Bug #2016995 “Azure: Build-in TDX guest driver” : Jammy (22.04) : Bugs : linux-azure-5.19 package : Ubuntu

Tim Gardner (timg-tpi) on 2023-04-19

affects:	linux (Ubuntu) → linux-azure (Ubuntu)
Changed in linux-azure (Ubuntu):
assignee:	nobody → Tim Gardner (timg-tpi)
importance:	Undecided → High
status:	New → In Progress
description:	updated
Changed in linux-azure (Ubuntu Kinetic):
assignee:	nobody → Tim Gardner (timg-tpi)
importance:	Undecided → High
status:	New → In Progress
Changed in linux-azure-5.19 (Ubuntu Kinetic):
status:	New → Invalid
Changed in linux-azure-5.19 (Ubuntu Jammy):
assignee:	nobody → Tim Gardner (timg-tpi)
importance:	Undecided → High
status:	New → In Progress
Changed in linux-azure (Ubuntu Jammy):
status:	New → Invalid
Changed in linux-azure-5.19 (Ubuntu Lunar):
status:	New → Invalid

Tim Gardner (timg-tpi) on 2023-04-19

description:

updated

Tim Gardner (timg-tpi) on 2023-04-19

Changed in linux-azure (Ubuntu Kinetic):
status:	In Progress → Fix Committed
Changed in linux-azure (Ubuntu Lunar):
status:	In Progress → Fix Committed
Changed in linux-azure-5.19 (Ubuntu Jammy):
status:	In Progress → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2023-04-25:

#1

This bug was fixed in the package linux-azure-5.19 - 5.19.0-1025.28~22.04.1

---------------
linux-azure-5.19 (5.19.0-1025.28~22.04.1) jammy; urgency=medium

* jammy/linux-azure-5.19: 5.19.0-1025.28~22.04.1 -proposed tracker
(LP: #2016635)

* CVE-2023-1829
- [Config]: Make sure CONFIG_NET_CLS_TCINDEX is not available

[ Ubuntu: 5.19.0-1025.28 ]

  * kinetic/linux-azure: 5.19.0-1025.28 -proposed tracker (LP: #2016636)
  * CVE-2023-1829
    - [Config]: Make sure CONFIG_NET_CLS_TCINDEX is not available
  * Azure: Build-in TDX guest driver (LP: #2016995)
    - [Config] Azure: Build in TDX guest driver
  * kinetic/linux: 5.19.0-41.42 -proposed tracker (LP: #2016651)
  * CVE-2023-1829
    - net/sched: Retire tcindex classifier
    - [Config]: Make sure CONFIG_NET_CLS_TCINDEX is not available
  * CVE-2023-0386
    - ovl: fail on invalid uid/gid mapping at copy up

-- Thadeu Lima de Souza Cascardo <email address hidden> Thu, 20 Apr 2023 16:23:56 -0300

Changed in linux-azure-5.19 (Ubuntu Jammy):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2023-04-25:

#2

This bug was fixed in the package linux-azure - 5.19.0-1025.28

---------------
linux-azure (5.19.0-1025.28) kinetic; urgency=medium

* kinetic/linux-azure: 5.19.0-1025.28 -proposed tracker (LP: #2016636)

* CVE-2023-1829
- [Config]: Make sure CONFIG_NET_CLS_TCINDEX is not available

* Azure: Build-in TDX guest driver (LP: #2016995)
- [Config] Azure: Build in TDX guest driver

[ Ubuntu: 5.19.0-41.42 ]

  * kinetic/linux: 5.19.0-41.42 -proposed tracker (LP: #2016651)
  * CVE-2023-1829
    - net/sched: Retire tcindex classifier
    - [Config]: Make sure CONFIG_NET_CLS_TCINDEX is not available
  * CVE-2023-0386
    - ovl: fail on invalid uid/gid mapping at copy up

-- Thadeu Lima de Souza Cascardo <email address hidden> Thu, 20 Apr 2023 14:41:27 -0300

Changed in linux-azure (Ubuntu Kinetic):
status:	Fix Committed → Fix Released

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-04-25:

#3

This bug is awaiting verification that the linux-azure/5.19.0-1026.29 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-kinetic' to 'verification-done-kinetic'. If the problem still exists, change the tag 'verification-needed-kinetic' to 'verification-failed-kinetic'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-kinetic-linux-azure verification-needed-kinetic

Tim Gardner (timg-tpi) on 2023-05-01

tags:

added: verification-done-kinetic
removed: verification-needed-kinetic

Revision history for this message

Launchpad Janitor (janitor) wrote on 2023-06-21:

#4

Download full text (74.4 KiB)

This bug was fixed in the package linux-azure - 6.2.0-1005.5

---------------
linux-azure (6.2.0-1005.5) lunar; urgency=medium

* lunar/linux-azure: 6.2.0-1005.5 -proposed tracker (LP: #2019837)

  * Kernel 6.1 bumped the disk consumption on default images by 15%
    (LP: #2015867)
    - [Packaging] azure: introduce a separate linux-lib-rust package

  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
    - [Packaging] resync getabis
    - debian/dkms-versions -- update from kernel-versions (main/master)

  * Azure: Add PCI pass-thru support to Hyper-V Confidential VMs (LP: #2015369)
    - x86/hyperv: Reorder code to facilitate future work
    - Drivers: hv: Explicitly request decrypted in vmap_pfn() calls
    - x86/mm: Handle decryption/re-encryption of bss_decrypted consistently
    - init: Call mem_encrypt_init() after Hyper-V hypercall init is done
    - x86/hyperv: Change vTOM handling to use standard coco mechanisms
    - swiotlb: Remove bounce buffer remapping for Hyper-V
    - Drivers: hv: vmbus: Remove second mapping of VMBus monitor pages
    - SAUCE: Drivers: hv: vmbus: Revert Dexuan's changes to hv_ringbuffer_init()
    - Drivers: hv: vmbus: Remove second way of mapping ring buffers
    - hv_netvsc: Remove second mapping of send and recv buffers
    - x86/hyperv: Block root partition functionality in a Confidential VM
    - x86/hyperv: Add support for detecting nested hypervisor
    - Drivers: hv: Setup synic registers in case of nested root partition
    - x86/hyperv: Add an interface to do nested hypercalls
    - Drivers: hv: Enable vmbus driver for nested root partition
    - Drivers: hv: Don't remap addresses that are above shared_gpa_boundary
    - PCI: hv: Enable PCI pass-thru devices in Confidential VMs
    - SAUCE: Drivers: hv: vmbus: Hardcode MMIO resources in vmbus_walk_resources()
      when necessary
    - SAUCE: x86/hyperv: Support hypercalls for TDX guests (part 2)
    - Drivers: hv: vmbus: Remove the per-CPU post_msg_page
    - PCI: hv: Replace retarget_msi_interrupt_params with hyperv_pcpu_input_arg
    - x86/hyperv: Fix hyperv_pcpu_input_arg handling when CPUs go online/offline
    - arm64/hyperv: Use CPUHP_AP_HYPERV_ONLINE state to fix CPU online sequencing

  * Azure: Enable MANA Jumbo Frame Support reprise (LP: #2018593)
    - net: mana: Rename mana_refill_rxoob and remove some empty lines
    - net: mana: Check if netdev/napi_alloc_frag returns single page

  * Azure: Enable MANA Jumbo Frame Support (LP: #2016898)
    - net: mana: Use napi_build_skb in RX path
    - net: mana: Refactor RX buffer allocation code to prepare for various MTU
    - net: mana: Enable RX path to handle various MTU sizes
    - net: mana: Add support for jumbo frame

* Azure: Build-in TDX guest driver (LP: #2016995)
- [Config] Azure: Build in TDX guest driver

[ Ubuntu: 6.2.0-23.23 ]

  * lunar/linux: 6.2.0-23.23 -proposed tracker (LP: #2019845)
  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
    - debian/dkms-versions -- update from kernel-versions (main/2023.05.15)
  * Fix flicker display problem on some panels which support PSR2 (LP: #2002968)
    - drm/i915/psr: Add cont...

This bug was fixed in the package linux-azure - 6.2.0-1005.5

---------------
linux-azure (6.2.0-1005.5) lunar; urgency=medium

* lunar/linux-azure: 6.2.0-1005.5 -proposed tracker (LP: #2019837)

* Kernel 6.1 bumped the disk consumption on default images by 15%
    (LP: #2015867)
    - [Packaging] azure: introduce a separate linux-lib-rust package

* Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
    - [Packaging] resync getabis
    - debian/dkms-versions -- update from kernel-versions (main/master)

* Azure: Add PCI pass-thru support to Hyper-V Confidential VMs (LP: #2015369)
    - x86/hyperv: Reorder code to facilitate future work
    - Drivers: hv: Explicitly request decrypted in vmap_pfn() calls
    - x86/mm: Handle decryption/re-encryption of bss_decrypted consistently
    - init: Call mem_encrypt_init() after Hyper-V hypercall init is done
    - x86/hyperv: Change vTOM handling to use standard coco mechanisms
    - swiotlb: Remove bounce buffer remapping for Hyper-V
    - Drivers: hv: vmbus: Remove second mapping of VMBus monitor pages
    - SAUCE: Drivers: hv: vmbus: Revert Dexuan's changes to hv_ringbuffer_init()
    - Drivers: hv: vmbus: Remove second way of mapping ring buffers
    - hv_netvsc: Remove second mapping of send and recv buffers
    - x86/hyperv: Block root partition functionality in a Confidential VM
    - x86/hyperv: Add support for detecting nested hypervisor
    - Drivers: hv: Setup synic registers in case of nested root partition
    - x86/hyperv: Add an interface to do nested hypercalls
    - Drivers: hv: Enable vmbus driver for nested root partition
    - Drivers: hv: Don't remap addresses that are above shared_gpa_boundary
    - PCI: hv: Enable PCI pass-thru devices in Confidential VMs
    - SAUCE: Drivers: hv: vmbus: Hardcode MMIO resources in vmbus_walk_resources()
      when necessary
    - SAUCE: x86/hyperv: Support hypercalls for TDX guests (part 2)
    - Drivers: hv: vmbus: Remove the per-CPU post_msg_page
    - PCI: hv: Replace retarget_msi_interrupt_params with hyperv_pcpu_input_arg
    - x86/hyperv: Fix hyperv_pcpu_input_arg handling when CPUs go online/offline
    - arm64/hyperv: Use CPUHP_AP_HYPERV_ONLINE state to fix CPU online sequencing

* Azure: Enable MANA Jumbo Frame Support reprise (LP: #2018593)
    - net: mana: Rename mana_refill_rxoob and remove some empty lines
    - net: mana: Check if netdev/napi_alloc_frag returns single page

* Azure: Enable MANA Jumbo Frame Support (LP: #2016898)
    - net: mana: Use napi_build_skb in RX path
    - net: mana: Refactor RX buffer allocation code to prepare for various MTU
    - net: mana: Enable RX path to handle various MTU sizes
    - net: mana: Add support for jumbo frame

* Azure: Build-in TDX guest driver (LP: #2016995)
    - [Config] Azure: Build in TDX guest driver

[ Ubuntu: 6.2.0-23.23 ]

