Bug #1928679 “Support importing mokx keys into revocation list f...” : Focal (20.04) : Bugs : linux-hwe-5.8 package : Ubuntu

Dimitri John Ledkov (xnox) on 2021-05-17

summary:	- Supporting importing dbx keys into revocation list from mok table + Support importing mokx keys into revocation list from the mok table
information type:	Public → Public Security
Changed in linux (Ubuntu):
status:	New → Confirmed

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2021-06-05:

#1

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal' to 'verification-done-focal'. If the problem still exists, change the tag 'verification-needed-focal' to 'verification-failed-focal'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: verification-needed-focal

Kelsey Steele (kelsey-steele) on 2021-08-13

Changed in linux (Ubuntu Hirsute):
status:	New → Fix Committed

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2021-08-17:

#2

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-hirsute' to 'verification-done-hirsute'. If the problem still exists, change the tag 'verification-needed-hirsute' to 'verification-failed-hirsute'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: verification-needed-hirsute

Revision history for this message

Launchpad Janitor (janitor) wrote on 2021-08-18:

#3

This bug was fixed in the package linux - 5.13.0-14.14

---------------
linux (5.13.0-14.14) impish; urgency=medium

* impish/linux: 5.13.0-14.14 -proposed tracker (LP: #1938565)

  * Miscellaneous Ubuntu changes
    - SAUCE: Revert "UBUNTU: SAUCE: random: Make getrandom() ready earlier"
    - SAUCE: random: properly make getrandom() ready earlier

  * Miscellaneous upstream changes
    - seq_buf: Fix overflow in seq_buf_putmem_hex()
    - bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc
    - ext4: cleanup in-core orphan list if ext4_truncate() failed to get a
      transaction handle
    - ext4: fix kernel infoleak via ext4_extent_header
    - ext4: fix overflow in ext4_iomap_alloc()
    - ext4: return error code when ext4_fill_flex_info() fails
    - ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit
    - ext4: remove check for zero nr_to_scan in ext4_es_scan()
    - ext4: fix avefreec in find_group_orlov
    - ext4: use ext4_grp_locked_error in mb_find_extent

-- Andrea Righi <email address hidden> Mon, 02 Aug 2021 14:23:08 +0200

Changed in linux (Ubuntu):
status:	Confirmed → Fix Released

Revision history for this message

Dimitri John Ledkov (xnox) wrote on 2021-09-01:

#4

Verifying using hirsute:

# uname -r
5.11.0-1014-kvm

# grep CODENAME /etc/os-release
VERSION_CODENAME=hirsute
UBUNTU_CODENAME=hirsute

# keyctl list %:.blacklist
Can't find 'keyring:.blacklist'

Upgraded kernel:

# uname -r
5.11.0-1015-kvm

# keyctl list %:.blacklist
1 key in keyring:
330780907: ---lswrv 0 0 asymmetric: Canonical Ltd. Secure Boot Signing: 61482aa2830d0ab2ad5af10b7250da9033ddcef0

In dmesg:
[ 0.375674] blacklist: Loading compiled-in revocation X.509 certificates
[ 0.376015] Loaded X.509 cert 'Canonical Ltd. Secure Boot Signing: 61482aa2830d0ab2ad5af10b7250da9033ddcef0'

No other blacklist hashes got imported, cause they do not appear in mokvar table nor in MokListRT mirror variable, nor does kvm kernel appear to have platform keyring... which is very odd.... cause UEFI db keys for Microsoft Production PCA 2011 and UEFI CA 2011 are missing.

It seems to me that kvm kernel is a bit broken, and doesn't have support for mokvar or .platform keyring, which is very bad.

Revision history for this message

Dimitri John Ledkov (xnox) wrote on 2021-09-01:

#5

Disabled initrd less boot, and installing linux-generic kernel from proposed.

Revision history for this message

Dimitri John Ledkov (xnox) wrote on 2021-09-01:

#6

# uname -r
5.11.0-34-generic

# sudo keyctl list %:.platform
3 keys in keyring:
149920180: ---lswrv 0 0 asymmetric: Microsoft Windows Production PCA 2011: a92902398e16c49778cd90f99e4f9ae17c55af53
434591909: ---lswrv 0 0 asymmetric: Canonical Ltd. Master Certificate Authority: ad91990bc22ab1f517048c23b6655a268e345a63
404799886: ---lswrv 0 0 asymmetric: Microsoft Corporation UEFI CA 2011: 13adbf4309bd82709c8cd54f316ed522988a1bd4

# sudo keyctl list %:.blacklist | grep bin: | wc
79 474 8854

# sudo keyctl list %:.blacklist | grep Canonical
1050199374: ---lswrv 0 0 asymmetric: Canonical Ltd. Secure Boot Signing: 61482aa2830d0ab2ad5af10b7250da9033ddcef0

dmesg

[ 1.074086] blacklist: Loading compiled-in revocation X.509 certificates
[ 1.074714] Loaded X.509 cert 'Canonical Ltd. Secure Boot Signing: 61482aa2830d0ab2ad5af10b7250da9033ddcef0'

[ 1.084216] integrity: Loading X.509 certificate: UEFI:MokListRT (MOKvar table)
[ 1.085028] integrity: Loaded X.509 cert 'Canonical Ltd. Master Certificate Authority: ad91990bc22ab1f517048c23b6655a268e345a63'

MOKvar is available, and used to load Master CA into .platform keyring, and hashes into blacklist keyring.

tags:

added: verification-done-hirsute
removed: verification-needed-hirsute

Revision history for this message

Dimitri John Ledkov (xnox) wrote on 2021-09-01 (last edit on 2021-09-01):

#7

# grep CODENAME /etc/os-release
VERSION_CODENAME=focal
UBUNTU_CODENAME=focal

# uname -r
5.11.0-34-generic

dmesg:
[ 0.797134] blacklist: Loading compiled-in revocation X.509 certificates
[ 0.797696] Loaded X.509 cert 'Canonical Ltd. Secure Boot Signing: 61482aa2830d0ab2ad5af10b7250da9033ddcef0'

built-in revocation cert is loaded

[ 0.806069] integrity: Loading X.509 certificate: UEFI:MokListRT (MOKvar table)
[ 0.806848] integrity: Loaded X.509 cert 'Canonical Ltd. Master Certificate Authority: ad91990bc22ab1f517048c23b6655a268e345a63'

mokvar table is available, and is used.

# keyctl list %:.blacklist | grep Canonical
613299796: ---lswrv 0 0 asymmetric: Canonical Ltd. Secure Boot Signing: 61482aa2830d0ab2ad5af10b7250da9033ddcef0

# keyctl list %:.blacklist | grep bin: | wc
79 474 8853

# mokutil --list-enrolled --mokx
[key 1]
[SHA-256]
0000000000000000000000000000000000000000000000000000000000000000

Revoked binaries are correctly loaded from MOKvar table, despite not being mirrored into MokListXRT efi variable.

tags:

added: verification-done-focal
removed: verification-needed-focal

Revision history for this message

Launchpad Janitor (janitor) wrote on 2021-09-07:

#8

Download full text (62.5 KiB)

This bug was fixed in the package linux - 5.11.0-34.36

---------------
linux (5.11.0-34.36) hirsute; urgency=medium

* hirsute/linux: 5.11.0-34.36 -proposed tracker (LP: #1941766)

* Server boot failure after adding checks for ACPI IRQ override (LP: #1941657)
- Revert "ACPI: resources: Add checks for ACPI IRQ override"

linux (5.11.0-33.35) hirsute; urgency=medium

* hirsute/linux: 5.11.0-33.35 -proposed tracker (LP: #1940101)

  * libvirtd fails to create VM (LP: #1940107)
    - sched: Stop PF_NO_SETAFFINITY from being inherited by various init system
      threads

linux (5.11.0-32.34) hirsute; urgency=medium

* hirsute/linux: 5.11.0-32.34 -proposed tracker (LP: #1939769)

* Packaging resync (LP: #1786013)
- debian/dkms-versions -- update from kernel-versions (main/2021.08.16)

* CVE-2021-3656
- SAUCE: KVM: nSVM: always intercept VMLOAD/VMSAVE when nested

* CVE-2021-3653
- SAUCE: KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl

* [regression] USB device is not detected during boot (LP: #1939638)
- SAUCE: Revert "usb: core: reduce power-on-good delay time of root hub"

  * Support builtin revoked certificates (LP: #1932029)
    - [Packaging] build canonical-revoked-certs.pem from branch/arch certs
    - [Packaging] Revoke 2012 UEFI signing certificate as built-in
    - [Config] Configure CONFIG_SYSTEM_REVOCATION_KEYS with revoked keys

  * Support importing mokx keys into revocation list from the mok table
    (LP: #1928679)
    - SAUCE: integrity: add informational messages when revoking certs

  * Support importing mokx keys into revocation list from the mok table
    (LP: #1928679) // CVE-2020-26541 when certificates are revoked via
    MokListXRT.
    - SAUCE: integrity: Load mokx certs from the EFI MOK config table

* Include product_sku info to modalias (LP: #1938143)
- firmware/dmi: Include product_sku info to modalias

  * Fix Ethernet not working by hotplug - RTL8106E (LP: #1930645)
    - net: phy: rename PHY_IGNORE_INTERRUPT to PHY_MAC_INTERRUPT
    - SAUCE: r8169: Use PHY_POLL when RTL8106E enable ASPM

  * [SRU][H/OEM-5.10/OEM-5.13/U] Fix system hang after unplug tbt dock
    (LP: #1938689)
    - SAUCE: igc: fix page fault when thunderbolt is unplugged

  * [Regression] Audio card [8086:9d71] not detected after upgrade from linux
    5.4 to 5.8 (LP: #1915117)
    - [Config] set CONFIG_SND_SOC_INTEL_SKYLAKE_HDAUDIO_CODEC to y

* Backlight (screen brightness) on Lenovo P14s AMD Gen2 inop (LP: #1934557)
- drm/amdgpu/display: only enable aux backlight control for OLED panels

* Touchpad not working with ASUS TUF F15 (LP: #1937056)
- pinctrl: tigerlake: Fix GPIO mapping for newer version of software

  * dev_forward_skb: do not scrub skb mark within the same name space
    (LP: #1935040)
    - dev_forward_skb: do not scrub skb mark within the same name space

* Fix display output on HP hybrid GFX laptops (LP: #1936296)
- drm/i915: Invoke another _DSM to enable MUX on HP Workstation laptops

  * [SRU][OEM-5.10/H] UBUNTU: SAUCE: Fix backlight control on Samsung 16727
    panel (LP: #1930527)
    - SAUCE: drm/i915: Force DPCD backlight mode for Samsung 16727 pa...

This bug was fixed in the package linux - 5.11.0-34.36

---------------
linux (5.11.0-34.36) hirsute; urgency=medium

* hirsute/linux: 5.11.0-34.36 -proposed tracker (LP: #1941766)

* Server boot failure after adding checks for ACPI IRQ override (LP: #1941657)
    - Revert "ACPI: resources: Add checks for ACPI IRQ override"

linux (5.11.0-33.35) hirsute; urgency=medium

* hirsute/linux: 5.11.0-33.35 -proposed tracker (LP: #1940101)

* libvirtd fails to create VM (LP: #1940107)
    - sched: Stop PF_NO_SETAFFINITY from being inherited by various init system
      threads

linux (5.11.0-32.34) hirsute; urgency=medium

* hirsute/linux: 5.11.0-32.34 -proposed tracker (LP: #1939769)

* Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2021.08.16)

* CVE-2021-3656
    - SAUCE: KVM: nSVM: always intercept VMLOAD/VMSAVE when nested

* CVE-2021-3653
    - SAUCE: KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl

* [regression] USB device is not detected during boot (LP: #1939638)
    - SAUCE: Revert "usb: core: reduce power-on-good delay time of root hub"

* Support builtin revoked certificates (LP: #1932029)
    - [Packaging] build canonical-revoked-certs.pem from branch/arch certs
    - [Packaging] Revoke 2012 UEFI signing certificate as built-in
    - [Config] Configure CONFIG_SYSTEM_REVOCATION_KEYS with revoked keys

* Support importing mokx keys into revocation list from the mok table
    (LP: #1928679)
    - SAUCE: integrity: add informational messages when revoking certs

* Support importing mokx keys into revocation list from the mok table
    (LP: #1928679) // CVE-2020-26541 when certificates are revoked via
    MokListXRT.
    - SAUCE: integrity: Load mokx certs from the EFI MOK config table

* Include product_sku info to modalias (LP: #1938143)
    - firmware/dmi: Include product_sku info to modalias

* Fix Ethernet not working by hotplug - RTL8106E (LP: #1930645)
    - net: phy: rename PHY_IGNORE_INTERRUPT to PHY_MAC_INTERRUPT
    - SAUCE: r8169: Use PHY_POLL when RTL8106E enable ASPM

* [SRU][H/OEM-5.10/OEM-5.13/U] Fix system hang after unplug tbt dock
    (LP: #1938689)
    - SAUCE: igc: fix page fault when thunderbolt is unplugged

* [Regression] Audio card [8086:9d71] not detected after upgrade from linux
    5.4 to 5.8 (LP: #1915117)
    - [Config] set CONFIG_SND_SOC_INTEL_SKYLAKE_HDAUDIO_CODEC to y

* Backlight (screen brightness) on Lenovo P14s AMD Gen2 inop (LP: #1934557)
    - drm/amdgpu/display: only enable aux backlight control for OLED panels

* Touchpad not working with ASUS TUF F15 (LP: #1937056)
    - pinctrl: tigerlake: Fix GPIO mapping for newer version of software

* dev_forward_skb: do not scrub skb mark within the same name space
    (LP: #1935040)
    - dev_forward_skb: do not scrub skb mark within the same name space

* Fix display output on HP hybrid GFX laptops (LP: #1936296)
    - drm/i915: Invoke another _DSM to enable MUX on HP Workstation laptops

* [SRU][OEM-5.10/H] UBUNTU: SAUCE: Fix backlight control on Samsung 16727
    panel (LP: #1930527)
    - SAUCE: drm/i915: Force DPCD backlight mode for Samsung 16727 panel

* XPS 9510 (TGL) Screen Brightness could not be changed (LP: #1933566)
    - SAUCE: drm/i915: Force DPCD backlight mode for Dell XPS 9510(TGL)

* [21.10 FEAT] KVM: Provide a secure guest indication (LP: #1933173)
    - s390/uv: add prot virt guest/host indication files
    - s390/uv: fix prot virt host indication compilation

* Skip rtcpie test in kselftests/timers if the default RTC device does not
    exist (LP: #1937991)
    - selftests: timers: rtcpie: skip test if default RTC device does not exist

* On TGL platforms screen shows garbage when browsing website by scrolling
    mouse (LP: #1926579)
    - drm/i915/display: Disable PSR2 if TGL Display stepping is B1 from A0

* USB Type-C hotplug event not handled properly in TGL-H system during s2idle
    (LP: #1931072)
    - drm/i915/gen9_bc: Introduce HPD pin mappings for TGP PCH + CML combos
    - drm/i915: Force a TypeC PHY disconnect during suspend/shutdown

* NIC unavailable after suspend to RAM (LP: #1931301)
    - SAUCE: Revert "ethernet: alx: fix order of calls on resume"

* Make Intel GPUs choose YCbCr420 encoding automatically when required for 4k
    60Hz output  (LP: #1934489)
    - drm/i915: Use intel_hdmi_port_clock() more
    - drm/i915/display: New function to avoid duplicate code in upcomming
    - drm/i915/display: Restructure output format computation for better
      expandability
    - drm/i915/display: Use YCbCr420 as fallback when RGB fails

