-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 11 Apr 2024 23:17:03 +0200
Source: linux
Architecture: source
Version: 6.1.85-1
Distribution: bookworm-security
Urgency: high
Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 1065320 1068675 1068770
Changes:
linux (6.1.85-1) bookworm-security; urgency=high
.
* New upstream stable update:
https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.83
- md: fix data corruption for raid456 when reshape restart while grow up
- md/raid10: prevent soft lockup while flush writes
- io_uring/unix: drop usage of io_uring socket
- io_uring: drop any code related to SCM_RIGHTS
- nfsd: allow nfsd_file_get to sanely handle a NULL pointer
- nfsd: don't open-code clear_and_wake_up_bit
- nfsd: NFSD_FILE_KEY_INODE only needs to find GC'ed entries
- nfsd: simplify test_bit return in NFSD_FILE_KEY_FULL comparator
- nfsd: don't kill nfsd_files because of lease break error
- nfsd: add some comments to nfsd_file_do_acquire
- nfsd: don't take/put an extra reference when putting a file
- nfsd: update comment over __nfsd_file_cache_purge
- nfsd: allow reaping files still under writeback
- NFSD: Convert filecache to rhltable
- nfsd: simplify the delayed disposal list code
- NFSD: Fix problem of COMMIT and NFS4ERR_DELAY in infinite loop
- NFSD: Add an nfsd4_encode_nfstime4() helper
- nfsd: Fix creation time serialization order
- [arm64] media: rkisp1: Fix IRQ handling due to shared interrupts
- perf/arm-cmn: Workaround AmpereOneX errata AC04_MESH_1 (incorrect child
count)
- ASoC: rt5645: Make LattePanda board DMI match more precise
- [x86] ASoC: amd: yc: Fix non-functional mic on Lenovo 82UU
- [x86] xen: Add some null pointer checking to smp.c
- [mips*] Clear Cause.BD in instruction_pointer_set
- HID: multitouch: Add required quirk for Synaptics 0xcddc device
- gen_compile_commands: fix invalid escape sequence warning
- [arm64] sve: Lower the maximum allocation for the SVE ptrace regset
- soc: microchip: Fix POLARFIRE_SOC_SYS_CTRL input prompt
- RDMA/mlx5: Fix fortify source warning while accessing Eth segment
- RDMA/mlx5: Relax DEVX access upon modify commands
- [x86] mm: Move is_vsyscall_vaddr() into asm/vsyscall.h
- [x86] mm: Disallow vsyscall page read for copy_from_kernel_nofault()
- net/iucv: fix the allocation size of iucv_path_table array
- block: sed-opal: handle empty atoms when parsing response
- dm-verity, dm-crypt: align "struct bvec_iter" correctly
- [arm64] dts: Fix dtc interrupt_provider warnings
- btrfs: fix data races when accessing the reserved amount of block reserves
- btrfs: fix data race at btrfs_use_block_rsv() when accessing block reserve
- net: smsc95xx: add support for SYS TEC USB-SPEmodule1
- wifi: mac80211: only call drv_sta_rc_update for uploaded stations
- [x86] ASoC: amd: yc: Add Lenovo ThinkBook 21J0 into DMI quirk table
- scsi: mpt3sas: Prevent sending diag_reset when the controller is ready
- ALSA: hda/realtek - ALC285 reduce pop noise from Headphone port
- drm/amdgpu: Enable gpu reset for S3 abort cases on Raven series
- [x86] ASoC: amd: yc: Fix non-functional mic on Lenovo 21J2
- Bluetooth: mgmt: Fix limited discoverable off timeout
- firewire: core: use long bus reset on gap count error
- [arm64] tegra: Set the correct PHY mode for MGBE
- [x86] ASoC: Intel: bytcr_rt5640: Add an extra entry for the Chuwi Vi8
tablet
- Input: gpio_keys_polled - suppress deferred probe error for gpio
- [x86] ASoC: wm8962: Enable oscillator if selecting WM8962_FLL_OSC
- [x86] ASoC: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono mode
- [x86] ASoC: wm8962: Fix up incorrect error message in wm8962_set_fll
- do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak
- fs: Fix rw_hint validation
- [s390x] dasd: add autoquiesce feature
- [s390x] dasd: Use dev_*() for device log messages
- [s390x] dasd: fix double module refcount decrement
- rcu/exp: Fix RCU expedited parallel grace period kworker allocation
failure recovery
- rcu/exp: Handle RCU expedited grace period kworker allocation failure
- nbd: null check for nla_nest_start
- fs/select: rework stack allocation hack for clang
- md: Don't clear MD_CLOSING when the raid is about to stop
- lib/cmdline: Fix an invalid format specifier in an assertion msg
- lib: memcpy_kunit: Fix an invalid format specifier in an assertion msg
- time: test: Fix incorrect format specifier
- rtc: test: Fix invalid format specifier.
- io_uring/net: unify how recvmsg and sendmsg copy in the msghdr
- io_uring/net: move receive multishot out of the generic msghdr path
- io_uring/net: fix overflow check in io_recvmsg_mshot_prep()
- [x86] resctrl: Implement new mba_MBps throttling heuristic
- [x86] sme: Fix memory encryption setting if enabled by default and not
overridden
- timekeeping: Fix cross-timestamp interpolation on counter wrap
- timekeeping: Fix cross-timestamp interpolation corner case decision
- timekeeping: Fix cross-timestamp interpolation for non-x86
- sched/fair: Take the scheduling domain into account in select_idle_smt()
- sched/fair: Take the scheduling domain into account in select_idle_core()
- wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled
- wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is disabled
- wifi: b43: Stop correct queue in DMA worker when QoS is disabled
- wifi: b43: Disable QoS for bcm4331
- wifi: wilc1000: fix declarations ordering
- wifi: wilc1000: fix RCU usage in connect path
- wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work
- wifi: wilc1000: do not realloc workqueue everytime an interface is added
- wifi: wilc1000: fix multi-vif management when deleting a vif
- wifi: mwifiex: debugfs: Drop unnecessary error check for
debugfs_create_dir()
- cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value
- cpufreq: Explicitly include correct DT includes
- cpufreq: mediatek-hw: Wait for CPU supplies before probing
- sock_diag: annotate data-races around sock_diag_handlers[family]
- inet_diag: annotate data-races around inet_diag_table[]
- bpftool: Silence build warning about calloc()
- libbpf: Apply map_set_def_max_entries() for inner_maps on creation
- af_unix: Annotate data-race of gc_in_progress in wait_for_unix_gc().
