dgit.raspbian.org Git - linux.git/log

Manual merge of version 6.12.27-1+rpi1 and 6.12.41-1 to produce 6.12.41-1+rpi1

Merge linux (6.12.41-1) import into refs/heads/workingbranch

libbpf: Use the standard fixdep build rule

libbpf's all target depends on the fixdep target defined in
tools/scripts/Makefile.include. However the $(BPF_IN_SHARED) and
$(BPF_IN_STATIC) targets don't use it, but instead rebuild fixdep in
the staticobjs or sharedobjs subdirectory using a different command.

Change the $(BPF_IN_SHARED) and $(BPF_IN_STATIC) targets to depend on
fixdep and to symlink the executable into the respective output
subdirectory.

Signed-off-by: Ben Hutchings <benh@debian.org>
Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name libbpf-use-the-standard-fixdep-build-rule.patch

[PATCH] perf docs: Fix perf-check manual page built with asciidoctor

Forwarded: https://lore.kernel.org/linux-perf-users/Z-BxCE8WrcRmR_5f@decadent.org.uk/

asciidoctor is more picky than asciidoc about the length of heading
underlines, and currently mis-parses perf-check.txt:

ASCIIDOC perf-check.1
asciidoctor: ERROR: perf-check.txt: line 1: non-conforming manpage title
asciidoctor: ERROR: perf-check.txt: line 1: name section expected
asciidoctor: WARNING: perf-check.txt: line 2: unterminated example block
asciidoctor: WARNING: perf-check.txt: line 5: unterminated listing block

Fix the length of the title underline so it works properly.

Fixes: 98ad0b77323c ("perf check: Introduce 'check' subcommand")
Signed-off-by: Ben Hutchings <benh@debian.org>
Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name perf-docs-Fix-perf-check-manual-page-built-with-asci.patch

kbuild, bpf: Fix BTF reproducibility

pahole 1.22 introduced the -j option for parallel processing, and
kbuild uses it, but this makes its output unreproducible.

pahole 1.27 introduced --btf_features=+reproducible_build which makes
the output reproducible even when -j is used.

Assume that if KBUILD_BUILD_TIMESTAMP is set then a reproducible build
is required, and use both options if available or neither if not.

Signed-off-by: Ben Hutchings <benh@debian.org>
Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name kbuild-bpf-fix-btf-reproducibility.patch

perf tools: Pass EXTRA_CFLAGS through to libbpf build again

When perf was statically linked to libbpf, any definition of
EXTRA_CFLAGS passed to Makefile.perf propagated to the sub-make of
libbpf. Since commit 9dabf4003423 ("perf python: Switch module to
linking libraries from building source"), EXTRA_CFLAGS is overridden
to "-fPIC" for the sub-make.

Change to include any user-provided EXTRA_CFLAGS before the "-fPIC"
option.

Fixes: 9dabf4003423 ("perf python: Switch module to linking libraries ...")
Signed-off-by: Ben Hutchings <benh@debian.org>
Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name perf-tools-pass-extra_cflags-through-to-libbpf-build-again.patch

perf tools: Support EXTRA_CXXFLAGS

Add support for an EXTRA_CXXFLAGS variable, used similarly to
EXTRA_CFLAGS.

Signed-off-by: Ben Hutchings <benh@debian.org>
Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name perf-tools-support-extra-cxxflags.patch

tools lib symbol: Use -D_FORTIFY_SOURCE=2 for non-debug builds

Forwarded: https://lore.kernel.org/all/20230424102827.58707-1-ukleinek@debian.org/

Commit 160be157eaba ("tool lib symbol: Add Makefile/Build") failed to
define _FORTIFY_SOURCE to 2, probabaly this was cut&pasted from other
Makefiles with the same problem.

Fixes: 160be157eaba ("tool lib symbol: Add Makefile/Build")
Signed-off-by: Uwe Kleine-König <ukleinek@debian.org>
Acked-by: Ian Rogers <irogers@google.com>
Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name tools_lib_symbol_use_d_fortify_source_2_for_non_debug_builds.patch

tools/perf: Fix missing LDFLAGS for some programs

Signed-off-by: Ben Hutchings <benh@debian.org>
Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name tools-perf-fix-missing-ldflags-for-some-programs.patch

libapi: Define _FORTIFY_SOURCE as 2, not empty

Forwarded: https://lore.kernel.org/lkml/20230424102049.58338-1-ukleinek@debian.org/

Signed-off-by: Ben Hutchings <benh@debian.org>
Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name libapi-define-_fortify_source-as-2-not-empty.patch

cpupower: Fix checks for CPU existence

Forwarded: https://lore.kernel.org/all/20170418023118.GD4152@decadent.org.uk/

Calls to cpufreq_cpu_exists(cpu) were converted to
cpupower_is_cpu_online(cpu) when libcpupower was introduced and the
former function was deleted. However, cpupower_is_cpu_online() does
not distinguish physically absent and offline CPUs, and does not set
errno.

cpufreq-set has already been fixed (commit c25badc9ceb6).

In cpufreq-bench, which prints an error message for offline CPUs,
properly distinguish and report the zero and negative cases.

Fixes: ac5a181d065d ("cpupower: Add cpuidle parts into library")
Fixes: 53d1cd6b125f ("cpupowerutils: bench - Fix cpu online check")
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
[carnil: Update/Refresh patch for 4.14.17: The issue with the
incorrect check has been fixed with upstream commit 53d1cd6b125f.
Keep in the patch the distinction and report for the zero and
negative cases.]

Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name cpupower-fix-checks-for-cpu-existence.patch

tools/build: Remove bpf() run-time check at build time

Forwarded: no

It is not correct to test that a syscall works on the build system's
kernel. We might be building on an earlier kernel version or with
security restrictions that block bpf().

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name tools-build-remove-bpf-run-time-check-at-build-time.patch

Revert "perf build: Fix libunwind feature detection on 32-bit x86"

Forwarded: no

This reverts commit 05b41775e2edd69a83f592e3534930c934d4038e.
It broke feature detection that was working just fine for us.

Gbp-Pq: Topic bugfix/x86
Gbp-Pq: Name revert-perf-build-fix-libunwind-feature-detection-on.patch

tools/perf: Remove shebang lines from perf scripts

Forwarded: no

perf scripts need to be invoked through perf, not directly through
perl (or other language interpreter). So including shebang lines in
them is useless and possibly misleading.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name tools-perf-remove-shebangs.patch

kbuild: Fix recordmcount dependency for OOT modules

Forwarded: no

We never rebuild anything in-tree when building an out-of-tree
modules, so external modules should not depend on the recordmcount
sources.

Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name kbuild-fix-recordmcount-dependency.patch

usbip: Document TCP wrappers

Forwarded: no

Add references to TCP wrappers configuration in the manual page.

Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name usbip-document-tcp-wrappers.patch

module: Disable matching missing version CRC

Forwarded: not-needed

This partly reverts commit cd3caefb4663e3811d37cc2afad3cce642d60061.
We want to fail closed if a symbol version CRC is missing, as the
alternative may allow subverting module signing.

Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name module-disable-matching-missing-version-crc.patch

[PATCH] trust machine keyring (MoK) by default

From 585cbcb982bffc4a8cee2f3d8d099fc64f9a74b9 Mon Sep 17 00:00:00 2001
Forwarded: not-needed

Debian always trusted keys in MoK by default. Upstream made it
conditional on a new EFI variable being set.
To keep backward compatibility skip this check.

Gbp-Pq: Topic features/all/db-mok-keyring
Gbp-Pq: Name trust-machine-keyring-by-default.patch

[PATCH] KEYS: Make use of platform keyring for module signature verify

Bug-Debian: https://bugs.debian.org/935945
Bug-Debian: https://bugs.debian.org/1030200
Origin: https://src.fedoraproject.org/rpms/kernel/raw/master/f/KEYS-Make-use-of-platform-keyring-for-module-signature.patch
Forwarded: https://lore.kernel.org/linux-modules/qvgp2il2co4iyxkzxvcs4p2bpyilqsbfgcprtpfrsajwae2etc@3z2s2o52i3xg/t/#u

This allows a cert in DB to be used to sign modules,
in addition to certs in the MoK and built-in keyrings.

Signed-off-by: Robert Holmes <robeholmes@gmail.com>
Signed-off-by: Jeremy Cline <jcline@redhat.com>
[bwh: Forward-ported to 5.19: adjust filename]
[наб: reinstate for 6.1, re-write description]

Gbp-Pq: Topic features/all/db-mok-keyring
Gbp-Pq: Name KEYS-Make-use-of-platform-keyring-for-module-signature.patch

[PATCH 3/4] MODSIGN: checking the blacklisted hash before loading a kernel module

Origin: https://lore.kernel.org/patchwork/patch/933175/

This patch adds the logic for checking the kernel module's hash
base on blacklist. The hash must be generated by sha256 and enrolled
to dbx/mokx.

For example:
sha256sum sample.ko
mokutil --mokx --import-hash $HASH_RESULT

Whether the signature on ko file is stripped or not, the hash can be
compared by kernel.

Cc: David Howells <dhowells@redhat.com>
Cc: Josh Boyer <jwboyer@fedoraproject.org>
Cc: James Bottomley <James.Bottomley@HansenPartnership.com>
Signed-off-by: "Lee, Chun-Yi" <jlee@suse.com>
[Rebased by Luca Boccassi]
[bwh: Forward-ported to 5.19:
- The type parameter to is_hash_blacklisted() is now an enumeration
rather than a string
- Adjust filename, context]

Gbp-Pq: Topic features/all/db-mok-keyring
Gbp-Pq: Name 0003-MODSIGN-checking-the-blacklisted-hash-before-loading-a-kernel-module.patch

arm64: add kernel config option to lock down when in Secure Boot mode

Bug-Debian: https://bugs.debian.org/831827
Forwarded: no

Add a kernel configuration option to lock down the kernel, to restrict
userspace's ability to modify the running kernel when UEFI Secure Boot is
enabled. Based on the x86 patch by Matthew Garrett.

