SUSE-SU-2024:2894-1

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

• CVE-2021-47086: phonet/pep: refuse to enable an unbound pipe (bsc#1220952).
• CVE-2021-47103: net: sock: preserve kabi for sock (bsc#1221010).
• CVE-2021-47186: tipc: check for null after calling kmemdup (bsc#1222702).
• CVE-2021-47546: Kabi fix for ipv6: fix memory leak in fib6rulesuppress (bsc#1225504).
• CVE-2021-47547: net: tulip: de4x5: fix the problem that the array 'lp->phy' may be out of bound (bsc#1225505).
• CVE-2021-47588: sit: do not call ipip6devfree() from sitinitnet() (bsc#1226568).
• CVE-2021-47590: mptcp: fix deadlock in _mptcppush_pending() (bsc#1226565).
• CVE-2021-47591: mptcp: remove tcp ulp setsockopt support (bsc#1226570).
• CVE-2021-47593: mptcp: clear 'kern' flag from fallback sockets (bsc#1226551).
• CVE-2021-47598: schcake: do not call cakedestroy() from cake_init() (bsc#1226574).
• CVE-2021-47599: btrfs: use latestdev in btrfsshow_devname (bsc#1226571)
• CVE-2021-47606: net: netlink: af_netlink: Prevent empty skb by adding a check on len (bsc#1226555).
• CVE-2021-47623: powerpc/fixmap: Fix VM debug warning on unmap (bsc#1227919).
• CVE-2022-48785: ipv6: mcast: use rcu-safe version of ipv6getlladdr() (bsc#1227927)
• CVE-2022-48810: ipmr,ip6mr: acquire RTNL before calling ip[6]mrfreetable() on failure path (bsc#1227936).
• CVE-2022-48850: net-sysfs: add check for netdevice being present to speed_show (bsc#1228071)
• CVE-2022-48855: sctp: fix kernel-infoleak for SCTP sockets (bsc#1228003).
• CVE-2023-52435: net: prevent mss overflow in skb_segment() (bsc#1220138).
• CVE-2023-52573: net: rds: Fix possible NULL-pointer dereference (bsc#1220869)
• CVE-2023-52580: net/core: Fix ETHP1588 flow dissector (bsc#1220876).
• CVE-2023-52751: smb: client: fix use-after-free in smb2queryinfo_compound() (bsc#1225489).
• CVE-2023-52775: net/smc: avoid data corruption caused by decline (bsc#1225088).
• CVE-2023-52812: drm/amd: check num of link levels when update pcie param (bsc#1225564).
• CVE-2023-52857: drm/mediatek: Fix coverity issue with unintentional integer overflow (bsc#1225581).
• CVE-2023-52863: hwmon: (axi-fan-control) Fix possible NULL pointer dereference (bsc#1225586).
• CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220187).
• CVE-2024-26615: net/smc: fix illegal rmb_desc access in SMC-D connection dump (bsc#1220942).
• CVE-2024-26633: ip6tunnel: fix NEXTHDRFRAGMENT handling in ip6tnlparsetlvenc_lim() (bsc#1221647).
• CVE-2024-26635: llc: Drop support for ETHPTR8022 (bsc#1221656).
• CVE-2024-26636: llc: make llcuisendmsg() more robust against bonding changes (bsc#1221659).
• CVE-2024-26641: ip6tunnel: make sure to pull inner header in _ip6tnlrcv() (bsc#1221654).
• CVE-2024-26661: drm/amd/display: Add NULL test for 'timing generator' in (bsc#1222323)
• CVE-2024-26663: tipc: Check the bearer type before calling tipcudpnlbeareradd() (bsc#1222326).
• CVE-2024-26665: tunnels: fix out of bounds access when building IPv6 PMTU error (bsc#1222328).
• CVE-2024-26802: stmmac: Clear variable when destroying workqueue (bsc#1222799).
• CVE-2024-26863: hsr: Fix uninit-value access in hsrgetnode() (bsc#1223021).
• CVE-2024-26961: mac802154: fix llsec key resources release in mac802154llseckey_del (bsc#1223652).
• CVE-2024-27015: netfilter: flowtable: incorrect pppoe tuple (bsc#1223806).
• CVE-2024-27019: netfilter: nftables: Fix potential data-race in _nftobjtype_get() (bsc#1223813)
• CVE-2024-27020: netfilter: nftables: Fix potential data-race in _nftexprtype_get() (bsc#1223815)
• CVE-2024-27025: nbd: null check for nlaneststart (bsc#1223778)
• CVE-2024-27065: netfilter: nf_tables: do not compare internal table flags on updates (bsc#1223836).
• CVE-2024-27402: phonet/pep: fix racy skbqueueempty() use (bsc#1224414).
• CVE-2024-27437: vfio/pci: Disable auto-enable of exclusive INTx IRQ (bsc#1222625).
• CVE-2024-35805: dm snapshot: fix lockup in dmexceptiontable_exit (bsc#1224743).
• CVE-2024-35819: soc: fsl: qbman: Use raw spinlock for cgr_lock (bsc#1224683).
• CVE-2024-35837: net: mvpp2: clear BM pool before initialization (bsc#1224500).
• CVE-2024-35853: mlxsw: spectrumacltcam: Fix memory leak during rehash (bsc#1224604).
• CVE-2024-35889: idpf: fix kernel panic on unknown packet types (bsc#1224517).
• CVE-2024-35890: gro: fix ownership transfer (bsc#1224516).
• CVE-2024-35893: net/sched: act_skbmod: prevent kernel-infoleak (bsc#1224512)
• CVE-2024-35899: netfilter: nftables: flush pending destroy work before exitnet release (bsc#1224499)
• CVE-2024-35934: net/smc: reduce rtnl pressure in smcpnetcreatepnetidslist() (bsc#1224641)
• CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1224700)
• CVE-2024-35961: net/mlx5: Restore mistakenly dropped parts in register devlink flow (bsc#1224585).
• CVE-2024-35979: raid1: fix use-after-free for original bio in raid1writerequest() (bsc#1224572).
• CVE-2024-35995: ACPI: CPPC: Fix access width used for PCC registers (bsc#1224557).
• CVE-2024-36000: mm/hugetlb: fix missing hugetlb_lock for resv uncharge (bsc#1224548).
• CVE-2024-36004: i40e: Do not use WQMEMRECLAIM flag for workqueue (bsc#1224545)
• CVE-2024-36901: ipv6: prevent NULL dereference in ip6_output() (bsc#1225711)
• CVE-2024-36902: ipv6: fib6rules: avoid possible NULL dereference in fib6rule_action() (bsc#1225719).
• CVE-2024-36909: Drivers: hv: vmbus: Do not free ring buffers that couldn't be re-encrypted (bsc#1225744).
• CVE-2024-36910: uiohvgeneric: Do not free decrypted memory (bsc#1225717).
• CVE-2024-36911: hv_netvsc: Do not free decrypted memory (bsc#1225745).
• CVE-2024-36912: Drivers: hv: vmbus: Track decrypted status in vmbus_gpadl (bsc#1225752).
• CVE-2024-36913: Drivers: hv: vmbus: Leak pages if setmemoryencrypted() fails (bsc#1225753).
• CVE-2024-36914: drm/amd/display: Skip on writeback when it's not applicable (bsc#1225757).
• CVE-2024-36919: scsi: bnx2fc: Remove spinlockbh while releasing resources after upload (bsc#1225767).
• CVE-2024-36923: fs/9p: fix uninitialized values during inode evict (bsc#1225815).
• CVE-2024-36939: nfs: Handle error of rpcprocregister() in nfsnetinit() (bsc#1225838).
• CVE-2024-36946: phonet: fix rtmphonetnotify() skb allocation (bsc#1225851).
• CVE-2024-36974: net/sched: taprio: always validate TCATAPRIOATTR_PRIOMAP (bsc#1226519).
• CVE-2024-38555: net/mlx5: Discard command completions in internal error (bsc#1226607).
• CVE-2024-38558: net: openvswitch: fix overwriting ct original tuple for ICMPv6 (bsc#1226783).
• CVE-2024-38570: gfs2: Fix potential glock use-after-free on unmount (bsc#1226775).
• CVE-2024-38586: r8169: Fix possible ring buffer corruption on fragmented Tx packets (bsc#1226750).
• CVE-2024-38598: md: fix resync softlockup when bitmap size is less than array size (bsc#1226757).
• CVE-2024-38628: usb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind (bsc#1226911).
