dgit.raspbian.org Git - linux.git/log

alpha: Fix missing symbol versions for str{,n}{cat,cpy}

Origin: https://marc.info/?l=linux-alpha&m=167364720725291&w=2

Now that modpost extracts symbol versions from *.cmd files, it can't
find the versions for these 4 symbols. This is due to the way we link
their objects together ahead of the full vmlinux link. genksyms puts
their symbol CRCs in .str{,n}{cat,cpy}.o.cmd, but modpost only reads
the .sty{,n}cpy.o.cmd files.

Add assembly sources that bring the appropriate routines together with
include directives instead of using the linker for this.

Reported-by: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>
Fixes: f292d875d0dc ("modpost: extract symbol versions from *.cmd files")
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic bugfix/alpha
Gbp-Pq: Name alpha-fix-missing-symbol-versions-for-str-n-cat-cpy.patch

arm64/acpi: Add fixup for HPE m400 quirks

Forwarded: https://patchwork.codeaurora.org/patch/547277/

Adds a new ACPI init routine acpi_fixup_m400_quirks that adds
a work-around for HPE ProLiant m400 APEI firmware problems.

The work-around disables APEI when CONFIG_ACPI_APEI is set and
m400 firmware is detected.  Without this fixup m400 systems
experience errors like these on startup:

  [Hardware Error]: Hardware error from APEI Generic Hardware Error Source: 2
  [Hardware Error]: event severity: fatal
  [Hardware Error]:  Error 0, type: fatal
  [Hardware Error]:   section_type: memory error
  [Hardware Error]:   error_status: 0x0000000000001300
  [Hardware Error]:   error_type: 10, invalid address
  Kernel panic - not syncing: Fatal hardware error!

Signed-off-by: Geoff Levand <geoff@infradead.org>
[bwh: Adjust context to apply to Linux 4.19]

Gbp-Pq: Topic bugfix/arm64
Gbp-Pq: Name arm64-acpi-Add-fixup-for-HPE-m400-quirks.patch

powerpc/boot: Fix missing crc32poly.h when building with KERNEL_XZ

Origin: https://patchwork.ozlabs.org/patch/963258/

After commit faa16bc404d7 ("lib: Use existing define with
polynomial") the lib/xz/xz_crc32.c includes a header from include/linux
directory thus any other user of this code should define proper include
path.

This fixes the build error on powerpc with CONFIG_KERNEL_XZ:

    In file included from ../arch/powerpc/boot/../../../lib/decompress_unxz.c:233:0,
                     from ../arch/powerpc/boot/decompress.c:42:
    ../arch/powerpc/boot/../../../lib/xz/xz_crc32.c:18:29: fatal error: linux/crc32poly.h: No such file or directory

Reported-by: Michal Kubecek <mkubecek@suse.cz>
Fixes: faa16bc404d7 ("lib: Use existing define with polynomial")
Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
Reported-by: kbuild test robot <lkp@intel.com>
Reported-by: Meelis Roos <mroos@linux.ee>
Tested-by: Michal Kubecek <mkubecek@suse.cz>
Gbp-Pq: Topic bugfix/powerpc
Gbp-Pq: Name powerpc-boot-fix-missing-crc32poly.h-when-building-with-kernel_xz.patch

ARM: mm: Export __sync_icache_dcache() for xen-privcmd

Forwarded: https://marc.info/?l=linux-arm-kernel&m=153134944429241

The xen-privcmd driver, which can be modular, calls set_pte_at()
which in turn may call __sync_icache_dcache().

The call to __sync_icache_dcache() may be optimised out because it is
conditional on !pte_special(), and xen-privcmd calls pte_mkspecial().
However, in a non-LPAE configuration there is no "special" bit and the
call is really unconditional.

Fixes: 3ad0876554ca ("xen/privcmd: add IOCTL_PRIVCMD_MMAP_RESOURCE")
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic bugfix/arm
Gbp-Pq: Name arm-mm-export-__sync_icache_dcache-for-xen-privcmd.patch

sh: Do not use hyphen in exported variable names

arch/sh/Makefile defines and exports ld-bfd to be used by
arch/sh/boot/Makefile and arch/sh/boot/compressed/Makefile. However
some shells, including dash, will not pass through environment
variables whose name includes a hyphen. Usually GNU make does not use
a shell to recurse, but if e.g. $(srctree) contains '~' it will use a
shell here.

Rename the variable to ld_bfd.

(Another instance of this problem was fixed upstream by commit
82977af93a0d "sh: rename suffix-y to suffix_y".)

References: https://buildd.debian.org/status/fetch.php?pkg=linux&arch=sh4&ver=4.13%7Erc5-1%7Eexp1&stamp=1502943967&raw=0
Fixes: ef9b542fce00 ("sh: bzip2/lzma uImage support.")
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic bugfix/sh
Gbp-Pq: Name sh-boot-do-not-use-hyphen-in-exported-variable-name.patch

perf tools: Fix unwind build on i386

Forwarded: no

EINVAL may not be defined when building unwind-libunwind.c with
REMOTE_UNWIND_LIBUNWIND, resulting in a compiler error in
LIBUNWIND__ARCH_REG_ID(). Its only caller, access_reg(), only checks
for a negative return value and doesn't care what it is. So change
-EINVAL to -1.

Fixes: 52ffe0ff02fc ("Support x86(32-bit) cross platform callchain unwind.")
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic bugfix/x86
Gbp-Pq: Name perf-tools-fix-unwind-build-on-i386.patch

ARM: dts: kirkwood: Fix SATA pinmux-ing for TS419

Forwarded: https://www.spinics.net/lists/arm-kernel/msg563610.html
Bug-Debian: https://bugs.debian.org/855017

The old board code for the TS419 assigns MPP pins 15 and 16 as SATA
activity signals (and none as SATA presence signals). Currently the
device tree assigns the SoC's default pinmux groups for SATA, which
conflict with the second Ethernet port.

Reported-by: gmbh@gazeta.pl
Tested-by: gmbh@gazeta.pl
References: https://bugs.debian.org/855017
Cc: stable@vger.kernel.org # 3.15+
Fixes: 934b524b3f49 ("ARM: Kirkwood: Add DT description of QNAP 419")
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic bugfix/arm
Gbp-Pq: Name arm-dts-kirkwood-fix-sata-pinmux-ing-for-ts419.patch

btrfs: warn about RAID5/6 being experimental at mount time

Bug-Debian: https://bugs.debian.org/863290
Origin: https://bugs.debian.org/863290#5

Too many people come complaining about losing their data -- and indeed,
there's no warning outside a wiki and the mailing list tribal knowledge.
Message severity chosen for consistency with XFS -- "alert" makes dmesg
produce nice red background which should get the point across.

Signed-off-by: Adam Borowski <kilobyte@angband.pl>
[bwh: Also add_taint() so this is flagged in bug reports]

Gbp-Pq: Topic debian
Gbp-Pq: Name btrfs-warn-about-raid5-6-being-experimental-at-mount.patch

fanotify: Taint on use of FANOTIFY_ACCESS_PERMISSIONS

Forwarded: not-needed

Various free and proprietary AV products use this feature and users
apparently want it. But punting access checks to userland seems like
an easy way to deadlock the system, and there will be nothing we can
do about that. So warn and taint the kernel if this feature is
actually used.

