Accepted linux-signed-amd64 4.19.177+1 (source) into proposed-updates->stable-new, proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 03 Mar 2021 13:48:46 +0100
Source: linux-signed-amd64
Architecture: source
Version: 4.19.177+1
Distribution: buster-proposed-updates
Urgency: medium
Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Changes:
linux-signed-amd64 (4.19.177+1) buster; urgency=medium
.
* Sign kernel from linux 4.19.177-1
.
* New upstream stable update:
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.172
- tools: Factor HOSTCC, HOSTLD, HOSTAR definitions
- dm integrity: conditionally disable "recalculate" feature
- writeback: Drop I_DIRTY_TIME_EXPIRE
- fs: fix lazytime expiration handling in __writeback_single_inode()
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.173
- nbd: freeze the queue while we're adding connections (CVE-2021-3348)
- ACPI: sysfs: Prefer "compatible" modalias
- kernel: kexec: remove the lock operation of system_transition_mutex
- xen/privcmd: allow fetching resource sizes
- ALSA: hda/via: Apply the workaround generically for Clevo machines
- media: rc: ensure that uevent can be read directly after rc device
register
- wext: fix NULL-ptr-dereference with cfg80211's lack of commit()
- net: usb: qmi_wwan: added support for Thales Cinterion PLSx3 modem
family
- PM: hibernate: flush swap writer after marking
- [x86] KVM: x86/pmu: Fix HW_REF_CPU_CYCLES event pseudo-encoding in
intel_arch_events[]
- [x86] KVM: get smi pending status correctly
- leds: trigger: fix potential deadlock with libata
- mt7601u: fix kernel crash unplugging the device
- mt7601u: fix rx buffer refcounting
- xen-blkfront: allow discard-* nodes to be optional
- [armhf] imx: build suspend-imx6.S with arm instruction set
- netfilter: nft_dynset: add timeout extension to template
- xfrm: Fix oops in xfrm_replay_advance_bmp
- xfrm: fix disable_xfrm sysctl when used on xfrm interfaces
- RDMA/cxgb4: Fix the reported max_recv_sge value
- pNFS/NFSv4: Fix a layout segment leak in pnfs_layout_process()
- iwlwifi: pcie: use jiffies for memory read spin time limit
- iwlwifi: pcie: reschedule in long-running memory reads
- mac80211: pause TX while changing interface type
- net/mlx5: Fix memory leak on flow table creation error flow
- can: dev: prevent potential information leak in can_fill_info()
- [amd64] iommu/vt-d: Gracefully handle DMAR units with no supported
address widths
- [amd64] iommu/vt-d: Don't dereference iommu_device if IOMMU_API is not
built
- rxrpc: Fix memory leak in rxrpc_lookup_local
- NFC: fix resource leak when target index is invalid
- NFC: fix possible resource leak
- team: protect features update by RCU to avoid deadlock
- tcp: fix TLP timer not set when CA_STATE changes from DISORDER to OPEN
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.174
- [armhf] net: dsa: bcm_sf2: put device node before return
- ACPI: thermal: Do not call acpi_thermal_check() directly
- sysctl: handle overflow in proc_get_long
- net_sched: gen_estimator: support large ewma log
- [x86] platform/x86: intel-vbtn: Support for tablet mode on Dell Inspiron
7352
- [x86] __always_inline __{rd,wr}msr()
- scsi: scsi_transport_srp: Don't block target in failfast state
- scsi: libfc: Avoid invoking response handler twice if ep is already
completed
- mac80211: fix fast-rx encryption check
- [ppc64el] scsi: ibmvfc: Set default timeout to avoid crash during
migration
- objtool: Don't fail on missing symbol table
- kthread: Extract KTHREAD_IS_PER_CPU
- workqueue: Restrict affinity change to rescuer
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.175
- USB: serial: cp210x: add pid/vid for WSDA-200-USB
- USB: serial: cp210x: add new VID/PID for supporting Teraoka AD2000
