Bug #1930626 “scsi: storvsc: Parameterize number hardware queues...” : Focal (20.04) : Bugs : linux-azure package : Ubuntu

Tim Gardner (timg-tpi) on 2021-06-02

description:

updated

Tim Gardner (timg-tpi) on 2021-06-03

Changed in linux (Ubuntu Focal):
status:	New → Fix Committed
Changed in linux (Ubuntu Groovy):
status:	New → Fix Committed
Changed in linux (Ubuntu Hirsute):
status:	New → Fix Committed

Tim Gardner (timg-tpi) on 2021-06-03

Changed in linux (Ubuntu Impish):
status:	New → Fix Committed

Tim Gardner (timg-tpi) on 2021-06-03

Changed in linux-azure (Ubuntu Focal):
status:	New → Fix Committed
Changed in linux-azure (Ubuntu Groovy):
status:	New → Fix Committed
Changed in linux-azure (Ubuntu Hirsute):
status:	New → Fix Committed
Changed in linux-azure (Ubuntu Impish):
status:	New → Fix Committed
Changed in linux-azure (Ubuntu Focal):
assignee:	nobody → Tim Gardner (timg-tpi)
Changed in linux-azure (Ubuntu Groovy):
assignee:	nobody → Tim Gardner (timg-tpi)
Changed in linux-azure (Ubuntu Hirsute):
assignee:	nobody → Tim Gardner (timg-tpi)
Changed in linux-azure (Ubuntu Impish):
assignee:	nobody → Tim Gardner (timg-tpi)

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2021-06-05:

#1

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-groovy' to 'verification-done-groovy'. If the problem still exists, change the tag 'verification-needed-groovy' to 'verification-failed-groovy'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: verification-needed-groovy

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2021-06-14:

#2

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal' to 'verification-done-focal'. If the problem still exists, change the tag 'verification-needed-focal' to 'verification-failed-focal'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: verification-needed-focal

Revision history for this message

Tim Gardner (timg-tpi) wrote on 2021-06-15:

#3

Installed Focal and Groovy in Azure Basic_A2 instances.

sudo modprobe hv_storvsc storvsc_max_hw_queues=128

This module doesn't do anything without an attached FC transport, but at least the module installed. I'll get MS to do some testing on the right instance type. Marking verified for now.

tags:

added: verification-done-focal verification-done-groovy
removed: verification-needed-focal verification-needed-groovy

Revision history for this message

Launchpad Janitor (janitor) wrote on 2021-06-22:

#4

Download full text (66.3 KiB)

This bug was fixed in the package linux-azure - 5.11.0-1009.9

---------------
linux-azure (5.11.0-1009.9) hirsute; urgency=medium

[ Ubuntu: 5.11.0-22.23 ]

  * UAF on CAN J1939 j1939_can_recv (LP: #1932209)
    - SAUCE: can: j1939: delay release of j1939_priv after synchronize_rcu
  * UAF on CAN BCM bcm_rx_handler (LP: #1931855)
    - SAUCE: can: bcm: delay release of struct bcm_op after synchronize_rcu

linux-azure (5.11.0-1007.7) hirsute; urgency=medium

* hirsute/linux-azure: 5.11.0-1007.7 -proposed tracker (LP: #1930060)

  * build module CONFIG_SND_SOC_INTEL_SOUNDWIRE_SOF_MACH=m for 5.11, 5.13-rc2
    and later (LP: #1921632)
    - [Config] azure: disable soundwire audio mach driver

* scsi: storvsc: Parameterize number hardware queues (LP: #1930626)
- scsi: storvsc: Parameterize number hardware queues

[ Ubuntu: 5.11.0-20.21 ]

  * hirsute/linux: 5.11.0-20.21 -proposed tracker (LP: #1930854)
  * ath11k WIFI not working in proposed kernel 5.11.0-19-generic (LP: #1930637)
    - bus: mhi: core: Download AMSS image from appropriate function

[ Ubuntu: 5.11.0-19.20 ]

  * hirsute/linux: 5.11.0-19.20 -proposed tracker (LP: #1930075)
  * Packaging resync (LP: #1786013)
    - update dkms package versions
  * CVE-2021-33200
    - bpf: Wrap aux data inside bpf_sanitize_info container
    - bpf: Fix mask direction swap upon off reg sign change
    - bpf: No need to simulate speculative domain for immediates
  * AX201 BT will cause system could not enter S0i3 (LP: #1928047)
    - SAUCE: drm/i915: Tweaked Wa_14010685332 for all PCHs
  * CVE-2021-3490
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: verifier: fix ALU32 bounds tracking with
      bitwise ops"
    - gpf: Fix alu32 const subreg bound tracking on bitwise operations
  * CVE-2021-3489
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: prevent writable memory-mapping of read-
      only ringbuf pages"
    - bpf: Prevent writable memory-mapping of read-only ringbuf pages
  * Select correct boot VGA when BIOS doesn't do it properly (LP: #1929217)
    - vgaarb: Use ACPI HID name to find integrated GPU
  * Realtek USB hubs in Dell WD19SC/DC/TB fail to work after exiting s2idle
    (LP: #1928242)
    - USB: Verify the port status when timeout happens during port suspend
  * CVE-2020-26145
    - ath10k: drop fragments with multicast DA for SDIO
    - ath10k: add CCMP PN replay protection for fragmented frames for PCIe
    - ath10k: drop fragments with multicast DA for PCIe
  * CVE-2020-26141
    - ath10k: Fix TKIP Michael MIC verification for PCIe
  * CVE-2020-24587
    - ath11k: Clear the fragment cache during key install
  * CVE-2020-24588
    - mac80211: properly handle A-MSDUs that start with an RFC 1042 header
    - cfg80211: mitigate A-MSDU aggregation attacks
    - mac80211: drop A-MSDUs on old ciphers
    - ath10k: drop MPDU which has discard flag set by firmware for SDIO
  * CVE-2020-26139
    - mac80211: do not accept/forward invalid EAPOL frames
  * CVE-2020-24586 // CVE-2020-24587 // CVE-2020-24587 for such cases.
    - mac80211: extend protection against mixed key and fragment cache attacks
  * CVE-2020-24586 // CVE-2020-24587
    - mac80211: prevent mixed key and fragment cache attac...

This bug was fixed in the package linux-azure - 5.11.0-1009.9

---------------
linux-azure (5.11.0-1009.9) hirsute; urgency=medium

[ Ubuntu: 5.11.0-22.23 ]

* UAF on CAN J1939 j1939_can_recv (LP: #1932209)
    - SAUCE: can: j1939: delay release of j1939_priv after synchronize_rcu
  * UAF on CAN BCM bcm_rx_handler (LP: #1931855)
    - SAUCE: can: bcm: delay release of struct bcm_op after synchronize_rcu

linux-azure (5.11.0-1007.7) hirsute; urgency=medium

* hirsute/linux-azure: 5.11.0-1007.7 -proposed tracker (LP: #1930060)

* build module CONFIG_SND_SOC_INTEL_SOUNDWIRE_SOF_MACH=m for 5.11,  5.13-rc2
    and later (LP: #1921632)
    - [Config] azure: disable soundwire audio mach driver

* scsi: storvsc: Parameterize number hardware queues (LP: #1930626)
    - scsi: storvsc: Parameterize number hardware queues

[ Ubuntu: 5.11.0-20.21 ]

* hirsute/linux: 5.11.0-20.21 -proposed tracker (LP: #1930854)
  * ath11k WIFI not working in proposed kernel 5.11.0-19-generic (LP: #1930637)
    - bus: mhi: core: Download AMSS image from appropriate function

[ Ubuntu: 5.11.0-19.20 ]