Gbp-Pq: Topic debian
Gbp-Pq: Name fanotify-taint-on-use-of-fanotify_access_permissions.patch

fjes: Disable auto-loading

Bug-Debian: https://bugs.debian.org/853976
Forwarded: no

fjes matches a generic ACPI device ID, and relies on its probe
function to distinguish whether that really corresponds to a supported
device. Very few system will need the driver and it wastes memory on
all the other systems where the same device ID appears, so disable
auto-loading.

Gbp-Pq: Topic debian
Gbp-Pq: Name fjes-disable-autoload.patch

viafb: Autoload on OLPC XO 1.5 only

Bug-Debian: https://bugs.debian.org/705788
Forwarded: no

It appears that viafb won't work automatically on all the boards for
which it has a PCI device ID match. Currently, it is blacklisted by
udev along with most other framebuffer drivers, so this doesn't matter
much.

However, this driver is required for console support on the XO 1.5.
We need to allow it to be autoloaded on this model only, and then
un-blacklist it in udev.

Gbp-Pq: Topic bugfix/x86
Gbp-Pq: Name viafb-autoload-on-olpc-xo1.5-only.patch

snd-pcsp: Disable autoload

Forwarded: not-needed
Bug-Debian: https://bugs.debian.org/697709

There are two drivers claiming the platform:pcspkr device:
- pcspkr creates an input(!) device that can only beep
- snd-pcsp creates an equivalent input device plus a PCM device that can
  play barely recognisable renditions of sampled sound

snd-pcsp is blacklisted by the alsa-base package, but not everyone
installs that.  On PCs where no sound is wanted at all, both drivers
will still be loaded and one or other will complain that it couldn't
claim the relevant I/O range.

In case anyone finds snd-pcsp useful, we continue to build it.  But
remove the alias, to ensure it's not loaded where it's not wanted.

Gbp-Pq: Topic debian
Gbp-Pq: Name snd-pcsp-disable-autoload.patch

cdc_ncm,cdc_mbim: Use NCM by default

Forwarded: not-needed

Devices that support both NCM and MBIM modes should be kept in NCM
mode unless there is userland support for MBIM.

Set the default value of cdc_ncm.prefer_mbim to false and leave it to
userland (modem-manager) to override this with a modprobe.conf file
once it's ready to speak MBIM.

Gbp-Pq: Topic debian
Gbp-Pq: Name cdc_ncm-cdc_mbim-use-ncm-by-default.patch

intel-iommu: Add Kconfig option to exclude iGPU by default

Bug-Debian: https://bugs.debian.org/935270
Bug-Kali: https://bugs.kali.org/view.php?id=5644

There is still laptop firmware that touches the integrated GPU behind
the operating system's back, and doesn't say so in the RMRR table.
Enabling the IOMMU for all devices causes breakage.

Replace CONFIG_INTEL_IOMMU_DEFAULT_ON with a 3-way choice
corresponding to "on", "off", and "on,intgpu_off".

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic features/x86
Gbp-Pq: Name intel-iommu-add-kconfig-option-to-exclude-igpu-by-default.patch

intel-iommu: Add option to exclude integrated GPU only

Bug-Debian: https://bugs.debian.org/935270
Bug-Kali: https://bugs.kali.org/view.php?id=5644

There is still laptop firmware that touches the integrated GPU behind
the operating system's back, and doesn't say so in the RMRR table.
Enabling the IOMMU for all devices causes breakage, but turning it off
for all graphics devices seems like a major weakness.

Add an option, intel_iommu=intgpu_off, to exclude only integrated GPUs
from remapping. This is a narrower exclusion than igfx_off: it only
affects Intel devices on the root bus. Devices attached through an
external port (Thunderbolt or ExpressCard) won't be on the root bus.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic features/x86
Gbp-Pq: Name intel-iommu-add-option-to-exclude-integrated-gpu-only.patch

security,perf: Allow further restriction of perf_event_open

Forwarded: https://lkml.org/lkml/2016/1/11/587

When kernel.perf_event_open is set to 3 (or greater), disallow all
access to performance events by users without CAP_SYS_ADMIN.
Add a Kconfig symbol CONFIG_SECURITY_PERF_EVENTS_RESTRICT that
makes this value the default.

This is based on a similar feature in grsecurity
(CONFIG_GRKERNSEC_PERF_HARDEN). This version doesn't include making
the variable read-only. It also allows enabling further restriction
at run-time regardless of whether the default is changed.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic features/all
Gbp-Pq: Name security-perf-allow-further-restriction-of-perf_event_open.patch

add sysctl to disallow unprivileged CLONE_NEWUSER by default

Origin: http://kernel.ubuntu.com/git?p=serge%2Fubuntu-saucy.git;a=commit;h=5c847404dcb2e3195ad0057877e1422ae90892b8

add sysctl to disallow unprivileged CLONE_NEWUSER by default

This is a short-term patch. Unprivileged use of CLONE_NEWUSER
is certainly an intended feature of user namespaces. However
for at least saucy we want to make sure that, if any security
issues are found, we have a fail-safe.

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
[bwh: Remove unneeded binary sysctl bits]
[bwh: Keep this sysctl, but change the default to enabled]

Gbp-Pq: Topic debian
Gbp-Pq: Name add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by-default.patch

yama: Disable by default

Bug-Debian: https://bugs.debian.org/712740
Forwarded: not-needed

Gbp-Pq: Topic debian
Gbp-Pq: Name yama-disable-by-default.patch

sched: Do not enable autogrouping by default

Forwarded: not-needed

We want to provide the option of autogrouping but without enabling
it by default yet.

Gbp-Pq: Topic debian
Gbp-Pq: Name sched-autogroup-disabled.patch

fs: Enable link security restrictions by default

Bug-Debian: https://bugs.debian.org/609455
Forwarded: not-needed

This reverts commit 561ec64ae67ef25cac8d72bb9c4bfc955edfd415
('VFS: don't do protected {sym,hard}links by default').

Gbp-Pq: Topic debian
Gbp-Pq: Name fs-enable-link-security-restrictions-by-default.patch

hamradio: Disable auto-loading as mitigation against local exploits

Forwarded: not-needed

We can mitigate the effect of vulnerabilities in obscure protocols by
preventing unprivileged users from loading the modules, so that they
are only exploitable on systems where the administrator has chosen to
load the protocol.

The 'ham' radio protocols (ax25, netrom, rose) are not actively
maintained or widely used. Therefore disable auto-loading.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic debian
Gbp-Pq: Name hamradio-disable-auto-loading-as-mitigation-against-local-exploits.patch

dccp: Disable auto-loading as mitigation against local exploits

Forwarded: not-needed

We can mitigate the effect of vulnerabilities in obscure protocols by
preventing unprivileged users from loading the modules, so that they
are only exploitable on systems where the administrator has chosen to
load the protocol.