Determine the state of Secure Boot in the EFI stub and pass this to the
kernel using the FDT.

Signed-off-by: Linn Crosetto <linn@hpe.com>
[bwh: Forward-ported to 4.10: adjust context]
[Lukas Wunner: Forward-ported to 4.11: drop parts applied upstream]
[bwh: Forward-ported to 4.15 and lockdown patch set:
- Pass result of efi_get_secureboot() in stub through to
   efi_set_secure_boot() in main kernel
- Use lockdown API and naming]
[bwh: Forward-ported to 4.19.3: adjust context in update_fdt()]
[dannf: Moved init_lockdown() call after uefi_init(), fixing SB detection]
[bwh: Drop call to init_lockdown(), as efi_set_secure_boot() now calls this]
[bwh: Forward-ported to 5.6: efi_get_secureboot() no longer takes a
sys_table parameter]
[bwh: Forward-ported to 5.7: EFI initialisation from FDT was rewritten, so:
- Add Secure Boot mode to the parameter enumeration in fdtparams.c
- Add a parameter to efi_get_fdt_params() to return the Secure Boot mode
- Since Xen does not have a property name defined for Secure Boot mode,
   change efi_get_fdt_prop() to handle a missing property name by clearing
   the output variable]
[Salvatore Bonaccorso: Forward-ported to 5.10: f30f242fb131 ("efi: Rename
arm-init to efi-init common for all arch") renamed arm-init.c to efi-init.c]

Gbp-Pq: Topic features/all/lockdown
Gbp-Pq: Name arm64-add-kernel-config-option-to-lock-down-when.patch

mtd: phram,slram: Disable when the kernel is locked down

Forwarded: https://lore.kernel.org/linux-security-module/20190830154720.eekfjt6c4jzvlbfz@decadent.org.uk/

These drivers allow mapping arbitrary memory ranges as MTD devices.
This should be disabled to preserve the kernel's integrity when it is
locked down.

* Add the HWPARAM flag to the module parameters
* When slram is built-in, it uses __setup() to read kernel parameters,
so add an explicit check security_locked_down() check

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Cc: Matthew Garrett <mjg59@google.com>
Cc: David Howells <dhowells@redhat.com>
Cc: Joern Engel <joern@lazybastard.org>
Cc: linux-mtd@lists.infradead.org
Gbp-Pq: Topic features/all/lockdown
Gbp-Pq: Name mtd-disable-slram-and-phram-when-locked-down.patch

efi: Lock down the kernel if booted in secure boot mode

Based on an earlier patch by David Howells, who wrote the following
description:

> UEFI Secure Boot provides a mechanism for ensuring that the firmware will
> only load signed bootloaders and kernels. Certain use cases may also
> require that all kernel modules also be signed. Add a configuration option
> that to lock down the kernel - which includes requiring validly signed
> modules - if the kernel is secure-booted.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
[Salvatore Bonaccorso: After fixing https://bugs.debian.org/956197 the
help text for LOCK_DOWN_IN_EFI_SECURE_BOOT was adjusted to mention that
lockdown is triggered in integrity mode (https://bugs.debian.org/1025417)]
Signed-off-by: Salvatore Bonaccorso <carnil@debian.org>
Gbp-Pq: Topic features/all/lockdown
Gbp-Pq: Name efi-lock-down-the-kernel-if-booted-in-secure-boot-mo.patch

[28/30] efi: Add an EFI_SECURE_BOOT flag to indicate secure boot mode

Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=a5d70c55c603233c192b375f72116a395909da28

UEFI machines can be booted in Secure Boot mode. Add an EFI_SECURE_BOOT
flag that can be passed to efi_enabled() to find out whether secure boot is
enabled.

Move the switch-statement in x86's setup_arch() that inteprets the
secure_boot boot parameter to generic code and set the bit there.

Suggested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
cc: linux-efi@vger.kernel.org
[rperier: Forward-ported to 5.5:
- Use pr_warn()
- Adjust context]
[bwh: Forward-ported to 5.6: adjust context]
[bwh: Forward-ported to 5.7:
- Use the next available bit in efi.flags
- Adjust context]

Gbp-Pq: Topic features/all/lockdown
Gbp-Pq: Name efi-add-an-efi_secure_boot-flag-to-indicate-secure-b.patch

Documentation: Use relative source filenames in ABI documentation

Currently the ABI documentation files contain absolute source
filenames, which makes them unreproducible if the build directory can
vary.

Remove the source base directory ($srctree) from the source filenames
shown in the documentation.

Signed-off-by: Ben Hutchings <benh@debian.org>
Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name documentation-use-relative-source-paths-in-abi-documentation.patch

fs: Add MODULE_SOFTDEP declarations for hard-coded crypto drivers

Bug-Debian: https://bugs.debian.org/819725
Forwarded: https://lore.kernel.org/all/20160517133631.GF7555@decadent.org.uk/

This helps initramfs builders and other tools to find the full
dependencies of a module.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
[Lukas Wunner: Forward-ported to 4.11: drop parts applied upstream]

Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name fs-add-module_softdep-declarations-for-hard-coded-cr.patch

phy/marvell: disable 4-port phys

Bug-Debian: https://bugs.debian.org/723177
Forwarded: https://lore.kernel.org/netdev/1386932764.20787.85.camel@dagon.hellion.org.uk/

The Marvell PHY was originally disabled because it can cause networking
failures on some systems. According to Lennert Buytenhek this is because some
of the variants added did not share the same register layout. Since the known
cases are all 4-ports disable those variants (indicated by a 4 in the
penultimate position of the model name) until they can be audited for
correctness.

[bwh: Also #if-out the init functions for these PHYs to avoid
compiler warnings]

Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name disable-some-marvell-phys.patch

x86: Make x32 syscall support conditional on a kernel parameter

Bug-Debian: https://bugs.debian.org/708070
Forwarded: https://lore.kernel.org/lkml/1415245982.3398.53.camel@decadent.org.uk/T/#u

Enabling x32 in the standard amd64 kernel would increase its attack
surface while provide no benefit to the vast majority of its users.
No-one seems interested in regularly checking for vulnerabilities
specific to x32 (at least no-one with a white hat).

Still, adding another flavour just to turn on x32 seems wasteful. And
the only differences on syscall entry are a few instructions that mask
out the x32 flag and compare the syscall number.

Use a static key to control whether x32 syscalls are really enabled, a
Kconfig parameter to set its default value and a kernel parameter
"syscall.x32" to change it at boot time.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic features/x86
Gbp-Pq: Name x86-make-x32-syscall-support-conditional.patch

x86: memtest: WARN if bad RAM found

Bug-Debian: https://bugs.debian.org/613321
Forwarded: https://lore.kernel.org/all/20120402150522.GA4980@burratino/

Since this is not a particularly thorough test, if we find any bad
bits of RAM then there is a fair chance that there are other bad bits
we fail to detect.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic features/x86
Gbp-Pq: Name x86-memtest-WARN-if-bad-RAM-found.patch

Revert "cgroup: Do not report unavailable v1 controllers in /proc/cgroups"

Bug-Debian: https://bugs.debian.org/1108294

This reverts commit af000ce85293b8e608f696f0c6c280bc3a75887f.

Starting in version 11, OpenJDK supports both cgroups v1 and v2 APIs,
but relies on /proc/groups (part of the v1 API) to detect which
controllers are enabled.  The VM detects and adjusts its behaviour for
cgroups cpuset and memory limits.  The GC will be configured to
collect before hitting the memory limit.  I think the cpuset limit is
used to decide how many threads to create in some places.

If it does not detect such limits, it may defer GC so long that it
triggers OOM despite not needing all the allocated memory, or may
create too many threads that use the available CPU resources
inefficiently.

The upstream change restricts /proc/cgroups to only show controllers
that support the v1 API.  We have disabled CONFIG_CPUSETS_V1 and
CONFIG_MEMCG_V1 per upstream default, so these controllers do not
support the v1 API and OpenJDK fails to detect them entirely. This
easily results in triggering OOM when running in a container.

OpenJDK 25 (at least the HotSpot VM) has been fixed to detect the
cgroups v2 API without depending on /proc/cgroups, but we also ship
older versions in trixie and bookworm, and this primarily affects
containers which may include OpenJDK from an older release or non-
Debian source.

Revert the upstream change for compatibility with older versions of
OpenJDK.

Gbp-Pq: Topic debian
Gbp-Pq: Name revert-cgroup-do-not-report-unavailable-v1-controlle.patch

arm64/acpi: Add fixup for HPE m400 quirks

Forwarded: https://lore.kernel.org/all/51d3d738-cdf5-2992-bba5-c3e1f34096c2@infradead.org/

Adds a new ACPI init routine acpi_fixup_m400_quirks that adds
a work-around for HPE ProLiant m400 APEI firmware problems.

The work-around disables APEI when CONFIG_ACPI_APEI is set and
m400 firmware is detected.  Without this fixup m400 systems
experience errors like these on startup:

  [Hardware Error]: Hardware error from APEI Generic Hardware Error Source: 2
  [Hardware Error]: event severity: fatal
  [Hardware Error]:  Error 0, type: fatal
  [Hardware Error]:   section_type: memory error
  [Hardware Error]:   error_status: 0x0000000000001300
  [Hardware Error]:   error_type: 10, invalid address
  Kernel panic - not syncing: Fatal hardware error!

