Noble update: v6.8.5 upstream stable release

    SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

       v6.8.5 upstream stable release
       from git://git.kernel.org/

scripts/bpf_doc: Use silent mode when exec make cmd
xsk: Don't assume metadata is always requested in TX completion
s390/bpf: Fix bpf_plt pointer arithmetic
bpf, arm64: fix bug in BPF_LDX_MEMSX
dma-buf: Fix NULL pointer dereference in sanitycheck()
arm64: bpf: fix 32bit unconditional bswap
nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet
nfsd: Fix error cleanup path in nfsd_rename()
tools: ynl: fix setting presence bits in simple nests
mlxbf_gige: stop PHY during open() error paths
wifi: iwlwifi: mvm: pick the version of SESSION_PROTECTION_NOTIF
wifi: iwlwifi: mvm: rfi: fix potential response leaks
wifi: iwlwifi: mvm: include link ID when releasing frames
ALSA: hda: cs35l56: Set the init_done flag before component_add()
ice: Refactor FW data type and fix bitmap casting issue
ice: fix memory corruption bug with suspend and rebuild
ixgbe: avoid sleeping allocation in ixgbe_ipsec_vf_add_sa()
igc: Remove stale comment about Tx timestamping
drm/xe: Remove unused xe_bo->props struct
drm/xe: Add exec_queue.sched_props.job_timeout_ms
drm/xe/guc_submit: use jiffies for job timeout
drm/xe/queue: fix engine_class bounds check
drm/xe/device: fix XE_MAX_GT_PER_TILE check
drm/xe/device: fix XE_MAX_TILES_PER_DEVICE check
dpll: indent DPLL option type by a tab
s390/qeth: handle deferred cc1
net: hsr: hsr_slave: Fix the promiscuous mode in offload mode
tcp: properly terminate timers for kernel sockets
net: wwan: t7xx: Split 64bit accesses to fix alignment issues
drm/rockchip: vop2: Remove AR30 and AB30 format support
selftests: vxlan_mdb: Fix failures with old libnet
gpiolib: Fix debug messaging in gpiod_find_and_request()
ACPICA: debugger: check status of acpi_evaluate_object() in acpi_db_walk_for_fields()
net: hns3: fix index limit to support all queue stats
net: hns3: fix kernel crash when devlink reload during pf initialization
net: hns3: mark unexcuted loopback test result as UNEXECUTED
tls: recv: process_rx_list shouldn't use an offset with kvec
tls: adjust recv return with async crypto and failed copy to userspace
tls: get psock ref after taking rxlock to avoid leak
mlxbf_gige: call request_irq() after NAPI initialized
drm/amd/display: Update P010 scaling cap
drm/amd/display: Send DTBCLK disable message on first commit
bpf: Protect against int overflow for stack access size
cifs: Fix duplicate fscache cookie warnings
netfilter: nf_tables: reject destroy command to remove basechain hooks
netfilter: nf_tables: reject table flag and netdev basechain updates
netfilter: nf_tables: skip netdev hook unregistration if table is dormant
iommu: Validate the PASID in iommu_attach_device_pasid()
net: bcmasp: Bring up unimac after PHY link up
net: lan743x: Add set RFE read fifo threshold for PCI1x1x chips
Octeontx2-af: fix pause frame configuration in GMP mode
inet: inet_defrag: prevent sk release while still in use
drm/i915: Stop doing double audio enable/disable on SDVO and g4x+ DP
drm/i915/display: Disable AuxCCS framebuffers if built for Xe
drm/i915/xelpg: Extend some workarounds/tuning to gfx version 12.74
drm/i915/mtl: Update workaround 14018575942
drm/i915: Do not print 'pxp init failed with 0' when it succeed
dm integrity: fix out-of-range warning
modpost: do not make find_tosym() return NULL
kbuild: make -Woverride-init warnings more consistent
mm/treewide: replace pud_large() with pud_leaf()
Revert "x86/mm/ident_map: Use gbpages only where full GB page should be mapped."