The 'dccp' protocol is not actively maintained or widely used.
Therefore disable auto-loading.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic debian
Gbp-Pq: Name dccp-disable-auto-loading-as-mitigation-against-local-exploits.patch

[PATCH 1/3] rds: Disable auto-loading as mitigation against local exploits

Forwarded: not-needed

Recent review has revealed several bugs in obscure protocol
implementations that can be exploited by local users for denial of
service or privilege escalation. We can mitigate the effect of any
remaining vulnerabilities in such protocols by preventing unprivileged
users from loading the modules, so that they are only exploitable on
systems where the administrator has chosen to load the protocol.

The 'rds' protocol is one such protocol that has been found to be
vulnerable, and which was not present in the 'lenny' kernel.
Therefore disable auto-loading.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic debian
Gbp-Pq: Name rds-Disable-auto-loading-as-mitigation-against-local.patch

[PATCH 2/3] af_802154: Disable auto-loading as mitigation against local exploits

Forwarded: not-needed

Recent review has revealed several bugs in obscure protocol
implementations that can be exploited by local users for denial of
service or privilege escalation. We can mitigate the effect of any
remaining vulnerabilities in such protocols by preventing unprivileged
users from loading the modules, so that they are only exploitable on
systems where the administrator has chosen to load the protocol.

The 'af_802154' (IEEE 802.15.4) protocol is not widely used, was
not present in the 'lenny' kernel, and seems to receive only sporadic
maintenance. Therefore disable auto-loading.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic debian
Gbp-Pq: Name af_802154-Disable-auto-loading-as-mitigation-against.patch

[PATCH] arm: dts: bcm: Enable device-tree overlay support for RPi devices

Origin: https://git.kernel.org/linus/e925743edc0d86fb846d952190d005bac8a6e373

Add the '-@' DTC option for the Raspberry Pi devices. This option
populates the '__symbols__' node that contains all the necessary symbols
for supporting device-tree overlays (for instance from the firmware or
the bootloader) on these devices.

The Rasbperry Pi devices are well known for their GPIO header, that
allow various "HATs" or other modules do be connected and this enables
users to create out-of-tree device-tree overlays for these modules.

Please note that this change does increase the size of the resulting DTB
by ~40%. For example, with v6.4-rc1 increase in size is as follows:

  bcm2711-rpi-400.dtb       27556 -> 38141 bytes
  bcm2711-rpi-4-b.dtb       27484 -> 38069 bytes
  bcm2711-rpi-cm4-io.dtb    27373 -> 38076 bytes
  bcm2835-rpi-a.dtb         12879 -> 18235 bytes
  bcm2835-rpi-a-plus.dtb    13015 -> 18371 bytes
  bcm2835-rpi-b.dtb         12997 -> 18377 bytes
  bcm2835-rpi-b-plus.dtb    13237 -> 18666 bytes
  bcm2835-rpi-b-rev2.dtb    13085 -> 18514 bytes
  bcm2835-rpi-cm1-io1.dtb   13109 -> 18528 bytes
  bcm2835-rpi-zero.dtb      12923 -> 18311 bytes
  bcm2835-rpi-zero-w.dtb    13449 -> 18889 bytes
  bcm2836-rpi-2-b.dtb       14500 -> 20252 bytes
  bcm2837-rpi-3-a-plus.dtb  14930 -> 20713 bytes
  bcm2837-rpi-3-b.dtb       15107 -> 20979 bytes
  bcm2837-rpi-3-b-plus.dtb  15463 -> 21443 bytes
  bcm2837-rpi-cm3-io3.dtb   14429 -> 20098 bytes
  bcm2837-rpi-zero-2-w.dtb  14781 -> 20524 bytes

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Link: https://lore.kernel.org/r/20220410225940.135744-3-aurelien@aurel32.net
[ukleinek: rebased to v6.4-rc1]
Signed-off-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de>
Acked-by: Conor Dooley <conor.dooley@microchip.com>
Signed-off-by: Florian Fainelli <florian.fainelli@broadcom.com>
Gbp-Pq: Topic features/arm
Gbp-Pq: Name arm-dts-bcm-Enable-device-tree-overlay-support-for-R.patch

firmware_class: Refer to Debian wiki page when logging missing firmware

Bug-Debian: https://bugs.debian.org/888405
Forwarded: not-needed

If firmware loading fails due to a missing file, log a second error
message referring to our wiki page about firmware. This will explain
why some firmware is in non-free, or can't be packaged at all. Only
do this once per boot.

Do something similar in the radeon and amdgpu drivers, where we have
an early check to avoid failing at a point where we cannot display
anything.

Gbp-Pq: Topic debian
Gbp-Pq: Name firmware_class-refer-to-debian-wiki-firmware-page.patch

radeon, amdgpu: Firmware is required for DRM and KMS on R600 onward

Bug-Debian: https://bugs.debian.org/607194
Bug-Debian: https://bugs.debian.org/607471
Bug-Debian: https://bugs.debian.org/610851
Bug-Debian: https://bugs.debian.org/627497
Bug-Debian: https://bugs.debian.org/632212
Bug-Debian: https://bugs.debian.org/637943
Bug-Debian: https://bugs.debian.org/649448
Bug-Debian: https://bugs.debian.org/697229
Forwarded: no

radeon requires firmware/microcode for the GPU in all chips, but for
newer chips (apparently R600 'Evergreen' onward) it also expects
firmware for the memory controller and other sub-blocks.

radeon attempts to gracefully fall back and disable some features if
the firmware is not available, but becomes unstable - the framebuffer
and/or system memory may be corrupted, or the display may stay black.

Therefore, perform a basic check for the existence of
/lib/firmware/{radeon,amdgpu} when a device is probed, and abort if it
is missing, except for the pre-R600 case.

Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name radeon-amdgpu-firmware-is-required-for-drm-and-kms-on-r600-onward.patch

firmware: Remove redundant log messages from drivers

Forwarded: no

Now that firmware_class logs every success and failure consistently,
many other log messages can be removed from drivers.

This will probably need to be split up into multiple patches prior to
upstream submission.

Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name firmware-remove-redundant-log-messages-from-drivers.patch

firmware_class: Log every success and failure against given device

Forwarded: no

The hundreds of users of request_firmware() have nearly as many
different log formats for reporting failures.  They also have only the
vaguest hint as to what went wrong; only firmware_class really knows
that.  Therefore, add specific log messages for the failure modes that
aren't currently logged.

In case of a driver that tries multiple names, this may result in the
impression that it failed to initialise.  Therefore, also log successes.

This makes many error messages in drivers redundant, which will be
removed in later patches.

This does not cover the case where we fall back to a user-mode helper
(which is no longer enabled in Debian).

NOTE: hw-detect will depend on the "firmware: failed to load %s (%d)\n"
format to detect missing firmware.

Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name firmware_class-log-every-success-and-failure.patch

iwlwifi: Do not request unreleased firmware for IWL6000

Bug-Debian: https://bugs.debian.org/689416
Forwarded: not-needed

The iwlwifi driver currently supports firmware API versions 4-6 for
these devices.  It will request the file for the latest supported
version and then fall back to earlier versions.  However, the latest
version that has actually been released is 4, so we expect the
requests for versions 6 and then 5 to fail.