Signed-off-by: Geoff Levand <geoff@infradead.org>
[bwh: Adjust context and indentation to apply to Linux 6.10]

Gbp-Pq: Topic bugfix/arm64
Gbp-Pq: Name arm64-acpi-Add-fixup-for-HPE-m400-quirks.patch

powerpc/boot: Fix missing crc32poly.h when building with KERNEL_XZ

Origin: https://patchwork.ozlabs.org/patch/963258/

After commit faa16bc404d7 ("lib: Use existing define with
polynomial") the lib/xz/xz_crc32.c includes a header from include/linux
directory thus any other user of this code should define proper include
path.

This fixes the build error on powerpc with CONFIG_KERNEL_XZ:

    In file included from ../arch/powerpc/boot/../../../lib/decompress_unxz.c:233:0,
                     from ../arch/powerpc/boot/decompress.c:42:
    ../arch/powerpc/boot/../../../lib/xz/xz_crc32.c:18:29: fatal error: linux/crc32poly.h: No such file or directory

Reported-by: Michal Kubecek <mkubecek@suse.cz>
Fixes: faa16bc404d7 ("lib: Use existing define with polynomial")
Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
Reported-by: kbuild test robot <lkp@intel.com>
Reported-by: Meelis Roos <mroos@linux.ee>
Tested-by: Michal Kubecek <mkubecek@suse.cz>
Gbp-Pq: Topic bugfix/powerpc
Gbp-Pq: Name powerpc-boot-fix-missing-crc32poly.h-when-building-with-kernel_xz.patch

ARM: mm: Export __sync_icache_dcache() for xen-privcmd

Forwarded: https://lore.kernel.org/all/20180711225013.GF14131@decadent.org.uk/

The xen-privcmd driver, which can be modular, calls set_pte_at()
which in turn may call __sync_icache_dcache().

The call to __sync_icache_dcache() may be optimised out because it is
conditional on !pte_special(), and xen-privcmd calls pte_mkspecial().
However, in a non-LPAE configuration there is no "special" bit and the
call is really unconditional.

Fixes: 3ad0876554ca ("xen/privcmd: add IOCTL_PRIVCMD_MMAP_RESOURCE")
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic bugfix/arm
Gbp-Pq: Name arm-mm-export-__sync_icache_dcache-for-xen-privcmd.patch

sh: Do not use hyphen in exported variable names

arch/sh/Makefile defines and exports ld-bfd to be used by
arch/sh/boot/Makefile and arch/sh/boot/compressed/Makefile. However
some shells, including dash, will not pass through environment
variables whose name includes a hyphen. Usually GNU make does not use
a shell to recurse, but if e.g. $(srctree) contains '~' it will use a
shell here.

Rename the variable to ld_bfd.

(Another instance of this problem was fixed upstream by commit
82977af93a0d "sh: rename suffix-y to suffix_y".)

References: https://buildd.debian.org/status/fetch.php?pkg=linux&arch=sh4&ver=4.13%7Erc5-1%7Eexp1&stamp=1502943967&raw=0
Fixes: ef9b542fce00 ("sh: bzip2/lzma uImage support.")
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic bugfix/sh
Gbp-Pq: Name sh-boot-do-not-use-hyphen-in-exported-variable-name.patch

perf tools: Fix unwind build on i386

Forwarded: no

EINVAL may not be defined when building unwind-libunwind.c with
REMOTE_UNWIND_LIBUNWIND, resulting in a compiler error in
LIBUNWIND__ARCH_REG_ID(). Its only caller, access_reg(), only checks
for a negative return value and doesn't care what it is. So change
-EINVAL to -1.

Fixes: 52ffe0ff02fc ("Support x86(32-bit) cross platform callchain unwind.")
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic bugfix/x86
Gbp-Pq: Name perf-tools-fix-unwind-build-on-i386.patch

ARM: dts: kirkwood: Fix SATA pinmux-ing for TS419

Forwarded: https://lore.kernel.org/all/20170218003251.GC4152@decadent.org.uk/
Bug-Debian: https://bugs.debian.org/855017

The old board code for the TS419 assigns MPP pins 15 and 16 as SATA
activity signals (and none as SATA presence signals). Currently the
device tree assigns the SoC's default pinmux groups for SATA, which
conflict with the second Ethernet port.

Reported-by: gmbh@gazeta.pl
Tested-by: gmbh@gazeta.pl
References: https://bugs.debian.org/855017
Cc: stable@vger.kernel.org # 3.15+
Fixes: 934b524b3f49 ("ARM: Kirkwood: Add DT description of QNAP 419")
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic bugfix/arm
Gbp-Pq: Name arm-dts-kirkwood-fix-sata-pinmux-ing-for-ts419.patch

btrfs: warn about RAID5/6 being experimental at mount time

Bug-Debian: https://bugs.debian.org/863290
Origin: https://bugs.debian.org/863290#5
Forwarded: https://lore.kernel.org/linux-btrfs/4105665.mVaztBssJx@bagend/

Too many people come complaining about losing their data -- and indeed,
there's no warning outside a wiki and the mailing list tribal knowledge.
Message severity chosen for consistency with XFS -- "alert" makes dmesg
produce nice red background which should get the point across.

Signed-off-by: Adam Borowski <kilobyte@angband.pl>
[bwh: Also add_taint() so this is flagged in bug reports]
[2023-01-10: still accurate according to btrfs-progs own manpage:
https://git.kernel.org/pub/scm/linux/kernel/git/kdave/btrfs-progs.git/commit/?id=922797e15590b836e377d6dc47b828356cafc2a9]
[2024-03-17: still accurate; manpage is now in Documentation/btrfs-man5.rst
implementation went from disk-io.c to super.c; forwarded the issue]

Gbp-Pq: Topic debian
Gbp-Pq: Name btrfs-warn-about-raid5-6-being-experimental-at-mount.patch

fanotify: Taint on use of FANOTIFY_ACCESS_PERMISSIONS

Forwarded: not-needed

Various free and proprietary AV products use this feature and users
apparently want it. But punting access checks to userland seems like
an easy way to deadlock the system, and there will be nothing we can
do about that. So warn and taint the kernel if this feature is
actually used.

Gbp-Pq: Topic debian
Gbp-Pq: Name fanotify-taint-on-use-of-fanotify_access_permissions.patch

fjes: Disable auto-loading

Bug-Debian: https://bugs.debian.org/853976
Forwarded: no

fjes matches a generic ACPI device ID, and relies on its probe
function to distinguish whether that really corresponds to a supported
device. Very few system will need the driver and it wastes memory on
all the other systems where the same device ID appears, so disable
auto-loading.

Gbp-Pq: Topic debian
Gbp-Pq: Name fjes-disable-autoload.patch

viafb: Autoload on OLPC XO 1.5 only

Bug-Debian: https://bugs.debian.org/705788
Forwarded: no

It appears that viafb won't work automatically on all the boards for
which it has a PCI device ID match. Currently, it is blacklisted by
udev along with most other framebuffer drivers, so this doesn't matter
much.

However, this driver is required for console support on the XO 1.5.
We need to allow it to be autoloaded on this model only, and then
un-blacklist it in udev.

Gbp-Pq: Topic bugfix/x86
Gbp-Pq: Name viafb-autoload-on-olpc-xo1.5-only.patch

snd-pcsp: Disable autoload

Forwarded: not-needed
Bug-Debian: https://bugs.debian.org/697709

There are two drivers claiming the platform:pcspkr device:
- pcspkr creates an input(!) device that can only beep
- snd-pcsp creates an equivalent input device plus a PCM device that can
  play barely recognisable renditions of sampled sound

snd-pcsp is blacklisted by the alsa-base package, but not everyone
installs that.  On PCs where no sound is wanted at all, both drivers
will still be loaded and one or other will complain that it couldn't
claim the relevant I/O range.

In case anyone finds snd-pcsp useful, we continue to build it.  But
remove the alias, to ensure it's not loaded where it's not wanted.

Gbp-Pq: Topic debian
Gbp-Pq: Name snd-pcsp-disable-autoload.patch

intel-iommu: Add Kconfig option to exclude iGPU by default

Bug-Debian: https://bugs.debian.org/935270
Bug-Kali: https://bugs.kali.org/view.php?id=5644

There is still laptop firmware that touches the integrated GPU behind
the operating system's back, and doesn't say so in the RMRR table.
Enabling the IOMMU for all devices causes breakage.

Replace CONFIG_INTEL_IOMMU_DEFAULT_ON with a 3-way choice
corresponding to "on", "off", and "on,intgpu_off".

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic features/x86
Gbp-Pq: Name intel-iommu-add-kconfig-option-to-exclude-igpu-by-default.patch

intel-iommu: Add option to exclude integrated GPU only

Bug-Debian: https://bugs.debian.org/935270
Bug-Kali: https://bugs.kali.org/view.php?id=5644

There is still laptop firmware that touches the integrated GPU behind
the operating system's back, and doesn't say so in the RMRR table.
Enabling the IOMMU for all devices causes breakage, but turning it off
for all graphics devices seems like a major weakness.

Add an option, intel_iommu=intgpu_off, to exclude only integrated GPUs
from remapping. This is a narrower exclusion than igfx_off: it only
affects Intel devices on the root bus. Devices attached through an
external port (Thunderbolt or ExpressCard) won't be on the root bus.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic features/x86
Gbp-Pq: Name intel-iommu-add-option-to-exclude-integrated-gpu-only.patch

security,perf: Allow further restriction of perf_event_open

Forwarded: https://lore.kernel.org/all/20160111152355.GS28542@decadent.org.uk/

When kernel.perf_event_open is set to 3 (or greater), disallow all
access to performance events by users without CAP_SYS_ADMIN.
Add a Kconfig symbol CONFIG_SECURITY_PERF_EVENTS_RESTRICT that
makes this value the default.