gpio: cdev: sanitize the label before requesting the interrupt
RISC-V: KVM: Fix APLIC setipnum_le/be write emulation
RISC-V: KVM: Fix APLIC in_clrip[x] read emulation
KVM: arm64: Fix host-programmed guest events in nVHE
KVM: arm64: Fix out-of-IPA space translation fault handling
selinux: avoid dereference of garbage after mount failure
r8169: fix issue caused by buggy BIOS on certain boards with RTL8168d
x86/cpufeatures: Add CPUID_LNX_5 to track recently added Linux-defined word
x86/bpf: Fix IP after emitting call depth accounting
Revert "Bluetooth: hci_qca: Set BDA quirk bit if fwnode exists in DT"
arm64: dts: qcom: sc7180-trogdor: mark bluetooth address as broken
Bluetooth: qca: fix device-address endianness
Bluetooth: add quirk for broken address properties
Bluetooth: hci_event: set the conn encrypted before conn establishes
Bluetooth: Fix TOCTOU in HCI debugfs implementation
netfilter: nf_tables: release batch on table validation from abort path
netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path
selftests: mptcp: join: fix dev in check_endpoint
net/rds: fix possible cp null dereference
net: usb: ax88179_178a: avoid the interface always configured as random address
net: mana: Fix Rx DMA datasize and skb_over_panic
vsock/virtio: fix packet delivery to tap device
netfilter: nf_tables: reject new basechain after table flag update
netfilter: nf_tables: flush pending destroy work before exit_net release
netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()
netfilter: nf_tables: discard table flag update with pending basechain deletion
netfilter: validate user input for expected length
vboxsf: Avoid an spurious warning if load_nls_xxx() fails
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
mptcp: prevent BPF accessing lowat from a subflow socket.
x86/retpoline: Do the necessary fixup to the Zen3/4 srso return thunk for !SRSO
KVM: arm64: Use TLBI_TTL_UNKNOWN in __kvm_tlb_flush_vmid_range()
KVM: arm64: Ensure target address is granule-aligned for range TLBI
net/sched: act_skbmod: prevent kernel-infoleak
net: dsa: sja1105: Fix parameters order in sja1110_pcs_mdio_write_c45()
net/sched: fix lockdep splat in qdisc_tree_reduce_backlog()
net: stmmac: fix rx queue priority assignment
net: phy: micrel: lan8814: Fix when enabling/disabling 1-step timestamping
net: txgbe: fix i2c dev name cannot match clkdev
net: fec: Set mac_managed_pm during probe
net: phy: micrel: Fix potential null pointer dereference
net: dsa: mv88e6xxx: fix usable ports on 88e6020
selftests: net: gro fwd: update vxlan GRO test expectations
gro: fix ownership transfer
idpf: fix kernel panic on unknown packet types
ice: fix enabling RX VLAN filtering
i40e: Fix VF MAC filter removal
tcp: Fix bind() regression for v6-only wildcard and v4-mapped-v6 non-wildcard addresses.
erspan: make sure erspan_base_hdr is present in skb->head
selftests: reuseaddr_conflict: add missing new line at the end of the output
tcp: Fix bind() regression for v6-only wildcard and v4(-mapped-v6) non-wildcard addresses.
ax25: fix use-after-free bugs caused by ax25_ds_del_timer
e1000e: Workaround for sporadic MDI error on Meteor Lake systems
ipv6: Fix infinite recursion in fib6_dump_done().