* lunar/linux: 6.2.0-23.23 -proposed tracker (LP: #2019845)
  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
    - debian/dkms-versions -- update from kernel-versions (main/2023.05.15)
  * Fix flicker display problem on some panels which support PSR2 (LP: #2002968)
    - drm/i915/psr: Add continuous full frame bit together with single
  * Kernel 6.1 bumped the disk consumption on default images by 15%
    (LP: #2015867)
    - [Packaging] introduce a separate linux-lib-rust package
  * Update I915 PSR calculation on Linux 6.2 (LP: #2018655)
    - drm/i915: Fix fast wake AUX sync len
    - drm/i915: Explain the magic numbers for AUX SYNC/precharge length
  * Computer with Intel Atom CPU will  not boot with Kernel 6.2.0-20
    (LP: #2017444)
    - [Config]: Disable CONFIG_INTEL_ATOMISP
  * udev fails to make prctl() syscall with apparmor=0 (as used by maas by
    default) (LP: #2016908)
    - SAUCE: (no-up) Stacking v38: Fix prctl() syscall with apparmor=0
  * CVE-2023-32233
    - netfilter: nf_tables: deactivate anonymous set from preparation phase
  * CVE-2023-2612
    - SAUCE: shiftfs: prevent lock unbalance in shiftfs_create_object()
  * CVE-2023-31436
    - net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
  * CVE-2023-1380
    - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
  * 5.19 not reporting cgroups v1 blkio.throttle.io_serviced  (LP: #2016186)
    - SAUCE: blk-throttle: Fix io statistics for cgroup v1
  * LSM stacking and AppArmor for 6.2: additional fixes (LP: #2017903)
    - SAUCE: (no-up) apparmor: fix policy_compat perms remap for file dfa
    - SAUCE: (no-up) apparmor: fix profile verification and enable it
    - SAUCE: (no-up) apparmor: fix: add missing failure check in
      compute_xmatch_perms
    - SAUCE: (no-up) apparmor: fix: kzalloc perms tables for shared dfas
  * Lunar update: v6.2.12 upstream stable release (LP: #2017219)
    - Revert "pinctrl: amd: Disable and mask interrupts on resume"
    - drm/amd/display: Pass the right info to drm_dp_remove_payload
    - drm/i915: Workaround ICL CSC_MODE sticky arming
    - ALSA: emu10k1: fix capture interrupt handler unlinking
    - ALSA: hda/sigmatel: add pin overrides for Intel DP45SG motherboard
    - ALSA: i2c/cs8427: fix iec958 mixer control deactivation
    - ALSA: hda: patch_realtek: add quirk for Asus N7601ZM
    - ALSA: hda/realtek: Add quirks for Lenovo Z13/Z16 Gen2
    - ALSA: firewire-tascam: add missing unwind goto in
      snd_tscm_stream_start_duplex()
    - ALSA: emu10k1: don't create old pass-through playback device on Audigy
    - ALSA: hda/sigmatel: fix S/PDIF out on Intel D*45* motherboards
    - ALSA: hda/hdmi: disable KAE for Intel DG2
    - Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp}
    - Bluetooth: Fix race condition in hidp_session_thread
    - bluetooth: btbcm: Fix logic error in forming the board name.
    - Bluetooth: Free potentially unfreed SCO connection
    - Bluetooth: hci_conn: Fix possible UAF
    - btrfs: restore the thread_pool= behavior in remount for the end I/O
      workqueues
    - btrfs: fix fast csum implementation detection
    - fbmem: Reject FB_ACTIVATE_KD_TEXT from userspace
    - mtdblock: tolerate corrected bit-flips
    - mtd: rawnand: meson: fix bitmask for length in command word
    - mtd: rawnand: stm32_fmc2: remove unsupported EDO mode
    - mtd: rawnand: stm32_fmc2: use timings.mode instead of checking tRC_min
    - KVM: arm64: PMU: Restore the guest's EL0 event counting after migration
    - fbcon: Fix error paths in set_con2fb_map
    - fbcon: set_con2fb_map needs to set con2fb_map!
    - drm/i915/dsi: fix DSS CTL register offsets for TGL+
    - io_uring: complete request via task work in case of DEFER_TASKRUN
    - clk: sprd: set max_register according to mapping range
    - RDMA/irdma: Do not generate SW completions for NOPs
    - RDMA/irdma: Fix memory leak of PBLE objects
    - RDMA/irdma: Increase iWARP CM default rexmit count
    - RDMA/irdma: Add ipv4 check to irdma_find_listener()
    - IB/mlx5: Add support for 400G_8X lane speed
    - RDMA/erdma: Fix some typos
    - RDMA/erdma: Update default EQ depth to 4096 and max_send_wr to 8192
    - RDMA/erdma: Inline mtt entries into WQE if supported
    - RDMA/erdma: Defer probing if netdevice can not be found
    - clk: rs9: Fix suspend/resume
    - RDMA/cma: Allow UD qp_type to join multicast only
    - bpf: tcp: Use sock_gen_put instead of sock_put in bpf_iter_tcp
    - LoongArch, bpf: Fix jit to skip speculation barrier opcode
    - dmaengine: apple-admac: Handle 'global' interrupt flags
    - dmaengine: apple-admac: Set src_addr_widths capability
    - dmaengine: apple-admac: Fix 'current_tx' not getting freed
    - 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race
      condition
    - bpf, arm64: Fixed a BTI error on returning to patched function
    - KVM: arm64: Advertise ID_AA64PFR0_EL1.CSV2/3 to protected VMs
    - niu: Fix missing unwind goto in niu_alloc_channels()
    - tcp: restrict net.ipv4.tcp_app_win
    - bonding: fix ns validation on backup slaves
    - iavf: refactor VLAN filter states
    - iavf: remove active_cvlans and active_svlans bitmaps
    - net: openvswitch: fix race on port output
    - Bluetooth: hci_conn: Fix not cleaning up on LE Connection failure
    - Bluetooth: Fix printing errors if LE Connection times out
    - Bluetooth: SCO: Fix possible circular locking dependency sco_sock_getsockopt
    - Bluetooth: Set ISO Data Path on broadcast sink
    - drm/nouveau/fb: add missing sysmen flush callbacks
    - drm/armada: Fix a potential double free in an error handling path
    - qlcnic: check pci_reset_function result
    - smc: Fix use-after-free in tcp_write_timer_handler().
    - net: wwan: iosm: Fix error handling path in ipc_pcie_probe()
    - cgroup,freezer: hold cpu_hotplug_lock before freezer_mutex
    - rtnetlink: Restore RTM_NEW/DELLINK notification behavior
    - net: qrtr: Fix an uninit variable access bug in qrtr_tx_resume()
    - sctp: fix a potential overflow in sctp_ifwdtsn_skip
    - RDMA/core: Fix GID entry ref leak when create_ah fails
    - selftests: openvswitch: adjust datapath NL message declaration
    - udp6: fix potential access to stale information
    - selftests: add the missing CONFIG_IP_SCTP in net config
    - net: macb: fix a memory corruption in extended buffer descriptor mode
    - skbuff: Fix a race between coalescing and releasing SKBs
    - ARM: 9290/1: uaccess: Fix KASAN false-positives
    - ARM: dts: qcom: apq8026-lg-lenok: add missing reserved memory
    - arm64: dts: qcom: sa8540p-ride: correct name of remoteproc_nsp0 firmware
    - power: supply: rk817: Fix unsigned comparison with less than zero
    - power: supply: cros_usbpd: reclassify "default case!" as debug
    - power: supply: axp288_fuel_gauge: Added check for negative values
    - selftests/bpf: Fix progs/find_vma_fail1.c build error.
    - wifi: mwifiex: mark OF related data as maybe unused
    - i2c: imx-lpi2c: clean rx/tx buffers upon new message
    - i2c: hisi: Avoid redundant interrupts
    - efi: sysfb_efi: Add quirk for Lenovo Yoga Book X91F/L
    - block: ublk_drv: mark device as LIVE before adding disk
    - ACPI: video: Add backlight=native DMI quirk for Acer Aspire 3830TG
    - drm: panel-orientation-quirks: Add quirk for Lenovo Yoga Book X90F
    - hwmon: (peci/cputemp) Fix miscalculated DTS for SKX
    - hwmon: (xgene) Fix ioremap and memremap leak
    - verify_pefile: relax wrapper length check
    - asymmetric_keys: log on fatal failures in PE/pkcs7
    - nvme: send Identify with CNS 06h only to I/O controllers
    - wifi: iwlwifi: mvm: fix mvmtxq->stopped handling
    - wifi: iwlwifi: mvm: protect TXQ list manipulation
    - drm/amdgpu: add mes resume when do gfx post soft reset
    - drm/amdgpu: Force signal hw_fences that are embedded in non-sched jobs
    - drm/amdgpu/gfx: set cg flags to enter/exit safe mode
    - ACPI: resource: Add Medion S17413 to IRQ override quirk
    - tracing: Add trace_array_puts() to write into instance
    - tracing: Have tracing_snapshot_instance_cond() write errors to the
      appropriate instance
    - maple_tree: fix write memory barrier of nodes once dead for RCU mode
    - ksmbd: avoid out of bounds access in decode_preauth_ctxt()
    - riscv: add icache flush for nommu sigreturn trampoline
    - HID: intel-ish-hid: Fix kernel panic during warm reset
    - net: sfp: initialize sfp->i2c_block_size at sfp allocation
    - net: phy: nxp-c45-tja11xx: add remove callback
    - net: phy: nxp-c45-tja11xx: fix unsigned long multiplication overflow
    - scsi: ses: Handle enclosure with just a primary component gracefully
    - thermal: intel: Avoid updating unsupported THERM_STATUS_CLEAR mask bits
    - drm/amd/pm: correct the pcie link state check for SMU13
    - PCI: Fix use-after-free in pci_bus_release_domain_nr()
    - PCI/MSI: Provide missing stub for pci_msix_can_alloc_dyn()
    - x86/PCI: Add quirk for AMD XHCI controller that loses MSI-X state in D3hot
    - cgroup: fix display of forceidle time at root
    - cgroup/cpuset: Fix partition root's cpuset.cpus update bug
    - cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach()
    - cgroup/cpuset: Make cpuset_fork() handle CLONE_INTO_CGROUP properly
    - cgroup/cpuset: Add cpuset_can_fork() and cpuset_cancel_fork() methods
    - drm/amd/pm: correct SMU13.0.7 pstate profiling clock settings
    - drm/amd/pm: correct SMU13.0.7 max shader clock reporting
    - mptcp: use mptcp_schedule_work instead of open-coding it
    - mptcp: stricter state check in mptcp_worker
    - mptcp: fix NULL pointer dereference on fastopen early fallback
    - selftests: mptcp: userspace pm: uniform verify events
    - ubi: Fix failure attaching when vid_hdr offset equals to (sub)page size
    - ubi: Fix deadlock caused by recursively holding work_sem
    - i2c: mchp-pci1xxxx: Update Timing registers
    - powerpc/papr_scm: Update the NUMA distance table for the target node
    - sched/fair: Fix imbalance overflow
    - x86/rtc: Remove __init for runtime functions
    - i2c: ocores: generate stop condition after timeout in polling mode
    - cifs: fix negotiate context parsing
    - nvme-pci: mark Lexar NM760 as IGNORE_DEV_SUBNQN
    - nvme-pci: add NVME_QUIRK_BOGUS_NID for T-FORCE Z330 SSD
    - Linux 6.2.12
  * RFC: virtio and virtio-scsi should be built in (LP: #1685291)
    - [Config] Mark CONFIG_SCSI_VIRTIO built-in
  * Dell: Enable speaker mute hotkey LED indicator (LP: #2015972)
    - platform/x86: dell-laptop: Register ctl-led for speaker-mute
  * Debian autoreconstruct Fix restoration of execute permissions (LP: #2015498)
    - [Debian] autoreconstruct - fix restoration of execute permissions
  * Lost display on built-in monitor after suspend (LP: #2001599)
    - drm/i915: Generalize the PPS vlv_pipe_check() stuff
    - drm/i915: Try to use the correct power sequencer intiially on bxt/glk
    - drm/i915: Extend dual PPS handlind for ICP+
    - drm/i915: Reject unusable power sequencers
    - drm/i915: Print the PPS registers using consistent format
    - drm/i915: Fix whitespace
    - drm/i915: Improve PPS debugs
  * [SRU][Jammy] CONFIG_PCI_MESON is not enabled (LP: #2007745)
    - [Config] arm64: Enable PCI_MESON module
  * sched: cpumask: improve on cpumask_local_spread() locality (LP: #2008824)
    - lib/find: introduce find_nth_and_andnot_bit
    - cpumask: introduce cpumask_nth_and_andnot
    - sched: add sched_numa_find_nth_cpu()
    - cpumask: improve on cpumask_local_spread() locality
    - lib/cpumask: reorganize cpumask_local_spread() logic
    - sched/topology: Introduce sched_numa_hop_mask()
    - sched/topology: Introduce for_each_numa_hop_mask()
    - net/mlx5e: Improve remote NUMA preferences used for the IRQ affinity hints
    - lib/cpumask: update comment for cpumask_local_spread()
    - sched/topology: fix KASAN warning in hop_cmp()
  * Fix E-star testing failure with RTK 8852BE  (LP: #2012019)
    - wifi: rtw89: 8852be: enable CLKREQ of PCI capability
    - wifi: rtw89: release RX standby timer of beamformee CSI to save power
  * vmd may fail to create sysfs entry while `pci_rescan_bus()` called in some
