Accepted linux-signed-amd64 5.10.140+1 (source) into proposed-updates->stable-new, proposed-updates
- To: debian-changes@lists.debian.org
- Subject: Accepted linux-signed-amd64 5.10.140+1 (source) into proposed-updates->stable-new, proposed-updates
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Sat, 03 Sep 2022 21:17:08 +0000
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=8UiAHnyYZ+koMAifU0Ry6s6hZBE+xs6Rz+yepBnLtN8=; b=nM4iKuXLtl1f0rDI/0louzqkVB 9VEnu2nGdwCudHIoG4PBbmoImZ8r5yH6pNzp5GOS1yaZINOuu5sy/511gusNaPnvIufGIBUKPgDmD J6tX0dD9FKOYmskrCFCJt+g3fR8OByc2sUXmb5E1PBhSPcmbhWOVy5aC8wyO8jhneDZu1UKHn7+2B rhgpeJsVTIOs5vzEA8UqLhEBBMoY86nk7ZCje8YLwZdkTHDXrXmBxKOme9JDYL7lp5gax35fVHweM +tOHLR7mKeA8ofgYFwFyIDQJOKrRGHZ8SUTlT1YVxLaFwWZEh7XdU//Ai3hCQfmIqblX14HyHIfTt tDoyQKTw==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1oUaVo-000Ptz-Cd@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 02 Sep 2022 15:54:53 +0200
Source: linux-signed-amd64
Architecture: source
Version: 5.10.140+1
Distribution: bullseye-proposed-updates
Urgency: medium
Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Changes:
linux-signed-amd64 (5.10.140+1) bullseye; urgency=medium
.
* Sign kernel from linux 5.10.140-1
.
* New upstream stable update:
https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.137
- Makefile: link with -z noexecstack --no-warn-rwx-segments
- [x86] link vdso and boot with -z noexecstack --no-warn-rwx-segments
- Revert "pNFS: nfs3_set_ds_client should set NFS_CS_NOPING"
- scsi: Revert "scsi: qla2xxx: Fix disk failure to rediscover"
- ALSA: bcd2000: Fix a UAF bug on the error path of probing
- ALSA: hda/realtek: Add quirk for Clevo NV45PZ
- ALSA: hda/realtek: Add quirk for HP Spectre x360 15-eb0xxx
- wifi: mac80211_hwsim: fix race condition in pending packet
- wifi: mac80211_hwsim: add back erroneously removed cast
- wifi: mac80211_hwsim: use 32-bit skb cookie
- add barriers to buffer_uptodate and set_buffer_uptodate
- HID: wacom: Only report rotation for art pen
- HID: wacom: Don't register pad_input for touch switch
- [x86] KVM: nVMX: Snapshot pre-VM-Enter BNDCFGS for !nested_run_pending
case
- [x86] KVM: nVMX: Snapshot pre-VM-Enter DEBUGCTL for !nested_run_pending
case
- [x86] KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0
- [s390x] KVM: s390: pv: don't present the ecall interrupt twice
- [x86] KVM: nVMX: Let userspace set nVMX MSR to any _host_ supported value
- [x86] KVM: x86: Mark TSS busy during LTR emulation _after_ all fault
checks
- [x86] KVM: x86: Set error code to segment selector on LLDT/LTR
non-canonical #GP
- [x86] KVM: x86: Tag kvm_mmu_x86_module_init() with __init
- mm: Add kvrealloc()
- xfs: only set IOMAP_F_SHARED when providing a srcmap to a write
- xfs: fix I_DONTCACHE
- mm/mremap: hold the rmap lock in write mode when moving page table
entries.
- ALSA: hda/conexant: Add quirk for LENOVO 20149 Notebook model
- ALSA: hda/cirrus - support for iMac 12,1 model
- ALSA: hda/realtek: Add quirk for another Asus K42JZ model
- ALSA: hda/realtek: Add a quirk for HP OMEN 15 (8786) mute LED
- tty: vt: initialize unicode screen buffer
- vfs: Check the truncate maximum size in inode_newsize_ok()
- fs: Add missing umask strip in vfs_tmpfile
- thermal: sysfs: Fix cooling_device_stats_setup() error code path
- fbcon: Fix boundary checks for fbcon=vc:n1-n2 parameters
- fbcon: Fix accelerated fbdev scrolling while logo is still shown
- usbnet: Fix linkwatch use-after-free on disconnect
- ovl: drop WARN_ON() dentry is NULL in ovl_encode_fh()
- drm/gem: Properly annotate WW context on drm_gem_lock_reservations() error
- [arm*] drm/vc4: hdmi: Disable audio if dmas property is present but empty
- drm/nouveau: fix another off-by-one in nvbios_addr
- drm/nouveau: Don't pm_runtime_put_sync(), only
pm_runtime_put_autosuspend()
- drm/nouveau/acpi: Don't print error when we get -EINPROGRESS from
pm_runtime
- drm/amdgpu: Check BO's requested pinning domains against its
preferred_domains
- iio: light: isl29028: Fix the warning in isl29028_remove()
- scsi: sg: Allow waiting for commands to complete on removed device
- scsi: qla2xxx: Fix incorrect display of max frame size
- scsi: qla2xxx: Zero undefined mailbox IN registers
- fuse: limit nsec
- [arm64] serial: mvebu-uart: uart2 error bits clearing
- md-raid: destroy the bitmap after destroying the thread
- md-raid10: fix KASAN warning
- PCI: Add defines for normal and subtractive PCI bridges
- [powerpc*] powernv: Avoid crashing if rng is NULL
- [mips64el,mipsel] cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK
- usb: typec: ucsi: Acknowledge the GET_ERROR_STATUS command completion
- USB: HCD: Fix URB giveback issue in tasklet function
- [arm64,armhf] usb: dwc3: gadget: refactor dwc3_repare_one_trb
- [arm64,armhf] usb: dwc3: gadget: fix high speed multiplier setting
- netfilter: nf_tables: fix null deref due to zeroed list head
- epoll: autoremove wakers even more aggressively
- [x86] Handle idle=nomwait cmdline properly for x86_idle
- [arm64] Do not forget syscall when starting a new thread.