* Hirsute update: upstream stable patchset 2021-07-28 (LP: #1938340)
    - Bluetooth: hci_qca: fix potential GPF
    - Bluetooth: btqca: Don't modify firmware contents in-place
    - Bluetooth: Remove spurious error message
    - ALSA: usb-audio: fix rate on Ozone Z90 USB headset
    - ALSA: usb-audio: Fix OOB access at proc output
    - ALSA: firewire-motu: fix stream format for MOTU 8pre FireWire
    - ALSA: usb-audio: scarlett2: Fix wrong resume call
    - ALSA: intel8x0: Fix breakage at ac97 clock measurement
    - ALSA: hda/realtek: Add another ALC236 variant support
    - ALSA: hda/realtek: Improve fixup for HP Spectre x360 15-df0xxx
    - ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D
    - ALSA: hda/realtek: Apply LED fixup for HP Dragonfly G1, too
    - media: dvb-usb: fix wrong definition
    - Input: usbtouchscreen - fix control-request directions
    - net: can: ems_usb: fix use-after-free in ems_usb_disconnect()
    - usb: gadget: eem: fix echo command packet response issue
    - USB: cdc-acm: blacklist Heimann USB Appset device
    - usb: dwc3: Fix debugfs creation flow
    - usb: typec: Add the missed altmode_id_remove() in typec_register_altmode()
    - xhci: solve a double free problem while doing s4
    - gfs2: Fix underflow in gfs2_page_mkwrite
    - gfs2: Fix error handling in init_statfs
    - ntfs: fix validity check for file name attribute
    - selftests/lkdtm: Avoid needing explicit sub-shell
    - copy_page_to_iter(): fix ITER_DISCARD case
    - iov_iter_fault_in_readable() should do nothing in xarray case
    - Input: joydev - prevent use of not validated data in JSIOCSBTNMAP ioctl
    - crypto: nx - Fix memcpy() over-reading in nonce
    - crypto: ccp - Annotate SEV Firmware file names
    - arm_pmu: Fix write counter incorrect in ARMv7 big-endian mode
    - ARM: dts: ux500: Fix LED probing
    - ARM: dts: at91: sama5d4: fix pinctrl muxing
    - btrfs: send: fix invalid path for unlink operations after parent
      orphanization
    - btrfs: compression: don't try to compress if we don't have enough pages
    - btrfs: clear defrag status of a root if starting transaction fails
    - ext4: cleanup in-core orphan list if ext4_truncate() failed to get a
      transaction handle
    - ext4: fix kernel infoleak via ext4_extent_header
    - ext4: fix overflow in ext4_iomap_alloc()
    - ext4: return error code when ext4_fill_flex_info() fails
    - ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit
    - ext4: remove check for zero nr_to_scan in ext4_es_scan()
    - ext4: fix avefreec in find_group_orlov
    - ext4: use ext4_grp_locked_error in mb_find_extent
    - can: bcm: delay release of struct bcm_op after synchronize_rcu()
    - can: gw: synchronize rcu operations before removing gw job entry
    - can: isotp: isotp_release(): omit unintended hrtimer restart on socket
      release
    - Revert "UBUNTU: SAUCE: can: j1939: delay release of j1939_priv after
      synchronize_rcu"
    - can: j1939: j1939_sk_init(): set SOCK_RCU_FREE to call sk_destruct() after
      RCU is done
    - can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in
      TX path
    - mac80211: remove iwlwifi specific workaround that broke sta NDP tx
    - SUNRPC: Fix the batch tasks count wraparound.
    - SUNRPC: Should wake up the privileged task firstly.
    - bus: mhi: Wait for M2 state during system resume
    - mm/gup: fix try_grab_compound_head() race with split_huge_page()
    - perf/smmuv3: Don't trample existing events with global filter
    - KVM: nVMX: Handle split-lock #AC exceptions that happen in L2
    - KVM: PPC: Book3S HV: Workaround high stack usage with clang
    - KVM: x86/mmu: Treat NX as used (not reserved) for all !TDP shadow MMUs
    - KVM: x86/mmu: Use MMU's role to detect CR4.SMEP value in nested NPT walk
    - s390/cio: dont call css_wait_for_slow_path() inside a lock
    - s390: mm: Fix secure storage access exception handling
    - f2fs: Prevent swap file in LFS mode
    - clk: agilex/stratix10/n5x: fix how the bypass_reg is handled
    - clk: agilex/stratix10: remove noc_clk
    - clk: agilex/stratix10: fix bypass representation
    - rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path
    - iio: frequency: adf4350: disable reg and clk on error in adf4350_probe()
    - iio: light: tcs3472: do not free unallocated IRQ
    - iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA
      as volatile, too
    - iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR
    - iio: ltr501: ltr501_read_ps(): add missing endianness conversion
    - iio: accel: bma180: Fix BMA25x bandwidth register values
    - serial: mvebu-uart: fix calculation of clock divisor
    - serial: sh-sci: Stop dmaengine transfer in sci_stop_tx()
    - serial_cs: Add Option International GSM-Ready 56K/ISDN modem
    - serial_cs: remove wrong GLOBETROTTER.cis entry
    - ath9k: Fix kernel NULL pointer dereference during ath_reset_internal()
    - ssb: sdio: Don't overwrite const buffer if block_write fails
    - rsi: Assign beacon rate settings to the correct rate_info descriptor field
    - rsi: fix AP mode with WPA failure due to encrypted EAPOL
    - tracing/histograms: Fix parsing of "sym-offset" modifier
    - tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing
    - seq_buf: Make trace_seq_putmem_hex() support data longer than 8
    - powerpc/stacktrace: Fix spurious "stale" traces in raise_backtrace_ipi()
    - loop: Fix missing discard support when using LOOP_CONFIGURE
    - evm: Execute evm_inode_init_security() only when an HMAC key is loaded
    - evm: Refuse EVM_ALLOW_METADATA_WRITES only if an HMAC key is loaded
    - fuse: Fix crash in fuse_dentry_automount() error path
    - fuse: Fix crash if superblock of submount gets killed early
    - fuse: Fix infinite loop in sget_fc()
    - fuse: ignore PG_workingset after stealing
    - fuse: check connected before queueing on fpq->io
    - fuse: reject internal errno
    - thermal/cpufreq_cooling: Update offline CPUs per-cpu thermal_pressure
    - spi: Make of_register_spi_device also set the fwnode
    - Add a reference to ucounts for each cred
    - staging: media: rkvdec: fix pm_runtime_get_sync() usage count
    - media: marvel-ccic: fix some issues when getting pm_runtime
    - media: mdk-mdp: fix pm_runtime_get_sync() usage count
    - media: s5p: fix pm_runtime_get_sync() usage count
    - media: am437x: fix pm_runtime_get_sync() usage count
    - media: sh_vou: fix pm_runtime_get_sync() usage count
    - media: mtk-vcodec: fix PM runtime get logic
    - media: s5p-jpeg: fix pm_runtime_get_sync() usage count
    - media: sunxi: fix pm_runtime_get_sync() usage count
    - media: sti/bdisp: fix pm_runtime_get_sync() usage count
    - media: exynos4-is: fix pm_runtime_get_sync() usage count
    - media: exynos-gsc: fix pm_runtime_get_sync() usage count
    - spi: spi-loopback-test: Fix 'tx_buf' might be 'rx_buf'
    - spi: spi-topcliff-pch: Fix potential double free in
      pch_spi_process_messages()
    - spi: omap-100k: Fix the length judgment problem
    - regulator: uniphier: Add missing MODULE_DEVICE_TABLE
    - sched/core: Initialize the idle task with preemption disabled
    - hwrng: exynos - Fix runtime PM imbalance on error
    - crypto: nx - add missing MODULE_DEVICE_TABLE
    - media: sti: fix obj-$(config) targets
    - media: cpia2: fix memory leak in cpia2_usb_probe
    - media: cobalt: fix race condition in setting HPD
    - media: hevc: Fix dependent slice segment flags
    - media: pvrusb2: fix warning in pvr2_i2c_core_done
    - media: imx: imx7_mipi_csis: Fix logging of only error event counters
    - crypto: qat - check return code of qat_hal_rd_rel_reg()
    - crypto: qat - remove unused macro in FW loader
    - crypto: qce: skcipher: Fix incorrect sg count for dma transfers
    - arm64: perf: Convert snprintf to sysfs_emit
    - sched/fair: Fix ascii art by relpacing tabs
    - media: i2c: ov2659: Use clk_{prepare_enable,disable_unprepare}() to set
      xvclk on/off
    - media: bt878: do not schedule tasklet when it is not setup
    - media: em28xx: Fix possible memory leak of em28xx struct
    - media: hantro: Fix .buf_prepare
    - media: cedrus: Fix .buf_prepare
    - media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release
    - media: bt8xx: Fix a missing check bug in bt878_probe
    - media: st-hva: Fix potential NULL pointer dereferences
    - crypto: hisilicon/sec - fixup 3des minimum key size declaration
    - Makefile: fix GDB warning with CONFIG_RELR
    - media: dvd_usb: memory leak in cinergyt2_fe_attach
    - memstick: rtsx_usb_ms: fix UAF
    - mmc: sdhci-sprd: use sdhci_sprd_writew
    - mmc: via-sdmmc: add a check against NULL pointer dereference
    - spi: meson-spicc: fix a wrong goto jump for avoiding memory leak.
    - spi: meson-spicc: fix memory leak in meson_spicc_probe
    - crypto: shash - avoid comparing pointers to exported functions under CFI
    - media: dvb_net: avoid speculation from net slot
    - media: siano: fix device register error path
    - media: imx-csi: Skip first few frames from a BT.656 source
    - hwmon: (max31790) Report correct current pwm duty cycles
    - hwmon: (max31790) Fix pwmX_enable attributes
    - drivers/perf: fix the missed ida_simple_remove() in ddr_perf_probe()
    - KVM: PPC: Book3S HV: Fix TLB management on SMT8 POWER9 and POWER10
      processors
    - btrfs: fix error handling in __btrfs_update_delayed_inode
    - btrfs: abort transaction if we fail to update the delayed inode
    - btrfs: sysfs: fix format string for some discard stats
    - btrfs: don't clear page extent mapped if we're not invalidating the full
      page
    - btrfs: disable build on platforms having page size 256K
    - locking/lockdep: Fix the dep path printing for backwards BFS
    - lockding/lockdep: Avoid to find wrong lock dep path in check_irq_usage()
    - KVM: s390: get rid of register asm usage
    - regulator: mt6358: Fix vdram2 .vsel_mask
    - regulator: da9052: Ensure enough delay time for .set_voltage_time_sel
    - media: Fix Media Controller API config checks
    - ACPI: video: use native backlight for GA401/GA502/GA503
    - HID: do not use down_interruptible() when unbinding devices
    - EDAC/ti: Add missing MODULE_DEVICE_TABLE
    - ACPI: processor idle: Fix up C-state latency if not ordered
    - hv_utils: Fix passing zero to 'PTR_ERR' warning
    - lib: vsprintf: Fix handling of number field widths in vsscanf
    - Input: goodix - platform/x86: touchscreen_dmi - Move upside down quirks to
      touchscreen_dmi.c
    - platform/x86: touchscreen_dmi: Add an extra entry for the upside down Goodix
      touchscreen on Teclast X89 tablets
    - platform/x86: touchscreen_dmi: Add info for the Goodix GT912 panel of
      TM800A550L tablets
    - ACPI: EC: Make more Asus laptops use ECDT _GPE
    - block_dump: remove block_dump feature in mark_inode_dirty()
    - blk-mq: grab rq->refcount before calling ->fn in blk_mq_tagset_busy_iter
    - blk-mq: clear stale request in tags->rq[] before freeing one request pool
    - fs: dlm: cancel work sync othercon
    - random32: Fix implicit truncation warning in prandom_seed_state()
    - open: don't silently ignore unknown O-flags in openat2()
    - drivers: hv: Fix missing error code in vmbus_connect()
    - fs: dlm: fix memory leak when fenced
    - ACPICA: Fix memory leak caused by _CID repair function
    - ACPI: bus: Call kobject_put() in acpi_init() error path
    - ACPI: resources: Add checks for ACPI IRQ override
    - block: fix race between adding/removing rq qos and normal IO
    - platform/x86: asus-nb-wmi: Revert "Drop duplicate DMI quirk structures"
    - platform/x86: asus-nb-wmi: Revert "add support for ASUS ROG Zephyrus G14 and
      G15"
    - platform/x86: toshiba_acpi: Fix missing error code in
      toshiba_acpi_setup_keyboard()
    - nvme-pci: fix var. type for increasing cq_head
    - nvmet-fc: do not check for invalid target port in nvmet_fc_handle_fcp_rqst()
    - EDAC/Intel: Do not load EDAC driver when running as a guest
    - PCI: hv: Add check for hyperv_initialized in init_hv_pci_drv()
    - cifs: improve fallocate emulation
    - ACPI: EC: trust DSDT GPE for certain HP laptop
    - clocksource: Retry clock read if long delays detected
    - clocksource: Check per-CPU clock synchronization when marked unstable
    - tpm_tis_spi: add missing SPI device ID entries
    - ACPI: tables: Add custom DSDT file as makefile prerequisite
    - HID: wacom: Correct base usage for capacitive ExpressKey status bits
    - cifs: fix missing spinlock around update to ses->status
    - mailbox: qcom: Use PLATFORM_DEVID_AUTO to register platform device
    - block: fix discard request merge
    - kthread_worker: fix return value when kthread_mod_delayed_work() races with
      kthread_cancel_delayed_work_sync()
    - ia64: mca_drv: fix incorrect array size calculation
    - writeback, cgroup: increment isw_nr_in_flight before grabbing an inode
    - spi: Allow to have all native CSs in use along with GPIOs
    - spi: Avoid undefined behaviour when counting unused native CSs
    - media: venus: Rework error fail recover logic
    - media: s5p_cec: decrement usage count if disabled
    - media: hantro: do a PM resume earlier
    - crypto: ixp4xx - dma_unmap the correct address
    - crypto: ixp4xx - update IV after requests
    - crypto: ux500 - Fix error return code in hash_hw_final()
    - sata_highbank: fix deferred probing
    - pata_rb532_cf: fix deferred probing
    - media: I2C: change 'RST' to "RSET" to fix multiple build errors
    - sched/uclamp: Fix wrong implementation of cpu.uclamp.min
    - sched/uclamp: Fix locking around cpu_util_update_eff()
    - kbuild: Fix objtool dependency for 'OBJECT_FILES_NON_STANDARD_<obj> := n'
    - pata_octeon_cf: avoid WARN_ON() in ata_host_activate()
    - evm: fix writing <securityfs>/evm overflow
    - x86/elf: Use _BITUL() macro in UAPI headers
    - crypto: sa2ul - Fix leaks on failure paths with sa_dma_init()
    - crypto: sa2ul - Fix pm_runtime enable in sa_ul_probe()
    - crypto: ccp - Fix a resource leak in an error handling path
    - media: rc: i2c: Fix an error message
    - pata_ep93xx: fix deferred probing
    - locking/lockdep: Reduce LOCKDEP dependency list
    - media: rkvdec: Fix .buf_prepare
    - media: exynos4-is: Fix a use after free in isp_video_release
    - media: au0828: fix a NULL vs IS_ERR() check
    - media: tc358743: Fix error return code in tc358743_probe_of()
    - media: gspca/gl860: fix zero-length control requests
    - m68k: atari: Fix ATARI_KBD_CORE kconfig unmet dependency warning
    - media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2()
    - regulator: fan53880: Fix vsel_mask setting for FAN53880_BUCK
    - crypto: nitrox - fix unchecked variable in nitrox_register_interrupts
    - crypto: omap-sham - Fix PM reference leak in omap sham ops
    - crypto: x86/curve25519 - fix cpu feature checking logic in mod_exit
    - crypto: sm2 - fix a memory leak in sm2
    - mmc: usdhi6rol0: fix error return code in usdhi6_probe()
    - arm64/mm: Fix ttbr0 values stored in struct thread_info for software-pan
    - media: subdev: remove VIDIOC_DQEVENT_TIME32 handling
    - media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx
    - hwmon: (lm70) Use device_get_match_data()
    - hwmon: (lm70) Revert "hwmon: (lm70) Add support for ACPI"
    - hwmon: (max31722) Remove non-standard ACPI device IDs
    - hwmon: (max31790) Fix fan speed reporting for fan7..12
    - KVM: nVMX: Sync all PGDs on nested transition with shadow paging
    - KVM: nVMX: Ensure 64-bit shift when checking VMFUNC bitmap
    - KVM: nVMX: Don't clobber nested MMU's A/D status on EPTP switch
    - KVM: x86/mmu: Fix return value in tdp_mmu_map_handle_target_level()
    - perf/arm-cmn: Fix invalid pointer when access dtc object sharing the same
      IRQ number
    - KVM: arm64: Don't zero the cycle count register when PMCR_EL0.P is set
    - regulator: hi655x: Fix pass wrong pointer to config.driver_data
    - btrfs: clear log tree recovering status if starting transaction fails
    - x86/sev: Make sure IRQs are disabled while GHCB is active
    - x86/sev: Split up runtime #VC handler for correct state tracking
    - sched/rt: Fix RT utilization tracking during policy change
    - sched/rt: Fix Deadline utilization tracking during policy change
    - sched/uclamp: Fix uclamp_tg_restrict()
    - lockdep: Fix wait-type for empty stack
    - lockdep/selftests: Fix selftests vs PROVE_RAW_LOCK_NESTING
    - spi: spi-sun6i: Fix chipselect/clock bug
    - crypto: nx - Fix RCU warning in nx842_OF_upd_status
    - psi: Fix race between psi_trigger_create/destroy
    - media: v4l2-async: Clean v4l2_async_notifier_add_fwnode_remote_subdev
    - media: video-mux: Skip dangling endpoints
    - PM / devfreq: Add missing error code in devfreq_add_device()
    - ACPI: PM / fan: Put fan device IDs into separate header file
    - block: avoid double io accounting for flush request
    - nvme-pci: look for StorageD3Enable on companion ACPI device instead
    - ACPI: sysfs: Fix a buffer overrun problem with description_show()
    - mark pstore-blk as broken
    - updateconfigs for PSTORE_BLK (BROKEN)
    - clocksource/drivers/timer-ti-dm: Save and restore timer TIOCP_CFG
    - extcon: extcon-max8997: Fix IRQ freeing at error path
    - ACPI: APEI: fix synchronous external aborts in user-mode
    - blk-wbt: introduce a new disable state to prevent false positive by
      rwb_enabled()
    - blk-wbt: make sure throttle is enabled properly
    - ACPI: Use DEVICE_ATTR_<RW|RO|WO> macros
    - ACPI: bgrt: Fix CFI violation
    - cpufreq: Make cpufreq_online() call driver->offline() on errors
    - blk-mq: update hctx->dispatch_busy in case of real scheduler
    - ocfs2: fix snprintf() checking
    - dax: fix ENOMEM handling in grab_mapping_entry()
    - mm/debug_vm_pgtable/basic: add validation for dirtiness after write protect
    - mm/debug_vm_pgtable/basic: iterate over entire protection_map[]
    - mm/debug_vm_pgtable: ensure THP availability via has_transparent_hugepage()
    - mm: memcg/slab: properly set up gfp flags for objcg pointer array
    - mm/page_alloc: fix counting of managed_pages
    - xfrm: xfrm_state_mtu should return at least 1280 for ipv6
    - drm/bridge/sii8620: fix dependency on extcon
    - drm/bridge: Fix the stop condition of drm_bridge_chain_pre_enable()
    - drm/amd/dc: Fix a missing check bug in dm_dp_mst_detect()
    - drm/ast: Fix missing conversions to managed API
    - video: fbdev: imxfb: Fix an error message
    - net: mvpp2: Put fwnode in error case during ->probe()
    - net: pch_gbe: Propagate error from devm_gpio_request_one()
    - pinctrl: renesas: r8a7796: Add missing bias for PRESET# pin
    - pinctrl: renesas: r8a77990: JTAG pins do not have pull-down capabilities
    - drm/vmwgfx: Mark a surface gpu-dirty after the SVGA3dCmdDXGenMips command
    - drm/vmwgfx: Fix cpu updates of coherent multisample surfaces
    - net: qrtr: ns: Fix error return code in qrtr_ns_init()
    - clk: meson: g12a: fix gp0 and hifi ranges
    - net: ftgmac100: add missing error return code in ftgmac100_probe()
    - drm: rockchip: set alpha_en to 0 if it is not used
    - drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in
      cdn_dp_grf_write()
    - drm/rockchip: dsi: move all lane config except LCDC mux to bind()
    - drm/rockchip: lvds: Fix an error handling path
    - drm/rockchip: cdn-dp: fix sign extension on an int multiply for a u64 result
    - mptcp: fix pr_debug in mptcp_token_new_connect
    - mptcp: generate subflow hmac after mptcp_finish_join()
