[PATCH 3/4] MODSIGN: checking the blacklisted hash before loading a kernel module
Origin: https://lore.kernel.org/patchwork/patch/933175/
This patch adds the logic for checking the kernel module's hash
base on blacklist. The hash must be generated by sha256 and enrolled
to dbx/mokx.
For example:
sha256sum sample.ko
mokutil --mokx --import-hash $HASH_RESULT
Whether the signature on ko file is stripped or not, the hash can be
compared by kernel.
Cc: David Howells <dhowells@redhat.com>
Cc: Josh Boyer <jwboyer@fedoraproject.org>
Cc: James Bottomley <James.Bottomley@HansenPartnership.com>
Signed-off-by: "Lee, Chun-Yi" <jlee@suse.com>
[Rebased by Luca Boccassi]
Gbp-Pq: Topic features/all/db-mok-keyring
Gbp-Pq: Name 0003-MODSIGN-checking-the-blacklisted-hash-before-loading-a-kernel-module.patch
[PATCH 2/3] af_802154: Disable auto-loading as mitigation against local exploits
Forwarded: not-needed
Recent review has revealed several bugs in obscure protocol
implementations that can be exploited by local users for denial of
service or privilege escalation. We can mitigate the effect of any
remaining vulnerabilities in such protocols by preventing unprivileged
users from loading the modules, so that they are only exploitable on
systems where the administrator has chosen to load the protocol.
The 'af_802154' (IEEE 802.15.4) protocol is not widely used, was
not present in the 'lenny' kernel, and seems to receive only sporadic
maintenance. Therefore disable auto-loading.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic debian
Gbp-Pq: Name af_802154-Disable-auto-loading-as-mitigation-against.patch
Tweak gitignore for Debian pkg-kernel using git svn.
Forwarded: not-needed
[bwh: Tweak further for pure git]
Gbp-Pq: Topic debian
Gbp-Pq: Name gitignore.patch
linux (5.10.191-1) bullseye-security; urgency=high
* New upstream stable update:
https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.180
- seccomp: Move copy_seccomp() to no failure path.
- [arm64] KVM: arm64: Fix buffer overflow in kvm_arm_set_fw_reg()
- wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
(CVE-2023-1380)
- drm/fb-helper: set x/yres_virtual in drm_fb_helper_check_var
- bluetooth: Perform careful capability checks in hci_sock_ioctl()
(CVE-2023-2002)
- [x86] fpu: Prevent FPU state corruption
- USB: serial: option: add UNISOC vendor and TOZED LT70C product
- driver core: Don't require dynamic_debug for initcall_debug probe timing
- [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Acer Iconia One 7
B1-750
- asm-generic/io.h: suppress endianness warnings for readq() and writeq()
- wireguard: timers: cast enum limits members to int in prints
- PCI: pciehp: Fix AB-BA deadlock between reset_lock and device_lock
- [arm64] PCI: qcom: Fix the incorrect register usage in v2.7.0 config
- [arm64,armhf] USB: dwc3: fix runtime pm imbalance on probe errors
- [arm64,armhf] USB: dwc3: fix runtime pm imbalance on unbind
- [x86] hwmon: (k10temp) Check range scale when CUR_TEMP register is
read-write
- hwmon: (adt7475) Use device_property APIs when configuring polarity
- posix-cpu-timers: Implement the missing timer_wait_running callback
- perf sched: Cast PTHREAD_STACK_MIN to int as it may turn into
sysconf(__SC_THREAD_STACK_MIN_VALUE)
- blk-mq: release crypto keyslot before reporting I/O complete
- blk-crypto: make blk_crypto_evict_key() return void
- blk-crypto: make blk_crypto_evict_key() more robust
- ext4: use ext4_journal_start/stop for fast commit transactions
- xhci: fix debugfs register accesses while suspended
- tick/nohz: Fix cpu_is_hotpluggable() by checking with nohz subsystem
- [mips*] fw: Allow firmware to pass a empty env
- ipmi:ssif: Add send_retries increment
- ipmi: fix SSIF not responding under certain cond.
- kheaders: Use array declaration instead of char
- [arm64,armhf] pwm: meson: Fix axg ao mux parents
- [arm64,armhf] pwm: meson: Fix g12a ao clk81 name
- ring-buffer: Sync IRQ works before buffer destruction
- crypto: api - Demote BUG_ON() in crypto_unregister_alg() to a WARN_ON()
- [arm64] crypto: safexcel - Cleanup ring IRQ workqueues on load failure
- rcu: Avoid stack overflow due to __rcu_irq_enter_check_tick() being
kprobe-ed
- reiserfs: Add security prefix to xattr name in reiserfs_security_write()
- [x86] KVM: nVMX: Emulate NOPs in L2, and PAUSE if it's not intercepted
- relayfs: fix out-of-bounds access in relay_file_read (CVE-2023-3268)
- writeback, cgroup: fix null-ptr-deref write in bdi_split_work_to_wbs
- [armhf] i2c: omap: Fix standard mode false ACK readings
- [amd64] iommu/amd: Fix "Guest Virtual APIC Table Root Pointer"
configuration in IRTE
- Revert "ubifs: dirty_cow_znode: Fix memleak in error handling path"
- ubifs: Fix memleak when insert_old_idx() failed
- ubi: Fix return value overwrite issue in try_write_vid_and_data()
- ubifs: Free memory for tmpfile name
- nilfs2: do not write dirty data after degenerating to read-only
- nilfs2: fix infinite loop in nilfs_mdt_get_block()
- md/raid10: fix null-ptr-deref in raid10_sync_request
- [arm64] mailbox: zynqmp: Fix IPI isr handling
- [arm64] mailbox: zynqmp: Fix typo in IPI documentation
- wifi: rtl8xxxu: RTL8192EU always needs full init
- [arm64,armhf] clk: rockchip: rk3399: allow clk_cifout to force
clk_cifout_src to reparent
- rcu: Fix missing TICK_DEP_MASK_RCU_EXP dependency check
- selinux: fix Makefile dependencies of flask.h
- selinux: ensure av_permissions.h is built when needed
- tpm, tpm_tis: Do not skip reset of original interrupt vector
- tpm, tpm_tis: Claim locality before writing TPM_INT_ENABLE register
- tpm, tpm_tis: Disable interrupts if tpm_tis_probe_irq() failed
- tpm, tpm_tis: Claim locality before writing interrupt registers
- tpm, tpm: Implement usage counter for locality
- tpm, tpm_tis: Claim locality when interrupts are reenabled on resume
- erofs: stop parsing non-compact HEAD index if clusterofs is invalid
- erofs: fix potential overflow calculating xattr_isize
- [arm64,armhf] drm/rockchip: Drop unbalanced obj unref
- drm/vgem: add missing mutex_destroy
- drm/probe-helper: Cancel previous job before starting new one
- [arm64] drm/msm/disp/dpu: check for crtc enable rather than crtc active to
release shared resources
- [amd64] EDAC/skx: Fix overflows on the DRAM row address mapping arrays
- [x86] MCE/AMD: Use an u64 for bank_map
- [arm64] firmware: qcom_scm: Clear download bit during reboot
- [arm64] drm/bridge: adv7533: Fix adv7533_mode_valid for adv7533 and
adv7535
- [arm64] drm/msm/adreno: Defer enabling runpm until hw_init()
- [arm64] drm/msm/adreno: drop bogus pm_runtime_set_active()
- [arm64] drm: msm: adreno: Disable preemption on Adreno 510
- [x86] ACPI: processor: Fix evaluating _PDC method when running as Xen dom0
- [arm64] mmc: sdhci-of-esdhc: fix quirk to ignore command inhibit for data
- [arm64,armhf] drm/lima/lima_drv: Add missing unwind goto in
lima_pdev_probe()
- regulator: core: Consistently set mutex_owner when using
ww_mutex_lock_slow()
- regulator: core: Avoid lockdep reports when resolving supplies
- media: dm1105: Fix use after free bug in dm1105_remove due to race
condition (CVE-2023-35824)
- media: saa7134: fix use after free bug in saa7134_finidev due to race
condition (CVE-2023-35823)
- [x86] apic: Fix atomic update of offset in reserve_eilvt_offset()
- [x86] ioapic: Don't return 0 from arch_dynirq_lower_bound()
- debugobject: Prevent init race with static objects
- [x86] drm/i915: Make intel_get_crtc_new_encoder() less oopsy
- tick/sched: Use tick_next_period for lockless quick check
- tick/sched: Reduce seqcount held scope in tick_do_update_jiffies64()
- tick/sched: Optimize tick_do_update_jiffies64() further
- tick: Get rid of tick_period
- tick/common: Align tick period with the HZ tick.
- wifi: ath6kl: minor fix for allocation size
- wifi: ath9k: hif_usb: fix memory leak of remain_skbs
- wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list()
- wifi: ath6kl: reduce WARN to dev_dbg() in callback
- tools: bpftool: Remove invalid \' json escape
- wifi: rtw88: mac: Return the original error from rtw_pwr_seq_parser()
- wifi: rtw88: mac: Return the original error from rtw_mac_power_switch()
- bpf: take into account liveness when propagating precision
- bpf: fix precision propagation verbose logging
- scm: fix MSG_CTRUNC setting condition for SO_PASSSEC
- bpf: Remove misleading spec_v1 check on var-offset stack read
- vlan: partially enable SIOCSHWTSTAMP in container
- net/packet: annotate accesses to po->xmit
- net/packet: convert po->origdev to an atomic flag
- net/packet: convert po->auxdata to an atomic flag
- scsi: target: Rename struct sense_info to sense_detail
- scsi: target: Rename cmd.bad_sector to cmd.sense_info
- scsi: target: Make state_list per CPU
- scsi: target: Fix multiple LUN_RESET handling
- scsi: target: iscsit: Fix TAS handling during conn cleanup
- scsi: megaraid: Fix mega_cmd_done() CMDID_INT_CMDS
- f2fs: handle dqget error in f2fs_transfer_project_quota()
- f2fs: enforce single zone capacity
- f2fs: apply zone capacity to all zone type
- f2fs: compress: fix to call f2fs_wait_on_page_writeback() in
f2fs_write_raw_pages()
- [arm64] crypto: caam - Clear some memory in instantiate_rng
- wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_rfreg()
- wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_reg()
- net: qrtr: correct types of trace event parameters
- bpftool: Fix bug for long instructions in program CFG dumps
- crypto: drbg - make drbg_prepare_hrng() handle jent instantiation errors
- crypto: drbg - Only fail when jent is unavailable in FIPS mode
- xsk: Fix unaligned descriptor validation
- f2fs: fix to avoid use-after-free for cached IPU bio
- scsi: lpfc: Fix ioremap issues in lpfc_sli4_pci_mem_setup()
- [arm64,armhf] net: ethernet: stmmac: dwmac-rk: fix optional phy regulator
handling
- bpf, sockmap: fix deadlocks in the sockhash and sockmap
- nvme: handle the persistent internal error AER
- nvme: fix async event trace event
- bpf, sockmap: Revert buggy deadlock fix in the sockhash and sockmap
- md/raid10: fix leak of 'r10bio->remaining' for recovery
- md/raid10: fix memleak for 'conf->bio_split'
- md/raid10: fix memleak of md thread
- wifi: iwlwifi: yoyo: Fix possible division by zero
- wifi: iwlwifi: fw: move memset before early return
- jdb2: Don't refuse invalidation of already invalidated buffers
- wifi: iwlwifi: make the loop for card preparation effective
- wifi: iwlwifi: mvm: check firmware response size
- wifi: iwlwifi: fw: fix memory leak in debugfs
- ixgbe: Allow flow hash to be set via ethtool
- ixgbe: Enable setting RSS table to default values
- bpf: Don't EFAULT for getsockopt with optval=NULL
- netfilter: nf_tables: don't write table validation state without mutex
- net/sched: sch_fq: fix integer overflow of "credit"
- ipv4: Fix potential uninit variable access bug in __ip_make_skb()
- Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to
unfinished work"
- netlink: Use copy_to_user() for optval in netlink_getsockopt().
- net: amd: Fix link leak when verifying config failed
- tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp.
