Accepted linux-signed-amd64 5.10.120+1 (source) into proposed-updates->stable-new, proposed-updates
- To: debian-changes@lists.debian.org
- Subject: Accepted linux-signed-amd64 5.10.120+1 (source) into proposed-updates->stable-new, proposed-updates
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Thu, 16 Jun 2022 06:17:07 +0000
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id:Subject: Content-Transfer-Encoding:Content-Type:MIME-Version:To:Reply-To:From:Cc: Content-ID:Content-Description:In-Reply-To:References; bh=XQaaN3fU5BxDSRi+ypRBA//GxYnuEg9scbAwSY5sdHE=; b=qj7FSnXs17F5UyqcP+dvB5eBW3 Hfe0ENKK23Z+yh1s9znlxykIwtMWUcZ6s3I2qnrdO8zarl3WrbahGBM1dfF5HCjyEjXz8dobD9Mv7 lcTp+Hyki8hk0RgghTSboJLkT6dWmlbNr9nz3NAa4XIozfMTHlyZog5sIKKIzQn/1picVHsyVNgsL Ch8eeNRmtAYpiXNeFB+0hGH86d95mvZFpEdHiKKNKfsz0M3mAV7rJ/HiME7Q2vvmF3adPNYTHbYQw TkQmhMsLHZRe52D77gJ0YYglutwlyFYeDBjiy2fjIuEqtcKy8Ih/ro4Xfzzi8QLNvdbZz1ovBhtSf j/938huA==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1o1ioV-0004Nj-Jc@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 09 Jun 2022 23:37:36 +0200
Source: linux-signed-amd64
Architecture: source
Version: 5.10.120+1
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Changes:
linux-signed-amd64 (5.10.120+1) bullseye-security; urgency=high
.
* Sign kernel from linux 5.10.120-1
.
* New upstream stable update:
https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.114
- USB: quirks: add a Realtek card reader
- USB: quirks: add STRING quirk for VCOM device
- USB: serial: whiteheat: fix heap overflow in WHITEHEAT_GET_DTR_RTS
- USB: serial: cp210x: add PIDs for Kamstrup USB Meter Reader
- USB: serial: option: add support for Cinterion MV32-WA/MV32-WB
- USB: serial: option: add Telit 0x1057, 0x1058, 0x1075 compositions
- xhci: Enable runtime PM on second Alderlake controller
- xhci: stop polling roothubs after shutdown
- xhci: increase usb U3 -> U0 link resume timeout from 100ms to 500ms
- iio: dac: ad5592r: Fix the missing return value.
- iio: dac: ad5446: Fix read_raw not returning set value
- iio: magnetometer: ak8975: Fix the error handling in ak8975_power_on()
- iio: imu: inv_icm42600: Fix I2C init possible nack
- usb: misc: fix improper handling of refcount in uss720_probe()
- [arm64,x86] usb: typec: ucsi: Fix reuse of completion structure
- [arm64,x86] usb: typec: ucsi: Fix role swapping
- usb: gadget: uvc: Fix crash when encoding data for usb request
- usb: gadget: configfs: clear deactivation flag in
configfs_composite_unbind()
- [arm64,armhf] usb: dwc3: Try usb-role-switch first in dwc3_drd_init
- [arm64,armhf] usb: dwc3: core: Fix tx/rx threshold settings
- [arm64,armhf] usb: dwc3: core: Only handle soft-reset in DCTL
- [arm64,armhf] usb: dwc3: gadget: Return proper request status
- [arm*] usb: phy: generic: Get the vbus supply
- [arm64,armhf] serial: imx: fix overrun interrupts in DMA mode
- serial: 8250: Also set sticky MCR bits in console restoration
- serial: 8250: Correct the clock for EndRun PTP/1588 PCIe device
- [arm64,armhf] arch_topology: Do not set llc_sibling if llc_id is invalid
- hex2bin: make the function hex_to_bin constant-time
- hex2bin: fix access beyond string end
- iocost: don't reset the inuse weight of under-weighted debtors
- video: fbdev: udlfb: properly check endpoint type
- iio:imu:bmi160: disable regulator in error path
- USB: Fix xhci event ring dequeue pointer ERDP update issue
- [armhf] phy: samsung: Fix missing of_node_put() in exynos_sata_phy_probe
- [armhf] phy: samsung: exynos5250-sata: fix missing device put in probe
error paths
- [armhf] OMAP2+: Fix refcount leak in omap_gic_of_init
- [armhf] bus: ti-sysc: Make omap3 gpt12 quirk handling SoC specific
- [armhf] phy: ti: omap-usb2: Fix error handling in omap_usb2_enable_clocks
- [armhf] dts: am3517-evm: Fix misc pinmuxing
- [armhf] dts: logicpd-som-lv: Fix wrong pinmuxing on OMAP35
- ipvs: correctly print the memory size of ip_vs_conn_tab
- [armhf] pinctrl: stm32: Do not call stm32_gpio_get() for edge triggered
IRQs in EOI