• CVE-2024-39276: ext4: fix mbcacheentry's erefcnt leak in ext4xattrblockcache_find() (bsc#1226993).
• CVE-2024-39371: iouring: check for non-NULL file pointer in iofilecanpoll() (bsc#1226990).
• CVE-2024-39463: 9p: add missing locking around taking dentry fid list (bsc#1227090).
• CVE-2024-39472: xfs: fix log recovery buffer allocation for the legacy h_size fixup (bsc#1227432).
• CVE-2024-39482: bcache: fix variable length array abuse in btree_iter (bsc#1227447).
• CVE-2024-39487: bonding: Fix out-of-bounds read in bondoptionarpiptargets_set() (bsc#1227573)
• CVE-2024-39490: ipv6: sr: fix missing skbuff release in seg6input_core (bsc#1227626).
• CVE-2024-39493: crypto: qat - Fix ADFDEVRESET_SYNC memory leak (bsc#1227620).
• CVE-2024-39494: ima: Fix use-after-free on a dentry's dname.name (bsc#1227716).
• CVE-2024-39497: drm/shmem-helper: Fix BUGON() on mmap(PROTWRITE, MAP_PRIVATE) (bsc#1227722)
• CVE-2024-39502: ionic: fix use after netifnapidel() (bsc#1227755).
• CVE-2024-39506: liquidio: Adjust a NULL pointer handling path in liovfrepcopypacket (bsc#1227729).
• CVE-2024-39507: net: hns3: fix kernel crash problem in concurrent scenario (bsc#1227730).
• CVE-2024-39508: iouring/io-wq: Use setbit() and test_bit() at worker->flags (bsc#1227732).
• CVE-2024-40901: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory (bsc#1227762).
• CVE-2024-40906: net/mlx5: Always stop health timer during driver removal (bsc#1227763).
• CVE-2024-40908: bpf: Set run context for rawtp test_run callback (bsc#1227783).
• CVE-2024-40909: bpf: Fix a potential use-after-free in bpflinkfree() (bsc#1227798).
• CVE-2024-40919: bnxten: Adjust logging of firmware messages in case of released token in _hwrm_send() (bsc#1227779).
• CVE-2024-40923: vmxnet3: disable rx data ring on dma allocation failure (bsc#1227786).
• CVE-2024-40931: mptcp: ensure snd_una is properly initialized on connect (bsc#1227780).
• CVE-2024-40935: cachefiles: flush all requests after setting CACHEFILES_DEAD (bsc#1227797).
• CVE-2024-40937: gve: Clear napi->skb before devkfreeskb_any() (bsc#1227836).
• CVE-2024-40940: net/mlx5: Fix tainted pointer delete is case of flow rules creation fail (bsc#1227800).
• CVE-2024-40943: ocfs2: fix races between hole punching and AIO+DIO (bsc#1227849).
• CVE-2024-40953: KVM: Fix a data race on lastboostedvcpu in kvmvcpuon_spin() (bsc#1227806).
• CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808)
• CVE-2024-40958: netns: Make getnetns() handle zero refcount net (bsc#1227812).
• CVE-2024-40959: xfrm6: check ip6dstidev() return value in xfrm6getsaddr() (bsc#1227884).
• CVE-2024-40960: ipv6: prevent possible NULL dereference in rt6_probe() (bsc#1227813).
• CVE-2024-40961: ipv6: prevent possible NULL deref in fib6nhinit() (bsc#1227814).
• CVE-2024-40966: kABI: tty: add the option to have a tty reject a new ldisc (bsc#1227886).
• CVE-2024-40967: serial: imx: Introduce timeout when waiting on transmitter empty (bsc#1227891).
• CVE-2024-40970: Avoid hw_desc array overrun in dw-axi-dmac (bsc#1227899).
• CVE-2024-40972: ext4: fold quota accounting into ext4xattrinodelookupcreate() (bsc#1227910).
• CVE-2024-40977: wifi: mt76: mt7921s: fix potential hung tasks during chip recovery (bsc#1227950).
• CVE-2024-40982: ssb: Fix potential NULL pointer dereference in ssbdeviceuevent() (bsc#1227865).
• CVE-2024-40989: KVM: arm64: Disassociate vcpus from redistributor region on teardown (bsc#1227823).
• CVE-2024-40994: ptp: fix integer overflow in maxvclocksstore (bsc#1227829).
• CVE-2024-40998: ext4: fix uninitialized ratelimitstate->lock access in _ext4fillsuper() (bsc#1227866).
• CVE-2024-40999: net: ena: Add validation for completion descriptors consistency (bsc#1227913).
• CVE-2024-41006: netrom: Fix a memory leak in nrheartbeatexpiry() (bsc#1227862).
• CVE-2024-41009: selftests/bpf: Add more ring buffer test coverage (bsc#1228020).
• CVE-2024-41012: filelock: Remove locks reliably when fcntl/close race is detected (bsc#1228247).
• CVE-2024-41013: xfs: do not walk off the end of a directory data block (bsc#1228405).
• CVE-2024-41014: xfs: add bounds checking to xlogrecoverprocess_data (bsc#1228408).
• CVE-2024-41015: ocfs2: add bounds checking to ocfs2checkdir_entry() (bsc#1228409).
• CVE-2024-41016: ocfs2: add bounds checking to ocfs2xattrfind_entry() (bsc#1228410).
• CVE-2024-41017: jfs: do not walk off the end of ealist (bsc#1228403).
• CVE-2024-41040: net/sched: Fix UAF when resolving a clash (bsc#1228518)
• CVE-2024-41041: udp: Set SOCKRCUFREE earlier in udplibget_port() (bsc#1228520)
• CVE-2024-41044: ppp: reject claimed-as-LCP but actually malformed packets (bsc#1228530).
• CVE-2024-41048: skmsg: Skip zero length skb in skmsgrecvmsg (bsc#1228565)
• CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefileswithdrawcookie() (bsc#1228462).
• CVE-2024-41058: cachefiles: fix slab-use-after-free in fscachewithdrawvolume() (bsc#1228459).
• CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228561).
• CVE-2024-41063: Bluetooth: hcicore: cancel all works upon hciunregister_dev() (bsc#1228580)
• CVE-2024-41064: powerpc/eeh: avoid possible crash when edev->pdev changes (bsc#1228599).
• CVE-2024-41066: ibmvnic: Add tx check to prevent skb leak (bsc#1228640).
• CVE-2024-41069: ASoC: topology: Fix route memory corruption (bsc#1228644).
• CVE-2024-41070: KVM: PPC: Book3S HV: Prevent UAF in kvmspaprtceattachiommu_group() (bsc#1228581).
• CVE-2024-41071: wifi: mac80211: Avoid address calculations via out of bounds array indexing (bsc#1228625).
• CVE-2024-41078: btrfs: qgroup: fix quota root leak after quota disable failure (bsc#1228655).
• CVE-2024-41081: ila: block BH in ila_output() (bsc#1228617)
• CVE-2024-41090: tap: add missing verification for short frame (bsc#1228328).
• CVE-2024-41091: tun: add missing verification for short frame (bsc#1228327).
• CVE-2024-42070: netfilter: nftables: fully validate NFTDATA_VALUE on store to data registers (bsc#1228470)
• CVE-2024-42079: gfs2: Fix NULL pointer dereference in gfs2logflush (bsc#1228672).
• CVE-2024-42093: net/dpaa2: Avoid explicit cpumask var allocation on stack (bsc#1228680).
• CVE-2024-42096: x86: stop playing stack games in profile_pc() (bsc#1228633).
• CVE-2024-42122: drm/amd/display: Add NULL pointer check for kzalloc (bsc#1228591)
• CVE-2024-42124: scsi: qedf: Make qedfexecutetmf() non-preemptible (bsc#1228705)
• CVE-2024-42145: IB/core: Implement a limit on UMAD receive List (bsc#1228743)
• CVE-2024-42161: Avoid uninitialized value in BPFCOREREAD_BITFIELD (bsc#1228756).
• CVE-2024-42224: net: dsa: mv88e6xxx: Correct check for empty list (bsc#1228723)
• CVE-2024-42230: powerpc/pseries: Fix scv instruction crash with kexec (bsc#1194869).

The following non-security bugs were fixed:

• ACPI: EC: Abort address space access upon error (stable-fixes).
• ACPI: EC: Avoid returning AE_OK on errors in address space handler (stable-fixes).