- cpufreq: mediatek-hw: Don't error out if supply is not found
- libbpf: Fix faccessat() usage on Android
- pmdomain: qcom: rpmhpd: Drop SA8540P gfx.lvl
- [arm64] dts: imx8mm-kontron: Disable pullups for I2C signals on OSM-S
i.MX8MM
- [arm64] dts: imx8mm-kontron: Disable pullups for I2C signals on SL/BL
i.MX8MM
- [arm64] dts: imx8mm-kontron: Disable pullups for onboard UART signals on
BL OSM-S board
- [arm64] dts: imx8mm-kontron: Disable pullups for onboard UART signals on
BL board
- [arm64] dts: imx8mm-kontron: Disable pull resistors for SD card signals on
BL OSM-S board
- [arm64] dts: imx8mm-kontron: Disable pull resistors for SD card signals on
BL board
- [arm64] dts: imx8mm-kontron: Fix interrupt for RTC on OSM-S i.MX8MM module
- libbpf: Add missing LIBBPF_API annotation to libbpf_set_memlock_rlim API
- wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete
- wifi: iwlwifi: mvm: report beacon protection failures
- wifi: iwlwifi: dbg-tlv: ensure NUL termination
- wifi: iwlwifi: fix EWRD table validity check
- gpio: vf610: allow disabling the vf610 driver
- [arm64] dts: imx8mm-venice-gw71xx: fix USB OTG VBUS
- net: blackhole_dev: fix build warning for ethh set but not used
- wifi: ath11k: initialize rx_mcs_80 and rx_mcs_160 before use
- wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer()
- wifi: wfx: fix memory leak when starting AP
- printk: Disable passing console lock owner completely during panic()
- pwm: sti: Fix capture for st,pwm-num-chan < st,capture-num-chan
- tools/resolve_btfids: Refactor set sorting with types from btf_ids.h
- tools/resolve_btfids: Fix cross-compilation to non-host endianness
- wifi: iwlwifi: mvm: don't set replay counters to 0xff
- [s390x] pai: fix attr_event_free upper limit for pai device drivers
- [s390x] vdso: drop '-fPIC' from LDFLAGS
- ipv6: mcast: remove one synchronize_net() barrier in ipv6_mc_down()
- [arm64] dts: mt8183: kukui: Split out keyboard node and describe
detachables
- [arm64] dts: mt8183: Move CrosEC base detection node to kukui-based DTs
- [arm64] dts: mediatek: mt7986: add "#reset-cells" to infracfg
- [arm64] dts: mediatek: mt8192-asurada: Remove CrosEC base detection node
- [arm64] dts: mediatek: mt8192: fix vencoder clock name
- [arm64] dts: mediatek: mt7622: add missing "device_type" to memory nodes
- bpf: Mark bpf_spin_{lock,unlock}() helpers with notrace correctly
- wifi: wilc1000: prevent use-after-free on vif when cleaning up all
interfaces
- ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit()
- bus: tegra-aconnect: Update dependency to ARCH_TEGRA
- [amd64] iommu/amd: Mark interrupt as managed
- wifi: brcmsmac: avoid function pointer casts
- [arm64] dts: qcom: sdm845-db845c: correct PCIe wake-gpios
- [arm64] dts: qcom: sm8150: use 'gpios' suffix for PCI GPIOs
- [arm64] dts: qcom: sm8150: correct PCIe wake-gpios
- powercap: dtpm_cpu: Fix error check against freq_qos_add_request()
- net: ena: Remove ena_select_queue
- [arm64] dts: mt8195-cherry-tomato: change watchdog reset boot flow
- firmware: arm_scmi: Fix double free in SMC transport cleanup path
- wifi: wilc1000: revert reset line logic flip
- net: mctp: copy skb ext data when fragmenting
- pstore: inode: Convert mutex usage to guard(mutex)
- pstore: inode: Only d_invalidate() is needed
- [arm64] dts: allwinner: h6: Add RX DMA channel for SPDIF
- ACPI: resource: Add Infinity laptops to irq1_edge_low_force_override
- ACPI: resource: Do IRQ override on Lunnen Ground laptops
- ACPI: resource: Add MAIBENBEN X577 to irq1_edge_low_force_override
- ACPI: scan: Fix device check notification handling
- [x86] relocs: Ignore relocations in .notes section (CVE-2024-26816)
- SUNRPC: fix some memleaks in gssx_dec_option_array
- mmc: wmt-sdmmc: remove an incorrect release_mem_region() call in the
.remove function
- ACPI: CPPC: enable AMD CPPC V2 support for family 17h processors
- wifi: rtw88: 8821c: Fix beacon loss and disconnect
- wifi: rtw88: 8821c: Fix false alarm count
- PCI: Make pci_dev_is_disconnected() helper public for other drivers
- [amd64] iommu/vt-d: Don't issue ATS Invalidation request when device is
disconnected
- igb: Fix missing time sync events
- Bluetooth: Remove HCI_POWER_OFF_TIMEOUT
- Bluetooth: mgmt: Remove leftover queuing of power_off work
- Bluetooth: Remove superfluous call to hci_conn_check_pending()
- Bluetooth: hci_qca: don't use IS_ERR_OR_NULL() with gpiod_get_optional()
- Bluetooth: Cancel sync command before suspend and power off
- Bluetooth: hci_sync: Only allow hci_cmd_sync_queue if running
- Bluetooth: hci_conn: Consolidate code for aborting connections
- Bluetooth: hci_core: Cancel request on command timeout
- Bluetooth: hci_sync: Fix overwriting request callback
- Bluetooth: hci_core: Fix possible buffer overflow
- Bluetooth: af_bluetooth: Fix deadlock
- Bluetooth: fix use-after-free in accessing skb after sending it
- [s390x] cache: prevent rebuild of shared_cpu_list
- bpf: Fix DEVMAP_HASH overflow check on 32-bit arches
- bpf: Fix hashtab overflow check on 32-bit arches
- bpf: Fix stackmap overflow check on 32-bit arches
- [amd64] iommu/vt-d: Retrieve IOMMU perfmon capability information
- ipv6: fib6_rules: flush route cache when rule is changed
- net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv()
- net: phy: fix phy_get_internal_delay accessing an empty array
- [arm64] net: hns3: fix wrong judgment condition issue
- [arm64] net: hns3: fix kernel crash when 1588 is received on HIP08 devices
- [arm64] net: hns3: fix port duplex configure error in IMP reset
- Bluetooth: MGMT: Fix always using HCI_MAX_AD_LENGTH
- Bluetooth: hci_core: Fix missing instances using HCI_MAX_AD_LENGTH
- Bluetooth: Fix eir name length
- net: phy: dp83822: Fix RGMII TX delay configuration
- OPP: debugfs: Fix warning around icc_get_name()
- tcp: fix incorrect parameter validation in the do_tcp_getsockopt()
function
- ipmr: fix incorrect parameter validation in the ip_mroute_getsockopt()
function
- l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt()
function
