This bug was fixed in the package linux-azure - 5.4.0-1100.106
---------------
linux-azure (5.4.0-1100.106) focal; urgency=medium
* focal/linux-azure: 5.4.0-1100.106 -proposed tracker (LP: #1999429)
* ubuntu_bpf failed to build on F-azure-5.4 / B-azure-5.4 ( error:
‘bpf_object_open_opts’ undeclared) (LP: #1990794)
- Revert "bpf, testing: Add selftest to read/write sockaddr from user space"
* Focal update: v5.4.214 upstream stable release (LP: #1993196)
- [Config] azure: soc: fsl: select FSL_GUTS driver for DPIO
* Azure: hv_netvsc: Fix race between VF offering and VF association message
from host (LP: #1994974)
- hv_netvsc: Fix race between VF offering and VF association message from
host
* Azure: RMB Patch to backport on the Azure Linux Images (LP: #1994987)
- net: mana: Add rmb after checking owner bits
[ Ubuntu: 5.4.0-136.153 ]
* focal/linux: 5.4.0-136.153 -proposed tracker (LP: #1997835)
* Expose built-in trusted and revoked certificates (LP: #1996892)
- [Packaging] Expose built-in trusted and revoked certificates
* [UBUNTU 20.04] KVM: PV: ext call delivered twice when receiver in PSW wait
(LP: #1995941)
- KVM: s390: pv: don't present the ecall interrupt twice
* [UBUNTU 20.04] boot: Add s390x secure boot trailer (LP: #1996071)
- s390/boot: add secure boot trailer
* Fix rfkill causing soft blocked wifi (LP: #1996198)
- platform/x86: hp_wmi: Fix rfkill causing soft blocked wifi
* md: Replace snprintf with scnprintf (LP: #1993315)
- md: Replace snprintf with scnprintf
* input/keyboard: the keyboard on some Asus laptops can't work (LP: #1992266)
- ACPI: resource: Skip IRQ override on Asus Vivobook K3402ZA/K3502ZA
- ACPI: resource: Add ASUS model S5402ZA to quirks
* Focal update: v5.4.218 upstream stable release (LP: #1995530)
- mm: pagewalk: Fix race between unmap and page walker
- perf tools: Fixup get_current_dir_name() compilation
- firmware: arm_scmi: Add SCMI PM driver remove routine
- dmaengine: xilinx_dma: cleanup for fetching xlnx,num-fstores property
- dmaengine: xilinx_dma: Report error in case of dma_set_mask_and_coherent
API
failure
- ARM: dts: fix Moxa SDIO 'compatible', remove 'sdhci' misnomer
- scsi: qedf: Fix a UAF bug in __qedf_probe()
- net/ieee802154: fix uninit value bug in dgram_sendmsg
- um: Cleanup syscall_handler_t cast in syscalls_32.h
- um: Cleanup compiler warning in arch/x86/um/tls_32.c
- arch: um: Mark the stack non-executable to fix a binutils warning
- usb: mon: make mmapped memory read only
- USB: serial: ftdi_sio: fix 300 bps rate for SIO
- mmc: core: Replace with already defined values for readability
- mmc: core: Terminate infinite loop in SD-UHS voltage switch
- rpmsg: qcom: glink: replace strncpy() with strscpy_pad()
- nilfs2: fix leak of nilfs_root in case of writer thread creation failure
- nilfs2: replace WARN_ONs by nilfs_error for checkpoint acquisition failure
- ceph: don't truncate file in atomic_open
- random: clamp credited irq bits to maximum mixed
- ALSA: hda: Fix position reporting on Poulsbo
- efi: Correct Macmini DMI match in uefi cert quirk
- USB: serial: qcserial: add new usb-id for Dell branded EM7455
- random: restore O_NONBLOCK support
- random: avoid reading two cache lines on irq randomness
- random: use expired timer rather than wq for mixing fast pool
- Input: xpad - add supported devices as contributed on github
- Input: xpad - fix wireless 360 controller breaking after suspend
- Linux 5.4.218
* Focal update: v5.4.217 upstream stable release (LP: #1995528)
- xfs: fix misuse of the XFS_ATTR_INCOMPLETE flag
- xfs: introduce XFS_MAX_FILEOFF
- xfs: truncate should remove all blocks, not just to the end of the page
cache
- xfs: fix s_maxbytes computation on 32-bit kernels
- xfs: fix IOCB_NOWAIT handling in xfs_file_dio_aio_read
- xfs: refactor remote attr value buffer invalidation
- xfs: fix memory corruption during remote attr value buffer invalidation
- xfs: move incore structures out of xfs_da_format.h
- xfs: streamline xfs_attr3_leaf_inactive
- xfs: fix uninitialized variable in xfs_attr3_leaf_inactive
- xfs: remove unused variable 'done'
- Makefile.extrawarn: Move -Wcast-function-type-strict to W=1
- docs: update mediator information in CoC docs
- Linux 5.4.217
* Focal update: v5.4.216 upstream stable release (LP: #1995526)
- uas: add no-uas quirk for Hiksemi usb_disk
- usb-storage: Add Hiksemi USB3-FW to IGNORE_UAS
- uas: ignore UAS for Thinkplus chips
- net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455
- clk: ingenic-tcu: Properly enable registers before accessing timers
- ARM: dts: integrator: Tag PCI host with device_type
- ntfs: fix BUG_ON in ntfs_lookup_inode_by_name()
- libata: add ATA_HORKAGE_NOLPM for Pioneer BDR-207M and BDR-205
- mmc: moxart: fix 4-bit bus width and remove 8-bit bus width
- mm/page_alloc: fix race condition between build_all_zonelists and page
allocation
- mm: prevent page_frag_alloc() from corrupting the memory
- mm/migrate_device.c: flush TLB while holding PTL
- mm: fix madivse_pageout mishandling on non-LRU page
- media: dvb_vb2: fix possible out of bound access
- ARM: dts: Move am33xx and am43xx mmc nodes to sdhci-omap driver
- ARM: dts: am33xx: Fix MMCHS0 dma properties
- soc: sunxi: sram: Actually claim SRAM regions
- soc: sunxi: sram: Prevent the driver from being unbound
- soc: sunxi_sram: Make use of the helper function
devm_platform_ioremap_resource()
- soc: sunxi: sram: Fix probe function ordering issues
- soc: sunxi: sram: Fix debugfs info for A64 SRAM C
- Revert "drm: bridge: analogix/dp: add panel prepare/unprepare in
suspend/resume time"
- Input: melfas_mip4 - fix return value check in mip4_probe()
- usbnet: Fix memory leak in usbnet_disconnect()
- nvme: add new line after variable declatation
- nvme: Fix IOC_PR_CLEAR and IOC_PR_RELEASE ioctls for nvme devices
- selftests: Fix the if conditions of in test_extra_filter()
- clk: imx: imx6sx: remove the SET_RATE_PARENT flag for QSPI clocks
- clk: iproc: Do not rely on node name for correct PLL setup
- Linux 5.4.216
* Focal update: v5.4.215 upstream stable release (LP: #1993203)
- of: fdt: fix off-by-one error in unflatten_dt_nodes()
- NFSv4: Turn off open-by-filehandle and NFS re-export for NFSv4.0
- gpio: mpc8xxx: Fix support for IRQ_TYPE_LEVEL_LOW flow_type in mpc85xx
- drm/meson: Correct OSD1 global alpha value
- drm/meson: Fix OSD1 RGB to YCbCr coefficient
- parisc: ccio-dma: Add missing iounmap in error path in ccio_probe()
- ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
- task_stack, x86/cea: Force-inline stack helpers
- tracing: hold caller_addr to hardirq_{enable,disable}_ip
- cifs: revalidate mapping when doing direct writes
- cifs: don't send down the destination address to sendmsg for a SOCK_STREAM
- MAINTAINERS: add Chandan as xfs maintainer for 5.4.y
- iomap: iomap that extends beyond EOF should be marked dirty
- ASoC: nau8824: Fix semaphore unbalance at error paths
- regulator: pfuze100: Fix the global-out-of-bounds access in
pfuze100_regulator_probe()
- rxrpc: Fix local destruction being repeated
- rxrpc: Fix calc of resend age
- ALSA: hda/sigmatel: Keep power up while beep is enabled
- ALSA: hda/tegra: Align BDL entry to 4KB boundary
- net: usb: qmi_wwan: add Quectel RM520N
- afs: Return -EAGAIN, not -EREMOTEIO, when a file already locked
- MIPS: OCTEON: irq: Fix octeon_irq_force_ciu_mapping()
- mksysmap: Fix the mismatch of 'L0' symbols in System.map
- video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
- cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all()
- ALSA: hda/sigmatel: Fix unused variable warning for beep power change
- usb: dwc3: gadget: Avoid starting DWC3 gadget during UDC unbind
- usb: dwc3: Issue core soft reset before enabling run/stop
- usb: dwc3: gadget: Prevent repeat pullup()
- usb: dwc3: gadget: Refactor pullup()
- usb: dwc3: gadget: Don't modify GEVNTCOUNT in pullup()
- usb: dwc3: gadget: Avoid duplicate requests to enable Run/Stop
- usb: xhci-mtk: get the microframe boundary for ESIT
- usb: xhci-mtk: add only one extra CS for FS/LS INTR
- usb: xhci-mtk: use @sch_tt to check whether need do TT schedule
- usb: xhci-mtk: add a function to (un)load bandwidth info
- usb: xhci-mtk: add some schedule error number
- usb: xhci-mtk: allow multiple Start-Split in a microframe
- usb: xhci-mtk: relax TT periodic bandwidth allocation
- wifi: mac80211: Fix UAF in ieee80211_scan_rx()
- tty/serial: atmel: RS485 & ISO7816: wait for TXRDY before sending data
- serial: atmel: remove redundant assignment in rs485_config
- tty: serial: atmel: Preserve previous USART mode if RS485 disabled
- usb: add quirks for Lenovo OneLink+ Dock
- usb: gadget: udc-xilinx: replace memcpy with memcpy_toio
- usb: cdns3: fix issue with rearming ISO OUT endpoint
- Revert "usb: add quirks for Lenovo OneLink+ Dock"
- Revert "usb: gadget: udc-xilinx: replace memcpy with memcpy_toio"
- USB: core: Fix RST error in hub.c
- USB: serial: option: add Quectel BG95 0x0203 composition
- USB: serial: option: add Quectel RM520N
- ALSA: hda/tegra: set depop delay for tegra
- ALSA: hda: add Intel 5 Series / 3400 PCI DID
- ALSA: hda/realtek: Add quirk for Huawei WRT-WX9
- ALSA: hda/realtek: Re-arrange quirk table entries
- ALSA: hda/realtek: Add pincfg for ASUS G513 HP jack
- ALSA: hda/realtek: Add pincfg for ASUS G533Z HP jack
- ALSA: hda/realtek: Add quirk for ASUS GA503R laptop
- ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5530 laptop
- efi: libstub: check Shim mode using MokSBStateRT
- mm/slub: fix to return errno if kmalloc() fails
- arm64: dts: rockchip: Pull up wlan wake# on Gru-Bob
- arm64: dts: rockchip: Set RK3399-Gru PCLK_EDP to 24 MHz
- arm64: dts: rockchip: Remove 'enable-active-low' from rk3399-puma
- netfilter: nf_conntrack_sip: fix ct_sip_walk_headers
- netfilter: nf_conntrack_irc: Tighten matching on DCC message
- netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find()
- iavf: Fix cached head and tail value for iavf_get_tx_pending
- ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header
- net: team: Unsync device addresses on ndo_stop
- MIPS: lantiq: export clk_get_io() for lantiq_wdt.ko
- MIPS: Loongson32: Fix PHY-mode being left unspecified
- iavf: Fix bad page state
- i40e: Fix set max_tx_rate when it is lower than 1 Mbps
- of: mdio: Add of_node_put() when breaking out of for_each_xx
- net/sched: taprio: avoid disabling offload when it was never enabled
- net/sched: taprio: make qdisc_leaf() see the per-netdev-queue pfifo child
qdiscs
- netfilter: ebtables: fix memory leak when blob is malformed
- can: gs_usb: gs_can_open(): fix race dev->can.state condition
- perf jit: Include program header in ELF files
- perf kcore_copy: Do not check /proc/modules is unchanged
- net: sunhme: Fix packet reception for len < RX_COPY_THRESHOLD
- net: sched: fix possible refcount leak in tc_new_tfilter()
- serial: Create uart_xmit_advance()
- serial: tegra: Use uart_xmit_advance(), fixes icount.tx accounting
- serial: tegra-tcu: Use uart_xmit_advance(), fixes icount.tx accounting
- s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup
- usb: xhci-mtk: fix issue of out-of-bounds array access
- cifs: always initialize struct msghdr smb_msg completely
- Drivers: hv: Never allocate anything besides framebuffer from framebuffer
memory region
- drm/amd/display: Limit user regamma to a valid value
- drm/rockchip: Fix return type of cdn_dp_connector_mode_valid
- workqueue: don't skip lockdep work dependency in cancel_work_sync()
- ext4: fix bug in extents parsing when eh_entries == 0 and eh_depth > 0
- xfs: replace -EIO with -EFSCORRUPTED for corrupt metadata
- xfs: slightly tweak an assert in xfs_fs_map_blocks
- xfs: add missing assert in xfs_fsmap_owner_from_rmap
- xfs: range check ri_cnt when recovering log items
- xfs: attach dquots and reserve quota blocks during unwritten conversion
- xfs: convert EIO to EFSCORRUPTED when log contents are invalid
- xfs: constify the buffer pointer arguments to error functions
- xfs: always log corruption errors
- xfs: fix some memory leaks in log recovery
- xfs: stabilize insert range start boundary to avoid COW writeback race
- xfs: use bitops interface for buf log item AIL flag check
- xfs: refactor agfl length computation function
- xfs: split the sunit parameter update into two parts
- xfs: don't commit sunit/swidth updates to disk if that would cause repair
failures
- xfs: fix an ABBA deadlock in xfs_rename
- xfs: fix use-after-free when aborting corrupt attr inactivation
- ext4: make directory inode spreading reflect flexbg size
- Linux 5.4.215
* Focal update: v5.4.214 upstream stable release (LP: #1993196)
- drm/msm/rd: Fix FIFO-full deadlock
- HID: ishtp-hid-clientHID: ishtp-hid-client: Fix comment typo
- hid: intel-ish-hid: ishtp: Fix ishtp client sending disordered message
- tg3: Disable tg3 device on system reboot to avoid triggering AER
