Ubuntu
linux-kvm package

CONFIG options for (ipip, sit) should not be built-in to the KVM kernels

Bionic (18.04)
Bug #1899832

Bug #1899832 reported by Khaled El Mously on 2020-10-14

This bug affects 2 people

	Status	Importance	Assigned to
linux-kvm (Ubuntu)	Fix Released	Undecided	Khaled El Mously
Xenial	Fix Released	Undecided	Unassigned
Bionic	Fix Released	Undecided	Unassigned
Focal	Fix Released	Undecided	Unassigned
Groovy	Fix Released	Undecided	Unassigned

Bug Description

CONFIG_NET_IPIP and CONFIG_IPV6_SIT are set to =y in the -kvm kernels.

This means that they are always present in the kernel, and the virtual devices they created (tunl0 and sit0) are always present, even when not configured and not needed.

This is causing some issues for clouds that use the -kvm flavour, and there is no good reason for those configuration options to be =y anyway.

So they should be converted to =m instead.

[Regression potential]
- The only possible regression I can think of by compiling these as modules is the possibility that someone's boot setup somehow depended on IP tunneling. Such issues would need to be worked out by some initramfs means, etc.
- After this change, the modules (ipip.ko, sit.ko) are present in linux-modules.
- General consensus was that these options should have been =m all along.

See original description

CVE References

Khaled El Mously (kmously) on 2020-10-14

no longer affects:	cloud-images
Changed in linux-kvm (Ubuntu):
assignee:	nobody → Khaled El Mously (kmously)

Khaled El Mously (kmously) on 2020-10-15

description:

updated

Revision history for this message

Khaled El Mously (kmously) wrote on 2020-10-15:

SRU patches: https://lists.ubuntu.com/archives/kernel-team/2020-October/114076.html

Revision history for this message

Launchpad Janitor (janitor) wrote on 2020-10-15:

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in linux-kvm (Ubuntu):
status:	New → Confirmed

Khaled El Mously (kmously) on 2020-11-25

description:

updated

Khaled El Mously (kmously) on 2020-11-26

Changed in linux-kvm (Ubuntu Xenial):
status:	New → Fix Committed
Changed in linux-kvm (Ubuntu Bionic):
status:	New → Fix Committed
Changed in linux-kvm (Ubuntu Focal):
status:	New → Fix Committed
Changed in linux-kvm (Ubuntu Groovy):
status:	New → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2020-11-30:

Download full text (79.7 KiB)

This bug was fixed in the package linux-kvm - 5.4.0-1028.29

---------------
linux-kvm (5.4.0-1028.29) focal; urgency=medium

* focal/linux-kvm: 5.4.0-1028.29 -proposed tracker (LP: #1905659)

  * CONFIG options for (ipip, sit) should not be built-in to the KVM kernels
    (LP: #1899832)
    - [config] Set CONFIG_NET_IPIP and CONIG_IPV6_SIT =m

linux-kvm (5.4.0-1027.28) focal; urgency=medium

* focal/linux-kvm: 5.4.0-1027.28 -proposed tracker (LP: #1903168)

[ Ubuntu: 5.4.0-55.61 ]

This bug was fixed in the package linux-kvm - 5.4.0-1028.29

---------------
linux-kvm (5.4.0-1028.29) focal; urgency=medium

* focal/linux-kvm: 5.4.0-1028.29 -proposed tracker (LP: #1905659)

* CONFIG options for (ipip, sit) should not be built-in to the KVM kernels
    (LP: #1899832)
    - [config] Set CONFIG_NET_IPIP and CONIG_IPV6_SIT =m

linux-kvm (5.4.0-1027.28) focal; urgency=medium

* focal/linux-kvm: 5.4.0-1027.28 -proposed tracker (LP: #1903168)

[ Ubuntu: 5.4.0-55.61 ]