* hirsute/linux: 5.11.0-19.20 -proposed tracker (LP: #1930075)
  * Packaging resync (LP: #1786013)
    - update dkms package versions
  * CVE-2021-33200
    - bpf: Wrap aux data inside bpf_sanitize_info container
    - bpf: Fix mask direction swap upon off reg sign change
    - bpf: No need to simulate speculative domain for immediates
  * AX201 BT will cause system could not enter S0i3 (LP: #1928047)
    - SAUCE: drm/i915: Tweaked Wa_14010685332 for all PCHs
  * CVE-2021-3490
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: verifier: fix ALU32 bounds tracking with
      bitwise ops"
    - gpf: Fix alu32 const subreg bound tracking on bitwise operations
  * CVE-2021-3489
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: prevent writable memory-mapping of read-
      only ringbuf pages"
    - bpf: Prevent writable memory-mapping of read-only ringbuf pages
  * Select correct boot VGA when BIOS doesn't do it properly (LP: #1929217)
    - vgaarb: Use ACPI HID name to find integrated GPU
  * Realtek USB hubs in Dell WD19SC/DC/TB fail to work after exiting s2idle
    (LP: #1928242)
    - USB: Verify the port status when timeout happens during port suspend
  * CVE-2020-26145
    - ath10k: drop fragments with multicast DA for SDIO
    - ath10k: add CCMP PN replay protection for fragmented frames for PCIe
    - ath10k: drop fragments with multicast DA for PCIe
  * CVE-2020-26141
    - ath10k: Fix TKIP Michael MIC verification for PCIe
  * CVE-2020-24587
    - ath11k: Clear the fragment cache during key install
  * CVE-2020-24588
    - mac80211: properly handle A-MSDUs that start with an RFC 1042 header
    - cfg80211: mitigate A-MSDU aggregation attacks
    - mac80211: drop A-MSDUs on old ciphers
    - ath10k: drop MPDU which has discard flag set by firmware for SDIO
  * CVE-2020-26139
    - mac80211: do not accept/forward invalid EAPOL frames
  * CVE-2020-24586 // CVE-2020-24587 // CVE-2020-24587 for such cases.
    - mac80211: extend protection against mixed key and fragment cache attacks
  * CVE-2020-24586 // CVE-2020-24587
    - mac80211: prevent mixed key and fragment cache attacks
    - mac80211: add fragment cache to sta_info
    - mac80211: check defrag PN against current frame
    - mac80211: prevent attacks on TKIP/WEP as well
  * CVE-2020-26147
    - mac80211: assure all fragments are encrypted
  * raid10: Block discard is very slow, causing severe delays for mkfs and
    fstrim operations (LP: #1896578)
    - md: add md_submit_discard_bio() for submitting discard bio
    - md/raid10: extend r10bio devs to raid disks
    - md/raid10: pull the code that wait for blocked dev into one function
    - md/raid10: improve raid10 discard request
    - md/raid10: improve discard request for far layout
    - dm raid: remove unnecessary discard limits for raid0 and raid10
  * [SRU][OEM-5.10/H] Fix typec output on AMD Cezanne GPU (LP: #1929646)
    - drm/amd/display: use max lb for latency hiding
  * kvm: properly tear down PV features on hibernate (LP: #1920944)
    - x86/kvm: Fix pr_info() for async PF setup/teardown
    - x86/kvm: Teardown PV features on boot CPU as well
    - x86/kvm: Disable kvmclock on all CPUs on shutdown
    - x86/kvm: Disable all PV features on crash
    - x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline()
  * Add support for AMD wireless button (LP: #1928820)
    - platform/x86: hp-wireless: add AMD's hardware id to the supported list
  * Can't detect intel wifi 6235 (LP: #1920180)
    - SAUCE: iwlwifi: add new pci id for 6235
  * Speed up resume time on HP laptops (LP: #1929048)
    - platform/x86: hp_accel: Avoid invoking _INI to speed up resume
  * Fix kernel panic on Intel Bluetooth (LP: #1928838)
    - Bluetooth: Shutdown controller after workqueues are flushed or cancelled
  * build module CONFIG_SND_SOC_INTEL_SOUNDWIRE_SOF_MACH=m for 5.11,  5.13-rc2
    and later (LP: #1921632)
    - [Config] enable soundwire audio mach driver
  * [SRU] Patch for flicker and glitching on common LCD display panels, intel
    framebuffer (LP: #1925685)
    - drm/i915: Try to use fast+narrow link on eDP again and fall back to the old
      max strategy on failure
    - drm/i915/dp: Use slow and wide link training for everything
  * Fix screen flickering when two 4K 60Hz monitors are connected to AMD Oland
    GFX (LP: #1928361)
    - drm/radeon/dpm: Disable sclk switching on Oland when two 4K 60Hz monitors
      are connected
  * Display abnormal on the TGL+4k panel machines (LP: #1922885)
    - drm/i915/display: Do not allow DC3CO if PSR SF is enabled
    - drm/i915/display/psr: Disable DC3CO when the PSR2 is used
  * Hirsute update: v5.11.21 upstream stable release (LP: #1929455)
    - Bluetooth: verify AMP hci_chan before amp_destroy
    - bluetooth: eliminate the potential race condition when removing the HCI
      controller
    - net/nfc: fix use-after-free llcp_sock_bind/connect
    - Revert "USB: cdc-acm: fix rounding error in TIOCSSERIAL"
    - usb: roles: Call try_module_get() from usb_role_switch_find_by_fwnode()
    - tty: moxa: fix TIOCSSERIAL jiffies conversions
    - tty: amiserial: fix TIOCSSERIAL permission check
    - USB: serial: usb_wwan: fix TIOCSSERIAL jiffies conversions
    - staging: greybus: uart: fix TIOCSSERIAL jiffies conversions
    - USB: serial: ti_usb_3410_5052: fix TIOCSSERIAL permission check
    - staging: fwserial: fix TIOCSSERIAL jiffies conversions
    - tty: moxa: fix TIOCSSERIAL permission check
    - staging: fwserial: fix TIOCSSERIAL permission check
    - drm: bridge: fix LONTIUM use of mipi_dsi_() functions
    - usb: typec: tcpm: Address incorrect values of tcpm psy for fixed supply
    - usb: typec: tcpm: Address incorrect values of tcpm psy for pps supply
    - usb: typec: tcpm: update power supply once partner accepts
    - usb: xhci-mtk: remove or operator for setting schedule parameters
    - usb: xhci-mtk: improve bandwidth scheduling with TT
    - ASoC: samsung: tm2_wm5110: check of of_parse return value
    - ASoC: Intel: kbl_da7219_max98927: Fix kabylake_ssp_fixup function
    - ASoC: tlv320aic32x4: Register clocks before registering component
    - ASoC: tlv320aic32x4: Increase maximum register in regmap
    - MIPS: pci-mt7620: fix PLL lock check
    - MIPS: pci-rt2880: fix slot 0 configuration
    - FDDI: defxx: Bail out gracefully with unassigned PCI resource for CSR
    - PCI: Allow VPD access for QLogic ISP2722
    - KVM: x86: Defer the MMU unload to the normal path on an global INVPCID
    - PCI: keystone: Let AM65 use the pci_ops defined in pcie-designware-host.c
    - PM / devfreq: Unlock mutex and free devfreq struct in error path
    - soc/tegra: regulators: Fix locking up when voltage-spread is out of range
    - iio: inv_mpu6050: Fully validate gyro and accel scale writes
    - iio: sx9310: Fix write_.._debounce()
    - iio:accel:adis16201: Fix wrong axis assignment that prevents loading
    - iio:adc:ad7476: Fix remove handling
    - iio: sx9310: Fix access to variable DT array
    - sc16is7xx: Defer probe if device read fails
    - phy: cadence: Sierra: Fix PHY power_on sequence
    - misc: lis3lv02d: Fix false-positive WARN on various HP models
    - phy: ti: j721e-wiz: Invoke wiz_init() before of_platform_device_create()
    - misc: vmw_vmci: explicitly initialize vmci_notify_bm_set_msg struct
    - misc: vmw_vmci: explicitly initialize vmci_datagram payload
    - selinux: add proper NULL termination to the secclass_map permissions
    - x86, sched: Treat Intel SNC topology as default, COD as exception
    - async_xor: increase src_offs when dropping destination page
    - md/bitmap: wait for external bitmap writes to complete during tear down
    - md-cluster: fix use-after-free issue when removing rdev
    - md: split mddev_find
    - md: factor out a mddev_find_locked helper from mddev_find
    - md: md_open returns -EBUSY when entering racing area
    - md: Fix missing unused status line of /proc/mdstat
    - MIPS: generic: Update node names to avoid unit addresses
    - mt76: mt7615: use ieee80211_free_txskb() in mt7615_tx_token_put()
    - ipw2x00: potential buffer overflow in libipw_wx_set_encodeext()
    - cfg80211: scan: drop entry from hidden_list on overflow
    - rtw88: Fix array overrun in rtw_get_tx_power_params()
    - mt76: fix potential DMA mapping leak
    - FDDI: defxx: Make MMIO the configuration default except for EISA
    - drm/qxl: use ttm bo priorities
    - drm/ingenic: Fix non-OSD mode
    - drm/panfrost: Clear MMU irqs before handling the fault
    - drm/panfrost: Don't try to map pages that are already mapped
    - drm/radeon: fix copy of uninitialized variable back to userspace
    - drm/dp_mst: Revise broadcast msg lct & lcr
    - drm/dp_mst: Set CLEAR_PAYLOAD_ID_TABLE as broadcast
    - drm: bridge: fix ANX7625 use of mipi_dsi_() functions
    - drm: bridge/panel: Cleanup connector on bridge detach
    - drm/amd/display: Reject non-zero src_y and src_x for video planes
    - drm/amdgpu: fix concurrent VM flushes on Vega/Navi v2
    - drm/amdgpu: add new MC firmware for Polaris12 32bit ASIC
    - drm/amdgpu: Init GFX10_ADDR_CONFIG for VCN v3 in DPG mode.
    - ALSA: hda/realtek: Re-order ALC882 Acer quirk table entries
    - ALSA: hda/realtek: Re-order ALC882 Sony quirk table entries
    - ALSA: hda/realtek: Re-order ALC882 Clevo quirk table entries
    - ALSA: hda/realtek: Re-order ALC269 HP quirk table entries
    - ALSA: hda/realtek: Re-order ALC269 Acer quirk table entries
    - ALSA: hda/realtek: Re-order ALC269 Dell quirk table entries
    - ALSA: hda/realtek: Re-order ALC269 ASUS quirk table entries
    - ALSA: hda/realtek: Re-order ALC269 Sony quirk table entries
    - ALSA: hda/realtek: Re-order ALC269 Lenovo quirk table entries
    - ALSA: hda/realtek: Re-order remaining ALC269 quirk table entries
    - ALSA: hda/realtek: Re-order ALC662 quirk table entries
    - ALSA: hda/realtek: Remove redundant entry for ALC861 Haier/Uniwill devices
    - ALSA: hda/realtek: ALC285 Thinkpad jack pin quirk is unreachable
    - ALSA: hda/realtek: Fix speaker amp on HP Envy AiO 32
    - KVM: s390: VSIE: correctly handle MVPG when in VSIE
    - KVM: s390: split kvm_s390_logical_to_effective
    - KVM: s390: fix guarded storage control register handling
    - s390: fix detection of vector enhancements facility 1 vs. vector packed
      decimal facility
    - KVM: s390: VSIE: fix MVPG handling for prefixing and MSO
    - KVM: s390: split kvm_s390_real_to_abs
    - KVM: s390: extend kvm_s390_shadow_fault to return entry pointer
    - KVM: x86/mmu: Alloc page for PDPTEs when shadowing 32-bit NPT with 64-bit
    - KVM: X86: Fix failure to boost kernel lock holder candidate in SEV-ES guests
    - KVM: x86: Remove emulator's broken checks on CR0/CR3/CR4 loads
    - KVM: nSVM: Set the shadow root level to the TDP level for nested NPT
    - KVM: SVM: Don't strip the C-bit from CR2 on #PF interception
    - KVM: SVM: Use online_vcpus, not created_vcpus, to iterate over vCPUs
    - KVM: SVM: Do not set sev->es_active until KVM_SEV_ES_INIT completes
    - KVM: SVM: Do not allow SEV/SEV-ES initialization after vCPUs are created
    - KVM: SVM: Inject #GP on guest MSR_TSC_AUX accesses if RDTSCP unsupported
    - KVM: nVMX: Defer the MMU reload to the normal path on an EPTP switch
    - KVM: nVMX: Truncate bits 63:32 of VMCS field on nested check in !64-bit
    - KVM: nVMX: Truncate base/index GPR value on address calc in !64-bit
    - KVM: arm/arm64: Fix KVM_VGIC_V3_ADDR_TYPE_REDIST read
    - KVM: Destroy I/O bus devices on unregister failure _after_ sync'ing SRCU
    - KVM: Stop looking for coalesced MMIO zones if the bus is destroyed
    - KVM: arm64: Fully zero the vcpu state on reset
    - KVM: arm64: Fix KVM_VGIC_V3_ADDR_TYPE_REDIST_REGION read
    - KVM: selftests: Sync data verify of dirty logging with guest sync
    - KVM: selftests: Always run vCPU thread with blocked SIG_IPI
    - Revert "drivers/net/wan/hdlc_fr: Fix a double free in pvc_xmit"
    - Revert "i3c master: fix missing destroy_workqueue() on error in
      i3c_master_register"
    - mfd: stmpe: Revert "Constify static struct resource"
    - ovl: fix missing revert_creds() on error path
    - usb: gadget: pch_udc: Revert d3cb25a12138 completely
    - Revert "tools/power turbostat: adjust for temperature offset"
    - firmware: xilinx: Fix dereferencing freed memory
    - firmware: xilinx: Remove zynqmp_pm_get_eemi_ops() in
      IS_REACHABLE(CONFIG_ZYNQMP_FIRMWARE)
    - x86/vdso: Use proper modifier for len's format specifier in extract()
    - fpga: fpga-mgr: xilinx-spi: fix error messages on -EPROBE_DEFER
    - crypto: keembay-ocs-aes - Fix error return code in kmb_ocs_aes_probe()
    - crypto: sun8i-ss - fix result memory leak on error path
    - memory: gpmc: fix out of bounds read and dereference on gpmc_cs[]
    - ARM: dts: exynos: correct fuel gauge interrupt trigger level on GT-I9100
    - ARM: dts: exynos: correct fuel gauge interrupt trigger level on P4 Note
      family
    - ARM: dts: exynos: correct fuel gauge interrupt trigger level on Midas family
    - ARM: dts: exynos: correct MUIC interrupt trigger level on Midas family
    - ARM: dts: exynos: correct PMIC interrupt trigger level on Midas family
    - ARM: dts: exynos: correct PMIC interrupt trigger level on Odroid X/U3 family
    - ARM: dts: exynos: correct PMIC interrupt trigger level on P4 Note family
    - ARM: dts: exynos: correct PMIC interrupt trigger level on SMDK5250
    - ARM: dts: exynos: correct PMIC interrupt trigger level on Snow
    - ARM: dts: s5pv210: correct fuel gauge interrupt trigger level on Fascinate
      family
    - ARM: dts: renesas: Add mmc aliases into R-Car Gen2 board dts files
    - arm64: dts: renesas: Add mmc aliases into board dts files
    - bus: ti-sysc: Fix initializing module_pa for modules without sysc register
    - x86/platform/uv: Set section block size for hubless architectures
    - serial: stm32: fix code cleaning warnings and checks
    - serial: stm32: add "_usart" prefix in functions name
    - serial: stm32: fix probe and remove order for dma
    - serial: stm32: Use of_device_get_match_data()
    - serial: stm32: fix startup by enabling usart for reception
    - serial: stm32: fix incorrect characters on console
    - serial: stm32: fix TX and RX FIFO thresholds
    - serial: stm32: fix a deadlock condition with wakeup event
    - serial: stm32: fix wake-up flag handling
    - serial: stm32: fix a deadlock in set_termios
    - serial: liteuart: fix return value check in liteuart_probe()
    - serial: stm32: fix tx dma completion, release channel
    - serial: stm32: call stm32_transmit_chars locked
    - serial: stm32: fix FIFO flush in startup and set_termios
    - serial: stm32: add FIFO flush when port is closed
    - serial: stm32: fix tx_empty condition
    - usb: typec: tcpm: Handle vbus shutoff when in source mode
    - usb: typec: tcpci: Check ROLE_CONTROL while interpreting CC_STATUS
    - usb: typec: tps6598x: Fix return value check in tps6598x_probe()
    - usb: typec: stusb160x: fix return value check in stusb160x_probe()
    - mfd: intel_pmt: Fix nuisance messages and handling of disabled capabilities
    - regmap: set debugfs_name to NULL after it is freed
    - spi: rockchip: avoid objtool warning
    - mtd: rawnand: fsmc: Fix error code in fsmc_nand_probe()
    - mtd: rawnand: brcmnand: fix OOB R/W with Hamming ECC
    - mtd: Handle possible -EPROBE_DEFER from parse_mtd_partitions()
    - mtd: rawnand: qcom: Return actual error code instead of -ENODEV
    - mtd: don't lock when recursively deleting partitions
    - mtd: maps: fix error return code of physmap_flash_remove()
    - ARM: dts: stm32: fix usart 2 & 3 pinconf to wake up with flow control
    - arm64: dts: ti: k3-j721e-main: Update the speed modes supported and their
      itap delay values for MMCSD subsystems
    - iio: adis16480: fix pps mode sampling frequency math
    - arm64: dts: qcom: sc7180: trogdor: Fix trip point config of charger thermal
      zone
    - arm64: dts: qcom: sm8250: Fix level triggered PMU interrupt polarity
    - arm64: dts: qcom: sm8250: Fix timer interrupt to specify EL2 physical timer
    - arm64: dts: qcom: sc7180: Avoid glitching SPI CS at bootup on trogdor
    - arm64: dts: qcom: sdm845: fix number of pins in 'gpio-ranges'
    - arm64: dts: qcom: sm8150: fix number of pins in 'gpio-ranges'
    - arm64: dts: qcom: sm8250: fix number of pins in 'gpio-ranges'
    - arm64: dts: qcom: db845c: fix correct powerdown pin for WSA881x
    - crypto: sun8i-ss - Fix memory leak of object d when dma_iv fails to map
    - spi: stm32: drop devres version of spi_register_master
    - regulator: bd9576: Fix return from bd957x_probe()
    - arm64: dts: renesas: r8a77980: Fix vin4-7 endpoint binding
    - selftests/x86: Add a missing .note.GNU-stack section to thunks_32.S
    - spi: stm32: Fix use-after-free on unbind
    - Drivers: hv: vmbus: Drop error message when 'No request id available'
    - x86/microcode: Check for offline CPUs before requesting new microcode
    - devtmpfs: fix placement of complete() call
    - usb: gadget: pch_udc: Replace cpu_to_le32() by lower_32_bits()
    - usb: gadget: pch_udc: Check if driver is present before calling ->setup()
    - usb: gadget: pch_udc: Check for DMA mapping error
    - usb: gadget: pch_udc: Initialize device pointer before use
    - usb: gadget: pch_udc: Provide a GPIO line used on Intel Minnowboard (v1)
    - crypto: ccp - fix command queuing to TEE ring buffer
    - crypto: qat - don't release uninitialized resources
    - crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init
    - fotg210-udc: Fix DMA on EP0 for length > max packet size
    - fotg210-udc: Fix EP0 IN requests bigger than two packets
    - fotg210-udc: Remove a dubious condition leading to fotg210_done
    - fotg210-udc: Mask GRP2 interrupts we don't handle
    - fotg210-udc: Don't DMA more than the buffer can take
    - fotg210-udc: Complete OUT requests on short packets
    - usb: gadget: s3c: Fix incorrect resources releasing
    - usb: gadget: s3c: Fix the error handling path in 's3c2410_udc_probe()'
    - dt-bindings: serial: stm32: Use 'type: object' instead of false for
      'additionalProperties'
    - mtd: require write permissions for locking and badblock ioctls
    - arm64: dts: renesas: r8a779a0: Fix PMU interrupt
    - arm64: dts: mt8183: Add gce client reg for display subcomponents
    - arm64: dts: mt8173: fix wrong power-domain phandle of pmic
    - bus: qcom: Put child node before return
    - soundwire: bus: Fix device found flag correctly
    - phy: ti: j721e-wiz: Delete "clk_div_sel" clk provider during cleanup
    - phy: ralink: phy-mt7621-pci: fix XTAL bitmask
    - phy: marvell: ARMADA375_USBCLUSTER_PHY should not default to y,
      unconditionally
    - phy: ralink: phy-mt7621-pci: fix return value check in
      mt7621_pci_phy_probe()
    - phy: ingenic: Fix a typo in ingenic_usb_phy_probe()
    - arm64: dts: mediatek: fix reset GPIO level on pumpkin
    - NFSv4.2: fix copy stateid copying for the async copy
    - crypto: poly1305 - fix poly1305_core_setkey() declaration
    - crypto: qat - fix error path in adf_isr_resource_alloc()
    - usb: gadget: aspeed: fix dma map failure
    - USB: gadget: udc: fix wrong pointer passed to IS_ERR() and PTR_ERR()
    - drivers: nvmem: Fix voltage settings for QTI qfprom-efuse
    - driver core: platform: Declare early_platform_cleanup() prototype
    - ARM: dts: qcom: msm8974-lge-nexus5: correct fuel gauge interrupt trigger
      level
    - ARM: dts: qcom: msm8974-samsung-klte: correct fuel gauge interrupt trigger
      level
    - memory: pl353: fix mask of ECC page_size config register
    - soundwire: stream: fix memory leak in stream config error path
    - m68k: mvme147,mvme16x: Don't wipe PCC timer config bits
    - firmware: qcom_scm: Make __qcom_scm_is_call_available() return bool
    - firmware: qcom_scm: Reduce locking section for __get_convention()
    - firmware: qcom_scm: Workaround lack of "is available" call on SC7180
    - iio: adc: Kconfig: make AD9467 depend on ADI_AXI_ADC symbol
    - [Config] updateconfigs for AD9467
    - mtd: rawnand: gpmi: Fix a double free in gpmi_nand_init
    - irqchip/gic-v3: Fix OF_BAD_ADDR error handling
    - staging: comedi: tests: ni_routes_test: Fix compilation error
    - staging: rtl8192u: Fix potential infinite loop
    - staging: fwserial: fix TIOCSSERIAL implementation
    - staging: fwserial: fix TIOCGSERIAL implementation
    - staging: greybus: uart: fix unprivileged TIOCCSERIAL
    - platform/x86: dell-wmi-sysman: Make init_bios_attributes() ACPI object
      parsing more robust
    - soc: qcom: pdr: Fix error return code in pdr_register_listener
    - PM / devfreq: Use more accurate returned new_freq as resume_freq
    - clocksource/drivers/timer-ti-dm: Fix posted mode status check order
    - clocksource/drivers/timer-ti-dm: Add missing set_state_oneshot_stopped
    - clocksource/drivers/ingenic_ost: Fix return value check in
      ingenic_ost_probe()
    - spi: Fix use-after-free with devm_spi_alloc_*
    - spi: fsl: add missing iounmap() on error in of_fsl_spi_probe()
    - soc: qcom: mdt_loader: Validate that p_filesz < p_memsz
    - soc: qcom: mdt_loader: Detect truncated read of segments
    - PM: runtime: Replace inline function pm_runtime_callbacks_present()
    - cpuidle: Fix ARM_QCOM_SPM_CPUIDLE configuration
    - ACPI: CPPC: Replace cppc_attr with kobj_attribute
    - crypto: allwinner - add missing CRYPTO_ prefix
    - crypto: sun8i-ss - Fix memory leak of pad
    - crypto: sa2ul - Fix memory leak of rxd
    - crypto: qat - Fix a double free in adf_create_ring
    - cpufreq: armada-37xx: Fix setting TBG parent for load levels
    - clk: mvebu: armada-37xx-periph: remove .set_parent method for CPU PM clock
    - cpufreq: armada-37xx: Fix the AVS value for load L1
    - clk: mvebu: armada-37xx-periph: Fix switching CPU freq from 250 Mhz to 1 GHz
    - clk: mvebu: armada-37xx-periph: Fix workaround for switching from L1 to L0
    - cpufreq: armada-37xx: Fix driver cleanup when registration failed
    - cpufreq: armada-37xx: Fix determining base CPU frequency
    - spi: spi-zynqmp-gqspi: use wait_for_completion_timeout to make
      zynqmp_qspi_exec_op not interruptible
    - spi: spi-zynqmp-gqspi: add mutex locking for exec_op
    - spi: spi-zynqmp-gqspi: transmit dummy circles by using the controller's
      internal functionality
    - spi: spi-zynqmp-gqspi: fix incorrect operating mode in zynqmp_qspi_read_op
    - spi: fsl-lpspi: Fix PM reference leak in lpspi_prepare_xfer_hardware()
    - usb: gadget: r8a66597: Add missing null check on return from
      platform_get_resource
    - USB: cdc-acm: fix unprivileged TIOCCSERIAL
    - USB: cdc-acm: fix TIOCGSERIAL implementation
    - tty: fix return value for unsupported ioctls
    - tty: fix return value for unsupported termiox ioctls
    - serial: core: return early on unsupported ioctls
    - firmware: qcom-scm: Fix QCOM_SCM configuration
    - node: fix device cleanups in error handling code
    - crypto: chelsio - Read rxchannel-id from firmware
    - usbip: vudc: fix missing unlock on error in usbip_sockfd_store()
    - m68k: Add missing mmap_read_lock() to sys_cacheflush()
    - spi: spi-zynqmp-gqspi: Fix missing unlock on error in zynqmp_qspi_exec_op()
    - memory: renesas-rpc-if: fix possible NULL pointer dereference of resource
    - memory: samsung: exynos5422-dmc: handle clk_set_parent() failure
    - security: keys: trusted: fix TPM2 authorizations
    - platform/x86: pmc_atom: Match all Beckhoff Automation baytrail boards with
      critclk_systems DMI table
    - ARM: dts: aspeed: Rainier: Fix humidity sensor bus address
    - Drivers: hv: vmbus: Use after free in __vmbus_open()
    - spi: spi-zynqmp-gqspi: fix clk_enable/disable imbalance issue
    - spi: spi-zynqmp-gqspi: fix hang issue when suspend/resume
    - spi: spi-zynqmp-gqspi: fix use-after-free in zynqmp_qspi_exec_op
    - spi: spi-zynqmp-gqspi: return -ENOMEM if dma_map_single fails
    - x86/platform/uv: Fix !KEXEC build failure
    - hwmon: (pmbus/pxe1610) don't bail out when not all pages are active
    - PM: hibernate: x86: Use crc32 instead of md5 for hibernation e820 integrity
      check
    - usb: dwc2: Fix host mode hibernation exit with remote wakeup flow.
    - usb: dwc2: Fix hibernation between host and device modes.
    - ttyprintk: Add TTY hangup callback.
    - serial: omap: don't disable rs485 if rts gpio is missing
    - serial: omap: fix rs485 half-duplex filtering
    - xen-blkback: fix compatibility bug with single page rings
    - soc: aspeed: fix a ternary sign expansion bug
    - drm/tilcdc: send vblank event when disabling crtc
    - drm/stm: Fix bus_flags handling
    - drm/amd/display: Fix off by one in hdmi_14_process_transaction()
    - drm/mcde/panel: Inverse misunderstood flag
    - scsi: lpfc: Fix null pointer dereference in lpfc_prep_els_iocb()
    - sched/fair: Fix shift-out-of-bounds in load_balance()
    - printk: limit second loop of syslog_print_all
    - afs: Fix updating of i_mode due to 3rd party change
    - rcu: Remove spurious instrumentation_end() in rcu_nmi_enter()
    - media: vivid: fix assignment of dev->fbuf_out_flags
    - media: saa7134: use sg_dma_len when building pgtable
    - media: saa7146: use sg_dma_len when building pgtable
    - media: omap4iss: return error code when omap4iss_get() failed
    - media: rkisp1: rsz: crash fix when setting src format
    - media: aspeed: fix clock handling logic
    - drm/probe-helper: Check epoch counter in output_poll_execute()
    - media: venus: core: Fix some resource leaks in the error path of
      'venus_probe()'
    - media: platform: sunxi: sun6i-csi: fix error return code of
      sun6i_video_start_streaming()
    - media: m88ds3103: fix return value check in m88ds3103_probe()
    - media: docs: Fix data organization of MEDIA_BUS_FMT_RGB101010_1X30
    - media: [next] staging: media: atomisp: fix memory leak of object flash
    - media: atomisp: Fixed error handling path
    - media: m88rs6000t: avoid potential out-of-bounds reads on arrays
    - media: atomisp: Fix use after free in atomisp_alloc_css_stat_bufs()
    - drm/amdkfd: fix build error with AMD_IOMMU_V2=m
    - of: overlay: fix for_each_child.cocci warnings
    - x86/kprobes: Fix to check non boostable prefixes correctly
    - selftests: fix prepending $(OUTPUT) to $(TEST_PROGS)
    - pata_arasan_cf: fix IRQ check
    - pata_ipx4xx_cf: fix IRQ check
    - sata_mv: add IRQ checks
    - ata: libahci_platform: fix IRQ check
    - seccomp: Fix CONFIG tests for Seccomp_filters
    - nvme-tcp: block BH in sk state_change sk callback
    - nvmet-tcp: fix incorrect locking in state_change sk callback
    - clk: imx: Fix reparenting of UARTs not associated with stdout
    - power: supply: bq25980: Move props from battery node
    - nvme: retrigger ANA log update if group descriptor isn't found
    - media: ccs: Fix sub-device function
    - media: ipu3-cio2: Fix pixel-rate derived link frequency
    - media: i2c: imx219: Move out locking/unlocking of vflip and hflip controls
      from imx219_set_stream
    - media: i2c: imx219: Balance runtime PM use-count
    - media: v4l2-ctrls.c: fix race condition in hdl->requests list
    - media: rkvdec: Do not require all controls to be present in every request
    - vfio/fsl-mc: Re-order vfio_fsl_mc_probe()
    - vfio/pci: Move VGA and VF initialization to functions
    - vfio/pci: Re-order vfio_pci_probe()
    - drm/msm: Fix debugfs deadlock
    - vfio/mdev: Do not allow a mdev_type to have a NULL parent pointer
    - clk: zynqmp: move zynqmp_pll_set_mode out of round_rate callback
    - clk: zynqmp: pll: add set_pll_mode to check condition in zynqmp_pll_enable
    - drm: xlnx: zynqmp: fix a memset in zynqmp_dp_train()
    - clk: qcom: a53-pll: Add missing MODULE_DEVICE_TABLE
    - clk: qcom: apss-ipq-pll: Add missing MODULE_DEVICE_TABLE
    - drm/amd/display: use GFP_ATOMIC in dcn20_resource_construct
    - drm/amd/display: check fb of primary plane
    - drm/radeon: Fix a missing check bug in radeon_dp_mst_detect()
    - clk: uniphier: Fix potential infinite loop
    - scsi: pm80xx: Increase timeout for pm80xx mpi_uninit_check()
    - scsi: pm80xx: Fix potential infinite loop
    - scsi: ufs: ufshcd-pltfrm: Fix deferred probing
    - scsi: hisi_sas: Fix IRQ checks
    - scsi: jazz_esp: Add IRQ check
    - scsi: sun3x_esp: Add IRQ check
    - scsi: sni_53c710: Add IRQ check
    - scsi: ibmvfc: Fix invalid state machine BUG_ON()
    - mailbox: sprd: Introduce refcnt when clients requests/free channels
    - mfd: stm32-timers: Avoid clearing auto reload register
    - nvmet-tcp: fix a segmentation fault during io parsing error
    - nvme-pci: don't simple map sgl when sgls are disabled
    - media: meson-ge2d: fix rotation parameters
    - media: cedrus: Fix H265 status definitions
    - HSI: core: fix resource leaks in hsi_add_client_from_dt()
    - x86/events/amd/iommu: Fix sysfs type mismatch
    - perf/amd/uncore: Fix sysfs type mismatch
    - block/rnbd-clt-sysfs: Remove copy buffer overlap in rnbd_clt_get_path_name
    - sched/debug: Fix cgroup_path[] serialization
    - kthread: Fix PF_KTHREAD vs to_kthread() race
    - ataflop: potential out of bounds in do_format()
    - ataflop: fix off by one in ataflop_probe()
    - drivers/block/null_blk/main: Fix a double free in null_init.
    - xsk: Respect device's headroom and tailroom on generic xmit path
    - HID: plantronics: Workaround for double volume key presses
    - perf symbols: Fix dso__fprintf_symbols_by_name() to return the number of
      printed chars
    - ASoC: Intel: boards: sof-wm8804: add check for PLL setting
    - ASoC: Intel: Skylake: Compile when any configuration is selected
    - RDMA/mlx5: Fix mlx5 rates to IB rates map
    - wilc1000: write value to WILC_INTR2_ENABLE register
    - KVM: x86/mmu: Retry page faults that hit an invalid memslot
    - Bluetooth: avoid deadlock between hci_dev->lock and socket lock
    - net: lapbether: Prevent racing when checking whether the netif is running
    - libbpf: Add explicit padding to bpf_xdp_set_link_opts
    - bpftool: Fix maybe-uninitialized warnings
    - iommu: Check dev->iommu in iommu_dev_xxx functions
    - dma-iommu: use static-key to minimize the impact in the fast-path
    - iommu/dma: Resurrect the "forcedac" option
    - iommu/vt-d: Reject unsupported page request modes
    - selftests/bpf: Re-generate vmlinux.h and BPF skeletons if bpftool changed
    - libbpf: Add explicit padding to btf_dump_emit_type_decl_opts
    - powerpc/mm: Move the linear_mapping_mutex to the ifdef where it is used
    - powerpc/fadump: Mark fadump_calculate_reserve_size as __init
    - powerpc/prom: Mark identical_pvr_fixup as __init
    - MIPS: fix local_irq_{disable,enable} in asmmacro.h
    - ima: Fix the error code for restoring the PCR value
    - inet: use bigger hash table for IP ID generation
    - pinctrl: pinctrl-single: remove unused parameter
    - pinctrl: pinctrl-single: fix pcs_pin_dbg_show() when bits_per_mux is not
      zero
    - MIPS: loongson64: fix bug when PAGE_SIZE > 16KB
    - ASoC: wm8960: Remove bitclk relax condition in wm8960_configure_sysclk
    - iommu/arm-smmu-v3: add bit field SFM into GERROR_ERR_MASK
    - RDMA/mlx5: Fix drop packet rule in egress table
    - IB/isert: Fix a use after free in isert_connect_request
    - powerpc: Fix HAVE_HARDLOCKUP_DETECTOR_ARCH build configuration
    - MIPS/bpf: Enable bpf_probe_read{, str}() on MIPS again
    - gpio: guard gpiochip_irqchip_add_domain() with GPIOLIB_IRQCHIP
    - fs: dlm: fix missing unlock on error in accept_from_sock()
    - ASoC: q6afe-clocks: fix reprobing of the driver
    - ALSA: core: remove redundant spin_lock pair in snd_card_disconnect
    - net: phy: lan87xx: fix access to wrong register of LAN87xx
    - udp: never accept GSO_FRAGLIST packets
    - powerpc/pseries: Only register vio drivers if vio bus exists
    - net/tipc: fix missing destroy_workqueue() on error in tipc_crypto_start()
    - bug: Remove redundant condition check in report_bug
    - RDMA/core: Fix corrupted SL on passive side
    - nfc: pn533: prevent potential memory corruption
    - net: hns3: Limiting the scope of vector_ring_chain variable
    - mips: bmips: fix syscon-reboot nodes
    - KVM: arm64: Fix error return code in init_hyp_mode()
    - iommu/vt-d: Don't set then clear private data in prq_event_thread()
    - iommu: Fix a boundary issue to avoid performance drop
    - iommu/vt-d: Report right snoop capability when using FL for IOVA
    - iommu/vt-d: Report the right page fault address
    - iommu/vt-d: Preset Access/Dirty bits for IOVA over FL
    - iommu/vt-d: Remove WO permissions on second-level paging entries
    - iommu/vt-d: Invalidate PASID cache when root/context entry changed
    - ALSA: usb-audio: Add error checks for usb_driver_claim_interface() calls
    - HID: lenovo: Use brightness_set_blocking callback for setting LEDs
      brightness
    - HID: lenovo: Fix lenovo_led_set_tp10ubkbd() error handling
    - HID: lenovo: Check hid_get_drvdata() returns non NULL in lenovo_event()
    - HID: lenovo: Map mic-mute button to KEY_F20 instead of KEY_MICMUTE
    - KVM: arm64: Initialize VCPU mdcr_el2 before loading it
    - ASoC: simple-card: fix possible uninitialized single_cpu local variable
    - liquidio: Fix unintented sign extension of a left shift of a u16
    - IB/hfi1: Use kzalloc() for mmu_rb_handler allocation
    - powerpc/64s: Fix pte update for kernel memory on radix
    - powerpc/pseries: Add key to flags in pSeries_lpar_hpte_updateboltedpp()
    - powerpc/64s: Use htab_convert_pte_flags() in hash__mark_rodata_ro()
    - powerpc/perf: Fix PMU constraint check for EBB events
    - powerpc: iommu: fix build when neither PCI or IBMVIO is set
    - mac80211: bail out if cipher schemes are invalid
    - perf vendor events amd: Fix broken L2 Cache Hits from L2 HWPF metric
    - RDMA/hns: Fix missing assignment of max_inline_data
    - xfs: fix return of uninitialized value in variable error
    - rtw88: Fix an error code in rtw_debugfs_set_rsvd_page()
    - mt7601u: fix always true expression
    - mt76: mt7615: fix tx skb dma unmap
    - mt76: mt7915: fix tx skb dma unmap
    - mt76: mt7915: fix aggr len debugfs node
    - mt76: mt7615: fix mib stats counter reporting to mac80211
    - mt76: mt7915: fix mib stats counter reporting to mac80211
    - mt76: reduce q->lock hold time
    - mt76: check return value of mt76_txq_send_burst in mt76_txq_schedule_list
    - mt76: mt7915: fix rxrate reporting
    - mt76: mt7915: fix txrate reporting
    - mt76: mt7663: fix when beacon filter is being applied
    - mt76: mt7663s: make all of packets 4-bytes aligned in sdio tx aggregation
    - mt76: mt7663s: fix the possible device hang in high traffic
    - mt76: mt7615: cleanup mcu tx queue in mt7615_dma_reset()
    - mt76: mt7915: bring up the WA event rx queue for band1
    - mt76: mt7915: cleanup mcu tx queue in mt7915_dma_reset()
    - KVM: PPC: Book3S HV P9: Restore host CTRL SPR after guest exit
    - ovl: show "userxattr" in the mount data
    - ovl: invalidate readdir cache on changes to dir with origin
    - RDMA/qedr: Fix error return code in qedr_iw_connect()
    - IB/hfi1: Fix error return code in parse_platform_config()
    - RDMA/bnxt_re: Fix error return code in bnxt_qplib_cq_process_terminal()
    - cxgb4: Fix unintentional sign extension issues
    - net: thunderx: Fix unintentional sign extension issue
    - RDMA/srpt: Fix error return code in srpt_cm_req_recv()
    - RDMA/rtrs-clt: destroy sysfs after removing session from active list
    - i2c: cadence: fix reference leak when pm_runtime_get_sync fails
    - i2c: img-scb: fix reference leak when pm_runtime_get_sync fails
    - i2c: imx-lpi2c: fix reference leak when pm_runtime_get_sync fails
    - i2c: imx: fix reference leak when pm_runtime_get_sync fails
    - i2c: omap: fix reference leak when pm_runtime_get_sync fails
    - i2c: sprd: fix reference leak when pm_runtime_get_sync fails
    - i2c: stm32f7: fix reference leak when pm_runtime_get_sync fails
    - i2c: xiic: fix reference leak when pm_runtime_get_sync fails
    - i2c: cadence: add IRQ check
    - i2c: emev2: add IRQ check
    - i2c: jz4780: add IRQ check
    - i2c: mlxbf: add IRQ check
    - i2c: rcar: make sure irq is not threaded on Gen2 and earlier
    - i2c: rcar: protect against supurious interrupts on V3U
    - i2c: rcar: add IRQ check
    - i2c: sh7760: add IRQ check
    - iwlwifi: rs-fw: don't support stbc for HE 160
    - iwlwifi: dbg: disable ini debug in 9000 family and below
    - powerpc/xive: Drop check on irq_data in xive_core_debug_show()
    - powerpc/xive: Fix xmon command "dxi"
    - powerpc/syscall: Rename syscall_64.c into interrupt.c
    - powerpc/syscall: Change condition to check MSR_RI
    - ASoC: ak5558: correct reset polarity
    - net/mlx5: Fix bit-wise and with zero
    - net/packet: remove data races in fanout operations
    - drm/i915/gvt: Fix error code in intel_gvt_init_device()
    - iommu/amd: Put newline after closing bracket in warning
    - perf beauty: Fix fsconfig generator
    - drm/amdgpu: fix an error code in init_pmu_entry_by_type_and_add()
    - drm/amd/pm: fix error code in smu_set_power_limit()
    - MIPS: pci-legacy: stop using of_pci_range_to_resource
    - powerpc/pseries: extract host bridge from pci_bus prior to bus removal
    - mptcp: fix format specifiers for unsigned int
    - powerpc/smp: Reintroduce cpu_core_mask
    - KVM: x86: dump_vmcs should not assume GUEST_IA32_EFER is valid
    - rtlwifi: 8821ae: upgrade PHY and RF parameters
    - wlcore: fix overlapping snprintf arguments in debugfs
    - i2c: sh7760: fix IRQ error path
    - i2c: mediatek: Fix wrong dma sync flag
    - mwl8k: Fix a double Free in mwl8k_probe_hw
    - netfilter: nft_payload: fix C-VLAN offload support
    - netfilter: nftables_offload: VLAN id needs host byteorder in flow dissector
    - netfilter: nftables_offload: special ethertype handling for VLAN
    - vsock/vmci: log once the failed queue pair allocation
    - libbpf: Initialize the bpf_seq_printf parameters array field by field
    - net: ethernet: ixp4xx: Set the DMA masks explicitly
    - gro: fix napi_gro_frags() Fast GRO breakage due to IP alignment check
    - RDMA/cxgb4: add missing qpid increment
    - RDMA/i40iw: Fix error unwinding when i40iw_hmc_sd_one fails
    - ALSA: usb: midi: don't return -ENOMEM when usb_urb_ep_type_check fails
    - sfc: ef10: fix TX queue lookup in TX event handling
    - vsock/virtio: free queued packets when closing socket
    - net: marvell: prestera: fix port event handling on init
    - net: davinci_emac: Fix incorrect masking of tx and rx error channel
    - mt76: mt7615: fix memleak when mt7615_unregister_device()
    - mt76: mt7915: fix memleak when mt7915_unregister_device()
    - powerpc/pseries/iommu: Fix window size for direct mapping with pmem
    - crypto: ccp: Detect and reject "invalid" addresses destined for PSP
    - net: dsa: mv88e6xxx: Fix off-by-one in VTU devlink region size
    - nfp: devlink: initialize the devlink port attribute "lanes"
    - net: stmmac: fix TSO and TBS feature enabling during driver open
    - net: renesas: ravb: Fix a stuck issue when a lot of frames are received
    - net: phy: intel-xway: enable integrated led functions
    - RDMA/rxe: Fix a bug in rxe_fill_ip_info()
    - RDMA/core: Add CM to restrack after successful attachment to a device
    - powerpc/64: Fix the definition of the fixmap area
    - ath9k: Fix error check in ath9k_hw_read_revisions() for PCI devices
    - ath10k: Fix a use after free in ath10k_htc_send_bundle
    - ath10k: Fix ath10k_wmi_tlv_op_pull_peer_stats_info() unlock without lock
    - wlcore: Fix buffer overrun by snprintf due to incorrect buffer size
    - powerpc/perf: Fix the threshold event selection for memory events in power10
    - powerpc/52xx: Fix an invalid ASM expression ('addi' used instead of 'add')
    - net: phy: marvell: fix m88e1011_set_downshift
    - net: phy: marvell: fix m88e1111_set_downshift
    - net: enetc: fix link error again
    - bnxt_en: fix ternary sign extension bug in bnxt_show_temp()
    - ARM: dts: uniphier: Change phy-mode to RGMII-ID to enable delay pins for
      RTL8211E
    - arm64: dts: uniphier: Change phy-mode to RGMII-ID to enable delay pins for
      RTL8211E
    - net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb
    - selftests: net: mirror_gre_vlan_bridge_1q: Make an FDB entry static
    - selftests: mlxsw: Remove a redundant if statement in tc_flower_scale test
    - bnxt_en: Fix RX consumer index logic in the error path.
    - KVM: VMX: Intercept FS/GS_BASE MSR accesses for 32-bit KVM
    - KVM: SVM: Zero out the VMCB array used to track SEV ASID association
    - KVM: SVM: Free sev_asid_bitmap during init if SEV setup fails
    - KVM: SVM: Disable SEV/SEV-ES if NPT is disabled
    - net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send
    - selftests/bpf: Fix BPF_CORE_READ_BITFIELD() macro
    - selftests/bpf: Fix field existence CO-RE reloc tests
    - selftests/bpf: Fix core_reloc test runner
    - bpf: Fix propagation of 32 bit unsigned bounds from 64 bit bounds
    - RDMA/siw: Fix a use after free in siw_alloc_mr
    - RDMA/bnxt_re: Fix a double free in bnxt_qplib_alloc_res
    - net: bridge: mcast: fix broken length + header check for MRDv6 Adv.
    - net: dsa: mv88e6xxx: Fix 6095/6097/6185 ports in non-SERDES CMODE
    - net:nfc:digital: Fix a double free in digital_tg_recv_dep_req
    - perf tools: Change fields type in perf_record_time_conv
    - perf jit: Let convert_timestamp() to be backwards-compatible
    - perf session: Add swap operation for event TIME_CONV
    - ia64: fix EFI_DEBUG build
    - kfifo: fix ternary sign extension bugs
    - mm/sl?b.c: remove ctor argument from kmem_cache_flags
    - mm: memcontrol: slab: fix obtain a reference to a freeing memcg
    - mm/sparse: add the missing sparse_buffer_fini() in error branch
    - mm/memory-failure: unnecessary amount of unmapping
    - afs: Fix speculative status fetches
    - net: Only allow init netns to set default tcp cong to a restricted algo
    - smp: Fix smp_call_function_single_async prototype
    - Revert "net/sctp: fix race condition in sctp_destroy_sock"
    - sctp: delay auto_asconf init until binding the first addr
    - Linux 5.11.21
  * Fix kdump failures (LP: #1927518)
    - video: hyperv_fb: Add ratelimit on error message
    - Drivers: hv: vmbus: Increase wait time for VMbus unload
    - Drivers: hv: vmbus: Initialize unload_event statically
  * Hirsute update: v5.11.20 upstream stable release (LP: #1928857)
    - bus: mhi: core: Fix check for syserr at power_up
    - bus: mhi: core: Clear configuration from channel context during reset
    - bus: mhi: core: Sanity check values from remote device before use
    - bus: mhi: core: Add missing checks for MMIO register entries
    - bus: mhi: pci_generic: Remove WQ_MEM_RECLAIM flag from state workqueue
    - nitro_enclaves: Fix stale file descriptors on failed usercopy
    - dyndbg: fix parsing file query without a line-range suffix
    - s390/disassembler: increase ebpf disasm buffer size
    - s390/zcrypt: fix zcard and zqueue hot-unplug memleak
    - s390/vfio-ap: fix circular lockdep when setting/clearing crypto masks
    - vhost-vdpa: fix vm_flags for virtqueue doorbell mapping
    - tpm: acpi: Check eventlog signature before using it
    - ACPI: custom_method: fix potential use-after-free issue
    - ACPI: custom_method: fix a possible memory leak
    - ftrace: Handle commands when closing set_ftrace_filter file
    - ARM: 9056/1: decompressor: fix BSS size calculation for LLVM ld.lld
    - arm64: dts: marvell: armada-37xx: add syscon compatible to NB clk node
    - arm64: dts: mt8173: fix property typo of 'phys' in dsi node
    - ecryptfs: fix kernel panic with null dev_name
    - fs/epoll: restore waking from ep_done_scan()
    - reset: add missing empty function reset_control_rearm()
    - mtd: spi-nor: core: Fix an issue of releasing resources during read/write
    - Revert "mtd: spi-nor: macronix: Add support for mx25l51245g"
    - mtd: spinand: core: add missing MODULE_DEVICE_TABLE()
    - mtd: rawnand: atmel: Update ecc_stats.corrected counter
    - mtd: physmap: physmap-bt1-rom: Fix unintentional stack access
    - erofs: add unsupported inode i_format check
    - spi: stm32-qspi: fix pm_runtime usage_count counter
    - spi: spi-ti-qspi: Free DMA resources
    - libceph: allow addrvecs with a single NONE/blank address
    - scsi: qla2xxx: Reserve extra IRQ vectors
    - scsi: lpfc: Fix rmmod crash due to bad ring pointers to abort_iotag
    - scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand()
    - scsi: mpt3sas: Only one vSES is present even when IOC has multi vSES
    - scsi: mpt3sas: Block PCI config access from userspace during reset
    - mmc: uniphier-sd: Fix an error handling path in uniphier_sd_probe()
    - mmc: uniphier-sd: Fix a resource leak in the remove function
    - mmc: sdhci: Check for reset prior to DMA address unmap
    - mmc: sdhci-pci: Fix initialization of some SD cards for Intel BYT-based
      controllers
    - mmc: block: Update ext_csd.cache_ctrl if it was written
    - mmc: block: Issue a cache flush only when it's enabled
    - mmc: core: Do a power cycle when the CMD11 fails
    - mmc: core: Set read only for SD cards with permanent write protect bit
    - mmc: core: Fix hanging on I/O during system suspend for removable cards
    - irqchip/gic-v3: Do not enable irqs when handling spurious interrups
    - cifs: Return correct error code from smb2_get_enc_key
    - cifs: fix out-of-bound memory access when calling smb3_notify() at mount
      point
    - cifs: fix leak in cifs_smb3_do_mount() ctx
    - cifs: detect dead connections only when echoes are enabled.
    - cifs: fix regression when mounting shares with prefix paths
    - smb2: fix use-after-free in smb2_ioctl_query_info()
    - btrfs: handle remount to no compress during compression
    - x86/build: Disable HIGHMEM64G selection for M486SX
    - btrfs: fix metadata extent leak after failure to create subvolume
    - intel_th: pci: Add Rocket Lake CPU support
    - btrfs: fix race between transaction aborts and fsyncs leading to use-after-
      free
    - posix-timers: Preserve return value in clock_adjtime32()
    - fbdev: zero-fill colormap in fbcmap.c
    - cpuidle: tegra: Fix C7 idling state on Tegra114
    - bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first
    - staging: wimax/i2400m: fix byte-order issue
    - spi: ath79: always call chipselect function
    - spi: ath79: remove spi-master setup and cleanup assignment
    - bus: mhi: core: Destroy SBL devices when moving to mission mode
    - bus: mhi: core: Process execution environment changes serially
    - crypto: api - check for ERR pointers in crypto_destroy_tfm()
    - crypto: qat - fix unmap invalid dma address
    - usb: gadget: uvc: add bInterval checking for HS mode
    - usb: webcam: Invalid size of Processing Unit Descriptor
    - x86/sev: Do not require Hypervisor CPUID bit for SEV guests
    - crypto: hisilicon/sec - fixes a printing error
    - genirq/matrix: Prevent allocation counter corruption
    - usb: gadget: f_uac2: validate input parameters
    - usb: gadget: f_uac1: validate input parameters
    - usb: dwc3: gadget: Ignore EP queue requests during bus reset
    - usb: xhci: Fix port minor revision
    - kselftest/arm64: mte: Fix compilation with native compiler
    - ARM: tegra: acer-a500: Rename avdd to vdda of touchscreen node
    - PCI: PM: Do not read power state in pci_enable_device_flags()
    - kselftest/arm64: mte: Fix MTE feature detection
    - ARM: dts: BCM5301X: fix "reg" formatting in /memory node
    - ARM: dts: ux500: Fix up TVK R3 sensors
    - x86/build: Propagate $(CLANG_FLAGS) to $(REALMODE_FLAGS)
    - x86/boot: Add $(CLANG_FLAGS) to compressed KBUILD_CFLAGS
    - efi/libstub: Add $(CLANG_FLAGS) to x86 flags
    - soc/tegra: pmc: Fix completion of power-gate toggling
    - arm64: dts: imx8mq-librem5-r3: Mark buck3 as always on
    - tee: optee: do not check memref size on return from Secure World
    - soundwire: cadence: only prepare attached devices on clock stop
    - perf/arm_pmu_platform: Use dev_err_probe() for IRQ errors
    - perf/arm_pmu_platform: Fix error handling
    - random: initialize ChaCha20 constants with correct endianness
    - usb: xhci-mtk: support quirk to disable usb2 lpm
    - fpga: dfl: pci: add DID for D5005 PAC cards
    - xhci: check port array allocation was successful before dereferencing it
    - xhci: check control context is valid before dereferencing it.
    - xhci: fix potential array out of bounds with several interrupters
    - bus: mhi: core: Clear context for stopped channels from remove()
    - ARM: dts: at91: change the key code of the gpio key
    - tools/power/x86/intel-speed-select: Increase string size
    - platform/x86: ISST: Account for increased timeout in some cases
    - clocksource/drivers/dw_apb_timer_of: Add handling for potential memory leak
    - resource: Prevent irqresource_disabled() from erasing flags
    - spi: dln2: Fix reference leak to master
    - spi: omap-100k: Fix reference leak to master
    - spi: qup: fix PM reference leak in spi_qup_remove()
    - usb: gadget: tegra-xudc: Fix possible use-after-free in tegra_xudc_remove()
    - usb: musb: fix PM reference leak in musb_irq_work()
    - usb: core: hub: Fix PM reference leak in usb_port_resume()
    - usb: dwc3: gadget: Check for disabled LPM quirk
    - tty: n_gsm: check error while registering tty devices
    - intel_th: Consistency and off-by-one fix
    - phy: phy-twl4030-usb: Fix possible use-after-free in twl4030_usb_remove()
    - crypto: sun8i-ss - Fix PM reference leak when pm_runtime_get_sync() fails
    - crypto: sun8i-ce - Fix PM reference leak in sun8i_ce_probe()
    - crypto: stm32/hash - Fix PM reference leak on stm32-hash.c
    - crypto: stm32/cryp - Fix PM reference leak on stm32-cryp.c
    - crypto: sa2ul - Fix PM reference leak in sa_ul_probe()
    - crypto: omap-aes - Fix PM reference leak on omap-aes.c
    - platform/x86: intel_pmc_core: Don't use global pmcdev in quirks
    - spi: sync up initial chipselect state
    - btrfs: do proper error handling in create_reloc_root
    - btrfs: do proper error handling in btrfs_update_reloc_root
    - btrfs: convert logic BUG_ON()'s in replace_path to ASSERT()'s
    - regulator: da9121: automotive variants identity fix
    - drm: Added orientation quirk for OneGX1 Pro
    - drm/qxl: release shadow on shutdown
    - drm/ast: Fix invalid usage of AST_MAX_HWC_WIDTH in cursor atomic_check
    - drm/amd/display: changing sr exit latency
    - drm/amd/display: Fix MPC OGAM power on/off sequence
    - drm/ast: fix memory leak when unload the driver
    - drm/amd/display: Check for DSC support instead of ASIC revision
    - drm/amd/display: Don't optimize bandwidth before disabling planes
    - drm/amd/display: Return invalid state if GPINT times out
    - drm/amdgpu/display: buffer INTERRUPT_LOW_IRQ_CONTEXT interrupt work
    - drm/amd/display/dc/dce/dce_aux: Remove duplicate line causing 'field
      overwritten' issue
    - scsi: lpfc: Fix incorrect dbde assignment when building target abts wqe
    - scsi: lpfc: Fix pt2pt connection does not recover after LOGO
    - scsi: lpfc: Fix status returned in lpfc_els_retry() error exit path
    - scsi: lpfc: Fix PLOGI ACC to be transmit after REG_LOGIN
    - scsi: lpfc: Fix ADISC handling that never frees nodes
    - drm/amdgpu: Fix some unload driver issues
    - sched/pelt: Fix task util_est update filtering
    - sched/topology: fix the issue groups don't span domain->span for NUMA
      diameter > 2
    - kvfree_rcu: Use same set of GFP flags as does single-argument
    - drm/virtio: fix possible leak/unlock virtio_gpu_object_array
    - scsi: target: pscsi: Fix warning in pscsi_complete_cmd()
    - media: ite-cir: check for receive overflow
    - media: drivers: media: pci: sta2x11: fix Kconfig dependency on GPIOLIB
    - media: drivers/media/usb: fix memory leak in zr364xx_probe
    - media: cx23885: add more quirks for reset DMA on some AMD IOMMU
    - media: imx: capture: Return -EPIPE from __capture_legacy_try_fmt()
    - atomisp: don't let it go past pipes array
    - power: supply: bq27xxx: fix power_avg for newer ICs
    - extcon: arizona: Fix some issues when HPDET IRQ fires after the jack has
      been unplugged
    - extcon: arizona: Fix various races on driver unbind
    - media: media/saa7164: fix saa7164_encoder_register() memory leak bugs
    - media: gspca/sq905.c: fix uninitialized variable
    - media: v4l2-ctrls.c: initialize flags field of p_fwht_params
    - power: supply: Use IRQF_ONESHOT
    - backlight: qcom-wled: Use sink_addr for sync toggle
    - backlight: qcom-wled: Fix FSC update issue for WLED5
    - drm/amdgpu: mask the xgmi number of hops reported from psp to kfd
    - drm/amdkfd: Fix UBSAN shift-out-of-bounds warning
    - drm/amdgpu : Fix asic reset regression issue introduce by 8f211fe8ac7c4f
    - drm/amd/pm: fix workload mismatch on vega10
    - drm/amd/display: Fix UBSAN warning for not a valid value for type '_Bool'
    - drm/amd/display: DCHUB underflow counter increasing in some scenarios
    - drm/amd/display: fix dml prefetch validation
    - scsi: qla2xxx: Always check the return value of qla24xx_get_isp_stats()
    - drm/vkms: fix misuse of WARN_ON
    - scsi: qla2xxx: Fix use after free in bsg
    - mmc: sdhci-esdhc-imx: validate pinctrl before use it
    - mmc: sdhci-pci: Add PCI IDs for Intel LKF
    - mmc: sdhci-brcmstb: Remove CQE quirk
    - ata: ahci: Disable SXS for Hisilicon Kunpeng920
    - drm/komeda: Fix bit check to import to value of proper type
    - nvmet: return proper error code from discovery ctrl
    - selftests/resctrl: Enable gcc checks to detect buffer overflows
    - selftests/resctrl: Fix compilation issues for global variables
    - selftests/resctrl: Fix compilation issues for other global variables
    - selftests/resctrl: Clean up resctrl features check
    - selftests/resctrl: Fix missing options "-n" and "-p"
    - selftests/resctrl: Use resctrl/info for feature detection
    - selftests/resctrl: Fix incorrect parsing of iMC counters
    - selftests/resctrl: Fix checking for < 0 for unsigned values
    - power: supply: cpcap-charger: Add usleep to cpcap charger to avoid usb plug
      bounce
    - scsi: smartpqi: Use host-wide tag space
    - scsi: smartpqi: Correct request leakage during reset operations
    - scsi: smartpqi: Add new PCI IDs
    - scsi: scsi_dh_alua: Remove check for ASC 24h in alua_rtpg()
    - media: em28xx: fix memory leak
    - media: vivid: update EDID
    - drm/msm/dp: Fix incorrect NULL check kbot warnings in DP driver
    - clk: socfpga: arria10: Fix memory leak of socfpga_clk on error return
    - power: supply: generic-adc-battery: fix possible use-after-free in
      gab_remove()
    - power: supply: s3c_adc_battery: fix possible use-after-free in
      s3c_adc_bat_remove()
    - media: tc358743: fix possible use-after-free in tc358743_remove()
    - media: adv7604: fix possible use-after-free in adv76xx_remove()
    - media: i2c: adv7511-v4l2: fix possible use-after-free in adv7511_remove()
    - media: i2c: tda1997: Fix possible use-after-free in tda1997x_remove()
    - media: i2c: adv7842: fix possible use-after-free in adv7842_remove()
    - media: platform: sti: Fix runtime PM imbalance in regs_show
    - media: sun8i-di: Fix runtime PM imbalance in deinterlace_start_streaming
    - media: dvb-usb: fix memory leak in dvb_usb_adapter_init
    - media: gscpa/stv06xx: fix memory leak
    - sched/fair: Ignore percpu threads for imbalance pulls
    - drm/msm/mdp5: Configure PP_SYNC_HEIGHT to double the vtotal
    - drm/msm/mdp5: Do not multiply vclk line count by 100
    - drm/amdgpu/ttm: Fix memory leak userptr pages
    - drm/radeon/ttm: Fix memory leak userptr pages
    - drm/amd/display: Fix debugfs link_settings entry
    - drm/amd/display: Fix UBSAN: shift-out-of-bounds warning
    - drm/radeon: don't evict if not initialized
    - drm/amdkfd: Fix cat debugfs hang_hws file causes system crash bug
    - amdgpu: avoid incorrect %hu format string
    - drm/amdgpu/display: fix memory leak for dimgrey cavefish
    - drm/amdgpu: fix NULL pointer dereference
    - scsi: lpfc: Fix crash when a REG_RPI mailbox fails triggering a LOGO
      response
    - scsi: lpfc: Fix reference counting errors in lpfc_cmpl_els_rsp()
    - scsi: lpfc: Fix error handling for mailboxes completed in MBX_POLL mode
    - scsi: lpfc: Remove unsupported mbox PORT_CAPABILITIES logic
    - mfd: intel-m10-bmc: Fix the register access range
    - mfd: da9063: Support SMBus and I2C mode
    - mfd: arizona: Fix rumtime PM imbalance on error
    - scsi: libfc: Fix a format specifier
    - perf: Rework perf_event_exit_event()
    - sched,fair: Alternative sched_slice()
    - block/rnbd-srv: Prevent a deadlock generated by accessing sysfs in parallel
    - block/rnbd-clt: Fix missing a memory free when unloading the module
    - s390/archrandom: add parameter check for s390_arch_random_generate
    - sched,psi: Handle potential task count underflow bugs more gracefully
    - power: supply: cpcap-battery: fix invalid usage of list cursor
    - ALSA: emu8000: Fix a use after free in snd_emu8000_create_mixer
    - ALSA: hda/conexant: Re-order CX5066 quirk table entries
    - ALSA: sb: Fix two use after free in snd_sb_qsound_build
    - ALSA: usb-audio: Explicitly set up the clock selector
    - ALSA: usb-audio: Add dB range mapping for Sennheiser Communications Headset
      PC 8
    - ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 445 G7
    - ALSA: hda/realtek: GA503 use same quirks as GA401
    - ALSA: hda/realtek: fix mic boost on Intel NUC 8
    - ALSA: hda/realtek - Headset Mic issue on HP platform
    - ALSA: hda/realtek: fix static noise on ALC285 Lenovo laptops
    - ALSA: hda/realtek: Add quirk for Intel Clevo PCx0Dx
    - tools/power/turbostat: Fix turbostat for AMD Zen CPUs
    - btrfs: fix race when picking most recent mod log operation for an old root
    - arm64/vdso: Discard .note.gnu.property sections in vDSO
    - Makefile: Move -Wno-unused-but-set-variable out of GCC only block
    - fs: fix reporting supported extra file attributes for statx()
    - virtiofs: fix memory leak in virtio_fs_probe()
    - kcsan, debugfs: Move debugfs file creation out of early init
    - ubifs: Only check replay with inode type to judge if inode linked
    - f2fs: fix error handling in f2fs_end_enable_verity()
    - f2fs: fix to avoid out-of-bounds memory access
    - mlxsw: spectrum_mr: Update egress RIF list before route's action
    - openvswitch: fix stack OOB read while fragmenting IPv4 packets
    - net/sched: sch_frag: fix stack OOB read while fragmenting IPv4 packets
    - NFS: fs_context: validate UDP retrans to prevent shift out-of-bounds
    - NFS: Don't discard pNFS layout segments that are marked for return
    - NFSv4: Don't discard segments marked for return in _pnfs_return_layout()
    - Input: ili210x - add missing negation for touch indication on ili210x
    - jffs2: Fix kasan slab-out-of-bounds problem
    - jffs2: Hook up splice_write callback
    - iommu/vt-d: Force to flush iotlb before creating superpage
    - powerpc/vdso: Separate vvar vma from vdso
    - powerpc/powernv: Enable HAIL (HV AIL) for ISA v3.1 processors
    - powerpc/eeh: Fix EEH handling for hugepages in ioremap space.
    - powerpc/kexec_file: Use current CPU info while setting up FDT
    - powerpc/32: Fix boot failure with CONFIG_STACKPROTECTOR
    - powerpc: fix EDEADLOCK redefinition error in uapi/asm/errno.h
    - powerpc/kvm: Fix PR KVM with KUAP/MEM_KEYS enabled
    - powerpc/kvm: Fix build error when PPC_MEM_KEYS/PPC_PSERIES=n
    - intel_th: pci: Add Alder Lake-M support
    - tpm: efi: Use local variable for calculating final log size
    - tpm: vtpm_proxy: Avoid reading host log when using a virtual device
    - crypto: arm/curve25519 - Move '.fpu' after '.arch'
    - crypto: rng - fix crypto_rng_reset() refcounting when !CRYPTO_STATS
    - md/raid1: properly indicate failure when ending a failed write request
    - dm raid: fix inconclusive reshape layout on fast raid4/5/6 table reload
      sequences
    - fuse: fix write deadlock
    - mm: page_alloc: ignore init_on_free=1 for debug_pagealloc=1
    - exfat: fix erroneous discard when clear cluster bit
    - sfc: farch: fix TX queue lookup in TX flush done handling
    - sfc: farch: fix TX queue lookup in TX event handling
    - rcu/nocb: Fix missed nocb_timer requeue
    - security: commoncap: fix -Wstringop-overread warning
    - Fix misc new gcc warnings
    - jffs2: check the validity of dstlen in jffs2_zlib_compress()
    - smb3: when mounting with multichannel include it in requested capabilities
    - smb3: if max_channels set to more than one channel request multichannel
    - smb3: do not attempt multichannel to server which does not support it
    - Revert 337f13046ff0 ("futex: Allow FUTEX_CLOCK_REALTIME with FUTEX_WAIT op")
    - futex: Do not apply time namespace adjustment on FUTEX_LOCK_PI
    - x86/cpu: Initialize MSR_TSC_AUX if RDTSCP *or* RDPID is supported
    - kbuild: update config_data.gz only when the content of .config is changed
    - ext4: annotate data race in start_this_handle()
    - ext4: annotate data race in jbd2_journal_dirty_metadata()
    - ext4: fix check to prevent false positive report of incorrect used inodes
    - ext4: do not set SB_ACTIVE in ext4_orphan_cleanup()
    - ext4: always panic when errors=panic is specified
    - ext4: fix error code in ext4_commit_super
    - ext4: fix ext4_error_err save negative errno into superblock
    - ext4: fix error return code in ext4_fc_perform_commit()
    - ext4: allow the dax flag to be set and cleared on inline directories
    - ext4: Fix occasional generic/418 failure
    - media: dvbdev: Fix memory leak in dvb_media_device_free()
    - media: dvb-usb: Fix use-after-free access
    - media: dvb-usb: Fix memory leak at error in dvb_usb_device_init()
    - media: staging/intel-ipu3: Fix memory leak in imu_fmt
    - media: staging/intel-ipu3: Fix set_fmt error handling
    - media: staging/intel-ipu3: Fix race condition during set_fmt
    - media: v4l2-ctrls: fix reference to freed memory
    - media: coda: fix macroblocks count control usage
    - media: venus: hfi_parser: Don't initialize parser on v1
    - usb: gadget: dummy_hcd: fix gpf in gadget_setup
    - usb: gadget: Fix double free of device descriptor pointers
    - usb: gadget/function/f_fs string table fix for multiple languages
    - usb: dwc3: gadget: Remove FS bInterval_m1 limitation
    - usb: dwc3: gadget: Fix START_TRANSFER link state check
    - usb: dwc3: core: Do core softreset when switch mode
    - usb: dwc2: Fix session request interrupt handler
    - PCI: dwc: Move iATU detection earlier
    - tty: fix memory leak in vc_deallocate
    - rsi: Use resume_noirq for SDIO
    - tools/power turbostat: Fix offset overflow issue in index converting
    - tracing: Map all PIDs to command lines
    - tracing: Restructure trace_clock_global() to never block
    - dm persistent data: packed struct should have an aligned() attribute too
    - dm space map common: fix division bug in sm_ll_find_free_block()
    - dm integrity: fix missing goto in bitmap_flush_interval error handling
    - dm rq: fix double free of blk_mq_tag_set in dev remove after table load
      fails
    - pinctrl: Ingenic: Add support for read the pin configuration of X1830.
    - lib/vsprintf.c: remove leftover 'f' and 'F' cases from bstr_printf()
    - thermal/drivers/cpufreq_cooling: Fix slab OOB issue
    - thermal/core/fair share: Lock the thermal zone while looping over instances
    - Revert "UBUNTU: SAUCE: Revert "s390/cio: remove pm support from ccw bus
      driver""
    - s390/cio: remove invalid condition on IO_SCH_UNREG
    - Linux 5.11.20
  * Hirsute update: v5.11.20 upstream stable release (LP: #1928857) //
    CVE-2021-20288).
    - libceph: bump CephXAuthenticate encoding version
  * Hirsute update: v5.11.19 upstream stable release (LP: #1928850)
    - mips: Do not include hi and lo in clobber list for R6
    - netfilter: conntrack: Make global sysctls readonly in non-init netns
    - net: usb: ax88179_178a: initialize local variables before use
    - drm/i915: Disable runtime power management during shutdown
    - igb: Enable RSS for Intel I211 Ethernet Controller
    - bpf: Fix masking negation logic upon negative dst register
    - bpf: Fix leakage of uninitialized bpf stack under speculation
    - net: qrtr: Avoid potential use after free in MHI send
    - perf data: Fix error return code in perf_data__create_dir()
    - capabilities: require CAP_SETFCAP to map uid 0
    - perf ftrace: Fix access to pid in array when setting a pid filter
    - tools/cgroup/slabinfo.py: updated to work on current kernel
    - driver core: add a min_align_mask field to struct device_dma_parameters
    - swiotlb: add a IO_TLB_SIZE define
    - swiotlb: factor out an io_tlb_offset helper
    - swiotlb: factor out a nr_slots helper
    - swiotlb: clean up swiotlb_tbl_unmap_single
    - swiotlb: refactor swiotlb_tbl_map_single
    - swiotlb: don't modify orig_addr in swiotlb_tbl_sync_single
    - swiotlb: respect min_align_mask
    - nvme-pci: set min_align_mask
    - ovl: fix leaked dentry
    - ovl: allow upperdir inside lowerdir
    - ALSA: usb-audio: Add MIDI quirk for Vox ToneLab EX
    - ALSA: usb-audio: Fix implicit sync clearance at stopping stream
    - USB: Add reset-resume quirk for WD19's Realtek Hub
    - platform/x86: thinkpad_acpi: Correct thermal sensor allocation
    - perf/core: Fix unconditional security_locked_down() call
    - vfio: Depend on MMU
    - Linux 5.11.19
  * r8152 tx status -71 (LP: #1922651) // Hirsute update: v5.11.19 upstream
    stable release (LP: #1928850)
    - USB: Add LPM quirk for Lenovo ThinkPad USB-C Dock Gen2 Ethernet
  * Hirsute update: v5.11.18 upstream stable release (LP: #1928849)
    - iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_gen2_enqueue_hcmd()
    - drm/amd/display: Update modifier list for gfx10_3
    - mei: me: add Alder Lake P device id.
    - Linux 5.11.18