- udp: fix incorrect parameter validation in the udp_lib_getsockopt()
function
- net: kcm: fix incorrect parameter validation in the kcm_getsockopt)
function
- nfp: flower: handle acti_netdevs allocation failure
- bpf: hardcode BPF_PROG_PACK_SIZE to 2MB * num_possible_nodes()
- dm raid: fix false positive for requeue needed during reshape
- dm: call the resume method on internal suspend
- [arm64,armhf] drm/tegra: dsi: Add missing check for of_find_device_by_node
- [arm64,armhf] drm/tegra: dpaux: Fix PM disable depth imbalance in
tegra_dpaux_probe
- [arm64,armhf] drm/tegra: dsi: Make use of the helper function
dev_err_probe()
- [arm64,armhf] drm/tegra: dsi: Fix some error handling paths in
tegra_dsi_probe()
- [arm64,armhf] drm/tegra: dsi: Fix missing pm_runtime_disable() in the
error handling path of tegra_dsi_probe()
- [arm64,armhf] drm/tegra: hdmi: Convert to devm_platform_ioremap_resource()
- [arm64,armhf] drm/tegra: hdmi: Fix some error handling paths in
tegra_hdmi_probe()
- [arm64,armhf] drm/tegra: rgb: Fix some error handling paths in
tegra_dc_rgb_probe()
- [arm64,armhf] drm/tegra: rgb: Fix missing clk_put() in the error handling
paths of tegra_dc_rgb_probe()
- [arm64,armhf] drm/tegra: output: Fix missing i2c_put_adapter() in the
error handling paths of tegra_output_probe()
- drm: Don't treat 0 as -1 in drm_fixp2int_ceil
- drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node
- drm/panel-edp: use put_sync in unprepare
- drm/lima: fix a memleak in lima_heap_alloc
- [x86] ASoC: amd: acp: Add missing error handling in sof-mach
- dmaengine: tegra210-adma: Update dependency to ARCH_TEGRA
- media: tc358743: register v4l2 async device only after successful setup
- PCI/DPC: Print all TLP Prefixes, not just the first
- perf record: Fix possible incorrect free in record__switch_output()
- HID: lenovo: Add middleclick_workaround sysfs knob for cptkbd
- drm/amd/display: Fix a potential buffer overflow in
'dp_dsc_clock_en_read()'
- drm/amd/display: Fix potential NULL pointer dereferences in
'dcn10_set_output_transfer_func()'
- pinctrl: renesas: r8a779g0: Add Audio SSI pins, groups, and functions
- pinctrl: renesas: r8a779g0: Add missing SCIF_CLK2 pin group/function
- clk: samsung: exynos850: Propagate SPI IPCLK rate change
- perf evsel: Fix duplicate initialization of data->id in
evsel__parse_sample()
- clk: meson: Add missing clocks to axg_clk_regmaps
- media: em28xx: annotate unchecked call to media_device_register()
- media: v4l2-tpg: fix some memleaks in tpg_alloc
- media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity
- media: edia: dvbdev: fix a use-after-free
- clk: qcom: reset: Commonize the de/assert functions
- clk: qcom: reset: Ensure write completion on reset de/assertion
- quota: simplify drop_dquot_ref()
- quota: Fix potential NULL pointer dereference
- quota: Fix rcu annotations of inode dquot pointers
- PCI: switchtec: Fix an error handling path in switchtec_pci_probe()
- crypto: xilinx - call finalize with bh disabled
- perf thread_map: Free strlist on normal path in
thread_map__new_by_tid_str()
- [arm64] drm/msm/dpu: fix the programming of INTF_CFG2_DATA_HCTL_EN
- [arm64] drm/msm/dpu: Only enable DSC_MODE_MULTIPLEX if dsc_merge is
enabled
- drm/radeon/ni: Fix wrong firmware size logging in ni_init_microcode()
- ALSA: seq: fix function cast warnings
- perf stat: Avoid metric-only segv
- [arm64,armhf] ASoC: meson: aiu: fix function pointer type mismatch
- [arm64,armhf] ASoC: meson: t9015: fix function pointer type mismatch
- [powerpc*] Force inlining of arch_vmap_p{u/m}d_supported()
- [x86] ASoC: SOF: Introduce container struct for SOF firmware
- [x86] ASoC: SOF: Add some bounds checking to firmware data
- NTB: EPF: fix possible memory leak in pci_vntb_probe()
- NTB: fix possible name leak in ntb_register_device()
- media: cedrus: h265: Associate mv col buffers with buffer
- media: cedrus: h265: Fix configuring bitstream size
- media: sun8i-di: Fix coefficient writes
- media: sun8i-di: Fix power on/off sequences
- media: sun8i-di: Fix chroma difference threshold
- media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak
- media: go7007: add check of return value of go7007_read_addr()
- media: pvrusb2: remove redundant NULL check
- media: pvrusb2: fix pvr2_stream_callback casts
- clk: qcom: dispcc-sdm845: Adjust internal GDSC wait times
- PCI: Mark 3ware-9650SE Root Port Extended Tags as broken
- clk: hisilicon: hi3519: Release the correct number of gates in
hi3519_clk_unregister()
- clk: hisilicon: hi3559a: Fix an erroneous devm_kfree()
- [arm64,armhf] drm/tegra: put drm_gem_object ref on error in
tegra_fb_create
- mfd: syscon: Call of_node_put() only when of_parse_phandle() takes a ref
- mfd: altera-sysmgr: Call of_node_put() only when of_parse_phandle() takes
a ref
- crypto: jitter - fix CRYPTO_JITTERENTROPY help text
- drm/tidss: Fix initial plane zpos values
- drm/tidss: Fix sync-lost issue with two displays
- mtd: maps: physmap-core: fix flash size larger than 32-bit
- mtd: rawnand: lpc32xx_mlc: fix irq handler prototype
- [arm64,armhf] ASoC: meson: axg-tdm-interface: fix mclk setup without
mclk-fs
- [arm64,armhf] ASoC: meson: axg-tdm-interface: add frame rate constraint
- HID: amd_sfh: Update HPD sensor structure elements
- HID: amd_sfh: Avoid disabling the interrupt
- drm/amdgpu: Fix missing break in ATOM_ARG_IMM Case of atom_get_src_int()
- media: pvrusb2: fix uaf in pvr2_context_set_notify
- media: dvb-frontends: avoid stack overflow warnings with clang
- media: go7007: fix a memleak in go7007_load_encoder
- media: ttpci: fix two memleaks in budget_av_attach
- media: mediatek: vcodec: avoid -Wcast-function-type-strict warning
- gpio: nomadik: fix offset bug in nmk_pmx_set()
- [powerpc*] pseries: Fix potential memleak in papr_get_attr()
- [powerpc*] hv-gpci: Fix the H_GET_PERF_COUNTER_INFO hcall return value
checks
- [arm64] drm/msm/dpu: add division of drm_display_mode's hskew parameter
- modules: wait do_free_init correctly
- powerpc/embedded6xx: Fix no previous prototype for avr_uart_send() etc.