- pstore: Revert pmsg_lock back to a normal mutex
- [arm64,armhf] usb: dwc3: gadget: Change condition for processing suspend
event
- fpga: bridge: fix kernel-doc parameter description
- iio: light: max44009: add missing OF device matching
- [armhf] spi: spi-imx: using pm_runtime_resume_and_get instead of
pm_runtime_get_sync
- [armhf] spi: imx: Don't skip cleanup in remove's error path
- [armhf] PCI: imx6: Install the fault handler only on compatible match
- ASoC: es8316: Use IRQF_NO_AUTOEN when requesting the IRQ
- ASoC: es8316: Handle optional IRQ assignment
- linux/vt_buffer.h: allow either builtin or modular for macros
- [arm64] spi: qup: Don't skip cleanup in remove's error path
- [x86] vmci_host: fix a race condition in vmci_host_poll() causing GPF
- of: Fix modalias string generation
- [arm64,armhf] usb: chipidea: fix missing goto in `ci_hdrc_probe`
- [arm64] tty: serial: fsl_lpuart: adjust buffer length to the intended size
- serial: 8250: Add missing wakeup event reporting
- [x86] staging: rtl8192e: Fix W_DISABLE# does not work after stop/start
- [arm64] spmi: Add a check for remove callback when removing a SPMI driver
- [powerpc*] rtas: use memmove for potentially overlapping buffer copy
- perf/core: Fix hardlockup failure caused by perf throttle
- [amd64] RDMA/rdmavt: Delete unnecessary NULL check
- workqueue: Rename "delayed" (delayed by active management) to "inactive"
- workqueue: Fix hung time report of worker pools
- [armhf] rtc: omap: include header for omap_rtc_power_off_program prototype
- RDMA/mlx4: Prevent shift wrapping in set_user_sq_size()
- [arm64,armhf] rtc: meson-vrtc: Use ktime_get_real_ts64() to get the
current time
- clk: add missing of_node_put() in "assigned-clocks" property parsing
- RDMA/siw: Remove namespace check from siw_netdev_event()
- RDMA/cm: Trace icm_send_rej event before the cm state is reset
- RDMA/srpt: Add a check for valid 'mad_agent' pointer
- [amd64] IB/hfi1: Fix SDMA mmu_rb_node not being evicted in LRU order
- [amd64] IB/hfi1: Add AIP tx traces
- [amd64] IB/hfi1: Add additional usdma traces
- [amd64] IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA
requests
- NFSv4.1: Always send a RECLAIM_COMPLETE after establishing lease
- [arm*] firmware: raspberrypi: Introduce devm_rpi_firmware_get()
- RDMA/mlx5: Fix flow counter query via DEVX
- SUNRPC: remove the maximum number of retries in call_bind_status
- RDMA/mlx5: Use correct device num_ports when modify DC
- ext4: fix use-after-free read in ext4_find_extent for bigalloc + inline
- [arm64] dmaengine: mv_xor_v2: Fix an error code.
- [armhf] leds: tca6507: Fix error handling of using
fwnode_property_read_string
- [arm64,armhf] phy: tegra: xusb: Add missing tegra_xusb_port_unregister for
usb2_port and ulpi_port
- afs: Fix updating of i_size with dv jump from server
- btrfs: scrub: reject unsupported scrub flags
- [s390x] dasd: fix hanging blockdevice after request requeue
- dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path
- dm flakey: fix a crash with invalid table line
- dm ioctl: fix nested locking in table_clear() to remove deadlock concern
(CVE-2023-2269)
- perf auxtrace: Fix address filter entire kernel size
- perf intel-pt: Fix CYC timestamps after standalone CBR
- [arm64] Always load shadow stack pointer directly from the task struct
- [arm64] Stash shadow stack pointer in the task struct on interrupt
- debugobject: Ensure pool refill (again)
- scsi: target: core: Avoid smp_processor_id() in preemptible code
- tty: create internal tty.h file
- tty: audit: move some local functions out of tty.h
- tty: move some internal tty lock enums and functions out of tty.h
- tty: move some tty-only functions to drivers/tty/tty.h
- tty: clean include/linux/tty.h up
- tty: Prevent writing chars during tcsetattr TCSADRAIN/FLUSH
- ring-buffer: Ensure proper resetting of atomic variables in
ring_buffer_reset_online_cpus
- [amd64] crypto: ccp - Clear PSP interrupt status register before calling
handler
- [arm64] mailbox: zynq: Switch to flexible array to simplify code
- [arm64] mailbox: zynqmp: Fix counts of child nodes
- dm verity: skip redundant verity_handle_err() on I/O errors
- dm verity: fix error handling for check_at_most_once on FEC
- scsi: qedi: Fix use after free bug in qedi_remove()
- [armhf] net/ncsi: clear Tx enable mode when handling a Config required AEN
- net/sched: cls_api: remove block_cb from driver_list before freeing
- sit: update dev->needed_headroom in ipip6_tunnel_bind_dev()
- [arm64,armhf] net: dsa: mv88e6xxx: add mv88e6321 rsvd2cpu
- writeback: fix call of incorrect macro
- [arm64,armhf] watchdog: dw_wdt: Fix the error handling path of
dw_wdt_drv_probe()
- net/sched: act_mirred: Add carrier check
- sfc: Fix module EEPROM reporting for QSFP modules
- rxrpc: Fix hard call timeout units
- af_packet: Don't send zero-byte data in packet_sendmsg_spkt().
- drm/amdgpu: add a missing lock for AMDGPU_SCHED
- ALSA: caiaq: input: Add error handling for unsupported input methods in
`snd_usb_caiaq_input_init`
- virtio_net: split free_unused_bufs()
- virtio_net: suppress cpu stall when free_unused_bufs
- [arm64] net: enetc: check the index of the SFI rather than the handle
- crypto: sun8i-ss - Fix a test in sun8i_ss_setup_ivs()
- btrfs: fix btrfs_prev_leaf() to not return the same key twice
- btrfs: don't free qgroup space unless specified
- btrfs: print-tree: parent bytenr must be aligned to sector size
- cifs: fix pcchunk length type in smb2_copychunk_range
- inotify: Avoid reporting event with invalid wd
- [armhf] remoteproc: stm32: Call of_node_put() on iteration error
- [armhf] dts: exynos: fix WM8960 clock name in Itop Elite
- f2fs: fix potential corruption when moving a directory
- [armhf] drm/panel: otm8009a: Set backlight parent to panel device
- drm/amdgpu: fix an amdgpu_irq_put() issue in gmc_v9_0_hw_fini()
- drm/amdgpu/gfx: disable gfx9 cp_ecc_error_irq only when enabling legacy
gfx ras
- drm/amdgpu: disable sdma ecc irq only when sdma RAS is enabled in suspend
- HID: wacom: Set a default resolution for older tablets
- HID: wacom: insert timestamp to packed Bluetooth (BT) events
- [x86] KVM: x86: do not report a vCPU as preempted outside instruction
boundaries (CVE-2022-39189)
- ext4: fix WARNING in mb_find_extent
- ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
(CVE-2023-34256)
- ext4: fix data races when using cached status extents
- ext4: check iomap type only if ext4_iomap_begin() does not fail
- ext4: improve error recovery code paths in __ext4_remount()
- ext4: fix deadlock when converting an inline directory in nojournal mode
- ext4: add bounds checking in get_max_inline_xattr_value_size()
- ext4: bail out of ext4_xattr_ibody_get() fails for any reason
- ext4: remove a BUG_ON in ext4_mb_release_group_pa()
- ext4: fix invalid free tracking in ext4_xattr_move_to_block()
- serial: 8250: Fix serial8250_tx_empty() race with DMA Tx
- drbd: correctly submit flush bio on barrier
- [x86] KVM: x86: Ensure PV TLB flush tracepoint reflects KVM behavior
- [x86] KVM: x86: Fix recording of guest steal time / preempted status
- [x86] KVM: Fix steal time asm constraints
- [x86] KVM: x86: Remove obsolete disabling of page faults in
kvm_arch_vcpu_put()
- [x86] KVM: x86: do not set st->preempted when going back to user space
- [x86] KVM: x86: revalidate steal time cache if MSR value changes
- [x86] KVM: x86: do not report preemption if the steal time cache is stale
- [x86] KVM: x86: move guest_pv_has out of user_access section
- printk: declare printk_deferred_{enter,safe}() in include/linux/printk.h
- [armhf] drm/exynos: move to use request_irq by IRQF_NO_AUTOEN flag
- mm/page_alloc: fix potential deadlock on zonelist_update_seq seqlock
- drm/amd/display: Fix hang when skipping modeset
https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.181
- driver core: add a helper to setup both the of_node and fwnode of a device
- drm/mipi-dsi: Set the fwnode for mipi_dsi_device
- linux/dim: Do nothing if no time delta between samples
- net: Fix load-tearing on sk->sk_stamp in sock_recv_cmsgs().
- netfilter: conntrack: fix possible bug_on with enable_hooks=1
- netlink: annotate accesses to nlk->cb_running
- net: annotate sk->sk_err write from do_recvmmsg()
- net: deal with most data-races in sk_wait_event()
- net: tap: check vlan with eth_type_vlan() method
- net: add vlan_get_protocol_and_depth() helper
- tcp: factor out __tcp_close() helper
- tcp: add annotations around sk->sk_shutdown accesses
- ipvlan:Fix out-of-bounds caused by unclear skb->cb (CVE-2023-3090)
- net: datagram: fix data-races in datagram_poll()
- af_unix: Fix a data race of sk->sk_receive_queue->qlen.
- af_unix: Fix data races around sk->sk_shutdown.
