SAUCE: can: bcm: delay release of struct bcm_op after synchronize_rcu + + [ Ubuntu: 5.4.0-76.85 ] + + * focal/linux: 5.4.0-76.85 -proposed tracker (LP: #1932123) + * Upstream v5.9 introduced 'module' patches that removed exported symbols + (LP: #1932065) + - SAUCE: Revert "modules: inherit TAINT_PROPRIETARY_MODULE" + - SAUCE: Revert "modules: return licensing information from find_symbol" + - SAUCE: Revert "modules: rename the licence field in struct symsearch to + license" + - SAUCE: Revert "modules: unexport __module_address" + - SAUCE: Revert "modules: unexport __module_text_address" + - SAUCE: Revert "modules: mark each_symbol_section static" + - SAUCE: Revert "modules: mark find_symbol static" + - SAUCE: Revert "modules: mark ref_module static" + + [ Ubuntu: 5.4.0-75.84 ] + + * focal/linux: 5.4.0-75.84 -proposed tracker (LP: #1930032) + * Packaging resync (LP: #1786013) + - update dkms package versions + * CVE-2021-33200 + - bpf: Wrap aux data inside bpf_sanitize_info container + - bpf: Fix mask direction swap upon off reg sign change + - bpf: No need to simulate speculative domain for immediates + * Realtek USB hubs in Dell WD19SC/DC/TB fail to work after exiting s2idle + (LP: #1928242) + - USB: Verify the port status when timeout happens during port suspend + * CVE-2020-26145 + - ath10k: drop fragments with multicast DA for SDIO + - ath10k: add CCMP PN replay protection for fragmented frames for PCIe + - ath10k: drop fragments with multicast DA for PCIe + * CVE-2020-26141 + - ath10k: Fix TKIP Michael MIC verification for PCIe + * CVE-2020-24588 + - mac80211: properly handle A-MSDUs that start with an RFC 1042 header + - cfg80211: mitigate A-MSDU aggregation attacks + - mac80211: drop A-MSDUs on old ciphers + - ath10k: drop MPDU which has discard flag set by firmware for SDIO + * CVE-2020-26139 + - mac80211: do not accept/forward invalid EAPOL frames + * CVE-2020-24586 // CVE-2020-24587 // CVE-2020-24587 for such cases. + - mac80211: extend protection against mixed key and fragment cache attacks + * CVE-2020-24586 // CVE-2020-24587 + - mac80211: prevent mixed key and fragment cache attacks + - mac80211: add fragment cache to sta_info + - mac80211: check defrag PN against current frame + - mac80211: prevent attacks on TKIP/WEP as well + * CVE-2020-26147 + - mac80211: assure all fragments are encrypted + * raid10: Block discard is very slow, causing severe delays for mkfs and + fstrim operations (LP: #1896578) + - md: add md_submit_discard_bio() for submitting discard bio + - md/raid10: extend r10bio devs to raid disks + - md/raid10: pull the code that wait for blocked dev into one function + - md/raid10: improve raid10 discard request + - md/raid10: improve discard request for far layout + - dm raid: remove unnecessary discard limits for raid0 and raid10 + * [SRU] mpt3sas: only one vSES is handy even IOC has multi vSES (LP: #1926517) + - scsi: mpt3sas: Only one vSES is present even when IOC has multi vSES + * kvm: properly tear down PV features on hibernate (LP: #1920944) + - x86/kvm: Fix pr_info() for async PF setup/teardown + - x86/kvm: Teardown PV features on boot CPU as well + - x86/kvm: Disable kvmclock on all CPUs on shutdown + - x86/kvm: Disable all PV features on crash + - x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() + * Focal update: v5.4.119 upstream stable release (LP: #1929615) + - Bluetooth: verify AMP hci_chan before amp_destroy + - hsr: use netdev_err() instead of WARN_ONCE() + - bluetooth: eliminate the potential race condition when removing the HCI + controller + - net/nfc: fix use-after-free llcp_sock_bind/connect + - Revert "USB: cdc-acm: fix rounding error in TIOCSSERIAL" + - tty: moxa: fix TIOCSSERIAL jiffies conversions + - tty: amiserial: fix TIOCSSERIAL permission check + - USB: serial: usb_wwan: fix TIOCSSERIAL jiffies conversions + - staging: greybus: uart: fix TIOCSSERIAL jiffies conversions + - USB: serial: ti_usb_3410_5052: fix TIOCSSERIAL permission check + - staging: fwserial: fix TIOCSSERIAL jiffies conversions + - tty: moxa: fix TIOCSSERIAL permission check + - staging: fwserial: fix TIOCSSERIAL permission check + - usb: typec: tcpm: Address incorrect values of tcpm psy for fixed supply + - usb: typec: tcpm: Address incorrect values of tcpm psy for pps supply + - usb: typec: tcpm: update power supply once partner accepts + - usb: xhci-mtk: remove or operator for setting schedule parameters + - usb: xhci-mtk: improve bandwidth scheduling with TT + - ASoC: samsung: tm2_wm5110: check of of_parse return value + - ASoC: Intel: kbl_da7219_max98927: Fix kabylake_ssp_fixup function + - MIPS: pci-mt7620: fix PLL lock check + - MIPS: pci-rt2880: fix slot 0 configuration + - FDDI: defxx: Bail out gracefully with unassigned PCI resource for CSR + - PCI: Allow VPD access for QLogic ISP2722 + - iio:accel:adis16201: Fix wrong axis assignment that prevents loading + - misc: lis3lv02d: Fix false-positive WARN on various HP models + - misc: vmw_vmci: explicitly initialize vmci_notify_bm_set_msg struct + - misc: vmw_vmci: explicitly initialize vmci_datagram payload + - md/bitmap: wait for external bitmap writes to complete during tear down + - md-cluster: fix use-after-free issue when removing rdev + - md: split mddev_find + - md: factor out a mddev_find_locked helper from mddev_find + - md: md_open returns -EBUSY when entering racing area + - md: Fix missing unused status line of /proc/mdstat + - ipw2x00: potential buffer overflow in libipw_wx_set_encodeext() + - cfg80211: scan: drop entry from hidden_list on overflow + - rtw88: Fix array overrun in rtw_get_tx_power_params() + - drm/panfrost: Clear MMU irqs before handling the fault + - drm/panfrost: Don't try to map pages that are already mapped + - drm/radeon: fix copy of uninitialized variable back to userspace + - drm/amd/display: Reject non-zero src_y and src_x for video planes + - ALSA: hda/realtek: Re-order ALC882 Acer quirk table entries + - ALSA: hda/realtek: Re-order ALC882 Sony quirk table entries + - ALSA: hda/realtek: Re-order ALC882 Clevo quirk table entries + - ALSA: hda/realtek: Re-order ALC269 HP quirk table entries + - ALSA: hda/realtek: Re-order ALC269 Acer quirk table entries + - ALSA: hda/realtek: Re-order ALC269 Dell quirk table entries + - ALSA: hda/realtek: Re-order ALC269 ASUS quirk table entries + - ALSA: hda/realtek: Re-order ALC269 Sony quirk table entries + - ALSA: hda/realtek: Re-order ALC269 Lenovo quirk table entries + - ALSA: hda/realtek: Re-order remaining ALC269 quirk table entries + - ALSA: hda/realtek: Re-order ALC662 quirk table entries + - ALSA: hda/realtek: Remove redundant entry for ALC861 Haier/Uniwill devices + - ALSA: hda/realtek: ALC285 Thinkpad jack pin quirk is unreachable + - KVM: s390: split kvm_s390_logical_to_effective + - KVM: s390: fix guarded storage control register handling + - s390: fix detection of vector enhancements facility 1 vs. vector packed + decimal facility + - KVM: s390: split kvm_s390_real_to_abs + - KVM: nVMX: Truncate bits 63:32 of VMCS field on nested check in !64-bit + - KVM: Stop looking for coalesced MMIO zones if the bus is destroyed + - Revert "i3c master: fix missing destroy_workqueue() on error in + i3c_master_register" + - ovl: fix missing revert_creds() on error path + - usb: gadget: pch_udc: Revert d3cb25a12138 completely + - memory: gpmc: fix out of bounds read and dereference on gpmc_cs[] + - ARM: dts: exynos: correct fuel gauge interrupt trigger level on Midas family + - ARM: dts: exynos: correct MUIC interrupt trigger level on Midas family + - ARM: dts: exynos: correct PMIC interrupt trigger level on Midas family + - ARM: dts: exynos: correct PMIC interrupt trigger level on Odroid X/U3 family + - ARM: dts: exynos: correct PMIC interrupt trigger level on SMDK5250 + - ARM: dts: exynos: correct PMIC interrupt trigger level on Snow + - serial: stm32: fix incorrect characters on console + - serial: stm32: fix tx_empty condition + - usb: typec: tcpci: Check ROLE_CONTROL while interpreting CC_STATUS + - regmap: set debugfs_name to NULL after it is freed + - mtd: rawnand: fsmc: Fix error code in fsmc_nand_probe() + - mtd: rawnand: brcmnand: fix OOB R/W with Hamming ECC + - mtd: Handle possible -EPROBE_DEFER from parse_mtd_partitions() + - mtd: rawnand: qcom: Return actual error code instead of -ENODEV + - arm64: dts: qcom: sm8150: fix number of pins in 'gpio-ranges' + - spi: stm32: drop devres version of spi_register_master + - arm64: dts: renesas: r8a77980: Fix vin4-7 endpoint binding + - x86/microcode: Check for offline CPUs before requesting new microcode + - usb: gadget: pch_udc: Replace cpu_to_le32() by lower_32_bits() + - usb: gadget: pch_udc: Check if driver is present before calling ->setup() + - usb: gadget: pch_udc: Check for DMA mapping error + - crypto: qat - don't release uninitialized resources + - crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init + - fotg210-udc: Fix DMA on EP0 for length > max packet size + - fotg210-udc: Fix EP0 IN requests bigger than two packets + - fotg210-udc: Remove a dubious condition leading to fotg210_done + - fotg210-udc: Mask GRP2 interrupts we don't handle + - fotg210-udc: Don't DMA more than the buffer can take + - fotg210-udc: Complete OUT requests on short packets + - mtd: require write permissions for locking and badblock ioctls + - bus: qcom: Put child node before return + - soundwire: bus: Fix device found flag correctly + - phy: marvell: ARMADA375_USBCLUSTER_PHY should not default to y, + unconditionally + - crypto: qat - fix error path in adf_isr_resource_alloc() + - usb: gadget: aspeed: fix dma map failure + - USB: gadget: udc: fix wrong pointer passed to IS_ERR() and PTR_ERR() + - memory: pl353: fix mask of ECC page_size config register + - soundwire: stream: fix memory leak in stream config error path + - m68k: mvme147,mvme16x: Don't wipe PCC timer config bits + - mtd: rawnand: gpmi: Fix a double free in gpmi_nand_init + - irqchip/gic-v3: Fix OF_BAD_ADDR error handling + - staging: rtl8192u: Fix potential infinite loop + - staging: greybus: uart: fix unprivileged TIOCCSERIAL + - PM / devfreq: Use more accurate returned new_freq as resume_freq + - spi: Fix use-after-free with devm_spi_alloc_* + - soc: qcom: mdt_loader: Validate that p_filesz < p_memsz + - soc: qcom: mdt_loader: Detect truncated read of segments + - ACPI: CPPC: Replace cppc_attr with kobj_attribute + - crypto: qat - Fix a double free in adf_create_ring + - cpufreq: armada-37xx: Fix setting TBG parent for load levels + - clk: mvebu: armada-37xx-periph: remove .set_parent method for CPU PM clock + - cpufreq: armada-37xx: Fix the AVS value for load L1 + - clk: mvebu: armada-37xx-periph: Fix switching CPU freq from 250 Mhz to 1 GHz + - clk: mvebu: armada-37xx-periph: Fix workaround for switching from L1 to L0 + - cpufreq: armada-37xx: Fix driver cleanup when registration failed + - cpufreq: armada-37xx: Fix determining base CPU frequency + - spi: fsl-lpspi: Fix PM reference leak in lpspi_prepare_xfer_hardware() + - usb: gadget: r8a66597: Add missing null check on return from + platform_get_resource + - USB: cdc-acm: fix unprivileged TIOCCSERIAL + - USB: cdc-acm: fix TIOCGSERIAL implementation + - tty: fix return value for unsupported ioctls + - serial: core: return early on unsupported ioctls + - firmware: qcom-scm: Fix QCOM_SCM configuration + - node: fix device cleanups in error handling code + - usbip: vudc: fix missing unlock on error in usbip_sockfd_store() + - platform/x86: pmc_atom: Match all Beckhoff Automation baytrail boards with + critclk_systems DMI table + - x86/platform/uv: Fix !KEXEC build failure + - usb: dwc2: Fix host mode hibernation exit with remote wakeup flow. + - usb: dwc2: Fix hibernation between host and device modes. + - ttyprintk: Add TTY hangup callback. + - xen-blkback: fix compatibility bug with single page rings + - soc: aspeed: fix a ternary sign expansion bug + - media: vivid: fix assignment of dev->fbuf_out_flags + - media: omap4iss: return error code when omap4iss_get() failed + - media: aspeed: fix clock handling logic + - media: platform: sunxi: sun6i-csi: fix error return code of + sun6i_video_start_streaming() + - media: m88rs6000t: avoid potential out-of-bounds reads on arrays + - drm/amdkfd: fix build error with AMD_IOMMU_V2=m + - x86/kprobes: Fix to check non boostable prefixes correctly + - pata_arasan_cf: fix IRQ check + - pata_ipx4xx_cf: fix IRQ check + - sata_mv: add IRQ checks + - ata: libahci_platform: fix IRQ check + - nvme-tcp: block BH in sk state_change sk callback + - nvmet-tcp: fix incorrect locking in state_change sk callback + - nvme: retrigger ANA log update if group descriptor isn't found + - media: v4l2-ctrls.c: fix race condition in hdl->requests list + - vfio/mdev: Do not allow a mdev_type to have a NULL parent pointer + - clk: zynqmp: move zynqmp_pll_set_mode out of round_rate callback + - clk: qcom: a53-pll: Add missing MODULE_DEVICE_TABLE + - clk: uniphier: Fix potential infinite loop + - scsi: hisi_sas: Fix IRQ checks + - scsi: jazz_esp: Add IRQ check + - scsi: sun3x_esp: Add IRQ check + - scsi: sni_53c710: Add IRQ check + - scsi: ibmvfc: Fix invalid state machine BUG_ON() + - mfd: stm32-timers: Avoid clearing auto reload register + - nvme-pci: don't simple map sgl when sgls are disabled + - HSI: core: fix resource leaks in hsi_add_client_from_dt() + - x86/events/amd/iommu: Fix sysfs type mismatch + - sched/debug: Fix cgroup_path[] serialization + - drivers/block/null_blk/main: Fix a double free in null_init. + - HID: plantronics: Workaround for double volume key presses + - perf symbols: Fix dso__fprintf_symbols_by_name() to return the number of + printed chars + - net: lapbether: Prevent racing when checking whether the netif is running + - powerpc/fadump: Mark fadump_calculate_reserve_size as __init + - powerpc/prom: Mark identical_pvr_fixup as __init + - inet: use bigger hash table for IP ID generation + - powerpc: Fix HAVE_HARDLOCKUP_DETECTOR_ARCH build configuration + - ALSA: core: remove redundant spin_lock pair in snd_card_disconnect + - bug: Remove redundant condition check in report_bug + - nfc: pn533: prevent potential memory corruption + - net: hns3: Limiting the scope of vector_ring_chain variable + - mips: bmips: fix syscon-reboot nodes + - ALSA: usb-audio: Add error checks for usb_driver_claim_interface() calls + - ASoC: simple-card: fix possible uninitialized single_cpu local variable + - liquidio: Fix unintented sign extension of a left shift of a u16 + - powerpc/64s: Fix pte update for kernel memory on radix + - powerpc/perf: Fix PMU constraint check for EBB events + - powerpc: iommu: fix build when neither PCI or IBMVIO is set + - mac80211: bail out if cipher schemes are invalid + - mt7601u: fix always true expression + - KVM: PPC: Book3S HV P9: Restore host CTRL SPR after guest exit + - RDMA/qedr: Fix error return code in qedr_iw_connect() + - IB/hfi1: Fix error return code in parse_platform_config() + - cxgb4: Fix unintentional sign extension issues + - net: thunderx: Fix unintentional sign extension issue + - RDMA/srpt: Fix error return code in srpt_cm_req_recv() + - i2c: img-scb: fix reference leak when pm_runtime_get_sync fails + - i2c: imx-lpi2c: fix reference leak when pm_runtime_get_sync fails + - i2c: omap: fix reference leak when pm_runtime_get_sync fails + - i2c: sprd: fix reference leak when pm_runtime_get_sync fails + - i2c: cadence: add IRQ check + - i2c: emev2: add IRQ check + - i2c: jz4780: add IRQ check + - i2c: sh7760: add IRQ check + - powerpc/xive: Fix xmon command "dxi" + - ASoC: ak5558: correct reset polarity + - drm/i915/gvt: Fix error code in intel_gvt_init_device() + - perf beauty: Fix fsconfig generator + - MIPS: pci-legacy: stop using of_pci_range_to_resource + - powerpc/pseries: extract host bridge from pci_bus prior to bus removal + - rtlwifi: 8821ae: upgrade PHY and RF parameters + - i2c: sh7760: fix IRQ error path + - mwl8k: Fix a double Free in mwl8k_probe_hw + - vsock/vmci: log once the failed queue pair allocation + - gro: fix napi_gro_frags() Fast GRO breakage due to IP alignment check + - RDMA/cxgb4: add missing qpid increment + - RDMA/i40iw: Fix error unwinding when i40iw_hmc_sd_one fails + - ALSA: usb: midi: don't return -ENOMEM when usb_urb_ep_type_check fails + - net: davinci_emac: Fix incorrect masking of tx and rx error channel + - net: renesas: ravb: Fix a stuck issue when a lot of frames are received + - net: phy: intel-xway: enable integrated led functions + - ath9k: Fix error check in ath9k_hw_read_revisions() for PCI devices + - ath10k: Fix ath10k_wmi_tlv_op_pull_peer_stats_info() unlock without lock + - powerpc/52xx: Fix an invalid ASM expression ('addi' used instead of 'add') + - bnxt_en: fix ternary sign extension bug in bnxt_show_temp() + - ARM: dts: uniphier: Change phy-mode to RGMII-ID to enable delay pins for + RTL8211E + - arm64: dts: uniphier: Change phy-mode to RGMII-ID to enable delay pins for + RTL8211E + - net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb + - selftests: net: mirror_gre_vlan_bridge_1q: Make an FDB entry static + - bnxt_en: Fix RX consumer index logic in the error path. + - net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send + - RDMA/siw: Fix a use after free in siw_alloc_mr + - RDMA/bnxt_re: Fix a double free in bnxt_qplib_alloc_res + - net: bridge: mcast: fix broken length + header check for MRDv6 Adv. + - net:nfc:digital: Fix a double free in digital_tg_recv_dep_req + - kfifo: fix ternary sign extension bugs + - mm/sparse: add the missing sparse_buffer_fini() in error branch + - mm/memory-failure: unnecessary amount of unmapping + - net: Only allow init netns to set default tcp cong to a restricted algo + - smp: Fix smp_call_function_single_async prototype + - Revert "net/sctp: fix race condition in sctp_destroy_sock" + - sctp: delay auto_asconf init until binding the first addr + - Revert "of/fdt: Make sure no-map does not remove already reserved regions" + - Revert "fdt: Properly handle "no-map" field in the memory region" + - Linux 5.4.119 + * seccomp_bpf:syscall_faked from kselftests fail on s390x (LP: #1928522) + - selftests/seccomp: s390 shares the syscall and return value register + * Can't detect intel wifi 6235 (LP: #1920180) + - SAUCE: iwlwifi: add new pci id for 6235 + * Mark kprobe_args_user.tc in kselftest/ftrace as unsupported (LP: #1929527) + - selftests/ftrace: Return unsupported for the unconfigured features + * pmtu.sh from net in ubuntu_kernel_selftests failed with no error message + (LP: #1887661) + - selftests: pmtu.sh: use $ksft_skip for skipped return code + * alsa/sof: make sof driver work in the case of without i915 (focal kernel) + (LP: #1927672) + - SAUCE: ASoC: SOF: Intel: hda: move the probe_bus ahead of creation of mach + device + * Fix kdump failures (LP: #1927518) + - video: hyperv_fb: Add ratelimit on error message + - Drivers: hv: vmbus: Increase wait time for VMbus unload + - Drivers: hv: vmbus: Initialize unload_event statically + * Ubuntu 20.04 - 'Support flow counters offset for bulk counters' + (LP: #1922494) + - IB/mlx5: Support flow counters offset for bulk counters + * Focal update: v5.4.118 upstream stable release (LP: #1928825) + - s390/disassembler: increase ebpf disasm buffer size + - ACPI: custom_method: fix potential use-after-free issue + - ACPI: custom_method: fix a possible memory leak + - ftrace: Handle commands when closing set_ftrace_filter file + - ARM: 9056/1: decompressor: fix BSS size calculation for LLVM ld.lld + - arm64: dts: marvell: armada-37xx: add syscon compatible to NB clk node + - arm64: dts: mt8173: fix property typo of 'phys' in dsi node + - ecryptfs: fix kernel panic with null dev_name + - mtd: spinand: core: add missing MODULE_DEVICE_TABLE() + - mtd: rawnand: atmel: Update ecc_stats.corrected counter + - erofs: add unsupported inode i_format check + - spi: spi-ti-qspi: Free DMA resources + - scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand() + - scsi: mpt3sas: Block PCI config access from userspace during reset + - mmc: uniphier-sd: Fix an error handling path in uniphier_sd_probe() + - mmc: uniphier-sd: Fix a resource leak in the remove function + - mmc: sdhci: Check for reset prior to DMA address unmap + - mmc: sdhci-pci: Fix initialization of some SD cards for Intel BYT-based + controllers + - mmc: block: Update ext_csd.cache_ctrl if it was written + - mmc: block: Issue a cache flush only when it's enabled + - mmc: core: Do a power cycle when the CMD11 fails + - mmc: core: Set read only for SD cards with permanent write protect bit + - mmc: core: Fix hanging on I/O during system suspend for removable cards + - modules: mark ref_module static + - modules: mark find_symbol static + - modules: mark each_symbol_section static + - modules: unexport __module_text_address + - modules: unexport __module_address + - modules: rename the licence field in struct symsearch to license + - modules: return licensing information from find_symbol + - modules: inherit TAINT_PROPRIETARY_MODULE + - irqchip/gic-v3: Do not enable irqs when handling spurious interrups + - cifs: Return correct error code from smb2_get_enc_key + - btrfs: fix metadata extent leak after failure to create subvolume + - intel_th: pci: Add Rocket Lake CPU support + - posix-timers: Preserve return value in clock_adjtime32() + - fbdev: zero-fill colormap in fbcmap.c + - bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first + - staging: wimax/i2400m: fix byte-order issue + - spi: ath79: always call chipselect function + - spi: ath79: remove spi-master setup and cleanup assignment + - crypto: api - check for ERR pointers in crypto_destroy_tfm() + - crypto: qat - fix unmap invalid dma address + - usb: gadget: uvc: add bInterval checking for HS mode + - usb: webcam: Invalid size of Processing Unit Descriptor + - genirq/matrix: Prevent allocation counter corruption + - usb: gadget: f_uac2: validate input parameters + - usb: gadget: f_uac1: validate input parameters + - usb: dwc3: gadget: Ignore EP queue requests during bus reset + - usb: xhci: Fix port minor revision + - PCI: PM: Do not read power state in pci_enable_device_flags() + - x86/build: Propagate $(CLANG_FLAGS) to $(REALMODE_FLAGS) + - tee: optee: do not check memref size on return from Secure World + - perf/arm_pmu_platform: Fix error handling + - usb: xhci-mtk: support quirk to disable usb2 lpm + - xhci: check control context is valid before dereferencing it. + - xhci: fix potential array out of bounds with several interrupters + - spi: dln2: Fix reference leak to master + - spi: omap-100k: Fix reference leak to master + - spi: qup: fix PM reference leak in spi_qup_remove() + - usb: musb: fix PM reference leak in musb_irq_work() + - usb: core: hub: Fix PM reference leak in usb_port_resume() + - tty: n_gsm: check error while registering tty devices + - intel_th: Consistency and off-by-one fix + - phy: phy-twl4030-usb: Fix possible use-after-free in twl4030_usb_remove() + - crypto: stm32/hash - Fix PM reference leak on stm32-hash.c + - crypto: stm32/cryp - Fix PM reference leak on stm32-cryp.c + - crypto: omap-aes - Fix PM reference leak on omap-aes.c + - platform/x86: intel_pmc_core: Don't use global pmcdev in quirks + - btrfs: convert logic BUG_ON()'s in replace_path to ASSERT()'s + - drm: Added orientation quirk for OneGX1 Pro + - drm/qxl: release shadow on shutdown + - drm/amd/display: Check for DSC support instead of ASIC revision + - drm/amd/display: Don't optimize bandwidth before disabling planes + - scsi: lpfc: Fix incorrect dbde assignment when building target abts wqe + - scsi: lpfc: Fix pt2pt connection does not recover after LOGO + - scsi: target: pscsi: Fix warning in pscsi_complete_cmd() + - media: ite-cir: check for receive overflow + - media: drivers: media: pci: sta2x11: fix Kconfig dependency on GPIOLIB + - media: imx: capture: Return -EPIPE from __capture_legacy_try_fmt() + - power: supply: bq27xxx: fix power_avg for newer ICs + - extcon: arizona: Fix some issues when HPDET IRQ fires after the jack has + been unplugged + - extcon: arizona: Fix various races on driver unbind + - media: media/saa7164: fix saa7164_encoder_register() memory leak bugs + - media: gspca/sq905.c: fix uninitialized variable + - power: supply: Use IRQF_ONESHOT + - drm/amdgpu: mask the xgmi number of hops reported from psp to kfd + - drm/amdkfd: Fix UBSAN shift-out-of-bounds warning + - drm/amdgpu : Fix asic reset regression issue introduce by 8f211fe8ac7c4f + - drm/amd/display: Fix UBSAN warning for not a valid value for type '_Bool' + - drm/amd/display: fix dml prefetch validation + - scsi: qla2xxx: Always check the return value of qla24xx_get_isp_stats() + - drm/vkms: fix misuse of WARN_ON + - scsi: qla2xxx: Fix use after free in bsg + - mmc: sdhci-pci: Add PCI IDs for Intel LKF + - ata: ahci: Disable SXS for Hisilicon Kunpeng920 + - scsi: smartpqi: Correct request leakage during reset operations + - scsi: smartpqi: Add new PCI IDs + - scsi: scsi_dh_alua: Remove check for ASC 24h in alua_rtpg() + - media: em28xx: fix memory leak + - media: vivid: update EDID + - clk: socfpga: arria10: Fix memory leak of socfpga_clk on error return + - power: supply: generic-adc-battery: fix possible use-after-free in + gab_remove() + - power: supply: s3c_adc_battery: fix possible use-after-free in + s3c_adc_bat_remove() + - media: tc358743: fix possible use-after-free in tc358743_remove() + - media: adv7604: fix possible use-after-free in adv76xx_remove() + - media: i2c: adv7511-v4l2: fix possible use-after-free in adv7511_remove() + - media: i2c: tda1997: Fix possible use-after-free in tda1997x_remove() + - media: i2c: adv7842: fix possible use-after-free in adv7842_remove() + - media: platform: sti: Fix runtime PM imbalance in regs_show + - media: dvb-usb: fix memory leak in dvb_usb_adapter_init + - media: gscpa/stv06xx: fix memory leak + - sched/fair: Ignore percpu threads for imbalance pulls + - drm/msm/mdp5: Configure PP_SYNC_HEIGHT to double the vtotal + - drm/msm/mdp5: Do not multiply vclk line count by 100 + - drm/amdkfd: Fix cat debugfs hang_hws file causes system crash bug + - amdgpu: avoid incorrect %hu format string + - drm/amdgpu: fix NULL pointer dereference + - scsi: lpfc: Fix crash when a REG_RPI mailbox fails triggering a LOGO + response + - scsi: lpfc: Fix error handling for mailboxes completed in MBX_POLL mode + - scsi: lpfc: Remove unsupported mbox PORT_CAPABILITIES logic + - mfd: arizona: Fix rumtime PM imbalance on error + - scsi: libfc: Fix a format specifier + - s390/archrandom: add parameter check for s390_arch_random_generate + - ALSA: emu8000: Fix a use after free in snd_emu8000_create_mixer + - ALSA: hda/conexant: Re-order CX5066 quirk table entries + - ALSA: sb: Fix two use after free in snd_sb_qsound_build + - ALSA: usb-audio: Explicitly set up the clock selector + - ALSA: usb-audio: More constifications + - ALSA: usb-audio: Add dB range mapping for Sennheiser Communications Headset + PC 8 + - ALSA: hda/realtek: GA503 use same quirks as GA401 + - ALSA: hda/realtek: fix mic boost on Intel NUC 8 + - ALSA: hda/realtek: fix static noise on ALC285 Lenovo laptops + - ALSA: hda/realtek: Add quirk for Intel Clevo PCx0Dx + - btrfs: fix race when picking most recent mod log operation for an old root + - arm64/vdso: Discard .note.gnu.property sections in vDSO + - Makefile: Move -Wno-unused-but-set-variable out of GCC only block + - virtiofs: fix memory leak in virtio_fs_probe() + - ubifs: Only check replay with inode type to judge if inode linked + - f2fs: fix to avoid out-of-bounds memory access + - mlxsw: spectrum_mr: Update egress RIF list before route's action + - openvswitch: fix stack OOB read while fragmenting IPv4 packets + - ACPI: GTDT: Don't corrupt interrupt mappings on watchdow probe failure + - NFS: Don't discard pNFS layout segments that are marked for return + - NFSv4: Don't discard segments marked for return in _pnfs_return_layout() + - Input: ili210x - add missing negation for touch indication on ili210x + - jffs2: Fix kasan slab-out-of-bounds problem + - powerpc/eeh: Fix EEH handling for hugepages in ioremap space. + - powerpc: fix EDEADLOCK redefinition error in uapi/asm/errno.h + - intel_th: pci: Add Alder Lake-M support + - tpm: efi: Use local variable for calculating final log size + - tpm: vtpm_proxy: Avoid reading host log when using a virtual device + - crypto: rng - fix crypto_rng_reset() refcounting when !CRYPTO_STATS + - md/raid1: properly indicate failure when ending a failed write request + - dm raid: fix inconclusive reshape layout on fast raid4/5/6 table reload + sequences + - fuse: fix write deadlock + - security: commoncap: fix -Wstringop-overread warning + - Fix misc new gcc warnings + - jffs2: check the validity of dstlen in jffs2_zlib_compress() + - Revert 337f13046ff0 ("futex: Allow FUTEX_CLOCK_REALTIME with FUTEX_WAIT op") + - x86/cpu: Initialize MSR_TSC_AUX if RDTSCP *or* RDPID is supported + - kbuild: update config_data.gz only when the content of .config is changed + - ext4: fix check to prevent false positive report of incorrect used inodes + - ext4: do not set SB_ACTIVE in ext4_orphan_cleanup() + - ext4: fix error code in ext4_commit_super + - media: dvbdev: Fix memory leak in dvb_media_device_free() + - media: dvb-usb: Fix use-after-free access + - media: dvb-usb: Fix memory leak at error in dvb_usb_device_init() + - media: staging/intel-ipu3: Fix memory leak in imu_fmt + - media: staging/intel-ipu3: Fix set_fmt error handling + - media: staging/intel-ipu3: Fix race condition during set_fmt + - usb: gadget: dummy_hcd: fix gpf in gadget_setup + - usb: gadget: Fix double free of device descriptor pointers + - usb: gadget/function/f_fs string table fix for multiple languages + - usb: dwc3: gadget: Fix START_TRANSFER link state check + - usb: dwc2: Fix session request interrupt handler + - tty: fix memory leak in vc_deallocate + - rsi: Use resume_noirq for SDIO + - tracing: Map all PIDs to command lines + - tracing: Restructure trace_clock_global() to never block + - dm persistent data: packed struct should have an aligned() attribute too + - dm space map common: fix division bug in sm_ll_find_free_block() + - dm integrity: fix missing goto in bitmap_flush_interval error handling + - dm rq: fix double free of blk_mq_tag_set in dev remove after table load + fails + - Linux 5.4.118 + * Focal update: v5.4.117 upstream stable release (LP: #1928823) + - mips: Do not include hi and lo in clobber list for R6 + - ACPI: tables: x86: Reserve memory occupied by ACPI tables + - ACPI: x86: Call acpi_boot_table_init() after acpi_table_upgrade() + - net: usb: ax88179_178a: initialize local variables before use + - igb: Enable RSS for Intel I211 Ethernet Controller + - iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_enqueue_hcmd() + - bpf: Fix masking negation logic upon negative dst register + - bpf: Fix leakage of uninitialized bpf stack under speculation + - avoid __memcat_p link failure + - iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_gen2_enqueue_hcmd() + - perf data: Fix error return code in perf_data__create_dir() + - perf ftrace: Fix access to pid in array when setting a pid filter + - ALSA: usb-audio: Add MIDI quirk for Vox ToneLab EX + - USB: Add reset-resume quirk for WD19's Realtek Hub + - platform/x86: thinkpad_acpi: Correct thermal sensor allocation + - scsi: ufs: Unlock on a couple error paths + - ovl: allow upperdir inside lowerdir + - perf/core: Fix unconditional security_locked_down() call + - vfio: Depend on MMU + - Linux 5.4.117 + * r8152 tx status -71 (LP: #1922651) // Focal update: v5.4.117 upstream stable + release (LP: #1928823) + - USB: Add LPM quirk for Lenovo ThinkPad USB-C Dock Gen2 Ethernet + * Focal update: v5.4.116 upstream stable release (LP: #1928821) + - bpf: Move off_reg into sanitize_ptr_alu + - bpf: Ensure off_reg has no mixed signed bounds for all types + - bpf: Rework ptr_limit into alu_limit and add common error path + - bpf: Improve verifier error messages for users + - bpf: Refactor and streamline bounds check into helper + - bpf: Move sanitize_val_alu out of op switch + - bpf: Tighten speculative pointer arithmetic mask + - bpf: Update selftests to reflect new error states + - Linux 5.4.116 + * Focal update: v5.4.115 upstream stable release (LP: #1927997) + - gpio: omap: Save and restore sysconfig + - pinctrl: lewisburg: Update number of pins in community + - arm64: dts: allwinner: Revert SD card CD GPIO for Pine64-LTS + - perf/x86/intel/uncore: Remove uncore extra PCI dev HSWEP_PCI_PCU_3 + - perf/x86/kvm: Fix Broadwell Xeon stepping in isolation_ucodes[] + - perf auxtrace: Fix potential NULL pointer dereference + - HID: google: add don USB id + - HID: alps: fix error return code in alps_input_configured() + - HID: wacom: Assign boolean values to a bool variable + - ARM: dts: Fix swapped mmc order for omap3 + - net: geneve: check skb is large enough for IPv4/IPv6 header + - s390/entry: save the caller of psw_idle + - xen-netback: Check for hotplug-status existence before watching + - cavium/liquidio: Fix duplicate argument + - csky: change a Kconfig symbol name to fix e1000 build error + - ia64: fix discontig.c section mismatches + - ia64: tools: remove duplicate definition of ia64_mf() on ia64 + - x86/crash: Fix crash_setup_memmap_entries() out-of-bounds access + - net: hso: fix NULL-deref on disconnect regression + - USB: CDC-ACM: fix poison/unpoison imbalance + - Linux 5.4.115 + + [ Ubuntu: 5.4.0-74.83 ] + + * focal/linux: 5.4.0-74.83 -proposed tracker (LP: #1927619) + * Introduce the 465 driver series, fabric-manager, and libnvidia-nscq + (LP: #1925522) + - debian/dkms-versions -- add NVIDIA 465 and migrate 450 to 460 + * linux-image-5.0.0-35-generic breaks checkpointing of container + (LP: #1857257) + - SAUCE: overlayfs: fix incorrect mnt_id of files opened from map_files + * Enable CIFS GCM256 (LP: #1921916) + - smb3: add defines for new crypto algorithms + - smb3.1.1: add new module load parm require_gcm_256 + - smb3.1.1: add new module load parm enable_gcm_256 + - smb3.1.1: print warning if server does not support requested encryption type + - smb3.1.1: rename nonces used for GCM and CCM encryption + - smb3.1.1: set gcm256 when requested + - cifs: Adjust key sizes and key generation routines for AES256 encryption + * locking/qrwlock: Fix ordering in queued_write_lock_slowpath() (LP: #1926184) + - locking/qrwlock: Fix ordering in queued_write_lock_slowpath() + * [Ubuntu 21.04] net/mlx5: Fix HW spec violation configuring uplink + (LP: #1925452) + - net/mlx5: Fix HW spec violation configuring uplink + * Focal update: v5.4.114 upstream stable release (LP: #1926493) + - Revert "scsi: qla2xxx: Retry PLOGI on FC-NVMe PRLI failure" + - Revert "scsi: qla2xxx: Fix stuck login session using prli_pend_timer" + - scsi: qla2xxx: Dual FCP-NVMe target port support + - scsi: qla2xxx: Fix device connect issues in P2P configuration + - scsi: qla2xxx: Retry PLOGI on FC-NVMe PRLI failure + - scsi: qla2xxx: Add a shadow variable to hold disc_state history of fcport + - scsi: qla2xxx: Fix stuck login session using prli_pend_timer + - scsi: qla2xxx: Fix fabric scan hang + - net/sctp: fix race condition in sctp_destroy_sock + - Input: nspire-keypad - enable interrupts only when opened + - gpio: sysfs: Obey valid_mask + - dmaengine: dw: Make it dependent to HAS_IOMEM + - ARM: dts: Drop duplicate sha2md5_fck to fix clk_disable race + - ARM: dts: Fix moving mmc devices with aliases for omap4 & 5 + - lockdep: Add a missing initialization hint to the "INFO: Trying to register + non-static key" message + - arc: kernel: Return -EFAULT if copy_to_user() fails + - ASoC: max98373: Added 30ms turn on/off time delay + - neighbour: Disregard DEAD dst in neigh_update + - ARM: keystone: fix integer overflow warning + - ARM: omap1: fix building with clang IAS + - drm/msm: Fix a5xx/a6xx timestamps + - ASoC: fsl_esai: Fix TDM slot setup for I2S mode + - scsi: scsi_transport_srp: Don't block target in SRP_PORT_LOST state + - net: ieee802154: stop dump llsec keys for monitors + - net: ieee802154: forbid monitor for add llsec key + - net: ieee802154: forbid monitor for del llsec key + - net: ieee802154: stop dump llsec devs for monitors + - net: ieee802154: forbid monitor for add llsec dev + - net: ieee802154: forbid monitor for del llsec dev + - net: ieee802154: stop dump llsec devkeys for monitors + - net: ieee802154: forbid monitor for add llsec devkey + - net: ieee802154: forbid monitor for del llsec devkey + - net: ieee802154: stop dump llsec seclevels for monitors + - net: ieee802154: forbid monitor for add llsec seclevel + - pcnet32: Use pci_resource_len to validate PCI resource + - mac80211: clear sta->fast_rx when STA removed from 4-addr VLAN + - virt_wifi: Return micros for BSS TSF values + - Input: s6sy761 - fix coordinate read bit shift + - Input: i8042 - fix Pegatron C15B ID entry + - HID: wacom: set EV_KEY and EV_ABS only for non-HID_GENERIC type of devices + - dm verity fec: fix misaligned RS roots IO + - readdir: make sure to verify directory entry for legacy interfaces too + - arm64: fix inline asm in load_unaligned_zeropad() + - arm64: alternatives: Move length validation in alternative_{insn, endif} + - vfio/pci: Add missing range check in vfio_pci_mmap + - riscv: Fix spelling mistake "SPARSEMEM" to "SPARSMEM" + - scsi: libsas: Reset num_scatter if libata marks qc as NODATA + - netfilter: conntrack: do not print icmpv6 as unknown via /proc + - libnvdimm/region: Fix nvdimm_has_flush() to handle ND_REGION_ASYNC + - netfilter: bridge: add pre_exit hooks for ebtable unregistration + - netfilter: arp_tables: add pre_exit hook for table unregister + - net: macb: fix the restore of cmp registers + - netfilter: nft_limit: avoid possible divide error in nft_limit_init + - net: davicom: Fix regulator not turned off on failed probe + - net: sit: Unregister catch-all devices + - net: ip6_tunnel: Unregister catch-all devices + - i40e: fix the panic when running bpf in xdpdrv mode + - ibmvnic: avoid calling napi_disable() twice + - ibmvnic: remove duplicate napi_schedule call in do_reset function + - ibmvnic: remove duplicate napi_schedule call in open function + - gro: ensure frag0 meets IP header alignment + - ARM: footbridge: fix PCI interrupt mapping + - arm64: dts: allwinner: Fix SD card CD GPIO for SOPine systems + - r8169: remove fiddling with the PCIe max read request size + - r8169: simplify setting PCI_EXP_DEVCTL_NOSNOOP_EN + - r8169: fix performance regression related to PCIe max read request size + - r8169: improve rtl_jumbo_config + - r8169: tweak max read request size for newer chips also in jumbo mtu mode + - r8169: don't advertise pause in jumbo mode + - ARM: 9071/1: uprobes: Don't hook on thumb instructions + - net: phy: marvell: fix detection of PHY on Topaz switches + - Linux 5.4.114 + * Focal update: v5.4.113 upstream stable release (LP: #1926490) + - interconnect: core: fix error return code of icc_link_destroy() + - KVM: arm64: Hide system instruction access to Trace registers + - KVM: arm64: Disable guest access to trace filter controls + - drm/imx: imx-ldb: fix out of bounds array access warning + - gfs2: report "already frozen/thawed" errors + - drm/tegra: dc: Don't set PLL clock to 0Hz + - block: only update parent bi_status when bio fail + - radix tree test suite: Register the main thread with the RCU library + - idr test suite: Take RCU read lock in idr_find_test_1 + - idr test suite: Create anchor before launching throbber + - riscv,entry: fix misaligned base for excp_vect_table + - block: don't ignore REQ_NOWAIT for direct IO + - netfilter: x_tables: fix compat match/target pad out-of-bound write + - driver core: Fix locking bug in deferred_probe_timeout_work_func() + - perf tools: Use %define api.pure full instead of %pure-parser + - perf tools: Use %zd for size_t printf formats on 32-bit + - perf map: Tighten snprintf() string precision to pass gcc check on some + 32-bit arches + - xen/events: fix setting irq affinity + - Linux 5.4.113 + * Focal update: v5.4.112 upstream stable release (LP: #1926489) + - counter: stm32-timer-cnt: fix ceiling miss-alignment with reload register + - ALSA: aloop: Fix initialization of controls + - ALSA: hda/realtek: Fix speaker amp setup on Acer Aspire E1 + - ASoC: intel: atom: Stop advertising non working S24LE support + - nfc: fix refcount leak in llcp_sock_bind() + - nfc: fix refcount leak in llcp_sock_connect() + - nfc: fix memory leak in llcp_sock_connect() + - nfc: Avoid endless loops caused by repeated llcp_sock_connect() + - xen/evtchn: Change irq_info lock to raw_spinlock_t + - net: ipv6: check for validity before dereferencing cfg->fc_nlinfo.nlh + - net: dsa: lantiq_gswip: Let GSWIP automatically set the xMII clock + - drm/i915: Fix invalid access to ACPI _DSM objects + - gcov: re-fix clang-11+ support + - ia64: fix user_stack_pointer() for ptrace() + - nds32: flush_dcache_page: use page_mapping_file to avoid races with swapoff + - ocfs2: fix deadlock between setattr and dio_end_io_write + - fs: direct-io: fix missing sdio->boundary + - parisc: parisc-agp requires SBA IOMMU driver + - parisc: avoid a warning on u8 cast for cmpxchg on u8 pointers + - ARM: dts: turris-omnia: configure LED[2]/INTn pin as interrupt pin + - batman-adv: initialize "struct batadv_tvlv_tt_vlan_data"->reserved field + - ice: Increase control queue timeout + - ice: Fix for dereference of NULL pointer + - ice: Cleanup fltr list in case of allocation issues + - net: hso: fix null-ptr-deref during tty device unregistration + - ethernet/netronome/nfp: Fix a use after free in nfp_bpf_ctrl_msg_rx + - bpf, sockmap: Fix sk->prot unhash op reset + - net: ensure mac header is set in virtio_net_hdr_to_skb() + - i40e: Fix sparse warning: missing error code 'err' + - i40e: Fix sparse error: 'vsi->netdev' could be null + - net: sched: sch_teql: fix null-pointer dereference + - mac80211: fix TXQ AC confusion + - net: hsr: Reset MAC header for Tx path + - net-ipv6: bugfix - raw & sctp - switch to ipv6_can_nonlocal_bind() + - net: let skb_orphan_partial wake-up waiters. + - usbip: add sysfs_lock to synchronize sysfs code paths + - usbip: stub-dev synchronize sysfs code paths + - usbip: vudc synchronize sysfs code paths + - usbip: synchronize event handler with sysfs code paths + - i2c: turn recovery error on init to debug + - virtio_net: Add XDP meta data support + - net: dsa: lantiq_gswip: Don't use PHY auto polling + - net: dsa: lantiq_gswip: Configure all remaining GSWIP_MII_CFG bits + - xfrm: interface: fix ipv4 pmtu check to honor ip header df + - regulator: bd9571mwv: Fix AVS and DVFS voltage range + - net: xfrm: Localize sequence counter per network namespace + - esp: delete NETIF_F_SCTP_CRC bit from features for esp offload + - ASoC: SOF: Intel: hda: remove unnecessary parentheses + - ASoC: SOF: Intel: HDA: fix core status verification + - ASoC: wm8960: Fix wrong bclk and lrclk with pll enabled for some chips + - xfrm: Fix NULL pointer dereference on policy lookup + - i40e: Added Asym_Pause to supported link modes + - i40e: Fix kernel oops when i40e driver removes VF's + - hostfs: Use kasprintf() instead of fixed buffer formatting + - hostfs: fix memory handling in follow_link() + - amd-xgbe: Update DMA coherency values + - sch_red: fix off-by-one checks in