SUSE-SU-2021:0347-1

The SUSE Linux Enterprise 15 SP2 Azure kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

• CVE-2021-3347: A use-after-free was discovered in the PI futexes during fault handling, allowing local users to execute code in the kernel (bnc#1181349).
• CVE-2021-3348: Fixed a use-after-free in nbdaddsocket that could be triggered by local attackers (with access to the nbd device) via an I/O request at a certain point during device setup (bnc#1181504).
• CVE-2021-20177: Fixed a kernel panic related to iptables string matching rules. A privileged user could insert a rule which could lead to denial of service (bnc#1180765).
• CVE-2021-0342: In tungetuser of tun.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges required. (bnc#1180812)
• CVE-2020-27835: A use-after-free in the infiniband hfi1 driver was found, specifically in the way user calls Ioctl after open dev file and fork. A local user could use this flaw to crash the system (bnc#1179878).
• CVE-2020-25639: Fixed a NULL pointer dereference via nouveau ioctl (bnc#1176846).
• CVE-2020-29569: Fixed a potential privilege escalation and information leaks related to the PV block backend, as used by Xen (bnc#1179509).
• CVE-2020-29568: Fixed a denial of service issue, related to processing watch events (bnc#1179508).
• CVE-2020-25211: Fixed a flaw where a local attacker was able to inject conntrack netlink configuration that could cause a denial of service or trigger the use of incorrect protocol numbers in ctnetlinkparsetuple_filter (bnc#1176395).
• CVE-2020-36158: Fixed an issue wich might have allowed a remote attackers to execute arbitrary code via a long SSID value in mwifiexcmd80211adhocstart() (bnc#1180559).
• CVE-2020-28374: Fixed a vulnerability caused by insufficient identifier checking in the LIO SCSI target code. This could have been used by a remote attackers to read or write files via directory traversal in an XCOPY request (bnc#1178372).

The following non-security bugs were fixed:

• ACPI/IORT: Do not blindly trust DMA masks from firmware (git-fixes).
• ACPI: scan: add stub acpicreateplatformdevice() for !CONFIGACPI (git-fixes).
• ACPI: scan: Harden acpideviceadd() against device ID overflows (git-fixes).
• ACPI: scan: Make acpibusget_device() clear return pointer on error (git-fixes).
• ACPI: sysfs: Prefer 'compatible' modalias (git-fixes).
• ALSA: doc: Fix reference to mixart.rst (git-fixes).
• ALSA: fireface: Fix integer overflow in transmitmidimsg() (git-fixes).
• ALSA: firewire-tascam: Fix integer overflow in midiportwork() (git-fixes).
• ALSA: hda: Add Cometlake-R PCI ID (git-fixes).
• ALSA: hda/conexant: add a new hda codec CX11970 (git-fixes).
• ALSA: hda/hdmi - enable runtime pm for CI AMD display audio (git-fixes).
• ALSA: hda/realtek: Add mute LED quirk for more HP laptops (git-fixes).
• ALSA: hda/realtek: Add two 'Intel Reference board' SSID in the ALC256 (git-fixes).
• ALSA: hda/realtek: Enable headset of ASUS B1400CEPE with ALC256 (git-fixes).
• ALSA: hda/realtek: Enable mute and micmute LED on HP EliteBook 850 G7 (git-fixes).
• ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machines (git-fixes).
• ALSA: hda/realtek - Fix speaker volume control on Lenovo C940 (git-fixes).
• ALSA: hda/realtek - Limit int mic boost on Acer Aspire E5-575T (git-fixes).
• ALSA: hda/realtek - Modify Dell platform name (git-fixes).
• ALSA: hda/realtek: Remove dummy lineout on Acer TravelMate P648/P658 (git-fixes).
• ALSA: hda/realtek - Supported Dell fixed type headset (git-fixes).
• ALSA: hda/tegra: fix tegra-hda on tegra30 soc (git-fixes).
• ALSA: hda/via: Add minimum mute flag (git-fixes).
• ALSA: hda/via: Apply the workaround generically for Clevo machines (git-fixes).
• ALSA: hda/via: Fix runtime PM for Clevo W35xSS (git-fixes).
• ALSA: pcm: Clear the full allocated memory at hw_params (git-fixes).
• ALSA: pcm: fix hw_rule deps kABI (bsc#1181014).
• ALSA: pcm: One more dependency for hw constraints (bsc#1181014).
• ALSA: seq: oss: Fix missing error check in sndseqosssynthmake_info() (git-fixes).
• ALSA: usb-audio: Add quirk for BOSS AD-10 (git-fixes).
• ALSA: usb-audio: Add quirk for RC-505 (git-fixes).
• ALSA: usb-audio: Always apply the hw constraints for implicit fb sync (bsc#1181014).
• ALSA: usb-audio: Annotate the endpoint index in audioformat (git-fixes).
• ALSA: usb-audio: Avoid implicit feedback on Pioneer devices (bsc#1181014).
• ALSA: usb-audio: Avoid unnecessary interface re-setup (git-fixes).
• ALSA: usb-audio: Choose audioformat of a counter-part substream (git-fixes).