- [arm64] fix oops in concurrently setting insn_emulation sysctls
- genirq: Don't return error on missing optional irq_request_resources()
- [mips64el,mipsel] irqchip/mips-gic: Only register IPI domain when SMP is
enabled
- genirq: GENERIC_IRQ_IPI depends on SMP
- [mips64el,mipsel] irqchip/mips-gic: Check the return value of ioremap() in
gic_of_init()
- wait: Fix __wait_event_hrtimeout for RT/DL tasks
- [armhf] OMAP2+: display: Fix refcount leak bug
- ACPI: EC: Remove duplicate ThinkPad X1 Carbon 6th entry from DMI quirks
- ACPI: EC: Drop the EC_FLAGS_IGNORE_DSDT_GPE quirk
- ACPI: PM: save NVS memory for Lenovo G40-45
- ACPI: LPSS: Fix missing check in register_device_clock()
- [arm64] dts: allwinner: a64: orangepi-win: Fix LED node name
- PM: hibernate: defer device probing when resuming from hibernation
- selinux: Add boundary check in put_entry()
- [armel,armhf] findbit: fix overflowing offset
- [arm64,armhf] meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init
- ACPI: processor/idle: Annotate more functions to live in cpuidle section
- Input: atmel_mxt_ts - fix up inverted RESET handler
- [arm64] soc: amlogic: Fix refcount leak in meson-secure-pwrc.c
- [x86] pmem: Fix platform-device leak in error path
- [armhf] dts: ast2500-evb: fix board compatible
- [armhf] dts: ast2600-evb: fix board compatible
- [arm64] cpufeature: Allow different PMU versions in ID_DFR0_EL1
- locking/lockdep: Fix lockdep_init_map_*() confusion
- [arm64] soc: fsl: guts: machine variable might be unset
- block: fix infinite loop for invalid zone append
- [armhf] OMAP2+: Fix refcount leak in omapdss_init_of
- [armhf] OMAP2+: Fix refcount leak in omap3xxx_prm_late_init
- [arm64] regulator: qcom_smd: Fix pm8916_pldo range
- [arm64] ACPI: APEI: Fix _EINJ vs EFI_MEMORY_SP
- [arm64] bus: hisi_lpc: fix missing platform_device_put() in
hisi_lpc_acpi_probe()
- erofs: avoid consecutive detection for Highmem memory
- blk-mq: don't create hctx debugfs dir until q->debugfs_dir is created
- hwmon: (drivetemp) Add module alias
- block: remove the request_queue to argument request based tracepoints
- blktrace: Trace remapped requests correctly
- regulator: of: Fix refcount leak bug in of_get_regulation_constraints()
- nohz/full, sched/rt: Fix missed tick-reenabling bug in dequeue_task_rt()
- dm: return early from dm_pr_call() if DM device is suspended
- ath10k: do not enforce interrupt trigger type
- wifi: rtlwifi: fix error codes in rtl_debugfs_set_write_h2c()
- ath11k: fix netdev open race
- drm/mipi-dbi: align max_chunk to 2 in spi_transfer
- ath11k: Fix incorrect debug_mask mappings
- drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers()
- virtio-gpu: fix a missing check to avoid NULL dereference
- [arm64] drm: adv7511: override i2c address of cec before accessing it
- net: fix sk_wmem_schedule() and sk_rmem_schedule() errors
- i2c: Fix a potential use after free
- media: tw686x: Register the irq at the end of probe
- ath9k: fix use-after-free in ath9k_hif_usb_rx_cb (CVE-2022-1679)
- wifi: iwlegacy: 4965: fix potential off-by-one overflow in
il4965_rs_fill_link_cmd()
- drm/radeon: fix incorrrect SPDX-License-Identifiers
- [amd64] crypto: ccp - During shutdown, check SEV data pointer before using
- [arm64] drm: bridge: adv7511: Add check for mipi_dsi_driver_register
- media: hdpvr: fix error value returns in hdpvr_read
- [arm64,armhf] media: v4l2-mem2mem: prevent pollerr when
last_buffer_dequeued is set
- media: tw686x: Fix memory leak in tw686x_video_init
- [arm*] drm/vc4: plane: Remove subpixel positioning check
- [arm*] drm/vc4: plane: Fix margin calculations for the right/bottom edges
- [arm*] drm/vc4: dsi: Correct DSI divider calculations
- [arm*] drm/vc4: dsi: Correct pixel order for DSI0
- [arm*] drm/vc4: drv: Remove the DSI pointer in vc4_drv
- [arm*] drm/vc4: dsi: Use snprintf for the PHY clocks instead of an array
- [arm*] drm/vc4: dsi: Introduce a variant structure
- [arm*] drm/vc4: dsi: Register dsi0 as the correct vc4 encoder type
- [arm*] drm/vc4: dsi: Fix dsi0 interrupt support
- [arm*] drm/vc4: dsi: Add correct stop condition to vc4_dsi_encoder_disable
iteration
- [arm*] drm/vc4: hdmi: Remove firmware logic for MAI threshold setting
- [arm*] drm/vc4: hdmi: Avoid full hdmi audio fifo writes
- [arm*] drm/vc4: hdmi: Don't access the connector state in reset if kmalloc
fails
- [arm*] drm/vc4: hdmi: Limit the BCM2711 to the max without scrambling
- [arm*] drm/vc4: hdmi: Fix timings for interlaced modes
- [arm*] drm/vc4: hdmi: Correct HDMI timing registers for interlaced modes
- [arm64,armhf] drm/rockchip: vop: Don't crash for invalid duplicate_state()
- [arm64,armhf] drm/rockchip: Fix an error handling path rockchip_dp_probe()
- lib: bitmap: order includes alphabetically
- lib: bitmap: provide devm_bitmap_alloc() and devm_bitmap_zalloc()
- hinic: Use the bitmap API when applicable
- net: hinic: fix bug that ethtool get wrong stats
- net: hinic: avoid kernel hung in hinic_get_stats64()
- [arm64] drm/msm/mdp5: Fix global state lock backoff
- mt76: mt76x02u: fix possible memory leak in __mt76x02u_mcu_send_msg
- mediatek: mt76: mac80211: Fix missing of_node_put() in mt76_led_init()
- tcp: make retransmitted SKB fit into the send window
- bpf: Fix subprog names in stack traces.