red_check_params() + - arm64: dts: imx8mm/q: Fix pad control of SD1_DATA0 + - can: bcm/raw: fix msg_namelen values depending on CAN_REQUIRED_SIZE + - gianfar: Handle error code at MAC address change + - cxgb4: avoid collecting SGE_QBASE regs during traffic + - net:tipc: Fix a double free in tipc_sk_mcast_rcv + - ARM: dts: imx6: pbab01: Set vmmc supply for both SD interfaces + - net/ncsi: Avoid channel_monitor hrtimer deadlock + - nfp: flower: ignore duplicate merge hints from FW + - net: phy: broadcom: Only advertise EEE for supported modes + - ASoC: sunxi: sun4i-codec: fill ASoC card owner + - net/mlx5e: Fix ethtool indication of connector type + - net/mlx5: Don't request more than supported EQs + - net/rds: Fix a use after free in rds_message_map_pages + - soc/fsl: qbman: fix conflicting alignment attributes + - i40e: Fix display statistics for veb_tc + - drm/msm: Set drvdata to NULL when msm_drm_init() fails + - net: udp: Add support for getsockopt(..., ..., UDP_GRO, ..., ...); + - scsi: ufs: Fix irq return code + - scsi: ufs: Avoid busy-waiting by eliminating tag conflicts + - scsi: ufs: Use blk_{get,put}_request() to allocate and free TMFs + - scsi: ufs: core: Fix task management request completion timeout + - scsi: ufs: core: Fix wrong Task Tag used in task management request UPIUs + - net: macb: restore cmp registers on resume path + - clk: fix invalid usage of list cursor in register + - clk: fix invalid usage of list cursor in unregister + - workqueue: Move the position of debug_work_activate() in __queue_work() + - s390/cpcmd: fix inline assembly register clobbering + - perf inject: Fix repipe usage + - net: openvswitch: conntrack: simplify the return expression of + ovs_ct_limit_get_default_limit() + - openvswitch: fix send of uninitialized stack memory in ct limit reply + - net: hns3: clear VF down state bit before request link status + - net/mlx5: Fix placement of log_max_flow_counter + - net/mlx5: Fix PBMC register mapping + - RDMA/cxgb4: check for ipv6 address properly while destroying listener + - RDMA/addr: Be strict with gid size + - RAS/CEC: Correct ce_add_elem()'s returned values + - clk: socfpga: fix iomem pointer cast on 64-bit + - dt-bindings: net: ethernet-controller: fix typo in NVMEM + - net: sched: bump refcount for new action in ACT replace mode + - cfg80211: remove WARN_ON() in cfg80211_sme_connect + - net: tun: set tun->dev->addr_len during TUNSETLINK processing + - drivers: net: fix memory leak in atusb_probe + - drivers: net: fix memory leak in peak_usb_create_dev + - net: mac802154: Fix general protection fault + - net: ieee802154: nl-mac: fix check on panid + - net: ieee802154: fix nl802154 del llsec key + - net: ieee802154: fix nl802154 del llsec dev + - net: ieee802154: fix nl802154 add llsec key + - net: ieee802154: fix nl802154 del llsec devkey + - net: ieee802154: forbid monitor for set llsec params + - net: ieee802154: forbid monitor for del llsec seclevel + - net: ieee802154: stop dump llsec params for monitors + - Linux 5.4.112 + * crash utility fails on arm64 with cannot determine VA_BITS_ACTUAL + (LP: #1919275) + - arm64/crash_core: Export TCR_EL1.T1SZ in vmcoreinfo + * Focal update: v5.4.111 upstream stable release (LP: #1923874) + - ARM: dts: am33xx: add aliases for mmc interfaces + - bus: ti-sysc: Fix warning on unbind if reset is not deasserted + - platform/x86: intel-hid: Support Lenovo ThinkPad X1 Tablet Gen 2 + - bpf, x86: Use kvmalloc_array instead kmalloc_array in bpf_jit_comp + - net/mlx5e: Enforce minimum value check for ICOSQ size + - net: pxa168_eth: Fix a potential data race in pxa168_eth_remove + - mISDN: fix crash in fritzpci + - mac80211: choose first enabled channel for monitor + - drm/msm/adreno: a5xx_power: Don't apply A540 lm_setup to other GPUs + - drm/msm: Ratelimit invalid-fence message + - netfilter: conntrack: Fix gre tunneling over ipv6 + - platform/x86: thinkpad_acpi: Allow the FnLock LED to change state + - x86/build: Turn off -fcf-protection for realmode targets + - scsi: target: pscsi: Clean up after failure in pscsi_map_sg() + - ia64: mca: allocate early mca with GFP_ATOMIC + - ia64: fix format strings for err_inject + - cifs: revalidate mapping when we open files for SMB1 POSIX + - cifs: Silently ignore unknown oplock break handle + - nvme-mpath: replace direct_make_request with generic_make_request + - init/Kconfig: make COMPILE_TEST depend on !S390 + - init/Kconfig: make COMPILE_TEST depend on HAS_IOMEM + - Linux 5.4.111 + * Focal update: v5.4.110 upstream stable release (LP: #1923869) + - selinux: vsock: Set SID for socket returned by accept() + - ipv6: weaken the v4mapped source check + - modsign: print module name along with error message + - module: merge repetitive strings in module_sig_check() + - module: avoid *goto*s in module_sig_check() + - module: harden ELF info handling + - ext4: shrink race window in ext4_should_retry_alloc() + - ext4: fix bh ref count on error paths + - fs: nfsd: fix kconfig dependency warning for NFSD_V4 + - rpc: fix NULL dereference on kmalloc failure + - iomap: Fix negative assignment to unsigned sis->pages in + iomap_swapfile_activate + - ASoC: rt5640: Fix dac- and adc- vol-tlv values being off by a factor of 10 + - ASoC: rt5651: Fix dac- and adc- vol-tlv values being off by a factor of 10 + - ASoC: sgtl5000: set DAP_AVC_CTRL register to correct default value on probe + - ASoC: es8316: Simplify adc_pga_gain_tlv table + - ASoC: cs42l42: Fix Bitclock polarity inversion + - ASoC: cs42l42: Fix channel width support + - ASoC: cs42l42: Fix mixer volume control + - ASoC: cs42l42: Always wait at least 3ms after reset + - NFSD: fix error handling in NFSv4.0 callbacks + - powerpc: Force inlining of cpu_has_feature() to avoid build failure + - vhost: Fix vhost_vq_reset() + - scsi: st: Fix a use after free in st_open() + - scsi: qla2xxx: Fix broken #endif placement + - staging: comedi: cb_pcidas: fix request_irq() warn + - staging: comedi: cb_pcidas64: fix request_irq() warn + - ASoC: rt5659: Update MCLK rate in set_sysclk() + - thermal/core: Add NULL pointer check before using cooling device stats + - locking/ww_mutex: Simplify use_ww_ctx & ww_ctx handling + - ext4: do not iput inode under running transaction in ext4_rename() + - net: mvpp2: fix interrupt mask/unmask skip condition + - flow_dissector: fix TTL and TOS dissection on IPv4 fragments + - can: dev: move driver related infrastructure into separate subdir + - net: introduce CAN specific pointer in the struct net_device + - can: tcan4x5x: fix max register value + - brcmfmac: clear EAP/association status bits on linkdown events + - ath10k: hold RCU lock when calling ieee80211_find_sta_by_ifaddr() + - net: ethernet: aquantia: Handle error cleanup of start on open + - appletalk: Fix skb allocation size in loopback case + - net: wan/lmc: unregister device when no matching device is found + - bpf: Remove MTU check in __bpf_skb_max_len + - ALSA: usb-audio: Apply sample rate quirk to Logitech Connect + - ALSA: hda: Re-add dropped snd_poewr_change_state() calls + - ALSA: hda: Add missing sanity checks in PM prepare/complete callbacks + - ALSA: hda/realtek: fix a determine_headset_type issue for a Dell AIO + - ALSA: hda/realtek: call alc_update_headset_mode() in hp_automute_hook + - xtensa: move coprocessor_flush to the .text section + - PM: runtime: Fix race getting/putting suppliers at probe + - PM: runtime: Fix ordering in pm_runtime_get_suppliers() + - tracing: Fix stack trace event size + - mm: fix race by making init_zero_pfn() early_initcall + - drm/amdgpu: fix offset calculation in amdgpu_vm_bo_clear_mappings() + - drm/amdgpu: check alignment on CPU page for bo map + - reiserfs: update reiserfs_xattrs_initialized() condition + - vfio/nvlink: Add missing SPAPR_TCE_IOMMU depends + - pinctrl: rockchip: fix restore error in resume + - extcon: Add stubs for extcon_register_notifier_all() functions + - extcon: Fix error handling in extcon_dev_register + - firewire: nosy: Fix a use-after-free bug in nosy_ioctl() + - usbip: vhci_hcd fix shift out-of-bounds in vhci_hub_control() + - USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem + - usb: musb: Fix suspend with devices connected for a64 + - usb: xhci-mtk: fix broken streams issue on 0.96 xHCI + - cdc-acm: fix BREAK rx code path adding necessary calls + - USB: cdc-acm: untangle a circular dependency between callback and softint + - USB: cdc-acm: downgrade message to debug + - USB: cdc-acm: fix double free on probe failure + - USB: cdc-acm: fix use-after-free after probe failure + - usb: gadget: udc: amd5536udc_pci fix null-ptr-dereference + - usb: dwc2: Fix HPRT0.PrtSusp bit setting for HiKey 960 board. + - usb: dwc2: Prevent core suspend when port connection flag is 0 + - staging: rtl8192e: Fix incorrect source in memcpy() + - staging: rtl8192e: Change state information from u16 to u8 + - drivers: video: fbcon: fix NULL dereference in fbcon_cursor() + - Linux 5.4.110 + * Focal update: v5.4.109 upstream stable release (LP: #1923220) + - hugetlbfs: hugetlb_fault_mutex_hash() cleanup + - net: fec: ptp: avoid register access when ipg clock is disabled + - powerpc/4xx: Fix build errors from mfdcr() + - atm: eni: dont release is never initialized + - atm: lanai: dont run lanai_dev_close if not open + - Revert "r8152: adjust the settings about MAC clock speed down for RTL8153" + - ALSA: hda: ignore invalid NHLT table + - ixgbe: Fix memleak in ixgbe_configure_clsu32 + - net: tehuti: fix error return code in bdx_probe() + - net: intel: iavf: fix error return code of iavf_init_get_resources() + - sun/niu: fix wrong RXMAC_BC_FRM_CNT_COUNT count + - gianfar: fix jumbo packets+napi+rx overrun crash + - cifs: ask for more credit on async read/write code paths + - cpufreq: blacklist Arm Vexpress platforms in cpufreq-dt-platdev + - gpiolib: acpi: Add missing IRQF_ONESHOT + - nfs: fix PNFS_FLEXFILE_LAYOUT Kconfig default + - NFS: Correct size calculation for create reply length + - net: hisilicon: hns: fix error return code of hns_nic_clear_all_rx_fetch() + - net: wan: fix error return code of uhdlc_init() + - net: davicom: Use platform_get_irq_optional() + - atm: uPD98402: fix incorrect allocation + - atm: idt77252: fix null-ptr-dereference + - cifs: change noisy error message to FYI + - irqchip/ingenic: Add support for the JZ4760 + - sparc64: Fix opcode filtering in handling of no fault loads + - habanalabs: Call put_pid() when releasing control device + - u64_stats,lockdep: Fix u64_stats_init() vs lockdep + - regulator: qcom-rpmh: Correct the pmic5_hfsmps515 buck + - drm/amd/display: Revert dram_clock_change_latency for DCN2.1 + - drm/amdgpu: fb BO should be ttm_bo_type_device + - drm/radeon: fix AGP dependency + - nvme: add NVME_REQ_CANCELLED flag in nvme_cancel_request() + - nvme-fc: return NVME_SC_HOST_ABORTED_CMD when a command has been aborted + - nvme-pci: add the DISABLE_WRITE_ZEROES quirk for a Samsung PM1725a + - nfs: we don't support removing system.nfs4_acl + - block: Suppress uevent for hidden device when removed + - ia64: fix ia64_syscall_get_set_arguments() for break-based syscalls + - ia64: fix ptrace(PTRACE_SYSCALL_INFO_EXIT) sign + - netsec: restore phy power state after controller reset + - platform/x86: intel-vbtn: Stop reporting SW_DOCK events + - squashfs: fix inode lookup sanity checks + - squashfs: fix xattr id and id lookup sanity checks + - kasan: fix per-page tags for non-page_alloc pages + - gcov: fix clang-11+ support + - ACPI: video: Add missing callback back for Sony VPCEH3U1E + - arm64: dts: ls1046a: mark crypto engine dma coherent + - arm64: dts: ls1012a: mark crypto engine dma coherent + - arm64: dts: ls1043a: mark crypto engine dma coherent + - ARM: dts: at91-sama5d27_som1: fix phy address to 7 + - integrity: double check iint_cache was initialized + - dm verity: fix DM_VERITY_OPTS_MAX value + - dm ioctl: fix out of bounds array access when no devices + - bus: omap_l3_noc: mark l3 irqs as IRQF_NO_THREAD + - veth: Store queue_mapping independently of XDP prog presence + - libbpf: Fix INSTALL flag order + - net/mlx5e: Don't match on Geneve options in case option masks are all zero + - ipv6: fix suspecious RCU usage warning + - macvlan: macvlan_count_rx() needs to be aware of preemption + - net: sched: validate stab values + - net: dsa: bcm_sf2: Qualify phydev->dev_flags based on port + - igc: Fix Pause Frame Advertising + - igc: Fix Supported Pause Frame Link Setting + - e1000e: add rtnl_lock() to e1000_reset_task + - e1000e: Fix error handling in e1000_set_d0_lplu_state_82571 + - net/qlcnic: Fix a use after free in qlcnic_83xx_get_minidump_template + - ftgmac100: Restart MAC HW once + - selftests/bpf: Set gopt opt_class to 0 if get tunnel opt failed + - netfilter: ctnetlink: fix dump of the expect mask attribute + - tcp: relookup sock for RST+ACK packets handled by obsolete req sock + - can: peak_usb: add forgotten supported devices + - can: flexcan: flexcan_chip_freeze(): fix chip freeze for missing bitrate + - can: kvaser_pciefd: Always disable bus load reporting + - can: c_can_pci: c_can_pci_remove(): fix use-after-free + - can: c_can: move runtime PM enable/disable to c_can_platform + - can: m_can: m_can_do_rx_poll(): fix extraneous msg loss warning + - can: m_can: m_can_rx_peripheral(): fix RX being blocked by errors + - mac80211: fix rate mask reset + - nfp: flower: fix pre_tun mask id allocation + - libbpf: Use SOCK_CLOEXEC when opening the netlink socket + - octeontx2-af: Fix irq free in rvu teardown + - octeontx2-af: fix infinite loop in unmapping NPC counter + - net: cdc-phonet: fix data-interface release on probe failure + - r8152: limit the RX buffer size of RTL8153A for USB 2.0 + - net: stmmac: dwmac-sun8i: Provide TX and RX fifo sizes + - selftests: forwarding: vxlan_bridge_1d: Fix vxlan ecn decapsulate value + - libbpf: Fix BTF dump of pointer-to-array-of-struct + - drm/msm: fix shutdown hook in case GPU components failed to bind + - arm64: kdump: update ppos when reading elfcorehdr + - PM: runtime: Defer suspending suppliers + - net/mlx5e: Fix error path for ethtool set-priv-flag + - PM: EM: postpone creating the debugfs dir till fs_initcall + - RDMA/cxgb4: Fix adapter LE hash errors while destroying ipv6 listening + server + - bpf: Don't do bpf_cgroup_storage_set() for kuprobe/tp programs + - ACPI: scan: Rearrange memory allocation in acpi_device_add() + - ACPI: scan: Use unique number for instance_no + - perf auxtrace: Fix auxtrace queue conflict + - block: recalculate segment count for multi-segment discards correctly + - scsi: Revert "qla2xxx: Make sure that aborted commands are freed" + - scsi: qedi: Fix error return code of qedi_alloc_global_queues() + - scsi: mpt3sas: Fix error return code of mpt3sas_base_attach() + - locking/mutex: Fix non debug version of mutex_lock_io_nested() + - x86/mem_encrypt: Correct physical address calculation in __set_clr_pte_enc() + - can: dev: Move device back to init netns on owning netns delete + - net: dsa: b53: VLAN filtering is global to all users + - net: qrtr: fix a kernel-infoleak in qrtr_recvmsg() + - mac80211: fix double free in ibss_leave + - ext4: add reclaim checks to xattr code + - can: peak_usb: Revert "can: peak_usb: add forgotten supported devices" + - xen-blkback: don't leak persistent grants from xen_blkbk_map() + - Linux 5.4.109 + * Focal update: v5.4.108 upstream stable release (LP: #1923214) + - ASoC: ak4458: Add MODULE_DEVICE_TABLE + - ASoC: ak5558: Add MODULE_DEVICE_TABLE + - ALSA: dice: fix null pointer dereference when node is disconnected + - ALSA: hda/realtek: apply pin quirk for XiaomiNotebook Pro + - ALSA: hda: generic: Fix the micmute led init state + - ALSA: hda/realtek: Apply headset-mic quirks for Xiaomi Redmibook Air + - Revert "PM: runtime: Update device status before letting suppliers suspend" + - ARM: 9030/1: entry: omit FP emulation for UND exceptions taken in kernel + mode + - ARM: 9044/1: vfp: use undef hook for VFP support detection + - btrfs: fix race when cloning extent buffer during rewind of an old root + - btrfs: fix slab cache flags for free space tree bitmap + - ASoC: fsl_ssi: Fix TDM slot setup for I2S mode + - ASoC: SOF: Intel: unregister DMIC device on probe error + - ASoC: SOF: intel: fix wrong poll bits in dsp power down + - ASoC: simple-card-utils: Do not handle device clock + - afs: Stop listxattr() from listing "afs.*" attributes + - nvme: fix Write Zeroes limitations + - nvme-tcp: fix possible hang when failing to set io queues + - nvme-tcp: fix a NULL deref when receiving a 0-length r2t PDU + - nvmet: don't check iosqes,iocqes for discovery controllers + - nfsd: Don't keep looking up unhashed files in the nfsd file cache + - NFSD: Repair misuse of sv_lock in 5.10.16-rt30. + - svcrdma: disable timeouts on rdma backchannel + - vfio: IOMMU_API should be selected + - sunrpc: fix refcount leak for rpc auth modules + - net/qrtr: fix __netdev_alloc_skb call + - kbuild: Fix for empty SUBLEVEL or PATCHLEVEL again + - riscv: Correct SPARSEMEM configuration + - scsi: lpfc: Fix some error codes in debugfs + - scsi: myrs: Fix a double free in myrs_cleanup() + - counter: stm32-timer-cnt: Report count function when SLAVE_MODE_DISABLED + - nvme-rdma: fix possible hang when failing to set io queues + - usb-storage: Add quirk to defeat Kindle's automatic unload + - usbip: Fix incorrect double assignment to udc->ud.tcp_rx + - USB: replace hardcode maximum usb string length by definition + - usb: gadget: configfs: Fix KASAN use-after-free + - usb: typec: tcpm: Invoke power_supply_changed for tcpm-source-psy- + - iio:adc:stm32-adc: Add HAS_IOMEM dependency + - iio:adc:qcom-spmi-vadc: add default scale to LR_MUX2_BAT_ID channel + - iio: adis16400: Fix an error code in adis16400_initial_setup() + - iio: gyro: mpu3050: Fix error handling in mpu3050_trigger_handler + - iio: adc: ad7949: fix wrong ADC result due to incorrect bit mask + - iio: hid-sensor-humidity: Fix alignment issue of timestamp channel + - iio: hid-sensor-prox: Fix scale not correct issue + - iio: hid-sensor-temperature: Fix issues of timestamp channel + - counter: stm32-timer-cnt: fix ceiling write max value + - PCI: rpadlpar: Fix potential drc_name corruption in store functions + - perf/x86/intel: Fix a crash caused by zero PEBS status + - x86/ioapic: Ignore IRQ2 again + - kernel, fs: Introduce and use set_restart_fn() and arch_set_restart_data() + - x86: Move TS_COMPAT back to asm/thread_info.h + - x86: Introduce TS_COMPAT_RESTART to fix get_nr_restart_syscall() + - ext4: find old entry again if failed to rename whiteout + - ext4: do not try to set xattr into ea_inode if value is empty + - ext4: fix potential error in ext4_do_update_inode + - efi: use 32-bit alignment for efi_guid_t literals + - firmware/efi: Fix a use after bug in efi_mem_reserve_persistent + - genirq: Disable interrupts for force threaded handlers + - x86/apic/of: Fix CPU devicetree-node lookups + - cifs: Fix preauth hash corruption + - Linux 5.4.108 + * Focal update: v5.4.107 upstream stable release (LP: #1923210) + - KVM: arm64: nvhe: Save the SPE context early + - btrfs: scrub: Don't check free space before marking a block group RO + - drm/i915/gvt: Set SNOOP for PAT3 on BXT/APL to workaround GPU BB hang + - drm/i915/gvt: Fix mmio handler break on BXT/APL. + - drm/i915/gvt: Fix virtual display setup for BXT/APL + - drm/i915/gvt: Fix port number for BDW on EDID region setup + - drm/i915/gvt: Fix vfio_edid issue for BXT/APL + - fuse: fix live lock in fuse_iget() + - crypto: x86 - Regularize glue function prototypes + - crypto: aesni - Use TEST %reg,%reg instead of CMP $0,%reg + - crypto: x86/aes-ni-xts - use direct calls to and 4-way stride + - net: dsa: tag_mtk: fix 802.1ad VLAN egress + - net: dsa: b53: Support setting learning on port + - Linux 5.4.107 + + -- Khalid Elmously Wed, 21 Jul 2021 01:22:52 -0400 + +linux-ibm (5.4.0-1001.1) focal; urgency=medium + + * Miscellaneous Ubuntu changes + - [packaging] ibm: bring up focal/ibm + - [config] ibm: update configs + - [packaging] ibm: update annotations + - [packaging] ibm: Ignore last abi files + + -- Khalid Elmously Thu, 29 Apr 2021 13:51:16 -0400 + +linux-ibm (5.4.0-1000.0) focal; urgency=medium + + * ibm bring-up + + [ Ubuntu: 5.4.0-73.82 ] + + * focal/linux: 5.4.0-73.82 -proposed tracker (LP: #1923781) + * Packaging resync (LP: #1786013) + - update dkms package versions + * CIFS DFS entries not accessible with 5.4.0-71.74-generic (LP: #1923670) + - Revert "cifs: Set CIFS_MOUNT_USE_PREFIX_PATH flag on setting + cifs_sb->prepath." + * CVE-2021-29650 + - Revert "netfilter: x_tables: Update remaining dereference to RCU" + - Revert "netfilter: x_tables: Switch synchronization to RCU" + - netfilter: x_tables: Use correct memory barriers. + * LRMv4: switch to signing nvidia modules via the Ubuntu Modules signing key + (LP: #1918134) + - [Packaging] dkms-build{,--nvidia-N} sync back from LRMv4 + * 5.4 kernel: when iommu is on crashdump fails (LP: #1922738) + - iommu/vt-d: Refactor find_domain() helper + - iommu/vt-d: Add attach_deferred() helper + - iommu/vt-d: Move deferred device attachment into helper function + - iommu/vt-d: Do deferred attachment in iommu_need_mapping() + - iommu/vt-d: Remove deferred_attach_domain() + - iommu/vt-d: Simplify check in identity_mapping() + * Backport mlx5e fix for tunnel offload (LP: #1921769) + - net/mlx5e: Check tunnel offload is required before setting SWP + * Bcache bypasse writeback on caching device with fragmentation (LP: #1900438) + - bcache: consider the fragmentation when update the writeback rate + * Fix implicit declaration warnings for kselftests/memfd test on newer + releases (LP: #1910323) + - selftests/memfd: Fix implicit declaration warnings + * net/mlx5e: Add missing capability check for uplink follow (LP: #1921104) + - net/mlx5e: Add missing capability check for uplink follow + * [UBUNUT 21.04] s390/vtime: fix increased steal time accounting + (LP: #1921498) + - s390/vtime: fix increased steal time accounting + * Mute/Mic-mute LEDs are not work on HP 850/840/440 G8 Laptops (LP: #1920030) + - ALSA: hda/realtek: fix mute/micmute LEDs for HP 840 G8 + - ALSA: hda/realtek: fix mute/micmute LEDs for HP 440 G8 + - ALSA: hda/realtek: fix mute/micmute LEDs for HP 850 G8 + * Focal update: v5.4.106 upstream stable release (LP: #1920246) + - uapi: nfnetlink_cthelper.h: fix userspace compilation error + - powerpc/pseries: Don't enforce MSI affinity with kdump + - ath9k: fix transmitting to stations in dynamic SMPS mode + - net: Fix gro aggregation for udp encaps with zero csum + - net: check if protocol extracted by virtio_net_hdr_set_proto is correct + - net: avoid infinite loop in mpls_gso_segment when mpls_hlen == 0 + - sh_eth: fix TRSCER mask for SH771x + - can: skb: can_skb_set_owner(): fix ref counting if socket was closed before + setting skb ownership + - can: flexcan: assert FRZ bit in flexcan_chip_freeze() + - can: flexcan: enable RX FIFO after FRZ/HALT valid + - can: flexcan: invoke flexcan_chip_freeze() to enter freeze mode + - can: tcan4x5x: tcan4x5x_init(): fix initialization - clear MRAM before + entering Normal Mode + - tcp: add sanity tests to TCP_QUEUE_SEQ + - netfilter: nf_nat: undo erroneous tcp edemux lookup + - netfilter: x_tables: gpf inside xt_find_revision() + - selftests/bpf: No need to drop the packet when there is no geneve opt + - selftests/bpf: Mask bpf_csum_diff() return value to 16 bits in test_verifier + - samples, bpf: Add missing munmap in xdpsock + - ibmvnic: always store valid MAC address + - mt76: dma: do not report truncated frames to mac80211 + - powerpc/603: Fix protection of user pages mapped with PROT_NONE + - mount: fix mounting of detached mounts onto targets that reside on shared + mounts + - cifs: return proper error code in statfs(2) + - Revert "mm, slub: consider rest of partial list if acquire_slab() fails" + - net: enetc: don't overwrite the RSS indirection table when initializing + - net/mlx4_en: update moderation when config reset + - net: stmmac: fix incorrect DMA channel intr enable setting of EQoS v4.10 + - nexthop: Do not flush blackhole nexthops when loopback goes down + - net: sched: avoid duplicates in classes dump + - net: usb: qmi_wwan: allow qmimux add/del with master up + - netdevsim: init u64 stats for 32bit hardware + - cipso,calipso: resolve a number of problems with the DOI refcounts + - net: lapbether: Remove netif_start_queue / netif_stop_queue + - net: davicom: Fix regulator not turned off on failed probe + - net: davicom: Fix regulator not turned off on driver removal + - net: qrtr: fix error return code of qrtr_sendmsg() + - ixgbe: fail to create xfrm offload of IPsec tunnel mode SA + - net: stmmac: stop each tx channel independently + - net: stmmac: fix watchdog timeout during suspend/resume stress test + - selftests: forwarding: Fix race condition in mirror installation + - perf traceevent: Ensure read cmdlines are null terminated. + - net: hns3: fix query vlan mask value error for flow director + - net: hns3: fix bug when calculating the TCAM table info + - s390/cio: return -EFAULT if copy_to_user() fails again + - bnxt_en: reliably allocate IRQ table on reset to avoid crash + - drm/compat: Clear bounce structures + - drm/shmem-helper: Check for purged buffers in fault handler + - drm/shmem-helper: Don't remove the offset in vm_area_struct pgoff + - drm: meson_drv add shutdown function + - s390/cio: return -EFAULT if copy_to_user() fails + - s390/crypto: return -EFAULT if copy_to_user() fails + - qxl: Fix uninitialised struct field head.surface_id + - sh_eth: fix TRSCER mask for R7S9210 + - media: usbtv: Fix deadlock on suspend + - media: v4l: vsp1: Fix uif null pointer access + - media: v4l: vsp1: Fix bru null pointer access + - media: rc: compile rc-cec.c into rc-core + - [Config] update abi for rc-cec + - net: hns3: fix error mask definition of flow director + - net: enetc: initialize RFS/RSS memories for unused ports too + - net: phy: fix save wrong speed and duplex problem if autoneg is on + - i2c: rcar: faster irq code to minimize HW race condition + - i2c: rcar: optimize cacheline to minimize HW race condition + - udf: fix silent AED tagLocation corruption + - mmc: mxs-mmc: Fix a resource leak in an error handling path in + 'mxs_mmc_probe()' + - mmc: mediatek: fix race condition between msdc_request_timeout and irq + - Platform: OLPC: Fix probe error handling + - powerpc/pci: Add ppc_md.discover_phbs() + - spi: stm32: make spurious and overrun interrupts visible + - powerpc: improve handling of unrecoverable system reset + - powerpc/perf: Record counter overflow always if SAMPLE_IP is unset + - HID: logitech-dj: add support for the new lightspeed connection iteration + - powerpc/64: Fix stack trace not displaying final frame + - iommu/amd: Fix performance counter initialization + - sparc32: Limit memblock allocation to low memory + - sparc64: Use arch_validate_flags() to validate ADI flag + - Input: applespi - don't wait for responses to commands indefinitely. + - PCI: xgene-msi: Fix race in installing chained irq handler + - PCI: mediatek: Add missing of_node_put() to fix reference leak + - kbuild: clamp SUBLEVEL to 255 + - PCI: Fix pci_register_io_range() memory leak + - i40e: Fix memory leak in i40e_probe + - s390/smp: __smp_rescan_cpus() - move cpumask away from stack + - sysctl.c: fix underflow value setting risk in vm_table + - scsi: libiscsi: Fix iscsi_prep_scsi_cmd_pdu() error handling + - scsi: target: core: Add cmd length set before cmd complete + - scsi: target: core: Prevent underflow for service actions + - ALSA: usb: Add Plantronics C320-M USB ctrl msg delay quirk + - ALSA: hda/hdmi: Cancel pending works before suspend + - ALSA: hda/ca0132: Add Sound BlasterX AE-5 Plus support + - ALSA: hda: Drop the BATCH workaround for AMD controllers + - ALSA: hda: Flush pending unsolicited events before suspend + - ALSA: hda: Avoid spurious unsol event handling during S3/S4 + - ALSA: usb-audio: Fix "cannot get freq eq" errors on Dell AE515 sound bar + - ALSA: usb-audio: Apply the control quirk to Plantronics headsets + - Revert 95ebabde382c ("capabilities: Don't allow writing ambiguous v3 file + capabilities") + - arm64: kasan: fix page_alloc tagging with DEBUG_VIRTUAL + - s390/dasd: fix hanging DASD driver unbind + - s390/dasd: fix hanging IO request during DASD driver unbind + - software node: Fix node registration + - mmc: core: Fix partition switch time for eMMC + - mmc: cqhci: Fix random crash when remove mmc module/card + - Goodix Fingerprint device is not a modem + - USB: gadget: u_ether: Fix a configfs return code + - usb: gadget: f_uac2: always increase endpoint max_packet_size by one audio + slot + - usb: gadget: f_uac1: stop playback on function disable + - usb: dwc3: qcom: Add missing DWC3 OF node refcount decrement + - usb: dwc3: qcom: Honor wakeup enabled/disabled state + - USB: usblp: fix a hang in poll() if disconnected + - usb: renesas_usbhs: Clear PIPECFG for re-enabling pipe with other EPNUM + - usb: xhci: do not perform Soft Retry for some xHCI hosts + - xhci: Improve detection of device initiated wake signal. + - usb: xhci: Fix ASMedia ASM1042A and ASM3242 DMA addressing + - xhci: Fix repeated xhci wake after suspend due to uncleared internal wake + state + - USB: serial: io_edgeport: fix memory leak in edge_startup + - USB: serial: ch341: add new Product ID + - USB: serial: cp210x: add ID for Acuity Brands nLight Air Adapter + - USB: serial: cp210x: add some more GE USB IDs + - usbip: fix stub_dev to check for stream socket + - usbip: fix vhci_hcd to check for stream socket + - usbip: fix vudc to check for stream socket + - usbip: fix stub_dev usbip_sockfd_store() races leading to gpf + - usbip: fix vhci_hcd attach_store() races leading to gpf + - usbip: fix vudc usbip_sockfd_store races leading to gpf + - misc/pvpanic: Export module FDT device table + - misc: fastrpc: restrict user apps from sending kernel RPC messages + - staging: rtl8192u: fix ->ssid overflow in r8192_wx_set_scan() + - staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() + - staging: rtl8712: unterminated string leads to read overflow + - staging: rtl8188eu: fix potential memory corruption in + rtw_check_beacon_data() + - staging: ks7010: prevent buffer overflow in ks_wlan_set_scan() + - staging: rtl8712: Fix possible buffer overflow in r8712_sitesurvey_cmd + - staging: rtl8192e: Fix possible buffer overflow in _rtl92e_wx_set_scan + - staging: comedi: addi_apci_1032: Fix endian problem for COS sample + - staging: comedi: addi_apci_1500: Fix endian problem for command sample + - staging: comedi: adv_pci1710: Fix endian problem for AI command data + - staging: comedi: das6402: Fix endian problem for AI command data + - staging: comedi: das800: Fix endian problem for AI command data + - staging: comedi: dmm32at: Fix endian problem for AI command data + - staging: comedi: me4000: Fix endian problem for AI command data + - staging: comedi: pcl711: Fix endian problem for AI command data + - staging: comedi: pcl818: Fix endian problem for AI command data + - sh_eth: fix TRSCER mask for R7S72100 + - arm64/mm: Fix pfn_valid() for ZONE_DEVICE based memory + - SUNRPC: Set memalloc_nofs_save() for sync tasks + - NFS: Don't revalidate the directory permissions on a lookup failure + - NFS: Don't gratuitously clear the inode cache when lookup failed + - NFSv4.2: fix return value of _nfs4_get_security_label() + - block: rsxx: fix error return code of rsxx_pci_probe() + - configfs: fix a use-after-free in __configfs_open_file + - arm64: mm: use a 48-bit ID map when possible on 52-bit VA builds + - hrtimer: Update softirq_expires_next correctly after + __hrtimer_get_next_event() + - stop_machine: mark helpers __always_inline + - include/linux/sched/mm.h: use rcu_dereference in in_vfork() + - zram: fix return value on writeback_store + - sched/membarrier: fix missing local execution of ipi_sync_rq_state() + - powerpc/64s: Fix instruction encoding for lis in ppc_function_entry() + - binfmt_misc: fix possible deadlock in bm_register_write + - x86/unwind/orc: Disable KASAN checking in the ORC unwinder, part 2 + - KVM: arm64: Fix exclusive limit for IPA size + - nvme: unlink head after removing last namespace + - nvme: release namespace head reference on error + - KVM: arm64: Ensure I-cache isolation between vcpus of a same VM + - KVM: arm64: Reject VM creation when the default IPA size is unsupported + - xen/events: reset affinity of 2-level event when tearing it down + - xen/events: don't unmask an event channel when an eoi is pending + - xen/events: avoid handling the same event on two cpus at the same time + - Linux 5.4.106 + * Focal update: v5.4.105 upstream stable release (LP: #1920244) + - net: dsa: add GRO support via gro_cells + - dm table: fix iterate_devices based device capability checks + - dm table: fix DAX iterate_devices based device capability checks + - dm table: fix zoned iterate_devices based device capability checks + - ACPICA: Fix race in generic_serial_bus (I2C) and GPIO op_region parameter + handling + - iommu/amd: Fix sleeping in atomic in increase_address_space() + - mwifiex: pcie: skip cancel_work_sync() on reset failure path + - platform/x86: acer-wmi: Cleanup ACER_CAP_FOO defines + - platform/x86: acer-wmi: Cleanup accelerometer device handling + - platform/x86: acer-wmi: Add new force_caps module parameter + - platform/x86: acer-wmi: Add ACER_CAP_SET_FUNCTION_MODE capability flag + - platform/x86: acer-wmi: Add support for SW_TABLET_MODE on Switch devices + - platform/x86: acer-wmi: Add ACER_CAP_KBD_DOCK quirk for the Aspire Switch + 10E SW3-016 + - HID: mf: add support for 0079:1846 Mayflash/Dragonrise USB Gamecube Adapter + - media: cx23885: add more quirks for reset DMA on some AMD IOMMU + - ACPI: video: Add DMI quirk for GIGABYTE GB-BXBT-2807 + - ASoC: Intel: bytcr_rt5640: Add quirk for ARCHOS Cesium 140 + - PCI: Add function 1 DMA alias quirk for Marvell 9215 SATA controller + - misc: eeprom_93xx46: Add quirk to support Microchip 93LC46B eeprom + - drm/msm/a5xx: Remove overwriting A5XX_PC_DBG_ECO_CNTL register + - mmc: sdhci-of-dwcmshc: set SDHCI_QUIRK2_PRESET_VALUE_BROKEN + - HID: i2c-hid: Add I2C_HID_QUIRK_NO_IRQ_AFTER_RESET for ITE8568 EC on Voyo + Winpad A15 + - nvme-pci: mark Seagate Nytro XM1440 as QUIRK_NO_NS_DESC_LIST. + - nvme-pci: add quirks for Lexar 256GB SSD + - Linux 5.4.105 + * Focal update: v5.4.104 upstream stable release (LP: #1920238) + - tpm, tpm_tis: Decorate tpm_tis_gen_interrupt() with request_locality() + - tpm, tpm_tis: Decorate tpm_get_timeouts() with request_locality() + - btrfs: raid56: simplify tracking of Q stripe presence + - btrfs: fix raid6 qstripe kmap + - btrfs: validate qgroup inherit for SNAP_CREATE_V2 ioctl + - btrfs: free correct amount of space in btrfs_delayed_inode_reserve_metadata + - btrfs: unlock extents in btrfs_zero_range in case of quota reservation + errors + - btrfs: fix warning when creating a directory with smack enabled + - PM: runtime: Update device status before letting suppliers suspend + - dm bufio: subtract the number of initial sectors in dm_bufio_get_device_size + - dm verity: fix FEC for RS roots unaligned to block size + - drm/amdgpu: fix parameter error of RREG32_PCIE() in amdgpu_regs_pcie + - arm64: ptrace: Fix seccomp of traced syscall -1 (NO_SYSCALL) + - crypto - shash: reduce minimum alignment of shash_desc structure + - usbip: tools: fix build error for multiple definition + - ALSA: ctxfi: cthw20k2: fix mask on conf to allow 4 bits + - RDMA/rxe: Fix missing kconfig dependency on CRYPTO + - IB/mlx5: Add missing error code + - ALSA: hda: intel-nhlt: verify config type + - ftrace: Have recordmcount use w8 to read relp->r_info in + arm64_is_fake_mcount + - rsxx: Return -EFAULT if copy_to_user() fails + - r8169: fix resuming from suspend on RTL8105e if machine runs on battery + - Linux 5.4.104 + * Focal update: v5.4.103 upstream stable release (LP: #1920235) + - net: usb: qmi_wwan: support ZTE P685M modem + - nvme-pci: refactor nvme_unmap_data + - nvme-pci: fix error unwind in nvme_map_data + - arm64 module: set plt* section addresses to 0x0 + - MIPS: VDSO: Use CLANG_FLAGS instead of filtering out '--target=' + - JFS: more checks for invalid superblock + - udlfb: Fix memory leak in dlfb_usb_probe + - media: mceusb: sanity check for prescaler value + - erofs: fix shift-out-of-bounds of blkszbits + - media: v4l2-ctrls.c: fix shift-out-of-bounds in std_validate + - xfs: Fix assert failure in xfs_setattr_size() + - net/af_iucv: remove WARN_ONCE on malformed RX packets + - smackfs: restrict bytes count in smackfs write functions + - net: fix up truesize of cloned skb in skb_prepare_for_shift() + - nbd: handle device refs for DESTROY_ON_DISCONNECT properly + - mm/hugetlb.c: fix unnecessary address expansion of pmd sharing + - net: bridge: use switchdev for port flags set through sysfs too + - net: ag71xx: remove unnecessary MTU reservation + - net: fix dev_ifsioc_locked() race condition + - dt-bindings: ethernet-controller: fix fixed-link specification + - dt-bindings: net: btusb: DT fix s/interrupt-name/interrupt-names/ + - MIPS: Drop 32-bit asm string functions + - drm/virtio: use kvmalloc for large allocations + - rsi: Fix TX EAPOL packet handling against iwlwifi AP + - rsi: Move card interrupt handling to RX thread + - staging: fwserial: Fix error handling in fwserial_create + - x86/reboot: Add Zotac ZBOX CI327 nano PCI reboot quirk + - vt/consolemap: do font sum unsigned + - wlcore: Fix command execute failure 19 for wl12xx + - Bluetooth: hci_h5: Set HCI_QUIRK_SIMULTANEOUS_DISCOVERY for btrtl + - pktgen: fix misuse of BUG_ON() in pktgen_thread_worker() + - ath10k: fix wmi mgmt tx queue full due to race condition + - x86/build: Treat R_386_PLT32 relocation as R_386_PC32 + - Bluetooth: Fix null pointer dereference in amp_read_loc_assoc_final_data + - staging: most: sound: add sanity check for function argument + - staging: bcm2835-audio: Replace unsafe strcpy() with strscpy() + - brcmfmac: Add DMI nvram filename quirk for Predia Basic tablet + - brcmfmac: Add DMI nvram filename quirk for Voyo winpad A15 tablet + - drm/hisilicon: Fix use-after-free + - crypto: tcrypt - avoid signed overflow in byte count + - drm/amdgpu: Add check to prevent IH overflow + - PCI: Add a REBAR size quirk for Sapphire RX 5600 XT Pulse + - drm/amd/display: Guard against NULL pointer deref when get_i2c_info fails + - media: uvcvideo: Allow entities with no pads + - f2fs: handle unallocated section and zone on pinned/atgc + - f2fs: fix to set/clear I_LINKABLE under i_lock + - nvme-core: add cancel tagset helpers + - nvme-rdma: add clean action for failed reconnection + - nvme-tcp: add clean action for failed reconnection + - ASoC: Intel: Add DMI quirk table to soc_intel_is_byt_cr() + - btrfs: fix error handling in commit_fs_roots + - perf/x86/kvm: Add Cascade Lake Xeon steppings to isolation_ucodes[] + - parisc: Bump 64-bit IRQ stack size to 64 KB + - sched/features: Fix hrtick reprogramming + - ASoC: Intel: bytcr_rt5640: Add quirk for the Estar Beauty HD MID 7316R + tablet + - ASoC: Intel: bytcr_rt5640: Add quirk for the Voyo Winpad A15 tablet + - ASoC: Intel: bytcr_rt5651: Add quirk for the Jumper EZpad 7 tablet + - ASoC: Intel: bytcr_rt5640: Add quirk for the Acer One S1002 tablet + - Xen/gnttab: handle p2m update errors on a per-slot basis + - xen-netback: respect gnttab_map_refs()'s return value + - zsmalloc: account the number of compacted pages correctly + - swap: fix swapfile read/write offset + - media: v4l: ioctl: Fix memory leak in video_usercopy + - ALSA: hda/realtek: Add quirk for Clevo NH55RZQ + - ALSA: hda/realtek: Add quirk for Intel NUC 10 + - ALSA: hda/realtek: Apply dual codec quirks for MSI Godlike X570 board + - Linux 5.4.103 + * Focal update: v5.4.102 upstream stable release (LP: #1918974) + - vmlinux.lds.h: add DWARF v5 sections + - kvm: x86: replace kvm_spec_ctrl_test_value with runtime test on the host + - debugfs: be more robust at handling improper input in debugfs_lookup() + - debugfs: do not attempt to create a new file before the filesystem is + initalized + - kdb: Make memory allocations more robust + - PCI: qcom: Use PHY_REFCLK_USE_PAD only for ipq8064 + - PCI: Decline to resize resources if boot config must be preserved + - virt: vbox: Do not use wait_event_interruptible when called from kernel + context + - bfq: Avoid false bfq queue merging + - ALSA: usb-audio: Fix PCM buffer allocation in non-vmalloc mode + - MIPS: vmlinux.lds.S: add missing PAGE_ALIGNED_DATA() section + - random: fix the RNDRESEEDCRNG ioctl + - ath10k: Fix error handling in case of CE pipe init failure + - Bluetooth: btqcomsmd: Fix a resource leak in error handling paths in the + probe function + - Bluetooth: hci_uart: Fix a race for write_work scheduling + - Bluetooth: Fix initializing response id after clearing struct + - ARM: dts: exynos: correct PMIC interrupt trigger level on Artik 5 + - ARM: dts: exynos: correct PMIC interrupt trigger level on Monk + - ARM: dts: exynos: correct PMIC interrupt trigger level on Rinato + - ARM: dts: exynos: correct PMIC interrupt trigger level on Spring + - ARM: dts: exynos: correct PMIC interrupt trigger level on Arndale Octa + - ARM: dts: exynos: correct PMIC interrupt trigger level on Odroid XU3 family + - arm64: dts: exynos: correct PMIC interrupt trigger level on TM2 + - arm64: dts: exynos: correct PMIC interrupt trigger level on Espresso + - memory: mtk-smi: Fix PM usage counter unbalance in mtk_smi ops + - bpf: Add bpf_patch_call_args prototype to include/linux/bpf.h + - bpf: Avoid warning when re-casting __bpf_call_base into __bpf_call_base_args + - arm64: dts: allwinner: A64: properly connect USB PHY to port 0 + - arm64: dts: allwinner: H6: properly connect USB PHY to port 0 + - arm64: dts: allwinner: Drop non-removable from SoPine/LTS SD card + - arm64: dts: allwinner: H6: Allow up to 150 MHz MMC bus frequency + - arm64: dts: allwinner: A64: Limit MMC2 bus frequency to 150 MHz + - cpufreq: brcmstb-avs-cpufreq: Free resources in error path + - cpufreq: brcmstb-avs-cpufreq: Fix resource leaks in ->remove() + - ACPICA: Fix exception code class checks + - usb: gadget: u_audio: Free requests only after callback + - Bluetooth: drop HCI device reference before return + - Bluetooth: Put HCI device if inquiry procedure interrupts + - memory: ti-aemif: Drop child node when jumping out loop + - ARM: dts: Configure missing thermal interrupt for 4430 + - usb: dwc2: Do not update data length if it is 0 on inbound transfers + - usb: dwc2: Abort transaction after errors with unknown reason + - usb: dwc2: Make "trimming xfer length" a debug message + - staging: rtl8723bs: wifi_regd.c: Fix incorrect number of regulatory rules + - ARM: dts: armada388-helios4: assign pinctrl to LEDs + - ARM: dts: armada388-helios4: assign pinctrl to each fan + - arm64: dts: armada-3720-turris-mox: rename u-boot mtd partition to + a53-firmware + - Bluetooth: btusb: Fix memory leak in btusb_mtk_wmt_recv + - arm64: dts: msm8916: Fix reserved and rfsa nodes unit address + - ARM: s3c: fix fiq for clang IAS + - soc: aspeed: snoop: Add clock control logic + - bpf_lru_list: Read double-checked variable once without lock + - ath9k: fix data bus crash when setting nf_override via debugfs + - ibmvnic: Set to CLOSED state even on error + - bnxt_en: reverse order of TX disable and carrier off + - xen/netback: fix spurious event detection for common event case + - mac80211: fix potential overflow when multiplying to u32 integers + - bpf: Fix bpf_fib_lookup helper MTU check for SKB ctx + - tcp: fix SO_RCVLOWAT related hangs under mem pressure + - net: axienet: Handle deferred probe on clock properly + - cxgb4/chtls/cxgbit: Keeping the max ofld immediate data size same in cxgb4 + and ulds + - b43: N-PHY: Fix the update of coef for the PHY revision >= 3case + - ibmvnic: add memory barrier to protect long term buffer + - ibmvnic: skip send_request_unmap for timeout reset + - net: amd-xgbe: Reset the PHY rx data path when mailbox command timeout + - net: amd-xgbe: Fix NETDEV WATCHDOG transmit queue timeout warning + - net: amd-xgbe: Reset link when the link never comes back + - net: amd-xgbe: Fix network fluctuations when using 1G BELFUSE SFP + - net: mvneta: Remove per-cpu queue mapping for Armada 3700 + - fbdev: aty: SPARC64 requires FB_ATY_CT + - drm/gma500: Fix error return code in psb_driver_load() + - gma500: clean up error handling in init + - drm/fb-helper: Add missed unlocks in setcmap_legacy() + - crypto: sun4i-ss - linearize buffers content must be kept + - crypto: sun4i-ss - fix kmap usage + - crypto: arm64/aes-ce - really hide slower algos when faster ones are enabled + - drm/amdgpu: Fix macro name _AMDGPU_TRACE_H_ in preprocessor if condition + - MIPS: c-r4k: Fix section mismatch for loongson2_sc_init + - MIPS: lantiq: Explicitly compare LTQ_EBU_PCC_ISTAT against 0 + - media: i2c: ov5670: Fix PIXEL_RATE minimum value + - media: imx: Unregister csc/scaler only if registered + - media: imx: Fix csc/scaler unregister + - media: camss: missing error code in msm_video_register() + - media: vsp1: Fix an error handling path in the probe function + - media: em28xx: Fix use-after-free in em28xx_alloc_urbs + - media: media/pci: Fix memleak in empress_init + - media: tm6000: Fix memleak in tm6000_start_stream + - media: aspeed: fix error return code in aspeed_video_setup_video() + - ASoC: cs42l56: fix up error handling in probe + - evm: Fix memleak in init_desc + - crypto: bcm - Rename struct device_private to bcm_device_private + - drm/sun4i: tcon: fix inverted DCLK polarity + - MIPS: properly stop .eh_frame generation + - bsg: free the request before return error code + - drm/amd/display: Fix 10/12 bpc setup in DCE output bit depth reduction. + - drm/amd/display: Fix HDMI deep color output for DCE 6-11. + - media: software_node: Fix refcounts in software_node_get_next_child() + - media: lmedm04: Fix misuse of comma + - media: qm1d1c0042: fix error return code in qm1d1c0042_init() + - media: cx25821: Fix a bug when reallocating some dma memory + - media: pxa_camera: declare variable when DEBUG is defined + - media: uvcvideo: Accept invalid bFormatIndex and bFrameIndex values + - sched/eas: Don't update misfit status if the task is pinned + - mtd: parser: imagetag: fix error codes in + bcm963xx_parse_imagetag_partitions() + - crypto: talitos - Work around SEC6 ERRATA (AES-CTR mode data size error) + - drm/nouveau: bail out of nouveau_channel_new if channel init fails + - ata: ahci_brcm: Add back regulators management + - ASoC: cpcap: fix microphone timeslot mask + - mtd: parsers: afs: Fix freeing the part name memory in failure + - f2fs: fix to avoid inconsistent quota data + - drm/amdgpu: Prevent shift wrapping in amdgpu_read_mask() + - f2fs: fix a wrong condition in __submit_bio + - Drivers: hv: vmbus: Avoid use-after-free in vmbus_onoffer_rescind() + - ASoC: SOF: debug: Fix a potential issue on string buffer termination + - btrfs: clarify error returns values in __load_free_space_cache + - hwrng: timeriomem - Fix cooldown period calculation + - crypto: ecdh_helper - Ensure 'len >= secret.len' in decode_key() + - ima: Free IMA measurement buffer on error + - ima: Free IMA measurement buffer after kexec syscall + - ASoC: simple-card-utils: Fix device module clock + - fs/jfs: fix potential integer overflow on shift of a int + - jffs2: fix use after free in jffs2_sum_write_data() + - ubifs: Fix memleak in ubifs_init_authentication + - ubifs: Fix error return code in alloc_wbufs() + - capabilities: Don't allow writing ambiguous v3 file capabilities + - HSI: Fix PM usage counter unbalance in ssi_hw_init + - clk: meson: clk-pll: fix initializing the old rate (fallback) for a PLL + - clk: meson: clk-pll: make "ret" a signed integer + - clk: meson: clk-pll: propagate the error from meson_clk_pll_set_rate() + - quota: Fix memory leak when handling corrupted quota file + - i2c: iproc: handle only slave interrupts which are enabled + - i2c: iproc: update slave isr mask (ISR_MASK_SLAVE) + - i2c: iproc: handle master read request + - spi: cadence-quadspi: Abort read if dummy cycles required are too many + - clk: sunxi-ng: h6: Fix CEC clock + - HID: core: detect and skip invalid inputs to snto32() + - RDMA/siw: Fix handling of zero-sized Read and Receive Queues. + - dmaengine: fsldma: Fix a resource leak in the remove function + - dmaengine: fsldma: Fix a resource leak in an error handling path of the + probe function + - dmaengine: owl-dma: Fix a resource leak in the remove function + - dmaengine: hsu: disable spurious interrupt + - mfd: bd9571mwv: Use devm_mfd_add_devices() + - fdt: Properly handle "no-map" field in the memory region + - of/fdt: Make sure no-map does not remove already reserved regions + - power: reset: at91-sama5d2_shdwc: fix wkupdbc mask + - rtc: s5m: select REGMAP_I2C + - clocksource/drivers/ixp4xx: Select TIMER_OF when needed + - clocksource/drivers/mxs_timer: Add missing semicolon when DEBUG is defined + - RDMA/mlx5: Use the correct obj_id upon DEVX TIR creation + - clk: sunxi-ng: h6: Fix clock divider range on some clocks + - regulator: axp20x: Fix reference cout leak + - certs: Fix blacklist flag type confusion + - regulator: s5m8767: Fix reference count leak + - spi: atmel: Put allocated master before return + - regulator: s5m8767: Drop regulators OF node reference + - regulator: core: Avoid debugfs: Directory ... already present! error + - isofs: release buffer head before return + - auxdisplay: ht16k33: Fix refresh rate handling + - objtool: Fix error handling for STD/CLD warnings + - objtool: Fix ".cold" section suffix check for newer versions of GCC + - IB/umad: Return EIO in case of when device disassociated + - IB/umad: Return EPOLLERR in case of when device disassociated + - KVM: PPC: Make the VMX instruction emulation routines static + - powerpc/47x: Disable 256k page size + - mmc: sdhci-sprd: Fix some resource leaks in the remove function + - mmc: usdhi6rol0: Fix a resource leak in the error handling path of the probe + - mmc: renesas_sdhi_internal_dmac: Fix DMA buffer alignment from 8 to + 128-bytes + - ARM: 9046/1: decompressor: Do not clear SCTLR.nTLSMD for ARMv7+ cores + - i2c: qcom-geni: Store DMA mapping data in geni_i2c_dev struct + - amba: Fix resource leak for drivers without .remove + - IB/mlx5: Return appropriate error code instead of ENOMEM + - IB/cm: Avoid a loop when device has 255 ports + - tracepoint: Do not fail unregistering a probe due to memory failure + - perf tools: Fix DSO filtering when not finding a map for a sampled address + - perf vendor events arm64: Fix Ampere eMag event typo + - RDMA/rxe: Fix coding error in rxe_recv.c + - RDMA/rxe: Fix coding error in rxe_rcv_mcast_pkt + - RDMA/rxe: Correct skb on loopback path + - spi: stm32: properly handle 0 byte transfer + - mfd: wm831x-auxadc: Prevent use after free in wm831x_auxadc_read_irq() + - powerpc/pseries/dlpar: handle ibm, configure-connector delay status + - powerpc/8xx: Fix software emulation interrupt + - clk: qcom: gcc-msm8998: Fix Alpha PLL type for all GPLLs + - RDMA/hns: Fixed wrong judgments in the goto branch + - RDMA/siw: Fix calculation of tx_valid_cpus size + - RDMA/hns: Fix type of sq_signal_bits + - spi: pxa2xx: Fix the controller numbering for Wildcat Point + - regulator: qcom-rpmh: fix pm8009 ldo7 + - clk: aspeed: Fix APLL calculate formula from ast2600-A2 + - nfsd: register pernet ops last, unregister first + - RDMA/hns: Fixes missing error code of CMDQ + - Input: sur40 - fix an error code in sur40_probe() + - perf intel-pt: Fix missing CYC processing in PSB + - perf intel-pt: Fix premature IPC + - perf test: Fix unaligned access in sample parsing test + - Input: elo - fix an error code in elo_connect() + - sparc64: only select COMPAT_BINFMT_ELF if BINFMT_ELF is set + - misc: eeprom_93xx46: Fix module alias to enable module autoprobe + - phy: rockchip-emmc: emmc_phy_init() always return 0 + - misc: eeprom_93xx46: Add module alias to avoid breaking support for non + device tree users + - soundwire: cadence: fix ACK/NAK handling + - pwm: rockchip: rockchip_pwm_probe(): Remove superfluous clk_unprepare() + - VMCI: Use set_page_dirty_lock() when unregistering guest memory + - PCI: Align checking of syscall user config accessors + - mei: hbm: call mei_set_devstate() on hbm stop response + - drm/msm/dsi: Correct io_start for MSM8994 (20nm PHY) + - drm/msm/mdp5: Fix wait-for-commit for cmd panels + - vfio/iommu_type1: Fix some sanity checks in detach group + - ext4: fix potential htree index checksum corruption + - nvmem: core: Fix a resource leak on error in nvmem_add_cells_from_of() + - nvmem: core: skip child nodes not matching binding + - regmap: sdw: use _no_pm functions in regmap_read/write + - i40e: Fix flow for IPv6 next header (extension header) + - i40e: Add zero-initialization of AQ command structures + - i40e: Fix overwriting flow control settings during driver loading + - i40e: Fix addition of RX filters after enabling FW LLDP agent + - i40e: Fix VFs not created + - i40e: Fix add TC filter for IPv6 + - vfio/type1: Use follow_pte() + - net/mlx4_core: Add missed mlx4_free_cmd_mailbox() + - vxlan: move debug check after netdev unregister + - ocfs2: fix a use after free on error + - mm/memory.c: fix potential pte_unmap_unlock pte error + - mm/hugetlb: fix potential double free in hugetlb_register_node() error path + - mm/compaction: fix misbehaviors of fast_find_migrateblock() + - r8169: fix jumbo packet handling on RTL8168e + - arm64: Add missing ISB after invalidating TLB in __primary_switch + - i2c: brcmstb: Fix brcmstd_send_i2c_cmd condition + - mm/rmap: fix potential pte_unmap on an not mapped pte + - scsi: bnx2fc: Fix Kconfig warning & CNIC build errors + - blk-settings: align max_sectors on "logical_block_size" boundary + - ACPI: property: Fix fwnode string properties matching + - ACPI: configfs: add missing check after configfs_register_default_group() + - HID: logitech-dj: add support for keyboard events in eQUAD step 4 Gaming + - HID: wacom: Ignore attempts to overwrite the touch_max value from HID + - Input: raydium_ts_i2c - do not send zero length + - Input: xpad - add support for PowerA Enhanced Wired Controller for Xbox + Series X|S + - Input: joydev - prevent potential read overflow in ioctl + - Input: i8042 - add ASUS Zenbook Flip to noselftest list + - media: mceusb: Fix potential out-of-bounds shift + - USB: serial: option: update interface mapping for ZTE P685M + - usb: musb: Fix runtime PM race in musb_queue_resume_work + - usb: dwc3: gadget: Fix setting of DEPCFG.bInterval_m1 + - usb: dwc3: gadget: Fix dep->interval for fullspeed interrupt + - USB: serial: ftdi_sio: fix FTX sub-integer prescaler + - USB: serial: mos7840: fix error code in mos7840_write() + - USB: serial: mos7720: fix error code in mos7720_write() + - ALSA: hda: Add another CometLake-H PCI ID + - ALSA: hda/realtek: modify EAPD in the ALC886 + - Revert "bcache: Kill btree_io_wq" + - bcache: Give btree_io_wq correct semantics again + - bcache: Move journal work to new flush wq + - drm/amd/display: Add vupdate_no_lock interrupts for DCN2.1 + - drm/amdgpu: Set reference clock to 100Mhz on Renoir (v2) + - drm/nouveau/kms: handle mDP connectors + - drm/sched: Cancel and flush all outstanding jobs before finish. + - erofs: initialized fields can only be observed after bit is set + - tpm_tis: Fix check_locality for correct locality acquisition + - tpm_tis: Clean up locality release + - KEYS: trusted: Fix migratable=1 failing + - btrfs: abort the transaction if we fail to inc ref in btrfs_copy_root + - btrfs: fix reloc root leak with 0 ref reloc roots on recovery + - btrfs: splice remaining dirty_bg's onto the transaction dirty bg list + - btrfs: fix extent buffer leak on failure to copy root + - crypto: arm64/sha - add missing module aliases + - crypto: aesni - prevent misaligned buffers on the stack + - crypto: sun4i-ss - checking sg length is not sufficient + - crypto: sun4i-ss - handle BigEndian for cipher + - crypto: sun4i-ss - initialize need_fallback + - seccomp: Add missing return in non-void function + - misc: rtsx: init of rts522a add OCP power off when no card is present + - drivers/misc/vmw_vmci: restrict too big queue size in qp_host_alloc_queue + - pstore: Fix typo in compression option name + - dts64: mt7622: fix slow sd card access + - staging/mt7621-dma: mtk-hsdma.c->hsdma-mt7621.c + - staging: gdm724x: Fix DMA from stack + - staging: rtl8188eu: Add Edimax EW-7811UN V2 to device table + - media: ipu3-cio2: Fix mbus_code processing in cio2_subdev_set_fmt() + - x86/virt: Eat faults on VMXOFF in reboot flows + - x86/reboot: Force all cpus to exit VMX root if VMX is supported + - powerpc/prom: Fix "ibm,arch-vec-5-platform-support" scan + - rcu: Pull deferred rcuog wake up to rcu_eqs_enter() callers + - rcu/nocb: Perform deferred wake up before last idle's need_resched() check + - floppy: reintroduce O_NDELAY fix + - arm64: kexec_file: fix memory leakage in create_dtb() when fdt_open_into() + fails + - arm64: uprobe: Return EOPNOTSUPP for AARCH32 instruction probing + - watchdog: qcom: Remove incorrect usage of QCOM_WDT_ENABLE_IRQ + - watchdog: mei_wdt: request stop on unregister + - mtd: spi-nor: sfdp: Fix last erase region marking + - mtd: spi-nor: sfdp: Fix wrong erase type bitmask for overlaid region + - mtd: spi-nor: core: Fix erase type discovery for overlaid region + - mtd: spi-nor: core: Add erase size check for erase command initialization + - mtd: spi-nor: hisi-sfc: Put child node np on error path + - fs/affs: release old buffer head on error path + - seq_file: document how per-entry resources are managed. + - x86: fix seq_file iteration for pat/memtype.c + - hugetlb: fix update_and_free_page contig page struct assumption + - hugetlb: fix copy_huge_page_from_user contig page struct assumption + - arm64: Extend workaround for erratum 1024718 to all versions of Cortex-A55 + - media: smipcie: fix interrupt handling and IR timeout + - module: Ignore _GLOBAL_OFFSET_TABLE_ when warning for undefined symbols + - mmc: sdhci-esdhc-imx: fix kernel panic when remove module + - powerpc/32s: Add missing call to kuep_lock on syscall entry + - spmi: spmi-pmic-arb: Fix hw_irq overflow + - gpio: pcf857x: Fix missing first interrupt + - printk: fix deadlock when kernel panic + - cpufreq: intel_pstate: Get per-CPU max freq via MSR_HWP_CAPABILITIES if + available + - s390/vtime: fix inline assembly clobber list + - virtio/s390: implement virtio-ccw revision 2 correctly + - um: mm: check more comprehensively for stub changes + - f2fs: fix out-of-repair __setattr_copy() + - sparc32: fix a user-triggerable oops in clear_user() + - spi: spi-synquacer: fix set_cs handling + - gfs2: Don't skip dlm unlock if glock has an lvb + - gfs2: Recursive gfs2_quota_hold in gfs2_iomap_end + - dm: fix deadlock when swapping to encrypted device + - dm writecache: fix writing beyond end of underlying device when shrinking + - dm era: Recover committed writeset after crash + - dm era: Verify the data block size hasn't changed + - dm era: Fix bitset memory leaks + - dm era: Use correct value size in equality function of writeset tree + - dm era: Reinitialize bitset cache before digesting a new writeset + - dm era: only resize metadata in preresume + - drm/i915: Reject 446-480MHz HDMI clock on GLK + - icmp: introduce helper for nat'd source address in network device context + - icmp: allow icmpv6_ndo_send to work with CONFIG_IPV6=n + - gtp: use icmp_ndo_send helper + - sunvnet: use icmp_ndo_send helper + - xfrm: interface: use icmp_ndo_send helper + - ipv6: icmp6: avoid indirect call for icmpv6_send() + - ipv6: silence compilation warning for non-IPV6 builds + - net: icmp: pass zeroed opts from icmp{,v6}_ndo_send before sending + - net: sched: fix police ext initialization + - dm era: Update in-core bitset after committing the metadata + - net: qrtr: Fix memory leak in qrtr_tun_open + - ARM: dts: aspeed: Add LCLK to lpc-snoop + - Linux 5.4.102 + * eeh-basic.sh from powerpc in ubuntu_kernel_selftests failed with unexpected + operator on F-5.8 (LP: #1909428) + - selftests/powerpc: Make the test check in eeh-basic.sh posix compliant + + -- Khalid Elmously Fri, 26 Apr 2021 16:44:05 -0400 --- linux-ibm-6.8.0.orig/debian.ibm/config/annotations +++ linux-ibm-6.8.0/debian.ibm/config/annotations @@ -0,0 +1,107 @@ +# Menu: HEADER +# FORMAT: 4 +# ARCH: amd64 +# FLAVOUR: amd64-ibm + +include "../../debian.master/config/annotations" + +CONFIG_AHC1EC0_WDT policy<{'amd64': '-'}> +CONFIG_AHC1EC0_WDT note<'maintaining original config'> + +CONFIG_GPIO_CDEV_V1 policy<{'amd64': 'n'}> +CONFIG_GPIO_CDEV_V1 note<'LP: #1953613'> + +CONFIG_IRQ_FORCED_THREADING_DEFAULT policy<{'amd64': '-'}> +CONFIG_IRQ_FORCED_THREADING_DEFAULT note<'maintaining original config'> + +CONFIG_MFD_AHC1EC0 policy<{'amd64': '-'}> +CONFIG_MFD_AHC1EC0 note<'maintaining original config'> + +CONFIG_PREEMPT_DYNAMIC policy<{'amd64': 'n'}> +CONFIG_PREEMPT_DYNAMIC note<'LP: #2051342'> + +CONFIG_RUST policy<{'amd64': 'n'}> +CONFIG_RUST note<'TODO: update note'> + +CONFIG_SENSORS_AHC1EC0_HWMON policy<{'amd64': '-'}> +CONFIG_SENSORS_AHC1EC0_HWMON note<'maintaining original config'> + + +# ---- Annotations without notes ---- + +CONFIG_AAEON_IWMI_WDT policy<{'amd64': '-'}> +CONFIG_ARCH_NR_GPIO policy<{'amd64': '-'}> +CONFIG_AX88796B_RUST_PHY policy<{'amd64': '-'}> +CONFIG_BINDGEN_VERSION_TEXT policy<{'amd64': '-'}> +CONFIG_BUILD_BIN2C policy<{'amd64': '-'}> +CONFIG_CACHEFILES_ERROR_INJECTION policy<{'amd64': 'n'}> +CONFIG_CEC_GPIO policy<{'amd64': '-'}> +CONFIG_CEC_PIN policy<{'amd64': '-'}> +CONFIG_CEC_PIN_ERROR_INJ policy<{'amd64': '-'}> +CONFIG_CONSTRUCTORS policy<{'amd64': '-'}> +CONFIG_CRYPTO_GF128MUL policy<{'amd64': '-'}> +CONFIG_CS_DSP policy<{'amd64': '-'}> +CONFIG_DA_MON_EVENTS policy<{'amd64': '-'}> +CONFIG_DA_MON_EVENTS_ID policy<{'amd64': '-'}> +CONFIG_DEBUG_PREEMPT policy<{'amd64': '-'}> +CONFIG_DRM_NOMODESET policy<{'amd64': '-'}> +CONFIG_DRM_USE_DYNAMIC_DEBUG policy<{'amd64': '-'}> +CONFIG_EROFS_FS_ZIP_LZMA policy<{'amd64': 'y'}> +CONFIG_FPGA_M10_BMC_SEC_UPDATE policy<{'amd64': 'm'}> +CONFIG_GENERIC_MSI_IRQ_DOMAIN policy<{'amd64': '-'}> +CONFIG_GPIO_AAEON policy<{'amd64': '-'}> +CONFIG_HID_NINTENDO policy<{'amd64': 'n'}> +CONFIG_I8K policy<{'amd64': 'n'}> +CONFIG_INLINE_READ_UNLOCK policy<{'amd64': 'y'}> +CONFIG_INLINE_READ_UNLOCK_IRQ policy<{'amd64': 'y'}> +CONFIG_INLINE_SPIN_UNLOCK_IRQ policy<{'amd64': 'y'}> +CONFIG_INLINE_WRITE_UNLOCK policy<{'amd64': 'y'}> +CONFIG_INLINE_WRITE_UNLOCK_IRQ policy<{'amd64': 'y'}> +CONFIG_LEDS_AAEON policy<{'amd64': '-'}> +CONFIG_MFD_AAEON policy<{'amd64': '-'}> +CONFIG_MLX5_EN_MACSEC policy<{'amd64': '-'}> +CONFIG_NFSD_V2_ACL policy<{'amd64': '-'}> +CONFIG_NINTENDO_FF policy<{'amd64': '-'}> +CONFIG_PCI_MSI_IRQ_DOMAIN policy<{'amd64': '-'}> +CONFIG_PREEMPTION policy<{'amd64': '-'}> +CONFIG_PREEMPT_BUILD policy<{'amd64': '-'}> +CONFIG_PREEMPT_COUNT policy<{'amd64': '-'}> +CONFIG_PREEMPT_RCU policy<{'amd64': '-'}> +CONFIG_PREEMPT_TRACER policy<{'amd64': '-'}> +CONFIG_PREEMPT_VOLUNTARY_BUILD policy<{'amd64': 'y'}> +CONFIG_PTE_MARKER policy<{'amd64': '-'}> +CONFIG_RUSTC_VERSION_TEXT policy<{'amd64': '-'}> +CONFIG_RUST_BUILD_ASSERT_ALLOW policy<{'amd64': '-'}> +CONFIG_RUST_DEBUG_ASSERTIONS policy<{'amd64': '-'}> +CONFIG_RUST_OVERFLOW_CHECKS policy<{'amd64': '-'}> +CONFIG_RUST_PHYLIB_ABSTRACTIONS policy<{'amd64': '-'}> +CONFIG_RV_MON_WWNR policy<{'amd64': 'n'}> +CONFIG_SAMPLES_RUST policy<{'amd64': '-'}> +CONFIG_SCSI_UFS_HWMON policy<{'amd64': 'y'}> +CONFIG_SENSORS_AAEON policy<{'amd64': '-'}> +CONFIG_SENSORS_IR38064_REGULATOR policy<{'amd64': 'n'}> +CONFIG_SENSORS_LM25066_REGULATOR policy<{'amd64': 'n'}> +CONFIG_SENSORS_PLI1209BC_REGULATOR policy<{'amd64': 'n'}> +CONFIG_SENSORS_XDPE122_REGULATOR policy<{'amd64': 'n'}> +CONFIG_SND_CTL_FAST_LOOKUP policy<{'amd64': 'y'}> +CONFIG_SND_SOC_AMD_PS policy<{'amd64': 'n'}> +CONFIG_SND_SOC_AMD_PS_MACH policy<{'amd64': '-'}> +CONFIG_SPI_AX88796C_COMPRESSION policy<{'amd64': 'y'}> +CONFIG_SPI_INTEL policy<{'amd64': '-'}> +CONFIG_SPI_INTEL_PCI policy<{'amd64': 'n'}> +CONFIG_SPI_INTEL_PLATFORM policy<{'amd64': 'n'}> +CONFIG_TASKS_RCU policy<{'amd64': '-'}> +CONFIG_TEST_SIPHASH policy<{'amd64': '-'}> +CONFIG_TYPEC_WCOVE policy<{'amd64': 'n'}> +CONFIG_UBUNTU_ODM_DRIVERS policy<{'amd64': 'n'}> +CONFIG_UNINLINE_SPIN_UNLOCK policy<{'amd64': '-'}> +CONFIG_VIDEO_ADV7511_CEC policy<{'amd64': 'y'}> +CONFIG_VIDEO_ATOMISP_ISP2401 policy<{'amd64': '-'}> +CONFIG_VIDEO_ZORAN policy<{'amd64': 'm'}> +CONFIG_VIDEO_ZORAN_AVS6EYES policy<{'amd64': 'y'}> +CONFIG_VIDEO_ZORAN_BUZ policy<{'amd64': 'y'}> +CONFIG_VIDEO_ZORAN_DC10 policy<{'amd64': 'y'}> +CONFIG_VIDEO_ZORAN_DC30 policy<{'amd64': 'y'}> +CONFIG_VIDEO_ZORAN_LML33 policy<{'amd64': 'y'}> +CONFIG_VIDEO_ZORAN_LML33R10 policy<{'amd64': 'y'}> +CONFIG_VIDEO_ZORAN_ZR36060 policy<{'amd64': 'y'}> --- linux-ibm-6.8.0.orig/debian.ibm/control.d/flavour-control.stub +++ linux-ibm-6.8.0/debian.ibm/control.d/flavour-control.stub @@ -0,0 +1,140 @@ +# Items that get replaced: +# FLAVOUR +# DESC +# ARCH +# SUPPORTED +# TARGET +# BOOTLOADER +# =PROVIDES= +# +# Items marked with =FOO= are optional +# +# This file describes the template for packages that are created for each flavour +# in debian/control.d/vars.* +# +# This file gets edited in a couple of places. See the debian/control.stub rule in +# debian/rules. PGGVER, ABINUM, and SRCPKGNAME are all converted in the +# process of creating debian/control. +# +# The flavour specific strings (ARCH, DESC, etc) are converted using values from the various +# flavour files in debian/control.d/vars.* +# +# XXX: Leave the blank line before the first package!! + +Package: linux-image=SIGN-ME-PKG=-PKGVER-ABINUM-FLAVOUR +Build-Profiles: +Architecture: ARCH +Section: kernel +Priority: optional +Provides: SRCPKGNAME-image, fuse-module, aufs-dkms, =PROVIDES=${linux:rprovides} +Depends: ${misc:Depends}, ${shlibs:Depends}, kmod, linux-base (>= 4.5ubuntu1~16.04.1), linux-modules-PKGVER-ABINUM-FLAVOUR +Recommends: BOOTLOADER, initramfs-tools | linux-initramfs-tool +Conflicts: linux-image=SIGN-PEER-PKG=-PKGVER-ABINUM-FLAVOUR +Suggests: fdutils, SRCPKGNAME-doc-PKGVER | SRCPKGNAME-source-PKGVER, SRCPKGNAME-tools, linux-headers-PKGVER-ABINUM-FLAVOUR +Description: Linux kernel image for version PKGVER on DESC + This package contains the=SIGN-ME-TXT= Linux kernel image for version PKGVER on + DESC. + . + Supports SUPPORTED processors. + . + TARGET + . + You likely do not want to install this package directly. Instead, install + the linux-FLAVOUR meta-package, which will ensure that upgrades work + correctly, and that supporting packages are also installed. + +Package: linux-modules-PKGVER-ABINUM-FLAVOUR +Build-Profiles: +Architecture: ARCH +Section: kernel +Priority: optional +Depends: ${misc:Depends}, ${shlibs:Depends} +Built-Using: ${linux:BuiltUsing} +Description: Linux kernel extra modules for version PKGVER on DESC + Contains the corresponding System.map file, the modules built by the + packager, and scripts that try to ensure that the system is not left in an + unbootable state after an update. + . + Supports SUPPORTED processors. + . + TARGET + . + You likely do not want to install this package directly. Instead, install + the linux-FLAVOUR meta-package, which will ensure that upgrades work + correctly, and that supporting packages are also installed. + +Package: linux-modules-extra-PKGVER-ABINUM-FLAVOUR +Build-Profiles: +Architecture: ARCH +Section: kernel +Priority: optional +Depends: ${misc:Depends}, ${shlibs:Depends}, linux-modules-PKGVER-ABINUM-FLAVOUR +Description: Linux kernel extra modules for version PKGVER on DESC + This package contains the Linux kernel extra modules for version PKGVER on + DESC. + . + Also includes the corresponding System.map file, the modules built by the + packager, and scripts that try to ensure that the system is not left in an + unbootable state after an update. + . + Supports SUPPORTED processors. + . + TARGET + . + You likely do not want to install this package directly. Instead, install + the linux-FLAVOUR meta-package, which will ensure that upgrades work + correctly, and that supporting packages are also installed. + +Package: linux-headers-PKGVER-ABINUM-FLAVOUR +Build-Profiles: +Architecture: ARCH +Section: devel +Priority: optional +Depends: ${misc:Depends}, SRCPKGNAME-headers-PKGVER-ABINUM, ${shlibs:Depends} +Provides: linux-headers, linux-headers-3.0 +Description: Linux kernel headers for version PKGVER on DESC + This package provides kernel header files for version PKGVER on + DESC. + . + This is for sites that want the latest kernel headers. Please read + /usr/share/doc/SRCPKGNAME-headers-PKGVER-ABINUM/debian.README.gz for details. + +Package: linux-image=SIGN-ME-PKG=-PKGVER-ABINUM-FLAVOUR-dbgsym +Build-Profiles: +Architecture: ARCH +Section: devel +Priority: optional +Depends: ${misc:Depends} +Provides: SRCPKGNAME-debug +Description: Linux kernel debug image for version PKGVER on DESC + This package provides the=SIGN-ME-TXT= kernel debug image for version PKGVER on + DESC. + . + This is for sites that wish to debug the kernel. + . + The kernel image contained in this package is NOT meant to boot from. It + is uncompressed, and unstripped. This package also includes the + unstripped modules. + +Package: linux-tools-PKGVER-ABINUM-FLAVOUR +Build-Profiles: +Architecture: ARCH +Section: devel +Priority: optional +Depends: ${misc:Depends}, SRCPKGNAME-tools-PKGVER-ABINUM +Description: Linux kernel version specific tools for version PKGVER-ABINUM + This package provides the architecture dependant parts for kernel + version locked tools (such as perf and x86_energy_perf_policy) for + version PKGVER-ABINUM on + =HUMAN=. + +Package: linux-cloud-tools-PKGVER-ABINUM-FLAVOUR +Build-Profiles: +Architecture: ARCH +Section: devel +Priority: optional +Depends: ${misc:Depends}, SRCPKGNAME-cloud-tools-PKGVER-ABINUM +Description: Linux kernel version specific cloud tools for version PKGVER-ABINUM + This package provides the architecture dependant parts for kernel + version locked tools for cloud for version PKGVER-ABINUM on + =HUMAN=. --- linux-ibm-6.8.0.orig/debian.ibm/control.d/ibm.inclusion-list +++ linux-ibm-6.8.0/debian.ibm/control.d/ibm.inclusion-list @@ -0,0 +1,298 @@ +arch/*/{crypto,kernel,oprofile} +arch/*/kvm/kvm.ko +arch/powerpc/kvm/kvm-hv.ko +arch/powerpc/kvm/kvm-pr.ko +arch/powerpc/kvm/vfio.ko +arch/powerpc/platforms/powernv/opal-prd.ko +arch/s390/* +arch/x86/kvm/kvm-amd.ko +arch/x86/kvm/kvm-intel.ko +crypto/* +drivers/acpi/* +drivers/ata/acard-ahci.ko +drivers/ata/ahci.ko +drivers/ata/ahci_platform.ko +drivers/ata/ahci_tegra.ko +drivers/ata/ata_generic.ko +drivers/ata/libahci.ko +drivers/ata/libahci_platform.ko +drivers/block/brd.ko +drivers/block/cryptoloop.ko +drivers/block/floppy.ko +drivers/block/loop.ko +drivers/block/nbd.ko +drivers/block/rbd.ko +drivers/block/virtio_blk.ko +drivers/block/xen-blkfront.ko +drivers/bus/tegra-aconnect.ko +drivers/char/hangcheck-timer.ko +drivers/char/hw_random/powernv-rng.ko +drivers/char/hw_random/virtio-rng.ko +drivers/char/ipmi/* +drivers/char/ipmi/ipmi_msghandler.ko +drivers/char/lp.ko +drivers/char/nvram.ko +drivers/char/ppdev.ko +drivers/char/raw.ko +drivers/char/virtio_console.ko +drivers/clk/clk-max77686.ko +drivers/cpufreq/tegra186-cpufreq.ko +drivers/cpufreq/tegra194-cpufreq.ko +drivers/crypto/nx/* +drivers/crypto/vmx/vmx-crypto.ko +drivers/dma/tegra210-adma.ko +drivers/firmware/efi/* +drivers/firmware/iscsi_ibft.ko +drivers/gpio/gpio-max77620.ko +drivers/gpu/drm/ast/ast.ko +drivers/gpu/drm/drm.ko +drivers/gpu/drm/drm_kms_helper.ko +drivers/gpu/drm/tegra/tegra-drm.ko +drivers/gpu/drm/ttm/ttm.ko +drivers/gpu/drm/vboxvideo/vboxvideo.ko +drivers/gpu/host1x/host1x.ko +drivers/hid/hid-generic.ko +drivers/hid/hid-hyperv.ko +drivers/hid/hid.ko +drivers/hid/usbhid/usbhid.ko +drivers/hv/* +drivers/hwmon/ibmpowernv.ko +drivers/hwmon/pwm-fan.ko +drivers/i2c/busses/i2c-tegra-bpmp.ko +drivers/i2c/busses/i2c-tegra-bpmp.ko +drivers/i2c/busses/i2c-tegra.ko +drivers/infiniband/core/ib_addr.ko +drivers/infiniband/core/ib_cm.ko +drivers/infiniband/core/ib_core.ko +drivers/infiniband/core/ib_mad.ko +drivers/infiniband/core/ib_sa.ko +drivers/infiniband/core/iw_cm.ko +drivers/infiniband/core/rdma_cm.ko +drivers/infiniband/ulp/iser/ib_iser.ko +drivers/infiniband/ulp/isert/ib_isert.ko +drivers/input/evbug.ko +drivers/input/gameport/gameport.ko +drivers/input/input-leds.ko +drivers/input/joydev.ko +drivers/input/keyboard/gpio_keys.ko +drivers/input/misc/xen-kbdfront.ko +drivers/input/mouse/psmouse.ko +drivers/input/serio/hyperv-keyboard.ko +drivers/input/serio/serio_raw.ko +drivers/input/serio/serport.ko +drivers/input/touchscreen/usbtouchscreen.ko +drivers/leds/leds-powernv.ko +drivers/md/* +drivers/memory/tegra/tegra210-emc.ko +drivers/message/fusion* +drivers/misc/cxl/* +drivers/misc/eeprom/at24.ko +drivers/misc/vmw_balloon.ko +drivers/misc/vmw_vmci/vmw_vmci.ko +drivers/mmc/host/sdhci-tegra.ko +drivers/mtd/cmdlinepart.ko +drivers/mtd/devices/powernv_flash.ko +drivers/mtd/ofpart.ko +drivers/net/appletalk/ipddp.ko +drivers/net/bonding/bonding.ko +drivers/net/caif/caif_virtio.ko +drivers/net/dummy.ko +drivers/net/eql.ko +drivers/net/ethernet/8390/8390.ko +drivers/net/ethernet/8390/ne2k-pci.ko +drivers/net/ethernet/amazon/ena/ena.ko +drivers/net/ethernet/amd/pcnet32.ko +drivers/net/ethernet/broadcom/bnx2x/* +drivers/net/ethernet/broadcom/tg3.ko +drivers/net/ethernet/dec/tulip/* +drivers/net/ethernet/emulex/benet/* +drivers/net/ethernet/ibm/* +drivers/net/ethernet/intel/e1000/e1000.ko +drivers/net/ethernet/intel/e1000e/e1000e.ko +drivers/net/ethernet/intel/i40e/* +drivers/net/ethernet/intel/iavf/iavf.ko +drivers/net/ethernet/intel/igb/* +drivers/net/ethernet/intel/igbvf/igbvf.ko +drivers/net/ethernet/intel/ixgbe/* +drivers/net/ethernet/intel/ixgbevf/ixgbevf.ko +drivers/net/ethernet/mellanox/* +drivers/net/ethernet/netronome/nfp/nfp.ko +drivers/net/ethernet/realtek/8139cp.ko +drivers/net/ethernet/realtek/8139too.ko +drivers/net/ethernet/stmicro/stmmac/dwmac-dwc-qos-eth.ko +drivers/net/ethernet/stmicro/stmmac/stmmac-platform.ko +drivers/net/ethernet/stmicro/stmmac/stmmac.ko +drivers/net/fddi/* +drivers/net/geneve.ko +drivers/net/hyperv/hv_netvsc.ko +drivers/net/ifb.ko +drivers/net/ipvlan/* +drivers/net/macvlan.ko +drivers/net/macvtap.ko +drivers/net/mii.ko +drivers/net/netconsole.ko +drivers/net/pcs/pcs-xpcs.ko +drivers/net/phy/marvell.ko +drivers/net/phy/phylink.ko +drivers/net/ppp/* +drivers/net/ppp/bsd_comp.ko +drivers/net/slip/* +drivers/net/veth.ko +drivers/net/virtio_net.ko +drivers/net/vmxnet3/vmxnet3.ko +drivers/net/vxlan.ko +drivers/net/wireguard/wireguard.ko +drivers/net/xen-netback/* +drivers/net/xen-netfront.ko +drivers/nvme/host/nvme.ko +drivers/nvmem/nvmem_core.ko +drivers/parport/parport.ko +drivers/parport/parport_pc.ko +drivers/pci/controller/dwc/pcie-tegra194.ko +drivers/pci/host/vmd.ko +drivers/phy/tegra/phy-tegra194-p2u.ko +drivers/pinctrl/pinctrl-max77620.ko +drivers/platform/x86/pvpanic.ko +drivers/pps/pps_core.ko +drivers/ptp/ptp.ko +drivers/pwm/pwm-tegra.ko +drivers/regulator/fixed.ko +drivers/regulator/max77620-regulator.ko +drivers/rtc/rtc-max77686.ko +drivers/rtc/rtc-tegra.ko +drivers/s390/* +drivers/s390/block/xpram.ko +drivers/scsi/BusLogic.ko +drivers/scsi/aacraid/* +drivers/scsi/cxlflash/* +drivers/scsi/device_handler/scsi_dh_alua.ko +drivers/scsi/device_handler/scsi_dh_emc.ko +drivers/scsi/device_handler/scsi_dh_hp_sw.ko +drivers/scsi/device_handler/scsi_dh_rdac.ko +drivers/scsi/hv_storvsc.ko +drivers/scsi/ibmvscsi/* +drivers/scsi/ipr.ko +drivers/scsi/iscsi_boot_sysfs.ko +drivers/scsi/iscsi_tcp.ko +drivers/scsi/libiscsi.ko +drivers/scsi/libiscsi_tcp.ko +drivers/scsi/libsas/* +drivers/scsi/lpfc/* +drivers/scsi/megaraid/* +drivers/scsi/mpt3sas/* +drivers/scsi/osd/libosd.ko +drivers/scsi/osd/osd.ko +drivers/scsi/qla1280.ko +drivers/scsi/qla2xxx/* +drivers/scsi/raid_class.ko +drivers/scsi/scsi_transport_fc.ko +drivers/scsi/scsi_transport_iscsi.ko +drivers/scsi/scsi_transport_sas.ko +drivers/scsi/scsi_transport_spi.ko +drivers/scsi/sd_mod.ko +drivers/scsi/sr_mod.ko +drivers/scsi/virtio_scsi.ko +drivers/scsi/vmw_pvscsi.ko +drivers/spi/spi-tegra114.ko +drivers/staging/media/tegra-video/tegra-video.ko +drivers/target/loopback/tcm_loop.ko +drivers/target/target_core*.ko +drivers/thermal/tegra/tegra-bpmp-thermal.ko +drivers/tty/serial/jsm/* +drivers/tty/serial/serial-tegra.ko +drivers/uio/uio.ko +drivers/uio/uio_pdrv_genirq.ko +drivers/usb/gadget/udc/tegra-xudc.ko +drivers/usb/host/* +drivers/usb/storage/uas.ko +drivers/usb/storage/usb-storage.ko +drivers/vfio/* +drivers/vhost/* +drivers/video/fbdev/* +drivers/video/vgastate.ko +drivers/virt/vboxguest/vboxguest.ko +drivers/virtio/* +drivers/watchdog/softdog.ko +drivers/xen/* +fs/9p/* +fs/aufs/aufs.ko +fs/autofs/autofs4.ko +fs/binfmt_misc.ko +fs/btrfs/* +fs/cachefiles/cachefiles.ko +fs/ceph/* +fs/smb/* +fs/configfs/* +fs/dlm/dlm.ko +fs/ecryptfs/* +fs/efivarfs/* +fs/exofs/libore.ko +fs/ext4/* +fs/fat/* +fs/fscache/* +fs/fuse/* +fs/isofs/* +fs/lockd/* +fs/nfs/* +fs/nfs_common/* +fs/nfsd/* +fs/nls/nls_cp437.ko +fs/nls/nls_iso8859-1.ko +fs/overlayfs/* +fs/shiftfs.ko +fs/squashfs/* +fs/udf/* +fs/ufs/* +fs/vboxsf/vboxsf.ko +fs/xfs/* +lib/* +net/6lowpan/* +net/802/* +net/8021q/* +net/9p/* +net/appletalk/* +net/atm/* +net/ax25/* +net/bpfilter/* +net/bridge/* +net/can/* +net/ceph/libceph.ko +net/core/* +net/dccp/* +net/decnet/* +net/ieee802154/* +net/ipv4/* +net/ipv6/* +net/ipx/* +net/key/* +net/lapb/* +net/llc/* +net/netfilter/* +net/netlink/netlink_diag.ko +net/netrom/* +net/openvswitch/* +net/packet/af_packet_diag.ko +net/phonet/* +net/rose/* +net/rxrpc/* +net/sched/* +net/sctp/* +net/sunrpc/auth_gss/auth_rpcgss.ko +net/sunrpc/auth_gss/rpcsec_gss_krb5.ko +net/sunrpc/sunrpc.ko +net/tipc/* +net/unix/unix_diag.ko +net/vmw_vsock/* +net/x25/* +net/xfrm/* +! find sound/core -name oss -prune -o -name *.ko -print +sound/drivers/pcsp/snd-pcsp.ko +sound/pci/hda/snd-hda-tegra.ko +sound/pci/snd-ens1370.ko +sound/soc/tegra/snd-soc-tegra186-dspk.ko +sound/soc/tegra/snd-soc-tegra210-admaif.ko +sound/soc/tegra/snd-soc-tegra210-ahub.ko +sound/soc/tegra/snd-soc-tegra210-dmic.ko +sound/soc/tegra/snd-soc-tegra210-i2s.ko +sound/soundcore.ko +ubuntu/ubuntu-host/ubuntu-host.ko --- linux-ibm-6.8.0.orig/debian.ibm/control.d/vars.ibm +++ linux-ibm-6.8.0/debian.ibm/control.d/vars.ibm @@ -0,0 +1,6 @@ +arch="amd64" +supported="IBM" +target="Geared toward IBM systems." +desc="=HUMAN= SMP" +bootloader="grub-pc [amd64] | grub-efi-amd64 [amd64] | grub-efi-ia32 [amd64] | grub [amd64] | lilo [amd64] " +provides="" --- linux-ibm-6.8.0.orig/debian.ibm/control.stub.in +++ linux-ibm-6.8.0/debian.ibm/control.stub.in @@ -0,0 +1,145 @@ +Source: SRCPKGNAME +Section: devel +Priority: optional +Maintainer: Ubuntu Kernel Team +Standards-Version: 3.9.4.0 +Build-Depends: + debhelper-compat (= 10), + cpio, + kmod , + makedumpfile [amd64] , + libcap-dev , + libelf-dev , + libnewt-dev , + libiberty-dev , + default-jdk-headless , + java-common , + rsync , + libdw-dev , + libpci-dev , + pkg-config , + python3 , + python3-dev , + flex , + bison , + libunwind8-dev [amd64] , + liblzma-dev , + openssl , + libssl-dev , + libaudit-dev , + bc , + gawk , + libudev-dev , + autoconf , + automake , + libtool , + uuid-dev , + libnuma-dev [amd64] , + dkms , + curl , + zstd , + pahole [amd64 arm64 armhf ppc64el s390x riscv64] | dwarves (>= 1.21) [amd64 arm64 armhf ppc64el s390x riscv64] , + clang-18 [amd64 arm64 armhf ppc64el s390x], + rustc [amd64 arm64 armhf ppc64el s390x], + rust-src [amd64 arm64 armhf ppc64el s390x], + rustfmt [amd64 arm64 armhf ppc64el s390x], + bindgen-0.65 [amd64 arm64 armhf ppc64el s390x], + llvm [amd64], + libstdc++-dev, +Build-Depends-Indep: + xmlto , + docbook-utils , + ghostscript , + fig2dev , + bzip2 , + sharutils , + asciidoc , + fontconfig , + python3-docutils , +Vcs-Git: git://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux-ibm/+git/=SERIES= -b ibm +XS-Testsuite: autopkgtest +#XS-Testsuite-Depends: gcc-4.7 binutils + +Package: SRCPKGNAME-source-PKGVER +Build-Profiles: +Architecture: all +Section: devel +Priority: optional +Provides: SRCPKGNAME-source +Depends: ${misc:Depends}, binutils, bzip2, coreutils +Recommends: libc-dev, gcc, make +Suggests: libncurses-dev | ncurses-dev, kernel-package, libqt3-dev +Description: Linux kernel source for version PKGVER with Ubuntu patches + This package provides the source code for the Linux kernel version + PKGVER. + . + This package is mainly meant for other packages to use, in order to build + custom flavours. + . + If you wish to use this package to create a custom Linux kernel, then it + is suggested that you investigate the package kernel-package, which has + been designed to ease the task of creating kernel image packages. + . + If you are simply trying to build third-party modules for your kernel, + you do not want this package. Install the appropriate SRCPKGNAME-headers + package instead. + +Package: SRCPKGNAME-headers-PKGVER-ABINUM +Build-Profiles: +Architecture: all +Multi-Arch: foreign +Section: devel +Priority: optional +Depends: ${misc:Depends}, coreutils +Description: Header files related to Linux kernel version PKGVER + This package provides kernel header files for version PKGVER, for sites + that want the latest kernel headers. Please read + /usr/share/doc/SRCPKGNAME-headers-PKGVER-ABINUM/debian.README.gz for details + +Package: SRCPKGNAME-tools-common +Build-Profiles: +Architecture: all +Multi-Arch: foreign +Section: kernel +Priority: optional +Depends: ${misc:Depends}, lsb-release +Description: Linux kernel version specific tools for version PKGVER + This package provides the architecture independent parts for kernel + version locked tools (such as perf and x86_energy_perf_policy) for + version PKGVER. + +Package: SRCPKGNAME-tools-PKGVER-ABINUM +Build-Profiles: +Architecture: amd64 +Section: devel +Priority: optional +Depends: ${misc:Depends}, ${shlibs:Depends}, linux-tools-common +Description: Linux kernel version specific tools for version PKGVER-ABINUM + This package provides the architecture dependant parts for kernel + version locked tools (such as perf and x86_energy_perf_policy) for + version PKGVER-ABINUM on + =HUMAN=. + You probably want to install linux-tools-PKGVER-ABINUM-. + +Package: SRCPKGNAME-cloud-tools-common +Build-Profiles: +Architecture: all +Multi-Arch: foreign +Section: kernel +Priority: optional +Depends: ${misc:Depends} +Description: Linux kernel version specific cloud tools for version PKGVER + This package provides the architecture independent parts for kernel + version locked tools for cloud tools for version PKGVER. + +Package: SRCPKGNAME-cloud-tools-PKGVER-ABINUM +Build-Profiles: +Architecture: amd64 +Section: devel +Priority: optional +Depends: ${misc:Depends}, ${shlibs:Depends}, linux-cloud-tools-common +Description: Linux kernel version specific cloud tools for version PKGVER-ABINUM + This package provides the architecture dependant parts for kernel + version locked tools for cloud tools for version PKGVER-ABINUM on + =HUMAN=. + You probably want to install linux-cloud-tools-PKGVER-ABINUM-. --- linux-ibm-6.8.0.orig/debian.ibm/copyright +++ linux-ibm-6.8.0/debian.ibm/copyright @@ -0,0 +1,29 @@ +This is the Ubuntu prepackaged version of the Linux kernel. +Linux was written by Linus Torvalds +and others. + +This package was put together by the Ubuntu Kernel Team, from +sources retrieved from upstream linux git. +The sources may be found at most Linux ftp sites, including +ftp://ftp.kernel.org/pub/linux/kernel/ + +This package is currently maintained by the +Ubuntu Kernel Team + +Linux is copyrighted by Linus Torvalds and others. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 dated June, 1991. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + +On Ubuntu Linux systems, the complete text of the GNU General +Public License v2 can be found in `/usr/share/common-licenses/GPL-2'. --- linux-ibm-6.8.0.orig/debian.ibm/dkms-versions +++ linux-ibm-6.8.0/debian.ibm/dkms-versions @@ -0,0 +1,2 @@ +zfs-linux 2.2.2-0ubuntu4 modulename=zfs debpath=pool/universe/z/%package%/zfs-dkms_%version%_all.deb arch=amd64 arch=arm64 arch=ppc64el arch=s390x rprovides=spl-modules rprovides=spl-dkms rprovides=zfs-modules rprovides=zfs-dkms +backport-iwlwifi-dkms 11510-0ubuntu1 modulename=iwlwifi debpath=pool/universe/b/%package%/backport-iwlwifi-dkms_%version%_all.deb arch=amd64 rprovides=iwlwifi-modules rprovides=backport-iwlwifi-dkms type=standalone --- linux-ibm-6.8.0.orig/debian.ibm/etc/kernelconfig +++ linux-ibm-6.8.0/debian.ibm/etc/kernelconfig @@ -0,0 +1,7 @@ +if [ "$variant" = "ports" ]; then + archs="" + family='ports' +else + archs="amd64" + family='ubuntu' +fi --- linux-ibm-6.8.0.orig/debian.ibm/etc/update.conf +++ linux-ibm-6.8.0/debian.ibm/etc/update.conf @@ -0,0 +1,7 @@ +# WARNING: we do not create update.conf when we are not a +# derivative. Various cranky components make use of this. +# If we start unconditionally creating update.conf we need +# to fix at least cranky close and cranky rebase. +RELEASE_REPO=git://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/noble +SOURCE_RELEASE_BRANCH=master-next +DEBIAN_MASTER=debian.master --- linux-ibm-6.8.0.orig/debian.ibm/modprobe.d/common.conf +++ linux-ibm-6.8.0/debian.ibm/modprobe.d/common.conf @@ -0,0 +1,3 @@ +# LP:1434842 -- disable OSS drivers by default to allow pulseaudio to emulate +blacklist snd-mixer-oss +blacklist snd-pcm-oss --- linux-ibm-6.8.0.orig/debian.ibm/reconstruct +++ linux-ibm-6.8.0/debian.ibm/reconstruct @@ -0,0 +1,39 @@ +# Recreate any symlinks created since the orig. +chmod +x 'debian.ibm/scripts/helpers/copy-files' +chmod +x 'debian.ibm/scripts/helpers/local-mangle' +chmod +x 'debian/cloud-tools/hv_get_dhcp_info' +chmod +x 'debian/cloud-tools/hv_get_dns_info' +chmod +x 'debian/cloud-tools/hv_set_ifconfig' +chmod +x 'debian/rules' +chmod +x 'debian/scripts/checks/final-checks' +chmod +x 'debian/scripts/checks/module-signature-check' +chmod +x 'debian/scripts/control-create' +chmod +x 'debian/scripts/dkms-build' +chmod +x 'debian/scripts/dkms-build--nvidia-N' +chmod +x 'debian/scripts/dkms-build-configure--zfs' +chmod +x 'debian/scripts/file-downloader' +chmod +x 'debian/scripts/link-headers' +chmod +x 'debian/scripts/link-lib-rust' +chmod +x 'debian/scripts/misc/annotations' +chmod +x 'debian/scripts/misc/find-missing-sauce.sh' +chmod +x 'debian/scripts/misc/fips-checks' +chmod +x 'debian/scripts/misc/gen-auto-reconstruct' +chmod +x 'debian/scripts/misc/git-ubuntu-log' +chmod +x 'debian/scripts/misc/insert-changes' +chmod +x 'debian/scripts/misc/insert-ubuntu-changes' +chmod +x 'debian/scripts/misc/kernelconfig' +chmod +x 'debian/scripts/module-inclusion' +chmod +x 'debian/scripts/sign-module' +chmod +x 'debian/templates/extra.postinst.in' +chmod +x 'debian/templates/extra.postrm.in' +chmod +x 'debian/templates/headers.postinst.in' +chmod +x 'debian/templates/image.postinst.in' +chmod +x 'debian/templates/image.postrm.in' +chmod +x 'debian/templates/image.preinst.in' +chmod +x 'debian/templates/image.prerm.in' +chmod +x 'debian/tests-build/check-aliases' +chmod +x 'debian/tests/rebuild' +chmod +x 'debian/tests/ubuntu-regression-suite' +chmod +x 'drivers/watchdog/f71808e_wdt.c' +# Remove any files deleted from the orig. +exit 0 --- linux-ibm-6.8.0.orig/debian.ibm/rules.d/amd64.mk +++ linux-ibm-6.8.0/debian.ibm/rules.d/amd64.mk @@ -0,0 +1,30 @@ +human_arch = 64 bit x86 +build_arch = x86 +header_arch = $(build_arch) +defconfig = defconfig +flavours = ibm +build_image = bzImage +kernel_file = arch/$(build_arch)/boot/bzImage +install_file = vmlinuz +loader = grub +vdso = vdso_install +no_dumpfile = true +uefi_signed = true +do_tools_usbip = true +do_tools_cpupower = true +do_tools_perf = true +do_tools_perf_jvmti = true +do_tools_bpftool = true +do_tools_x86 = true +do_tools_hyperv = false +do_tools_host = true +do_extras_package = true +do_tools_common = true +do_tools_acpidbg = true +do_zfs = true +do_dkms_nvidia = false +do_dkms_nvidia_server = false +do_dkms_vbox = false +do_dkms_wireguard = true +do_odm_drivers = true +disable_d_i = true --- linux-ibm-6.8.0.orig/debian.ibm/rules.d/hooks.mk +++ linux-ibm-6.8.0/debian.ibm/rules.d/hooks.mk @@ -0,0 +1,6 @@ +do_enforce_all = true +do_libc_dev_package = false +do_doc_package = false +do_tools_common = false +do_tools_host = false +do_odm_drivers = false --- linux-ibm-6.8.0.orig/debian.ibm/scripts/helpers/copy-files +++ linux-ibm-6.8.0/debian.ibm/scripts/helpers/copy-files @@ -0,0 +1,62 @@ +#!