- [arm64,armhf] net: dsa: Add missing of_node_put() in
dsa_port_link_register_of
- netfilter: nft_set_rbtree: overlap detection with element re-addition
after deletion
- bpf, lwt: Fix crash when using bpf_skb_set_tunnel_key() from bpf_xmit lwt
hook
- [arm64,armhf] pinctrl: rockchip: fix RK3308 pinmux bits
- tcp: md5: incorrect tcp_header_len for incoming connections
- [armhf] pinctrl: stm32: Keep pinctrl block clock enabled when LEVEL IRQ
requested
- tcp: ensure to use the most recently sent skb when filling the rate sample
- wireguard: device: check for metadata_dst with skb_valid_dst()
- sctp: check asoc strreset_chunk in sctp_generate_reconf_event
- [arm64] dts: imx8mn-ddr4-evk: Describe the 32.768 kHz PMIC clock
- [arm64] net: hns3: modify the return code of hclge_get_ring_chain_from_mbx
- [arm64] net: hns3: add validity check for message data length
- [arm64] net: hns3: add return value for mailbox handling in PF
- net/smc: sync err code when tcp connection was refused
- ip_gre: Make o_seqno start from 0 in native mode
- ip6_gre: Make o_seqno start from 0 in native mode
- ip_gre, ip6_gre: Fix race condition on o_seqno in collect_md mode
- tcp: fix potential xmit stalls caused by TCP_NOTSENT_LOWAT
- tcp: make sure treq->af_specific is initialized
- [arm64,armhf] bus: sunxi-rsb: Fix the return value of
sunxi_rsb_device_create()
- [arm64,armhf] clk: sunxi: sun9i-mmc: check return value after calling
platform_get_resource()
- [arm64] net: bcmgenet: hide status block before TX timestamping
- net: phy: marvell10g: fix return value on error
- bnx2x: fix napi API usage sequence
- [arm64,armhf] net: fec: add missing of_node_put() in
fec_enet_init_stop_mode()
- ixgbe: ensure IPsec VF<->PF compatibility
- tcp: fix F-RTO may not work correctly when receiving DSACK
- [x86] ASoC: Intel: soc-acpi: correct device endpoints for max98373
- ext4: fix bug_on in start_this_handle during umount filesystem
- [amd64] x86: __memcpy_flushcache: fix wrong alignment if size > 2^32
- cifs: destage any unwritten data to the server before calling
copychunk_write
- [x86] drivers: net: hippi: Fix deadlock in rr_close()
- zonefs: Fix management of open zones
- zonefs: Clear inode information flags on inode creation
- [x86] drm/i915: Fix SEL_FETCH_PLANE_*(PIPE_B+) register addresses
- [armhf] net: ethernet: stmmac: fix write to sgmii_adapter_base
- [x86] thermal: int340x: Fix attr.show callback prototype
- [x86] cpu: Load microcode during restore_processor_state()
- tty: n_gsm: fix restart handling via CLD command
- tty: n_gsm: fix decoupled mux resource
- tty: n_gsm: fix mux cleanup after unregister tty device
- tty: n_gsm: fix wrong signal octet encoding in convergence layer type 2
- tty: n_gsm: fix malformed counter for out of frame data
- netfilter: nft_socket: only do sk lookups when indev is available
- tty: n_gsm: fix insufficient txframe size
- tty: n_gsm: fix wrong DLCI release order
- tty: n_gsm: fix missing explicit ldisc flush
- tty: n_gsm: fix wrong command retry handling
- tty: n_gsm: fix wrong command frame length field encoding
- tty: n_gsm: fix reset fifo race condition
- tty: n_gsm: fix incorrect UA handling
- tty: n_gsm: fix software flow control handling
https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.115
- [mips*] Fix CP0 counter erratum detection for R4k CPUs
- ALSA: hda/realtek: Add quirk for Yoga Duet 7 13ITL6 speakers
- ALSA: fireworks: fix wrong return count shorter than expected by 4 bytes
- [arm64] mmc: sdhci-msm: Reset GCC_SDCC_BCR register for SDHC
- mmc: core: Set HS clock speed before sending HS CMD13
- gpiolib: of: fix bounds check for 'gpio-reserved-ranges'
- [x86] KVM: x86/svm: Account for family 17h event renumberings in
amd_pmc_perf_hw_id
- [amd64] iommu/vt-d: Calculate mask for non-aligned flushes
- Revert "SUNRPC: attempt AF_LOCAL connect on setup"
- firewire: fix potential uaf in outbound_phy_packet_callback()
- firewire: remove check of list iterator against head past the loop body