- fs: check FMODE_LSEEK to control internal pipe splicing
- wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi()
- [i386] can: pch_can: do not report txerr and rxerr during bus-off
- can: sja1000: do not report txerr and rxerr during bus-off
- [armhf] can: sun4i_can: do not report txerr and rxerr during bus-off
- can: kvaser_usb_hydra: do not report txerr and rxerr during bus-off
- can: kvaser_usb_leaf: do not report txerr and rxerr during bus-off
- can: usb_8dev: do not report txerr and rxerr during bus-off
- can: error: specify the values of data[5..7] of CAN error frames
- [i386] can: pch_can: pch_can_error(): initialize errc before using it
- Bluetooth: hci_intel: Add check for platform_driver_register
- wifi: wil6210: debugfs: fix uninitialized variable use in
`wil_write_file_wmi()`
- wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue
- wifi: libertas: Fix possible refcount leak in if_usb_probe()
- [arm64,armhf] media: cedrus: hevc: Add check for invalid timestamp
- net/mlx5e: Remove WARN_ON when trying to offload an unsupported TLS
cipher/version
- net/mlx5e: Fix the value of MLX5E_MAX_RQ_NUM_MTTS
- [arm64] crypto: inside-secure - Add missing MODULE_DEVICE_TABLE for of
- inet: add READ_ONCE(sk->sk_bound_dev_if) in INET_MATCH()
- tcp: sk->sk_bound_dev_if once in inet_request_bound_dev_if()
- ipv6: add READ_ONCE(sk->sk_bound_dev_if) in INET6_MATCH()
- tcp: Fix data-races around sysctl_tcp_l3mdev_accept.
- net: allow unbound socket for packets in VRF when tcp_l3mdev_accept set
- iavf: Fix max_rate limiting
- net: rose: fix netdev reference changes
- dccp: put dccp_qpolicy_full() and dccp_qpolicy_push() in the same lock
- wireguard: ratelimiter: use hrtimer in selftest
- wireguard: allowedips: don't corrupt stack when detecting overflow
- HID: cp2112: prevent a buffer overflow in cp2112_xfer()
- mtd: partitions: Fix refcount leak in parse_redboot_of
- [arm64,armhf] usb: xhci: tegra: Fix error check
- netfilter: xtables: Bring SPDX identifier back
- [arm64,armhf] platform/chrome: cros_ec: Always expose last resume result
- KVM: Don't set Accessed/Dirty bits for ZERO_PAGE
- mwifiex: Ignore BTCOEX events from the 88W8897 firmware
- mwifiex: fix sleep in atomic context bugs caused by dev_coredumpv
- misc: rtsx: Fix an error handling path in rtsx_pci_probe()
- driver core: fix potential deadlock in __driver_attach
- usb: host: xhci: use snprintf() in xhci_decode_trb()
- [arm64,armhf] PCI: dwc: Add unroll iATU space support to
dw_pcie_disable_atu()
- [arm64,armhf] PCI: dwc: Always enable CDM check if "snps,enable-cdm-check"
exists
- soundwire: bus_type: fix remove and shutdown support
- [arm64] KVM: arm64: Don't return from void function
- [x86] intel_th: Fix a resource leak in an error handling path
- [x86] intel_th: msu-sink: Potential dereference of null pointer
- [x86] intel_th: msu: Fix vmalloced buffers
- [x86] staging: rtl8192u: Fix sleep in atomic context bug in
dm_fsync_timer_callback
- [arm64] mmc: sdhci-of-esdhc: Fix refcount leak in
esdhc_signal_voltage_switch
- mmc: block: Add single read for 4k sector cards
- [s390x] KVM: s390: pv: leak the topmost page table when destroy fails
- PCI/portdrv: Don't disable AER reporting in get_port_device_capability()
- [arm64] PCI: qcom: Set up rev 2.1.0 PARF_PHY before enabling clocks
- scsi: smartpqi: Fix DMA direction for RAID requests
- [armhf] usb: aspeed-vhub: Fix refcount leak bug in ast_vhub_init_desc()
- [arm64,armhf] usb: dwc3: core: Deprecate GCTL.CORESOFTRESET
- [arm64,armhf] usb: dwc3: core: Do not perform GCTL_CORE_SOFTRESET during
bootup
- [arm64,armhf] usb: dwc3: qcom: fix missing optional irq warnings
- RDMA/qedr: Improve error logs for rdma_alloc_tid error return
- RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr()
- [arm64] RDMA/hns: Fix incorrect clearing of interrupt status register
- [amd64] RDMA/hfi1: fix potential memory leak in setup_base_ctxt()
- gpio: gpiolib-of: Fix refcount bugs in of_mm_gpiochip_add_data()
- [mips64el,mipsel] mmc: cavium-octeon: Add of_node_put() when breaking out
of loop
- HID: alps: Declare U1_UNICORN_LEGACY support
- USB: serial: fix tty-port initialized comments
- [armhf,i386] platform/olpc: Fix uninitialized data in debugfs write
- RDMA/srpt: Duplicate port name members
- RDMA/srpt: Introduce a reference count in struct srpt_device
- RDMA/srpt: Fix a use-after-free
- mm/mmap.c: fix missing call to vm_unacct_memory in mmap_region
- RDMA/mlx5: Add missing check for return value in get namespace flow
- RDMA/rxe: Fix error unwind in rxe_create_qp()
- null_blk: fix ida error handling in null_add_dev()
- nvme: use command_id instead of req->tag in trace_nvme_complete_rq()
