Bug #1979435 “jammy/linux-intel-iotg: 5.15.0-1011.15 -proposed t...” : Series prepare-package-lrm : Bugs : Kernel SRU Workflow

Stefan Bader (smb) on 2022-06-22

tags:	added: kernel-release-tracking-bug-live
description:	updated
tags:	added: kernel-sru-cycle-2022.06.20-1
description:	updated
tags:	added: kernel-sru-derivative-of-1979448
Changed in kernel-sru-workflow:
status:	New → Confirmed
importance:	Undecided → Medium

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-06-22

Changed in linux-intel-iotg (Ubuntu Jammy):
importance:	Undecided → Medium
Changed in kernel-sru-workflow:
status:	Confirmed → Triaged

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-06-22

description:	updated
Changed in kernel-sru-workflow:
status:	Triaged → In Progress
tags:	added: kernel-jira-issue-ksru-2773

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-06-22

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-06-22

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-06-24

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-06-27

description:

updated

Jian Hui Lee (jianhuilee) on 2022-07-01

summary:

- jammy/linux-intel-iotg: <version to be filled> -proposed tracker
+ jammy/linux-intel-iotg: 5.15.0-1011.15 -proposed tracker

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-07-01

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-07-01

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-07-04

tags:

added: kernel-jira-in-review

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-07-04

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-07-04

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-07-05

tags:	removed: kernel-jira-in-review
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-07-05

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-07-06

description:	updated
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-07-06

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-07-06

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-07-06

description:	updated
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-07-06

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-07-06

description:	updated
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-07-06

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-07-06

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-07-06

description:

updated

Andy Whitcroft (apw) on 2022-07-06

tags:

added: kernel-signing-bot

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-07-06

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-07-06

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-07-06

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-07-06

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-07-06

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-07-06

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-07-06

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-07-06

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-07-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-07-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-07-14

description:

updated

Jian Hui Lee (jianhuilee) on 2022-07-19

tags:

added: verification-testing-passed

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-07-19

description:

updated

Revision history for this message

Launchpad Janitor (janitor) wrote on 2022-08-09:

#1

Download full text (46.2 KiB)

This bug was fixed in the package linux-intel-iotg - 5.15.0-1013.17

---------------
linux-intel-iotg (5.15.0-1013.17) jammy; urgency=medium

* CVE-2022-29900 // CVE-2022-29901
- [Config]: Enable speculation mitigations

[ Ubuntu: 5.15.0-46.49 ]

  * CVE-2022-2585
    - SAUCE: posix-cpu-timers: Cleanup CPU timers before freeing them during exec
  * CVE-2022-2586
    - SAUCE: netfilter: nf_tables: do not allow SET_ID to refer to another table
    - SAUCE: netfilter: nf_tables: do not allow CHAIN_ID to refer to another table
    - SAUCE: netfilter: nf_tables: do not allow RULE_ID to refer to another chain
  * CVE-2022-2588
    - SAUCE: net_sched: cls_route: remove from list when handle is 0

[ Ubuntu: 5.15.0-45.48 ]

  * CVE-2022-29900 // CVE-2022-29901
    - x86/lib/atomic64_386_32: Rename things
    - x86: Prepare asm files for straight-line-speculation
    - x86: Prepare inline-asm for straight-line-speculation
    - x86/alternative: Relax text_poke_bp() constraint
    - kbuild: move objtool_args back to scripts/Makefile.build
    - x86: Add straight-line-speculation mitigation
    - kvm/emulate: Fix SETcc emulation function offsets with SLS
    - crypto: x86/poly1305 - Fixup SLS
    - objtool: Add straight-line-speculation validation
    - objtool: Fix SLS validation for kcov tail-call replacement
    - objtool: Fix objtool regression on x32 systems
    - objtool: Fix symbol creation
    - objtool: Introduce CFI hash
    - objtool: Default ignore INT3 for unreachable
    - x86, kvm: use proper ASM macros for kvm_vcpu_is_preempted
    - x86/traps: Use pt_regs directly in fixup_bad_iret()
    - x86/entry: Switch the stack after error_entry() returns
    - x86/entry: Move PUSH_AND_CLEAR_REGS out of error_entry()
    - x86/entry: Don't call error_entry() for XENPV
    - x86/entry: Remove skip_r11rcx
    - x86/realmode: build with -D__DISABLE_EXPORTS
    - x86/ibt,ftrace: Make function-graph play nice
    - x86/kvm/vmx: Make noinstr clean
    - x86/cpufeatures: Move RETPOLINE flags to word 11
    - x86/retpoline: Cleanup some #ifdefery
    - x86/retpoline: Swizzle retpoline thunk
    - x86/retpoline: Use -mfunction-return
    - x86: Undo return-thunk damage
    - x86,objtool: Create .return_sites
    - objtool: skip non-text sections when adding return-thunk sites
    - x86,static_call: Use alternative RET encoding
    - x86/ftrace: Use alternative RET encoding
    - x86/bpf: Use alternative RET encoding
    - x86/kvm: Fix SETcc emulation for return thunks
    - x86/vsyscall_emu/64: Don't use RET in vsyscall emulation
    - x86/sev: Avoid using __x86_return_thunk
    - x86: Use return-thunk in asm code
    - x86/entry: Avoid very early RET
    - objtool: Treat .text.__x86.* as noinstr
    - x86: Add magic AMD return-thunk
    - x86/bugs: Report AMD retbleed vulnerability
    - x86/bugs: Add AMD retbleed= boot parameter
    - x86/bugs: Enable STIBP for JMP2RET
    - x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value
    - x86/entry: Add kernel IBRS implementation
    - x86/bugs: Optimize SPEC_CTRL MSR writes
    - x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS
    - x86/bugs: Split spectre_v2_select_mitigation() and
     ...

This bug was fixed in the package linux-intel-iotg - 5.15.0-1013.17

---------------
linux-intel-iotg (5.15.0-1013.17) jammy; urgency=medium

* CVE-2022-29900 // CVE-2022-29901
    - [Config]: Enable speculation mitigations

[ Ubuntu: 5.15.0-46.49 ]

* CVE-2022-2585
    - SAUCE: posix-cpu-timers: Cleanup CPU timers before freeing them during exec
  * CVE-2022-2586
    - SAUCE: netfilter: nf_tables: do not allow SET_ID to refer to another table
    - SAUCE: netfilter: nf_tables: do not allow CHAIN_ID to refer to another table
    - SAUCE: netfilter: nf_tables: do not allow RULE_ID to refer to another chain
  * CVE-2022-2588
    - SAUCE: net_sched: cls_route: remove from list when handle is 0

[ Ubuntu: 5.15.0-45.48 ]