- leds: aw2013: Unlock mutex before destroying it
- leds: sgm3140: Add missing timer cleanup and flash gpio control
- backlight: lm3630a: Initialize backlight_properties on init
- backlight: lm3630a: Don't set bl->props.brightness in get_brightness
- backlight: da9052: Fully initialize backlight_properties during probe
- backlight: lm3639: Fully initialize backlight_properties during probe
- backlight: lp8788: Fully initialize backlight_properties during probe
- clk: Fix clk_core_get NULL dereference
- clk: zynq: Prevent null pointer dereference caused by kmalloc failure
- ALSA: hda/realtek: fix ALC285 issues on HP Envy x360 laptops
- ALSA: usb-audio: Stop parsing channels bits when all channels are found.
- RDMA/irdma: Allow accurate reporting on QP max send/recv WR
- RDMA/irdma: Remove duplicate assignment
- RDMA/srpt: Do not register event handler until srpt device is fully setup
- f2fs: reduce stack memory cost by using bitfield in struct f2fs_io_info
- f2fs: compress: fix to guarantee persisting compressed blocks by CP
- f2fs: compress: fix to cover normal cluster write with cp_rwsem
- f2fs: compress: fix to check unreleased compressed cluster
- f2fs: simplify __allocate_data_block
- f2fs: delete obsolete FI_FIRST_BLOCK_WRITTEN
- f2fs: delete obsolete FI_DROP_CACHE
- f2fs: introduce get_dnode_addr() to clean up codes
- f2fs: update blkaddr in __set_data_blkaddr() for cleanup
- f2fs: compress: fix to avoid inconsistence bewteen i_blocks and dnode
- f2fs: compress: fix to cover f2fs_disable_compressed_file() w/ i_sem
- f2fs: fix to avoid potential panic during recovery
- scsi: csiostor: Avoid function pointer casts
- [arm64] RDMA/hns: Fix mis-modifying default congestion control algorithm
- RDMA/device: Fix a race between mad_client and cm_client init
- RDMA/rtrs-clt: Check strnlen return len in sysfs mpath_policy_store()
- scsi: bfa: Fix function pointer type mismatch for hcb_qe->cbfn
- f2fs: compress: fix to check zstd compress level correctly in mount option
- net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr()
- NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102
- NFSv4.2: fix listxattr maximum XDR buffer size
- f2fs: compress: fix to check compress flag w/ .i_sem lock
- f2fs: check number of blocks in a current section
- watchdog: stm32_iwdg: initialize default timeout
- f2fs: ro: compress: fix to avoid caching unaligned extent
- NFS: Fix an off by one in root_nfs_cat()
- f2fs: convert to use sbi directly
- f2fs: compress: relocate some judgments in f2fs_reserve_compress_blocks
- f2fs: compress: fix reserve_cblocks counting error when out of space
- [x86] perf/x86/amd/core: Avoid register reset when CPU is dead
- afs: Revert "afs: Hide silly-rename files from userspace"
- nfs: fix panic when nfs4_ff_layout_prepare_ds() fails
- io_uring/net: correct the type of variable
- comedi: comedi_test: Prevent timers rescheduling during deletion
- [armhf] remoteproc: stm32: use correct format strings on 64-bit
- [armhf] remoteproc: stm32: Fix incorrect type in assignment for va
- [armhf] remoteproc: stm32: Fix incorrect type assignment returned by
stm32_rproc_get_loaded_rsc_tablef
- usb: phy: generic: Get the vbus supply
- tty: vt: fix 20 vs 0x20 typo in EScsiignore
- serial: max310x: fix syntax error in IRQ error message
- tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT
- [arm64] dts: broadcom: bcmbca: bcm4908: drop invalid switch cells
- hwtracing: hisi_ptt: Move type check to the beginning of
hisi_ptt_pmu_event_init()
- rtc: mt6397: select IRQ_DOMAIN instead of depending on it
- serial: 8250_exar: Don't remove GPIO device on suspend
- staging: greybus: fix get_channel_from_mode() failure path
- usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin
- nouveau: reset the bo resource bus info after an eviction
- tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge()
- rds: tcp: Fix use-after-free of net in reqsk_timer_handler().
- [s390x] vtime: fix average steal time calculation
- net/sched: taprio: proper TCA_TAPRIO_TC_ENTRY_INDEX check (CVE-2024-26815)
- soc: fsl: dpio: fix kcalloc() argument order
- tcp: Fix refcnt handling in __inet_hash_connect().
- hsr: Fix uninit-value access in hsr_get_node()
- nvme: only set reserved_tags in nvme_alloc_io_tag_set for fabrics
controllers
- nvme: add the Apple shared tag workaround to nvme_alloc_io_tag_set
- nvme: fix reconnection fail due to reserved tag allocation
- net: mediatek: mtk_eth_soc: clear MAC_MCR_FORCE_LINK only when MAC is up
- net: ethernet: mtk_eth_soc: fix PPE hanging issue
- packet: annotate data-races around ignore_outgoing
- net: veth: do not manipulate GRO when using XDP
- net: dsa: mt7530: prevent possible incorrect XTAL frequency selection
- drm: Fix drm_fixp2int_round() making it add 0.5
- vdpa_sim: reset must not run
- vdpa/mlx5: Allow CVQ size changes
- wireguard: receive: annotate data-race around receiving_counter.counter
- rds: introduce acquire/release ordering in acquire/release_in_xmit()
- hsr: Handle failures in module init
- ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels
- net: phy: fix phy_read_poll_timeout argument type in genphy_loopback
- dm-integrity: fix a memory leak when rechecking the data
- net/bnx2x: Prevent access to a freed page in page_pool
- netfilter: nft_set_pipapo: release elements in clone only from destroy
path (CVE-2024-26809)
- netfilter: nf_tables: do not compare internal table flags on updates
- rcu: add a helper to report consolidated flavor QS
- net: report RCU QS on threaded NAPI repolling
- bpf: report RCU QS in cpumap kthread
- net: dsa: mt7530: fix link-local frames that ingress vlan filtering ports
- net: dsa: mt7530: fix handling of all link-local frames
- spi: spi-mt65xx: Fix NULL pointer access in interrupt handler
- dm: address indent/space issues
- dm io: Support IO priority
- dm-integrity: align the outgoing bio in integrity_recheck
- [armhf] remoteproc: stm32: fix incorrect optional pointers
https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.84
- [x86] cpu: Support AMD Automatic IBRS
- [x86] bugs: Use sysfs_emit()
- [x86] KVM: x86: Update KVM-only leaf handling to allow for 100% KVM-only
leafs
- [x86] KVM: x86: Advertise CPUID.(EAX=7,ECX=2):EDX[5:0] to userspace