- jbd2: fix outstanding credits assert in jbd2_journal_commit_transaction()
- ext4: recover csum seed of tmp_inode after migrating to extents
- jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal
aborted
- opp: Fix error check in dev_pm_opp_attach_genpd()
- serial: 8250: Export ICR access helpers for internal use
- serial: 8250_dw: Store LSR into lsr_saved_flags in dw8250_tx_wait_empty()
- profiling: fix shift too large makes kernel panic
- tty: n_gsm: Delete gsmtty open SABM frame when config requester
- tty: n_gsm: fix user open not possible at responder until initiator open
- tty: n_gsm: fix wrong queuing behavior in gsm_dlci_data_output()
- tty: n_gsm: fix non flow control frames during mux flow off
- tty: n_gsm: fix packet re-transmission without open control channel
- tty: n_gsm: fix race condition in gsmld_write()
- [arm64] ASoC: qcom: Fix missing of_node_put() in
asoc_qcom_lpass_cpu_platform_probe()
- vfio: Remove extra put/gets around vfio_device->group
- vfio: Simplify the lifetime logic for vfio_device
- vfio: Split creation of a vfio_device into init and register ops
- tty: n_gsm: fix wrong T1 retry count handling
- tty: n_gsm: fix DM command
- tty: n_gsm: fix missing corner cases in gsmld_poll()
- kfifo: fix kfifo_to_user() return type
- lib/smp_processor_id: fix imbalanced instrumentation_end() call
- [arm64] mfd: max77620: Fix refcount leak in max77620_initialise_fps
- [arm64] iommu/arm-smmu: qcom_iommu: Add of_node_put() when breaking out of
loop
- [s390x] dump: fix old lowcore virtual vs physical address confusion
- fuse: Remove the control interface for virtio-fs
- [armhf] ASoC: audio-graph-card: Add of_node_put() in fail path
- [arm64] watchdog: armada_37xx_wdt: check the return value of
devm_ioremap() in armada_37xx_wdt_probe()
- [arm64,armhf] video: fbdev: amba-clcd: Fix refcount leak bugs
- video: fbdev: sis: fix typos in SiS_GetModeID()
- [powerpc*] pci: Prefer PCI domain assignment via DT 'linux,pci-domain' and
alias
- f2fs: don't set GC_FAILURE_PIN for background GC
- f2fs: write checkpoint during FG_GC
- f2fs: fix to remove F2FS_COMPR_FL and tag F2FS_NOCOMP_FL at the same time
- [powerpc*] xive: Fix refcount leak in xive_get_max_prio
- kprobes: Forbid probing on trampoline and BPF code areas
- [powerpc*] pci: Fix PHB numbering when using opal-phbid
- sched/deadline: Merge dl_task_can_attach() and dl_cpu_busy()
- sched, cpuset: Fix dl_cpu_busy() panic due to empty cs->cpus_allowed
- [amd64] x86/numa: Use cpumask_available instead of hardcoded NULL check
- video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock()
- sched: Fix the check of nr_running at queue wakelist
- video: fbdev: vt8623fb: Check the size of screen before memset_io()
- video: fbdev: arkfb: Check the size of screen before memset_io()
- video: fbdev: s3fb: Check the size of screen before memset_io()
- [s390x] scsi: zfcp: Fix missing auto port scan and thus missing target
ports
- scsi: qla2xxx: Fix discovery issues in FC-AL topology
- scsi: qla2xxx: Turn off multi-queue for 8G adapters
- scsi: qla2xxx: Fix erroneous mailbox timeout after PCI error injection
- scsi: qla2xxx: Fix losing FCP-2 targets on long port disable with I/Os
- scsi: qla2xxx: Fix losing FCP-2 targets during port perturbation tests
- [x86] bugs: Enable STIBP for IBPB mitigated RETBleed
- [x86] ftrace/x86: Add back ftrace_expected assignment
- __follow_mount_rcu(): verify that mount_lock remains unchanged
- spmi: trace: fix stack-out-of-bound access in SPMI tracing functions
- [x86] drm/i915/dg1: Update DMC_DEBUG3 register
- HID: Ignore battery for Elan touchscreen on HP Spectre X360 15-df0xxx
- HID: hid-input: add Surface Go battery quirk
- [arm*] drm/vc4: drv: Adopt the dma configuration from the HVS or V3D
component
- usbnet: smsc95xx: Don't clear read-only PHY interrupt
- usbnet: smsc95xx: Avoid link settings race on interrupt reception
- [x86] intel_th: pci: Add Meteor Lake-P support
- [x86] intel_th: pci: Add Raptor Lake-S PCH support
- [x86] intel_th: pci: Add Raptor Lake-S CPU support
- [x86] KVM: set_msr_mce: Permit guests to ignore single-bit ECC errors
- [x86] KVM: x86: Signal #GP, not -EPERM, on bad WRMSR(MCi_CTL/STATUS)
- [amd64] iommu/vt-d: avoid invalid memory access via
node_online(NUMA_NO_NODE)
- PCI/AER: Write AER Capability only when we control it
- PCI/ERR: Bind RCEC devices to the Root Port driver
- PCI/ERR: Rename reset_link() to reset_subordinates()
- PCI/ERR: Simplify by using pci_upstream_bridge()
- PCI/ERR: Simplify by computing pci_pcie_type() once
- PCI/ERR: Use "bridge" for clarity in pcie_do_recovery()