- USB: serial: option: Adding support for Cinterion MV31
- Input: i8042 - unbreak Pegatron C15B
- rxrpc: Fix deadlock around release of dst cached on udp tunnel
- net: lapb: Copy the skb before sending a packet
- [arm64,armhf] net: mvpp2: TCAM entry enable should be written after SRAM
data
- memblock: do not start bottom-up allocations with kernel_end
- USB: gadget: legacy: fix an error code in eth_bind()
- USB: usblp: don't call usb_set_interface if there's a single alt
- [arm*] usb: dwc2: Fix endpoint direction check in ep_from_windex
- [arm64,armhf] usb: dwc3: fix clock issue during resume in OTG mode
- ovl: fix dentry leak in ovl_get_redirect
- mac80211: fix station rate table updates on assoc
- kretprobe: Avoid re-registration of the same kretprobe earlier
- genirq/msi: Activate Multi-MSI early when MSI_FLAG_ACTIVATE_EARLY is set
- xhci: fix bounce buffer usage for non-sg list case
- cifs: report error instead of invalid when revalidating a dentry fails
- smb3: Fix out-of-bounds bug in SMB2_negotiate()
- mmc: core: Limit retries when analyse of SDIO tuples fails
- nvme-pci: avoid the deepest sleep state on Kingston A2000 SSDs
- [x86] KVM: SVM: Treat SVM as unsupported when running as an SEV guest
- mm: hugetlbfs: fix cannot migrate the fallocated HugeTLB page
- mm: hugetlb: fix a race between freeing and dissolving the page
- mm: hugetlb: fix a race between isolating and freeing page
- mm: hugetlb: remove VM_BUG_ON_PAGE from page_huge_active
- mm: thp: fix MADV_REMOVE deadlock on shmem THP
- [x86] build: Disable CET instrumentation in the kernel
- [x86] apic: Add extra serialization for non-serializing MSRs
- Input: xpad - sync supported devices with fork on GitHub
- [amd64] iommu/vt-d: Do not use flush-queue when caching-mode is on
- md: Set prev_flush_start and flush_bio in an atomic way
- net: ip_tunnel: fix mtu calculation
- [arm64,armhf] net: dsa: mv88e6xxx: override existent unicast portvec in
port_fdb_add
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.176
- tracing/kprobe: Fix to support kretprobe events on unloaded modules
- block: fix NULL pointer dereference in register_disk
- fgraph: Initialize tracing_graph_pause at task creation
- af_key: relax availability checks for skb size calculation
- regulator: core: avoid regulator_resolve_supply() race condition
- pNFS/NFSv4: Try to return invalid layout in pnfs_layout_process()
- iwlwifi: pcie: add a NULL check in iwl_pcie_txq_unmap
- iwlwifi: pcie: fix context info memory leak
- iwlwifi: mvm: guard against device removal in reprobe
- SUNRPC: Move simple_get_bytes and simple_get_netobj into private header
- SUNRPC: Handle 0 length opaque XDR object data properly
- lib/string: Add strscpy_pad() function
- include/trace/events/writeback.h: fix -Wstringop-truncation warnings
- memcg: fix a crash in wb_workfn when a device disappears
- [x86] Fix unsynchronized access to sev members through
svm_register_enc_region
- block: don't hold q->sysfs_lock in elevator_init_mq
- blk-mq: don't hold q->sysfs_lock in blk_mq_map_swqueue
- squashfs: add more sanity checks in id lookup
- squashfs: add more sanity checks in inode lookup
- squashfs: add more sanity checks in xattr id lookup
- regulator: core: enable power when setting up constraints
- regulator: core: Clean enabling always-on regulators + their supplies
- regulator: Fix lockdep warning resolving supplies
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.177
- tracing: Do not count ftrace events in top level enable output
- tracing: Check length before giving out the filter buffer
- [armhf] xen: Don't probe xenbus as part of an early initcall
- [x86] platform/x86: hp-wmi: Disable tablet-mode reporting by default
- ovl: perform vfs_getxattr() with mounter creds