- [x86] KVM: x86: Use a switch statement and macros in __feature_translate()
- timers: Update kernel-doc for various functions
- timers: Use del_timer_sync() even on UP
- timers: Rename del_timer_sync() to timer_delete_sync()
- wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach
- media: staging: ipu3-imgu: Set fields before media_entity_pads_init()
- [arm64] dts: qcom: sc7280: Add additional MSI interrupts
- [arm64,armhf] remoteproc: virtio: Fix wdg cannot recovery remote processor
- [arm64] clk: qcom: gcc-sdm845: Add soft dependency on rpmhpd
- [armhf] arm: dts: marvell: Fix maxium->maxim typo in brownstone dts
- drm/vmwgfx: Fix possible null pointer derefence with invalid contexts
- serial: max310x: fix NULL pointer dereference in I2C instantiation
- pci_iounmap(): Fix MMIO mapping leak
- media: xc4000: Fix atomicity violation in xc4000_get_frequency
- media: mc: Add local pad to pipeline regardless of the link state
- media: mc: Fix flags handling when creating pad links
- media: mc: Add num_links flag to media_pad
- media: mc: Rename pad variable to clarify intent
- media: mc: Expand MUST_CONNECT flag to always require an enabled link
- KVM: Always flush async #PF workqueue when vCPU is being destroyed
- [x86] cpufreq: amd-pstate: Fix min_perf assignment in
amd_pstate_adjust_perf()
- [powerpc*] smp: Adjust nr_cpu_ids to cover all threads of a core
- [powerpc*] smp: Increase nr_cpu_ids to include the boot CPU
- [x86] crypto: qat - fix double free during reset
- [x86] crypto: qat - resolve race condition during AER recovery
- ext4: correct best extent lstart adjustment logic
- block: Clear zone limits for a non-zoned stacked queue
- bounds: support non-power-of-two CONFIG_NR_CPUS
- fat: fix uninitialized field in nostale filehandles
- ubifs: Set page uptodate in the correct place
- ubi: Check for too small LEB size in VTBL code
- ubi: correct the calculation of fastmap size
- md/raid5: fix atomicity violation in raid5_cache_count
- cpufreq: Limit resolving a frequency to policy min/max
- PM: suspend: Set mem_sleep_current during kernel command line setup
- usb: xhci: Add error handling in xhci_map_urb_for_dma
- [powerpc*] fsl: Fix mfpmr build errors with newer binutils
- USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB
- USB: serial: add device ID for VeriFone adapter
- USB: serial: cp210x: add ID for MGP Instruments PDS100
- USB: serial: option: add MeiG Smart SLM320 product
- [x86] KVM: x86/xen: inject vCPU upcall vector when local APIC is enabled
- USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M
- PM: sleep: wakeirq: fix wake irq warning in system suspend
- mmc: tmio: avoid concurrent runs of mmc_request_done()
- fuse: fix root lookup with nonzero generation
- fuse: don't unhash root
- usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros
- serial: Lock console when calling into driver before registration
- btrfs: qgroup: always free reserved space for extent records
- btrfs: fix off-by-one chunk length calculation at
contains_pending_extent()
- PCI/PM: Drain runtime-idle callbacks before driver removal
- PCI/DPC: Quirk PIO log size for Intel Raptor Lake Root Ports
- dm-raid: fix lockdep waring in "pers->hot_add_disk"
- [powerpc*] xor_vmx: Add '-mhard-float' to CFLAGS
- mac802154: fix llsec key resources release in mac802154_llsec_key_del
- swap: comments get_swap_device() with usage rule
- mm: swap: fix race between free_swap_and_cache() and swapoff()
- mmc: core: Fix switch on gp3 partition
- [arm64,armhf] drm/etnaviv: Restore some id values
- landlock: Warn once if a Landlock action is requested while disabled
- hwmon: (amc6821) add of_match table
- ext4: fix corruption during on-line resize
- nvmem: meson-efuse: fix function pointer type mismatch
- slimbus: core: Remove usage of the deprecated ida_simple_xx() API
- phy: tegra: xusb: Add API to retrieve the port number of phy
- usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic
- speakup: Fix 8bit characters from direct synth
- PCI/AER: Block runtime suspend when handling errors
- io_uring/net: correctly handle multishot recvmsg retry setup
- nfs: fix UAF in direct writes
- kbuild: Move -Wenum-{compare-conditional,enum-conversion} into W=1
- [arm64] PCI: qcom: Rename qcom_pcie_config_sid_sm8250() to reflect IP
version
- [arm64] PCI: qcom: Enable BDF to SID translation properly
- [amd64,arm64] PCI: hv: Fix ring buffer size calculation
- vfio: Use GFP_KERNEL_ACCOUNT for userspace persistent allocations
- vfio/pci: Consolidate irq cleanup on MSI/MSI-X disable
- vfio/pci: Remove negative check on unsigned vector
- vfio/pci: Lock external INTx masking ops (CVE-2024-26810)
- vfio/platform: Disable virqfds on cleanup
- ksmbd: retrieve number of blocks using vfs_getattr in
set_file_allocation_info
- ring-buffer: Fix waking up ring buffer readers
- ring-buffer: Do not set shortest_full when full target is hit
- ring-buffer: Fix resetting of shortest_full
- ring-buffer: Fix full_waiters_pending in poll
- ring-buffer: Use wait_event_interruptible() in ring_buffer_wait()
- [s390x] zcrypt: fix reference counting on zcrypt card objects
- drm/probe-helper: warn about negative .get_modes()
- drm/panel: do not return negative error codes from drm_panel_get_modes()
- [armhf] drm/exynos: do not return negative values from .get_modes()
- [armhf] drm/imx/ipuv3: do not return negative values from .get_modes()
- [arm64,armhf] drm/vc4: hdmi: do not return negative values from
.get_modes()
- memtest: use {READ,WRITE}_ONCE in memory scanning
- Revert "block/mq-deadline: use correct way to throttling write requests"
- f2fs: mark inode dirty for FI_ATOMIC_COMMITTED flag
- f2fs: truncate page cache before clearing flags when aborting atomic write
- nilfs2: fix failure to detect DAT corruption in btree and direct mappings
- nilfs2: prevent kernel bug at submit_bh_wbc()
- cifs: open_cached_dir(): add FILE_READ_EA to desired access
- cpufreq: dt: always allocate zeroed cpumask
- [amd64] x86/CPU/AMD: Update the Zenbleed microcode revisions
- NFSD: Fix nfsd_clid_class use of __string_len() macro
- net: hns3: tracing: fix hclgevf trace event strings
- wireguard: netlink: check for dangling peer via is_dead instead of empty