• ALSA: usb-audio: Fix hw constraints dependencies (bsc#1181014).
• ALSA: usb-audio: Fix implicit feedback sync setup for Pioneer devices (git-fixes).
• ALSA: usb-audio: Fix the missing endpoints creations for quirks (git-fixes).
• ALSA: usb-audio: Fix UAC1 rate setup for secondary endpoints (bsc#1181014).
• ALSA: usb-audio: Fix UBSAN warnings for MIDI jacks (git-fixes).
• ALSA: usb-audio: Set sample rate for all sharing EPs on UAC1 (bsc#1181014).
• arch/x86/lib/usercopy64.c: fix _copyuserflushcache() cache writeback (bsc#1152489).
• arm64: mm: Fix ARCHLOWADDRESSLIMIT when !CONFIGZONE_DMA (git-fixes).
• arm64: pgtable: Ensure dirty bit is preserved across pte_wrprotect() (bsc#1180130).
• arm64: pgtable: Fix pte_accessible() (bsc#1180130).
• ASoC: ak4458: correct reset polarity (git-fixes).
• ASoC: dapm: remove widget from dirty list on free (git-fixes).
• ASoC: Intel: fix error code cnlsetdsp_D0() (git-fixes).
• ASoC: meson: axg-tdm-interface: fix loopback (git-fixes).
• bitmap: remove unused function declaration (git-fixes).
• Bluetooth: hcih5: close serdev device and free hu in h5close (git-fixes).
• Bluetooth: revert: hcih5: close serdev device and free hu in h5close (git-fixes).
• bnxt_en: Fix AER recovery (jsc#SLE-8371 bsc#1153274).
• bpf: Do not leak memory in bpf getsockopt when optlen == 0 (bsc#1155518).
• bpf: Fix bpfputrawtracepoint()'s use of _module_address() (git-fixes).
• bpf: Fix helper bpfmappeekelemproto pointing to wrong callback (bsc#1155518).
• btrfs: delete duplicated words + other fixes in comments (bsc#1180566).
• btrfs: do not commit logs and transactions during link and rename operations (bsc#1180566).
• btrfs: do not take the log_mutex of the subvolume when pinning the log (bsc#1180566).
• btrfs: fix missing delalloc new bit for new delalloc ranges (bsc#1180773).
• btrfs: make btrfsdirtypages take btrfs_inode (bsc#1180773).
• btrfs: make btrfssetextentdelalloc take btrfsinode (bsc#1180773).
• btrfs: send: fix invalid clone operations when cloning from the same file and root (bsc#1181511).
• btrfs: send: fix wrong file path when there is an inode with a pending rmdir (bsc#1181237).
• bus/fslmc: Do not rely on caller to provide non NULL mcio (git-fixes).
• cachefiles: Drop superfluous readpages aops NULL check (git-fixes).
• can: dev: prevent potential information leak in canfillinfo() (git-fixes).
• can: vxcan: vxcan_xmit: fix use after free bug (git-fixes).
• CDC-NCM: remove 'connected' log message (git-fixes).
• clk: tegra30: Add hda clock default rates to clock driver (git-fixes).
• crypto: asym_tpm: correct zero out potential secrets (git-fixes).
• crypto: ecdh - avoid buffer overflow in ecdhsetsecret() (git-fixes).
• dmaengine: athdmac: add missing kfree() call in atdma_xlate() (git-fixes).
• dmaengine: athdmac: add missing putdevice() call in atdmaxlate() (git-fixes).
• dmaengine: at_hdmac: Substitute kzalloc with kmalloc (git-fixes).
• dmaengine: dw-edma: Fix use after free in dwedmaalloc_chunk() (git-fixes).
• dmaengine: mediatek: mtk-hsdma: Fix a resource leak in the error handling path of the probe function (git-fixes).
• dmaengine: xilinxdma: check dmaasyncdeviceregister return value (git-fixes).
• dmaengine: xilinxdma: fix incompatible param warning in _childprobe() (git-fixes).
• dmaengine: xilinxdma: fix mixedenum_type coverity warning (git-fixes).
• drivers/base/memory.c: indicate all memory blocks as removable (bsc#1180264).
• drivers/perf: Fix kernel panic when rmmod PMU modules during perf sampling (bsc#1180848).
• drivers/perf: hisi: Permit modular builds of HiSilicon uncore drivers (bsc#1180848). - Update config files. - supported.conf:
• drm: Added orientation quirk for ASUS tablet model T103HAF (git-fixes).
• drm/amd/display: Add missing pflip irq for dcn2.0 (git-fixes).
• drm/amd/display: Avoid MST manager resource leak (git-fixes).
• drm/amd/display: dalddci2cpayloadscreate can fail causing panic (git-fixes).
• drm/amd/display: dchubbub p-state warning during surface planes switch (git-fixes).
• drm/amd/display: Do not double-buffer DTO adjustments (git-fixes).
• drm/amd/display: Do not invoke kgdb_breakpoint() unconditionally (git-fixes).
• drm/amd/display: Fix memleak in amdgpudmmodeconfiginit (git-fixes).