* CVE-2022-29900 // CVE-2022-29901
    - x86/lib/atomic64_386_32: Rename things
    - x86: Prepare asm files for straight-line-speculation
    - x86: Prepare inline-asm for straight-line-speculation
    - x86/alternative: Relax text_poke_bp() constraint
    - kbuild: move objtool_args back to scripts/Makefile.build
    - x86: Add straight-line-speculation mitigation
    - kvm/emulate: Fix SETcc emulation function offsets with SLS
    - crypto: x86/poly1305 - Fixup SLS
    - objtool: Add straight-line-speculation validation
    - objtool: Fix SLS validation for kcov tail-call replacement
    - objtool: Fix objtool regression on x32 systems
    - objtool: Fix symbol creation
    - objtool: Introduce CFI hash
    - objtool: Default ignore INT3 for unreachable
    - x86, kvm: use proper ASM macros for kvm_vcpu_is_preempted
    - x86/traps: Use pt_regs directly in fixup_bad_iret()
    - x86/entry: Switch the stack after error_entry() returns
    - x86/entry: Move PUSH_AND_CLEAR_REGS out of error_entry()
    - x86/entry: Don't call error_entry() for XENPV
    - x86/entry: Remove skip_r11rcx
    - x86/realmode: build with -D__DISABLE_EXPORTS
    - x86/ibt,ftrace: Make function-graph play nice
    - x86/kvm/vmx: Make noinstr clean
    - x86/cpufeatures: Move RETPOLINE flags to word 11
    - x86/retpoline: Cleanup some #ifdefery
    - x86/retpoline: Swizzle retpoline thunk
    - x86/retpoline: Use -mfunction-return
    - x86: Undo return-thunk damage
    - x86,objtool: Create .return_sites
    - objtool: skip non-text sections when adding return-thunk sites
    - x86,static_call: Use alternative RET encoding
    - x86/ftrace: Use alternative RET encoding
    - x86/bpf: Use alternative RET encoding
    - x86/kvm: Fix SETcc emulation for return thunks
    - x86/vsyscall_emu/64: Don't use RET in vsyscall emulation
    - x86/sev: Avoid using __x86_return_thunk
    - x86: Use return-thunk in asm code
    - x86/entry: Avoid very early RET
    - objtool: Treat .text.__x86.* as noinstr
    - x86: Add magic AMD return-thunk
    - x86/bugs: Report AMD retbleed vulnerability
    - x86/bugs: Add AMD retbleed= boot parameter
    - x86/bugs: Enable STIBP for JMP2RET
    - x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value
    - x86/entry: Add kernel IBRS implementation
    - x86/bugs: Optimize SPEC_CTRL MSR writes
    - x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS
    - x86/bugs: Split spectre_v2_select_mitigation() and
      spectre_v2_user_select_mitigation()
    - x86/bugs: Report Intel retbleed vulnerability
    - intel_idle: Disable IBRS during long idle
    - objtool: Update Retpoline validation
    - x86/xen: Rename SYS* entry points
    - x86/xen: Add UNTRAIN_RET
    - x86/bugs: Add retbleed=ibpb
    - x86/bugs: Do IBPB fallback check only once
    - objtool: Add entry UNRET validation
    - x86/cpu/amd: Add Spectral Chicken
    - x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n
    - x86/speculation: Fix firmware entry SPEC_CTRL handling
    - x86/speculation: Fix SPEC_CTRL write on SMT state change
    - x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit
    - x86/speculation: Remove x86_spec_ctrl_mask
    - objtool: Re-add UNWIND_HINT_{SAVE_RESTORE}
    - KVM: VMX: Flatten __vmx_vcpu_run()
    - KVM: VMX: Convert launched argument to flags
    - KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS
    - KVM: VMX: Fix IBRS handling after vmexit
    - x86/speculation: Fill RSB on vmexit for IBRS
    - KVM: VMX: Prevent RSB underflow before vmenter
    - x86/common: Stamp out the stepping madness
    - x86/cpu/amd: Enumerate BTC_NO
    - x86/retbleed: Add fine grained Kconfig knobs
    - x86/bugs: Add Cannon lake to RETBleed affected CPU list
    - x86/entry: Move PUSH_AND_CLEAR_REGS() back into error_entry
    - x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported
    - x86/kexec: Disable RET on kexec
    - x86/speculation: Disable RRSBA behavior
    - [Config]: Enable speculation mitigations
    - x86/static_call: Serialize __static_call_fixup() properly
    - x86/asm/32: Fix ANNOTATE_UNRET_SAFE use on 32-bit
    - x86/bugs: Mark retbleed_strings static
    - x86/entry: Remove UNTRAIN_RET from native_irq_return_ldt
    - x86/kvm: fix FASTOP_SIZE when return thunks are enabled
    - x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current
    - KVM: emulate: do not adjust size of fastop and setcc subroutines
    - x86/bugs: Remove apostrophe typo
    - efi/x86: use naked RET on mixed mode call wrapper

linux-intel-iotg (5.15.0-1012.16) jammy; urgency=medium

* jammy/linux-intel-iotg: 5.15.0-1012.16 -proposed tracker (LP: #1981226)

* CVE-2022-29900 // CVE-2022-29901
    - [Config] intel-iotg: Enable speculation mitigations

* Ubuntu 22.04 and 20.04 DPC Fixes for Failure Cases of DownPort Containment
    events (LP: #1965241)
    - [Config] intel-iotg: Enable config option CONFIG_PCIE_EDR

* AMD ACP 6.x DMIC Supports (LP: #1949245)
    - [Config] intel-iotg: drop AMD ACP 6 DMIC Support

[ Ubuntu: 5.15.0-43.46 ]

* jammy/linux: 5.15.0-43.46 -proposed tracker (LP: #1981243)
  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2022.07.11)
  * nbd: requests can become stuck when disconnecting from server with qemu-nbd
    (LP: #1896350)
    - nbd: don't handle response without a corresponding request message
    - nbd: make sure request completion won't concurrent
    - nbd: don't clear 'NBD_CMD_INFLIGHT' flag if request is not completed
    - nbd: fix io hung while disconnecting device
  * Ubuntu 22.04 and 20.04 DPC Fixes for Failure Cases of DownPort Containment
    events (LP: #1965241)
    - PCI/portdrv: Rename pm_iter() to pcie_port_device_iter()
    - PCI: pciehp: Ignore Link Down/Up caused by error-induced Hot Reset
    - [Config] Enable config option CONFIG_PCIE_EDR
  * [SRU] Ubuntu 22.04 Feature Request-Add support for a NVMe-oF-TCP CDC Client
    - TP 8010 (LP: #1948626)
    - nvme: add CNTRLTYPE definitions for 'identify controller'
    - nvme: send uevent on connection up
    - nvme: expose cntrltype and dctype through sysfs
  * [UBUNTU 22.04] Kernel oops while removing device from cio_ignore list
    (LP: #1980951)
    - s390/cio: derive cdev information only for IO-subchannels
  * Jammy Charmed OpenStack deployment fails over connectivity issues when using
    converged OVS bridge for control and data planes (LP: #1978820)
    - net/mlx5e: TC NIC mode, fix tc chains miss table
  * Hairpin traffic does not work with centralized NAT gw (LP: #1967856)
    - net: openvswitch: fix misuse of the cached connection on tuple changes
  * alsa: asoc: amd: the internal mic can't be dedected on yellow carp machines
    (LP: #1980700)
    - ASoC: amd: Add driver data to acp6x machine driver
    - ASoC: amd: Add support for enabling DMIC on acp6x via _DSD
  * AMD ACP 6.x DMIC Supports (LP: #1949245)
    - ASoC: amd: add Yellow Carp ACP6x IP register header
    - ASoC: amd: add Yellow Carp ACP PCI driver
    - ASoC: amd: add acp6x init/de-init functions
    - ASoC: amd: add platform devices for acp6x pdm driver and dmic driver
    - ASoC: amd: add acp6x pdm platform driver
    - ASoC: amd: add acp6x irq handler
    - ASoC: amd: add acp6x pdm driver dma ops
    - ASoC: amd: add acp6x pci driver pm ops
    - ASoC: amd: add acp6x pdm driver pm ops
    - ASoC: amd: enable Yellow carp acp6x drivers build
    - ASoC: amd: create platform device for acp6x machine driver
    - ASoC: amd: add YC machine driver using dmic
    - ASoC: amd: enable Yellow Carp platform machine driver build
    - ASoC: amd: fix uninitialized variable in snd_acp6x_probe()
    - [Config] Enable AMD ACP 6 DMIC Support
  * [UBUNTU 20.04] Include patches to avoid self-detected stall with Secure
    Execution (LP: #1979296)
    - KVM: s390: pv: add macros for UVC CC values
    - KVM: s390: pv: avoid stalls when making pages secure
  * [22.04 FEAT] KVM: Attestation support for Secure Execution (crypto)
    (LP: #1959973)
    - drivers/s390/char: Add Ultravisor io device
    - s390/uv_uapi: depend on CONFIG_S390
    - [Config] CONFIG_S390_UV_UAPI=y for s390x
  * CVE-2022-1679
    - SAUCE: ath9k: fix use-after-free in ath9k_hif_usb_rx_cb
  * CVE-2022-28893
    - SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()
    - SUNRPC: Don't leak sockets in xs_local_connect()
  * CVE-2022-34918
    - netfilter: nf_tables: stricter validation of element data
  * CVE-2022-1652
    - floppy: use a statically allocated error counter

linux-intel-iotg (5.15.0-1011.15) jammy; urgency=medium

* jammy/linux-intel-iotg: 5.15.0-1011.15 -proposed tracker (LP: #1979435)