/bin/bash -eu + +if [ -f debian/debian.env ]; then + # shellcheck disable=SC1091 + . debian/debian.env +fi + +if [ ! -d "${DEBIAN}" ]; then + echo You must run this script from the top directory of this repository. + exit 1 +fi + +CONF="${DEBIAN}"/etc/update.conf +if [ -f "${CONF}" ]; then + # shellcheck disable=SC1090 + . "${CONF}" +fi + +FOREIGN_ARCHES="" +LOCAL_CONF="${DEBIAN}/etc/local.conf" +if [ -f "${LOCAL_CONF}" ]; then + # shellcheck disable=SC1090 + . "${LOCAL_CONF}" +fi + +SKIP_RULES_D=${SKIP_RULES_D:-} + +# +# Update configs from master +# +rsync -avc --delete "${DEBIAN_MASTER}/config/" "${DEBIAN}/config" + +# +# Update package and DTB settings from master. +# +if [ -z "${SKIP_RULES_D}" ] ; then + rsync -avc "${DEBIAN_MASTER}/rules.d/"*.mk "${DEBIAN}/rules.d/" +fi + +# Remove the .mk files from the arch's that are not supported +for i in ${FOREIGN_ARCHES} +do + rm -f "${DEBIAN}/rules.d/${i}.mk" + git rm -f --ignore-unmatch "${DEBIAN}/rules.d/${i}.mk" || true +done + +# +# Update modprobe.d from master +# +# Some releases (trusty) don't have this directory, and rsync would fail +# without this check. +if [ -d "${DEBIAN}/modprobe.d/" ]; then + rsync -avc --delete "${DEBIAN_MASTER}/modprobe.d/" "${DEBIAN}/modprobe.d" +fi + +cp -p "${DEBIAN_MASTER}/control.d/"*.inclusion-list "${DEBIAN}/control.d" + +cp -p "${DEBIAN_MASTER}/reconstruct" "${DEBIAN}/reconstruct" + +if [ -x "${DEBIAN}/scripts/helpers/local-mangle" ]; then + "./${DEBIAN}/scripts/helpers/local-mangle" +fi --- linux-ibm-6.8.0.orig/debian.ibm/scripts/helpers/local-mangle +++ linux-ibm-6.8.0/debian.ibm/scripts/helpers/local-mangle @@ -0,0 +1,30 @@ +#!/bin/bash -eu + +. debian/debian.env + +# Use gzip instead of lz4 for amd64 +sed -i '/CONFIG_KERNEL_LZ4/d' ${DEBIAN}/config/amd64/config.common.amd64 +sed -i '3aCONFIG_KERNEL_GZIP=y\n# CONFIG_KERNEL_LZ4 is not set' ${DEBIAN}/config/amd64/config.common.amd64 + +# And adjust annotations accordingly +sed -i "s/CONFIG_KERNEL_LZ4 policy<{'amd64': 'y'}>/CONFIG_KERNEL_LZ4 policy<{'amd64': 'n'}>/" ${DEBIAN}/config/annotations +sed -i "s/CONFIG_KERNEL_GZIP policy<{'amd64': 'n'}>/CONFIG_KERNEL_GZIP policy<{'amd64': 'y'}>/" ${DEBIAN}/config/annotations +sed -i "s/CONFIG_KERNEL_XZ policy<{'amd64': 'n'}>/CONFIG_KERNEL_XZ policy<{'amd64': 'n'}>/" ${DEBIAN}/config/annotations + + +# UBUNTU_ODM_DRIVERS is disabled for linux-hwe-5.4 in Bionic. Remove the enforcement +# for the drivers which depend on it. +sed -i "/CONFIG_MFD_AHC1EC0 policy<{'amd64': 'm'}>/d" ${DEBIAN}/config/annotations +sed -i "/CONFIG_SENSORS_AHC1EC0_HWMON policy<{'amd64': 'm'}>/d" ${DEBIAN}/config/annotations +sed -i "/CONFIG_AHC1EC0_WDT policy<{'amd64': 'm'}>/d" ${DEBIAN}/config/annotations + +# Override options in rules.d/hooks.mk (normally master does not have this +# file but it got added for generic annotations enforcement). +cat <>${DEBIAN}/rules.d/hooks.mk +do_libc_dev_package = false +do_doc_package = false +do_tools_common = false +do_tools_host = false +do_odm_drivers = false +EOD + --- linux-ibm-6.8.0.orig/debian.ibm/tracking-bug +++ linux-ibm-6.8.0/debian.ibm/tracking-bug @@ -0,0 +1 @@ +2061096 d2024.04.04-2 --- linux-ibm-6.8.0.orig/debian.ibm/variants +++ linux-ibm-6.8.0/debian.ibm/variants @@ -0,0 +1,3 @@ +-- +-lts-24.04 +-classic --- linux-ibm-6.8.0.orig/debian.master/changelog +++ linux-ibm-6.8.0/debian.master/changelog @@ -0,0 +1,21648 @@ +linux (6.8.0-25.25) noble; urgency=medium + + * noble/linux: 6.8.0-25.25 -proposed tracker (LP: #2061083) + + * Packaging resync (LP: #1786013) + - [Packaging] debian.master/dkms-versions -- update from kernel-versions + (main/d2024.04.04) + + * Apply mitigations for the native BHI hardware vulnerabilty (LP: #2060909) + - x86/cpufeatures: Add new word for scattered features + - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file + - x86/syscall: Don't force use of indirect calls for system calls + - x86/bhi: Add support for clearing branch history at syscall entry + - x86/bhi: Define SPEC_CTRL_BHI_DIS_S + - x86/bhi: Enumerate Branch History Injection (BHI) bug + - x86/bhi: Add BHI mitigation knob + - x86/bhi: Mitigate KVM by default + - KVM: x86: Add BHI_NO + - x86: set SPECTRE_BHI_ON as default + - [Config] enable spectre_bhi=auto by default + + * update apparmor and LSM stacking patch set (LP: #2028253) + - SAUCE: apparmor4.0.0 [01/90]: LSM stacking v39: integrity: disassociate + ima_filter_rule from security_audit_rule + - SAUCE: apparmor4.0.0 [02/90]: LSM stacking v39: SM: Infrastructure + management of the sock security + - SAUCE: apparmor4.0.0 [03/90]: LSM stacking v39: LSM: Add the lsmblob data + structure. + - SAUCE: apparmor4.0.0 [04/90]: LSM stacking v39: IMA: avoid label collisions + with stacked LSMs + - SAUCE: apparmor4.0.0 [05/90]: LSM stacking v39: LSM: Use lsmblob in + security_audit_rule_match + - SAUCE: apparmor4.0.0 [06/90]: LSM stacking v39: LSM: Add lsmblob_to_secctx + hook + - SAUCE: apparmor4.0.0 [07/90]: LSM stacking v39: Audit: maintain an lsmblob + in audit_context + - SAUCE: apparmor4.0.0 [08/90]: LSM stacking v39: LSM: Use lsmblob in + security_ipc_getsecid + - SAUCE: apparmor4.0.0 [09/90]: LSM stacking v39: Audit: Update shutdown LSM + data + - SAUCE: apparmor4.0.0 [10/90]: LSM stacking v39: LSM: Use lsmblob in + security_current_getsecid + - SAUCE: apparmor4.0.0 [11/90]: LSM stacking v39: LSM: Use lsmblob in + security_inode_getsecid + - SAUCE: apparmor4.0.0 [12/90]: LSM stacking v39: Audit: use an lsmblob in + audit_names + - SAUCE: apparmor4.0.0 [13/90]: LSM stacking v39: LSM: Create new + security_cred_getlsmblob LSM hook + - SAUCE: apparmor4.0.0 [14/90]: LSM stacking v39: Audit: Change context data + from secid to lsmblob + - SAUCE: apparmor4.0.0 [15/90]: LSM stacking v39: Netlabel: Use lsmblob for + audit data + - SAUCE: apparmor4.0.0 [16/90]: LSM stacking v39: LSM: Ensure the correct LSM + context releaser + - SAUCE: apparmor4.0.0 [17/90]: LSM stacking v39: LSM: Use lsmcontext in + security_secid_to_secctx + - SAUCE: apparmor4.0.0 [18/90]: LSM stacking v39: LSM: Use lsmcontext in + security_lsmblob_to_secctx + - SAUCE: apparmor4.0.0 [19/90]: LSM stacking v39: LSM: Use lsmcontext in + security_inode_getsecctx + - SAUCE: apparmor4.0.0 [20/90]: LSM stacking v39: LSM: Use lsmcontext in + security_dentry_init_security + - SAUCE: apparmor4.0.0 [21/90]: LSM stacking v39: LSM: + security_lsmblob_to_secctx module selection + - SAUCE: apparmor4.0.0 [22/90]: LSM stacking v39: Audit: Create audit_stamp + structure + - SAUCE: apparmor4.0.0 [23/90]: LSM stacking v39: Audit: Allow multiple + records in an audit_buffer + - SAUCE: apparmor4.0.0 [24/90]: LSM stacking v39: Audit: Add record for + multiple task security contexts + - SAUCE: apparmor4.0.0 [25/90]: LSM stacking v39: audit: multiple subject lsm + values for netlabel + - SAUCE: apparmor4.0.0 [26/90]: LSM stacking v39: Audit: Add record for + multiple object contexts + - SAUCE: apparmor4.0.0 [27/90]: LSM stacking v39: LSM: Remove unused + lsmcontext_init() + - SAUCE: apparmor4.0.0 [28/90]: LSM stacking v39: LSM: Improve logic in + security_getprocattr + - SAUCE: apparmor4.0.0 [29/90]: LSM stacking v39: LSM: secctx provider check + on release + - SAUCE: apparmor4.0.0 [31/90]: LSM stacking v39: LSM: Exclusive secmark usage + - SAUCE: apparmor4.0.0 [32/90]: LSM stacking v39: LSM: Identify which LSM + handles the context string + - SAUCE: apparmor4.0.0 [33/90]: LSM stacking v39: AppArmor: Remove the + exclusive flag + - SAUCE: apparmor4.0.0 [34/90]: LSM stacking v39: LSM: Add mount opts blob + size tracking + - SAUCE: apparmor4.0.0 [35/90]: LSM stacking v39: LSM: allocate mnt_opts blobs + instead of module specific data + - SAUCE: apparmor4.0.0 [36/90]: LSM stacking v39: LSM: Infrastructure + management of the key security blob + - SAUCE: apparmor4.0.0 [37/90]: LSM stacking v39: LSM: Infrastructure + management of the mnt_opts security blob + - SAUCE: apparmor4.0.0 [38/90]: LSM stacking v39: LSM: Correct handling of + ENOSYS in inode_setxattr + - SAUCE: apparmor4.0.0 [39/90]: LSM stacking v39: LSM: Remove lsmblob + scaffolding + - SAUCE: apparmor4.0.0 [40/90]: LSM stacking v39: LSM: Allow reservation of + netlabel + - SAUCE: apparmor4.0.0 [41/90]: LSM stacking v39: LSM: restrict + security_cred_getsecid() to a single LSM + - SAUCE: apparmor4.0.0 [42/90]: LSM stacking v39: Smack: Remove + LSM_FLAG_EXCLUSIVE + - SAUCE: apparmor4.0.0 [43/90]: LSM stacking v39: UBUNTU: SAUCE: apparmor4.0.0 + [12/95]: add/use fns to print hash string hex value + - SAUCE: apparmor4.0.0 [44/90]: patch to provide compatibility with v2.x net + rules + - SAUCE: apparmor4.0.0 [45/90]: add unpriviled user ns mediation + - SAUCE: apparmor4.0.0 [46/90]: Add sysctls for additional controls of unpriv + userns restrictions + - SAUCE: apparmor4.0.0 [47/90]: af_unix mediation + - SAUCE: apparmor4.0.0 [48/90]: Add fine grained mediation of posix mqueues + - SAUCE: apparmor4.0.0 [49/90]: setup slab cache for audit data + - SAUCE: apparmor4.0.0 [50/90]: Improve debug print infrastructure + - SAUCE: apparmor4.0.0 [51/90]: add the ability for profiles to have a + learning cache + - SAUCE: apparmor4.0.0 [52/90]: enable userspace upcall for mediation + - SAUCE: apparmor4.0.0 [53/90]: prompt - lock down prompt interface + - SAUCE: apparmor4.0.0 [54/90]: prompt - allow controlling of caching of a + prompt response + - SAUCE: apparmor4.0.0 [55/90]: prompt - add refcount to audit_node in prep or + reuse and delete + - SAUCE: apparmor4.0.0 [56/90]: prompt - refactor to moving caching to + uresponse + - SAUCE: apparmor4.0.0 [57/90]: prompt - Improve debug statements + - SAUCE: apparmor4.0.0 [58/90]: prompt - fix caching + - SAUCE: apparmor4.0.0 [59/90]: prompt - rework build to use append fn, to + simplify adding strings + - SAUCE: apparmor4.0.0 [60/90]: prompt - refcount notifications + - SAUCE: apparmor4.0.0 [61/90]: prompt - add the ability to reply with a + profile name + - SAUCE: apparmor4.0.0 [62/90]: prompt - fix notification cache when updating + - SAUCE: apparmor4.0.0 [63/90]: prompt - add tailglob on name for cache + support + - SAUCE: apparmor4.0.0 [64/90]: prompt - allow profiles to set prompts as + interruptible + - SAUCE: apparmor4.0.0 [65/90] v6.8 prompt:fixup interruptible + - SAUCE: apparmor4.0.0 [69/90]: add io_uring mediation + - SAUCE: apparmor4.0.0 [70/90]: apparmor: fix oops when racing to retrieve + notification + - SAUCE: apparmor4.0.0 [71/90]: apparmor: fix notification header size + - SAUCE: apparmor4.0.0 [72/90]: apparmor: fix request field from a prompt + reply that denies all access + - SAUCE: apparmor4.0.0 [73/90]: apparmor: open userns related sysctl so lxc + can check if restriction are in place + - SAUCE: apparmor4.0.0 [74/90]: apparmor: cleanup attachment perm lookup to + use lookup_perms() + - SAUCE: apparmor4.0.0 [75/90]: apparmor: remove redundant unconfined check. + - SAUCE: apparmor4.0.0 [76/90]: apparmor: switch signal mediation to using + RULE_MEDIATES + - SAUCE: apparmor4.0.0 [77/90]: apparmor: ensure labels with more than one + entry have correct flags + - SAUCE: apparmor4.0.0 [78/90]: apparmor: remove explicit restriction that + unconfined cannot use change_hat + - SAUCE: apparmor4.0.0 [79/90]: apparmor: cleanup: refactor file_perm() to + provide semantics of some checks + - SAUCE: apparmor4.0.0 [80/90]: apparmor: carry mediation check on label + - SAUCE: apparmor4.0.0 [81/90]: apparmor: convert easy uses of unconfined() to + label_mediates() + - SAUCE: apparmor4.0.0 [82/90]: apparmor: add additional flags to extended + permission. + - SAUCE: apparmor4.0.0 [83/90]: apparmor: add support for profiles to define + the kill signal + - SAUCE: apparmor4.0.0 [84/90]: apparmor: fix x_table_lookup when stacking is + not the first entry + - SAUCE: apparmor4.0.0 [85/90]: apparmor: allow profile to be transitioned + when a user ns is created + - SAUCE: apparmor4.0.0 [86/90]: apparmor: add ability to mediate caps with + policy state machine + - SAUCE: apparmor4.0.0 [87/90]: fixup notify + - SAUCE: apparmor4.0.0 [88/90]: apparmor: add fine grained ipv4/ipv6 mediation + - SAUCE: apparmor4.0.0 [89/90]:apparmor: disable tailglob responses for now + - SAUCE: apparmor4.0.0 [90/90]: apparmor: Fix notify build warnings + - SAUCE: apparmor4.0.0: fix reserved mem for when we save ipv6 addresses + - [Config] disable CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS + + * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe] + apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in mantic + (LP: #2032602) + - SAUCE: apparmor4.0.0 [66/90]: prompt - add support for advanced filtering of + notifications + - SAUCE: apparmor4.0.0 [67/90]: userns - add the ability to reference a global + variable for a feature value + - SAUCE: apparmor4.0.0 [68/90]: userns - make it so special unconfined + profiles can mediate user namespaces + + * [MTL] x86: Fix Cache info sysfs is not populated (LP: #2049793) + - SAUCE: cacheinfo: Check for null last-level cache info + - SAUCE: cacheinfo: Allocate memory for memory if not done from the primary + CPU + - SAUCE: x86/cacheinfo: Delete global num_cache_leaves + - SAUCE: x86/cacheinfo: Clean out init_cache_level() + + * Miscellaneous Ubuntu changes + - SAUCE: apparmor4.0.0: LSM stacking v39: fix build error with + CONFIG_SECURITY=n + - [Config] toolchain version update + + -- Paolo Pisati Fri, 12 Apr 2024 10:42:33 +0200 + +linux (6.8.0-22.22) noble; urgency=medium + + * noble/linux: 6.8.0-22.22 -proposed tracker (LP: #2060238) + + -- Andrea Righi Thu, 04 Apr 2024 23:00:49 +0200 + +linux (6.8.0-21.21) noble; urgency=medium + + * noble/linux: 6.8.0-21.21 -proposed tracker (LP: #2060225) + + * Miscellaneous Ubuntu changes + - [Config] update toolchain version in annotations + + -- Andrea Righi Thu, 04 Apr 2024 22:20:27 +0200 + +linux (6.8.0-20.20) noble; urgency=medium + + * noble/linux: 6.8.0-20.20 -proposed tracker (LP: #2058221) + + * Noble update: v6.8.1 upstream stable release (LP: #2058224) + - x86/mmio: Disable KVM mitigation when X86_FEATURE_CLEAR_CPU_BUF is set + - Documentation/hw-vuln: Add documentation for RFDS + - x86/rfds: Mitigate Register File Data Sampling (RFDS) + - KVM/x86: Export RFDS_NO and RFDS_CLEAR to guests + - Linux 6.8.1 + + * Autopkgtest failures on amd64 (LP: #2048768) + - [Packaging] update to clang-18 + + * Miscellaneous Ubuntu changes + - SAUCE: apparmor4.0.0: LSM stacking v39: fix build error with + CONFIG_SECURITY=n + - [Config] amd64: MITIGATION_RFDS=y + + -- Paolo Pisati Mon, 18 Mar 2024 11:08:14 +0100 + +linux (6.8.0-19.19) noble; urgency=medium + + * noble/linux: 6.8.0-19.19 -proposed tracker (LP: #2057910) + + * Miscellaneous Ubuntu changes + - [Packaging] re-introduce linux-doc as an empty package + + -- Paolo Pisati Thu, 14 Mar 2024 14:36:14 +0100 + +linux (6.8.0-18.18) noble; urgency=medium + + * noble/linux: 6.8.0-18.18 -proposed tracker (LP: #2057456) + + * Miscellaneous Ubuntu changes + - [Packaging] drop dependency on libclang-17 + + -- Paolo Pisati Tue, 12 Mar 2024 14:44:13 +0100 + +linux (6.8.0-17.17) noble; urgency=medium + + * noble/linux: 6.8.0-17.17 -proposed tracker (LP: #2056745) + + * Miscellaneous upstream changes + - Revert "UBUNTU: [Packaging] Add debian/control sanity check" + + -- Paolo Pisati Mon, 11 Mar 2024 12:46:38 +0100 + +linux (6.8.0-16.16) noble; urgency=medium + + * noble/linux: 6.8.0-16.16 -proposed tracker (LP: #2056738) + + * left-over ceph debugging printks (LP: #2056616) + - Revert "UBUNTU: SAUCE: ceph: make sure all the files successfully put before + unmounting" + + * qat: Improve error recovery flows (LP: #2056354) + - crypto: qat - add heartbeat error simulator + - crypto: qat - disable arbitration before reset + - crypto: qat - update PFVF protocol for recovery + - crypto: qat - re-enable sriov after pf reset + - crypto: qat - add fatal error notification + - crypto: qat - add auto reset on error + - crypto: qat - limit heartbeat notifications + - crypto: qat - improve aer error reset handling + - crypto: qat - change SLAs cleanup flow at shutdown + - crypto: qat - resolve race condition during AER recovery + - Documentation: qat: fix auto_reset section + + * update apparmor and LSM stacking patch set (LP: #2028253) + - SAUCE: apparmor4.0.0 [01/87]: LSM stacking v39: integrity: disassociate + ima_filter_rule from security_audit_rule + - SAUCE: apparmor4.0.0 [02/87]: LSM stacking v39: SM: Infrastructure + management of the sock security + - SAUCE: apparmor4.0.0 [03/87]: LSM stacking v39: LSM: Add the lsmblob data + structure. + - SAUCE: apparmor4.0.0 [04/87]: LSM stacking v39: IMA: avoid label collisions + with stacked LSMs + - SAUCE: apparmor4.0.0 [05/87]: LSM stacking v39: LSM: Use lsmblob in + security_audit_rule_match + - SAUCE: apparmor4.0.0 [06/87]: LSM stacking v39: LSM: Add lsmblob_to_secctx + hook + - SAUCE: apparmor4.0.0 [07/87]: LSM stacking v39: Audit: maintain an lsmblob + in audit_context + - SAUCE: apparmor4.0.0 [08/87]: LSM stacking v39: LSM: Use lsmblob in + security_ipc_getsecid + - SAUCE: apparmor4.0.0 [09/87]: LSM stacking v39: Audit: Update shutdown LSM + data + - SAUCE: apparmor4.0.0 [10/87]: LSM stacking v39: LSM: Use lsmblob in + security_current_getsecid + - SAUCE: apparmor4.0.0 [11/87]: LSM stacking v39: LSM: Use lsmblob in + security_inode_getsecid + - SAUCE: apparmor4.0.0 [12/87]: LSM stacking v39: Audit: use an lsmblob in + audit_names + - SAUCE: apparmor4.0.0 [13/87]: LSM stacking v39: LSM: Create new + security_cred_getlsmblob LSM hook + - SAUCE: apparmor4.0.0 [14/87]: LSM stacking v39: Audit: Change context data + from secid to lsmblob + - SAUCE: apparmor4.0.0 [15/87]: LSM stacking v39: Netlabel: Use lsmblob for + audit data + - SAUCE: apparmor4.0.0 [16/87]: LSM stacking v39: LSM: Ensure the correct LSM + context releaser + - SAUCE: apparmor4.0.0 [17/87]: LSM stacking v39: LSM: Use lsmcontext in + security_secid_to_secctx + - SAUCE: apparmor4.0.0 [18/87]: LSM stacking v39: LSM: Use lsmcontext in + security_lsmblob_to_secctx + - SAUCE: apparmor4.0.0 [19/87]: LSM stacking v39: LSM: Use lsmcontext in + security_inode_getsecctx + - SAUCE: apparmor4.0.0 [20/87]: LSM stacking v39: LSM: Use lsmcontext in + security_dentry_init_security + - SAUCE: apparmor4.0.0 [21/87]: LSM stacking v39: LSM: + security_lsmblob_to_secctx module selection + - SAUCE: apparmor4.0.0 [22/87]: LSM stacking v39: Audit: Create audit_stamp + structure + - SAUCE: apparmor4.0.0 [23/87]: LSM stacking v39: Audit: Allow multiple + records in an audit_buffer + - SAUCE: apparmor4.0.0 [24/87]: LSM stacking v39: Audit: Add record for + multiple task security contexts + - SAUCE: apparmor4.0.0 [25/87]: LSM stacking v39: audit: multiple subject lsm + values for netlabel + - SAUCE: apparmor4.0.0 [26/87]: LSM stacking v39: Audit: Add record for + multiple object contexts + - SAUCE: apparmor4.0.0 [27/87]: LSM stacking v39: LSM: Remove unused + lsmcontext_init() + - SAUCE: apparmor4.0.0 [28/87]: LSM stacking v39: LSM: Improve logic in + security_getprocattr + - SAUCE: apparmor4.0.0 [29/87]: LSM stacking v39: LSM: secctx provider check + on release + - SAUCE: apparmor4.0.0 [31/87]: LSM stacking v39: LSM: Exclusive secmark usage + - SAUCE: apparmor4.0.0 [32/87]: LSM stacking v39: LSM: Identify which LSM + handles the context string + - SAUCE: apparmor4.0.0 [33/87]: LSM stacking v39: AppArmor: Remove the + exclusive flag + - SAUCE: apparmor4.0.0 [34/87]: LSM stacking v39: LSM: Add mount opts blob + size tracking + - SAUCE: apparmor4.0.0 [35/87]: LSM stacking v39: LSM: allocate mnt_opts blobs + instead of module specific data + - SAUCE: apparmor4.0.0 [36/87]: LSM stacking v39: LSM: Infrastructure + management of the key security blob + - SAUCE: apparmor4.0.0 [37/87]: LSM stacking v39: LSM: Infrastructure + management of the mnt_opts security blob + - SAUCE: apparmor4.0.0 [38/87]: LSM stacking v39: LSM: Correct handling of + ENOSYS in inode_setxattr + - SAUCE: apparmor4.0.0 [39/87]: LSM stacking v39: LSM: Remove lsmblob + scaffolding + - SAUCE: apparmor4.0.0 [40/87]: LSM stacking v39: LSM: Allow reservation of + netlabel + - SAUCE: apparmor4.0.0 [41/87]: LSM stacking v39: LSM: restrict + security_cred_getsecid() to a single LSM + - SAUCE: apparmor4.0.0 [42/87]: LSM stacking v39: Smack: Remove + LSM_FLAG_EXCLUSIVE + - SAUCE: apparmor4.0.0 [43/87]: LSM stacking v39: UBUNTU: SAUCE: apparmor4.0.0 + [12/95]: add/use fns to print hash string hex value + - SAUCE: apparmor4.0.0 [44/87]: patch to provide compatibility with v2.x net + rules + - SAUCE: apparmor4.0.0 [45/87]: add unpriviled user ns mediation + - SAUCE: apparmor4.0.0 [46/87]: Add sysctls for additional controls of unpriv + userns restrictions + - SAUCE: apparmor4.0.0 [47/87]: af_unix mediation + - SAUCE: apparmor4.0.0 [48/87]: Add fine grained mediation of posix mqueues + - SAUCE: apparmor4.0.0 [49/87]: setup slab cache for audit data + - SAUCE: apparmor4.0.0 [50/87]: Improve debug print infrastructure + - SAUCE: apparmor4.0.0 [51/87]: add the ability for profiles to have a + learning cache + - SAUCE: apparmor4.0.0 [52/87]: enable userspace upcall for mediation + - SAUCE: apparmor4.0.0 [53/87]: prompt - lock down prompt interface + - SAUCE: apparmor4.0.0 [54/87]: prompt - allow controlling of caching of a + prompt response + - SAUCE: apparmor4.0.0 [55/87]: prompt - add refcount to audit_node in prep or + reuse and delete + - SAUCE: apparmor4.0.0 [56/87]: prompt - refactor to moving caching to + uresponse + - SAUCE: apparmor4.0.0 [57/87]: prompt - Improve debug statements + - SAUCE: apparmor4.0.0 [58/87]: prompt - fix caching + - SAUCE: apparmor4.0.0 [59/87]: prompt - rework build to use append fn, to + simplify adding strings + - SAUCE: apparmor4.0.0 [60/87]: prompt - refcount notifications + - SAUCE: apparmor4.0.0 [61/87]: prompt - add the ability to reply with a + profile name + - SAUCE: apparmor4.0.0 [62/87]: prompt - fix notification cache when updating + - SAUCE: apparmor4.0.0 [63/87]: prompt - add tailglob on name for cache + support + - SAUCE: apparmor4.0.0 [64/87]: prompt - allow profiles to set prompts as + interruptible + - SAUCE: apparmor4.0.0 [65/87] v6.8 prompt:fixup interruptible + - SAUCE: apparmor4.0.0 [69/87]: add io_uring mediation + - SAUCE: apparmor4.0.0 [70/87]: apparmor: fix oops when racing to retrieve + notification + - SAUCE: apparmor4.0.0 [71/87]: apparmor: fix notification header size + - SAUCE: apparmor4.0.0 [72/87]: apparmor: fix request field from a prompt + reply that denies all access + - SAUCE: apparmor4.0.0 [73/87]: apparmor: open userns related sysctl so lxc + can check if restriction are in place + - SAUCE: apparmor4.0.0 [74/87]: apparmor: cleanup attachment perm lookup to + use lookup_perms() + - SAUCE: apparmor4.0.0 [75/87]: apparmor: remove redundant unconfined check. + - SAUCE: apparmor4.0.0 [76/87]: apparmor: switch signal mediation to using + RULE_MEDIATES + - SAUCE: apparmor4.0.0 [77/87]: apparmor: ensure labels with more than one + entry have correct flags + - SAUCE: apparmor4.0.0 [78/87]: apparmor: remove explicit restriction that + unconfined cannot use change_hat + - SAUCE: apparmor4.0.0 [79/87]: apparmor: cleanup: refactor file_perm() to + provide semantics of some checks + - SAUCE: apparmor4.0.0 [80/87]: apparmor: carry mediation check on label + - SAUCE: apparmor4.0.0 [81/87]: apparmor: convert easy uses of unconfined() to + label_mediates() + - SAUCE: apparmor4.0.0 [82/87]: apparmor: add additional flags to extended + permission. + - SAUCE: apparmor4.0.0 [83/87]: apparmor: add support for profiles to define + the kill signal + - SAUCE: apparmor4.0.0 [84/87]: apparmor: fix x_table_lookup when stacking is + not the first entry + - SAUCE: apparmor4.0.0 [85/87]: apparmor: allow profile to be transitioned + when a user ns is created + - SAUCE: apparmor4.0.0 [86/87]: apparmor: add ability to mediate caps with + policy state machine + - SAUCE: apparmor4.0.0 [87/87]: fixup notify + - [Config] disable CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS + + * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe] + apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in mantic + (LP: #2032602) + - SAUCE: apparmor4.0.0 [66/87]: prompt - add support for advanced filtering of + notifications + - SAUCE: apparmor4.0.0 [67/87]: userns - add the ability to reference a global + variable for a feature value + - SAUCE: apparmor4.0.0 [68/87]: userns - make it so special unconfined + profiles can mediate user namespaces + + * Enable lowlatency settings in the generic kernel (LP: #2051342) + - [Config] enable low-latency settings + + * hwmon: (coretemp) Fix core count limitation (LP: #2056126) + - hwmon: (coretemp) Introduce enum for attr index + - hwmon: (coretemp) Remove unnecessary dependency of array index + - hwmon: (coretemp) Replace sensor_device_attribute with device_attribute + - hwmon: (coretemp) Remove redundant pdata->cpu_map[] + - hwmon: (coretemp) Abstract core_temp helpers + - hwmon: (coretemp) Split package temp_data and core temp_data + - hwmon: (coretemp) Remove redundant temp_data->is_pkg_data + - hwmon: (coretemp) Use dynamic allocated memory for core temp_data + + * Miscellaneous Ubuntu changes + - [Config] Disable CONFIG_CRYPTO_DEV_QAT_ERROR_INJECTION + - [Packaging] remove debian/scripts/misc/arch-has-odm-enabled.sh + - rebase on v6.8 + - [Config] toolchain version update + + * Miscellaneous upstream changes + - crypto: qat - add fatal error notify method + + * Rebase on v6.8 + + -- Paolo Pisati Mon, 11 Mar 2024 10:14:10 +0100 + +linux (6.8.0-15.15) noble; urgency=medium + + * noble/linux: 6.8.0-15.15 -proposed tracker (LP: #2055871) + + * Miscellaneous Ubuntu changes + - rebase on v6.8-rc7 + + * Miscellaneous upstream changes + - Revert "UBUNTU: [Packaging] Transition laptop-23.10 to generic" + + * Rebase on v6.8-rc7 + + -- Paolo Pisati Mon, 04 Mar 2024 11:50:51 +0100 + +linux (6.8.0-14.14) noble; urgency=medium + + * noble/linux: 6.8.0-14.14 -proposed tracker (LP: #2055551) + + * Please change CONFIG_CONSOLE_LOGLEVEL_QUIET to 3 (LP: #2049390) + - [Config] reduce verbosity when booting in quiet mode + + * linux: please move erofs.ko (CONFIG_EROFS for EROFS support) from linux- + modules-extra to linux-modules (LP: #2054809) + - UBUNTU [Packaging]: Include erofs in linux-modules instead of linux-modules- + extra + + * linux: please move dmi-sysfs.ko (CONFIG_DMI_SYSFS for SMBIOS support) from + linux-modules-extra to linux-modules (LP: #2045561) + - [Packaging] Move dmi-sysfs.ko into linux-modules + + * Enable CONFIG_INTEL_IOMMU_DEFAULT_ON and + CONFIG_INTEL_IOMMU_SCALABLE_MODE_DEFAULT_ON (LP: #1951440) + - [Config] enable Intel DMA remapping by default + + * disable Intel DMA remapping by default (LP: #1971699) + - [Config] update tracking bug for CONFIG_INTEL_IOMMU_DEFAULT_ON + + * Packaging resync (LP: #1786013) + - debian.master/dkms-versions -- update from kernel-versions + (main/d2024.02.29) + + * Miscellaneous Ubuntu changes + - SAUCE: modpost: Replace 0-length array with flex-array member + - [packaging] do not include debian/ directory in a binary package + - [packaging] remove debian/stamps/keep-dir + + -- Paolo Pisati Fri, 01 Mar 2024 11:45:12 +0100 + +linux (6.8.0-13.13) noble; urgency=medium + + * noble/linux: 6.8.0-13.13 -proposed tracker (LP: #2055421) + + * Packaging resync (LP: #1786013) + - debian.master/dkms-versions -- update from kernel-versions + (main/d2024.02.29) + + * Miscellaneous Ubuntu changes + - rebase on v6.8-rc6 + - [Config] updateconfifs following v6.8-rc6 rebase + + * Rebase on v6.8-rc6 + + -- Paolo Pisati Thu, 29 Feb 2024 15:02:24 +0100 + +linux (6.8.0-12.12) noble; urgency=medium + + * linux-tools-common: man page of usbip[d] is misplaced (LP: #2054094) + - [Packaging] rules: Put usbip manpages in the correct directory + + * Validate connection interval to pass Bluetooth Test Suite (LP: #2052005) + - Bluetooth: Enforce validation on max value of connection interval + + * Turning COMPAT_32BIT_TIME off on s390x (LP: #2038583) + - [Config] Turn off 31-bit COMPAT on s390x + + * Don't produce linux-source binary package (LP: #2043994) + - [Packaging] Add debian/control sanity check + + * Don't produce linux-*-source- package (LP: #2052439) + - [Packaging] Move linux-source package stub to debian/control.d + - [Packaging] Build linux-source package only for the main kernel + + * Don't produce linux-*-cloud-tools-common, linux-*-tools-common and + linux-*-tools-host binary packages (LP: #2048183) + - [Packaging] Move indep tools package stubs to debian/control.d + - [Packaging] Build indep tools packages only for the main kernel + + * Enable CONFIG_INTEL_IOMMU_DEFAULT_ON and + CONFIG_INTEL_IOMMU_SCALABLE_MODE_DEFAULT_ON (LP: #1951440) + - [Config] enable Intel DMA remapping by default + + * disable Intel DMA remapping by default (LP: #1971699) + - [Config] update tracking bug for CONFIG_INTEL_IOMMU_DEFAULT_ON + + * Miscellaneous Ubuntu changes + - [Packaging] Transition laptop-23.10 to generic + + -- Paolo Pisati Thu, 22 Feb 2024 14:31:00 +0100 + +linux (6.8.0-11.11) noble; urgency=medium + + * noble/linux: 6.8.0-11.11 -proposed tracker (LP: #2053094) + + * Miscellaneous Ubuntu changes + - [Packaging] riscv64: disable building unnecessary binary debs + + -- Paolo Pisati Wed, 14 Feb 2024 00:04:31 +0100 + +linux (6.8.0-10.10) noble; urgency=medium + + * noble/linux: 6.8.0-10.10 -proposed tracker (LP: #2053015) + + * Miscellaneous Ubuntu changes + - [Packaging] add Rust build-deps for riscv64 + + * Miscellaneous upstream changes + - Revert "Revert "UBUNTU: [Packaging] temporarily disable Rust dependencies on + riscv64"" + + -- Paolo Pisati Tue, 13 Feb 2024 13:23:47 +0100 + +linux (6.8.0-9.9) noble; urgency=medium + + * noble/linux: 6.8.0-9.9 -proposed tracker (LP: #2052945) + + * Miscellaneous upstream changes + - Revert "UBUNTU: [Packaging] temporarily disable Rust dependencies on + riscv64" + + -- Paolo Pisati Mon, 12 Feb 2024 15:49:20 +0100 + +linux (6.8.0-8.8) noble; urgency=medium + + * noble/linux: 6.8.0-8.8 -proposed tracker (LP: #2052918) + + * Miscellaneous Ubuntu changes + - [Packaging] riscv64: enable linux-libc-dev build + - v6.8-rc4 rebase + + * Rebase on v6.8-rc4 + + -- Paolo Pisati Mon, 12 Feb 2024 10:13:34 +0100 + +linux (6.8.0-7.7) noble; urgency=medium + + * noble/linux: 6.8.0-7.7 -proposed tracker (LP: #2052691) + + * update apparmor and LSM stacking patch set (LP: #2028253) + - SAUCE: apparmor4.0.0 [01/87]: LSM stacking v39: integrity: disassociate + ima_filter_rule from security_audit_rule + - SAUCE: apparmor4.0.0 [02/87]: LSM stacking v39: SM: Infrastructure + management of the sock security + - SAUCE: apparmor4.0.0 [03/87]: LSM stacking v39: LSM: Add the lsmblob data + structure. + - SAUCE: apparmor4.0.0 [04/87]: LSM stacking v39: IMA: avoid label collisions + with stacked LSMs + - SAUCE: apparmor4.0.0 [05/87]: LSM stacking v39: LSM: Use lsmblob in + security_audit_rule_match + - SAUCE: apparmor4.0.0 [06/87]: LSM stacking v39: LSM: Add lsmblob_to_secctx + hook + - SAUCE: apparmor4.0.0 [07/87]: LSM stacking v39: Audit: maintain an lsmblob + in audit_context + - SAUCE: apparmor4.0.0 [08/87]: LSM stacking v39: LSM: Use lsmblob in + security_ipc_getsecid + - SAUCE: apparmor4.0.0 [09/87]: LSM stacking v39: Audit: Update shutdown LSM + data + - SAUCE: apparmor4.0.0 [10/87]: LSM stacking v39: LSM: Use lsmblob in + security_current_getsecid + - SAUCE: apparmor4.0.0 [11/87]: LSM stacking v39: LSM: Use lsmblob in + security_inode_getsecid + - SAUCE: apparmor4.0.0 [12/87]: LSM stacking v39: Audit: use an lsmblob in + audit_names + - SAUCE: apparmor4.0.0 [13/87]: LSM stacking v39: LSM: Create new + security_cred_getlsmblob LSM hook + - SAUCE: apparmor4.0.0 [14/87]: LSM stacking v39: Audit: Change context data + from secid to lsmblob + - SAUCE: apparmor4.0.0 [15/87]: LSM stacking v39: Netlabel: Use lsmblob for + audit data + - SAUCE: apparmor4.0.0 [16/87]: LSM stacking v39: LSM: Ensure the correct LSM + context releaser + - SAUCE: apparmor4.0.0 [17/87]: LSM stacking v39: LSM: Use lsmcontext in + security_secid_to_secctx + - SAUCE: apparmor4.0.0 [18/87]: LSM stacking v39: LSM: Use lsmcontext in + security_lsmblob_to_secctx + - SAUCE: apparmor4.0.0 [19/87]: LSM stacking v39: LSM: Use lsmcontext in + security_inode_getsecctx + - SAUCE: apparmor4.0.0 [20/87]: LSM stacking v39: LSM: Use lsmcontext in + security_dentry_init_security + - SAUCE: apparmor4.0.0 [21/87]: LSM stacking v39: LSM: + security_lsmblob_to_secctx module selection + - SAUCE: apparmor4.0.0 [22/87]: LSM stacking v39: Audit: Create audit_stamp + structure + - SAUCE: apparmor4.0.0 [23/87]: LSM stacking v39: Audit: Allow multiple + records in an audit_buffer + - SAUCE: apparmor4.0.0 [24/87]: LSM stacking v39: Audit: Add record for + multiple task security contexts + - SAUCE: apparmor4.0.0 [25/87]: LSM stacking v39: audit: multiple subject lsm + values for netlabel + - SAUCE: apparmor4.0.0 [26/87]: LSM stacking v39: Audit: Add record for + multiple object contexts + - SAUCE: apparmor4.0.0 [27/87]: LSM stacking v39: LSM: Remove unused + lsmcontext_init() + - SAUCE: apparmor4.0.0 [28/87]: LSM stacking v39: LSM: Improve logic in + security_getprocattr + - SAUCE: apparmor4.0.0 [29/87]: LSM stacking v39: LSM: secctx provider check + on release + - SAUCE: apparmor4.0.0 [31/87]: LSM stacking v39: LSM: Exclusive secmark usage + - SAUCE: apparmor4.0.0 [32/87]: LSM stacking v39: LSM: Identify which LSM + handles the context string + - SAUCE: apparmor4.0.0 [33/87]: LSM stacking v39: AppArmor: Remove the + exclusive flag + - SAUCE: apparmor4.0.0 [34/87]: LSM stacking v39: LSM: Add mount opts blob + size tracking + - SAUCE: apparmor4.0.0 [35/87]: LSM stacking v39: LSM: allocate mnt_opts blobs + instead of module specific data + - SAUCE: apparmor4.0.0 [36/87]: LSM stacking v39: LSM: Infrastructure + management of the key security blob + - SAUCE: apparmor4.0.0 [37/87]: LSM stacking v39: LSM: Infrastructure + management of the mnt_opts security blob + - SAUCE: apparmor4.0.0 [38/87]: LSM stacking v39: LSM: Correct handling of + ENOSYS in inode_setxattr + - SAUCE: apparmor4.0.0 [39/87]: LSM stacking v39: LSM: Remove lsmblob + scaffolding + - SAUCE: apparmor4.0.0 [40/87]: LSM stacking v39: LSM: Allow reservation of + netlabel + - SAUCE: apparmor4.0.0 [41/87]: LSM stacking v39: LSM: restrict + security_cred_getsecid() to a single LSM + - SAUCE: apparmor4.0.0 [42/87]: LSM stacking v39: Smack: Remove + LSM_FLAG_EXCLUSIVE + - SAUCE: apparmor4.0.0 [43/87]: LSM stacking v39: UBUNTU: SAUCE: apparmor4.0.0 + [12/95]: add/use fns to print hash string hex value + - SAUCE: apparmor4.0.0 [44/87]: patch to provide compatibility with v2.x net + rules + - SAUCE: apparmor4.0.0 [45/87]: add unpriviled user ns mediation + - SAUCE: apparmor4.0.0 [46/87]: Add sysctls for additional controls of unpriv + userns restrictions + - SAUCE: apparmor4.0.0 [47/87]: af_unix mediation + - SAUCE: apparmor4.0.0 [48/87]: Add fine grained mediation of posix mqueues + - SAUCE: apparmor4.0.0 [49/87]: setup slab cache for audit data + - SAUCE: apparmor4.0.0 [50/87]: Improve debug print infrastructure + - SAUCE: apparmor4.0.0 [51/87]: add the ability for profiles to have a + learning cache + - SAUCE: apparmor4.0.0 [52/87]: enable userspace upcall for mediation + - SAUCE: apparmor4.0.0 [53/87]: prompt - lock down prompt interface + - SAUCE: apparmor4.0.0 [54/87]: prompt - allow controlling of caching of a + prompt response + - SAUCE: apparmor4.0.0 [55/87]: prompt - add refcount to audit_node in prep or + reuse and delete + - SAUCE: apparmor4.0.0 [56/87]: prompt - refactor to moving caching to + uresponse + - SAUCE: apparmor4.0.0 [57/87]: prompt - Improve debug statements + - SAUCE: apparmor4.0.0 [58/87]: prompt - fix caching + - SAUCE: apparmor4.0.0 [59/87]: prompt - rework build to use append fn, to + simplify adding strings + - SAUCE: apparmor4.0.0 [60/87]: prompt - refcount notifications + - SAUCE: apparmor4.0.0 [61/87]: prompt - add the ability to reply with a + profile name + - SAUCE: apparmor4.0.0 [62/87]: prompt - fix notification cache when updating + - SAUCE: apparmor4.0.0 [63/87]: prompt - add tailglob on name for cache + support + - SAUCE: apparmor4.0.0 [64/87]: prompt - allow profiles to set prompts as + interruptible + - SAUCE: apparmor4.0.0 [65/87] v6.8 prompt:fixup interruptible + - SAUCE: apparmor4.0.0 [69/87]: add io_uring mediation + - SAUCE: apparmor4.0.0 [70/87]: apparmor: fix oops when racing to retrieve + notification + - SAUCE: apparmor4.0.0 [71/87]: apparmor: fix notification header size + - SAUCE: apparmor4.0.0 [72/87]: apparmor: fix request field from a prompt + reply that denies all access + - SAUCE: apparmor4.0.0 [73/87]: apparmor: open userns related sysctl so lxc + can check if restriction are in place + - SAUCE: apparmor4.0.0 [74/87]: apparmor: cleanup attachment perm lookup to + use lookup_perms() + - SAUCE: apparmor4.0.0 [75/87]: apparmor: remove redundant unconfined check. + - SAUCE: apparmor4.0.0 [76/87]: apparmor: switch signal mediation to using + RULE_MEDIATES + - SAUCE: apparmor4.0.0 [77/87]: apparmor: ensure labels with more than one + entry have correct flags + - SAUCE: apparmor4.0.0 [78/87]: apparmor: remove explicit restriction that + unconfined cannot use change_hat + - SAUCE: apparmor4.0.0 [79/87]: apparmor: cleanup: refactor file_perm() to + provide semantics of some checks + - SAUCE: apparmor4.0.0 [80/87]: apparmor: carry mediation check on label + - SAUCE: apparmor4.0.0 [81/87]: apparmor: convert easy uses of unconfined() to + label_mediates() + - SAUCE: apparmor4.0.0 [82/87]: apparmor: add additional flags to extended + permission. + - SAUCE: apparmor4.0.0 [83/87]: apparmor: add support for profiles to define + the kill signal + - SAUCE: apparmor4.0.0 [84/87]: apparmor: fix x_table_lookup when stacking is + not the first entry + - SAUCE: apparmor4.0.0 [85/87]: apparmor: allow profile to be transitioned + when a user ns is created + - SAUCE: apparmor4.0.0 [86/87]: apparmor: add ability to mediate caps with + policy state machine + - SAUCE: apparmor4.0.0 [87/87]: fixup notify + - [Config] disable CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS + + * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe] + apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in mantic + (LP: #2032602) + - SAUCE: apparmor4.0.0 [66/87]: prompt - add support for advanced filtering of + notifications + - SAUCE: apparmor4.0.0 [67/87]: userns - add the ability to reference a global + variable for a feature value + - SAUCE: apparmor4.0.0 [68/87]: userns - make it so special unconfined + profiles can mediate user namespaces + + -- Paolo Pisati Thu, 08 Feb 2024 12:05:44 +0100 + +linux (6.8.0-6.6) noble; urgency=medium + + * noble/linux: 6.8.0-6.6 -proposed tracker (LP: #2052592) + + * Packaging resync (LP: #1786013) + - debian.master/dkms-versions -- update from kernel-versions + (main/d2024.02.07) + - [Packaging] update variants + + * FIPS kernels should default to fips mode (LP: #2049082) + - SAUCE: Enable fips mode by default, in FIPS kernels only + + * Fix snapcraftyaml.yaml for jammy:linux-raspi (LP: #2051468) + - [Packaging] Remove old snapcraft.yaml + + * Azure: Fix regression introduced in LP: #2045069 (LP: #2052453) + - hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed + + * Miscellaneous Ubuntu changes + - [Packaging] Remove in-tree abi checks + - [Packaging] drop abi files with clean + - [Packaging] Remove do_full_source variable (fixup) + - [Packaging] Remove update-dkms-versions and move dkms-versions + - [Config] updateconfigs following v6.8-rc3 rebase + - [packaging] rename to linux + - [packaging] rebase on v6.8-rc3 + - [packaging] disable signing for ppc64el + + * Rebase on v6.8-rc3 + + -- Paolo Pisati Wed, 07 Feb 2024 15:13:52 +0100 + +linux (6.8.0-5.5) noble; urgency=medium + + * noble/linux-unstable: 6.8.0-5.5 -proposed tracker (LP: #2052136) + + * Miscellaneous upstream changes + - Revert "mm/sparsemem: fix race in accessing memory_section->usage" + + -- Paolo Pisati Fri, 02 Feb 2024 12:59:09 +0100 + +linux-unstable (6.8.0-4.4) noble; urgency=medium + + * noble/linux-unstable: 6.8.0-4.4 -proposed tracker (LP: #2051502) + + * Migrate from fbdev drivers to simpledrm and DRM fbdev emulation layer + (LP: #1965303) + - [Config] enable simpledrm and DRM fbdev emulation layer + + * Miscellaneous Ubuntu changes + - [Config] toolchain update + + * Miscellaneous upstream changes + - rust: upgrade to Rust 1.75.0 + + -- Paolo Pisati Mon, 29 Jan 2024 14:49:49 +0100 + +linux-unstable (6.8.0-3.3) noble; urgency=medium + + * noble/linux-unstable: 6.8.0-3.3 -proposed tracker (LP: #2051488) + + * update apparmor and LSM stacking patch set (LP: #2028253) + - SAUCE: apparmor4.0.0 [43/87]: LSM stacking v39: UBUNTU: SAUCE: apparmor4.0.0 + [12/95]: add/use fns to print hash string hex value + - SAUCE: apparmor4.0.0 [44/87]: patch to provide compatibility with v2.x net + rules + - SAUCE: apparmor4.0.0 [45/87]: add unpriviled user ns mediation + - SAUCE: apparmor4.0.0 [46/87]: Add sysctls for additional controls of unpriv + userns restrictions + - SAUCE: apparmor4.0.0 [47/87]: af_unix mediation + - SAUCE: apparmor4.0.0 [48/87]: Add fine grained mediation of posix mqueues + - SAUCE: apparmor4.0.0 [49/87]: setup slab cache for audit data + - SAUCE: apparmor4.0.0 [50/87]: Improve debug print