Ubuntu
linux-azure package

Kernel fails to enable XSAVE when running in a “v5” AMD SEV-SNP VM

Noble (24.04)
Bug #2069204

Bug #2069204 reported by John Cabaj on 2024-06-12

This bug affects 1 person

	Status	Importance	Assigned to
linux-azure (Ubuntu)	Status tracked in Oracular
Noble	Fix Released	Undecided	Unassigned
Oracular	Fix Committed	Undecided	Unassigned

Bug Description

SRU Justification

[Impact]

* Request from MSFT to include patch to disable CET Shadow Stack on SEV-SNP. Due to CPUID emulation bug not being fixed in VMs until October 2024, this feature is being disabled in the interim.

[Fix]

* Clean cherry-pick SAUCE patch from MSFT tree, https://github.com/dcui/linux
* cdf5cdd: "x86/hyperv: temporarily disable CET SS on SEV-SNP due to a paravisor bug"

[Test Plan]

* Compile tested
* Boot tested
* Microsoft tested

[Regression potential]

* Changes isolated, minimal regression risk

[Other info]

* SF #00387447

See original description

Tags:

CVE References

John Cabaj (john-cabaj) on 2024-06-12

description:

updated

John Cabaj (john-cabaj) on 2024-06-15

Changed in linux-azure (Ubuntu Noble):
status:	New → Fix Committed
Changed in linux-azure (Ubuntu Oracular):
status:	New → Fix Committed

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2024-06-18:

This bug is awaiting verification that the linux-azure/6.8.0-1010.10 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-noble-linux-azure' to 'verification-done-noble-linux-azure'. If the problem still exists, change the tag 'verification-needed-noble-linux-azure' to 'verification-failed-noble-linux-azure'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-noble-linux-azure-v2 verification-needed-noble-linux-azure

Tim Gardner (timg-tpi) on 2024-06-21

tags:

added: verification-done-noble-linux-azure
removed: verification-needed-noble-linux-azure

Revision history for this message

Launchpad Janitor (janitor) wrote 9 hours ago:

Download full text (51.6 KiB)

This bug was fixed in the package linux-azure - 6.8.0-1010.10

---------------
linux-azure (6.8.0-1010.10) noble; urgency=medium

* noble/linux-azure: 6.8.0-1010.10 -proposed tracker (LP: #2068298)

  * Kernel fails to enable XSAVE when running in a “v5” AMD SEV-SNP VM
    (LP: #2069204)
    - SAUCE: x86/hyperv: temporarily disable CET SS on SEV-SNP due to a paravisor
      bug

[ Ubuntu: 6.8.0-38.38 ]

This bug was fixed in the package linux-azure - 6.8.0-1010.10

---------------
linux-azure (6.8.0-1010.10) noble; urgency=medium

* noble/linux-azure: 6.8.0-1010.10 -proposed tracker (LP: #2068298)

* Kernel fails to enable XSAVE when running in a “v5” AMD SEV-SNP VM
    (LP: #2069204)
    - SAUCE: x86/hyperv: temporarily disable CET SS on SEV-SNP due to a paravisor
      bug

[ Ubuntu: 6.8.0-38.38 ]