    other drivers like wwan (LP: #2011389)
    - SAUCE: PCI: vmd: guard device addition and removal
  * Lunar update: v6.2.11 upstream stable release (LP: #2016879)
    - dm cache: Add some documentation to dm-cache-background-tracker.h
    - dm integrity: Remove bi_sector that's only used by commented debug code
    - dm: change "unsigned" to "unsigned int"
    - dm: fix improper splitting for abnormal bios
    - drm/i915: Move the DSB setup/cleaup into the color code
    - drm/i915: Add a .color_post_update() hook
    - gpio: GPIO_REGMAP: select REGMAP instead of depending on it
    - Drivers: vmbus: Check for channel allocation before looking up relids
    - ASoC: SOF: ipc4: Ensure DSP is in D0I0 during sof_ipc4_set_get_data()
    - pwm: hibvt: Explicitly set .polarity in .get_state()
    - pwm: cros-ec: Explicitly set .polarity in .get_state()
    - pwm: iqs620a: Explicitly set .polarity in .get_state()
    - pwm: sprd: Explicitly set .polarity in .get_state()
    - pwm: meson: Explicitly set .polarity in .get_state()
    - ASoC: codecs: lpass: fix the order or clks turn off during suspend
    - KVM: s390: pv: fix external interruption loop not always detected
    - wifi: mac80211: fix the size calculation of ieee80211_ie_len_eht_cap()
    - wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded
      sta
    - net: qrtr: Fix a refcount bug in qrtr_recvmsg()
    - net: phylink: add phylink_expects_phy() method
    - net: stmmac: check if MAC needs to attach to a PHY
    - net: stmmac: remove redundant fixup to support fixed-link mode
    - wifi: brcmfmac: Fix SDIO suspend/resume regression
    - NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL
    - nfsd: call op_release, even when op_func returns an error
    - icmp: guard against too small mtu
    - ALSA: hda/hdmi: Preserve the previous PCM device upon re-enablement
    - net: don't let netpoll invoke NAPI if in xmit context
    - net: dsa: mv88e6xxx: Reset mv88e6393x force WD event bit
    - net: ethernet: mtk_eth_soc: fix remaining throughput regression
    - sctp: check send stream number after wait_for_sndbuf
    - drm/i915/huc: Cancel HuC delayed load timer on reset.
    - net: qrtr: Do not do DEL_SERVER broadcast after DEL_CLIENT
    - ipv6: Fix an uninit variable access bug in __ip6_make_skb()
    - platform/x86: think-lmi: Fix memory leak when showing current settings
    - platform/x86: think-lmi: Fix memory leaks when parsing ThinkStation WMI
      strings
    - platform/x86: think-lmi: Clean up display of current_value on Thinkstation
    - gpio: davinci: Do not clear the bank intr enable bit in save_context
    - gpio: davinci: Add irq chip flag to skip set wake
    - net: ethernet: ti: am65-cpsw: Fix mdio cleanup in probe
    - net: stmmac: fix up RX flow hash indirection table when setting channels
    - sunrpc: only free unix grouplist after RCU settles
    - NFSD: callback request does not use correct credential for AUTH_SYS
    - ice: fix wrong fallback logic for FDIR
    - ice: Reset FDIR counter in FDIR init stage
    - raw: use net_hash_mix() in hash function
    - raw: Fix NULL deref in raw_get_next().
    - ping: Fix potentail NULL deref for /proc/net/icmp.
    - ethtool: reset #lanes when lanes is omitted
    - netlink: annotate lockless accesses to nlk->max_recvmsg_len
    - gve: Secure enough bytes in the first TX desc for all TCP pkts
    - arm64: compat: Work around uninitialized variable warning
    - net: stmmac: check fwnode for phy device before scanning for phy
    - cxl/pci: Fix CDAT retrieval on big endian
    - cxl/pci: Handle truncated CDAT header
    - cxl/pci: Handle truncated CDAT entries
    - cxl/pci: Handle excessive CDAT length
    - PCI/DOE: Silence WARN splat with CONFIG_DEBUG_OBJECTS=y
    - PCI/DOE: Fix memory leak with CONFIG_DEBUG_OBJECTS=y
    - Revert "usb: xhci-pci: Set PROBE_PREFER_ASYNCHRONOUS"
    - usb: xhci: tegra: fix sleep in atomic call
    - xhci: Free the command allocated for setting LPM if we return early
    - xhci: also avoid the XHCI_ZERO_64B_REGS quirk with a passthrough iommu
    - usb: cdnsp: Fixes error: uninitialized symbol 'len'
    - usb: dwc3: pci: add support for the Intel Meteor Lake-S
    - USB: serial: cp210x: add Silicon Labs IFS-USB-DATACABLE IDs
    - usb: typec: altmodes/displayport: Fix configure initial pin assignment
    - USB: serial: option: add Telit FE990 compositions
    - USB: serial: option: add Quectel RM500U-CN modem
    - drivers: iio: adc: ltc2497: fix LSB shift
    - iio: adis16480: select CONFIG_CRC32
    - iio: adc: qcom-spmi-adc5: Fix the channel name
    - iio: adc: ti-ads7950: Set `can_sleep` flag for GPIO chip
    - iio: dac: cio-dac: Fix max DAC write value check for 12-bit
    - iio: adc: max11410: fix read_poll_timeout() usage
    - iio: accel: kionix-kx022a: Get the timestamp from the driver's private data
      in the trigger_handler
    - iio: buffer: correctly return bytes written in output buffers
    - iio: buffer: make sure O_NONBLOCK is respected
    - iio: light: cm32181: Unregister second I2C client if present
    - iio: light: vcnl4000: Fix WARN_ON on uninitialized lock
    - tty: serial: sh-sci: Fix transmit end interrupt handler
    - tty: serial: sh-sci: Fix Rx on RZ/G2L SCI
    - tty: serial: fsl_lpuart: avoid checking for transfer complete when
      UARTCTRL_SBK is asserted in lpuart32_tx_empty
    - tty: serial: fsl_lpuart: fix crash in lpuart_uport_is_active
    - nilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread()
    - nilfs2: fix sysfs interface lifetime
    - fsdax: dedupe should compare the min of two iters' length
    - fsdax: unshare: zero destination if srcmap is HOLE or UNWRITTEN
    - fsdax: force clear dirty mark if CoW
    - dt-bindings: serial: renesas,scif: Fix 4th IRQ for 4-IRQ SCIFs
    - serial: 8250: Prevent starting up DMA Rx on THRI interrupt
    - ksmbd: do not call kvmalloc() with __GFP_NORETRY | __GFP_NO_WARN
    - ksmbd: fix slab-out-of-bounds in init_smb2_rsp_hdr
    - ALSA: hda/realtek: Add quirk for Clevo X370SNW
    - ALSA: hda/realtek: fix mute/micmute LEDs for a HP ProBook
    - x86/acpi/boot: Correct acpi_is_processor_usable() check
    - x86/ACPI/boot: Use FADT version to check support for online capable
    - KVM: x86: Clear "has_error_code", not "error_code", for RM exception
      injection
    - KVM: nVMX: Do not report error code when synthesizing VM-Exit from Real Mode
    - KVM: SVM: Flush Hyper-V TLB when required
    - mm: kfence: fix PG_slab and memcg_data clearing
    - mm: kfence: fix handling discontiguous page
    - coresight: etm4x: Do not access TRCIDR1 for identification
    - coresight-etm4: Fix for() loop drvdata->nr_addr_cmp range bug
    - counter: 104-quad-8: Fix race condition between FLAG and CNTR reads
    - counter: 104-quad-8: Fix Synapse action reported for Index signals
    - blk-mq: directly poll requests
    - ftrace: Mark get_lock_parent_ip() __always_inline
    - ftrace: Fix issue that 'direct->addr' not restored in modify_ftrace_direct()
    - fs: drop peer group ids under namespace lock
    - can: j1939: j1939_tp_tx_dat_new(): fix out-of-bounds memory access
    - can: isotp: fix race between isotp_sendsmg() and isotp_release()
    - can: isotp: isotp_ops: fix poll() to not report false EPOLLOUT events
    - can: isotp: isotp_recvmsg(): use sock_recv_cmsgs() to get SOCK_RXQ_OVFL
      infos
    - ACPI: video: Add auto_detect arg to __acpi_video_get_backlight_type()
    - ACPI: video: Make acpi_backlight=video work independent from GPU driver
    - ACPI: video: Add acpi_backlight=video quirk for Apple iMac14,1 and iMac14,2
    - ACPI: video: Add acpi_backlight=video quirk for Lenovo ThinkPad W530
    - net: stmmac: Add queue reset into stmmac_xdp_open() function
    - tracing/synthetic: Fix races on freeing last_cmd
    - tracing/timerlat: Notify new max thread latency
    - tracing/osnoise: Fix notify new tracing_max_latency
    - tracing: Free error logs of tracing instances
    - iommufd: Check for uptr overflow
    - iommufd: Fix unpinning of pages when an access is present
    - iommufd: Do not corrupt the pfn list when doing batch carry
    - ASoC: hdac_hdmi: use set_stream() instead of set_tdm_slots()
    - ASoC: SOF: avoid a NULL dereference with unsupported widgets
    - iio: adc: ad7791: fix IRQ flags
    - io_uring: fix return value when removing provided buffers
    - io_uring: fix memory leak when removing provided buffers
    - scsi: qla2xxx: Fix memory leak in qla2x00_probe_one()
    - scsi: iscsi_tcp: Check that sock is valid before iscsi_set_param()
    - nvme: fix discard support without oncs
    - cifs: sanitize paths in cifs_update_super_prepath.
    - block: ublk: make sure that block size is set correctly
    - block: don't set GD_NEED_PART_SCAN if scan partition failed
    - perf: Optimize perf_pmu_migrate_context()
    - perf/core: Fix the same task check in perf_event_set_output
    - tracing/synthetic: Make lastcmd_mutex static
    - zsmalloc: document freeable stats
    - mm: vmalloc: avoid warn_alloc noise caused by fatal signal
    - wifi: mt76: mt7921: fix fw used for offload check for mt7922
    - wifi: mt76: ignore key disable commands
    - ublk: read any SQE values upfront
    - drm/panfrost: Fix the panfrost_mmu_map_fault_addr() error path
    - drm/nouveau/disp: Support more modes by checking with lower bpc
    - drm/i915: Fix context runtime accounting
    - drm/i915: fix race condition UAF in i915_perf_add_config_ioctl
    - ring-buffer: Fix race while reader and writer are on the same page
    - mm/swap: fix swap_info_struct race between swapoff and get_swap_pages()
    - mm/hugetlb: fix uffd wr-protection for CoW optimization path
    - maple_tree: fix get wrong data_end in mtree_lookup_walk()
    - maple_tree: fix a potential concurrency bug in RCU mode
    - drm/amd/display: Clear MST topology if it fails to resume
    - drm/amdgpu: for S0ix, skip SDMA 5.x+ suspend/resume
    - drm/amdgpu: skip psp suspend for IMU enabled ASICs mode2 reset
    - drm/bridge: lt9611: Fix PLL being unable to lock
    - mm: take a page reference when removing device exclusive entries
    - maple_tree: remove GFP_ZERO from kmem_cache_alloc() and
      kmem_cache_alloc_bulk()
    - maple_tree: fix potential rcu issue
    - maple_tree: reduce user error potential
    - maple_tree: fix handle of invalidated state in mas_wr_store_setup()
    - maple_tree: fix mas_prev() and mas_find() state handling
    - maple_tree: be more cautious about dead nodes
    - maple_tree: refine ma_state init from mas_start()
    - maple_tree: detect dead nodes in mas_start()
    - maple_tree: fix freeing of nodes in rcu mode
    - maple_tree: remove extra smp_wmb() from mas_dead_leaves()
    - maple_tree: add smp_rmb() to dead node detection
    - maple_tree: add RCU lock checking to rcu callback functions
    - mm: enable maple tree RCU mode by default.
    - Linux 6.2.11
  * Lunar update: v6.2.10 upstream stable release (LP: #2016878)
    - thunderbolt: Limit USB3 bandwidth of certain Intel USB4 host routers
    - cifs: update ip_addr for ses only for primary chan setup
    - cifs: prevent data race in cifs_reconnect_tcon()
    - cifs: avoid race conditions with parallel reconnects
    - zonefs: Reorganize code
    - zonefs: Simplify IO error handling
    - zonefs: Reduce struct zonefs_inode_info size
    - zonefs: Separate zone information from inode information
    - zonefs: Fix error message in zonefs_file_dio_append()
    - btrfs: rename BTRFS_FS_NO_OVERCOMMIT to BTRFS_FS_ACTIVE_ZONE_TRACKING
    - btrfs: zoned: count fresh BG region as zone unusable
    - btrfs: zoned: drop space_info->active_total_bytes
    - fsverity: don't drop pagecache at end of FS_IOC_ENABLE_VERITY
    - cifs: fix missing unload_nls() in smb2_reconnect()
    - xfrm: Zero padding when dumping algos and encap
    - ASoC: codecs: tx-macro: Fix for KASAN: slab-out-of-bounds
    - ASoC: Intel: avs: max98357a: Explicitly define codec format
    - ASoC: Intel: avs: da7219: Explicitly define codec format
    - ASoC: Intel: avs: rt5682: Explicitly define codec format