This is based on a similar feature in grsecurity
(CONFIG_GRKERNSEC_PERF_HARDEN). This version doesn't include making
the variable read-only. It also allows enabling further restriction
at run-time regardless of whether the default is changed.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic features/all
Gbp-Pq: Name security-perf-allow-further-restriction-of-perf_event_open.patch

add sysctl to disallow unprivileged CLONE_NEWUSER by default

Origin: http://kernel.ubuntu.com/git?p=serge%2Fubuntu-saucy.git;a=commit;h=5c847404dcb2e3195ad0057877e1422ae90892b8

add sysctl to disallow unprivileged CLONE_NEWUSER by default

This is a short-term patch. Unprivileged use of CLONE_NEWUSER
is certainly an intended feature of user namespaces. However
for at least saucy we want to make sure that, if any security
issues are found, we have a fail-safe.

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
[bwh: Remove unneeded binary sysctl bits]
[bwh: Keep this sysctl, but change the default to enabled]

Gbp-Pq: Topic debian
Gbp-Pq: Name add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by-default.patch

yama: Disable by default

Bug-Debian: https://bugs.debian.org/712740
Forwarded: not-needed

Gbp-Pq: Topic debian
Gbp-Pq: Name yama-disable-by-default.patch

fs: Enable link security restrictions by default

Bug-Debian: https://bugs.debian.org/609455
Forwarded: not-needed

This reverts commit 561ec64ae67ef25cac8d72bb9c4bfc955edfd415
('VFS: don't do protected {sym,hard}links by default').

Gbp-Pq: Topic debian
Gbp-Pq: Name fs-enable-link-security-restrictions-by-default.patch

hamradio: Disable auto-loading as mitigation against local exploits

Forwarded: not-needed

We can mitigate the effect of vulnerabilities in obscure protocols by
preventing unprivileged users from loading the modules, so that they
are only exploitable on systems where the administrator has chosen to
load the protocol.

The 'ham' radio protocols (ax25, netrom, rose) are not actively
maintained or widely used. Therefore disable auto-loading.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic debian
Gbp-Pq: Name hamradio-disable-auto-loading-as-mitigation-against-local-exploits.patch

dccp: Disable auto-loading as mitigation against local exploits

Forwarded: not-needed

We can mitigate the effect of vulnerabilities in obscure protocols by
preventing unprivileged users from loading the modules, so that they
are only exploitable on systems where the administrator has chosen to
load the protocol.

The 'dccp' protocol is not actively maintained or widely used.
Therefore disable auto-loading.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic debian
Gbp-Pq: Name dccp-disable-auto-loading-as-mitigation-against-local-exploits.patch

[PATCH 1/3] rds: Disable auto-loading as mitigation against local exploits

Forwarded: not-needed

Recent review has revealed several bugs in obscure protocol
implementations that can be exploited by local users for denial of
service or privilege escalation. We can mitigate the effect of any
remaining vulnerabilities in such protocols by preventing unprivileged
users from loading the modules, so that they are only exploitable on
systems where the administrator has chosen to load the protocol.

The 'rds' protocol is one such protocol that has been found to be
vulnerable, and which was not present in the 'lenny' kernel.
Therefore disable auto-loading.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic debian
Gbp-Pq: Name rds-Disable-auto-loading-as-mitigation-against-local.patch

[PATCH 2/3] af_802154: Disable auto-loading as mitigation against local exploits

Forwarded: not-needed

Recent review has revealed several bugs in obscure protocol
implementations that can be exploited by local users for denial of
service or privilege escalation. We can mitigate the effect of any
remaining vulnerabilities in such protocols by preventing unprivileged
users from loading the modules, so that they are only exploitable on
systems where the administrator has chosen to load the protocol.

The 'af_802154' (IEEE 802.15.4) protocol is not widely used, was
not present in the 'lenny' kernel, and seems to receive only sporadic
maintenance. Therefore disable auto-loading.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic debian
Gbp-Pq: Name af_802154-Disable-auto-loading-as-mitigation-against.patch

radeon, amdgpu: Firmware is required for DRM and KMS on R600 onward

Bug-Debian: https://bugs.debian.org/607194
Bug-Debian: https://bugs.debian.org/607471
Bug-Debian: https://bugs.debian.org/610851
Bug-Debian: https://bugs.debian.org/627497
Bug-Debian: https://bugs.debian.org/632212
Bug-Debian: https://bugs.debian.org/637943
Bug-Debian: https://bugs.debian.org/649448
Bug-Debian: https://bugs.debian.org/697229
Bug-Debian: https://bugs.debian.org/1053764
Forwarded: no
Last-Update: 2023-11-08

radeon requires firmware/microcode for the GPU in all chips, but for
newer chips (apparently R600 'Evergreen' onward) it also expects
firmware for the memory controller and other sub-blocks.

radeon attempts to gracefully fall back and disable some features if
the firmware is not available, but becomes unstable - the framebuffer
and/or system memory may be corrupted, or the display may stay black.

Therefore, perform a basic check for the existence of
/lib/firmware/radeon when a device is probed, and abort if it
is missing, except for the pre-R600 case.

Update 2023-11-08:
In bug 1053764 Mario Limonciello <mario.limonciello@amd.com> states
that the patch isn't needed anymore for amdgpu, so remove that part
of the patch

Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name radeon-amdgpu-firmware-is-required-for-drm-and-kms-on-r600-onward.patch

firmware_loader: Log direct loading failures as info for d-i

Forwarded: not-needed

On an installed Debian system, firmware packages will normally be
installed automatically based on a mapping of device IDs to firmware.
Within the Debian installer this has not yet happened and we need a
way to detect missing firmware.

Although many/most drivers log firmware loading failures, they do so
using many different formats. This adds a single log message to the
firmware loader, which the installer's hw-detect package will look
for. The log level is set to "info" because some failures are
expected and we do not want to confuse users with bogus error messages
(like in bug #966218).

NOTE: The log message format must not be changed without coordinating
this with the check-missing-firmware.sh in hw-detect.

Gbp-Pq: Topic debian
Gbp-Pq: Name firmware_loader-log-direct-loading-failures-as-info-for-d-i.patch

iwlwifi: Do not request unreleased firmware for IWL6000

Bug-Debian: https://bugs.debian.org/689416
Forwarded: not-needed

The iwlwifi driver currently supports firmware API versions 4-6 for
these devices.  It will request the file for the latest supported
version and then fall back to earlier versions.  However, the latest
version that has actually been released is 4, so we expect the
requests for versions 6 and then 5 to fail.

The installer appears to report any failed request, and it is probably
not easy to detect that this particular failure is harmless.  So stop
requesting the unreleased firmware.

Gbp-Pq: Topic debian
Gbp-Pq: Name iwlwifi-do-not-request-unreleased-firmware.patch

af9005: Use request_firmware() to load register init script

Forwarded: no

Read the register init script from the Windows driver. This is sick
but should avoid the potential copyright infringement in distributing
a version of the script which is directly derived from the driver.

Gbp-Pq: Topic features/all
Gbp-Pq: Name drivers-media-dvb-usb-af9005-request_firmware.patch

linux-perf: Remove remaining source filenames from executable

When we build perf with -ffile-prefix-map, there are still 2
source directory names embedded in the executable:

1. The Documentation subdirectory, used as a fallback from the
installed location.
2. The python subdirectory, used in the Python script test.

Remove (1) since it is an unnecessary fallback. Change (2)
to the installed location.

Gbp-Pq: Topic debian
Gbp-Pq: Name linux-perf-remove-remaining-source-filenames-from-executable.patch

fixdep: Allow overriding HOSTCC and HOSTLD

Forwarded: not-needed

objtool always uses HOSTCC, HOSTLD, and HOSTAR, so we need to override
these on the command line for cross-builds of linux-kbuild. But it
also builds fixdep which still needs to be native in a cross-build.
Add support for REALHOSTCC and REALHOSTLD variables which, if set,
override HOSTCC and HOSTLD for fixdep only.

Gbp-Pq: Topic debian
Gbp-Pq: Name fixdep-allow-overriding-hostcc-and-hostld.patch

Revert "tools build: Clean CFLAGS and LDFLAGS for fixdep"

This reverts commit 5725dd8fa888b4dcdff58241f9d3d3ac42a048e2. That
was a workaround for the bug fixed by commit 6b3db6f9b970 "tools
build: Make fixdep a hostprog" and is no longer needed.

Signed-off-by: Ben Hutchings <benh@debian.org>
Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name revert-tools-build-clean-cflags-and-ldflags-for-fixdep.patch

Makefile: Make compiler version comparison optional

Forwarded: not-needed
Bug-Debian: https://bugs.debian.org/1019749

The top-level Makefile warns if the compiler version string changes at
all between the kernel build and an out-of-tree module build.

We expect that major compiler version changes could introduce ABI
changes, and override the CC variable in out-of-tree module builds to
ensure that the same major compiler version is used. But minor
version changes should not make a difference, so this exact version
comparison produces false warnings.

Since custom kernel packages don't have that, don't remove the version
comparison. Instead, skip it if $(DEBIAN_KERNEL_NO_CC_VERSION_CHECK)
is non-empty.

Gbp-Pq: Topic debian
Gbp-Pq: Name makefile-make-compiler-version-comparison-optional.patch

kbuild: Abort build if SUBDIRS used

Forwarded: not-needed
Bug-Debian: https://bugs.debian.org/987575

DKMS and module-assistant both build OOT modules as root. If they
build an old OOT module that still use SUBDIRS this causes Kbuild
to try building a full kernel, which obviously fails but not before
deleting files from the installed headers package.