• drm/amd/display: Free gamma after calculating legacy transfer function (git-fixes).
• drm/amd/display: HDMI remote sink need mode validation for Linux (git-fixes).
• drm/amd/display: Increase timeout for DP Disable (git-fixes).
• drm/amd/display: Reject overlay plane configurations in multi-display scenarios (git-fixes).
• drm/amd/display: remove useless if/else (git-fixes).
• drm/amd/display: Retry AUX write when fail occurs (git-fixes).
• drm/amd/display: Stop if retimer is not available (git-fixes).
• drm/amd/display: update nv1x stutter latencies (git-fixes).
• drm/amdgpu: add DID for navi10 blockchain SKU (git-fixes).
• drm/amdgpu: correct the gpu reset handling for job != NULL case (git-fixes).
• drm/amdgpu/dc: Require primary plane to be enabled whenever the CRTC is (git-fixes).
• drm/amdgpu: do not map BO in reserved region (git-fixes).
• drm/amdgpu: fix a GPU hang issue when remove device (git-fixes).
• drm/amdgpu: Fix bug in reporting voltage for CIK (git-fixes).
• drm/amdgpu: Fix bug where DPM is not enabled after hibernate and resume (git-fixes).
• drm/amdgpu: fix build_coefficients() argument (git-fixes).
• drm/amdgpu: fix calltrace during kmd unload(v3) (git-fixes).
• drm/amdgpu: increase atombios cmd timeout (git-fixes).
• drm/amdgpu: increase the reserved VM size to 2MB (git-fixes).
• drm/amdgpu: perform srbm soft reset always on SDMA resume (git-fixes).
• drm/amdgpu/powerplay: fix AVFS handling with custom powerplay table (git-fixes).
• drm/amdgpu/powerplay/smu7: fix AVFS handling with custom powerplay table (git-fixes).
• drm/amdgpu: prevent double kfree ttm->sg (git-fixes).
• drm/amdgpu/psp: fix psp gfx ctrl cmds (git-fixes).
• drm/amdgpu/sriov add amdgpuamdkfdpre_reset in gpu reset (git-fixes).
• drm/amdkfd: fix a memory leak issue (git-fixes).
• drm/amdkfd: Fix leak in dmabuf import (git-fixes).
• drm/amdkfd: fix restore worker race condition (git-fixes).
• drm/amdkfd: Use same SQ prefetch setting as amdgpu (git-fixes).
• drm/amd/pm: avoid false alarm due to confusing softwareshutdowntemp setting (git-fixes).
• drm/aspeed: Fix Kconfig warning & subsequent build errors (bsc#1152472)
• drm/aspeed: Fix Kconfig warning & subsequent build errors (git-fixes).
• drm/atomic: put state on error path (git-fixes).
• drm: bridge: dw-hdmi: Avoid resetting force in the detect function (bsc#1152472)
• drm/bridge/synopsys: dsi: add support for non-continuous HS clock (git-fixes).
• drm/brige/megachips: Add checking if geb850v3lvds_init() is working correctly (git-fixes).
• drm/dpauxdev: check aux_dev before use in (bsc#1152472)
• drm/dpauxdev: check auxdev before use in drmdpauxdevgetby_minor() (git-fixes).
• drm/etnaviv: always start/stop scheduler in timeout processing (git-fixes).
• drm/exynos: dsi: Remove bridge node reference in error handling path in probe function (git-fixes).
• drm/gma500: fix double free of gma_connector (bsc#1152472) Backporting notes: * context changes
• drm/gma500: fix double free of gma_connector (git-fixes).
• drm/gma500: Fix out-of-bounds access to struct drm_device.vblank[] (git-fixes).
• drm/i915: Avoid memory leak with more than 16 workarounds on a list (git-fixes).
• drm/i915: Break up error capture compression loops with cond_resched() (git-fixes).
• drm/i915: Check for all subplatform bits (git-fixes).
• drm/i915: clear the gpu reloc batch (git-fixes).
• drm/i915: Correctly set SFC capability for video engines (bsc#1152489) Backporting notes: * context changes
• drm/i915/display/dp: Compute the correct slice count for VDSC on DP (git-fixes).
• drm/i915: Drop runtime-pm assert from vgpu io accessors (git-fixes).
• drm/i915/dsi: Use unconditional msleep for the panelondelay when there is no reset-deassert MIPI-sequence (git-fixes).
• drm/i915: Filter wakeflags passed to defaultwake_function (git-fixes).
• drm/i915: Fix mismatch between misplaced vma check and vma insert (git-fixes).
• drm/i915: Force VT'd workarounds when running as a guest OS (git-fixes).
• drm/i915/gt: Declare gen9 has 64 mocs entries! (git-fixes).
• drm/i915/gt: Delay execlist processing for tgl (git-fixes).
• drm/i915/gt: Free stale request on destroying the virtual engine (git-fixes).
• drm/i915/gt: Prevent use of engine->wa_ctx after error (git-fixes).
• drm/i915/gt: Program mocs:63 for cache eviction on gen9 (git-fixes).
• drm/i915/gvt: return error when failing to take the module reference (git-fixes).