* noble/linux: 6.8.0-38.38 -proposed tracker (LP: #2068318)
  * race_sched in ubuntu_stress_smoke_test will cause kernel panic on 6.8 with
    Azure Standard_A2_v2 instance (LP: #2068024)
    - sched/eevdf: Prevent vlag from going out of bounds in reweight_eevdf()
  * Noble: btrfs: re-introduce 'norecovery' mount option (LP: #2068591)
    - btrfs: re-introduce 'norecovery' mount option
  * Fix system hang while entering suspend with AMD Navi3x graphics
    (LP: #2063417)
    - drm/amdgpu/mes: fix use-after-free issue
  * Noble update: v6.8.8 upstream stable release (LP: #2068087)
    - io_uring: Fix io_cqring_wait() not restoring sigmask on get_timespec64()
      failure
    - drm/i915/cdclk: Fix voltage_level programming edge case
    - Revert "vmgenid: emit uevent when VMGENID updates"
    - SUNRPC: Fix rpcgss_context trace event acceptor field
    - selftests/ftrace: Limit length in subsystem-enable tests
    - random: handle creditable entropy from atomic process context
    - scsi: core: Fix handling of SCMD_FAIL_IF_RECOVERING
    - net: usb: ax88179_178a: avoid writing the mac address before first reading
    - btrfs: do not wait for short bulk allocation
    - btrfs: zoned: do not flag ZEROOUT on non-dirty extent buffer
    - r8169: fix LED-related deadlock on module removal
    - r8169: add missing conditional compiling for call to r8169_remove_leds
    - scsi: ufs: qcom: Add missing interconnect bandwidth values for Gear 5
    - netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()
    - netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get()
    - netfilter: br_netfilter: skip conntrack input hook for promisc packets
    - netfilter: nft_set_pipapo: constify lookup fn args where possible
    - netfilter: nft_set_pipapo: walk over current view on netlink dump
    - netfilter: flowtable: validate pppoe header
    - netfilter: flowtable: incorrect pppoe tuple
    - af_unix: Call manage_oob() for every skb in unix_stream_read_generic().
    - af_unix: Don't peek OOB data without MSG_OOB.
    - net: sparx5: flower: fix fragment flags handling
    - net/mlx5: Lag, restore buckets number to default after hash LAG deactivation
    - net/mlx5: Restore mistakenly dropped parts in register devlink flow
    - net/mlx5e: Prevent deadlock while disabling aRFS
    - net: change maximum number of UDP segments to 128
    - octeontx2-pf: fix FLOW_DIS_IS_FRAGMENT implementation
    - selftests/tcp_ao: Make RST tests less flaky
    - selftests/tcp_ao: Zero-init tcp_ao_info_opt
    - selftests/tcp_ao: Fix fscanf() call for format-security
    - selftests/tcp_ao: Printing fixes to confirm with format-security
    - net: stmmac: Apply half-duplex-less constraint for DW QoS Eth only
    - net: stmmac: Fix max-speed being ignored on queue re-init
    - net: stmmac: Fix IP-cores specific MAC capabilities
    - ice: tc: check src_vsi in case of traffic from VF
    - ice: tc: allow zero flags in parsing tc flower
    - ice: Fix checking for unsupported keys on non-tunnel device
    - tun: limit printing rate when illegal packet received by tun dev
    - net: dsa: mt7530: fix mirroring frames received on local port
    - net: dsa: mt7530: fix port mirroring for MT7988 SoC switch
    - s390/ism: Properly fix receive message buffer allocation
    - netfilter: nf_tables: missing iterator type in lookup walk
    - netfilter: nf_tables: restore set elements when delete set fails
    - gpiolib: swnode: Remove wrong header inclusion
    - netfilter: nf_tables: fix memleak in map from abort path
    - net/sched: Fix mirred deadlock on device recursion
    - net: ethernet: mtk_eth_soc: fix WED + wifi reset
    - ravb: Group descriptor types used in Rx ring
    - net: ravb: Count packets instead of descriptors in R-Car RX path
    - net: ravb: Allow RX loop to move past DMA mapping errors
    - net: ethernet: ti: am65-cpsw-nuss: cleanup DMA Channels before using them
    - NFSD: fix endianness issue in nfsd4_encode_fattr4
    - RDMA/rxe: Fix the problem "mutex_destroy missing"
    - RDMA/cm: Print the old state when cm_destroy_id gets timeout
    - RDMA/mlx5: Fix port number for counter query in multi-port configuration
    - perf annotate: Make sure to call symbol__annotate2() in TUI
    - perf lock contention: Add a missing NULL check
    - s390/qdio: handle deferred cc1
    - s390/cio: fix race condition during online processing
    - iommufd: Add missing IOMMUFD_DRIVER kconfig for the selftest
    - iommufd: Add config needed for iommufd_fail_nth
    - drm: nv04: Fix out of bounds access
    - drm/v3d: Don't increment `enabled_ns` twice
    - userfaultfd: change src_folio after ensuring it's unpinned in UFFDIO_MOVE
    - thunderbolt: Introduce tb_port_reset()
    - thunderbolt: Introduce tb_path_deactivate_hop()
    - thunderbolt: Make tb_switch_reset() support Thunderbolt 2, 3 and USB4
      routers
    - thunderbolt: Reset topology created by the boot firmware
    - drm/panel: visionox-rm69299: don't unregister DSI device
    - drm/radeon: make -fstrict-flex-arrays=3 happy
    - ALSA: hda/realtek: Fix volumn control of ThinkBook 16P Gen4
    - thermal/debugfs: Add missing count increment to thermal_debug_tz_trip_up()
    - platform/x86/amd/pmc: Extend Framework 13 quirk to more BIOSes
    - interconnect: qcom: x1e80100: Remove inexistent ACV_PERF BCM
    - interconnect: Don't access req_list while it's being manipulated
    - clk: Remove prepare_lock hold assertion in __clk_release()
    - clk: Initialize struct clk_core kref earlier
    - clk: Get runtime PM before walking tree during disable_unused
    - clk: Get runtime PM before walking tree for clk_summary
    - clk: mediatek: Do a runtime PM get on controllers during probe
    - clk: mediatek: mt7988-infracfg: fix clocks for 2nd PCIe port
    - selftests/powerpc/papr-vpd: Fix missing variable initialization
    - x86/bugs: Fix BHI retpoline check
    - x86/cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ
    - block: propagate partition scanning errors to the BLKRRPART ioctl
    - net/mlx5: E-switch, store eswitch pointer before registering devlink_param
    - ALSA: seq: ump: Fix conversion from MIDI2 to MIDI1 UMP messages
    - ALSA: hda/tas2781: correct the register for pow calibrated data
    - ALSA: hda/realtek: Add quirks for Huawei Matebook D14 NBLB-WAX9N
    - ALSA: hda/realtek - Enable audio jacks of Haier Boyue G42 with ALC269VC
    - usb: misc: onboard_usb_hub: Disable the USB hub clock on failure
    - misc: rtsx: Fix rts5264 driver status incorrect when card removed
    - thunderbolt: Avoid notify PM core about runtime PM resume
    - thunderbolt: Fix wake configurations after device unplug
    - thunderbolt: Do not create DisplayPort tunnels on adapters of the same
      router
    - comedi: vmk80xx: fix incomplete endpoint checking
    - serial: mxs-auart: add spinlock around changing cts state
    - serial/pmac_zilog: Remove flawed mitigation for rx irq flood
    - serial: 8250_dw: Revert: Do not reclock if already at correct rate
    - serial: stm32: Return IRQ_NONE in the ISR if no handling happend
    - serial: stm32: Reset .throttled state in .startup()
    - serial: core: Fix regression when runtime PM is not enabled
    - serial: core: Clearing the circular buffer before NULLifying it
    - serial: core: Fix missing shutdown and startup for serial base port
    - USB: serial: option: add Fibocom FM135-GL variants
    - USB: serial: option: add support for Fibocom FM650/FG650
    - USB: serial: option: add Lonsung U8300/U9300 product
    - USB: serial: option: support Quectel EM060K sub-models
    - USB: serial: option: add Rolling RW101-GL and RW135-GL support
    - USB: serial: option: add Telit FN920C04 rmnet compositions
    - Revert "usb: cdc-wdm: close race between read and workqueue"
    - usb: dwc2: host: Fix dereference issue in DDMA completion flow.
    - usb: Disable USB3 LPM at shutdown
    - usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport
      error
    - usb: typec: tcpm: Correct the PDO counting in pd_set
    - mei: me: disable RPL-S on SPS and IGN firmwares
    - speakup: Avoid crash on very long word
    - fs: sysfs: Fix reference leak in sysfs_break_active_protection()
    - sched: Add missing memory barrier in switch_mm_cid
    - KVM: x86: Snapshot if a vCPU's vendor model is AMD vs. Intel compatible
    - KVM: x86/pmu: Disable support for adaptive PEBS
    - KVM: x86/pmu: Do not mask LVTPC when handling a PMI on AMD platforms
    - KVM: x86/mmu: x86: Don't overflow lpage_info when checking attributes
    - KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status
    - arm64/head: Disable MMU at EL2 before clearing HCR_EL2.E2H
    - arm64: hibernate: Fix level3 translation fault in swsusp_save()
    - init/main.c: Fix potential static_command_line memory overflow
    - mm/madvise: make MADV_POPULATE_(READ|WRITE) handle VM_FAULT_RETRY properly
    - mm/userfaultfd: allow hugetlb change protection upon poison entry
    - mm,swapops: update check in is_pfn_swap_entry for hwpoison entries
    - mm/memory-failure: fix deadlock when hugetlb_optimize_vmemmap is enabled
    - mm/shmem: inline shmem_is_huge() for disabled transparent hugepages
    - fuse: fix leaked ENOSYS error on first statx call
    - drm/amdkfd: Fix memory leak in create_process failure
    - drm/amdgpu: remove invalid resource->start check v2
    - drm/ttm: stop pooling cached NUMA pages v2
    - drm/xe: Fix bo leak in intel_fb_bo_framebuffer_init
    - drm/vmwgfx: Fix prime import/export
    - drm/vmwgfx: Sort primary plane formats by order of preference
    - drm/vmwgfx: Fix crtc's atomic check conditional
    - nouveau: fix instmem race condition around ptr stores
    - bootconfig: use memblock_free_late to free xbc memory to buddy
    - Squashfs: check the inode number is not the invalid value of zero
    - nilfs2: fix OOB in nilfs_set_de_type
    - fork: defer linking file vma until vma is fully initialized
    - net: dsa: mt7530: fix improper frames on all 25MHz and 40MHz XTAL MT7530
    - net: dsa: mt7530: fix enabling EEE on MT7531 switch on all boards
    - ksmbd: fix slab-out-of-bounds in smb2_allocate_rsp_buf
    - ksmbd: validate request buffer size in smb2_allocate_rsp_buf()
    - ksmbd: clear RENAME_NOREPLACE before calling vfs_rename
    - ksmbd: common: use struct_group_attr instead of struct_group for
      network_open_info
    - thunderbolt: Reset only non-USB4 host routers in resume
    - Linux 6.8.8
  * Fix inaudible HDMI/DP audio on USB-C MST dock (LP: #2064689)
    - drm/i915/audio: Fix audio time stamp programming for DP
  * Add Cirrus Logic CS35L56 amplifier support (LP: #2062135)
    - ALSA: hda: realtek: Re-work CS35L41 fixups to re-use for other amps
    - ALSA: hda/realtek: Add quirks for HP G11 Laptops using CS35L56
  * net:fib_rule_tests.sh in ubuntu_kselftests_net fails on Noble (LP: #2066332)
    - Revert "UBUNTU: SAUCE: selftests: net: fix "from" match test in
      fib_rule_tests.sh"
  * mtk_t7xx WWAN module fails to probe with: Invalid device status 0x1
    (LP: #2049358)
    - Revert "UBUNTU: SAUCE: net: wwan: t7xx: PCIe reset rescan"
    - Revert "UBUNTU: SAUCE: net: wwan: t7xx: Add AP CLDMA"
    - net: wwan: t7xx: Add AP CLDMA
    - wwan: core: Add WWAN fastboot port type
    - net: wwan: t7xx: Add sysfs attribute for device state machine
    - net: wwan: t7xx: Infrastructure for early port configuration
    - net: wwan: t7xx: Add fastboot WWAN port
  * Pull-request to address TPM bypass issue (LP: #2037688)
    - [Config]: Configure TPM drivers as builtins for arm64 in annotations
  * re-enable Ubuntu FAN in the Noble kernel (LP: #2064508)
    - SAUCE: fan: add VXLAN implementation
    - SAUCE: fan: Fix NULL pointer dereference
    - SAUCE: fan: support vxlan strict length validation
  * update for V3 kernel bits and improved multiple fan slice support
    (LP: #1470091) // re-enable Ubuntu FAN in the Noble kernel (LP: #2064508)
    - SAUCE: fan: tunnel multiple mapping mode (v3)
  * TCP memory  leak, slow network (arm64) (LP: #2045560)
    - net: make SK_MEMORY_PCPU_RESERV tunable
    - net: fix sk_memory_allocated_{add|sub} vs softirqs
  * panel flickering after the i915.psr2 is enabled (LP: #2046315)
    - drm/i915/alpm: Add ALPM register definitions
    - drm/i915/psr: Add alpm_parameters struct
    - drm/i915/alpm: Calculate ALPM Entry check
    - drm/i915/alpm: Alpm aux wake configuration for lnl
    - drm/i915/display: Make intel_dp_aux_fw_sync_len available for PSR code
    - drm/i915/psr: Improve fast and IO wake lines calculation
    - drm/i915/psr: Calculate IO wake and fast wake lines for DISPLAY_VER < 12
    - drm/i915/display: Increase number of fast wake precharge pulses
  * I2C HID device sometimes fails to initialize causing touchpad to not work
    (LP: #2061040)
    - HID: i2c-hid: Revert to await reset ACK before reading report descriptor
  * Fix the RTL8852CE BT FW Crash based on SER false alarm (LP: #2060904)
    - wifi: rtw89: disable txptctrl IMR to avoid flase alarm
    - wifi: rtw89: pci: correct TX resource checking for PCI DMA channel of
      firmware command
  * [X13s] Fingerprint reader is not working (LP: #2065376)
    - SAUCE: arm64: dts: qcom: sc8280xp: Add USB DWC3 Multiport controller
    - SAUCE: arm64: dts: qcom: sc8280xp-x13s: enable USB MP and fingerprint reader
  * Fix random HuC/GuC initialization failure of Intel i915 driver
    (LP: #2061049)
    - drm/i915/huc: Allow for very slow HuC loading
  * Add support of TAS2781 amp of audio (LP: #2064064)
    - ALSA: hda/tas2781: Add new vendor_id and subsystem_id to support ThinkPad
      ICE-1
  * Noble update: v6.8.7 upstream stable release (LP: #2065912)
    - smb3: fix Open files on server counter going negative
    - ata: libata-core: Allow command duration limits detection for ACS-4 drives
    - ata: libata-scsi: Fix ata_scsi_dev_rescan() error path
    - drm/amdgpu/vpe: power on vpe when hw_init
    - batman-adv: Avoid infinite loop trying to resize local TT
    - ceph: redirty page before returning AOP_WRITEPAGE_ACTIVATE
    - ceph: switch to use cap_delay_lock for the unlink delay list
    - virtio_net: Do not send RSS key if it is not supported
    - arm64: tlb: Fix TLBI RANGE operand
    - ARM: dts: imx7s-warp: Pass OV2680 link-frequencies
    - raid1: fix use-after-free for original bio in raid1_write_request()
    - ring-buffer: Only update pages_touched when a new page is touched
    - Bluetooth: Fix memory leak in hci_req_sync_complete()
    - drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11
    - platform/chrome: cros_ec_uart: properly fix race condition
    - ACPI: scan: Do not increase dep_unmet for already met dependencies
    - PM: s2idle: Make sure CPUs will wakeup directly on resume
    - media: cec: core: remove length check of Timer Status
    - btrfs: tests: allocate dummy fs_info and root in test_find_delalloc()
    - ARM: OMAP2+: fix bogus MMC GPIO labels on Nokia N8x0
    - ARM: OMAP2+: fix N810 MMC gpiod table
    - mmc: omap: fix broken slot switch lookup
    - mmc: omap: fix deferred probe
    - mmc: omap: restore original power up/down steps
    - ARM: OMAP2+: fix USB regression on Nokia N8x0
    - firmware: arm_ffa: Fix the partition ID check in ffa_notification_info_get()
    - firmware: arm_scmi: Make raw debugfs entries non-seekable
    - cxl/mem: Fix for the index of Clear Event Record Handle
    - cxl/core/regs: Fix usage of map->reg_type in cxl_decode_regblock() before
      assigned
    - arm64: dts: freescale: imx8mp-venice-gw72xx-2x: fix USB vbus regulator
    - arm64: dts: freescale: imx8mp-venice-gw73xx-2x: fix USB vbus regulator
    - drm/msm: Add newlines to some debug prints
    - drm/msm/dpu: don't allow overriding data from catalog
    - drm/msm/dpu: make error messages at dpu_core_irq_register_callback() more
      sensible
    - dt-bindings: display/msm: sm8150-mdss: add DP node
    - arm64: dts: imx8-ss-conn: fix usdhc wrong lpcg clock order
    - cxl/core: Fix initialization of mbox_cmd.size_out in get event
    - Revert "drm/qxl: simplify qxl_fence_wait"
    - nouveau: fix function cast warning
    - drm/msm/adreno: Set highest_bank_bit for A619
    - scsi: hisi_sas: Modify the deadline for ata_wait_after_reset()
    - scsi: qla2xxx: Fix off by one in qla_edif_app_getstats()
    - net: openvswitch: fix unwanted error log on timeout policy probing
    - u64_stats: fix u64_stats_init() for lockdep when used repeatedly in one file
    - xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING
    - octeontx2-pf: Fix transmit scheduler resource leak
    - block: fix q->blkg_list corruption during disk rebind
    - lib: checksum: hide unused expected_csum_ipv6_magic[]
    - geneve: fix header validation in geneve[6]_xmit_skb
    - s390/ism: fix receive message buffer allocation
    - bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init()
    - bnxt_en: Fix error recovery for RoCE ulp client
    - bnxt_en: Reset PTP tx_avail after possible firmware reset
    - ACPI: bus: allow _UID matching for integer zero