list
- wireguard: netlink: access device through ctx instead of peer
- ahci: asm1064: correct count of reported ports
- ahci: asm1064: asm1166: don't limit reported ports
- drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag
- drm/amd/display: Return the correct HDCP error code
- drm/amd/display: Fix noise issue on HDMI AV mute
- dm snapshot: fix lockup in dm_exception_table_exit
- [x86] pm: Work around false positive kmemleak report in
msr_build_context()
- cpufreq: brcmstb-avs-cpufreq: fix up "add check for cpufreq_cpu_get's
return value"
- [x86] platform/x86: p2sb: On Goldmont only cache P2SB and SPI devfn BAR
(Closes: #1065320)
- tls: fix race between tx work scheduling and socket close (CVE-2024-26585)
- netfilter: nf_tables: mark set as dead when unbinding anonymous set with
timeout (CVE-2024-26643)
- netfilter: nf_tables: disallow anonymous set with timeout flag
(CVE-2024-26642)
- netfilter: nf_tables: reject constant set with timeout
- Drivers: hv: vmbus: Calculate ring buffer size for more efficient use of
memory
- init/Kconfig: lower GCC version check for -Warray-bounds
- [x86] KVM: x86: Mark target gfn of emulated atomic instruction as dirty
- [x86] KVM: SVM: Flush pages under kvm->lock to fix UAF in
svm_register_enc_region()
- tracing: Use .flush() call to wake up readers
- drm/amdgpu/pm: Fix the error of pwm1_enable setting
- [x86] drm/i915: Check before removing mm notifier
- ALSA: hda/realtek - Fix headset Mic no show at resume back for Lenovo
ALC897 platform
- USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command
- usb: gadget: ncm: Fix handling of zero block length packets
- usb: port: Don't try to peer unused USB ports based on location
- tty: serial: fsl_lpuart: avoid idle preamble pending if CTS is enabled
- misc: lis3lv02d_i2c: Fix regulators getting en-/dis-abled twice on
suspend/resume
- mei: me: add arrow lake point S DID
- mei: me: add arrow lake point H DID
- vt: fix unicode buffer corruption when deleting characters
- fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion
- ALSA: hda/realtek - Add Headset Mic supported Acer NB platform
- ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook
- tee: optee: Fix kernel panic caused by incorrect error handling
- mm, vmscan: prevent infinite loop for costly GFP_NOIO |
__GFP_RETRY_MAYFAIL allocations
- iio: accel: adxl367: fix DEVID read after reset
- iio: accel: adxl367: fix I2C FIFO data register
- i2c: i801: Avoid potential double call to gpiod_remove_lookup_table
- drm/amd/display: handle range offsets in VRR ranges
- [x86] efistub: Call mixed mode boot services on the firmware's stack
- net: tls: handle backlogging of crypto requests (CVE-2024-26584)
- [x86] ASoC: amd: yc: Revert "Fix non-functional mic on Lenovo 21J2"
- iommu: Avoid races around default domain allocations
- clocksource/drivers/arm_global_timer: Fix maximum prescaler value
- entry: Respect changes to system call number by trace_sys_enter()
- minmax: add umin(a, b) and umax(a, b)
- swiotlb: Fix alignment checks when both allocation and DMA masks are
present
- iommu/dma: Force swiotlb_max_mapping_size on an untrusted device
- printk: Update @console_may_schedule in console_trylock_spinning()
- irqchip/renesas-rzg2l: Implement restriction when writing ISCR register
- irqchip/renesas-rzg2l: Flush posted write in irq_eoi()
- irqchip/renesas-rzg2l: Add macro to retrieve TITSR register offset based
on register's index
- irqchip/renesas-rzg2l: Rename rzg2l_tint_eoi()
- irqchip/renesas-rzg2l: Rename rzg2l_irq_eoi()
- irqchip/renesas-rzg2l: Prevent spurious interrupts when setting trigger
type
- [x86] kprobes/x86: Use copy_from_kernel_nofault() to read from unsafe
address
- [x86] fpu: Keep xfd_state in sync with MSR_IA32_XFD
- pwm: img: fix pwm clock lookup
- tty: serial: imx: Fix broken RS485
- block: Fix page refcounts for unaligned buffers in __bio_release_pages()
- blk-mq: release scheduler resource when request completes
- vfio/pci: Disable auto-enable of exclusive INTx IRQ (CVE-2024-27437)
- vfio: Introduce interface to flush virqfd inject workqueue
- vfio/pci: Create persistent INTx handler (CVE-2024-26812)
- vfio/platform: Create persistent IRQ handlers (CVE-2024-26813)
- vfio/fsl-mc: Block calling interrupt handler without trigger
(CVE-2024-26814)
- [x86] coco: Export cc_vendor
- [x86] coco: Get rid of accessor functions
- [x86] Kconfig: Remove CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT
- [x86] sev: Fix position dependent variable references in startup code
- mm/migrate: set swap entry values of THP tail pages properly.
- init: open /initrd.image with O_LARGEFILE
- [x86] efistub: Add missing boot_params for mixed mode compat entry
- btrfs: zoned: don't skip block groups with 100% zone unusable
- btrfs: zoned: use zone aware sb location for scrub
- wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes
- wifi: iwlwifi: fw: don't always use FW dump trig
- exec: Fix NOMMU linux_binprm::exec in transfer_args_to_stack()
- hexagon: vmlinux.lds.S: handle attributes section
- mmc: sdhci-omap: re-tuning is needed after a pm transition to support emmc
HS200 mode
- mmc: core: Initialize mmc_blk_ioc_data
- mmc: core: Avoid negative index with array access
- block: Do not force full zone append completion in req_bio_endio()
- thermal: devfreq_cooling: Fix perf state when calculate dfc res_util
- nouveau/dmem: handle kcalloc() allocation failure
- net: ll_temac: platform_get_resource replaced by wrong function
- drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed
- [x86] drm/i915/bios: Tolerate devdata==NULL in
intel_bios_encoder_supports_dp_dual_mode()
- [x86] drm/i915/gt: Reset queue_priority_hint on parking
- Bluetooth: hci_sync: Fix not checking error on hci_cmd_sync_cancel_sync
- Revert "usb: phy: generic: Get the vbus supply"
- usb: cdc-wdm: close race between read and workqueue
- USB: UAS: return ENODEV when submit urbs fail with device not attached
- usb: dwc3-am62: Rename private data
- usb: dwc3-am62: fix module unload/reload behavior
- ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs
(CVE-2024-26654)
- scsi: core: Fix unremoved procfs host directory regression
