Bug #2056143 “block/loop: No longer allows to create partitions” : Bugs : linux package : Ubuntu

Stefan Bader (smb) on 2024-03-05

Changed in linux (Ubuntu Jammy):
assignee:	nobody → Stefan Bader (smb)
importance:	Undecided → Medium
status:	New → In Progress
Changed in linux (Ubuntu):
status:	Triaged → Invalid
assignee:	Stefan Bader (smb) → nobody

Stefan Bader (smb) on 2024-03-05

description:

updated

Stefan Bader (smb) on 2024-03-05

Changed in linux (Ubuntu Jammy):
status:	In Progress → Fix Committed

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2024-03-07:

#1

This bug is awaiting verification that the linux/5.15.0-102.112 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy-linux' to 'verification-done-jammy-linux'. If the problem still exists, change the tag 'verification-needed-jammy-linux' to 'verification-failed-jammy-linux'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-jammy-linux-v2 verification-needed-jammy-linux

Revision history for this message

Matthew Ruffell (mruffell) wrote on 2024-03-19:

#2

Performing verification for Jammy.

I started a fresh VM, with 5.15.0-101-generic from updates. I ran the following reproducer:

$ fallocate -l 1G /tmp/blob
$ LOOPDEV=$(sudo losetup --find --show /tmp/blob)
$ sudo /usr/sbin/parted -s -m -a optimal $LOOPDEV -- unit KiB mklabel gpt mkpart primary 0% 100%
Error: Partition(s) 1 on /dev/loop4 have been written, but we have been unable to inform the kernel of the change, probably because it/they are in use. As a result, the old partition(s) will remain in use. You should reboot now before making further changes.

I then enabled -proposed, and installed 5.15.0-102-generic:

$ uname -rv
5.15.0-102-generic #112-Ubuntu SMP Tue Mar 5 16:50:32 UTC 2024

Running the reproducer:

$ fallocate -l 1G /tmp/blob
$ LOOPDEV=$(sudo losetup --find --show /tmp/blob)
$ sudo /usr/sbin/parted -s -m -a optimal $LOOPDEV -- unit KiB mklabel gpt mkpart primary 0% 100%

$ losetup -a
/dev/loop4: []: (/tmp/blob)
$ ll /dev
...
brw-rw---- 1 root disk 7, 4 Mar 19 03:45 loop4
brw-rw---- 1 root disk 259, 0 Mar 19 03:45 loop4p1
...

Things are now working as intended. The kernel in -proposed solves the issue. Happy to mark verified for Jammy.

tags:

added: sts verification-done-jammy-linux
removed: verification-needed-jammy-linux

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2024-03-29:

#3

This bug is awaiting verification that the linux-aws-fips/5.15.0-1057.63+fips1 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy-linux-aws-fips' to 'verification-done-jammy-linux-aws-fips'. If the problem still exists, change the tag 'verification-needed-jammy-linux-aws-fips' to 'verification-failed-jammy-linux-aws-fips'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-jammy-linux-aws-fips-v2 verification-needed-jammy-linux-aws-fips

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2024-03-29:

#4

This bug is awaiting verification that the linux-aws-5.15/5.15.0-1057.63~20.04.1 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal-linux-aws-5.15' to 'verification-done-focal-linux-aws-5.15'. If the problem still exists, change the tag 'verification-needed-focal-linux-aws-5.15' to 'verification-failed-focal-linux-aws-5.15'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-focal-linux-aws-5.15-v2 verification-needed-focal-linux-aws-5.15

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2024-04-02:

#5

This bug is awaiting verification that the linux-nvidia-tegra/5.15.0-1023.23 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy-linux-nvidia-tegra' to 'verification-done-jammy-linux-nvidia-tegra'. If the problem still exists, change the tag 'verification-needed-jammy-linux-nvidia-tegra' to 'verification-failed-jammy-linux-nvidia-tegra'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-jammy-linux-nvidia-tegra-v2 verification-needed-jammy-linux-nvidia-tegra

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2024-04-02:

#6

This bug is awaiting verification that the linux-nvidia-tegra-5.15/5.15.0-1023.23~20.04.1 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal-linux-nvidia-tegra-5.15' to 'verification-done-focal-linux-nvidia-tegra-5.15'. If the problem still exists, change the tag 'verification-needed-focal-linux-nvidia-tegra-5.15' to 'verification-failed-focal-linux-nvidia-tegra-5.15'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-focal-linux-nvidia-tegra-5.15-v2 verification-needed-focal-linux-nvidia-tegra-5.15

Roxana Nicolescu (roxanan) on 2024-04-03

tags:

added: verification-done-focal-linux-aws-5.15 verification-done-focal-linux-nvidia-tegra-5.15 verification-done-jammy-linux-aws-fips verification-done-jammy-linux-nvidia-tegra
removed: verification-needed-focal-linux-aws-5.15 verification-needed-focal-linux-nvidia-tegra-5.15 verification-needed-jammy-linux-aws-fips verification-needed-jammy-linux-nvidia-tegra

Revision history for this message

Launchpad Janitor (janitor) wrote on 2024-04-08:

#7

Download full text (49.9 KiB)

This bug was fixed in the package linux - 5.15.0-102.112

---------------
linux (5.15.0-102.112) jammy; urgency=medium

* jammy/linux: 5.15.0-102.112 -proposed tracker (LP: #2055632)

  * Drop ABI checks from kernel build (LP: #2055686)
    - [Packaging] Remove in-tree abi checks
    - [Packaging] Drop abi checks from final-checks

  * Packaging resync (LP: #1786013)
    - [Packaging] drop ABI data
    - [Packaging] update annotations scripts
    - debian.master/dkms-versions -- update from kernel-versions (main/2024.03.04)

* block/loop: No longer allows to create partitions (LP: #2056143)
- block, loop: support partitions without scanning

  * Cranky update-dkms-versions rollout (LP: #2055685)
    - [Packaging] remove update-dkms-versions
    - Move debian/dkms-versions to debian.master/dkms-versions
    - [Packaging] Replace debian/dkms-versions with $(DEBIAN)/dkms-versions
    - [Packaging] remove update-version-dkms

  * linux: please move erofs.ko (CONFIG_EROFS for EROFS support) from linux-
    modules-extra to linux-modules (LP: #2054809)
    - UBUNTU [Packaging]: Include erofs in linux-modules instead of linux-modules-
      extra

* linux-tools-common: man page of usbip[d] is misplaced (LP: #2054094)
- [Packaging] rules: Put usbip manpages in the correct directory

  * CVE-2024-23851
    - dm ioctl: log an error if the ioctl structure is corrupted
    - dm: limit the number of targets and parameter size area

* CVE-2024-23850
- btrfs: do not ASSERT() if the newly created subvolume already got read

  * x86: performance: tsc: Extend watchdog check exemption to 4-Sockets platform
    (LP: #2054699)
    - x86/tsc: Extend watchdog check exemption to 4-Sockets platform

  * linux: please move dmi-sysfs.ko (CONFIG_DMI_SYSFS for SMBIOS support) from
    linux-modules-extra to linux-modules (LP: #2045561)
    - [Packaging] Move dmi-sysfs.ko into linux-modules

  * Fix bpf selftests build failure after v5.15.139 update (LP: #2054567)
    - Revert "selftests/bpf: Test tail call counting with bpf2bpf and data on
      stack"

  * Jammy update: v5.15.148 upstream stable release (LP: #2055145)
    - f2fs: explicitly null-terminate the xattr list
    - pinctrl: lochnagar: Don't build on MIPS
    - ALSA: hda - Fix speaker and headset mic pin config for CHUWI CoreBook XPro
    - mptcp: fix uninit-value in mptcp_incoming_options
    - wifi: cfg80211: lock wiphy mutex for rfkill poll
    - debugfs: fix automount d_fsdata usage
    - drm/amdgpu: Fix cat debugfs amdgpu_regs_didt causes kernel null pointer
    - nvme-core: check for too small lba shift
    - ASoC: wm8974: Correct boost mixer inputs
    - ASoC: Intel: Skylake: Fix mem leak in few functions
    - ASoC: nau8822: Fix incorrect type in assignment and cast to restricted
      __be16
    - ASoC: Intel: Skylake: mem leak in skl register function
    - ASoC: cs43130: Fix the position of const qualifier
    - ASoC: cs43130: Fix incorrect frame delay configuration
    - ASoC: rt5650: add mutex to avoid the jack detection failure
    - nouveau/tu102: flush all pdbs on vmm flush
    - net/tg3: fix race condition in tg3_reset_task()
    - ASoC: da7219: Support low DC impedance hea...