- [x86] drm/i915/dp: prevent potential div-by-zero
- [x86] fbdev: arcfb: Fix error handling in arcfb_probe()
- ext4: remove an unused variable warning with CONFIG_QUOTA=n
- ext4: reflect error codes from ext4_multi_mount_protect() to its callers
- ext4: don't clear SB_RDONLY when remounting r/w until quota is re-enabled
- ext4: fix lockdep warning when enabling MMP
- ext4: remove redundant mb_regenerate_buddy()
- ext4: drop s_mb_bal_lock and convert protected fields to atomic
- ext4: add mballoc stats proc file
- ext4: allow to find by goal if EXT4_MB_HINT_GOAL_ONLY is set
- ext4: allow ext4_get_group_info() to fail
- rcu: Protect rcu_print_task_exp_stall() ->exp_tasks access
- fs: hfsplus: remove WARN_ON() from hfsplus_cat_{read,write}_inode()
- drm/amd/display: Use DC_LOG_DC in the trasform pixel function
- regmap: cache: Return error in cache sync operations for REGCACHE_NONE
- memstick: r592: Fix UAF bug in r592_remove due to race condition
(CVE-2023-3141)
- firmware: arm_sdei: Fix sleep from invalid context BUG
- ACPI: EC: Fix oops when removing custom query handlers
- [armhf] remoteproc: stm32_rproc: Add mutex protection for workqueue
- [arm64,armhf] drm/tegra: Avoid potential 32-bit integer overflow
- ACPICA: Avoid undefined behavior: applying zero offset to null pointer
- ACPICA: ACPICA: check null return of ACPI_ALLOCATE_ZEROED in
acpi_db_display_objects
- wifi: ath: Silence memcpy run-time false positive warning
- bpf: Annotate data races in bpf_local_storage
- wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex
- scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow
- net: Catch invalid index in XPS mapping
- scsi: target: iscsit: Free cmds before session free
- lib: cpu_rmap: Avoid use after free on rmap->obj array entries
- scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to
race condition
- gfs2: Fix inode height consistency check
- ext4: set goal start correctly in ext4_mb_normalize_request
- ext4: Fix best extent lstart adjustment logic in ext4_mb_new_inode_pa()
- f2fs: fix to drop all dirty pages during umount() if cp_error is set
- wifi: iwlwifi: pcie: fix possible NULL pointer dereference
- wifi: iwlwifi: pcie: Fix integer overflow in iwl_write_to_user_buf
- null_blk: Always check queue mode setting from configfs
- wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace
- wifi: ath11k: Fix SKB corruption in REO destination ring
- ipvs: Update width of source for ip_vs_sync_conn_options
- Bluetooth: hci_bcm: Fall back to getting bdaddr from EFI if not set
- Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp
- [x86] staging: rtl8192e: Replace macro RTL_PCI_DEVICE with PCI_DEVICE
- HID: logitech-hidpp: Don't use the USB serial for USB devices
- HID: logitech-hidpp: Reconcile USB and Unifying serials
- [armhf] spi: spi-imx: fix MX51_ECSPI_* macros when cs > 3
- HID: wacom: generic: Set battery quirk only when we see battery data
- usb: typec: tcpm: fix multiple times discover svids error
- serial: 8250: Reinit port->pm on port specific driver unbind
- recordmcount: Fix memory leaks in the uwrite function
- RDMA/core: Fix multiple -Warray-bounds warnings
- [arm64,armhf] iommu/arm-smmu-qcom: Limit the SMR groups to 128
- [arm64] iommu/arm-smmu-v3: Acknowledge pri/event queue overflow if any
- Input: xpad - add constants for GIP interface numbers
- btrfs: move btrfs_find_highest_objectid/btrfs_find_free_objectid to
disk-io.c
- btrfs: replace calls to btrfs_find_free_ino with btrfs_find_free_objectid
- btrfs: fix space cache inconsistency after error loading it from disk
- xfrm: don't check the default policy if the policy allows the packet
- Revert "Fix XFRM-I support for nested ESP tunnels"
- [arm64] drm/msm/dp: unregister audio driver during unbind
- [arm64] drm/msm/dpu: Remove duplicate register defines from INTF
- cpupower: Make TSC read per CPU for Mperf monitor
- af_key: Reject optional tunnel/BEET mode templates in outbound policies
- [arm64,armhf] net: fec: Better handle pm_runtime_get() failing in
.remove()
- net: phy: dp83867: add w/a for packet errors seen with short cables
- ALSA: firewire-digi00x: prevent potential use after free
- ALSA: hda/realtek: Apply HP B&O top speaker profile to Pavilion 15
- vsock: avoid to close connected socket after the timeout
- ipv4/tcp: do not use per netns ctl sockets
- net: Find dst with sk's xfrm policy not ctl_sk
- tcp: fix possible sk_priority leak in tcp_v4_send_reset()
- [armhf] serial: arc_uart: fix of_iomap leak in `arc_serial_probe`
- erspan: get the proto with the md version for collect_md
- [arm64] net: hns3: fix sending pfc frames after reset issue
- [arm64] net: hns3: fix reset delay time to avoid configuration timeout
- media: netup_unidvb: fix use-after-free at del_timer()
- SUNRPC: Fix trace_svc_register() call site
- net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment()
- net/tipc: fix tipc header files for kernel-doc
- tipc: add tipc_bearer_min_mtu to calculate min mtu
- tipc: do not update mtu if msg_max is too small in mtu negotiation
- tipc: check the bearer min mtu properly when setting it by netlink
- [arm64] net: bcmgenet: Remove phy_stop() from bcmgenet_netif_stop()
- [arm64] net: bcmgenet: Restore phy_stop() depending upon suspend/close
- wifi: mac80211: fix min center freq offset tracing
- wifi: iwlwifi: mvm: don't trust firmware n_channels
- [x86] scsi: storvsc: Don't pass unused PFNs to Hyper-V host
- cassini: Fix a memory leak in the error handling path of cas_init_one()
- igb: fix bit_shift to be in [1..8] range
- vlan: fix a potential uninit-value in vlan_dev_hard_start_xmit()
- netfilter: nft_set_rbtree: fix null deref on element insertion
- bridge: always declare tunnel functions
- ALSA: usb-audio: Add a sample rate workaround for Line6 Pod Go
- USB: usbtmc: Fix direction for 0-length ioctl control messages
- usb-storage: fix deadlock when a scsi command timeouts more than once
- [arm64,armhf] usb: dwc3: debugfs: Resume dwc3 before accessing registers
- usb: gadget: u_ether: Fix host MAC address case
- usb: typec: altmodes/displayport: fix pin_assignment_show
- ALSA: hda: Fix Oops by 9.1 surround channel names
- ALSA: hda: Add NVIDIA codec IDs a3 through a7 to patch table
- ALSA: hda/realtek: Add quirk for Clevo L140AU
- ALSA: hda/realtek: Add a quirk for HP EliteDesk 805
- ALSA: hda/realtek: Add quirk for 2nd ASUS GU603
- can: j1939: recvmsg(): allow MSG_CMSG_COMPAT flag
- can: isotp: recvmsg(): allow MSG_CMSG_COMPAT flag
- statfs: enforce statfs[64] structure initialization
- serial: Add support for Advantech PCI-1611U card
- vc_screen: reload load of struct vc_data pointer in vcs_write() to avoid
UAF
- ceph: force updating the msg pointer in non-split case
- tpm/tpm_tis: Disable interrupts for more Lenovo devices
- [powerpc*] 64s/radix: Fix soft dirty tracking
- nilfs2: fix use-after-free bug of nilfs_root in nilfs_evict_inode()
- HID: wacom: Force pen out of prox if no events have been received in a
while
- HID: wacom: Add new Intuos Pro Small (PTH-460) device IDs
- HID: wacom: add three styli to wacom_intuos_get_tool_type
- [arm64] KVM: arm64: Link position-independent string routines into
.hyp.text
- serial: 8250_exar: derive nr_ports from PCI ID for Acces I/O cards
- serial: exar: Add support for Sealevel 7xxxC serial cards
- serial: 8250_exar: Add support for USR298x PCI Modems
- [s390x] qdio: get rid of register asm
- [s390x] qdio: fix do_sqbs() inline assembly constraint
- [x86] watchdog: sp5100_tco: Immediately trigger upon starting.
- writeback, cgroup: remove extra percpu_ref_exit()
- net/sched: act_mirred: refactor the handle of xmit
- net/sched: act_mirred: better wording on protection against excessive
stack growth
- act_mirred: use the backlog for nested calls to mirred ingress
(CVE-2022-4269)
- ocfs2: Switch to security_inode_init_security()
- ALSA: hda/ca0132: add quirk for EVGA X299 DARK
- ALSA: hda: Fix unhandled register update during auto-suspend period
- ALSA: hda/realtek: Enable headset onLenovo M70/M90
- net: cdc_ncm: Deal with too low values of dwNtbOutMaxSize
- btrfs: use nofs when cleaning up aborted transactions
- dt-binding: cdns,usb3: Fix cdns,on-chip-buff-size type
- [x86] mm: Avoid incomplete Global INVLPG flushes
- [x86] topology: Fix erroneous smp_num_siblings on Intel Hybrid platforms
- debugobjects: Don't wake up kswapd from fill_pool()
- fbdev: udlfb: Fix endpoint check
- net: fix stack overflow when LRO is disabled for virtual interfaces
- udplite: Fix NULL pointer dereference in __sk_mem_raise_allocated().
- USB: core: Add routines for endpoint checks in old drivers
- USB: sisusbvga: Add endpoint checks
- media: radio-shark: Add endpoint checks
- net: fix skb leak in __skb_tstamp_tx()
- bpf: Fix mask generation for 32-bit narrow loads of 64-bit fields
- ipv6: Fix out-of-bounds access in ipv6_find_tlv()
- power: supply: leds: Fix blink to LED on transition
- power: supply: bq27xxx: Fix bq27xxx_battery_update() race condition
- power: supply: bq27xxx: Fix I2C IRQ race on remove
- power: supply: bq27xxx: Fix poll_interval handling and races on remove
- fs: fix undefined behavior in bit shift for SB_NOUSER
- [x86] show_trace_log_lvl: Ensure stack pointer is aligned, again
- [x86] ASoC: Intel: Skylake: Fix declaration of enum skl_ch_cfg
- [x86] forcedeth: Fix an error handling path in nv_probe()
- net/mlx5e: do as little as possible in napi poll when budget is 0
- net/mlx5: DR, Fix crc32 calculation to work on big-endian (BE) CPUs
- net/mlx5: Fix error message when failing to allocate device memory
- net/mlx5: Devcom, fix error flow in mlx5_devcom_register_device
- [x86] 3c589_cs: Fix an error handling path in tc589_probe()
- net: phy: mscc: add VSC8502 to MODULE_DEVICE_TABLE
https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.182
- [x86] cpu: Add Raptor Lake to Intel family
- [x86] cpu: Drop spurious underscore from RAPTOR_LAKE #define
- power: supply: bq27xxx: fix polarity of current_now
- power: supply: bq27xxx: fix sign of current_now for newer ICs
- power: supply: bq27xxx: make status more robust
- power: supply: bq27xxx: Add cache parameter to
bq27xxx_battery_current_and_status()
- power: supply: bq27xxx: expose battery data when CI=1
- power: supply: bq27xxx: Move bq27xxx_battery_update() down
- power: supply: bq27xxx: Ensure power_supply_changed() is called on current
sign changes
- power: supply: bq27xxx: After charger plug in/out wait 0.5s for things to
stabilize
- power: supply: core: Refactor
power_supply_set_input_current_limit_from_supplier()
- [x86] power: supply: bq24190: Call power_supply_changed() after updating
input current
- regulator: Add regmap helper for ramp-delay setting
- net/mlx5: devcom only supports 2 ports
- net/mlx5: Devcom, serialize devcom registration
- net: phy: mscc: enable VSC8501/2 RGMII RX clock
- bluetooth: Add cmd validity checks at the start of hci_sock_ioctl()
- [arm*] binder: fix UAF caused by faulty buffer cleanup (CVE-2023-21255)
- ipv{4,6}/raw: fix output xfrm lookup wrt protocol
- netfilter: ctnetlink: Support offloaded conntrack entry deletion
https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.183
- [arm64,armhf] iommu/rockchip: Fix unwind goto issue
- [amd64] iommu/amd: Don't block updates to GATag if guest mode is on
- [arm64,armhf] dmaengine: pl330: rename _start to prevent build error
- net/mlx5: fw_tracer, Fix event handling
- netrom: fix info-leak in nr_write_internal()
- af_packet: Fix data-races of pkt_sk(sk)->num.
- [amd64,arm64] amd-xgbe: fix the false linkup in xgbe_phy_status
- af_packet: do not use READ_ONCE() in packet_bind()
- tcp: deny tcp_disconnect() when threads are waiting
- tcp: Return user_mss for TCP_MAXSEG in CLOSE/LISTEN state if user_mss set
- net/sched: sch_ingress: Only create under TC_H_INGRESS
- net/sched: sch_clsact: Only create under TC_H_CLSACT
- net/sched: Reserve TC_H_INGRESS (TC_H_CLSACT) for ingress (clsact) Qdiscs
- net/sched: Prohibit regrafting ingress or clsact Qdiscs
- net: sched: fix NULL pointer dereference in mq_attach
- net/netlink: fix NETLINK_LIST_MEMBERSHIPS length report
- udp6: Fix race condition in udp6_sendmsg & connect
- net/mlx5: Read embedded cpu after init bit cleared
- net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
(CVE-2023-35788)
- [arm64,armhf] net: dsa: mv88e6xxx: Increase wait after reset deactivation
- [armhf] mtd: rawnand: marvell: ensure timing values are written
- [armhf] mtd: rawnand: marvell: don't set the NAND frequency select
- ALSA: hda: Glenfly: add HD Audio PCI IDs and HDMI Codec Vendor IDs.