    - base/node / ACPI: Enumerate node access class for 'struct access_coordinate'
    - ACPI: HMAT: Introduce 2 levels of generic port access class
    - ACPI: HMAT / cxl: Add retrieval of generic port coordinates for both access
      classes
    - cxl: Split out combine_coordinates() for common shared usage
    - cxl: Split out host bridge access coordinates
    - cxl: Remove checking of iter in cxl_endpoint_get_perf_coordinates()
    - cxl: Fix retrieving of access_coordinates in PCIe path
    - net: ks8851: Inline ks8851_rx_skb()
    - net: ks8851: Handle softirqs at the end of IRQ thread to fix hang
    - af_unix: Clear stale u->oob_skb.
    - octeontx2-af: Fix NIX SQ mode and BP config
    - ipv6: fib: hide unused 'pn' variable
    - ipv4/route: avoid unused-but-set-variable warning
    - ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr
    - pds_core: use pci_reset_function for health reset
    - pds_core: Fix pdsc_check_pci_health function to use work thread
    - Bluetooth: ISO: Align broadcast sync_timeout with connection timeout
    - Bluetooth: ISO: Don't reject BT_ISO_QOS if parameters are unset
    - Bluetooth: hci_sync: Use QoS to determine which PHY to scan
    - Bluetooth: hci_sync: Fix using the same interval and window for Coded PHY
    - Bluetooth: SCO: Fix not validating setsockopt user input
    - Bluetooth: RFCOMM: Fix not validating setsockopt user input
    - Bluetooth: L2CAP: Fix not validating setsockopt user input
    - Bluetooth: ISO: Fix not validating setsockopt user input
    - Bluetooth: hci_sock: Fix not validating setsockopt user input
    - Bluetooth: l2cap: Don't double set the HCI_CONN_MGMT_CONNECTED bit
    - netfilter: complete validation of user input
    - net/mlx5: SF, Stop waiting for FW as teardown was called
    - net/mlx5: Register devlink first under devlink lock
    - net/mlx5: offset comp irq index in name by one
    - net/mlx5: Properly link new fs rules into the tree
    - net/mlx5: Correctly compare pkt reformat ids
    - net/mlx5e: RSS, Block changing channels number when RXFH is configured
    - net/mlx5e: Fix mlx5e_priv_init() cleanup flow
    - net/mlx5e: HTB, Fix inconsistencies with QoS SQs number
    - net/mlx5e: Do not produce metadata freelist entries in Tx port ts WQE xmit
    - net: sparx5: fix wrong config being used when reconfiguring PCS
    - Revert "s390/ism: fix receive message buffer allocation"
    - net: dsa: mt7530: trap link-local frames regardless of ST Port State
    - af_unix: Do not use atomic ops for unix_sk(sk)->inflight.
    - af_unix: Fix garbage collector racing against connect()
    - net: ena: Fix potential sign extension issue
    - net: ena: Wrong missing IO completions check order
    - net: ena: Fix incorrect descriptor free behavior
    - net: ena: Set tx_info->xdpf value to NULL
    - drm/xe/display: Fix double mutex initialization
    - drm/xe/hwmon: Cast result to output precision on left shift of operand
    - tracing: hide unused ftrace_event_id_fops
    - iommu/vt-d: Fix wrong use of pasid config
    - iommu/vt-d: Allocate local memory for page request queue
    - iommu/vt-d: Fix WARN_ON in iommu probe path
    - io_uring: refactor DEFER_TASKRUN multishot checks
    - io_uring: disable io-wq execution of multishot NOWAIT requests
    - btrfs: qgroup: correctly model root qgroup rsv in convert
    - btrfs: qgroup: fix qgroup prealloc rsv leak in subvolume operations
    - btrfs: record delayed inode root in transaction
    - btrfs: qgroup: convert PREALLOC to PERTRANS after record_root_in_trans
    - io_uring/net: restore msg_control on sendzc retry
    - kprobes: Fix possible use-after-free issue on kprobe registration
    - fs/proc: remove redundant comments from /proc/bootconfig
    - fs/proc: Skip bootloader comment if no embedded kernel parameters
    - scsi: sg: Avoid sg device teardown race
    - scsi: sg: Avoid race in error handling & drop bogus warn
    - accel/ivpu: Check return code of ipc->lock init
    - accel/ivpu: Fix PCI D0 state entry in resume
    - accel/ivpu: Put NPU back to D3hot after failed resume
    - accel/ivpu: Return max freq for DRM_IVPU_PARAM_CORE_CLOCK_RATE
    - accel/ivpu: Fix deadlock in context_xa
    - drm/vmwgfx: Enable DMA mappings with SEV
    - drm/i915/vrr: Disable VRR when using bigjoiner
    - drm/amdkfd: Reset GPU on queue preemption failure
    - drm/ast: Fix soft lockup
    - drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr()
    - drm/client: Fully protect modes[] with dev->mode_config.mutex
    - drm/msm/dp: fix runtime PM leak on disconnect
    - drm/msm/dp: fix runtime PM leak on connect failure
    - drm/amdgpu/umsch: reinitialize write pointer in hw init
    - arm64: dts: imx8qm-ss-dma: fix can lpcg indices
    - arm64: dts: imx8-ss-dma: fix can lpcg indices
    - arm64: dts: imx8-ss-dma: fix adc lpcg indices
    - arm64: dts: imx8-ss-conn: fix usb lpcg indices
    - arm64: dts: imx8-ss-dma: fix pwm lpcg indices
    - arm64: dts: imx8-ss-lsio: fix pwm lpcg indices
    - arm64: dts: imx8-ss-dma: fix spi lpcg indices
    - vhost: Add smp_rmb() in vhost_vq_avail_empty()
    - vhost: Add smp_rmb() in vhost_enable_notify()
    - perf/x86: Fix out of range data
    - x86/cpu: Actually turn off mitigations by default for
      SPECULATION_MITIGATIONS=n
    - selftests/timers/posix_timers: Reimplement check_timer_distribution()
    - selftests: timers: Fix posix_timers ksft_print_msg() warning
    - selftests: timers: Fix abs() warning in posix_timers test
    - selftests: kselftest: Mark functions that unconditionally call exit() as
      __noreturn
    - x86/apic: Force native_apic_mem_read() to use the MOV instruction
    - irqflags: Explicitly ignore lockdep_hrtimer_exit() argument
    - selftests: kselftest: Fix build failure with NOLIBC
    - kernfs: annotate different lockdep class for of->mutex of writable files
    - x86/bugs: Fix return type of spectre_bhi_state()
    - x86/bugs: Fix BHI documentation
    - x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES
    - x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr'
    - x86/bugs: Fix BHI handling of RRSBA
    - x86/bugs: Clarify that syscall hardening isn't a BHI mitigation
    - x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto
    - [Config] updateconfigs to remove obsolete SPECTRE_BHI_AUTO
    - x86/bugs: Replace CONFIG_SPECTRE_BHI_{ON,OFF} with
      CONFIG_MITIGATION_SPECTRE_BHI
    - [Config] updateconfigs to enable new MITIGATION_SPECTRE_BHI
    - drm/i915/cdclk: Fix CDCLK programming order when pipes are active
    - drm/i915/psr: Disable PSR when bigjoiner is used
    - drm/i915: Disable port sync when bigjoiner is used
    - drm/i915: Disable live M/N updates when using bigjoiner
    - drm/amdgpu: Reset dGPU if suspend got aborted
    - drm/amdgpu: always force full reset for SOC21
    - drm/amdgpu: fix incorrect number of active RBs for gfx11
    - drm/amdgpu: differentiate external rev id for gfx 11.5.0
    - drm/amd/display: Program VSC SDP colorimetry for all DP sinks >= 1.4
    - drm/amd/display: Set VSC SDP Colorimetry same way for MST and SST
    - drm/amd/display: Do not recursively call manual trigger programming
    - drm/amd/display: Return max resolution supported by DWB
    - drm/amd/display: always reset ODM mode in context when adding first plane
    - drm/amd/display: fix disable otg wa logic in DCN316
    - Linux 6.8.7
  * Noble update: v6.8.6 upstream stable release (LP: #2065899)
    - amdkfd: use calloc instead of kzalloc to avoid integer overflow
    - wifi: ath9k: fix LNA selection in ath_ant_try_scan()
    - wifi: rtw89: fix null pointer access when abort scan
    - bnx2x: Fix firmware version string character counts
    - net: stmmac: dwmac-starfive: Add support for JH7100 SoC
    - net: phy: phy_device: Prevent nullptr exceptions on ISR
    - wifi: rtw89: pci: validate RX tag for RXQ and RPQ
    - wifi: rtw89: pci: enlarge RX DMA buffer to consider size of RX descriptor
    - VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()
    - wifi: iwlwifi: pcie: Add the PCI device id for new hardware
    - arm64: dts: qcom: qcm6490-idp: Add definition for three LEDs
    - net: dsa: qca8k: put MDIO controller OF node if unavailable
    - arm64: dts: qcom: qrb2210-rb1: disable cluster power domains
    - printk: For @suppress_panic_printk check for other CPU in panic
    - panic: Flush kernel log buffer at the end
    - dump_stack: Do not get cpu_sync for panic CPU
    - wifi: iwlwifi: pcie: Add new PCI device id and CNVI