- firewire: core: extend card->lock in fw_core_handle_bus_reset
- net: stmmac: disable Split Header (SPH) for Intel platforms
- genirq: Synchronize interrupt thread startup
- ASoC: da7219: Fix change notifications for tone generator frequency
- [s390x] dasd: fix data corruption for ESE devices
- [s390x] dasd: prevent double format of tracks for ESE devices
- [s390x] dasd: Fix read for ESE with blksize < 4k
- [s390x] dasd: Fix read inconsistency for ESE DASD devices
- can: isotp: remove re-binding of bound socket
- nfc: replace improper check device_is_registered() in netlink related
functions (CVE-2022-1974)
- NFC: netlink: fix sleep in atomic bug when firmware download timeout
(CVE-2022-1975)
- [arm64,armhf] gpio: pca953x: fix irq_stat not updated when irq is disabled
(irq_mask not set)
- hwmon: (adt7470) Fix warning on module removal
- [arm*] ASoC: dmaengine: Restore NULL prepare_slave_config() callback
- net/mlx5e: Fix trust state reset in reload
- net/mlx5e: Don't match double-vlan packets if cvlan is not set
- net/mlx5e: CT: Fix queued up restore put() executing after relevant ft
release
- net/mlx5e: Fix the calling of update_buffer_lossy() API
- net/mlx5: Avoid double clear or set of sync reset requested
- NFSv4: Don't invalidate inode attributes on delegation return
- [arm64,armhf] net: stmmac: dwmac-sun8i: add missing of_node_put() in
sun8i_dwmac_register_mdio_mux()
- [armhf] net: cpsw: add missing of_node_put() in cpsw_probe_dt()
- hinic: fix bug of wq out of bound access
- bnxt_en: Fix possible bnxt_open() failure caused by wrong RFS flag
- bnxt_en: Fix unnecessary dropping of RX packets
- [arm64,armhf] smsc911x: allow using IRQ0
- btrfs: always log symlinks in full mode
- net: igmp: respect RCU rules in ip_mc_source() and ip_mc_msfilter()
- [x86] kvm: x86/cpuid: Only provide CPUID leaf 0xA if host has
architectural PMU
- net/mlx5: Fix slab-out-of-bounds while reading resource dump menu
- [x86] kvm: Preserve BSP MSR_KVM_POLL_CONTROL across suspend/resume
- [x86] KVM: x86: Do not change ICR on write to APIC_SELF_IPI
- [x86] KVM: x86/mmu: avoid NULL-pointer dereference on page freeing bugs
- [x86] KVM: LAPIC: Enable timer posted-interrupt only when mwait/hlt is
advertised
- rcu: Fix callbacks processing time limit retaining cond_resched()
- rcu: Apply callbacks processing time limit only on softirq
- block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern
(CVE-2022-0494)
- dm: interlock pending dm_io and dm_wait_for_bios_completion
- [arm64] PCI: aardvark: Clear all MSIs at setup
- [arm64] PCI: aardvark: Fix reading MSI interrupt number
- mmc: rtsx: add 74 Clocks in power on flow
https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.116
- regulator: consumer: Add missing stubs to regulator/consumer.h
- block: drbd: drbd_nl: Make conversion to 'enum drbd_ret_code' explicit
- nfp: bpf: silence bitwise vs. logical OR warning
- Bluetooth: Fix the creation of hdev->name
- mm: fix missing cache flush for all tail pages of compound page
- mm: hugetlb: fix missing cache flush in copy_huge_page_from_user()
- mm: userfaultfd: fix missing cache flush in mcopy_atomic_pte() and
__mcopy_atomic()
https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.117
- batman-adv: Don't skb_split skbuffs with frag_list
- iwlwifi: iwl-dbg: Use del_timer_sync() before freeing
- hwmon: (tmp401) Add OF device ID table
- mac80211: Reset MBSSID parameters upon connection
- net: Fix features skip in for_each_netdev_feature()
- [arm64] net: mscc: ocelot: fix last VCAP IS1/IS2 filter persisting in
hardware when deleted
- [arm64] net: mscc: ocelot: fix VCAP IS2 filters matching on both lookups
- [arm64] net: mscc: ocelot: restrict tc-trap actions to VCAP IS2 lookup 0
- [arm64] net: mscc: ocelot: avoid corrupting hardware counters when moving
VCAP filters
- ipv4: drop dst in multicast routing path
- drm/nouveau: Fix a potential theorical leak in
nouveau_get_backlight_name()
- netlink: do not reset transport header in netlink_recvmsg()
- sfc: Use swap() instead of open coding it