-- Thadeu Lima de Souza Cascardo <cascardo@canonical.com>  Wed, 16 Jun 2021 22:40:04 -0300

Changed in linux-azure (Ubuntu Hirsute):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2021-06-22:

#5

Download full text (23.2 KiB)

This bug was fixed in the package linux - 5.8.0-59.66

---------------
linux (5.8.0-59.66) groovy; urgency=medium

* UAF on CAN J1939 j1939_can_recv (LP: #1932209)
- SAUCE: can: j1939: delay release of j1939_priv after synchronize_rcu

* UAF on CAN BCM bcm_rx_handler (LP: #1931855)
- SAUCE: can: bcm: delay release of struct bcm_op after synchronize_rcu

linux (5.8.0-57.64) groovy; urgency=medium

* groovy/linux: 5.8.0-57.64 -proposed tracker (LP: #1932047)

  * pmtu.sh from selftests.net in linux ADT test failure with linux/5.8.0-56.63
    (LP: #1931731)
    - net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb

linux (5.8.0-56.63) groovy; urgency=medium

* groovy/linux: 5.8.0-56.63 -proposed tracker (LP: #1930052)

* Packaging resync (LP: #1786013)
- update dkms package versions

* scsi: storvsc: Parameterize number hardware queues (LP: #1930626)
- scsi: storvsc: Parameterize number hardware queues

  * CVE-2021-33200
    - bpf: Wrap aux data inside bpf_sanitize_info container
    - bpf: Fix mask direction swap upon off reg sign change
    - bpf: No need to simulate speculative domain for immediates

  * CVE-2021-3490
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: verifier: fix ALU32 bounds tracking with
      bitwise ops"
    - gpf: Fix alu32 const subreg bound tracking on bitwise operations

  * CVE-2021-3489
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: prevent writable memory-mapping of read-
      only ringbuf pages"
    - bpf: Prevent writable memory-mapping of read-only ringbuf pages

  * Realtek USB hubs in Dell WD19SC/DC/TB fail to work after exiting s2idle
    (LP: #1928242)
    - USB: Verify the port status when timeout happens during port suspend

  * CVE-2020-26145
    - ath10k: drop fragments with multicast DA for SDIO
    - ath10k: add CCMP PN replay protection for fragmented frames for PCIe
    - ath10k: drop fragments with multicast DA for PCIe

* CVE-2020-26141
- ath10k: Fix TKIP Michael MIC verification for PCIe

* CVE-2020-24587
- ath11k: Clear the fragment cache during key install

  * CVE-2020-24588
    - mac80211: properly handle A-MSDUs that start with an RFC 1042 header
    - cfg80211: mitigate A-MSDU aggregation attacks
    - mac80211: drop A-MSDUs on old ciphers
    - ath10k: drop MPDU which has discard flag set by firmware for SDIO

* CVE-2020-26139
- mac80211: do not accept/forward invalid EAPOL frames

* CVE-2020-24586 // CVE-2020-24587 // CVE-2020-24587 for such cases.
- mac80211: extend protection against mixed key and fragment cache attacks

  * CVE-2020-24586 // CVE-2020-24587
    - mac80211: prevent mixed key and fragment cache attacks
    - mac80211: add fragment cache to sta_info
    - mac80211: check defrag PN against current frame
    - mac80211: prevent attacks on TKIP/WEP as well

* CVE-2020-26147
- mac80211: assure all fragments are encrypted

  * raid10: Block discard is very slow, causing severe delays for mkfs and
    fstrim operations (LP: #1896578)
    - md: add md_submit_discard_bio() for submitting discard bio
    - md/raid10: extend r10bio devs to raid disks
    - md/raid10: pull the code that wait for blocked dev into one...

This bug was fixed in the package linux - 5.8.0-59.66

---------------
linux (5.8.0-59.66) groovy; urgency=medium

* UAF on CAN J1939 j1939_can_recv (LP: #1932209)
    - SAUCE: can: j1939: delay release of j1939_priv after synchronize_rcu

* UAF on CAN BCM bcm_rx_handler (LP: #1931855)
    - SAUCE: can: bcm: delay release of struct bcm_op after synchronize_rcu

linux (5.8.0-57.64) groovy; urgency=medium

* groovy/linux: 5.8.0-57.64 -proposed tracker (LP: #1932047)

* pmtu.sh from selftests.net in linux ADT test failure with linux/5.8.0-56.63
    (LP: #1931731)
    - net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb

linux (5.8.0-56.63) groovy; urgency=medium

* groovy/linux: 5.8.0-56.63 -proposed tracker (LP: #1930052)

* Packaging resync (LP: #1786013)
    - update dkms package versions

* scsi: storvsc: Parameterize number hardware queues (LP: #1930626)
    - scsi: storvsc: Parameterize number hardware queues

* CVE-2021-33200
    - bpf: Wrap aux data inside bpf_sanitize_info container
    - bpf: Fix mask direction swap upon off reg sign change
    - bpf: No need to simulate speculative domain for immediates

* CVE-2021-3490
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: verifier: fix ALU32 bounds tracking with
      bitwise ops"
    - gpf: Fix alu32 const subreg bound tracking on bitwise operations

* CVE-2021-3489
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: prevent writable memory-mapping of read-
      only ringbuf pages"
    - bpf: Prevent writable memory-mapping of read-only ringbuf pages

* Realtek USB hubs in Dell WD19SC/DC/TB fail to work after exiting s2idle
    (LP: #1928242)
    - USB: Verify the port status when timeout happens during port suspend

* CVE-2020-26145
    - ath10k: drop fragments with multicast DA for SDIO
    - ath10k: add CCMP PN replay protection for fragmented frames for PCIe
    - ath10k: drop fragments with multicast DA for PCIe

* CVE-2020-26141
    - ath10k: Fix TKIP Michael MIC verification for PCIe

* CVE-2020-24587
    - ath11k: Clear the fragment cache during key install

* CVE-2020-24588
    - mac80211: properly handle A-MSDUs that start with an RFC 1042 header
    - cfg80211: mitigate A-MSDU aggregation attacks
    - mac80211: drop A-MSDUs on old ciphers
    - ath10k: drop MPDU which has discard flag set by firmware for SDIO

* CVE-2020-26139
    - mac80211: do not accept/forward invalid EAPOL frames

* CVE-2020-24586 // CVE-2020-24587 // CVE-2020-24587 for such cases.
    - mac80211: extend protection against mixed key and fragment cache attacks

* CVE-2020-24586 // CVE-2020-24587
    - mac80211: prevent mixed key and fragment cache attacks
    - mac80211: add fragment cache to sta_info
    - mac80211: check defrag PN against current frame
    - mac80211: prevent attacks on TKIP/WEP as well

* CVE-2020-26147
    - mac80211: assure all fragments are encrypted

* raid10: Block discard is very slow, causing severe delays for mkfs and
    fstrim operations (LP: #1896578)
    - md: add md_submit_discard_bio() for submitting discard bio
    - md/raid10: extend r10bio devs to raid disks
    - md/raid10: pull the code that wait for blocked dev into one function
    - md/raid10: improve raid10 discard request
    - md/raid10: improve discard request for far layout
    - dm raid: remove unnecessary discard limits for raid0 and raid10

* [SRU] mpt3sas: only one vSES is handy even IOC has multi vSES (LP: #1926517)
    - scsi: mpt3sas: Only one vSES is present even when IOC has multi vSES

* CVE-2021-23133
    - sctp: delay auto_asconf init until binding the first addr

* kvm: properly tear down PV features on hibernate (LP: #1920944)
    - x86/kvm: Fix pr_info() for async PF setup/teardown
    - x86/kvm: Teardown PV features on boot CPU as well
    - x86/kvm: Disable kvmclock on all CPUs on shutdown
    - x86/kvm: Disable all PV features on crash
    - x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline()

* CVE-2021-31440
    - bpf: Fix propagation of 32 bit unsigned bounds from 64 bit bounds

* Can't detect intel wifi 6235 (LP: #1920180)
    - SAUCE: iwlwifi: add new pci id for 6235

* [SRU] Patch for flicker and glitching on common LCD display panels, intel
    framebuffer (LP: #1925685)
    - drm/i915: Try to use fast+narrow link on eDP again and fall back to the old
      max strategy on failure
    - drm/i915/dp: Use slow and wide link training for everything

* pmtu.sh from net in ubuntu_kernel_selftests failed with no error message
    (LP: #1887661)
    - selftests: pmtu.sh: use $ksft_skip for skipped return code

* IR Remote Keys Repeat Many Times Starting with Kernel 5.8.0-49
    (LP: #1926030)
    - SAUCE: Revert "media: rc: ite-cir: fix min_timeout calculation"
    - SAUCE: Revert "media: rc: fix timeout handling after switch to microsecond
      durations"

* Groovy update: upstream stable patchset 2021-05-20 (LP: #1929132)
    - Input: nspire-keypad - enable interrupts only when opened
    - gpio: sysfs: Obey valid_mask
    - dmaengine: idxd: Fix clobbering of SWERR overflow bit on writeback
    - dmaengine: idxd: fix delta_rec and crc size field for completion record
    - dmaengine: idxd: fix opcap sysfs attribute output
    - dmaengine: idxd: fix wq size store permission state
    - dmaengine: dw: Make it dependent to HAS_IOMEM
    - dmaengine: Fix a double free in dma_async_device_register
    - dmaengine: plx_dma: add a missing put_device() on error path
    - ACPI: x86: Call acpi_boot_table_init() after acpi_table_upgrade()
    - ARM: dts: Drop duplicate sha2md5_fck to fix clk_disable race
    - ARM: dts: Fix moving mmc devices with aliases for omap4 & 5
    - lockdep: Add a missing initialization hint to the "INFO: Trying to register
      non-static key" message
    - arc: kernel: Return -EFAULT if copy_to_user() fails
    - iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_enqueue_hcmd()
    - xfrm: BEET mode doesn't support fragments for inner packets
    - ASoC: max98373: Added 30ms turn on/off time delay
    - gpu/xen: Fix a use after free in xen_drm_drv_init
    - neighbour: Disregard DEAD dst in neigh_update
    - ARM: keystone: fix integer overflow warning
    - ARM: omap1: fix building with clang IAS
    - drm/msm: Fix a5xx/a6xx timestamps
    - ASoC: fsl_esai: Fix TDM slot setup for I2S mode
    - scsi: scsi_transport_srp: Don't block target in SRP_PORT_LOST state
    - iwlwifi: add support for Qu with AX201 device
    - net: ieee802154: stop dump llsec keys for monitors
    - net: ieee802154: forbid monitor for add llsec key
    - net: ieee802154: forbid monitor for del llsec key
    - net: ieee802154: stop dump llsec devs for monitors
    - net: ieee802154: forbid monitor for add llsec dev
    - net: ieee802154: forbid monitor for del llsec dev
    - net: ieee802154: stop dump llsec devkeys for monitors
    - net: ieee802154: forbid monitor for add llsec devkey
    - net: ieee802154: forbid monitor for del llsec devkey
    - net: ieee802154: stop dump llsec seclevels for monitors
    - net: ieee802154: forbid monitor for add llsec seclevel
    - pcnet32: Use pci_resource_len to validate PCI resource
    - mac80211: clear sta->fast_rx when STA removed from 4-addr VLAN
    - virt_wifi: Return micros for BSS TSF values
    - lib: fix kconfig dependency on ARCH_WANT_FRAME_POINTERS
    - Input: s6sy761 - fix coordinate read bit shift
    - Input: i8042 - fix Pegatron C15B ID entry
    - HID: wacom: set EV_KEY and EV_ABS only for non-HID_GENERIC type of devices
    - dm verity fec: fix misaligned RS roots IO
    - readdir: make sure to verify directory entry for legacy interfaces too
    - arm64: fix inline asm in load_unaligned_zeropad()
    - arm64: alternatives: Move length validation in alternative_{insn, endif}
    - vfio/pci: Add missing range check in vfio_pci_mmap
    - riscv: Fix spelling mistake "SPARSEMEM" to "SPARSMEM"
    - scsi: libsas: Reset num_scatter if libata marks qc as NODATA
    - netfilter: flowtable: fix NAT IPv6 offload mangling
    - netfilter: conntrack: do not print icmpv6 as unknown via /proc
    - ice: Fix potential infinite loop when using u8 loop counter
    - libnvdimm/region: Fix nvdimm_has_flush() to handle ND_REGION_ASYNC
    - netfilter: bridge: add pre_exit hooks for ebtable unregistration
    - netfilter: arp_tables: add pre_exit hook for table unregister
    - net: macb: fix the restore of cmp registers
    - net/mlx5e: fix ingress_ifindex check in mlx5e_flower_parse_meta
    - netfilter: nft_limit: avoid possible divide error in nft_limit_init
    - net/mlx5e: Fix setting of RS FEC mode
    - net: davicom: Fix regulator not turned off on failed probe
    - net: sit: Unregister catch-all devices
    - net: ip6_tunnel: Unregister catch-all devices
    - mm: ptdump: fix build failure
    - net: Make tcp_allowed_congestion_control readonly in non-init netns
    - i40e: fix the panic when running bpf in xdpdrv mode
    - ia64: remove duplicate entries in generic_defconfig
    - ia64: tools: remove inclusion of ia64-specific version of errno.h header
    - ibmvnic: avoid calling napi_disable() twice
    - ibmvnic: remove duplicate napi_schedule call in do_reset function
    - ibmvnic: remove duplicate napi_schedule call in open function
    - gro: ensure frag0 meets IP header alignment
    - ARM: OMAP2+: Fix warning for omap_init_time_of()
    - ARM: footbridge: fix PCI interrupt mapping
    - ARM: OMAP2+: Fix uninitialized sr_inst
    - arm64: dts: allwinner: Fix SD card CD GPIO for SOPine systems
    - arm64: dts: allwinner: h6: beelink-gs1: Remove ext. 32 kHz osc reference
    - bpf: Use correct permission flag for mixed signed bounds arithmetic
    - r8169: tweak max read request size for newer chips also in jumbo mtu mode
    - r8169: don't advertise pause in jumbo mode
    - bpf: Ensure off_reg has no mixed signed bounds for all types
    - bpf: Move off_reg into sanitize_ptr_alu
    - ARM: 9071/1: uprobes: Don't hook on thumb instructions
    - bpf: Rework ptr_limit into alu_limit and add common error path
    - bpf: Improve verifier error messages for users
    - bpf: Move sanitize_val_alu out of op switch
    - net: phy: marvell: fix detection of PHY on Topaz switches
    - vhost-vdpa: protect concurrent access to vhost device iotlb
    - gpio: omap: Save and restore sysconfig
    - KEYS: trusted: Fix TPM reservation for seal/unseal
    - pinctrl: lewisburg: Update number of pins in community
    - arm64: dts: allwinner: Revert SD card CD GPIO for Pine64-LTS
    - bpf: Permits pointers on stack for helper calls
    - bpf: Refactor and streamline bounds check into helper
    - bpf: Tighten speculative pointer arithmetic mask
    - perf/x86/intel/uncore: Remove uncore extra PCI dev HSWEP_PCI_PCU_3
    - perf/x86/kvm: Fix Broadwell Xeon stepping in isolation_ucodes[]
    - perf auxtrace: Fix potential NULL pointer dereference
    - perf map: Fix error return code in maps__clone()
    - HID: google: add don USB id
    - HID: alps: fix error return code in alps_input_configured()
    - HID: wacom: Assign boolean values to a bool variable
    - ARM: dts: Fix swapped mmc order for omap3
    - net: geneve: check skb is large enough for IPv4/IPv6 header
    - dmaengine: tegra20: Fix runtime PM imbalance on error
    - s390/entry: save the caller of psw_idle
    - arm64: kprobes: Restore local irqflag if kprobes is cancelled
    - xen-netback: Check for hotplug-status existence before watching
    - cavium/liquidio: Fix duplicate argument
    - kasan: fix hwasan build for gcc
    - csky: change a Kconfig symbol name to fix e1000 build error
    - ia64: fix discontig.c section mismatches
    - ia64: tools: remove duplicate definition of ia64_mf() on ia64
    - x86/crash: Fix crash_setup_memmap_entries() out-of-bounds access
    - net: hso: fix NULL-deref on disconnect regression
    - USB: CDC-ACM: fix poison/unpoison imbalance
    - iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_gen2_enqueue_hcmd()
    - mei: me: add Alder Lake P device id.
    - bpf: Update selftests to reflect new error states
    - mips: Do not include hi and lo in clobber list for R6
    - netfilter: conntrack: Make global sysctls readonly in non-init netns
    - net: usb: ax88179_178a: initialize local variables before use
    - igb: Enable RSS for Intel I211 Ethernet Controller
    - bpf: Fix masking negation logic upon negative dst register
    - bpf: Fix leakage of uninitialized bpf stack under speculation
    - net: qrtr: Avoid potential use after free in MHI send
    - perf data: Fix error return code in perf_data__create_dir()
    - capabilities: require CAP_SETFCAP to map uid 0
    - perf ftrace: Fix access to pid in array when setting a pid filter
    - driver core: add a min_align_mask field to struct device_dma_parameters
    - swiotlb: add a IO_TLB_SIZE define
    - swiotlb: factor out an io_tlb_offset helper
    - swiotlb: factor out a nr_slots helper
    - swiotlb: clean up swiotlb_tbl_unmap_single
    - swiotlb: don't modify orig_addr in swiotlb_tbl_sync_single
    - ovl: fix leaked dentry
    - ovl: allow upperdir inside lowerdir
    - ALSA: usb-audio: Add MIDI quirk for Vox ToneLab EX
    - USB: Add reset-resume quirk for WD19's Realtek Hub
    - platform/x86: thinkpad_acpi: Correct thermal sensor allocation
    - perf/core: Fix unconditional security_locked_down() call
    - vfio: Depend on MMU
    - avoid __memcat_p link failure

* r8152 tx status -71 (LP: #1922651) // Groovy update: upstream stable
    patchset 2021-05-20 (LP: #1929132)
    - USB: Add LPM quirk for Lenovo ThinkPad USB-C Dock Gen2 Ethernet

* Fix kdump failures (LP: #1927518)
    - video: hyperv_fb: Add ratelimit on error message
    - Drivers: hv: vmbus: Increase wait time for VMbus unload
    - Drivers: hv: vmbus: Initialize unload_event statically

* Groovy update: upstream stable patchset 2021-05-13 (LP: #1928386)
    - ALSA: aloop: Fix initialization of controls
    - ALSA: hda/realtek: Fix speaker amp setup on Acer Aspire E1
    - ALSA: hda/conexant: Apply quirk for another HP ZBook G5 model
    - ASoC: intel: atom: Stop advertising non working S24LE support
    - nfc: fix refcount leak in llcp_sock_bind()
    - nfc: fix refcount leak in llcp_sock_connect()
    - nfc: fix memory leak in llcp_sock_connect()
    - nfc: Avoid endless loops caused by repeated llcp_sock_connect()
    - selinux: make nslot handling in avtab more robust
    - xen/evtchn: Change irq_info lock to raw_spinlock_t
    - net: ipv6: check for validity before dereferencing cfg->fc_nlinfo.nlh
    - net: dsa: lantiq_gswip: Let GSWIP automatically set the xMII clock
    - net: dsa: lantiq_gswip: Don't use PHY auto polling
    - net: dsa: lantiq_gswip: Configure all remaining GSWIP_MII_CFG bits
    - drm/i915: Fix invalid access to ACPI _DSM objects
    - ACPI: processor: Fix build when CONFIG_ACPI_PROCESSOR=m
    - IB/hfi1: Fix probe time panic when AIP is enabled with a buggy BIOS
    - LOOKUP_MOUNTPOINT: we are cleaning "jumped" flag too late
    - gcov: re-fix clang-11+ support
    - ia64: fix user_stack_pointer() for ptrace()
    - nds32: flush_dcache_page: use page_mapping_file to avoid races with swapoff
    - ocfs2: fix deadlock between setattr and dio_end_io_write
    - fs: direct-io: fix missing sdio->boundary
    - ethtool: fix incorrect datatype in set_eee ops
    - of: property: fw_devlink: do not link ".*,nr-gpios"
    - parisc: parisc-agp requires SBA IOMMU driver
    - parisc: avoid a warning on u8 cast for cmpxchg on u8 pointers
    - ARM: dts: turris-omnia: configure LED[2]/INTn pin as interrupt pin
    - batman-adv: initialize "struct batadv_tvlv_tt_vlan_data"->reserved field
    - ice: Increase control queue timeout
    - ice: prevent ice_open and ice_stop during reset
    - ice: remove DCBNL_DEVRESET bit from PF state
    - ice: Fix for dereference of NULL pointer
    - ice: Cleanup fltr list in case of allocation issues
    - iwlwifi: pcie: properly set LTR workarounds on 22000 devices
    - net: hso: fix null-ptr-deref during tty device unregistration
    - libbpf: Fix bail out from 'ringbuf_process_ring()' on error
    - bpf: Enforce that struct_ops programs be GPL-only
    - bpf: link: Refuse non-O_RDWR flags in BPF_OBJ_GET
    - ethernet/netronome/nfp: Fix a use after free in nfp_bpf_ctrl_msg_rx
    - libbpf: Only create rx and tx XDP rings when necessary
    - bpf, sockmap: Fix sk->prot unhash op reset
    - net: ensure mac header is set in virtio_net_hdr_to_skb()
    - i40e: Fix sparse warning: missing error code 'err'
    - i40e: Fix sparse error: 'vsi->netdev' could be null
    - i40e: Fix sparse errors in i40e_txrx.c
    - net: sched: sch_teql: fix null-pointer dereference
    - net: sched: fix action overwrite reference counting
    - mac80211: fix TXQ AC confusion
    - net: hsr: Reset MAC header for Tx path
    - net-ipv6: bugfix - raw & sctp - switch to ipv6_can_nonlocal_bind()
    - net: let skb_orphan_partial wake-up waiters.
    - usbip: add sysfs_lock to synchronize sysfs code paths
    - usbip: stub-dev synchronize sysfs code paths
    - usbip: vudc synchronize sysfs code paths
    - usbip: synchronize event handler with sysfs code paths
    - driver core: Fix locking bug in deferred_probe_timeout_work_func()
    - scsi: target: iscsi: Fix zero tag inside a trace event
    - i2c: turn recovery error on init to debug
    - ice: Refactor DCB related variables out of the ice_port_info struct
    - ice: Recognize 860 as iSCSI port in CEE mode
    - xfrm: interface: fix ipv4 pmtu check to honor ip header df
    - xfrm: Use actual socket sk instead of skb socket for xfrm_output_resume
    - regulator: bd9571mwv: Fix AVS and DVFS voltage range
    - ARM: OMAP4: Fix PMIC voltage domains for bionic
    - ARM: OMAP4: PM: update ROM return address for OSWR and OFF
    - net: xfrm: Localize sequence counter per network namespace
    - esp: delete NETIF_F_SCTP_CRC bit from features for esp offload
    - ASoC: SOF: Intel: HDA: fix core status verification
    - ASoC: wm8960: Fix wrong bclk and lrclk with pll enabled for some chips
    - xfrm: Fix NULL pointer dereference on policy lookup
    - virtchnl: Fix layout of RSS structures
    - i40e: Added Asym_Pause to supported link modes
    - i40e: Fix kernel oops when i40e driver removes VF's
    - hostfs: fix memory handling in follow_link()
    - amd-xgbe: Update DMA coherency values
    - sch_red: fix off-by-one checks in red_check_params()
    - arm64: dts: imx8mm/q: Fix pad control of SD1_DATA0
    - xfrm: Provide private skb extensions for segmented and hw offloaded ESP
      packets
    - can: bcm/raw: fix msg_namelen values depending on CAN_REQUIRED_SIZE
    - mlxsw: spectrum: Fix ECN marking in tunnel decapsulation
    - ethernet: myri10ge: Fix a use after free in myri10ge_sw_tso
    - gianfar: Handle error code at MAC address change
    - cxgb4: avoid collecting SGE_QBASE regs during traffic
    - net:tipc: Fix a double free in tipc_sk_mcast_rcv
    - ARM: dts: imx6: pbab01: Set vmmc supply for both SD interfaces
    - net/ncsi: Avoid channel_monitor hrtimer deadlock
    - net: qrtr: Fix memory leak on qrtr_tx_wait failure
    - nfp: flower: ignore duplicate merge hints from FW
    - net: phy: broadcom: Only advertise EEE for supported modes
    - I2C: JZ4780: Fix bug for Ingenic X1000.
    - ASoC: sunxi: sun4i-codec: fill ASoC card owner
    - net/mlx5e: Fix ethtool indication of connector type
    - net/mlx5: Don't request more than supported EQs
    - net/rds: Fix a use after free in rds_message_map_pages
    - xdp: fix xdp_return_frame() kernel BUG throw for page_pool memory model
    - soc/fsl: qbman: fix conflicting alignment attributes
    - i40e: Fix display statistics for veb_tc
    - RDMA/rtrs-clt: Close rtrs client conn before destroying rtrs clt session
      files
    - drm/msm: Set drvdata to NULL when msm_drm_init() fails
    - net: udp: Add support for getsockopt(..., ..., UDP_GRO, ..., ...);
    - mptcp: forbit mcast-related sockopt on MPTCP sockets
    - scsi: ufs: core: Fix task management request completion timeout
    - scsi: ufs: core: Fix wrong Task Tag used in task management request UPIUs
    - net: cls_api: Fix uninitialised struct field bo->unlocked_driver_cb
    - net: macb: restore cmp registers on resume path
    - clk: fix invalid usage of list cursor in register
    - clk: fix invalid usage of list cursor in unregister
    - workqueue: Move the position of debug_work_activate() in __queue_work()
    - s390/cpcmd: fix inline assembly register clobbering
    - perf inject: Fix repipe usage
    - net: openvswitch: conntrack: simplify the return expression of
      ovs_ct_limit_get_default_limit()
    - openvswitch: fix send of uninitialized stack memory in ct limit reply
    - i2c: designware: Adjust bus_freq_hz when refuse high speed mode set
    - tipc: increment the tmp aead refcnt before attaching it
    - net: hns3: clear VF down state bit before request link status
    - net/mlx5: Fix placement of log_max_flow_counter
    - net/mlx5: Fix PPLM register mapping
    - net/mlx5: Fix PBMC register mapping
    - RDMA/cxgb4: check for ipv6 address properly while destroying listener
    - perf report: Fix wrong LBR block sorting
    - i40e: Fix parameters in aq_get_phy_register()
    - RDMA/addr: Be strict with gid size
    - RAS/CEC: Correct ce_add_elem()'s returned values
    - clk: socfpga: fix iomem pointer cast on 64-bit
    - lockdep: Address clang -Wformat warning printing for %hd
    - dt-bindings: net: ethernet-controller: fix typo in NVMEM
    - cfg80211: remove WARN_ON() in cfg80211_sme_connect
    - net: tun: set tun->dev->addr_len during TUNSETLINK processing
    - drivers: net: fix memory leak in atusb_probe
    - drivers: net: fix memory leak in peak_usb_create_dev
    - net: mac802154: Fix general protection fault
    - net: ieee802154: nl-mac: fix check on panid
    - net: ieee802154: fix nl802154 del llsec key
    - net: ieee802154: fix nl802154 del llsec dev
    - net: ieee802154: fix nl802154 add llsec key
    - net: ieee802154: fix nl802154 del llsec devkey
    - net: ieee802154: forbid monitor for set llsec params
    - net: ieee802154: forbid monitor for del llsec seclevel
    - net: ieee802154: stop dump llsec params for monitors
    - interconnect: core: fix error return code of icc_link_destroy()
    - gfs2: Flag a withdraw if init_threads() fails
    - KVM: arm64: Hide system instruction access to Trace registers
    - KVM: arm64: Disable guest access to trace filter controls
    - drm/imx: imx-ldb: fix out of bounds array access warning
    - gfs2: report "already frozen/thawed" errors
    - ftrace: Check if pages were allocated before calling free_pages()
    - tools/kvm_stat: Add restart delay
    - drm/tegra: dc: Don't set PLL clock to 0Hz
    - gpu: host1x: Use different lock classes for each client
    - block: only update parent bi_status when bio fail
    - radix tree test suite: Register the main thread with the RCU library
    - idr test suite: Take RCU read lock in idr_find_test_1
    - idr test suite: Create anchor before launching throbber
    - io_uring: don't mark S_ISBLK async work as unbounded
    - riscv,entry: fix misaligned base for excp_vect_table
    - block: don't ignore REQ_NOWAIT for direct IO
    - perf map: Tighten snprintf() string precision to pass gcc check on some
      32-bit arches
    - net: sfp: relax bitrate-derived mode check
    - net: sfp: cope with SFPs that set both LOS normal and LOS inverted
    - xen/events: fix setting irq affinity
    - perf tools: Use %zd for size_t printf formats on 32-bit