- btrfs: abort transaction when sibling keys check fails for leaves
- [armel] ARM: 9295/1: unwind:fix unwind abort for uleb128 case
- gfs2: Don't deref jdesc in evict (CVE-2023-3212)
- fbdev: modedb: Add 1920x1080 at 60 Hz video mode
- nbd: Fix debugfs_create_dir error checking
- xfrm: Check if_id in inbound policy/secpath match
- ASoC: dt-bindings: Adjust #sound-dai-cells on TI's single-DAI codecs
- media: dvb_demux: fix a bug for the continuity counter
- media: dvb-usb: az6027: fix three null-ptr-deref in az6027_i2c_xfer()
- media: dvb-usb-v2: ec168: fix null-ptr-deref in ec168_i2c_xfer()
- media: dvb-usb-v2: ce6230: fix null-ptr-deref in ce6230_i2c_master_xfer()
- media: dvb-usb-v2: rtl28xxu: fix null-ptr-deref in rtl28xxu_i2c_xfer
- media: dvb-usb: digitv: fix null-ptr-deref in digitv_i2c_xfer()
- media: dvb-usb: dw2102: fix uninit-value in su3000_read_mac_address
- media: netup_unidvb: fix irq init by register it at the end of probe
- media: dvb_ca_en50221: fix a size write bug
- media: ttusb-dec: fix memory leak in ttusb_dec_exit_dvb()
- media: dvb-core: Fix use-after-free due on race condition at dvb_net
- media: dvb-core: Fix kernel WARNING for blocking operation in
wait_event*() (CVE-2023-31084)
- media: dvb-core: Fix use-after-free due to race condition at
dvb_ca_en50221
- wifi: rtl8xxxu: fix authentication timeout due to incorrect RCR value
- [arm64] mm: mark private VM_FAULT_X defines as vm_fault_t
- scsi: core: Decrease scsi_device's iorequest_cnt if dispatch failed
- netfilter: conntrack: define variables exp_nat_nla_policy and any_addr
with CONFIG_NF_NAT
- ALSA: oss: avoid missing-prototype warnings
- [arm64] drm/msm: Be more shouty if per-process pgtables aren't working
- atm: hide unused procfs functions
- HID: google: add jewel USB id
- HID: wacom: avoid integer overflow in wacom_intuos_inout()
- iio: imu: inv_icm42600: fix timestamp reset
- iio: light: vcnl4035: fixed chip ID check
- iio: dac: mcp4725: Fix i2c_master_send() return value handling
- iio: adc: ad7192: Change "shorted" channels to differential
- net: usb: qmi_wwan: Set DTR quirk for BroadMobi BM818
- usb: gadget: f_fs: Add unbind event before functionfs_unbind
- ata: libata-scsi: Use correct device no in ata_find_dev()
- x86/boot: Wrap literal addresses in absolute_pointer()
- ACPI: thermal: drop an always true check
- ath6kl: Use struct_group() to avoid size-mismatched casting
- eth: sun: cassini: remove dead code
- mmc: vub300: fix invalid response handling
- [arm64] tty: serial: fsl_lpuart: use UARTCTRL_TXINV to send break instead
of UARTCTRL_SBK
- btrfs: fix csum_tree_block page iteration to avoid tripping on
-Werror=array-bounds
- selinux: don't use make's grouped targets feature yet
- tracing/probe: trace_probe_primary_from_call(): checked list_first_entry
- ext4: add EA_INODE checking to ext4_iget()
- ext4: set lockdep subclass for the ea_inode in
ext4_xattr_inode_cache_find()
- ext4: disallow ea_inodes with extended attributes
- ext4: add lockdep annotations for i_data_sem for ea_inode's
- fbcon: Fix null-ptr-deref in soft_cursor
- [arm64,armhf] serial: 8250_tegra: Fix an error handling path in
tegra_uart_probe()
- [x86] KVM: x86: Account fastpath-only VM-Exits in vCPU stats
- KEYS: asymmetric: Copy sig and digest in public_key_verify_signature()
- regmap: Account for register length when chunking
- tpm, tpm_tis: Request threaded interrupt handler
- [x86] scsi: dpt_i2o: Remove broken pass-through ioctl (I2OUSERCMD)
(CVE-2023-2007)
- [x86] scsi: dpt_i2o: Do not process completions with invalid addresses
- [amd64] crypto: ccp: Reject SEV commands with mismatching command buffer
- [amd64] crypto: ccp: Play nice with vmalloc'd memory for SEV command
structs (Closes: #
1036543)
- ext4: enable the lazy init thread when remounting read/write
https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.184
- remove the sx8 block driver
- f2fs: fix iostat lock protection
- blk-iocost: avoid 64-bit division in ioc_timer_fn
- i40iw: fix build warning in i40iw_manage_apbvt()
- i40e: fix build warnings in i40e_alloc.h
- i40e: fix build warning in ice_fltr_add_mac_to_list()
- [arm*] staging: vchiq_core: drop vchiq_status from vchiq_initialise
- [arm64] spi: qup: Request DMA before enabling clocks
- afs: Fix setting of mtime when creating a file/dir/symlink
- neighbour: fix unaligned access to pneigh_entry
- net/smc: Avoid to access invalid RMBs' MRs in SMCRv1 ADD LINK CONT
- net/sched: fq_pie: ensure reasonable TCA_FQ_PIE_QUANTUM values
- Bluetooth: Fix l2cap_disconnect_req deadlock
- Bluetooth: L2CAP: Add missing checks for invalid DCID
- qed/qede: Fix scheduling while atomic
- netfilter: conntrack: fix NULL pointer dereference in nf_confirm_cthelper
- netfilter: ipset: Add schedule point in call_ad().
- rfs: annotate lockless accesses to sk->sk_rxhash
- rfs: annotate lockless accesses to RFS sock flow table
- net: sched: move rtm_tca_policy declaration to include file
- net: sched: fix possible refcount leak in tc_chain_tmplt_add()
- bpf: Add extra path pointer check to d_path helper
- lib: cpu_rmap: Fix potential use-after-free in irq_cpu_rmap_release()
- bnxt_en: Don't issue AP reset during ethtool's reset operation
- bnxt_en: Query default VLAN before VNIC setup on a VF
- bnxt_en: Implement .set_port / .unset_port UDP tunnel callbacks
- batman-adv: Broken sync while rescheduling delayed work
- Input: xpad - delete a Razer DeathAdder mouse VID/PID entry
- Input: psmouse - fix OOB access in Elantech protocol
- ALSA: hda/realtek: Add a quirk for HP Slim Desktop S01
- ALSA: hda/realtek: Add Lenovo P3 Tower platform
- drm/amdgpu: fix xclk freq on CHIP_STONEY
- can: j1939: j1939_sk_send_loop_abort(): improved error queue handling in
J1939 Socket
- can: j1939: change j1939_netdev_lock type to mutex
- can: j1939: avoid possible use-after-free when j1939_can_rx_register fails
- ceph: fix use-after-free bug for inodes when flushing capsnaps
- [s390x] dasd: Use correct lock while counting channel queue length
- Bluetooth: Fix use-after-free in hci_remove_ltk/hci_remove_irk
- Bluetooth: hci_qca: fix debugfs registration
- rbd: move RBD_OBJ_FLAG_COPYUP_ENABLED flag setting
- rbd: get snapshot context after exclusive lock is ensured to be held
- [arm64] pinctrl: meson-axg: add missing GPIOA_18 gpio group
- usb: usbfs: Enforce page requirements for mmap
- usb: usbfs: Use consistent mmap functions
- [arm*] staging: vc04_services: fix gcc-13 build warning
- vhost: support PACKED when setting-getting vring_base
- Revert "ext4: don't clear SB_RDONLY when remounting r/w until quota is
re-enabled"
- ext4: only check dquot_initialize_needed() when debugging
- tcp: fix tcp_min_tso_segs sysctl
- xfs: verify buffer contents when we skip log replay (CVE-2023-2124)
- drm/atomic: Don't pollute crtc_state->mode_blob with error pointers
- btrfs: check return value of btrfs_commit_transaction in relocation
- btrfs: unset reloc control if transaction commit fails in
prepare_to_relocate() (CVE-2023-3111)
- [x86] Revert "staging: rtl8192e: Replace macro RTL_PCI_DEVICE with
PCI_DEVICE"
https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.185
- lib: cleanup kstrto*() usage
- kernel.h: split out kstrtox() and simple_strtox() to a separate header
- power: supply: bq27xxx: Use mod_delayed_work() instead of cancel() +
schedule()
- [armhf] dts: vexpress: add missing cache properties
- power: supply: Ratelimit no data debug output
- [x86] platform/x86: asus-wmi: Ignore WMI events with codes 0x7B, 0xC0
- regulator: Fix error checking for debugfs_create_dir
- [arm64,armhf] irqchip/gic-v3: Disable pseudo NMIs on Mediatek devices w/
firmware issues
- power: supply: Fix logic checking if system is running from battery
- btrfs: scrub: try harder to mark RAID56 block groups read-only
- btrfs: handle memory allocation failure in btrfs_csum_one_bio
- ASoC: soc-pcm: test if a BE can be prepared
- [mips*] Move initrd_start check after initrd address sanitisation.
- xen/blkfront: Only check REQ_FUA for writes
- drm:amd:amdgpu: Fix missing buffer object unlock in failure path
- [arm64,armhf] irqchip/gic: Correctly validate OF quirk descriptors
- io_uring: hold uring mutex around poll removal (CVE-2023-3389)
- epoll: ep_autoremove_wake_function should use list_del_init_careful
- ocfs2: fix use-after-free when unmounting read-only filesystem
- ocfs2: check new file size on fallocate call
- nilfs2: fix incomplete buffer cleanup in nilfs_btnode_abort_change_key()
- nilfs2: fix possible out-of-bounds segment allocation in resize ioctl
- kexec: support purgatories with .text.hot sections
- [x86] purgatory: remove PGO flags
- [powerpc*] purgatory: remove PGO flags
- nouveau: fix client work fence deletion race
- RDMA/uverbs: Restrict usage of privileged QKEYs
- net: usb: qmi_wwan: add support for Compal RXM-G1
- ALSA: hda/realtek: Add a quirk for Compaq N14JP6
- Remove DECnet support from kernel (CVE-2023-3338)
- USB: serial: option: add Quectel EM061KGL series
- [arm64,armhf] usb: dwc3: gadget: Reset num TRBs before giving back the
request
- [arm64] spi: fsl-dspi: avoid SCK glitches with continuous transfers
- netfilter: nfnetlink: skip error delivery on batch in case of ENOMEM
- [arm64] net: enetc: correct the indexes of highest and 2nd highest TCs
- ping6: Fix send to link-local addresses with VRF.
- net/sched: cls_u32: Fix reference counter leak leading to overflow
(CVE-2023-3609)
- RDMA/rxe: Remove the unused variable obj
- RDMA/rxe: Removed unused name from rxe_task struct
- RDMA/rxe: Fix the use-before-initialization error of resp_pkts
- iavf: remove mask from iavf_irq_enable_queues()
- RDMA/mlx5: Initiate dropless RQ for RAW Ethernet functions
- RDMA/cma: Always set static rate to 0 for RoCE
- IB/uverbs: Fix to consider event queue closing also upon non-blocking mode
- IB/isert: Fix dead lock in ib_isert
- IB/isert: Fix possible list corruption in CMA handler
- IB/isert: Fix incorrect release of isert connection
- ipvlan: fix bound dev checking for IPv6 l3s mode
- sctp: fix an error code in sctp_sf_eat_auth()
- igb: fix nvm.ops.read() error handling
- drm/nouveau: don't detect DSM for non-NVIDIA device
- drm/nouveau/dp: check for NULL nv_connector->native_mode
- drm/nouveau: add nv_encoder pointer check for NULL
- ext4: drop the call to ext4_error() from ext4_get_group_info()
- net/sched: cls_api: Fix lockup on flushing explicitly created chain
- net: tipc: resize nlattr array to correct size
- afs: Fix vlserver probe RTT handling
- cgroup: always put cset in cgroup_css_set_put_fork
- rcu/kvfree: Avoid freeing new kfree_rcu() memory after old grace period
- neighbour: Remove unused inline function neigh_key_eq16()
- net: Remove unused inline function dst_hold_and_use()
- net: Remove DECnet leftovers from flow.h.
- neighbour: delete neigh_lookup_nodev as not used
- batman-adv: Switch to kstrtox.h for kstrtou64
- mmc: block: ensure error propagation for non-blk
- mm/memory_hotplug: extend offline_and_remove_memory() to handle more than
one memory block
- nilfs2: reject devices with insufficient block count
- media: dvbdev: Fix memleak in dvb_register_device
- media: dvbdev: fix error logic at dvb_register_device()
- media: dvb-core: Fix use-after-free due to race at dvb_register_device()
- [x86] drm/i915/dg1: Wait for pcode/uncore handshake at startup
- [x86] drm/i915/gen11+: Only load DRAM information from pcode
https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.186
- drm/amd/display: fix the system hang while disable PSR
- net/sched: Refactor qdisc_graft() for ingress and clsact Qdiscs
- tracing: Add tracing_reset_all_online_cpus_unlocked() function
- tick/common: Align tick period during sched_timer setup
- nilfs2: fix buffer corruption due to concurrent device reads
- [x86] Drivers: hv: vmbus: Fix vmbus_wait_for_unload() to scan present CPUs
- [x86] PCI: hv: Fix a race condition bug in hv_pci_query_relations()
- [x86] Revert "PCI: hv: Fix a timing issue which causes kdump to fail
occasionally"
- [x86] PCI: hv: Remove the useless hv_pcichild_state from struct hv_pci_dev
- [x86] PCI: hv: Fix a race condition in hv_irq_unmask() that can cause
panic
- cgroup: Do not corrupt task iteration when rebinding subsystem
- [arm64] mmc: sdhci-msm: Disable broken 64-bit DMA on MSM8916
- [arm64] mmc: meson-gx: remove redundant mmc_request_done() call from irq
context
- [arm64,armhf] mmc: mmci: stm32: fix max busy timeout calculation
- ip_tunnels: allow VXLAN/GENEVE to inherit TOS/TTL from VLAN
- regulator: pca9450: Fix LDO3OUT and LDO4OUT MASK
- writeback: fix dereferencing NULL mapping->host on writeback_page_template
- io_uring/net: save msghdr->msg_control for retries
- io_uring/net: clear msg_controllen on partial sendmsg retry
- io_uring/net: disable partial retries for recvmsg with cmsg
- nilfs2: prevent general protection fault in nilfs_clear_dirty_page()
- [x86] mm: Avoid using set_pgd() outside of real PGD pages
- mm/pagealloc: sysctl: change watermark_scale_factor max limit to 30%
- sysctl: move some boundary constants from sysctl.c to sysctl_vals
- memfd: check for non-NULL file_seals in memfd_create() syscall
- ieee802154: hwsim: Fix possible memory leaks
- xfrm: Treat already-verified secpath entries as optional
- xfrm: interface: rename xfrm_interface.c to xfrm_interface_core.c
- xfrm: Ensure policies always checked on XFRM-I input path
- bpf: track immediate values written to stack by BPF_ST instruction
- bpf: Fix verifier id tracking of scalars on spill
- xfrm: fix inbound ipv4/udp/esp packets to UDPv6 dualstack sockets
- xfrm: Linearize the skb after offloading if needed.