    - RDMA/srp: Fix a recently introduced memory leak
    - RDMA/rtrs-clt: Check state of the rtrs_clt_sess before reading its stats
    - RDMA/rtrs: Do not reset hb_missed_max after re-connection
    - RDMA/rtrs-srv: Fix memory leak of unfreed rtrs_srv_stats object
    - RDMA/rtrs-srv: Fix memory leak when having multiple sessions
    - RDMA/rtrs-clt: Check if the queue_depth has changed during a reconnection
    - RDMA/rtrs-clt: Fix memory leak of not-freed sess->stats and
      stats->pcpu_stats
    - ehea: fix error return code in ehea_restart_qps()
    - clk: tegra30: Use 300MHz for video decoder by default
    - xfrm: remove the fragment check for ipv6 beet mode
    - net/sched: act_vlan: Fix modify to allow 0
    - RDMA/core: Sanitize WQ state received from the userspace
    - drm/pl111: depend on CONFIG_VEXPRESS_CONFIG
    - RDMA/rxe: Fix failure during driver load
    - drm/pl111: Actually fix CONFIG_VEXPRESS_CONFIG depends
    - drm/vc4: hdmi: Fix error path of hpd-gpios
    - clk: vc5: fix output disabling when enabling a FOD
    - drm: qxl: ensure surf.data is ininitialized
    - tools/bpftool: Fix error return code in do_batch()
    - ath10k: go to path err_unsupported when chip id is not supported
    - ath10k: add missing error return code in ath10k_pci_probe()
    - wireless: carl9170: fix LEDS build errors & warnings
    - ieee802154: hwsim: Fix possible memory leak in hwsim_subscribe_all_others
    - clk: imx8mq: remove SYS PLL 1/2 clock gates
    - wcn36xx: Move hal_buf allocation to devm_kmalloc in probe
    - ssb: Fix error return code in ssb_bus_scan()
    - brcmfmac: fix setting of station info chains bitmask
    - brcmfmac: correctly report average RSSI in station info
    - brcmfmac: Fix a double-free in brcmf_sdio_bus_reset
    - brcmsmac: mac80211_if: Fix a resource leak in an error handling path
    - cw1200: Revert unnecessary patches that fix unreal use-after-free bugs
    - ath11k: Fix an error handling path in ath11k_core_fetch_board_data_api_n()
    - ath10k: Fix an error code in ath10k_add_interface()
    - ath11k: send beacon template after vdev_start/restart during csa
    - netlabel: Fix memory leak in netlbl_mgmt_add_common
    - RDMA/mlx5: Don't add slave port to unaffiliated list
    - netfilter: nft_exthdr: check for IPv6 packet before further processing
    - netfilter: nft_osf: check for TCP packet before further processing
    - netfilter: nft_tproxy: restrict support to TCP and UDP transport protocols
    - RDMA/rxe: Fix qp reference counting for atomic ops
    - selftests/bpf: Whitelist test_progs.h from .gitignore
    - xsk: Fix missing validation for skb and unaligned mode
    - xsk: Fix broken Tx ring validation
    - bpf: Fix libelf endian handling in resolv_btfids
    - RDMA/rtrs-srv: Set minimal max_send_wr and max_recv_wr
    - samples/bpf: Fix Segmentation fault for xdp_redirect command
    - samples/bpf: Fix the error return code of xdp_redirect's main()
    - mt76: fix possible NULL pointer dereference in mt76_tx
    - mt76: mt7615: fix NULL pointer dereference in tx_prepare_skb()
    - net: ethernet: aeroflex: fix UAF in greth_of_remove
    - net: ethernet: ezchip: fix UAF in nps_enet_remove
    - net: ethernet: ezchip: fix error handling
    - vrf: do not push non-ND strict packets with a source LLA through packet taps
      again
    - net: sched: add barrier to ensure correct ordering for lockless qdisc
    - tls: prevent oversized sendfile() hangs by ignoring MSG_MORE
    - netfilter: nf_tables_offload: check FLOW_DISSECTOR_KEY_BASIC in VLAN
      transfer logic
    - pkt_sched: sch_qfq: fix qfq_change_class() error path
    - xfrm: Fix xfrm offload fallback fail case
    - iwlwifi: increase PNVM load timeout
    - rtw88: 8822c: fix lc calibration timing
    - vxlan: add missing rcu_read_lock() in neigh_reduce()
    - ip6_tunnel: fix GRE6 segmentation
    - net/ipv4: swap flow ports when validating source
    - net: ti: am65-cpsw-nuss: Fix crash when changing number of TX queues
    - tc-testing: fix list handling
    - ieee802154: hwsim: Fix memory leak in hwsim_add_one
    - ieee802154: hwsim: avoid possible crash in hwsim_del_edge_nl()
    - bpf: Fix null ptr deref with mixed tail calls and subprogs
    - drm/msm: Fix error return code in msm_drm_init()
    - drm/msm/dpu: Fix error return code in dpu_mdss_init()
    - mac80211: remove iwlwifi specific workaround NDPs of null_response
    - net: bcmgenet: Fix attaching to PYH failed on RPi 4B
    - ipv6: exthdrs: do not blindly use init_net
    - can: j1939: j1939_sk_setsockopt(): prevent allocation of j1939 filter for
      optlen == 0
    - bpf: Do not change gso_size during bpf_skb_change_proto()
    - i40e: Fix error handling in i40e_vsi_open
    - i40e: Fix autoneg disabling for non-10GBaseT links
    - i40e: Fix missing rtnl locking when setting up pf switch
    - Revert "ibmvnic: remove duplicate napi_schedule call in open function"
    - ibmvnic: set ltb->buff to NULL after freeing
    - ibmvnic: free tx_pool if tso_pool alloc fails
    - RDMA/cma: Protect RMW with qp_mutex
    - net: macsec: fix the length used to copy the key for offloading
    - net: phy: mscc: fix macsec key length
    - net: atlantic: fix the macsec key length
    - ipv6: fix out-of-bound access in ip6_parse_tlv()
    - e1000e: Check the PCIm state
    - net: dsa: sja1105: fix NULL pointer dereference in sja1105_reload_cbs()
    - bpfilter: Specify the log level for the kmsg message
    - RDMA/cma: Fix incorrect Packet Lifetime calculation
    - gve: Fix swapped vars when fetching max queues
    - Revert "be2net: disable bh with spin_lock in be_process_mcc"
    - Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid
    - Bluetooth: Fix Set Extended (Scan Response) Data
    - Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event
    - clk: actions: Fix UART clock dividers on Owl S500 SoC
    - clk: actions: Fix SD clocks factor table on Owl S500 SoC
    - clk: actions: Fix bisp_factor_table based clocks on Owl S500 SoC
    - clk: actions: Fix AHPPREDIV-H-AHB clock chain on Owl S500 SoC
    - clk: qcom: clk-alpha-pll: fix CAL_L write in alpha_pll_fabia_prepare
    - clk: si5341: Wait for DEVICE_READY on startup
    - clk: si5341: Avoid divide errors due to bogus register contents
    - clk: si5341: Check for input clock presence and PLL lock on startup
    - clk: si5341: Update initialization magic
    - writeback: fix obtain a reference to a freeing memcg css
    - net: lwtunnel: handle MTU calculation in forwading
    - net: sched: fix warning in tcindex_alloc_perfect_hash
    - net: tipc: fix FB_MTU eat two pages
    - RDMA/mlx5: Don't access NULL-cleared mpi pointer
    - RDMA/core: Always release restrack object
    - MIPS: Fix PKMAP with 32-bit MIPS huge page support
    - staging: fbtft: Rectify GPIO handling
    - staging: fbtft: Don't spam logs when probe is deferred
    - ASoC: rt5682: Disable irq on shutdown
    - rcu: Invoke rcu_spawn_core_kthreads() from rcu_spawn_gp_kthread()
    - serial: fsl_lpuart: don't modify arbitrary data on lpuart32
    - serial: fsl_lpuart: remove RTSCTS handling from get_mctrl()
    - serial: 8250_omap: fix a timeout loop condition
    - tty: nozomi: Fix a resource leak in an error handling function
    - mwifiex: re-fix for unaligned accesses
    - iio: adis_buffer: do not return ints in irq handlers
    - iio: adis16400: do not return ints in irq handlers
    - iio: adis16475: do not return ints in irq handlers
    - iio: accel: bma180: Fix buffer alignment in
      iio_push_to_buffers_with_timestamp()
    - iio: accel: bma220: Fix buffer alignment in
      iio_push_to_buffers_with_timestamp()
    - iio: accel: hid: Fix buffer alignment in
      iio_push_to_buffers_with_timestamp()
    - iio: accel: kxcjk-1013: Fix buffer alignment in
      iio_push_to_buffers_with_timestamp()
    - iio: accel: mxc4005: Fix overread of data and alignment issue.
    - iio: accel: stk8312: Fix buffer alignment in
      iio_push_to_buffers_with_timestamp()
    - iio: accel: stk8ba50: Fix buffer alignment in
      iio_push_to_buffers_with_timestamp()
    - iio: adc: ti-ads1015: Fix buffer alignment in
      iio_push_to_buffers_with_timestamp()
    - iio: adc: vf610: Fix buffer alignment in
      iio_push_to_buffers_with_timestamp()
    - iio: gyro: bmg160: Fix buffer alignment in
      iio_push_to_buffers_with_timestamp()
    - iio: humidity: am2315: Fix buffer alignment in
      iio_push_to_buffers_with_timestamp()
    - iio: prox: srf08: Fix buffer alignment in
      iio_push_to_buffers_with_timestamp()
    - iio: prox: pulsed-light: Fix buffer alignment in
      iio_push_to_buffers_with_timestamp()
    - iio: prox: as3935: Fix buffer alignment in
      iio_push_to_buffers_with_timestamp()
    - iio: magn: hmc5843: Fix buffer alignment in
      iio_push_to_buffers_with_timestamp()
    - iio: magn: bmc150: Fix buffer alignment in
      iio_push_to_buffers_with_timestamp()
    - iio: light: isl29125: Fix buffer alignment in
      iio_push_to_buffers_with_timestamp()
    - iio: light: tcs3414: Fix buffer alignment in
      iio_push_to_buffers_with_timestamp()
    - iio: light: tcs3472: Fix buffer alignment in
      iio_push_to_buffers_with_timestamp()
    - iio: chemical: atlas: Fix buffer alignment in
      iio_push_to_buffers_with_timestamp()
    - iio: cros_ec_sensors: Fix alignment of buffer in
      iio_push_to_buffers_with_timestamp()
    - iio: potentiostat: lmp91000: Fix alignment of buffer in
      iio_push_to_buffers_with_timestamp()
    - ASoC: rk3328: fix missing clk_disable_unprepare() on error in
      rk3328_platform_probe()
    - ASoC: hisilicon: fix missing clk_disable_unprepare() on error in
      hi6210_i2s_startup()
    - backlight: lm3630a_bl: Put fwnode in error case during ->probe()
    - ASoC: rsnd: tidyup loop on rsnd_adg_clk_query()
    - Input: hil_kbd - fix error return code in hil_dev_connect()
    - perf scripting python: Fix tuple_set_u64()
    - mtd: partitions: redboot: seek fis-index-block in the right node
    - mtd: rawnand: arasan: Ensure proper configuration for the asserted target
    - staging: mmal-vchiq: Fix incorrect static vchiq_instance.
    - char: pcmcia: error out if 'num_bytes_read' is greater than 4 in
      set_protocol()
    - firmware: stratix10-svc: Fix a resource leak in an error handling path
    - tty: nozomi: Fix the error handling path of 'nozomi_card_init()'
    - leds: class: The -ENOTSUPP should never be seen by user space
    - leds: lm3532: select regmap I2C API
    - leds: lm36274: Put fwnode in error case during ->probe()
    - leds: lm3692x: Put fwnode in any case during ->probe()
    - leds: lm3697: Don't spam logs when probe is deferred
    - leds: lp50xx: Put fwnode in error case during ->probe()
    - scsi: FlashPoint: Rename si_flags field
    - scsi: iscsi: Flush block work before unblock
    - mfd: mp2629: Select MFD_CORE to fix build error
    - mfd: rn5t618: Fix IRQ trigger by changing it to level mode
    - fsi: core: Fix return of error values on failures
    - fsi: scom: Reset the FSI2PIB engine for any error
    - fsi: occ: Don't accept response from un-initialized OCC
    - fsi/sbefifo: Clean up correct FIFO when receiving reset request from SBE
    - fsi/sbefifo: Fix reset timeout
    - visorbus: fix error return code in visorchipset_init()
    - iommu/amd: Fix extended features logging
    - s390: enable HAVE_IOREMAP_PROT
    - s390: appldata depends on PROC_SYSCTL
    - selftests: splice: Adjust for handler fallback removal
    - iommu/dma: Fix IOVA reserve dma ranges
    - ASoC: max98373-sdw: use first_hw_init flag on resume
    - ASoC: rt1308-sdw: use first_hw_init flag on resume
    - ASoC: rt5682-sdw: use first_hw_init flag on resume
    - ASoC: rt700-sdw: use first_hw_init flag on resume
    - ASoC: rt711-sdw: use first_hw_init flag on resume
    - ASoC: rt715-sdw: use first_hw_init flag on resume
    - ASoC: rt5682: fix getting the wrong device id when the suspend_stress_test
    - ASoC: rt5682-sdw: set regcache_cache_only false before reading
      RT5682_DEVICE_ID
    - ASoC: mediatek: mtk-btcvsd: Fix an error handling path in
      'mtk_btcvsd_snd_probe()'
    - usb: gadget: f_fs: Fix setting of device and driver data cross-references
    - usb: dwc2: Don't reset the core after setting turnaround time
    - eeprom: idt_89hpesx: Put fwnode in matching case during ->probe()
    - eeprom: idt_89hpesx: Restore printing the unsupported fwnode name
    - thunderbolt: Bond lanes only when dual_link_port != NULL in
      alloc_dev_default()
    - iio: adc: at91-sama5d2: Fix buffer alignment in
      iio_push_to_buffers_with_timestamp()
    - iio: adc: hx711: Fix buffer alignment in
      iio_push_to_buffers_with_timestamp()
    - iio: adc: mxs-lradc: Fix buffer alignment in
      iio_push_to_buffers_with_timestamp()
    - iio: adc: ti-ads8688: Fix alignment of buffer in
      iio_push_to_buffers_with_timestamp()
    - iio: magn: rm3100: Fix alignment of buffer in
      iio_push_to_buffers_with_timestamp()
    - iio: light: vcnl4000: Fix buffer alignment in
      iio_push_to_buffers_with_timestamp()
    - ASoC: fsl_spdif: Fix error handler with pm_runtime_enable
    - staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt()
    - staging: gdm724x: check for overflow in gdm_lte_netif_rx()
    - staging: rtl8712: fix error handling in r871xu_drv_init
    - staging: rtl8712: fix memory leak in rtl871x_load_fw_cb
    - coresight: core: Fix use of uninitialized pointer
    - staging: mt7621-dts: fix pci address for PCI memory range
    - serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates
    - iio: light: vcnl4035: Fix buffer alignment in
      iio_push_to_buffers_with_timestamp()
    - iio: prox: isl29501: Fix buffer alignment in
      iio_push_to_buffers_with_timestamp()
    - ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK
    - of: Fix truncation of memory sizes on 32-bit platforms
    - mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in
      marvell_nfc_resume()
    - habanalabs: Fix an error handling path in 'hl_pci_probe()'
    - scsi: mpt3sas: Fix error return value in _scsih_expander_add()
    - soundwire: stream: Fix test for DP prepare complete
    - phy: uniphier-pcie: Fix updating phy parameters
    - phy: ti: dm816x: Fix the error handling path in 'dm816x_usb_phy_probe()
    - extcon: sm5502: Drop invalid register write in sm5502_reg_data
    - extcon: max8997: Add missing modalias string
    - powerpc/powernv: Fix machine check reporting of async store errors
    - ASoC: atmel-i2s: Fix usage of capture and playback at the same time
    - configfs: fix memleak in configfs_release_bin_file
    - ASoC: Intel: sof_sdw: add SOF_RT715_DAI_ID_FIX for AlderLake
    - ASoC: fsl_spdif: Fix unexpected interrupt after suspend
    - leds: as3645a: Fix error return code in as3645a_parse_node()
    - leds: ktd2692: Fix an error handling path
    - serial: 8250: 8250_omap: Fix possible interrupt storm on K3 SoCs
    - powerpc: Offline CPU in stop_this_cpu()
    - powerpc/papr_scm: Properly handle UUID types and API
    - powerpc/64s: Fix copy-paste data exposure into newly created tasks
    - powerpc/papr_scm: Make 'perf_stats' invisible if perf-stats unavailable
    - ALSA: firewire-lib: Fix 'amdtp_domain_start()' when no AMDTP_OUT_STREAM
      stream is found
    - serial: mvebu-uart: do not allow changing baudrate when uartclk is not
      available
    - serial: mvebu-uart: correctly calculate minimal possible baudrate
    - arm64: dts: marvell: armada-37xx: Fix reg for standard variant of UART
    - vfio/pci: Handle concurrent vma faults
    - mm/pmem: avoid inserting hugepage PTE entry with fsdax if hugepage support
      is disabled
    - mm/huge_memory.c: remove dedicated macro HPAGE_CACHE_INDEX_MASK
    - mm/huge_memory.c: add missing read-only THP checking in
      transparent_hugepage_enabled()
    - mm/huge_memory.c: don't discard hugepage if other processes are mapping it
    - mm/hugetlb: use helper huge_page_order and pages_per_huge_page
    - mm/hugetlb: remove redundant check in preparing and destroying gigantic page
    - hugetlb: remove prep_compound_huge_page cleanup
    - mm/z3fold: fix potential memory leak in z3fold_destroy_pool()
    - mm/z3fold: use release_z3fold_page_locked() to release locked z3fold page
    - lib/math/rational.c: fix divide by zero
    - selftests/vm/pkeys: fix alloc_random_pkey() to make it really, really random
    - selftests/vm/pkeys: handle negative sys_pkey_alloc() return code
    - selftests/vm/pkeys: refill shadow register after implicit kernel write
    - perf llvm: Return -ENOMEM when asprintf() fails
    - csky: fix syscache.c fallthrough warning
    - csky: syscache: Fixup duplicate cache flush
    - exfat: handle wrong stream entry size in exfat_readdir()
    - scsi: fc: Correct RHBA attributes length
    - scsi: target: cxgbit: Unmap DMA buffer before calling target_execute_cmd()
    - mailbox: qcom-ipcc: Fix IPCC mbox channel exhaustion
    - fscrypt: don't ignore minor_hash when hash is 0
    - fscrypt: fix derivation of SipHash keys on big endian CPUs
    - tpm: Replace WARN_ONCE() with dev_err_once() in tpm_tis_status()
    - erofs: fix error return code in erofs_read_superblock()
    - io_uring: fix blocking inline submission
    - mmc: block: Disable CMDQ on the ioctl path
    - mmc: vub3000: fix control-request direction
    - media: exynos4-is: remove a now unused integer
    - scsi: core: Retry I/O for Notify (Enable Spinup) Required error
    - crypto: qce - fix error return code in qce_skcipher_async_req_handle()
    - s390: preempt: Fix preempt_count initialization
    - cred: add missing return error code when set_cred_ucounts() failed
    - iommu/dma: Fix compile warning in 32-bit builds
    - powerpc/preempt: Don't touch the idle task's preempt_count during hotplug
    - KVM: x86: Properly reset MMU context at vCPU RESET/INIT
    - sched: Make the idle task quack like a per-CPU kthread
    - ima: Don't remove security.ima if file must not be appraised
    - media: dvbdev: fix error logic at dvb_register_device()
    - sched/fair: Take thermal pressure into account while estimating energy
    - KVM: arm64: Restore PMU configuration on first run
    - btrfs: always abort the transaction if we abort a trans handle
    - ACPI: PM: s2idle: Add missing LPS0 functions for AMD
    - fs: dlm: reconnect if socket error report occurs
    - fs: dlm: fix lowcomms_start error case
    - HID: hid-input: add Surface Go battery quirk
    - HID: sony: fix freeze when inserting ghlive ps3/wii dongles
    - tools/power/x86/intel-speed-select: Fix uncore memory frequency display
    - cifs: fix check of dfs interlinks
    - smb3: fix uninitialized value for port in witness protocol move
    - mm: define default MAX_PTRS_PER_* in include/pgtable.h
    - media: i2c: ccs-core: return the right error code at suspend
    - block: fix trace completion for chained bio
    - swap: fix do_swap_page() race with swapoff
    - drm/amd/display: fix potential gpu reset deadlock
    - drm/amd/display: Avoid HPD IRQ in GPU reset state
    - net: pxa168_eth: Fix a potential data race in pxa168_eth_remove
    - selftests: tls: clean up uninitialized warnings
    - scsi: iscsi: Stop queueing during ep_disconnect
    - scsi: iscsi: Force immediate failure during shutdown
    - scsi: iscsi: Use system_unbound_wq for destroy_work
    - scsi: iscsi: Rel ref after iscsi_lookup_endpoint()
    - ASoC: atmel-i2s: Set symmetric sample bits
    - scsi: megaraid_sas: Send all non-RW I/Os for TYPE_ENCLOSURE device through
      firmware