- net: sfc: fix memory leak due to ptp channel
- mac80211_hwsim: call ieee80211_tx_prepare_skb under RCU protection
- nfs: fix broken handling of the softreval mount option
- dim: initialize all struct fields
- [s390x] ctcm: fix variable dereferenced before check
- [s390x] ctcm: fix potential memory leak
- [s390x] lcs: fix variable dereferenced before check
- net/sched: act_pedit: really ensure the skb is writable
- [arm64] net: bcmgenet: Check for Wake-on-LAN interrupt probe deferral
- [armhf] net: dsa: bcm_sf2: Fix Wake-on-LAN with mac_link_down()
- net/smc: non blocking recvmsg() return -EAGAIN when no data and
signal_pending
- net: sfc: ef10: fix memory leak in efx_ef10_mtd_probe()
- gfs2: Fix filesystem block deallocation for short writes
- hwmon: (f71882fg) Fix negative temperature
- ASoC: max98090: Reject invalid values in custom control put()
- ASoC: max98090: Generate notifications on changes for custom control
- ASoC: ops: Validate input values in snd_soc_put_volsw_range()
- net: sfp: Add tx-fault workaround for Huawei MA5671A SFP ONT
- tcp: resalt the secret every 10 seconds (CVE-2022-1012)
- firmware_loader: use kernel credentials when reading firmware
- tty: n_gsm: fix mux activation issues in gsm_config()
- usb: cdc-wdm: fix reading stuck on device close
- USB: serial: pl2303: add device id for HP LM930 Display
- USB: serial: qcserial: add support for Sierra Wireless EM7590
- USB: serial: option: add Fibocom L610 modem
- USB: serial: option: add Fibocom MA510 modem
- ceph: fix setting of xattrs on async created inodes
- drm/nouveau/tegra: Stop using iommu_present()
- i40e: i40e_main: fix a missing check on list iterator
- [amd64,arm64] net: atlantic: always deep reset on pm op, fixing up my null
deref regression
- cgroup/cpuset: Remove cpus_allowed/mems_allowed setup in cpuset_init_smp()
- [x86] drm/vmwgfx: Initialize drm_mode_fb_cmd2
- SUNRPC: Clean up scheduling of autoclose
- SUNRPC: Prevent immediate close+reconnect
- SUNRPC: Don't call connect() more than once on a TCP socket
- SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()
(CVE-2022-28893)
- net: phy: Fix race condition on link status change
- [arm*] arm[64]/memremap: don't abuse pfn_valid() to ensure presence of
linear map
- ping: fix address binding wrt vrf
- usb: gadget: uvc: rename function to be more consistent
- usb: gadget: uvc: allow for application to cleanly shutdown
- io_uring: always use original task when preparing req identity
(CVE-2022-1786)
https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.118
- io_uring: always grab file table for deferred statx
- floppy: use a statically allocated error counter
- [x86] Revert "drm/i915/opregion: check port number bounds for SWSCI
display power state"
- igc: Remove _I_PHY_ID checking
- igc: Remove phy->type checking
- igc: Update I226_K device ID
- rtc: fix use-after-free on device removal
- [arm64] rtc: pcf2127: fix bug when reading alarm registers
- Input: add bounds checking to input_set_capability()
- nvme-pci: add quirks for Samsung X5 SSDs
- gfs2: Disable page faults during lockless buffered reads
- [arm64,armhf] rtc: sun6i: Fix time overflow handling
- [armhf] crypto: stm32 - fix reference leak in stm32_crc_remove
- [amd64] crypto: x86/chacha20 - Avoid spurious jumps to other functions
- ALSA: hda/realtek: Enable headset mic on Lenovo P360
- [s390x] pci: improve zpci_dev reference counting
- nvme-multipath: fix hang when disk goes live over reconnect
- rtc: mc146818-lib: Fix the AltCentury for AMD platforms
- fs: fix an infinite loop in iomap_fiemap
- drbd: remove usage of list iterator variable after loop
- [arm64] platform/chrome: cros_ec_debugfs: detach log reader wq from devm
- [armel,armhf] 9191/1: arm/stacktrace, kasan: Silence KASAN warnings in
unwind_frame()
- nilfs2: fix lockdep warnings in page operations for btree nodes
- nilfs2: fix lockdep warnings during disk space reclamation
- Revert "swiotlb: fix info leak with DMA_FROM_DEVICE"