- [armel,armhf] mmc: mvsdio: fix deferred probing
- [armhf] mmc: omap: fix deferred probing
- [armhf] mmc: omap_hsmmc: fix deferred probing
- mmc: sdhci-acpi: fix deferred probing
- ipvs: align inner_mac_header for encapsulation
- be2net: Extend xmit workaround to BE3 chip
- netfilter: nft_set_pipapo: .walk does not deal with generations
- netfilter: nf_tables: disallow element updates of bound anonymous sets
- netfilter: nfnetlink_osf: fix module autoload
- Revert "net: phy: dp83867: perform soft reset and retain established link"
- sch_netem: acquire qdisc lock in netem_change()
- gpio: Allow per-parent interrupt data
- gpiolib: Fix GPIO chip IRQ initialization restriction
- scsi: target: iscsi: Prevent login threads from racing between each other
- HID: wacom: Add error check to wacom_parse_and_register()
- [arm64] Add missing Set/Way CMO encodings
- media: cec: core: don't set last_initiator if tx in progress
- nfcsim.c: Fix error checking for debugfs_create_dir
- [i386] usb: gadget: udc: fix NULL dereference in remove()
- [x86] Input: soc_button_array - add invalid acpi_index DMI quirk handling
- [s390x] cio: unregister device when the only path is gone
- [arm*] ASoC: simple-card: Add missing of_node_put() in case of error
- [x86] ASoC: nau8824: Add quirk to active-high jack-detect
- [armhf] dts: Fix erroneous ADS touchscreen polarities
- drm/radeon: fix race condition UAF in radeon_gem_set_domain_ioctl
- [x86] apic: Fix kernel panic when booting with intremap=off and
x2apic_phys
- bpf/btf: Accept function names that contain dots
https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.187
https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.188
- media: atomisp: fix "variable dereferenced before check 'asd'"
- [x86] smp: Use dedicated cache-line for mwait_play_dead()
- can: isotp: isotp_sendmsg(): fix return error fix on TX path
- video: imsttfb: check for ioremap() failures
- fbdev: imsttfb: Fix use after free bug in imsttfb_probe
- HID: wacom: Use ktime_t rather than int when dealing with timestamps
- HID: logitech-hidpp: add HIDPP_QUIRK_DELAYED_INIT for the T651.
- drm/amdgpu: Validate VM ioctl flags.
- nubus: Partially revert proc_create_single_data() conversion
- fs: pipe: reveal missing function protoypes
- [x86] resctrl: Only show tasks' pid in current pid namespace
- blk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_cost
- md/raid10: check slab-out-of-bounds in md_bitmap_get_counter
- md/raid10: fix overflow of md/safe_mode_delay
- md/raid10: fix wrong setting of max_corr_read_errors
- md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request
- md/raid10: fix io loss while replacement replace rdev
- irqchip/jcore-aic: Kill use of irq_create_strict_mappings()
- irqchip/jcore-aic: Fix missing allocation of IRQ descriptors
- posix-timers: Prevent RT livelock in itimer_delete()
- tracing/timer: Add missing hrtimer modes to decode_hrtimer_mode().
- clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe
- PM: domains: fix integer overflow issues in genpd_parse_state()
- perf/arm-cmn: Fix DTC reset
- powercap: RAPL: Fix CONFIG_IOSF_MBI dependency
- cpufreq: intel_pstate: Fix energy_performance_preference for passive
- thermal/drivers/sun8i: Fix some error handling paths in sun8i_ths_probe()
- rcuscale: Console output claims too few grace periods
- rcuscale: Always log error message
- rcuscale: Move shutdown from wait_event() to wait_event_idle()
- rcu/rcuscale: Move rcu_scale_*() after kfree_scale_cleanup()
- rcu/rcuscale: Stop kfree_scale_thread thread(s) after unloading rcuscale
- perf/ibs: Fix interface via core pmu events
- [x86] mm: Fix __swp_entry_to_pte() for Xen PV guests
- evm: Complete description of evm_inode_setattr()
- pstore/ram: Add check for kstrdup
- igc: Enable and fix RX hash usage by netstack
- wifi: ath9k: fix AR9003 mac hardware hang check register offset
calculation
- wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx
- spi: spi-geni-qcom: Correct CS_TOGGLE bit in SPI_TRANS_CFG
- wifi: wilc1000: fix for absent RSN capabilities WFA testcase
- wifi: mwifiex: Fix the size of a memory allocation in
mwifiex_ret_802_11_scan()
- bpf: Remove extra lock_sock for TCP_ZEROCOPY_RECEIVE
- sctp: add bpf_bypass_getsockopt proto callback
- nfc: constify several pointers to u8, char and sk_buff
- nfc: llcp: fix possible use of uninitialized variable in
nfc_llcp_send_connect()
- regulator: core: Fix more error checking for debugfs_create_dir()
- regulator: core: Streamline debugfs operations
- wifi: orinoco: Fix an error handling path in spectrum_cs_probe()
- wifi: orinoco: Fix an error handling path in orinoco_cs_probe()
- wifi: atmel: Fix an error handling path in atmel_probe()
- wl3501_cs: Fix misspelling and provide missing documentation
- net: create netdev->dev_addr assignment helpers
- wl3501_cs: use eth_hw_addr_set()
- wifi: wl3501_cs: Fix an error handling path in wl3501_probe()
- wifi: ray_cs: Utilize strnlen() in parse_addr()
- wifi: ray_cs: Drop useless status variable in parse_addr()
- wifi: ray_cs: Fix an error handling path in ray_probe()
- wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes
- wifi: rsi: Do not configure WoWlan in shutdown hook if not enabled
- wifi: rsi: Do not set MMC_PM_KEEP_POWER in shutdown
- watchdog/perf: define dummy watchdog_update_hrtimer_threshold() on correct
config
- watchdog/perf: more properly prevent false positives with turbo modes
- kexec: fix a memory leak in crash_shrink_memory()
- memstick r592: make memstick_debug_get_tpc_name() static
- wifi: ath9k: Fix possible stall on ath9k_txq_list_has_key()
- rtnetlink: extend RTEXT_FILTER_SKIP_STATS to IFLA_VF_INFO
- wifi: iwlwifi: pull from TXQs with softirqs disabled
- wifi: cfg80211: rewrite merging of inherited elements
- wifi: ath9k: convert msecs to jiffies where needed
- igc: Fix race condition in PTP tx code
- net: stmmac: fix double serdes powerdown
- netlink: fix potential deadlock in netlink_set_err()
- netlink: do not hard code device address lenth in fdb dumps
- gtp: Fix use-after-free in __gtp_encap_destroy().
- net: axienet: Move reset before 64-bit DMA detection
- sfc: fix crash when reading stats while NIC is resetting
- nfc: llcp: simplify llcp_sock_connect() error paths
- net: nfc: Fix use-after-free caused by nfc_llcp_find_local (CVE-2023-3863)
- lib/ts_bm: reset initial match offset for every block of text
- netfilter: conntrack: dccp: copy entire header to stack buffer, not just
basic one
- netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return
value.
- ipvlan: Fix return value of ipvlan_queue_xmit()
- netlink: Add __sock_i_ino() for __netlink_diag_dump().
- radeon: avoid double free in ci_dpm_init()
- drm/amd/display: Explicitly specify update type per plane info change
- Input: drv260x - sleep between polling GO bit
- drm/bridge: tc358768: always enable HS video mode
- drm/bridge: tc358768: fix PLL parameters computation
- drm/bridge: tc358768: fix PLL target frequency
- drm/bridge: tc358768: fix TCLK_ZEROCNT computation
- drm/bridge: tc358768: Add atomic_get_input_bus_fmts() implementation
- drm/bridge: tc358768: fix TCLK_TRAILCNT computation
- drm/bridge: tc358768: fix THS_ZEROCNT computation
- drm/bridge: tc358768: fix TXTAGOCNT computation
- drm/bridge: tc358768: fix THS_TRAILCNT computation
- drm/vram-helper: fix function names in vram helper doc
- Input: adxl34x - do not hardcode interrupt trigger type
- drm: sun4i_tcon: use devm_clk_get_enabled in `sun4i_tcon_init_clocks`
- drm/panel: sharp-ls043t1le01: adjust mode settings
- bus: ti-sysc: Fix dispc quirk masking bool variables
- [arm64] dts: microchip: sparx5: do not use PSCI on reference boards
- RDMA/bnxt_re: Disable/kill tasklet only if it is enabled
- RDMA/bnxt_re: Fix to remove unnecessary return labels
- RDMA/bnxt_re: Use unique names while registering interrupts
- RDMA/bnxt_re: Remove a redundant check inside bnxt_re_update_gid
- RDMA/bnxt_re: Fix to remove an unnecessary log
- ARM: dts: gta04: Move model property out of pinctrl node
- [arm64] dts: qcom: msm8916: correct camss unit address
- [arm64] dts: qcom: msm8994: correct SPMI unit address
- [arm64] dts: qcom: msm8996: correct camss unit address
- drm/panel: simple: fix active size for Ampire AM-480272H3TMQW-T01H
- ARM: ep93xx: fix missing-prototype warnings
- ARM: omap2: fix missing tick_broadcast() prototype
- [arm64] dts: qcom: apq8096: fix fixed regulator name property
- ARM: dts: stm32: Shorten the AV96 HDMI sound card name
- memory: brcmstb_dpfe: fix testing array offset after use
- ASoC: es8316: Increment max value for ALC Capture Target Volume control
- ASoC: es8316: Do not set rate constraints for unsupported MCLKs
- ARM: dts: meson8: correct uart_B and uart_C clock references
- soc/fsl/qe: fix usb.c build errors
- IB/hfi1: Use bitmap_zalloc() when applicable
- IB/hfi1: Fix sdma.h tx->num_descs off-by-one errors
- IB/hfi1: Fix wrong mmu_node used for user SDMA packet after invalidate
- RDMA: Remove uverbs_ex_cmd_mask values that are linked to functions
- RDMA/hns: Fix coding style issues
- RDMA/hns: Use refcount_t APIs for HEM
- RDMA/hns: Clean the hardware related code for HEM
- RDMA/hns: Fix hns_roce_table_get return value
- ARM: dts: iwg20d-q7-common: Fix backlight pwm specifier
- fbdev: omapfb: lcd_mipid: Fix an error handling path in mipid_spi_probe()
- [arm64] dts: ti: k3-j7200: Fix physical address of pin
- ARM: dts: stm32: Fix audio routing on STM32MP15xx DHCOM PDK2
- ARM: dts: stm32: fix i2s endpoint format property for stm32mp15xx-dkx
- hwmon: (gsc-hwmon) fix fan pwm temperature scaling
- hwmon: (adm1275) enable adm1272 temperature reporting
- hwmon: (adm1275) Allow setting sample averaging
- hwmon: (pmbus/adm1275) Fix problems with temperature monitoring on ADM1272
- ARM: dts: BCM5301X: fix duplex-full => full-duplex
- drm/radeon: fix possible division-by-zero errors
- amdgpu: validate offset_in_bo of drm_amdgpu_gem_va
- RDMA/bnxt_re: wraparound mbox producer index
- RDMA/bnxt_re: Avoid calling wake_up threads from spin_lock context
- clk: imx: clk-imx8mn: fix memory leak in imx8mn_clocks_probe
- clk: imx: clk-imx8mp: improve error handling in imx8mp_clocks_probe()
- clk: tegra: tegra124-emc: Fix potential memory leak
- ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer
- drm/msm/dpu: do not enable color-management if DSPPs are not available