infrastructure + - SAUCE: apparmor4.0.0 [51/87]: add the ability for profiles to have a + learning cache + - SAUCE: apparmor4.0.0 [52/87]: enable userspace upcall for mediation + - SAUCE: apparmor4.0.0 [53/87]: prompt - lock down prompt interface + - SAUCE: apparmor4.0.0 [54/87]: prompt - allow controlling of caching of a + prompt response + - SAUCE: apparmor4.0.0 [55/87]: prompt - add refcount to audit_node in prep or + reuse and delete + - SAUCE: apparmor4.0.0 [56/87]: prompt - refactor to moving caching to + uresponse + - SAUCE: apparmor4.0.0 [57/87]: prompt - Improve debug statements + - SAUCE: apparmor4.0.0 [58/87]: prompt - fix caching + - SAUCE: apparmor4.0.0 [59/87]: prompt - rework build to use append fn, to + simplify adding strings + - SAUCE: apparmor4.0.0 [60/87]: prompt - refcount notifications + - SAUCE: apparmor4.0.0 [61/87]: prompt - add the ability to reply with a + profile name + - SAUCE: apparmor4.0.0 [62/87]: prompt - fix notification cache when updating + - SAUCE: apparmor4.0.0 [63/87]: prompt - add tailglob on name for cache + support + - SAUCE: apparmor4.0.0 [64/87]: prompt - allow profiles to set prompts as + interruptible + - SAUCE: apparmor4.0.0 [69/87]: add io_uring mediation + - [Config] disable CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS + + * apparmor restricts read access of user namespace mediation sysctls to root + (LP: #2040194) + - SAUCE: apparmor4.0.0 [73/87]: apparmor: open userns related sysctl so lxc + can check if restriction are in place + + * AppArmor spams kernel log with assert when auditing (LP: #2040192) + - SAUCE: apparmor4.0.0 [72/87]: apparmor: fix request field from a prompt + reply that denies all access + + * apparmor notification files verification (LP: #2040250) + - SAUCE: apparmor4.0.0 [71/87]: apparmor: fix notification header size + + * apparmor oops when racing to retrieve a notification (LP: #2040245) + - SAUCE: apparmor4.0.0 [70/87]: apparmor: fix oops when racing to retrieve + notification + + * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe] + apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in mantic + (LP: #2032602) + - SAUCE: apparmor4.0.0 [66/87]: prompt - add support for advanced filtering of + notifications + - SAUCE: apparmor4.0.0 [67/87]: userns - add the ability to reference a global + variable for a feature value + - SAUCE: apparmor4.0.0 [68/87]: userns - make it so special unconfined + profiles can mediate user namespaces + + * Miscellaneous Ubuntu changes + - SAUCE: apparmor4.0.0 [01/87]: LSM stacking v39: integrity: disassociate + ima_filter_rule from security_audit_rule + - SAUCE: apparmor4.0.0 [02/87]: LSM stacking v39: SM: Infrastructure + management of the sock security + - SAUCE: apparmor4.0.0 [03/87]: LSM stacking v39: LSM: Add the lsmblob data + structure. + - SAUCE: apparmor4.0.0 [04/87]: LSM stacking v39: IMA: avoid label collisions + with stacked LSMs + - SAUCE: apparmor4.0.0 [05/87]: LSM stacking v39: LSM: Use lsmblob in + security_audit_rule_match + - SAUCE: apparmor4.0.0 [06/87]: LSM stacking v39: LSM: Add lsmblob_to_secctx + hook + - SAUCE: apparmor4.0.0 [07/87]: LSM stacking v39: Audit: maintain an lsmblob + in audit_context + - SAUCE: apparmor4.0.0 [08/87]: LSM stacking v39: LSM: Use lsmblob in + security_ipc_getsecid + - SAUCE: apparmor4.0.0 [09/87]: LSM stacking v39: Audit: Update shutdown LSM + data + - SAUCE: apparmor4.0.0 [10/87]: LSM stacking v39: LSM: Use lsmblob in + security_current_getsecid + - SAUCE: apparmor4.0.0 [11/87]: LSM stacking v39: LSM: Use lsmblob in + security_inode_getsecid + - SAUCE: apparmor4.0.0 [12/87]: LSM stacking v39: Audit: use an lsmblob in + audit_names + - SAUCE: apparmor4.0.0 [13/87]: LSM stacking v39: LSM: Create new + security_cred_getlsmblob LSM hook + - SAUCE: apparmor4.0.0 [14/87]: LSM stacking v39: Audit: Change context data + from secid to lsmblob + - SAUCE: apparmor4.0.0 [15/87]: LSM stacking v39: Netlabel: Use lsmblob for + audit data + - SAUCE: apparmor4.0.0 [16/87]: LSM stacking v39: LSM: Ensure the correct LSM + context releaser + - SAUCE: apparmor4.0.0 [17/87]: LSM stacking v39: LSM: Use lsmcontext in + security_secid_to_secctx + - SAUCE: apparmor4.0.0 [18/87]: LSM stacking v39: LSM: Use lsmcontext in + security_lsmblob_to_secctx + - SAUCE: apparmor4.0.0 [19/87]: LSM stacking v39: LSM: Use lsmcontext in + security_inode_getsecctx + - SAUCE: apparmor4.0.0 [20/87]: LSM stacking v39: LSM: Use lsmcontext in + security_dentry_init_security + - SAUCE: apparmor4.0.0 [21/87]: LSM stacking v39: LSM: + security_lsmblob_to_secctx module selection + - SAUCE: apparmor4.0.0 [22/87]: LSM stacking v39: Audit: Create audit_stamp + structure + - SAUCE: apparmor4.0.0 [23/87]: LSM stacking v39: Audit: Allow multiple + records in an audit_buffer + - SAUCE: apparmor4.0.0 [24/87]: LSM stacking v39: Audit: Add record for + multiple task security contexts + - SAUCE: apparmor4.0.0 [25/87]: LSM stacking v39: audit: multiple subject lsm + values for netlabel + - SAUCE: apparmor4.0.0 [26/87]: LSM stacking v39: Audit: Add record for + multiple object contexts + - SAUCE: apparmor4.0.0 [27/87]: LSM stacking v39: LSM: Remove unused + lsmcontext_init() + - SAUCE: apparmor4.0.0 [28/87]: LSM stacking v39: LSM: Improve logic in + security_getprocattr + - SAUCE: apparmor4.0.0 [29/87]: LSM stacking v39: LSM: secctx provider check + on release + - SAUCE: apparmor4.0.0 [30/87]: LSM stacking v39: LSM: Single calls in + socket_getpeersec hooks + - SAUCE: apparmor4.0.0 [31/87]: LSM stacking v39: LSM: Exclusive secmark usage + - SAUCE: apparmor4.0.0 [32/87]: LSM stacking v39: LSM: Identify which LSM + handles the context string + - SAUCE: apparmor4.0.0 [33/87]: LSM stacking v39: AppArmor: Remove the + exclusive flag + - SAUCE: apparmor4.0.0 [34/87]: LSM stacking v39: LSM: Add mount opts blob + size tracking + - SAUCE: apparmor4.0.0 [35/87]: LSM stacking v39: LSM: allocate mnt_opts blobs + instead of module specific data + - SAUCE: apparmor4.0.0 [36/87]: LSM stacking v39: LSM: Infrastructure + management of the key security blob + - SAUCE: apparmor4.0.0 [37/87]: LSM stacking v39: LSM: Infrastructure + management of the mnt_opts security blob + - SAUCE: apparmor4.0.0 [38/87]: LSM stacking v39: LSM: Correct handling of + ENOSYS in inode_setxattr + - SAUCE: apparmor4.0.0 [39/87]: LSM stacking v39: LSM: Remove lsmblob + scaffolding + - SAUCE: apparmor4.0.0 [40/87]: LSM stacking v39: LSM: Allow reservation of + netlabel + - SAUCE: apparmor4.0.0 [41/87]: LSM stacking v39: LSM: restrict + security_cred_getsecid() to a single LSM + - SAUCE: apparmor4.0.0 [42/87]: LSM stacking v39: Smack: Remove + LSM_FLAG_EXCLUSIVE + - SAUCE: apparmor4.0.0 [65/87] v6.8 prompt:fixup interruptible + - SAUCE: apparmor4.0.0 [74/87]: apparmor: cleanup attachment perm lookup to + use lookup_perms() + - SAUCE: apparmor4.0.0 [75/87]: apparmor: remove redundant unconfined check. + - SAUCE: apparmor4.0.0 [76/87]: apparmor: switch signal mediation to using + RULE_MEDIATES + - SAUCE: apparmor4.0.0 [77/87]: apparmor: ensure labels with more than one + entry have correct flags + - SAUCE: apparmor4.0.0 [78/87]: apparmor: remove explicit restriction that + unconfined cannot use change_hat + - SAUCE: apparmor4.0.0 [79/87]: apparmor: cleanup: refactor file_perm() to + provide semantics of some checks + - SAUCE: apparmor4.0.0 [80/87]: apparmor: carry mediation check on label + - SAUCE: apparmor4.0.0 [81/87]: apparmor: convert easy uses of unconfined() to + label_mediates() + - SAUCE: apparmor4.0.0 [82/87]: apparmor: add additional flags to extended + permission. + - SAUCE: apparmor4.0.0 [83/87]: apparmor: add support for profiles to define + the kill signal + - SAUCE: apparmor4.0.0 [84/87]: apparmor: fix x_table_lookup when stacking is + not the first entry + - SAUCE: apparmor4.0.0 [85/87]: apparmor: allow profile to be transitioned + when a user ns is created + - SAUCE: apparmor4.0.0 [86/87]: apparmor: add ability to mediate caps with + policy state machine + - SAUCE: apparmor4.0.0 [87/87]: fixup notify + - [Config] updateconfigs following v6.8-rc2 rebase + + -- Paolo Pisati Mon, 29 Jan 2024 08:59:32 +0100 + +linux-unstable (6.8.0-2.2) noble; urgency=medium + + * noble/linux-unstable: 6.8.0-2.2 -proposed tracker (LP: #2051110) + + * Miscellaneous Ubuntu changes + - [Config] toolchain update + - [Config] enable Rust + + -- Paolo Pisati Wed, 24 Jan 2024 13:10:07 +0100 + +linux-unstable (6.8.0-1.1) noble; urgency=medium + + * noble/linux-unstable: 6.8.0-1.1 -proposed tracker (LP: #2051102) + + * Miscellaneous Ubuntu changes + - [packaging] move to v6.8-rc1 + - [Config] updateconfigs following v6.8-rc1 rebase + - SAUCE: export file_close_fd() instead of close_fd_get_file() + - SAUCE: cpufreq: s/strlcpy/strscpy/ + - debian/dkms-versions -- temporarily disable zfs dkms + - debian/dkms-versions -- temporarily disable ipu6 and isvsc dkms + - debian/dkms-versions -- temporarily disable v4l2loopback + + -- Paolo Pisati Wed, 24 Jan 2024 10:48:37 +0100 + +linux-unstable (6.8.0-0.0) noble; urgency=medium + + * Empty entry. + + -- Paolo Pisati Tue, 23 Jan 2024 11:36:40 +0100 + +linux-unstable (6.7.0-7.7) noble; urgency=medium + + * noble/linux-unstable: 6.7.0-7.7 -proposed tracker (LP: #2049357) + + * Packaging resync (LP: #1786013) + - [Packaging] update variants + + * Miscellaneous Ubuntu changes + - [Packaging] re-enable signing for s390x and ppc64el + + -- Andrea Righi Mon, 15 Jan 2024 08:41:11 +0100 + +linux-unstable (6.7.0-6.6) noble; urgency=medium + + * Empty entry. + + -- Andrea Righi Mon, 15 Jan 2024 08:30:50 +0100 + +linux (6.7.0-2.2) noble; urgency=medium + + * noble/linux: 6.7.0-2.2 -proposed tracker (LP: #2049182) + + * Packaging resync (LP: #1786013) + - [Packaging] resync getabis + + * Enforce RETPOLINE and SLS mitigrations (LP: #2046440) + - SAUCE: objtool: Make objtool check actually fatal upon fatal errors + - SAUCE: objtool: make objtool SLS validation fatal when building with + CONFIG_SLS=y + - SAUCE: objtool: make objtool RETPOLINE validation fatal when building with + CONFIG_RETPOLINE=y + - SAUCE: scripts: remove generating .o-ur objects + - [Packaging] Remove all custom retpoline-extract code + - Revert "UBUNTU: SAUCE: vga_set_mode -- avoid jump tables" + - Revert "UBUNTU: SAUCE: early/late -- annotate indirect calls in early/late + initialisation code" + - Revert "UBUNTU: SAUCE: apm -- annotate indirect calls within + firmware_restrict_branch_speculation_{start,end}" + + * Miscellaneous Ubuntu changes + - [Packaging] temporarily disable riscv64 builds + - [Packaging] temporarily disable Rust dependencies on riscv64 + + -- Andrea Righi Fri, 12 Jan 2024 09:21:57 +0100 + +linux (6.7.0-1.1) noble; urgency=medium + + * noble/linux: 6.7.0-1.1 -proposed tracker (LP: #2048859) + + * Packaging resync (LP: #1786013) + - [Packaging] update variants + - debian/dkms-versions -- update from kernel-versions (main/d2024.01.02) + + * [UBUNTU 23.04] Regression: Ubuntu 23.04/23.10 do not include uvdevice + anymore (LP: #2048919) + - [Config] Enable S390_UV_UAPI (built-in) + + * Support mipi camera on Intel Meteor Lake platform (LP: #2031412) + - SAUCE: iommu: intel-ipu: use IOMMU passthrough mode for Intel IPUs on Meteor + Lake + - SAUCE: platform/x86: int3472: Add handshake GPIO function + + * [SRU][J/L/M] UBUNTU: [Packaging] Make WWAN driver a loadable module + (LP: #2033406) + - [Packaging] Make WWAN driver loadable modules + + * usbip: error: failed to open /usr/share/hwdata//usb.ids (LP: #2039439) + - [Packaging] Make linux-tools-common depend on hwdata + + * [Mediatek] mt8195-demo: enable CONFIG_MTK_IOMMU as module for multimedia and + PCIE peripherals (LP: #2036587) + - [Config] Enable CONFIG_MTK_IOMMU on arm64 + + * linux-*: please enable dm-verity kconfigs to allow MoK/db verified root + images (LP: #2019040) + - [Config] CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG_SECONDARY_KEYRING=y + + * kexec enable to load/kdump zstd compressed zimg (LP: #2037398) + - [Packaging] Revert arm64 image format to Image.gz + + * Mantic minimized/minimal cloud images do not receive IP address during + provisioning; systemd regression with wait-online (LP: #2036968) + - [Config] Enable virtio-net as built-in to avoid race + + * Make backlight module auto detect dell_uart_backlight (LP: #2008882) + - SAUCE: ACPI: video: Dell AIO UART backlight detection + + * Linux 6.2 fails to reboot with current u-boot-nezha (LP: #2021364) + - [Config] Default to performance CPUFreq governor on riscv64 + + * Enable Nezha board (LP: #1975592) + - [Config] Build in D1 clock drivers on riscv64 + - [Config] Enable CONFIG_SUN6I_RTC_CCU on riscv64 + - [Config] Enable CONFIG_SUNXI_WATCHDOG on riscv64 + - [Config] Disable SUN50I_DE2_BUS on riscv64 + - [Config] Disable unneeded sunxi pinctrl drivers on riscv64 + + * Enable StarFive VisionFive 2 board (LP: #2013232) + - [Config] Enable CONFIG_PINCTRL_STARFIVE_JH7110_SYS on riscv64 + - [Config] Enable CONFIG_STARFIVE_WATCHDOG on riscv64 + + * rcu_sched detected stalls on CPUs/tasks (LP: #1967130) + - [Config] Enable virtually mapped stacks on riscv64 + + * Check for changes relevant for security certifications (LP: #1945989) + - [Packaging] Add a new fips-checks script + + * Installation support for SMARC RZ/G2L platform (LP: #2030525) + - [Config] build Renesas RZ/G2L USBPHY control driver statically + + * Add support for kernels compiled with CONFIG_EFI_ZBOOT (LP: #2002226) + - [Config]: Turn on CONFIG_EFI_ZBOOT on ARM64 + + * Default module signing algo should be accelerated (LP: #2034061) + - [Config] Default module signing algo should be accelerated + + * Miscellaneous Ubuntu changes + - [Config] annotations clean-up + + [ Upstream Kernel Changes ] + + * Rebase to v6.7 + + -- Andrea Righi Thu, 11 Jan 2024 11:49:07 +0100 + +linux (6.7.0-0.0) noble; urgency=medium + + * Empty entry + + -- Andrea Righi Tue, 09 Jan 2024 09:27:23 +0100 + +linux-unstable (6.7.0-5.5) noble; urgency=medium + + * noble/linux-unstable: 6.7.0-5.5 -proposed tracker (LP: #2048118) + + * Packaging resync (LP: #1786013) + - debian/dkms-versions -- update from kernel-versions (main/d2024.01.02) + + * Miscellaneous Ubuntu changes + - [Packaging] re-enable Rust support + - [Packaging] temporarily disable riscv64 builds + + -- Andrea Righi Fri, 05 Jan 2024 12:33:10 +0100 + +linux-unstable (6.7.0-4.4) noble; urgency=medium + + * noble/linux-unstable: 6.7.0-4.4 -proposed tracker (LP: #2047807) + + * unconfined profile denies userns_create for chromium based processes + (LP: #1990064) + - [Config] disable CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS + + * apparmor restricts read access of user namespace mediation sysctls to root + (LP: #2040194) + - SAUCE: apparmor4.0.0 [69/69]: apparmor: open userns related sysctl so lxc + can check if restriction are in place + + * AppArmor spams kernel log with assert when auditing (LP: #2040192) + - SAUCE: apparmor4.0.0 [68/69]: apparmor: fix request field from a prompt + reply that denies all access + + * apparmor notification files verification (LP: #2040250) + - SAUCE: apparmor4.0.0 [67/69]: apparmor: fix notification header size + + * apparmor oops when racing to retrieve a notification (LP: #2040245) + - SAUCE: apparmor4.0.0 [66/69]: apparmor: fix oops when racing to retrieve + notification + + * update apparmor and LSM stacking patch set (LP: #2028253) + - SAUCE: apparmor4.0.0 [01/69]: add/use fns to print hash string hex value + - SAUCE: apparmor4.0.0 [02/69]: patch to provide compatibility with v2.x net + rules + - SAUCE: apparmor4.0.0 [03/69]: add unpriviled user ns mediation + - SAUCE: apparmor4.0.0 [04/69]: Add sysctls for additional controls of unpriv + userns restrictions + - SAUCE: apparmor4.0.0 [05/69]: af_unix mediation + - SAUCE: apparmor4.0.0 [06/69]: Add fine grained mediation of posix mqueues + - SAUCE: apparmor4.0.0 [07/69]: Stacking v38: LSM: Identify modules by more + than name + - SAUCE: apparmor4.0.0 [08/69]: Stacking v38: LSM: Add an LSM identifier for + external use + - SAUCE: apparmor4.0.0 [09/69]: Stacking v38: LSM: Identify the process + attributes for each module + - SAUCE: apparmor4.0.0 [10/69]: Stacking v38: LSM: Maintain a table of LSM + attribute data + - SAUCE: apparmor4.0.0 [11/69]: Stacking v38: proc: Use lsmids instead of lsm + names for attrs + - SAUCE: apparmor4.0.0 [12/69]: Stacking v38: integrity: disassociate + ima_filter_rule from security_audit_rule + - SAUCE: apparmor4.0.0 [13/69]: Stacking v38: LSM: Infrastructure management + of the sock security + - SAUCE: apparmor4.0.0 [14/69]: Stacking v38: LSM: Add the lsmblob data + structure. + - SAUCE: apparmor4.0.0 [15/69]: Stacking v38: LSM: provide lsm name and id + slot mappings + - SAUCE: apparmor4.0.0 [16/69]: Stacking v38: IMA: avoid label collisions with + stacked LSMs + - SAUCE: apparmor4.0.0 [17/69]: Stacking v38: LSM: Use lsmblob in + security_audit_rule_match + - SAUCE: apparmor4.0.0 [18/69]: Stacking v38: LSM: Use lsmblob in + security_kernel_act_as + - SAUCE: apparmor4.0.0 [19/69]: Stacking v38: LSM: Use lsmblob in + security_secctx_to_secid + - SAUCE: apparmor4.0.0 [20/69]: Stacking v38: LSM: Use lsmblob in + security_secid_to_secctx + - SAUCE: apparmor4.0.0 [21/69]: Stacking v38: LSM: Use lsmblob in + security_ipc_getsecid + - SAUCE: apparmor4.0.0 [22/69]: Stacking v38: LSM: Use lsmblob in + security_current_getsecid + - SAUCE: apparmor4.0.0 [23/69]: Stacking v38: LSM: Use lsmblob in + security_inode_getsecid + - SAUCE: apparmor4.0.0 [24/69]: Stacking v38: LSM: Use lsmblob in + security_cred_getsecid + - SAUCE: apparmor4.0.0 [25/69]: Stacking v38: LSM: Specify which LSM to + display + - SAUCE: apparmor4.0.0 [27/69]: Stacking v38: LSM: Ensure the correct LSM + context releaser + - SAUCE: apparmor4.0.0 [28/69]: Stacking v38: LSM: Use lsmcontext in + security_secid_to_secctx + - SAUCE: apparmor4.0.0 [29/69]: Stacking v38: LSM: Use lsmcontext in + security_inode_getsecctx + - SAUCE: apparmor4.0.0 [30/69]: Stacking v38: Use lsmcontext in + security_dentry_init_security + - SAUCE: apparmor4.0.0 [31/69]: Stacking v38: LSM: security_secid_to_secctx in + netlink netfilter + - SAUCE: apparmor4.0.0 [32/69]: Stacking v38: NET: Store LSM netlabel data in + a lsmblob + - SAUCE: apparmor4.0.0 [33/69]: Stacking v38: binder: Pass LSM identifier for + confirmation + - SAUCE: apparmor4.0.0 [34/69]: Stacking v38: LSM: security_secid_to_secctx + module selection + - SAUCE: apparmor4.0.0 [35/69]: Stacking v38: Audit: Keep multiple LSM data in + audit_names + - SAUCE: apparmor4.0.0 [36/69]: Stacking v38: Audit: Create audit_stamp + structure + - SAUCE: apparmor4.0.0 [37/69]: Stacking v38: LSM: Add a function to report + multiple LSMs + - SAUCE: apparmor4.0.0 [38/69]: Stacking v38: Audit: Allow multiple records in + an audit_buffer + - SAUCE: apparmor4.0.0 [39/69]: Stacking v38: Audit: Add record for multiple + task security contexts + - SAUCE: apparmor4.0.0 [40/69]: Stacking v38: audit: multiple subject lsm + values for netlabel + - SAUCE: apparmor4.0.0 [41/69]: Stacking v38: Audit: Add record for multiple + object contexts + - SAUCE: apparmor4.0.0 [42/69]: Stacking v38: netlabel: Use a struct lsmblob + in audit data + - SAUCE: apparmor4.0.0 [43/69]: Stacking v38: LSM: Removed scaffolding + function lsmcontext_init + - SAUCE: apparmor4.0.0 [44/69]: Stacking v38: AppArmor: Remove the exclusive + flag + - SAUCE: apparmor4.0.0 [45/69]: setup slab cache for audit data + - SAUCE: apparmor4.0.0 [46/69]: Improve debug print infrastructure + - SAUCE: apparmor4.0.0 [47/69]: add the ability for profiles to have a + learning cache + - SAUCE: apparmor4.0.0 [48/69]: enable userspace upcall for mediation + - SAUCE: apparmor4.0.0 [49/69]: prompt - lock down prompt interface + - SAUCE: apparmor4.0.0 [50/69]: prompt - allow controlling of caching of a + prompt response + - SAUCE: apparmor4.0.0 [51/69]: prompt - add refcount to audit_node in prep or + reuse and delete + - SAUCE: apparmor4.0.0 [52/69]: prompt - refactor to moving caching to + uresponse + - SAUCE: apparmor4.0.0 [53/69]: prompt - Improve debug statements + - SAUCE: apparmor4.0.0 [54/69]: prompt - fix caching + - SAUCE: apparmor4.0.0 [55/69]: prompt - rework build to use append fn, to + simplify adding strings + - SAUCE: apparmor4.0.0 [56/69]: prompt - refcount notifications + - SAUCE: apparmor4.0.0 [57/69]: prompt - add the ability to reply with a + profile name + - SAUCE: apparmor4.0.0 [58/69]: prompt - fix notification cache when updating + - SAUCE: apparmor4.0.0 [59/69]: prompt - add tailglob on name for cache + support + - SAUCE: apparmor4.0.0 [60/69]: prompt - allow profiles to set prompts as + interruptible + - SAUCE: apparmor4.0.0 [64/69]: advertise disconnected.path is available + - SAUCE: apparmor4.0.0 [65/69]: add io_uring mediation + + * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe] + apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in mantic + (LP: #2032602) + - SAUCE: apparmor4.0.0 [61/69]: prompt - add support for advanced filtering of + notifications + - SAUCE: apparmor4.0.0 [62/69]: userns - add the ability to reference a global + variable for a feature value + - SAUCE: apparmor4.0.0 [63/69]: userns - make it so special unconfined + profiles can mediate user namespaces + + * udev fails to make prctl() syscall with apparmor=0 (as used by maas by + default) (LP: #2016908) // update apparmor and LSM stacking patch set + (LP: #2028253) + - SAUCE: apparmor4.0.0 [26/69]: Stacking v38: Fix prctl() syscall with + apparmor=0 + + * Fix RPL-U CPU C-state always keep at C3 when system run PHM with idle screen + on (LP: #2042385) + - SAUCE: r8169: Add quirks to enable ASPM on Dell platforms + + * [Debian] autoreconstruct - Do not generate chmod -x for deleted files + (LP: #2045562) + - [Debian] autoreconstruct - Do not generate chmod -x for deleted files + + * Disable Legacy TIOCSTI (LP: #2046192) + - [Config]: disable CONFIG_LEGACY_TIOCSTI + + * Packaging resync (LP: #1786013) + - [Packaging] update variants + - [Packaging] remove helper scripts + - [Packaging] update annotations scripts + + * Miscellaneous Ubuntu changes + - [Packaging] rules: Remove unused dkms make variables + - [Config] update annotations after rebase to v6.7-rc8 + + [ Upstream Kernel Changes ] + + * Rebase to v6.7-rc8 + + -- Andrea Righi Tue, 02 Jan 2024 14:57:21 +0100 + +linux-unstable (6.7.0-3.3) noble; urgency=medium + + * noble/linux-unstable: 6.7.0-3.3 -proposed tracker (LP: #2046060) + + * enable CONFIG_INTEL_TDX_HOST in linux >= 6.7 for noble (LP: #2046040) + - [Config] enable CONFIG_INTEL_TDX_HOST + + * linux tools packages for derived kernels refuse to install simultaneously + due to libcpupower name collision (LP: #2035971) + - [Packaging] Statically link libcpupower into cpupower tool + + * make lazy RCU a boot time option (LP: #2045492) + - SAUCE: rcu: Provide a boot time parameter to control lazy RCU + + * Build failure if run in a console (LP: #2044512) + - [Packaging] Fix kernel module compression failures + + * Turning COMPAT_32BIT_TIME off on arm64 (64k & derivatives) (LP: #2038582) + - [Config] y2038: Turn off COMPAT and COMPAT_32BIT_TIME on arm64 64k + + * Turning COMPAT_32BIT_TIME off on riscv64 (LP: #2038584) + - [Config] y2038: Disable COMPAT_32BIT_TIME on riscv64 + + * Turning COMPAT_32BIT_TIME off on ppc64el (LP: #2038587) + - [Config] y2038: Disable COMPAT and COMPAT_32BIT_TIME on ppc64le + + * [UBUNTU 23.04] Kernel config option missing for s390x PCI passthrough + (LP: #2042853) + - [Config] CONFIG_VFIO_PCI_ZDEV_KVM=y + + * back-out zstd module compression automatic for backports (LP: #2045593) + - [Packaging] make ZSTD module compression conditional + + * Miscellaneous Ubuntu changes + - [Packaging] Remove do_full_source variable + - [Packaging] Remove obsolete config handling + - [Packaging] Remove support for sub-flavors + - [Packaging] Remove old linux-libc-dev version hack + - [Packaging] Remove obsolete scripts + - [Packaging] Remove README.inclusion-list + - [Packaging] make $(stampdir)/stamp-build-perarch depend on build-arch + - [Packaging] Enable rootless builds + - [Packaging] Allow to run debian/rules without (fake)root + - [Packaging] remove unneeded trailing slash for INSTALL_MOD_PATH + - [Packaging] override KERNELRELEASE instead of KERNELVERSION + - [Config] update toolchain versions in annotations + - [Packaging] drop useless linux-doc + - [Packaging] scripts: Rewrite insert-ubuntu-changes in Python + - [Packaging] enable riscv64 builds + - [Packaging] remove the last sub-flavours bit + - [Packaging] check debian.env to determine do_libc_dev_package + - [Packaging] remove debian.*/variants + - [Packaging] remove do_libc_dev_package variable + - [Packaging] move linux-libc-dev.stub to debian/control.d/ + - [Packaging] Update check to build linux-libc-dev to the source package name + - [Packaging] rules: Remove startnewrelease target + - [Packaging] Remove debian/commit-templates + - [Config] update annotations after rebase to v6.7-rc4 + + [ Upstream Kernel Changes ] + + * Rebase to v6.7-rc4 + + -- Andrea Righi Mon, 11 Dec 2023 15:56:11 +0100 + +linux-unstable (6.7.0-2.2) noble; urgency=medium + + * noble/linux-unstable: 6.7.0-2.2 -proposed tracker (LP: #2045107) + + * Miscellaneous Ubuntu changes + - [Packaging] re-enable Rust + - [Config] enable Rust in annotations + - [Packaging] Remove do_enforce_all variable + - [Config] disable Softlogic 6x10 capture card driver on armhf + - [Packaging] disable Rust support + - [Config] update annotations after rebase to v6.7-rc3 + + [ Upstream Kernel Changes ] + + * Rebase to v6.7-rc3 + + -- Andrea Righi Wed, 29 Nov 2023 07:51:17 +0100 + +linux-unstable (6.7.0-1.1) noble; urgency=medium + + * noble/linux-unstable: 6.7.0-1.1 -proposed tracker (LP: #2044069) + + * Packaging resync (LP: #1786013) + - [Packaging] update annotations scripts + - [Packaging] update helper scripts + + * Miscellaneous Ubuntu changes + - [Config] update annotations after rebase to v6.7-rc2 + + [ Upstream Kernel Changes ] + + * Rebase to v6.7-rc2 + + -- Andrea Righi Tue, 21 Nov 2023 10:45:24 +0100 + +linux-unstable (6.7.0-0.0) noble; urgency=medium + + * Empty entry + + -- Andrea Righi Tue, 21 Nov 2023 07:26:46 +0100 + +linux-unstable (6.6.0-12.12) noble; urgency=medium + + * noble/linux-unstable: 6.6.0-12.12 -proposed tracker (LP: #2043664) + + * Miscellaneous Ubuntu changes + - [Packaging] temporarily disable zfs dkms + + -- Paolo Pisati Thu, 16 Nov 2023 10:20:26 +0100 + +linux-unstable (6.6.0-11.11) noble; urgency=medium + + * noble/linux-unstable: 6.6.0-11.11 -proposed tracker (LP: #2043480) + + * Packaging resync (LP: #1786013) + - [Packaging] resync git-ubuntu-log + - [Packaging] resync update-dkms-versions helper + - [Packaging] update variants + - debian/dkms-versions -- update from kernel-versions (main/d2023.11.14) + + * Miscellaneous Ubuntu changes + - [Packaging] move to Noble + - [Config] toolchain version update + + -- Paolo Pisati Wed, 15 Nov 2023 14:50:40 +0100 + +linux-unstable (6.6.0-10.10) noble; urgency=medium + + * mantic/linux-unstable: 6.6.0-10.10 -proposed tracker (LP: #2043088) + + * Bump arm64's CONFIG_NR_CPUS to 512 (LP: #2042897) + - [Config] Bump CONFIG_NR_CPUS to 512 for arm64 + + * Miscellaneous Ubuntu changes + - [Config] Include a note for the NR_CPUS setting on riscv64 + - SAUCE: apparmor4.0.0 [83/83]: Fix inode_init for changed prototype + + -- Paolo Pisati Thu, 09 Nov 2023 12:05:11 +0200 + +linux-unstable (6.6.0-9.9) mantic; urgency=medium + + * mantic/linux-unstable: 6.6.0-9.9 -proposed tracker (LP: #2041852) + + * Switch IMA default hash to sha256 (LP: #2041735) + - [Config] Switch IMA_DEFAULT_HASH from sha1 to sha256 + + * apparmor restricts read access of user namespace mediation sysctls to root + (LP: #2040194) + - SAUCE: apparmor4.0.0 [82/82]: apparmor: open userns related sysctl so lxc + can check if restriction are in place + + * AppArmor spams kernel log with assert when auditing (LP: #2040192) + - SAUCE: apparmor4.0.0 [81/82]: apparmor: fix request field from a prompt + reply that denies all access + + * apparmor notification files verification (LP: #2040250) + - SAUCE: apparmor4.0.0 [80/82]: apparmor: fix notification header size + + * apparmor oops when racing to retrieve a notification (LP: #2040245) + - SAUCE: apparmor4.0.0 [79/82]: apparmor: fix oops when racing to retrieve + notification + + * Disable restricting unprivileged change_profile by default, due to LXD + latest/stable not yet compatible with this new apparmor feature + (LP: #2038567) + - SAUCE: apparmor4.0.0 [78/82]: apparmor: Make + apparmor_restrict_unprivileged_unconfined opt-in + + * update apparmor and LSM stacking patch set (LP: #2028253) + - SAUCE: apparmor4.0.0 [01/82]: add/use fns to print hash string hex value + - SAUCE: apparmor4.0.0 [02/82]: rename SK_CTX() to aa_sock and make it an + inline fn + - SAUCE: apparmor4.0.0 [03/82]: patch to provide compatibility with v2.x net + rules + - SAUCE: apparmor4.0.0 [04/82]: add user namespace creation mediation + - SAUCE: apparmor4.0.0 [05/82]: Add sysctls for additional controls of unpriv + userns restrictions + - SAUCE: apparmor4.0.0 [06/82]: af_unix mediation + - SAUCE: apparmor4.0.0 [07/82]: Add fine grained mediation of posix mqueues + - SAUCE: apparmor4.0.0 [08/82]: Stacking v38: LSM: Identify modules by more + than name + - SAUCE: apparmor4.0.0 [09/82]: Stacking v38: LSM: Add an LSM identifier for + external use + - SAUCE: apparmor4.0.0 [10/82]: Stacking v38: LSM: Identify the process + attributes for each module + - SAUCE: apparmor4.0.0 [11/82]: Stacking v38: LSM: Maintain a table of LSM + attribute data + - SAUCE: apparmor4.0.0 [12/82]: Stacking v38: proc: Use lsmids instead of lsm + names for attrs + - SAUCE: apparmor4.0.0 [13/82]: Stacking v38: integrity: disassociate + ima_filter_rule from security_audit_rule + - SAUCE: apparmor4.0.0 [14/82]: Stacking v38: LSM: Infrastructure management + of the sock security + - SAUCE: apparmor4.0.0 [15/82]: Stacking v38: LSM: Add the lsmblob data + structure. + - SAUCE: apparmor4.0.0 [16/82]: Stacking v38: LSM: provide lsm name and id + slot mappings + - SAUCE: apparmor4.0.0 [17/82]: Stacking v38: IMA: avoid label collisions with + stacked LSMs + - SAUCE: apparmor4.0.0 [18/82]: Stacking v38: LSM: Use lsmblob in + security_audit_rule_match + - SAUCE: apparmor4.0.0 [19/82]: Stacking v38: LSM: Use lsmblob in + security_kernel_act_as + - SAUCE: apparmor4.0.0 [20/82]: Stacking v38: LSM: Use lsmblob in + security_secctx_to_secid + - SAUCE: apparmor4.0.0 [21/82]: Stacking v38: LSM: Use lsmblob in + security_secid_to_secctx + - SAUCE: apparmor4.0.0 [22/82]: Stacking v38: LSM: Use lsmblob in + security_ipc_getsecid + - SAUCE: apparmor4.0.0 [23/82]: Stacking v38: LSM: Use lsmblob in + security_current_getsecid + - SAUCE: apparmor4.0.0 [24/82]: Stacking v38: LSM: Use lsmblob in + security_inode_getsecid + - SAUCE: apparmor4.0.0 [25/82]: Stacking v38: LSM: Use lsmblob in + security_cred_getsecid + - SAUCE: apparmor4.0.0 [26/82]: Stacking v38: LSM: Specify which LSM to + display + - SAUCE: apparmor4.0.0 [28/82]: Stacking v38: LSM: Ensure the correct LSM + context releaser + - SAUCE: apparmor4.0.0 [29/82]: Stacking v38: LSM: Use lsmcontext in + security_secid_to_secctx + - SAUCE: apparmor4.0.0 [30/82]: Stacking v38: LSM: Use lsmcontext in + security_inode_getsecctx + - SAUCE: apparmor4.0.0 [31/82]: Stacking v38: Use lsmcontext in + security_dentry_init_security + - SAUCE: apparmor4.0.0 [32/82]: Stacking v38: LSM: security_secid_to_secctx in + netlink netfilter + - SAUCE: apparmor4.0.0 [33/82]: Stacking v38: NET: Store LSM netlabel data in + a lsmblob + - SAUCE: apparmor4.0.0 [34/82]: Stacking v38: binder: Pass LSM identifier for + confirmation + - SAUCE: apparmor4.0.0 [35/82]: Stacking v38: LSM: security_secid_to_secctx + module selection + - SAUCE: apparmor4.0.0 [36/82]: Stacking v38: Audit: Keep multiple LSM data in + audit_names + - SAUCE: apparmor4.0.0 [37/82]: Stacking v38: Audit: Create audit_stamp + structure + - SAUCE: apparmor4.0.0 [38/82]: Stacking v38: LSM: Add a function to report + multiple LSMs + - SAUCE: apparmor4.0.0 [39/82]: Stacking v38: Audit: Allow multiple records in + an audit_buffer + - SAUCE: apparmor4.0.0 [40/82]: Stacking v38: Audit: Add record for multiple + task security contexts + - SAUCE: apparmor4.0.0 [41/82]: Stacking v38: audit: multiple subject lsm + values for netlabel + - SAUCE: apparmor4.0.0 [42/82]: Stacking v38: Audit: Add record for multiple + object contexts + - SAUCE: apparmor4.0.0 [43/82]: Stacking v38: netlabel: Use a struct lsmblob + in audit data + - SAUCE: apparmor4.0.0 [44/82]: Stacking v38: LSM: Removed scaffolding + function lsmcontext_init + - SAUCE: apparmor4.0.0 [45/82]: Stacking v38: AppArmor: Remove the exclusive + flag + - SAUCE: apparmor4.0.0 [46/82]: combine common_audit_data and + apparmor_audit_data + - SAUCE: apparmor4.0.0 [47/82]: setup slab cache for audit data + - SAUCE: apparmor4.0.0 [48/82]: rename audit_data->label to + audit_data->subj_label + - SAUCE: apparmor4.0.0 [49/82]: pass cred through to audit info. + - SAUCE: apparmor4.0.0 [50/82]: Improve debug print infrastructure + - SAUCE: apparmor4.0.0 [51/82]: add the ability for profiles to have a + learning cache + - SAUCE: apparmor4.0.0 [52/82]: enable userspace upcall for mediation + - SAUCE: apparmor4.0.0 [53/82]: cache buffers on percpu list if there is lock + contention + - SAUCE: apparmor4.0.0 [54/82]: advertise availability of exended perms + - SAUCE: apparmor4.0.0 [56/82]: cleanup: provide separate audit messages for + file and policy checks + - SAUCE: apparmor4.0.0 [57/82]: prompt - lock down prompt interface + - SAUCE: apparmor4.0.0 [58/82]: prompt - ref count pdb + - SAUCE: apparmor4.0.0 [59/82]: prompt - allow controlling of caching of a + prompt response + - SAUCE: apparmor4.0.0 [60/82]: prompt - add refcount to audit_node in prep or + reuse and delete + - SAUCE: apparmor4.0.0 [61/82]: prompt - refactor to moving caching to + uresponse + - SAUCE: apparmor4.0.0 [62/82]: prompt - Improve debug statements + - SAUCE: apparmor4.0.0 [63/82]: prompt - fix caching + - SAUCE: apparmor4.0.0 [64/82]: prompt - rework build to use append fn, to + simplify adding strings + - SAUCE: apparmor4.0.0 [65/82]: prompt - refcount notifications + - SAUCE: apparmor4.0.0 [66/82]: prompt - add the ability to reply with a + profile name + - SAUCE: apparmor4.0.0 [67/82]: prompt - fix notification cache when updating + - SAUCE: apparmor4.0.0 [68/82]: prompt - add tailglob on name for cache + support + - SAUCE: apparmor4.0.0 [69/82]: prompt - allow profiles to set prompts as + interruptible + - SAUCE: apparmor4.0.0 [74/82]: advertise disconnected.path is available + - SAUCE: apparmor4.0.0 [75/82]: fix invalid reference on profile->disconnected + - SAUCE: apparmor4.0.0 [76/82]: add io_uring mediation + - SAUCE: apparmor4.0.0 [77/82]: apparmor: Fix regression in mount mediation + + * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe] + apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in mantic + (LP: #2032602) + - SAUCE: apparmor4.0.0 [70/82]: prompt - add support for advanced filtering of + notifications + - SAUCE: apparmor4.0.0 [71/82]: userns - add the ability to reference a global + variable for a feature value + - SAUCE: apparmor4.0.0 [72/82]: userns - make it so special unconfined + profiles can mediate user namespaces + - SAUCE: apparmor4.0.0 [73/82]: userns - allow restricting unprivileged + change_profile + + * LSM stacking and AppArmor for 6.2: additional fixes (LP: #2017903) // update + apparmor and LSM stacking patch set (LP: #2028253) + - SAUCE: apparmor4.0.0 [55/82]: fix profile verification and enable it + + * udev fails to make prctl() syscall with apparmor=0 (as used by maas by + default) (LP: #2016908) // update apparmor and LSM stacking patch set + (LP: #2028253) + - SAUCE: apparmor4.0.0 [27/82]: Stacking v38: Fix prctl() syscall with + apparmor=0 + + * Miscellaneous Ubuntu changes + - [Config] SECURITY_APPARMOR_RESTRICT_USERNS=y + + -- Paolo Pisati Fri, 03 Nov 2023 11:59:12 +0100 + +linux-unstable (6.6.0-8.8) mantic; urgency=medium + + * mantic/linux-unstable: 6.6.0-8.8 -proposed tracker (LP: #2040243) + + * Miscellaneous Ubuntu changes + - abi: gc reference to phy-rtk-usb2/phy-rtk-usb3 + + -- Paolo Pisati Tue, 24 Oct 2023 10:55:34 +0200 + +linux-unstable (6.6.0-7.7) mantic; urgency=medium + + * mantic/linux-unstable: 6.6.0-7.7 -proposed tracker (LP: #2040147) + + * test_021_aslr_dapper_libs from ubuntu_qrt_kernel_security failed on K-5.19 / + J-OEM-6.1 / J-6.2 AMD64 (LP: #1983357) + - [Config]: set ARCH_MMAP_RND_{COMPAT_, }BITS to the maximum + + * Miscellaneous Ubuntu changes + - [Config] updateconfigs following v6.6-rc7 rebase + + -- Paolo Pisati Mon, 23 Oct 2023 11:51:14 +0200 + +linux-unstable (6.6.0-6.6) mantic; urgency=medium + + * mantic/linux-unstable: 6.6.0-6.6 -proposed tracker (LP: #2039780) + + * Miscellaneous Ubuntu changes + - rebase on v6.6-rc6 + - [Config] updateconfigs following v6.6-rc6 rebase + + [ Upstream Kernel Changes ] + + * Rebase to v6.6-rc6 + + -- Paolo Pisati Thu, 19 Oct 2023 12:09:16 +0200 + +linux-unstable (6.6.0-5.5) mantic; urgency=medium + + * mantic/linux-unstable: 6.6.0-5.5 -proposed tracker (LP: #2038899) + + * Miscellaneous Ubuntu changes + - rebase on v6.6-rc5 + - [Config] updateconfigs following v6.6-rc5 rebase + + [ Upstream Kernel Changes ] + + * Rebase to v6.6-rc5 + + -- Paolo Pisati Tue, 10 Oct 2023 11:18:41 +0200 + +linux-unstable (6.6.0-4.4) mantic; urgency=medium + + * mantic/linux-unstable: 6.6.0-4.4 -proposed tracker (LP: #2038423) + + * Miscellaneous Ubuntu changes + - rebase on v6.6-rc4 + + [ Upstream Kernel Changes ] + + * Rebase to v6.6-rc4 + + -- Paolo Pisati Wed, 04 Oct 2023 11:16:25 +0200 + +linux-unstable (6.6.0-3.3) mantic; urgency=medium + + * mantic/linux-unstable: 6.6.0-3.3 -proposed tracker (LP: #2037622) + + * Miscellaneous Ubuntu changes + - [Config] updateconfigs following v6.6-rc3 rebase + + * Miscellaneous upstream changes + - Revert "UBUNTU: SAUCE: enforce rust availability only on x86_64" + - arm64: rust: Enable Rust support for AArch64 + - arm64: rust: Enable PAC support for Rust. + - arm64: Restrict Rust support to little endian only. + + -- Paolo Pisati Thu, 28 Sep 2023 10:45:38 +0200 + +linux-unstable (6.6.0-2.2) mantic; urgency=medium + + * Miscellaneous upstream changes + - UBUBNTU: [Config] build all COMEDI drivers as modules + + -- Paolo Pisati Mon, 18 Sep 2023 14:42:56 +0200 + +linux-unstable (6.6.0-1.1) mantic; urgency=medium + + * Miscellaneous Ubuntu changes + - [Packaging] move linux to linux-unstable + - [Packaging] rebase on v6.6-rc1 + - [Config] updateconfigs following v6.6-rc1 rebase + - [packaging] skip ABI, modules and retpoline checks + - update dropped.txt + - [Config] SHIFT_FS FTBFS with Linux 6.6, disable it + - [Config] DELL_UART_BACKLIGHT FTBFS with Linux 6.6, disable it + - [Packaging] debian/dkms-versions: temporarily disable dkms + - [Packaging] temporarily disable signing for s390x + + [ Upstream Kernel Changes ] + + * Rebase to v6.6-rc1 + + -- Paolo Pisati Fri, 15 Sep 2023 14:42:18 +0200 + +linux-unstable (6.6.0-0.0) mantic; urgency=medium + + * Empty entry + + -- Paolo Pisati Thu, 14 Sep 2023 15:03:19 +0200 + +linux (6.5.0-5.5) mantic; urgency=medium + + * mantic/linux: 6.5.0-5.5 -proposed tracker (LP: #2034546) + + * Packaging resync (LP: #1786013) + - [Packaging] update helper scripts + - debian/dkms-versions -- update from kernel-versions (main/d2023.08.23) + + +linux (6.5.0-4.4) mantic; urgency=medium + + * mantic/linux: 6.5.0-4.4 -proposed tracker (LP: #2034042) + + * Packaging resync (LP: #1786013) + - debian/dkms-versions -- update from kernel-versions (main/d2023.08.23) + + -- Andrea Righi Mon, 04 Sep 2023 16:55:44 +0200 + +linux (6.5.0-3.3) mantic; urgency=medium + + * mantic/linux: 6.5.0-3.3 -proposed tracker (LP: #2033904) + + * Packaging resync (LP: #1786013) + - debian/dkms-versions -- update from kernel-versions (main/d2023.08.23) + + * [23.10] Please test secure-boot and lockdown on the early 6.5 kernel (s390x) + (LP: #2026833) + - [Packaging] re-enable signing for s390x + + * Miscellaneous upstream changes + - module/decompress: use vmalloc() for zstd decompression workspace + + -- Andrea Righi Fri, 01 Sep 2023 16:15:33 +0200 + +linux (6.5.0-2.2) mantic; urgency=medium + + * mantic/linux: 6.5.0-2.2 -proposed tracker (LP: #2033240) + + * Soundwire support for Dell SKU0C87 devices (LP: #2029281) + - SAUCE: ASoC: Intel: soc-acpi: add support for Dell SKU0C87 devices + + * Fix numerous AER related issues (LP: #2033025) + - SAUCE: PCI/AER: Disable AER service during suspend, again + - SAUCE: PCI/DPC: Disable DPC service during suspend, again + + * Support Realtek RTL8852CE WiFi 6E/BT Combo (LP: #2025672) + - wifi: rtw89: debug: Fix error handling in rtw89_debug_priv_btc_manual_set() + - Bluetooth: btrtl: Load FW v2 otherwise FW v1 for RTL8852C + + [ Upstream Kernel Changes ] + + * Rebase to v6.5 + + -- Andrea Righi Mon, 28 Aug 2023 08:53:19 +0200 + +linux (6.5.0-1.1) mantic; urgency=medium + + * mantic/linux: 6.5.0-1.1 -proposed tracker (LP: #2032750) + + * Packaging resync (LP: #1786013) + - [Packaging] resync update-dkms-versions helper + - [Packaging] update variants + - debian/dkms-versions -- update from kernel-versions (main/d2023.07.26) + + * ceph: support idmapped mounts (LP: #2032959) + - SAUCE: libceph: add spinlock around osd->o_requests + - SAUCE: libceph: define struct ceph_sparse_extent and add some helpers + - SAUCE: libceph: new sparse_read op, support sparse reads on msgr2 crc + codepath + - SAUCE: libceph: support sparse reads on msgr2 secure codepath + - SAUCE: libceph: add sparse read support to msgr1 + - SAUCE: libceph: add sparse read support to OSD client + - SAUCE: ceph: add new mount option to enable sparse reads + - SAUCE: ceph: preallocate inode for ops that may create one + - SAUCE: ceph: make ceph_msdc_build_path use ref-walk + - SAUCE: libceph: add new iov_iter-based ceph_msg_data_type and + ceph_osd_data_type + - SAUCE: ceph: use osd_req_op_extent_osd_iter for netfs reads + - SAUCE: ceph: fscrypt_auth handling for ceph + - SAUCE: ceph: implement -o test_dummy_encryption mount option + - SAUCE: ceph: add fscrypt ioctls and ceph.fscrypt.auth vxattr + - SAUCE: ceph: make ioctl cmds more readable in debug log + - SAUCE: ceph: add base64 endcoding routines for encrypted names + - SAUCE: ceph: encode encrypted name in ceph_mdsc_build_path and dentry + release + - SAUCE: ceph: send alternate_name in MClientRequest + - SAUCE: ceph: decode alternate_name in lease info + - SAUCE: ceph: set DCACHE_NOKEY_NAME flag in ceph_lookup/atomic_open() + - SAUCE: ceph: make d_revalidate call fscrypt revalidator for encrypted + dentries + - SAUCE: ceph: add helpers for converting names for userland presentation + - SAUCE: ceph: make ceph_fill_trace and ceph_get_name decrypt names + - SAUCE: ceph: pass the request to parse_reply_info_readdir() + - SAUCE: ceph: add support to readdir for encrypted names + - SAUCE: ceph: create symlinks with encrypted and base64-encoded targets + - SAUCE: ceph: add some fscrypt guardrails + - SAUCE: ceph: allow encrypting a directory while not having Ax caps + - SAUCE: ceph: mark directory as non-complete after loading key + - SAUCE: ceph: size handling in