* Hirsute update: upstream stable patchset 2021-07-20 (LP: #1936969)
    - scsi: sr: Return appropriate error code when disk is ejected
    - gpio: mxc: Fix disabled interrupt wake-up support
    - drm/nouveau: fix dma_address check for CPU/GPU sync
    - gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP
    - [Config] update annotations for GPIO_TQMX86
    - Revert "KVM: x86/mmu: Drop kvm_mmu_extended_role.cr4_la57 hack"
    - s390/vfio-ap: clean up mdev resources when remove callback invoked
    - media: uvcvideo: Support devices that report an OT as an entity source
    - Hexagon: fix build errors
    - Hexagon: add target builtins to kernel
    - Hexagon: change jumps to must-extend in futex_atomic_*

* Hirsute update: upstream stable patchset 2021-07-19 (LP: #1936863)
    - linux/bits.h: fix compilation error with GENMASK
    - module: limit enabling module.sig_enforce
    - drm: add a locked version of drm_is_current_master
    - drm/nouveau: wait for moving fence after pinning v2
    - drm/radeon: wait for moving fence after pinning
    - drm/amdgpu: wait for moving fence after pinning
    - ARM: 9081/1: fix gcc-10 thumb2-kernel regression
    - mmc: meson-gx: use memcpy_to/fromio for dram-access-quirk
    - spi: spi-nxp-fspi: move the register operation after the clock enable
    - Revert "PCI: PM: Do not read power state in pci_enable_device_flags()"
    - drm/vc4: hdmi: Move the HSM clock enable to runtime_pm
    - drm/vc4: hdmi: Make sure the controller is powered in detect
    - x86/entry: Fix noinstr fail in __do_fast_syscall_32()
    - x86/xen: Fix noinstr fail in exc_xen_unknown_trap()
    - locking/lockdep: Improve noinstr vs errors
    - perf/x86/lbr: Remove cpuc->lbr_xsave allocation from atomic context
    - perf/x86/intel/lbr: Zero the xstate buffer on allocation
    - dmaengine: zynqmp_dma: Fix PM reference leak in
      zynqmp_dma_alloc_chan_resourc()
    - dmaengine: stm32-mdma: fix PM reference leak in
      stm32_mdma_alloc_chan_resourc()
    - [Config] update annotations for XILINX_ZYNQMP_DPDMA
    - dmaengine: xilinx: dpdma: Add missing dependencies to Kconfig
    - dmaengine: xilinx: dpdma: Limit descriptor IDs to 16 bits
    - mac80211: remove warning in ieee80211_get_sband()
    - mac80211_hwsim: drop pending frames on stop
    - cfg80211: call cfg80211_leave_ocb when switching away from OCB
    - dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe()
    - dmaengine: mediatek: free the proper desc in desc_free handler
    - dmaengine: mediatek: do not issue a new desc if one is still current
    - dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma
    - net: ipv4: Remove unneed BUG() function
    - mac80211: drop multicast fragments
    - net: ethtool: clear heap allocations for ethtool function
    - inet: annotate data race in inet_send_prepare() and inet_dgram_connect()
    - ping: Check return value of function 'ping_queue_rcv_skb'
    - net: annotate data race in sock_error()
    - inet: annotate date races around sk->sk_txhash
    - net/packet: annotate data race in packet_sendmsg()
    - net: phy: dp83867: perform soft reset and retain established link
    - riscv32: Use medany C model for modules
    - net: caif: fix memory leak in ldisc_open
    - net/packet: annotate accesses to po->bind
    - net/packet: annotate accesses to po->ifindex
    - r8152: Avoid memcpy() over-reading of ETH_SS_STATS
    - sh_eth: Avoid memcpy() over-reading of ETH_SS_STATS
    - r8169: Avoid memcpy() over-reading of ETH_SS_STATS
    - KVM: selftests: Fix kvm_check_cap() assertion
    - net: qed: Fix memcpy() overflow of qed_dcbx_params()
    - mac80211: reset profile_periodicity/ema_ap
    - mac80211: handle various extensible elements correctly
    - recordmcount: Correct st_shndx handling
    - PCI: Add AMD RS690 quirk to enable 64-bit DMA
    - net: ll_temac: Add memory-barriers for TX BD access
    - net: ll_temac: Avoid ndo_start_xmit returning NETDEV_TX_BUSY
    - perf/x86: Track pmu in per-CPU cpu_hw_events
    - pinctrl: stm32: fix the reported number of GPIO lines per bank
    - i2c: i801: Ensure that SMBHSTSTS_INUSE_STS is cleared when leaving
      i801_access
    - gpiolib: cdev: zero padding during conversion to gpioline_info_changed
    - scsi: sd: Call sd_revalidate_disk() for ioctl(BLKRRPART)
    - nilfs2: fix memory leak in nilfs_sysfs_delete_device_group
    - s390/stack: fix possible register corruption with stack switch helper
    - KVM: do not allow mapping valid but non-reference-counted pages
    - i2c: robotfuzz-osif: fix control-request directions
    - ceph: must hold snap_rwsem when filling inode for async create
    - kthread_worker: split code for canceling the delayed work timer
    - kthread: prevent deadlock when kthread_mod_delayed_work() races with
      kthread_cancel_delayed_work_sync()
    - x86/fpu: Preserve supervisor states in sanitize_restored_user_xstate()
    - x86/fpu: Make init_fpstate correct with optimized XSAVE
    - mm/rmap: remove unneeded semicolon in page_not_mapped()
    - mm/rmap: use page_not_mapped in try_to_unmap()
    - mm, thp: use head page in __migration_entry_wait()
    - mm/thp: fix __split_huge_pmd_locked() on shmem migration entry
    - mm/thp: make is_huge_zero_pmd() safe and quicker
    - mm/thp: try_to_unmap() use TTU_SYNC for safe splitting
    - mm/thp: fix vma_address() if virtual address below file offset
    - mm/thp: fix page_address_in_vma() on file THP tails
    - mm/thp: unmap_mapping_page() to fix THP truncate_cleanup_page()
    - mm: thp: replace DEBUG_VM BUG with VM_WARN when unmap fails for split
    - mm: page_vma_mapped_walk(): use page for pvmw->page
    - mm: page_vma_mapped_walk(): settle PageHuge on entry
    - mm: page_vma_mapped_walk(): use pmde for *pvmw->pmd
    - mm: page_vma_mapped_walk(): prettify PVMW_MIGRATION block
    - mm: page_vma_mapped_walk(): crossing page table boundary
    - mm: page_vma_mapped_walk(): add a level of indentation
    - mm: page_vma_mapped_walk(): use goto instead of while (1)
    - mm: page_vma_mapped_walk(): get vma_address_end() earlier
    - mm/thp: fix page_vma_mapped_walk() if THP mapped by ptes
    - mm/thp: another PVMW_SYNC fix in page_vma_mapped_walk()
    - mm, futex: fix shared futex pgoff on shmem huge page
    - KVM: SVM: Call SEV Guest Decommission if ASID binding fails
    - swiotlb: manipulate orig_addr when tlb_addr has offset
    - netfs: fix test for whether we can skip read when writing beyond EOF
    - Revert "drm: add a locked version of drm_is_current_master"
    - [Config] enable CONFIG_SYSTEM_REVOCATION_LIST
    - certs: Add EFI_CERT_X509_GUID support for dbx entries
    - certs: Move load_system_certificate_list to a common function
    - [Config] updateconfigs for SYSTEM_REVOCATION_KEYS
    - certs: Add ability to preload revocation certs
    - integrity: Load mokx variables into the blacklist keyring
    - drm/kmb: Fix error return code in kmb_hw_init()
    - dmaengine: idxd: Fix missing error code in idxd_cdev_open()
    - pinctrl: microchip-sgpio: Put fwnode in error case during ->probe()
    - xen/events: reset active flag for lateeoi events later
    - mm/memory-failure: use a mutex to avoid memory_failure() races