• drm/i915/gvt: Set ENHANCEDFRAMECAP bit (git-fixes).
• drm/i915: Handle max_bpc==16 (git-fixes).
• drm/i915/selftests: Avoid passing a random 0 into ilog2 (git-fixes).
• drm/mcde: Fix handling of platformgetirq() error (bsc#1152472)
• drm/mcde: Fix handling of platformgetirq() error (git-fixes).
• drm/meson: dw-hdmi: Register a callback to disable the regulator (git-fixes).
• drm/msm/a5xx: Always set an OPP supported hardware value (git-fixes).
• drm/msm/a6xx: fix a potential overflow issue (git-fixes).
• drm/msm/a6xx: fix gmu start on newer firmware (git-fixes).
• drm/msm: add shutdown support for display platform_driver (git-fixes).
• drm/msm: Disable preemption on all 5xx targets (git-fixes).
• drm/msm/dpu: Add newline to printks (git-fixes).
• drm/msm/dpu: Fix scale params in plane validation (git-fixes).
• drm/msm/dsiphy10nm: implement PHY disabling (git-fixes).
• drm/msm/dsipll10nm: restore VCO rate during restore_state (git-fixes).
• drm/msm: fix leaks if initialization fails (git-fixes).
• drm/nouveau/bios: fix issue shadowing expansion ROMs (git-fixes).
• drm/nouveau/debugfs: fix runtime pm imbalance on error (git-fixes).
• drm/nouveau/dispnv50: fix runtime pm imbalance on error (git-fixes).
• drm/nouveau: fix runtime pm imbalance on error (git-fixes).
• drm/nouveau/i2c/gm200: increase width of aux semaphore owner fields (git-fixes).
• drm/nouveau/kms/nv50-: fix case where notifier buffer is at offset 0 (git-fixes).
• drm/nouveau/mem: guard against NULL pointer access in mem_del (git-fixes).
• drm/nouveau/mmu: fix vram heap sizing (git-fixes).
• drm/nouveau/nouveau: fix the start/end range for migration (git-fixes).
• drm/nouveau/privring: ack interrupts the same way as RM (git-fixes).
• drm/nouveau/svm: fail NOUVEAUSVMINIT ioctl on unsupported devices (git-fixes).
• drm/omap: dmmtiler: fix return error code in omapdmm_probe() (git-fixes).
• drm/omap: dss: Cleanup DSS ports on initialisation failure (git-fixes).
• drm/omap: fix incorrect lock state (git-fixes).
• drm/omap: fix possible object reference leak (git-fixes).
• drm/panfrost: add amlogic reset quirk callback (git-fixes).
• drm: rcar-du: Set primary plane zpos immutably at initializing (git-fixes).
• drm/rockchip: Avoid uninitialized use of endpoint id in LVDS (bsc#1152472)
• drm/rockchip: Avoid uninitialized use of endpoint id in LVDS (git-fixes).
• drm/scheduler: Avoid accessing freed bad job (git-fixes).
• drm/sun4i: dw-hdmi: fix error return code in sun8idwhdmi_bind() (bsc#1152472)
• drm/sun4i: frontend: Fix the scaler phase on A33 (git-fixes).
• drm/sun4i: frontend: Reuse the ch0 phase for RGB formats (git-fixes).
• drm/sun4i: frontend: Rework a bit the phase data (git-fixes).
• drm/sun4i: mixer: Extend regmap max_register (git-fixes).
• drm/syncobj: Fix use-after-free (git-fixes).
• drm/tegra: replace idrinit() by idrinit_base() (git-fixes).
• drm/tegra: sor: Disable clocks on error in tegrasorinit() (git-fixes).
• drm/ttm: fix eviction valuable range check (git-fixes).
• drm/tve200: Fix handling of platformgetirq() error (bsc#1152472)
• drm/tve200: Fix handling of platformgetirq() error (git-fixes).
• drm/tve200: Stabilize enable/disable (git-fixes).
• drm/vc4: drv: Add error handding for bind (git-fixes).
• e1000e: bump up timeout to wait when ME un-configures ULP mode (jsc#SLE-8100).
• EDAC/amd64: Fix PCI component registration (bsc#1152489).
• ehci: fix EHCI host controller initialization sequence (git-fixes).
• ethernet: uccgeth: fix use-after-free in uccgeth_remove() (git-fixes).
• Exclude Symbols.list again. Removing the exclude builds vanilla/linux-next builds. Fixes: 55877625c800 ('kernel-binary.spec.in: Package the objinstalldir as explicit filelist.')
• firmware: imx: select SOC_BUS to fix firmware build (git-fixes).
• floppy: reintroduce O_NDELAY fix (boo#1181018).
• futex: Ensure the correct return value from futexlockpi() (bsc#1181349 bsc#1149032).
• futex: Handle faults correctly for PI futexes (bsc#1181349 bsc#1149032).
• futex: Provide and use pistateupdate_owner() (bsc#1181349 bsc#1149032).
• futex: Remove needless goto's (bsc#1149032).
• futex: Remove unused empty compatexitrobust_list() (bsc#1149032).