- ieee802154: cc2520: add rc code in cc2520_tx()
- Input: iforce - add support for Boeder Force Feedback Wheel
- nvmet-tcp: fix unhandled tcp states in nvmet_tcp_state_change()
- perf/arm_pmu_platform: fix tests for platform_get_irq() failure
- platform/x86: acer-wmi: Acer Aspire One AOD270/Packard Bell Dot keymap
fixes
- usb: storage: Add ASUS <0x0b05:0x1932> to IGNORE_UAS
- mm: Fix TLB flush for not-first PFNMAP mappings in unmap_region()
- net: dp83822: disable rx error interrupt
- soc: fsl: select FSL_GUTS driver for DPIO
- tracefs: Only clobber mode/uid/gid on remount if asked
- Linux 5.4.214
* Focal update: v5.4.213 upstream stable release (LP: #1992211)
- efi: capsule-loader: Fix use-after-free in efi_capsule_write
- wifi: iwlegacy: 4965: corrected fix for potential off-by-one overflow in
il4965_rs_fill_link_cmd()
- fs: only do a memory barrier for the first set_buffer_uptodate()
- Revert "mm: kmemleak: take a full lowmem check in kmemleak_*_phys()"
- net: dp83822: disable false carrier interrupt
- drm/msm/dsi: fix the inconsistent indenting
- drm/msm/dsi: Fix number of regulators for msm8996_dsi_cfg
- platform/x86: pmc_atom: Fix SLP_TYPx bitfield mask
- iio: adc: mcp3911: make use of the sign bit
- ieee802154/adf7242: defer destroy_workqueue call
- wifi: cfg80211: debugfs: fix return type in ht40allow_map_read()
- Revert "xhci: turn off port power in shutdown"
- net: sched: tbf: don't call qdisc_put() while holding tree lock
- ethernet: rocker: fix sleep in atomic context bug in neigh_timer_handler
- kcm: fix strp_init() order and cleanup
- sch_cake: Return __NET_XMIT_STOLEN when consuming enqueued skb
- tcp: annotate data-race around challenge_timestamp
- Revert "sch_cake: Return __NET_XMIT_STOLEN when consuming enqueued skb"
- net/smc: Remove redundant refcount increase
- serial: fsl_lpuart: RS485 RTS polariy is inverse
- staging: rtl8712: fix use after free bugs
- powerpc: align syscall table for ppc32
- vt: Clear selection before changing the font
- tty: serial: lpuart: disable flow control while waiting for the transmit
engine to complete
- Input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag
- iio: adc: mcp3911: use correct formula for AD conversion
- misc: fastrpc: fix memory corruption on probe
- misc: fastrpc: fix memory corruption on open
- USB: serial: ftdi_sio: add Omron CS1W-CIF31 device id
- binder: fix UAF of ref->proc caused by race condition
- usb: dwc3: qcom: fix use-after-free on runtime-PM wakeup
- drm/i915/reg: Fix spelling mistake "Unsupport" -> "Unsupported"
- clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops
- Revert "clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops"
- clk: core: Fix runtime PM sequence in clk_core_unprepare()
- Input: rk805-pwrkey - fix module autoloading
- clk: bcm: rpi: Fix error handling of raspberrypi_fw_get_rate
- hwmon: (gpio-fan) Fix array out of bounds access
- gpio: pca953x: Add mutex_lock for regcache sync in PM
- thunderbolt: Use the actual buffer in tb_async_error()
- xhci: Add grace period after xHC start to prevent premature runtime
suspend.
- USB: serial: cp210x: add Decagon UCA device id
- USB: serial: option: add support for OPPO R11 diag port
- USB: serial: option: add Quectel EM060K modem
- USB: serial: option: add support for Cinterion MV32-WA/WB RmNet mode
- usb: typec: altmodes/displayport: correct pin assignment for UFP
receptacles
- usb: dwc2: fix wrong order of phy_power_on and phy_init
- USB: cdc-acm: Add Icom PMR F3400 support (0c26:0020)
- usb-storage: Add ignore-residue quirk for NXP PN7462AU
- s390/hugetlb: fix prepare_hugepage_range() check for 2 GB hugepages
- s390: fix nospec table alignments
- USB: core: Prevent nested device-reset calls
- usb: gadget: mass_storage: Fix cdrom data transfers on MAC-OS
- driver core: Don't probe devices after bus_type.match() probe deferral
- wifi: mac80211: Don't finalize CSA in IBSS mode if state is disconnected
- net: mac802154: Fix a condition in the receive path
- ALSA: seq: oss: Fix data-race for max_midi_devs access
- ALSA: seq: Fix data-race at module auto-loading
- drm/i915/glk: ECS Liva Q2 needs GLK HDMI port timing quirk
- btrfs: harden identification of a stale device
- usb: dwc3: fix PHY disable sequence
- usb: dwc3: disable USB core PHY management
- USB: serial: ch341: fix lost character on LCR updates
- USB: serial: ch341: fix disabled rx timer on older devices
- scsi: megaraid_sas: Fix double kfree()
- drm/gem: Fix GEM handle release errors
- drm/amdgpu: Check num_gfx_rings for gfx v9_0 rb setup.
- drm/radeon: add a force flush to delay work when radeon
- parisc: ccio-dma: Handle kmalloc failure in ccio_init_resources()
- parisc: Add runtime check to prevent PA2.0 kernels on PA1.x machines
- arm64: cacheinfo: Fix incorrect assignment of signed error value to
unsigned
fw_level
- fbdev: chipsfb: Add missing pci_disable_device() in chipsfb_pci_init()
- drm/amdgpu: mmVM_L2_CNTL3 register not initialized correctly
- ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc()
- ALSA: aloop: Fix random zeros in capture data when using jiffies timer
- ALSA: usb-audio: Fix an out-of-bounds bug in
__snd_usb_parse_audio_interface()
- kprobes: Prohibit probes in gate area
- debugfs: add debugfs_lookup_and_remove()
- nvmet: fix a use-after-free
- scsi: mpt3sas: Fix use-after-free warning
- scsi: lpfc: Add missing destroy_workqueue() in error path
- cgroup: Optimize single thread migration
- cgroup: Elide write-locking threadgroup_rwsem when updating csses on an
empty subtree
- cgroup: Fix threadgroup_rwsem <-> cpus_read_lock() deadlock
- smb3: missing inode locks in punch hole
- ARM: dts: imx6qdl-kontron-samx6i: remove duplicated node
- regulator: core: Clean up on enable failure
- RDMA/cma: Fix arguments order in net device validation
- soc: brcmstb: pm-arm: Fix refcount leak and __iomem leak bugs
- RDMA/hns: Fix supported page size
- netfilter: br_netfilter: Drop dst references before setting.
- rxrpc: Fix an insufficiently large sglist in rxkad_verify_packet_2()
- afs: Use the operation issue time instead of the reply time for callbacks
- sch_sfb: Don't assume the skb is still around after enqueueing to child
- tipc: fix shift wrapping bug in map_get()
- i40e: Fix kernel crash during module removal
- RDMA/siw: Pass a pointer to virt_to_page()
- ipv6: sr: fix out-of-bounds read when setting HMAC data.