- Reinstate some of "swiotlb: rework "fix info leak with DMA_FROM_DEVICE""
(CVE-2022-0854)
- ALSA: usb-audio: Restore Rane SL-1 quirk
- [i386] ALSA: wavefront: Proper check of get_user() error
- ALSA: hda/realtek: Add quirk for TongFang devices with pop noise
- perf: Fix sys_perf_event_open() race against self (CVE-2022-1729)
- selinux: fix bad cleanup on error in hashtab_duplicate()
- Fix double fget() in vhost_net_set_backend()
- PCI/PM: Avoid putting Elo i2 PCIe Ports in D3cold
- [x86] KVM: x86/mmu: Update number of zapped pages even if page list is
stable
- [arm64] paravirt: Use RCU read locks to guard stolen_time
- [arm64] mte: Ensure the cleared tags are visible before setting the PTE
- [arm64] crypto: qcom-rng - fix infinite loop on requests not multiple of
WORD_SZ
- libceph: fix potential use-after-free on linger ping and resends
- drm/dp/mst: fix a possible memory leak in fetch_monitor_name()
- dma-buf: fix use of DMA_BUF_SET_NAME_{A,B} in userspace
- [armhf] pinctrl: pinctrl-aspeed-g6: remove FWQSPID group in pinctrl
- [arm64] net: macb: Increment rx bd head after allocating skb and buffer
- net: evaluate net.ipvX.conf.all.disable_policy and disable_xfrm
- xfrm: Add possibility to set the default to block if we have no policy
- net: xfrm: fix shift-out-of-bounce
- xfrm: make user policy API complete
- xfrm: notify default policy on update
- xfrm: fix dflt policy check when there is no policy configured
- xfrm: rework default policy structure
- xfrm: fix "disable_policy" flag use when arriving from different devices
- net/sched: act_pedit: sanitize shift argument before usage
- [x86] net: vmxnet3: fix possible use-after-free bugs in
vmxnet3_rq_alloc_rx_buf()
- [x86] net: vmxnet3: fix possible NULL pointer dereference in
vmxnet3_rq_cleanup()
- ice: fix possible under reporting of ethtool Tx and Rx statistics
- net/qla3xxx: Fix a test in ql_reset_work()
- net/mlx5e: Properly block LRO when XDP is enabled
- net: af_key: add check for pfkey_broadcast in function pfkey_process
- [armhf] 9196/1: spectre-bhb: enable for Cortex-A15
- [armel,armhf] 9197/1: spectre-bhb: fix loop8 sequence for Thumb2
- igb: skip phy status check where unavailable
- net: bridge: Clear offload_fwd_mark when passing frame up bridge
interface.
- [arm*] gpio: mvebu/pwm: Refuse requests with inverted polarity
- scsi: qla2xxx: Fix missed DMA unmap for aborted commands
- mac80211: fix rx reordering with non explicit / psmp ack policy
- nl80211: validate S1G channel width
- nl80211: fix locking in nl80211_set_tx_bitrate_mask()
- ethernet: tulip: fix missing pci_disable_device() on error in
tulip_init_one()
- [amd64,arm64] net: atlantic: fix "frag[0] not initialized"
- [amd64,arm64] net: atlantic: reduce scope of is_rsc_complete
- [amd64,arm64] net: atlantic: add check for MAX_SKB_FRAGS
- [amd64,arm64] net: atlantic: verify hw_head_ lies within TX buffer ring
- [arm64] Enable repeat tlbi workaround on KRYO4XX gold CPUs
- dt-bindings: pinctrl: aspeed-g6: remove FWQSPID group
- afs: Fix afs_getattr() to refetch file status if callback break occurred
- include/uapi/linux/xfrm.h: Fix XFRM_MSG_MAPPING ABI breakage
https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.119
- lockdown: also lock down previous kgdb use (CVE-2022-21499)
- staging: rtl8723bs: prevent ->Ssid overflow in rtw_wx_set_scan()
- [x86] KVM: x86: Properly handle APF vs disabled LAPIC situation
- [x86] KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID
(CVE-2022-1789)
- tcp: change source port randomizarion at connect() time
- secure_seq: use the 64 bits of the siphash for port offset calculation
(CVE-2022-1012)
- ACPI: sysfs: Make sparse happy about address space in use
- ACPI: sysfs: Fix BERT error region memory mapping
- random: avoid arch_get_random_seed_long() when collecting IRQ randomness
- random: remove dead code left over from blocking pool
- MAINTAINERS: co-maintain random.c
- MAINTAINERS: add git tree for random.c
- crypto: lib/blake2s - Move selftest prototype into header file