• ACPI: processor_idle: Fix invalid comparison with insertion sort for latency (git-fixes).
• ACPI: video: Add backlight=native quirk for Lenovo Slim 7 16ARH7 (stable-fixes).
• ACPI: x86: Force StorageD3Enable on more products (stable-fixes).
• ACPI: x86: utils: Add Picasso to the list for forcing StorageD3Enable (stable-fixes).
• ALSA: dmaengine_pcm: terminate dmaengine before synchronize (stable-fixes).
• ALSA: dmaengine: Synchronize dma channel after drop() (stable-fixes).
• ALSA: emux: improve patch ioctl data validation (stable-fixes).
• ALSA: hda: conexant: Fix headset auto detect fail in the polling mode (git-fixes).
• ALSA: hda/realtek: Add more codec ID to no shutup pins list (stable-fixes).
• ALSA: hda/realtek: add quirk for Clevo V5[46]0TU (stable-fixes).
• ALSA: hda/realtek: Enable headset mic of JP-IK LEAP W502 with ALC897 (stable-fixes).
• ALSA: hda/realtek: Enable headset mic on Positivo SU C1400 (stable-fixes).
• ALSA: hda/realtek: Enable Mute LED on HP 250 G7 (stable-fixes).
• ALSA: hda/realtek: fix mute/micmute LEDs do not work for EliteBook 645/665 G11 (stable-fixes).
• ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360 (stable-fixes).
• ALSA: hda/realtek: Limit mic boost on VAIO PRO PX (stable-fixes).
• ALSA: hda/relatek: Enable Mute LED on HP Laptop 15-gw0xxx (stable-fixes).
• ALSA: pcm_dmaengine: Do not synchronize DMA channel when DMA is paused (git-fixes).
• ALSA: usb-audio: Add a quirk for Sonix HD USB Camera (stable-fixes).
• ALSA: usb-audio: Correct surround channels in UAC1 channel map (git-fixes).
• ALSA: usb-audio: Fix microphone sound on HD webcam (stable-fixes).
• ALSA: usb-audio: Move HD Webcam quirk to the right place (git-fixes).
• arm64: dts: allwinner: Pine H64: correctly remove reggmac3v3 (git-fixes)
• arm64: dts: hi3798cv200: fix the size of GICR (git-fixes)
• arm64: dts: imx8qm-mek: fix gpio number for regusdhc2vmmc (git-fixes)
• arm64: dts: microchip: sparx5: fix mdio reg (git-fixes)
• arm64: dts: rockchip: Add enable-strobe-pulldown to emmc phy on ROCK (git-fixes)
• arm64: dts: rockchip: Add sound-dai-cells for RK3368 (git-fixes)
• arm64: dts: rockchip: fix PMIC interrupt pin on ROCK Pi E (git-fixes)
• arm64/io: add constant-argument check (bsc#1226502 git-fixes)
• arm64/io: Provide a WC friendly _iowriteXXcopy() (bsc#1226502)
• arm64: tegra: Correct Tegra132 I2C alias (git-fixes)
• ASoC: amd: Adjust error handling in case of absent codec device (git-fixes).
• ASoC: max98088: Check for clkprepareenable() error (git-fixes).
• ASoC: ti: davinci-mcasp: Set min period size using FIFO config (stable-fixes).
• ASoC: ti: omap-hdmi: Fix too long driver name (stable-fixes).
• batman-adv: bypass empty buckets in batadvpurgeorig_ref() (stable-fixes).
• blk-cgroup: dropping parent refcount after pdfreefn() is done (bsc#1224573).
• block: do not add partitions if GDSUPPRESSPART_SCAN is set (bsc#1227162).
• block, loop: support partitions without scanning (bsc#1227162).
• Bluetooth: ath3k: Fix multiple issues reported by checkpatch.pl (stable-fixes).
• Bluetooth: btqca: use le32tocpu for ver.soc_id (stable-fixes).
• Bluetooth: hcicore: cancel all works upon hciunregister_dev() (stable-fixes).
• Bluetooth: hci_qca: mark OF related data as maybe unused (stable-fixes).
• Bluetooth: hci_sync: Fix suspending with wrong filter policy (git-fixes).
• Bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot (git-fixes).
• bnxtre: Fix immdata endianness (git-fixes)
• bpf: aggressively forget precise markings during state checkpointing (bsc#1225903).
• bpf: allow precision tracking for programs with subprogs (bsc#1225903).
• bpf: check bpffuncstate->callback_depth when pruning states (bsc#1225903).
• bpf: clean up visit_insn()'s instruction processing (bsc#1225903).
• bpf: correct loop detection for iterators convergence (bsc#1225903).
• bpf: encapsulate precision backtracking bookkeeping (bsc#1225903).
• bpf: ensure state checkpointing at iter_next() call sites (bsc#1225903).
• bpf: exact states comparison for iterator convergence checks (bsc#1225903).
• bpf: extract _checkreg_arg() utility function (bsc#1225903).
• bpf: extract same_callsites() as utility function (bsc#1225903).
• bpf: extract setupfuncentry() utility function (bsc#1225903).
• bpf: fix calculation of subseq_idx during precision backtracking (bsc#1225903).
• bpf: fix markallscalarsprecise use in markchain_precision (bsc#1225903).
• bpf: Fix memory leaks in _checkfunc_call (bsc#1225903).
• bpf: fix propagate_precision() logic for inner frames (bsc#1225903).
• bpf: fix regs_exact() logic in regsafe() to remap IDs correctly (bsc#1225903).
• bpf: Fix to preserve reg parent/live fields when copying range info (bsc#1225903).
• bpf: generalize MAYBENULL vs non-MAYBENULL rule (bsc#1225903).
• bpf: improve precision backtrack logging (bsc#1225903).
• bpf: Improve verifier u32 scalar equality checking (bsc#1225903).
• bpf: keep track of max number of bpf_loop callback iterations (bsc#1225903).
• bpf: maintain bitmasks across all active frames in _markchain_precision (bsc#1225903).
• bpf: mark relevant stack slots scratched for register read instructions (bsc#1225903).
• bpf: move explored_state() closer to the beginning of verifier.c (bsc#1225903).
• bpf: perform byte-by-byte comparison only when necessary in regsafe() (bsc#1225903).
• bpf: print full verifier states on infinite loop detection (bsc#1225903).
• bpf: regsafe() must not skip check_ids() (bsc#1225903).
• bpf: reject non-exact register type matches in regsafe() (bsc#1225903).
• bpf: Remove unused insncnt argument from visit[funccall]insn() (bsc#1225903).
• bpf: reorganize struct bpfregstate fields (bsc#1225903).
• bpf: Skip invalid kfunc call in backtrack_insn (bsc#1225903).
• bpf: states_equal() must build idmap for all function frames (bsc#1225903).
• bpf: stop setting precise in current state (bsc#1225903).
• bpf: support precision propagation in the presence of subprogs (bsc#1225903).
• bpf: take into account liveness when propagating precision (bsc#1225903).
• bpf: teach refsafe() to take into account ID remapping (bsc#1225903).
• bpf: unconditionally reset backtrack_state masks on global func exit (bsc#1225903).
• bpf: use checkids() for activelock comparison (bsc#1225903).
• bpf: Use scalar ids in markchainprecision() (bsc#1225903).
• bpf: verify callbacks as if they are called unknown number of times (bsc#1225903).
• bpf: Verify scalar ids mapping in regsafe() using check_ids() (bsc#1225903).
• bpf: widening for callback iterators (bsc#1225903).
• btrfs: add device major-minor info in the struct btrfs_device (bsc#1227162).
• btrfs: harden identification of a stale device (bsc#1227162).
• btrfs: match stale devices by dev_t (bsc#1227162).
• btrfs: remove the cross file system checks from remap (bsc#1227157).
• btrfs: use devt to match device in devicematched (bsc#1227162).
• btrfs: validate device maj:min during open (bsc#1227162).
• bytcr_rt5640 : inverse jack detect for Archos 101 cesium (stable-fixes).
• cachefiles: add output string to cachefilesobj[get|put]ondemandfd (git-fixes).
• can: kvaserusb: Explicitly initialize family in leafimx driverinfo struct (git-fixes).
• can: kvaserusb: fix return value for hifusbsendregout (stable-fixes).
• ceph: fix incorrect kmalloc size of pagevec mempool (bsc#1228418).
• cgroup/cpuset: Prevent UAF in proccpusetshow() (bsc#1228801).