To avoid such mishaps, detect this situation and abort the build.

The error message is based on that used in commit 0126be38d988
"kbuild: announce removal of SUBDIRS if used".

Gbp-Pq: Topic debian
Gbp-Pq: Name kbuild-abort-build-if-subdirs-used.patch

kbuild: Look for module.lds under arch directory too

Forwarded: not-needed
Bug-Debian: https://bugs.debian.org/975571

The module.lds linker script is now built under the scripts directory,
where previously it was under arch/$(SRCARCH).

However, we package the scripts directory as linux-kbuild, which is
meant to be able to do support native and cross-builds. That means it
shouldn't contain files for a specific target architecture without a
wrapper to select between them, and it doesn't appear that linker
scripts are powerful enough to implement such a wrapper.

Building module.lds in a different location would require relatively
large changes. Moving it in the package build rules can work, but we
need to support custom kernel builds from the same source so we can't
assume it's moved.

Therefore, we move module.lds under the arch build directory in
rules.real and change Makefile.modfinal to look for it in both places.

Gbp-Pq: Topic debian
Gbp-Pq: Name kbuild-look-for-module.lds-under-arch-directory-too.patch

[PATCH 2/2] perf/traceevent: Support asciidoctor for documentation

From cd02fc78859ef9aefd7c92406f9523622da0b472 Mon Sep 17 00:00:00 2001
Forwarded: not-needed

Gbp-Pq: Topic debian
Gbp-Pq: Name perf-traceevent-support-asciidoctor-for-documentatio.patch

[PATCH 1/2] Documentation: Drop sphinx version check

From 252aa79fdbd4ac2da09d9b98f81bf11f5e3e1870 Mon Sep 17 00:00:00 2001
Forwarded: not-needed

Gbp-Pq: Topic debian
Gbp-Pq: Name documentation-drop-sphinx-version-check.patch

android: Enable building ashmem and binder as modules

Bug-Debian: https://bugs.debian.org/901492

We want to enable use of the Android ashmem and binder drivers to
support Anbox, but they should not be built-in as that would waste
resources and increase security attack surface on systems that don't
need them.

- Add a MODULE_LICENSE declaration to ashmem
- Change the Makefiles to build each driver as an object with the
"_linux" suffix (which is what Anbox expects)
- Change config symbol types to tristate

Update:
In upstream commit 721412ed3d titled "staging: remove ashmem" the ashmem
driver was removed entirely. Secondary commit message:
"The mainline replacement for ashmem is memfd, so remove the legacy
code from drivers/staging/"
Consequently, the ashmem part of this patch has been removed.

Gbp-Pq: Topic debian
Gbp-Pq: Name android-enable-building-ashmem-and-binder-as-modules.patch

Export symbols needed by binder

Bug-Debian: https://bugs.debian.org/901492

We want to enable use of the Android binder driver to support
Waydroid, but it should not be built-in as that would waste resources
and increase security attack surface on systems that don't need it.

Export the currently un-exported symbols it depends on.

Gbp-Pq: Topic debian
Gbp-Pq: Name export-symbols-needed-by-android-drivers.patch

wireless: Add Debian wireless-regdb certificates

Forwarded: not-needed

This hex dump is generated using:

{
    for cert in debian/certs/wireless-regdb-*.pem; do
        openssl x509 -in $cert -outform der;
    done
} | hexdump -v -e '1/1 "0x%.2x," "\n"' > net/wireless/certs/debian.hex

Gbp-Pq: Topic debian
Gbp-Pq: Name wireless-add-debian-wireless-regdb-certificates.patch

tools: install perf python bindings

Bug-Debian: http://bugs.debian.org/860957
Forwarded: not-needed

Gbp-Pq: Topic debian
Gbp-Pq: Name tools-perf-install-python-bindings.patch

linux-tools: Install perf-read-vdso{,x}32 in directory under /usr/lib

Gbp-Pq: Topic debian
Gbp-Pq: Name tools-perf-perf-read-vdso-in-libexec.patch

[sh4] Fix uImage build

Bug-Debian: https://bugs.debian.org/569034
Forwarded: not-needed

[bwh: This was added without a description, but I think it is done
only to avoid a build-dependency on u-boot-tools.]

Gbp-Pq: Topic debian
Gbp-Pq: Name arch-sh4-fix-uimage-build.patch

Enable R2 to R6 emulator by default

Forwarded: not-needed

In upstream code, 'mipsr2emu' kernel option is needed
to enable R2 to R6 emulator. Since we need r6 kernel
for our r2 port, let's always enable it.

Gbp-Pq: Topic debian
Gbp-Pq: Name mips-enable-r2-to-r6-emu-by-default.patch

Use RELAXED ieee754 mode for Loongson-3 as 3A 4000 is 2008-only

Forwarded: not-needed

There are 2 mode of value of IEEE NaN hardcoded by CPU.
Currently, our mipsel/mips64el port is in so-called lagacy mode.
Loongson 3A 4000 is set as the so-called 2008 mode.

To make Debian workable on Loongson 3A 4000, we need set the kerenl in
RELAXED mode.

https://web.archive.org/web/20180830093617/https://dmz-portal.mips.com/wiki/MIPS_ABI_-_NaN_Interlinking

[bwh: Update for addition of EMULATED mode in 6.11]

Gbp-Pq: Topic debian
Gbp-Pq: Name mips-ieee754-relaxed.patch

Disable uImage generation for mips generic

Forwarded: not-needed

MIPS generic trys to generate uImage when build, which then ask for
u-boot-tools.

[bwh: Updated for 5.17:
- zload-y is no longer assigned here and appears to default to empty
- Adjust context]

Gbp-Pq: Topic debian
Gbp-Pq: Name mips-boston-disable-its.patch

kbuild: Make the toolchain variables easily overwritable

Forwarded: not-needed

Allow make variables to be overridden for each flavour by a file in
the build tree, .kernelvariables.

We currently use this for ARCH, KERNELRELEASE, CC, and in some cases
also CROSS_COMPILE, KCFLAGS.

This file can only be read after we establish the build tree, and all
use of $(ARCH) needs to be moved after this.

[bwh: Updated for 5.3: include .kernelvariables from current directory
rather than using undefined $(obj).]

Gbp-Pq: Topic debian
Gbp-Pq: Name kernelvariables.patch

Make mkcompile_h accept an alternate timestamp string

Forwarded: not-needed

We want to include the Debian version in the utsname::version string
instead of a full timestamp string. However, we still need to provide
a standard timestamp string for gen_initramfs_list.sh to make the
kernel image reproducible.

Make mkcompile_h use $KBUILD_BUILD_VERSION_TIMESTAMP in preference to
$KBUILD_BUILD_TIMESTAMP.

Gbp-Pq: Topic debian
Gbp-Pq: Name uname-version-timestamp.patch

Include package version along with kernel release in stack traces

Forwarded: not-needed

For distribution binary packages we assume
$DISTRIBUTION_OFFICIAL_BUILD, $DISTRIBUTOR and $DISTRIBUTION_VERSION
are set.

Gbp-Pq: Topic debian
Gbp-Pq: Name version.patch

Documentation: Fix broken link to CIPSO draft

Forwarded: not-needed

We exclude the CIPSO draft text as its licence is not DFSG compliant.
Link to the IETF's online version instead.

Gbp-Pq: Topic debian/dfsg
Gbp-Pq: Name documentation-fix-broken-link-to-cipso-draft.patch

video: Remove nvidiafb and rivafb

Bug-Debian: https://bugs.debian.org/383481
Forwarded: no

These drivers contain register programming code provided by the
hardware vendor that appears to have been deliberately obfuscated.
This is arguably not the preferred form for modification.

These drivers are also largely redundant with nouveau. The RIVA 128
(NV3) is not supported by nouveau but is about 15 years old and
probably discontinued 10 years ago.

Gbp-Pq: Topic debian/dfsg
Gbp-Pq: Name video-remove-nvidiafb-and-rivafb.patch

dvb-usb-af9005: mark as broken

Forwarded: not-needed

Gbp-Pq: Topic debian/dfsg
Gbp-Pq: Name drivers-media-dvb-dvb-usb-af9005-disable.patch

Remove microcode patches for mgsuvd (not enabled in Debian configs)

Forwarded: not-needed

Gbp-Pq: Topic debian/dfsg
Gbp-Pq: Name arch-powerpc-platforms-8xx-ucode-disable.patch

Tweak gitignore for Debian pkg-kernel using git

Forwarded: not-needed

[bwh: Tweak further for pure git]