- RDMA/mlx5: Set local port to one when accessing counters
- nvme-tcp: fix UAF when detecting digest errors
- tcp: fix early ETIMEDOUT after spurious non-SACK RTO
- sch_sfb: Also store skb len before calling child enqueue
- x86/nospec: Fix i386 RSB stuffing
- MIPS: loongson32: ls1c: Fix hang during startup
- Linux 5.4.213
* CVE-2022-2663
- netfilter: nf_conntrack_irc: Fix forged IP logic
* CVE-2022-3061
- video: fbdev: i740fb: Error out if 'pixclock' equals zero
[ Ubuntu: 5.4.0-135.152 ]
* focal/linux: 5.4.0-135.152 -proposed tracker (LP: #1997412)
* containerd sporadic timeouts (LP: #1996678)
- epoll: call final ep_events_available() check under the lock
- epoll: check for events when removing a timed out thread from the wait
queue
- Revert "fs: check FMODE_LSEEK to control internal pipe splicing"
* CVE-2022-3621
- nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
* CVE-2022-3565
- mISDN: fix use-after-free bugs in l1oip timer handlers
* CVE-2022-3566
- tcp: Fix data races around icsk->icsk_af_ops.
* CVE-2022-3567
- ipv6: annotate some data-races around sk->sk_prot
- ipv6: Fix data races around sk->sk_prot.
* CVE-2022-3564
- Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
* CVE-2022-3524
- tcp/udp: Fix memory leak in ipv6_renew_options().
* CVE-2022-3594
- r8152: Rate limit overflow messages
* CVE-2022-42703
- mm/rmap.c: don't reuse anon_vma if we just want a copy
[ Ubuntu: 5.4.0-132.148 ]
* CVE-2022-42719
- mac80211: mlme: find auth challenge directly
- wifi: mac80211: don't parse mbssid in assoc response
- wifi: mac80211: fix MBSSID parsing use-after-free
* iavf: SR-IOV VFs error with no traffic flow when MTU greater than 1500
(LP: #1983656)
- iavf: Fix set max MTU size with port VLAN and jumbo frames
- i40e: Fix VF set max MTU size
* fib_nexthop_nongw.sh from ubuntu_kernel_selftests failed on B-5.4
(LP: #1990800)
- SAUCE: selftests/net: skipping tests for older ip command releases
* CVE-2022-29901
- Revert "x86/speculation: Add RSB VM Exit protections"
- Revert "x86/cpu: Add a steppings field to struct x86_cpu_id"
- x86/devicetable: Move x86 specific macro out of generic code
- x86/cpu: Add consistent CPU match macros
- x86/cpu: Add a steppings field to struct x86_cpu_id
- x86/kvm/vmx: Make noinstr clean
- x86/cpufeatures: Move RETPOLINE flags to word 11
- x86/bugs: Report AMD retbleed vulnerability
- x86/bugs: Add AMD retbleed= boot parameter
- x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value
- x86/entry: Remove skip_r11rcx
- x86/entry: Add kernel IBRS implementation
- x86/bugs: Optimize SPEC_CTRL MSR writes
- x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS
- x86/bugs: Split spectre_v2_select_mitigation() and
spectre_v2_user_select_mitigation()
- x86/bugs: Report Intel retbleed vulnerability
- intel_idle: Disable IBRS during long idle
- x86/speculation: Change FILL_RETURN_BUFFER to work with objtool
- x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n
- x86/speculation: Fix firmware entry SPEC_CTRL handling
- x86/speculation: Fix SPEC_CTRL write on SMT state change
- x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit
- x86/speculation: Remove x86_spec_ctrl_mask
- KVM/VMX: Use TEST %REG,%REG instead of CMP $0,%REG in vmenter.S
- KVM/nVMX: Use __vmx_vcpu_run in nested_vmx_check_vmentry_hw
- KVM: VMX: Flatten __vmx_vcpu_run()
- KVM: VMX: Convert launched argument to flags
- KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS
- KVM: VMX: Fix IBRS handling after vmexit
- x86/speculation: Fill RSB on vmexit for IBRS
- x86/common: Stamp out the stepping madness
- x86/cpu/amd: Enumerate BTC_NO
- x86/bugs: Add Cannon lake to RETBleed affected CPU list
- x86/speculation: Disable RRSBA behavior
- x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current
- x86/bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts
- x86/speculation: Add RSB VM Exit protections
* ACPI: processor idle: Practically limit "Dummy wait" workaround to old Intel
systems (LP: #1990985)
- ACPI: processor_idle: Skip dummy wait if kernel is in guest
- ACPI: processor idle: Practically limit "Dummy wait" workaround to old
Intel
systems
* cgroup: all controllers mounted when using 'cgroup_no_v1=' (LP: #1988584)
- cgroup-v1: add disabled controller check in cgroup1_parse_param()
* Focal update: v5.4.212 upstream stable release (LP: #1991156)
- audit: fix potential double free on error path from
fsnotify_add_inode_mark
- parisc: Fix exception handler for fldw and fstw instructions
- kernel/sys_ni: add compat entry for fadvise64_64
- usb: cdns3: Fix issue for clear halt endpoint
- pinctrl: amd: Don't save/restore interrupt status and wake status bits
- sched/deadline: Unthrottle PI boosted threads while enqueuing
- sched/deadline: Fix stale throttling on de-/boosted tasks
- sched/deadline: Fix priority inheritance with multiple scheduling classes
- kernel/sched: Remove dl_boosted flag comment
- xfrm: fix refcount leak in __xfrm_policy_check()
- SUNRPC: RPC level errors should set task->tk_rpc_status
- rose: check NULL rose_loopback_neigh->loopback
- net/mlx5e: Properly disable vlan strip on non-UL reps
- net: moxa: get rid of asymmetry in DMA mapping/unmapping
- bonding: 802.3ad: fix no transmission of LACPDUs
- net: ipvtap - add __init/__exit annotations to module init/exit funcs
- netfilter: ebtables: reject blobs that don't provide all entry points
- bnxt_en: fix NQ resource accounting during vf creation on 57500 chips
- netfilter: nft_payload: report ERANGE for too long offset and length
- netfilter: nft_payload: do not truncate csum_offset and csum_type
- netfilter: nft_osf: restrict osf to ipv4, ipv6 and inet families
- netfilter: nft_tunnel: restrict it to netdev family
- net: Fix data-races around weight_p and dev_weight_[rt]x_bias.
- net: Fix data-races around netdev_tstamp_prequeue.
- ratelimit: Fix data-races in ___ratelimit().
- net: Fix a data-race around sysctl_tstamp_allow_data.
- net: Fix a data-race around sysctl_net_busy_poll.
- net: Fix a data-race around sysctl_net_busy_read.
- net: Fix a data-race around netdev_budget.
- net: Fix a data-race around netdev_budget_usecs.
- net: Fix a data-race around sysctl_somaxconn.