• checkpatch: really skip LONGLINE* when LONG_LINE is ignored (git-fixes).
• crypto: aead,cipher - zeroize key buffer after use (stable-fixes).
• crypto: ecdh - explicitly zeroize private_key (stable-fixes).
• crypto: ecdsa - Fix the public key format description (git-fixes).
• crypto: hisilicon/sec - Fix memory leak for sec resource release (stable-fixes).
• csky: ftrace: Drop duplicate implementation of archcheckftrace_location() (git-fixes).
• decompress_bunzip2: fix rare decompression failure (git-fixes).
• devres: Fix devm_krealloc() wasting memory (git-fixes).
• devres: Fix memory leakage caused by driver API devmfreepercpu() (git-fixes).
• dma: fix call order in dmamfreecoherent (git-fixes).
• docs: crypto: async-tx-api: fix broken code example (git-fixes).
• docs: Fix formatting of literal sections in fanotify docs (stable-fixes).
• drm/amd/amdgpu: Fix style errors in amdgpudrv.c & amdgpudevice.c (stable-fixes).
• drm/amd/display: Account for cursor prefetch BW in DML1 mode support (stable-fixes).
• drm/amd/display: Check for NULL pointer (stable-fixes).
• drm/amd/display: Check index msg_id before read or write (stable-fixes).
• drm/amd/display: Check pipe offset before setting vblank (stable-fixes).
• drm/amd/display: Skip finding free audio for unknown engine_id (stable-fixes).
• drm/amdgpu/atomfirmware: fix parsing of vram_info (stable-fixes).
• drm/amdgpu/atomfirmware: silence UBSAN warning (stable-fixes).
• drm/amdgpu: avoid using null object of framebuffer (stable-fixes).
• drm/amdgpu: Check if NBIO funcs are NULL in amdgpudevicebaco_exit (git-fixes).
• drm/amdgpu: Fix pci state save during mode-1 reset (git-fixes).
• drm/amdgpu: Fix signedness bug in sdmav40processtrap_irq() (git-fixes).
• drm/amdgpu: fix uninitialized scalar variable warning (stable-fixes).
• drm/amdgpu: Fix uninitialized variable warnings (stable-fixes).
• drm/amdgpu: Initialize timestamp for some legacy SOCs (stable-fixes).
• drm/amdgpu: Remove GC HW IP 9.3.0 from noretry=1 (git-fixes).
• drm/amd/pm: Fix aldebaran pcie speed reporting (git-fixes).
• drm/amd/pm: remove logically dead code for renoir (git-fixes).
• drm/dp_mst: Fix all mstb marked as not probed after suspend/resume (git-fixes).
• drm/etnaviv: do not block scheduler when GPU is still active (stable-fixes).
• drm/etnaviv: fix DMA direction handling for cached RW buffers (git-fixes).
• drm/gma500: fix null pointer dereference in cdvintellvdsgetmodes (git-fixes).
• drm/gma500: fix null pointer dereference in psbintellvdsgetmodes (git-fixes).
• drm/i915/gt: Do not consider preemption during execlists_dequeue for gen8 (git-fixes).
• drm/lima: fix shared irq handling on driver remove (stable-fixes).
• drm/lima: Mark simple_ondemand governor as softdep (git-fixes).
• drm/mediatek: Add OVL compatible name for MT8195 (git-fixes).
• drm/meson: fix canvas release in bind function (git-fixes).
• drm/mgag200: Bind I2C lifetime to DRM device (git-fixes).
• drm/mgag200: Set DDC timeout in milliseconds (git-fixes).
• drm/mipi-dsi: Fix mipidsidcswriteseq() macro definition format (stable-fixes).
• drm/mipi-dsi: Fix theoretical int overflow in mipidsidcswriteseq() (git-fixes).
• drm/msm/dpu: drop validity checks for clearpendingflush() ctl op (git-fixes).
• drm/msm/mdp5: Remove MDPCAPSRCSPLIT from msm8x53config (git-fixes).
• drm/nouveau/dispnv04: fix null pointer dereference in nv17tvgethdmodes (stable-fixes).
• drm/nouveau/dispnv04: fix null pointer dereference in nv17tvgetldmodes (stable-fixes).
• drm/nouveau: fix null pointer dereference in nouveauconnectorget_modes (git-fixes).
• drm/nouveau: prime: fix refcount underflow (git-fixes).
• drm/panel: boe-tv101wum-nl6: Check for errors on the NOP in prepare() (git-fixes).
• drm/panel: boe-tv101wum-nl6: If prepare fails, disable GPIO before regulators (git-fixes).
• drm/panel: ilitek-ili9881c: Fix warning with GPIO controllers that sleep (stable-fixes).
• drm: panel-orientation-quirks: Add quirk for Valve Galileo (stable-fixes).
• drm/panfrost: Mark simple_ondemand governor as softdep (git-fixes).
• drm/qxl: Add check for drmcvtmode (git-fixes).
• drm/radeon: check bo_va->bo is non-NULL before using it (stable-fixes).
• drm/radeon/radeon_display: Decrease the size of allocated memory (stable-fixes).
• drm/vmwgfx: Fix a deadlock in dma buf fence polling (git-fixes).
• drm/vmwgfx: Fix missing HYPERVISOR_GUEST dependency (stable-fixes).
• drm/vmwgfx: Fix overlay when using Screen Targets (git-fixes).
• eeprom: digsy_mtc: Fix 93xx46 driver probe failure (git-fixes).
• exfat: check if cluster num is valid (git-fixes).
• exfat: simplify isvalidcluster() (git-fixes).
• filelock: add a new locksinodecontext accessor function (git-fixes).
• firmware: cs_dsp: Fix overflow checking of wmfw header (git-fixes).
• firmware: cs_dsp: Prevent buffer overrun when processing V2 alg headers (git-fixes).
• firmware: cs_dsp: Return error if block header overflows file (git-fixes).
• firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files (git-fixes).
• firmware: cs_dsp: Validate payload length before processing block (git-fixes).
• firmware: dmi: Stop decoding on broken entry (stable-fixes).
• firmware: turris-mox-rwtm: Do not complete if there are no waiters (git-fixes).
• firmware: turris-mox-rwtm: Fix checking return value of waitforcompletion_timeout() (git-fixes).
• firmware: turris-mox-rwtm: Initialize completion before mailbox (git-fixes).
• fix build warning
• fs: allow cross-vfsmount reflink/dedupe (bsc#1227157).
• ftrace: Fix possible use-after-free issue in ftrace_location() (git-fixes).
• fuse: verify {g,u}id mount options correctly (bsc#1228191).
• gpio: mc33880: Convert comma to semicolon (git-fixes).
• hfsplus: fix to avoid false alarm of circular locking (git-fixes).
• hfsplus: fix uninit-value in copy_name (git-fixes).
• HID: Add quirk for Logitech Casa touchpad (stable-fixes).
• HID: wacom: Modify pen IDs (git-fixes).
• hpet: Support 32-bit userspace (git-fixes).
• hwmon: (adt7475) Fix default duty on fan is disabled (git-fixes).
• hwmon: (max6697) Fix swapped temp{1,8} critical alarms (git-fixes).
• hwmon: (max6697) Fix underflow when writing limit attributes (git-fixes).
• i2c: mark HostNotify target address as used (git-fixes).
• i2c: rcar: bring hardware to known state when probing (git-fixes).
• i2c: tegra: Fix failure during probe deferral cleanup (git-fixes)
• i2c: tegra: Share same DMA channel for RX and TX (bsc#1227661)
• i2c: testunit: avoid re-issued work after read message (git-fixes).
• i2c: testunit: correct Kconfig description (git-fixes).
• Input: elan_i2c - do not leave interrupt disabled on suspend failure (git-fixes).
• Input: elantech - fix touchpad state on resume for Lenovo N24 (stable-fixes).
• Input: ff-core - prefer struct_size over open coded arithmetic (stable-fixes).
• Input: qt1050 - handle CHIP_ID reading error (git-fixes).
• Input: silead - Always support 10 fingers (stable-fixes).
• intel_th: pci: Add Granite Rapids SOC support (stable-fixes).
• intel_th: pci: Add Granite Rapids support (stable-fixes).
• intel_th: pci: Add Lunar Lake support (stable-fixes).
• intel_th: pci: Add Meteor Lake-S support (stable-fixes).
• intel_th: pci: Add Sapphire Rapids SOC support (stable-fixes).