- PCI/ERR: Avoid negated conditional for clarity
- PCI/ERR: Add pci_walk_bridge() to pcie_do_recovery()
- PCI/ERR: Recover from RCEC AER errors
- PCI/AER: Iterate over error counters instead of error strings
- serial: 8250: Dissociate 4MHz Titan ports from Oxford ports
- serial: 8250: Correct the clock for OxSemi PCIe devices
- serial: 8250_pci: Refactor the loop in pci_ite887x_init()
- serial: 8250_pci: Replace dev_*() by pci_*() macros
- serial: 8250: Fold EndRun device support into OxSemi Tornado code
- dm writecache: set a default MAX_WRITEBACK_JOBS
- dm thin: fix use-after-free crash in dm_sm_register_threshold_callback
- timekeeping: contribute wall clock to rng on time change
- btrfs: reject log replay if there is unsupported RO compat flag
- btrfs: reset block group chunk force if we have to wait
- [amd64,arm64] ACPI: CPPC: Do not prevent CPPC from working in the future
- [x86] KVM: VMX: Drop guest CPUID check for VMXE in vmx_set_cr4()
- [x86] KVM: VMX: Drop explicit 'nested' check from vmx_set_cr4()
- [x86] KVM: SVM: Drop VMXE check from svm_set_cr4()
- [x86] KVM: x86: Move vendor CR4 validity check to dedicated kvm_x86_ops
hook
- [x86] KVM: nVMX: Inject #UD if VMXON is attempted with incompatible
CR0/CR4
- [x86] KVM: x86/pmu: preserve IA32_PERF_CAPABILITIES across CPUID refresh
- [x86] KVM: x86/pmu: Use binary search to check filtered events
- [x86] KVM: x86/pmu: Use different raw event masks for AMD and Intel
- [x86] KVM: x86/pmu: Introduce the ctrl_mask value for fixed counter
- [x86] KVM: VMX: Mark all PERF_GLOBAL_(OVF)_CTRL bits reserved if there's
no vPMU
- [x86] KVM: x86/pmu: Ignore pmu->global_ctrl check if vPMU doesn't support
global_ctrl
- xen-blkback: fix persistent grants negotiation
- xen-blkback: Apply 'feature_persistent' parameter when connect
- xen-blkfront: Apply 'feature_persistent' parameter when connect
- KEYS: asymmetric: enforce SM2 signature use pkey algo
- tpm: eventlog: Fix section mismatch for DEBUG_SECTION_MISMATCH
- tracing: Use a struct alignof to determine trace event field alignment
- ext4: check if directory block is within i_size (CVE-2022-1184)
- ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h
- ext4: fix warning in ext4_iomap_begin as race between bmap and write
- ext4: make sure ext4_append() always allocates new block
- ext4: fix use-after-free in ext4_xattr_set_entry
- ext4: update s_overhead_clusters in the superblock during an on-line
resize
- ext4: fix extent status tree race in writeback error recovery path
- ext4: correct max_inline_xattr_value_size computing
- ext4: correct the misjudgment in ext4_iget_extra_inode
- dm raid: fix address sanitizer warning in raid_resume
- dm raid: fix address sanitizer warning in raid_status
- KVM: Add infrastructure and macro to mark VM as bugged
- [x86] KVM: x86: Check lapic_in_kernel() before attempting to set a SynIC
irq (CVE-2022-2153)
- [x86] KVM: x86: Avoid theoretical NULL pointer dereference in
kvm_irq_delivery_to_apic_fast() (CVE-2022-2153)
- mac80211: fix a memory leak where sta_info is not freed
- tcp: fix over estimation in sk_forced_mem_schedule()
- Revert "mwifiex: fix sleep in atomic context bugs caused by dev_coredumpv"
- [arm*] drm/vc4: change vc4_dma_range_matches from a global to static
- Revert "net: usb: ax88179_178a needs FLAG_SEND_ZLP"
- Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression
- [x86] kvm: x86/pmu: Fix the compare function used by the pmu event filter
- [arm64] tee: add overflow check in register_shm_helper()
- net/9p: Initialize the iounit field during fid creation
- net_sched: cls_route: disallow handle of 0
- sched/fair: Fix fault in reweight_entity
- btrfs: only write the sectors in the vertical stripe which has data
stripes
- btrfs: raid56: don't trust any cached sector in __raid56_parity_recover()
https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.138
- ALSA: info: Fix llseek return value when using callback
- ALSA: hda/realtek: Add quirk for Clevo NS50PU, NS70PU
- [x86] mm: Use proper mask when setting PUD mapping
- rds: add missing barrier to release_refill
- ata: libata-eh: Add missing command name
- [arm64] mmc: meson-gx: Fix an error handling path in meson_mmc_probe()
- btrfs: fix lost error handling when looking up extended ref on log replay
- tracing: Have filter accept "common_cpu" to be consistent
- ALSA: usb-audio: More comprehensive mixer map for ASUS ROG Zenith II
- can: ems_usb: fix clang's -Wunaligned-access warning
- apparmor: fix quiet_denied for file rules
- apparmor: fix absroot causing audited secids to begin with =
- apparmor: Fix failed mount permission check error message
- apparmor: fix aa_label_asxprint return check