* disable Intel DMA remapping by default (LP: #1971699)
    - [Config] updateconfigs for Intel DMA remapping

* IPU6 camera has no function on Andrews MLK (LP: #1964983)
    - [Config] updateconfigs for OV02C10

* Support Intel IPU6 MIPI camera on Alder Lake platforms (LP: #1955383)
    - [Config] updateconfigs for intel visual sensing controller(VSC) driver
    - [Config] updateconfigs for IPU6

* Jammy update: v5.15.37 upstream stable release (LP: #1976135)
    - [Config] updateconfigs for BLK_DEV_FD_RAWCMD

[ Ubuntu: 5.15.0-41.44 ]

* jammy/linux: 5.15.0-41.44 -proposed tracker (LP: #1979448)
  * Fix can't boot up after change to vmd  (LP: #1976587)
    - PCI: vmd: Assign VMD IRQ domain before enumeration
    - PCI: vmd: Revert 2565e5b69c44 ("PCI: vmd: Do not disable MSI-X remapping if
      interrupt remapping is enabled by IOMMU.")
  * [SRU][Jammy/OEM-5.17][PATCH 0/1] Fix calltrace in mac80211 (LP: #1978297)
    - mac80211: fix struct ieee80211_tx_info size
  * [SRU][Jammy][PATCH 0/1] Fix amd display corruption on s2idle resume
    (LP: #1978244)
    - drm/amd/display: Don't reinitialize DMCUB on s0ix resume
  * pl2303 serial adapter not recognized (LP: #1967493)
    - USB: serial: pl2303: fix type detection for odd device
  * Remove SAUCE patches from test_vxlan_under_vrf.sh in net of
    ubuntu_kernel_selftests (LP: #1975691)
    - Revert "UBUNTU: SAUCE: selftests: net: Don't fail test_vxlan_under_vrf on
      xfail"
    - Revert "UBUNTU: SAUCE: selftests: net: Make test for VXLAN underlay in non-
      default VRF an expected failure"
  * Fix hp_wmi_read_int() reporting error (0x05) (LP: #1979051)
    - platform/x86: hp-wmi: Fix hp_wmi_read_int() reporting error (0x05)
  * Request to back port vmci patches to Ubuntu kernel (LP: #1978145)
    - VMCI: dma dg: whitespace formatting change for vmci register defines
    - VMCI: dma dg: add MMIO access to registers
    - VMCI: dma dg: detect DMA datagram capability
    - VMCI: dma dg: set OS page size
    - VMCI: dma dg: register dummy IRQ handlers for DMA datagrams
    - VMCI: dma dg: allocate send and receive buffers for DMA datagrams
    - VMCI: dma dg: add support for DMA datagrams sends
    - VMCI: dma dg: add support for DMA datagrams receive
    - VMCI: Fix some error handling paths in vmci_guest_probe_device()
    - VMCI: Release notification_bitmap in error path
    - VMCI: Check exclusive_vectors when freeing interrupt 1
    - VMCI: Add support for ARM64
    - [Config] Update policies for VMWARE_VMCI and VMWARE_VMCI_VSOCKETS
  * [UBUNTU 20.04] rcu stalls with many storage key guests (LP: #1975582)
    - s390/gmap: voluntarily schedule during key setting
    - s390/mm: use non-quiescing sske for KVM switch to keyed guest
  * [SRU][OEM-5.14/OEM-5.17/Jammy][PATCH 0/1] Fix i915 calltrace on new ADL BIOS
    (LP: #1976214)
    - drm/i915: update new TMDS clock setting defined by VBT
  * Revert PPC get_user workaround (LP: #1976248)
    - powerpc: Export mmu_feature_keys[] as non-GPL
  * Jammy update: v5.15.39 upstream stable release (LP: #1978240)
    - MIPS: Fix CP0 counter erratum detection for R4k CPUs
    - parisc: Merge model and model name into one line in /proc/cpuinfo
    - ALSA: hda/realtek: Add quirk for Yoga Duet 7 13ITL6 speakers
    - ALSA: fireworks: fix wrong return count shorter than expected by 4 bytes
    - mmc: sdhci-msm: Reset GCC_SDCC_BCR register for SDHC
    - mmc: sunxi-mmc: Fix DMA descriptors allocated above 32 bits
    - mmc: core: Set HS clock speed before sending HS CMD13
    - gpiolib: of: fix bounds check for 'gpio-reserved-ranges'
    - x86/fpu: Prevent FPU state corruption
    - KVM: x86/svm: Account for family 17h event renumberings in
      amd_pmc_perf_hw_id
    - iommu/vt-d: Calculate mask for non-aligned flushes
    - iommu/arm-smmu-v3: Fix size calculation in arm_smmu_mm_invalidate_range()
    - drm/amd/display: Avoid reading audio pattern past AUDIO_CHANNELS_COUNT
    - drm/amdgpu: do not use passthrough mode in Xen dom0
    - RISC-V: relocate DTB if it's outside memory region
    - Revert "SUNRPC: attempt AF_LOCAL connect on setup"
    - timekeeping: Mark NMI safe time accessors as notrace
    - firewire: fix potential uaf in outbound_phy_packet_callback()
    - firewire: remove check of list iterator against head past the loop body
    - firewire: core: extend card->lock in fw_core_handle_bus_reset
    - net: stmmac: disable Split Header (SPH) for Intel platforms
    - genirq: Synchronize interrupt thread startup
    - ASoC: da7219: Fix change notifications for tone generator frequency
    - ASoC: wm8958: Fix change notifications for DSP controls
    - ASoC: meson: Fix event generation for AUI ACODEC mux
    - ASoC: meson: Fix event generation for G12A tohdmi mux
    - ASoC: meson: Fix event generation for AUI CODEC mux
    - s390/dasd: fix data corruption for ESE devices
    - s390/dasd: prevent double format of tracks for ESE devices
    - s390/dasd: Fix read for ESE with blksize < 4k
    - s390/dasd: Fix read inconsistency for ESE DASD devices
    - can: grcan: grcan_close(): fix deadlock
    - can: isotp: remove re-binding of bound socket
    - can: grcan: use ofdev->dev when allocating DMA memory
    - can: grcan: grcan_probe(): fix broken system id check for errata workaround
      needs
    - can: grcan: only use the NAPI poll budget for RX
    - nfc: replace improper check device_is_registered() in netlink related
      functions
    - nfc: nfcmrvl: main: reorder destructive operations in
      nfcmrvl_nci_unregister_dev to avoid bugs
    - NFC: netlink: fix sleep in atomic bug when firmware download timeout
    - gpio: visconti: Fix fwnode of GPIO IRQ
    - gpio: pca953x: fix irq_stat not updated when irq is disabled (irq_mask not
      set)
    - hwmon: (adt7470) Fix warning on module removal
    - hwmon: (pmbus) disable PEC if not enabled
    - ASoC: dmaengine: Restore NULL prepare_slave_config() callback
    - ASoC: soc-ops: fix error handling
    - iommu/vt-d: Drop stop marker messages
    - iommu/dart: check return value after calling platform_get_resource()
    - net/mlx5e: Fix trust state reset in reload
    - net/mlx5e: Don't match double-vlan packets if cvlan is not set
    - net/mlx5e: CT: Fix queued up restore put() executing after relevant ft
      release
    - net/mlx5e: Fix the calling of update_buffer_lossy() API
    - net/mlx5: Avoid double clear or set of sync reset requested
    - net/mlx5: Fix deadlock in sync reset flow
    - selftests/seccomp: Don't call read() on TTY from background pgrp
    - SUNRPC release the transport of a relocated task with an assigned transport
    - RDMA/siw: Fix a condition race issue in MPA request processing
    - RDMA/irdma: Flush iWARP QP if modified to ERR from RTR state
    - RDMA/irdma: Reduce iWARP QP destroy time
    - RDMA/irdma: Fix possible crash due to NULL netdev in notifier
    - NFSv4: Don't invalidate inode attributes on delegation return
    - net: ethernet: mediatek: add missing of_node_put() in mtk_sgmii_init()
    - net: dsa: mt7530: add missing of_node_put() in mt7530_setup()
    - net: stmmac: dwmac-sun8i: add missing of_node_put() in
      sun8i_dwmac_register_mdio_mux()
    - net: mdio: Fix ENOMEM return value in BCM6368 mux bus controller
    - net: cpsw: add missing of_node_put() in cpsw_probe_dt()
    - net: igmp: respect RCU rules in ip_mc_source() and ip_mc_msfilter()
    - net: emaclite: Add error handling for of_address_to_resource()
    - selftests/net: so_txtime: fix parsing of start time stamp on 32 bit systems
    - selftests/net: so_txtime: usage(): fix documentation of default clock
    - drm/msm/dp: remove fail safe mode related code
    - btrfs: do not BUG_ON() on failure to update inode when setting xattr
    - hinic: fix bug of wq out of bound access
    - mld: respect RCU rules in ip6_mc_source() and ip6_mc_msfilter()
    - rxrpc: Enable IPv6 checksums on transport socket
    - selftests: mirror_gre_bridge_1q: Avoid changing PVID while interface is
      operational
    - bnxt_en: Fix possible bnxt_open() failure caused by wrong RFS flag
    - bnxt_en: Fix unnecessary dropping of RX packets
    - selftests: ocelot: tc_flower_chains: specify conform-exceed action for