    - ASoC: Intel: avs: ssm4567: Remove nau8825 bits
    - ASoC: Intel: avs: nau8825: Adjust clock control
    - lib: zstd: Backport fix for in-place decompression
    - zstd: Fix definition of assert()
    - ACPI: video: Add backlight=native DMI quirk for Dell Vostro 15 3535
    - ACPI: x86: Introduce an acpi_quirk_skip_gpio_event_handlers() helper
    - ACPI: x86: Add skip i2c clients quirk for Acer Iconia One 7 B1-750
    - ACPI: x86: Add skip i2c clients quirk for Lenovo Yoga Book X90
    - ASoC: SOF: ipc3: Check for upper size limit for the received message
    - ASoC: SOF: ipc4-topology: Fix incorrect sample rate print unit
    - ASoC: SOF: Intel: pci-tng: revert invalid bar size setting
    - ASoC: SOF: Intel: hda-dsp: harden D0i3 programming sequence
    - ASoC: SOF: Intel: hda-ctrl: re-add sleep after entering and exiting reset
    - ASoC: SOF: IPC4: update gain ipc msg definition to align with fw
    - ASoC: hdmi-codec: only startup/shutdown on supported streams
    - wifi: mac80211: check basic rates validity
    - md: avoid signed overflow in slot_store()
    - x86/PVH: obtain VGA console info in Dom0
    - drm/amdkfd: Fix BO offset for multi-VMA page migration
    - drm/amdkfd: fix a potential double free in pqm_create_queue
    - drm/amdgpu/vcn: custom video info caps for sriov
    - drm/amdkfd: fix potential kgd_mem UAFs
    - drm/amd/display: Fix HDCP failing to enable after suspend
    - net: hsr: Don't log netdev_err message on unknown prp dst node
    - ALSA: asihpi: check pao in control_message()
    - ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set()
    - fbdev: tgafb: Fix potential divide by zero
    - ACPI: tools: pfrut: Check if the input of level and type is in the right
      numeric range
    - sched_getaffinity: don't assume 'cpumask_size()' is fully initialized
    - nvme-pci: fixing memory leak in probe teardown path
    - nvme-pci: add NVME_QUIRK_BOGUS_NID for Lexar NM620
    - drm/amdkfd: Fixed kfd_process cleanup on module exit.
    - net/mlx5e: Lower maximum allowed MTU in XSK to match XDP prerequisites
    - fbdev: nvidia: Fix potential divide by zero
    - fbdev: intelfb: Fix potential divide by zero
    - fbdev: lxfb: Fix potential divide by zero
    - fbdev: au1200fb: Fix potential divide by zero
    - tools/power turbostat: Fix /dev/cpu_dma_latency warnings
    - tools/power turbostat: fix decoding of HWP_STATUS
    - tracing: Fix wrong return in kprobe_event_gen_test.c
    - btrfs: fix uninitialized variable warning in btrfs_update_block_group
    - btrfs: use temporary variable for space_info in btrfs_update_block_group
    - mtd: rawnand: meson: initialize struct with zeroes
    - mtd: nand: mxic-ecc: Fix mxic_ecc_data_xfer_wait_for_completion() when irq
      is used
    - ca8210: Fix unsigned mac_len comparison with zero in ca8210_skb_tx()
    - riscv/kvm: Fix VM hang in case of timer delta being zero.
    - mips: bmips: BCM6358: disable RAC flush for TP1
    - ALSA: usb-audio: Fix recursive locking at XRUN during syncing
    - PCI: dwc: Fix PORT_LINK_CONTROL update when CDM check enabled
    - platform/x86: think-lmi: add missing type attribute
    - platform/x86: think-lmi: use correct possible_values delimiters
    - platform/x86: think-lmi: only display possible_values if available
    - platform/x86: think-lmi: Add possible_values for ThinkStation
    - platform/surface: aggregator: Add missing fwnode_handle_put()
    - mtd: rawnand: meson: invalidate cache on polling ECC bit
    - SUNRPC: fix shutdown of NFS TCP client socket
    - sfc: ef10: don't overwrite offload features at NIC reset
    - scsi: megaraid_sas: Fix crash after a double completion
    - scsi: mpt3sas: Don't print sense pool info twice
    - net: dsa: realtek: fix out-of-bounds access
    - ptp_qoriq: fix memory leak in probe()
    - net: dsa: microchip: ksz8: fix ksz8_fdb_dump()
    - net: dsa: microchip: ksz8: fix ksz8_fdb_dump() to extract all 1024 entries
    - net: dsa: microchip: ksz8: fix offset for the timestamp filed
    - net: dsa: microchip: ksz8: ksz8_fdb_dump: avoid extracting ghost entry from
      empty dynamic MAC table.
    - net: dsa: microchip: ksz8863_smi: fix bulk access
    - net: dsa: microchip: ksz8: fix MDB configuration with non-zero VID
    - r8169: fix RTL8168H and RTL8107E rx crc error
    - regulator: Handle deferred clk
    - net/net_failover: fix txq exceeding warning
    - net: stmmac: don't reject VLANs when IFF_PROMISC is set
    - drm/i915/pmu: Use functions common with sysfs to read actual freq
    - drm/i915/tc: Fix the ICL PHY ownership check in TC-cold state
    - drm/i915/perf: Drop wakeref on GuC RC error
    - platform/x86/intel/pmc: Alder Lake PCH slp_s0_residency fix
    - can: bcm: bcm_tx_setup(): fix KMSAN uninit-value in vfs_write
    - s390/vfio-ap: fix memory leak in vfio_ap device driver
    - ACPI: bus: Rework system-level device notification handling
    - loop: LOOP_CONFIGURE: send uevents for partitions
    - net: mvpp2: classifier flow fix fragmentation flags
    - net: mvpp2: parser fix QinQ
    - net: mvpp2: parser fix PPPoE
    - smsc911x: avoid PHY being resumed when interface is not up
    - ice: Fix ice_cfg_rdma_fltr() to only update relevant fields
    - ice: add profile conflict check for AVF FDIR
    - ice: fix invalid check for empty list in ice_sched_assoc_vsi_to_agg()
    - net: ethernet: mtk_eth_soc: fix tx throughput regression with direct 1G
      links
    - ALSA: ymfpci: Create card with device-managed snd_devm_card_new()
    - ALSA: ymfpci: Fix BUG_ON in probe function
    - net: wwan: iosm: fixes 7560 modem crash
    - drm/nouveau/kms: Fix backlight registration
    - net: ipa: compute DMA pool size properly
    - bnx2x: use the right build_skb() helper
    - i40e: fix registers dump after run ethtool adapter self test
    - bnxt_en: Fix reporting of test result in ethtool selftest
    - bnxt_en: Fix typo in PCI id to device description string mapping
    - bnxt_en: Add missing 200G link speed reporting
    - net: dsa: mv88e6xxx: Enable IGMP snooping on user ports only
    - net: dsa: sync unicast and multicast addresses for VLAN filters too
    - net: ethernet: mtk_eth_soc: fix flow block refcounting logic
    - net: ethernet: mtk_eth_soc: fix L2 offloading with DSA untag offload
    - net: ethernet: mtk_eth_soc: add missing ppe cache flush when deleting a flow
    - pinctrl: ocelot: Fix alt mode for ocelot
    - Input: xpad - fix incorrectly applied patch for MAP_PROFILE_BUTTON
    - iommu/vt-d: Allow zero SAGAW if second-stage not supported
    - Revert "venus: firmware: Correct non-pix start and end addresses"
    - Input: i8042 - add TUXEDO devices to i8042 quirk tables for partial fix
    - Input: alps - fix compatibility with -funsigned-char
    - Input: focaltech - use explicitly signed char type
    - cifs: prevent infinite recursion in CIFSGetDFSRefer()
    - cifs: fix DFS traversal oops without CONFIG_CIFS_DFS_UPCALL
    - Input: i8042 - add quirk for Fujitsu Lifebook A574/H
    - Input: goodix - add Lenovo Yoga Book X90F to nine_bytes_report DMI table
    - btrfs: fix deadlock when aborting transaction during relocation with scrub
    - btrfs: fix race between quota disable and quota assign ioctls
    - btrfs: scan device in non-exclusive mode
    - btrfs: ignore fiemap path cache when there are multiple paths for a node
    - zonefs: Do not propagate iomap_dio_rw() ENOTBLK error to user space
    - io_uring/poll: clear single/double poll flags on poll arming
    - io_uring/rsrc: fix rogue rsrc node grabbing
    - io_uring: fix poll/netmsg alloc caches
    - vmxnet3: use gro callback when UPT is enabled
    - zonefs: Always invalidate last cached page on append write
    - dm: fix __send_duplicate_bios() to always allow for splitting IO
    - can: j1939: prevent deadlock by moving j1939_sk_errqueue()
    - xen/netback: don't do grant copy across page boundary
    - net: phy: dp83869: fix default value for tx-/rx-internal-delay
    - modpost: Fix processing of CRCs on 32-bit build machines
    - pinctrl: amd: Disable and mask interrupts on resume
    - pinctrl: at91-pio4: fix domain name assignment
    - platform/x86: ideapad-laptop: Stop sending KEY_TOUCHPAD_TOGGLE
    - thermal: intel: int340x: processor_thermal: Fix additional deadlock
    - powerpc: Don't try to copy PPR for task with NULL pt_regs
    - powerpc/pseries/vas: Ignore VAS update for DLPAR if copy/paste is not
      enabled
    - powerpc/64s: Fix __pte_needs_flush() false positive warning
    - NFSv4: Fix hangs when recovering open state after a server reboot
    - ALSA: hda/conexant: Partial revert of a quirk for Lenovo
    - ALSA: usb-audio: Fix regression on detection of Roland VS-100
    - ALSA: hda/realtek: Add quirks for some Clevo laptops
    - ALSA: hda/realtek: Add quirk for Lenovo ZhaoYang CF4620Z
    - xtensa: fix KASAN report for show_stack
    - rcu: Fix rcu_torture_read ftrace event
    - dt-bindings: mtd: jedec,spi-nor: Document CPOL/CPHA support
    - s390/uaccess: add missing earlyclobber annotations to __clear_user()
    - s390: reintroduce expoline dependence to scripts
    - drm/etnaviv: fix reference leak when mmaping imported buffer
    - drm/amdgpu: allow more APUs to do mode2 reset when go to S4
    - drm/amd/display: Add DSC Support for Synaptics Cascaded MST Hub
    - drm/amd/display: Take FEC Overhead into Timeslot Calculation
    - drm/i915/gem: Flush lmem contents after construction
    - drm/i915/dpt: Treat the DPT BO as a framebuffer
    - drm/i915: Disable DC states for all commits
    - drm/i915: Split icl_color_commit_noarm() from skl_color_commit_noarm()
    - drm/i915: Move CSC load back into .color_commit_arm() when PSR is enabled on
      skl/glk
    - KVM: arm64: PMU: Fix GET_ONE_REG for vPMC regs to return the current value
    - KVM: arm64: PMU: Don't save PMCR_EL0.{C,P} for the vCPU
    - KVM: arm64: Retry fault if vma_lookup() results become invalid
    - KVM: arm64: Disable interrupts while walking userspace PTs
    - KVM: arm64: Check for kvm_vma_mte_allowed in the critical section
    - usb: ucsi: Fix ucsi->connector race
    - libbpf: Fix BTF-to-C converter's padding logic
    - selftests/bpf: Add few corner cases to test padding handling of btf_dump
    - libbpf: Fix btf_dump's packed struct determination
    - drm/amdkfd: Get prange->offset after svm_range_vram_node_new
    - hsr: ratelimit only when errors are printed
    - x86/PVH: avoid 32-bit build warning when obtaining VGA console info
    - Revert "cpuidle, intel_idle: Fix CPUIDLE_FLAG_IRQ_ENABLE *again*"
    - Linux 6.2.10
  * Lunar update: v6.2.9 upstream stable release (LP: #2016877)
    - interconnect: qcom: osm-l3: fix icc_onecell_data allocation
    - interconnect: qcom: sm8450: switch to qcom_icc_rpmh_* function
    - interconnect: qcom: qcm2290: Fix MASTER_SNOC_BIMC_NRT
    - perf/core: Fix perf_output_begin parameter is incorrectly invoked in
      perf_event_bpf_output
    - perf: fix perf_event_context->time
    - tracing/hwlat: Replace sched_setaffinity with set_cpus_allowed_ptr
    - drm/amd/display: fix k1 k2 divider programming for phantom streams
    - drm/amd/display: Remove OTG DIV register write for Virtual signals.
    - drm/amd/display: Fix DP MST sinks removal issue
    - arm64: dts: freescale: imx8-ss-lsio: Fix flexspi clock order
    - arm64: dts: qcom: sc8280xp: Add label property to vadc channel nodes
    - arm64: dts: qcom: sm6375: Add missing power-domain-named to CDSP
    - arm64: dts: qcom: sm8450: correct WSA2 assigned clocks
    - arm64: dts: qcom: sm8450: Mark UFS controller as cache coherent
    - power: supply: bq24190: Fix use after free bug in bq24190_remove due to race
      condition
    - power: supply: da9150: Fix use after free bug in da9150_charger_remove due
      to race condition
    - wifi: mt76: do not run mt76_unregister_device() on unregistered hw
    - wifi: mt76: connac: do not check WED status for non-mmio devices
    - efi: earlycon: Reprobe after parsing config tables
    - arm64: dts: imx8dxl-evk: Disable hibernation mode of AR8031 for EQOS
    - arm64: dts: imx8dxl-evk: Fix eqos phy reset gpio
    - ARM: dts: imx6sll: e70k02: fix usbotg1 pinctrl