MClientRequest, cap updates and inode traces + - SAUCE: ceph: handle fscrypt fields in cap messages from MDS + - SAUCE: ceph: add infrastructure for file encryption and decryption + - SAUCE: libceph: add CEPH_OSD_OP_ASSERT_VER support + - SAUCE: libceph: allow ceph_osdc_new_request to accept a multi-op read + - SAUCE: ceph: add object version support for sync read + - SAUCE: ceph: add truncate size handling support for fscrypt + - SAUCE: ceph: don't use special DIO path for encrypted inodes + - SAUCE: ceph: align data in pages in ceph_sync_write + - SAUCE: ceph: add read/modify/write to ceph_sync_write + - SAUCE: ceph: add encryption support to writepage and writepages + - SAUCE: ceph: plumb in decryption during reads + - SAUCE: ceph: invalidate pages when doing direct/sync writes + - SAUCE: ceph: add support for encrypted snapshot names + - SAUCE: ceph: prevent snapshot creation in encrypted locked directories + - SAUCE: ceph: update documentation regarding snapshot naming limitations + - SAUCE: ceph: drop messages from MDS when unmounting + - SAUCE: ceph: wait for OSD requests' callbacks to finish when unmounting + - SAUCE: ceph: fix updating i_truncate_pagecache_size for fscrypt + - SAUCE: ceph: switch ceph_lookup/atomic_open() to use new fscrypt helper + - SAUCE: libceph: do not include crypto/algapi.h + - SAUCE: rbd: bump RBD_MAX_PARENT_CHAIN_LEN to 128 + - SAUCE: ceph: dump info about cap flushes when we're waiting too long for + them + - SAUCE: mm: BUG if filemap_alloc_folio gives us a folio with a non-NULL + ->private + - SAUCE: ceph: make sure all the files successfully put before unmounting + - SAUCE: ceph: BUG if MDS changed truncate_seq with client caps still + outstanding + - SAUCE: ceph: add the *_client debug macros support + - SAUCE: ceph: pass the mdsc to several helpers + - SAUCE: ceph: rename _to_client() to _to_fs_client() + - SAUCE: ceph: move mdsmap.h to fs/ceph/ + - SAUCE: ceph: add ceph_inode_to_client() helper support + - SAUCE: ceph: print the client global_id in all the debug logs + - SAUCE: ceph: make the members in struct ceph_mds_request_args_ext an union + - SAUCE: ceph: make num_fwd and num_retry to __u32 + - SAUCE: fs: export mnt_idmap_get/mnt_idmap_put + - SAUCE: ceph: stash idmapping in mdsc request + - SAUCE: ceph: handle idmapped mounts in create_request_message() + - SAUCE: ceph: add enable_unsafe_idmap module parameter + - SAUCE: ceph: pass an idmapping to mknod/symlink/mkdir + - SAUCE: ceph: allow idmapped getattr inode op + - SAUCE: ceph: allow idmapped permission inode op + - SAUCE: ceph: pass idmap to __ceph_setattr + - SAUCE: ceph: allow idmapped setattr inode op + - SAUCE: ceph/acl: allow idmapped set_acl inode op + - SAUCE: ceph/file: allow idmapped atomic_open inode op + - SAUCE: ceph: allow idmapped mounts + + * Got soft lockup CPU if dell_uart_backlight is probed (LP: #2032174) + - SAUCE: platform/x86: dell-uart-backlight: replace chars_in_buffer() with + flush_chars() + + * Fix ACPI TAD on some Intel based systems (LP: #2032767) + - ACPI: TAD: Install SystemCMOS address space handler for ACPI000E + + * Fix unreliable ethernet cable detection on I219 NIC (LP: #2028122) + - e1000e: Use PME poll to circumvent unreliable ACPI wake + + * Fix panel brightness issues on HP laptops (LP: #2032704) + - ACPI: video: Put ACPI video and its child devices into D0 on boot + + * FATAL:credentials.cc(127)] Check failed: . : Permission denied (13) + (LP: #2017980) + - [Config] disable CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS + + * Support initrdless boot on default qemu virt models and openstack + (LP: #2030745) + - [Config] set VIRTIO_BLK=y for default qemu/openstack boot + + * Miscellaneous Ubuntu changes + - [Packaging] rust: use Rust 1.68.2 + - [Packaging] depend on clang/libclang-15 for Rust + - [Config] update toolchain versions in annotations + - [Config] update annotations after rebase to v6.5-rc6 + - [Config] update toolchain version in annotations + - [Packaging] temporarily disable Rust support + - [Packaging] temporarily disable signing for ppc64el + - [Packaging] temporarily disable signing for s390x + + -- Andrea Righi Thu, 24 Aug 2023 17:47:10 +0200 + +linux (6.5.0-0.0) mantic; urgency=medium + + * Empty entry + + -- Andrea Righi Wed, 23 Aug 2023 08:14:48 +0200 + +linux-unstable (6.5.0-4.4) mantic; urgency=medium + + * mantic/linux-unstable: 6.5.0-4.4 -proposed tracker (LP: #2029086) + + * Miscellaneous Ubuntu changes + - [Packaging] Add .NOTPARALLEL + - [Packaging] Remove meaningless $(header_arch) + - [Packaging] Fix File exists error in install-arch-headers + - [Packaging] clean debian/linux-* directories + - [Packaging] remove hmake + - [Packaging] install headers to debian/linux-libc-dev directly + - [Config] define CONFIG options for arm64 instead of arm64-generic + - [Config] update annotations after rebase to v6.5-rc4 + - [Packaging] temporarily disable Rust support + + [ Upstream Kernel Changes ] + + * Rebase to v6.5-rc4 + + -- Andrea Righi Mon, 31 Jul 2023 08:41:59 +0200 + +linux-unstable (6.5.0-3.3) mantic; urgency=medium + + * mantic/linux-unstable: 6.5.0-3.3 -proposed tracker (LP: #2028779) + + * enable Rust support in the kernel (LP: #2007654) + - SAUCE: rust: support rustc-1.69.0 + - [Packaging] depend on rustc-1.69.0 + + * Packaging resync (LP: #1786013) + - [Packaging] resync update-dkms-versions helper + - [Packaging] resync getabis + + * Fix UBSAN in Intel EDAC driver (LP: #2028746) + - EDAC/i10nm: Skip the absent memory controllers + + * Ship kernel modules Zstd compressed (LP: #2028568) + - SAUCE: Support but do not require compressed modules + - [Config] Enable support for ZSTD compressed modules + - [Packaging] ZSTD compress modules + + * update apparmor and LSM stacking patch set (LP: #2028253) + - SAUCE: apparmor3.2.0 [02/60]: rename SK_CTX() to aa_sock and make it an + inline fn + - SAUCE: apparmor3.2.0 [05/60]: Add sysctls for additional controls of unpriv + userns restrictions + - SAUCE: apparmor3.2.0 [08/60]: Stacking v38: LSM: Identify modules by more + than name + - SAUCE: apparmor3.2.0 [09/60]: Stacking v38: LSM: Add an LSM identifier for + external use + - SAUCE: apparmor3.2.0 [10/60]: Stacking v38: LSM: Identify the process + attributes for each module + - SAUCE: apparmor3.2.0 [11/60]: Stacking v38: LSM: Maintain a table of LSM + attribute data + - SAUCE: apparmor3.2.0 [12/60]: Stacking v38: proc: Use lsmids instead of lsm + names for attrs + - SAUCE: apparmor3.2.0 [13/60]: Stacking v38: integrity: disassociate + ima_filter_rule from security_audit_rule + - SAUCE: apparmor3.2.0 [14/60]: Stacking v38: LSM: Infrastructure management + of the sock security + - SAUCE: apparmor3.2.0 [15/60]: Stacking v38: LSM: Add the lsmblob data + structure. + - SAUCE: apparmor3.2.0 [16/60]: Stacking v38: LSM: provide lsm name and id + slot mappings + - SAUCE: apparmor3.2.0 [17/60]: Stacking v38: IMA: avoid label collisions with + stacked LSMs + - SAUCE: apparmor3.2.0 [18/60]: Stacking v38: LSM: Use lsmblob in + security_audit_rule_match + - SAUCE: apparmor3.2.0 [19/60]: Stacking v38: LSM: Use lsmblob in + security_kernel_act_as + - SAUCE: apparmor3.2.0 [20/60]: Stacking v38: LSM: Use lsmblob in + security_secctx_to_secid + - SAUCE: apparmor3.2.0 [21/60]: Stacking v38: LSM: Use lsmblob in + security_secid_to_secctx + - SAUCE: apparmor3.2.0 [22/60]: Stacking v38: LSM: Use lsmblob in + security_ipc_getsecid + - SAUCE: apparmor3.2.0 [23/60]: Stacking v38: LSM: Use lsmblob in + security_current_getsecid + - SAUCE: apparmor3.2.0 [24/60]: Stacking v38: LSM: Use lsmblob in + security_inode_getsecid + - SAUCE: apparmor3.2.0 [25/60]: Stacking v38: LSM: Use lsmblob in + security_cred_getsecid + - SAUCE: apparmor3.2.0 [26/60]: Stacking v38: LSM: Specify which LSM to + display + - SAUCE: apparmor3.2.0 [28/60]: Stacking v38: LSM: Ensure the correct LSM + context releaser + - SAUCE: apparmor3.2.0 [29/60]: Stacking v38: LSM: Use lsmcontext in + security_secid_to_secctx + - SAUCE: apparmor3.2.0 [30/60]: Stacking v38: LSM: Use lsmcontext in + security_inode_getsecctx + - SAUCE: apparmor3.2.0 [31/60]: Stacking v38: Use lsmcontext in + security_dentry_init_security + - SAUCE: apparmor3.2.0 [32/60]: Stacking v38: LSM: security_secid_to_secctx in + netlink netfilter + - SAUCE: apparmor3.2.0 [33/60]: Stacking v38: NET: Store LSM netlabel data in + a lsmblob + - SAUCE: apparmor3.2.0 [34/60]: Stacking v38: binder: Pass LSM identifier for + confirmation + - SAUCE: apparmor3.2.0 [35/60]: Stacking v38: LSM: security_secid_to_secctx + module selection + - SAUCE: apparmor3.2.0 [36/60]: Stacking v38: Audit: Keep multiple LSM data in + audit_names + - SAUCE: apparmor3.2.0 [37/60]: Stacking v38: Audit: Create audit_stamp + structure + - SAUCE: apparmor3.2.0 [38/60]: Stacking v38: LSM: Add a function to report + multiple LSMs + - SAUCE: apparmor3.2.0 [39/60]: Stacking v38: Audit: Allow multiple records in + an audit_buffer + - SAUCE: apparmor3.2.0 [40/60]: Stacking v38: Audit: Add record for multiple + task security contexts + - SAUCE: apparmor3.2.0 [41/60]: Stacking v38: audit: multiple subject lsm + values for netlabel + - SAUCE: apparmor3.2.0 [42/60]: Stacking v38: Audit: Add record for multiple + object contexts + - SAUCE: apparmor3.2.0 [43/60]: Stacking v38: netlabel: Use a struct lsmblob + in audit data + - SAUCE: apparmor3.2.0 [44/60]: Stacking v38: LSM: Removed scaffolding + function lsmcontext_init + - SAUCE: apparmor3.2.0 [45/60]: Stacking v38: AppArmor: Remove the exclusive + flag + - SAUCE: apparmor3.2.0 [46/60]: combine common_audit_data and + apparmor_audit_data + - SAUCE: apparmor3.2.0 [47/60]: setup slab cache for audit data + - SAUCE: apparmor3.2.0 [48/60]: rename audit_data->label to + audit_data->subj_label + - SAUCE: apparmor3.2.0 [49/60]: pass cred through to audit info. + - SAUCE: apparmor3.2.0 [50/60]: Improve debug print infrastructure + - SAUCE: apparmor3.2.0 [51/60]: add the ability for profiles to have a + learning cache + - SAUCE: apparmor3.2.0 [52/60]: enable userspace upcall for mediation + - SAUCE: apparmor3.2.0 [53/60]: cache buffers on percpu list if there is lock + contention + - SAUCE: apparmor3.2.0 [55/60]: advertise availability of exended perms + - SAUCE: apparmor3.2.0 [60/60]: [Config] enable + CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS + + * LSM stacking and AppArmor for 6.2: additional fixes (LP: #2017903) // update + apparmor and LSM stacking patch set (LP: #2028253) + - SAUCE: apparmor3.2.0 [57/60]: fix profile verification and enable it + + * udev fails to make prctl() syscall with apparmor=0 (as used by maas by + default) (LP: #2016908) // update apparmor and LSM stacking patch set + (LP: #2028253) + - SAUCE: apparmor3.2.0 [27/60]: Stacking v38: Fix prctl() syscall with + apparmor=0 + + * kinetic: apply new apparmor and LSM stacking patch set (LP: #1989983) // + update apparmor and LSM stacking patch set (LP: #2028253) + - SAUCE: apparmor3.2.0 [01/60]: add/use fns to print hash string hex value + - SAUCE: apparmor3.2.0 [03/60]: patch to provide compatibility with v2.x net + rules + - SAUCE: apparmor3.2.0 [04/60]: add user namespace creation mediation + - SAUCE: apparmor3.2.0 [06/60]: af_unix mediation + - SAUCE: apparmor3.2.0 [07/60]: Add fine grained mediation of posix mqueues + + * Miscellaneous Ubuntu changes + - [Packaging] Use consistent llvm/clang for rust + + [ Upstream Kernel Changes ] + + * Rebase to v6.5-rc3 + + -- Andrea Righi Fri, 28 Jul 2023 07:44:20 +0200 + +linux-unstable (6.5.0-2.2) mantic; urgency=medium + + * mantic/linux-unstable: 6.5.0-2.2 -proposed tracker (LP: #2027953) + + * Remove non-LPAE kernel flavor (LP: #2025265) + - [Packaging] Rename armhf generic-lpae flavor to generic + + * Please enable Renesas RZ platform serial installer (LP: #2022361) + - [Config] enable hihope RZ/G2M serial console + + * Miscellaneous Ubuntu changes + - [Packaging] snap: Remove old configs handling + - [Packaging] checks/final-checks: Remove old configs handling + - [Packaging] checks/final-checks: check existance of Makefile first + - [Packaging] checks/final-checks: Fix shellcheck issues + - [Packaging] add libstdc++-dev to the build dependencies + - [Config] update annotations after rebase to v6.5-rc2 + + * Miscellaneous upstream changes + - kbuild: rust: avoid creating temporary files + - rust: fix bindgen build error with UBSAN_BOUNDS_STRICT + + [ Upstream Kernel Changes ] + + * Rebase to v6.5-rc2 + + -- Andrea Righi Tue, 18 Jul 2023 10:14:14 +0200 + +linux-unstable (6.5.0-1.1) mantic; urgency=medium + + * mantic/linux-unstable: 6.5.0-1.1 -proposed tracker (LP: #2026689) + + * CVE-2023-31248 + - netfilter: nf_tables: do not ignore genmask when looking up chain by id + + * CVE-2023-35001 + - netfilter: nf_tables: prevent OOB access in nft_byteorder_eval + + * HDMI output with More than one child device for port B in VBT error + (LP: #2025195) + - SAUCE: drm/i915/quirks: Add multiple VBT quirk for HP ZBook Power G10 + + * CVE-2023-2640 // CVE-2023-32629 + - SAUCE: overlayfs: default to userxattr when mounted from non initial user + namespace + + * Packaging resync (LP: #1786013) + - [Packaging] resync update-dkms-versions helper + + * enable Rust support in the kernel (LP: #2007654) + - SAUCE: btf, scripts: rust: drop is_rust_module.sh + - [Packaging] add rust dependencies + + * CVE-2023-2612 + - SAUCE: shiftfs: prevent lock unbalance in shiftfs_create_object() + + * Miscellaneous Ubuntu changes + - SAUCE: shiftfs: support linux 6.5 + - [Config] update annotations after rebase to v6.5-rc1 + - [Config] temporarily disable Rust + + [ Upstream Kernel Changes ] + + * Rebase to v6.5-rc1 + + -- Andrea Righi Mon, 10 Jul 2023 09:15:26 +0200 + +linux-unstable (6.5.0-0.0) mantic; urgency=medium + + * Empty entry + + -- Andrea Righi Wed, 05 Jul 2023 12:48:39 +0200 + +linux-unstable (6.4.0-8.8) mantic; urgency=medium + + * mantic/linux-unstable: 6.4.0-8.8 -proposed tracker (LP: #2025018) + + * Miscellaneous Ubuntu changes + - [Config] update toolchain version (gcc) in annotations + + [ Upstream Kernel Changes ] + + * Rebase to v6.4 + + -- Andrea Righi Mon, 26 Jun 2023 09:14:02 +0200 + +linux-unstable (6.4.0-7.7) mantic; urgency=medium + + * mantic/linux-unstable: 6.4.0-7.7 -proposed tracker (LP: #2024338) + + [ Upstream Kernel Changes ] + + * Rebase to v6.4-rc7 + + -- Andrea Righi Mon, 19 Jun 2023 08:51:27 +0200 + +linux-unstable (6.4.0-6.6) mantic; urgency=medium + + * mantic/linux-unstable: 6.4.0-6.6 -proposed tracker (LP: #2023966) + + * Packaging resync (LP: #1786013) + - [Packaging] update annotations scripts + + * enable multi-gen LRU by default (LP: #2023629) + - [Config] enable multi-gen LRU by default + + * Fix Monitor lost after replug WD19TBS to SUT port with VGA/DVI to type-C + dongle (LP: #2021949) + - thunderbolt: Do not touch CL state configuration during discovery + - thunderbolt: Increase DisplayPort Connection Manager handshake timeout + + * Neuter signing tarballs (LP: #2012776) + - [Packaging] remove the signing tarball support + + * Enable Tracing Configs for OSNOISE and TIMERLAT (LP: #2018591) + - [Config] Enable OSNOISE_TRACER and TIMERLAT_TRACER configs + + * Miscellaneous Ubuntu changes + - [Config] Add CONFIG_AS_HAS_NON_CONST_LEB128 on riscv64 + - [Packaging] introduce do_lib_rust and enable it only on generic amd64 + - [Config] update annotations after rebase to v6.4-rc6 + + [ Upstream Kernel Changes ] + + * Rebase to v6.4-rc6 + + -- Andrea Righi Thu, 15 Jun 2023 20:11:07 +0200 + +linux-unstable (6.4.0-5.5) mantic; urgency=medium + + * mantic/linux-unstable: 6.4.0-5.5 -proposed tracker (LP: #2022886) + + * Miscellaneous Ubuntu changes + - [Packaging] update getabis to support linux-unstable + - UBUNTU [Config]: disable hibernation on riscv64 + + [ Upstream Kernel Changes ] + + * Rebase to v6.4-rc5 + + -- Andrea Righi Tue, 06 Jun 2023 08:18:01 +0200 + +linux-unstable (6.4.0-4.4) mantic; urgency=medium + + * mantic/linux-unstable: 6.4.0-4.4 -proposed tracker (LP: #2021597) + + * Miscellaneous Ubuntu changes + - [Config] udpate annotations after rebase to v6.4-rc4 + + -- Andrea Righi Tue, 30 May 2023 11:55:41 +0200 + +linux-unstable (6.4.0-3.3) mantic; urgency=medium + + * mantic/linux-unstable: 6.4.0-3.3 -proposed tracker (LP: #2021497) + + * Packaging resync (LP: #1786013) + - [Packaging] resync git-ubuntu-log + - [Packaging] resync getabis + + * support python < 3.9 with annotations (LP: #2020531) + - [Packaging] kconfig/annotations.py: support older way of merging dicts + + * generate linux-lib-rust only on amd64 (LP: #2020356) + - [Packaging] generate linux-lib-rust only on amd64 + + * Miscellaneous Ubuntu changes + - [Packaging] annotations: never drop configs that have notes different than + the parent + - [Config] drop CONFIG_SMBFS_COMMON from annotations + - [Packaging] perf: build without libtraceevent + + [ Upstream Kernel Changes ] + + * Rebase to v6.4-rc4 + + -- Andrea Righi Tue, 30 May 2023 08:38:10 +0200 + +linux-unstable (6.4.0-2.2) mantic; urgency=medium + + * mantic/linux-unstable: 6.4.0-2.2 -proposed tracker (LP: #2020330) + + * Computer with Intel Atom CPU will not boot with Kernel 6.2.0-20 + (LP: #2017444) + - [Config]: Disable CONFIG_INTEL_ATOMISP + + * Fix NVME storage with RAID ON disappeared under Dell factory WINPE + environment (LP: #2011768) + - SAUCE: PCI: vmd: Reset VMD config register between soft reboots + + * Miscellaneous Ubuntu changes + - [Packaging] Drop support of old config handling + - [Config] update annotations after rebase to v6.4-rc3 + + [ Upstream Kernel Changes ] + + * Rebase to v6.4-rc3 + + -- Andrea Righi Mon, 22 May 2023 11:22:14 +0200 + +linux-unstable (6.4.0-1.1) mantic; urgency=medium + + * mantic/linux-unstable: 6.4.0-1.1 -proposed tracker (LP: #2019965) + + * Packaging resync (LP: #1786013) + - [Packaging] update variants + - [Packaging] update helper scripts + + * Kernel 6.1 bumped the disk consumption on default images by 15% + (LP: #2015867) + - [Packaging] introduce a separate linux-lib-rust package + + * Miscellaneous Ubuntu changes + - [Config] enable CONFIG_BLK_DEV_UBLK on amd64 + - [Packaging] annotations: use python3 in the shebang + - SAUCE: blk-throttle: Fix io statistics for cgroup v1 + - [Packaging] move to v6.4 and rename to linux-unstable + - [Config] update annotations after rebase to v6.4-rc1 + - [Packaging] temporarily disable perf + - [Packaging] temporarily disable bpftool + - [Config] ppc64el: reduce CONFIG_ARCH_FORCE_MAX_ORDER from 9 to 8 + - SAUCE: perf: explicitly disable libtraceevent + + [ Upstream Kernel Changes ] + + * Rebase to v6.4-rc2 + + -- Andrea Righi Thu, 18 May 2023 07:34:09 +0200 + +linux-unstable (6.4.0-0.0) mantic; urgency=medium + + * Empty entry + + -- Andrea Righi Wed, 17 May 2023 15:29:25 +0200 + +linux-unstable (6.3.0-2.2) lunar; urgency=medium + + * lunar/linux-unstable: 6.3.0-2.2 -proposed tracker (LP: #2017788) + + * Miscellaneous Ubuntu changes + - [Packaging] move python3-dev to build-depends + + -- Andrea Righi Wed, 26 Apr 2023 21:52:12 +0200 + +linux-unstable (6.3.0-1.1) lunar; urgency=medium + + * lunar/linux-unstable: 6.3.0-1.1 -proposed tracker (LP: #2017776) + + * RFC: virtio and virtio-scsi should be built in (LP: #1685291) + - [Config] Mark CONFIG_SCSI_VIRTIO built-in + + * Debian autoreconstruct Fix restoration of execute permissions (LP: #2015498) + - [Debian] autoreconstruct - fix restoration of execute permissions + + * [SRU][Jammy] CONFIG_PCI_MESON is not enabled (LP: #2007745) + - [Config] arm64: Enable PCI_MESON module + + * vmd may fail to create sysfs entry while `pci_rescan_bus()` called in some + other drivers like wwan (LP: #2011389) + - SAUCE: PCI: vmd: guard device addition and removal + + * Lunar update: v6.2.9 upstream stable release (LP: #2016877) + - [Config] ppc64: updateconfigs following v6.2.9 stable updates + + * Lunar update: v6.2.8 upstream stable release (LP: #2016876) + - [Config] ppc64: updateconfigs following v6.2.8 stable updates + + * Miscellaneous Ubuntu changes + - [Packaging] Move final-checks script to debian/scripts/checks + - [Packaging] checks/final-checks: Honor 'do_skip_checks' + - [Packaging] Drop wireguard DKMS + - [Packaging] Remove update-version-dkms + - [Packaging] debian/rules: Add DKMS info to 'printenv' output + - [Packaging] ignore KBUILD_VERBOSE in arch-has-odm-enabled.sh + - SAUCE: shiftfs: support linux 6.3 + - [Packaging] move to v6.3 and rename to linux-unstable + - [Config] latency-related optimizations + - [Config] update annotations after rebase to v6.3 + - [Packaging] temporarily disable dkms + + [ Upstream Kernel Changes ] + + * Rebase to v6.3 + + -- Andrea Righi Wed, 26 Apr 2023 14:53:52 +0200 + +linux-unstable (6.3.0-0.0) lunar; urgency=medium + + * Empty entry + + -- Andrea Righi Tue, 25 Apr 2023 10:24:12 +0200 + +linux (6.2.0-21.21) lunar; urgency=medium + + * lunar/linux: 6.2.0-21.21 -proposed tracker (LP: #2016249) + + * efivarfs:efivarfs.sh in ubuntu_kernel_selftests crash L-6.2 ARM64 node + dazzle (rcu_preempt detected stalls) (LP: #2015741) + - efi/libstub: smbios: Use length member instead of record struct size + - arm64: efi: Use SMBIOS processor version to key off Ampere quirk + - efi/libstub: smbios: Drop unused 'recsize' parameter + + * Miscellaneous Ubuntu changes + - SAUCE: selftests/bpf: ignore pointer types check with clang + - SAUCE: selftests/bpf: avoid conflicting data types in profiler.inc.h + - [Packaging] get rid of unnecessary artifacts in linux-headers + + * Miscellaneous upstream changes + - Revert "UBUNTU: SAUCE: Revert "efi: random: refresh non-volatile random seed + when RNG is initialized"" + - Revert "UBUNTU: SAUCE: Revert "efi: random: fix NULL-deref when refreshing + seed"" + + -- Andrea Righi Fri, 14 Apr 2023 12:11:49 +0200 + +linux (6.2.0-20.20) lunar; urgency=medium + + * lunar/linux: 6.2.0-20.20 -proposed tracker (LP: #2015429) + + * Packaging resync (LP: #1786013) + - debian/dkms-versions -- update from kernel-versions (main/master) + + * FTBFS with different dkms or when makeflags are set (LP: #2015361) + - [Packaging] FTBFS with different dkms or when makeflags are set + + * expoline.o is packaged unconditionally for s390x (LP: #2013209) + - [Packaging] Copy expoline.o only when produced by the build + + * net:l2tp.sh failure with lunar:linux 6.2 (LP: #2013014) + - SAUCE: l2tp: generate correct module alias strings + + * Miscellaneous Ubuntu changes + - [Packaging] annotations: prevent duplicate include lines + + -- Andrea Righi Thu, 06 Apr 2023 08:33:14 +0200 + +linux (6.2.0-19.19) lunar; urgency=medium + + * lunar/linux: 6.2.0-19.19 -proposed tracker (LP: #2012488) + + * Neuter signing tarballs (LP: #2012776) + - [Packaging] neuter the signing tarball + + * LSM stacking and AppArmor refresh for 6.2 kernel (LP: #2012136) + - Revert "UBUNTU: [Config] define CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS" + - Revert "UBUNTU: SAUCE: apparmor: add user namespace creation mediation" + - Revert "UBUNTU: SAUCE: apparmor: Add fine grained mediation of posix + mqueues" + - Revert "UBUNTU: SAUCE: Revert "apparmor: make __aa_path_perm() static"" + - Revert "UBUNTU: SAUCE: LSM: Specify which LSM to display (using struct cred + as input)" + - Revert "UBUNTU: SAUCE: apparmor: Fix build error, make sk parameter const" + - Revert "UBUNTU: SAUCE: LSM: Use lsmblob in smk_netlbl_mls()" + - Revert "UBUNTU: SAUCE: LSM: change ima_read_file() to use lsmblob" + - Revert "UBUNTU: SAUCE: apparmor: rename kzfree() to kfree_sensitive()" + - Revert "UBUNTU: SAUCE: AppArmor: Remove the exclusive flag" + - Revert "UBUNTU: SAUCE: LSM: Add /proc attr entry for full LSM context" + - Revert "UBUNTU: SAUCE: Audit: Fix incorrect static inline function + declration." + - Revert "UBUNTU: SAUCE: Audit: Fix for missing NULL check" + - Revert "UBUNTU: SAUCE: Audit: Add a new record for multiple object LSM + attributes" + - Revert "UBUNTU: SAUCE: Audit: Add new record for multiple process LSM + attributes" + - Revert "UBUNTU: SAUCE: NET: Store LSM netlabel data in a lsmblob" + - Revert "UBUNTU: SAUCE: LSM: security_secid_to_secctx in netlink netfilter" + - Revert "UBUNTU: SAUCE: LSM: Use lsmcontext in security_inode_getsecctx" + - Revert "UBUNTU: SAUCE: LSM: Use lsmcontext in security_secid_to_secctx" + - Revert "UBUNTU: SAUCE: LSM: Ensure the correct LSM context releaser" + - Revert "UBUNTU: SAUCE: LSM: Specify which LSM to display" + - Revert "UBUNTU: SAUCE: IMA: Change internal interfaces to use lsmblobs" + - Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_cred_getsecid" + - Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_inode_getsecid" + - Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_task_getsecid" + - Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_ipc_getsecid" + - Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_secid_to_secctx" + - Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_secctx_to_secid" + - Revert "UBUNTU: SAUCE: net: Prepare UDS for security module stacking" + - Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_kernel_act_as" + - Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_audit_rule_match" + - Revert "UBUNTU: SAUCE: LSM: Create and manage the lsmblob data structure." + - Revert "UBUNTU: SAUCE: LSM: Infrastructure management of the sock security" + - Revert "UBUNTU: SAUCE: apparmor: LSM stacking: switch from SK_CTX() to + aa_sock()" + - Revert "UBUNTU: SAUCE: apparmor: rename aa_sock() to aa_unix_sk()" + - Revert "UBUNTU: SAUCE: apparmor: disable showing the mode as part of a secid + to secctx" + - Revert "UBUNTU: SAUCE: apparmor: fix use after free in sk_peer_label" + - Revert "UBUNTU: SAUCE: apparmor: af_unix mediation" + - Revert "UBUNTU: SAUCE: apparmor: patch to provide compatibility with v2.x + net rules" + - Revert "UBUNTU: SAUCE: apparmor: add/use fns to print hash string hex value" + - SAUCE: apparmor: rename SK_CTX() to aa_sock and make it an inline fn + - SAUCE: apparmor: Add sysctls for additional controls of unpriv userns + restrictions + - SAUCE: Stacking v38: LSM: Identify modules by more than name + - SAUCE: Stacking v38: LSM: Add an LSM identifier for external use + - SAUCE: Stacking v38: LSM: Identify the process attributes for each module + - SAUCE: Stacking v38: LSM: Maintain a table of LSM attribute data + - SAUCE: Stacking v38: proc: Use lsmids instead of lsm names for attrs + - SAUCE: Stacking v38: integrity: disassociate ima_filter_rule from + security_audit_rule + - SAUCE: Stacking v38: LSM: Infrastructure management of the sock security + - SAUCE: Stacking v38: LSM: Add the lsmblob data structure. + - SAUCE: Stacking v38: LSM: provide lsm name and id slot mappings + - SAUCE: Stacking v38: IMA: avoid label collisions with stacked LSMs + - SAUCE: Stacking v38: LSM: Use lsmblob in security_audit_rule_match + - SAUCE: Stacking v38: LSM: Use lsmblob in security_kernel_act_as + - SAUCE: Stacking v38: LSM: Use lsmblob in security_secctx_to_secid + - SAUCE: Stacking v38: LSM: Use lsmblob in security_secid_to_secctx + - SAUCE: Stacking v38: LSM: Use lsmblob in security_ipc_getsecid + - SAUCE: Stacking v38: LSM: Use lsmblob in security_current_getsecid + - SAUCE: Stacking v38: LSM: Use lsmblob in security_inode_getsecid + - SAUCE: Stacking v38: LSM: Use lsmblob in security_cred_getsecid + - SAUCE: Stacking v38: LSM: Specify which LSM to display + - SAUCE: Stacking v38: LSM: Ensure the correct LSM context releaser + - SAUCE: Stacking v38: LSM: Use lsmcontext in security_secid_to_secctx + - SAUCE: Stacking v38: LSM: Use lsmcontext in security_inode_getsecctx + - SAUCE: Stacking v38: Use lsmcontext in security_dentry_init_security + - SAUCE: Stacking v38: LSM: security_secid_to_secctx in netlink netfilter + - SAUCE: Stacking v38: NET: Store LSM netlabel data in a lsmblob + - SAUCE: Stacking v38: binder: Pass LSM identifier for confirmation + - SAUCE: Stacking v38: LSM: security_secid_to_secctx module selection + - SAUCE: Stacking v38: Audit: Keep multiple LSM data in audit_names + - SAUCE: Stacking v38: Audit: Create audit_stamp structure + - SAUCE: Stacking v38: LSM: Add a function to report multiple LSMs + - SAUCE: Stacking v38: Audit: Allow multiple records in an audit_buffer + - SAUCE: Stacking v38: Audit: Add record for multiple task security contexts + - SAUCE: Stacking v38: audit: multiple subject lsm values for netlabel + - SAUCE: Stacking v38: Audit: Add record for multiple object contexts + - SAUCE: Stacking v38: netlabel: Use a struct lsmblob in audit data + - SAUCE: Stacking v38: LSM: Removed scaffolding function lsmcontext_init + - SAUCE: Stacking v38: AppArmor: Remove the exclusive flag + - SAUCE: apparmor: combine common_audit_data and apparmor_audit_data + - SAUCE: apparmor: setup slab cache for audit data + - SAUCE: apparmor: rename audit_data->label to audit_data->subj_label + - SAUCE: apparmor: pass cred through to audit info. + - SAUCE: apparmor: Improve debug print infrastructure + - SAUCE: apparmor: add the ability for profiles to have a learning cache + - SAUCE: apparmor: enable userspace upcall for mediation + - SAUCE: apparmor: cache buffers on percpu list if there is lock contention + - SAUCE: apparmor: fix policy_compat permission remap with extended + permissions + - SAUCE: apparmor: advertise availability of exended perms + - [Config] define CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS + + * kinetic: apply new apparmor and LSM stacking patch set (LP: #1989983) // LSM + stacking and AppArmor refresh for 6.2 kernel (LP: #2012136) + - SAUCE: apparmor: add/use fns to print hash string hex value + - SAUCE: apparmor: patch to provide compatibility with v2.x net rules + - SAUCE: apparmor: add user namespace creation mediation + - SAUCE: apparmor: af_unix mediation + - SAUCE: apparmor: Add fine grained mediation of posix mqueues + + * devlink_port_split from ubuntu_kernel_selftests.net fails on hirsute + (KeyError: 'flavour') (LP: #1937133) + - selftests: net: devlink_port_split.py: skip test if no suitable device + available + + * NFS deathlock with last Kernel 5.4.0-144.161 and 5.15.0-67.74 (LP: #2009325) + - NFS: Correct timing for assigning access cache timestamp + + -- Andrea Righi Sat, 25 Mar 2023 07:37:30 +0100 + +linux (6.2.0-18.18) lunar; urgency=medium + + * lunar/linux: 6.2.0-18.18 -proposed tracker (LP: #2011750) + + * lunar/linux 6.2 fails to boot on arm64 (LP: #2011748) + - SAUCE: Revert "efi: random: fix NULL-deref when refreshing seed" + - SAUCE: Revert "efi: random: refresh non-volatile random seed when RNG is + initialized" + + -- Andrea Righi Wed, 15 Mar 2023 23:54:18 +0100 + +linux (6.2.0-17.17) lunar; urgency=medium + + * lunar/linux: 6.2.0-17.17 -proposed tracker (LP: #2011593) + + * lunar/linux 6.2 fails to boot on ppc64el (LP: #2011413) + - SAUCE: Revert "powerpc: remove STACK_FRAME_OVERHEAD" + - SAUCE: Revert "powerpc/pseries: hvcall stack frame overhead" + + * Speaker / Audio/Mic mute LED don't work on a HP platform (LP: #2011379) + - SAUCE: ALSA: hda/realtek: fix speaker, mute/micmute LEDs not work on a HP + platform + + * Some QHD panels fail to refresh when PSR2 enabled (LP: #2009014) + - SAUCE: drm/i915/psr: Use calculated io and fast wake lines + + * Lunar update: v6.2.6 upstream stable release (LP: #2011431) + - tpm: disable hwrng for fTPM on some AMD designs + - wifi: cfg80211: Partial revert "wifi: cfg80211: Fix use after free for wext" + - staging: rtl8192e: Remove function ..dm_check_ac_dc_power calling a script + - staging: rtl8192e: Remove call_usermodehelper starting RadioPower.sh + - Linux 6.2.6 + + * Lunar update: v6.2.5 upstream stable release (LP: #2011430) + - net/sched: Retire tcindex classifier + - auxdisplay: hd44780: Fix potential memory leak in hd44780_remove() + - fs/jfs: fix shift exponent db_agl2size negative + - driver: soc: xilinx: fix memory leak in xlnx_add_cb_for_notify_event() + - f2fs: don't rely on F2FS_MAP_* in f2fs_iomap_begin + - f2fs: fix to avoid potential deadlock + - objtool: Fix memory leak in create_static_call_sections() + - soc: mediatek: mtk-pm-domains: Allow mt8186 ADSP default power on + - soc: qcom: socinfo: Fix soc_id order + - memory: renesas-rpc-if: Split-off private data from struct rpcif + - memory: renesas-rpc-if: Move resource acquisition to .probe() + - soc: mediatek: mtk-svs: Enable the IRQ later + - pwm: sifive: Always let the first pwm_apply_state succeed + - pwm: stm32-lp: fix the check on arr and cmp registers update + - f2fs: introduce trace_f2fs_replace_atomic_write_block + - f2fs: clear atomic_write_task in f2fs_abort_atomic_write() + - soc: mediatek: mtk-svs: restore default voltages when svs_init02() fail + - soc: mediatek: mtk-svs: reset svs when svs_resume() fail + - soc: mediatek: mtk-svs: Use pm_runtime_resume_and_get() in svs_init01() + - f2fs: fix to do sanity check on extent cache correctly + - fs: f2fs: initialize fsdata in pagecache_write() + - f2fs: allow set compression option of files without blocks + - f2fs: fix to abort atomic write only during do_exist() + - um: vector: Fix memory leak in vector_config + - ubi: ensure that VID header offset + VID header size <= alloc, size + - ubifs: Fix build errors as symbol undefined + - ubifs: Fix memory leak in ubifs_sysfs_init() + - ubifs: Rectify space budget for ubifs_symlink() if symlink is encrypted + - ubifs: Rectify space budget for ubifs_xrename() + - ubifs: Fix wrong dirty space budget for dirty inode + - ubifs: do_rename: Fix wrong space budget when target inode's nlink > 1 + - ubifs: Reserve one leb for each journal head while doing budget + - ubi: Fix use-after-free when volume resizing failed + - ubi: Fix unreferenced object reported by kmemleak in ubi_resize_volume() + - ubifs: Fix memory leak in alloc_wbufs() + - ubi: Fix possible null-ptr-deref in ubi_free_volume() + - ubifs: Re-statistic cleaned znode count if commit failed + - ubifs: dirty_cow_znode: Fix memleak in error handling path + - ubifs: ubifs_writepage: Mark page dirty after writing inode failed + - ubifs: ubifs_releasepage: Remove ubifs_assert(0) to valid this process + - ubi: fastmap: Fix missed fm_anchor PEB in wear-leveling after disabling + fastmap + - ubi: Fix UAF wear-leveling entry in eraseblk_count_seq_show() + - ubi: ubi_wl_put_peb: Fix infinite loop when wear-leveling work failed + - f2fs: fix to handle F2FS_IOC_START_ATOMIC_REPLACE in f2fs_compat_ioctl() + - f2fs: fix to avoid potential memory corruption in __update_iostat_latency() + - f2fs: fix to update age extent correctly during truncation + - f2fs: fix to update age extent in f2fs_do_zero_range() + - soc: qcom: stats: Populate all subsystem debugfs files + - f2fs: introduce IS_F2FS_IPU_* macro + - f2fs: fix to set ipu policy + - ext4: use ext4_fc_tl_mem in fast-commit replay path + - ext4: don't show commit interval if it is zero + - netfilter: nf_tables: allow to fetch set elements when table has an owner + - x86: um: vdso: Add '%rcx' and '%r11' to the syscall clobber list + - um: virtio_uml: free command if adding to virtqueue failed + - um: virtio_uml: mark device as unregistered when breaking it + - um: virtio_uml: move device breaking into workqueue + - um: virt-pci: properly remove PCI device from bus + - f2fs: synchronize atomic write aborts + - watchdog: rzg2l_wdt: Issue a reset before we put the PM clocks + - watchdog: rzg2l_wdt: Handle TYPE-B reset for RZ/V2M + - watchdog: at91sam9_wdt: use devm_request_irq to avoid missing free_irq() in + error path + - watchdog: Fix kmemleak in watchdog_cdev_register + - watchdog: pcwd_usb: Fix attempting to access uninitialized memory + - watchdog: sbsa_wdog: Make sure the timeout programming is within the limits + - netfilter: ctnetlink: fix possible refcount leak in + ctnetlink_create_conntrack() + - netfilter: conntrack: fix rmmod double-free race + - netfilter: ip6t_rpfilter: Fix regression with VRF interfaces + - netfilter: ebtables: fix table blob use-after-free + - netfilter: xt_length: use skb len to match in length_mt6 + - netfilter: ctnetlink: make event listener tracking global + - netfilter: x_tables: fix percpu counter block leak on error path when + creating new netns + - swiotlb: mark swiotlb_memblock_alloc() as __init + - ptp: vclock: use mutex to fix "sleep on atomic" bug + - drm/i915: move a Kconfig symbol to unbreak the menu presentation + - ipv6: Add lwtunnel encap size of all siblings in nexthop calculation + - drm/i915/xelpmp: Consider GSI offset when doing MCR lookups + - octeontx2-pf: Recalculate UDP checksum for ptp 1-step sync packet + - net: sunhme: Fix region request + - sctp: add a refcnt in sctp_stream_priorities to avoid a nested loop + - octeontx2-pf: Use correct struct reference in test condition + - net: fix __dev_kfree_skb_any() vs drop monitor + - 9p/xen: fix version parsing + - 9p/xen: fix connection sequence + - 9p/rdma: unmap receive dma buffer in rdma_request()/post_recv() + - spi: tegra210-quad: Fix validate combined sequence + - mlx5: fix skb leak while fifo resync and push + - mlx5: fix possible ptp queue fifo use-after-free + - net/mlx5: ECPF, wait for VF pages only after disabling host PFs + - net/mlx5e: Verify flow_source cap before using it + - net/mlx5: Geneve, Fix handling of Geneve object id as error code + - ext4: fix incorrect options show of original mount_opt and extend mount_opt2 + - nfc: fix memory leak of se_io context in nfc_genl_se_io + - net/sched: transition act_pedit to rcu and percpu stats + - net/sched: act_pedit: fix action bind logic + - net/sched: act_mpls: fix action bind logic + - net/sched: act_sample: fix action bind logic + - net: dsa: seville: ignore mscc-miim read errors from Lynx PCS + - net: dsa: felix: fix internal MDIO controller resource length + - ARM: dts: aspeed: p10bmc: Update battery node name + - ARM: dts: spear320-hmi: correct STMPE GPIO compatible + - tcp: tcp_check_req() can be called from process context + - vc_screen: modify vcs_size() handling in vcs_read() + - spi: tegra210-quad: Fix iterator outside loop + - rtc: sun6i: Always export the internal oscillator + - genirq/ipi: Fix NULL pointer deref in irq_data_get_affinity_mask() + - scsi: ipr: Work around fortify-string warning + - scsi: mpi3mr: Fix an issue found by KASAN + - scsi: mpi3mr: Use number of bits to manage bitmap sizes + - rtc: allow rtc_read_alarm without read_alarm callback + - io_uring: fix size calculation when registering buf ring + - loop: loop_set_status_from_info() check before assignment + - ASoC: adau7118: don't disable regulators on device unbind + - ASoC: apple: mca: Fix final status read on SERDES reset + - ASoC: apple: mca: Fix SERDES reset sequence + - ASoC: apple: mca: Improve handling of unavailable DMA channels + - nvme: bring back auto-removal of deleted namespaces during sequential scan + - nvme-tcp: don't access released socket during error recovery + - nvme-fabrics: show well known discovery name + - ASoC: zl38060 add gpiolib dependency + - ASoC: mediatek: mt8195: add missing initialization + - thermal: intel: quark_dts: fix error pointer dereference + - thermal: intel: BXT_PMIC: select REGMAP instead of depending on it + - cpufreq: apple-soc: Fix an IS_ERR() vs NULL check + - tracing: Add NULL checks for buffer in ring_buffer_free_read_page() + - kernel/printk/index.c: fix memory leak with using debugfs_lookup() + - firmware/efi sysfb_efi: Add quirk for Lenovo IdeaPad Duet 3 + - bootconfig: Increase max nodes of bootconfig from 1024 to 8192 for DCC + support + - mfd: arizona: Use pm_runtime_resume_and_get() to prevent refcnt leak + - IB/hfi1: Update RMT size calculation + - iommu: Remove deferred attach check from __iommu_detach_device() + - PCI/ACPI: Account for _S0W of the target bridge in acpi_pci_bridge_d3() + - media: uvcvideo: Remove format descriptions + - media: uvcvideo: Handle cameras with invalid descriptors + - media: uvcvideo: Handle errors from calls to usb_string + - media: uvcvideo: Quirk for autosuspend in Logitech B910 and C910 + - media: uvcvideo: Silence memcpy() run-time false positive warnings + - USB: fix memory leak with using debugfs_lookup() + - cacheinfo: Fix shared_cpu_map to handle shared caches at different levels + - usb: fotg210: List different variants + - dt-bindings: usb: Add device id for Genesys Logic hub controller + - staging: emxx_udc: Add checks for dma_alloc_coherent() + - tty: fix out-of-bounds access in tty_driver_lookup_tty() + - tty: serial: fsl_lpuart: disable the CTS when send break signal + - serial: sc16is7xx: setup GPIO controller later in probe + - mei: bus-fixup:upon error print return values of send and receive + - tools/iio/iio_utils:fix memory leak + - bus: mhi: ep: Fix the debug message for MHI_PKT_TYPE_RESET_CHAN_CMD cmd + - iio: accel: mma9551_core: Prevent uninitialized variable in + mma9551_read_status_word() + - iio: accel: mma9551_core: Prevent uninitialized variable in + mma9551_read_config_word() + - media: uvcvideo: Add GUID for BGRA/X 8:8:8:8 + - soundwire: bus_type: Avoid lockdep assert in sdw_drv_probe() + - PCI/portdrv: Prevent LS7A Bus Master clearing on shutdown + - PCI: loongson: Prevent LS7A MRRS increases + - staging: pi433: fix memory leak with using debugfs_lookup() + - USB: dwc3: fix memory leak with using debugfs_lookup() + - USB: chipidea: fix memory leak with using debugfs_lookup() + - USB: ULPI: fix memory leak with using debugfs_lookup() + - USB: uhci: fix memory leak with using debugfs_lookup() + - USB: sl811: fix memory leak with using debugfs_lookup() + - USB: fotg210: fix memory leak with using debugfs_lookup() + - USB: isp116x: fix memory leak with using debugfs_lookup() + - USB: isp1362: fix memory leak with using debugfs_lookup() + - USB: gadget: gr_udc: fix memory leak with using debugfs_lookup() + - USB: gadget: bcm63xx_udc: fix memory leak with using debugfs_lookup() + - USB: gadget: lpc32xx_udc: fix memory leak with using debugfs_lookup() + - USB: gadget: pxa25x_udc: fix memory leak with using debugfs_lookup() + - USB: gadget: pxa27x_udc: fix memory leak with using debugfs_lookup() + - usb: host: xhci: mvebu: Iterate over array indexes instead of using pointer + math + - USB: ene_usb6250: Allocate enough memory for full object + - usb: uvc: Enumerate valid values for color matching + - usb: gadget: uvc: Make bSourceID read/write + - PCI: Align extra resources for hotplug bridges properly + - PCI: Take other bus devices into account when distributing resources + - PCI: Distribute available resources for root buses, too + - tty: pcn_uart: fix memory leak with using debugfs_lookup() + - misc: vmw_balloon: fix memory leak with using debugfs_lookup() + - drivers: base: component: fix memory leak with using debugfs_lookup() + - drivers: base: dd: fix memory leak with using debugfs_lookup() + - kernel/fail_function: fix memory leak with using debugfs_lookup() + - PCI: loongson: Add more devices that need MRRS quirk + - PCI: Add ACS quirk for Wangxun NICs + - PCI: pciehp: Add Qualcomm quirk for Command Completed erratum + - phy: rockchip-typec: Fix unsigned comparison with less than zero + - RDMA/cma: Distinguish between sockaddr_in and sockaddr_in6 by size + - soundwire: cadence: Remove wasted space in response_buf + - soundwire: cadence: Drain the RX FIFO after an IO timeout + - eth: fealnx: bring back this old driver + - net: tls: avoid hanging tasks on the tx_lock + - x86/resctl: fix scheduler confusion with 