-- Thadeu Lima de Souza Cascardo <cascardo@canonical.com>  Wed, 16 Jun 2021 20:11:21 -0300

Changed in linux (Ubuntu Groovy):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2021-06-22:

#6

Download full text (23.9 KiB)

This bug was fixed in the package linux-azure - 5.8.0-1036.38

---------------
linux-azure (5.8.0-1036.38) groovy; urgency=medium

[ Ubuntu: 5.8.0-59.66 ]

  * UAF on CAN J1939 j1939_can_recv (LP: #1932209)
    - SAUCE: can: j1939: delay release of j1939_priv after synchronize_rcu
  * UAF on CAN BCM bcm_rx_handler (LP: #1931855)
    - SAUCE: can: bcm: delay release of struct bcm_op after synchronize_rcu

[ Ubuntu: 5.8.0-57.64 ]

  * groovy/linux: 5.8.0-57.64 -proposed tracker (LP: #1932047)
  * pmtu.sh from selftests.net in linux ADT test failure with linux/5.8.0-56.63
    (LP: #1931731)
    - net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb

linux-azure (5.8.0-1034.36) groovy; urgency=medium

* groovy/linux-azure: 5.8.0-1034.36 -proposed tracker (LP: #1930041)

  * linux-azure: Add Mana network driver (LP: #1928788)
    - hv_netvsc: Make netvsc/VF binding check both MAC and serial number
    - [Config] azure: CONFIG_MICROSOFT_MANA=m
    - net: mana: Add a driver for Microsoft Azure Network Adapter (MANA)
    - net: mana: remove redundant initialization of variable err
    - net: mana: fix PCI_HYPERV dependency
    - net: mana: Use int to check the return value of mana_gd_poll_cq()

[ Ubuntu: 5.8.0-56.63 ]

  * groovy/linux: 5.8.0-56.63 -proposed tracker (LP: #1930052)
  * Packaging resync (LP: #1786013)
    - update dkms package versions
  * scsi: storvsc: Parameterize number hardware queues (LP: #1930626)
    - scsi: storvsc: Parameterize number hardware queues
  * CVE-2021-33200
    - bpf: Wrap aux data inside bpf_sanitize_info container
    - bpf: Fix mask direction swap upon off reg sign change
    - bpf: No need to simulate speculative domain for immediates
  * CVE-2021-3490
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: verifier: fix ALU32 bounds tracking with
      bitwise ops"
    - gpf: Fix alu32 const subreg bound tracking on bitwise operations
  * CVE-2021-3489
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: prevent writable memory-mapping of read-
      only ringbuf pages"
    - bpf: Prevent writable memory-mapping of read-only ringbuf pages
  * Realtek USB hubs in Dell WD19SC/DC/TB fail to work after exiting s2idle
    (LP: #1928242)
    - USB: Verify the port status when timeout happens during port suspend
  * CVE-2020-26145
    - ath10k: drop fragments with multicast DA for SDIO
    - ath10k: add CCMP PN replay protection for fragmented frames for PCIe
    - ath10k: drop fragments with multicast DA for PCIe
  * CVE-2020-26141
    - ath10k: Fix TKIP Michael MIC verification for PCIe
  * CVE-2020-24587
    - ath11k: Clear the fragment cache during key install
  * CVE-2020-24588
    - mac80211: properly handle A-MSDUs that start with an RFC 1042 header
    - cfg80211: mitigate A-MSDU aggregation attacks
    - mac80211: drop A-MSDUs on old ciphers
    - ath10k: drop MPDU which has discard flag set by firmware for SDIO
  * CVE-2020-26139
    - mac80211: do not accept/forward invalid EAPOL frames
  * CVE-2020-24586 // CVE-2020-24587 // CVE-2020-24587 for such cases.
    - mac80211: extend protection against mixed key and fragment cache attacks
  * CVE-2020-24586 // CVE-2020-24587
    - mac80211: prevent mixed k...

This bug was fixed in the package linux-azure - 5.8.0-1036.38

---------------
linux-azure (5.8.0-1036.38) groovy; urgency=medium

[ Ubuntu: 5.8.0-59.66 ]

* UAF on CAN J1939 j1939_can_recv (LP: #1932209)
    - SAUCE: can: j1939: delay release of j1939_priv after synchronize_rcu
  * UAF on CAN BCM bcm_rx_handler (LP: #1931855)
    - SAUCE: can: bcm: delay release of struct bcm_op after synchronize_rcu

[ Ubuntu: 5.8.0-57.64 ]

* groovy/linux: 5.8.0-57.64 -proposed tracker (LP: #1932047)
  * pmtu.sh from selftests.net in linux ADT test failure with linux/5.8.0-56.63
    (LP: #1931731)
    - net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb

linux-azure (5.8.0-1034.36) groovy; urgency=medium

* groovy/linux-azure: 5.8.0-1034.36 -proposed tracker (LP: #1930041)

* linux-azure: Add Mana network driver (LP: #1928788)
    - hv_netvsc: Make netvsc/VF binding check both MAC and serial number
    - [Config] azure: CONFIG_MICROSOFT_MANA=m
    - net: mana: Add a driver for Microsoft Azure Network Adapter (MANA)
    - net: mana: remove redundant initialization of variable err
    - net: mana: fix PCI_HYPERV dependency
    - net: mana: Use int to check the return value of mana_gd_poll_cq()

[ Ubuntu: 5.8.0-56.63 ]

* groovy/linux: 5.8.0-56.63 -proposed tracker (LP: #1930052)
  * Packaging resync (LP: #1786013)
    - update dkms package versions
  * scsi: storvsc: Parameterize number hardware queues (LP: #1930626)
    - scsi: storvsc: Parameterize number hardware queues
  * CVE-2021-33200
    - bpf: Wrap aux data inside bpf_sanitize_info container
    - bpf: Fix mask direction swap upon off reg sign change
    - bpf: No need to simulate speculative domain for immediates
  * CVE-2021-3490
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: verifier: fix ALU32 bounds tracking with
      bitwise ops"
    - gpf: Fix alu32 const subreg bound tracking on bitwise operations
  * CVE-2021-3489
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: prevent writable memory-mapping of read-
      only ringbuf pages"
    - bpf: Prevent writable memory-mapping of read-only ringbuf pages
  * Realtek USB hubs in Dell WD19SC/DC/TB fail to work after exiting s2idle
    (LP: #1928242)
    - USB: Verify the port status when timeout happens during port suspend
  * CVE-2020-26145
    - ath10k: drop fragments with multicast DA for SDIO
    - ath10k: add CCMP PN replay protection for fragmented frames for PCIe
    - ath10k: drop fragments with multicast DA for PCIe
  * CVE-2020-26141
    - ath10k: Fix TKIP Michael MIC verification for PCIe
  * CVE-2020-24587
    - ath11k: Clear the fragment cache during key install
  * CVE-2020-24588
    - mac80211: properly handle A-MSDUs that start with an RFC 1042 header
    - cfg80211: mitigate A-MSDU aggregation attacks
    - mac80211: drop A-MSDUs on old ciphers
    - ath10k: drop MPDU which has discard flag set by firmware for SDIO
  * CVE-2020-26139
    - mac80211: do not accept/forward invalid EAPOL frames
  * CVE-2020-24586 // CVE-2020-24587 // CVE-2020-24587 for such cases.
    - mac80211: extend protection against mixed key and fragment cache attacks
  * CVE-2020-24586 // CVE-2020-24587
    - mac80211: prevent mixed key and fragment cache attacks
    - mac80211: add fragment cache to sta_info
    - mac80211: check defrag PN against current frame
    - mac80211: prevent attacks on TKIP/WEP as well
  * CVE-2020-26147
    - mac80211: assure all fragments are encrypted
  * raid10: Block discard is very slow, causing severe delays for mkfs and
    fstrim operations (LP: #1896578)
    - md: add md_submit_discard_bio() for submitting discard bio
    - md/raid10: extend r10bio devs to raid disks
    - md/raid10: pull the code that wait for blocked dev into one function
    - md/raid10: improve raid10 discard request
    - md/raid10: improve discard request for far layout
    - dm raid: remove unnecessary discard limits for raid0 and raid10
  * [SRU] mpt3sas: only one vSES is handy even IOC has multi vSES (LP: #1926517)
    - scsi: mpt3sas: Only one vSES is present even when IOC has multi vSES
  * CVE-2021-23133
    - sctp: delay auto_asconf init until binding the first addr
  * kvm: properly tear down PV features on hibernate (LP: #1920944)
    - x86/kvm: Fix pr_info() for async PF setup/teardown
    - x86/kvm: Teardown PV features on boot CPU as well
    - x86/kvm: Disable kvmclock on all CPUs on shutdown
    - x86/kvm: Disable all PV features on crash
    - x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline()
  * CVE-2021-31440
    - bpf: Fix propagation of 32 bit unsigned bounds from 64 bit bounds
  * Can't detect intel wifi 6235 (LP: #1920180)
    - SAUCE: iwlwifi: add new pci id for 6235
  * [SRU] Patch for flicker and glitching on common LCD display panels, intel
    framebuffer (LP: #1925685)
    - drm/i915: Try to use fast+narrow link on eDP again and fall back to the old
      max strategy on failure
    - drm/i915/dp: Use slow and wide link training for everything
  * pmtu.sh from net in ubuntu_kernel_selftests failed with no error message
    (LP: #1887661)
    - selftests: pmtu.sh: use $ksft_skip for skipped return code
  * IR Remote Keys Repeat Many Times Starting with Kernel 5.8.0-49
    (LP: #1926030)
    - SAUCE: Revert "media: rc: ite-cir: fix min_timeout calculation"
    - SAUCE: Revert "media: rc: fix timeout handling after switch to microsecond
      durations"
  * Groovy update: upstream stable patchset 2021-05-20 (LP: #1929132)
    - Input: nspire-keypad - enable interrupts only when opened
    - gpio: sysfs: Obey valid_mask
    - dmaengine: idxd: Fix clobbering of SWERR overflow bit on writeback
    - dmaengine: idxd: fix delta_rec and crc size field for completion record
    - dmaengine: idxd: fix opcap sysfs attribute output
    - dmaengine: idxd: fix wq size store permission state
    - dmaengine: dw: Make it dependent to HAS_IOMEM
    - dmaengine: Fix a double free in dma_async_device_register
    - dmaengine: plx_dma: add a missing put_device() on error path
    - ACPI: x86: Call acpi_boot_table_init() after acpi_table_upgrade()
    - ARM: dts: Drop duplicate sha2md5_fck to fix clk_disable race
    - ARM: dts: Fix moving mmc devices with aliases for omap4 & 5
    - lockdep: Add a missing initialization hint to the "INFO: Trying to register
      non-static key" message
    - arc: kernel: Return -EFAULT if copy_to_user() fails
    - iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_enqueue_hcmd()
    - xfrm: BEET mode doesn't support fragments for inner packets
    - ASoC: max98373: Added 30ms turn on/off time delay
    - gpu/xen: Fix a use after free in xen_drm_drv_init
    - neighbour: Disregard DEAD dst in neigh_update
    - ARM: keystone: fix integer overflow warning
    - ARM: omap1: fix building with clang IAS
    - drm/msm: Fix a5xx/a6xx timestamps
    - ASoC: fsl_esai: Fix TDM slot setup for I2S mode
    - scsi: scsi_transport_srp: Don't block target in SRP_PORT_LOST state
    - iwlwifi: add support for Qu with AX201 device
    - net: ieee802154: stop dump llsec keys for monitors
    - net: ieee802154: forbid monitor for add llsec key
    - net: ieee802154: forbid monitor for del llsec key
    - net: ieee802154: stop dump llsec devs for monitors
    - net: ieee802154: forbid monitor for add llsec dev
    - net: ieee802154: forbid monitor for del llsec dev
    - net: ieee802154: stop dump llsec devkeys for monitors
    - net: ieee802154: forbid monitor for add llsec devkey
    - net: ieee802154: forbid monitor for del llsec devkey
    - net: ieee802154: stop dump llsec seclevels for monitors
    - net: ieee802154: forbid monitor for add llsec seclevel
    - pcnet32: Use pci_resource_len to validate PCI resource
    - mac80211: clear sta->fast_rx when STA removed from 4-addr VLAN
    - virt_wifi: Return micros for BSS TSF values
    - lib: fix kconfig dependency on ARCH_WANT_FRAME_POINTERS
    - Input: s6sy761 - fix coordinate read bit shift
    - Input: i8042 - fix Pegatron C15B ID entry
    - HID: wacom: set EV_KEY and EV_ABS only for non-HID_GENERIC type of devices
    - dm verity fec: fix misaligned RS roots IO
    - readdir: make sure to verify directory entry for legacy interfaces too
    - arm64: fix inline asm in load_unaligned_zeropad()
    - arm64: alternatives: Move length validation in alternative_{insn, endif}
    - vfio/pci: Add missing range check in vfio_pci_mmap
    - riscv: Fix spelling mistake "SPARSEMEM" to "SPARSMEM"
    - scsi: libsas: Reset num_scatter if libata marks qc as NODATA
    - netfilter: flowtable: fix NAT IPv6 offload mangling
    - netfilter: conntrack: do not print icmpv6 as unknown via /proc
    - ice: Fix potential infinite loop when using u8 loop counter
    - libnvdimm/region: Fix nvdimm_has_flush() to handle ND_REGION_ASYNC
    - netfilter: bridge: add pre_exit hooks for ebtable unregistration
    - netfilter: arp_tables: add pre_exit hook for table unregister
    - net: macb: fix the restore of cmp registers
    - net/mlx5e: fix ingress_ifindex check in mlx5e_flower_parse_meta
    - netfilter: nft_limit: avoid possible divide error in nft_limit_init
    - net/mlx5e: Fix setting of RS FEC mode
    - net: davicom: Fix regulator not turned off on failed probe
    - net: sit: Unregister catch-all devices
    - net: ip6_tunnel: Unregister catch-all devices
    - mm: ptdump: fix build failure
    - net: Make tcp_allowed_congestion_control readonly in non-init netns
    - i40e: fix the panic when running bpf in xdpdrv mode
    - ia64: remove duplicate entries in generic_defconfig
    - ia64: tools: remove inclusion of ia64-specific version of errno.h header
    - ibmvnic: avoid calling napi_disable() twice
    - ibmvnic: remove duplicate napi_schedule call in do_reset function
    - ibmvnic: remove duplicate napi_schedule call in open function
    - gro: ensure frag0 meets IP header alignment
    - ARM: OMAP2+: Fix warning for omap_init_time_of()
    - ARM: footbridge: fix PCI interrupt mapping
    - ARM: OMAP2+: Fix uninitialized sr_inst
    - arm64: dts: allwinner: Fix SD card CD GPIO for SOPine systems
    - arm64: dts: allwinner: h6: beelink-gs1: Remove ext. 32 kHz osc reference
    - bpf: Use correct permission flag for mixed signed bounds arithmetic
    - r8169: tweak max read request size for newer chips also in jumbo mtu mode
    - r8169: don't advertise pause in jumbo mode
    - bpf: Ensure off_reg has no mixed signed bounds for all types
    - bpf: Move off_reg into sanitize_ptr_alu
    - ARM: 9071/1: uprobes: Don't hook on thumb instructions
    - bpf: Rework ptr_limit into alu_limit and add common error path
    - bpf: Improve verifier error messages for users
    - bpf: Move sanitize_val_alu out of op switch
    - net: phy: marvell: fix detection of PHY on Topaz switches
    - vhost-vdpa: protect concurrent access to vhost device iotlb
    - gpio: omap: Save and restore sysconfig
    - KEYS: trusted: Fix TPM reservation for seal/unseal
    - pinctrl: lewisburg: Update number of pins in community
    - arm64: dts: allwinner: Revert SD card CD GPIO for Pine64-LTS
    - bpf: Permits pointers on stack for helper calls
    - bpf: Refactor and streamline bounds check into helper
    - bpf: Tighten speculative pointer arithmetic mask
    - perf/x86/intel/uncore: Remove uncore extra PCI dev HSWEP_PCI_PCU_3
    - perf/x86/kvm: Fix Broadwell Xeon stepping in isolation_ucodes[]
    - perf auxtrace: Fix potential NULL pointer dereference
    - perf map: Fix error return code in maps__clone()
    - HID: google: add don USB id
    - HID: alps: fix error return code in alps_input_configured()
    - HID: wacom: Assign boolean values to a bool variable
    - ARM: dts: Fix swapped mmc order for omap3
    - net: geneve: check skb is large enough for IPv4/IPv6 header
    - dmaengine: tegra20: Fix runtime PM imbalance on error
    - s390/entry: save the caller of psw_idle
    - arm64: kprobes: Restore local irqflag if kprobes is cancelled
    - xen-netback: Check for hotplug-status existence before watching
    - cavium/liquidio: Fix duplicate argument
    - kasan: fix hwasan build for gcc
    - csky: change a Kconfig symbol name to fix e1000 build error
    - ia64: fix discontig.c section mismatches
    - ia64: tools: remove duplicate definition of ia64_mf() on ia64
    - x86/crash: Fix crash_setup_memmap_entries() out-of-bounds access
    - net: hso: fix NULL-deref on disconnect regression
    - USB: CDC-ACM: fix poison/unpoison imbalance
    - iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_gen2_enqueue_hcmd()
    - mei: me: add Alder Lake P device id.
    - bpf: Update selftests to reflect new error states
    - mips: Do not include hi and lo in clobber list for R6
    - netfilter: conntrack: Make global sysctls readonly in non-init netns
    - net: usb: ax88179_178a: initialize local variables before use
    - igb: Enable RSS for Intel I211 Ethernet Controller
    - bpf: Fix masking negation logic upon negative dst register
    - bpf: Fix leakage of uninitialized bpf stack under speculation
    - net: qrtr: Avoid potential use after free in MHI send
    - perf data: Fix error return code in perf_data__create_dir()
    - capabilities: require CAP_SETFCAP to map uid 0
    - perf ftrace: Fix access to pid in array when setting a pid filter
    - driver core: add a min_align_mask field to struct device_dma_parameters
    - swiotlb: add a IO_TLB_SIZE define
    - swiotlb: factor out an io_tlb_offset helper
    - swiotlb: factor out a nr_slots helper
    - swiotlb: clean up swiotlb_tbl_unmap_single
    - swiotlb: don't modify orig_addr in swiotlb_tbl_sync_single
    - ovl: fix leaked dentry
    - ovl: allow upperdir inside lowerdir
    - ALSA: usb-audio: Add MIDI quirk for Vox ToneLab EX
    - USB: Add reset-resume quirk for WD19's Realtek Hub
    - platform/x86: thinkpad_acpi: Correct thermal sensor allocation
    - perf/core: Fix unconditional security_locked_down() call
    - vfio: Depend on MMU
    - avoid __memcat_p link failure
  * r8152 tx status -71 (LP: #1922651) // Groovy update: upstream stable
    patchset 2021-05-20 (LP: #1929132)
    - USB: Add LPM quirk for Lenovo ThinkPad USB-C Dock Gen2 Ethernet
  * Fix kdump failures (LP: #1927518)
    - video: hyperv_fb: Add ratelimit on error message
    - Drivers: hv: vmbus: Increase wait time for VMbus unload
    - Drivers: hv: vmbus: Initialize unload_event statically
  * Groovy update: upstream stable patchset 2021-05-13 (LP: #1928386)
    - ALSA: aloop: Fix initialization of controls
    - ALSA: hda/realtek: Fix speaker amp setup on Acer Aspire E1
    - ALSA: hda/conexant: Apply quirk for another HP ZBook G5 model
    - ASoC: intel: atom: Stop advertising non working S24LE support
    - nfc: fix refcount leak in llcp_sock_bind()
    - nfc: fix refcount leak in llcp_sock_connect()
    - nfc: fix memory leak in llcp_sock_connect()
    - nfc: Avoid endless loops caused by repeated llcp_sock_connect()
    - selinux: make nslot handling in avtab more robust
    - xen/evtchn: Change irq_info lock to raw_spinlock_t
    - net: ipv6: check for validity before dereferencing cfg->fc_nlinfo.nlh
    - net: dsa: lantiq_gswip: Let GSWIP automatically set the xMII clock
    - net: dsa: lantiq_gswip: Don't use PHY auto polling
    - net: dsa: lantiq_gswip: Configure all remaining GSWIP_MII_CFG bits
    - drm/i915: Fix invalid access to ACPI _DSM objects
    - ACPI: processor: Fix build when CONFIG_ACPI_PROCESSOR=m
    - IB/hfi1: Fix probe time panic when AIP is enabled with a buggy BIOS
    - LOOKUP_MOUNTPOINT: we are cleaning "jumped" flag too late
    - gcov: re-fix clang-11+ support
    - ia64: fix user_stack_pointer() for ptrace()
    - nds32: flush_dcache_page: use page_mapping_file to avoid races with swapoff
    - ocfs2: fix deadlock between setattr and dio_end_io_write
    - fs: direct-io: fix missing sdio->boundary
    - ethtool: fix incorrect datatype in set_eee ops
    - of: property: fw_devlink: do not link ".*,nr-gpios"
    - parisc: parisc-agp requires SBA IOMMU driver
    - parisc: avoid a warning on u8 cast for cmpxchg on u8 pointers
    - ARM: dts: turris-omnia: configure LED[2]/INTn pin as interrupt pin
    - batman-adv: initialize "struct batadv_tvlv_tt_vlan_data"->reserved field
    - ice: Increase control queue timeout
    - ice: prevent ice_open and ice_stop during reset
    - ice: remove DCBNL_DEVRESET bit from PF state
    - ice: Fix for dereference of NULL pointer
    - ice: Cleanup fltr list in case of allocation issues
    - iwlwifi: pcie: properly set LTR workarounds on 22000 devices
    - net: hso: fix null-ptr-deref during tty device unregistration
    - libbpf: Fix bail out from 'ringbuf_process_ring()' on error
    - bpf: Enforce that struct_ops programs be GPL-only
    - bpf: link: Refuse non-O_RDWR flags in BPF_OBJ_GET
    - ethernet/netronome/nfp: Fix a use after free in nfp_bpf_ctrl_msg_rx
    - libbpf: Only create rx and tx XDP rings when necessary
    - bpf, sockmap: Fix sk->prot unhash op reset
    - net: ensure mac header is set in virtio_net_hdr_to_skb()
    - i40e: Fix sparse warning: missing error code 'err'
    - i40e: Fix sparse error: 'vsi->netdev' could be null
    - i40e: Fix sparse errors in i40e_txrx.c
    - net: sched: sch_teql: fix null-pointer dereference
    - net: sched: fix action overwrite reference counting
    - mac80211: fix TXQ AC confusion
    - net: hsr: Reset MAC header for Tx path
    - net-ipv6: bugfix - raw & sctp - switch to ipv6_can_nonlocal_bind()
    - net: let skb_orphan_partial wake-up waiters.
    - usbip: add sysfs_lock to synchronize sysfs code paths
    - usbip: stub-dev synchronize sysfs code paths
    - usbip: vudc synchronize sysfs code paths
    - usbip: synchronize event handler with sysfs code paths
    - driver core: Fix locking bug in deferred_probe_timeout_work_func()
    - scsi: target: iscsi: Fix zero tag inside a trace event
    - i2c: turn recovery error on init to debug
    - ice: Refactor DCB related variables out of the ice_port_info struct
    - ice: Recognize 860 as iSCSI port in CEE mode
    - xfrm: interface: fix ipv4 pmtu check to honor ip header df
    - xfrm: Use actual socket sk instead of skb socket for xfrm_output_resume
    - regulator: bd9571mwv: Fix AVS and DVFS voltage range
    - ARM: OMAP4: Fix PMIC voltage domains for bionic
    - ARM: OMAP4: PM: update ROM return address for OSWR and OFF
    - net: xfrm: Localize sequence counter per network namespace
    - esp: delete NETIF_F_SCTP_CRC bit from features for esp offload
    - ASoC: SOF: Intel: HDA: fix core status verification
    - ASoC: wm8960: Fix wrong bclk and lrclk with pll enabled for some chips
    - xfrm: Fix NULL pointer dereference on policy lookup
    - virtchnl: Fix layout of RSS structures
    - i40e: Added Asym_Pause to supported link modes
    - i40e: Fix kernel oops when i40e driver removes VF's
    - hostfs: fix memory handling in follow_link()
    - amd-xgbe: Update DMA coherency values
    - sch_red: fix off-by-one checks in red_check_params()
    - arm64: dts: imx8mm/q: Fix pad control of SD1_DATA0
    - xfrm: Provide private skb extensions for segmented and hw offloaded ESP
      packets
    - can: bcm/raw: fix msg_namelen values depending on CAN_REQUIRED_SIZE
    - mlxsw: spectrum: Fix ECN marking in tunnel decapsulation
    - ethernet: myri10ge: Fix a use after free in myri10ge_sw_tso
    - gianfar: Handle error code at MAC address change
    - cxgb4: avoid collecting SGE_QBASE regs during traffic
    - net:tipc: Fix a double free in tipc_sk_mcast_rcv
    - ARM: dts: imx6: pbab01: Set vmmc supply for both SD interfaces
    - net/ncsi: Avoid channel_monitor hrtimer deadlock
    - net: qrtr: Fix memory leak on qrtr_tx_wait failure
    - nfp: flower: ignore duplicate merge hints from FW
    - net: phy: broadcom: Only advertise EEE for supported modes
    - I2C: JZ4780: Fix bug for Ingenic X1000.
    - ASoC: sunxi: sun4i-codec: fill ASoC card owner
    - net/mlx5e: Fix ethtool indication of connector type
    - net/mlx5: Don't request more than supported EQs
    - net/rds: Fix a use after free in rds_message_map_pages
    - xdp: fix xdp_return_frame() kernel BUG throw for page_pool memory model
    - soc/fsl: qbman: fix conflicting alignment attributes
    - i40e: Fix display statistics for veb_tc
    - RDMA/rtrs-clt: Close rtrs client conn before destroying rtrs clt session
      files
    - drm/msm: Set drvdata to NULL when msm_drm_init() fails
    - net: udp: Add support for getsockopt(..., ..., UDP_GRO, ..., ...);
    - mptcp: forbit mcast-related sockopt on MPTCP sockets
    - scsi: ufs: core: Fix task management request completion timeout
    - scsi: ufs: core: Fix wrong Task Tag used in task management request UPIUs
    - net: cls_api: Fix uninitialised struct field bo->unlocked_driver_cb
    - net: macb: restore cmp registers on resume path
    - clk: fix invalid usage of list cursor in register
    - clk: fix invalid usage of list cursor in unregister
    - workqueue: Move the position of debug_work_activate() in __queue_work()
    - s390/cpcmd: fix inline assembly register clobbering
    - perf inject: Fix repipe usage
    - net: openvswitch: conntrack: simplify the return expression of
      ovs_ct_limit_get_default_limit()
    - openvswitch: fix send of uninitialized stack memory in ct limit reply
    - i2c: designware: Adjust bus_freq_hz when refuse high speed mode set
    - tipc: increment the tmp aead refcnt before attaching it
    - net: hns3: clear VF down state bit before request link status
    - net/mlx5: Fix placement of log_max_flow_counter
    - net/mlx5: Fix PPLM register mapping
    - net/mlx5: Fix PBMC register mapping
    - RDMA/cxgb4: check for ipv6 address properly while destroying listener
    - perf report: Fix wrong LBR block sorting
    - i40e: Fix parameters in aq_get_phy_register()
    - RDMA/addr: Be strict with gid size
    - RAS/CEC: Correct ce_add_elem()'s returned values
    - clk: socfpga: fix iomem pointer cast on 64-bit
    - lockdep: Address clang -Wformat warning printing for %hd
    - dt-bindings: net: ethernet-controller: fix typo in NVMEM
    - cfg80211: remove WARN_ON() in cfg80211_sme_connect
    - net: tun: set tun->dev->addr_len during TUNSETLINK processing
    - drivers: net: fix memory leak in atusb_probe
    - drivers: net: fix memory leak in peak_usb_create_dev
    - net: mac802154: Fix general protection fault
    - net: ieee802154: nl-mac: fix check on panid
    - net: ieee802154: fix nl802154 del llsec key
    - net: ieee802154: fix nl802154 del llsec dev
    - net: ieee802154: fix nl802154 add llsec key
    - net: ieee802154: fix nl802154 del llsec devkey
    - net: ieee802154: forbid monitor for set llsec params
    - net: ieee802154: forbid monitor for del llsec seclevel
    - net: ieee802154: stop dump llsec params for monitors
    - interconnect: core: fix error return code of icc_link_destroy()
    - gfs2: Flag a withdraw if init_threads() fails
    - KVM: arm64: Hide system instruction access to Trace registers
    - KVM: arm64: Disable guest access to trace filter controls
    - drm/imx: imx-ldb: fix out of bounds array access warning
    - gfs2: report "already frozen/thawed" errors
    - ftrace: Check if pages were allocated before calling free_pages()
    - tools/kvm_stat: Add restart delay
    - drm/tegra: dc: Don't set PLL clock to 0Hz
    - gpu: host1x: Use different lock classes for each client
    - block: only update parent bi_status when bio fail
    - radix tree test suite: Register the main thread with the RCU library
    - idr test suite: Take RCU read lock in idr_find_test_1
    - idr test suite: Create anchor before launching throbber
    - io_uring: don't mark S_ISBLK async work as unbounded
    - riscv,entry: fix misaligned base for excp_vect_table
    - block: don't ignore REQ_NOWAIT for direct IO
    - perf map: Tighten snprintf() string precision to pass gcc check on some
      32-bit arches
    - net: sfp: relax bitrate-derived mode check
    - net: sfp: cope with SFPs that set both LOS normal and LOS inverted
    - xen/events: fix setting irq affinity
    - perf tools: Use %zd for size_t printf formats on 32-bit

[ Ubuntu: 5.8.0-55.62 ]

* groovy/linux: 5.8.0-55.62 -proposed tracker (LP: #1930379)
  * [Potential Regression] Unable to create KVM with uvtool on Groovy ARM64
    (LP: #1929925)
    - SAUCE: KVM: arm64: Assign kvm_ipa_limit

-- Thadeu Lima de Souza Cascardo <cascardo@canonical.com>  Wed, 16 Jun 2021 23:40:54 -0300

Changed in linux-azure (Ubuntu Groovy):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2021-06-22:

#7

This bug was fixed in the package linux-azure - 5.4.0-1051.53

---------------
linux-azure (5.4.0-1051.53) focal; urgency=medium

[ Ubuntu: 5.4.0-77.86 ]

  * UAF on CAN J1939 j1939_can_recv (LP: #1932209)
    - SAUCE: can: j1939: delay release of j1939_priv after synchronize_rcu
  * UAF on CAN BCM bcm_rx_handler (LP: #1931855)
    - SAUCE: can: bcm: delay release of struct bcm_op after synchronize_rcu

[ Ubuntu: 5.4.0-76.85 ]

  * focal/linux: 5.4.0-76.85 -proposed tracker (LP: #1932123)
  * Upstream v5.9 introduced 'module' patches that removed exported symbols
    (LP: #1932065)
    - SAUCE: Revert "modules: inherit TAINT_PROPRIETARY_MODULE"
    - SAUCE: Revert "modules: return licensing information from find_symbol"
    - SAUCE: Revert "modules: rename the licence field in struct symsearch to
      license"
    - SAUCE: Revert "modules: unexport __module_address"
    - SAUCE: Revert "modules: unexport __module_text_address"
    - SAUCE: Revert "modules: mark each_symbol_section static"
    - SAUCE: Revert "modules: mark find_symbol static"
    - SAUCE: Revert "modules: mark ref_module static"

-- Stefan Bader <email address hidden> Thu, 17 Jun 2021 19:43:15 +0200

Changed in linux-azure (Ubuntu Focal):
status:	Fix Committed → Fix Released

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2021-06-23:

#8

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-hirsute' to 'verification-done-hirsute'. If the problem still exists, change the tag 'verification-needed-hirsute' to 'verification-failed-hirsute'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: verification-needed-hirsute

Revision history for this message

Launchpad Janitor (janitor) wrote on 2021-06-23:

#9

Download full text (66.1 KiB)

This bug was fixed in the package linux-azure - 5.11.0-1007.7+21.10.1

---------------
linux-azure (5.11.0-1007.7+21.10.1) impish; urgency=medium

* impish/linux-azure: 5.11.0-1007.7+21.10.1 -proposed tracker (LP: #1930059)

* Packaging resync (LP: #1786013)
- update dkms package versions

[ Ubuntu: 5.11.0-1007.7 ]

  * hirsute/linux-azure: 5.11.0-1007.7 -proposed tracker (LP: #1930060)
  * build module CONFIG_SND_SOC_INTEL_SOUNDWIRE_SOF_MACH=m for 5.11, 5.13-rc2
    and later (LP: #1921632)
    - [Config] azure: disable soundwire audio mach driver
  * scsi: storvsc: Parameterize number hardware queues (LP: #1930626)
    - scsi: storvsc: Parameterize number hardware queues
  * hirsute/linux: 5.11.0-20.21 -proposed tracker (LP: #1930854)
  * ath11k WIFI not working in proposed kernel 5.11.0-19-generic (LP: #1930637)
    - bus: mhi: core: Download AMSS image from appropriate function
  * hirsute/linux: 5.11.0-19.20 -proposed tracker (LP: #1930075)
  * Packaging resync (LP: #1786013)
    - update dkms package versions
  * CVE-2021-33200
    - bpf: Wrap aux data inside bpf_sanitize_info container
    - bpf: Fix mask direction swap upon off reg sign change
    - bpf: No need to simulate speculative domain for immediates
  * AX201 BT will cause system could not enter S0i3 (LP: #1928047)
    - SAUCE: drm/i915: Tweaked Wa_14010685332 for all PCHs
  * CVE-2021-3490
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: verifier: fix ALU32 bounds tracking with
      bitwise ops"
    - gpf: Fix alu32 const subreg bound tracking on bitwise operations
  * CVE-2021-3489
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: prevent writable memory-mapping of read-
      only ringbuf pages"
    - bpf: Prevent writable memory-mapping of read-only ringbuf pages
  * Select correct boot VGA when BIOS doesn't do it properly (LP: #1929217)
    - vgaarb: Use ACPI HID name to find integrated GPU
  * Realtek USB hubs in Dell WD19SC/DC/TB fail to work after exiting s2idle
    (LP: #1928242)
    - USB: Verify the port status when timeout happens during port suspend
  * CVE-2020-26145
    - ath10k: drop fragments with multicast DA for SDIO
    - ath10k: add CCMP PN replay protection for fragmented frames for PCIe
    - ath10k: drop fragments with multicast DA for PCIe
  * CVE-2020-26141
    - ath10k: Fix TKIP Michael MIC verification for PCIe
  * CVE-2020-24587
    - ath11k: Clear the fragment cache during key install
  * CVE-2020-24588
    - mac80211: properly handle A-MSDUs that start with an RFC 1042 header
    - cfg80211: mitigate A-MSDU aggregation attacks
    - mac80211: drop A-MSDUs on old ciphers
    - ath10k: drop MPDU which has discard flag set by firmware for SDIO
  * CVE-2020-26139
    - mac80211: do not accept/forward invalid EAPOL frames
  * CVE-2020-24586 // CVE-2020-24587 // CVE-2020-24587 for such cases.
    - mac80211: extend protection against mixed key and fragment cache attacks
  * CVE-2020-24586 // CVE-2020-24587
    - mac80211: prevent mixed key and fragment cache attacks
    - mac80211: add fragment cache to sta_info
    - mac80211: check defrag PN against current frame
    - mac80211: prevent attacks on TKIP/WEP as well
  * CVE-2020-26147
    - mac80211: assure...