    - ARM: dts: imx6sll: e60k02: fix usbotg1 pinctrl
    - ARM: dts: imx6sl: tolino-shine2hd: fix usbotg1 pinctrl
    - arm64: dts: imx8mn: specify #sound-dai-cells for SAI nodes
    - arm64: dts: imx93: add missing #address-cells and #size-cells to i2c nodes
    - NFS: Fix /proc/PID/io read_bytes for buffered reads
    - xsk: Add missing overflow check in xdp_umem_reg
    - iavf: fix inverted Rx hash condition leading to disabled hash
    - iavf: fix non-tunneled IPv6 UDP packet type and hashing
    - iavf: do not track VLAN 0 filters
    - intel/igbvf: free irq on the error path in igbvf_request_msix()
    - igbvf: Regard vf reset nack as success
    - igc: fix the validation logic for taprio's gate list
    - i2c: imx-lpi2c: check only for enabled interrupt flags
    - i2c: mxs: ensure that DMA buffers are safe for DMA
    - i2c: hisi: Only use the completion interrupt to finish the transfer
    - scsi: scsi_dh_alua: Fix memleak for 'qdata' in alua_activate()
    - nfsd: don't replace page in rq_pages if it's a continuation of last page
    - net: dsa: b53: mmap: fix device tree support
    - net: usb: smsc95xx: Limit packet length to skb->len
    - qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info
    - xirc2ps_cs: Fix use after free bug in xirc2ps_detach
    - net: phy: Ensure state transitions are processed from phy_stop()
    - net: mdio: fix owner field for mdio buses registered using device-tree
    - net: mdio: fix owner field for mdio buses registered using ACPI
    - net: stmmac: Fix for mismatched host/device DMA address width
    - thermal/drivers/mellanox: Use generic thermal_zone_get_trip() function
    - mlxsw: core_thermal: Fix fan speed in maximum cooling state
    - drm/i915/fbdev: lock the fbdev obj before vma pin
    - drm/i915/mtl: Disable MC6 for MTL A step
    - drm/i915/guc: Rename GuC register state capture node to be more obvious
    - drm/i915/guc: Fix missing ecodes
    - drm/i915/gt: perform uc late init after probe error injection
    - drm/i915: Fix format for perf_limit_reasons
    - drm/i915: Update vblank timestamping stuff on seamless M/N change
    - net: dsa: report rx_bytes unadjusted for ETH_HLEN
    - net: qcom/emac: Fix use after free bug in emac_remove due to race condition
    - net: usb: lan78xx: Limit packet length to skb->len
    - net/ps3_gelic_net: Fix RX sk_buff length
    - net/ps3_gelic_net: Use dma_mapping_error
    - octeontx2-vf: Add missing free for alloc_percpu
    - bootconfig: Fix testcase to increase max node
    - keys: Do not cache key in task struct if key is requested from kernel thread
    - ice: check if VF exists before mode check
    - iavf: fix hang on reboot with ice
    - i40e: fix flow director packet filter programming
    - bpf: Adjust insufficient default bpf_jit_limit
    - net/mlx5e: Set uplink rep as NETNS_LOCAL
    - net/mlx5e: Block entering switchdev mode with ns inconsistency
    - net/mlx5: Fix steering rules cleanup
    - net/mlx5e: Overcome slow response for first macsec ASO WQE
    - net/mlx5: Read the TC mapping of all priorities on ETS query
    - net/mlx5: E-Switch, Fix an Oops in error handling code
    - net: dsa: tag_brcm: legacy: fix daisy-chained switches
    - atm: idt77252: fix kmemleak when rmmod idt77252
    - erspan: do not use skb_mac_header() in ndo_start_xmit()
    - net: mscc: ocelot: fix stats region batching
    - net/sonic: use dma_mapping_error() for error check
    - nvme-tcp: fix nvme_tcp_term_pdu to match spec
    - mlxsw: spectrum_fid: Fix incorrect local port type
    - hvc/xen: prevent concurrent accesses to the shared ring
    - ksmbd: add low bound validation to FSCTL_SET_ZERO_DATA
    - ksmbd: add low bound validation to FSCTL_QUERY_ALLOCATED_RANGES
    - ksmbd: fix possible refcount leak in smb2_open()
    - Bluetooth: hci_sync: Resume adv with no RPA when active scan
    - Bluetooth: hci_core: Detect if an ACL packet is in fact an ISO packet
    - Bluetooth: btusb: Remove detection of ISO packets over bulk
    - Bluetooth: ISO: fix timestamped HCI ISO data packet parsing
    - Bluetooth: Remove "Power-on" check from Mesh feature
    - gve: Cache link_speed value from device
    - net: asix: fix modprobe "sysfs: cannot create duplicate filename"
    - net: dsa: mt7530: move enabling disabling core clock to mt7530_pll_setup()
    - net: dsa: mt7530: move lowering TRGMII driving to mt7530_setup()
    - net: dsa: mt7530: move setting ssc_delta to PHY_INTERFACE_MODE_TRGMII case
    - net: mdio: thunder: Add missing fwnode_handle_put()
    - efi/libstub: Use relocated version of kernel's struct screen_info
    - drm/amd/display: Set dcn32 caps.seamless_odm
    - Bluetooth: btqcomsmd: Fix command timeout after setting BD address
    - Bluetooth: L2CAP: Fix responding with wrong PDU type
    - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished
      work
    - Bluetooth: mgmt: Fix MGMT add advmon with RSSI command
    - Bluetooth: HCI: Fix global-out-of-bounds
    - platform/chrome: cros_ec_chardev: fix kernel data leak from ioctl
    - entry: Fix noinstr warning in __enter_from_user_mode()
    - perf/x86/amd/core: Always clear status for idx
    - entry/rcu: Check TIF_RESCHED _after_ delayed RCU wake-up
    - hwmon: fix potential sensor registration fail if of_node is missing
    - hwmon (it87): Fix voltage scaling for chips with 10.9mV ADCs
    - scsi: qla2xxx: Synchronize the IOCB count to be in order
    - scsi: qla2xxx: Perform lockless command completion in abort path
    - smb3: lower default deferred close timeout to address perf regression
    - smb3: fix unusable share after force unmount failure
    - uas: Add US_FL_NO_REPORT_OPCODES for JMicron JMS583Gen 2
    - thunderbolt: Use scale field when allocating USB3 bandwidth
    - thunderbolt: Call tb_check_quirks() after initializing adapters
    - thunderbolt: Add quirk to disable CLx
    - thunderbolt: Fix memory leak in margining
    - thunderbolt: Disable interrupt auto clear for rings
    - thunderbolt: Add missing UNSET_INBOUND_SBTX for retimer access
    - thunderbolt: Use const qualifier for `ring_interrupt_index`
    - thunderbolt: Rename shadowed variables bit to interrupt_bit and
      auto_clear_bit
    - ASoC: amd: yp: Add OMEN by HP Gaming Laptop 16z-n000 to quirks
    - ASoC: Intel: sof_rt5682: Add quirk for Rex board with mx98360a amplifier
    - ASoC: amd: yc: Add DMI entries to support HP OMEN 16-n0xxx (8A43)
    - ACPI: x86: Drop quirk for HP Elitebook
    - ACPI: x86: utils: Add Cezanne to the list for forcing StorageD3Enable
    - riscv: Bump COMMAND_LINE_SIZE value to 1024
    - drm/cirrus: NULL-check pipe->plane.state->fb in cirrus_pipe_update()
    - HID: cp2112: Fix driver not registering GPIO IRQ chip as threaded
    - ca8210: fix mac_len negative array access
    - HID: logitech-hidpp: Add support for Logitech MX Master 3S mouse
    - HID: intel-ish-hid: ipc: Fix potential use-after-free in work function
    - m68k: mm: Fix systems with memory at end of 32-bit address space
    - m68k: Only force 030 bus error if PC not in exception table
    - selftests/bpf: check that modifier resolves after pointer
    - cpumask: fix incorrect cpumask scanning result checks
    - scsi: target: iscsi: Fix an error message in iscsi_check_key()
    - scsi: qla2xxx: Add option to disable FC2 Target support
    - scsi: hisi_sas: Check devm_add_action() return value
    - scsi: ufs: core: Add soft dependency on governor_simpleondemand
    - scsi: lpfc: Check kzalloc() in lpfc_sli4_cgn_params_read()
    - scsi: lpfc: Avoid usage of list iterator variable after loop
    - scsi: mpi3mr: Driver unload crashes host when enhanced logging is enabled
    - scsi: mpi3mr: Wait for diagnostic save during controller init
    - scsi: mpi3mr: NVMe command size greater than 8K fails
    - scsi: mpi3mr: Bad drive in topology results kernel crash
    - scsi: storvsc: Handle BlockSize change in Hyper-V VHD/VHDX file
    - platform/x86: int3472: Add GPIOs to Surface Go 3 Board data
    - net: usb: cdc_mbim: avoid altsetting toggling for Telit FE990
    - net: usb: qmi_wwan: add Telit 0x1080 composition
    - drm/amd/display: Update clock table to include highest clock setting
    - sh: sanitize the flags on sigreturn
    - drm/amdgpu: Fix call trace warning and hang when removing amdgpu device
    - drm/amd: Fix initialization mistake for NBIO 7.3.0
    - net/sched: act_mirred: better wording on protection against excessive stack
      growth
    - act_mirred: use the backlog for nested calls to mirred ingress
    - cifs: lock chan_lock outside match_session
    - cifs: append path to open_enter trace event
    - cifs: do not poll server interfaces too regularly
    - cifs: empty interface list when server doesn't support query interfaces
    - cifs: dump pending mids for all channels in DebugData
    - cifs: print session id while listing open files
    - cifs: fix dentry lookups in directory handle cache
    - x86/mm: Do not shuffle CPU entry areas without KASLR
    - x86/fpu/xstate: Prevent false-positive warning in __copy_xstate_uabi_buf()
    - selftests/x86/amx: Add a ptrace test
    - scsi: core: Add BLIST_SKIP_VPD_PAGES for SKhynix H28U74301AMR
    - usb: misc: onboard-hub: add support for Microchip USB2517 USB 2.0 hub
    - usb: dwc2: fix a race, don't power off/on phy for dual-role mode
    - usb: dwc2: drd: fix inconsistent mode if role-switch-default-mode="host"
    - usb: dwc2: fix a devres leak in hw_enable upon suspend resume
    - block/io_uring: pass in issue_flags for uring_cmd task_work handling
    - usb: gadget: u_audio: don't let userspace block driver unbind
    - btrfs: zoned: fix btrfs_can_activate_zone() to support DUP profile
    - Bluetooth: Fix race condition in hci_cmd_sync_clear
    - efi: sysfb_efi: Fix DMI quirks not working for simpledrm
    - mm/slab: Fix undefined init_cache_node_node() for NUMA and !SMP
    - efi/libstub: zboot: Mark zboot EFI application as NX compatible
    - arm64: efi: Set NX compat flag in PE/COFF header
    - fscrypt: destroy keyring after security_sb_delete()
    - fsverity: Remove WQ_UNBOUND from fsverity read workqueue
    - lockd: set file_lock start and end when decoding nlm4 testargs
    - arm64: dts: imx8mm-nitrogen-r2: fix WM8960 clock name
    - igb: revert rtnl_lock() that causes deadlock
    - dm thin: fix deadlock when swapping to thin device
    - usb: typec: tcpm: fix create duplicate source-capabilities file
    - usb: typec: tcpm: fix warning when handle discover_identity message
    - usb: cdns3: Fix issue with using incorrect PCI device function
    - usb: cdnsp: Fixes issue with redundant Status Stage
    - usb: cdnsp: changes PCI Device ID to fix conflict with CNDS3 driver
    - usb: chipdea: core: fix return -EINVAL if request role is the same with
      current role
    - usb: chipidea: core: fix possible concurrent when switch role
    - usb: dwc3: gadget: Add 1ms delay after end transfer command without IOC
    - usb: ucsi: Fix NULL pointer deref in ucsi_connector_change()
    - usb: ucsi_acpi: Increase the command completion timeout
    - mm: kfence: fix using kfence_metadata without initialization in
      show_object()
    - kfence: avoid passing -g for test
    - io_uring/net: avoid sending -ECONNABORTED on repeated connection requests
    - io_uring/rsrc: fix null-ptr-deref in io_file_bitmap_get()
    - Revert "kasan: drop skip_kasan_poison variable in free_pages_prepare"
    - kcsan: avoid passing -g for test
    - test_maple_tree: add more testing for mas_empty_area()
    - maple_tree: fix mas_skip_node() end slot detection
    - ksmbd: fix wrong signingkey creation when encryption is AES256
    - ksmbd: set FILE_NAMED_STREAMS attribute in FS_ATTRIBUTE_INFORMATION
    - ksmbd: don't terminate inactive sessions after a few seconds
    - ksmbd: return STATUS_NOT_SUPPORTED on unsupported smb2.0 dialect
    - ksmbd: return unsupported error on smb1 mount
    - wifi: mac80211: fix qos on mesh interfaces
    - wifi: mac80211: Serialize ieee80211_handle_wake_tx_queue()
    - nilfs2: fix kernel-infoleak in nilfs_ioctl_wrap_copy()
    - drm/bridge: lt8912b: return EPROBE_DEFER if bridge is not found