• iommu/arm-smmu-v3: Free MSIs in case of ENOMEM (git-fixes).
• ionic: clean interrupt before enabling queue to avoid credit race (git-fixes).
• jffs2: Fix potential illegal address access in jffs2freeinode (git-fixes).
• jfs: Fix array-index-out-of-bounds in diFree (git-fixes).
• jfs: xattr: fix buffer overflow for invalid xattr (bsc#1227383).
• kABI: bpf: bpfregstate reorganization kABI workaround (bsc#1225903).
• kABI: bpf: callback fixes kABI workaround (bsc#1225903).
• kABI: bpf: struct bpf_{idmap,idset} kABI workaround (bsc#1225903).
• kABI: bpf: tmpstrbuf kABI workaround (bsc#1225903).
• kABI: rtas: Workaround false positive due to lost definition (bsc#1227487).
• kabi/severities: ignore kABI for FireWire sound local symbols (bsc#1208783)
• kabi/severities: Ignore tpmtiscore_init (bsc#1082555).
• kabi/severity: add nvme common code The nvme common code is also allowed to change the data structures, there are only internal users.
• kabi: Use _iowriteXXcopy_inlined for in-kernel modules (bsc#1226502)
• kernel-binary: vdso: Own module_dir
• kernel/sched: Remove dl_boosted flag comment (git fixes (sched)).
• knfsd: LOOKUP can return an illegal error value (git-fixes).
• kobjectuevent: Fix OOB access within zapmodalias_env() (git-fixes).
• kprobes: Make archcheckftrace_location static (git-fixes).
• KVM: nVMX: Clear EXIT_QUALIFICATION when injecting an EPT Misconfig (git-fixes).
• KVM: PPC: Book3S HV: Fix 'rm_exit' entry in debugfs timings (bsc#1194869).
• KVM: PPC: Book3S HV: Fix the setonereg for MMCR3 (bsc#1194869).
• KVM: PPC: Book3S HV Nested: L2 LPCR should inherit L1 LPES setting (bsc#1194869).
• KVM: PPC: Book3S HV: remove extraneous asterisk from rmhostipi_action() comment (bsc#1194869).
• KVM: PPC: Book3S: Suppress failed alloc warning in HCOPYTOFROM_GUEST (bsc#1194869).
• KVM: PPC: Book3S: Suppress warnings when allocating too big memory slots (bsc#1194869).
• KVM: s390: fix LPSWEY handling (bsc#1227635 git-fixes).
• KVM: SVM: Process ICR on AVIC IPI delivery failure due to invalid target (git-fixes).
• KVM: VMX: Report up-to-date exit qualification to userspace (git-fixes).
• KVM: x86: Add IBPB_BRTYPE support (bsc#1228079).
• KVM: x86: Always sync PIR to IRR prior to scanning I/O APIC routes (git-fixes).
• KVM: x86: Bail from kvmrecalculatephys_map() if x2APIC ID is out-of-bounds (git-fixes).
• KVM: x86: Disable APIC logical map if logical ID covers multiple MDAs (git-fixes).
• KVM: x86: Disable APIC logical map if vCPUs are aliased in logical mode (git-fixes).
• KVM: x86: Do not advertise guest.MAXPHYADDR as host.MAXPHYADDR in CPUID (git-fixes).
• KVM: x86: Explicitly skip optimized logical map setup if vCPU's LDR==0 (git-fixes).
• KVM: x86: Explicitly track all possibilities for APIC map's logical modes (git-fixes).
• KVM: x86: Fix broken debugregs ABI for 32 bit kernels (git-fixes).
• KVM: x86: Fix KVMGETMSRS stack info leak (git-fixes).
• KVM: x86: Honor architectural behavior for aliased 8-bit APIC IDs (git-fixes).
• KVM: x86: Purge 'highest ISR' cache when updating APICv state (git-fixes).
• KVM: x86: Save/restore all NMIs when multiple NMIs are pending (git-fixes).
• KVM: x86: Skip redundant x2APIC logical mode optimized cluster setup (git-fixes).
• leds: ss4200: Convert PCIBIOS_* return codes to errnos (git-fixes).
• leds: triggers: Flush pending brightness before activating trigger (git-fixes).
• leds: trigger: Unregister sysfs attributes before calling deactivate() (git-fixes).
• libceph: fix race between delayedwork() and cephmonc_stop() (bsc#1228190).
• lib: objagg: Fix general protection fault (git-fixes).
• lib: objagg: Fix spelling (git-fixes).
• lib: test_objagg: Fix spelling (git-fixes).
• lockd: set missing fl_flags field when retrieving args (git-fixes).
• lockd: use locksinodecontext helper (git-fixes).
• Make AMD_HSMP=m and mark it unsupported in supported.conf (jsc#PED-8582)
• media: dvb: as102-fe: Fix as10xregisteraddr packing (stable-fixes).
• media: dvbdev: Initialize sbuf (stable-fixes).
• media: dvb-frontends: tda10048: Fix integer overflow (stable-fixes).
• media: dvb-frontends: tda18271c2dd: Remove casting during div (stable-fixes).
• media: dvb-usb: dib0700devices: Add missing releasefirmware() (stable-fixes).
• media: dvb-usb: Fix unexpected infinite loop in dvbusbreadremotecontrol() (git-fixes).
• media: dw2102: Do not translate i2c read into write (stable-fixes).
• media: dw2102: fix a potential buffer overflow (git-fixes).
• media: imon: Fix race getting ictx->lock (git-fixes).
• media: s2255: Use refcountt instead of atomict for num_channels (stable-fixes).
• media: uvcvideo: Fix integer overflow calculating timestamp (git-fixes).
• media: uvcvideo: Override default flags (git-fixes).
• media: venus: fix use after free in vdec_close (git-fixes).
• media: venus: flush all buffers in output plane streamoff (git-fixes).
• mei: demote client disconnect warning on suspend to debug (stable-fixes).
• mfd: omap-usb-tll: Use struct_size to allocate tll (git-fixes).
• mtd: partitions: redboot: Added conversion of operands to a larger type (stable-fixes).
• net/dcb: check for detached device before executing callbacks (bsc#1215587).
• netfilter: conntrack: ignore overly delayed tcp packets (bsc#1223180).
• netfilter: conntrack: prepare tcpinwindow for ternary return value (bsc#1223180).
• netfilter: conntrack: remove pr_debug callsites from tcp tracker (bsc#1223180).
• netfilter: conntrack: work around exceeded receive window (bsc#1223180).
• netfs, fscache: export fscacheputvolume() and add fscachetryget_volume() (bsc#1228459 bsc#1228462).
• net: mana: Fix possible double free in error handling path (git-fixes).
• net: mana: Fix the extra HZ in manahwcsend_request (git-fixes).
• net: usb: qmi_wwan: add Telit FN912 compositions (git-fixes).
• net: usb: sr9700: fix uninitialized variable use in srmdioread (git-fixes).
• nfc/nci: Add the inconsistency check between the input data length and count (stable-fixes).
• NFSD: Add an nfsdfilefsync tracepoint (git-fixes).
• NFSD: Add an NFSDFILEGC flag to enable nfsd_file garbage collection (git-fixes).
• nfsd: Add errno mapping for EREMOTEIO (git-fixes).
• NFSD: Add nfsdfilelrudisposelist() helper (git-fixes).
• nfsd: add some comments to nfsdfiledo_acquire (git-fixes).
• nfsd: allow nfsdfileget to sanely handle a NULL pointer (git-fixes).
• nfsd: allow reaping files still under writeback (git-fixes).
• NFSD: Avoid calling fhdropwrite() twice in donfsdcreate() (git-fixes).
• NFSD: Clean up nfsd3proccreate() (git-fixes).
• nfsd: Clean up nfsdfileput() (git-fixes).
• NFSD: Clean up nfsdopenverified() (git-fixes).
• NFSD: Clean up unused code after rhashtable conversion (git-fixes).
• NFSD: Convert filecache to rhltable (git-fixes).
• NFSD: Convert the filecache to use rhashtable (git-fixes).
• NFSD: De-duplicate hash bucket indexing (git-fixes).
• nfsd: do not free files unconditionally in _nfsdfilecachepurge (git-fixes).
• nfsd: do not fsync nfsd_files on last close (git-fixes).
• nfsd: do not hand out delegation on setuid files being opened for write (git-fixes).
• nfsd: do not kill nfsd_files because of lease break error (git-fixes).
• nfsd: Do not leave work of closing files to a work queue (bsc#1228140).