    - cpuidle: Avoid potential overflow in integer multiplication
    - ARM: dts: rockchip: fix rk3288 hdmi ports node
    - ARM: dts: rockchip: fix rk322x hdmi ports node
    - arm64: dts: rockchip: fix rk3328 hdmi ports node
    - arm64: dts: rockchip: fix rk3399 hdmi ports node
    - net: add netdev_lockdep_set_classes() to virtual drivers
    - arm64: dts: qcom: qcs6490-rb3gen2: Declare GCC clocks protected
    - pmdomain: ti: Add a null pointer check to the omap_prm_domain_init
    - pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain
    - ACPI: resource: Add IRQ override quirk for ASUS ExpertBook B2502FBA
    - ionic: set adminq irq affinity
    - net: skbuff: add overflow debug check to pull/push helpers
    - firmware: tegra: bpmp: Return directly after a failed kzalloc() in
      get_filename()
    - wifi: brcmfmac: Add DMI nvram filename quirk for ACEPC W5 Pro
    - wifi: mt76: mt7915: add locking for accessing mapped registers
    - wifi: mt76: mt7996: disable AMSDU for non-data frames
    - wifi: mt76: mt7996: add locking for accessing mapped registers
    - ACPI: x86: Move acpi_quirk_skip_serdev_enumeration() out of
      CONFIG_X86_ANDROID_TABLETS
    - ACPI: x86: Add DELL0501 handling to acpi_quirk_skip_serdev_enumeration()
    - pstore/zone: Add a null pointer check to the psz_kmsg_read
    - tools/power x86_energy_perf_policy: Fix file leak in get_pkg_num()
    - net: pcs: xpcs: Return EINVAL in the internal methods
    - dma-direct: Leak pages on dma_set_decrypted() failure
    - wifi: ath11k: decrease MHI channel buffer length to 8KB
    - iommu/arm-smmu-v3: Hold arm_smmu_asid_lock during all of attach_dev
    - cpufreq: Don't unregister cpufreq cooling on CPU hotplug
    - overflow: Allow non-type arg to type_max() and type_min()
    - wifi: iwlwifi: Add missing MODULE_FIRMWARE() for *.pnvm
    - wifi: cfg80211: check A-MSDU format more carefully
    - btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks()
    - btrfs: export: handle invalid inode or root reference in btrfs_get_parent()
    - btrfs: send: handle path ref underflow in header iterate_inode_ref()
    - ice: use relative VSI index for VFs instead of PF VSI number
    - net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list()
    - netdev: let netlink core handle -EMSGSIZE errors
    - Bluetooth: btintel: Fix null ptr deref in btintel_read_version
    - Bluetooth: btmtk: Add MODULE_FIRMWARE() for MT7922
    - Bluetooth: Add new quirk for broken read key length on ATS2851
    - drm/vc4: don't check if plane->state->fb == state->fb
    - drm/ci: uprev mesa version: fix kdl commit fetch
    - drm/amdgpu: Skip do PCI error slot reset during RAS recovery
    - Input: synaptics-rmi4 - fail probing if memory allocation for "phys" fails
    - drm: panel-orientation-quirks: Add quirk for GPD Win Mini
    - ASoC: SOF: amd: Optimize quirk for Valve Galileo
    - drm/ttm: return ENOSPC from ttm_bo_mem_space v3
    - scsi: ufs: qcom: Avoid re-init quirk when gears match
    - drm/amd/display: increased min_dcfclk_mhz and min_fclk_mhz
    - pinctrl: renesas: checker: Limit cfg reg enum checks to provided IDs
    - sysv: don't call sb_bread() with pointers_lock held
    - scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc()
    - drm/amd/display: Disable idle reallow as part of command/gpint execution
    - isofs: handle CDs with bad root inode but good Joliet root directory
    - ASoC: Intel: sof_rt5682: dmi quirk cleanup for mtl boards
    - ASoC: Intel: common: DMI remap for rebranded Intel NUC M15 (LAPRC710)
      laptops
    - rcu/nocb: Fix WARN_ON_ONCE() in the rcu_nocb_bypass_lock()
    - rcu-tasks: Repair RCU Tasks Trace quiescence check
    - Julia Lawall reported this null pointer dereference, this should fix it.
    - media: sta2x11: fix irq handler cast
    - ALSA: firewire-lib: handle quirk to calculate payload quadlets as data block
      counter
    - drm/panel: simple: Add BOE BP082WX1-100 8.2" panel
    - x86/vdso: Fix rethunk patching for vdso-image-{32,64}.o
    - ASoC: Intel: avs: Populate board selection with new I2S entries
    - ext4: add a hint for block bitmap corrupt state in mb_groups
    - ext4: forbid commit inconsistent quota data when errors=remount-ro
    - drm/amd/display: Fix nanosec stat overflow
    - accel/habanalabs: increase HL_MAX_STR to 64 bytes to avoid warnings
    - i2c: designware: Fix RX FIFO depth define on Wangxun 10Gb NIC
    - HID: input: avoid polling stylus battery on Chromebook Pompom
    - drm/amd/amdgpu: Fix potential ioremap() memory leaks in amdgpu_device_init()
    - drm: Check output polling initialized before disabling
    - drm: Check polling initialized before enabling in
      drm_helper_probe_single_connector_modes
    - SUNRPC: increase size of rpc_wait_queue.qlen from unsigned short to unsigned
      int
    - PCI: Disable D3cold on Asus B1400 PCI-NVMe bridge
    - Revert "ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default"
    - libperf evlist: Avoid out-of-bounds access
    - crypto: iaa - Fix async_disable descriptor leak
    - input/touchscreen: imagis: Correct the maximum touch area value
    - drivers/perf: hisi: Enable HiSilicon Erratum 162700402 quirk for HIP09
    - block: prevent division by zero in blk_rq_stat_sum()
    - RDMA/cm: add timeout to cm_destroy_id wait
    - Input: imagis - use FIELD_GET where applicable
    - Input: allocate keycode for Display refresh rate toggle
    - platform/x86: acer-wmi: Add support for Acer PH16-71
    - platform/x86: acer-wmi: Add predator_v4 module parameter
    - platform/x86: touchscreen_dmi: Add an extra entry for a variant of the Chuwi
      Vi8 tablet
    - perf/x86/amd/lbr: Discard erroneous branch entries
    - ALSA: hda/realtek: Add quirk for Lenovo Yoga 9 14IMH9
    - ktest: force $buildonly = 1 for 'make_warnings_file' test type
    - Input: xpad - add support for Snakebyte GAMEPADs
    - ring-buffer: use READ_ONCE() to read cpu_buffer->commit_page in concurrent
      environment
    - tools: iio: replace seekdir() in iio_generic_buffer
    - bus: mhi: host: Add MHI_PM_SYS_ERR_FAIL state
    - kernfs: RCU protect kernfs_nodes and avoid kernfs_idr_lock in
      kernfs_find_and_get_node_by_id()
    - usb: typec: ucsi: Add qcm6490-pmic-glink as needing PDOS quirk
    - thunderbolt: Calculate DisplayPort tunnel bandwidth after DPRX capabilities
      read
    - usb: gadget: uvc: refactor the check for a valid buffer in the pump worker
    - usb: gadget: uvc: mark incomplete frames with UVC_STREAM_ERR
    - usb: typec: ucsi: Limit read size on v1.2
    - serial: 8250_of: Drop quirk fot NPCM from 8250_port
    - thunderbolt: Keep the domain powered when USB4 port is in redrive mode
    - usb: typec: tcpci: add generic tcpci fallback compatible
    - usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined
    - ASoC: amd: yc: Fix non-functional mic on ASUS M7600RE
    - thermal/of: Assume polling-delay(-passive) 0 when absent
    - ASoC: soc-core.c: Skip dummy codec when adding platforms
    - x86/xen: attempt to inflate the memory balloon on PVH
    - fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2
    - io_uring: clear opcode specific data for an early failure
    - modpost: fix null pointer dereference
    - drivers/nvme: Add quirks for device 126f:2262
    - fbmon: prevent division by zero in fb_videomode_from_videomode()
    - ALSA: hda/realtek: Add quirks for some Clevo laptops
    - drm/amdgpu: Init zone device and drm client after mode-1 reset on reload
    - gcc-plugins/stackleak: Avoid .head.text section
    - media: mediatek: vcodec: Fix oops when HEVC init fails
    - media: mediatek: vcodec: adding lock to protect decoder context list
    - media: mediatek: vcodec: adding lock to protect encoder context list
    - randomize_kstack: Improve entropy diffusion
    - platform/x86/intel/hid: Don't wake on 5-button releases
    - platform/x86: intel-vbtn: Update tablet mode switch at end of probe
    - nouveau: fix devinit paths to only handle display on GSP.
    - Bluetooth: btintel: Fixe build regression
    - net: mpls: error out if inner headers are not set
    - VMCI: Fix possible memcpy() run-time warning in
      vmci_datagram_invoke_guest_handler()
    - x86/vdso: Fix rethunk patching for vdso-image-x32.o too
    - Revert "drm/amd/amdgpu: Fix potential ioremap() memory leaks in
      amdgpu_device_init()"
    - Linux 6.8.6
  * Noble update: v6.8.5 upstream stable release (LP: #2065400)
    - scripts/bpf_doc: Use silent mode when exec make cmd