• futex: Replace pointless printk in fixup_owner() (bsc#1181349 bsc#1149032).
• futex: Simplify fixuppistate_owner() (bsc#1181349 bsc#1149032).
• futex: Use pistateupdateowner() in putpi_state() (bsc#1181349 bsc#1149032).
• HID: Ignore battery for Elan touchscreen on ASUS UX550 (git-fixes).
• HID: logitech-dj: add the G602 receiver (git-fixes).
• HID: multitouch: Apply MTQUIRKCONFIDENCE quirk for multi-input devices (git-fixes).
• HID: multitouch: do not filter mice nodes (git-fixes).
• HID: multitouch: Enable multi-input for Synaptics pointstick/touchpad device (git-fixes).
• HID: multitouch: Remove MTCLSWIN8DUAL (git-fixes).
• HID: wacom: Constify attribute_groups (git-fixes).
• HID: wacom: Correct NULL dereference on AES pen proximity (git-fixes).
• HID: wacom: do not call hidsetdrvdata(hdev, NULL) (git-fixes).
• HID: wacom: Fix memory leakage caused by kfifo_alloc (git-fixes).
• hwmon: (pwm-fan) Ensure that calculation does not discard big period values (git-fixes).
• i2c: bpmp-tegra: Ignore unknown I2C_M flags (git-fixes).
• i2c: i801: Fix the i2c-mux gpiodlookuptable not being properly terminated (git-fixes).
• i2c: octeon: check correct size of maximum RECV_LEN packet (git-fixes).
• i2c: sprd: use a specific timeout to avoid system hang up issue (git-fixes).
• i3c master: fix missing destroyworkqueue() on error in i3cmaster_register (git-fixes).
• IB/hfi1: Remove kobj from hfi1_devdata (bsc#1179878).
• IB/hfi1: Remove module parameter for KDETH qpns (bsc#1179878).
• ice: avoid premature Rx buffer reuse (jsc#SLE-7926).
• ice, xsk: clear the status bits for the nexttouse descriptor (jsc#SLE-7926).
• iio: ad5504: Fix setting power-down state (git-fixes).
• iomap: fix WARNONONCE() from unprivileged users (bsc#1181494).
• iommu/vt-d: Fix a bug for PDP check in prqeventthread (bsc#1181217).
• ionic: account for vlan tag len in rx buffer len (bsc#1167773).
• kABI fixup for dwc3 introduction of DWC_usb32 (git-fixes).
• kdb: Fix pager search for multi-line strings (git-fixes).
• kgdb: Drop malformed kernel doc comment (git-fixes).
• kprobes: tracing/kprobes: Fix to kill kprobes on initmem after boot (git fixes (kernel/kprobe)).
• KVM: nVMX: Reload vmcs01 if getting vmcs12's pages fails (bsc#1181218).
• KVM: s390: pv: Mark mm as protected after the set secure parameters and improve cleanup (jsc#SLE-7512 bsc#1165545).
• KVM: SVM: Initialize prevgatag before use (bsc#1180809).
• leds: trigger: fix potential deadlock with libata (git-fixes).
• lib/genalloc: fix the overflow when size is too big (git-fixes).
• lib/string: remove unnecessary #undefs (git-fixes).
• lockd: do not use interval-based rebinding over TCP (for-next).
• mac80211: check if atf has been disabled in _ieee80211schedule_txq (git-fixes).
• mac80211: do not drop tx nulldata packets on encrypted links (git-fixes).
• md/bitmap: fix memory leak of temporary bitmap (bsc#1163727).
• md/bitmap: mdbitmapget_counter returns wrong blocks (bsc#1163727).
• md/bitmap: mdbitmapread_sb uses wrong bitmap blocks (bsc#1163727).
• md/cluster: block reshape with remote resync job (bsc#1163727).
• md/cluster: fix deadlock when node is doing resync job (bsc#1163727).
• md-cluster: fix rmmod issue when md_cluster convert bitmap to none (bsc#1163727).
• md-cluster: fix safemode_delay value when converting to clustered bitmap (bsc#1163727).
• md-cluster: fix wild pointer of unlockallbitmaps() (bsc#1163727).
• md: fix a warning caused by a race between concurrent md_ioctl()s (for-next).
• media: dvb-usb: Fix memory leak at error in dvbusbdevice_init() (bsc#1181104).
• media: dvb-usb: Fix use-after-free access (bsc#1181104).
• media: gp8psk: initialize stats at power control logic (git-fixes).
• media: rc: ensure that uevent can be read directly after rc device register (git-fixes).
• misc: vmwvmci: fix kernel info-leak by initializing dbells in vmcictxgetchkpt_doorbells() (git-fixes).
• misdn: dsp: select CONFIG_BITREVERSE (git-fixes).
• mmc: core: do not initialize block size from ext_csd if not present (git-fixes).
• mmc: sdhci-xenon: fix 1.8v regulator stabilization (git-fixes).
• mm: memcontrol: fix missing wakeup polling thread (bsc#1181584).
• mm/vmalloc: Fix unlock order in s_stop() (git fixes (mm/vmalloc)).
• module: delay kobject uevent until after module init call (bsc#1178631).