The installer appears to report any failed request, and it is probably
not easy to detect that this particular failure is harmless.  So stop
requesting the unreleased firmware.

Gbp-Pq: Topic debian
Gbp-Pq: Name iwlwifi-do-not-request-unreleased-firmware.patch

af9005: Use request_firmware() to load register init script

Forwarded: no

Read the register init script from the Windows driver. This is sick
but should avoid the potential copyright infringement in distributing
a version of the script which is directly derived from the driver.

Gbp-Pq: Topic features/all
Gbp-Pq: Name drivers-media-dvb-usb-af9005-request_firmware.patch

Makefile: Make compiler version comparison optional

Forwarded: not-needed
Bug-Debian: https://bugs.debian.org/1019749

The top-level Makefile warns if the compiler version string changes at
all between the kernel build and an out-of-tree module build.

We expect that major compiler version changes could introduce ABI
changes, and override the CC variable in out-of-tree module builds to
ensure that the same major compiler version is used. But minor
version changes should not make a difference, so this exact version
comparison produces false warnings.

Since custom kernel packages don't have that, don't remove the version
comparison. Instead, skip it if $(DEBIAN_KERNEL_NO_CC_VERSION_CHECK)
is non-empty.

Gbp-Pq: Topic debian
Gbp-Pq: Name makefile-make-compiler-version-comparison-optional.patch

module: Avoid ABI changes when debug info is disabled

Forwarded: not-needed

CI builds are done with debug info disabled, but this removes some
members from struct module. This causes builds to fail if there is an
ABI reference for the current ABI.

Define these members unconditionally, so that there is no ABI change.

Gbp-Pq: Topic debian
Gbp-Pq: Name module-avoid-abi-changes-when-debug-info-is-disabled.patch

kbuild: Abort build if SUBDIRS used

Forwarded: not-needed
Bug-Debian: https://bugs.debian.org/987575

DKMS and module-assistant both build OOT modules as root. If they
build an old OOT module that still use SUBDIRS this causes Kbuild
to try building a full kernel, which obviously fails but not before
deleting files from the installed headers package.

To avoid such mishaps, detect this situation and abort the build.

The error message is based on that used in commit 0126be38d988
"kbuild: announce removal of SUBDIRS if used".

Gbp-Pq: Topic debian
Gbp-Pq: Name kbuild-abort-build-if-subdirs-used.patch

kbuild: Look for module.lds under arch directory too

Forwarded: not-needed
Bug-Debian: https://bugs.debian.org/975571

The module.lds linker script is now built under the scripts directory,
where previously it was under arch/$(SRCARCH).

However, we package the scripts directory as linux-kbuild, which is
meant to be able to do support native and cross-builds. That means it
shouldn't contain files for a specific target architecture without a
wrapper to select between them, and it doesn't appear that linker
scripts are powerful enough to implement such a wrapper.

Building module.lds in a different location would require relatively
large changes. Moving it in the package build rules can work, but we
need to support custom kernel builds from the same source so we can't
assume it's moved.

Therefore, we move module.lds under the arch build directory in
rules.real and change Makefile.modfinal to look for it in both places.

Gbp-Pq: Topic debian
Gbp-Pq: Name kbuild-look-for-module.lds-under-arch-directory-too.patch

[PATCH 2/2] perf/traceevent: Support asciidoctor for documentation

From cd02fc78859ef9aefd7c92406f9523622da0b472 Mon Sep 17 00:00:00 2001
Forwarded: not-needed

Gbp-Pq: Topic debian
Gbp-Pq: Name perf-traceevent-support-asciidoctor-for-documentatio.patch

[PATCH 1/2] Documentation: Drop sphinx version check

From 252aa79fdbd4ac2da09d9b98f81bf11f5e3e1870 Mon Sep 17 00:00:00 2001
Forwarded: not-needed

Gbp-Pq: Topic debian
Gbp-Pq: Name documentation-drop-sphinx-version-check.patch

android: Enable building ashmem and binder as modules

Bug-Debian: https://bugs.debian.org/901492

We want to enable use of the Android ashmem and binder drivers to
support Anbox, but they should not be built-in as that would waste
resources and increase security attack surface on systems that don't
need them.

- Add a MODULE_LICENSE declaration to ashmem
- Change the Makefiles to build each driver as an object with the
"_linux" suffix (which is what Anbox expects)
- Change config symbol types to tristate

Update:
In upstream commit 721412ed3d titled "staging: remove ashmem" the ashmem
driver was removed entirely. Secondary commit message:
"The mainline replacement for ashmem is memfd, so remove the legacy
code from drivers/staging/"
Consequently, the ashmem part of this patch has been removed.

Gbp-Pq: Topic debian
Gbp-Pq: Name android-enable-building-ashmem-and-binder-as-modules.patch

Export symbols needed by Android drivers

Bug-Debian: https://bugs.debian.org/901492

We want to enable use of the Android ashmem and binder drivers to
support Anbox, but they should not be built-in as that would waste
resources and increase security attack surface on systems that don't
need them.

Export the currently un-exported symbols they depend on.

Gbp-Pq: Topic debian
Gbp-Pq: Name export-symbols-needed-by-android-drivers.patch

wireless: Add Debian wireless-regdb certificates

Forwarded: not-needed

This hex dump is generated using:

{
    for cert in debian/certs/wireless-regdb-*.pem; do
        openssl x509 -in $cert -outform der;
    done
} | hexdump -v -e '1/1 "0x%.2x," "\n"' > net/wireless/certs/debian.hex

Gbp-Pq: Topic debian
Gbp-Pq: Name wireless-add-debian-wireless-regdb-certificates.patch

tools: install perf python bindings

Bug-Debian: http://bugs.debian.org/860957
Forwarded: not-needed

Gbp-Pq: Topic debian
Gbp-Pq: Name tools-perf-install-python-bindings.patch

linux-tools: Install perf-read-vdso{,x}32 in directory under /usr/lib

Gbp-Pq: Topic debian
Gbp-Pq: Name tools-perf-perf-read-vdso-in-libexec.patch

[sh4] Fix uImage build

Bug-Debian: https://bugs.debian.org/569034
Forwarded: not-needed

[bwh: This was added without a description, but I think it is done
only to avoid a build-dependency on u-boot-tools.]

Gbp-Pq: Topic debian
Gbp-Pq: Name arch-sh4-fix-uimage-build.patch

Use RELAXED ieee754 mode for Loongson-3 as 3A 4000 is 2008-only

Forwarded: not-needed

There are 2 mode of value of IEEE NaN hardcoded by CPU.
Currently, our mipsel/mips64el port is in so-called lagacy mode.
Loongson 3A 4000 is set as the so-called 2008 mode.

To make Debian workable on Loongson 3A 4000, we need set the kerenl in
RELAXED mode.

https://web.archive.org/web/20180830093617/https://dmz-portal.mips.com/wiki/MIPS_ABI_-_NaN_Interlinking

Gbp-Pq: Topic debian
Gbp-Pq: Name mips-ieee754-relaxed.patch

Disable uImage generation for mips generic

Forwarded: not-needed

MIPS generic trys to generate uImage when build, which then ask for
u-boot-tools.