- crypto: blake2s - define shash_alg structs using macros
- [amd64] crypto: x86/blake2s - define shash_alg structs using macros
- crypto: blake2s - remove unneeded includes
- crypto: blake2s - move update and final logic to internal/blake2s.h
- crypto: blake2s - share the "shash" API boilerplate code
- crypto: blake2s - optimize blake2s initialization
- crypto: blake2s - add comment for blake2s_state fields
- crypto: blake2s - adjust include guard naming
- crypto: blake2s - include <linux/bug.h> instead of <asm/bug.h>
- lib/crypto: blake2s: include as built-in
- lib/crypto: blake2s: move hmac construction into wireguard
- lib/crypto: sha1: re-roll loops to reduce code size
- lib/crypto: blake2s: avoid indirect calls to compression function for
Clang CFI
- random: document add_hwgenerator_randomness() with other input functions
- random: remove unused irq_flags argument from add_interrupt_randomness()
- random: use BLAKE2s instead of SHA1 in extraction
- random: do not sign extend bytes for rotation when mixing
- random: do not re-init if crng_reseed completes before primary init
- random: mix bootloader randomness into pool
- random: harmonize "crng init done" messages
- random: use IS_ENABLED(CONFIG_NUMA) instead of ifdefs
- random: early initialization of ChaCha constants
- random: avoid superfluous call to RDRAND in CRNG extraction
- random: don't reset crng_init_cnt on urandom_read()
- random: fix typo in comments
- random: cleanup poolinfo abstraction
- random: cleanup integer types
- random: remove incomplete last_data logic
- random: remove unused extract_entropy() reserved argument
- random: rather than entropy_store abstraction, use global
- random: remove unused OUTPUT_POOL constants
- random: de-duplicate INPUT_POOL constants
- random: prepend remaining pool constants with POOL_
- random: cleanup fractional entropy shift constants
- random: access input_pool_data directly rather than through pointer
- random: selectively clang-format where it makes sense
- random: simplify arithmetic function flow in account()
- random: continually use hwgenerator randomness
- random: access primary_pool directly rather than through pointer
- random: only call crng_finalize_init() for primary_crng
- random: use computational hash for entropy extraction
- random: simplify entropy debiting
- random: use linear min-entropy accumulation crediting
- random: always wake up entropy writers after extraction
- random: make credit_entropy_bits() always safe
- random: remove use_input_pool parameter from crng_reseed()
- random: remove batched entropy locking
- random: fix locking in crng_fast_load()
- random: use RDSEED instead of RDRAND in entropy extraction
- random: get rid of secondary crngs
- random: inline leaves of rand_initialize()
- random: ensure early RDSEED goes through mixer on init
- random: do not xor RDRAND when writing into /dev/random
- random: absorb fast pool into input pool after fast load
- random: use simpler fast key erasure flow on per-cpu keys
- random: use hash function for crng_slow_load()
- random: make more consistent use of integer types
- random: remove outdated INT_MAX >> 6 check in urandom_read()
- random: zero buffer after reading entropy from userspace
- random: fix locking for crng_init in crng_reseed()
- random: tie batched entropy generation to base_crng generation
- random: remove ifdef'd out interrupt bench
- random: remove unused tracepoints
- random: add proper SPDX header
- random: deobfuscate irq u32/u64 contributions
- random: introduce drain_entropy() helper to declutter crng_reseed()
- random: remove useless header comment
- random: remove whitespace and reorder includes
- random: group initialization wait functions
- random: group crng functions
- random: group entropy extraction functions
- random: group entropy collection functions
- random: group userspace read/write functions
- random: group sysctl functions
- random: rewrite header introductory comment
- random: defer fast pool mixing to worker