      policer
    - smsc911x: allow using IRQ0
    - btrfs: force v2 space cache usage for subpage mount
    - btrfs: always log symlinks in full mode
    - gpio: mvebu: drop pwm base assignment
    - kvm: x86/cpuid: Only provide CPUID leaf 0xA if host has architectural PMU
    - net/mlx5: Fix slab-out-of-bounds while reading resource dump menu
    - net/mlx5e: Lag, Fix use-after-free in fib event handler
    - net/mlx5e: Lag, Fix fib_info pointer assignment
    - net/mlx5e: Lag, Don't skip fib events on current dst
    - iommu/dart: Add missing module owner to ops structure
    - kvm: selftests: do not use bitfields larger than 32-bits for PTEs
    - KVM: selftests: Silence compiler warning in the kvm_page_table_test
    - x86/kvm: Preserve BSP MSR_KVM_POLL_CONTROL across suspend/resume
    - KVM: x86: Do not change ICR on write to APIC_SELF_IPI
    - KVM: x86/mmu: avoid NULL-pointer dereference on page freeing bugs
    - KVM: LAPIC: Enable timer posted-interrupt only when mwait/hlt is advertised
    - selftest/vm: verify mmap addr in mremap_test
    - selftest/vm: verify remap destination address in mremap_test
    - Revert "parisc: Mark sched_clock unstable only if clocks are not
      syncronized"
    - rcu: Fix callbacks processing time limit retaining cond_resched()
    - rcu: Apply callbacks processing time limit only on softirq
    - PCI: pci-bridge-emul: Add description for class_revision field
    - PCI: pci-bridge-emul: Add definitions for missing capabilities registers
    - PCI: aardvark: Add support for DEVCAP2, DEVCTL2, LNKCAP2 and LNKCTL2
      registers on emulated bridge
    - PCI: aardvark: Clear all MSIs at setup
    - PCI: aardvark: Comment actions in driver remove method
    - PCI: aardvark: Disable bus mastering when unbinding driver
    - PCI: aardvark: Mask all interrupts when unbinding driver
    - PCI: aardvark: Fix memory leak in driver unbind
    - PCI: aardvark: Assert PERST# when unbinding driver
    - PCI: aardvark: Disable link training when unbinding driver
    - PCI: aardvark: Disable common PHY when unbinding driver
    - PCI: aardvark: Replace custom PCIE_CORE_INT_* macros with PCI_INTERRUPT_*
    - PCI: aardvark: Check return value of generic_handle_domain_irq() when
      processing INTx IRQ
    - PCI: aardvark: Make MSI irq_chip structures static driver structures
    - PCI: aardvark: Make msi_domain_info structure a static driver structure
    - PCI: aardvark: Use dev_fwnode() instead of of_node_to_fwnode(dev->of_node)
    - PCI: aardvark: Refactor unmasking summary MSI interrupt
    - PCI: aardvark: Add support for masking MSI interrupts
    - PCI: aardvark: Fix setting MSI address
    - PCI: aardvark: Enable MSI-X support
    - PCI: aardvark: Add support for ERR interrupt on emulated bridge
    - PCI: aardvark: Optimize writing PCI_EXP_RTCTL_PMEIE and PCI_EXP_RTSTA_PME on
      emulated bridge
    - PCI: aardvark: Add support for PME interrupts
    - PCI: aardvark: Fix support for PME requester on emulated bridge
    - PCI: aardvark: Use separate INTA interrupt for emulated root bridge
    - PCI: aardvark: Remove irq_mask_ack() callback for INTx interrupts
    - PCI: aardvark: Don't mask irq when mapping
    - PCI: aardvark: Drop __maybe_unused from advk_pcie_disable_phy()
    - PCI: aardvark: Update comment about link going down after link-up
    - Linux 5.15.39
  * Jammy update: v5.15.38 upstream stable release (LP: #1978234)
    - usb: mtu3: fix USB 3.0 dual-role-switch from device to host
    - USB: quirks: add a Realtek card reader
    - USB: quirks: add STRING quirk for VCOM device
    - USB: serial: whiteheat: fix heap overflow in WHITEHEAT_GET_DTR_RTS
    - USB: serial: cp210x: add PIDs for Kamstrup USB Meter Reader
    - USB: serial: option: add support for Cinterion MV32-WA/MV32-WB
    - USB: serial: option: add Telit 0x1057, 0x1058, 0x1075 compositions
    - usb: xhci: tegra:Fix PM usage reference leak of
      tegra_xusb_unpowergate_partitions
    - xhci: Enable runtime PM on second Alderlake controller
    - xhci: stop polling roothubs after shutdown
    - xhci: increase usb U3 -> U0 link resume timeout from 100ms to 500ms
    - iio: dac: ad5592r: Fix the missing return value.
    - iio: dac: ad5446: Fix read_raw not returning set value
    - iio: magnetometer: ak8975: Fix the error handling in ak8975_power_on()
    - iio: imu: inv_icm42600: Fix I2C init possible nack
    - usb: misc: fix improper handling of refcount in uss720_probe()
    - usb: core: Don't hold the device lock while sleeping in do_proc_control()
    - usb: typec: ucsi: Fix reuse of completion structure
    - usb: typec: ucsi: Fix role swapping
    - usb: gadget: uvc: Fix crash when encoding data for usb request
    - usb: gadget: configfs: clear deactivation flag in
      configfs_composite_unbind()
    - usb: dwc3: Try usb-role-switch first in dwc3_drd_init
    - usb: dwc3: core: Fix tx/rx threshold settings
    - usb: dwc3: core: Only handle soft-reset in DCTL
    - usb: dwc3: gadget: Return proper request status
    - usb: dwc3: pci: add support for the Intel Meteor Lake-P
    - usb: cdns3: Fix issue for clear halt endpoint
    - usb: phy: generic: Get the vbus supply
    - serial: imx: fix overrun interrupts in DMA mode
    - serial: amba-pl011: do not time out prematurely when draining tx fifo
    - serial: 8250: Also set sticky MCR bits in console restoration
    - serial: 8250: Correct the clock for EndRun PTP/1588 PCIe device
    - arch_topology: Do not set llc_sibling if llc_id is invalid
    - ceph: fix possible NULL pointer dereference for req->r_session
    - bus: mhi: host: pci_generic: Add missing poweroff() PM callback
    - bus: mhi: host: pci_generic: Flush recovery worker during freeze
    - arm64: dts: imx8mm-venice: fix spi2 pin configuration
    - pinctrl: samsung: fix missing GPIOLIB on ARM64 Exynos config
    - hex2bin: make the function hex_to_bin constant-time
    - hex2bin: fix access beyond string end
    - riscv: patch_text: Fixup last cpu should be master
    - x86/pci/xen: Disable PCI/MSI[-X] masking for XEN_HVM guests
    - iocost: don't reset the inuse weight of under-weighted debtors
    - virtio_net: fix wrong buf address calculation when using xdp
    - cpufreq: qcom-hw: fix the race between LMH worker and cpuhp
    - cpufreq: qcom-cpufreq-hw: Fix throttle frequency value on EPSS platforms
    - video: fbdev: udlfb: properly check endpoint type
    - arm64: dts: meson: remove CPU opps below 1GHz for G12B boards
    - arm64: dts: meson: remove CPU opps below 1GHz for SM1 boards
    - iio:imu:bmi160: disable regulator in error path
    - mtd: rawnand: fix ecc parameters for mt7622
    - xsk: Fix l2fwd for copy mode + busy poll combo
    - arm64: dts: imx8qm: Correct SCU clock controller's compatible property
    - USB: Fix xhci event ring dequeue pointer ERDP update issue
    - ARM: dts: imx6qdl-apalis: Fix sgtl5000 detection issue
    - arm64: dts: imx8mn: Fix SAI nodes
    - arm64: dts: meson-sm1-bananapi-m5: fix wrong GPIO pin labeling for CON1
    - phy: samsung: Fix missing of_node_put() in exynos_sata_phy_probe
    - phy: samsung: exynos5250-sata: fix missing device put in probe error paths
    - ARM: OMAP2+: Fix refcount leak in omap_gic_of_init
    - bus: ti-sysc: Make omap3 gpt12 quirk handling SoC specific
    - ARM: dts: dra7: Fix suspend warning for vpe powerdomain
    - phy: ti: omap-usb2: Fix error handling in omap_usb2_enable_clocks
    - ARM: dts: at91: Map MCLK for wm8731 on at91sam9g20ek
    - ARM: dts: at91: sama5d4_xplained: fix pinctrl phandle name
    - ARM: dts: at91: fix pinctrl phandles
    - phy: mapphone-mdm6600: Fix PM error handling in phy_mdm6600_probe
    - phy: ti: Add missing pm_runtime_disable() in serdes_am654_probe
    - interconnect: qcom: sdx55: Drop IP0 interconnects
    - ARM: dts: Fix mmc order for omap3-gta04
    - ARM: dts: am3517-evm: Fix misc pinmuxing
    - ARM: dts: logicpd-som-lv: Fix wrong pinmuxing on OMAP35
    - ipvs: correctly print the memory size of ip_vs_conn_tab
    - phy: amlogic: fix error path in phy_g12a_usb3_pcie_probe()
    - pinctrl: mediatek: moore: Fix build error