* focal/linux: 5.4.0-55.61 -proposed tracker (LP: #1903175)
  * Update kernel packaging to support forward porting kernels (LP: #1902957)
    - [Debian] Update for leader included in BACKPORT_SUFFIX
  * Avoid double newline when running insertchanges (LP: #1903293)
    - [Packaging] insertchanges: avoid double newline
  * EFI: Fails when BootCurrent entry does not exist (LP: #1899993)
    - efivarfs: Replace invalid slashes with exclamation marks in dentries.
  * CVE-2020-14351
    - perf/core: Fix race in the perf_mmap_close() function
  * raid10: Block discard is very slow, causing severe delays for mkfs and
    fstrim operations (LP: #1896578)
    - md: add md_submit_discard_bio() for submitting discard bio
    - md/raid10: extend r10bio devs to raid disks
    - md/raid10: pull codes that wait for blocked dev into one function
    - md/raid10: improve raid10 discard request
    - md/raid10: improve discard request for far layout
    - dm raid: fix discard limits for raid1 and raid10
    - dm raid: remove unnecessary discard limits for raid10
  * Bionic: btrfs: kernel BUG at /build/linux-
    eTBZpZ/linux-4.15.0/fs/btrfs/ctree.c:3233! (LP: #1902254)
    - btrfs: drop unnecessary offset_in_page in extent buffer helpers
    - btrfs: extent_io: do extra check for extent buffer read write functions
    - btrfs: extent-tree: kill BUG_ON() in __btrfs_free_extent()
    - btrfs: extent-tree: kill the BUG_ON() in insert_inline_extent_backref()
    - btrfs: ctree: check key order before merging tree blocks
  * Ethernet no link lights after reboot (Intel i225-v 2.5G) (LP: #1902578)
    - igc: Add PHY power management control
  * Undetected Data corruption in MPI workloads that use VSX for reductions on
    POWER9 DD2.1 systems (LP: #1902694)
    - powerpc: Fix undetected data corruption with P9N DD2.1 VSX CI load emulation
    - selftests/powerpc: Make alignment handler test P9N DD2.1 vector CI load
      workaround
  * [20.04 FEAT] Support/enhancement of NVMe IPL (LP: #1902179)
    - s390: nvme ipl
    - s390: nvme reipl
    - s390/ipl: support NVMe IPL kernel parameters
  * uvcvideo: add mapping for HEVC payloads (LP: #1895803)
    - media: uvcvideo: Add mapping for HEVC payloads
  * Focal update: v5.4.73 upstream stable release (LP: #1902115)
    - ibmveth: Switch order of ibmveth_helper calls.
    - ibmveth: Identify ingress large send packets.
    - ipv4: Restore flowi4_oif update before call to xfrm_lookup_route
    - mlx4: handle non-napi callers to napi_poll
    - net: fec: Fix phy_device lookup for phy_reset_after_clk_enable()
    - net: fec: Fix PHY init after phy_reset_after_clk_enable()
    - net: fix pos incrementment in ipv6_route_seq_next
    - net/smc: fix valid DMBE buffer sizes
    - net/tls: sendfile fails with ktls offload
    - net: usb: qmi_wwan: add Cellient MPL200 card
    - tipc: fix the skb_unshare() in tipc_buf_append()
    - socket: fix option SO_TIMESTAMPING_NEW
    - can: m_can_platform: don't call m_can_class_suspend in runtime suspend
    - can: j1935: j1939_tp_tx_dat_new(): fix missing initialization of skbcnt
    - net: j1939: j1939_session_fresh_new(): fix missing initialization of skbcnt
    - net/ipv4: always honour route mtu during forwarding
    - net_sched: remove a redundant goto chain check
    - r8169: fix data corruption issue on RTL8402
    - cxgb4: handle 4-tuple PEDIT to NAT mode translation
    - binder: fix UAF when releasing todo list
    - ALSA: bebob: potential info leak in hwdep_read()
    - ALSA: hda/hdmi: fix incorrect locking in hdmi_pcm_close
    - nvme-pci: disable the write zeros command for Intel 600P/P3100
    - chelsio/chtls: fix socket lock
    - chelsio/chtls: correct netdevice for vlan interface
    - chelsio/chtls: correct function return and return type
    - ibmvnic: save changed mac address to adapter->mac_addr
    - net: ftgmac100: Fix Aspeed ast2600 TX hang issue
    - net: hdlc: In hdlc_rcv, check to make sure dev is an HDLC device
    - net: hdlc_raw_eth: Clear the IFF_TX_SKB_SHARING flag after calling
      ether_setup
    - net: Properly typecast int values to set sk_max_pacing_rate
    - net/sched: act_tunnel_key: fix OOB write in case of IPv6 ERSPAN tunnels
    - nexthop: Fix performance regression in nexthop deletion
    - nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in
      nfc_genl_fw_download()
    - r8169: fix operation under forced interrupt threading
    - selftests: forwarding: Add missing 'rp_filter' configuration
    - tcp: fix to update snd_wl1 in bulk receiver fast path
    - icmp: randomize the global rate limiter
    - ALSA: hda/realtek - set mic to auto detect on a HP AIO machine
    - ALSA: hda/realtek - Add mute Led support for HP Elitebook 845 G7
    - ALSA: hda/realtek: Enable audio jacks of ASUS D700SA with ALC887
    - cifs: remove bogus debug code
    - cifs: Return the error from crypt_message when enc/dec key not found.
    - SMB3: Resolve data corruption of TCP server info fields
    - KVM: nVMX: Reset the segment cache when stuffing guest segs
    - KVM: nVMX: Reload vmcs01 if getting vmcs12's pages fails
    - KVM: x86/mmu: Commit zap of remaining invalid pages when recovering lpages
    - KVM: SVM: Initialize prev_ga_tag before use
    - ima: Don't ignore errors from crypto_shash_update()
    - crypto: algif_aead - Do not set MAY_BACKLOG on the async path
    - crypto: caam/qi - add fallback for XTS with more than 8B IV
    - EDAC/i5100: Fix error handling order in i5100_init_one()
    - EDAC/aspeed: Fix handling of platform_get_irq() error
    - EDAC/ti: Fix handling of platform_get_irq() error
    - perf/x86/intel/ds: Fix x86_pmu_stop warning for large PEBS
    - x86/fpu: Allow multiple bits in clearcpuid= parameter
    - drivers/perf: xgene_pmu: Fix uninitialized resource struct
    - drivers/perf: thunderx2_pmu: Fix memory resource error handling
    - sched/fair: Fix wrong cpu selecting from isolated domain
    - perf/x86/intel/uncore: Update Ice Lake uncore units
    - perf/x86/intel/uncore: Reduce the number of CBOX counters
    - x86/nmi: Fix nmi_handle() duration miscalculation
    - x86/events/amd/iommu: Fix sizeof mismatch
    - crypto: algif_skcipher - EBUSY on aio should be an error
    - crypto: mediatek - Fix wrong return value in mtk_desc_ring_alloc()
    - crypto: ixp4xx - Fix the size used in a 'dma_free_coherent()' call
    - crypto: picoxcell - Fix potential race condition bug
    - media: tuner-simple: fix regression in simple_set_radio_freq
    - media: Revert "media: exynos4-is: Add missed check for
      pinctrl_lookup_state()"
    - media: ov5640: Correct Bit Div register in clock tree diagram
    - media: m5mols: Check function pointer in m5mols_sensor_power
    - media: uvcvideo: Set media controller entity functions
    - media: uvcvideo: Silence shift-out-of-bounds warning
    - media: staging/intel-ipu3: css: Correctly reset some memory
    - media: omap3isp: Fix memleak in isp_probe
    - media: i2c: ov5640: Remain in power down for DVP mode unless streaming
    - media: i2c: ov5640: Separate out mipi configuration from s_power
    - media: i2c: ov5640: Enable data pins on poweron for DVP mode
    - media: rcar_drif: Fix fwnode reference leak when parsing DT
    - media: rcar_drif: Allocate v4l2_async_subdev dynamically
    - media: rcar-csi2: Allocate v4l2_async_subdev dynamically
    - crypto: omap-sham - fix digcnt register handling with export/import
    - hwmon: (pmbus/max34440) Fix status register reads for MAX344{51,60,61}
    - cypto: mediatek - fix leaks in mtk_desc_ring_alloc
    - media: mx2_emmaprp: Fix memleak in emmaprp_probe
    - media: tc358743: initialize variable
    - media: tc358743: cleanup tc358743_cec_isr
    - media: rcar-vin: Fix a reference count leak.
    - media: rockchip/rga: Fix a reference count leak.
    - media: platform: fcp: Fix a reference count leak.
    - media: camss: Fix a reference count leak.
    - media: s5p-mfc: Fix a reference count leak
    - media: stm32-dcmi: Fix a reference count leak
    - media: ti-vpe: Fix a missing check and reference count leak
    - regulator: resolve supply after creating regulator
    - pinctrl: bcm: fix kconfig dependency warning when !GPIOLIB
    - spi: spi-s3c64xx: swap s3c64xx_spi_set_cs() and s3c64xx_enable_datapath()
    - spi: spi-s3c64xx: Check return values
    - blk-mq: move cancel of hctx->run_work to the front of blk_exit_queue
    - ath10k: provide survey info as accumulated data
    - drm/vkms: fix xrgb on compute crc
    - Bluetooth: hci_uart: Cancel init work before unregistering
    - drm/amd/display: Fix wrong return value in dm_update_plane_state()
    - drm: panel: Fix bus format for OrtusTech COM43H4M85ULC panel
    - ath6kl: prevent potential array overflow in ath6kl_add_new_sta()
    - ath9k: Fix potential out of bounds in ath9k_htc_txcompletion_cb()
    - ath10k: Fix the size used in a 'dma_free_coherent()' call in an error
      handling path
    - wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680
    - ASoC: qcom: lpass-platform: fix memory leak
    - ASoC: qcom: lpass-cpu: fix concurrency issue
    - brcmfmac: check ndev pointer
    - mwifiex: Do not use GFP_KERNEL in atomic context
    - staging: rtl8192u: Do not use GFP_KERNEL in atomic context
    - drm/gma500: fix error check
    - scsi: qla4xxx: Fix an error handling path in 'qla4xxx_get_host_stats()'
    - scsi: qla2xxx: Fix wrong return value in qlt_chk_unresolv_exchg()
    - scsi: qla2xxx: Fix wrong return value in qla_nvme_register_hba()
    - scsi: csiostor: Fix wrong return value in csio_hw_prep_fw()
    - backlight: sky81452-backlight: Fix refcount imbalance on error
    - staging: emxx_udc: Fix passing of NULL to dma_alloc_coherent()
    - VMCI: check return value of get_user_pages_fast() for errors
    - mm/error_inject: Fix allow_error_inject function signatures.
    - drm: panel: Fix bpc for OrtusTech COM43H4M85ULC panel
    - drm/crc-debugfs: Fix memleak in crc_control_write
    - binder: Remove bogus warning on failed same-process transaction
    - tty: serial: earlycon dependency
    - pty: do tty_flip_buffer_push without port->lock in pty_write
    - pwm: lpss: Fix off by one error in base_unit math in pwm_lpss_prepare()
    - pwm: lpss: Add range limit check for the base_unit register value
    - drivers/virt/fsl_hypervisor: Fix error handling path
    - video: fbdev: vga16fb: fix setting of pixclock because a pass-by-value error
    - video: fbdev: sis: fix null ptr dereference
    - video: fbdev: radeon: Fix memleak in radeonfb_pci_register
    - ASoC: fsl: imx-es8328: add missing put_device() call in imx_es8328_probe()
    - HID: roccat: add bounds checking in kone_sysfs_write_settings()
    - drm/msm: Avoid div-by-zero in dpu_crtc_atomic_check()
    - drm/panfrost: Ensure GPU quirks are always initialised
    - iomap: Clear page error before beginning a write
    - pinctrl: mcp23s08: Fix mcp23x17_regmap initialiser
    - pinctrl: mcp23s08: Fix mcp23x17 precious range
    - net/mlx5: Don't call timecounter cyc2time directly from 1PPS flow
    - scsi: mpt3sas: Fix sync irqs
    - net: stmmac: use netif_tx_start|stop_all_queues() function
    - cpufreq: armada-37xx: Add missing MODULE_DEVICE_TABLE
    - drm: mxsfb: check framebuffer pitch
    - coresight: etm4x: Handle unreachable sink in perf mode
    - xhci: don't create endpoint debugfs entry before ring buffer is set.
    - net: dsa: rtl8366: Check validity of passed VLANs
    - net: dsa: rtl8366: Refactor VLAN/PVID init
    - net: dsa: rtl8366: Skip PVID setting if not requested
    - net: wilc1000: clean up resource in error path of init mon interface
    - ASoC: tlv320aic32x4: Fix bdiv clock rate derivation
    - net: dsa: rtl8366rb: Support all 4096 VLANs
    - spi: omap2-mcspi: Improve performance waiting for CHSTAT
    - ath6kl: wmi: prevent a shift wrapping bug in ath6kl_wmi_delete_pstream_cmd()
    - dmaengine: dmatest: Check list for emptiness before access its last entry
    - misc: mic: scif: Fix error handling path
    - ALSA: seq: oss: Avoid mutex lock for a long-time ioctl
    - usb: dwc2: Fix parameter type in function pointer prototype
    - quota: clear padding in v2r1_mem2diskdqb()
    - slimbus: core: check get_addr before removing laddr ida
    - slimbus: core: do not enter to clock pause mode in core
    - slimbus: qcom-ngd-ctrl: disable ngd in qmi server down callback
    - ASoC: fsl_sai: Instantiate snd_soc_dai_driver
    - HID: hid-input: fix stylus battery reporting
    - nvmem: core: fix possibly memleak when use nvmem_cell_info_to_nvmem_cell()
    - nl80211: fix OBSS PD min and max offset validation
    - coresight: etm: perf: Fix warning caused by etm_setup_aux failure
    - ibmvnic: set up 200GBPS speed
    - qtnfmac: fix resource leaks on unsupported iftype error return path
    - iio: adc: stm32-adc: fix runtime autosuspend delay when slow polling
    - net: enic: Cure the enic api locking trainwreck
    - mfd: sm501: Fix leaks in probe()
    - iwlwifi: mvm: split a print to avoid a WARNING in ROC
    - usb: gadget: f_ncm: fix ncm_bitrate for SuperSpeed and above.
    - usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well
    - nl80211: fix non-split wiphy information
    - usb: dwc2: Fix INTR OUT transfers in DDMA mode.
    - scsi: target: tcmu: Fix warning: 'page' may be used uninitialized
    - scsi: be2iscsi: Fix a theoretical leak in beiscsi_create_eqs()
    - ipmi_si: Fix wrong return value in try_smi_init()
    - platform/x86: mlx-platform: Remove PSU EEPROM configuration
    - mwifiex: fix double free
    - ipvs: clear skb->tstamp in forwarding path
    - net: korina: fix kfree of rx/tx descriptor array
    - netfilter: nf_log: missing vlan offload tag and proto
    - mm/swapfile.c: fix potential memory leak in sys_swapon
    - mm/memcg: fix device private memcg accounting
    - mm, oom_adj: don't loop through tasks in __set_oom_adj when not necessary
    - fs: fix NULL dereference due to data race in prepend_path()
    - selftests/ftrace: Change synthetic event name for inter-event-combined test
    - i3c: master add i3c_master_attach_boardinfo to preserve boardinfo
    - IB/mlx4: Fix starvation in paravirt mux/demux
    - IB/mlx4: Adjust delayed work when a dup is observed
    - powerpc/pseries: Fix missing of_node_put() in rng_init()
    - powerpc/icp-hv: Fix missing of_node_put() in success path
    - RDMA/ucma: Fix locking for ctx->events_reported
    - RDMA/ucma: Add missing locking around rdma_leave_multicast()
    - mtd: lpddr: fix excessive stack usage with clang
    - RDMA/hns: Add a check for current state before modifying QP
    - RDMA/umem: Fix signature of stub ib_umem_find_best_pgsz()
    - powerpc/pseries: explicitly reschedule during drmem_lmb list traversal
    - pseries/drmem: don't cache node id in drmem_lmb struct
    - RDMA/mlx5: Fix potential race between destroy and CQE poll
    - mtd: mtdoops: Don't write panic data twice
    - ARM: 9007/1: l2c: fix prefetch bits init in L2X0_AUX_CTRL using DT values
    - arc: plat-hsdk: fix kconfig dependency warning when !RESET_CONTROLLER
    - ida: Free allocated bitmap in error path
    - xfs: limit entries returned when counting fsmap records
    - xfs: fix deadlock and streamline xfs_getfsmap performance
    - xfs: fix high key handling in the rt allocator's query_range function
    - RDMA/umem: Fix ib_umem_find_best_pgsz() for mappings that cross a page
      boundary
    - RDMA/umem: Prevent small pages from being returned by
      ib_umem_find_best_pgsz()
    - RDMA/qedr: Fix qp structure memory leak
    - RDMA/qedr: Fix use of uninitialized field
    - RDMA/qedr: Fix return code if accept is called on a destroyed qp
    - RDMA/qedr: Fix inline size returned for iWARP
    - powerpc/book3s64/hash/4k: Support large linear mapping range with 4K
    - powerpc/tau: Use appropriate temperature sample interval
    - powerpc/tau: Convert from timer to workqueue
    - powerpc/tau: Remove duplicated set_thresholds() call
    - powerpc/tau: Check processor type before enabling TAU interrupt
    - powerpc/tau: Disable TAU between measurements
    - powerpc/64s/radix: Fix mm_cpumask trimming race vs kthread_use_mm
    - RDMA/cma: Remove dead code for kernel rdmacm multicast
    - RDMA/cma: Consolidate the destruction of a cma_multicast in one place
    - perf intel-pt: Fix "context_switch event has no tid" error
    - RDMA/hns: Set the unsupported wr opcode
    - RDMA/mlx5: Disable IB_DEVICE_MEM_MGT_EXTENSIONS if IB_WR_REG_MR can't work
    - i40iw: Add support to make destroy QP synchronous
    - perf stat: Skip duration_time in setup_system_wide
    - RDMA/hns: Fix the wrong value of rnr_retry when querying qp
    - RDMA/hns: Fix missing sq_sig_type when querying QP
    - mtd: rawnand: vf610: disable clk on error handling path in probe
    - mtd: spinand: gigadevice: Only one dummy byte in QUADIO
    - mtd: spinand: gigadevice: Add QE Bit
    - kdb: Fix pager search for multi-line strings
    - overflow: Include header file with SIZE_MAX declaration
    - RDMA/ipoib: Set rtnl_link_ops for ipoib interfaces
    - powerpc/perf: Exclude pmc5/6 from the irrelevant PMU group constraints
    - powerpc/perf/hv-gpci: Fix starting index value
    - i3c: master: Fix error return in cdns_i3c_master_probe()
    - cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_reboot_notifier
    - IB/rdmavt: Fix sizeof mismatch
    - RDMA/rxe: Fix skb lifetime in rxe_rcv_mcast_pkt()
    - maiblox: mediatek: Fix handling of platform_get_irq() error
    - selftests/powerpc: Fix eeh-basic.sh exit codes
    - f2fs: wait for sysfs kobject removal before freeing f2fs_sb_info
    - RDMA/rxe: Handle skb_clone() failure in rxe_recv.c
    - mm/page_owner: change split_page_owner to take a count
    - lib/crc32.c: fix trivial typo in preprocessor condition
    - ramfs: fix nommu mmap with gaps in the page cache
    - rapidio: fix error handling path
    - rapidio: fix the missed put_device() for rio_mport_add_riodev
    - mailbox: avoid timer start from callback
    - i2c: rcar: Auto select RESET_CONTROLLER
    - clk: meson: g12a: mark fclk_div2 as critical
    - PCI: aardvark: Check for errors from pci_bridge_emul_init() call
    - PCI: iproc: Set affinity mask on MSI interrupts
    - rpmsg: smd: Fix a kobj leak in in qcom_smd_parse_edge()
    - PCI/IOV: Mark VFs as not implementing PCI_COMMAND_MEMORY
    - vfio/pci: Decouple PCI_COMMAND_MEMORY bit checks from is_virtfn
    - clk: qcom: gcc-sdm660: Fix wrong parent_map
    - clk: keystone: sci-clk: fix parsing assigned-clock data during probe
    - pwm: img: Fix null pointer access in probe
    - clk: rockchip: Initialize hw to error to avoid undefined behavior
    - clk: mediatek: add UART0 clock support
    - module: statically initialize init section freeing data
    - clk: at91: clk-main: update key before writing AT91_CKGR_MOR
    - clk: bcm2835: add missing release if devm_clk_hw_register fails
    - watchdog: Fix memleak in watchdog_cdev_register
    - watchdog: Use put_device on error
    - watchdog: sp5100: Fix definition of EFCH_PM_DECODEEN3
    - svcrdma: fix bounce buffers for unaligned offsets and multiple pages
    - ext4: limit entries returned when counting fsmap records
    - vfio/pci: Clear token on bypass registration failure
    - vfio iommu type1: Fix memory leak in vfio_iommu_type1_pin_pages
    - clk: imx8mq: Fix usdhc parents order
    - SUNRPC: fix copying of multiple pages in gss_read_proxy_verf()
    - Input: imx6ul_tsc - clean up some errors in imx6ul_tsc_resume()
    - Input: stmfts - fix a & vs && typo
    - Input: ep93xx_keypad - fix handling of platform_get_irq() error
    - Input: omap4-keypad - fix handling of platform_get_irq() error
    - Input: twl4030_keypad - fix handling of platform_get_irq() error
    - Input: sun4i-ps2 - fix handling of platform_get_irq() error
    - KVM: x86: emulating RDPID failure shall return #UD rather than #GP
    - scsi: bfa: Fix error return in bfad_pci_init()
    - netfilter: conntrack: connection timeout after re-register
    - netfilter: ebtables: Fixes dropping of small packets in bridge nat
    - netfilter: nf_fwd_netdev: clear timestamp in forwarding path
    - arm64: dts: meson: vim3: correct led polarity
    - ARM: dts: imx6sl: fix rng node
    - ARM: at91: pm: of_node_put() after its usage
    - ARM: s3c24xx: fix mmc gpio lookup tables
    - ARM: dts: sun8i: r40: bananapi-m2-ultra: Fix dcdc1 regulator
    - arm64: dts: allwinner: h5: remove Mali GPU PMU module
    - memory: omap-gpmc: Fix a couple off by ones
    - memory: omap-gpmc: Fix build error without CONFIG_OF
    - memory: fsl-corenet-cf: Fix handling of platform_get_irq() error
    - arm64: dts: imx8mq: Add missing interrupts to GPC
    - arm64: dts: qcom: msm8916: Remove one more thermal trip point unit name
    - arm64: dts: qcom: pm8916: Remove invalid reg size from wcd_codec
    - arm64: dts: qcom: msm8916: Fix MDP/DSI interrupts
    - arm64: dts: renesas: r8a77990: Fix MSIOF1 DMA channels
    - arm64: dts: renesas: r8a774c0: Fix MSIOF1 DMA channels
    - arm64: dts: actions: limit address range for pinctrl node
    - ARM: dts: owl-s500: Fix incorrect PPI interrupt specifiers
    - soc: fsl: qbman: Fix return value on success
    - ARM: OMAP2+: Restore MPU power domain if cpu_cluster_pm_enter() fails
    - arm64: dts: zynqmp: Remove additional compatible string for i2c IPs
    - ARM: dts: meson8: remove two invalid interrupt lines from the GPU node
    - lightnvm: fix out-of-bounds write to array devices->info[]
    - powerpc/powernv/dump: Fix race while processing OPAL dump
    - powerpc/pseries: Avoid using addr_to_pfn in real mode
    - nvmet: fix uninitialized work for zero kato
    - NTB: hw: amd: fix an issue about leak system resources
    - sched/features: Fix !CONFIG_JUMP_LABEL case
    - perf: correct SNOOPX field offset
    - i2c: core: Restore acpi_walk_dep_device_list() getting called after
      registering the ACPI i2c devs
    - md/bitmap: fix memory leak of temporary bitmap
    - block: ratelimit handle_bad_sector() message
    - crypto: ccp - fix error handling
    - x86/asm: Replace __force_order with a memory clobber
    - x86/mce: Add Skylake quirk for patrol scrub reported errors
    - media: firewire: fix memory leak
    - media: ati_remote: sanity check for both endpoints
    - media: st-delta: Fix reference count leak in delta_run_work
    - media: sti: Fix reference count leaks
    - media: exynos4-is: Fix several reference count leaks due to
      pm_runtime_get_sync
    - media: exynos4-is: Fix a reference count leak due to pm_runtime_get_sync
    - media: exynos4-is: Fix a reference count leak
    - media: vsp1: Fix runtime PM imbalance on error
    - media: platform: s3c-camif: Fix runtime PM imbalance on error
    - media: platform: sti: hva: Fix runtime PM imbalance on error
    - media: bdisp: Fix runtime PM imbalance on error
    - media: media/pci: prevent memory leak in bttv_probe
    - x86/mce: Make mce_rdmsrl() panic on an inaccessible MSR
    - media: uvcvideo: Ensure all probed info is returned to v4l2
    - mmc: sdio: Check for CISTPL_VERS_1 buffer size
    - media: saa7134: avoid a shift overflow
    - media: venus: fixes for list corruption
    - fs: dlm: fix configfs memory leak
    - media: venus: core: Fix runtime PM imbalance in venus_probe
    - ntfs: add check for mft record size in superblock
    - ip_gre: set dev->hard_header_len and dev->needed_headroom properly
    - mac80211: handle lack of sband->bitrates in rates
    - PM: hibernate: remove the bogus call to get_gendisk() in software_resume()
    - scsi: mvumi: Fix error return in mvumi_io_attach()
    - scsi: target: core: Add CONTROL field for trace events
    - mic: vop: copy data to kernel space then write to io memory
    - misc: vop: add round_up(x,4) for vring_size to avoid kernel panic
    - usb: dwc3: Add splitdisable quirk for Hisilicon Kirin Soc
    - usb: gadget: function: printer: fix use-after-free in __lock_acquire
    - udf: Limit sparing table size
    - udf: Avoid accessing uninitialized data on failed inode read
    - rtw88: increse the size of rx buffer size
    - USB: cdc-acm: handle broken union descriptors
    - usb: dwc3: simple: add support for Hikey 970
    - can: flexcan: flexcan_chip_stop(): add error handling and propagate error
      value
    - ath9k: hif_usb: fix race condition between usb_get_urb() and
      usb_kill_anchored_urbs()
    - drm/panfrost: add amlogic reset quirk callback
    - bpf: Limit caller's stack depth 256 for subprogs with tailcalls
    - misc: rtsx: Fix memory leak in rtsx_pci_probe
    - reiserfs: only call unlock_new_inode() if I_NEW
    - opp: Prevent memory leak in dev_pm_opp_attach_genpd()
    - xfs: make sure the rt allocator doesn't run off the end
    - usb: ohci: Default to per-port over-current protection
    - Bluetooth: Only mark socket zapped after unlocking
    - drm/msm/a6xx: fix a potential overflow issue
    - iomap: fix WARN_ON_ONCE() from unprivileged users
    - scsi: ibmvfc: Fix error return in ibmvfc_probe()
    - scsi: qla2xxx: Warn if done() or free() are called on an already freed srb
    - selftests/bpf: Fix test_sysctl_loop{1, 2} failure due to clang change
    - brcmsmac: fix memory leak in wlc_phy_attach_lcnphy
    - rtl8xxxu: prevent potential memory leak
    - Fix use after free in get_capset_info callback.
    - HID: ite: Add USB id match for Acer One S1003 keyboard dock
    - scsi: qedf: Return SUCCESS if stale rport is encountered
    - scsi: qedi: Protect active command list to avoid list corruption
    - scsi: qedi: Fix list_del corruption while removing active I/O
    - fbmem: add margin check to fb_check_caps()
    - tty: ipwireless: fix error handling
    - Bluetooth: btusb: Fix memleak in btusb_mtk_submit_wmt_recv_urb
    - ipvs: Fix uninit-value in do_ip_vs_set_ctl()
    - reiserfs: Fix memory leak in reiserfs_parse_options()
    - mwifiex: don't call del_timer_sync() on uninitialized timer
    - ALSA: hda/ca0132 - Add AE-7 microphone selection commands.
    - ALSA: hda/ca0132 - Add new quirk ID for SoundBlaster AE-7.
    - scsi: smartpqi: Avoid crashing kernel for controller issues
    - brcm80211: fix possible memleak in brcmf_proto_msgbuf_attach
    - usb: core: Solve race condition in anchor cleanup functions
    - scsi: ufs: ufs-qcom: Fix race conditions caused by ufs_qcom_testbus_config()
    - dmaengine: dw: Add DMA-channels mask cell support
    - dmaengine: dw: Activate FIFO-mode for memory peripherals only
    - ath10k: check idx validity in __ath10k_htt_rx_ring_fill_n()
    - net: korina: cast KSEG0 address to pointer in kfree
    - s390/qeth: don't let HW override the configured port role
    - tty: serial: lpuart: fix lpuart32_write usage
    - tty: serial: fsl_lpuart: fix lpuart32_poll_get_char
    - usb: cdc-acm: add quirk to blacklist ETAS ES58X devices
    - USB: cdc-wdm: Make wdm_flush() interruptible and add wdm_fsync().
    - usb: cdns3: gadget: free interrupt after gadget has deleted
    - eeprom: at25: set minimum read/write access stride to 1
    - usb: gadget: f_ncm: allow using NCM in SuperSpeed Plus gadgets.
    - Linux 5.4.73
  * Focal update: v5.4.72 upstream stable release (LP: #1902111)
    - perf cs-etm: Move definition of 'traceid_list' global variable from header
      file
    - btrfs: don't pass system_chunk into can_overcommit
    - btrfs: take overcommit into account in inc_block_group_ro
    - ARM: 8939/1: kbuild: use correct nm executable
    - ACPI: Always build evged in
    - Bluetooth: Consolidate encryption handling in hci_encrypt_cfm
    - Bluetooth: Fix update of connection state in `hci_encrypt_cfm`
    - Bluetooth: Disconnect if E0 is used for Level 4
    - media: usbtv: Fix refcounting mixup
    - USB: serial: option: add Cellient MPL200 card
    - USB: serial: option: Add Telit FT980-KS composition
    - staging: comedi: check validity of wMaxPacketSize of usb endpoints found
    - USB: serial: pl2303: add device-id for HP GC device
    - USB: serial: ftdi_sio: add support for FreeCalypso JTAG+UART adapters
    - reiserfs: Initialize inode keys properly
    - reiserfs: Fix oops during mount
    - xen/events: don't use chip_data for legacy IRQs
    - crypto: bcm - Verify GCM/CCM key length in setkey
    - crypto: qat - check cipher length for aead AES-CBC-HMAC-SHA
    - Linux 5.4.72
  * Focal update: v5.4.71 upstream stable release (LP: #1902110)
    - fbdev, newport_con: Move FONT_EXTRA_WORDS macros into linux/font.h
    - Fonts: Support FONT_EXTRA_WORDS macros for built-in fonts
    - fbcon: Fix global-out-of-bounds read in fbcon_get_font()
    - Revert "ravb: Fixed to be able to unload modules"
    - io_uring: Fix resource leaking when kill the process
    - io_uring: Fix missing smp_mb() in io_cancel_async_work()
    - io_uring: Fix remove irrelevant req from the task_list
    - io_uring: Fix double list add in io_queue_async_work()
    - net: wireless: nl80211: fix out-of-bounds access in nl80211_del_key()
    - drm/nouveau/mem: guard against NULL pointer access in mem_del
    - vhost: Don't call access_ok() when using IOTLB
    - vhost: Use vhost_get_used_size() in vhost_vring_set_addr()
    - usermodehelper: reset umask to default before executing user process
    - Platform: OLPC: Fix memleak in olpc_ec_probe
    - platform/x86: intel-vbtn: Fix SW_TABLET_MODE always reporting 1 on the HP
      Pavilion 11 x360
    - platform/x86: thinkpad_acpi: initialize tp_nvram_state variable
    - bpf: Fix sysfs export of empty BTF section
    - bpf: Prevent .BTF section elimination
    - platform/x86: intel-vbtn: Switch to an allow-list for SW_TABLET_MODE
      reporting
    - platform/x86: thinkpad_acpi: re-initialize ACPI buffer size when reuse
    - driver core: Fix probe_count imbalance in really_probe()
    - perf test session topology: Fix data path
    - perf top: Fix stdio interface input handling with glibc 2.28+
    - i2c: i801: Exclude device from suspend direct complete optimization
    - arm64: dts: stratix10: add status to qspi dts node
    - Btrfs: send, allow clone operations within the same file
    - Btrfs: send, fix emission of invalid clone operations within the same file
    - btrfs: volumes: Use more straightforward way to calculate map length
    - btrfs: Ensure we trim ranges across block group boundary
    - btrfs: fix RWF_NOWAIT write not failling when we need to cow
    - btrfs: allow btrfs_truncate_block() to fallback to nocow for data space
      reservation
    - nvme-core: put ctrl ref when module ref get fail
    - macsec: avoid use-after-free in macsec_handle_frame()
    - mm/khugepaged: fix filemap page_to_pgoff(page) != offset
    - net: introduce helper sendpage_ok() in include/linux/net.h
    - tcp: use sendpage_ok() to detect misused .sendpage
    - nvme-tcp: check page by sendpage_ok() before calling kernel_sendpage()
    - xfrmi: drop ignore_df check before updating pmtu
    - cifs: Fix incomplete memory allocation on setxattr path
    - i2c: meson: fix clock setting overwrite
    - i2c: meson: fixup rate calculation with filter delay
    - i2c: owl: Clear NACK and BUS error bits
    - sctp: fix sctp_auth_init_hmacs() error path
    - team: set dev->needed_headroom in team_setup_by_port()
    - net: team: fix memory leak in __team_options_register
    - openvswitch: handle DNAT tuple collision
    - drm/amdgpu: prevent double kfree ttm->sg
    - iommu/vt-d: Fix lockdep splat in iommu_flush_dev_iotlb()
    - xfrm: clone XFRMA_SET_MARK in xfrm_do_migrate
    - xfrm: clone XFRMA_REPLAY_ESN_VAL in xfrm_do_migrate
    - xfrm: clone XFRMA_SEC_CTX in xfrm_do_migrate
    - xfrm: clone whole liftime_cur structure in xfrm_do_migrate
    - net: stmmac: removed enabling eee in EEE set callback
    - platform/x86: fix kconfig dependency warning for FUJITSU_LAPTOP
    - xfrm: Use correct address family in xfrm_state_find
    - iavf: use generic power management
    - iavf: Fix incorrect adapter get in iavf_resume
    - net: ethernet: cavium: octeon_mgmt: use phy_start and phy_stop
    - bonding: set dev->needed_headroom in bond_setup_by_slave()
    - mdio: fix mdio-thunder.c dependency & build error
    - mlxsw: spectrum_acl: Fix mlxsw_sp_acl_tcam_group_add()'s error path
    - r8169: fix RTL8168f/RTL8411 EPHY config
    - net: usb: ax88179_178a: fix missing stop entry in driver_info
    - virtio-net: don't disable guest csum when disable LRO
    - net/mlx5: Avoid possible free of command entry while timeout comp handler
    - net/mlx5: Fix request_irqs error flow
    - net/mlx5e: Add resiliency in Striding RQ mode for packets larger than MTU
    - net/mlx5e: Fix VLAN cleanup flow
    - net/mlx5e: Fix VLAN create flow
    - rxrpc: Fix rxkad token xdr encoding
    - rxrpc: Downgrade the BUG() for unsupported token type in rxrpc_read()
    - rxrpc: Fix some missing _bh annotations on locking conn->state_lock
    - rxrpc: The server keyring isn't network-namespaced
    - rxrpc: Fix server keyring leak
    - perf: Fix task_function_call() error handling
    - mmc: core: don't set limits.discard_granularity as 0
    - mm: khugepaged: recalculate min_free_kbytes after memory hotplug as expected
      by khugepaged
    - tcp: fix receive window update in tcp_add_backlog()
    - net/core: check length before updating Ethertype in skb_mpls_{push,pop}
    - net/tls: race causes kernel panic
    - net/mlx5e: Fix driver's declaration to support GRE offload
    - Input: ati_remote2 - add missing newlines when printing module parameters
    - net: usb: rtl8150: set random MAC address when set_ethernet_addr() fails
    - net_sched: defer tcf_idr_insert() in tcf_action_init_1()
    - net_sched: commit action insertions together
    - Linux 5.4.71
  * kci_test_encap_fou() in rtnetlink.sh from kselftests/net failed with "FAIL:
    can't add fou port 7777, skipping test" (LP: #1891421)
    - selftests: rtnetlink: load fou module for kci_test_encap_fou() test
  * alsa/hda/realtek - The front Mic on a HP machine doesn't work (LP: #1899508)
    - ALSA: hda/realtek - The front Mic on a HP machine doesn't work
  * Enable brightness control on HP DreamColor panel (LP: #1898865)
    - drm/i915/dpcd_bl: Unbreak enable_dpcd_backlight modparam
    - SAUCE: drm/i915/dpcd_bl: Skip testing control capability with force DPCD
      quirk
    - SAUCE: drm/dp: HP DreamColor panel brigntness fix
  * Fix non-working Intel NVMe after S3 (LP: #1900847)
    - SAUCE: PCI: Enable ACS quirk on all CML root ports
  * bcache: Issues with large IO wait in bch_mca_scan() when shrinker is enabled
    (LP: #1898786)
    - bcache: remove member accessed from struct btree
    - bcache: reap c->btree_cache_freeable from the tail in bch_mca_scan()
    - bcache: reap from tail of c->btree_cache in bch_mca_scan()
  * Improve descriptions for XFAIL cases in kselftests/net/psock_snd
    (LP: #1900088)
    - selftests/net: improve descriptions for XFAIL cases in psock_snd.sh
  * ceph: fix inode number handling on arches with 32-bit ino_t (LP: #1899582)
    - ceph: fix inode number handling on arches with 32-bit ino_t
  * Fix system reboot when disconnecting WiFi (LP: #1899726)
    - iwlwifi: msix: limit max RX queues for 9000 family
  * Fix broken MSI interrupt after HDA controller was suspended (LP: #1899586)
    - ALSA: hda: fix jack detection with Realtek codecs when in D3
  * Focal update: v5.4.70 upstream stable release (LP: #1900632)
    - btrfs: fix filesystem corruption after a device replace
    - mmc: sdhci: Workaround broken command queuing on Intel GLK based IRBIS
      models
    - USB: gadget: f_ncm: Fix NDP16 datagram validation
    - gpio: siox: explicitly support only threaded irqs
    - gpio: mockup: fix resource leak in error path
    - gpio: tc35894: fix up tc35894 interrupt configuration
    - clk: socfpga: stratix10: fix the divider for the emac_ptp_free_clk
    - vsock/virtio: add transport parameter to the
      virtio_transport_reset_no_sock()
    - net: virtio_vsock: Enhance connection semantics
    - xfs: trim IO to found COW extent limit
    - Input: i8042 - add nopnp quirk for Acer Aspire 5 A515
    - iio: adc: qcom-spmi-adc5: fix driver name
    - ftrace: Move RCU is watching check after recursion check
    - memstick: Skip allocating card when removing host
    - drm/amdgpu: restore proper ref count in amdgpu_display_crtc_set_config
    - clocksource/drivers/timer-gx6605s: Fixup counter reload
    - libbpf: Remove arch-specific include path in Makefile
    - drivers/net/wan/hdlc_fr: Add needed_headroom for PVC devices
    - drm/sun4i: mixer: Extend regmap max_register
    - net: dec: de2104x: Increase receive ring size for Tulip
    - rndis_host: increase sleep time in the query-response loop
    - nvme-core: get/put ctrl and transport module in nvme_dev_open/release()
    - fuse: fix the ->direct_IO() treatment of iov_iter
    - drivers/net/wan/lapbether: Make skb->protocol consistent with the header
    - drivers/net/wan/hdlc: Set skb->protocol before transmitting
    - mac80211: Fix radiotap header channel flag for 6GHz band
    - mac80211: do not allow bigger VHT MPDUs than the hardware supports
    - tracing: Make the space reserved for the pid wider
    - tools/io_uring: fix compile breakage
    - spi: fsl-espi: Only process interrupts for expected events
    - nvme-pci: fix NULL req in completion handler
    - nvme-fc: fail new connections to a deleted host or remote port
    - gpio: sprd: Clear interrupt when setting the type as edge
    - phy: ti: am654: Fix a leak in serdes_am654_probe()
    - pinctrl: mvebu: Fix i2c sda definition for 98DX3236
    - nfs: Fix security label length not being reset
    - clk: tegra: Always program PLL_E when enabled
    - clk: samsung: exynos4: mark 'chipid' clock as CLK_IGNORE_UNUSED
    - iommu/exynos: add missing put_device() call in exynos_iommu_of_xlate()
    - gpio/aspeed-sgpio: enable access to all 80 input & output sgpios
    - gpio/aspeed-sgpio: don't enable all interrupts by default
    - gpio: aspeed: fix ast2600 bank properties
    - i2c: cpm: Fix i2c_ram structure
    - Input: trackpoint - enable Synaptics trackpoints
    - scripts/dtc: only append to HOST_EXTRACFLAGS instead of overwriting
    - random32: Restore __latent_entropy attribute on net_rand_state
    - block/diskstats: more accurate approximation of io_ticks for slow disks
    - mm: replace memmap_context by meminit_context
    - mm: don't rely on system state to detect hot-plug operations
    - nvme: Cleanup and rename nvme_block_nr()
    - nvme: Introduce nvme_lba_to_sect()
    - nvme: consolidate chunk_sectors settings
    - epoll: do not insert into poll queues until all sanity checks are done
    - epoll: replace ->visited/visited_list with generation count
    - epoll: EPOLL_CTL_ADD: close the race in decision to take fast path
    - ep_create_wakeup_source(): dentry name can change under you...
    - netfilter: ctnetlink: add a range check for l3/l4 protonum
    - Linux 5.4.70
  * Focal update: v5.4.69 upstream stable release (LP: #1900624)
    - kernel/sysctl-test: Add null pointer test for sysctl.c:proc_dointvec()
    - selinux: allow labeling before policy is loaded
    - media: mc-device.c: fix memleak in media_device_register_entity
    - drm/amd/display: Do not double-buffer DTO adjustments
    - drm/amdkfd: Fix race in gfx10 context restore handler
    - dma-fence: Serialise signal enabling (dma_fence_enable_sw_signaling)
    - scsi: qla2xxx: Add error handling for PLOGI ELS passthrough
    - ath10k: fix array out-of-bounds access
    - ath10k: fix memory leak for tpc_stats_final
    - PCI/IOV: Serialize sysfs sriov_numvfs reads vs writes
    - mm: fix double page fault on arm64 if PTE_AF is cleared
    - scsi: aacraid: fix illegal IO beyond last LBA
    - m68k: q40: Fix info-leak in rtc_ioctl
    - xfs: fix inode fork extent count overflow
    - gma/gma500: fix a memory disclosure bug due to uninitialized bytes
    - ASoC: kirkwood: fix IRQ error handling
    - soundwire: intel/cadence: fix startup sequence