[bwh: Updated for 5.17:
- zload-y is no longer assigned here and appears to default to empty
- Adjust context]

Gbp-Pq: Topic debian
Gbp-Pq: Name mips-boston-disable-its.patch

[PATCH] Partially revert "MIPS: Add -Werror to arch/mips/Kbuild"

Forwarded: not-needed

This reverts commits 66f9ba101f54bda63ab1db97f9e9e94763d0651b and
5373633cc9253ba82547473e899cab141c54133e.

We really don't want to add -Werror anywhere.

Gbp-Pq: Topic debian
Gbp-Pq: Name mips-disable-werror.patch

Hardcode arch script output

Bug-Debian: https://bugs.debian.org/392592
Forwarded: not-needed

Here's a patch that simply uses hardcoded definitions instead of
doing the dynamic tests that require architecture-specific scripts.

I don't particularly like this approach because it restricts
portability and diverts from upstream. But, it is simpler, and this
really needs to be fixed somehow before etch (along with a rebuild of
linux-modules-extra-2.6), so I'm willing to live with it if my other
patch is deemed unacceptable.

My primary concern is that, in the future, the output of these scripts
will change and we (or our successors) will either not notice or
forget to update the hardcoded values.

Including the scripts in linux-kbuild will avoid this manual step
altogether, and allow for the possibility of other archs to provide
their own scripts in the future.

Gbp-Pq: Topic debian
Gbp-Pq: Name ia64-hardcode-arch-script-output.patch

kbuild: Make the toolchain variables easily overwritable

Forwarded: not-needed

Allow make variables to be overridden for each flavour by a file in
the build tree, .kernelvariables.

We currently use this for ARCH, KERNELRELEASE, CC, and in some cases
also CROSS_COMPILE, KCFLAGS.

This file can only be read after we establish the build tree, and all
use of $(ARCH) needs to be moved after this.

[bwh: Updated for 5.3: include .kernelvariables from current directory
rather than using undefined $(obj).]

Gbp-Pq: Topic debian
Gbp-Pq: Name kernelvariables.patch

Make mkcompile_h accept an alternate timestamp string

Forwarded: not-needed

We want to include the Debian version in the utsname::version string
instead of a full timestamp string. However, we still need to provide
a standard timestamp string for gen_initramfs_list.sh to make the
kernel image reproducible.

Make mkcompile_h use $KBUILD_BUILD_VERSION_TIMESTAMP in preference to
$KBUILD_BUILD_TIMESTAMP.

Gbp-Pq: Topic debian
Gbp-Pq: Name uname-version-timestamp.patch

Include package version along with kernel release in stack traces

Forwarded: not-needed

For distribution binary packages we assume
$DISTRIBUTION_OFFICIAL_BUILD, $DISTRIBUTOR and $DISTRIBUTION_VERSION
are set.

Gbp-Pq: Topic debian
Gbp-Pq: Name version.patch

Documentation: Fix broken link to CIPSO draft

Forwarded: not-needed

We exclude the CIPSO draft text as its licence is not DFSG compliant.
Link to the IETF's online version instead.

Gbp-Pq: Topic debian/dfsg
Gbp-Pq: Name documentation-fix-broken-link-to-cipso-draft.patch

video: Remove nvidiafb and rivafb

Bug-Debian: https://bugs.debian.org/383481
Forwarded: no

These drivers contain register programming code provided by the
hardware vendor that appears to have been deliberately obfuscated.
This is arguably not the preferred form for modification.

These drivers are also largely redundant with nouveau. The RIVA 128
(NV3) is not supported by nouveau but is about 15 years old and
probably discontinued 10 years ago.

Gbp-Pq: Topic debian/dfsg
Gbp-Pq: Name video-remove-nvidiafb-and-rivafb.patch

Add removal patches for: 3c359, smctr, keyspan, cops

Forwarded: not-needed

Gbp-Pq: Topic debian/dfsg
Gbp-Pq: Name drivers-net-appletalk-cops.patch

vs6624: mark as broken

Forwarded: not-needed

Gbp-Pq: Topic debian/dfsg
Gbp-Pq: Name vs6624-disable.patch

dvb-usb-af9005: mark as broken

Forwarded: not-needed

Gbp-Pq: Topic debian/dfsg
Gbp-Pq: Name drivers-media-dvb-dvb-usb-af9005-disable.patch

Remove microcode patches for mgsuvd (not enabled in Debian configs)

Forwarded: not-needed

Gbp-Pq: Topic debian/dfsg
Gbp-Pq: Name arch-powerpc-platforms-8xx-ucode-disable.patch

Tweak gitignore for Debian pkg-kernel using git svn.

Forwarded: not-needed

[bwh: Tweak further for pure git]