mlxbf_gige: stop interface during shutdown
r8169: skip DASH fw status checks when DASH is disabled
udp: do not accept non-tunnel GSO skbs landing in a tunnel
udp: do not transition UDP GRO fraglist partial checksums to unnecessary
udp: prevent local UDP tunnel packets from being GROed
octeontx2-af: Fix issue with loading coalesced KPU profiles
octeontx2-pf: check negative error code in otx2_open()
octeontx2-af: Add array index check
i40e: fix i40e_count_filters() to count only active/new filters
i40e: fix vf may be used uninitialized in this function warning
i40e: Enforce software interrupt during busy-poll exit
drm/amd: Flush GFXOFF requests in prepare stage
e1000e: Minor flow correction in e1000_shutdown function
e1000e: move force SMBUS from enable ulp function to avoid PHY loss issue
mean_and_variance: Drop always failing tests
net: ravb: Let IP-specific receive function to interrogate descriptors
net: ravb: Always process TX descriptor ring
net: ravb: Always update error counters
KVM: SVM: Use unsigned integers when dealing with ASIDs
KVM: SVM: Add support for allowing zero SEV ASIDs
selftests: mptcp: connect: fix shellcheck warnings
selftests: mptcp: use += operator to append strings
mptcp: don't account accept() of non-MPC client as fallback to TCP
9p: Fix read/write debug statements to report server reply
ASoC: wm_adsp: Fix missing mutex_lock in wm_adsp_write_ctl()
ASoC: cs42l43: Correct extraction of data pointer in suspend/resume
riscv: mm: Fix prototype to avoid discarding const
riscv: hwprobe: do not produce frtace relocation
drivers/perf: riscv: Disable PERF_SAMPLE_BRANCH_* while not supported
block: count BLK_OPEN_RESTRICT_WRITES openers
RISC-V: Update AT_VECTOR_SIZE_ARCH for new AT_MINSIGSTKSZ
ASoC: amd: acp: fix for acp pdm configuration check
regmap: maple: Fix cache corruption in regcache_maple_drop()
ALSA: hda: cs35l56: Add ACPI device match tables
drm/panfrost: fix power transition timeout warnings
nouveau/uvmm: fix addr/range calcs for remap operations
drm/prime: Unbreak virtgpu dma-buf export
ASoC: rt5682-sdw: fix locking sequence
ASoC: rt711-sdca: fix locking sequence
ASoC: rt711-sdw: fix locking sequence
ASoC: rt712-sdca-sdw: fix locking sequence
ASoC: rt722-sdca-sdw: fix locking sequence
ASoC: ops: Fix wraparound for mask in snd_soc_get_volsw
spi: s3c64xx: Extract FIFO depth calculation to a dedicated macro
spi: s3c64xx: sort headers alphabetically
spi: s3c64xx: explicitly include <linux/bits.h>
spi: s3c64xx: remove else after return
spi: s3c64xx: define a magic value
spi: s3c64xx: allow full FIFO masks
spi: s3c64xx: determine the fifo depth only once
spi: s3c64xx: Use DMA mode from fifo size
ASoC: amd: acp: fix for acp_init function error handling
regmap: maple: Fix uninitialized symbol 'ret' warnings
ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit
scsi: mylex: Fix sysfs buffer lengths
scsi: sd: Unregister device if device_add_disk() failed in sd_probe()
Revert "ALSA: emu10k1: fix synthesizer sample playback position and caching"
drm/i915/dp: Fix DSC state HW readout for SST connectors
cifs: Fix caching to try to do open O_WRONLY as rdwr on server
spi: mchp-pci1xxx: Fix a possible null pointer dereference in pci1xxx_spi_probe
s390/pai: fix sampling event removal for PMU device driver
thermal: gov_power_allocator: Allow binding without cooling devices
thermal: gov_power_allocator: Allow binding without trip points
drm/i915/gt: Limit the reserved VM space to only the platforms that need it
ata: sata_mv: Fix PCI device ID table declaration compilation warning
ASoC: SOF: amd: fix for false dsp interrupts
SUNRPC: Fix a slow server-side memory leak with RPC-over-TCP
riscv: use KERN_INFO in do_trap
riscv: Fix warning by declaring arch_cpu_idle() as noinstr
riscv: Disable preemption when using patch_map()
nfsd: hold a lighter-weight client reference over CB_RECALL_ANY
lib/stackdepot: move stack_record struct definition into the header
stackdepot: rename pool_index to pool_index_plus_1
x86/retpoline: Add NOENDBR annotation to the SRSO dummy return thunk
Revert "drm/amd/display: Send DTBCLK disable message on first commit"
gpio: cdev: check for NULL labels when sanitizing them for irqs
gpio: cdev: fix missed label sanitizing in debounce_setup()
ksmbd: don't send oplock break if rename fails