    - media: smiapp: Fix error handling at NVM reading
    - drm/amd/display: Free gamma after calculating legacy transfer function
    - xfs: properly serialise fallocate against AIO+DIO
    - leds: mlxreg: Fix possible buffer overflow
    - dm table: do not allow request-based DM to stack on partitions
    - PM / devfreq: tegra30: Fix integer overflow on CPU's freq max out
    - scsi: fnic: fix use after free
    - powerpc/64s: Always disable branch profiling for prom_init.o
    - net: silence data-races on sk_backlog.tail
    - dax: Fix alloc_dax_region() compile warning
    - iomap: Fix overflow in iomap_page_mkwrite
    - f2fs: avoid kernel panic on corruption test
    - clk/ti/adpll: allocate room for terminating null
    - drm/amdgpu/powerplay: fix AVFS handling with custom powerplay table
    - ice: Fix to change Rx/Tx ring descriptor size via ethtool with DCBx
    - mtd: cfi_cmdset_0002: don't free cfi->cfiq in error path of
      cfi_amdstd_setup()
    - mfd: mfd-core: Protect against NULL call-back function pointer
    - drm/amdgpu/powerplay/smu7: fix AVFS handling with custom powerplay table
    - tpm_crb: fix fTPM on AMD Zen+ CPUs
    - tracing: Verify if trace array exists before destroying it.
    - tracing: Adding NULL checks for trace_array descriptor pointer
    - bcache: fix a lost wake-up problem caused by mca_cannibalize_lock
    - dmaengine: mediatek: hsdma_probe: fixed a memory leak when devm_request_irq
      fails
    - x86/kdump: Always reserve the low 1M when the crashkernel option is
      specified
    - RDMA/qedr: Fix potential use after free
    - RDMA/i40iw: Fix potential use after free
    - PCI: Avoid double hpmemsize MMIO window assignment
    - fix dget_parent() fastpath race
    - xfs: fix attr leaf header freemap.size underflow
    - RDMA/iw_cgxb4: Fix an error handling path in 'c4iw_connect()'
    - ubi: Fix producing anchor PEBs
    - mmc: core: Fix size overflow for mmc partitions
    - gfs2: clean up iopen glock mess in gfs2_create_inode
    - scsi: pm80xx: Cleanup command when a reset times out
    - mt76: do not use devm API for led classdev
    - mt76: add missing locking around ampdu action
    - debugfs: Fix !DEBUG_FS debugfs_create_automount
    - SUNRPC: Capture completion of all RPC tasks
    - CIFS: Use common error handling code in smb2_ioctl_query_info()
    - CIFS: Properly process SMB3 lease breaks
    - f2fs: stop GC when the victim becomes fully valid
    - ASoC: max98090: remove msleep in PLL unlocked workaround
    - xtensa: fix system_call interaction with ptrace
    - s390: avoid misusing CALL_ON_STACK for task stack setup
    - xfs: fix realtime file data space leak
    - drm/amdgpu: fix calltrace during kmd unload(v3)
    - arm64: insn: consistently handle exit text
    - selftests/bpf: De-flake test_tcpbpf
    - kernel/notifier.c: intercept duplicate registrations to avoid infinite loops
    - kernel/sys.c: avoid copying possible padding bytes in copy_to_user
    - KVM: arm/arm64: vgic: Fix potential double free dist->spis in
      __kvm_vgic_destroy()
    - module: Remove accidental change of module_enable_x()
    - xfs: fix log reservation overflows when allocating large rt extents
    - ALSA: hda: enable regmap internal locking
    - tipc: fix link overflow issue at socket shutdown
    - vcc_seq_next should increase position index
    - neigh_stat_seq_next() should increase position index
    - rt_cpu_seq_next should increase position index
    - ipv6_route_seq_next should increase position index
    - drm/mcde: Handle pending vblank while disabling display
    - seqlock: Require WRITE_ONCE surrounding raw_seqcount_barrier
    - drm/scheduler: Avoid accessing freed bad job.
    - media: ti-vpe: cal: Restrict DMA to avoid memory corruption
    - opp: Replace list_kref with a local counter
    - scsi: qla2xxx: Fix stuck session in GNL
    - sctp: move trace_sctp_probe_path into sctp_outq_sack
    - ACPI: EC: Reference count query handlers under lock
    - scsi: ufs: Make ufshcd_add_command_trace() easier to read
    - scsi: ufs: Fix a race condition in the tracing code
    - drm/amd/display: Initialize DSC PPS variables to 0
    - i2c: tegra: Prevent interrupt triggering after transfer timeout
    - btrfs: tree-checker: Check leaf chunk item size
    - dmaengine: zynqmp_dma: fix burst length configuration
    - s390/cpum_sf: Use kzalloc and minor changes
    - nfsd: Fix a soft lockup race in nfsd_file_mark_find_or_create()
    - powerpc/eeh: Only dump stack once if an MMIO loop is detected
    - Bluetooth: btrtl: Use kvmalloc for FW allocations
    - tracing: Set kernel_stack's caller size properly
    - ARM: 8948/1: Prevent OOB access in stacktrace
    - ar5523: Add USB ID of SMCWUSBT-G2 wireless adapter
    - ceph: ensure we have a new cap before continuing in fill_inode
    - selftests/ftrace: fix glob selftest
    - tools/power/x86/intel_pstate_tracer: changes for python 3 compatibility
    - Bluetooth: Fix refcount use-after-free issue
    - mm/swapfile.c: swap_next should increase position index
    - mm: pagewalk: fix termination condition in walk_pte_range()
    - Bluetooth: prefetch channel before killing sock
    - ALSA: hda: Clear RIRB status before reading WP
    - skbuff: fix a data race in skb_queue_len()
    - nfsd: Fix a perf warning
    - drm/amd/display: fix workaround for incorrect double buffer register for DLG
      ADL and TTU
    - audit: CONFIG_CHANGE don't log internal bookkeeping as an event
    - selinux: sel_avc_get_stat_idx should increase position index
    - drm/omap: fix possible object reference leak
    - locking/lockdep: Decrement IRQ context counters when removing lock chain
    - clk: stratix10: use do_div() for 64-bit calculation
    - crypto: chelsio - This fixes the kernel panic which occurs during a libkcapi
      test
    - mt76: clear skb pointers from rx aggregation reorder buffer during cleanup
    - mt76: fix handling full tx queues in mt76_dma_tx_queue_skb_raw
    - ALSA: usb-audio: Don't create a mixer element with bogus volume range
    - perf test: Fix test trace+probe_vfs_getname.sh on s390
    - RDMA/rxe: Fix configuration of atomic queue pair attributes
    - KVM: x86: fix incorrect comparison in trace event
    - KVM: nVMX: Hold KVM's srcu lock when syncing vmcs12->shadow
    - dmaengine: stm32-mdma: use vchan_terminate_vdesc() in .terminate_all
    - media: staging/imx: Missing assignment in
      imx_media_capture_device_register()
    - x86/pkeys: Add check for pkey "overflow"
    - bpf: Remove recursion prevention from rcu free callback
    - dmaengine: stm32-dma: use vchan_terminate_vdesc() in .terminate_all
    - dmaengine: tegra-apb: Prevent race conditions on channel's freeing
    - soundwire: bus: disable pm_runtime in sdw_slave_delete
    - drm/amd/display: dal_ddc_i2c_payloads_create can fail causing panic
    - drm/omap: dss: Cleanup DSS ports on initialisation failure
    - iavf: use tc_cls_can_offload_and_chain0() instead of chain check
    - firmware: arm_sdei: Use cpus_read_lock() to avoid races with cpuhp
    - random: fix data races at timer_rand_state
    - bus: hisi_lpc: Fixup IO ports addresses to avoid use-after-free in host
      removal
    - ASoC: SOF: ipc: check ipc return value before data copy
    - media: go7007: Fix URB type for interrupt handling
    - Bluetooth: guard against controllers sending zero'd events
    - timekeeping: Prevent 32bit truncation in scale64_check_overflow()
    - powerpc/book3s64: Fix error handling in mm_iommu_do_alloc()
    - drm/amd/display: fix image corruption with ODM 2:1 DSC 2 slice
    - ext4: fix a data race at inode->i_disksize
    - perf jevents: Fix leak of mapfile memory
    - mm: avoid data corruption on CoW fault into PFN-mapped VMA
    - drm/amdgpu: increase atombios cmd timeout
    - ARM: OMAP2+: Handle errors for cpu_pm
    - clk: imx: Fix division by zero warning on pfdv2
    - cpu-topology: Fix the potential data corruption
    - s390/irq: replace setup_irq() by request_irq()
    - perf cs-etm: Swap packets for instruction samples
    - perf cs-etm: Correct synthesizing instruction samples
    - ath10k: use kzalloc to read for ath10k_sdio_hif_diag_read
    - scsi: aacraid: Disabling TM path and only processing IOP reset
    - Bluetooth: L2CAP: handle l2cap config request during open state
    - media: tda10071: fix unsigned sign extension overflow
    - tty: sifive: Finish transmission before changing the clock
    - xfs: don't ever return a stale pointer from __xfs_dir3_free_read
    - xfs: mark dir corrupt when lookup-by-hash fails
    - ext4: mark block bitmap corrupted when found instead of BUGON
    - tpm: ibmvtpm: Wait for buffer to be set before proceeding
    - rtc: sa1100: fix possible race condition
    - rtc: ds1374: fix possible race condition
    - nfsd: Don't add locks to closed or closing open stateids
    - RDMA/cm: Remove a race freeing timewait_info
    - intel_th: Disallow multi mode on devices where it's broken
    - KVM: PPC: Book3S HV: Treat TM-related invalid form instructions on P9 like
      the valid ones
    - drm/msm: fix leaks if initialization fails
    - drm/msm/a5xx: Always set an OPP supported hardware value
    - tracing: Use address-of operator on section symbols
    - thermal: rcar_thermal: Handle probe error gracefully
    - KVM: LAPIC: Mark hrtimer for period or oneshot mode to expire in hard
      interrupt context
    - perf parse-events: Fix 3 use after frees found with clang ASAN
    - btrfs: do not init a reloc root if we aren't relocating
    - btrfs: free the reloc_control in a consistent way
    - r8169: improve RTL8168b FIFO overflow workaround
    - serial: 8250_port: Don't service RX FIFO if throttled
    - serial: 8250_omap: Fix sleeping function called from invalid context during
      probe
    - serial: 8250: 8250_omap: Terminate DMA before pushing data on RX timeout
    - perf cpumap: Fix snprintf overflow check
    - net: axienet: Convert DMA error handler to a work queue
    - net: axienet: Propagate failure of DMA descriptor setup
    - cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_work_fn
    - tools: gpio-hammer: Avoid potential overflow in main
    - exec: Add exec_update_mutex to replace cred_guard_mutex
    - exec: Fix a deadlock in strace
    - selftests/ptrace: add test cases for dead-locks
    - kernel/kcmp.c: Use new infrastructure to fix deadlocks in execve
    - proc: Use new infrastructure to fix deadlocks in execve
    - proc: io_accounting: Use new infrastructure to fix deadlocks in execve
    - perf: Use new infrastructure to fix deadlocks in execve
    - nvme-multipath: do not reset on unknown status
    - nvme: Fix ctrl use-after-free during sysfs deletion
    - nvme: Fix controller creation races with teardown flow
    - brcmfmac: Fix double freeing in the fmac usb data path
    - xfs: prohibit fs freezing when using empty transactions
    - RDMA/rxe: Set sys_image_guid to be aligned with HW IB devices
    - IB/iser: Always check sig MR before putting it to the free pool
    - scsi: hpsa: correct race condition in offload enabled
    - SUNRPC: Fix a potential buffer overflow in 'svc_print_xprts()'
    - svcrdma: Fix leak of transport addresses
    - netfilter: nf_tables: silence a RCU-list warning in nft_table_lookup()
    - PCI: Use ioremap(), not phys_to_virt() for platform ROM
    - ubifs: ubifs_jnl_write_inode: Fix a memory leak bug
    - ubifs: ubifs_add_orphan: Fix a memory leak bug
    - ubifs: Fix out-of-bounds memory access caused by abnormal value of node_len
    - ALSA: usb-audio: Fix case when USB MIDI interface has more than one extra
      endpoint descriptor
    - PCI: pciehp: Fix MSI interrupt race
    - NFS: Fix races nfs_page_group_destroy() vs
      nfs_destroy_unlinked_subrequests()
    - drm/amdgpu/vcn2.0: stall DPG when WPTR/RPTR reset
    - powerpc/perf: Implement a global lock to avoid races between trace, core and
      thread imc events.
    - mm/kmemleak.c: use address-of operator on section symbols
    - mm/filemap.c: clear page error before actual read
    - mm/swapfile: fix data races in try_to_unuse()
    - mm/vmscan.c: fix data races using kswapd_classzone_idx
    - SUNRPC: Don't start a timer on an already queued rpc task
    - nvmet-rdma: fix double free of rdma queue
    - workqueue: Remove the warning in wq_worker_sleeping()
    - drm/amdgpu/sriov add amdgpu_amdkfd_pre_reset in gpu reset
    - mm/mmap.c: initialize align_offset explicitly for vm_unmapped_area
    - ALSA: hda: Skip controller resume if not needed
    - scsi: qedi: Fix termination timeouts in session logout
    - serial: uartps: Wait for tx_empty in console setup
    - btrfs: fix setting last_trans for reloc roots
    - KVM: Remove CREATE_IRQCHIP/SET_PIT2 race
    - perf stat: Force error in fallback on :k events
    - bdev: Reduce time holding bd_mutex in sync in blkdev_close()
    - drivers: char: tlclk.c: Avoid data race between init and interrupt handler
    - KVM: arm64: vgic-v3: Retire all pending LPIs on vcpu destroy
    - KVM: arm64: vgic-its: Fix memory leak on the error path of vgic_add_lpi()
    - net: openvswitch: use u64 for meter bucket
    - scsi: aacraid: Fix error handling paths in aac_probe_one()
    - staging:r8188eu: avoid skb_clone for amsdu to msdu conversion
    - sparc64: vcc: Fix error return code in vcc_probe()
    - arm64: cpufeature: Relax checks for AArch32 support at EL[0-2]
    - sched/fair: Eliminate bandwidth race between throttling and distribution
    - dpaa2-eth: fix error return code in setup_dpni()
    - dt-bindings: sound: wm8994: Correct required supplies based on actual
      implementaion
    - devlink: Fix reporter's recovery condition
    - atm: fix a memory leak of vcc->user_back
    - media: venus: vdec: Init registered list unconditionally
    - perf mem2node: Avoid double free related to realloc
    - mm/slub: fix incorrect interpretation of s->offset
    - i2c: tegra: Restore pinmux on system resume
    - power: supply: max17040: Correct voltage reading
    - phy: samsung: s5pv210-usb2: Add delay after reset
    - Bluetooth: Handle Inquiry Cancel error after Inquiry Complete
    - USB: EHCI: ehci-mv: fix error handling in mv_ehci_probe()
    - KVM: x86: handle wrap around 32-bit address space
    - tipc: fix memory leak in service subscripting
    - tty: serial: samsung: Correct clock selection logic
    - ALSA: hda: Fix potential race in unsol event handler
    - drm/exynos: dsi: Remove bridge node reference in error handling path in
      probe function
    - ipmi:bt-bmc: Fix error handling and status check
    - powerpc/traps: Make unrecoverable NMIs die instead of panic
    - svcrdma: Fix backchannel return code
    - fuse: don't check refcount after stealing page
    - fuse: update attr_version counter on fuse_notify_inval_inode()
    - USB: EHCI: ehci-mv: fix less than zero comparison of an unsigned int
    - coresight: etm4x: Fix use-after-free of per-cpu etm drvdata
    - arm64: acpi: Make apei_claim_sea() synchronise with APEI's irq work
    - scsi: cxlflash: Fix error return code in cxlflash_probe()
    - arm64/cpufeature: Drop TraceFilt feature exposure from ID_DFR0 register
    - drm/amdkfd: fix restore worker race condition
    - e1000: Do not perform reset in reset_task if we are already down
    - drm/nouveau/debugfs: fix runtime pm imbalance on error
    - drm/nouveau: fix runtime pm imbalance on error
    - drm/nouveau/dispnv50: fix runtime pm imbalance on error
    - printk: handle blank console arguments passed in.
    - usb: dwc3: Increase timeout for CmdAct cleared by device controller
    - btrfs: don't force read-only after error in drop snapshot
    - btrfs: fix double __endio_write_update_ordered in direct I/O
    - gpio: rcar: Fix runtime PM imbalance on error
    - vfio/pci: fix memory leaks of eventfd ctx
    - KVM: PPC: Book3S HV: Close race with page faults around memslot flushes
    - perf evsel: Fix 2 memory leaks
    - perf trace: Fix the selection for architectures to generate the errno name
      tables
    - perf stat: Fix duration_time value for higher intervals
    - perf util: Fix memory leak of prefix_if_not_in
    - perf metricgroup: Free metric_events on error
    - perf kcore_copy: Fix module map when there are no modules loaded
    - PCI: tegra194: Fix runtime PM imbalance on error
    - ASoC: img-i2s-out: Fix runtime PM imbalance on error
    - wlcore: fix runtime pm imbalance in wl1271_tx_work
    - wlcore: fix runtime pm imbalance in wlcore_regdomain_config
    - mtd: rawnand: gpmi: Fix runtime PM imbalance on error
    - mtd: rawnand: omap_elm: Fix runtime PM imbalance on error
    - PCI: tegra: Fix runtime PM imbalance on error
    - ceph: fix potential race in ceph_check_caps
    - mm/swap_state: fix a data race in swapin_nr_pages
    - mm: memcontrol: fix stat-corrupting race in charge moving
    - rapidio: avoid data race between file operation callbacks and
      mport_cdev_add().
    - mtd: parser: cmdline: Support MTD names containing one or more colons
    - x86/speculation/mds: Mark mds_user_clear_cpu_buffers() __always_inline
    - NFS: nfs_xdr_status should record the procedure name
    - vfio/pci: Clear error and request eventfd ctx after releasing
    - cifs: Fix double add page to memcg when cifs_readpages
    - nvme: fix possible deadlock when I/O is blocked
    - mac80211: skip mpath lookup also for control port tx
    - scsi: libfc: Handling of extra kref
    - scsi: libfc: Skip additional kref updating work event
    - selftests/x86/syscall_nt: Clear weird flags after each test
    - vfio/pci: fix racy on error and request eventfd ctx
    - btrfs: qgroup: fix data leak caused by race between writeback and truncate
    - perf tests: Fix test 68 zstd compression for s390
    - scsi: qla2xxx: Retry PLOGI on FC-NVMe PRLI failure
    - ubi: fastmap: Free unused fastmap anchor peb during detach
    - mt76: fix LED link time failure
    - opp: Increase parsed_static_opps in _of_add_opp_table_v1()
    - perf parse-events: Use strcmp() to compare the PMU name
    - ALSA: hda: Always use jackpoll helper for jack update after resume
    - ALSA: hda: Workaround for spurious wakeups on some Intel platforms
    - net: openvswitch: use div_u64() for 64-by-32 divisions
    - nvme: explicitly update mpath disk capacity on revalidation
    - device_cgroup: Fix RCU list debugging warning
    - ASoC: pcm3168a: ignore 0 Hz settings
    - ASoC: wm8994: Skip setting of the WM8994_MICBIAS register for WM1811
    - ASoC: wm8994: Ensure the device is resumed in wm89xx_mic_detect functions
    - ASoC: Intel: bytcr_rt5640: Add quirk for MPMAN Converter9 2-in-1
    - RISC-V: Take text_mutex in ftrace_init_nop()
    - i2c: aspeed: Mask IRQ status to relevant bits
    - s390/init: add missing __init annotations
    - lockdep: fix order in trace_hardirqs_off_caller()
    - EDAC/ghes: Check whether the driver is on the safe list correctly
    - drm/amdkfd: fix a memory leak issue
    - drm/amd/display: update nv1x stutter latencies
    - drm/amdgpu/dc: Require primary plane to be enabled whenever the CRTC is
    - objtool: Fix noreturn detection for ignored functions
    - ieee802154: fix one possible memleak in ca8210_dev_com_init
    - ieee802154/adf7242: check status of adf7242_read_reg
    - clocksource/drivers/h8300_timer8: Fix wrong return value in
      h8300_8timer_init()
    - batman-adv: bla: fix type misuse for backbone_gw hash indexing
    - atm: eni: fix the missed pci_disable_device() for eni_init_one()
    - batman-adv: mcast/TT: fix wrongly dropped or rerouted packets
    - netfilter: conntrack: nf_conncount_init is failing with IPv6 disabled
    - mac802154: tx: fix use-after-free
    - bpf: Fix clobbering of r2 in bpf_gen_ld_abs
    - drm/vc4/vc4_hdmi: fill ASoC card owner
    - net: qed: Disable aRFS for NPAR and 100G
    - net: qede: Disable aRFS for NPAR and 100G
    - net: qed: RDMA personality shouldn't fail VF load
    - drm/sun4i: sun8i-csc: Secondary CSC register correction
    - batman-adv: Add missing include for in_interrupt()
    - nvme-tcp: fix kconfig dependency warning when !CRYPTO
    - batman-adv: mcast: fix duplicate mcast packets in BLA backbone from LAN
    - batman-adv: mcast: fix duplicate mcast packets in BLA backbone from mesh
    - batman-adv: mcast: fix duplicate mcast packets from BLA backbone to mesh
    - bpf: Fix a rcu warning for bpffs map pretty-print
    - lib80211: fix unmet direct dependendices config warning when !CRYPTO
    - ALSA: asihpi: fix iounmap in error handler
    - regmap: fix page selection for noinc reads
    - regmap: fix page selection for noinc writes
    - MIPS: Add the missing 'CPU_1074K' into __get_cpu_type()
    - regulator: axp20x: fix LDO2/4 description
    - KVM: x86: Reset MMU context if guest toggles CR4.SMAP or CR4.PKE
    - KVM: SVM: Add a dedicated INVD intercept routine
    - mm: validate pmd after splitting
    - arch/x86/lib/usercopy_64.c: fix __copy_user_flushcache() cache writeback
    - x86/ioapic: Unbreak check_timer()
    - scsi: lpfc: Fix initial FLOGI failure due to BBSCN not supported
    - ALSA: usb-audio: Add delay quirk for H570e USB headsets
    - ALSA: hda/realtek - Couldn't detect Mic if booting with headset plugged
    - ALSA: hda/realtek: Enable front panel headset LED on Lenovo ThinkStation
      P520
    - lib/string.c: implement stpcpy
    - tracing: fix double free
    - s390/dasd: Fix zero write for FBA devices
    - kprobes: Fix to check probe enabled before disarm_kprobe_ftrace()
    - kprobes: tracing/kprobes: Fix to kill kprobes on initmem after boot
    - btrfs: fix overflow when copying corrupt csums for a message
    - dmabuf: fix NULL pointer dereference in dma_buf_release()
    - mm, THP, swap: fix allocating cluster for swapfile by mistake
    - mm/gup: fix gup_fast with dynamic page table folding
    - s390/zcrypt: Fix ZCRYPT_PERDEV_REQCNT ioctl
    - KVM: arm64: Assume write fault on S1PTW permission fault on instruction
      fetch
    - dm: fix bio splitting and its bio completion order for regular IO
    - ata: define AC_ERR_OK
    - ata: make qc_prep return ata_completion_errors
    - ata: sata_mv, avoid trigerrable BUG_ON
    - Linux 5.4.69
  * Focal update: v5.4.68 upstream stable release (LP: #1899511)
    - af_key: pfkey_dump needs parameter validation
    - ibmvnic fix NULL tx_pools and rx_tools issue at do_reset
    - ibmvnic: add missing parenthesis in do_reset()
    - kprobes: fix kill kprobe which has been marked as gone
    - mm/thp: fix __split_huge_pmd_locked() for migration PMD
    - act_ife: load meta modules before tcf_idr_check_alloc()
    - bnxt_en: Avoid sending firmware messages when AER error is detected.
    - bnxt_en: Fix NULL ptr dereference crash in bnxt_fw_reset_task()
    - cxgb4: fix memory leak during module unload
    - cxgb4: Fix offset when clearing filter byte counters
    - geneve: add transport ports in route lookup for geneve
    - hdlc_ppp: add range checks in ppp_cp_parse_cr()
    - ip: fix tos reflection in ack and reset packets
    - ipv4: Initialize flowi4_multipath_hash in data path
    - ipv4: Update exception handling for multipath routes via same device
    - ipv6: avoid lockdep issue in fib6_del()
    - net: bridge: br_vlan_get_pvid_rcu() should dereference the VLAN group under
      RCU
    - net: DCB: Validate DCB_ATTR_DCB_BUFFER argument
    - net: dsa: rtl8366: Properly clear member config
    - net: Fix bridge enslavement failure
    - net: ipv6: fix kconfig dependency warning for IPV6_SEG6_HMAC
    - net/mlx5: Fix FTE cleanup
    - net: sch_generic: aviod concurrent reset and enqueue op for lockless qdisc
    - net: sctp: Fix IPv6 ancestor_size calc in sctp_copy_descendant
    - nfp: use correct define to return NONE fec
    - taprio: Fix allowing too small intervals
    - tipc: Fix memory leak in tipc_group_create_member()
    - tipc: fix shutdown() of connection oriented socket
    - tipc: use skb_unshare() instead in tipc_buf_append()
    - net/mlx5e: Enable adding peer miss rules only if merged eswitch is supported
    - net/mlx5e: TLS, Do not expose FPGA TLS counter if not supported
    - bnxt_en: return proper error codes in bnxt_show_temp
    - bnxt_en: Protect bnxt_set_eee() and bnxt_set_pauseparam() with mutex.
    - net: lantiq: Wake TX queue again
    - net: lantiq: use netif_tx_napi_add() for TX NAPI
    - net: lantiq: Use napi_complete_done()
    - net: lantiq: Disable IRQs only if NAPI gets scheduled
    - net: phy: Avoid NPD upon phy_detach() when driver is unbound
    - net: phy: Do not warn in phy_stop() on PHY_DOWN
    - net: qrtr: check skb_put_padto() return value
    - net: add __must_check to skb_put_padto()
    - mm: memcg: fix memcg reclaim soft lockup
    - iommu/amd: Use cmpxchg_double() when updating 128-bit IRTE
    - Linux 5.4.68
  * *-tools-common packages descriptions have typo "PGKVER" (LP: #1898903)
    - [Packaging] Fix typo in -tools template s/PGKVER/PKGVER/
  * tc/ebpf: unable to use BPF_FUNC_skb_change_head (LP: #1896504)
    - net: bpf: Allow TC programs to call BPF_FUNC_skb_change_head
  * HP Zbook Studio G7 boots into corrupted screen with PSR featured panel
    (LP: #1897501)
    - SAUCE: drm/i915/psr: allow overriding PSR disable param by quirk
    - SAUCE: drm/dp: add DP_QUIRK_FORCE_PSR_CHIP_DEFAULT quirk to CMN prod-ID
      19-15
  * Fix broken e1000e device after S3 (LP: #1897755)
    - SAUCE: e1000e: Increase polling timeout on MDIC ready bit
  * debian/rules editconfigs does not work on s390x to change s390x only configs
    (LP: #1863116)
    - [Packaging] kernelconfig -- only update/edit configurations on architectures
      we have compiler support
  * acpi event detection crashes (LP: #1896482)
    - ACPI: EC: tweak naming in preparation for GpioInt support
    - ACPI: EC: add support for hardware-reduced systems
    - ACPI: EC: Avoid passing redundant argument to functions
    - ACPI: EC: Consolidate event handler installation code
  * mwifiex stops working after kernel upgrade (LP: #1897299)
    - mwifiex: Increase AES key storage size to 256 bits
  * Remove NVMe suspend-to-idle workaround (LP: #1897227)
    - Revert "UBUTU: SAUCE: pci: prevent Intel NVMe SSDPEKKF from entering D3"
    - Revert "UBUNTU: SAUCE: pci: prevent sk hynix nvme from entering D3"
  * Request for CIFS patches to be available in 5.4 kernel (LP: #1896642)
    - smb3: remove unused flag passed into close functions
    - smb3: query attributes on file close
  * Lenovo ThinkBook 14-IML Touchpad not showing up in /proc/bus/input/devices
    (LP: #1853277)
    - i2c: core: Call i2c_acpi_install_space_handler() before
      i2c_acpi_register_devices()
  * [Ubuntu 20.10] zPCI DMA tables and bitmap leak on hard unplug (PCI Event
    0x0304) (LP: #1896216)
    - s390/pci: fix leak of DMA tables on hard unplug
  * Thunderbolt3 daisy chain sometimes doesn't work (LP: #1895606)
    - thunderbolt: Retry DROM read once if parsing fails
  * btrfs: trimming a btrfs device which has been shrunk previously fails and
    fills root disk with garbage data (LP: #1896154)
    - btrfs: trim: fix underflow in trim length to prevent access beyond device
      boundary
  * EFA: add support for 0xefa1 devices (LP: #1896791)
    - RDMA/efa: Expose maximum TX doorbell batch
    - RDMA/efa: Expose minimum SQ size
    - RDMA/efa: User/kernel compatibility handshake mechanism
    - RDMA/efa: Add EFA 0xefa1 PCI ID
  * Focal update: v5.4.67 upstream stable release (LP: #1896828)
    - gfs2: initialize transaction tr_ailX_lists earlier
    - RDMA/bnxt_re: Restrict the max_gids to 256
    - dsa: Allow forwarding of redirected IGMP traffic
    - net: handle the return value of pskb_carve_frag_list() correctly
    - hv_netvsc: Remove "unlikely" from netvsc_select_queue
    - firmware_loader: fix memory leak for paged buffer
    - NFSv4.1 handle ERR_DELAY error reclaiming locking state on delegation recall
    - scsi: pm8001: Fix memleak in pm8001_exec_internal_task_abort
    - scsi: libfc: Fix for double free()
    - scsi: lpfc: Fix FLOGI/PLOGI receive race condition in pt2pt discovery
    - regulator: pwm: Fix machine constraints application
    - spi: spi-loopback-test: Fix out-of-bounds read
    - NFS: Zero-stateid SETATTR should first return delegation
    - SUNRPC: stop printk reading past end of string
    - rapidio: Replace 'select' DMAENGINES 'with depends on'
    - cifs: fix DFS mount with cifsacl/modefromsid
    - openrisc: Fix cache API compile issue when not inlining
    - nvme-fc: cancel async events before freeing event struct
    - nvme-rdma: cancel async events before freeing event struct
    - nvme-tcp: cancel async events before freeing event struct
    - block: only call sched requeue_request() for scheduled requests
    - f2fs: fix indefinite loop scanning for free nid
    - f2fs: Return EOF on unaligned end of file DIO read
    - i2c: algo: pca: Reapply i2c bus settings after reset
    - spi: Fix memory leak on splited transfers
    - KVM: MIPS: Change the definition of kvm type
    - clk: davinci: Use the correct size when allocating memory
    - clk: rockchip: Fix initialization of mux_pll_src_4plls_p
    - ASoC: qcom: Set card->owner to avoid warnings
    - ASoC: qcom: common: Fix refcount imbalance on error
    - powerpc/book3s64/radix: Fix boot failure with large amount of guest memory
    - ASoC: meson: axg-toddr: fix channel order on g12 platforms
    - Drivers: hv: vmbus: hibernation: do not hang forever in vmbus_bus_resume()
    - scsi: libsas: Fix error path in sas_notify_lldd_dev_found()
    - arm64: Allow CPUs unffected by ARM erratum 1418040 to come in late
    - Drivers: hv: vmbus: Add timeout to vmbus_wait_for_unload
    - perf test: Fix the "signal" test inline assembly
    - MIPS: SNI: Fix MIPS_L1_CACHE_SHIFT
    - perf evlist: Fix cpu/thread map leak
    - perf parse-event: Fix memory leak in evsel->unit
    - perf test: Free formats for perf pmu parse test
    - fbcon: Fix user font detection test at fbcon_resize().
    - MIPS: SNI: Fix spurious interrupts
    - drm/mediatek: Add exception handing in mtk_drm_probe() if component init
      fail
    - drm/mediatek: Add missing put_device() call in mtk_hdmi_dt_parse_pdata()
    - arm64: bpf: Fix branch offset in JIT
    - iommu/amd: Fix potential @entry null deref
    - i2c: mxs: use MXS_DMA_CTRL_WAIT4END instead of DMA_CTRL_ACK
    - riscv: Add sfence.vma after early page table changes
    - drm/i915: Filter wake_flags passed to default_wake_function
    - USB: quirks: Add USB_QUIRK_IGNORE_REMOTE_WAKEUP quirk for BYD zhaoxin
      notebook
    - USB: UAS: fix disconnect by unplugging a hub
    - usblp: fix race between disconnect() and read()
    - i2c: i801: Fix resume bug
    - Revert "ALSA: hda - Fix silent audio output and corrupted input on MSI
      X570-A PRO"
    - ALSA: hda: fixup headset for ASUS GX502 laptop
    - ALSA: hda/realtek - The Mic on a RedmiBook doesn't work
    - percpu: fix first chunk size calculation for populated bitmap
    - Input: trackpoint - add new trackpoint variant IDs
    - Input: i8042 - add Entroware Proteus EL07R4 to nomux and reset lists
    - serial: 8250_pci: Add Realtek 816a and 816b
    - x86/boot/compressed: Disable relocation relaxation
    - s390/zcrypt: fix kmalloc 256k failure
    - ehci-hcd: Move include to keep CRC stable
    - powerpc/dma: Fix dma_map_ops::get_required_mask
    - selftests/vm: fix display of page size in map_hugetlb
    - dm/dax: Fix table reference counts
    - mm/memory_hotplug: drain per-cpu pages again during memory offline
    - dm: Call proper helper to determine dax support
    - dax: Fix compilation for CONFIG_DAX && !CONFIG_FS_DAX
    - Linux 5.4.67
  * Focal update: v5.4.67 upstream stable release (LP: #1896828) // Cherry Pick
    needed for Critical upstream patch for Kernel null pointer dereference -
    usb-c altmode (LP: #1897963)
    - usb: typec: ucsi: Prevent mode overrun
  * Focal update: v5.4.66 upstream stable release (LP: #1896824)
    - ARM: dts: logicpd-torpedo-baseboard: Fix broken audio
    - ARM: dts: logicpd-som-lv-baseboard: Fix broken audio
    - ARM: dts: logicpd-som-lv-baseboard: Fix missing video
    - regulator: push allocation in regulator_ena_gpio_request() out of lock
    - regulator: remove superfluous lock in regulator_resolve_coupling()
    - ARM: dts: socfpga: fix register entry for timer3 on Arria10
    - ARM: dts: ls1021a: fix QuadSPI-memory reg range
    - ARM: dts: imx7ulp: Correct gpio ranges
    - RDMA/rxe: Fix memleak in rxe_mem_init_user
    - RDMA/rxe: Drop pointless checks in rxe_init_ports
    - RDMA/rxe: Fix panic when calling kmem_cache_create()
    - RDMA/bnxt_re: Do not report transparent vlan from QP1
    - drm/sun4i: add missing put_device() call in sun8i_r40_tcon_tv_set_mux()
    - arm64: dts: imx8mq: Fix TMU interrupt property
    - drm/sun4i: Fix dsi dcs long write function
    - iio: adc: mcp3422: fix locking on error path
    - iio: adc: mcp3422: fix locking scope
    - scsi: libsas: Set data_dir as DMA_NONE if libata marks qc as NODATA
    - RDMA/core: Fix reported speed and width
    - scsi: megaraid_sas: Don't call disable_irq from process IRQ poll
    - scsi: mpt3sas: Don't call disable_irq from IRQ poll handler
    - soundwire: fix double free of dangling pointer
    - drm/sun4i: backend: Support alpha property on lowest plane
    - drm/sun4i: backend: Disable alpha on the lowest plane on the A20
    - mmc: sdhci-acpi: Clear amd_sdhci_host on reset
    - mmc: sdhci-msm: Add retries when all tuning phases are found valid
    - spi: stm32: Rate-limit the 'Communication suspended' message
    - nvme-fabrics: allow to queue requests for live queues
    - spi: stm32: fix pm_runtime_get_sync() error checking
    - block: Set same_page to false in __bio_try_merge_page if ret is false
    - IB/isert: Fix unaligned immediate-data handling
    - ARM: dts: bcm: HR2: Fixed QSPI compatible string
    - ARM: dts: NSP: Fixed QSPI compatible string
    - ARM: dts: BCM5301X: Fixed QSPI compatible string
    - arm64: dts: ns2: Fixed QSPI compatible string
    - ARC: HSDK: wireup perf irq
    - dmaengine: acpi: Put the CSRT table after using it
    - netfilter: conntrack: allow sctp hearbeat after connection re-use
    - drivers/net/wan/lapbether: Added needed_tailroom
    - NFC: st95hf: Fix memleak in st95hf_in_send_cmd
    - firestream: Fix memleak in fs_open
    - ALSA: hda: Fix 2 channel swapping for Tegra
    - ALSA: hda/tegra: Program WAKEEN register for Tegra
    - drivers/dma/dma-jz4780: Fix race condition between probe and irq handler
    - net: hns3: Fix for geneve tx checksum bug
    - xfs: fix off-by-one in inode alloc block reservation calculation
    - drivers/net/wan/lapbether: Set network_header before transmitting
    - cfg80211: Adjust 6 GHz frequency to channel conversion
    - xfs: initialize the shortform attr header padding entry
    - irqchip/eznps: Fix build error for !ARC700 builds
    - nvmet-tcp: Fix NULL dereference when a connect data comes in h2cdata pdu
    - nvme-fabrics: don't check state NVME_CTRL_NEW for request acceptance
    - nvme: have nvme_wait_freeze_timeout return if it timed out
    - nvme-tcp: serialize controller teardown sequences
    - nvme-tcp: fix timeout handler
    - nvme-tcp: fix reset hang if controller died in the middle of a reset
    - nvme-rdma: serialize controller teardown sequences
    - nvme-rdma: fix timeout handler
    - nvme-rdma: fix reset hang if controller died in the middle of a reset
    - nvme-pci: cancel nvme device request before disabling
    - HID: quirks: Set INCREMENT_USAGE_ON_DUPLICATE for all Saitek X52 devices
    - HID: microsoft: Add rumble support for the 8bitdo SN30 Pro+ controller
    - drivers/net/wan/hdlc_cisco: Add hard_header_len
    - HID: elan: Fix memleak in elan_input_configured
    - ARC: [plat-hsdk]: Switch ethernet phy-mode to rgmii-id
    - cpufreq: intel_pstate: Refuse to turn off with HWP enabled
    - cpufreq: intel_pstate: Fix intel_pstate_get_hwp_max() for turbo disabled
    - arm64/module: set trampoline section flags regardless of
      CONFIG_DYNAMIC_FTRACE
    - ALSA: hda: hdmi - add Rocketlake support
    - ALSA: hda: fix a runtime pm issue in SOF when integrated GPU is disabled
    - drm/amdgpu: Fix bug in reporting voltage for CIK
    - iommu/amd: Do not use IOMMUv2 functionality when SME is active
    - gcov: Disable gcov build with GCC 10
    - iio: adc: ti-ads1015: fix conversion when CONFIG_PM is not set
    - iio: cros_ec: Set Gyroscope default frequency to 25Hz
    - iio:light:ltr501 Fix timestamp alignment issue.
    - iio:proximity:mb1232: Fix timestamp alignment and prevent data leak.
    - iio:accel:bmc150-accel: Fix timestamp alignment and prevent data leak.
    - iio:adc:ti-adc084s021 Fix alignment and data leak issues.
    - iio:adc:ina2xx Fix timestamp alignment issue.
    - iio:adc:max1118 Fix alignment of timestamp and data leak issues
    - iio:adc:ti-adc081c Fix alignment and data leak issues
    - iio:magnetometer:ak8975 Fix alignment and data leak issues.
    - iio:light:max44000 Fix timestamp alignment and prevent data leak.
    - iio:chemical:ccs811: Fix timestamp alignment and prevent data leak.
    - iio: accel: kxsd9: Fix alignment of local buffer.
    - iio:accel:mma7455: Fix timestamp alignment and prevent data leak.
    - iio:accel:mma8452: Fix timestamp alignment and prevent data leak.
    - staging: wlan-ng: fix out of bounds read in prism2sta_probe_usb()
    - btrfs: require only sector size alignment for parent eb bytenr
    - btrfs: fix lockdep splat in add_missing_dev
    - btrfs: fix wrong address when faulting in pages in the search ioctl
    - kobject: Restore old behaviour of kobject_del(NULL)
    - regulator: push allocation in regulator_init_coupling() outside of lock
    - regulator: push allocations in create_regulator() outside of lock
    - regulator: push allocation in set_consumer_device_supply() out of lock
    - regulator: plug of_node leak in regulator_register()'s error path
    - regulator: core: Fix slab-out-of-bounds in regulator_unlock_recursive()
    - scsi: target: iscsi: Fix data digest calculation
    - scsi: target: iscsi: Fix hang in iscsit_access_np() when getting
      tpg->np_login_sem
    - drm/i915/gvt: do not check len & max_len for lri
    - drm/tve200: Stabilize enable/disable
    - drm/msm: Disable preemption on all 5xx targets
    - mmc: sdio: Use mmc_pre_req() / mmc_post_req()
    - mmc: sdhci-of-esdhc: Don't walk device-tree on every interrupt
    - rbd: require global CAP_SYS_ADMIN for mapping and unmapping
    - RDMA/rxe: Fix the parent sysfs read when the interface has 15 chars
    - RDMA/mlx4: Read pkey table length instead of hardcoded value
    - fbcon: remove soft scrollback code
    - fbcon: remove now unusued 'softback_lines' cursor() argument
    - vgacon: remove software scrollback support
    - [Config] updateconfigs for VGACON_SOFT_SCROLLBACK
    - KVM: VMX: Don't freeze guest when event delivery causes an APIC-access exit
    - KVM: arm64: Do not try to map PUDs when they are folded into PMD
    - KVM: fix memory leak in kvm_io_bus_unregister_dev()
    - debugfs: Fix module state check condition
    - ARM: dts: vfxxx: Add syscon compatible with OCOTP
    - video: fbdev: fix OOB read in vga_8planes_imageblit()
    - staging: greybus: audio: fix uninitialized value issue
    - phy: qcom-qmp: Use correct values for ipq8074 PCIe Gen2 PHY init
    - usb: core: fix slab-out-of-bounds Read in read_descriptors
    - USB: serial: ftdi_sio: add IDs for Xsens Mti USB converter
    - USB: serial: option: support dynamic Quectel USB compositions
    - USB: serial: option: add support for SIM7070/SIM7080/SIM7090 modules
    - usb: Fix out of sync data toggle if a configured device is reconfigured
    - usb: typec: ucsi: acpi: Check the _DEP dependencies
    - drm/msm/gpu: make ringbuffer readonly
    - drm/msm: Disable the RPTR shadow
    - gcov: add support for GCC 10.1
    - Linux 5.4.66

