Ubuntu
linux package

hirsute/linux: 5.11.0-20.21 -proposed tracker

Hirsute (21.04)
Bug #1930854

Bug #1930854 reported by Kleber Sacilotto de Souza on 2021-06-04

This bug report is a duplicate of: Bug #1939553: hirsute/linux: 5.11.0-31.33 -proposed tracker. Edit Remove

This bug affects 2 people

	Status	Importance	Assigned to
Kernel SRU Workflow	Fix Released	Medium	Unassigned
Automated-testing	Fix Released	Medium	Canonical Kernel Team
Certification-testing	Fix Released	Medium	Canonical Hardware Certification
Kernel-signoff	Confirmed	Medium	Canonical Kernel Team
Prepare-package	Fix Released	Medium	Kleber Sacilotto de Souza
Prepare-package-lrg	Fix Released	Medium	Kleber Sacilotto de Souza
Prepare-package-lrm	Fix Released	Medium	Kleber Sacilotto de Souza
Prepare-package-lrs	Fix Released	Medium	Kleber Sacilotto de Souza
Prepare-package-meta	Fix Released	Medium	Kleber Sacilotto de Souza
Prepare-package-signed	Fix Released	Medium	Kleber Sacilotto de Souza
Promote-signing-to-proposed	Fix Released	Medium	Andy Whitcroft
Promote-to-proposed	Fix Released	Medium	Andy Whitcroft
Promote-to-security	New	Medium	Ubuntu Stable Release Updates Team
Promote-to-updates	New	Medium	Ubuntu Stable Release Updates Team
Regression-testing	Fix Released	Medium	Kelsey Steele
Security-signoff	Fix Released	Medium	Steve Beattie
Sru-review	Fix Released	Medium	Andy Whitcroft
Verification-testing	Fix Released	Medium	Canonical Kernel Team
linux (Ubuntu)
Hirsute	Fix Released	Medium	Unassigned

Bug Description

This bug will contain status and test results related to a kernel source (or snap) as stated in the title.

For an explanation of the tasks and the associated workflow see:
https://wiki.ubuntu.com/Kernel/kernel-sru-workflow

-- swm properties --
boot-testing-requested: true
bugs-spammed: true
built:
  lrg: build#1
  lrm: build#1
  lrs: build#1
  main: build#1
  meta: build#1
  signed: build#1
delta:
  promote-signing-to-proposed:
  - lrm
  - meta
  - main
  - lrs
  - signed
  promote-to-proposed:
  - lrg
  - meta
  - signed
  - lrs
  - lrm
  - main
  sru-review:
  - meta
  - lrs
  - main
  - lrm
  - signed
  - lrg
packages:
  lrg: linux-restricted-generate
  lrm: linux-restricted-modules
  lrs: linux-restricted-signatures
  main: linux
  meta: linux-meta
  signed: linux-signed
phase: Ready for Signoff
phase-changed: Monday, 21. June 2021 18:38 UTC
proposed-announcement-sent: true
proposed-testing-requested: true
reason:
  kernel-signoff: Stalled -- waiting for signoff
  promote-to-updates: 'Holding -- waiting for signoffs:
    kernel-signoff'
synthetic:
  :promote-to-as-proposed: Fix Released
trackers:
  focal/linux-hwe-5.11: bug 1932131
  focal/linux-intel: bug 1930074
  hirsute/linux-aws: bug 1930058
  hirsute/linux-azure: bug 1930060
  hirsute/linux-gcp: bug 1930062
  hirsute/linux-kvm: bug 1930064
  hirsute/linux-oracle: bug 1930066
  hirsute/linux-raspi: bug 1930068
  hirsute/linux-realtime: bug 1930070
  hirsute/linux-riscv: bug 1930072
  impish/linux: bug 1930056
variant: debs
versions:
  lrm: 5.11.0-20.21
  main: 5.11.0-20.21
  meta: 5.11.0.20.21
  signed: 5.11.0-20.21
  source: 5.11.0-20.21

See original description

Tags:

CVE References

Kleber Sacilotto de Souza (kleber-souza) on 2021-06-04

tags:	added: kernel-release-tracking-bug-live
description:	updated
tags:	added: kernel-sru-cycle-2021.05.31-2
description:	updated
Changed in kernel-sru-workflow:
status:	New → Confirmed
importance:	Undecided → Medium

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-04

Changed in linux (Ubuntu Hirsute):
importance:	Undecided → Medium
tags:	added: kernel-block-derivatives
Changed in kernel-sru-workflow:
status:	Confirmed → In Progress

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-04

description:

updated

Kleber Sacilotto de Souza (kleber-souza) on 2021-06-04

summary:

- hirsute/linux: <version to be filled> -proposed tracker
+ hirsute/linux: 5.11.0-20.21 -proposed tracker

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-04

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-04

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-04

description:

updated

Kleber Sacilotto de Souza (kleber-souza) on 2021-06-04

tags:

added: kernel-unblock-derivatives
removed: kernel-block-derivatives

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-04

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-04

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-04

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-04

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-04

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-04

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-04

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-04

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-04

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-04

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-04

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-04

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-05

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-05

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-05

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-05

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-05

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-05

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-05

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-05

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-05

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-06

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-09

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-14

description:

updated

Revision history for this message

Kelsey Steele (kelsey-steele) wrote on 2021-06-15:

Regression tests reviewed. No new regressions found. All bugs found on hirsute/linux this cycle can be found at:

https://bugs.launchpad.net/ubuntu-kernel-tests/+bugs?field.searchtext=&orderby=-importance&field.tag=sru-20210531&hirsute&field.tags_combinator=ALL

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-15

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-16

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-16

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-16

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-17

description:

updated

Revision history for this message

Devices Certification Bot (ce-certification-qa) wrote on 2021-06-17:

Kernel deb testing completes, no regressions found. Ready for Updates. Results here: https://trello.com/c/wiSr3nnj/1898-hirsute-linux-image-5110-20-generic-5110-2021

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-17

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-17

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-18

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-18

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-18

description:

updated

Revision history for this message

Launchpad Janitor (janitor) wrote on 2021-06-19:

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in linux (Ubuntu Hirsute):
status:	New → Confirmed

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-21

description:

updated

Revision history for this message

Kelsey Steele (kelsey-steele) wrote on 2021-06-21:

Verification Reviews not completed:

Bug 1920944
Bug 1922651

Has been determined by stable team to move forward and flip Verification Testing to fix released.

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-21

description:

updated

Revision history for this message

Launchpad Janitor (janitor) wrote on 2021-06-22:

Download full text (65.9 KiB)

This bug was fixed in the package linux - 5.11.0-22.23

---------------
linux (5.11.0-22.23) hirsute; urgency=medium

* UAF on CAN J1939 j1939_can_recv (LP: #1932209)
- SAUCE: can: j1939: delay release of j1939_priv after synchronize_rcu

* UAF on CAN BCM bcm_rx_handler (LP: #1931855)
- SAUCE: can: bcm: delay release of struct bcm_op after synchronize_rcu

linux (5.11.0-20.21) hirsute; urgency=medium

* hirsute/linux: 5.11.0-20.21 -proposed tracker (LP: #1930854)

* ath11k WIFI not working in proposed kernel 5.11.0-19-generic (LP: #1930637)
- bus: mhi: core: Download AMSS image from appropriate function

linux (5.11.0-19.20) hirsute; urgency=medium

* hirsute/linux: 5.11.0-19.20 -proposed tracker (LP: #1930075)

* Packaging resync (LP: #1786013)
- update dkms package versions

  * CVE-2021-33200
    - bpf: Wrap aux data inside bpf_sanitize_info container
    - bpf: Fix mask direction swap upon off reg sign change
    - bpf: No need to simulate speculative domain for immediates

* AX201 BT will cause system could not enter S0i3 (LP: #1928047)
- SAUCE: drm/i915: Tweaked Wa_14010685332 for all PCHs

  * CVE-2021-3490
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: verifier: fix ALU32 bounds tracking with
      bitwise ops"
    - gpf: Fix alu32 const subreg bound tracking on bitwise operations

  * CVE-2021-3489
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: prevent writable memory-mapping of read-
      only ringbuf pages"
    - bpf: Prevent writable memory-mapping of read-only ringbuf pages

* Select correct boot VGA when BIOS doesn't do it properly (LP: #1929217)
- vgaarb: Use ACPI HID name to find integrated GPU

  * Realtek USB hubs in Dell WD19SC/DC/TB fail to work after exiting s2idle
    (LP: #1928242)
    - USB: Verify the port status when timeout happens during port suspend

  * CVE-2020-26145
    - ath10k: drop fragments with multicast DA for SDIO
    - ath10k: add CCMP PN replay protection for fragmented frames for PCIe
    - ath10k: drop fragments with multicast DA for PCIe

* CVE-2020-26141
- ath10k: Fix TKIP Michael MIC verification for PCIe

* CVE-2020-24587
- ath11k: Clear the fragment cache during key install

  * CVE-2020-24588
    - mac80211: properly handle A-MSDUs that start with an RFC 1042 header
    - cfg80211: mitigate A-MSDU aggregation attacks
    - mac80211: drop A-MSDUs on old ciphers
    - ath10k: drop MPDU which has discard flag set by firmware for SDIO

* CVE-2020-26139
- mac80211: do not accept/forward invalid EAPOL frames

* CVE-2020-24586 // CVE-2020-24587 // CVE-2020-24587 for such cases.
- mac80211: extend protection against mixed key and fragment cache attacks

  * CVE-2020-24586 // CVE-2020-24587
    - mac80211: prevent mixed key and fragment cache attacks
    - mac80211: add fragment cache to sta_info
    - mac80211: check defrag PN against current frame
    - mac80211: prevent attacks on TKIP/WEP as well

* CVE-2020-26147
- mac80211: assure all fragments are encrypted

  * raid10: Block discard is very slow, causing severe delays for mkfs and
    fstrim operations (LP: #1896578)
    - md: add md_submit_discard_bio() for submitting discard bio
    - ...