- cap: fix conversions on getxattr
- ovl: skip getxattr of security labels
- bfq-iosched: Revert "bfq: Fix computation of shallow depth"
- [armel,armhf] ensure the signal page contains defined contents
- [armel,armhf] kexec: fix oops after TLB are invalidated
- mt76: dma: fix a possible memory leak in mt76_add_fragment()
- bpf: Check for integer overflow when using roundup_pow_of_two()
- netfilter: xt_recent: Fix attempt to update deleted entry
- netfilter: flowtable: fix tcp and udp header checksum update
- xen/netback: avoid race in xenvif_rx_ring_slots_available()
- [arm64,armhf] net: stmmac: set TxQ mode back to DCB after disabling CBS
- netfilter: conntrack: skip identical origin tuple in same zone only
- [arm64] net: hns3: add a check for queue_id in hclge_reset_vf_queue()
- [arm64] usb: dwc3: ulpi: fix checkpatch warning
- [arm64] usb: dwc3: ulpi: Replace CPU-based busyloop with Protocol-based
one
- net: fix iteration for sctp transport seq_files
- net/vmw_vsock: improve locking in vsock_connect_timeout()
- net: watchdog: hold device global xmit lock during tx disable
- vsock/virtio: update credit only if socket is not closed
- vsock: fix locking in vsock_shutdown()
- net/rds: restrict iovecs length for RDS_CMSG_RDMA_ARGS
- ovl: expand warning in ovl_d_real()
- [x86] KVM: SEV: fix double locking due to incorrect backport
- [x86] Xen/x86: don't bail early from clear_foreign_p2m_mapping()
(CVE-2021-26932)
- [x86] Xen/x86: also check kernel mapping in set_foreign_p2m_mapping()
(CVE-2021-26932)
- Xen/gntdev: correct dev_bus_addr handling in gntdev_map_grant_pages()
(CVE-2021-26932)
- Xen/gntdev: correct error checking in gntdev_map_grant_pages()
(CVE-2021-26932)
- [armhf] xen/arm: don't ignore return errors from set_phys_to_machine
(CVE-2021-26932)
- xen-blkback: don't "handle" error by BUG() (CVE-2021-26931)
- xen-netback: don't "handle" error by BUG() (CVE-2021-26931)
- xen-scsiback: don't "handle" error by BUG() (CVE-2021-26931)
- xen-blkback: fix error handling in xen_blkbk_map() (CVE-2021-26930)
- scsi: qla2xxx: Fix crash during driver load on big endian machines
- kvm: check tlbs_dirty directly
.
[ Salvatore Bonaccorso ]
* [rt] Update to 4.19.173-rt72
* certs: Rotate to use the "Debian Secure Boot Signer 2021 - linux"
certificate
* Bump ABI to 15
Checksums-Sha1:
6a6e6871c847ae783042ee82b3c140e53d8d9397 7929 linux-signed-amd64_4.19.177+1.dsc
d050207f73c296b6d27e3674656993d25e7b62d6 2602748 linux-signed-amd64_4.19.177+1.tar.xz
Checksums-Sha256:
cfa9185542980e2f2dd422dcb74c7f08dad637b954a4f67617a15b744793a7bc 7929 linux-signed-amd64_4.19.177+1.dsc
e6795579af5ac7eac5d40386315380ef52c5fc84505731d9fab6035a1217fde6 2602748 linux-signed-amd64_4.19.177+1.tar.xz
Files:
cdfdf9a69541ddb45e3f3efe653b1884 7929 kernel optional linux-signed-amd64_4.19.177+1.dsc
749363ea28e8c37bb97351803ed503e8 2602748 kernel optional linux-signed-amd64_4.19.177+1.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEfKFfvHEI+gkU+E+di0FRiLdONzYFAmBGI6YACgkQi0FRiLdO
NzbVTw/+J2dkpL4ocZU0Wh2by25F4Qy5CQa/UGz9Gs710rpTEAcaQ5v43vR86R0V
L8D4W309XVHqkRCVUYh8KHZY8ZEtPAnyVKRWOKSxySG4l4ZMi1WUOJtLjpmHNGAS
L+Uj+bUJV0Q4WNa7pGUUPYOK6F7inVnmCVzPLdWa9zCcwCzvYc0hu3eg/9Dj7SoU
ozrG2uIaG3TKoiOkEKh7F++1SdLqjzR3jmXJ7+SUc2R3ffLKxCxDfO1SV0hXDzDA
FG5sZINCTbRd2mBaNWrqLqslGHCQyHwXazfYNKKlSlm/YB3LBMBfP1SybTHWTXGG
AOXomnhGqgGOcFSp4ewZVFkgd6qyliCiwc9Rp+6LoBXpAOLWaoM5IwQtviOwgWrx
VjQgOupod1S76QNh0imqVXlVMs7NWl2PDUN2kACJF1Umsn5IiHtkoxDXewQGhNjM
AX9FZS2jsN5CjBs+HAUrnW9/2u/Hdnp9hizXGfd/5wbulqzfVnfPd7CyPzlu/Bci
mx+INZNP2gW4P0miUjCjps8e1OLfKDDDGTvx19Amu5IVfSqNoADONZ5S7ayYFwRQ
ej/okQKmvZlZevZJjzKLHSE1reTaU5UPMMLLMZU/iNHgNMgEk4jXh7i+rAV4eRcx
5D5oymuBVv1rMCU2xf5vkfxdViJRG12wrLvlbcUDIVWtEKPkPow=
=J0e8
-----END PGP SIGNATURE-----