- staging: vc04_services: changen strncpy() to strscpy_pad()
- staging: vc04_services: fix information leak in create_component()
- USB: core: Add hub_get() and hub_put() routines
- USB: core: Fix deadlock in port "disable" sysfs attribute
- scsi: sd: Fix TCG OPAL unlock on system resume
- usb: dwc2: host: Fix remote wakeup from hibernation
- usb: dwc2: host: Fix hibernation flow
- usb: dwc2: host: Fix ISOC flow in DDMA mode
- usb: dwc2: gadget: Fix exiting from clock gating
- usb: dwc2: gadget: LPM flow fix
- usb: udc: remove warning when queue disabled ep
- usb: typec: Return size of buffer if pd_set operation succeeds
- usb: typec: ucsi: Clear EVENT_PENDING under PPM lock
- usb: typec: ucsi: Ack unsupported commands
- usb: typec: ucsi_acpi: Refactor and fix DELL quirk
- usb: typec: ucsi: Clear UCSI_CCI_RESET_COMPLETE before reset
- scsi: qla2xxx: Prevent command send on chip reset
- scsi: qla2xxx: Fix N2N stuck connection
- scsi: qla2xxx: Split FCE|EFT trace control
- scsi: qla2xxx: Update manufacturer detail
- scsi: qla2xxx: NVME|FCP prefer flag not being honored
- scsi: qla2xxx: Fix command flush on cable pull
- scsi: qla2xxx: Fix double free of fcport
- scsi: qla2xxx: Change debug message during driver unload
- scsi: qla2xxx: Delay I/O Abort on PCI error
- [x86] cpu: Enable STIBP on AMD if Automatic IBRS is enabled
- tls: fix use-after-free on failed backlog decryption (CVE-2024-26800)
- scsi: lpfc: Correct size for cmdwqe/rspwqe for memset()
- scsi: lpfc: Correct size for wqe for memset()
- scsi: libsas: Add a helper sas_get_sas_addr_and_dev_type()
- scsi: libsas: Fix disk not being scanned in after being removed
- [x86] sev: Skip ROM range scans and validation for SEV-SNP guests
- USB: core: Fix deadlock in usb_deauthorize_interface()
- tools/resolve_btfids: fix build with musl libc
https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.85
- scripts/bpf_doc: Use silent mode when exec make cmd
- dma-buf: Fix NULL pointer dereference in sanitycheck()
- nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet
- mlxbf_gige: stop PHY during open() error paths
- wifi: iwlwifi: mvm: rfi: fix potential response leaks
- ixgbe: avoid sleeping allocation in ixgbe_ipsec_vf_add_sa()
- [s390x] qeth: handle deferred cc1
- tcp: properly terminate timers for kernel sockets
- net: wwan: t7xx: Split 64bit accesses to fix alignment issues
- [arm64] net: hns3: fix index limit to support all queue stats
- [arm64] net: hns3: fix kernel crash when devlink reload during pf
initialization
- [arm64] net: hns3: mark unexcuted loopback test result as UNEXECUTED
- tls: recv: process_rx_list shouldn't use an offset with kvec
- tls: adjust recv return with async crypto and failed copy to userspace
- tls: get psock ref after taking rxlock to avoid leak
- mlxbf_gige: call request_irq() after NAPI initialized
- bpf: Protect against int overflow for stack access size
- cifs: Fix duplicate fscache cookie warnings
- net: lan743x: Add set RFE read fifo threshold for PCI1x1x chips
- inet: inet_defrag: prevent sk release while still in use
- dm integrity: fix out-of-range warning
- [x86] cpufeatures: Add new word for scattered features
- [x86] perf/x86/amd/lbr: Use freeze based on availability
- [arm64] KVM: arm64: Fix host-programmed guest events in nVHE
- r8169: fix issue caused by buggy BIOS on certain boards with RTL8168d
- [x86] cpufeatures: Add CPUID_LNX_5 to track recently added Linux-defined
word
- Revert "Bluetooth: hci_qca: Set BDA quirk bit if fwnode exists in DT"
- [arm64] dts: qcom: sc7180-trogdor: mark bluetooth address as broken
- Bluetooth: qca: fix device-address endianness
- Bluetooth: add quirk for broken address properties
- Bluetooth: hci_event: set the conn encrypted before conn establishes
- Bluetooth: Fix TOCTOU in HCI debugfs implementation (CVE-2024-24857,
CVE-2024-24858)
- xen-netfront: Add missing skb_mark_for_recycle
- net/rds: fix possible cp null dereference
- net: usb: ax88179_178a: avoid the interface always configured as random
address
- vsock/virtio: fix packet delivery to tap device
- Revert "x86/mm/ident_map: Use gbpages only where full GB page should be
mapped."
- netfilter: nf_tables: reject new basechain after table flag update
- netfilter: nf_tables: flush pending destroy work before exit_net release
- netfilter: nf_tables: Fix potential data-race in
__nft_flowtable_type_get()
- netfilter: validate user input for expected length
- vboxsf: Avoid an spurious warning if load_nls_xxx() fails
- bpf, sockmap: Prevent lock inversion deadlock in map delete elem
- net/sched: act_skbmod: prevent kernel-infoleak
- net/sched: fix lockdep splat in qdisc_tree_reduce_backlog()
- net: stmmac: fix rx queue priority assignment
- net: phy: micrel: lan8814: Fix when enabling/disabling 1-step timestamping
- net: phy: micrel: Fix potential null pointer dereference
- gro: fix ownership transfer
- [x86] bugs: Fix the SRSO mitigation on Zen3/4
- [x86] retpoline: Do the necessary fixup to the Zen3/4 srso return thunk
for !SRSO
- i40e: Fix VF MAC filter removal
- erspan: make sure erspan_base_hdr is present in skb->head
- ipv6: Fix infinite recursion in fib6_dump_done().
- mlxbf_gige: stop interface during shutdown
- r8169: skip DASH fw status checks when DASH is disabled
- udp: do not accept non-tunnel GSO skbs landing in a tunnel
- udp: do not transition UDP GRO fraglist partial checksums to unnecessary
- udp: prevent local UDP tunnel packets from being GROed
- i40e: fix i40e_count_filters() to count only active/new filters
- i40e: fix vf may be used uninitialized in this function warning
- drm/amd: Evict resources during PM ops prepare() callback
- drm/amd: Add concept of running prepare_suspend() sequence for IP blocks
- drm/amd: Flush GFXOFF requests in prepare stage
- i40e: Store the irq number in i40e_q_vector
- i40e: Remove _t suffix from enum type names
- i40e: Enforce software interrupt during busy-poll exit
- r8169: use spinlock to protect mac ocp register access
- r8169: use spinlock to protect access to registers Config2 and Config5
- r8169: prepare rtl_hw_aspm_clkreq_enable for usage in atomic context
- tcp: Fix bind() regression for v6-only wildcard and v4(-mapped-v6)
non-wildcard addresses.