    - xsk: Don't assume metadata is always requested in TX completion
    - s390/bpf: Fix bpf_plt pointer arithmetic
    - bpf, arm64: fix bug in BPF_LDX_MEMSX
    - dma-buf: Fix NULL pointer dereference in sanitycheck()
    - arm64: bpf: fix 32bit unconditional bswap
    - nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet
    - nfsd: Fix error cleanup path in nfsd_rename()
    - tools: ynl: fix setting presence bits in simple nests
    - mlxbf_gige: stop PHY during open() error paths
    - wifi: iwlwifi: mvm: pick the version of SESSION_PROTECTION_NOTIF
    - wifi: iwlwifi: mvm: rfi: fix potential response leaks
    - wifi: iwlwifi: mvm: include link ID when releasing frames
    - ALSA: hda: cs35l56: Set the init_done flag before component_add()
    - ice: Refactor FW data type and fix bitmap casting issue
    - ice: fix memory corruption bug with suspend and rebuild
    - ixgbe: avoid sleeping allocation in ixgbe_ipsec_vf_add_sa()
    - igc: Remove stale comment about Tx timestamping
    - drm/xe: Remove unused xe_bo->props struct
    - drm/xe: Add exec_queue.sched_props.job_timeout_ms
    - drm/xe/guc_submit: use jiffies for job timeout
    - drm/xe/queue: fix engine_class bounds check
    - drm/xe/device: fix XE_MAX_GT_PER_TILE check
    - drm/xe/device: fix XE_MAX_TILES_PER_DEVICE check
    - dpll: indent DPLL option type by a tab
    - s390/qeth: handle deferred cc1
    - net: hsr: hsr_slave: Fix the promiscuous mode in offload mode
    - tcp: properly terminate timers for kernel sockets
    - net: wwan: t7xx: Split 64bit accesses to fix alignment issues
    - drm/rockchip: vop2: Remove AR30 and AB30 format support
    - selftests: vxlan_mdb: Fix failures with old libnet
    - gpiolib: Fix debug messaging in gpiod_find_and_request()
    - ACPICA: debugger: check status of acpi_evaluate_object() in
      acpi_db_walk_for_fields()
    - net: hns3: fix index limit to support all queue stats
    - net: hns3: fix kernel crash when devlink reload during pf initialization
    - net: hns3: mark unexcuted loopback test result as UNEXECUTED
    - tls: recv: process_rx_list shouldn't use an offset with kvec
    - tls: adjust recv return with async crypto and failed copy to userspace
    - tls: get psock ref after taking rxlock to avoid leak
    - mlxbf_gige: call request_irq() after NAPI initialized
    - drm/amd/display: Update P010 scaling cap
    - drm/amd/display: Send DTBCLK disable message on first commit
    - bpf: Protect against int overflow for stack access size
    - cifs: Fix duplicate fscache cookie warnings
    - netfilter: nf_tables: reject destroy command to remove basechain hooks
    - netfilter: nf_tables: reject table flag and netdev basechain updates
    - netfilter: nf_tables: skip netdev hook unregistration if table is dormant
    - iommu: Validate the PASID in iommu_attach_device_pasid()
    - net: bcmasp: Bring up unimac after PHY link up
    - net: lan743x: Add set RFE read fifo threshold for PCI1x1x chips
    - Octeontx2-af: fix pause frame configuration in GMP mode
    - inet: inet_defrag: prevent sk release while still in use
    - drm/i915: Stop doing double audio enable/disable on SDVO and g4x+ DP
    - drm/i915/display: Disable AuxCCS framebuffers if built for Xe
    - drm/i915/xelpg: Extend some workarounds/tuning to gfx version 12.74
    - drm/i915/mtl: Update workaround 14018575942
    - drm/i915: Do not print 'pxp init failed with 0' when it succeed
    - dm integrity: fix out-of-range warning
    - modpost: do not make find_tosym() return NULL
    - kbuild: make -Woverride-init warnings more consistent
    - mm/treewide: replace pud_large() with pud_leaf()
    - Revert "x86/mm/ident_map: Use gbpages only where full GB page should be
      mapped."
    - gpio: cdev: sanitize the label before requesting the interrupt
    - RISC-V: KVM: Fix APLIC setipnum_le/be write emulation
    - RISC-V: KVM: Fix APLIC in_clrip[x] read emulation
    - KVM: arm64: Fix host-programmed guest events in nVHE
    - KVM: arm64: Fix out-of-IPA space translation fault handling
    - selinux: avoid dereference of garbage after mount failure
    - r8169: fix issue caused by buggy BIOS on certain boards with RTL8168d
    - x86/cpufeatures: Add CPUID_LNX_5 to track recently added Linux-defined word
    - x86/bpf: Fix IP after emitting call depth accounting
    - Revert "Bluetooth: hci_qca: Set BDA quirk bit if fwnode exists in DT"
    - arm64: dts: qcom: sc7180-trogdor: mark bluetooth address as broken
    - Bluetooth: qca: fix device-address endianness
    - Bluetooth: add quirk for broken address properties
    - Bluetooth: hci_event: set the conn encrypted before conn establishes
    - Bluetooth: Fix TOCTOU in HCI debugfs implementation
    - netfilter: nf_tables: release batch on table validation from abort path
    - netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path
    - selftests: mptcp: join: fix dev in check_endpoint
    - net/rds: fix possible cp null dereference
    - net: usb: ax88179_178a: avoid the interface always configured as random
      address
    - net: mana: Fix Rx DMA datasize and skb_over_panic
    - vsock/virtio: fix packet delivery to tap device
    - netfilter: nf_tables: reject new basechain after table flag update
    - netfilter: nf_tables: flush pending destroy work before exit_net release
    - netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()
    - netfilter: nf_tables: discard table flag update with pending basechain
      deletion
    - netfilter: validate user input for expected length
    - vboxsf: Avoid an spurious warning if load_nls_xxx() fails
    - bpf, sockmap: Prevent lock inversion deadlock in map delete elem
    - mptcp: prevent BPF accessing lowat from a subflow socket.
    - x86/retpoline: Do the necessary fixup to the Zen3/4 srso return thunk for
      !SRSO
    - KVM: arm64: Use TLBI_TTL_UNKNOWN in __kvm_tlb_flush_vmid_range()
    - KVM: arm64: Ensure target address is granule-aligned for range TLBI
    - net/sched: act_skbmod: prevent kernel-infoleak
    - net: dsa: sja1105: Fix parameters order in sja1110_pcs_mdio_write_c45()
    - net/sched: fix lockdep splat in qdisc_tree_reduce_backlog()
    - net: stmmac: fix rx queue priority assignment
    - net: phy: micrel: lan8814: Fix when enabling/disabling 1-step timestamping
    - net: txgbe: fix i2c dev name cannot match clkdev
    - net: fec: Set mac_managed_pm during probe
    - net: phy: micrel: Fix potential null pointer dereference
    - net: dsa: mv88e6xxx: fix usable ports on 88e6020
    - selftests: net: gro fwd: update vxlan GRO test expectations
    - gro: fix ownership transfer
    - idpf: fix kernel panic on unknown packet types
    - ice: fix enabling RX VLAN filtering
    - i40e: Fix VF MAC filter removal
    - tcp: Fix bind() regression for v6-only wildcard and v4-mapped-v6 non-
      wildcard addresses.
    - erspan: make sure erspan_base_hdr is present in skb->head
    - selftests: reuseaddr_conflict: add missing new line at the end of the output
    - tcp: Fix bind() regression for v6-only wildcard and v4(-mapped-v6) non-
      wildcard addresses.
    - ax25: fix use-after-free bugs caused by ax25_ds_del_timer
    - e1000e: Workaround for sporadic MDI error on Meteor Lake systems
    - ipv6: Fix infinite recursion in fib6_dump_done().
    - mlxbf_gige: stop interface during shutdown
    - r8169: skip DASH fw status checks when DASH is disabled
    - udp: do not accept non-tunnel GSO skbs landing in a tunnel
    - udp: do not transition UDP GRO fraglist partial checksums to unnecessary
    - udp: prevent local UDP tunnel packets from being GROed
    - octeontx2-af: Fix issue with loading coalesced KPU profiles
    - octeontx2-pf: check negative error code in otx2_open()
    - octeontx2-af: Add array index check
    - i40e: fix i40e_count_filters() to count only active/new filters
    - i40e: fix vf may be used uninitialized in this function warning
    - i40e: Enforce software interrupt during busy-poll exit
    - drm/amd: Flush GFXOFF requests in prepare stage
    - e1000e: Minor flow correction in e1000_shutdown function
    - e1000e: move force SMBUS from enable ulp function to avoid PHY loss issue
    - mean_and_variance: Drop always failing tests
    - net: ravb: Let IP-specific receive function to interrogate descriptors
    - net: ravb: Always process TX descriptor ring
    - net: ravb: Always update error counters
    - KVM: SVM: Use unsigned integers when dealing with ASIDs
    - KVM: SVM: Add support for allowing zero SEV ASIDs