This bug was fixed in the package linux - 5.15.0-102.112

---------------
linux (5.15.0-102.112) jammy; urgency=medium

* jammy/linux: 5.15.0-102.112 -proposed tracker (LP: #2055632)

* Drop ABI checks from kernel build (LP: #2055686)
    - [Packaging] Remove in-tree abi checks
    - [Packaging] Drop abi checks from final-checks

* Packaging resync (LP: #1786013)
    - [Packaging] drop ABI data
    - [Packaging] update annotations scripts
    - debian.master/dkms-versions -- update from kernel-versions (main/2024.03.04)

* block/loop: No longer allows to create partitions (LP: #2056143)
    - block, loop: support partitions without scanning

* Cranky update-dkms-versions rollout (LP: #2055685)
    - [Packaging] remove update-dkms-versions
    - Move debian/dkms-versions to debian.master/dkms-versions
    - [Packaging] Replace debian/dkms-versions with $(DEBIAN)/dkms-versions
    - [Packaging] remove update-version-dkms

* linux: please move erofs.ko (CONFIG_EROFS for EROFS support) from linux-
    modules-extra to linux-modules (LP: #2054809)
    - UBUNTU [Packaging]: Include erofs in linux-modules instead of linux-modules-
      extra

* linux-tools-common: man page of usbip[d] is misplaced (LP: #2054094)
    - [Packaging] rules: Put usbip manpages in the correct directory

* CVE-2024-23851
    - dm ioctl: log an error if the ioctl structure is corrupted
    - dm: limit the number of targets and parameter size area

* CVE-2024-23850
    - btrfs: do not ASSERT() if the newly created subvolume already got read

* x86: performance: tsc: Extend watchdog check exemption to 4-Sockets platform
    (LP: #2054699)
    - x86/tsc: Extend watchdog check exemption to 4-Sockets platform

* linux: please move dmi-sysfs.ko (CONFIG_DMI_SYSFS for SMBIOS support) from
    linux-modules-extra to linux-modules (LP: #2045561)
    - [Packaging] Move dmi-sysfs.ko into linux-modules

* Fix bpf selftests build failure after v5.15.139 update (LP: #2054567)
    - Revert "selftests/bpf: Test tail call counting with bpf2bpf and data on
      stack"