• nfsd: do not take/put an extra reference when putting a file (git-fixes).
• NFSD enforce filehandle check for source file in COPY (git-fixes).
• NFSD: Ensure nf_inode is never dereferenced (git-fixes).
• nfsd: fix handling of cached open files in nfsd4_open codepath (git-fixes).
• NFSD: Fix licensing header in filecache.c (git-fixes).
• nfsd: fix net-namespace logic in _nfsdfilecachepurge (git-fixes).
• nfsd: fix nfsdfileunhashanddispose (git-fixes).
• NFSD: Fix potential use-after-free in nfsdfileput() (git-fixes).
• NFSD: Fix problem of COMMIT and NFS4ERR_DELAY in infinite loop (git-fixes).
• NFSD: Fix the filecache LRU shrinker (git-fixes).
• nfsd: fix up the filecache laundrette scheduling (git-fixes).
• nfsd: fix use-after-free in nfsdfiledo_acquire tracepoint (git-fixes).
• NFSD: Flesh out a documenting comment for filecache.c (git-fixes).
• NFSD: handle errors better in writeportsaddfd() (git-fixes).
• NFSD: Instantiate a struct file when creating a regular NFSv4 file (git-fixes).
• NFSD: Leave open files out of the filecache LRU (git-fixes).
• nfsd: map EBADF (git-fixes).
• NFSD: Move nfsdfiletrace_alloc() tracepoint (git-fixes).
• NFSD: nfsdfilehash_remove can compute hashval (git-fixes).
• nfsd: NFSDFILEKEY_INODE only needs to find GC'ed entries (git-fixes).
• NFSD: nfsdfileput() can sleep (git-fixes).
• NFSD: nfsdfileunhash can compute hashval from nf->nf_inode (git-fixes).
• NFSD: No longer record nf_hashval in the trace log (git-fixes).
• NFSD: Pass the target nfsdfile to nfsdcommit() (git-fixes).
• nfsd: put the export reference in nfsd4verifydeleg_dentry (git-fixes).
• NFSD: Record number of flush calls (git-fixes).
• NFSD: Refactor nfsdcreatesetattr() (git-fixes).
• NFSD: Refactor _nfsdfilecloseinode() (git-fixes).
• NFSD: Refactor nfsdfilegc() (git-fixes).
• NFSD: Refactor nfsdfilelru_scan() (git-fixes).
• NFSD: Refactor NFSv3 CREATE (git-fixes).
• NFSD: Refactor NFSv4 OPEN(CREATE) (git-fixes).
• NFSD: Remove donfsdcreate() (git-fixes).
• NFSD: Remove lockdep assertion from unhashandrelease_locked() (git-fixes).
• NFSD: Remove nfsdfile::nfhashval (git-fixes).
• nfsd: remove the pages_flushed statistic from filecache (git-fixes).
• nfsd: reorganize filecache.c (git-fixes).
• NFSD: Replace the 'init once' mechanism (git-fixes).
• NFSD: Report average age of filecache items (git-fixes).
• NFSD: Report count of calls to nfsdfileacquire() (git-fixes).
• NFSD: Report count of freed filecache items (git-fixes).
• NFSD: Report filecache LRU size (git-fixes).
• NFSD: Report the number of items evicted by the LRU walk (git-fixes).
• nfsd: Retry once in nfsd_open on an -EOPENSTALE return (git-fixes).
• nfsd: rework hashtable handling in nfsddofile_acquire (git-fixes).
• nfsd: rework refcounting in filecache (git-fixes).
• NFSD: Separate tracepoints for acquire and create (git-fixes).
• NFSD: Set up an rhashtable for the filecache (git-fixes).
• nfsd: silence extraneous printk on nfsd.ko insertion (git-fixes).
• NFSD: simplify per-net file cache management (git-fixes).
• nfsd: simplify testbit return in NFSDFILEKEYFULL comparator (git-fixes).
• nfsd: simplify the delayed disposal list code (git-fixes).
• NFSD: Trace filecache LRU activity (git-fixes).
• NFSD: Trace filecache opens (git-fixes).
• NFSD: verify the opened dentry after setting a delegation (git-fixes).
• NFSD: WARN when freeing an item still linked via nf_lru (git-fixes).
• NFSD: Write verifier might go backwards (git-fixes).
• NFSD: Zero counters when the filecache is re-initialized (git-fixes).
• NFS: Fix READPLUS when server does not support OPREAD_PLUS (git-fixes).
• nfs: fix undefined behavior in nfsblockbits() (git-fixes).
• nfs: keep server info for remounts (git-fixes).
• nfs: Leave pages in the pagecache if readpage failed (git-fixes).
• NFSv4: Fixup smatch warning for ambiguous return (git-fixes).
• NFSv4.x: by default serialize open/close operations (bsc#1223863 bsc#1227362)
• nilfs2: add missing check for inode numbers on directory entries (git-fixes).
• nilfs2: add missing check for inode numbers on directory entries (stable-fixes).
• nilfs2: avoid undefined behavior in nilfscnt32ge macro (git-fixes).
• nilfs2: convert persistent object allocator to use kmap_local (git-fixes).
• nilfs2: fix incorrect inode allocation from reserved inodes (git-fixes).
• nilfs2: fix inode number range checks (git-fixes).
• nilfs2: fix inode number range checks (stable-fixes).
• nvme: adjust multiples of NVMECTRLPAGE_SIZE in offset (git-fixes).
• nvme-auth: alloc nvmedhchapkey as single buffer (git-fixes).
• nvme-auth: allow mixing of secret and hash lengths (git-fixes).
• nvme-auth: use transformed key size to create resp (git-fixes).
• nvme: avoid double free special payload (git-fixes).
• nvme: fixup comment for nvme RDMA Provider Type (git-fixes).
• nvme-multipath: find NUMA path only for online numa-node (git-fixes).
• nvme-pci: add missing condition check for existence of mapped data (git-fixes).
• nvme-pci: Fix the instructions for disabling power management (git-fixes).
• nvmet: always initialize cqe.result (git-fixes).
• nvmet-auth: fix nvmet_auth hash error handling (git-fixes).
• nvmet: fix a possible leak when destroy a ctrl during qp establishment (git-fixes).
• nvme: use ctrl state accessor (bsc#1215492).
• ocfs2: fix DIO failure due to insufficient transaction credits (bsc#1216834).
• ocfs2: remove redundant assignment to variable free_space (bsc#1228409).
• ocfs2: strict bound check before memcmp in ocfs2xattrfind_entry() (bsc#1228410).
• orangefs: fix out-of-bounds fsid access (git-fixes).
• PCI: Add PCIERRORRESPONSE and related definitions (stable-fixes).
• PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal (git-fixes).
• PCI: Extend ACS configurability (bsc#1228090).
• PCI: Fix resource double counting on remove & rescan (git-fixes).
• PCI: hv: Return zero, not garbage, when reading PCIINTERRUPTPIN (git-fixes).
• PCI: Introduce cleanup helpers for device reference counts and locks (git-fixes).
• PCI: Introduce cleanup helpers for device reference counts and locks (stable-fixes).
• PCI: keystone: Do not enable BAR 0 for AM654x (git-fixes).
• PCI: keystone: Fix NULL pointer dereference in case of DT error in kspciesetuprcapp_regs() (git-fixes).
• PCI: keystone: Relocate kspcieset/cleardbimode() (git-fixes).
• PCI/PM: Avoid D3cold for HP Pavilion 17 PC/1972 PCIe Ports (git-fixes).
• PCI/PM: Avoid D3cold for HP Pavilion 17 PC/1972 PCIe Ports (stable-fixes).
• PCI: rockchip: Use GPIODOUTLOW flag while requesting ep_gpio (git-fixes).
• PCI: tegra194: Set EP alignment restriction for inbound ATU (git-fixes).
• pinctrl: core: fix possible memory leak when pinctrl_enable() fails (git-fixes).
• pinctrl: freescale: mxs: Fix refcount of child (git-fixes).
• pinctrl: single: fix possible memory leak when pinctrl_enable() fails (git-fixes).
• pinctrl: ti: ti-iodelay: fix possible memory leak when pinctrl_enable() fails (git-fixes).
• platform/chrome: crosecdebugfs: fix wrong EC message version (git-fixes).
• platform/chrome: crosecproto: Lock device when updating MKBP version (git-fixes).
• platform/x86: dell-smbios-base: Use sysfs_emit() (stable-fixes).