This bug was fixed in the package linux - 5.11.0-22.23

---------------
linux (5.11.0-22.23) hirsute; urgency=medium

* UAF on CAN J1939 j1939_can_recv (LP: #1932209)
    - SAUCE: can: j1939: delay release of j1939_priv after synchronize_rcu

* UAF on CAN BCM bcm_rx_handler (LP: #1931855)
    - SAUCE: can: bcm: delay release of struct bcm_op after synchronize_rcu

linux (5.11.0-20.21) hirsute; urgency=medium

* hirsute/linux: 5.11.0-20.21 -proposed tracker (LP: #1930854)

* ath11k WIFI not working in proposed kernel 5.11.0-19-generic (LP: #1930637)
    - bus: mhi: core: Download AMSS image from appropriate function

linux (5.11.0-19.20) hirsute; urgency=medium

* hirsute/linux: 5.11.0-19.20 -proposed tracker (LP: #1930075)

* Packaging resync (LP: #1786013)
    - update dkms package versions

* AX201 BT will cause system could not enter S0i3 (LP: #1928047)
    - SAUCE: drm/i915: Tweaked Wa_14010685332 for all PCHs

* CVE-2021-3490
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: verifier: fix ALU32 bounds tracking with
      bitwise ops"
    - gpf: Fix alu32 const subreg bound tracking on bitwise operations

* CVE-2021-3489
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: prevent writable memory-mapping of read-
      only ringbuf pages"
    - bpf: Prevent writable memory-mapping of read-only ringbuf pages

* Select correct boot VGA when BIOS doesn't do it properly (LP: #1929217)
    - vgaarb: Use ACPI HID name to find integrated GPU

* Realtek USB hubs in Dell WD19SC/DC/TB fail to work after exiting s2idle
    (LP: #1928242)
    - USB: Verify the port status when timeout happens during port suspend

* CVE-2020-26141
    - ath10k: Fix TKIP Michael MIC verification for PCIe

* CVE-2020-24587
    - ath11k: Clear the fragment cache during key install

* CVE-2020-26139
    - mac80211: do not accept/forward invalid EAPOL frames

* CVE-2020-24586 // CVE-2020-24587 // CVE-2020-24587 for such cases.
    - mac80211: extend protection against mixed key and fragment cache attacks

* CVE-2020-26147
    - mac80211: assure all fragments are encrypted

* raid10: Block discard is very slow, causing severe delays for mkfs and
    fstrim operations (LP: #1896578)
    - md: add md_submit_discard_bio() for submitting discard bio
    - md/raid10: extend r10bio devs to raid disks
    - md/raid10: pull the code that wait for blocked dev into one function
    - md/raid10: improve raid10 discard request
    - md/raid10: improve discard request for far layout
    - dm raid: remove unnecessary discard limits for raid0 and raid10

* [SRU][OEM-5.10/H] Fix typec output on AMD Cezanne GPU (LP: #1929646)
    - drm/amd/display: use max lb for latency hiding

* kvm: properly tear down PV features on hibernate (LP: #1920944)
    - x86/kvm: Fix pr_info() for async PF setup/teardown
    - x86/kvm: Teardown PV features on boot CPU as well
    - x86/kvm: Disable kvmclock on all CPUs on shutdown
    - x86/kvm: Disable all PV features on crash
    - x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline()

* Add support for AMD wireless button (LP: #1928820)
    - platform/x86: hp-wireless: add AMD's hardware id to the supported list

* Can't detect intel wifi 6235 (LP: #1920180)
    - SAUCE: iwlwifi: add new pci id for 6235

* Speed up resume time on HP laptops (LP: #1929048)
    - platform/x86: hp_accel: Avoid invoking _INI to speed up resume

* Fix kernel panic on Intel Bluetooth (LP: #1928838)
    - Bluetooth: Shutdown controller after workqueues are flushed or cancelled

* build module CONFIG_SND_SOC_INTEL_SOUNDWIRE_SOF_MACH=m for 5.11,  5.13-rc2
    and later (LP: #1921632)
    - [Config] enable soundwire audio mach driver

* [SRU] Patch for flicker and glitching on common LCD display panels, intel
    framebuffer (LP: #1925685)
    - drm/i915: Try to use fast+narrow link on eDP again and fall back to the old
      max strategy on failure
    - drm/i915/dp: Use slow and wide link training for everything

* Fix screen flickering when two 4K 60Hz monitors are connected to AMD Oland
    GFX (LP: #1928361)
    - drm/radeon/dpm: Disable sclk switching on Oland when two 4K 60Hz monitors
      are connected

* Display abnormal on the TGL+4k panel machines (LP: #1922885)
    - drm/i915/display: Do not allow DC3CO if PSR SF is enabled
    - drm/i915/display/psr: Disable DC3CO when the PSR2 is used