- random: do not take pool spinlock at boot
- random: unify early init crng load accounting
- random: check for crng_init == 0 in add_device_randomness()
- random: pull add_hwgenerator_randomness() declaration into random.h
- random: clear fast pool, crng, and batches in cpuhp bring up
- random: round-robin registers as ulong, not u32
- random: only wake up writers after zap if threshold was passed
- random: cleanup UUID handling
- random: unify cycles_t and jiffies usage and types
- random: do crng pre-init loading in worker rather than irq
- random: give sysctl_random_min_urandom_seed a more sensible value
- random: don't let 644 read-only sysctls be written to
- random: replace custom notifier chain with standard one
- random: use SipHash as interrupt entropy accumulator
- random: make consistent usage of crng_ready()
- random: reseed more often immediately after booting
- random: check for signal and try earlier when generating entropy
- random: skip fast_init if hwrng provides large chunk of entropy
- random: treat bootloader trust toggle the same way as cpu trust toggle
- random: re-add removed comment about get_random_{u32,u64} reseeding
- random: mix build-time latent entropy into pool at init
- random: do not split fast init input in add_hwgenerator_randomness()
- random: do not allow user to keep crng key around on stack
- random: check for signal_pending() outside of need_resched() check
- random: check for signals every PAGE_SIZE chunk of /dev/[u]random
- random: allow partial reads if later user copies fail
- random: make random_get_entropy() return an unsigned long
- random: document crng_fast_key_erasure() destination possibility
- random: fix sysctl documentation nits
- init: call time_init() before rand_initialize()
- [s390x] define get_cycles macro for arch-override
- [powerpc*] define get_cycles macro for arch-override
- timekeeping: Add raw clock fallback for random_get_entropy()
- [mips*] use fallback for random_get_entropy() instead of just c0 random
- [arm*] use fallback for random_get_entropy() instead of zero
- [x86] tsc: Use fallback for random_get_entropy() instead of zero
- random: insist on random_get_entropy() existing in order to simplify
- random: do not use batches when !crng_ready()
- random: use first 128 bits of input as fast init
- random: do not pretend to handle premature next security model
- random: order timer entropy functions below interrupt functions
- random: do not use input pool from hard IRQs
- random: help compiler out with fast_mix() by using simpler arguments
- siphash: use one source of truth for siphash permutations
- random: use symbolic constants for crng_init states
- random: avoid initializing twice in credit race
- random: move initialization out of reseeding hot path
- random: remove ratelimiting for in-kernel unseeded randomness
- random: use proper jiffies comparison macro
- random: handle latent entropy and command line from random_init()
- random: credit architectural init the exact amount
- random: use static branch for crng_ready()
- random: remove extern from functions in header
- random: use proper return types on get_random_{int,long}_wait()
- random: make consistent use of buf and len
- random: move initialization functions out of hot pages
- random: move randomize_page() into mm where it belongs
- random: unify batched entropy implementations
- random: convert to using fops->read_iter()
- random: convert to using fops->write_iter()
- random: wire up fops->splice_{read,write}_iter()
- random: check for signals after page of pool writes
- ALSA: ctxfi: Add SB046x PCI ID
https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.120
- percpu_ref_init(): clean ->percpu_count_ref on failure
- net: af_key: check encryption module availability consistency
- nfc: pn533: Fix buggy cleanup order
- [armhf] net: ftgmac100: Disable hardware checksum on AST2600
- [x86] i2c: ismt: Provide a DMA buffer for Interrupt Cause Logging
- [arm64] drivers: i2c: thunderx: Allow driver to work with ACPI defined