    - mtd: rawnand: Fix return value check of wait_for_completion_timeout
    - mtd: fix 'part' field data corruption in mtd_info
    - pinctrl: stm32: Do not call stm32_gpio_get() for edge triggered IRQs in EOI
    - memory: renesas-rpc-if: Fix HF/OSPI data transfer in Manual Mode
    - net: dsa: Add missing of_node_put() in dsa_port_link_register_of
    - netfilter: nft_set_rbtree: overlap detection with element re-addition after
      deletion
    - bpf, lwt: Fix crash when using bpf_skb_set_tunnel_key() from bpf_xmit lwt
      hook
    - pinctrl: rockchip: fix RK3308 pinmux bits
    - tcp: md5: incorrect tcp_header_len for incoming connections
    - pinctrl: stm32: Keep pinctrl block clock enabled when LEVEL IRQ requested
    - tcp: ensure to use the most recently sent skb when filling the rate sample
    - wireguard: device: check for metadata_dst with skb_valid_dst()
    - sctp: check asoc strreset_chunk in sctp_generate_reconf_event
    - ARM: dts: imx6ull-colibri: fix vqmmc regulator
    - arm64: dts: imx8mn-ddr4-evk: Describe the 32.768 kHz PMIC clock
    - pinctrl: pistachio: fix use of irq_of_parse_and_map()
    - cpufreq: fix memory leak in sun50i_cpufreq_nvmem_probe
    - net: hns3: clear inited state and stop client after failed to register
      netdev
    - net: hns3: modify the return code of hclge_get_ring_chain_from_mbx
    - net: hns3: add validity check for message data length
    - net: hns3: add return value for mailbox handling in PF
    - net/smc: sync err code when tcp connection was refused
    - ip_gre: Make o_seqno start from 0 in native mode
    - ip6_gre: Make o_seqno start from 0 in native mode
    - ip_gre, ip6_gre: Fix race condition on o_seqno in collect_md mode
    - tcp: fix potential xmit stalls caused by TCP_NOTSENT_LOWAT
    - tcp: make sure treq->af_specific is initialized
    - bus: sunxi-rsb: Fix the return value of sunxi_rsb_device_create()
    - clk: sunxi: sun9i-mmc: check return value after calling
      platform_get_resource()
    - cpufreq: qcom-cpufreq-hw: Clear dcvs interrupts
    - net: bcmgenet: hide status block before TX timestamping
    - net: phy: marvell10g: fix return value on error
    - net: dsa: mv88e6xxx: Fix port_hidden_wait to account for port_base_addr
    - drm/sun4i: Remove obsolete references to PHYS_OFFSET
    - net: dsa: lantiq_gswip: Don't set GSWIP_MII_CFG_RMII_CLK
    - io_uring: check reserved fields for send/sendmsg
    - io_uring: check reserved fields for recv/recvmsg
    - netfilter: conntrack: fix udp offload timeout sysctl
    - drm/amdkfd: Fix GWS queue count
    - drm/amd/display: Fix memory leak in dcn21_clock_source_create
    - tls: Skip tls_append_frag on zero copy size
    - bnx2x: fix napi API usage sequence
    - net: fec: add missing of_node_put() in fec_enet_init_stop_mode()
    - gfs2: Prevent endless loops in gfs2_file_buffered_write
    - gfs2: Minor retry logic cleanup
    - gfs2: Make sure not to return short direct writes
    - gfs2: No short reads or writes upon glock contention
    - perf arm-spe: Fix addresses of synthesized SPE events
    - ixgbe: ensure IPsec VF<->PF compatibility
    - Revert "ibmvnic: Add ethtool private flag for driver-defined queue limits"
    - tcp: fix F-RTO may not work correctly when receiving DSACK
    - ASoC: Intel: soc-acpi: correct device endpoints for max98373
    - ASoC: wm8731: Disable the regulator when probing fails
    - ext4: fix bug_on in start_this_handle during umount filesystem
    - arch: xtensa: platforms: Fix deadlock in rs_close()
    - ksmbd: increment reference count of parent fp
    - ksmbd: set fixed sector size to FS_SECTOR_SIZE_INFORMATION
    - bonding: do not discard lowest hash bit for non layer3+4 hashing
    - x86: __memcpy_flushcache: fix wrong alignment if size > 2^32
    - cifs: destage any unwritten data to the server before calling
      copychunk_write
    - drivers: net: hippi: Fix deadlock in rr_close()
    - powerpc/perf: Fix 32bit compile
    - selftest/vm: verify mmap addr in mremap_test
    - selftest/vm: verify remap destination address in mremap_test
    - Revert "ACPI: processor: idle: fix lockup regression on 32-bit ThinkPad T40"
    - zonefs: Fix management of open zones
    - zonefs: Clear inode information flags on inode creation
    - kasan: prevent cpu_quarantine corruption when CPU offline and cache shrink
      occur at same time
    - mtd: rawnand: qcom: fix memory corruption that causes panic
    - netfilter: Update ip6_route_me_harder to consider L3 domain
    - drm/i915: Check EDID for HDR static metadata when choosing blc
    - drm/i915: Fix SEL_FETCH_PLANE_*(PIPE_B+) register addresses
    - net: ethernet: stmmac: fix write to sgmii_adapter_base
    - ACPI: processor: idle: Avoid falling back to C3 type C-states
    - thermal: int340x: Fix attr.show callback prototype
    - btrfs: fix leaked plug after failure syncing log on zoned filesystems
    - ARM: dts: at91: sama7g5ek: enable pull-up on flexcom3 console lines
    - ARM: dts: imx8mm-venice-gw{71xx,72xx,73xx}: fix OTG controller OC mode
    - x86/cpu: Load microcode during restore_processor_state()
    - perf symbol: Pass is_kallsyms to symbols__fixup_end()
    - perf symbol: Update symbols__fixup_end()
    - tty: n_gsm: fix restart handling via CLD command
    - tty: n_gsm: fix decoupled mux resource
    - tty: n_gsm: fix mux cleanup after unregister tty device
    - tty: n_gsm: fix wrong signal octet encoding in convergence layer type 2
    - tty: n_gsm: fix malformed counter for out of frame data
    - netfilter: nft_socket: only do sk lookups when indev is available
    - tty: n_gsm: fix insufficient txframe size
    - tty: n_gsm: fix wrong DLCI release order
    - tty: n_gsm: fix missing explicit ldisc flush
    - tty: n_gsm: fix wrong command retry handling
    - tty: n_gsm: fix wrong command frame length field encoding
    - tty: n_gsm: fix wrong signal octets encoding in MSC
    - tty: n_gsm: fix missing tty wakeup in convergence layer type 2
    - tty: n_gsm: fix reset fifo race condition
    - tty: n_gsm: fix incorrect UA handling
    - tty: n_gsm: fix software flow control handling
    - perf symbol: Remove arch__symbols__fixup_end()
    - eeprom: at25: Use DMA safe buffers
    - objtool: Fix code relocs vs weak symbols
    - objtool: Fix type of reloc::addend
    - powerpc/64: Add UADDR64 relocation support
    - Linux 5.15.38
  * Jammy update: v5.15.37 upstream stable release (LP: #1976135)
    - floppy: disable FDRAWCMD by default
    - [Config] updateconfigs for BLK_DEV_FD_RAWCMD
    - bpf: Introduce composable reg, ret and arg types.
    - bpf: Replace ARG_XXX_OR_NULL with ARG_XXX | PTR_MAYBE_NULL
    - bpf: Replace RET_XXX_OR_NULL with RET_XXX | PTR_MAYBE_NULL
    - bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL
    - bpf: Introduce MEM_RDONLY flag
    - bpf: Convert PTR_TO_MEM_OR_NULL to composable types.
    - bpf: Make per_cpu_ptr return rdonly PTR_TO_MEM.
    - bpf: Add MEM_RDONLY for helper args that are pointers to rdonly mem.
    - bpf/selftests: Test PTR_TO_RDONLY_MEM
    - bpf: Fix crash due to out of bounds access into reg2btf_ids.
    - spi: cadence-quadspi: fix write completion support
    - ARM: dts: socfpga: change qspi to "intel,socfpga-qspi"
    - mm: kfence: fix objcgs vector allocation
    - gup: Turn fault_in_pages_{readable,writeable} into
      fault_in_{readable,writeable}
    - iov_iter: Turn iov_iter_fault_in_readable into fault_in_iov_iter_readable
    - iov_iter: Introduce fault_in_iov_iter_writeable
    - gfs2: Add wrapper for iomap_file_buffered_write
    - gfs2: Clean up function may_grant
    - gfs2: Introduce flag for glock holder auto-demotion
    - gfs2: Move the inode glock locking to gfs2_file_buffered_write
    - gfs2: Eliminate ip->i_gh
    - gfs2: Fix mmap + page fault deadlocks for buffered I/O
    - iomap: Fix iomap_dio_rw return value for user copies
    - iomap: Support partial direct I/O on user copy failures
    - iomap: Add done_before argument to iomap_dio_rw
    - gup: Introduce FOLL_NOFAULT flag to disable page faults
    - iov_iter: Introduce nofault flag to disable page faults
    - gfs2: Fix mmap + page fault deadlocks for direct I/O