* Hirsute update: upstream stable patchset 2021-07-16 (LP: #1936688)
    - net: ieee802154: fix null deref in parse dev addr
    - HID: quirks: Set INCREMENT_USAGE_ON_DUPLICATE for Saitek X65
    - HID: a4tech: use A4_2WHEEL_MOUSE_HACK_B8 for A4TECH NB-95
    - HID: hid-input: add mapping for emoji picker key
    - HID: hid-sensor-hub: Return error for hid_set_field() failure
    - HID: quirks: Add quirk for Lenovo optical mouse
    - HID: multitouch: set Stylus suffix for Stylus-application devices, too
    - HID: Add BUS_VIRTUAL to hid_connect logging
    - HID: usbhid: fix info leak in hid_submit_ctrl
    - drm/tegra: sor: Do not leak runtime PM reference
    - gpu: host1x: Split up client initalization and registration
    - drm/tegra: sor: Fully initialize SOR before registration
    - ARM: OMAP1: Fix use of possibly uninitialized irq variable
    - ARM: OMAP2+: Fix build warning when mmc_omap is not built
    - gfs2: Prevent direct-I/O write fallback errors from getting lost
    - gfs2: fix a deadlock on withdraw-during-mount
    - HID: gt683r: add missing MODULE_DEVICE_TABLE
    - riscv: Use -mno-relax when using lld linker
    - gfs2: Fix use-after-free in gfs2_glock_shrink_scan
    - scsi: target: core: Fix warning on realtime kernels
    - ethernet: myri10ge: Fix missing error code in myri10ge_probe()
    - scsi: qedf: Do not put host in qedf_vport_create() unconditionally
    - Bluetooth: Add a new USB ID for RTL8822CE
    - scsi: scsi_devinfo: Add blacklist entry for HPE OPEN-V
    - nvme-loop: reset queue count to 1 in nvme_loop_destroy_io_queues()
    - nvme-loop: clear NVME_LOOP_Q_LIVE when nvme_loop_configure_admin_queue()
      fails
    - nvme-loop: check for NVME_LOOP_Q_LIVE in nvme_loop_destroy_admin_queue()
    - nvme-loop: do not warn for deleted controllers during reset
    - net: ipconfig: Don't override command-line hostnames or domains
    - drm/amd/display: Allow bandwidth validation for 0 streams.
    - drm/amdgpu: refine amdgpu_fru_get_product_info
    - drm/amd/display: Fix potential memory leak in DMUB hw_init
    - drm/amd/amdgpu:save psp ring wptr to avoid attack
    - rtnetlink: Fix missing error code in rtnl_bridge_notify()
    - net/x25: Return the correct errno code
    - net: Return the correct errno code
    - fib: Return the correct errno code
    - HID: asus: Filter keyboard EC for old ROG keyboard
    - HID: quirks: Add HID_QUIRK_NO_INIT_REPORTS quirk for Dell K15A keyboard-dock
    - HID: asus: filter G713/G733 key event to prevent shutdown
    - hwmon/pmbus: (q54sj108a2) The PMBUS_MFR_ID is actually 6 chars instead of 5
    - gfs2: Clean up revokes on normal withdraws
    - HID: intel-ish-hid: ipc: Add Alder Lake device IDs
    - ALSA: hda: Add AlderLake-M PCI ID
    - dmaengine: idxd: add missing dsa driver unregister
    - dmaengine: fsl-dpaa2-qdma: Fix error return code in two functions
    - dmaengine: xilinx: dpdma: initialize registers before request_irq
    - dmaengine: ALTERA_MSGDMA depends on HAS_IOMEM
    - dmaengine: QCOM_HIDMA_MGMT depends on HAS_IOMEM
    - dmaengine: SF_PDMA depends on HAS_IOMEM
    - dmaengine: stedma40: add missing iounmap() on error in d40_probe()
    - afs: Fix an IS_ERR() vs NULL check
    - mm/memory-failure: make sure wait for page writeback in memory_failure
    - kvm: LAPIC: Restore guard to prevent illegal APIC register access
    - fanotify: fix copy_event_to_user() fid error clean up
    - batman-adv: Avoid WARN_ON timing related checks
    - mac80211: fix skb length check in ieee80211_scan_rx()
    - mlxsw: reg: Spectrum-3: Enforce lowest max-shaper burst size of 11
    - mlxsw: core: Set thermal zone polling delay argument to real value at init
    - libbpf: Fixes incorrect rx_ring_setup_done
    - net: ipv4: fix memory leak in netlbl_cipsov4_add_std
    - vrf: fix maximum MTU
    - net: rds: fix memory leak in rds_recvmsg
    - net: dsa: felix: re-enable TX flow control in ocelot_port_flush()
    - net: lantiq: disable interrupt before sheduling NAPI
    - netfilter: nft_fib_ipv6: skip ipv6 packets from any to link-local
    - ice: add ndo_bpf callback for safe mode netdev ops
    - ice: parameterize functions responsible for Tx ring management
    - udp: fix race between close() and udp_abort()
    - rtnetlink: Fix regression in bridge VLAN configuration
    - net/sched: act_ct: handle DNAT tuple collision
    - net/mlx5e: Remove dependency in IPsec initialization flows
    - net/mlx5e: Fix page reclaim for dead peer hairpin
    - net/mlx5: Consider RoCE cap before init RDMA resources
    - net/mlx5: DR, Allow SW steering for sw_owner_v2 devices
    - net/mlx5: DR, Don't use SW steering when RoCE is not supported
    - net/mlx5e: Block offload of outer header csum for UDP tunnels
    - netfilter: synproxy: Fix out of bounds when parsing TCP options
    - mptcp: Fix out of bounds when parsing TCP options
    - sch_cake: Fix out of bounds when parsing TCP options and header
    - mptcp: try harder to borrow memory from subflow under pressure
    - mptcp: do not warn on bad input from the network
    - selftests: mptcp: enable syncookie only in absence of reorders
    - alx: Fix an error handling path in 'alx_probe()'
    - cxgb4: fix endianness when flashing boot image
    - cxgb4: fix sleep in atomic when flashing PHY firmware
    - cxgb4: halt chip before flashing PHY firmware image
    - net: stmmac: dwmac1000: Fix extended MAC address registers definition
    - net: make get_net_ns return error if NET_NS is disabled
    - net: qualcomm: rmnet: don't over-count statistics
    - ethtool: strset: fix message length calculation
    - qlcnic: Fix an error handling path in 'qlcnic_probe()'
    - netxen_nic: Fix an error handling path in 'netxen_nic_probe()'
    - cxgb4: fix wrong ethtool n-tuple rule lookup
    - ipv4: Fix device used for dst_alloc with local routes
    - net: qrtr: fix OOB Read in qrtr_endpoint_post
    - bpf: Fix leakage under speculation on mispredicted branches
    - ptp: improve max_adj check against unreasonable values
    - net: cdc_ncm: switch to eth%d interface naming
    - lantiq: net: fix duplicated skb in rx descriptor ring
    - net: usb: fix possible use-after-free in smsc75xx_bind
    - net: fec_ptp: fix issue caused by refactor the fec_devtype
    - net: ipv4: fix memory leak in ip_mc_add1_src
    - net/af_unix: fix a data-race in unix_dgram_sendmsg / unix_release_sock
    - net/mlx5: E-Switch, Read PF mac address
    - net/mlx5: E-Switch, Allow setting GUID for host PF vport
    - net/mlx5: Reset mkey index on creation
    - be2net: Fix an error handling path in 'be_probe()'
    - net: hamradio: fix memory leak in mkiss_close
    - net: cdc_eem: fix tx fixup skb leak
    - cxgb4: fix wrong shift.
    - bnxt_en: Rediscover PHY capabilities after firmware reset
    - bnxt_en: Fix TQM fastpath ring backing store computation
    - bnxt_en: Call bnxt_ethtool_free() in bnxt_init_one() error path
    - icmp: don't send out ICMP messages with a source address of 0.0.0.0
    - net: ethernet: fix potential use-after-free in ec_bhf_remove
    - regulator: cros-ec: Fix error code in dev_err message
    - regulator: bd70528: Fix off-by-one for buck123 .n_voltages setting
    - platform/x86: thinkpad_acpi: Add X1 Carbon Gen 9 second fan support
    - ASoC: rt5659: Fix the lost powers for the HDA header
    - phy: phy-mtk-tphy: Fix some resource leaks in mtk_phy_init()
    - ASoC: fsl-asoc-card: Set .owner attribute when registering card.
    - regulator: rtmv20: Fix to make regcache value first reading back from HW
    - spi: spi-zynq-qspi: Fix some wrong goto jumps & missing error code
    - sched/pelt: Ensure that *_sum is always synced with *_avg
    - ASoC: tas2562: Fix TDM_CFG0_SAMPRATE values
    - spi: stm32-qspi: Always wait BUSY bit to be cleared in stm32_qspi_wait_cmd()
    - regulator: rt4801: Fix NULL pointer dereference if priv->enable_gpios is
      NULL
    - ASoC: rt5682: Fix the fast discharge for headset unplugging in soundwire
      mode
    - pinctrl: ralink: rt2880: avoid to error in calls is pin is already enabled
    - drm/sun4i: dw-hdmi: Make HDMI PHY into a platform device
    - ASoC: qcom: lpass-cpu: Fix pop noise during audio capture begin
    - radeon: use memcpy_to/fromio for UVD fw upload
    - hwmon: (scpi-hwmon) shows the negative temperature properly
    - mm: relocate 'write_protect_seq' in struct mm_struct
    - irqchip/gic-v3: Workaround inconsistent PMR setting on NMI entry
    - bpf: Inherit expanded/patched seen count from old aux data
    - bpf: Do not mark insn as seen under speculative path verification
    - can: bcm: fix infoleak in struct bcm_msg_head
    - can: bcm/raw/isotp: use per module netdevice notifier
    - can: j1939: fix Use-after-Free, hold skb ref while in use
    - can: mcba_usb: fix memory leak in mcba_usb
    - usb: core: hub: Disable autosuspend for Cypress CY7C65632
    - usb: chipidea: imx: Fix Battery Charger 1.2 CDP detection
    - tracing: Do not stop recording cmdlines when tracing is off
    - tracing: Do not stop recording comms if the trace file is being read
    - tracing: Do no increment trace_clock_global() by one
    - PCI: Mark TI C667X to avoid bus reset
    - PCI: Mark some NVIDIA GPUs to avoid bus reset
    - PCI: aardvark: Fix kernel panic during PIO transfer
    - PCI: Add ACS quirk for Broadcom BCM57414 NIC
    - PCI: Work around Huawei Intelligent NIC VF FLR erratum
    - KVM: x86: Immediately reset the MMU context when the SMM flag is cleared
    - KVM: x86/mmu: Calculate and check "full" mmu_role for nested MMU
    - KVM: X86: Fix x86_emulator slab cache leak
    - s390/mcck: fix calculation of SIE critical section size
    - s390/ap: Fix hanging ioctl caused by wrong msg counter
    - ARCv2: save ABI registers across signal handling
    - x86/mm: Avoid truncating memblocks for SGX memory
    - x86/process: Check PF_KTHREAD and not current->mm for kernel threads
    - x86/ioremap: Map EFI-reserved memory as encrypted for SEV
    - x86/pkru: Write hardware init value to PKRU when xstate is init
    - x86/fpu: Prevent state corruption in __fpu__restore_sig()
    - x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer
    - x86/fpu: Reset state for all signal restore failures
    - crash_core, vmcoreinfo: append 'SECTION_SIZE_BITS' to vmcoreinfo
    - dmaengine: pl330: fix wrong usage of spinlock flags in dma_cyclc
    - mac80211: Fix NULL ptr deref for injected rate info
    - cfg80211: make certificate generation more robust
    - cfg80211: avoid double free of PMSR request
    - net: ll_temac: Make sure to free skb when it is completely used
    - net: ll_temac: Fix TX BD buffer overwrite
    - net: bridge: fix vlan tunnel dst null pointer dereference
    - net: bridge: fix vlan tunnel dst refcnt when egressing
    - mm/swap: fix pte_same_as_swp() not removing uffd-wp bit when compare
    - mm/slub: clarify verification reporting
    - mm/slub: fix redzoning for small allocations
    - mm/slub: actually fix freelist pointer vs redzoning
    - mm/slub.c: include swab.h
    - net: stmmac: disable clocks in stmmac_remove_config_dt()
    - net: fec_ptp: add clock rate zero check
    - tools headers UAPI: Sync linux/in.h copy with the kernel sources
    - perf beauty: Update copy of linux/socket.h with the kernel sources
    - usb: dwc3: debugfs: Add and remove endpoint dirs dynamically
    - usb: dwc3: core: fix kernel panic when do reboot
    - dmaengine: idxd: add engine 'struct device' missing bus type assignment
    - net: ena: fix DMA mapping function issues in XDP
    - netfilter: nf_tables: initialize set before expression setup
    - Revert "net/mlx5: Arm only EQs with EQEs"
    - net/mlx5e: Block offload of outer header csum for GRE tunnel
    - mptcp: wake-up readers only for in sequence data
    - net: mhi_net: Update the transmit handler prototype
    - net/mlx5: Check that driver was probed prior attaching the device
    - net/mlx5e: Don't create devices during unload flow
    - perf metricgroup: Fix find_evsel_group() event selector
    - perf metricgroup: Return error code from
      metricgroup__add_metric_sys_event_iter()
    - PCI: Mark AMD Navi14 GPU ATS as broken
    - powerpc/perf: Fix crash in perf_instruction_pointer() when ppmu is not set

* Patch To Fix Bug in the Linux Block Layer Responsible For  Merging BIOs
    (LP: #1931497)
    - block: return the correct bvec when checking for gaps

-- Kelsey Skunberg <kelsey.skunberg@canonical.com>  Thu, 26 Aug 2021 12:11:39 -0600

Changed in linux (Ubuntu Hirsute):
status:	Fix Committed → Fix Released

AceLan Kao (acelankao) on 2021-09-11

Changed in linux-oem-5.10 (Ubuntu Xenial):
status:	New → Invalid
Changed in linux-oem-5.10 (Ubuntu Bionic):
status:	New → Invalid
Changed in linux-oem-5.10 (Ubuntu Focal):
status:	New → Fix Committed
Changed in linux-oem-5.10 (Ubuntu Hirsute):
status:	New → Invalid
Changed in linux-oem-5.10 (Ubuntu):
status:	New → Invalid

Dimitri John Ledkov (xnox) on 2021-09-27

description:

updated

Dimitri John Ledkov (xnox) on 2021-09-27

Changed in linux-azure-5.8 (Ubuntu Hirsute):
status:	New → Invalid
Changed in linux-azure-5.8 (Ubuntu):
status:	New → Invalid
Changed in linux-azure-5.8 (Ubuntu Bionic):
status:	New → Invalid
Changed in linux-azure-5.8 (Ubuntu Xenial):
status:	New → Invalid

Stefan Bader (smb) on 2021-10-04

Changed in linux-hwe-5.8 (Ubuntu Xenial):
status:	New → Invalid
Changed in linux-hwe-5.8 (Ubuntu Bionic):
status:	New → Invalid
Changed in linux-hwe-5.8 (Ubuntu Hirsute):
status:	New → Invalid
Changed in linux-hwe-5.8 (Ubuntu Focal):
importance:	Undecided → Medium
status:	New → In Progress
Changed in linux (Ubuntu Focal):
importance:	Undecided → Medium
status:	New → In Progress

Revision history for this message

Launchpad Janitor (janitor) wrote on 2021-10-04:

#9

This bug was fixed in the package linux-oem-5.10 - 5.10.0-1049.51

---------------
linux-oem-5.10 (5.10.0-1049.51) focal; urgency=medium

* focal/linux-oem-5.10: 5.10.0-1049.50 -proposed tracker (LP: #1944209)

  * e1000e extremly slow (LP: #1930754)
    - SAUCE: e1000e: Separate TGP board type from SPT
    - SAUCE: e1000e: Fixing packet loss issues on new platforms

* CVE-2021-41073
- io_uring: ensure symmetry in handling iter types in loop_rw_iter()

-- Chia-Lin Kao (AceLan) <email address hidden> Mon, 27 Sep 2021 18:33:36 +0800

Changed in linux-oem-5.10 (Ubuntu Focal):
status:	Fix Committed → Fix Released

Stefan Bader (smb) on 2021-10-04

Changed in linux-hwe-5.8 (Ubuntu):
status:	New → Invalid

Stefan Bader (smb) on 2021-10-04

Changed in linux-hwe-5.8 (Ubuntu Focal):
status:	In Progress → Fix Committed

Kelsey Steele (kelsey-steele) on 2021-10-13

Changed in linux (Ubuntu Focal):
status:	In Progress → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2021-10-18:

#10

Download full text (3.2 KiB)

This bug was fixed in the package linux-azure-5.8 - 5.8.0-1043.46~20.04.1

---------------
linux-azure-5.8 (5.8.0-1043.46~20.04.1) focal; urgency=medium

* focal/linux-azure-5.8: 5.8.0-1043.46~20.04.1 -proposed tracker
(LP: #1944902)

* Support builtin revoked certificates (LP: #1932029)
- [Config] Configure CONFIG_SYSTEM_REVOCATION_KEYS with revoked keys

[ Ubuntu: 5.8.0-66.74 ]

  * focal/linux-hwe-5.8: 5.8.0-66.74 -proposed tracker (LP: #1944903)
  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2021.09.27)
  * linux: btrfs: fix NULL pointer dereference when deleting device by invalid
    id (LP: #1945987)
    - btrfs: fix NULL pointer dereference when deleting device by invalid id
  * CVE-2021-38199
    - NFSv4: Initialise connection to the server in nfs4_alloc_client()
  * BCM57800 SRIOV bug causes interfaces to disappear (LP: #1945707)
    - bnx2x: Fix enabling network interfaces without VFs
  * CVE-2021-3759
    - memcg: enable accounting of ipc resources
  * CVE-2019-19449
    - f2fs: fix wrong total_sections check and fsmeta check
    - f2fs: fix to do sanity check on segment/section count
  * Support builtin revoked certificates (LP: #1932029)
    - Revert "UBUNTU: SAUCE: Dump stack when X.509 certificates cannot be loaded"
    - integrity: Move import of MokListRT certs to a separate routine
    - integrity: Load certs from the EFI MOK config table
    - certs: Add EFI_CERT_X509_GUID support for dbx entries
    - certs: Move load_system_certificate_list to a common function
    - certs: Add ability to preload revocation certs
    - integrity: Load mokx variables into the blacklist keyring
    - certs: add 'x509_revocation_list' to gitignore
    - SAUCE: Dump stack when X.509 certificates cannot be loaded
    - [Packaging] build canonical-revoked-certs.pem from branch/arch certs
    - [Packaging] Revoke 2012 UEFI signing certificate as built-in
    - [Config] Configure CONFIG_SYSTEM_REVOCATION_KEYS with revoked keys
  * Support importing mokx keys into revocation list from the mok table
    (LP: #1928679)
    - efi: Support for MOK variable config table
    - efi: mokvar-table: fix some issues in new code
    - efi: mokvar: add missing include of asm/early_ioremap.h
    - efi/mokvar: Reserve the table only if it is in boot services data
    - SAUCE: integrity: add informational messages when revoking certs
  * Support importing mokx keys into revocation list from the mok table
    (LP: #1928679) // CVE-2020-26541 when certificates are revoked via
    MokListXRT.
    - SAUCE: integrity: Load mokx certs from the EFI MOK config table
  * CVE-2020-36311
    - KVM: SVM: Periodically schedule when unregistering regions on destroy
  * CVE-2021-22543
    - KVM: do not allow mapping valid but non-reference-counted pages
  * CVE-2021-3612
    - Input: joydev - prevent use of not validated data in JSIOCSBTNMAP ioctl
  * CVE-2021-38207
    - net: ll_temac: Fix TX BD buffer overwrite
  * CVE-2021-40490
    - ext4: fix race writing to an inline_data file while its xattrs are changing
  * LRMv5: switch primary version handling to kernel-versions data set
    (LP: #1928921)
    - [Pac...

This bug was fixed in the package linux-azure-5.8 - 5.8.0-1043.46~20.04.1

---------------
linux-azure-5.8 (5.8.0-1043.46~20.04.1) focal; urgency=medium

* focal/linux-azure-5.8: 5.8.0-1043.46~20.04.1 -proposed tracker
    (LP: #1944902)

* Support builtin revoked certificates (LP: #1932029)
    - [Config] Configure CONFIG_SYSTEM_REVOCATION_KEYS with revoked keys

[ Ubuntu: 5.8.0-66.74 ]

* focal/linux-hwe-5.8: 5.8.0-66.74 -proposed tracker (LP: #1944903)
  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2021.09.27)
  * linux: btrfs: fix NULL pointer dereference when deleting device by invalid
    id (LP: #1945987)
    - btrfs: fix NULL pointer dereference when deleting device by invalid id
  * CVE-2021-38199
    - NFSv4: Initialise connection to the server in nfs4_alloc_client()
  * BCM57800 SRIOV bug causes interfaces to disappear (LP: #1945707)
    - bnx2x: Fix enabling network interfaces without VFs
  * CVE-2021-3759
    - memcg: enable accounting of ipc resources
  * CVE-2019-19449
    - f2fs: fix wrong total_sections check and fsmeta check
    - f2fs: fix to do sanity check on segment/section count
  * Support builtin revoked certificates (LP: #1932029)
    - Revert "UBUNTU: SAUCE: Dump stack when X.509 certificates cannot be loaded"
    - integrity: Move import of MokListRT certs to a separate routine
    - integrity: Load certs from the EFI MOK config table
    - certs: Add EFI_CERT_X509_GUID support for dbx entries
    - certs: Move load_system_certificate_list to a common function
    - certs: Add ability to preload revocation certs
    - integrity: Load mokx variables into the blacklist keyring
    - certs: add 'x509_revocation_list' to gitignore
    - SAUCE: Dump stack when X.509 certificates cannot be loaded
    - [Packaging] build canonical-revoked-certs.pem from branch/arch certs
    - [Packaging] Revoke 2012 UEFI signing certificate as built-in
    - [Config] Configure CONFIG_SYSTEM_REVOCATION_KEYS with revoked keys
  * Support importing mokx keys into revocation list from the mok table
    (LP: #1928679)
    - efi: Support for MOK variable config table
    - efi: mokvar-table: fix some issues in new code
    - efi: mokvar: add missing include of asm/early_ioremap.h
    - efi/mokvar: Reserve the table only if it is in boot services data
    - SAUCE: integrity: add informational messages when revoking certs
  * Support importing mokx keys into revocation list from the mok table
    (LP: #1928679) // CVE-2020-26541 when certificates are revoked via
    MokListXRT.
    - SAUCE: integrity: Load mokx certs from the EFI MOK config table
  * CVE-2020-36311
    - KVM: SVM: Periodically schedule when unregistering regions on destroy
  * CVE-2021-22543
    - KVM: do not allow mapping valid but non-reference-counted pages
  * CVE-2021-3612
    - Input: joydev - prevent use of not validated data in JSIOCSBTNMAP ioctl
  * CVE-2021-38207
    - net: ll_temac: Fix TX BD buffer overwrite
  * CVE-2021-40490
    - ext4: fix race writing to an inline_data file while its xattrs are changing
  *  LRMv5: switch primary version handling to kernel-versions data set
    (LP: #1928921)
    - [Packaging] switch to kernel-versions

-- Marcelo Henrique Cerri <marcelo.cerri@canonical.com>  Thu, 07 Oct 2021 09:39:35 -0300

Changed in linux-azure-5.8 (Ubuntu Focal):
status:	New → Fix Released

Kleber Sacilotto de Souza (kleber-souza) on 2021-11-30

Changed in linux (Ubuntu Bionic):
status:	New → Fix Committed

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2021-12-01:

#11

This bug is awaiting verification that the linux/4.15.0-165.173 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-bionic' to 'verification-done-bionic'. If the problem still exists, change the tag 'verification-needed-bionic' to 'verification-failed-bionic'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: verification-needed-bionic

Revision history for this message

Launchpad Janitor (janitor) wrote on 2022-01-04:

#12

Download full text (10.4 KiB)

This bug was fixed in the package linux - 4.15.0-166.174

---------------
linux (4.15.0-166.174) bionic; urgency=medium

* bionic/linux: 4.15.0-166.174 -proposed tracker (LP: #1953667)

* Ubuntu version macros overflow with high ABI numbers (LP: #1953522)
- SAUCE: Revert "stable: clamp SUBLEVEL in 4.14"

  * test_bpf.sh test in net of ubuntu_kernel_selftests failed on B-4.15 and
    variants (LP: #1953287)
    - SAUCE: Revert "bpf: add also cbpf long jump test cases with heavy expansion"

  * test_bpf.sh test in net of ubuntu_kernel_selftests failed on B-4.15 and
    variants (LP: #1953287) // CVE-2018-25020
    - bpf: fix truncated jump targets on heavy expansions

linux (4.15.0-165.173) bionic; urgency=medium

* bionic/linux: 4.15.0-165.173 -proposed tracker (LP: #1952780)

  * Support builtin revoked certificates (LP: #1932029)
    - certs: Add EFI_CERT_X509_GUID support for dbx entries
    - certs: Move load_system_certificate_list to a common function
    - integrity: Move import of MokListRT certs to a separate routine
    - integrity: Load certs from the EFI MOK config table
    - certs: Add ability to preload revocation certs
    - certs: add 'x509_revocation_list' to gitignore
    - SAUCE: Dump stack when X.509 certificates cannot be loaded
    - [Packaging] build canonical-revoked-certs.pem from branch/arch certs
    - [Packaging] Revoke 2012 UEFI signing certificate as built-in
    - [Config] Configure CONFIG_SYSTEM_REVOCATION_KEYS with revoked keys

  * Support importing mokx keys into revocation list from the mok table
    (LP: #1928679)
    - efi: Support for MOK variable config table
    - efi: mokvar-table: fix some issues in new code
    - efi: mokvar: add missing include of asm/early_ioremap.h
    - efi/mokvar: Reserve the table only if it is in boot services data
    - SAUCE: integrity: Load mokx certs from the EFI MOK config table
    - SAUCE: integrity: add informational messages when revoking certs

  * CVE-2021-4002
    - arm64: tlb: Provide forward declaration of tlb_flush() before including
      tlb.h
    - mm: mmu_notifier fix for tlb_end_vma
    - hugetlbfs: flush TLBs correctly after huge_pmd_unshare

linux (4.15.0-164.172) bionic; urgency=medium

* bionic/linux: 4.15.0-164.172 -proposed tracker (LP: #1952348)

  * Packaging resync (LP: #1786013)
    - [Packaging] resync update-dkms-versions helper
    - debian/dkms-versions -- update from kernel-versions (main/2021.11.29)

  * Bionic update: upstream stable patchset 2021-11-23 (LP: #1951997)
    - btrfs: always wait on ordered extents at fsync time
    - ARM: dts: at91: sama5d2_som1_ek: disable ISC node by default
    - xtensa: xtfpga: use CONFIG_USE_OF instead of CONFIG_OF
    - xtensa: xtfpga: Try software restart before simulating CPU reset
    - NFSD: Keep existing listeners on portlist error
    - netfilter: ipvs: make global sysctl readonly in non-init netns
    - NIOS2: irqflags: rename a redefined register name
    - can: rcar_can: fix suspend/resume
    - can: peak_usb: pcan_usb_fd_decode_status(): fix back to ERROR_ACTIVE state
      notification
    - can: peak_pci: peak_pci_remove(): fix UAF
    - ocfs2: fix data corruption after conversio...

This bug was fixed in the package linux - 4.15.0-166.174

---------------
linux (4.15.0-166.174) bionic; urgency=medium

* bionic/linux: 4.15.0-166.174 -proposed tracker (LP: #1953667)

* Ubuntu version macros overflow with high ABI numbers (LP: #1953522)
    - SAUCE: Revert "stable: clamp SUBLEVEL in 4.14"

* test_bpf.sh test in net of ubuntu_kernel_selftests failed on B-4.15 and
    variants (LP: #1953287)
    - SAUCE: Revert "bpf: add also cbpf long jump test cases with heavy expansion"

* test_bpf.sh test in net of ubuntu_kernel_selftests failed on B-4.15 and
    variants (LP: #1953287) // CVE-2018-25020
    - bpf: fix truncated jump targets on heavy expansions

linux (4.15.0-165.173) bionic; urgency=medium

* bionic/linux: 4.15.0-165.173 -proposed tracker (LP: #1952780)

* Support builtin revoked certificates (LP: #1932029)
    - certs: Add EFI_CERT_X509_GUID support for dbx entries
    - certs: Move load_system_certificate_list to a common function
    - integrity: Move import of MokListRT certs to a separate routine
    - integrity: Load certs from the EFI MOK config table
    - certs: Add ability to preload revocation certs
    - certs: add 'x509_revocation_list' to gitignore
    - SAUCE: Dump stack when X.509 certificates cannot be loaded
    - [Packaging] build canonical-revoked-certs.pem from branch/arch certs
    - [Packaging] Revoke 2012 UEFI signing certificate as built-in
    - [Config] Configure CONFIG_SYSTEM_REVOCATION_KEYS with revoked keys

* Support importing mokx keys into revocation list from the mok table
    (LP: #1928679)
    - efi: Support for MOK variable config table
    - efi: mokvar-table: fix some issues in new code
    - efi: mokvar: add missing include of asm/early_ioremap.h
    - efi/mokvar: Reserve the table only if it is in boot services data
    - SAUCE: integrity: Load mokx certs from the EFI MOK config table
    - SAUCE: integrity: add informational messages when revoking certs

* CVE-2021-4002
    - arm64: tlb: Provide forward declaration of tlb_flush() before including
      tlb.h
    - mm: mmu_notifier fix for tlb_end_vma
    - hugetlbfs: flush TLBs correctly after huge_pmd_unshare

linux (4.15.0-164.172) bionic; urgency=medium

* bionic/linux: 4.15.0-164.172 -proposed tracker (LP: #1952348)

* Packaging resync (LP: #1786013)
    - [Packaging] resync update-dkms-versions helper
    - debian/dkms-versions -- update from kernel-versions (main/2021.11.29)

* Bionic update: upstream stable patchset 2021-11-23 (LP: #1951997)
    - btrfs: always wait on ordered extents at fsync time
    - ARM: dts: at91: sama5d2_som1_ek: disable ISC node by default
    - xtensa: xtfpga: use CONFIG_USE_OF instead of CONFIG_OF
    - xtensa: xtfpga: Try software restart before simulating CPU reset
    - NFSD: Keep existing listeners on portlist error
    - netfilter: ipvs: make global sysctl readonly in non-init netns
    - NIOS2: irqflags: rename a redefined register name
    - can: rcar_can: fix suspend/resume
    - can: peak_usb: pcan_usb_fd_decode_status(): fix back to ERROR_ACTIVE state
      notification
    - can: peak_pci: peak_pci_remove(): fix UAF
    - ocfs2: fix data corruption after conversion from inline format
    - ocfs2: mount fails with buffer overflow in strlen
    - elfcore: correct reference to CONFIG_UML
    - ALSA: usb-audio: Provide quirk for Sennheiser GSP670 Headset
    - ASoC: DAPM: Fix missing kctl change notifications
    - nfc: nci: fix the UAF of rf_conn_info object
    - isdn: cpai: check ctr->cnr to avoid array index out of bound
    - netfilter: Kconfig: use 'default y' instead of 'm' for bool config option
    - btrfs: deal with errors when checking if a dir entry exists during log
      replay
    - net: stmmac: add support for dwmac 3.40a
    - ARM: dts: spear3xx: Fix gmac node
    - isdn: mISDN: Fix sleeping function called from invalid context
    - platform/x86: intel_scu_ipc: Update timeout value in comment
    - ALSA: hda: avoid write to STATESTS if controller is in reset
    - tracing: Have all levels of checks prevent recursion
    - ARM: 9122/1: select HAVE_FUTEX_CMPXCHG
    - dma-debug: fix sg checks in debug_dma_map_sg()
    - ASoC: wm8960: Fix clock configuration on slave mode
    - lan78xx: select CRC32
    - net: hns3: add limit ets dwrr bandwidth cannot be 0
    - net: hns3: disable sriov before unload hclge layer
    - ALSA: hda/realtek: Add quirk for Clevo PC50HS
    - mm, slub: fix mismatch between reconstructed freelist depth and cnt
    - gcc-plugins/structleak: add makefile var for disabling structleak

* creat09 from ubuntu_ltp_syscalls and cve-2018-13405 from ubuntu_ltp/cve
    failed with XFS (LP: #1950239)
    - xfs: ensure that the inode uid/gid match values match the icdinode ones
    - xfs: merge the projid fields in struct xfs_icdinode
    - xfs: remove the icdinode di_uid/di_gid members
    - xfs: fix up non-directory creation in SGID directories