[ Ubuntu: 5.4.0-54.60 ]

* Packaging resync (LP: #1786013)
    - update dkms package versions
  * Introduce the new NVIDIA 455 series (LP: #1902093)
    - [Packaging] NVIDIA -- Add the NVIDIA 455 driver

[ Ubuntu: 5.4.0-53.59 ]

* CVE-2020-8694
    - powercap: make attributes only readable by root

[ Ubuntu: 5.4.0-52.57 ]

* focal/linux: 5.4.0-52.57 -proposed tracker (LP: #1899920)
  * CVE-2020-12351 // CVE-2020-12352 // CVE-2020-24490
    - Bluetooth: Disable High Speed by default
    - Bluetooth: MGMT: Fix not checking if BT_HS is enabled
    - [Config] Disable BlueZ highspeed support
  * CVE-2020-12351
    - Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel
  * CVE-2020-12352
    - Bluetooth: A2MP: Fix not initializing all members

[ Ubuntu: 5.4.0-51.56 ]

* Packaging resync (LP: #1786013)
    - update dkms package versions

-- Khalid Elmously <khalid.elmously@canonical.com>  Wed, 25 Nov 2020 23:49:45 -0500

Changed in linux-kvm (Ubuntu Focal):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2020-12-01:

Download full text (19.9 KiB)

This bug was fixed in the package linux-kvm - 4.4.0-1084.93

---------------
linux-kvm (4.4.0-1084.93) xenial; urgency=medium

* xenial/linux-kvm: 4.4.0-1084.93 -proposed tracker (LP: #1905657)

  * CONFIG options for (ipip, sit) should not be built-in to the KVM kernels
    (LP: #1899832)
    - [config] Set CONFIG_NET_IPIP and CONIG_IPV6_SIT =m

linux-kvm (4.4.0-1083.92) xenial; urgency=medium

* xenial/linux-kvm: 4.4.0-1083.92 -proposed tracker (LP: #1903099)

[ Ubuntu: 4.4.0-195.227 ]

This bug was fixed in the package linux-kvm - 4.4.0-1084.93

---------------
linux-kvm (4.4.0-1084.93) xenial; urgency=medium

* xenial/linux-kvm: 4.4.0-1084.93 -proposed tracker (LP: #1905657)

* CONFIG options for (ipip, sit) should not be built-in to the KVM kernels
    (LP: #1899832)
    - [config] Set CONFIG_NET_IPIP and CONIG_IPV6_SIT =m

linux-kvm (4.4.0-1083.92) xenial; urgency=medium

* xenial/linux-kvm: 4.4.0-1083.92 -proposed tracker (LP: #1903099)

[ Ubuntu: 4.4.0-195.227 ]

* xenial/linux: 4.4.0-195.227 -proposed tracker (LP: #1903107)
  * Update kernel packaging to support forward porting kernels (LP: #1902957)
    - [Debian] Update for leader included in BACKPORT_SUFFIX
  * Avoid double newline when running insertchanges (LP: #1903293)
    - [Packaging] insertchanges: avoid double newline
  * EFI: Fails when BootCurrent entry does not exist (LP: #1899993)
    - efivarfs: Replace invalid slashes with exclamation marks in dentries.
  * CVE-2020-14351
    - perf/core: Fix race in the perf_mmap_close() function
  * CVE-2020-25645
    - geneve: add transport ports in route lookup for geneve
  * Xenial update: v4.4.241 upstream stable release (LP: #1902097)
    - ibmveth: Identify ingress large send packets.
    - tipc: fix the skb_unshare() in tipc_buf_append()
    - net/ipv4: always honour route mtu during forwarding
    - r8169: fix data corruption issue on RTL8402
    - ALSA: bebob: potential info leak in hwdep_read()
    - mm/kasan: print name of mem[set,cpy,move]() caller in report
    - mm/kasan: add API to check memory regions
    - compiler.h, kasan: Avoid duplicating __read_once_size_nocheck()
    - compiler.h: Add read_word_at_a_time() function.
    - lib/strscpy: Shut up KASAN false-positives in strscpy()
    - x86/mm/ptdump: Fix soft lockup in page table walker
    - net: hdlc: In hdlc_rcv, check to make sure dev is an HDLC device
    - net: hdlc_raw_eth: Clear the IFF_TX_SKB_SHARING flag after calling
      ether_setup
    - nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in
      nfc_genl_fw_download()
    - tcp: fix to update snd_wl1 in bulk receiver fast path
    - icmp: randomize the global rate limiter
    - cifs: remove bogus debug code
    - ima: Don't ignore errors from crypto_shash_update()
    - EDAC/i5100: Fix error handling order in i5100_init_one()
    - crypto: ixp4xx - Fix the size used in a 'dma_free_coherent()' call
    - media: Revert "media: exynos4-is: Add missed check for
      pinctrl_lookup_state()"
    - media: m5mols: Check function pointer in m5mols_sensor_power
    - media: omap3isp: Fix memleak in isp_probe
    - crypto: omap-sham - fix digcnt register handling with export/import
    - media: tc358743: initialize variable
    - media: ti-vpe: Fix a missing check and reference count leak
    - ath6kl: prevent potential array overflow in ath6kl_add_new_sta()
    - ath9k: Fix potential out of bounds in ath9k_htc_txcompletion_cb()
    - wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680
    - mwifiex: Do not use GFP_KERNEL in atomic context
    - drm/gma500: fix error check
    - scsi: qla4xxx: Fix an error handling path in 'qla4xxx_get_host_stats()'
    - scsi: csiostor: Fix wrong return value in csio_hw_prep_fw()
    - backlight: sky81452-backlight: Fix refcount imbalance on error
    - VMCI: check return value of get_user_pages_fast() for errors
    - tty: serial: earlycon dependency
    - pty: do tty_flip_buffer_push without port->lock in pty_write
    - drivers/virt/fsl_hypervisor: Fix error handling path
    - video: fbdev: vga16fb: fix setting of pixclock because a pass-by-value error
    - video: fbdev: sis: fix null ptr dereference
    - HID: roccat: add bounds checking in kone_sysfs_write_settings()
    - ath6kl: wmi: prevent a shift wrapping bug in ath6kl_wmi_delete_pstream_cmd()
    - misc: mic: scif: Fix error handling path
    - ALSA: seq: oss: Avoid mutex lock for a long-time ioctl
    - quota: clear padding in v2r1_mem2diskdqb()
    - net: enic: Cure the enic api locking trainwreck
    - mfd: sm501: Fix leaks in probe()
    - usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well
    - nl80211: fix non-split wiphy information
    - mwifiex: fix double free
    - net: korina: fix kfree of rx/tx descriptor array
    - IB/mlx4: Adjust delayed work when a dup is observed
    - powerpc/pseries: Fix missing of_node_put() in rng_init()
    - powerpc/icp-hv: Fix missing of_node_put() in success path
    - mtd: lpddr: fix excessive stack usage with clang
    - mtd: mtdoops: Don't write panic data twice
    - ARM: 9007/1: l2c: fix prefetch bits init in L2X0_AUX_CTRL using DT values
    - powerpc/tau: Use appropriate temperature sample interval
    - powerpc/tau: Remove duplicated set_thresholds() call
    - powerpc/tau: Disable TAU between measurements
    - perf intel-pt: Fix "context_switch event has no tid" error
    - kdb: Fix pager search for multi-line strings
    - powerpc/perf/hv-gpci: Fix starting index value
    - cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_reboot_notifier
    - lib/crc32.c: fix trivial typo in preprocessor condition
    - vfio/pci: Clear token on bypass registration failure
    - Input: imx6ul_tsc - clean up some errors in imx6ul_tsc_resume()
    - Input: ep93xx_keypad - fix handling of platform_get_irq() error
    - Input: omap4-keypad - fix handling of platform_get_irq() error
    - Input: sun4i-ps2 - fix handling of platform_get_irq() error
    - KVM: x86: emulating RDPID failure shall return #UD rather than #GP
    - memory: omap-gpmc: Fix a couple off by ones
    - memory: fsl-corenet-cf: Fix handling of platform_get_irq() error
    - arm64: dts: zynqmp: Remove additional compatible string for i2c IPs
    - powerpc/powernv/opal-dump : Use IRQ_HANDLED instead of numbers in interrupt
      handler
    - powerpc/powernv/dump: Fix race while processing OPAL dump
    - media: firewire: fix memory leak
    - media: ati_remote: sanity check for both endpoints
    - media: exynos4-is: Fix several reference count leaks due to
      pm_runtime_get_sync
    - media: exynos4-is: Fix a reference count leak due to pm_runtime_get_sync
    - media: exynos4-is: Fix a reference count leak
    - media: bdisp: Fix runtime PM imbalance on error
    - media: media/pci: prevent memory leak in bttv_probe
    - media: uvcvideo: Ensure all probed info is returned to v4l2
    - mmc: sdio: Check for CISTPL_VERS_1 buffer size
    - media: saa7134: avoid a shift overflow
    - ntfs: add check for mft record size in superblock
    - PM: hibernate: remove the bogus call to get_gendisk() in software_resume()
    - scsi: mvumi: Fix error return in mvumi_io_attach()
    - scsi: target: core: Add CONTROL field for trace events
    - usb: gadget: function: printer: fix use-after-free in __lock_acquire
    - udf: Limit sparing table size
    - udf: Avoid accessing uninitialized data on failed inode read
    - ath9k: hif_usb: fix race condition between usb_get_urb() and
      usb_kill_anchored_urbs()
    - misc: rtsx: Fix memory leak in rtsx_pci_probe
    - reiserfs: only call unlock_new_inode() if I_NEW
    - xfs: make sure the rt allocator doesn't run off the end
    - usb: ohci: Default to per-port over-current protection
    - Bluetooth: Only mark socket zapped after unlocking
    - scsi: ibmvfc: Fix error return in ibmvfc_probe()
    - brcmsmac: fix memory leak in wlc_phy_attach_lcnphy
    - rtl8xxxu: prevent potential memory leak
    - Fix use after free in get_capset_info callback.
    - tty: ipwireless: fix error handling
    - ipvs: Fix uninit-value in do_ip_vs_set_ctl()
    - reiserfs: Fix memory leak in reiserfs_parse_options()
    - brcm80211: fix possible memleak in brcmf_proto_msgbuf_attach
    - usb: core: Solve race condition in anchor cleanup functions
    - ath10k: check idx validity in __ath10k_htt_rx_ring_fill_n()
    - net: korina: cast KSEG0 address to pointer in kfree
    - usb: cdc-acm: add quirk to blacklist ETAS ES58X devices
    - USB: cdc-wdm: Make wdm_flush() interruptible and add wdm_fsync().
    - Linux 4.4.241
  * Xenial update: v4.4.240 upstream stable release (LP: #1902096)
    - Bluetooth: MGMT: Fix not checking if BT_HS is enabled
    - Bluetooth: fix kernel oops in store_pending_adv_report
    - Bluetooth: Consolidate encryption handling in hci_encrypt_cfm
    - Bluetooth: Fix update of connection state in `hci_encrypt_cfm`
    - Bluetooth: Disconnect if E0 is used for Level 4
    - media: usbtv: Fix refcounting mixup
    - USB: serial: option: add Cellient MPL200 card
    - USB: serial: option: Add Telit FT980-KS composition
    - staging: comedi: check validity of wMaxPacketSize of usb endpoints found
    - USB: serial: pl2303: add device-id for HP GC device
    - USB: serial: ftdi_sio: add support for FreeCalypso JTAG+UART adapters
    - reiserfs: Initialize inode keys properly
    - reiserfs: Fix oops during mount
    - spi: unbinding slave before calling spi_destroy_queue
    - crypto: qat - check cipher length for aead AES-CBC-HMAC-SHA
    - Linux 4.4.240
  * Xenial update: v4.4.239 upstream stable release (LP: #1902095)
    - gpio: tc35894: fix up tc35894 interrupt configuration
    - Input: i8042 - add nopnp quirk for Acer Aspire 5 A515
    - drm/amdgpu: restore proper ref count in amdgpu_display_crtc_set_config
    - net: dec: de2104x: Increase receive ring size for Tulip
    - rndis_host: increase sleep time in the query-response loop
    - drivers/net/wan/lapbether: Make skb->protocol consistent with the header
    - drivers/net/wan/hdlc: Set skb->protocol before transmitting
    - nfs: Fix security label length not being reset
    - clk: samsung: exynos4: mark 'chipid' clock as CLK_IGNORE_UNUSED
    - iommu/exynos: add missing put_device() call in exynos_iommu_of_xlate()
    - i2c: cpm: Fix i2c_ram structure
    - epoll: do not insert into poll queues until all sanity checks are done
    - epoll: replace ->visited/visited_list with generation count
    - epoll: EPOLL_CTL_ADD: close the race in decision to take fast path
    - ep_create_wakeup_source(): dentry name can change under you...
    - netfilter: ctnetlink: add a range check for l3/l4 protonum
    - fbdev, newport_con: Move FONT_EXTRA_WORDS macros into linux/font.h
    - Fonts: Support FONT_EXTRA_WORDS macros for built-in fonts
    - Revert "ravb: Fixed to be able to unload modules"
    - fbcon: Fix global-out-of-bounds read in fbcon_get_font()
    - net: wireless: nl80211: fix out-of-bounds access in nl80211_del_key()
    - usermodehelper: reset umask to default before executing user process
    - platform/x86: thinkpad_acpi: initialize tp_nvram_state variable
    - platform/x86: thinkpad_acpi: re-initialize ACPI buffer size when reuse
    - driver core: Fix probe_count imbalance in really_probe()
    - perf top: Fix stdio interface input handling with glibc 2.28+
    - sctp: fix sctp_auth_init_hmacs() error path
    - team: set dev->needed_headroom in team_setup_by_port()
    - net: team: fix memory leak in __team_options_register
    - mtd: nand: Provide nand_cleanup() function to free NAND related resources
    - xfrm: clone XFRMA_REPLAY_ESN_VAL in xfrm_do_migrate
    - xfrm: clone whole liftime_cur structure in xfrm_do_migrate
    - net: stmmac: removed enabling eee in EEE set callback
    - xfrm: Use correct address family in xfrm_state_find
    - bonding: set dev->needed_headroom in bond_setup_by_slave()
    - rxrpc: Fix rxkad token xdr encoding
    - rxrpc: Downgrade the BUG() for unsupported token type in rxrpc_read()
    - rxrpc: Fix server keyring leak
    - net: usb: rtl8150: set random MAC address when set_ethernet_addr() fails
    - Linux 4.4.239
  * CVE-2020-12352
    - Bluetooth: A2MP: Fix not initializing all members
  * CVE-2020-0427
    - pinctrl: devicetree: Avoid taking direct reference to device name string
  * Xenial update: v4.4.238 upstream stable release (LP: #1899506)
    - af_key: pfkey_dump needs parameter validation
    - KVM: fix memory leak in kvm_io_bus_unregister_dev()
    - kprobes: fix kill kprobe which has been marked as gone
    - ftrace: Setup correct FTRACE_FL_REGS flags for module
    - RDMA/ucma: ucma_context reference leak in error path
    - mtd: Fix comparison in map_word_andequal()
    - hdlc_ppp: add range checks in ppp_cp_parse_cr()
    - tipc: use skb_unshare() instead in tipc_buf_append()
    - net: add __must_check to skb_put_padto()
    - ip: fix tos reflection in ack and reset packets
    - serial: 8250: Avoid error message on reprobe
    - scsi: aacraid: fix illegal IO beyond last LBA
    - m68k: q40: Fix info-leak in rtc_ioctl
    - gma/gma500: fix a memory disclosure bug due to uninitialized bytes
    - ASoC: kirkwood: fix IRQ error handling
    - PM / devfreq: tegra30: Fix integer overflow on CPU's freq max out
    - mtd: cfi_cmdset_0002: don't free cfi->cfiq in error path of
      cfi_amdstd_setup()
    - mfd: mfd-core: Protect against NULL call-back function pointer
    - tracing: Adding NULL checks for trace_array descriptor pointer
    - bcache: fix a lost wake-up problem caused by mca_cannibalize_lock
    - xfs: fix attr leaf header freemap.size underflow
    - kernel/sys.c: avoid copying possible padding bytes in copy_to_user
    - neigh_stat_seq_next() should increase position index
    - rt_cpu_seq_next should increase position index
    - seqlock: Require WRITE_ONCE surrounding raw_seqcount_barrier
    - ACPI: EC: Reference count query handlers under lock
    - tracing: Set kernel_stack's caller size properly
    - ar5523: Add USB ID of SMCWUSBT-G2 wireless adapter
    - Bluetooth: Fix refcount use-after-free issue
    - mm: pagewalk: fix termination condition in walk_pte_range()
    - Bluetooth: prefetch channel before killing sock
    - skbuff: fix a data race in skb_queue_len()
    - audit: CONFIG_CHANGE don't log internal bookkeeping as an event
    - selinux: sel_avc_get_stat_idx should increase position index
    - scsi: lpfc: Fix RQ buffer leakage when no IOCBs available
    - drm/omap: fix possible object reference leak
    - dmaengine: tegra-apb: Prevent race conditions on channel's freeing
    - media: go7007: Fix URB type for interrupt handling
    - Bluetooth: guard against controllers sending zero'd events
    - drm/amdgpu: increase atombios cmd timeout
    - Bluetooth: L2CAP: handle l2cap config request during open state
    - media: tda10071: fix unsigned sign extension overflow
    - tpm: ibmvtpm: Wait for buffer to be set before proceeding
    - tracing: Use address-of operator on section symbols
    - serial: 8250_omap: Fix sleeping function called from invalid context during
      probe
    - SUNRPC: Fix a potential buffer overflow in 'svc_print_xprts()'
    - ubifs: Fix out-of-bounds memory access caused by abnormal value of node_len
    - ALSA: usb-audio: Fix case when USB MIDI interface has more than one extra
      endpoint descriptor
    - mm/filemap.c: clear page error before actual read
    - mm/mmap.c: initialize align_offset explicitly for vm_unmapped_area
    - KVM: Remove CREATE_IRQCHIP/SET_PIT2 race
    - bdev: Reduce time holding bd_mutex in sync in blkdev_close()
    - drivers: char: tlclk.c: Avoid data race between init and interrupt handler
    - dt-bindings: sound: wm8994: Correct required supplies based on actual
      implementaion
    - atm: fix a memory leak of vcc->user_back
    - phy: samsung: s5pv210-usb2: Add delay after reset
    - Bluetooth: Handle Inquiry Cancel error after Inquiry Complete
    - USB: EHCI: ehci-mv: fix error handling in mv_ehci_probe()
    - tty: serial: samsung: Correct clock selection logic
    - ALSA: hda: Fix potential race in unsol event handler
    - fuse: don't check refcount after stealing page
    - USB: EHCI: ehci-mv: fix less than zero comparison of an unsigned int
    - e1000: Do not perform reset in reset_task if we are already down
    - printk: handle blank console arguments passed in.
    - vfio/pci: fix memory leaks of eventfd ctx
    - perf kcore_copy: Fix module map when there are no modules loaded
    - mtd: rawnand: omap_elm: Fix runtime PM imbalance on error
    - ceph: fix potential race in ceph_check_caps
    - mtd: parser: cmdline: Support MTD names containing one or more colons
    - x86/speculation/mds: Mark mds_user_clear_cpu_buffers() __always_inline
    - vfio/pci: Clear error and request eventfd ctx after releasing
    - vfio/pci: fix racy on error and request eventfd ctx
    - s390/init: add missing __init annotations
    - batman-adv: bla: fix type misuse for backbone_gw hash indexing
    - atm: eni: fix the missed pci_disable_device() for eni_init_one()
    - batman-adv: mcast/TT: fix wrongly dropped or rerouted packets
    - ALSA: asihpi: fix iounmap in error handler
    - MIPS: Add the missing 'CPU_1074K' into __get_cpu_type()
    - tty: vt, consw->con_scrolldelta cleanup
    - kprobes: Fix to check probe enabled before disarm_kprobe_ftrace()
    - lib/string.c: implement stpcpy
    - ata: define AC_ERR_OK
    - ata: make qc_prep return ata_completion_errors
    - ata: sata_mv, avoid trigerrable BUG_ON
    - Linux 4.4.238
  * *-tools-common packages descriptions have typo "PGKVER" (LP: #1898903)
    - [Packaging] Fix typo in -tools template s/PGKVER/PKGVER/
  * Xenial update: v4.4.237 upstream stable release (LP: #1897602)
    - ARM: dts: socfpga: fix register entry for timer3 on Arria10
    - scsi: libsas: Set data_dir as DMA_NONE if libata marks qc as NODATA
    - drivers/net/wan/lapbether: Added needed_tailroom
    - firestream: Fix memleak in fs_open
    - drivers/net/wan/lapbether: Set network_header before transmitting
    - xfs: initialize the shortform attr header padding entry
    - drivers/net/wan/hdlc_cisco: Add hard_header_len
    - ALSA: hda: fix a runtime pm issue in SOF when integrated GPU is disabled
    - gcov: Disable gcov build with GCC 10
    - iio: adc: mcp3422: fix locking scope
    - iio: adc: mcp3422: fix locking on error path
    - iio:light:ltr501 Fix timestamp alignment issue.
    - iio:accel:bmc150-accel: Fix timestamp alignment and prevent data leak.
    - iio:accel:mma8452: Fix timestamp alignment and prevent data leak.
    - USB: core: add helpers to retrieve endpoints
    - staging: wlan-ng: fix out of bounds read in prism2sta_probe_usb()
    - btrfs: fix wrong address when faulting in pages in the search ioctl
    - scsi: target: iscsi: Fix hang in iscsit_access_np() when getting
      tpg->np_login_sem
    - rbd: require global CAP_SYS_ADMIN for mapping and unmapping
    - fbcon: remove soft scrollback code
    - fbcon: remove now unusued 'softback_lines' cursor() argument
    - vgacon: remove software scrollback support
    - [Config] updateconfigs for VGACON_SOFT_SCROLLBACK
    - KVM: VMX: Don't freeze guest when event delivery causes an APIC-access exit
    - video: fbdev: fix OOB read in vga_8planes_imageblit()
    - USB: serial: ftdi_sio: add IDs for Xsens Mti USB converter
    - USB: serial: option: add support for SIM7070/SIM7080/SIM7090 modules
    - usb: Fix out of sync data toggle if a configured device is reconfigured
    - gcov: add support for GCC 10.1
    - NFSv4.1 handle ERR_DELAY error reclaiming locking state on delegation recall
    - scsi: pm8001: Fix memleak in pm8001_exec_internal_task_abort
    - scsi: lpfc: Fix FLOGI/PLOGI receive race condition in pt2pt discovery
    - SUNRPC: stop printk reading past end of string
    - rapidio: Replace 'select' DMAENGINES 'with depends on'
    - i2c: algo: pca: Reapply i2c bus settings after reset
    - MIPS: SNI: Fix MIPS_L1_CACHE_SHIFT
    - perf test: Free formats for perf pmu parse test
    - fbcon: Fix user font detection test at fbcon_resize().
    - MIPS: SNI: Fix spurious interrupts
    - USB: quirks: Add USB_QUIRK_IGNORE_REMOTE_WAKEUP quirk for BYD zhaoxin
      notebook
    - USB: UAS: fix disconnect by unplugging a hub
    - usblp: fix race between disconnect() and read()
    - Input: i8042 - add Entroware Proteus EL07R4 to nomux and reset lists
    - serial: 8250_pci: Add Realtek 816a and 816b
    - ehci-hcd: Move include to keep CRC stable
    - powerpc/dma: Fix dma_map_ops::get_required_mask
    - x86/defconfig: Enable CONFIG_USB_XHCI_HCD=y
    - Linux 4.4.237