    - selftests: mptcp: connect: fix shellcheck warnings
    - selftests: mptcp: use += operator to append strings
    - mptcp: don't account accept() of non-MPC client as fallback to TCP
    - 9p: Fix read/write debug statements to report server reply
    - ASoC: wm_adsp: Fix missing mutex_lock in wm_adsp_write_ctl()
    - ASoC: cs42l43: Correct extraction of data pointer in suspend/resume
    - riscv: mm: Fix prototype to avoid discarding const
    - riscv: hwprobe: do not produce frtace relocation
    - drivers/perf: riscv: Disable PERF_SAMPLE_BRANCH_* while not supported
    - block: count BLK_OPEN_RESTRICT_WRITES openers
    - RISC-V: Update AT_VECTOR_SIZE_ARCH for new AT_MINSIGSTKSZ
    - ASoC: amd: acp: fix for acp pdm configuration check
    - regmap: maple: Fix cache corruption in regcache_maple_drop()
    - ALSA: hda: cs35l56: Add ACPI device match tables
    - drm/panfrost: fix power transition timeout warnings
    - nouveau/uvmm: fix addr/range calcs for remap operations
    - drm/prime: Unbreak virtgpu dma-buf export
    - ASoC: rt5682-sdw: fix locking sequence
    - ASoC: rt711-sdca: fix locking sequence
    - ASoC: rt711-sdw: fix locking sequence
    - ASoC: rt712-sdca-sdw: fix locking sequence
    - ASoC: rt722-sdca-sdw: fix locking sequence
    - ASoC: ops: Fix wraparound for mask in snd_soc_get_volsw
    - spi: s3c64xx: Extract FIFO depth calculation to a dedicated macro
    - spi: s3c64xx: sort headers alphabetically
    - spi: s3c64xx: explicitly include <linux/bits.h>
    - spi: s3c64xx: remove else after return
    - spi: s3c64xx: define a magic value
    - spi: s3c64xx: allow full FIFO masks
    - spi: s3c64xx: determine the fifo depth only once
    - spi: s3c64xx: Use DMA mode from fifo size
    - ASoC: amd: acp: fix for acp_init function error handling
    - regmap: maple: Fix uninitialized symbol 'ret' warnings
    - ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit
    - scsi: mylex: Fix sysfs buffer lengths
    - scsi: sd: Unregister device if device_add_disk() failed in sd_probe()
    - Revert "ALSA: emu10k1: fix synthesizer sample playback position and caching"
    - drm/i915/dp: Fix DSC state HW readout for SST connectors
    - cifs: Fix caching to try to do open O_WRONLY as rdwr on server
    - spi: mchp-pci1xxx: Fix a possible null pointer dereference in
      pci1xxx_spi_probe
    - s390/pai: fix sampling event removal for PMU device driver
    - thermal: gov_power_allocator: Allow binding without cooling devices
    - thermal: gov_power_allocator: Allow binding without trip points
    - drm/i915/gt: Limit the reserved VM space to only the platforms that need it
    - ata: sata_mv: Fix PCI device ID table declaration compilation warning
    - ASoC: SOF: amd: fix for false dsp interrupts
    - SUNRPC: Fix a slow server-side memory leak with RPC-over-TCP
    - riscv: use KERN_INFO in do_trap
    - riscv: Fix warning by declaring arch_cpu_idle() as noinstr
    - riscv: Disable preemption when using patch_map()
    - nfsd: hold a lighter-weight client reference over CB_RECALL_ANY
    - lib/stackdepot: move stack_record struct definition into the header
    - stackdepot: rename pool_index to pool_index_plus_1
    - x86/retpoline: Add NOENDBR annotation to the SRSO dummy return thunk
    - Revert "drm/amd/display: Send DTBCLK disable message on first commit"
    - gpio: cdev: check for NULL labels when sanitizing them for irqs
    - gpio: cdev: fix missed label sanitizing in debounce_setup()
    - ksmbd: don't send oplock break if rename fails
    - ksmbd: validate payload size in ipc response
    - ksmbd: do not set SMB2_GLOBAL_CAP_ENCRYPTION for SMB 3.1.1
    - ALSA: hda: Add pplcllpl/u members to hdac_ext_stream
    - ALSA: hda/realtek - Fix inactive headset mic jack
    - ALSA: hda/realtek: Add sound quirks for Lenovo Legion slim 7 16ARHA7 models
    - ALSA: hda/realtek: cs35l41: Support ASUS ROG G634JYR
    - ALSA: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with
      microphone
    - io_uring/kbuf: get rid of lower BGID lists
    - io_uring/kbuf: get rid of bl->is_ready
    - io_uring/kbuf: protect io_buffer_list teardown with a reference
    - io_uring/rw: don't allow multishot reads without NOWAIT support
    - io_uring: use private workqueue for exit work
    - io_uring/kbuf: hold io_buffer_list reference over mmap
    - ASoC: SOF: Add dsp_max_burst_size_in_ms member to snd_sof_pcm_stream
    - ASoC: SOF: ipc4-topology: Save the DMA maximum burst size for PCMs
    - ASoC: SOF: Intel: hda-pcm: Use dsp_max_burst_size_in_ms to place constraint
    - ASoC: SOF: Intel: hda: Implement get_stream_position (Linear Link Position)
    - ASoC: SOF: Intel: mtl/lnl: Use the generic get_stream_position callback
    - ASoC: SOF: Introduce a new callback pair to be used for PCM delay reporting
    - ASoC: SOF: Intel: Set the dai/host get frame/byte counter callbacks
    - ASoC: SOF: Intel: hda-common-ops: Do not set the get_stream_position
      callback
    - ASoC: SOF: ipc4-pcm: Use the snd_sof_pcm_get_dai_frame_counter() for
      pcm_delay
    - ASoC: SOF: Remove the get_stream_position callback
    - ASoC: SOF: ipc4-pcm: Move struct sof_ipc4_timestamp_info definition locally
    - ASoC: SOF: ipc4-pcm: Combine the SOF_IPC4_PIPE_PAUSED cases in pcm_trigger
    - ASoC: SOF: ipc4-pcm: Invalidate the stream_start_offset in PAUSED state
    - ASoC: SOF: sof-pcm: Add pointer callback to sof_ipc_pcm_ops
    - ASoC: SOF: ipc4-pcm: Correct the delay calculation
    - ASoC: SOF: Intel: hda: Compensate LLP in case it is not reset
    - driver core: Introduce device_link_wait_removal()
    - of: dynamic: Synchronize of_changeset_destroy() with the devlink removals
    - of: module: prevent NULL pointer dereference in vsnprintf()
    - x86/mm/pat: fix VM_PAT handling in COW mappings
    - x86/mce: Make sure to grab mce_sysfs_mutex in set_bank()
    - x86/coco: Require seeding RNG with RDRAND on CoCo systems
    - perf/x86/intel/ds: Don't clear ->pebs_data_cfg for the last PEBS event
    - riscv: Fix vector state restore in rt_sigreturn()
    - arm64/ptrace: Use saved floating point state type to determine SVE layout
    - mm/secretmem: fix GUP-fast succeeding on secretmem folios
    - selftests/mm: include strings.h for ffsl
    - s390/entry: align system call table on 8 bytes
    - riscv: Fix spurious errors from __get/put_kernel_nofault
    - riscv: process: Fix kernel gp leakage
    - smb: client: fix UAF in smb2_reconnect_server()
    - smb: client: guarantee refcounted children from parent session
    - smb: client: refresh referral without acquiring refpath_lock
    - smb: client: handle DFS tcons in cifs_construct_tcon()
    - smb: client: serialise cifs_construct_tcon() with cifs_mount_mutex
    - smb3: retrying on failed server close
    - smb: client: fix potential UAF in cifs_debug_files_proc_show()
    - smb: client: fix potential UAF in cifs_stats_proc_write()
    - smb: client: fix potential UAF in cifs_stats_proc_show()
    - smb: client: fix potential UAF in cifs_dump_full_key()
    - smb: client: fix potential UAF in smb2_is_valid_oplock_break()
    - smb: client: fix potential UAF in smb2_is_valid_lease_break()
    - smb: client: fix potential UAF in is_valid_oplock_break()
    - smb: client: fix potential UAF in smb2_is_network_name_deleted()
    - smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect()
    - drm/i915/mst: Limit MST+DSC to TGL+
    - drm/i915/mst: Reject FEC+MST on ICL
    - drm/i915/dp: Fix the computation for compressed_bpp for DISPLAY < 13
    - drm/i915/gt: Disable HW load balancing for CCS
    - drm/i915/gt: Do not generate the command streamer for all the CCS
    - drm/i915/gt: Enable only one CCS for compute workload
    - drm/xe: Use ring ops TLB invalidation for rebinds
    - drm/xe: Rework rebinding
    - Revert "x86/mpparse: Register APIC address only once"
    - bpf: put uprobe link's path and task in release callback
    - bpf: support deferring bpf_link dealloc to after RCU grace period
    - efi/libstub: Add generic support for parsing mem_encrypt=
    - x86/boot: Move mem_encrypt= parsing to the decompressor
    - x86/sme: Move early SME kernel encryption handling into .head.text
    - x86/sev: Move early startup code into .head.text section
    - Linux 6.8.5
  * CVE-2024-26926
    - binder: check offset alignment in binder_get_object()
  * CVE-2024-26922
    - drm/amdgpu: validate the parameters of bo mapping operations more clearly
  * CVE-2024-26924
    - netfilter: nft_set_pipapo: do not free live element