• Move 'btrfs: qgroup: do not try to wait flushing if we're already holding a transaction (bsc#1179575).' to sorted section
• mt7601u: fix kernel crash unplugging the device (git-fixes).
• mt7601u: fix rx buffer refcounting (git-fixes).
• net/af_iucv: fix null pointer dereference on shutdown (bsc#1179567 LTC#190111).
• net/afiucv: set correct skprotocol for child sockets (git-fixes).
• net: fix procfs init handling in afpacket and tls (bsc#1154353).
• net: hns3: fix a phy loopback fail issue (bsc#1154353).
• net: hns3: remove a misused pragma packed (bsc#1154353).
• net/mlx5e: ethtool, Fix restriction of autoneg with 56G (jsc#SLE-8464).
• net: mscc: ocelot: allow offloading of bridge on top of LAG (git-fixes).
• net/smc: cancel event worker during device removal (git-fixes).
• net/smc: check for valid ibclientdata (git-fixes).
• net/smc: fix cleanup for linkgroup setup failures (git-fixes).
• net/smc: fix direct access to ibgidaddr->ndev in smcibdetermine_gid() (git-fixes).
• net/smc: fix dmb buffer shortage (git-fixes).
• net/smc: fix sleep bug in smcpnetfindroceresource() (git-fixes).
• net/smc: fix sock refcounting in case of termination (git-fixes).
• net/smc: fix valid DMBE buffer sizes (git-fixes).
• net/smc: no peer ID in CLC decline for SMCD (git-fixes).
• net/smc: remove freed buffer from list (git-fixes).
• net/smc: reset sndbuf_desc if freed (git-fixes).
• net/smc: set rx_off for SMCR explicitly (git-fixes).
• net/smc: switch smcddevlist spinlock to mutex (git-fixes).
• net/smc: transfer fasync_list in case of fallback (git-fixes).
• net: sunrpc: Fix 'snprintf' return value check in 'doxprtdebugfs' (for-next).
• net: sunrpc: interpret the return value of kstrtou32 correctly (for-next).
• net: usb: qmi_wwan: add Quectel EM160R-GL (git-fixes).
• net: vlan: avoid leaks on registervlandev() failures (bsc#1154353).
• NFC: fix possible resource leak (git-fixes).
• NFC: fix resource leak when target index is invalid (git-fixes).
• NFS4: Fix use-after-free in traceeventraweventnfs4setlock (for-next).
• nfs_common: need lock during iterate through the list (for-next).
• nfsd4: readdirplus shouldn't return parent of export (git-fixes).
• nfsd: Fix message level for normal termination (for-next).
• NFS: nfsdelegationfindinodeserver must first reference the superblock (for-next).
• NFS: nfsigraband_active must first reference the superblock (for-next).
• NFS/pNFS: Fix a leak of the layout 'plh_outstanding' counter (for-next).
• NFS/pNFS: Fix a typo in fflayoutresendpnfsread() (for-next).
• NFS: switch nfsiod to be an UNBOUND workqueue (for-next).
• NFSv4.2: condition READDIR's mask for security label based on LSM state (for-next).
• NFSv4: Fix the alignment of page data in the getdeviceinfo reply (for-next).
• nvme-multipath: fix bogus request queue reference put (bsc#1175389).
• nvme-rdma: avoid request double completion for concurrent nvmerdmatimeout (bsc#1181161).
• nvme-tcp: avoid request double completion for concurrent nvmetcptimeout (bsc#1181161).
• platform/x86: i2c-multi-instantiate: Do not create platform device for INT3515 ACPI nodes (git-fixes).
• platform/x86: ideapad-laptop: Disable touchpad_switch for ELAN0634 (git-fixes).
• platform/x86: intel-vbtn: Drop HP Stream x360 Convertible PC 11 from allow-list (git-fixes).
• platform/x86: intel-vbtn: Fix SWTABLETMODE always reporting 1 on some HP x360 models (git-fixes).
• PM: hibernate: flush swap writer after marking (git-fixes).
• pNFS: Mark layout for return if return-on-close was not sent (git-fixes).
• powerpc: Fix build error in paravirt.h (bsc#1181148 ltc#190702).
• powerpc/paravirt: Use iskvmguest() in vcpuispreempted() (bsc#1181148 ltc#190702).
• powerpc: Refactor iskvmguest() declaration to new header (bsc#1181148 ltc#190702).
• powerpc: Reintroduce iskvmguest() as a fast-path check (bsc#1181148 ltc#190702).
• powerpc: Rename iskvmguest() to checkkvmguest() (bsc#1181148 ltc#190702).
• power: vexpress: add suppressbindattrs to true (git-fixes).
• prom_init: enable verbose prints (bsc#1178142 bsc#1180759).
• ptrace: reintroduce usage of subjective credentials in ptracehascap() (bsc#1163930).
• ptrace: Set PF_SUPERPRIV when checking capability (bsc#1163930).
• r8152: Add Lenovo Powered USB-C Travel Hub (git-fixes).
• r8169: work around power-saving bug on some chip versions (git-fixes).