* Jammy update: v5.15.148 upstream stable release (LP: #2055145)
    - f2fs: explicitly null-terminate the xattr list
    - pinctrl: lochnagar: Don't build on MIPS
    - ALSA: hda - Fix speaker and headset mic pin config for CHUWI CoreBook XPro
    - mptcp: fix uninit-value in mptcp_incoming_options
    - wifi: cfg80211: lock wiphy mutex for rfkill poll
    - debugfs: fix automount d_fsdata usage
    - drm/amdgpu: Fix cat debugfs amdgpu_regs_didt causes kernel null pointer
    - nvme-core: check for too small lba shift
    - ASoC: wm8974: Correct boost mixer inputs
    - ASoC: Intel: Skylake: Fix mem leak in few functions
    - ASoC: nau8822: Fix incorrect type in assignment and cast to restricted
      __be16
    - ASoC: Intel: Skylake: mem leak in skl register function
    - ASoC: cs43130: Fix the position of const qualifier
    - ASoC: cs43130: Fix incorrect frame delay configuration
    - ASoC: rt5650: add mutex to avoid the jack detection failure
    - nouveau/tu102: flush all pdbs on vmm flush
    - net/tg3: fix race condition in tg3_reset_task()
    - ASoC: da7219: Support low DC impedance headset
    - ASoC: ops: add correct range check for limiting volume
    - nvme: introduce helper function to get ctrl state
    - drm/amdgpu: Add NULL checks for function pointers
    - drm/exynos: fix a potential error pointer dereference
    - drm/exynos: fix a wrong error checking
    - hwmon: (corsair-psu) Fix probe when built-in
    - clk: rockchip: rk3128: Fix HCLK_OTG gate register
    - jbd2: correct the printing of write_flags in jbd2_write_superblock()
    - drm/crtc: Fix uninit-value bug in drm_mode_setcrtc
    - neighbour: Don't let neigh_forced_gc() disable preemption for long
    - platform/x86: intel-vbtn: Fix missing tablet-mode-switch events
    - jbd2: fix soft lockup in journal_finish_inode_data_buffers()
    - tracing: Have large events show up as '[LINE TOO BIG]' instead of nothing
    - tracing: Add size check when printing trace_marker output
    - stmmac: dwmac-loongson: drop useless check for compatible fallback
    - MIPS: dts: loongson: drop incorrect dwmac fallback compatible
    - tracing: Fix uaf issue when open the hist or hist_debug file
    - ring-buffer: Do not record in NMI if the arch does not support cmpxchg in
      NMI
    - reset: hisilicon: hi6220: fix Wvoid-pointer-to-enum-cast warning
    - Input: atkbd - skip ATKBD_CMD_GETID in translated mode
    - Input: i8042 - add nomux quirk for Acer P459-G2-M
    - s390/scm: fix virtual vs physical address confusion
    - ARC: fix spare error
    - wifi: iwlwifi: pcie: avoid a NULL pointer dereference
    - Input: xpad - add Razer Wolverine V2 support
    - ASoC: Intel: bytcr_rt5640: Add quirk for the Medion Lifetab S10346
    - i2c: rk3x: fix potential spinlock recursion on poll
    - net: qrtr: ns: Return 0 if server port is not present
    - ARM: sun9i: smp: fix return code check of of_property_match_string
    - drm/crtc: fix uninitialized variable use
    - ACPI: resource: Add another DMI match for the TongFang GMxXGxx
    - Revert "ASoC: atmel: Remove system clock tree configuration for
      at91sam9g20ek"
    - bpf: Add --skip_encoding_btf_inconsistent_proto, --btf_gen_optimized to
      pahole flags for v1.25
    - kprobes: Fix to handle forcibly unoptimized kprobes on freeing_list
    - Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d"
    - binder: use EPOLLERR from eventpoll.h
    - binder: fix use-after-free in shinker's callback
    - binder: fix trivial typo of binder_free_buf_locked()
    - binder: fix comment on binder_alloc_new_buf() return value
    - uio: Fix use-after-free in uio_open
    - parport: parport_serial: Add Brainboxes BAR details
    - parport: parport_serial: Add Brainboxes device IDs and geometry
    - leds: ledtrig-tty: Free allocated ttyname buffer on deactivate
    - PCI: Add ACS quirk for more Zhaoxin Root Ports
    - coresight: etm4x: Fix width of CCITMIN field
    - x86/lib: Fix overflow when counting digits
    - EDAC/thunderx: Fix possible out-of-bounds string access
    - powerpc: Mark .opd section read-only
    - powerpc/toc: Future proof kernel toc
    - powerpc: remove checks for binutils older than 2.25
    - powerpc: add crtsavres.o to always-y instead of extra-y
    - powerpc/44x: select I2C for CURRITUCK
    - powerpc/pseries/memhp: Fix access beyond end of drmem array
    - selftests/powerpc: Fix error handling in FPU/VMX preemption tests
    - powerpc/powernv: Add a null pointer check to scom_debug_init_one()
    - powerpc/powernv: Add a null pointer check in opal_event_init()
    - powerpc/powernv: Add a null pointer check in opal_powercap_init()
    - powerpc/imc-pmu: Add a null pointer check in update_events_in_group()
    - spi: spi-zynqmp-gqspi: fix driver kconfig dependencies
    - mtd: rawnand: Increment IFC_TIMEOUT_MSECS for nand controller response
    - ACPI: video: check for error while searching for backlight device parent
    - ACPI: LPIT: Avoid u32 multiplication overflow
    - of: property: define of_property_read_u{8,16,32,64}_array() unconditionally
    - of: Add of_property_present() helper
    - cpufreq: Use of_property_present() for testing DT property presence
    - cpufreq: scmi: process the result of devm_of_clk_add_hw_provider()
    - calipso: fix memory leak in netlbl_calipso_add_pass()
    - efivarfs: force RO when remounting if SetVariable is not supported
    - spi: sh-msiof: Enforce fixed DTDL for R-Car H3
    - ACPI: LPSS: Fix the fractional clock divider flags
    - ACPI: extlog: Clear Extended Error Log status when RAS_CEC handled the error
    - kunit: debugfs: Fix unchecked dereference in debugfs_print_results()
    - mtd: Fix gluebi NULL pointer dereference caused by ftl notifier
    - selinux: Fix error priority for bind with AF_UNSPEC on PF_INET6 socket
    - crypto: virtio - Handle dataq logic with tasklet
    - crypto: sa2ul - Return crypto_aead_setkey to transfer the error
    - crypto: ccp - fix memleak in ccp_init_dm_workarea
    - crypto: af_alg - Disallow multiple in-flight AIO requests
    - crypto: sahara - remove FLAGS_NEW_KEY logic
    - crypto: sahara - fix cbc selftest failure
    - crypto: sahara - fix ahash selftest failure
    - crypto: sahara - fix processing requests with cryptlen < sg->length
    - crypto: sahara - fix error handling in sahara_hw_descriptor_create()
    - pstore: ram_core: fix possible overflow in persistent_ram_init_ecc()
    - fs: indicate request originates from old mount API
    - gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump
    - crypto: virtio - Wait for tasklet to complete on device remove
    - crypto: sahara - avoid skcipher fallback code duplication
    - crypto: sahara - handle zero-length aes requests
    - crypto: sahara - fix ahash reqsize
    - crypto: sahara - fix wait_for_completion_timeout() error handling
    - crypto: sahara - improve error handling in sahara_sha_process()
    - crypto: sahara - fix processing hash requests with req->nbytes < sg->length
    - crypto: sahara - do not resize req->src when doing hash operations
    - crypto: scomp - fix req->dst buffer overflow
    - blocklayoutdriver: Fix reference leak of pnfs_device_node
    - NFSv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT
    - wifi: rtw88: fix RX filter in FIF_ALLMULTI flag
    - bpf, lpm: Fix check prefixlen before walking trie
    - bpf: Add crosstask check to __bpf_get_stack
    - wifi: ath11k: Defer on rproc_get failure
    - wifi: libertas: stop selecting wext
    - ARM: dts: qcom: apq8064: correct XOADC register address
    - net/ncsi: Fix netlink major/minor version numbers
    - firmware: ti_sci: Fix an off-by-one in ti_sci_debugfs_create()
    - firmware: meson_sm: populate platform devices from sm device tree data
    - wifi: rtlwifi: rtl8821ae: phy: fix an undefined bitwise shift behavior
    - arm64: dts: ti: k3-am65-main: Fix DSS irq trigger type
    - bpf: enforce precision of R0 on callback return
    - ARM: dts: qcom: sdx65: correct SPMI node name
    - arm64: dts: qcom: sc7180: Make watchdog bark interrupt edge triggered
    - arm64: dts: qcom: sc7280: Make watchdog bark interrupt edge triggered
    - arm64: dts: qcom: sdm845: Make watchdog bark interrupt edge triggered
    - arm64: dts: qcom: sm8150: Make watchdog bark interrupt edge triggered
    - arm64: dts: qcom: sm8250: Make watchdog bark interrupt edge triggered
    - bpf: fix check for attempt to corrupt spilled pointer
    - scsi: fnic: Return error if vmalloc() failed
    - arm64: dts: qcom: qrb5165-rb5: correct LED panic indicator
    - arm64: dts: qcom: sdm845-db845c: correct LED panic indicator
    - arm64: dts: qcom: sc7280: fix usb_2 wakeup interrupt types
    - bpf: Fix verification of indirect var-off stack access
    - block: Set memalloc_noio to false on device_add_disk() error path
    - scsi: hisi_sas: Rename HISI_SAS_{RESET -> RESETTING}_BIT
    - scsi: hisi_sas: Prevent parallel FLR and controller reset
    - scsi: hisi_sas: Replace with standard error code return value
    - scsi: hisi_sas: Rollback some operations if FLR failed
    - scsi: hisi_sas: Correct the number of global debugfs registers
    - selftests/net: fix grep checking for fib_nexthop_multiprefix
    - virtio/vsock: fix logic which reduces credit update messages
    - dma-mapping: Add dma_release_coherent_memory to DMA API
    - dma-mapping: clear dev->dma_mem to NULL after freeing it
    - soc: qcom: llcc: Fix dis_cap_alloc and retain_on_pc configuration
    - arm64: dts: qcom: sm8150-hdk: fix SS USB regulators
    - block: add check of 'minors' and 'first_minor' in device_add_disk()
    - arm64: dts: qcom: sc7280: Mark SDHCI hosts as cache-coherent
    - wifi: rtlwifi: add calculate_bit_shift()
    - wifi: rtlwifi: rtl8188ee: phy: using calculate_bit_shift()
    - wifi: rtlwifi: rtl8192c: using calculate_bit_shift()
    - wifi: rtlwifi: rtl8192cu: using calculate_bit_shift()
    - wifi: rtlwifi: rtl8192ce: using calculate_bit_shift()
    - wifi: rtlwifi: rtl8192de: using calculate_bit_shift()
    - wifi: rtlwifi: rtl8192ee: using calculate_bit_shift()
    - wifi: rtlwifi: rtl8192se: using calculate_bit_shift()
    - wifi: iwlwifi: mvm: set siso/mimo chains to 1 in FW SMPS request
    - wifi: iwlwifi: mvm: send TX path flush in rfkill
    - netfilter: nf_tables: mark newset as dead on transaction abort
    - Bluetooth: Fix bogus check for re-auth no supported with non-ssp
    - Bluetooth: btmtkuart: fix recv_buf() return value
    - block: make BLK_DEF_MAX_SECTORS unsigned
    - null_blk: don't cap max_hw_sectors to BLK_DEF_MAX_SECTORS
    - net/sched: act_ct: fix skb leak and crash on ooo frags
    - mlxbf_gige: Fix intermittent no ip issue
    - net: mellanox: mlxbf_gige: Replace non-standard interrupt handling
    - mlxbf_gige: Enable the GigE port in mlxbf_gige_open
    - ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim()
    - ARM: davinci: always select CONFIG_CPU_ARM926T
    - Revert "drm/tidss: Annotate dma-fence critical section in commit path"
    - Revert "drm/omapdrm: Annotate dma-fence critical section in commit path"
    - RDMA/usnic: Silence uninitialized symbol smatch warnings
    - RDMA/hns: Fix inappropriate err code for unsupported operations
    - drm/panel-elida-kd35t133: hold panel in reset for unprepare
    - drm/nouveau/fence:: fix warning directly dereferencing a rcu pointer
    - drm/bridge: tpd12s015: Drop buggy __exit annotation for remove function
    - drm/tilcdc: Fix irq free on unload
    - media: pvrusb2: fix use after free on context disconnection
    - drm/bridge: Fix typo in post_disable() description
    - f2fs: fix to avoid dirent corruption
    - drm/radeon/r600_cs: Fix possible int overflows in r600_cs_check_reg()
    - drm/radeon/r100: Fix integer overflow issues in r100_cs_track_check()
    - drm/radeon: check return value of radeon_ring_lock()
    - ASoC: cs35l33: Fix GPIO name and drop legacy include