- apparmor: fix setting unconfined mode on a loaded profile
- apparmor: fix overlapping attachment computation
- apparmor: fix reference count leak in aa_pivotroot()
- apparmor: Fix memleak in aa_simple_write_to_buffer()
- Documentation: ACPI: EINJ: Fix obsolete example
- NFSv4.1: Don't decrease the value of seq_nr_highest_sent
- NFSv4.1: Handle NFS4ERR_DELAY replies to OP_SEQUENCE correctly
- NFSv4: Fix races in the legacy idmapper upcall
- NFSv4.1: RECLAIM_COMPLETE must handle EACCES
- NFSv4/pnfs: Fix a use-after-free bug in open
- bpf: Acquire map uref in .init_seq_private for array map iterator
- bpf: Acquire map uref in .init_seq_private for hash map iterator
- bpf: Acquire map uref in .init_seq_private for sock local storage map
iterator
- bpf: Acquire map uref in .init_seq_private for sock{map,hash} iterator
- bpf: Check the validity of max_rdwr_access for sock local storage map
iterator
- can: mcp251x: Fix race condition on receive interrupt
- [amd64,arm64] net: atlantic: fix aq_vec index out of range error
- sunrpc: fix expiry of auth creds
- SUNRPC: Reinitialise the backchannel request buffers before reuse
- virtio_net: fix memory leak inside XPD_TX with mergeable
- devlink: Fix use-after-free after a failed reload
- [arm64] pinctrl: qcom: msm8916: Allow CAMSS GP clocks to be muxed
- [arm64,armhf] pinctrl: sunxi: Add I/O bias setting for H6 R-PIO
- ACPI: property: Return type of acpi_add_nondev_subnodes() should be bool
- geneve: do not use RT_TOS for IPv6 flowlabel
- ipv6: do not use RT_TOS for IPv6 flowlabel
- [x86] plip: avoid rcu debug splat
- vsock: Fix memory leak in vsock_connect()
- vsock: Set socket state back to SS_UNCONNECTED in vsock_connect_timeout()
- dt-bindings: arm: qcom: fix MSM8916 MTP compatibles
- dt-bindings: clock: qcom,gcc-msm8996: add more GCC clock sources
- ceph: use correct index when encoding client supported features
- ceph: don't leak snap_rwsem in handle_cap_grant
- nfp: ethtool: fix the display error of `ethtool -m DEVNAME`
- xen/xenbus: fix return type in xenbus_file_read()
- atm: idt77252: fix use-after-free bugs caused by tst_timer
- geneve: fix TOS inheriting for ipv4
- [arm64] dpaa2-eth: trace the allocated address instead of page struct
- iavf: Fix adminq error handling
- netfilter: nf_tables: really skip inactive sets when allocating name
- netfilter: nf_tables: validate NFTA_SET_ELEM_OBJREF based on
NFT_SET_OBJECT flag
- netfilter: nf_tables: check NFT_SET_CONCAT flag if field_count is
specified
- [powerpc*] pci: Fix get_phb_number() locking
- [arm64,armhf] spi: meson-spicc: add local pow2 clock ops to preserve rate
between messages
- [arm64,armhf] net: dsa: mv88e6060: prevent crash on an unused port
- [arm64] net: dsa: felix: fix ethtool 256-511 and 512-1023 TX packet
counters
- net: genl: fix error path memory leak in policy dumping
- ice: Ignore EEXIST when setting promisc mode
- [arm64,armhf] i2c: imx: Make sure to unregister adapter on remove()
- regulator: pca9450: Remove restrictions for regulator-name
- i40e: Fix to stop tx_timeout recovery if GLOBR fails
- [arm64,armhf] fec: Fix timer capture timing in `fec_ptp_enable_pps()`
- [x86] stmmac: intel: Add a missing clk_disable_unprepare() call in
intel_eth_pci_remove()
- igb: Add lock to avoid data race
- kbuild: fix the modules order between drivers and libs
- locking/atomic: Make test_and_*_bit() ordered on failure
- [x86] ASoC: SOF: intel: move sof_intel_dsp_desc() forward
- [arm64] drm/meson: Fix refcount bugs in
meson_vpu_has_available_connectors()
- audit: log nftables configuration change events once per table
- netfilter: nftables: add helper function to set the base sequence number
- netfilter: add helper function to set up the nfnetlink header and use it
- [armhf] drm/sun4i: dsi: Prevent underflow when computing packet sizes
- PCI: Add ACS quirk for Broadcom BCM5750x NICs
- [arm64,armhf] platform/chrome: cros_ec_proto: don't show MKBP version if
unsupported
- usb: gadget: uvc: call uvc uvcg_warn on completed status instead of
uvcg_info
- [arm64,armhf] irqchip/tegra: Fix overflow implicit truncation warnings
- [arm64] drm/meson: Fix overflow implicit truncation warnings
- [armhf] clk: ti: Stop using legacy clkctrl names for omap4 and 5
- [arm*] usb: dwc2: gadget: remove D+ pull-up while no vbus with
usb-role-switch
- [x86] vboxguest: Do not use devm for irq
- uacce: Handle parent device removal or parent driver module rmmod
- zram: do not lookup algorithm in backends table
- [arm64] clk: qcom: clk-alpha-pll: fix clk_trion_pll_configure description
- scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user
input