Gbp-Pq: Topic debian
Gbp-Pq: Name gitignore.patch

linux (6.12.41-1) trixie-security; urgency=high

  * New upstream stable update:
    https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.12.39
    - eventpoll: don't decrement ep refcount while still holding the ep mutex
      (CVE-2025-38349)
    - drm/amdgpu/discovery: use specific ip_discovery.bin for legacy asics
    - drm/amdgpu/ip_discovery: add missing ip_discovery fw
    - [s390x] crypto: s390/sha - Fix uninitialized variable in SHA-1 and SHA-2
    - drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid
      Priority Inversion in SRIOV (CVE-2025-38104)
    - [amd64] ASoC: Intel: SND_SOC_INTEL_SOF_BOARD_HELPERS select
      SND_SOC_ACPI_INTEL_MATCH
    - [amd64] ASoC: Intel: soc-acpi: arl: Correct naming of a cs35l56 address
      struct
    - [amd64] ASoC: Intel: soc-acpi: arl: Add match entries for new cs42l43
      laptops
    - [amd64] ASoC: soc-acpi: add get_function_tplg_files ops
    - [amd64] ASoC: Intel: add sof_sdw_get_tplg_files ops
    - [amd64] ASoC: Intel: soc-acpi-intel-arl-match: set get_function_tplg_files
      ops
    - [amd64] ASoC: Intel: soc-acpi: arl: Correct order of cs42l43 matches
    - perf/core: Fix the WARN_ON_ONCE is out of lock protected region
    - irqchip/irq-msi-lib: Select CONFIG_GENERIC_MSI_IRQ
    - sched/core: Fix migrate_swap() vs. hotplug
    - perf: Revert to requiring CAP_SYS_ADMIN for uprobes
    - ASoC: cs35l56: probe() should fail if the device ID is not recognized
    - Bluetooth: hci_sync: Fix not disabling advertising instance
    - Bluetooth: hci_event: Fix not marking Broadcast Sink BIS as connected
    - pinctrl: amd: Clear GPIO debounce for suspend
    - fix proc_sys_compare() handling of in-lookup dentries
    - sched/deadline: Fix dl_server runtime calculation formula
    - bnxt_en: eliminate the compile warning in bnxt_request_irq due to
      CONFIG_RFS_ACCEL
    - [arm64] poe: Handle spurious Overlay faults
    - [arm64] net: phy: qcom: move the WoL function to shared library
    - [arm64] net: phy: qcom: qca808x: Fix WoL issue by utilizing
      at8031_set_wol()
    - netlink: Fix wraparounds of sk->sk_rmem_alloc.
    - vsock: fix `vsock_proto` declaration
    - tipc: Fix use-after-free in tipc_conn_close().
    - tcp: Correct signedness in skb remaining space calculation
    - vsock: Fix transport_{g2h,h2g} TOCTOU
    - vsock: Fix transport_* TOCTOU
    - vsock: Fix IOCTL_VM_SOCKETS_GET_LOCAL_CID to check also `transport_local`
    - net: stmmac: Fix interrupt handling for level-triggered mode in DWC_XGMAC2
    - net: phy: smsc: Fix Auto-MDIX configuration when disabled by strap
    - net: phy: smsc: Force predictable MDI-X state on LAN87xx
    - net: phy: smsc: Fix link failure in forced mode with Auto-MDIX
    - atm: clip: Fix potential null-ptr-deref in to_atmarpd().
    - atm: clip: Fix memory leak of struct clip_vcc.
    - atm: clip: Fix infinite recursive call of clip_push().
    - atm: clip: Fix NULL pointer dereference in vcc_sendmsg()
    - [arm64] net: ethernet: ti: am65-cpsw-nuss: Fix skb size by accounting for
      skb_shared_info
    - net/sched: Abort __tc_modify_qdisc if parent class does not exist
    - rxrpc: Fix bug due to prealloc collision
    - rxrpc: Fix oops due to non-existence of prealloc backlog struct
    - ipmi:msghandler: Fix potential memory corruption in ipmi_create_user()
    - [amd64] x86/mce/amd: Add default names for MCA banks and blocks
    - [amd64] x86/mce/amd: Fix threshold limit reset
    - [amd64] x86/mce: Don't remove sysfs if thresholding sysfs init fails
    - [amd64] x86/mce: Ensure user polling settings are honored when restarting
      timer
    - [amd64] x86/mce: Make sure CMCI banks are cleared during shutdown on Intel
    - [amd64] KVM: x86/xen: Allow 'out of range' event channel ports in IRQ
      routing table.
    - [amd64] KVM: SVM: Add missing member in SNP_LAUNCH_START command structure
    - [amd64] KVM: SVM: Reject SEV{-ES} intra host migration if vCPU creation is
      in-flight
    - KVM: Allow CPU to reschedule while setting per-page memory attributes
    - ASoC: fsl_sai: Force a software reset when starting in consumer mode
    - gre: Fix IPv6 multicast route creation. (Closes: #1108430)
    - md/md-bitmap: fix GPF in bitmap_get_stats() (Closes: #1109734)
    - [arm64] pinctrl: qcom: msm: mark certain pins as invalid for interrupts
    - pwm: Fix invalid state detection
    - pwm: mediatek: Ensure to disable clocks in error path
    - wifi: prevent A-MSDU attacks in mesh networks (CVE-2025-27558)
    - wifi: mwifiex: discard erroneous disassoc frames on STA interface
    - wifi: mt76: mt7921: prevent decap offload config before STA initialization
    - wifi: mt76: mt7925: prevent NULL pointer dereference in
      mt7925_sta_set_decap_offload()
    - wifi: mt76: mt7925: fix the wrong config for tx interrupt
    - wifi: mt76: mt7925: fix invalid array index in ssid assignment during hw
      scan
    - drm/imagination: Fix kernel crash when hard resetting the GPU
    - drm/amdkfd: Don't call mmput from MMU notifier callback
    - drm/gem: Acquire references on GEM handles for framebuffers
    - drm/sched: Increment job count before swapping tail spsc queue
    - drm/ttm: fix error handling in ttm_buffer_object_transfer
    - drm/gem: Fix race in drm_gem_handle_create_tail()
    - drm/xe/bmg: fix compressed VRAM handling
    - Revert "drm/xe/xe2: Enable Indirect Ring State support for Xe2"
    - usb: gadget: u_serial: Fix race condition in TTY wakeup
    - Revert "usb: gadget: u_serial: Add null pointer check in gs_start_io"
    - drm/framebuffer: Acquire internal references on GEM handles
    - drm/xe: Allocate PF queue size on pow2 boundary
    - Revert "ACPI: battery: negate current when discharging" (Closes: #1109344)
    - Revert "PCI/ACPI: Fix allocated memory release on error in
      pci_acpi_scan_root()"
    - kallsyms: fix build without execinfo
    - maple_tree: fix mt_destroy_walk() on root leaf node
    - mm: fix the inaccurate memory statistics issue for users
    - mm/vmalloc: leave lazy MMU mode on PTE mapping error
    - lib/alloc_tag: do not acquire non-existent lock in alloc_tag_top_users()
    - [amd64] x86/rdrand: Disable RDSEED on AMD Cyan Skillfish
    - [amd64] x86/mm: Disable hugetlb page table sharing on 32-bit
    - [arm64] clk: scmi: Handle case where child clocks are initialized before
      their parents
    - smb: server: make use of rdma_destroy_qp()
    - ksmbd: fix a mount write count leak in ksmbd_vfs_kern_path_locked()
    - erofs: fix to add missing tracepoint in erofs_read_folio()
    - erofs: address D-cache aliasing
    - [amd64] ASoC: Intel: sof-function-topology-lib: Print out the unsupported
      dmic count
    - netlink: Fix rmem check in netlink_broadcast_deliver().
    - netlink: make sure we allow at least one dump skb
    - netfs: Fix ref leak on inserted extra subreq in write retry
    - wifi: cfg80211: fix S1G beacon head validation in nl80211
    - wifi: zd1211rw: Fix potential NULL pointer dereference in
      zd_mac_tx_to_dev()
    - drm/tegra: nvdec: Fix dma_alloc_coherent error check
    - md/raid1: Fix stack memory use after return in raid1_reshape
    - raid10: cleanup memleak at raid10_make_request
    - wifi: mac80211: correctly identify S1G short beacon
    - wifi: mac80211: fix non-transmitted BSSID profile search
    - wifi: rt2x00: fix remove callback type mismatch
    - drm/nouveau/gsp: fix potential leak of memory used during acpi init
    - wifi: mt76: mt7925: Fix null-ptr-deref in mt7925_thermal_init()
    - nbd: fix uaf in nbd_genl_connect() error path
    - drm/xe/pf: Clear all LMTT pages on alloc
    - erofs: free pclusters if no cached folio is attached
    - erofs: get rid of `z_erofs_next_pcluster_t`
    - erofs: tidy up zdata.c
    - erofs: refine readahead tracepoint
    - erofs: fix to add missing tracepoint in erofs_readahead()
    - netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto()
    - net: appletalk: Fix device refcount leak in atrtr_create()
    - ibmvnic: Fix hardcoded NUM_RX_STATS/NUM_TX_STATS with dynamic sizeof
    - net: phy: microchip: Use genphy_soft_reset() to purge stale LPA bits
    - net: phy: microchip: limit 100M workaround to link-down events on LAN88xx
    - drm/xe/pm: Correct comment of xe_pm_set_vram_threshold()
    - can: m_can: m_can_handle_lost_msg(): downgrade msg lost in rx message to
      debug level
    - net/mlx5e: Fix race between DIM disable and net_dim()
    - net/mlx5e: Add new prio for promiscuous mode
    - net: ll_temac: Fix missing tx_pending check in ethtools_set_ringparam()
    - bnxt_en: Fix DCB ETS validation
    - bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT
    - ublk: sanity check add_dev input for underflow
    - atm: idt77252: Add missing `dma_map_error()`
    - ASoC: SOF: Intel: hda: Use devm_kstrdup() to avoid memleak.
    - [amd64] ALSA: hda/realtek: Add mic-mute LED setup for ASUS UM5606
    - io_uring: make fallocate be hashed work
    - [amd64] ASoC: amd: yc: add quirk for Acer Nitro ANV15-41 internal mic