- drm/msm/dp: Free resources after unregistering them
- clk: vc5: check memory returned by kasprintf()
- clk:
cdce925: check return value of kasprintf()
- clk: si5341: Allow different output VDD_SEL values
- clk: si5341: Add sysfs properties to allow checking/resetting device
faults
- clk: si5341: return error if one synth clock registration fails
- clk: si5341: check return value of {devm_}kasprintf()
- clk: si5341: free unused memory on probe failure
- clk: keystone: sci-clk: check return value of kasprintf()
- clk: ti: clkctrl: check return value of kasprintf()
- drivers: meson: secure-pwrc: always enable DMA domain
- ovl: update of dentry revalidate flags after copy up
- ASoC: imx-audmix: check return value of devm_kasprintf()
- PCI: cadence: Fix Gen2 Link Retraining process
- scsi: qedf: Fix NULL dereference in error handling
- pinctrl: bcm2835: Handle gpiochip_add_pin_range() errors
- PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free
- scsi: 3w-xxxx: Add error handling for initialization failure in tw_probe()
- PCI: pciehp: Cancel bringup sequence if card is not present
- PCI: ftpci100: Release the clock resources
- PCI: Add pci_clear_master() stub for non-CONFIG_PCI
- perf bench: Use unbuffered output when pipe/tee'ing to a file
- perf bench: Add missing setlocale() call to allow usage of %'d style
formatting
- pinctrl: cherryview: Return correct value if pin in push-pull mode
- perf dwarf-aux: Fix off-by-one in die_get_varname()
- pinctrl: at91-pio4: check return value of devm_kasprintf()
- [powerpc*] powernv/sriov: perform null check on iov before dereferencing
iov
- mm: rename pud_page_vaddr to pud_pgtable and make it return pmd_t *
- mm: rename p4d_page_vaddr to p4d_pgtable and make it return pud_t *
- [powerpc*] book3s64/mm: Fix DirectMap stats in /proc/meminfo
- [powerpc*] mm/dax: Fix the condition when checking if altmap vmemap can
cross-boundary
- hwrng: virtio - add an internal buffer
- hwrng: virtio - don't wait on cleanup
- hwrng: virtio - don't waste entropy
- hwrng: virtio - always add a pending request
- hwrng: virtio - Fix race on data_avail and actual data
- crypto: nx - fix build warnings when DEBUG_FS is not enabled
- modpost: fix section mismatch message for R_ARM_ABS32
- modpost: fix section mismatch message for R_ARM_{PC24,CALL,JUMP24}
- crypto: marvell/cesa - Fix type mismatch warning
- modpost: fix off by one in is_executable_section()
- NFSv4.1: freeze the session table upon receiving NFS4ERR_BADSESSION
- dax: Fix dax_mapping_release() use after free
- dax: Introduce alloc_dev_dax_id()
- hwrng: st - keep clock enabled while hwrng is registered
- io_uring: ensure IOPOLL locks around deferred work (CVE-2023-21400)
- USB: serial: option: add LARA-R6 01B PIDs
- usb: dwc3: gadget: Propagate core init errors to UDC during pullup
- phy: tegra: xusb: Clear the driver reference in usb-phy dev
- block: fix signed int overflow in Amiga partition support
- block: change all __u32 annotations to __be32 in affs_hardblocks.h
- SUNRPC: Fix UAF in svc_tcp_listen_data_ready()
- w1: w1_therm: fix locking behavior in convert_t
- w1: fix loop in w1_fini()
- serial: 8250: omap: Fix freeing of resources on failed register
- clk: qcom: gcc-ipq6018: Use floor ops for sdcc clocks
- media: usb: Check az6007_read() return value
- media: videodev2.h: Fix struct v4l2_input tuner index comment
- media: usb: siano: Fix warning due to null work_func_t function pointer
(CVE-2023-4132)
- clk: qcom: reset: Allow specifying custom reset delay
- clk: qcom: reset: support resetting multiple bits
- clk: qcom: ipq6018: fix networking resets
- usb: dwc3: qcom: Fix potential memory leak
- usb: gadget: u_serial: Add null pointer check in gserial_suspend
- extcon: Fix kernel doc of property fields to avoid warnings
- extcon: Fix kernel doc of property capability fields to avoid warnings
- usb: phy: phy-tahvo: fix memory leak in tahvo_usb_probe()
- usb: hide unused usbfs_notify_suspend/resume functions
- serial: 8250: lock port for stop_rx() in omap8250_irq()
- serial: 8250: lock port for UART_IER access in omap8250_irq()
- kernfs: fix missing kernfs_idr_lock to remove an ID from the IDR
- coresight: Fix loss of connection info when a module is unloaded
- mfd: rt5033: Drop rt5033-battery sub-device
- media: venus: helpers: Fix ALIGN() of non power of two
- media: atomisp: gmin_platform: fix out_len in gmin_get_config_dsm_var()
- [s390x] KVM: s390: fix KVM_S390_GET_CMMA_BITS for GFNs in memslot holes
- usb: dwc3: qcom: Release the correct resources in dwc3_qcom_remove()
- usb: dwc3: qcom: Fix an error handling path in dwc3_qcom_probe()
- usb: common: usb-conn-gpio: Set last role to unknown before initial
detection
- usb: dwc3-meson-g12a: Fix an error handling path in
dwc3_meson_g12a_probe()
- mfd: intel-lpss: Add missing check for platform_get_resource
- Revert "usb: common: usb-conn-gpio: Set last role to unknown before
initial detection"
- serial: 8250_omap: Use force_suspend and resume for system suspend
- mfd: stmfx: Fix error path in stmfx_chip_init
- mfd: stmfx: Nullify stmfx->vdd in case of error
- [s390x] KVM: s390: vsie: fix the length of APCB bitmap
- mfd: stmpe: Only disable the regulators if they are enabled
- phy: tegra: xusb: check return value of devm_kzalloc()
- pwm: imx-tpm: force 'real_period' to be zero in suspend
- pwm: sysfs: Do not apply state to already disabled PWMs
- rtc: st-lpc: Release some resources in st_rtc_probe() in case of error
- media: cec: i2c: ch7322: also select REGMAP
- sctp: fix potential deadlock on &net->sctp.addr_wq_lock
- Add MODULE_FIRMWARE() for FIRMWARE_TG357766.
- net: dsa: vsc73xx: fix MTU configuration
- spi: bcm-qspi: return error if neither hif_mspi nor mspi is available
- mailbox: ti-msgmgr: Fill non-message tx data fields with 0x0
- f2fs: fix error path handling in truncate_dnode()
- octeontx2-af: Fix mapping for NIX block from CGX connection
- [powerpc*] allow PPC_EARLY_DEBUG_CPM only when SERIAL_CPM=y
- net: bridge: keep ports without IFF_UNICAST_FLT in BR_PROMISC mode
- tcp: annotate data races in __tcp_oow_rate_limited()
- xsk: Honor SO_BINDTODEVICE on bind
- net/sched: act_pedit: Add size check for TCA_PEDIT_PARMS_EX
- pptp: Fix fib lookup calls.
- net: dsa: tag_sja1105: fix MAC DA patching from meta frames
- [s390x] qeth: Fix vipa deletion
- apparmor: fix missing error check for rhashtable_insert_fast
- i2c: xiic: Defer xiic_wakeup() and __xiic_start_xfer() in xiic_process()
- i2c: xiic: Don't try to handle more interrupt events after error
- ALSA: jack: Fix mutex call in snd_jack_report()
- i2c: qup: Add missing unwind goto in qup_i2c_probe()
- NFSD: add encoding of op_recall flag for write delegation
- io_uring: wait interruptibly for request completions on exit
- mmc: core: disable TRIM on Kingston EMMC04G-M627
- mmc: core: disable TRIM on Micron MTFC4GACAJCN-1M
- mmc: mmci: Set PROBE_PREFER_ASYNCHRONOUS
- mmc: sdhci: fix DMA configure compatibility issue when 64bit DMA mode is
used.
- bcache: fixup btree_cache_wait list damage
- bcache: Remove unnecessary NULL point check in node allocations
- bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent
- integrity: Fix possible multiple allocation in integrity_inode_get()
- autofs: use flexible array in ioctl structure
- shmem: use ramfs_kill_sb() for kill_sb method of ramfs-based tmpfs
- jffs2: reduce stack usage in jffs2_build_xattr_subsystem()
- fs: avoid empty option when generating legacy mount string
- ext4: Remove ext4 locking of moved directory
- Revert "f2fs: fix potential corruption when moving a directory"
- fs: Establish locking order for unrelated directories
- fs: Lock moved directories
- btrfs: add handling for RAID1C23/DUP to btrfs_reduce_alloc_profile
- btrfs: fix race when deleting quota root from the dirty cow roots list
- ARM: orion5x: fix d2net gpio initialization
- leds: trigger: netdev: Recheck NETDEV_LED_MODE_LINKUP on dev rename
- fs: no need to check source
- fanotify: disallow mount/sb marks on kernel internal pseudo fs
- tpm, tpm_tis: Claim locality in interrupt handler
- block: add overflow checks for Amiga partition support
- netfilter: nf_tables: use net_generic infra for transaction data
- netfilter: nf_tables: add rescheduling points during loop detection walks
- netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound
set/chain
- netfilter: nf_tables: reject unbound anonymous set before commit phase
- netfilter: nf_tables: reject unbound chain set before commit phase
- netfilter: nftables: rename set element data activation/deactivation
functions
- netfilter: nf_tables: drop map element references from preparation phase
- netfilter: nf_tables: unbind non-anonymous set if rule construction fails
- netfilter: nf_tables: fix scheduling-while-atomic splat
- netfilter: conntrack: Avoid nf_ct_helper_hash uses after free
- wireguard: queueing: use saner cpu selection wrapping
- wireguard: netlink: send staged packets when setting initial private key
- tty: serial: fsl_lpuart: add earlycon for imx8ulp platform
- rcu-tasks: Mark ->trc_reader_nesting data races
- rcu-tasks: Mark ->trc_reader_special.b.need_qs data races
- rcu-tasks: Simplify trc_read_check_handler() atomic operations
- block/partition: fix signedness issue for Amiga partitions
- io_uring: Use io_schedule* in cqring wait
- io_uring: add reschedule point to handle_tw_list()
- net: lan743x: Don't sleep in atomic context
- workqueue: clean up WORK_* constant types, clarify masking
- drm/panel: simple: Add connector_type for innolux_at043tn24
- drm/panel: simple: Add Powertip PH800480T013 drm_display_mode flags
- igc: Remove delay during TX ring configuration
- net/mlx5e: fix double free in mlx5e_destroy_flow_table
- net/mlx5e: Check for NOT_READY flag state after locking
- igc: set TP bit in 'supported' and 'advertising' fields of
ethtool_link_ksettings
- scsi: qla2xxx: Fix error code in qla2x00_start_sp()
- net: mvneta: fix txq_map in case of txq_number==1
- net/sched: cls_fw: Fix improper refcount update leads to use-after-free
(CVE-2023-3776)
- gve: Set default duplex configuration to full
- ionic: remove WARN_ON to prevent panic_on_warn
- net: bgmac: postpone turning IRQs off to avoid SoC hangs
- net: prevent skb corruption on frag list segmentation
- icmp6: Fix null-ptr-deref of ip6_null_entry->rt6i_idev in icmp6_dev().