This bug was fixed in the package linux-azure - 5.11.0-1007.7+21.10.1

---------------
linux-azure (5.11.0-1007.7+21.10.1) impish; urgency=medium

* impish/linux-azure: 5.11.0-1007.7+21.10.1 -proposed tracker (LP: #1930059)

* Packaging resync (LP: #1786013)
    - update dkms package versions

[ Ubuntu: 5.11.0-1007.7 ]

* hirsute/linux-azure: 5.11.0-1007.7 -proposed tracker (LP: #1930060)
  * build module CONFIG_SND_SOC_INTEL_SOUNDWIRE_SOF_MACH=m for 5.11,  5.13-rc2
    and later (LP: #1921632)
    - [Config] azure: disable soundwire audio mach driver
  * scsi: storvsc: Parameterize number hardware queues (LP: #1930626)
    - scsi: storvsc: Parameterize number hardware queues
  * hirsute/linux: 5.11.0-20.21 -proposed tracker (LP: #1930854)
  * ath11k WIFI not working in proposed kernel 5.11.0-19-generic (LP: #1930637)
    - bus: mhi: core: Download AMSS image from appropriate function
  * hirsute/linux: 5.11.0-19.20 -proposed tracker (LP: #1930075)
  * Packaging resync (LP: #1786013)
    - update dkms package versions
  * CVE-2021-33200
    - bpf: Wrap aux data inside bpf_sanitize_info container
    - bpf: Fix mask direction swap upon off reg sign change
    - bpf: No need to simulate speculative domain for immediates
  * AX201 BT will cause system could not enter S0i3 (LP: #1928047)
    - SAUCE: drm/i915: Tweaked Wa_14010685332 for all PCHs
  * CVE-2021-3490
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: verifier: fix ALU32 bounds tracking with
      bitwise ops"
    - gpf: Fix alu32 const subreg bound tracking on bitwise operations
  * CVE-2021-3489
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: prevent writable memory-mapping of read-
      only ringbuf pages"
    - bpf: Prevent writable memory-mapping of read-only ringbuf pages
  * Select correct boot VGA when BIOS doesn't do it properly (LP: #1929217)
    - vgaarb: Use ACPI HID name to find integrated GPU
  * Realtek USB hubs in Dell WD19SC/DC/TB fail to work after exiting s2idle
    (LP: #1928242)
    - USB: Verify the port status when timeout happens during port suspend
  * CVE-2020-26145
    - ath10k: drop fragments with multicast DA for SDIO
    - ath10k: add CCMP PN replay protection for fragmented frames for PCIe
    - ath10k: drop fragments with multicast DA for PCIe
  * CVE-2020-26141
    - ath10k: Fix TKIP Michael MIC verification for PCIe
  * CVE-2020-24587
    - ath11k: Clear the fragment cache during key install
  * CVE-2020-24588
    - mac80211: properly handle A-MSDUs that start with an RFC 1042 header
    - cfg80211: mitigate A-MSDU aggregation attacks
    - mac80211: drop A-MSDUs on old ciphers
    - ath10k: drop MPDU which has discard flag set by firmware for SDIO
  * CVE-2020-26139
    - mac80211: do not accept/forward invalid EAPOL frames
  * CVE-2020-24586 // CVE-2020-24587 // CVE-2020-24587 for such cases.
    - mac80211: extend protection against mixed key and fragment cache attacks
  * CVE-2020-24586 // CVE-2020-24587
    - mac80211: prevent mixed key and fragment cache attacks
    - mac80211: add fragment cache to sta_info
    - mac80211: check defrag PN against current frame
    - mac80211: prevent attacks on TKIP/WEP as well
  * CVE-2020-26147
    - mac80211: assure all fragments are encrypted
  * raid10: Block discard is very slow, causing severe delays for mkfs and
    fstrim operations (LP: #1896578)
    - md: add md_submit_discard_bio() for submitting discard bio
    - md/raid10: extend r10bio devs to raid disks
    - md/raid10: pull the code that wait for blocked dev into one function
    - md/raid10: improve raid10 discard request
    - md/raid10: improve discard request for far layout
    - dm raid: remove unnecessary discard limits for raid0 and raid10
  * [SRU][OEM-5.10/H] Fix typec output on AMD Cezanne GPU (LP: #1929646)
    - drm/amd/display: use max lb for latency hiding
  * kvm: properly tear down PV features on hibernate (LP: #1920944)
    - x86/kvm: Fix pr_info() for async PF setup/teardown
    - x86/kvm: Teardown PV features on boot CPU as well
    - x86/kvm: Disable kvmclock on all CPUs on shutdown
    - x86/kvm: Disable all PV features on crash
    - x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline()
  * Add support for AMD wireless button (LP: #1928820)
    - platform/x86: hp-wireless: add AMD's hardware id to the supported list
  * Can't detect intel wifi 6235 (LP: #1920180)
    - SAUCE: iwlwifi: add new pci id for 6235
  * Speed up resume time on HP laptops (LP: #1929048)
    - platform/x86: hp_accel: Avoid invoking _INI to speed up resume
  * Fix kernel panic on Intel Bluetooth (LP: #1928838)
    - Bluetooth: Shutdown controller after workqueues are flushed or cancelled
  * build module CONFIG_SND_SOC_INTEL_SOUNDWIRE_SOF_MACH=m for 5.11,  5.13-rc2
    and later (LP: #1921632)
    - [Config] enable soundwire audio mach driver
  * [SRU] Patch for flicker and glitching on common LCD display panels, intel
    framebuffer (LP: #1925685)
    - drm/i915: Try to use fast+narrow link on eDP again and fall back to the old
      max strategy on failure
    - drm/i915/dp: Use slow and wide link training for everything
  * Fix screen flickering when two 4K 60Hz monitors are connected to AMD Oland
    GFX (LP: #1928361)
    - drm/radeon/dpm: Disable sclk switching on Oland when two 4K 60Hz monitors
      are connected
  * Display abnormal on the TGL+4k panel machines (LP: #1922885)
    - drm/i915/display: Do not allow DC3CO if PSR SF is enabled
    - drm/i915/display/psr: Disable DC3CO when the PSR2 is used
  * Hirsute update: v5.11.21 upstream stable release (LP: #1929455)
    - Bluetooth: verify AMP hci_chan before amp_destroy
    - bluetooth: eliminate the potential race condition when removing the HCI
      controller
    - net/nfc: fix use-after-free llcp_sock_bind/connect
    - Revert "USB: cdc-acm: fix rounding error in TIOCSSERIAL"
    - usb: roles: Call try_module_get() from usb_role_switch_find_by_fwnode()
    - tty: moxa: fix TIOCSSERIAL jiffies conversions
    - tty: amiserial: fix TIOCSSERIAL permission check
    - USB: serial: usb_wwan: fix TIOCSSERIAL jiffies conversions
    - staging: greybus: uart: fix TIOCSSERIAL jiffies conversions
    - USB: serial: ti_usb_3410_5052: fix TIOCSSERIAL permission check
    - staging: fwserial: fix TIOCSSERIAL jiffies conversions
    - tty: moxa: fix TIOCSSERIAL permission check
    - staging: fwserial: fix TIOCSSERIAL permission check
    - drm: bridge: fix LONTIUM use of mipi_dsi_() functions
    - usb: typec: tcpm: Address incorrect values of tcpm psy for fixed supply
    - usb: typec: tcpm: Address incorrect values of tcpm psy for pps supply
    - usb: typec: tcpm: update power supply once partner accepts
    - usb: xhci-mtk: remove or operator for setting schedule parameters
    - usb: xhci-mtk: improve bandwidth scheduling with TT
    - ASoC: samsung: tm2_wm5110: check of of_parse return value
    - ASoC: Intel: kbl_da7219_max98927: Fix kabylake_ssp_fixup function
    - ASoC: tlv320aic32x4: Register clocks before registering component
    - ASoC: tlv320aic32x4: Increase maximum register in regmap
    - MIPS: pci-mt7620: fix PLL lock check
    - MIPS: pci-rt2880: fix slot 0 configuration
    - FDDI: defxx: Bail out gracefully with unassigned PCI resource for CSR
    - PCI: Allow VPD access for QLogic ISP2722
    - KVM: x86: Defer the MMU unload to the normal path on an global INVPCID
    - PCI: keystone: Let AM65 use the pci_ops defined in pcie-designware-host.c
    - PM / devfreq: Unlock mutex and free devfreq struct in error path
    - soc/tegra: regulators: Fix locking up when voltage-spread is out of range
    - iio: inv_mpu6050: Fully validate gyro and accel scale writes
    - iio: sx9310: Fix write_.._debounce()
    - iio:accel:adis16201: Fix wrong axis assignment that prevents loading
    - iio:adc:ad7476: Fix remove handling
    - iio: sx9310: Fix access to variable DT array
    - sc16is7xx: Defer probe if device read fails
    - phy: cadence: Sierra: Fix PHY power_on sequence
    - misc: lis3lv02d: Fix false-positive WARN on various HP models
    - phy: ti: j721e-wiz: Invoke wiz_init() before of_platform_device_create()
    - misc: vmw_vmci: explicitly initialize vmci_notify_bm_set_msg struct
    - misc: vmw_vmci: explicitly initialize vmci_datagram payload
    - selinux: add proper NULL termination to the secclass_map permissions
    - x86, sched: Treat Intel SNC topology as default, COD as exception
    - async_xor: increase src_offs when dropping destination page
    - md/bitmap: wait for external bitmap writes to complete during tear down
    - md-cluster: fix use-after-free issue when removing rdev
    - md: split mddev_find
    - md: factor out a mddev_find_locked helper from mddev_find
    - md: md_open returns -EBUSY when entering racing area
    - md: Fix missing unused status line of /proc/mdstat
    - MIPS: generic: Update node names to avoid unit addresses
    - mt76: mt7615: use ieee80211_free_txskb() in mt7615_tx_token_put()
    - ipw2x00: potential buffer overflow in libipw_wx_set_encodeext()
    - cfg80211: scan: drop entry from hidden_list on overflow
    - rtw88: Fix array overrun in rtw_get_tx_power_params()
    - mt76: fix potential DMA mapping leak
    - FDDI: defxx: Make MMIO the configuration default except for EISA
    - drm/qxl: use ttm bo priorities
    - drm/ingenic: Fix non-OSD mode
    - drm/panfrost: Clear MMU irqs before handling the fault
    - drm/panfrost: Don't try to map pages that are already mapped
    - drm/radeon: fix copy of uninitialized variable back to userspace
    - drm/dp_mst: Revise broadcast msg lct & lcr
    - drm/dp_mst: Set CLEAR_PAYLOAD_ID_TABLE as broadcast
    - drm: bridge: fix ANX7625 use of mipi_dsi_() functions
    - drm: bridge/panel: Cleanup connector on bridge detach
    - drm/amd/display: Reject non-zero src_y and src_x for video planes
    - drm/amdgpu: fix concurrent VM flushes on Vega/Navi v2
    - drm/amdgpu: add new MC firmware for Polaris12 32bit ASIC
    - drm/amdgpu: Init GFX10_ADDR_CONFIG for VCN v3 in DPG mode.
    - ALSA: hda/realtek: Re-order ALC882 Acer quirk table entries
    - ALSA: hda/realtek: Re-order ALC882 Sony quirk table entries
    - ALSA: hda/realtek: Re-order ALC882 Clevo quirk table entries
    - ALSA: hda/realtek: Re-order ALC269 HP quirk table entries
    - ALSA: hda/realtek: Re-order ALC269 Acer quirk table entries
    - ALSA: hda/realtek: Re-order ALC269 Dell quirk table entries
    - ALSA: hda/realtek: Re-order ALC269 ASUS quirk table entries
    - ALSA: hda/realtek: Re-order ALC269 Sony quirk table entries
    - ALSA: hda/realtek: Re-order ALC269 Lenovo quirk table entries
    - ALSA: hda/realtek: Re-order remaining ALC269 quirk table entries
    - ALSA: hda/realtek: Re-order ALC662 quirk table entries
    - ALSA: hda/realtek: Remove redundant entry for ALC861 Haier/Uniwill devices
    - ALSA: hda/realtek: ALC285 Thinkpad jack pin quirk is unreachable
    - ALSA: hda/realtek: Fix speaker amp on HP Envy AiO 32
    - KVM: s390: VSIE: correctly handle MVPG when in VSIE
    - KVM: s390: split kvm_s390_logical_to_effective
    - KVM: s390: fix guarded storage control register handling
    - s390: fix detection of vector enhancements facility 1 vs. vector packed
      decimal facility
    - KVM: s390: VSIE: fix MVPG handling for prefixing and MSO
    - KVM: s390: split kvm_s390_real_to_abs
    - KVM: s390: extend kvm_s390_shadow_fault to return entry pointer
    - KVM: x86/mmu: Alloc page for PDPTEs when shadowing 32-bit NPT with 64-bit
    - KVM: X86: Fix failure to boost kernel lock holder candidate in SEV-ES guests
    - KVM: x86: Remove emulator's broken checks on CR0/CR3/CR4 loads
    - KVM: nSVM: Set the shadow root level to the TDP level for nested NPT
    - KVM: SVM: Don't strip the C-bit from CR2 on #PF interception
    - KVM: SVM: Use online_vcpus, not created_vcpus, to iterate over vCPUs
    - KVM: SVM: Do not set sev->es_active until KVM_SEV_ES_INIT completes
    - KVM: SVM: Do not allow SEV/SEV-ES initialization after vCPUs are created
    - KVM: SVM: Inject #GP on guest MSR_TSC_AUX accesses if RDTSCP unsupported
    - KVM: nVMX: Defer the MMU reload to the normal path on an EPTP switch
    - KVM: nVMX: Truncate bits 63:32 of VMCS field on nested check in !64-bit
    - KVM: nVMX: Truncate base/index GPR value on address calc in !64-bit
    - KVM: arm/arm64: Fix KVM_VGIC_V3_ADDR_TYPE_REDIST read
    - KVM: Destroy I/O bus devices on unregister failure _after_ sync'ing SRCU
    - KVM: Stop looking for coalesced MMIO zones if the bus is destroyed
    - KVM: arm64: Fully zero the vcpu state on reset
    - KVM: arm64: Fix KVM_VGIC_V3_ADDR_TYPE_REDIST_REGION read
    - KVM: selftests: Sync data verify of dirty logging with guest sync
    - KVM: selftests: Always run vCPU thread with blocked SIG_IPI
    - Revert "drivers/net/wan/hdlc_fr: Fix a double free in pvc_xmit"
    - Revert "i3c master: fix missing destroy_workqueue() on error in
      i3c_master_register"
    - mfd: stmpe: Revert "Constify static struct resource"
    - ovl: fix missing revert_creds() on error path
    - usb: gadget: pch_udc: Revert d3cb25a12138 completely
    - Revert "tools/power turbostat: adjust for temperature offset"
    - firmware: xilinx: Fix dereferencing freed memory
    - firmware: xilinx: Remove zynqmp_pm_get_eemi_ops() in
      IS_REACHABLE(CONFIG_ZYNQMP_FIRMWARE)
    - x86/vdso: Use proper modifier for len's format specifier in extract()
    - fpga: fpga-mgr: xilinx-spi: fix error messages on -EPROBE_DEFER
    - crypto: keembay-ocs-aes - Fix error return code in kmb_ocs_aes_probe()
    - crypto: sun8i-ss - fix result memory leak on error path
    - memory: gpmc: fix out of bounds read and dereference on gpmc_cs[]
    - ARM: dts: exynos: correct fuel gauge interrupt trigger level on GT-I9100
    - ARM: dts: exynos: correct fuel gauge interrupt trigger level on P4 Note
      family
    - ARM: dts: exynos: correct fuel gauge interrupt trigger level on Midas family
    - ARM: dts: exynos: correct MUIC interrupt trigger level on Midas family
    - ARM: dts: exynos: correct PMIC interrupt trigger level on Midas family
    - ARM: dts: exynos: correct PMIC interrupt trigger level on Odroid X/U3 family
    - ARM: dts: exynos: correct PMIC interrupt trigger level on P4 Note family
    - ARM: dts: exynos: correct PMIC interrupt trigger level on SMDK5250
    - ARM: dts: exynos: correct PMIC interrupt trigger level on Snow
    - ARM: dts: s5pv210: correct fuel gauge interrupt trigger level on Fascinate
      family
    - ARM: dts: renesas: Add mmc aliases into R-Car Gen2 board dts files
    - arm64: dts: renesas: Add mmc aliases into board dts files
    - bus: ti-sysc: Fix initializing module_pa for modules without sysc register
    - x86/platform/uv: Set section block size for hubless architectures
    - serial: stm32: fix code cleaning warnings and checks
    - serial: stm32: add "_usart" prefix in functions name
    - serial: stm32: fix probe and remove order for dma
    - serial: stm32: Use of_device_get_match_data()
    - serial: stm32: fix startup by enabling usart for reception
    - serial: stm32: fix incorrect characters on console
    - serial: stm32: fix TX and RX FIFO thresholds
    - serial: stm32: fix a deadlock condition with wakeup event
    - serial: stm32: fix wake-up flag handling
    - serial: stm32: fix a deadlock in set_termios
    - serial: liteuart: fix return value check in liteuart_probe()
    - serial: stm32: fix tx dma completion, release channel
    - serial: stm32: call stm32_transmit_chars locked
    - serial: stm32: fix FIFO flush in startup and set_termios
    - serial: stm32: add FIFO flush when port is closed
    - serial: stm32: fix tx_empty condition
    - usb: typec: tcpm: Handle vbus shutoff when in source mode
    - usb: typec: tcpci: Check ROLE_CONTROL while interpreting CC_STATUS
    - usb: typec: tps6598x: Fix return value check in tps6598x_probe()
    - usb: typec: stusb160x: fix return value check in stusb160x_probe()
    - mfd: intel_pmt: Fix nuisance messages and handling of disabled capabilities
    - regmap: set debugfs_name to NULL after it is freed
    - spi: rockchip: avoid objtool warning
    - mtd: rawnand: fsmc: Fix error code in fsmc_nand_probe()
    - mtd: rawnand: brcmnand: fix OOB R/W with Hamming ECC
    - mtd: Handle possible -EPROBE_DEFER from parse_mtd_partitions()
    - mtd: rawnand: qcom: Return actual error code instead of -ENODEV
    - mtd: don't lock when recursively deleting partitions
    - mtd: maps: fix error return code of physmap_flash_remove()
    - ARM: dts: stm32: fix usart 2 & 3 pinconf to wake up with flow control
    - arm64: dts: ti: k3-j721e-main: Update the speed modes supported and their
      itap delay values for MMCSD subsystems
    - iio: adis16480: fix pps mode sampling frequency math
    - arm64: dts: qcom: sc7180: trogdor: Fix trip point config of charger thermal
      zone
    - arm64: dts: qcom: sm8250: Fix level triggered PMU interrupt polarity
    - arm64: dts: qcom: sm8250: Fix timer interrupt to specify EL2 physical timer
    - arm64: dts: qcom: sc7180: Avoid glitching SPI CS at bootup on trogdor
    - arm64: dts: qcom: sdm845: fix number of pins in 'gpio-ranges'
    - arm64: dts: qcom: sm8150: fix number of pins in 'gpio-ranges'
    - arm64: dts: qcom: sm8250: fix number of pins in 'gpio-ranges'
    - arm64: dts: qcom: db845c: fix correct powerdown pin for WSA881x
    - crypto: sun8i-ss - Fix memory leak of object d when dma_iv fails to map
    - spi: stm32: drop devres version of spi_register_master
    - regulator: bd9576: Fix return from bd957x_probe()
    - arm64: dts: renesas: r8a77980: Fix vin4-7 endpoint binding
    - selftests/x86: Add a missing .note.GNU-stack section to thunks_32.S
    - spi: stm32: Fix use-after-free on unbind
    - Drivers: hv: vmbus: Drop error message when 'No request id available'
    - x86/microcode: Check for offline CPUs before requesting new microcode
    - devtmpfs: fix placement of complete() call
    - usb: gadget: pch_udc: Replace cpu_to_le32() by lower_32_bits()
    - usb: gadget: pch_udc: Check if driver is present before calling ->setup()
    - usb: gadget: pch_udc: Check for DMA mapping error
    - usb: gadget: pch_udc: Initialize device pointer before use
    - usb: gadget: pch_udc: Provide a GPIO line used on Intel Minnowboard (v1)
    - crypto: ccp - fix command queuing to TEE ring buffer
    - crypto: qat - don't release uninitialized resources
    - crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init
    - fotg210-udc: Fix DMA on EP0 for length > max packet size
    - fotg210-udc: Fix EP0 IN requests bigger than two packets
    - fotg210-udc: Remove a dubious condition leading to fotg210_done
    - fotg210-udc: Mask GRP2 interrupts we don't handle
    - fotg210-udc: Don't DMA more than the buffer can take
    - fotg210-udc: Complete OUT requests on short packets
    - usb: gadget: s3c: Fix incorrect resources releasing
    - usb: gadget: s3c: Fix the error handling path in 's3c2410_udc_probe()'
    - dt-bindings: serial: stm32: Use 'type: object' instead of false for
      'additionalProperties'
    - mtd: require write permissions for locking and badblock ioctls
    - arm64: dts: renesas: r8a779a0: Fix PMU interrupt
    - arm64: dts: mt8183: Add gce client reg for display subcomponents
    - arm64: dts: mt8173: fix wrong power-domain phandle of pmic
    - bus: qcom: Put child node before return
    - soundwire: bus: Fix device found flag correctly
    - phy: ti: j721e-wiz: Delete "clk_div_sel" clk provider during cleanup
    - phy: ralink: phy-mt7621-pci: fix XTAL bitmask
    - phy: marvell: ARMADA375_USBCLUSTER_PHY should not default to y,
      unconditionally
    - phy: ralink: phy-mt7621-pci: fix return value check in
      mt7621_pci_phy_probe()
    - phy: ingenic: Fix a typo in ingenic_usb_phy_probe()
    - arm64: dts: mediatek: fix reset GPIO level on pumpkin
    - NFSv4.2: fix copy stateid copying for the async copy
    - crypto: poly1305 - fix poly1305_core_setkey() declaration
    - crypto: qat - fix error path in adf_isr_resource_alloc()
    - usb: gadget: aspeed: fix dma map failure
    - USB: gadget: udc: fix wrong pointer passed to IS_ERR() and PTR_ERR()
    - drivers: nvmem: Fix voltage settings for QTI qfprom-efuse
    - driver core: platform: Declare early_platform_cleanup() prototype
    - ARM: dts: qcom: msm8974-lge-nexus5: correct fuel gauge interrupt trigger
      level
    - ARM: dts: qcom: msm8974-samsung-klte: correct fuel gauge interrupt trigger
      level
    - memory: pl353: fix mask of ECC page_size config register
    - soundwire: stream: fix memory leak in stream config error path
    - m68k: mvme147,mvme16x: Don't wipe PCC timer config bits
    - firmware: qcom_scm: Make __qcom_scm_is_call_available() return bool
    - firmware: qcom_scm: Reduce locking section for __get_convention()
    - firmware: qcom_scm: Workaround lack of "is available" call on SC7180
    - iio: adc: Kconfig: make AD9467 depend on ADI_AXI_ADC symbol
    - [Config] updateconfigs for AD9467
    - mtd: rawnand: gpmi: Fix a double free in gpmi_nand_init
    - irqchip/gic-v3: Fix OF_BAD_ADDR error handling
    - staging: comedi: tests: ni_routes_test: Fix compilation error
    - staging: rtl8192u: Fix potential infinite loop
    - staging: fwserial: fix TIOCSSERIAL implementation
    - staging: fwserial: fix TIOCGSERIAL implementation
    - staging: greybus: uart: fix unprivileged TIOCCSERIAL
    - platform/x86: dell-wmi-sysman: Make init_bios_attributes() ACPI object
      parsing more robust
    - soc: qcom: pdr: Fix error return code in pdr_register_listener
    - PM / devfreq: Use more accurate returned new_freq as resume_freq
    - clocksource/drivers/timer-ti-dm: Fix posted mode status check order
    - clocksource/drivers/timer-ti-dm: Add missing set_state_oneshot_stopped
    - clocksource/drivers/ingenic_ost: Fix return value check in
      ingenic_ost_probe()
    - spi: Fix use-after-free with devm_spi_alloc_*
    - spi: fsl: add missing iounmap() on error in of_fsl_spi_probe()
    - soc: qcom: mdt_loader: Validate that p_filesz < p_memsz
    - soc: qcom: mdt_loader: Detect truncated read of segments
    - PM: runtime: Replace inline function pm_runtime_callbacks_present()
    - cpuidle: Fix ARM_QCOM_SPM_CPUIDLE configuration
    - ACPI: CPPC: Replace cppc_attr with kobj_attribute
    - crypto: allwinner - add missing CRYPTO_ prefix
    - crypto: sun8i-ss - Fix memory leak of pad
    - crypto: sa2ul - Fix memory leak of rxd
    - crypto: qat - Fix a double free in adf_create_ring
    - cpufreq: armada-37xx: Fix setting TBG parent for load levels
    - clk: mvebu: armada-37xx-periph: remove .set_parent method for CPU PM clock
    - cpufreq: armada-37xx: Fix the AVS value for load L1
    - clk: mvebu: armada-37xx-periph: Fix switching CPU freq from 250 Mhz to 1 GHz
    - clk: mvebu: armada-37xx-periph: Fix workaround for switching from L1 to L0
    - cpufreq: armada-37xx: Fix driver cleanup when registration failed
    - cpufreq: armada-37xx: Fix determining base CPU frequency
    - spi: spi-zynqmp-gqspi: use wait_for_completion_timeout to make
      zynqmp_qspi_exec_op not interruptible
    - spi: spi-zynqmp-gqspi: add mutex locking for exec_op
    - spi: spi-zynqmp-gqspi: transmit dummy circles by using the controller's
      internal functionality
    - spi: spi-zynqmp-gqspi: fix incorrect operating mode in zynqmp_qspi_read_op
    - spi: fsl-lpspi: Fix PM reference leak in lpspi_prepare_xfer_hardware()
    - usb: gadget: r8a66597: Add missing null check on return from
      platform_get_resource
    - USB: cdc-acm: fix unprivileged TIOCCSERIAL
    - USB: cdc-acm: fix TIOCGSERIAL implementation
    - tty: fix return value for unsupported ioctls
    - tty: fix return value for unsupported termiox ioctls
    - serial: core: return early on unsupported ioctls
    - firmware: qcom-scm: Fix QCOM_SCM configuration
    - node: fix device cleanups in error handling code
    - crypto: chelsio - Read rxchannel-id from firmware
    - usbip: vudc: fix missing unlock on error in usbip_sockfd_store()
    - m68k: Add missing mmap_read_lock() to sys_cacheflush()
    - spi: spi-zynqmp-gqspi: Fix missing unlock on error in zynqmp_qspi_exec_op()
    - memory: renesas-rpc-if: fix possible NULL pointer dereference of resource
    - memory: samsung: exynos5422-dmc: handle clk_set_parent() failure
    - security: keys: trusted: fix TPM2 authorizations
    - platform/x86: pmc_atom: Match all Beckhoff Automation baytrail boards with
      critclk_systems DMI table
    - ARM: dts: aspeed: Rainier: Fix humidity sensor bus address
    - Drivers: hv: vmbus: Use after free in __vmbus_open()
    - spi: spi-zynqmp-gqspi: fix clk_enable/disable imbalance issue
    - spi: spi-zynqmp-gqspi: fix hang issue when suspend/resume
    - spi: spi-zynqmp-gqspi: fix use-after-free in zynqmp_qspi_exec_op
    - spi: spi-zynqmp-gqspi: return -ENOMEM if dma_map_single fails
    - x86/platform/uv: Fix !KEXEC build failure
    - hwmon: (pmbus/pxe1610) don't bail out when not all pages are active
    - PM: hibernate: x86: Use crc32 instead of md5 for hibernation e820 integrity
      check
    - usb: dwc2: Fix host mode hibernation exit with remote wakeup flow.
    - usb: dwc2: Fix hibernation between host and device modes.
    - ttyprintk: Add TTY hangup callback.
    - serial: omap: don't disable rs485 if rts gpio is missing
    - serial: omap: fix rs485 half-duplex filtering
    - xen-blkback: fix compatibility bug with single page rings
    - soc: aspeed: fix a ternary sign expansion bug
    - drm/tilcdc: send vblank event when disabling crtc
    - drm/stm: Fix bus_flags handling
    - drm/amd/display: Fix off by one in hdmi_14_process_transaction()
    - drm/mcde/panel: Inverse misunderstood flag
    - scsi: lpfc: Fix null pointer dereference in lpfc_prep_els_iocb()
    - sched/fair: Fix shift-out-of-bounds in load_balance()
    - printk: limit second loop of syslog_print_all
    - afs: Fix updating of i_mode due to 3rd party change
    - rcu: Remove spurious instrumentation_end() in rcu_nmi_enter()
    - media: vivid: fix assignment of dev->fbuf_out_flags
    - media: saa7134: use sg_dma_len when building pgtable
    - media: saa7146: use sg_dma_len when building pgtable
    - media: omap4iss: return error code when omap4iss_get() failed
    - media: rkisp1: rsz: crash fix when setting src format
    - media: aspeed: fix clock handling logic
    - drm/probe-helper: Check epoch counter in output_poll_execute()
    - media: venus: core: Fix some resource leaks in the error path of
      'venus_probe()'
    - media: platform: sunxi: sun6i-csi: fix error return code of
      sun6i_video_start_streaming()
    - media: m88ds3103: fix return value check in m88ds3103_probe()
    - media: docs: Fix data organization of MEDIA_BUS_FMT_RGB101010_1X30
    - media: [next] staging: media: atomisp: fix memory leak of object flash
    - media: atomisp: Fixed error handling path
    - media: m88rs6000t: avoid potential out-of-bounds reads on arrays
    - media: atomisp: Fix use after free in atomisp_alloc_css_stat_bufs()
    - drm/amdkfd: fix build error with AMD_IOMMU_V2=m
    - of: overlay: fix for_each_child.cocci warnings
    - x86/kprobes: Fix to check non boostable prefixes correctly
    - selftests: fix prepending $(OUTPUT) to $(TEST_PROGS)
    - pata_arasan_cf: fix IRQ check
    - pata_ipx4xx_cf: fix IRQ check
    - sata_mv: add IRQ checks
    - ata: libahci_platform: fix IRQ check
    - seccomp: Fix CONFIG tests for Seccomp_filters
    - nvme-tcp: block BH in sk state_change sk callback
    - nvmet-tcp: fix incorrect locking in state_change sk callback
    - clk: imx: Fix reparenting of UARTs not associated with stdout
    - power: supply: bq25980: Move props from battery node
    - nvme: retrigger ANA log update if group descriptor isn't found
    - media: ccs: Fix sub-device function
    - media: ipu3-cio2: Fix pixel-rate derived link frequency
    - media: i2c: imx219: Move out locking/unlocking of vflip and hflip controls
      from imx219_set_stream
    - media: i2c: imx219: Balance runtime PM use-count
    - media: v4l2-ctrls.c: fix race condition in hdl->requests list
    - media: rkvdec: Do not require all controls to be present in every request
    - vfio/fsl-mc: Re-order vfio_fsl_mc_probe()
    - vfio/pci: Move VGA and VF initialization to functions
    - vfio/pci: Re-order vfio_pci_probe()
    - drm/msm: Fix debugfs deadlock
    - vfio/mdev: Do not allow a mdev_type to have a NULL parent pointer
    - clk: zynqmp: move zynqmp_pll_set_mode out of round_rate callback
    - clk: zynqmp: pll: add set_pll_mode to check condition in zynqmp_pll_enable
    - drm: xlnx: zynqmp: fix a memset in zynqmp_dp_train()
    - clk: qcom: a53-pll: Add missing MODULE_DEVICE_TABLE
    - clk: qcom: apss-ipq-pll: Add missing MODULE_DEVICE_TABLE
    - drm/amd/display: use GFP_ATOMIC in dcn20_resource_construct
    - drm/amd/display: check fb of primary plane
    - drm/radeon: Fix a missing check bug in radeon_dp_mst_detect()
    - clk: uniphier: Fix potential infinite loop
    - scsi: pm80xx: Increase timeout for pm80xx mpi_uninit_check()
    - scsi: pm80xx: Fix potential infinite loop
    - scsi: ufs: ufshcd-pltfrm: Fix deferred probing
    - scsi: hisi_sas: Fix IRQ checks
    - scsi: jazz_esp: Add IRQ check
    - scsi: sun3x_esp: Add IRQ check
    - scsi: sni_53c710: Add IRQ check
    - scsi: ibmvfc: Fix invalid state machine BUG_ON()
    - mailbox: sprd: Introduce refcnt when clients requests/free channels
    - mfd: stm32-timers: Avoid clearing auto reload register
    - nvmet-tcp: fix a segmentation fault during io parsing error
    - nvme-pci: don't simple map sgl when sgls are disabled
    - media: meson-ge2d: fix rotation parameters
    - media: cedrus: Fix H265 status definitions
    - HSI: core: fix resource leaks in hsi_add_client_from_dt()
    - x86/events/amd/iommu: Fix sysfs type mismatch
    - perf/amd/uncore: Fix sysfs type mismatch
    - block/rnbd-clt-sysfs: Remove copy buffer overlap in rnbd_clt_get_path_name
    - sched/debug: Fix cgroup_path[] serialization
    - kthread: Fix PF_KTHREAD vs to_kthread() race
    - ataflop: potential out of bounds in do_format()
    - ataflop: fix off by one in ataflop_probe()
    - drivers/block/null_blk/main: Fix a double free in null_init.
    - xsk: Respect device's headroom and tailroom on generic xmit path
    - HID: plantronics: Workaround for double volume key presses
    - perf symbols: Fix dso__fprintf_symbols_by_name() to return the number of
      printed chars
    - ASoC: Intel: boards: sof-wm8804: add check for PLL setting
    - ASoC: Intel: Skylake: Compile when any configuration is selected
    - RDMA/mlx5: Fix mlx5 rates to IB rates map
    - wilc1000: write value to WILC_INTR2_ENABLE register
    - KVM: x86/mmu: Retry page faults that hit an invalid memslot
    - Bluetooth: avoid deadlock between hci_dev->lock and socket lock
    - net: lapbether: Prevent racing when checking whether the netif is running
    - libbpf: Add explicit padding to bpf_xdp_set_link_opts
    - bpftool: Fix maybe-uninitialized warnings
    - iommu: Check dev->iommu in iommu_dev_xxx functions
    - dma-iommu: use static-key to minimize the impact in the fast-path
    - iommu/dma: Resurrect the "forcedac" option
    - iommu/vt-d: Reject unsupported page request modes
    - selftests/bpf: Re-generate vmlinux.h and BPF skeletons if bpftool changed
    - libbpf: Add explicit padding to btf_dump_emit_type_decl_opts
    - powerpc/mm: Move the linear_mapping_mutex to the ifdef where it is used
    - powerpc/fadump: Mark fadump_calculate_reserve_size as __init
    - powerpc/prom: Mark identical_pvr_fixup as __init
    - MIPS: fix local_irq_{disable,enable} in asmmacro.h
    - ima: Fix the error code for restoring the PCR value
    - inet: use bigger hash table for IP ID generation
    - pinctrl: pinctrl-single: remove unused parameter
    - pinctrl: pinctrl-single: fix pcs_pin_dbg_show() when bits_per_mux is not
      zero
    - MIPS: loongson64: fix bug when PAGE_SIZE > 16KB
    - ASoC: wm8960: Remove bitclk relax condition in wm8960_configure_sysclk
    - iommu/arm-smmu-v3: add bit field SFM into GERROR_ERR_MASK
    - RDMA/mlx5: Fix drop packet rule in egress table
    - IB/isert: Fix a use after free in isert_connect_request
    - powerpc: Fix HAVE_HARDLOCKUP_DETECTOR_ARCH build configuration
    - MIPS/bpf: Enable bpf_probe_read{, str}() on MIPS again
    - gpio: guard gpiochip_irqchip_add_domain() with GPIOLIB_IRQCHIP
    - fs: dlm: fix missing unlock on error in accept_from_sock()
    - ASoC: q6afe-clocks: fix reprobing of the driver
    - ALSA: core: remove redundant spin_lock pair in snd_card_disconnect
    - net: phy: lan87xx: fix access to wrong register of LAN87xx
    - udp: never accept GSO_FRAGLIST packets
    - powerpc/pseries: Only register vio drivers if vio bus exists
    - net/tipc: fix missing destroy_workqueue() on error in tipc_crypto_start()
    - bug: Remove redundant condition check in report_bug
    - RDMA/core: Fix corrupted SL on passive side
    - nfc: pn533: prevent potential memory corruption
    - net: hns3: Limiting the scope of vector_ring_chain variable
    - mips: bmips: fix syscon-reboot nodes
    - KVM: arm64: Fix error return code in init_hyp_mode()
    - iommu/vt-d: Don't set then clear private data in prq_event_thread()
    - iommu: Fix a boundary issue to avoid performance drop
    - iommu/vt-d: Report right snoop capability when using FL for IOVA
    - iommu/vt-d: Report the right page fault address
    - iommu/vt-d: Preset Access/Dirty bits for IOVA over FL
    - iommu/vt-d: Remove WO permissions on second-level paging entries