    - ALSA: hda/realtek - Enable mute LED on HP Pavilion Laptop 15-eg100
    - ALSA: hda/realtek: Add quirks for some Clevo laptops
    - net: usb: qmi_wwan: add SIMCom 8230C composition
    - driver: bluetooth: hci_qca:fix unable to load the BT driver
    - HID: lenovo: Add support for ThinkPad X1 Tablet Thin Keyboard Gen2
    - net: mana: Record doorbell physical address in PF mode
    - btrfs: fix assertion when building free space tree
    - vt: add missing notification when switching back to text mode
    - bpf: Adjust free target to avoid global starvation of LRU map
    - [riscv64] vdso: Exclude .rodata from the PT_DYNAMIC segment
    - HID: Add IGNORE quirk for SMARTLINKTECHNOLOGY
    - HID: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras
    - HID: nintendo: avoid bluetooth suspend/resume stalls
    - erofs: fix rare pcluster memory leak after unmounting
    - net: wangxun: revert the adjustment of the IRQ vector sequence
    - kasan: remove kasan_find_vm_area() to prevent possible deadlock
    - ksmbd: fix potential use-after-free in oplock/lease break ack
    - [arm64] Filter out SME hwcaps when FEAT_SME isn't implemented
    - crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP()
      (CVE-2025-37984)
    - rseq: Fix segfault on registration when rseq_cs is non-zero
      (CVE-2025-38067)
    - [amd64] KVM: SVM: Set synthesized TSA CPUID flags
    https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.12.40
    - USB: serial: option: add Telit Cinterion FE910C04 (ECM) composition
    - USB: serial: option: add Foxconn T99W640
    - USB: serial: ftdi_sio: add support for NDI EMGUIDE GEMINI
    - usb: musb: fix gadget state on disconnect
    - [arm*] usb: dwc2: gadget: Fix enter to hibernation for UTMI+ PHY
    - usb: gadget: configfs: Fix OOB read on empty string write
    - [armhf] i2c: stm32: fix the device used for the DMA map
    - [armhf] i2c: stm32f7: unmap DMA mapped buffer
    - [amd64] thunderbolt: Fix wake on connect at runtime
    - [amd64] thunderbolt: Fix bit masking in tb_dp_port_set_hops()
    - Revert "staging: vchiq_arm: Create keep-alive thread during probe"
    - nvmem: imx-ocotp: fix MAC address byte length
    - nvmem: layouts: u-boot-env: remove crc32 endianness conversion
    - Input: xpad - set correct controller type for Acer NGR200
    - pch_uart: Fix dma_sync_sg_for_device() nents value
    - spi: Add check for 8-bit transfer with 8 IO mode support
    - dm-bufio: fix sched in atomic context
    - HID: core: ensure the allocated report buffer can contain the reserved
      report ID
    - HID: core: ensure __hid_request reserves the report ID as the first byte
    - HID: core: do not bypass hid_hw_raw_request
    - tracing/probes: Avoid using params uninitialized in parse_btf_arg()
    - tracing: Add down_write(trace_event_sem) when adding trace event
    - tracing/osnoise: Fix crash in timerlat_dump_stack()
    - drm/amdgpu/gfx8: reset compute ring wptr on the GPU on resume
    - drm/amdgpu: Increase reset counter only on success
    - drm/amd/display: Disable CRTC degamma LUT for DCN401
    - drm/amd/display: Free memory allocation
    - ALSA: hda/realtek - Fix mute LED for HP Victus 16-r0xxx
    - ALSA: hda/realtek: Add quirk for ASUS ROG Strix G712LWS
    - io_uring/poll: fix POLLERR handling
    - mptcp: make fallback action and fallback decision atomic
    - mptcp: plug races between subflow fail and subflow creation
    - mptcp: reset fallback status gracefully at disconnect() time
    - phonet/pep: Move call to pn_skb_get_dst_sockaddr() earlier in
      pep_sock_accept()
    - net/mlx5: Update the list of the PCI supported devices
    - [arm64] dts: imx8mp-venice-gw74xx: fix TPM SPI frequency
    - [arm64] dts: add big-endian property back into watchdog node
    - [arm64] dts: freescale: imx8mm-verdin: Keep LDO5 always on
    - [arm64] dts: imx8mp-venice-gw71xx: fix TPM SPI frequency
    - [arm64] dts: imx8mp-venice-gw72xx: fix TPM SPI frequency
    - [arm64] dts: imx8mp-venice-gw73xx: fix TPM SPI frequency
    - [arm64] dts: rockchip: use cs-gpios for spi1 on ringneck
    - af_packet: fix the SO_SNDTIMEO constraint not effective on tpacked_snd()
    - af_packet: fix soft lockup issue caused by tpacket_snd()
    - Bluetooth: btintel: Check if controller is ISO capable on
      btintel_classify_pkt_type
    - cpuidle: psci: Fix cpuhotplug routine with PREEMPT_RT=y
    - isofs: Verify inode mode when loading from disk
    - memstick: core: Zero initialize id_reg in h_memstick_read_dev_id()
    - [arm*] mmc: bcm2835: Fix dma_unmap_sg() nents value
    - mmc: sdhci-pci: Quirk for broken command queuing on Intel GLK-based
      Positivo models
    - [arm64] mmc: sdhci_am654: Workaround for Errata i2312
    - [amd64] net: stmmac: intel: populate entire system_counterval_t in
      get_time_fn() callback
    - pmdomain: governor: Consider CPU latency tolerance from pm_domain_cpu_gov
    - [s390x] bpf: Fix bpf_arch_text_poke() with new_addr == NULL again
    - smb: client: fix use-after-free in crypt_message when using async crypto
    - [armhf] soc: aspeed: lpc-snoop: Cleanup resources in stack-order
    - [armhf] soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled
    - iio: accel: fxls8962af: Fix use after free in fxls8962af_fifo_flush
    - iio: adc: axp20x_adc: Add missing sentinel to AXP717 ADC channel maps
    - iio: adc: max1363: Fix MAX1363_4X_CHANS/MAX1363_8X_CHANS[]
    - iio: adc: max1363: Reorder mode_list[] entries
    - iio: adc: stm32-adc: Fix race in installing chained IRQ handler
    - iio: backend: fix out-of-bound write
    - iio: common: st_sensors: Fix use of uninitialize device structs
    - [arm64] dts: rockchip: Add cd-gpios for sdcard detect on Cool Pi CM5
    - [arm64] dts: rockchip: Add cd-gpios for sdcard detect on Cool Pi 4B
    - [arm64] dts: imx95: Correct the DMA interrupter number of pcie0_ep
    - bpf: Reject %p% format string in bprintf-like helpers
    - cachefiles: Fix the incorrect return value in __cachefiles_write()
    - block: fix kobject leak in blk_unregister_queue
    - net/sched: sch_qfq: Fix race condition on qfq_aggregate
    - rpl: Fix use-after-free in rpl_do_srh_inline().
    - smb: client: fix use-after-free in cifs_oplock_break
    - fix a leak in fcntl_dirnotify()
    - nvme: fix inconsistent RCU list manipulation in nvme_ns_add_to_ctrl_list()
    - nvme: fix endianness of command word prints in nvme_log_err_passthru()
    - smc: Fix various oops due to inet_sock type confusion.
    - net: phy: Don't register LEDs for genphy
    - nvme: fix misaccounting of nvme-mpath inflight I/O
    - nvmet-tcp: fix callback lock for TLS handshake
    - wifi: cfg80211: remove scan request n_channels counted_by
    - [amd64] hwmon: (corsair-cpro) Validate the size of the received input
      buffer
    - ice: add NULL check in eswitch lag check
    - ice: check correct pointer in fwlog debugfs
    - usb: net: sierra: check for no status endpoint
    - loop: use kiocb helpers to fix lockdep warning
    - [riscv64] Enable interrupt during exception handling
    - [riscv64] traps_misaligned: properly sign extend value in misaligned load
      handler
    - Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb()
    - Bluetooth: hci_sync: fix connectable extended advertising when using
      static random address
    - Bluetooth: SMP: If an unallowed command is received consider it a failure
    - Bluetooth: SMP: Fix using HCI_ERROR_REMOTE_USER_TERM on timeout
    - Bluetooth: hci_core: add missing braces when using macro parameters
    - Bluetooth: btusb: QCA: Fix downloading wrong NVM for WCN6855 GF variant
      without board ID
    - net/mlx5: Correctly set gso_size when LRO is used
    - ipv6: mcast: Delay put pmc->idev in mld_del_delrec()
    - net: fix segmentation after TCP/UDP fraglist GRO
    - netfilter: nf_conntrack: fix crash due to removal of uninitialised entry
    - drm/xe/pf: Sanitize VF scratch registers on FLR
    - drm/xe/pf: Move VFs reprovisioning to worker
    - drm/xe/pf: Prepare to stop SR-IOV support prior GT reset
    - Bluetooth: L2CAP: Fix attempting to adjust outgoing MTU
    - [amd64,arm64] hv_netvsc: Set VF priv_flags to IFF_NO_ADDRCONF before open
      to prevent IPv6 addrconf
    - virtio-net: fix recursived rtnl_lock() during probe()
    - tls: always refresh the queue when reading sock
    - net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during
      runtime
    - net: bridge: Do not offload IGMP/MLD messages
    - net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree
    - rxrpc: Fix recv-recv race of completed call
    - rxrpc: Fix transmission of an abort in response to an abort
    - Revert "cgroup_freezer: cgroup_freezing: Check if not frozen"
    - drm/mediatek: Add wait_event_timeout when disabling plane
    - drm/mediatek: only announce AFBC if really supported
    - libbpf: Fix handling of BPF arena relocations
    - efivarfs: Fix memory leak of efivarfs_fs_info in fs_context error paths