* Hirsute update: v5.11.21 upstream stable release (LP: #1929455)
    - Bluetooth: verify AMP hci_chan before amp_destroy
    - bluetooth: eliminate the potential race condition when removing the HCI
      controller
    - net/nfc: fix use-after-free llcp_sock_bind/connect
    - Revert "USB: cdc-acm: fix rounding error in TIOCSSERIAL"
    - usb: roles: Call try_module_get() from usb_role_switch_find_by_fwnode()
    - tty: moxa: fix TIOCSSERIAL jiffies conversions
    - tty: amiserial: fix TIOCSSERIAL permission check
    - USB: serial: usb_wwan: fix TIOCSSERIAL jiffies conversions
    - staging: greybus: uart: fix TIOCSSERIAL jiffies conversions
    - USB: serial: ti_usb_3410_5052: fix TIOCSSERIAL permission check
    - staging: fwserial: fix TIOCSSERIAL jiffies conversions
    - tty: moxa: fix TIOCSSERIAL permission check
    - staging: fwserial: fix TIOCSSERIAL permission check
    - drm: bridge: fix LONTIUM use of mipi_dsi_() functions
    - usb: typec: tcpm: Address incorrect values of tcpm psy for fixed supply
    - usb: typec: tcpm: Address incorrect values of tcpm psy for pps supply
    - usb: typec: tcpm: update power supply once partner accepts
    - usb: xhci-mtk: remove or operator for setting schedule parameters
    - usb: xhci-mtk: improve bandwidth scheduling with TT
    - ASoC: samsung: tm2_wm5110: check of of_parse return value
    - ASoC: Intel: kbl_da7219_max98927: Fix kabylake_ssp_fixup function
    - ASoC: tlv320aic32x4: Register clocks before registering component
    - ASoC: tlv320aic32x4: Increase maximum register in regmap
    - MIPS: pci-mt7620: fix PLL lock check
    - MIPS: pci-rt2880: fix slot 0 configuration
    - FDDI: defxx: Bail out gracefully with unassigned PCI resource for CSR
    - PCI: Allow VPD access for QLogic ISP2722
    - KVM: x86: Defer the MMU unload to the normal path on an global INVPCID
    - PCI: keystone: Let AM65 use the pci_ops defined in pcie-designware-host.c
    - PM / devfreq: Unlock mutex and free devfreq struct in error path
    - soc/tegra: regulators: Fix locking up when voltage-spread is out of range
    - iio: inv_mpu6050: Fully validate gyro and accel scale writes
    - iio: sx9310: Fix write_.._debounce()
    - iio:accel:adis16201: Fix wrong axis assignment that prevents loading
    - iio:adc:ad7476: Fix remove handling
    - iio: sx9310: Fix access to variable DT array
    - sc16is7xx: Defer probe if device read fails
    - phy: cadence: Sierra: Fix PHY power_on sequence
    - misc: lis3lv02d: Fix false-positive WARN on various HP models
    - phy: ti: j721e-wiz: Invoke wiz_init() before of_platform_device_create()
    - misc: vmw_vmci: explicitly initialize vmci_notify_bm_set_msg struct
    - misc: vmw_vmci: explicitly initialize vmci_datagram payload
    - selinux: add proper NULL termination to the secclass_map permissions
    - x86, sched: Treat Intel SNC topology as default, COD as exception
    - async_xor: increase src_offs when dropping destination page
    - md/bitmap: wait for external bitmap writes to complete during tear down
    - md-cluster: fix use-after-free issue when removing rdev
    - md: split mddev_find
    - md: factor out a mddev_find_locked helper from mddev_find
    - md: md_open returns -EBUSY when entering racing area
    - md: Fix missing unused status line of /proc/mdstat
    - MIPS: generic: Update node names to avoid unit addresses
    - mt76: mt7615: use ieee80211_free_txskb() in mt7615_tx_token_put()
    - ipw2x00: potential buffer overflow in libipw_wx_set_encodeext()
    - cfg80211: scan: drop entry from hidden_list on overflow
    - rtw88: Fix array overrun in rtw_get_tx_power_params()
    - mt76: fix potential DMA mapping leak
    - FDDI: defxx: Make MMIO the configuration default except for EISA
    - drm/qxl: use ttm bo priorities
    - drm/ingenic: Fix non-OSD mode
    - drm/panfrost: Clear MMU irqs before handling the fault
    - drm/panfrost: Don't try to map pages that are already mapped
    - drm/radeon: fix copy of uninitialized variable back to userspace
    - drm/dp_mst: Revise broadcast msg lct & lcr
    - drm/dp_mst: Set CLEAR_PAYLOAD_ID_TABLE as broadcast
    - drm: bridge: fix ANX7625 use of mipi_dsi_() functions
    - drm: bridge/panel: Cleanup connector on bridge detach
    - drm/amd/display: Reject non-zero src_y and src_x for video planes
    - drm/amdgpu: fix concurrent VM flushes on Vega/Navi v2
    - drm/amdgpu: add new MC firmware for Polaris12 32bit ASIC
    - drm/amdgpu: Init GFX10_ADDR_CONFIG for VCN v3 in DPG mode.
    - ALSA: hda/realtek: Re-order ALC882 Acer quirk table entries
    - ALSA: hda/realtek: Re-order ALC882 Sony quirk table entries
    - ALSA: hda/realtek: Re-order ALC882 Clevo quirk table entries
    - ALSA: hda/realtek: Re-order ALC269 HP quirk table entries
    - ALSA: hda/realtek: Re-order ALC269 Acer quirk table entries
    - ALSA: hda/realtek: Re-order ALC269 Dell quirk table entries
    - ALSA: hda/realtek: Re-order ALC269 ASUS quirk table entries
    - ALSA: hda/realtek: Re-order ALC269 Sony quirk table entries
    - ALSA: hda/realtek: Re-order ALC269 Lenovo quirk table entries
    - ALSA: hda/realtek: Re-order remaining ALC269 quirk table entries
    - ALSA: hda/realtek: Re-order ALC662 quirk table entries
    - ALSA: hda/realtek: Remove redundant entry for ALC861 Haier/Uniwill devices
    - ALSA: hda/realtek: ALC285 Thinkpad jack pin quirk is unreachable
    - ALSA: hda/realtek: Fix speaker amp on HP Envy AiO 32
    - KVM: s390: VSIE: correctly handle MVPG when in VSIE
    - KVM: s390: split kvm_s390_logical_to_effective
    - KVM: s390: fix guarded storage control register handling
    - s390: fix detection of vector enhancements facility 1 vs. vector packed
      decimal facility
    - KVM: s390: VSIE: fix MVPG handling for prefixing and MSO
    - KVM: s390: split kvm_s390_real_to_abs
    - KVM: s390: extend kvm_s390_shadow_fault to return entry pointer
    - KVM: x86/mmu: Alloc page for PDPTEs when shadowing 32-bit NPT with 64-bit
    - KVM: X86: Fix failure to boost kernel lock holder candidate in SEV-ES guests
    - KVM: x86: Remove emulator's broken checks on CR0/CR3/CR4 loads
    - KVM: nSVM: Set the shadow root level to the TDP level for nested NPT
    - KVM: SVM: Don't strip the C-bit from CR2 on #PF interception
    - KVM: SVM: Use online_vcpus, not created_vcpus, to iterate over vCPUs
    - KVM: SVM: Do not set sev->es_active until KVM_SEV_ES_INIT completes
    - KVM: SVM: Do not allow SEV/SEV-ES initialization after vCPUs are created
    - KVM: SVM: Inject #GP on guest MSR_TSC_AUX accesses if RDTSCP unsupported
    - KVM: nVMX: Defer the MMU reload to the normal path on an EPTP switch
    - KVM: nVMX: Truncate bits 63:32 of VMCS field on nested check in !64-bit
    - KVM: nVMX: Truncate base/index GPR value on address calc in !64-bit
    - KVM: arm/arm64: Fix KVM_VGIC_V3_ADDR_TYPE_REDIST read
    - KVM: Destroy I/O bus devices on unregister failure _after_ sync'ing SRCU
    - KVM: Stop looking for coalesced MMIO zones if the bus is destroyed
    - KVM: arm64: Fully zero the vcpu state on reset
    - KVM: arm64: Fix KVM_VGIC_V3_ADDR_TYPE_REDIST_REGION read
    - KVM: selftests: Sync data verify of dirty logging with guest sync
    - KVM: selftests: Always run vCPU thread with blocked SIG_IPI
    - Revert "drivers/net/wan/hdlc_fr: Fix a double free in pvc_xmit"
    - Revert "i3c master: fix missing destroy_workqueue() on error in
      i3c_master_register"
    - mfd: stmpe: Revert "Constify static struct resource"
    - ovl: fix missing revert_creds() on error path
    - usb: gadget: pch_udc: Revert d3cb25a12138 completely
    - Revert "tools/power turbostat: adjust for temperature offset"
    - firmware: xilinx: Fix dereferencing freed memory
    - firmware: xilinx: Remove zynqmp_pm_get_eemi_ops() in
      IS_REACHABLE(CONFIG_ZYNQMP_FIRMWARE)
    - x86/vdso: Use proper modifier for len's format specifier in extract()
    - fpga: fpga-mgr: xilinx-spi: fix error messages on -EPROBE_DEFER
    - crypto: keembay-ocs-aes - Fix error return code in kmb_ocs_aes_probe()
    - crypto: sun8i-ss - fix result memory leak on error path
    - memory: gpmc: fix out of bounds read and dereference on gpmc_cs[]
    - ARM: dts: exynos: correct fuel gauge interrupt trigger level on GT-I9100
    - ARM: dts: exynos: correct fuel gauge interrupt trigger level on P4 Note
      family
    - ARM: dts: exynos: correct fuel gauge interrupt trigger level on Midas family
    - ARM: dts: exynos: correct MUIC interrupt trigger level on Midas family
    - ARM: dts: exynos: correct PMIC interrupt trigger level on Midas family
    - ARM: dts: exynos: correct PMIC interrupt trigger level on Odroid X/U3 family
    - ARM: dts: exynos: correct PMIC interrupt trigger level on P4 Note family
    - ARM: dts: exynos: correct PMIC interrupt trigger level on SMDK5250
    - ARM: dts: exynos: correct PMIC interrupt trigger level on Snow
    - ARM: dts: s5pv210: correct fuel gauge interrupt trigger level on Fascinate
      family
    - ARM: dts: renesas: Add mmc aliases into R-Car Gen2 board dts files
    - arm64: dts: renesas: Add mmc aliases into board dts files
    - bus: ti-sysc: Fix initializing module_pa for modules without sysc register
    - x86/platform/uv: Set section block size for hubless architectures
    - serial: stm32: fix code cleaning warnings and checks
    - serial: stm32: add "_usart" prefix in functions name
    - serial: stm32: fix probe and remove order for dma
    - serial: stm32: Use of_device_get_match_data()
    - serial: stm32: fix startup by enabling usart for reception
    - serial: stm32: fix incorrect characters on console
    - serial: stm32: fix TX and RX FIFO thresholds
    - serial: stm32: fix a deadlock condition with wakeup event
    - serial: stm32: fix wake-up flag handling
    - serial: stm32: fix a deadlock in set_termios
    - serial: liteuart: fix return value check in liteuart_probe()
    - serial: stm32: fix tx dma completion, release channel
    - serial: stm32: call stm32_transmit_chars locked
    - serial: stm32: fix FIFO flush in startup and set_termios
    - serial: stm32: add FIFO flush when port is closed
    - serial: stm32: fix tx_empty condition
    - usb: typec: tcpm: Handle vbus shutoff when in source mode
    - usb: typec: tcpci: Check ROLE_CONTROL while interpreting CC_STATUS
    - usb: typec: tps6598x: Fix return value check in tps6598x_probe()
    - usb: typec: stusb160x: fix return value check in stusb160x_probe()
    - mfd: intel_pmt: Fix nuisance messages and handling of disabled capabilities
    - regmap: set debugfs_name to NULL after it is freed
    - spi: rockchip: avoid objtool warning
    - mtd: rawnand: fsmc: Fix error code in fsmc_nand_probe()
    - mtd: rawnand: brcmnand: fix OOB R/W with Hamming ECC
    - mtd: Handle possible -EPROBE_DEFER from parse_mtd_partitions()
    - mtd: rawnand: qcom: Return actual error code instead of -ENODEV
    - mtd: don't lock when recursively deleting partitions
    - mtd: maps: fix error return code of physmap_flash_remove()
    - ARM: dts: stm32: fix usart 2 & 3 pinconf to wake up with flow control
    - arm64: dts: ti: k3-j721e-main: Update the speed modes supported and their
      itap delay values for MMCSD subsystems
    - iio: adis16480: fix pps mode sampling frequency math
    - arm64: dts: qcom: sc7180: trogdor: Fix trip point config of charger thermal
      zone
    - arm64: dts: qcom: sm8250: Fix level triggered PMU interrupt polarity
    - arm64: dts: qcom: sm8250: Fix timer interrupt to specify EL2 physical timer
    - arm64: dts: qcom: sc7180: Avoid glitching SPI CS at bootup on trogdor
    - arm64: dts: qcom: sdm845: fix number of pins in 'gpio-ranges'
    - arm64: dts: qcom: sm8150: fix number of pins in 'gpio-ranges'
    - arm64: dts: qcom: sm8250: fix number of pins in 'gpio-ranges'
    - arm64: dts: qcom: db845c: fix correct powerdown pin for WSA881x
    - crypto: sun8i-ss - Fix memory leak of object d when dma_iv fails to map
    - spi: stm32: drop devres version of spi_register_master
    - regulator: bd9576: Fix return from bd957x_probe()
    - arm64: dts: renesas: r8a77980: Fix vin4-7 endpoint binding
    - selftests/x86: Add a missing .note.GNU-stack section to thunks_32.S
    - spi: stm32: Fix use-after-free on unbind
    - Drivers: hv: vmbus: Drop error message when 'No request id available'
    - x86/microcode: Check for offline CPUs before requesting new microcode
    - devtmpfs: fix placement of complete() call
    - usb: gadget: pch_udc: Replace cpu_to_le32() by lower_32_bits()
    - usb: gadget: pch_udc: Check if driver is present before calling ->setup()