linux-azure (6.8.0-1009.9) noble; urgency=medium

* noble/linux-azure: 6.8.0-1009.9 -proposed tracker (LP: #2068134)

* Azure: net: mana: Enable MANA driver on ARM64 with 4K page size
    (LP: #2066982)
    - net: mana: Enable MANA driver on ARM64 with 4K page size

* Azure: net: mana: Fix Rx DMA datasize and skb_over_panic (LP: #2066992)
    - net: mana: Fix Rx DMA datasize and skb_over_panic

[ Ubuntu: 6.8.0-36.36 ]

* noble/linux: 6.8.0-36.36 -proposed tracker (LP: #2068150)
  * CVE-2024-26924
    - netfilter: nft_set_pipapo: do not free live element

[ Ubuntu: 6.8.0-35.35 ]

* noble/linux: 6.8.0-35.35 -proposed tracker (LP: #2065886)
  * CVE-2024-21823
    - VFIO: Add the SPR_DSA and SPR_IAX devices to the denylist
    - dmaengine: idxd: add a new security check to deal with a hardware erratum
    - dmaengine: idxd: add a write() method for applications to submit work

-- Tim Gardner <tim.gardner@canonical.com>  Mon, 17 Jun 2024 07:12:15 -0700

Changed in linux-azure (Ubuntu Noble):
status:	Fix Committed → Fix Released

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote 8 hours ago:

This bug is awaiting verification that the linux-azure-6.8/6.8.0-1010.10~22.04.1 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy-linux-azure-6.8' to 'verification-done-jammy-linux-azure-6.8'. If the problem still exists, change the tag 'verification-needed-jammy-linux-azure-6.8' to 'verification-failed-jammy-linux-azure-6.8'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-jammy-linux-azure-6.8-v2 verification-needed-jammy-linux-azure-6.8

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntulinux-azure package

Kernel fails to enable XSAVE when running in a “v5” AMD SEV-SNP VM

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Ubuntu
linux-azure package