    - ASoC: cs35l34: Fix GPIO name and drop legacy include
    - drm/msm/mdp4: flush vblank event on disable
    - drm/msm/dsi: Use pm_runtime_resume_and_get to prevent refcnt leaks
    - drm/drv: propagate errors from drm_modeset_register_all()
    - drm/radeon: check the alloc_workqueue return value in radeon_crtc_init()
    - drm/radeon/dpm: fix a memleak in sumo_parse_power_table
    - drm/radeon/trinity_dpm: fix a memleak in trinity_parse_power_table
    - drm/bridge: cdns-mhdp8546: Fix use of uninitialized variable
    - drm/bridge: tc358767: Fix return value on error case
    - media: cx231xx: fix a memleak in cx231xx_init_isoc
    - clk: qcom: gpucc-sm8150: Update the gpu_cc_pll1 config
    - media: rkisp1: Disable runtime PM in probe error path
    - f2fs: fix to check compress file in f2fs_move_file_range()
    - f2fs: fix to update iostat correctly in f2fs_filemap_fault()
    - f2fs: fix the f2fs_file_write_iter tracepoint
    - media: dvbdev: drop refcount on error path in dvb_device_open()
    - media: dvb-frontends: m88ds3103: Fix a memory leak in an error handling path
      of m88ds3103_probe()
    - drm/amdgpu/debugfs: fix error code when smc register accessors are NULL
    - drm/amd/pm: fix a double-free in si_dpm_init
    - drivers/amd/pm: fix a use-after-free in kv_parse_power_table
    - gpu/drm/radeon: fix two memleaks in radeon_vm_init
    - dt-bindings: clock: Update the videocc resets for sm8150
    - clk: qcom: videocc-sm8150: Update the videocc resets
    - clk: qcom: videocc-sm8150: Add missing PLL config property
    - drivers: clk: zynqmp: calculate closest mux rate
    - clk: zynqmp: make bestdiv unsigned
    - clk: zynqmp: Add a check for NULL pointer
    - drivers: clk: zynqmp: update divider round rate logic
    - watchdog: set cdev owner before adding
    - watchdog/hpwdt: Only claim UNKNOWN NMI if from iLO
    - watchdog: bcm2835_wdt: Fix WDIOC_SETTIMEOUT handling
    - watchdog: rti_wdt: Drop runtime pm reference count when watchdog is unused
    - clk: si5341: fix an error code problem in si5341_output_clk_set_rate
    - clk: asm9260: use parent index to link the reference clock
    - clk: fixed-rate: add devm_clk_hw_register_fixed_rate
    - clk: fixed-rate: fix clk_hw_register_fixed_rate_with_accuracy_parent_hw
    - pwm: stm32: Use regmap_clear_bits and regmap_set_bits where applicable
    - pwm: stm32: Use hweight32 in stm32_pwm_detect_channels
    - pwm: stm32: Fix enable count for clk in .probe()
    - ASoC: rt5645: Drop double EF20 entry from dmi_platform_data[]
    - ALSA: scarlett2: Add missing error check to scarlett2_config_save()
    - ALSA: scarlett2: Add missing error check to scarlett2_usb_set_config()
    - ALSA: scarlett2: Allow passing any output to line_out_remap()
    - ALSA: scarlett2: Add missing error checks to *_ctl_get()
    - ALSA: scarlett2: Add clamp() in scarlett2_mixer_ctl_put()
    - mmc: sdhci_am654: Fix TI SoC dependencies
    - [Config] update annotations for CONFIG_MMC_SDHCI_AM654
    - [Config] remove sdhci_am654 module for armhf/ppc64el
    - mmc: sdhci_omap: Fix TI SoC dependencies
    - [Config] update annotations for CONFIG_MMC_SDHCI_OMAP
    - [Config] remove sdhci-omap module for arm64/ppc64el
    - IB/iser: Prevent invalidating wrong MR
    - drm/amd/pm/smu7: fix a memleak in smu7_hwmgr_backend_init
    - ksmbd: validate the zero field of packet header
    - of: Fix double free in of_parse_phandle_with_args_map
    - of: unittest: Fix of_count_phandle_with_args() expected value message
    - selftests/bpf: Add assert for user stacks in test_task_stack
    - binder: fix async space check for 0-sized buffers
    - binder: fix unused alloc->free_async_space
    - Input: atkbd - use ab83 as id when skipping the getid command
    - dma-mapping: Fix build error unused-value
    - virtio-crypto: fix memory leak in virtio_crypto_alg_skcipher_close_session()
    - binder: fix race between mmput() and do_exit()
    - tick-sched: Fix idle and iowait sleeptime accounting vs CPU hotplug
    - usb: phy: mxs: remove CONFIG_USB_OTG condition for mxs_phy_is_otg_host()
    - usb: dwc: ep0: Update request status in dwc3_ep0_stall_restart
    - Revert "usb: dwc3: Soft reset phy on probe for host"
    - Revert "usb: dwc3: don't reset device side if dwc3 was configured as host-
      only"
    - usb: chipidea: wait controller resume finished for wakeup irq
    - usb: cdns3: fix uvc failure work since sg support enabled
    - usb: cdns3: fix iso transfer error when mult is not zero
    - usb: cdns3: Fix uvc fail when DMA cross 4k boundery since sg enabled
    - Revert "usb: typec: class: fix typec_altmode_put_partner to put plugs"
    - usb: typec: class: fix typec_altmode_put_partner to put plugs
    - usb: mon: Fix atomicity violation in mon_bin_vma_fault
    - serial: imx: Ensure that imx_uart_rs485_config() is called with enabled
      clock
    - ALSA: oxygen: Fix right channel of capture volume mixer
    - ALSA: hda/relatek: Enable Mute LED on HP Laptop 15s-fq2xxx
    - fbdev: flush deferred work in fb_deferred_io_fsync()
    - scsi: mpi3mr: Refresh sdev queue depth after controller reset
    - block: add check that partition length needs to be aligned with block size
    - pwm: jz4740: Don't use dev_err_probe() in .request()
    - io_uring/rw: ensure io->bytes_done is always initialized
    - rootfs: Fix support for rootfstype= when root= is given
    - Bluetooth: Fix atomicity violation in {min,max}_key_size_set
    - bpf: Fix re-attachment branch in bpf_tracing_prog_attach
    - iommu/arm-smmu-qcom: Add missing GMU entry to match table
    - wifi: mt76: fix broken precal loading from MTD for mt7915
    - wifi: rtlwifi: Remove bogus and dangerous ASPM disable/enable code
    - wifi: rtlwifi: Convert LNKCTL change to PCIe cap RMW accessors
    - wifi: mwifiex: configure BSSID consistently when starting AP
    - PCI: dwc: endpoint: Fix dw_pcie_ep_raise_msix_irq() alignment support
    - PCI: mediatek: Clear interrupt status before dispatching handler
    - x86/kvm: Do not try to disable kvmclock if it was not enabled
    - KVM: arm64: vgic-v4: Restore pending state on host userspace write
    - KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache
    - iio: adc: ad7091r: Pass iio_dev to event handler
    - HID: wacom: Correct behavior when processing some confidence == false
      touches
    - serial: sc16is7xx: add check for unsupported SPI modes during probe
    - serial: sc16is7xx: set safe default SPI clock frequency
    - iommu/dma: Trace bounce buffer usage when mapping buffers
    - ARM: 9330/1: davinci: also select PINCTRL
    - mfd: syscon: Fix null pointer dereference in of_syscon_register()
    - leds: aw2013: Select missing dependency REGMAP_I2C
    - mfd: intel-lpss: Fix the fractional clock divider flags
    - mips: dmi: Fix early remap on MIPS32
    - mips: Fix incorrect max_low_pfn adjustment
    - riscv: Check if the code to patch lies in the exit section
    - riscv: Fix module_alloc() that did not reset the linear mapping permissions
    - MIPS: Alchemy: Fix an out-of-bound access in db1200_dev_setup()
    - MIPS: Alchemy: Fix an out-of-bound access in db1550_dev_setup()
    - power: supply: cw2015: correct time_to_empty units in sysfs
    - power: supply: bq256xx: fix some problem in bq256xx_hw_init
    - serial: 8250: omap: Don't skip resource freeing if
      pm_runtime_resume_and_get() failed
    - libapi: Add missing linux/types.h header to get the __u64 type on io.h
    - software node: Let args be NULL in software_node_get_reference_args
    - serial: imx: fix tx statemachine deadlock
    - selftests/sgx: Fix uninitialized pointer dereference in error path
    - selftests/sgx: Skip non X86_64 platform
    - iio: adc: ad9467: Benefit from devm_clk_get_enabled() to simplify
    - iio: adc: ad9467: fix reset gpio handling
    - iio: adc: ad9467: don't ignore error codes
    - iio: adc: ad9467: fix scale setting
    - perf genelf: Set ELF program header addresses properly
    - tty: change tty_write_lock()'s ndelay parameter to bool
    - tty: early return from send_break() on TTY_DRIVER_HARDWARE_BREAK
    - tty: don't check for signal_pending() in send_break()
    - tty: use 'if' in send_break() instead of 'goto'
    - usb: cdc-acm: return correct error code on unsupported break
    - nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length
    - nvmet-tcp: fix a crash in nvmet_req_complete()
    - perf env: Avoid recursively taking env->bpf_progs.lock
    - apparmor: avoid crash when parsed profile name is empty
    - usb: xhci-mtk: fix a short packet issue of gen1 isoc-in transfer
    - serial: imx: Correct clock error message in function probe()
    - nvmet: re-fix tracing strncpy() warning
    - nvmet-tcp: Fix the H2C expected PDU len calculation
    - PCI: keystone: Fix race condition when initializing PHYs
    - s390/pci: fix max size calculation in zpci_memcpy_toio()
    - net: qualcomm: rmnet: fix global oob in rmnet_policy
    - net: ethernet: ti: am65-cpsw: Fix max mtu to fit ethernet frames
    - net: phy: micrel: populate .soft_reset for KSZ9131
    - mptcp: mptcp_parse_option() fix for MPTCPOPT_MP_JOIN
    - mptcp: drop unused sk in mptcp_get_options
    - mptcp: strict validation before using mp_opt->hmac
    - mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect()
    - mptcp: use OPTION_MPTCP_MPJ_SYN in subflow_check_req()
    - net: ravb: Fix dma_addr_t truncation in error case
    - net: stmmac: ethtool: Fixed calltrace caused by unbalanced disable_irq_wake
      calls
    - bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS
    - net: dsa: vsc73xx: Add null pointer check to vsc73xx_gpio_probe
    - netfilter: nf_tables: reject invalid set policy
    - netfilter: nft_connlimit: move stateful fields out of expression data
    - netfilter: nft_last: move stateful fields out of expression data
    - netfilter: nft_quota: move stateful fields out of expression data
    - netfilter: nft_limit: rename stateful structure
    - netfilter: nft_limit: move stateful fields out of expression data
    - netfilter: nf_tables: memcg accounting for dynamically allocated objects
    - netfilter: nft_limit: do not ignore unsupported flags
    - netfilter: nf_tables: do not allow mismatch field size and set key length
    - netfilter: nf_tables: skip dead set elements in netlink dump
    - netfilter: nf_tables: reject NFT_SET_CONCAT with not field length
      description
    - ipvs: avoid stat macros calls from preemptible context
    - kdb: Fix a potential buffer overflow in kdb_local()
    - ethtool: netlink: Add missing ethnl_ops_begin/complete
    - mlxsw: spectrum_acl_erp: Fix error flow of pool allocation failure
    - mlxsw: spectrum: Use 'bitmap_zalloc()' when applicable
    - mlxsw: spectrum_acl_tcam: Add missing mutex_destroy()
    - mlxsw: spectrum_acl_tcam: Make fini symmetric to init
    - mlxsw: spectrum_acl_tcam: Reorder functions to avoid forward declarations
    - mlxsw: spectrum_acl_tcam: Fix stack corruption
    - selftests: mlxsw: qos_pfc: Adjust the test to support 8 lanes
    - ipv6: mcast: fix data-race in ipv6_mc_down / mld_ifc_work
    - i2c: s3c24xx: fix read transfers in polling mode
    - i2c: s3c24xx: fix transferring more than one message in polling mode
    - block: Remove special-casing of compound pages
    - netfilter: nf_tables: typo NULL check in _clone() function
    - netfilter: nft_connlimit: memleak if nf_ct_netns_get() fails
    - netfilter: nft_limit: fix stateful object memory leak
    - netfilter: nft_limit: Clone packet limits' cost value
    - netfilter: nft_last: copy content when cloning expression
    - netfilter: nft_quota: copy content when cloning expression
    - arm64: dts: armada-3720-turris-mox: set irq type for RTC
    - Revert "Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d""
    - Linux 5.15.148