    - btrfs: fix deadlock due to page faults during direct IO reads and writes
    - btrfs: fallback to blocking mode when doing async dio over multiple extents
    - mm: gup: make fault_in_safe_writeable() use fixup_user_fault()
    - selftests/bpf: Add test for reg2btf_ids out of bounds access
    - Linux 5.15.37
  * CVE-2022-1789
    - KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID
  * Jammy update: v5.15.36 upstream stable release (LP: #1972905)
    - block: simplify the block device syncing code
    - xfs: return errors in xfs_fs_sync_fs
    - dma-mapping: remove bogus test for pfn_valid from dma_map_resource
    - arm64/mm: drop HAVE_ARCH_PFN_VALID
    - etherdevice: Adjust ether_addr* prototypes to silence -Wstringop-overead
    - mm: page_alloc: fix building error on -Werror=array-compare
    - perf tools: Fix segfault accessing sample_id xyarray
    - mm, kfence: support kmem_dump_obj() for KFENCE objects
    - gfs2: assign rgrp glock before compute_bitstructs
    - scsi: ufs: core: scsi_get_lba() error fix
    - ALSA: usb-audio: Clear MIDI port active flag after draining
    - ALSA: hda/realtek: Add quirk for Clevo NP70PNP
    - ASoC: atmel: Remove system clock tree configuration for at91sam9g20ek
    - ASoC: topology: Correct error handling in soc_tplg_dapm_widget_create()
    - ASoC: rk817: Use devm_clk_get() in rk817_platform_probe
    - ASoC: msm8916-wcd-digital: Check failure for devm_snd_soc_register_component
    - ASoC: codecs: wcd934x: do not switch off SIDO Buck when codec is in use
    - dmaengine: idxd: fix device cleanup on disable
    - dmaengine: imx-sdma: Fix error checking in sdma_event_remap
    - dmaengine: mediatek:Fix PM usage reference leak of
      mtk_uart_apdma_alloc_chan_resources
    - dmaengine: dw-edma: Fix unaligned 64bit access
    - spi: spi-mtk-nor: initialize spi controller after resume
    - esp: limit skb_page_frag_refill use to a single page
    - spi: cadence-quadspi: fix incorrect supports_op() return value
    - igc: Fix infinite loop in release_swfw_sync
    - igc: Fix BUG: scheduling while atomic
    - igc: Fix suspending when PTM is active
    - ALSA: hda/hdmi: fix warning about PCM count when used with SOF
    - rxrpc: Restore removed timer deletion
    - net/smc: Fix sock leak when release after smc_shutdown()
    - net/packet: fix packet_sock xmit return value checking
    - ip6_gre: Avoid updating tunnel->tun_hlen in __gre6_xmit()
    - ip6_gre: Fix skb_under_panic in __gre6_xmit()
    - net: restore alpha order to Ethernet devices in config
    - net/sched: cls_u32: fix possible leak in u32_init_knode()
    - l3mdev: l3mdev_master_upper_ifindex_by_index_rcu should be using
      netdev_master_upper_dev_get_rcu
    - ipv6: make ip6_rt_gc_expire an atomic_t
    - can: isotp: stop timeout monitoring when no first frame was sent
    - net: dsa: hellcreek: Calculate checksums in tagger
    - net: mscc: ocelot: fix broken IP multicast flooding
    - netlink: reset network and mac headers in netlink_dump()
    - drm/i915/display/psr: Unset enable_psr2_sel_fetch if other checks in
      intel_psr2_config_valid() fails
    - net: stmmac: Use readl_poll_timeout_atomic() in atomic state
    - dmaengine: idxd: add RO check for wq max_batch_size write
    - dmaengine: idxd: add RO check for wq max_transfer_size write
    - dmaengine: idxd: skip clearing device context when device is read-only
    - selftests: mlxsw: vxlan_flooding: Prevent flooding of unwanted packets
    - arm64: mm: fix p?d_leaf()
    - ARM: vexpress/spc: Avoid negative array index when !SMP
    - reset: renesas: Check return value of reset_control_deassert()
    - reset: tegra-bpmp: Restore Handle errors in BPMP response
    - platform/x86: samsung-laptop: Fix an unsigned comparison which can never be
      negative
    - ALSA: usb-audio: Fix undefined behavior due to shift overflowing the
      constant
    - drm/msm/disp: check the return value of kzalloc()
    - arm64: dts: imx: Fix imx8*-var-som touchscreen property sizes
    - vxlan: fix error return code in vxlan_fdb_append
    - cifs: Check the IOCB_DIRECT flag, not O_DIRECT
    - mt76: Fix undefined behavior due to shift overflowing the constant
    - brcmfmac: sdio: Fix undefined behavior due to shift overflowing the constant
    - dpaa_eth: Fix missing of_node_put in dpaa_get_ts_info()
    - drm/msm/mdp5: check the return of kzalloc()
    - net: macb: Restart tx only if queue pointer is lagging
    - scsi: iscsi: Release endpoint ID when its freed
    - scsi: iscsi: Merge suspend fields
    - scsi: iscsi: Fix NOP handling during conn recovery
    - scsi: qedi: Fix failed disconnect handling
    - stat: fix inconsistency between struct stat and struct compat_stat
    - VFS: filename_create(): fix incorrect intent.
    - nvme: add a quirk to disable namespace identifiers
    - nvme-pci: disable namespace identifiers for the MAXIO MAP1002/1202
    - nvme-pci: disable namespace identifiers for Qemu controllers
    - EDAC/synopsys: Read the error count from the correct register
    - mm/memory-failure.c: skip huge_zero_page in memory_failure()
    - memcg: sync flush only if periodic flush is delayed
    - mm, hugetlb: allow for "high" userspace addresses
    - oom_kill.c: futex: delay the OOM reaper to allow time for proper futex
      cleanup
    - mm/mmu_notifier.c: fix race in mmu_interval_notifier_remove()
    - ata: pata_marvell: Check the 'bmdma_addr' beforing reading
    - dma: at_xdmac: fix a missing check on list iterator
    - dmaengine: imx-sdma: fix init of uart scripts
    - net: atlantic: invert deep par in pm functions, preventing null derefs
    - Input: omap4-keypad - fix pm_runtime_get_sync() error checking
    - scsi: sr: Do not leak information in ioctl
    - sched/pelt: Fix attach_entity_load_avg() corner case
    - perf/core: Fix perf_mmap fail when CONFIG_PERF_USE_VMALLOC enabled
    - drm/panel/raspberrypi-touchscreen: Avoid NULL deref if not initialised
    - drm/panel/raspberrypi-touchscreen: Initialise the bridge in prepare
    - KVM: PPC: Fix TCE handling for VFIO
    - drm/vc4: Use pm_runtime_resume_and_get to fix pm_runtime_get_sync() usage
    - powerpc/perf: Fix power9 event alternatives
    - powerpc/perf: Fix power10 event alternatives
    - perf script: Always allow field 'data_src' for auxtrace
    - perf report: Set PERF_SAMPLE_DATA_SRC bit for Arm SPE event
    - xtensa: patch_text: Fixup last cpu should be master
    - xtensa: fix a7 clobbering in coprocessor context load/store
    - openvswitch: fix OOB access in reserve_sfa_size()
    - ASoC: soc-dapm: fix two incorrect uses of list iterator
    - e1000e: Fix possible overflow in LTR decoding
    - ARC: entry: fix syscall_trace_exit argument
    - arm_pmu: Validate single/group leader events
    - KVM: x86/pmu: Update AMD PMC sample period to fix guest NMI-watchdog
    - KVM: x86: Pend KVM_REQ_APICV_UPDATE during vCPU creation to fix a race
    - KVM: nVMX: Defer APICv updates while L2 is active until L1 is active
    - KVM: SVM: Flush when freeing encrypted pages even on SME_COHERENT CPUs
    - netfilter: conntrack: convert to refcount_t api
    - netfilter: conntrack: avoid useless indirection during conntrack destruction
    - ext4: fix fallocate to use file_modified to update permissions consistently
    - ext4: fix symlink file size not match to file content
    - ext4: fix use-after-free in ext4_search_dir
    - ext4, doc: fix incorrect h_reserved size
    - ext4: fix overhead calculation to account for the reserved gdt blocks
    - ext4: force overhead calculation if the s_overhead_cluster makes no sense
    - netfilter: nft_ct: fix use after free when attaching zone template
    - jbd2: fix a potential race while discarding reserved buffers after an abort
    - spi: atmel-quadspi: Fix the buswidth adjustment between spi-mem and
      controller
    - block/compat_ioctl: fix range check in BLKGETSIZE
    - arm64: dts: qcom: add IPA qcom,qmp property
    - Linux 5.15.36
  * Aquantia GbE LAN driver causes UBSAN error during kernel boot
    (LP: #1958770) // Jammy update: v5.15.36 upstream stable release
    (LP: #1972905)
    - net: atlantic: Avoid out-of-bounds indexing