- ixgbe: stop resetting SYSTIME in ixgbe_ptp_start_cyclecounter
- btrfs: fix silent failure when deleting root reference
- btrfs: replace: drop assert for suspended replace
- btrfs: add info when mount fails due to stale replace target
- btrfs: check if root is readonly while setting security xattr
- x86/unwind/orc: Unwind ftrace trampolines with correct ORC entry
- loop: Check for overflow while configuring loop
- asm-generic: sections: refactor memory_intersects
- s390: fix double free of GS and RI CBs on fork() failure
- ACPI: processor: Remove freq Qos request for all CPUs
- mm/hugetlb: fix hugetlb not supporting softdirty tracking
- md: call __md_stop_writes in md_stop
- perf/x86/intel/uncore: Fix broken read_counter() for SNB IMC PMU
- scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq
- mm: Force TLB flush for PFNMAP mappings before unlink_file_vma()
- s390/mm: do not trigger write fault when vma does not allow VM_WRITE
- x86/bugs: Add "unknown" reporting for MMIO Stale Data
- kbuild: Fix include path in scripts/Makefile.modpost
- Bluetooth: L2CAP: Fix build errors in some archs
- HID: steam: Prevent NULL pointer dereference in steam_{recv,send}_report
- udmabuf: Set the DMA mask for the udmabuf device (v2)
- media: pvrusb2: fix memory leak in pvr_probe
- HID: hidraw: fix memory leak in hidraw_release()
- fbdev: fb_pm2fb: Avoid potential divide by zero error
- ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace
is
dead
- bpf: Don't redirect packets with invalid pkt_len
- mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
- btrfs: introduce btrfs_lookup_match_dir
- btrfs: do not pin logs too early during renames
- btrfs: unify lookup return value when dir entry is missing
- drm/amd/display: Avoid MPC infinite loop
- drm/amd/display: clear optc underflow before turn off odm clock
- neigh: fix possible DoS due to net iface start/stop loop
- s390/hypfs: avoid error message under KVM
- drm/amd/display: Fix pixel clock programming
- netfilter: conntrack: NF_CONNTRACK_PROCFS should no longer default to y
- btrfs: tree-checker: check for overlapping extent items
- lib/vdso: Let do_coarse() return 0 to simplify the callsite
- lib/vdso: Mark do_hres() and do_coarse() as __always_inline
- kprobes: don't call disarm_kprobe() for disabled kprobes
- net/af_packet: check len when min_header_len equals to 0
- net: neigh: don't call kfree_skb() under spin_lock_irqsave()
- Linux 5.4.212
* Focal update: v5.4.211 upstream stable release (LP: #1990190)
- Makefile: link with -z noexecstack --no-warn-rwx-segments
- x86: link vdso and boot with -z noexecstack --no-warn-rwx-segments
- scsi: Revert "scsi: qla2xxx: Fix disk failure to rediscover"
- ALSA: bcd2000: Fix a UAF bug on the error path of probing
- igc: Remove _I_PHY_ID checking
- wifi: mac80211_hwsim: fix race condition in pending packet
- wifi: mac80211_hwsim: add back erroneously removed cast
- wifi: mac80211_hwsim: use 32-bit skb cookie
- add barriers to buffer_uptodate and set_buffer_uptodate
- HID: wacom: Only report rotation for art pen
- HID: wacom: Don't register pad_input for touch switch
- KVM: nVMX: Snapshot pre-VM-Enter BNDCFGS for !nested_run_pending case
- KVM: nVMX: Snapshot pre-VM-Enter DEBUGCTL for !nested_run_pending case
- KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0
- KVM: nVMX: Let userspace set nVMX MSR to any _host_ supported value
- KVM: x86: Mark TSS busy during LTR emulation _after_ all fault checks
- KVM: x86: Set error code to segment selector on LLDT/LTR non-canonical #GP
- mm/mremap: hold the rmap lock in write mode when moving page table
entries.
- ALSA: hda/conexant: Add quirk for LENOVO 20149 Notebook model
- ALSA: hda/cirrus - support for iMac 12,1 model
- ALSA: hda/realtek: Add quirk for another Asus K42JZ model
- tty: vt: initialize unicode screen buffer
- vfs: Check the truncate maximum size in inode_newsize_ok()
- fs: Add missing umask strip in vfs_tmpfile
- thermal: sysfs: Fix cooling_device_stats_setup() error code path
- fbcon: Fix boundary checks for fbcon=vc:n1-n2 parameters
- usbnet: Fix linkwatch use-after-free on disconnect
- ovl: drop WARN_ON() dentry is NULL in ovl_encode_fh()
- parisc: Fix device names in /proc/iomem
- parisc: io_pgetevents_time64() needs compat syscall in 32-bit compat mode
- drm/gem: Properly annotate WW context on drm_gem_lock_reservations() error
- drm/nouveau: fix another off-by-one in nvbios_addr
- drm/amdgpu: Check BO's requested pinning domains against its
preferred_domains
- iio: light: isl29028: Fix the warning in isl29028_remove()
- fuse: limit nsec
- serial: mvebu-uart: uart2 error bits clearing
- md-raid10: fix KASAN warning
- ia64, processor: fix -Wincompatible-pointer-types in ia64_get_irr()
- PCI: Add defines for normal and subtractive PCI bridges
- powerpc/fsl-pci: Fix Class Code of PCIe Root Port
- powerpc/ptdump: Fix display of RW pages on FSL_BOOK3E
- powerpc/powernv: Avoid crashing if rng is NULL
- MIPS: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK
- coresight: Clear the connection field properly
- USB: HCD: Fix URB giveback issue in tasklet function
- ARM: dts: uniphier: Fix USB interrupts for PXs2 SoC
- arm64: dts: uniphier: Fix USB interrupts for PXs3 SoC
- netfilter: nf_tables: fix null deref due to zeroed list head
- epoll: autoremove wakers even more aggressively
- x86: Handle idle=nomwait cmdline properly for x86_idle
- arm64: Do not forget syscall when starting a new thread.