* CVE-2024-24855
    - scsi: lpfc: Fix a possible data race in lpfc_unregister_fcf_rescan()

* performance: Scheduler: ratelimit updating of load_avg (LP: #2053251)
    - sched/fair: Ratelimit update to tg->load_avg

* Jammy update: v5.15.147 upstream stable release (LP: #2054411)
    - block: Don't invalidate pagecache for invalid falloc modes
    - ALSA: hda/realtek: Fix mute and mic-mute LEDs for HP ProBook 440 G6
    - Revert "PCI/ASPM: Remove pcie_aspm_pm_state_change()"
    - wifi: iwlwifi: pcie: don't synchronize IRQs from IRQ
    - drm/bridge: ti-sn65dsi86: Never store more than msg->size bytes in AUX xfer
    - nfc: llcp_core: Hold a ref to llcp_local->dev when holding a ref to
      llcp_local
    - octeontx2-af: Fix marking couple of structure as __packed
    - drm/i915/dp: Fix passing the correct DPCD_REV for
      drm_dp_set_phy_test_pattern
    - i40e: Fix filter input checks to prevent config with invalid values
    - igc: Report VLAN EtherType matching back to user
    - igc: Check VLAN TCI mask
    - igc: Check VLAN EtherType mask
    - ASoC: fsl_rpmsg: Fix error handler with pm_runtime_enable
    - mlxbf_gige: fix receive packet race condition
    - net: sched: em_text: fix possible memory leak in em_text_destroy()
    - r8169: Fix PCI error on system resume
    - net: Implement missing getsockopt(SO_TIMESTAMPING_NEW)
    - can: raw: add support for SO_TXTIME/SCM_TXTIME
    - can: raw: add support for SO_MARK
    - net-timestamp: extend SOF_TIMESTAMPING_OPT_ID to HW timestamps
    - ARM: sun9i: smp: Fix array-index-out-of-bounds read in sunxi_mc_smp_init
    - sfc: fix a double-free bug in efx_probe_filters
    - net: bcmgenet: Fix FCS generation for fragmented skbuffs
    - netfilter: nft_immediate: drop chain reference counter on error
    - net: Save and restore msg_namelen in sock_sendmsg
    - i40e: fix use-after-free in i40e_aqc_add_filters()
    - ASoC: meson: g12a-toacodec: Validate written enum values
    - ASoC: meson: g12a-tohdmitx: Validate written enum values
    - ASoC: meson: g12a-toacodec: Fix event generation
    - ASoC: meson: g12a-tohdmitx: Fix event generation for S/PDIF mux
    - i40e: Restore VF MSI-X state during PCI reset
    - igc: Fix hicredit calculation
    - net/qla3xxx: fix potential memleak in ql_alloc_buffer_queues
    - octeontx2-af: Don't enable Pause frames by default
    - octeontx2-af: Set NIX link credits based on max LMAC
    - octeontx2-af: Always configure NIX TX link credits based on max frame size
    - octeontx2-af: Re-enable MAC TX in otx2_stop processing
    - asix: Add check for usbnet_get_endpoints
    - bnxt_en: Remove mis-applied code from bnxt_cfg_ntp_filters()
    - net: Implement missing SO_TIMESTAMPING_NEW cmsg support
    - selftests: secretmem: floor the memory size to the multiple of page_size
    - mm/memory-failure: check the mapcount of the precise page
    - firewire: ohci: suppress unexpected system reboot in AMD Ryzen machines and
      ASM108x/VT630x PCIe cards
    - x86/kprobes: fix incorrect return address calculation in
      kprobe_emulate_call_indirect
    - i2c: core: Fix atomic xfer check for non-preempt config
    - mm: fix unmap_mapping_range high bits shift bug
    - mmc: meson-mx-sdhc: Fix initialization frozen issue
    - mmc: rpmb: fixes pause retune on all RPMB partitions.
    - mmc: core: Cancel delayed work before releasing host
    - mmc: sdhci-sprd: Fix eMMC init failure after hw reset
    - ipv6: remove max_size check inline with ipv4
    - perf inject: Fix GEN_ELF_TEXT_OFFSET for jit
    - kallsyms: Make module_kallsyms_on_each_symbol generally available
    - tracing/kprobes: Fix symbol counting logic by looking at modules as well
    - net: usb: ax88179_178a: remove redundant init code
    - net: usb: ax88179_178a: move priv to driver_priv
    - Linux 5.15.147

* CVE-2024-1085
    - netfilter: nf_tables: check if catch-all set element is active in next
      generation

* CVE-2023-23000
    - phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function

* performance: mm/percpu-internal.h: Re-layout pcpu_chunk to mitigate false
    sharing (LP: #2053152)
    - percpu-internal/pcpu_chunk: re-layout pcpu_chunk structure to reduce false
      sharing

* performance: address_space: add padding for i_map and i_mmap_rwsem to
    mitigate a false sharing (LP: #2053069)
    - fs/address_space: add alignment padding for i_map and i_mmap_rwsem to
      mitigate a false sharing.