    - usb: gadget: pch_udc: Check for DMA mapping error
    - usb: gadget: pch_udc: Initialize device pointer before use
    - usb: gadget: pch_udc: Provide a GPIO line used on Intel Minnowboard (v1)
    - crypto: ccp - fix command queuing to TEE ring buffer
    - crypto: qat - don't release uninitialized resources
    - crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init
    - fotg210-udc: Fix DMA on EP0 for length > max packet size
    - fotg210-udc: Fix EP0 IN requests bigger than two packets
    - fotg210-udc: Remove a dubious condition leading to fotg210_done
    - fotg210-udc: Mask GRP2 interrupts we don't handle
    - fotg210-udc: Don't DMA more than the buffer can take
    - fotg210-udc: Complete OUT requests on short packets
    - usb: gadget: s3c: Fix incorrect resources releasing
    - usb: gadget: s3c: Fix the error handling path in 's3c2410_udc_probe()'
    - dt-bindings: serial: stm32: Use 'type: object' instead of false for
      'additionalProperties'
    - mtd: require write permissions for locking and badblock ioctls
    - arm64: dts: renesas: r8a779a0: Fix PMU interrupt
    - arm64: dts: mt8183: Add gce client reg for display subcomponents
    - arm64: dts: mt8173: fix wrong power-domain phandle of pmic
    - bus: qcom: Put child node before return
    - soundwire: bus: Fix device found flag correctly
    - phy: ti: j721e-wiz: Delete "clk_div_sel" clk provider during cleanup
    - phy: ralink: phy-mt7621-pci: fix XTAL bitmask
    - phy: marvell: ARMADA375_USBCLUSTER_PHY should not default to y,
      unconditionally
    - phy: ralink: phy-mt7621-pci: fix return value check in
      mt7621_pci_phy_probe()
    - phy: ingenic: Fix a typo in ingenic_usb_phy_probe()
    - arm64: dts: mediatek: fix reset GPIO level on pumpkin
    - NFSv4.2: fix copy stateid copying for the async copy
    - crypto: poly1305 - fix poly1305_core_setkey() declaration
    - crypto: qat - fix error path in adf_isr_resource_alloc()
    - usb: gadget: aspeed: fix dma map failure
    - USB: gadget: udc: fix wrong pointer passed to IS_ERR() and PTR_ERR()
    - drivers: nvmem: Fix voltage settings for QTI qfprom-efuse
    - driver core: platform: Declare early_platform_cleanup() prototype
    - ARM: dts: qcom: msm8974-lge-nexus5: correct fuel gauge interrupt trigger
      level
    - ARM: dts: qcom: msm8974-samsung-klte: correct fuel gauge interrupt trigger
      level
    - memory: pl353: fix mask of ECC page_size config register
    - soundwire: stream: fix memory leak in stream config error path
    - m68k: mvme147,mvme16x: Don't wipe PCC timer config bits
    - firmware: qcom_scm: Make __qcom_scm_is_call_available() return bool
    - firmware: qcom_scm: Reduce locking section for __get_convention()
    - firmware: qcom_scm: Workaround lack of "is available" call on SC7180
    - iio: adc: Kconfig: make AD9467 depend on ADI_AXI_ADC symbol
    - [Config] updateconfigs for AD9467
    - mtd: rawnand: gpmi: Fix a double free in gpmi_nand_init
    - irqchip/gic-v3: Fix OF_BAD_ADDR error handling
    - staging: comedi: tests: ni_routes_test: Fix compilation error
    - staging: rtl8192u: Fix potential infinite loop
    - staging: fwserial: fix TIOCSSERIAL implementation
    - staging: fwserial: fix TIOCGSERIAL implementation
    - staging: greybus: uart: fix unprivileged TIOCCSERIAL
    - platform/x86: dell-wmi-sysman: Make init_bios_attributes() ACPI object
      parsing more robust
    - soc: qcom: pdr: Fix error return code in pdr_register_listener
    - PM / devfreq: Use more accurate returned new_freq as resume_freq
    - clocksource/drivers/timer-ti-dm: Fix posted mode status check order
    - clocksource/drivers/timer-ti-dm: Add missing set_state_oneshot_stopped
    - clocksource/drivers/ingenic_ost: Fix return value check in
      ingenic_ost_probe()
    - spi: Fix use-after-free with devm_spi_alloc_*
    - spi: fsl: add missing iounmap() on error in of_fsl_spi_probe()
    - soc: qcom: mdt_loader: Validate that p_filesz < p_memsz
    - soc: qcom: mdt_loader: Detect truncated read of segments
    - PM: runtime: Replace inline function pm_runtime_callbacks_present()
    - cpuidle: Fix ARM_QCOM_SPM_CPUIDLE configuration
    - ACPI: CPPC: Replace cppc_attr with kobj_attribute
    - crypto: allwinner - add missing CRYPTO_ prefix
    - crypto: sun8i-ss - Fix memory leak of pad
    - crypto: sa2ul - Fix memory leak of rxd
    - crypto: qat - Fix a double free in adf_create_ring
    - cpufreq: armada-37xx: Fix setting TBG parent for load levels
    - clk: mvebu: armada-37xx-periph: remove .set_parent method for CPU PM clock
    - cpufreq: armada-37xx: Fix the AVS value for load L1
    - clk: mvebu: armada-37xx-periph: Fix switching CPU freq from 250 Mhz to 1 GHz
    - clk: mvebu: armada-37xx-periph: Fix workaround for switching from L1 to L0
    - cpufreq: armada-37xx: Fix driver cleanup when registration failed
    - cpufreq: armada-37xx: Fix determining base CPU frequency
    - spi: spi-zynqmp-gqspi: use wait_for_completion_timeout to make
      zynqmp_qspi_exec_op not interruptible
    - spi: spi-zynqmp-gqspi: add mutex locking for exec_op
    - spi: spi-zynqmp-gqspi: transmit dummy circles by using the controller's
      internal functionality
    - spi: spi-zynqmp-gqspi: fix incorrect operating mode in zynqmp_qspi_read_op
    - spi: fsl-lpspi: Fix PM reference leak in lpspi_prepare_xfer_hardware()
    - usb: gadget: r8a66597: Add missing null check on return from
      platform_get_resource
    - USB: cdc-acm: fix unprivileged TIOCCSERIAL
    - USB: cdc-acm: fix TIOCGSERIAL implementation
    - tty: fix return value for unsupported ioctls
    - tty: fix return value for unsupported termiox ioctls
    - serial: core: return early on unsupported ioctls
    - firmware: qcom-scm: Fix QCOM_SCM configuration
    - node: fix device cleanups in error handling code
    - crypto: chelsio - Read rxchannel-id from firmware
    - usbip: vudc: fix missing unlock on error in usbip_sockfd_store()
    - m68k: Add missing mmap_read_lock() to sys_cacheflush()
    - spi: spi-zynqmp-gqspi: Fix missing unlock on error in zynqmp_qspi_exec_op()
    - memory: renesas-rpc-if: fix possible NULL pointer dereference of resource
    - memory: samsung: exynos5422-dmc: handle clk_set_parent() failure
    - security: keys: trusted: fix TPM2 authorizations
    - platform/x86: pmc_atom: Match all Beckhoff Automation baytrail boards with
      critclk_systems DMI table
    - ARM: dts: aspeed: Rainier: Fix humidity sensor bus address
    - Drivers: hv: vmbus: Use after free in __vmbus_open()
    - spi: spi-zynqmp-gqspi: fix clk_enable/disable imbalance issue
    - spi: spi-zynqmp-gqspi: fix hang issue when suspend/resume
    - spi: spi-zynqmp-gqspi: fix use-after-free in zynqmp_qspi_exec_op
    - spi: spi-zynqmp-gqspi: return -ENOMEM if dma_map_single fails
    - x86/platform/uv: Fix !KEXEC build failure
    - hwmon: (pmbus/pxe1610) don't bail out when not all pages are active
    - PM: hibernate: x86: Use crc32 instead of md5 for hibernation e820 integrity
      check
    - usb: dwc2: Fix host mode hibernation exit with remote wakeup flow.
    - usb: dwc2: Fix hibernation between host and device modes.
    - ttyprintk: Add TTY hangup callback.
    - serial: omap: don't disable rs485 if rts gpio is missing
    - serial: omap: fix rs485 half-duplex filtering
    - xen-blkback: fix compatibility bug with single page rings
    - soc: aspeed: fix a ternary sign expansion bug
    - drm/tilcdc: send vblank event when disabling crtc
    - drm/stm: Fix bus_flags handling
    - drm/amd/display: Fix off by one in hdmi_14_process_transaction()
    - drm/mcde/panel: Inverse misunderstood flag
    - scsi: lpfc: Fix null pointer dereference in lpfc_prep_els_iocb()
    - sched/fair: Fix shift-out-of-bounds in load_balance()
    - printk: limit second loop of syslog_print_all
    - afs: Fix updating of i_mode due to 3rd party change
    - rcu: Remove spurious instrumentation_end() in rcu_nmi_enter()
    - media: vivid: fix assignment of dev->fbuf_out_flags
    - media: saa7134: use sg_dma_len when building pgtable
    - media: saa7146: use sg_dma_len when building pgtable
    - media: omap4iss: return error code when omap4iss_get() failed
    - media: rkisp1: rsz: crash fix when setting src format
    - media: aspeed: fix clock handling logic
    - drm/probe-helper: Check epoch counter in output_poll_execute()
    - media: venus: core: Fix some resource leaks in the error path of
      'venus_probe()'
    - media: platform: sunxi: sun6i-csi: fix error return code of
      sun6i_video_start_streaming()
    - media: m88ds3103: fix return value check in m88ds3103_probe()
    - media: docs: Fix data organization of MEDIA_BUS_FMT_RGB101010_1X30
    - media: [next] staging: media: atomisp: fix memory leak of object flash
    - media: atomisp: Fixed error handling path
    - media: m88rs6000t: avoid potential out-of-bounds reads on arrays
    - media: atomisp: Fix use after free in atomisp_alloc_css_stat_bufs()
    - drm/amdkfd: fix build error with AMD_IOMMU_V2=m
    - of: overlay: fix for_each_child.cocci warnings
    - x86/kprobes: Fix to check non boostable prefixes correctly
    - selftests: fix prepending $(OUTPUT) to $(TEST_PROGS)
    - pata_arasan_cf: fix IRQ check
    - pata_ipx4xx_cf: fix IRQ check
    - sata_mv: add IRQ checks
    - ata: libahci_platform: fix IRQ check
    - seccomp: Fix CONFIG tests for Seccomp_filters
    - nvme-tcp: block BH in sk state_change sk callback
    - nvmet-tcp: fix incorrect locking in state_change sk callback
    - clk: imx: Fix reparenting of UARTs not associated with stdout
    - power: supply: bq25980: Move props from battery node
    - nvme: retrigger ANA log update if group descriptor isn't found
    - media: ccs: Fix sub-device function
    - media: ipu3-cio2: Fix pixel-rate derived link frequency
    - media: i2c: imx219: Move out locking/unlocking of vflip and hflip controls
      from imx219_set_stream
    - media: i2c: imx219: Balance runtime PM use-count
    - media: v4l2-ctrls.c: fix race condition in hdl->requests list
    - media: rkvdec: Do not require all controls to be present in every request
    - vfio/fsl-mc: Re-order vfio_fsl_mc_probe()
    - vfio/pci: Move VGA and VF initialization to functions
    - vfio/pci: Re-order vfio_pci_probe()
    - drm/msm: Fix debugfs deadlock
    - vfio/mdev: Do not allow a mdev_type to have a NULL parent pointer
    - clk: zynqmp: move zynqmp_pll_set_mode out of round_rate callback
    - clk: zynqmp: pll: add set_pll_mode to check condition in zynqmp_pll_enable
    - drm: xlnx: zynqmp: fix a memset in zynqmp_dp_train()
    - clk: qcom: a53-pll: Add missing MODULE_DEVICE_TABLE
    - clk: qcom: apss-ipq-pll: Add missing MODULE_DEVICE_TABLE
    - drm/amd/display: use GFP_ATOMIC in dcn20_resource_construct
    - drm/amd/display: check fb of primary plane
    - drm/radeon: Fix a missing check bug in radeon_dp_mst_detect()
    - clk: uniphier: Fix potential infinite loop
    - scsi: pm80xx: Increase timeout for pm80xx mpi_uninit_check()
    - scsi: pm80xx: Fix potential infinite loop
    - scsi: ufs: ufshcd-pltfrm: Fix deferred probing
    - scsi: hisi_sas: Fix IRQ checks
    - scsi: jazz_esp: Add IRQ check
    - scsi: sun3x_esp: Add IRQ check
    - scsi: sni_53c710: Add IRQ check
    - scsi: ibmvfc: Fix invalid state machine BUG_ON()
    - mailbox: sprd: Introduce refcnt when clients requests/free channels
    - mfd: stm32-timers: Avoid clearing auto reload register
    - nvmet-tcp: fix a segmentation fault during io parsing error
    - nvme-pci: don't simple map sgl when sgls are disabled
    - media: meson-ge2d: fix rotation parameters
    - media: cedrus: Fix H265 status definitions
    - HSI: core: fix resource leaks in hsi_add_client_from_dt()
    - x86/events/amd/iommu: Fix sysfs type mismatch
    - perf/amd/uncore: Fix sysfs type mismatch
    - block/rnbd-clt-sysfs: Remove copy buffer overlap in rnbd_clt_get_path_name
    - sched/debug: Fix cgroup_path[] serialization
    - kthread: Fix PF_KTHREAD vs to_kthread() race
    - ataflop: potential out of bounds in do_format()
    - ataflop: fix off by one in ataflop_probe()
    - drivers/block/null_blk/main: Fix a double free in null_init.
    - xsk: Respect device's headroom and tailroom on generic xmit path
    - HID: plantronics: Workaround for double volume key presses
    - perf symbols: Fix dso__fprintf_symbols_by_name() to return the number of
      printed chars
    - ASoC: Intel: boards: sof-wm8804: add check for PLL setting
    - ASoC: Intel: Skylake: Compile when any configuration is selected
    - RDMA/mlx5: Fix mlx5 rates to IB rates map