[ Ubuntu: 5.15.0-40.43 ]

* jammy/linux: 5.15.0-40.43 -proposed tracker (LP: #1978610)
  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2022.05.30)
  * [SRU][OEM-5.14/OEM-5.17/J][PATCH 0/2] Fix system hangs after s2idle on AMD
    A+A GPU (LP: #1975804)
    - Revert "drm/amd/pm: keep the BACO feature enabled for suspend"
    - drm/amd: Don't reset dGPUs if the system is going to s2idle
  * [SRU][OEM-5.14/OEM-5.17/J][PATCH 0/1] Read the discovery registers for
    AMD_SFH (LP: #1975798)
    - HID: amd_sfh: Add support for sensor discovery
  * [UBUNTU 20.04] CPU-MF: add extended counter set definitions for new IBM z16
    (LP: #1974433)
    - s390/cpumf: add new extended counter set for IBM z16
  * [UBUNTU 20.04] KVM nesting support leaks too much memory, might result in
    stalls during cleanup (LP: #1974017)
    - KVM: s390: vsie/gmap: reduce gmap_rmap overhead
  * [UBUNTU 20.04] Null Pointer issue in nfs code running Ubuntu on IBM Z
    (LP: #1968096)
    - NFS: Fix up nfs_ctx_key_to_expire()
  * Fix REG_WAIT timeout for Yellow Carp (LP: #1971417)
    - drm/amd/display: Clear encoder assignments when state cleared.
    - drm/amd/display: fix stale info in link encoder assignment
    - drm/amd/display: Query all entries in assignment table during updates.
    - drm/amd/display: Initialise encoder assignment when initialising dc_state
  * Enable hotspot feature for Realtek 8821CE (LP: #1969326)
    - rtw88: Add update beacon flow for AP mode
    - rtw88: 8821c: Enable TX report for management frames
    - rtw88: do PHY calibration while starting AP
    - rtw88: 8821c: fix debugfs rssi value
    - rtw88: add ieee80211:sta_rc_update ops
  * prevent kernel panic with overlayfs + shiftfs (LP: #1973620)
    - SAUCE: overlayfs: prevent dereferencing struct file in ovl_vm_prfile_set()
  * disable Intel DMA remapping by default (LP: #1971699)
    - Revert "UBUNTU: [Config] enable Intel DMA remapping options by default"
  * Mute/mic LEDs no function on Elitebook 630 (LP: #1974111)
    - ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine
  * [Regression] Real-time Kernel Build Failure (LP: #1972899)
    - x86/mm: Include spinlock_t definition in pgtable.
  * build backport-iwlwifi-dkms as linux-modules-iwlwifi-ABI (LP: #1969434)
    - [Packaging] support standalone dkms module builds
    - [Packaging] drop do_<mod> arch specific configs
  * IPU6 camera has no function on Andrews MLK (LP: #1964983)
    - SAUCE: IPU6: 2022-03-11 alpha release for Andrews MLK
    - [Config] IPU6: enable OV02C10 sensor
    - SAUCE: IPU6: 2022-04-01 Andrews MLK PV release
    - SAUCE: spi: ljca: return when a sub-transaction first failed
    - SACUE: ljca: disable parallelly stub write
    - SAUCE: ljca: fix race condition issue in runtime PM
    - SAUCE: i2c-ljca: fix a null pointer access issue on tgl
    - SAUCE: ljca: fix a typo issue
    - SAUCE: ljca: assume stub enum failed as a warning
    - SAUCE: mei: cleanup header file including
    - SAUCE: intel_ulpss: Replaced by LJCA and remove
    - [Config] drop intel_ulpss in favor of by LJCA
  * multiple UBSAN warnings in Intel IPU6 camera driver at boot (LP: #1958006)
    - SAUCE: media: pci: intel: Avoid UBSAN warnings of index bound and shift
  * Support Intel IPU6 MIPI camera on Alder Lake platforms (LP: #1955383)
    - SAUCE: intel ipu drivers first release
    - SAUCE: IPU driver release WW48
    - SAUCE: IPU driver release WW48 with MCU
    - SAUCE: IPU driver release WW52
    - SAUCE: IPU driver release WW04
    - SAUCE: IPU driver release WW14
    - SAUCE: Fix ov01a1s output mirror issue
    - SAUCE: integrate IPU6 builds
    - [Config] updateconfigs for IPU6 driver
    - SAUCE: Fix ov01a1s IQ issues
    - SAUCE: intel/ipu6: Remove unnecessary video devices
    - SAUCE: change power control driver to acpi driver
    - SAUCE: IPU6 driver release for kernel 5.13
    - SAUCE: sensor HM11b1 brightness bugfix
    - SAUCE: Fix build error on Kernel 5.13
    - SAUCE: IPU6 driver release for kernel 5.14 on 2021-11-01
    - [Config] IPU6: enable OV01A10 sensor
    - SAUCE: Fix build error for kernel 5.15
    - SAUCE: intel visual sensing controller(VSC) driver first release
    - [Config] ivsc: enable Intel VSC drivers
    - SAUCE: ivsc: return error when device not ready
    - SAUCE: ivsc: add soft dependencies for intel_vsc module
    - SAUCE: ljca: switch wait event to uninterruptible
    - SAUCE: mei-vsc: switch wait event to uninterruptible
    - SAUCE: mei_vsc: add ACPI HID for ADL
    - SAUCE: ljca: add multi ACPI HID support
    - SAUCE: ivsc: add delay for acquire camera to wait firmware ready
    - SAUCE: mei_vsc: distinguish platform with different camera sensor
    - SAUCE: i2c-ljca: fix a potential issue
    - SAUCE: ljca: disable autosuspend by default
    - [Config] make Intel IPU6 modules amd64 only
    - SAUCE: IPU6: drop unnecessary cflags manipulation