* cpufreq: intel_pstate: Enable HWP IO boost for all servers (LP: #2052817)
    - cpufreq: intel_pstate: Enable HWP IO boost for all servers

* performance: mm/memcontrol.c: remove the redundant updating of
    stats_flush_threshold (LP: #2052827)
    - mm/memcontrol.c: remove the redundant updating of stats_flush_threshold

* Jammy update: v5.15.146 upstream stable release (LP: #2053212)
    - ARM: dts: dra7: Fix DRA7 L3 NoC node register size
    - ARM: OMAP2+: Fix null pointer dereference and memory leak in
      omap_soc_device_init
    - reset: Fix crash when freeing non-existent optional resets
    - s390/vx: fix save/restore of fpu kernel context
    - wifi: iwlwifi: pcie: add another missing bh-disable for rxq->lock
    - wifi: mac80211: mesh_plink: fix matches_local logic
    - net/mlx5e: Fix slab-out-of-bounds in mlx5_query_nic_vport_mac_list()
    - net/mlx5e: fix a potential double-free in fs_udp_create_groups
    - net/mlx5: Fix fw tracer first block check
    - net/mlx5e: Correct snprintf truncation handling for fw_version buffer used
      by representors
    - net: sched: ife: fix potential use-after-free
    - ethernet: atheros: fix a memleak in atl1e_setup_ring_resources
    - net/rose: fix races in rose_kill_by_device()
    - net: mana: select PAGE_POOL
    - net: check vlan filter feature in vlan_vids_add_by_dev() and
      vlan_vids_del_by_dev()
    - afs: Fix the dynamic root's d_delete to always delete unused dentries
    - afs: Fix dynamic root lookup DNS check
    - net: check dev->gso_max_size in gso_features_check()
    - keys, dns: Allow key types (eg. DNS) to be reclaimed immediately on expiry
    - keys, dns: Fix missing size check of V1 server-list header
    - keys, dns: Fix size check of V1 server-list header
    - afs: Fix overwriting of result of DNS query
    - afs: Use refcount_t rather than atomic_t
    - afs: Fix use-after-free due to get/remove race in volume tree
    - ASoC: hdmi-codec: fix missing report for jack initial status
    - i2c: aspeed: Handle the coalesced stop conditions with the start conditions.
    - pinctrl: at91-pio4: use dedicated lock class for IRQ
    - gpiolib: cdev: add gpio_device locking wrapper around gpio_ioctl()
    - ksmbd: fix wrong name of SMB2_CREATE_ALLOCATION_SIZE
    - drm/i915/mtl: limit second scaler vertical scaling in ver >= 14
    - drm/i915: Relocate intel_atomic_setup_scalers()
    - drm/i915: Fix intel_atomic_setup_scalers() plane_state handling
    - smb: client: fix NULL deref in asn1_ber_decoder()
    - smb: client: fix OOB in smb2_query_reparse_point()
    - interconnect: Treat xlate() returning NULL node as an error
    - iio: imu: inv_mpu6050: fix an error code problem in inv_mpu6050_read_raw
    - Input: ipaq-micro-keys - add error handling for devm_kmemdup
    - scsi: bnx2fc: Fix skb double free in bnx2fc_rcv()
    - iio: common: ms_sensors: ms_sensors_i2c: fix humidity conversion time table
    - iio: adc: ti_am335x_adc: Fix return value check of tiadc_request_dma()
    - iio: triggered-buffer: prevent possible freeing of wrong buffer
    - ALSA: usb-audio: Increase delay in MOTU M quirk
    - wifi: cfg80211: Add my certificate
    - wifi: cfg80211: fix certs build to not depend on file order
    - USB: serial: ftdi_sio: update Actisense PIDs constant names
    - USB: serial: option: add Quectel EG912Y module support
    - USB: serial: option: add Foxconn T99W265 with new baseline
    - USB: serial: option: add Quectel RM500Q R13 firmware support
    - Bluetooth: hci_event: Fix not checking if HCI_OP_INQUIRY has been sent
    - Bluetooth: MGMT/SMP: Fix address type when using SMP over BREDR/LE
    - Input: soc_button_array - add mapping for airplane mode button
    - net: 9p: avoid freeing uninit memory in p9pdu_vreadf
    - net: rfkill: gpio: set GPIO direction
    - net: ks8851: Fix TX stall caused by TX buffer overrun
    - dt-bindings: nvmem: mxs-ocotp: Document fsl,ocotp
    - scsi: core: Always send batch on reset or error handling command
    - tracing / synthetic: Disable events after testing in
      synth_event_gen_test_init()
    - bus: ti-sysc: Flush posted write only after srst_udelay
    - gpio: dwapb: mask/unmask IRQ when disable/enale it
    - lib/vsprintf: Fix %pfwf when current node refcount == 0
    - KVM: arm64: vgic: Force vcpu vgic teardown on vcpu destroy
    - x86/alternatives: Sync core before enabling interrupts
    - fuse: share lookup state between submount and its parent
    - ksmbd: have a dependency on cifs ARC4
    - ksmbd: set epoch in create context v2 lease
    - ksmbd: set v2 lease capability
    - ksmbd: downgrade RWH lease caching state to RH for directory
    - ksmbd: send v2 lease break notification for directory
    - ksmbd: lazy v2 lease break on smb2_write()
    - ksmbd: avoid duplicate opinfo_put() call on error of smb21_lease_break_ack()
    - ksmbd: fix wrong allocation size update in smb2_open()
    - ARM: dts: Fix occasional boot hang for am3 usb
    - usb: fotg210-hcd: delete an incorrect bounds test
    - ethernet: constify references to netdev->dev_addr in drivers
    - net: usb: ax88179_178a: clean up pm calls
    - net: usb: ax88179_178a: wol optimizations
    - net: usb: ax88179_178a: avoid failed operations when device is disconnected
    - device property: Add const qualifier to device_get_match_data() parameter
    - spi: Introduce spi_get_device_match_data() helper
    - iio: imu: adis16475: add spi_device_id table
    - smb: client: fix OOB in SMB2_query_info_init()
    - mm/filemap: avoid buffered read/write race to read inconsistent data
    - ring-buffer: Fix wake ups when buffer_percent is set to 100
    - tracing: Fix blocked reader of snapshot buffer
    - ring-buffer: Remove useless update to write_stamp in rb_try_to_discard()
    - ring-buffer: Fix slowpath of interrupted event
    - dm-integrity: don't modify bio's immutable bio_vec in integrity_metadata()
    - device property: Allow const parameter to dev_fwnode()
    - bpf: Fix prog_array_map_poke_run map poke update
    - Linux 5.15.146

* CVE-2023-46838
    - xen-netback: don't produce zero-size SKB frags

* CVE-2024-1086
    - netfilter: nf_tables: reject QUEUE/DROP verdict parameters

* disable Intel DMA remapping by default (LP: #1971699)
    - [Config] update tracking bug for CONFIG_INTEL_IOMMU_DEFAULT_ON

* Validate connection interval to pass Bluetooth Test Suite (LP: #2052005)
    - Bluetooth: Enforce validation on max value of connection interval

