--- linux-6.8.0.orig/Documentation/ABI/testing/debugfs-driver-qat +++ linux-6.8.0/Documentation/ABI/testing/debugfs-driver-qat @@ -81,3 +81,29 @@ : Number of Compress and Verify (CnV) errors and type of the last CnV error detected by Acceleration Engine N. + +What: /sys/kernel/debug/qat__/heartbeat/inject_error +Date: March 2024 +KernelVersion: 6.8 +Contact: qat-linux@intel.com +Description: (WO) Write to inject an error that simulates an heartbeat + failure. This is to be used for testing purposes. + + After writing this file, the driver stops arbitration on a + random engine and disables the fetching of heartbeat counters. + If a workload is running on the device, a job submitted to the + accelerator might not get a response and a read of the + `heartbeat/status` attribute might report -1, i.e. device + unresponsive. + The error is unrecoverable thus the device must be restarted to + restore its functionality. + + This attribute is available only when the kernel is built with + CONFIG_CRYPTO_DEV_QAT_ERROR_INJECTION=y. + + A write of 1 enables error injection. + + The following example shows how to enable error injection:: + + # cd /sys/kernel/debug/qat__ + # echo 1 > heartbeat/inject_error --- linux-6.8.0.orig/Documentation/ABI/testing/ima_policy +++ linux-6.8.0/Documentation/ABI/testing/ima_policy @@ -26,7 +26,7 @@ [uid=] [euid=] [gid=] [egid=] [fowner=] [fgroup=]] lsm: [[subj_user=] [subj_role=] [subj_type=] - [obj_user=] [obj_role=] [obj_type=]] + [obj_user=] [obj_role=] [obj_type=] [lsm=]] option: [digest_type=] [template=] [permit_directio] [appraise_type=] [appraise_flag=] [appraise_algos=] [keyrings=] @@ -138,6 +138,12 @@ measure subj_user=_ func=FILE_CHECK mask=MAY_READ + It is possible to explicitly specify which security + module a rule applies to using lsm=. If the security + module specified is not active on the system the rule + will be rejected. If lsm= is not specified the first + security module registered on the system will be assumed. + Example of measure rules using alternate PCRs:: measure func=KEXEC_KERNEL_CHECK pcr=4 --- linux-6.8.0.orig/Documentation/ABI/testing/sysfs-devices-system-cpu +++ linux-6.8.0/Documentation/ABI/testing/sysfs-devices-system-cpu @@ -516,6 +516,7 @@ /sys/devices/system/cpu/vulnerabilities/mds /sys/devices/system/cpu/vulnerabilities/meltdown /sys/devices/system/cpu/vulnerabilities/mmio_stale_data + /sys/devices/system/cpu/vulnerabilities/reg_file_data_sampling /sys/devices/system/cpu/vulnerabilities/retbleed /sys/devices/system/cpu/vulnerabilities/spec_store_bypass /sys/devices/system/cpu/vulnerabilities/spectre_v1 --- linux-6.8.0.orig/Documentation/ABI/testing/sysfs-driver-qat +++ linux-6.8.0/Documentation/ABI/testing/sysfs-driver-qat @@ -141,3 +141,23 @@ 64 This attribute is only available for qat_4xxx devices. + +What: /sys/bus/pci/devices//qat/auto_reset +Date: March 2024 +KernelVersion: 6.8 +Contact: qat-linux@intel.com +Description: (RW) Reports the current state of the autoreset feature + for a QAT device + + Write to the attribute to enable or disable device auto reset. + + Device auto reset is disabled by default. + + The values are: + + * 1/Yy/on: auto reset enabled. If the device encounters an + unrecoverable error, it will be reset automatically. + * 0/Nn/off: auto reset disabled. If the device encounters an + unrecoverable error, it will not be reset. + + This attribute is only available for qat_4xxx devices. --- linux-6.8.0.orig/Documentation/Makefile +++ linux-6.8.0/Documentation/Makefile @@ -111,8 +111,10 @@ $(YNL_RST_DIR)/%.rst: $(YNL_YAML_DIR)/%.yaml $(YNL_TOOL) $(Q)$(YNL_TOOL) -i $< -o $@ -htmldocs: $(YNL_INDEX) - @$(srctree)/scripts/sphinx-pre-install --version-check +htmldocs texinfodocs latexdocs epubdocs xmldocs: $(YNL_INDEX) + +htmldocs: + @$(srctree)/scripts/sphinx-pre-install --version-check --no-virtualenv @+$(foreach var,$(SPHINXDIRS),$(call loop_cmd,sphinx,html,$(var),,$(var))) # If Rust support is available and .config exists, add rustdoc generated contents. --- linux-6.8.0.orig/Documentation/admin-guide/hw-vuln/index.rst +++ linux-6.8.0/Documentation/admin-guide/hw-vuln/index.rst @@ -21,3 +21,4 @@ cross-thread-rsb srso gather_data_sampling + reg-file-data-sampling --- linux-6.8.0.orig/Documentation/admin-guide/hw-vuln/reg-file-data-sampling.rst +++ linux-6.8.0/Documentation/admin-guide/hw-vuln/reg-file-data-sampling.rst @@ -0,0 +1,104 @@ +================================== +Register File Data Sampling (RFDS) +================================== + +Register File Data Sampling (RFDS) is a microarchitectural vulnerability that +only affects Intel Atom parts(also branded as E-cores). RFDS may allow +a malicious actor to infer data values previously used in floating point +registers, vector registers, or integer registers. RFDS does not provide the +ability to choose which data is inferred. CVE-2023-28746 is assigned to RFDS. + +Affected Processors +=================== +Below is the list of affected Intel processors [#f1]_: + + =================== ============ + Common name Family_Model + =================== ============ + ATOM_GOLDMONT 06_5CH + ATOM_GOLDMONT_D 06_5FH + ATOM_GOLDMONT_PLUS 06_7AH + ATOM_TREMONT_D 06_86H + ATOM_TREMONT 06_96H + ALDERLAKE 06_97H + ALDERLAKE_L 06_9AH + ATOM_TREMONT_L 06_9CH + RAPTORLAKE 06_B7H + RAPTORLAKE_P 06_BAH + ATOM_GRACEMONT 06_BEH + RAPTORLAKE_S 06_BFH + =================== ============ + +As an exception to this table, Intel Xeon E family parts ALDERLAKE(06_97H) and +RAPTORLAKE(06_B7H) codenamed Catlow are not affected. They are reported as +vulnerable in Linux because they share the same family/model with an affected +part. Unlike their affected counterparts, they do not enumerate RFDS_CLEAR or +CPUID.HYBRID. This information could be used to distinguish between the +affected and unaffected parts, but it is deemed not worth adding complexity as +the reporting is fixed automatically when these parts enumerate RFDS_NO. + +Mitigation +========== +Intel released a microcode update that enables software to clear sensitive +information using the VERW instruction. Like MDS, RFDS deploys the same +mitigation strategy to force the CPU to clear the affected buffers before an +attacker can extract the secrets. This is achieved by using the otherwise +unused and obsolete VERW instruction in combination with a microcode update. +The microcode clears the affected CPU buffers when the VERW instruction is +executed. + +Mitigation points +----------------- +VERW is executed by the kernel before returning to user space, and by KVM +before VMentry. None of the affected cores support SMT, so VERW is not required +at C-state transitions. + +New bits in IA32_ARCH_CAPABILITIES +---------------------------------- +Newer processors and microcode update on existing affected processors added new +bits to IA32_ARCH_CAPABILITIES MSR. These bits can be used to enumerate +vulnerability and mitigation capability: + +- Bit 27 - RFDS_NO - When set, processor is not affected by RFDS. +- Bit 28 - RFDS_CLEAR - When set, processor is affected by RFDS, and has the + microcode that clears the affected buffers on VERW execution. + +Mitigation control on the kernel command line +--------------------------------------------- +The kernel command line allows to control RFDS mitigation at boot time with the +parameter "reg_file_data_sampling=". The valid arguments are: + + ========== ================================================================= + on If the CPU is vulnerable, enable mitigation; CPU buffer clearing + on exit to userspace and before entering a VM. + off Disables mitigation. + ========== ================================================================= + +Mitigation default is selected by CONFIG_MITIGATION_RFDS. + +Mitigation status information +----------------------------- +The Linux kernel provides a sysfs interface to enumerate the current +vulnerability status of the system: whether the system is vulnerable, and +which mitigations are active. The relevant sysfs file is: + + /sys/devices/system/cpu/vulnerabilities/reg_file_data_sampling + +The possible values in this file are: + + .. list-table:: + + * - 'Not affected' + - The processor is not vulnerable + * - 'Vulnerable' + - The processor is vulnerable, but no mitigation enabled + * - 'Vulnerable: No microcode' + - The processor is vulnerable but microcode is not updated. + * - 'Mitigation: Clear Register File' + - The processor is vulnerable and the CPU buffer clearing mitigation is + enabled. + +References +---------- +.. [#f1] Affected Processors + https://www.intel.com/content/www/us/en/developer/topic-technology/software-security-guidance/processors-affected-consolidated-product-cpu-model.html --- linux-6.8.0.orig/Documentation/admin-guide/hw-vuln/spectre.rst +++ linux-6.8.0/Documentation/admin-guide/hw-vuln/spectre.rst @@ -138,11 +138,10 @@ the BHB might be shared across privilege levels even in the presence of Enhanced IBRS. -Currently the only known real-world BHB attack vector is via -unprivileged eBPF. Therefore, it's highly recommended to not enable -unprivileged eBPF, especially when eIBRS is used (without retpolines). -For a full mitigation against BHB attacks, it's recommended to use -retpolines (or eIBRS combined with retpolines). +Previously the only known real-world BHB attack vector was via unprivileged +eBPF. Further research has found attacks that don't require unprivileged eBPF. +For a full mitigation against BHB attacks it is recommended to set BHI_DIS_S or +use the BHB clearing sequence. Attack scenarios ---------------- @@ -430,6 +429,23 @@ 'PBRSB-eIBRS: Not affected' CPU is not affected by PBRSB =========================== ======================================================= + - Branch History Injection (BHI) protection status: + +.. list-table:: + + * - BHI: Not affected + - System is not affected + * - BHI: Retpoline + - System is protected by retpoline + * - BHI: BHI_DIS_S + - System is protected by BHI_DIS_S + * - BHI: SW loop; KVM SW loop + - System is protected by software clearing sequence + * - BHI: Syscall hardening + - Syscalls are hardened against BHI + * - BHI: Syscall hardening; KVM: SW loop + - System is protected from userspace attacks by syscall hardening; KVM is protected by software clearing sequence + Full mitigation might require a microcode update from the CPU vendor. When the necessary microcode is not available, the kernel will report vulnerability. @@ -484,7 +500,11 @@ Systems which support enhanced IBRS (eIBRS) enable IBRS protection once at boot, by setting the IBRS bit, and they're automatically protected against - Spectre v2 variant attacks. + some Spectre v2 variant attacks. The BHB can still influence the choice of + indirect branch predictor entry, and although branch predictor entries are + isolated between modes when eIBRS is enabled, the BHB itself is not isolated + between modes. Systems which support BHI_DIS_S will set it to protect against + BHI attacks. On Intel's enhanced IBRS systems, this includes cross-thread branch target injections on SMT systems (STIBP). In other words, Intel eIBRS enables @@ -638,6 +658,22 @@ spectre_v2=off. Spectre variant 1 mitigations cannot be disabled. + spectre_bhi= + + [X86] Control mitigation of Branch History Injection + (BHI) vulnerability. Syscalls are hardened against BHI + regardless of this setting. This setting affects the deployment + of the HW BHI control and the SW BHB clearing sequence. + + on + unconditionally enable. + off + unconditionally disable. + auto + enable if hardware mitigation + control(BHI_DIS_S) is available, otherwise + enable alternate mitigation in KVM. + For spectre_v2_user see Documentation/admin-guide/kernel-parameters.txt Mitigation selection guide --- linux-6.8.0.orig/Documentation/admin-guide/kernel-parameters.txt +++ linux-6.8.0/Documentation/admin-guide/kernel-parameters.txt @@ -848,6 +848,10 @@ Format: ,,,[,] + cpufreq_driver= [X86] Allow only the named cpu frequency scaling driver + to register. Example: cpufreq_driver=powernow-k8 + Format: { none | STRING } + cpuidle.off=1 [CPU_IDLE] disable the cpuidle sub-system @@ -1150,6 +1154,26 @@ The filter can be disabled or changed to another driver later using sysfs. + reg_file_data_sampling= + [X86] Controls mitigation for Register File Data + Sampling (RFDS) vulnerability. RFDS is a CPU + vulnerability which may allow userspace to infer + kernel data values previously stored in floating point + registers, vector registers, or integer registers. + RFDS only affects Intel Atom processors. + + on: Turns ON the mitigation. + off: Turns OFF the mitigation. + + This parameter overrides the compile time default set + by CONFIG_MITIGATION_RFDS. Mitigation cannot be + disabled when other VERW based mitigations (like MDS) + are enabled. In order to disable RFDS mitigation all + VERW based mitigations need to be disabled. + + For details see: + Documentation/admin-guide/hw-vuln/reg-file-data-sampling.rst + driver_async_probe= [KNL] List of driver names to be probed asynchronously. * matches with all driver names. If * is specified, the @@ -3320,9 +3344,7 @@ mem_encrypt= [X86-64] AMD Secure Memory Encryption (SME) control Valid arguments: on, off - Default (depends on kernel configuration option): - on (CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT=y) - off (CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT=n) + Default: off mem_encrypt=on: Activate SME mem_encrypt=off: Do not activate SME @@ -3398,6 +3420,7 @@ nospectre_bhb [ARM64] nospectre_v1 [X86,PPC] nospectre_v2 [X86,PPC,S390,ARM64] + reg_file_data_sampling=off [X86] retbleed=off [X86] spec_store_bypass_disable=off [X86,PPC] spectre_v2_user=off [X86] @@ -4370,6 +4393,12 @@ nomsi [MSI] If the PCI_MSI kernel config parameter is enabled, this kernel boot option can be used to disable the use of MSI interrupts system-wide. + clearmsi [X86] Clears MSI/MSI-X enable bits early in boot + time in order to avoid issues like adapters + screaming irqs and preventing boot progress. + Also, it enforces the PCI Local Bus spec + rule that those bits should be 0 in system reset + events (useful for kexec/kdump cases). noioapicquirk [APIC] Disable all boot interrupt quirks. Safety option to keep boot IRQs enabled. This should never be necessary. @@ -5034,6 +5063,11 @@ this kernel boot parameter, forcibly setting it to zero. + rcutree.enable_rcu_lazy= [KNL] + To save power, batch RCU callbacks and flush after + delay, memory pressure or callback list growing too + big. + rcuscale.gp_async= [KNL] Measure performance of asynchronous grace-period primitives such as call_rcu(). @@ -6012,6 +6046,18 @@ sonypi.*= [HW] Sony Programmable I/O Control Device driver See Documentation/admin-guide/laptops/sonypi.rst + spectre_bhi= [X86] Control mitigation of Branch History Injection + (BHI) vulnerability. Syscalls are hardened against BHI + reglardless of this setting. This setting affects the + deployment of the HW BHI control and the SW BHB + clearing sequence. + + on - unconditionally enable. + off - unconditionally disable. + auto - (default) enable hardware mitigation + (BHI_DIS_S) if available, otherwise enable + alternate mitigation in KVM. + spectre_v2= [X86] Control mitigation of Spectre variant 2 (indirect branch speculation) vulnerability. The default operation protects the kernel from --- linux-6.8.0.orig/Documentation/arch/x86/amd-memory-encryption.rst +++ linux-6.8.0/Documentation/arch/x86/amd-memory-encryption.rst @@ -87,14 +87,14 @@ kernel is non-zero). SME can also be enabled and activated in the BIOS. If SME is enabled and -activated in the BIOS, then all memory accesses will be encrypted and it will -not be necessary to activate the Linux memory encryption support. If the BIOS -merely enables SME (sets bit 23 of the MSR_AMD64_SYSCFG), then Linux can activate -memory encryption by default (CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT=y) or -by supplying mem_encrypt=on on the kernel command line. However, if BIOS does -not enable SME, then Linux will not be able to activate memory encryption, even -if configured to do so by default or the mem_encrypt=on command line parameter -is specified. +activated in the BIOS, then all memory accesses will be encrypted and it +will not be necessary to activate the Linux memory encryption support. + +If the BIOS merely enables SME (sets bit 23 of the MSR_AMD64_SYSCFG), +then memory encryption can be enabled by supplying mem_encrypt=on on the +kernel command line. However, if BIOS does not enable SME, then Linux +will not be able to activate memory encryption, even if configured to do +so by default or the mem_encrypt=on command line parameter is specified. Secure Nested Paging (SNP) ========================== --- linux-6.8.0.orig/Documentation/cgroups/namespace.txt +++ linux-6.8.0/Documentation/cgroups/namespace.txt @@ -0,0 +1,142 @@ + CGroup Namespaces + +CGroup Namespace provides a mechanism to virtualize the view of the +/proc//cgroup file. The CLONE_NEWCGROUP clone-flag can be used with +clone() and unshare() syscalls to create a new cgroup namespace. +The process running inside the cgroup namespace will have its /proc//cgroup +output restricted to cgroupns-root. cgroupns-root is the cgroup of the process +at the time of creation of the cgroup namespace. + +Prior to CGroup Namespace, the /proc//cgroup file used to show complete +path of the cgroup of a process. In a container setup (where a set of cgroups +and namespaces are intended to isolate processes), the /proc//cgroup file +may leak potential system level information to the isolated processes. + +For Example: + $ cat /proc/self/cgroup + 0:cpuset,cpu,cpuacct,memory,devices,freezer,hugetlb:/batchjobs/container_id1 + +The path '/batchjobs/container_id1' can generally be considered as system-data +and its desirable to not expose it to the isolated process. + +CGroup Namespaces can be used to restrict visibility of this path. +For Example: + # Before creating cgroup namespace + $ ls -l /proc/self/ns/cgroup + lrwxrwxrwx 1 root root 0 2014-07-15 10:37 /proc/self/ns/cgroup -> cgroup:[4026531835] + $ cat /proc/self/cgroup + 0:cpuset,cpu,cpuacct,memory,devices,freezer,hugetlb:/batchjobs/container_id1 + + # unshare(CLONE_NEWCGROUP) and exec /bin/bash + $ ~/unshare -c + [ns]$ ls -l /proc/self/ns/cgroup + lrwxrwxrwx 1 root root 0 2014-07-15 10:35 /proc/self/ns/cgroup -> cgroup:[4026532183] + # From within new cgroupns, process sees that its in the root cgroup + [ns]$ cat /proc/self/cgroup + 0:cpuset,cpu,cpuacct,memory,devices,freezer,hugetlb:/ + + # From global cgroupns: + $ cat /proc//cgroup + 0:cpuset,cpu,cpuacct,memory,devices,freezer,hugetlb:/batchjobs/container_id1 + + # Unshare cgroupns along with userns and mountns + # Following calls unshare(CLONE_NEWCGROUP|CLONE_NEWUSER|CLONE_NEWNS), then + # sets up uid/gid map and execs /bin/bash + $ ~/unshare -c -u -m + # Originally, we were in /batchjobs/container_id1 cgroup. Mount our own cgroup + # hierarchy. + [ns]$ mount -t cgroup cgroup /tmp/cgroup + [ns]$ ls -l /tmp/cgroup + total 0 + -r--r--r-- 1 root root 0 2014-10-13 09:32 cgroup.controllers + -r--r--r-- 1 root root 0 2014-10-13 09:32 cgroup.populated + -rw-r--r-- 1 root root 0 2014-10-13 09:25 cgroup.procs + -rw-r--r-- 1 root root 0 2014-10-13 09:32 cgroup.subtree_control + +The cgroupns-root (/batchjobs/container_id1 in above example) becomes the +filesystem root for the namespace specific cgroupfs mount. + +The virtualization of /proc/self/cgroup file combined with restricting +the view of cgroup hierarchy by namespace-private cgroupfs mount +should provide a completely isolated cgroup view inside the container. + +In its current form, the cgroup namespaces patcheset provides following +behavior: + +(1) The 'cgroupns-root' for a cgroup namespace is the cgroup in which + the process calling unshare is running. + For ex. if a process in /batchjobs/container_id1 cgroup calls unshare, + cgroup /batchjobs/container_id1 becomes the cgroupns-root. + For the init_cgroup_ns, this is the real root ('/') cgroup + (identified in code as cgrp_dfl_root.cgrp). + +(2) The cgroupns-root cgroup does not change even if the namespace + creator process later moves to a different cgroup. + $ ~/unshare -c # unshare cgroupns in some cgroup + [ns]$ cat /proc/self/cgroup + 0:cpuset,cpu,cpuacct,memory,devices,freezer,hugetlb:/ + [ns]$ mkdir sub_cgrp_1 + [ns]$ echo 0 > sub_cgrp_1/cgroup.procs + [ns]$ cat /proc/self/cgroup + 0:cpuset,cpu,cpuacct,memory,devices,freezer,hugetlb:/sub_cgrp_1 + +(3) Each process gets its CGROUPNS specific view of /proc//cgroup +(a) Processes running inside the cgroup namespace will be able to see + cgroup paths (in /proc/self/cgroup) only inside their root cgroup + [ns]$ sleep 100000 & # From within unshared cgroupns + [1] 7353 + [ns]$ echo 7353 > sub_cgrp_1/cgroup.procs + [ns]$ cat /proc/7353/cgroup + 0:cpuset,cpu,cpuacct,memory,devices,freezer,hugetlb:/sub_cgrp_1 + +(b) From global cgroupns, the real cgroup path will be visible: + $ cat /proc/7353/cgroup + 0:cpuset,cpu,cpuacct,memory,devices,freezer,hugetlb:/batchjobs/container_id1/sub_cgrp_1 + +(c) From a sibling cgroupns (cgroupns root-ed at a different cgroup), cgroup + path relative to its own cgroupns-root will be shown: + # ns2's cgroupns-root is at '/batchjobs/container_id2' + [ns2]$ cat /proc/7353/cgroup + 0:cpuset,cpu,cpuacct,memory,devices,freezer,hugetlb:/../container_id2/sub_cgrp_1 + + Note that the relative path always starts with '/' to indicate that its + relative to the cgroupns-root of the caller. + +(4) Processes inside a cgroupns can move in-and-out of the cgroupns-root + (if they have proper access to external cgroups). + # From inside cgroupns (with cgroupns-root at /batchjobs/container_id1), and + # assuming that the global hierarchy is still accessible inside cgroupns: + $ cat /proc/7353/cgroup + 0:cpuset,cpu,cpuacct,memory,devices,freezer,hugetlb:/sub_cgrp_1 + $ echo 7353 > batchjobs/container_id2/cgroup.procs + $ cat /proc/7353/cgroup + 0:cpuset,cpu,cpuacct,memory,devices,freezer,hugetlb:/../container_id2 + + Note that this kind of setup is not encouraged. A task inside cgroupns + should only be exposed to its own cgroupns hierarchy. Otherwise it makes + the virtualization of /proc//cgroup less useful. + +(5) Setns to another cgroup namespace is allowed when: + (a) the process has CAP_SYS_ADMIN in its current userns + (b) the process has CAP_SYS_ADMIN in the target cgroupns' userns + No implicit cgroup changes happen with attaching to another cgroupns. It + is expected that the somone moves the attaching process under the target + cgroupns-root. + +(6) When some thread from a multi-threaded process unshares its + cgroup-namespace, the new cgroupns gets applied to the entire process (all + the threads). For the unified-hierarchy this is expected as it only allows + process-level containerization. For the legacy hierarchies this may be + unexpected. So all the threads in the process will have the same cgroup. + +(7) The cgroup namespace is alive as long as there is atleast 1 + process inside it. When the last process exits, the cgroup + namespace is destroyed. The cgroupns-root and the actual cgroups + remain though. + +(8) Namespace specific cgroup hierarchy can be mounted by a process running + inside cgroupns: + $ mount -t cgroup -o __DEVEL__sane_behavior cgroup $MOUNT_POINT + + This will mount the unified cgroup hierarchy with cgroupns-root as the + filesystem root. The process needs CAP_SYS_ADMIN in its userns and mntns. --- linux-6.8.0.orig/Documentation/conf.py +++ linux-6.8.0/Documentation/conf.py @@ -346,9 +346,9 @@ html_static_path = ['sphinx-static'] # If true, Docutils "smart quotes" will be used to convert quotes and dashes -# to typographically correct entities. This will convert "--" to "—", -# which is not always what we want, so disable it. -smartquotes = False +# to typographically correct entities. However, conversion of "--" to "—" +# is not always what we want, so enable only quotes. +smartquotes_action = 'q' # Custom sidebar templates, maps document names to template names. # Note that the RTD theme ignores this --- linux-6.8.0.orig/Documentation/devicetree/bindings/display/msm/qcom,mdss.yaml +++ linux-6.8.0/Documentation/devicetree/bindings/display/msm/qcom,mdss.yaml @@ -127,6 +127,7 @@ - qcom,dsi-phy-20nm - qcom,dsi-phy-28nm-8226 - qcom,dsi-phy-28nm-hpm + - qcom,dsi-phy-28nm-hpm-fam-b - qcom,dsi-phy-28nm-lp - qcom,hdmi-phy-8084 - qcom,hdmi-phy-8660 --- linux-6.8.0.orig/Documentation/devicetree/bindings/iommu/arm,smmu.yaml +++ linux-6.8.0/Documentation/devicetree/bindings/iommu/arm,smmu.yaml @@ -484,7 +484,12 @@ - if: properties: compatible: - const: qcom,sm8450-smmu-500 + items: + - const: qcom,sm8450-smmu-500 + - const: qcom,adreno-smmu + - const: qcom,smmu-500 + - const: arm,mmu-500 + then: properties: clock-names: @@ -508,7 +513,11 @@ - if: properties: compatible: - const: qcom,sm8550-smmu-500 + items: + - const: qcom,sm8550-smmu-500 + - const: qcom,adreno-smmu + - const: qcom,smmu-500 + - const: arm,mmu-500 then: properties: clock-names: --- linux-6.8.0.orig/Documentation/devicetree/bindings/media/i2c/techwell,tw9900.yaml +++ linux-6.8.0/Documentation/devicetree/bindings/media/i2c/techwell,tw9900.yaml @@ -36,7 +36,7 @@ properties: port@0: - $ref: /schemas/graph.yaml#/$defs/port-base + $ref: /schemas/graph.yaml#/properties/port description: Analog input port properties: --- linux-6.8.0.orig/Documentation/driver-api/soundwire/stream.rst +++ linux-6.8.0/Documentation/driver-api/soundwire/stream.rst @@ -324,12 +324,12 @@ int sdw_stream_add_master(struct sdw_bus * bus, struct sdw_stream_config * stream_config, - struct sdw_ports_config * ports_config, + const struct sdw_ports_config * ports_config, struct sdw_stream_runtime * stream); int sdw_stream_add_slave(struct sdw_slave * slave, struct sdw_stream_config * stream_config, - struct sdw_ports_config * ports_config, + const struct sdw_ports_config * ports_config, struct sdw_stream_runtime * stream); --- linux-6.8.0.orig/Documentation/netlink/specs/devlink.yaml +++ linux-6.8.0/Documentation/netlink/specs/devlink.yaml @@ -290,7 +290,7 @@ enum: eswitch-mode - name: eswitch-inline-mode - type: u16 + type: u8 enum: eswitch-inline-mode - name: dpipe-tables --- linux-6.8.0.orig/Documentation/netlink/specs/dpll.yaml +++ linux-6.8.0/Documentation/netlink/specs/dpll.yaml @@ -274,6 +274,7 @@ - name: capabilities type: u32 + enum: pin-capabilities - name: parent-device type: nest --- linux-6.8.0.orig/Documentation/networking/net_cachelines/net_device.rst +++ linux-6.8.0/Documentation/networking/net_cachelines/net_device.rst @@ -13,7 +13,7 @@ unsigned_long mem_end unsigned_long mem_start unsigned_long base_addr -unsigned_long state +unsigned_long state read_mostly read_mostly netif_running(dev) struct_list_head dev_list struct_list_head napi_list struct_list_head unreg_list --- linux-6.8.0.orig/Documentation/process/changes.rst +++ linux-6.8.0/Documentation/process/changes.rst @@ -31,7 +31,7 @@ ====================== =============== ======================================== GNU C 5.1 gcc --version Clang/LLVM (optional) 11.0.0 clang --version -Rust (optional) 1.74.1 rustc --version +Rust (optional) 1.75.0 rustc --version bindgen (optional) 0.65.1 bindgen --version GNU make 3.82 make --version bash 4.2 bash --version --- linux-6.8.0.orig/Documentation/sphinx/cdomain.py +++ linux-6.8.0/Documentation/sphinx/cdomain.py @@ -37,12 +37,29 @@ import sphinx from sphinx import addnodes -from sphinx.domains.c import c_funcptr_sig_re, c_sig_re from sphinx.domains.c import CObject as Base_CObject from sphinx.domains.c import CDomain as Base_CDomain from itertools import chain import re +# fixes https://github.com/sphinx-doc/sphinx/commit/0f49e30c51b5cc5055cda5b4b294c2dd9d1df573#r38750737 + +# pylint: disable=invalid-name +c_sig_re = re.compile( + r'''^([^(]*?) # return type + ([\w:.]+) \s* # thing name (colon allowed for C++) + (?: \((.*)\) )? # optionally arguments + (\s+const)? $ # const specifier + ''', re.VERBOSE) + +c_funcptr_sig_re = re.compile( + r'''^([^(]+?) # return type + (\( [^()]+ \)) \s* # name in parentheses + \( (.*) \) # arguments + (\s+const)? $ # const specifier + ''', re.VERBOSE) +# pylint: enable=invalid-name + __version__ = '1.1' # Get Sphinx version --- linux-6.8.0.orig/Documentation/userspace-api/media/mediactl/media-types.rst +++ linux-6.8.0/Documentation/userspace-api/media/mediactl/media-types.rst @@ -375,12 +375,11 @@ are origins of links. * - ``MEDIA_PAD_FL_MUST_CONNECT`` - - If this flag is set and the pad is linked to any other pad, then - at least one of those links must be enabled for the entity to be - able to stream. There could be temporary reasons (e.g. device - configuration dependent) for the pad to need enabled links even - when this flag isn't set; the absence of the flag doesn't imply - there is none. + - If this flag is set, then for this pad to be able to stream, it must + be connected by at least one enabled link. There could be temporary + reasons (e.g. device configuration dependent) for the pad to need + enabled links even when this flag isn't set; the absence of the flag + doesn't imply there is none. One and only one of ``MEDIA_PAD_FL_SINK`` and ``MEDIA_PAD_FL_SOURCE`` --- linux-6.8.0.orig/Kbuild +++ linux-6.8.0/Kbuild @@ -97,3 +97,4 @@ obj-$(CONFIG_NET) += net/ obj-y += virt/ obj-y += $(ARCH_DRIVERS) +obj-y += ubuntu/ --- linux-6.8.0.orig/Kconfig +++ linux-6.8.0/Kconfig @@ -19,6 +19,8 @@ source "drivers/Kconfig" +source "ubuntu/Kconfig" + source "fs/Kconfig" source "security/Kconfig" --- linux-6.8.0.orig/MAINTAINERS +++ linux-6.8.0/MAINTAINERS @@ -190,6 +190,18 @@ F: Documentation/devicetree/bindings/power/supply/*ab8500* F: drivers/power/supply/*ab8500* +AAEON DEVICE DRIVER WITH WMI INTERFACE +M: Edward Lin +M: Kunyang Fan +M: Frank Hsieh +M: Jacob Wu +S: Supported +F: drivers/gpio/gpio-aaeon.c +F: drivers/hwmon/hwmon-aaeon.c +F: drivers/leds/leds-aaeon.c +F: drivers/mfd/mfd-aaeon.c +F: drivers/watchdog/wdt_aaeon.c + ABI/API L: linux-api@vger.kernel.org F: include/linux/syscalls.h --- linux-6.8.0.orig/Makefile +++ linux-6.8.0/Makefile @@ -1,7 +1,7 @@ # SPDX-License-Identifier: GPL-2.0 VERSION = 6 PATCHLEVEL = 8 -SUBLEVEL = 0 +SUBLEVEL = 4 EXTRAVERSION = NAME = Hurr durr I'ma ninja sloth @@ -549,6 +549,9 @@ -I$(objtree)/include \ $(USERINCLUDE) +# UBUNTU: Include our third party driver stuff too +LINUXINCLUDE += -I$(srctree)/ubuntu/include + KBUILD_AFLAGS := -D__ASSEMBLY__ -fno-PIE KBUILD_CFLAGS := @@ -1278,8 +1281,9 @@ quiet_cmd_headers_install = INSTALL $(INSTALL_HDR_PATH)/include cmd_headers_install = \ mkdir -p $(INSTALL_HDR_PATH); \ - rsync -mrl --include='*/' --include='*\.h' --exclude='*' \ - usr/include $(INSTALL_HDR_PATH) + find usr/include -type f -name '*.h' -print0 | \ + tar -czf - --null --no-recursion --no-wildcards-match-slash -T- | \ + tar -xzf - --strip-components=1 -C $(INSTALL_HDR_PATH) PHONY += headers_install headers_install: headers @@ -1294,6 +1298,7 @@ $(if $(filter um, $(SRCARCH)), $(error Headers not exportable for UML)) $(Q)$(MAKE) $(hdr-inst)=include/uapi $(Q)$(MAKE) $(hdr-inst)=arch/$(SRCARCH)/include/uapi + $(Q)$(MAKE) $(hdr-inst)=ubuntu/include dst=include oldheaders= ifdef CONFIG_HEADERS_INSTALL prepare: headers @@ -1485,7 +1490,7 @@ # Directories & files removed with 'make mrproper' MRPROPER_FILES += include/config include/generated \ arch/$(SRCARCH)/include/generated .objdiff \ - debian snap tar-install \ + snap tar-install \ .config .config.old .version \ Module.symvers \ certs/signing_key.pem \ --- linux-6.8.0.orig/Ubuntu.md +++ linux-6.8.0/Ubuntu.md @@ -0,0 +1,8 @@ +Name: linux +Version: 6.1.0 +Series: 23.04 (lunar) +Description: + This is the source code for the Ubuntu linux kernel for the 23.04 series. This + source tree is used to produce the flavours: generic, generic-64k, generic-lpae. + This kernel is configured to support the widest range of desktop, laptop and + server configurations. --- linux-6.8.0.orig/arch/arm/Kconfig +++ linux-6.8.0/arch/arm/Kconfig @@ -503,8 +503,8 @@ config IWMMXT bool "Enable iWMMXt support" - depends on CPU_XSCALE || CPU_XSC3 || CPU_MOHAWK || CPU_PJ4 || CPU_PJ4B - default y if PXA27x || PXA3xx || ARCH_MMP || CPU_PJ4 || CPU_PJ4B + depends on CPU_XSCALE || CPU_XSC3 || CPU_MOHAWK + default y if PXA27x || PXA3xx || ARCH_MMP help Enable support for iWMMXt context switching at run time if running on a CPU that supports it. --- linux-6.8.0.orig/arch/arm/Makefile +++ linux-6.8.0/arch/arm/Makefile @@ -59,6 +59,9 @@ # KBUILD_CFLAGS += $(call cc-option,-fno-ipa-sra) +# Need -msoft-float for gcc 11 for the below instruction set selection +KBUILD_CFLAGS += -msoft-float + # This selects which instruction set is used. arch-$(CONFIG_CPU_32v7M) :=-march=armv7-m arch-$(CONFIG_CPU_32v7) :=-march=armv7-a @@ -141,7 +144,7 @@ # Need -Uarm for gcc < 3.x KBUILD_CPPFLAGS +=$(cpp-y) -KBUILD_CFLAGS +=$(CFLAGS_ABI) $(CFLAGS_ISA) $(arch-y) $(tune-y) $(call cc-option,-mshort-load-bytes,$(call cc-option,-malignment-traps,)) -msoft-float -Uarm +KBUILD_CFLAGS +=$(CFLAGS_ABI) $(CFLAGS_ISA) $(arch-y) $(tune-y) $(call cc-option,-mshort-load-bytes,$(call cc-option,-malignment-traps,)) -Uarm KBUILD_AFLAGS +=$(CFLAGS_ABI) $(AFLAGS_ISA) -Wa,$(arch-y) $(tune-y) -include asm/unified.h -msoft-float CHECKFLAGS += -D__arm__ --- linux-6.8.0.orig/arch/arm/boot/dts/arm/arm-realview-pb1176.dts +++ linux-6.8.0/arch/arm/boot/dts/arm/arm-realview-pb1176.dts @@ -451,7 +451,7 @@ /* Direct-mapped development chip ROM */ pb1176_rom@10200000 { - compatible = "direct-mapped"; + compatible = "mtd-rom"; reg = <0x10200000 0x4000>; bank-width = <1>; }; --- linux-6.8.0.orig/arch/arm/boot/dts/marvell/mmp2-brownstone.dts +++ linux-6.8.0/arch/arm/boot/dts/marvell/mmp2-brownstone.dts @@ -28,7 +28,7 @@ &twsi1 { status = "okay"; pmic: max8925@3c { - compatible = "maxium,max8925"; + compatible = "maxim,max8925"; reg = <0x3c>; interrupts = <1>; interrupt-parent = <&intcmux4>; --- linux-6.8.0.orig/arch/arm/boot/dts/nxp/imx/imx6dl-yapp4-common.dtsi +++ linux-6.8.0/arch/arm/boot/dts/nxp/imx/imx6dl-yapp4-common.dtsi @@ -117,17 +117,9 @@ #address-cells = <1>; #size-cells = <0>; - phy_port2: phy@1 { - reg = <1>; - }; - - phy_port3: phy@2 { - reg = <2>; - }; - switch@10 { compatible = "qca,qca8334"; - reg = <10>; + reg = <0x10>; reset-gpios = <&gpio1 25 GPIO_ACTIVE_LOW>; switch_ports: ports { @@ -149,15 +141,30 @@ eth2: port@2 { reg = <2>; label = "eth2"; + phy-mode = "internal"; phy-handle = <&phy_port2>; }; eth1: port@3 { reg = <3>; label = "eth1"; + phy-mode = "internal"; phy-handle = <&phy_port3>; }; }; + + mdio { + #address-cells = <1>; + #size-cells = <0>; + + phy_port2: ethernet-phy@1 { + reg = <1>; + }; + + phy_port3: ethernet-phy@2 { + reg = <2>; + }; + }; }; }; }; --- linux-6.8.0.orig/arch/arm/boot/dts/qcom/qcom-msm8974.dtsi +++ linux-6.8.0/arch/arm/boot/dts/qcom/qcom-msm8974.dtsi @@ -1234,7 +1234,7 @@ qfprom: qfprom@fc4bc000 { compatible = "qcom,msm8974-qfprom", "qcom,qfprom"; - reg = <0xfc4bc000 0x1000>; + reg = <0xfc4bc000 0x2100>; #address-cells = <1>; #size-cells = <1>; --- linux-6.8.0.orig/arch/arm/boot/dts/renesas/r8a73a4-ape6evm.dts +++ linux-6.8.0/arch/arm/boot/dts/renesas/r8a73a4-ape6evm.dts @@ -209,6 +209,18 @@ status = "okay"; }; +&extal1_clk { + clock-frequency = <26000000>; +}; + +&extal2_clk { + clock-frequency = <48000000>; +}; + +&extalr_clk { + clock-frequency = <32768>; +}; + &pfc { scifa0_pins: scifa0 { groups = "scifa0_data"; --- linux-6.8.0.orig/arch/arm/boot/dts/renesas/r8a73a4.dtsi +++ linux-6.8.0/arch/arm/boot/dts/renesas/r8a73a4.dtsi @@ -450,17 +450,20 @@ extalr_clk: extalr { compatible = "fixed-clock"; #clock-cells = <0>; - clock-frequency = <32768>; + /* This value must be overridden by the board. */ + clock-frequency = <0>; }; extal1_clk: extal1 { compatible = "fixed-clock"; #clock-cells = <0>; - clock-frequency = <25000000>; + /* This value must be overridden by the board. */ + clock-frequency = <0>; }; extal2_clk: extal2 { compatible = "fixed-clock"; #clock-cells = <0>; - clock-frequency = <48000000>; + /* This value must be overridden by the board. */ + clock-frequency = <0>; }; fsiack_clk: fsiack { compatible = "fixed-clock"; --- linux-6.8.0.orig/arch/arm/crypto/sha256_glue.c +++ linux-6.8.0/arch/arm/crypto/sha256_glue.c @@ -24,8 +24,8 @@ #include "sha256_glue.h" -asmlinkage void sha256_block_data_order(u32 *digest, const void *data, - unsigned int num_blks); +asmlinkage void sha256_block_data_order(struct sha256_state *state, + const u8 *data, int num_blks); int crypto_sha256_arm_update(struct shash_desc *desc, const u8 *data, unsigned int len) @@ -33,23 +33,20 @@ /* make sure casting to sha256_block_fn() is safe */ BUILD_BUG_ON(offsetof(struct sha256_state, state) != 0); - return sha256_base_do_update(desc, data, len, - (sha256_block_fn *)sha256_block_data_order); + return sha256_base_do_update(desc, data, len, sha256_block_data_order); } EXPORT_SYMBOL(crypto_sha256_arm_update); static int crypto_sha256_arm_final(struct shash_desc *desc, u8 *out) { - sha256_base_do_finalize(desc, - (sha256_block_fn *)sha256_block_data_order); + sha256_base_do_finalize(desc, sha256_block_data_order); return sha256_base_finish(desc, out); } int crypto_sha256_arm_finup(struct shash_desc *desc, const u8 *data, unsigned int len, u8 *out) { - sha256_base_do_update(desc, data, len, - (sha256_block_fn *)sha256_block_data_order); + sha256_base_do_update(desc, data, len, sha256_block_data_order); return crypto_sha256_arm_final(desc, out); } EXPORT_SYMBOL(crypto_sha256_arm_finup); --- linux-6.8.0.orig/arch/arm/crypto/sha512-glue.c +++ linux-6.8.0/arch/arm/crypto/sha512-glue.c @@ -25,27 +25,25 @@ MODULE_ALIAS_CRYPTO("sha384-arm"); MODULE_ALIAS_CRYPTO("sha512-arm"); -asmlinkage void sha512_block_data_order(u64 *state, u8 const *src, int blocks); +asmlinkage void sha512_block_data_order(struct sha512_state *state, + u8 const *src, int blocks); int sha512_arm_update(struct shash_desc *desc, const u8 *data, unsigned int len) { - return sha512_base_do_update(desc, data, len, - (sha512_block_fn *)sha512_block_data_order); + return sha512_base_do_update(desc, data, len, sha512_block_data_order); } static int sha512_arm_final(struct shash_desc *desc, u8 *out) { - sha512_base_do_finalize(desc, - (sha512_block_fn *)sha512_block_data_order); + sha512_base_do_finalize(desc, sha512_block_data_order); return sha512_base_finish(desc, out); } int sha512_arm_finup(struct shash_desc *desc, const u8 *data, unsigned int len, u8 *out) { - sha512_base_do_update(desc, data, len, - (sha512_block_fn *)sha512_block_data_order); + sha512_base_do_update(desc, data, len, sha512_block_data_order); return sha512_arm_final(desc, out); } --- linux-6.8.0.orig/arch/arm/include/asm/mman.h +++ linux-6.8.0/arch/arm/include/asm/mman.h @@ -0,0 +1,14 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +#ifndef __ASM_MMAN_H__ +#define __ASM_MMAN_H__ + +#include +#include + +static inline bool arch_memory_deny_write_exec_supported(void) +{ + return cpu_architecture() >= CPU_ARCH_ARMv6; +} +#define arch_memory_deny_write_exec_supported arch_memory_deny_write_exec_supported + +#endif /* __ASM_MMAN_H__ */ --- linux-6.8.0.orig/arch/arm/kernel/Makefile +++ linux-6.8.0/arch/arm/kernel/Makefile @@ -75,8 +75,6 @@ obj-$(CONFIG_CPU_XSCALE) += xscale-cp0.o obj-$(CONFIG_CPU_XSC3) += xscale-cp0.o obj-$(CONFIG_CPU_MOHAWK) += xscale-cp0.o -obj-$(CONFIG_CPU_PJ4) += pj4-cp0.o -obj-$(CONFIG_CPU_PJ4B) += pj4-cp0.o obj-$(CONFIG_IWMMXT) += iwmmxt.o obj-$(CONFIG_PERF_EVENTS) += perf_regs.o perf_callchain.o obj-$(CONFIG_HW_PERF_EVENTS) += perf_event_xscale.o perf_event_v6.o \ --- linux-6.8.0.orig/arch/arm/kernel/iwmmxt.S +++ linux-6.8.0/arch/arm/kernel/iwmmxt.S @@ -18,18 +18,6 @@ #include #include "iwmmxt.h" -#if defined(CONFIG_CPU_PJ4) || defined(CONFIG_CPU_PJ4B) -#define PJ4(code...) code -#define XSC(code...) -#elif defined(CONFIG_CPU_MOHAWK) || \ - defined(CONFIG_CPU_XSC3) || \ - defined(CONFIG_CPU_XSCALE) -#define PJ4(code...) -#define XSC(code...) code -#else -#error "Unsupported iWMMXt architecture" -#endif - #define MMX_WR0 (0x00) #define MMX_WR1 (0x08) #define MMX_WR2 (0x10) @@ -81,17 +69,13 @@ ENTRY(iwmmxt_task_enable) inc_preempt_count r10, r3 - XSC(mrc p15, 0, r2, c15, c1, 0) - PJ4(mrc p15, 0, r2, c1, c0, 2) + mrc p15, 0, r2, c15, c1, 0 @ CP0 and CP1 accessible? - XSC(tst r2, #0x3) - PJ4(tst r2, #0xf) + tst r2, #0x3 bne 4f @ if so no business here @ enable access to CP0 and CP1 - XSC(orr r2, r2, #0x3) - XSC(mcr p15, 0, r2, c15, c1, 0) - PJ4(orr r2, r2, #0xf) - PJ4(mcr p15, 0, r2, c1, c0, 2) + orr r2, r2, #0x3 + mcr p15, 0, r2, c15, c1, 0 ldr r3, =concan_owner ldr r2, [r0, #S_PC] @ current task pc value @@ -218,12 +202,9 @@ bne 1f @ no: quit @ enable access to CP0 and CP1 - XSC(mrc p15, 0, r4, c15, c1, 0) - XSC(orr r4, r4, #0x3) - XSC(mcr p15, 0, r4, c15, c1, 0) - PJ4(mrc p15, 0, r4, c1, c0, 2) - PJ4(orr r4, r4, #0xf) - PJ4(mcr p15, 0, r4, c1, c0, 2) + mrc p15, 0, r4, c15, c1, 0 + orr r4, r4, #0x3 + mcr p15, 0, r4, c15, c1, 0 mov r0, #0 @ nothing to load str r0, [r3] @ no more current owner @@ -232,10 +213,8 @@ bl concan_save @ disable access to CP0 and CP1 - XSC(bic r4, r4, #0x3) - XSC(mcr p15, 0, r4, c15, c1, 0) - PJ4(bic r4, r4, #0xf) - PJ4(mcr p15, 0, r4, c1, c0, 2) + bic r4, r4, #0x3 + mcr p15, 0, r4, c15, c1, 0 mrc p15, 0, r2, c2, c0, 0 mov r2, r2 @ cpwait @@ -330,11 +309,9 @@ */ ENTRY(iwmmxt_task_switch) - XSC(mrc p15, 0, r1, c15, c1, 0) - PJ4(mrc p15, 0, r1, c1, c0, 2) + mrc p15, 0, r1, c15, c1, 0 @ CP0 and CP1 accessible? - XSC(tst r1, #0x3) - PJ4(tst r1, #0xf) + tst r1, #0x3 bne 1f @ yes: block them for next task ldr r2, =concan_owner @@ -344,10 +321,8 @@ retne lr @ no: leave Concan disabled 1: @ flip Concan access - XSC(eor r1, r1, #0x3) - XSC(mcr p15, 0, r1, c15, c1, 0) - PJ4(eor r1, r1, #0xf) - PJ4(mcr p15, 0, r1, c1, c0, 2) + eor r1, r1, #0x3 + mcr p15, 0, r1, c15, c1, 0 mrc p15, 0, r1, c2, c0, 0 sub pc, lr, r1, lsr #32 @ cpwait and return --- linux-6.8.0.orig/arch/arm/mm/flush.c +++ linux-6.8.0/arch/arm/mm/flush.c @@ -296,6 +296,9 @@ return; folio = page_folio(pfn_to_page(pfn)); + if (folio_test_reserved(folio)) + return; + if (cache_is_vipt_aliasing()) mapping = folio_flush_mapping(folio); else --- linux-6.8.0.orig/arch/arm64/Kconfig +++ linux-6.8.0/arch/arm64/Kconfig @@ -198,7 +198,7 @@ if DYNAMIC_FTRACE_WITH_ARGS && DYNAMIC_FTRACE_WITH_CALL_OPS select HAVE_DYNAMIC_FTRACE_WITH_CALL_OPS \ if (DYNAMIC_FTRACE_WITH_ARGS && !CFI_CLANG && \ - !CC_OPTIMIZE_FOR_SIZE) + (CC_IS_CLANG || !CC_OPTIMIZE_FOR_SIZE)) select FTRACE_MCOUNT_USE_PATCHABLE_FUNCTION_ENTRY \ if DYNAMIC_FTRACE_WITH_ARGS select HAVE_SAMPLE_FTRACE_DIRECT @@ -1550,7 +1550,7 @@ # 64K | 29 | 16 | 13 | 13 | config ARCH_FORCE_MAX_ORDER int - default "13" if ARM64_64K_PAGES + default "13" if ARM64_64K_PAGES || (ARCH_THUNDER && ARM64_4K_PAGES) default "11" if ARM64_16K_PAGES default "10" help --- linux-6.8.0.orig/arch/arm64/boot/dts/allwinner/sun50i-h6-beelink-gs1.dts +++ linux-6.8.0/arch/arm64/boot/dts/allwinner/sun50i-h6-beelink-gs1.dts @@ -291,6 +291,8 @@ }; &spdif { + pinctrl-names = "default"; + pinctrl-0 = <&spdif_tx_pin>; status = "okay"; }; --- linux-6.8.0.orig/arch/arm64/boot/dts/allwinner/sun50i-h6-tanix.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/allwinner/sun50i-h6-tanix.dtsi @@ -166,6 +166,8 @@ }; &spdif { + pinctrl-names = "default"; + pinctrl-0 = <&spdif_tx_pin>; status = "okay"; }; --- linux-6.8.0.orig/arch/arm64/boot/dts/allwinner/sun50i-h6.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/allwinner/sun50i-h6.dtsi @@ -406,6 +406,7 @@ function = "spi1"; }; + /omit-if-no-ref/ spdif_tx_pin: spdif-tx-pin { pins = "PH7"; function = "spdif"; @@ -655,10 +656,8 @@ clocks = <&ccu CLK_BUS_SPDIF>, <&ccu CLK_SPDIF>; clock-names = "apb", "spdif"; resets = <&ccu RST_BUS_SPDIF>; - dmas = <&dma 2>; - dma-names = "tx"; - pinctrl-names = "default"; - pinctrl-0 = <&spdif_tx_pin>; + dmas = <&dma 2>, <&dma 2>; + dma-names = "rx", "tx"; status = "disabled"; }; --- linux-6.8.0.orig/arch/arm64/boot/dts/broadcom/bcmbca/bcm4908.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/broadcom/bcmbca/bcm4908.dtsi @@ -227,9 +227,6 @@ brcm,num-gphy = <5>; brcm,num-rgmii-ports = <2>; - #address-cells = <1>; - #size-cells = <0>; - ports: ports { #address-cells = <1>; #size-cells = <0>; --- linux-6.8.0.orig/arch/arm64/boot/dts/freescale/imx8mm-kontron-bl-osm-s.dts +++ linux-6.8.0/arch/arm64/boot/dts/freescale/imx8mm-kontron-bl-osm-s.dts @@ -294,8 +294,8 @@ pinctrl_i2c4: i2c4grp { fsl,pins = < - MX8MM_IOMUXC_I2C4_SCL_I2C4_SCL 0x400001c3 - MX8MM_IOMUXC_I2C4_SDA_I2C4_SDA 0x400001c3 + MX8MM_IOMUXC_I2C4_SCL_I2C4_SCL 0x40000083 + MX8MM_IOMUXC_I2C4_SDA_I2C4_SDA 0x40000083 >; }; @@ -313,19 +313,19 @@ pinctrl_uart1: uart1grp { fsl,pins = < - MX8MM_IOMUXC_SAI2_RXC_UART1_DCE_RX 0x140 - MX8MM_IOMUXC_SAI2_RXFS_UART1_DCE_TX 0x140 - MX8MM_IOMUXC_SAI2_RXD0_UART1_DCE_RTS_B 0x140 - MX8MM_IOMUXC_SAI2_TXFS_UART1_DCE_CTS_B 0x140 + MX8MM_IOMUXC_SAI2_RXC_UART1_DCE_RX 0x0 + MX8MM_IOMUXC_SAI2_RXFS_UART1_DCE_TX 0x0 + MX8MM_IOMUXC_SAI2_RXD0_UART1_DCE_RTS_B 0x0 + MX8MM_IOMUXC_SAI2_TXFS_UART1_DCE_CTS_B 0x0 >; }; pinctrl_uart2: uart2grp { fsl,pins = < - MX8MM_IOMUXC_SAI3_TXFS_UART2_DCE_RX 0x140 - MX8MM_IOMUXC_SAI3_TXC_UART2_DCE_TX 0x140 - MX8MM_IOMUXC_SAI3_RXD_UART2_DCE_RTS_B 0x140 - MX8MM_IOMUXC_SAI3_RXC_UART2_DCE_CTS_B 0x140 + MX8MM_IOMUXC_SAI3_TXFS_UART2_DCE_RX 0x0 + MX8MM_IOMUXC_SAI3_TXC_UART2_DCE_TX 0x0 + MX8MM_IOMUXC_SAI3_RXD_UART2_DCE_RTS_B 0x0 + MX8MM_IOMUXC_SAI3_RXC_UART2_DCE_CTS_B 0x0 >; }; @@ -337,40 +337,40 @@ pinctrl_usdhc2: usdhc2grp { fsl,pins = < - MX8MM_IOMUXC_SD2_CLK_USDHC2_CLK 0x190 + MX8MM_IOMUXC_SD2_CLK_USDHC2_CLK 0x90 MX8MM_IOMUXC_SD2_CMD_USDHC2_CMD 0x1d0 MX8MM_IOMUXC_SD2_DATA0_USDHC2_DATA0 0x1d0 MX8MM_IOMUXC_SD2_DATA1_USDHC2_DATA1 0x1d0 MX8MM_IOMUXC_SD2_DATA2_USDHC2_DATA2 0x1d0 MX8MM_IOMUXC_SD2_DATA3_USDHC2_DATA3 0x1d0 - MX8MM_IOMUXC_SD2_CD_B_GPIO2_IO12 0x019 - MX8MM_IOMUXC_GPIO1_IO04_USDHC2_VSELECT 0x1d0 + MX8MM_IOMUXC_SD2_CD_B_GPIO2_IO12 0x19 + MX8MM_IOMUXC_GPIO1_IO04_USDHC2_VSELECT 0xd0 >; }; pinctrl_usdhc2_100mhz: usdhc2-100mhzgrp { fsl,pins = < - MX8MM_IOMUXC_SD2_CLK_USDHC2_CLK 0x194 + MX8MM_IOMUXC_SD2_CLK_USDHC2_CLK 0x94 MX8MM_IOMUXC_SD2_CMD_USDHC2_CMD 0x1d4 MX8MM_IOMUXC_SD2_DATA0_USDHC2_DATA0 0x1d4 MX8MM_IOMUXC_SD2_DATA1_USDHC2_DATA1 0x1d4 MX8MM_IOMUXC_SD2_DATA2_USDHC2_DATA2 0x1d4 MX8MM_IOMUXC_SD2_DATA3_USDHC2_DATA3 0x1d4 - MX8MM_IOMUXC_SD2_CD_B_GPIO2_IO12 0x019 - MX8MM_IOMUXC_GPIO1_IO04_USDHC2_VSELECT 0x1d0 + MX8MM_IOMUXC_SD2_CD_B_GPIO2_IO12 0x19 + MX8MM_IOMUXC_GPIO1_IO04_USDHC2_VSELECT 0xd0 >; }; pinctrl_usdhc2_200mhz: usdhc2-200mhzgrp { fsl,pins = < - MX8MM_IOMUXC_SD2_CLK_USDHC2_CLK 0x196 + MX8MM_IOMUXC_SD2_CLK_USDHC2_CLK 0x96 MX8MM_IOMUXC_SD2_CMD_USDHC2_CMD 0x1d6 MX8MM_IOMUXC_SD2_DATA0_USDHC2_DATA0 0x1d6 MX8MM_IOMUXC_SD2_DATA1_USDHC2_DATA1 0x1d6 MX8MM_IOMUXC_SD2_DATA2_USDHC2_DATA2 0x1d6 MX8MM_IOMUXC_SD2_DATA3_USDHC2_DATA3 0x1d6 - MX8MM_IOMUXC_SD2_CD_B_GPIO2_IO12 0x019 - MX8MM_IOMUXC_GPIO1_IO04_USDHC2_VSELECT 0x1d0 + MX8MM_IOMUXC_SD2_CD_B_GPIO2_IO12 0x19 + MX8MM_IOMUXC_GPIO1_IO04_USDHC2_VSELECT 0xd0 >; }; }; --- linux-6.8.0.orig/arch/arm64/boot/dts/freescale/imx8mm-kontron-bl.dts +++ linux-6.8.0/arch/arm64/boot/dts/freescale/imx8mm-kontron-bl.dts @@ -279,8 +279,8 @@ pinctrl_i2c4: i2c4grp { fsl,pins = < - MX8MM_IOMUXC_I2C4_SCL_I2C4_SCL 0x400001c3 - MX8MM_IOMUXC_I2C4_SDA_I2C4_SDA 0x400001c3 + MX8MM_IOMUXC_I2C4_SCL_I2C4_SCL 0x40000083 + MX8MM_IOMUXC_I2C4_SDA_I2C4_SDA 0x40000083 >; }; @@ -292,19 +292,19 @@ pinctrl_uart1: uart1grp { fsl,pins = < - MX8MM_IOMUXC_SAI2_RXC_UART1_DCE_RX 0x140 - MX8MM_IOMUXC_SAI2_RXFS_UART1_DCE_TX 0x140 - MX8MM_IOMUXC_SAI2_RXD0_UART1_DCE_RTS_B 0x140 - MX8MM_IOMUXC_SAI2_TXFS_UART1_DCE_CTS_B 0x140 + MX8MM_IOMUXC_SAI2_RXC_UART1_DCE_RX 0x0 + MX8MM_IOMUXC_SAI2_RXFS_UART1_DCE_TX 0x0 + MX8MM_IOMUXC_SAI2_RXD0_UART1_DCE_RTS_B 0x0 + MX8MM_IOMUXC_SAI2_TXFS_UART1_DCE_CTS_B 0x0 >; }; pinctrl_uart2: uart2grp { fsl,pins = < - MX8MM_IOMUXC_SAI3_TXFS_UART2_DCE_RX 0x140 - MX8MM_IOMUXC_SAI3_TXC_UART2_DCE_TX 0x140 - MX8MM_IOMUXC_SAI3_RXD_UART2_DCE_RTS_B 0x140 - MX8MM_IOMUXC_SAI3_RXC_UART2_DCE_CTS_B 0x140 + MX8MM_IOMUXC_SAI3_TXFS_UART2_DCE_RX 0x0 + MX8MM_IOMUXC_SAI3_TXC_UART2_DCE_TX 0x0 + MX8MM_IOMUXC_SAI3_RXD_UART2_DCE_RTS_B 0x0 + MX8MM_IOMUXC_SAI3_RXC_UART2_DCE_CTS_B 0x0 >; }; @@ -316,40 +316,40 @@ pinctrl_usdhc2: usdhc2grp { fsl,pins = < - MX8MM_IOMUXC_SD2_CLK_USDHC2_CLK 0x190 + MX8MM_IOMUXC_SD2_CLK_USDHC2_CLK 0x90 MX8MM_IOMUXC_SD2_CMD_USDHC2_CMD 0x1d0 MX8MM_IOMUXC_SD2_DATA0_USDHC2_DATA0 0x1d0 MX8MM_IOMUXC_SD2_DATA1_USDHC2_DATA1 0x1d0 MX8MM_IOMUXC_SD2_DATA2_USDHC2_DATA2 0x1d0 MX8MM_IOMUXC_SD2_DATA3_USDHC2_DATA3 0x1d0 - MX8MM_IOMUXC_SD2_CD_B_GPIO2_IO12 0x019 - MX8MM_IOMUXC_GPIO1_IO04_USDHC2_VSELECT 0x1d0 + MX8MM_IOMUXC_SD2_CD_B_GPIO2_IO12 0x19 + MX8MM_IOMUXC_GPIO1_IO04_USDHC2_VSELECT 0xd0 >; }; pinctrl_usdhc2_100mhz: usdhc2-100mhzgrp { fsl,pins = < - MX8MM_IOMUXC_SD2_CLK_USDHC2_CLK 0x194 + MX8MM_IOMUXC_SD2_CLK_USDHC2_CLK 0x94 MX8MM_IOMUXC_SD2_CMD_USDHC2_CMD 0x1d4 MX8MM_IOMUXC_SD2_DATA0_USDHC2_DATA0 0x1d4 MX8MM_IOMUXC_SD2_DATA1_USDHC2_DATA1 0x1d4 MX8MM_IOMUXC_SD2_DATA2_USDHC2_DATA2 0x1d4 MX8MM_IOMUXC_SD2_DATA3_USDHC2_DATA3 0x1d4 - MX8MM_IOMUXC_SD2_CD_B_GPIO2_IO12 0x019 - MX8MM_IOMUXC_GPIO1_IO04_USDHC2_VSELECT 0x1d0 + MX8MM_IOMUXC_SD2_CD_B_GPIO2_IO12 0x19 + MX8MM_IOMUXC_GPIO1_IO04_USDHC2_VSELECT 0xd0 >; }; pinctrl_usdhc2_200mhz: usdhc2-200mhzgrp { fsl,pins = < - MX8MM_IOMUXC_SD2_CLK_USDHC2_CLK 0x196 + MX8MM_IOMUXC_SD2_CLK_USDHC2_CLK 0x96 MX8MM_IOMUXC_SD2_CMD_USDHC2_CMD 0x1d6 MX8MM_IOMUXC_SD2_DATA0_USDHC2_DATA0 0x1d6 MX8MM_IOMUXC_SD2_DATA1_USDHC2_DATA1 0x1d6 MX8MM_IOMUXC_SD2_DATA2_USDHC2_DATA2 0x1d6 MX8MM_IOMUXC_SD2_DATA3_USDHC2_DATA3 0x1d6 - MX8MM_IOMUXC_SD2_CD_B_GPIO2_IO12 0x019 - MX8MM_IOMUXC_GPIO1_IO04_USDHC2_VSELECT 0x1d0 + MX8MM_IOMUXC_SD2_CD_B_GPIO2_IO12 0x19 + MX8MM_IOMUXC_GPIO1_IO04_USDHC2_VSELECT 0xd0 >; }; }; --- linux-6.8.0.orig/arch/arm64/boot/dts/freescale/imx8mm-kontron-osm-s.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/freescale/imx8mm-kontron-osm-s.dtsi @@ -210,7 +210,7 @@ reg = <0x52>; pinctrl-names = "default"; pinctrl-0 = <&pinctrl_rtc>; - interrupts-extended = <&gpio4 1 IRQ_TYPE_LEVEL_HIGH>; + interrupts-extended = <&gpio4 1 IRQ_TYPE_LEVEL_LOW>; trickle-diode-disable; }; }; @@ -252,8 +252,8 @@ pinctrl_i2c1: i2c1grp { fsl,pins = < - MX8MM_IOMUXC_I2C1_SCL_I2C1_SCL 0x400001c3 - MX8MM_IOMUXC_I2C1_SDA_I2C1_SDA 0x400001c3 + MX8MM_IOMUXC_I2C1_SCL_I2C1_SCL 0x40000083 + MX8MM_IOMUXC_I2C1_SDA_I2C1_SDA 0x40000083 >; }; --- linux-6.8.0.orig/arch/arm64/boot/dts/freescale/imx8mm-kontron-sl.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/freescale/imx8mm-kontron-sl.dtsi @@ -237,8 +237,8 @@ pinctrl_i2c1: i2c1grp { fsl,pins = < - MX8MM_IOMUXC_I2C1_SCL_I2C1_SCL 0x400001c3 - MX8MM_IOMUXC_I2C1_SDA_I2C1_SDA 0x400001c3 + MX8MM_IOMUXC_I2C1_SCL_I2C1_SCL 0x40000083 + MX8MM_IOMUXC_I2C1_SDA_I2C1_SDA 0x40000083 >; }; --- linux-6.8.0.orig/arch/arm64/boot/dts/freescale/imx8mm-venice-gw71xx.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/freescale/imx8mm-venice-gw71xx.dtsi @@ -47,17 +47,6 @@ gpios = <&gpio1 15 GPIO_ACTIVE_HIGH>; status = "okay"; }; - - reg_usb_otg1_vbus: regulator-usb-otg1 { - pinctrl-names = "default"; - pinctrl-0 = <&pinctrl_reg_usb1_en>; - compatible = "regulator-fixed"; - regulator-name = "usb_otg1_vbus"; - gpio = <&gpio1 10 GPIO_ACTIVE_HIGH>; - enable-active-high; - regulator-min-microvolt = <5000000>; - regulator-max-microvolt = <5000000>; - }; }; /* off-board header */ @@ -144,9 +133,10 @@ }; &usbotg1 { + pinctrl-names = "default"; + pinctrl-0 = <&pinctrl_usbotg1>; dr_mode = "otg"; over-current-active-low; - vbus-supply = <®_usb_otg1_vbus>; status = "okay"; }; @@ -204,14 +194,6 @@ >; }; - pinctrl_reg_usb1_en: regusb1grp { - fsl,pins = < - MX8MM_IOMUXC_GPIO1_IO10_GPIO1_IO10 0x41 - MX8MM_IOMUXC_GPIO1_IO12_GPIO1_IO12 0x141 - MX8MM_IOMUXC_GPIO1_IO13_USB1_OTG_OC 0x41 - >; - }; - pinctrl_spi2: spi2grp { fsl,pins = < MX8MM_IOMUXC_ECSPI2_SCLK_ECSPI2_SCLK 0xd6 @@ -234,4 +216,11 @@ MX8MM_IOMUXC_UART3_TXD_UART3_DCE_TX 0x140 >; }; + + pinctrl_usbotg1: usbotg1grp { + fsl,pins = < + MX8MM_IOMUXC_GPIO1_IO12_GPIO1_IO12 0x141 + MX8MM_IOMUXC_GPIO1_IO13_USB1_OTG_OC 0x41 + >; + }; }; --- linux-6.8.0.orig/arch/arm64/boot/dts/freescale/imx8mp-data-modul-edm-sbc.dts +++ linux-6.8.0/arch/arm64/boot/dts/freescale/imx8mp-data-modul-edm-sbc.dts @@ -121,7 +121,7 @@ flash@0 { /* W25Q128JVEI */ compatible = "jedec,spi-nor"; reg = <0>; - spi-max-frequency = <100000000>; /* Up to 133 MHz */ + spi-max-frequency = <40000000>; spi-tx-bus-width = <1>; spi-rx-bus-width = <1>; }; --- linux-6.8.0.orig/arch/arm64/boot/dts/freescale/imx8mp-evk.dts +++ linux-6.8.0/arch/arm64/boot/dts/freescale/imx8mp-evk.dts @@ -23,7 +23,7 @@ port { hdmi_connector_in: endpoint { - remote-endpoint = <&adv7533_out>; + remote-endpoint = <&adv7535_out>; }; }; }; @@ -107,6 +107,13 @@ enable-active-high; }; + reg_vext_3v3: regulator-vext-3v3 { + compatible = "regulator-fixed"; + regulator-name = "VEXT_3V3"; + regulator-min-microvolt = <3300000>; + regulator-max-microvolt = <3300000>; + }; + sound { compatible = "simple-audio-card"; simple-audio-card,name = "wm8960-audio"; @@ -364,7 +371,7 @@ regulator-always-on; }; - BUCK5 { + reg_buck5: BUCK5 { regulator-name = "BUCK5"; regulator-min-microvolt = <1650000>; regulator-max-microvolt = <1950000>; @@ -415,14 +422,16 @@ hdmi@3d { compatible = "adi,adv7535"; - reg = <0x3d>, <0x3c>, <0x3e>, <0x3f>; - reg-names = "main", "cec", "edid", "packet"; + reg = <0x3d>; + interrupt-parent = <&gpio1>; + interrupts = <9 IRQ_TYPE_EDGE_FALLING>; adi,dsi-lanes = <4>; - adi,input-depth = <8>; - adi,input-colorspace = "rgb"; - adi,input-clock = "1x"; - adi,input-style = <1>; - adi,input-justification = "evenly"; + avdd-supply = <®_buck5>; + dvdd-supply = <®_buck5>; + pvdd-supply = <®_buck5>; + a2vdd-supply = <®_buck5>; + v3p3-supply = <®_vext_3v3>; + v1p2-supply = <®_buck5>; ports { #address-cells = <1>; @@ -431,7 +440,7 @@ port@0 { reg = <0>; - adv7533_in: endpoint { + adv7535_in: endpoint { remote-endpoint = <&dsi_out>; }; }; @@ -439,7 +448,7 @@ port@1 { reg = <1>; - adv7533_out: endpoint { + adv7535_out: endpoint { remote-endpoint = <&hdmi_connector_in>; }; }; @@ -524,7 +533,7 @@ reg = <1>; dsi_out: endpoint { - remote-endpoint = <&adv7533_in>; + remote-endpoint = <&adv7535_in>; data-lanes = <1 2 3 4>; }; }; --- linux-6.8.0.orig/arch/arm64/boot/dts/freescale/imx8qm-ss-dma.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/freescale/imx8qm-ss-dma.dtsi @@ -96,15 +96,30 @@ status = "okay"; }; +/* It is eDMA1 in 8QM RM, but 8QXP it is eDMA3 */ &edma3 { + reg = <0x5a9f0000 0x210000>; + dma-channels = <10>; + interrupts = , + , + , + , + , + , + , + , + , + ; power-domains = <&pd IMX_SC_R_DMA_1_CH0>, - <&pd IMX_SC_R_DMA_1_CH1>, - <&pd IMX_SC_R_DMA_1_CH2>, - <&pd IMX_SC_R_DMA_1_CH3>, - <&pd IMX_SC_R_DMA_1_CH4>, - <&pd IMX_SC_R_DMA_1_CH5>, - <&pd IMX_SC_R_DMA_1_CH6>, - <&pd IMX_SC_R_DMA_1_CH7>; + <&pd IMX_SC_R_DMA_1_CH1>, + <&pd IMX_SC_R_DMA_1_CH2>, + <&pd IMX_SC_R_DMA_1_CH3>, + <&pd IMX_SC_R_DMA_1_CH4>, + <&pd IMX_SC_R_DMA_1_CH5>, + <&pd IMX_SC_R_DMA_1_CH6>, + <&pd IMX_SC_R_DMA_1_CH7>, + <&pd IMX_SC_R_DMA_1_CH8>, + <&pd IMX_SC_R_DMA_1_CH9>; }; &flexcan1 { --- linux-6.8.0.orig/arch/arm64/boot/dts/marvell/armada-37xx.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/marvell/armada-37xx.dtsi @@ -431,14 +431,14 @@ crypto: crypto@90000 { compatible = "inside-secure,safexcel-eip97ies"; reg = <0x90000 0x20000>; - interrupts = , - , + interrupts = , , , , - ; - interrupt-names = "mem", "ring0", "ring1", - "ring2", "ring3", "eip"; + , + ; + interrupt-names = "ring0", "ring1", "ring2", + "ring3", "eip", "mem"; clocks = <&nb_periph_clk 15>; }; --- linux-6.8.0.orig/arch/arm64/boot/dts/marvell/armada-cp11x.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/marvell/armada-cp11x.dtsi @@ -511,14 +511,14 @@ CP11X_LABEL(crypto): crypto@800000 { compatible = "inside-secure,safexcel-eip197b"; reg = <0x800000 0x200000>; - interrupts = <87 IRQ_TYPE_LEVEL_HIGH>, - <88 IRQ_TYPE_LEVEL_HIGH>, + interrupts = <88 IRQ_TYPE_LEVEL_HIGH>, <89 IRQ_TYPE_LEVEL_HIGH>, <90 IRQ_TYPE_LEVEL_HIGH>, <91 IRQ_TYPE_LEVEL_HIGH>, - <92 IRQ_TYPE_LEVEL_HIGH>; - interrupt-names = "mem", "ring0", "ring1", - "ring2", "ring3", "eip"; + <92 IRQ_TYPE_LEVEL_HIGH>, + <87 IRQ_TYPE_LEVEL_HIGH>; + interrupt-names = "ring0", "ring1", "ring2", "ring3", + "eip", "mem"; clock-names = "core", "reg"; clocks = <&CP11X_LABEL(clk) 1 26>, <&CP11X_LABEL(clk) 1 17>; --- linux-6.8.0.orig/arch/arm64/boot/dts/mediatek/mt7622-bananapi-bpi-r64.dts +++ linux-6.8.0/arch/arm64/boot/dts/mediatek/mt7622-bananapi-bpi-r64.dts @@ -75,6 +75,7 @@ memory@40000000 { reg = <0 0x40000000 0 0x40000000>; + device_type = "memory"; }; reg_1p8v: regulator-1p8v { --- linux-6.8.0.orig/arch/arm64/boot/dts/mediatek/mt7622-rfb1.dts +++ linux-6.8.0/arch/arm64/boot/dts/mediatek/mt7622-rfb1.dts @@ -57,6 +57,7 @@ memory@40000000 { reg = <0 0x40000000 0 0x20000000>; + device_type = "memory"; }; reg_1p8v: regulator-1p8v { --- linux-6.8.0.orig/arch/arm64/boot/dts/mediatek/mt7986a-bananapi-bpi-r3.dts +++ linux-6.8.0/arch/arm64/boot/dts/mediatek/mt7986a-bananapi-bpi-r3.dts @@ -43,7 +43,7 @@ #cooling-cells = <2>; /* cooling level (0, 1, 2) - pwm inverted */ cooling-levels = <255 96 0>; - pwms = <&pwm 0 10000 0>; + pwms = <&pwm 0 10000>; status = "okay"; }; --- linux-6.8.0.orig/arch/arm64/boot/dts/mediatek/mt7986a-rfb.dts +++ linux-6.8.0/arch/arm64/boot/dts/mediatek/mt7986a-rfb.dts @@ -237,12 +237,13 @@ pinctrl-0 = <&spi_flash_pins>; cs-gpios = <0>, <0>; status = "okay"; - spi_nand: spi_nand@0 { + + spi_nand: flash@0 { compatible = "spi-nand"; reg = <0>; spi-max-frequency = <10000000>; - spi-tx-buswidth = <4>; - spi-rx-buswidth = <4>; + spi-tx-bus-width = <4>; + spi-rx-bus-width = <4>; }; }; --- linux-6.8.0.orig/arch/arm64/boot/dts/mediatek/mt7986a.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/mediatek/mt7986a.dtsi @@ -153,6 +153,7 @@ compatible = "mediatek,mt7986-infracfg", "syscon"; reg = <0 0x10001000 0 0x1000>; #clock-cells = <1>; + #reset-cells = <1>; }; wed_pcie: wed-pcie@10003000 { @@ -234,7 +235,6 @@ ; interrupt-names = "ring0", "ring1", "ring2", "ring3"; clocks = <&infracfg CLK_INFRA_EIP97_CK>; - clock-names = "infra_eip97_ck"; assigned-clocks = <&topckgen CLK_TOP_EIP_B_SEL>; assigned-clock-parents = <&apmixedsys CLK_APMIXED_NET2PLL>; status = "disabled"; @@ -243,7 +243,6 @@ pwm: pwm@10048000 { compatible = "mediatek,mt7986-pwm"; reg = <0 0x10048000 0 0x1000>; - #clock-cells = <1>; #pwm-cells = <2>; interrupts = ; clocks = <&topckgen CLK_TOP_PWM_SEL>, --- linux-6.8.0.orig/arch/arm64/boot/dts/mediatek/mt7986b-rfb.dts +++ linux-6.8.0/arch/arm64/boot/dts/mediatek/mt7986b-rfb.dts @@ -152,12 +152,13 @@ pinctrl-0 = <&spi_flash_pins>; cs-gpios = <0>, <0>; status = "okay"; - spi_nand: spi_nand@0 { + + spi_nand: flash@0 { compatible = "spi-nand"; reg = <0>; spi-max-frequency = <10000000>; - spi-tx-buswidth = <4>; - spi-rx-buswidth = <4>; + spi-tx-bus-width = <4>; + spi-rx-bus-width = <4>; }; }; --- linux-6.8.0.orig/arch/arm64/boot/dts/mediatek/mt8183-kukui-kakadu.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/mediatek/mt8183-kukui-kakadu.dtsi @@ -360,6 +360,10 @@ }; &cros_ec { + cbas { + compatible = "google,cros-cbas"; + }; + keyboard-controller { compatible = "google,cros-ec-keyb-switches"; }; --- linux-6.8.0.orig/arch/arm64/boot/dts/mediatek/mt8183-kukui-kodama.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/mediatek/mt8183-kukui-kodama.dtsi @@ -339,6 +339,10 @@ }; &cros_ec { + cbas { + compatible = "google,cros-cbas"; + }; + keyboard-controller { compatible = "google,cros-ec-keyb-switches"; }; --- linux-6.8.0.orig/arch/arm64/boot/dts/mediatek/mt8183-kukui-krane.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/mediatek/mt8183-kukui-krane.dtsi @@ -343,6 +343,10 @@ }; &cros_ec { + cbas { + compatible = "google,cros-cbas"; + }; + keyboard-controller { compatible = "google,cros-ec-keyb-switches"; }; --- linux-6.8.0.orig/arch/arm64/boot/dts/mediatek/mt8183-kukui.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/mediatek/mt8183-kukui.dtsi @@ -937,10 +937,6 @@ google,usb-port-id = <0>; }; - cbas { - compatible = "google,cros-cbas"; - }; - typec { compatible = "google,cros-ec-typec"; #address-cells = <1>; --- linux-6.8.0.orig/arch/arm64/boot/dts/mediatek/mt8186.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/mediatek/mt8186.dtsi @@ -931,11 +931,17 @@ power-domain@MT8186_POWER_DOMAIN_SSUSB { reg = ; + clocks = <&topckgen CLK_TOP_USB_TOP>, + <&infracfg_ao CLK_INFRA_AO_SSUSB_TOP_REF>; + clock-names = "sys_ck", "ref_ck"; #power-domain-cells = <0>; }; power-domain@MT8186_POWER_DOMAIN_SSUSB_P1 { reg = ; + clocks = <&infracfg_ao CLK_INFRA_AO_SSUSB_TOP_P1_SYS>, + <&infracfg_ao CLK_INFRA_AO_SSUSB_TOP_P1_REF>; + clock-names = "sys_ck", "ref_ck"; #power-domain-cells = <0>; }; @@ -1061,7 +1067,7 @@ reg = ; clocks = <&topckgen CLK_TOP_VENC>, <&vencsys CLK_VENC_CKE1_VENC>; - clock-names = "venc0", "larb"; + clock-names = "venc0", "subsys-larb"; mediatek,infracfg = <&infracfg_ao>; #power-domain-cells = <0>; }; @@ -1530,8 +1536,9 @@ clocks = <&topckgen CLK_TOP_USB_TOP>, <&infracfg_ao CLK_INFRA_AO_SSUSB_TOP_REF>, <&infracfg_ao CLK_INFRA_AO_SSUSB_TOP_HCLK>, - <&infracfg_ao CLK_INFRA_AO_ICUSB>; - clock-names = "sys_ck", "ref_ck", "mcu_ck", "dma_ck"; + <&infracfg_ao CLK_INFRA_AO_ICUSB>, + <&infracfg_ao CLK_INFRA_AO_SSUSB_TOP_XHCI>; + clock-names = "sys_ck", "ref_ck", "mcu_ck", "dma_ck", "xhci_ck"; interrupts = ; phys = <&u2port0 PHY_TYPE_USB2>; power-domains = <&spm MT8186_POWER_DOMAIN_SSUSB>; @@ -1595,8 +1602,9 @@ clocks = <&infracfg_ao CLK_INFRA_AO_SSUSB_TOP_P1_SYS>, <&infracfg_ao CLK_INFRA_AO_SSUSB_TOP_P1_REF>, <&infracfg_ao CLK_INFRA_AO_SSUSB_TOP_P1_HCLK>, - <&clk26m>; - clock-names = "sys_ck", "ref_ck", "mcu_ck", "dma_ck"; + <&clk26m>, + <&infracfg_ao CLK_INFRA_AO_SSUSB_TOP_P1_XHCI>; + clock-names = "sys_ck", "ref_ck", "mcu_ck", "dma_ck", "xhci_ck"; interrupts = ; phys = <&u2port1 PHY_TYPE_USB2>, <&u3port1 PHY_TYPE_USB3>; power-domains = <&spm MT8186_POWER_DOMAIN_SSUSB_P1>; --- linux-6.8.0.orig/arch/arm64/boot/dts/mediatek/mt8192-asurada.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/mediatek/mt8192-asurada.dtsi @@ -1336,10 +1336,6 @@ #address-cells = <1>; #size-cells = <0>; - base_detection: cbas { - compatible = "google,cros-cbas"; - }; - cros_ec_pwm: pwm { compatible = "google,cros-ec-pwm"; #pwm-cells = <1>; --- linux-6.8.0.orig/arch/arm64/boot/dts/mediatek/mt8192.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/mediatek/mt8192.dtsi @@ -1814,7 +1814,7 @@ mediatek,scp = <&scp>; power-domains = <&spm MT8192_POWER_DOMAIN_VENC>; clocks = <&vencsys CLK_VENC_SET1_VENC>; - clock-names = "venc-set1"; + clock-names = "venc_sel"; assigned-clocks = <&topckgen CLK_TOP_VENC_SEL>; assigned-clock-parents = <&topckgen CLK_TOP_UNIVPLL_D4>; }; --- linux-6.8.0.orig/arch/arm64/boot/dts/mediatek/mt8195-cherry-tomato-r1.dts +++ linux-6.8.0/arch/arm64/boot/dts/mediatek/mt8195-cherry-tomato-r1.dts @@ -23,3 +23,7 @@ &ts_10 { status = "okay"; }; + +&watchdog { + /delete-property/ mediatek,disable-extrst; +}; --- linux-6.8.0.orig/arch/arm64/boot/dts/mediatek/mt8195-cherry-tomato-r2.dts +++ linux-6.8.0/arch/arm64/boot/dts/mediatek/mt8195-cherry-tomato-r2.dts @@ -43,3 +43,7 @@ &ts_10 { status = "okay"; }; + +&watchdog { + /delete-property/ mediatek,disable-extrst; +}; --- linux-6.8.0.orig/arch/arm64/boot/dts/mediatek/mt8195-cherry-tomato-r3.dts +++ linux-6.8.0/arch/arm64/boot/dts/mediatek/mt8195-cherry-tomato-r3.dts @@ -44,3 +44,7 @@ &ts_10 { status = "okay"; }; + +&watchdog { + /delete-property/ mediatek,disable-extrst; +}; --- linux-6.8.0.orig/arch/arm64/boot/dts/qcom/pm4125.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/qcom/pm4125.dtsi @@ -0,0 +1,63 @@ +// SPDX-License-Identifier: (GPL-2.0+ OR BSD-3-Clause) +/* + * Copyright (c) 2023, Linaro Ltd + */ + +#include +#include +#include +#include + +&spmi_bus { + pmic@0 { + compatible = "qcom,pm2250", "qcom,spmi-pmic"; + reg = <0x0 SPMI_USID>; + #address-cells = <1>; + #size-cells = <0>; + + pon@800 { + compatible = "qcom,pm8916-pon"; + reg = <0x800>; + + pm4125_pwrkey: pwrkey { + compatible = "qcom,pm8941-pwrkey"; + interrupts-extended = <&spmi_bus 0x0 0x8 0 IRQ_TYPE_EDGE_BOTH>; + linux,code = ; + debounce = <15625>; + bias-pull-up; + }; + + pm4125_resin: resin { + compatible = "qcom,pm8941-resin"; + interrupts-extended = <&spmi_bus 0x0 0x8 1 IRQ_TYPE_EDGE_BOTH>; + debounce = <15625>; + bias-pull-up; + status = "disabled"; + }; + }; + + rtc@6000 { + compatible = "qcom,pm8941-rtc"; + reg = <0x6000>, <0x6100>; + reg-names = "rtc", "alarm"; + interrupts-extended = <&spmi_bus 0x0 0x61 0x1 IRQ_TYPE_EDGE_RISING>; + }; + + pm4125_gpios: gpio@c000 { + compatible = "qcom,pm2250-gpio", "qcom,spmi-gpio"; + reg = <0xc000>; + gpio-controller; + gpio-ranges = <&pm4125_gpios 0 0 10>; + #gpio-cells = <2>; + interrupt-controller; + #interrupt-cells = <2>; + }; + }; + + pmic@1 { + compatible = "qcom,pm2250", "qcom,spmi-pmic"; + reg = <0x1 SPMI_USID>; + #address-cells = <1>; + #size-cells = <0>; + }; +}; --- linux-6.8.0.orig/arch/arm64/boot/dts/qcom/qcm2290.