• regmap: debugfs: Fix a memory leak when calling regmapattachdev (git-fixes).
• regmap: debugfs: Fix a reversed if statement in regmapdebugfsinit() (git-fixes).
• Revert 'ceph: allow rename operation under different quota realms' (bsc#1180541).
• Revert 'nfsd4: support changeattrtype attribute' (for-next).
• Revive usb-audio Keep Interface mixer (bsc#1181014).
• rtc: pl031: fix resource leak in pl031_probe (git-fixes).
• rtc: sun6i: Fix memleak in sun6irtcclk_init (git-fixes).
• rtmutex: Remove unused argument from rtmutexproxy_unlock() (bsc#1181349 bsc#1149032).
• s390/cio: fix use-after-free in ccwdevicedestroy_console (git-fixes).
• s390/dasd: fix hanging device offline processing (bsc#1181169 LTC#190914).
• s390/dasd: fix list corruption of lcu list (git-fixes).
• s390/dasd: fix list corruption of pavgroup group list (git-fixes).
• s390/dasd: prevent inconsistent LCU device data (git-fixes).
• s390/kexec_file: fix diag308 subcode when loading crash kernel (git-fixes).
• s390/qeth: consolidate online/offline code (git-fixes).
• s390/qeth: do not raise NETDEV_REBOOT event from L3 offline path (git-fixes).
• s390/qeth: fix deadlock during recovery (git-fixes).
• s390/qeth: fix L2 header access in qethl3osafeaturescheck() (git-fixes).
• s390/qeth: fix locking for discipline setup / removal (git-fixes).
• s390/smp: perform initial CPU reset also for SMT siblings (git-fixes).
• sched/fair: Check for idle core in wake_affine (git fixes (sched)).
• scsi: ibmvfc: Set default timeout to avoid crash during migration (bsc#1181425 ltc#188252).
• scsi: lpfc: Enhancements to LOGTRACEEVENT for better readability (bsc#1180891).
• scsi: lpfc: Fix auto slimode and its effect on CONFIGPORT for SLI3 (bsc#1180891).
• scsi: lpfc: Fix crash when a fabric node is released prematurely (bsc#1180891).
• scsi: lpfc: Fix crash when nvmet transport calls host_release (bsc#1180891).
• scsi: lpfc: Fix error log messages being logged following SCSI task mgnt (bsc#1180891).
• scsi: lpfc: Fix FW reset action if I/Os are outstanding (bsc#1180891).
• scsi: lpfc: Fix NVMe recovery after mailbox timeout (bsc#1180891).
• scsi: lpfc: Fix PLOGI S_ID of 0 on pt2pt config (bsc#1180891).
• scsi: lpfc: Fix target reset failing (bsc#1180891).
• scsi: lpfc: Fix vport create logging (bsc#1180891).
• scsi: lpfc: Implement health checking when aborting I/O (bsc#1180891).
• scsi: lpfc: Prevent duplicate requests to unregister with cpuhp framework (bsc#1180891).
• scsi: lpfc: Refresh ndlp when a new PRLI is received in the PRLI issue state (bsc#1180891).
• scsi: lpfc: Simplify bool comparison (bsc#1180891).
• scsi: lpfc: Update lpfc version to 12.8.0.7 (bsc#1180891).
• scsi: lpfc: Use the nvme-fc transport supplied timeout for LS requests (bsc#1180891).
• scsi: qla2xxx: Fix description for parameter ql2xenforceiocblimit (bsc#1179142).
• scsi: scsitransportsrp: Do not block target in failfast state (bsc#1172355).
• selftests/ftrace: Select an existing function in kprobe_eventname test (bsc#1179396 ltc#185738).
• selftests: net: fib_tests: remove duplicate log test (git-fixes).
• selftests/powerpc: Add a test of bad (out-of-range) accesses (bsc#1181158 ltc#190851).
• selftests/powerpc: Add a test of spectre_v2 mitigations (bsc#1181158 ltc#190851).
• selftests/powerpc: Ignore generated files (bsc#1181158 ltc#190851).
• selftests/powerpc: Move Hash MMU check to utilities (bsc#1181158 ltc#190851).
• selftests/powerpc: Move setdscr() into rfiflush.c (bsc#1181158 ltc#190851).
• selftests/powerpc: Only test lwm/stmw on big endian (bsc#1180412 ltc#190579).
• selftests/powerpc: spectre_v2 test must be built 64-bit (bsc#1181158 ltc#190851).
• serial: mvebu-uart: fix tx lost characters at power off (git-fixes).
• spi: cadence: cache reference clock rate during probe (git-fixes).
• spi: stm32: FIFO threshold level - fix align packet size (git-fixes).
• staging: mt7621-dma: Fix a resource leak in an error handling path (git-fixes).
• staging: wlan-ng: fix out of bounds read in prism2staprobeusb() (git-fixes).
• SUNRPC: Clean up the handling of page padding in rpcpreparereply_pages() (for-next).
• sunrpc: fix xsreadxdr_buf for partial pages receive (for-next).
• SUNRPC: rpcwakeup() should wake up tasks in the correct order (for-next).