• platform/x86: dell-smbios: Fix wrong token data in sysfs (git-fixes).
• platform/x86: lg-laptop: Change ACPI device id (stable-fixes).
• platform/x86: lg-laptop: Remove LGEX0815 hotkey handling (stable-fixes).
• platform/x86: touchscreen_dmi: Add info for GlobalSpace SolT IVW 11.6' tablet (stable-fixes).
• platform/x86: touchscreen_dmi: Add info for the EZpad 6s Pro (stable-fixes).
• platform/x86: wireless-hotkey: Add support for LG Airplane Button (stable-fixes).
• powerpc/cpuidle: Set CPUIDLEFLAGPOLLING for snooze state (bsc#1227121 ltc#207129).
• powerpc: fix a file leak in kvmvcpuioctlenablecap() (bsc#1194869).
• powerpc/kasan: Disable address sanitization in kexec paths (bsc#1194869).
• powerpc/pseries: Fix scv instruction crash with kexec (bsc#1194869).
• powerpc/rtas: clean up includes (bsc#1227487).
• powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() (bsc#1227487).
• power: supply: cros_usbpd: provide ID table for avoiding fallback match (stable-fixes).
• pwm: stm32: Always do lazy disabling (git-fixes).
• RDMA/cache: Release GID table even if leak is detected (git-fixes)
• RDMA/device: Return error earlier if port in not valid (git-fixes)
• RDMA/hns: Check atomic wr length (git-fixes)
• RDMA/hns: Fix insufficient extend DB for VFs. (git-fixes)
• RDMA/hns: Fix mbx timing out before CMD execution is completed (git-fixes)
• RDMA/hns: Fix missing pagesize and alignment check in FRMR (git-fixes)
• RDMA/hns: Fix shift-out-bounds when maxinlinedata is 0 (git-fixes)
• RDMA/hns: Fix soft lockup under heavy CEQE load (git-fixes)
• RDMA/hns: Fix undifined behavior caused by invalid max_sge (git-fixes)
• RDMA/hns: Fix unmatch exception handling when init eq table fails (git-fixes)
• RDMA/iwcm: Fix a use-after-free related to destroying CM IDs (git-fixes)
• RDMA/mana_ib: Ignore optional access flags for MRs (git-fixes).
• RDMA/mlx4: Fix truncated output warning in alias_GUID.c (git-fixes)
• RDMA/mlx4: Fix truncated output warning in mad.c (git-fixes)
• RDMA/mlx5: Set mkeys for dmabuf at PAGE_SIZE (git-fixes)
• RDMA/restrack: Fix potential invalid address access (git-fixes)
• RDMA/rxe: Do not set BTHACKMASK for UC or UD QPs (git-fixes)
• regmap-i2c: Subtract reg size from max_write (stable-fixes).
• Revert 'ALSA: firewire-lib: obsolete workqueue for period update' (bsc#1208783).
• Revert 'ALSA: firewire-lib: operate for period elapse event in process context' (bsc#1208783).
• Revert 'leds: led-core: Fix refcount leak in ofledget()' (git-fixes).
• Revert 'usb: musb: da8xx: Set phy in OTG mode by default' (stable-fixes).
• rpcrdma: fix handling for RDMACMEVENTDEVICEREMOVAL (git-fixes).
• rpm/guards: fix precedence issue with control flow operator With perl 5.40 it report the following error on rpm/guards script: Possible precedence issue with control flow operator (exit) at scripts/guards line 208. Fix the issue by adding parenthesis around ternary operator.
• rtc: cmos: Fix return value of nvmem callbacks (git-fixes).
• rtc: interface: Add RTC offset to alarm after fix-up (git-fixes).
• rtc: isl1208: Fix return value of nvmem callbacks (git-fixes).
• rtlwifi: rtl8192de: Style clean-ups (stable-fixes).
• s390: Implement _iowrite32copy() (bsc#1226502)
• s390: Stop using weak symbols for _iowrite64copy() (bsc#1226502)
• saa7134: Unchecked i2c_transfer function result fixed (git-fixes).
• sched/fair: Do not balance task to its current running CPU (git fixes (sched)).
• sched: Fix stoponecpu_nowait() vs hotplug (git fixes (sched)).
• scsi: lpfc: Allow DEVICERECOVERY mode after RSCN receipt if in PRLIISSUE state (bsc#1228857).
• scsi: lpfc: Cancel ELS WQE instead of issuing abort when SLI port is inactive (bsc#1228857).
• scsi: lpfc: Fix handling of fully recovered fabric node in dev_loss callbk (bsc#1228857).
• scsi: lpfc: Fix incorrect request len mbox field when setting trunking via sysfs (bsc#1228857).
• scsi: lpfc: Handle mailbox timeouts in lpfcgetsfp_info (bsc#1228857).
• scsi: lpfc: Relax PRLI issue conditions after GID_FT response (bsc#1228857).
• scsi: lpfc: Revise lpfcprepembed_io routine with proper endian macro usages (bsc#1228857).
• scsi: lpfc: Update lpfc version to 14.4.0.3 (bsc#1228857).
• scsi: qla2xxx: Avoid possible run-time warning with long model_num (bsc#1228850).
• scsi: qla2xxx: Complete command early within lock (bsc#1228850).
• scsi: qla2xxx: Convert comma to semicolon (bsc#1228850).
• scsi: qla2xxx: Drop driver owner assignment (bsc#1228850).
• scsi: qla2xxx: During vport delete send async logout explicitly (bsc#1228850).
• scsi: qla2xxx: Fix debugfs output for fwresourcecount (bsc#1228850).
• scsi: qla2xxx: Fix flash read failure (bsc#1228850).
• scsi: qla2xxx: Fix for possible memory corruption (bsc#1228850).
• scsi: qla2xxx: Fix optrom version displayed in FDMI (bsc#1228850).
• scsi: qla2xxx: Indent help text (bsc#1228850).
• scsi: qla2xxx: Reduce fabric scan duplicate code (bsc#1228850).
• scsi: qla2xxx: Remove unused struct 'scsidiftuple' (bsc#1228850).
• scsi: qla2xxx: Return ENOBUFS if sg_cnt is more than one for ELS cmds (bsc#1228850).
• scsi: qla2xxx: Unable to act on RSCN for port online (bsc#1228850).
• scsi: qla2xxx: Update version to 10.02.09.300-k (bsc#1228850).
• scsi: qla2xxx: Use QP lock to search for bsg (bsc#1228850).
• scsi: qla2xxx: validate nvmelocalport correctly (bsc#1228850).
• selftests/bpf: Add a selftest for checking subreg equality (bsc#1225903).
• selftests/bpf: add pre bpfprogtestrunopts() callback for test_loader (bsc#1225903).
• selftests/bpf: add precision propagation tests in the presence of subprogs (bsc#1225903).
• selftests/bpf: Add pruning test case for bpfspinlock (bsc#1225903).
• selftests/bpf: Check if markchainprecision() follows scalar ids (bsc#1225903).
• selftests/bpf: check if max number of bpf_loop iterations is tracked (bsc#1225903).
• selftests/bpf: fix __retval() being always ignored (bsc#1225903).
• selftests/bpf: fix unprivdisabled check in testverifier (bsc#1225903).
• selftests/bpf: _imminsn & _immconst macro for bpf_misc.h (bsc#1225903).
• selftests/bpf: make test_align selftest more robust (bsc#1225903).
• selftests/bpf: populate maparrayro map for verifierarrayaccess test (bsc#1225903).
• selftests/bpf: progtests entry point for migrated testverifier tests (bsc#1225903).
• selftests/bpf: Report program name on parsetestspec error (bsc#1225903).
• selftests/bpf: Support custom per-test flags and multiple expected messages (bsc#1225903).
• selftests/bpf: test case for callback_depth states pruning logic (bsc#1225903).
• selftests/bpf: test case for relaxed prunning of active_lock.id (bsc#1225903).
• selftests/bpf: test cases for regsafe() bug skipping check_id() (bsc#1225903).
• selftests/bpf: Tests execution support for test_loader.c (bsc#1225903).
• selftests/bpf: tests for iterating callbacks (bsc#1225903).
• selftests/bpf: test widening for iterating callbacks (bsc#1225903).
• selftests/bpf: track string payload offset as scalar in strobemeta (bsc#1225903).
• selftests/bpf: Unprivileged tests for test_loader.c (bsc#1225903).