Gbp-Pq: Topic debian
Gbp-Pq: Name gitignore.patch

linux (6.1.119-1) bookworm-security; urgency=high

  * New upstream stable update:
    https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.116
    - cpufreq: Generalize of_perf_domain_get_sharing_cpumask phandle format
    - cpufreq: Avoid a bad reference count on CPU node (CVE-2024-50012)
    - mm: remove kern_addr_valid() completely
    - fs/proc/kcore: avoid bounce buffer for ktext data
    - fs/proc/kcore: convert read_kcore() to read_kcore_iter()
    - fs/proc/kcore: reinstate bounce buffer for KCORE_TEXT regions
    - fs/proc/kcore.c: allow translation of physical memory addresses
    - cgroup: Fix potential overflow issue when checking max_depth
    - wifi: iwlegacy: Fix "field-spanning write" warning in il_enqueue_hcmd()
      (Closes: #1062421)
    - mac80211: MAC80211_MESSAGE_TRACING should depend on TRACING
    - wifi: mac80211: skip non-uploaded keys in ieee80211_iter_keys
    - wifi: ath11k: Fix invalid ring usage in full monitor mode
    - wifi: brcm80211: BRCM_TRACING should depend on TRACING
    - RDMA/cxgb4: Dump vendor specific QP details
    - RDMA/mlx5: Round max_rd_atomic/max_dest_rd_atomic up instead of down
    - RDMA/bnxt_re: synchronize the qp-handle table array
    - wifi: iwlwifi: mvm: disconnect station vifs if recovery failed
    - wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd()
      (CVE-2024-53059)
    - [armel,armhf] ASoC: cs42l51: Fix some error handling paths in
      cs42l51_probe()
    - macsec: Fix use-after-free while sending the offloading packet
      (CVE-2024-50261)
    - net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data
      (CVE-2024-53058)
    - ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow()
      (CVE-2024-53042)
    - gtp: allow -1 to be specified as file description from userspace
    - net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (CVE-2024-53057)
    - netdevsim: Add trailing zero to terminate the string in
      nsim_nexthop_bucket_activity_write() (CVE-2024-50259)
    - bpf: Fix out-of-bounds write in trie_get_next_key() (CVE-2024-50262)
    - netfilter: Fix use-after-free in get_info() (CVE-2024-50257)
    - netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6()
      (CVE-2024-50256)
    - Bluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs
      (CVE-2024-50255)
    - net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension
    - netfilter: nft_payload: sanitize offset and length before calling
      skb_checksum() (CVE-2024-50251)
    - iomap: convert iomap_unshare_iter to use large folios
    - iomap: improve shared block detection in iomap_unshare_iter
    - iomap: don't bother unsharing delalloc extents
    - iomap: share iomap_unshare_iter predicate code with fsdax
    - fsdax: remove zeroing code from dax_unshare_iter
    - fsdax: dax_unshare_iter needs to copy entire blocks (CVE-2024-50250)
    - iomap: turn iomap_want_unshare_iter into an inline function
    - compiler-gcc: be consistent with underscores use for `no_sanitize`
    - compiler-gcc: remove attribute support check for `__no_sanitize_address__`
    - afs: Automatically generate trace tag enums
    - afs: Fix missing subdir edit when renamed between parent dirs
    - ACPI: CPPC: Make rmw_lock a raw_spin_lock (CVE-2024-50249)
    - fs/ntfs3: Check if more than chunk-size bytes are written (CVE-2024-50247)
    - fs/ntfs3: Fix warning possible deadlock in ntfs_set_state
    - fs/ntfs3: Stale inode instead of bad
    - fs/ntfs3: Fix possible deadlock in mi_read (CVE-2024-50245)
    - fs/ntfs3: Additional check in ni_clear() (CVE-2024-50244)
    - scsi: scsi_transport_fc: Allow setting rport state to current state
    - net: amd: mvme147: Fix probe banner message
    - NFS: remove revoked delegation from server's delegation list
    - misc: sgi-gru: Don't disable preemption in GRU driver
    - usb: gadget: dummy_hcd: Switch to hrtimer transfer scheduler
    - usb: gadget: dummy_hcd: Set transfer interval to 1 microframe
    - usb: gadget: dummy_hcd: execute hrtimer callback in softirq context
    - USB: gadget: dummy-hcd: Fix "task hung" problem
    - ALSA: usb-audio: Add quirks for Dell WD19 dock
    - usbip: tools: Fix detach_port() invalid port error path
    - usb: phy: Fix API devm_usb_put_phy() can not release the phy
    - usb: typec: fix unreleased fwnode_handle in typec_port_register_altmodes()
    - xhci: Fix Link TRB DMA in command ring stopped completion event
    - xhci: Use pm_runtime_get to prevent RPM on unsupported systems
    - Revert "driver core: Fix uevent_show() vs driver detach race"
    - wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower
      (CVE-2024-50237)
    - wifi: ath10k: Fix memory leak in management tx (CVE-2024-50236)
    - wifi: cfg80211: clear wdev->cqm_config pointer on free (CVE-2024-50235)
    - wifi: iwlegacy: Clear stale interrupts before resuming device
      (CVE-2024-50234)
    - iio: adc: ad7124: fix division by zero in ad7124_set_channel_odr()
      (CVE-2024-50232)
    - iio: light: veml6030: fix microlux value calculation
    - nilfs2: fix potential deadlock with newly created symlinks
      (CVE-2024-50229)
    - block: fix sanity checks in blk_rq_map_user_bvec
    - cgroup/bpf: use a dedicated workqueue for cgroup bpf destruction
      (CVE-2024-53054)
    - ALSA: hda/realtek: Limit internal Mic boost on Dell platform
    - cxl/acpi: Move rescan to the workqueue
    - cxl/port: Fix cxl_bus_rescan() vs bus_rescan_devices()
    - mm/page_alloc: rename ALLOC_HIGH to ALLOC_MIN_RESERVE
    - mm/page_alloc: treat RT tasks similar to __GFP_HIGH
    - mm/page_alloc: explicitly record high-order atomic allocations in
      alloc_flags
    - mm/page_alloc: explicitly define what alloc flags deplete min reserves
    - mm/page_alloc: explicitly define how __GFP_HIGH non-blocking allocations
      accesses reserves
    - mm/page_alloc: let GFP_ATOMIC order-0 allocs access highatomic reserves
    - ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow (CVE-2024-50218)
    - mctp i2c: handle NULL header address (CVE-2024-53043)
    - ALSA: hda/realtek: Fix headset mic on TUXEDO Stellaris 16 Gen6 mb1
    - nvmet-auth: assign dh_key to NULL after kfree_sensitive (CVE-2024-50215)
    - io_uring: rename kiocb_end_write() local helper
    - fs: create kiocb_{start,end}_write() helpers
    - io_uring: use kiocb_{start,end}_write() helpers
    - io_uring/rw: fix missing NOWAIT check for O_DIRECT start write
      (CVE-2024-53052)
    - mm: migrate: try again if THP split is failed due to page refcnt
    - migrate: convert unmap_and_move() to use folios
    - migrate: convert migrate_pages() to use folios
    - mm/migrate.c: stop using 0 as NULL pointer
    - migrate_pages: organize stats with struct migrate_pages_stats
    - migrate_pages: separate hugetlb folios migration
    - migrate_pages: restrict number of pages to migrate in batch
    - migrate_pages: split unmap_and_move() to _unmap() and _move()
    - vmscan,migrate: fix page count imbalance on node stats when demoting pages
    - io_uring: always lock __io_cqring_overflow_flush (Closes: #1087602)
    - [x86] bugs: Use code segment selector for VERW operand (CVE-2024-50072)
    - wifi: mac80211: fix NULL dereference at band check in starting tx ba
      session (CVE-2024-43911)