- gadgetfs: ep_io - wait until IRQ finishes
- [x86] pinctrl: intel: Check against matching data instead of ACPI
companion
- [powerpc*] cxl: Fix a memory leak in an error handling path
- [arm64] PCI/ACPI: Guard ARM64-specific mcfg_quirks
- RDMA/rxe: Limit the number of calls to each tasklet
- md: Notify sysfs sync_completed in md_reap_sync_thread()
- nvmet-tcp: fix lockdep complaint on nvmet_tcp_wq flush during queue
teardown
- drivers:md:fix a potential use-after-free bug
- ext4: avoid remove directory when directory is corrupted
- ext4: avoid resizing to a partial cluster size
- lib/list_debug.c: Detect uninitialized lists
- vfio: Clear the caps->buf to NULL after free
- [mips64el,mipsel] cavium-octeon: Fix missing of_node_put() in
octeon2_usb_clocks_start
- modules: Ensure natural alignment for .altinstructions and __bug_table
sections
- watchdog: export lockup_detector_reconfigure
- ALSA: core: Add async signal helpers
- ALSA: timer: Use deferred fasync helper
- ALSA: control: Use deferred fasync helper
- f2fs: fix to avoid use f2fs_bug_on() in f2fs_new_node_page()
- f2fs: fix to do sanity check on segment type in build_sit_entries()
- smb3: check xattr value length earlier
- [powerpc*] 64: Init jump labels before parse_early_param()
- netfilter: nftables: fix a warning message in
nf_tables_commit_audit_collect()
- netfilter: nf_tables: fix audit memory leak in nf_tables_commit
- tracing/probes: Have kprobes and uprobes use $COMM too
- can: j1939: j1939_sk_queue_activate_next_locked(): replace WARN_ON_ONCE
with netdev_warn_once()
- can: j1939: j1939_session_destroy(): fix memory leak of skbs
- PCI/ERR: Retain status from error notification
- qrtr: Convert qrtr_ports from IDR to XArray
- bpf: Fix KASAN use-after-free Read in compute_effective_progs
- [arm64] tee: fix memory leak in tee_shm_register()
https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.139
https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.140
- audit: fix potential double free on error path from
fsnotify_add_inode_mark
- pinctrl: amd: Don't save/restore interrupt status and wake status bits
- xfs: prevent a WARN_ONCE() in xfs_ioc_attr_list()
- xfs: reject crazy array sizes being fed to XFS_IOC_GETBMAP*
- fs: remove __sync_filesystem
- vfs: make sync_filesystem return errors from ->sync_fs
- xfs: return errors in xfs_fs_sync_fs
- xfs: only bother with sync_filesystem during readonly remount
- kernel/sched: Remove dl_boosted flag comment
- xfrm: fix refcount leak in __xfrm_policy_check()
- xfrm: clone missing x->lastused in xfrm_do_migrate
- af_key: Do not call xfrm_probe_algs in parallel (CVE-2022-3028)
- xfrm: policy: fix metadata dst->dev xmit null pointer dereference
- NFS: Don't allocate nfs_fattr on the stack in __nfs42_ssc_open()
- NFSv4.2 fix problems with __nfs42_ssc_open
- SUNRPC: RPC level errors should set task->tk_rpc_status
- mm/huge_memory.c: use helper function migration_entry_to_page()
- mm/smaps: don't access young/dirty bit if pte unpresent
- rose: check NULL rose_loopback_neigh->loopback
- ice: xsk: Force rings to be sized to power of 2
- ice: xsk: prohibit usage of non-balanced queue id
- net/mlx5e: Properly disable vlan strip on non-UL reps
- bonding: 802.3ad: fix no transmission of LACPDUs
- net: ipvtap - add __init/__exit annotations to module init/exit funcs
- netfilter: ebtables: reject blobs that don't provide all entry points
- bnxt_en: fix NQ resource accounting during vf creation on 57500 chips
- netfilter: nft_payload: report ERANGE for too long offset and length
- netfilter: nft_payload: do not truncate csum_offset and csum_type
- netfilter: nf_tables: do not leave chain stats enabled on error
- netfilter: nft_osf: restrict osf to ipv4, ipv6 and inet families
- netfilter: nft_tunnel: restrict it to netdev family
- netfilter: nftables: remove redundant assignment of variable err
- netfilter: nf_tables: consolidate rule verdict trace call
- netfilter: nft_cmp: optimize comparison for 16-bytes
- netfilter: bitwise: improve error goto labels
- netfilter: nf_tables: upfront validation of data via nft_data_init()
- netfilter: nf_tables: disallow jump to implicit chain from set element
- netfilter: nf_tables: disallow binding to already bound chain
(CVE-2022-39190)
- tcp: tweak len/truesize ratio for coalesce candidates
- net: Fix data-races around sysctl_[rw]mem(_offset)?.
- net: Fix data-races around sysctl_[rw]mem_(max|default).
- net: Fix data-races around weight_p and dev_weight_[rt]x_bias.
- net: Fix data-races around netdev_max_backlog.
- net: Fix data-races around netdev_tstamp_prequeue.
- ratelimit: Fix data-races in ___ratelimit().