[ Ubuntu: 4.4.0-194.226 ]

* CVE-2020-8694
    - powercap: make attributes only readable by root

-- Khalid Elmously <khalid.elmously@canonical.com>  Thu, 26 Nov 2020 01:21:51 -0500

Changed in linux-kvm (Ubuntu Xenial):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2020-12-01:

Download full text (50.5 KiB)

This bug was fixed in the package linux-kvm - 5.8.0-1011.12

---------------
linux-kvm (5.8.0-1011.12) groovy; urgency=medium

* groovy/linux-kvm: 5.8.0-1011.12 -proposed tracker (LP: #1905660)

  * CONFIG options for (ipip, sit) should not be built-in to the KVM kernels
    (LP: #1899832)
    - [config] Set CONFIG_NET_IPIP and CONIG_IPV6_SIT =m

linux-kvm (5.8.0-1010.11) groovy; urgency=medium

* groovy/linux-kvm: 5.8.0-1010.11 -proposed tracker (LP: #1903188)

[ Ubuntu: 5.8.0-30.32 ]

This bug was fixed in the package linux-kvm - 5.8.0-1011.12

---------------
linux-kvm (5.8.0-1011.12) groovy; urgency=medium

* groovy/linux-kvm: 5.8.0-1011.12 -proposed tracker (LP: #1905660)

* CONFIG options for (ipip, sit) should not be built-in to the KVM kernels
    (LP: #1899832)
    - [config] Set CONFIG_NET_IPIP and CONIG_IPV6_SIT =m

linux-kvm (5.8.0-1010.11) groovy; urgency=medium

* groovy/linux-kvm: 5.8.0-1010.11 -proposed tracker (LP: #1903188)

[ Ubuntu: 5.8.0-30.32 ]