- arm64: fix oops in concurrently setting insn_emulation sysctls
- ext2: Add more validity checks for inode counts
- genirq: Don't return error on missing optional irq_request_resources()
- wait: Fix __wait_event_hrtimeout for RT/DL tasks
- ARM: dts: imx6ul: add missing properties for sram
- ARM: dts: imx6ul: change operating-points to uint32-matrix
- ARM: dts: imx6ul: fix csi node compatible
- ARM: dts: imx6ul: fix lcdif node compatible
- ARM: dts: imx6ul: fix qspi node compatible
- spi: synquacer: Add missing clk_disable_unprepare()
- ARM: OMAP2+: display: Fix refcount leak bug
- ACPI: EC: Remove duplicate ThinkPad X1 Carbon 6th entry from DMI quirks
- ACPI: PM: save NVS memory for Lenovo G40-45
- ACPI: LPSS: Fix missing check in register_device_clock()
- arm64: dts: qcom: ipq8074: fix NAND node name
- arm64: dts: allwinner: a64: orangepi-win: Fix LED node name
- ARM: shmobile: rcar-gen2: Increase refcount for new reference
- PM: hibernate: defer device probing when resuming from hibernation
- selinux: Add boundary check in put_entry()
- spi: spi-rspi: Fix PIO fallback on RZ platforms
- ARM: findbit: fix overflowing offset
- meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init
- ARM: bcm: Fix refcount leak in bcm_kona_smc_init
- x86/pmem: Fix platform-device leak in error path
- ARM: dts: ast2500-evb: fix board compatible
- ARM: dts: ast2600-evb: fix board compatible
- soc: fsl: guts: machine variable might be unset
- ARM: dts: qcom: mdm9615: add missing PMIC GPIO reg
- ARM: OMAP2+: Fix refcount leak in omapdss_init_of
- ARM: OMAP2+: Fix refcount leak in omap3xxx_prm_late_init
- cpufreq: zynq: Fix refcount leak in zynq_get_revision
- soc: qcom: aoss: Fix refcount leak in qmp_cooling_devices_register
- ARM: dts: qcom: pm8841: add required thermal-sensor-cells
- bus: hisi_lpc: fix missing platform_device_put() in hisi_lpc_acpi_probe()
- arm64: dts: mt7622: fix BPI-R64 WPS button
- erofs: avoid consecutive detection for Highmem memory
- blk-mq: don't create hctx debugfs dir until q->debugfs_dir is created
- regulator: of: Fix refcount leak bug in of_get_regulation_constraints()
- nohz/full, sched/rt: Fix missed tick-reenabling bug in dequeue_task_rt()
- thermal/tools/tmon: Include pthread and time headers in tmon.h
- dm: return early from dm_pr_call() if DM device is suspended
- ath10k: do not enforce interrupt trigger type
- wifi: rtlwifi: fix error codes in rtl_debugfs_set_write_h2c()
- drm/mipi-dbi: align max_chunk to 2 in spi_transfer
- drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers()
- drm/mediatek: Add pull-down MIPI operation in mtk_dsi_poweroff function
- drm: adv7511: override i2c address of cec before accessing it
- i2c: Fix a potential use after free
- media: tw686x: Register the irq at the end of probe
- wifi: iwlegacy: 4965: fix potential off-by-one overflow in
il4965_rs_fill_link_cmd()
- drm: bridge: adv7511: Add check for mipi_dsi_driver_register
- drm/mcde: Fix refcount leak in mcde_dsi_bind
- media: hdpvr: fix error value returns in hdpvr_read
- drm/vc4: plane: Remove subpixel positioning check
- drm/vc4: plane: Fix margin calculations for the right/bottom edges
- drm/vc4: dsi: Correct DSI divider calculations
- crypto: arm64/gcm - Select AEAD for GHASH_ARM64_CE
- drm/rockchip: vop: Don't crash for invalid duplicate_state()
- drm/rockchip: Fix an error handling path rockchip_dp_probe()
- drm/mediatek: dpi: Remove output format of YUV
- drm/mediatek: dpi: Only enable dpi after the bridge is enabled
- drm: bridge: sii8620: fix possible off-by-one
- drm/msm/mdp5: Fix global state lock backoff
- crypto: hisilicon - Kunpeng916 crypto driver don't sleep when in softirq
- media: platform: mtk-mdp: Fix mdp_ipi_comm structure alignment
- mediatek: mt76: mac80211: Fix missing of_node_put() in mt76_led_init()
- drm/exynos/exynos7_drm_decon: free resources when clk_set_parent() failed.
- tcp: make retransmitted SKB fit into the send window
- libbpf: Fix the name of a reused map
- selftests: timers: valid-adjtimex: build fix for newer toolchains
- selftests: timers: clocksource-switch: fix passing errors from child
- fs: check FMODE_LSEEK to control internal pipe splicing
- wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi()
- wifi: p54: Fix an error handling path in p54spi_probe()
- wifi: p54: add missing parentheses in p54_flush()
- selftests/bpf: fix a test for snprintf() overflow
- can: pch_can: do not report txerr and rxerr during bus-off
- can: rcar_can: do not report txerr and rxerr during bus-off
- can: sja1000: do not report txerr and rxerr during bus-off
- can: hi311x: do not report txerr and rxerr during bus-off
- can: sun4i_can: do not report txerr and rxerr during bus-off
- can: kvaser_usb_hydra: do not report txerr and rxerr during bus-off
- can: kvaser_usb_leaf: do not report txerr and rxerr during bus-off
- can: usb_8dev: do not report txerr and rxerr during bus-off
- can: error: specify the values of data[5..7] of CAN error frames
- can: pch_can: pch_can_error(): initialize errc before using it
- Bluetooth: hci_intel: Add check for platform_driver_register
- i2c: cadence: Support PEC for SMBus block read
- i2c: mux-gpmux: Add of_node_put() when breaking out of loop
- wifi: wil6210: debugfs: fix uninitialized variable use in
`wil_write_file_wmi()`
- wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue
- wifi: libertas: Fix possible refcount leak in if_usb_probe()
- net/mlx5e: Fix the value of MLX5E_MAX_RQ_NUM_MTTS
- crypto: inside-secure - Add missing MODULE_DEVICE_TABLE for of
- iavf: Fix max_rate limiting
- netdevsim: Avoid allocation warnings triggered from user space
- net: rose: fix netdev reference changes
- dccp: put dccp_qpolicy_full() and dccp_qpolicy_push() in the same lock
- clk: renesas: r9a06g032: Fix UART clkgrp bitsel
- mtd: maps: Fix refcount leak in of_flash_probe_versatile
- mtd: maps: Fix refcount leak in ap_flash_init
- mtd: rawnand: meson: Fix a potential double free issue
- HID: cp2112: prevent a buffer overflow in cp2112_xfer()
- mtd: sm_ftl: Fix deadlock caused by cancel_work_sync in sm_release
- mtd: partitions: Fix refcount leak in parse_redboot_of
- mtd: st_spi_fsm: Add a clk_disable_unprepare() in .probe()'s error path
- fpga: altera-pr-ip: fix unsigned comparison with less than zero
- usb: host: Fix refcount leak in ehci_hcd_ppc_of_probe
- usb: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe
- usb: xhci: tegra: Fix error check
- clk: mediatek: reset: Fix written reset bit offset
- misc: rtsx: Fix an error handling path in rtsx_pci_probe()
- driver core: fix potential deadlock in __driver_attach
- clk: qcom: clk-krait: unlock spin after mux completion
- usb: host: xhci: use snprintf() in xhci_decode_trb()
- clk: qcom: ipq8074: fix NSS port frequency tables
- clk: qcom: ipq8074: set BRANCH_HALT_DELAY flag for UBI clocks
- clk: qcom: camcc-sdm845: Fix topology around titan_top power domain
- soundwire: bus_type: fix remove and shutdown support
- intel_th: Fix a resource leak in an error handling path
- intel_th: msu-sink: Potential dereference of null pointer
- intel_th: msu: Fix vmalloced buffers
- staging: rtl8192u: Fix sleep in atomic context bug in
dm_fsync_timer_callback
- mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch
- memstick/ms_block: Fix some incorrect memory allocation
- memstick/ms_block: Fix a memory leak
- mmc: sdhci-of-at91: fix set_uhs_signaling rewriting of MC1R
- scsi: smartpqi: Fix DMA direction for RAID requests
- usb: gadget: udc: amd5536 depends on HAS_DMA
- RDMA/hns: Fix incorrect clearing of interrupt status register
- RDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event
- RDMA/hfi1: fix potential memory leak in setup_base_ctxt()
- gpio: gpiolib-of: Fix refcount bugs in of_mm_gpiochip_add_data()
- mmc: cavium-octeon: Add of_node_put() when breaking out of loop
- mmc: cavium-thunderx: Add of_node_put() when breaking out of loop
- HID: alps: Declare U1_UNICORN_LEGACY support
- PCI: tegra194: Fix Root Port interrupt handling