    - nilfs2: fix kernel bug due to missing clearing of checked flag
      (CVE-2024-50230)
    - wifi: iwlwifi: mvm: fix 6 GHz scan construction (CVE-2024-53055)
    - mm: shmem: fix data-race in shmem_getattr() (CVE-2024-50228)
    - mtd: spi-nor: winbond: fix w25q128 regression
    - drm/amd/display: Add null checks for 'stream' and 'plane' before
      dereferencing (CVE-2024-43904)
    - drm/amd/display: Skip on writeback when it's not applicable
      (CVE-2024-36914)
    - vt: prevent kernel-infoleak in con_font_get()
    - mm: avoid gcc complaint about pointer casting
    - migrate_pages_batch: fix statistics for longterm pin retry
    https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.117
    - [arm64] dts: rockchip: Fix rt5651 compatible value on rk3399-eaidk-610
    - [arm64] dts: rockchip: Fix rt5651 compatible value on
      rk3399-sapphire-excavator
    - [arm64] dts: rockchip: Remove hdmi's 2nd interrupt on rk3328
    - [arm64] dts: rockchip: Fix wakeup prop names on PineNote BT node
    - [arm64] dts: rockchip: Fix bluetooth properties on Rock960 boards
    - [arm64] dts: rockchip: Remove #cooling-cells from fan on Theobroma lion
    - [arm64] dts: rockchip: Fix LED triggers on rk3308-roc-cc
    - [arm64] dts: imx8qm: Fix VPU core alias name
    - [arm64] dts: imx8qxp: Add VPU subsystem file
    - [arm64] dts: imx8-ss-vpu: Fix imx8qm VPU IRQs
    - [arm64] dts: imx8mp: correct sdhc ipg clk
    - [armhf] ARM: dts: rockchip: Fix the realtek audio codec on rk3036-kylin
    - HID: core: zero-initialize the report buffer (CVE-2024-50302)
    - [x86] platform/x86/amd/pmc: Detect when STB is not available
      (CVE-2024-53072)
    - sunrpc: handle -ENOTCONN in xs_tcp_setup_socket()
    - NFSv3: only use NFS timeout for MOUNT when protocols are compatible
    - NFSv3: handle out-of-order write replies.
    - nfs: avoid i_lock contention in nfs_clear_invalid_mapping
    - security/keys: fix slab-out-of-bounds in key_task_permission
      (CVE-2024-50301)
    - [arm64] net: enetc: set MAC address to the VF net_device
    - sctp: properly validate chunk size in sctp_sf_ootb() (CVE-2024-50299)
    - can: c_can: fix {rx,tx}_errors statistics
    - ice: change q_index variable type to s16 to store -1 value
    - i40e: fix race condition by adding filter's intermediate sync state
      (CVE-2024-53088)
    - [arm64] net: hns3: fix kernel crash when uninstalling driver
      (CVE-2024-50296)
    - net: phy: ti: add PHY_RST_AFTER_CLK_EN flag
    - net: stmmac: Fix unbalanced IRQ wake disable warning on single irq case
    - virtio_net: Add hash_key_length check (CVE-2024-53082)
    - Revert "ALSA: hda/conexant: Mute speakers at suspend / shutdown"
    - media: stb0899_algo: initialize cfr before using it
    - media: dvbdev: prevent the risk of out of memory access (CVE-2024-53063)
    - media: dvb_frontend: don't play tricks with underflow values
    - media: adv7604: prevent underflow condition when reporting colorspace
    - scsi: sd_zbc: Use kvzalloc() to allocate REPORT ZONES buffer
    - ALSA: firewire-lib: fix return value on fail in amdtp_tscm_init()
    - [armhf] ASoC: stm32: spdifrx: fix dma channel release in
      stm32_spdifrx_remove
    - media: ar0521: don't overflow when checking PLL values (CVE-2024-53081)
    - media: s5p-jpeg: prevent buffer overflows (CVE-2024-53061)
    - media: cx24116: prevent overflows on SNR calculus (CVE-2024-50290)
    - media: pulse8-cec: fix data timestamp at pulse8_setup()
    - media: v4l2-tpg: prevent the risk of a division by zero (CVE-2024-50287)
    - media: v4l2-ctrls-api: fix error handling for v4l2_g_ctrl()
    - can: mcp251xfd: mcp251xfd_get_tef_len(): fix length calculation
    - can: mcp251xfd: mcp251xfd_ring_alloc(): fix coalescing configuration when
      switching CAN modes
    - ksmbd: fix slab-use-after-free in ksmbd_smb2_session_create
      (CVE-2024-50286)
    - ksmbd: Fix the missing xa_store error check (CVE-2024-50284)
    - ksmbd: fix slab-use-after-free in smb3_preauth_hash_rsp (CVE-2024-50283)
    - pwm: imx-tpm: Use correct MODULO value for EPWM mode
    - drm/amdgpu: Adjust debugfs eviction and IB access permissions
    - drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read()
      (CVE-2024-50282)
    - drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported
      (CVE-2024-53060)
    - thermal/drivers/qcom/lmh: Remove false lockdep backtrace
    - dm cache: correct the number of origin blocks to match the target length
    - dm cache: fix flushing uninitialized delayed_work on cache_ctr error
      (CVE-2024-50280)
    - dm cache: fix out-of-bounds access to the dirty bitset when resizing
      (CVE-2024-50279)
    - dm cache: optimize dirty bit checking with find_next_bit when resizing
    - dm cache: fix potential out-of-bounds access on the first resume
      (CVE-2024-50278)
    - dm-unstriped: cast an operand to sector_t to prevent potential uint32_t
      overflow
    - ALSA: usb-audio: Add quirk for HP 320 FHD Webcam
    - ALSA: hda/realtek: Fix headset mic on TUXEDO Gemini 17 Gen3
    - posix-cpu-timers: Clear TICK_DEP_BIT_POSIX_TIMER on clone
    - nfs: Fix KMSAN warning in decode_getfattr_attrs() (CVE-2024-53066)
    - net: wwan: t7xx: Fix off-by-one error in t7xx_dpmaif_rx_buf_alloc()
    - net: vertexcom: mse102x: Fix possible double free of TX skb
      (CVE-2024-50276)
    - mptcp: use sock_kfree_s instead of kfree
    - btrfs: reinitialize delayed ref list after deleting it from the list
      (CVE-2024-50273)
    - bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq
      (CVE-2024-38540)
    - Revert "wifi: mac80211: fix RCU list iterations"
    - net: do not delay dst_entries_add() in dst_release() (CVE-2024-50036)
    - media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in
      uvc_parse_format
    - filemap: Fix bounds checking in filemap_read() (CVE-2024-50272)
    - fs/proc: fix compile warning about variable 'vmcore_mmap_ops'
    - signal: restore the override_rlimit logic (CVE-2024-50271)
    - usb: musb: sunxi: Fix accessing an released usb phy (CVE-2024-50269)
    - usb: dwc3: fix fault at system suspend if device was already runtime
      suspended
    - usb: typec: fix potential out of bounds in
      ucsi_ccg_update_set_new_cam_cmd()
    - USB: serial: io_edgeport: fix use after free in debug printk
      (CVE-2024-50267)
    - USB: serial: qcserial: add support for Sierra Wireless EM86xx
    - USB: serial: option: add Fibocom FG132 0x0112 composition
    - USB: serial: option: add Quectel RG650V
    - irqchip/gic-v3: Force propagation of the active state with a read-back
    - ocfs2: remove entry once instead of null-ptr-dereference in
      ocfs2_xa_remove()
    - ucounts: fix counter leak in inc_rlimit_get_ucounts()
    - [x86] ASoC: amd: yc: fix internal mic on Xiaomi Book Pro 14 2022
    - net: sched: use RCU read-side critical section in taprio_dump()
      (CVE-2024-50126)
    - hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer
    - vsock/virtio: Initialization of the dangling pointer occurring in
      vsk->trans
    - media: amphion: Fix VPU core alias name
    https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.118
    - Revert "Bluetooth: fix use-after-free in accessing skb after sending it"
    - Revert "Bluetooth: hci_sync: Fix overwriting request callback"