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/qcom/qcm2290.dtsi @@ -442,6 +442,11 @@ #hwlock-cells = <1>; }; + tcsr_regs: syscon@3c0000 { + compatible = "qcom,qcm2290-tcsr", "syscon"; + reg = <0x0 0x003c0000 0x0 0x40000>; + }; + tlmm: pinctrl@500000 { compatible = "qcom,qcm2290-tlmm"; reg = <0x0 0x00500000 0x0 0x300000>; @@ -690,6 +695,8 @@ #phy-cells = <0>; + qcom,tcsr-reg = <&tcsr_regs 0xb244>; + status = "disabled"; }; --- linux-6.8.0.orig/arch/arm64/boot/dts/qcom/qcm6490-fairphone-fp5.dts +++ linux-6.8.0/arch/arm64/boot/dts/qcom/qcm6490-fairphone-fp5.dts @@ -82,6 +82,11 @@ no-map; }; + removed_mem: removed@c0000000 { + reg = <0x0 0xc0000000 0x0 0x5100000>; + no-map; + }; + rmtfs_mem: memory@f8500000 { compatible = "qcom,rmtfs-mem"; reg = <0x0 0xf8500000 0x0 0x600000>; --- linux-6.8.0.orig/arch/arm64/boot/dts/qcom/qcm6490-idp.dts +++ linux-6.8.0/arch/arm64/boot/dts/qcom/qcm6490-idp.dts @@ -123,8 +123,8 @@ vph_pwr: vph-pwr-regulator { compatible = "regulator-fixed"; regulator-name = "vph_pwr"; - regulator-min-microvolt = <2500000>; - regulator-max-microvolt = <4350000>; + regulator-min-microvolt = <3700000>; + regulator-max-microvolt = <3700000>; }; }; --- linux-6.8.0.orig/arch/arm64/boot/dts/qcom/qcs6490-rb3gen2.dts +++ linux-6.8.0/arch/arm64/boot/dts/qcom/qcs6490-rb3gen2.dts @@ -124,8 +124,8 @@ vph_pwr: vph-pwr-regulator { compatible = "regulator-fixed"; regulator-name = "vph_pwr"; - regulator-min-microvolt = <2500000>; - regulator-max-microvolt = <4350000>; + regulator-min-microvolt = <3700000>; + regulator-max-microvolt = <3700000>; }; }; --- linux-6.8.0.orig/arch/arm64/boot/dts/qcom/qrb2210-rb1.dts +++ linux-6.8.0/arch/arm64/boot/dts/qcom/qrb2210-rb1.dts @@ -7,7 +7,7 @@ #include #include "qcm2290.dtsi" -#include "pm2250.dtsi" +#include "pm4125.dtsi" / { model = "Qualcomm Technologies, Inc. Robotics RB1"; @@ -226,7 +226,7 @@ }; &mdss_dsi0 { - vdda-supply = <&pm2250_l5>; + vdda-supply = <&pm4125_l5>; status = "okay"; }; @@ -239,7 +239,7 @@ status = "okay"; }; -&pm2250_resin { +&pm4125_resin { linux,code = ; status = "okay"; }; @@ -263,23 +263,23 @@ compatible = "qcom,rpm-pm2250-regulators"; vdd_s3-supply = <&vph_pwr>; vdd_s4-supply = <&vph_pwr>; - vdd_l1_l2_l3_l5_l6_l7_l8_l9_l10_l11_l12-supply = <&pm2250_s3>; + vdd_l1_l2_l3_l5_l6_l7_l8_l9_l10_l11_l12-supply = <&pm4125_s3>; vdd_l4_l17_l18_l19_l20_l21_l22-supply = <&vph_pwr>; - vdd_l13_l14_l15_l16-supply = <&pm2250_s4>; + vdd_l13_l14_l15_l16-supply = <&pm4125_s4>; /* * S1 - VDD_APC * S2 - VDD_CX */ - pm2250_s3: s3 { + pm4125_s3: s3 { /* 0.4V-1.6625V -> 1.3V (Power tree requirements) */ regulator-min-microvolt = <1352000>; regulator-max-microvolt = <1352000>; regulator-boot-on; }; - pm2250_s4: s4 { + pm4125_s4: s4 { /* 1.2V-2.35V -> 2.05V (Power tree requirements) */ regulator-min-microvolt = <2072000>; regulator-max-microvolt = <2072000>; @@ -288,7 +288,7 @@ /* L1 - VDD_MX */ - pm2250_l2: l2 { + pm4125_l2: l2 { /* LPDDR4X VDD2 */ regulator-min-microvolt = <1136000>; regulator-max-microvolt = <1136000>; @@ -296,7 +296,7 @@ regulator-boot-on; }; - pm2250_l3: l3 { + pm4125_l3: l3 { /* LPDDR4X VDDQ */ regulator-min-microvolt = <616000>; regulator-max-microvolt = <616000>; @@ -304,14 +304,14 @@ regulator-boot-on; }; - pm2250_l4: l4 { + pm4125_l4: l4 { /* max = 3.05V -> max = 2.7 to disable 3V signaling (SDHCI2) */ regulator-min-microvolt = <1800000>; regulator-max-microvolt = <2700000>; regulator-allow-set-load; }; - pm2250_l5: l5 { + pm4125_l5: l5 { /* CSI/DSI */ regulator-min-microvolt = <1232000>; regulator-max-microvolt = <1232000>; @@ -319,7 +319,7 @@ regulator-boot-on; }; - pm2250_l6: l6 { + pm4125_l6: l6 { /* DRAM PLL */ regulator-min-microvolt = <928000>; regulator-max-microvolt = <928000>; @@ -327,7 +327,7 @@ regulator-boot-on; }; - pm2250_l7: l7 { + pm4125_l7: l7 { /* Wi-Fi CX/MX */ regulator-min-microvolt = <664000>; regulator-max-microvolt = <664000>; @@ -338,20 +338,20 @@ * L9 - VDD_LPI_MX */ - pm2250_l10: l10 { + pm4125_l10: l10 { /* Wi-Fi RFA */ regulator-min-microvolt = <1304000>; regulator-max-microvolt = <1304000>; }; - pm2250_l11: l11 { + pm4125_l11: l11 { /* GPS RF1 */ regulator-min-microvolt = <1000000>; regulator-max-microvolt = <1000000>; regulator-boot-on; }; - pm2250_l12: l12 { + pm4125_l12: l12 { /* USB PHYs */ regulator-min-microvolt = <928000>; regulator-max-microvolt = <928000>; @@ -359,7 +359,7 @@ regulator-boot-on; }; - pm2250_l13: l13 { + pm4125_l13: l13 { /* USB/QFPROM/PLLs */ regulator-min-microvolt = <1800000>; regulator-max-microvolt = <1800000>; @@ -367,7 +367,7 @@ regulator-boot-on; }; - pm2250_l14: l14 { + pm4125_l14: l14 { /* SDHCI1 VQMMC */ regulator-min-microvolt = <1800000>; regulator-max-microvolt = <1800000>; @@ -376,7 +376,7 @@ regulator-always-on; }; - pm2250_l15: l15 { + pm4125_l15: l15 { /* WCD/DSI/BT VDDIO */ regulator-min-microvolt = <1800000>; regulator-max-microvolt = <1800000>; @@ -385,38 +385,38 @@ regulator-boot-on; }; - pm2250_l16: l16 { + pm4125_l16: l16 { /* GPS RF2 */ regulator-min-microvolt = <1800000>; regulator-max-microvolt = <1800000>; regulator-boot-on; }; - pm2250_l17: l17 { + pm4125_l17: l17 { regulator-min-microvolt = <3000000>; regulator-max-microvolt = <3000000>; }; - pm2250_l18: l18 { + pm4125_l18: l18 { /* VDD_PXn */ regulator-min-microvolt = <1800000>; regulator-max-microvolt = <1800000>; }; - pm2250_l19: l19 { + pm4125_l19: l19 { /* VDD_PXn */ regulator-min-microvolt = <1800000>; regulator-max-microvolt = <1800000>; }; - pm2250_l20: l20 { + pm4125_l20: l20 { /* SDHCI1 VMMC */ regulator-min-microvolt = <2400000>; regulator-max-microvolt = <3600000>; regulator-allow-set-load; }; - pm2250_l21: l21 { + pm4125_l21: l21 { /* SDHCI2 VMMC */ regulator-min-microvolt = <2960000>; regulator-max-microvolt = <3300000>; @@ -424,7 +424,7 @@ regulator-boot-on; }; - pm2250_l22: l22 { + pm4125_l22: l22 { /* Wi-Fi */ regulator-min-microvolt = <3312000>; regulator-max-microvolt = <3312000>; @@ -433,8 +433,8 @@ }; &sdhc_1 { - vmmc-supply = <&pm2250_l20>; - vqmmc-supply = <&pm2250_l14>; + vmmc-supply = <&pm4125_l20>; + vqmmc-supply = <&pm4125_l14>; pinctrl-0 = <&sdc1_state_on>; pinctrl-1 = <&sdc1_state_off>; pinctrl-names = "default", "sleep"; @@ -446,8 +446,8 @@ }; &sdhc_2 { - vmmc-supply = <&pm2250_l21>; - vqmmc-supply = <&pm2250_l4>; + vmmc-supply = <&pm4125_l21>; + vqmmc-supply = <&pm4125_l4>; cd-gpios = <&tlmm 88 GPIO_ACTIVE_LOW>; pinctrl-0 = <&sdc2_state_on &sd_det_in_on>; pinctrl-1 = <&sdc2_state_off &sd_det_in_off>; @@ -518,8 +518,8 @@ }; &usb_qmpphy { - vdda-phy-supply = <&pm2250_l12>; - vdda-pll-supply = <&pm2250_l13>; + vdda-phy-supply = <&pm4125_l12>; + vdda-pll-supply = <&pm4125_l13>; status = "okay"; }; @@ -528,17 +528,17 @@ }; &usb_hsphy { - vdd-supply = <&pm2250_l12>; - vdda-pll-supply = <&pm2250_l13>; - vdda-phy-dpdm-supply = <&pm2250_l21>; + vdd-supply = <&pm4125_l12>; + vdda-pll-supply = <&pm4125_l13>; + vdda-phy-dpdm-supply = <&pm4125_l21>; status = "okay"; }; &wifi { - vdd-0.8-cx-mx-supply = <&pm2250_l7>; - vdd-1.8-xo-supply = <&pm2250_l13>; - vdd-1.3-rfa-supply = <&pm2250_l10>; - vdd-3.3-ch0-supply = <&pm2250_l22>; + vdd-0.8-cx-mx-supply = <&pm4125_l7>; + vdd-1.8-xo-supply = <&pm4125_l13>; + vdd-1.3-rfa-supply = <&pm4125_l10>; + vdd-3.3-ch0-supply = <&pm4125_l22>; qcom,ath10k-calibration-variant = "Thundercomm_RB1"; status = "okay"; }; --- linux-6.8.0.orig/arch/arm64/boot/dts/qcom/qrb4210-rb2.dts +++ linux-6.8.0/arch/arm64/boot/dts/qcom/qrb4210-rb2.dts @@ -607,10 +607,6 @@ status = "okay"; }; -&usb_dwc3 { - maximum-speed = "super-speed"; -}; - &usb_hsphy { vdd-supply = <&vreg_l4a_0p9>; vdda-pll-supply = <&vreg_l12a_1p8>; --- linux-6.8.0.orig/arch/arm64/boot/dts/qcom/sa8540p.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/qcom/sa8540p.dtsi @@ -168,6 +168,9 @@ }; &gpucc { + /* SA8295P and SA8540P doesn't provide gfx.lvl */ + /delete-property/ power-domains; + status = "disabled"; }; --- linux-6.8.0.orig/arch/arm64/boot/dts/qcom/sc7280.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/qcom/sc7280.dtsi @@ -2178,8 +2178,16 @@ ranges = <0x01000000 0x0 0x00000000 0x0 0x40200000 0x0 0x100000>, <0x02000000 0x0 0x40300000 0x0 0x40300000 0x0 0x1fd00000>; - interrupts = ; - interrupt-names = "msi"; + interrupts = , + , + , + , + , + , + , + ; + interrupt-names = "msi0", "msi1", "msi2", "msi3", + "msi4", "msi5", "msi6", "msi7"; #interrupt-cells = <1>; interrupt-map-mask = <0 0 0 0x7>; interrupt-map = <0 0 0 1 &intc 0 0 0 434 IRQ_TYPE_LEVEL_HIGH>, @@ -2345,6 +2353,8 @@ <&apps_smmu 0x4e6 0x0011>; qcom,ee = <0>; qcom,controlled-remotely; + num-channels = <16>; + qcom,num-ees = <4>; }; crypto: crypto@1dfa000 { --- linux-6.8.0.orig/arch/arm64/boot/dts/qcom/sc8180x.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/qcom/sc8180x.dtsi @@ -290,7 +290,7 @@ BIG_CPU_SLEEP_0: cpu-sleep-1-0 { compatible = "arm,idle-state"; arm,psci-suspend-param = <0x40000004>; - entry-latency-us = <241>; + entry-latency-us = <2411>; exit-latency-us = <1461>; min-residency-us = <4488>; local-timer-stop; @@ -298,7 +298,15 @@ }; domain-idle-states { - CLUSTER_SLEEP_0: cluster-sleep-0 { + CLUSTER_SLEEP_APSS_OFF: cluster-sleep-0 { + compatible = "domain-idle-state"; + arm,psci-suspend-param = <0x41000044>; + entry-latency-us = <3300>; + exit-latency-us = <3300>; + min-residency-us = <6000>; + }; + + CLUSTER_SLEEP_AOSS_SLEEP: cluster-sleep-1 { compatible = "domain-idle-state"; arm,psci-suspend-param = <0x4100a344>; entry-latency-us = <3263>; @@ -582,7 +590,7 @@ CLUSTER_PD: power-domain-cpu-cluster0 { #power-domain-cells = <0>; - domain-idle-states = <&CLUSTER_SLEEP_0>; + domain-idle-states = <&CLUSTER_SLEEP_APSS_OFF &CLUSTER_SLEEP_AOSS_SLEEP>; }; }; @@ -782,6 +790,7 @@ clock-names = "bi_tcxo", "bi_tcxo_ao", "sleep_clk"; + power-domains = <&rpmhpd SC8180X_CX>; }; qupv3_id_0: geniqup@8c0000 { @@ -2692,9 +2701,15 @@ interrupt-controller; #interrupt-cells = <1>; - interconnects = <&mmss_noc MASTER_MDP_PORT0 0 &mc_virt SLAVE_EBI_CH0 0>, - <&mmss_noc MASTER_MDP_PORT1 0 &mc_virt SLAVE_EBI_CH0 0>; - interconnect-names = "mdp0-mem", "mdp1-mem"; + interconnects = <&mmss_noc MASTER_MDP_PORT0 QCOM_ICC_TAG_ALWAYS + &mc_virt SLAVE_EBI_CH0 QCOM_ICC_TAG_ALWAYS>, + <&mmss_noc MASTER_MDP_PORT1 QCOM_ICC_TAG_ALWAYS + &mc_virt SLAVE_EBI_CH0 QCOM_ICC_TAG_ALWAYS>, + <&gem_noc MASTER_AMPSS_M0 QCOM_ICC_TAG_ALWAYS + &config_noc SLAVE_DISPLAY_CFG QCOM_ICC_TAG_ALWAYS>; + interconnect-names = "mdp0-mem", + "mdp1-mem", + "cpu-cfg"; iommus = <&apps_smmu 0x800 0x420>; @@ -2723,10 +2738,8 @@ "rot", "lut"; - assigned-clocks = <&dispcc DISP_CC_MDSS_MDP_CLK>, - <&dispcc DISP_CC_MDSS_VSYNC_CLK>; - assigned-clock-rates = <460000000>, - <19200000>; + assigned-clocks = <&dispcc DISP_CC_MDSS_VSYNC_CLK>; + assigned-clock-rates = <19200000>; operating-points-v2 = <&mdp_opp_table>; power-domains = <&rpmhpd SC8180X_MMCX>; @@ -3184,7 +3197,7 @@ <&dispcc DISP_CC_MDSS_AHB_CLK>; clock-names = "aux", "cfg_ahb"; - power-domains = <&dispcc MDSS_GDSC>; + power-domains = <&rpmhpd SC8180X_MX>; #clock-cells = <1>; #phy-cells = <0>; @@ -3210,6 +3223,7 @@ "edp_phy_pll_link_clk", "edp_phy_pll_vco_div_clk"; power-domains = <&rpmhpd SC8180X_MMCX>; + required-opps = <&rpmhpd_opp_low_svs>; #clock-cells = <1>; #reset-cells = <1>; #power-domain-cells = <1>; @@ -3248,7 +3262,7 @@ aoss_qmp: power-controller@c300000 { compatible = "qcom,sc8180x-aoss-qmp", "qcom,aoss-qmp"; - reg = <0x0 0x0c300000 0x0 0x100000>; + reg = <0x0 0x0c300000 0x0 0x400>; interrupts = ; mboxes = <&apss_shared 0>; --- linux-6.8.0.orig/arch/arm64/boot/dts/qcom/sdm845-db845c.dts +++ linux-6.8.0/arch/arm64/boot/dts/qcom/sdm845-db845c.dts @@ -580,7 +580,7 @@ &pcie0 { status = "okay"; perst-gpios = <&tlmm 35 GPIO_ACTIVE_LOW>; - enable-gpio = <&tlmm 134 GPIO_ACTIVE_HIGH>; + wake-gpios = <&tlmm 134 GPIO_ACTIVE_HIGH>; vddpe-3v3-supply = <&pcie0_3p3v_dual>; --- linux-6.8.0.orig/arch/arm64/boot/dts/qcom/sdm845-oneplus-common.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/qcom/sdm845-oneplus-common.dtsi @@ -508,13 +508,13 @@ }; &q6afedai { - qi2s@22 { - reg = <22>; + dai@22 { + reg = ; qcom,sd-lines = <1>; }; - qi2s@23 { - reg = <23>; + dai@23 { + reg = ; qcom,sd-lines = <0>; }; }; --- linux-6.8.0.orig/arch/arm64/boot/dts/qcom/sdm845.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/qcom/sdm845.dtsi @@ -3366,8 +3366,8 @@ qcom,qmp = <&aoss_qmp>; - power-domains = <&rpmhpd SDM845_CX>, - <&rpmhpd SDM845_MX>; + power-domains = <&rpmhpd SDM845_LCX>, + <&rpmhpd SDM845_LMX>; power-domain-names = "lcx", "lmx"; memory-region = <&slpi_mem>; --- linux-6.8.0.orig/arch/arm64/boot/dts/qcom/sm6115.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/qcom/sm6115.dtsi @@ -614,6 +614,11 @@ #hwlock-cells = <1>; }; + tcsr_regs: syscon@3c0000 { + compatible = "qcom,sm6115-tcsr", "syscon"; + reg = <0x0 0x003c0000 0x0 0x40000>; + }; + tlmm: pinctrl@500000 { compatible = "qcom,sm6115-tlmm"; reg = <0x0 0x00500000 0x0 0x400000>, @@ -879,6 +884,8 @@ #phy-cells = <0>; + qcom,tcsr-reg = <&tcsr_regs 0xb244>; + status = "disabled"; }; @@ -1603,7 +1610,6 @@ interconnect-names = "usb-ddr", "apps-usb"; - qcom,select-utmi-as-pipe-clk; status = "disabled"; usb_dwc3: usb@4e00000 { --- linux-6.8.0.orig/arch/arm64/boot/dts/qcom/sm8150.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/qcom/sm8150.dtsi @@ -1879,7 +1879,7 @@ phy-names = "pciephy"; perst-gpios = <&tlmm 35 GPIO_ACTIVE_HIGH>; - enable-gpio = <&tlmm 37 GPIO_ACTIVE_HIGH>; + wake-gpios = <&tlmm 37 GPIO_ACTIVE_HIGH>; pinctrl-names = "default"; pinctrl-0 = <&pcie0_default_state>; --- linux-6.8.0.orig/arch/arm64/boot/dts/qcom/sm8450-hdk.dts +++ linux-6.8.0/arch/arm64/boot/dts/qcom/sm8450-hdk.dts @@ -938,8 +938,8 @@ "TX DMIC3", "MIC BIAS1", "TX SWR_INPUT0", "ADC1_OUTPUT", "TX SWR_INPUT1", "ADC2_OUTPUT", - "TX SWR_INPUT2", "ADC3_OUTPUT", - "TX SWR_INPUT3", "ADC4_OUTPUT"; + "TX SWR_INPUT0", "ADC3_OUTPUT", + "TX SWR_INPUT1", "ADC4_OUTPUT"; wcd-playback-dai-link { link-name = "WCD Playback"; --- linux-6.8.0.orig/arch/arm64/boot/dts/qcom/sm8450.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/qcom/sm8450.dtsi @@ -1028,6 +1028,12 @@ pinctrl-names = "default"; pinctrl-0 = <&qup_uart20_default>; interrupts = ; + interconnects = <&clk_virt MASTER_QUP_CORE_2 QCOM_ICC_TAG_ALWAYS + &clk_virt SLAVE_QUP_CORE_2 QCOM_ICC_TAG_ALWAYS>, + <&gem_noc MASTER_APPSS_PROC QCOM_ICC_TAG_ALWAYS + &config_noc SLAVE_QUP_2 QCOM_ICC_TAG_ALWAYS>; + interconnect-names = "qup-core", + "qup-config"; status = "disabled"; }; @@ -1420,6 +1426,12 @@ pinctrl-names = "default"; pinctrl-0 = <&qup_uart7_tx>, <&qup_uart7_rx>; interrupts = ; + interconnects = <&clk_virt MASTER_QUP_CORE_2 QCOM_ICC_TAG_ALWAYS + &clk_virt SLAVE_QUP_CORE_2 QCOM_ICC_TAG_ALWAYS>, + <&gem_noc MASTER_APPSS_PROC QCOM_ICC_TAG_ALWAYS + &config_noc SLAVE_QUP_2 QCOM_ICC_TAG_ALWAYS>; + interconnect-names = "qup-core", + "qup-config"; status = "disabled"; }; }; --- linux-6.8.0.orig/arch/arm64/boot/dts/qcom/sm8550-mtp.dts +++ linux-6.8.0/arch/arm64/boot/dts/qcom/sm8550-mtp.dts @@ -874,7 +874,7 @@ wcd_tx: codec@0,3 { compatible = "sdw20217010d00"; reg = <0 3>; - qcom,tx-port-mapping = <1 1 2 3>; + qcom,tx-port-mapping = <2 2 3 4>; }; }; --- linux-6.8.0.orig/arch/arm64/boot/dts/qcom/sm8550-qrd.dts +++ linux-6.8.0/arch/arm64/boot/dts/qcom/sm8550-qrd.dts @@ -978,7 +978,7 @@ wcd_tx: codec@0,3 { compatible = "sdw20217010d00"; reg = <0 3>; - qcom,tx-port-mapping = <1 1 2 3>; + qcom,tx-port-mapping = <2 2 3 4>; }; }; --- linux-6.8.0.orig/arch/arm64/boot/dts/qcom/sm8550.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/qcom/sm8550.dtsi @@ -3248,7 +3248,7 @@ spmi_bus: spmi@c400000 { compatible = "qcom,spmi-pmic-arb"; reg = <0 0x0c400000 0 0x3000>, - <0 0x0c500000 0 0x4000000>, + <0 0x0c500000 0 0x400000>, <0 0x0c440000 0 0x80000>, <0 0x0c4c0000 0 0x20000>, <0 0x0c42d000 0 0x4000>; --- linux-6.8.0.orig/arch/arm64/boot/dts/qcom/sm8650.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/qcom/sm8650.dtsi @@ -2448,10 +2448,12 @@ compatible = "qcom,sm8650-qmp-ufs-phy"; reg = <0 0x01d80000 0 0x2000>; - clocks = <&tcsr TCSR_UFS_CLKREF_EN>, - <&gcc GCC_UFS_PHY_PHY_AUX_CLK>; + clocks = <&rpmhcc RPMH_CXO_CLK>, + <&gcc GCC_UFS_PHY_PHY_AUX_CLK>, + <&tcsr TCSR_UFS_CLKREF_EN>; clock-names = "ref", - "ref_aux"; + "ref_aux", + "qref"; resets = <&ufs_mem_hc 0>; reset-names = "ufsphy"; @@ -3703,7 +3705,7 @@ spmi_bus: spmi@c400000 { compatible = "qcom,spmi-pmic-arb"; reg = <0 0x0c400000 0 0x3000>, - <0 0x0c500000 0 0x4000000>, + <0 0x0c500000 0 0x400000>, <0 0x0c440000 0 0x80000>, <0 0x0c4c0000 0 0x20000>, <0 0x0c42d000 0 0x4000>; --- linux-6.8.0.orig/arch/arm64/boot/dts/qcom/x1e80100-qcp.dts +++ linux-6.8.0/arch/arm64/boot/dts/qcom/x1e80100-qcp.dts @@ -243,7 +243,7 @@ qcom,pmic-id = "e"; vdd-l2-supply = <&vreg_s1f_0p7>; - vdd-l3-supply = <&vph_pwr>; + vdd-l3-supply = <&vreg_s5j_1p2>; vreg_l2e_0p8: ldo2 { regulator-name = "vreg_l2e_0p8"; @@ -349,7 +349,7 @@ qcom,pmic-id = "j"; vdd-l1-supply = <&vreg_s1f_0p7>; - vdd-l2-supply = <&vph_pwr>; + vdd-l2-supply = <&vreg_s5j_1p2>; vdd-l3-supply = <&vreg_s1f_0p7>; vdd-s5-supply = <&vph_pwr>; --- linux-6.8.0.orig/arch/arm64/boot/dts/qcom/x1e80100.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/qcom/x1e80100.dtsi @@ -3315,7 +3315,6 @@ <0 0x17510000 0 0x10000>, <0 0x17520000 0 0x10000>; reg-names = "drv-0", "drv-1", "drv-2"; - qcom,drv-count = <3>; interrupts = , , --- linux-6.8.0.orig/arch/arm64/boot/dts/renesas/r8a779a0.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/renesas/r8a779a0.dtsi @@ -658,7 +658,7 @@ avb0: ethernet@e6800000 { compatible = "renesas,etheravb-r8a779a0", "renesas,etheravb-rcar-gen4"; - reg = <0 0xe6800000 0 0x800>; + reg = <0 0xe6800000 0 0x1000>; interrupts = , , , @@ -706,7 +706,7 @@ avb1: ethernet@e6810000 { compatible = "renesas,etheravb-r8a779a0", "renesas,etheravb-rcar-gen4"; - reg = <0 0xe6810000 0 0x800>; + reg = <0 0xe6810000 0 0x1000>; interrupts = , , , --- linux-6.8.0.orig/arch/arm64/boot/dts/renesas/r8a779g0.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/renesas/r8a779g0.dtsi @@ -161,11 +161,6 @@ }; }; - psci { - compatible = "arm,psci-1.0", "arm,psci-0.2"; - method = "smc"; - }; - extal_clk: extal { compatible = "fixed-clock"; #clock-cells = <0>; @@ -185,13 +180,24 @@ interrupts-extended = <&gic GIC_PPI 7 IRQ_TYPE_LEVEL_LOW>; }; - /* External SCIF clock - to be overridden by boards that provide it */ + psci { + compatible = "arm,psci-1.0", "arm,psci-0.2"; + method = "smc"; + }; + + /* External SCIF clocks - to be overridden by boards that provide them */ scif_clk: scif { compatible = "fixed-clock"; #clock-cells = <0>; clock-frequency = <0>; }; + scif_clk2: scif2 { + compatible = "fixed-clock"; + #clock-cells = <0>; + clock-frequency = <0>; + }; + soc: soc { compatible = "simple-bus"; interrupt-parent = <&gic>; @@ -681,7 +687,7 @@ interrupts = ; clocks = <&cpg CPG_MOD 516>, <&cpg CPG_CORE R8A779G0_CLK_SASYNCPERD1>, - <&scif_clk>; + <&scif_clk2>; clock-names = "fck", "brg_int", "scif_clk"; dmas = <&dmac0 0x35>, <&dmac0 0x34>, <&dmac1 0x35>, <&dmac1 0x34>; @@ -761,7 +767,7 @@ avb0: ethernet@e6800000 { compatible = "renesas,etheravb-r8a779g0", "renesas,etheravb-rcar-gen4"; - reg = <0 0xe6800000 0 0x800>; + reg = <0 0xe6800000 0 0x1000>; interrupts = , , , @@ -808,7 +814,7 @@ avb1: ethernet@e6810000 { compatible = "renesas,etheravb-r8a779g0", "renesas,etheravb-rcar-gen4"; - reg = <0 0xe6810000 0 0x800>; + reg = <0 0xe6810000 0 0x1000>; interrupts = , , , @@ -1057,7 +1063,7 @@ interrupts = ; clocks = <&cpg CPG_MOD 705>, <&cpg CPG_CORE R8A779G0_CLK_SASYNCPERD1>, - <&scif_clk>; + <&scif_clk2>; clock-names = "fck", "brg_int", "scif_clk"; dmas = <&dmac0 0x59>, <&dmac0 0x58>, <&dmac1 0x59>, <&dmac1 0x58>; @@ -1777,6 +1783,37 @@ }; }; + mmc0: mmc@ee140000 { + compatible = "renesas,sdhi-r8a779g0", + "renesas,rcar-gen4-sdhi"; + reg = <0 0xee140000 0 0x2000>; + interrupts = ; + clocks = <&cpg CPG_MOD 706>, + <&cpg CPG_CORE R8A779G0_CLK_SD0H>; + clock-names = "core", "clkh"; + power-domains = <&sysc R8A779G0_PD_ALWAYS_ON>; + resets = <&cpg 706>; + max-frequency = <200000000>; + iommus = <&ipmmu_ds0 32>; + status = "disabled"; + }; + + rpc: spi@ee200000 { + compatible = "renesas,r8a779g0-rpc-if", + "renesas,rcar-gen4-rpc-if"; + reg = <0 0xee200000 0 0x200>, + <0 0x08000000 0 0x04000000>, + <0 0xee208000 0 0x100>; + reg-names = "regs", "dirmap", "wbuf"; + interrupts = ; + clocks = <&cpg CPG_MOD 629>; + power-domains = <&sysc R8A779G0_PD_ALWAYS_ON>; + resets = <&cpg 629>; + #address-cells = <1>; + #size-cells = <0>; + status = "disabled"; + }; + ipmmu_rt0: iommu@ee480000 { compatible = "renesas,ipmmu-r8a779g0", "renesas,rcar-gen4-ipmmu-vmsa"; @@ -1886,37 +1923,6 @@ #iommu-cells = <1>; }; - mmc0: mmc@ee140000 { - compatible = "renesas,sdhi-r8a779g0", - "renesas,rcar-gen4-sdhi"; - reg = <0 0xee140000 0 0x2000>; - interrupts = ; - clocks = <&cpg CPG_MOD 706>, - <&cpg CPG_CORE R8A779G0_CLK_SD0H>; - clock-names = "core", "clkh"; - power-domains = <&sysc R8A779G0_PD_ALWAYS_ON>; - resets = <&cpg 706>; - max-frequency = <200000000>; - iommus = <&ipmmu_ds0 32>; - status = "disabled"; - }; - - rpc: spi@ee200000 { - compatible = "renesas,r8a779g0-rpc-if", - "renesas,rcar-gen4-rpc-if"; - reg = <0 0xee200000 0 0x200>, - <0 0x08000000 0 0x04000000>, - <0 0xee208000 0 0x100>; - reg-names = "regs", "dirmap", "wbuf"; - interrupts = ; - clocks = <&cpg CPG_MOD 629>; - power-domains = <&sysc R8A779G0_PD_ALWAYS_ON>; - resets = <&cpg 629>; - #address-cells = <1>; - #size-cells = <0>; - status = "disabled"; - }; - gic: interrupt-controller@f1000000 { compatible = "arm,gic-v3"; #interrupt-cells = <3>; --- linux-6.8.0.orig/arch/arm64/boot/dts/renesas/r9a07g043u.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/renesas/r9a07g043u.dtsi @@ -109,7 +109,13 @@ , , , - ; + , + , + , + , + , + , + ; interrupt-names = "nmi", "irq0", "irq1", "irq2", "irq3", "irq4", "irq5", "irq6", "irq7", @@ -121,7 +127,9 @@ "tint20", "tint21", "tint22", "tint23", "tint24", "tint25", "tint26", "tint27", "tint28", "tint29", "tint30", "tint31", - "bus-err"; + "bus-err", "ec7tie1-0", "ec7tie2-0", + "ec7tiovf-0", "ec7tie1-1", "ec7tie2-1", + "ec7tiovf-1"; clocks = <&cpg CPG_MOD R9A07G043_IA55_CLK>, <&cpg CPG_MOD R9A07G043_IA55_PCLK>; clock-names = "clk", "pclk"; --- linux-6.8.0.orig/arch/arm64/boot/dts/renesas/r9a07g044.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/renesas/r9a07g044.dtsi @@ -905,7 +905,27 @@ , , , - ; + , + , + , + , + , + , + , + ; + interrupt-names = "nmi", "irq0", "irq1", "irq2", "irq3", + "irq4", "irq5", "irq6", "irq7", + "tint0", "tint1", "tint2", "tint3", + "tint4", "tint5", "tint6", "tint7", + "tint8", "tint9", "tint10", "tint11", + "tint12", "tint13", "tint14", "tint15", + "tint16", "tint17", "tint18", "tint19", + "tint20", "tint21", "tint22", "tint23", + "tint24", "tint25", "tint26", "tint27", + "tint28", "tint29", "tint30", "tint31", + "bus-err", "ec7tie1-0", "ec7tie2-0", + "ec7tiovf-0", "ec7tie1-1", "ec7tie2-1", + "ec7tiovf-1"; clocks = <&cpg CPG_MOD R9A07G044_IA55_CLK>, <&cpg CPG_MOD R9A07G044_IA55_PCLK>; clock-names = "clk", "pclk"; --- linux-6.8.0.orig/arch/arm64/boot/dts/renesas/r9a07g054.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/renesas/r9a07g054.dtsi @@ -912,7 +912,27 @@ , , , - ; + , + , + , + , + , + , + , + ; + interrupt-names = "nmi", "irq0", "irq1", "irq2", "irq3", + "irq4", "irq5", "irq6", "irq7", + "tint0", "tint1", "tint2", "tint3", + "tint4", "tint5", "tint6", "tint7", + "tint8", "tint9", "tint10", "tint11", + "tint12", "tint13", "tint14", "tint15", + "tint16", "tint17", "tint18", "tint19", + "tint20", "tint21", "tint22", "tint23", + "tint24", "tint25", "tint26", "tint27", + "tint28", "tint29", "tint30", "tint31", + "bus-err", "ec7tie1-0", "ec7tie2-0", + "ec7tiovf-0", "ec7tie1-1", "ec7tie2-1", + "ec7tiovf-1"; clocks = <&cpg CPG_MOD R9A07G054_IA55_CLK>, <&cpg CPG_MOD R9A07G054_IA55_PCLK>; clock-names = "clk", "pclk"; --- linux-6.8.0.orig/arch/arm64/boot/dts/renesas/r9a08g045.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/renesas/r9a08g045.dtsi @@ -152,7 +152,10 @@ , , , - ; + , + , + , + ; interrupt-names = "nmi", "irq0", "irq1", "irq2", "irq3", "irq4", "irq5", "irq6", "irq7", @@ -164,7 +167,8 @@ "tint20", "tint21", "tint22", "tint23", "tint24", "tint25", "tint26", "tint27", "tint28", "tint29", "tint30", "tint31", - "bus-err"; + "bus-err", "ec7tie1-0", "ec7tie2-0", + "ec7tiovf-0"; clocks = <&cpg CPG_MOD R9A08G045_IA55_CLK>, <&cpg CPG_MOD R9A08G045_IA55_PCLK>; clock-names = "clk", "pclk"; --- linux-6.8.0.orig/arch/arm64/boot/dts/renesas/rzg3s-smarc-som.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/renesas/rzg3s-smarc-som.dtsi @@ -193,12 +193,14 @@ #endif &pinctrl { +#if SW_CONFIG3 == SW_ON eth0-phy-irq-hog { gpio-hog; gpios = ; input; line-name = "eth0-phy-irq"; }; +#endif eth0_pins: eth0 { txc { @@ -234,12 +236,14 @@ }; }; +#if SW_CONFIG3 == SW_ON eth1-phy-irq-hog { gpio-hog; gpios = ; input; line-name = "eth1-phy-irq"; }; +#endif eth1_pins: eth1 { txc { --- linux-6.8.0.orig/arch/arm64/boot/dts/rockchip/rk356x.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/rockchip/rk356x.dtsi @@ -597,6 +597,7 @@ compatible = "rockchip,rk3568-vpu"; reg = <0x0 0xfdea0000 0x0 0x800>; interrupts = ; + interrupt-names = "vdpu"; clocks = <&cru ACLK_VPU>, <&cru HCLK_VPU>; clock-names = "aclk", "hclk"; iommus = <&vdpu_mmu>; @@ -1123,7 +1124,7 @@ dmas = <&dmac1 4>, <&dmac1 5>; dma-names = "tx", "rx"; resets = <&cru SRST_M_I2S2_2CH>; - reset-names = "m"; + reset-names = "tx-m"; rockchip,grf = <&grf>; pinctrl-names = "default"; pinctrl-0 = <&i2s2m0_sclktx --- linux-6.8.0.orig/arch/arm64/boot/dts/rockchip/rk3588s.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/rockchip/rk3588s.dtsi @@ -1704,7 +1704,6 @@ dmas = <&dmac1 0>, <&dmac1 1>; dma-names = "tx", "rx"; power-domains = <&power RK3588_PD_AUDIO>; - rockchip,trcm-sync-tx-only; pinctrl-names = "default"; pinctrl-0 = <&i2s2m1_lrck &i2s2m1_sclk @@ -1725,7 +1724,6 @@ dmas = <&dmac1 2>, <&dmac1 3>; dma-names = "tx", "rx"; power-domains = <&power RK3588_PD_AUDIO>; - rockchip,trcm-sync-tx-only; pinctrl-names = "default"; pinctrl-0 = <&i2s3_lrck &i2s3_sclk --- linux-6.8.0.orig/arch/arm64/boot/dts/ti/Makefile +++ linux-6.8.0/arch/arm64/boot/dts/ti/Makefile @@ -57,6 +57,7 @@ dtb-$(CONFIG_ARCH_K3) += k3-am654-gp-evm.dtb dtb-$(CONFIG_ARCH_K3) += k3-am654-evm.dtb dtb-$(CONFIG_ARCH_K3) += k3-am654-idk.dtb +dtb-$(CONFIG_ARCH_K3) += k3-am654-base-board-rocktech-rk101-panel.dtbo # Boards with J7200 SoC k3-j7200-evm-dtbs := k3-j7200-common-proc-board.dtb k3-j7200-evm-quad-port-eth-exp.dtbo --- linux-6.8.0.orig/arch/arm64/boot/dts/ti/k3-am62-main.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/ti/k3-am62-main.dtsi @@ -640,6 +640,8 @@ interrupt-names = "host", "peripheral"; maximum-speed = "high-speed"; dr_mode = "otg"; + snps,usb2-gadget-lpm-disable; + snps,usb2-lpm-disable; }; }; @@ -663,6 +665,8 @@ interrupt-names = "host", "peripheral"; maximum-speed = "high-speed"; dr_mode = "otg"; + snps,usb2-gadget-lpm-disable; + snps,usb2-lpm-disable; }; }; @@ -779,9 +783,10 @@ <0x00 0x30207000 0x00 0x1000>, /* ovr1 */ <0x00 0x30208000 0x00 0x1000>, /* ovr2 */ <0x00 0x3020a000 0x00 0x1000>, /* vp1: Used for OLDI */ - <0x00 0x3020b000 0x00 0x1000>; /* vp2: Used as DPI Out */ + <0x00 0x3020b000 0x00 0x1000>, /* vp2: Used as DPI Out */ + <0x00 0x30201000 0x00 0x1000>; /* common1 */ reg-names = "common", "vidl1", "vid", - "ovr1", "ovr2", "vp1", "vp2"; + "ovr1", "ovr2", "vp1", "vp2", "common1"; power-domains = <&k3_pds 186 TI_SCI_PD_EXCLUSIVE>; clocks = <&k3_clks 186 6>, <&dss_vp1_clk>, --- linux-6.8.0.orig/arch/arm64/boot/dts/ti/k3-am62p-mcu.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/ti/k3-am62p-mcu.dtsi @@ -187,6 +187,8 @@ ranges = <0x79000000 0x00 0x79000000 0x8000>, <0x79020000 0x00 0x79020000 0x8000>; power-domains = <&k3_pds 7 TI_SCI_PD_EXCLUSIVE>; + status = "disabled"; + mcu_r5fss0_core0: r5f@79000000 { compatible = "ti,am62-r5f"; reg = <0x79000000 0x00008000>, --- linux-6.8.0.orig/arch/arm64/boot/dts/ti/k3-am62p-wakeup.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/ti/k3-am62p-wakeup.dtsi @@ -78,6 +78,7 @@ ranges = <0x78000000 0x00 0x78000000 0x8000>, <0x78100000 0x00 0x78100000 0x8000>; power-domains = <&k3_pds 119 TI_SCI_PD_EXCLUSIVE>; + status = "disabled"; wkup_r5fss0_core0: r5f@78000000 { compatible = "ti,am62-r5f"; --- linux-6.8.0.orig/arch/arm64/boot/dts/ti/k3-am62p.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/ti/k3-am62p.dtsi @@ -71,7 +71,7 @@ <0x00 0x43600000 0x00 0x43600000 0x00 0x00010000>, /* SA3 sproxy data */ <0x00 0x44043000 0x00 0x44043000 0x00 0x00000fe0>, /* TI SCI DEBUG */ <0x00 0x44860000 0x00 0x44860000 0x00 0x00040000>, /* SA3 sproxy config */ - <0x00 0x48000000 0x00 0x48000000 0x00 0x06400000>, /* DMSS */ + <0x00 0x48000000 0x00 0x48000000 0x00 0x06408000>, /* DMSS */ <0x00 0x60000000 0x00 0x60000000 0x00 0x08000000>, /* FSS0 DAT1 */ <0x00 0x70000000 0x00 0x70000000 0x00 0x00010000>, /* OCSRAM */ <0x01 0x00000000 0x01 0x00000000 0x00 0x00310000>, /* A53 PERIPHBASE */ --- linux-6.8.0.orig/arch/arm64/boot/dts/ti/k3-am62p5-sk.dts +++ linux-6.8.0/arch/arm64/boot/dts/ti/k3-am62p5-sk.dts @@ -445,6 +445,10 @@ }; &cpsw3g_mdio { + pinctrl-names = "default"; + pinctrl-0 = <&main_mdio1_pins_default>; + status = "okay"; + cpsw3g_phy0: ethernet-phy@0 { reg = <0>; ti,rx-internal-delay = ; --- linux-6.8.0.orig/arch/arm64/boot/dts/ti/k3-am64-main.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/ti/k3-am64-main.dtsi @@ -633,6 +633,9 @@ ti,otap-del-sel-mmc-hs = <0x0>; ti,otap-del-sel-ddr52 = <0x6>; ti,otap-del-sel-hs200 = <0x7>; + ti,itap-del-sel-legacy = <0x10>; + ti,itap-del-sel-mmc-hs = <0xa>; + ti,itap-del-sel-ddr52 = <0x3>; status = "disabled"; }; @@ -645,12 +648,16 @@ clock-names = "clk_ahb", "clk_xin"; ti,trm-icp = <0x2>; ti,otap-del-sel-legacy = <0x0>; - ti,otap-del-sel-sd-hs = <0xf>; + ti,otap-del-sel-sd-hs = <0x0>; ti,otap-del-sel-sdr12 = <0xf>; ti,otap-del-sel-sdr25 = <0xf>; ti,otap-del-sel-sdr50 = <0xc>; ti,otap-del-sel-sdr104 = <0x6>; ti,otap-del-sel-ddr50 = <0x9>; + ti,itap-del-sel-legacy = <0x0>; + ti,itap-del-sel-sd-hs = <0x0>; + ti,itap-del-sel-sdr12 = <0x0>; + ti,itap-del-sel-sdr25 = <0x0>; ti,clkbuf-sel = <0x7>; status = "disabled"; }; --- linux-6.8.0.orig/arch/arm64/boot/dts/ti/k3-am65-main.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/ti/k3-am65-main.dtsi @@ -1019,9 +1019,10 @@ <0x0 0x04a07000 0x0 0x1000>, /* ovr1 */ <0x0 0x04a08000 0x0 0x1000>, /* ovr2 */ <0x0 0x04a0a000 0x0 0x1000>, /* vp1 */ - <0x0 0x04a0b000 0x0 0x1000>; /* vp2 */ + <0x0 0x04a0b000 0x0 0x1000>, /* vp2 */ + <0x0 0x04a01000 0x0 0x1000>; /* common1 */ reg-names = "common", "vidl1", "vid", - "ovr1", "ovr2", "vp1", "vp2"; + "ovr1", "ovr2", "vp1", "vp2", "common1"; ti,am65x-oldi-io-ctrl = <&dss_oldi_io_ctrl>; --- linux-6.8.0.orig/arch/arm64/boot/dts/ti/k3-am69-sk.dts +++ linux-6.8.0/arch/arm64/boot/dts/ti/k3-am69-sk.dts @@ -646,7 +646,7 @@ pinctrl-names = "default"; pinctrl-0 = <&pmic_irq_pins_default>; interrupt-parent = <&wkup_gpio0>; - interrupts = <39 IRQ_TYPE_EDGE_FALLING>; + interrupts = <83 IRQ_TYPE_EDGE_FALLING>; gpio-controller; #gpio-cells = <2>; ti,primary-pmic; @@ -918,13 +918,9 @@ pinctrl-names = "default"; pinctrl-0 = <&dss_vout0_pins_default>; assigned-clocks = <&k3_clks 218 2>, - <&k3_clks 218 5>, - <&k3_clks 218 14>, - <&k3_clks 218 18>; + <&k3_clks 218 5>; assigned-clock-parents = <&k3_clks 218 3>, - <&k3_clks 218 7>, - <&k3_clks 218 16>, - <&k3_clks 218 22>; + <&k3_clks 218 7>; }; &serdes_wiz4 { --- linux-6.8.0.orig/arch/arm64/boot/dts/ti/k3-j7200-common-proc-board.dts +++ linux-6.8.0/arch/arm64/boot/dts/ti/k3-j7200-common-proc-board.dts @@ -91,24 +91,25 @@ }; &wkup_pmx0 { +}; + +&wkup_pmx2 { mcu_uart0_pins_default: mcu-uart0-default-pins { pinctrl-single,pins = < - J721E_WKUP_IOPAD(0xf4, PIN_INPUT, 0) /* (D20) MCU_UART0_RXD */ - J721E_WKUP_IOPAD(0xf0, PIN_OUTPUT, 0) /* (D19) MCU_UART0_TXD */ - J721E_WKUP_IOPAD(0xf8, PIN_INPUT, 0) /* (E20) MCU_UART0_CTSn */ - J721E_WKUP_IOPAD(0xfc, PIN_OUTPUT, 0) /* (E21) MCU_UART0_RTSn */ + J721E_WKUP_IOPAD(0x90, PIN_INPUT, 0) /* (E20) MCU_UART0_CTSn */ + J721E_WKUP_IOPAD(0x94, PIN_OUTPUT, 0) /* (E21) MCU_UART0_RTSn */ + J721E_WKUP_IOPAD(0x8c, PIN_INPUT, 0) /* (D20) MCU_UART0_RXD */ + J721E_WKUP_IOPAD(0x88, PIN_OUTPUT, 0) /* (D19) MCU_UART0_TXD */ >; }; wkup_uart0_pins_default: wkup-uart0-default-pins { pinctrl-single,pins = < - J721E_WKUP_IOPAD(0xb0, PIN_INPUT, 0) /* (B14) WKUP_UART0_RXD */ - J721E_WKUP_IOPAD(0xb4, PIN_OUTPUT, 0) /* (A14) WKUP_UART0_TXD */ + J721E_WKUP_IOPAD(0x48, PIN_INPUT, 0) /* (B14) WKUP_UART0_RXD */ + J721E_WKUP_IOPAD(0x4c, PIN_OUTPUT, 0) /* (A14) WKUP_UART0_TXD */ >; }; -}; -&wkup_pmx2 { mcu_cpsw_pins_default: mcu-cpsw-default-pins { pinctrl-single,pins = < J721E_WKUP_IOPAD(0x0000, PIN_OUTPUT, 0) /* MCU_RGMII1_TX_CTL */ @@ -210,7 +211,6 @@ status = "okay"; pinctrl-names = "default"; pinctrl-0 = <&mcu_uart0_pins_default>; - clock-frequency = <96000000>; }; &main_uart0 { --- linux-6.8.0.orig/arch/arm64/boot/dts/ti/k3-j721e-mcu-wakeup.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/ti/k3-j721e-mcu-wakeup.dtsi @@ -353,9 +353,9 @@ hbmc_mux: mux-controller@47000004 { compatible = "reg-mux"; - reg = <0x00 0x47000004 0x00 0x2>; + reg = <0x00 0x47000004 0x00 0x4>; #mux-control-cells = <1>; - mux-reg-masks = <0x4 0x2>; /* HBMC select */ + mux-reg-masks = <0x0 0x2>; /* HBMC select */ }; hbmc: hyperbus@47034000 { --- linux-6.8.0.orig/arch/arm64/boot/dts/ti/k3-j721e-sk.dts +++ linux-6.8.0/arch/arm64/boot/dts/ti/k3-j721e-sk.dts @@ -574,7 +574,7 @@ pinctrl-names = "default"; pinctrl-0 = <&pmic_irq_pins_default>; interrupt-parent = <&wkup_gpio0>; - interrupts = <9 IRQ_TYPE_EDGE_FALLING>; + interrupts = <7 IRQ_TYPE_EDGE_FALLING>; gpio-controller; #gpio-cells = <2>; ti,primary-pmic; @@ -651,7 +651,7 @@ reg = <0x4c>; system-power-controller; interrupt-parent = <&wkup_gpio0>; - interrupts = <9 IRQ_TYPE_EDGE_FALLING>; + interrupts = <7 IRQ_TYPE_EDGE_FALLING>; gpio-controller; #gpio-cells = <2>; buck1234-supply = <&vsys_3v3>; --- linux-6.8.0.orig/arch/arm64/boot/dts/ti/k3-j721s2-common-proc-board.dts +++ linux-6.8.0/arch/arm64/boot/dts/ti/k3-j721s2-common-proc-board.dts @@ -190,8 +190,6 @@ &wkup_pmx2 { wkup_uart0_pins_default: wkup-uart0-default-pins { pinctrl-single,pins = < - J721S2_WKUP_IOPAD(0x070, PIN_INPUT, 0) /* (E25) WKUP_GPIO0_6.WKUP_UART0_CTSn */ - J721S2_WKUP_IOPAD(0x074, PIN_OUTPUT, 0) /* (F28) WKUP_GPIO0_7.WKUP_UART0_RTSn */ J721S2_WKUP_IOPAD(0x048, PIN_INPUT, 0) /* (D28) WKUP_UART0_RXD */ J721S2_WKUP_IOPAD(0x04c, PIN_OUTPUT, 0) /* (D27) WKUP_UART0_TXD */ >; --- linux-6.8.0.orig/arch/arm64/boot/dts/ti/k3-j721s2-mcu-wakeup.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/ti/k3-j721s2-mcu-wakeup.dtsi @@ -663,7 +663,7 @@ compatible = "ti,j7200-vtm"; reg = <0x00 0x42040000 0x0 0x350>, <0x00 0x42050000 0x0 0x350>; - power-domains = <&k3_pds 154 TI_SCI_PD_SHARED>; + power-domains = <&k3_pds 180 TI_SCI_PD_SHARED>; #thermal-sensor-cells = <1>; }; --- linux-6.8.0.orig/arch/arm64/boot/dts/ti/k3-j784s4-evm.dts +++ linux-6.8.0/arch/arm64/boot/dts/ti/k3-j784s4-evm.dts @@ -335,8 +335,6 @@ wkup_uart0_pins_default: wkup-uart0-default-pins { bootph-all; pinctrl-single,pins = < - J721S2_WKUP_IOPAD(0x070, PIN_INPUT, 0) /* (L37) WKUP_GPIO0_6.WKUP_UART0_CTSn */ - J721S2_WKUP_IOPAD(0x074, PIN_INPUT, 0) /* (L36) WKUP_GPIO0_7.WKUP_UART0_RTSn */ J721S2_WKUP_IOPAD(0x048, PIN_INPUT, 0) /* (K35) WKUP_UART0_RXD */ J721S2_WKUP_IOPAD(0x04c, PIN_INPUT, 0) /* (K34) WKUP_UART0_TXD */ >; --- linux-6.8.0.orig/arch/arm64/boot/dts/ti/k3-j784s4-main.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/ti/k3-j784s4-main.dtsi @@ -52,12 +52,12 @@ compatible = "reg-mux"; reg = <0x00004080 0x30>; #mux-control-cells = <1>; - mux-reg-masks = <0x4080 0x3>, <0x4084 0x3>, /* SERDES0 lane0/1 select */ - <0x4088 0x3>, <0x408c 0x3>, /* SERDES0 lane2/3 select */ - <0x4090 0x3>, <0x4094 0x3>, /* SERDES1 lane0/1 select */ - <0x4098 0x3>, <0x409c 0x3>, /* SERDES1 lane2/3 select */ - <0x40a0 0x3>, <0x40a4 0x3>, /* SERDES2 lane0/1 select */ - <0x40a8 0x3>, <0x40ac 0x3>; /* SERDES2 lane2/3 select */ + mux-reg-masks = <0x0 0x3>, <0x4 0x3>, /* SERDES0 lane0/1 select */ + <0x8 0x3>, <0xc 0x3>, /* SERDES0 lane2/3 select */ + <0x10 0x3>, <0x14 0x3>, /* SERDES1 lane0/1 select */ + <0x18 0x3>, <0x1c 0x3>, /* SERDES1 lane2/3 select */ + <0x20 0x3>, <0x24 0x3>, /* SERDES2 lane0/1 select */ + <0x28 0x3>, <0x2c 0x3>; /* SERDES2 lane2/3 select */ idle-states = , , , --- linux-6.8.0.orig/arch/arm64/boot/dts/ti/k3-j784s4-mcu-wakeup.dtsi +++ linux-6.8.0/arch/arm64/boot/dts/ti/k3-j784s4-mcu-wakeup.dtsi @@ -628,7 +628,7 @@ compatible = "ti,j7200-vtm"; reg = <0x00 0x42040000 0x00 0x350>, <0x00 0x42050000 0x00 0x350>; - power-domains = <&k3_pds 154 TI_SCI_PD_SHARED>; + power-domains = <&k3_pds 243 TI_SCI_PD_SHARED>; #thermal-sensor-cells = <1>; }; --- linux-6.8.0.orig/arch/arm64/kernel/fpsimd.c +++ linux-6.8.0/arch/arm64/kernel/fpsimd.c @@ -1923,7 +1923,7 @@ put_cpu_fpsimd_context(); } -EXPORT_SYMBOL_GPL(kernel_neon_begin); +EXPORT_SYMBOL(kernel_neon_begin); /* * kernel_neon_end(): give the CPU FPSIMD registers back to the current task @@ -1950,7 +1950,7 @@ else clear_thread_flag(TIF_KERNEL_FPSTATE); } -EXPORT_SYMBOL_GPL(kernel_neon_end); +EXPORT_SYMBOL(kernel_neon_end); #ifdef CONFIG_EFI --- linux-6.8.0.orig/arch/hexagon/kernel/vmlinux.lds.S +++ linux-6.8.0/arch/hexagon/kernel/vmlinux.lds.S @@ -63,6 +63,7 @@ STABS_DEBUG DWARF_DEBUG ELF_DETAILS + .hexagon.attributes 0 : { *(.hexagon.attributes) } DISCARDS } --- linux-6.8.0.orig/arch/loongarch/crypto/crc32-loongarch.c +++ linux-6.8.0/arch/loongarch/crypto/crc32-loongarch.c @@ -44,7 +44,6 @@ CRC32(crc, value, w); p += sizeof(u32); - len -= sizeof(u32); } if (len & sizeof(u16)) { @@ -80,7 +79,6 @@ CRC32C(crc, value, w); p += sizeof(u32); - len -= sizeof(u32); } if (len & sizeof(u16)) { --- linux-6.8.0.orig/arch/loongarch/include/asm/Kbuild +++ linux-6.8.0/arch/loongarch/include/asm/Kbuild @@ -4,6 +4,7 @@ generic-y += parport.h generic-y += early_ioremap.h generic-y += qrwlock.h +generic-y += qspinlock.h generic-y += rwsem.h generic-y += segment.h generic-y += user.h --- linux-6.8.0.orig/arch/loongarch/include/asm/io.h +++ linux-6.8.0/arch/loongarch/include/asm/io.h @@ -71,6 +71,8 @@ #define memcpy_fromio(a, c, l) __memcpy_fromio((a), (c), (l)) #define memcpy_toio(c, a, l) __memcpy_toio((c), (a), (l)) +#define __io_aw() mmiowb() + #include #define ARCH_HAS_VALID_PHYS_ADDR_RANGE --- linux-6.8.0.orig/arch/loongarch/include/asm/percpu.h +++ linux-6.8.0/arch/loongarch/include/asm/percpu.h @@ -29,7 +29,12 @@ __my_cpu_offset = off; csr_write64(off, PERCPU_BASE_KS); } -#define __my_cpu_offset __my_cpu_offset + +#define __my_cpu_offset \ +({ \ + __asm__ __volatile__("":"+r"(__my_cpu_offset)); \ + __my_cpu_offset; \ +}) #define PERCPU_OP(op, asm_op, c_op) \ static __always_inline unsigned long __percpu_##op(void *ptr, \ --- linux-6.8.0.orig/arch/mips/include/asm/mips-cm.h +++ linux-6.8.0/arch/mips/include/asm/mips-cm.h @@ -33,6 +33,19 @@ */ extern phys_addr_t __mips_cm_phys_base(void); +/** + * mips_cm_l2sync_phys_base - retrieve the physical base address of the CM + * L2-sync region + * + * This function returns the physical base address of the Coherence Manager + * L2-cache only region. It provides a default implementation which reads the + * CMGCRL2OnlySyncBase register where available or returns a 4K region just + * behind the CM GCR base address. It may be overridden by platforms which + * determine this address in a different way by defining a function with the + * same prototype. + */ +extern phys_addr_t mips_cm_l2sync_phys_base(void); + /* * mips_cm_is64 - determine CM register width * --- linux-6.8.0.orig/arch/mips/kernel/mips-cm.c +++ linux-6.8.0/arch/mips/kernel/mips-cm.c @@ -201,7 +201,7 @@ phys_addr_t mips_cm_phys_base(void) __attribute__((weak, alias("__mips_cm_phys_base"))); -static phys_addr_t __mips_cm_l2sync_phys_base(void) +phys_addr_t __weak mips_cm_l2sync_phys_base(void) { u32 base_reg; @@ -217,9 +217,6 @@ return mips_cm_phys_base() + MIPS_CM_GCR_SIZE; } -phys_addr_t mips_cm_l2sync_phys_base(void) - __attribute__((weak, alias("__mips_cm_l2sync_phys_base"))); - static void mips_cm_probe_l2sync(void) { unsigned major_rev; --- linux-6.8.0.orig/arch/parisc/include/asm/assembly.h +++ linux-6.8.0/arch/parisc/include/asm/assembly.h @@ -97,26 +97,28 @@ * version takes two arguments: a src and destination register. * However, the source and destination registers can not be * the same register. + * + * We use add,l to avoid clobbering the C/B bits in the PSW. */ .macro tophys grvirt, grphys - ldil L%(__PAGE_OFFSET), \grphys - sub \grvirt, \grphys, \grphys + ldil L%(-__PAGE_OFFSET), \grphys + addl \grvirt, \grphys, \grphys .endm - + .macro tovirt grphys, grvirt ldil L%(__PAGE_OFFSET), \grvirt - add \grphys, \grvirt, \grvirt + addl \grphys, \grvirt, \grvirt .endm .macro tophys_r1 gr - ldil L%(__PAGE_OFFSET), %r1 - sub \gr, %r1, \gr + ldil L%(-__PAGE_OFFSET), %r1 + addl \gr, %r1, \gr .endm - + .macro tovirt_r1 gr ldil L%(__PAGE_OFFSET), %r1 - add \gr, %r1, \gr + addl \gr, %r1, \gr .endm .macro delay value --- linux-6.8.0.orig/arch/parisc/include/asm/checksum.h +++ linux-6.8.0/arch/parisc/include/asm/checksum.h @@ -40,7 +40,7 @@ " addc %0, %5, %0\n" " addc %0, %3, %0\n" "1: ldws,ma 4(%1), %3\n" -" addib,< 0, %2, 1b\n" +" addib,> -1, %2, 1b\n" " addc %0, %3, %0\n" "\n" " extru %0, 31, 16, %4\n" @@ -126,6 +126,7 @@ ** Try to keep 4 registers with "live" values ahead of the ALU. */ +" depdi 0, 31, 32, %0\n"/* clear upper half of incoming checksum */ " ldd,ma 8(%1), %4\n" /* get 1st saddr word */ " ldd,ma 8(%2), %5\n" /* get 1st daddr word */ " add %4, %0, %0\n" @@ -137,8 +138,8 @@ " add,dc %3, %0, %0\n" /* fold in proto+len | carry bit */ " extrd,u %0, 31, 32, %4\n"/* copy upper half down */ " depdi 0, 31, 32, %0\n"/* clear upper half */ -" add %4, %0, %0\n" /* fold into 32-bits */ -" addc 0, %0, %0\n" /* add carry */ +" add,dc %4, %0, %0\n" /* fold into 32-bits, plus carry */ +" addc 0, %0, %0\n" /* add final carry */ #else @@ -163,7 +164,8 @@ " ldw,ma 4(%2), %7\n" /* 4th daddr */ " addc %6, %0, %0\n" " addc %7, %0, %0\n" -" addc %3, %0, %0\n" /* fold in proto+len, catch carry */ +" addc %3, %0, %0\n" /* fold in proto+len */ +" addc 0, %0, %0\n" /* add carry */ #endif : "=r" (sum), "=r" (saddr), "=r" (daddr), "=r" (len), --- linux-6.8.0.orig/arch/parisc/include/asm/mman.h +++ linux-6.8.0/arch/parisc/include/asm/mman.h @@ -0,0 +1,14 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +#ifndef __ASM_MMAN_H__ +#define __ASM_MMAN_H__ + +#include + +/* PARISC cannot allow mdwe as it needs writable stacks */ +static inline bool arch_memory_deny_write_exec_supported(void) +{ + return false; +} +#define arch_memory_deny_write_exec_supported arch_memory_deny_write_exec_supported + +#endif /* __ASM_MMAN_H__ */ --- linux-6.8.0.orig/arch/parisc/kernel/unaligned.c +++ linux-6.8.0/arch/parisc/kernel/unaligned.c @@ -169,6 +169,7 @@ static int emulate_ldd(struct pt_regs *regs, int toreg, int flop) { unsigned long saddr = regs->ior; + unsigned long shift, temp1; __u64 val = 0; ASM_EXCEPTIONTABLE_VAR(ret); @@ -180,25 +181,22 @@ #ifdef CONFIG_64BIT __asm__ __volatile__ ( -" depd,z %3,60,3,%%r19\n" /* r19=(ofs&7)*8 */ -" mtsp %4, %%sr1\n" -" depd %%r0,63,3,%3\n" -"1: ldd 0(%%sr1,%3),%0\n" -"2: ldd 8(%%sr1,%3),%%r20\n" -" subi 64,%%r19,%%r19\n" -" mtsar %%r19\n" -" shrpd %0,%%r20,%%sar,%0\n" +" depd,z %2,60,3,%3\n" /* shift=(ofs&7)*8 */ +" mtsp %5, %%sr1\n" +" depd %%r0,63,3,%2\n" +"1: ldd 0(%%sr1,%2),%0\n" +"2: ldd 8(%%sr1,%2),%4\n" +" subi 64,%3,%3\n" +" mtsar %3\n" +" shrpd %0,%4,%%sar,%0\n" "3: \n" ASM_EXCEPTIONTABLE_ENTRY_EFAULT(1b, 3b, "%1") ASM_EXCEPTIONTABLE_ENTRY_EFAULT(2b, 3b, "%1") - : "=r" (val), "+r" (ret) - : "0" (val), "r" (saddr), "r" (regs->isr) - : "r19", "r20" ); + : "+r" (val), "+r" (ret), "+r" (saddr), "=&r" (shift), "=&r" (temp1) + : "r" (regs->isr) ); #else - { - unsigned long shift, temp1; __asm__ __volatile__ ( -" zdep %2,29,2,%3\n" /* r19=(ofs&3)*8 */ +" zdep %2,29,2,%3\n" /* shift=(ofs&3)*8 */ " mtsp %5, %%sr1\n" " dep %%r0,31,2,%2\n" "1: ldw 0(%%sr1,%2),%0\n" @@ -214,7 +212,6 @@ ASM_EXCEPTIONTABLE_ENTRY_EFAULT(3b, 4b, "%1") : "+r" (val), "+r" (ret), "+r" (saddr), "=&r" (shift), "=&r" (temp1) : "r" (regs->isr) ); - } #endif DPRINTF("val = 0x%llx\n", val); --- linux-6.8.0.orig/arch/powerpc/Makefile +++ linux-6.8.0/arch/powerpc/Makefile @@ -238,7 +238,7 @@ all: zImage # With make 3.82 we cannot mix normal and wildcard targets -BOOT_TARGETS1 := zImage zImage.initrd uImage +BOOT_TARGETS1 := zImage zImage.initrd uImage vmlinux.strip BOOT_TARGETS2 := zImage% dtbImage% treeImage.% cuImage.% simpleImage.% uImage.% PHONY += $(BOOT_TARGETS1) $(BOOT_TARGETS2) --- linux-6.8.0.orig/arch/powerpc/include/asm/cputhreads.h +++ linux-6.8.0/arch/powerpc/include/asm/cputhreads.h @@ -3,6 +3,7 @@ #define _ASM_POWERPC_CPUTHREADS_H #ifndef __ASSEMBLY__ +#include #include #include --- linux-6.8.0.orig/arch/powerpc/include/asm/reg_fsl_emb.h +++ linux-6.8.0/arch/powerpc/include/asm/reg_fsl_emb.h @@ -12,9 +12,16 @@ #ifndef __ASSEMBLY__ /* Performance Monitor Registers */ #define mfpmr(rn) ({unsigned int rval; \ - asm volatile("mfpmr %0," __stringify(rn) \ + asm volatile(".machine push; " \ + ".machine e300; " \ + "mfpmr %0," __stringify(rn) ";" \ + ".machine pop; " \ : "=r" (rval)); rval;}) -#define mtpmr(rn, v) asm volatile("mtpmr " __stringify(rn) ",%0" : : "r" (v)) +#define mtpmr(rn, v) asm volatile(".machine push; " \ + ".machine e300; " \ + "mtpmr " __stringify(rn) ",%0; " \ + ".machine pop; " \ + : : "r" (v)) #endif /* __ASSEMBLY__ */ /* Freescale Book E Performance Monitor APU Registers */ --- linux-6.8.0.orig/arch/powerpc/include/asm/vmalloc.h +++ linux-6.8.0/arch/powerpc/include/asm/vmalloc.h @@ -7,14 +7,14 @@ #ifdef CONFIG_HAVE_ARCH_HUGE_VMAP #define arch_vmap_pud_supported arch_vmap_pud_supported -static inline bool arch_vmap_pud_supported(pgprot_t prot) +static __always_inline bool arch_vmap_pud_supported(pgprot_t prot) { /* HPT does not cope with large pages in the vmalloc area */ return radix_enabled(); } #define arch_vmap_pmd_supported arch_vmap_pmd_supported -static inline bool arch_vmap_pmd_supported(pgprot_t prot) +static __always_inline bool arch_vmap_pmd_supported(pgprot_t prot) { return radix_enabled(); } --- linux-6.8.0.orig/arch/powerpc/kernel/module_64.c +++ linux-6.8.0/arch/powerpc/kernel/module_64.c @@ -347,12 +347,13 @@ static void dedotify_versions(struct modversion_info *vers, unsigned long size) { - struct modversion_info *end; + struct modversion_info *end = (void *)vers + size; - for (end = (void *)vers + size; vers < end; vers++) + for (; vers < end && vers->next; vers = (void *)vers + vers->next) { if (vers->name[0] == '.') { memmove(vers->name, vers->name+1, strlen(vers->name)); } + } } /* --- linux-6.8.0.orig/arch/powerpc/kernel/pci-common.c +++ linux-6.8.0/arch/powerpc/kernel/pci-common.c @@ -360,6 +360,7 @@ } return NULL; } +EXPORT_SYMBOL(pci_find_hose_for_OF_device); struct pci_controller *pci_find_controller_for_domain(int domain_nr) { @@ -1630,6 +1631,7 @@ { return pci_bus_find_capability(fake_pci_bus(hose, bus), devfn, cap); } +EXPORT_SYMBOL_GPL(early_find_capability); struct device_node *pcibios_get_phb_of_node(struct pci_bus *bus) { --- linux-6.8.0.orig/arch/powerpc/kernel/prom.c +++ linux-6.8.0/arch/powerpc/kernel/prom.c @@ -375,6 +375,18 @@ if (IS_ENABLED(CONFIG_PPC64)) boot_cpu_hwid = be32_to_cpu(intserv[found_thread]); + if (nr_cpu_ids % nthreads != 0) { + set_nr_cpu_ids(ALIGN(nr_cpu_ids, nthreads)); + pr_warn("nr_cpu_ids was not a multiple of threads_per_core, adjusted to %d\n", + nr_cpu_ids); + } + + if (boot_cpuid >= nr_cpu_ids) { + set_nr_cpu_ids(min(CONFIG_NR_CPUS, ALIGN(boot_cpuid + 1, nthreads))); + pr_warn("Boot CPU %d >= nr_cpu_ids, adjusted nr_cpu_ids to %d\n", + boot_cpuid, nr_cpu_ids); + } + /* * PAPR defines "logical" PVR values for cpus that * meet various levels of the architecture: --- linux-6.8.0.orig/arch/powerpc/kernel/setup-common.c +++ linux-6.8.0/arch/powerpc/kernel/setup-common.c @@ -35,6 +35,7 @@ #include #include #include +#include #include #include #include @@ -67,6 +68,7 @@ #include #include #include +#include #include "setup.h" @@ -896,6 +898,16 @@ */ initialize_cache_info(); + /* + * Lock down the kernel if booted in secure mode. This is required to + * maintain kernel integrity. + */ + if (IS_ENABLED(CONFIG_LOCK_DOWN_IN_SECURE_BOOT)) { + if (is_ppc_secureboot_enabled()) + security_lock_kernel_down("PowerNV Secure Boot mode", + LOCKDOWN_INTEGRITY_MAX); + } + /* Initialize RTAS if available. */ rtas_initialize(); --- linux-6.8.0.orig/arch/powerpc/lib/Makefile +++ linux-6.8.0/arch/powerpc/lib/Makefile @@ -76,7 +76,7 @@ obj-$(CONFIG_FTR_FIXUP_SELFTEST) += feature-fixups-test.o obj-$(CONFIG_ALTIVEC) += xor_vmx.o xor_vmx_glue.o -CFLAGS_xor_vmx.o += -maltivec $(call cc-option,-mabi=altivec) +CFLAGS_xor_vmx.o += -mhard-float -maltivec $(call cc-option,-mabi=altivec) # Enable CFLAGS_xor_vmx.o += -isystem $(shell $(CC) -print-file-name=include) --- linux-6.8.0.orig/arch/powerpc/lib/sstep.c +++ linux-6.8.0/arch/powerpc/lib/sstep.c @@ -8,6 +8,7 @@ #include #include #include +#include #include #include #include --- linux-6.8.0.orig/arch/powerpc/perf/hv-gpci.c +++ linux-6.8.0/arch/powerpc/perf/hv-gpci.c @@ -695,6 +695,20 @@ ret = plpar_hcall_norets(H_GET_PERF_COUNTER_INFO, virt_to_phys(arg), HGPCI_REQ_BUFFER_SIZE); + + /* + * ret value as 'H_PARAMETER' with detail_rc as 'GEN_BUF_TOO_SMALL', + * specifies that the current buffer size cannot accommodate + * all the information and a partial buffer returned. + * Since in this function we are only accessing data for a given starting index, + * we don't need to accommodate whole data and can get required count by + * accessing first entry data. + * Hence hcall fails only incase the ret value is other than H_SUCCESS or + * H_PARAMETER with detail_rc value as GEN_BUF_TOO_SMALL(0x1B). + */ + if (ret == H_PARAMETER && be32_to_cpu(arg->params.detail_rc) == 0x1B) + ret = 0; + if (ret) { pr_devel("hcall failed: 0x%lx\n", ret); goto out; @@ -759,6 +773,7 @@ { u64 count; u8 length; + unsigned long ret; /* Not our event */ if (event->attr.type != event->pmu->type) @@ -789,13 +804,23 @@ } /* check if the request works... */ - if (single_gpci_request(event_get_request(event), + ret = single_gpci_request(event_get_request(event), event_get_starting_index(event), event_get_secondary_index(event), event_get_counter_info_version(event), event_get_offset(event), length, - &count)) { + &count); + + /* + * ret value as H_AUTHORITY implies that partition is not permitted to retrieve + * performance information, and required to set + * "Enable Performance Information Collection" option. + */ + if (ret == H_AUTHORITY) + return -EPERM; + + if (ret) { pr_devel("gpci hcall failed\n"); return -EINVAL; } --- linux-6.8.0.orig/arch/powerpc/platforms/44x/warp.c +++ linux-6.8.0/arch/powerpc/platforms/44x/warp.c @@ -8,6 +8,7 @@ #include #include #include +#include #include #include #include --- linux-6.8.0.orig/arch/powerpc/platforms/embedded6xx/linkstation.c +++ linux-6.8.0/arch/powerpc/platforms/embedded6xx/linkstation.c @@ -99,9 +99,6 @@ mpic_init(mpic); } -extern void avr_uart_configure(void); -extern void avr_uart_send(const char); - static void __noreturn linkstation_restart(char *cmd) { local_irq_disable(); --- linux-6.8.0.orig/arch/powerpc/platforms/embedded6xx/mpc10x.h +++ linux-6.8.0/arch/powerpc/platforms/embedded6xx/mpc10x.h @@ -156,4 +156,7 @@ /* For MPC107 boards that use the built-in openpic */ void mpc10x_set_openpic(void); +void avr_uart_configure(void); +void avr_uart_send(const char c); + #endif /* __PPC_KERNEL_MPC10X_H */ --- linux-6.8.0.orig/arch/powerpc/platforms/powermac/Kconfig +++ linux-6.8.0/arch/powerpc/platforms/powermac/Kconfig @@ -2,7 +2,7 @@ config PPC_PMAC bool "Apple PowerMac based machines" depends on PPC_BOOK3S && CPU_BIG_ENDIAN - select ADB_CUDA if POWER_RESET && PPC32 + select ADB_CUDA if POWER_RESET && ADB select MPIC select FORCE_PCI select PPC_INDIRECT_PCI if PPC32 --- linux-6.8.0.orig/arch/powerpc/platforms/ps3/Kconfig +++ linux-6.8.0/arch/powerpc/platforms/ps3/Kconfig @@ -67,6 +67,7 @@ config PS3_PS3AV depends on PPC_PS3 tristate "PS3 AV settings driver" if PS3_ADVANCED + select VIDEO select PS3_VUART default y help --- linux-6.8.0.orig/arch/powerpc/platforms/pseries/papr_platform_attributes.c +++ linux-6.8.0/arch/powerpc/platforms/pseries/papr_platform_attributes.c @@ -101,10 +101,12 @@ esi_buf_size = ESI_HDR_SIZE + (CURR_MAX_ESI_ATTRS * max_esi_attrs); temp_buf = krealloc(buf, esi_buf_size, GFP_KERNEL); - if (temp_buf) + if (temp_buf) { buf = temp_buf; - else - return -ENOMEM; + } else { + ret = -ENOMEM; + goto out_buf; + } goto retry; } --- linux-6.8.0.orig/arch/powerpc/platforms/pseries/vio.c +++ linux-6.8.0/arch/powerpc/platforms/pseries/vio.c @@ -39,7 +39,6 @@ .name = "vio", .type = "", .dev.init_name = "vio", - .dev.bus = &vio_bus_type, }; #ifdef CONFIG_PPC_SMLPAR --- linux-6.8.0.orig/arch/riscv/boot/dts/microchip/mpfs-icicle-kit.dts +++ linux-6.8.0/arch/riscv/boot/dts/microchip/mpfs-icicle-kit.dts @@ -160,9 +160,11 @@ status = "okay"; }; +/* UBUNTU: PCIe support is not yet ready, so disable it for now &pcie { status = "okay"; }; +*/ &qspi { status = "okay"; --- linux-6.8.0.orig/arch/riscv/boot/dts/sifive/fu740-c000.dtsi +++ linux-6.8.0/arch/riscv/boot/dts/sifive/fu740-c000.dtsi @@ -42,7 +42,7 @@ }; }; cpu1: cpu@1 { - compatible = "sifive,bullet0", "riscv"; + compatible = "sifive,u74-mc", "sifive,bullet0", "riscv"; d-cache-block-size = <64>; d-cache-sets = <64>; d-cache-size = <32768>; @@ -69,7 +69,7 @@ }; }; cpu2: cpu@2 { - compatible = "sifive,bullet0", "riscv"; + compatible = "sifive,u74-mc", "sifive,bullet0", "riscv"; d-cache-block-size = <64>; d-cache-sets = <64>; d-cache-size = <32768>; @@ -96,7 +96,7 @@ }; }; cpu3: cpu@3 { - compatible = "sifive,bullet0", "riscv"; + compatible = "sifive,u74-mc", "sifive,bullet0", "riscv"; d-cache-block-size = <64>; d-cache-sets = <64>; d-cache-size = <32768>; @@ -123,7 +123,7 @@ }; }; cpu4: cpu@4 { - compatible = "sifive,bullet0", "riscv"; + compatible = "sifive,u74-mc", "sifive,bullet0", "riscv"; d-cache-block-size = <64>; d-cache-sets = <64>; d-cache-size = <32768>; --- linux-6.8.0.orig/arch/riscv/boot/dts/sifive/hifive-unleashed-a00-microsemi.dts +++ linux-6.8.0/arch/riscv/boot/dts/sifive/hifive-unleashed-a00-microsemi.dts @@ -0,0 +1,28 @@ +// SPDX-License-Identifier: (GPL-2.0 OR MIT) + +#include "hifive-unleashed-a00.dts" + +/ { + soc { + pcie: pcie@2030000000 { + #address-cells = <0x3>; + #interrupt-cells = <0x1>; + #size-cells = <0x2>; + compatible = "microsemi,ms-pf-axi-pcie-host"; + device_type = "pci"; + bus-range = <0x01 0x7f>; + interrupt-map = <0 0 0 1 &ms_pcie_intc 0 0 0 0 2 &ms_pcie_intc 1 0 0 0 3 &ms_pcie_intc 2 0 0 0 4 &ms_pcie_intc 3>; + interrupt-map-mask = <0 0 0 7>; + interrupt-parent = <&plic0>; + interrupts = <32>; + ranges = <0x3000000 0x0 0x40000000 0x0 0x40000000 0x0 0x20000000>; + reg = <0x20 0x30000000 0x0 0x4000000 0x20 0x0 0x0 0x100000>; + reg-names = "control", "apb"; + ms_pcie_intc: interrupt-controller { + #address-cells = <0>; + #interrupt-cells = <1>; + interrupt-controller; + }; + }; + }; +}; --- linux-6.8.0.orig/arch/riscv/boot/dts/starfive/jh7100.dtsi +++ linux-6.8.0/arch/riscv/boot/dts/starfive/jh7100.dtsi @@ -116,6 +116,7 @@ osc_sys: osc-sys { compatible = "fixed-clock"; #clock-cells = <0>; + clock-output-names = "osc_sys"; /* This value must be overridden by the board */ clock-frequency = <0>; }; @@ -123,6 +124,7 @@ osc_aud: osc-aud { compatible = "fixed-clock"; #clock-cells = <0>; + clock-output-names = "osc_aud"; /* This value must be overridden by the board */ clock-frequency = <0>; }; @@ -130,6 +132,7 @@ gmac_rmii_ref: gmac-rmii-ref { compatible = "fixed-clock"; #clock-cells = <0>; + clock-output-names = "gmac_rmii_ref"; /* Should be overridden by the board when needed */ clock-frequency = <0>; }; @@ -137,6 +140,7 @@ gmac_gr_mii_rxclk: gmac-gr-mii-rxclk { compatible = "fixed-clock"; #clock-cells = <0>; + clock-output-names = "gmac_gr_mii_rxclk"; /* Should be overridden by the board when needed */ clock-frequency = <0>; }; --- linux-6.8.0.orig/arch/riscv/include/asm/pgtable.h +++ linux-6.8.0/arch/riscv/include/asm/pgtable.h @@ -439,9 +439,11 @@ return pte; } +#ifdef CONFIG_RISCV_ISA_SVNAPOT #define pte_leaf_size(pte) (pte_napot(pte) ? \ napot_cont_size(napot_cont_order(pte)) :\ PAGE_SIZE) +#endif #ifdef CONFIG_NUMA_BALANCING /* --- linux-6.8.0.orig/arch/riscv/kernel/traps_misaligned.c +++ linux-6.8.0/arch/riscv/kernel/traps_misaligned.c @@ -632,7 +632,7 @@ * accesses emulated since tasks requesting such control can run on any * CPU. */ - for_each_present_cpu(cpu) { + for_each_online_cpu(cpu) { if (per_cpu(misaligned_access_speed, cpu) != RISCV_HWPROBE_MISALIGNED_EMULATED) { return; --- linux-6.8.0.orig/arch/riscv/kvm/vcpu_insn.c +++ linux-6.8.0/arch/riscv/kvm/vcpu_insn.c @@ -7,6 +7,8 @@ #include #include +#include + #define INSN_OPCODE_MASK 0x007c #define INSN_OPCODE_SHIFT 2 #define INSN_OPCODE_SYSTEM 28 @@ -213,9 +215,20 @@ unsigned long wr_mask); }; +static int seed_csr_rmw(struct kvm_vcpu *vcpu, unsigned int csr_num, + unsigned long *val, unsigned long new_val, + unsigned long wr_mask) +{ + if (!riscv_isa_extension_available(vcpu->arch.isa, ZKR)) + return KVM_INSN_ILLEGAL_TRAP; + + return KVM_INSN_EXIT_TO_USER_SPACE; +} + static const struct csr_func csr_funcs[] = { KVM_RISCV_VCPU_AIA_CSR_FUNCS KVM_RISCV_VCPU_HPMCOUNTER_CSR_FUNCS + { .base = CSR_SEED, .count = 1, .func = seed_csr_rmw }, }; /** --- linux-6.8.0.orig/arch/riscv/mm/init.c +++ linux-6.8.0/arch/riscv/mm/init.c @@ -824,6 +824,10 @@ disable_pgtable_l4(); } + /* UBUNTU: Force disable sv57 and fallback to sv48 */ + if (pgtable_l5_enabled) + disable_pgtable_l5(); + memset(early_pg_dir, 0, PAGE_SIZE); memset(early_p4d, 0, PAGE_SIZE); memset(early_pud, 0, PAGE_SIZE); --- linux-6.8.0.orig/arch/s390/Kconfig +++ linux-6.8.0/arch/s390/Kconfig @@ -113,6 +113,7 @@ select ARCH_INLINE_WRITE_UNLOCK_BH select ARCH_INLINE_WRITE_UNLOCK_IRQ select ARCH_INLINE_WRITE_UNLOCK_IRQRESTORE + select ARCH_MHP_MEMMAP_ON_MEMORY_ENABLE select ARCH_STACKWALK select ARCH_SUPPORTS_ATOMIC_RMW select ARCH_SUPPORTS_DEBUG_PAGEALLOC --- linux-6.8.0.orig/arch/s390/include/asm/ipl.h +++ linux-6.8.0/arch/s390/include/asm/ipl.h @@ -139,6 +139,7 @@ unsigned char flags, unsigned short cert); int ipl_report_add_certificate(struct ipl_report *report, void *key, unsigned long addr, unsigned long len); +bool ipl_get_secureboot(void); /* * DIAG 308 support --- linux-6.8.0.orig/arch/s390/kernel/cache.c +++ linux-6.8.0/arch/s390/kernel/cache.c @@ -166,5 +166,6 @@ ci_leaf_init(this_leaf++, pvt, ctype, level, cpu); } } + this_cpu_ci->cpu_map_populated = true; return 0; } --- linux-6.8.0.orig/arch/s390/kernel/ipl.c +++ linux-6.8.0/arch/s390/kernel/ipl.c @@ -2520,3 +2520,8 @@ } #endif + +bool ipl_get_secureboot(void) +{ + return !!ipl_secure_flag; +} --- linux-6.8.0.orig/arch/s390/kernel/perf_pai_crypto.c +++ linux-6.8.0/arch/s390/kernel/perf_pai_crypto.c @@ -721,7 +721,7 @@ for (i = 0; i < ARRAY_SIZE(paicrypt_ctrnames); i++) { ret = attr_event_init_one(attrs, i); if (ret) { - attr_event_free(attrs, i - 1); + attr_event_free(attrs, i); return ret; } } --- linux-6.8.0.orig/arch/s390/kernel/perf_pai_ext.c +++ linux-6.8.0/arch/s390/kernel/perf_pai_ext.c @@ -611,7 +611,7 @@ for (i = 0; i < ARRAY_SIZE(paiext_ctrnames); i++) { ret = attr_event_init_one(attrs, i); if (ret) { - attr_event_free(attrs, i - 1); + attr_event_free(attrs, i); return ret; } } --- linux-6.8.0.orig/arch/s390/kernel/setup.c +++ linux-6.8.0/arch/s390/kernel/setup.c @@ -51,6 +51,7 @@ #include #include #include +#include #include #include @@ -891,6 +892,9 @@ log_component_list(); + if (ipl_get_secureboot()) + security_lock_kernel_down("Secure IPL mode", LOCKDOWN_INTEGRITY_MAX); + /* Have one command line that is parsed and saved in /proc/cmdline */ /* boot_command_line has been already set up in early.c */ *cmdline_p = boot_command_line; --- linux-6.8.0.orig/arch/s390/kernel/vdso32/Makefile +++ linux-6.8.0/arch/s390/kernel/vdso32/Makefile @@ -22,7 +22,7 @@ KBUILD_CFLAGS_32 := $(filter-out -mno-pic-data-is-text-relative,$(KBUILD_CFLAGS_32)) KBUILD_CFLAGS_32 += -m31 -fPIC -shared -fno-common -fno-builtin -LDFLAGS_vdso32.so.dbg += -fPIC -shared -soname=linux-vdso32.so.1 \ +LDFLAGS_vdso32.so.dbg += -shared -soname=linux-vdso32.so.1 \ --hash-style=both --build-id=sha1 -melf_s390 -T $(targets:%=$(obj)/%.dbg): KBUILD_CFLAGS = $(KBUILD_CFLAGS_32) --- linux-6.8.0.orig/arch/s390/kernel/vdso64/Makefile +++ linux-6.8.0/arch/s390/kernel/vdso64/Makefile @@ -26,7 +26,7 @@ KBUILD_CFLAGS_64 := $(filter-out -m64,$(KBUILD_CFLAGS)) KBUILD_CFLAGS_64 := $(filter-out -mno-pic-data-is-text-relative,$(KBUILD_CFLAGS_64)) KBUILD_CFLAGS_64 += -m64 -fPIC -fno-common -fno-builtin -ldflags-y := -fPIC -shared -soname=linux-vdso64.so.1 \ +ldflags-y := -shared -soname=linux-vdso64.so.1 \ --hash-style=both --build-id=sha1 -T $(targets:%=$(obj)/%.dbg): KBUILD_CFLAGS = $(KBUILD_CFLAGS_64) --- linux-6.8.0.orig/arch/s390/kernel/vtime.c +++ linux-6.8.0/arch/s390/kernel/vtime.c @@ -210,13 +210,13 @@ virt_timer_expire(); steal = S390_lowcore.steal_timer; - avg_steal = S390_lowcore.avg_steal_timer / 2; + avg_steal = S390_lowcore.avg_steal_timer; if ((s64) steal > 0) { S390_lowcore.steal_timer = 0; account_steal_time(cputime_to_nsecs(steal)); avg_steal += steal; } - S390_lowcore.avg_steal_timer = avg_steal; + S390_lowcore.avg_steal_timer = avg_steal / 2; } static u64 vtime_delta(void) --- linux-6.8.0.orig/arch/s390/mm/init.c +++ linux-6.8.0/arch/s390/mm/init.c @@ -281,9 +281,6 @@ unsigned long size_pages = PFN_DOWN(size); int rc; - if (WARN_ON_ONCE(params->altmap)) - return -EINVAL; - if (WARN_ON_ONCE(params->pgprot.pgprot != PAGE_KERNEL.pgprot)) return -EINVAL; --- linux-6.8.0.orig/arch/s390/mm/vmem.c +++ linux-6.8.0/arch/s390/mm/vmem.c @@ -33,8 +33,12 @@ return memblock_alloc(size, size); } -static void vmem_free_pages(unsigned long addr, int order) +static void vmem_free_pages(unsigned long addr, int order, struct vmem_altmap *altmap) { + if (altmap) { + vmem_altmap_free(altmap, 1 << order); + return; + } /* We don't expect boot memory to be removed ever. */ if (!slab_is_available() || WARN_ON_ONCE(PageReserved(virt_to_page((void *)addr)))) @@ -156,7 +160,8 @@ /* __ref: we'll only call vmemmap_alloc_block() via vmemmap_populate() */ static int __ref modify_pte_table(pmd_t *pmd, unsigned long addr, - unsigned long end, bool add, bool direct) + unsigned long end, bool add, bool direct, + struct vmem_altmap *altmap) { unsigned long prot, pages = 0; int ret = -ENOMEM; @@ -172,11 +177,11 @@ if (pte_none(*pte)) continue; if (!direct) - vmem_free_pages((unsigned long) pfn_to_virt(pte_pfn(*pte)), 0); + vmem_free_pages((unsigned long)pfn_to_virt(pte_pfn(*pte)), get_order(PAGE_SIZE), altmap); pte_clear(&init_mm, addr, pte); } else if (pte_none(*pte)) { if (!direct) { - void *new_page = vmemmap_alloc_block(PAGE_SIZE, NUMA_NO_NODE); + void *new_page = vmemmap_alloc_block_buf(PAGE_SIZE, NUMA_NO_NODE, altmap); if (!new_page) goto out; @@ -213,7 +218,8 @@ /* __ref: we'll only call vmemmap_alloc_block() via vmemmap_populate() */ static int __ref modify_pmd_table(pud_t *pud, unsigned long addr, - unsigned long end, bool add, bool direct) + unsigned long end, bool add, bool direct, + struct vmem_altmap *altmap) { unsigned long next, prot, pages = 0; int ret = -ENOMEM; @@ -234,11 +240,11 @@ if (IS_ALIGNED(addr, PMD_SIZE) && IS_ALIGNED(next, PMD_SIZE)) { if (!direct) - vmem_free_pages(pmd_deref(*pmd), get_order(PMD_SIZE)); + vmem_free_pages(pmd_deref(*pmd), get_order(PMD_SIZE), altmap); pmd_clear(pmd); pages++; } else if (!direct && vmemmap_unuse_sub_pmd(addr, next)) { - vmem_free_pages(pmd_deref(*pmd), get_order(PMD_SIZE)); + vmem_free_pages(pmd_deref(*pmd), get_order(PMD_SIZE), altmap); pmd_clear(pmd); } continue; @@ -261,7 +267,7 @@ * page tables since vmemmap_populate gets * called for each section separately. */ - new_page = vmemmap_alloc_block(PMD_SIZE, NUMA_NO_NODE); + new_page = vmemmap_alloc_block_buf(PMD_SIZE, NUMA_NO_NODE, altmap); if (new_page) { set_pmd(pmd, __pmd(__pa(new_page) | prot)); if (!IS_ALIGNED(addr, PMD_SIZE) || @@ -280,7 +286,7 @@ vmemmap_use_sub_pmd(addr, next); continue; } - ret = modify_pte_table(pmd, addr, next, add, direct); + ret = modify_pte_table(pmd, addr, next, add, direct, altmap); if (ret) goto out; if (!add) @@ -302,12 +308,12 @@ for (i = 0; i < PTRS_PER_PMD; i++, pmd++) if (!pmd_none(*pmd)) return; - vmem_free_pages(pud_deref(*pud), CRST_ALLOC_ORDER); + vmem_free_pages(pud_deref(*pud), CRST_ALLOC_ORDER, NULL); pud_clear(pud); } static int modify_pud_table(p4d_t *p4d, unsigned long addr, unsigned long end, - bool add, bool direct) + bool add, bool direct, struct vmem_altmap *altmap) { unsigned long next, prot, pages = 0; int ret = -ENOMEM; @@ -347,7 +353,7 @@ } else if (pud_large(*pud)) { continue; } - ret = modify_pmd_table(pud, addr, next, add, direct); + ret = modify_pmd_table(pud, addr, next, add, direct, altmap); if (ret) goto out; if (!add) @@ -370,12 +376,12 @@ if (!pud_none(*pud)) return; } - vmem_free_pages(p4d_deref(*p4d), CRST_ALLOC_ORDER); + vmem_free_pages(p4d_deref(*p4d), CRST_ALLOC_ORDER, NULL); p4d_clear(p4d); } static int modify_p4d_table(pgd_t *pgd, unsigned long addr, unsigned long end, - bool add, bool direct) + bool add, bool direct, struct vmem_altmap *altmap) { unsigned long next; int ret = -ENOMEM; @@ -394,7 +400,7 @@ goto out; p4d_populate(&init_mm, p4d, pud); } - ret = modify_pud_table(p4d, addr, next, add, direct); + ret = modify_pud_table(p4d, addr, next, add, direct, altmap); if (ret) goto out; if (!add) @@ -415,12 +421,12 @@ if (!p4d_none(*p4d)) return; } - vmem_free_pages(pgd_deref(*pgd), CRST_ALLOC_ORDER); + vmem_free_pages(pgd_deref(*pgd), CRST_ALLOC_ORDER, NULL); pgd_clear(pgd); } static int modify_pagetable(unsigned long start, unsigned long end, bool add, - bool direct) + bool direct, struct vmem_altmap *altmap) { unsigned long addr, next; int ret = -ENOMEM; @@ -445,7 +451,7 @@ goto out; pgd_populate(&init_mm, pgd, p4d); } - ret = modify_p4d_table(pgd, addr, next, add, direct); + ret = modify_p4d_table(pgd, addr, next, add, direct, altmap); if (ret) goto out; if (!add) @@ -458,14 +464,16 @@ return ret; } -static int add_pagetable(unsigned long start, unsigned long end, bool direct) +static int add_pagetable(unsigned long start, unsigned long end, bool direct, + struct vmem_altmap *altmap) { - return modify_pagetable(start, end, true, direct); + return modify_pagetable(start, end, true, direct, altmap); } -static int remove_pagetable(unsigned long start, unsigned long end, bool direct) +static int remove_pagetable(unsigned long start, unsigned long end, bool direct, + struct vmem_altmap *altmap) { - return modify_pagetable(start, end, false, direct); + return modify_pagetable(start, end, false, direct, altmap); } /* @@ -474,7 +482,7 @@ static int vmem_add_range(unsigned long start, unsigned long size) { start = (unsigned long)__va(start); - return add_pagetable(start, start + size, true); + return add_pagetable(start, start + size, true, NULL); } /* @@ -483,7 +491,7 @@ static void vmem_remove_range(unsigned long start, unsigned long size) { start = (unsigned long)__va(start); - remove_pagetable(start, start + size, true); + remove_pagetable(start, start + size, true, NULL); } /* @@ -496,9 +504,9 @@ mutex_lock(&vmem_mutex); /* We don't care about the node, just use NUMA_NO_NODE on allocations */ - ret = add_pagetable(start, end, false); + ret = add_pagetable(start, end, false, altmap); if (ret) - remove_pagetable(start, end, false); + remove_pagetable(start, end, false, altmap); mutex_unlock(&vmem_mutex); return ret; } @@ -509,7 +517,7 @@ struct vmem_altmap *altmap) { mutex_lock(&vmem_mutex); - remove_pagetable(start, end, false); + remove_pagetable(start, end, false, altmap); mutex_unlock(&vmem_mutex); } --- linux-6.8.0.orig/arch/sparc/Kconfig +++ linux-6.8.0/arch/sparc/Kconfig @@ -57,6 +57,8 @@ select CLZ_TAB select DMA_DIRECT_REMAP select GENERIC_ATOMIC64 + select GENERIC_LIB_CMPDI2 + select GENERIC_LIB_UCMPDI2 select HAVE_UID16 select LOCK_MM_AND_FIND_VMA select OLD_SIGACTION @@ -140,10 +142,6 @@ default y if SPARC32 select KMAP_LOCAL -config GENERIC_ISA_DMA - bool - default y if SPARC32 - config PGTABLE_LEVELS default 4 if 64BIT default 3 --- linux-6.8.0.orig/arch/sparc/include/asm/parport.h +++ linux-6.8.0/arch/sparc/include/asm/parport.h @@ -1,256 +1,11 @@ /* SPDX-License-Identifier: GPL-2.0 */ -/* parport.h: sparc64 specific parport initialization and dma. - * - * Copyright (C) 1999 Eddie C. Dost (ecd@skynet.be) - */ +#ifndef ___ASM_SPARC_PARPORT_H +#define ___ASM_SPARC_PARPORT_H -#ifndef _ASM_SPARC64_PARPORT_H -#define _ASM_SPARC64_PARPORT_H 1 - -#include -#include - -#include -#include -#include - -#define PARPORT_PC_MAX_PORTS PARPORT_MAX - -/* - * While sparc64 doesn't have an ISA DMA API, we provide something that looks - * close enough to make parport_pc happy - */ -#define HAS_DMA - -#ifdef CONFIG_PARPORT_PC_FIFO -static DEFINE_SPINLOCK(dma_spin_lock); - -#define claim_dma_lock() \ -({ unsigned long flags; \ - spin_lock_irqsave(&dma_spin_lock, flags); \ - flags; \ -}) - -#define release_dma_lock(__flags) \ - spin_unlock_irqrestore(&dma_spin_lock, __flags); +#if defined(__sparc__) && defined(__arch64__) +#include +#else +#include +#endif #endif -static struct sparc_ebus_info { - struct ebus_dma_info info; - unsigned int addr; - unsigned int count; - int lock; - - struct parport *port; -} sparc_ebus_dmas[PARPORT_PC_MAX_PORTS]; - -static DECLARE_BITMAP(dma_slot_map, PARPORT_PC_MAX_PORTS); - -static inline int request_dma(unsigned int dmanr, const char *device_id) -{ - if (dmanr >= PARPORT_PC_MAX_PORTS) - return -EINVAL; - if (xchg(&sparc_ebus_dmas[dmanr].lock, 1) != 0) - return -EBUSY; - return 0; -} - -static inline void free_dma(unsigned int dmanr) -{ - if (dmanr >= PARPORT_PC_MAX_PORTS) { - printk(KERN_WARNING "Trying to free DMA%d\n", dmanr); - return; - } - if (xchg(&sparc_ebus_dmas[dmanr].lock, 0) == 0) { - printk(KERN_WARNING "Trying to free free DMA%d\n", dmanr); - return; - } -} - -static inline void enable_dma(unsigned int dmanr) -{ - ebus_dma_enable(&sparc_ebus_dmas[dmanr].info, 1); - - if (ebus_dma_request(&sparc_ebus_dmas[dmanr].info, - sparc_ebus_dmas[dmanr].addr, - sparc_ebus_dmas[dmanr].count)) - BUG(); -} - -static inline void disable_dma(unsigned int dmanr) -{ - ebus_dma_enable(&sparc_ebus_dmas[dmanr].info, 0); -} - -static inline void clear_dma_ff(unsigned int dmanr) -{ - /* nothing */ -} - -static inline void set_dma_mode(unsigned int dmanr, char mode) -{ - ebus_dma_prepare(&sparc_ebus_dmas[dmanr].info, (mode != DMA_MODE_WRITE)); -} - -static inline void set_dma_addr(unsigned int dmanr, unsigned int addr) -{ - sparc_ebus_dmas[dmanr].addr = addr; -} - -static inline void set_dma_count(unsigned int dmanr, unsigned int count) -{ - sparc_ebus_dmas[dmanr].count = count; -} - -static inline unsigned int get_dma_residue(unsigned int dmanr) -{ - return ebus_dma_residue(&sparc_ebus_dmas[dmanr].info); -} - -static int ecpp_probe(struct platform_device *op) -{ - unsigned long base = op->resource[0].start; - unsigned long config = op->resource[1].start; - unsigned long d_base = op->resource[2].start; - unsigned long d_len; - struct device_node *parent; - struct parport *p; - int slot, err; - - parent = op->dev.of_node->parent; - if (of_node_name_eq(parent, "dma")) { - p = parport_pc_probe_port(base, base + 0x400, - op->archdata.irqs[0], PARPORT_DMA_NOFIFO, - op->dev.parent->parent, 0); - if (!p) - return -ENOMEM; - dev_set_drvdata(&op->dev, p); - return 0; - } - - for (slot = 0; slot < PARPORT_PC_MAX_PORTS; slot++) { - if (!test_and_set_bit(slot, dma_slot_map)) - break; - } - err = -ENODEV; - if (slot >= PARPORT_PC_MAX_PORTS) - goto out_err; - - spin_lock_init(&sparc_ebus_dmas[slot].info.lock); - - d_len = (op->resource[2].end - d_base) + 1UL; - sparc_ebus_dmas[slot].info.regs = - of_ioremap(&op->resource[2], 0, d_len, "ECPP DMA"); - - if (!sparc_ebus_dmas[slot].info.regs) - goto out_clear_map; - - sparc_ebus_dmas[slot].info.flags = 0; - sparc_ebus_dmas[slot].info.callback = NULL; - sparc_ebus_dmas[slot].info.client_cookie = NULL; - sparc_ebus_dmas[slot].info.irq = 0xdeadbeef; - strcpy(sparc_ebus_dmas[slot].info.name, "parport"); - if (ebus_dma_register(&sparc_ebus_dmas[slot].info)) - goto out_unmap_regs; - - ebus_dma_irq_enable(&sparc_ebus_dmas[slot].info, 1); - - /* Configure IRQ to Push Pull, Level Low */ - /* Enable ECP, set bit 2 of the CTR first */ - outb(0x04, base + 0x02); - ns87303_modify(config, PCR, - PCR_EPP_ENABLE | - PCR_IRQ_ODRAIN, - PCR_ECP_ENABLE | - PCR_ECP_CLK_ENA | - PCR_IRQ_POLAR); - - /* CTR bit 5 controls direction of port */ - ns87303_modify(config, PTR, - 0, PTR_LPT_REG_DIR); - - p = parport_pc_probe_port(base, base + 0x400, - op->archdata.irqs[0], - slot, - op->dev.parent, - 0); - err = -ENOMEM; - if (!p) - goto out_disable_irq; - - dev_set_drvdata(&op->dev, p); - - return 0; - -out_disable_irq: - ebus_dma_irq_enable(&sparc_ebus_dmas[slot].info, 0); - ebus_dma_unregister(&sparc_ebus_dmas[slot].info); - -out_unmap_regs: - of_iounmap(&op->resource[2], sparc_ebus_dmas[slot].info.regs, d_len); - -out_clear_map: - clear_bit(slot, dma_slot_map); - -out_err: - return err; -} - -static int ecpp_remove(struct platform_device *op) -{ - struct parport *p = dev_get_drvdata(&op->dev); - int slot = p->dma; - - parport_pc_unregister_port(p); - - if (slot != PARPORT_DMA_NOFIFO) { - unsigned long d_base = op->resource[2].start; - unsigned long d_len; - - d_len = (op->resource[2].end - d_base) + 1UL; - - ebus_dma_irq_enable(&sparc_ebus_dmas[slot].info, 0); - ebus_dma_unregister(&sparc_ebus_dmas[slot].info); - of_iounmap(&op->resource[2], - sparc_ebus_dmas[slot].info.regs, - d_len); - clear_bit(slot, dma_slot_map); - } - - return 0; -} - -static const struct of_device_id ecpp_match[] = { - { - .name = "ecpp", - }, - { - .name = "parallel", - .compatible = "ecpp", - }, - { - .name = "parallel", - .compatible = "ns87317-ecpp", - }, - { - .name = "parallel", - .compatible = "pnpALI,1533,3", - }, - {}, -}; - -static struct platform_driver ecpp_driver = { - .driver = { - .name = "ecpp", - .of_match_table = ecpp_match, - }, - .probe = ecpp_probe, - .remove = ecpp_remove, -}; - -static int parport_pc_find_nonpci_ports(int autoirq, int autodma) -{ - return platform_driver_register(&ecpp_driver); -} - -#endif /* !