- PCI: tegra194: Fix link up retry sequence
- USB: serial: fix tty-port initialized comments
- platform/olpc: Fix uninitialized data in debugfs write
- mm/mmap.c: fix missing call to vm_unacct_memory in mmap_region
- RDMA/rxe: Fix error unwind in rxe_create_qp()
- null_blk: fix ida error handling in null_add_dev()
- jbd2: fix outstanding credits assert in jbd2_journal_commit_transaction()
- ext4: recover csum seed of tmp_inode after migrating to extents
- jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal
aborted
- opp: Fix error check in dev_pm_opp_attach_genpd()
- ASoC: mediatek: mt8173: Fix refcount leak in
mt8173_rt5650_rt5676_dev_probe
- ASoC: mt6797-mt6351: Fix refcount leak in mt6797_mt6351_dev_probe
- ASoC: codecs: da7210: add check for i2c_add_driver
- ASoC: mediatek: mt8173-rt5650: Fix refcount leak in
mt8173_rt5650_dev_probe
- serial: 8250_dw: Store LSR into lsr_saved_flags in dw8250_tx_wait_empty()
- ASoC: codecs: msm8916-wcd-digital: move gains from SX_TLV to S8_TLV
- ASoC: codecs: wcd9335: move gains from SX_TLV to S8_TLV
- profiling: fix shift too large makes kernel panic
- tty: n_gsm: fix non flow control frames during mux flow off
- tty: n_gsm: fix packet re-transmission without open control channel
- tty: n_gsm: fix race condition in gsmld_write()
- remoteproc: qcom: wcnss: Fix handling of IRQs
- vfio/ccw: Do not change FSM state in subchannel event
- tty: n_gsm: fix wrong T1 retry count handling
- tty: n_gsm: fix DM command
- tty: n_gsm: fix missing corner cases in gsmld_poll()
- iommu/exynos: Handle failed IOMMU device registration properly
- rpmsg: qcom_smd: Fix refcount leak in qcom_smd_parse_edge
- kfifo: fix kfifo_to_user() return type
- mfd: t7l66xb: Drop platform disable callback
- mfd: max77620: Fix refcount leak in max77620_initialise_fps
- iommu/arm-smmu: qcom_iommu: Add of_node_put() when breaking out of loop
- s390/zcore: fix race when reading from hardware system area
- ASoC: qcom: q6dsp: Fix an off-by-one in q6adm_alloc_copp()
- fuse: Remove the control interface for virtio-fs
- ASoC: audio-graph-card: Add of_node_put() in fail path
- watchdog: armada_37xx_wdt: check the return value of devm_ioremap() in
armada_37xx_wdt_probe()
- video: fbdev: amba-clcd: Fix refcount leak bugs
- video: fbdev: sis: fix typos in SiS_GetModeID()
- powerpc/32: Do not allow selection of e5500 or e6500 CPUs on PPC32
- powerpc/pci: Prefer PCI domain assignment via DT 'linux,pci-domain' and
alias
- powerpc/spufs: Fix refcount leak in spufs_init_isolated_loader
- powerpc/xive: Fix refcount leak in xive_get_max_prio
- powerpc/cell/axon_msi: Fix refcount leak in setup_msi_msg_address
- perf symbol: Fail to read phdr workaround
- kprobes: Forbid probing on trampoline and BPF code areas
- powerpc/pci: Fix PHB numbering when using opal-phbid
- genelf: Use HAVE_LIBCRYPTO_SUPPORT, not the never defined HAVE_LIBCRYPTO
- scripts/faddr2line: Fix vmlinux detection on arm64
- x86/numa: Use cpumask_available instead of hardcoded NULL check
- video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock()
- tools/thermal: Fix possible path truncations
- video: fbdev: vt8623fb: Check the size of screen before memset_io()
- video: fbdev: arkfb: Check the size of screen before memset_io()
- video: fbdev: s3fb: Check the size of screen before memset_io()
- scsi: zfcp: Fix missing auto port scan and thus missing target ports
- scsi: qla2xxx: Fix discovery issues in FC-AL topology
- scsi: qla2xxx: Turn off multi-queue for 8G adapters
- scsi: qla2xxx: Fix erroneous mailbox timeout after PCI error injection
- x86/olpc: fix 'logical not is only applied to the left hand side'
- spmi: trace: fix stack-out-of-bound access in SPMI tracing functions
- kexec, KEYS, s390: Make use of built-in and secondary keyring for
signature
verification
- tpm: eventlog: Fix section mismatch for DEBUG_SECTION_MISMATCH
- btrfs: reset block group chunk force if we have to wait
- ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h
- ext4: make sure ext4_append() always allocates new block
- ext4: fix use-after-free in ext4_xattr_set_entry
- ext4: update s_overhead_clusters in the superblock during an on-line
resize
- ext4: fix extent status tree race in writeback error recovery path
- ext4: correct max_inline_xattr_value_size computing
- ext4: correct the misjudgment in ext4_iget_extra_inode
- intel_th: pci: Add Raptor Lake-S CPU support
- intel_th: pci: Add Raptor Lake-S PCH support
- intel_th: pci: Add Meteor Lake-P support
- dm raid: fix address sanitizer warning in raid_resume
- dm raid: fix address sanitizer warning in raid_status
- dm thin: fix use-after-free crash in dm_sm_register_threshold_callback
- dm writecache: set a default MAX_WRITEBACK_JOBS
- ACPI: CPPC: Do not prevent CPPC from working in the future
- timekeeping: contribute wall clock to rng on time change
- firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails
- iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE)
- btrfs: reject log replay if there is unsupported RO compat flag
- KVM: Add infrastructure and macro to mark VM as bugged
- KVM: x86: Check lapic_in_kernel() before attempting to set a SynIC irq
- KVM: x86: Avoid theoretical NULL pointer dereference in
kvm_irq_delivery_to_apic_fast()
- tcp: fix over estimation in sk_forced_mem_schedule()
- scsi: sg: Allow waiting for commands to complete on removed device
- Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression
- net/9p: Initialize the iounit field during fid creation
- net_sched: cls_route: disallow handle of 0
- ALSA: info: Fix llseek return value when using callback
- rds: add missing barrier to release_refill
- ata: libata-eh: Add missing command name
- mmc: pxamci: Fix another error handling path in pxamci_probe()
- mmc: pxamci: Fix an error handling path in pxamci_probe()
- btrfs: fix lost error handling when looking up extended ref on log replay
- tracing: Have filter accept "common_cpu" to be consistent
- can: ems_usb: fix clang's -Wunaligned-access warning
- apparmor: fix quiet_denied for file rules
- apparmor: fix absroot causing audited secids to begin with =
- apparmor: Fix failed mount permission check error message
- apparmor: fix aa_label_asxprint return check
- apparmor: fix overlapping attachment computation
- apparmor: fix reference count leak in aa_pivotroot()
- apparmor: Fix memleak in aa_simple_write_to_buffer()
- Documentation: ACPI: EINJ: Fix obsolete example
- NFSv4.1: Don't decrease the value of seq_nr_highest_sent
- NFSv4.1: Handle NFS4ERR_DELAY replies to OP_SEQUENCE correctly
- NFSv4: Fix races in the legacy idmapper upcall
- NFSv4.1: RECLAIM_COMPLETE must handle EACCES
- NFSv4/pnfs: Fix a use-after-free bug in open
- can: mcp251x: Fix race condition on receive interrupt
- sunrpc: fix expiry of auth creds
- SUNRPC: Reinitialise the backchannel request buffers before reuse
- devlink: Fix use-after-free after a failed reload
- net: bgmac: Fix a BUG triggered by wrong bytes_compl
- pinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map
- pinctrl: qcom: msm8916: Allow CAMSS GP clocks to be muxed
- pinctrl: sunxi: Add I/O bias setting for H6 R-PIO
- ACPI: property: Return type of acpi_add_nondev_subnodes() should be bool
- geneve: do not use RT_TOS for IPv6 flowlabel
- plip: avoid rcu debug splat
- vsock: Fix memory leak in vsock_connect()
- vsock: Set socket state back to SS_UNCONNECTED in vsock_connect_timeout()
- dt-bindings: arm: qcom: fix MSM8916 MTP compatibles
- tools/vm/slabinfo: use alphabetic order when two values are equal
- tools build: Switch to new openssl API for test-libcrypto
- NTB: ntb_tool: uninitialized heap data in tool_fn_write()
- nfp: ethtool: fix the display error of `ethtool -m DEVNAME`
- xen/xenbus: fix return type in xenbus_file_read()
- atm: idt77252: fix use-after-free bugs caused by tst_timer
- dpaa2-eth: trace the allocated address instead of page struct
- tee: add overflow check in register_shm_helper()
- nios2: page fault et.al. are *not* restartable syscalls...