    - sched: Change nr_uninterruptible type to unsigned long
    - clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right
      userns
    - btrfs: fix block group refcount race in
      btrfs_create_pending_block_groups() (CVE-2025-22115)
    - usb: hub: fix detection of high tier USB3 devices behind suspended hubs
    - usb: hub: Fix flushing and scheduling of delayed work that tunes runtime
      pm
    - usb: hub: Fix flushing of delayed work used for post resume purposes
    - usb: hub: Don't try to recover devices lost during warm reset.
    - [arm64] usb: dwc3: qcom: Don't leave BCR asserted
    - [arm64,armhf] i2c: omap: Add support for setting mux
    - [arm64,armhf] i2c: omap: Fix an error handling path in omap_i2c_probe()
    - [arm64,armhf] i2c: omap: Handle omap_i2c_init() errors in omap_i2c_probe()
    - [arm64,armhf] i2c: omap: fix deprecated of_property_read_bool() use
    - sched,freezer: Remove unnecessary warning in __thaw_task
    - drm/xe/mocs: Initialize MOCS index early
    - drm/xe: Move page fault init after topology init
    - smb: client: let smbd_post_send_iter() respect the peers max_send_size and
      transmit all data
    - [amd64] iommu/vt-d: Fix misplaced domain_attached assignment
      (Closes: #1109676)
    - [amd64] KVM: x86/xen: Fix cleanup logic in emulation of Xen schedop poll
      hypercalls
    https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.12.41
    - [amd64] x86/traps: Initialize DR7 by writing its architectural reset value
    - Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT
      (CVE-2025-38335)
    - virtio_net: Enforce minimum TX ring size for reliability
    - virtio_ring: Fix error reporting in virtqueue_resize
    - regulator: core: fix NULL dereference on unbind due to stale coupling data
    - [amd64] platform/x86: asus-nb-wmi: add DMI quirk for ASUS Zenbook Duo
      UX8406CA
    - RDMA/core: Rate limit GID cache warning messages
    - [arm64] interconnect: qcom: sc7280: Add missing num_links to xm_pcie3_1
      node
    - iio: adc: ad7949: use spi_is_bpw_supported()
    - regmap: fix potential memory leak of regmap_bus
    - [amd64] x86/hyperv: Fix usage of cpu_online_mask to get valid cpu
    - [amd64] platform/x86: Fix initialization order for
      firmware_attributes_class
    - [arm*] staging: vchiq_arm: Make vchiq_shutdown never fail
    - xfrm: state: initialize state_ptrs earlier in xfrm_state_find
    - xfrm: state: use a consistent pcpu_id in xfrm_state_find
    - xfrm: Set transport header to fix UDP GRO handling
    - xfrm: interface: fix use-after-free after changing collect_md xfrm
      interface
    - [arm64] net: ti: icssg-prueth: Fix buffer allocation for ICSSG
    - net/mlx5: Fix memory leak in cmd_exec()
    - net/mlx5: E-Switch, Fix peer miss rules to use peer eswitch
    - i40e: report VF tx_dropped with tx_errors instead of tx_discards
    - i40e: When removing VF MAC filters, only check PF-set MAC
    - net: appletalk: Fix use-after-free in AARP proxy probe
    - net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in
      qfq_delete_class
    - can: netlink: can_changelink(): fix NULL pointer deref of struct
      can_priv::do_set_mode
    - [arm64] drm/bridge: ti-sn65dsi86: Remove extra semicolon in
      ti_sn_bridge_probe()
    - ALSA: hda/realtek: Fix mute LED mask on HP OMEN 16 laptop
    - [s390x] ism: fix concurrency management in ism_cmd()
    - [arm64] net: hns3: fix concurrent setting vlan filter issue
    - [arm64] net: hns3: disable interrupt when ptp init failed
    - [arm64] net: hns3: fixed vf get max channels bug
    - [arm64] net: hns3: default enable tx bounce buffer when smmu enabled
    - [amd64] platform/x86: ideapad-laptop: Fix FnLock not remembered among
      boots
    - [amd64] platform/x86: ideapad-laptop: Fix kbd backlight not remembered
      among boots
    - drm/amdgpu: Reset the clear flag in buddy during resume
    - drm/sched: Remove optimization that causes hang when killing dependent
      jobs
    - mm/ksm: fix -Wsometimes-uninitialized from clang-21 in advisor_mode_show()
    - timekeeping: Zero initialize system_counterval when querying time from phc
      drivers
    - [arm64] i2c: qup: jump out of the loop in case of timeout
    - [arm64,armhf] i2c: tegra: Fix reset error handling with ACPI
    - i2c: virtio: Avoid hang by using interruptible completion wait
    - bus: fsl-mc: Fix potential double device reference in
      fsl_mc_get_endpoint()
    - sprintf.h requires stdarg.h
    - ALSA: hda/realtek - Add mute LED support for HP Pavilion 15-eg0xxx
    - ALSA: hda/realtek - Add mute LED support for HP Victus 15-fa0xxx
    - [arm64] entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack()
    - [arm64] dpaa2-eth: Fix device reference count leak in MAC endpoint
      handling
    - e1000e: disregard NVM checksum on tgp when valid checksum bit is not set
    - e1000e: ignore uninitialized checksum word on tgp
    - gve: Fix stuck TX queue for DQ queue format
    - ice: Fix a null pointer dereference in ice_copy_and_init_pkg()
    - nilfs2: reject invalid file types when reading inodes
    - resource: fix false warning in __request_region()
    - mm/vmscan: fix hwpoisoned large folio handling in shrink_folio_list
    - mm/zsmalloc: do not pass __GFP_MOVABLE if CONFIG_COMPACTION=n
    - [amd64,arm64] usb: typec: tcpm: allow to use sink in accessory mode
    - [amd64,arm64] usb: typec: tcpm: allow switching to mode accessory to mux
      properly
    - [amd64,arm64] usb: typec: tcpm: apply vbus before data bringup in
      tcpm_src_attach
    - spi: cadence-quadspi: fix cleanup of rx_chan on failure paths
    - [amd64] x86/bugs: Fix use of possibly uninit value in
      amd_check_tsa_microcode()
    - jfs: reject on-disk inodes of an unsupported type (CVE-2025-37925)
    - [amd64] comedi: comedi_test: Fix possible deletion of uninitialized timers
    - [arm64] dts: qcom: x1e78100-t14s: mark l12b and l15b always-on
    - erofs: simplify z_erofs_load_compact_lcluster()
    - erofs: refine z_erofs_get_extent_compressedlen()
    - erofs: use Z_EROFS_LCLUSTER_TYPE_MAX to simplify switches
    - erofs: simplify tail inline pcluster handling
    - erofs: clean up header parsing for ztailpacking and fragments
    - erofs: fix large fragment handling
    - ext4: don't explicit update times in ext4_fallocate()
    - ext4: refactor ext4_punch_hole()
    - ext4: refactor ext4_zero_range()
    - ext4: refactor ext4_collapse_range()
    - ext4: refactor ext4_insert_range()
    - ext4: factor out ext4_do_fallocate()
    - ext4: move out inode_lock into ext4_fallocate()
    - ext4: move out common parts into ext4_fallocate()
    - ext4: fix incorrect punch max_end
    - ext4: correct the error handle in ext4_fallocate()
    - ext4: fix out of bounds punch offset
    - [amd64] KVM: x86: drop x86.h include from cpuid.h
    - [amd64] KVM: x86: Route non-canonical checks in emulator through
      emulate_ops
    - [amd64] KVM: x86: Add X86EMUL_F_MSR and X86EMUL_F_DT_LOAD to aid canonical
      checks
    - [amd64] KVM: x86: model canonical checks more precisely
    - [amd64] KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush
      (CVE-2025-38351)
    - [amd64] x86/hyperv: Fix APIC ID and VP index confusion in hv_snp_boot_ap()
    - [arm64] dts: qcom: x1-crd: Fix vreg_l2j_1p2 voltage
    - Revert "wifi: mt76: mt7925: Update mt7925_mcu_uni_[tx,rx]_ba for MLO"
    - wifi: mt76: mt7925: adjust rm BSS flow to prevent next connection failure
    - iio: hid-sensor-prox: Restore lost scale assignments
    - iio: hid-sensor-prox: Fix incorrect OFFSET calculation
    - [amd64,arm64] Drivers: hv: Make the sysfs node size for the ring buffer
      dynamic
    - ALSA: hda/tegra: Add Tegra264 support
    - ALSA: hda: Add missing NVIDIA HDA codec IDs
    - [amd64] drm/i915/dp: Fix 2.7 Gbps DP_LINK_BW value on g4x
    - Revert "drm/xe/gt: Update handling of xe_force_wake_get return"
      (Closes: #1109799)
    - Revert "drm/xe/tests/mocs: Update xe_force_wake_get() return handling"
    - Revert "drm/xe/devcoredump: Update handling of xe_force_wake_get return"
    - Revert "drm/xe/forcewake: Add a helper xe_force_wake_ref_has_domain()"
    - [amd64] KVM: x86: Free vCPUs before freeing VM state
    - mm: khugepaged: fix call hpage_collapse_scan_file() for anonymous vma

  [ Bastian Blank ]
  * Store build time signing key encrypted.
  * Enable CRYPTO_ECDSA.

  [ Aurelien Jarno ]
  * Fix installation of DTB files

  [ Tj ]
  * drivers/gpu/drm/nouveau: Enable DRM_NOUVEAU_GSP_DEFAULT (Closes: #1088522)

  [ Uwe Kleine-König ]
  * [armhf] Add phy-gmii-sel module to nic-shared-modules udeb for
    ti/omap/am335x based machines (e.g. BeagleBone black).

  [ Salvatore Bonaccorso ]
  * d/salsa-ci.yml: Update for trixie: Set RELEASE to trixie

[dgit import unpatched linux 6.12.41-1]

Import linux_6.12.41.orig.tar.xz

[dgit import orig linux_6.12.41.orig.tar.xz]

Import linux_6.12.41-1.debian.tar.xz

[dgit import tarball linux 6.12.41-1 linux_6.12.41-1.debian.tar.xz]

Merge linux (6.12.38-1) import into refs/heads/workingbranch