    - drm/amd/display: fix wrong index used in dccg32_set_dpstreamclk
    - drm/meson: fix missing component unbind on bind errors
    - drm/amdgpu/nv: Apply ASPM quirk on Intel ADL + AMD Navi
    - drm/i915/active: Fix missing debug object activation
    - drm/i915: Preserve crtc_state->inherited during state clearing
    - drm/amdgpu: skip ASIC reset for APUs when go to S4
    - drm/amdgpu: reposition the gpu reset checking for reuse
    - riscv: mm: Fix incorrect ASID argument when flushing TLB
    - riscv: Handle zicsr/zifencei issues between clang and binutils
    - tee: amdtee: fix race condition in amdtee_open_session
    - firmware: arm_scmi: Fix device node validation for mailbox transport
    - arm64: dts: qcom: sc8280xp-x13s: mark s11b regulator as always-on
    - arm64: dts: qcom: sc7280: Mark PCIe controller as cache coherent
    - arm64: dts: qcom: sm8150: Fix the iommu mask used for PCIe controllers
    - soc: qcom: llcc: Fix slice configuration values for SC8280XP
    - mm/ksm: fix race with VMA iteration and mm_struct teardown
    - bus: imx-weim: fix branch condition evaluates to a garbage value
    - i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()
    - dm stats: check for and propagate alloc_percpu failure
    - dm crypt: add cond_resched() to dmcrypt_write()
    - dm crypt: avoid accessing uninitialized tasklet
    - sched/fair: sanitize vruntime of entity being placed
    - sched/fair: Sanitize vruntime of entity being migrated
    - Linux 6.2.9
    - [Config] ppc64: updateconfigs following v6.2.9 stable updates
  * Lunar update: v6.2.8 upstream stable release (LP: #2016876)
    - xfrm: Allow transport-mode states with AF_UNSPEC selector
    - drm/virtio: Pass correct device to dma_sync_sgtable_for_device()
    - drm/msm/gem: Prevent blocking within shrinker loop
    - drm/panfrost: Don't sync rpm suspension after mmu flushing
    - fbdev: chipsfb: Fix error codes in chipsfb_pci_init()
    - cifs: Move the in_send statistic to __smb_send_rqst()
    - drm/meson: fix 1px pink line on GXM when scaling video overlay
    - clk: HI655X: select REGMAP instead of depending on it
    - selftests: amd-pstate: fix TEST_FILES
    - ASoC: SOF: Intel: MTL: Fix the device description
    - ASoC: SOF: Intel: HDA: Fix device description
    - ASoC: SOF: Intel: SKL: Fix device description
    - ASOC: SOF: Intel: pci-tgl: Fix device description
    - ASoC: SOF: ipc4-topology: set dmic dai index from copier
    - docs: Correct missing "d_" prefix for dentry_operations member
      d_weak_revalidate
    - scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add()
    - scsi: mpi3mr: Fix throttle_groups memory leak
    - scsi: mpi3mr: Fix config page DMA memory leak
    - scsi: mpi3mr: Fix mpi3mr_hba_port memory leak in mpi3mr_remove()
    - scsi: mpi3mr: Fix sas_hba.phy memory leak in mpi3mr_remove()
    - scsi: mpi3mr: Return proper values for failures in firmware init path
    - scsi: mpi3mr: Fix memory leaks in mpi3mr_init_ioc()
    - scsi: mpi3mr: ioctl timeout when disabling/enabling interrupt
    - scsi: mpi3mr: Fix expander node leak in mpi3mr_remove()
    - ALSA: hda: Match only Intel devices with CONTROLLER_IN_GPU()
    - netfilter: nft_nat: correct length for loading protocol registers
    - netfilter: nft_masq: correct length for loading protocol registers
    - netfilter: nft_redir: correct length for loading protocol registers
    - netfilter: nft_redir: correct value of inet type `.maxattrs`
    - scsi: core: Add BLIST_NO_VPD_SIZE for some VDASD
    - scsi: core: Fix a procfs host directory removal regression
    - ftrace,kcfi: Define ftrace_stub_graph conditionally
    - tcp: tcp_make_synack() can be called from process context
    - vdpa/mlx5: should not activate virtq object when suspended
    - wifi: nl80211: fix NULL-ptr deref in offchan check
    - wifi: cfg80211: fix MLO connection ownership
    - selftests: fix LLVM build for i386 and x86_64
    - nfc: pn533: initialize struct pn533_out_arg properly
    - ipvlan: Make skb->skb_iif track skb->dev for l3s mode
    - i40e: Fix kernel crash during reboot when adapter is in recovery mode
    - vhost-vdpa: free iommu domain after last use during cleanup
    - vdpa_sim: not reset state in vdpasim_queue_ready
    - vdpa_sim: set last_used_idx as last_avail_idx in vdpasim_queue_ready
    - PCI: s390: Fix use-after-free of PCI resources with per-function hotplug
    - bnxt_en: reset PHC frequency in free-running mode
    - net/smc: fix NULL sndbuf_desc in smc_cdc_tx_handler()
    - qed/qed_dev: guard against a possible division by zero
    - net: dsa: mt7530: remove now incorrect comment regarding port 5
    - net: dsa: mt7530: set PLL frequency and trgmii only when trgmii is used
    - block: do not reverse request order when flushing plug list
    - loop: Fix use-after-free issues
    - blk-mq: fix "bad unlock balance detected" on q->srcu in
      __blk_mq_run_dispatch_ops
    - net: tunnels: annotate lockless accesses to dev->needed_headroom
    - net: phy: smsc: bail out in lan87xx_read_status if genphy_read_status fails
    - tcp: Fix bind() conflict check for dual-stack wildcard address.
    - nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition
    - mlxsw: spectrum: Fix incorrect parsing depth after reload
    - net/smc: fix deadlock triggered by cancel_delayed_work_syn()
    - net: usb: smsc75xx: Limit packet length to skb->len
    - net: ethernet: mtk_eth_soc: reset PCS state
    - net: ethernet: mtk_eth_soc: only write values if needed
    - drm/bridge: Fix returned array size name for atomic_get_input_bus_fmts kdoc
    - powerpc/mm: Fix false detection of read faults
    - block: null_blk: Fix handling of fake timeout request
    - nvme: fix handling single range discard request
    - nvmet: avoid potential UAF in nvmet_req_complete()
    - block: sunvdc: add check for mdesc_grab() returning NULL
    - block: count 'ios' and 'sectors' when io is done for bio-based device
    - net/mlx5e: Fix macsec ASO context alignment
    - net/mlx5e: Don't cache tunnel offloads capability
    - net/mlx5: Fix setting ec_function bit in MANAGE_PAGES
    - net/mlx5: Disable eswitch before waiting for VF pages
    - net/mlx5: E-switch, Fix wrong usage of source port rewrite in split rules
    - net/mlx5: E-switch, Fix missing set of split_count when forward to ovs
      internal port
    - net/mlx5e: Fix cleanup null-ptr deref on encap lock
    - net/mlx5: Set BREAK_FW_WAIT flag first when removing driver
    - veth: Fix use after free in XDP_REDIRECT
    - ice: xsk: disable txq irq before flushing hw
    - net: dsa: don't error out when drivers return ETH_DATA_LEN in
      .port_max_mtu()
    - net: dsa: mv88e6xxx: fix max_mtu of 1492 on 6165, 6191, 6220, 6250, 6290
    - ravb: avoid PHY being resumed when interface is not up
    - sh_eth: avoid PHY being resumed when interface is not up
    - ipv4: Fix incorrect table ID in IOCTL path
    - net: usb: smsc75xx: Move packet length check to prevent kernel panic in
      skb_pull
    - net: atlantic: Fix crash when XDP is enabled but no program is loaded
    - net/iucv: Fix size of interrupt data
    - i825xx: sni_82596: use eth_hw_addr_set()
    - qed/qed_mng_tlv: correctly zero out ->min instead of ->hour
    - net: dsa: microchip: fix RGMII delay configuration on
      KSZ8765/KSZ8794/KSZ8795
    - ethernet: sun: add check for the mdesc_grab()
    - net: renesas: rswitch: Rename rings in struct rswitch_gwca_queue
    - net: renesas: rswitch: Fix the output value of quote from rswitch_rx()
    - bonding: restore IFF_MASTER/SLAVE flags on bond enslave ether type change
    - bonding: restore bond's IFF_SLAVE flag if a non-eth dev enslave fails
    - hwmon: (adt7475) Display smoothing attributes in correct order
    - hwmon: (adt7475) Fix masking of hysteresis registers
    - hwmon: (xgene) Fix use after free bug in xgene_hwmon_remove due to race
      condition
    - hwmon: (ina3221) return prober error code
    - hwmon: (ucd90320) Add minimum delay between bus accesses
    - hwmon: tmp512: drop of_match_ptr for ID table
    - kconfig: Update config changed flag before calling callback
    - hwmon: (adm1266) Set `can_sleep` flag for GPIO chip
    - hwmon: (ltc2992) Set `can_sleep` flag for GPIO chip
    - media: m5mols: fix off-by-one loop termination error
    - ext4: update s_journal_inum if it changes after journal replay
    - ext4: fix task hung in ext4_xattr_delete_inode
    - drm/amdkfd: Fix an illegal memory access
    - net/9p: fix bug in client create for .L
    - LoongArch: Only call get_timer_irq() once in constant_clockevent_init()
    - sh: intc: Avoid spurious sizeof-pointer-div warning
    - drm/amdgpu: fix ttm_bo calltrace warning in psp_hw_fini
    - drm/amd/display: fix shift-out-of-bounds in CalculateVMAndRowBytes
    - ext4: fix possible double unlock when moving a directory
    - Revert "tty: serial: fsl_lpuart: adjust SERIAL_FSL_LPUART_CONSOLE config
      dependency"
    - tty: serial: fsl_lpuart: fix race on RX DMA shutdown
    - tty: serial: fsl_lpuart: skip waiting for transmission complete when
      UARTCTRL_SBK is asserted
    - serial: 8250_em: Fix UART port type
    - serial: 8250_fsl: fix handle_irq locking
    - serial: 8250: ASPEED_VUART: select REGMAP instead of depending on it
    - firmware: xilinx: don't make a sleepable memory allocation from an atomic
      context
    - memory: tegra: fix interconnect registration race
    - memory: tegra20-emc: fix interconnect registration race
    - memory: tegra124-emc: fix interconnect registration race
    - memory: tegra30-emc: fix interconnect registration race
    - drm/ttm: Fix a NULL pointer dereference
    - s390/ipl: add missing intersection check to ipl_report handling
    - interconnect: fix icc_provider_del() error handling
    - interconnect: fix provider registration API
    - interconnect: imx: fix registration race
    - interconnect: fix mem leak when freeing nodes
    - interconnect: qcom: osm-l3: fix registration race
    - interconnect: qcom: rpm: fix probe child-node error handling
    - interconnect: qcom: rpm: fix registration race
    - interconnect: qcom: rpmh: fix probe child-node error handling
    - interconnect: qcom: rpmh: fix registration race
    - interconnect: qcom: msm8974: fix registration race
    - interconnect: exynos: fix node leak in probe PM QoS error path
    - interconnect: exynos: fix registration race
    - md: select BLOCK_LEGACY_AUTOLOAD
    - cifs: generate signkey for the channel that's reconnecting
    - tracing: Make splice_read available again
    - tracing: Do not let histogram values have some modifiers
    - tracing: Check field value in hist_field_name()
    - tracing: Make tracepoint lockdep check actually test something
    - cifs: Fix smb2_set_path_size()
    - cifs: set DFS root session in cifs_get_smb_ses()
    - cifs: fix use-after-free bug in refresh_cache_worker()
    - cifs: return DFS root session id in DebugData
    - cifs: use DFS root session instead of tcon ses
    - KVM: SVM: Fix a benign off-by-one bug in AVIC physical table mask
    - KVM: SVM: Modify AVIC GATag to support max number of 512 vCPUs
    - ALSA: hda: intel-dsp-config: add MTL PCI id
    - ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book2 Pro
    - Revert "riscv: mm: notify remote harts about mmu cache updates"
    - riscv: asid: Fixup stale TLB entry cause application crash
    - drm/edid: fix info leak when failing to get panel id
    - drm/shmem-helper: Remove another errant put in error path
    - drm/sun4i: fix missing component unbind on bind errors
    - drm/i915/active: Fix misuse of non-idle barriers as fence trackers
    - drm/i915/dg2: Add HDMI pixel clock frequencies 267.30 and 319.89 MHz
    - drm/amdgpu: Don't resume IOMMU after incomplete init
    - drm/amd/pm: Fix sienna cichlid incorrect OD volage after resume
    - drm/amdgpu/vcn: Disable indirect SRAM on Vangogh broken BIOSes
    - drm/amd/pm: bump SMU 13.0.4 driver_if header version
    - drm/amd/display: Do not set DRR on pipe Commit
    - drm/amd/display: disconnect MPCC only on OTG change