    - wilc1000: write value to WILC_INTR2_ENABLE register
    - KVM: x86/mmu: Retry page faults that hit an invalid memslot
    - Bluetooth: avoid deadlock between hci_dev->lock and socket lock
    - net: lapbether: Prevent racing when checking whether the netif is running
    - libbpf: Add explicit padding to bpf_xdp_set_link_opts
    - bpftool: Fix maybe-uninitialized warnings
    - iommu: Check dev->iommu in iommu_dev_xxx functions
    - dma-iommu: use static-key to minimize the impact in the fast-path
    - iommu/dma: Resurrect the "forcedac" option
    - iommu/vt-d: Reject unsupported page request modes
    - selftests/bpf: Re-generate vmlinux.h and BPF skeletons if bpftool changed
    - libbpf: Add explicit padding to btf_dump_emit_type_decl_opts
    - powerpc/mm: Move the linear_mapping_mutex to the ifdef where it is used
    - powerpc/fadump: Mark fadump_calculate_reserve_size as __init
    - powerpc/prom: Mark identical_pvr_fixup as __init
    - MIPS: fix local_irq_{disable,enable} in asmmacro.h
    - ima: Fix the error code for restoring the PCR value
    - inet: use bigger hash table for IP ID generation
    - pinctrl: pinctrl-single: remove unused parameter
    - pinctrl: pinctrl-single: fix pcs_pin_dbg_show() when bits_per_mux is not
      zero
    - MIPS: loongson64: fix bug when PAGE_SIZE > 16KB
    - ASoC: wm8960: Remove bitclk relax condition in wm8960_configure_sysclk
    - iommu/arm-smmu-v3: add bit field SFM into GERROR_ERR_MASK
    - RDMA/mlx5: Fix drop packet rule in egress table
    - IB/isert: Fix a use after free in isert_connect_request
    - powerpc: Fix HAVE_HARDLOCKUP_DETECTOR_ARCH build configuration
    - MIPS/bpf: Enable bpf_probe_read{, str}() on MIPS again
    - gpio: guard gpiochip_irqchip_add_domain() with GPIOLIB_IRQCHIP
    - fs: dlm: fix missing unlock on error in accept_from_sock()
    - ASoC: q6afe-clocks: fix reprobing of the driver
    - ALSA: core: remove redundant spin_lock pair in snd_card_disconnect
    - net: phy: lan87xx: fix access to wrong register of LAN87xx
    - udp: never accept GSO_FRAGLIST packets
    - powerpc/pseries: Only register vio drivers if vio bus exists
    - net/tipc: fix missing destroy_workqueue() on error in tipc_crypto_start()
    - bug: Remove redundant condition check in report_bug
    - RDMA/core: Fix corrupted SL on passive side
    - nfc: pn533: prevent potential memory corruption
    - net: hns3: Limiting the scope of vector_ring_chain variable
    - mips: bmips: fix syscon-reboot nodes
    - KVM: arm64: Fix error return code in init_hyp_mode()
    - iommu/vt-d: Don't set then clear private data in prq_event_thread()
    - iommu: Fix a boundary issue to avoid performance drop
    - iommu/vt-d: Report right snoop capability when using FL for IOVA
    - iommu/vt-d: Report the right page fault address
    - iommu/vt-d: Preset Access/Dirty bits for IOVA over FL
    - iommu/vt-d: Remove WO permissions on second-level paging entries
    - iommu/vt-d: Invalidate PASID cache when root/context entry changed
    - ALSA: usb-audio: Add error checks for usb_driver_claim_interface() calls
    - HID: lenovo: Use brightness_set_blocking callback for setting LEDs
      brightness
    - HID: lenovo: Fix lenovo_led_set_tp10ubkbd() error handling
    - HID: lenovo: Check hid_get_drvdata() returns non NULL in lenovo_event()
    - HID: lenovo: Map mic-mute button to KEY_F20 instead of KEY_MICMUTE
    - KVM: arm64: Initialize VCPU mdcr_el2 before loading it
    - ASoC: simple-card: fix possible uninitialized single_cpu local variable
    - liquidio: Fix unintented sign extension of a left shift of a u16
    - IB/hfi1: Use kzalloc() for mmu_rb_handler allocation
    - powerpc/64s: Fix pte update for kernel memory on radix
    - powerpc/pseries: Add key to flags in pSeries_lpar_hpte_updateboltedpp()
    - powerpc/64s: Use htab_convert_pte_flags() in hash__mark_rodata_ro()
    - powerpc/perf: Fix PMU constraint check for EBB events
    - powerpc: iommu: fix build when neither PCI or IBMVIO is set
    - mac80211: bail out if cipher schemes are invalid
    - perf vendor events amd: Fix broken L2 Cache Hits from L2 HWPF metric
    - RDMA/hns: Fix missing assignment of max_inline_data
    - xfs: fix return of uninitialized value in variable error
    - rtw88: Fix an error code in rtw_debugfs_set_rsvd_page()
    - mt7601u: fix always true expression
    - mt76: mt7615: fix tx skb dma unmap
    - mt76: mt7915: fix tx skb dma unmap
    - mt76: mt7915: fix aggr len debugfs node
    - mt76: mt7615: fix mib stats counter reporting to mac80211
    - mt76: mt7915: fix mib stats counter reporting to mac80211
    - mt76: reduce q->lock hold time
    - mt76: check return value of mt76_txq_send_burst in mt76_txq_schedule_list
    - mt76: mt7915: fix rxrate reporting
    - mt76: mt7915: fix txrate reporting
    - mt76: mt7663: fix when beacon filter is being applied
    - mt76: mt7663s: make all of packets 4-bytes aligned in sdio tx aggregation
    - mt76: mt7663s: fix the possible device hang in high traffic
    - mt76: mt7615: cleanup mcu tx queue in mt7615_dma_reset()
    - mt76: mt7915: bring up the WA event rx queue for band1
    - mt76: mt7915: cleanup mcu tx queue in mt7915_dma_reset()
    - KVM: PPC: Book3S HV P9: Restore host CTRL SPR after guest exit
    - ovl: show "userxattr" in the mount data
    - ovl: invalidate readdir cache on changes to dir with origin
    - RDMA/qedr: Fix error return code in qedr_iw_connect()
    - IB/hfi1: Fix error return code in parse_platform_config()
    - RDMA/bnxt_re: Fix error return code in bnxt_qplib_cq_process_terminal()
    - cxgb4: Fix unintentional sign extension issues
    - net: thunderx: Fix unintentional sign extension issue
    - RDMA/srpt: Fix error return code in srpt_cm_req_recv()
    - RDMA/rtrs-clt: destroy sysfs after removing session from active list
    - i2c: cadence: fix reference leak when pm_runtime_get_sync fails
    - i2c: img-scb: fix reference leak when pm_runtime_get_sync fails
    - i2c: imx-lpi2c: fix reference leak when pm_runtime_get_sync fails
    - i2c: imx: fix reference leak when pm_runtime_get_sync fails
    - i2c: omap: fix reference leak when pm_runtime_get_sync fails
    - i2c: sprd: fix reference leak when pm_runtime_get_sync fails
    - i2c: stm32f7: fix reference leak when pm_runtime_get_sync fails
    - i2c: xiic: fix reference leak when pm_runtime_get_sync fails
    - i2c: cadence: add IRQ check
    - i2c: emev2: add IRQ check
    - i2c: jz4780: add IRQ check
    - i2c: mlxbf: add IRQ check
    - i2c: rcar: make sure irq is not threaded on Gen2 and earlier
    - i2c: rcar: protect against supurious interrupts on V3U
    - i2c: rcar: add IRQ check
    - i2c: sh7760: add IRQ check
    - iwlwifi: rs-fw: don't support stbc for HE 160
    - iwlwifi: dbg: disable ini debug in 9000 family and below
    - powerpc/xive: Drop check on irq_data in xive_core_debug_show()
    - powerpc/xive: Fix xmon command "dxi"
    - powerpc/syscall: Rename syscall_64.c into interrupt.c
    - powerpc/syscall: Change condition to check MSR_RI
    - ASoC: ak5558: correct reset polarity
    - net/mlx5: Fix bit-wise and with zero
    - net/packet: remove data races in fanout operations
    - drm/i915/gvt: Fix error code in intel_gvt_init_device()
    - iommu/amd: Put newline after closing bracket in warning
    - perf beauty: Fix fsconfig generator
    - drm/amdgpu: fix an error code in init_pmu_entry_by_type_and_add()
    - drm/amd/pm: fix error code in smu_set_power_limit()
    - MIPS: pci-legacy: stop using of_pci_range_to_resource
    - powerpc/pseries: extract host bridge from pci_bus prior to bus removal
    - mptcp: fix format specifiers for unsigned int
    - powerpc/smp: Reintroduce cpu_core_mask
    - KVM: x86: dump_vmcs should not assume GUEST_IA32_EFER is valid
    - rtlwifi: 8821ae: upgrade PHY and RF parameters
    - wlcore: fix overlapping snprintf arguments in debugfs
    - i2c: sh7760: fix IRQ error path
    - i2c: mediatek: Fix wrong dma sync flag
    - mwl8k: Fix a double Free in mwl8k_probe_hw
    - netfilter: nft_payload: fix C-VLAN offload support
    - netfilter: nftables_offload: VLAN id needs host byteorder in flow dissector
    - netfilter: nftables_offload: special ethertype handling for VLAN
    - vsock/vmci: log once the failed queue pair allocation
    - libbpf: Initialize the bpf_seq_printf parameters array field by field
    - net: ethernet: ixp4xx: Set the DMA masks explicitly
    - gro: fix napi_gro_frags() Fast GRO breakage due to IP alignment check
    - RDMA/cxgb4: add missing qpid increment
    - RDMA/i40iw: Fix error unwinding when i40iw_hmc_sd_one fails
    - ALSA: usb: midi: don't return -ENOMEM when usb_urb_ep_type_check fails
    - sfc: ef10: fix TX queue lookup in TX event handling
    - vsock/virtio: free queued packets when closing socket
    - net: marvell: prestera: fix port event handling on init
    - net: davinci_emac: Fix incorrect masking of tx and rx error channel
    - mt76: mt7615: fix memleak when mt7615_unregister_device()
    - mt76: mt7915: fix memleak when mt7915_unregister_device()
    - powerpc/pseries/iommu: Fix window size for direct mapping with pmem
    - crypto: ccp: Detect and reject "invalid" addresses destined for PSP
    - net: dsa: mv88e6xxx: Fix off-by-one in VTU devlink region size
    - nfp: devlink: initialize the devlink port attribute "lanes"
    - net: stmmac: fix TSO and TBS feature enabling during driver open
    - net: renesas: ravb: Fix a stuck issue when a lot of frames are received
    - net: phy: intel-xway: enable integrated led functions
    - RDMA/rxe: Fix a bug in rxe_fill_ip_info()
    - RDMA/core: Add CM to restrack after successful attachment to a device
    - powerpc/64: Fix the definition of the fixmap area
    - ath9k: Fix error check in ath9k_hw_read_revisions() for PCI devices
    - ath10k: Fix a use after free in ath10k_htc_send_bundle
    - ath10k: Fix ath10k_wmi_tlv_op_pull_peer_stats_info() unlock without lock
    - wlcore: Fix buffer overrun by snprintf due to incorrect buffer size
    - powerpc/perf: Fix the threshold event selection for memory events in power10
    - powerpc/52xx: Fix an invalid ASM expression ('addi' used instead of 'add')
    - net: phy: marvell: fix m88e1011_set_downshift
    - net: phy: marvell: fix m88e1111_set_downshift
    - net: enetc: fix link error again
    - bnxt_en: fix ternary sign extension bug in bnxt_show_temp()
    - ARM: dts: uniphier: Change phy-mode to RGMII-ID to enable delay pins for
      RTL8211E
    - arm64: dts: uniphier: Change phy-mode to RGMII-ID to enable delay pins for
      RTL8211E
    - net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb
    - selftests: net: mirror_gre_vlan_bridge_1q: Make an FDB entry static
    - selftests: mlxsw: Remove a redundant if statement in tc_flower_scale test
    - bnxt_en: Fix RX consumer index logic in the error path.
    - KVM: VMX: Intercept FS/GS_BASE MSR accesses for 32-bit KVM
    - KVM: SVM: Zero out the VMCB array used to track SEV ASID association
    - KVM: SVM: Free sev_asid_bitmap during init if SEV setup fails
    - KVM: SVM: Disable SEV/SEV-ES if NPT is disabled
    - net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send
    - selftests/bpf: Fix BPF_CORE_READ_BITFIELD() macro
    - selftests/bpf: Fix field existence CO-RE reloc tests
    - selftests/bpf: Fix core_reloc test runner
    - bpf: Fix propagation of 32 bit unsigned bounds from 64 bit bounds
    - RDMA/siw: Fix a use after free in siw_alloc_mr
    - RDMA/bnxt_re: Fix a double free in bnxt_qplib_alloc_res
    - net: bridge: mcast: fix broken length + header check for MRDv6 Adv.
    - net: dsa: mv88e6xxx: Fix 6095/6097/6185 ports in non-SERDES CMODE
    - net:nfc:digital: Fix a double free in digital_tg_recv_dep_req
    - perf tools: Change fields type in perf_record_time_conv
    - perf jit: Let convert_timestamp() to be backwards-compatible
    - perf session: Add swap operation for event TIME_CONV
    - ia64: fix EFI_DEBUG build
    - kfifo: fix ternary sign extension bugs
    - mm/sl?b.c: remove ctor argument from kmem_cache_flags
    - mm: memcontrol: slab: fix obtain a reference to a freeing memcg
    - mm/sparse: add the missing sparse_buffer_fini() in error branch
    - mm/memory-failure: unnecessary amount of unmapping
    - afs: Fix speculative status fetches
    - net: Only allow init netns to set default tcp cong to a restricted algo
    - smp: Fix smp_call_function_single_async prototype
    - Revert "net/sctp: fix race condition in sctp_destroy_sock"
    - sctp: delay auto_asconf init until binding the first addr
    - Linux 5.11.21