- udp6: fix udp6_ehashfn() typo
- ntb: idt: Fix error handling in idt_pci_driver_init()
- NTB: amd: Fix error handling in amd_ntb_pci_driver_init()
- ntb: intel: Fix error handling in intel_ntb_pci_driver_init()
- NTB: ntb_transport: fix possible memory leak while device_register() fails
- NTB: ntb_tool: Add check for devm_kcalloc
- ipv6/addrconf: fix a potential refcount underflow for idev
- [x86] platform/x86: wmi: remove unnecessary argument
- [x86] platform/x86: wmi: use guid_t and guid_equal()
- [x86] platform/x86: wmi: move variables
- [x86] platform/x86: wmi: Break possible infinite loop when parsing GUID
- igc: Fix launchtime before start of cycle
- igc: Fix inserting of empty frame for launchtime
- riscv: bpf: Move bpf_jit_alloc_exec() and bpf_jit_free_exec() to core
- erofs: avoid infinite loop in z_erofs_do_read_page() when reading beyond
EOF
- wifi: airo: avoid uninitialized warning in airo_get_rate()
- net/sched: flower: Ensure both minimum and maximum ports are specified
- netdevsim: fix uninitialized data in nsim_dev_trap_fa_cookie_write()
- net/sched: make psched_mtu() RTNL-less safe
- net/sched: sch_qfq: refactor parsing of netlink parameters
- net/sched: sch_qfq: account for stab overhead in qfq_enqueue
(CVE-2023-3611)
- nvme-pci: fix DMA direction of unmapping integrity data
- f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()
(CVE-2023-2898)
- pinctrl: amd: Fix mistake in handling clearing pins at startup
- pinctrl: amd: Detect internal GPIO0 debounce handling
- pinctrl: amd: Only use special debounce behavior for GPIO 0
- tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation
- mtd: rawnand: meson: fix unaligned DMA buffers handling
- net: bcmgenet: Ensure MDIO unregistration has clocks enabled
- [powerpc*] Fail build if using recordmcount with binutils v2.37
- misc: fastrpc: Create fastrpc scalar with correct buffer count
- erofs: fix compact 4B support for 16k block size
- ext4: Fix reusing stale buffer heads from last failed mounting
- ext4: fix wrong unit use in ext4_mb_clear_bb
- ext4: get block from bh in ext4_free_blocks for fast commit replay
- ext4: fix wrong unit use in ext4_mb_new_blocks
- ext4: only update i_reserved_data_blocks on successful block allocation
- jfs: jfs_dmap: Validate db_l2nbperpage while mounting
- hwrng: imx-rngc - fix the timeout for init and self check
- PCI/PM: Avoid putting EloPOS E2/S2/H2 PCIe Ports in D3cold
- PCI: Add function 1 DMA alias quirk for Marvell 88SE9235
- PCI: qcom: Disable write access to read only registers for IP v2.3.3
- PCI: rockchip: Assert PCI Configuration Enable bit after probe
- PCI: rockchip: Write PCI Device ID to correct register
- PCI: rockchip: Add poll and timeout to wait for PHY PLLs to be locked
- PCI: rockchip: Fix legacy IRQ generation for RK3399 PCIe endpoint core
- PCI: rockchip: Use u32 variable to access 32-bit registers
- PCI: rockchip: Set address alignment for endpoint mode
- misc: pci_endpoint_test: Free IRQs before removing the device
- misc: pci_endpoint_test: Re-init completion for every test
- md/raid0: add discard support for the 'original' layout
- fs: dlm: return positive pid value for F_GETLK
- drm/atomic: Allow vblank-enabled + self-refresh "disable"
- drm/rockchip: vop: Leave vblank enabled in self-refresh
- drm/amd/display: Correct `DMUB_FW_VERSION` macro
- serial: atmel: don't enable IRQs prematurely
- tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() in
case of error
- tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk()
when iterating clk
- firmware: stratix10-svc: Fix a potential resource leak in
svc_create_memory_pool()
- ceph: don't let check_caps skip sending responses for revoke msgs
- xhci: Fix resume issue of some ZHAOXIN hosts
- xhci: Fix TRB prefetch issue of ZHAOXIN hosts
- xhci: Show ZHAOXIN xHCI root hub speed correctly
- meson saradc: fix clock divider mask length
- Revert "8250: add support for ASIX devices with a FIFO bug"
- [s390x] decompressor: fix misaligned symbol build error
- tracing/histograms: Add histograms to hist_vars if they have referenced
variables
- net: ena: fix shift-out-of-bounds in exponential backoff
- ring-buffer: Fix deadloop issue on reading trace_pipe
- tracing: Fix null pointer dereference in tracing_err_log_open()
- tracing/probes: Fix not to count error code to total length
- scsi: qla2xxx: Wait for io return on terminate rport
- scsi: qla2xxx: Array index may go out of bound
- scsi: qla2xxx: Fix buffer overrun
- scsi: qla2xxx: Fix potential NULL pointer dereference
- scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport()
- scsi: qla2xxx: Correct the index of array
- scsi: qla2xxx: Pointer may be dereferenced
- scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue
- net/sched: sch_qfq: reintroduce lmax bound check for MTU
- RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests
- drm/atomic: Fix potential use-after-free in nonblocking commits
- ALSA: hda/realtek - remove 3k pull low procedure
- ALSA: hda/realtek: Enable Mute LED on HP Laptop 15s-eq2xxx
- keys: Fix linking a duplicate key to a keyring's assoc_array
- perf probe: Add test for regression introduced by switch to
die_get_decl_file()
- btrfs: fix warning when putting transaction with qgroups enabled after
abort
- fuse: revalidate: don't invalidate if interrupted
- regmap: Drop initial version of maximum transfer length fixes
- regmap: Account for register length in SMBus I/O limits
- can: bcm: Fix UAF in bcm_proc_show()
- drm/client: Fix memory leak in drm_client_target_cloned
- drm/client: Fix memory leak in drm_client_modeset_probe
- ASoC: fsl_sai: Disable bit clock with transmitter
- ext4: correct inline offset when handling xattrs in inode body
- debugobjects: Recheck debug_objects_enabled before reporting
- nbd: Add the maximum limit of allocated index in nbd_dev_add
- md: fix data corruption for raid456 when reshape restart while grow up
- md/raid10: prevent soft lockup while flush writes
- posix-timers: Ensure timer ID search-loop limit is valid
- btrfs: add xxhash to fast checksum implementations
- ACPI: button: Add lid disable DMI quirk for Nextbook Ares 8A
- ACPI: video: Add backlight=native DMI quirk for Apple iMac11,3
- ACPI: video: Add backlight=native DMI quirk for Lenovo ThinkPad X131e
(3371 AMD version)
- [arm64] set __exception_irq_entry with __irq_entry as a default
- [arm64] mm: fix VA-range sanity check
- sched/fair: Don't balance task to its current running CPU
- wifi: ath11k: fix registration of 6Ghz-only phy without the full channel
range
- bpf: Address KCSAN report on bpf_lru_list
- devlink: report devlink_port_type_warn source device
- wifi: wext-core: Fix -Wstringop-overflow warning in
ioctl_standard_iw_point()
- wifi: iwlwifi: mvm: avoid baid size integer overflow
- igb: Fix igb_down hung on surprise removal
- spi: bcm63xx: fix max prepend length
- fbdev: imxfb: warn about invalid left/right margin
- pinctrl: amd: Use amd_pinconf_set() for all config options
- net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field()/cpsw_ale_set_field()
- bridge: Add extack warning when enabling STP in netns.
- iavf: Fix use-after-free in free_netdev
- iavf: Fix out-of-bounds when setting channels on remove
- security: keys: Modify mismatched function name
- octeontx2-pf: Dont allocate BPIDs for LBK interfaces
- tcp: annotate data-races around tcp_rsk(req)->ts_recent
- net: ipv4: Use kfree_sensitive instead of kfree
- net:ipv6: check return value of pskb_trim()
- Revert "tcp: avoid the lookup process failing to get sk in ehash table"
- fbdev: au1200fb: Fix missing IRQ check in au1200fb_drv_probe
- llc: Don't drop packet from non-root netns.
- netfilter: nf_tables: fix spurious set element insertion failure
- netfilter: nf_tables: can't schedule in nft_chain_validate
- netfilter: nft_set_pipapo: fix improper element removal (CVE-2023-4004)
- netfilter: nf_tables: skip bound chain in netns release path
- netfilter: nf_tables: skip bound chain on rule flush
- tcp: annotate data-races around tp->tcp_tx_delay
- tcp: annotate data-races around tp->keepalive_time
- tcp: annotate data-races around tp->keepalive_intvl
- tcp: annotate data-races around tp->keepalive_probes
- net: Introduce net.ipv4.tcp_migrate_req.
- tcp: Fix data-races around sysctl_tcp_syn(ack)?_retries.
- tcp: annotate data-races around icsk->icsk_syn_retries
- tcp: annotate data-races around tp->linger2
- tcp: annotate data-races around rskq_defer_accept
- tcp: annotate data-races around tp->notsent_lowat
- tcp: annotate data-races around icsk->icsk_user_timeout
- tcp: annotate data-races around fastopenq.max_qlen
- net: phy: prevent stale pointer dereference in phy_init()
- tracing/histograms: Return an error if we fail to add histogram to
hist_vars list
- tracing: Fix memory leak of iter->temp when reading trace_pipe
- ftrace: Store the order of pages allocated in ftrace_page
- ftrace: Fix possible warning on checking all pages used in
ftrace_process_locs()
https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.189
- xen/netback: Fix buffer overrun triggered by unusual packet
(CVE-2023-34319)
- [x86] fix backwards merge of GDS/SRSO bit
https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.190
- [s390x] KVM: s390: pv: fix index value of replaced ASCE
- io_uring: don't audit the capability check in io_uring_create()
- btrfs: fix race between quota disable and relocation
- btrfs: fix extent buffer leak after tree mod log failure at split_node()
- i2c: Delete error messages for failed memory allocations
- i2c: Improve size determinations
- PCI/ASPM: Return 0 or -ETIMEDOUT from pcie_retrain_link()
- PCI/ASPM: Factor out pcie_wait_for_retrain()
- PCI/ASPM: Avoid link retraining race
- dlm: cleanup plock_op vs plock_xop
- dlm: rearrange async condition return
- fs: dlm: interrupt posix locks only when process is killed
- drm/ttm: add ttm_bo_pin()/ttm_bo_unpin() v2
- drm/ttm: never consider pinned BOs for eviction&swap
- tracing: Show real address for trace event arguments
- [arm64,armhf] pwm: meson: Simplify duplicated per-channel tracking
- [arm64,armhf] pwm: meson: fix handling of period/duty if greater than
UINT_MAX
- ext4: fix to check return value of freeze_bdev() in ext4_shutdown()
- i40e: Fix an NULL vs IS_ERR() bug for debugfs_create_dir()
- net: phy: marvell10g: fix 88x3310 power up
- [arm64] net: hns3: reconstruct function hclge_ets_validate()
- [arm64] net: hns3: fix wrong bw weight of disabled tc issue
- vxlan: move to its own directory
- vxlan: calculate correct header length for GPE
- phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe()
- ethernet: atheros: fix return value check in atl1e_tso_csum()
- ipv6 addrconf: fix bug where deleting a mngtmpaddr can create a new
temporary address
- tcp: Reduce chance of collisions in inet6_hashfn(). (CVE-2023-1206)
- ice: Fix memory management in ice_ethtool_fdir.c
- bonding: reset bond's flags when down link is P2P device
- team: reset team's flags when down link is P2P device
- [x86] platform/x86: msi-laptop: Fix rfkill out-of-sync on MSI Wind U100
- netfilter: nft_set_rbtree: fix overlap expiration walk
- netfilter: nftables: add helper function to validate set element data
- netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
- netfilter: nf_tables: disallow rule addition to bound chain via
NFTA_RULE_CHAIN_ID (CVE-2023-4147)
- net/sched: mqprio: refactor nlattr parsing to a separate function
- net/sched: mqprio: add extack to mqprio_parse_nlattr()
- net/sched: mqprio: Add length check for TCA_MQPRIO_{MAX/MIN}_RATE64
- benet: fix return value check in be_lancer_xmit_workarounds()
- tipc: check return value of pskb_trim()
- tipc: stop tipc crypto on failure in tipc_node_create
- RDMA/mlx4: Make check for invalid flags stricter
- drm/msm/dpu: drop enum dpu_core_perf_data_bus_id
- drm/msm/adreno: Fix snapshot BINDLESS_DATA size
- RDMA/mthca: Fix crash when polling CQ for shared QPs
- drm/msm: Fix IS_ERR_OR_NULL() vs NULL check in a5xx_submit_in_rb()