* groovy/linux: 5.8.0-30.32 -proposed tracker (LP: #1903194)
  * Update kernel packaging to support forward porting kernels (LP: #1902957)
    - [Debian] Update for leader included in BACKPORT_SUFFIX
  * Avoid double newline when running insertchanges (LP: #1903293)
    - [Packaging] insertchanges: avoid double newline
  * EFI: Fails when BootCurrent entry does not exist (LP: #1899993)
    - efivarfs: Replace invalid slashes with exclamation marks in dentries.
  * raid10: Block discard is very slow, causing severe delays for mkfs and
    fstrim operations (LP: #1896578)
    - md: add md_submit_discard_bio() for submitting discard bio
    - md/raid10: extend r10bio devs to raid disks
    - md/raid10: pull codes that wait for blocked dev into one function
    - md/raid10: improve raid10 discard request
    - md/raid10: improve discard request for far layout
    - dm raid: fix discard limits for raid1 and raid10
    - dm raid: remove unnecessary discard limits for raid10
  * Bionic: btrfs: kernel BUG at /build/linux-
    eTBZpZ/linux-4.15.0/fs/btrfs/ctree.c:3233! (LP: #1902254)
    - btrfs: extent_io: do extra check for extent buffer read write functions
    - btrfs: extent-tree: kill BUG_ON() in __btrfs_free_extent()
    - btrfs: extent-tree: kill the BUG_ON() in insert_inline_extent_backref()
    - btrfs: ctree: check key order before merging tree blocks
  * Tiger Lake PMC core driver fixes (LP: #1899883)
    - platform/x86: intel_pmc_core: update TGL's LPM0 reg bit map name
    - platform/x86: intel_pmc_core: fix bound check in pmc_core_mphy_pg_show()
    - platform/x86: pmc_core: Use descriptive names for LPM registers
    - platform/x86: intel_pmc_core: Fix TigerLake power gating status map
    - platform/x86: intel_pmc_core: Fix the slp_s0 counter displayed value
  * drm/i915/dp_mst - System would hang during the boot up. (LP: #1902469)
    - Revert "UBUNTU: SAUCE: drm/i915/display: Fix null deref in
      intel_psr_atomic_check()"
    - drm/i915: Fix encoder lookup during PSR atomic check
  * Undetected Data corruption in MPI workloads that use VSX for reductions on
    POWER9 DD2.1 systems (LP: #1902694)
    - powerpc: Fix undetected data corruption with P9N DD2.1 VSX CI load emulation
    - selftests/powerpc: Make alignment handler test P9N DD2.1 vector CI load
      workaround
  * [20.04 FEAT] Support/enhancement of NVMe IPL (LP: #1902179)
    - s390/ipl: support NVMe IPL kernel parameters
  * uvcvideo: add mapping for HEVC payloads (LP: #1895803)
    - media: uvcvideo: Add mapping for HEVC payloads
  * risc-v 5.8 kernel oops on ftrace tests (LP: #1894613)
    - stop_machine, rcu: Mark functions as notrace
  * Groovy update: v5.8.17 upstream stable release (LP: #1902137)
    - xgb4: handle 4-tuple PEDIT to NAT mode translation
    - ibmveth: Switch order of ibmveth_helper calls.
    - ibmveth: Identify ingress large send packets.
    - ipv4: Restore flowi4_oif update before call to xfrm_lookup_route
    - mlx4: handle non-napi callers to napi_poll
    - net: dsa: microchip: fix race condition
    - net: fec: Fix phy_device lookup for phy_reset_after_clk_enable()
    - net: fec: Fix PHY init after phy_reset_after_clk_enable()
    - net: fix pos incrementment in ipv6_route_seq_next
    - net: ipa: skip suspend/resume activities if not set up
    - net: mptcp: make DACK4/DACK8 usage consistent among all subflows
    - net: sched: Fix suspicious RCU usage while accessing tcf_tunnel_info
    - net/smc: fix use-after-free of delayed events
    - net/smc: fix valid DMBE buffer sizes
    - net/tls: sendfile fails with ktls offload
    - net: usb: qmi_wwan: add Cellient MPL200 card
    - tipc: fix the skb_unshare() in tipc_buf_append()
    - socket: fix option SO_TIMESTAMPING_NEW
    - socket: don't clear SOCK_TSTAMP_NEW when SO_TIMESTAMPNS is disabled
    - can: m_can_platform: don't call m_can_class_suspend in runtime suspend
    - can: j1935: j1939_tp_tx_dat_new(): fix missing initialization of skbcnt
    - net: j1939: j1939_session_fresh_new(): fix missing initialization of skbcnt
    - net/ipv4: always honour route mtu during forwarding
    - net_sched: remove a redundant goto chain check
    - r8169: fix data corruption issue on RTL8402
    - binder: fix UAF when releasing todo list
    - ALSA: bebob: potential info leak in hwdep_read()
    - ALSA: hda/hdmi: fix incorrect locking in hdmi_pcm_close
    - tipc: re-configure queue limit for broadcast link
    - tipc: fix incorrect setting window for bcast link
    - chelsio/chtls: fix socket lock
    - chelsio/chtls: correct netdevice for vlan interface
    - chelsio/chtls: fix panic when server is on ipv6
    - chelsio/chtls: Fix panic when listen on multiadapter
    - chelsio/chtls: correct function return and return type
    - chelsio/chtls: fix writing freed memory
    - ibmvnic: save changed mac address to adapter->mac_addr
    - icmp: randomize the global rate limiter
    - mptcp: initialize mptcp_options_received's ahmac
    - net: ftgmac100: Fix Aspeed ast2600 TX hang issue
    - net: hdlc: In hdlc_rcv, check to make sure dev is an HDLC device
    - net: hdlc_raw_eth: Clear the IFF_TX_SKB_SHARING flag after calling
      ether_setup
    - net: Properly typecast int values to set sk_max_pacing_rate
    - net/sched: act_ct: Fix adding udp port mangle operation
    - net/sched: act_tunnel_key: fix OOB write in case of IPv6 ERSPAN tunnels
    - nexthop: Fix performance regression in nexthop deletion
    - nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in
      nfc_genl_fw_download()
    - r8169: fix operation under forced interrupt threading
    - selftests: forwarding: Add missing 'rp_filter' configuration
    - tcp: fix to update snd_wl1 in bulk receiver fast path
    - net: ethernet: mtk-star-emac: select REGMAP_MMIO
    - net/sched: act_gate: Unlock ->tcfa_lock in tc_setup_flow_action()
    - ALSA: hda - Don't register a cb func if it is registered already
    - ALSA: hda - Fix the return value if cb func is already registered
    - ALSA: usb-audio: Line6 Pod Go interface requires static clock rate quirk
    - ALSA: hda/realtek - set mic to auto detect on a HP AIO machine
    - ALSA: hda/realtek - Add mute Led support for HP Elitebook 845 G7
    - ALSA: hda/realtek: Enable audio jacks of ASUS D700SA with ALC887
    - cifs: remove bogus debug code
    - cifs: Return the error from crypt_message when enc/dec key not found.
    - SMB3: Resolve data corruption of TCP server info fields
    - SMB3.1.1: Fix ids returned in POSIX query dir
    - smb3: do not try to cache root directory if dir leases not supported
    - smb3: fix stat when special device file and mounted with modefromsid
    - arm64: Make use of ARCH_WORKAROUND_1 even when KVM is not enabled
    - KVM: nVMX: Morph notification vector IRQ on nested VM-Enter to pending PI
    - KVM: nVMX: Reset the segment cache when stuffing guest segs
    - KVM: nVMX: Reload vmcs01 if getting vmcs12's pages fails
    - KVM: x86/mmu: Commit zap of remaining invalid pages when recovering lpages
    - KVM: x86: Intercept LA57 to inject #GP fault when it's reserved
    - KVM: SVM: Initialize prev_ga_tag before use
    - ima: Don't ignore errors from crypto_shash_update()
    - crypto: algif_aead - Do not set MAY_BACKLOG on the async path
    - crypto: caam/qi - add fallback for XTS with more than 8B IV
    - crypto: caam/qi - add support for more XTS key lengths
    - RAS/CEC: Fix cec_init() prototype
    - sched/fair: Fix wrong negative conversion in find_energy_efficient_cpu()
    - microblaze: fix kbuild redundant file warning
    - EDAC/i5100: Fix error handling order in i5100_init_one()
    - EDAC/aspeed: Fix handling of platform_get_irq() error
    - EDAC/ti: Fix handling of platform_get_irq() error
    - perf/x86/intel/ds: Fix x86_pmu_stop warning for large PEBS
    - x86/fpu: Allow multiple bits in clearcpuid= parameter
    - arm64: kprobe: add checks for ARMv8.3-PAuth combined instructions
    - drivers/perf: xgene_pmu: Fix uninitialized resource struct
    - drivers/perf: thunderx2_pmu: Fix memory resource error handling
    - sched/fair: Fix wrong cpu selecting from isolated domain
    - sched/fair: Use dst group while checking imbalance for NUMA balancer
    - arm64: perf: Add missing ISB in armv8pmu_enable_counter()
    - perf/x86/intel/uncore: Update Ice Lake uncore units
    - perf/x86/intel/uncore: Reduce the number of CBOX counters
    - perf/x86/intel/uncore: Fix the scale of the IMC free-running events
    - x86/nmi: Fix nmi_handle() duration miscalculation
    - x86/events/amd/iommu: Fix sizeof mismatch
    - pinctrl: qcom: Set IRQCHIP_SET_TYPE_MASKED and IRQCHIP_MASK_ON_SUSPEND flags
    - pinctrl: qcom: Use return value from irq_set_wake() call
    - perf/x86: Fix n_pair for cancelled txn
    - perf/core: Fix race in the perf_mmap_close() function
    - crypto: algif_skcipher - EBUSY on aio should be an error
    - crypto: mediatek - Fix wrong return value in mtk_desc_ring_alloc()
    - crypto: ixp4xx - Fix the size used in a 'dma_free_coherent()' call
    - crypto: picoxcell - Fix potential race condition bug
    - media: vivid: Fix global-out-of-bounds read in precalculate_color()
    - media: tuner-simple: fix regression in simple_set_radio_freq
    - crypto: ccree - fix runtime PM imbalance on error
    - media: Revert "media: exynos4-is: Add missed check for
      pinctrl_lookup_state()"
    - media: hantro: h264: Get the correct fallback reference buffer
    - media: hantro: postproc: Fix motion vector space allocation
    - media: ov5640: Correct Bit Div register in clock tree diagram
    - media: m5mols: Check function pointer in m5mols_sensor_power
    - fscrypt: restrict IV_INO_LBLK_32 to ino_bits <= 32
    - media: uvcvideo: Set media controller entity functions
    - media: uvcvideo: Silence shift-out-of-bounds warning
    - media: staging/intel-ipu3: css: Correctly reset some memory
    - media: omap3isp: Fix memleak in isp_probe
    - media: i2c: ov5640: Remain in power down for DVP mode unless streaming
    - media: i2c: ov5640: Separate out mipi configuration from s_power
    - media: i2c: ov5640: Enable data pins on poweron for DVP mode
    - media: rcar_drif: Fix fwnode reference leak when parsing DT
    - media: rcar_drif: Allocate v4l2_async_subdev dynamically
    - media: rcar-csi2: Allocate v4l2_async_subdev dynamically
    - spi: fsi: Handle 9 to 15 byte transfers lengths
    - spi: fsi: Fix use of the bneq+ sequencer instruction
    - spi: fsi: Implement restricted size for certain controllers
    - spi: dw-pci: free previously allocated IRQs if desc->setup() fails
    - crypto: omap-sham - fix digcnt register handling with export/import
    - hwmon: (pmbus/max34440) Fix status register reads for MAX344{51,60,61}
    - hwmon: (w83627ehf) Fix a resource leak in probe
    - cypto: mediatek - fix leaks in mtk_desc_ring_alloc
    - crypto: stm32/crc32 - Avoid lock if hardware is already used
    - crypto: sun8i-ce - handle endianness of t_common_ctl
    - media: mx2_emmaprp: Fix memleak in emmaprp_probe
    - media: tc358743: initialize variable
    - media: tc358743: cleanup tc358743_cec_isr
    - media: rcar-vin: Fix a reference count leak.
    - media: rockchip/rga: Fix a reference count leak.
    - media: platform: fcp: Fix a reference count leak.
    - media: camss: Fix a reference count leak.
    - media: s5p-mfc: Fix a reference count leak
    - media: stm32-dcmi: Fix a reference count leak
    - media: ti-vpe: Fix a missing check and reference count leak
    - regulator: resolve supply after creating regulator
    - pinctrl: bcm: fix kconfig dependency warning when !GPIOLIB
    - spi: spi-s3c64xx: swap s3c64xx_spi_set_cs() and s3c64xx_enable_datapath()
    - spi: spi-s3c64xx: Check return values
    - hwmon: (bt1-pvt) Test sensor power supply on probe
    - hwmon: (bt1-pvt) Cache current update timeout
    - hwmon: (bt1-pvt) Wait for the completion with timeout
    - btrfs: add owner and fs_info to alloc_state io_tree
    - blk-mq: move cancel of hctx->run_work to the front of blk_exit_queue
    - ath10k: provide survey info as accumulated data
    - drm/vkms: fix xrgb on compute crc
    - Bluetooth: hci_uart: Cancel init work before unregistering
    - drm/amd/display: Fix wrong return value in dm_update_plane_state()
    - drm/vgem: add missing platform_device_unregister() in vgem_init()
    - drm/vkms: add missing platform_device_unregister() in vkms_init()
    - drm: panel: Fix bus format for OrtusTech COM43H4M85ULC panel
    - ath6kl: prevent potential array overflow in ath6kl_add_new_sta()
    - ath9k: Fix potential out of bounds in ath9k_htc_txcompletion_cb()
    - ath10k: Fix the size used in a 'dma_free_coherent()' call in an error
      handling path
    - wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680
    - ASoC: qcom: lpass-platform: fix memory leak
    - ASoC: qcom: lpass-cpu: fix concurrency issue
    - ath11k: Fix possible memleak in ath11k_qmi_init_service
    - brcmfmac: check ndev pointer
    - mwifiex: Do not use GFP_KERNEL in atomic context
    - staging: rtl8192u: Do not use GFP_KERNEL in atomic context
    - drm/amd/display: fix potential integer overflow when shifting 32 bit
      variable bl_pwm
    - selftests/bpf: Fix test_vmlinux test to use bpf_probe_read_user()
    - drm/gma500: fix error check
    - scsi: qla4xxx: Fix an error handling path in 'qla4xxx_get_host_stats()'
    - scsi: qla2xxx: Fix the size used in a 'dma_free_coherent()' call
    - scsi: qla2xxx: Fix wrong return value in qlt_chk_unresolv_exchg()
    - scsi: qla2xxx: Fix wrong return value in qla_nvme_register_hba()
    - scsi: csiostor: Fix wrong return value in csio_hw_prep_fw()
    - libbpf: Fix unintentional success return code in bpf_object__load
    - wilc1000: Fix memleak in wilc_sdio_probe
    - wilc1000: Fix memleak in wilc_bus_probe
    - rtw88: don't treat NULL pointer as an array
    - backlight: sky81452-backlight: Fix refcount imbalance on error
    - staging: emxx_udc: Fix passing of NULL to dma_alloc_coherent()
    - VMCI: check return value of get_user_pages_fast() for errors
    - mm/error_inject: Fix allow_error_inject function signatures.
    - drm: panel: Fix bpc for OrtusTech COM43H4M85ULC panel
    - samples/bpf: Fix to xdpsock to avoid recycling frames
    - drm/crc-debugfs: Fix memleak in crc_control_write
    - Bluetooth: Clear suspend tasks on unregister
    - selftests: vm: add fragment CONFIG_GUP_BENCHMARK
    - scsi: ufs: Make ufshcd_print_trs() consider UFSHCD_QUIRK_PRDT_BYTE_GRAN
    - binder: Remove bogus warning on failed same-process transaction
    - tty: serial: earlycon dependency
    - pty: do tty_flip_buffer_push without port->lock in pty_write
    - pwm: lpss: Fix off by one error in base_unit math in pwm_lpss_prepare()
    - pwm: lpss: Add range limit check for the base_unit register value
    - drivers/virt/fsl_hypervisor: Fix error handling path
    - ath11k: fix a double free and a memory leak
    - video: fbdev: vga16fb: fix setting of pixclock because a pass-by-value error
    - video: fbdev: sis: fix null ptr dereference
    - video: fbdev: radeon: Fix memleak in radeonfb_pci_register
    - ASoC: fsl: imx-es8328: add missing put_device() call in imx_es8328_probe()
    - scsi: ufs: ufs-mediatek: Fix HOST_PA_TACTIVATE quirk
    - HID: roccat: add bounds checking in kone_sysfs_write_settings()
    - drm/msm: Avoid div-by-zero in dpu_crtc_atomic_check()
    - drm/panfrost: Ensure GPU quirks are always initialised
    - iomap: Clear page error before beginning a write
    - iomap: Mark read blocks uptodate in write_begin
    - selftests/lkdtm: Use "comm" instead of "diff" for dmesg
    - Bluetooth: Re-order clearing suspend tasks
    - pinctrl: mcp23s08: Fix mcp23x17_regmap initialiser
    - pinctrl: mcp23s08: Fix mcp23x17 precious range
    - pinctrl: devicetree: Keep deferring even on timeout
    - drm/msm/adreno: fix probe without iommu
    - net/mlx5: Fix uninitialized variable warning
    - net/mlx5: Don't call timecounter cyc2time directly from 1PPS flow
    - scsi: mpt3sas: Fix sync irqs
    - net: stmmac: Fix incorrect location to set real_num_rx|tx_queues
    - net: stmmac: use netif_tx_start|stop_all_queues() function
    - xfs: force the log after remapping a synchronous-writes file
    - cpufreq: armada-37xx: Add missing MODULE_DEVICE_TABLE
    - drm: mxsfb: check framebuffer pitch
    - ima: Fix NULL pointer dereference in ima_file_hash
    - ASoC: topology: disable size checks for bytes_ext controls if needed
    - ASoC: tlv320adcx140: Fix digital gain range
    - coresight: etm4x: Fix etm4_count race by moving cpuhp callbacks to init
    - coresight: fix offset by one error in counting ports
    - coresight: cti: disclaim device only when it's claimed
    - coresight: cti: remove pm_runtime_get_sync() from CPU hotplug
    - coresight: etm4x: Ensure default perf settings filter user/kernel
    - coresight: etm4x: Fix issues within reset interface of sysfs
    - coresight: cti: Write regsiters directly in cti_enable_hw()
    - coresight: etm4x: Handle unreachable sink in perf mode
    - coresight: etm4x: Fix issues on trcseqevr access
    - nvmem: core: fix missing of_node_put() in of_nvmem_device_get()
    - selftests: mptcp: interpret \n as a new line
    - selftests/bpf: Fix endianness issue in sk_assign
    - selftests/bpf: Fix endianness issue in test_sockopt_sk
    - xhci: don't create endpoint debugfs entry before ring buffer is set.
    - net: dsa: rtl8366: Check validity of passed VLANs
    - net: dsa: rtl8366: Refactor VLAN/PVID init
    - net: dsa: rtl8366: Skip PVID setting if not requested
    - net: wilc1000: clean up resource in error path of init mon interface
    - ASoC: tas2770: Fix calling reset in probe
    - ASoC: tas2770: Add missing bias level power states
    - ASoC: tas2770: Fix required DT properties in the code
    - ASoC: tas2770: Fix error handling with update_bits
    - ASoC: tlv320aic32x4: Fix bdiv clock rate derivation
    - net: dsa: rtl8366rb: Support all 4096 VLANs
    - ASoC: SOF: control: add size checks for ext_bytes control .put()
    - ASoC: tas2770: Fix unbalanced calls to pm_runtime
    - spi: omap2-mcspi: Improve performance waiting for CHSTAT
    - ath11k: Add checked value for ath11k_ahb_remove
    - ath6kl: wmi: prevent a shift wrapping bug in ath6kl_wmi_delete_pstream_cmd()
    - drm: rcar-du: Put reference to VSP device
    - phy: rockchip-dphy-rx0: Include linux/delay.h
    - dmaengine: dmatest: Check list for emptiness before access its last entry
    - ASoC: cros_ec_codec: fix kconfig dependency warning for
      SND_SOC_CROS_EC_CODEC
    - misc: mic: scif: Fix error handling path
    - ALSA: seq: oss: Avoid mutex lock for a long-time ioctl
    - usb: dwc2: Fix parameter type in function pointer prototype
    - usb: dwc3: core: Properly default unspecified speed
    - usb: dwc2: Add missing cleanups when usb_add_gadget_udc() fails
    - rtw88: Fix probe error handling race with firmware loading
    - rtw88: Fix potential probe error handling race with wow firmware loading
    - mt76: mt7915: fix possible memory leak in mt7915_mcu_add_beacon
    - quota: clear padding in v2r1_mem2diskdqb()
    - slimbus: core: check get_addr before removing laddr ida
    - slimbus: core: do not enter to clock pause mode in core
    - slimbus: qcom-ngd-ctrl: disable ngd in qmi server down callback
    - ASoC: fsl_sai: Instantiate snd_soc_dai_driver
    - HID: hid-input: fix stylus battery reporting
    - tty: hvc: fix link error with CONFIG_SERIAL_CORE_CONSOLE=n
    - nvmem: core: fix possibly memleak when use nvmem_cell_info_to_nvmem_cell()
    - hv: clocksource: Add notrace attribute to read_hv_sched_clock_*() functions
    - nl80211: fix OBSS PD min and max offset validation
    - iomap: Use kzalloc to allocate iomap_page
    - coresight: etm: perf: Fix warning caused by etm_setup_aux failure
    - coresight: cti: Fix remove sysfs link error
    - coresight: cti: Fix bug clearing sysfs links on callback
    - coresight: etm4x: Fix save and restore of TRCVMIDCCTLR1 register
    - ibmvnic: set up 200GBPS speed
    - bpf: disallow attaching modify_return tracing functions to other BPF
      programs
    - selftests: Remove fmod_ret from test_overhead
    - qtnfmac: fix resource leaks on unsupported iftype error return path
    - pinctrl: aspeed: Use the right pinconf mask
    - iommu/qcom: add missing put_device() call in qcom_iommu_of_xlate()
    - iio: adc: stm32-adc: fix runtime autosuspend delay when slow polling
    - net: enic: Cure the enic api locking trainwreck
    - mfd: sm501: Fix leaks in probe()
    - ASoC: wm_adsp: Pass full name to snd_ctl_notify
    - iwlwifi: mvm: split a print to avoid a WARNING in ROC
    - iwlwifi: dbg: remove no filter condition
    - iwlwifi: dbg: run init_cfg function once per driver load
    - usb: gadget: f_ncm: fix ncm_bitrate for SuperSpeed and above.
    - usb: gadget: u_serial: clear suspended flag when disconnecting
    - usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well
    - bus: mhi: core: Fix the building of MHI module
    - ocxl: fix kconfig dependency warning for OCXL
    - nl80211: fix non-split wiphy information
    - usb: dwc2: Fix INTR OUT transfers in DDMA mode.
    - scsi: target: tcmu: Fix warning: 'page' may be used uninitialized
    - scsi: be2iscsi: Fix a theoretical leak in beiscsi_create_eqs()
    - dmaengine: ioat: Allocate correct size for descriptor chunk
    - ipmi_si: Fix wrong return value in try_smi_init()
    - tracing: Fix parse_synth_field() error handling
    - platform/x86: mlx-platform: Remove PSU EEPROM configuration
    - mwifiex: fix double free
    - drm/panfrost: increase readl_relaxed_poll_timeout values
    - ipvs: clear skb->tstamp in forwarding path
    - bpf, sockmap: Remove skb_orphan and let normal skb_kfree do cleanup
    - net: korina: fix kfree of rx/tx descriptor array
    - netfilter: nf_log: missing vlan offload tag and proto
    - mm/swapfile.c: fix potential memory leak in sys_swapon
    - mm/memcg: fix device private memcg accounting
    - mm, oom_adj: don't loop through tasks in __set_oom_adj when not necessary
    - fs: fix NULL dereference due to data race in prepend_path()
    - selftests/ftrace: Change synthetic event name for inter-event-combined test
    - tracing: Handle synthetic event array field type checking correctly
    - i3c: master add i3c_master_attach_boardinfo to preserve boardinfo
    - IB/mlx4: Fix starvation in paravirt mux/demux
    - IB/mlx4: Adjust delayed work when a dup is observed
    - powerpc/pseries: Fix missing of_node_put() in rng_init()
    - powerpc/icp-hv: Fix missing of_node_put() in success path
    - rcu/tree: Force quiescent state on callback overload
    - rcutorture: Properly set rcu_fwds for OOM handling
    - RDMA/ucma: Fix locking for ctx->events_reported
    - RDMA/ucma: Add missing locking around rdma_leave_multicast()
    - mtd: lpddr: fix excessive stack usage with clang
    - RDMA/hns: Add a check for current state before modifying QP
    - RDMA/umem: Fix signature of stub ib_umem_find_best_pgsz()
    - powerpc/pseries: explicitly reschedule during drmem_lmb list traversal
    - pseries/drmem: don't cache node id in drmem_lmb struct
    - RDMA/mlx5: Fix potential race between destroy and CQE poll
    - mtd: mtdoops: Don't write panic data twice
    - perf tools: Make GTK2 support opt-in
    - tools feature: Add missing -lzstd to the fast path feature detection
    - ARM: 9007/1: l2c: fix prefetch bits init in L2X0_AUX_CTRL using DT values
    - xfs: fix finobt btree block recovery ordering
    - m68knommu: include SDHC support only when hardware has it
    - arc: plat-hsdk: fix kconfig dependency warning when !RESET_CONTROLLER
    - ida: Free allocated bitmap in error path
    - xfs: limit entries returned when counting fsmap records
    - xfs: fix deadlock and streamline xfs_getfsmap performance
    - nfs: add missing "posix" local_lock constant table definition
    - xfs: fix high key handling in the rt allocator's query_range function
    - RDMA/rtrs-srv: Incorporate ib_register_client into rtrs server init
    - RDMA/core: Delete function indirection for alloc/free kernel CQ
    - RDMA: Allow fail of destroy CQ
    - RDMA/umem: Fix ib_umem_find_best_pgsz() for mappings that cross a page
      boundary
    - RDMA/umem: Prevent small pages from being returned by
      ib_umem_find_best_pgsz()
    - RDMA/qedr: Fix qp structure memory leak
    - RDMA/qedr: Fix doorbell setting
    - RDMA/qedr: Fix use of uninitialized field
    - RDMA/qedr: Fix return code if accept is called on a destroyed qp
    - RDMA/qedr: Fix inline size returned for iWARP
    - powerpc/pseries/svm: Allocate SWIOTLB buffer anywhere in memory
    - powerpc/watchpoint: Fix quadword instruction handling on p10 predecessors
    - powerpc/watchpoint: Fix handling of vector instructions
    - powerpc/watchpoint: Add hw_len wherever missing
    - powerpc/book3s64/hash/4k: Support large linear mapping range with 4K
    - powerpc/tau: Use appropriate temperature sample interval
    - powerpc/tau: Convert from timer to workqueue
    - powerpc/tau: Remove duplicated set_thresholds() call
    - powerpc/tau: Check processor type before enabling TAU interrupt
    - powerpc/tau: Disable TAU between measurements
    - powerpc/kasan: Fix CONFIG_KASAN_VMALLOC for 8xx
    - powerpc/64s/radix: Fix mm_cpumask trimming race vs kthread_use_mm
    - RDMA/cma: Combine cma_ndev_work with cma_work
    - RDMA/cma: Remove dead code for kernel rdmacm multicast
    - RDMA/cma: Consolidate the destruction of a cma_multicast in one place
    - RDMA/cma: Fix use after free race in roce multicast join
    - perf intel-pt: Fix "context_switch event has no tid" error
    - RDMA/qedr: Fix resource leak in qedr_create_qp
    - RDMA/hns: Set the unsupported wr opcode
    - RDMA/mlx5: Use set_mkc_access_pd_addr_fields() in reg_create()
    - RDMA/mlx5: Make mkeys always owned by the kernel's PD when not enabled
    - RDMA/mlx5: Disable IB_DEVICE_MEM_MGT_EXTENSIONS if IB_WR_REG_MR can't work
    - i40iw: Add support to make destroy QP synchronous
    - perf stat: Skip duration_time in setup_system_wide
    - RDMA/hns: Add check for the validity of sl configuration
    - RDMA/hns: Solve the overflow of the calc_pg_sz()
    - RDMA/hns: Fix the wrong value of rnr_retry when querying qp
    - RDMA/hns: Fix configuration of ack_req_freq in QPC
    - RDMA/hns: Fix missing sq_sig_type when querying QP
    - mtd: hyperbus: hbmc-am654: Fix direct mapping setup flash access
    - mtd: rawnand: stm32_fmc2: fix a buffer overflow
    - mtd: rawnand: vf610: disable clk on error handling path in probe
    - mtd: spinand: gigadevice: Only one dummy byte in QUADIO
    - mtd: spinand: gigadevice: Add QE Bit
    - mtd: rawnand: ams-delta: Fix non-OF build warning
    - kdb: Fix pager search for multi-line strings
    - overflow: Include header file with SIZE_MAX declaration
    - RDMA/ipoib: Set rtnl_link_ops for ipoib interfaces
    - powerpc/64: fix irq replay missing preempt
    - powerpc/64: fix irq replay pt_regs->softe value
    - powerpc/perf: Exclude pmc5/6 from the irrelevant PMU group constraints
    - powerpc/perf/hv-gpci: Fix starting index value
    - perf stat: Fix out of bounds CPU map access when handling armv8_pmu events
    - i3c: master: Fix error return in cdns_i3c_master_probe()
    - powerpc/papr_scm: Add PAPR command family to pass-through command-set
    - cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_reboot_notifier
    - IB/rdmavt: Fix sizeof mismatch
    - RDMA/rxe: Fix skb lifetime in rxe_rcv_mcast_pkt()
    - f2fs: reject CASEFOLD inode flag without casefold feature
    - um: vector: Use GFP_ATOMIC under spin lock
    - um: time-travel: Fix IRQ handling in time_travel_handle_message()
    - maiblox: mediatek: Fix handling of platform_get_irq() error
    - perf trace: Fix off by ones in memset() after realloc() in arches using
      libaudit
    - selftests/powerpc: Fix eeh-basic.sh exit codes
    - f2fs: wait for sysfs kobject removal before freeing f2fs_sb_info
    - afs: Fix rapid cell addition/removal by not using RCU on cells tree
    - afs: Fix cell refcounting by splitting the usage counter
    - afs: Fix cell purging with aliases
    - afs: Fix cell removal
    - RDMA/rxe: Handle skb_clone() failure in rxe_recv.c
    - mm/page_owner: change split_page_owner to take a count
    - lib/crc32.c: fix trivial typo in preprocessor condition
    - ramfs: fix nommu mmap with gaps in the page cache
    - rapidio: fix error handling path
    - rapidio: fix the missed put_device() for rio_mport_add_riodev
    - mailbox: avoid timer start from callback
    - clk: meson: axg-audio: separate axg and g12a regmap tables
    - rtc: ds1307: Clear OSF flag on DS1388 when setting time
    - i2c: rcar: Auto select RESET_CONTROLLER
    - clk: meson: g12a: mark fclk_div2 as critical
    - PCI: designware-ep: Fix the Header Type check
    - PCI: aardvark: Fix compilation on s390
    - PCI: aardvark: Check for errors from pci_bridge_emul_init() call
    - PCI: iproc: Set affinity mask on MSI interrupts
    - rpmsg: smd: Fix a kobj leak in in qcom_smd_parse_edge()
    - rpmsg: Avoid double-free in mtk_rpmsg_register_device
    - PCI/IOV: Mark VFs as not implementing PCI_COMMAND_MEMORY
    - vfio: add a singleton check for vfio_group_pin_pages
    - s390/pci: Mark all VFs as not implementing PCI_COMMAND_MEMORY
    - vfio/pci: Decouple PCI_COMMAND_MEMORY bit checks from is_virtfn
    - vfio: fix a missed vfio group put in vfio_pin_pages
    - vfio/type1: fix dirty bitmap calculation in vfio_dma_rw
    - clk: qcom: gcc-sdm660: Fix wrong parent_map
    - clk: keystone: sci-clk: fix parsing assigned-clock data during probe
    - pwm: rockchip: Keep enabled PWMs running while probing
    - pwm: img: Fix null pointer access in probe
    - remoteproc/mediatek: fix null pointer dereference on null scp pointer
    - PCI: hv: Fix hibernation in case interrupts are not re-created
    - clk: rockchip: Initialize hw to error to avoid undefined behavior
    - clk: mediatek: add UART0 clock support
    - module: statically initialize init section freeing data
    - clk: at91: clk-main: update key before writing AT91_CKGR_MOR
    - clk: bcm2835: add missing release if devm_clk_hw_register fails
    - kbuild: deb-pkg: do not build linux-headers package if CONFIG_MODULES=n
    - watchdog: Fix memleak in watchdog_cdev_register
    - watchdog: Use put_device on error
    - watchdog: sp5100: Fix definition of EFCH_PM_DECODEEN3
    - svcrdma: fix bounce buffers for unaligned offsets and multiple pages
    - ext4: fix dead loop in ext4_mb_new_blocks
    - ext4: discard preallocations before releasing group lock
    - ext4: disallow modifying DAX inode flag if inline_data has been set
    - ext4: limit entries returned when counting fsmap records
    - vfio/pci: Clear token on bypass registration failure
    - vfio iommu type1: Fix memory leak in vfio_iommu_type1_pin_pages
    - clk: imx8mq: Fix usdhc parents order
    - SUNRPC: fix copying of multiple pages in gss_read_proxy_verf()
    - platform/chrome: cros_ec_lightbar: Reduce ligthbar get version command
    - Input: elants_i2c - fix typo for an attribute to show calibration count
    - Input: imx6ul_tsc - clean up some errors in imx6ul_tsc_resume()
    - Input: stmfts - fix a & vs && typo
    - Input: ep93xx_keypad - fix handling of platform_get_irq() error
    - Input: omap4-keypad - fix handling of platform_get_irq() error
    - Input: twl4030_keypad - fix handling of platform_get_irq() error
    - Input: sun4i-ps2 - fix handling of platform_get_irq() error
    - KVM: x86: emulating RDPID failure shall return #UD rather than #GP
    - scsi: bfa: Fix error return in bfad_pci_init()
    - arm64: mm: use single quantity to represent the PA to VA translation
    - netfilter: conntrack: connection timeout after re-register
    - netfilter: ebtables: Fixes dropping of small packets in bridge nat
    - netsec: ignore 'phy-mode' device property on ACPI systems
    - netfilter: nf_fwd_netdev: clear timestamp in forwarding path
    - soc: xilinx: Fix error code in zynqmp_pm_probe()
    - arm64: dts: meson: vim3: correct led polarity
    - ARM: dts: imx6sl: fix rng node
    - ARM: at91: pm: of_node_put() after its usage
    - ARM: s3c24xx: fix mmc gpio lookup tables
    - ARM: dts: sun8i: r40: bananapi-m2-ultra: Fix dcdc1 regulator
    - arm64: dts: allwinner: h5: remove Mali GPU PMU module
    - memory: omap-gpmc: Fix a couple off by ones
    - memory: omap-gpmc: Fix build error without CONFIG_OF
    - arm64: dts: qcom: sc7180: Fix the LLCC base register size
    - memory: fsl-corenet-cf: Fix handling of platform_get_irq() error
    - firmware: arm_scmi: Fix NULL pointer dereference in mailbox_chan_free
    - arm64: dts: imx8mq: Add missing interrupts to GPC
    - arm64: dts: qcom: sc7180: Drop flags on mdss irqs
    - soc: qcom: pdr: Fixup array type of get_domain_list_resp message
    - arm64: dts: qcom: msm8916: Remove one more thermal trip point unit name
    - arm64: dts: qcom: pm8916: Remove invalid reg size from wcd_codec
    - arm64: dts: qcom: msm8916: Fix MDP/DSI interrupts
    - soc: qcom: apr: Fixup the error displayed on lookup failure
    - dt-bindings: crypto: Specify that allwinner, sun8i-a33-crypto needs reset
    - arm64: dts: renesas: r8a77990: Fix MSIOF1 DMA channels
    - arm64: dts: renesas: r8a774c0: Fix MSIOF1 DMA channels
    - arm64: dts: mt8173: elm: Fix nor_flash node property
    - arm64: dts: actions: limit address range for pinctrl node
    - ARM: dts: owl-s500: Fix incorrect PPI interrupt specifiers
    - soc: fsl: qbman: Fix return value on success
    - ARM: OMAP2+: Restore MPU power domain if cpu_cluster_pm_enter() fails
    - ARM: dts: stm32: Fix sdmmc2 pins on AV96
    - ARM: dts: stm32: lxa-mc1: Fix kernel warning about PHY delays
    - ARM: dts: stm32: Move ethernet PHY into DH SoM DT
    - ARM: dts: stm32: Swap PHY reset GPIO and TSC2004 IRQ on DHCOM SOM
    - ARM: dts: stm32: Fix DH PDK2 display PWM channel
    - ARM: dts: iwg20d-q7-common: Fix touch controller probe failure
    - soc: mediatek: cmdq: add clear option in cmdq_pkt_wfe api
    - drm/mediatek: reduce clear event
    - arm64: dts: zynqmp: Remove additional compatible string for i2c IPs
    - ARM: dts: meson8: remove two invalid interrupt lines from the GPU node
    - lightnvm: fix out-of-bounds write to array devices->info[]
    - powerpc/powernv/dump: Fix race while processing OPAL dump
    - powerpc/pseries: Avoid using addr_to_pfn in real mode
    - nvmet: fix uninitialized work for zero kato
    - KVM: ioapic: break infinite recursion on lazy EOI
    - NTB: hw: amd: fix an issue about leak system resources
    - ntb: intel: Fix memleak in intel_ntb_pci_probe
    - sched/features: Fix !CONFIG_JUMP_LABEL case
    - perf: correct SNOOPX field offset
    - i2c: core: Restore acpi_walk_dep_device_list() getting called after
      registering the ACPI i2c devs
    - md/bitmap: fix memory leak of temporary bitmap
    - block: ratelimit handle_bad_sector() message
    - x86/dumpstack: Fix misleading instruction pointer error message
    - crypto: ccp - fix error handling
    - x86/asm: Replace __force_order with a memory clobber
    - x86/mce: Add Skylake quirk for patrol scrub reported errors
    - media: firewire: fix memory leak
    - media: ati_remote: sanity check for both endpoints
    - media: st-delta: Fix reference count leak in delta_run_work
    - media: sti: Fix reference count leaks
    - media: exynos4-is: Fix several reference count leaks due to
      pm_runtime_get_sync
    - media: exynos4-is: Fix a reference count leak due to pm_runtime_get_sync
    - media: exynos4-is: Fix a reference count leak
    - media: vsp1: Fix runtime PM imbalance on error
    - media: platform: s3c-camif: Fix runtime PM imbalance on error
    - media: platform: sti: hva: Fix runtime PM imbalance on error
    - media: bdisp: Fix runtime PM imbalance on error
    - media: media/pci: prevent memory leak in bttv_probe
    - x86/mce: Annotate mce_rd/wrmsrl() with noinstr
    - crypto: hisilicon - fixed memory allocation error
    - spi: fsi: Fix clock running too fast
    - x86/mce: Make mce_rdmsrl() panic on an inaccessible MSR
    - media: uvcvideo: Ensure all probed info is returned to v4l2
    - mmc: sdio: Check for CISTPL_VERS_1 buffer size
    - media: saa7134: avoid a shift overflow
    - media: atomisp: fix memleak in ia_css_stream_create
    - media: venus: fixes for list corruption
    - fs: dlm: fix configfs memory leak
    - media: venus: core: Fix error handling in probe
    - media: venus: core: Fix runtime PM imbalance in venus_probe
    - ntfs: add check for mft record size in superblock
    - ip_gre: set dev->hard_header_len and dev->needed_headroom properly
    - mac80211: handle lack of sband->bitrates in rates
    - staging: wfx: fix handling of MMIC error
    - libbpf: Close map fd if init map slots failed
    - bpf: Use raw_spin_trylock() for pcpu_freelist_push/pop in NMI
    - PM: hibernate: remove the bogus call to get_gendisk() in software_resume()
    - scsi: mvumi: Fix error return in mvumi_io_attach()
    - scsi: target: core: Add CONTROL field for trace events
    - mic: vop: copy data to kernel space then write to io memory
    - misc: vop: add round_up(x,4) for vring_size to avoid kernel panic
    - usb: dwc3: Add splitdisable quirk for Hisilicon Kirin Soc
    - usb: gadget: function: printer: fix use-after-free in __lock_acquire
    - udf: Limit sparing table size
    - udf: Avoid accessing uninitialized data on failed inode read
    - rtw88: increse the size of rx buffer size
    - USB: cdc-acm: handle broken union descriptors
    - usb: dwc3: simple: add support for Hikey 970
    - habanalabs: cast to u64 before shift > 31 bits
    - can: flexcan: flexcan_chip_stop(): add error handling and propagate error
      value
    - HID: multitouch: Lenovo X1 Tablet Gen3 trackpoint and buttons
    - ath9k: hif_usb: fix race condition between usb_get_urb() and
      usb_kill_anchored_urbs()
    - drm/panfrost: add Amlogic GPU integration quirks
    - drm/panfrost: add amlogic reset quirk callback
    - drm/panfrost: add support for vendor quirk
    - bpf: Limit caller's stack depth 256 for subprogs with tailcalls
    - misc: rtsx: Fix memory leak in rtsx_pci_probe
    - reiserfs: only call unlock_new_inode() if I_NEW
    - opp: Prevent memory leak in dev_pm_opp_attach_genpd()
    - xfs: make sure the rt allocator doesn't run off the end
    - usb: ohci: Default to per-port over-current protection
    - drm: fix double free for gbo in drm_gem_vram_init and drm_gem_vram_create
    - Bluetooth: Only mark socket zapped after unlocking
    - drm/msm/a6xx: fix a potential overflow issue
    - iomap: fix WARN_ON_ONCE() from unprivileged users
    - scsi: ibmvfc: Fix error return in ibmvfc_probe()
    - scsi: qla2xxx: Warn if done() or free() are called on an already freed srb
    - selftests/bpf: Fix test_sysctl_loop{1, 2} failure due to clang change
    - brcmsmac: fix memory leak in wlc_phy_attach_lcnphy
    - rtl8xxxu: prevent potential memory leak
    - Fix use after free in get_capset_info callback.
    - HID: ite: Add USB id match for Acer One S1003 keyboard dock
    - scsi: qedf: Return SUCCESS if stale rport is encountered
    - scsi: qedi: Mark all connections for recovery on link down event
    - scsi: qedi: Protect active command list to avoid list corruption
    - scsi: qedi: Fix list_del corruption while removing active I/O
    - fbmem: add margin check to fb_check_caps()
    - tty: ipwireless: fix error handling
    - Bluetooth: btusb: Fix memleak in btusb_mtk_submit_wmt_recv_urb
    - ipvs: Fix uninit-value in do_ip_vs_set_ctl()
    - reiserfs: Fix memory leak in reiserfs_parse_options()
    - s390/qeth: strictly order bridge address events
    - mwifiex: don't call del_timer_sync() on uninitialized timer
    - ALSA: hda/ca0132 - Add AE-7 microphone selection commands.
    - ALSA: hda/ca0132 - Add new quirk ID for SoundBlaster AE-7.
    - ASoC: SOF: Add topology filename override based on dmi data match
    - ASoC: Intel: sof_rt5682: override quirk data for tgl_max98373_rt5682
    - scsi: smartpqi: Avoid crashing kernel for controller issues
    - brcm80211: fix possible memleak in brcmf_proto_msgbuf_attach
    - usb: core: Solve race condition in anchor cleanup functions
    - scsi: ufs: ufs-qcom: Fix race conditions caused by ufs_qcom_testbus_config()
    - drm/amd/display: Screen corruption on dual displays (DP+USB-C)
    - dmaengine: dw: Add DMA-channels mask cell support
    - dmaengine: dw: Activate FIFO-mode for memory peripherals only
    - ath10k: check idx validity in __ath10k_htt_rx_ring_fill_n()
    - net: korina: cast KSEG0 address to pointer in kfree
    - s390/qeth: don't let HW override the configured port role
    - tty: serial: lpuart: fix lpuart32_write usage
    - tty: serial: fsl_lpuart: fix lpuart32_poll_get_char
    - usb: gadget: bcm63xx_udc: fix up the error of undeclared usb_debug_root
    - usb: cdc-acm: add quirk to blacklist ETAS ES58X devices
    - USB: cdc-wdm: Make wdm_flush() interruptible and add wdm_fsync().
    - usb: cdns3: gadget: free interrupt after gadget has deleted
    - eeprom: at25: set minimum read/write access stride to 1
    - usb: gadget: f_ncm: allow using NCM in SuperSpeed Plus gadgets.
    - Linux 5.8.17
  * RTL8822BE [10ec:b822] network driver rtl_wifi crashes on boot in Focal Fossa
    20.04 - 5.4.0-21-generic and mainline 5.7.0-050700rc1-generic
    (LP: #1872984) // Groovy update: v5.8.17 upstream stable release
    (LP: #1902137)
    - rtw88: pci: Power cycle device during shutdown
  * Groovy update: v5.8.16 upstream stable release (LP: #1902132)
    - crypto: bcm - Verify GCM/CCM key length in setkey
    - crypto: qat - check cipher length for aead AES-CBC-HMAC-SHA
    - Bluetooth: Disconnect if E0 is used for Level 4
    - media: usbtv: Fix refcounting mixup
    - USB: serial: option: add Cellient MPL200 card
    - USB: serial: option: Add Telit FT980-KS composition
    - staging: comedi: check validity of wMaxPacketSize of usb endpoints found
    - USB: serial: pl2303: add device-id for HP GC device
    - USB: serial: ftdi_sio: add support for FreeCalypso JTAG+UART adapters
    - reiserfs: Initialize inode keys properly
    - reiserfs: Fix oops during mount
    - Linux 5.8.16
  * Groovy update: v5.8.15 upstream stable release (LP: #1902130)
    - fbdev, newport_con: Move FONT_EXTRA_WORDS macros into linux/font.h
    - Fonts: Support FONT_EXTRA_WORDS macros for built-in fonts
    - fbcon: Fix global-out-of-bounds read in fbcon_get_font()
    - Revert "ravb: Fixed to be able to unload modules"
    - crypto: arm64: Use x16 with indirect branch to bti_c
    - exfat: fix use of uninitialized spinlock on error path
    - net: wireless: nl80211: fix out-of-bounds access in nl80211_del_key()
    - drm/nouveau/mem: guard against NULL pointer access in mem_del
    - partitions/ibm: fix non-DASD devices
    - block/scsi-ioctl: Fix kernel-infoleak in scsi_put_cdrom_generic_arg()
    - vhost: Don't call access_ok() when using IOTLB
    - vhost: Use vhost_get_used_size() in vhost_vring_set_addr()
    - usermodehelper: reset umask to default before executing user process
    - splice: teach splice pipe reading about empty pipe buffers
    - Platform: OLPC: Fix memleak in olpc_ec_probe
    - platform/x86: intel-vbtn: Fix SW_TABLET_MODE always reporting 1 on the HP
      Pavilion 11 x360
    - platform/x86: thinkpad_acpi: initialize tp_nvram_state variable
    - platform/x86: asus-wmi: Fix SW_TABLET_MODE always reporting 1 on many
      different models
    - bpf: Fix sysfs export of empty BTF section
    - bpf: Prevent .BTF section elimination
    - r8169: consider that PHY reset may still be in progress after applying
      firmware
    - platform/x86: intel-vbtn: Switch to an allow-list for SW_TABLET_MODE
      reporting
    - platform/x86: thinkpad_acpi: re-initialize ACPI buffer size when reuse
    - nvme-core: put ctrl ref when module ref get fail
    - macsec: avoid use-after-free in macsec_handle_frame()
    - RISC-V: Make sure memblock reserves the memory containing DT
    - gpiolib: Disable compat ->read() code in UML case
    - mm/khugepaged: fix filemap page_to_pgoff(page) != offset
    - net: introduce helper sendpage_ok() in include/linux/net.h
    - tcp: use sendpage_ok() to detect misused .sendpage
    - nvme-tcp: check page by sendpage_ok() before calling kernel_sendpage()
    - xfrmi: drop ignore_df check before updating pmtu
    - espintcp: restore IP CB before handing the packet to xfrm
    - cifs: Fix incomplete memory allocation on setxattr path
    - i2c: meson: fix clock setting overwrite
    - i2c: meson: keep peripheral clock enabled
    - i2c: meson: fixup rate calculation with filter delay
    - i2c: owl: Clear NACK and BUS error bits
    - sctp: fix sctp_auth_init_hmacs() error path
    - team: set dev->needed_headroom in team_setup_by_port()
    - net: team: fix memory leak in __team_options_register
    - openvswitch: handle DNAT tuple collision
    - drm/amdgpu: prevent double kfree ttm->sg
    - btrfs: move btrfs_scratch_superblocks into btrfs_dev_replace_finishing
    - io_uring: fix potential ABBA deadlock in ->show_fdinfo()
    - drm/amd/pm: Removed fixed clock in auto mode DPM
    - drm/amd/display: fix return value check for hdcp_work
    - btrfs: move btrfs_rm_dev_replace_free_srcdev outside of all locks
    - iommu/vt-d: Fix lockdep splat in iommu_flush_dev_iotlb()
    - xfrm: clone XFRMA_SET_MARK in xfrm_do_migrate
    - xfrm: clone XFRMA_REPLAY_ESN_VAL in xfrm_do_migrate
    - xfrm: clone XFRMA_SEC_CTX in xfrm_do_migrate
    - xfrm: clone whole liftime_cur structure in xfrm_do_migrate
    - xsk: Do not discard packet when NETDEV_TX_BUSY
    - net: stmmac: removed enabling eee in EEE set callback
    - platform/x86: fix kconfig dependency warning for LG_LAPTOP
    - platform/x86: fix kconfig dependency warning for FUJITSU_LAPTOP
    - hinic: add log in exception handling processes
    - hinic: fix wrong return value of mac-set cmd
    - net: dsa: felix: convert TAS link speed based on phylink speed
    - xfrm: Use correct address family in xfrm_state_find
    - iavf: use generic power management
    - iavf: Fix incorrect adapter get in iavf_resume
    - ice: fix memory leak if register_netdev_fails
    - ice: fix memory leak in ice_vsi_setup
    - vmxnet3: fix cksum offload issues for non-udp tunnels
    - net: stmmac: Fix clock handling on remove path
    - net: ethernet: cavium: octeon_mgmt: use phy_start and phy_stop
    - bonding: set dev->needed_headroom in bond_setup_by_slave()
    - mdio: fix mdio-thunder.c dependency & build error
    - mlxsw: spectrum_acl: Fix mlxsw_sp_acl_tcam_group_add()'s error path
    - r8169: fix RTL8168f/RTL8411 EPHY config
    - net: usb: ax88179_178a: fix missing stop entry in driver_info
    - virtio-net: don't disable guest csum when disable LRO
    - net: phy: realtek: fix rtl8211e rx/tx delay config
    - octeontx2-af: Fix enable/disable of default NPC entries
    - octeontx2-pf: Fix TCP/UDP checksum offload for IPv6 frames
    - octeontx2-pf: Fix the device state on error
    - octeontx2-pf: Fix synchnorization issue in mbox
    - pipe: Fix memory leaks in create_pipe_files()
    - net/mlx5: Fix a race when moving command interface to polling mode
    - net/mlx5: Avoid possible free of command entry while timeout comp handler
    - net/mlx5: poll cmd EQ in case of command timeout
    - net/mlx5: Add retry mechanism to the command entry index allocation
    - net/mlx5: Fix request_irqs error flow
    - net/mlx5e: Add resiliency in Striding RQ mode for packets larger than MTU
    - net/mlx5e: Fix return status when setting unsupported FEC mode
    - net/mlx5e: Fix VLAN cleanup flow
    - net/mlx5e: Fix VLAN create flow
    - net/mlx5e: Fix race condition on nhe->n pointer in neigh update
    - net: stmmac: Modify configuration method of EEE timers
    - net: hinic: fix DEVLINK build errors
    - vhost-vdpa: fix vhost_vdpa_map() on error condition
    - vhost-vdpa: fix page pinning leakage in error path
    - net: mvneta: fix double free of txq->buf
    - rxrpc: Fix rxkad token xdr encoding
    - rxrpc: Downgrade the BUG() for unsupported token type in rxrpc_read()
    - rxrpc: Fix some missing _bh annotations on locking conn->state_lock
    - rxrpc: The server keyring isn't network-namespaced
    - rxrpc: Fix server keyring leak
    - net: mscc: ocelot: rename ocelot_board.c to ocelot_vsc7514.c
    - [Packaging] module ocelot_board rename
    - net: mscc: ocelot: split writes to pause frame enable bit and to thresholds
    - net: mscc: ocelot: extend watermark encoding function
    - net: mscc: ocelot: divide watermark value by 60 when writing to SYS_ATOP
    - afs: Fix deadlock between writeback and truncate
    - perf: Fix task_function_call() error handling
    - mmc: core: don't set limits.discard_granularity as 0
    - mm: validate inode in mapping_set_error()
    - mm: khugepaged: recalculate min_free_kbytes after memory hotplug as expected
      by khugepaged
    - tcp: fix receive window update in tcp_add_backlog()
    - netlink: fix policy dump leak
    - net/core: check length before updating Ethertype in skb_mpls_{push,pop}
    - net: bridge: fdb: don't flush ext_learn entries
    - net/tls: race causes kernel panic
    - net/mlx5e: Fix driver's declaration to support GRE offload
    - tty/vt: Do not warn when huge selection requested
    - Input: ati_remote2 - add missing newlines when printing module parameters
    - net: usb: rtl8150: set random MAC address when set_ethernet_addr() fails
    - net: qrtr: ns: Protect radix_tree_deref_slot() using rcu read locks
    - net_sched: defer tcf_idr_insert() in tcf_action_init_1()
    - net_sched: commit action insertions together
    - Linux 5.8.15
  * Fix non-working Intel NVMe after S3 (LP: #1900847)
    - SAUCE: PCI: Enable ACS quirk on all CML root ports
  * Improve descriptions for XFAIL cases in kselftests/net/psock_snd
    (LP: #1900088)
    - selftests/net: improve descriptions for XFAIL cases in psock_snd.sh
  * alsa/hda/realtek - The front Mic on a HP machine doesn't work (LP: #1899508)
    - ALSA: hda/realtek - The front Mic on a HP machine doesn't work
  * kci_test_encap_fou() in rtnetlink.sh from kselftests/net failed with "FAIL:
    can't add fou port 7777, skipping test" (LP: #1891421)
    - selftests: rtnetlink: load fou module for kci_test_encap_fou() test
  * linux-aws: fold test_bpf SAUCE to linux/master (LP: #1900855)
    - SAUCE: selftests: net: don't fail test_bpf when module is not present
  * Fix broken MSI interrupt after HDA controller was suspended (LP: #1899586)
    - ALSA: hda: fix jack detection with Realtek codecs when in D3