TWSI controllers
- netfilter: nf_tables: disallow non-stateful expression in sets earlier
(CVE-2022-1966)
- pipe: make poll_usage boolean and annotate its access
- pipe: Fix missing lock in pipe_resize_ring() (ZDI-CAN-17291)
- cfg80211: set custom regdomain after wiphy registration
- assoc_array: Fix BUG_ON during garbage collect
- io_uring: don't re-import iovecs from callbacks
- io_uring: fix using under-expanded iters
- xfs: detect overflows in bmbt records
- xfs: show the proper user quota options
- xfs: fix the forward progress assertion in xfs_iwalk_run_callbacks
- xfs: fix an ABBA deadlock in xfs_rename
- xfs: Fix CIL throttle hang when CIL space used going backwards
- exfat: check if cluster num is valid
- crypto: drbg - prepare for more fine-grained tracking of seeding state
- crypto: drbg - track whether DRBG was seeded with !rng_is_initialized()
- crypto: drbg - move dynamic ->reseed_threshold adjustments to
__drbg_seed()
- crypto: drbg - make reseeding from get_random_bytes() synchronous
- netfilter: nf_tables: sanitize nft_set_desc_concat_parse() (CVE-2022-1972)
- netfilter: conntrack: re-fetch conntrack after insertion
- [x86] kvm: Alloc dummy async #PF token outside of raw spinlock
- [x86] kvm: use correct GFP flags for preemption disabled
- [x86] KVM: x86: avoid calling x86 emulator without a decoded instruction
(CVE-2022-1852)
- [arm64] crypto: caam - fix i.MX6SX entropy delay value
- crypto: ecrdsa - Fix incorrect use of vli_cmp
- zsmalloc: fix races between asynchronous zspage free and page migration
- Bluetooth: hci_qca: Use del_timer_sync() before freeing
- dm integrity: fix error code in dm_integrity_ctr()
- dm crypt: make printing of the key constant-time
- dm stats: add cond_resched when looping over entries
- dm verity: set DM_TARGET_IMMUTABLE feature flag
- raid5: introduce MD_BROKEN
- HID: multitouch: Add support for Google Whiskers Touchpad
- HID: multitouch: add quirks to enable Lenovo X12 trackpoint
- tpm: Fix buffer access in tpm2_get_tpm_pt()
- docs: submitting-patches: Fix crossref to 'The canonical patch format'
- NFS: Memory allocation failures are not server fatal errors
- NFSD: Fix possible sleep during nfsd4_release_lockowner()
- bpf: Fix potential array overflow in bpf_trampoline_get_progs()
- bpf: Enlarge offset check value to INT_MAX in bpf_skb_{load,store}_bytes
.
[ Salvatore Bonaccorso ]
* [rt] Update to 5.10.115-rt67
* Bump ABI to 15
* [rt] Drop "random: Make it work on rt"
.
[ Mateusz Ĺukasik ]
* [armhf] drivers/thermal: Enable SUN8I_THERMAL as module (Closes: #1007799)
Checksums-Sha1:
f457ed579144e16a3e272c47465c2185f3a8c67e 8609 linux-signed-amd64_5.10.120+1.dsc
1df5f1c6ced31d1c84ca909e41b0d85e4d7e5f07 2764544 linux-signed-amd64_5.10.120+1.tar.xz
Checksums-Sha256:
74093aba0d2d56ca7e150703238a7c35291b3f43d22313212a460563c8fe3fce 8609 linux-signed-amd64_5.10.120+1.dsc
512d7cde28eafe136fd4d981dd3381d99f56d88e7e71fdddd3dc7300586657c5 2764544 linux-signed-amd64_5.10.120+1.tar.xz
Files:
0eaa20cc53c9ee72dd32aa848326eab9 8609 kernel optional linux-signed-amd64_5.10.120+1.dsc
f5752ab7f70b68c456ccf86a801ad13a 2764544 kernel optional linux-signed-amd64_5.10.120+1.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEfKFfvHEI+gkU+E+di0FRiLdONzYFAmKi+scACgkQi0FRiLdO
Nzblvw//aGXcrmQSqGVnQG7KSpQmwHFu/DtDzxw6FjpzgRI0Evp79nPCvRNNg75e
9/Dpt1aHVhy9p5OJqFOkV5yQ2biUYS41YSUwbmrdpVYL9vglIOGm+lJTuNhi/fV6
aedlsaegaNatP0YdLI3usfGg37iWCWpIOERrcFgAS+jLc1Sw353QRBzq58zZyGvs
BXC95UvcUe5322HnLXA0Wpq3MvRnGWbiwq6OUFkGwko/+uldTfsHKkbia50Ibcr0
DmXi/3YtRzbUNAgIiDTCyRtnbQnN+GMBA6/0uC/LFCmBjY8qyUFA4LAj6dRNfLvG
wok1fsuhG2lZpEXxNrGNagCCUyNbRRVMk6CB1CcAdwvP9g6AAPw264ScJHPBpwtj
PS2Siigbr1qAmGW0JmrYEFj+GH7QGvi3KAUcg+IH/6+OkqjA/WlFb6BXpnmSrnja
qW/0x4dqd7CCdAtA+3rDDNyW2wVMIWnsJeyvh4z/c/vYZCnmVMA+CFCbbgEVmX9Y
EWJliv38RT1kNuoQpjgsSqR3IWy455TVSicLraF9zy9tXAWBrKn9O9mAxHGSmivM
43NapVPDhwDLp7oXT/jxq+c1+E9L3oMKvbums8z5ywPA1PuMHcDzF6v6n1OCIDUo
cIEh6UanjYZisfeTNf82/UWoLKSVhuq9n94rhwqCytNNz/0R3vc=
=1UWQ
-----END PGP SIGNATURE-----