    - drm/amd/display: Write to correct dirty_rect
    - mptcp: fix possible deadlock in subflow_error_report
    - mptcp: refactor passive socket initialization
    - mptcp: use the workqueue to destroy unaccepted sockets
    - mptcp: fix UaF in listener shutdown
    - mptcp: add ro_after_init for tcp{,v6}_prot_override
    - mptcp: avoid setting TCP_CLOSE state twice
    - mptcp: fix lockdep false positive in mptcp_pm_nl_create_listen_socket()
    - ftrace: Fix invalid address access in lookup_rec() when index is 0
    - ocfs2: fix data corruption after failed write
    - nvme-pci: add NVME_QUIRK_BOGUS_NID for Netac NV3000
    - ice: avoid bonding causing auxiliary plug/unplug under RTNL lock
    - vp_vdpa: fix the crash in hot unplug with vp_vdpa
    - mm/userfaultfd: propagate uffd-wp bit when PTE-mapping the huge zeropage
    - mm: teach mincore_hugetlb about pte markers
    - powerpc/64: Set default CPU in Kconfig
    - powerpc/boot: Don't always pass -mcpu=powerpc when building 32-bit uImage
    - mmc: sdhci_am654: lower power-on failed message severity
    - fbdev: stifb: Provide valid pixelclock and add fb_check_var() checks
    - trace/hwlat: Do not wipe the contents of per-cpu thread data
    - trace/hwlat: Do not start per-cpu thread if it is already running
    - ACPI: PPTT: Fix to avoid sleep in the atomic context when PPTT is absent
    - net: phy: nxp-c45-tja11xx: fix MII_BASIC_CONFIG_REV bit
    - fbdev: Fix incorrect page mapping clearance at fb_deferred_io_release()
    - RISC-V: mm: Support huge page in vmalloc_fault()
    - io_uring/msg_ring: let target know allocated index
    - cpuidle: psci: Iterate backwards over list in psci_pd_remove()
    - ASoC: Intel: soc-acpi: fix copy-paste issue in topology names
    - ASoC: qcom: q6prm: fix incorrect clk_root passed to ADSP
    - x86/mce: Make sure logged MCEs are processed after sysfs update
    - x86/mm: Fix use of uninitialized buffer in sme_enable()
    - x86/resctrl: Clear staged_config[] before and after it is used
    - powerpc: Pass correct CPU reference to assembler
    - virt/coco/sev-guest: Check SEV_SNP attribute at probe time
    - virt/coco/sev-guest: Simplify extended guest request handling
    - virt/coco/sev-guest: Remove the disable_vmpck label in
      handle_guest_request()
    - virt/coco/sev-guest: Carve out the request issuing logic into a helper
    - virt/coco/sev-guest: Do some code style cleanups
    - virt/coco/sev-guest: Convert the sw_exit_info_2 checking to a switch-case
    - virt/coco/sev-guest: Add throttling awareness
    - perf: Fix check before add_event_to_groups() in perf_group_detach()
    - powerpc: Disable CPU unknown by CLANG when CC_IS_CLANG
    - powerpc/64: Replace -mcpu=e500mc64 by -mcpu=e5500
    - Linux 6.2.8
    - [Config] ppc64: updateconfigs following v6.2.8 stable updates
  * Lunar update: v6.2.8 upstream stable release (LP: #2016876) //
    CVE-2023-30456
    - KVM: nVMX: add missing consistency checks for CR0 and CR4
  * Lunar update: v6.2.7 upstream stable release (LP: #2016875)
    - fs: prevent out-of-bounds array speculation when closing a file descriptor
    - btrfs: fix unnecessary increment of read error stat on write error
    - btrfs: fix percent calculation for bg reclaim message
    - btrfs: fix block group item corruption after inserting new block group
    - io_uring/uring_cmd: ensure that device supports IOPOLL
    - erofs: fix wrong kunmap when using LZMA on HIGHMEM platforms
    - perf inject: Fix --buildid-all not to eat up MMAP2
    - fork: allow CLONE_NEWTIME in clone3 flags
    - RISC-V: Stop emitting attributes
    - thermal: intel: int340x: processor_thermal: Fix deadlock
    - x86/CPU/AMD: Disable XSAVES on AMD family 0x17
    - drm/amdgpu: fix error checking in amdgpu_read_mm_registers for soc15
    - drm/amdgpu: fix error checking in amdgpu_read_mm_registers for soc21
    - drm/amdgpu: fix error checking in amdgpu_read_mm_registers for nv
    - drm/display: Don't block HDR_OUTPUT_METADATA on unknown EOTF
    - drm/connector: print max_requested_bpc in state debugfs
    - drm/msm/adreno: fix runtime PM imbalance at unbind
    - staging: rtl8723bs: Fix key-store index handling
    - staging: rtl8723bs: Pass correct parameters to cfg80211_get_bss()
    - ext4: fix cgroup writeback accounting with fs-layer encryption
    - ext4: fix RENAME_WHITEOUT handling for inline directories
    - ext4: fix another off-by-one fsmap error on 1k block filesystems
    - ext4: move where set the MAY_INLINE_DATA flag is set
    - ext4: fix WARNING in ext4_update_inline_data
    - ext4: zero i_disksize when initializing the bootloader inode
    - HID: core: Provide new max_buffer_size attribute to over-ride the default
    - HID: uhid: Over-ride the default maximum data buffer value with our own
    - nfc: change order inside nfc_se_io error path
    - KVM: VMX: Reset eVMCS controls in VP assist page during hardware disabling
    - KVM: VMX: Don't bother disabling eVMCS static key on module exit
    - KVM: x86: Move guts of kvm_arch_init() to standalone helper
    - KVM: VMX: Do _all_ initialization before exposing /dev/kvm to userspace
    - udf: Fix off-by-one error when discarding preallocation
    - bus: mhi: ep: Power up/down MHI stack during MHI RESET
    - bus: mhi: ep: Change state_lock to mutex
    - drm/i915: Introduce intel_panel_init_alloc()
    - drm/i915: Do panel VBT init early if the VBT declares an explicit panel type
    - drm/i915: Populate encoder->devdata for DSI on icl+
    - block: Revert "block: Do not reread partition table on exclusively open
      device"
    - block: fix scan partition for exclusively open device again
    - riscv: Add header include guards to insn.h
    - scsi: core: Remove the /proc/scsi/${proc_name} directory earlier
    - ext4: Fix possible corruption when moving a directory
    - drm/nouveau/kms/nv50: fix nv50_wndw_new_ prototype
    - drm/nouveau/fb/gp102-: cache scrubber binary on first load
    - drm/msm: Fix potential invalid ptr free
    - drm/msm/a5xx: fix setting of the CP_PREEMPT_ENABLE_LOCAL register
    - drm/msm/a5xx: fix highest bank bit for a530
    - drm/msm/a5xx: fix the emptyness check in the preempt code
    - drm/msm/a5xx: fix context faults during ring switch
    - bgmac: fix *initial* chip reset to support BCM5358
    - nfc: fdp: add null check of devm_kmalloc_array in
      fdp_nci_i2c_read_device_properties
    - powerpc: dts: t1040rdb: fix compatible string for Rev A boards
    - tls: rx: fix return value for async crypto
    - drm/msm/dpu: disable features unsupported by QCM2290
    - ila: do not generate empty messages in ila_xlat_nl_cmd_get_mapping()
    - net: lan966x: Fix port police support using tc-matchall
    - selftests: nft_nat: ensuring the listening side is up before starting the
      client
    - netfilter: nft_last: copy content when cloning expression
    - netfilter: nft_quota: copy content when cloning expression
    - net: tls: fix possible race condition between do_tls_getsockopt_conf() and
      do_tls_setsockopt_conf()
    - net: use indirect calls helpers for sk_exit_memory_pressure()
    - perf stat: Fix counting when initial delay configured
    - net: lan78xx: fix accessing the LAN7800's internal phy specific registers
      from the MAC driver
    - net: caif: Fix use-after-free in cfusbl_device_notify()
    - ice: copy last block omitted in ice_get_module_eeprom()
    - nfp: fix incorrectly set csum flag for nfd3 path
    - nfp: fix esp-tx-csum-offload doesn't take effect
    - bpf, sockmap: Fix an infinite loop error when len is 0 in
      tcp_bpf_recvmsg_parser()
    - drm/msm/dpu: fix len of sc7180 ctl blocks
    - drm/msm/dpu: fix sm6115 and qcm2290 mixer width limits
    - drm/msm/dpu: correct sm8250 and sm8350 scaler
    - drm/msm/dpu: correct sm6115 scaler
    - drm/msm/dpu: drop DPU_DIM_LAYER from MIXER_MSM8998_MASK
    - drm/msm/dpu: fix clocks settings for msm8998 SSPP blocks
    - drm/msm/disp/dpu: fix sc7280_pp base offset
    - drm/msm/dpu: clear DSPP reservations in rm release
    - net: stmmac: add to set device wake up flag when stmmac init phy
    - net: phylib: get rid of unnecessary locking
    - bnxt_en: Avoid order-5 memory allocation for TPA data
    - netfilter: ctnetlink: revert to dumping mark regardless of event type
    - netfilter: tproxy: fix deadlock due to missing BH disable
    - m68k: mm: Move initrd phys_to_virt handling after paging_init()
    - btrfs: fix extent map logging bit not cleared for split maps after dropping
      range
    - bpf, test_run: fix &xdp_frame misplacement for LIVE_FRAMES
    - btf: fix resolving BTF_KIND_VAR after ARRAY, STRUCT, UNION, PTR
    - net: phy: smsc: fix link up detection in forced irq mode
    - net: ethernet: mtk_eth_soc: fix RX data corruption issue
    - net: tls: fix device-offloaded sendpage straddling records
    - scsi: megaraid_sas: Update max supported LD IDs to 240
    - scsi: sd: Fix wrong zone_write_granularity value during revalidate
    - netfilter: conntrack: adopt safer max chain length
    - platform/x86: dell-ddv: Return error if buffer is empty
    - platform/x86: dell-ddv: Fix temperature scaling
    - platform: mellanox: select REGMAP instead of depending on it
    - platform: x86: MLX_PLATFORM: select REGMAP instead of depending on it
    - block: fix wrong mode for blkdev_put() from disk_scan_partitions()
    - NFSD: Protect against filesystem freezing
    - ice: Fix DSCP PFC TLV creation
    - ethernet: ice: avoid gcc-9 integer overflow warning
    - net/smc: fix fallback failed while sendmsg with fastopen
    - octeontx2-af: Unlock contexts in the queue context cache in case of fault
      detection
    - SUNRPC: Fix a server shutdown leak
    - net: dsa: mt7530: permit port 5 to work without port 6 on MT7621 SoC
    - af_unix: fix struct pid leaks in OOB support
    - erofs: Revert "erofs: fix kvcalloc() misuse with __GFP_NOFAIL"
    - riscv: Use READ_ONCE_NOCHECK in imprecise unwinding stack mode
    - RISC-V: Don't check text_mutex during stop_machine
    - drm/amdgpu: fix return value check in kfd
    - ext4: Fix deadlock during directory rename
    - RISC-V: take text_mutex during alternative patching
    - drm/amdgpu/soc21: don't expose AV1 if VCN0 is harvested
    - drm/amdgpu/soc21: Add video cap query support for VCN_4_0_4
    - watch_queue: fix IOC_WATCH_QUEUE_SET_SIZE alloc error paths
    - tpm/eventlog: Don't abort tpm_read_log on faulty ACPI address
    - MIPS: Fix a compilation issue
    - powerpc/64: Don't recurse irq replay
    - powerpc/iommu: fix memory leak with using debugfs_lookup()
    - clk: renesas: rcar-gen3: Disable R-Car H3 ES1.*
    - powerpc: Remove __kernel_text_address() in show_instructions()
    - powerpc/bpf/32: Only set a stack frame when necessary
    - powerpc/64: Fix task_cpu in early boot when booting non-zero cpuid
    - powerpc/64: Move paca allocation to early_setup()
    - powerpc/kcsan: Exclude udelay to prevent recursive instrumentation
    - alpha: fix R_ALPHA_LITERAL reloc for large modules
    - macintosh: windfarm: Use unsigned type for 1-bit bitfields
    - PCI: Add SolidRun vendor ID
    - scripts: handle BrokenPipeError for python scripts
    - media: ov5640: Fix analogue gain control
    - media: rc: gpio-ir-recv: add remove function
    - drm/amd/display: Allow subvp on vactive pipes that are 2560x1440@60
    - drm/amd/display: adjust MALL size available for DCN32 and DCN321
    - filelocks: use mount idmapping for setlease permission check
    - Revert "bpf, test_run: fix &xdp_frame misplacement for LIVE_FRAMES"
    - RISC-V: fix taking the text_mutex twice during sifive errata patching
    - UML: define RUNTIME_DISCARD_EXIT
    - Linux 6.2.7
  * Miscellaneous Ubuntu changes
    - [Packaging] Move final-checks script to debian/scripts/checks
    - [Packaging] checks/final-checks: Honor 'do_skip_checks'
    - [Packaging] Drop wireguard DKMS
    - [Packaging] Remove update-version-dkms
    - [Packaging] debian/rules: Add DKMS info to 'printenv' output
  * Miscellaneous upstream changes
    - Revert "Revert "mm: kfence: apply kmemleak_ignore_phys on early allocated
      pool""