* Jammy update: v5.15.145 upstream stable release (LP: #2052406)
    - ksmbd: use ksmbd_req_buf_next() in ksmbd_verify_smb_message()
    - ksmdb: use cmd helper variable in smb2_get_ksmbd_tcon()
    - ksmbd: Remove redundant 'flush_workqueue()' calls
    - ksmbd: remove md4 leftovers
    - ksmbd: remove smb2_buf_length in smb2_hdr
    - ksmbd: remove smb2_buf_length in smb2_transform_hdr
    - ksmbd: change LeaseKey data type to u8 array
    - ksmbd: use oid registry functions to decode OIDs
    - ksmbd: Remove unused parameter from smb2_get_name()
    - ksmbd: Remove unused fields from ksmbd_file struct definition
    - ksmbd: set both ipv4 and ipv6 in FSCTL_QUERY_NETWORK_INTERFACE_INFO
    - ksmbd: Fix buffer_check_err() kernel-doc comment
    - ksmbd: Fix smb2_set_info_file() kernel-doc comment
    - ksmbd: Delete an invalid argument description in
      smb2_populate_readdir_entry()
    - ksmbd: Fix smb2_get_name() kernel-doc comment
    - ksmbd: register ksmbd ib client with ib_register_client()
    - ksmbd: set 445 port to smbdirect port by default
    - ksmbd: smbd: call rdma_accept() under CM handler
    - ksmbd: smbd: create MR pool
    - ksmbd: smbd: change the default maximum read/write, receive size
    - ksmbd: smbd: fix missing client's memory region invalidation
    - ksmbd: smbd: validate buffer descriptor structures
    - ksmbd: add support for key exchange
    - ksmbd: use netif_is_bridge_port
    - ksmbd: store fids as opaque u64 integers
    - ksmbd: shorten experimental warning on loading the module
    - ksmbd: Remove a redundant zeroing of memory
    - ksmbd: replace usage of found with dedicated list iterator variable
    - smb3: fix ksmbd bigendian bug in oplock break, and move its struct to
      smbfs_common
    - ksmbd: remove filename in ksmbd_file
    - ksmbd: smbd: change prototypes of RDMA read/write related functions
    - ksmbd: smbd: introduce read/write credits for RDMA read/write
    - ksmbd: smbd: simplify tracking pending packets
    - ksmbd: smbd: change the return value of get_sg_list
    - ksmbd: smbd: handle multiple Buffer descriptors
    - ksmbd: fix wrong smbd max read/write size check
    - ksmbd: Fix some kernel-doc comments
    - ksmbd: smbd: fix connection dropped issue
    - ksmbd: smbd: relax the count of sges required
    - ksmbd: smbd: Remove useless license text when SPDX-License-Identifier is
      already used
    - ksmbd: remove duplicate flag set in smb2_write
    - ksmbd: remove unused ksmbd_share_configs_cleanup function
    - ksmbd: use wait_event instead of schedule_timeout()
    - ksmbd: request update to stale share config
    - ksmbd: remove unnecessary generic_fillattr in smb2_open
    - ksmbd: don't open-code file_path()
    - ksmbd: don't open-code %pD
    - ksmbd: constify struct path
    - ksmbd: remove generic_fillattr use in smb2_open()
    - ksmbd: casefold utf-8 share names and fix ascii lowercase conversion
    - ksmbd: change security id to the one samba used for posix extension
    - ksmbd: set file permission mode to match Samba server posix extension
      behavior
    - ksmbd: fill sids in SMB_FIND_FILE_POSIX_INFO response
    - ksmbd: fix encryption failure issue for session logoff response
    - ksmbd: set NTLMSSP_NEGOTIATE_SEAL flag to challenge blob
    - ksmbd: decrease the number of SMB3 smbdirect server SGEs
    - ksmbd: reduce server smbdirect max send/receive segment sizes
    - ksmbd: hide socket error message when ipv6 config is disable
    - ksmbd: make utf-8 file name comparison work in __caseless_lookup()
    - ksmbd: call ib_drain_qp when disconnected
    - ksmbd: validate share name from share config response
    - ksmbd: replace one-element arrays with flexible-array members
    - ksmbd: set SMB2_SESSION_FLAG_ENCRYPT_DATA when enforcing data encryption for
      this share
    - ksmbd: use F_SETLK when unlocking a file
    - ksmbd: Fix resource leak in smb2_lock()
    - ksmbd: Convert to use sysfs_emit()/sysfs_emit_at() APIs
    - ksmbd: send proper error response in smb2_tree_connect()
    - ksmbd: Implements sess->rpc_handle_list as xarray
    - ksmbd: fix typo, syncronous->synchronous
    - ksmbd: Remove duplicated codes
    - ksmbd: update Kconfig to note Kerberos support and fix indentation
    - ksmbd: Fix spelling mistake "excceed" -> "exceeded"
    - ksmbd: Fix parameter name and comment mismatch
    - ksmbd: fix possible memory leak in smb2_lock()
    - ksmbd: fix wrong signingkey creation when encryption is AES256
    - ksmbd: remove unused is_char_allowed function
    - ksmbd: delete asynchronous work from list
    - ksmbd: fix slab-out-of-bounds in init_smb2_rsp_hdr
    - ksmbd: avoid out of bounds access in decode_preauth_ctxt()
    - ksmbd: set NegotiateContextCount once instead of every inc
    - ksmbd: avoid duplicate negotiate ctx offset increments
    - ksmbd: remove unused compression negotiate ctx packing
    - fs: introduce lock_rename_child() helper
    - ksmbd: fix racy issue from using ->d_parent and ->d_name
    - ksmbd: destroy expired sessions
    - ksmbd: block asynchronous requests when making a delay on session setup
    - ksmbd: fix racy issue from smb2 close and logoff with multichannel
    - ksmbd: fix racy issue under cocurrent smb2 tree disconnect
    - ksmbd: fix uninitialized pointer read in ksmbd_vfs_rename()
    - ksmbd: fix uninitialized pointer read in smb2_create_link()
    - ksmbd: fix multiple out-of-bounds read during context decoding
    - ksmbd: fix UAF issue from opinfo->conn
    - ksmbd: call putname after using the last component
    - ksmbd: fix out-of-bound read in deassemble_neg_contexts()
    - ksmbd: fix out-of-bound read in parse_lease_state()
    - ksmbd: fix posix_acls and acls dereferencing possible ERR_PTR()
    - ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
    - ksmbd: validate smb request protocol id
    - ksmbd: add mnt_want_write to ksmbd vfs functions
    - ksmbd: remove unused ksmbd_tree_conn_share function
    - ksmbd: use kzalloc() instead of __GFP_ZERO
    - ksmbd: return a literal instead of 'err' in ksmbd_vfs_kern_path_locked()
    - ksmbd: Change the return value of ksmbd_vfs_query_maximal_access to void
    - ksmbd: use kvzalloc instead of kvmalloc
    - ksmbd: Replace the ternary conditional operator with min()
    - ksmbd: fix out of bounds read in smb2_sess_setup
    - ksmbd: add missing compound request handing in some commands
    - ksmbd: Use struct_size() helper in ksmbd_negotiate_smb_dialect()
    - ksmbd: Replace one-element array with flexible-array member
    - ksmbd: Fix unsigned expression compared with zero
    - ksmbd: check if a mount point is crossed during path lookup
    - ksmbd: validate session id and tree id in compound request
    - ksmbd: fix out of bounds in init_smb2_rsp_hdr()
    - ksmbd: switch to use kmemdup_nul() helper
    - ksmbd: add support for read compound
    - ksmbd: fix wrong interim response on compound
    - ksmbd: fix `force create mode' and `force directory mode'
    - ksmbd: reduce descriptor size if remaining bytes is less than request size
    - ksmbd: Fix one kernel-doc comment
    - ksmbd: fix slub overflow in ksmbd_decode_ntlmssp_auth_blob()
    - ksmbd: add missing calling smb2_set_err_rsp() on error
    - ksmbd: remove experimental warning
    - ksmbd: remove unneeded mark_inode_dirty in set_info_sec()
    - ksmbd: fix passing freed memory 'aux_payload_buf'
    - ksmbd: return invalid parameter error response if smb2 request is invalid
    - ksmbd: check iov vector index in ksmbd_conn_write()
    - ksmbd: fix race condition between session lookup and expire
    - ksmbd: fix race condition with fp
    - ksmbd: fix race condition from parallel smb2 logoff requests
    - ksmbd: fix race condition from parallel smb2 lock requests
    - ksmbd: fix race condition between tree conn lookup and disconnect
    - ksmbd: fix wrong error response status by using set_smb2_rsp_status()
    - ksmbd: fix Null pointer dereferences in ksmbd_update_fstate()
    - ksmbd: fix potential double free on smb2_read_pipe() error path
    - ksmbd: Remove unused field in ksmbd_user struct
    - ksmbd: reorganize ksmbd_iov_pin_rsp()
    - ksmbd: fix kernel-doc comment of ksmbd_vfs_setxattr()
    - ksmbd: fix recursive locking in vfs helpers
    - ksmbd: fix missing RDMA-capable flag for IPoIB device in
      ksmbd_rdma_capable_netdev()
    - ksmbd: add support for surrogate pair conversion
    - ksmbd: no need to wait for binded connection termination at logoff
    - ksmbd: fix kernel-doc comment of ksmbd_vfs_kern_path_locked()
    - ksmbd: handle malformed smb1 message
    - ksmbd: prevent memory leak on error return
    - ksmbd: fix possible deadlock in smb2_open
    - ksmbd: separately allocate ci per dentry
    - ksmbd: move oplock handling after unlock parent dir
    - ksmbd: release interim response after sending status pending response
    - ksmbd: move setting SMB2_FLAGS_ASYNC_COMMAND and AsyncId
    - ksmbd: don't update ->op_state as OPLOCK_STATE_NONE on error
    - tracing/kprobes: Return EADDRNOTAVAIL when func matches several symbols
    - kasan: disable kasan_non_canonical_hook() for HW tags
    - Linux 5.15.145