-- Thadeu Lima de Souza Cascardo <cascardo@canonical.com>  Fri, 05 Aug 2022 19:16:50 -0300

Changed in linux-intel-iotg (Ubuntu Jammy):
status:	New → Fix Released

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-08-10

Changed in kernel-sru-workflow:
status:	In Progress → Fix Committed

Kernel SRU Workflow

jammy/linux-intel-iotg: 5.15.0-1011.15 -proposed tracker

Bug Description

CVE References

Other bug subscribers

Remote bug watches

	Status	Importance	Assigned to
Kernel SRU Workflow	Fix Committed	Medium	Unassigned
Automated-testing	In Progress	Medium	Canonical Kernel Team
Boot-testing	Fix Released	Medium	Unassigned
Certification-testing	Invalid	Medium	Unassigned
New-review	Fix Released	Medium	Andy Whitcroft
Prepare-package	Fix Released	Medium	Jian Hui Lee
Prepare-package-lrg	Fix Released	Medium	Jian Hui Lee
Prepare-package-lrm	Fix Released	Medium	Jian Hui Lee
Prepare-package-lrs	Fix Released	Medium	Jian Hui Lee
Prepare-package-meta	Fix Released	Medium	Jian Hui Lee
Prepare-package-signed	Fix Released	Medium	Jian Hui Lee
Promote-signing-to-proposed	Invalid	Medium	Unassigned
Promote-to-proposed	Fix Released	Medium	Ubuntu Stable Release Updates Team
Promote-to-security	New	Medium	Ubuntu Stable Release Updates Team
Promote-to-updates	New	Medium	Ubuntu Stable Release Updates Team
Regression-testing	Fix Released	Medium	Canonical Kernel Team
Security-signoff	Fix Released	Medium	Steve Beattie
Sru-review	Fix Released	Medium	Andy Whitcroft
Verification-testing	Fix Released	Medium	Canonical Kernel Team
linux-intel-iotg (Ubuntu)
Jammy	Fix Released	Medium	Unassigned