[ Ubuntu: 5.8.0-29.31 ]

* Packaging resync (LP: #1786013)
    - update dkms package versions

-- Khalid Elmously <khalid.elmously@canonical.com>  Fri, 27 Nov 2020 01:03:32 -0500

Changed in linux-kvm (Ubuntu Groovy):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2020-12-02:

Download full text (33.7 KiB)

This bug was fixed in the package linux-kvm - 4.15.0-1079.81

---------------
linux-kvm (4.15.0-1079.81) bionic; urgency=medium

* bionic/linux-kvm: 4.15.0-1079.81 -proposed tracker (LP: #1905658)

  * CONFIG options for (ipip, sit) should not be built-in to the KVM kernels
    (LP: #1899832)
    - [config] Set CONFIG_NET_IPIP and CONIG_IPV6_SIT =m

linux-kvm (4.15.0-1078.80) bionic; urgency=medium

* bionic/linux-kvm: 4.15.0-1078.80 -proposed tracker (LP: #1903130)

[ Ubuntu: 4.15.0-125.128 ]

This bug was fixed in the package linux-kvm - 4.15.0-1079.81

---------------
linux-kvm (4.15.0-1079.81) bionic; urgency=medium

* bionic/linux-kvm: 4.15.0-1079.81 -proposed tracker (LP: #1905658)

* CONFIG options for (ipip, sit) should not be built-in to the KVM kernels
    (LP: #1899832)
    - [config] Set CONFIG_NET_IPIP and CONIG_IPV6_SIT =m

linux-kvm (4.15.0-1078.80) bionic; urgency=medium

* bionic/linux-kvm: 4.15.0-1078.80 -proposed tracker (LP: #1903130)

[ Ubuntu: 4.15.0-125.128 ]