- [armhf] ASoC: fsl_spdif: Silence output on stop
- block: Fix a source code comment in include/uapi/linux/blkzoned.h
- dm raid: fix missing reconfig_mutex unlock in raid_ctr() error paths
- dm raid: clean up four equivalent goto tags in raid_ctr()
- dm raid: protect md_stop() with 'reconfig_mutex'
- ata: pata_ns87415: mark ns87560_tf_read static
- ring-buffer: Fix wrong stat of cpu_buffer->read
- tracing: Fix warning in trace_buffered_event_disable()
- Revert "usb: gadget: tegra-xudc: Fix error check in
tegra_xudc_powerdomain_init()"
- USB: gadget: Fix the memory leak in raw_gadget driver
- serial: 8250_dw: Preserve original value of DLF register
- USB: serial: option: support Quectel EM060K_128
- USB: serial: option: add Quectel EC200A module support
- USB: serial: simple: add Kaufmann RKS+CAN VCP
- USB: serial: simple: sort driver entries
- can: gs_usb: gs_can_close(): add missing set of CAN state to
CAN_STATE_STOPPED
- Revert "usb: dwc3: core: Enable AutoRetry feature in the controller"
- usb: dwc3: pci: skip BYT GPIO lookup table for hardwired phy
- usb: dwc3: don't reset device side if dwc3 was configured as host-only
- usb: ohci-at91: Fix the unhandle interrupt when resume
- USB: quirks: add quirk for Focusrite Scarlett
- usb: xhci-mtk: set the dma max_seg_size
- Revert "usb: xhci: tegra: Fix error check"
- Documentation: security-bugs.rst: update preferences when dealing with the
linux-distros group
- Documentation: security-bugs.rst: clarify CVE handling
- staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext()
- tty: n_gsm: fix UAF in gsm_cleanup_mux
- ALSA: hda/relatek: Enable Mute LED on HP 250 G8
- hwmon: (nct7802) Fix for temp6 (PECI1) processed even if PECI1 disabled
- btrfs: check for commit error at btrfs_attach_transaction_barrier()
- file: always lock position for FMODE_ATOMIC_POS
- nfsd: Remove incorrect check in nfsd4_validate_stateid
- tpm_tis: Explicitly check for error code
- [arm64,armhf] irqchip/gic-v4.1: Properly lock VPEs when doing a directLPI
invalidation
- [x86] KVM: VMX: Invert handling of CR0.WP for EPT without unrestricted
guest
- [x86] KVM: VMX: Fold ept_update_paging_mode_cr0() back into vmx_set_cr0()
- [x86] KVM: nVMX: Do not clear CR3 load/store exiting bits if L1 wants 'em
- [x86] KVM: VMX: Don't fudge CR0 and CR4 for restricted L2 guest
- staging: rtl8712: Use constants from <linux/ieee80211.h>
- staging: r8712: Fix memory leak in _r8712_init_xmit_priv()
- btrfs: check if the transaction was aborted at btrfs_wait_for_commit()
- virtio-net: fix race between set queues and probe
- [s390x] dasd: fix hanging device after quiesce/resume
- [arm64] ASoC: wm8904: Fill the cache for WM8904_ADC_TEST_0 register
- ceph: never send metrics if disable_send_metrics is set
- dm cache policy smq: ensure IO doesn't prevent cleaner policy progress
- drm/ttm: make ttm_bo_unpin more defensive
- ACPI: processor: perflib: Use the "no limit" frequency QoS
- ACPI: processor: perflib: Avoid updating frequency QoS unnecessarily
- [x86] cpufreq: intel_pstate: Drop ACPI _PSS states table patching
- io_uring: treat -EAGAIN for REQ_F_NOWAIT as final for io-wq
- [armel,armhf] ASoC: cs42l51: fix driver to properly autoload with
automatic module loading
- [x86] kprobes/x86: Fix fall-through warnings for Clang
- [x86] kprobes: Do not decode opcode in resume_execution()
- [x86] kprobes: Retrieve correct opcode for group instruction
- [x86] kprobes: Identify far indirect JMP correctly
- [x86] kprobes: Use int3 instead of debug trap for single-step
- [x86] kprobes: Fix to identify indirect jmp and others using range case
- [x86] kprobes: Move 'inline' to the beginning of the kprobe_is_ss()
declaration
- [x86] kprobes: Update kcb status flag after singlestepping
- [x86] kprobes: Fix JNG/JNLE emulation
- io_uring: gate iowait schedule on having pending requests
- perf: Fix function pointer case
- loop: Select I/O scheduler 'none' from inside add_disk()
- [arm64] dts: imx8mn-var-som: add missing pull-up for onboard PHY reset
pinmux
- word-at-a-time: use the same return type for has_zero regardless of
endianness
- [s390x] KVM: s390: fix sthyi error handling
- wifi: cfg80211: Fix return value in scan logic
- net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx
- net/mlx5e: fix return value check in mlx5e_ipsec_remove_trailer()
- bpf: Add length check for SK_DIAG_BPF_STORAGE_REQ_MAP_FD parsing
- rtnetlink: let rtnl_bridge_setlink checks IFLA_BRIDGE_MODE length
- [armhf] net: dsa: fix value check in bcm_sf2_sw_probe()
- net: sched: cls_u32: Fix match key mis-addressing
- mISDN: hfcpci: Fix potential deadlock on &hc->lock
- net: annotate data-races around sk->sk_max_pacing_rate
- net: add missing READ_ONCE(sk->sk_rcvlowat) annotation
- net: add missing READ_ONCE(sk->sk_sndbuf) annotation
- net: add missing READ_ONCE(sk->sk_rcvbuf) annotation
- net: add missing data-race annotations around sk->sk_peek_off
- net: add missing data-race annotation for sk_ll_usec
- net/sched: cls_u32: No longer copy tcf_result on update to avoid
use-after-free (CVE-2023-4128)
- net/sched: cls_fw: No longer copy tcf_result on update to avoid
use-after-free (CVE-2023-4128)
- net/sched: cls_route: No longer copy tcf_result on update to avoid
use-after-free (CVE-2023-4128)
- bpf: sockmap: Remove preempt_disable in sock_map_sk_acquire
- net: netsec: Ignore 'phy-mode' on SynQuacer in DT mode
- net: dcb: choose correct policy to parse DCB_ATTR_BCN
- [s390x] qeth: Don't call dev_close/dev_open (DOWN/UP)
- ip6mr: Fix skb_under_panic in ip6mr_cache_report()
- vxlan: Fix nexthop hash size
- net/mlx5: fs_core: Make find_closest_ft more generic
- net/mlx5: fs_core: Skip the FTs in the same FS_TYPE_PRIO_CHAINS fs_prio
- tcp_metrics: fix addr_same() helper
- tcp_metrics: annotate data-races around tm->tcpm_stamp
- tcp_metrics: annotate data-races around tm->tcpm_lock
- tcp_metrics: annotate data-races around tm->tcpm_vals[]
- tcp_metrics: annotate data-races around tm->tcpm_net
- tcp_metrics: fix data-race in tcpm_suck_dst() vs fastopen
- scsi: zfcp: Defer fc_rport blocking until after ADISC response
- libceph: fix potential hang in ceph_osdc_notify()
- USB: zaurus: Add ID for A-300/B-500/C-700
- ceph: defer stopping mdsc delayed_work
- exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree
- exfat: release s_lock before calling dir_emit()
- [arm64] dts: stratix10: fix incorrect I2C property for SCL signal
- net: tun_chr_open(): set sk_uid from current_fsuid() (CVE-2023-4194)
- net: tap_open(): set sk_uid from current_fsuid() (CVE-2023-4194)
- bpf: Disable preemption in bpf_event_output
- open: make RESOLVE_CACHED correctly test for O_TMPFILE
- drm/ttm: check null pointer before accessing when swapping
- file: reinstate f_pos locking optimization for regular files
- tracing: Fix sleeping while atomic in kdb ftdump
- fs/sysv: Null check to prevent null-ptr-deref bug
- Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
(CVE-2023-40283)
- net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb
- fs: Protect reconfiguration of sb read-write from racing writes
- [powerpc*] mm/altmap: Fix altmap boundary check
- soundwire: bus: add better dev_dbg to track complete() calls
- soundwire: bus: pm_runtime_request_resume on peripheral attachment
- soundwire: fix enumeration completion
- PM / wakeirq: support enabling wake-up irq after runtime_suspend called
- PM: sleep: wakeirq: fix wake irq arming
- exfat: speed up iterate/lookup by fixing start point of traversing cluster
chain
- exfat: support dynamic allocate bh for exfat_entry_set_cache
- exfat: check if filename entries exceeds max filename length
(CVE-2023-4273)
- mt76: move band capabilities in mt76_phy
- mt76: mt7615: Fix fall-through warnings for Clang
- wifi: mt76: mt7615: do not advertise 5 GHz on first phy of MT7615D (DBDC)
- [x86] CPU/AMD: Do not leak quotient data after a division by 0
(CVE-2023-20588)
https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.191
- wireguard: allowedips: expand maximum node depth
- ipv6: adjust ndisc_is_useropt() to also return true for PIO
- bpf: allow precision tracking for programs with subprogs
- bpf: stop setting precise in current state
- bpf: aggressively forget precise markings during state checkpointing
- [arm64,armhf] dmaengine: pl330: Return DMA_PAUSED when transaction is
paused
- drm/nouveau/gr: enable memory loads on helper invocation on all channels
- drm/shmem-helper: Reset vma->vm_ops before calling dma_buf_mmap()
- drm/amd/display: check attr flag before set cursor degamma on DCN3+
- [x86] x86/pkeys: Revert
a5eff7259790 ("x86/pkeys: Add PKRU value to
init_fpstate") (Closes: #
1044518)
- nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput
- io_uring: correct check for O_TMPFILE
- [arm64] iio: cros_ec: Fix the allocation size for cros_ec_command
- [arm*] binder: fix memory leak in binder_init()
- usb-storage: alauda: Fix uninit-value in alauda_check_media()
- [arm64,armhf] usb: dwc3: Properly handle processing of pending events
- [arm64,armhf] usb: common: usb-conn-gpio: Prevent bailing out if initial
role is none
- [x86] cpu/amd: Enable Zenbleed fix for AMD Custom APU 0405
- [x86] mm: Fix VDSO and VVAR placement on 5-level paging machines
- [x86] speculation: Add cpu_show_gds() prototype
- [x86] Move gds_ucode_mitigated() declaration to header
- drm/nouveau/disp: Revert a NULL check inside nouveau_connector_get_modes
- mISDN: Update parameter type of dsp_cmx_send()
- net/packet: annotate data-races around tp->status
- tunnels: fix kasan splat when generating ipv4 pmtu error
- bonding: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves
- dccp: fix data-race around dp->dccps_mss_cache
- drivers: net: prevent tun_build_skb() to exceed the packet size limit
- [amd64] IB/hfi1: Fix possible panic during hotplug remove
- wifi: cfg80211: fix sband iftype data lookup for AP_VLAN
- net: phy: at803x: remove set/get wol callbacks for AR8032
- [arm64] net: hns3: refactor hclge_mac_link_status_wait for interface reuse
- [arm64] net: hns3: add wait until mac link down
- net/mlx5: Allow 0 for total host VFs
- btrfs: don't stop integrity writeback too early
- btrfs: set cache_block_group_error if we find an error
- nvme-tcp: fix potential unbalanced freeze & unfreeze
- nvme-rdma: fix potential unbalanced freeze & unfreeze
- netfilter: nf_tables: report use refcount overflow
- scsi: core: Fix legacy /proc parsing buffer overflow
- [x86] scsi: storvsc: Fix handling of virtual Fibre Channel timeouts
- scsi: snic: Fix possible memory leak if device_add() fails
- scsi: core: Fix possible memory leak if device_add() fails
- scsi: qedi: Fix firmware halt over suspend and resume
- scsi: qedf: Fix firmware halt over suspend and resume
- sch_netem: fix issues in netem_change() vs get_dist_table()
[ Ben Hutchings ]
* d/b/test-patches: Fix installability; improve robustness and efficiency
(Closes: #871216, #
1035359):
- d/b/gencontrol.py: Add optional extra config dir debian/config.local
- d/b/gencontrol.py: Add support for noudeb build profile
- d/b/test-patches: Change ABI name to make packages co-installable
- d/b/test-patches: Make debug info optional and disabled by default
- d/b/test-patches: Build a linux-headers-common package as well
- d/b/test-patches: Tolerate missing d/control, d/rules.gen, or d/p/test
- d/b/test-patches: Detect flavour correctly when running backported kernel
- Add pkg.linux.mintools profile for building minimal userland tools
- d/b/test-patches: Build linux-{kbuild,bootwrapper} packages
[ Salvatore Bonaccorso ]
* [rt] Update to 5.10.180-rt88
* Bump ABI to 25
* Drop unknown config setting NET_CLS_TCINDEX
* Drop unknown config setting BLK_DEV_SX8
* [rt] Update to 5.10.184-rt90
* Drop "decnet: Disable auto-loading as mitigation against local exploits"
* Drop now unknown config options for DECnet support
* [rt] Update to 5.10.186-rt91
[dgit import unpatched linux 5.10.191-1]
projects / linux.git / log