• swiotlb: fix 'x86: Do not panic if can not alloc buffer for swiotlb' (git-fixes).
• swiotlb: using SIZE_MAX needs limits.h included (git-fixes).
• timers: Preserve higher bits of expiration on index calculation (bsc#1181318).
• timers: Use only bucket expiry for base->next_expiry value (bsc#1181318).
• udp: Prevent reuseportselectsock from reading uninitialized socks (git-fixes).
• USB: cdc-acm: blacklist another IR Droid device (git-fixes).
• USB: cdc-wdm: Fix use after free in serviceoutstandinginterrupt() (git-fixes).
• usb: chipidea: cihdrcimx: add missing putdevice() call in usbmiscgetinitdata() (git-fixes).
• USB: dummy-hcd: Fix uninitialized array use in init() (git-fixes).
• usb: dwc3: Add support for DWC_usb32 IP (git-fixes).
• usb: dwc3: core: Properly default unspecified speed (git-fixes).
• usb: dwc3: ulpi: Use VStsDone to detect PHY regs access completion (git-fixes).
• usb: dwc3: Update soft-reset wait polling rate (git-fixes).
• USB: ehci: fix an interrupt calltrace error (git-fixes).
• usb: gadget: aspeed: fix stop dma register setting (git-fixes).
• usb: gadget: configfs: Fix use-after-free issue with udc_name (git-fixes).
• usb: gadget: configfs: Preserve function ordering after bind failure (git-fixes).
• usb: gadget: enable super speed plus (git-fixes).
• usb: gadget: Fix spinlock lockup on usbfunctiondeactivate (git-fixes).
• usb: gadget: f_uac2: reset wMaxPacketSize (git-fixes).
• usb: gadget: function: printer: Fix a memory leak for interface descriptor (git-fixes).
• USB: gadget: legacy: fix return error code in acmmsbind() (git-fixes).
• usb: gadget: select CONFIG_CRC32 (git-fixes).
• usb: gadget: u_ether: Fix MTU size mismatch with RX packet size (git-fixes).
• USB: serial: iuu_phoenix: fix DMA from stack (git-fixes).
• USB: serial: option: add LongSung M5710 module support (git-fixes).
• USB: serial: option: add Quectel EM160R-GL (git-fixes).
• usb: typec: Fix copy paste error for NVIDIA alt-mode description (git-fixes).
• usb: uas: Add PNY USB Portable SSD to unusual_uas (git-fixes).
• usb: udc: core: Use lock when write to soft_connect (git-fixes).
• usb: usbip: vhci_hcd: protect shift size (git-fixes).
• USB: usblp: fix DMA to stack (git-fixes).
• USB: xhci: fix U1/U2 handling for hardware with XHCIINTELHOST quirk set (git-fixes).
• USB: yurex: fix control-URB timeout handling (git-fixes).
• vfio iommu: Add dma available capability (bsc#1179572 LTC#190110).
• vfio/pci: Implement ioeventfd thread handler for contended memory lock (bsc#1181219).
• vfio-pci: Use ioremappfn_range() for PCI IO memory (bsc#1181220).
• video: fbdev: atmellcdfb: fix return error code in atmellcdfbofinit() (git-fixes).
• video: fbdev: fix OOB read in vga8planesimageblit() (git-fixes).
• video: fbdev: pvr2fb: initialize variables (git-fixes).
• video: fbdev: vga16fb: fix setting of pixclock because a pass-by-value error (git-fixes).
• wan: ds26522: select CONFIG_BITREVERSE (git-fixes).
• wil6210: select CONFIG_CRC32 (git-fixes).
• x86/apic: Fix x2apic enablement without interrupt remapping (bsc#1152489).
• x86/cpu/amd: Call initamdzn() om Family 19h processors too (bsc#1181077).
• x86/cpu/amd: Set _maxdieperpackage on AMD (bsc#1152489).
• x86/hyperv: Fix kexec panic/hang issues (bsc#1176831).
• x86/kprobes: Restore BTF if the single-stepping is cancelled (bsc#1152489).
• x86/mm: Fix leak of pmd ptlock (bsc#1152489).
• x86/mm/numa: Remove uninitialized_var() usage (bsc#1152489).
• x86/mtrr: Correct the range check before performing MTRR type lookups (bsc#1152489).
• x86/resctrl: Do not move a task to the same resource group (bsc#1152489).
• x86/resctrl: Use an IPI instead of taskworkadd() to update PQR_ASSOC MSR (bsc#1152489).
• x86/topology: Make _maxdieperpackage available unconditionally (bsc#1152489).
• x86/xen: avoid warning in Xen pv guest with CONFIGAMDMEM_ENCRYPT enabled (bsc#1181335).
• xen-blkfront: allow discard-* nodes to be optional (bsc#1181346).
• xen/privcmd: allow fetching resource sizes (bsc#1065600).
• xfs: show the proper user quota options (bsc#1181538).
• xhci: Give USB2 ports time to enter U3 in bus suspend (git-fixes).
• xhci: make sure TRB is fully written before giving it to the controller (git-fixes).
• xhci: tegra: Delay for disabling LFPS detector (git-fixes).