ksmbd: validate payload size in ipc response
ksmbd: do not set SMB2_GLOBAL_CAP_ENCRYPTION for SMB 3.1.1
ALSA: hda: Add pplcllpl/u members to hdac_ext_stream
ALSA: hda/realtek - Fix inactive headset mic jack
ALSA: hda/realtek: Add sound quirks for Lenovo Legion slim 7 16ARHA7 models
ALSA: hda/realtek: cs35l41: Support ASUS ROG G634JYR
ALSA: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with microphone
io_uring/kbuf: get rid of lower BGID lists
io_uring/kbuf: get rid of bl->is_ready
io_uring/kbuf: protect io_buffer_list teardown with a reference
io_uring/rw: don't allow multishot reads without NOWAIT support
io_uring: use private workqueue for exit work
io_uring/kbuf: hold io_buffer_list reference over mmap
ASoC: SOF: Add dsp_max_burst_size_in_ms member to snd_sof_pcm_stream
ASoC: SOF: ipc4-topology: Save the DMA maximum burst size for PCMs
ASoC: SOF: Intel: hda-pcm: Use dsp_max_burst_size_in_ms to place constraint
ASoC: SOF: Intel: hda: Implement get_stream_position (Linear Link Position)
ASoC: SOF: Intel: mtl/lnl: Use the generic get_stream_position callback
ASoC: SOF: Introduce a new callback pair to be used for PCM delay reporting
ASoC: SOF: Intel: Set the dai/host get frame/byte counter callbacks
ASoC: SOF: Intel: hda-common-ops: Do not set the get_stream_position callback
ASoC: SOF: ipc4-pcm: Use the snd_sof_pcm_get_dai_frame_counter() for pcm_delay
ASoC: SOF: Remove the get_stream_position callback
ASoC: SOF: ipc4-pcm: Move struct sof_ipc4_timestamp_info definition locally
ASoC: SOF: ipc4-pcm: Combine the SOF_IPC4_PIPE_PAUSED cases in pcm_trigger
ASoC: SOF: ipc4-pcm: Invalidate the stream_start_offset in PAUSED state
ASoC: SOF: sof-pcm: Add pointer callback to sof_ipc_pcm_ops
ASoC: SOF: ipc4-pcm: Correct the delay calculation
ASoC: SOF: Intel: hda: Compensate LLP in case it is not reset
driver core: Introduce device_link_wait_removal()
of: dynamic: Synchronize of_changeset_destroy() with the devlink removals
of: module: prevent NULL pointer dereference in vsnprintf()
x86/mm/pat: fix VM_PAT handling in COW mappings
x86/mce: Make sure to grab mce_sysfs_mutex in set_bank()
x86/coco: Require seeding RNG with RDRAND on CoCo systems
perf/x86/intel/ds: Don't clear ->pebs_data_cfg for the last PEBS event
riscv: Fix vector state restore in rt_sigreturn()
arm64/ptrace: Use saved floating point state type to determine SVE layout
mm/secretmem: fix GUP-fast succeeding on secretmem folios
selftests/mm: include strings.h for ffsl
s390/entry: align system call table on 8 bytes
riscv: Fix spurious errors from __get/put_kernel_nofault
riscv: process: Fix kernel gp leakage
smb: client: fix UAF in smb2_reconnect_server()
smb: client: guarantee refcounted children from parent session
smb: client: refresh referral without acquiring refpath_lock
smb: client: handle DFS tcons in cifs_construct_tcon()
smb: client: serialise cifs_construct_tcon() with cifs_mount_mutex
smb3: retrying on failed server close
smb: client: fix potential UAF in cifs_debug_files_proc_show()
smb: client: fix potential UAF in cifs_stats_proc_write()
smb: client: fix potential UAF in cifs_stats_proc_show()
smb: client: fix potential UAF in cifs_dump_full_key()
smb: client: fix potential UAF in smb2_is_valid_oplock_break()
smb: client: fix potential UAF in smb2_is_valid_lease_break()
smb: client: fix potential UAF in is_valid_oplock_break()
smb: client: fix potential UAF in smb2_is_network_name_deleted()
smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect()
drm/i915/mst: Limit MST+DSC to TGL+
drm/i915/mst: Reject FEC+MST on ICL
drm/i915/dp: Fix the computation for compressed_bpp for DISPLAY < 13
drm/i915/gt: Disable HW load balancing for CCS
drm/i915/gt: Do not generate the command streamer for all the CCS
drm/i915/gt: Enable only one CCS for compute workload
drm/xe: Use ring ops TLB invalidation for rebinds
drm/xe: Rework rebinding
Revert "x86/mpparse: Register APIC address only once"
bpf: put uprobe link's path and task in release callback
bpf: support deferring bpf_link dealloc to after RCU grace period
efi/libstub: Add generic support for parsing mem_encrypt=
x86/boot: Move mem_encrypt= parsing to the decompressor
x86/sme: Move early SME kernel encryption handling into .head.text
x86/sev: Move early startup code into .head.text section
Linux 6.8.5
UBUNTU: Upstream stable to v6.8.5