* Fix kdump failures (LP: #1927518)
    - video: hyperv_fb: Add ratelimit on error message
    - Drivers: hv: vmbus: Increase wait time for VMbus unload
    - Drivers: hv: vmbus: Initialize unload_event statically

* Hirsute update: v5.11.20 upstream stable release (LP: #1928857)
    - bus: mhi: core: Fix check for syserr at power_up
    - bus: mhi: core: Clear configuration from channel context during reset
    - bus: mhi: core: Sanity check values from remote device before use
    - bus: mhi: core: Add missing checks for MMIO register entries
    - bus: mhi: pci_generic: Remove WQ_MEM_RECLAIM flag from state workqueue
    - nitro_enclaves: Fix stale file descriptors on failed usercopy
    - dyndbg: fix parsing file query without a line-range suffix
    - s390/disassembler: increase ebpf disasm buffer size
    - s390/zcrypt: fix zcard and zqueue hot-unplug memleak
    - s390/vfio-ap: fix circular lockdep when setting/clearing crypto masks
    - vhost-vdpa: fix vm_flags for virtqueue doorbell mapping
    - tpm: acpi: Check eventlog signature before using it
    - ACPI: custom_method: fix potential use-after-free issue
    - ACPI: custom_method: fix a possible memory leak
    - ftrace: Handle commands when closing set_ftrace_filter file
    - ARM: 9056/1: decompressor: fix BSS size calculation for LLVM ld.lld
    - arm64: dts: marvell: armada-37xx: add syscon compatible to NB clk node
    - arm64: dts: mt8173: fix property typo of 'phys' in dsi node
    - ecryptfs: fix kernel panic with null dev_name
    - fs/epoll: restore waking from ep_done_scan()
    - reset: add missing empty function reset_control_rearm()
    - mtd: spi-nor: core: Fix an issue of releasing resources during read/write
    - Revert "mtd: spi-nor: macronix: Add support for mx25l51245g"
    - mtd: spinand: core: add missing MODULE_DEVICE_TABLE()
    - mtd: rawnand: atmel: Update ecc_stats.corrected counter
    - mtd: physmap: physmap-bt1-rom: Fix unintentional stack access
    - erofs: add unsupported inode i_format check
    - spi: stm32-qspi: fix pm_runtime usage_count counter
    - spi: spi-ti-qspi: Free DMA resources
    - libceph: allow addrvecs with a single NONE/blank address
    - scsi: qla2xxx: Reserve extra IRQ vectors
    - scsi: lpfc: Fix rmmod crash due to bad ring pointers to abort_iotag
    - scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand()
    - scsi: mpt3sas: Only one vSES is present even when IOC has multi vSES
    - scsi: mpt3sas: Block PCI config access from userspace during reset
    - mmc: uniphier-sd: Fix an error handling path in uniphier_sd_probe()
    - mmc: uniphier-sd: Fix a resource leak in the remove function
    - mmc: sdhci: Check for reset prior to DMA address unmap
    - mmc: sdhci-pci: Fix initialization of some SD cards for Intel BYT-based
      controllers
    - mmc: block: Update ext_csd.cache_ctrl if it was written
    - mmc: block: Issue a cache flush only when it's enabled
    - mmc: core: Do a power cycle when the CMD11 fails
    - mmc: core: Set read only for SD cards with permanent write protect bit
    - mmc: core: Fix hanging on I/O during system suspend for removable cards
    - irqchip/gic-v3: Do not enable irqs when handling spurious interrups
    - cifs: Return correct error code from smb2_get_enc_key
    - cifs: fix out-of-bound memory access when calling smb3_notify() at mount
      point
    - cifs: fix leak in cifs_smb3_do_mount() ctx
    - cifs: detect dead connections only when echoes are enabled.
    - cifs: fix regression when mounting shares with prefix paths
    - smb2: fix use-after-free in smb2_ioctl_query_info()
    - btrfs: handle remount to no compress during compression
    - x86/build: Disable HIGHMEM64G selection for M486SX
    - btrfs: fix metadata extent leak after failure to create subvolume
    - intel_th: pci: Add Rocket Lake CPU support
    - btrfs: fix race between transaction aborts and fsyncs leading to use-after-
      free
    - posix-timers: Preserve return value in clock_adjtime32()
    - fbdev: zero-fill colormap in fbcmap.c
    - cpuidle: tegra: Fix C7 idling state on Tegra114
    - bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first
    - staging: wimax/i2400m: fix byte-order issue
    - spi: ath79: always call chipselect function
    - spi: ath79: remove spi-master setup and cleanup assignment
    - bus: mhi: core: Destroy SBL devices when moving to mission mode
    - bus: mhi: core: Process execution environment changes serially
    - crypto: api - check for ERR pointers in crypto_destroy_tfm()
    - crypto: qat - fix unmap invalid dma address
    - usb: gadget: uvc: add bInterval checking for HS mode
    - usb: webcam: Invalid size of Processing Unit Descriptor
    - x86/sev: Do not require Hypervisor CPUID bit for SEV guests
    - crypto: hisilicon/sec - fixes a printing error
    - genirq/matrix: Prevent allocation counter corruption
    - usb: gadget: f_uac2: validate input parameters
    - usb: gadget: f_uac1: validate input parameters
    - usb: dwc3: gadget: Ignore EP queue requests during bus reset
    - usb: xhci: Fix port minor revision
    - kselftest/arm64: mte: Fix compilation with native compiler
    - ARM: tegra: acer-a500: Rename avdd to vdda of touchscreen node
    - PCI: PM: Do not read power state in pci_enable_device_flags()
    - kselftest/arm64: mte: Fix MTE feature detection
    - ARM: dts: BCM5301X: fix "reg" formatting in /memory node
    - ARM: dts: ux500: Fix up TVK R3 sensors
    - x86/build: Propagate $(CLANG_FLAGS) to $(REALMODE_FLAGS)
    - x86/boot: Add $(CLANG_FLAGS) to compressed KBUILD_CFLAGS
    - efi/libstub: Add $(CLANG_FLAGS) to x86 flags
    - soc/tegra: pmc: Fix completion of power-gate toggling
    - arm64: dts: imx8mq-librem5-r3: Mark buck3 as always on
    - tee: optee: do not check memref size on return from Secure World
    - soundwire: cadence: only prepare attached devices on clock stop
    - perf/arm_pmu_platform: Use dev_err_probe() for IRQ errors
    - perf/arm_pmu_platform: Fix error handling
    - random: initialize ChaCha20 constants with correct endianness
    - usb: xhci-mtk: support quirk to disable usb2 lpm
    - fpga: dfl: pci: add DID for D5005 PAC cards
    - xhci: check port array allocation was successful before dereferencing it
    - xhci: check control context is valid before dereferencing it.
    - xhci: fix potential array out of bounds with several interrupters
    - bus: mhi: core: Clear context for stopped channels from remove()
    - ARM: dts: at91: change the key code of the gpio key
    - tools/power/x86/intel-speed-select: Increase string size
    - platform/x86: ISST: Account for increased timeout in some cases
    - clocksource/drivers/dw_apb_timer_of: Add handling for potential memory leak
    - resource: Prevent irqresource_disabled() from erasing flags
    - spi: dln2: Fix reference leak to master
    - spi: omap-100k: Fix reference leak to master
    - spi: qup: fix PM reference leak in spi_qup_remove()
    - usb: gadget: tegra-xudc: Fix possible use-after-free in tegra_xudc_remove()
    - usb: musb: fix PM reference leak in musb_irq_work()
    - usb: core: hub: Fix PM reference leak in usb_port_resume()
    - usb: dwc3: gadget: Check for disabled LPM quirk
    - tty: n_gsm: check error while registering tty devices
    - intel_th: Consistency and off-by-one fix
    - phy: phy-twl4030-usb: Fix possible use-after-free in twl4030_usb_remove()
    - crypto: sun8i-ss - Fix PM reference leak when pm_runtime_get_sync() fails
    - crypto: sun8i-ce - Fix PM reference leak in sun8i_ce_probe()
    - crypto: stm32/hash - Fix PM reference leak on stm32-hash.c
    - crypto: stm32/cryp - Fix PM reference leak on stm32-cryp.c
    - crypto: sa2ul - Fix PM reference leak in sa_ul_probe()
    - crypto: omap-aes - Fix PM reference leak on omap-aes.c
    - platform/x86: intel_pmc_core: Don't use global pmcdev in quirks
    - spi: sync up initial chipselect state
    - btrfs: do proper error handling in create_reloc_root
    - btrfs: do proper error handling in btrfs_update_reloc_root
    - btrfs: convert logic BUG_ON()'s in replace_path to ASSERT()'s
    - regulator: da9121: automotive variants identity fix
    - drm: Added orientation quirk for OneGX1 Pro
    - drm/qxl: release shadow on shutdown
    - drm/ast: Fix invalid usage of AST_MAX_HWC_WIDTH in cursor atomic_check
    - drm/amd/display: changing sr exit latency
    - drm/amd/display: Fix MPC OGAM power on/off sequence
    - drm/ast: fix memory leak when unload the driver
    - drm/amd/display: Check for DSC support instead of ASIC revision
    - drm/amd/display: Don't optimize bandwidth before disabling planes
    - drm/amd/display: Return invalid state if GPINT times out
    - drm/amdgpu/display: buffer INTERRUPT_LOW_IRQ_CONTEXT interrupt work
    - drm/amd/display/dc/dce/dce_aux: Remove duplicate line causing 'field
      overwritten' issue
    - scsi: lpfc: Fix incorrect dbde assignment when building target abts wqe
    - scsi: lpfc: Fix pt2pt connection does not recover after LOGO
    - scsi: lpfc: Fix status returned in lpfc_els_retry() error exit path
    - scsi: lpfc: Fix PLOGI ACC to be transmit after REG_LOGIN
    - scsi: lpfc: Fix ADISC handling that never frees nodes
    - drm/amdgpu: Fix some unload driver issues
    - sched/pelt: Fix task util_est update filtering
    - sched/topology: fix the issue groups don't span domain->span for NUMA
      diameter > 2
    - kvfree_rcu: Use same set of GFP flags as does single-argument
    - drm/virtio: fix possible leak/unlock virtio_gpu_object_array
    - scsi: target: pscsi: Fix warning in pscsi_complete_cmd()
    - media: ite-cir: check for receive overflow
    - media: drivers: media: pci: sta2x11: fix Kconfig dependency on GPIOLIB
    - media: drivers/media/usb: fix memory leak in zr364xx_probe
    - media: cx23885: add more quirks for reset DMA on some AMD IOMMU
    - media: imx: capture: Return -EPIPE from __capture_legacy_try_fmt()
    - atomisp: don't let it go past pipes array
    - power: supply: bq27xxx: fix power_avg for newer ICs
    - extcon: arizona: Fix some issues when HPDET IRQ fires after the jack has
      been unplugged
    - extcon: arizona: Fix various races on driver unbind
    - media: media/saa7164: fix saa7164_encoder_register() memory leak bugs
    - media: gspca/sq905.c: fix uninitialized variable
    - media: v4l2-ctrls.c: initialize flags field of p_fwht_params
    - power: supply: Use IRQF_ONESHOT
    - backlight: qcom-wled: Use sink_addr for sync toggle
    - backlight: qcom-wled: Fix FSC update issue for WLED5
    - drm/amdgpu: mask the xgmi number of hops reported from psp to kfd
    - drm/amdkfd: Fix UBSAN shift-out-of-bounds warning
    - drm/amdgpu : Fix asic reset regression issue introduce by 8f211fe8ac7c4f
    - drm/amd/pm: fix workload mismatch on vega10