* ubuntu_ltp / finit_module02 fails on v4.15 and other kernels (LP: #1950644)
    - vfs: check fd has read access in kernel_read_file_from_fd()

* reuseport_bpf_numa in net from ubuntu_kernel_selftests fails on ppc64le
    (LP: #1867570)
    - selftests/net: Fix reuseport_bpf_numa by skipping unavailable nodes

* Bionic update: upstream stable patchset 2021-11-12 (LP: #1950816)
    - net: mdio: introduce a shutdown method to mdio device drivers
    - xen-netback: correct success/error reporting for the SKB-with-fraglist case
    - sparc64: fix pci_iounmap() when CONFIG_PCI is not set
    - ext2: fix sleeping in atomic bugs on error
    - scsi: sd: Free scsi_disk device via put_device()
    - usb: testusb: Fix for showing the connection speed
    - usb: dwc2: check return value after calling platform_get_resource()
    - scsi: ses: Retry failed Send/Receive Diagnostic commands
    - libata: Add ATA_HORKAGE_NO_NCQ_ON_ATI for Samsung 860 and 870 SSD.
    - lib/timerqueue: Rely on rbtree semantics for next timer
    - selftests: be sure to make khdr before other targets
    - Partially revert "usb: Kconfig: using select for USB_COMMON dependency"
    - USB: cdc-acm: fix racy tty buffer accesses
    - USB: cdc-acm: fix break reporting
    - ovl: fix missing negative dentry check in ovl_rename()
    - nfsd4: Handle the NFSv4 READDIR 'dircount' hint being zero
    - xen/balloon: fix cancelled balloon action
    - ARM: dts: omap3430-sdp: Fix NAND device node
    - ARM: dts: qcom: apq8064: use compatible which contains chipid
    - bpf: add also cbpf long jump test cases with heavy expansion
    - bpf, mips: Validate conditional branch offsets
    - xtensa: call irqchip_init only when CONFIG_USE_OF is selected
    - bpf: Fix integer overflow in prealloc_elems_and_freelist()
    - phy: mdio: fix memory leak
    - net_sched: fix NULL deref in fifo_set_limit()
    - powerpc/fsl/dts: Fix phy-connection-type for fm1mac3
    - ptp_pch: Load module automatically if ID matches
    - ARM: imx6: disable the GIC CPU interface before calling stby-poweroff
      sequence
    - net: bridge: use nla_total_size_64bit() in br_get_linkxstats_size()
    - netlink: annotate data races around nlk->bound
    - drm/nouveau/debugfs: fix file release memory leak
    - rtnetlink: fix if_nlmsg_stats_size() under estimation
    - i40e: fix endless loop under rtnl
    - i2c: acpi: fix resource leak in reconfiguration device addition
    - net: phy: bcm7xxx: Fixed indirect MMD operations
    - HID: apple: Fix logical maximum and usage maximum of Magic Keyboard JIS
    - netfilter: ip6_tables: zero-initialize fragment offset
    - mac80211: Drop frames from invalid MAC address in ad-hoc mode
    - m68k: Handle arrivals of multiple signals correctly
    - net: sun: SUNVNET_COMMON should depend on INET
    - scsi: ses: Fix unsigned comparison with less than zero
    - scsi: virtio_scsi: Fix spelling mistake "Unsupport" -> "Unsupported"
    - perf/x86: Reset destroy callback on event init failure
    - sched: Always inline is_percpu_thread()
    - bpf, arm: Fix register clobbering in div/mod implementation
    - i40e: Fix freeing of uninitialized misc IRQ vector
    - mac80211: check return value of rhashtable_init
    - stable: clamp SUBLEVEL in 4.14
    - ALSA: seq: Fix a potential UAF by wrong private_free call order
    - s390: fix strrchr() implementation
    - btrfs: deal with errors when replaying dir entry during log replay
    - btrfs: deal with errors when adding inode reference during log replay
    - btrfs: check for error when looking up inode during dir entry replay
    - xhci: Fix command ring pointer corruption while aborting a command
    - xhci: Enable trust tx length quirk for Fresco FL11 USB controller
    - cb710: avoid NULL pointer subtraction
    - efi/cper: use stack buffer for error record decoding
    - efi: Change down_interruptible() in virt_efi_reset_system() to
      down_trylock()
    - usb: musb: dsps: Fix the probe error path
    - Input: xpad - add support for another USB ID of Nacon GC-100
    - USB: serial: qcserial: add EM9191 QDL support
    - USB: serial: option: add Quectel EC200S-CN module support
    - USB: serial: option: add Telit LE910Cx composition 0x1204
    - USB: serial: option: add prod. id for Quectel EG91
    - virtio: write back F_VERSION_1 before validate
    - nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells
    - x86/Kconfig: Do not enable AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT automatically
    - iio: adc: aspeed: set driver data when adc probe.
    - iio: adc128s052: Fix the error handling path of 'adc128_probe()'
    - iio: light: opt3001: Fixed timeout error when 0 lux
    - iio: ssp_sensors: add more range checking in ssp_parse_dataframe()
    - iio: ssp_sensors: fix error code in ssp_print_mcu_debug()
    - sctp: account stream padding length for reconf chunk
    - net: arc: select CRC32
    - net: korina: select CRC32
    - net: encx24j600: check error in devm_regmap_init_encx24j600
    - ethernet: s2io: fix setting mac address during resume
    - nfc: fix error handling of nfc_proto_register()
    - NFC: digital: fix possible memory leak in digital_tg_listen_mdaa()
    - NFC: digital: fix possible memory leak in digital_in_send_sdd_req()
    - pata_legacy: fix a couple uninitialized variable bugs
    - drm/msm: Fix null pointer dereference on pointer edp
    - drm/msm/dsi: fix off by one in dsi_bus_clk_enable error handling
    - acpi/arm64: fix next_platform_timer() section mismatch error
    - qed: Fix missing error code in qed_slowpath_start()
    - r8152: select CRC32 and CRYPTO/CRYPTO_HASH/CRYPTO_SHA256

-- Kleber Sacilotto de Souza <kleber.souza@canonical.com>  Wed, 08 Dec 2021 18:15:03 +0100

Changed in linux (Ubuntu Bionic):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2022-01-04:

#13

Download full text (19.0 KiB)

This bug was fixed in the package linux - 5.4.0-92.103

---------------
linux (5.4.0-92.103) focal; urgency=medium

* focal/linux: 5.4.0-92.103 -proposed tracker (LP: #1952316)

  * Packaging resync (LP: #1786013)
    - [Packaging] resync update-dkms-versions helper
    - debian/dkms-versions -- update from kernel-versions (main/2021.11.29)

  * CVE-2021-4002
    - tlb: mmu_gather: add tlb_flush_*_range APIs
    - hugetlbfs: flush TLBs correctly after huge_pmd_unshare

* Re-enable DEBUG_INFO_BTF where it was disabled (LP: #1945632)
- [Config] Enable CONFIG_DEBUG_INFO_BTF on all arches

  * Focal linux-azure: Vm crash on Dv5/Ev5 (LP: #1950462)
    - KVM: VMX: eVMCS: make evmcs_sanitize_exec_ctrls() work again
    - jump_label: Fix usage in module __init

  * Support builtin revoked certificates (LP: #1932029)
    - Revert "UBUNTU: SAUCE: (lockdown) Make get_cert_list() not complain about
      cert lists that aren't present."
    - integrity: Move import of MokListRT certs to a separate routine
    - integrity: Load certs from the EFI MOK config table
    - certs: Add ability to preload revocation certs
    - integrity: Load mokx variables into the blacklist keyring
    - certs: add 'x509_revocation_list' to gitignore
    - SAUCE: Dump stack when X.509 certificates cannot be loaded
    - [Packaging] build canonical-revoked-certs.pem from branch/arch certs
    - [Packaging] Revoke 2012 UEFI signing certificate as built-in
    - [Config] Configure CONFIG_SYSTEM_REVOCATION_KEYS with revoked keys

  * Support importing mokx keys into revocation list from the mok table
    (LP: #1928679)
    - efi: Support for MOK variable config table
    - efi: mokvar-table: fix some issues in new code
    - efi: mokvar: add missing include of asm/early_ioremap.h
    - efi/mokvar: Reserve the table only if it is in boot services data
    - SAUCE: integrity: add informational messages when revoking certs

  * Support importing mokx keys into revocation list from the mok table
    (LP: #1928679) // CVE-2020-26541 when certificates are revoked via
    MokListXRT.
    - SAUCE: integrity: Load mokx certs from the EFI MOK config table

  * Focal update: v5.4.157 upstream stable release (LP: #1951883)
    - ARM: 9133/1: mm: proc-macros: ensure *_tlb_fns are 4B aligned
    - ARM: 9134/1: remove duplicate memcpy() definition
    - ARM: 9139/1: kprobes: fix arch_init_kprobes() prototype
    - ARM: 9141/1: only warn about XIP address when not compile testing
    - ipv6: use siphash in rt6_exception_hash()
    - ipv4: use siphash instead of Jenkins in fnhe_hashfun()
    - usbnet: sanity check for maxpacket
    - usbnet: fix error return code in usbnet_probe()
    - Revert "pinctrl: bcm: ns: support updated DT binding as syscon subnode"
    - ata: sata_mv: Fix the error handling of mv_chip_id()
    - nfc: port100: fix using -ERRNO as command type mask
    - net/tls: Fix flipped sign in tls_err_abort() calls
    - mmc: vub300: fix control-message timeouts
    - mmc: cqhci: clear HALT state after CQE enable
    - mmc: dw_mmc: exynos: fix the finding clock sample value
    - mmc: sdhci: Map more voltage level to SDHCI_POWER_330
    - mmc: sdhci-esdhc-imx: clear the buffe...

This bug was fixed in the package linux - 5.4.0-92.103

---------------
linux (5.4.0-92.103) focal; urgency=medium

* focal/linux: 5.4.0-92.103 -proposed tracker (LP: #1952316)

* Packaging resync (LP: #1786013)
    - [Packaging] resync update-dkms-versions helper
    - debian/dkms-versions -- update from kernel-versions (main/2021.11.29)

* CVE-2021-4002
    - tlb: mmu_gather: add tlb_flush_*_range APIs
    - hugetlbfs: flush TLBs correctly after huge_pmd_unshare

* Re-enable DEBUG_INFO_BTF where it was disabled (LP: #1945632)
    - [Config] Enable CONFIG_DEBUG_INFO_BTF on all arches

* Focal linux-azure: Vm crash on Dv5/Ev5 (LP: #1950462)
    - KVM: VMX: eVMCS: make evmcs_sanitize_exec_ctrls() work again
    - jump_label: Fix usage in module __init

* Support builtin revoked certificates (LP: #1932029)
    - Revert "UBUNTU: SAUCE: (lockdown) Make get_cert_list() not complain about
      cert lists that aren't present."
    - integrity: Move import of MokListRT certs to a separate routine
    - integrity: Load certs from the EFI MOK config table
    - certs: Add ability to preload revocation certs
    - integrity: Load mokx variables into the blacklist keyring
    - certs: add 'x509_revocation_list' to gitignore
    - SAUCE: Dump stack when X.509 certificates cannot be loaded
    - [Packaging] build canonical-revoked-certs.pem from branch/arch certs
    - [Packaging] Revoke 2012 UEFI signing certificate as built-in
    - [Config] Configure CONFIG_SYSTEM_REVOCATION_KEYS with revoked keys

* Support importing mokx keys into revocation list from the mok table
    (LP: #1928679)
    - efi: Support for MOK variable config table
    - efi: mokvar-table: fix some issues in new code
    - efi: mokvar: add missing include of asm/early_ioremap.h
    - efi/mokvar: Reserve the table only if it is in boot services data
    - SAUCE: integrity: add informational messages when revoking certs

* Support importing mokx keys into revocation list from the mok table
    (LP: #1928679) // CVE-2020-26541 when certificates are revoked via
    MokListXRT.
    - SAUCE: integrity: Load mokx certs from the EFI MOK config table

* Focal update: v5.4.157 upstream stable release (LP: #1951883)
    - ARM: 9133/1: mm: proc-macros: ensure *_tlb_fns are 4B aligned
    - ARM: 9134/1: remove duplicate memcpy() definition
    - ARM: 9139/1: kprobes: fix arch_init_kprobes() prototype
    - ARM: 9141/1: only warn about XIP address when not compile testing
    - ipv6: use siphash in rt6_exception_hash()
    - ipv4: use siphash instead of Jenkins in fnhe_hashfun()
    - usbnet: sanity check for maxpacket
    - usbnet: fix error return code in usbnet_probe()
    - Revert "pinctrl: bcm: ns: support updated DT binding as syscon subnode"
    - ata: sata_mv: Fix the error handling of mv_chip_id()
    - nfc: port100: fix using -ERRNO as command type mask
    - net/tls: Fix flipped sign in tls_err_abort() calls
    - mmc: vub300: fix control-message timeouts
    - mmc: cqhci: clear HALT state after CQE enable
    - mmc: dw_mmc: exynos: fix the finding clock sample value
    - mmc: sdhci: Map more voltage level to SDHCI_POWER_330
    - mmc: sdhci-esdhc-imx: clear the buffer_read_ready to reset standard tuning
      circuit
    - cfg80211: scan: fix RCU in cfg80211_add_nontrans_list()
    - net: lan78xx: fix division by zero in send path
    - tcp_bpf: Fix one concurrency problem in the tcp_bpf_send_verdict function
    - IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields
    - IB/hfi1: Fix abba locking issue with sc_disable()
    - nvmet-tcp: fix data digest pointer calculation
    - nvme-tcp: fix data digest pointer calculation
    - RDMA/mlx5: Set user priority for DCT
    - arm64: dts: allwinner: h5: NanoPI Neo 2: Fix ethernet node
    - regmap: Fix possible double-free in regcache_rbtree_exit()
    - net: batman-adv: fix error handling
    - net: Prevent infinite while loop in skb_tx_hash()
    - RDMA/sa_query: Use strscpy_pad instead of memcpy to copy a string
    - nios2: Make NIOS2_DTB_SOURCE_BOOL depend on !COMPILE_TEST
    - net: ethernet: microchip: lan743x: Fix driver crash when lan743x_pm_resume
      fails
    - net: ethernet: microchip: lan743x: Fix dma allocation failure by using
      dma_set_mask_and_coherent
    - net: nxp: lpc_eth.c: avoid hang when bringing interface down
    - net/tls: Fix flipped sign in async_wait.err assignment
    - phy: phy_ethtool_ksettings_get: Lock the phy for consistency
    - phy: phy_start_aneg: Add an unlocked version
    - sctp: use init_tag from inithdr for ABORT chunk
    - sctp: fix the processing for INIT_ACK chunk
    - sctp: fix the processing for COOKIE_ECHO chunk
    - sctp: add vtag check in sctp_sf_violation
    - sctp: add vtag check in sctp_sf_do_8_5_1_E_sa
    - sctp: add vtag check in sctp_sf_ootb
    - net: use netif_is_bridge_port() to check for IFF_BRIDGE_PORT
    - cfg80211: correct bridge/4addr mode check
    - KVM: s390: clear kicked_mask before sleeping again
    - KVM: s390: preserve deliverable_mask in __airqs_kick_single_vcpu
    - perf script: Check session->header.env.arch before using it
    - Linux 5.4.157

* keyboard not working on Medion notebook s17 series (LP: #1950536)
    - ACPI: resources: Add one more Medion model in IRQ override quirk

* creat09 from ubuntu_ltp_syscalls and cve-2018-13405 from ubuntu_ltp/cve
    failed with XFS (LP: #1950239)
    - xfs: ensure that the inode uid/gid match values match the icdinode ones
    - xfs: merge the projid fields in struct xfs_icdinode
    - xfs: remove the icdinode di_uid/di_gid members
    - xfs: fix up non-directory creation in SGID directories

* reuseport_bpf_numa in net from ubuntu_kernel_selftests fails on ppc64le
    (LP: #1867570)
    - selftests/net: Fix reuseport_bpf_numa by skipping unavailable nodes