* Jammy update: v5.15.144 upstream stable release (LP: #2052404)
    - r8152: add vendor/device ID pair for D-Link DUB-E250
    - r8152: add vendor/device ID pair for ASUS USB-C2500
    - netfilter: nf_tables: fix 'exist' matching on bigendian arches
    - mm/memory_hotplug: handle memblock_add_node() failures in
      add_memory_resource()
    - memblock: allow to specify flags with memblock_add_node()
    - MIPS: Loongson64: Handle more memory types passed from firmware
    - ksmbd: fix memory leak in smb2_lock()
    - afs: Fix refcount underflow from error handling race
    - HID: lenovo: Restrict detection of patched firmware only to USB cptkbd
    - net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX
    - qca_debug: Prevent crash on TX ring changes
    - qca_debug: Fix ethtool -G iface tx behavior
    - qca_spi: Fix reset behavior
    - atm: solos-pci: Fix potential deadlock on &cli_queue_lock
    - atm: solos-pci: Fix potential deadlock on &tx_queue_lock
    - net: vlan: introduce skb_vlan_eth_hdr()
    - net: fec: correct queue selection
    - octeontx2-af: fix a use-after-free in rvu_nix_register_reporters
    - octeontx2-pf: Fix promisc mcam entry action
    - octeontx2-af: Update RSS algorithm index
    - qed: Fix a potential use-after-free in qed_cxt_tables_alloc
    - net: Remove acked SYN flag from packet in the transmit queue correctly
    - net: ena: Destroy correct number of xdp queues upon failure
    - net: ena: Fix xdp drops handling due to multibuf packets
    - net: ena: Fix XDP redirection error
    - stmmac: dwmac-loongson: Make sure MDIO is initialized before use
    - sign-file: Fix incorrect return values check
    - vsock/virtio: Fix unsigned integer wrap around in
      virtio_transport_has_space()
    - dpaa2-switch: fix size of the dma_unmap
    - net: stmmac: use dev_err_probe() for reporting mdio bus registration failure
    - net: stmmac: Handle disabled MDIO busses from devicetree
    - net: atlantic: fix double free in ring reinit logic
    - cred: switch to using atomic_long_t
    - fuse: dax: set fc->dax to NULL in fuse_dax_conn_free()
    - ALSA: hda/hdmi: add force-connect quirk for NUC5CPYB
    - ALSA: hda/hdmi: add force-connect quirks for ASUSTeK Z170 variants
    - ALSA: hda/realtek: Apply mute LED quirk for HP15-db
    - PCI: loongson: Limit MRRS to 256
    - drm/mediatek: Add spinlock for setting vblank event in atomic_begin
    - usb: aqc111: check packet for fixup for true limit
    - stmmac: dwmac-loongson: Add architecture dependency
    - [Config] updateconfigs for CONFIG_DWMAC_LOONGSON
    - blk-throttle: fix lockdep warning of "cgroup_mutex or RCU read lock
      required!"
    - blk-cgroup: bypass blkcg_deactivate_policy after destroying
    - bcache: avoid oversize memory allocation by small stripe_size
    - bcache: remove redundant assignment to variable cur_idx
    - bcache: add code comments for bch_btree_node_get() and
      __bch_btree_node_alloc()
    - bcache: avoid NULL checking to c->root in run_cache_set()
    - platform/x86: intel_telemetry: Fix kernel doc descriptions
    - HID: glorious: fix Glorious Model I HID report
    - HID: add ALWAYS_POLL quirk for Apple kb
    - HID: hid-asus: reset the backlight brightness level on resume
    - HID: multitouch: Add quirk for HONOR GLO-GXXX touchpad
    - asm-generic: qspinlock: fix queued_spin_value_unlocked() implementation
    - net: usb: qmi_wwan: claim interface 4 for ZTE MF290
    - HID: hid-asus: add const to read-only outgoing usb buffer
    - btrfs: do not allow non subvolume root targets for snapshot
    - soundwire: stream: fix NULL pointer dereference for multi_link
    - ext4: prevent the normalized size from exceeding EXT_MAX_BLOCKS
    - arm64: mm: Always make sw-dirty PTEs hw-dirty in pte_modify
    - team: Fix use-after-free when an option instance allocation fails
    - drm/amdgpu/sdma5.2: add begin/end_use ring callbacks
    - ring-buffer: Fix memory leak of free page
    - tracing: Update snapshot buffer on resize if it is allocated
    - ring-buffer: Do not update before stamp when switching sub-buffers
    - ring-buffer: Have saved event hold the entire event
    - ring-buffer: Fix writing to the buffer with max_data_size
    - ring-buffer: Fix a race in rb_time_cmpxchg() for 32 bit archs
    - ring-buffer: Do not try to put back write_stamp
    - USB: gadget: core: adjust uevent timing on gadget unbind
    - powerpc/ftrace: Create a dummy stackframe to fix stack unwind
    - powerpc/ftrace: Fix stack teardown in ftrace_no_trace
    - r8152: avoid to change cfg for all devices
    - r8152: remove rtl_vendor_mode function
    - r8152: fix the autosuspend doesn't work
    - Linux 5.15.144

* CVE-2023-32247
    - ksmbd: destroy expired sessions

* CVE-2024-22705
    - ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()

-- Stefan Bader <stefan.bader@canonical.com>  Tue, 05 Mar 2024 16:22:39 +0100

Changed in linux (Ubuntu Jammy):
status:	Fix Committed → Fix Released

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2024-04-08:

#8

This bug is awaiting verification that the linux-intel-iotg/5.15.0-1052.58 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy-linux-intel-iotg' to 'verification-done-jammy-linux-intel-iotg'. If the problem still exists, change the tag 'verification-needed-jammy-linux-intel-iotg' to 'verification-failed-jammy-linux-intel-iotg'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-jammy-linux-intel-iotg-v2 verification-needed-jammy-linux-intel-iotg

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2024-04-08:

#9

This bug is awaiting verification that the linux-bluefield/5.15.0-1040.42 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy-linux-bluefield' to 'verification-done-jammy-linux-bluefield'. If the problem still exists, change the tag 'verification-needed-jammy-linux-bluefield' to 'verification-failed-jammy-linux-bluefield'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-jammy-linux-bluefield-v2 verification-needed-jammy-linux-bluefield

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2024-04-08:

#10

This bug is awaiting verification that the linux-oracle-5.15/5.15.0-1055.61~20.04.1 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal-linux-oracle-5.15' to 'verification-done-focal-linux-oracle-5.15'. If the problem still exists, change the tag 'verification-needed-focal-linux-oracle-5.15' to 'verification-failed-focal-linux-oracle-5.15'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-focal-linux-oracle-5.15-v2 verification-needed-focal-linux-oracle-5.15

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2024-04-15:

#11

This bug is awaiting verification that the linux-nvidia-tegra-igx/5.15.0-1010.10 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy-linux-nvidia-tegra-igx' to 'verification-done-jammy-linux-nvidia-tegra-igx'. If the problem still exists, change the tag 'verification-needed-jammy-linux-nvidia-tegra-igx' to 'verification-failed-jammy-linux-nvidia-tegra-igx'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-jammy-linux-nvidia-tegra-igx-v2 verification-needed-jammy-linux-nvidia-tegra-igx

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2024-04-26:

#12

This bug is awaiting verification that the linux-xilinx-zynqmp/5.15.0-1029.33 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy-linux-xilinx-zynqmp' to 'verification-done-jammy-linux-xilinx-zynqmp'. If the problem still exists, change the tag 'verification-needed-jammy-linux-xilinx-zynqmp' to 'verification-failed-jammy-linux-xilinx-zynqmp'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-jammy-linux-xilinx-zynqmp-v2 verification-needed-jammy-linux-xilinx-zynqmp

Ubuntu
linux package

block/loop: No longer allows to create partitions

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Affects		Status	Importance	Assigned to	Milestone
	linux (Ubuntu)	Invalid	Medium	Unassigned
	Jammy	Fix Released	Medium	Stefan Bader

Ubuntulinux package

block/loop: No longer allows to create partitions

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Ubuntu
linux package