    - drm/amd/display: Fix UBSAN warning for not a valid value for type '_Bool'
    - drm/amd/display: DCHUB underflow counter increasing in some scenarios
    - drm/amd/display: fix dml prefetch validation
    - scsi: qla2xxx: Always check the return value of qla24xx_get_isp_stats()
    - drm/vkms: fix misuse of WARN_ON
    - scsi: qla2xxx: Fix use after free in bsg
    - mmc: sdhci-esdhc-imx: validate pinctrl before use it
    - mmc: sdhci-pci: Add PCI IDs for Intel LKF
    - mmc: sdhci-brcmstb: Remove CQE quirk
    - ata: ahci: Disable SXS for Hisilicon Kunpeng920
    - drm/komeda: Fix bit check to import to value of proper type
    - nvmet: return proper error code from discovery ctrl
    - selftests/resctrl: Enable gcc checks to detect buffer overflows
    - selftests/resctrl: Fix compilation issues for global variables
    - selftests/resctrl: Fix compilation issues for other global variables
    - selftests/resctrl: Clean up resctrl features check
    - selftests/resctrl: Fix missing options "-n" and "-p"
    - selftests/resctrl: Use resctrl/info for feature detection
    - selftests/resctrl: Fix incorrect parsing of iMC counters
    - selftests/resctrl: Fix checking for < 0 for unsigned values
    - power: supply: cpcap-charger: Add usleep to cpcap charger to avoid usb plug
      bounce
    - scsi: smartpqi: Use host-wide tag space
    - scsi: smartpqi: Correct request leakage during reset operations
    - scsi: smartpqi: Add new PCI IDs
    - scsi: scsi_dh_alua: Remove check for ASC 24h in alua_rtpg()
    - media: em28xx: fix memory leak
    - media: vivid: update EDID
    - drm/msm/dp: Fix incorrect NULL check kbot warnings in DP driver
    - clk: socfpga: arria10: Fix memory leak of socfpga_clk on error return
    - power: supply: generic-adc-battery: fix possible use-after-free in
      gab_remove()
    - power: supply: s3c_adc_battery: fix possible use-after-free in
      s3c_adc_bat_remove()
    - media: tc358743: fix possible use-after-free in tc358743_remove()
    - media: adv7604: fix possible use-after-free in adv76xx_remove()
    - media: i2c: adv7511-v4l2: fix possible use-after-free in adv7511_remove()
    - media: i2c: tda1997: Fix possible use-after-free in tda1997x_remove()
    - media: i2c: adv7842: fix possible use-after-free in adv7842_remove()
    - media: platform: sti: Fix runtime PM imbalance in regs_show
    - media: sun8i-di: Fix runtime PM imbalance in deinterlace_start_streaming
    - media: dvb-usb: fix memory leak in dvb_usb_adapter_init
    - media: gscpa/stv06xx: fix memory leak
    - sched/fair: Ignore percpu threads for imbalance pulls
    - drm/msm/mdp5: Configure PP_SYNC_HEIGHT to double the vtotal
    - drm/msm/mdp5: Do not multiply vclk line count by 100
    - drm/amdgpu/ttm: Fix memory leak userptr pages
    - drm/radeon/ttm: Fix memory leak userptr pages
    - drm/amd/display: Fix debugfs link_settings entry
    - drm/amd/display: Fix UBSAN: shift-out-of-bounds warning
    - drm/radeon: don't evict if not initialized
    - drm/amdkfd: Fix cat debugfs hang_hws file causes system crash bug
    - amdgpu: avoid incorrect %hu format string
    - drm/amdgpu/display: fix memory leak for dimgrey cavefish
    - drm/amdgpu: fix NULL pointer dereference
    - scsi: lpfc: Fix crash when a REG_RPI mailbox fails triggering a LOGO
      response
    - scsi: lpfc: Fix reference counting errors in lpfc_cmpl_els_rsp()
    - scsi: lpfc: Fix error handling for mailboxes completed in MBX_POLL mode
    - scsi: lpfc: Remove unsupported mbox PORT_CAPABILITIES logic
    - mfd: intel-m10-bmc: Fix the register access range
    - mfd: da9063: Support SMBus and I2C mode
    - mfd: arizona: Fix rumtime PM imbalance on error
    - scsi: libfc: Fix a format specifier
    - perf: Rework perf_event_exit_event()
    - sched,fair: Alternative sched_slice()
    - block/rnbd-srv: Prevent a deadlock generated by accessing sysfs in parallel
    - block/rnbd-clt: Fix missing a memory free when unloading the module
    - s390/archrandom: add parameter check for s390_arch_random_generate
    - sched,psi: Handle potential task count underflow bugs more gracefully
    - power: supply: cpcap-battery: fix invalid usage of list cursor
    - ALSA: emu8000: Fix a use after free in snd_emu8000_create_mixer
    - ALSA: hda/conexant: Re-order CX5066 quirk table entries
    - ALSA: sb: Fix two use after free in snd_sb_qsound_build
    - ALSA: usb-audio: Explicitly set up the clock selector
    - ALSA: usb-audio: Add dB range mapping for Sennheiser Communications Headset
      PC 8
    - ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 445 G7
    - ALSA: hda/realtek: GA503 use same quirks as GA401
    - ALSA: hda/realtek: fix mic boost on Intel NUC 8
    - ALSA: hda/realtek - Headset Mic issue on HP platform
    - ALSA: hda/realtek: fix static noise on ALC285 Lenovo laptops
    - ALSA: hda/realtek: Add quirk for Intel Clevo PCx0Dx
    - tools/power/turbostat: Fix turbostat for AMD Zen CPUs
    - btrfs: fix race when picking most recent mod log operation for an old root
    - arm64/vdso: Discard .note.gnu.property sections in vDSO
    - Makefile: Move -Wno-unused-but-set-variable out of GCC only block
    - fs: fix reporting supported extra file attributes for statx()
    - virtiofs: fix memory leak in virtio_fs_probe()
    - kcsan, debugfs: Move debugfs file creation out of early init
    - ubifs: Only check replay with inode type to judge if inode linked
    - f2fs: fix error handling in f2fs_end_enable_verity()
    - f2fs: fix to avoid out-of-bounds memory access
    - mlxsw: spectrum_mr: Update egress RIF list before route's action
    - openvswitch: fix stack OOB read while fragmenting IPv4 packets
    - net/sched: sch_frag: fix stack OOB read while fragmenting IPv4 packets
    - NFS: fs_context: validate UDP retrans to prevent shift out-of-bounds
    - NFS: Don't discard pNFS layout segments that are marked for return
    - NFSv4: Don't discard segments marked for return in _pnfs_return_layout()
    - Input: ili210x - add missing negation for touch indication on ili210x
    - jffs2: Fix kasan slab-out-of-bounds problem
    - jffs2: Hook up splice_write callback
    - iommu/vt-d: Force to flush iotlb before creating superpage
    - powerpc/vdso: Separate vvar vma from vdso
    - powerpc/powernv: Enable HAIL (HV AIL) for ISA v3.1 processors
    - powerpc/eeh: Fix EEH handling for hugepages in ioremap space.
    - powerpc/kexec_file: Use current CPU info while setting up FDT
    - powerpc/32: Fix boot failure with CONFIG_STACKPROTECTOR
    - powerpc: fix EDEADLOCK redefinition error in uapi/asm/errno.h
    - powerpc/kvm: Fix PR KVM with KUAP/MEM_KEYS enabled
    - powerpc/kvm: Fix build error when PPC_MEM_KEYS/PPC_PSERIES=n
    - intel_th: pci: Add Alder Lake-M support
    - tpm: efi: Use local variable for calculating final log size
    - tpm: vtpm_proxy: Avoid reading host log when using a virtual device
    - crypto: arm/curve25519 - Move '.fpu' after '.arch'
    - crypto: rng - fix crypto_rng_reset() refcounting when !CRYPTO_STATS
    - md/raid1: properly indicate failure when ending a failed write request
    - dm raid: fix inconclusive reshape layout on fast raid4/5/6 table reload
      sequences
    - fuse: fix write deadlock
    - mm: page_alloc: ignore init_on_free=1 for debug_pagealloc=1
    - exfat: fix erroneous discard when clear cluster bit
    - sfc: farch: fix TX queue lookup in TX flush done handling
    - sfc: farch: fix TX queue lookup in TX event handling
    - rcu/nocb: Fix missed nocb_timer requeue
    - security: commoncap: fix -Wstringop-overread warning
    - Fix misc new gcc warnings
    - jffs2: check the validity of dstlen in jffs2_zlib_compress()
    - smb3: when mounting with multichannel include it in requested capabilities
    - smb3: if max_channels set to more than one channel request multichannel
    - smb3: do not attempt multichannel to server which does not support it
    - Revert 337f13046ff0 ("futex: Allow FUTEX_CLOCK_REALTIME with FUTEX_WAIT op")
    - futex: Do not apply time namespace adjustment on FUTEX_LOCK_PI
    - x86/cpu: Initialize MSR_TSC_AUX if RDTSCP *or* RDPID is supported
    - kbuild: update config_data.gz only when the content of .config is changed
    - ext4: annotate data race in start_this_handle()
    - ext4: annotate data race in jbd2_journal_dirty_metadata()
    - ext4: fix check to prevent false positive report of incorrect used inodes
    - ext4: do not set SB_ACTIVE in ext4_orphan_cleanup()
    - ext4: always panic when errors=panic is specified
    - ext4: fix error code in ext4_commit_super
    - ext4: fix ext4_error_err save negative errno into superblock
    - ext4: fix error return code in ext4_fc_perform_commit()
    - ext4: allow the dax flag to be set and cleared on inline directories
    - ext4: Fix occasional generic/418 failure
    - media: dvbdev: Fix memory leak in dvb_media_device_free()
    - media: dvb-usb: Fix use-after-free access
    - media: dvb-usb: Fix memory leak at error in dvb_usb_device_init()
    - media: staging/intel-ipu3: Fix memory leak in imu_fmt
    - media: staging/intel-ipu3: Fix set_fmt error handling
    - media: staging/intel-ipu3: Fix race condition during set_fmt
    - media: v4l2-ctrls: fix reference to freed memory
    - media: coda: fix macroblocks count control usage
    - media: venus: hfi_parser: Don't initialize parser on v1
    - usb: gadget: dummy_hcd: fix gpf in gadget_setup
    - usb: gadget: Fix double free of device descriptor pointers
    - usb: gadget/function/f_fs string table fix for multiple languages
    - usb: dwc3: gadget: Remove FS bInterval_m1 limitation
    - usb: dwc3: gadget: Fix START_TRANSFER link state check
    - usb: dwc3: core: Do core softreset when switch mode
    - usb: dwc2: Fix session request interrupt handler
    - PCI: dwc: Move iATU detection earlier
    - tty: fix memory leak in vc_deallocate
    - rsi: Use resume_noirq for SDIO
    - tools/power turbostat: Fix offset overflow issue in index converting
    - tracing: Map all PIDs to command lines
    - tracing: Restructure trace_clock_global() to never block
    - dm persistent data: packed struct should have an aligned() attribute too
    - dm space map common: fix division bug in sm_ll_find_free_block()
    - dm integrity: fix missing goto in bitmap_flush_interval error handling
    - dm rq: fix double free of blk_mq_tag_set in dev remove after table load
      fails
    - pinctrl: Ingenic: Add support for read the pin configuration of X1830.
    - lib/vsprintf.c: remove leftover 'f' and 'F' cases from bstr_printf()
    - thermal/drivers/cpufreq_cooling: Fix slab OOB issue
    - thermal/core/fair share: Lock the thermal zone while looping over instances
    - Revert "UBUNTU: SAUCE: Revert "s390/cio: remove pm support from ccw bus
      driver""
    - s390/cio: remove invalid condition on IO_SCH_UNREG
    - Linux 5.11.20