'current' + - vDPA/ifcvf: decouple hw features manipulators from the adapter + - vDPA/ifcvf: decouple config space ops from the adapter + - vDPA/ifcvf: alloc the mgmt_dev before the adapter + - vDPA/ifcvf: decouple vq IRQ releasers from the adapter + - vDPA/ifcvf: decouple config IRQ releaser from the adapter + - vDPA/ifcvf: decouple vq irq requester from the adapter + - vDPA/ifcvf: decouple config/dev IRQ requester and vectors allocator from the + adapter + - vDPA/ifcvf: ifcvf_request_irq works on ifcvf_hw + - vDPA/ifcvf: manage ifcvf_hw in the mgmt_dev + - vDPA/ifcvf: allocate the adapter in dev_add() + - drm/display/dp_mst: Add drm_atomic_get_old_mst_topology_state() + - drm/display/dp_mst: Fix down/up message handling after sink disconnect + - drm/display/dp_mst: Fix down message handling after a packet reception error + - drm/display/dp_mst: Fix payload addition on a disconnected sink + - drm/i915/dp_mst: Add the MST topology state for modesetted CRTCs + - drm/display/dp_mst: Handle old/new payload states in drm_dp_remove_payload() + - drm/i915/dp_mst: Fix payload removal during output disabling + - drm/i915: Fix system suspend without fbdev being initialized + - media: uvcvideo: Fix race condition with usb_kill_urb + - arm64: efi: Make efi_rt_lock a raw_spinlock + - usb: gadget: uvc: fix missing mutex_unlock() if kstrtou8() fails + - Linux 6.2.5 + + * Lunar update: v6.2.4 upstream stable release (LP: #2011428) + - Revert "blk-cgroup: synchronize pd_free_fn() from blkg_free_workfn() and + blkcg_deactivate_policy()" + - Revert "blk-cgroup: dropping parent refcount after pd_free_fn() is done" + - Linux 6.2.4 + + * Lunar update: v6.2.3 upstream stable release (LP: #2011425) + - HID: asus: use spinlock to protect concurrent accesses + - HID: asus: use spinlock to safely schedule workers + - iommu/amd: Fix error handling for pdev_pri_ats_enable() + - iommu/amd: Skip attach device domain is same as new domain + - iommu/amd: Improve page fault error reporting + - iommu: Attach device group to old domain in error path + - powerpc/mm: Rearrange if-else block to avoid clang warning + - ata: ahci: Revert "ata: ahci: Add Tiger Lake UP{3,4} AHCI controller" + - ARM: OMAP2+: Fix memory leak in realtime_counter_init() + - arm64: dts: qcom: qcs404: use symbol names for PCIe resets + - arm64: dts: qcom: msm8996-tone: Fix USB taking 6 minutes to wake up + - arm64: dts: qcom: sm6115: Fix UFS node + - arm64: dts: qcom: sm6115: Provide xo clk to rpmcc + - arm64: dts: qcom: sm8150-kumano: Panel framebuffer is 2.5k instead of 4k + - arm64: dts: qcom: pmi8950: Correct rev_1250v channel label to mv + - arm64: dts: qcom: sm6350: Fix up the ramoops node + - arm64: dts: qcom: sdm670-google-sargo: keep pm660 ldo8 on + - arm64: dts: qcom: Re-enable resin on MSM8998 and SDM845 boards + - arm64: dts: qcom: sm8350-sagami: Configure SLG51000 PMIC on PDX215 + - arm64: dts: qcom: sm8350-sagami: Add GPIO line names for PMIC GPIOs + - arm64: dts: qcom: sm8350-sagami: Rectify GPIO keys + - arm64: dts: qcom: sm6350-lena: Flatten gpio-keys pinctrl state + - arm64: dts: qcom: sm6125: Reorder HSUSB PHY clocks to match bindings + - arm64: dts: qcom: sm6125-seine: Clean up gpio-keys (volume down) + - arm64: dts: imx8m: Align SoC unique ID node unit address + - ARM: zynq: Fix refcount leak in zynq_early_slcr_init + - fs: dlm: fix return value check in dlm_memory_init() + - arm64: dts: mediatek: mt8195: Add power domain to U3PHY1 T-PHY + - arm64: dts: mediatek: mt8183: Fix systimer 13 MHz clock description + - arm64: dts: mediatek: mt8192: Fix systimer 13 MHz clock description + - arm64: dts: mediatek: mt8195: Fix systimer 13 MHz clock description + - arm64: dts: mediatek: mt8186: Fix systimer 13 MHz clock description + - arm64: dts: qcom: sdm845-db845c: fix audio codec interrupt pin name + - arm64: dts: qcom: sdm845-xiaomi-beryllium: fix audio codec interrupt pin + name + - x86/acpi/boot: Do not register processors that cannot be onlined for x2APIC + - arm64: dts: qcom: sc7180: correct SPMI bus address cells + - arm64: dts: qcom: sc7280: correct SPMI bus address cells + - arm64: dts: qcom: sc8280xp: correct SPMI bus address cells + - arm64: dts: qcom: sm8450: correct Soundwire wakeup interrupt name + - arm64: dts: qcom: sdm845: make DP node follow the schema + - arm64: dts: qcom: msm8996-oneplus-common: drop vdda-supply from DSI PHY + - arm64: dts: qcom: sc8280xp: Vote for CX in USB controllers + - arm64: dts: meson-gxl: jethub-j80: Fix WiFi MAC address node + - arm64: dts: meson-gxl: jethub-j80: Fix Bluetooth MAC node name + - arm64: dts: meson-axg: jethub-j1xx: Fix MAC address node names + - arm64: dts: meson-gx: Fix Ethernet MAC address unit name + - arm64: dts: meson-g12a: Fix internal Ethernet PHY unit name + - arm64: dts: meson-gx: Fix the SCPI DVFS node name and unit address + - cpuidle, intel_idle: Fix CPUIDLE_FLAG_IRQ_ENABLE *again* + - arm64: dts: ti: k3-am62-main: Fix clocks for McSPI + - arm64: tegra: Fix duplicate regulator on Jetson TX1 + - arm64: dts: qcom: msm8992-bullhead: Fix cont_splash_mem size + - arm64: dts: qcom: msm8992-bullhead: Disable dfps_data_mem + - arm64: dts: qcom: msm8956: use SoC-specific compat for tsens + - arm64: dts: qcom: ipq8074: correct USB3 QMP PHY-s clock output names + - arm64: dts: qcom: ipq8074: fix Gen2 PCIe QMP PHY + - arm64: dts: qcom: ipq8074: fix Gen3 PCIe QMP PHY + - arm64: dts: qcom: ipq8074: correct Gen2 PCIe ranges + - arm64: dts: qcom: ipq8074: fix Gen3 PCIe node + - arm64: dts: qcom: ipq8074: correct PCIe QMP PHY output clock names + - arm64: dts: meson: remove CPU opps below 1GHz for G12A boards + - ARM: OMAP1: call platform_device_put() in error case in + omap1_dm_timer_init() + - arm64: dts: mediatek: mt8192: Mark scp_adsp clock as broken + - ARM: bcm2835_defconfig: Enable the framebuffer + - ARM: s3c: fix s3c64xx_set_timer_source prototype + - arm64: dts: ti: k3-j7200: Fix wakeup pinmux range + - ARM: dts: exynos: correct wr-active property in Exynos3250 Rinato + - ARM: imx: Call ida_simple_remove() for ida_simple_get + - arm64: dts: amlogic: meson-gx: fix SCPI clock dvfs node name + - arm64: dts: amlogic: meson-axg: fix SCPI clock dvfs node name + - arm64: dts: amlogic: meson-gx: add missing SCPI sensors compatible + - arm64: dts: amlogic: meson-axg-jethome-jethub-j1xx: fix supply name of USB + controller node + - arm64: dts: amlogic: meson-gxl-s905d-sml5442tw: drop invalid clock-names + property + - arm64: dts: amlogic: meson-gx: add missing unit address to rng node name + - arm64: dts: amlogic: meson-gxl-s905w-jethome-jethub-j80: fix invalid rtc + node name + - arm64: dts: amlogic: meson-axg-jethome-jethub-j1xx: fix invalid rtc node + name + - arm64: dts: amlogic: meson-gxl: add missing unit address to eth-phy-mux node + name + - arm64: dts: amlogic: meson-gx-libretech-pc: fix update button name + - arm64: dts: amlogic: meson-sm1-bananapi-m5: fix adc keys node names + - arm64: dts: amlogic: meson-gxl-s905d-phicomm-n1: fix led node name + - arm64: dts: amlogic: meson-gxbb-kii-pro: fix led node name + - arm64: dts: amlogic: meson-g12b-odroid-go-ultra: fix rk818 pmic properties + - arm64: dts: amlogic: meson-sm1-odroid-hc4: fix active fan thermal trip + - locking/rwsem: Disable preemption in all down_read*() and up_read() code + paths + - arm64: tegra: Mark host1x as dma-coherent on Tegra194/234 + - arm64: dts: renesas: beacon-renesom: Fix gpio expander reference + - arm64: dts: meson: radxa-zero: allow usb otg mode + - arm64: dts: meson: bananapi-m5: switch VDDIO_C pin to OPEN_DRAIN + - ARM: dts: sun8i: nanopi-duo2: Fix regulator GPIO reference + - ublk_drv: remove nr_aborted_queues from ublk_device + - ublk_drv: don't probe partitions if the ubq daemon isn't trusted + - ARM: dts: imx7s: correct iomuxc gpr mux controller cells + - sbitmap: remove redundant check in __sbitmap_queue_get_batch + - sbitmap: correct wake_batch recalculation to avoid potential IO hung + - arm64: dts: mt8195: Fix CPU map for single-cluster SoC + - arm64: dts: mt8192: Fix CPU map for single-cluster SoC + - arm64: dts: mt8186: Fix CPU map for single-cluster SoC + - arm64: dts: mediatek: mt7622: Add missing pwm-cells to pwm node + - arm64: dts: mediatek: mt8186: Fix watchdog compatible + - arm64: dts: mediatek: mt8195: Fix watchdog compatible + - arm64: dts: mediatek: mt7986: Fix watchdog compatible + - ARM: dts: stm32: Update part number NVMEM description on stm32mp131 + - arm64: dts: qcom: sm8450-nagara: Correct firmware paths + - blk-mq: avoid sleep in blk_mq_alloc_request_hctx + - blk-mq: remove stale comment for blk_mq_sched_mark_restart_hctx + - blk-mq: wait on correct sbitmap_queue in blk_mq_mark_tag_wait + - blk-mq: Fix potential io hung for shared sbitmap per tagset + - blk-mq: correct stale comment of .get_budget + - arm64: dts: qcom: msm8996: support using GPLL0 as kryocc input + - arm64: dts: qcom: msm8996 switch from RPM_SMD_BB_CLK1 to RPM_SMD_XO_CLK_SRC + - arm64: dts: qcom: sm8350: drop incorrect cells from serial + - arm64: dts: qcom: sm8450: drop incorrect cells from serial + - arm64: dts: qcom: msm8992-lg-bullhead: Correct memory overlaps with the SMEM + and MPSS memory regions + - arm64: dts: qcom: msm8953: correct TLMM gpio-ranges + - arm64: dts: qcom: sm6115: correct TLMM gpio-ranges + - arm64: dts: qcom: msm8992-lg-bullhead: Enable regulators + - s390/dasd: Fix potential memleak in dasd_eckd_init() + - io_uring,audit: don't log IORING_OP_MADVISE + - sched/rt: pick_next_rt_entity(): check list_entry + - perf/x86/intel/ds: Fix the conversion from TSC to perf time + - x86/perf/zhaoxin: Add stepping check for ZXC + - KEYS: asymmetric: Fix ECDSA use via keyctl uapi + - block: ublk: check IO buffer based on flag need_get_data + - arm64: dts: qcom: pmk8350: Use the correct PON compatible + - erofs: relinquish volume with mutex held + - block: sync mixed merged request's failfast with 1st bio's + - block: Fix io statistics for cgroup in throttle path + - block: bio-integrity: Copy flags when bio_integrity_payload is cloned + - block: use proper return value from bio_failfast() + - wifi: mt76: mt7915: add missing of_node_put() + - wifi: mt76: mt7921s: fix slab-out-of-bounds access in sdio host + - wifi: mt76: mt7915: fix mt7915_rate_txpower_get() resource leaks + - wifi: mt76: mt7996: fix insecure data handling of mt7996_mcu_ie_countdown() + - wifi: mt76: mt7996: fix insecure data handling of + mt7996_mcu_rx_radar_detected() + - wifi: mt76: mt7996: fix integer handling issue of mt7996_rf_regval_set() + - wifi: mt76: mt7915: check return value before accessing free_block_num + - wifi: mt76: mt7996: check return value before accessing free_block_num + - wifi: mt76: mt7915: drop always true condition of __mt7915_reg_addr() + - wifi: mt76: mt7996: drop always true condition of __mt7996_reg_addr() + - wifi: mt76: mt7996: fix endianness warning in mt7996_mcu_sta_he_tlv + - wifi: mt76: mt76x0: fix oob access in mt76x0_phy_get_target_power + - wifi: mt76: mt7996: fix unintended sign extension of mt7996_hw_queue_read() + - wifi: mt76: mt7915: fix unintended sign extension of mt7915_hw_queue_read() + - wifi: mt76: fix coverity uninit_use_in_call in + mt76_connac2_reverse_frag0_hdr_trans() + - wifi: mt76: mt7921: resource leaks at mt7921_check_offload_capability() + - wifi: rsi: Fix memory leak in rsi_coex_attach() + - wifi: rtlwifi: rtl8821ae: don't call kfree_skb() under spin_lock_irqsave() + - wifi: rtlwifi: rtl8188ee: don't call kfree_skb() under spin_lock_irqsave() + - wifi: rtlwifi: rtl8723be: don't call kfree_skb() under spin_lock_irqsave() + - wifi: iwlegacy: common: don't call dev_kfree_skb() under spin_lock_irqsave() + - wifi: libertas: fix memory leak in lbs_init_adapter() + - wifi: rtl8xxxu: Fix assignment to bit field priv->pi_enabled + - wifi: rtl8xxxu: Fix assignment to bit field priv->cck_agc_report_type + - wifi: rtl8xxxu: don't call dev_kfree_skb() under spin_lock_irqsave() + - wifi: rtw89: 8852c: rfk: correct DACK setting + - wifi: rtw89: 8852c: rfk: correct DPK settings + - wifi: rtlwifi: Fix global-out-of-bounds bug in + _rtl8812ae_phy_set_txpower_limit() + - libbpf: Fix single-line struct definition output in btf_dump + - libbpf: Fix btf__align_of() by taking into account field offsets + - wifi: ipw2x00: don't call dev_kfree_skb() under spin_lock_irqsave() + - wifi: ipw2200: fix memory leak in ipw_wdev_init() + - wifi: wilc1000: fix potential memory leak in wilc_mac_xmit() + - wifi: wilc1000: add missing unregister_netdev() in wilc_netdev_ifc_init() + - wifi: brcmfmac: fix potential memory leak in brcmf_netdev_start_xmit() + - wifi: brcmfmac: unmap dma buffer in brcmf_msgbuf_alloc_pktid() + - wifi: libertas_tf: don't call kfree_skb() under spin_lock_irqsave() + - wifi: libertas: if_usb: don't call kfree_skb() under spin_lock_irqsave() + - wifi: libertas: main: don't call kfree_skb() under spin_lock_irqsave() + - wifi: libertas: cmdresp: don't call kfree_skb() under spin_lock_irqsave() + - wifi: wl3501_cs: don't call kfree_skb() under spin_lock_irqsave() + - libbpf: Fix invalid return address register in s390 + - crypto: x86/ghash - fix unaligned access in ghash_setkey() + - crypto: ux500 - update debug config after ux500 cryp driver removal + - ACPICA: Drop port I/O validation for some regions + - genirq: Fix the return type of kstat_cpu_irqs_sum() + - rcu-tasks: Improve comments explaining tasks_rcu_exit_srcu purpose + - rcu-tasks: Remove preemption disablement around srcu_read_[un]lock() calls + - rcu-tasks: Fix synchronize_rcu_tasks() VS zap_pid_ns_processes() + - lib/mpi: Fix buffer overrun when SG is too long + - crypto: ccp - Avoid page allocation failure warning for SEV_GET_ID2 + - platform/chrome: cros_ec_typec: Update port DP VDO + - ACPICA: nsrepair: handle cases without a return value correctly + - libbpf: Fix map creation flags sanitization + - bpf_doc: Fix build error with older python versions + - selftests/xsk: print correct payload for packet dump + - selftests/xsk: print correct error codes when exiting + - arm64/cpufeature: Fix field sign for DIT hwcap detection + - arm64/sysreg: Fix errors in 32 bit enumeration values + - kselftest/arm64: Fix syscall-abi for systems without 128 bit SME + - workqueue: Protects wq_unbound_cpumask with wq_pool_attach_mutex + - s390/early: fix sclp_early_sccb variable lifetime + - s390/vfio-ap: fix an error handling path in vfio_ap_mdev_probe_queue() + - x86/signal: Fix the value returned by strict_sas_size() + - thermal/drivers/tsens: Drop msm8976-specific defines + - thermal/drivers/tsens: Sort out msm8976 vs msm8956 data + - thermal/drivers/tsens: fix slope values for msm8939 + - thermal/drivers/tsens: limit num_sensors to 9 for msm8939 + - wifi: rtw89: fix potential leak in rtw89_append_probe_req_ie() + - wifi: rtw89: Add missing check for alloc_workqueue + - wifi: rtl8xxxu: Fix memory leaks with RTL8723BU, RTL8192EU + - wifi: orinoco: check return value of hermes_write_wordrec() + - wifi: rtw88: Use rtw_iterate_vifs() for rtw_vif_watch_dog_iter() + - wifi: rtw88: Use non-atomic sta iterator in rtw_ra_mask_info_update() + - thermal/drivers/imx_sc_thermal: Fix the loop condition + - wifi: ath9k: htc_hst: free skb in ath9k_htc_rx_msg() if there is no callback + function + - wifi: ath9k: hif_usb: clean up skbs if ath9k_hif_usb_rx_stream() fails + - wifi: ath9k: Fix potential stack-out-of-bounds write in + ath9k_wmi_rsp_callback() + - wifi: ath11k: Fix memory leak in ath11k_peer_rx_frag_setup + - wifi: cfg80211: Fix extended KCK key length check in + nl80211_set_rekey_data() + - ACPI: battery: Fix missing NUL-termination with large strings + - selftests/bpf: Fix build errors if CONFIG_NF_CONNTRACK=m + - crypto: ccp - Failure on re-initialization due to duplicate sysfs filename + - crypto: essiv - Handle EBUSY correctly + - crypto: seqiv - Handle EBUSY correctly + - powercap: fix possible name leak in powercap_register_zone() + - bpf: Fix state pruning for STACK_DYNPTR stack slots + - bpf: Fix missing var_off check for ARG_PTR_TO_DYNPTR + - bpf: Fix partial dynptr stack slot reads/writes + - x86/microcode: Add a parameter to microcode_check() to store CPU + capabilities + - x86/microcode: Check CPU capabilities after late microcode update correctly + - x86/microcode: Adjust late loading result reporting message + - net: ethernet: ti: am65-cpsw/cpts: Fix CPTS release action + - selftests/bpf: Fix vmtest static compilation error + - crypto: xts - Handle EBUSY correctly + - leds: led-class: Add missing put_device() to led_put() + - drm/nouveau/disp: Fix nvif_outp_acquire_dp() argument size + - s390/bpf: Add expoline to tail calls + - wifi: iwlwifi: mei: fix compilation errors in rfkill() + - kselftest/arm64: Fix enumeration of systems without 128 bit SME + - can: rcar_canfd: Fix R-Car V3U CAN mode selection + - can: rcar_canfd: Fix R-Car V3U GAFLCFG field accesses + - selftests/bpf: Initialize tc in xdp_synproxy + - crypto: ccp - Flush the SEV-ES TMR memory before giving it to firmware + - bpftool: profile online CPUs instead of possible + - wifi: mt76: mt7921: fix deadlock in mt7921_abort_roc + - wifi: mt76: mt7915: call mt7915_mcu_set_thermal_throttling() only after + init_work + - wifi: mt76: mt7915: rework mt7915_mcu_set_thermal_throttling + - wifi: mt76: mt7915: rework mt7915_thermal_temp_store() + - wifi: mt76: mt7921: fix channel switch fail in monitor mode + - wifi: mt76: mt7996: fix chainmask calculation in mt7996_set_antenna() + - wifi: mt76: mt7996: update register for CFEND_RATE + - wifi: mt76: connac: fix POWER_CTRL command name typo + - wifi: mt76: mt7921: fix invalid remain_on_channel duration + - wifi: mt76: mt7915: fix memory leak in mt7915_mcu_exit + - wifi: mt76: mt7996: fix memory leak in mt7996_mcu_exit + - wifi: mt76: dma: fix memory leak running mt76_dma_tx_cleanup + - wifi: mt76: fix switch default case in mt7996_reverse_frag0_hdr_trans + - wifi: mt76: mt7915: fix WED TxS reporting + - wifi: mt76: add memory barrier to SDIO queue kick + - wifi: mt76: mt7996: rely on mt76_connac2_mac_tx_rate_val + - net/mlx5: Enhance debug print in page allocation failure + - irqchip: Fix refcount leak in platform_irqchip_probe + - irqchip/alpine-msi: Fix refcount leak in alpine_msix_init_domains + - irqchip/irq-mvebu-gicp: Fix refcount leak in mvebu_gicp_probe + - irqchip/ti-sci: Fix refcount leak in ti_sci_intr_irq_domain_probe + - s390/mem_detect: fix detect_memory() error handling + - s390/vmem: fix empty page tables cleanup under KASAN + - s390/boot: cleanup decompressor header files + - s390/mem_detect: rely on diag260() if sclp_early_get_memsize() fails + - s390/boot: fix mem_detect extended area allocation + - net: add sock_init_data_uid() + - tun: tun_chr_open(): correctly initialize socket uid + - tap: tap_open(): correctly initialize socket uid + - rxrpc: Fix overwaking on call poking + - OPP: fix error checking in opp_migrate_dentry() + - cpufreq: davinci: Fix clk use after free + - Bluetooth: hci_conn: Refactor hci_bind_bis() since it always succeeds + - Bluetooth: L2CAP: Fix potential user-after-free + - Bluetooth: hci_qca: get wakeup status from serdev device handle + - net: ipa: generic command param fix + - s390: vfio-ap: tighten the NIB validity check + - s390/ap: fix status returned by ap_aqic() + - s390/ap: fix status returned by ap_qact() + - libbpf: Fix alen calculation in libbpf_nla_dump_errormsg() + - xen/grant-dma-iommu: Implement a dummy probe_device() callback + - rds: rds_rm_zerocopy_callback() correct order for list_add_tail() + - crypto: rsa-pkcs1pad - Use akcipher_request_complete + - m68k: /proc/hardware should depend on PROC_FS + - RISC-V: time: initialize hrtimer based broadcast clock event device + - clocksource/drivers/riscv: Patch riscv_clock_next_event() jump before first + use + - wifi: iwl3945: Add missing check for create_singlethread_workqueue + - wifi: iwl4965: Add missing check for create_singlethread_workqueue() + - wifi: brcmfmac: Rename Cypress 89459 to BCM4355 + - wifi: brcmfmac: pcie: Add IDs/properties for BCM4355 + - wifi: brcmfmac: pcie: Add IDs/properties for BCM4377 + - wifi: brcmfmac: pcie: Perform correct BCM4364 firmware selection + - wifi: mwifiex: fix loop iterator in mwifiex_update_ampdu_txwinsize() + - wifi: rtw89: fix parsing offset for MCC C2H + - selftests/bpf: Fix out-of-srctree build + - ACPI: resource: Add IRQ overrides for MAINGEAR Vector Pro 2 models + - ACPI: resource: Do IRQ override on all TongFang GMxRGxx + - crypto: octeontx2 - Fix objects shared between several modules + - crypto: crypto4xx - Call dma_unmap_page when done + - vfio/ccw: remove WARN_ON during shutdown + - wifi: mac80211: move color collision detection report in a delayed work + - wifi: mac80211: make rate u32 in sta_set_rate_info_rx() + - wifi: mac80211: fix non-MLO station association + - wifi: mac80211: Don't translate MLD addresses for multicast + - wifi: mac80211: avoid u32_encode_bits() warning + - wifi: mac80211: fix off-by-one link setting + - tools/lib/thermal: Fix thermal_sampling_exit() + - thermal/drivers/hisi: Drop second sensor hi3660 + - selftests/bpf: Fix map_kptr test. + - wifi: mac80211: pass 'sta' to ieee80211_rx_data_set_sta() + - bpf: Zeroing allocated object from slab in bpf memory allocator + - selftests/bpf: Fix xdp_do_redirect on s390x + - can: esd_usb: Move mislocated storage of SJA1000_ECC_SEG bits in case of a + bus error + - can: esd_usb: Make use of can_change_state() and relocate checking skb for + NULL + - xsk: check IFF_UP earlier in Tx path + - LoongArch, bpf: Use 4 instructions for function address in JIT + - bpf: Fix global subprog context argument resolution logic + - irqchip/irq-brcmstb-l2: Set IRQ_LEVEL for level triggered interrupts + - irqchip/irq-bcm7120-l2: Set IRQ_LEVEL for level triggered interrupts + - net/smc: fix potential panic dues to unprotected smc_llc_srv_add_link() + - net/smc: fix application data exception + - selftests/net: Interpret UDP_GRO cmsg data as an int value + - l2tp: Avoid possible recursive deadlock in l2tp_tunnel_register() + - net: bcmgenet: fix MoCA LED control + - net: lan966x: Fix possible deadlock inside PTP + - net/mlx4_en: Introduce flexible array to silence overflow warning + - net/mlx5e: Align IPsec ASO result memory to be as required by hardware + - selftest: fib_tests: Always cleanup before exit + - sefltests: netdevsim: wait for devlink instance after netns removal + - drm: Fix potential null-ptr-deref due to drmm_mode_config_init() + - drm/fourcc: Add missing big-endian XRGB1555 and RGB565 formats + - drm/bridge: ti-sn65dsi83: Fix delay after reset deassert to match spec + - drm: mxsfb: DRM_IMX_LCDIF should depend on ARCH_MXC + - drm: mxsfb: DRM_MXSFB should depend on ARCH_MXS || ARCH_MXC + - drm/bridge: megachips: Fix error handling in i2c_register_driver() + - drm/vkms: Fix memory leak in vkms_init() + - drm/vkms: Fix null-ptr-deref in vkms_release() + - drm/modes: Use strscpy() to copy command-line mode name + - drm/vc4: dpi: Fix format mapping for RGB565 + - drm/bridge: it6505: Guard bridge power in IRQ handler + - drm: tidss: Fix pixel format definition + - gpu: ipu-v3: common: Add of_node_put() for reference returned by + of_graph_get_port_by_id() + - drm/ast: Init iosys_map pointer as I/O memory for damage handling + - drm/vc4: drop all currently held locks if deadlock happens + - hwmon: (ftsteutates) Fix scaling of measurements + - drm/msm/dpu: check for null return of devm_kzalloc() in dpu_writeback_init() + - drm/msm/hdmi: Add missing check for alloc_ordered_workqueue + - pinctrl: qcom: pinctrl-msm8976: Correct function names for wcss pins + - pinctrl: stm32: Fix refcount leak in stm32_pctrl_get_irq_domain + - pinctrl: rockchip: Fix refcount leak in rockchip_pinctrl_parse_groups + - drm/vc4: hvs: Configure the HVS COB allocations + - drm/vc4: hvs: Set AXI panic modes + - drm/vc4: hvs: SCALER_DISPBKGND_AUTOHS is only valid on HVS4 + - drm/vc4: hvs: Correct interrupt masking bit assignment for HVS5 + - drm/vc4: hvs: Fix colour order for xRGB1555 on HVS5 + - drm/vc4: hdmi: Correct interlaced timings again + - drm/msm: clean event_thread->worker in case of an error + - drm/panel-edp: fix name for IVO product id 854b + - scsi: qla2xxx: Fix exchange oversubscription + - scsi: qla2xxx: Fix exchange oversubscription for management commands + - scsi: qla2xxx: edif: Fix clang warning + - ASoC: fsl_sai: initialize is_dsp_mode flag + - drm/bridge: tc358767: Set default CLRSIPO count + - drm/msm/adreno: Fix null ptr access in adreno_gpu_cleanup() + - ALSA: hda/ca0132: minor fix for allocation size + - drm/amdgpu: Use the sched from entity for amdgpu_cs trace + - drm/msm/gem: Add check for kmalloc + - drm/msm/dpu: Disallow unallocated resources to be returned + - drm/bridge: lt9611: fix sleep mode setup + - drm/bridge: lt9611: fix HPD reenablement + - drm/bridge: lt9611: fix polarity programming + - drm/bridge: lt9611: fix programming of video modes + - drm/bridge: lt9611: fix clock calculation + - drm/bridge: lt9611: pass a pointer to the of node + - regulator: tps65219: use IS_ERR() to detect an error pointer + - drm/mipi-dsi: Fix byte order of 16-bit DCS set/get brightness + - drm: exynos: dsi: Fix MIPI_DSI*_NO_* mode flags + - drm/msm/dsi: Allow 2 CTRLs on v2.5.0 + - scsi: ufs: exynos: Fix DMA alignment for PAGE_SIZE != 4096 + - drm/msm/dpu: sc7180: add missing WB2 clock control + - drm/msm: use strscpy instead of strncpy + - drm/msm/dpu: Add check for cstate + - drm/msm/dpu: Add check for pstates + - drm/msm/mdp5: Add check for kzalloc + - habanalabs: bugs fixes in timestamps buff alloc + - pinctrl: bcm2835: Remove of_node_put() in bcm2835_of_gpio_ranges_fallback() + - pinctrl: mediatek: Initialize variable pullen and pullup to zero + - pinctrl: mediatek: Initialize variable *buf to zero + - gpu: host1x: Fix mask for syncpoint increment register + - gpu: host1x: Don't skip assigning syncpoints to channels + - drm/tegra: firewall: Check for is_addr_reg existence in IMM check + - drm/i915/mtl: Add initial gt workarounds + - drm/i915/xehp: GAM registers don't need to be re-applied on engine resets + - pinctrl: renesas: rzg2l: Fix configuring the GPIO pins as interrupts + - drm/i915/xehp: Annotate a couple more workaround registers as MCR + - drm/msm/dpu: set pdpu->is_rt_pipe early in dpu_plane_sspp_atomic_update() + - drm/mediatek: dsi: Reduce the time of dsi from LP11 to sending cmd + - drm/mediatek: Use NULL instead of 0 for NULL pointer + - drm/mediatek: Drop unbalanced obj unref + - drm/mediatek: mtk_drm_crtc: Add checks for devm_kcalloc + - drm/mediatek: Clean dangling pointer on bind error path + - ASoC: soc-compress.c: fixup private_data on snd_soc_new_compress() + - dt-bindings: display: mediatek: Fix the fallback for mediatek,mt8186-disp- + ccorr + - gpio: pca9570: rename platform_data to chip_data + - gpio: vf610: connect GPIO label to dev name + - ASoC: topology: Properly access value coming from topology file + - spi: dw_bt1: fix MUX_MMIO dependencies + - ASoC: mchp-spdifrx: fix controls which rely on rsr register + - ASoC: mchp-spdifrx: fix return value in case completion times out + - ASoC: mchp-spdifrx: fix controls that works with completion mechanism + - ASoC: mchp-spdifrx: disable all interrupts in mchp_spdifrx_dai_remove() + - dm: improve shrinker debug names + - regmap: apply reg_base and reg_downshift for single register ops + - accel: fix CONFIG_DRM dependencies + - ASoC: rsnd: fixup #endif position + - ASoC: mchp-spdifrx: Fix uninitialized use of mr in mchp_spdifrx_hw_params() + - ASoC: dt-bindings: meson: fix gx-card codec node regex + - regulator: tps65219: use generic set_bypass() + - hwmon: (asus-ec-sensors) add missing mutex path + - hwmon: (ltc2945) Handle error case in ltc2945_value_store + - ALSA: hda: Fix the control element identification for multiple codecs + - drm/amdgpu: fix enum odm_combine_mode mismatch + - scsi: mpt3sas: Fix a memory leak + - scsi: aic94xx: Add missing check for dma_map_single() + - HID: multitouch: Add quirks for flipped axes + - HID: retain initial quirks set up when creating HID devices + - ASoC: qcom: q6apm-lpass-dai: unprepare stream if its already prepared + - ASoC: qcom: q6apm-dai: fix race condition while updating the position + pointer + - ASoC: qcom: q6apm-dai: Add SNDRV_PCM_INFO_BATCH flag + - ASoC: codecs: lpass: register mclk after runtime pm + - ASoC: codecs: lpass: fix incorrect mclk rate + - drm/amd/display: don't call dc_interrupt_set() for disabled crtcs + - HID: logitech-hidpp: Hard-code HID++ 1.0 fast scroll support + - spi: bcm63xx-hsspi: Fix multi-bit mode setting + - hwmon: (mlxreg-fan) Return zero speed for broken fan + - ASoC: tlv320adcx140: fix 'ti,gpio-config' DT property init + - dm: remove flush_scheduled_work() during local_exit() + - nfs4trace: fix state manager flag printing + - NFS: fix disabling of swap + - drm/i915/pvc: Implement recommended caching policy + - drm/i915/pvc: Annotate two more workaround/tuning registers as MCR + - drm/i915: Fix GEN8_MISCCPCTL + - spi: synquacer: Fix timeout handling in synquacer_spi_transfer_one() + - ASoC: soc-dapm.h: fixup warning struct snd_pcm_substream not declared + - HID: bigben: use spinlock to protect concurrent accesses + - HID: bigben_worker() remove unneeded check on report_field + - HID: bigben: use spinlock to safely schedule workers + - hid: bigben_probe(): validate report count + - ALSA: hda/hdmi: Register with vga_switcheroo on Dual GPU Macbooks + - drm/shmem-helper: Fix locking for drm_gem_shmem_get_pages_sgt() + - NFSD: enhance inter-server copy cleanup + - NFSD: fix leaked reference count of nfsd4_ssc_umount_item + - nfsd: fix race to check ls_layouts + - nfsd: clean up potential nfsd_file refcount leaks in COPY codepath + - NFSD: fix problems with cleanup on errors in nfsd4_copy + - nfsd: fix courtesy client with deny mode handling in nfs4_upgrade_open + - nfsd: don't fsync nfsd_files on last close + - NFSD: copy the whole verifier in nfsd_copy_write_verifier + - cifs: Fix lost destroy smbd connection when MR allocate failed + - cifs: Fix warning and UAF when destroy the MR list + - cifs: use tcon allocation functions even for dummy tcon + - gfs2: jdata writepage fix + - perf llvm: Fix inadvertent file creation + - leds: led-core: Fix refcount leak in of_led_get() + - leds: is31fl319x: Wrap mutex_destroy() for devm_add_action_or_rest() + - leds: simatic-ipc-leds-gpio: Make sure we have the GPIO providing driver + - tools/tracing/rtla: osnoise_hist: use total duration for average calculation + - perf inject: Use perf_data__read() for auxtrace + - perf intel-pt: Do not try to queue auxtrace data on pipe + - perf stat: Hide invalid uncore event output for aggr mode + - perf jevents: Correct bad character encoding + - perf test bpf: Skip test if kernel-debuginfo is not present + - perf tools: Fix auto-complete on aarch64 + - perf stat: Avoid merging/aggregating metric counts twice + - sparc: allow PM configs for sparc32 COMPILE_TEST + - selftests: find echo binary to use -ne options + - selftests/ftrace: Fix bash specific "==" operator + - selftests: use printf instead of echo -ne + - perf record: Fix segfault with --overwrite and --max-size + - printf: fix errname.c list + - perf tests stat_all_metrics: Change true workload to sleep workload for + system wide check + - objtool: add UACCESS exceptions for __tsan_volatile_read/write + - selftests/ftrace: Fix probepoint testcase to ignore __pfx_* symbols + - sysctl: fix proc_dobool() usability + - mfd: rk808: Re-add rk808-clkout to RK818 + - mfd: cs5535: Don't build on UML + - mfd: pcf50633-adc: Fix potential memleak in pcf50633_adc_async_read() + - dmaengine: idxd: Set traffic class values in GRPCFG on DSA 2.0 + - RDMA/erdma: Fix refcount leak in erdma_mmap + - dmaengine: HISI_DMA should depend on ARCH_HISI + - RDMA/hns: Fix refcount leak in hns_roce_mmap + - iio: light: tsl2563: Do not hardcode interrupt trigger type + - usb: gadget: fusb300_udc: free irq on the error path in fusb300_probe() + - i2c: designware: fix i2c_dw_clk_rate() return size to be u32 + - i2c: qcom-geni: change i2c_master_hub to static + - soundwire: cadence: Don't overflow the command FIFOs + - driver core: fix potential null-ptr-deref in device_add() + - kobject: Fix slab-out-of-bounds in fill_kobj_path() + - alpha/boot/tools/objstrip: fix the check for ELF header + - media: uvcvideo: Check for INACTIVE in uvc_ctrl_is_accessible() + - media: uvcvideo: Implement mask for V4L2_CTRL_TYPE_MENU + - media: uvcvideo: Refactor uvc_ctrl_mappings_uvcXX + - media: uvcvideo: Refactor power_line_frequency_controls_limited + - coresight: etm4x: Fix accesses to TRCSEQRSTEVR and TRCSEQSTR + - coresight: cti: Prevent negative values of enable count + - coresight: cti: Add PM runtime call in enable_store + - usb: typec: intel_pmc_mux: Don't leak the ACPI device reference count + - PCI/IOV: Enlarge virtfn sysfs name buffer + - PCI: switchtec: Return -EFAULT for copy_to_user() errors + - PCI: endpoint: pci-epf-vntb: Add epf_ntb_mw_bar_clear() num_mws kernel-doc + - hwtracing: hisi_ptt: Only add the supported devices to the filters list + - tty: serial: fsl_lpuart: disable Rx/Tx DMA in lpuart32_shutdown() + - tty: serial: fsl_lpuart: clear LPUART Status Register in lpuart32_shutdown() + - serial: tegra: Add missing clk_disable_unprepare() in tegra_uart_hw_init() + - Revert "char: pcmcia: cm4000_cs: Replace mdelay with usleep_range in + set_protocol" + - eeprom: idt_89hpesx: Fix error handling in idt_init() + - applicom: Fix PCI device refcount leak in applicom_init() + - firmware: stratix10-svc: add missing gen_pool_destroy() in + stratix10_svc_drv_probe() + - firmware: stratix10-svc: fix error handle while alloc/add device failed + - VMCI: check context->notify_page after call to get_user_pages_fast() to + avoid GPF + - mei: pxp: Use correct macros to initialize uuid_le + - misc/mei/hdcp: Use correct macros to initialize uuid_le + - misc: fastrpc: Fix an error handling path in fastrpc_rpmsg_probe() + - iommu/exynos: Fix error handling in exynos_iommu_init() + - driver core: fix resource leak in device_add() + - driver core: location: Free struct acpi_pld_info *pld before return false + - drivers: base: transport_class: fix possible memory leak + - drivers: base: transport_class: fix resource leak when + transport_add_device() fails + - firmware: dmi-sysfs: Fix null-ptr-deref in dmi_sysfs_register_handle + - selftests: iommu: Fix test_cmd_destroy_access() call in user_copy + - iommufd: Add three missing structures in ucmd_buffer + - fotg210-udc: Add missing completion handler + - dmaengine: dw-edma: Fix missing src/dst address of interleaved xfers + - fpga: microchip-spi: move SPI I/O buffers out of stack + - fpga: microchip-spi: rewrite status polling in a time measurable way + - usb: early: xhci-dbc: Fix a potential out-of-bound memory access + - tty: serial: fsl_lpuart: Fix the wrong RXWATER setting for rx dma case + - RDMA/cxgb4: add null-ptr-check after ip_dev_find() + - usb: musb: mediatek: don't unregister something that wasn't registered + - usb: gadget: configfs: Restrict symlink creation is UDC already binded + - phy: mediatek: remove temporary variable @mask_ + - PCI: mt7621: Delay phy ports initialization + - iommu/vt-d: Set No Execute Enable bit in PASID table entry + - power: supply: remove faulty cooling logic + - RDMA/siw: Fix user page pinning accounting + - RDMA/cxgb4: Fix potential null-ptr-deref in pass_establish() + - usb: max-3421: Fix setting of I/O pins + - RDMA/irdma: Cap MSIX used to online CPUs + 1 + - serial: fsl_lpuart: fix RS485 RTS polariy inverse issue + - tty: serial: imx: disable Ageing Timer interrupt request irq + - driver core: fw_devlink: Add DL_FLAG_CYCLE support to device links + - driver core: fw_devlink: Don't purge child fwnode's consumer links + - driver core: fw_devlink: Allow marking a fwnode link as being part of a + cycle + - driver core: fw_devlink: Consolidate device link flag computation + - driver core: fw_devlink: Improve check for fwnode with no device/driver + - driver core: fw_devlink: Make cycle detection more robust + - mtd: mtdpart: Don't create platform device that'll never probe + - usb: host: fsl-mph-dr-of: reuse device_set_of_node_from_dev + - dmaengine: dw-edma: Fix readq_ch() return value truncation + - PCI: Fix dropping valid root bus resources with .end = zero + - phy: rockchip-typec: fix tcphy_get_mode error case + - PCI: qcom: Fix host-init error handling + - iw_cxgb4: Fix potential NULL dereference in c4iw_fill_res_cm_id_entry() + - iommu: Fix error unwind in iommu_group_alloc() + - iommu/amd: Do not identity map v2 capable device when snp is enabled + - dmaengine: sf-pdma: pdma_desc memory leak fix + - dmaengine: dw-axi-dmac: Do not dereference NULL structure + - dmaengine: ptdma: check for null desc before calling pt_cmd_callback + - iommu/vt-d: Fix error handling in sva enable/disable paths + - iommu/vt-d: Allow to use flush-queue when first level is default + - RDMA/rxe: Cleanup mr_check_range + - RDMA/rxe: Move rxe_map_mr_sg to rxe_mr.c + - RDMA-rxe: Isolate mr code from atomic_reply() + - RDMA-rxe: Isolate mr code from atomic_write_reply() + - RDMA/rxe: Cleanup page variables in rxe_mr.c + - RDMA/rxe: Replace rxe_map and rxe_phys_buf by xarray + - Subject: RDMA/rxe: Handle zero length rdma + - RDMA/mana_ib: Fix a bug when the PF indicates more entries for registering + memory on first packet + - RDMA/rxe: Fix missing memory barriers in rxe_queue.h + - IB/hfi1: Fix math bugs in hfi1_can_pin_pages() + - IB/hfi1: Fix sdma.h tx->num_descs off-by-one errors + - Revert "remoteproc: qcom_q6v5_mss: map/unmap metadata region before/after + use" + - remoteproc: qcom_q6v5_mss: Use a carveout to authenticate modem headers + - media: ti: cal: fix possible memory leak in cal_ctx_create() + - media: platform: ti: Add missing check for devm_regulator_get + - media: imx: imx7-media-csi: fix missing clk_disable_unprepare() in + imx7_csi_init() + - powerpc: Remove linker flag from KBUILD_AFLAGS + - s390/vdso: Drop '-shared' from KBUILD_CFLAGS_64 + - builddeb: clean generated package content + - media: max9286: Fix memleak in max9286_v4l2_register() + - media: ov2740: Fix memleak in ov2740_init_controls() + - media: ov5675: Fix memleak in ov5675_init_controls() + - media: i2c: tc358746: fix missing return assignment + - media: i2c: tc358746: fix ignoring read error in g_register callback + - media: i2c: tc358746: fix possible endianness issue + - media: ov5640: Fix soft reset sequence and timings + - media: ov5640: Handle delays when no reset_gpio set + - media: mc: Get media_device directly from pad + - media: i2c: ov772x: Fix memleak in ov772x_probe() + - media: i2c: imx219: Split common registers from mode tables + - media: i2c: imx219: Fix binning for RAW8 capture + - media: platform: mtk-mdp3: Fix return value check in mdp_probe() + - media: camss: csiphy-3ph: avoid undefined behavior + - media: platform: mtk-mdp3: fix Kconfig dependencies + - media: v4l2-jpeg: correct the skip count in jpeg_parse_app14_data + - media: v4l2-jpeg: ignore the unknown APP14 marker + - media: hantro: Fix JPEG encoder ENUM_FRMSIZE on RK3399 + - media: imx-jpeg: Apply clk_bulk api instead of operating specific clk + - media: amphion: correct the unspecified color space + - media: drivers/media/v4l2-core/v4l2-h264 : add detection of null pointers + - media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() + - media: atomisp: fix videobuf2 Kconfig depenendency + - media: atomisp: Only set default_run_mode on first open of a stream/asd + - media: i2c: ov7670: 0 instead of -EINVAL was returned + - media: usb: siano: Fix use after free bugs caused by do_submit_urb + - media: saa7134: Use video_unregister_device for radio_dev + - rpmsg: glink: Avoid infinite loop on intent for missing channel + - rpmsg: glink: Release driver_override + - ARM: OMAP2+: omap4-common: Fix refcount leak bug + - arm64: dts: qcom: msm8996: Add additional A2NoC clocks + - udf: Define EFSCORRUPTED error code + - context_tracking: Fix noinstr vs KASAN + - exit: Detect and fix irq disabled state in oops + - ARM: dts: exynos: Use Exynos5420 compatible for the MIPI video phy + - fs: Use CHECK_DATA_CORRUPTION() when kernel bugs are detected + - blk-iocost: fix divide by 0 error in calc_lcoefs() + - blk-cgroup: dropping parent refcount after pd_free_fn() is done + - blk-cgroup: synchronize pd_free_fn() from blkg_free_workfn() and + blkcg_deactivate_policy() + - trace/blktrace: fix memory leak with using debugfs_lookup() + - btrfs: scrub: improve tree block error reporting + - arm64: zynqmp: Enable hs termination flag for USB dwc3 controller + - cpuidle, intel_idle: Fix CPUIDLE_FLAG_INIT_XSTATE + - x86/fpu: Don't set TIF_NEED_FPU_LOAD for PF_IO_WORKER threads + - cpuidle: drivers: firmware: psci: Dont instrument suspend code + - cpuidle: lib/bug: Disable rcu_is_watching() during WARN/BUG + - perf/x86/intel/uncore: Add Meteor Lake support + - wifi: ath9k: Fix use-after-free in ath9k_hif_usb_disconnect() + - wifi: ath11k: fix monitor mode bringup crash + - wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds() + - rcu: Make RCU_LOCKDEP_WARN() avoid early lockdep checks + - rcu: Suppress smp_processor_id() complaint in + synchronize_rcu_expedited_wait() + - srcu: Delegate work to the boot cpu if using SRCU_SIZE_SMALL + - rcu-tasks: Make rude RCU-Tasks work well with CPU hotplug + - rcu-tasks: Handle queue-shrink/callback-enqueue race condition + - wifi: ath11k: debugfs: fix to work with multiple PCI devices + - thermal: intel: Fix unsigned comparison with less than zero + - timers: Prevent union confusion from unexpected restart_syscall() + - x86/bugs: Reset speculation control settings on init + - bpftool: Always disable stack protection for BPF objects + - wifi: brcmfmac: ensure CLM version is null-terminated to prevent stack-out- + of-bounds + - wifi: rtw89: fix assignation of TX BD RAM table + - wifi: mt7601u: fix an integer underflow + - inet: fix fast path in __inet_hash_connect() + - ice: restrict PTP HW clock freq adjustments to 100, 000, 000 PPB + - ice: add missing checks for PF vsi type + - Compiler attributes: GCC cold function alignment workarounds + - ACPI: Don't build ACPICA with '-Os' + - bpf, docs: Fix modulo zero, division by zero, overflow, and underflow + - thermal: intel: intel_pch: Add support for Wellsburg PCH + - clocksource: Suspend the watchdog temporarily when high read latency + detected + - crypto: hisilicon: Wipe entire pool on error + - net: bcmgenet: Add a check for oversized packets + - m68k: Check syscall_trace_enter() return code + - s390/mm,ptdump: avoid Kasan vs Memcpy Real markers swapping + - netfilter: nf_tables: NULL pointer dereference in nf_tables_updobj() + - can: isotp: check CAN address family in isotp_bind() + - gcc-plugins: drop -std=gnu++11 to fix GCC 13 build + - tools/power/x86/intel-speed-select: Add Emerald Rapid quirk + - platform/x86: dell-ddv: Add support for interface version 3 + - wifi: mt76: dma: free rx_head in mt76_dma_rx_cleanup + - ACPI: video: Fix Lenovo Ideapad Z570 DMI match + - net/mlx5: fw_tracer: Fix debug print + - coda: Avoid partial allocation of sig_inputArgs + - uaccess: Add minimum bounds check on kernel buffer size + - s390/idle: mark arch_cpu_idle() noinstr + - time/debug: Fix memory leak with using