(_ASM_SPARC64_PARPORT_H */ --- linux-6.8.0.orig/arch/sparc/include/asm/parport_64.h +++ linux-6.8.0/arch/sparc/include/asm/parport_64.h @@ -0,0 +1,256 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* parport.h: sparc64 specific parport initialization and dma. + * + * Copyright (C) 1999 Eddie C. Dost (ecd@skynet.be) + */ + +#ifndef _ASM_SPARC64_PARPORT_H +#define _ASM_SPARC64_PARPORT_H 1 + +#include +#include + +#include +#include +#include + +#define PARPORT_PC_MAX_PORTS PARPORT_MAX + +/* + * While sparc64 doesn't have an ISA DMA API, we provide something that looks + * close enough to make parport_pc happy + */ +#define HAS_DMA + +#ifdef CONFIG_PARPORT_PC_FIFO +static DEFINE_SPINLOCK(dma_spin_lock); + +#define claim_dma_lock() \ +({ unsigned long flags; \ + spin_lock_irqsave(&dma_spin_lock, flags); \ + flags; \ +}) + +#define release_dma_lock(__flags) \ + spin_unlock_irqrestore(&dma_spin_lock, __flags); +#endif + +static struct sparc_ebus_info { + struct ebus_dma_info info; + unsigned int addr; + unsigned int count; + int lock; + + struct parport *port; +} sparc_ebus_dmas[PARPORT_PC_MAX_PORTS]; + +static DECLARE_BITMAP(dma_slot_map, PARPORT_PC_MAX_PORTS); + +static inline int request_dma(unsigned int dmanr, const char *device_id) +{ + if (dmanr >= PARPORT_PC_MAX_PORTS) + return -EINVAL; + if (xchg(&sparc_ebus_dmas[dmanr].lock, 1) != 0) + return -EBUSY; + return 0; +} + +static inline void free_dma(unsigned int dmanr) +{ + if (dmanr >= PARPORT_PC_MAX_PORTS) { + printk(KERN_WARNING "Trying to free DMA%d\n", dmanr); + return; + } + if (xchg(&sparc_ebus_dmas[dmanr].lock, 0) == 0) { + printk(KERN_WARNING "Trying to free free DMA%d\n", dmanr); + return; + } +} + +static inline void enable_dma(unsigned int dmanr) +{ + ebus_dma_enable(&sparc_ebus_dmas[dmanr].info, 1); + + if (ebus_dma_request(&sparc_ebus_dmas[dmanr].info, + sparc_ebus_dmas[dmanr].addr, + sparc_ebus_dmas[dmanr].count)) + BUG(); +} + +static inline void disable_dma(unsigned int dmanr) +{ + ebus_dma_enable(&sparc_ebus_dmas[dmanr].info, 0); +} + +static inline void clear_dma_ff(unsigned int dmanr) +{ + /* nothing */ +} + +static inline void set_dma_mode(unsigned int dmanr, char mode) +{ + ebus_dma_prepare(&sparc_ebus_dmas[dmanr].info, (mode != DMA_MODE_WRITE)); +} + +static inline void set_dma_addr(unsigned int dmanr, unsigned int addr) +{ + sparc_ebus_dmas[dmanr].addr = addr; +} + +static inline void set_dma_count(unsigned int dmanr, unsigned int count) +{ + sparc_ebus_dmas[dmanr].count = count; +} + +static inline unsigned int get_dma_residue(unsigned int dmanr) +{ + return ebus_dma_residue(&sparc_ebus_dmas[dmanr].info); +} + +static int ecpp_probe(struct platform_device *op) +{ + unsigned long base = op->resource[0].start; + unsigned long config = op->resource[1].start; + unsigned long d_base = op->resource[2].start; + unsigned long d_len; + struct device_node *parent; + struct parport *p; + int slot, err; + + parent = op->dev.of_node->parent; + if (of_node_name_eq(parent, "dma")) { + p = parport_pc_probe_port(base, base + 0x400, + op->archdata.irqs[0], PARPORT_DMA_NOFIFO, + op->dev.parent->parent, 0); + if (!p) + return -ENOMEM; + dev_set_drvdata(&op->dev, p); + return 0; + } + + for (slot = 0; slot < PARPORT_PC_MAX_PORTS; slot++) { + if (!test_and_set_bit(slot, dma_slot_map)) + break; + } + err = -ENODEV; + if (slot >= PARPORT_PC_MAX_PORTS) + goto out_err; + + spin_lock_init(&sparc_ebus_dmas[slot].info.lock); + + d_len = (op->resource[2].end - d_base) + 1UL; + sparc_ebus_dmas[slot].info.regs = + of_ioremap(&op->resource[2], 0, d_len, "ECPP DMA"); + + if (!sparc_ebus_dmas[slot].info.regs) + goto out_clear_map; + + sparc_ebus_dmas[slot].info.flags = 0; + sparc_ebus_dmas[slot].info.callback = NULL; + sparc_ebus_dmas[slot].info.client_cookie = NULL; + sparc_ebus_dmas[slot].info.irq = 0xdeadbeef; + strcpy(sparc_ebus_dmas[slot].info.name, "parport"); + if (ebus_dma_register(&sparc_ebus_dmas[slot].info)) + goto out_unmap_regs; + + ebus_dma_irq_enable(&sparc_ebus_dmas[slot].info, 1); + + /* Configure IRQ to Push Pull, Level Low */ + /* Enable ECP, set bit 2 of the CTR first */ + outb(0x04, base + 0x02); + ns87303_modify(config, PCR, + PCR_EPP_ENABLE | + PCR_IRQ_ODRAIN, + PCR_ECP_ENABLE | + PCR_ECP_CLK_ENA | + PCR_IRQ_POLAR); + + /* CTR bit 5 controls direction of port */ + ns87303_modify(config, PTR, + 0, PTR_LPT_REG_DIR); + + p = parport_pc_probe_port(base, base + 0x400, + op->archdata.irqs[0], + slot, + op->dev.parent, + 0); + err = -ENOMEM; + if (!p) + goto out_disable_irq; + + dev_set_drvdata(&op->dev, p); + + return 0; + +out_disable_irq: + ebus_dma_irq_enable(&sparc_ebus_dmas[slot].info, 0); + ebus_dma_unregister(&sparc_ebus_dmas[slot].info); + +out_unmap_regs: + of_iounmap(&op->resource[2], sparc_ebus_dmas[slot].info.regs, d_len); + +out_clear_map: + clear_bit(slot, dma_slot_map); + +out_err: + return err; +} + +static int ecpp_remove(struct platform_device *op) +{ + struct parport *p = dev_get_drvdata(&op->dev); + int slot = p->dma; + + parport_pc_unregister_port(p); + + if (slot != PARPORT_DMA_NOFIFO) { + unsigned long d_base = op->resource[2].start; + unsigned long d_len; + + d_len = (op->resource[2].end - d_base) + 1UL; + + ebus_dma_irq_enable(&sparc_ebus_dmas[slot].info, 0); + ebus_dma_unregister(&sparc_ebus_dmas[slot].info); + of_iounmap(&op->resource[2], + sparc_ebus_dmas[slot].info.regs, + d_len); + clear_bit(slot, dma_slot_map); + } + + return 0; +} + +static const struct of_device_id ecpp_match[] = { + { + .name = "ecpp", + }, + { + .name = "parallel", + .compatible = "ecpp", + }, + { + .name = "parallel", + .compatible = "ns87317-ecpp", + }, + { + .name = "parallel", + .compatible = "pnpALI,1533,3", + }, + {}, +}; + +static struct platform_driver ecpp_driver = { + .driver = { + .name = "ecpp", + .of_match_table = ecpp_match, + }, + .probe = ecpp_probe, + .remove = ecpp_remove, +}; + +static int parport_pc_find_nonpci_ports(int autoirq, int autodma) +{ + return platform_driver_register(&ecpp_driver); +} + +#endif /* !(_ASM_SPARC64_PARPORT_H */ --- linux-6.8.0.orig/arch/sparc/kernel/leon_pci_grpci1.c +++ linux-6.8.0/arch/sparc/kernel/leon_pci_grpci1.c @@ -697,7 +697,7 @@ return err; } -static const struct of_device_id grpci1_of_match[] __initconst = { +static const struct of_device_id grpci1_of_match[] = { { .name = "GAISLER_PCIFBRG", }, --- linux-6.8.0.orig/arch/sparc/kernel/leon_pci_grpci2.c +++ linux-6.8.0/arch/sparc/kernel/leon_pci_grpci2.c @@ -889,7 +889,7 @@ return err; } -static const struct of_device_id grpci2_of_match[] __initconst = { +static const struct of_device_id grpci2_of_match[] = { { .name = "GAISLER_GRPCI2", }, --- linux-6.8.0.orig/arch/sparc/kernel/nmi.c +++ linux-6.8.0/arch/sparc/kernel/nmi.c @@ -279,7 +279,7 @@ if (!strncmp(str, "panic", 5)) panic_on_timeout = 1; - return 0; + return 1; } __setup("nmi_watchdog=", setup_nmi_watchdog); --- linux-6.8.0.orig/arch/sparc/lib/Makefile +++ linux-6.8.0/arch/sparc/lib/Makefile @@ -14,7 +14,7 @@ lib-$(CONFIG_SPARC32) += copy_user.o locks.o lib-$(CONFIG_SPARC64) += atomic_64.o lib-$(CONFIG_SPARC32) += lshrdi3.o ashldi3.o -lib-$(CONFIG_SPARC32) += muldi3.o bitext.o cmpdi2.o +lib-$(CONFIG_SPARC32) += muldi3.o bitext.o lib-$(CONFIG_SPARC64) += multi3.o lib-$(CONFIG_SPARC64) += fls.o lib-$(CONFIG_SPARC64) += fls64.o @@ -51,5 +51,5 @@ lib-$(CONFIG_SPARC64) += mcount.o ipcsum.o xor.o hweight.o ffs.o obj-$(CONFIG_SPARC64) += iomap.o -obj-$(CONFIG_SPARC32) += atomic32.o ucmpdi2.o +obj-$(CONFIG_SPARC32) += atomic32.o obj-$(CONFIG_SPARC64) += PeeCeeI.o --- linux-6.8.0.orig/arch/sparc/vdso/vma.c +++ linux-6.8.0/arch/sparc/vdso/vma.c @@ -449,9 +449,8 @@ unsigned long val; err = kstrtoul(s, 10, &val); - if (err) - return err; - vdso_enabled = val; - return 0; + if (!err) + vdso_enabled = val; + return 1; } __setup("vdso=", vdso_setup); --- linux-6.8.0.orig/arch/x86/Kconfig +++ linux-6.8.0/arch/x86/Kconfig @@ -1539,19 +1539,6 @@ This requires an AMD processor that supports Secure Memory Encryption (SME). -config AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT - bool "Activate AMD Secure Memory Encryption (SME) by default" - depends on AMD_MEM_ENCRYPT - help - Say yes to have system memory encrypted by default if running on - an AMD processor that supports Secure Memory Encryption (SME). - - If set to Y, then the encryption of system memory can be - deactivated with the mem_encrypt=off command line option. - - If set to N, then the encryption of system memory can be - activated with the mem_encrypt=on command line option. - # Common NUMA Features config NUMA bool "NUMA Memory Allocation and Scheduler Support" @@ -2614,6 +2601,42 @@ If in doubt, say N. +config MITIGATION_RFDS + bool "RFDS Mitigation" + depends on CPU_SUP_INTEL + default y + help + Enable mitigation for Register File Data Sampling (RFDS) by default. + RFDS is a hardware vulnerability which affects Intel Atom CPUs. It + allows unprivileged speculative access to stale data previously + stored in floating point, vector and integer registers. + See also + +choice + prompt "Clear branch history" + depends on CPU_SUP_INTEL + default SPECTRE_BHI_ON + help + Enable BHI mitigations. BHI attacks are a form of Spectre V2 attacks + where the branch history buffer is poisoned to speculatively steer + indirect branches. + See + +config SPECTRE_BHI_ON + bool "on" + help + Equivalent to setting spectre_bhi=on command line parameter. +config SPECTRE_BHI_OFF + bool "off" + help + Equivalent to setting spectre_bhi=off command line parameter. +config SPECTRE_BHI_AUTO + bool "auto" + help + Equivalent to setting spectre_bhi=auto command line parameter. + +endchoice + endif config ARCH_HAS_ADD_PAGES --- linux-6.8.0.orig/arch/x86/boot/compressed/Makefile +++ linux-6.8.0/arch/x86/boot/compressed/Makefile @@ -84,7 +84,7 @@ hostprogs := mkpiggy HOST_EXTRACFLAGS += -I$(srctree)/tools/include -sed-voffset := -e 's/^\([0-9a-fA-F]*\) [ABCDGRSTVW] \(_text\|__bss_start\|_end\)$$/\#define VO_\2 _AC(0x\1,UL)/p' +sed-voffset := -e 's/^\([0-9a-fA-F]*\) [ABCDGRSTVW] \(_text\|__start_rodata\|__bss_start\|_end\)$$/\#define VO_\2 _AC(0x\1,UL)/p' quiet_cmd_voffset = VOFFSET $@ cmd_voffset = $(NM) $< | sed -n $(sed-voffset) > $@ --- linux-6.8.0.orig/arch/x86/boot/compressed/efi_mixed.S +++ linux-6.8.0/arch/x86/boot/compressed/efi_mixed.S @@ -15,10 +15,12 @@ */ #include +#include #include #include #include #include +#include .code64 .text @@ -49,6 +51,11 @@ lea efi32_boot_args(%rip), %rdx mov 0(%rdx), %edi mov 4(%rdx), %esi + + /* Switch to the firmware's stack */ + movl efi32_boot_sp(%rip), %esp + andl $~7, %esp + #ifdef CONFIG_EFI_HANDOVER_PROTOCOL mov 8(%rdx), %edx // saved bootparams pointer test %edx, %edx @@ -144,6 +151,7 @@ SYM_FUNC_START(efi32_stub_entry) call 1f 1: popl %ecx + leal (efi32_boot_args - 1b)(%ecx), %ebx /* Clear BSS */ xorl %eax, %eax @@ -158,6 +166,7 @@ popl %ecx popl %edx popl %esi + movl %esi, 8(%ebx) jmp efi32_entry SYM_FUNC_END(efi32_stub_entry) #endif @@ -234,8 +243,6 @@ * * Arguments: %ecx image handle * %edx EFI system table pointer - * %esi struct bootparams pointer (or NULL when not using - * the EFI handover protocol) * * Since this is the point of no return for ordinary execution, no registers * are considered live except for the function parameters. [Note that the EFI @@ -254,13 +261,25 @@ /* Store firmware IDT descriptor */ sidtl (efi32_boot_idt - 1b)(%ebx) + /* Store firmware stack pointer */ + movl %esp, (efi32_boot_sp - 1b)(%ebx) + /* Store boot arguments */ leal (efi32_boot_args - 1b)(%ebx), %ebx movl %ecx, 0(%ebx) movl %edx, 4(%ebx) - movl %esi, 8(%ebx) movb $0x0, 12(%ebx) // efi_is64 + /* + * Allocate some memory for a temporary struct boot_params, which only + * needs the minimal pieces that startup_32() relies on. + */ + subl $PARAM_SIZE, %esp + movl %esp, %esi + movl $PAGE_SIZE, BP_kernel_alignment(%esi) + movl $_end - 1b, BP_init_size(%esi) + subl $startup_32 - 1b, BP_init_size(%esi) + /* Disable paging */ movl %cr0, %eax btrl $X86_CR0_PG_BIT, %eax @@ -286,8 +305,7 @@ movl 8(%ebp), %ecx // image_handle movl 12(%ebp), %edx // sys_table - xorl %esi, %esi - jmp efi32_entry // pass %ecx, %edx, %esi + jmp efi32_entry // pass %ecx, %edx // no other registers remain live 2: popl %edi // restore callee-save registers @@ -318,5 +336,6 @@ SYM_DATA_LOCAL(efi32_boot_cs, .word 0) SYM_DATA_LOCAL(efi32_boot_ds, .word 0) +SYM_DATA_LOCAL(efi32_boot_sp, .long 0) SYM_DATA_LOCAL(efi32_boot_args, .long 0, 0, 0) SYM_DATA(efi_is64, .byte 1) --- linux-6.8.0.orig/arch/x86/boot/compressed/misc.c +++ linux-6.8.0/arch/x86/boot/compressed/misc.c @@ -330,6 +330,7 @@ return ehdr.e_entry - LOAD_PHYSICAL_ADDR; } +const unsigned long kernel_text_size = VO___start_rodata - VO__text; const unsigned long kernel_total_size = VO__end - VO__text; static u8 boot_heap[BOOT_HEAP_SIZE] __aligned(4); --- linux-6.8.0.orig/arch/x86/coco/core.c +++ linux-6.8.0/arch/x86/coco/core.c @@ -14,7 +14,7 @@ #include enum cc_vendor cc_vendor __ro_after_init = CC_VENDOR_NONE; -static u64 cc_mask __ro_after_init; +u64 cc_mask __ro_after_init; static bool noinstr intel_cc_platform_has(enum cc_attr attr) { @@ -148,8 +148,3 @@ } } EXPORT_SYMBOL_GPL(cc_mkdec); - -__init void cc_set_mask(u64 mask) -{ - cc_mask = mask; -} --- linux-6.8.0.orig/arch/x86/entry/common.c +++ linux-6.8.0/arch/x86/entry/common.c @@ -49,7 +49,7 @@ if (likely(unr < NR_syscalls)) { unr = array_index_nospec(unr, NR_syscalls); - regs->ax = sys_call_table[unr](regs); + regs->ax = x64_sys_call(regs, unr); return true; } return false; @@ -66,7 +66,7 @@ if (IS_ENABLED(CONFIG_X86_X32_ABI) && likely(xnr < X32_NR_syscalls)) { xnr = array_index_nospec(xnr, X32_NR_syscalls); - regs->ax = x32_sys_call_table[xnr](regs); + regs->ax = x32_sys_call(regs, xnr); return true; } return false; @@ -162,7 +162,7 @@ if (likely(unr < IA32_NR_syscalls)) { unr = array_index_nospec(unr, IA32_NR_syscalls); - regs->ax = ia32_sys_call_table[unr](regs); + regs->ax = ia32_sys_call(regs, unr); } else if (nr != -1) { regs->ax = __ia32_sys_ni_syscall(regs); } @@ -189,7 +189,7 @@ } /** - * int80_emulation - 32-bit legacy syscall entry + * do_int80_emulation - 32-bit legacy syscall C entry from asm * * This entry point can be used by 32-bit and 64-bit programs to perform * 32-bit system calls. Instances of INT $0x80 can be found inline in @@ -207,7 +207,7 @@ * eax: system call number * ebx, ecx, edx, esi, edi, ebp: arg1 - arg 6 */ -DEFINE_IDTENTRY_RAW(int80_emulation) +__visible noinstr void do_int80_emulation(struct pt_regs *regs) { int nr; --- linux-6.8.0.orig/arch/x86/entry/entry_64.S +++ linux-6.8.0/arch/x86/entry/entry_64.S @@ -116,6 +116,7 @@ /* clobbers %rax, make sure it is after saving the syscall nr */ IBRS_ENTER UNTRAIN_RET + CLEAR_BRANCH_HISTORY call do_syscall_64 /* returns with IRQs disabled */ @@ -1494,3 +1495,63 @@ call make_task_dead SYM_CODE_END(rewind_stack_and_make_dead) .popsection + +/* + * This sequence executes branches in order to remove user branch information + * from the branch history tracker in the Branch Predictor, therefore removing + * user influence on subsequent BTB lookups. + * + * It should be used on parts prior to Alder Lake. Newer parts should use the + * BHI_DIS_S hardware control instead. If a pre-Alder Lake part is being + * virtualized on newer hardware the VMM should protect against BHI attacks by + * setting BHI_DIS_S for the guests. + * + * CALLs/RETs are necessary to prevent Loop Stream Detector(LSD) from engaging + * and not clearing the branch history. The call tree looks like: + * + * call 1 + * call 2 + * call 2 + * call 2 + * call 2 + * call 2 + * ret + * ret + * ret + * ret + * ret + * ret + * + * This means that the stack is non-constant and ORC can't unwind it with %rsp + * alone. Therefore we unconditionally set up the frame pointer, which allows + * ORC to unwind properly. + * + * The alignment is for performance and not for safety, and may be safely + * refactored in the future if needed. + */ +SYM_FUNC_START(clear_bhb_loop) + push %rbp + mov %rsp, %rbp + movl $5, %ecx + ANNOTATE_INTRA_FUNCTION_CALL + call 1f + jmp 5f + .align 64, 0xcc + ANNOTATE_INTRA_FUNCTION_CALL +1: call 2f + RET + .align 64, 0xcc +2: movl $5, %eax +3: jmp 4f + nop +4: sub $1, %eax + jnz 3b + sub $1, %ecx + jnz 1b + RET +5: lfence + pop %rbp + RET +SYM_FUNC_END(clear_bhb_loop) +EXPORT_SYMBOL_GPL(clear_bhb_loop) +STACK_FRAME_NON_STANDARD(clear_bhb_loop) --- linux-6.8.0.orig/arch/x86/entry/entry_64_compat.S +++ linux-6.8.0/arch/x86/entry/entry_64_compat.S @@ -92,6 +92,7 @@ IBRS_ENTER UNTRAIN_RET + CLEAR_BRANCH_HISTORY /* * SYSENTER doesn't filter flags, so we need to clear NT and AC @@ -206,6 +207,7 @@ IBRS_ENTER UNTRAIN_RET + CLEAR_BRANCH_HISTORY movq %rsp, %rdi call do_fast_syscall_32 @@ -276,3 +278,17 @@ ANNOTATE_NOENDBR int3 SYM_CODE_END(entry_SYSCALL_compat) + +/* + * int 0x80 is used by 32 bit mode as a system call entry. Normally idt entries + * point to C routines, however since this is a system call interface the branch + * history needs to be scrubbed to protect against BHI attacks, and that + * scrubbing needs to take place in assembly code prior to entering any C + * routines. + */ +SYM_CODE_START(int80_emulation) + ANNOTATE_NOENDBR + UNWIND_HINT_FUNC + CLEAR_BRANCH_HISTORY + jmp do_int80_emulation +SYM_CODE_END(int80_emulation) --- linux-6.8.0.orig/arch/x86/entry/syscall_32.c +++ linux-6.8.0/arch/x86/entry/syscall_32.c @@ -18,8 +18,25 @@ #include #undef __SYSCALL +/* + * The sys_call_table[] is no longer used for system calls, but + * kernel/trace/trace_syscalls.c still wants to know the system + * call address. + */ +#ifdef CONFIG_X86_32 #define __SYSCALL(nr, sym) __ia32_##sym, - -__visible const sys_call_ptr_t ia32_sys_call_table[] = { +const sys_call_ptr_t sys_call_table[] = { #include }; +#undef __SYSCALL +#endif + +#define __SYSCALL(nr, sym) case nr: return __ia32_##sym(regs); + +long ia32_sys_call(const struct pt_regs *regs, unsigned int nr) +{ + switch (nr) { + #include + default: return __ia32_sys_ni_syscall(regs); + } +}; --- linux-6.8.0.orig/arch/x86/entry/syscall_64.c +++ linux-6.8.0/arch/x86/entry/syscall_64.c @@ -11,8 +11,23 @@ #include #undef __SYSCALL +/* + * The sys_call_table[] is no longer used for system calls, but + * kernel/trace/trace_syscalls.c still wants to know the system + * call address. + */ #define __SYSCALL(nr, sym) __x64_##sym, - -asmlinkage const sys_call_ptr_t sys_call_table[] = { +const sys_call_ptr_t sys_call_table[] = { #include }; +#undef __SYSCALL + +#define __SYSCALL(nr, sym) case nr: return __x64_##sym(regs); + +long x64_sys_call(const struct pt_regs *regs, unsigned int nr) +{ + switch (nr) { + #include + default: return __x64_sys_ni_syscall(regs); + } +}; --- linux-6.8.0.orig/arch/x86/entry/syscall_x32.c +++ linux-6.8.0/arch/x86/entry/syscall_x32.c @@ -11,8 +11,12 @@ #include #undef __SYSCALL -#define __SYSCALL(nr, sym) __x64_##sym, +#define __SYSCALL(nr, sym) case nr: return __x64_##sym(regs); -asmlinkage const sys_call_ptr_t x32_sys_call_table[] = { -#include +long x32_sys_call(const struct pt_regs *regs, unsigned int nr) +{ + switch (nr) { + #include + default: return __x64_sys_ni_syscall(regs); + } }; --- linux-6.8.0.orig/arch/x86/events/amd/core.c +++ linux-6.8.0/arch/x86/events/amd/core.c @@ -250,7 +250,7 @@ /* * AMD Performance Monitor Family 17h and later: */ -static const u64 amd_f17h_perfmon_event_map[PERF_COUNT_HW_MAX] = +static const u64 amd_zen1_perfmon_event_map[PERF_COUNT_HW_MAX] = { [PERF_COUNT_HW_CPU_CYCLES] = 0x0076, [PERF_COUNT_HW_INSTRUCTIONS] = 0x00c0, @@ -262,10 +262,24 @@ [PERF_COUNT_HW_STALLED_CYCLES_BACKEND] = 0x0187, }; +static const u64 amd_zen2_perfmon_event_map[PERF_COUNT_HW_MAX] = +{ + [PERF_COUNT_HW_CPU_CYCLES] = 0x0076, + [PERF_COUNT_HW_INSTRUCTIONS] = 0x00c0, + [PERF_COUNT_HW_CACHE_REFERENCES] = 0xff60, + [PERF_COUNT_HW_CACHE_MISSES] = 0x0964, + [PERF_COUNT_HW_BRANCH_INSTRUCTIONS] = 0x00c2, + [PERF_COUNT_HW_BRANCH_MISSES] = 0x00c3, + [PERF_COUNT_HW_STALLED_CYCLES_FRONTEND] = 0x00a9, +}; + static u64 amd_pmu_event_map(int hw_event) { - if (boot_cpu_data.x86 >= 0x17) - return amd_f17h_perfmon_event_map[hw_event]; + if (cpu_feature_enabled(X86_FEATURE_ZEN2) || boot_cpu_data.x86 >= 0x19) + return amd_zen2_perfmon_event_map[hw_event]; + + if (cpu_feature_enabled(X86_FEATURE_ZEN1)) + return amd_zen1_perfmon_event_map[hw_event]; return amd_perfmon_event_map[hw_event]; } @@ -604,7 +618,6 @@ kfree(cpuhw->lbr_sel); cpuhw->lbr_sel = NULL; - amd_pmu_cpu_reset(cpu); if (!x86_pmu.amd_nb_constraints) return; --- linux-6.8.0.orig/arch/x86/hyperv/hv_vtl.c +++ linux-6.8.0/arch/x86/hyperv/hv_vtl.c @@ -12,6 +12,7 @@ #include #include #include +#include <../kernel/smpboot.h> extern struct boot_params boot_params; static struct real_mode_header hv_vtl_real_mode_header; @@ -64,7 +65,7 @@ ((secondary_startup_64_fn)secondary_startup_64)(&boot_params, &boot_params); } -static int hv_vtl_bringup_vcpu(u32 target_vp_index, u64 eip_ignored) +static int hv_vtl_bringup_vcpu(u32 target_vp_index, int cpu, u64 eip_ignored) { u64 status; int ret = 0; @@ -78,7 +79,9 @@ struct ldttss_desc *ldt; struct desc_struct *gdt; - u64 rsp = current->thread.sp; + struct task_struct *idle = idle_thread_get(cpu); + u64 rsp = (unsigned long)idle->thread.sp; + u64 rip = (u64)&hv_vtl_ap_entry; native_store_gdt(&gdt_ptr); @@ -205,7 +208,15 @@ static int hv_vtl_wakeup_secondary_cpu(u32 apicid, unsigned long start_eip) { - int vp_id; + int vp_id, cpu; + + /* Find the logical CPU for the APIC ID */ + for_each_present_cpu(cpu) { + if (arch_match_cpu_phys_id(cpu, apicid)) + break; + } + if (cpu >= nr_cpu_ids) + return -EINVAL; pr_debug("Bringing up CPU with APIC ID %d in VTL2...\n", apicid); vp_id = hv_vtl_apicid_to_vp_id(apicid); @@ -219,7 +230,7 @@ return -EINVAL; } - return hv_vtl_bringup_vcpu(vp_id, start_eip); + return hv_vtl_bringup_vcpu(vp_id, cpu, start_eip); } int __init hv_vtl_early_init(void) --- linux-6.8.0.orig/arch/x86/include/asm/asm-prototypes.h +++ linux-6.8.0/arch/x86/include/asm/asm-prototypes.h @@ -13,6 +13,7 @@ #include #include #include +#include #ifndef CONFIG_X86_CMPXCHG64 extern void cmpxchg8b_emu(void); --- linux-6.8.0.orig/arch/x86/include/asm/asm.h +++ linux-6.8.0/arch/x86/include/asm/asm.h @@ -113,6 +113,20 @@ #endif +#ifndef __ASSEMBLY__ +#ifndef __pic__ +static __always_inline __pure void *rip_rel_ptr(void *p) +{ + asm("leaq %c1(%%rip), %0" : "=r"(p) : "i"(p)); + + return p; +} +#define RIP_REL_REF(var) (*(typeof(&(var)))rip_rel_ptr(&(var))) +#else +#define RIP_REL_REF(var) (var) +#endif +#endif + /* * Macros to generate condition code outputs from inline assembly, * The output operand must be type "bool". --- linux-6.8.0.orig/arch/x86/include/asm/boot.h +++ linux-6.8.0/arch/x86/include/asm/boot.h @@ -81,6 +81,7 @@ #ifndef __ASSEMBLY__ extern unsigned int output_len; +extern const unsigned long kernel_text_size; extern const unsigned long kernel_total_size; unsigned long decompress_kernel(unsigned char *outbuf, unsigned long virt_addr, --- linux-6.8.0.orig/arch/x86/include/asm/coco.h +++ linux-6.8.0/arch/x86/include/asm/coco.h @@ -2,6 +2,7 @@ #ifndef _ASM_X86_COCO_H #define _ASM_X86_COCO_H +#include #include enum cc_vendor { @@ -12,7 +13,12 @@ #ifdef CONFIG_ARCH_HAS_CC_PLATFORM extern enum cc_vendor cc_vendor; -void cc_set_mask(u64 mask); +extern u64 cc_mask; +static inline void cc_set_mask(u64 mask) +{ + RIP_REL_REF(cc_mask) = mask; +} + u64 cc_mkenc(u64 val); u64 cc_mkdec(u64 val); #else --- linux-6.8.0.orig/arch/x86/include/asm/cpufeature.h +++ linux-6.8.0/arch/x86/include/asm/cpufeature.h @@ -91,8 +91,9 @@ CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 18, feature_bit) || \ CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 19, feature_bit) || \ CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 20, feature_bit) || \ + CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 21, feature_bit) || \ REQUIRED_MASK_CHECK || \ - BUILD_BUG_ON_ZERO(NCAPINTS != 21)) + BUILD_BUG_ON_ZERO(NCAPINTS != 22)) #define DISABLED_MASK_BIT_SET(feature_bit) \ ( CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 0, feature_bit) || \ @@ -116,8 +117,9 @@ CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 18, feature_bit) || \ CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 19, feature_bit) || \ CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 20, feature_bit) || \ + CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 21, feature_bit) || \ DISABLED_MASK_CHECK || \ - BUILD_BUG_ON_ZERO(NCAPINTS != 21)) + BUILD_BUG_ON_ZERO(NCAPINTS != 22)) #define cpu_has(c, bit) \ (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ --- linux-6.8.0.orig/arch/x86/include/asm/cpufeatures.h +++ linux-6.8.0/arch/x86/include/asm/cpufeatures.h @@ -13,7 +13,7 @@ /* * Defines x86 CPU feature bits */ -#define NCAPINTS 21 /* N 32-bit words worth of info */ +#define NCAPINTS 22 /* N 32-bit words worth of info */ #define NBUGINTS 2 /* N 32-bit bug flags */ /* @@ -457,6 +457,17 @@ #define X86_FEATURE_SRSO_NO (20*32+29) /* "" CPU is not affected by SRSO */ /* + * Extended auxiliary flags: Linux defined - for features scattered in various + * CPUID levels like 0x80000022, etc and Linux defined features. + * + * Reuse free bits when adding new feature flags! + */ +#define X86_FEATURE_CLEAR_BHB_LOOP (21*32+ 1) /* "" Clear branch history at syscall entry using SW loop */ +#define X86_FEATURE_BHI_CTRL (21*32+ 2) /* "" BHI_DIS_S HW control available */ +#define X86_FEATURE_CLEAR_BHB_HW (21*32+ 3) /* "" BHI_DIS_S HW control enabled */ +#define X86_FEATURE_CLEAR_BHB_LOOP_ON_VMEXIT (21*32+ 4) /* "" Clear branch history at vmexit using SW loop */ + +/* * BUG word(s) */ #define X86_BUG(x) (NCAPINTS*32 + (x)) @@ -503,4 +514,6 @@ /* BUG word 2 */ #define X86_BUG_SRSO X86_BUG(1*32 + 0) /* AMD SRSO bug */ #define X86_BUG_DIV0 X86_BUG(1*32 + 1) /* AMD DIV0 speculation bug */ +#define X86_BUG_RFDS X86_BUG(1*32 + 2) /* CPU is vulnerable to Register File Data Sampling */ +#define X86_BUG_BHI X86_BUG(1*32 + 3) /* CPU is affected by Branch History Injection */ #endif /* _ASM_X86_CPUFEATURES_H */ --- linux-6.8.0.orig/arch/x86/include/asm/crash_core.h +++ linux-6.8.0/arch/x86/include/asm/crash_core.h @@ -39,4 +39,6 @@ #endif } +#define HAVE_ARCH_ADD_CRASH_RES_TO_IOMEM_EARLY + #endif /* _X86_CRASH_CORE_H */ --- linux-6.8.0.orig/arch/x86/include/asm/disabled-features.h +++ linux-6.8.0/arch/x86/include/asm/disabled-features.h @@ -143,6 +143,7 @@ #define DISABLED_MASK18 (DISABLE_IBT) #define DISABLED_MASK19 0 #define DISABLED_MASK20 0 -#define DISABLED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 21) +#define DISABLED_MASK21 0 +#define DISABLED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 22) #endif /* _ASM_X86_DISABLED_FEATURES_H */ --- linux-6.8.0.orig/arch/x86/include/asm/io.h +++ linux-6.8.0/arch/x86/include/asm/io.h @@ -379,7 +379,7 @@ const u8 *end = from + count * 64; while (from < end) { - movdir64b(dst, from); + movdir64b_io(dst, from); from += 64; } } --- linux-6.8.0.orig/arch/x86/include/asm/mem_encrypt.h +++ linux-6.8.0/arch/x86/include/asm/mem_encrypt.h @@ -15,7 +15,8 @@ #include #include -#include +#include +struct boot_params; #ifdef CONFIG_X86_MEM_ENCRYPT void __init mem_encrypt_init(void); @@ -58,6 +59,11 @@ void __init sev_es_init_vc_handling(void); +static inline u64 sme_get_me_mask(void) +{ + return RIP_REL_REF(sme_me_mask); +} + #define __bss_decrypted __section(".bss..decrypted") #else /* !CONFIG_AMD_MEM_ENCRYPT */ @@ -89,6 +95,8 @@ static inline void mem_encrypt_free_decrypted_mem(void) { } +static inline u64 sme_get_me_mask(void) { return 0; } + #define __bss_decrypted #endif /* CONFIG_AMD_MEM_ENCRYPT */ @@ -106,11 +114,6 @@ extern char __start_bss_decrypted[], __end_bss_decrypted[], __start_bss_decrypted_unused[]; -static inline u64 sme_get_me_mask(void) -{ - return sme_me_mask; -} - #endif /* __ASSEMBLY__ */ #endif /* __X86_MEM_ENCRYPT_H__ */ --- linux-6.8.0.orig/arch/x86/include/asm/msr-index.h +++ linux-6.8.0/arch/x86/include/asm/msr-index.h @@ -50,10 +50,13 @@ #define SPEC_CTRL_SSBD BIT(SPEC_CTRL_SSBD_SHIFT) /* Speculative Store Bypass Disable */ #define SPEC_CTRL_RRSBA_DIS_S_SHIFT 6 /* Disable RRSBA behavior */ #define SPEC_CTRL_RRSBA_DIS_S BIT(SPEC_CTRL_RRSBA_DIS_S_SHIFT) +#define SPEC_CTRL_BHI_DIS_S_SHIFT 10 /* Disable Branch History Injection behavior */ +#define SPEC_CTRL_BHI_DIS_S BIT(SPEC_CTRL_BHI_DIS_S_SHIFT) /* A mask for bits which the kernel toggles when controlling mitigations */ #define SPEC_CTRL_MITIGATIONS_MASK (SPEC_CTRL_IBRS | SPEC_CTRL_STIBP | SPEC_CTRL_SSBD \ - | SPEC_CTRL_RRSBA_DIS_S) + | SPEC_CTRL_RRSBA_DIS_S \ + | SPEC_CTRL_BHI_DIS_S) #define MSR_IA32_PRED_CMD 0x00000049 /* Prediction Command */ #define PRED_CMD_IBPB BIT(0) /* Indirect Branch Prediction Barrier */ @@ -152,6 +155,10 @@ * are restricted to targets in * kernel. */ +#define ARCH_CAP_BHI_NO BIT(20) /* + * CPU is not affected by Branch + * History Injection. + */ #define ARCH_CAP_PBRSB_NO BIT(24) /* * Not susceptible to Post-Barrier * Return Stack Buffer Predictions. @@ -165,6 +172,14 @@ * CPU is not vulnerable to Gather * Data Sampling (GDS). */ +#define ARCH_CAP_RFDS_NO BIT(27) /* + * Not susceptible to Register + * File Data Sampling. + */ +#define ARCH_CAP_RFDS_CLEAR BIT(28) /* + * VERW clears CPU Register + * File. + */ #define ARCH_CAP_XAPIC_DISABLE BIT(21) /* * IA32_XAPIC_DISABLE_STATUS MSR --- linux-6.8.0.orig/arch/x86/include/asm/nospec-branch.h +++ linux-6.8.0/arch/x86/include/asm/nospec-branch.h @@ -271,11 +271,20 @@ .Lskip_rsb_\@: .endm +/* + * The CALL to srso_alias_untrain_ret() must be patched in directly at + * the spot where untraining must be done, ie., srso_alias_untrain_ret() + * must be the target of a CALL instruction instead of indirectly + * jumping to a wrapper which then calls it. Therefore, this macro is + * called outside of __UNTRAIN_RET below, for the time being, before the + * kernel can support nested alternatives with arbitrary nesting. + */ +.macro CALL_UNTRAIN_RET #if defined(CONFIG_CPU_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO) -#define CALL_UNTRAIN_RET "call entry_untrain_ret" -#else -#define CALL_UNTRAIN_RET "" + ALTERNATIVE_2 "", "call entry_untrain_ret", X86_FEATURE_UNRET, \ + "call srso_alias_untrain_ret", X86_FEATURE_SRSO_ALIAS #endif +.endm /* * Mitigate RETBleed for AMD/Hygon Zen uarch. Requires KERNEL CR3 because the @@ -291,8 +300,8 @@ .macro __UNTRAIN_RET ibpb_feature, call_depth_insns #if defined(CONFIG_RETHUNK) || defined(CONFIG_CPU_IBPB_ENTRY) VALIDATE_UNRET_END - ALTERNATIVE_3 "", \ - CALL_UNTRAIN_RET, X86_FEATURE_UNRET, \ + CALL_UNTRAIN_RET + ALTERNATIVE_2 "", \ "call entry_ibpb", \ibpb_feature, \ __stringify(\call_depth_insns), X86_FEATURE_CALL_DEPTH #endif @@ -326,6 +335,19 @@ ALTERNATIVE "", __stringify(verw _ASM_RIP(mds_verw_sel)), X86_FEATURE_CLEAR_CPU_BUF .endm +#ifdef CONFIG_X86_64 +.macro CLEAR_BRANCH_HISTORY + ALTERNATIVE "", "call clear_bhb_loop", X86_FEATURE_CLEAR_BHB_LOOP +.endm + +.macro CLEAR_BRANCH_HISTORY_VMEXIT + ALTERNATIVE "", "call clear_bhb_loop", X86_FEATURE_CLEAR_BHB_LOOP_ON_VMEXIT +.endm +#else +#define CLEAR_BRANCH_HISTORY +#define CLEAR_BRANCH_HISTORY_VMEXIT +#endif + #else /* __ASSEMBLY__ */ #define ANNOTATE_RETPOLINE_SAFE \ @@ -351,6 +373,8 @@ static inline void retbleed_return_thunk(void) {} #endif +extern void srso_alias_untrain_ret(void); + #ifdef CONFIG_CPU_SRSO extern void srso_return_thunk(void); extern void srso_alias_return_thunk(void); @@ -366,6 +390,10 @@ extern void entry_untrain_ret(void); extern void entry_ibpb(void); +#ifdef CONFIG_X86_64 +extern void clear_bhb_loop(void); +#endif + extern void (*x86_return_thunk)(void); #ifdef CONFIG_CALL_DEPTH_TRACKING --- linux-6.8.0.orig/arch/x86/include/asm/page.h +++ linux-6.8.0/arch/x86/include/asm/page.h @@ -66,10 +66,14 @@ * virt_addr_valid(kaddr) returns true. */ #define virt_to_page(kaddr) pfn_to_page(__pa(kaddr) >> PAGE_SHIFT) -#define pfn_to_kaddr(pfn) __va((pfn) << PAGE_SHIFT) extern bool __virt_addr_valid(unsigned long kaddr); #define virt_addr_valid(kaddr) __virt_addr_valid((unsigned long) (kaddr)) +static __always_inline void *pfn_to_kaddr(unsigned long pfn) +{ + return __va(pfn << PAGE_SHIFT); +} + static __always_inline u64 __canonical_address(u64 vaddr, u8 vaddr_bits) { return ((s64)vaddr << (64 - vaddr_bits)) >> (64 - vaddr_bits); --- linux-6.8.0.orig/arch/x86/include/asm/pci-direct.h +++ linux-6.8.0/arch/x86/include/asm/pci-direct.h @@ -10,9 +10,11 @@ extern u32 read_pci_config(u8 bus, u8 slot, u8 func, u8 offset); extern u8 read_pci_config_byte(u8 bus, u8 slot, u8 func, u8 offset); extern u16 read_pci_config_16(u8 bus, u8 slot, u8 func, u8 offset); +extern u32 pci_early_find_cap(int bus, int slot, int func, int cap); extern void write_pci_config(u8 bus, u8 slot, u8 func, u8 offset, u32 val); extern void write_pci_config_byte(u8 bus, u8 slot, u8 func, u8 offset, u8 val); extern void write_pci_config_16(u8 bus, u8 slot, u8 func, u8 offset, u16 val); +extern unsigned int pci_early_clear_msi; extern int early_pci_allowed(void); #endif /* _ASM_X86_PCI_DIRECT_H */ --- linux-6.8.0.orig/arch/x86/include/asm/required-features.h +++ linux-6.8.0/arch/x86/include/asm/required-features.h @@ -99,6 +99,7 @@ #define REQUIRED_MASK18 0 #define REQUIRED_MASK19 0 #define REQUIRED_MASK20 0 -#define REQUIRED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 21) +#define REQUIRED_MASK21 0 +#define REQUIRED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 22) #endif /* _ASM_X86_REQUIRED_FEATURES_H */ --- linux-6.8.0.orig/arch/x86/include/asm/sev.h +++ linux-6.8.0/arch/x86/include/asm/sev.h @@ -203,12 +203,12 @@ unsigned long npages); void __init early_snp_set_memory_shared(unsigned long vaddr, unsigned long paddr, unsigned long npages); -void __init snp_prep_memory(unsigned long paddr, unsigned int sz, enum psc_op op); void snp_set_memory_shared(unsigned long vaddr, unsigned long npages); void snp_set_memory_private(unsigned long vaddr, unsigned long npages); void snp_set_wakeup_secondary_cpu(void); bool snp_init(struct boot_params *bp); void __init __noreturn snp_abort(void); +void snp_dmi_setup(void); int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, struct snp_guest_request_ioctl *rio); void snp_accept_memory(phys_addr_t start, phys_addr_t end); u64 snp_get_unsupported_features(u64 status); @@ -227,12 +227,12 @@ early_snp_set_memory_private(unsigned long vaddr, unsigned long paddr, unsigned long npages) { } static inline void __init early_snp_set_memory_shared(unsigned long vaddr, unsigned long paddr, unsigned long npages) { } -static inline void __init snp_prep_memory(unsigned long paddr, unsigned int sz, enum psc_op op) { } static inline void snp_set_memory_shared(unsigned long vaddr, unsigned long npages) { } static inline void snp_set_memory_private(unsigned long vaddr, unsigned long npages) { } static inline void snp_set_wakeup_secondary_cpu(void) { } static inline bool snp_init(struct boot_params *bp) { return false; } static inline void snp_abort(void) { } +static inline void snp_dmi_setup(void) { } static inline int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, struct snp_guest_request_ioctl *rio) { return -ENOTTY; --- linux-6.8.0.orig/arch/x86/include/asm/special_insns.h +++ linux-6.8.0/arch/x86/include/asm/special_insns.h @@ -224,10 +224,10 @@ } /* The dst parameter must be 64-bytes aligned */ -static inline void movdir64b(void __iomem *dst, const void *src) +static inline void movdir64b(void *dst, const void *src) { const struct { char _[64]; } *__src = src; - struct { char _[64]; } __iomem *__dst = dst; + struct { char _[64]; } *__dst = dst; /* * MOVDIR64B %(rdx), rax. @@ -245,6 +245,11 @@ : "m" (*__src), "a" (__dst), "d" (__src)); } +static inline void movdir64b_io(void __iomem *dst, const void *src) +{ + movdir64b((void __force *)dst, src); +} + /** * enqcmds - Enqueue a command in supervisor (CPL0) mode * @dst: destination, in MMIO space (must be 512-bit aligned) --- linux-6.8.0.orig/arch/x86/include/asm/suspend_32.h +++ linux-6.8.0/arch/x86/include/asm/suspend_32.h @@ -12,11 +12,6 @@ /* image of the saved processor state */ struct saved_context { - /* - * On x86_32, all segment registers except gs are saved at kernel - * entry in pt_regs. - */ - u16 gs; unsigned long cr0, cr2, cr3, cr4; u64 misc_enable; struct saved_msrs saved_msrs; @@ -27,6 +22,11 @@ unsigned long tr; unsigned long safety; unsigned long return_address; + /* + * On x86_32, all segment registers except gs are saved at kernel + * entry in pt_regs. + */ + u16 gs; bool misc_enable_saved; } __attribute__((packed)); --- linux-6.8.0.orig/arch/x86/include/asm/syscall.h +++ linux-6.8.0/arch/x86/include/asm/syscall.h @@ -16,19 +16,17 @@ #include /* for TS_COMPAT */ #include +/* This is used purely for kernel/trace/trace_syscalls.c */ typedef long (*sys_call_ptr_t)(const struct pt_regs *); extern const sys_call_ptr_t sys_call_table[]; -#if defined(CONFIG_X86_32) -#define ia32_sys_call_table sys_call_table -#else /* * These may not exist, but still put the prototypes in so we * can use IS_ENABLED(). */ -extern const sys_call_ptr_t ia32_sys_call_table[]; -extern const sys_call_ptr_t x32_sys_call_table[]; -#endif +extern long ia32_sys_call(const struct pt_regs *, unsigned int nr); +extern long x32_sys_call(const struct pt_regs *, unsigned int nr); +extern long x64_sys_call(const struct pt_regs *, unsigned int nr); /* * Only the low 32 bits of orig_ax are meaningful, so we return int. @@ -127,6 +125,7 @@ } bool do_syscall_64(struct pt_regs *regs, int nr); +void do_int80_emulation(struct pt_regs *regs); #endif /* CONFIG_X86_32 */ --- linux-6.8.0.orig/arch/x86/include/asm/x86_init.h +++ linux-6.8.0/arch/x86/include/asm/x86_init.h @@ -30,12 +30,13 @@ * @reserve_resources: reserve the standard resources for the * platform * @memory_setup: platform specific memory setup - * + * @dmi_setup: platform specific DMI setup */ struct x86_init_resources { void (*probe_roms)(void); void (*reserve_resources)(void); char *(*memory_setup)(void); + void (*dmi_setup)(void); }; /** --- linux-6.8.0.orig/arch/x86/kernel/acpi/cppc.c +++ linux-6.8.0/arch/x86/kernel/acpi/cppc.c @@ -20,7 +20,7 @@ (boot_cpu_data.x86_model >= 0x20 && boot_cpu_data.x86_model <= 0x2f))) return true; else if (boot_cpu_data.x86 == 0x17 && - boot_cpu_data.x86_model >= 0x70 && boot_cpu_data.x86_model <= 0x7f) + boot_cpu_data.x86_model >= 0x30 && boot_cpu_data.x86_model <= 0x7f) return true; return boot_cpu_has(X86_FEATURE_CPPC); } --- linux-6.8.0.orig/arch/x86/kernel/aperture_64.c +++ linux-6.8.0/arch/x86/kernel/aperture_64.c @@ -136,32 +136,6 @@ } -/* Find a PCI capability */ -static u32 __init find_cap(int bus, int slot, int func, int cap) -{ - int bytes; - u8 pos; - - if (!(read_pci_config_16(bus, slot, func, PCI_STATUS) & - PCI_STATUS_CAP_LIST)) - return 0; - - pos = read_pci_config_byte(bus, slot, func, PCI_CAPABILITY_LIST); - for (bytes = 0; bytes < 48 && pos >= 0x40; bytes++) { - u8 id; - - pos &= ~3; - id = read_pci_config_byte(bus, slot, func, pos+PCI_CAP_LIST_ID); - if (id == 0xff) - break; - if (id == cap) - return pos; - pos = read_pci_config_byte(bus, slot, func, - pos+PCI_CAP_LIST_NEXT); - } - return 0; -} - /* Read a standard AGPv3 bridge header */ static u32 __init read_agp(int bus, int slot, int func, int cap, u32 *order) { @@ -250,8 +224,8 @@ case PCI_CLASS_BRIDGE_HOST: case PCI_CLASS_BRIDGE_OTHER: /* needed? */ /* AGP bridge? */ - cap = find_cap(bus, slot, func, - PCI_CAP_ID_AGP); + cap = pci_early_find_cap(bus, slot, + func, PCI_CAP_ID_AGP); if (!cap) break; *valid_agp = 1; --- linux-6.8.0.orig/arch/x86/kernel/cpu/amd.c +++ linux-6.8.0/arch/x86/kernel/cpu/amd.c @@ -989,11 +989,11 @@ u32 good_rev = 0; switch (boot_cpu_data.x86_model) { - case 0x30 ... 0x3f: good_rev = 0x0830107a; break; - case 0x60 ... 0x67: good_rev = 0x0860010b; break; - case 0x68 ... 0x6f: good_rev = 0x08608105; break; - case 0x70 ... 0x7f: good_rev = 0x08701032; break; - case 0xa0 ... 0xaf: good_rev = 0x08a00008; break; + case 0x30 ... 0x3f: good_rev = 0x0830107b; break; + case 0x60 ... 0x67: good_rev = 0x0860010c; break; + case 0x68 ... 0x6f: good_rev = 0x08608107; break; + case 0x70 ... 0x7f: good_rev = 0x08701033; break; + case 0xa0 ... 0xaf: good_rev = 0x08a00009; break; default: return false; --- linux-6.8.0.orig/arch/x86/kernel/cpu/bugs.c +++ linux-6.8.0/arch/x86/kernel/cpu/bugs.c @@ -422,6 +422,13 @@ if (boot_cpu_has_bug(X86_BUG_MDS) || (boot_cpu_has_bug(X86_BUG_TAA) && boot_cpu_has(X86_FEATURE_RTM))) setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF); + + /* + * X86_FEATURE_CLEAR_CPU_BUF could be enabled by other VERW based + * mitigations, disable KVM-only mitigation in that case. + */ + if (boot_cpu_has(X86_FEATURE_CLEAR_CPU_BUF)) + static_branch_disable(&mmio_stale_data_clear); else static_branch_enable(&mmio_stale_data_clear); @@ -474,6 +481,57 @@ early_param("mmio_stale_data", mmio_stale_data_parse_cmdline); #undef pr_fmt +#define pr_fmt(fmt) "Register File Data Sampling: " fmt + +enum rfds_mitigations { + RFDS_MITIGATION_OFF, + RFDS_MITIGATION_VERW, + RFDS_MITIGATION_UCODE_NEEDED, +}; + +/* Default mitigation for Register File Data Sampling */ +static enum rfds_mitigations rfds_mitigation __ro_after_init = + IS_ENABLED(CONFIG_MITIGATION_RFDS) ? RFDS_MITIGATION_VERW : RFDS_MITIGATION_OFF; + +static const char * const rfds_strings[] = { + [RFDS_MITIGATION_OFF] = "Vulnerable", + [RFDS_MITIGATION_VERW] = "Mitigation: Clear Register File", + [RFDS_MITIGATION_UCODE_NEEDED] = "Vulnerable: No microcode", +}; + +static void __init rfds_select_mitigation(void) +{ + if (!boot_cpu_has_bug(X86_BUG_RFDS) || cpu_mitigations_off()) { + rfds_mitigation = RFDS_MITIGATION_OFF; + return; + } + if (rfds_mitigation == RFDS_MITIGATION_OFF) + return; + + if (x86_read_arch_cap_msr() & ARCH_CAP_RFDS_CLEAR) + setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF); + else + rfds_mitigation = RFDS_MITIGATION_UCODE_NEEDED; +} + +static __init int rfds_parse_cmdline(char *str) +{ + if (!str) + return -EINVAL; + + if (!boot_cpu_has_bug(X86_BUG_RFDS)) + return 0; + + if (!strcmp(str, "off")) + rfds_mitigation = RFDS_MITIGATION_OFF; + else if (!strcmp(str, "on")) + rfds_mitigation = RFDS_MITIGATION_VERW; + + return 0; +} +early_param("reg_file_data_sampling", rfds_parse_cmdline); + +#undef pr_fmt #define pr_fmt(fmt) "" fmt static void __init md_clear_update_mitigation(void) @@ -498,11 +556,19 @@ taa_mitigation = TAA_MITIGATION_VERW; taa_select_mitigation(); } - if (mmio_mitigation == MMIO_MITIGATION_OFF && - boot_cpu_has_bug(X86_BUG_MMIO_STALE_DATA)) { + /* + * MMIO_MITIGATION_OFF is not checked here so that mmio_stale_data_clear + * gets updated correctly as per X86_FEATURE_CLEAR_CPU_BUF state. + */ + if (boot_cpu_has_bug(X86_BUG_MMIO_STALE_DATA)) { mmio_mitigation = MMIO_MITIGATION_VERW; mmio_select_mitigation(); } + if (rfds_mitigation == RFDS_MITIGATION_OFF && + boot_cpu_has_bug(X86_BUG_RFDS)) { + rfds_mitigation = RFDS_MITIGATION_VERW; + rfds_select_mitigation(); + } out: if (boot_cpu_has_bug(X86_BUG_MDS)) pr_info("MDS: %s\n", mds_strings[mds_mitigation]); @@ -512,6 +578,8 @@ pr_info("MMIO Stale Data: %s\n", mmio_strings[mmio_mitigation]); else if (boot_cpu_has_bug(X86_BUG_MMIO_UNKNOWN)) pr_info("MMIO Stale Data: Unknown: No mitigations\n"); + if (boot_cpu_has_bug(X86_BUG_RFDS)) + pr_info("Register File Data Sampling: %s\n", rfds_strings[rfds_mitigation]); } static void __init md_clear_select_mitigation(void) @@ -519,11 +587,12 @@ mds_select_mitigation(); taa_select_mitigation(); mmio_select_mitigation(); + rfds_select_mitigation(); /* - * As MDS, TAA and MMIO Stale Data mitigations are inter-related, update - * and print their mitigation after MDS, TAA and MMIO Stale Data - * mitigation selection is done. + * As these mitigations are inter-related and rely on VERW instruction + * to clear the microarchitural buffers, update and print their status + * after mitigation selection is done for each of these vulnerabilities. */ md_clear_update_mitigation(); } @@ -1537,6 +1606,79 @@ dump_stack(); } +/* + * Set BHI_DIS_S to prevent indirect branches in kernel to be influenced by + * branch history in userspace. Not needed if BHI_NO is set. + */ +static bool __init spec_ctrl_bhi_dis(void) +{ + if (!boot_cpu_has(X86_FEATURE_BHI_CTRL)) + return false; + + x86_spec_ctrl_base |= SPEC_CTRL_BHI_DIS_S; + update_spec_ctrl(x86_spec_ctrl_base); + setup_force_cpu_cap(X86_FEATURE_CLEAR_BHB_HW); + + return true; +} + +enum bhi_mitigations { + BHI_MITIGATION_OFF, + BHI_MITIGATION_ON, + BHI_MITIGATION_AUTO, +}; + +static enum bhi_mitigations bhi_mitigation __ro_after_init = + IS_ENABLED(CONFIG_SPECTRE_BHI_ON) ? BHI_MITIGATION_ON : + IS_ENABLED(CONFIG_SPECTRE_BHI_OFF) ? BHI_MITIGATION_OFF : + BHI_MITIGATION_AUTO; + +static int __init spectre_bhi_parse_cmdline(char *str) +{ + if (!str) + return -EINVAL; + + if (!strcmp(str, "off")) + bhi_mitigation = BHI_MITIGATION_OFF; + else if (!strcmp(str, "on")) + bhi_mitigation = BHI_MITIGATION_ON; + else if (!strcmp(str, "auto")) + bhi_mitigation = BHI_MITIGATION_AUTO; + else + pr_err("Ignoring unknown spectre_bhi option (%s)", str); + + return 0; +} +early_param("spectre_bhi", spectre_bhi_parse_cmdline); + +static void __init bhi_select_mitigation(void) +{ + if (bhi_mitigation == BHI_MITIGATION_OFF) + return; + + /* Retpoline mitigates against BHI unless the CPU has RRSBA behavior */ + if (cpu_feature_enabled(X86_FEATURE_RETPOLINE) && + !(x86_read_arch_cap_msr() & ARCH_CAP_RRSBA)) + return; + + if (spec_ctrl_bhi_dis()) + return; + + if (!IS_ENABLED(CONFIG_X86_64)) + return; + + /* Mitigate KVM by default */ + setup_force_cpu_cap(X86_FEATURE_CLEAR_BHB_LOOP_ON_VMEXIT); + pr_info("Spectre BHI mitigation: SW BHB clearing on vm exit\n"); + + if (bhi_mitigation == BHI_MITIGATION_AUTO) + return; + + /* Mitigate syscalls when the mitigation is forced =on */ + setup_force_cpu_cap(X86_FEATURE_CLEAR_BHB_LOOP); + pr_info("Spectre BHI mitigation: SW BHB clearing on syscall\n"); +} + static void __init spectre_v2_select_mitigation(void) { enum spectre_v2_mitigation_cmd cmd = spectre_v2_parse_cmdline(); @@ -1648,6 +1790,9 @@ mode == SPECTRE_V2_RETPOLINE) spec_ctrl_disable_kernel_rrsba(); + if (boot_cpu_has(X86_BUG_BHI)) + bhi_select_mitigation(); + spectre_v2_enabled = mode; pr_info("%s\n", spectre_v2_strings[mode]); @@ -2612,6 +2757,11 @@ sched_smt_active() ? "vulnerable" : "disabled"); } +static ssize_t rfds_show_state(char *buf) +{ + return sysfs_emit(buf, "%s\n", rfds_strings[rfds_mitigation]); +} + static char *stibp_state(void) { if (spectre_v2_in_eibrs_mode(spectre_v2_enabled) && @@ -2620,15 +2770,15 @@ switch (spectre_v2_user_stibp) { case SPECTRE_V2_USER_NONE: - return ", STIBP: disabled"; + return "; STIBP: disabled"; case SPECTRE_V2_USER_STRICT: - return ", STIBP: forced"; + return "; STIBP: forced"; case SPECTRE_V2_USER_STRICT_PREFERRED: - return ", STIBP: always-on"; + return "; STIBP: always-on"; case SPECTRE_V2_USER_PRCTL: case SPECTRE_V2_USER_SECCOMP: if (static_key_enabled(&switch_to_cond_stibp)) - return ", STIBP: conditional"; + return "; STIBP: conditional"; } return ""; } @@ -2637,10 +2787,10 @@ { if (boot_cpu_has(X86_FEATURE_IBPB)) { if (static_key_enabled(&switch_mm_always_ibpb)) - return ", IBPB: always-on"; + return "; IBPB: always-on"; if (static_key_enabled(&switch_mm_cond_ibpb)) - return ", IBPB: conditional"; - return ", IBPB: disabled"; + return "; IBPB: conditional"; + return "; IBPB: disabled"; } return ""; } @@ -2650,14 +2800,31 @@ if (boot_cpu_has_bug(X86_BUG_EIBRS_PBRSB)) { if (boot_cpu_has(X86_FEATURE_RSB_VMEXIT_LITE) || boot_cpu_has(X86_FEATURE_RSB_VMEXIT)) - return ", PBRSB-eIBRS: SW sequence"; + return "; PBRSB-eIBRS: SW sequence"; else - return ", PBRSB-eIBRS: Vulnerable"; + return "; PBRSB-eIBRS: Vulnerable"; } else { - return ", PBRSB-eIBRS: Not affected"; + return "; PBRSB-eIBRS: Not affected"; } } +static const char * const spectre_bhi_state(void) +{ + if (!boot_cpu_has_bug(X86_BUG_BHI)) + return "; BHI: Not affected"; + else if (boot_cpu_has(X86_FEATURE_CLEAR_BHB_HW)) + return "; BHI: BHI_DIS_S"; + else if (boot_cpu_has(X86_FEATURE_CLEAR_BHB_LOOP)) + return "; BHI: SW loop, KVM: SW loop"; + else if (boot_cpu_has(X86_FEATURE_RETPOLINE) && + !(x86_read_arch_cap_msr() & ARCH_CAP_RRSBA)) + return "; BHI: Retpoline"; + else if (boot_cpu_has(X86_FEATURE_CLEAR_BHB_LOOP_ON_VMEXIT)) + return "; BHI: Syscall hardening, KVM: SW loop"; + + return "; BHI: Vulnerable (Syscall hardening enabled)"; +} + static ssize_t spectre_v2_show_state(char *buf) { if (spectre_v2_enabled == SPECTRE_V2_LFENCE) @@ -2670,13 +2837,15 @@ spectre_v2_enabled == SPECTRE_V2_EIBRS_LFENCE) return sysfs_emit(buf, "Vulnerable: eIBRS+LFENCE with unprivileged eBPF and SMT\n"); - return sysfs_emit(buf, "%s%s%s%s%s%s%s\n", + return sysfs_emit(buf, "%s%s%s%s%s%s%s%s\n", spectre_v2_strings[spectre_v2_enabled], ibpb_state(), - boot_cpu_has(X86_FEATURE_USE_IBRS_FW) ? ", IBRS_FW" : "", + boot_cpu_has(X86_FEATURE_USE_IBRS_FW) ? "; IBRS_FW" : "", stibp_state(), - boot_cpu_has(X86_FEATURE_RSB_CTXSW) ? ", RSB filling" : "", + boot_cpu_has(X86_FEATURE_RSB_CTXSW) ? "; RSB filling" : "", pbrsb_eibrs_state(), + spectre_bhi_state(), + /* this should always be at the end */ spectre_v2_module_string()); } @@ -2771,6 +2940,9 @@ case X86_BUG_GDS: return gds_show_state(buf); + case X86_BUG_RFDS: + return rfds_show_state(buf); + default: break; } @@ -2845,4 +3017,9 @@ { return cpu_show_common(dev, attr, buf, X86_BUG_GDS); } + +ssize_t cpu_show_reg_file_data_sampling(struct device *dev, struct device_attribute *attr, char *buf) +{ + return cpu_show_common(dev, attr, buf, X86_BUG_RFDS); +} #endif --- linux-6.8.0.orig/arch/x86/kernel/cpu/cacheinfo.c +++ linux-6.8.0/arch/x86/kernel/cpu/cacheinfo.c @@ -178,7 +178,16 @@ struct amd_northbridge *nb; }; -static unsigned short num_cache_leaves; +static inline unsigned int get_num_cache_leaves(unsigned int cpu) +{ + return get_cpu_cacheinfo(cpu)->num_leaves; +} + +static inline void +set_num_cache_leaves(unsigned int nr_leaves, unsigned int cpu) +{ + get_cpu_cacheinfo(cpu)->num_leaves = nr_leaves; +} /* AMD doesn't have CPUID4. Emulate it here to report the same information to the user. This makes some assumptions about the machine: @@ -718,19 +727,21 @@ void init_amd_cacheinfo(struct cpuinfo_x86 *c) { + unsigned int cpu = c->cpu_index; + if (boot_cpu_has(X86_FEATURE_TOPOEXT)) { - num_cache_leaves = find_num_cache_leaves(c); + set_num_cache_leaves(find_num_cache_leaves(c), cpu); } else if (c->extended_cpuid_level >= 0x80000006) { if (cpuid_edx(0x80000006) & 0xf000) - num_cache_leaves = 4; + set_num_cache_leaves(4, cpu); else - num_cache_leaves = 3; + set_num_cache_leaves(3, cpu); } } void init_hygon_cacheinfo(struct cpuinfo_x86 *c) { - num_cache_leaves = find_num_cache_leaves(c); + set_num_cache_leaves(find_num_cache_leaves(c), c->cpu_index); } void init_intel_cacheinfo(struct cpuinfo_x86 *c) @@ -742,19 +753,19 @@ unsigned int l2_id = 0, l3_id = 0, num_threads_sharing, index_msb; if (c->cpuid_level > 3) { - static int is_initialized; - - if (is_initialized == 0) { - /* Init num_cache_leaves from boot CPU */ - num_cache_leaves = find_num_cache_leaves(c); - is_initialized++; - } + /* + * There should be at least one leaf. A non-zero value means + * that the number of leaves has been initialized. + */ + if (!get_num_cache_leaves(c->cpu_index)) + set_num_cache_leaves(find_num_cache_leaves(c), + c->cpu_index); /* * Whenever possible use cpuid(4), deterministic cache * parameters cpuid leaf to find the cache details */ - for (i = 0; i < num_cache_leaves; i++) { + for (i = 0; i < get_num_cache_leaves(c->cpu_index); i++) { struct _cpuid4_info_regs this_leaf = {}; int retval; @@ -790,14 +801,14 @@ * Don't use cpuid2 if cpuid4 is supported. For P4, we use cpuid2 for * trace cache */ - if ((num_cache_leaves == 0 || c->x86 == 15) && c->cpuid_level > 1) { + if ((!get_num_cache_leaves(c->cpu_index) || c->x86 == 15) && c->cpuid_level > 1) { /* supports eax=2 call */ int j, n; unsigned int regs[4]; unsigned char *dp = (unsigned char *)regs; int only_trace = 0; - if (num_cache_leaves != 0 && c->x86 == 15) + if (get_num_cache_leaves(c->cpu_index) && c->x86 == 15) only_trace = 1; /* Number of times to iterate */ @@ -991,14 +1002,6 @@ int init_cache_level(unsigned int cpu) { - struct cpu_cacheinfo *this_cpu_ci = get_cpu_cacheinfo(cpu); - - if (!num_cache_leaves) - return -ENOENT; - if (!this_cpu_ci) - return -EINVAL; - this_cpu_ci->num_levels = 3; - this_cpu_ci->num_leaves = num_cache_leaves; return 0; } --- linux-6.8.0.orig/arch/x86/kernel/cpu/common.c +++ linux-6.8.0/arch/x86/kernel/cpu/common.c @@ -1163,6 +1163,7 @@ #define NO_SPECTRE_V2 BIT(8) #define NO_MMIO BIT(9) #define NO_EIBRS_PBRSB BIT(10) +#define NO_BHI BIT(11) #define VULNWL(vendor, family, model, whitelist) \ X86_MATCH_VENDOR_FAM_MODEL(vendor, family, model, whitelist) @@ -1225,18 +1226,18 @@ VULNWL_INTEL(ATOM_TREMONT_D, NO_ITLB_MULTIHIT | NO_EIBRS_PBRSB), /* AMD Family 0xf - 0x12 */ - VULNWL_AMD(0x0f, NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO), - VULNWL_AMD(0x10, NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO), - VULNWL_AMD(0x11, NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO), - VULNWL_AMD(0x12, NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO), + VULNWL_AMD(0x0f, NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO | NO_BHI), + VULNWL_AMD(0x10, NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO | NO_BHI), + VULNWL_AMD(0x11, NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO | NO_BHI), + VULNWL_AMD(0x12, NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO | NO_BHI), /* FAMILY_ANY must be last, otherwise 0x0f - 0x12 matches won't work */ - VULNWL_AMD(X86_FAMILY_ANY, NO_MELTDOWN | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO | NO_EIBRS_PBRSB), - VULNWL_HYGON(X86_FAMILY_ANY, NO_MELTDOWN | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO | NO_EIBRS_PBRSB), + VULNWL_AMD(X86_FAMILY_ANY, NO_MELTDOWN | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO | NO_EIBRS_PBRSB | NO_BHI), + VULNWL_HYGON(X86_FAMILY_ANY, NO_MELTDOWN | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT | NO_MMIO | NO_EIBRS_PBRSB | NO_BHI), /* Zhaoxin Family 7 */ - VULNWL(CENTAUR, 7, X86_MODEL_ANY, NO_SPECTRE_V2 | NO_SWAPGS | NO_MMIO), - VULNWL(ZHAOXIN, 7, X86_MODEL_ANY, NO_SPECTRE_V2 | NO_SWAPGS | NO_MMIO), + VULNWL(CENTAUR, 7, X86_MODEL_ANY, NO_SPECTRE_V2 | NO_SWAPGS | NO_MMIO | NO_BHI), + VULNWL(ZHAOXIN, 7, X86_MODEL_ANY, NO_SPECTRE_V2 | NO_SWAPGS | NO_MMIO | NO_BHI), {} }; @@ -1267,6 +1268,8 @@ #define SRSO BIT(5) /* CPU is affected by GDS */ #define GDS BIT(6) +/* CPU is affected by Register File Data Sampling */ +#define RFDS BIT(7) static const struct x86_cpu_id cpu_vuln_blacklist[] __initconst = { VULNBL_INTEL_STEPPINGS(IVYBRIDGE, X86_STEPPING_ANY, SRBDS), @@ -1294,9 +1297,18 @@ VULNBL_INTEL_STEPPINGS(TIGERLAKE, X86_STEPPING_ANY, GDS), VULNBL_INTEL_STEPPINGS(LAKEFIELD, X86_STEPPING_ANY, MMIO | MMIO_SBDS | RETBLEED), VULNBL_INTEL_STEPPINGS(ROCKETLAKE, X86_STEPPING_ANY, MMIO | RETBLEED | GDS), - VULNBL_INTEL_STEPPINGS(ATOM_TREMONT, X86_STEPPING_ANY, MMIO | MMIO_SBDS), - VULNBL_INTEL_STEPPINGS(ATOM_TREMONT_D, X86_STEPPING_ANY, MMIO), - VULNBL_INTEL_STEPPINGS(ATOM_TREMONT_L, X86_STEPPING_ANY, MMIO | MMIO_SBDS), + VULNBL_INTEL_STEPPINGS(ALDERLAKE, X86_STEPPING_ANY, RFDS), + VULNBL_INTEL_STEPPINGS(ALDERLAKE_L, X86_STEPPING_ANY, RFDS), + VULNBL_INTEL_STEPPINGS(RAPTORLAKE, X86_STEPPING_ANY, RFDS), + VULNBL_INTEL_STEPPINGS(RAPTORLAKE_P, X86_STEPPING_ANY, RFDS), + VULNBL_INTEL_STEPPINGS(RAPTORLAKE_S, X86_STEPPING_ANY, RFDS), + VULNBL_INTEL_STEPPINGS(ATOM_GRACEMONT, X86_STEPPING_ANY, RFDS), + VULNBL_INTEL_STEPPINGS(ATOM_TREMONT, X86_STEPPING_ANY, MMIO | MMIO_SBDS | RFDS), + VULNBL_INTEL_STEPPINGS(ATOM_TREMONT_D, X86_STEPPING_ANY, MMIO | RFDS), + VULNBL_INTEL_STEPPINGS(ATOM_TREMONT_L, X86_STEPPING_ANY, MMIO | MMIO_SBDS | RFDS), + VULNBL_INTEL_STEPPINGS(ATOM_GOLDMONT, X86_STEPPING_ANY, RFDS), + VULNBL_INTEL_STEPPINGS(ATOM_GOLDMONT_D, X86_STEPPING_ANY, RFDS), + VULNBL_INTEL_STEPPINGS(ATOM_GOLDMONT_PLUS, X86_STEPPING_ANY, RFDS), VULNBL_AMD(0x15, RETBLEED), VULNBL_AMD(0x16, RETBLEED), @@ -1330,6 +1342,24 @@ ia32_cap & ARCH_CAP_SBDR_SSDP_NO); } +static bool __init vulnerable_to_rfds(u64 ia32_cap) +{ + /* The "immunity" bit trumps everything else: */ + if (ia32_cap & ARCH_CAP_RFDS_NO) + return false; + + /* + * VMMs set ARCH_CAP_RFDS_CLEAR for processors not in the blacklist to + * indicate that mitigation is needed because guest is running on a + * vulnerable hardware or may migrate to such hardware: + */ + if (ia32_cap & ARCH_CAP_RFDS_CLEAR) + return true; + + /* Only consult the blacklist when there is no enumeration: */ + return cpu_matches(cpu_vuln_blacklist, RFDS); +} + static void __init cpu_set_bug_bits(struct cpuinfo_x86 *c) { u64 ia32_cap = x86_read_arch_cap_msr(); @@ -1441,6 +1471,16 @@ boot_cpu_has(X86_FEATURE_AVX)) setup_force_cpu_bug(X86_BUG_GDS); + if (vulnerable_to_rfds(ia32_cap)) + setup_force_cpu_bug(X86_BUG_RFDS); + + /* When virtualized, eIBRS could be hidden, assume vulnerable */ + if (!