    - iommu/vt-d: Invalidate PASID cache when root/context entry changed
    - ALSA: usb-audio: Add error checks for usb_driver_claim_interface() calls
    - HID: lenovo: Use brightness_set_blocking callback for setting LEDs
      brightness
    - HID: lenovo: Fix lenovo_led_set_tp10ubkbd() error handling
    - HID: lenovo: Check hid_get_drvdata() returns non NULL in lenovo_event()
    - HID: lenovo: Map mic-mute button to KEY_F20 instead of KEY_MICMUTE
    - KVM: arm64: Initialize VCPU mdcr_el2 before loading it
    - ASoC: simple-card: fix possible uninitialized single_cpu local variable
    - liquidio: Fix unintented sign extension of a left shift of a u16
    - IB/hfi1: Use kzalloc() for mmu_rb_handler allocation
    - powerpc/64s: Fix pte update for kernel memory on radix
    - powerpc/pseries: Add key to flags in pSeries_lpar_hpte_updateboltedpp()
    - powerpc/64s: Use htab_convert_pte_flags() in hash__mark_rodata_ro()
    - powerpc/perf: Fix PMU constraint check for EBB events
    - powerpc: iommu: fix build when neither PCI or IBMVIO is set
    - mac80211: bail out if cipher schemes are invalid
    - perf vendor events amd: Fix broken L2 Cache Hits from L2 HWPF metric
    - RDMA/hns: Fix missing assignment of max_inline_data
    - xfs: fix return of uninitialized value in variable error
    - rtw88: Fix an error code in rtw_debugfs_set_rsvd_page()
    - mt7601u: fix always true expression
    - mt76: mt7615: fix tx skb dma unmap
    - mt76: mt7915: fix tx skb dma unmap
    - mt76: mt7915: fix aggr len debugfs node
    - mt76: mt7615: fix mib stats counter reporting to mac80211
    - mt76: mt7915: fix mib stats counter reporting to mac80211
    - mt76: reduce q->lock hold time
    - mt76: check return value of mt76_txq_send_burst in mt76_txq_schedule_list
    - mt76: mt7915: fix rxrate reporting
    - mt76: mt7915: fix txrate reporting
    - mt76: mt7663: fix when beacon filter is being applied
    - mt76: mt7663s: make all of packets 4-bytes aligned in sdio tx aggregation
    - mt76: mt7663s: fix the possible device hang in high traffic
    - mt76: mt7615: cleanup mcu tx queue in mt7615_dma_reset()
    - mt76: mt7915: bring up the WA event rx queue for band1
    - mt76: mt7915: cleanup mcu tx queue in mt7915_dma_reset()
    - KVM: PPC: Book3S HV P9: Restore host CTRL SPR after guest exit
    - ovl: show "userxattr" in the mount data
    - ovl: invalidate readdir cache on changes to dir with origin
    - RDMA/qedr: Fix error return code in qedr_iw_connect()
    - IB/hfi1: Fix error return code in parse_platform_config()
    - RDMA/bnxt_re: Fix error return code in bnxt_qplib_cq_process_terminal()
    - cxgb4: Fix unintentional sign extension issues
    - net: thunderx: Fix unintentional sign extension issue
    - RDMA/srpt: Fix error return code in srpt_cm_req_recv()
    - RDMA/rtrs-clt: destroy sysfs after removing session from active list
    - i2c: cadence: fix reference leak when pm_runtime_get_sync fails
    - i2c: img-scb: fix reference leak when pm_runtime_get_sync fails
    - i2c: imx-lpi2c: fix reference leak when pm_runtime_get_sync fails
    - i2c: imx: fix reference leak when pm_runtime_get_sync fails
    - i2c: omap: fix reference leak when pm_runtime_get_sync fails
    - i2c: sprd: fix reference leak when pm_runtime_get_sync fails
    - i2c: stm32f7: fix reference leak when pm_runtime_get_sync fails
    - i2c: xiic: fix reference leak when pm_runtime_get_sync fails
    - i2c: cadence: add IRQ check
    - i2c: emev2: add IRQ check
    - i2c: jz4780: add IRQ check
    - i2c: mlxbf: add IRQ check
    - i2c: rcar: make sure irq is not threaded on Gen2 and earlier
    - i2c: rcar: protect against supurious interrupts on V3U
    - i2c: rcar: add IRQ check
    - i2c: sh7760: add IRQ check
    - iwlwifi: rs-fw: don't support stbc for HE 160
    - iwlwifi: dbg: disable ini debug in 9000 family and below
    - powerpc/xive: Drop check on irq_data in xive_core_debug_show()
    - powerpc/xive: Fix xmon command "dxi"
    - powerpc/syscall: Rename syscall_64.c into interrupt.c
    - powerpc/syscall: Change condition to check MSR_RI
    - ASoC: ak5558: correct reset polarity
    - net/mlx5: Fix bit-wise and with zero
    - net/packet: remove data races in fanout operations
    - drm/i915/gvt: Fix error code in intel_gvt_init_device()
    - iommu/amd: Put newline after closing bracket in warning
    - perf beauty: Fix fsconfig generator
    - drm/amdgpu: fix an error code in init_pmu_entry_by_type_and_add()
    - drm/amd/pm: fix error code in smu_set_power_limit()
    - MIPS: pci-legacy: stop using of_pci_range_to_resource
    - powerpc/pseries: extract host bridge from pci_bus prior to bus removal
    - mptcp: fix format specifiers for unsigned int
    - powerpc/smp: Reintroduce cpu_core_mask
    - KVM: x86: dump_vmcs should not assume GUEST_IA32_EFER is valid
    - rtlwifi: 8821ae: upgrade PHY and RF parameters
    - wlcore: fix overlapping snprintf arguments in debugfs
    - i2c: sh7760: fix IRQ error path
    - i2c: mediatek: Fix wrong dma sync flag
    - mwl8k: Fix a double Free in mwl8k_probe_hw
    - netfilter: nft_payload: fix C-VLAN offload support
    - netfilter: nftables_offload: VLAN id needs host byteorder in flow dissector
    - netfilter: nftables_offload: special ethertype handling for VLAN
    - vsock/vmci: log once the failed queue pair allocation
    - libbpf: Initialize the bpf_seq_printf parameters array field by field
    - net: ethernet: ixp4xx: Set the DMA masks explicitly
    - gro: fix napi_gro_frags() Fast GRO breakage due to IP alignment check
    - RDMA/cxgb4: add missing qpid increment
    - RDMA/i40iw: Fix error unwinding when i40iw_hmc_sd_one fails
    - ALSA: usb: midi: don't return -ENOMEM when usb_urb_ep_type_check fails
    - sfc: ef10: fix TX queue lookup in TX event handling
    - vsock/virtio: free queued packets when closing socket
    - net: marvell: prestera: fix port event handling on init
    - net: davinci_emac: Fix incorrect masking of tx and rx error channel
    - mt76: mt7615: fix memleak when mt7615_unregister_device()
    - mt76: mt7915: fix memleak when mt7915_unregister_device()
    - powerpc/pseries/iommu: Fix window size for direct mapping with pmem
    - crypto: ccp: Detect and reject "invalid" addresses destined for PSP
    - net: dsa: mv88e6xxx: Fix off-by-one in VTU devlink region size
    - nfp: devlink: initialize the devlink port attribute "lanes"
    - net: stmmac: fix TSO and TBS feature enabling during driver open
    - net: renesas: ravb: Fix a stuck issue when a lot of frames are received
    - net: phy: intel-xway: enable integrated led functions
    - RDMA/rxe: Fix a bug in rxe_fill_ip_info()
    - RDMA/core: Add CM to restrack after successful attachment to a device
    - powerpc/64: Fix the definition of the fixmap area
    - ath9k: Fix error check in ath9k_hw_read_revisions() for PCI devices
    - ath10k: Fix a use after free in ath10k_htc_send_bundle
    - ath10k: Fix ath10k_wmi_tlv_op_pull_peer_stats_info() unlock without lock
    - wlcore: Fix buffer overrun by snprintf due to incorrect buffer size
    - powerpc/perf: Fix the threshold event selection for memory events in power10
    - powerpc/52xx: Fix an invalid ASM expression ('addi' used instead of 'add')
    - net: phy: marvell: fix m88e1011_set_downshift
    - net: phy: marvell: fix m88e1111_set_downshift
    - net: enetc: fix link error again
    - bnxt_en: fix ternary sign extension bug in bnxt_show_temp()
    - ARM: dts: uniphier: Change phy-mode to RGMII-ID to enable delay pins for
      RTL8211E
    - arm64: dts: uniphier: Change phy-mode to RGMII-ID to enable delay pins for
      RTL8211E
    - net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb
    - selftests: net: mirror_gre_vlan_bridge_1q: Make an FDB entry static
    - selftests: mlxsw: Remove a redundant if statement in tc_flower_scale test
    - bnxt_en: Fix RX consumer index logic in the error path.
    - KVM: VMX: Intercept FS/GS_BASE MSR accesses for 32-bit KVM
    - KVM: SVM: Zero out the VMCB array used to track SEV ASID association
    - KVM: SVM: Free sev_asid_bitmap during init if SEV setup fails
    - KVM: SVM: Disable SEV/SEV-ES if NPT is disabled
    - net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send
    - selftests/bpf: Fix BPF_CORE_READ_BITFIELD() macro
    - selftests/bpf: Fix field existence CO-RE reloc tests
    - selftests/bpf: Fix core_reloc test runner
    - bpf: Fix propagation of 32 bit unsigned bounds from 64 bit bounds
    - RDMA/siw: Fix a use after free in siw_alloc_mr
    - RDMA/bnxt_re: Fix a double free in bnxt_qplib_alloc_res
    - net: bridge: mcast: fix broken length + header check for MRDv6 Adv.
    - net: dsa: mv88e6xxx: Fix 6095/6097/6185 ports in non-SERDES CMODE
    - net:nfc:digital: Fix a double free in digital_tg_recv_dep_req
    - perf tools: Change fields type in perf_record_time_conv
    - perf jit: Let convert_timestamp() to be backwards-compatible
    - perf session: Add swap operation for event TIME_CONV
    - ia64: fix EFI_DEBUG build
    - kfifo: fix ternary sign extension bugs
    - mm/sl?b.c: remove ctor argument from kmem_cache_flags
    - mm: memcontrol: slab: fix obtain a reference to a freeing memcg
    - mm/sparse: add the missing sparse_buffer_fini() in error branch
    - mm/memory-failure: unnecessary amount of unmapping
    - afs: Fix speculative status fetches
    - net: Only allow init netns to set default tcp cong to a restricted algo
    - smp: Fix smp_call_function_single_async prototype
    - Revert "net/sctp: fix race condition in sctp_destroy_sock"
    - sctp: delay auto_asconf init until binding the first addr
    - Linux 5.11.21
  * Fix kdump failures (LP: #1927518)
    - video: hyperv_fb: Add ratelimit on error message
    - Drivers: hv: vmbus: Increase wait time for VMbus unload
    - Drivers: hv: vmbus: Initialize unload_event statically
  * Hirsute update: v5.11.20 upstream stable release (LP: #1928857)
    - bus: mhi: core: Fix check for syserr at power_up
    - bus: mhi: core: Clear configuration from channel context during reset
    - bus: mhi: core: Sanity check values from remote device before use
    - bus: mhi: core: Add missing checks for MMIO register entries
    - bus: mhi: pci_generic: Remove WQ_MEM_RECLAIM flag from state workqueue
    - nitro_enclaves: Fix stale file descriptors on failed usercopy
    - dyndbg: fix parsing file query without a line-range suffix
    - s390/disassembler: increase ebpf disasm buffer size
    - s390/zcrypt: fix zcard and zqueue hot-unplug memleak
    - s390/vfio-ap: fix circular lockdep when setting/clearing crypto masks
    - vhost-vdpa: fix vm_flags for virtqueue doorbell mapping
    - tpm: acpi: Check eventlog signature before using it
    - ACPI: custom_method: fix potential use-after-free issue
    - ACPI: custom_method: fix a possible memory leak
    - ftrace: Handle commands when closing set_ftrace_filter file
    - ARM: 9056/1: decompressor: fix BSS size calculation for LLVM ld.lld
    - arm64: dts: marvell: armada-37xx: add syscon compatible to NB clk node
    - arm64: dts: mt8173: fix property typo of 'phys' in dsi node
    - ecryptfs: fix kernel panic with null dev_name
    - fs/epoll: restore waking from ep_done_scan()
    - reset: add missing empty function reset_control_rearm()
    - mtd: spi-nor: core: Fix an issue of releasing resources during read/write
    - Revert "mtd: spi-nor: macronix: Add support for mx25l51245g"
    - mtd: spinand: core: add missing MODULE_DEVICE_TABLE()
    - mtd: rawnand: atmel: Update ecc_stats.corrected counter
    - mtd: physmap: physmap-bt1-rom: Fix unintentional stack access
    - erofs: add unsupported inode i_format check
    - spi: stm32-qspi: fix pm_runtime usage_count counter
    - spi: spi-ti-qspi: Free DMA resources
    - libceph: allow addrvecs with a single NONE/blank address
    - scsi: qla2xxx: Reserve extra IRQ vectors
    - scsi: lpfc: Fix rmmod crash due to bad ring pointers to abort_iotag
    - scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand()
    - scsi: mpt3sas: Only one vSES is present even when IOC has multi vSES
    - scsi: mpt3sas: Block PCI config access from userspace during reset
    - mmc: uniphier-sd: Fix an error handling path in uniphier_sd_probe()
    - mmc: uniphier-sd: Fix a resource leak in the remove function
    - mmc: sdhci: Check for reset prior to DMA address unmap
    - mmc: sdhci-pci: Fix initialization of some SD cards for Intel BYT-based
      controllers
    - mmc: block: Update ext_csd.cache_ctrl if it was written
    - mmc: block: Issue a cache flush only when it's enabled
    - mmc: core: Do a power cycle when the CMD11 fails
    - mmc: core: Set read only for SD cards with permanent write protect bit
    - mmc: core: Fix hanging on I/O during system suspend for removable cards
    - irqchip/gic-v3: Do not enable irqs when handling spurious interrups
    - cifs: Return correct error code from smb2_get_enc_key
    - cifs: fix out-of-bound memory access when calling smb3_notify() at mount
      point
    - cifs: fix leak in cifs_smb3_do_mount() ctx
    - cifs: detect dead connections only when echoes are enabled.
    - cifs: fix regression when mounting shares with prefix paths
    - smb2: fix use-after-free in smb2_ioctl_query_info()
    - btrfs: handle remount to no compress during compression
    - x86/build: Disable HIGHMEM64G selection for M486SX
    - btrfs: fix metadata extent leak after failure to create subvolume
    - intel_th: pci: Add Rocket Lake CPU support
    - btrfs: fix race between transaction aborts and fsyncs leading to use-after-
      free
    - posix-timers: Preserve return value in clock_adjtime32()
    - fbdev: zero-fill colormap in fbcmap.c
    - cpuidle: tegra: Fix C7 idling state on Tegra114
    - bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first
    - staging: wimax/i2400m: fix byte-order issue
    - spi: ath79: always call chipselect function
    - spi: ath79: remove spi-master setup and cleanup assignment
    - bus: mhi: core: Destroy SBL devices when moving to mission mode
    - bus: mhi: core: Process execution environment changes serially
    - crypto: api - check for ERR pointers in crypto_destroy_tfm()
    - crypto: qat - fix unmap invalid dma address
    - usb: gadget: uvc: add bInterval checking for HS mode
    - usb: webcam: Invalid size of Processing Unit Descriptor
    - x86/sev: Do not require Hypervisor CPUID bit for SEV guests
    - crypto: hisilicon/sec - fixes a printing error
    - genirq/matrix: Prevent allocation counter corruption
    - usb: gadget: f_uac2: validate input parameters
    - usb: gadget: f_uac1: validate input parameters
    - usb: dwc3: gadget: Ignore EP queue requests during bus reset
    - usb: xhci: Fix port minor revision
    - kselftest/arm64: mte: Fix compilation with native compiler
    - ARM: tegra: acer-a500: Rename avdd to vdda of touchscreen node
    - PCI: PM: Do not read power state in pci_enable_device_flags()
    - kselftest/arm64: mte: Fix MTE feature detection
    - ARM: dts: BCM5301X: fix "reg" formatting in /memory node
    - ARM: dts: ux500: Fix up TVK R3 sensors
    - x86/build: Propagate $(CLANG_FLAGS) to $(REALMODE_FLAGS)
    - x86/boot: Add $(CLANG_FLAGS) to compressed KBUILD_CFLAGS
    - efi/libstub: Add $(CLANG_FLAGS) to x86 flags
    - soc/tegra: pmc: Fix completion of power-gate toggling
    - arm64: dts: imx8mq-librem5-r3: Mark buck3 as always on
    - tee: optee: do not check memref size on return from Secure World
    - soundwire: cadence: only prepare attached devices on clock stop
    - perf/arm_pmu_platform: Use dev_err_probe() for IRQ errors
    - perf/arm_pmu_platform: Fix error handling
    - random: initialize ChaCha20 constants with correct endianness
    - usb: xhci-mtk: support quirk to disable usb2 lpm
    - fpga: dfl: pci: add DID for D5005 PAC cards
    - xhci: check port array allocation was successful before dereferencing it
    - xhci: check control context is valid before dereferencing it.
    - xhci: fix potential array out of bounds with several interrupters
    - bus: mhi: core: Clear context for stopped channels from remove()
    - ARM: dts: at91: change the key code of the gpio key
    - tools/power/x86/intel-speed-select: Increase string size
    - platform/x86: ISST: Account for increased timeout in some cases
    - clocksource/drivers/dw_apb_timer_of: Add handling for potential memory leak
    - resource: Prevent irqresource_disabled() from erasing flags
    - spi: dln2: Fix reference leak to master
    - spi: omap-100k: Fix reference leak to master
    - spi: qup: fix PM reference leak in spi_qup_remove()
    - usb: gadget: tegra-xudc: Fix possible use-after-free in tegra_xudc_remove()
    - usb: musb: fix PM reference leak in musb_irq_work()
    - usb: core: hub: Fix PM reference leak in usb_port_resume()
    - usb: dwc3: gadget: Check for disabled LPM quirk
    - tty: n_gsm: check error while registering tty devices
    - intel_th: Consistency and off-by-one fix
    - phy: phy-twl4030-usb: Fix possible use-after-free in twl4030_usb_remove()
    - crypto: sun8i-ss - Fix PM reference leak when pm_runtime_get_sync() fails
    - crypto: sun8i-ce - Fix PM reference leak in sun8i_ce_probe()
    - crypto: stm32/hash - Fix PM reference leak on stm32-hash.c
    - crypto: stm32/cryp - Fix PM reference leak on stm32-cryp.c
    - crypto: sa2ul - Fix PM reference leak in sa_ul_probe()
    - crypto: omap-aes - Fix PM reference leak on omap-aes.c
    - platform/x86: intel_pmc_core: Don't use global pmcdev in quirks
    - spi: sync up initial chipselect state
    - btrfs: do proper error handling in create_reloc_root
    - btrfs: do proper error handling in btrfs_update_reloc_root
    - btrfs: convert logic BUG_ON()'s in replace_path to ASSERT()'s
    - regulator: da9121: automotive variants identity fix
    - drm: Added orientation quirk for OneGX1 Pro
    - drm/qxl: release shadow on shutdown
    - drm/ast: Fix invalid usage of AST_MAX_HWC_WIDTH in cursor atomic_check
    - drm/amd/display: changing sr exit latency
    - drm/amd/display: Fix MPC OGAM power on/off sequence
    - drm/ast: fix memory leak when unload the driver
    - drm/amd/display: Check for DSC support instead of ASIC revision
    - drm/amd/display: Don't optimize bandwidth before disabling planes
    - drm/amd/display: Return invalid state if GPINT times out
    - drm/amdgpu/display: buffer INTERRUPT_LOW_IRQ_CONTEXT interrupt work
    - drm/amd/display/dc/dce/dce_aux: Remove duplicate line causing 'field
      overwritten' issue
    - scsi: lpfc: Fix incorrect dbde assignment when building target abts wqe
    - scsi: lpfc: Fix pt2pt connection does not recover after LOGO
    - scsi: lpfc: Fix status returned in lpfc_els_retry() error exit path
    - scsi: lpfc: Fix PLOGI ACC to be transmit after REG_LOGIN
    - scsi: lpfc: Fix ADISC handling that never frees nodes
    - drm/amdgpu: Fix some unload driver issues
    - sched/pelt: Fix task util_est update filtering
    - sched/topology: fix the issue groups don't span domain->span for NUMA
      diameter > 2
    - kvfree_rcu: Use same set of GFP flags as does single-argument
    - drm/virtio: fix possible leak/unlock virtio_gpu_object_array
    - scsi: target: pscsi: Fix warning in pscsi_complete_cmd()
    - media: ite-cir: check for receive overflow
    - media: drivers: media: pci: sta2x11: fix Kconfig dependency on GPIOLIB
    - media: drivers/media/usb: fix memory leak in zr364xx_probe
    - media: cx23885: add more quirks for reset DMA on some AMD IOMMU
    - media: imx: capture: Return -EPIPE from __capture_legacy_try_fmt()
    - atomisp: don't let it go past pipes array
    - power: supply: bq27xxx: fix power_avg for newer ICs
    - extcon: arizona: Fix some issues when HPDET IRQ fires after the jack has
      been unplugged
    - extcon: arizona: Fix various races on driver unbind
    - media: media/saa7164: fix saa7164_encoder_register() memory leak bugs
    - media: gspca/sq905.c: fix uninitialized variable
    - media: v4l2-ctrls.c: initialize flags field of p_fwht_params
    - power: supply: Use IRQF_ONESHOT
    - backlight: qcom-wled: Use sink_addr for sync toggle
    - backlight: qcom-wled: Fix FSC update issue for WLED5
    - drm/amdgpu: mask the xgmi number of hops reported from psp to kfd
    - drm/amdkfd: Fix UBSAN shift-out-of-bounds warning
    - drm/amdgpu : Fix asic reset regression issue introduce by 8f211fe8ac7c4f
    - drm/amd/pm: fix workload mismatch on vega10
    - drm/amd/display: Fix UBSAN warning for not a valid value for type '_Bool'
    - drm/amd/display: DCHUB underflow counter increasing in some scenarios
    - drm/amd/display: fix dml prefetch validation
    - scsi: qla2xxx: Always check the return value of qla24xx_get_isp_stats()
    - drm/vkms: fix misuse of WARN_ON
    - scsi: qla2xxx: Fix use after free in bsg
    - mmc: sdhci-esdhc-imx: validate pinctrl before use it
    - mmc: sdhci-pci: Add PCI IDs for Intel LKF
    - mmc: sdhci-brcmstb: Remove CQE quirk
    - ata: ahci: Disable SXS for Hisilicon Kunpeng920
    - drm/komeda: Fix bit check to import to value of proper type
    - nvmet: return proper error code from discovery ctrl
    - selftests/resctrl: Enable gcc checks to detect buffer overflows
    - selftests/resctrl: Fix compilation issues for global variables
    - selftests/resctrl: Fix compilation issues for other global variables
    - selftests/resctrl: Clean up resctrl features check
    - selftests/resctrl: Fix missing options "-n" and "-p"
    - selftests/resctrl: Use resctrl/info for feature detection
    - selftests/resctrl: Fix incorrect parsing of iMC counters
    - selftests/resctrl: Fix checking for < 0 for unsigned values
    - power: supply: cpcap-charger: Add usleep to cpcap charger to avoid usb plug
      bounce
    - scsi: smartpqi: Use host-wide tag space
    - scsi: smartpqi: Correct request leakage during reset operations
    - scsi: smartpqi: Add new PCI IDs
    - scsi: scsi_dh_alua: Remove check for ASC 24h in alua_rtpg()
    - media: em28xx: fix memory leak
    - media: vivid: update EDID
    - drm/msm/dp: Fix incorrect NULL check kbot warnings in DP driver
    - clk: socfpga: arria10: Fix memory leak of socfpga_clk on error return
    - power: supply: generic-adc-battery: fix possible use-after-free in
      gab_remove()
    - power: supply: s3c_adc_battery: fix possible use-after-free in
      s3c_adc_bat_remove()
    - media: tc358743: fix possible use-after-free in tc358743_remove()
    - media: adv7604: fix possible use-after-free in adv76xx_remove()
    - media: i2c: adv7511-v4l2: fix possible use-after-free in adv7511_remove()
    - media: i2c: tda1997: Fix possible use-after-free in tda1997x_remove()
    - media: i2c: adv7842: fix possible use-after-free in adv7842_remove()
    - media: platform: sti: Fix runtime PM imbalance in regs_show
    - media: sun8i-di: Fix runtime PM imbalance in deinterlace_start_streaming
    - media: dvb-usb: fix memory leak in dvb_usb_adapter_init
    - media: gscpa/stv06xx: fix memory leak
    - sched/fair: Ignore percpu threads for imbalance pulls
    - drm/msm/mdp5: Configure PP_SYNC_HEIGHT to double the vtotal
    - drm/msm/mdp5: Do not multiply vclk line count by 100
    - drm/amdgpu/ttm: Fix memory leak userptr pages
    - drm/radeon/ttm: Fix memory leak userptr pages
    - drm/amd/display: Fix debugfs link_settings entry
    - drm/amd/display: Fix UBSAN: shift-out-of-bounds warning
    - drm/radeon: don't evict if not initialized
    - drm/amdkfd: Fix cat debugfs hang_hws file causes system crash bug
    - amdgpu: avoid incorrect %hu format string
    - drm/amdgpu/display: fix memory leak for dimgrey cavefish
    - drm/amdgpu: fix NULL pointer dereference
    - scsi: lpfc: Fix crash when a REG_RPI mailbox fails triggering a LOGO
      response
    - scsi: lpfc: Fix reference counting errors in lpfc_cmpl_els_rsp()
    - scsi: lpfc: Fix error handling for mailboxes completed in MBX_POLL mode
    - scsi: lpfc: Remove unsupported mbox PORT_CAPABILITIES logic
    - mfd: intel-m10-bmc: Fix the register access range
    - mfd: da9063: Support SMBus and I2C mode
    - mfd: arizona: Fix rumtime PM imbalance on error
    - scsi: libfc: Fix a format specifier
    - perf: Rework perf_event_exit_event()
    - sched,fair: Alternative sched_slice()
    - block/rnbd-srv: Prevent a deadlock generated by accessing sysfs in parallel
    - block/rnbd-clt: Fix missing a memory free when unloading the module
    - s390/archrandom: add parameter check for s390_arch_random_generate
    - sched,psi: Handle potential task count underflow bugs more gracefully
    - power: supply: cpcap-battery: fix invalid usage of list cursor
    - ALSA: emu8000: Fix a use after free in snd_emu8000_create_mixer
    - ALSA: hda/conexant: Re-order CX5066 quirk table entries
    - ALSA: sb: Fix two use after free in snd_sb_qsound_build
    - ALSA: usb-audio: Explicitly set up the clock selector
    - ALSA: usb-audio: Add dB range mapping for Sennheiser Communications Headset
      PC 8
    - ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 445 G7
    - ALSA: hda/realtek: GA503 use same quirks as GA401
    - ALSA: hda/realtek: fix mic boost on Intel NUC 8
    - ALSA: hda/realtek - Headset Mic issue on HP platform
    - ALSA: hda/realtek: fix static noise on ALC285 Lenovo laptops
    - ALSA: hda/realtek: Add quirk for Intel Clevo PCx0Dx
    - tools/power/turbostat: Fix turbostat for AMD Zen CPUs
    - btrfs: fix race when picking most recent mod log operation for an old root
    - arm64/vdso: Discard .note.gnu.property sections in vDSO
    - Makefile: Move -Wno-unused-but-set-variable out of GCC only block
    - fs: fix reporting supported extra file attributes for statx()
    - virtiofs: fix memory leak in virtio_fs_probe()
    - kcsan, debugfs: Move debugfs file creation out of early init
    - ubifs: Only check replay with inode type to judge if inode linked
    - f2fs: fix error handling in f2fs_end_enable_verity()
    - f2fs: fix to avoid out-of-bounds memory access
    - mlxsw: spectrum_mr: Update egress RIF list before route's action
    - openvswitch: fix stack OOB read while fragmenting IPv4 packets
    - net/sched: sch_frag: fix stack OOB read while fragmenting IPv4 packets
    - NFS: fs_context: validate UDP retrans to prevent shift out-of-bounds
    - NFS: Don't discard pNFS layout segments that are marked for return
    - NFSv4: Don't discard segments marked for return in _pnfs_return_layout()
    - Input: ili210x - add missing negation for touch indication on ili210x
    - jffs2: Fix kasan slab-out-of-bounds problem
    - jffs2: Hook up splice_write callback
    - iommu/vt-d: Force to flush iotlb before creating superpage
    - powerpc/vdso: Separate vvar vma from vdso
    - powerpc/powernv: Enable HAIL (HV AIL) for ISA v3.1 processors
    - powerpc/eeh: Fix EEH handling for hugepages in ioremap space.
    - powerpc/kexec_file: Use current CPU info while setting up FDT
    - powerpc/32: Fix boot failure with CONFIG_STACKPROTECTOR
    - powerpc: fix EDEADLOCK redefinition error in uapi/asm/errno.h
    - powerpc/kvm: Fix PR KVM with KUAP/MEM_KEYS enabled
    - powerpc/kvm: Fix build error when PPC_MEM_KEYS/PPC_PSERIES=n
    - intel_th: pci: Add Alder Lake-M support
    - tpm: efi: Use local variable for calculating final log size
    - tpm: vtpm_proxy: Avoid reading host log when using a virtual device
    - crypto: arm/curve25519 - Move '.fpu' after '.arch'
    - crypto: rng - fix crypto_rng_reset() refcounting when !CRYPTO_STATS
    - md/raid1: properly indicate failure when ending a failed write request
    - dm raid: fix inconclusive reshape layout on fast raid4/5/6 table reload
      sequences
    - fuse: fix write deadlock
    - mm: page_alloc: ignore init_on_free=1 for debug_pagealloc=1
    - exfat: fix erroneous discard when clear cluster bit
    - sfc: farch: fix TX queue lookup in TX flush done handling
    - sfc: farch: fix TX queue lookup in TX event handling
    - rcu/nocb: Fix missed nocb_timer requeue
    - security: commoncap: fix -Wstringop-overread warning
    - Fix misc new gcc warnings
    - jffs2: check the validity of dstlen in jffs2_zlib_compress()
    - smb3: when mounting with multichannel include it in requested capabilities
    - smb3: if max_channels set to more than one channel request multichannel
    - smb3: do not attempt multichannel to server which does not support it
    - Revert 337f13046ff0 ("futex: Allow FUTEX_CLOCK_REALTIME with FUTEX_WAIT op")
    - futex: Do not apply time namespace adjustment on FUTEX_LOCK_PI
    - x86/cpu: Initialize MSR_TSC_AUX if RDTSCP *or* RDPID is supported
    - kbuild: update config_data.gz only when the content of .config is changed
    - ext4: annotate data race in start_this_handle()
    - ext4: annotate data race in jbd2_journal_dirty_metadata()
    - ext4: fix check to prevent false positive report of incorrect used inodes
    - ext4: do not set SB_ACTIVE in ext4_orphan_cleanup()
    - ext4: always panic when errors=panic is specified
    - ext4: fix error code in ext4_commit_super
    - ext4: fix ext4_error_err save negative errno into superblock
    - ext4: fix error return code in ext4_fc_perform_commit()
    - ext4: allow the dax flag to be set and cleared on inline directories
    - ext4: Fix occasional generic/418 failure
    - media: dvbdev: Fix memory leak in dvb_media_device_free()
    - media: dvb-usb: Fix use-after-free access
    - media: dvb-usb: Fix memory leak at error in dvb_usb_device_init()
    - media: staging/intel-ipu3: Fix memory leak in imu_fmt
    - media: staging/intel-ipu3: Fix set_fmt error handling
    - media: staging/intel-ipu3: Fix race condition during set_fmt
    - media: v4l2-ctrls: fix reference to freed memory
    - media: coda: fix macroblocks count control usage
    - media: venus: hfi_parser: Don't initialize parser on v1
    - usb: gadget: dummy_hcd: fix gpf in gadget_setup
    - usb: gadget: Fix double free of device descriptor pointers
    - usb: gadget/function/f_fs string table fix for multiple languages
    - usb: dwc3: gadget: Remove FS bInterval_m1 limitation
    - usb: dwc3: gadget: Fix START_TRANSFER link state check
    - usb: dwc3: core: Do core softreset when switch mode
    - usb: dwc2: Fix session request interrupt handler
    - PCI: dwc: Move iATU detection earlier
    - tty: fix memory leak in vc_deallocate
    - rsi: Use resume_noirq for SDIO
    - tools/power turbostat: Fix offset overflow issue in index converting
    - tracing: Map all PIDs to command lines
    - tracing: Restructure trace_clock_global() to never block
    - dm persistent data: packed struct should have an aligned() attribute too
    - dm space map common: fix division bug in sm_ll_find_free_block()
    - dm integrity: fix missing goto in bitmap_flush_interval error handling
    - dm rq: fix double free of blk_mq_tag_set in dev remove after table load
      fails
    - pinctrl: Ingenic: Add support for read the pin configuration of X1830.
    - lib/vsprintf.c: remove leftover 'f' and 'F' cases from bstr_printf()
    - thermal/drivers/cpufreq_cooling: Fix slab OOB issue
    - thermal/core/fair share: Lock the thermal zone while looping over instances
    - Revert "UBUNTU: SAUCE: Revert "s390/cio: remove pm support from ccw bus
      driver""
    - s390/cio: remove invalid condition on IO_SCH_UNREG
    - Linux 5.11.20
  * Hirsute update: v5.11.20 upstream stable release (LP: #1928857) //
    CVE-2021-20288).
    - libceph: bump CephXAuthenticate encoding version
  * Hirsute update: v5.11.19 upstream stable release (LP: #1928850)
    - mips: Do not include hi and lo in clobber list for R6
    - netfilter: conntrack: Make global sysctls readonly in non-init netns
    - net: usb: ax88179_178a: initialize local variables before use
    - drm/i915: Disable runtime power management during shutdown
    - igb: Enable RSS for Intel I211 Ethernet Controller
    - bpf: Fix masking negation logic upon negative dst register
    - bpf: Fix leakage of uninitialized bpf stack under speculation
    - net: qrtr: Avoid potential use after free in MHI send
    - perf data: Fix error return code in perf_data__create_dir()
    - capabilities: require CAP_SETFCAP to map uid 0
    - perf ftrace: Fix access to pid in array when setting a pid filter
    - tools/cgroup/slabinfo.py: updated to work on current kernel
    - driver core: add a min_align_mask field to struct device_dma_parameters
    - swiotlb: add a IO_TLB_SIZE define
    - swiotlb: factor out an io_tlb_offset helper
    - swiotlb: factor out a nr_slots helper
    - swiotlb: clean up swiotlb_tbl_unmap_single
    - swiotlb: refactor swiotlb_tbl_map_single
    - swiotlb: don't modify orig_addr in swiotlb_tbl_sync_single
    - swiotlb: respect min_align_mask
    - nvme-pci: set min_align_mask
    - ovl: fix leaked dentry
    - ovl: allow upperdir inside lowerdir
    - ALSA: usb-audio: Add MIDI quirk for Vox ToneLab EX
    - ALSA: usb-audio: Fix implicit sync clearance at stopping stream
    - USB: Add reset-resume quirk for WD19's Realtek Hub
    - platform/x86: thinkpad_acpi: Correct thermal sensor allocation
    - perf/core: Fix unconditional security_locked_down() call
    - vfio: Depend on MMU
    - Linux 5.11.19
  * r8152 tx status -71 (LP: #1922651) // Hirsute update: v5.11.19 upstream
    stable release (LP: #1928850)
    - USB: Add LPM quirk for Lenovo ThinkPad USB-C Dock Gen2 Ethernet
  * Hirsute update: v5.11.18 upstream stable release (LP: #1928849)
    - iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_gen2_enqueue_hcmd()
    - drm/amd/display: Update modifier list for gfx10_3
    - mei: me: add Alder Lake P device id.
    - Linux 5.11.18