• selftests/bpf: Verify copyregisterstate() preserves parent/live fields (bsc#1225903).
• selftests/bpf: verify states_equal() maintains idmap across all frames (bsc#1225903).
• selftests/bpf: Verify that check_ids() is used for scalars in regsafe() (bsc#1225903).
• selftests/sigaltstack: Fix ppc64 GCC build (git-fixes).
• soc: ti: wkupm3ipc: Send NULL dummy message instead of pointer message (stable-fixes).
• spi: imx: Do not expect DMA for i.MX{25,35,50,51,53} cspi devices (stable-fixes).
• spi: mux: set ctlr->bitsperword_mask (stable-fixes).
• string.h: Introduce memtostr() and memtostr_pad() (bsc#1228850).
• SUNRPC: avoid soft lockup when transmitting UDP to reachable server (bsc#1225272).
• SUNRPC: Fix gssfreeintokenpages() (git-fixes).
• SUNRPC: Fix loop termination condition in gssfreeintokenpages() (git-fixes).
• sunrpc: fix NFSACL RPC retry on soft mount (git-fixes).
• SUNRPC: return proper error from gsswrapreq_priv (git-fixes).
• supported.conf:
• tpm: Allow system suspend to continue when TPM suspend fails (bsc#1082555).
• tpm: Prevent hwrng from activating during resume (bsc#1082555).
• tpm_tis: Resend command to recover from data transfer errors (bsc#1082555).
• tpmtis: Use tpmchip{start,stop} decoration inside tpmtis_resume (bsc#1082555).
• tpm, tpm: Implement usage counter for locality (bsc#1082555).
• tpm, tpm_tis: Avoid cache incoherency in test for interrupts (bsc#1082555).
• tpm, tpm_tis: Claim locality before writing interrupt registers (bsc#1082555).
• tpm, tpm_tis: Claim locality in interrupt handler (bsc#1082555).
• tpm, tpm_tis: Claim locality when interrupts are reenabled on resume (bsc#1082555).
• tpm, tpmtis: correct tpmtis_flags enumeration values (bsc#1082555).
• tpm, tpm_tis: Do not skip reset of original interrupt vector (bsc#1082555).
• tpm, tpm_tis: Only handle supported interrupts (bsc#1082555).
• tracing: Build event generation tests only as modules (git-fixes).
• tracing/netsched: NULL pointer dereference in perftraceqdiscreset() (git-fixes).
• tracing/osnoise: Add osnoise/options file (bsc#1228330)
• tracing/osnoise: Add OSNOISE_WORKLOAD option (bsc#1228330)
• tracing/osnoise: Do not follow tracing_cpumask (bsc#1228330)
• tracing/osnoise: Fix notify new tracingmaxlatency (bsc#1228330)
• tracing/osnoise: Make osnoise_instances static (bsc#1228330)
• tracing/osnoise: Split workload start from the tracer start (bsc#1228330)
• tracing/osnoise: Support a list of trace_array *tr (bsc#1228330)
• tracing/osnoise: Use built-in RCU list checking (bsc#1228330)
• tracing/timerlat: Notify new max thread latency (bsc#1228330)
• USB: Add USBQUIRKNOSETINTF quirk for START BP-850k (stable-fixes).
• usb: cdns3: allocate TX FIFO size according to composite EP number (git-fixes).
• usb: cdns3: fix incorrect calculation of epbufsize when more than one config (git-fixes).
• usb: cdns3: fix iso transfer error when mult is not zero (git-fixes).
• usb: cdns3: improve handling of unaligned address case (git-fixes).
• usb: cdns3: optimize OUT transfer by copying only actual received data (git-fixes).
• usb: cdns3: skip set TRBIOC when usbrequest: no_interrupt is true (git-fixes).
• USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor (git-fixes).
• usb: dwc3: gadget: Do not delay End Transfer on delayed_status (git-fixes).
• usb: dwc3: gadget: Force sending delayed status during soft disconnect (git-fixes).
• usb: dwc3: gadget: Synchronize IRQ between soft connect/disconnect (git-fixes).
• usb: gadget: call usbgadgetcheck_config() to verify UDC capability (git-fixes).
• usb: gadget: configfs: Prevent OOB read/write in usbstringcopy() (stable-fixes).
• usb: gadget: printer: SS+ support (stable-fixes).
• usb: misc: uss720: check for incompatible versions of the Belkin F5U002 (stable-fixes).
• USB: serial: mos7840: fix crash on resume (git-fixes).
• USB: serial: option: add Fibocom FM350-GL (stable-fixes).
• USB: serial: option: add Netprisma LCUK54 series modules (stable-fixes).
• USB: serial: option: add Rolling RW350-GL variants (stable-fixes).
• USB: serial: option: add support for Foxconn T99W651 (stable-fixes).
• USB: serial: option: add Telit FN912 rmnet compositions (stable-fixes).
• USB: serial: option: add Telit generic core-dump composition (stable-fixes).
• usb: typec: tcpm: clear pdevent queue in PORTRESET (git-fixes).
• usb: xhci-plat: Do not include xhci.h (git-fixes).
• USB: xhci-plat: fix legacy PHY double init (git-fixes).
• wifi: ath11k: fix wrong handling of CCMP256 and GCMP ciphers (git-fixes).
• wifi: brcmsmac: LCN PHY code is used for BCM4313 2G-only device (git-fixes).
• wifi: cfg80211: fix typo in cfg80211calculatebitrate_he() (git-fixes).
• wifi: cfg80211: handle 2x996 RU allocation in cfg80211calculatebitrate_he() (git-fixes).
• wifi: cfg80211: restrict NL80211ATTRTXQ_QUANTUM values (git-fixes).
• wifi: cfg80211: wext: add extra SIOCSIWSCAN data check (stable-fixes).
• wifi: iwlwifi: mvm: d3: fix WoWLAN command version lookup (stable-fixes).
• wifi: iwlwifi: mvm: Handle BIGTK cipher in kek_kck cmd (stable-fixes).
• wifi: iwlwifi: mvm: properly set 6 GHz channel direct probe option (stable-fixes).
• wifi: mac80211: disable softirqs for queued frame handling (git-fixes).
• wifi: mac80211: fix UBSAN noise in ieee80211prephw_scan() (stable-fixes).
• wifi: mac80211: handle tasklet frames before stopping (stable-fixes).
• wifi: mac80211: mesh: init nonpeer_pm to active by default in mesh sdata (stable-fixes).
• wifi: mt76: replace skbput with skbput_zero (stable-fixes).
• wifi: mwifiex: Fix interface type change (git-fixes).
• wifi: rtw89: Fix array index mistake in rtw89stainfogetiter() (git-fixes).
• wifi: wilc1000: fix ies_len type in connect path (git-fixes).
• workqueue: Improve scalability of workqueue watchdog touch (bsc#1193454).
• workqueue: wqwatchdogtouch is always called with valid CPU (bsc#1193454).
• x86/amd_nb: Use Family 19h Models 60h-7Fh Function 4 IDs (git-fixes).
• x86/apic: Force nativeapicmem_read() to use the MOV instruction (git-fixes).
• x86/bhi: Avoid warning in #DB handler due to BHI mitigation (git-fixes).
• x86/bugs: Remove default case for fully switched enums (bsc#1227900).
• x86/fpu: Fix AMD X86BUGFXSAVE_LEAK fixup (git-fixes).
• x86/ibt,ftrace: Search for fentry location (git-fixes).
• x86/Kconfig: Transmeta Crusoe is CPU family 5, not 6 (git-fixes).
• x86/mm: Allow guest.encstatuschange_prepare() to fail (git-fixes).
• x86/mm: Fix encstatuschangefinishnoop() (git-fixes).
• x86/purgatory: Switch to the position-independent small code model (git-fixes).
• x86/srso: Move retbleed IBPB check into existing 'has_microcode' code block (bsc#1227900).
• x86/srso: Remove 'pred_cmd' label (bsc#1227900).
• x86: Stop using weak symbols for _iowrite32copy() (bsc#1226502)
• x86/tdx: Fix race between setmemoryencrypted() and loadunalignedzeropad() (git-fixes).
• xfs: Add cond_resched to block unmap range and reflink remap path (bsc#1228226).
• xhci: Apply broken streams quirk to Etron EJ188 xHCI host (stable-fixes).
• xhci: Apply reset resume quirk to Etron EJ188 xHCI host (stable-fixes).
• xhci: Set correct transferred length for cancelled bulk transfers (stable-fixes).