- drivers: net: convert to boolean for the mac_managed_pm flag
- net: fec: Set mac_managed_pm during probe
- [x86] KVM: SVM: enhance info printk's in SEV init
- [x86] KVM: SVM: WARN, but continue, if misc_cg_set_capacity() fails
- [x86] KVM: SVM: Use unsigned integers when dealing with ASIDs
- [x86] KVM: SVM: Add support for allowing zero SEV ASIDs
- fs/pipe: Fix lockdep false-positive in watchqueue pipe_write()
- 9p: Fix read/write debug statements to report server reply
- drivers/perf: riscv: Disable PERF_SAMPLE_BRANCH_* while not supported
- drm/panfrost: fix power transition timeout warnings
- ASoC: rt5682-sdw: fix locking sequence
- [x86] ASoC: rt711-sdca: fix locking sequence
- ASoC: rt711-sdw: fix locking sequence
- ASoC: ops: Fix wraparound for mask in snd_soc_get_volsw
- ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit
- scsi: mylex: Fix sysfs buffer lengths
- scsi: sd: Unregister device if device_add_disk() failed in sd_probe()
- cifs: Fix caching to try to do open O_WRONLY as rdwr on server
- ata: sata_mv: Fix PCI device ID table declaration compilation warning
- nfsd: hold a lighter-weight client reference over CB_RECALL_ANY
- [x86] retpoline: Add NOENDBR annotation to the SRSO dummy return thunk
- ksmbd: don't send oplock break if rename fails
- ksmbd: validate payload size in ipc response (CVE-2024-26811)
- ksmbd: do not set SMB2_GLOBAL_CAP_ENCRYPTION for SMB 3.1.1
- ALSA: hda/realtek - Fix inactive headset mic jack
- ALSA: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with
microphone
- driver core: Introduce device_link_wait_removal()
- of: dynamic: Synchronize of_changeset_destroy() with the devlink removals
- [x86] mm/pat: fix VM_PAT handling in COW mappings
- [x86] mce: Make sure to grab mce_sysfs_mutex in set_bank()
- [x86] coco: Require seeding RNG with RDRAND on CoCo systems
- [s390x] entry: align system call table on 8 bytes
- smb3: retrying on failed server close
- smb: client: fix potential UAF in cifs_debug_files_proc_show()
- smb: client: fix potential UAF in cifs_stats_proc_write()
- smb: client: fix potential UAF in cifs_stats_proc_show()
- smb: client: fix potential UAF in smb2_is_valid_oplock_break()
- smb: client: fix potential UAF in smb2_is_valid_lease_break()
- smb: client: fix potential UAF in is_valid_oplock_break()
- smb: client: fix potential UAF in smb2_is_network_name_deleted()
- smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect()
- mptcp: don't account accept() of non-MPC client as fallback to TCP
- mm/secretmem: fix GUP-fast succeeding on secretmem folios
- nvme: fix miss command type check
- [x86] bugs: Change commas to semicolons in 'spectre_v2' sysfs file
- [x86] syscall: Don't force use of indirect calls for system calls
- [x86] Mitigate Native Branch History Injection vulnerability
(CVE-2024-2201):
+ [x86] bhi: Add support for clearing branch history at syscall entry
+ [x86] bhi: Define SPEC_CTRL_BHI_DIS_S
+ [x86] bhi: Enumerate Branch History Injection (BHI) bug
+ [x86] bhi: Add BHI mitigation knob
+ [x86] bhi: Mitigate KVM by default
+ [x86] KVM: x86: Add BHI_NO
+ [x86] set SPECTRE_BHI_ON as default
.
[ Salvatore Bonaccorso ]
* Bump ABI to 20
* Refresh "efi: Lock down the kernel if booted in secure boot mode" (context
changes in 6.1.84)
* [rt] Refresh "serial: 8250: implement write_atomic"
* Refresh "x86: Make x32 syscall support conditional on a kernel parameter"
* tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc
(Closes: #1068770)
* Revert "scsi: sd: usb_storage: uas: Access media prior to querying device
properties" (Closes: #1068675)
* Revert "scsi: core: Add struct for args to execution functions"
* scsi: sd: usb_storage: uas: Access media prior to querying device properties
Checksums-Sha1:
96e8580cb1462ba438fc28d27cdf06c154308756 290924 linux_6.1.85-1.dsc
86985ea19cf9db504e226f0a70a6cf848819af06 137597252 linux_6.1.85.orig.tar.xz
e8234e6475fbaefca69cacd1f9b62fd7fb1f68b6 1627960 linux_6.1.85-1.debian.tar.xz
e5b81a00a9ded9a8afda139d264bf89fb1969020 7117 linux_6.1.85-1_source.buildinfo
Checksums-Sha256:
4b9de409835ac055d92e13763c4228dfb706f40c61352e512fdc98245f24f1d7 290924 linux_6.1.85-1.dsc
528d48ab19f355c6706263723cfda108492ac2dcb4de8af21f8b1676c8373d7d 137597252 linux_6.1.85.orig.tar.xz
99cc3b914e71fade4613d90c895232c16268565b8d04ee765e6c553b770d0d00 1627960 linux_6.1.85-1.debian.tar.xz
2cc607f072d991c8c7c4c648cc9b0508c222c8a3f5310eed8909e1cd4d14620a 7117 linux_6.1.85-1_source.buildinfo
Files:
f801414be0ef36d4aa5d222a272474ba 290924 kernel optional linux_6.1.85-1.dsc
fdb3b2b8121867f9afbfb10d3228e503 137597252 kernel optional linux_6.1.85.orig.tar.xz
ef7c37741e655176e7a9d80f957aaf79 1627960 kernel optional linux_6.1.85-1.debian.tar.xz
0aae449aad4f075e10bf6326d163d196 7117 kernel optional linux_6.1.85-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmYYVBVfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EvbkP/2Zd6wVKsV/Z/2GoghzAtDleF35//r+8
7nubdrpLCeAzZOijTZgY7ERF8FplM0SH/TkN4WfBeixUoiLOGBTQ+/UsIDD10uX6
BghmyU6NS1yzWBdEfyrNlexF0qe+3oL32myPP6khgN+MwLD9pgXCY+drWDiP/TJL
oCrSRCoJk+ctidxAUDFTfliiqHnCp7grmrbPfYBpsEimTJ/ajJYDNmSgU6z2gqXF
5yrblZl3r3/43HwiWcuSjq1OW/YNIiaPiThN2VXwQjQEUzXbVVsC+dHIOjj0/xQ/
nLo/A2le1DCY+YsbCMQAgRPb8UD5hjR+XNjoN/kOOmdyBlhZN1VEvZ/zbBhWt5B4
pUBQbN1nqQQsFbri698oV/yYa//QfvHojmRDeJaJ0zXEpXmJwp7GFumsJLJFXjS8
E/RI92jWvAnHuc2UrWFWaOxI0VOM9frQZl3gVseyOAlUlRVI7CGl0syAA2jHmgYU
aX65qphzNf6z0P4mlu8fSeezzhEJawXiYxtfuYcfQCxeRatMt+pXJkof6r5kntO+
lGYpiRyRYS4UP71MDg+TSHjsJC45/vyg0chbAPZbd/Z7qSoazRqWvcUD+7ffx/KQ
aOfnd6EyrulLmM52LLUloE1pkKUhUpSjblZtIwQg33v1SrtyfjSUlKWkQrZYzrSJ
vMoPNRn/MHu5
=48oX
-----END PGP SIGNATURE-----
Attachment:
pgpkMe6jurwQW.pgp
Description: PGP signature