-- Tim Gardner <tim.gardner@canonical.com>  Tue, 08 Jun 2021 11:07:35 -0600

Changed in linux-azure (Ubuntu Impish):
status:	Fix Committed → Fix Released

Revision history for this message

Tim Gardner (timg-tpi) wrote on 2021-07-19:

#10

This commit has been released with no regressions detected. Marking verification done.

tags:

added: verification-done-hirsute
removed: verification-needed-hirsute

Revision history for this message

Launchpad Janitor (janitor) wrote on 2021-07-20:

#11

Download full text (23.1 KiB)

This bug was fixed in the package linux - 5.11.0-25.27

---------------
linux (5.11.0-25.27) hirsute; urgency=medium

* CVE-2021-33909
- SAUCE: seq_file: Disallow extremely large seq buffer allocations

linux (5.11.0-24.25) hirsute; urgency=medium

  * test_pmtu_vti4_link_add_mtu() test from net/pmtu.sh in
    ubuntu_kernel_selftests cannot finish properly on 5.11 and 5.8
    (LP: #1933969)
    - ip6_gre: proper dev_{hold|put} in ndo_[un]init methods
    - sit: proper dev_{hold|put} in ndo_[un]init methods
    - ip6_tunnel: sit: proper dev_{hold|put} in ndo_[un]init methods
    - ipv6: remove extra dev_hold() for fallback tunnels

linux (5.11.0-23.24) hirsute; urgency=medium

* hirsute/linux: 5.11.0-23.24 -proposed tracker (LP: #1932420)

  * Packaging resync (LP: #1786013)
    - [Packaging] resync getabis
    - [Packaging] update helper scripts
    - update dkms package versions

* Disable hv-kvp-daemon.service on certain instance types (LP: #1932081)
- [Packaging]: Add kernel command line condition to hv-kvp-daemon service

  * Add support for IO functions of AAEON devices (LP: #1929504)
    - ODM: mfd: Add support for IO functions of AAEON devices
    - ODM: gpio: add driver for AAEON devices
    - ODM: watchdog: add driver for AAEON devices
    - ODM: hwmon: add driver for AAEON devices
    - ODM: leds: add driver for AAEON devices
    - ODM: [Config] update config for AAEON devices

  * Add support for selective build of special drivers (LP: #1912789)
    - [Packaging] Add support for ODM drivers
    - [Packaging] Turn on ODM support for amd64
    - [Packaging] Fix ODM support in actual build
    - [Packaging] Fix ODM DRIVERS Kconfig

  * Mute/Mic mute LEDs and right speaker are not work on HP platforms
    (LP: #1932055)
    - ALSA: hda/realtek: fix mute/micmute LEDs and speaker for HP Elite Dragonfly
      G2
    - ALSA: hda/realtek: fix mute/micmute LEDs and speaker for HP EliteBook x360
      1040 G8
    - ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook 840 Aero G8
    - ALSA: hda/realtek: fix mute/micmute LEDs for HP ZBook Power G8

* SD card initialization on insertion fails (LP: #1929444)
- misc: rtsx: separate aspm mode into MODE_REG and MODE_CFG

* Fix non-working GPU on Some HP desktops (LP: #1931147)
- PCI: Coalesce host bridge contiguous apertures

* CirrusLogic: The default input volume is "0%" on Dell Warlock (LP: #1929803)
- ALSA: hda/cirrus: Set Initial DMIC volume to -26 dB

  * Mic-mute/mute LEDs not work on some HP platforms (LP: #1930707)
    - ALSA: hda/realtek: fix mute/micmute LEDs for HP 855 G8
    - ALSA: hda/realtek: fix mute/micmute LEDs and speaker for HP Zbook G8
    - ALSA: hda/realtek: fix mute/micmute LEDs and speaker for HP Zbook Fury 15 G8
    - ALSA: hda/realtek: fix mute/micmute LEDs and speaker for HP Zbook Fury 17 G8

* [UBUNTU 21.04] tools/kvm_stat: Add restart delay (LP: #1921870)
- [Packaging] install kvm_stat systemd service

* Fix ICL PCH no picture after S3 (LP: #1930582)
- drm/i915/icp+: Use icp_hpd_irq_setup() instead of spt_hpd_irq_setup()

* Hirsute update: v5.11.22 upstream stable release (LP: #1931292)
- KEYS: trusted: Fix memory...

This bug was fixed in the package linux - 5.11.0-25.27

---------------
linux (5.11.0-25.27) hirsute; urgency=medium

* CVE-2021-33909
    - SAUCE: seq_file: Disallow extremely large seq buffer allocations

linux (5.11.0-24.25) hirsute; urgency=medium

* test_pmtu_vti4_link_add_mtu() test from net/pmtu.sh in
    ubuntu_kernel_selftests cannot finish properly on 5.11 and 5.8
    (LP: #1933969)
    - ip6_gre: proper dev_{hold|put} in ndo_[un]init methods
    - sit: proper dev_{hold|put} in ndo_[un]init methods
    - ip6_tunnel: sit: proper dev_{hold|put} in ndo_[un]init methods
    - ipv6: remove extra dev_hold() for fallback tunnels

linux (5.11.0-23.24) hirsute; urgency=medium

* hirsute/linux: 5.11.0-23.24 -proposed tracker (LP: #1932420)

* Packaging resync (LP: #1786013)
    - [Packaging] resync getabis
    - [Packaging] update helper scripts
    - update dkms package versions

* Disable hv-kvp-daemon.service on certain instance types (LP: #1932081)
    - [Packaging]: Add kernel command line condition to hv-kvp-daemon service

* Add support for IO functions of AAEON devices (LP: #1929504)
    - ODM: mfd: Add support for IO functions of AAEON devices
    - ODM: gpio: add driver for AAEON devices
    - ODM: watchdog: add driver for AAEON devices
    - ODM: hwmon: add driver for AAEON devices
    - ODM: leds: add driver for AAEON devices
    - ODM: [Config] update config for AAEON devices

* Add support for selective build of special drivers (LP: #1912789)
    - [Packaging] Add support for ODM drivers
    - [Packaging] Turn on ODM support for amd64
    - [Packaging] Fix ODM support in actual build
    - [Packaging] Fix ODM DRIVERS Kconfig

* Mute/Mic mute LEDs and right speaker are not work on HP platforms
    (LP: #1932055)
    - ALSA: hda/realtek: fix mute/micmute LEDs and speaker for HP Elite Dragonfly
      G2
    - ALSA: hda/realtek: fix mute/micmute LEDs and speaker for HP EliteBook x360
      1040 G8
    - ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook 840 Aero G8
    - ALSA: hda/realtek: fix mute/micmute LEDs for HP ZBook Power G8

* SD card initialization on insertion fails (LP: #1929444)
    - misc: rtsx: separate aspm mode into MODE_REG and MODE_CFG

* Fix non-working GPU on Some HP desktops (LP: #1931147)
    - PCI: Coalesce host bridge contiguous apertures

* CirrusLogic: The default input volume is "0%" on Dell Warlock (LP: #1929803)
    - ALSA: hda/cirrus: Set Initial DMIC volume to -26 dB

* Mic-mute/mute LEDs not work on some HP platforms (LP: #1930707)
    - ALSA: hda/realtek: fix mute/micmute LEDs for HP 855 G8
    - ALSA: hda/realtek: fix mute/micmute LEDs and speaker for HP Zbook G8
    - ALSA: hda/realtek: fix mute/micmute LEDs and speaker for HP Zbook Fury 15 G8
    - ALSA: hda/realtek: fix mute/micmute LEDs and speaker for HP Zbook Fury 17 G8

* [UBUNTU 21.04] tools/kvm_stat: Add restart delay (LP: #1921870)
    - [Packaging] install kvm_stat systemd service

* Fix ICL PCH no picture after S3 (LP: #1930582)
    - drm/i915/icp+: Use icp_hpd_irq_setup() instead of spt_hpd_irq_setup()

* Hirsute update: v5.11.22 upstream stable release (LP: #1931292)
    - KEYS: trusted: Fix memory leak on object td
    - tpm: fix error return code in tpm2_get_cc_attrs_tbl()
    - tpm, tpm_tis: Extend locality handling to TPM2 in tpm_tis_gen_interrupt()
    - tpm, tpm_tis: Reserve locality in tpm_tis_resume()
    - KVM: SVM: Make sure GHCB is mapped before updating
    - KVM: x86/mmu: Remove the defunct update_pte() paging hook
    - KVM/VMX: Invoke NMI non-IST entry instead of IST entry
    - ACPI: PM: Add ACPI ID of Alder Lake Fan
    - PM: runtime: Fix unpaired parent child_count for force_resume
    - cpufreq: intel_pstate: Use HWP if enabled by platform firmware
    - kvm: Cap halt polling at kvm->max_halt_poll_ns
    - ath11k: fix thermal temperature read
    - ALSA: usb-audio: Add Pioneer DJM-850 to quirks-table
    - fs: dlm: fix debugfs dump
    - fs: dlm: fix mark setting deadlock
    - fs: dlm: add errno handling to check callback
    - fs: dlm: add check if dlm is currently running
    - fs: dlm: change allocation limits
    - fs: dlm: check on minimum msglen size
    - fs: dlm: flush swork on shutdown
    - fs: dlm: add shutdown hook
    - tipc: convert dest node's address to network order
    - ASoC: Intel: bytcr_rt5640: Enable jack-detect support on Asus T100TAF
    - net/mlx5e: Use net_prefetchw instead of prefetchw in MPWQE TX datapath
    - net: stmmac: Set FIFO sizes for ipq806x
    - ASoC: rsnd: core: Check convert rate in rsnd_hw_params
    - Bluetooth: Fix incorrect status handling in LE PHY UPDATE event
    - i2c: bail out early when RDWR parameters are wrong
    - ALSA: hdsp: don't disable if not enabled
    - ALSA: hdspm: don't disable if not enabled
    - ALSA: rme9652: don't disable if not enabled
    - ALSA: bebob: enable to deliver MIDI messages for multiple ports
    - Bluetooth: Set CONF_NOT_COMPLETE as l2cap_chan default
    - Bluetooth: initialize skb_queue_head at l2cap_chan_create()
    - net/sched: cls_flower: use ntohs for struct flow_dissector_key_ports
    - net: bridge: when suppression is enabled exclude RARP packets
    - Bluetooth: check for zapped sk before connecting
    - selftests/powerpc: Fix L1D flushing tests for Power10
    - powerpc/32: Statically initialise first emergency context
    - net: hns3: remediate a potential overflow risk of bd_num_list
    - net: hns3: add handling for xmit skb with recursive fraglist
    - ip6_vti: proper dev_{hold|put} in ndo_[un]init methods
    - ASoC: Intel: bytcr_rt5640: Add quirk for the Chuwi Hi8 tablet
    - ice: handle increasing Tx or Rx ring sizes
    - Bluetooth: btusb: Enable quirk boolean flag for Mediatek Chip.
    - ASoC: rt5670: Add a quirk for the Dell Venue 10 Pro 5055
    - selftests: mptcp: launch mptcp_connect with timeout
    - i2c: Add I2C_AQ_NO_REP_START adapter quirk
    - Bluetooth: Do not set cur_adv_instance in adv param MGMT request
    - MIPS: Loongson64: Use _CACHE_UNCACHED instead of _CACHE_UNCACHED_ACCELERATED
    - coresight: Do not scan for graph if none is present
    - IB/hfi1: Correct oversized ring allocation
    - mac80211: Set priority and queue mapping for injected frames
    - mac80211: clear the beacon's CRC after channel switch
    - ASoC: soc-compress: lock pcm_mutex to resolve lockdep error
    - pinctrl: samsung: use 'int' for register masks in Exynos
    - rtw88: 8822c: add LC calibration for RTL8822C
    - mt76: mt7615: fix key set/delete issues
    - mt76: mt7615: support loading EEPROM for MT7613BE
    - mt76: mt76x0: disable GTK offloading
    - mt76: mt7915: always check return value from mt7915_mcu_alloc_wtbl_req
    - mt76: mt7915: fix key set/delete issue
    - mt76: mt7915: fix txpower init for TSSI off chips
    - mt76: mt7915: add wifi subsystem reset
    - i2c: imx: Fix PM reference leak in i2c_imx_reg_slave()
    - fuse: invalidate attrs when page writeback completes
    - virtiofs: fix userns
    - cuse: prevent clone
    - iwlwifi: pcie: make cfg vs. trans_cfg more robust
    - iwlwifi: queue: avoid memory leak in reset flow
    - powerpc/mm: Add cond_resched() while removing hpte mappings
    - ASoC: rsnd: call rsnd_ssi_master_clk_start() from rsnd_ssi_init()
    - Revert "iommu/amd: Fix performance counter initialization"
    - iommu/amd: Remove performance counter pre-initialization test
    - drm/amd/display: Force vsync flip when reconfiguring MPCC
    - selftests: Set CC to clang in lib.mk if LLVM is set
    - kconfig: nconf: stop endless search loops
    - ALSA: hda/realtek: Add quirk for Lenovo Ideapad S740
    - ASoC: Intel: sof_sdw: add quirk for new ADL-P Rvp
    - ALSA: hda/hdmi: fix race in handling acomp ELD notification at resume
    - sctp: Fix out-of-bounds warning in sctp_process_asconf_param()
    - flow_dissector: Fix out-of-bounds warning in __skb_flow_bpf_to_target()
    - powerpc/xive: Use the "ibm, chip-id" property only under PowerNV
    - powerpc/smp: Set numa node before updating mask
    - wilc1000: Bring MAC address setting in line with typical Linux behavior
    - mac80211: properly drop the connection in case of invalid CSA IE
    - ASoC: rt286: Generalize support for ALC3263 codec
    - ethtool: ioctl: Fix out-of-bounds warning in store_link_ksettings_for_user()
    - net: sched: tapr: prevent cycle_time == 0 in parse_taprio_schedule
    - samples/bpf: Fix broken tracex1 due to kprobe argument change
    - powerpc/pseries: Stop calling printk in rtas_stop_self()
    - drm/amd/display: fixed divide by zero kernel crash during dsc enablement
    - drm/amd/display: add handling for hdcp2 rx id list validation
    - drm/amdgpu: Add mem sync flag for IB allocated by SA
    - mt76: mt7615: fix entering driver-own state on mt7663
    - crypto: ccp: Free SEV device if SEV init fails
    - wl3501_cs: Fix out-of-bounds warnings in wl3501_send_pkt
    - wl3501_cs: Fix out-of-bounds warnings in wl3501_mgmt_join
    - qtnfmac: Fix possible buffer overflow in qtnf_event_handle_external_auth
    - powerpc/iommu: Annotate nested lock for lockdep
    - iavf: remove duplicate free resources calls
    - net: ethernet: mtk_eth_soc: fix RX VLAN offload
    - selftests: mlxsw: Increase the tolerance of backlog buildup
    - selftests: mlxsw: Fix mausezahn invocation in ERSPAN scale test
    - kbuild: generate Module.symvers only when vmlinux exists
    - bnxt_en: Add PCI IDs for Hyper-V VF devices.
    - ia64: module: fix symbolizer crash on fdescr
    - watchdog: rename __touch_watchdog() to a better descriptive name
    - watchdog: explicitly update timestamp when reporting softlockup
    - watchdog/softlockup: remove logic that tried to prevent repeated reports
    - watchdog: fix barriers when printing backtraces from all CPUs
    - ASoC: rt286: Make RT286_SET_GPIO_* readable and writable
    - thermal: thermal_of: Fix error return code of
      thermal_of_populate_bind_params()
    - PCI/RCEC: Fix RCiEP device to RCEC association
    - f2fs: fix to allow migrating fully valid segment
    - f2fs: fix panic during f2fs_resize_fs()
    - f2fs: fix a redundant call to f2fs_balance_fs if an error occurs
    - remoteproc: qcom_q6v5_mss: Validate p_filesz in ELF loader
    - PCI: iproc: Fix return value of iproc_msi_irq_domain_alloc()
    - PCI: Release OF node in pci_scan_device()'s error path
    - ARM: 9064/1: hw_breakpoint: Do not directly check the event's
      overflow_handler hook
    - f2fs: fix to align to section for fallocate() on pinned file
    - f2fs: fix to update last i_size if fallocate partially succeeds
    - PCI: endpoint: Make *_get_first_free_bar() take into account 64 bit BAR
    - PCI: endpoint: Add helper API to get the 'next' unreserved BAR
    - PCI: endpoint: Make *_free_bar() to return error codes on failure
    - PCI: endpoint: Fix NULL pointer dereference for ->get_features()
    - f2fs: fix to avoid touching checkpointed data in get_victim()
    - f2fs: fix to cover __allocate_new_section() with curseg_lock
    - fs: 9p: fix v9fs_file_open writeback fid error check
    - f2fs: Fix a hungtask problem in atomic write
    - nfs: Subsequent READDIR calls should carry non-zero cookieverifier
    - NFS: Fix handling of cookie verifier in uncached_readdir()
    - NFS: Only change the cookie verifier if the directory page cache is empty
    - f2fs: fix to avoid accessing invalid fio in f2fs_allocate_data_block()
    - rpmsg: qcom_glink_native: fix error return code of qcom_glink_rx_data()
    - NFS: nfs4_bitmask_adjust() must not change the server global bitmasks
    - NFS: Fix attribute bitmask in _nfs42_proc_fallocate()
    - NFSv4.2: Always flush out writes in nfs42_proc_fallocate()
    - NFS: Deal correctly with attribute generation counter overflow
    - PCI: endpoint: Fix missing destroy_workqueue()
    - remoteproc: pru: Fixup interrupt-parent logic for fw events
    - remoteproc: pru: Fix wrong success return value for fw events
    - remoteproc: pru: Fix and cleanup firmware interrupt mapping logic
    - pNFS/flexfiles: fix incorrect size check in decode_nfs_fh()
    - NFSv4.2 fix handling of sr_eof in SEEK's reply
    - SUNRPC: Move fault injection call sites
    - SUNRPC: Remove trace_xprt_transmit_queued
    - SUNRPC: Handle major timeout in xprt_adjust_timeout()
    - thermal/drivers/tsens: Fix missing put_device error
    - NFSv4.x: Don't return NFS4ERR_NOMATCHING_LAYOUT if we're unmounting
    - nfsd: ensure new clients break delegations
    - rtc: fsl-ftm-alarm: add MODULE_TABLE()
    - dmaengine: idxd: Fix potential null dereference on pointer status
    - dmaengine: idxd: fix dma device lifetime
    - dmaengine: idxd: cleanup pci interrupt vector allocation management
    - dmaengine: idxd: removal of pcim managed mmio mapping
    - dma: idxd: use DEFINE_MUTEX() for mutex lock
    - dmaengine: idxd: use ida for device instance enumeration
    - dmaengine: idxd: fix idxd conf_dev 'struct device' lifetime
    - dmaengine: idxd: fix wq conf_dev 'struct device' lifetime
    - dmaengine: idxd: fix engine conf_dev lifetime
    - dmaengine: idxd: fix group conf_dev lifetime
    - dmaengine: idxd: fix cdev setup and free device lifetime issues
    - SUNRPC: fix ternary sign expansion bug in tracing
    - SUNRPC: Fix null pointer dereference in svc_rqst_free()
    - pwm: atmel: Fix duty cycle calculation in .get_state()
    - xprtrdma: Avoid Receive Queue wrapping
    - xprtrdma: Fix cwnd update ordering
    - xprtrdma: rpcrdma_mr_pop() already does list_del_init()
    - swiotlb: Fix the type of index
    - ceph: fix inode leak on getattr error in __fh_to_dentry
    - scsi: qla2xxx: Prevent PRLI in target mode
    - scsi: ufs: core: Do not put UFS power into LPM if link is broken
    - scsi: ufs: core: Cancel rpm_dev_flush_recheck_work during system suspend
    - scsi: ufs: core: Narrow down fast path in system suspend path
    - rtc: ds1307: Fix wday settings for rx8130
    - net: hns3: fix incorrect configuration for igu_egu_hw_err
    - net: hns3: initialize the message content in hclge_get_link_mode()
    - net: hns3: add check for HNS3_NIC_STATE_INITED in
      hns3_reset_notify_up_enet()
    - net: hns3: fix for vxlan gpe tx checksum bug
    - net: hns3: use netif_tx_disable to stop the transmit queue
    - net: hns3: disable phy loopback setting in hclge_mac_start_phy
    - sctp: do asoc update earlier in sctp_sf_do_dupcook_a
    - RISC-V: Fix error code returned by riscv_hartid_to_cpuid()
    - sunrpc: Fix misplaced barrier in call_decode
    - libbpf: Fix signed overflow in ringbuf_process_ring
    - block/rnbd-clt: Change queue_depth type in rnbd_clt_session to size_t
    - block/rnbd-clt: Check the return value of the function rtrs_clt_query
    - ata: ahci_brcm: Fix use of BCM7216 reset controller
    - PCI: brcmstb: Use reset/rearm instead of deassert/assert
    - ethernet:enic: Fix a use after free bug in enic_hard_start_xmit
    - sctp: fix a SCTP_MIB_CURRESTAB leak in sctp_sf_do_dupcook_b
    - netfilter: xt_SECMARK: add new revision to fix structure layout
    - xsk: Fix for xp_aligned_validate_desc() when len == chunk_size
    - net: stmmac: Clear receive all(RA) bit when promiscuous mode is off
    - drm/radeon: Fix off-by-one power_state index heap overwrite
    - drm/radeon: Avoid power table parsing memory leaks
    - arm64: entry: factor irq triage logic into macros
    - arm64: entry: always set GIC_PRIO_PSR_I_SET during entry
    - khugepaged: fix wrong result value for trace_mm_collapse_huge_page_isolate()
    - mm/hugeltb: handle the error case in hugetlb_fix_reserve_counts()
    - mm/migrate.c: fix potential indeterminate pte entry in
      migrate_vma_insert_page()
    - ksm: fix potential missing rmap_item for stable_node
    - mm/gup: check every subpage of a compound page during isolation
    - mm/gup: return an error on migration failure
    - mm/gup: check for isolation errors
    - ethtool: fix missing NLM_F_MULTI flag when dumping
    - net: fix nla_strcmp to handle more then one trailing null character
    - smc: disallow TCP_ULP in smc_setsockopt()
    - netfilter: nfnetlink_osf: Fix a missing skb_header_pointer() NULL check
    - netfilter: nftables: Fix a memleak from userdata error path in new objects
    - can: mcp251xfd: mcp251xfd_probe(): add missing can_rx_offload_del() in error
      path
    - can: mcp251x: fix resume from sleep before interface was brought up
    - can: m_can: m_can_tx_work_queue(): fix tx_skb race condition
    - sched: Fix out-of-bound access in uclamp
    - sched/fair: Fix unfairness caused by missing load decay
    - net: ipa: fix inter-EE IRQ register definitions
    - fs/proc/generic.c: fix incorrect pde_is_permanent check
    - kernel: kexec_file: fix error return code of kexec_calculate_store_digests()
    - kernel/resource: make walk_system_ram_res() find all busy
      IORESOURCE_SYSTEM_RAM resources
    - kernel/resource: make walk_mem_res() find all busy IORESOURCE_MEM resources
    - netfilter: nftables: avoid overflows in nft_hash_buckets()
    - i40e: fix broken XDP support
    - i40e: Fix use-after-free in i40e_client_subtask()
    - i40e: fix the restart auto-negotiation after FEC modified
    - i40e: Fix PHY type identifiers for 2.5G and 5G adapters
    - mptcp: fix splat when closing unaccepted socket
    - ARC: entry: fix off-by-one error in syscall number validation
    - ARC: mm: PAE: use 40-bit physical page mask
    - ARC: mm: Use max_high_pfn as a HIGHMEM zone border
    - sh: Remove unused variable
    - powerpc/64s: Fix crashes when toggling stf barrier
    - powerpc/64s: Fix crashes when toggling entry flush barrier
    - hfsplus: prevent corruption in shrinking truncate
    - squashfs: fix divide error in calculate_skip()
    - userfaultfd: release page in error path to avoid BUG_ON
    - kasan: fix unit tests with CONFIG_UBSAN_LOCAL_BOUNDS enabled
    - mm/hugetlb: fix F_SEAL_FUTURE_WRITE
    - blk-iocost: fix weight updates of inner active iocgs
    - x86, sched: Fix the AMD CPPC maximum performance value on certain AMD Ryzen
      generations
    - arm64: mte: initialize RGSR_EL1.SEED in __cpu_setup
    - arm64: Fix race condition on PG_dcache_clean in __sync_icache_dcache()
    - btrfs: fix deadlock when cloning inline extents and using qgroups
    - btrfs: fix race leading to unpersisted data and metadata on fsync
    - drm/amd/display: Initialize attribute for hdcp_srm sysfs file
    - drm/i915: Avoid div-by-zero on gen2
    - kvm: exit halt polling on need_resched() as well
    - drm/msm: fix LLC not being enabled for mmu500 targets
    - KVM: LAPIC: Accurately guarantee busy wait for timer to expire when using
      hv_timer
    - drm/msm/dp: initialize audio_comp when audio starts
    - KVM: x86: Cancel pvclock_gtod_work on module removal
    - KVM: x86: Prevent deadlock against tk_core.seq
    - dax: Add an enum for specifying dax wakup mode
    - dax: Add a wakeup mode parameter to put_unlocked_entry()
    - dax: Wake up all waiters after invalidating dax entry
    - xen/unpopulated-alloc: fix error return code in fill_list()
    - perf tools: Fix dynamic libbpf link
    - usb: dwc3: gadget: Free gadget structure only after freeing endpoints
    - iio: light: gp2ap002: Fix rumtime PM imbalance on error
    - iio: proximity: pulsedlight: Fix rumtime PM imbalance on error
    - iio: hid-sensors: select IIO_TRIGGERED_BUFFER under HID_SENSOR_IIO_TRIGGER
    - iio: core: return ENODEV if ioctl is unknown
    - usb: fotg210-hcd: Fix an error message
    - hwmon: (occ) Fix poll rate limiting
    - usb: musb: Fix an error message
    - hwmon: (ltc2992) Put fwnode in error case during ->probe()
    - ACPI: scan: Fix a memory leak in an error handling path
    - kyber: fix out of bounds access when preempted
    - nvmet: add lba to sect conversion helpers
    - nvmet: fix inline bio check for bdev-ns
    - nvmet: fix inline bio check for passthru
    - nvmet-rdma: Fix NULL deref when SEND is completed with error
    - f2fs: compress: fix to free compress page correctly
    - f2fs: compress: fix race condition of overwrite vs truncate
    - f2fs: compress: fix to assign cc.cluster_idx correctly
    - nbd: Fix NULL pointer in flush_workqueue
    - blk-mq: plug request for shared sbitmap
    - blk-mq: Swap two calls in blk_mq_exit_queue()
    - usb: dwc3: omap: improve extcon initialization
    - usb: dwc3: pci: Enable usb2-gadget-lpm-disable for Intel Merrifield
    - usb: xhci: Increase timeout for HC halt
    - usb: dwc2: Fix gadget DMA unmap direction
    - usb: core: hub: fix race condition about TRSMRCY of resume
    - usb: dwc3: gadget: Enable suspend events
    - usb: dwc3: gadget: Return success always for kick transfer in ep queue
    - usb: typec: ucsi: Retrieve all the PDOs instead of just the first 4
    - usb: typec: ucsi: Put fwnode in any case during ->probe()
    - xhci-pci: Allow host runtime PM as default for Intel Alder Lake xHCI
    - xhci: Do not use GFP_KERNEL in (potentially) atomic context
    - xhci: Add reset resume quirk for AMD xhci controller.
    - iio: core: fix ioctl handlers removal
    - iio: gyro: mpu3050: Fix reported temperature value
    - iio: tsl2583: Fix division by a zero lux_val
    - cdc-wdm: untangle a circular dependency between callback and softint
    - xen/gntdev: fix gntdev_mmap() error exit path
    - KVM: x86: Emulate RDPID only if RDTSCP is supported
    - KVM: x86: Move RDPID emulation intercept to its own enum
    - KVM: nVMX: Always make an attempt to map eVMCS after migration
    - KVM: VMX: Do not advertise RDPID if ENABLE_RDTSCP control is unsupported
    - KVM: VMX: Disable preemption when probing user return MSRs
    - mm: fix struct page layout on 32-bit systems
    - MIPS: Reinstate platform `__div64_32' handler
    - MIPS: Avoid DIVU in `__div64_32' is result would be zero
    - MIPS: Avoid handcoded DIVU in `__div64_32' altogether
    - clocksource/drivers/timer-ti-dm: Prepare to handle dra7 timer wrap issue
    - clocksource/drivers/timer-ti-dm: Handle dra7 timer wrap errata i940
    - usb: typec: tcpm: Fix error while calculating PPS out values
    - kobject_uevent: remove warning in init_uevent_argv()
    - drm/i915/gt: Fix a double free in gen8_preallocate_top_level_pdp
    - drm/msm/dp: check sink_count before update is_connected status
    - drm/i915: Read C0DRB3/C1DRB3 as 16 bits again
    - drm/i915/overlay: Fix active retire callback alignment
    - drm/i915: Fix crash in auto_retire
    - clk: exynos7: Mark aclk_fsys1_200 as critical
    - soc: mediatek: pm-domains: Add a meaningful power domain name
    - soc: mediatek: pm-domains: Add a power domain names for mt8183
    - soc: mediatek: pm-domains: Add a power domain names for mt8192
    - media: rkvdec: Remove of_match_ptr()
    - i2c: mediatek: Fix send master code at more than 1MHz
    - dt-bindings: media: renesas,vin: Make resets optional on R-Car Gen1
    - dt-bindings: thermal: rcar-gen3-thermal: Support five TSC nodes on r8a779a0
    - dt-bindings: serial: 8250: Remove duplicated compatible strings
    - dt-bindings: PCI: rcar-pci-host: Document missing R-Car H1 support
    - debugfs: Make debugfs_allow RO after init
    - ext4: fix debug format string warning
    - nvme: do not try to reconfigure APST when the controller is not live
    - ASoC: rsnd: check all BUSIF status when error
    - Linux 5.11.22

* scsi: storvsc: Parameterize number hardware queues (LP: #1930626)
    - scsi: storvsc: Parameterize number hardware queues

-- Thadeu Lima de Souza Cascardo <cascardo@canonical.com>  Fri, 09 Jul 2021 14:42:12 -0300

Changed in linux (Ubuntu Hirsute):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2021-07-20:

#12

Download full text (27.3 KiB)

This bug was fixed in the package linux - 5.4.0-80.90

---------------
linux (5.4.0-80.90) focal; urgency=medium

* CVE-2021-33909
- SAUCE: seq_file: Disallow extremely large seq buffer allocations

linux (5.4.0-79.88) focal; urgency=medium

* focal/linux: 5.4.0-79.88 -proposed tracker (LP: #1934343)

* lxd exec fails (LP: #1934187)
- SAUCE: Revert "proc: Check /proc/$pid/attr/ writes against file opener"

linux (5.4.0-78.87) focal; urgency=medium

* focal/linux: 5.4.0-78.87 -proposed tracker (LP: #1932478)

  * Packaging resync (LP: #1786013)
    - [Packaging] resync getabis
    - [Packaging] update helper scripts
    - update dkms package versions

* Disable hv-kvp-daemon.service on certain instance types (LP: #1932081)
- [Packaging]: Add kernel command line condition to hv-kvp-daemon service

  * QLogic Direct-Connect host can't discover SCSI-FC or NVMe/FC devices
    (LP: #1860724)
    - scsi: qla2xxx: Serialize fc_port alloc in N2N
    - scsi: qla2xxx: Set Nport ID for N2N
    - scsi: qla2xxx: Fix point-to-point (N2N) device discovery issue
    - scsi: qla2xxx: Fix N2N and NVMe connect retry failure

* [SRU] Add support for E810 NIC to Ice Driver in Focal (LP: #1912511)
- ice: add additional E810 device id

  * Focal update: v5.4.124 upstream stable release (LP: #1931166)
    - ALSA: hda/realtek: Headphone volume is controlled by Front mixer
    - ALSA: usb-audio: scarlett2: Fix device hang with ehci-pci
    - ALSA: usb-audio: scarlett2: Improve driver startup messages
    - cifs: set server->cipher_type to AES-128-CCM for SMB3.0
    - NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return()
    - iommu/vt-d: Fix sysfs leak in alloc_iommu()
    - perf intel-pt: Fix sample instruction bytes
    - perf intel-pt: Fix transaction abort handling
    - perf scripts python: exported-sql-viewer.py: Fix copy to clipboard from Top
      Calls by elapsed Time report
    - perf scripts python: exported-sql-viewer.py: Fix Array TypeError
    - perf scripts python: exported-sql-viewer.py: Fix warning display
    - proc: Check /proc/$pid/attr/ writes against file opener
    - net: hso: fix control-request directions
    - ath10k: Validate first subframe of A-MSDU before processing the list
    - dm snapshot: properly fix a crash when an origin has no snapshots
    - drm/amdgpu/vcn1: add cancel_delayed_work_sync before power gate
    - drm/amdgpu/vcn2.0: add cancel_delayed_work_sync before power gate
    - drm/amdgpu/vcn2.5: add cancel_delayed_work_sync before power gate
    - selftests/gpio: Use TEST_GEN_PROGS_EXTENDED
    - selftests/gpio: Move include of lib.mk up
    - selftests/gpio: Fix build when source tree is read only
    - kgdb: fix gcc-11 warnings harder
    - Documentation: seccomp: Fix user notification documentation
    - serial: core: fix suspicious security_locked_down() call
    - misc/uss720: fix memory leak in uss720_probe
    - thunderbolt: dma_port: Fix NVM read buffer bounds and offset issue
    - mei: request autosuspend after sending rx flow control
    - staging: iio: cdc: ad7746: avoid overwrite of num_channels
    - iio: gyro: fxas21002c: balance runtime power in error path
    - ...