- nios2: don't leave NULLs in sys_call_table[]
- nios2: traced syscall does need to check the syscall number
- nios2: fix syscall restart checks
- nios2: restarts apply only to the first sigframe we build...
- nios2: add force_successful_syscall_return()
- iavf: Fix adminq error handling
- clk: rockchip: add sclk_mac_lbtest to rk3188_critical_clocks
- netfilter: nf_tables: really skip inactive sets when allocating name
- powerpc/pci: Fix get_phb_number() locking
- net: dsa: mv88e6060: prevent crash on an unused port
- net: moxa: pass pdev instead of ndev to DMA functions
- net: dsa: microchip: ksz9477: fix fdb_dump last invalid entry
- ice: Ignore EEXIST when setting promisc mode
- i40e: Fix to stop tx_timeout recovery if GLOBR fails
- fec: Fix timer capture timing in `fec_ptp_enable_pps()`
- igb: Add lock to avoid data race
- gcc-plugins: Undefine LATENT_ENTROPY_PLUGIN when plugin disabled for a
file
- locking/atomic: Make test_and_*_bit() ordered on failure
- drm/meson: Fix refcount bugs in meson_vpu_has_available_connectors()
- PCI: Add ACS quirk for Broadcom BCM5750x NICs
- usb: cdns3 fix use-after-free at workaround 2
- usb: gadget: uvc: call uvc uvcg_warn on completed status instead of
uvcg_info
- irqchip/tegra: Fix overflow implicit truncation warnings
- drm/meson: Fix overflow implicit truncation warnings
- usb: host: ohci-ppc-of: Fix refcount leak bug
- usb: renesas: Fix refcount leak bug
- vboxguest: Do not use devm for irq
- clk: qcom: ipq8074: dont disable gcc_sleep_clk_src
- scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user
input
- gadgetfs: ep_io - wait until IRQ finishes
- cxl: Fix a memory leak in an error handling path
- PCI/ACPI: Guard ARM64-specific mcfg_quirks
- um: add "noreboot" command line option for PANIC_TIMEOUT=-1 setups
- selftests/kprobe: Do not test for GRP/ without event failures
- dmaengine: sprd: Cleanup in .remove() after pm_runtime_get_sync() failed
- nvmet-tcp: fix lockdep complaint on nvmet_tcp_wq flush during queue
teardown
- drivers:md:fix a potential use-after-free bug
- ext4: avoid remove directory when directory is corrupted
- ext4: avoid resizing to a partial cluster size
- lib/list_debug.c: Detect uninitialized lists
- tty: serial: Fix refcount leak bug in ucc_uart.c
- vfio: Clear the caps->buf to NULL after free
- mips: cavium-octeon: Fix missing of_node_put() in octeon2_usb_clocks_start
- riscv: mmap with PROT_WRITE but no PROT_READ is invalid
- RISC-V: Add fast call path of crash_kexec()
- watchdog: export lockup_detector_reconfigure
- powerpc/32: Don't always pass -mcpu=powerpc to the compiler
- ALSA: core: Add async signal helpers
- ALSA: timer: Use deferred fasync helper
- f2fs: fix to avoid use f2fs_bug_on() in f2fs_new_node_page()
- smb3: check xattr value length earlier
- powerpc/64: Init jump labels before parse_early_param()
- video: fbdev: i740fb: Check the argument of i740_calc_vclk()
- MIPS: tlbex: Explicitly compare _PAGE_NO_EXEC against 0
- tracing/probes: Have kprobes and uprobes use $COMM too
- can: j1939: j1939_sk_queue_activate_next_locked(): replace WARN_ON_ONCE
with
netdev_warn_once()
- can: j1939: j1939_session_destroy(): fix memory leak of skbs
- btrfs: only write the sectors in the vertical stripe which has data
stripes
- btrfs: raid56: don't trust any cached sector in __raid56_parity_recover()
- Linux 5.4.211
* CVE-2022-3028
- af_key: Do not call xfrm_probe_algs in parallel
* CVE-2022-2978
- fs: fix UAF/GPF bug in nilfs_mdt_destroy
* CVE-2022-40768
- scsi: stex: Properly zero out the passthrough command structure
-- Tim Gardner <tim.gard...@canonical.com> Mon, 12 Dec 2022 12:49:30
-0700
** Changed in: linux-azure (Ubuntu Focal)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-2663
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-2978
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-29901
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-3028
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-3061
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-3524
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-3564
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-3565
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-3566
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-3567
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-3594
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-3621
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-40768
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-42703
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-42719
** Changed in: linux-azure (Ubuntu Jammy)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-43945
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-azure in Ubuntu.
https://bugs.launchpad.net/bugs/1994974
Title:
Azure: hv_netvsc: Fix race between VF offering and VF association
message from host
Status in linux-azure package in Ubuntu:
Fix Released
Status in linux-azure source package in Focal:
Fix Released
Status in linux-azure source package in Jammy:
Fix Released
Status in linux-azure source package in Kinetic:
Fix Committed
Bug description:
SRU Justification
[Impact]
During vm boot, there might be possibility that vf registration call
comes before the vf association from host to vm.
And this might break netvsc vf path, this is in order to prevent the
same block vf registration until vf bind message comes from host.
[Test Plan]
Microsoft tested
[Where things could go wrong]
The 5.4 backport patch could hang waiting for a VF addition to
complete.
[Other Info]
SF: #00347129
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-azure/+bug/1994974/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