-- Tim Gardner <tim.gardner@canonical.com>  Thu, 01 Jun 2023 11:42:18 -0600

Changed in linux-azure (Ubuntu Lunar):
status:	Fix Committed → Fix Released

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-07-19:

#5

This bug is awaiting verification that the linux-azure/6.2.0-1009.9 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-lunar' to 'verification-done-lunar'. If the problem still exists, change the tag 'verification-needed-lunar' to 'verification-failed-lunar'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-lunar-linux-azure verification-needed-lunar

Tim Gardner (timg-tpi) on 2023-07-19

tags:

added: verification-done-lunar
removed: verification-needed-lunar

Revision history for this message

Launchpad Janitor (janitor) wrote on 2023-09-13:

#6

This bug was fixed in the package linux-azure - 6.5.0-1004.4

---------------
linux-azure (6.5.0-1004.4) mantic; urgency=medium

* mantic/linux-azure: 6.5.0-1004.4 -proposed tracker (LP: #2034548)

* Packaging resync (LP: #1786013)
- debian/dkms-versions -- update from kernel-versions (main/d2023.08.23)

* Azure: net: mana: Add page pool for RX buffers (LP: #2034277)
- net: mana: Add page pool for RX buffers

[ Ubuntu: 6.5.0-5.5 ]

  * mantic/linux: 6.5.0-5.5 -proposed tracker (LP: #2034546)
  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
    - debian/dkms-versions -- update from kernel-versions (main/d2023.08.23)

-- Andrea Righi <email address hidden> Wed, 06 Sep 2023 16:34:24 +0200

Changed in linux-azure (Ubuntu):
status:	Fix Committed → Fix Released

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-10-24:

#7

This bug is awaiting verification that the linux-azure-6.5/6.5.0-1007.7~22.04.1 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy-linux-azure-6.5' to 'verification-done-jammy-linux-azure-6.5'. If the problem still exists, change the tag 'verification-needed-jammy-linux-azure-6.5' to 'verification-failed-jammy-linux-azure-6.5'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-jammy-linux-azure-6.5-v2 verification-needed-jammy-linux-azure-6.5

Ubuntu
linux-azure-5.19 package

Azure: Build-in TDX guest driver

Bug Description

CVE References

Other bug subscribers

Remote bug watches

	Status	Importance	Assigned to
linux-azure (Ubuntu)	Fix Released	High	Tim Gardner
Jammy	Invalid	Undecided	Unassigned
Kinetic	Fix Released	High	Tim Gardner
Lunar	Fix Released	High	Tim Gardner
linux-azure-5.19 (Ubuntu)	Invalid	Undecided	Unassigned
Jammy	Fix Released	High	Tim Gardner
Kinetic	Invalid	Undecided	Unassigned
Lunar	Invalid	Undecided	Unassigned

Ubuntulinux-azure-5.19 package

Azure: Build-in TDX guest driver

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Ubuntu
linux-azure-5.19 package