(ia32_cap & ARCH_CAP_BHI_NO) && + !cpu_matches(cpu_vuln_whitelist, NO_BHI) && + (boot_cpu_has(X86_FEATURE_IBRS_ENHANCED) || + boot_cpu_has(X86_FEATURE_HYPERVISOR))) + setup_force_cpu_bug(X86_BUG_BHI); + if (cpu_matches(cpu_vuln_whitelist, NO_MELTDOWN)) return; --- linux-6.8.0.orig/arch/x86/kernel/cpu/resctrl/core.c +++ linux-6.8.0/arch/x86/kernel/cpu/resctrl/core.c @@ -231,9 +231,7 @@ static bool __rdt_get_mem_config_amd(struct rdt_resource *r) { struct rdt_hw_resource *hw_res = resctrl_to_arch_res(r); - union cpuid_0x10_3_eax eax; - union cpuid_0x10_x_edx edx; - u32 ebx, ecx, subleaf; + u32 eax, ebx, ecx, edx, subleaf; /* * Query CPUID_Fn80000020_EDX_x01 for MBA and @@ -241,9 +239,9 @@ */ subleaf = (r->rid == RDT_RESOURCE_SMBA) ? 2 : 1; - cpuid_count(0x80000020, subleaf, &eax.full, &ebx, &ecx, &edx.full); - hw_res->num_closid = edx.split.cos_max + 1; - r->default_ctrl = MAX_MBA_BW_AMD; + cpuid_count(0x80000020, subleaf, &eax, &ebx, &ecx, &edx); + hw_res->num_closid = edx + 1; + r->default_ctrl = 1 << eax; /* AMD does not use delay */ r->membw.delay_linear = false; --- linux-6.8.0.orig/arch/x86/kernel/cpu/resctrl/internal.h +++ linux-6.8.0/arch/x86/kernel/cpu/resctrl/internal.h @@ -18,7 +18,6 @@ #define MBM_OVERFLOW_INTERVAL 1000 #define MAX_MBA_BW 100u #define MBA_IS_LINEAR 0x4 -#define MAX_MBA_BW_AMD 0x800 #define MBM_CNTR_WIDTH_OFFSET_AMD 20 #define RMID_VAL_ERROR BIT_ULL(63) @@ -296,14 +295,10 @@ * struct mbm_state - status for each MBM counter in each domain * @prev_bw_bytes: Previous bytes value read for bandwidth calculation * @prev_bw: The most recent bandwidth in MBps - * @delta_bw: Difference between the current and previous bandwidth - * @delta_comp: Indicates whether to compute the delta_bw */ struct mbm_state { u64 prev_bw_bytes; u32 prev_bw; - u32 delta_bw; - bool delta_comp; }; /** @@ -395,6 +390,8 @@ * @msr_update: Function pointer to update QOS MSRs * @mon_scale: cqm counter * mon_scale = occupancy in bytes * @mbm_width: Monitor width, to detect and correct for overflow. + * @mbm_cfg_mask: Bandwidth sources that can be tracked when Bandwidth + * Monitoring Event Configuration (BMEC) is supported. * @cdp_enabled: CDP state of this resource * * Members of this structure are either private to the architecture @@ -409,6 +406,7 @@ struct rdt_resource *r); unsigned int mon_scale; unsigned int mbm_width; + unsigned int mbm_cfg_mask; bool cdp_enabled; }; --- linux-6.8.0.orig/arch/x86/kernel/cpu/resctrl/monitor.c +++ linux-6.8.0/arch/x86/kernel/cpu/resctrl/monitor.c @@ -440,9 +440,6 @@ cur_bw = bytes / SZ_1M; - if (m->delta_comp) - m->delta_bw = abs(cur_bw - m->prev_bw); - m->delta_comp = false; m->prev_bw = cur_bw; } @@ -520,11 +517,11 @@ { u32 closid, rmid, cur_msr_val, new_msr_val; struct mbm_state *pmbm_data, *cmbm_data; - u32 cur_bw, delta_bw, user_bw; struct rdt_resource *r_mba; struct rdt_domain *dom_mba; struct list_head *head; struct rdtgroup *entry; + u32 cur_bw, user_bw; if (!is_mbm_local_enabled()) return; @@ -543,7 +540,6 @@ cur_bw = pmbm_data->prev_bw; user_bw = dom_mba->mbps_val[closid]; - delta_bw = pmbm_data->delta_bw; /* MBA resource doesn't support CDP */ cur_msr_val = resctrl_arch_get_config(r_mba, dom_mba, closid, CDP_NONE); @@ -555,49 +551,31 @@ list_for_each_entry(entry, head, mon.crdtgrp_list) { cmbm_data = &dom_mbm->mbm_local[entry->mon.rmid]; cur_bw += cmbm_data->prev_bw; - delta_bw += cmbm_data->delta_bw; } /* * Scale up/down the bandwidth linearly for the ctrl group. The * bandwidth step is the bandwidth granularity specified by the * hardware. - * - * The delta_bw is used when increasing the bandwidth so that we - * dont alternately increase and decrease the control values - * continuously. - * - * For ex: consider cur_bw = 90MBps, user_bw = 100MBps and if - * bandwidth step is 20MBps(> user_bw - cur_bw), we would keep - * switching between 90 and 110 continuously if we only check - * cur_bw < user_bw. + * Always increase throttling if current bandwidth is above the + * target set by user. + * But avoid thrashing up and down on every poll by checking + * whether a decrease in throttling is likely to push the group + * back over target. E.g. if currently throttling to 30% of bandwidth + * on a system with 10% granularity steps, check whether moving to + * 40% would go past the limit by multiplying current bandwidth by + * "(30 + 10) / 30". */ if (cur_msr_val > r_mba->membw.min_bw && user_bw < cur_bw) { new_msr_val = cur_msr_val - r_mba->membw.bw_gran; } else if (cur_msr_val < MAX_MBA_BW && - (user_bw > (cur_bw + delta_bw))) { + (user_bw > (cur_bw * (cur_msr_val + r_mba->membw.min_bw) / cur_msr_val))) { new_msr_val = cur_msr_val + r_mba->membw.bw_gran; } else { return; } resctrl_arch_update_one(r_mba, dom_mba, closid, CDP_NONE, new_msr_val); - - /* - * Delta values are updated dynamically package wise for each - * rdtgrp every time the throttle MSR changes value. - * - * This is because (1)the increase in bandwidth is not perfectly - * linear and only "approximately" linear even when the hardware - * says it is linear.(2)Also since MBA is a core specific - * mechanism, the delta values vary based on number of cores used - * by the rdtgrp. - */ - pmbm_data->delta_comp = true; - list_for_each_entry(entry, head, mon.crdtgrp_list) { - cmbm_data = &dom_mbm->mbm_local[entry->mon.rmid]; - cmbm_data->delta_comp = true; - } } static void mbm_update(struct rdt_resource *r, struct rdt_domain *d, int rmid) @@ -813,6 +791,12 @@ return ret; if (rdt_cpu_has(X86_FEATURE_BMEC)) { + u32 eax, ebx, ecx, edx; + + /* Detect list of bandwidth sources that can be tracked */ + cpuid_count(0x80000020, 3, &eax, &ebx, &ecx, &edx); + hw_res->mbm_cfg_mask = ecx & MAX_EVT_CONFIG_BITS; + if (rdt_cpu_has(X86_FEATURE_CQM_MBM_TOTAL)) { mbm_total_event.configurable = true; mbm_config_rftype_init("mbm_total_bytes_config"); --- linux-6.8.0.orig/arch/x86/kernel/cpu/resctrl/rdtgroup.c +++ linux-6.8.0/arch/x86/kernel/cpu/resctrl/rdtgroup.c @@ -1620,12 +1620,6 @@ struct mon_config_info mon_info = {0}; int ret = 0; - /* mon_config cannot be more than the supported set of events */ - if (val > MAX_EVT_CONFIG_BITS) { - rdt_last_cmd_puts("Invalid event configuration\n"); - return -EINVAL; - } - /* * Read the current config value first. If both are the same then * no need to write it again. @@ -1663,6 +1657,7 @@ static int mon_config_write(struct rdt_resource *r, char *tok, u32 evtid) { + struct rdt_hw_resource *hw_res = resctrl_to_arch_res(r); char *dom_str = NULL, *id_str; unsigned long dom_id, val; struct rdt_domain *d; @@ -1686,6 +1681,13 @@ return -EINVAL; } + /* Value from user cannot be more than the supported set of events */ + if ((val & hw_res->mbm_cfg_mask) != val) { + rdt_last_cmd_printf("Invalid event configuration: max valid mask is 0x%02x\n", + hw_res->mbm_cfg_mask); + return -EINVAL; + } + list_for_each_entry(d, &r->domains, list) { if (d->id == dom_id) { ret = mbm_config_write_domain(r, d, evtid, val); --- linux-6.8.0.orig/arch/x86/kernel/cpu/scattered.c +++ linux-6.8.0/arch/x86/kernel/cpu/scattered.c @@ -28,6 +28,7 @@ { X86_FEATURE_EPB, CPUID_ECX, 3, 0x00000006, 0 }, { X86_FEATURE_INTEL_PPIN, CPUID_EBX, 0, 0x00000007, 1 }, { X86_FEATURE_RRSBA_CTRL, CPUID_EDX, 2, 0x00000007, 2 }, + { X86_FEATURE_BHI_CTRL, CPUID_EDX, 4, 0x00000007, 2 }, { X86_FEATURE_CQM_LLC, CPUID_EDX, 1, 0x0000000f, 0 }, { X86_FEATURE_CQM_OCCUP_LLC, CPUID_EDX, 0, 0x0000000f, 1 }, { X86_FEATURE_CQM_MBM_TOTAL, CPUID_EDX, 1, 0x0000000f, 1 }, --- linux-6.8.0.orig/arch/x86/kernel/early-quirks.c +++ linux-6.8.0/arch/x86/kernel/early-quirks.c @@ -29,6 +29,37 @@ #include #include +static void __init early_pci_clear_msi(int bus, int slot, int func) +{ + int pos; + u16 ctrl; + + if (likely(!pci_early_clear_msi)) + return; + + pr_info_once("Clearing MSI/MSI-X enable bits early in boot (quirk)\n"); + + pos = pci_early_find_cap(bus, slot, func, PCI_CAP_ID_MSI); + if (pos) { + ctrl = read_pci_config_16(bus, slot, func, pos + PCI_MSI_FLAGS); + ctrl &= ~PCI_MSI_FLAGS_ENABLE; + write_pci_config_16(bus, slot, func, pos + PCI_MSI_FLAGS, ctrl); + + /* Read again to flush previous write */ + ctrl = read_pci_config_16(bus, slot, func, pos + PCI_MSI_FLAGS); + } + + pos = pci_early_find_cap(bus, slot, func, PCI_CAP_ID_MSIX); + if (pos) { + ctrl = read_pci_config_16(bus, slot, func, pos + PCI_MSIX_FLAGS); + ctrl &= ~PCI_MSIX_FLAGS_ENABLE; + write_pci_config_16(bus, slot, func, pos + PCI_MSIX_FLAGS, ctrl); + + /* Read again to flush previous write */ + ctrl = read_pci_config_16(bus, slot, func, pos + PCI_MSIX_FLAGS); + } +} + static void __init fix_hypertransport_config(int num, int slot, int func) { u32 htcfg; @@ -728,6 +759,7 @@ PCI_CLASS_BRIDGE_HOST, PCI_ANY_ID, 0, force_disable_hpet}, { PCI_VENDOR_ID_BROADCOM, 0x4331, PCI_CLASS_NETWORK_OTHER, PCI_ANY_ID, 0, apple_airport_reset}, + { PCI_ANY_ID, PCI_ANY_ID, 0, 0, 0, early_pci_clear_msi}, {} }; @@ -780,6 +812,10 @@ PCI_HEADER_TYPE); if ((type & PCI_HEADER_TYPE_MASK) == PCI_HEADER_TYPE_BRIDGE) { + /* pci_early_clear_msi scans the buses differently. */ + if (pci_early_clear_msi) + return -1; + sec = read_pci_config_byte(num, slot, func, PCI_SECONDARY_BUS); if (sec > num) early_pci_scan_bus(sec); @@ -806,8 +842,13 @@ void __init early_quirks(void) { + int bus; + if (!early_pci_allowed()) return; early_pci_scan_bus(0); + /* pci_early_clear_msi scans more buses. */ + for (bus = 1; pci_early_clear_msi && bus < 256; bus++) + early_pci_scan_bus(bus); } --- linux-6.8.0.orig/arch/x86/kernel/eisa.c +++ linux-6.8.0/arch/x86/kernel/eisa.c @@ -2,6 +2,7 @@ /* * EISA specific code */ +#include #include #include #include @@ -12,7 +13,7 @@ { void __iomem *p; - if (xen_pv_domain() && !xen_initial_domain()) + if ((xen_pv_domain() && !xen_initial_domain()) || cc_platform_has(CC_ATTR_GUEST_SEV_SNP)) return 0; p = ioremap(0x0FFFD9, 4); --- linux-6.8.0.orig/arch/x86/kernel/fpu/xstate.c +++ linux-6.8.0/arch/x86/kernel/fpu/xstate.c @@ -178,10 +178,11 @@ * Must happen after CR4 setup and before xsetbv() to allow KVM * lazy passthrough. Write independent of the dynamic state static * key as that does not work on the boot CPU. This also ensures - * that any stale state is wiped out from XFD. + * that any stale state is wiped out from XFD. Reset the per CPU + * xfd cache too. */ if (cpu_feature_enabled(X86_FEATURE_XFD)) - wrmsrl(MSR_IA32_XFD, init_fpstate.xfd); + xfd_set_state(init_fpstate.xfd); /* * XCR_XFEATURE_ENABLED_MASK (aka. XCR0) sets user features --- linux-6.8.0.orig/arch/x86/kernel/fpu/xstate.h +++ linux-6.8.0/arch/x86/kernel/fpu/xstate.h @@ -148,20 +148,26 @@ #endif #ifdef CONFIG_X86_64 +static inline void xfd_set_state(u64 xfd) +{ + wrmsrl(MSR_IA32_XFD, xfd); + __this_cpu_write(xfd_state, xfd); +} + static inline void xfd_update_state(struct fpstate *fpstate) { if (fpu_state_size_dynamic()) { u64 xfd = fpstate->xfd; - if (__this_cpu_read(xfd_state) != xfd) { - wrmsrl(MSR_IA32_XFD, xfd); - __this_cpu_write(xfd_state, xfd); - } + if (__this_cpu_read(xfd_state) != xfd) + xfd_set_state(xfd); } } extern int __xfd_enable_feature(u64 which, struct fpu_guest *guest_fpu); #else +static inline void xfd_set_state(u64 xfd) { } + static inline void xfd_update_state(struct fpstate *fpstate) { } static inline int __xfd_enable_feature(u64 which, struct fpu_guest *guest_fpu) { --- linux-6.8.0.orig/arch/x86/kernel/kprobes/core.c +++ linux-6.8.0/arch/x86/kernel/kprobes/core.c @@ -335,7 +335,16 @@ kprobe_opcode_t *arch_adjust_kprobe_addr(unsigned long addr, unsigned long offset, bool *on_func_entry) { - if (is_endbr(*(u32 *)addr)) { + u32 insn; + + /* + * Since 'addr' is not guaranteed to be safe to access, use + * copy_from_kernel_nofault() to read the instruction: + */ + if (copy_from_kernel_nofault(&insn, (void *)addr, sizeof(u32))) + return NULL; + + if (is_endbr(insn)) { *on_func_entry = !offset || offset == 4; if (*on_func_entry) offset = 4; --- linux-6.8.0.orig/arch/x86/kernel/mpparse.c +++ linux-6.8.0/arch/x86/kernel/mpparse.c @@ -196,12 +196,12 @@ if (!smp_check_mpc(mpc, oem, str)) return 0; - /* Initialize the lapic mapping */ - if (!acpi_lapic) - register_lapic_address(mpc->lapic); - - if (early) + if (early) { + /* Initialize the lapic mapping */ + if (!acpi_lapic) + register_lapic_address(mpc->lapic); return 1; + } /* Now process the configuration blocks. */ while (count < mpc->length) { --- linux-6.8.0.orig/arch/x86/kernel/nmi.c +++ linux-6.8.0/arch/x86/kernel/nmi.c @@ -636,7 +636,7 @@ msgp = nmi_check_stall_msg[idx]; if (nsp->idt_ignored_snap != READ_ONCE(nsp->idt_ignored) && (idx & 0x1)) modp = ", but OK because ignore_nmis was set"; - if (nmi_seq & ~0x1) + if (nmi_seq & 0x1) msghp = " (CPU currently in NMI handler function)"; else if (nsp->idt_nmi_seq_snap + 1 == nmi_seq) msghp = " (CPU exited one NMI handler function)"; --- linux-6.8.0.orig/arch/x86/kernel/probe_roms.c +++ linux-6.8.0/arch/x86/kernel/probe_roms.c @@ -203,16 +203,6 @@ unsigned char c; int i; - /* - * The ROM memory range is not part of the e820 table and is therefore not - * pre-validated by BIOS. The kernel page table maps the ROM region as encrypted - * memory, and SNP requires encrypted memory to be validated before access. - * Do that here. - */ - snp_prep_memory(video_rom_resource.start, - ((system_rom_resource.end + 1) - video_rom_resource.start), - SNP_PAGE_STATE_PRIVATE); - /* video rom */ upper = adapter_rom_resources[0].start; for (start = video_rom_resource.start; start < upper; start += 2048) { --- linux-6.8.0.orig/arch/x86/kernel/reboot.c +++ linux-6.8.0/arch/x86/kernel/reboot.c @@ -487,7 +487,46 @@ DMI_MATCH(DMI_PRODUCT_NAME, "VGN-Z540N"), }, }, - + { /* Handle problems with rebooting on the Latitude E6520. */ + .callback = set_pci_reboot, + .ident = "Dell Latitude E6520", + .matches = { + DMI_MATCH(DMI_SYS_VENDOR, "Dell Inc."), + DMI_MATCH(DMI_PRODUCT_NAME, "Latitude E6520"), + }, + }, + { /* Handle problems with rebooting on the OptiPlex 790. */ + .callback = set_pci_reboot, + .ident = "Dell OptiPlex 790", + .matches = { + DMI_MATCH(DMI_SYS_VENDOR, "Dell Inc."), + DMI_MATCH(DMI_PRODUCT_NAME, "OptiPlex 790"), + }, + }, + { /* Handle problems with rebooting on the OptiPlex 990. */ + .callback = set_pci_reboot, + .ident = "Dell OptiPlex 990", + .matches = { + DMI_MATCH(DMI_SYS_VENDOR, "Dell Inc."), + DMI_MATCH(DMI_PRODUCT_NAME, "OptiPlex 990"), + }, + }, + { /* Handle problems with rebooting on the Latitude E6220. */ + .callback = set_pci_reboot, + .ident = "Dell Latitude E6220", + .matches = { + DMI_MATCH(DMI_SYS_VENDOR, "Dell Inc."), + DMI_MATCH(DMI_PRODUCT_NAME, "Latitude E6220"), + }, + }, + { /* Handle problems with rebooting on the OptiPlex 390. */ + .callback = set_pci_reboot, + .ident = "Dell OptiPlex 390", + .matches = { + DMI_MATCH(DMI_SYS_VENDOR, "Dell Inc."), + DMI_MATCH(DMI_PRODUCT_NAME, "OptiPlex 390"), + }, + }, { } }; --- linux-6.8.0.orig/arch/x86/kernel/setup.c +++ linux-6.8.0/arch/x86/kernel/setup.c @@ -9,7 +9,6 @@ #include #include #include -#include #include #include #include @@ -21,6 +20,7 @@ #include #include #include +#include #include #include #include @@ -902,7 +902,15 @@ efi_init(); reserve_ibft_region(); - dmi_setup(); + + efi_set_secure_boot(boot_params.secure_boot); + +#ifdef CONFIG_LOCK_DOWN_IN_SECURE_BOOT + if (efi_enabled(EFI_SECURE_BOOT)) + security_lock_kernel_down("EFI Secure Boot mode", LOCKDOWN_INTEGRITY_MAX); +#endif + + x86_init.resources.dmi_setup(); /* * VMware detection requires dmi to be available, so this @@ -1064,19 +1072,7 @@ /* Allocate bigger log buffer */ setup_log_buf(1); - if (efi_enabled(EFI_BOOT)) { - switch (boot_params.secure_boot) { - case efi_secureboot_mode_disabled: - pr_info("Secure boot disabled\n"); - break; - case efi_secureboot_mode_enabled: - pr_info("Secure boot enabled\n"); - break; - default: - pr_info("Secure boot could not be determined\n"); - break; - } - } + efi_set_secure_boot(boot_params.secure_boot); reserve_initrd(); --- linux-6.8.0.orig/arch/x86/kernel/sev-shared.c +++ linux-6.8.0/arch/x86/kernel/sev-shared.c @@ -556,9 +556,9 @@ leaf->eax = leaf->ebx = leaf->ecx = leaf->edx = 0; /* Skip post-processing for out-of-range zero leafs. */ - if (!(leaf->fn <= cpuid_std_range_max || - (leaf->fn >= 0x40000000 && leaf->fn <= cpuid_hyp_range_max) || - (leaf->fn >= 0x80000000 && leaf->fn <= cpuid_ext_range_max))) + if (!(leaf->fn <= RIP_REL_REF(cpuid_std_range_max) || + (leaf->fn >= 0x40000000 && leaf->fn <= RIP_REL_REF(cpuid_hyp_range_max)) || + (leaf->fn >= 0x80000000 && leaf->fn <= RIP_REL_REF(cpuid_ext_range_max)))) return 0; } @@ -1063,11 +1063,11 @@ const struct snp_cpuid_fn *fn = &cpuid_table->fn[i]; if (fn->eax_in == 0x0) - cpuid_std_range_max = fn->eax; + RIP_REL_REF(cpuid_std_range_max) = fn->eax; else if (fn->eax_in == 0x40000000) - cpuid_hyp_range_max = fn->eax; + RIP_REL_REF(cpuid_hyp_range_max) = fn->eax; else if (fn->eax_in == 0x80000000) - cpuid_ext_range_max = fn->eax; + RIP_REL_REF(cpuid_ext_range_max) = fn->eax; } } --- linux-6.8.0.orig/arch/x86/kernel/sev.c +++ linux-6.8.0/arch/x86/kernel/sev.c @@ -23,6 +23,7 @@ #include #include #include +#include #include #include @@ -748,7 +749,7 @@ * This eliminates worries about jump tables or checking boot_cpu_data * in the cc_platform_has() function. */ - if (!(sev_status & MSR_AMD64_SEV_SNP_ENABLED)) + if (!(RIP_REL_REF(sev_status) & MSR_AMD64_SEV_SNP_ENABLED)) return; /* @@ -767,28 +768,13 @@ * This eliminates worries about jump tables or checking boot_cpu_data * in the cc_platform_has() function. */ - if (!(sev_status & MSR_AMD64_SEV_SNP_ENABLED)) + if (!(RIP_REL_REF(sev_status) & MSR_AMD64_SEV_SNP_ENABLED)) return; /* Ask hypervisor to mark the memory pages shared in the RMP table. */ early_set_pages_state(vaddr, paddr, npages, SNP_PAGE_STATE_SHARED); } -void __init snp_prep_memory(unsigned long paddr, unsigned int sz, enum psc_op op) -{ - unsigned long vaddr, npages; - - vaddr = (unsigned long)__va(paddr); - npages = PAGE_ALIGN(sz) >> PAGE_SHIFT; - - if (op == SNP_PAGE_STATE_PRIVATE) - early_snp_set_memory_private(vaddr, paddr, npages); - else if (op == SNP_PAGE_STATE_SHARED) - early_snp_set_memory_shared(vaddr, paddr, npages); - else - WARN(1, "invalid memory op %d\n", op); -} - static unsigned long __set_pages_state(struct snp_psc_desc *data, unsigned long vaddr, unsigned long vaddr_end, int op) { @@ -2112,6 +2098,17 @@ sev_es_terminate(SEV_TERM_SET_GEN, GHCB_SNP_UNSUPPORTED); } +/* + * SEV-SNP guests should only execute dmi_setup() if EFI_CONFIG_TABLES are + * enabled, as the alternative (fallback) logic for DMI probing in the legacy + * ROM region can cause a crash since this region is not pre-validated. + */ +void __init snp_dmi_setup(void) +{ + if (efi_enabled(EFI_CONFIG_TABLES)) + dmi_setup(); +} + static void dump_cpuid_table(void) { const struct snp_cpuid_table *cpuid_table = snp_cpuid_get_table(); --- linux-6.8.0.orig/arch/x86/kernel/x86_init.c +++ linux-6.8.0/arch/x86/kernel/x86_init.c @@ -3,6 +3,7 @@ * * For licencing details see kernel-base/COPYING */ +#include #include #include #include @@ -66,6 +67,7 @@ .probe_roms = probe_roms, .reserve_resources = reserve_standard_io_resources, .memory_setup = e820__memory_setup_default, + .dmi_setup = dmi_setup, }, .mpparse = { --- linux-6.8.0.orig/arch/x86/kvm/lapic.c +++ linux-6.8.0/arch/x86/kvm/lapic.c @@ -41,6 +41,7 @@ #include "ioapic.h" #include "trace.h" #include "x86.h" +#include "xen.h" #include "cpuid.h" #include "hyperv.h" #include "smm.h" @@ -499,8 +500,10 @@ } /* Check if there are APF page ready requests pending */ - if (enabled) + if (enabled) { kvm_make_request(KVM_REQ_APF_READY, apic->vcpu); + kvm_xen_sw_enable_lapic(apic->vcpu); + } } static inline void kvm_apic_set_xapic_id(struct kvm_lapic *apic, u8 id) --- linux-6.8.0.orig/arch/x86/kvm/reverse_cpuid.h +++ linux-6.8.0/arch/x86/kvm/reverse_cpuid.h @@ -52,7 +52,7 @@ #define X86_FEATURE_IPRED_CTRL KVM_X86_FEATURE(CPUID_7_2_EDX, 1) #define KVM_X86_FEATURE_RRSBA_CTRL KVM_X86_FEATURE(CPUID_7_2_EDX, 2) #define X86_FEATURE_DDPD_U KVM_X86_FEATURE(CPUID_7_2_EDX, 3) -#define X86_FEATURE_BHI_CTRL KVM_X86_FEATURE(CPUID_7_2_EDX, 4) +#define KVM_X86_FEATURE_BHI_CTRL KVM_X86_FEATURE(CPUID_7_2_EDX, 4) #define X86_FEATURE_MCDT_NO KVM_X86_FEATURE(CPUID_7_2_EDX, 5) /* CPUID level 0x80000007 (EDX). */ @@ -126,6 +126,7 @@ KVM_X86_TRANSLATE_FEATURE(CONSTANT_TSC); KVM_X86_TRANSLATE_FEATURE(PERFMON_V2); KVM_X86_TRANSLATE_FEATURE(RRSBA_CTRL); + KVM_X86_TRANSLATE_FEATURE(BHI_CTRL); default: return x86_feature; } --- linux-6.8.0.orig/arch/x86/kvm/vmx/vmenter.S +++ linux-6.8.0/arch/x86/kvm/vmx/vmenter.S @@ -275,6 +275,8 @@ call vmx_spec_ctrl_restore_host + CLEAR_BRANCH_HISTORY_VMEXIT + /* Put return value in AX */ mov %_ASM_BX, %_ASM_AX --- linux-6.8.0.orig/arch/x86/kvm/x86.c +++ linux-6.8.0/arch/x86/kvm/x86.c @@ -1623,7 +1623,8 @@ ARCH_CAP_SKIP_VMENTRY_L1DFLUSH | ARCH_CAP_SSB_NO | ARCH_CAP_MDS_NO | \ ARCH_CAP_PSCHANGE_MC_NO | ARCH_CAP_TSX_CTRL_MSR | ARCH_CAP_TAA_NO | \ ARCH_CAP_SBDR_SSDP_NO | ARCH_CAP_FBSDP_NO | ARCH_CAP_PSDP_NO | \ - ARCH_CAP_FB_CLEAR | ARCH_CAP_RRSBA | ARCH_CAP_PBRSB_NO | ARCH_CAP_GDS_NO) + ARCH_CAP_FB_CLEAR | ARCH_CAP_RRSBA | ARCH_CAP_PBRSB_NO | ARCH_CAP_GDS_NO | \ + ARCH_CAP_RFDS_NO | ARCH_CAP_RFDS_CLEAR | ARCH_CAP_BHI_NO) static u64 kvm_get_arch_capabilities(void) { @@ -1655,6 +1656,8 @@ data |= ARCH_CAP_SSB_NO; if (!boot_cpu_has_bug(X86_BUG_MDS)) data |= ARCH_CAP_MDS_NO; + if (!boot_cpu_has_bug(X86_BUG_RFDS)) + data |= ARCH_CAP_RFDS_NO; if (!boot_cpu_has(X86_FEATURE_RTM)) { /* --- linux-6.8.0.orig/arch/x86/kvm/xen.c +++ linux-6.8.0/arch/x86/kvm/xen.c @@ -493,7 +493,7 @@ kvm_xen_update_runstate_guest(v, state == RUNSTATE_runnable); } -static void kvm_xen_inject_vcpu_vector(struct kvm_vcpu *v) +void kvm_xen_inject_vcpu_vector(struct kvm_vcpu *v) { struct kvm_lapic_irq irq = { }; int r; --- linux-6.8.0.orig/arch/x86/kvm/xen.h +++ linux-6.8.0/arch/x86/kvm/xen.h @@ -18,6 +18,7 @@ int __kvm_xen_has_interrupt(struct kvm_vcpu *vcpu); void kvm_xen_inject_pending_events(struct kvm_vcpu *vcpu); +void kvm_xen_inject_vcpu_vector(struct kvm_vcpu *vcpu); int kvm_xen_vcpu_set_attr(struct kvm_vcpu *vcpu, struct kvm_xen_vcpu_attr *data); int kvm_xen_vcpu_get_attr(struct kvm_vcpu *vcpu, struct kvm_xen_vcpu_attr *data); int kvm_xen_hvm_set_attr(struct kvm *kvm, struct kvm_xen_hvm_attr *data); @@ -36,6 +37,19 @@ const struct kvm_irq_routing_entry *ue); void kvm_xen_update_tsc_info(struct kvm_vcpu *vcpu); +static inline void kvm_xen_sw_enable_lapic(struct kvm_vcpu *vcpu) +{ + /* + * The local APIC is being enabled. If the per-vCPU upcall vector is + * set and the vCPU's evtchn_upcall_pending flag is set, inject the + * interrupt. + */ + if (static_branch_unlikely(&kvm_xen_enabled.key) && + vcpu->arch.xen.vcpu_info_cache.active && + vcpu->arch.xen.upcall_vector && __kvm_xen_has_interrupt(vcpu)) + kvm_xen_inject_vcpu_vector(vcpu); +} + static inline bool kvm_xen_msr_enabled(struct kvm *kvm) { return static_branch_unlikely(&kvm_xen_enabled.key) && @@ -101,6 +115,10 @@ { } +static inline void kvm_xen_sw_enable_lapic(struct kvm_vcpu *vcpu) +{ +} + static inline bool kvm_xen_msr_enabled(struct kvm *kvm) { return false; --- linux-6.8.0.orig/arch/x86/lib/retpoline.S +++ linux-6.8.0/arch/x86/lib/retpoline.S @@ -163,6 +163,7 @@ lfence jmp srso_alias_return_thunk SYM_FUNC_END(srso_alias_untrain_ret) +__EXPORT_THUNK(srso_alias_untrain_ret) .popsection .pushsection .text..__x86.rethunk_safe @@ -224,10 +225,12 @@ SYM_CODE_END(srso_return_thunk) #define JMP_SRSO_UNTRAIN_RET "jmp srso_untrain_ret" -#define JMP_SRSO_ALIAS_UNTRAIN_RET "jmp srso_alias_untrain_ret" #else /* !CONFIG_CPU_SRSO */ #define JMP_SRSO_UNTRAIN_RET "ud2" -#define JMP_SRSO_ALIAS_UNTRAIN_RET "ud2" +/* Dummy for the alternative in CALL_UNTRAIN_RET. */ +SYM_CODE_START(srso_alias_untrain_ret) + RET +SYM_FUNC_END(srso_alias_untrain_ret) #endif /* CONFIG_CPU_SRSO */ #ifdef CONFIG_CPU_UNRET_ENTRY @@ -319,9 +322,7 @@ #if defined(CONFIG_CPU_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO) SYM_FUNC_START(entry_untrain_ret) - ALTERNATIVE_2 JMP_RETBLEED_UNTRAIN_RET, \ - JMP_SRSO_UNTRAIN_RET, X86_FEATURE_SRSO, \ - JMP_SRSO_ALIAS_UNTRAIN_RET, X86_FEATURE_SRSO_ALIAS + ALTERNATIVE JMP_RETBLEED_UNTRAIN_RET, JMP_SRSO_UNTRAIN_RET, X86_FEATURE_SRSO SYM_FUNC_END(entry_untrain_ret) __EXPORT_THUNK(entry_untrain_ret) --- linux-6.8.0.orig/arch/x86/mm/mem_encrypt_amd.c +++ linux-6.8.0/arch/x86/mm/mem_encrypt_amd.c @@ -492,6 +492,24 @@ */ if (sev_status & MSR_AMD64_SEV_ENABLED) ia32_disable(); + + /* + * Override init functions that scan the ROM region in SEV-SNP guests, + * as this memory is not pre-validated and would thus cause a crash. + */ + if (sev_status & MSR_AMD64_SEV_SNP_ENABLED) { + x86_init.mpparse.find_smp_config = x86_init_noop; + x86_init.pci.init_irq = x86_init_noop; + x86_init.resources.probe_roms = x86_init_noop; + + /* + * DMI setup behavior for SEV-SNP guests depends on + * efi_enabled(EFI_CONFIG_TABLES), which hasn't been + * parsed yet. snp_dmi_setup() will run after that + * parsing has happened. + */ + x86_init.resources.dmi_setup = snp_dmi_setup; + } } void __init mem_encrypt_free_decrypted_mem(void) --- linux-6.8.0.orig/arch/x86/mm/mem_encrypt_identity.c +++ linux-6.8.0/arch/x86/mm/mem_encrypt_identity.c @@ -97,7 +97,6 @@ static char sme_cmdline_arg[] __initdata = "mem_encrypt"; static char sme_cmdline_on[] __initdata = "on"; -static char sme_cmdline_off[] __initdata = "off"; static void __init sme_clear_pgd(struct sme_populate_pgd_data *ppd) { @@ -305,7 +304,8 @@ * instrumentation or checking boot_cpu_data in the cc_platform_has() * function. */ - if (!sme_get_me_mask() || sev_status & MSR_AMD64_SEV_ENABLED) + if (!sme_get_me_mask() || + RIP_REL_REF(sev_status) & MSR_AMD64_SEV_ENABLED) return; /* @@ -504,10 +504,9 @@ void __init sme_enable(struct boot_params *bp) { - const char *cmdline_ptr, *cmdline_arg, *cmdline_on, *cmdline_off; + const char *cmdline_ptr, *cmdline_arg, *cmdline_on; unsigned int eax, ebx, ecx, edx; unsigned long feature_mask; - bool active_by_default; unsigned long me_mask; char buffer[16]; bool snp; @@ -543,11 +542,11 @@ me_mask = 1UL << (ebx & 0x3f); /* Check the SEV MSR whether SEV or SME is enabled */ - sev_status = __rdmsr(MSR_AMD64_SEV); - feature_mask = (sev_status & MSR_AMD64_SEV_ENABLED) ? AMD_SEV_BIT : AMD_SME_BIT; + RIP_REL_REF(sev_status) = msr = __rdmsr(MSR_AMD64_SEV); + feature_mask = (msr & MSR_AMD64_SEV_ENABLED) ? AMD_SEV_BIT : AMD_SME_BIT; /* The SEV-SNP CC blob should never be present unless SEV-SNP is enabled. */ - if (snp && !(sev_status & MSR_AMD64_SEV_SNP_ENABLED)) + if (snp && !(msr & MSR_AMD64_SEV_SNP_ENABLED)) snp_abort(); /* Check if memory encryption is enabled */ @@ -573,7 +572,6 @@ return; } else { /* SEV state cannot be controlled by a command line option */ - sme_me_mask = me_mask; goto out; } @@ -588,31 +586,17 @@ asm ("lea sme_cmdline_on(%%rip), %0" : "=r" (cmdline_on) : "p" (sme_cmdline_on)); - asm ("lea sme_cmdline_off(%%rip), %0" - : "=r" (cmdline_off) - : "p" (sme_cmdline_off)); - - if (IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT)) - active_by_default = true; - else - active_by_default = false; cmdline_ptr = (const char *)((u64)bp->hdr.cmd_line_ptr | ((u64)bp->ext_cmd_line_ptr << 32)); - if (cmdline_find_option(cmdline_ptr, cmdline_arg, buffer, sizeof(buffer)) < 0) + if (cmdline_find_option(cmdline_ptr, cmdline_arg, buffer, sizeof(buffer)) < 0 || + strncmp(buffer, cmdline_on, sizeof(buffer))) return; - if (!strncmp(buffer, cmdline_on, sizeof(buffer))) - sme_me_mask = me_mask; - else if (!strncmp(buffer, cmdline_off, sizeof(buffer))) - sme_me_mask = 0; - else - sme_me_mask = active_by_default ? me_mask : 0; out: - if (sme_me_mask) { - physical_mask &= ~sme_me_mask; - cc_vendor = CC_VENDOR_AMD; - cc_set_mask(sme_me_mask); - } + RIP_REL_REF(sme_me_mask) = me_mask; + physical_mask &= ~me_mask; + cc_vendor = CC_VENDOR_AMD; + cc_set_mask(me_mask); } --- linux-6.8.0.orig/arch/x86/pci/common.c +++ linux-6.8.0/arch/x86/pci/common.c @@ -34,6 +34,7 @@ #endif int pcibios_last_bus = -1; unsigned long pirq_table_addr; +unsigned int pci_early_clear_msi; const struct pci_raw_ops *__read_mostly raw_pci_ops; const struct pci_raw_ops *__read_mostly raw_pci_ext_ops; @@ -614,6 +615,9 @@ } else if (!strcmp(str, "skip_isa_align")) { pci_probe |= PCI_CAN_SKIP_ISA_ALIGN; return NULL; + } else if (!strcmp(str, "clearmsi")) { + pci_early_clear_msi = 1; + return NULL; } else if (!strcmp(str, "noioapicquirk")) { noioapicquirk = 1; return NULL; --- linux-6.8.0.orig/arch/x86/pci/early.c +++ linux-6.8.0/arch/x86/pci/early.c @@ -51,6 +51,31 @@ outw(val, 0xcfc + (offset&2)); } +u32 pci_early_find_cap(int bus, int slot, int func, int cap) +{ + int bytes; + u8 pos; + + if (!(read_pci_config_16(bus, slot, func, PCI_STATUS) & + PCI_STATUS_CAP_LIST)) + return 0; + + pos = read_pci_config_byte(bus, slot, func, PCI_CAPABILITY_LIST); + for (bytes = 0; bytes < 48 && pos >= 0x40; bytes++) { + u8 id; + + pos &= ~3; + id = read_pci_config_byte(bus, slot, func, pos+PCI_CAP_LIST_ID); + if (id == 0xff) + break; + if (id == cap) + return pos; + pos = read_pci_config_byte(bus, slot, func, + pos+PCI_CAP_LIST_NEXT); + } + return 0; +} + int early_pci_allowed(void) { return (pci_probe & (PCI_PROBE_CONF1|PCI_PROBE_NOEARLY)) == --- linux-6.8.0.orig/arch/x86/tools/relocs.c +++ linux-6.8.0/arch/x86/tools/relocs.c @@ -653,6 +653,14 @@ if (!(sec_applies->shdr.sh_flags & SHF_ALLOC)) { continue; } + /* + * Do not perform relocations in .notes section; any + * values there are meant for pre-boot consumption (e.g. + * startup_xen). + */ + if (sec_applies->shdr.sh_type == SHT_NOTE) { + continue; + } sh_symtab = sec_symtab->symtab; sym_strtab = sec_symtab->link->strtab; for (j = 0; j < sec->shdr.sh_size/sizeof(Elf_Rel); j++) { --- linux-6.8.0.orig/block/bio.c +++ linux-6.8.0/block/bio.c @@ -1152,7 +1152,7 @@ bio_for_each_folio_all(fi, bio) { struct page *page; - size_t done = 0; + size_t nr_pages; if (mark_dirty) { folio_lock(fi.folio); @@ -1160,10 +1160,11 @@ folio_unlock(fi.folio); } page = folio_page(fi.folio, fi.offset / PAGE_SIZE); + nr_pages = (fi.offset + fi.length - 1) / PAGE_SIZE - + fi.offset / PAGE_SIZE + 1; do { bio_release_page(bio, page++); - done += PAGE_SIZE; - } while (done < fi.length); + } while (--nr_pages != 0); } } EXPORT_SYMBOL_GPL(__bio_release_pages); --- linux-6.8.0.orig/block/blk-mq.c +++ linux-6.8.0/block/blk-mq.c @@ -771,16 +771,11 @@ /* * Partial zone append completions cannot be supported as the * BIO fragments may end up not being written sequentially. - * For such case, force the completed nbytes to be equal to - * the BIO size so that bio_advance() sets the BIO remaining - * size to 0 and we end up calling bio_endio() before returning. */ - if (bio->bi_iter.bi_size != nbytes) { + if (bio->bi_iter.bi_size != nbytes) bio->bi_status = BLK_STS_IOERR; - nbytes = bio->bi_iter.bi_size; - } else { + else bio->bi_iter.bi_sector = rq->__sector; - } } bio_advance(bio, nbytes); --- linux-6.8.0.orig/block/blk-settings.c +++ linux-6.8.0/block/blk-settings.c @@ -689,6 +689,10 @@ t->zone_write_granularity = max(t->zone_write_granularity, b->zone_write_granularity); t->zoned = max(t->zoned, b->zoned); + if (!t->zoned) { + t->zone_write_granularity = 0; + t->max_zone_append_sectors = 0; + } return ret; } EXPORT_SYMBOL(blk_stack_limits); --- linux-6.8.0.orig/block/holder.c +++ linux-6.8.0/block/holder.c @@ -8,6 +8,8 @@ int refcnt; }; +static DEFINE_MUTEX(blk_holder_mutex); + static struct bd_holder_disk *bd_find_holder_disk(struct block_device *bdev, struct gendisk *disk) { @@ -80,7 +82,7 @@ kobject_get(bdev->bd_holder_dir); mutex_unlock(&bdev->bd_disk->open_mutex); - mutex_lock(&disk->open_mutex); + mutex_lock(&blk_holder_mutex); WARN_ON_ONCE(!bdev->bd_holder); holder = bd_find_holder_disk(bdev, disk); @@ -108,7 +110,7 @@ goto out_del_symlink; list_add(&holder->list, &disk->slave_bdevs); - mutex_unlock(&disk->open_mutex); + mutex_unlock(&blk_holder_mutex); return 0; out_del_symlink: @@ -116,7 +118,7 @@ out_free_holder: kfree(holder); out_unlock: - mutex_unlock(&disk->open_mutex); + mutex_unlock(&blk_holder_mutex); if (ret) kobject_put(bdev->bd_holder_dir); return ret; @@ -140,7 +142,7 @@ if (WARN_ON_ONCE(!disk->slave_dir)) return; - mutex_lock(&disk->open_mutex); + mutex_lock(&blk_holder_mutex); holder = bd_find_holder_disk(bdev, disk); if (!WARN_ON_ONCE(holder == NULL) && !--holder->refcnt) { del_symlink(disk->slave_dir, bdev_kobj(bdev)); @@ -149,6 +151,6 @@ list_del_init(&holder->list); kfree(holder); } - mutex_unlock(&disk->open_mutex); + mutex_unlock(&blk_holder_mutex); } EXPORT_SYMBOL_GPL(bd_unlink_disk_holder); --- linux-6.8.0.orig/block/mq-deadline.c +++ linux-6.8.0/block/mq-deadline.c @@ -646,9 +646,8 @@ struct request_queue *q = hctx->queue; struct deadline_data *dd = q->elevator->elevator_data; struct blk_mq_tags *tags = hctx->sched_tags; - unsigned int shift = tags->bitmap_tags.sb.shift; - dd->async_depth = max(1U, 3 * (1U << shift) / 4); + dd->async_depth = max(1UL, 3 * q->nr_requests / 4); sbitmap_queue_min_shallow_depth(&tags->bitmap_tags, dd->async_depth); } --- linux-6.8.0.orig/certs/blacklist.c +++ linux-6.8.0/certs/blacklist.c @@ -276,6 +276,9 @@ if (IS_ERR(key)) { pr_err("Problem with revocation key (%ld)\n", PTR_ERR(key)); return PTR_ERR(key); + } else { + pr_notice("Revoked X.509 cert '%s'\n", + key_ref_to_ptr(key)->description); } return 0; --- linux-6.8.0.orig/crypto/Kconfig +++ linux-6.8.0/crypto/Kconfig @@ -1269,10 +1269,11 @@ A non-physical non-deterministic ("true") RNG (e.g., an entropy source compliant with NIST SP800-90B) intended to provide a seed to a - deterministic RNG (e.g. per NIST SP800-90C). + deterministic RNG (e.g., per NIST SP800-90C). This RNG does not perform any cryptographic whitening of the generated + random numbers. - See https://www.chronox.de/jent.html + See https://www.chronox.de/jent/ if CRYPTO_JITTERENTROPY if CRYPTO_FIPS && EXPERT --- linux-6.8.0.orig/crypto/aegis128-neon-inner.c +++ linux-6.8.0/crypto/aegis128-neon-inner.c @@ -148,8 +148,8 @@ kiv, vld1q_u8(const1), vld1q_u8(const0), - k ^ vld1q_u8(const0), - k ^ vld1q_u8(const1), + (uint8x16_t) (k ^ vld1q_u8(const0)), + (uint8x16_t) (k ^ vld1q_u8(const1)), }}; int i; --- linux-6.8.0.orig/crypto/asymmetric_keys/mscode_parser.c +++ linux-6.8.0/crypto/asymmetric_keys/mscode_parser.c @@ -75,6 +75,9 @@ oid = look_up_OID(value, vlen); switch (oid) { + case OID_sha1: + ctx->digest_algo = "sha1"; + break; case OID_sha256: ctx->digest_algo = "sha256"; break; --- linux-6.8.0.orig/crypto/asymmetric_keys/pkcs7_parser.c +++ linux-6.8.0/crypto/asymmetric_keys/pkcs7_parser.c @@ -227,6 +227,9 @@ struct pkcs7_parse_context *ctx = context; switch (ctx->last_oid) { + case OID_sha1: + ctx->sinfo->sig->hash_algo = "sha1"; + break; case OID_sha256: ctx->sinfo->sig->hash_algo = "sha256"; break; @@ -278,6 +281,7 @@ ctx->sinfo->sig->pkey_algo = "rsa"; ctx->sinfo->sig->encoding = "pkcs1"; break; + case OID_id_ecdsa_with_sha1: case OID_id_ecdsa_with_sha224: case OID_id_ecdsa_with_sha256: case OID_id_ecdsa_with_sha384: --- linux-6.8.0.orig/crypto/asymmetric_keys/public_key.c +++ linux-6.8.0/crypto/asymmetric_keys/public_key.c @@ -115,7 +115,8 @@ */ if (!hash_algo) return -EINVAL; - if (strcmp(hash_algo, "sha224") != 0 && + if (strcmp(hash_algo, "sha1") != 0 && + strcmp(hash_algo, "sha224") != 0 && strcmp(hash_algo, "sha256") != 0 && strcmp(hash_algo, "sha384") != 0 && strcmp(hash_algo, "sha512") != 0 && --- linux-6.8.0.orig/crypto/asymmetric_keys/signature.c +++ linux-6.8.0/crypto/asymmetric_keys/signature.c @@ -115,7 +115,7 @@ * Sign the specified data blob using the private key specified by params->key. * The signature is wrapped in an encoding if params->encoding is specified * (eg. "pkcs1"). If the encoding needs to know the digest type, this can be - * passed through params->hash_algo (eg. "sha512"). + * passed through params->hash_algo (eg. "sha1"). * * Returns the length of the data placed in the signature buffer or an error. */ --- linux-6.8.0.orig/crypto/asymmetric_keys/x509_cert_parser.c +++ linux-6.8.0/crypto/asymmetric_keys/x509_cert_parser.c @@ -198,6 +198,10 @@ default: return -ENOPKG; /* Unsupported combination */ + case OID_sha1WithRSAEncryption: + ctx->cert->sig->hash_algo = "sha1"; + goto rsa_pkcs1; + case OID_sha256WithRSAEncryption: ctx->cert->sig->hash_algo = "sha256"; goto rsa_pkcs1; @@ -214,6 +218,10 @@ ctx->cert->sig->hash_algo = "sha224"; goto rsa_pkcs1; + case OID_id_ecdsa_with_sha1: + ctx->cert->sig->hash_algo = "sha1"; + goto ecdsa; + case OID_id_rsassa_pkcs1_v1_5_with_sha3_256: ctx->cert->sig->hash_algo = "sha3-256"; goto rsa_pkcs1; --- linux-6.8.0.orig/crypto/asymmetric_keys/x509_loader.c +++ linux-6.8.0/crypto/asymmetric_keys/x509_loader.c @@ -41,6 +41,7 @@ if (IS_ERR(key)) { pr_err("Problem loading in-kernel X.509 certificate (%ld)\n", PTR_ERR(key)); + WARN_ON_ONCE(1); } else { pr_notice("Loaded X.509 cert '%s'\n", key_ref_to_ptr(key)->description); --- linux-6.8.0.orig/crypto/fips.c +++ linux-6.8.0/crypto/fips.c @@ -14,7 +14,8 @@ #include #include -int fips_enabled; +/* LP: #2049082 UBUNTU: SAUCE: FIPS kernels default to FIPS mode */ +int fips_enabled = 1; EXPORT_SYMBOL_GPL(fips_enabled); ATOMIC_NOTIFIER_HEAD(fips_fail_notif_chain); --- linux-6.8.0.orig/crypto/testmgr.h +++ linux-6.8.0/crypto/testmgr.h @@ -653,6 +653,30 @@ static const struct akcipher_testvec ecdsa_nist_p192_tv_template[] = { { .key = + "\x04\xf7\x46\xf8\x2f\x15\xf6\x22\x8e\xd7\x57\x4f\xcc\xe7\xbb\xc1" + "\xd4\x09\x73\xcf\xea\xd0\x15\x07\x3d\xa5\x8a\x8a\x95\x43\xe4\x68" + "\xea\xc6\x25\xc1\xc1\x01\x25\x4c\x7e\xc3\x3c\xa6\x04\x0a\xe7\x08" + "\x98", + .key_len = 49, + .params = + "\x30\x13\x06\x07\x2a\x86\x48\xce\x3d\x02\x01\x06\x08\x2a\x86\x48" + "\xce\x3d\x03\x01\x01", + .param_len = 21, + .m = + "\xcd\xb9\xd2\x1c\xb7\x6f\xcd\x44\xb3\xfd\x63\xea\xa3\x66\x7f\xae" + "\x63\x85\xe7\x82", + .m_size = 20, + .algo = OID_id_ecdsa_with_sha1, + .c = + "\x30\x35\x02\x19\x00\xba\xe5\x93\x83\x6e\xb6\x3b\x63\xa0\x27\x91" + "\xc6\xf6\x7f\xc3\x09\xad\x59\xad\x88\x27\xd6\x92\x6b\x02\x18\x10" + "\x68\x01\x9d\xba\xce\x83\x08\xef\x95\x52\x7b\xa0\x0f\xe4\x18\x86" + "\x80\x6f\xa5\x79\x77\xda\xd0", + .c_size = 55, + .public_key_vec = true, + .siggen_sigver_test = true, + }, { + .key = "\x04\xb6\x4b\xb1\xd1\xac\xba\x24\x8f\x65\xb2\x60\x00\x90\xbf\xbd" "\x78\x05\x73\xe9\x79\x1d\x6f\x7c\x0b\xd2\xc3\x93\xa7\x28\xe1\x75" "\xf7\xd5\x95\x1d\x28\x10\xc0\x75\x50\x5c\x1a\x4f\x3f\x8f\xa5\xee" @@ -756,6 +780,32 @@ static const struct akcipher_testvec ecdsa_nist_p256_tv_template[] = { { .key = + "\x04\xb9\x7b\xbb\xd7\x17\x64\xd2\x7e\xfc\x81\x5d\x87\x06\x83\x41" + "\x22\xd6\x9a\xaa\x87\x17\xec\x4f\x63\x55\x2f\x94\xba\xdd\x83\xe9" + "\x34\x4b\xf3\xe9\x91\x13\x50\xb6\xcb\xca\x62\x08\xe7\x3b\x09\xdc" + "\xc3\x63\x4b\x2d\xb9\x73\x53\xe4\x45\xe6\x7c\xad\xe7\x6b\xb0\xe8" + "\xaf", + .key_len = 65, + .params = + "\x30\x13\x06\x07\x2a\x86\x48\xce\x3d\x02\x01\x06\x08\x2a\x86\x48" + "\xce\x3d\x03\x01\x07", + .param_len = 21, + .m = + "\xc2\x2b\x5f\x91\x78\x34\x26\x09\x42\x8d\x6f\x51\xb2\xc5\xaf\x4c" + "\x0b\xde\x6a\x42", + .m_size = 20, + .algo = OID_id_ecdsa_with_sha1, + .c = + "\x30\x46\x02\x21\x00\xf9\x25\xce\x9f\x3a\xa6\x35\x81\xcf\xd4\xe7" + "\xb7\xf0\x82\x56\x41\xf7\xd4\xad\x8d\x94\x5a\x69\x89\xee\xca\x6a" + "\x52\x0e\x48\x4d\xcc\x02\x21\x00\xd7\xe4\xef\x52\x66\xd3\x5b\x9d" + "\x8a\xfa\x54\x93\x29\xa7\x70\x86\xf1\x03\x03\xf3\x3b\xe2\x73\xf7" + "\xfb\x9d\x8b\xde\xd4\x8d\x6f\xad", + .c_size = 72, + .public_key_vec = true, + .siggen_sigver_test = true, + }, { + .key = "\x04\x8b\x6d\xc0\x33\x8e\x2d\x8b\x67\xf5\xeb\xc4\x7f\xa0\xf5\xd9" "\x7b\x03\xa5\x78\x9a\xb5\xea\x14\xe4\x23\xd0\xaf\xd7\x0e\x2e\xa0" "\xc9\x8b\xdb\x95\xf8\xb3\xaf\xac\x00\x2c\x2c\x1f\x7a\xfd\x95\x88" @@ -866,6 +916,36 @@ static const struct akcipher_testvec ecdsa_nist_p384_tv_template[] = { { + .key = /* secp384r1(sha1) */ + "\x04\x89\x25\xf3\x97\x88\xcb\xb0\x78\xc5\x72\x9a\x14\x6e\x7a\xb1" + "\x5a\xa5\x24\xf1\x95\x06\x9e\x28\xfb\xc4\xb9\xbe\x5a\x0d\xd9\x9f" + "\xf3\xd1\x4d\x2d\x07\x99\xbd\xda\xa7\x66\xec\xbb\xea\xba\x79\x42" + "\xc9\x34\x89\x6a\xe7\x0b\xc3\xf2\xfe\x32\x30\xbe\xba\xf9\xdf\x7e" + "\x4b\x6a\x07\x8e\x26\x66\x3f\x1d\xec\xa2\x57\x91\x51\xdd\x17\x0e" + "\x0b\x25\xd6\x80\x5c\x3b\xe6\x1a\x98\x48\x91\x45\x7a\x73\xb0\xc3" + "\xf1", + .key_len = 97, + .params = + "\x30\x10\x06\x07\x2a\x86\x48\xce\x3d\x02\x01\x06\x05\x2b\x81\x04" + "\x00\x22", + .param_len = 18, + .m = + "\x12\x55\x28\xf0\x77\xd5\xb6\x21\x71\x32\x48\xcd\x28\xa8\x25\x22" + "\x3a\x69\xc1\x93", + .m_size = 20, + .algo = OID_id_ecdsa_with_sha1, + .c = + "\x30\x66\x02\x31\x00\xf5\x0f\x24\x4c\x07\x93\x6f\x21\x57\x55\x07" + "\x20\x43\x30\xde\xa0\x8d\x26\x8e\xae\x63\x3f\xbc\x20\x3a\xc6\xf1" + "\x32\x3c\xce\x70\x2b\x78\xf1\x4c\x26\xe6\x5b\x86\xcf\xec\x7c\x7e" + "\xd0\x87\xd7\xd7\x6e\x02\x31\x00\xcd\xbb\x7e\x81\x5d\x8f\x63\xc0" + "\x5f\x63\xb1\xbe\x5e\x4c\x0e\xa1\xdf\x28\x8c\x1b\xfa\xf9\x95\x88" + "\x74\xa0\x0f\xbf\xaf\xc3\x36\x76\x4a\xa1\x59\xf1\x1c\xa4\x58\x26" + "\x79\x12\x2a\xb7\xc5\x15\x92\xc5", + .c_size = 104, + .public_key_vec = true, + .siggen_sigver_test = true, + }, { .key = /* secp384r1(sha224) */ "\x04\x69\x6c\xcf\x62\xee\xd0\x0d\xe5\xb5\x2f\x70\x54\xcf\x26\xa0" "\xd9\x98\x8d\x92\x2a\xab\x9b\x11\xcb\x48\x18\xa1\xa9\x0d\xd5\x18" --- linux-6.8.0.orig/debian.master/changelog +++ linux-6.8.0/debian.master/changelog @@ -0,0 +1,22987 @@ +linux (6.8.0-32.32) noble; urgency=medium + + * noble/linux: 6.8.0-32.32 -proposed tracker (LP: #2064344) + + * Packaging resync (LP: #1786013) + - [Packaging] drop getabis data + - [Packaging] update variants + - [Packaging] update annotations scripts + - [Packaging] debian.master/dkms-versions -- update from kernel-versions + (main/2024.04.29) + + * Enable Nezha board (LP: #1975592) + - [Config] Enable CONFIG_REGULATOR_FIXED_VOLTAGE on riscv64 + + * Enable Nezha board (LP: #1975592) // Enable StarFive VisionFive 2 board + (LP: #2013232) + - [Config] Enable CONFIG_SERIAL_8250_DW on riscv64 + + * RISC-V kernel config is out of sync with other archs (LP: #1981437) + - [Config] Sync riscv64 config with other architectures + + * obsolete out-of-tree ivsc dkms in favor of in-tree one (LP: #2061747) + - ACPI: scan: Defer enumeration of devices with a _DEP pointing to IVSC device + - Revert "mei: vsc: Call wake_up() in the threaded IRQ handler" + - mei: vsc: Unregister interrupt handler for system suspend + - media: ipu-bridge: Add ov01a10 in Dell XPS 9315 + - SAUCE: media: ipu-bridge: Support more sensors + + * Fix after-suspend-mediacard/sdhc-insert test failed (LP: #2042500) + - PCI/ASPM: Move pci_configure_ltr() to aspm.c + - PCI/ASPM: Always build aspm.c + - PCI/ASPM: Move pci_save_ltr_state() to aspm.c + - PCI/ASPM: Save L1 PM Substates Capability for suspend/resume + - PCI/ASPM: Call pci_save_ltr_state() from pci_save_pcie_state() + - PCI/ASPM: Disable L1 before configuring L1 Substates + - PCI/ASPM: Update save_state when configuration changes + + * RTL8852BE fw security fail then lost WIFI function during suspend/resume + cycle (LP: #2063096) + - wifi: rtw89: download firmware with five times retry + + * intel_rapl_common: Add support for ARL and LNL (LP: #2061953) + - powercap: intel_rapl: Add support for Lunar Lake-M paltform + - powercap: intel_rapl: Add support for Arrow Lake + + * Kernel panic during checkbox stress_ng_test on Grace running noble 6.8 + (arm64+largemem) kernel (LP: #2058557) + - aio: Fix null ptr deref in aio_complete() wakeup + + * Avoid creating non-working backlight sysfs knob from ASUS board + (LP: #2060422) + - platform/x86: asus-wmi: Consider device is absent when the read is ~0 + + * Include cifs.ko in linux-modules package (LP: #2042546) + - [Packaging] Replace fs/cifs with fs/smb/client in inclusion list + + * Add Real-time Linux Analysis tool (rtla) to linux-tools (LP: #2059080) + - SAUCE: rtla: fix deb build + - [Packaging] add Real-time Linux Analysis tool (rtla) to linux-tools + - [Packaging] update dependencies for rtla + + * Noble update: v6.8.4 upstream stable release (LP: #2060533) + - Revert "workqueue: Shorten events_freezable_power_efficient name" + - Revert "workqueue: Don't call cpumask_test_cpu() with -1 CPU in + wq_update_node_max_active()" + - Revert "workqueue: Implement system-wide nr_active enforcement for unbound + workqueues" + - Revert "workqueue: Introduce struct wq_node_nr_active" + - Revert "workqueue: RCU protect wq->dfl_pwq and implement accessors for it" + - Revert "workqueue: Make wq_adjust_max_active() round-robin pwqs while + activating" + - Revert "workqueue: Move nr_active handling into helpers" + - Revert "workqueue: Replace pwq_activate_inactive_work() with + [__]pwq_activate_work()" + - Revert "workqueue: Factor out pwq_is_empty()" + - Revert "workqueue: Move pwq->max_active to wq->max_active" + - Revert "workqueue.c: Increase workqueue name length" + - Linux 6.8.4 + + * Noble update: v6.8.3 upstream stable release (LP: #2060531) + - drm/vmwgfx: Unmap the surface before resetting it on a plane state + - wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach + - wifi: brcmfmac: avoid invalid list operation when vendor attach fails + - media: staging: ipu3-imgu: Set fields before media_entity_pads_init() + - arm64: dts: qcom: sc7280: Add additional MSI interrupts + - remoteproc: virtio: Fix wdg cannot recovery remote processor + - clk: qcom: gcc-sdm845: Add soft dependency on rpmhpd + - smack: Set SMACK64TRANSMUTE only for dirs in smack_inode_setxattr() + - smack: Handle SMACK64TRANSMUTE in smack_inode_setsecurity() + - arm: dts: marvell: Fix maxium->maxim typo in brownstone dts + - drm/vmwgfx: Fix possible null pointer derefence with invalid contexts + - arm64: dts: qcom: sm8450-hdk: correct AMIC4 and AMIC5 microphones + - serial: max310x: fix NULL pointer dereference in I2C instantiation + - drm/vmwgfx: Fix the lifetime of the bo cursor memory + - pci_iounmap(): Fix MMIO mapping leak + - media: xc4000: Fix atomicity violation in xc4000_get_frequency + - media: mc: Add local pad to pipeline regardless of the link state + - media: mc: Fix flags handling when creating pad links + - media: nxp: imx8-isi: Check whether crossbar pad is non-NULL before access + - media: mc: Add num_links flag to media_pad + - media: mc: Rename pad variable to clarify intent + - media: mc: Expand MUST_CONNECT flag to always require an enabled link + - media: nxp: imx8-isi: Mark all crossbar sink pads as MUST_CONNECT + - md: use RCU lock to protect traversal in md_spares_need_change() + - KVM: Always flush async #PF workqueue when vCPU is being destroyed + - arm64: dts: qcom: sm8550-qrd: correct WCD9385 TX port mapping + - arm64: dts: qcom: sm8550-mtp: correct WCD9385 TX port mapping + - cpufreq: amd-pstate: Fix min_perf assignment in amd_pstate_adjust_perf() + - thermal/intel: Fix intel_tcc_get_temp() to support negative CPU temperature + - powercap: intel_rapl: Fix a NULL pointer dereference + - powercap: intel_rapl: Fix locking in TPMI RAPL + - powercap: intel_rapl_tpmi: Fix a register bug + - powercap: intel_rapl_tpmi: Fix System Domain probing + - powerpc/smp: Adjust nr_cpu_ids to cover all threads of a core + - powerpc/smp: Increase nr_cpu_ids to include the boot CPU + - sparc64: NMI watchdog: fix return value of __setup handler + - sparc: vDSO: fix return value of __setup handler + - selftests/mqueue: Set timeout to 180 seconds + - pinctrl: qcom: sm8650-lpass-lpi: correct Kconfig name + - ext4: correct best extent lstart adjustment logic + - drm/amdgpu/display: Address kdoc for 'is_psr_su' in 'fill_dc_dirty_rects' + - block: Clear zone limits for a non-zoned stacked queue + - kasan/test: avoid gcc warning for intentional overflow + - bounds: support non-power-of-two CONFIG_NR_CPUS + - fat: fix uninitialized field in nostale filehandles + - fuse: fix VM_MAYSHARE and direct_io_allow_mmap + - mfd: twl: Select MFD_CORE + - ubifs: Set page uptodate in the correct place + - ubi: Check for too small LEB size in VTBL code + - ubi: correct the calculation of fastmap size + - ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path + - mtd: rawnand: meson: fix scrambling mode value in command macro + - md/md-bitmap: fix incorrect usage for sb_index + - x86/nmi: Fix the inverse "in NMI handler" check + - parisc/unaligned: Rewrite 64-bit inline assembly of emulate_ldd() + - parisc: Avoid clobbering the C/B bits in the PSW with tophys and tovirt + macros + - parisc: Fix ip_fast_csum + - parisc: Fix csum_ipv6_magic on 32-bit systems + - parisc: Fix csum_ipv6_magic on 64-bit systems + - parisc: Strip upper 32 bit of sum in csum_ipv6_magic for 64-bit builds + - md/raid5: fix atomicity violation in raid5_cache_count + - iio: adc: rockchip_saradc: fix bitmask for channels on SARADCv2 + - iio: adc: rockchip_saradc: use mask for write_enable bitfield + - docs: Restore "smart quotes" for quotes + - cpufreq: Limit resolving a frequency to policy min/max + - PM: suspend: Set mem_sleep_current during kernel command line setup + - vfio/pds: Always clear the save/restore FDs on reset + - clk: qcom: gcc-ipq5018: fix terminating of frequency table arrays + - clk: qcom: gcc-ipq6018: fix terminating of frequency table arrays + - clk: qcom: gcc-ipq8074: fix terminating of frequency table arrays + - clk: qcom: gcc-ipq9574: fix terminating of frequency table arrays + - clk: qcom: camcc-sc8280xp: fix terminating of frequency table arrays + - clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays + - clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays + - usb: xhci: Add error handling in xhci_map_urb_for_dma + - powerpc/fsl: Fix mfpmr build errors with newer binutils + - USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB + - USB: serial: add device ID for VeriFone adapter + - USB: serial: cp210x: add ID for MGP Instruments PDS100 + - wifi: mac80211: track capability/opmode NSS separately + - USB: serial: option: add MeiG Smart SLM320 product + - KVM: x86/xen: inject vCPU upcall vector when local APIC is enabled + - USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M + - PM: sleep: wakeirq: fix wake irq warning in system suspend + - mmc: tmio: avoid concurrent runs of mmc_request_done() + - fuse: replace remaining make_bad_inode() with fuse_make_bad() + - fuse: fix root lookup with nonzero generation + - fuse: don't unhash root + - usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros + - usb: dwc3-am62: fix module unload/reload behavior + - usb: dwc3-am62: Disable wakeup at remove + - serial: core: only stop transmit when HW fifo is empty + - serial: Lock console when calling into driver before registration + - btrfs: qgroup: always free reserved space for extent records + - btrfs: fix off-by-one chunk length calculation at contains_pending_extent() + - wifi: rtw88: Add missing VID/PIDs for 8811CU and 8821CU + - docs: Makefile: Add dependency to $(YNL_INDEX) for targets other than + htmldocs + - PCI/PM: Drain runtime-idle callbacks before driver removal + - PCI/DPC: Quirk PIO log size for Intel Raptor Lake Root Ports + - Revert "Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d"" + - md: don't clear MD_RECOVERY_FROZEN for new dm-raid until resume + - md: export helpers to stop sync_thread + - md: export helper md_is_rdwr() + - md: add a new helper reshape_interrupted() + - dm-raid: really frozen sync_thread during suspend + - md/dm-raid: don't call md_reap_sync_thread() directly + - dm-raid: add a new helper prepare_suspend() in md_personality + - dm-raid456, md/raid456: fix a deadlock for dm-raid456 while io concurrent + with reshape + - dm-raid: fix lockdep waring in "pers->hot_add_disk" + - powerpc: xor_vmx: Add '-mhard-float' to CFLAGS + - mac802154: fix llsec key resources release in mac802154_llsec_key_del + - mm: swap: fix race between free_swap_and_cache() and swapoff() + - mmc: core: Fix switch on gp3 partition + - Bluetooth: btnxpuart: Fix btnxpuart_close + - leds: trigger: netdev: Fix kernel panic on interface rename trig notify + - drm/etnaviv: Restore some id values + - landlock: Warn once if a Landlock action is requested while disabled + - io_uring: fix mshot read defer taskrun cqe posting + - hwmon: (amc6821) add of_match table + - io_uring: fix io_queue_proc modifying req->flags + - ext4: fix corruption during on-line resize + - nvmem: meson-efuse: fix function pointer type mismatch + - slimbus: core: Remove usage of the deprecated ida_simple_xx() API + - phy: tegra: xusb: Add API to retrieve the port number of phy + - usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic + - speakup: Fix 8bit characters from direct synth + - debugfs: fix wait/cancellation handling during remove + - PCI/AER: Block runtime suspend when handling errors + - io_uring/net: correctly handle multishot recvmsg retry setup + - io_uring: fix mshot io-wq checks + - PCI: qcom: Disable ASPM L0s for sc8280xp, sa8540p and sa8295p + - sparc32: Fix parport build with sparc32 + - nfs: fix UAF in direct writes + - NFS: Read unlock folio on nfs_page_create_from_folio() error + - kbuild: Move -Wenum-{compare-conditional,enum-conversion} into W=1 + - PCI: qcom: Enable BDF to SID translation properly + - PCI: dwc: endpoint: Fix advertised resizable BAR size + - PCI: hv: Fix ring buffer size calculation + - cifs: prevent updating file size from server if we have a read/write lease + - cifs: allow changing password during remount + - thermal/drivers/mediatek: Fix control buffer enablement on MT7896 + - vfio/pci: Disable auto-enable of exclusive INTx IRQ + - vfio/pci: Lock external INTx masking ops + - vfio/platform: Disable virqfds on cleanup + - vfio/platform: Create persistent IRQ handlers + - vfio/fsl-mc: Block calling interrupt handler without trigger + - tpm,tpm_tis: Avoid warning splat at shutdown + - ksmbd: replace generic_fillattr with vfs_getattr + - ksmbd: retrieve number of blocks using vfs_getattr in + set_file_allocation_info + - platform/x86/intel/tpmi: Change vsec offset to u64 + - io_uring/rw: return IOU_ISSUE_SKIP_COMPLETE for multishot retry + - io_uring: clean rings on NO_MMAP alloc fail + - ring-buffer: Do not set shortest_full when full target is hit + - ring-buffer: Fix full_waiters_pending in poll + - ring-buffer: Use wait_event_interruptible() in ring_buffer_wait() + - tracing/ring-buffer: Fix wait_on_pipe() race + - dlm: fix user space lkb refcounting + - soc: fsl: qbman: Always disable interrupts when taking cgr_lock + - soc: fsl: qbman: Use raw spinlock for cgr_lock + - s390/zcrypt: fix reference counting on zcrypt card objects + - drm/probe-helper: warn about negative .get_modes() + - drm/panel: do not return negative error codes from drm_panel_get_modes() + - drm/exynos: do not return negative values from .get_modes() + - drm/imx/ipuv3: do not return negative values from .get_modes() + - drm/vc4: hdmi: do not return negative values from .get_modes() + - clocksource/drivers/timer-riscv: Clear timer interrupt on timer + initialization + - memtest: use {READ,WRITE}_ONCE in memory scanning + - Revert "block/mq-deadline: use correct way to throttling write requests" + - lsm: use 32-bit compatible data types in LSM syscalls + - lsm: handle the NULL buffer case in lsm_fill_user_ctx() + - f2fs: mark inode dirty for FI_ATOMIC_COMMITTED flag + - f2fs: truncate page cache before clearing flags when aborting atomic write + - nilfs2: fix failure to detect DAT corruption in btree and direct mappings + - nilfs2: prevent kernel bug at submit_bh_wbc() + - cifs: make sure server interfaces are requested only for SMB3+ + - cifs: reduce warning log level for server not advertising interfaces + - cifs: open_cached_dir(): add FILE_READ_EA to desired access + - mtd: rawnand: Fix and simplify again the continuous read derivations + - mtd: rawnand: Add a helper for calculating a page index + - mtd: rawnand: Ensure all continuous terms are always in sync + - mtd: rawnand: Constrain even more when continuous reads are enabled + - cpufreq: dt: always allocate zeroed cpumask + - io_uring/futex: always remove futex entry for cancel all + - io_uring/waitid: always remove waitid entry for cancel all + - x86/CPU/AMD: Update the Zenbleed microcode revisions + - ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() + - net: esp: fix bad handling of pages from page_pool + - NFSD: Fix nfsd_clid_class use of __string_len() macro + - drm/i915: Add missing ; to __assign_str() macros in tracepoint code + - net: hns3: tracing: fix hclgevf trace event strings + - cxl/trace: Properly initialize cxl_poison region name + - ksmbd: fix potencial out-of-bounds when buffer offset is invalid + - virtio: reenable config if freezing device failed + - LoongArch: Change __my_cpu_offset definition to avoid mis-optimization + - LoongArch: Define the __io_aw() hook as mmiowb() + - LoongArch/crypto: Clean up useless assignment operations + - wireguard: netlink: check for dangling peer via is_dead instead of empty + list + - wireguard: netlink: access device through ctx instead of peer + - wireguard: selftests: set RISCV_ISA_FALLBACK on riscv{32,64} + - ahci: asm1064: asm1166: don't limit reported ports + - drm/amd/display: Change default size for dummy plane in DML2 + - drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag + - drm/amdgpu/pm: Fix NULL pointer dereference when get power limit + - drm/amdgpu/pm: Check the validity of overdiver power limit + - drm/amd/display: Override min required DCFCLK in dml1_validate + - drm/amd/display: Allow dirty rects to be sent to dmub when abm is active + - drm/amd/display: Init DPPCLK from SMU on dcn32 + - drm/amd/display: Update odm when ODM combine is changed on an otg master + pipe with no plane + - drm/amd/display: Fix idle check for shared firmware state + - drm/amd/display: Amend coasting vtotal for replay low hz + - drm/amd/display: Lock all enabled otg pipes even with no planes + - drm/amd/display: Implement wait_for_odm_update_pending_complete + - drm/amd/display: Return the correct HDCP error code + - drm/amd/display: Add a dc_state NULL check in dc_state_release + - drm/amd/display: Fix noise issue on HDMI AV mute + - dm snapshot: fix lockup in dm_exception_table_exit + - x86/pm: Work around false positive kmemleak report in msr_build_context() + - wifi: brcmfmac: add per-vendor feature detection callback + - wifi: brcmfmac: cfg80211: Use WSEC to set SAE password + - wifi: brcmfmac: Demote vendor-specific attach/detach messages to info + - drm/ttm: Make sure the mapped tt pages are decrypted when needed + - drm/amd/display: Unify optimize_required flags and VRR adjustments + - drm/amd/display: Add more checks for exiting idle in DC + - btrfs: add set_folio_extent_mapped() helper + - btrfs: replace sb::s_blocksize by fs_info::sectorsize + - btrfs: add helpers to get inode from page/folio pointers + - btrfs: add helpers to get fs_info from page/folio pointers + - btrfs: add helper to get fs_info from struct inode pointer + - btrfs: qgroup: validate btrfs_qgroup_inherit parameter + - vfio: Introduce interface to flush virqfd inject workqueue + - vfio/pci: Create persistent INTx handler + - drm/bridge: add ->edid_read hook and drm_bridge_edid_read() + - drm/bridge: lt8912b: use drm_bridge_edid_read() + - drm/bridge: lt8912b: clear the EDID property on failures + - drm/bridge: lt8912b: do not return negative values from .get_modes() + - drm/amd/display: Remove pixle rate limit for subvp + - drm/amd/display: Revert Remove pixle rate limit for subvp + - workqueue: Shorten events_freezable_power_efficient name + - drm/amd/display: Use freesync when `DRM_EDID_FEATURE_CONTINUOUS_FREQ` found + - netfilter: nf_tables: reject constant set with timeout + - Revert "crypto: pkcs7 - remove sha1 support" + - x86/efistub: Call mixed mode boot services on the firmware's stack + - ASoC: amd: yc: Revert "Fix non-functional mic on Lenovo 21J2" + - ASoC: amd: yc: Revert "add new YC platform variant (0x63) support" + - Fix memory leak in posix_clock_open() + - wifi: rtw88: 8821cu: Fix connection failure + - x86/Kconfig: Remove CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT + - x86/sev: Fix position dependent variable references in startup code + - clocksource/drivers/arm_global_timer: Fix maximum prescaler value + - ARM: 9352/1: iwmmxt: Remove support for PJ4/PJ4B cores + - ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses + - entry: Respect changes to system call number by trace_sys_enter() + - swiotlb: Fix double-allocation of slots due to broken alignment handling + - swiotlb: Honour dma_alloc_coherent() alignment in swiotlb_alloc() + - swiotlb: Fix alignment checks when both allocation and DMA masks are present + - iommu/dma: Force swiotlb_max_mapping_size on an untrusted device + - printk: Update @console_may_schedule in console_trylock_spinning() + - irqchip/renesas-rzg2l: Flush posted write in irq_eoi() + - irqchip/renesas-rzg2l: Rename rzg2l_tint_eoi() + - irqchip/renesas-rzg2l: Rename rzg2l_irq_eoi() + - irqchip/renesas-rzg2l: Prevent spurious interrupts when setting trigger type + - kprobes/x86: Use copy_from_kernel_nofault() to read from unsafe address + - efi/libstub: fix efi_random_alloc() to allocate memory at alloc_min or + higher address + - x86/mpparse: Register APIC address only once + - x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD + - efi: fix panic in kdump kernel + - pwm: img: fix pwm clock lookup + - selftests/mm: Fix build with _FORTIFY_SOURCE + - btrfs: handle errors returned from unpin_extent_cache() + - btrfs: fix warning messages not printing interval at unpin_extent_range() + - btrfs: do not skip re-registration for the mounted device + - mfd: intel-lpss: Switch to generalized quirk table + - mfd: intel-lpss: Introduce QUIRK_CLOCK_DIVIDER_UNITY for XPS 9530 + - drm/i915: Replace a memset() with zero initialization + - drm/i915: Try to preserve the current shared_dpll for fastset on type-c + ports + - drm/i915: Include the PLL name in the debug messages + - drm/i915: Suppress old PLL pipe_mask checks for MG/TC/TBT PLLs + - crypto: iaa - Fix nr_cpus < nr_iaa case + - drm/amd/display: Prevent crash when disable stream + - ALSA: hda/tas2781: remove digital gain kcontrol + - ALSA: hda/tas2781: add locks to kcontrols + - mm: zswap: fix writeback shinker GFP_NOIO/GFP_NOFS recursion + - init: open /initrd.image with O_LARGEFILE + - x86/efistub: Add missing boot_params for mixed mode compat entry + - efi/libstub: Cast away type warning in use of max() + - x86/efistub: Reinstate soft limit for initrd loading + - prctl: generalize PR_SET_MDWE support check to be per-arch + - ARM: prctl: reject PR_SET_MDWE on pre-ARMv6 + - tmpfs: fix race on handling dquot rbtree + - btrfs: validate device maj:min during open + - btrfs: fix race in read_extent_buffer_pages() + - btrfs: zoned: don't skip block groups with 100% zone unusable + - btrfs: zoned: use zone aware sb location for scrub + - btrfs: zoned: fix use-after-free in do_zone_finish() + - wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes + - wifi: cfg80211: add a flag to disable wireless extensions + - wifi: iwlwifi: mvm: disable MLO for the time being + - wifi: iwlwifi: fw: don't always use FW dump trig + - wifi: iwlwifi: mvm: handle debugfs names more carefully + - Revert "drm/amd/display: Fix sending VSC (+ colorimetry) packets for DP/eDP + displays without PSR" + - fbdev: Select I/O-memory framebuffer ops for SBus + - exec: Fix NOMMU linux_binprm::exec in transfer_args_to_stack() + - hexagon: vmlinux.lds.S: handle attributes section + - mm: cachestat: fix two shmem bugs + - selftests/mm: sigbus-wp test requires UFFD_FEATURE_WP_HUGETLBFS_SHMEM + - selftests/mm: fix ARM related issue with fork after pthread_create + - mmc: sdhci-omap: re-tuning is needed after a pm transition to support emmc + HS200 mode + - mmc: core: Initialize mmc_blk_ioc_data + - mmc: core: Avoid negative index with array access + - sdhci-of-dwcmshc: disable PM runtime in dwcmshc_remove() + - block: Do not force full zone append completion in req_bio_endio() + - thermal: devfreq_cooling: Fix perf state when calculate dfc res_util + - Revert "thermal: core: Don't update trip points inside the hysteresis range" + - nouveau/dmem: handle kcalloc() allocation failure + - net: ll_temac: platform_get_resource replaced by wrong function + - net: wan: framer: Add missing static inline qualifiers + - net: phy: qcom: at803x: fix kernel panic with at8031_probe + - drm/xe/query: fix gt_id bounds check + - drm/dp: Fix divide-by-zero regression on DP MST unplug with nouveau + - drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed + - drm/amdkfd: fix TLB flush after unmap for GFX9.4.2 + - drm/amdgpu: fix deadlock while reading mqd from debugfs + - drm/amd/display: Remove MPC rate control logic from DCN30 and above + - drm/amd/display: Set DCN351 BB and IP the same as DCN35 + - drm/i915/hwmon: Fix locking inversion in sysfs getter + - drm/i915/vma: Fix UAF on destroy against retire race + - drm/i915/bios: Tolerate devdata==NULL in + intel_bios_encoder_supports_dp_dual_mode() + - drm/i915/vrr: Generate VRR "safe window" for DSB + - drm/i915/dsi: Go back to the previous INIT_OTP/DISPLAY_ON order, mostly + - drm/i915/dsb: Fix DSB vblank waits when using VRR + - drm/i915: Do not match JSL in ehl_combo_pll_div_frac_wa_needed() + - drm/i915: Pre-populate the cursor physical dma address + - drm/i915/gt: Reset queue_priority_hint on parking + - drm/amd/display: Fix bounds check for dcn35 DcfClocks + - Bluetooth: hci_sync: Fix not checking error on hci_cmd_sync_cancel_sync + - mtd: spinand: Add support for 5-byte IDs + - Revert "usb: phy: generic: Get the vbus supply" + - usb: cdc-wdm: close race between read and workqueue + - usb: misc: ljca: Fix double free in error handling path + - USB: UAS: return ENODEV when submit urbs fail with device not attached + - vfio/pds: Make sure migration file isn't accessed after reset + - ring-buffer: Make wake once of ring_buffer_wait() more robust + - btrfs: fix extent map leak in unexpected scenario at unpin_extent_cache() + - ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs + - scsi: ufs: qcom: Provide default cycles_in_1us value + - scsi: sd: Fix TCG OPAL unlock on system resume + - scsi: core: Fix unremoved procfs host directory regression + - staging: vc04_services: changen strncpy() to strscpy_pad() + - staging: vc04_services: fix information leak in create_component() + - genirq: Introduce IRQF_COND_ONESHOT and use it in pinctrl-amd + - usb: dwc3: Properly set system wakeup + - USB: core: Fix deadlock in usb_deauthorize_interface() + - USB: core: Add hub_get() and hub_put() routines + - USB: core: Fix deadlock in port "disable" sysfs attribute + - usb: dwc2: host: Fix remote wakeup from hibernation + - usb: dwc2: host: Fix hibernation flow + - usb: dwc2: host: Fix ISOC flow in DDMA mode + - usb: dwc2: gadget: Fix exiting from clock gating + - usb: dwc2: gadget: LPM flow fix + - usb: udc: remove warning when queue disabled ep + - usb: typec: ucsi: Fix race between typec_switch and role_switch + - usb: typec: tcpm: fix double-free issue in tcpm_port_unregister_pd() + - usb: typec: tcpm: Correct port source pdo array in pd_set callback + - usb: typec: tcpm: Update PD of Type-C port upon pd_set + - usb: typec: Return size of buffer if pd_set operation succeeds + - usb: typec: ucsi: Clear EVENT_PENDING under PPM lock + - usb: typec: ucsi: Ack unsupported commands + - usb: typec: ucsi_acpi: Refactor and fix DELL quirk + - usb: typec: ucsi: Clear UCSI_CCI_RESET_COMPLETE before reset + - scsi: qla2xxx: Prevent command send on chip reset + - scsi: qla2xxx: Fix N2N stuck connection + - scsi: qla2xxx: Split FCE|EFT trace control + - scsi: qla2xxx: Update manufacturer detail + - scsi: qla2xxx: NVME|FCP prefer flag not being honored + - scsi: qla2xxx: Fix command flush on cable pull + - scsi: qla2xxx: Fix double free of the ha->vp_map pointer + - scsi: qla2xxx: Fix double free of fcport + - scsi: qla2xxx: Change debug message during driver unload + - scsi: qla2xxx: Delay I/O Abort on PCI error + - x86/bugs: Fix the SRSO mitigation on Zen3/4 + - crash: use macro to add crashk_res into iomem early for specific arch + - drm/amd/display: fix IPX enablement + - x86/bugs: Use fixed addressing for VERW operand + - Revert "x86/bugs: Use fixed addressing for VERW operand" + - usb: dwc3: pci: Drop duplicate ID + - scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() + - scsi: lpfc: Correct size for wqe for memset() + - scsi: libsas: Add a helper sas_get_sas_addr_and_dev_type() + - scsi: libsas: Fix disk not being scanned in after being removed + - perf/x86/amd/core: Update and fix stalled-cycles-* events for Zen 2 and + later + - x86/sev: Skip ROM range scans and validation for SEV-SNP guests + - tools/resolve_btfids: fix build with musl libc + - drm/amdgpu: fix use-after-free bug + - drm/sched: fix null-ptr-deref in init entity + - Linux 6.8.3 + - [Config] updateconfigs following v6.8.3 import + + * Noble update: v6.8.3 upstream stable release (LP: #2060531) // + [Ubuntu-24.04] Hugepage memory is not getting released even after destroying + the guest! (LP: #2062556) + - block: Fix page refcounts for unaligned buffers in __bio_release_pages() + + * [SPR][EMR][GNR] TDX: efi: TD Measurement support for kernel cmdline/initrd + sections from EFI stub (LP: #2060130) + - efi/libstub: Use TPM event typedefs from the TCG PC Client spec + - efi/tpm: Use symbolic GUID name from spec for final events table + - efi/libstub: Add Confidential Computing (CC) measurement typedefs + - efi/libstub: Measure into CC protocol if TCG2 protocol is absent + - efi/libstub: Add get_event_log() support for CC platforms + - x86/efistub: Remap kernel text read-only before dropping NX attribute + + * Fix acpi_power_meter accessing IPMI region before it's ready (LP: #2059263) + - ACPI: IPMI: Add helper to wait for when SMI is selected + - hwmon: (acpi_power_meter) Ensure IPMI space handler is ready on Dell systems + + * Drop fips-checks script from trees (LP: #2055083) + - [Packaging] Remove fips-checks script + + * alsa/realtek: adjust max output valume for headphone on 2 LG machines + (LP: #2058573) + - ALSA: hda/realtek: fix the hp playback volume issue for LG machines + + * Noble update: v6.8.2 upstream stable release (LP: #2060097) + - do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak + - workqueue.c: Increase workqueue name length + - workqueue: Move pwq->max_active to wq->max_active + - workqueue: Factor out pwq_is_empty() + - workqueue: Replace pwq_activate_inactive_work() with [__]pwq_activate_work() + - workqueue: Move nr_active handling into helpers + - workqueue: Make wq_adjust_max_active() round-robin pwqs while activating + - workqueue: RCU protect wq->dfl_pwq and implement accessors for it + - workqueue: Introduce struct wq_node_nr_active + - workqueue: Implement system-wide nr_active enforcement for unbound + workqueues + - workqueue: Don't call cpumask_test_cpu() with -1 CPU in + wq_update_node_max_active() + - iomap: clear the per-folio dirty bits on all writeback failures + - fs: Fix rw_hint validation + - io_uring: remove looping around handling traditional task_work + - io_uring: remove unconditional looping in local task_work handling + - s390/dasd: Use dev_*() for device log messages + - s390/dasd: fix double module refcount decrement + - fs/hfsplus: use better @opf description + - md: fix kmemleak of rdev->serial + - rcu/exp: Fix RCU expedited parallel grace period kworker allocation failure + recovery + - rcu/exp: Handle RCU expedited grace period kworker allocation failure + - fs/select: rework stack allocation hack for clang + - block: fix deadlock between bd_link_disk_holder and partition scan + - md: Don't clear MD_CLOSING when the raid is about to stop + - kunit: Setup DMA masks on the kunit device + - ovl: Always reject mounting over case-insensitive directories + - kunit: test: Log the correct filter string in executor_test + - lib/cmdline: Fix an invalid format specifier in an assertion msg + - lib: memcpy_kunit: Fix an invalid format specifier in an assertion msg + - time: test: Fix incorrect format specifier + - rtc: test: Fix invalid format specifier. + - net: test: Fix printf format specifier in skb_segment kunit test + - drm/xe/tests: Fix printf format specifiers in xe_migrate test + - drm: tests: Fix invalid printf format specifiers in KUnit tests + - md/raid1: factor out helpers to add rdev to conf + - md/raid1: record nonrot rdevs while adding/removing rdevs to conf + - md/raid1: fix choose next idle in read_balance() + - io_uring/net: unify how recvmsg and sendmsg copy in the msghdr + - io_uring/net: move receive multishot out of the generic msghdr path + - io_uring/net: fix overflow check in io_recvmsg_mshot_prep() + - nvme: host: fix double-free of struct nvme_id_ns in ns_update_nuse() + - aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts + - x86/mm: Ensure input to pfn_to_kaddr() is treated as a 64-bit type + - x86/resctrl: Remove hard-coded memory bandwidth limit + - x86/resctrl: Read supported bandwidth sources from CPUID + - x86/resctrl: Implement new mba_MBps throttling heuristic + - x86/sme: Fix memory encryption setting if enabled by default and not + overridden + - timekeeping: Fix cross-timestamp interpolation on counter wrap + - timekeeping: Fix cross-timestamp interpolation corner case decision + - timekeeping: Fix cross-timestamp interpolation for non-x86 + - x86/asm: Remove the __iomem annotation of movdir64b()'s dst argument + - sched/fair: Take the scheduling domain into account in select_idle_smt() + - sched/fair: Take the scheduling domain into account in select_idle_core() + - wifi: ath10k: fix NULL pointer dereference in + ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() + - wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled + - wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is disabled + - wifi: b43: Stop correct queue in DMA worker when QoS is disabled + - wifi: b43: Disable QoS for bcm4331 + - wifi: wilc1000: fix declarations ordering + - wifi: wilc1000: fix RCU usage in connect path + - wifi: ath11k: add support to select 6 GHz regulatory type + - wifi: ath11k: store cur_regulatory_info for each radio + - wifi: ath11k: fix a possible dead lock caused by ab->base_lock + - wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work + - wifi: wilc1000: do not realloc workqueue everytime an interface is added + - wifi: wilc1000: fix multi-vif management when deleting a vif + - wifi: mwifiex: debugfs: Drop unnecessary error check for + debugfs_create_dir() + - ARM: dts: renesas: r8a73a4: Fix external clocks and clock rate + - arm64: dts: qcom: x1e80100: drop qcom,drv-count + - arm64: dts: qcom: sc8180x: Hook up VDD_CX as GCC parent domain + - arm64: dts: qcom: sc8180x: Fix up big CPU idle state entry latency + - arm64: dts: qcom: sc8180x: Add missing CPU off state + - arm64: dts: qcom: sc8180x: Fix eDP PHY power-domains + - arm64: dts: qcom: sc8180x: Don't hold MDP core clock at FMAX + - arm64: dts: qcom: sc8180x: Require LOW_SVS vote for MMCX if DISPCC is on + - arm64: dts: qcom: sc8180x: Add missing CPU<->MDP_CFG path + - arm64: dts: qcom: sc8180x: Shrink aoss_qmp register space size + - cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value + - cpufreq: mediatek-hw: Wait for CPU supplies before probing + - sock_diag: annotate data-races around sock_diag_handlers[family] + - inet_diag: annotate data-races around inet_diag_table[] + - bpftool: Silence build warning about calloc() + - selftests/bpf: Fix potential premature unload in bpf_testmod + - libbpf: Apply map_set_def_max_entries() for inner_maps on creation + - selftest/bpf: Add map_in_maps with BPF_MAP_TYPE_PERF_EVENT_ARRAY values + - bpftool: Fix wrong free call in do_show_link + - wifi: ath12k: Fix issues in channel list update + - selftests/bpf: Fix the flaky tc_redirect_dtime test + - selftests/bpf: Wait for the netstamp_needed_key static key to be turned on + - wifi: cfg80211: add RNR with reporting AP information + - wifi: mac80211: use deflink and fix typo in link ID check + - wifi: iwlwifi: change link id in time event to s8 + - af_unix: Annotate data-race of gc_in_progress in wait_for_unix_gc(). + - arm64: dts: qcom: sm8450: Add missing interconnects to serial + - soc: qcom: socinfo: rename PM2250 to PM4125 + - arm64: dts: qcom: sc7280: Add static properties to cryptobam + - arm64: dts: qcom: qcm6490-fairphone-fp5: Add missing reserved-memory + - arm64: dts: qcom: sdm845-oneplus-common: improve DAI node naming + - arm64: dts: qcom: rename PM2250 to PM4125 + - cpufreq: mediatek-hw: Don't error out if supply is not found + - libbpf: Fix faccessat() usage on Android + - libbpf: fix __arg_ctx type enforcement for perf_event programs + - pmdomain: qcom: rpmhpd: Drop SA8540P gfx.lvl + - arm64: dts: qcom: sa8540p: Drop gfx.lvl as power-domain for gpucc + - arm64: dts: renesas: r8a779g0: Restore sort order + - arm64: dts: renesas: r8a779g0: Add missing SCIF_CLK2 + - selftests/bpf: Disable IPv6 for lwt_redirect test + - arm64: dts: imx8mm-kontron: Disable pullups for I2C signals on OSM-S i.MX8MM + - arm64: dts: imx8mm-kontron: Disable pullups for I2C signals on SL/BL i.MX8MM + - arm64: dts: imx8mm-kontron: Disable pullups for onboard UART signals on BL + OSM-S board + - arm64: dts: imx8mm-kontron: Disable pullups for onboard UART signals on BL + board + - arm64: dts: imx8mm-kontron: Disable pull resistors for SD card signals on BL + OSM-S board + - arm64: dts: imx8mm-kontron: Disable pull resistors for SD card signals on BL + board + - arm64: dts: imx8mm-kontron: Fix interrupt for RTC on OSM-S i.MX8MM module + - arm64: dts: imx8qm: Align edma3 power-domains resources indentation + - arm64: dts: imx8qm: Correct edma3 power-domains and interrupt numbers + - libbpf: Add missing LIBBPF_API annotation to libbpf_set_memlock_rlim API + - wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete + - wifi: ath11k: change to move WMI_VDEV_PARAM_SET_HEMU_MODE before + WMI_PEER_ASSOC_CMDID + - wifi: ath12k: fix fetching MCBC flag for QCN9274 + - wifi: iwlwifi: mvm: report beacon protection failures + - wifi: iwlwifi: dbg-tlv: ensure NUL termination + - wifi: iwlwifi: acpi: fix WPFC reading + - wifi: iwlwifi: mvm: initialize rates in FW earlier + - wifi: iwlwifi: fix EWRD table validity check + - wifi: iwlwifi: mvm: d3: fix IPN byte order + - wifi: iwlwifi: always have 'uats_enabled' + - wifi: iwlwifi: mvm: fix the TLC command after ADD_STA + - wifi: iwlwifi: read BIOS PNVM only for non-Intel SKU + - gpio: vf610: allow disabling the vf610 driver + - selftests/bpf: trace_helpers.c: do not use poisoned type + - bpf: make sure scalar args don't accept __arg_nonnull tag + - bpf: don't emit warnings intended for global subprogs for static subprogs + - arm64: dts: imx8mm-venice-gw71xx: fix USB OTG VBUS + - pwm: atmel-hlcdc: Fix clock imbalance related to suspend support + - net: blackhole_dev: fix build warning for ethh set but not used + - spi: consolidate setting message->spi + - spi: move split xfers for CS_WORD emulation + - arm64: dts: ti: k3-am62p5-sk: Enable CPSW MDIO node + - arm64: dts: ti: k3-j721s2: Fix power domain for VTM node + - arm64: dts: ti: k3-j784s4: Fix power domain for VTM node + - wifi: ath11k: initialize rx_mcs_80 and rx_mcs_160 before use + - wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() + - arm64: dts: ti: k3-am69-sk: remove assigned-clock-parents for unused VP + - libbpf: fix return value for PERF_EVENT __arg_ctx type fix up check + - arm64: dts: ti: k3-am62p-mcu/wakeup: Disable MCU and wakeup R5FSS nodes + - arm64: dts: qcom: x1e80100-qcp: Fix supplies for LDOs 3E and 2J + - libbpf: Use OPTS_SET() macro in bpf_xdp_query() + - wifi: wfx: fix memory leak when starting AP + - arm64: dts: qcom: qcm2290: declare VLS CLAMP register for USB3 PHY + - arm64: dts: qcom: sm6115: declare VLS CLAMP register for USB3 PHY + - arm64: dts: qcom: sm8650: Fix UFS PHY clocks + - wifi: ath12k: fix incorrect logic of calculating vdev_stats_id + - printk: nbcon: Relocate 32bit seq macros + - printk: ringbuffer: Do not skip non-finalized records with prb_next_seq() + - printk: Wait for all reserved records with pr_flush() + - printk: Add this_cpu_in_panic() + - printk: ringbuffer: Cleanup reader terminology + - printk: ringbuffer: Skip non-finalized records in panic + - printk: Disable passing console lock owner completely during panic() + - pwm: sti: Fix capture for st,pwm-num-chan < st,capture-num-chan + - tools/resolve_btfids: Refactor set sorting with types from btf_ids.h + - tools/resolve_btfids: Fix cross-compilation to non-host endianness + - wifi: iwlwifi: support EHT for WH + - wifi: iwlwifi: properly check if link is active + - wifi: iwlwifi: mvm: fix erroneous queue index mask + - wifi: iwlwifi: mvm: don't set the MFP flag for the GTK + - wifi: iwlwifi: mvm: don't set replay counters to 0xff + - s390/pai: fix attr_event_free upper limit for pai device drivers + - s390/vdso: drop '-fPIC' from LDFLAGS + - arm64: dts: qcom: qcm6490-idp: Correct the voltage setting for vph_pwr + - arm64: dts: qcom: qcs6490-rb3gen2: Correct the voltage setting for vph_pwr + - selftests: forwarding: Add missing config entries + - selftests: forwarding: Add missing multicast routing config entries + - arm64: dts: qcom: sm6115: drop pipe clock selection + - ipv6: mcast: remove one synchronize_net() barrier in ipv6_mc_down() + - arm64: dts: mt8183: Move CrosEC base detection node to kukui-based DTs + - arm64: dts: mediatek: mt7986: fix reference to PWM in fan node + - arm64: dts: mediatek: mt7986: drop crypto's unneeded/invalid clock name + - arm64: dts: mediatek: mt7986: fix SPI bus width properties + - arm64: dts: mediatek: mt7986: fix SPI nodename + - arm64: dts: mediatek: mt7986: drop "#clock-cells" from PWM + - arm64: dts: mediatek: mt7986: add "#reset-cells" to infracfg + - arm64: dts: mediatek: mt8192-asurada: Remove CrosEC base detection node + - arm64: dts: mediatek: mt8192: fix vencoder clock name + - arm64: dts: mediatek: mt8186: fix VENC power domain clocks + - arm64: dts: mediatek: mt7622: add missing "device_type" to memory nodes + - can: m_can: Start/Cancel polling timer together with interrupts + - wifi: iwlwifi: mvm: Fix the listener MAC filter flags + - bpf: Mark bpf_spin_{lock,unlock}() helpers with notrace correctly + - arm64: dts: qcom: sdm845: Use the Low Power Island CX/MX for SLPI + - soc: qcom: llcc: Check return value on Broadcast_OR reg read + - ARM: dts: qcom: msm8974: correct qfprom node size + - arm64: dts: mediatek: mt8186: Add missing clocks to ssusb power domains + - arm64: dts: mediatek: mt8186: Add missing xhci clock to usb controllers + - arm64: dts: ti: am65x: Fix dtbs_install for Rocktech OLDI overlay + - cpufreq: qcom-hw: add CONFIG_COMMON_CLK dependency + - wifi: wilc1000: prevent use-after-free on vif when cleaning up all + interfaces + - pwm: dwc: use pm_sleep_ptr() macro + - arm64: dts: ti: k3-am69-sk: fix PMIC interrupt number + - arm64: dts: ti: k3-j721e-sk: fix PMIC interrupt number + - arm64: dts: ti: k3-am62-main: disable usb lpm + - ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() + - bus: tegra-aconnect: Update dependency to ARCH_TEGRA + - iommu/amd: Mark interrupt as managed + - wifi: brcmsmac: avoid function pointer casts + - arm64: dts: qcom: sdm845-db845c: correct PCIe wake-gpios + - arm64: dts: qcom: sm8150: correct PCIe wake-gpios + - powercap: dtpm_cpu: Fix error check against freq_qos_add_request() + - net: ena: Remove ena_select_queue + - arm64: dts: ti: k3-j7200-common-proc-board: Modify Pinmux for wkup_uart0 and + mcu_uart0 + - arm64: dts: ti: k3-j7200-common-proc-board: Remove clock-frequency from + mcu_uart0 + - arm64: dts: ti: k3-j721s2-common-proc-board: Remove Pinmux for CTS and RTS + in wkup_uart0 + - arm64: dts: ti: k3-j784s4-evm: Remove Pinmux for CTS and RTS in wkup_uart0 + - arm64: dts: ti: k3-am64-main: Fix ITAP/OTAP values for MMC + - arm64: dts: mt8195-cherry-tomato: change watchdog reset boot flow + - arm64: dts: ti: Add common1 register space for AM65x SoC + - arm64: dts: ti: Add common1 register space for AM62x SoC + - firmware: arm_scmi: Fix double free in SMC transport cleanup path + - wifi: cfg80211: set correct param change count in ML element + - arm64: dts: ti: k3-j721e: Fix mux-reg-masks in hbmc_mux + - arm64: dts: ti: k3-j784s4-main: Fix mux-reg-masks in serdes_ln_ctrl + - arm64: dts: ti: k3-am62p: Fix memory ranges for DMSS + - wifi: wilc1000: revert reset line logic flip + - ARM: dts: arm: realview: Fix development chip ROM compatible value + - memory: tegra: Correct DLA client names + - wifi: mt76: mt7996: fix fw loading timeout + - wifi: mt76: mt7925: fix connect to 80211b mode fail in 2Ghz band + - wifi: mt76: mt7925: fix SAP no beacon issue in 5Ghz and 6Ghz band + - wifi: mt76: mt7925: fix mcu query command fail + - wifi: mt76: mt7925: fix wmm queue mapping + - wifi: mt76: mt7925: fix fw download fail + - wifi: mt76: mt7925: fix WoW failed in encrypted mode + - wifi: mt76: mt7925: fix the wrong header translation config + - wifi: mt76: mt7925: add flow to avoid chip bt function fail + - wifi: mt76: mt7925: add support to set ifs time by mcu command + - wifi: mt76: mt7925: update PCIe DMA settings + - wifi: mt76: mt7996: check txs format before getting skb by pid + - wifi: mt76: mt7996: fix TWT issues + - wifi: mt76: mt7996: fix incorrect interpretation of EHT MCS caps + - wifi: mt76: mt7996: fix HE beamformer phy cap for station vif + - wifi: mt76: mt7996: fix efuse reading issue + - wifi: mt76: mt7996: fix HIF_TXD_V2_1 value + - wifi: mt76: mt792x: fix ethtool warning + - wifi: mt76: mt7921e: fix use-after-free in free_irq() + - wifi: mt76: mt7925e: fix use-after-free in free_irq() + - wifi: mt76: mt7921: fix incorrect type conversion for CLC command + - wifi: mt76: mt792x: fix a potential loading failure of the 6Ghz channel + config from ACPI + - wifi: mt76: fix the issue of missing txpwr settings from ch153 to ch177 + - arm64: dts: renesas: rzg2l: Add missing interrupts to IRQC nodes + - arm64: dts: renesas: r9a08g045: Add missing interrupts to IRQC node + - arm64: dts: renesas: rzg3s-smarc-som: Guard Ethernet IRQ GPIO hogs + - arm64: dts: renesas: r8a779a0: Correct avb[01] reg sizes + - arm64: dts: renesas: r8a779g0: Correct avb[01] reg sizes + - net: mctp: copy skb ext data when fragmenting + - pstore: inode: Only d_invalidate() is needed + - arm64: dts: allwinner: h6: Add RX DMA channel for SPDIF + - ARM: dts: imx6dl-yapp4: Fix typo in the QCA switch register address + - ARM: dts: imx6dl-yapp4: Move the internal switch PHYs under the switch node + - arm64: dts: imx8mp: Set SPI NOR to max 40 MHz on Data Modul i.MX8M Plus eDM + SBC + - arm64: dts: imx8mp-evk: Fix hdmi@3d node + - regulator: userspace-consumer: add module device table + - gpiolib: Pass consumer device through to core in + devm_fwnode_gpiod_get_index() + - arm64: dts: marvell: reorder crypto interrupts on Armada SoCs + - ACPI: resource: Do IRQ override on Lunnen Ground laptops + - ACPI: resource: Add MAIBENBEN X577 to irq1_edge_low_force_override + - ACPI: scan: Fix device check notification handling + - arm64: dts: rockchip: add missing interrupt-names for rk356x vdpu + - arm64: dts: rockchip: fix reset-names for rk356x i2s2 controller + - arm64: dts: rockchip: drop rockchip,trcm-sync-tx-only from rk3588 i2s + - objtool: Fix UNWIND_HINT_{SAVE,RESTORE} across basic blocks + - x86, relocs: Ignore relocations in .notes section + - SUNRPC: fix a memleak in gss_import_v2_context + - SUNRPC: fix some memleaks in gssx_dec_option_array + - arm64: dts: qcom: sm8550: Fix SPMI channels size + - arm64: dts: qcom: sm8650: Fix SPMI channels size + - mmc: wmt-sdmmc: remove an incorrect release_mem_region() call in the .remove + function + - ACPI: CPPC: enable AMD CPPC V2 support for family 17h processors + - btrfs: fix race when detecting delalloc ranges during fiemap + - wifi: rtw88: 8821cu: Fix firmware upload fail + - wifi: rtw88: 8821c: Fix beacon loss and disconnect + - wifi: rtw88: 8821c: Fix false alarm count + - wifi: brcm80211: handle pmk_op allocation failure + - riscv: dts: starfive: jh7100: fix root clock names + - PCI: Make pci_dev_is_disconnected() helper public for other drivers + - iommu/vt-d: Don't issue ATS Invalidation request when device is disconnected + - iommu/vt-d: Use rbtree to track iommu probed devices + - iommu/vt-d: Improve ITE fault handling if target device isn't present + - iommu/vt-d: Use device rbtree in iopf reporting path + - iommu: Add static iommu_ops->release_domain + - iommu/vt-d: Fix NULL domain on device release + - igc: Fix missing time sync events + - igb: Fix missing time sync events + - ice: fix stats being updated by way too large values + - Bluetooth: Remove HCI_POWER_OFF_TIMEOUT + - Bluetooth: mgmt: Remove leftover queuing of power_off work + - Bluetooth: Remove superfluous call to hci_conn_check_pending() + - Bluetooth: Remove BT_HS + - Bluetooth: hci_event: Fix not indicating new connection for BIG Sync + - Bluetooth: hci_qca: don't use IS_ERR_OR_NULL() with gpiod_get_optional() + - Bluetooth: hci_core: Cancel request on command timeout + - Bluetooth: hci_sync: Fix overwriting request callback + - Bluetooth: hci_h5: Add ability to allocate memory for private data + - Bluetooth: btrtl: fix out of bounds memory access + - Bluetooth: hci_core: Fix possible buffer overflow + - Bluetooth: msft: Fix memory leak + - Bluetooth: btusb: Fix memory leak + - Bluetooth: af_bluetooth: Fix deadlock + - Bluetooth: fix use-after-free in accessing skb after sending it + - sr9800: Add check for usbnet_get_endpoints + - s390/cache: prevent rebuild of shared_cpu_list + - bpf: Fix DEVMAP_HASH overflow check on 32-bit arches + - bpf: Fix hashtab overflow check on 32-bit arches + - bpf: Fix stackmap overflow check on 32-bit arches + - net: dsa: microchip: make sure drive strength configuration is not lost by + soft reset + - dpll: spec: use proper enum for pin capabilities attribute + - iommu: Fix compilation without CONFIG_IOMMU_INTEL + - ipv6: fib6_rules: flush route cache when rule is changed + - net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() + - octeontx2-af: Fix devlink params + - net: phy: fix phy_get_internal_delay accessing an empty array + - dpll: fix dpll_xa_ref_*_del() for multiple registrations + - net: hns3: fix wrong judgment condition issue + - net: hns3: fix kernel crash when 1588 is received on HIP08 devices + - net: hns3: fix port duplex configure error in IMP reset + - Bluetooth: Fix eir name length + - net: phy: dp83822: Fix RGMII TX delay configuration + - erofs: fix lockdep false positives on initializing erofs_pseudo_mnt + - OPP: debugfs: Fix warning around icc_get_name() + - tcp: fix incorrect parameter validation in the do_tcp_getsockopt() function + - ipmr: fix incorrect parameter validation in the ip_mroute_getsockopt() + function + - l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt() + function + - udp: fix incorrect parameter validation in the udp_lib_getsockopt() function + - net: kcm: fix incorrect parameter validation in the kcm_getsockopt) function + - net/x25: fix incorrect parameter validation in the x25_getsockopt() function + - devlink: Fix length of eswitch inline-mode + - r8152: fix unknown device for choose_configuration + - nfp: flower: handle acti_netdevs allocation failure + - bpf: hardcode BPF_PROG_PACK_SIZE to 2MB * num_possible_nodes() + - dm raid: fix false positive for requeue needed during reshape + - dm: call the resume method on internal suspend + - fbdev/simplefb: change loglevel when the power domains cannot be parsed + - drm/tegra: dsi: Add missing check for of_find_device_by_node + - drm/tegra: dpaux: Fix PM disable depth imbalance in tegra_dpaux_probe + - drm/tegra: dsi: Fix some error handling paths in tegra_dsi_probe() + - drm/tegra: dsi: Fix missing pm_runtime_disable() in the error handling path + of tegra_dsi_probe() + - drm/tegra: hdmi: Fix some error handling paths in tegra_hdmi_probe() + - drm/tegra: rgb: Fix some error handling paths in tegra_dc_rgb_probe() + - drm/tegra: rgb: Fix missing clk_put() in the error handling paths of + tegra_dc_rgb_probe() + - drm/tegra: output: Fix missing i2c_put_adapter() in the error handling paths + of tegra_output_probe() + - drm/rockchip: inno_hdmi: Fix video timing + - drm: Don't treat 0 as -1 in drm_fixp2int_ceil + - drm/vkms: Avoid reading beyond LUT array + - drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node + - drm/rockchip: lvds: do not overwrite error code + - drm/rockchip: lvds: do not print scary message when probing defer + - drm/panel-edp: use put_sync in unprepare + - drm/lima: fix a memleak in lima_heap_alloc + - ASoC: amd: acp: Add missing error handling in sof-mach + - ASoC: SOF: amd: Fix memory leak in amd_sof_acp_probe() + - ASoC: SOF: core: Skip firmware test for custom loaders + - ASoC: SOF: amd: Compute file paths on firmware load + - soundwire: stream: add missing const to Documentation + - dmaengine: tegra210-adma: Update dependency to ARCH_TEGRA + - media: tc358743: register v4l2 async device only after successful setup + - media: cadence: csi2rx: use match fwnode for media link + - PCI/DPC: Print all TLP Prefixes, not just the first + - perf record: Fix possible incorrect free in record__switch_output() + - perf record: Check conflict between '--timestamp-filename' option and pipe + mode before recording + - HID: lenovo: Add middleclick_workaround sysfs knob for cptkbd + - drm/amd/display: Fix a potential buffer overflow in 'dp_dsc_clock_en_read()' + - perf pmu: Treat the msr pmu as software + - crypto: qat - avoid memcpy() overflow warning + - ALSA: hda: cs35l41: Set Channel Index correctly when system is missing _DSD + - drm/amd/display: Fix potential NULL pointer dereferences in + 'dcn10_set_output_transfer_func()' + - ASoC: sh: rz-ssi: Fix error message print + - drm/vmwgfx: Fix vmw_du_get_cursor_mob fencing of newly-created MOBs + - clk: renesas: r8a779g0: Fix PCIe clock name + - pinctrl: renesas: rzg2l: Fix locking in rzg2l_dt_subnode_to_map() + - pinctrl: renesas: r8a779g0: Add missing SCIF_CLK2 pin group/function + - clk: samsung: exynos850: Propagate SPI IPCLK rate change + - media: v4l2: cci: print leading 0 on error + - perf evsel: Fix duplicate initialization of data->id in + evsel__parse_sample() + - perf bpf: Clean up the generated/copied vmlinux.h + - clk: meson: Add missing clocks to axg_clk_regmaps + - media: em28xx: annotate unchecked call to media_device_register() + - media: v4l2-tpg: fix some memleaks in tpg_alloc + - media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity + - media: dt-bindings: techwell,tw9900: Fix port schema ref + - mtd: spinand: esmt: Extend IDs to 5 bytes + - media: edia: dvbdev: fix a use-after-free + - pinctrl: mediatek: Drop bogus slew rate register range for MT8186 + - pinctrl: mediatek: Drop bogus slew rate register range for MT8192 + - drm/amdgpu: Fix potential out-of-bounds access in + 'amdgpu_discovery_reg_base_init()' + - clk: qcom: reset: Commonize the de/assert functions + - clk: qcom: reset: Ensure write completion on reset de/assertion + - quota: Fix potential NULL pointer dereference + - quota: Fix rcu annotations of inode dquot pointers + - quota: Properly annotate i_dquot arrays with __rcu + - ASoC: Intel: ssp-common: Add stub for sof_ssp_get_codec_name + - PCI/P2PDMA: Fix a sleeping issue in a RCU read section + - PCI: switchtec: Fix an error handling path in switchtec_pci_probe() + - crypto: xilinx - call finalize with bh disabled + - drivers/ps3: select VIDEO to provide cmdline functions + - perf thread_map: Free strlist on normal path in thread_map__new_by_tid_str() + - perf srcline: Add missed addr2line closes + - dt-bindings: msm: qcom, mdss: Include ommited fam-b compatible + - drm/msm/dpu: fix the programming of INTF_CFG2_DATA_HCTL_EN + - drm/msm/dpu: Only enable DSC_MODE_MULTIPLEX if dsc_merge is enabled + - drm/radeon/ni: Fix wrong firmware size logging in ni_init_microcode() + - drm/amd/display: fix NULL checks for adev->dm.dc in amdgpu_dm_fini() + - clk: renesas: r8a779g0: Correct PFC/GPIO parent clocks + - clk: renesas: r8a779f0: Correct PFC/GPIO parent clock + - clk: renesas: r9a07g04[34]: Use SEL_SDHI1_STS status configuration for SD1 + mux + - ALSA: seq: fix function cast warnings + - perf expr: Fix "has_event" function for metric style events + - perf stat: Avoid metric-only segv + - perf metric: Don't remove scale from counts + - ASoC: meson: aiu: fix function pointer type mismatch + - ASoC: meson: t9015: fix function pointer type mismatch + - powerpc: Force inlining of arch_vmap_p{u/m}d_supported() + - ASoC: SOF: Add some bounds checking to firmware data + - drm: ci: use clk_ignore_unused for apq8016 + - NTB: fix possible name leak in ntb_register_device() + - media: cedrus: h265: Fix configuring bitstream size + - media: sun8i-di: Fix coefficient writes + - media: sun8i-di: Fix power on/off sequences + - media: sun8i-di: Fix chroma difference threshold + - staging: media: starfive: Set 16 bpp for capture_raw device + - media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak + - media: go7007: add check of return value of go7007_read_addr() + - media: pvrusb2: remove redundant NULL check + - media: videobuf2: Add missing doc comment for waiting_in_dqbuf + - media: pvrusb2: fix pvr2_stream_callback casts + - clk: qcom: dispcc-sdm845: Adjust internal GDSC wait times + - drm/amd/display: Add 'replay' NULL check in 'edp_set_replay_allow_active()' + - drm/panel: boe-tv101wum-nl6: make use of prepare_prev_first + - drm/msm/dpu: finalise global state object + - drm/mediatek: dsi: Fix DSI RGB666 formats and definitions + - PCI: Mark 3ware-9650SE Root Port Extended Tags as broken + - drm/bridge: adv7511: fix crash on irq during probe + - pinctrl: renesas: Allow the compiler to optimize away sh_pfc_pm + - clk: hisilicon: hi3519: Release the correct number of gates in + hi3519_clk_unregister() + - clk: hisilicon: hi3559a: Fix an erroneous devm_kfree() + - clk: mediatek: mt8135: Fix an error handling path in + clk_mt8135_apmixed_probe() + - clk: mediatek: mt7622-apmixedsys: Fix an error handling path in + clk_mt8135_apmixed_probe() + - clk: mediatek: mt8183: Correct parent of CLK_INFRA_SSPM_32K_SELF + - clk: mediatek: mt7981-topckgen: flag SGM_REG_SEL as critical + - drm/tegra: put drm_gem_object ref on error in tegra_fb_create + - tty: mips_ejtag_fdc: Fix passing incompatible pointer type warning + - media: ivsc: csi: Swap SINK and SOURCE pads + - media: i2c: imx290: Fix IMX920 typo + - mfd: syscon: Call of_node_put() only when of_parse_phandle() takes a ref + - mfd: altera-sysmgr: Call of_node_put() only when of_parse_phandle() takes a + ref + - perf print-events: make is_event_supported() more robust + - crypto: arm/sha - fix function cast warnings + - crypto: ccp - Avoid discarding errors in psp_send_platform_access_msg() + - crypto: qat - remove unused macros in qat_comp_alg.c + - crypto: qat - removed unused macro in adf_cnv_dbgfs.c + - crypto: qat - avoid division by zero + - crypto: qat - remove double initialization of value + - crypto: qat - fix ring to service map for dcc in 4xxx + - crypto: qat - fix ring to service map for dcc in 420xx + - crypto: jitter - fix CRYPTO_JITTERENTROPY help text + - drm/tidss: Fix initial plane zpos values + - drm/tidss: Fix sync-lost issue with two displays + - clk: imx: imx8mp: Fix SAI_MCLK_SEL definition + - mtd: maps: physmap-core: fix flash size larger than 32-bit + - mtd: rawnand: lpc32xx_mlc: fix irq handler prototype + - mtd: rawnand: brcmnand: exec_op helper functions return type fixes + - ASoC: meson: axg-tdm-interface: fix mclk setup without mclk-fs + - ASoC: meson: axg-tdm-interface: add frame rate constraint + - drm/msm/a6xx: specify UBWC config for sc7180 + - drm/msm/a7xx: Fix LLC typo + - dt-bindings: arm-smmu: fix SM8[45]50 GPU SMMU if condition + - perf pmu: Fix a potential memory leak in perf_pmu__lookup() + - HID: amd_sfh: Update HPD sensor structure elements + - HID: amd_sfh: Avoid disabling the interrupt + - drm/amdgpu: Fix missing break in ATOM_ARG_IMM Case of atom_get_src_int() + - media: pvrusb2: fix uaf in pvr2_context_set_notify + - media: dvb-frontends: avoid stack overflow warnings with clang + - media: go7007: fix a memleak in go7007_load_encoder + - media: ttpci: fix two memleaks in budget_av_attach + - media: mediatek: vcodec: avoid -Wcast-function-type-strict warning + - arm64: ftrace: Don't forbid CALL_OPS+CC_OPTIMIZE_FOR_SIZE with Clang + - drm/tests: helpers: Include missing drm_drv header + - drm/amd/pm: Fix esm reg mask use to get pcie speed + - gpio: nomadik: fix offset bug in nmk_pmx_set() + - drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip + - mfd: cs42l43: Fix wrong register defaults + - powerpc/32: fix ADB_CUDA kconfig warning + - powerpc/pseries: Fix potential memleak in papr_get_attr() + - powerpc/hv-gpci: Fix the H_GET_PERF_COUNTER_INFO hcall return value checks + - clk: qcom: gcc-ipq5018: fix 'enable_reg' offset of 'gcc_gmac0_sys_clk' + - clk: qcom: gcc-ipq5018: fix 'halt_reg' offset of 'gcc_pcie1_pipe_clk' + - clk: qcom: gcc-ipq5018: fix register offset for GCC_UBI0_AXI_ARES reset + - perf vendor events amd: Fix Zen 4 cache latency events + - drm/msm/dpu: allow certain formats for CDM for DP + - drm/msm/dpu: add division of drm_display_mode's hskew parameter + - media: usbtv: Remove useless locks in usbtv_video_free() + - drm/xe: Fix ref counting leak on page fault + - drm/xe: Replace 'grouped target' in Makefile with pattern rule + - lib/stackdepot: fix first entry having a 0-handle + - lib/stackdepot: off by one in depot_fetch_stack() + - modules: wait do_free_init correctly + - mfd: cs42l43: Fix wrong GPIO_FN_SEL and SPI_CLK_CONFIG1 defaults + - power: supply: mm8013: fix "not charging" detection + - powerpc/embedded6xx: Fix no previous prototype for avr_uart_send() etc. + - powerpc/4xx: Fix warp_gpio_leds build failure + - RISC-V: KVM: Forward SEED CSR access to user space + - leds: aw2013: Unlock mutex before destroying it + - leds: sgm3140: Add missing timer cleanup and flash gpio control + - backlight: hx8357: Fix potential NULL pointer dereference + - backlight: ktz8866: Correct the check for of_property_read_u32 + - backlight: lm3630a: Initialize backlight_properties on init + - backlight: lm3630a: Don't set bl->props.brightness in get_brightness + - backlight: da9052: Fully initialize backlight_properties during probe + - backlight: lm3639: Fully initialize backlight_properties during probe + - backlight: lp8788: Fully initialize backlight_properties during probe + - sparc32: Use generic cmpdi2/ucmpdi2 variants + - mtd: maps: sun_uflash: Declare uflash_devinit static + - sparc32: Do not select GENERIC_ISA_DMA + - sparc32: Fix section mismatch in leon_pci_grpci + - clk: Fix clk_core_get NULL dereference + - clk: zynq: Prevent null pointer dereference caused by kmalloc failure + - PCI: brcmstb: Fix broken brcm_pcie_mdio_write() polling + - cifs: Fix writeback data corruption + - ALSA: hda/realtek: fix ALC285 issues on HP Envy x360 laptops + - ALSA: hda/tas2781: use dev_dbg in system_resume + - ALSA: hda/tas2781: add lock to system_suspend + - ALSA: hda/tas2781: do not reset cur_* values in runtime_suspend + - ALSA: hda/tas2781: do not call pm_runtime_force_* in system_resume/suspend + - ALSA: hda/tas2781: restore power state after system_resume + - ALSA: scarlett2: Fix Scarlett 4th Gen 4i4 low-voltage detection + - ALSA: scarlett2: Fix Scarlett 4th Gen autogain status values + - ALSA: scarlett2: Fix Scarlett 4th Gen input gain range + - ALSA: scarlett2: Fix Scarlett 4th Gen input gain range again + - mips: cm: Convert __mips_cm_l2sync_phys_base() to weak function + - platform/x86/intel/pmc/lnl: Remove SSRAM support + - platform/x86/intel/pmc/arl: Put GNA device in D3 + - platform/x86/amd/pmf: Do not use readl() for policy buffer access + - ALSA: usb-audio: Stop parsing channels bits when all channels are found. + - phy: qcom: qmp-usb: split USB-C PHY driver + - phy: qcom: qmp-usbc: add support for the Type-C handling + - phy: qcom: qmp-usbc: handle CLAMP register in a correct way + - scsi: hisi_sas: Fix a deadlock issue related to automatic dump + - RDMA/irdma: Remove duplicate assignment + - RDMA/srpt: Do not register event handler until srpt device is fully setup + - f2fs: compress: fix to guarantee persisting compressed blocks by CP + - f2fs: compress: fix to cover normal cluster write with cp_rwsem + - f2fs: compress: fix to check unreleased compressed cluster + - f2fs: compress: fix to avoid inconsistence bewteen i_blocks and dnode + - f2fs: fix to remove unnecessary f2fs_bug_on() to avoid panic + - f2fs: zone: fix to wait completion of last bio in zone correctly + - f2fs: fix NULL pointer dereference in f2fs_submit_page_write() + - f2fs: compress: fix to cover f2fs_disable_compressed_file() w/ i_sem + - f2fs: fix to avoid potential panic during recovery + - scsi: csiostor: Avoid function pointer casts + - i3c: dw: Disable IBI IRQ depends on hot-join and SIR enabling + - RDMA/hns: Fix mis-modifying default congestion control algorithm + - RDMA/device: Fix a race between mad_client and cm_client init + - RDMA/rtrs-clt: Check strnlen return len in sysfs mpath_policy_store() + - scsi: bfa: Fix function pointer type mismatch for hcb_qe->cbfn + - f2fs: fix to create selinux label during whiteout initialization + - f2fs: compress: fix to check zstd compress level correctly in mount option + - net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() + - NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 + - NFSv4.2: fix listxattr maximum XDR buffer size + - f2fs: compress: fix to check compress flag w/ .i_sem lock + - f2fs: check number of blocks in a current section + - watchdog: starfive: Check pm_runtime_enabled() before decrementing usage + counter + - watchdog: stm32_iwdg: initialize default timeout + - f2fs: fix to use correct segment type in f2fs_allocate_data_block() + - f2fs: ro: compress: fix to avoid caching unaligned extent + - RDMA/mana_ib: Fix bug in creation of dma regions + - RDMA/mana_ib: Introduce mdev_to_gc helper function + - RDMA/mana_ib: Introduce mana_ib_get_netdev helper function + - RDMA/mana_ib: Introduce mana_ib_install_cq_cb helper function + - RDMA/mana_ib: Use virtual address in dma regions for MRs + - Input: iqs7222 - add support for IQS7222D v1.1 and v1.2 + - NFS: Fix nfs_netfs_issue_read() xarray locking for writeback interrupt + - NFS: Fix an off by one in root_nfs_cat() + - NFSv4.1/pnfs: fix NFS with TLS in pnfs + - ACPI: HMAT: Remove register of memory node for generic target + - f2fs: compress: relocate some judgments in f2fs_reserve_compress_blocks + - f2fs: compress: fix reserve_cblocks counting error when out of space + - f2fs: fix to truncate meta inode pages forcely + - f2fs: zone: fix to remove pow2 check condition for zoned block device + - cxl: Fix the incorrect assignment of SSLBIS entry pointer initial location + - perf/x86/amd/core: Avoid register reset when CPU is dead + - afs: Revert "afs: Hide silly-rename files from userspace" + - afs: Don't cache preferred address + - afs: Fix occasional rmdir-then-VNOVNODE with generic/011 + - f2fs: fix to avoid use-after-free issue in f2fs_filemap_fault + - nfs: fix panic when nfs4_ff_layout_prepare_ds() fails + - ovl: relax WARN_ON in ovl_verify_area() + - io_uring/net: correct the type of variable + - remoteproc: stm32: Fix incorrect type in assignment for va + - remoteproc: stm32: Fix incorrect type assignment returned by + stm32_rproc_get_loaded_rsc_tablef + - iio: pressure: mprls0025pa fix off-by-one enum + - usb: phy: generic: Get the vbus supply + - tty: vt: fix 20 vs 0x20 typo in EScsiignore + - serial: max310x: fix syntax error in IRQ error message + - tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT + - arm64: dts: broadcom: bcmbca: bcm4908: drop invalid switch cells + - coresight: Fix issue where a source device's helpers aren't disabled + - coresight: etm4x: Set skip_power_up in etm4_init_arch_data function + - xhci: Add interrupt pending autoclear flag to each interrupter + - xhci: make isoc_bei_interval variable interrupter specific. + - xhci: remove unnecessary event_ring_deq parameter from xhci_handle_event() + - xhci: update event ring dequeue pointer position to controller correctly + - coccinelle: device_attr_show: Remove useless expression STR + - kconfig: fix infinite loop when expanding a macro at the end of file + - iio: gts-helper: Fix division loop + - bus: mhi: ep: check the correct variable in mhi_ep_register_controller() + - hwtracing: hisi_ptt: Move type check to the beginning of + hisi_ptt_pmu_event_init() + - rtc: mt6397: select IRQ_DOMAIN instead of depending on it + - rtc: max31335: fix interrupt status reg + - serial: 8250_exar: Don't remove GPIO device on suspend + - staging: greybus: fix get_channel_from_mode() failure path + - mei: vsc: Call wake_up() in the threaded IRQ handler + - mei: vsc: Don't use sleeping condition in wait_event_timeout() + - usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin + - char: xilinx_hwicap: Fix NULL vs IS_ERR() bug + - x86/hyperv: Use per cpu initial stack for vtl context + - ASoC: tlv320adc3xxx: Don't strip remove function when driver is builtin + - thermal/drivers/mediatek/lvts_thermal: Fix a memory leak in an error + handling path + - thermal/drivers/qoriq: Fix getting tmu range + - io_uring: don't save/restore iowait state + - spi: lpspi: Avoid potential use-after-free in probe() + - spi: Restore delays for non-GPIO chip select + - ASoC: rockchip: i2s-tdm: Fix inaccurate sampling rates + - nouveau: reset the bo resource bus info after an eviction + - tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge() + - rds: tcp: Fix use-after-free of net in reqsk_timer_handler(). + - octeontx2-af: Use matching wake_up API variant in CGX command interface + - s390/vtime: fix average steal time calculation + - net/sched: taprio: proper TCA_TAPRIO_TC_ENTRY_INDEX check + - devlink: Fix devlink parallel commands processing + - riscv: Only check online cpus for emulated accesses + - soc: fsl: dpio: fix kcalloc() argument order + - cpufreq: Fix per-policy boost behavior on SoCs using cpufreq_boost_set_sw() + - io_uring: Fix release of pinned pages when __io_uaddr_map fails + - tcp: Fix refcnt handling in __inet_hash_connect(). + - vmxnet3: Fix missing reserved tailroom + - hsr: Fix uninit-value access in hsr_get_node() + - net: txgbe: fix clk_name exceed MAX_DEV_ID limits + - spi: spi-mem: add statistics support to ->exec_op() calls + - spi: Fix error code checking in spi_mem_exec_op() + - nvme: fix reconnection fail due to reserved tag allocation + - drm/xe: Invalidate userptr VMA on page pin fault + - drm/xe: Skip VMAs pin when requesting signal to the last XE_EXEC + - net: mediatek: mtk_eth_soc: clear MAC_MCR_FORCE_LINK only when MAC is up + - net: ethernet: mtk_eth_soc: fix PPE hanging issue + - io_uring: fix poll_remove stalled req completion + - ASoC: SOF: amd: Move signed_fw_image to struct acp_quirk_entry + - ASoC: SOF: amd: Skip IRAM/DRAM size modification for Steam Deck OLED + - riscv: Fix compilation error with FAST_GUP and rv32 + - xen/evtchn: avoid WARN() when unbinding an event channel + - xen/events: increment refcnt only if event channel is refcounted + - packet: annotate data-races around ignore_outgoing + - xfrm: Allow UDP encapsulation only in offload modes + - net: veth: do not manipulate GRO when using XDP + - net: dsa: mt7530: prevent possible incorrect XTAL frequency selection + - spi: spi-imx: fix off-by-one in mx51 CPU mode burst length + - drm: Fix drm_fixp2int_round() making it add 0.5 + - virtio: uapi: Drop __packed attribute in linux/virtio_pci.h + - vdpa_sim: reset must not run + - vdpa/mlx5: Allow CVQ size changes + - virtio: packed: fix unmap leak for indirect desc table + - net: move dev->state into net_device_read_txrx group + - wireguard: receive: annotate data-race around receiving_counter.counter + - rds: introduce acquire/release ordering in acquire/release_in_xmit() + - hsr: Handle failures in module init + - ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels + - nouveau/gsp: don't check devinit disable on GSP. + - ceph: stop copying to iter at EOF on sync reads + - net: phy: fix phy_read_poll_timeout argument type in genphy_loopback + - dm-integrity: fix a memory leak when rechecking the data + - net/bnx2x: Prevent access to a freed page in page_pool + - devlink: fix port new reply cmd type + - octeontx2: Detect the mbox up or down message via register + - octeontx2-pf: Wait till detach_resources msg is complete + - octeontx2-pf: Use default max_active works instead of one + - octeontx2-pf: Send UP messages to VF only when VF is up. + - octeontx2-af: Use separate handlers for interrupts + - drm/amdgpu: add MMHUB 3.3.1 support + - drm/amdgpu: fix mmhub client id out-of-bounds access + - drm/amdgpu: drop setting buffer funcs in sdma442 + - netfilter: nft_set_pipapo: release elements in clone only from destroy path + - netfilter: nf_tables: do not compare internal table flags on updates + - rcu: add a helper to report consolidated flavor QS + - net: report RCU QS on threaded NAPI repolling + - bpf: report RCU QS in cpumap kthread + - net: dsa: mt7530: fix link-local frames that ingress vlan filtering ports + - net: dsa: mt7530: fix handling of all link-local frames + - netfilter: nf_tables: Fix a memory leak in nf_tables_updchain + - spi: spi-mt65xx: Fix NULL pointer access in interrupt handler + - selftests: forwarding: Fix ping failure due to short timeout + - dm io: Support IO priority + - dm-integrity: align the outgoing bio in integrity_recheck + - x86/efistub: Clear decompressor BSS in native EFI entrypoint + - x86/efistub: Don't clear BSS twice in mixed mode + - printk: Adjust mapping for 32bit seq macros + - printk: Use prb_first_seq() as base for 32bit seq macros + - Linux 6.8.2 + - [Config] updateconfig following v6.8.2 import + + * Provide python perf module (LP: #2051560) + - [Packaging] enable perf python module + - [Packaging] provide a wrapper module for python-perf + + * To support AMD Adaptive Backlight Management (ABM) for power profiles daemon + >= 2.0 (LP: #2056716) + - drm/amd/display: add panel_power_savings sysfs entry to eDP connectors + - drm/amdgpu: respect the abmlevel module parameter value if it is set + + * Miscellaneous Ubuntu changes + - [Config] Disable StarFive JH7100 support + - [Config] Disable Renesas RZ/Five support + - [Config] Disable BINFMT_FLAT for riscv64 + + -- Roxana Nicolescu Wed, 01 May 2024 16:02:05 +0200 + +linux (6.8.0-31.31) noble; urgency=medium + + * noble/linux: 6.8.0-31.31 -proposed tracker (LP: #2062933) + + * Packaging resync (LP: #1786013) + - [Packaging] debian.master/dkms-versions -- update from kernel-versions + (main/d2024.04.04) + + -- Andrea Righi Fri, 19 Apr 2024 23:46:38 +0200 + +linux (6.8.0-30.30) noble; urgency=medium + + * noble/linux: 6.8.0-30.30 -proposed tracker (LP: #2061893) + + * System unstable, kernel ring buffer flooded with "BUG: Bad page state in + process swapper/0" (LP: #2056706) + - xen-netfront: Add missing skb_mark_for_recycle + + -- Andrea Righi Tue, 16 Apr 2024 21:17:11 +0200 + +linux (6.8.0-29.29) noble; urgency=medium + + * noble/linux: 6.8.0-29.29 -proposed tracker (LP: #2061888) + + * [24.04 FEAT] [SEC2353] zcrypt: extend error recovery to deal with device + scans (LP: #2050019) + - s390/zcrypt: harmonize debug feature calls and defines + - s390/zcrypt: introduce dynamic debugging for AP and zcrypt code + - s390/pkey: harmonize pkey s390 debug feature calls + - s390/pkey: introduce dynamic debugging for pkey + - s390/ap: add debug possibility for AP messages + - s390/zcrypt: add debug possibility for CCA and EP11 messages + - s390/ap: rearm APQNs bindings complete completion + - s390/ap: clarify AP scan bus related functions and variables + - s390/ap: rework ap_scan_bus() to return true on config change + - s390/ap: introduce mutex to lock the AP bus scan + - s390/zcrypt: introduce retries on in-kernel send CPRB functions + - s390/zcrypt: improve zcrypt retry behavior + - s390/pkey: improve pkey retry behavior + + * [24.04 FEAT] Memory hotplug vmem pages (s390x) (LP: #2051835) + - mm/memory_hotplug: introduce MEM_PREPARE_ONLINE/MEM_FINISH_OFFLINE notifiers + - s390/mm: allocate vmemmap pages from self-contained memory range + - s390/sclp: remove unhandled memory notifier type + - s390/mm: implement MEM_PREPARE_ONLINE/MEM_FINISH_OFFLINE notifiers + - s390: enable MHP_MEMMAP_ON_MEMORY + - [Config] enable CONFIG_ARCH_MHP_MEMMAP_ON_MEMORY_ENABLE and + CONFIG_MHP_MEMMAP_ON_MEMORY for s390x + + -- Paolo Pisati Tue, 16 Apr 2024 20:32:09 +0200 + +linux (6.8.0-28.28) noble; urgency=medium + + * noble/linux: 6.8.0-28.28 -proposed tracker (LP: #2061867) + + * linux-gcp 6.8.0-1005.5 (+ others) Noble kernel regression iwth new apparmor + profiles/features (LP: #2061851) + - SAUCE: apparmor4.0.0 [92/90]: fix address mapping for recvfrom + + -- Paolo Pisati Tue, 16 Apr 2024 18:29:17 +0200 + +linux (6.8.0-25.25) noble; urgency=medium + + * noble/linux: 6.8.0-25.25 -proposed tracker (LP: #2061083) + + * Packaging resync (LP: #1786013) + - [Packaging] debian.master/dkms-versions -- update from kernel-versions + (main/d2024.04.04) + + * Apply mitigations for the native BHI hardware vulnerabilty (LP: #2060909) + - x86/cpufeatures: Add new word for scattered features + - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file + - x86/syscall: Don't force use of indirect calls for system calls + - x86/bhi: Add support for clearing branch history at syscall entry + - x86/bhi: Define SPEC_CTRL_BHI_DIS_S + - x86/bhi: Enumerate Branch History Injection (BHI) bug + - x86/bhi: Add BHI mitigation knob + - x86/bhi: Mitigate KVM by default + - KVM: x86: Add BHI_NO + - x86: set SPECTRE_BHI_ON as default + - [Config] enable spectre_bhi=auto by default + + * update apparmor and LSM stacking patch set (LP: #2028253) + - SAUCE: apparmor4.0.0 [01/90]: LSM stacking v39: integrity: disassociate + ima_filter_rule from security_audit_rule + - SAUCE: apparmor4.0.0 [02/90]: LSM stacking v39: SM: Infrastructure + management of the sock security + - SAUCE: apparmor4.0.0 [03/90]: LSM stacking v39: LSM: Add the lsmblob data + structure. + - SAUCE: apparmor4.0.0 [04/90]: LSM stacking v39: IMA: avoid label collisions + with stacked LSMs + - SAUCE: apparmor4.0.0 [05/90]: LSM stacking v39: LSM: Use lsmblob in + security_audit_rule_match + - SAUCE: apparmor4.0.0 [06/90]: LSM stacking v39: LSM: Add lsmblob_to_secctx + hook + - SAUCE: apparmor4.0.0 [07/90]: LSM stacking v39: Audit: maintain an lsmblob + in audit_context + - SAUCE: apparmor4.0.0 [08/90]: LSM stacking v39: LSM: Use lsmblob in + security_ipc_getsecid + - SAUCE: apparmor4.0.0 [09/90]: LSM stacking v39: Audit: Update shutdown LSM + data + - SAUCE: apparmor4.0.0 [10/90]: LSM stacking v39: LSM: Use lsmblob in + security_current_getsecid + - SAUCE: apparmor4.0.0 [11/90]: LSM stacking v39: LSM: Use lsmblob in + security_inode_getsecid + - SAUCE: apparmor4.0.0 [12/90]: LSM stacking v39: Audit: use an lsmblob in + audit_names + - SAUCE: apparmor4.0.0 [13/90]: LSM stacking v39: LSM: Create new + security_cred_getlsmblob LSM hook + - SAUCE: apparmor4.0.0 [14/90]: LSM stacking v39: Audit: Change context data + from secid to lsmblob + - SAUCE: apparmor4.0.0 [15/90]: LSM stacking v39: Netlabel: Use lsmblob for + audit data + - SAUCE: apparmor4.0.0 [16/90]: LSM stacking v39: LSM: Ensure the correct LSM + context releaser + - SAUCE: apparmor4.0.0 [17/90]: LSM stacking v39: LSM: Use lsmcontext in + security_secid_to_secctx + - SAUCE: apparmor4.0.0 [18/90]: LSM stacking v39: LSM: Use lsmcontext in + security_lsmblob_to_secctx + - SAUCE: apparmor4.0.0 [19/90]: LSM stacking v39: LSM: Use lsmcontext in + security_inode_getsecctx + - SAUCE: apparmor4.0.0 [20/90]: LSM stacking v39: LSM: Use lsmcontext in + security_dentry_init_security + - SAUCE: apparmor4.0.0 [21/90]: LSM stacking v39: LSM: + security_lsmblob_to_secctx module selection + - SAUCE: apparmor4.0.0 [22/90]: LSM stacking v39: Audit: Create audit_stamp + structure + - SAUCE: apparmor4.0.0 [23/90]: LSM stacking v39: Audit: Allow multiple + records in an audit_buffer + - SAUCE: apparmor4.0.0 [24/90]: LSM stacking v39: Audit: Add record for + multiple task security contexts + - SAUCE: apparmor4.0.0 [25/90]: LSM stacking v39: audit: multiple subject lsm + values for netlabel + - SAUCE: apparmor4.0.0 [26/90]: LSM stacking v39: Audit: Add record for + multiple object contexts + - SAUCE: apparmor4.0.0 [27/90]: LSM stacking v39: LSM: Remove unused + lsmcontext_init() + - SAUCE: apparmor4.0.0 [28/90]: LSM stacking v39: LSM: Improve logic in + security_getprocattr + - SAUCE: apparmor4.0.0 [29/90]: LSM stacking v39: LSM: secctx provider check + on release + - SAUCE: apparmor4.0.0 [31/90]: LSM stacking v39: LSM: Exclusive secmark usage + - SAUCE: apparmor4.0.0 [32/90]: LSM stacking v39: LSM: Identify which LSM + handles the context string + - SAUCE: apparmor4.0.0 [33/90]: LSM stacking v39: AppArmor: Remove the + exclusive flag + - SAUCE: apparmor4.0.0 [34/90]: LSM stacking v39: LSM: Add mount opts blob + size tracking + - SAUCE: apparmor4.0.0 [35/90]: LSM stacking v39: LSM: allocate mnt_opts blobs + instead of module specific data + - SAUCE: apparmor4.0.0 [36/90]: LSM stacking v39: LSM: Infrastructure + management of the key security blob + - SAUCE: apparmor4.0.0 [37/90]: LSM stacking v39: LSM: Infrastructure + management of the mnt_opts security blob + - SAUCE: apparmor4.0.0 [38/90]: LSM stacking v39: LSM: Correct handling of + ENOSYS in inode_setxattr + - SAUCE: apparmor4.0.0 [39/90]: LSM stacking v39: LSM: Remove lsmblob + scaffolding + - SAUCE: apparmor4.0.0 [40/90]: LSM stacking v39: LSM: Allow reservation of + netlabel + - SAUCE: apparmor4.0.0 [41/90]: LSM stacking v39: LSM: restrict + security_cred_getsecid() to a single LSM + - SAUCE: apparmor4.0.0 [42/90]: LSM stacking v39: Smack: Remove + LSM_FLAG_EXCLUSIVE + - SAUCE: apparmor4.0.0 [43/90]: LSM stacking v39: UBUNTU: SAUCE: apparmor4.0.0 + [12/95]: add/use fns to print hash string hex value + - SAUCE: apparmor4.0.0 [44/90]: patch to provide compatibility with v2.x net + rules + - SAUCE: apparmor4.0.0 [45/90]: add unpriviled user ns mediation + - SAUCE: apparmor4.0.0 [46/90]: Add sysctls for additional controls of unpriv + userns restrictions + - SAUCE: apparmor4.0.0 [47/90]: af_unix mediation + - SAUCE: apparmor4.0.0 [48/90]: Add fine grained mediation of posix mqueues + - SAUCE: apparmor4.0.0 [49/90]: setup slab cache for audit data + - SAUCE: apparmor4.0.0 [50/90]: Improve debug print infrastructure + - SAUCE: apparmor4.0.0 [51/90]: add the ability for profiles to have a + learning cache + - SAUCE: apparmor4.0.0 [52/90]: enable userspace upcall for mediation + - SAUCE: apparmor4.0.0 [53/90]: prompt - lock down prompt interface + - SAUCE: apparmor4.0.0 [54/90]: prompt - allow controlling of caching of a + prompt response + - SAUCE: apparmor4.0.0 [55/90]: prompt - add refcount to audit_node in prep or + reuse and delete + - SAUCE: apparmor4.0.0 [56/90]: prompt - refactor to moving caching to + uresponse + - SAUCE: apparmor4.0.0 [57/90]: prompt - Improve debug statements + - SAUCE: apparmor4.0.0 [58/90]: prompt - fix caching + - SAUCE: apparmor4.0.0 [59/90]: prompt - rework build to use append fn, to + simplify adding strings + - SAUCE: apparmor4.0.0 [60/90]: prompt - refcount notifications + - SAUCE: apparmor4.0.0 [61/90]: prompt - add the ability to reply with a + profile name + - SAUCE: apparmor4.0.0 [62/90]: prompt - fix notification cache when updating + - SAUCE: apparmor4.0.0 [63/90]: prompt - add tailglob on name for cache + support + - SAUCE: apparmor4.0.0 [64/90]: prompt - allow profiles to set prompts as + interruptible + - SAUCE: apparmor4.0.0 [65/90] v6.8 prompt:fixup interruptible + - SAUCE: apparmor4.0.0 [69/90]: add io_uring mediation + - SAUCE: apparmor4.0.0 [70/90]: apparmor: fix oops when racing to retrieve + notification + - SAUCE: apparmor4.0.0 [71/90]: apparmor: fix notification header size + - SAUCE: apparmor4.0.0 [72/90]: apparmor: fix request field from a prompt + reply that denies all access + - SAUCE: apparmor4.0.0 [73/90]: apparmor: open userns related sysctl so lxc + can check if restriction are in place + - SAUCE: apparmor4.0.0 [74/90]: apparmor: cleanup attachment perm lookup to + use lookup_perms() + - SAUCE: apparmor4.0.0 [75/90]: apparmor: remove redundant unconfined check. + - SAUCE: apparmor4.0.0 [76/90]: apparmor: switch signal mediation to using + RULE_MEDIATES + - SAUCE: apparmor4.0.0 [77/90]: apparmor: ensure labels with more than one + entry have correct flags + - SAUCE: apparmor4.0.0 [78/90]: apparmor: remove explicit restriction that + unconfined cannot use change_hat + - SAUCE: apparmor4.0.0 [79/90]: apparmor: cleanup: refactor file_perm() to + provide semantics of some checks + - SAUCE: apparmor4.0.0 [80/90]: apparmor: carry mediation check on label + - SAUCE: apparmor4.0.0 [81/90]: apparmor: convert easy uses of unconfined() to + label_mediates() + - SAUCE: apparmor4.0.0 [82/90]: apparmor: add additional flags to extended + permission. + - SAUCE: apparmor4.0.0 [83/90]: apparmor: add support for profiles to define + the kill signal + - SAUCE: apparmor4.0.0 [84/90]: apparmor: fix x_table_lookup when stacking is + not the first entry + - SAUCE: apparmor4.0.0 [85/90]: apparmor: allow profile to be transitioned + when a user ns is created + - SAUCE: apparmor4.0.0 [86/90]: apparmor: add ability to mediate caps with + policy state machine + - SAUCE: apparmor4.0.0 [87/90]: fixup notify + - SAUCE: apparmor4.0.0 [88/90]: apparmor: add fine grained ipv4/ipv6 mediation + - SAUCE: apparmor4.0.0 [89/90]:apparmor: disable tailglob responses for now + - SAUCE: apparmor4.0.0 [90/90]: apparmor: Fix notify build warnings + - SAUCE: apparmor4.0.0: fix reserved mem for when we save ipv6 addresses + - [Config] disable CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS + + * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe] + apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in mantic + (LP: #2032602) + - SAUCE: apparmor4.0.0 [66/90]: prompt - add support for advanced filtering of + notifications + - SAUCE: apparmor4.0.0 [67/90]: userns - add the ability to reference a global + variable for a feature value + - SAUCE: apparmor4.0.0 [68/90]: userns - make it so special unconfined + profiles can mediate user namespaces + + * [MTL] x86: Fix Cache info sysfs is not populated (LP: #2049793) + - SAUCE: cacheinfo: Check for null last-level cache info + - SAUCE: cacheinfo: Allocate memory for memory if not done from the primary + CPU + - SAUCE: x86/cacheinfo: Delete global num_cache_leaves + - SAUCE: x86/cacheinfo: Clean out init_cache_level() + + * Miscellaneous Ubuntu changes + - SAUCE: apparmor4.0.0: LSM stacking v39: fix build error with + CONFIG_SECURITY=n + - [Config] toolchain version update + + -- Paolo Pisati Fri, 12 Apr 2024 10:42:33 +0200 + +linux (6.8.0-22.22) noble; urgency=medium + + * noble/linux: 6.8.0-22.22 -proposed tracker (LP: #2060238) + + -- Andrea Righi Thu, 04 Apr 2024 23:00:49 +0200 + +linux (6.8.0-21.21) noble; urgency=medium + + * noble/linux: 6.8.0-21.21 -proposed tracker (LP: #2060225) + + * Miscellaneous Ubuntu changes + - [Config] update toolchain version in annotations + + -- Andrea Righi Thu, 04 Apr 2024 22:20:27 +0200 + +linux (6.8.0-20.20) noble; urgency=medium + + * noble/linux: 6.8.0-20.20 -proposed tracker (LP: #2058221) + + * Noble update: v6.8.1 upstream stable release (LP: #2058224) + - x86/mmio: Disable KVM mitigation when X86_FEATURE_CLEAR_CPU_BUF is set + - Documentation/hw-vuln: Add documentation for RFDS + - x86/rfds: Mitigate Register File Data Sampling (RFDS) + - KVM/x86: Export RFDS_NO and RFDS_CLEAR to guests + - Linux 6.8.1 + + * Autopkgtest failures on amd64 (LP: #2048768) + - [Packaging] update to clang-18 + + * Miscellaneous Ubuntu changes + - SAUCE: apparmor4.0.0: LSM stacking v39: fix build error with + CONFIG_SECURITY=n + - [Config] amd64: MITIGATION_RFDS=y + + -- Paolo Pisati Mon, 18 Mar 2024 11:08:14 +0100 + +linux (6.8.0-19.19) noble; urgency=medium + + * noble/linux: 6.8.0-19.19 -proposed tracker (LP: #2057910) + + * Miscellaneous Ubuntu changes + - [Packaging] re-introduce linux-doc as an empty package + + -- Paolo Pisati Thu, 14 Mar 2024 14:36:14 +0100 + +linux (6.8.0-18.18) noble; urgency=medium + + * noble/linux: 6.8.0-18.18 -proposed tracker (LP: #2057456) + + * Miscellaneous Ubuntu changes + - [Packaging] drop dependency on libclang-17 + + -- Paolo Pisati Tue, 12 Mar 2024 14:44:13 +0100 + +linux (6.8.0-17.17) noble; urgency=medium + + * noble/linux: 6.8.0-17.17 -proposed tracker (LP: #2056745) + + * Miscellaneous upstream changes + - Revert "UBUNTU: [Packaging] Add debian/control sanity check" + + -- Paolo Pisati Mon, 11 Mar 2024 12:46:38 +0100 + +linux (6.8.0-16.16) noble; urgency=medium + + * noble/linux: 6.8.0-16.16 -proposed tracker (LP: #2056738) + + * left-over ceph debugging printks (LP: #2056616) + - Revert "UBUNTU: SAUCE: ceph: make sure all the files successfully put before + unmounting" + + * qat: Improve error recovery flows (LP: #2056354) + - crypto: qat - add heartbeat error simulator + - crypto: qat - disable arbitration before reset + - crypto: qat - update PFVF protocol for recovery + - crypto: qat - re-enable sriov after pf reset + - crypto: qat - add fatal error notification + - crypto: qat - add auto reset on error + - crypto: qat - limit heartbeat notifications + - crypto: qat - improve aer error reset handling + - crypto: qat - change SLAs cleanup flow at shutdown + - crypto: qat - resolve race condition during AER recovery + - Documentation: qat: fix auto_reset section + + * update apparmor and LSM stacking patch set (LP: #2028253) + - SAUCE: apparmor4.0.0 [01/87]: LSM stacking v39: integrity: disassociate + ima_filter_rule from security_audit_rule + - SAUCE: apparmor4.0.0 [02/87]: LSM stacking v39: SM: Infrastructure + management of the sock security + - SAUCE: apparmor4.0.0 [03/87]: LSM stacking v39: LSM: Add the lsmblob data + structure. + - SAUCE: apparmor4.0.0 [04/87]: LSM stacking v39: IMA: avoid label collisions + with stacked LSMs + - SAUCE: apparmor4.0.0 [05/87]: LSM stacking v39: LSM: Use lsmblob in + security_audit_rule_match + - SAUCE: apparmor4.0.0 [06/87]: LSM stacking v39: LSM: Add lsmblob_to_secctx + hook + - SAUCE: apparmor4.0.0 [07/87]: LSM stacking v39: Audit: maintain an lsmblob + in audit_context + - SAUCE: apparmor4.0.0 [08/87]: LSM stacking v39: LSM: Use lsmblob in + security_ipc_getsecid + - SAUCE: apparmor4.0.0 [09/87]: LSM stacking v39: Audit: Update shutdown LSM + data + - SAUCE: apparmor4.0.0 [10/87]: LSM stacking v39: LSM: Use lsmblob in + security_current_getsecid + - SAUCE: apparmor4.0.0 [11/87]: LSM stacking v39: LSM: Use lsmblob in + security_inode_getsecid + - SAUCE: apparmor4.0.0 [12/87]: LSM stacking v39: Audit: use an lsmblob in + audit_names + - SAUCE: apparmor4.0.0 [13/87]: LSM stacking v39: LSM: Create new + security_cred_getlsmblob LSM hook + - SAUCE: apparmor4.0.0 [14/87]: LSM stacking v39: Audit: Change context data + from secid to lsmblob + - SAUCE: apparmor4.0.0 [15/87]: LSM stacking v39: Netlabel: Use lsmblob for + audit data + - SAUCE: apparmor4.0.0 [16/87]: LSM stacking v39: LSM: Ensure the correct LSM + context releaser + - SAUCE: apparmor4.0.0 [17/87]: LSM stacking v39: LSM: Use lsmcontext