    - Revert "Bluetooth: af_bluetooth: Fix deadlock"
    - Revert "Bluetooth: hci_core: Fix possible buffer overflow"
    - Revert "Bluetooth: hci_conn: Consolidate code for aborting connections"
      (Closes: #1086447)
    - 9p: Avoid creating multiple slab caches with the same name
    - nvme: tcp: avoid race between queue_lock lock and destroy
    - block: Fix elevator_get_default() checking for NULL q->tag_set
    - HID: multitouch: Add support for B2402FVA track point
    - HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad
    - nvme: disable CC.CRIME (NVME_CC_CRIME)
    - bpf: use kvzmalloc to allocate BPF verifier environment
    - crypto: api - Fix liveliness check in crypto_alg_tested
    - [arm*] crypto: marvell/cesa - Disable hash algorithms
    - sound: Make CONFIG_SND depend on INDIRECT_IOMEM instead of UML
    - drm/vmwgfx: Limit display layout ioctl array size to
      VMWGFX_NUM_DISPLAY_UNITS
    - nvme-multipath: defer partition scanning (CVE-2024-53093)
    - [powerpc*] powernv: Free name on error in opal_event_init()
    - nvme: make keep-alive synchronous operation
    - bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6
    - fs: Fix uninitialized value issue in from_kuid and from_kgid
    - HID: multitouch: Add quirk for Logitech Bolt receiver w/ Casa touchpad
    - HID: lenovo: Add support for Thinkpad X1 Tablet Gen 3 keyboard
    - net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition
    - md/raid10: improve code of mrdev in raid10_sync_request
    - io_uring: fix possible deadlock in io_register_iowq_max_workers()
      (CVE-2024-41080)
    - uprobes: encapsulate preparation of uprobe args buffer
    - uprobe: avoid out-of-bounds memory access of fetching args
      (CVE-2024-50067)
    - drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer (CVE-2024-49991)
    - ext4: fix timer use-after-free on failed mount (CVE-2024-49960)
    - Bluetooth: L2CAP: Fix uaf in l2cap_connect (CVE-2024-49950)
    - mm: krealloc: Fix MTE false alarm in __do_krealloc
    - [x86] platform/x86: x86-android-tablets: Fix use after free on
      platform_device_register() errors (CVE-2024-49986)
    - fs/ntfs3: Fix general protection fault in run_is_mapped_full
      (CVE-2024-50243)
    - 9p: fix slab cache name creation for real
    https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.119
    - netlink: terminate outstanding dump on socket close
    - [arm64,armhf] drm/rockchip: vop: Fix a dereferenced before check warning
    - mptcp: error out earlier on disconnect
    - net/mlx5: fs, lock FTE when checking if active
    - net/mlx5e: kTLS, Fix incorrect page refcounting
    - net/mlx5e: CT: Fix null-ptr-deref in add rule err flow
    - virtio/vsock: Fix accept_queue memory leak
    - Bluetooth: hci_event: Remove code to removed CONFIG_BT_HS
    - Bluetooth: hci_core: Fix calling mgmt_device_connected
    - net/sched: cls_u32: replace int refcounts with proper refcounts
    - net: sched: cls_u32: Fix u32's systematic failure to free IDR entries for
      hnodes.
    - bonding: add ns target multicast address to slave device
    - [armel,armhf] 9419/1: mm: Fix kernel memory mapping for xip kernels
    - [x86] mm: Fix a kdump kernel failure on SME system when CONFIG_IMA_KEXEC=y
    - mm: fix NULL pointer dereference in alloc_pages_bulk_noprof
    - ocfs2: uncache inode which has failed entering the group
    - vdpa/mlx5: Fix PA offset with unaligned starting iotlb map
    - ima: fix buffer overrun in ima_eventdigest_init_common
    - [x86] KVM: nVMX: Treat vpid01 as current if L2 is active, but with VPID
      disabled
    - [x86] KVM: x86: Unconditionally set irr_pending when updating APICv state
    - [x86] KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind
      CONFIG_BROKEN
    - nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint
    - ALSA: hda/realtek - Fixed Clevo platform headset Mic issue
    - ALSA: hda/realtek: fix mute/micmute LEDs for a HP EliteBook 645 G10
    - ocfs2: fix UBSAN warning in ocfs2_verify_volume()
    - nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint
    - Revert "mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K"
    - mmc: sunxi-mmc: Fix A100 compatible description
    - drm/bridge: tc358768: Fix DSI command tx
    - drm/amd: Fix initialization mistake for NBIO 7.7.0
    - staging: vchiq_arm: Get the rid off struct vchiq_2835_state
    - staging: vchiq_arm: Use devm_kzalloc() for vchiq_arm_state allocation
    - fs/ntfs3: Additional check in ntfs_file_release (CVE-2024-50242)
    - Bluetooth: ISO: Fix not validating setsockopt user input (CVE-2024-35964)
    - lib/buildid: Fix build ID parsing logic
    - cxl/pci: fix error code in __cxl_hdm_decode_init()
    - media: dvbdev: fix the logic when DVB_DYNAMIC_MINORS is not set
    - NFSD: initialize copy->cp_clp early in nfsd4_copy for use by trace point
    - NFSD: Async COPY result needs to return a write verifier
    - NFSD: Limit the number of concurrent async COPY operations
      (CVE-2024-49974)
    - NFSD: Initialize struct nfsd4_copy earlier
    - NFSD: Never decrement pending_async_copies on error
    - mptcp: cope racing subflow creation in mptcp_rcv_space_adjust
    - mptcp: define more local variables sk
    - mptcp: add userspace_pm_lookup_addr_by_id helper
    - mptcp: update local address flags when setting it
    - mptcp: hold pm lock when deleting entry
    - mptcp: drop lookup_by_id in lookup_addr
    - mptcp: pm: use _rcu variant under rcu_read_lock
    - ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() (CVE-2024-26954)
    - ksmbd: fix potencial out-of-bounds when buffer offset is invalid
      (CVE-2024-26952)
    - net: add copy_safe_from_sockptr() helper
    - nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies
    - fs/9p: fix uninitialized values during inode evict (CVE-2024-36923)
    - ipvs: properly dereference pe in ip_vs_add_service (CVE-2024-42322)
    - net/sched: taprio: extend minimum interval restriction to entire cycle too
      (CVE-2024-36244)
    - net: fec: remove .ndo_poll_controller to avoid deadlocks (CVE-2024-38553)
    - mm: revert "mm: shmem: fix data-race in shmem_getattr()"
    - mm: avoid unsafe VMA hook invocation when error arises on mmap hook
    - mm: unconditionally close VMAs on error
    - mm: refactor arch_calc_vm_flag_bits() and arm64 MTE handling
    - mm: resolve faulty mmap_region() error path behaviour
    - drm/amd: check num of link levels when update pcie param (CVE-2023-52812)
    - char: xillybus: Prevent use-after-free due to race condition
      (CVE-2022-45888)
    - null_blk: Remove usage of the deprecated ida_simple_xx() API
    - null_blk: fix null-ptr-dereference while configuring 'power' and
      'submit_queues' (CVE-2024-36478)
    - null_blk: Fix return value of nullb_device_power_store()
    - parisc: fix a possible DMA corruption (CVE-2024-44949)
    - char: xillybus: Fix trivial bug with mutex
    - net: Make copy_safe_from_sockptr() match documentation

  [ Salvatore Bonaccorso ]
  * Bump ABI to 28
  * [x86] Revert "x86: Increase brk randomness entropy for 64-bit systems"
    (Closes: #1085762)

[dgit import unpatched linux 6.1.119-1]

Import linux_6.1.119.orig.tar.xz

[dgit import orig linux_6.1.119.orig.tar.xz]

Import linux_6.1.119-1.debian.tar.xz

[dgit import tarball linux 6.1.119-1 linux_6.1.119-1.debian.tar.xz]