- bpf: Folding omem_charge() into sk_storage_charge()
- net: Fix data-races around sysctl_optmem_max.
- net: Fix a data-race around sysctl_tstamp_allow_data.
- net: Fix a data-race around sysctl_net_busy_poll.
- net: Fix a data-race around sysctl_net_busy_read.
- net: Fix a data-race around netdev_budget.
- net: Fix a data-race around netdev_budget_usecs.
- net: Fix data-races around sysctl_fb_tunnels_only_for_init_net.
- net: Fix data-races around sysctl_devconf_inherit_init_net.
- net: Fix a data-race around sysctl_somaxconn.
- ixgbe: stop resetting SYSTIME in ixgbe_ptp_start_cyclecounter
- rxrpc: Fix locking in rxrpc's sendmsg
- btrfs: fix silent failure when deleting root reference
- btrfs: replace: drop assert for suspended replace
- btrfs: add info when mount fails due to stale replace target
- btrfs: check if root is readonly while setting security xattr
- [x86] perf/x86/lbr: Enable the branch type for the Arch LBR by default
- [amd64] x86/unwind/orc: Unwind ftrace trampolines with correct ORC entry
- [x86] bugs: Add "unknown" reporting for MMIO Stale Data
- loop: Check for overflow while configuring loop
- asm-generic: sections: refactor memory_intersects
- [s390x] fix double free of GS and RI CBs on fork() failure
- [x86] ACPI: processor: Remove freq Qos request for all CPUs
- xen/privcmd: fix error exit of privcmd_ioctl_dm_op()
- mm/hugetlb: fix hugetlb not supporting softdirty tracking
- Revert "md-raid: destroy the bitmap after destroying the thread"
- md: call __md_stop_writes in md_stop
- [arm64] Fix match_list for erratum 1286807 on Arm Cortex-A76
- Documentation/ABI: Mention retbleed vulnerability info file for sysfs
- blk-mq: fix io hung due to missing commit_rqs
- [x86] perf/x86/intel/uncore: Fix broken read_counter() for SNB IMC PMU
- [x86] scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq
- bpf: Don't use tnum_range on array range checking for poke descriptors
(CVE-2022-2905)
.
[ Salvatore Bonaccorso ]
* Bump ABI to 18
* certs: Rotate to use the "Debian Secure Boot Signer 2022 - linux"
certificate (Closes: #1018752)
* [x86] nospec: Unwreck the RSB stuffing
* [x86] nospec: Fix i386 RSB stuffing (Closes: #1017425)
* mm: Force TLB flush for PFNMAP mappings before unlink_file_vma()
(CVE-2022-39188)
* Revert "PCI/portdrv: Don't disable AER reporting in
get_port_device_capability()"
* bpf: Don't redirect packets with invalid pkt_len
* mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
* net/af_packet: check len when min_header_len equals to 0
Checksums-Sha1:
ba876c96a7e4d5e4e4a51bc058eb6408c11417e1 8609 linux-signed-amd64_5.10.140+1.dsc
346c54422183569f56622b7963cabb15ce773efb 2795020 linux-signed-amd64_5.10.140+1.tar.xz
Checksums-Sha256:
0aa50d4a38586af3f84f1af01160d63fcc88c814d35bed9cb0cc766cfd3635cb 8609 linux-signed-amd64_5.10.140+1.dsc
9f07d5d192376bf13250ec5070730046ca7395ffd5b030af53accb713b2dfd55 2795020 linux-signed-amd64_5.10.140+1.tar.xz
Files:
b39370195a265552a306de3b5f2123c2 8609 kernel optional linux-signed-amd64_5.10.140+1.dsc
119290e64ab498b12ada4ac079c1e24e 2795020 kernel optional linux-signed-amd64_5.10.140+1.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEfKFfvHEI+gkU+E+di0FRiLdONzYFAmMTdJQACgkQi0FRiLdO
NzZExg//cAymLcFdPkHgjh8nJEtyuV4o1J5OvOMmJYVSfDnvBPgpJLDMZ+MPA3Br
xHfI/IWYJFENx+9vy4jjWXeJddgG9ezEY52GzhrZXIDYEF7C57AiGq1RgBCahKc/
J3wwv7LEQs2ZLz1psng7f3aJxdJtkaWlSirmOtHjyT52hl7FCh5GCAqxkbl8V0oi
iuhirAyXxmdaF0yvB45SsHML6UKk17HQvYToaSN6Hx8ds6WFW3QbI6V0T5f8x09N
e9y6sSc8aB3vlohcImXiJB6K046Qz6ZoDEfmCpKsIogOX7mXvAwYQJGW3TwUcZid
pxZW04Frn0f87pPNciDAbhfjqCgUBqxACPkj+GQmt3xrOJoRVOMwymu91PBswGZ4
d56Z5Bt9tCdeXXcZtDLXCQDd4Q0EAYYuDnaW9erpfehV/6CTpoybf3I+hO/fe0cE
Fmqco/K8dI3kF2g0A6pI5Z16zsxu+7U60zlokzLadyFsr+GCFSOO7tDqxeDpYpKQ
o5fnXZPnaoiJeONaDQs64t0Ci9FIxLlKrFsF1fxHcBXuhssS+pzYM9v/ALcLrU46
wyv2IQa8lvsotf67EDCEEg23dm+X358nUEdg+HBh+g3pdgw1rOvkAz2js2kd2QVY
FysQ1Dj446dhI4V+uEpF3mL6/k9WFwPnthhOsp8Vm0faNuWaByk=
=JHoj
-----END PGP SIGNATURE-----