in + security_secid_to_secctx + - SAUCE: apparmor4.0.0 [18/87]: LSM stacking v39: LSM: Use lsmcontext in + security_lsmblob_to_secctx + - SAUCE: apparmor4.0.0 [19/87]: LSM stacking v39: LSM: Use lsmcontext in + security_inode_getsecctx + - SAUCE: apparmor4.0.0 [20/87]: LSM stacking v39: LSM: Use lsmcontext in + security_dentry_init_security + - SAUCE: apparmor4.0.0 [21/87]: LSM stacking v39: LSM: + security_lsmblob_to_secctx module selection + - SAUCE: apparmor4.0.0 [22/87]: LSM stacking v39: Audit: Create audit_stamp + structure + - SAUCE: apparmor4.0.0 [23/87]: LSM stacking v39: Audit: Allow multiple + records in an audit_buffer + - SAUCE: apparmor4.0.0 [24/87]: LSM stacking v39: Audit: Add record for + multiple task security contexts + - SAUCE: apparmor4.0.0 [25/87]: LSM stacking v39: audit: multiple subject lsm + values for netlabel + - SAUCE: apparmor4.0.0 [26/87]: LSM stacking v39: Audit: Add record for + multiple object contexts + - SAUCE: apparmor4.0.0 [27/87]: LSM stacking v39: LSM: Remove unused + lsmcontext_init() + - SAUCE: apparmor4.0.0 [28/87]: LSM stacking v39: LSM: Improve logic in + security_getprocattr + - SAUCE: apparmor4.0.0 [29/87]: LSM stacking v39: LSM: secctx provider check + on release + - SAUCE: apparmor4.0.0 [31/87]: LSM stacking v39: LSM: Exclusive secmark usage + - SAUCE: apparmor4.0.0 [32/87]: LSM stacking v39: LSM: Identify which LSM + handles the context string + - SAUCE: apparmor4.0.0 [33/87]: LSM stacking v39: AppArmor: Remove the + exclusive flag + - SAUCE: apparmor4.0.0 [34/87]: LSM stacking v39: LSM: Add mount opts blob + size tracking + - SAUCE: apparmor4.0.0 [35/87]: LSM stacking v39: LSM: allocate mnt_opts blobs + instead of module specific data + - SAUCE: apparmor4.0.0 [36/87]: LSM stacking v39: LSM: Infrastructure + management of the key security blob + - SAUCE: apparmor4.0.0 [37/87]: LSM stacking v39: LSM: Infrastructure + management of the mnt_opts security blob + - SAUCE: apparmor4.0.0 [38/87]: LSM stacking v39: LSM: Correct handling of + ENOSYS in inode_setxattr + - SAUCE: apparmor4.0.0 [39/87]: LSM stacking v39: LSM: Remove lsmblob + scaffolding + - SAUCE: apparmor4.0.0 [40/87]: LSM stacking v39: LSM: Allow reservation of + netlabel + - SAUCE: apparmor4.0.0 [41/87]: LSM stacking v39: LSM: restrict + security_cred_getsecid() to a single LSM + - SAUCE: apparmor4.0.0 [42/87]: LSM stacking v39: Smack: Remove + LSM_FLAG_EXCLUSIVE + - SAUCE: apparmor4.0.0 [43/87]: LSM stacking v39: UBUNTU: SAUCE: apparmor4.0.0 + [12/95]: add/use fns to print hash string hex value + - SAUCE: apparmor4.0.0 [44/87]: patch to provide compatibility with v2.x net + rules + - SAUCE: apparmor4.0.0 [45/87]: add unpriviled user ns mediation + - SAUCE: apparmor4.0.0 [46/87]: Add sysctls for additional controls of unpriv + userns restrictions + - SAUCE: apparmor4.0.0 [47/87]: af_unix mediation + - SAUCE: apparmor4.0.0 [48/87]: Add fine grained mediation of posix mqueues + - SAUCE: apparmor4.0.0 [49/87]: setup slab cache for audit data + - SAUCE: apparmor4.0.0 [50/87]: Improve debug print infrastructure + - SAUCE: apparmor4.0.0 [51/87]: add the ability for profiles to have a + learning cache + - SAUCE: apparmor4.0.0 [52/87]: enable userspace upcall for mediation + - SAUCE: apparmor4.0.0 [53/87]: prompt - lock down prompt interface + - SAUCE: apparmor4.0.0 [54/87]: prompt - allow controlling of caching of a + prompt response + - SAUCE: apparmor4.0.0 [55/87]: prompt - add refcount to audit_node in prep or + reuse and delete + - SAUCE: apparmor4.0.0 [56/87]: prompt - refactor to moving caching to + uresponse + - SAUCE: apparmor4.0.0 [57/87]: prompt - Improve debug statements + - SAUCE: apparmor4.0.0 [58/87]: prompt - fix caching + - SAUCE: apparmor4.0.0 [59/87]: prompt - rework build to use append fn, to + simplify adding strings + - SAUCE: apparmor4.0.0 [60/87]: prompt - refcount notifications + - SAUCE: apparmor4.0.0 [61/87]: prompt - add the ability to reply with a + profile name + - SAUCE: apparmor4.0.0 [62/87]: prompt - fix notification cache when updating + - SAUCE: apparmor4.0.0 [63/87]: prompt - add tailglob on name for cache + support + - SAUCE: apparmor4.0.0 [64/87]: prompt - allow profiles to set prompts as + interruptible + - SAUCE: apparmor4.0.0 [65/87] v6.8 prompt:fixup interruptible + - SAUCE: apparmor4.0.0 [69/87]: add io_uring mediation + - SAUCE: apparmor4.0.0 [70/87]: apparmor: fix oops when racing to retrieve + notification + - SAUCE: apparmor4.0.0 [71/87]: apparmor: fix notification header size + - SAUCE: apparmor4.0.0 [72/87]: apparmor: fix request field from a prompt + reply that denies all access + - SAUCE: apparmor4.0.0 [73/87]: apparmor: open userns related sysctl so lxc + can check if restriction are in place + - SAUCE: apparmor4.0.0 [74/87]: apparmor: cleanup attachment perm lookup to + use lookup_perms() + - SAUCE: apparmor4.0.0 [75/87]: apparmor: remove redundant unconfined check. + - SAUCE: apparmor4.0.0 [76/87]: apparmor: switch signal mediation to using + RULE_MEDIATES + - SAUCE: apparmor4.0.0 [77/87]: apparmor: ensure labels with more than one + entry have correct flags + - SAUCE: apparmor4.0.0 [78/87]: apparmor: remove explicit restriction that + unconfined cannot use change_hat + - SAUCE: apparmor4.0.0 [79/87]: apparmor: cleanup: refactor file_perm() to + provide semantics of some checks + - SAUCE: apparmor4.0.0 [80/87]: apparmor: carry mediation check on label + - SAUCE: apparmor4.0.0 [81/87]: apparmor: convert easy uses of unconfined() to + label_mediates() + - SAUCE: apparmor4.0.0 [82/87]: apparmor: add additional flags to extended + permission. + - SAUCE: apparmor4.0.0 [83/87]: apparmor: add support for profiles to define + the kill signal + - SAUCE: apparmor4.0.0 [84/87]: apparmor: fix x_table_lookup when stacking is + not the first entry + - SAUCE: apparmor4.0.0 [85/87]: apparmor: allow profile to be transitioned + when a user ns is created + - SAUCE: apparmor4.0.0 [86/87]: apparmor: add ability to mediate caps with + policy state machine + - SAUCE: apparmor4.0.0 [87/87]: fixup notify + - [Config] disable CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS + + * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe] + apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in mantic + (LP: #2032602) + - SAUCE: apparmor4.0.0 [66/87]: prompt - add support for advanced filtering of + notifications + - SAUCE: apparmor4.0.0 [67/87]: userns - add the ability to reference a global + variable for a feature value + - SAUCE: apparmor4.0.0 [68/87]: userns - make it so special unconfined + profiles can mediate user namespaces + + * Enable lowlatency settings in the generic kernel (LP: #2051342) + - [Config] enable low-latency settings + + * hwmon: (coretemp) Fix core count limitation (LP: #2056126) + - hwmon: (coretemp) Introduce enum for attr index + - hwmon: (coretemp) Remove unnecessary dependency of array index + - hwmon: (coretemp) Replace sensor_device_attribute with device_attribute + - hwmon: (coretemp) Remove redundant pdata->cpu_map[] + - hwmon: (coretemp) Abstract core_temp helpers + - hwmon: (coretemp) Split package temp_data and core temp_data + - hwmon: (coretemp) Remove redundant temp_data->is_pkg_data + - hwmon: (coretemp) Use dynamic allocated memory for core temp_data + + * Miscellaneous Ubuntu changes + - [Config] Disable CONFIG_CRYPTO_DEV_QAT_ERROR_INJECTION + - [Packaging] remove debian/scripts/misc/arch-has-odm-enabled.sh + - rebase on v6.8 + - [Config] toolchain version update + + * Miscellaneous upstream changes + - crypto: qat - add fatal error notify method + + * Rebase on v6.8 + + -- Paolo Pisati Mon, 11 Mar 2024 10:14:10 +0100 + +linux (6.8.0-15.15) noble; urgency=medium + + * noble/linux: 6.8.0-15.15 -proposed tracker (LP: #2055871) + + * Miscellaneous Ubuntu changes + - rebase on v6.8-rc7 + + * Miscellaneous upstream changes + - Revert "UBUNTU: [Packaging] Transition laptop-23.10 to generic" + + * Rebase on v6.8-rc7 + + -- Paolo Pisati Mon, 04 Mar 2024 11:50:51 +0100 + +linux (6.8.0-14.14) noble; urgency=medium + + * noble/linux: 6.8.0-14.14 -proposed tracker (LP: #2055551) + + * Please change CONFIG_CONSOLE_LOGLEVEL_QUIET to 3 (LP: #2049390) + - [Config] reduce verbosity when booting in quiet mode + + * linux: please move erofs.ko (CONFIG_EROFS for EROFS support) from linux- + modules-extra to linux-modules (LP: #2054809) + - UBUNTU [Packaging]: Include erofs in linux-modules instead of linux-modules- + extra + + * linux: please move dmi-sysfs.ko (CONFIG_DMI_SYSFS for SMBIOS support) from + linux-modules-extra to linux-modules (LP: #2045561) + - [Packaging] Move dmi-sysfs.ko into linux-modules + + * Enable CONFIG_INTEL_IOMMU_DEFAULT_ON and + CONFIG_INTEL_IOMMU_SCALABLE_MODE_DEFAULT_ON (LP: #1951440) + - [Config] enable Intel DMA remapping by default + + * disable Intel DMA remapping by default (LP: #1971699) + - [Config] update tracking bug for CONFIG_INTEL_IOMMU_DEFAULT_ON + + * Packaging resync (LP: #1786013) + - debian.master/dkms-versions -- update from kernel-versions + (main/d2024.02.29) + + * Miscellaneous Ubuntu changes + - SAUCE: modpost: Replace 0-length array with flex-array member + - [packaging] do not include debian/ directory in a binary package + - [packaging] remove debian/stamps/keep-dir + + -- Paolo Pisati Fri, 01 Mar 2024 11:45:12 +0100 + +linux (6.8.0-13.13) noble; urgency=medium + + * noble/linux: 6.8.0-13.13 -proposed tracker (LP: #2055421) + + * Packaging resync (LP: #1786013) + - debian.master/dkms-versions -- update from kernel-versions + (main/d2024.02.29) + + * Miscellaneous Ubuntu changes + - rebase on v6.8-rc6 + - [Config] updateconfifs following v6.8-rc6 rebase + + * Rebase on v6.8-rc6 + + -- Paolo Pisati Thu, 29 Feb 2024 15:02:24 +0100 + +linux (6.8.0-12.12) noble; urgency=medium + + * linux-tools-common: man page of usbip[d] is misplaced (LP: #2054094) + - [Packaging] rules: Put usbip manpages in the correct directory + + * Validate connection interval to pass Bluetooth Test Suite (LP: #2052005) + - Bluetooth: Enforce validation on max value of connection interval + + * Turning COMPAT_32BIT_TIME off on s390x (LP: #2038583) + - [Config] Turn off 31-bit COMPAT on s390x + + * Don't produce linux-source binary package (LP: #2043994) + - [Packaging] Add debian/control sanity check + + * Don't produce linux-*-source- package (LP: #2052439) + - [Packaging] Move linux-source package stub to debian/control.d + - [Packaging] Build linux-source package only for the main kernel + + * Don't produce linux-*-cloud-tools-common, linux-*-tools-common and + linux-*-tools-host binary packages (LP: #2048183) + - [Packaging] Move indep tools package stubs to debian/control.d + - [Packaging] Build indep tools packages only for the main kernel + + * Enable CONFIG_INTEL_IOMMU_DEFAULT_ON and + CONFIG_INTEL_IOMMU_SCALABLE_MODE_DEFAULT_ON (LP: #1951440) + - [Config] enable Intel DMA remapping by default + + * disable Intel DMA remapping by default (LP: #1971699) + - [Config] update tracking bug for CONFIG_INTEL_IOMMU_DEFAULT_ON + + * Miscellaneous Ubuntu changes + - [Packaging] Transition laptop-23.10 to generic + + -- Paolo Pisati Thu, 22 Feb 2024 14:31:00 +0100 + +linux (6.8.0-11.11) noble; urgency=medium + + * noble/linux: 6.8.0-11.11 -proposed tracker (LP: #2053094) + + * Miscellaneous Ubuntu changes + - [Packaging] riscv64: disable building unnecessary binary debs + + -- Paolo Pisati Wed, 14 Feb 2024 00:04:31 +0100 + +linux (6.8.0-10.10) noble; urgency=medium + + * noble/linux: 6.8.0-10.10 -proposed tracker (LP: #2053015) + + * Miscellaneous Ubuntu changes + - [Packaging] add Rust build-deps for riscv64 + + * Miscellaneous upstream changes + - Revert "Revert "UBUNTU: [Packaging] temporarily disable Rust dependencies on + riscv64"" + + -- Paolo Pisati Tue, 13 Feb 2024 13:23:47 +0100 + +linux (6.8.0-9.9) noble; urgency=medium + + * noble/linux: 6.8.0-9.9 -proposed tracker (LP: #2052945) + + * Miscellaneous upstream changes + - Revert "UBUNTU: [Packaging] temporarily disable Rust dependencies on + riscv64" + + -- Paolo Pisati Mon, 12 Feb 2024 15:49:20 +0100 + +linux (6.8.0-8.8) noble; urgency=medium + + * noble/linux: 6.8.0-8.8 -proposed tracker (LP: #2052918) + + * Miscellaneous Ubuntu changes + - [Packaging] riscv64: enable linux-libc-dev build + - v6.8-rc4 rebase + + * Rebase on v6.8-rc4 + + -- Paolo Pisati Mon, 12 Feb 2024 10:13:34 +0100 + +linux (6.8.0-7.7) noble; urgency=medium + + * noble/linux: 6.8.0-7.7 -proposed tracker (LP: #2052691) + + * update apparmor and LSM stacking patch set (LP: #2028253) + - SAUCE: apparmor4.0.0 [01/87]: LSM stacking v39: integrity: disassociate + ima_filter_rule from security_audit_rule + - SAUCE: apparmor4.0.0 [02/87]: LSM stacking v39: SM: Infrastructure + management of the sock security + - SAUCE: apparmor4.0.0 [03/87]: LSM stacking v39: LSM: Add the lsmblob data + structure. + - SAUCE: apparmor4.0.0 [04/87]: LSM stacking v39: IMA: avoid label collisions + with stacked LSMs + - SAUCE: apparmor4.0.0 [05/87]: LSM stacking v39: LSM: Use lsmblob in + security_audit_rule_match + - SAUCE: apparmor4.0.0 [06/87]: LSM stacking v39: LSM: Add lsmblob_to_secctx + hook + - SAUCE: apparmor4.0.0 [07/87]: LSM stacking v39: Audit: maintain an lsmblob + in audit_context + - SAUCE: apparmor4.0.0 [08/87]: LSM stacking v39: LSM: Use lsmblob in + security_ipc_getsecid + - SAUCE: apparmor4.0.0 [09/87]: LSM stacking v39: Audit: Update shutdown LSM + data + - SAUCE: apparmor4.0.0 [10/87]: LSM stacking v39: LSM: Use lsmblob in + security_current_getsecid + - SAUCE: apparmor4.0.0 [11/87]: LSM stacking v39: LSM: Use lsmblob in + security_inode_getsecid + - SAUCE: apparmor4.0.0 [12/87]: LSM stacking v39: Audit: use an lsmblob in + audit_names + - SAUCE: apparmor4.0.0 [13/87]: LSM stacking v39: LSM: Create new + security_cred_getlsmblob LSM hook + - SAUCE: apparmor4.0.0 [14/87]: LSM stacking v39: Audit: Change context data + from secid to lsmblob + - SAUCE: apparmor4.0.0 [15/87]: LSM stacking v39: Netlabel: Use lsmblob for + audit data + - SAUCE: apparmor4.0.0 [16/87]: LSM stacking v39: LSM: Ensure the correct LSM + context releaser + - SAUCE: apparmor4.0.0 [17/87]: LSM stacking v39: LSM: Use lsmcontext in + security_secid_to_secctx + - SAUCE: apparmor4.0.0 [18/87]: LSM stacking v39: LSM: Use lsmcontext in + security_lsmblob_to_secctx + - SAUCE: apparmor4.0.0 [19/87]: LSM stacking v39: LSM: Use lsmcontext in + security_inode_getsecctx + - SAUCE: apparmor4.0.0 [20/87]: LSM stacking v39: LSM: Use lsmcontext in + security_dentry_init_security + - SAUCE: apparmor4.0.0 [21/87]: LSM stacking v39: LSM: + security_lsmblob_to_secctx module selection + - SAUCE: apparmor4.0.0 [22/87]: LSM stacking v39: Audit: Create audit_stamp + structure + - SAUCE: apparmor4.0.0 [23/87]: LSM stacking v39: Audit: Allow multiple + records in an audit_buffer + - SAUCE: apparmor4.0.0 [24/87]: LSM stacking v39: Audit: Add record for + multiple task security contexts + - SAUCE: apparmor4.0.0 [25/87]: LSM stacking v39: audit: multiple subject lsm + values for netlabel + - SAUCE: apparmor4.0.0 [26/87]: LSM stacking v39: Audit: Add record for + multiple object contexts + - SAUCE: apparmor4.0.0 [27/87]: LSM stacking v39: LSM: Remove unused + lsmcontext_init() + - SAUCE: apparmor4.0.0 [28/87]: LSM stacking v39: LSM: Improve logic in + security_getprocattr + - SAUCE: apparmor4.0.0 [29/87]: LSM stacking v39: LSM: secctx provider check + on release + - SAUCE: apparmor4.0.0 [31/87]: LSM stacking v39: LSM: Exclusive secmark usage + - SAUCE: apparmor4.0.0 [32/87]: LSM stacking v39: LSM: Identify which LSM + handles the context string + - SAUCE: apparmor4.0.0 [33/87]: LSM stacking v39: AppArmor: Remove the + exclusive flag + - SAUCE: apparmor4.0.0 [34/87]: LSM stacking v39: LSM: Add mount opts blob + size tracking + - SAUCE: apparmor4.0.0 [35/87]: LSM stacking v39: LSM: allocate mnt_opts blobs + instead of module specific data + - SAUCE: apparmor4.0.0 [36/87]: LSM stacking v39: LSM: Infrastructure + management of the key security blob + - SAUCE: apparmor4.0.0 [37/87]: LSM stacking v39: LSM: Infrastructure + management of the mnt_opts security blob + - SAUCE: apparmor4.0.0 [38/87]: LSM stacking v39: LSM: Correct handling of + ENOSYS in inode_setxattr + - SAUCE: apparmor4.0.0 [39/87]: LSM stacking v39: LSM: Remove lsmblob + scaffolding + - SAUCE: apparmor4.0.0 [40/87]: LSM stacking v39: LSM: Allow reservation of + netlabel + - SAUCE: apparmor4.0.0 [41/87]: LSM stacking v39: LSM: restrict + security_cred_getsecid() to a single LSM + - SAUCE: apparmor4.0.0 [42/87]: LSM stacking v39: Smack: Remove + LSM_FLAG_EXCLUSIVE + - SAUCE: apparmor4.0.0 [43/87]: LSM stacking v39: UBUNTU: SAUCE: apparmor4.0.0 + [12/95]: add/use fns to print hash string hex value + - SAUCE: apparmor4.0.0 [44/87]: patch to provide compatibility with v2.x net + rules + - SAUCE: apparmor4.0.0 [45/87]: add unpriviled user ns mediation + - SAUCE: apparmor4.0.0 [46/87]: Add sysctls for additional controls of unpriv + userns restrictions + - SAUCE: apparmor4.0.0 [47/87]: af_unix mediation + - SAUCE: apparmor4.0.0 [48/87]: Add fine grained mediation of posix mqueues + - SAUCE: apparmor4.0.0 [49/87]: setup slab cache for audit data + - SAUCE: apparmor4.0.0 [50/87]: Improve debug print infrastructure + - SAUCE: apparmor4.0.0 [51/87]: add the ability for profiles to have a + learning cache + - SAUCE: apparmor4.0.0 [52/87]: enable userspace upcall for mediation + - SAUCE: apparmor4.0.0 [53/87]: prompt - lock down prompt interface + - SAUCE: apparmor4.0.0 [54/87]: prompt - allow controlling of caching of a + prompt response + - SAUCE: apparmor4.0.0 [55/87]: prompt - add refcount to audit_node in prep or + reuse and delete + - SAUCE: apparmor4.0.0 [56/87]: prompt - refactor to moving caching to + uresponse + - SAUCE: apparmor4.0.0 [57/87]: prompt - Improve debug statements + - SAUCE: apparmor4.0.0 [58/87]: prompt - fix caching + - SAUCE: apparmor4.0.0 [59/87]: prompt - rework build to use append fn, to + simplify adding strings + - SAUCE: apparmor4.0.0 [60/87]: prompt - refcount notifications + - SAUCE: apparmor4.0.0 [61/87]: prompt - add the ability to reply with a + profile name + - SAUCE: apparmor4.0.0 [62/87]: prompt - fix notification cache when updating + - SAUCE: apparmor4.0.0 [63/87]: prompt - add tailglob on name for cache + support + - SAUCE: apparmor4.0.0 [64/87]: prompt - allow profiles to set prompts as + interruptible + - SAUCE: apparmor4.0.0 [65/87] v6.8 prompt:fixup interruptible + - SAUCE: apparmor4.0.0 [69/87]: add io_uring mediation + - SAUCE: apparmor4.0.0 [70/87]: apparmor: fix oops when racing to retrieve + notification + - SAUCE: apparmor4.0.0 [71/87]: apparmor: fix notification header size + - SAUCE: apparmor4.0.0 [72/87]: apparmor: fix request field from a prompt + reply that denies all access + - SAUCE: apparmor4.0.0 [73/87]: apparmor: open userns related sysctl so lxc + can check if restriction are in place + - SAUCE: apparmor4.0.0 [74/87]: apparmor: cleanup attachment perm lookup to + use lookup_perms() + - SAUCE: apparmor4.0.0 [75/87]: apparmor: remove redundant unconfined check. + - SAUCE: apparmor4.0.0 [76/87]: apparmor: switch signal mediation to using + RULE_MEDIATES + - SAUCE: apparmor4.0.0 [77/87]: apparmor: ensure labels with more than one + entry have correct flags + - SAUCE: apparmor4.0.0 [78/87]: apparmor: remove explicit restriction that + unconfined cannot use change_hat + - SAUCE: apparmor4.0.0 [79/87]: apparmor: cleanup: refactor file_perm() to + provide semantics of some checks + - SAUCE: apparmor4.0.0 [80/87]: apparmor: carry mediation check on label + - SAUCE: apparmor4.0.0 [81/87]: apparmor: convert easy uses of unconfined() to + label_mediates() + - SAUCE: apparmor4.0.0 [82/87]: apparmor: add additional flags to extended + permission. + - SAUCE: apparmor4.0.0 [83/87]: apparmor: add support for profiles to define + the kill signal + - SAUCE: apparmor4.0.0 [84/87]: apparmor: fix x_table_lookup when stacking is + not the first entry + - SAUCE: apparmor4.0.0 [85/87]: apparmor: allow profile to be transitioned + when a user ns is created + - SAUCE: apparmor4.0.0 [86/87]: apparmor: add ability to mediate caps with + policy state machine + - SAUCE: apparmor4.0.0 [87/87]: fixup notify + - [Config] disable CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS + + * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe] + apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in mantic + (LP: #2032602) + - SAUCE: apparmor4.0.0 [66/87]: prompt - add support for advanced filtering of + notifications + - SAUCE: apparmor4.0.0 [67/87]: userns - add the ability to reference a global + variable for a feature value + - SAUCE: apparmor4.0.0 [68/87]: userns - make it so special unconfined + profiles can mediate user namespaces + + -- Paolo Pisati Thu, 08 Feb 2024 12:05:44 +0100 + +linux (6.8.0-6.6) noble; urgency=medium + + * noble/linux: 6.8.0-6.6 -proposed tracker (LP: #2052592) + + * Packaging resync (LP: #1786013) + - debian.master/dkms-versions -- update from kernel-versions + (main/d2024.02.07) + - [Packaging] update variants + + * FIPS kernels should default to fips mode (LP: #2049082) + - SAUCE: Enable fips mode by default, in FIPS kernels only + + * Fix snapcraftyaml.yaml for jammy:linux-raspi (LP: #2051468) + - [Packaging] Remove old snapcraft.yaml + + * Azure: Fix regression introduced in LP: #2045069 (LP: #2052453) + - hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed + + * Miscellaneous Ubuntu changes + - [Packaging] Remove in-tree abi checks + - [Packaging] drop abi files with clean + - [Packaging] Remove do_full_source variable (fixup) + - [Packaging] Remove update-dkms-versions and move dkms-versions + - [Config] updateconfigs following v6.8-rc3 rebase + - [packaging] rename to linux + - [packaging] rebase on v6.8-rc3 + - [packaging] disable signing for ppc64el + + * Rebase on v6.8-rc3 + + -- Paolo Pisati Wed, 07 Feb 2024 15:13:52 +0100 + +linux (6.8.0-5.5) noble; urgency=medium + + * noble/linux-unstable: 6.8.0-5.5 -proposed tracker (LP: #2052136) + + * Miscellaneous upstream changes + - Revert "mm/sparsemem: fix race in accessing memory_section->usage" + + -- Paolo Pisati Fri, 02 Feb 2024 12:59:09 +0100 + +linux-unstable (6.8.0-4.4) noble; urgency=medium + + * noble/linux-unstable: 6.8.0-4.4 -proposed tracker (LP: #2051502) + + * Migrate from fbdev drivers to simpledrm and DRM fbdev emulation layer + (LP: #1965303) + - [Config] enable simpledrm and DRM fbdev emulation layer + + * Miscellaneous Ubuntu changes + - [Config] toolchain update + + * Miscellaneous upstream changes + - rust: upgrade to Rust 1.75.0 + + -- Paolo Pisati Mon, 29 Jan 2024 14:49:49 +0100 + +linux-unstable (6.8.0-3.3) noble; urgency=medium + + * noble/linux-unstable: 6.8.0-3.3 -proposed tracker (LP: #2051488) + + * update apparmor and LSM stacking patch set (LP: #2028253) + - SAUCE: apparmor4.0.0 [43/87]: LSM stacking v39: UBUNTU: SAUCE: apparmor4.0.0 + [12/95]: add/use fns to print hash string hex value + - SAUCE: apparmor4.0.0 [44/87]: patch to provide compatibility with v2.x net + rules + - SAUCE: apparmor4.0.0 [45/87]: add unpriviled user ns mediation + - SAUCE: apparmor4.0.0 [46/87]: Add sysctls for additional controls of unpriv + userns restrictions + - SAUCE: apparmor4.0.0 [47/87]: af_unix mediation + - SAUCE: apparmor4.0.0 [48/87]: Add fine grained mediation of posix mqueues + - SAUCE: apparmor4.0.0 [49/87]: setup slab cache for audit data + - SAUCE: apparmor4.0.0 [50/87]: Improve debug print infrastructure + - SAUCE: apparmor4.0.0 [51/87]: add the ability for profiles to have a + learning cache + - SAUCE: apparmor4.0.0 [52/87]: enable userspace upcall for mediation + - SAUCE: apparmor4.0.0 [53/87]: prompt - lock down prompt interface + - SAUCE: apparmor4.0.0 [54/87]: prompt - allow controlling of caching of a + prompt response + - SAUCE: apparmor4.0.0 [55/87]: prompt - add refcount to audit_node in prep or + reuse and delete + - SAUCE: apparmor4.0.0 [56/87]: prompt - refactor to moving caching to + uresponse + - SAUCE: apparmor4.0.0 [57/87]: prompt - Improve debug statements + - SAUCE: apparmor4.0.0 [58/87]: prompt - fix caching + - SAUCE: apparmor4.0.0 [59/87]: prompt - rework build to use append fn, to + simplify adding strings + - SAUCE: apparmor4.0.0 [60/87]: prompt - refcount notifications + - SAUCE: apparmor4.0.0 [61/87]: prompt - add the ability to reply with a + profile name + - SAUCE: apparmor4.0.0 [62/87]: prompt - fix notification cache when updating + - SAUCE: apparmor4.0.0 [63/87]: prompt - add tailglob on name for cache + support + - SAUCE: apparmor4.0.0 [64/87]: prompt - allow profiles to set prompts as + interruptible + - SAUCE: apparmor4.0.0 [69/87]: add io_uring mediation + - [Config] disable CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS + + * apparmor restricts read access of user namespace mediation sysctls to root + (LP: #2040194) + - SAUCE: apparmor4.0.0 [73/87]: apparmor: open userns related sysctl so lxc + can check if restriction are in place + + * AppArmor spams kernel log with assert when auditing (LP: #2040192) + - SAUCE: apparmor4.0.0 [72/87]: apparmor: fix request field from a prompt + reply that denies all access + + * apparmor notification files verification (LP: #2040250) + - SAUCE: apparmor4.0.0 [71/87]: apparmor: fix notification header size + + * apparmor oops when racing to retrieve a notification (LP: #2040245) + - SAUCE: apparmor4.0.0 [70/87]: apparmor: fix oops when racing to retrieve + notification + + * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe] + apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in mantic + (LP: #2032602) + - SAUCE: apparmor4.0.0 [66/87]: prompt - add support for advanced filtering of + notifications + - SAUCE: apparmor4.0.0 [67/87]: userns - add the ability to reference a global + variable for a feature value + - SAUCE: apparmor4.0.0 [68/87]: userns - make it so special unconfined + profiles can mediate user namespaces + + * Miscellaneous Ubuntu changes + - SAUCE: apparmor4.0.0 [01/87]: LSM stacking v39: integrity: disassociate + ima_filter_rule from security_audit_rule + - SAUCE: apparmor4.0.0 [02/87]: LSM stacking v39: SM: Infrastructure + management of the sock security + - SAUCE: apparmor4.0.0 [03/87]: LSM stacking v39: LSM: Add the lsmblob data + structure. + - SAUCE: apparmor4.0.0 [04/87]: LSM stacking v39: IMA: avoid label collisions + with stacked LSMs + - SAUCE: apparmor4.0.0 [05/87]: LSM stacking v39: LSM: Use lsmblob in + security_audit_rule_match + - SAUCE: apparmor4.0.0 [06/87]: LSM stacking v39: LSM: Add lsmblob_to_secctx + hook + - SAUCE: apparmor4.0.0 [07/87]: LSM stacking v39: Audit: maintain an lsmblob + in audit_context + - SAUCE: apparmor4.0.0 [08/87]: LSM stacking v39: LSM: Use lsmblob in + security_ipc_getsecid + - SAUCE: apparmor4.0.0 [09/87]: LSM stacking v39: Audit: Update shutdown LSM + data + - SAUCE: apparmor4.0.0 [10/87]: LSM stacking v39: LSM: Use lsmblob in + security_current_getsecid + - SAUCE: apparmor4.0.0 [11/87]: LSM stacking v39: LSM: Use lsmblob in + security_inode_getsecid + - SAUCE: apparmor4.0.0 [12/87]: LSM stacking v39: Audit: use an lsmblob in + audit_names + - SAUCE: apparmor4.0.0 [13/87]: LSM stacking v39: LSM: Create new + security_cred_getlsmblob LSM hook + - SAUCE: apparmor4.0.0 [14/87]: LSM stacking v39: Audit: Change context data + from secid to lsmblob + - SAUCE: apparmor4.0.0 [15/87]: LSM stacking v39: Netlabel: Use lsmblob for + audit data + - SAUCE: apparmor4.0.0 [16/87]: LSM stacking v39: LSM: Ensure the correct LSM + context releaser + - SAUCE: apparmor4.0.0 [17/87]: LSM stacking v39: LSM: Use lsmcontext in + security_secid_to_secctx + - SAUCE: apparmor4.0.0 [18/87]: LSM stacking v39: LSM: Use lsmcontext in + security_lsmblob_to_secctx + - SAUCE: apparmor4.0.0 [19/87]: LSM stacking v39: LSM: Use lsmcontext in + security_inode_getsecctx + - SAUCE: apparmor4.0.0 [20/87]: LSM stacking v39: LSM: Use lsmcontext in + security_dentry_init_security + - SAUCE: apparmor4.0.0 [21/87]: LSM stacking v39: LSM: + security_lsmblob_to_secctx module selection + - SAUCE: apparmor4.0.0 [22/87]: LSM stacking v39: Audit: Create audit_stamp + structure + - SAUCE: apparmor4.0.0 [23/87]: LSM stacking v39: Audit: Allow multiple + records in an audit_buffer + - SAUCE: apparmor4.0.0 [24/87]: LSM stacking v39: Audit: Add record for + multiple task security contexts + - SAUCE: apparmor4.0.0 [25/87]: LSM stacking v39: audit: multiple subject lsm + values for netlabel + - SAUCE: apparmor4.0.0 [26/87]: LSM stacking v39: Audit: Add record for + multiple object contexts + - SAUCE: apparmor4.0.0 [27/87]: LSM stacking v39: LSM: Remove unused + lsmcontext_init() + - SAUCE: apparmor4.0.0 [28/87]: LSM stacking v39: LSM: Improve logic in + security_getprocattr + - SAUCE: apparmor4.0.0 [29/87]: LSM stacking v39: LSM: secctx provider check + on release + - SAUCE: apparmor4.0.0 [30/87]: LSM stacking v39: LSM: Single calls in + socket_getpeersec hooks + - SAUCE: apparmor4.0.0 [31/87]: LSM stacking v39: LSM: Exclusive secmark usage + - SAUCE: apparmor4.0.0 [32/87]: LSM stacking v39: LSM: Identify which LSM + handles the context string + - SAUCE: apparmor4.0.0 [33/87]: LSM stacking v39: AppArmor: Remove the + exclusive flag + - SAUCE: apparmor4.0.0 [34/87]: LSM stacking v39: LSM: Add mount opts blob + size tracking + - SAUCE: apparmor4.0.0 [35/87]: LSM stacking v39: LSM: allocate mnt_opts blobs + instead of module specific data + - SAUCE: apparmor4.0.0 [36/87]: LSM stacking v39: LSM: Infrastructure + management of the key security blob + - SAUCE: apparmor4.0.0 [37/87]: LSM stacking v39: LSM: Infrastructure + management of the mnt_opts security blob + - SAUCE: apparmor4.0.0 [38/87]: LSM stacking v39: LSM: Correct handling of + ENOSYS in inode_setxattr + - SAUCE: apparmor4.0.0 [39/87]: LSM stacking v39: LSM: Remove lsmblob + scaffolding + - SAUCE: apparmor4.0.0 [40/87]: LSM stacking v39: LSM: Allow reservation of + netlabel + - SAUCE: apparmor4.0.0 [41/87]: LSM stacking v39: LSM: restrict + security_cred_getsecid() to a single LSM + - SAUCE: apparmor4.0.0 [42/87]: LSM stacking v39: Smack: Remove + LSM_FLAG_EXCLUSIVE + - SAUCE: apparmor4.0.0 [65/87] v6.8 prompt:fixup interruptible + - SAUCE: apparmor4.0.0 [74/87]: apparmor: cleanup attachment perm lookup to + use lookup_perms() + - SAUCE: apparmor4.0.0 [75/87]: apparmor: remove redundant unconfined check. + - SAUCE: apparmor4.0.0 [76/87]: apparmor: switch signal mediation to using + RULE_MEDIATES + - SAUCE: apparmor4.0.0 [77/87]: apparmor: ensure labels with more than one + entry have correct flags + - SAUCE: apparmor4.0.0 [78/87]: apparmor: remove explicit restriction that + unconfined cannot use change_hat + - SAUCE: apparmor4.0.0 [79/87]: apparmor: cleanup: refactor file_perm() to + provide semantics of some checks + - SAUCE: apparmor4.0.0 [80/87]: apparmor: carry mediation check on label + - SAUCE: apparmor4.0.0 [81/87]: apparmor: convert easy uses of unconfined() to + label_mediates() + - SAUCE: apparmor4.0.0 [82/87]: apparmor: add additional flags to extended + permission. + - SAUCE: apparmor4.0.0 [83/87]: apparmor: add support for profiles to define + the kill signal + - SAUCE: apparmor4.0.0 [84/87]: apparmor: fix x_table_lookup when stacking is + not the first entry + - SAUCE: apparmor4.0.0 [85/87]: apparmor: allow profile to be transitioned + when a user ns is created + - SAUCE: apparmor4.0.0 [86/87]: apparmor: add ability to mediate caps with + policy state machine + - SAUCE: apparmor4.0.0 [87/87]: fixup notify + - [Config] updateconfigs following v6.8-rc2 rebase + + -- Paolo Pisati Mon, 29 Jan 2024 08:59:32 +0100 + +linux-unstable (6.8.0-2.2) noble; urgency=medium + + * noble/linux-unstable: 6.8.0-2.2 -proposed tracker (LP: #2051110) + + * Miscellaneous Ubuntu changes + - [Config] toolchain update + - [Config] enable Rust + + -- Paolo Pisati Wed, 24 Jan 2024 13:10:07 +0100 + +linux-unstable (6.8.0-1.1) noble; urgency=medium + + * noble/linux-unstable: 6.8.0-1.1 -proposed tracker (LP: #2051102) + + * Miscellaneous Ubuntu changes + - [packaging] move to v6.8-rc1 + - [Config] updateconfigs following v6.8-rc1 rebase + - SAUCE: export file_close_fd() instead of close_fd_get_file() + - SAUCE: cpufreq: s/strlcpy/strscpy/ + - debian/dkms-versions -- temporarily disable zfs dkms + - debian/dkms-versions -- temporarily disable ipu6 and isvsc dkms + - debian/dkms-versions -- temporarily disable v4l2loopback + + -- Paolo Pisati Wed, 24 Jan 2024 10:48:37 +0100 + +linux-unstable (6.8.0-0.0) noble; urgency=medium + + * Empty entry. + + -- Paolo Pisati Tue, 23 Jan 2024 11:36:40 +0100 + +linux-unstable (6.7.0-7.7) noble; urgency=medium + + * noble/linux-unstable: 6.7.0-7.7 -proposed tracker (LP: #2049357) + + * Packaging resync (LP: #1786013) + - [Packaging] update variants + + * Miscellaneous Ubuntu changes + - [Packaging] re-enable signing for s390x and ppc64el + + -- Andrea Righi Mon, 15 Jan 2024 08:41:11 +0100 + +linux-unstable (6.7.0-6.6) noble; urgency=medium + + * Empty entry. + + -- Andrea Righi Mon, 15 Jan 2024 08:30:50 +0100 + +linux (6.7.0-2.2) noble; urgency=medium + + * noble/linux: 6.7.0-2.2 -proposed tracker (LP: #2049182) + + * Packaging resync (LP: #1786013) + - [Packaging] resync getabis + + * Enforce RETPOLINE and SLS mitigrations (LP: #2046440) + - SAUCE: objtool: Make objtool check actually fatal upon fatal errors + - SAUCE: objtool: make objtool SLS validation fatal when building with + CONFIG_SLS=y + - SAUCE: objtool: make objtool RETPOLINE validation fatal when building with + CONFIG_RETPOLINE=y + - SAUCE: scripts: remove generating .o-ur objects + - [Packaging] Remove all custom retpoline-extract code + - Revert "UBUNTU: SAUCE: vga_set_mode -- avoid jump tables" + - Revert "UBUNTU: SAUCE: early/late -- annotate indirect calls in early/late + initialisation code" + - Revert "UBUNTU: SAUCE: apm -- annotate indirect calls within + firmware_restrict_branch_speculation_{start,end}" + + * Miscellaneous Ubuntu changes + - [Packaging] temporarily disable riscv64 builds + - [Packaging] temporarily disable Rust dependencies on riscv64 + + -- Andrea Righi Fri, 12 Jan 2024 09:21:57 +0100 + +linux (6.7.0-1.1) noble; urgency=medium + + * noble/linux: 6.7.0-1.1 -proposed tracker (LP: #2048859) + + * Packaging resync (LP: #1786013) + - [Packaging] update variants + - debian/dkms-versions -- update from kernel-versions (main/d2024.01.02) + + * [UBUNTU 23.04] Regression: Ubuntu 23.04/23.10 do not include uvdevice + anymore (LP: #2048919) + - [Config] Enable S390_UV_UAPI (built-in) + + * Support mipi camera on Intel Meteor Lake platform (LP: #2031412) + - SAUCE: iommu: intel-ipu: use IOMMU passthrough mode for Intel IPUs on Meteor + Lake + - SAUCE: platform/x86: int3472: Add handshake GPIO function + + * [SRU][J/L/M] UBUNTU: [Packaging] Make WWAN driver a loadable module + (LP: #2033406) + - [Packaging] Make WWAN driver loadable modules + + * usbip: error: failed to open /usr/share/hwdata//usb.ids (LP: #2039439) + - [Packaging] Make linux-tools-common depend on hwdata + + * [Mediatek] mt8195-demo: enable CONFIG_MTK_IOMMU as module for multimedia and + PCIE peripherals (LP: #2036587) + - [Config] Enable CONFIG_MTK_IOMMU on arm64 + + * linux-*: please enable dm-verity kconfigs to allow MoK/db verified root + images (LP: #2019040) + - [Config] CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG_SECONDARY_KEYRING=y + + * kexec enable to load/kdump zstd compressed zimg (LP: #2037398) + - [Packaging] Revert arm64 image format to Image.gz + + * Mantic minimized/minimal cloud images do not receive IP address during + provisioning; systemd regression with wait-online (LP: #2036968) + - [Config] Enable virtio-net as built-in to avoid race + + * Make backlight module auto detect dell_uart_backlight (LP: #2008882) + - SAUCE: ACPI: video: Dell AIO UART backlight detection + + * Linux 6.2 fails to reboot with current u-boot-nezha (LP: #2021364) + - [Config] Default to performance CPUFreq governor on riscv64 + + * Enable Nezha board (LP: #1975592) + - [Config] Build in D1 clock drivers on riscv64 + - [Config] Enable CONFIG_SUN6I_RTC_CCU on riscv64 + - [Config] Enable CONFIG_SUNXI_WATCHDOG on riscv64 + - [Config] Disable SUN50I_DE2_BUS on riscv64 + - [Config] Disable unneeded sunxi pinctrl drivers on riscv64 + + * Enable StarFive VisionFive 2 board (LP: #2013232) + - [Config] Enable CONFIG_PINCTRL_STARFIVE_JH7110_SYS on riscv64 + - [Config] Enable CONFIG_STARFIVE_WATCHDOG on riscv64 + + * rcu_sched detected stalls on CPUs/tasks (LP: #1967130) + - [Config] Enable virtually mapped stacks on riscv64 + + * Check for changes relevant for security certifications (LP: #1945989) + - [Packaging] Add a new fips-checks script + + * Installation support for SMARC RZ/G2L platform (LP: #2030525) + - [Config] build Renesas RZ/G2L USBPHY control driver statically + + * Add support for kernels compiled with CONFIG_EFI_ZBOOT (LP: #2002226) + - [Config]: Turn on CONFIG_EFI_ZBOOT on ARM64 + + * Default module signing algo should be accelerated (LP: #2034061) + - [Config] Default module signing algo should be accelerated + + * Miscellaneous Ubuntu changes + - [Config] annotations clean-up + + [ Upstream Kernel Changes ] + + * Rebase to v6.7 + + -- Andrea Righi Thu, 11 Jan 2024 11:49:07 +0100 + +linux (6.7.0-0.0) noble; urgency=medium + + * Empty entry + + -- Andrea Righi Tue, 09 Jan 2024 09:27:23 +0100 + +linux-unstable (6.7.0-5.5) noble; urgency=medium + + * noble/linux-unstable: 6.7.0-5.5 -proposed tracker (LP: #2048118) + + * Packaging resync (LP: #1786013) + - debian/dkms-versions -- update from kernel-versions (main/d2024.01.02) + + * Miscellaneous Ubuntu changes + - [Packaging] re-enable Rust support + - [Packaging] temporarily disable riscv64 builds + + -- Andrea Righi Fri, 05 Jan 2024 12:33:10 +0100 + +linux-unstable (6.7.0-4.4) noble; urgency=medium + + * noble/linux-unstable: 6.7.0-4.4 -proposed tracker (LP: #2047807) + + * unconfined profile denies userns_create for chromium based processes + (LP: #1990064) + - [Config] disable CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS + + * apparmor restricts read access of user namespace mediation sysctls to root + (LP: #2040194) + - SAUCE: apparmor4.0.0 [69/69]: apparmor: open userns related sysctl so lxc + can check if restriction are in place + + * AppArmor spams kernel log with assert when auditing (LP: #2040192) + - SAUCE: apparmor4.0.0 [68/69]: apparmor: fix request field from a prompt + reply that denies all access + + * apparmor notification files verification (LP: #2040250) + - SAUCE: apparmor4.0.0 [67/69]: apparmor: fix notification header size + + * apparmor oops when racing to retrieve a notification (LP: #2040245) + - SAUCE: apparmor4.0.0 [66/69]: apparmor: fix oops when racing to retrieve + notification + + * update apparmor and LSM stacking patch set (LP: #2028253) + - SAUCE: apparmor4.0.0 [01/69]: add/use fns to print hash string hex value + - SAUCE: apparmor4.0.0 [02/69]: patch to provide compatibility with v2.x net + rules + - SAUCE: apparmor4.0.0 [03/69]: add unpriviled user ns mediation + - SAUCE: apparmor4.0.0 [04/69]: Add sysctls for additional controls of unpriv + userns restrictions + - SAUCE: apparmor4.0.0 [05/69]: af_unix mediation + - SAUCE: apparmor4.0.0 [06/69]: Add fine grained mediation of posix mqueues + - SAUCE: apparmor4.0.0 [07/69]: Stacking v38: LSM: Identify modules by more + than name + - SAUCE: apparmor4.0.0 [08/69]: Stacking v38: LSM: Add an LSM identifier for + external use + - SAUCE: apparmor4.0.0 [09/69]: Stacking v38: LSM: Identify the process + attributes for each module + - SAUCE: apparmor4.0.0 [10/69]: Stacking v38: LSM: Maintain a table of LSM + attribute data + - SAUCE: apparmor4.0.0 [11/69]: Stacking v38: proc: Use lsmids instead of lsm + names for attrs + - SAUCE: apparmor4.0.0 [12/69]: Stacking v38: integrity: disassociate + ima_filter_rule from security_audit_rule + - SAUCE: apparmor4.0.0 [13/69]: Stacking v38: LSM: Infrastructure management + of the sock security + - SAUCE: apparmor4.0.0 [14/69]: Stacking v38: LSM: Add the lsmblob data + structure. + - SAUCE: apparmor4.0.0 [15/69]: Stacking v38: LSM: provide lsm name and id + slot mappings + - SAUCE: apparmor4.0.0 [16/69]: Stacking v38: IMA: avoid label collisions with + stacked LSMs + - SAUCE: apparmor4.0.0 [17/69]: Stacking v38: LSM: Use lsmblob in + security_audit_rule_match + - SAUCE: apparmor4.0.0 [18/69]: Stacking v38: LSM: Use lsmblob in + security_kernel_act_as + - SAUCE: apparmor4.0.0 [19/69]: Stacking v38: LSM: Use lsmblob in + security_secctx_to_secid + - SAUCE: apparmor4.0.0 [20/69]: Stacking v38: LSM: Use lsmblob in + security_secid_to_secctx + - SAUCE: apparmor4.0.0 [21/69]: Stacking v38: LSM: Use lsmblob in + security_ipc_getsecid + - SAUCE: apparmor4.0.0 [22/69]: Stacking v38: LSM: Use lsmblob in + security_current_getsecid + - SAUCE: apparmor4.0.0 [23/69]: Stacking v38: LSM: Use lsmblob in + security_inode_getsecid + - SAUCE: apparmor4.0.0 [24/69]: Stacking v38: LSM: Use lsmblob in + security_cred_getsecid + - SAUCE: apparmor4.0.0 [25/69]: Stacking v38: LSM: Specify which LSM to + display + - SAUCE: apparmor4.0.0 [27/69]: Stacking v38: LSM: Ensure the correct LSM + context releaser + - SAUCE: apparmor4.0.0 [28/69]: Stacking v38: LSM: Use lsmcontext in + security_secid_to_secctx + - SAUCE: apparmor4.0.0 [29/69]: Stacking v38: LSM: Use lsmcontext in + security_inode_getsecctx + - SAUCE: apparmor4.0.0 [30/69]: Stacking v38: Use lsmcontext in + security_dentry_init_security + - SAUCE: apparmor4.0.0 [31/69]: Stacking v38: LSM: security_secid_to_secctx in + netlink netfilter + - SAUCE: apparmor4.0.0 [32/69]: Stacking v38: NET: Store LSM netlabel data in + a lsmblob + - SAUCE: apparmor4.0.0 [33/69]: Stacking v38: binder: Pass LSM identifier for + confirmation + - SAUCE: apparmor4.0.0 [34/69]: Stacking v38: LSM: security_secid_to_secctx + module selection + - SAUCE: apparmor4.0.0 [35/69]: Stacking v38: Audit: Keep multiple LSM data in + audit_names + - SAUCE: apparmor4.0.0 [36/69]: Stacking v38: Audit: Create audit_stamp + structure + - SAUCE: apparmor4.0.0 [37/69]: Stacking v38: LSM: Add a function to report + multiple LSMs + - SAUCE: apparmor4.0.0 [38/69]: Stacking v38: Audit: Allow multiple records in + an audit_buffer + - SAUCE: apparmor4.0.0 [39/69]: Stacking v38: Audit: Add record for multiple + task security contexts + - SAUCE: apparmor4.0.0 [40/69]: Stacking v38: audit: multiple subject lsm + values for netlabel + - SAUCE: apparmor4.0.0 [41/69]: Stacking v38: Audit: Add record for multiple + object contexts + - SAUCE: apparmor4.0.0 [42/69]: Stacking v38: netlabel: Use a struct lsmblob + in audit data + - SAUCE: apparmor4.0.0 [43/69]: Stacking v38: LSM: Removed scaffolding + function lsmcontext_init + - SAUCE: apparmor4.0.0 [44/69]: Stacking v38: AppArmor: Remove the exclusive + flag + - SAUCE: apparmor4.0.0 [45/69]: setup slab cache for audit data + - SAUCE: apparmor4.0.0 [46/69]: Improve debug print infrastructure + - SAUCE: apparmor4.0.0 [47/69]: add the ability for profiles to have a + learning cache + - SAUCE: apparmor4.0.0 [48/69]: enable userspace upcall for mediation + - SAUCE: apparmor4.0.0 [49/69]: prompt - lock down prompt interface + - SAUCE: apparmor4.0.0 [50/69]: prompt - allow controlling of caching of a + prompt response + - SAUCE: apparmor4.0.0 [51/69]: prompt - add refcount to audit_node in prep or + reuse and delete + - SAUCE: apparmor4.0.0 [52/69]: prompt - refactor to moving caching to + uresponse + - SAUCE: apparmor4.0.0 [53/69]: prompt - Improve debug statements + - SAUCE: apparmor4.0.0 [54/69]: prompt - fix caching + - SAUCE: apparmor4.0.0 [55/69]: prompt - rework build to use append fn, to + simplify adding strings + - SAUCE: apparmor4.0.0 [56/69]: prompt - refcount notifications + - SAUCE: apparmor4.0.0 [57/69]: prompt - add the ability to reply with a + profile name + - SAUCE: apparmor4.0.0 [58/69]: prompt - fix notification cache when updating + - SAUCE: apparmor4.0.0 [59/69]: prompt - add tailglob on name for cache + support + - SAUCE: apparmor4.0.0 [60/69]: prompt - allow profiles to set prompts as + interruptible + - SAUCE: apparmor4.0.0 [64/69]: advertise disconnected.path is available + - SAUCE: apparmor4.0.0 [65/69]: add io_uring mediation + + * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe] + apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in mantic + (LP: #2032602) + - SAUCE: apparmor4.0.0 [61/69]: prompt - add support for advanced filtering of + notifications + - SAUCE: apparmor4.0.0 [62/69]: userns - add the ability to reference a global + variable for a feature value + - SAUCE: apparmor4.0.0 [63/69]: userns - make it so special unconfined + profiles can mediate user namespaces + + * udev fails to make prctl() syscall with apparmor=0 (as used by maas by + default) (LP: #2016908) // update apparmor and LSM stacking patch set + (LP: #2028253) + - SAUCE: apparmor4.0.0 [26/69]: Stacking v38: Fix prctl() syscall with + apparmor=0 + + * Fix RPL-U CPU C-state always keep at C3 when system run PHM with idle screen + on (LP: #2042385) + - SAUCE: r8169: Add quirks to enable ASPM on Dell platforms + + * [Debian] autoreconstruct - Do not generate chmod -x for deleted files + (LP: #2045562) + - [Debian] autoreconstruct - Do not generate chmod -x for deleted files + + * Disable Legacy TIOCSTI (LP: #2046192) + - [Config]: disable CONFIG_LEGACY_TIOCSTI + + * Packaging resync (LP: #1786013) + - [Packaging] update variants + - [Packaging] remove helper scripts + - [Packaging] update annotations scripts + + * Miscellaneous Ubuntu changes + - [Packaging] rules: Remove unused dkms make variables + - [Config] update annotations after rebase to v6.7-rc8 + + [ Upstream Kernel Changes ] + + * Rebase to v6.7-rc8 + + -- Andrea Righi Tue, 02 Jan 2024 14:57:21 +0100 + +linux-unstable (6.7.0-3.3) noble; urgency=medium + + * noble/linux-unstable: 6.7.0-3.3 -proposed tracker (LP: #2046060) + + * enable CONFIG_INTEL_TDX_HOST in linux >= 6.7 for noble (LP: #2046040) + - [Config] enable CONFIG_INTEL_TDX_HOST + + * linux tools packages for derived kernels refuse to install simultaneously + due to libcpupower name collision (LP: #2035971) + - [Packaging] Statically link libcpupower into cpupower tool + + * make lazy RCU a boot time option (LP: #2045492) + - SAUCE: rcu: Provide a boot time parameter to control lazy RCU + + * Build failure if run in a console (LP: #2044512) + - [Packaging] Fix kernel module compression failures + + * Turning COMPAT_32BIT_TIME off on arm64 (64k & derivatives) (LP: #2038582) + - [Config] y2038: Turn off COMPAT and COMPAT_32BIT_TIME on arm64 64k + + * Turning COMPAT_32BIT_TIME off on riscv64 (LP: #2038584) + - [Config] y2038: Disable COMPAT_32BIT_TIME on riscv64 + + * Turning COMPAT_32BIT_TIME off on ppc64el (LP: #2038587) + - [Config] y2038: Disable COMPAT and COMPAT_32BIT_TIME on ppc64le + + * [UBUNTU 23.04] Kernel config option missing for s390x PCI passthrough + (LP: #2042853) + - [Config] CONFIG_VFIO_PCI_ZDEV_KVM=y + + * back-out zstd module compression automatic for backports (LP: #2045593) + - [Packaging] make ZSTD module compression conditional + + * Miscellaneous Ubuntu changes + - [Packaging] Remove do_full_source variable + - [Packaging] Remove obsolete config handling + - [Packaging] Remove support for sub-flavors + - [Packaging] Remove old linux-libc-dev version hack + - [Packaging] Remove obsolete scripts + - [Packaging] Remove README.inclusion-list + - [Packaging] make $(stampdir)/stamp-build-perarch depend on build-arch + - [Packaging] Enable rootless builds + - [Packaging] Allow to run debian/rules without (fake)root + - [Packaging] remove unneeded trailing slash for INSTALL_MOD_PATH + - [Packaging] override KERNELRELEASE instead of KERNELVERSION + - [Config] update toolchain versions in annotations + - [Packaging] drop useless linux-doc + - [Packaging] scripts: Rewrite insert-ubuntu-changes in Python + - [Packaging] enable riscv64 builds + - [Packaging] remove the last sub-flavours bit + - [Packaging] check debian.env to determine do_libc_dev_package + - [Packaging] remove debian.*/variants + - [Packaging] remove do_libc_dev_package variable + - [Packaging] move linux-libc-dev.stub to debian/control.d/ + - [Packaging] Update check to build linux-libc-dev to the source package name + - [Packaging] rules: Remove startnewrelease target + - [Packaging] Remove debian/commit-templates + - [Config] update annotations after rebase to v6.7-rc4 + + [ Upstream Kernel Changes ] + + * Rebase to v6.7-rc4 + + -- Andrea Righi Mon, 11 Dec 2023 15:56:11 +0100 + +linux-unstable (6.7.0-2.2) noble; urgency=medium + + * noble/linux-unstable: 6.7.0-2.2 -proposed tracker (LP: #2045107) + + * Miscellaneous Ubuntu changes + - [Packaging] re-enable Rust + - [Config] enable Rust in annotations + - [Packaging] Remove do_enforce_all variable + - [Config] disable Softlogic 6x10 capture card driver on armhf + - [Packaging] disable Rust support + - [Config] update annotations after rebase to v6.7-rc3 + + [ Upstream Kernel Changes ] + + * Rebase to v6.7-rc3 + + -- Andrea Righi Wed, 29 Nov 2023 07:51:17 +0100 + +linux-unstable (6.7.0-1.1) noble; urgency=medium + + * noble/linux-unstable: 6.7.0-1.1 -proposed tracker (LP: #2044069) + + * Packaging resync (LP: #1786013) + - [Packaging] update annotations scripts + - [Packaging] update helper scripts + + * Miscellaneous Ubuntu changes + - [Config] update annotations after rebase to v6.7-rc2 + + [ Upstream Kernel Changes ] + + * Rebase to v6.7-rc2 + + -- Andrea Righi Tue, 21 Nov 2023 10:45:24 +0100 + +linux-unstable (6.7.0-0.0) noble; urgency=medium + + * Empty entry + + -- Andrea Righi Tue, 21 Nov 2023 07:26:46 +0100 + +linux-unstable (6.6.0-12.12) noble; urgency=medium + + * noble/linux-unstable: 6.6.0-12.12 -proposed tracker (LP: #2043664) + + * Miscellaneous Ubuntu changes + - [Packaging] temporarily disable zfs dkms + + -- Paolo Pisati Thu, 16 Nov 2023 10:20:26 +0100 + +linux-unstable (6.6.0-11.11) noble; urgency=medium + + * noble/linux-unstable: 6.6.0-11.11 -proposed tracker (LP: #2043480) + + * Packaging resync (LP: #1786013) + - [Packaging] resync git-ubuntu-log + - [Packaging] resync update-dkms-versions helper + - [Packaging] update variants + - debian/dkms-versions -- update from kernel-versions (main/d2023.11.14) + + * Miscellaneous Ubuntu changes + - [Packaging] move to Noble + - [Config] toolchain version update + + -- Paolo Pisati Wed, 15 Nov 2023 14:50:40 +0100 + +linux-unstable (6.6.0-10.10) noble; urgency=medium + + * mantic/linux-unstable: 6.6.0-10.10 -proposed tracker (LP: #2043088) + + * Bump arm64's CONFIG_NR_CPUS to 512 (LP: #2042897) + - [Config] Bump CONFIG_NR_CPUS to 512 for arm64 + + * Miscellaneous Ubuntu changes + - [Config] Include a note for the NR_CPUS setting on riscv64 + - SAUCE: apparmor4.0.0 [83/83]: Fix inode_init for changed prototype + + -- Paolo Pisati Thu, 09 Nov 2023 12:05:11 +0200 + +linux-unstable (6.6.0-9.9) mantic; urgency=medium + + * mantic/linux-unstable: 6.6.0-9.9 -proposed tracker (LP: #2041852) + + * Switch IMA default hash to sha256 (LP: #2041735) + - [Config] Switch IMA_DEFAULT_HASH from sha1 to sha256 + + * apparmor restricts read access of user namespace mediation sysctls to root + (LP: #2040194) + - SAUCE: apparmor4.0.0 [82/82]: apparmor: open userns related sysctl so lxc + can check if restriction are in place + + * AppArmor spams kernel log with assert when auditing (LP: #2040192) + - SAUCE: apparmor4.0.0 [81/82]: apparmor: fix request field from a prompt + reply that denies all access + + * apparmor notification files verification (LP: #2040250) + - SAUCE: apparmor4.0.0 [80/82]: apparmor: fix notification header size + + * apparmor oops when racing to retrieve a notification (LP: #2040245) + - SAUCE: apparmor4.0.0 [79/82]: apparmor: fix oops when racing to retrieve + notification + + * Disable restricting unprivileged change_profile by default, due to LXD + latest/stable not yet compatible with this new apparmor feature + (LP: #2038567) + - SAUCE: apparmor4.0.0 [78/82]: apparmor: Make + apparmor_restrict_unprivileged_unconfined opt-in + + * update apparmor and LSM stacking patch set (LP: #2028253) + - SAUCE: apparmor4.0.0 [01/82]: add/use fns to print hash string hex value + - SAUCE: apparmor4.0.0 [02/82]: rename SK_CTX() to aa_sock and make it an + inline fn + - SAUCE: apparmor4.0.0 [03/82]: patch to provide compatibility with v2.x net + rules + - SAUCE: apparmor4.0.0 [04/82]: add user namespace creation mediation + - SAUCE: apparmor4.0.0 [05/82]: Add sysctls for additional controls of unpriv + userns restrictions + - SAUCE: apparmor4.0.0 [06/82]: af_unix mediation + - SAUCE: apparmor4.0.0 [07/82]: Add fine grained mediation of posix mqueues + - SAUCE: apparmor4.0.0 [08/82]: Stacking v38: LSM: Identify modules by more + than name + - SAUCE: apparmor4.0.0 [09/82]: Stacking v38: LSM: Add an LSM identifier for + external use + - SAUCE: apparmor4.0.0 [10/82]: Stacking v38: LSM: Identify the process + attributes for each module + - SAUCE: apparmor4.0.0 [11/82]: Stacking v38: LSM: Maintain a table of LSM + attribute data + - SAUCE: apparmor4.0.0 [12/82]: Stacking v38: proc: Use lsmids instead of lsm + names for attrs + - SAUCE: apparmor4.0.0 [13/82]: Stacking v38: integrity: disassociate + ima_filter_rule from security_audit_rule + - SAUCE: apparmor4.0.0 [14/82]: Stacking v38: LSM: Infrastructure management + of the sock security + - SAUCE: apparmor4.0.0 [15/82]: Stacking v38: LSM: Add the lsmblob data + structure. + - SAUCE: apparmor4.0.0 [16/82]: Stacking v38: LSM: provide lsm name and id + slot mappings + - SAUCE: apparmor4.0.0 [17/82]: Stacking v38: IMA: avoid label collisions with + stacked LSMs + - SAUCE: apparmor4.0.0 [18/82]: Stacking v38: LSM: Use lsmblob in + security_audit_rule_match + - SAUCE: apparmor4.0.0 [19/82]: Stacking v38: LSM: Use lsmblob in + security_kernel_act_as + - SAUCE: apparmor4.0.0 [20/82]: Stacking v38: LSM: Use lsmblob in + security_secctx_to_secid + - SAUCE: apparmor4.0.0 [21/82]: Stacking v38: LSM: Use lsmblob in + security_secid_to_secctx + - SAUCE: apparmor4.0.0 [22/82]: Stacking v38: LSM: Use lsmblob in + security_ipc_getsecid + - SAUCE: apparmor4.0.0 [23/82]: Stacking v38: LSM: Use lsmblob in + security_current_getsecid + - SAUCE: apparmor4.0.0 [24/82]: Stacking v38: LSM: Use lsmblob in + security_inode_getsecid + - SAUCE: apparmor4.0.0 [25/82]: Stacking v38: LSM: Use lsmblob in + security_cred_getsecid + - SAUCE: apparmor4.0.0 [26/82]: Stacking v38: LSM: Specify which LSM to + display + - SAUCE: apparmor4.0.0 [28/82]: Stacking v38: LSM: Ensure the correct LSM + context releaser + - SAUCE: apparmor4.0.0 [29/82]: Stacking v38: LSM: Use lsmcontext in + security_secid_to_secctx + - SAUCE: apparmor4.0.0 [30/82]: Stacking v38: LSM: Use lsmcontext in + security_inode_getsecctx + - SAUCE: apparmor4.0.0 [31/82]: Stacking v38: Use lsmcontext in + security_dentry_init_security + - SAUCE: apparmor4.0.0 [32/82]: Stacking v38: LSM: security_secid_to_secctx in + netlink netfilter + - SAUCE: apparmor4.0.0 [33/82]: Stacking v38: NET: Store LSM netlabel data in + a lsmblob + - SAUCE: apparmor4.0.0 [34/82]: Stacking v38: binder: Pass LSM identifier for + confirmation + - SAUCE: apparmor4.0.0 [35/82]: Stacking v38: LSM: security_secid_to_secctx + module selection + - SAUCE: apparmor4.0.0 [36/82]: Stacking v38: Audit: Keep multiple LSM data in + audit_names + - SAUCE: apparmor4.0.0 [37/82]: Stacking v38: Audit: Create audit_stamp + structure + - SAUCE: apparmor4.0.0 [38/82]: Stacking v38: LSM: Add a function to report + multiple LSMs + - SAUCE: apparmor4.0.0 [39/82]: Stacking v38: Audit: Allow multiple records in + an audit_buffer + - SAUCE: apparmor4.0.0 [40/82]: Stacking v38: Audit: Add record for multiple + task security contexts + - SAUCE: apparmor4.0.0 [41/82]: Stacking v38: audit: multiple subject lsm + values for netlabel + - SAUCE: apparmor4.0.0 [42/82]: Stacking v38: Audit: Add record for multiple + object contexts + - SAUCE: apparmor4.0.0 [43/82]: Stacking v38: netlabel: Use a struct lsmblob + in audit data + - SAUCE: apparmor4.0.0 [44/82]: Stacking v38: LSM: Removed scaffolding + function lsmcontext_init + - SAUCE: apparmor4.0.0 [45/82]: Stacking v38: AppArmor: Remove the exclusive + flag + - SAUCE: apparmor4.0.0 [46/82]: combine common_audit_data and + apparmor_audit_data + - SAUCE: apparmor4.0.0 [47/82]: setup slab cache for audit data + - SAUCE: apparmor4.0.0 [48/82]: rename audit_data->label to + audit_data->subj_label + - SAUCE: apparmor4.0.0 [49/82]: pass cred through to audit info. + - SAUCE: apparmor4.0.0 [50/82]: Improve debug print infrastructure + - SAUCE: apparmor4.0.0 [51/82]: add the ability for profiles to have a + learning cache + - SAUCE: apparmor4.0.0 [52/82]: enable userspace upcall for mediation + - SAUCE: apparmor4.0.0 [53/82]: cache buffers on percpu list if there is lock + contention + - SAUCE: apparmor4.0.0 [54/82]: advertise availability of exended perms + - SAUCE: apparmor4.0.0 [56/82]: cleanup: provide separate audit messages for + file and policy checks + - SAUCE: apparmor4.0.0 [57/82]: prompt - lock down prompt interface + - SAUCE: apparmor4.0.0 [58/82]: prompt - ref count pdb + - SAUCE: apparmor4.0.0 [59/82]: prompt - allow controlling of caching of a + prompt response + - SAUCE: apparmor4.0.0 [60/82]: prompt - add refcount to audit_node in prep or + reuse and delete + - SAUCE: apparmor4.0.0 [61/82]: prompt - refactor to moving caching to + uresponse + - SAUCE: apparmor4.0.0 [62/82]: prompt - Improve debug statements + - SAUCE: apparmor4.0.0 [63/82]: prompt - fix caching + - SAUCE: apparmor4.0.0 [64/82]: prompt - rework build to use append fn, to + simplify adding strings + - SAUCE: apparmor4.0.0 [65/82]: prompt - refcount notifications + - SAUCE: apparmor4.0.0 [66/82]: prompt - add the ability to reply with a + profile name + - SAUCE: apparmor4.0.0 [67/82]: prompt - fix notification cache when updating + - SAUCE: apparmor4.0.0 [68/82]: prompt - add tailglob on name for cache + support + - SAUCE: apparmor4.0.0 [69/82]: prompt - allow profiles to set prompts as + interruptible + - SAUCE: apparmor4.0.0 [74/82]: advertise disconnected.path is available + - SAUCE: apparmor4.0.0 [75/82]: fix invalid reference on profile->disconnected + - SAUCE: apparmor4.0.0 [76/82]: add io_uring mediation + - SAUCE: apparmor4.0.0 [77/82]: apparmor: Fix regression in mount mediation + + * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe] + apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in mantic + (LP: #2032602) + - SAUCE: apparmor4.0.0 [70/82]: prompt - add support for advanced filtering of + notifications + - SAUCE: apparmor4.0.0 [71/82]: userns - add the ability to reference a global + variable for a feature value + - SAUCE: apparmor4.0.0 [72/82]: userns - make it so special unconfined + profiles can mediate user namespaces + - SAUCE: apparmor4.0.0 [73/82]: userns - allow restricting unprivileged + change_profile + + * LSM stacking and AppArmor for 6.2: additional fixes (LP: #2017903) // update + apparmor and LSM stacking patch set (LP: #2028253) + - SAUCE: apparmor4.0.0 [55/82]: fix profile verification and enable it + + * udev fails to make prctl() syscall with apparmor=0 (as used by maas by + default) (LP: #2016908) // update apparmor and LSM stacking patch set + (LP: #2028253) + - SAUCE: apparmor4.0.0 [27/82]: Stacking v38: Fix prctl() syscall with + apparmor=0 + + * Miscellaneous Ubuntu changes + - [Config] SECURITY_APPARMOR_RESTRICT_USERNS=y + + -- Paolo Pisati Fri, 03 Nov 2023 11:59:12 +0100 + +linux-unstable (6.6.0-8.8) mantic; urgency=medium + + * mantic/linux-unstable: 6.6.0-8.8 -proposed tracker (LP: #2040243) + + * Miscellaneous Ubuntu changes + - abi: gc reference to phy-rtk-usb2/phy-rtk-usb3 + + -- Paolo Pisati Tue, 24 Oct 2023 10:55:34 +0200 + +linux-unstable (6.6.0-7.7) mantic; urgency=medium + + * mantic/linux-unstable: 6.6.0-7.7 -proposed tracker (LP: #2040147) + + * test_021_aslr_dapper_libs from ubuntu_qrt_kernel_security failed on K-5.19 / + J-OEM-6.1 / J-6.2 AMD64 (LP: #1983357) + - [Config]: set ARCH_MMAP_RND_{COMPAT_, }BITS to the maximum + + * Miscellaneous Ubuntu changes + - [Config] updateconfigs following v6.6-rc7 rebase + + -- Paolo Pisati Mon, 23 Oct 2023 11:51:14 +0200 + +linux-unstable (6.6.0-6.6) mantic; urgency=medium + + * mantic/linux-unstable: 6.6.0-6.6 -proposed tracker (LP: #2039780) + + * Miscellaneous Ubuntu changes + - rebase on v6.6-rc6 + - [Config] updateconfigs following v6.6-rc6 rebase + + [ Upstream Kernel Changes ] + + * Rebase to v6.6-rc6 + + -- Paolo Pisati Thu, 19 Oct 2023 12:09:16 +0200 + +linux-unstable (6.6.0-5.5) mantic; urgency=medium + + * mantic/linux-unstable: 6.6.0-5.5 -proposed tracker (LP: #2038899) + + * Miscellaneous Ubuntu changes + - rebase on v6.6-rc5 + - [Config] updateconfigs following v6.6-rc5 rebase + + [ Upstream Kernel Changes ] + + * Rebase to v6.6-rc5 + + -- Paolo Pisati Tue, 10 Oct 2023 11:18:41 +0200 + +linux-unstable (6.6.0-4.4) mantic; urgency=medium + + * mantic/linux-unstable: 6.6.0-4.4 -proposed tracker (LP: #2038423) + + * Miscellaneous Ubuntu changes + - rebase on v6.6-rc4 + + [ Upstream Kernel Changes ] + + * Rebase to v6.6-rc4 + + -- Paolo Pisati Wed, 04 Oct 2023 11:16:25 +0200 + +linux-unstable (6.6.0-3.3) mantic; urgency=medium + + * mantic/linux-unstable: 6.6.0-3.3 -proposed tracker (LP: #2037622) + + * Miscellaneous Ubuntu changes + - [Config] updateconfigs following v6.6-rc3 rebase + + * Miscellaneous upstream changes + - Revert "UBUNTU: SAUCE: enforce rust availability only on x86_64" + - arm64: rust: Enable Rust support for AArch64 + - arm64: rust: Enable PAC support for Rust. + - arm64: Restrict Rust support to little endian only. + + -- Paolo Pisati Thu, 28 Sep 2023 10:45:38 +0200 + +linux-unstable (6.6.0-2.2) mantic; urgency=medium + + * Miscellaneous upstream changes + - UBUBNTU: [Config] build all COMEDI drivers as modules + + -- Paolo Pisati Mon, 18 Sep 2023 14:42:56 +0200 + +linux-unstable (6.6.0-1.1) mantic; urgency=medium + + * Miscellaneous Ubuntu changes + - [Packaging] move linux to linux-unstable + - [Packaging] rebase on v6.6-rc1 + - [Config] updateconfigs following v6.6-rc1 rebase + - [packaging] skip ABI, modules and retpoline checks + - update dropped.txt + - [Config] SHIFT_FS FTBFS with Linux 6.6, disable it + - [Config] DELL_UART_BACKLIGHT FTBFS with Linux 6.6, disable it + - [Packaging] debian/dkms-versions: temporarily disable dkms + - [Packaging] temporarily disable signing for s390x + + [ Upstream Kernel Changes ] + + * Rebase to v6.6-rc1 + + -- Paolo Pisati Fri, 15 Sep 2023 14:42:18 +0200 + +linux-unstable (6.6.0-0.0) mantic; urgency=medium + + * Empty entry + + -- Paolo Pisati Thu, 14 Sep 2023 15:03:19 +0200 + +linux (6.5.0-5.5) mantic; urgency=medium + + * mantic/linux: 6.5.0-5.5 -proposed tracker (LP: #2034546) + + * Packaging resync (LP: #1786013) + - [Packaging] update helper scripts + - debian/dkms-versions -- update from kernel-versions (main/d2023.08.23) + + +linux (6.5.0-4.4) mantic; urgency=medium + + * mantic/linux: 6.5.0-4.4 -proposed tracker (LP: #2034042) + + * Packaging resync (LP: #1786013) + - debian/dkms-versions -- update from kernel-versions (main/d2023.08.23) + + -- Andrea Righi Mon, 04 Sep 2023 16:55:44 +0200 + +linux (6.5.0-3.3) mantic; urgency=medium + + * mantic/linux: 6.5.0-3.3 -proposed tracker (LP: #2033904) + + * Packaging resync (LP: #1786013) + - debian/dkms-versions -- update from kernel-versions (main/d2023.08.23) + + * [23.10] Please test secure-boot and lockdown on the early 6.5 kernel (s390x) + (LP: #2026833) + - [Packaging] re-enable signing for s390x + + * Miscellaneous upstream changes + - module/decompress: use vmalloc() for zstd decompression workspace + + -- Andrea Righi Fri, 01 Sep 2023 16:15:33 +0200 + +linux (6.5.0-2.2) mantic; urgency=medium + + * mantic/linux: 6.5.0-2.2 -proposed tracker (LP: #2033240) + + * Soundwire support for Dell SKU0C87 devices (LP: #2029281) + - SAUCE: ASoC: Intel: soc-acpi: add support for Dell SKU0C87 devices + + * Fix numerous AER related issues (LP: #2033025) + - SAUCE: PCI/AER: Disable AER service during suspend, again + - SAUCE: PCI/DPC: Disable DPC service during suspend, again + + * Support Realtek RTL8852CE WiFi 6E/BT Combo (LP: #2025672) + - wifi: rtw89: debug: Fix error handling in rtw89_debug_priv_btc_manual_set() + - Bluetooth: btrtl: Load FW v2 otherwise FW v1 for RTL8852C + + [ Upstream Kernel Changes ] + + * Rebase to v6.5 + + -- Andrea Righi Mon, 28 Aug 2023 08:53:19 +0200 + +linux (6.5.0-1.1) mantic; urgency=medium + + * mantic/linux: 6.5.0-1.1 -proposed tracker (LP: #2032750) + + * Packaging resync (LP: #1786013) + - [Packaging] resync update-dkms-versions helper + - [Packaging] update variants + - debian/dkms-versions -- update from kernel-versions (main/d2023.07.26) + + * ceph: support idmapped mounts (LP: #2032959) + - SAUCE: libceph: add spinlock around osd->o_requests + - SAUCE: libceph: define struct ceph_sparse_extent and add some helpers + - SAUCE: libceph: new sparse_read op, support sparse reads on msgr2 crc + codepath + - SAUCE: libceph: support sparse reads on msgr2 secure codepath + - SAUCE: libceph: add sparse read support to msgr1 + - SAUCE: libceph: add sparse read support to OSD client + - SAUCE: ceph: add new mount option to enable sparse reads + - SAUCE: ceph: preallocate inode for ops that may create one + - SAUCE: ceph: make ceph_msdc_build_path use ref-walk + - SAUCE: libceph: add new iov_iter-based ceph_msg_data_type and + ceph_osd_data_type + - SAUCE: ceph: use osd_req_op_extent_osd_iter for netfs reads + - SAUCE: ceph: fscrypt_auth handling for ceph + - SAUCE: ceph: implement -o test_dummy_encryption mount option + - SAUCE: ceph: add fscrypt ioctls and ceph.fscrypt.auth vxattr + - SAUCE: ceph: make ioctl cmds more readable in debug log + - SAUCE: ceph: add base64 endcoding routines for encrypted names + - SAUCE: ceph: encode encrypted name in ceph_mdsc_build_path and dentry + release + - SAUCE: ceph: send alternate_name in MClientRequest + - SAUCE: ceph: decode alternate_name in lease info + - SAUCE: ceph: set DCACHE_NOKEY_NAME flag in ceph_lookup/atomic_open() + - SAUCE: ceph: make d_revalidate call fscrypt revalidator for encrypted + dentries + - SAUCE: ceph: add helpers for converting names for userland presentation + - SAUCE: ceph: make ceph_fill_trace and ceph_get_name decrypt names + - SAUCE: ceph: pass the request to parse_reply_info_readdir() + - SAUCE: ceph: add support to readdir for encrypted names + - SAUCE: ceph: create symlinks with encrypted and base64-encoded targets + - SAUCE: ceph: add some fscrypt guardrails + - SAUCE: ceph: allow encrypting a directory while not having Ax caps + - SAUCE: ceph: mark directory as non-complete after loading key + - SAUCE: ceph: size handling in MClientRequest, cap updates and inode traces + - SAUCE: ceph: handle fscrypt fields in cap messages from MDS + - SAUCE: ceph: add infrastructure for file encryption and decryption + - SAUCE: libceph: add CEPH_OSD_OP_ASSERT_VER support + - SAUCE: libceph: allow ceph_osdc_new_request to accept a multi-op read + - SAUCE: ceph: add object version support for sync read + - SAUCE: ceph: add truncate size handling support for fscrypt + - SAUCE: ceph: don't use special DIO path for encrypted inodes + - SAUCE: ceph: align data in pages in ceph_sync_write + - SAUCE: ceph: add read/modify/write to ceph_sync_write + - SAUCE: ceph: add encryption support to writepage and writepages + - SAUCE: ceph: plumb in decryption during reads + - SAUCE: ceph: invalidate pages when doing direct/sync writes + - SAUCE: ceph: add support for encrypted snapshot names + - SAUCE: ceph: prevent snapshot creation in encrypted locked directories + - SAUCE: ceph: update documentation regarding snapshot naming limitations + - SAUCE: ceph: drop messages from MDS when unmounting + - SAUCE: ceph: wait for OSD requests' callbacks to finish when unmounting + - SAUCE: ceph: fix updating i_truncate_pagecache_size for fscrypt + - SAUCE: ceph: switch ceph_lookup/atomic_open() to use new fscrypt helper + - SAUCE: libceph: do not include crypto/algapi.h + - SAUCE: rbd: bump RBD_MAX_PARENT_CHAIN_LEN to 128 + - SAUCE: ceph: dump info about cap flushes when we're waiting too long for + them + - SAUCE: mm: BUG if filemap_alloc_folio gives us a folio with a non-NULL + ->private + - SAUCE: ceph: make sure all the files successfully put before unmounting + - SAUCE: ceph: BUG if MDS changed truncate_seq with client caps still + outstanding + - SAUCE: ceph: add the *_client debug macros support + - SAUCE: ceph: pass the mdsc to several helpers + - SAUCE: ceph: rename _to_client() to _to_fs_client() + - SAUCE: ceph: move mdsmap.h to fs/ceph/ + - SAUCE: ceph: add ceph_inode_to_client() helper support + - SAUCE: ceph: print the client global_id in all the debug logs + - SAUCE: ceph: make the members in struct ceph_mds_request_args_ext an union + - SAUCE: ceph: make num_fwd and num_retry to __u32 + - SAUCE: fs: export mnt_idmap_get/mnt_idmap_put + - SAUCE: ceph: stash idmapping in mdsc request + - SAUCE: ceph: handle idmapped mounts in create_request_message() + - SAUCE: ceph: add enable_unsafe_idmap module parameter + - SAUCE: ceph: pass an idmapping to mknod/symlink/mkdir + - SAUCE: ceph: allow idmapped getattr inode op + - SAUCE: ceph: allow idmapped permission inode op + - SAUCE: ceph: pass idmap to __ceph_setattr + - SAUCE: ceph: allow idmapped setattr inode op + - SAUCE: ceph/acl: allow idmapped set_acl inode op + - SAUCE: ceph/file: allow idmapped atomic_open inode op + - SAUCE: ceph: allow idmapped mounts + + * Got soft lockup CPU if dell_uart_backlight is probed (LP: #2032174) + - SAUCE: platform/x86: dell-uart-backlight: replace chars_in_buffer() with + flush_chars() + + * Fix ACPI TAD on some Intel based systems (LP: #2032767) + - ACPI: TAD: Install SystemCMOS address space handler for ACPI000E + + * Fix unreliable ethernet cable detection on I219 NIC (LP: #2028122) + - e1000e: Use PME poll to circumvent unreliable ACPI wake + + * Fix panel brightness issues on HP laptops (LP: #2032704) + - ACPI: video: Put ACPI video and its child devices into D0 on boot + + * FATAL:credentials.cc(127)] Check failed: . : Permission denied (13) + (LP: #2017980) + - [Config] disable CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS + + * Support initrdless boot on default qemu virt models and openstack + (LP: #2030745) + - [Config] set VIRTIO_BLK=y for default qemu/openstack boot + + * Miscellaneous Ubuntu changes + - [Packaging] rust: use Rust 1.68.2 + - [Packaging] depend on clang/libclang-15 for Rust + - [Config] update toolchain versions in annotations + - [Config] update annotations after rebase to v6.5-rc6 + - [Config] update toolchain version in annotations + - [Packaging] temporarily disable Rust support + - [Packaging] temporarily disable signing for ppc64el + - [Packaging] temporarily disable signing for s390x + + -- Andrea Righi Thu, 24 Aug 2023 17:47:10 +0200 + +linux (6.5.0-0.0) mantic; urgency=medium + + * Empty entry + + -- Andrea Righi Wed, 23 Aug 2023 08:14:48 +0200 + +linux-unstable (6.5.0-4.4) mantic; urgency=medium + + * mantic/linux-unstable: 6.5.0-4.4 -proposed tracker (LP: #2029086) + + * Miscellaneous Ubuntu changes + - [Packaging] Add .NOTPARALLEL + - [Packaging] Remove meaningless $(header_arch) + - [Packaging] Fix File exists error in install-arch-headers + - [Packaging] clean debian/linux-* directories + - [Packaging] remove hmake + - [Packaging] install headers to debian/linux-libc-dev directly + - [Config] define CONFIG options for arm64 instead of arm64-generic + - [Config] update annotations after rebase to v6.5-rc4 + - [Packaging] temporarily disable Rust support + + [ Upstream Kernel Changes ] + + * Rebase to v6.5-rc4 + + -- Andrea Righi Mon, 31 Jul 2023 08:41:59 +0200 + +linux-unstable (6.5.0-3.3) mantic; urgency=medium + + * mantic/linux-unstable: 6.5.0-3.3 -proposed tracker (LP: #2028779) + + * enable Rust support in the kernel (LP: #2007654) + - SAUCE: rust: support rustc-1.69.0 + - [Packaging] depend on rustc-1.69.0 + + * Packaging resync (LP: #1786013) + - [Packaging] resync update-dkms-versions helper + - [Packaging] resync getabis + + * Fix UBSAN in Intel EDAC driver (LP: #2028746) + - EDAC/i10nm: Skip the absent memory controllers + + * Ship kernel modules Zstd compressed (LP: #2028568) + - SAUCE: Support but do not require compressed modules + - [Config] Enable support for ZSTD compressed modules + - [Packaging] ZSTD compress modules + + * update apparmor and LSM stacking patch set (LP: #2028253) + - SAUCE: apparmor3.2.0 [02/60]: rename SK_CTX() to aa_sock and make it an + inline fn + - SAUCE: apparmor3.2.0 [05/60]: Add sysctls for additional controls of unpriv + userns restrictions + - SAUCE: apparmor3.2.0 [08/60]: Stacking v38: LSM: Identify modules by more + than name + - SAUCE: apparmor3.2.0 [09/60]: Stacking v38: LSM: Add an LSM identifier for + external use + - SAUCE: apparmor3.2.0 [10/60]: Stacking v38: LSM: Identify the process + attributes for each module + - SAUCE: apparmor3.2.0 [11/60]: Stacking v38: LSM: Maintain a table of LSM + attribute data + - SAUCE: apparmor3.2.0 [12/60]: Stacking v38: proc: Use lsmids instead of lsm + names for attrs + - SAUCE: apparmor3.2.0 [13/60]: Stacking v38: integrity: disassociate + ima_filter_rule from security_audit_rule + - SAUCE: apparmor3.2.0 [14/60]: Stacking v38: LSM: Infrastructure management + of the sock security + - SAUCE: apparmor3.2.0 [15/60]: Stacking v38: LSM: Add the lsmblob data + structure. + - SAUCE: apparmor3.2.0 [16/60]: Stacking v38: LSM: provide lsm name and id + slot mappings + - SAUCE: apparmor3.2.0 [17/60]: Stacking v38: IMA: avoid label collisions with + stacked LSMs + - SAUCE: apparmor3.2.0 [18/60]: Stacking v38: LSM: Use lsmblob in + security_audit_rule_match + - SAUCE: apparmor3.2.0 [19/60]: Stacking v38: LSM: Use lsmblob in + security_kernel_act_as + - SAUCE: apparmor3.2.0 [20/60]: Stacking v38: LSM: Use lsmblob in + security_secctx_to_secid + - SAUCE: apparmor3.2.0 [21/60]: Stacking v38: LSM: Use lsmblob in + security_secid_to_secctx + - SAUCE: apparmor3.2.0 [22/60]: Stacking v38: LSM: Use lsmblob in + security_ipc_getsecid + - SAUCE: apparmor3.2.0 [23/60]: Stacking v38: LSM: Use lsmblob in + security_current_getsecid + - SAUCE: apparmor3.2.0 [24/60]: Stacking v38: LSM: Use lsmblob in + security_inode_getsecid + - SAUCE: apparmor3.2.0 [25/60]: Stacking v38: LSM: Use lsmblob in + security_cred_getsecid + - SAUCE: apparmor3.2.0 [26/60]: Stacking v38: LSM: Specify which LSM to + display + - SAUCE: apparmor3.2.0 [28/60]: Stacking v38: LSM: Ensure the correct LSM + context releaser + - SAUCE: apparmor3.2.0 [29/60]: Stacking v38: LSM: Use lsmcontext in + security_secid_to_secctx + - SAUCE: apparmor3.2.0 [30/60]: Stacking v38: LSM: Use lsmcontext in + security_inode_getsecctx + - SAUCE: apparmor3.2.0 [31/60]: Stacking v38: Use lsmcontext in + security_dentry_init_security + - SAUCE: apparmor3.2.0 [32/60]: Stacking v38: LSM: security_secid_to_secctx in + netlink netfilter + - SAUCE: apparmor3.2.0 [33/60]: Stacking v38: NET: Store LSM netlabel data in + a lsmblob + - SAUCE: apparmor3.2.0 [34/60]: Stacking v38: binder: Pass LSM identifier for + confirmation + - SAUCE: apparmor3.2.0 [35/60]: Stacking v38: LSM: security_secid_to_secctx + module selection + - SAUCE: apparmor3.2.0 [36/60]: Stacking v38: Audit: Keep multiple LSM data in + audit_names + - SAUCE: apparmor3.2.0 [37/60]: Stacking v38: Audit: Create audit_stamp + structure + - SAUCE: apparmor3.2.0 [38/60]: Stacking v38: LSM: Add a function to report + multiple LSMs + - SAUCE: apparmor3.2.0 [39/60]: Stacking v38: Audit: Allow multiple records in + an audit_buffer + - SAUCE: apparmor3.2.0 [40/60]: Stacking v38: Audit: Add record for multiple + task security contexts + - SAUCE: apparmor3.2.0 [41/60]: Stacking v38: audit: multiple subject lsm + values for netlabel + - SAUCE: apparmor3.2.0 [42/60]: Stacking v38: Audit: Add record for multiple + object contexts + - SAUCE: apparmor3.2.0 [43/60]: Stacking v38: netlabel: Use a struct lsmblob + in audit data + - SAUCE: apparmor3.2.0 [44/60]: Stacking v38: LSM: Removed scaffolding + function lsmcontext_init + - SAUCE: apparmor3.2.0 [45/60]: Stacking v38: AppArmor: Remove the exclusive + flag + - SAUCE: apparmor3.2.0 [46/60]: combine common_audit_data and + apparmor_audit_data + - SAUCE: apparmor3.2.0 [47/60]: setup slab cache for audit data + - SAUCE: apparmor3.2.0 [48/60]: rename audit_data->label to + audit_data->subj_label + - SAUCE: apparmor3.2.0 [49/60]: pass cred through to audit info. + - SAUCE: apparmor3.2.0 [50/60]: Improve debug print infrastructure + - SAUCE: apparmor3.2.0 [51/60]: add the ability for profiles to have a + learning cache + - SAUCE: apparmor3.2.0 [52/60]: enable userspace upcall for mediation + - SAUCE: apparmor3.2.0 [53/60]: cache buffers on percpu list if there is lock + contention + - SAUCE: apparmor3.2.0 [55/60]: advertise availability of exended perms + - SAUCE: apparmor3.2.0 [60/60]: [Config] enable + CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS + + * LSM stacking and AppArmor for 6.2: additional fixes (LP: #2017903) // update + apparmor and LSM stacking patch set (LP: #2028253) + - SAUCE: apparmor3.2.0 [57/60]: fix profile verification and enable it + + * udev fails to make prctl() syscall with apparmor=0 (as used by maas by + default) (LP: #2016908) // update apparmor and LSM stacking patch set + (LP: #2028253) + - SAUCE: apparmor3.2.0 [27/60]: Stacking v38: Fix prctl() syscall with + apparmor=0 + + * kinetic: apply new apparmor and LSM stacking patch set (LP: #1989983) // + update apparmor and LSM stacking patch set (LP: #2028253) + - SAUCE: apparmor3.2.0 [01/60]: add/use fns to print hash string hex value + - SAUCE: apparmor3.2.0 [03/60]: patch to provide compatibility with v2.x net + rules + - SAUCE: apparmor3.2.0 [04/60]: add user namespace creation mediation + - SAUCE: apparmor3.2.0 [06/60]: af_unix mediation + - SAUCE: apparmor3.2.0 [07/60]: Add fine grained mediation of posix mqueues + + * Miscellaneous Ubuntu changes + - [Packaging] Use consistent llvm/clang for rust + + [ Upstream Kernel Changes ] + + * Rebase to v6.5-rc3 + + -- Andrea Righi Fri, 28 Jul 2023 07:44:20 +0200 + +linux-unstable (6.5.0-2.2) mantic; urgency=medium + + * mantic/linux-unstable: 6.5.0-2.2 -proposed tracker (LP: #2027953) + + * Remove non-LPAE kernel flavor (LP: #2025265) + - [Packaging] Rename armhf generic-lpae flavor to generic + + * Please enable Renesas RZ platform serial installer (LP: #2022361) + - [Config] enable hihope RZ/G2M serial console + + * Miscellaneous Ubuntu changes + - [Packaging] snap: Remove old configs handling + - [Packaging] checks/final-checks: Remove old configs handling + - [Packaging] checks/final-checks: check existance of Makefile first + - [Packaging] checks/final-checks: Fix shellcheck issues + - [Packaging] add libstdc++-dev to the build dependencies + - [Config] update annotations after rebase to v6.5-rc2 + + * Miscellaneous upstream changes + - kbuild: rust: avoid creating temporary files + - rust: fix bindgen build error with UBSAN_BOUNDS_STRICT + + [ Upstream Kernel Changes ] + + * Rebase to v6.5-rc2 + + -- Andrea Righi Tue, 18 Jul 2023 10:14:14 +0200 + +linux-unstable (6.5.0-1.1) mantic; urgency=medium + + * mantic/linux-unstable: 6.5.0-1.1 -proposed tracker (LP: #2026689) + + * CVE-2023-31248 + - netfilter: nf_tables: do not ignore genmask when looking up chain by id + + * CVE-2023-35001 + - netfilter: nf_tables: prevent OOB access in nft_byteorder_eval + + * HDMI output with More than one child device for port B in VBT error + (LP: #2025195) + - SAUCE: drm/i915/quirks: Add multiple VBT quirk for HP ZBook Power G10 + + * CVE-2023-2640 // CVE-2023-32629 + - SAUCE: overlayfs: default to userxattr when mounted from non initial user + namespace + + * Packaging resync (LP: #1786013) + - [Packaging] resync update-dkms-versions helper + + * enable Rust support in the kernel (LP: #2007654) + - SAUCE: btf, scripts: rust: drop is_rust_module.sh + - [Packaging] add rust dependencies + + * CVE-2023-2612 + - SAUCE: shiftfs: prevent lock unbalance in shiftfs_create_object() + + * Miscellaneous Ubuntu changes + - SAUCE: shiftfs: support linux 6.5 + - [Config] update annotations after rebase to v6.5-rc1 + - [Config] temporarily disable Rust + + [ Upstream Kernel Changes ] + + * Rebase to v6.5-rc1 + + -- Andrea Righi Mon, 10 Jul 2023 09:15:26 +0200 + +linux-unstable (6.5.0-0.0) mantic; urgency=medium + + * Empty entry + + -- Andrea Righi Wed, 05 Jul 2023 12:48:39 +0200 + +linux-unstable (6.4.0-8.8) mantic; urgency=medium + + * mantic/linux-unstable: 6.4.0-8.8 -proposed tracker (LP: #2025018) + + * Miscellaneous Ubuntu changes + - [Config] update toolchain version (gcc) in annotations + + [ Upstream Kernel Changes ] + + * Rebase to v6.4 + + -- Andrea Righi Mon, 26 Jun 2023 09:14:02 +0200 + +linux-unstable (6.4.0-7.7) mantic; urgency=medium + + * mantic/linux-unstable: 6.4.0-7.7 -proposed tracker (LP: #2024338) + + [ Upstream Kernel Changes ] + + * Rebase to v6.4-rc7 + + -- Andrea Righi Mon, 19 Jun 2023 08:51:27 +0200 + +linux-unstable (6.4.0-6.6) mantic; urgency=medium + + * mantic/linux-unstable: 6.4.0-6.6 -proposed tracker (LP: #2023966) + + * Packaging resync (LP: #1786013) + - [Packaging] update annotations scripts + + * enable multi-gen LRU by default (LP: #2023629) + - [Config] enable multi-gen LRU by default + + * Fix Monitor lost after replug WD19TBS to SUT port with VGA/DVI to type-C + dongle (LP: #2021949) + - thunderbolt: Do not touch CL state configuration during discovery + - thunderbolt: Increase DisplayPort Connection Manager handshake timeout + + * Neuter signing tarballs (LP: #2012776) + - [Packaging] remove the signing tarball support + + * Enable Tracing Configs for OSNOISE and TIMERLAT (LP: #2018591) + - [Config] Enable OSNOISE_TRACER and TIMERLAT_TRACER configs + + * Miscellaneous Ubuntu changes + - [Config] Add CONFIG_AS_HAS_NON_CONST_LEB128 on riscv64 + - [Packaging] introduce do_lib_rust and enable it only on generic amd64 + - [Config] update annotations after rebase to v6.4-rc6 + + [ Upstream Kernel Changes ] + + * Rebase to v6.4-rc6 + + -- Andrea Righi Thu, 15 Jun 2023 20:11:07 +0200 + +linux-unstable (6.4.0-5.5) mantic; urgency=medium + + * mantic/linux-unstable: 6.4.0-5.5 -proposed tracker (LP: #2022886) + + * Miscellaneous Ubuntu changes + - [Packaging] update getabis to support linux-unstable + - UBUNTU [Config]: disable hibernation on riscv64 + + [ Upstream Kernel Changes ] + + * Rebase to v6.4-rc5 + + -- Andrea Righi Tue, 06 Jun 2023 08:18:01 +0200 + +linux-unstable (6.4.0-4.4) mantic; urgency=medium + + * mantic/linux-unstable: 6.4.0-4.4 -proposed tracker (LP: #2021597) + + * Miscellaneous Ubuntu changes + - [Config] udpate annotations after rebase to v6.4-rc4 + + -- Andrea Righi Tue, 30 May 2023 11:55:41 +0200 + +linux-unstable (6.4.0-3.3) mantic; urgency=medium + + * mantic/linux-unstable: 6.4.0-3.3 -proposed tracker (LP: #2021497) + + * Packaging resync (LP: #1786013) + - [Packaging] resync git-ubuntu-log + - [Packaging] resync getabis + + * support python < 3.9 with annotations (LP: #2020531) + - [Packaging] kconfig/annotations.py: support older way of merging dicts + + * generate linux-lib-rust only on amd64 (LP: #2020356) + - [Packaging] generate linux-lib-rust only on amd64 + + * Miscellaneous Ubuntu changes + - [Packaging] annotations: never drop configs that have notes different than + the parent + - [Config] drop CONFIG_SMBFS_COMMON from annotations + - [Packaging] perf: build without libtraceevent + + [ Upstream Kernel Changes ] + + * Rebase to v6.4-rc4 + + -- Andrea Righi Tue, 30 May 2023 08:38:10 +0200 + +linux-unstable (6.4.0-2.2) mantic; urgency=medium + + * mantic/linux-unstable: 6.4.0-2.2 -proposed tracker (LP: #2020330) + + * Computer with Intel Atom CPU will not boot with Kernel 6.2.0-20 + (LP: #2017444) + - [Config]: Disable CONFIG_INTEL_ATOMISP + + * Fix NVME storage with RAID ON disappeared under Dell factory WINPE + environment (LP: #2011768) + - SAUCE: PCI: vmd: Reset VMD config register between soft reboots + + * Miscellaneous Ubuntu changes + - [Packaging] Drop support of old config handling + - [Config] update annotations after rebase to v6.4-rc3 + + [ Upstream Kernel Changes ] + + * Rebase to v6.4-rc3 + + -- Andrea Righi Mon, 22 May 2023 11:22:14 +0200 + +linux-unstable (6.4.0-1.1) mantic; urgency=medium + + * mantic/linux-unstable: 6.4.0-1.1 -proposed tracker (LP: #2019965) + + * Packaging resync (LP: #1786013) + - [Packaging] update variants + - [Packaging] update helper scripts + + * Kernel 6.1 bumped the disk consumption on default images by 15% + (LP: #2015867) + - [Packaging] introduce a separate linux-lib-rust package + + * Miscellaneous Ubuntu changes + - [Config] enable CONFIG_BLK_DEV_UBLK on amd64 + - [Packaging] annotations: use python3 in the shebang + - SAUCE: blk-throttle: Fix io statistics for cgroup v1 + - [Packaging] move to v6.4 and rename to linux-unstable + - [Config] update annotations after rebase to v6.4-rc1 + - [Packaging] temporarily disable perf + - [Packaging] temporarily disable bpftool + - [Config] ppc64el: reduce CONFIG_ARCH_FORCE_MAX_ORDER from 9 to 8 + - SAUCE: perf: explicitly disable libtraceevent + + [ Upstream Kernel Changes ] + + * Rebase to v6.4-rc2 + + -- Andrea Righi Thu, 18 May 2023 07:34:09 +0200 + +linux-unstable (6.4.0-0.0) mantic; urgency=medium + + * Empty entry + + -- Andrea Righi Wed, 17 May 2023 15:29:25 +0200 + +linux-unstable (6.3.0-2.2) lunar; urgency=medium + + * lunar/linux-unstable: 6.3.0-2.2 -proposed tracker (LP: #2017788) + + * Miscellaneous Ubuntu changes + - [Packaging] move python3-dev to build-depends + + -- Andrea Righi Wed, 26 Apr 2023 21:52:12 +0200 + +linux-unstable (6.3.0-1.1) lunar; urgency=medium + + * lunar/linux-unstable: 6.3.0-1.1 -proposed tracker (LP: #2017776) + + * RFC: virtio and virtio-scsi should be built in (LP: #1685291) + - [Config] Mark CONFIG_SCSI_VIRTIO built-in + + * Debian autoreconstruct Fix restoration of execute permissions (LP: #2015498) + - [Debian] autoreconstruct - fix restoration of execute permissions + + * [SRU][Jammy] CONFIG_PCI_MESON is not enabled (LP: #2007745) + - [Config] arm64: Enable PCI_MESON module + + * vmd may fail to create sysfs entry while `pci_rescan_bus()` called in some + other drivers like wwan (LP: #2011389) + - SAUCE: PCI: vmd: guard device addition and removal + + * Lunar update: v6.2.9 upstream stable release (LP: #2016877) + - [Config] ppc64: updateconfigs following v6.2.9 stable updates + + * Lunar update: v6.2.8 upstream stable release (LP: #2016876) + - [Config] ppc64: updateconfigs following v6.2.8 stable updates + + * Miscellaneous Ubuntu changes + - [Packaging] Move final-checks script to debian/scripts/checks + - [Packaging] checks/final-checks: Honor 'do_skip_checks' + - [Packaging] Drop wireguard DKMS + - [Packaging] Remove update-version-dkms + - [Packaging] debian/rules: Add DKMS info to 'printenv' output + - [Packaging] ignore KBUILD_VERBOSE in arch-has-odm-enabled.sh + - SAUCE: shiftfs: support linux 6.3 + - [Packaging] move to v6.3 and rename to linux-unstable + - [Config] latency-related optimizations + - [Config] update annotations after rebase to v6.3 + - [Packaging] temporarily disable dkms + + [ Upstream Kernel Changes ] + + * Rebase to v6.3 + + -- Andrea Righi Wed, 26 Apr 2023 14:53:52 +0200 + +linux-unstable (6.3.0-0.0) lunar; urgency=medium + + * Empty entry + + -- Andrea Righi Tue, 25 Apr 2023 10:24:12 +0200 + +linux (6.2.0-21.21) lunar; urgency=medium + + * lunar/linux: 6.2.0-21.21 -proposed tracker (LP: #2016249) + + * efivarfs:efivarfs.sh in ubuntu_kernel_selftests crash L-6.2 ARM64 node + dazzle (rcu_preempt detected stalls) (LP: #2015741) + - efi/libstub: smbios: Use length member instead of record struct size + - arm64: efi: Use SMBIOS processor version to key off Ampere quirk + - efi/libstub: smbios: Drop unused 'recsize' parameter + + * Miscellaneous Ubuntu changes + - SAUCE: selftests/bpf: ignore pointer types check with clang + - SAUCE: selftests/bpf: avoid conflicting data types in profiler.inc.h + - [Packaging] get rid of unnecessary artifacts in linux-headers + + * Miscellaneous upstream changes + - Revert "UBUNTU: SAUCE: Revert "efi: random: refresh non-volatile random seed + when RNG is initialized"" + - Revert "UBUNTU: SAUCE: Revert "efi: random: fix NULL-deref when refreshing + seed"" + + -- Andrea Righi Fri, 14 Apr 2023 12:11:49 +0200 + +linux (6.2.0-20.20) lunar; urgency=medium + + * lunar/linux: 6.2.0-20.20 -proposed tracker (LP: #2015429) + + * Packaging resync (LP: #1786013) + - debian/dkms-versions -- update from kernel-versions (main/master) + + * FTBFS with different dkms or when makeflags are set (LP: #2015361) + - [Packaging] FTBFS with different dkms or when makeflags are set + + * expoline.o is packaged unconditionally for s390x (LP: #2013209) + - [Packaging] Copy expoline.o only when produced by the build + + * net:l2tp.sh failure with lunar:linux 6.2 (LP: #2013014) + - SAUCE: l2tp: generate correct module alias strings + + * Miscellaneous Ubuntu changes + - [Packaging] annotations: prevent duplicate include lines + + -- Andrea Righi Thu, 06 Apr 2023 08:33:14 +0200 + +linux (6.2.0-19.19) lunar; urgency=medium + + * lunar/linux: 6.2.0-19.19 -proposed tracker (LP: #2012488) + + * Neuter signing tarballs (LP: #2012776) + - [Packaging] neuter the signing tarball + + * LSM stacking and AppArmor refresh for 6.2 kernel (LP: #2012136) + - Revert "UBUNTU: [Config] define CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS" + - Revert "UBUNTU: SAUCE: apparmor: add user namespace creation mediation" + - Revert "UBUNTU: SAUCE: apparmor: Add fine grained mediation of posix + mqueues" + - Revert "UBUNTU: SAUCE: Revert "apparmor: make __aa_path_perm() static"" + - Revert "UBUNTU: SAUCE: LSM: Specify which LSM to display (using struct cred + as input)" + - Revert "UBUNTU: SAUCE: apparmor: Fix build error, make sk parameter const" + - Revert "UBUNTU: SAUCE: LSM: Use lsmblob in smk_netlbl_mls()" + - Revert "UBUNTU: SAUCE: LSM: change ima_read_file() to use lsmblob" + - Revert "UBUNTU: SAUCE: apparmor: rename kzfree() to kfree_sensitive()" + - Revert "UBUNTU: SAUCE: AppArmor: Remove the exclusive flag" + - Revert "UBUNTU: SAUCE: LSM: Add /proc attr entry for full LSM context" + - Revert "UBUNTU: SAUCE: Audit: Fix incorrect static inline function + declration." + - Revert "UBUNTU: SAUCE: Audit: Fix for missing NULL check" + - Revert "UBUNTU: SAUCE: Audit: Add a new record for multiple object LSM + attributes" + - Revert "UBUNTU: SAUCE: Audit: Add new record for multiple process LSM + attributes" + - Revert "UBUNTU: SAUCE: NET: Store LSM netlabel data in a lsmblob" + - Revert "UBUNTU: SAUCE: LSM: security_secid_to_secctx in netlink netfilter" + - Revert "UBUNTU: SAUCE: LSM: Use lsmcontext in security_inode_getsecctx" + - Revert "UBUNTU: SAUCE: LSM: Use lsmcontext in security_secid_to_secctx" + - Revert "UBUNTU: SAUCE: LSM: Ensure the correct LSM context releaser" + - Revert "UBUNTU: SAUCE: LSM: Specify which LSM to display" + - Revert "UBUNTU: SAUCE: IMA: Change internal interfaces to use lsmblobs" + - Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_cred_getsecid" + - Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_inode_getsecid" + - Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_task_getsecid" + - Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_ipc_getsecid" + - Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_secid_to_secctx" + - Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_secctx_to_secid" + - Revert "UBUNTU: SAUCE: net: Prepare UDS for security module stacking" + - Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_kernel_act_as" + - Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_audit_rule_match" + - Revert "UBUNTU: SAUCE: LSM: Create and manage the lsmblob data structure." + - Revert "UBUNTU: SAUCE: LSM: Infrastructure management of the sock security" + - Revert "UBUNTU: SAUCE: apparmor: LSM stacking: switch from SK_CTX() to + aa_sock()" + - Revert "UBUNTU: SAUCE: apparmor: rename aa_sock() to aa_unix_sk()" + - Revert "UBUNTU: SAUCE: apparmor: disable showing the mode as part of a secid + to secctx" + - Revert "UBUNTU: SAUCE: apparmor: fix use after free in sk_peer_label" + - Revert "UBUNTU: SAUCE: apparmor: af_unix mediation" + - Revert "UBUNTU: SAUCE: apparmor: patch to provide compatibility with v2.x + net rules" + - Revert "UBUNTU: SAUCE: apparmor: add/use fns to print hash string hex value" + - SAUCE: apparmor: rename SK_CTX() to aa_sock and make it an inline fn + - SAUCE: apparmor: Add sysctls for additional controls of unpriv userns + restrictions + - SAUCE: Stacking v38: LSM: Identify modules by more than name + - SAUCE: Stacking v38: LSM: Add an LSM identifier for external use + - SAUCE: Stacking v38: LSM: Identify the process attributes for each module + - SAUCE: Stacking v38: LSM: Maintain a table of LSM attribute data + - SAUCE: Stacking v38: proc: Use lsmids instead of lsm names for attrs + - SAUCE: Stacking v38: integrity: disassociate ima_filter_rule from + security_audit_rule + - SAUCE: Stacking v38: LSM: Infrastructure management of the sock security + - SAUCE: Stacking v38: LSM: Add the lsmblob data structure. + - SAUCE: Stacking v38: LSM: provide lsm name and id slot mappings + - SAUCE: Stacking v38: IMA: avoid label collisions with stacked LSMs + - SAUCE: Stacking v38: LSM: Use lsmblob in security_audit_rule_match + - SAUCE: Stacking v38: LSM: Use lsmblob in security_kernel_act_as + - SAUCE: Stacking v38: LSM: Use lsmblob in security_secctx_to_secid + - SAUCE: Stacking v38: LSM: Use lsmblob in security_secid_to_secctx + - SAUCE: Stacking v38: LSM: Use lsmblob in security_ipc_getsecid + - SAUCE: Stacking v38: LSM: Use lsmblob in security_current_getsecid + - SAUCE: Stacking v38: LSM: Use lsmblob in security_inode_getsecid + - SAUCE: Stacking v38: LSM: Use lsmblob in security_cred_getsecid + - SAUCE: Stacking v38: LSM: Specify which LSM to display + - SAUCE: Stacking v38: LSM: Ensure the correct LSM context releaser + - SAUCE: Stacking v38: LSM: Use lsmcontext in security_secid_to_secctx + - SAUCE: Stacking v38: LSM: Use lsmcontext in security_inode_getsecctx + - SAUCE: Stacking v38: Use lsmcontext in security_dentry_init_security + - SAUCE: Stacking v38: LSM: security_secid_to_secctx in netlink netfilter + - SAUCE: Stacking v38: NET: Store LSM netlabel data in a lsmblob + - SAUCE: Stacking v38: binder: Pass LSM identifier for confirmation + - SAUCE: Stacking v38: LSM: security_secid_to_secctx module selection + - SAUCE: Stacking v38: Audit: Keep multiple LSM data in audit_names + - SAUCE: Stacking v38: Audit: Create audit_stamp structure + - SAUCE: Stacking v38: LSM: Add a function to report multiple LSMs + - SAUCE: Stacking v38: Audit: Allow multiple records in an audit_buffer + - SAUCE: Stacking v38: Audit: Add record for multiple task security contexts + - SAUCE: Stacking v38: audit: multiple subject lsm values for netlabel + - SAUCE: Stacking v38: Audit: Add record for multiple object contexts + - SAUCE: Stacking v38: netlabel: Use a struct lsmblob in audit data + - SAUCE: Stacking v38: LSM: Removed scaffolding function lsmcontext_init + - SAUCE: Stacking v38: AppArmor: Remove the exclusive flag + - SAUCE: apparmor: combine common_audit_data and apparmor_audit_data + - SAUCE: apparmor: setup slab cache for audit data + - SAUCE: apparmor: rename audit_data->label to audit_data->subj_label + - SAUCE: apparmor: pass cred through to audit info. + - SAUCE: apparmor: Improve debug print infrastructure + - SAUCE: apparmor: add the ability for profiles to have a learning cache + - SAUCE: apparmor: enable userspace upcall for mediation + - SAUCE: apparmor: cache buffers on percpu list if there is lock contention + - SAUCE: apparmor: fix policy_compat permission remap with extended + permissions + - SAUCE: apparmor: advertise availability of exended perms + - [Config] define CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS + + * kinetic: apply new apparmor and LSM stacking patch set (LP: #1989983) // LSM + stacking and AppArmor refresh for 6.2 kernel (LP: #2012136) + - SAUCE: apparmor: add/use fns to print hash string hex value + - SAUCE: apparmor: patch to provide compatibility with v2.x net rules + - SAUCE: apparmor: add user namespace creation mediation + - SAUCE: apparmor: af_unix mediation + - SAUCE: apparmor: Add fine grained mediation of posix mqueues + + * devlink_port_split from ubuntu_kernel_selftests.net fails on hirsute + (KeyError: 'flavour') (LP: #1937133) + - selftests: net: devlink_port_split.py: skip test if no suitable device + available + + * NFS deathlock with last Kernel 5.4.0-144.161 and 5.15.0-67.74 (LP: #2009325) + - NFS: Correct timing for assigning access cache timestamp + + -- Andrea Righi Sat, 25 Mar 2023 07:37:30 +0100 + +linux (6.2.0-18.18) lunar; urgency=medium + + * lunar/linux: 6.2.0-18.18 -proposed tracker (LP: #2011750) + + * lunar/linux 6.2 fails to boot on arm64 (LP: #2011748) + - SAUCE: Revert "efi: random: fix NULL-deref when refreshing seed" + - SAUCE: Revert "efi: random: refresh non-volatile random seed when RNG is + initialized" + + -- Andrea Righi Wed, 15 Mar 2023 23:54:18 +0100 + +linux (6.2.0-17.17) lunar; urgency=medium + + * lunar/linux: 6.2.0-17.17 -proposed tracker (LP: #2011593) + + * lunar/linux 6.2 fails to boot on ppc64el (LP: #2011413) + - SAUCE: Revert "powerpc: remove STACK_FRAME_OVERHEAD" + - SAUCE: Revert "powerpc/pseries: hvcall stack frame overhead" + + * Speaker / Audio/Mic mute LED don't work on a HP platform (LP: #2011379) + - SAUCE: ALSA: hda/realtek: fix speaker, mute/micmute LEDs not work on a HP + platform + + * Some QHD panels fail to refresh when PSR2 enabled (LP: #2009014) + - SAUCE: drm/i915/psr: Use calculated io and fast wake lines + + * Lunar update: v6.2.6 upstream stable release (LP: #2011431) + - tpm: disable hwrng for fTPM on some AMD designs + - wifi: cfg80211: Partial revert "wifi: cfg80211: Fix use after free for wext" + - staging: rtl8192e: Remove function ..dm_check_ac_dc_power calling a script + - staging: rtl8192e: Remove call_usermodehelper starting RadioPower.sh + - Linux 6.2.6 + + * Lunar update: v6.2.5 upstream stable release (LP: #2011430) + - net/sched: Retire tcindex classifier + - auxdisplay: hd44780: Fix potential memory leak in hd44780_remove() + - fs/jfs: fix shift exponent db_agl2size negative + - driver: soc: xilinx: fix memory leak in xlnx_add_cb_for_notify_event() + - f2fs: don't rely on F2FS_MAP_* in f2fs_iomap_begin + - f2fs: fix to avoid potential deadlock + - objtool: Fix memory leak in create_static_call_sections() + - soc: mediatek: mtk-pm-domains: Allow mt8186 ADSP default power on + - soc: qcom: socinfo: Fix soc_id order + - memory: renesas-rpc-if: Split-off private data from struct rpcif + - memory: renesas-rpc-if: Move resource acquisition to .probe() + - soc: mediatek: mtk-svs: Enable the IRQ later + - pwm: sifive: Always let the first pwm_apply_state succeed + - pwm: stm32-lp: fix the check on arr and cmp registers update + - f2fs: introduce trace_f2fs_replace_atomic_write_block + - f2fs: clear atomic_write_task in f2fs_abort_atomic_write() + - soc: mediatek: mtk-svs: restore default voltages when svs_init02() fail + - soc: mediatek: mtk-svs: reset svs when svs_resume() fail + - soc: mediatek: mtk-svs: Use pm_runtime_resume_and_get() in svs_init01() + - f2fs: fix to do sanity check on extent cache correctly + - fs: f2fs: initialize fsdata in pagecache_write() + - f2fs: allow set compression option of files without blocks + - f2fs: fix to abort atomic write only during do_exist() + - um: vector: Fix memory leak in vector_config + - ubi: ensure that VID header offset + VID header size <= alloc, size + - ubifs: Fix build errors as symbol undefined + - ubifs: Fix memory leak in ubifs_sysfs_init() + - ubifs: Rectify space budget for ubifs_symlink() if symlink is encrypted + - ubifs: Rectify space budget for ubifs_xrename() + - ubifs: Fix wrong dirty space budget for dirty inode + - ubifs: do_rename: Fix wrong space budget when target inode's nlink > 1 + - ubifs: Reserve one leb for each journal head while doing budget + - ubi: Fix use-after-free when volume resizing failed + - ubi: Fix unreferenced object reported by kmemleak in ubi_resize_volume() + - ubifs: Fix memory leak in alloc_wbufs() + - ubi: Fix possible null-ptr-deref in ubi_free_volume() + - ubifs: Re-statistic cleaned znode count if commit failed + - ubifs: dirty_cow_znode: Fix memleak in error handling path + - ubifs: ubifs_writepage: Mark page dirty after writing inode failed + - ubifs: ubifs_releasepage: Remove ubifs_assert(0) to valid this process + - ubi: fastmap: Fix missed fm_anchor PEB in wear-leveling after disabling + fastmap + - ubi: Fix UAF wear-leveling entry in eraseblk_count_seq_show() + - ubi: ubi_wl_put_peb: Fix infinite loop when wear-leveling work failed + - f2fs: fix to handle F2FS_IOC_START_ATOMIC_REPLACE in f2fs_compat_ioctl() + - f2fs: fix to avoid potential memory corruption in __update_iostat_latency() + - f2fs: fix to update age extent correctly during truncation + - f2fs: fix to update age extent in f2fs_do_zero_range() + - soc: qcom: stats: Populate all subsystem debugfs files + - f2fs: introduce IS_F2FS_IPU_* macro + - f2fs: fix to set ipu policy + - ext4: use ext4_fc_tl_mem in fast-commit replay path + - ext4: don't show commit interval if it is zero + - netfilter: nf_tables: allow to fetch set elements when table has an owner + - x86: um: vdso: Add '%rcx' and '%r11' to the syscall clobber list + - um: virtio_uml: free command if adding to virtqueue failed + - um: virtio_uml: mark device as unregistered when breaking it + - um: virtio_uml: move device breaking into workqueue + - um: virt-pci: properly remove PCI device from bus + - f2fs: synchronize atomic write aborts + - watchdog: rzg2l_wdt: Issue a reset before we put the PM clocks + - watchdog: rzg2l_wdt: Handle TYPE-B reset for RZ/V2M + - watchdog: at91sam9_wdt: use devm_request_irq to avoid missing free_irq() in + error path + - watchdog: Fix kmemleak in watchdog_cdev_register + - watchdog: pcwd_usb: Fix attempting to access uninitialized memory + - watchdog: sbsa_wdog: Make sure the timeout programming is within the limits + - netfilter: ctnetlink: fix possible refcount leak in + ctnetlink_create_conntrack() + - netfilter: conntrack: fix rmmod double-free race + - netfilter: ip6t_rpfilter: Fix regression with VRF interfaces + - netfilter: ebtables: fix table blob use-after-free + - netfilter: xt_length: use skb len to match in length_mt6 + - netfilter: ctnetlink: make event listener tracking global + - netfilter: x_tables: fix percpu counter block leak on error path when + creating new netns + - swiotlb: mark swiotlb_memblock_alloc() as __init + - ptp: vclock: use mutex to fix "sleep on atomic" bug + - drm/i915: move a Kconfig symbol to unbreak the menu presentation + - ipv6: Add lwtunnel encap size of all siblings in nexthop calculation + - drm/i915/xelpmp: Consider GSI offset when doing MCR lookups + - octeontx2-pf: Recalculate UDP checksum for ptp 1-step sync packet + - net: sunhme: Fix region request + - sctp: add a refcnt in sctp_stream_priorities to avoid a nested loop + - octeontx2-pf: Use correct struct reference in test condition + - net: fix __dev_kfree_skb_any() vs drop monitor + - 9p/xen: fix version parsing + - 9p/xen: fix connection sequence + - 9p/rdma: unmap receive dma buffer in rdma_request()/post_recv() + - spi: tegra210-quad: Fix validate combined sequence + - mlx5: fix skb leak while fifo resync and push + - mlx5: fix possible ptp queue fifo use-after-free + - net/mlx5: ECPF, wait for VF pages only after disabling host PFs + - net/mlx5e: Verify flow_source cap before using it + - net/mlx5: Geneve, Fix handling of Geneve object id as error code + - ext4: fix incorrect options show of original mount_opt and extend mount_opt2 + - nfc: fix memory leak of se_io context in nfc_genl_se_io + - net/sched: transition act_pedit to rcu and percpu stats + - net/sched: act_pedit: fix action bind logic + - net/sched: act_mpls: fix action bind logic + - net/sched: act_sample: fix action bind logic + - net: dsa: seville: ignore mscc-miim read errors from Lynx PCS + - net: dsa: felix: fix internal MDIO controller resource length + - ARM: dts: aspeed: p10bmc: Update battery node name + - ARM: dts: spear320-hmi: correct STMPE GPIO compatible + - tcp: tcp_check_req() can be called from process context + - vc_screen: modify vcs_size() handling in vcs_read() + - spi: tegra210-quad: Fix iterator outside loop + - rtc: sun6i: Always export the internal oscillator + - genirq/ipi: Fix NULL pointer deref in irq_data_get_affinity_mask() + - scsi: ipr: Work around fortify-string warning + - scsi: mpi3mr: Fix an issue found by KASAN + - scsi: mpi3mr: Use number of bits to manage bitmap sizes + - rtc: allow rtc_read_alarm without read_alarm callback + - io_uring: fix size calculation when registering buf ring + - loop: loop_set_status_from_info() check before assignment + - ASoC: adau7118: don't disable regulators on device unbind + - ASoC: apple: mca: Fix final status read on SERDES reset + - ASoC: apple: mca: Fix SERDES reset sequence + - ASoC: apple: mca: Improve handling of unavailable DMA channels + - nvme: bring back auto-removal of deleted namespaces during sequential scan + - nvme-tcp: don't access released socket during error recovery + - nvme-fabrics: show well known discovery name + - ASoC: zl38060 add gpiolib dependency + - ASoC: mediatek: mt8195: add missing initialization + - thermal: intel: quark_dts: fix error pointer dereference + - thermal: intel: BXT_PMIC: select REGMAP instead of depending on it + - cpufreq: apple-soc: Fix an IS_ERR() vs NULL check + - tracing: Add NULL checks for buffer in ring_buffer_free_read_page() + - kernel/printk/index.c: fix memory leak with using debugfs_lookup() + - firmware/efi sysfb_efi: Add quirk for Lenovo IdeaPad Duet 3 + - bootconfig: Increase max nodes of bootconfig from 1024 to 8192 for DCC + support + - mfd: arizona: Use pm_runtime_resume_and_get() to prevent refcnt leak + - IB/hfi1: Update RMT size calculation + - iommu: Remove deferred attach check from __iommu_detach_device() + - PCI/ACPI: Account for _S0W of the target bridge in acpi_pci_bridge_d3() + - media: uvcvideo: Remove format descriptions + - media: uvcvideo: Handle cameras with invalid descriptors + - media: uvcvideo: Handle errors from calls to usb_string + - media: uvcvideo: Quirk for autosuspend in Logitech B910 and C910 + - media: uvcvideo: Silence memcpy() run-time false positive warnings + - USB: fix memory leak with using debugfs_lookup() + - cacheinfo: Fix shared_cpu_map to handle shared caches at different levels + - usb: fotg210: List different variants + - dt-bindings: usb: Add device id for Genesys Logic hub controller + - staging: emxx_udc: Add checks for dma_alloc_coherent() + - tty: fix out-of-bounds access in tty_driver_lookup_tty() + - tty: serial: fsl_lpuart: disable the CTS when send break signal + - serial: sc16is7xx: setup GPIO controller later in probe + - mei: bus-fixup:upon error print return values of send and receive + - tools/iio/iio_utils:fix memory leak + - bus: mhi: ep: Fix the debug message for MHI_PKT_TYPE_RESET_CHAN_CMD cmd + - iio: accel: mma9551_core: Prevent uninitialized variable in + mma9551_read_status_word() + - iio: accel: mma9551_core: Prevent uninitialized variable in + mma9551_read_config_word() + - media: uvcvideo: Add GUID for BGRA/X 8:8:8:8 + - soundwire: bus_type: Avoid lockdep assert in sdw_drv_probe() + - PCI/portdrv: Prevent LS7A Bus Master clearing on shutdown + - PCI: loongson: Prevent LS7A MRRS increases + - staging: pi433: fix memory leak with using debugfs_lookup() + - USB: dwc3: fix memory leak with using debugfs_lookup() + - USB: chipidea: fix memory leak with using debugfs_lookup() + - USB: ULPI: fix memory leak with using debugfs_lookup() + - USB: uhci: fix memory leak with using debugfs_lookup() + - USB: sl811: fix memory leak with using debugfs_lookup() + - USB: fotg210: fix memory leak with using debugfs_lookup() + - USB: isp116x: fix memory leak with using debugfs_lookup() + - USB: isp1362: fix memory leak with using debugfs_lookup() + - USB: gadget: gr_udc: fix memory leak with using debugfs_lookup() + - USB: gadget: bcm63xx_udc: fix memory leak with using debugfs_lookup() + - USB: gadget: lpc32xx_udc: fix memory leak with using debugfs_lookup() + - USB: gadget: pxa25x_udc: fix memory leak with using debugfs_lookup() + - USB: gadget: pxa27x_udc: fix memory leak with using debugfs_lookup() + - usb: host: xhci: mvebu: Iterate over array indexes instead of using pointer + math + - USB: ene_usb6250: Allocate enough memory for full object + - usb: uvc: Enumerate valid values for color matching + - usb: gadget: uvc: Make bSourceID read/write + - PCI: Align extra resources for hotplug bridges properly + - PCI: Take other bus devices into account when distributing resources + - PCI: Distribute available resources for root buses, too + - tty: pcn_uart: fix memory leak with using debugfs_lookup() + - misc: vmw_balloon: fix memory leak with using debugfs_lookup() + - drivers: base: component: fix memory leak with using debugfs_lookup() + - drivers: base: dd: fix memory leak with using debugfs_lookup() + - kernel/fail_function: fix memory leak with using debugfs_lookup() + - PCI: loongson: Add more devices that need MRRS quirk + - PCI: Add ACS quirk for Wangxun NICs + - PCI: pciehp: Add Qualcomm quirk for Command Completed erratum + - phy: rockchip-typec: Fix unsigned comparison with less than zero + - RDMA/cma: Distinguish between sockaddr_in and sockaddr_in6 by size + - soundwire: cadence: Remove wasted space in response_buf + - soundwire: cadence: Drain the RX FIFO after an IO timeout + - eth: fealnx: bring back this old driver + - net: tls: avoid hanging tasks on the tx_lock + - x86/resctl: fix scheduler confusion with 'current' + - vDPA/ifcvf: decouple hw features manipulators from the adapter + - vDPA/ifcvf: decouple config space ops from the adapter + - vDPA/ifcvf: alloc the mgmt_dev before the adapter + - vDPA/ifcvf: decouple vq IRQ releasers from the adapter + - vDPA/ifcvf: decouple config IRQ releaser from the adapter + - vDPA/ifcvf: decouple vq irq requester from the adapter + - vDPA/ifcvf: decouple config/dev IRQ requester and vectors allocator from the + adapter + - vDPA/ifcvf: ifcvf_request_irq works on ifcvf_hw + - vDPA/ifcvf: manage ifcvf_hw in the mgmt_dev + - vDPA/ifcvf: allocate the adapter in dev_add() + - drm/display/dp_mst: Add drm_atomic_get_old_mst_topology_state() + - drm/display/dp_mst: Fix down/up message handling after sink disconnect + - drm/display/dp_mst: Fix down message handling after a packet reception error + - drm/display/dp_mst: Fix payload addition on a disconnected sink + - drm/i915/dp_mst: Add the MST topology state for modesetted CRTCs + - drm/display/dp_mst: Handle old/new payload states in drm_dp_remove_payload() + - drm/i915/dp_mst: Fix payload removal during output disabling + - drm/i915: Fix system suspend without fbdev being initialized + - media: uvcvideo: Fix race condition with usb_kill_urb + - arm64: efi: Make efi_rt_lock a raw_spinlock + - usb: gadget: uvc: fix missing mutex_unlock() if kstrtou8() fails + - Linux 6.2.5 + + * Lunar update: v6.2.4 upstream stable release (LP: #2011428) + - Revert "blk-cgroup: synchronize pd_free_fn() from blkg_free_workfn() and + blkcg_deactivate_policy()" + - Revert "blk-cgroup: dropping parent refcount after pd_free_fn() is done" + - Linux 6.2.4 + + * Lunar update: v6.2.3 upstream stable release (LP: #2011425) + - HID: asus: use spinlock to protect concurrent accesses + - HID: asus: use spinlock to safely schedule workers + - iommu/amd: Fix error handling for pdev_pri_ats_enable() + - iommu/amd: Skip attach device domain is same as new domain + - iommu/amd: Improve page fault error reporting + - iommu: Attach device group to old domain in error path + - powerpc/mm: Rearrange if-else block to avoid clang warning + - ata: ahci: Revert "ata: ahci: Add Tiger Lake UP{3,4} AHCI controller" + - ARM: OMAP2+: Fix memory leak in realtime_counter_init() + - arm64: dts: qcom: qcs404: use symbol names for PCIe resets + - arm64: dts: qcom: msm8996-tone: Fix USB taking 6 minutes to wake up + - arm64: dts: qcom: sm6115: Fix UFS node + - arm64: dts: qcom: sm6115: Provide xo clk to rpmcc + - arm64: dts: qcom: sm8150-kumano: Panel framebuffer is 2.5k instead of 4k + - arm64: dts: qcom: pmi8950: Correct rev_1250v channel label to mv + - arm64: dts: qcom: sm6350: Fix up the ramoops node + - arm64: dts: qcom: sdm670-google-sargo: keep pm660 ldo8 on + - arm64: dts: qcom: Re-enable resin on MSM8998 and SDM845 boards + - arm64: dts: qcom: sm8350-sagami: Configure SLG51000 PMIC on PDX215 + - arm64: dts: qcom: sm8350-sagami: Add GPIO line names for PMIC GPIOs + - arm64: dts: qcom: sm8350-sagami: Rectify GPIO keys + - arm64: dts: qcom: sm6350-lena: Flatten gpio-keys pinctrl state + - arm64: dts: qcom: sm6125: Reorder HSUSB PHY clocks to match bindings + - arm64: dts: qcom: sm6125-seine: Clean up gpio-keys (volume down) + - arm64: dts: imx8m: Align SoC unique ID node unit address + - ARM: zynq: Fix refcount leak in zynq_early_slcr_init + - fs: dlm: fix return value check in dlm_memory_init() + - arm64: dts: mediatek: mt8195: Add power domain to U3PHY1 T-PHY + - arm64: dts: mediatek: mt8183: Fix systimer 13 MHz clock description + - arm64: dts: mediatek: mt8192: Fix systimer 13 MHz clock description + - arm64: dts: mediatek: mt8195: Fix systimer 13 MHz clock description + - arm64: dts: mediatek: mt8186: Fix systimer 13 MHz clock description + - arm64: dts: qcom: sdm845-db845c: fix audio codec interrupt pin name + - arm64: dts: qcom: sdm845-xiaomi-beryllium: fix audio codec interrupt pin + name + - x86/acpi/boot: Do not register processors that cannot be onlined for x2APIC + - arm64: dts: qcom: sc7180: correct SPMI bus address cells + - arm64: dts: qcom: sc7280: correct SPMI bus address cells + - arm64: dts: qcom: sc8280xp: correct SPMI bus address cells + - arm64: dts: qcom: sm8450: correct Soundwire wakeup interrupt name + - arm64: dts: qcom: sdm845: make DP node follow the schema + - arm64: dts: qcom: msm8996-oneplus-common: drop vdda-supply from DSI PHY + - arm64: dts: qcom: sc8280xp: Vote for CX in USB controllers + - arm64: dts: meson-gxl: jethub-j80: Fix WiFi MAC address node + - arm64: dts: meson-gxl: jethub-j80: Fix Bluetooth MAC node name + - arm64: dts: meson-axg: jethub-j1xx: Fix MAC address node names + - arm64: dts: meson-gx: Fix Ethernet MAC address unit name + - arm64: dts: meson-g12a: Fix internal Ethernet PHY unit name + - arm64: dts: meson-gx: Fix the SCPI DVFS node name and unit address + - cpuidle, intel_idle: Fix CPUIDLE_FLAG_IRQ_ENABLE *again* + - arm64: dts: ti: k3-am62-main: Fix clocks for McSPI + - arm64: tegra: Fix duplicate regulator on Jetson TX1 + - arm64: dts: qcom: msm8992-bullhead: Fix cont_splash_mem size + - arm64: dts: qcom: msm8992-bullhead: Disable dfps_data_mem + - arm64: dts: qcom: msm8956: use SoC-specific compat for tsens + - arm64: dts: qcom: ipq8074: correct USB3 QMP PHY-s clock output names + - arm64: dts: qcom: ipq8074: fix Gen2 PCIe QMP PHY + - arm64: dts: qcom: ipq8074: fix Gen3 PCIe QMP PHY + - arm64: dts: qcom: ipq8074: correct Gen2 PCIe ranges + - arm64: dts: qcom: ipq8074: fix Gen3 PCIe node + - arm64: dts: qcom: ipq8074: correct PCIe QMP PHY output clock names + - arm64: dts: meson: remove CPU opps below 1GHz for G12A boards + - ARM: OMAP1: call platform_device_put() in error case in + omap1_dm_timer_init() + - arm64: dts: mediatek: mt8192: Mark scp_adsp clock as broken + - ARM: bcm2835_defconfig: Enable the framebuffer + - ARM: s3c: fix s3c64xx_set_timer_source prototype + - arm64: dts: ti: k3-j7200: Fix wakeup pinmux range + - ARM: dts: exynos: correct wr-active property in Exynos3250 Rinato + - ARM: imx: Call ida_simple_remove() for ida_simple_get + - arm64: dts: amlogic: meson-gx: fix SCPI clock dvfs node name + - arm64: dts: amlogic: meson-axg: fix SCPI clock dvfs node name + - arm64: dts: amlogic: meson-gx: add missing SCPI sensors compatible + - arm64: dts: amlogic: meson-axg-jethome-jethub-j1xx: fix supply name of USB + controller node + - arm64: dts: amlogic: meson-gxl-s905d-sml5442tw: drop invalid clock-names + property + - arm64: dts: amlogic: meson-gx: add missing unit address to rng node name + - arm64: dts: amlogic: meson-gxl-s905w-jethome-jethub-j80: fix invalid rtc + node name + - arm64: dts: amlogic: meson-axg-jethome-jethub-j1xx: fix invalid rtc node + name + - arm64: dts: amlogic: meson-gxl: add missing unit address to eth-phy-mux node + name + - arm64: dts: amlogic: meson-gx-libretech-pc: fix update button name + - arm64: dts: amlogic: meson-sm1-bananapi-m5: fix adc keys node names + - arm64: dts: amlogic: meson-gxl-s905d-phicomm-n1: fix led node name + - arm64: dts: amlogic: meson-gxbb-kii-pro: fix led node name + - arm64: dts: amlogic: meson-g12b-odroid-go-ultra: fix rk818 pmic properties + - arm64: dts: amlogic: meson-sm1-odroid-hc4: fix active fan thermal trip + - locking/rwsem: Disable preemption in all down_read*() and up_read() code + paths + - arm64: tegra: Mark host1x as dma-coherent on Tegra194/234 + - arm64: dts: renesas: beacon-renesom: Fix gpio expander reference + - arm64: dts: meson: radxa-zero: allow usb otg mode + - arm64: dts: meson: bananapi-m5: switch VDDIO_C pin to OPEN_DRAIN + - ARM: dts: sun8i: nanopi-duo2: Fix regulator GPIO reference + - ublk_drv: remove nr_aborted_queues from ublk_device + - ublk_drv: don't probe partitions if the ubq daemon isn't trusted + - ARM: dts: imx7s: correct iomuxc gpr mux controller cells + - sbitmap: remove redundant check in __sbitmap_queue_get_batch + - sbitmap: correct wake_batch recalculation to avoid potential IO hung + - arm64: dts: mt8195: Fix CPU map for single-cluster SoC + - arm64: dts: mt8192: Fix CPU map for single-cluster SoC + - arm64: dts: mt8186: Fix CPU map for single-cluster SoC + - arm64: dts: mediatek: mt7622: Add missing pwm-cells to pwm node + - arm64: dts: mediatek: mt8186: Fix watchdog compatible + - arm64: dts: mediatek: mt8195: Fix watchdog compatible + - arm64: dts: mediatek: mt7986: Fix watchdog compatible + - ARM: dts: stm32: Update part number NVMEM description on stm32mp131 + - arm64: dts: qcom: sm8450-nagara: Correct firmware paths + - blk-mq: avoid sleep in blk_mq_alloc_request_hctx + - blk-mq: remove stale comment for blk_mq_sched_mark_restart_hctx + - blk-mq: wait on correct sbitmap_queue in blk_mq_mark_tag_wait + - blk-mq: Fix potential io hung for shared sbitmap per tagset + - blk-mq: correct stale comment of .get_budget + - arm64: dts: qcom: msm8996: support using GPLL0 as kryocc input + - arm64: dts: qcom: msm8996 switch from RPM_SMD_BB_CLK1 to RPM_SMD_XO_CLK_SRC + - arm64: dts: qcom: sm8350: drop incorrect cells from serial + - arm64: dts: qcom: sm8450: drop incorrect cells from serial + - arm64: dts: qcom: msm8992-lg-bullhead: Correct memory overlaps with the SMEM + and MPSS memory regions + - arm64: dts: qcom: msm8953: correct TLMM gpio-ranges + - arm64: dts: qcom: sm6115: correct TLMM gpio-ranges + - arm64: dts: qcom: msm8992-lg-bullhead: Enable regulators + - s390/dasd: Fix potential memleak in dasd_eckd_init() + - io_uring,audit: don't log IORING_OP_MADVISE + - sched/rt: pick_next_rt_entity(): check list_entry + - perf/x86/intel/ds: Fix the conversion from TSC to perf time + - x86/perf/zhaoxin: Add stepping check for ZXC + - KEYS: asymmetric: Fix ECDSA use via keyctl uapi + - block: ublk: check IO buffer based on flag need_get_data + - arm64: dts: qcom: pmk8350: Use the correct PON compatible + - erofs: relinquish volume with mutex held + - block: sync mixed merged request's failfast with 1st bio's + - block: Fix io statistics for cgroup in throttle path + - block: bio-integrity: Copy flags when bio_integrity_payload is cloned + - block: use proper return value from bio_failfast() + - wifi: mt76: mt7915: add missing of_node_put() + - wifi: mt76: mt7921s: fix slab-out-of-bounds access in sdio host + - wifi: mt76: mt7915: fix mt7915_rate_txpower_get() resource leaks + - wifi: mt76: mt7996: fix insecure data handling of mt7996_mcu_ie_countdown() + - wifi: mt76: mt7996: fix insecure data handling of + mt7996_mcu_rx_radar_detected() + - wifi: mt76: mt7996: fix integer handling issue of mt7996_rf_regval_set() + - wifi: mt76: mt7915: check return value before accessing free_block_num + - wifi: mt76: mt7996: check return value before accessing free_block_num + - wifi: mt76: mt7915: drop always true condition of __mt7915_reg_addr() + - wifi: mt76: mt7996: drop always true condition of __mt7996_reg_addr() + - wifi: mt76: mt7996: fix endianness warning in mt7996_mcu_sta_he_tlv + - wifi: mt76: mt76x0: fix oob access in mt76x0_phy_get_target_power + - wifi: mt76: mt7996: fix unintended sign extension of mt7996_hw_queue_read() + - wifi: mt76: mt7915: fix unintended sign extension of mt7915_hw_queue_read() + - wifi: mt76: fix coverity uninit_use_in_call in + mt76_connac2_reverse_frag0_hdr_trans() + - wifi: mt76: mt7921: resource leaks at mt7921_check_offload_capability() + - wifi: rsi: Fix memory leak in rsi_coex_attach() + - wifi: rtlwifi: rtl8821ae: don't call kfree_skb() under spin_lock_irqsave() + - wifi: rtlwifi: rtl8188ee: don't call kfree_skb() under spin_lock_irqsave() + - wifi: rtlwifi: rtl8723be: don't call kfree_skb() under spin_lock_irqsave() + - wifi: iwlegacy: common: don't call dev_kfree_skb() under spin_lock_irqsave() + - wifi: libertas: fix memory leak in lbs_init_adapter() + - wifi: rtl8xxxu: Fix assignment to bit field priv->pi_enabled + - wifi: rtl8xxxu: Fix assignment to bit field priv->cck_agc_report_type + - wifi: rtl8xxxu: don't call dev_kfree_skb() under spin_lock_irqsave() + - wifi: rtw89: 8852c: rfk: correct DACK setting + - wifi: rtw89: 8852c: rfk: correct DPK settings + - wifi: rtlwifi: Fix global-out-of-bounds bug in + _rtl8812ae_phy_set_txpower_limit() + - libbpf: Fix single-line struct definition output in btf_dump + - libbpf: Fix btf__align_of() by taking into account field offsets + - wifi: ipw2x00: don't call dev_kfree_skb() under spin_lock_irqsave() + - wifi: ipw2200: fix memory leak in ipw_wdev_init() + - wifi: wilc1000: fix potential memory leak in wilc_mac_xmit() + - wifi: wilc1000: add missing unregister_netdev() in wilc_netdev_ifc_init() + - wifi: brcmfmac: fix potential memory leak in brcmf_netdev_start_xmit() + - wifi: brcmfmac: unmap dma buffer in brcmf_msgbuf_alloc_pktid() + - wifi: libertas_tf: don't call kfree_skb() under spin_lock_irqsave() + - wifi: libertas: if_usb: don't call kfree_skb() under spin_lock_irqsave() + - wifi: libertas: main: don't call kfree_skb() under spin_lock_irqsave() + - wifi: libertas: cmdresp: don't call kfree_skb() under spin_lock_irqsave() + - wifi: wl3501_cs: don't call kfree_skb() under spin_lock_irqsave() + - libbpf: Fix invalid return address register in s390 + - crypto: x86/ghash - fix unaligned access in ghash_setkey() + - crypto: ux500 - update debug config after ux500 cryp driver removal + - ACPICA: Drop port I/O validation for some regions + - genirq: Fix the return type of kstat_cpu_irqs_sum() + - rcu-tasks: Improve comments explaining tasks_rcu_exit_srcu purpose + - rcu-tasks: Remove preemption disablement around srcu_read_[un]lock() calls + - rcu-tasks: Fix synchronize_rcu_tasks() VS zap_pid_ns_processes() + - lib/mpi: Fix buffer overrun when SG is too long + - crypto: ccp - Avoid page allocation failure warning for SEV_GET_ID2 + - platform/chrome: cros_ec_typec: Update port DP VDO + - ACPICA: nsrepair: handle cases without a return value correctly + - libbpf: Fix map creation flags sanitization + - bpf_doc: Fix build error with older python versions + - selftests/xsk: print correct payload for packet dump + - selftests/xsk: print correct error codes when exiting + - arm64/cpufeature: Fix field sign for DIT hwcap detection + - arm64/sysreg: Fix errors in 32 bit enumeration values + - kselftest/arm64: Fix syscall-abi for systems without 128 bit SME + - workqueue: Protects wq_unbound_cpumask with wq_pool_attach_mutex + - s390/early: fix sclp_early_sccb variable lifetime + - s390/vfio-ap: fix an error handling path in vfio_ap_mdev_probe_queue() + - x86/signal: Fix the value returned by strict_sas_size() + - thermal/drivers/tsens: Drop msm8976-specific defines + - thermal/drivers/tsens: Sort out msm8976 vs msm8956 data + - thermal/drivers/tsens: fix slope values for msm8939 + - thermal/drivers/tsens: limit num_sensors to 9 for msm8939 + - wifi: rtw89: fix potential leak in rtw89_append_probe_req_ie() + - wifi: rtw89: Add missing check for alloc_workqueue + - wifi: rtl8xxxu: Fix memory leaks with RTL8723BU, RTL8192EU + - wifi: orinoco: check return value of hermes_write_wordrec() + - wifi: rtw88: Use rtw_iterate_vifs() for rtw_vif_watch_dog_iter() + - wifi: rtw88: Use non-atomic sta iterator in rtw_ra_mask_info_update() + - thermal/drivers/imx_sc_thermal: Fix the loop condition + - wifi: ath9k: htc_hst: free skb in ath9k_htc_rx_msg() if there is no callback + function + - wifi: ath9k: hif_usb: clean up skbs if ath9k_hif_usb_rx_stream() fails + - wifi: ath9k: Fix potential stack-out-of-bounds write in + ath9k_wmi_rsp_callback() + - wifi: ath11k: Fix memory leak in ath11k_peer_rx_frag_setup + - wifi: cfg80211: Fix extended KCK key length check in + nl80211_set_rekey_data() + - ACPI: battery: Fix missing NUL-termination with large strings + - selftests/bpf: Fix build errors if CONFIG_NF_CONNTRACK=m + - crypto: ccp - Failure on re-initialization due to duplicate sysfs filename + - crypto: essiv - Handle EBUSY correctly + - crypto: seqiv - Handle EBUSY correctly + - powercap: fix possible name leak in powercap_register_zone() + - bpf: Fix state pruning for STACK_DYNPTR stack slots + - bpf: Fix missing var_off check for ARG_PTR_TO_DYNPTR + - bpf: Fix partial dynptr stack slot reads/writes + - x86/microcode: Add a parameter to microcode_check() to store CPU + capabilities + - x86/microcode: Check CPU capabilities after late microcode update correctly + - x86/microcode: Adjust late loading result reporting message + - net: ethernet: ti: am65-cpsw/cpts: Fix CPTS release action + - selftests/bpf: Fix vmtest static compilation error + - crypto: xts - Handle EBUSY correctly + - leds: led-class: Add missing put_device() to led_put() + - drm/nouveau/disp: Fix nvif_outp_acquire_dp() argument size + - s390/bpf: Add expoline to tail calls + - wifi: iwlwifi: mei: fix compilation errors in rfkill() + - kselftest/arm64: Fix enumeration of systems without 128 bit SME + - can: rcar_canfd: Fix R-Car V3U CAN mode selection + - can: rcar_canfd: Fix R-Car V3U GAFLCFG field accesses + - selftests/bpf: Initialize tc in xdp_synproxy + - crypto: ccp - Flush the SEV-ES TMR memory before giving it to firmware + - bpftool: profile online CPUs instead of possible + - wifi: mt76: mt7921: fix deadlock in mt7921_abort_roc + - wifi: mt76: mt7915: call mt7915_mcu_set_thermal_throttling() only after + init_work + - wifi: mt76: mt7915: rework mt7915_mcu_set_thermal_throttling + - wifi: mt76: mt7915: rework mt7915_thermal_temp_store() + - wifi: mt76: mt7921: fix channel switch fail in monitor mode + - wifi: mt76: mt7996: fix chainmask calculation in mt7996_set_antenna() + - wifi: mt76: mt7996: update register for CFEND_RATE + - wifi: mt76: connac: fix POWER_CTRL command name typo + - wifi: mt76: mt7921: fix invalid remain_on_channel duration + - wifi: mt76: mt7915: fix memory leak in mt7915_mcu_exit + - wifi: mt76: mt7996: fix memory leak in mt7996_mcu_exit + - wifi: mt76: dma: fix memory leak running mt76_dma_tx_cleanup + - wifi: mt76: fix switch default case in mt7996_reverse_frag0_hdr_trans + - wifi: mt76: mt7915: fix WED TxS reporting + - wifi: mt76: add memory barrier to SDIO queue kick + - wifi: mt76: mt7996: rely on mt76_connac2_mac_tx_rate_val + - net/mlx5: Enhance debug print in page allocation failure + - irqchip: Fix refcount leak in platform_irqchip_probe + - irqchip/alpine-msi: Fix refcount leak in alpine_msix_init_domains + - irqchip/irq-mvebu-gicp: Fix refcount leak in mvebu_gicp_probe + - irqchip/ti-sci: Fix refcount leak in ti_sci_intr_irq_domain_probe + - s390/mem_detect: fix detect_memory() error handling + - s390/vmem: fix empty page tables cleanup under KASAN + - s390/boot: cleanup decompressor header files + - s390/mem_detect: rely on diag260() if sclp_early_get_memsize() fails + - s390/boot: fix mem_detect extended area allocation + - net: add sock_init_data_uid() + - tun: tun_chr_open(): correctly initialize socket uid + - tap: tap_open(): correctly initialize socket uid + - rxrpc: Fix overwaking on call poking + - OPP: fix error checking in opp_migrate_dentry() + - cpufreq: davinci: Fix clk use after free + - Bluetooth: hci_conn: Refactor hci_bind_bis() since it always succeeds + - Bluetooth: L2CAP: Fix potential user-after-free + - Bluetooth: hci_qca: get wakeup status from serdev device handle + - net: ipa: generic command param fix + - s390: vfio-ap: tighten the NIB validity check + - s390/ap: fix status returned by ap_aqic() + - s390/ap: fix status returned by ap_qact() + - libbpf: Fix alen calculation in libbpf_nla_dump_errormsg() + - xen/grant-dma-iommu: Implement a dummy probe_device() callback + - rds: rds_rm_zerocopy_callback() correct order for list_add_tail() + - crypto: rsa-pkcs1pad - Use akcipher_request_complete + - m68k: /proc/hardware should depend on PROC_FS + - RISC-V: time: initialize hrtimer based broadcast clock event device + - clocksource/drivers/riscv: Patch riscv_clock_next_event() jump before first + use + - wifi: iwl3945: Add missing check for create_singlethread_workqueue + - wifi: iwl4965: Add missing check for create_singlethread_workqueue() + - wifi: brcmfmac: Rename Cypress 89459 to BCM4355 + - wifi: brcmfmac: pcie: Add IDs/properties for BCM4355 + - wifi: brcmfmac: pcie: Add IDs/properties for BCM4377 + - wifi: brcmfmac: pcie: Perform correct BCM4364 firmware selection + - wifi: mwifiex: fix loop iterator in mwifiex_update_ampdu_txwinsize() + - wifi: rtw89: fix parsing offset for MCC C2H + - selftests/bpf: Fix out-of-srctree build + - ACPI: resource: Add IRQ overrides for MAINGEAR Vector Pro 2 models + - ACPI: resource: Do IRQ override on all TongFang GMxRGxx + - crypto: octeontx2 - Fix objects shared between several modules + - crypto: crypto4xx - Call dma_unmap_page when done + - vfio/ccw: remove WARN_ON during shutdown + - wifi: mac80211: move color collision detection report in a delayed work + - wifi: mac80211: make rate u32 in sta_set_rate_info_rx() + - wifi: mac80211: fix non-MLO station association + - wifi: mac80211: Don't translate MLD addresses for multicast + - wifi: mac80211: avoid u32_encode_bits() warning + - wifi: mac80211: fix off-by-one link setting + - tools/lib/thermal: Fix thermal_sampling_exit() + - thermal/drivers/hisi: Drop second sensor hi3660 + - selftests/bpf: Fix map_kptr test. + - wifi: mac80211: pass 'sta' to ieee80211_rx_data_set_sta() + - bpf: Zeroing allocated object from slab in bpf memory allocator + - selftests/bpf: Fix xdp_do_redirect on s390x + - can: esd_usb: Move mislocated storage of SJA1000_ECC_SEG bits in case of a + bus error + - can: esd_usb: Make use of can_change_state() and relocate checking skb for + NULL + - xsk: check IFF_UP earlier in Tx path + - LoongArch, bpf: Use 4 instructions for function address in JIT + - bpf: Fix global subprog context argument resolution logic + - irqchip/irq-brcmstb-l2: Set IRQ_LEVEL for level triggered interrupts + - irqchip/irq-bcm7120-l2: Set IRQ_LEVEL for level triggered interrupts + - net/smc: fix potential panic dues to unprotected smc_llc_srv_add_link() + - net/smc: fix application data exception + - selftests/net: Interpret UDP_GRO cmsg data as an int value + - l2tp: Avoid possible recursive deadlock in l2tp_tunnel_register() + - net: bcmgenet: fix MoCA LED control + - net: lan966x: Fix possible deadlock inside PTP + - net/mlx4_en: Introduce flexible array to silence overflow warning + - net/mlx5e: Align IPsec ASO result memory to be as required by hardware + - selftest: fib_tests: Always cleanup before exit + - sefltests: netdevsim: wait for devlink instance after netns removal + - drm: Fix potential null-ptr-deref due to drmm_mode_config_init() + - drm/fourcc: Add missing big-endian XRGB1555 and RGB565 formats + - drm/bridge: ti-sn65dsi83: Fix delay after reset deassert to match spec + - drm: mxsfb: DRM_IMX_LCDIF should depend on ARCH_MXC + - drm: mxsfb: DRM_MXSFB should depend on ARCH_MXS || ARCH_MXC + - drm/bridge: megachips: Fix error handling in i2c_register_driver() + - drm/vkms: Fix memory leak in vkms_init() + - drm/vkms: Fix null-ptr-deref in vkms_release() + - drm/modes: Use strscpy() to copy command-line mode name + - drm/vc4: dpi: Fix format mapping for RGB565 + - drm/bridge: it6505: Guard bridge power in IRQ handler + - drm: tidss: Fix pixel format definition + - gpu: ipu-v3: common: Add of_node_put() for reference returned by + of_graph_get_port_by_id() + - drm/ast: Init iosys_map pointer as I/O memory for damage handling + - drm/vc4: drop all currently held locks if deadlock happens + - hwmon: (ftsteutates) Fix scaling of measurements + - drm/msm/dpu: check for null return of devm_kzalloc() in dpu_writeback_init() + - drm/msm/hdmi: Add missing check for alloc_ordered_workqueue + - pinctrl: qcom: pinctrl-msm8976: Correct function names for wcss pins + - pinctrl: stm32: Fix refcount leak in stm32_pctrl_get_irq_domain + - pinctrl: rockchip: Fix refcount leak in rockchip_pinctrl_parse_groups + - drm/vc4: hvs: Configure the HVS COB allocations + - drm/vc4: hvs: Set AXI panic modes + - drm/vc4: hvs: SCALER_DISPBKGND_AUTOHS is only valid on HVS4 + - drm/vc4: hvs: Correct interrupt masking bit assignment for HVS5 + - drm/vc4: hvs: Fix colour order for xRGB1555 on HVS5 + - drm/vc4: hdmi: Correct interlaced timings again + - drm/msm: clean event_thread->worker in case of an error + - drm/panel-edp: fix name for IVO product id 854b + - scsi: qla2xxx: Fix exchange oversubscription + - scsi: qla2xxx: Fix exchange oversubscription for management commands + - scsi: qla2xxx: edif: Fix clang warning + - ASoC: fsl_sai: initialize is_dsp_mode flag + - drm/bridge: tc358767: Set default CLRSIPO count + - drm/msm/adreno: Fix null ptr access in adreno_gpu_cleanup() + - ALSA: hda/ca0132: minor fix for allocation size + - drm/amdgpu: Use the sched from entity for amdgpu_cs trace + - drm/msm/gem: Add check for kmalloc + - drm/msm/dpu: Disallow unallocated resources to be returned + - drm/bridge: lt9611: fix sleep mode setup + - drm/bridge: lt9611: fix HPD reenablement + - drm/bridge: lt9611: fix polarity programming + - drm/bridge: lt9611: fix programming of video modes + - drm/bridge: lt9611: fix clock calculation + - drm/bridge: lt9611: pass a pointer to the of node + - regulator: tps65219: use IS_ERR() to detect an error pointer + - drm/mipi-dsi: Fix byte order of 16-bit DCS set/get brightness + - drm: exynos: dsi: Fix MIPI_DSI*_NO_* mode flags + - drm/msm/dsi: Allow 2 CTRLs on v2.5.0 + - scsi: ufs: exynos: Fix DMA alignment for PAGE_SIZE != 4096 + - drm/msm/dpu: sc7180: add missing WB2 clock control + - drm/msm: use strscpy instead of strncpy + - drm/msm/dpu: Add check for cstate + - drm/msm/dpu: Add check for pstates + - drm/msm/mdp5: Add check for kzalloc + - habanalabs: bugs fixes in timestamps buff alloc + - pinctrl: bcm2835: Remove of_node_put() in bcm2835_of_gpio_ranges_fallback() + - pinctrl: mediatek: Initialize variable pullen and pullup to zero + - pinctrl: mediatek: Initialize variable *buf to zero + - gpu: host1x: Fix mask for syncpoint increment register + - gpu: host1x: Don't skip assigning syncpoints to channels + - drm/tegra: firewall: Check for is_addr_reg existence in IMM check + - drm/i915/mtl: Add initial gt workarounds + - drm/i915/xehp: GAM registers don't need to be re-applied on engine resets + - pinctrl: renesas: rzg2l: Fix configuring the GPIO pins as interrupts + - drm/i915/xehp: Annotate a couple more workaround registers as MCR + - drm/msm/dpu: set pdpu->is_rt_pipe early in dpu_plane_sspp_atomic_update() + - drm/mediatek: dsi: Reduce the time of dsi from LP11 to sending cmd + - drm/mediatek: Use NULL instead of 0 for NULL pointer + - drm/mediatek: Drop unbalanced obj unref + - drm/mediatek: mtk_drm_crtc: Add checks for devm_kcalloc + - drm/mediatek: Clean dangling pointer on bind error path + - ASoC: soc-compress.c: fixup private_data on snd_soc_new_compress() + - dt-bindings: display: mediatek: Fix the fallback for mediatek,mt8186-disp- + ccorr + - gpio: pca9570: rename platform_data to chip_data + - gpio: vf610: connect GPIO label to dev name + - ASoC: topology: Properly access value coming from topology file + - spi: dw_bt1: fix MUX_MMIO dependencies + - ASoC: mchp-spdifrx: fix controls which rely on rsr register + - ASoC: mchp-spdifrx: fix return value in case completion times out + - ASoC: mchp-spdifrx: fix controls that works with completion mechanism + - ASoC: mchp-spdifrx: disable all interrupts in mchp_spdifrx_dai_remove() + - dm: improve shrinker debug names + - regmap: apply reg_base and reg_downshift for single register ops + - accel: fix CONFIG_DRM dependencies + - ASoC: rsnd: fixup #endif position + - ASoC: mchp-spdifrx: Fix uninitialized use of mr in mchp_spdifrx_hw_params() + - ASoC: dt-bindings: meson: fix gx-card codec node regex + - regulator: tps65219: use generic set_bypass() + - hwmon: (asus-ec-sensors) add missing mutex path + - hwmon: (ltc2945) Handle error case in ltc2945_value_store + - ALSA: hda: Fix the control element identification for multiple codecs + - drm/amdgpu: fix enum odm_combine_mode mismatch + - scsi: mpt3sas: Fix a memory leak + - scsi: aic94xx: Add missing check for dma_map_single() + - HID: multitouch: Add quirks for flipped axes + - HID: retain initial quirks set up when creating HID devices + - ASoC: qcom: q6apm-lpass-dai: unprepare stream if its already prepared + - ASoC: qcom: q6apm-dai: fix race condition while updating the position + pointer + - ASoC: qcom: q6apm-dai: Add SNDRV_PCM_INFO_BATCH flag + - ASoC: codecs: lpass: register mclk after runtime pm + - ASoC: codecs: lpass: fix incorrect mclk rate + - drm/amd/display: don't call dc_interrupt_set() for disabled crtcs + - HID: logitech-hidpp: Hard-code HID++ 1.0 fast scroll support + - spi: bcm63xx-hsspi: Fix multi-bit mode setting + - hwmon: (mlxreg-fan) Return zero speed for broken fan + - ASoC: tlv320adcx140: fix 'ti,gpio-config' DT property init + - dm: remove flush_scheduled_work() during local_exit() + - nfs4trace: fix state manager flag printing + - NFS: fix disabling of swap + - drm/i915/pvc: Implement recommended caching policy + - drm/i915/pvc: Annotate two more workaround/tuning registers as MCR + - drm/i915: Fix GEN8_MISCCPCTL + - spi: synquacer: Fix timeout handling in synquacer_spi_transfer_one() + - ASoC: soc-dapm.h: fixup warning struct snd_pcm_substream not declared + - HID: bigben: use spinlock to protect concurrent accesses + - HID: bigben_worker() remove unneeded check on report_field + - HID: bigben: use spinlock to safely schedule workers + - hid: bigben_probe(): validate report count + - ALSA: hda/hdmi: Register with vga_switcheroo on Dual GPU Macbooks + - drm/shmem-helper: Fix locking for drm_gem_shmem_get_pages_sgt() + - NFSD: enhance inter-server copy cleanup + - NFSD: fix leaked reference count of nfsd4_ssc_umount_item + - nfsd: fix race to check ls_layouts + - nfsd: clean up potential nfsd_file refcount leaks in COPY codepath + - NFSD: fix problems with cleanup on errors in nfsd4_copy + - nfsd: fix courtesy client with deny mode handling in nfs4_upgrade_open + - nfsd: don't fsync nfsd_files on last close + - NFSD: copy the whole verifier in nfsd_copy_write_verifier + - cifs: Fix lost destroy smbd connection when MR allocate failed + - cifs: Fix warning and UAF when destroy the MR list + - cifs: use tcon allocation functions even for dummy tcon + - gfs2: jdata writepage fix + - perf llvm: Fix inadvertent file creation + - leds: led-core: Fix refcount leak in of_led_get() + - leds: is31fl319x: Wrap mutex_destroy() for devm_add_action_or_rest() + - leds: simatic-ipc-leds-gpio: Make sure we have the GPIO providing driver + - tools/tracing/rtla: osnoise_hist: use total duration for average calculation + - perf inject: Use perf_data__read() for auxtrace + - perf intel-pt: Do not try to queue auxtrace data on pipe + - perf stat: Hide invalid uncore event output for aggr mode + - perf jevents: Correct bad character encoding + - perf test bpf: Skip test if kernel-debuginfo is not present + - perf tools: Fix auto-complete on aarch64 + - perf stat: Avoid merging/aggregating metric counts twice + - sparc: allow PM configs for sparc32 COMPILE_TEST + - selftests: find echo binary to use -ne options + - selftests/ftrace: Fix bash specific "==" operator + - selftests: use printf instead of echo -ne + - perf record: Fix segfault with --overwrite and --max-size + - printf: fix errname.c list + - perf tests stat_all_metrics: Change true workload to sleep workload for + system wide check + - objtool: add UACCESS exceptions for __tsan_volatile_read/write + - selftests/ftrace: Fix probepoint testcase to ignore __pfx_* symbols + - sysctl: fix proc_dobool() usability + - mfd: rk808: Re-add rk808-clkout to RK818 + - mfd: cs5535: Don't build on UML + - mfd: pcf50633-adc: Fix potential memleak in pcf50633_adc_async_read() + - dmaengine: idxd: Set traffic class values in GRPCFG on DSA 2.0 + - RDMA/erdma: Fix refcount leak in erdma_mmap + - dmaengine: HISI_DMA should depend on ARCH_HISI + - RDMA/hns: Fix refcount leak in hns_roce_mmap + - iio: light: tsl2563: Do not hardcode interrupt trigger type + - usb: gadget: fusb300_udc: free irq on the error path in fusb300_probe() + - i2c: designware: fix i2c_dw_clk_rate() return size to be u32 + - i2c: qcom-geni: change i2c_master_hub to static + - soundwire: cadence: Don't overflow the command FIFOs + - driver core: fix potential null-ptr-deref in device_add() + - kobject: Fix slab-out-of-bounds in fill_kobj_path() + - alpha/boot/tools/objstrip: fix the check for ELF header + - media: uvcvideo: Check for INACTIVE in uvc_ctrl_is_accessible() + - media: uvcvideo: Implement mask for V4L2_CTRL_TYPE_MENU + - media: uvcvideo: Refactor uvc_ctrl_mappings_uvcXX + - media: uvcvideo: Refactor power_line_frequency_controls_limited + - coresight: etm4x: Fix accesses to TRCSEQRSTEVR and TRCSEQSTR + - coresight: cti: Prevent negative values of enable count + - coresight: cti: Add PM runtime call in enable_store + - usb: typec: intel_pmc_mux: Don't leak the ACPI device reference count + - PCI/IOV: Enlarge virtfn sysfs name buffer + - PCI: switchtec: Return -EFAULT for copy_to_user() errors + - PCI: endpoint: pci-epf-vntb: Add epf_ntb_mw_bar_clear() num_mws kernel-doc + - hwtracing: hisi_ptt: Only add the supported devices to the filters list + - tty: serial: fsl_lpuart: disable Rx/Tx DMA in lpuart32_shutdown() + - tty: serial: fsl_lpuart: clear LPUART Status Register in lpuart32_shutdown() + - serial: tegra: Add missing clk_disable_unprepare() in tegra_uart_hw_init() + - Revert "char: pcmcia: cm4000_cs: Replace mdelay with usleep_range in + set_protocol" + - eeprom: idt_89hpesx: Fix error handling in idt_init() + - applicom: Fix PCI device refcount leak in applicom_init() + - firmware: stratix10-svc: add missing gen_pool_destroy() in + stratix10_svc_drv_probe() + - firmware: stratix10-svc: fix error handle while alloc/add device failed + - VMCI: check context->notify_page after call to get_user_pages_fast() to + avoid GPF + - mei: pxp: Use correct macros to initialize uuid_le + - misc/mei/hdcp: Use correct macros to initialize uuid_le + - misc: fastrpc: Fix an error handling path in fastrpc_rpmsg_probe() + - iommu/exynos: Fix error handling in exynos_iommu_init() + - driver core: fix resource leak in device_add() + - driver core: location: Free struct acpi_pld_info *pld before return false + - drivers: base: transport_class: fix possible memory leak + - drivers: base: transport_class: fix resource leak when + transport_add_device() fails + - firmware: dmi-sysfs: Fix null-ptr-deref in dmi_sysfs_register_handle + - selftests: iommu: Fix test_cmd_destroy_access() call in user_copy + - iommufd: Add three missing structures in ucmd_buffer + - fotg210-udc: Add missing completion handler + - dmaengine: dw-edma: Fix missing src/dst address of interleaved xfers + - fpga: microchip-spi: move SPI I/O buffers out of stack + - fpga: microchip-spi: rewrite status polling in a time measurable way + - usb: early: xhci-dbc: Fix a potential out-of-bound memory access + - tty: serial: fsl_lpuart: Fix the wrong RXWATER setting for rx dma case + - RDMA/cxgb4: add null-ptr-check after ip_dev_find() + - usb: musb: mediatek: don't unregister something that wasn't registered + - usb: gadget: configfs: Restrict symlink creation is UDC already binded + - phy: mediatek: remove temporary variable @mask_ + - PCI: mt7621: Delay phy ports initialization + - iommu/vt-d: Set No Execute Enable bit in PASID table entry + - power: supply: remove faulty cooling logic + - RDMA/siw: Fix user page pinning accounting + - RDMA/cxgb4: Fix potential null-ptr-deref in pass_establish() + - usb: max-3421: Fix setting of I/O pins + - RDMA/irdma: Cap MSIX used to online CPUs + 1 + - serial: fsl_lpuart: fix RS485 RTS polariy inverse issue + - tty: serial: imx: disable Ageing Timer interrupt request irq + - driver core: fw_devlink: Add DL_FLAG_CYCLE support to device links + - driver core: fw_devlink: Don't purge child fwnode's consumer links + - driver core: fw_devlink: Allow marking a fwnode link as being part of a + cycle + - driver core: fw_devlink: Consolidate device link flag computation + - driver core: fw_devlink: Improve check for fwnode with no device/driver + - driver core: fw_devlink: Make cycle detection more robust + - mtd: mtdpart: Don't create platform device that'll never probe + - usb: host: fsl-mph-dr-of: reuse device_set_of_node_from_dev + - dmaengine: dw-edma: Fix readq_ch() return value truncation + - PCI: Fix dropping valid root bus resources with .end = zero + - phy: rockchip-typec: fix tcphy_get_mode error case + - PCI: qcom: Fix host-init error handling + - iw_cxgb4: Fix potential NULL dereference in c4iw_fill_res_cm_id_entry() + - iommu: Fix error unwind in iommu_group_alloc() + - iommu/amd: Do not identity map v2 capable device when snp is enabled + - dmaengine: sf-pdma: pdma_desc memory leak fix + - dmaengine: dw-axi-dmac: Do not dereference NULL structure + - dmaengine: ptdma: check for null desc before calling pt_cmd_callback + - iommu/vt-d: Fix error handling in sva enable/disable paths + - iommu/vt-d: Allow to use flush-queue when first level is default + - RDMA/rxe: Cleanup mr_check_range + - RDMA/rxe: Move rxe_map_mr_sg to rxe_mr.c + - RDMA-rxe: Isolate mr code from atomic_reply() + - RDMA-rxe: Isolate mr code from atomic_write_reply() + - RDMA/rxe: Cleanup page variables in rxe_mr.c + - RDMA/rxe: Replace rxe_map and rxe_phys_buf by xarray + - Subject: RDMA/rxe: Handle zero length rdma + - RDMA/mana_ib: Fix a bug when the PF indicates more entries for registering + memory on first packet + - RDMA/rxe: Fix missing memory barriers in rxe_queue.h + - IB/hfi1: Fix math bugs in hfi1_can_pin_pages() + - IB/hfi1: Fix sdma.h tx->num_descs off-by-one errors + - Revert "remoteproc: qcom_q6v5_mss: map/unmap metadata region before/after + use" + - remoteproc: qcom_q6v5_mss: Use a carveout to authenticate modem headers + - media: ti: cal: fix possible memory leak in cal_ctx_create() + - media: platform: ti: Add missing check for devm_regulator_get + - media: imx: imx7-media-csi: fix missing clk_disable_unprepare() in + imx7_csi_init() + - powerpc: Remove linker flag from KBUILD_AFLAGS + - s390/vdso: Drop '-shared' from KBUILD_CFLAGS_64 + - builddeb: clean generated package content + - media: max9286: Fix memleak in max9286_v4l2_register() + - media: ov2740: Fix memleak in ov2740_init_controls() + - media: ov5675: Fix memleak in ov5675_init_controls() + - media: i2c: tc358746: fix missing return assignment + - media: i2c: tc358746: fix ignoring read error in g_register callback + - media: i2c: tc358746: fix possible endianness issue + - media: ov5640: Fix soft reset sequence and timings + - media: ov5640: Handle delays when no reset_gpio set + - media: mc: Get media_device directly from pad + - media: i2c: ov772x: Fix memleak in ov772x_probe() + - media: i2c: imx219: Split common registers from mode tables + - media: i2c: imx219: Fix binning for RAW8 capture + - media: platform: mtk-mdp3: Fix return value check in mdp_probe() + - media: camss: csiphy-3ph: avoid undefined behavior + - media: platform: mtk-mdp3: fix Kconfig dependencies + - media: v4l2-jpeg: correct the skip count in jpeg_parse_app14_data + - media: v4l2-jpeg: ignore the unknown APP14 marker + - media: hantro: Fix JPEG encoder ENUM_FRMSIZE on RK3399 + - media: imx-jpeg: Apply clk_bulk api instead of operating specific clk + - media: amphion: correct the unspecified color space + - media: drivers/media/v4l2-core/v4l2-h264 : add detection of null pointers + - media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() + - media: atomisp: fix videobuf2 Kconfig depenendency + - media: atomisp: Only set default_run_mode on first open of a stream/asd + - media: i2c: ov7670: 0 instead of -EINVAL was returned + - media: usb: siano: Fix use after free bugs caused by do_submit_urb + - media: saa7134: Use video_unregister_device for radio_dev + - rpmsg: glink: Avoid infinite loop on intent for missing channel + - rpmsg: glink: Release driver_override + - ARM: OMAP2+: omap4-common: Fix refcount leak bug + - arm64: dts: qcom: msm8996: Add additional A2NoC clocks + - udf: Define EFSCORRUPTED error code + - context_tracking: Fix noinstr vs KASAN + - exit: Detect and fix irq disabled state in oops + - ARM: dts: exynos: Use Exynos5420 compatible for the MIPI video phy + - fs: Use CHECK_DATA_CORRUPTION() when kernel bugs are detected + - blk-iocost: fix divide by 0 error in calc_lcoefs() + - blk-cgroup: dropping parent refcount after pd_free_fn() is done + - blk-cgroup: synchronize pd_free_fn() from blkg_free_workfn() and + blkcg_deactivate_policy() + - trace/blktrace: fix memory leak with using debugfs_lookup() + - btrfs: scrub: improve tree block error reporting + - arm64: zynqmp: Enable hs termination flag for USB dwc3 controller + - cpuidle, intel_idle: Fix CPUIDLE_FLAG_INIT_XSTATE + - x86/fpu: Don't set TIF_NEED_FPU_LOAD for PF_IO_WORKER threads + - cpuidle: drivers: firmware: psci: Dont instrument suspend code + - cpuidle: lib/bug: Disable rcu_is_watching() during WARN/BUG + - perf/x86/intel/uncore: Add Meteor Lake support + - wifi: ath9k: Fix use-after-free in ath9k_hif_usb_disconnect() + - wifi: ath11k: fix monitor mode bringup crash + - wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds() + - rcu: Make RCU_LOCKDEP_WARN() avoid early lockdep checks + - rcu: Suppress smp_processor_id() complaint in + synchronize_rcu_expedited_wait() + - srcu: Delegate work to the boot cpu if using SRCU_SIZE_SMALL + - rcu-tasks: Make rude RCU-Tasks work well with CPU hotplug + - rcu-tasks: Handle queue-shrink/callback-enqueue race condition + - wifi: ath11k: debugfs: fix to work with multiple PCI devices + - thermal: intel: Fix unsigned comparison with less than zero + - timers: Prevent union confusion from unexpected restart_syscall() + - x86/bugs: Reset speculation control settings on init + - bpftool: Always disable stack protection for BPF objects + - wifi: brcmfmac: ensure CLM version is null-terminated to prevent stack-out- + of-bounds + - wifi: rtw89: fix assignation of TX BD RAM table + - wifi: mt7601u: fix an integer underflow + - inet: fix fast path in __inet_hash_connect() + - ice: restrict PTP HW clock freq adjustments to 100, 000, 000 PPB + - ice: add missing checks for PF vsi type + - Compiler attributes: GCC cold function alignment workarounds + - ACPI: Don't build ACPICA with '-Os' + - bpf, docs: Fix modulo zero, division by zero, overflow, and underflow + - thermal: intel: intel_pch: Add support for Wellsburg PCH + - clocksource: Suspend the watchdog temporarily when high read latency + detected + - crypto: hisilicon: Wipe entire pool on error + - net: bcmgenet: Add a check for oversized packets + - m68k: Check syscall_trace_enter() return code + - s390/mm,ptdump: avoid Kasan vs Memcpy Real markers swapping + - netfilter: nf_tables: NULL pointer dereference in nf_tables_updobj() + - can: isotp: check CAN address family in isotp_bind() + - gcc-plugins: drop -std=gnu++11 to fix GCC 13 build + - tools/power/x86/intel-speed-select: Add Emerald Rapid quirk + - platform/x86: dell-ddv: Add support for interface version 3 + - wifi: mt76: dma: free rx_head in mt76_dma_rx_cleanup + - ACPI: video: Fix Lenovo Ideapad Z570 DMI match + - net/mlx5: fw_tracer: Fix debug print + - coda: Avoid partial allocation of sig_inputArgs + - uaccess: Add minimum bounds check on kernel buffer size + - s390/idle: mark arch_cpu_idle() noinstr + - time/debug: Fix memory leak with using debugfs_lookup() + - PM: domains: fix memory leak with using debugfs_lookup() + - PM: EM: fix memory leak with using debugfs_lookup() + - Bluetooth: Fix issue with Actions Semi ATS2851 based devices + - Bluetooth: btusb: Add new PID/VID 0489:e0f2 for MT7921 + - Bluetooth: btusb: Add VID:PID 13d3:3529 for Realtek RTL8821CE + - wifi: rtw89: debug: avoid invalid access on RTW89_DBG_SEL_MAC_30 + - hv_netvsc: Check status in SEND_RNDIS_PKT completion message + - s390/kfence: fix page fault reporting + - devlink: Fix TP_STRUCT_entry in trace of devlink health report + - scm: add user copy checks to put_cmsg() + - drm: panel-orientation-quirks: Add quirk for Lenovo Yoga Tab 3 X90F + - drm: panel-orientation-quirks: Add quirk for DynaBook K50 + - drm/amd/display: Reduce expected sdp bandwidth for dcn321 + - drm/amd/display: Revert Reduce delay when sink device not able to ACK 00340h + write + - drm/amd/display: Fix potential null-deref in dm_resume + - drm/omap: dsi: Fix excessive stack usage + - HID: Add Mapping for System Microphone Mute + - drm/tiny: ili9486: Do not assume 8-bit only SPI controllers + - drm/amd/display: Defer DIG FIFO disable after VID stream enable + - drm/radeon: free iio for atombios when driver shutdown + - drm/amd: Avoid BUG() for case of SRIOV missing IP version + - drm/amdkfd: Page aligned memory reserve size + - scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write + - Revert "fbcon: don't lose the console font across generic->chip driver + switch" + - drm/amd: Avoid ASSERT for some message failures + - drm: amd: display: Fix memory leakage + - drm/amd/display: fix mapping to non-allocated address + - HID: uclogic: Add frame type quirk + - HID: uclogic: Add battery quirk + - HID: uclogic: Add support for XP-PEN Deco Pro SW + - HID: uclogic: Add support for XP-PEN Deco Pro MW + - drm/msm/dsi: Add missing check for alloc_ordered_workqueue + - drm: rcar-du: Add quirk for H3 ES1.x pclk workaround + - drm: rcar-du: Fix setting a reserved bit in DPLLCR + - drm/drm_print: correct format problem + - drm/amd/display: Set hvm_enabled flag for S/G mode + - drm/client: Test for connectors before sending hotplug event + - habanalabs: extend fatal messages to contain PCI info + - habanalabs: fix bug in timestamps registration code + - docs/scripts/gdb: add necessary make scripts_gdb step + - drm/msm/dpu: Add DSC hardware blocks to register snapshot + - ASoC: soc-compress: Reposition and add pcm_mutex + - ASoC: kirkwood: Iterate over array indexes instead of using pointer math + - regulator: max77802: Bounds check regulator id against opmode + - regulator: s5m8767: Bounds check id indexing into arrays + - Revert "drm/amdgpu: TA unload messages are not actually sent to psp when + amdgpu is uninstalled" + - drm/amd/display: fix FCLK pstate change underflow + - gfs2: Improve gfs2_make_fs_rw error handling + - hwmon: (coretemp) Simplify platform device handling + - hwmon: (nct6775) Directly call ASUS ACPI WMI method + - hwmon: (nct6775) B650/B660/X670 ASUS boards support + - pinctrl: at91: use devm_kasprintf() to avoid potential leaks + - drm/amd/display: Do not commit pipe when updating DRR + - scsi: snic: Fix memory leak with using debugfs_lookup() + - scsi: ufs: core: Fix device management cmd timeout flow + - HID: logitech-hidpp: Don't restart communication if not necessary + - drm/amd/display: Enable P-state validation checks for DCN314 + - drm: panel-orientation-quirks: Add quirk for Lenovo IdeaPad Duet 3 10IGL5 + - drm/amd/display: Disable HUBP/DPP PG on DCN314 for now + - drm/amd/display: disable SubVP + DRR to prevent underflow + - dm thin: add cond_resched() to various workqueue loops + - dm cache: add cond_resched() to various workqueue loops + - nfsd: zero out pointers after putting nfsd_files on COPY setup error + - nfsd: don't hand out delegation on setuid files being opened for write + - cifs: prevent data race in smb2_reconnect() + - drm/i915/mtl: Correct implementation of Wa_18018781329 + - drm/shmem-helper: Revert accidental non-GPL export + - driver core: fw_devlink: Avoid spurious error message + - wifi: rtl8xxxu: fixing transmisison failure for rtl8192eu + - firmware: coreboot: framebuffer: Ignore reserved pixel color bits + - block: don't allow multiple bios for IOCB_NOWAIT issue + - block: clear bio->bi_bdev when putting a bio back in the cache + - block: be a bit more careful in checking for NULL bdev while polling + - rtc: pm8xxx: fix set-alarm race + - ipmi: ipmb: Fix the MODULE_PARM_DESC associated to 'retry_time_ms' + - ipmi:ssif: resend_msg() cannot fail + - ipmi_ssif: Rename idle state and check + - ipmi:ssif: Add a timer between request retries + - io_uring: Replace 0-length array with flexible array + - io_uring: use user visible tail in io_uring_poll() + - io_uring: handle TIF_NOTIFY_RESUME when checking for task_work + - io_uring: add a conditional reschedule to the IOPOLL cancelation loop + - io_uring: add reschedule point to handle_tw_list() + - io_uring/rsrc: disallow multi-source reg buffers + - io_uring: remove MSG_NOSIGNAL from recvmsg + - io_uring/poll: allow some retries for poll triggering spuriously + - io_uring: fix fget leak when fs don't support nowait buffered read + - s390/extmem: return correct segment type in __segment_load() + - s390: discard .interp section + - s390/kprobes: fix irq mask clobbering on kprobe reenter from post_handler + - s390/kprobes: fix current_kprobe never cleared after kprobes reenter + - KVM: s390: disable migration mode when dirty tracking is disabled + - cifs: improve checking of DFS links over STATUS_OBJECT_NAME_INVALID + - cifs: Fix uninitialized memory read in smb3_qfs_tcon() + - cifs: Fix uninitialized memory reads for oparms.mode + - cifs: fix mount on old smb servers + - cifs: introduce cifs_io_parms in smb2_async_writev() + - cifs: split out smb3_use_rdma_offload() helper + - cifs: don't try to use rdma offload on encrypted connections + - cifs: Check the lease context if we actually got a lease + - cifs: return a single-use cfid if we did not get a lease + - scsi: mpi3mr: Fix missing mrioc->evtack_cmds initialization + - scsi: mpi3mr: Fix issues in mpi3mr_get_all_tgt_info() + - scsi: mpi3mr: Remove unnecessary memcpy() to alltgt_info->dmi + - btrfs: hold block group refcount during async discard + - btrfs: sysfs: update fs features directory asynchronously + - locking/rwsem: Prevent non-first waiter from spinning in down_write() + slowpath + - ksmbd: fix wrong data area length for smb2 lock request + - ksmbd: do not allow the actual frame length to be smaller than the rfc1002 + length + - ksmbd: fix possible memory leak in smb2_lock() + - torture: Fix hang during kthread shutdown phase + - ARM: dts: exynos: correct HDMI phy compatible in Exynos4 + - io_uring: mark task TASK_RUNNING before handling resume/task work + - hfs: fix missing hfs_bnode_get() in __hfs_bnode_create + - fs: hfsplus: fix UAF issue in hfsplus_put_super + - exfat: fix reporting fs error when reading dir beyond EOF + - exfat: fix unexpected EOF while reading dir + - exfat: redefine DIR_DELETED as the bad cluster number + - exfat: fix inode->i_blocks for non-512 byte sector size device + - fs: dlm: start midcomms before scand + - fs: dlm: fix use after free in midcomms commit + - fs: dlm: be sure to call dlm_send_queue_flush() + - fs: dlm: fix race setting stop tx flag + - fs: dlm: don't set stop rx flag after node reset + - fs: dlm: move sending fin message into state change handling + - fs: dlm: send FIN ack back in right cases + - f2fs: fix information leak in f2fs_move_inline_dirents() + - f2fs: retry to update the inode page given data corruption + - f2fs: fix cgroup writeback accounting with fs-layer encryption + - f2fs: fix kernel crash due to null io->bio + - f2fs: Revert "f2fs: truncate blocks in batch in __complete_revoke_list()" + - ocfs2: fix defrag path triggering jbd2 ASSERT + - ocfs2: fix non-auto defrag path not working issue + - fs/cramfs/inode.c: initialize file_ra_state + - selftests/landlock: Skip overlayfs tests when not supported + - selftests/landlock: Test ptrace as much as possible with Yama + - udf: Truncate added extents on failed expansion + - udf: Do not bother merging very long extents + - udf: Do not update file length for failed writes to inline files + - udf: Preserve link count of system files + - udf: Detect system inodes linked into directory hierarchy + - udf: Fix file corruption when appending just after end of preallocated + extent + - md: don't update recovery_cp when curr_resync is ACTIVE + - KVM: Destroy target device if coalesced MMIO unregistration fails + - KVM: VMX: Fix crash due to uninitialized current_vmcs + - KVM: Register /dev/kvm as the _very_ last thing during initialization + - KVM: x86: Purge "highest ISR" cache when updating APICv state + - KVM: x86: Blindly get current x2APIC reg value on "nodecode write" traps + - KVM: x86: Don't inhibit APICv/AVIC on xAPIC ID "change" if APIC is disabled + - KVM: x86: Don't inhibit APICv/AVIC if xAPIC ID mismatch is due to 32-bit ID + - KVM: SVM: Flush the "current" TLB when activating AVIC + - KVM: SVM: Process ICR on AVIC IPI delivery failure due to invalid target + - KVM: SVM: Don't put/load AVIC when setting virtual APIC mode + - KVM: x86: Inject #GP if WRMSR sets reserved bits in APIC Self-IPI + - KVM: x86: Inject #GP on x2APIC WRMSR that sets reserved bits 63:32 + - KVM: SVM: Fix potential overflow in SEV's send|receive_update_data() + - KVM: SVM: hyper-v: placate modpost section mismatch error + - selftests: x86: Fix incorrect kernel headers search path + - x86/virt: Force GIF=1 prior to disabling SVM (for reboot flows) + - x86/crash: Disable virt in core NMI crash handler to avoid double shootdown + - x86/reboot: Disable virtualization in an emergency if SVM is supported + - x86/reboot: Disable SVM, not just VMX, when stopping CPUs + - x86/kprobes: Fix __recover_optprobed_insn check optimizing logic + - x86/kprobes: Fix arch_check_optimized_kprobe check within optimized_kprobe + range + - x86/microcode/amd: Remove load_microcode_amd()'s bsp parameter + - x86/microcode/AMD: Add a @cpu parameter to the reloading functions + - x86/microcode/AMD: Fix mixed steppings support + - x86/speculation: Allow enabling STIBP with legacy IBRS + - Documentation/hw-vuln: Document the interaction between IBRS and STIBP + - virt/sev-guest: Return -EIO if certificate buffer is not large enough + - brd: mark as nowait compatible + - brd: return 0/-error from brd_insert_page() + - brd: check for REQ_NOWAIT and set correct page allocation mask + - ima: fix error handling logic when file measurement failed + - ima: Align ima_file_mmap() parameters with mmap_file LSM hook + - selftests/powerpc: Fix incorrect kernel headers search path + - selftests/ftrace: Fix eprobe syntax test case to check filter support + - selftests: sched: Fix incorrect kernel headers search path + - selftests: core: Fix incorrect kernel headers search path + - selftests: pid_namespace: Fix incorrect kernel headers search path + - selftests: arm64: Fix incorrect kernel headers search path + - selftests: clone3: Fix incorrect kernel headers search path + - selftests: pidfd: Fix incorrect kernel headers search path + - selftests: membarrier: Fix incorrect kernel headers search path + - selftests: kcmp: Fix incorrect kernel headers search path + - selftests: media_tests: Fix incorrect kernel headers search path + - selftests: gpio: Fix incorrect kernel headers search path + - selftests: filesystems: Fix incorrect kernel headers search path + - selftests: user_events: Fix incorrect kernel headers search path + - selftests: ptp: Fix incorrect kernel headers search path + - selftests: sync: Fix incorrect kernel headers search path + - selftests: rseq: Fix incorrect kernel headers search path + - selftests: move_mount_set_group: Fix incorrect kernel headers search path + - selftests: mount_setattr: Fix incorrect kernel headers search path + - selftests: perf_events: Fix incorrect kernel headers search path + - selftests: ipc: Fix incorrect kernel headers search path + - selftests: futex: Fix incorrect kernel headers search path + - selftests: drivers: Fix incorrect kernel headers search path + - selftests: dmabuf-heaps: Fix incorrect kernel headers search path + - selftests: vm: Fix incorrect kernel headers search path + - selftests: seccomp: Fix incorrect kernel headers search path + - irqdomain: Fix association race + - irqdomain: Fix disassociation race + - irqdomain: Look for existing mapping only once + - irqdomain: Drop bogus fwspec-mapping error handling + - irqdomain: Refactor __irq_domain_alloc_irqs() + - irqdomain: Fix mapping-creation race + - irqdomain: Fix domain registration race + - crypto: qat - fix out-of-bounds read + - mm/damon/paddr: fix missing folio_put() + - ALSA: ice1712: Do not left ice->gpio_mutex locked in aureon_add_controls() + - ALSA: hda/realtek: Add quirk for HP EliteDesk 800 G6 Tower PC + - jbd2: fix data missing when reusing bh which is ready to be checkpointed + - ext4: optimize ea_inode block expansion + - ext4: refuse to create ea block when umounted + - cxl/pmem: Fix nvdimm registration races + - Input: exc3000 - properly stop timer on shutdown + - mtd: spi-nor: sfdp: Fix index value for SCCR dwords + - mtd: spi-nor: spansion: Consider reserved bits in CFR5 register + - dm: send just one event on resize, not two + - dm: add cond_resched() to dm_wq_work() + - dm: add cond_resched() to dm_wq_requeue_work() + - wifi: rtw88: use RTW_FLAG_POWERON flag to prevent to power on/off twice + - wifi: rtl8xxxu: Use a longer retry limit of 48 + - wifi: ath11k: allow system suspend to survive ath11k + - wifi: cfg80211: Fix use after free for wext + - wifi: cfg80211: Set SSID if it is not already set + - cpuidle: add ARCH_SUSPEND_POSSIBLE dependencies + - qede: fix interrupt coalescing configuration + - thermal: intel: powerclamp: Fix cur_state for multi package system + - dm flakey: fix logic when corrupting a bio + - dm cache: free background tracker's queued work in btracker_destroy + - dm flakey: don't corrupt the zero page + - dm flakey: fix a bug with 32-bit highmem systems + - hwmon: (peci/cputemp) Fix off-by-one in coretemp_label allocation + - hwmon: (nct6775) Fix incorrect parenthesization in nct6775_write_fan_div() + - spi: intel: Check number of chip selects after reading the descriptor + - ARM: dts: qcom: sdx65: Add Qcom SMMU-500 as the fallback for IOMMU node + - ARM: dts: qcom: sdx55: Add Qcom SMMU-500 as the fallback for IOMMU node + - ARM: dts: exynos: correct TMU phandle in Exynos4210 + - ARM: dts: exynos: correct TMU phandle in Exynos4 + - ARM: dts: exynos: correct TMU phandle in Odroid XU3 family + - ARM: dts: exynos: correct TMU phandle in Exynos5250 + - ARM: dts: exynos: correct TMU phandle in Odroid XU + - ARM: dts: exynos: correct TMU phandle in Odroid HC1 + - arm64: acpi: Fix possible memory leak of ffh_ctxt + - arm64: mm: hugetlb: Disable HUGETLB_PAGE_OPTIMIZE_VMEMMAP + - arm64: Reset KASAN tag in copy_highpage with HW tags only + - fuse: add inode/permission checks to fileattr_get/fileattr_set + - rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails + - ceph: update the time stamps and try to drop the suid/sgid + - regulator: core: Use ktime_get_boottime() to determine how long a regulator + was off + - panic: fix the panic_print NMI backtrace setting + - mm/hwpoison: convert TTU_IGNORE_HWPOISON to TTU_HWPOISON + - genirq/msi, platform-msi: Ensure that MSI descriptors are unreferenced + - genirq/msi: Take the per-device MSI lock before validating the control + structure + - spi: spi-sn-f-ospi: fix duplicate flag while assigning to mode_bits + - alpha: fix FEN fault handling + - dax/kmem: Fix leak of memory-hotplug resources + - mips: fix syscall_get_nr + - media: ipu3-cio2: Fix PM runtime usage_count in driver unbind + - remoteproc/mtk_scp: Move clk ops outside send_lock + - vfio: Fix NULL pointer dereference caused by uninitialized group->iommufd + - docs: gdbmacros: print newest record + - mm: memcontrol: deprecate charge moving + - mm/thp: check and bail out if page in deferred queue already + - ktest.pl: Give back console on Ctrt^C on monitor + - kprobes: Fix to handle forcibly unoptimized kprobes on freeing_list + - ktest.pl: Fix missing "end_monitor" when machine check fails + - ktest.pl: Add RUN_TIMEOUT option with default unlimited + - memory tier: release the new_memtier in find_create_memory_tier() + - ring-buffer: Handle race between rb_move_tail and rb_check_pages + - tools/bootconfig: fix single & used for logical condition + - tracing/eprobe: Fix to add filter on eprobe description in README file + - iommu/amd: Add a length limitation for the ivrs_acpihid command-line + parameter + - scsi: aacraid: Allocate cmd_priv with scsicmd + - scsi: qla2xxx: Fix link failure in NPIV environment + - scsi: qla2xxx: Check if port is online before sending ELS + - scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests + - scsi: qla2xxx: Remove unintended flag clearing + - scsi: qla2xxx: Fix erroneous link down + - scsi: qla2xxx: Remove increment of interface err cnt + - scsi: ses: Don't attach if enclosure has no components + - scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process() + - scsi: ses: Fix possible addl_desc_ptr out-of-bounds accesses + - scsi: ses: Fix possible desc_ptr out-of-bounds accesses + - scsi: ses: Fix slab-out-of-bounds in ses_intf_remove() + - RISC-V: add a spin_shadow_stack declaration + - riscv: Avoid enabling interrupts in die() + - riscv: mm: fix regression due to update_mmu_cache change + - riscv: jump_label: Fixup unaligned arch_static_branch function + - riscv: ftrace: Fixup panic by disabling preemption + - riscv, mm: Perform BPF exhandler fixup on page fault + - riscv: ftrace: Remove wasted nops for !RISCV_ISA_C + - riscv: ftrace: Reduce the detour code size to half + - MIPS: DTS: CI20: fix otg power gpio + - PCI/PM: Observe reset delay irrespective of bridge_d3 + - PCI: Unify delay handling for reset and resume + - PCI: hotplug: Allow marking devices as disconnected during bind/unbind + - PCI: Avoid FLR for AMD FCH AHCI adapters + - PCI/DPC: Await readiness of secondary bus after reset + - bus: mhi: ep: Only send -ENOTCONN status if client driver is available + - bus: mhi: ep: Move chan->lock to the start of processing queued ch ring + - bus: mhi: ep: Save channel state locally during suspend and resume + - iommufd: Make sure to zero vfio_iommu_type1_info before copying to user + - iommufd: Do not add the same hwpt to the ioas->hwpt_list twice + - iommu/vt-d: Avoid superfluous IOTLB tracking in lazy mode + - iommu/vt-d: Fix PASID directory pointer coherency + - vfio/type1: exclude mdevs from VFIO_UPDATE_VADDR + - vfio/type1: prevent underflow of locked_vm via exec() + - vfio/type1: track locked_vm per dma + - vfio/type1: restore locked_vm + - drm/amd: Fix initialization for nbio 7.5.1 + - drm/i915/quirks: Add inverted backlight quirk for HP 14-r206nv + - drm/radeon: Fix eDP for single-display iMac11,2 + - drm/i915: Don't use stolen memory for ring buffers with LLC + - drm/i915: Don't use BAR mappings for ring buffers with LLC + - drm/gud: Fix UBSAN warning + - drm/edid: fix AVI infoframe aspect ratio handling + - drm/edid: fix parsing of 3D modes from HDMI VSDB + - qede: avoid uninitialized entries in coal_entry array + - brd: use radix_tree_maybe_preload instead of radix_tree_preload + - net: avoid double iput when sock_alloc_file fails + - Linux 6.2.3 + + * Miscellaneous Ubuntu changes + - [Config] update annotations after applying 6.2.3 stable patches + - [Config] update annotations after applying 6.2.6 stable patches + + -- Andrea Righi Tue, 14 Mar 2023 16:43:44 +0100 + +linux (6.2.0-16.16) lunar; urgency=medium + + * lunar/linux: 6.2.0-16.16 -proposed tracker (LP: #2009914) + + * linux-libc-dev is no longer multi-arch safe (LP: #2009355) + - Revert "UBUNTU: [Packaging] install headers to debian/linux-libc-dev + directly" + + * linux: CONFIG_SERIAL_8250_MID=y (LP: #2009283) + - [Config] enable CONFIG_SERIAL_8250_MID=y + + * cpufreq: intel_pstate: Update Balance performance EPP for Sapphire Rapids + (LP: #2008519) + - cpufreq: intel_pstate: Adjust balance_performance EPP for Sapphire Rapids + + -- Andrea Righi Fri, 10 Mar 2023 18:34:28 +0100 + +linux (6.2.0-15.15) lunar; urgency=medium + + * Miscellaneous Ubuntu changes + - [Packaging] annotations: document annotations headers + + -- Andrea Righi Fri, 10 Mar 2023 07:36:59 +0100 + +linux (6.2.0-14.14) lunar; urgency=medium + + * lunar/linux: 6.2.0-14.14 -proposed tracker (LP: #2009856) + + * Miscellaneous Ubuntu changes + - [Packaging] rust: add rust build dependencies to all arches + - [Packaging] Support skipped dkms modules + - [Packaging] actually enforce set -e in dkms-build--nvidia-N + - [Packaging] Preserve the correct log file variable value + - [Packaging] update getabis + + -- Andrea Righi Thu, 09 Mar 2023 16:40:36 +0100 + +linux (6.2.0-13.13) lunar; urgency=medium + + * lunar/linux: 6.2.0-13.13 -proposed tracker (LP: #2009704) + + * Packaging resync (LP: #1786013) + - debian/dkms-versions -- update from kernel-versions (main/master) + + * mt7921: add support of MTFG table (LP: #2009642) + - wifi: mt76: mt7921: add support to update fw capability with MTFG table + + -- Andrea Righi Wed, 08 Mar 2023 14:40:25 +0100 + +linux (6.2.0-12.12) lunar; urgency=medium + + * lunar/linux: 6.2.0-12.12 -proposed tracker (LP: #2009698) + + * Miscellaneous Ubuntu changes + - SAUCE: enforce rust availability only on x86_64 + - [Config] update CONFIG_RUST_IS_AVAILABLE + + -- Andrea Righi Wed, 08 Mar 2023 12:50:15 +0100 + +linux (6.2.0-11.11) lunar; urgency=medium + + * lunar/linux: 6.2.0-11.11 -proposed tracker (LP: #2009697) + + * Miscellaneous Ubuntu changes + - [Packaging] do not stop the build if rust is not available + + -- Andrea Righi Wed, 08 Mar 2023 12:24:55 +0100 + +linux (6.2.0-10.10) lunar; urgency=medium + + * lunar/linux: 6.2.0-10.10 -proposed tracker (LP: #2009673) + + * Packaging resync (LP: #1786013) + - debian/dkms-versions -- update from kernel-versions (main/master) + + * enable Rust support in the kernel (LP: #2007654) + - [Packaging] propagate makefile variables to kernelconfig + - SAUCE: rust: fix regexp in scripts/is_rust_module.sh + - SAUCE: scripts: rust: drop is_rust_module.sh + - SAUCE: rust: allow to use INIT_STACK_ALL_ZERO + - SAUCE: scripts: Exclude Rust CUs with pahole + - SAUCE: modpost: support arbitrary symbol length in modversion + - SAUCE: allows to enable Rust with modversions + - SAUCE: rust: properly detect the version of libclang used by bindgen + - [Packaging] rust: add the proper make flags to enable rust support + - [Packaging] add rust dependencies + - [Packaging] bpftool: always use vmlinux to generate headers + - [Packaging] run rustavailable target as debugging before build + - [Config] enable Rust support + + * Fail to output sound to external monitor which connects via docking station + (LP: #2009024) + - [Config] Enable CONFIG_SND_HDA_INTEL_HDMI_SILENT_STREAM + + * Miscellaneous Ubuntu changes + - SAUCE: Makefile: replace rsync with tar + + -- Andrea Righi Wed, 08 Mar 2023 12:01:56 +0100 + +linux (6.2.0-1.1) lunar; urgency=medium + + * lunar/linux: 6.2.0-1.1 -proposed tracker (LP: #2009621) + + * Packaging resync (LP: #1786013) + - [Packaging] update variants + - debian/dkms-versions -- update from kernel-versions (main/master) + + * kinetic: apply new apparmor and LSM stacking patch set (LP: #1989983) + - SAUCE: apparmor: Add fine grained mediation of posix mqueues + - SAUCE: apparmor: add user namespace creation mediation + + * Lunar update: v6.2.2 upstream stable release (LP: #2009358) + - ALSA: hda: cs35l41: Correct error condition handling + - crypto: arm64/sm4-gcm - Fix possible crash in GCM cryption + - bpf: bpf_fib_lookup should not return neigh in NUD_FAILED state + - vc_screen: don't clobber return value in vcs_read + - drm/amd/display: Move DCN314 DOMAIN power control to DMCUB + - drm/amd/display: Properly reuse completion structure + - scripts/tags.sh: fix incompatibility with PCRE2 + - wifi: rtw88: usb: Set qsel correctly + - wifi: rtw88: usb: send Zero length packets if necessary + - wifi: rtw88: usb: drop now unnecessary URB size check + - usb: dwc3: pci: add support for the Intel Meteor Lake-M + - USB: serial: option: add support for VW/Skoda "Carstick LTE" + - usb: gadget: u_serial: Add null pointer check in gserial_resume + - arm64: dts: uniphier: Fix property name in PXs3 USB node + - usb: typec: pd: Remove usb_suspend_supported sysfs from sink PDO + - USB: core: Don't hold device lock while reading the "descriptors" sysfs file + - Linux 6.2.2 + + * Lunar update: v6.2.1 upstream stable release (LP: #2009127) + - uaccess: Add speculation barrier to copy_from_user() + - x86/alternatives: Introduce int3_emulate_jcc() + - x86/alternatives: Teach text_poke_bp() to patch Jcc.d32 instructions + - x86/static_call: Add support for Jcc tail-calls + - HID: mcp-2221: prevent UAF in delayed work + - wifi: mwifiex: Add missing compatible string for SD8787 + - audit: update the mailing list in MAINTAINERS + - platform/x86/amd/pmf: Add depends on CONFIG_POWER_SUPPLY + - platform/x86: nvidia-wmi-ec-backlight: Add force module parameter + - ext4: Fix function prototype mismatch for ext4_feat_ktype + - randstruct: disable Clang 15 support + - bpf: add missing header file include + - Linux 6.2.1 + + * Fix mediatek wifi driver crash when loading wrong SAR table (LP: #2009118) + - wifi: mt76: mt7921: fix error code of return in mt7921_acpi_read + + * overlayfs mounts as R/O over idmapped mount (LP: #2009065) + - SAUCE: overlayfs: handle idmapped mounts in ovl_do_(set|remove)xattr + + * RaptorLake: Fix the Screen is shaking by onboard HDMI port in mirror mode + (LP: #1993561) + - drm/i915/display: Drop check for doublescan mode in modevalid + - drm/i915/display: Prune Interlace modes for Display >=12 + + * screen flicker after PSR2 enabled (LP: #2007516) + - SAUCE: drm/i915/display/psr: Disable PSR2 sel fetch on panel SHP 5457 + + * [23.04 FEAT] Support for new IBM Z Hardware (IBM z16) - Reset DAT-Protection + facility support (LP: #1982378) + - s390/mm: add support for RDP (Reset DAT-Protection) + + * [23.04 FEAT] zcrypt DD: AP command filtering (LP: #2003637) + - s390/zcrypt: introduce ctfm field in struct CPRBX + + * rtcpie in timers from ubuntu_kernel_selftests randomly failing + (LP: #1814234) + - SAUCE: selftest: rtcpie: Force passing unreliable subtest + + * [23.04 FEAT] Support for List-Directed IPL and re-IPL from ECKD DASD + (LP: #2003394) + - s390/ipl: add DEFINE_GENERIC_LOADPARM() + - s390/ipl: add loadparm parameter to eckd ipl/reipl data + + * Miscellaneous Ubuntu changes + - SAUCE: drm/i915/sseu: fix max_subslices array-index-out-of-bounds access + - SAUCE: mtd: spi-nor: Fix shift-out-of-bounds in spi_nor_set_erase_type + - SAUCE: Revert "fbdev: Make registered_fb[] private to fbmem.c" + - [Packaging] disable signing for ppc64el + - [Config] define CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS + - SAUCE: Revert "arm64/fpsimd: Make kernel_neon_ API _GPL" + + -- Andrea Righi Tue, 07 Mar 2023 18:45:31 +0100 + +linux (6.2.0-0.0) lunar; urgency=medium + + * Empty entry + + -- Andrea Righi Fri, 03 Mar 2023 08:42:43 +0100 + +linux-unstable (6.2.0-10.10) lunar; urgency=medium + + * lunar/linux-unstable: 6.2.0-10.10 -proposed tracker (LP: #2007818) + + * Built-in camera device dies after runtime suspended (LP: #2007530) + - SAUCE: usb: xhci: Workaround for runpm issue on AMD xHC + + * Miscellaneous Ubuntu changes + - [Config] update annotations after rebase to v6.2 + + [ Upstream Kernel Changes ] + + * Rebase to v6.2 + + -- Andrea Righi Mon, 20 Feb 2023 10:36:20 +0100 + +linux-unstable (6.2.0-9.9) lunar; urgency=medium + + * lunar/linux-unstable: 6.2.0-9.9 -proposed tracker (LP: #2007069) + + * Move kernel ADT tests to python3 (LP: #2004429) + - [Debian] Use a python3 compatable kernel-testing repo + + * Mediatek FM350-GL wwan module failed to init: Invalid device status 0x1 + (LP: #2002089) + - SAUCE: Revert "net: wwan: t7xx: Add AP CLDMA" + - SAUCE: net: wwan: t7xx: Add AP CLDMA + - SAUCE: net: wwan: t7xx: Infrastructure for early port configuration + - SAUCE: net: wwan: t7xx: PCIe reset rescan + - SAUCE: net: wwan: t7xx: Enable devlink based fw flashing and coredump + collection + - SAUCE: net: wwan: t7xx: Devlink documentation + + * LXD containers using shiftfs on ZFS or TMPFS broken on 5.15.0-48.54 + (LP: #1990849) + - SAUCE: shiftfs: fix -EOVERFLOW inside the container + + * Miscellaneous Ubuntu changes + - [Packaging] annotations: do not drop undefined configs in derivatives + - [Packaging]: annotations: fix _remove_entry() logic + - [Packaging] rsync no longer available on lunar + - [Packaging] annotations: Handle single-line annoation rules + - [Packaging] annotations: Preserve single-line annotation rules + - [Packaging] annotations: Fix linter errors + - [Packaging] annotations: Clean up policy writes + - [Packaging] annotations: Handle tabs in annotations file + - [Packaging] annotations: Fail on invalid lines + - [Packaging] annotations: Write out annotations with notes first + - [Packaging] annotations: Check validity of FLAVOUR_DEP + - [Config] update annotations to split configs with/without notes + - [Packaging] annotations: various code cleanups + - [Config] update annotations after rebase to v6.2-rc8 + + * Miscellaneous upstream changes + - selftests/net: mv bpf/nat6to4.c to net folder + + [ Upstream Kernel Changes ] + + * Rebase to v6.1-rc8 + + -- Andrea Righi Mon, 13 Feb 2023 09:32:18 +0100 + +linux-unstable (6.2.0-8.8) lunar; urgency=medium + + * lunar/linux-unstable: 6.2.0-8.8 -proposed tracker (LP: #2004229) + + * Miscellaneous Ubuntu changes + - [Packaging] re-enable signing for ppc64el and s390x + - SAUCE: s390/decompressor: specify __decompress() buf len to avoid overflow + + -- Andrea Righi Tue, 31 Jan 2023 08:21:21 +0100 + +linux-unstable (6.2.0-7.7) lunar; urgency=medium + + * lunar/linux-unstable: 6.2.0-7.7 -proposed tracker (LP: #2004142) + + -- Andrea Righi Mon, 30 Jan 2023 10:23:15 +0100 + +linux-unstable (6.2.0-6.6) lunar; urgency=medium + + * lunar/linux-unstable: 6.2.0-6.6 -proposed tracker (LP: #2004138) + + * Miscellaneous Ubuntu changes + - [Packaging] debian/rules: Bring back 'editconfigs' + - [Packaging] debian/rules: 1-maintainer.mk -- Use make's if-else + - [Packaging] annotations: make sure to always drop undefined configs + - [Config] update annotations after rebase to v6.2-rc6 + + [ Upstream Kernel Changes ] + + * Rebase to v6.1-rc6 + + -- Andrea Righi Mon, 30 Jan 2023 09:20:26 +0100 + +linux-unstable (6.2.0-5.5) lunar; urgency=medium + + * lunar/linux-unstable: 6.2.0-5.5 -proposed tracker (LP: #2003682) + + * [23.04] Kernel 6.2 does not boot on s390x (LP: #2003348) + - SAUCE Revert "zstd: import usptream v1.5.2" + - SAUCE: Revert "zstd: Move zstd-common module exports to + zstd_common_module.c" + + * Revoke & rotate to new signing key (LP: #2002812) + - [Packaging] Revoke and rotate to new signing key + + * CVE-2023-0179 + - netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits + + * [23.04] net/smc: Alibaba patches about tunable buffer sizes may cause errors + and need to be removed (kernel 6.2) (LP: #2003547) + - SAUCE: Revert "net/smc: Unbind r/w buffer size from clcsock and make them + tunable" + - SAUCE: Revert "net/smc: Introduce a specific sysctl for TEST_LINK time" + + * 5.15 stuck at boot on c4.large (LP: #1956780) + - SAUCE: Revert "PCI/MSI: Mask MSI-X vectors only on success" + + * Miscellaneous Ubuntu changes + - [Packaging] scripts/misc/kernelconfig: Disable config checks for mainline + builds + - [Packaging] annotations: add CONFIG_GCC_VERSION to the list of ignored + configs + + -- Andrea Righi Mon, 23 Jan 2023 08:20:26 +0100 + +linux-unstable (6.2.0-4.4) lunar; urgency=medium + + * lunar/linux-unstable: 6.2.0-4.4 -proposed tracker (LP: #2003051) + + * Miscellaneous Ubuntu changes + - [Packaging] add python3 as a build dependency + - [Packaging] scripts/misc/kernelconfig: Rewrite + + -- Andrea Righi Tue, 17 Jan 2023 09:18:54 +0100 + +linux-unstable (6.2.0-3.3) lunar; urgency=medium + + * lunar/linux-unstable: 6.2.0-3.3 -proposed tracker (LP: #2002939) + + * Enable kernel config for P2PDMA (LP: #1987394) + - [Config] Enable CONFIG_HSA_AMD_P2P + + * Miscellaneous Ubuntu changes + - SAUCE: (no-up) Remove obj- += foo.o hack + - SAUCE: (no-up) re-add ubuntu/ directory + - [Config] enable EFI handover protocol + - [Packaging] Fix module-check error when modules are compressed + - SAUCE: (no-up) do not remove debian directory by 'make mrproper' + - [Packaging] debian/rules: Drop AUTOBUILD + - [Packaging] debian/rules: Drop NOKERNLOG and PRINTSHAS env variables + - [Packaging] debian/rules: Replace skip variables with skip_checks + - [Packaging] checks/retpoline-check: Make 'skipretpoline' argument optional + - [Packaging] checks/module-signature-check: Add 'skip_checks' argument + - [Packaging] debian/rules: Rename 'skip_dbg' to 'do_dbgsym_package' + - [Packaging] debian/rules: Rename 'skip_checks' to 'do_skip_checks' + - [Packaging] debian/rules: Rename 'full_build' to 'do_full_build' + - [Packaging] debian/rules: Fix PPA debug package builds + - [Packaging] debian/rules: Remove debug package install directory earlier + - [Packaging] debian/rules: Remove unnecessary 'lockme_' variables + - [Packaging] debian/rules: Remove unused target 'diffupstream' + - [Packaging] debian/rules: Mark PHONY targets individually + - [Packaging] debian/rules: Clean up 'help' target output + - [Packaging] debian/rules: Clean up 'printenv' target output + - [Packaging] debian/rules: Add missing 'do_' variables to 'printenv' + - [Config] update annotations after rebase to v6.2-rc4 + + [ Upstream Kernel Changes ] + + * Rebase to v6.1-rc4 + + -- Andrea Righi Mon, 16 Jan 2023 16:01:40 +0100 + +linux-unstable (6.2.0-2.2) lunar; urgency=medium + + * lunar/linux-unstable: 6.2.0-2.2 -proposed tracker (LP: #2001892) + + * Soundwire support for the Intel RPL Gen 0C40/0C11 platforms (LP: #2000030) + - SAUCE: ASoC: Intel: soc-acpi: add configuration for variant of 0C40 product + - SAUCE: ASoC: Intel: soc-acpi: add configuration for variant of 0C11 product + + * Miscellaneous Ubuntu changes + - [Config] update toolchain version in annotations + + * Miscellaneous upstream changes + - Revert "UBUNTU: [Packaging] Support skipped dkms modules" + + [ Upstream Kernel Changes ] + + * Rebase to v6.1-rc2 + + -- Andrea Righi Thu, 05 Jan 2023 09:19:55 +0100 + +linux-unstable (6.2.0-1.1) lunar; urgency=medium + + * lunar/linux-unstable: 6.2.0-1.1 -proposed tracker (LP: #2000904) + + * Packaging resync (LP: #1786013) + - [Packaging] update variants + + * Miscellaneous Ubuntu changes + - [Packaging] annotations: remove configs that are undefined across all + arches/flavours + - SAUCE: Revert "apparmor: make __aa_path_perm() static" + - [Packaging] abi-check: ignore failures when abi check is skipped + - [Packaging] temporarily disable zfs dkms + - [Config] update annotations after rebase to 6.2-rc1 + + [ Upstream Kernel Changes ] + + * Rebase to v6.1-rc1 + + -- Andrea Righi Wed, 04 Jan 2023 12:08:32 +0100 + +linux-unstable (6.2.0-0.0) lunar; urgency=medium + + * Empty entry + + -- Andrea Righi Sun, 01 Jan 2023 10:16:00 +0100 + +linux (6.1.0-11.11) lunar; urgency=medium + + * lunar/linux: 6.1.0-11.11 -proposed tracker (LP: #2000704) + + * Packaging resync (LP: #1786013) + - [Packaging] update helper scripts + + * Lunar update: v6.1.1 upstream stable release (LP: #2000706) + - x86/vdso: Conditionally export __vdso_sgx_enter_enclave() + - libbpf: Fix uninitialized warning in btf_dump_dump_type_data + - PCI: mt7621: Add sentinel to quirks table + - mips: ralink: mt7621: define MT7621_SYSC_BASE with __iomem + - mips: ralink: mt7621: soc queries and tests as functions + - mips: ralink: mt7621: do not use kzalloc too early + - irqchip/ls-extirq: Fix endianness detection + - udf: Discard preallocation before extending file with a hole + - udf: Fix preallocation discarding at indirect extent boundary + - udf: Do not bother looking for prealloc extents if i_lenExtents matches + i_size + - udf: Fix extending file within last block + - usb: gadget: uvc: Prevent buffer overflow in setup handler + - USB: serial: option: add Quectel EM05-G modem + - USB: serial: cp210x: add Kamstrup RF sniffer PIDs + - USB: serial: f81232: fix division by zero on line-speed change + - USB: serial: f81534: fix division by zero on line-speed change + - xhci: Apply XHCI_RESET_TO_DEFAULT quirk to ADL-N + - staging: r8188eu: fix led register settings + - igb: Initialize mailbox message for VF reset + - usb: typec: ucsi: Resume in separate work + - usb: dwc3: pci: Update PCIe device ID for USB3 controller on CPU sub-system + for Raptor Lake + - cifs: fix oops during encryption + - KEYS: encrypted: fix key instantiation with user-provided data + - Linux 6.1.1 + + * Expose built-in trusted and revoked certificates (LP: #1996892) + - [Packaging] Expose built-in trusted and revoked certificates + + * Fix System cannot detect bluetooth after running suspend stress test + (LP: #1998727) + - wifi: rtw88: 8821c: enable BT device recovery mechanism + + * Gnome doesn't run smooth when performing normal usage with RPL-P CPU + (LP: #1998419) + - drm/i915/rpl-p: Add stepping info + + * Mute/mic LEDs no function on a HP platfrom (LP: #1998882) + - ALSA: hda/realtek: fix mute/micmute LEDs for a HP ProBook + + * Add additional Mediatek MT7922 BT device ID (LP: #1998885) + - Bluetooth: btusb: Add a new VID/PID 0489/e0f2 for MT7922 + + * Support Icicle Kit reference design v2022.10 (LP: #1993148) + - SAUCE: riscv: dts: microchip: Disable PCIe on the Icicle Kit + + * Add iommu passthrough quirk for Intel IPU6 on RaptorLake (LP: #1989041) + - SAUCE: iommu: intel-ipu: use IOMMU passthrough mode for Intel IPUs on Raptor + Lake + + * Enable Intel FM350 wwan CCCI driver port logging (LP: #1997686) + - net: wwan: t7xx: use union to group port type specific data + - net: wwan: t7xx: Add port for modem logging + + * TEE Support for CCP driver (LP: #1991608) + - crypto: ccp - Add support for TEE for PCI ID 0x14CA + + * Kinetic update: v5.19.17 upstream stable release (LP: #1994179) + - Revert "fs: check FMODE_LSEEK to control internal pipe splicing" + - kbuild: Add skip_encoding_btf_enum64 option to pahole + + * Kinetic update: v5.19.15 upstream stable release (LP: #1994078) + - Revert "clk: ti: Stop using legacy clkctrl names for omap4 and 5" + + * support independent clock and LED GPIOs for Intel IPU6 platforms + (LP: #1989046) + - SAUCE: platform/x86: int3472: support independent clock and LED GPIOs + + * Kernel livepatch support for for s390x (LP: #1639924) + - [Config] Enable EXPOLINE_EXTERN on s390x + + * Kinetic update: v5.19.7 upstream stable release (LP: #1988733) + - Revert "PCI/portdrv: Don't disable AER reporting in + get_port_device_capability()" + + * Kinetic update: v5.19.3 upstream stable release (LP: #1987345) + - Revert "mm: kfence: apply kmemleak_ignore_phys on early allocated pool" + + * Fix non-working e1000e device after resume (LP: #1951861) + - SAUCE: Revert "e1000e: Add polling mechanism to indicate CSME DPG exit" + + * Add additional Mediatek MT7921 WiFi/BT device IDs (LP: #1937004) + - SAUCE: Bluetooth: btusb: Add support for Foxconn Mediatek Chip + + * Fix system sleep on TGL systems with Intel ME (LP: #1919321) + - SAUCE: PCI: Serialize TGL e1000e PM ops + + * Fix broken e1000e device after S3 (LP: #1897755) + - SAUCE: e1000e: Increase polling timeout on MDIC ready bit + + * Fix unusable USB hub on Dell TB16 after S3 (LP: #1855312) + - SAUCE: USB: core: Make port power cycle a seperate helper function + - SAUCE: USB: core: Attempt power cycle port when it's in eSS.Disabled state + + * Set explicit CC in the headers package (LP: #1999750) + - [Packaging] Set explicit CC in the headers package + + * commit cf58599cded35cf4affed1e659c0e2c742d3fda7 seems to be missing in + kinetic master to remove "hio" reference from Makefile (LP: #1999556) + - SAUCE: remove leftover reference to ubuntu/hio driver + + * Miscellaneous Ubuntu changes + - [Packaging] kernelconfig: always complete all config checks + - [Packaging] annotations: unify same rule across all flavour within the same + arch + - [Config] annotations: compact annotations file + - [Config] disable EFI_ZBOOT + - SAUCE: input: i8042: fix section mismatch warning + - debian/dkms-versions -- re-enable zfs + - [Packaging] old-kernelconfig: update config-check path + - [Packaging] update getabis + - [Packaging] update Ubuntu.md + + * Miscellaneous upstream changes + - Revert "drm/i915/opregion: check port number bounds for SWSCI display power + state" + + -- Andrea Righi Fri, 30 Dec 2022 11:23:16 +0100 + +linux (6.1.0-10.10) lunar; urgency=medium + + * lunar/linux: 6.1.0-10.10 -proposed tracker (LP: #1999569) + + * Soundwire support for the Intel RPL Gen platforms (LP: #1997944) + - ASoC: Intel: sof_sdw: Add support for SKU 0C10 product + - ASoC: Intel: soc-acpi: add SKU 0C10 SoundWire configuration + - ASoC: Intel: sof_sdw: Add support for SKU 0C40 product + - ASoC: Intel: soc-acpi: add SKU 0C40 SoundWire configuration + - ASoC: Intel: sof_sdw: Add support for SKU 0C4F product + - ASoC: rt1318: Add RT1318 SDCA vendor-specific driver + - ASoC: intel: sof_sdw: add rt1318 codec support. + - ASoC: Intel: sof_sdw: Add support for SKU 0C11 product + - ASoC: Intel: soc-acpi: add SKU 0C11 SoundWire configuration + - SAUCE: ASoC: Intel: soc-acpi: update codec addr on 0C11/0C4F product + - [Config] enable CONFIG_SND_SOC_RT1318_SDW + + * Virtual GPU driver packaging regression (LP: #1996112) + - [Packaging] Reintroduce VM DRM drivers into modules + + -- Andrea Righi Tue, 13 Dec 2022 22:14:08 +0100 + +linux (6.1.0-9.9) lunar; urgency=medium + + * Empty entry (ABI bump) + + -- Andrea Righi Tue, 13 Dec 2022 21:31:08 +0100 + +linux (6.1.0-3.3) lunar; urgency=medium + + * lunar/linux: 6.1.0-3.3 -proposed tracker (LP: #1999534) + + * [DEP-8] Run ADT regression suite for lowlatency kernels Jammy and later + (LP: #1999528) + - [DEP-8] Fix regression suite to run on lowlatency + + * Miscellaneous Ubuntu changes + - [Packaging] annotations: do not add constraints on toolchain versions + + -- Andrea Righi Tue, 13 Dec 2022 16:45:59 +0100 + +linux (6.1.0-2.2) lunar; urgency=medium + + * lunar/linux: 6.1.0-2.2 -proposed tracker (LP: #1999411) + + * Miscellaneous Ubuntu changes + - [Packaging] annotations: do not enforce toolchain versions + + -- Andrea Righi Mon, 12 Dec 2022 17:05:59 +0100 + +linux (6.1.0-1.1) lunar; urgency=medium + + * lunar/linux: 6.1.0-1.1 -proposed tracker (LP: #1999373) + + * Packaging resync (LP: #1786013) + - [Packaging] update variants + + * Miscellaneous Ubuntu changes + - [Packaging] annotations: set and delete configs from command line + - [Packaging] migrateconfigs: ignore README.rst if it doesn't exist + - [Packaging] migrate-annotations: properly determine arches in derivatives + - [Packaging] annotations: allow to set note to config options directly + - [Packaging] annotations: assume --query as default command + - [Packaging] annotations: allow to query using CONFIG_