debugfs_lookup() + - PM: domains: fix memory leak with using debugfs_lookup() + - PM: EM: fix memory leak with using debugfs_lookup() + - Bluetooth: Fix issue with Actions Semi ATS2851 based devices + - Bluetooth: btusb: Add new PID/VID 0489:e0f2 for MT7921 + - Bluetooth: btusb: Add VID:PID 13d3:3529 for Realtek RTL8821CE + - wifi: rtw89: debug: avoid invalid access on RTW89_DBG_SEL_MAC_30 + - hv_netvsc: Check status in SEND_RNDIS_PKT completion message + - s390/kfence: fix page fault reporting + - devlink: Fix TP_STRUCT_entry in trace of devlink health report + - scm: add user copy checks to put_cmsg() + - drm: panel-orientation-quirks: Add quirk for Lenovo Yoga Tab 3 X90F + - drm: panel-orientation-quirks: Add quirk for DynaBook K50 + - drm/amd/display: Reduce expected sdp bandwidth for dcn321 + - drm/amd/display: Revert Reduce delay when sink device not able to ACK 00340h + write + - drm/amd/display: Fix potential null-deref in dm_resume + - drm/omap: dsi: Fix excessive stack usage + - HID: Add Mapping for System Microphone Mute + - drm/tiny: ili9486: Do not assume 8-bit only SPI controllers + - drm/amd/display: Defer DIG FIFO disable after VID stream enable + - drm/radeon: free iio for atombios when driver shutdown + - drm/amd: Avoid BUG() for case of SRIOV missing IP version + - drm/amdkfd: Page aligned memory reserve size + - scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write + - Revert "fbcon: don't lose the console font across generic->chip driver + switch" + - drm/amd: Avoid ASSERT for some message failures + - drm: amd: display: Fix memory leakage + - drm/amd/display: fix mapping to non-allocated address + - HID: uclogic: Add frame type quirk + - HID: uclogic: Add battery quirk + - HID: uclogic: Add support for XP-PEN Deco Pro SW + - HID: uclogic: Add support for XP-PEN Deco Pro MW + - drm/msm/dsi: Add missing check for alloc_ordered_workqueue + - drm: rcar-du: Add quirk for H3 ES1.x pclk workaround + - drm: rcar-du: Fix setting a reserved bit in DPLLCR + - drm/drm_print: correct format problem + - drm/amd/display: Set hvm_enabled flag for S/G mode + - drm/client: Test for connectors before sending hotplug event + - habanalabs: extend fatal messages to contain PCI info + - habanalabs: fix bug in timestamps registration code + - docs/scripts/gdb: add necessary make scripts_gdb step + - drm/msm/dpu: Add DSC hardware blocks to register snapshot + - ASoC: soc-compress: Reposition and add pcm_mutex + - ASoC: kirkwood: Iterate over array indexes instead of using pointer math + - regulator: max77802: Bounds check regulator id against opmode + - regulator: s5m8767: Bounds check id indexing into arrays + - Revert "drm/amdgpu: TA unload messages are not actually sent to psp when + amdgpu is uninstalled" + - drm/amd/display: fix FCLK pstate change underflow + - gfs2: Improve gfs2_make_fs_rw error handling + - hwmon: (coretemp) Simplify platform device handling + - hwmon: (nct6775) Directly call ASUS ACPI WMI method + - hwmon: (nct6775) B650/B660/X670 ASUS boards support + - pinctrl: at91: use devm_kasprintf() to avoid potential leaks + - drm/amd/display: Do not commit pipe when updating DRR + - scsi: snic: Fix memory leak with using debugfs_lookup() + - scsi: ufs: core: Fix device management cmd timeout flow + - HID: logitech-hidpp: Don't restart communication if not necessary + - drm/amd/display: Enable P-state validation checks for DCN314 + - drm: panel-orientation-quirks: Add quirk for Lenovo IdeaPad Duet 3 10IGL5 + - drm/amd/display: Disable HUBP/DPP PG on DCN314 for now + - drm/amd/display: disable SubVP + DRR to prevent underflow + - dm thin: add cond_resched() to various workqueue loops + - dm cache: add cond_resched() to various workqueue loops + - nfsd: zero out pointers after putting nfsd_files on COPY setup error + - nfsd: don't hand out delegation on setuid files being opened for write + - cifs: prevent data race in smb2_reconnect() + - drm/i915/mtl: Correct implementation of Wa_18018781329 + - drm/shmem-helper: Revert accidental non-GPL export + - driver core: fw_devlink: Avoid spurious error message + - wifi: rtl8xxxu: fixing transmisison failure for rtl8192eu + - firmware: coreboot: framebuffer: Ignore reserved pixel color bits + - block: don't allow multiple bios for IOCB_NOWAIT issue + - block: clear bio->bi_bdev when putting a bio back in the cache + - block: be a bit more careful in checking for NULL bdev while polling + - rtc: pm8xxx: fix set-alarm race + - ipmi: ipmb: Fix the MODULE_PARM_DESC associated to 'retry_time_ms' + - ipmi:ssif: resend_msg() cannot fail + - ipmi_ssif: Rename idle state and check + - ipmi:ssif: Add a timer between request retries + - io_uring: Replace 0-length array with flexible array + - io_uring: use user visible tail in io_uring_poll() + - io_uring: handle TIF_NOTIFY_RESUME when checking for task_work + - io_uring: add a conditional reschedule to the IOPOLL cancelation loop + - io_uring: add reschedule point to handle_tw_list() + - io_uring/rsrc: disallow multi-source reg buffers + - io_uring: remove MSG_NOSIGNAL from recvmsg + - io_uring/poll: allow some retries for poll triggering spuriously + - io_uring: fix fget leak when fs don't support nowait buffered read + - s390/extmem: return correct segment type in __segment_load() + - s390: discard .interp section + - s390/kprobes: fix irq mask clobbering on kprobe reenter from post_handler + - s390/kprobes: fix current_kprobe never cleared after kprobes reenter + - KVM: s390: disable migration mode when dirty tracking is disabled + - cifs: improve checking of DFS links over STATUS_OBJECT_NAME_INVALID + - cifs: Fix uninitialized memory read in smb3_qfs_tcon() + - cifs: Fix uninitialized memory reads for oparms.mode + - cifs: fix mount on old smb servers + - cifs: introduce cifs_io_parms in smb2_async_writev() + - cifs: split out smb3_use_rdma_offload() helper + - cifs: don't try to use rdma offload on encrypted connections + - cifs: Check the lease context if we actually got a lease + - cifs: return a single-use cfid if we did not get a lease + - scsi: mpi3mr: Fix missing mrioc->evtack_cmds initialization + - scsi: mpi3mr: Fix issues in mpi3mr_get_all_tgt_info() + - scsi: mpi3mr: Remove unnecessary memcpy() to alltgt_info->dmi + - btrfs: hold block group refcount during async discard + - btrfs: sysfs: update fs features directory asynchronously + - locking/rwsem: Prevent non-first waiter from spinning in down_write() + slowpath + - ksmbd: fix wrong data area length for smb2 lock request + - ksmbd: do not allow the actual frame length to be smaller than the rfc1002 + length + - ksmbd: fix possible memory leak in smb2_lock() + - torture: Fix hang during kthread shutdown phase + - ARM: dts: exynos: correct HDMI phy compatible in Exynos4 + - io_uring: mark task TASK_RUNNING before handling resume/task work + - hfs: fix missing hfs_bnode_get() in __hfs_bnode_create + - fs: hfsplus: fix UAF issue in hfsplus_put_super + - exfat: fix reporting fs error when reading dir beyond EOF + - exfat: fix unexpected EOF while reading dir + - exfat: redefine DIR_DELETED as the bad cluster number + - exfat: fix inode->i_blocks for non-512 byte sector size device + - fs: dlm: start midcomms before scand + - fs: dlm: fix use after free in midcomms commit + - fs: dlm: be sure to call dlm_send_queue_flush() + - fs: dlm: fix race setting stop tx flag + - fs: dlm: don't set stop rx flag after node reset + - fs: dlm: move sending fin message into state change handling + - fs: dlm: send FIN ack back in right cases + - f2fs: fix information leak in f2fs_move_inline_dirents() + - f2fs: retry to update the inode page given data corruption + - f2fs: fix cgroup writeback accounting with fs-layer encryption + - f2fs: fix kernel crash due to null io->bio + - f2fs: Revert "f2fs: truncate blocks in batch in __complete_revoke_list()" + - ocfs2: fix defrag path triggering jbd2 ASSERT + - ocfs2: fix non-auto defrag path not working issue + - fs/cramfs/inode.c: initialize file_ra_state + - selftests/landlock: Skip overlayfs tests when not supported + - selftests/landlock: Test ptrace as much as possible with Yama + - udf: Truncate added extents on failed expansion + - udf: Do not bother merging very long extents + - udf: Do not update file length for failed writes to inline files + - udf: Preserve link count of system files + - udf: Detect system inodes linked into directory hierarchy + - udf: Fix file corruption when appending just after end of preallocated + extent + - md: don't update recovery_cp when curr_resync is ACTIVE + - KVM: Destroy target device if coalesced MMIO unregistration fails + - KVM: VMX: Fix crash due to uninitialized current_vmcs + - KVM: Register /dev/kvm as the _very_ last thing during initialization + - KVM: x86: Purge "highest ISR" cache when updating APICv state + - KVM: x86: Blindly get current x2APIC reg value on "nodecode write" traps + - KVM: x86: Don't inhibit APICv/AVIC on xAPIC ID "change" if APIC is disabled + - KVM: x86: Don't inhibit APICv/AVIC if xAPIC ID mismatch is due to 32-bit ID + - KVM: SVM: Flush the "current" TLB when activating AVIC + - KVM: SVM: Process ICR on AVIC IPI delivery failure due to invalid target + - KVM: SVM: Don't put/load AVIC when setting virtual APIC mode + - KVM: x86: Inject #GP if WRMSR sets reserved bits in APIC Self-IPI + - KVM: x86: Inject #GP on x2APIC WRMSR that sets reserved bits 63:32 + - KVM: SVM: Fix potential overflow in SEV's send|receive_update_data() + - KVM: SVM: hyper-v: placate modpost section mismatch error + - selftests: x86: Fix incorrect kernel headers search path + - x86/virt: Force GIF=1 prior to disabling SVM (for reboot flows) + - x86/crash: Disable virt in core NMI crash handler to avoid double shootdown + - x86/reboot: Disable virtualization in an emergency if SVM is supported + - x86/reboot: Disable SVM, not just VMX, when stopping CPUs + - x86/kprobes: Fix __recover_optprobed_insn check optimizing logic + - x86/kprobes: Fix arch_check_optimized_kprobe check within optimized_kprobe + range + - x86/microcode/amd: Remove load_microcode_amd()'s bsp parameter + - x86/microcode/AMD: Add a @cpu parameter to the reloading functions + - x86/microcode/AMD: Fix mixed steppings support + - x86/speculation: Allow enabling STIBP with legacy IBRS + - Documentation/hw-vuln: Document the interaction between IBRS and STIBP + - virt/sev-guest: Return -EIO if certificate buffer is not large enough + - brd: mark as nowait compatible + - brd: return 0/-error from brd_insert_page() + - brd: check for REQ_NOWAIT and set correct page allocation mask + - ima: fix error handling logic when file measurement failed + - ima: Align ima_file_mmap() parameters with mmap_file LSM hook + - selftests/powerpc: Fix incorrect kernel headers search path + - selftests/ftrace: Fix eprobe syntax test case to check filter support + - selftests: sched: Fix incorrect kernel headers search path + - selftests: core: Fix incorrect kernel headers search path + - selftests: pid_namespace: Fix incorrect kernel headers search path + - selftests: arm64: Fix incorrect kernel headers search path + - selftests: clone3: Fix incorrect kernel headers search path + - selftests: pidfd: Fix incorrect kernel headers search path + - selftests: membarrier: Fix incorrect kernel headers search path + - selftests: kcmp: Fix incorrect kernel headers search path + - selftests: media_tests: Fix incorrect kernel headers search path + - selftests: gpio: Fix incorrect kernel headers search path + - selftests: filesystems: Fix incorrect kernel headers search path + - selftests: user_events: Fix incorrect kernel headers search path + - selftests: ptp: Fix incorrect kernel headers search path + - selftests: sync: Fix incorrect kernel headers search path + - selftests: rseq: Fix incorrect kernel headers search path + - selftests: move_mount_set_group: Fix incorrect kernel headers search path + - selftests: mount_setattr: Fix incorrect kernel headers search path + - selftests: perf_events: Fix incorrect kernel headers search path + - selftests: ipc: Fix incorrect kernel headers search path + - selftests: futex: Fix incorrect kernel headers search path + - selftests: drivers: Fix incorrect kernel headers search path + - selftests: dmabuf-heaps: Fix incorrect kernel headers search path + - selftests: vm: Fix incorrect kernel headers search path + - selftests: seccomp: Fix incorrect kernel headers search path + - irqdomain: Fix association race + - irqdomain: Fix disassociation race + - irqdomain: Look for existing mapping only once + - irqdomain: Drop bogus fwspec-mapping error handling + - irqdomain: Refactor __irq_domain_alloc_irqs() + - irqdomain: Fix mapping-creation race + - irqdomain: Fix domain registration race + - crypto: qat - fix out-of-bounds read + - mm/damon/paddr: fix missing folio_put() + - ALSA: ice1712: Do not left ice->gpio_mutex locked in aureon_add_controls() + - ALSA: hda/realtek: Add quirk for HP EliteDesk 800 G6 Tower PC + - jbd2: fix data missing when reusing bh which is ready to be checkpointed + - ext4: optimize ea_inode block expansion + - ext4: refuse to create ea block when umounted + - cxl/pmem: Fix nvdimm registration races + - Input: exc3000 - properly stop timer on shutdown + - mtd: spi-nor: sfdp: Fix index value for SCCR dwords + - mtd: spi-nor: spansion: Consider reserved bits in CFR5 register + - dm: send just one event on resize, not two + - dm: add cond_resched() to dm_wq_work() + - dm: add cond_resched() to dm_wq_requeue_work() + - wifi: rtw88: use RTW_FLAG_POWERON flag to prevent to power on/off twice + - wifi: rtl8xxxu: Use a longer retry limit of 48 + - wifi: ath11k: allow system suspend to survive ath11k + - wifi: cfg80211: Fix use after free for wext + - wifi: cfg80211: Set SSID if it is not already set + - cpuidle: add ARCH_SUSPEND_POSSIBLE dependencies + - qede: fix interrupt coalescing configuration + - thermal: intel: powerclamp: Fix cur_state for multi package system + - dm flakey: fix logic when corrupting a bio + - dm cache: free background tracker's queued work in btracker_destroy + - dm flakey: don't corrupt the zero page + - dm flakey: fix a bug with 32-bit highmem systems + - hwmon: (peci/cputemp) Fix off-by-one in coretemp_label allocation + - hwmon: (nct6775) Fix incorrect parenthesization in nct6775_write_fan_div() + - spi: intel: Check number of chip selects after reading the descriptor + - ARM: dts: qcom: sdx65: Add Qcom SMMU-500 as the fallback for IOMMU node + - ARM: dts: qcom: sdx55: Add Qcom SMMU-500 as the fallback for IOMMU node + - ARM: dts: exynos: correct TMU phandle in Exynos4210 + - ARM: dts: exynos: correct TMU phandle in Exynos4 + - ARM: dts: exynos: correct TMU phandle in Odroid XU3 family + - ARM: dts: exynos: correct TMU phandle in Exynos5250 + - ARM: dts: exynos: correct TMU phandle in Odroid XU + - ARM: dts: exynos: correct TMU phandle in Odroid HC1 + - arm64: acpi: Fix possible memory leak of ffh_ctxt + - arm64: mm: hugetlb: Disable HUGETLB_PAGE_OPTIMIZE_VMEMMAP + - arm64: Reset KASAN tag in copy_highpage with HW tags only + - fuse: add inode/permission checks to fileattr_get/fileattr_set + - rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails + - ceph: update the time stamps and try to drop the suid/sgid + - regulator: core: Use ktime_get_boottime() to determine how long a regulator + was off + - panic: fix the panic_print NMI backtrace setting + - mm/hwpoison: convert TTU_IGNORE_HWPOISON to TTU_HWPOISON + - genirq/msi, platform-msi: Ensure that MSI descriptors are unreferenced + - genirq/msi: Take the per-device MSI lock before validating the control + structure + - spi: spi-sn-f-ospi: fix duplicate flag while assigning to mode_bits + - alpha: fix FEN fault handling + - dax/kmem: Fix leak of memory-hotplug resources + - mips: fix syscall_get_nr + - media: ipu3-cio2: Fix PM runtime usage_count in driver unbind + - remoteproc/mtk_scp: Move clk ops outside send_lock + - vfio: Fix NULL pointer dereference caused by uninitialized group->iommufd + - docs: gdbmacros: print newest record + - mm: memcontrol: deprecate charge moving + - mm/thp: check and bail out if page in deferred queue already + - ktest.pl: Give back console on Ctrt^C on monitor + - kprobes: Fix to handle forcibly unoptimized kprobes on freeing_list + - ktest.pl: Fix missing "end_monitor" when machine check fails + - ktest.pl: Add RUN_TIMEOUT option with default unlimited + - memory tier: release the new_memtier in find_create_memory_tier() + - ring-buffer: Handle race between rb_move_tail and rb_check_pages + - tools/bootconfig: fix single & used for logical condition + - tracing/eprobe: Fix to add filter on eprobe description in README file + - iommu/amd: Add a length limitation for the ivrs_acpihid command-line + parameter + - scsi: aacraid: Allocate cmd_priv with scsicmd + - scsi: qla2xxx: Fix link failure in NPIV environment + - scsi: qla2xxx: Check if port is online before sending ELS + - scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests + - scsi: qla2xxx: Remove unintended flag clearing + - scsi: qla2xxx: Fix erroneous link down + - scsi: qla2xxx: Remove increment of interface err cnt + - scsi: ses: Don't attach if enclosure has no components + - scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process() + - scsi: ses: Fix possible addl_desc_ptr out-of-bounds accesses + - scsi: ses: Fix possible desc_ptr out-of-bounds accesses + - scsi: ses: Fix slab-out-of-bounds in ses_intf_remove() + - RISC-V: add a spin_shadow_stack declaration + - riscv: Avoid enabling interrupts in die() + - riscv: mm: fix regression due to update_mmu_cache change + - riscv: jump_label: Fixup unaligned arch_static_branch function + - riscv: ftrace: Fixup panic by disabling preemption + - riscv, mm: Perform BPF exhandler fixup on page fault + - riscv: ftrace: Remove wasted nops for !RISCV_ISA_C + - riscv: ftrace: Reduce the detour code size to half + - MIPS: DTS: CI20: fix otg power gpio + - PCI/PM: Observe reset delay irrespective of bridge_d3 + - PCI: Unify delay handling for reset and resume + - PCI: hotplug: Allow marking devices as disconnected during bind/unbind + - PCI: Avoid FLR for AMD FCH AHCI adapters + - PCI/DPC: Await readiness of secondary bus after reset + - bus: mhi: ep: Only send -ENOTCONN status if client driver is available + - bus: mhi: ep: Move chan->lock to the start of processing queued ch ring + - bus: mhi: ep: Save channel state locally during suspend and resume + - iommufd: Make sure to zero vfio_iommu_type1_info before copying to user + - iommufd: Do not add the same hwpt to the ioas->hwpt_list twice + - iommu/vt-d: Avoid superfluous IOTLB tracking in lazy mode + - iommu/vt-d: Fix PASID directory pointer coherency + - vfio/type1: exclude mdevs from VFIO_UPDATE_VADDR + - vfio/type1: prevent underflow of locked_vm via exec() + - vfio/type1: track locked_vm per dma + - vfio/type1: restore locked_vm + - drm/amd: Fix initialization for nbio 7.5.1 + - drm/i915/quirks: Add inverted backlight quirk for HP 14-r206nv + - drm/radeon: Fix eDP for single-display iMac11,2 + - drm/i915: Don't use stolen memory for ring buffers with LLC + - drm/i915: Don't use BAR mappings for ring buffers with LLC + - drm/gud: Fix UBSAN warning + - drm/edid: fix AVI infoframe aspect ratio handling + - drm/edid: fix parsing of 3D modes from HDMI VSDB + - qede: avoid uninitialized entries in coal_entry array + - brd: use radix_tree_maybe_preload instead of radix_tree_preload + - net: avoid double iput when sock_alloc_file fails + - Linux 6.2.3 + + * Miscellaneous Ubuntu changes + - [Config] update annotations after applying 6.2.3 stable patches + - [Config] update annotations after applying 6.2.6 stable patches + + -- Andrea Righi Tue, 14 Mar 2023 16:43:44 +0100 + +linux (6.2.0-16.16) lunar; urgency=medium + + * lunar/linux: 6.2.0-16.16 -proposed tracker (LP: #2009914) + + * linux-libc-dev is no longer multi-arch safe (LP: #2009355) + - Revert "UBUNTU: [Packaging] install headers to debian/linux-libc-dev + directly" + + * linux: CONFIG_SERIAL_8250_MID=y (LP: #2009283) + - [Config] enable CONFIG_SERIAL_8250_MID=y + + * cpufreq: intel_pstate: Update Balance performance EPP for Sapphire Rapids + (LP: #2008519) + - cpufreq: intel_pstate: Adjust balance_performance EPP for Sapphire Rapids + + -- Andrea Righi Fri, 10 Mar 2023 18:34:28 +0100 + +linux (6.2.0-15.15) lunar; urgency=medium + + * Miscellaneous Ubuntu changes + - [Packaging] annotations: document annotations headers + + -- Andrea Righi Fri, 10 Mar 2023 07:36:59 +0100 + +linux (6.2.0-14.14) lunar; urgency=medium + + * lunar/linux: 6.2.0-14.14 -proposed tracker (LP: #2009856) + + * Miscellaneous Ubuntu changes + - [Packaging] rust: add rust build dependencies to all arches + - [Packaging] Support skipped dkms modules + - [Packaging] actually enforce set -e in dkms-build--nvidia-N + - [Packaging] Preserve the correct log file variable value + - [Packaging] update getabis + + -- Andrea Righi Thu, 09 Mar 2023 16:40:36 +0100 + +linux (6.2.0-13.13) lunar; urgency=medium + + * lunar/linux: 6.2.0-13.13 -proposed tracker (LP: #2009704) + + * Packaging resync (LP: #1786013) + - debian/dkms-versions -- update from kernel-versions (main/master) + + * mt7921: add support of MTFG table (LP: #2009642) + - wifi: mt76: mt7921: add support to update fw capability with MTFG table + + -- Andrea Righi Wed, 08 Mar 2023 14:40:25 +0100 + +linux (6.2.0-12.12) lunar; urgency=medium + + * lunar/linux: 6.2.0-12.12 -proposed tracker (LP: #2009698) + + * Miscellaneous Ubuntu changes + - SAUCE: enforce rust availability only on x86_64 + - [Config] update CONFIG_RUST_IS_AVAILABLE + + -- Andrea Righi Wed, 08 Mar 2023 12:50:15 +0100 + +linux (6.2.0-11.11) lunar; urgency=medium + + * lunar/linux: 6.2.0-11.11 -proposed tracker (LP: #2009697) + + * Miscellaneous Ubuntu changes + - [Packaging] do not stop the build if rust is not available + + -- Andrea Righi Wed, 08 Mar 2023 12:24:55 +0100 + +linux (6.2.0-10.10) lunar; urgency=medium + + * lunar/linux: 6.2.0-10.10 -proposed tracker (LP: #2009673) + + * Packaging resync (LP: #1786013) + - debian/dkms-versions -- update from kernel-versions (main/master) + + * enable Rust support in the kernel (LP: #2007654) + - [Packaging] propagate makefile variables to kernelconfig + - SAUCE: rust: fix regexp in scripts/is_rust_module.sh + - SAUCE: scripts: rust: drop is_rust_module.sh + - SAUCE: rust: allow to use INIT_STACK_ALL_ZERO + - SAUCE: scripts: Exclude Rust CUs with pahole + - SAUCE: modpost: support arbitrary symbol length in modversion + - SAUCE: allows to enable Rust with modversions + - SAUCE: rust: properly detect the version of libclang used by bindgen + - [Packaging] rust: add the proper make flags to enable rust support + - [Packaging] add rust dependencies + - [Packaging] bpftool: always use vmlinux to generate headers + - [Packaging] run rustavailable target as debugging before build + - [Config] enable Rust support + + * Fail to output sound to external monitor which connects via docking station + (LP: #2009024) + - [Config] Enable CONFIG_SND_HDA_INTEL_HDMI_SILENT_STREAM + + * Miscellaneous Ubuntu changes + - SAUCE: Makefile: replace rsync with tar + + -- Andrea Righi Wed, 08 Mar 2023 12:01:56 +0100 + +linux (6.2.0-1.1) lunar; urgency=medium + + * lunar/linux: 6.2.0-1.1 -proposed tracker (LP: #2009621) + + * Packaging resync (LP: #1786013) + - [Packaging] update variants + - debian/dkms-versions -- update from kernel-versions (main/master) + + * kinetic: apply new apparmor and LSM stacking patch set (LP: #1989983) + - SAUCE: apparmor: Add fine grained mediation of posix mqueues + - SAUCE: apparmor: add user namespace creation mediation + + * Lunar update: v6.2.2 upstream stable release (LP: #2009358) + - ALSA: hda: cs35l41: Correct error condition handling + - crypto: arm64/sm4-gcm - Fix possible crash in GCM cryption + - bpf: bpf_fib_lookup should not return neigh in NUD_FAILED state + - vc_screen: don't clobber return value in vcs_read + - drm/amd/display: Move DCN314 DOMAIN power control to DMCUB + - drm/amd/display: Properly reuse completion structure + - scripts/tags.sh: fix incompatibility with PCRE2 + - wifi: rtw88: usb: Set qsel correctly + - wifi: rtw88: usb: send Zero length packets if necessary + - wifi: rtw88: usb: drop now unnecessary URB size check + - usb: dwc3: pci: add support for the Intel Meteor Lake-M + - USB: serial: option: add support for VW/Skoda "Carstick LTE" + - usb: gadget: u_serial: Add null pointer check in gserial_resume + - arm64: dts: uniphier: Fix property name in PXs3 USB node + - usb: typec: pd: Remove usb_suspend_supported sysfs from sink PDO + - USB: core: Don't hold device lock while reading the "descriptors" sysfs file + - Linux 6.2.2 + + * Lunar update: v6.2.1 upstream stable release (LP: #2009127) + - uaccess: Add speculation barrier to copy_from_user() + - x86/alternatives: Introduce int3_emulate_jcc() + - x86/alternatives: Teach text_poke_bp() to patch Jcc.d32 instructions + - x86/static_call: Add support for Jcc tail-calls + - HID: mcp-2221: prevent UAF in delayed work + - wifi: mwifiex: Add missing compatible string for SD8787 + - audit: update the mailing list in MAINTAINERS + - platform/x86/amd/pmf: Add depends on CONFIG_POWER_SUPPLY + - platform/x86: nvidia-wmi-ec-backlight: Add force module parameter + - ext4: Fix function prototype mismatch for ext4_feat_ktype + - randstruct: disable Clang 15 support + - bpf: add missing header file include + - Linux 6.2.1 + + * Fix mediatek wifi driver crash when loading wrong SAR table (LP: #2009118) + - wifi: mt76: mt7921: fix error code of return in mt7921_acpi_read + + * overlayfs mounts as R/O over idmapped mount (LP: #2009065) + - SAUCE: overlayfs: handle idmapped mounts in ovl_do_(set|remove)xattr + + * RaptorLake: Fix the Screen is shaking by onboard HDMI port in mirror mode + (LP: #1993561) + - drm/i915/display: Drop check for doublescan mode in modevalid + - drm/i915/display: Prune Interlace modes for Display >=12 + + * screen flicker after PSR2 enabled (LP: #2007516) + - SAUCE: drm/i915/display/psr: Disable PSR2 sel fetch on panel SHP 5457 + + * [23.04 FEAT] Support for new IBM Z Hardware (IBM z16) - Reset DAT-Protection + facility support (LP: #1982378) + - s390/mm: add support for RDP (Reset DAT-Protection) + + * [23.04 FEAT] zcrypt DD: AP command filtering (LP: #2003637) + - s390/zcrypt: introduce ctfm field in struct CPRBX + + * rtcpie in timers from ubuntu_kernel_selftests randomly failing + (LP: #1814234) + - SAUCE: selftest: rtcpie: Force passing unreliable subtest + + * [23.04 FEAT] Support for List-Directed IPL and re-IPL from ECKD DASD + (LP: #2003394) + - s390/ipl: add DEFINE_GENERIC_LOADPARM() + - s390/ipl: add loadparm parameter to eckd ipl/reipl data + + * Miscellaneous Ubuntu changes + - SAUCE: drm/i915/sseu: fix max_subslices array-index-out-of-bounds access + - SAUCE: mtd: spi-nor: Fix shift-out-of-bounds in spi_nor_set_erase_type + - SAUCE: Revert "fbdev: Make registered_fb[] private to fbmem.c" + - [Packaging] disable signing for ppc64el + - [Config] define CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS + - SAUCE: Revert "arm64/fpsimd: Make kernel_neon_ API _GPL" + + -- Andrea Righi Tue, 07 Mar 2023 18:45:31 +0100 + +linux (6.2.0-0.0) lunar; urgency=medium + + * Empty entry + + -- Andrea Righi Fri, 03 Mar 2023 08:42:43 +0100 + +linux-unstable (6.2.0-10.10) lunar; urgency=medium + + * lunar/linux-unstable: 6.2.0-10.10 -proposed tracker (LP: #2007818) + + * Built-in camera device dies after runtime suspended (LP: #2007530) + - SAUCE: usb: xhci: Workaround for runpm issue on AMD xHC + + * Miscellaneous Ubuntu changes + - [Config] update annotations after rebase to v6.2 + + [ Upstream Kernel Changes ] + + * Rebase to v6.2 + + -- Andrea Righi Mon, 20 Feb 2023 10:36:20 +0100 + +linux-unstable (6.2.0-9.9) lunar; urgency=medium + + * lunar/linux-unstable: 6.2.0-9.9 -proposed tracker (LP: #2007069) + + * Move kernel ADT tests to python3 (LP: #2004429) + - [Debian] Use a python3 compatable kernel-testing repo + + * Mediatek FM350-GL wwan module failed to init: Invalid device status 0x1 + (LP: #2002089) + - SAUCE: Revert "net: wwan: t7xx: Add AP CLDMA" + - SAUCE: net: wwan: t7xx: Add AP CLDMA + - SAUCE: net: wwan: t7xx: Infrastructure for early port configuration + - SAUCE: net: wwan: t7xx: PCIe reset rescan + - SAUCE: net: wwan: t7xx: Enable devlink based fw flashing and coredump + collection + - SAUCE: net: wwan: t7xx: Devlink documentation + + * LXD containers using shiftfs on ZFS or TMPFS broken on 5.15.0-48.54 + (LP: #1990849) + - SAUCE: shiftfs: fix -EOVERFLOW inside the container + + * Miscellaneous Ubuntu changes + - [Packaging] annotations: do not drop undefined configs in derivatives + - [Packaging]: annotations: fix _remove_entry() logic + - [Packaging] rsync no longer available on lunar + - [Packaging] annotations: Handle single-line annoation rules + - [Packaging] annotations: Preserve single-line annotation rules + - [Packaging] annotations: Fix linter errors + - [Packaging] annotations: Clean up policy writes + - [Packaging] annotations: Handle tabs in annotations file + - [Packaging] annotations: Fail on invalid lines + - [Packaging] annotations: Write out annotations with notes first + - [Packaging] annotations: Check validity of FLAVOUR_DEP + - [Config] update annotations to split configs with/without notes + - [Packaging] annotations: various code cleanups + - [Config] update annotations after rebase to v6.2-rc8 + + * Miscellaneous upstream changes + - selftests/net: mv bpf/nat6to4.c to net folder + + [ Upstream Kernel Changes ] + + * Rebase to v6.1-rc8 + + -- Andrea Righi Mon, 13 Feb 2023 09:32:18 +0100 + +linux-unstable (6.2.0-8.8) lunar; urgency=medium + + * lunar/linux-unstable: 6.2.0-8.8 -proposed tracker (LP: #2004229) + + * Miscellaneous Ubuntu changes + - [Packaging] re-enable signing for ppc64el and s390x + - SAUCE: s390/decompressor: specify __decompress() buf len to avoid overflow + + -- Andrea Righi Tue, 31 Jan 2023 08:21:21 +0100 + +linux-unstable (6.2.0-7.7) lunar; urgency=medium + + * lunar/linux-unstable: 6.2.0-7.7 -proposed tracker (LP: #2004142) + + -- Andrea Righi Mon, 30 Jan 2023 10:23:15 +0100 + +linux-unstable (6.2.0-6.6) lunar; urgency=medium + + * lunar/linux-unstable: 6.2.0-6.6 -proposed tracker (LP: #2004138) + + * Miscellaneous Ubuntu changes + - [Packaging] debian/rules: Bring back 'editconfigs' + - [Packaging] debian/rules: 1-maintainer.mk -- Use make's if-else + - [Packaging] annotations: make sure to always drop undefined configs + - [Config] update annotations after rebase to v6.2-rc6 + + [ Upstream Kernel Changes ] + + * Rebase to v6.1-rc6 + + -- Andrea Righi Mon, 30 Jan 2023 09:20:26 +0100 + +linux-unstable (6.2.0-5.5) lunar; urgency=medium + + * lunar/linux-unstable: 6.2.0-5.5 -proposed tracker (LP: #2003682) + + * [23.04] Kernel 6.2 does not boot on s390x (LP: #2003348) + - SAUCE Revert "zstd: import usptream v1.5.2" + - SAUCE: Revert "zstd: Move zstd-common module exports to + zstd_common_module.c" + + * Revoke & rotate to new signing key (LP: #2002812) + - [Packaging] Revoke and rotate to new signing key + + * CVE-2023-0179 + - netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits + + * [23.04] net/smc: Alibaba patches about tunable buffer sizes may cause errors + and need to be removed (kernel 6.2) (LP: #2003547) + - SAUCE: Revert "net/smc: Unbind r/w buffer size from clcsock and make them + tunable" + - SAUCE: Revert "net/smc: Introduce a specific sysctl for TEST_LINK time" + + * 5.15 stuck at boot on c4.large (LP: #1956780) + - SAUCE: Revert "PCI/MSI: Mask MSI-X vectors only on success" + + * Miscellaneous Ubuntu changes + - [Packaging] scripts/misc/kernelconfig: Disable config checks for mainline + builds + - [Packaging] annotations: add CONFIG_GCC_VERSION to the list of ignored + configs + + -- Andrea Righi Mon, 23 Jan 2023 08:20:26 +0100 + +linux-unstable (6.2.0-4.4) lunar; urgency=medium + + * lunar/linux-unstable: 6.2.0-4.4 -proposed tracker (LP: #2003051) + + * Miscellaneous Ubuntu changes + - [Packaging] add python3 as a build dependency + - [Packaging] scripts/misc/kernelconfig: Rewrite + + -- Andrea Righi Tue, 17 Jan 2023 09:18:54 +0100 + +linux-unstable (6.2.0-3.3) lunar; urgency=medium + + * lunar/linux-unstable: 6.2.0-3.3 -proposed tracker (LP: #2002939) + + * Enable kernel config for P2PDMA (LP: #1987394) + - [Config] Enable CONFIG_HSA_AMD_P2P + + * Miscellaneous Ubuntu changes + - SAUCE: (no-up) Remove obj- += foo.o hack + - SAUCE: (no-up) re-add ubuntu/ directory + - [Config] enable EFI handover protocol + - [Packaging] Fix module-check error when modules are compressed + - SAUCE: (no-up) do not remove debian directory by 'make mrproper' + - [Packaging] debian/rules: Drop AUTOBUILD + - [Packaging] debian/rules: Drop NOKERNLOG and PRINTSHAS env variables + - [Packaging] debian/rules: Replace skip variables with skip_checks + - [Packaging] checks/retpoline-check: Make 'skipretpoline' argument optional + - [Packaging] checks/module-signature-check: Add 'skip_checks' argument + - [Packaging] debian/rules: Rename 'skip_dbg' to 'do_dbgsym_package' + - [Packaging] debian/rules: Rename 'skip_checks' to 'do_skip_checks' + - [Packaging] debian/rules: Rename 'full_build' to 'do_full_build' + - [Packaging] debian/rules: Fix PPA debug package builds + - [Packaging] debian/rules: Remove debug package install directory earlier + - [Packaging] debian/rules: Remove unnecessary 'lockme_' variables + - [Packaging] debian/rules: Remove unused target 'diffupstream' + - [Packaging] debian/rules: Mark PHONY targets individually + - [Packaging] debian/rules: Clean up 'help' target output + - [Packaging] debian/rules: Clean up 'printenv' target output + - [Packaging] debian/rules: Add missing 'do_' variables to 'printenv' + - [Config] update annotations after rebase to v6.2-rc4 + + [ Upstream Kernel Changes ] + + * Rebase to v6.1-rc4 + + -- Andrea Righi Mon, 16 Jan 2023 16:01:40 +0100 + +linux-unstable (6.2.0-2.2) lunar; urgency=medium + + * lunar/linux-unstable: 6.2.0-2.2 -proposed tracker (LP: #2001892) + + * Soundwire support for the Intel RPL Gen 0C40/0C11 platforms (LP: #2000030) + - SAUCE: ASoC: Intel: soc-acpi: add configuration for variant of 0C40 product + - SAUCE: ASoC: Intel: soc-acpi: add configuration for variant of 0C11 product + + * Miscellaneous Ubuntu changes + - [Config] update toolchain version in annotations + + * Miscellaneous upstream changes + - Revert "UBUNTU: [Packaging] Support skipped dkms modules" + + [ Upstream Kernel Changes ] + + * Rebase to v6.1-rc2 + + -- Andrea Righi Thu, 05 Jan 2023 09:19:55 +0100 + +linux-unstable (6.2.0-1.1) lunar; urgency=medium + + * lunar/linux-unstable: 6.2.0-1.1 -proposed tracker (LP: #2000904) + + * Packaging resync (LP: #1786013) + - [Packaging] update variants + + * Miscellaneous Ubuntu changes + - [Packaging] annotations: remove configs that are undefined across all + arches/flavours + - SAUCE: Revert "apparmor: make __aa_path_perm() static" + - [Packaging] abi-check: ignore failures when abi check is skipped + - [Packaging] temporarily disable zfs dkms + - [Config] update annotations after rebase to 6.2-rc1 + + [ Upstream Kernel Changes ] + + * Rebase to v6.1-rc1 + + -- Andrea Righi Wed, 04 Jan 2023 12:08:32 +0100 + +linux-unstable (6.2.0-0.0) lunar; urgency=medium + + * Empty entry + + -- Andrea Righi Sun, 01 Jan 2023 10:16:00 +0100 + +linux (6.1.0-11.11) lunar; urgency=medium + + * lunar/linux: 6.1.0-11.11 -proposed tracker (LP: #2000704) + + * Packaging resync (LP: #1786013) + - [Packaging] update helper scripts + + * Lunar update: v6.1.1 upstream stable release (LP: #2000706) + - x86/vdso: Conditionally export __vdso_sgx_enter_enclave() + - libbpf: Fix uninitialized warning in btf_dump_dump_type_data + - PCI: mt7621: Add sentinel to quirks table + - mips: ralink: mt7621: define MT7621_SYSC_BASE with __iomem + - mips: ralink: mt7621: soc queries and tests as functions + - mips: ralink: mt7621: do not use kzalloc too early + - irqchip/ls-extirq: Fix endianness detection + - udf: Discard preallocation before extending file with a hole + - udf: Fix preallocation discarding at indirect extent boundary + - udf: Do not bother looking for prealloc extents if i_lenExtents matches + i_size + - udf: Fix extending file within last block + - usb: gadget: uvc: Prevent buffer overflow in setup handler + - USB: serial: option: add Quectel EM05-G modem + - USB: serial: cp210x: add Kamstrup RF sniffer PIDs + - USB: serial: f81232: fix division by zero on line-speed change + - USB: serial: f81534: fix division by zero on line-speed change + - xhci: Apply XHCI_RESET_TO_DEFAULT quirk to ADL-N + - staging: r8188eu: fix led register settings + - igb: Initialize mailbox message for VF reset + - usb: typec: ucsi: Resume in separate work + - usb: dwc3: pci: Update PCIe device ID for USB3 controller on CPU sub-system + for Raptor Lake + - cifs: fix oops during encryption + - KEYS: encrypted: fix key instantiation with user-provided data + - Linux 6.1.1 + + * Expose built-in trusted and revoked certificates (LP: #1996892) + - [Packaging] Expose built-in trusted and revoked certificates + + * Fix System cannot detect bluetooth after running suspend stress test + (LP: #1998727) + - wifi: rtw88: 8821c: enable BT device recovery mechanism + + * Gnome doesn't run smooth when performing normal usage with RPL-P CPU + (LP: #1998419) + - drm/i915/rpl-p: Add stepping info + + * Mute/mic LEDs no function on a HP platfrom (LP: #1998882) + - ALSA: hda/realtek: fix mute/micmute LEDs for a HP ProBook + + * Add additional Mediatek MT7922 BT device ID (LP: #1998885) + - Bluetooth: btusb: Add a new VID/PID 0489/e0f2 for MT7922 + + * Support Icicle Kit reference design v2022.10 (LP: #1993148) + - SAUCE: riscv: dts: microchip: Disable PCIe on the Icicle Kit + + * Add iommu passthrough quirk for Intel IPU6 on RaptorLake (LP: #1989041) + - SAUCE: iommu: intel-ipu: use IOMMU passthrough mode for Intel IPUs on Raptor + Lake + + * Enable Intel FM350 wwan CCCI driver port logging (LP: #1997686) + - net: wwan: t7xx: use union to group port type specific data + - net: wwan: t7xx: Add port for modem logging + + * TEE Support for CCP driver (LP: #1991608) + - crypto: ccp - Add support for TEE for PCI ID 0x14CA + + * Kinetic update: v5.19.17 upstream stable release (LP: #1994179) + - Revert "fs: check FMODE_LSEEK to control internal pipe splicing" + - kbuild: Add skip_encoding_btf_enum64 option to pahole + + * Kinetic update: v5.19.15 upstream stable release (LP: #1994078) + - Revert "clk: ti: Stop using legacy clkctrl names for omap4 and 5" + + * support independent clock and LED GPIOs for Intel IPU6 platforms + (LP: #1989046) + - SAUCE: platform/x86: int3472: support independent clock and LED GPIOs + + * Kernel livepatch support for for s390x (LP: #1639924) + - [Config] Enable EXPOLINE_EXTERN on s390x + + * Kinetic update: v5.19.7 upstream stable release (LP: #1988733) + - Revert "PCI/portdrv: Don't disable AER reporting in + get_port_device_capability()" + + * Kinetic update: v5.19.3 upstream stable release (LP: #1987345) + - Revert "mm: kfence: apply kmemleak_ignore_phys on early allocated pool" + + * Fix non-working e1000e device after resume (LP: #1951861) + - SAUCE: Revert "e1000e: Add polling mechanism to indicate CSME DPG exit" + + * Add additional Mediatek MT7921 WiFi/BT device IDs (LP: #1937004) + - SAUCE: Bluetooth: btusb: Add support for Foxconn Mediatek Chip + + * Fix system sleep on TGL systems with Intel ME (LP: #1919321) + - SAUCE: PCI: Serialize TGL e1000e PM ops + + * Fix broken e1000e device after S3 (LP: #1897755) + - SAUCE: e1000e: Increase polling timeout on MDIC ready bit + + * Fix unusable USB hub on Dell TB16 after S3 (LP: #1855312) + - SAUCE: USB: core: Make port power cycle a seperate helper function + - SAUCE: USB: core: Attempt power cycle port when it's in eSS.Disabled state + + * Set explicit CC in the headers package (LP: #1999750) + - [Packaging] Set explicit CC in the headers package + + * commit cf58599cded35cf4affed1e659c0e2c742d3fda7 seems to be missing in + kinetic master to remove "hio" reference from Makefile (LP: #1999556) + - SAUCE: remove leftover reference to ubuntu/hio driver + + * Miscellaneous Ubuntu changes + - [Packaging] kernelconfig: always complete all config checks + - [Packaging] annotations: unify same rule across all flavour within the same + arch + - [Config] annotations: compact annotations file + - [Config] disable EFI_ZBOOT + - SAUCE: input: i8042: fix section mismatch warning + - debian/dkms-versions -- re-enable zfs + - [Packaging] old-kernelconfig: update config-check path + - [Packaging] update getabis + - [Packaging] update Ubuntu.md + + * Miscellaneous upstream changes + - Revert "drm/i915/opregion: check port number bounds for SWSCI display power + state" + + -- Andrea Righi Fri, 30 Dec 2022 11:23:16 +0100 + +linux (6.1.0-10.10) lunar; urgency=medium + + * lunar/linux: 6.1.0-10.10 -proposed tracker (LP: #1999569) + + * Soundwire support for the Intel RPL Gen platforms (LP: #1997944) + - ASoC: Intel: sof_sdw: Add support for SKU 0C10 product + - ASoC: Intel: soc-acpi: add SKU 0C10 SoundWire configuration + - ASoC: Intel: sof_sdw: Add support for SKU 0C40 product + - ASoC: Intel: soc-acpi: add SKU 0C40 SoundWire configuration + - ASoC: Intel: sof_sdw: Add support for SKU 0C4F product + - ASoC: rt1318: Add RT1318 SDCA vendor-specific driver + - ASoC: intel: sof_sdw: add rt1318 codec support. + - ASoC: Intel: sof_sdw: Add support for SKU 0C11 product + - ASoC: Intel: soc-acpi: add SKU 0C11 SoundWire configuration + - SAUCE: ASoC: Intel: soc-acpi: update codec addr on 0C11/0C4F product + - [Config] enable CONFIG_SND_SOC_RT1318_SDW + + * Virtual GPU driver packaging regression (LP: #1996112) + - [Packaging] Reintroduce VM DRM drivers into modules + + -- Andrea Righi Tue, 13 Dec 2022 22:14:08 +0100 + +linux (6.1.0-9.9) lunar; urgency=medium + + * Empty entry (ABI bump) + + -- Andrea Righi Tue, 13 Dec 2022 21:31:08 +0100 + +linux (6.1.0-3.3) lunar; urgency=medium + + * lunar/linux: 6.1.0-3.3 -proposed tracker (LP: #1999534) + + * [DEP-8] Run ADT regression suite for lowlatency kernels Jammy and later + (LP: #1999528) + - [DEP-8] Fix regression suite to run on lowlatency + + * Miscellaneous Ubuntu changes + - [Packaging] annotations: do not add constraints on toolchain versions + + -- Andrea Righi Tue, 13 Dec 2022 16:45:59 +0100 + +linux (6.1.0-2.2) lunar; urgency=medium + + * lunar/linux: 6.1.0-2.2 -proposed tracker (LP: #1999411) + + * Miscellaneous Ubuntu changes + - [Packaging] annotations: do not enforce toolchain versions + + -- Andrea Righi Mon, 12 Dec 2022 17:05:59 +0100 + +linux (6.1.0-1.1) lunar; urgency=medium + + * lunar/linux: 6.1.0-1.1 -proposed tracker (LP: #1999373) + + * Packaging resync (LP: #1786013) + - [Packaging] update variants + + * Miscellaneous Ubuntu changes + - [Packaging] annotations: set and delete configs from command line + - [Packaging] migrateconfigs: ignore README.rst if it doesn't exist + - [Packaging] migrate-annotations: properly determine arches in derivatives + - [Packaging] annotations: allow to set note to config options directly + - [Packaging] annotations: assume --query as default command + - [Packaging] annotations: allow to query using CONFIG_