* bionic/linux: 4.15.0-125.128 -proposed tracker (LP: #1903137)
  * Update kernel packaging to support forward porting kernels (LP: #1902957)
    - [Debian] Update for leader included in BACKPORT_SUFFIX
  * Avoid double newline when running insertchanges (LP: #1903293)
    - [Packaging] insertchanges: avoid double newline
  * EFI: Fails when BootCurrent entry does not exist (LP: #1899993)
    - efivarfs: Replace invalid slashes with exclamation marks in dentries.
  * CVE-2020-14351
    - perf/core: Fix race in the perf_mmap_close() function
  * raid10: Block discard is very slow, causing severe delays for mkfs and
    fstrim operations (LP: #1896578)
    - md: add md_submit_discard_bio() for submitting discard bio
    - md/raid10: extend r10bio devs to raid disks
    - md/raid10: pull codes that wait for blocked dev into one function
    - md/raid10: improve raid10 discard request
    - md/raid10: improve discard request for far layout
  * Bionic: btrfs: kernel BUG at /build/linux-
    eTBZpZ/linux-4.15.0/fs/btrfs/ctree.c:3233! (LP: #1902254)
    - btrfs: use offset_in_page instead of open-coding it
    - btrfs: use BUG() instead of BUG_ON(1)
    - btrfs: drop unnecessary offset_in_page in extent buffer helpers
    - btrfs: extent_io: do extra check for extent buffer read write functions
    - btrfs: extent-tree: kill BUG_ON() in __btrfs_free_extent()
    - btrfs: extent-tree: kill the BUG_ON() in insert_inline_extent_backref()
    - btrfs: ctree: check key order before merging tree blocks
  * Bionic update: upstream stable patchset 2020-11-04 (LP: #1902943)
    - USB: gadget: f_ncm: Fix NDP16 datagram validation
    - gpio: tc35894: fix up tc35894 interrupt configuration
    - vsock/virtio: use RCU to avoid use-after-free on the_virtio_vsock
    - vsock/virtio: stop workers during the .remove()
    - vsock/virtio: add transport parameter to the
      virtio_transport_reset_no_sock()
    - net: virtio_vsock: Enhance connection semantics
    - Input: i8042 - add nopnp quirk for Acer Aspire 5 A515
    - ftrace: Move RCU is watching check after recursion check
    - drm/amdgpu: restore proper ref count in amdgpu_display_crtc_set_config
    - drivers/net/wan/hdlc_fr: Add needed_headroom for PVC devices
    - drm/sun4i: mixer: Extend regmap max_register
    - net: dec: de2104x: Increase receive ring size for Tulip
    - rndis_host: increase sleep time in the query-response loop
    - nvme-core: get/put ctrl and transport module in nvme_dev_open/release()
    - drivers/net/wan/lapbether: Make skb->protocol consistent with the header
    - drivers/net/wan/hdlc: Set skb->protocol before transmitting
    - mac80211: do not allow bigger VHT MPDUs than the hardware supports
    - spi: fsl-espi: Only process interrupts for expected events
    - nvme-fc: fail new connections to a deleted host or remote port
    - pinctrl: mvebu: Fix i2c sda definition for 98DX3236
    - nfs: Fix security label length not being reset
    - clk: samsung: exynos4: mark 'chipid' clock as CLK_IGNORE_UNUSED
    - iommu/exynos: add missing put_device() call in exynos_iommu_of_xlate()
    - i2c: cpm: Fix i2c_ram structure
    - Input: trackpoint - enable Synaptics trackpoints
    - random32: Restore __latent_entropy attribute on net_rand_state
    - epoll: do not insert into poll queues until all sanity checks are done
    - epoll: replace ->visited/visited_list with generation count
    - epoll: EPOLL_CTL_ADD: close the race in decision to take fast path
    - ep_create_wakeup_source(): dentry name can change under you...
    - netfilter: ctnetlink: add a range check for l3/l4 protonum
    - drm/syncobj: Fix drm_syncobj_handle_to_fd refcount leak
    - fbdev, newport_con: Move FONT_EXTRA_WORDS macros into linux/font.h
    - Fonts: Support FONT_EXTRA_WORDS macros for built-in fonts
    - Revert "ravb: Fixed to be able to unload modules"
    - fbcon: Fix global-out-of-bounds read in fbcon_get_font()
    - net: wireless: nl80211: fix out-of-bounds access in nl80211_del_key()
    - usermodehelper: reset umask to default before executing user process
    - platform/x86: thinkpad_acpi: initialize tp_nvram_state variable
    - platform/x86: thinkpad_acpi: re-initialize ACPI buffer size when reuse
    - driver core: Fix probe_count imbalance in really_probe()
    - perf top: Fix stdio interface input handling with glibc 2.28+
    - mtd: rawnand: sunxi: Fix the probe error path
    - macsec: avoid use-after-free in macsec_handle_frame()
    - mm/khugepaged: fix filemap page_to_pgoff(page) != offset
    - cifs: Fix incomplete memory allocation on setxattr path
    - i2c: meson: fix clock setting overwrite
    - sctp: fix sctp_auth_init_hmacs() error path
    - team: set dev->needed_headroom in team_setup_by_port()
    - net: team: fix memory leak in __team_options_register
    - openvswitch: handle DNAT tuple collision
    - drm/amdgpu: prevent double kfree ttm->sg
    - xfrm: clone XFRMA_REPLAY_ESN_VAL in xfrm_do_migrate
    - xfrm: clone XFRMA_SEC_CTX in xfrm_do_migrate
    - xfrm: clone whole liftime_cur structure in xfrm_do_migrate
    - net: stmmac: removed enabling eee in EEE set callback
    - platform/x86: fix kconfig dependency warning for FUJITSU_LAPTOP
    - xfrm: Use correct address family in xfrm_state_find
    - bonding: set dev->needed_headroom in bond_setup_by_slave()
    - mdio: fix mdio-thunder.c dependency & build error
    - net: usb: ax88179_178a: fix missing stop entry in driver_info
    - rxrpc: Fix rxkad token xdr encoding
    - rxrpc: Downgrade the BUG() for unsupported token type in rxrpc_read()
    - rxrpc: Fix some missing _bh annotations on locking conn->state_lock
    - rxrpc: Fix server keyring leak
    - perf: Fix task_function_call() error handling
    - mmc: core: don't set limits.discard_granularity as 0
    - mm: khugepaged: recalculate min_free_kbytes after memory hotplug as expected
      by khugepaged
    - net: usb: rtl8150: set random MAC address when set_ethernet_addr() fails
    - drm/nouveau/mem: guard against NULL pointer access in mem_del
    - i2c: i801: Exclude device from suspend direct complete optimization
    - nvme-core: put ctrl ref when module ref get fail
    - i2c: meson: fixup rate calculation with filter delay
    - xfrm: clone XFRMA_SET_MARK in xfrm_do_migrate
    - net/mlx5e: Fix VLAN cleanup flow
    - net/mlx5e: Fix VLAN create flow
  * kci_test_encap_fou() in rtnetlink.sh from kselftests/net failed with "FAIL:
    can't add fou port 7777, skipping test" (LP: #1891421)
    - selftests: rtnetlink: load fou module for kci_test_encap_fou() test
  * Bionic update: upstream stable patchset 2020-10-23 (LP: #1901257)
    - af_key: pfkey_dump needs parameter validation
    - KVM: fix memory leak in kvm_io_bus_unregister_dev()
    - kprobes: fix kill kprobe which has been marked as gone
    - mm/thp: fix __split_huge_pmd_locked() for migration PMD
    - cxgb4: Fix offset when clearing filter byte counters
    - geneve: add transport ports in route lookup for geneve
    - hdlc_ppp: add range checks in ppp_cp_parse_cr()
    - ip: fix tos reflection in ack and reset packets
    - net: ipv6: fix kconfig dependency warning for IPV6_SEG6_HMAC
    - nfp: use correct define to return NONE fec
    - tipc: Fix memory leak in tipc_group_create_member()
    - tipc: fix shutdown() of connection oriented socket
    - tipc: use skb_unshare() instead in tipc_buf_append()
    - bnxt_en: Protect bnxt_set_eee() and bnxt_set_pauseparam() with mutex.
    - net: phy: Avoid NPD upon phy_detach() when driver is unbound
    - net: qrtr: check skb_put_padto() return value
    - net: add __must_check to skb_put_padto()
    - ipv4: Update exception handling for multipath routes via same device
    - MAINTAINERS: add CLANG/LLVM BUILD SUPPORT info
    - Documentation/llvm: add documentation on building w/ Clang/LLVM
    - Documentation/llvm: fix the name of llvm-size
    - net: wan: wanxl: use allow to pass CROSS_COMPILE_M68k for rebuilding
      firmware
    - net: wan: wanxl: use $(M68KCC) instead of $(M68KAS) for rebuilding firmware
    - kbuild: replace AS=clang with LLVM_IAS=1
    - tcp_bbr: refactor bbr_target_cwnd() for general inflight provisioning
    - tcp_bbr: adapt cwnd based on ack aggregation estimation
    - serial: 8250: Avoid error message on reprobe
    - RDMA/ucma: ucma_context reference leak in error path
    - mm: fix double page fault on arm64 if PTE_AF is cleared
    - scsi: aacraid: fix illegal IO beyond last LBA
    - m68k: q40: Fix info-leak in rtc_ioctl
    - gma/gma500: fix a memory disclosure bug due to uninitialized bytes
    - ASoC: kirkwood: fix IRQ error handling
    - media: smiapp: Fix error handling at NVM reading
    - arch/x86/lib/usercopy_64.c: fix __copy_user_flushcache() cache writeback
    - x86/ioapic: Unbreak check_timer()
    - ALSA: usb-audio: Add delay quirk for H570e USB headsets
    - ALSA: hda/realtek - Couldn't detect Mic if booting with headset plugged
    - PM / devfreq: tegra30: Fix integer overflow on CPU's freq max out
    - scsi: fnic: fix use after free
    - clk/ti/adpll: allocate room for terminating null
    - mtd: cfi_cmdset_0002: don't free cfi->cfiq in error path of
      cfi_amdstd_setup()
    - mfd: mfd-core: Protect against NULL call-back function pointer
    - tracing: Adding NULL checks for trace_array descriptor pointer
    - bcache: fix a lost wake-up problem caused by mca_cannibalize_lock
    - RDMA/i40iw: Fix potential use after free
    - xfs: fix attr leaf header freemap.size underflow
    - RDMA/iw_cgxb4: Fix an error handling path in 'c4iw_connect()'
    - mmc: core: Fix size overflow for mmc partitions
    - gfs2: clean up iopen glock mess in gfs2_create_inode
    - debugfs: Fix !DEBUG_FS debugfs_create_automount
    - CIFS: Properly process SMB3 lease breaks
    - kernel/sys.c: avoid copying possible padding bytes in copy_to_user
    - neigh_stat_seq_next() should increase position index
    - rt_cpu_seq_next should increase position index
    - seqlock: Require WRITE_ONCE surrounding raw_seqcount_barrier
    - media: ti-vpe: cal: Restrict DMA to avoid memory corruption
    - ACPI: EC: Reference count query handlers under lock
    - dmaengine: zynqmp_dma: fix burst length configuration
    - powerpc/eeh: Only dump stack once if an MMIO loop is detected
    - tracing: Set kernel_stack's caller size properly
    - ar5523: Add USB ID of SMCWUSBT-G2 wireless adapter
    - selftests/ftrace: fix glob selftest
    - tools/power/x86/intel_pstate_tracer: changes for python 3 compatibility
    - Bluetooth: Fix refcount use-after-free issue
    - mm: pagewalk: fix termination condition in walk_pte_range()
    - Bluetooth: prefetch channel before killing sock
    - ALSA: hda: Clear RIRB status before reading WP
    - skbuff: fix a data race in skb_queue_len()
    - audit: CONFIG_CHANGE don't log internal bookkeeping as an event
    - selinux: sel_avc_get_stat_idx should increase position index
    - scsi: lpfc: Fix RQ buffer leakage when no IOCBs available
    - scsi: lpfc: Fix coverity errors in fmdi attribute handling
    - drm/omap: fix possible object reference leak
    - perf test: Fix test trace+probe_vfs_getname.sh on s390
    - RDMA/rxe: Fix configuration of atomic queue pair attributes
    - KVM: x86: fix incorrect comparison in trace event
    - media: staging/imx: Missing assignment in
      imx_media_capture_device_register()
    - x86/pkeys: Add check for pkey "overflow"
    - bpf: Remove recursion prevention from rcu free callback
    - dmaengine: tegra-apb: Prevent race conditions on channel's freeing
    - media: go7007: Fix URB type for interrupt handling
    - Bluetooth: guard against controllers sending zero'd events
    - timekeeping: Prevent 32bit truncation in scale64_check_overflow()
    - ext4: fix a data race at inode->i_disksize
    - mm: avoid data corruption on CoW fault into PFN-mapped VMA
    - drm/amdgpu: increase atombios cmd timeout
    - ath10k: use kzalloc to read for ath10k_sdio_hif_diag_read
    - scsi: aacraid: Disabling TM path and only processing IOP reset
    - Bluetooth: L2CAP: handle l2cap config request during open state
    - media: tda10071: fix unsigned sign extension overflow
    - xfs: don't ever return a stale pointer from __xfs_dir3_free_read
    - tpm: ibmvtpm: Wait for buffer to be set before proceeding
    - rtc: ds1374: fix possible race condition
    - tracing: Use address-of operator on section symbols
    - serial: 8250_port: Don't service RX FIFO if throttled
    - serial: 8250_omap: Fix sleeping function called from invalid context during
      probe
    - serial: 8250: 8250_omap: Terminate DMA before pushing data on RX timeout
    - perf cpumap: Fix snprintf overflow check
    - cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_work_fn
    - tools: gpio-hammer: Avoid potential overflow in main
    - RDMA/rxe: Set sys_image_guid to be aligned with HW IB devices
    - SUNRPC: Fix a potential buffer overflow in 'svc_print_xprts()'
    - svcrdma: Fix leak of transport addresses
    - ubifs: Fix out-of-bounds memory access caused by abnormal value of node_len
    - ALSA: usb-audio: Fix case when USB MIDI interface has more than one extra
      endpoint descriptor
    - NFS: Fix races nfs_page_group_destroy() vs
      nfs_destroy_unlinked_subrequests()
    - mm/kmemleak.c: use address-of operator on section symbols
    - mm/filemap.c: clear page error before actual read
    - mm/vmscan.c: fix data races using kswapd_classzone_idx
    - mm/mmap.c: initialize align_offset explicitly for vm_unmapped_area
    - scsi: qedi: Fix termination timeouts in session logout
    - serial: uartps: Wait for tx_empty in console setup
    - KVM: Remove CREATE_IRQCHIP/SET_PIT2 race
    - bdev: Reduce time holding bd_mutex in sync in blkdev_close()
    - drivers: char: tlclk.c: Avoid data race between init and interrupt handler
    - staging:r8188eu: avoid skb_clone for amsdu to msdu conversion
    - sparc64: vcc: Fix error return code in vcc_probe()
    - arm64: cpufeature: Relax checks for AArch32 support at EL[0-2]
    - dt-bindings: sound: wm8994: Correct required supplies based on actual
      implementaion
    - atm: fix a memory leak of vcc->user_back
    - power: supply: max17040: Correct voltage reading
    - phy: samsung: s5pv210-usb2: Add delay after reset
    - Bluetooth: Handle Inquiry Cancel error after Inquiry Complete
    - USB: EHCI: ehci-mv: fix error handling in mv_ehci_probe()
    - tty: serial: samsung: Correct clock selection logic
    - ALSA: hda: Fix potential race in unsol event handler
    - powerpc/traps: Make unrecoverable NMIs die instead of panic
    - fuse: don't check refcount after stealing page
    - USB: EHCI: ehci-mv: fix less than zero comparison of an unsigned int
    - arm64/cpufeature: Drop TraceFilt feature exposure from ID_DFR0 register
    - e1000: Do not perform reset in reset_task if we are already down
    - drm/nouveau/debugfs: fix runtime pm imbalance on error
    - printk: handle blank console arguments passed in.
    - usb: dwc3: Increase timeout for CmdAct cleared by device controller
    - btrfs: don't force read-only after error in drop snapshot
    - vfio/pci: fix memory leaks of eventfd ctx
    - perf util: Fix memory leak of prefix_if_not_in
    - perf kcore_copy: Fix module map when there are no modules loaded
    - mtd: rawnand: omap_elm: Fix runtime PM imbalance on error
    - ceph: fix potential race in ceph_check_caps
    - mm/swap_state: fix a data race in swapin_nr_pages
    - rapidio: avoid data race between file operation callbacks and
      mport_cdev_add().
    - mtd: parser: cmdline: Support MTD names containing one or more colons
    - x86/speculation/mds: Mark mds_user_clear_cpu_buffers() __always_inline
    - vfio/pci: Clear error and request eventfd ctx after releasing
    - cifs: Fix double add page to memcg when cifs_readpages
    - scsi: libfc: Handling of extra kref
    - scsi: libfc: Skip additional kref updating work event
    - selftests/x86/syscall_nt: Clear weird flags after each test
    - vfio/pci: fix racy on error and request eventfd ctx
    - btrfs: qgroup: fix data leak caused by race between writeback and truncate
    - s390/init: add missing __init annotations
    - i2c: core: Call i2c_acpi_install_space_handler() before
      i2c_acpi_register_devices()
    - objtool: Fix noreturn detection for ignored functions
    - ieee802154: fix one possible memleak in ca8210_dev_com_init
    - ieee802154/adf7242: check status of adf7242_read_reg
    - clocksource/drivers/h8300_timer8: Fix wrong return value in
      h8300_8timer_init()
    - batman-adv: bla: fix type misuse for backbone_gw hash indexing
    - atm: eni: fix the missed pci_disable_device() for eni_init_one()
    - batman-adv: mcast/TT: fix wrongly dropped or rerouted packets
    - mac802154: tx: fix use-after-free
    - drm/vc4/vc4_hdmi: fill ASoC card owner
    - net: qed: RDMA personality shouldn't fail VF load
    - batman-adv: Add missing include for in_interrupt()
    - batman-adv: mcast: fix duplicate mcast packets in BLA backbone from mesh
    - ALSA: asihpi: fix iounmap in error handler
    - MIPS: Add the missing 'CPU_1074K' into __get_cpu_type()
    - s390/dasd: Fix zero write for FBA devices
    - kprobes: Fix to check probe enabled before disarm_kprobe_ftrace()
    - mm, THP, swap: fix allocating cluster for swapfile by mistake
    - lib/string.c: implement stpcpy
    - ata: define AC_ERR_OK
    - ata: make qc_prep return ata_completion_errors
    - ata: sata_mv, avoid trigerrable BUG_ON
    - media: mc-device.c: fix memleak in media_device_register_entity
    - tpm_crb: fix fTPM on AMD Zen+ CPUs
    - RDMA/qedr: Fix potential use after free
    - fix dget_parent() fastpath race
    - scsi: pm80xx: Cleanup command when a reset times out
    - ASoC: max98090: remove msleep in PLL unlocked workaround
    - ipv6_route_seq_next should increase position index
    - scsi: ufs: Fix a race condition in the tracing code
    - s390/cpum_sf: Use kzalloc and minor changes
    - ceph: ensure we have a new cap before continuing in fill_inode
    - mm/swapfile.c: swap_next should increase position index
    - dmaengine: stm32-mdma: use vchan_terminate_vdesc() in .terminate_all
    - dmaengine: stm32-dma: use vchan_terminate_vdesc() in .terminate_all
    - drm/amd/display: dal_ddc_i2c_payloads_create can fail causing panic
    - firmware: arm_sdei: Use cpus_read_lock() to avoid races with cpuhp
    - random: fix data races at timer_rand_state
    - bus: hisi_lpc: Fixup IO ports addresses to avoid use-after-free in host
      removal
    - perf jevents: Fix leak of mapfile memory
    - xfs: mark dir corrupt when lookup-by-hash fails
    - rtc: sa1100: fix possible race condition
    - nfsd: Don't add locks to closed or closing open stateids
    - KVM: PPC: Book3S HV: Treat TM-related invalid form instructions on P9 like
      the valid ones
    - thermal: rcar_thermal: Handle probe error gracefully
    - nvme: Fix controller creation races with teardown flow
    - scsi: hpsa: correct race condition in offload enabled
    - PCI: Use ioremap(), not phys_to_virt() for platform ROM
    - KVM: arm64: vgic-its: Fix memory leak on the error path of vgic_add_lpi()
    - net: openvswitch: use u64 for meter bucket
    - scsi: aacraid: Fix error handling paths in aac_probe_one()
    - scsi: cxlflash: Fix error return code in cxlflash_probe()
    - drm/nouveau: fix runtime pm imbalance on error
    - perf evsel: Fix 2 memory leaks
    - perf stat: Fix duration_time value for higher intervals
    - perf metricgroup: Free metric_events on error
    - ASoC: img-i2s-out: Fix runtime PM imbalance on error
    - wlcore: fix runtime pm imbalance in wl1271_tx_work
    - nvme: fix possible deadlock when I/O is blocked
    - net: openvswitch: use div_u64() for 64-by-32 divisions
    - nvme: explicitly update mpath disk capacity on revalidation
    - ASoC: wm8994: Skip setting of the WM8994_MICBIAS register for WM1811
    - drm/amdkfd: fix a memory leak issue
    - batman-adv: mcast: fix duplicate mcast packets from BLA backbone to mesh
    - KVM: x86: Reset MMU context if guest toggles CR4.SMAP or CR4.PKE
    - KVM: SVM: Add a dedicated INVD intercept routine
    - s390/zcrypt: Fix ZCRYPT_PERDEV_REQCNT ioctl
    - kprobes: Fix compiler warning for !CONFIG_KPROBES_ON_FTRACE
    - KVM: arm64: Assume write fault on S1PTW permission fault on instruction
      fetch
  * bcache: Issues with large IO wait in bch_mca_scan() when shrinker is enabled
    (LP: #1898786)
    - bcache: remove member accessed from struct btree
    - bcache: reap c->btree_cache_freeable from the tail in bch_mca_scan()
    - bcache: reap from tail of c->btree_cache in bch_mca_scan()
  * *-tools-common packages descriptions have typo "PGKVER" (LP: #1898903)
    - [Packaging] Fix typo in -tools template s/PGKVER/PKGVER/
  * [hns3-0901]add hns3_gro_complete for HW GRO process (LP: #1893711)
    - net: hns3: add rx multicast packets statistic
    - net: hns3: minor refactor for hns3_rx_checksum
    - net: hns3: add hns3_gro_complete for HW GRO process
  * mwifiex stops working after kernel upgrade (LP: #1897299)
    - mwifiex: Increase AES key storage size to 256 bits
  * Bionic update: upstream stable patchset 2020-09-30 (LP: #1897977)
    - ARM: dts: socfpga: fix register entry for timer3 on Arria10
    - RDMA/rxe: Fix memleak in rxe_mem_init_user
    - RDMA/rxe: Drop pointless checks in rxe_init_ports
    - scsi: libsas: Set data_dir as DMA_NONE if libata marks qc as NODATA
    - RDMA/core: Fix reported speed and width
    - mmc: sdhci-msm: Add retries when all tuning phases are found valid
    - ARM: dts: BCM5301X: Fixed QSPI compatible string
    - arm64: dts: ns2: Fixed QSPI compatible string
    - ARC: HSDK: wireup perf irq
    - dmaengine: acpi: Put the CSRT table after using it
    - drivers/net/wan/lapbether: Added needed_tailroom
    - NFC: st95hf: Fix memleak in st95hf_in_send_cmd
    - firestream: Fix memleak in fs_open
    - ALSA: hda: Fix 2 channel swapping for Tegra
    - drivers/net/wan/lapbether: Set network_header before transmitting
    - xfs: initialize the shortform attr header padding entry
    - irqchip/eznps: Fix build error for !ARC700 builds
    - drivers/net/wan/hdlc_cisco: Add hard_header_len
    - ARC: [plat-hsdk]: Switch ethernet phy-mode to rgmii-id
    - cpufreq: intel_pstate: Refuse to turn off with HWP enabled
    - ALSA: hda: fix a runtime pm issue in SOF when integrated GPU is disabled
    - gcov: Disable gcov build with GCC 10
    - iio: adc: mcp3422: fix locking scope
    - iio: adc: mcp3422: fix locking on error path
    - iio: adc: ti-ads1015: fix conversion when CONFIG_PM is not set
    - iio:light:ltr501 Fix timestamp alignment issue.
    - iio:accel:bmc150-accel: Fix timestamp alignment and prevent data leak.
    - iio:adc:ti-adc084s021 Fix alignment and data leak issues.
    - iio:adc:ina2xx Fix timestamp alignment issue.
    - iio:adc:max1118 Fix alignment of timestamp and data leak issues
    - iio:adc:ti-adc081c Fix alignment and data leak issues
    - iio:magnetometer:ak8975 Fix alignment and data leak issues.
    - iio:light:max44000 Fix timestamp alignment and prevent data leak.
    - iio:chemical:ccs811: Fix timestamp alignment and prevent data leak.
    - iio: accel: kxsd9: Fix alignment of local buffer.
    - iio:accel:mma7455: Fix timestamp alignment and prevent data leak.
    - iio:accel:mma8452: Fix timestamp alignment and prevent data leak.
    - staging: wlan-ng: fix out of bounds read in prism2sta_probe_usb()
    - btrfs: require only sector size alignment for parent eb bytenr
    - btrfs: fix lockdep splat in add_missing_dev
    - btrfs: fix wrong address when faulting in pages in the search ioctl
    - regulator: push allocation in set_consumer_device_supply() out of lock
    - scsi: target: iscsi: Fix data digest calculation
    - scsi: target: iscsi: Fix hang in iscsit_access_np() when getting
      tpg->np_login_sem
    - rbd: require global CAP_SYS_ADMIN for mapping and unmapping
    - RDMA/rxe: Fix the parent sysfs read when the interface has 15 chars
    - fbcon: remove soft scrollback code
    - fbcon: remove now unusued 'softback_lines' cursor() argument
    - vgacon: remove software scrollback support
    - [Config] updateconfigs for VGACON_SOFT_SCROLLBACK
    - KVM: VMX: Don't freeze guest when event delivery causes an APIC-access exit
    - ARM: dts: vfxxx: Add syscon compatible with OCOTP
    - video: fbdev: fix OOB read in vga_8planes_imageblit()
    - staging: greybus: audio: fix uninitialized value issue
    - usb: core: fix slab-out-of-bounds Read in read_descriptors
    - USB: serial: ftdi_sio: add IDs for Xsens Mti USB converter
    - USB: serial: option: support dynamic Quectel USB compositions
    - USB: serial: option: add support for SIM7070/SIM7080/SIM7090 modules
    - usb: Fix out of sync data toggle if a configured device is reconfigured
    - usb: typec: ucsi: acpi: Check the _DEP dependencies
    - gcov: add support for GCC 10.1
    - gfs2: initialize transaction tr_ailX_lists earlier
    - net: handle the return value of pskb_carve_frag_list() correctly
    - hv_netvsc: Remove "unlikely" from netvsc_select_queue
    - NFSv4.1 handle ERR_DELAY error reclaiming locking state on delegation recall
    - scsi: pm8001: Fix memleak in pm8001_exec_internal_task_abort
    - scsi: libfc: Fix for double free()
    - scsi: lpfc: Fix FLOGI/PLOGI receive race condition in pt2pt discovery
    - spi: spi-loopback-test: Fix out-of-bounds read
    - SUNRPC: stop printk reading past end of string
    - rapidio: Replace 'select' DMAENGINES 'with depends on'
    - nvme-fc: cancel async events before freeing event struct
    - f2fs: fix indefinite loop scanning for free nid
    - i2c: algo: pca: Reapply i2c bus settings after reset
    - spi: Fix memory leak on splited transfers
    - KVM: MIPS: Change the definition of kvm type
    - clk: rockchip: Fix initialization of mux_pll_src_4plls_p
    - Drivers: hv: vmbus: Add timeout to vmbus_wait_for_unload
    - MIPS: SNI: Fix MIPS_L1_CACHE_SHIFT
    - perf test: Free formats for perf pmu parse test
    - fbcon: Fix user font detection test at fbcon_resize().
    - MIPS: SNI: Fix spurious interrupts
    - drm/mediatek: Add exception handing in mtk_drm_probe() if component init
      fail
    - drm/mediatek: Add missing put_device() call in mtk_hdmi_dt_parse_pdata()
    - USB: quirks: Add USB_QUIRK_IGNORE_REMOTE_WAKEUP quirk for BYD zhaoxin
      notebook
    - USB: UAS: fix disconnect by unplugging a hub
    - usblp: fix race between disconnect() and read()
    - i2c: i801: Fix resume bug
    - percpu: fix first chunk size calculation for populated bitmap
    - Input: trackpoint - add new trackpoint variant IDs
    - Input: i8042 - add Entroware Proteus EL07R4 to nomux and reset lists
    - serial: 8250_pci: Add Realtek 816a and 816b
    - ehci-hcd: Move include to keep CRC stable
    - powerpc/dma: Fix dma_map_ops::get_required_mask
    - x86/defconfig: Enable CONFIG_USB_XHCI_HCD=y
    - RDMA/bnxt_re: Do not report transparent vlan from QP1
    - ARM: dts: bcm: HR2: Fixed QSPI compatible string
    - ARM: dts: NSP: Fixed QSPI compatible string
    - netfilter: conntrack: allow sctp hearbeat after connection re-use
    - cpufreq: intel_pstate: Fix intel_pstate_get_hwp_max() for turbo disabled
    - iommu/amd: Do not use IOMMUv2 functionality when SME is active
    - drm/tve200: Stabilize enable/disable
    - drm/msm: Disable preemption on all 5xx targets
    - phy: qcom-qmp: Use correct values for ipq8074 PCIe Gen2 PHY init
    - dsa: Allow forwarding of redirected IGMP traffic
    - RDMA/bnxt_re: Restrict the max_gids to 256
    - regulator: pwm: Fix machine constraints application
    - openrisc: Fix cache API compile issue when not inlining
    - f2fs: Return EOF on unaligned end of file DIO read
    - ASoC: qcom: Set card->owner to avoid warnings
    - perf test: Fix the "signal" test inline assembly
    - x86/boot/compressed: Disable relocation relaxation
  * Bionic update: upstream stable patchset 2020-09-23 (LP: #1896817)
    - HID: core: Correctly handle ReportSize being zero
    - HID: core: Sanitize event code and type when mapping input
    - perf record/stat: Explicitly call out event modifiers in the documentation
    - drm/msm: add shutdown support for display platform_driver
    - hwmon: (applesmc) check status earlier.
    - nvmet: Disable keep-alive timer when kato is cleared to 0h
    - ceph: don't allow setlease on cephfs
    - cpuidle: Fixup IRQ state
    - s390: don't trace preemption in percpu macros
    - xen/xenbus: Fix granting of vmalloc'd memory
    - dmaengine: of-dma: Fix of_dma_router_xlate's of_dma_xlate handling
    - batman-adv: Avoid uninitialized chaddr when handling DHCP
    - batman-adv: Fix own OGM check in aggregated OGMs
    - batman-adv: bla: use netif_rx_ni when not in interrupt context
    - dmaengine: at_hdmac: check return value of of_find_device_by_node() in
      at_dma_xlate()
    - MIPS: mm: BMIPS5000 has inclusive physical caches
    - MIPS: BMIPS: Also call bmips_cpu_setup() for secondary cores
    - netfilter: nf_tables: add NFTA_SET_USERDATA if not null
    - netfilter: nf_tables: incorrect enum nft_list_attributes definition
    - netfilter: nf_tables: fix destination register zeroing
    - net: hns: Fix memleak in hns_nic_dev_probe
    - net: systemport: Fix memleak in bcm_sysport_probe
    - ravb: Fixed to be able to unload modules
    - net: arc_emac: Fix memleak in arc_mdio_probe
    - dmaengine: pl330: Fix burst length if burst size is smaller than bus width
    - bnxt_en: Check for zero dir entries in NVRAM.
    - bnxt_en: Fix PCI AER error recovery flow
    - nvmet-fc: Fix a missed _irqsave version of spin_lock in
      'nvmet_fc_fod_op_done()'
    - perf tools: Correct SNOOPX field offset
    - net: ethernet: mlx4: Fix memory allocation in mlx4_buddy_init()
    - fix regression in "epoll: Keep a reference on files added to the check list"
    - tg3: Fix soft lockup when tg3_reset_task() fails.
    - iommu/vt-d: Serialize IOMMU GCMD register modifications
    - thermal: ti-soc-thermal: Fix bogus thermal shutdowns for omap4430
    - include/linux/log2.h: add missing () around n in roundup_pow_of_two()
    - btrfs: drop path before adding new uuid tree entry
    - btrfs: Remove redundant extent_buffer_get in get_old_root
    - btrfs: Remove extraneous extent_buffer_get from tree_mod_log_rewind
    - btrfs: set the lockdep class for log tree extent buffers
    - uaccess: Add non-pagefault user-space read functions
    - uaccess: Add non-pagefault user-space write function
    - btrfs: fix potential deadlock in the search ioctl
    - net: usb: qmi_wwan: add Telit 0x1050 composition
    - usb: qmi_wwan: add D-Link DWM-222 A2 device ID
    - ALSA: ca0106: fix error code handling
    - ALSA: pcm: oss: Remove superfluous WARN_ON() for mulaw sanity check
    - ALSA: hda/hdmi: always check pin power status in i915 pin fixup
    - ALSA: firewire-digi00x: exclude Avid Adrenaline from detection
    - affs: fix basic permission bits to actually work
    - block: allow for_each_bvec to support zero len bvec
    - block: Move SECTOR_SIZE and SECTOR_SHIFT definitions into <linux/blkdev.h>
    - libata: implement ATA_HORKAGE_MAX_TRIM_128M and apply to Sandisks
    - dm cache metadata: Avoid returning cmd->bm wild pointer on error
    - dm thin metadata: Avoid returning cmd->bm wild pointer on error
    - mm: slub: fix conversion of freelist_corrupted()
    - KVM: arm64: Add kvm_extable for vaxorcism code
    - KVM: arm64: Defer guest entry when an asynchronous exception is pending
    - KVM: arm64: Survive synchronous exceptions caused by AT instructions
    - KVM: arm64: Set HCR_EL2.PTW to prevent AT taking synchronous exception
    - checkpatch: fix the usage of capture group ( ... )
    - mm/hugetlb: fix a race between hugetlb sysctl handlers
    - cfg80211: regulatory: reject invalid hints
    - net: usb: Fix uninit-was-stored issue in asix_read_phy_addr()
    - ALSA; firewire-tascam: exclude Tascam FE-8 from detection
    - block: ensure bdi->io_pages is always initialized
    - vfio/pci: Fix SR-IOV VF handling with MMIO blocking
    - bnxt: don't enable NAPI until rings are ready
    - netlabel: fix problems with mapping removal
    - net: usb: dm9601: Add USB ID of Keenetic Plus DSL
    - sctp: not disable bh in the whole sctp_get_port_local()
    - tipc: fix shutdown() of connectionless socket
    - net: disable netpoll on fresh napis
    - scsi: target: tcmu: Fix size in calls to tcmu_flush_dcache_range
    - scsi: target: tcmu: Optimize use of flush_dcache_page
    - selftests/bpf: Fix massive output from test_maps
    - netfilter: nfnetlink: nfnetlink_unicast() reports EAGAIN instead of ENOBUFS
    - perf jevents: Fix suspicious code in fixregex()
    - ext2: don't update mtime on COW faults
    - xfs: don't update mtime on COW faults

[ Ubuntu: 4.15.0-124.127 ]

* Packaging resync (LP: #1786013)
    - update dkms package versions
  * Introduce the new NVIDIA 455 series (LP: #1902093)
    - [Packaging] NVIDIA -- Add the NVIDIA 455 driver

[ Ubuntu: 4.15.0-123.126 ]

* CVE-2020-8694
    - powercap: make attributes only readable by root

[ Ubuntu: 4.15.0-122.124 ]

* bionic/linux: 4.15.0-122.124 -proposed tracker (LP: #1899941)
  * CVE-2020-12351 // CVE-2020-12352 // CVE-2020-24490
    - Bluetooth: Disable High Speed by default
    - Bluetooth: MGMT: Fix not checking if BT_HS is enabled
    - [Config] Disable BlueZ highspeed support
  * CVE-2020-12351
    - Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel
  * CVE-2020-12352
    - Bluetooth: A2MP: Fix not initializing all members

[ Ubuntu: 4.15.0-121.123 ]

* Packaging resync (LP: #1786013)
    - update dkms package versions

-- Khalid Elmously <khalid.elmously@canonical.com>  Thu, 26 Nov 2020 00:45:50 -0500

Changed in linux-kvm (Ubuntu Bionic):
status:	Fix Committed → Fix Released

Po-Hsu Lin (cypressyew) on 2020-12-11

Changed in linux-kvm (Ubuntu):
status:	Confirmed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntulinux-kvm package

CONFIG options for (ipip, sit) should not be built-in to the KVM kernels

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Ubuntu
linux-kvm package