This bug was fixed in the package linux - 5.4.0-80.90

---------------
linux (5.4.0-80.90) focal; urgency=medium

* CVE-2021-33909
    - SAUCE: seq_file: Disallow extremely large seq buffer allocations

linux (5.4.0-79.88) focal; urgency=medium

* focal/linux: 5.4.0-79.88 -proposed tracker (LP: #1934343)

* lxd exec fails (LP: #1934187)
    - SAUCE: Revert "proc: Check /proc/$pid/attr/ writes against file opener"

linux (5.4.0-78.87) focal; urgency=medium

* focal/linux: 5.4.0-78.87 -proposed tracker (LP: #1932478)

* Packaging resync (LP: #1786013)
    - [Packaging] resync getabis
    - [Packaging] update helper scripts
    - update dkms package versions

* Disable hv-kvp-daemon.service on certain instance types (LP: #1932081)
    - [Packaging]: Add kernel command line condition to hv-kvp-daemon service

* QLogic Direct-Connect host can't discover SCSI-FC or NVMe/FC devices
    (LP: #1860724)
    - scsi: qla2xxx: Serialize fc_port alloc in N2N
    - scsi: qla2xxx: Set Nport ID for N2N
    - scsi: qla2xxx: Fix point-to-point (N2N) device discovery issue
    - scsi: qla2xxx: Fix N2N and NVMe connect retry failure

* [SRU] Add support for E810 NIC to Ice Driver in Focal (LP: #1912511)
    - ice: add additional E810 device id

* Focal update: v5.4.124 upstream stable release (LP: #1931166)
    - ALSA: hda/realtek: Headphone volume is controlled by Front mixer
    - ALSA: usb-audio: scarlett2: Fix device hang with ehci-pci
    - ALSA: usb-audio: scarlett2: Improve driver startup messages
    - cifs: set server->cipher_type to AES-128-CCM for SMB3.0
    - NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return()
    - iommu/vt-d: Fix sysfs leak in alloc_iommu()
    - perf intel-pt: Fix sample instruction bytes
    - perf intel-pt: Fix transaction abort handling
    - perf scripts python: exported-sql-viewer.py: Fix copy to clipboard from Top
      Calls by elapsed Time report
    - perf scripts python: exported-sql-viewer.py: Fix Array TypeError
    - perf scripts python: exported-sql-viewer.py: Fix warning display
    - proc: Check /proc/$pid/attr/ writes against file opener
    - net: hso: fix control-request directions
    - ath10k: Validate first subframe of A-MSDU before processing the list
    - dm snapshot: properly fix a crash when an origin has no snapshots
    - drm/amdgpu/vcn1: add cancel_delayed_work_sync before power gate
    - drm/amdgpu/vcn2.0: add cancel_delayed_work_sync before power gate
    - drm/amdgpu/vcn2.5: add cancel_delayed_work_sync before power gate
    - selftests/gpio: Use TEST_GEN_PROGS_EXTENDED
    - selftests/gpio: Move include of lib.mk up
    - selftests/gpio: Fix build when source tree is read only
    - kgdb: fix gcc-11 warnings harder
    - Documentation: seccomp: Fix user notification documentation
    - serial: core: fix suspicious security_locked_down() call
    - misc/uss720: fix memory leak in uss720_probe
    - thunderbolt: dma_port: Fix NVM read buffer bounds and offset issue
    - mei: request autosuspend after sending rx flow control
    - staging: iio: cdc: ad7746: avoid overwrite of num_channels
    - iio: gyro: fxas21002c: balance runtime power in error path
    - iio: adc: ad7768-1: Fix too small buffer passed to
      iio_push_to_buffers_with_timestamp()
    - iio: adc: ad7124: Fix missbalanced regulator enable / disable on error.
    - iio: adc: ad7124: Fix potential overflow due to non sequential channel
      numbers
    - iio: adc: ad7793: Add missing error code in ad7793_setup()
    - serial: 8250_pci: Add support for new HPE serial device
    - serial: 8250_pci: handle FL_NOIRQ board flag
    - USB: trancevibrator: fix control-request direction
    - USB: usbfs: Don't WARN about excessively large memory allocations
    - serial: tegra: Fix a mask operation that is always true
    - serial: sh-sci: Fix off-by-one error in FIFO threshold register setting
    - serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait'
    - USB: serial: ti_usb_3410_5052: add startech.com device id
    - USB: serial: option: add Telit LE910-S1 compositions 0x7010, 0x7011
    - USB: serial: ftdi_sio: add IDs for IDS GmbH Products
    - USB: serial: pl2303: add device id for ADLINK ND-6530 GC
    - thermal/drivers/intel: Initialize RW trip to THERMAL_TEMP_INVALID
    - usb: dwc3: gadget: Properly track pending and queued SG
    - usb: gadget: udc: renesas_usb3: Fix a race in usb3_start_pipen()
    - net: usb: fix memory leak in smsc75xx_bind
    - spi: spi-geni-qcom: Fix use-after-free on unbind
    - Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails
    - fs/nfs: Use fatal_signal_pending instead of signal_pending
    - NFS: fix an incorrect limit in filelayout_decode_layout()
    - NFS: Fix an Oopsable condition in __nfs_pageio_add_request()
    - NFS: Don't corrupt the value of pg_bytes_written in nfs_do_recoalesce()
    - NFSv4: Fix v4.0/v4.1 SEEK_DATA return -ENOTSUPP when set NFS_V4_2 config
    - drm/meson: fix shutdown crash when component not probed
    - net/mlx5e: Fix multipath lag activation
    - net/mlx5e: Fix nullptr in add_vlan_push_action()
    - net/mlx4: Fix EEPROM dump support
    - Revert "net:tipc: Fix a double free in tipc_sk_mcast_rcv"
    - tipc: wait and exit until all work queues are done
    - tipc: skb_linearize the head skb when reassembling msgs
    - spi: spi-fsl-dspi: Fix a resource leak in an error handling path
    - net: dsa: mt7530: fix VLAN traffic leaks
    - net: dsa: fix a crash if ->get_sset_count() fails
    - net: dsa: sja1105: error out on unsupported PHY mode
    - i2c: s3c2410: fix possible NULL pointer deref on read message after write
    - i2c: i801: Don't generate an interrupt on bus reset
    - i2c: sh_mobile: Use new clock calculation formulas for RZ/G2E
    - perf jevents: Fix getting maximum number of fds
    - platform/x86: hp_accel: Avoid invoking _INI to speed up resume
    - gpio: cadence: Add missing MODULE_DEVICE_TABLE
    - Revert "media: usb: gspca: add a missed check for goto_low_power"
    - Revert "ALSA: sb: fix a missing check of snd_ctl_add"
    - Revert "serial: max310x: pass return value of spi_register_driver"
    - serial: max310x: unregister uart driver in case of failure and abort
    - Revert "net: fujitsu: fix a potential NULL pointer dereference"
    - net: fujitsu: fix potential null-ptr-deref
    - Revert "net/smc: fix a NULL pointer dereference"
    - net: caif: remove BUG_ON(dev == NULL) in caif_xmit
    - Revert "char: hpet: fix a missing check of ioremap"
    - char: hpet: add checks after calling ioremap
    - Revert "ALSA: gus: add a check of the status of snd_ctl_add"
    - Revert "ALSA: usx2y: Fix potential NULL pointer dereference"
    - Revert "isdn: mISDNinfineon: fix potential NULL pointer dereference"
    - isdn: mISDNinfineon: check/cleanup ioremap failure correctly in setup_io
    - Revert "ath6kl: return error code in ath6kl_wmi_set_roam_lrssi_cmd()"
    - ath6kl: return error code in ath6kl_wmi_set_roam_lrssi_cmd()
    - Revert "isdn: mISDN: Fix potential NULL pointer dereference of kzalloc"
    - isdn: mISDN: correctly handle ph_info allocation failure in hfcsusb_ph_info
    - Revert "dmaengine: qcom_hidma: Check for driver register failure"
    - dmaengine: qcom_hidma: comment platform_driver_register call
    - Revert "libertas: add checks for the return value of sysfs_create_group"
    - libertas: register sysfs groups properly
    - Revert "ASoC: cs43130: fix a NULL pointer dereference"
    - ASoC: cs43130: handle errors in cs43130_probe() properly
    - Revert "media: dvb: Add check on sp8870_readreg"
    - media: dvb: Add check on sp8870_readreg return
    - Revert "media: gspca: mt9m111: Check write_bridge for timeout"
    - media: gspca: mt9m111: Check write_bridge for timeout
    - Revert "media: gspca: Check the return value of write_bridge for timeout"
    - media: gspca: properly check for errors in po1030_probe()
    - Revert "net: liquidio: fix a NULL pointer dereference"
    - net: liquidio: Add missing null pointer checks
    - Revert "brcmfmac: add a check for the status of usb_register"
    - brcmfmac: properly check for bus register errors
    - btrfs: return whole extents in fiemap
    - scsi: BusLogic: Fix 64-bit system enumeration error for Buslogic
    - openrisc: Define memory barrier mb
    - btrfs: do not BUG_ON in link_to_fixup_dir
    - platform/x86: hp-wireless: add AMD's hardware id to the supported list
    - platform/x86: intel_punit_ipc: Append MODULE_DEVICE_TABLE for ACPI
    - platform/x86: touchscreen_dmi: Add info for the Mediacom Winpad 7.0 W700
      tablet
    - SMB3: incorrect file id in requests compounded with open
    - drm/amd/display: Disconnect non-DP with no EDID
    - drm/amd/amdgpu: fix refcount leak
    - drm/amdgpu: Fix a use-after-free
    - drm/amd/amdgpu: fix a potential deadlock in gpu reset
    - net: netcp: Fix an error message
    - net: dsa: fix error code getting shifted with 4 in dsa_slave_get_sset_count
    - ASoC: cs42l42: Regmap must use_single_read/write
    - vfio-ccw: Check initialized flag in cp_init()
    - net: really orphan skbs tied to closing sk
    - net: fec: fix the potential memory leak in fec_enet_init()
    - net: mdio: thunder: Fix a double free issue in the .remove function
    - net: mdio: octeon: Fix some double free issues
    - openvswitch: meter: fix race when getting now_ms.
    - tls splice: check SPLICE_F_NONBLOCK instead of MSG_DONTWAIT
    - net: sched: fix packet stuck problem for lockless qdisc
    - net: sched: fix tx action rescheduling issue during deactivation
    - net: sched: fix tx action reschedule issue with stopped queue
    - net: hso: check for allocation failure in hso_create_bulk_serial_device()
    - net: bnx2: Fix error return code in bnx2_init_board()
    - bnxt_en: Include new P5 HV definition in VF check.
    - mld: fix panic in mld_newpack()
    - gve: Check TX QPL was actually assigned
    - gve: Update mgmt_msix_idx if num_ntfy changes
    - gve: Add NULL pointer checks when freeing irqs.
    - gve: Upgrade memory barrier in poll routine
    - gve: Correct SKB queue index validation.
    - cxgb4: avoid accessing registers when clearing filters
    - staging: emxx_udc: fix loop in _nbu2ss_nuke()
    - ASoC: cs35l33: fix an error code in probe()
    - bpf: Set mac_len in bpf_skb_change_head
    - ixgbe: fix large MTU request from VF
    - scsi: libsas: Use _safe() loop in sas_resume_port()
    - net: lantiq: fix memory corruption in RX ring
    - ipv6: record frag_max_size in atomic fragments in input path
    - ALSA: usb-audio: scarlett2: snd_scarlett_gen2_controls_create() can be
      static
    - net: ethernet: mtk_eth_soc: Fix packet statistics support for MT7628/88
    - sch_dsmark: fix a NULL deref in qdisc_reset()
    - MIPS: alchemy: xxs1500: add gpio-au1000.h header file
    - MIPS: ralink: export rt_sysc_membase for rt2880_wdt.c
    - drm/i915/display: fix compiler warning about array overrun
    - i915: fix build warning in intel_dp_get_link_status()
    - drivers/net/ethernet: clean up unused assignments
    - net: hns3: check the return of skb_checksum_help()
    - Revert "Revert "ALSA: usx2y: Fix potential NULL pointer dereference""
    - net: hso: bail out on interrupt URB allocation failure
    - neighbour: Prevent Race condition in neighbour subsytem
    - usb: core: reduce power-on-good delay time of root hub
    - Linux 5.4.124

* Focal update: v5.4.123 upstream stable release (LP: #1931160)
    - usb: dwc3: gadget: Enable suspend events
    - perf unwind: Fix separate debug info files when using elfutils' libdw's
      unwinder
    - perf unwind: Set userdata for all __report_module() paths
    - NFC: nci: fix memory leak in nci_allocate_device
    - Linux 5.4.123

* Focal update: v5.4.122 upstream stable release (LP: #1931159)
    - firmware: arm_scpi: Prevent the ternary sign expansion bug
    - openrisc: Fix a memory leak
    - RDMA/siw: Properly check send and receive CQ pointers
    - RDMA/siw: Release xarray entry
    - RDMA/rxe: Clear all QP fields if creation failed
    - scsi: ufs: core: Increase the usable queue depth
    - scsi: qla2xxx: Fix error return code in qla82xx_write_flash_dword()
    - RDMA/mlx5: Recover from fatal event in dual port mode
    - RDMA/core: Don't access cm_id after its destruction
    - platform/mellanox: mlxbf-tmfifo: Fix a memory barrier issue
    - platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios
    - RDMA/uverbs: Fix a NULL vs IS_ERR() bug
    - ptrace: make ptrace() fail if the tracee changed its pid unexpectedly
    - nvmet: seset ns->file when open fails
    - locking/mutex: clear MUTEX_FLAGS if wait_list is empty due to signal
    - btrfs: avoid RCU stalls while running delayed iputs
    - cifs: fix memory leak in smb2_copychunk_range
    - ALSA: dice: fix stream format for TC Electronic Konnekt Live at high
      sampling transfer frequency
    - ALSA: intel8x0: Don't update period unless prepared
    - ALSA: line6: Fix racy initialization of LINE6 MIDI
    - ALSA: dice: fix stream format at middle sampling rate for Alesis iO 26
    - ALSA: firewire-lib: fix calculation for size of IR context payload
    - ALSA: usb-audio: Validate MS endpoint descriptors
    - ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro
    - ALSA: hda: fixup headset for ASUS GU502 laptop
    - Revert "ALSA: sb8: add a check for request_region"
    - ALSA: firewire-lib: fix check for the size of isochronous packet payload
    - ALSA: hda/realtek: reset eapd coeff to default value for alc287
    - ALSA: hda/realtek: Add some CLOVE SSIDs of ALC293
    - ALSA: hda/realtek: Fix silent headphone output on ASUS UX430UA
    - ALSA: hda/realtek: Add fixup for HP OMEN laptop
    - ALSA: hda/realtek: Add fixup for HP Spectre x360 15-df0xxx
    - uio_hv_generic: Fix a memory leak in error handling paths
    - Revert "rapidio: fix a NULL pointer dereference when create_workqueue()
      fails"
    - rapidio: handle create_workqueue() failure
    - Revert "serial: mvebu-uart: Fix to avoid a potential NULL pointer
      dereference"
    - drm/amdgpu: disable 3DCGCG on picasso/raven1 to avoid compute hang
    - drm/amdgpu: update gc golden setting for Navi12
    - drm/amdgpu: update sdma golden setting for Navi12
    - mmc: sdhci-pci-gli: increase 1.8V regulator wait
    - xen-pciback: reconfigure also from backend watch handler
    - dm snapshot: fix crash with transient storage and zero chunk size
    - Revert "video: hgafb: fix potential NULL pointer dereference"
    - Revert "net: stmicro: fix a missing check of clk_prepare"
    - Revert "leds: lp5523: fix a missing check of return value of lp55xx_read"
    - Revert "hwmon: (lm80) fix a missing check of bus read in lm80 probe"
    - Revert "video: imsttfb: fix potential NULL pointer dereferences"
    - Revert "ecryptfs: replace BUG_ON with error handling code"
    - Revert "scsi: ufs: fix a missing check of devm_reset_control_get"
    - Revert "gdrom: fix a memory leak bug"
    - cdrom: gdrom: deallocate struct gdrom_unit fields in remove_gdrom
    - cdrom: gdrom: initialize global variable at init time
    - Revert "media: rcar_drif: fix a memory disclosure"
    - Revert "rtlwifi: fix a potential NULL pointer dereference"
    - Revert "qlcnic: Avoid potential NULL pointer dereference"
    - Revert "niu: fix missing checks of niu_pci_eeprom_read"
    - ethernet: sun: niu: fix missing checks of niu_pci_eeprom_read()
    - net: stmicro: handle clk_prepare() failure during init
    - scsi: ufs: handle cleanup correctly on devm_reset_control_get error
    - net: rtlwifi: properly check for alloc_workqueue() failure
    - ics932s401: fix broken handling of errors when word reading fails
    - leds: lp5523: check return value of lp5xx_read and jump to cleanup code
    - qlcnic: Add null check after calling netdev_alloc_skb
    - video: hgafb: fix potential NULL pointer dereference
    - vgacon: Record video mode changes with VT_RESIZEX
    - vt: Fix character height handling with VT_RESIZEX
    - tty: vt: always invoke vc->vc_sw->con_resize callback
    - nvme-multipath: fix double initialization of ANA state
    - ext4: fix error handling in ext4_end_enable_verity()
    - Bluetooth: L2CAP: Fix handling LE modes by L2CAP_OPTIONS
    - nvmet: use new ana_log_size instead the old one
    - video: hgafb: correctly handle card detect failure during probe
    - Bluetooth: SMP: Fail if remote and local public keys are identical
    - Linux 5.4.122

* Focal update: v5.4.121 upstream stable release (LP: #1931158)
    - x86/msr: Fix wr/rdmsr_safe_regs_on_cpu() prototypes
    - kgdb: fix gcc-11 warning on indentation
    - usb: sl811-hcd: improve misleading indentation
    - cxgb4: Fix the -Wmisleading-indentation warning
    - isdn: capi: fix mismatched prototypes
    - pinctrl: ingenic: Improve unreachable code generation
    - xsk: Simplify detection of empty and full rings
    - virtio_net: Do not pull payload in skb->head
    - PCI: thunder: Fix compile testing
    - dmaengine: dw-edma: Fix crash on loading/unloading driver
    - ARM: 9066/1: ftrace: pause/unpause function graph tracer in cpu_suspend()
    - ACPI / hotplug / PCI: Fix reference count leak in enable_slot()
    - Input: elants_i2c - do not bind to i2c-hid compatible ACPI instantiated
      devices
    - Input: silead - add workaround for x86 BIOS-es which bring the chip up in a
      stuck state
    - um: Mark all kernel symbols as local
    - um: Disable CONFIG_GCOV with MODULES
    - ARM: 9075/1: kernel: Fix interrupted SMC calls
    - scripts/recordmcount.pl: Fix RISC-V regex for clang
    - riscv: Workaround mcount name prior to clang-13
    - scsi: lpfc: Fix illegal memory access on Abort IOCBs
    - ceph: fix fscache invalidation
    - scsi: target: tcmu: Return from tcmu_handle_completions() if cmd_id not
      found
    - bridge: Fix possible races between assigning rx_handler_data and setting
      IFF_BRIDGE_PORT bit
    - drm/amd/display: Fix two cursor duplication when using overlay
    - gpiolib: acpi: Add quirk to ignore EC wakeups on Dell Venue 10 Pro 5055
    - ALSA: hda: generic: change the DAC ctl name for LO+SPK or LO+HP
    - block: reexpand iov_iter after read/write
    - lib: stackdepot: turn depot_lock spinlock to raw_spinlock
    - net: stmmac: Do not enable RX FIFO overflow interrupts
    - ip6_gre: proper dev_{hold|put} in ndo_[un]init methods
    - sit: proper dev_{hold|put} in ndo_[un]init methods
    - ip6_tunnel: sit: proper dev_{hold|put} in ndo_[un]init methods
    - ipv6: remove extra dev_hold() for fallback tunnels
    - KVM: arm64: Initialize VCPU mdcr_el2 before loading it
    - tweewide: Fix most Shebang lines
    - scripts: switch explicitly to Python 3
    - Linux 5.4.121

* Focal update: v5.4.120 upstream stable release (LP: #1930474)
    - tpm: fix error return code in tpm2_get_cc_attrs_tbl()
    - tpm, tpm_tis: Extend locality handling to TPM2 in tpm_tis_gen_interrupt()
    - tpm, tpm_tis: Reserve locality in tpm_tis_resume()
    - KVM: x86/mmu: Remove the defunct update_pte() paging hook
    - PM: runtime: Fix unpaired parent child_count for force_resume
    - fs: dlm: fix debugfs dump
    - tipc: convert dest node's address to network order
    - ASoC: Intel: bytcr_rt5640: Enable jack-detect support on Asus T100TAF
    - net: stmmac: Set FIFO sizes for ipq806x
    - ASoC: rsnd: core: Check convert rate in rsnd_hw_params
    - i2c: bail out early when RDWR parameters are wrong
    - ALSA: hdsp: don't disable if not enabled
    - ALSA: hdspm: don't disable if not enabled
    - ALSA: rme9652: don't disable if not enabled
    - ALSA: bebob: enable to deliver MIDI messages for multiple ports
    - Bluetooth: Set CONF_NOT_COMPLETE as l2cap_chan default
    - Bluetooth: initialize skb_queue_head at l2cap_chan_create()
    - net: bridge: when suppression is enabled exclude RARP packets
    - Bluetooth: check for zapped sk before connecting
    - ip6_vti: proper dev_{hold|put} in ndo_[un]init methods
    - ASoC: Intel: bytcr_rt5640: Add quirk for the Chuwi Hi8 tablet
    - i2c: Add I2C_AQ_NO_REP_START adapter quirk
    - mac80211: clear the beacon's CRC after channel switch
    - pinctrl: samsung: use 'int' for register masks in Exynos
    - mt76: mt76x0: disable GTK offloading
    - cuse: prevent clone
    - ASoC: rsnd: call rsnd_ssi_master_clk_start() from rsnd_ssi_init()
    - Revert "iommu/amd: Fix performance counter initialization"
    - iommu/amd: Remove performance counter pre-initialization test
    - drm/amd/display: Force vsync flip when reconfiguring MPCC
    - selftests: Set CC to clang in lib.mk if LLVM is set
    - kconfig: nconf: stop endless search loops
    - ALSA: hda/hdmi: fix race in handling acomp ELD notification at resume
    - sctp: Fix out-of-bounds warning in sctp_process_asconf_param()
    - flow_dissector: Fix out-of-bounds warning in __skb_flow_bpf_to_target()
    - powerpc/smp: Set numa node before updating mask
    - ASoC: rt286: Generalize support for ALC3263 codec
    - ethtool: ioctl: Fix out-of-bounds warning in store_link_ksettings_for_user()
    - net: sched: tapr: prevent cycle_time == 0 in parse_taprio_schedule
    - samples/bpf: Fix broken tracex1 due to kprobe argument change
    - powerpc/pseries: Stop calling printk in rtas_stop_self()
    - drm/amd/display: fixed divide by zero kernel crash during dsc enablement
    - wl3501_cs: Fix out-of-bounds warnings in wl3501_send_pkt
    - wl3501_cs: Fix out-of-bounds warnings in wl3501_mgmt_join
    - qtnfmac: Fix possible buffer overflow in qtnf_event_handle_external_auth
    - powerpc/iommu: Annotate nested lock for lockdep
    - iavf: remove duplicate free resources calls
    - net: ethernet: mtk_eth_soc: fix RX VLAN offload
    - bnxt_en: Add PCI IDs for Hyper-V VF devices.
    - ia64: module: fix symbolizer crash on fdescr
    - ASoC: rt286: Make RT286_SET_GPIO_* readable and writable
    - thermal: thermal_of: Fix error return code of
      thermal_of_populate_bind_params()
    - f2fs: fix a redundant call to f2fs_balance_fs if an error occurs
    - PCI: iproc: Fix return value of iproc_msi_irq_domain_alloc()
    - PCI: Release OF node in pci_scan_device()'s error path
    - ARM: 9064/1: hw_breakpoint: Do not directly check the event's
      overflow_handler hook
    - rpmsg: qcom_glink_native: fix error return code of qcom_glink_rx_data()
    - NFSv4.2: Always flush out writes in nfs42_proc_fallocate()
    - NFS: Deal correctly with attribute generation counter overflow
    - PCI: endpoint: Fix missing destroy_workqueue()
    - pNFS/flexfiles: fix incorrect size check in decode_nfs_fh()
    - NFSv4.2 fix handling of sr_eof in SEEK's reply
    - rtc: fsl-ftm-alarm: add MODULE_TABLE()
    - ceph: fix inode leak on getattr error in __fh_to_dentry
    - rtc: ds1307: Fix wday settings for rx8130
    - net: hns3: fix incorrect configuration for igu_egu_hw_err
    - net: hns3: initialize the message content in hclge_get_link_mode()
    - net: hns3: add check for HNS3_NIC_STATE_INITED in
      hns3_reset_notify_up_enet()
    - net: hns3: fix for vxlan gpe tx checksum bug
    - net: hns3: use netif_tx_disable to stop the transmit queue
    - net: hns3: disable phy loopback setting in hclge_mac_start_phy
    - sctp: do asoc update earlier in sctp_sf_do_dupcook_a
    - RISC-V: Fix error code returned by riscv_hartid_to_cpuid()
    - sunrpc: Fix misplaced barrier in call_decode
    - ethernet:enic: Fix a use after free bug in enic_hard_start_xmit
    - sctp: fix a SCTP_MIB_CURRESTAB leak in sctp_sf_do_dupcook_b
    - netfilter: xt_SECMARK: add new revision to fix structure layout
    - drm/radeon: Fix off-by-one power_state index heap overwrite
    - drm/radeon: Avoid power table parsing memory leaks
    - khugepaged: fix wrong result value for trace_mm_collapse_huge_page_isolate()
    - mm/hugeltb: handle the error case in hugetlb_fix_reserve_counts()
    - mm/migrate.c: fix potential indeterminate pte entry in
      migrate_vma_insert_page()
    - ksm: fix potential missing rmap_item for stable_node
    - net: fix nla_strcmp to handle more then one trailing null character
    - smc: disallow TCP_ULP in smc_setsockopt()
    - netfilter: nfnetlink_osf: Fix a missing skb_header_pointer() NULL check
    - can: m_can: m_can_tx_work_queue(): fix tx_skb race condition
    - sched: Fix out-of-bound access in uclamp
    - sched/fair: Fix unfairness caused by missing load decay
    - kernel: kexec_file: fix error return code of kexec_calculate_store_digests()
    - netfilter: nftables: avoid overflows in nft_hash_buckets()
    - i40e: Fix use-after-free in i40e_client_subtask()
    - i40e: fix the restart auto-negotiation after FEC modified
    - i40e: Fix PHY type identifiers for 2.5G and 5G adapters
    - ARC: entry: fix off-by-one error in syscall number validation
    - ARC: mm: PAE: use 40-bit physical page mask
    - powerpc/64s: Fix crashes when toggling stf barrier
    - powerpc/64s: Fix crashes when toggling entry flush barrier
    - hfsplus: prevent corruption in shrinking truncate
    - squashfs: fix divide error in calculate_skip()
    - userfaultfd: release page in error path to avoid BUG_ON
    - mm/hugetlb: fix F_SEAL_FUTURE_WRITE
    - drm/radeon/dpm: Disable sclk switching on Oland when two 4K 60Hz monitors
      are connected
    - drm/i915: Avoid div-by-zero on gen2
    - iio: proximity: pulsedlight: Fix rumtime PM imbalance on error
    - usb: fotg210-hcd: Fix an error message
    - hwmon: (occ) Fix poll rate limiting
    - ACPI: scan: Fix a memory leak in an error handling path
    - kyber: fix out of bounds access when preempted
    - nbd: Fix NULL pointer in flush_workqueue
    - blk-mq: Swap two calls in blk_mq_exit_queue()
    - iomap: fix sub-page uptodate handling
    - usb: dwc3: omap: improve extcon initialization
    - usb: dwc3: pci: Enable usb2-gadget-lpm-disable for Intel Merrifield
    - usb: xhci: Increase timeout for HC halt
    - usb: dwc2: Fix gadget DMA unmap direction
    - usb: core: hub: fix race condition about TRSMRCY of resume
    - usb: dwc3: gadget: Return success always for kick transfer in ep queue
    - xhci: Do not use GFP_KERNEL in (potentially) atomic context
    - xhci: Add reset resume quirk for AMD xhci controller.
    - iio: gyro: mpu3050: Fix reported temperature value
    - iio: tsl2583: Fix division by a zero lux_val
    - cdc-wdm: untangle a circular dependency between callback and softint
    - KVM: x86: Cancel pvclock_gtod_work on module removal
    - mm: fix struct page layout on 32-bit systems
    - FDDI: defxx: Make MMIO the configuration default except for EISA
    - MIPS: Reinstate platform `__div64_32' handler
    - MIPS: Avoid DIVU in `__div64_32' is result would be zero
    - MIPS: Avoid handcoded DIVU in `__div64_32' altogether
    - thermal/core/fair share: Lock the thermal zone while looping over instances
    - f2fs: fix error handling in f2fs_end_enable_verity()
    - ARM: 9011/1: centralize phys-to-virt conversion of DT/ATAGS address
    - ARM: 9012/1: move device tree mapping out of linear region
    - ARM: 9020/1: mm: use correct section size macro to describe the FDT virtual
      address
    - ARM: 9027/1: head.S: explicitly map DT even if it lives in the first
      physical section
    - usb: typec: tcpm: Fix error while calculating PPS out values
    - kobject_uevent: remove warning in init_uevent_argv()
    - netfilter: conntrack: Make global sysctls readonly in non-init netns
    - clk: exynos7: Mark aclk_fsys1_200 as critical
    - nvme: do not try to reconfigure APST when the controller is not live
    - ASoC: rsnd: check all BUSIF status when error
    - Linux 5.4.120

* scsi: storvsc: Parameterize number hardware queues (LP: #1930626)
    - scsi: storvsc: Parameterize number hardware queues

-- Thadeu Lima de Souza Cascardo <cascardo@canonical.com>  Fri, 09 Jul 2021 12:49:11 -0300

Changed in linux (Ubuntu Focal):
status:	Fix Committed → Fix Released

Ubuntu
linux-azure package

scsi: storvsc: Parameterize number hardware queues

Bug Description

CVE References

Other bug subscribers

Remote bug watches

	Status	Importance	Assigned to
linux (Ubuntu)	Fix Committed	Undecided	Unassigned
Focal	Fix Released	Undecided	Unassigned
Groovy	Fix Released	Undecided	Unassigned
Hirsute	Fix Released	Undecided	Unassigned
Impish	Fix Committed	Undecided	Unassigned
linux-azure (Ubuntu)	Fix Released	Undecided	Tim Gardner
Focal	Fix Released	Undecided	Tim Gardner
Groovy	Fix Released	Undecided	Tim Gardner
Hirsute	Fix Released	Undecided	Tim Gardner
Impish	Fix Released	Undecided	Tim Gardner

Ubuntulinux-azure package

scsi: storvsc: Parameterize number hardware queues

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Ubuntu
linux-azure package