* Focal update: v5.4.156 upstream stable release (LP: #1951295)
    - parisc: math-emu: Fix fall-through warnings
    - net: switchdev: do not propagate bridge updates across bridges
    - tee: optee: Fix missing devices unregister during optee_remove
    - ARM: dts: at91: sama5d2_som1_ek: disable ISC node by default
    - xtensa: xtfpga: use CONFIG_USE_OF instead of CONFIG_OF
    - xtensa: xtfpga: Try software restart before simulating CPU reset
    - NFSD: Keep existing listeners on portlist error
    - dma-debug: fix sg checks in debug_dma_map_sg()
    - ASoC: wm8960: Fix clock configuration on slave mode
    - netfilter: ipvs: make global sysctl readonly in non-init netns
    - lan78xx: select CRC32
    - net: dsa: lantiq_gswip: fix register definition
    - NIOS2: irqflags: rename a redefined register name
    - net: hns3: reset DWRR of unused tc to zero
    - net: hns3: add limit ets dwrr bandwidth cannot be 0
    - net: hns3: disable sriov before unload hclge layer
    - net: stmmac: Fix E2E delay mechanism
    - net: enetc: fix ethtool counter name for PM0_TERR
    - can: rcar_can: fix suspend/resume
    - can: peak_usb: pcan_usb_fd_decode_status(): fix back to ERROR_ACTIVE state
      notification
    - can: peak_pci: peak_pci_remove(): fix UAF
    - can: j1939: j1939_tp_rxtimer(): fix errant alert in j1939_tp_rxtimer
    - can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv
    - can: j1939: j1939_xtp_rx_dat_one(): cancel session if receive TP.DT with
      error length
    - can: j1939: j1939_xtp_rx_rts_session_new(): abort TP less than 9 bytes
    - ceph: fix handling of "meta" errors
    - ocfs2: fix data corruption after conversion from inline format
    - ocfs2: mount fails with buffer overflow in strlen
    - elfcore: correct reference to CONFIG_UML
    - ALSA: usb-audio: Provide quirk for Sennheiser GSP670 Headset
    - ALSA: hda/realtek: Add quirk for Clevo PC50HS
    - ASoC: DAPM: Fix missing kctl change notifications
    - audit: fix possible null-pointer dereference in audit_filter_rules
    - powerpc64/idle: Fix SP offsets when saving GPRs
    - KVM: PPC: Book3S HV: Fix stack handling in idle_kvm_start_guest()
    - KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to
      guest
    - powerpc/idle: Don't corrupt back chain when going idle
    - mm, slub: fix mismatch between reconstructed freelist depth and cnt
    - mm, slub: fix potential memoryleak in kmem_cache_open()
    - nfc: nci: fix the UAF of rf_conn_info object
    - isdn: cpai: check ctr->cnr to avoid array index out of bound
    - netfilter: Kconfig: use 'default y' instead of 'm' for bool config option
    - selftests: netfilter: remove stray bash debug line
    - gcc-plugins/structleak: add makefile var for disabling structleak
    - btrfs: deal with errors when checking if a dir entry exists during log
      replay
    - net: stmmac: add support for dwmac 3.40a
    - ARM: dts: spear3xx: Fix gmac node
    - isdn: mISDN: Fix sleeping function called from invalid context
    - platform/x86: intel_scu_ipc: Update timeout value in comment
    - ALSA: hda: avoid write to STATESTS if controller is in reset
    - Input: snvs_pwrkey - add clk handling
    - scsi: core: Fix shost->cmd_per_lun calculation in scsi_add_host_with_dma()
    - tracing: Have all levels of checks prevent recursion
    - ARM: 9122/1: select HAVE_FUTEX_CMPXCHG
    - pinctrl: stm32: use valid pin identifier in stm32_pinctrl_resume()
    - Linux 5.4.156

* ubuntu_ltp / finit_module02 fails on v4.15 and other kernels
    (LP: #1950644) // Focal update: v5.4.156 upstream stable release
    (LP: #1951295)
    - vfs: check fd has read access in kernel_read_file_from_fd()

* Focal update: v5.4.155 upstream stable release (LP: #1951291)
    - ovl: simplify file splice
    - ALSA: usb-audio: Add quirk for VF0770
    - ALSA: seq: Fix a potential UAF by wrong private_free call order
    - ALSA: hda/realtek: Complete partial device name to avoid ambiguity
    - ALSA: hda/realtek: Add quirk for Clevo X170KM-G
    - ALSA: hda/realtek - ALC236 headset MIC recording issue
    - ALSA: hda/realtek: Fix the mic type detection issue for ASUS G551JW
    - nds32/ftrace: Fix Error: invalid operands (*UND* and *UND* sections) for `^'
    - s390: fix strrchr() implementation
    - csky: don't let sigreturn play with priveleged bits of status register
    - csky: Fixup regs.sr broken in ptrace
    - btrfs: unlock newly allocated extent buffer after error
    - btrfs: deal with errors when replaying dir entry during log replay
    - btrfs: deal with errors when adding inode reference during log replay
    - btrfs: check for error when looking up inode during dir entry replay
    - watchdog: orion: use 0 for unset heartbeat
    - x86/resctrl: Free the ctrlval arrays when domain_setup_mon_state() fails
    - mei: me: add Ice Lake-N device id.
    - xhci: guard accesses to ep_state in xhci_endpoint_reset()
    - xhci: Fix command ring pointer corruption while aborting a command
    - xhci: Enable trust tx length quirk for Fresco FL11 USB controller
    - cb710: avoid NULL pointer subtraction
    - efi/cper: use stack buffer for error record decoding
    - efi: Change down_interruptible() in virt_efi_reset_system() to
      down_trylock()
    - usb: musb: dsps: Fix the probe error path
    - Input: xpad - add support for another USB ID of Nacon GC-100
    - USB: serial: qcserial: add EM9191 QDL support
    - USB: serial: option: add Quectel EC200S-CN module support
    - USB: serial: option: add Telit LE910Cx composition 0x1204
    - USB: serial: option: add prod. id for Quectel EG91
    - EDAC/armada-xp: Fix output of uncorrectable error counter
    - nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells
    - x86/Kconfig: Do not enable AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT automatically
    - powerpc/xive: Discard disabled interrupts in get_irqchip_state()
    - iio: adc: aspeed: set driver data when adc probe.
    - iio: adc128s052: Fix the error handling path of 'adc128_probe()'
    - iio: mtk-auxadc: fix case IIO_CHAN_INFO_PROCESSED
    - iio: light: opt3001: Fixed timeout error when 0 lux
    - iio: ssp_sensors: add more range checking in ssp_parse_dataframe()
    - iio: ssp_sensors: fix error code in ssp_print_mcu_debug()
    - iio: dac: ti-dac5571: fix an error code in probe()
    - sctp: account stream padding length for reconf chunk
    - gpio: pca953x: Improve bias setting
    - net: arc: select CRC32
    - net: korina: select CRC32
    - net/mlx5e: Mutually exclude RX-FCS and RX-port-timestamp
    - net: stmmac: fix get_hw_feature() on old hardware
    - net: encx24j600: check error in devm_regmap_init_encx24j600
    - ethernet: s2io: fix setting mac address during resume
    - nfc: fix error handling of nfc_proto_register()
    - NFC: digital: fix possible memory leak in digital_tg_listen_mdaa()
    - NFC: digital: fix possible memory leak in digital_in_send_sdd_req()
    - pata_legacy: fix a couple uninitialized variable bugs
    - ata: ahci_platform: fix null-ptr-deref in ahci_platform_enable_regulators()
    - mlxsw: thermal: Fix out-of-bounds memory accesses
    - platform/mellanox: mlxreg-io: Fix argument base in kstrtou32() call
    - drm/panel: olimex-lcd-olinuxino: select CRC32
    - drm/msm: Fix null pointer dereference on pointer edp
    - drm/msm/dsi: Fix an error code in msm_dsi_modeset_init()
    - drm/msm/dsi: fix off by one in dsi_bus_clk_enable error handling
    - acpi/arm64: fix next_platform_timer() section mismatch error
    - mqprio: Correct stats in mqprio_dump_class_stats().
    - qed: Fix missing error code in qed_slowpath_start()
    - r8152: select CRC32 and CRYPTO/CRYPTO_HASH/CRYPTO_SHA256
    - ionic: don't remove netdev->dev_addr when syncing uc list
    - Linux 5.4.155

* [UBUNTU 20.04] kernel:  unable to read partitions on virtio-block dasd (kvm)
    (LP: #1950144) // Focal update: v5.4.155 upstream stable release
    (LP: #1951291)
    - virtio: write back F_VERSION_1 before validate

* Focal update: v5.4.154 upstream stable release (LP: #1951288)
    - net: phy: bcm7xxx: Fixed indirect MMD operations
    - ext4: correct the error path of ext4_write_inline_data_end()
    - HID: apple: Fix logical maximum and usage maximum of Magic Keyboard JIS
    - netfilter: ip6_tables: zero-initialize fragment offset
    - HID: wacom: Add new Intuos BT (CTL-4100WL/CTL-6100WL) device IDs
    - netfilter: nf_nat_masquerade: make async masq_inet6_event handling generic
    - netfilter: nf_nat_masquerade: defer conntrack walk to work queue
    - mac80211: Drop frames from invalid MAC address in ad-hoc mode
    - m68k: Handle arrivals of multiple signals correctly
    - net: prevent user from passing illegal stab size
    - mac80211: check return value of rhashtable_init
    - net: sun: SUNVNET_COMMON should depend on INET
    - drm/amdgpu: fix gart.bo pin_count leak
    - scsi: ses: Fix unsigned comparison with less than zero
    - scsi: virtio_scsi: Fix spelling mistake "Unsupport" -> "Unsupported"
    - sched: Always inline is_percpu_thread()
    - Linux 5.4.154

* Focal update: v5.4.153 upstream stable release (LP: #1950014)
    - Partially revert "usb: Kconfig: using select for USB_COMMON dependency"
    - USB: cdc-acm: fix racy tty buffer accesses
    - USB: cdc-acm: fix break reporting
    - usb: typec: tcpm: handle SRC_STARTUP state if cc changes
    - xen/privcmd: fix error handling in mmap-resource processing
    - mmc: meson-gx: do not use memcpy_to/fromio for dram-access-quirk
    - ovl: fix missing negative dentry check in ovl_rename()
    - nfsd: fix error handling of register_pernet_subsys() in init_nfsd()
    - nfsd4: Handle the NFSv4 READDIR 'dircount' hint being zero
    - xen/balloon: fix cancelled balloon action
    - ARM: dts: omap3430-sdp: Fix NAND device node
    - ARM: dts: qcom: apq8064: use compatible which contains chipid
    - MIPS: BPF: Restore MIPS32 cBPF JIT
    - bpf, mips: Validate conditional branch offsets
    - soc: qcom: socinfo: Fixed argument passed to platform_set_data()
    - ARM: dts: qcom: apq8064: Use 27MHz PXO clock as DSI PLL reference
    - soc: qcom: mdt_loader: Drop PT_LOAD check on hash segment
    - ARM: dts: imx: Add missing pinctrl-names for panel on M53Menlo
    - ARM: dts: imx: Fix USB host power regulator polarity on M53Menlo
    - arm64: dts: qcom: pm8150: use qcom,pm8998-pon binding
    - xtensa: move XCHAL_KIO_* definitions to kmem_layout.h
    - xtensa: use CONFIG_USE_OF instead of CONFIG_OF
    - xtensa: call irqchip_init only when CONFIG_USE_OF is selected
    - bpf, arm: Fix register clobbering in div/mod implementation
    - bpf: Fix integer overflow in prealloc_elems_and_freelist()
    - phy: mdio: fix memory leak
    - net_sched: fix NULL deref in fifo_set_limit()
    - powerpc/fsl/dts: Fix phy-connection-type for fm1mac3
    - ptp_pch: Load module automatically if ID matches
    - arm64: dts: freescale: Fix SP805 clock-names
    - arm64: dts: ls1028a: add missing CAN nodes
    - ARM: imx6: disable the GIC CPU interface before calling stby-poweroff
      sequence
    - net: bridge: use nla_total_size_64bit() in br_get_linkxstats_size()
    - net/sched: sch_taprio: properly cancel timer from taprio_destroy()
    - net: sfp: Fix typo in state machine debug string
    - netlink: annotate data races around nlk->bound
    - bus: ti-sysc: Use CLKDM_NOAUTO for dra7 dcan1 for errata i893
    - video: fbdev: gbefb: Only instantiate device when built for IP32
    - drm/nouveau/debugfs: fix file release memory leak
    - gve: Correct available tx qpl check
    - rtnetlink: fix if_nlmsg_stats_size() under estimation
    - gve: fix gve_get_stats()
    - i40e: fix endless loop under rtnl
    - i40e: Fix freeing of uninitialized misc IRQ vector
    - net: prefer socket bound to interface when not in VRF
    - i2c: acpi: fix resource leak in reconfiguration device addition
    - bpf, s390: Fix potential memory leak about jit_data
    - RISC-V: Include clone3() on rv32
    - x86/platform/olpc: Correct ifdef symbol to intended CONFIG_OLPC_XO15_SCI
    - x86/hpet: Use another crystalball to evaluate HPET usability
    - x86/Kconfig: Correct reference to MWINCHIP3D
    - Linux 5.4.153

* Focal update: v5.4.152 upstream stable release (LP: #1950009)
    - net: mdio: introduce a shutdown method to mdio device drivers
    - xen-netback: correct success/error reporting for the SKB-with-fraglist case
    - sparc64: fix pci_iounmap() when CONFIG_PCI is not set
    - ext2: fix sleeping in atomic bugs on error
    - scsi: sd: Free scsi_disk device via put_device()
    - usb: testusb: Fix for showing the connection speed
    - usb: dwc2: check return value after calling platform_get_resource()
    - selftests: be sure to make khdr before other targets
    - selftests:kvm: fix get_warnings_count() ignoring fscanf() return warn
    - scsi: ses: Retry failed Send/Receive Diagnostic commands
    - tools/vm/page-types: remove dependency on opt_file for idle page tracking
    - KVM: do not shrink halt_poll_ns below grow_start
    - kvm: x86: Add AMD PMU MSRs to msrs_to_save_all[]
    - perf/x86: Reset destroy callback on event init failure
    - silence nfscache allocation warnings with kvzalloc
    - libata: Add ATA_HORKAGE_NO_NCQ_ON_ATI for Samsung 860 and 870 SSD.
    - Linux 5.4.152

* linux-aws: Fix backport of RDMA/efa: Expose maximum  TX doorbell batch
    (LP: #1949882)
    - SAUCE: aws: Fix backport of RDMA/efa: Expose maximum TX doorbell batch

-- Kleber Sacilotto de Souza <kleber.souza@canonical.com>  Fri, 26 Nov 2021 15:42:03 +0100

Changed in linux (Ubuntu Focal):
status:	Fix Committed → Fix Released

Revision history for this message

Dimitri John Ledkov (xnox) wrote on 2022-01-11:

#14

Note above patches causes regression with SEV feature, which has been subsequently fixed. See https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1956575

Ubuntu
linux-hwe-5.8 package

Support importing mokx keys into revocation list from the mok table

Bug Description

Related branches

CVE References

Other bug subscribers

Remote bug watches

	Status	Importance	Assigned to
linux (Ubuntu)	Fix Released	Undecided	Unassigned
Xenial	New	Undecided	Unassigned
Bionic	Fix Released	Undecided	Unassigned
Focal	Fix Released	Medium	Unassigned
Hirsute	Fix Released	Undecided	Unassigned
linux-azure-5.8 (Ubuntu)	Invalid	Undecided	Unassigned
Xenial	Invalid	Undecided	Unassigned
Bionic	Invalid	Undecided	Unassigned
Focal	Fix Released	Undecided	Unassigned
Hirsute	Invalid	Undecided	Unassigned
linux-hwe-5.8 (Ubuntu)	Invalid	Undecided	Unassigned
Xenial	Invalid	Undecided	Unassigned
Bionic	Invalid	Undecided	Unassigned
Focal	Fix Committed	Medium	Unassigned
Hirsute	Invalid	Undecided	Unassigned
linux-oem-5.10 (Ubuntu)	Invalid	Undecided	Unassigned
Xenial	Invalid	Undecided	Unassigned
Bionic	Invalid	Undecided	Unassigned
Focal	Fix Released	Undecided	Unassigned
Hirsute	Invalid	Undecided	Unassigned

Ubuntulinux-hwe-5.8 package

Support importing mokx keys into revocation list from the mok table

Bug Description

Related branches

CVE References

Other bug subscribers

Remote bug watches

Ubuntu
linux-hwe-5.8 package