* Hirsute update: v5.11.20 upstream stable release (LP: #1928857) //
    CVE-2021-20288).
    - libceph: bump CephXAuthenticate encoding version

* Hirsute update: v5.11.19 upstream stable release (LP: #1928850)
    - mips: Do not include hi and lo in clobber list for R6
    - netfilter: conntrack: Make global sysctls readonly in non-init netns
    - net: usb: ax88179_178a: initialize local variables before use
    - drm/i915: Disable runtime power management during shutdown
    - igb: Enable RSS for Intel I211 Ethernet Controller
    - bpf: Fix masking negation logic upon negative dst register
    - bpf: Fix leakage of uninitialized bpf stack under speculation
    - net: qrtr: Avoid potential use after free in MHI send
    - perf data: Fix error return code in perf_data__create_dir()
    - capabilities: require CAP_SETFCAP to map uid 0
    - perf ftrace: Fix access to pid in array when setting a pid filter
    - tools/cgroup/slabinfo.py: updated to work on current kernel
    - driver core: add a min_align_mask field to struct device_dma_parameters
    - swiotlb: add a IO_TLB_SIZE define
    - swiotlb: factor out an io_tlb_offset helper
    - swiotlb: factor out a nr_slots helper
    - swiotlb: clean up swiotlb_tbl_unmap_single
    - swiotlb: refactor swiotlb_tbl_map_single
    - swiotlb: don't modify orig_addr in swiotlb_tbl_sync_single
    - swiotlb: respect min_align_mask
    - nvme-pci: set min_align_mask
    - ovl: fix leaked dentry
    - ovl: allow upperdir inside lowerdir
    - ALSA: usb-audio: Add MIDI quirk for Vox ToneLab EX
    - ALSA: usb-audio: Fix implicit sync clearance at stopping stream
    - USB: Add reset-resume quirk for WD19's Realtek Hub
    - platform/x86: thinkpad_acpi: Correct thermal sensor allocation
    - perf/core: Fix unconditional security_locked_down() call
    - vfio: Depend on MMU
    - Linux 5.11.19

* r8152 tx status -71 (LP: #1922651) // Hirsute update: v5.11.19 upstream
    stable release (LP: #1928850)
    - USB: Add LPM quirk for Lenovo ThinkPad USB-C Dock Gen2 Ethernet

* Hirsute update: v5.11.18 upstream stable release (LP: #1928849)
    - iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_gen2_enqueue_hcmd()
    - drm/amd/display: Update modifier list for gfx10_3
    - mei: me: add Alder Lake P device id.
    - Linux 5.11.18

-- Thadeu Lima de Souza Cascardo <cascardo@canonical.com>  Wed, 16 Jun 2021 19:38:04 -0300

Changed in linux (Ubuntu Hirsute):
status:	Confirmed → Fix Released

Andy Whitcroft (apw) on 2022-06-06

tags:	removed: kernel-release-tracking-bug-live
Changed in kernel-sru-workflow:
status:	In Progress → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

Duplicate of bug #1939553 Remove

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntulinux package

hirsute/linux: 5.11.0-20.21 -proposed tracker

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Ubuntu
linux package